Enable FIPS mode on RockyRPI/Raspberry pi4

i just installed rocky 8.6 on a Raspberry pi4, with the image downloaded from the website.

[root@fipsTEST fips]# cat /etc/os-release 
NAME="Rocky Linux"
VERSION="8.6 (Green Obsidian)"
ID_LIKE="rhel centos fedora"
PRETTY_NAME="Rocky Linux 8.6 (Green Obsidian)"

I need to activate FIPS mode.
I executed the command fips-mode-setup --enable, and everything seems ok.

[root@fipsTEST fips]# fips-mode-setup --enable
Setting system policy to FIPS
Note: System-wide crypto policies are applied on application start-up.
It is recommended to restart the system for the change of policies
to fully take place.
The grubby command is missing, please configure the bootloader manually.
FIPS mode will be enabled.
Now you need to configure the bootloader to add kernel options "fips=1 boot=UUID=6A67-933C"
and reboot the system for the setting to take effect.

I added fips=1 in the cmdline.txt file in the boot partition, and it seems that the parameters are correctly passed to the kernel.

[root@fipsTEST fips]# cat /proc/cmdline
coherent_pool=1M 8250.nr_uarts=0 snd_bcm2835.enable_compat_alsa=0 snd_bcm2835.enable_hdmi=1 bcm2708_fb.fbwidth=0 bcm2708_fb.fbheight=0 bcm2708_fb.fbswap=1 smsc95xx.macaddr=DC:A6:32:40:40:86 vc_mem.mem_base=0x3ec00000 vc_mem.mem_size=0x40000000  console=ttyAMA0,115200 console=tty1 root=PARTUUID=0ed6aa64-03 rootfstype=ext4 elevator=deadline rootwait fips=1 boot=UUID=6A67-933C

But if i run the command fips-mode-setup --check, i get the following:

[root@fipsTEST fips]# fips-mode-setup --check
cat: /proc/sys/crypto/fips_enabled: No such file or directory
FIPS mode is .

Am I skipping any steps?
Thank you

Digging deeper, it seems that the parameter fips=1 is not accepted by the kernel.
This is from dmesg:

[    0.000000] Unknown kernel command line parameters "fips=1 boot=UUID=6A67-933C", will be passed to user space.

Hey there. According to one of our other Release Engineers (who works on providing the raspberrypi kernels), this is what he said:

I have a feeling that fips mode is included into the kernel by a patch that red hat only provides, not upstream. So I don’t think we’re porting it to the pi kernels (or if we can).
Now if it works with the generic kernels, we might be missing a config option, and that would be easier to fix.

He’ll likely investigate a bit and maybe we’ll have updates to pass through our repos in the future.

Hi nazunalika, thank you very much for the clarification.