#!/bin/bash

cryptof=/proc/sys/crypto/fips_enabled
cryptod=$( dirname $cryptof)

state=$( cat $cryptof )

  for i in $( cat /proc/cmdline ); do
    case "$i" in
	fips\=1)
	bootstate=1
	;;
	*)
	;;
    esac
  done
  if [ -z "$bootstate" ]; then
    bootstate=0
  fi



function mount_tmpfs() {
  mount -t tmpfs tmpfs $cryptod
}
function umount_tmpfs() {
  umount $cryptod
}

case "$1" in
        on)
	if [ $state != 1 ]; then
	  if [ $bootstate = 1 ]; then
	    umount_tmpfs
	    # should do
	  else
	    echo "1" 2>/dev/null > $cryptof || {
		mount_tmpfs
		echo "1" > $cryptof
	    }
	  fi
	fi
	;;
        off)
	if [ $state != 0 ]; then
	  if [ $bootstate = 0 ]; then
	    umount_tmpfs
	  else
	    echo "0" 2>/dev/null > $cryptof || {
		mount -t tmpfs tmpfs $cryptod
		echo "0" > $cryptof
	    }
	  fi
	fi
	;;
        *)
	  echo bootstate: $bootstate
	  echo state: $state
	  exit $state
	;;
esac



