* [PATCH 0/6] crypto: Remove fips.h inclusion from internal.h
@ 2015-04-22 5:24 Herbert Xu
2015-04-22 5:25 ` [PATCH 1/6] crypto: api - Include linux/fips.h Herbert Xu
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: Herbert Xu @ 2015-04-22 5:24 UTC (permalink / raw
To: Linux Crypto Mailing List
For historical reasons internal.h currently includes fips.h and
a number of files depend on that to get access to fips_enabled.
This is suboptimal because internal.h is truly internal and should
only be used if you're implementing internal crypto API. That means
if you are an algorithm/driver author or crypto API user then you
should not be accessing that file.
This series moves the fips.h inclusion to spots where it's actually
needed and then gets rid of it from internal.h.
Cheers,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH 1/6] crypto: api - Include linux/fips.h
2015-04-22 5:24 [PATCH 0/6] crypto: Remove fips.h inclusion from internal.h Herbert Xu
@ 2015-04-22 5:25 ` Herbert Xu
2015-04-22 5:25 ` [PATCH 2/6] crypto: fips - Remove bogus inclusion of internal.h Herbert Xu
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Herbert Xu @ 2015-04-22 5:25 UTC (permalink / raw
To: Linux Crypto Mailing List
All users of fips_enabled should include linux/fips.h directly
instead of getting it through internal.h.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
crypto/algapi.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/crypto/algapi.c b/crypto/algapi.c
index f835f43..c63836f 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -12,6 +12,7 @@
#include <linux/err.h>
#include <linux/errno.h>
+#include <linux/fips.h>
#include <linux/init.h>
#include <linux/kernel.h>
#include <linux/list.h>
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH 2/6] crypto: fips - Remove bogus inclusion of internal.h
2015-04-22 5:24 [PATCH 0/6] crypto: Remove fips.h inclusion from internal.h Herbert Xu
2015-04-22 5:25 ` [PATCH 1/6] crypto: api - Include linux/fips.h Herbert Xu
@ 2015-04-22 5:25 ` Herbert Xu
2015-04-22 5:25 ` [PATCH 3/6] crypto: fips - Move fips_enabled sysctl into fips.c Herbert Xu
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Herbert Xu @ 2015-04-22 5:25 UTC (permalink / raw
To: Linux Crypto Mailing List
The header file internal.h is only meant for internal crypto API
implementors such as rng.c. So fips has no business in including
it.
This patch removes that inclusions and instead adds inclusions of
the actual features used by fips.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
crypto/fips.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/crypto/fips.c b/crypto/fips.c
index 5539700..0f65df9 100644
--- a/crypto/fips.c
+++ b/crypto/fips.c
@@ -10,7 +10,10 @@
*
*/
-#include "internal.h"
+#include <linux/export.h>
+#include <linux/fips.h>
+#include <linux/init.h>
+#include <linux/kernel.h>
int fips_enabled;
EXPORT_SYMBOL_GPL(fips_enabled);
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH 3/6] crypto: fips - Move fips_enabled sysctl into fips.c
2015-04-22 5:24 [PATCH 0/6] crypto: Remove fips.h inclusion from internal.h Herbert Xu
2015-04-22 5:25 ` [PATCH 1/6] crypto: api - Include linux/fips.h Herbert Xu
2015-04-22 5:25 ` [PATCH 2/6] crypto: fips - Remove bogus inclusion of internal.h Herbert Xu
@ 2015-04-22 5:25 ` Herbert Xu
2015-04-22 5:25 ` [PATCH 4/6] crypto: tcrypt - Include linux/fips.h for fips_enabled Herbert Xu
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: Herbert Xu @ 2015-04-22 5:25 UTC (permalink / raw
To: Linux Crypto Mailing List
There is currently a large ifdef FIPS code section in proc.c.
Ostensibly it's there because the fips_enabled sysctl sits under
/proc/sys/crypto. However, no other crypto sysctls exist.
