From f78ca701b71fc489ee1b22ede3205fc9dc63c119 Mon Sep 17 00:00:00 2001
From: Milan Lysonek <mlysonek@redhat.com>
Date: Wed, 17 Aug 2022 09:36:19 +0200
Subject: [PATCH 08/11] Merge pull request #9355 from
 yuumasato/enable_fips_mode_s390x_no_grubenv

Patch-name: scap-security-guide-0.1.64-fix_fips_enable_fips_mode_x390x-PR_9355.patch
Patch-status: Don't fail enable_fips_mode if /etc/grubenv is missing on s390x
---
 .../integrity/fips/enable_fips_mode/oval/shared.xml      | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
index 65056a654c..7af675de0d 100644
--- a/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
+++ b/linux_os/guide/system/software/integrity/fips/enable_fips_mode/oval/shared.xml
@@ -7,9 +7,16 @@
       <extend_definition comment="Dracut FIPS module is enabled" definition_ref="enable_dracut_fips_module" />
       <extend_definition comment="system cryptography policy is configured" definition_ref="configure_crypto_policy" />
       <criterion comment="check if system crypto policy selection in var_system_crypto_policy in the profile is set to FIPS" test_ref="test_system_crypto_policy_value" />
-      {{% if product in ["ol8","rhel8"] %}}
+      {{% if product in ["ol8"] %}}
       <criterion comment="check if the kernel boot parameter is configured for FIPS mode"
       test_ref="test_grubenv_fips_mode" />
+      {{% elif product in ["rhel8"] %}}
+      <criteria operator="OR">
+        <extend_definition comment="Generic test for s390x architecture"
+        definition_ref="system_info_architecture_s390_64" />
+        <criterion comment="check if the kernel boot parameter is configured for FIPS mode"
+        test_ref="test_grubenv_fips_mode" />
+      </criteria>
       {{% endif %}}
     </criteria>
   </definition>
-- 
2.37.2