crypto.rst

/proc/sys/crypto/

These files show up in /proc/sys/crypto/, depending on the kernel configuration:

fips_enabled

Read-only flag that indicates whether FIPS mode is enabled.

0: FIPS mode is disabled (default).
1: FIPS mode is enabled.

This value is set at boot time via the fips=1 kernel command line parameter. When enabled, the cryptographic API will restrict the use of certain algorithms and perform self-tests to ensure compliance with FIPS (Federal Information Processing Standards) requirements, such as FIPS 140-2 and the newer FIPS 140-3, depending on the kernel configuration and the module in use.

fips_name

Read-only file that contains the name of the FIPS module currently in use. The value is typically configured via the CONFIG_CRYPTO_FIPS_NAME kernel configuration option.

fips_version

Read-only file that contains the version string of the FIPS module. If CONFIG_CRYPTO_FIPS_CUSTOM_VERSION is set, it uses the value from CONFIG_CRYPTO_FIPS_VERSION. Otherwise, it defaults to the kernel release version (UTS_RELEASE).

For general info and legal blurb, please look in Documentation/admin-guide/sysctl/index.rst.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

/proc/sys/crypto/

fips_enabled

fips_name

fips_version

FilesExpand file tree

crypto.rst

Latest commit

History

crypto.rst

File metadata and controls

/proc/sys/crypto/

fips_enabled

fips_name

fips_version