89f9350d9e
- Fix dmraid issue bnc#905746 A dracut_dmraid_use_udev.patch - Taken over from SLE12 A fips_add_aesni-intel.patch - Do not touch /run vs /var/run bnc#922676 D 0106-dracut-Enable-converting-of-directory-var-run-var-lo.patch - Update dracut to version 042 Remove these already included or unneeded patches: D dracut_v041_to_HEAD.patch D 0011-Correct-paths-for-openSUSE.patch D 0068-95fcoe-uefi-Test-for-EFI-firmware.patch D 0170-enable-logitech-hidpp.patch Adjust/refresh: M 0015-40network-replace-dhclient-with-wickedd-dhcp-supplic.patch M 0016-Add-new-s390x-specific-rule-files.patch M 0017-45ifcfg-use-distro-specific-scripts.patch M 0019-40network-Fix-race-condition-when-wait-for-networks.patch M 0020-00warpclock-Set-correct-timezone.patch M 0021-95dcssblk-Add-new-module-for-DCSS-block-devices.patch M 0048-40network-Only-enable-network-interfaces-if-explicit.patch M 0053-01fips-fixup-loading-issues.patch M 0056-81cio_ignore-handle-cio_ignore-commandline.patch M 0057-01fips-Include-some-more-hmacs.patch M 0058-dracut-add-warning-when-including-unsupported-module.patch M 0059-99suse-Add-SUSE-specific-initrd-parsing.patch M 0060-45ifcfg-Add-SUSE-specific-write-ifcfg-file.patch M 0061-45ifcfg-Fixup-error-message-in-write-ifcfg-suse.patch M 0066-40network-always-start-netroot-in-ifup.sh.patch M 0075-95dasd_rules-enable-parsing-of-rd.dasd-commandline-p.patch M 0076-Correctly-set-cio_ignore-for-dynamic-s390-rules.patch OBS-URL: https://build.opensuse.org/request/show/314510 OBS-URL: https://build.opensuse.org/package/show/Base:System/dracut?expand=0&rev=219
63 lines
2.6 KiB
Diff
63 lines
2.6 KiB
Diff
From c0fd9c31e9044b99edb850c4af229887b616e828 Mon Sep 17 00:00:00 2001
|
|
From: Hannes Reinecke <hare@suse.de>
|
|
Date: Mon, 2 Jun 2014 15:02:04 +0200
|
|
Subject: [PATCH] 01fips: fixup loading issues
|
|
|
|
Adjust the FIPS module list to avoid loading issues
|
|
|
|
References: bnc#875855
|
|
|
|
Signed-off-by: Marcus Meissner <meissner@suse.de>
|
|
---
|
|
modules.d/01fips/fips.sh | 12 ++++++++++++
|
|
modules.d/01fips/module-setup.sh | 12 +++++++++---
|
|
2 files changed, 21 insertions(+), 3 deletions(-)
|
|
|
|
Index: dracut-042/modules.d/01fips/fips.sh
|
|
===================================================================
|
|
--- dracut-042.orig/modules.d/01fips/fips.sh 2015-06-11 17:39:47.000000000 +0200
|
|
+++ dracut-042/modules.d/01fips/fips.sh 2015-06-24 18:02:07.817284113 +0200
|
|
@@ -98,6 +98,18 @@ do_fips()
|
|
_found=1
|
|
break
|
|
done </proc/crypto
|
|
+ # If we find some hardware specific modules and cannot load them
|
|
+ # it is not a problem, proceed.
|
|
+ if [ "$_found" = "0" ]; then
|
|
+ if [ "$_module" != "${_module%-intel}" \
|
|
+ -o "$_module" != "${_module%-ssse3}" \
|
|
+ -o "$_module" != "${_module%-x86_64}" \
|
|
+ -o "$_module" != "${_module%z90}" \
|
|
+ ]; then
|
|
+ _found=1
|
|
+ fi
|
|
+ fi
|
|
+
|
|
[ "$_found" = "0" ] && return 1
|
|
fi
|
|
fi
|
|
Index: dracut-042/modules.d/01fips/module-setup.sh
|
|
===================================================================
|
|
--- dracut-042.orig/modules.d/01fips/module-setup.sh 2015-06-11 17:39:47.000000000 +0200
|
|
+++ dracut-042/modules.d/01fips/module-setup.sh 2015-06-24 18:02:07.817284113 +0200
|
|
@@ -19,6 +19,8 @@ installkernel() {
|
|
_fipsmodules+="rmd160 rmd256 rmd320 rot13 salsa20 seed seqiv serpent sha1 sha224 sha256 sha256_generic "
|
|
_fipsmodules+="sha384 sha512 sha512_generic tcrypt tea tnepres twofish wp256 wp384 wp512 xeta xtea xts zlib"
|
|
_fipsmodules+="aes_s390 des_s390 prng sha256_s390 sha_common des_check_key ghash_s390 sha1_s390 sha512_s390"
|
|
+ _fipsmodules+="sha512-ssse3 sha1-ssse3 sha256-ssse3 "
|
|
+ _fipsmodules+="ghash-clmulni-intel "
|
|
|
|
mkdir -m 0755 -p "${initdir}/etc/modprobe.d"
|
|
|
|
@@ -44,7 +46,9 @@ install() {
|
|
libssl.so 'hmaccalc/sha512hmac.hmac' libssl.so.10 \
|
|
libfreeblpriv3.so libfreeblpriv3.chk
|
|
|
|
- inst_multiple -o prelink
|
|
+ # we do not use prelink at SUSE
|
|
+ #inst_multiple -o prelink
|
|
+
|
|
inst_simple /etc/system-fips
|
|
}
|
|
|