diff -up openssl-3.0.0-alpha13/crypto/context.c.kernel-fips openssl-3.0.0-alpha13/crypto/context.c
--- openssl-3.0.0-alpha13/crypto/context.c.kernel-fips	2021-03-16 00:09:55.814826432 +0100
+++ openssl-3.0.0-alpha13/crypto/context.c	2021-03-16 00:15:55.129043811 +0100
@@ -12,6 +12,41 @@
 #include "internal/provider.h"
 #include "crypto/context.h"
 
+# include <sys/types.h>
+# include <sys/stat.h>
+# include <fcntl.h>
+# include <unistd.h>
+# include <openssl/evp.h>
+
+# define FIPS_MODE_SWITCH_FILE "/proc/sys/crypto/fips_enabled"
+
+static int kernel_fips_flag;
+
+static void read_kernel_fips_flag(void)
+{
+	char buf[2] = "0";
+	int fd;
+
+	if (ossl_safe_getenv("OPENSSL_FORCE_FIPS_MODE") != NULL) {
+		buf[0] = '1';
+	} else if ((fd = open(FIPS_MODE_SWITCH_FILE, O_RDONLY)) >= 0) {
+		while (read(fd, buf, sizeof(buf)) < 0 && errno == EINTR) ;
+		close(fd);
+	}
+
+	if (buf[0] == '1') {
+		kernel_fips_flag = 1;
+	}
+
+		return;
+}
+
+int ossl_get_kernel_fips_flag()
+{
+	return kernel_fips_flag;
+}
+
+
 struct ossl_lib_ctx_st {
     CRYPTO_RWLOCK *lock, *rand_crngt_lock;
     OSSL_EX_DATA_GLOBAL global;
@@ -121,6 +170,7 @@ static CRYPTO_THREAD_LOCAL default_conte
 
 DEFINE_RUN_ONCE_STATIC(default_context_do_init)
 {
+	 read_kernel_fips_flag();
     if (!CRYPTO_THREAD_init_local(&default_context_thread_local, NULL))
         goto err;
 
diff -up openssl-3.0.1/include/internal/provider.h.embed-fips openssl-3.0.1/include/internal/provider.h
--- openssl-3.0.1/include/internal/provider.h.embed-fips	2022-01-11 13:13:08.323238760 +0100
+++ openssl-3.0.1/include/internal/provider.h	2022-01-11 13:13:43.522558909 +0100
@@ -110,6 +110,9 @@ int ossl_provider_init_as_child(OSSL_LIB
                                 const OSSL_DISPATCH *in);
 void ossl_provider_deinit_child(OSSL_LIB_CTX *ctx);
 
+/* FIPS flag access */
+int ossl_get_kernel_fips_flag(void);
+
 # ifdef __cplusplus
 }
 # endif