summaryrefslogtreecommitdiff
path: root/crypto/Kconfig
diff options
context:
space:
mode:
authorVladis Dronov <vdronov@redhat.com>2022-07-08 15:33:13 +0300
committerHerbert Xu <herbert@gondor.apana.org.au>2022-07-15 11:43:22 +0300
commit5a44749f65b2342d43dea82024e4febdac33c78d (patch)
tree0b0ed9ba508fe084037718db5ad4e474a66c0bd1 /crypto/Kconfig
parent1353e576ae3b7b9703b74f6f2276b6dd450f4a2e (diff)
downloadlinux-5a44749f65b2342d43dea82024e4febdac33c78d.tar.xz
crypto: fips - make proc files report fips module name and version
FIPS 140-3 introduced a requirement for the FIPS module to return information about itself, specifically a name and a version. These values must match the values reported on FIPS certificates. This patch adds two files to read a name and a version from: /proc/sys/crypto/fips_name /proc/sys/crypto/fips_version v2: removed redundant parentheses in config entries. v3: move FIPS_MODULE_* defines to fips.c where they are used. v4: return utsrelease.h inclusion Signed-off-by: Simo Sorce <simo@redhat.com> Signed-off-by: Vladis Dronov <vdronov@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/Kconfig')
-rw-r--r--crypto/Kconfig21
1 files changed, 21 insertions, 0 deletions
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 7d98a2b4ac9c..54bdcf2ce331 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -33,6 +33,27 @@ config CRYPTO_FIPS
certification. You should say no unless you know what
this is.
+config CRYPTO_FIPS_NAME
+ string "FIPS Module Name"
+ default "Linux Kernel Cryptographic API"
+ depends on CRYPTO_FIPS
+ help
+ This option sets the FIPS Module name reported by the Crypto API via
+ the /proc/sys/crypto/fips_name file.
+
+config CRYPTO_FIPS_CUSTOM_VERSION
+ bool "Use Custom FIPS Module Version"
+ depends on CRYPTO_FIPS
+ default n
+
+config CRYPTO_FIPS_VERSION
+ string "FIPS Module Version"
+ default "(none)"
+ depends on CRYPTO_FIPS_CUSTOM_VERSION
+ help
+ This option provides the ability to override the FIPS Module Version.
+ By default the KERNELRELEASE value is used.
+
config CRYPTO_ALGAPI
tristate
select CRYPTO_ALGAPI2