From 89d0487847dcba86d39909b19a95689186f53410 Mon Sep 17 00:00:00 2001
From: Andrew Lukoshko <andrew.lukoshko@gmail.com>
Date: Wed, 27 Apr 2022 15:24:45 +0000
Subject: [PATCH] AlmaLinux changes

---
 SOURCES/almalinuxdup1.x509      | Bin 0 -> 995 bytes
 SOURCES/almalinuxkpatch1.x509   | Bin 0 -> 988 bytes
 SOURCES/clsecureboot001.cer     | Bin 0 -> 1561 bytes
 SOURCES/redhatsecureboot003.cer | Bin 829 -> 0 bytes
 SOURCES/redhatsecureboot401.cer | Bin 978 -> 0 bytes
 SOURCES/redhatsecurebootca2.cer | Bin 872 -> 0 bytes
 SOURCES/redhatsecurebootca4.cer | Bin 934 -> 0 bytes
 SOURCES/x509.genkey             |   6 +--
 SPECS/kernel.spec               |  66 ++++++++++++++------------------
 9 files changed, 32 insertions(+), 40 deletions(-)
 create mode 100644 SOURCES/almalinuxdup1.x509
 create mode 100644 SOURCES/almalinuxkpatch1.x509
 create mode 100644 SOURCES/clsecureboot001.cer
 delete mode 100644 SOURCES/redhatsecureboot003.cer
 delete mode 100644 SOURCES/redhatsecureboot401.cer
 delete mode 100644 SOURCES/redhatsecurebootca2.cer
 delete mode 100644 SOURCES/redhatsecurebootca4.cer

diff --git a/SOURCES/almalinuxdup1.x509 b/SOURCES/almalinuxdup1.x509
new file mode 100644
index 0000000000000000000000000000000000000000..29720140fbee0cf2f4cf3f67c8397db54c22f071
GIT binary patch
literal 995
zcmXqLV!m(C#B_WCGZP~dlR$FEyqw>8{>5GH$@aZzVZsKyY@Awc9&O)w85y}*84MB(
zRSlHkLY$0ZV#TS+rA3(~l@5tHxrsTMd8HM4`9<l5LIwhC%%Ln?!kmskaUYPlp|XJ@
zNQ_xn3NEG)4AP#e;FO<VqTuYPU}zvG&TC|7U}$IpB+U&iqr`cQ&464(DAyp95*O$g
zXhB?{jBtTVQD#|ckwR%fN@7W>LUCq#US?jpLUwAUK@+1Avi})b8JL?G`5A!XTue=j
zj123ZNKRR()t6VrVddXye^5T8T4B~o>%t$eKL;F|{3))^ed>HR7LiW}UMnsA9`^Sw
z|57<ipH@Xala5585{s}oj74*%{@Cwnb7hU^udS|3_gqxO+YWCvTX`$}lgvr!^iYOt
zrHw^lQUZIQoL*EvYfsI-gQ{08+@3!=`f1wgrR|I>3uISJ=G<WSC%VdK&&&e8ZB0Q-
zW=Q_tnfd45O`qDRrU%YtreCE0f7oUaFnf0I!38T9tT|euUi|LU%kPf!^d=ZQRGA+q
z`(@R}Q+qv%AFsSCXuRZNLFhGh%gIaf&R9&zpWL(3QSsx^bIRJ2MXlD{oBno+jqIW}
z@Aq@oCzhRlul()S^xsU(j0}v68@mk}I}GH3;VP@lB4HrbATs09+wWglH$CltKS|}%
zo_VeHdTx^qMA<kK+B_KBemF4#!G9K3W@d&Dj1YaQAbo5c+H8!htnAFpY+OJV3*#gX
z0Y)YRK9IruARR2sOe`A=WI=pB7BLo)>NYzjhqnq{+jdBI<!dAy`10cTHRSjLrdMEm
zF)~!~FESQ(z36v&E=SwW)t@Y7t=Sh@D&$UKOVLR$n`$%LZ0_{#$bgSpYgYQ76+3?_
z;H&E?&&4yguQE;8>(n%NZQ$kw_C6L>+3w=I8uV2*)Ewl9ntQyUZsqn#M?`sVGMzYi
z=gbS;?JNHV_Xx}runt`JU4Pfa;3*FZJ04{#v%M^t@KyE4?Pl@!`WDu<i~PGM>c5bE
zklZtyt7yWkt}nN*mAm(RxR=qtbgIMUp4_|h<7W4H_Wifo9c$3Dv(1hD%*>V__bhsH
z-l$3k*H~%lH#B~jIy>yBm-n^%&jh=Dj9lKk|9{Fn=V#f{M?A`R{TUy68OpPSw&}&)
Q>Flmr+o@R=wLI}A0G|SZ?f?J)

