kernel
/
dracut
mirror of https://git.kernel.org/pub/scm/boot/dracut/dracut.git/
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
4,940 Commits
1 Branch
68 Tags
6.7 MiB
Commit Graph

35 Commits (c9b5165daa666d5aec44a3ac6c56786b8df1b58f)

Author SHA1 Message Date
Lukas Nykryn 0a50111ab3 01fips: add authenec module 
Resolves: #1465946
 2017-06-28 17:46:04 +02:00
Lukas Nykryn 63c7b358f5 fips: add cmac kernel module 
cmac is now marked as fips_allowed

Resolves: rhbz#1460865
 2017-06-13 10:29:54 +02:00
Harald Hoyer 7c29d205f4 fips: use /lib/modules/$(uname -r)/modules.fips 
if /lib/modules/$(uname -r)/modules.fips exists, use that list instead
of the hardcoded dracut module list.
 2017-01-25 16:39:09 +01:00
Harald Hoyer 1d832b4bf4 fips: precreate /dev/random /dev/urandom 
otherwise libgcrypt might be unhappy, if used before devtmpfs is mounted

https://bugzilla.redhat.com/show_bug.cgi?id=1401444
 2017-01-18 10:34:00 +01:00
Lukas Nykryn 1c132d39a6 fips-module: add missing space 2016-07-28 12:33:03 +02:00
Harald Hoyer c97209fe69 fips: add authenc and authencesn kernel modules 
https://bugzilla.redhat.com/show_bug.cgi?id=1115112#c5
 2015-11-11 11:48:32 +01:00
Harald Hoyer 822a7ae504 fips: add some s390 kernel modules 2015-04-28 10:46:33 +02:00
Harald Hoyer 7e9341434f fips: add drbg kernel module 2015-02-19 10:45:35 +01:00
Harald Hoyer 4089949033 fips: remove c&p "and" 2015-01-09 14:53:42 +01:00
Harald Hoyer 3659d64df3 fips: add libfreeblpriv3.so and libfreeblpriv3.chk 2014-11-28 15:32:17 +01:00
Harald Hoyer 967cc19ab1 remove all vim and emacs code format comments 2014-08-29 13:38:47 +02:00
Harald Hoyer 185e940e27 fips: also install /etc/system-fips in the initramfs 2013-11-04 17:32:22 +01:00
Kyle McMartin 0a8e91bb24 fips: include crct10dif_generic 
Resolves: rhbz#1024455
 2013-10-30 12:35:27 +01:00
Harald Hoyer 8bcfd683bd */module-setup.sh: add comments for dracut called functions 2013-10-08 10:37:56 +02:00
Harald Hoyer af11946054 dracut-functions.sh: inst_multiple == dracut_install 2013-08-07 10:33:15 +02:00
Baoquan He 15b93069bb 01fips/module-setup.sh: add libssl.so.10 to make kdump work with fips mode 
FIPS can work well in 1st kernel, but failed in kdump kernel. the
libssl.so.10 and related hmac file are needed. Now add it and it
works.

Signed-off-by: Baoquan He <bhe@redhat.com>
 2013-05-28 14:26:31 +02:00
Harald Hoyer 6f4c2dada4 fixed fips mode 
- preserve timestamps
- copy /lib*/hmaccalc files
- run sha512hmac after kernel module loading
- add more fips kernel modules
 2013-04-25 19:44:01 +02:00
Harald Hoyer 1161f03777 fips: add lzo module 2013-03-08 07:05:55 +01:00
Harald Hoyer 0fc0dcff60 bye bye iscsi_wait_scan ... officially gone for kernel 3.6 2012-09-18 13:39:54 +02:00
Milan Broz 104727ad6e Require fipscheck and libssl in FIPS module 
To properly perform verification in FIPS mode,
we need to install fipscheck and libssl explicitly.

(cryptsetup seems to be the first user of this verification in ramdisk...)

Signed-off-by: Milan Broz <mbroz@redhat.com>
 2012-08-24 09:26:59 +02:00
Milan Broz 4ee59ab3ed Fix fips module list. 
If dracut is build only with fips/fips-aesni (no crypto module),
FIPS mode fails because of missing GCM modules.

Just add proper modules to list (kernel have both maker as FIPS compliant already).

Signed-off-by: Milan Broz <mbroz@redhat.com>
 2012-07-16 16:58:51 +02:00
Harald Hoyer 338b43cd6a fips: add instmods silent check mode "-c -s" 2012-07-05 11:15:42 +02:00
Harald Hoyer 0251fcd400 fips: change module list 2012-07-05 10:11:27 +02:00
Harald Hoyer 0d339e7ffb fips/module-setup.sh: s/aes-xts/xts 2012-06-29 12:41:27 +02:00
Harald Hoyer 53fe81e752 modules.d/*/module-setup.sh: combine and specify type for installs 
To speedup image creation, combine dracut_install calls and specify the exact type.
E.g. inst_script instead of the generic inst.
 2012-06-29 12:41:27 +02:00
Harald Hoyer d77540c8e4 get rid of libdir and usrlibdir 2012-06-04 15:23:15 +02:00
Harald Hoyer 51153fb18c removed scsi_wait_scan from standard install 2012-05-31 09:14:17 +02:00
Jon Ander Hernandez c9143a63fe Debian multiarch support 
Another solution could be searching in directories found at
/etc/ld.so.conf.d/*.conf or adding a new parameter. Here is a patch
which adds a new --libdirs parameter, and also a new inst_libdir_file
function which will try to expand metacharacters on each lib
directory:

    inst_libdir_file "libdevmapper-event-lvm*.so"
 2012-04-16 14:46:53 +02:00
Harald Hoyer 078acb598b fips: fixed aes_generic module typo 2012-04-02 09:01:49 +02:00
Harald Hoyer 814fa9a58f 01fips/installkernel: add dm-mod and dm-crypt to the fipsmodules 
https://bugzilla.redhat.com/show_bug.cgi?id=707609
 2011-08-11 14:27:25 +02:00
Harald Hoyer 29b10e65b1 dracut-functions: make local vars local and prefix with "_" 2011-05-12 11:06:47 +02:00
Harald Hoyer 3b403b32fc removed trailing whitespaces 2011-05-10 11:56:09 +02:00
Harald Hoyer 4257798f8a fips: forward port RHEL-6 fips changes 
- also support FIPS on separate LVM partition
- use small settle loop to get /boot
- "set -e" has no effect, if we use "||"
- make fips work with encrypted root and seperate boot
- moved to pre-pivot to support /boot in /
 2011-05-02 11:15:46 +02:00
Harald Hoyer d125a47061 mkdir always with -m 0755 2011-04-08 10:39:46 +02:00
Harald Hoyer 71df3c4329 renamed module-info.sh to module-setup.sh 2011-02-02 16:35:18 +01:00