On Mon, Feb 10, 2025 at 01:40:10PM +0100, Markus Theil wrote: > > This was also my first thought, just enable fips mode. Our workloads don't > have to run in FIPS mode and I don't know which software may reacts to the > kernel announcing to be fips enabled in an unexpected way. > > So basically, this seems to be useful, even when not in FIPS mode. That's not a strong reason for adding a new run-time toggle. It sounds like you could just enable FIPS mode instead. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
