From d8b7acc40604bf9d61c566344811aa8e10ca5d77 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Jul 28 2020 19:06:22 +0000
Subject: import dracut-049-94.git20200709.el8


---

diff --git a/SOURCES/0091.patch b/SOURCES/0091.patch
index bced4a8..ab3411e 100644
--- a/SOURCES/0091.patch
+++ b/SOURCES/0091.patch
@@ -47,3 +47,4 @@ index 253ae194..51f79422 100644
          }
  
          return ret;
+
diff --git a/SOURCES/0092.patch b/SOURCES/0092.patch
new file mode 100644
index 0000000..d88db81
--- /dev/null
+++ b/SOURCES/0092.patch
@@ -0,0 +1,55 @@
+From 818746166fec7c1e572ef12618edadc0535d4663 Mon Sep 17 00:00:00 2001
+From: Kairui Song <kasong@redhat.com>
+Date: Tue, 9 Jun 2020 03:03:18 +0800
+Subject: [PATCH] dracut.sh: Move the library workaround after squash
+
+Ensure the workaround is also valid when dracut-squash module is used
+
+Signed-off-by: Kairui Song <kasong@redhat.com>
+(cherry picked from commit de3cb0e3214c3fbab3a94e705445b4d1c2bf0dff)
+
+Cherry-picked from: de3cb0e3214c3fbab3a94e705445b4d1c2bf0dff
+Resolves: #1841077
+---
+ dracut.sh | 20 +++++++++++---------
+ 1 file changed, 11 insertions(+), 9 deletions(-)
+
+diff --git a/dracut.sh b/dracut.sh
+index 487add57..4c5176a1 100755
+--- a/dracut.sh
++++ b/dracut.sh
+@@ -1578,15 +1578,6 @@ if [[ $kernel_only != yes ]]; then
+     # Now we are done with lazy resolving, always install dependencies
+     unset DRACUT_RESOLVE_LAZY
+     export DRACUT_RESOLVE_DEPS=1
+-
+-    # libpthread workaround: pthread_cancel wants to dlopen libgcc_s.so
+-    for _dir in $libdirs; do
+-        for _f in "$_dir/libpthread.so"*; do
+-            [[ -e "$_f" ]] || continue
+-            inst_libdir_file "libgcc_s.so*"
+-            break 2
+-        done
+-    done
+ fi
+ 
+ for ((i=0; i < ${#include_src[@]}; i++)); do
+@@ -1840,6 +1831,17 @@ if dracut_module_included "squash"; then
+     done
+ fi
+ 
++if [[ $kernel_only != yes ]]; then
++    # libpthread workaround: pthread_cancel wants to dlopen libgcc_s.so
++    for _dir in $libdirs; do
++        for _f in "$dracutsysrootdir$_dir/libpthread.so"*; do
++            [[ -e "$_f" ]] || continue
++            inst_libdir_file "libgcc_s.so*"
++            break 2
++        done
++    done
++fi
++
+ if [[ $do_strip = yes ]] && ! [[ $DRACUT_FIPS_MODE ]]; then
+     dinfo "*** Stripping files ***"
+     find "$initdir" -type f \
+
diff --git a/SOURCES/0093.patch b/SOURCES/0093.patch
new file mode 100644
index 0000000..470f61a
--- /dev/null
+++ b/SOURCES/0093.patch
@@ -0,0 +1,42 @@
+From d8c0b10b15940d88a28acbcf93354e4da0babb8d Mon Sep 17 00:00:00 2001
+From: Kairui Song <kasong@redhat.com>
+Date: Wed, 10 Jun 2020 15:57:20 +0800
+Subject: [PATCH] dracut.sh: FIPS workaround for openssl-libs on Fedora/RHEL
+
+On Fedora/RHEL, libcryto will verify both itself and libssl on start, if
+libssl is missing, FIPS self test will fail. However libssl is not a
+dependency of libcryto so dracut will not install it, unless some other
+binary or library pulls it in. Systemd requires libssl, so in most cases
+it just worked, but could fail in some corner cases where systemd is not
+used.
+
+Signed-off-by: Kairui Song <kasong@redhat.com>
+(cherry picked from commit 5a4c3469338410b6aea9452994b4b0af1ba59be7)
+
+Resolves: #1841077
+---
+ dracut.sh | 11 +++++++++++
+ 1 file changed, 11 insertions(+)
+
+diff --git a/dracut.sh b/dracut.sh
+index 4c5176a1..86e95449 100755
+--- a/dracut.sh
++++ b/dracut.sh
+@@ -1840,6 +1840,17 @@ if [[ $kernel_only != yes ]]; then
+             break 2
+         done
+     done
++
++    # FIPS workaround for Fedora/RHEL: libcrypto needs libssl when FIPS is enabled
++    if [[ $DRACUT_FIPS_MODE ]]; then
++      for _dir in $libdirs; do
++          for _f in "$dracutsysrootdir$_dir/libcrypto.so"*; do
++              [[ -e "$_f" ]] || continue
++              inst_libdir_file -o "libssl.so*"
++              break 2
++          done
++      done
++    fi
+ fi
+ 
+ if [[ $do_strip = yes ]] && ! [[ $DRACUT_FIPS_MODE ]]; then
diff --git a/SPECS/dracut.spec b/SPECS/dracut.spec
index 8e19cf9..8908af4 100644
--- a/SPECS/dracut.spec
+++ b/SPECS/dracut.spec
@@ -5,7 +5,7 @@
 # strip the automatically generated dep here and instead co-own the
 # directory.
 %global __requires_exclude pkg-config
-%define dist_free_release 92.git20200702
+%define dist_free_release 94.git20200709
 
 Name: dracut
 Version: 049
@@ -119,6 +119,8 @@ Patch88: 0088.patch
 Patch89: 0089.patch
 Patch90: 0090.patch
 Patch91: 0091.patch
+Patch92: 0092.patch
+Patch93: 0093.patch
 
 Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
 
@@ -579,6 +581,10 @@ echo '# Since rhel-8.3 dracut moved to use NetworkManager
 add_dracutmodules+=" network-legacy "' > /etc/dracut.conf.d/50-network-legacy.conf
 
 %changelog
+* Thu Jul 09 2020 Lukas Nykryn <lnykryn@redhat.com> - 049-94.git20200709
+- dracut.sh: Move the library workaround after squash
+- dracut.sh: FIPS workaround for openssl-libs on Fedora/RHEL
+
 * Thu Jul 02 2020 Lukas Nykryn <lnykryn@redhat.com> - 049-92.git20200702
 - install/dracut-install.c: install module dependencies of
 - install: also install post weak dependencies of kernel