literal 0
HcmV?d00001

diff --git a/SOURCES/almalinuxkpatch1.x509 b/SOURCES/almalinuxkpatch1.x509
new file mode 100644
index 0000000000000000000000000000000000000000..1292610292f7822b62040394efe0fac2dafa694b
GIT binary patch
literal 988
zcmXqLV!mO}#B^W*GZP~dlYoq&xXS67&Odh=mLz#4otb99%f_kI=F#?@mywa1mBApv
zP}M*gF2u<wCRUu9Tw0V_Qt6PGlbe{6nO9n&mtT}_C}beO#vIDRCCupv6!!s%8!8(p
zg2b4GrQl);!65Ca3Qqa?B?``t3Wf%9;=D$N28M<vK+?j%AWEFq*bK-ugmMj%C~*PE
z@n9FoAY71LkXVwOp-`Neo|l=Iu8^HtY0$)|gzRxfRtDxKMt%mMI2ThBBO}AHaxUj>
zJHGXK1atMXhiz20(loue!mCj*?5S+)#RDlD$_$e9g42(2J*()j?LXwd_Qq-j_n4iZ
zX11RcaMIIVoA^<dN1i*_RN~J6J<*cee%t)<`4pmf`n+)0alyU%;hmSybG(#p2xez`
zk|^<yS#b8*M58C}YmZy)RMVg8b9(Ywp*1aqY-VTQiVENMIxX|u+5N}ssakVRGITZ0
zwmVk1K5&)LUPhs<%gdUDTI!beSe%tOQEYC$dET|ECx$Mkk802O@zGatiL2tzC+gSo
zOxRwVSMS)7XsvRHsrPBr_9>YzB~o0EUgs?+etc(|;`beXUHVUU1<(3sS6Fd<=lOpV
z*p&^JGchwVFfMNFHfZcHkOu~+tTKy)fmnmcj7x97e`VeDwEz7il}mf(wbtvoO*Rl^
z<4kDtU~K#0#0UicSy-8w89p#V^r?dMv2kd#F|x9<Gc&Vs0a+}JlQ;wznGE<q2J?e-
zurM>RY%q`o@%dQ9SVS_H-F$cXo5IyY53OVsW!wU}qHcagjxS(B1;!U6gMr05Z-?gl
z!MfHV%O8|P>|L=<C){hPQ-fe>(Kl({AMCdaj;r1}Sbw-b<8e8UNn=LD3ZKZyd_5Zf
zc~T_azVMYVxR_~K&2wShYrSVIm;8fY^cVPPe@|(Q=m{~?yAiru=IZNHEH7VgTeq=%
zLWn9)X<^_p4<XyK@`^16j<+8zUY4GCcGAx9pb6(AmY$zsCUU2xf6?!@suW50o}}uY
z$Je;uO#b6=J4(~Rk+~r7q2Ar<C+{xrRb1kcFFg0J@`AcU8KQr8thnuRWhr0S&4>S<
zwz7w`MLnBVe(7q;?A#<1xqF4j&OEp#qbRvS>G+zR!fP|m#$5`0ab$Veg}WOqH5EPk
HR-6O?x59Yr

