When I tried it on rhevh ISO, fips dracut module required kernel hmac file[1] which is currently not handled by livecd-creator (only initramfs and vmlinuz are copied to isolinux folder) so that needs to fixed first.

On a normal RHEL-6 system, this is provided by the kernel RPM e.g.
/boot/.vmlinuz-2.6.32-217.el6.x86_64.hmac
but I don't see that in F16 kernel RPM. How is FIPS, if at all, working in Fedora?

[1] http://git.kernel.org/?p=boot/dracut/dracut.git;a=blob;f=modules.d/01fips/fips.sh;h=67eefb819bfb3b61076c14b2d06380f546083de9;hb=HEAD#l64

*** Bug 794868 has been marked as a duplicate of this bug. ***

I understood this is all moved from dracut into systemd

It can't move away from dracut due to needing to check the kernel for integrity during stage2. Someone misspoke or confused this with another feature.

Harald,

did you merge the latest FIPS dracut changes into upstream?

pushing to target release 3.5, assuming its not planned for 3.4 at this point...

(In reply to Fabian Deutsch from comment #6)
> Harald,
> 
> did you merge the latest FIPS dracut changes into upstream?

yes

Closing old bugs. If this issue is still relevant/important in current version, please re-open the bug.