diff options
author | Vladis Dronov <vdronov@redhat.com> | 2022-07-08 14:33:13 +0200 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2022-07-15 16:43:22 +0800 |
commit | f8daa5465f243e6a4afcb0feca83f8cdc59e5ee2 (patch) | |
tree | e789c3d71fd5fea0008f5bcb451f7ed7597ba5b0 /crypto/Kconfig | |
parent | 764636396e0b347c29277e0e55331d7ea341d768 (diff) | |
download | linux-crypto-f8daa5465f243e6a4afcb0feca83f8cdc59e5ee2.tar.gz linux-crypto-f8daa5465f243e6a4afcb0feca83f8cdc59e5ee2.zip |
crypto: fips - make proc files report fips module name and version
FIPS 140-3 introduced a requirement for the FIPS module to return
information about itself, specifically a name and a version. These
values must match the values reported on FIPS certificates.
This patch adds two files to read a name and a version from:
/proc/sys/crypto/fips_name
/proc/sys/crypto/fips_version
v2: removed redundant parentheses in config entries.
v3: move FIPS_MODULE_* defines to fips.c where they are used.
v4: return utsrelease.h inclusion
Signed-off-by: Simo Sorce <simo@redhat.com>
Signed-off-by: Vladis Dronov <vdronov@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/Kconfig')
-rw-r--r-- | crypto/Kconfig | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/crypto/Kconfig b/crypto/Kconfig index 7d98a2b4..54bdcf2c 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -33,6 +33,27 @@ config CRYPTO_FIPS certification. You should say no unless you know what this is. +config CRYPTO_FIPS_NAME + string "FIPS Module Name" + default "Linux Kernel Cryptographic API" + depends on CRYPTO_FIPS + help + This option sets the FIPS Module name reported by the Crypto API via + the /proc/sys/crypto/fips_name file. + +config CRYPTO_FIPS_CUSTOM_VERSION + bool "Use Custom FIPS Module Version" + depends on CRYPTO_FIPS + default n + +config CRYPTO_FIPS_VERSION + string "FIPS Module Version" + default "(none)" + depends on CRYPTO_FIPS_CUSTOM_VERSION + help + This option provides the ability to override the FIPS Module Version. + By default the KERNELRELEASE value is used. + config CRYPTO_ALGAPI tristate select CRYPTO_ALGAPI2 |