|
Harald Hoyer |
a66b47 |
From 4ee59ab3ed59475923a1fed0a8a52f5a03799c93 Mon Sep 17 00:00:00 2001
|
|
Harald Hoyer |
a66b47 |
From: Milan Broz <mbroz@redhat.com>
|
|
Harald Hoyer |
a66b47 |
Date: Mon, 16 Jul 2012 16:28:47 +0200
|
|
Harald Hoyer |
a66b47 |
Subject: [PATCH] Fix fips module list.
|
|
Harald Hoyer |
a66b47 |
|
|
Harald Hoyer |
a66b47 |
If dracut is build only with fips/fips-aesni (no crypto module),
|
|
Harald Hoyer |
a66b47 |
FIPS mode fails because of missing GCM modules.
|
|
Harald Hoyer |
a66b47 |
|
|
Harald Hoyer |
a66b47 |
Just add proper modules to list (kernel have both maker as FIPS compliant already).
|
|
Harald Hoyer |
a66b47 |
|
|
Harald Hoyer |
a66b47 |
Signed-off-by: Milan Broz <mbroz@redhat.com>
|
|
Harald Hoyer |
a66b47 |
---
|
|
Harald Hoyer |
a66b47 |
modules.d/01fips/module-setup.sh | 2 +-
|
|
Harald Hoyer |
a66b47 |
modules.d/02fips-aesni/module-setup.sh | 2 +-
|
|
Harald Hoyer |
a66b47 |
2 files changed, 2 insertions(+), 2 deletions(-)
|
|
Harald Hoyer |
a66b47 |
|
|
Harald Hoyer |
a66b47 |
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
|
|
Harald Hoyer |
a66b47 |
index 2d238fb..2517964 100755
|
|
Harald Hoyer |
a66b47 |
--- a/modules.d/01fips/module-setup.sh
|
|
Harald Hoyer |
a66b47 |
+++ b/modules.d/01fips/module-setup.sh
|
|
Harald Hoyer |
a66b47 |
@@ -12,7 +12,7 @@ depends() {
|
|
Harald Hoyer |
a66b47 |
|
|
Harald Hoyer |
a66b47 |
installkernel() {
|
|
Harald Hoyer |
a66b47 |
local _fipsmodules _mod
|
|
Harald Hoyer |
a66b47 |
- _fipsmodules="aead aes_generic xts aes-x86_64 ansi_cprng cbc ccm chainiv ctr"
|
|
Harald Hoyer |
a66b47 |
+ _fipsmodules="aead aes_generic xts aes-x86_64 ansi_cprng cbc ccm chainiv ctr gcm ghash_generic"
|
|
Harald Hoyer |
a66b47 |
_fipsmodules+=" des deflate ecb eseqiv hmac seqiv sha256 sha256_generic sha512 sha512_generic"
|
|
Harald Hoyer |
a66b47 |
_fipsmodules+=" cryptomgr crypto_null tcrypt dm-mod dm-crypt"
|
|
Harald Hoyer |
a66b47 |
|
|
Harald Hoyer |
a66b47 |
diff --git a/modules.d/02fips-aesni/module-setup.sh b/modules.d/02fips-aesni/module-setup.sh
|
|
Harald Hoyer |
a66b47 |
index f8fb705..fb4010d 100755
|
|
Harald Hoyer |
a66b47 |
--- a/modules.d/02fips-aesni/module-setup.sh
|
|
Harald Hoyer |
a66b47 |
+++ b/modules.d/02fips-aesni/module-setup.sh
|
|
Harald Hoyer |
a66b47 |
@@ -12,7 +12,7 @@ depends() {
|
|
Harald Hoyer |
a66b47 |
|
|
Harald Hoyer |
a66b47 |
installkernel() {
|
|
Harald Hoyer |
a66b47 |
local _fipsmodules _mod
|
|
Harald Hoyer |
a66b47 |
- _fipsmodules="aesni-intel"
|
|
Harald Hoyer |
a66b47 |
+ _fipsmodules="aesni-intel ghash_clmulni_intel"
|
|
Harald Hoyer |
a66b47 |
|
|
Harald Hoyer |
a66b47 |
mkdir -m 0755 -p "${initdir}/etc/modprobe.d"
|
|
Harald Hoyer |
a66b47 |
|