- pvimg/genprotimg: Fix confidential dump support (RHEL-76913)

- Resolves: RHEL-76913
2025-01-30 10:30:11 +01:00 · 2025-01-30 10:30:11 +01:00 · a67d93c443
commit a67d93c443
parent f6ef7d0ab9
2 changed files with 104 additions and 63 deletions
--- a/s390utils-2.36.0-rhel.patch
+++ b/s390utils-2.36.0-rhel.patch
@ -1,7 +1,7 @@
 From c0c76b5735daa9690be297335d21181a70eaaded Mon Sep 17 00:00:00 2001
 From: Eduard Shishkin <edward6@linux.ibm.com>
 Date: Mon, 16 Dec 2024 13:55:52 +0100
-Subject: [PATCH 01/31] zipl/src: Fix incorrect installation of zipl_helper.md
+Subject: [PATCH 01/32] zipl/src: Fix incorrect installation of zipl_helper.md
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
@ -41,13 +41,13 @@ index 7927974..39489e2 100644
 clean:
 	rm -f *.o $(zipl_helpers) $(chreipl_helpers) zipl zipl-editenv
 -- 
-2.47.1
+2.48.1
 From cd32b1c9ebc8d7efa955efd15ba7261e7b7fd083 Mon Sep 17 00:00:00 2001
 From: Niklas Schnelle <schnelle@linux.ibm.com>
 Date: Fri, 6 Dec 2024 15:28:08 +0100
-Subject: [PATCH 02/31] opticsmon: Fix runaway loop in on_link_change()
+Subject: [PATCH 02/32] opticsmon: Fix runaway loop in on_link_change()
 (RHEL-24153)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
@ -111,13 +111,13 @@ index c2f355e..50dd8d7 100644
 }
 -- 
-2.47.1
+2.48.1
 From 95f31c8471f9e6f353afca7da42bc3042472aa5d Mon Sep 17 00:00:00 2001
 From: Niklas Schnelle <schnelle@linux.ibm.com>
 Date: Mon, 9 Dec 2024 15:08:03 +0100
-Subject: [PATCH 03/31] libzpci: opticsmon: Refactor on_link_change() using new
+Subject: [PATCH 03/32] libzpci: opticsmon: Refactor on_link_change() using new
 zpci_find_by_netdev() (RHEL-24153)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
@ -245,13 +245,13 @@ index 50dd8d7..7ecaa12 100644
 #define MAX_EVENTS 8
 -- 
-2.47.1
+2.48.1
 From 95277a7eac2391196e39548221c551b79dcbd77a Mon Sep 17 00:00:00 2001
 From: Marc Hartmayer <mhartmay@linux.ibm.com>
 Date: Wed, 11 Dec 2024 19:25:59 +0100
-Subject: [PATCH 04/31] rust/pvimg: Add '--(enable|disable)-image-encryption'
+Subject: [PATCH 04/32] rust/pvimg: Add '--(enable|disable)-image-encryption'
 flags to 'pvimg create' (RHEL-70851)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
@ -584,13 +584,13 @@ index b696d79..475d352 100644
     if opt.no_component_check {
         warn!("The component check is turned off!");
 -- 
-2.47.1
+2.48.1
 From 0bc601307846a7cdd667355dbae21c877d603e50 Mon Sep 17 00:00:00 2001
 From: Marc Hartmayer <mhartmay@linux.ibm.com>
 Date: Thu, 12 Dec 2024 20:19:55 +0100
-Subject: [PATCH 05/31] rust/pvimg/man: Document command line option aliases in
+Subject: [PATCH 05/32] rust/pvimg/man: Document command line option aliases in
 the manpages (RHEL-72022)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
@ -652,13 +652,13 @@ index dae1cf1..6670704 100644
 Use the content of FILE as a raw binary Linux kernel. The Linux kernel must be a
 raw binary s390x Linux kernel. The ELF format is not supported.
