aboutsummaryrefslogtreecommitdiff
path: root/osdep.c
diff options
context:
space:
mode:
Diffstat (limited to 'osdep.c')
-rw-r--r--osdep.c29
1 files changed, 29 insertions, 0 deletions
diff --git a/osdep.c b/osdep.c
index 03817f0f3a..c07faf546e 100644
--- a/osdep.c
+++ b/osdep.c
@@ -24,6 +24,7 @@
#include <stdlib.h>
#include <stdio.h>
#include <stdarg.h>
+#include <stdbool.h>
#include <string.h>
#include <errno.h>
#include <unistd.h>
@@ -48,6 +49,8 @@ extern int madvise(caddr_t, size_t, int);
#include "trace.h"
#include "qemu_socket.h"
+static bool fips_enabled = false;
+
static const char *qemu_version = QEMU_VERSION;
int socket_set_cork(int fd, int v)
@@ -253,3 +256,29 @@ const char *qemu_get_version(void)
{
return qemu_version;
}
+
+void fips_set_state(bool requested)
+{
+#ifdef __linux__
+ if (requested) {
+ FILE *fds = fopen("/proc/sys/crypto/fips_enabled", "r");
+ if (fds != NULL) {
+ fips_enabled = (fgetc(fds) == '1');
+ fclose(fds);
+ }
+ }
+#else
+ fips_enabled = false;
+#endif /* __linux__ */
+
+#ifdef _FIPS_DEBUG
+ fprintf(stderr, "FIPS mode %s (requested %s)\n",
+ (fips_enabled ? "enabled" : "disabled"),
+ (requested ? "enabled" : "disabled"));
+#endif
+}
+
+bool fips_get_state(void)
+{
+ return fips_enabled;
+}