msm: crypto: Add CONFIG_FIPS_USE_RECOMPILE for FIPS enablement
Due to binary compatibility for FIPS pre-compiled binaries, a flag CONFIG_FIPS_RECOMPILE is added to recompile the FIPS certified source code. If it is set to y, source code compilation will be enforced. If it is set to n or undefined, certified binaries will be used for FIPS enablement. Note that use of this flag(i.e. recompilation) may invalidate existing FIPS certification. Change-Id: If4e3367e63785f7f82e46b5ed73dbe2786f1c3b1 Signed-off-by: William Clark <wclark@codeaurora.org>
This commit is contained in:
parent
f5c078dba9
commit
0d5acb0293
|
@ -312,6 +312,18 @@ config FIPS_ENABLE
|
|||
which will perform this task. Please select Y here
|
||||
to enable.
|
||||
|
||||
config FIPS_RECOMPILE
|
||||
bool "Recompile FIPS140-2 certified binaries"
|
||||
depends on FIPS_ENABLE
|
||||
help
|
||||
This flag is to make current build recompile FIPS140-2
|
||||
certified crypto binary from source. Please select Y here to
|
||||
enable. In default value n, the compiler will use
|
||||
pre-compiled binaries. Note that select Y may invalidate
|
||||
existing FIPS140-2 certification but the recompiled crypto
|
||||
library remains FIPS certifable. The flag is only
|
||||
effective when flag FIPS_ENABLE is enabled.
|
||||
|
||||
config CRYPTO_DEV_QCRYPTO
|
||||
tristate "Qualcomm Crypto accelerator"
|
||||
select CRYPTO_DES
|
||||
|
|
Loading…
Reference in New Issue