 -- 
-2.47.1
+2.48.1
 From 840452df23ebe54db82e8d0cf94352bddb758ed4 Mon Sep 17 00:00:00 2001
 From: Marc Hartmayer <mhartmay@linux.ibm.com>
 Date: Thu, 12 Dec 2024 20:19:56 +0100
-Subject: [PATCH 06/31] rust/pvimg: Add '--cck <FILE>' command line option and
+Subject: [PATCH 06/32] rust/pvimg: Add '--cck <FILE>' command line option and
 make '--comm-key' an alias (RHEL-72022)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
@ -842,13 +842,13 @@ index 475d352..cc754a1 100644
     if plaintext_flags.is_set(PcfV1::NoComponentEncryption) {
 -- 
-2.47.1
+2.48.1
 From 2a9d164010c0eaa6098083062ac0cdcb9be84b78 Mon Sep 17 00:00:00 2001
 From: Marc Hartmayer <mhartmay@linux.ibm.com>
 Date: Wed, 8 Jan 2025 12:33:05 +0100
-Subject: [PATCH 07/31] rust/pvimg: Document the change from '--comm-key' to
+Subject: [PATCH 07/32] rust/pvimg: Document the change from '--comm-key' to
 '--cck' in the help message (RHEL-72022)
 This fixes problems when users search for '--comm-key' in the help
@ -879,13 +879,13 @@ index e622e1d..3e09a40 100644
     pub cck: Option<PathBuf>,
 -- 
-2.47.1
+2.48.1
 From fa2dcf81a6c002192f351040ff68f8d60370e93c Mon Sep 17 00:00:00 2001
 From: Marc Hartmayer <mhartmay@linux.ibm.com>
 Date: Fri, 6 Dec 2024 20:45:36 +0100
-Subject: [PATCH 08/31] rust/pvimg: Fix possible 'range start index out of
+Subject: [PATCH 08/32] rust/pvimg: Fix possible 'range start index out of
 range for slice' error (RHEL-71821)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
@ -942,13 +942,13 @@ index f7ae1bc..ac3a2e6 100644
 +    }
 +}
 -- 
-2.47.1
+2.48.1
 From 979b4bad1653a7b897a43e8fe7ee393de77fc4e4 Mon Sep 17 00:00:00 2001
 From: Marc Hartmayer <mhartmay@linux.ibm.com>
 Date: Tue, 17 Dec 2024 12:20:30 +0100
-Subject: [PATCH 09/31] pvimg: Add '--hdr-key' command line option to 'pvimg
+Subject: [PATCH 09/32] pvimg: Add '--hdr-key' command line option to 'pvimg
 create' (RHEL-71821)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
@ -1189,13 +1189,13 @@ index cc754a1..3e2ca65 100644
     if plaintext_flags.is_set(PcfV1::NoComponentEncryption) {
 -- 
-2.47.1
+2.48.1
 From 9155c5e49a8fff05d479ddc81d8d25e819278803 Mon Sep 17 00:00:00 2001
 From: Marc Hartmayer <mhartmay@linux.ibm.com>
 Date: Wed, 18 Dec 2024 13:41:13 +0100
-Subject: [PATCH 10/31] rust/utils: mkdtemp: fix memory leak (RHEL-71821)
+Subject: [PATCH 10/32] rust/utils: mkdtemp: fix memory leak (RHEL-71821)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
@ -1245,13 +1245,13 @@ index 07acdba..883d558 100644
             let path = std::path::PathBuf::from(path);
 -- 
-2.47.1
+2.48.1
 From e412cecd6ad9be261b17cf9ad64b786c7da58e4f Mon Sep 17 00:00:00 2001
 From: Marc Hartmayer <mhartmay@linux.ibm.com>
 Date: Tue, 17 Dec 2024 11:58:01 +0100
-Subject: [PATCH 11/31] rust/pvimg: Add upper estimates for the Secure
+Subject: [PATCH 11/32] rust/pvimg: Add upper estimates for the Secure
 Execution header (RHEL-71821)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
@ -1584,13 +1584,13 @@ index b0ec355..c6ed956 100644
         let iv = self.iv();
         let tag = self.tag();
 -- 
-2.47.1
+2.48.1
 From 1617c8482e0846a3afb4af2772011e4621442f58 Mon Sep 17 00:00:00 2001
 From: Marc Hartmayer <mhartmay@linux.ibm.com>
 Date: Tue, 17 Dec 2024 18:13:31 +0100
-Subject: [PATCH 12/31] pvimg: info: Rename '--key' into '--hdr-key' and use
+Subject: [PATCH 12/32] pvimg: info: Rename '--key' into '--hdr-key' and use
 '--key' as an alias (RHEL-71821)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
