crypto: proc - Print fips status

Message ID	Y+RJfZ5o59azXqSc@gondor.apana.org.au (mailing list archive)
State	Accepted
Delegated to:	Herbert Xu
Headers	show Return-Path: <linux-crypto-owner@vger.kernel.org> Date: Thu, 9 Feb 2023 09:16:45 +0800 From: Herbert Xu <herbert@gondor.apana.org.au> To: Linux Crypto Mailing List <linux-crypto@vger.kernel.org>, Ondrej Mosnacek <omosnace@redhat.com> Subject: [PATCH] crypto: proc - Print fips status Message-ID: <Y+RJfZ5o59azXqSc@gondor.apana.org.au> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Precedence: bulk
Series	crypto: proc - Print fips status \| expand crypto: proc - Print fips status

Message ID

Y+RJfZ5o59azXqSc@gondor.apana.org.au (mailing list archive)

State

Accepted

Delegated to:

Herbert Xu

Headers

Date: Thu, 9 Feb 2023 09:16:45 +0800
From: Herbert Xu <herbert@gondor.apana.org.au>
To: Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
        Ondrej Mosnacek <omosnace@redhat.com>
Subject: [PATCH] crypto: proc - Print fips status
Message-ID: <Y+RJfZ5o59azXqSc@gondor.apana.org.au>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Precedence: bulk

Series

crypto: proc - Print fips status | expand

Comments

Ard Biesheuvel Feb. 9, 2023, 2:19 p.m. UTC | #1

On Thu, 9 Feb 2023 at 02:17, Herbert Xu <herbert@gondor.apana.org.au> wrote:
>
> As FIPS may disable algorithms it is useful to show their status
> in /proc/crypto.
>
> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

Acked-by: Ard Biesheuvel <ardb@kernel.org>

>
> diff --git a/crypto/proc.c b/crypto/proc.c
> index 12fccb9c5205..56c7c78df297 100644
> --- a/crypto/proc.c
> +++ b/crypto/proc.c
> @@ -11,6 +11,7 @@
>  #include <linux/atomic.h>
>  #include <linux/init.h>
>  #include <linux/crypto.h>
> +#include <linux/fips.h>
>  #include <linux/module.h>      /* for module_name() */
>  #include <linux/rwsem.h>
>  #include <linux/proc_fs.h>
> @@ -48,6 +49,11 @@ static int c_show(struct seq_file *m, void *p)
>         seq_printf(m, "internal     : %s\n",
>                    (alg->cra_flags & CRYPTO_ALG_INTERNAL) ?
>                    "yes" : "no");
> +       if (fips_enabled) {
> +               seq_printf(m, "fips         : %s\n",
> +                          (alg->cra_flags & CRYPTO_ALG_FIPS_INTERNAL) ?
> +                          "no" : "yes");
> +       }
>
>         if (alg->cra_flags & CRYPTO_ALG_LARVAL) {
>                 seq_printf(m, "type         : larval\n");
> --
> Email: Herbert Xu <herbert@gondor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

diff --git a/crypto/proc.c b/crypto/proc.c
index 12fccb9c5205..56c7c78df297 100644
--- a/crypto/proc.c
+++ b/crypto/proc.c
@@ -11,6 +11,7 @@ 
 #include <linux/atomic.h>
 #include <linux/init.h>
 #include <linux/crypto.h>
+#include <linux/fips.h>
 #include <linux/module.h>	/* for module_name() */
 #include <linux/rwsem.h>
 #include <linux/proc_fs.h>
@@ -48,6 +49,11 @@  static int c_show(struct seq_file *m, void *p)
 	seq_printf(m, "internal     : %s\n",
 		   (alg->cra_flags & CRYPTO_ALG_INTERNAL) ?
 		   "yes" : "no");
+	if (fips_enabled) {
+		seq_printf(m, "fips         : %s\n",
+			   (alg->cra_flags & CRYPTO_ALG_FIPS_INTERNAL) ?
+			   "no" : "yes");
+	}
 
 	if (alg->cra_flags & CRYPTO_ALG_LARVAL) {
 		seq_printf(m, "type         : larval\n");

crypto: proc - Print fips status

Commit Message

Comments

Patch