| Ard Biesheuvel | 2db9143 | 2021-03-23 10:54:38 +0100 | [diff] [blame] | 1 | /* SPDX-License-Identifier: GPL-2.0 WITH Linux-syscall-note */ |
| 2 | |
| 3 | #ifndef _CRYPTO_FIPS140_EVAL_TESTING_H |
| 4 | #define _CRYPTO_FIPS140_EVAL_TESTING_H |
| 5 | |
| 6 | #include <linux/ioctl.h> |
| 7 | |
| 8 | /* |
| 9 | * This header defines the ioctls that are available on the fips140 character |
| 10 | * device. These ioctls expose some of the module's services to userspace so |
| 11 | * that they can be tested by the FIPS certification lab; this is a required |
| 12 | * part of getting a FIPS 140 certification. These ioctls do not have any other |
| 13 | * purpose, and they do not need to be present in production builds. |
| 14 | */ |
| 15 | |
| 16 | /* |
| 17 | * Call the fips140_is_approved_service() function. The argument must be the |
| 18 | * service name as a NUL-terminated string. The return value will be 1 if |
| 19 | * fips140_is_approved_service() returned true, or 0 if it returned false. |
| 20 | */ |
| 21 | #define FIPS140_IOCTL_IS_APPROVED_SERVICE _IO('F', 0) |
| 22 | |
| 23 | /* |
| 24 | * Call the fips140_module_version() function. The argument must be a pointer |
| 25 | * to a buffer of size >= 256 chars. The NUL-terminated string returned by |
| 26 | * fips140_module_version() will be written to this buffer. |
| 27 | */ |
| 28 | #define FIPS140_IOCTL_MODULE_VERSION _IOR('F', 1, char[256]) |
| 29 | |
| 30 | #endif /* _CRYPTO_FIPS140_EVAL_TESTING_H */ |