In fact, the whole ethos of the crypto API is against such user
interfaces so this patch moves all the FIPS sysctl code over to
fips.c.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
crypto/fips.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
crypto/proc.c | 41 -----------------------------------------
2 files changed, 48 insertions(+), 41 deletions(-)
diff --git a/crypto/fips.c b/crypto/fips.c
index 0f65df9..9d627c1 100644
--- a/crypto/fips.c
+++ b/crypto/fips.c
@@ -13,7 +13,9 @@
#include <linux/export.h>
#include <linux/fips.h>
#include <linux/init.h>
+#include <linux/module.h>
#include <linux/kernel.h>
+#include <linux/sysctl.h>
int fips_enabled;
EXPORT_SYMBOL_GPL(fips_enabled);
@@ -28,3 +30,49 @@ static int fips_enable(char *str)
}
__setup("fips=", fips_enable);
+
+static struct ctl_table crypto_sysctl_table[] = {
+ {
+ .procname = "fips_enabled",
+ .data = &fips_enabled,
+ .maxlen = sizeof(int),
+ .mode = 0444,
+ .proc_handler = proc_dointvec
+ },
+ {}
+};
+
+static struct ctl_table crypto_dir_table[] = {
+ {
+ .procname = "crypto",
+ .mode = 0555,
+ .child = crypto_sysctl_table
+ },
+ {}
+};
+
+static struct ctl_table_header *crypto_sysctls;
+
+static void crypto_proc_fips_init(void)
+{
+ crypto_sysctls = register_sysctl_table(crypto_dir_table);
+}
+
+static void crypto_proc_fips_exit(void)
+{
+ unregister_sysctl_table(crypto_sysctls);
+}
+
+static int __init fips_init(void)
+{
+ crypto_proc_fips_init();
+ return 0;
+}
+
+static void __exit fips_exit(void)
+{
+ crypto_proc_fips_exit();
+}
+
+module_init(fips_init);
+module_exit(fips_exit);
diff --git a/crypto/proc.c b/crypto/proc.c
index 4ffe73b..2cc10c9 100644
--- a/crypto/proc.c
+++ b/crypto/proc.c
@@ -20,47 +20,8 @@
#include <linux/rwsem.h>
#include <linux/proc_fs.h>
#include <linux/seq_file.h>
-#include <linux/sysctl.h>
#include "internal.h"
-#ifdef CONFIG_CRYPTO_FIPS
-static struct ctl_table crypto_sysctl_table[] = {
- {
- .procname = "fips_enabled",
- .data = &fips_enabled,
- .maxlen = sizeof(int),
- .mode = 0444,
- .proc_handler = proc_dointvec
- },
- {}
-};
-
-static struct ctl_table crypto_dir_table[] = {
- {
- .procname = "crypto",
- .mode = 0555,
- .child = crypto_sysctl_table
- },
- {}
-};
-
-static struct ctl_table_header *crypto_sysctls;
-
-static void crypto_proc_fips_init(void)
-{
- crypto_sysctls = register_sysctl_table(crypto_dir_table);
-}
-
-static void crypto_proc_fips_exit(void)
-{
- if (crypto_sysctls)
- unregister_sysctl_table(crypto_sysctls);
-}
-#else
-#define crypto_proc_fips_init()
-#define crypto_proc_fips_exit()
-#endif
-
static void *c_start(struct seq_file *m, loff_t *pos)
{
down_read(&crypto_alg_sem);
@@ -148,11 +109,9 @@ static const struct file_operations proc_crypto_ops = {
void __init crypto_init_proc(void)
{
proc_create("crypto", 0, NULL, &proc_crypto_ops);
- crypto_proc_fips_init();
}
void __exit crypto_exit_proc(void)
{
- crypto_proc_fips_exit();
remove_proc_entry("crypto", NULL);
}
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH 4/6] crypto: tcrypt - Include linux/fips.h for fips_enabled
2015-04-22 5:24 [PATCH 0/6] crypto: Remove fips.h inclusion from internal.h Herbert Xu
` (2 preceding siblings ...)
