From 76450f93f17bb03a27476371c4c907e26a3c78a4 Mon Sep 17 00:00:00 2001
From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Wed, 22 Apr 2015 13:25:54 +0800
Subject: crypto: fips - Remove bogus inclusion of internal.h

The header file internal.h is only meant for internal crypto API
implementors such as rng.c.  So fips has no business in including
it.

This patch removes that inclusions and instead adds inclusions of
the actual features used by fips.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
 crypto/fips.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'crypto/fips.c')

diff --git a/crypto/fips.c b/crypto/fips.c
index 553970081c62..0f65df997bfe 100644
--- a/crypto/fips.c
+++ b/crypto/fips.c
@@ -10,7 +10,10 @@
  *
  */
 
-#include "internal.h"
+#include <linux/export.h>
+#include <linux/fips.h>
+#include <linux/init.h>
+#include <linux/kernel.h>
 
 int fips_enabled;
 EXPORT_SYMBOL_GPL(fips_enabled);
-- 
cgit v1.2.3


From 94072cb20eed369c64364c95bcfa3c012f54f466 Mon Sep 17 00:00:00 2001
From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Wed, 22 Apr 2015 13:25:56 +0800
Subject: crypto: fips - Move fips_enabled sysctl into fips.c

There is currently a large ifdef FIPS code section in proc.c.
Ostensibly it's there because the fips_enabled sysctl sits under
/proc/sys/crypto.  However, no other crypto sysctls exist.

In fact, the whole ethos of the crypto API is against such user
interfaces so this patch moves all the FIPS sysctl code over to
fips.c.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
 crypto/fips.c | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)

(limited to 'crypto/fips.c')

diff --git a/crypto/fips.c b/crypto/fips.c
index 0f65df997bfe..9d627c1cf8bc 100644
--- a/crypto/fips.c
+++ b/crypto/fips.c
@@ -13,7 +13,9 @@
 #include <linux/export.h>
 #include <linux/fips.h>
 #include <linux/init.h>
+#include <linux/module.h>
 #include <linux/kernel.h>
+#include <linux/sysctl.h>
 
 int fips_enabled;
 EXPORT_SYMBOL_GPL(fips_enabled);
@@ -28,3 +30,49 @@ static int fips_enable(char *str)
 }
 
 __setup("fips=", fips_enable);
+
+static struct ctl_table crypto_sysctl_table[] = {
+	{
+		.procname       = "fips_enabled",
+		.data           = &fips_enabled,
+		.maxlen         = sizeof(int),
+		.mode           = 0444,
+		.proc_handler   = proc_dointvec
+	},
+	{}
+};
+
+static struct ctl_table crypto_dir_table[] = {
+	{
+		.procname       = "crypto",
+		.mode           = 0555,
+		.child          = crypto_sysctl_table
+	},
+	{}
+};
+
+static struct ctl_table_header *crypto_sysctls;
+
+static void crypto_proc_fips_init(void)
+{
+	crypto_sysctls = register_sysctl_table(crypto_dir_table);
+}
+
+static void crypto_proc_fips_exit(void)
+{
+	unregister_sysctl_table(crypto_sysctls);
+}
+
+static int __init fips_init(void)
+{
+	crypto_proc_fips_init();
+	return 0;
+}
+
+static void __exit fips_exit(void)
+{
+	crypto_proc_fips_exit();
+}
+
+module_init(fips_init);
+module_exit(fips_exit);
-- 
cgit v1.2.3