From 8cf045765669cc168fbe78250e299d4342cfc79d Mon Sep 17 00:00:00 2001 From: xumia Date: Sat, 8 Jul 2023 06:14:36 +0000 Subject: [PATCH] Change the FIPS build option consistent with other features --- doc/fips/SONiC-OpenSSL-FIPS-140-3.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/fips/SONiC-OpenSSL-FIPS-140-3.md b/doc/fips/SONiC-OpenSSL-FIPS-140-3.md index 642e0fbc38e..ea42dfe527e 100644 --- a/doc/fips/SONiC-OpenSSL-FIPS-140-3.md +++ b/doc/fips/SONiC-OpenSSL-FIPS-140-3.md @@ -172,13 +172,13 @@ export OPENSSL_CONFIG=/usr/lib/ssl/openssl-fips.cnf ### SONiC Build Options Support to enable/disable the FIPS feature, the feature is enabled by default in rules/config as below. ``` -ENABLE_FIPS_FEATURE ?= y +INCLUDE_FIPS ?= y ``` Support to enable/disable FIPS config, the flage is disabled by default. IF the option is set, then the fips is enabled by default in the image, not necesary to do the config in system level or application level. ``` ENABLE_FIPS ?= n ``` -If the ENABLE_FIPS_FEATURE is not set, then the option ENABLE_FIPS is useless. +If the INCLUDE_FIPS is not set, then the option ENABLE_FIPS is useless. ## SONiC FIPS Command lines ### The command line to enable or disable FIPS @@ -196,4 +196,4 @@ If the image is not specified, the next boot image will be used. ## Q&A ### Does SymCrypt use Linux Kernel crypto module? -SymCrypt on Linux does not rely on Kernel crypt for FIPS certification today. \ No newline at end of file +SymCrypt on Linux does not rely on Kernel crypt for FIPS certification today.