@ -1690,13 +1690,13 @@ index 1ced054..2f593cf 100644
             SymKey::try_from_data(hdr.key_type(), read_file(key_path, "Reading key")?.into())?;
         serde_json::to_writer_pretty(&mut output, &hdr.decrypt(&key)?)?;
 -- 
-2.47.1
+2.48.1
 From 78b388c1613724270ec34cef28b7be181f5e0db5 Mon Sep 17 00:00:00 2001
 From: Steffen Eiden <seiden@linux.ibm.com>
 Date: Thu, 18 Jul 2024 10:55:45 +0200
-Subject: [PATCH 13/31] rust/pvsecret: Refactor writing secret (RHEL-46894)
+Subject: [PATCH 13/32] rust/pvsecret: Refactor writing secret (RHEL-46894)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
@ -1842,13 +1842,13 @@ index 808b29e..9251c38 100644
     Ok(())
 }
 -- 
-2.47.1
+2.48.1
 From a5d58d0e6fd5d90ef12956ee7354a3f43d17f2ea Mon Sep 17 00:00:00 2001
 From: Steffen Eiden <seiden@linux.ibm.com>
 Date: Tue, 5 Mar 2024 10:46:29 +0100
-Subject: [PATCH 14/31] rust/pv: Support for writing data in PEM format
+Subject: [PATCH 14/32] rust/pv: Support for writing data in PEM format
 (RHEL-46894)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
@ -2315,13 +2315,13 @@ index 0000000..e646251
 +    }
 +}
 -- 
-2.47.1
+2.48.1
 From 0f2055ca030a868e43e6076cba5cc9cc1277241c Mon Sep 17 00:00:00 2001
 From: Steffen Eiden <seiden@linux.ibm.com>
 Date: Tue, 20 Feb 2024 14:50:47 +0100
-Subject: [PATCH 15/31] rust/pv_core: Update ffi.rs to linux/uvdevice.h v6.13
+Subject: [PATCH 15/32] rust/pv_core: Update ffi.rs to linux/uvdevice.h v6.13
 (RHEL-46894)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
@ -2378,13 +2378,13 @@ index bbcc586..3d9998d 100644
 /// Uvdevice IOCTL control block
 /// Programs can use this struct to communicate with the uvdevice via IOCTLs
 -- 
-2.47.1
+2.48.1
 From ad6a20789e0b02bdfe1d7a685b897639fc298c2f Mon Sep 17 00:00:00 2001
 From: Steffen Eiden <seiden@linux.ibm.com>
 Date: Tue, 5 Mar 2024 11:56:57 +0100
-Subject: [PATCH 16/31] rust/pv_core: Retrieve Secret UVC (RHEL-46894)
+Subject: [PATCH 16/32] rust/pv_core: Retrieve Secret UVC (RHEL-46894)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
@ -2587,13 +2587,13 @@ index d20928b..0a8af50 100644
 impl Display for SecretEntry {
 -- 
-2.47.1
+2.48.1
 From cf2fe8bed95ca8b6513d02a85b83504a68a2584b Mon Sep 17 00:00:00 2001
 From: Steffen Eiden <seiden@linux.ibm.com>
 Date: Tue, 5 Mar 2024 12:16:44 +0100
-Subject: [PATCH 17/31] rust/pv_core: Support for listing Retrievable Secrets
+Subject: [PATCH 17/32] rust/pv_core: Support for listing Retrievable Secrets
 (RHEL-46894)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
@ -3303,13 +3303,13 @@ index 0a8af50..4e95501 100644
 +    }
 }
 -- 
-2.47.1
+2.48.1
 From 67480b7219b711226352257bd2690448d9521c06 Mon Sep 17 00:00:00 2001
 From: Steffen Eiden <seiden@linux.ibm.com>
 Date: Tue, 5 Mar 2024 12:19:22 +0100
-Subject: [PATCH 18/31] rust/pv: Retrievable secrets support (RHEL-46894)
+Subject: [PATCH 18/32] rust/pv: Retrievable secrets support (RHEL-46894)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
@ -4185,13 +4185,13 @@ index 0000000..5fad016
 +    }
 +}
 -- 
-2.47.1
+2.48.1
 From ce872d9b3104209d2a8bee32fcc1b1f2f2e0e2ad Mon Sep 17 00:00:00 2001
 From: Steffen Eiden <seiden@linux.ibm.com>
 Date: Fri, 13 Dec 2024 15:04:02 +0100
-Subject: [PATCH 19/31] rust/pvsecret: Improve CLI (RHEL-46894)
+Subject: [PATCH 19/32] rust/pvsecret: Improve CLI (RHEL-46894)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
@ -4285,13 +4285,13 @@ index 6deaaeb..c4b9f2b 100644
     /// List all ultravisor secrets (s390x only).
