FIPS: error notifications to the OS, and some questions
I am new to NSS. The goal is to use NSS in FIPS mode and to provide the OS (Linux) some kind of notification when a FIPS error happens. I presume that FIPS POST tests are run when NSS is put into FIPS mode using modutils. I also assume that 'continuous, pair-wise tests as well as DRBG tests are done when running. Are these assumptions true ?
Where would a good location be to add code in order to notify the OS of any FIPS error ? That would at least be logging the error using the system's logger and woudl also include some basic notification such as creating a file somewhere under inotify observation by a daemon application. Is any provision for notifyinh the OS already included ?
Where can I find the latest Security Policy and, is there a User Guide for NSS in FIPS mode ? I browsed the web pages although seemingly I could not find links to these documents.