#!/bin/bash4 -e
#
# A control(8) srcript to modify the 'ima_hash' kernel command
# line parameter in various system bootloader configuration files.
# Written in Bash 4.
#
# Copyright (C) 2023  Denis Medvedev.
# Copyright (C) 2024  Paul Wolneykien.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

source /etc/control.d/functions
source /usr/sbin/bootloader-utils.bash

new_summary "Set 'ima_hash' Linux kernel command-line parameter"
new_help 'sha512' "Use SHA512 hash with IMA"
new_help 'streebog256' "Use GOST Streebog-256 hash with IMA"
new_help 'streebog512' "Use GOST Streebog-512 hash with IMA"
new_help 'unspecified' "Remove the 'ima_hash' option from the Linux kernel command-line"

REQUEST="$*"

case "$REQUEST" in
    help|'help '*)
	control_help "${REQUEST#help}"
	;;
    list)
	control_list
	;;
    summary)
	control_summary
	;;
    status)
	get_cmdline_all 'ima_hash' || \
	    echo 'unspecified'
	;;
    sha512|streebog256|streebog512|unspecified)
	case "$REQUEST" in
	    sha512|streebog256|streebog512)
		set_cmdline_all 'ima_hash' "$REQUEST"
		;;
	    unspecified)
		del_cmdline_all 'ima_hash'
		;;
	esac
	[[ $SKIP_APPLY != "" && $SKIP_APPLY != 0 ]] || \
	    apply_bootconf
	;;
    *)
	printf '%s: %s\n' "${0##*/}" "Invalid mode: $REQUEST" >&2
	exit 1
	;;
esac
