Comment 1 for bug 1591797

This is a FIPS 140-2 requirement.
The FIPS_mode_set(1) in init_fips_mode() called from OPENSSL_init_library is to satisfy the FIPS 140-2, Section 4.9 requirement that power-up selftest be run when the module is powered-up. This must be done regardless of whether the module is to be run in FIPS mode or not. Reading /proc entry only indicates whether to run the module in FIPS mode.

Note: The FIPS code in openssl in Xenial is a work-in-progress and is not complete.
All effort is made to optimize the power-up selftest as mush as possible.