2015-04-22 5:25 ` [PATCH 3/6] crypto: fips - Move fips_enabled sysctl into fips.c Herbert Xu
@ 2015-04-22 5:25 ` Herbert Xu
2015-04-22 5:25 ` [PATCH 5/6] crypto: testmgr " Herbert Xu
2015-04-22 5:25 ` [PATCH 6/6] crypto: api - Remove linux/fips.h from internal.h Herbert Xu
5 siblings, 0 replies; 7+ messages in thread
From: Herbert Xu @ 2015-04-22 5:25 UTC (permalink / raw
To: Linux Crypto Mailing List
All users of fips_enabled should include linux/fips.h directly
instead of getting it through internal.h which is reserved for
internal crypto API implementors.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
crypto/tcrypt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index bf41c34..22cdd61 100644
--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -24,6 +24,7 @@
#include <crypto/hash.h>
#include <linux/err.h>
+#include <linux/fips.h>
#include <linux/init.h>
#include <linux/gfp.h>
#include <linux/module.h>
@@ -34,7 +35,6 @@
#include <linux/timex.h>
#include <linux/interrupt.h>
#include "tcrypt.h"
-#include "internal.h"
/*
* Need slab memory for testing (size in number of pages).
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH 5/6] crypto: testmgr - Include linux/fips.h for fips_enabled
2015-04-22 5:24 [PATCH 0/6] crypto: Remove fips.h inclusion from internal.h Herbert Xu
` (3 preceding siblings ...)
2015-04-22 5:25 ` [PATCH 4/6] crypto: tcrypt - Include linux/fips.h for fips_enabled Herbert Xu
@ 2015-04-22 5:25 ` Herbert Xu
2015-04-22 5:25 ` [PATCH 6/6] crypto: api - Remove linux/fips.h from internal.h Herbert Xu
5 siblings, 0 replies; 7+ messages in thread
From: Herbert Xu @ 2015-04-22 5:25 UTC (permalink / raw
To: Linux Crypto Mailing List
All users of fips_enabled should include linux/fips.h directly
instead of getting it through internal.h.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
crypto/testmgr.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index f9bce3d..18b7d49 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -22,6 +22,7 @@
#include <crypto/hash.h>
#include <linux/err.h>
+#include <linux/fips.h>
#include <linux/module.h>
#include <linux/scatterlist.h>
#include <linux/slab.h>
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH 6/6] crypto: api - Remove linux/fips.h from internal.h
2015-04-22 5:24 [PATCH 0/6] crypto: Remove fips.h inclusion from internal.h Herbert Xu
` (4 preceding siblings ...)
2015-04-22 5:25 ` [PATCH 5/6] crypto: testmgr " Herbert Xu
@ 2015-04-22 5:25 ` Herbert Xu
5 siblings, 0 replies; 7+ messages in thread
From: Herbert Xu @ 2015-04-22 5:25 UTC (permalink / raw
To: Linux Crypto Mailing List
Now that all fips_enabled users are including linux/fips.h directly
instead of getting it through internal.h, we can remove the fips.h
inclusions from internal.h.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
crypto/internal.h | 1 -
1 file changed, 1 deletion(-)
diff --git a/crypto/internal.h b/crypto/internal.h
index ed7a70c..00e42a3 100644
--- a/crypto/internal.h
+++ b/crypto/internal.h
@@ -25,7 +25,6 @@
#include <linux/notifier.h>
#include <linux/rwsem.h>
#include <linux/slab.h>
-#include <linux/fips.h>
/* Crypto notification events. */
enum {
^ permalink raw reply related [flat|nested] 7+ messages in thread
end of thread, other threads:[~2015-04-22 5:26 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-04-22 5:24 [PATCH 0/6] crypto: Remove fips.h inclusion from internal.h Herbert Xu
2015-04-22 5:25 ` [PATCH 1/6] crypto: api - Include linux/fips.h Herbert Xu
2015-04-22 5:25 ` [PATCH 2/6] crypto: fips - Remove bogus inclusion of internal.h Herbert Xu
2015-04-22 5:25 ` [PATCH 3/6] crypto: fips - Move fips_enabled sysctl into fips.c Herbert Xu
2015-04-22 5:25 ` [PATCH 4/6] crypto: tcrypt - Include linux/fips.h for fips_enabled Herbert Xu
2015-04-22 5:25 ` [PATCH 5/6] crypto: testmgr " Herbert Xu
2015-04-22 5:25 ` [PATCH 6/6] crypto: api - Remove linux/fips.h from internal.h Herbert Xu
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.