 -- 
-2.47.1
+2.48.1
 From 1c97c4569b0521896927547d0c9581d7808f3905 Mon Sep 17 00:00:00 2001
 From: Steffen Eiden <seiden@linux.ibm.com>
 Date: Mon, 19 Feb 2024 15:15:16 +0100
-Subject: [PATCH 20/31] rust/pvsecret: Add support for retrievable secrets
+Subject: [PATCH 20/32] rust/pvsecret: Add support for retrievable secrets
 (RHEL-46894)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
@ -4714,13 +4714,13 @@ index 502a6ea..883a3ee 100644
     match res {
 -- 
-2.47.1
+2.48.1
 From bb6654ed02453ccd5bb87ca9938f06214351fe22 Mon Sep 17 00:00:00 2001
 From: Steffen Eiden <seiden@linux.ibm.com>
 Date: Wed, 12 Jun 2024 16:23:31 +0200
-Subject: [PATCH 21/31] rust/pv_core: Refactor secret list (RHEL-46894)
+Subject: [PATCH 21/32] rust/pv_core: Refactor secret list (RHEL-46894)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
@ -5032,13 +5032,13 @@ index 4e95501..d7c268c 100644
         )
     }
 -- 
-2.47.1
+2.48.1
 From 6f5bd4d347f81b077b838ec907bd53d061680392 Mon Sep 17 00:00:00 2001
 From: Steffen Eiden <seiden@linux.ibm.com>
 Date: Wed, 12 Jun 2024 16:35:15 +0200
-Subject: [PATCH 22/31] rust/pv*: Support longer secret lists (RHEL-46894)
+Subject: [PATCH 22/32] rust/pv*: Support longer secret lists (RHEL-46894)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
@ -5148,13 +5148,13 @@ index 0bd9eca..56294ca 100644
 }
 -- 
-2.47.1
+2.48.1
 From 0036b024950309a2953a3375daaa3b046c360a9b Mon Sep 17 00:00:00 2001
 From: Steffen Eiden <seiden@linux.ibm.com>
 Date: Mon, 5 Aug 2024 09:34:47 +0200
-Subject: [PATCH 23/31] rust/pv*: Allow the use of non-hashes secret IDs
+Subject: [PATCH 23/32] rust/pv*: Allow the use of non-hashes secret IDs
 (RHEL-46894)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
@ -5541,13 +5541,13 @@ index 7f7704c..ad3e91c 100644
     let retr_secret =
 -- 
-2.47.1
+2.48.1
 From cd2f4deb6e180adf0f09afe808a05bab5e4526c3 Mon Sep 17 00:00:00 2001
 From: Steffen Eiden <seiden@linux.ibm.com>
 Date: Tue, 22 Oct 2024 17:53:17 +0200
-Subject: [PATCH 24/31] rust/pvsecret: Update manuals and README (RHEL-46894)
+Subject: [PATCH 24/32] rust/pvsecret: Update manuals and README (RHEL-46894)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
@ -6753,13 +6753,13 @@ index b2a1d0f..e8cb132 100644
 -\fBpvsecret-create\fR(1) \fBpvsecret-add\fR(1) \fBpvsecret-lock\fR(1) \fBpvsecret-list\fR(1) \fBpvsecret-verify\fR(1)
 +\fBpvsecret-create\fR(1) \fBpvsecret-add\fR(1) \fBpvsecret-lock\fR(1) \fBpvsecret-list\fR(1) \fBpvsecret-verify\fR(1) \fBpvsecret-retrieve\fR(1)
 -- 
-2.47.1
+2.48.1
 From 2f531935c1dab94336e6e197d9fdb9bcb54ff9ad Mon Sep 17 00:00:00 2001
