9552389c46
Crypto test failures in FIPS mode cause an immediate panic, but on some system the cryptographic boundary extends beyond just the Linux controlled domain. Add a simple atomic notification chain to allow interested parties to register to receive notification prior to us kicking the bucket. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
19 lines
303 B
C
19 lines
303 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
#ifndef _FIPS_H
|
|
#define _FIPS_H
|
|
|
|
#ifdef CONFIG_CRYPTO_FIPS
|
|
extern int fips_enabled;
|
|
extern struct atomic_notifier_head fips_fail_notif_chain;
|
|
|
|
void fips_fail_notify(void);
|
|
|
|
#else
|
|
#define fips_enabled 0
|
|
|
|
static inline void fips_fail_notify(void) {}
|
|
|
|
#endif
|
|
|
|
#endif
|