Commit 94072cb2 authored by Herbert Xu's avatar Herbert Xu

crypto: fips - Move fips_enabled sysctl into fips.c

There is currently a large ifdef FIPS code section in proc.c.
Ostensibly it's there because the fips_enabled sysctl sits under
/proc/sys/crypto.  However, no other crypto sysctls exist.

In fact, the whole ethos of the crypto API is against such user
interfaces so this patch moves all the FIPS sysctl code over to
fips.c.
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 76450f93
...@@ -13,7 +13,9 @@ ...@@ -13,7 +13,9 @@
#include <linux/export.h> #include <linux/export.h>
#include <linux/fips.h> #include <linux/fips.h>
#include <linux/init.h> #include <linux/init.h>
#include <linux/module.h>
#include <linux/kernel.h> #include <linux/kernel.h>
#include <linux/sysctl.h>
int fips_enabled; int fips_enabled;
EXPORT_SYMBOL_GPL(fips_enabled); EXPORT_SYMBOL_GPL(fips_enabled);
...@@ -28,3 +30,49 @@ static int fips_enable(char *str) ...@@ -28,3 +30,49 @@ static int fips_enable(char *str)
} }
__setup("fips=", fips_enable); __setup("fips=", fips_enable);
static struct ctl_table crypto_sysctl_table[] = {
{
.procname = "fips_enabled",
.data = &fips_enabled,
.maxlen = sizeof(int),
.mode = 0444,
.proc_handler = proc_dointvec
},
{}
};
static struct ctl_table crypto_dir_table[] = {
{
.procname = "crypto",
.mode = 0555,
.child = crypto_sysctl_table
},
{}
};
static struct ctl_table_header *crypto_sysctls;
static void crypto_proc_fips_init(void)
{
crypto_sysctls = register_sysctl_table(crypto_dir_table);
}
static void crypto_proc_fips_exit(void)
{
unregister_sysctl_table(crypto_sysctls);
}
static int __init fips_init(void)
{
crypto_proc_fips_init();
return 0;
}
static void __exit fips_exit(void)
{
crypto_proc_fips_exit();
}
module_init(fips_init);
module_exit(fips_exit);
...@@ -20,47 +20,8 @@ ...@@ -20,47 +20,8 @@
#include <linux/rwsem.h> #include <linux/rwsem.h>
#include <linux/proc_fs.h> #include <linux/proc_fs.h>
#include <linux/seq_file.h> #include <linux/seq_file.h>
#include <linux/sysctl.h>
#include "internal.h" #include "internal.h"
#ifdef CONFIG_CRYPTO_FIPS
static struct ctl_table crypto_sysctl_table[] = {
{
.procname = "fips_enabled",
.data = &fips_enabled,
.maxlen = sizeof(int),
.mode = 0444,
.proc_handler = proc_dointvec
},
{}
};
static struct ctl_table crypto_dir_table[] = {
{
.procname = "crypto",
.mode = 0555,
.child = crypto_sysctl_table
},
{}
};
static struct ctl_table_header *crypto_sysctls;
static void crypto_proc_fips_init(void)
{
crypto_sysctls = register_sysctl_table(crypto_dir_table);
}
static void crypto_proc_fips_exit(void)
{
if (crypto_sysctls)
unregister_sysctl_table(crypto_sysctls);
}
#else
#define crypto_proc_fips_init()
#define crypto_proc_fips_exit()
#endif
static void *c_start(struct seq_file *m, loff_t *pos) static void *c_start(struct seq_file *m, loff_t *pos)
{ {
down_read(&crypto_alg_sem); down_read(&crypto_alg_sem);
...@@ -148,11 +109,9 @@ static const struct file_operations proc_crypto_ops = { ...@@ -148,11 +109,9 @@ static const struct file_operations proc_crypto_ops = {
void __init crypto_init_proc(void) void __init crypto_init_proc(void)
{ {
proc_create("crypto", 0, NULL, &proc_crypto_ops); proc_create("crypto", 0, NULL, &proc_crypto_ops);
crypto_proc_fips_init();
} }
void __exit crypto_exit_proc(void) void __exit crypto_exit_proc(void)
{ {
crypto_proc_fips_exit();
remove_proc_entry("crypto", NULL); remove_proc_entry("crypto", NULL);
} }
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment