Linux Kernel Signature Verification Code Adds FIPS Compliance

Phoronix reports a new change was merged into the soon-to-be-released Linux 5.19 on Tuesday, making the kernel's signature verification code compliant with the Federal Information Processing Standards known as FIPS:

FIPS are public standards via the National Institute of Standards and Technology used by U.S. government agencies and contractors in the areas of computer security and interoperability... Known-answer self-tests are required for FIPS compliance at startup/reboot, but the Linux kernel's signature verification code has been lacking such tests.

The signature checking code is used for module signing, Kexec, and other functionality. With Linux 5.19 there will now be some basic self-tests at start.
The tests will make their debut in Linux 5.19-rc4.

Thanks to long-time Slashdot reader UnknowingFool for sharing the news!

Read more of this story at Slashdot.