8f5c5 broke the case where BOOT_IMAGE is not set at all.
This code should handle following:
1) BOOT_IMAGE not set
2) BOOT_IMAGE set to something unrelated (s390)
3) BOOT_IMAGE=vmlinuz-4.14.7-300.fc27.x86_64
4) BOOT_IMAGE=/vmlinuz-4.14.7-300.fc27.x86_64
5) BOOT_IMAGE=/boot/vmlinuz-4.14.7-300.fc27.x86_64
6) BOOT_IMAGE=subdir/vmlinuz-4.14.7-300.fc27.x86_64
7) BOOT_IMAGE=/subdir/vmlinuz-4.14.7-300.fc27.x86_64
8) BOOT_IMAGE=/boot/subdir/vmlinuz-4.14.7-300.fc27.x86_64
https://bugzilla.redhat.com/show_bug.cgi?id=1415032
Old code did not work for two most common use-cases.
On most machines BOOT_IMAGE is set to something like
/vmlinuz-4.11.3-202.fc25.x86_64. So if we just add prefix "/boot/."
it won't work. Also on machines without /boot on separate partition
BOOT_IMAGE already has the /boot/ prefix (/boot/vmlinuz-3.10.0-799.el7.x86_64).
So let's strip it in such case.
https://bugzilla.redhat.com/show_bug.cgi?id=1415032
On s390 BOOT_IMAGE only denotes the number of the boot record that
was selected in the bootloader and not the path to the kernel image.
Also only bail out, if the kernel hmac checking relies on that path.
If new kernels have modules split out, handle the case, where modules
have to modalias and just install them.
Also add the crypto drivers and names to host_modalias.
otherwise sha512hmac will error out with:
sha512hmac -c /sysroot/boot/.vmlinuz-2.6.32-220.el6.x86_64.hmac
Error opening "/boot/vmlinuz-2.6.32-220.el6.x86_64": No such file or directory.
- also support FIPS on separate LVM partition
- use small settle loop to get /boot
- "set -e" has no effect, if we use "||"
- make fips work with encrypted root and seperate boot
- moved to pre-pivot to support /boot in /
Renaud Métrich