literal 0
HcmV?d00001

diff --git a/SOURCES/clsecureboot001.cer b/SOURCES/clsecureboot001.cer
new file mode 100644
index 0000000000000000000000000000000000000000..ca9ce5d92a13320a2995ed90f173ea719a132d8f
GIT binary patch
literal 1561
zcmZ`(Yfuwc6wXbS1jzzo5X>OBh=_zHxtj+9!bnI+p+=zweAJF{O%_-i65K3=V6`P`
zg!+Oiw$+NM3{cvRbwp7M<Fi^Fr&c?izU+V&99!x@6`xhd?qX>9<FB1_&iCE(?RW0E
z&?}q_y~s1afDicmiPrXi7P+NN-Rg^uj^4IR2t$PvWWGG#!%zUkK|ENy6Bok?LP0Si
zl<*5p_;iSIK?o`>c2G4W<HU+cYnj7oca~D53o|Qp3OorWau_ihrzdHqvK-?+R0(Az
z7|Q9ubd^k*lcpFCo(5Anpa4|{fVtHS>9CPDY!P9nY%kz?r;WtSRH=h<lwx`vX3o>8
zU|e*l3WsV{DvoP4TGbnDs9{5GAcS5Z!6h(4C{7Uq1bAm>@_|6YFE-;+7(G78M}rNd
zop2L0iATV2PECX)*l5Dk>U3O<$HA#wY63bL*TU2^EXQ6+VmX8d(^It7PU5jJhO385
zA`5A%ieN~rfG#CiV@9QqDqzb&l8`jD9Hy((P@^7aCo5+n4C4+6Mny(D>xqpR<A~4@
zqmyQ^`5uyXjdNXZcUIak6XmF^#>~zVhEx6umhZ5RVFal3r5M(h>Ej0sf_MTi2<Nf+
z5WW`xUfsxU^u*bvD~p;BZT`ZlS{`kb44-UksA{RrQuYYu^$hfNSXL8{z3Jxm_5F?=
z<~F*2-+9$rbMCAi1d`_Zr}s=-r<7cKDqWaAboR!y?hlMv-_7Y>%d}hSB1Z;Kc<pEI
zo~_rU(~Ubq_aFXn;F5XqA%9oLTJwXR?&~1GwLE>x_Vo?>QeGcGz_P@TPE#k$jU}t{
z=C4WMHPazOp*1PT3fm+ruI6lS_~q`^8L{y-bu+Gf%@__g=3FU^|HN|Z8E=KQmHrw0
zI*CrQY%Us>cb>W=8$P+bYg<Ipp*uG-uRY9I)=;lh+*`M_f1Y7^OmN1n@88dtY`TB&
z&A#Sjt$r(C0C=Fq3;I|`u0fO?O{@ff=LjG2poWX4A##`kll@8lL|;M~!&GD_l~&rW
zu#R4IMTK2SR#{zE!c|776l?)j3WM1z7!)J|0HI(hl#j&__~HWxjH5WMt_peJFsrki
z-H!kr@_n)ZoF*%rE{bu|o|m*GX*i7&n}AG#QSV0XKPQV|<lQM6!;${WwM^NW&&X&P
z%K^fWC?s;@w!OA)=U3-;uM`$-Z10+y`}^@nFZh!<er@Fc^0NQ?P52te#}GZ#L6I=1
zv=#*dR;*aIp$zyQxcNaq1i5D*pq>w+q?~#eYnR*Y9;aJhXnxTwk!v=F7YKwQfz8bV
zV01@f!?{5q0>0>7n9VhhK+@rCzjllgEbu48Bs8(uEH~tubc=NhbLDzdL9qcd<u52+
zf|(19MO>0ymIeCpOTfNz>=FRp+_ZMjPwTEfKR;4G<Kvk*tA=j<{X^%7$o0qY(8gE4
zMR%(wK0mdkX;<}ikJ4&txj4N+v2)2|^j_8;%~IJBH?iv*pQS1Da&~s<<tNF1ZV-ox
zd5=;=BDJQ)G#DRaNUixX;k_%f4n#+mdpdf2_P0BAXx(kGW6*Q}bZ)=>dG@D`O}rr^
zO(!d6#<-~YhKw(p3S9X|dM{X}bRc<Q#{En72-1ke-=gM9=k_)XXUto3bVId`h?NYq
z5|?y&!&kM(x-dNSru2cWcW+$X;r_TP*<X5nNp2-D%e0u4Vj3;N<42<pz7yr&M!6Ax
W>;161eWzPCUA!^tNx{O73;zPg)%xE6

literal 0
HcmV?d00001

diff --git a/SOURCES/redhatsecureboot003.cer b/SOURCES/redhatsecureboot003.cer
deleted file mode 100644
index 439b75bf3ae770d62b82116e68f58758e21f2444..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 829
zcmXqLVzxABVp3ed%*4pV#K~~)o6?a_AKRD=c-c6$+C196^D;7WvoaWH8EP1)u`!3T
zFbm5ErKTu&B$g-yrzV#cr7Ae(=a(orJ1Q6{Xe6bUBx)MSiSrto7#bKG0!d3F<0x@n
zV{=0TBU32XK;KZ;KpSF~3O2KXGt=`j^U@WJVForaDj~avk(GhDiIJbdpox)-sfm%1
zVehSlZ+rVhV}3A}dw3;G`>Fox(Z)>vK*^xGBPM+hXU|!(G3Hw1jEa9NpK>$onv+s@
z{7litVsAnApbrYux@TJ6yZy`7_0f!K9>*s<TVp4cSWbI5efq++dS@<3`_A2Kx6-Wd
z%<=fFTFW@@-cwJSUs}hsxnJ2;J40>ZmlqSV`9Eg&JYLjbGwmbSwzLD@iQh}kUaszo
zv%ED^!FclJ5A|zJUv~7)*`NB+o#|)ITlILaRGahhd>vCu?){#pH*vPB`H9y5j~xsC
zU475jq{Ok^+Qsfpbp5XV&m!hB<(2Lacyr!<=|rwakvfN;vogQ<l&{5-G0V`XpT+d7
zyvZ5=%BY#Wb7Q_TF*7nSE{-*bHsApUtE@01<9`+=0|o<b5RadQg_()H!9W(o;bReF
z5lKC|@6@x%tiL&hN0!exrrKMb&U(Q>9we>IB4HrbAkz5boqLSk+u!Gww(PsU?)K%{
zl+9Ym5dcgOzzASuNRzXb4K}{#cl^kg`?n+{yH@^xl&rn)Q)2R?Z*SeD3Yp$$z3(i4
z{I@Ohqdo7>yr0%<)!es#;$5q}INkbm?mTAxJ(<PxuPo)y|FPQF?Bat5u?o%;j-)0|
ze#9Rb$@RUXAbcmwN~7>Oo5L--``k_#<!t#pt={`X$Itplg%7(QiG1`{W$=)xd)k|-
z`?|<~lFR334=&tqT_NoCd*&$-o#_pe)h{dj$ko))*;)Q-WAfhG;J;o;DcmzwtP}i`
z*PDDrH1wEH$=CP=J9TttRki1Rh*N$0=f)8eW23c<SG+v~53$!z$bI$I$FVTwwY=tH
a`IJR+eEAF0XZFsJ*%3U~Kz5x`*d+j8DOXGY

diff --git a/SOURCES/redhatsecureboot401.cer b/SOURCES/redhatsecureboot401.cer
deleted file mode 100644
index 247666cfed1509cec37abc4e3beb0d49a61d5932..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 978
zcmXqLVm@ck#I$VzGZP~d6DPw$2luc;8yz1S@Un4gwRyCC=VfH%W@Ru)GZZrrVPg(u
z;o{*9N=;GlNG#D&@XSlrGt@9p1Bo;9$V0^yf>V=Ai&7Pw^7Bg+oE;TR6f}}jOA<8=
zl?)W%hH^5B2^Xg(C+4IUl{gforeq|R=q2ap8pw(B8W|Xv8CV)vnphf`Mv3zpTNoG`
zT0pr5xj5aSZ=efthZ;6_1ZSq_W#*+Tm>3w6;+!T%CFGD`WMyD(V&rEqXkz4IYGPz$
zxOt*a|83fydKaaIGdS`br5@fAZP+Q<vZqMkk#~smie)d-Ce$yLx1TMqQmQrQ#F5^D
z>zhyhu3D3pAj_6ey;znb{1R6v4^w+YXL^=W*1wx;c%<Ix_La<<S(!IMKfij#>gl2n
z1FI|#IrMK@dh+)3Dy_pm4PSCc-c336;PO0|bXSpc@wT}&yhZEe7doGJIluRemQY-9
z>E+g+U6&MhD5wO+U$`n1=jY89x6d-@+KLkPxuzSYG+ba}OM5Z%&o9=)K~BwwzgNf@
z?|XA@5|7W9YXQG)ztu6hNUoStUgPrO!NOjPf_>YfwIX+Yp4-s>Y6hRL>nC>Ihc{eL
zNJV`YIy|vh?I{y8BLm~&3WG8O9$?_h3NtePXJIm6FyI66_(41tW+wIq12GU^6~yN;
z;9}#@W@BV!WoKqKkOhhJv52vVtlRiS%*4?Aw^#j3C(#A_R_+YqRyL3aNh`BR7>G59
z1Wi1hdvwOJ&`V2yy=HB`b+~*(y9#pL08=S2ZWtM)xWBlB1V2CJm>yx(W50l_T%xJE
z<K_4F0gM`EDIc1(mpx)vYI+@i?mUO#h97)0g*ogO%UFDqNR7|mtl4#d|Ksl6<^A_x
z#;EVCx#QK5U2)zZAnD6@GiRlOZ8N1)WFoJ7Z1v^7a?U|{>CXwZujDe@ZqA*V`(3(J
z@20n#N4B8^kKT-br`H-MU0~ZMbynoh<=21S#%+z?wUl31=l&i(^)1OW<^}fcTD-~7
zDQ4p0@DnVzpKmM=+SVKs*Ss`W>dP9@3awRV-L9}QnXY(Wu&^Zan((Z*Oj{=ZQR1_G
s?puCAQ}bw)-tXvbpZ&fEs8-Dt*<M%Yz$9|zI$xZwae5{5<bW3n0PaR=tN;K2

diff --git a/SOURCES/redhatsecurebootca2.cer b/SOURCES/redhatsecurebootca2.cer
deleted file mode 100644
index 43502d6bce455d637e4008d57ac0a46136ed4393..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 872
zcmXqLVoot=V)9wQ%*4pV#L3V;Yf^YfR(_WOFB_*;n@8JsUPeZ4Rt5ttLk$BpHs(+k
zW?}iD)D#7e#1e(z)a25lR0XH}{1OFcM+GAVjil6)L`?%Zab81X0}De-14~0ALxU)B
zUSo40*BHtr$*d+uC1j^CvNA9?G4eAQG%<29H8C<W?024X?Bu~cpY%ofBBI>a&33Qa
z+%s9Zc=s~y8qpg(i!y`$cU^MUOcduWDY<;6Y08`RDssi2V>H&cGrfyWlDxyS_leN^
z>+#ICm5X=Z;E8&1s(tIDdtX#F9)8|!T{!hfpd!;Oqa<zt@3n!MFJ>=373Qy1yo*h@
zea8xcL&whC7h?Z^<w(Udxmf$=V<o)Xwg0`*`yFQOIMeuj*3q)x&*H7;WyLdXx1JFp
zVww18!IM3ermpI#m#TgUvt%uObBFt^r%49$+%7J~b^f=a(`+~JT|9V@>xM>;@1>t?
zGu0NFpDlU)nEkYplL5oM;>%t~j%XRUoZBF>Pe;c6R?Ef78}}F=+iK0k%*epFxUt8e
zvC}{n7(cRnEMhDojX&PG$Jo97eQs&XzU%95U#?BrtYr`dl2&F3HVACMs$iks5*<?F
zrU@yv@PNz~W??m8W@P-29AUt;1B@_62LAc8O*?Pi?{sOiDHf49!Rov1^liV^SC1q%
ztzPNJZ(*|gqi2e5$lW*ZPfm4T>Z5Mz9^I)@fAQ%22Td8dJF?m{>Wls{ZQj$kTehHK
z%NHA-;K^Gbgf|7p9bLv(XRxd0x%KP^ds-)G2LFsXwet?=tn>Zdi=Q!zy_Y??<*8xY
zqT7FD-?<)DIh*fh7@KOtl`Iq+&^g(|s<tf6#-A&l|5!@<w|`}#2hOQJ-cfbe@8zZm
zo`N58^u_jn{<7i^hlxnqlY%3UZbV(5(=1l=`)1Dc4XZoc!`Hg-vRt<Jn&xpw?pNFN
nqdSf2xz_|A=5VVFIQYQ#{*sdWm3JE&PE20>t-i4JEXQ8}?2KZ0

diff --git a/SOURCES/redhatsecurebootca4.cer b/SOURCES/redhatsecurebootca4.cer
deleted file mode 100644
index 8cb32e68cb5e279e06ed153d983a12a48ee83e69..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 934
zcmXqLVqRp>#MHHbnTe5!iIZWneUz&}74u&MUN%mxHjlRNyo`+8tPBQehGGUHY|No7
zTs*u%sVNE`i6uG;o_Wc7h8hNHAaQ0Md8oKTaB6aCQL2JdetwC9v!jBEf<{tmNus8q
zl7Rx;P)<fM;o{Wf#GKTk5{IJHl#Ij@z2y8{137VCBLf3714{!7LvureC~;n63j;$#
z3n-Uv?r36ELJk5(RtDxKMt%l^CPpr%CPqevMcvAhZ2z_$Vb|D~;$L%Qv)W24)!2In
z&$e>4E1mup%v<JM&Hk9%?d2VzeKC2P?@T*(_xR@x%WUR0De`@<744g4@%-!7ZI6W?
zeweIQeQ3{y4wH55*ZAM;?Cd+ZiFJARo+BOe4sJiR`Q079brrLXoH;_BRr|lEPRVBJ
z`#tMJmJMUMz$7XD@OeJ71%6i)Etn#7V0H1tcLFAl6>~LqI?UCcc=F1xU9(Qz*dH3<
z;xHxUlIxTQ{ygpVd=rH~FFnQb>+-oruP@!dBke7{vF-ZPlZB2e=dUgcxmJJ2;N4?8
z-4nZd($*<OuiAV>cB6K~mXozc)fJJ!w-XH*toh{boDbz&qrFC*iJ6gsadEIgpn)tf
z_GS54#8^avCZ5hcI^$UArKP`Kvo_y4T)v@Q#Xue;t;`}}Al86g0Y6BAFeBrC7FGjh
zAcY+4z?26Jc18wq-K|VFZ)9&jCOzfw)7xIR|DN6(sveoyrSIwy=(VDStyZGkXW7Fq
zr_9$_Z@9k4ed2_x{W_)og{Q=)pY3}+!LMso!6M!M-Q9jw8TYCf<^Eht`Q75PCTnt0
z*Q2#+LDel=ch-yl=v`JcOZ)1ad_8fi1V1O;hle&Zd2X7NQLoakC6snm@X>{EmWfUA
z4Dy<@Z#+>cbuE_Dn*TCUYt1``-D%CcL#4~iy)P|zsULOCx7+O#FT3*{VR1*Uv?rTC
z*xBjEo{m_t@p+n=VCDI^1(Tv5uIKeW@7Kw#{qOjp;Ez2YXSNrgV=Q^}NFg-*#+^-p
ZB8NQ%Pc6IJ;<0bymc(4{X&?Uo0s!(NaBctq

diff --git a/SOURCES/x509.genkey b/SOURCES/x509.genkey
index b1bbe38..4c34491 100644
--- a/SOURCES/x509.genkey
+++ b/SOURCES/x509.genkey
@@ -5,9 +5,9 @@ prompt = no
 x509_extensions = myexts
 
 [ req_distinguished_name ]
-O = Red Hat
-CN = Red Hat Enterprise Linux kernel signing key
-emailAddress = secalert@redhat.com
+O = AlmaLinux
+CN = AlmaLinux kernel signing key
+emailAddress = security@almalinux.org
 
 [ myexts ]
 basicConstraints=critical,CA:FALSE
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
index 10df362..2c7a14d 100644
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@@ -451,44 +451,36 @@ Source9: x509.genkey
 
 %if %{?released_kernel}
 
-Source10: redhatsecurebootca5.cer
-Source11: redhatsecurebootca3.cer
-Source12: redhatsecureboot501.cer
-Source13: redhatsecureboot301.cer
-Source14: secureboot_s390.cer
-Source15: secureboot_ppc.cer
+Source10: clsecureboot001.cer
 
-%define secureboot_ca_0 %{SOURCE11}
+%define secureboot_ca_0 %{SOURCE10}
 %define secureboot_ca_1 %{SOURCE10}
 %ifarch x86_64 aarch64
-%define secureboot_key_0 %{SOURCE13}
-%define pesign_name_0 redhatsecureboot301
-%define secureboot_key_1 %{SOURCE12}
-%define pesign_name_1 redhatsecureboot501
+%define secureboot_key_0 %{SOURCE10}
+%define pesign_name_0 clsecureboot001
+%define secureboot_key_1 %{SOURCE10}
+%define pesign_name_1 clsecureboot001
 %endif
 %ifarch s390x
-%define secureboot_key_0 %{SOURCE14}
-%define pesign_name_0 redhatsecureboot302
+%define secureboot_key_0 %{SOURCE10}
+%define pesign_name_0 clsecureboot001
 %endif
 %ifarch ppc64le
-%define secureboot_key_0 %{SOURCE15}
-%define pesign_name_0 redhatsecureboot303
+%define secureboot_key_0 %{SOURCE10}
+%define pesign_name_0 clsecureboot001
 %endif
 
 # released_kernel
 %else
 
-Source11: redhatsecurebootca4.cer
-Source12: redhatsecurebootca2.cer
-Source13: redhatsecureboot401.cer
-Source14: redhatsecureboot003.cer
+Source10: clsecureboot001.cer
 
-%define secureboot_ca_0 %{SOURCE12}
-%define secureboot_ca_1 %{SOURCE11}
-%define secureboot_key_0 %{SOURCE14}
-%define pesign_name_0 redhatsecureboot003
-%define secureboot_key_1 %{SOURCE13}
-%define pesign_name_1 redhatsecureboot401
+%define secureboot_ca_0 %{SOURCE10}
+%define secureboot_ca_1 %{SOURCE10}
+%define secureboot_key_0 %{SOURCE10}
+%define pesign_name_0 clsecureboot001
+%define secureboot_key_1 %{SOURCE10}
+%define pesign_name_1 clsecureboot001
 
 # released_kernel
 %endif
@@ -520,8 +512,8 @@ Source43: generate_bls_conf.sh
 
 Source44: mod-internal.list
 
-Source100: rheldup3.x509
-Source101: rhelkpatch1.x509
+Source100: almalinuxdup1.x509
+Source101: almalinuxkpatch1.x509
 
 %if %{with_kabichk}
 Source200: check-kabi
@@ -559,8 +551,8 @@ Patch999999: linux-kernel-test.patch
 BuildRoot: %{_tmppath}/%{name}-%{KVERREL}-root
 
 %description
-This is the package which provides the Linux %{name} for Red Hat Enterprise
-Linux. It is based on upstream Linux at version %{version} and maintains kABI
+This is the package which provides the Linux %{name} for AlmaLinux.
+It is based on upstream Linux at version %{version} and maintains kABI
 compatibility of a set of approved symbols, however it is heavily modified with
 backports and fixes pulled from newer upstream Linux %{name} releases. This means
 this is not a %{version} kernel anymore: it includes several components which come
@@ -568,7 +560,7 @@ from newer upstream linux versions, while maintaining a well tested and stable
 core. Some of the components/backports that may be pulled in are: changes like
 updates to the core kernel (eg.: scheduler, cgroups, memory management, security
 fixes and features), updates to block layer, supported filesystems, major driver
-updates for supported hardware in Red Hat Enterprise Linux, enhancements for
+updates for supported hardware in AlmaLinux, enhancements for
 enterprise customers, etc.
 
 #
@@ -810,14 +802,14 @@ kernel-gcov includes the gcov graph and source files for gcov coverage collectio
 %endif
 
 %package -n %{name}-abi-stablelists
-Summary: The Red Hat Enterprise Linux kernel ABI symbol stablelists
+Summary: The AlmaLinux kernel ABI symbol stablelists
 Group: System Environment/Kernel
 AutoReqProv: no
 Obsoletes: %{name}-abi-whitelists < %{rpmversion}-%{pkg_release}
 Provides: %{name}-abi-whitelists
 %description -n %{name}-abi-stablelists
-The kABI package contains information pertaining to the Red Hat Enterprise
-Linux kernel ABI, including lists of kernel symbols that are needed by
+The kABI package contains information pertaining to the AlmaLinux
+kernel ABI, including lists of kernel symbols that are needed by
 external Linux kernel modules, and a yum plugin to aid enforcement.
 
 %if %{with_kabidw_base}
@@ -826,8 +818,8 @@ Summary: The baseline dataset for kABI verification using DWARF data
 Group: System Environment/Kernel
 AutoReqProv: no
 %description kernel-kabidw-base-internal
-The package contains data describing the current ABI of the Red Hat Enterprise
-Linux kernel, suitable for the kabi-dw tool.
+The package contains data describing the current ABI of the AlmaLinux
+kernel, suitable for the kabi-dw tool.
 %endif
 
 #
@@ -899,7 +891,7 @@ Requires: %{name}%{?1:-%{1}}-modules-uname-r = %{KVERREL}%{?variant}%{?1:+%{1}}\
 AutoReq: no\
 AutoProv: yes\
 %description %{?1:%{1}-}modules-internal\
-This package provides kernel modules for the %{?2:%{2} }kernel package for Red Hat internal usage.\
+This package provides kernel modules for the %{?2:%{2} }kernel package for AlmaLinux internal usage.\
 %{nil}
 
 #
@@ -1746,7 +1738,7 @@ BuildKernel() {
     # build a BLS config for this kernel
     %{SOURCE43} "$KernelVer" "$RPM_BUILD_ROOT" "%{?variant}"
 
-    # Red Hat UEFI Secure Boot CA cert, which can be used to authenticate the kernel
+    # AlmaLinux UEFI Secure Boot CA cert, which can be used to authenticate the kernel
     mkdir -p $RPM_BUILD_ROOT%{_datadir}/doc/kernel-keys/$KernelVer
     %ifarch x86_64 aarch64
         install -m 0644 %{secureboot_ca_0} $RPM_BUILD_ROOT%{_datadir}/doc/kernel-keys/$KernelVer/kernel-signing-ca-20200609.cer