fips: add instmods silent check mode "-c -s"

2012-07-05 10:42:22 +02:00 · 2012-07-05 10:42:22 +02:00 · 338b43cd6a
parent 394ffc1d97
commit 338b43cd6a
2 changed files with 14 additions and 8 deletions
--- a/dracut-functions.sh
+++ b/dracut-functions.sh
@ -1290,8 +1290,8 @@ find_kernel_modules () {
    find_kernel_modules_by_path  drivers
 }

-# instmods [-c] <kernel module> [<kernel module> ... ]
-# instmods [-c] <kernel subsystem>
+# instmods [-c [-s]] <kernel module> [<kernel module> ... ]
+# instmods [-c [-s]] <kernel subsystem>
 # install kernel modules along with all their dependencies.
 # <kernel subsystem> can be e.g. "=block" or "=drivers/usb/storage"
 instmods() {
@ -1299,11 +1299,17 @@ instmods() {
    # called [sub]functions inherit _fderr
    local _fderr=9
    local _check=no
+    local _silent=no
    if [[ $1 = '-c' ]]; then
        _check=yes
        shift
    fi

+    if [[ $1 = '-s' ]]; then
+        _silent=yes
+        shift
+    fi
+
    function inst1mod() {
        local _ret=0 _mod="$1"
        case $_mod in
@ -1362,8 +1368,8 @@ instmods() {
        if (($# == 0)); then  # filenames from stdin
            while read _mod; do
                inst1mod "${_mod%.ko*}" || {
-                    if [ "$_check" = "yes" ]; then
-                        dfatal "Failed to install $_mod"
+                    if [[ "$_check" == "yes" ]]; then
+                        [[ "$_silent" == "no" ]] && dfatal "Failed to install $_mod"
                        return 1
                    fi
                }
@ -1371,8 +1377,8 @@ instmods() {
        fi
        while (($# > 0)); do  # filenames as arguments
            inst1mod ${1%.ko*} || {
-                if [ "$_check" = "yes" ]; then
-                    dfatal "Failed to install $1"
+                if [[ "$_check" == "yes" ]]; then
+                    [[ "$_silent" == "no" ]] && dfatal "Failed to install $1"
                    return 1
                fi
            }
--- a/modules.d/01fips/module-setup.sh
+++ b/modules.d/01fips/module-setup.sh
@ -13,13 +13,13 @@ depends() {
 installkernel() {
    local _fipsmodules _mod
    _fipsmodules="aead aes_generic xts aes-x86_64 ansi_cprng cbc ccm chainiv ctr"
-    _fipsmodules+=" des deflate ecb eseqiv hmac seqiv sha256_generic sha512"
+    _fipsmodules+=" des deflate ecb eseqiv hmac seqiv sha256 sha256_generic sha512 sha512_generic"
    _fipsmodules+=" cryptomgr crypto_null tcrypt dm-mod dm-crypt"

    mkdir -m 0755 -p "${initdir}/etc/modprobe.d"

    for _mod in $_fipsmodules; do
-        if hostonly='' instmods $_mod; then
+        if hostonly='' instmods -c -s $_mod; then
            echo $_mod >> "${initdir}/etc/fipsmodules"
            echo "blacklist $_mod" >> "${initdir}/etc/modprobe.d/fips.conf"
        fi