2742be5903
In fips140.ko, enable the behavior that the upstream fips_enabled flag controls, such as the XTS weak key check which apparently is required. Note that some of this behavior, such as the DRBG continuity check, is allegedly not required. But to ensure we don't miss anything that was already handled upstream, it seems best to define fips_enabled to 1. We can still disable anything that turns out to be problematic. Bug: 153614920 Bug: 188620248 Change-Id: Idcded9e69e7d7cdf7f2937009af209857b0c08e2 Signed-off-by: Eric Biggers <ebiggers@google.com>
514 B
514 B