Auto check processor AES-NI support before installation

Cucumber asked:

I have one interesting question. I have custom distribution of CentOS Linux 6.3. The installed system needs CPU support for AES-NI for all services to work properly.

Can I add a check for AES support during the installation? I’m using Anaconda, but am willing to consider other ways to do it as well.

Thanks in advance.

My answer:

This would require a kickstart script to be used. Fortunately the kickstart script need only be trivial. You may use this alone (for an otherwise normal interactive installation) or as part of an existing kickstart script.

%pre --erroronfail
grep -q aes /proc/cpuinfo || exit 1

If the CPU doesn’t show this feature, the script will error exit and the installation will stop. Note that while this feature works, it is officially undocumented and not supported by Red Hat. (Not that it matters if you use CentOS…)

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.