diff options
author | Daniel P. Berrangé <berrange@redhat.com> | 2022-03-04 10:27:42 +0000 |
---|---|---|
committer | Daniel P. Berrangé <berrange@redhat.com> | 2022-04-26 16:12:25 +0100 |
commit | c6b310b37c3e3f898d56955646e6d49c60ef7a63 (patch) | |
tree | 7d7f62869dda93a821d258b3bdf6a3b9e3aa0528 /docs | |
parent | a1755db71e34df016ffc10aa0727360aae2c6036 (diff) |
softmmu: remove deprecated --enable-fips option
Users requiring FIPS support must build QEMU with either the libgcrypt
or gnutls libraries as the crytography backend.
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Diffstat (limited to 'docs')
-rw-r--r-- | docs/about/deprecated.rst | 12 | ||||
-rw-r--r-- | docs/about/removed-features.rst | 11 |
2 files changed, 11 insertions, 12 deletions
diff --git a/docs/about/deprecated.rst b/docs/about/deprecated.rst index cf02ef6821..257cc15f82 100644 --- a/docs/about/deprecated.rst +++ b/docs/about/deprecated.rst @@ -67,18 +67,6 @@ and will cause a warning. The replacement for the ``nodelay`` short-form boolean option is ``nodelay=on`` rather than ``delay=off``. -``--enable-fips`` (since 6.0) -''''''''''''''''''''''''''''' - -This option restricts usage of certain cryptographic algorithms when -the host is operating in FIPS mode. - -If FIPS compliance is required, QEMU should be built with the ``libgcrypt`` -library enabled as a cryptography provider. - -Neither the ``nettle`` library, or the built-in cryptography provider are -supported on FIPS enabled hosts. - ``-writeconfig`` (since 6.0) ''''''''''''''''''''''''''''' diff --git a/docs/about/removed-features.rst b/docs/about/removed-features.rst index 4b831ea291..a66f4b73b2 100644 --- a/docs/about/removed-features.rst +++ b/docs/about/removed-features.rst @@ -336,6 +336,17 @@ for the RISC-V ``virt`` machine and ``sifive_u`` machine. The ``-no-quit`` was a synonym for ``-display ...,window-close=off`` which should be used instead. +``--enable-fips`` (removed in 7.1) +'''''''''''''''''''''''''''''''''' + +This option restricted usage of certain cryptographic algorithms when +the host is operating in FIPS mode. + +If FIPS compliance is required, QEMU should be built with the ``libgcrypt`` +or ``gnutls`` library enabled as a cryptography provider. + +Neither the ``nettle`` library, or the built-in cryptography provider are +supported on FIPS enabled hosts. QEMU Machine Protocol (QMP) commands ------------------------------------ |