mirror of https://github.com/vbatts/go-fips.git
45 lines
771 B
Go
45 lines
771 B
Go
// +build linux
|
|
|
|
package fips
|
|
|
|
import (
|
|
"bytes"
|
|
"io/ioutil"
|
|
"os"
|
|
)
|
|
|
|
var (
|
|
kernelCommandLine = "/proc/cmdline"
|
|
kernelFipsParameter = []byte("fips=")
|
|
)
|
|
|
|
func kernelMode() (ONOFF, error) {
|
|
if _, err := os.Stat(kernelCommandLine); os.IsNotExist(err) {
|
|
return OFF, ErrKernelNotSupported
|
|
}
|
|
fh, err := os.Open(kernelCommandLine)
|
|
if err != nil {
|
|
return OFF, err
|
|
}
|
|
defer fh.Close()
|
|
|
|
buf, err := ioutil.ReadAll(fh)
|
|
if err != nil {
|
|
return OFF, err
|
|
}
|
|
|
|
enabled := OFF
|
|
for _, chunk := range bytes.Split(buf, []byte(" ")) {
|
|
if bytes.HasPrefix(chunk, kernelFipsParameter) {
|
|
val := bytes.TrimPrefix(chunk, kernelFipsParameter)
|
|
if string(val) == "1" {
|
|
enabled = ON
|
|
} else if string(val) == "0" {
|
|
enabled = OFF
|
|
}
|
|
}
|
|
}
|
|
|
|
return enabled, nil
|
|
}
|