From 5a44749f65b2342d43dea82024e4febdac33c78d Mon Sep 17 00:00:00 2001 From: Vladis Dronov Date: Fri, 8 Jul 2022 14:33:13 +0200 Subject: crypto: fips - make proc files report fips module name and version FIPS 140-3 introduced a requirement for the FIPS module to return information about itself, specifically a name and a version. These values must match the values reported on FIPS certificates. This patch adds two files to read a name and a version from: /proc/sys/crypto/fips_name /proc/sys/crypto/fips_version v2: removed redundant parentheses in config entries. v3: move FIPS_MODULE_* defines to fips.c where they are used. v4: return utsrelease.h inclusion Signed-off-by: Simo Sorce Signed-off-by: Vladis Dronov Signed-off-by: Herbert Xu --- crypto/Kconfig | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) (limited to 'crypto/Kconfig') diff --git a/crypto/Kconfig b/crypto/Kconfig index 7d98a2b4ac9c..54bdcf2ce331 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -33,6 +33,27 @@ config CRYPTO_FIPS certification. You should say no unless you know what this is. +config CRYPTO_FIPS_NAME + string "FIPS Module Name" + default "Linux Kernel Cryptographic API" + depends on CRYPTO_FIPS + help + This option sets the FIPS Module name reported by the Crypto API via + the /proc/sys/crypto/fips_name file. + +config CRYPTO_FIPS_CUSTOM_VERSION + bool "Use Custom FIPS Module Version" + depends on CRYPTO_FIPS + default n + +config CRYPTO_FIPS_VERSION + string "FIPS Module Version" + default "(none)" + depends on CRYPTO_FIPS_CUSTOM_VERSION + help + This option provides the ability to override the FIPS Module Version. + By default the KERNELRELEASE value is used. + config CRYPTO_ALGAPI tristate select CRYPTO_ALGAPI2 -- cgit v1.2.3