diff options
| -rwxr-xr-x | modules.d/01fips/fips.sh | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/modules.d/01fips/fips.sh b/modules.d/01fips/fips.sh index 857c3559..f9bdfdf8 100755 --- a/modules.d/01fips/fips.sh +++ b/modules.d/01fips/fips.sh @@ -1,9 +1,9 @@ #!/bin/sh # -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- # ex: ts=8 sw=4 sts=4 et filetype=sh -do_fips() + +do_fipskernel() { - FIPSMODULES=$(cat /etc/fipsmodules) boot=$(getarg boot=) KERNEL=$(uname -r) case "$boot" in @@ -48,7 +48,15 @@ do_fips() info "Umounting /boot" umount /boot +} +do_fips() +{ + FIPSMODULES=$(cat /etc/fipsmodules) + + if ! getarg rd.fips.skipkernel >/dev/null; then + do_fipskernel + fi info "Loading and integrity checking all crypto modules" for module in $FIPSMODULES; do if [ "$module" != "tcrypt" ]; then |