GitLab

Previously, to enable the FIPS140-2 mode, both /etc/system-fips and
the fips=1 kernel command line need to be set.  While this was
designed to be consistent, the convention is not well followed by the
other crypto libraries and the former tends to be ignored.  This
aligns the behavior to the latter, i.e. if fips=1 is set, the library
enables the FIPS140-2 mode regardless of the existence of
/etc/system-fips.

Suggested by Alexander Sosedkin.
Signed-off-by: Daiki Ueno <dueno@redhat.com>