 From: Ingo Franzki <ifranzki@linux.ibm.com>
 Date: Thu, 15 Feb 2024 09:08:43 +0100
-Subject: [PATCH 25/31] zkey: Add support for retrieving a list of ultravisor
+Subject: [PATCH 25/32] zkey: Add support for retrieving a list of ultravisor
 secrets (RHEL-23870)
 Add functions to interface with the ultravisor device (/dev/uv) when
@ -7058,13 +7058,13 @@ index 0000000..2667e85
 +
 +#endif
 -- 
-2.47.1
+2.48.1
 From 99bd7f51d41763cc7135169a90f12f4a7df3d3f2 Mon Sep 17 00:00:00 2001
 From: Ingo Franzki <ifranzki@linux.ibm.com>
 Date: Thu, 15 Feb 2024 11:22:04 +0100
-Subject: [PATCH 26/31] zkey: Add the 'pvsecrets list' command (RHEL-23870)
+Subject: [PATCH 26/32] zkey: Add the 'pvsecrets list' command (RHEL-23870)
 The 'pvsecrets list' command lists the available protected virtualization
 secrets. By default, only those pvsecret types are listed, that can be used
@ -7886,13 +7886,13 @@ index 7c909ff..adc48d6 100644
 		keystore_free(g.keystore);
 	if (g.kms_options != NULL)
 -- 
-2.47.1
+2.48.1
 From 3b4fce7cdd079732235da5e01033497752963360 Mon Sep 17 00:00:00 2001
 From: Ingo Franzki <ifranzki@linux.ibm.com>
 Date: Thu, 15 Feb 2024 16:56:04 +0100
-Subject: [PATCH 27/31] zkey: Add PVSECRETS-AES key type (RHEL-23870)
+Subject: [PATCH 27/32] zkey: Add PVSECRETS-AES key type (RHEL-23870)
 Add the definitions and utility functions for the PVSECRETS-AES key type.
 A PVSECRETS-AES key token contains the secret id of a protected
@ -8231,13 +8231,13 @@ index 6acebfd..ad84403 100644
 struct uvio_list_secret_entry {
 -- 
-2.47.1
+2.48.1
 From 77a419bf5b575f09c7958bc5656cf1e0039be115 Mon Sep 17 00:00:00 2001
 From: Ingo Franzki <ifranzki@linux.ibm.com>
 Date: Thu, 15 Feb 2024 15:14:04 +0100
-Subject: [PATCH 28/31] zkey: Add the 'pvsecrets import' command (RHEL-23870)
+Subject: [PATCH 28/32] zkey: Add the 'pvsecrets import' command (RHEL-23870)
 The 'pvsecrets import' command imports a protected virtualization secret
 into the zkey key repository. Like other key import or key generation
@ -9020,13 +9020,13 @@ index adc48d6..6e9b32a 100644
  * Opens the keystore. The keystore directory is either the
  * default directory or as specified in an environment variable
 -- 
-2.47.1
+2.48.1
 From b20ebd7b65190b261aee21fcfcbd659d5951f9f4 Mon Sep 17 00:00:00 2001
 From: Ingo Franzki <ifranzki@linux.ibm.com>
 Date: Mon, 19 Feb 2024 10:21:06 +0100
-Subject: [PATCH 29/31] zkey: Reject key generation and APQN association for
+Subject: [PATCH 29/32] zkey: Reject key generation and APQN association for
 PVSECRET-AES keys (RHEL-23870)
 Keys of type PVSECRET-AES can not be generated using 'zkey generate'.
