softmmu: remove deprecated --enable-fips option

Users requiring FIPS support must build QEMU with either the libgcrypt or gnutls libraries as the crytography backend. Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
author: Daniel P. Berrangé <berrange@redhat.com> 2022-03-04 10:27:42 +0000
committer: Daniel P. Berrangé <berrange@redhat.com> 2022-04-26 16:12:25 +0100
commit: c6b310b37c3e3f898d56955646e6d49c60ef7a63 (patch)
tree: 7d7f62869dda93a821d258b3bdf6a3b9e3aa0528 /docs/about/removed-features.rst
parent: a1755db71e34df016ffc10aa0727360aae2c6036 (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/about/removed-features.rst b/docs/about/removed-features.rst
index 4b831ea291..a66f4b73b2 100644
--- a/docs/about/removed-features.rst
+++ b/docs/about/removed-features.rst
@@ -336,6 +336,17 @@ for the RISC-V ``virt`` machine and ``sifive_u`` machine.
 The ``-no-quit`` was a synonym for ``-display ...,window-close=off`` which
 should be used instead.
 
+``--enable-fips`` (removed in 7.1)
+''''''''''''''''''''''''''''''''''
+
+This option restricted usage of certain cryptographic algorithms when
+the host is operating in FIPS mode.
+
+If FIPS compliance is required, QEMU should be built with the ``libgcrypt``
+or ``gnutls`` library enabled as a cryptography provider.
+
+Neither the ``nettle`` library, or the built-in cryptography provider are
+supported on FIPS enabled hosts.
 
 QEMU Machine Protocol (QMP) commands
 ------------------------------------
author	Daniel P. Berrangé <berrange@redhat.com>	2022-03-04 10:27:42 +0000
committer	Daniel P. Berrangé <berrange@redhat.com>	2022-04-26 16:12:25 +0100
commit	c6b310b37c3e3f898d56955646e6d49c60ef7a63 (patch)
tree	7d7f62869dda93a821d258b3bdf6a3b9e3aa0528 /docs/about/removed-features.rst
parent	a1755db71e34df016ffc10aa0727360aae2c6036 (diff)