38 changed files with 7387 additions and 980 deletions
--- a/.fmf/version
+++ b/.fmf/version
@ -1 +0,0 @@
 1
--- a/.gitignore
+++ b/.gitignore
@ -1,9 +1,4 @@
-s390-tools-1.8.2.tar.bz2
+SOURCES/cmsfs-1.1.8c.tar.gz
-cmsfs-1.1.8c.tar.gz
+SOURCES/s390-tools-2.29.0-rust-vendor.tar.xz
-lib-zfcp-hbaapi-2.0.tar.gz
+SOURCES/s390-tools-2.29.0.tar.gz
-src_vipa-2.0.4.tar.gz
+SOURCES/src_vipa-2.1.0.tar.gz
 /lib-zfcp-hbaapi-2.1.tar.gz
 /src_vipa-2.1.0.tar.gz
 /s390-tools-*.tar.bz2
 /s390-tools-*.tar.gz
 /s390-tools-*-rust-vendor.tar.xz
--- a/.s390utils.metadata
+++ b/.s390utils.metadata
@ -0,0 +1,4 @@
 9c9a4e89bddb2b4e6e09ef6fc7c2e6f2ad6316de SOURCES/cmsfs-1.1.8c.tar.gz
 1dcae3e55c2d4d945d0b5c61a12671468aa5f7ef SOURCES/s390-tools-2.29.0-rust-vendor.tar.xz
 e10ffbde7f3fcf4438fdfdd83051ad68518e7be5 SOURCES/s390-tools-2.29.0.tar.gz
 8ed8592a0a9370ce8422df9231ccb17f6cf49bed SOURCES/src_vipa-2.1.0.tar.gz
--- a/SOURCES/00-zipl-prepare.install
+++ b/SOURCES/00-zipl-prepare.install
@ -0,0 +1,9 @@
 #!/bin/bash
 COMMAND="$1"
 KERNEL_VERSION="$2"
 BOOT_DIR_ABS="$3"
 KERNEL_IMAGE="$4"
 # Remove it, since for zipl the images are always installed in /boot
 rm -rf "${BOOT_DIR_ABS%/*}"
--- a/SOURCES/20-zipl-kernel.install
+++ b/SOURCES/20-zipl-kernel.install
@ -54,25 +54,21 @@ EOF
 case "$COMMAND" in
    add)
        if [[ "${KERNEL_DIR}" != "/boot" ]]; then
            # rename to match the name used in the pseudo-BLS snippet above
            cp --remove-destination --preserve=timestamps -T "${KERNEL_IMAGE}" "/boot/vmlinuz-${KERNEL_VERSION}"
            command -v restorecon &>/dev/null && \
                restorecon -R "/boot/vmlinuz-${KERNEL_VERSION}"
            for i in \
                "$KERNEL_IMAGE" \
                    "$KERNEL_DIR"/System.map \
                    "$KERNEL_DIR"/config \
                    "$KERNEL_DIR"/zImage.stub
            do
                [[ -e "$i" ]] || continue
-                cp --preserve=timestamps -T "$i" "/boot/${i##*/}-${KERNEL_VERSION}"
+                cp -aT "$i" "/boot/${i##*/}-${KERNEL_VERSION}"
                command -v restorecon &>/dev/null && \
                    restorecon -R "/boot/${i##*/}-${KERNEL_VERSION}"
            done
            # hmac is .vmlinuz-<version>.hmac so needs a special treatment
            i="$KERNEL_DIR/.${KERNEL_IMAGE##*/}.hmac"
            if [[ -e "$i" ]]; then
-                cp --preserve=timestamps "$i" "/boot/.${KERNEL_IMAGE##*/}-${KERNEL_VERSION}.hmac"
+                cp -a "$i" "/boot/.${KERNEL_IMAGE##*/}-${KERNEL_VERSION}.hmac"
                command -v restorecon &>/dev/null && \
                    restorecon "/boot/.${KERNEL_IMAGE##*/}-${KERNEL_VERSION}.hmac"
            fi
@ -92,10 +88,16 @@ case "$COMMAND" in
                done
            fi
            if ! [[ ${BOOT_OPTIONS[*]} ]]; then
                echo "Could not determine the kernel command line parameters." >&2
                echo "Please specify the kernel command line in /etc/kernel/cmdline!" >&2
                exit 1
            fi
            [[ -d "$BLS_DIR" ]] || mkdir -m 0700 -p "$BLS_DIR"
            BLS_TARGET="${BLS_DIR}/${MACHINE_ID}-${KERNEL_VERSION}.conf"
            if [[ -f "${KERNEL_DIR}/bls.conf" ]]; then
-                cp --preserve=timestamps -T "${KERNEL_DIR}/bls.conf" "${BLS_TARGET}" || exit $?
