c217956079
Adds an element whose purpose is to set the stage in the resulting image so that a user can generate an image utilizing DIB which can be used in a FIPS configuration without doing so with the input image or after the fact. Change-Id: Ia8a45584a56f6e06856fc2920c333351935dcd9d
13 lines
501 B
YAML
13 lines
501 B
YAML
---
|
|
features:
|
|
- |
|
|
Adds a ``fips`` element which attempts to enable FIPS mode configuration
|
|
into the disk image being created.
|
|
fixes:
|
|
- |
|
|
Fixes a possible case with a FIPS enabled disk image where the
|
|
cryptographic policies may be applied for enforcement of FIPS mode,
|
|
but the underlying kernel command line may be missing. This in particular
|
|
was discovered when testing on Rocky Linux. We now test, and add the FIPS
|
|
kernel command line flag if it is otherwise enabled.
|