Am Mittwoch, 17. August 2016, 14:52:32 CEST schrieb Tapas Sarangi: Hi Tapas, (please, do not top-post) > Hi Stephan, > > Yes, can you give me some more detail about your findings on dracut-fips > !? This seems to be the major difference between our test environments > where a bunch of algorithms are failing self-test during boot with fips=1. cmac must be statically compiled as otherwise dracut-fips does not find it (it misses it in the module list). The authenc() cipher must not be compiled as somehow the modprobe in dracut- fips does not find some components -- I am not sure what the issue is yet. I even have compiled all parts forming an authenc cipher (authenc, hmac, the hashes, the block chaining modes, the symmetric ciphers) to be bound into the kernel statically. But still, something is not found by the tcrypt module in dracut-fips. Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
