rpms / dracut

Clone
Source Code
GIT

Files

  1.   89b080e2768aeb2c79b3fda802797791808d5453
  2.   0036-fips-add-instmods-silent-check-mode-c-s.patch
Blob Blame History Raw 
From 338b43cd6a97cf767af2953ce5c69240d4c32290 Mon Sep 17 00:00:00 2001
From: Harald Hoyer <harald@redhat.com>
Date: Thu, 5 Jul 2012 10:42:22 +0200
Subject: [PATCH] fips: add instmods silent check mode "-c -s"

---
 dracut-functions.sh              |   18 ++++++++++++------
 modules.d/01fips/module-setup.sh |    4 ++--
 2 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/dracut-functions.sh b/dracut-functions.sh
index 6de7c72..d91e2a4 100755
--- a/dracut-functions.sh
+++ b/dracut-functions.sh
@@ -1290,8 +1290,8 @@ find_kernel_modules () {
     find_kernel_modules_by_path  drivers
 }
 
-# instmods [-c] <kernel module> [<kernel module> ... ]
-# instmods [-c] <kernel subsystem>
+# instmods [-c [-s]] <kernel module> [<kernel module> ... ]
+# instmods [-c [-s]] <kernel subsystem>
 # install kernel modules along with all their dependencies.
 # <kernel subsystem> can be e.g. "=block" or "=drivers/usb/storage"
 instmods() {
@@ -1299,11 +1299,17 @@ instmods() {
     # called [sub]functions inherit _fderr
     local _fderr=9
     local _check=no
+    local _silent=no
     if [[ $1 = '-c' ]]; then
         _check=yes
         shift
     fi
 
+    if [[ $1 = '-s' ]]; then
+        _silent=yes
+        shift
+    fi
+
     function inst1mod() {
         local _ret=0 _mod="$1"
         case $_mod in
@@ -1362,8 +1368,8 @@ instmods() {
         if (($# == 0)); then  # filenames from stdin
             while read _mod; do
                 inst1mod "${_mod%.ko*}" || {
-                    if [ "$_check" = "yes" ]; then
-                        dfatal "Failed to install $_mod"
+                    if [[ "$_check" == "yes" ]]; then
+                        [[ "$_silent" == "no" ]] && dfatal "Failed to install $_mod"
                         return 1
                     fi
                 }
@@ -1371,8 +1377,8 @@ instmods() {
         fi
         while (($# > 0)); do  # filenames as arguments
             inst1mod ${1%.ko*} || {
-                if [ "$_check" = "yes" ]; then
-                    dfatal "Failed to install $1"
+                if [[ "$_check" == "yes" ]]; then
+                    [[ "$_silent" == "no" ]] && dfatal "Failed to install $1"
                     return 1
                 fi
             }
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
index dbf51e3..2d238fb 100755
--- a/modules.d/01fips/module-setup.sh
+++ b/modules.d/01fips/module-setup.sh
@@ -13,13 +13,13 @@ depends() {
 installkernel() {
     local _fipsmodules _mod
     _fipsmodules="aead aes_generic xts aes-x86_64 ansi_cprng cbc ccm chainiv ctr"
-    _fipsmodules+=" des deflate ecb eseqiv hmac seqiv sha256_generic sha512"
+    _fipsmodules+=" des deflate ecb eseqiv hmac seqiv sha256 sha256_generic sha512 sha512_generic"
     _fipsmodules+=" cryptomgr crypto_null tcrypt dm-mod dm-crypt"
 
     mkdir -m 0755 -p "${initdir}/etc/modprobe.d"
 
     for _mod in $_fipsmodules; do
-        if hostonly='' instmods $_mod; then
+        if hostonly='' instmods -c -s $_mod; then
             echo $_mod >> "${initdir}/etc/fipsmodules"
             echo "blacklist $_mod" >> "${initdir}/etc/modprobe.d/fips.conf"
         fi

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation