kernel-4.18.0-480.el8
* Sat Mar 18 2023 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-480.el8] - redhat: fix the signing failure on ppc64el on centos (Denys Vlasenko) [2179095] Resolves: rhbz#2179095 Signed-off-by: Your Name <dvlasenk@redhat.com>
This commit is contained in:
Your Name
parent
9f46c15088
commit
abadd6d954
31
kernel.spec
31
kernel.spec
@ -12,7 +12,7 @@
|
||||
# change below to w4T.xzdio):
|
||||
%define _binary_payload w3T.xzdio
|
||||
|
||||
%global distro_build 479
|
||||
%global distro_build 480
|
||||
|
||||
# Sign the x86_64 kernel for secure boot authentication
|
||||
%ifarch x86_64 aarch64 s390x ppc64le
|
||||
@ -38,10 +38,10 @@
|
||||
# define buildid .local
|
||||
|
||||
%define rpmversion 4.18.0
|
||||
%define pkgrelease 479.el8
|
||||
%define pkgrelease 480.el8
|
||||
|
||||
# allow pkg_release to have configurable %%{?dist} tag
|
||||
%define specrelease 479%{?dist}
|
||||
%define specrelease 480%{?dist}
|
||||
|
||||
%define pkg_release %{specrelease}%{?buildid}
|
||||
|
||||
@ -461,24 +461,20 @@ Source14: redhatsecureboot302.cer
|
||||
Source15: redhatsecureboot303.cer
|
||||
Source16: redhatsecurebootca7.cer
|
||||
|
||||
%define secureboot_ca_0 %{SOURCE10}
|
||||
# TODO: secureboot_ca_2 is only for ppc64le on rhel -
|
||||
# why doesn't it just define secureboot_ca_0 differently
|
||||
# instead of using this separate _ca_2 variable?
|
||||
# This would simplify some really nasty "if" blocks
|
||||
%define secureboot_ca_2 %{SOURCE16}
|
||||
|
||||
%ifarch x86_64 aarch64
|
||||
%define secureboot_ca_0 %{SOURCE10}
|
||||
%define secureboot_key_0 %{SOURCE13}
|
||||
%define pesign_name_0 redhatsecureboot501
|
||||
%endif
|
||||
|
||||
%ifarch s390x
|
||||
%define secureboot_ca_0 %{SOURCE10}
|
||||
%define secureboot_key_0 %{SOURCE14}
|
||||
%define pesign_name_0 redhatsecureboot302
|
||||
%endif
|
||||
|
||||
%ifarch ppc64le
|
||||
%define secureboot_ca_0 %{SOURCE16}
|
||||
%define secureboot_key_0 %{SOURCE15}
|
||||
%define pesign_name_0 redhatsecureboot701
|
||||
%endif
|
||||
@ -1176,7 +1172,7 @@ openssl x509 -inform der -in %{SOURCE100} -out rheldup3.pem
|
||||
openssl x509 -inform der -in %{SOURCE101} -out rhelkpatch1.pem
|
||||
cat rheldup3.pem rhelkpatch1.pem > ../certs/rhel.pem
|
||||
%ifarch ppc64le
|
||||
openssl x509 -inform der -in %{secureboot_ca_2} -out secureboot.pem
|
||||
openssl x509 -inform der -in %{secureboot_ca_0} -out secureboot.pem
|
||||
cat secureboot.pem >> ../certs/rhel.pem
|
||||
%endif
|
||||
for i in *.config; do
|
||||
@ -1754,15 +1750,7 @@ BuildKernel() {
|
||||
|
||||
# Red Hat UEFI Secure Boot CA cert, which can be used to authenticate the kernel
|
||||
mkdir -p $RPM_BUILD_ROOT%{_datadir}/doc/kernel-keys/$KernelVer
|
||||
%if 0%{?rhel}
|
||||
%ifarch ppc64le
|
||||
install -m 0644 %{secureboot_ca_2} $RPM_BUILD_ROOT%{_datadir}/doc/kernel-keys/$KernelVer/kernel-signing-ca.cer
|
||||
%else
|
||||
install -m 0644 %{secureboot_ca_0} $RPM_BUILD_ROOT%{_datadir}/doc/kernel-keys/$KernelVer/kernel-signing-ca.cer
|
||||
%endif
|
||||
%else
|
||||
install -m 0644 %{secureboot_ca_0} $RPM_BUILD_ROOT%{_datadir}/doc/kernel-keys/$KernelVer/kernel-signing-ca.cer
|
||||
%endif
|
||||
install -m 0644 %{secureboot_ca_0} $RPM_BUILD_ROOT%{_datadir}/doc/kernel-keys/$KernelVer/kernel-signing-ca.cer
|
||||
%ifarch s390x ppc64le
|
||||
if [ $DoModules -eq 1 ]; then
|
||||
if [ -x /usr/bin/rpm-sign ]; then
|
||||
@ -2706,6 +2694,9 @@ fi
|
||||
#
|
||||
#
|
||||
%changelog
|
||||
* Sat Mar 18 2023 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-480.el8]
|
||||
- redhat: fix the signing failure on ppc64el on centos (Denys Vlasenko) [2179095]
|
||||
|
||||
* Sat Mar 18 2023 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-479.el8]
|
||||
- redhat: add centos signing certs (Denys Vlasenko)
|
||||
- redhat: fix "make rh-brew" not choosing _scratch_ build (Denys Vlasenko)
|
||||
|
||||
6
sources
6
sources
@ -1,3 +1,3 @@
|
||||
SHA512 (linux-4.18.0-479.el8.tar.xz) = 3f1cd8c8c2b2a48bf7509fbf137f66e0685e5e911b8775b4588f77aaa825a456fbbf568e261c3802a193fee70b2f063cce384ceb6ba54d051960c44d3570631b
|
||||
SHA512 (kernel-abi-stablelists-4.18.0-479.tar.bz2) = 6696893e336830ea1c7108e69f72704dc884507a355f87a545e03ac0ad6046490f264d7a1c1ab159fad2b4714f04b81817a1794064c52cca2265aadfb381b729
|
||||
SHA512 (kernel-kabi-dw-4.18.0-479.tar.bz2) = e4acc8a0d2babc3874870a8ff95917dc5741b897f32a9e4b6475430d5da3c1a8f75b194961d1c3054ae9a0dff7751e5f25ea4c6228d69a0ae604f5283cfd9ca6
|
||||
SHA512 (linux-4.18.0-480.el8.tar.xz) = 5f49893db85b2527864d4dcc8f1cf4f164d0fef697f05e1441485db7025165bcd0275a7a5c340ba7df9c59f56cf2be1d8adfe4b7601727181f2aa74672d7aa2b
|
||||
SHA512 (kernel-abi-stablelists-4.18.0-480.tar.bz2) = 32759d22676e5c56ad2b44c27756fb9ee531d62ce4d2dbef2427df1931cd3ff82af0dd2a6d12de62b9862e2503dfa9233c02b4a7209978f3c81c974691f7a5b1
|
||||
SHA512 (kernel-kabi-dw-4.18.0-480.tar.bz2) = e4acc8a0d2babc3874870a8ff95917dc5741b897f32a9e4b6475430d5da3c1a8f75b194961d1c3054ae9a0dff7751e5f25ea4c6228d69a0ae604f5283cfd9ca6
|
||||
|
||||
Loading…
Reference in New Issue
Block a user