From 4663e6f293c4e96250840b374f0ee6fc1051ad36 Mon Sep 17 00:00:00 2001
From: Coiby Xu <coxu@redhat.com>
Date: Mon, 15 Dec 2025 16:54:33 +0800
Subject: [PATCH] Add persisent device if FIPS is enabled

Resolves: https://issues.redhat.com/browse/RHEL-127439
Conflict: None

commit 2de96daa10a7e30a7b1a6bb4331e831a8f794c4a
Author: Harshvardhan Jha <harshvardhan.j.jha@oracle.com>
Date:   Thu Oct 30 00:59:17 2025 -0700

    Add persisent device if FIPS is enabled

    mkdumprd has a code to add a disk to kdump initramfs, in case FIPS is
    enabled and /boot is on a separate partition. This code used to work,
    since dracut was not force checking that added disk is in fact
    available. Since dracut commit c79fc8f dracut in fact checks for added
    device, and since disk name could have been changed between live system
    and kdump initramfs, kdump can fail.
    To resolve this problem we re-use get_persistent_dev from
    dracut-functions.sh which will be sourced by mkdrumpd to get persistent
    device name.

    Signed-off-by: Alex Burmashev <alexander.burmashev@oracle.com>
    Signed-off-by: Harshvardhan Jha <harshvardhan.j.jha@oracle.com>

Signed-off-by: Coiby Xu <coxu@redhat.com>
---
 ...-persisent-device-if-FIPS-is-enabled.patch | 39 +++++++++++++++++++
 kdump-utils.spec                              |  2 +
 2 files changed, 41 insertions(+)
 create mode 100644 0008-Add-persisent-device-if-FIPS-is-enabled.patch

diff --git a/0008-Add-persisent-device-if-FIPS-is-enabled.patch b/0008-Add-persisent-device-if-FIPS-is-enabled.patch
new file mode 100644
index 0000000..2333624
--- /dev/null
+++ b/0008-Add-persisent-device-if-FIPS-is-enabled.patch
@@ -0,0 +1,39 @@
+From 2de96daa10a7e30a7b1a6bb4331e831a8f794c4a Mon Sep 17 00:00:00 2001
+From: Harshvardhan Jha <harshvardhan.j.jha@oracle.com>
+Date: Thu, 30 Oct 2025 00:59:17 -0700
+Subject: [PATCH] Add persisent device if FIPS is enabled
+
+mkdumprd has a code to add a disk to kdump initramfs, in case FIPS is
+enabled and /boot is on a separate partition. This code used to work,
+since dracut was not force checking that added disk is in fact
+available. Since dracut commit c79fc8f dracut in fact checks for added
+device, and since disk name could have been changed between live system
+and kdump initramfs, kdump can fail.
+To resolve this problem we re-use get_persistent_dev from
+dracut-functions.sh which will be sourced by mkdrumpd to get persistent
+device name.
+
+Signed-off-by: Alex Burmashev <alexander.burmashev@oracle.com>
+Signed-off-by: Harshvardhan Jha <harshvardhan.j.jha@oracle.com>
+---
+ mkdumprd | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/mkdumprd b/mkdumprd
+index caca83b..f1116d1 100644
+--- a/mkdumprd
++++ b/mkdumprd
+@@ -433,8 +433,9 @@ if ! is_fadump_capable; then
+ 	# to /sysroot beforehand.
+ 	if [[ $(cat /proc/sys/crypto/fips_enabled 2> /dev/null) == 1 ]]; then
+ 		_boot_source=$(findmnt -n -o SOURCE --target /boot)
++		_disk_persistent=$(get_persistent_dev "$_boot_source")
+ 		if mountpoint -q /boot; then
+-			dracut_args+=(--add-device "$_boot_source")
++			dracut_args+=(--add-device "$_disk_persistent")
+ 		else
+ 			add_mount "$_boot_source"
+ 		fi
+-- 
+2.52.0
+
diff --git a/kdump-utils.spec b/kdump-utils.spec
index 98dc310..f907e29 100644
--- a/kdump-utils.spec
+++ b/kdump-utils.spec
@@ -15,6 +15,8 @@ Patch04: 0004-Restore-SELinux-label-of-crypttab-file.patch
 Patch05: 0005-Allow-sudo-kdumpctl-for-LUKS-dump-target.patch
 Patch06: 0006-Revert-Strip-surrounding-quotes-from-configuration-v.patch
 Patch07: 0007-kdump-lib-initramfs-rewrite-kdump_get_conf_val.patch
+Patch08: 0008-Add-persisent-device-if-FIPS-is-enabled.patch
+
 
 %ifarch ppc64 ppc64le
 Requires(post): servicelog