@ -9162,13 +9162,13 @@ index 6e9b32a..36bdbcc 100644
 		if (g.volumes != NULL) {
 			warnx("Option '--volumes|-l' is not valid for "
 -- 
-2.47.1
+2.48.1
 From 9a1bfa5a9977eef50956d588b736392aa2242578 Mon Sep 17 00:00:00 2001
 From: Ingo Franzki <ifranzki@linux.ibm.com>
 Date: Mon, 19 Feb 2024 11:26:41 +0100
-Subject: [PATCH 30/31] zkey: Reject re-enciphering of PVSECRET-AES keys
+Subject: [PATCH 30/32] zkey: Reject re-enciphering of PVSECRET-AES keys
 (RHEL-23870)
 Keys of type PVSECRET-AES can not be reenciphered using 'zkey reencipher'
@ -9313,13 +9313,13 @@ index 36bdbcc..90b4610 100644
 				 &is_old_mk, NULL, g.verbose);
 	if (rc != 0) {
 -- 
-2.47.1
+2.48.1
 From 48ab37947ccda570e98aa046f2c28c11fdd59bdf Mon Sep 17 00:00:00 2001
 From: Ingo Franzki <ifranzki@linux.ibm.com>
 Date: Mon, 19 Feb 2024 10:25:54 +0100
-Subject: [PATCH 31/31] zkey: Support validation of key of type PVSECRET-AES
+Subject: [PATCH 31/32] zkey: Support validation of key of type PVSECRET-AES
 (RHEL-23870)
 Keys of type PVSECRET-AES can also be verified via the pkey IOCTL
@ -9726,5 +9726,42 @@ index 90b4610..39a527c 100644
 out:
 -- 
-2.47.1
+2.48.1
 From 5f6ea5bf9a1f22e2fe07267618072eb5182c5558 Mon Sep 17 00:00:00 2001
 From: Jakob Naucke <naucke@linux.ibm.com>
 Date: Wed, 15 Jan 2025 17:36:01 +0100
 Subject: [PATCH 32/32] rust/pvimg: Fix flag parsing for allowing dump
 (RHEL-76913)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 Parsing of pvimg flags did not pick up allowing dumping correctly.
 Fixes: f4cf4ae6ebb1 (rust: Add a new tool called 'pvimg')
 Reviewed-by: Marc Hartmayer <mhartmay@linux.ibm.com>
 Signed-off-by: Jakob Naucke <naucke@linux.ibm.com>
 Signed-off-by: Jan Höppner <hoeppner@linux.ibm.com>
 (cherry picked from commit caaf2b2116235d282c2561f0bf6f62b0033c78c4)
 ---
 rust/pvimg/src/cmd/create.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/rust/pvimg/src/cmd/create.rs b/rust/pvimg/src/cmd/create.rs
 index 3e2ca65..c9d3974 100644
 --- a/rust/pvimg/src/cmd/create.rs
 +++ b/rust/pvimg/src/cmd/create.rs
@@ -55,7 +55,7 @@ fn parse_flags(
             .and(Some(PcfV1::all_disabled([PcfV1::AllowDumping]))),
         lf.enable_dump
             .filter(|x| *x)
 -            .and(Some(PcfV1::all_disabled([PcfV1::AllowDumping]))),
 +            .and(Some(PcfV1::all_enabled([PcfV1::AllowDumping]))),
         lf.disable_pckmo
             .filter(|x| *x)
             .and(Some(PcfV1::all_disabled([
 -- 
 2.48.1
--- a/s390utils.spec
+++ b/s390utils.spec
@ -14,7 +14,7 @@
 Name:           s390utils
 Summary:        Utilities and daemons for IBM z Systems
 Version:        2.36.0
-Release:        1%{?dist}
+Release:        2%{?dist}
 Epoch:          2
 # MIT covers nearly all the files, except init files
 License:        MIT AND LGPL-2.1-or-later
@ -1087,6 +1087,10 @@ User-space development files for the s390/s390x architecture.
 %changelog
 * Thu Jan 30 2025 Dan Horák <dhorak@redhat.com> - 2:2.36.0-2
 - pvimg/genprotimg: Fix confidential dump support (RHEL-76913)
 - Resolves: RHEL-76913
 * Fri Jan 10 2025 Dan Horák <dhorak@redhat.com> - 2:2.36.0-1
 - rebased to 2.36.0 (RHEL-59086)
 - cpacfinfo: new tool to provide CPACF information (RHEL-23869)