On Thu, 28 Feb 2013 12:38:46 +0530 Suresh Jayaraman <sjayaraman@xxxxxxxxxx> wrote: > Hi all, > > I was told that (haven't checked myself, yet) that booting in FIPS > (Federal Information Processing Standard) mode by adding "fips=1" to > grub.conf breaks CIFS mounts by returning -ENOENT. > > I thought I'd ask if this is a known problem before I spend more time on > this. > > > Thanks > Yep, known problem. We try to load several crypto routines during the mount process, and that fails in FIPS mode since they aren't allowed. The fix is to only load those routines once we know that we actually need them and only fail in those cases. There are no patches for that yet, AFAIK. Note that enabling FIPS mode will almost certainly break both NTLMv1 and NTLMv2 auth, since those require md4 and md5. It might be nice to update the manpage with what sec= options actually work after enabling FIPS mode once the main problem is fixed. -- Jeff Layton <jlayton@xxxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
