86 lines
3.1 KiB
Diff
86 lines
3.1 KiB
Diff
|
From 338b43cd6a97cf767af2953ce5c69240d4c32290 Mon Sep 17 00:00:00 2001
|
||
|
From: Harald Hoyer <harald@redhat.com>
|
||
|
Date: Thu, 5 Jul 2012 10:42:22 +0200
|
||
|
Subject: [PATCH] fips: add instmods silent check mode "-c -s"
|
||
|
|
||
|
---
|
||
|
dracut-functions.sh | 18 ++++++++++++------
|
||
|
modules.d/01fips/module-setup.sh | 4 ++--
|
||
|
2 files changed, 14 insertions(+), 8 deletions(-)
|
||
|
|
||
|
diff --git a/dracut-functions.sh b/dracut-functions.sh
|
||
|
index 6de7c72..d91e2a4 100755
|
||
|
--- a/dracut-functions.sh
|
||
|
+++ b/dracut-functions.sh
|
||
|
@@ -1290,8 +1290,8 @@ find_kernel_modules () {
|
||
|
find_kernel_modules_by_path drivers
|
||
|
}
|
||
|
|
||
|
-# instmods [-c] <kernel module> [<kernel module> ... ]
|
||
|
-# instmods [-c] <kernel subsystem>
|
||
|
+# instmods [-c [-s]] <kernel module> [<kernel module> ... ]
|
||
|
+# instmods [-c [-s]] <kernel subsystem>
|
||
|
# install kernel modules along with all their dependencies.
|
||
|
# <kernel subsystem> can be e.g. "=block" or "=drivers/usb/storage"
|
||
|
instmods() {
|
||
|
@@ -1299,11 +1299,17 @@ instmods() {
|
||
|
# called [sub]functions inherit _fderr
|
||
|
local _fderr=9
|
||
|
local _check=no
|
||
|
+ local _silent=no
|
||
|
if [[ $1 = '-c' ]]; then
|
||
|
_check=yes
|
||
|
shift
|
||
|
fi
|
||
|
|
||
|
+ if [[ $1 = '-s' ]]; then
|
||
|
+ _silent=yes
|
||
|
+ shift
|
||
|
+ fi
|
||
|
+
|
||
|
function inst1mod() {
|
||
|
local _ret=0 _mod="$1"
|
||
|
case $_mod in
|
||
|
@@ -1362,8 +1368,8 @@ instmods() {
|
||
|
if (($# == 0)); then # filenames from stdin
|
||
|
while read _mod; do
|
||
|
inst1mod "${_mod%.ko*}" || {
|
||
|
- if [ "$_check" = "yes" ]; then
|
||
|
- dfatal "Failed to install $_mod"
|
||
|
+ if [[ "$_check" == "yes" ]]; then
|
||
|
+ [[ "$_silent" == "no" ]] && dfatal "Failed to install $_mod"
|
||
|
return 1
|
||
|
fi
|
||
|
}
|
||
|
@@ -1371,8 +1377,8 @@ instmods() {
|
||
|
fi
|
||
|
while (($# > 0)); do # filenames as arguments
|
||
|
inst1mod ${1%.ko*} || {
|
||
|
- if [ "$_check" = "yes" ]; then
|
||
|
- dfatal "Failed to install $1"
|
||
|
+ if [[ "$_check" == "yes" ]]; then
|
||
|
+ [[ "$_silent" == "no" ]] && dfatal "Failed to install $1"
|
||
|
return 1
|
||
|
fi
|
||
|
}
|
||
|
diff --git a/modules.d/01fips/module-setup.sh b/modules.d/01fips/module-setup.sh
|
||
|
index dbf51e3..2d238fb 100755
|
||
|
--- a/modules.d/01fips/module-setup.sh
|
||
|
+++ b/modules.d/01fips/module-setup.sh
|
||
|
@@ -13,13 +13,13 @@ depends() {
|
||
|
installkernel() {
|
||
|
local _fipsmodules _mod
|
||
|
_fipsmodules="aead aes_generic xts aes-x86_64 ansi_cprng cbc ccm chainiv ctr"
|
||
|
- _fipsmodules+=" des deflate ecb eseqiv hmac seqiv sha256_generic sha512"
|
||
|
+ _fipsmodules+=" des deflate ecb eseqiv hmac seqiv sha256 sha256_generic sha512 sha512_generic"
|
||
|
_fipsmodules+=" cryptomgr crypto_null tcrypt dm-mod dm-crypt"
|
||
|
|
||
|
mkdir -m 0755 -p "${initdir}/etc/modprobe.d"
|
||
|
|
||
|
for _mod in $_fipsmodules; do
|
||
|
- if hostonly='' instmods $_mod; then
|
||
|
+ if hostonly='' instmods -c -s $_mod; then
|
||
|
echo $_mod >> "${initdir}/etc/fipsmodules"
|
||
|
echo "blacklist $_mod" >> "${initdir}/etc/modprobe.d/fips.conf"
|
||
|
fi
|