Home Explore Help
Sign In
SoftwareDesign
/
csu3_am335x
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: c7fff1ca50
Branches Tags
csu3_am335x
/
EVSE
/
GPL
/
glibc-2.29
/
sysdeps
/
unix
/
sysv
/
linux
/
fips-private.h

fips-private.h 2.0 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374 
  1. /* FIPS compliance status test for GNU/Linux systems.
    2. 

  2.    Copyright (C) 2012-2019 Free Software Foundation, Inc.
    3. 

  3.    This file is part of the GNU C Library.
    4. 

  4. 

  5.    The GNU C Library is free software; you can redistribute it and/or
    6. 

  6.    modify it under the terms of the GNU Lesser General Public
    7. 

  7.    License as published by the Free Software Foundation; either
    8. 

  8.    version 2.1 of the License, or (at your option) any later version.
    9. 

  9. 

  10.    The GNU C Library is distributed in the hope that it will be useful,
    11. 

  11.    but WITHOUT ANY WARRANTY; without even the implied warranty of
    12. 

  12.    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    13. 

  13.    Lesser General Public License for more details.
    14. 

  14. 

  15.    You should have received a copy of the GNU Lesser General Public
    16. 

  16.    License along with the GNU C Library; if not, see
    17. 

  17.    <http://www.gnu.org/licenses/>.  */
    18. 

  18. 

  19. #ifndef _FIPS_PRIVATE_H
    20. 

  20. #define _FIPS_PRIVATE_H
    21. 

  21. 

  22. #include <errno.h>
    23. 

  23. #include <fcntl.h>
    24. 

  24. #include <stdlib.h>
    25. 

  25. #include <unistd.h>
    26. 

  26. #include <not-cancel.h>
    27. 

  27. #include <stdbool.h>
    28. 

  28. 

  29. /* Return true if FIPS mode is enabled.  See
    30. 

  30.    sysdeps/generic/fips-private.h for more information.  */
    31. 

  31. 

  32. static bool
    33. 

  33. fips_enabled_p (void)
    34. 

  34. {
    35. 

  35.   static enum
    36. 

  36.   {
    37. 

  37.     FIPS_UNTESTED = 0,
    38. 

  38.     FIPS_ENABLED = 1,
    39. 

  39.     FIPS_DISABLED = -1,
    40. 

  40.     FIPS_TEST_FAILED = -2
    41. 

  41.   } checked;
    42. 

  42. 

  43.   if (checked == FIPS_UNTESTED)
    44. 

  44.     {
    45. 

  45.       int fd = __open_nocancel ("/proc/sys/crypto/fips_enabled", O_RDONLY);
    46. 

  46. 

  47.       if (fd != -1)
    48. 

  48. 	{
    49. 

  49. 	  /* This is more than enough, the file contains a single integer.  */
    50. 

  50. 	  char buf[32];
    51. 

  51. 	  ssize_t n;
    52. 

  52. 	  n = TEMP_FAILURE_RETRY (__read_nocancel (fd, buf, sizeof (buf) - 1));
    53. 

  53. 	  __close_nocancel_nostatus (fd);
    54. 

  54. 

  55. 	  if (n > 0)
    56. 

  56. 	    {
    57. 

  57. 	      /* Terminate the string.  */
    58. 

  58. 	      buf[n] = '\0';
    59. 

  59. 

  60. 	      char *endp;
    61. 

  61. 	      long int res = strtol (buf, &endp, 10);
    62. 

  62. 	      if (endp != buf && (*endp == '\0' || *endp == '\n'))
    63. 

  63. 		checked = (res > 0) ? FIPS_ENABLED : FIPS_DISABLED;
    64. 

  64. 	    }
    65. 

  65. 	}
    66. 

  66. 

  67.       if (checked == FIPS_UNTESTED)
    68. 

  68. 	checked = FIPS_TEST_FAILED;
    69. 

  69.     }
    70. 

  70. 

  71.   return checked == FIPS_ENABLED;
    72. 

  72. }
    73. 

  73. 

  74. #endif /* _FIPS_PRIVATE_H */
    75.