kernel
/
dracut
mirror of https://git.kernel.org/pub/scm/boot/dracut/dracut.git/
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Try BOOT_IMAGE and fallback to vmlinuz-${KERNEL} 

On s390 BOOT_IMAGE only denotes the number of the boot record that
was selected in the bootloader and not the path to the kernel image.

Also only bail out, if the kernel hmac checking relies on that path.
master
Harald Hoyer 2017-06-29 10:38:09 +02:00
parent 44302d6f28
commit 3d875f77f3
1 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
modules.d/01fips/fips.sh
View File

@ -77,12 +77,6 @@ do_fips()
local _module

KERNEL=$(uname -r)
BOOT_IMAGE="$(getarg BOOT_IMAGE)"
BOOT_IMAGE="${BOOT_IMAGE:-/vmlinuz-${KERNEL}}"
if ! [ -e "/boot/.${BOOT_IMAGE}.hmac" ] && ! [ -e "/boot/.vmlinuz-${KERNEL}.hmac" ]; then
warn "/boot/.${BOOT_IMAGE}.hmac does not exist"
return 1
fi

FIPSMODULES=$(cat /etc/fipsmodules)

@ -115,6 +109,13 @@ do_fips()
elif [ -e "/run/initramfs/live/isolinux/vmlinuz0" ]; then
do_rhevh_check /run/initramfs/live/isolinux/vmlinuz0 || return 1
else
BOOT_IMAGE="$(getarg BOOT_IMAGE)"
[ -e "/boot/.${BOOT_IMAGE}.hmac" ] || BOOT_IMAGE="vmlinuz-${KERNEL}"

if ! [ -e "/boot/.${BOOT_IMAGE}.hmac" ]; then
warn "/boot/.${BOOT_IMAGE}.hmac does not exist"
return 1
fi
sha512hmac -c "/boot/.${BOOT_IMAGE}.hmac" || return 1
fi