+                cp -aT "${KERNEL_DIR}/bls.conf" "${BLS_TARGET}" || exit $?
                sed -i -e "s,^linux.*,linux /boot/vmlinuz-${KERNEL_VERSION},g" "${BLS_TARGET}"
                sed -i -e "s,^initrd.*,initrd /boot/initramfs-${KERNEL_VERSION}.img,g" "${BLS_TARGET}"
                sed -i -e "s#^options.*#options ${BOOT_OPTIONS[*]}#g" "${BLS_TARGET}"
@ -116,7 +118,7 @@ case "$COMMAND" in
            if [ "x${MAKEDEBUG}" = "xyes" ]; then
                BLS_DEBUG="$(echo ${BLS_TARGET} | sed -e "s/${KERNEL_VERSION}/${KERNEL_VERSION}~debug/")"
-                cp --preserve=timestamps -T  "${BLS_TARGET}" "${BLS_DEBUG}"
+                cp -aT  "${BLS_TARGET}" "${BLS_DEBUG}"
                TITLE="$(grep '^title[ \t]' "${BLS_DEBUG}" | sed -e 's/^title[ \t]*//')"
 		VERSION="$(grep '^version[ \t]' "${BLS_DEBUG}" | sed -e 's/^version[ \t]*//')"
                BLSID="$(grep '^id[ \t]' "${BLS_DEBUG}" | sed -e "s/${KERNEL_VERSION}/${KERNEL_VERSION}~debug/")"
--- a/SOURCES/52-zipl-rescue.install
+++ b/SOURCES/52-zipl-rescue.install
@ -29,6 +29,12 @@ case "$COMMAND" in
                done
            fi
            if ! [[ ${BOOT_OPTIONS[*]} ]]; then
                echo "Could not determine the kernel command line parameters." >&2
                echo "Please specify the kernel command line in /etc/kernel/cmdline!" >&2
                exit 1
            fi
            BLS_RESCUE="${BLS_DIR}/${MACHINE_ID}-0-rescue.conf"
            if [[ -f "${BLS_RESCUE}" ]] && grep -q '^options.*$kernelopts' "${BLS_RESCUE}"; then
               sed -i -e "s,^linux.*,linux /boot/vmlinuz-0-rescue-${MACHINE_ID},g" "${BLS_RESCUE}"
--- a/SOURCES/91-zipl.install
+++ b/SOURCES/91-zipl.install
--- a/SOURCES/ccw.udev
+++ b/SOURCES/ccw.udev
@ -0,0 +1,13 @@
 ACTION!="add|change", GOTO="ccw_end"
 SUBSYSTEM!="ccw", GOTO="ccw_end"
 ATTRS{cutype}=="1731/01", RUN+="ccw_init"
 ATTRS{cutype}=="1731/02", RUN+="ccw_init"
 ATTRS{cutype}=="1731/05", RUN+="ccw_init"
 ATTRS{cutype}=="1731/06", RUN+="ccw_init"
 ATTRS{cutype}=="3088/01", RUN+="ccw_init"
 ATTRS{cutype}=="3088/08", RUN+="ccw_init"
 ATTRS{cutype}=="3088/60", RUN+="ccw_init"
 ATTRS{cutype}=="3088/61", RUN+="ccw_init"
 ATTRS{cutype}=="3088/1e", RUN+="ccw_init"
 ATTRS{cutype}=="3088/1f", RUN+="ccw_init"
 LABEL="ccw_end"
--- a/SOURCES/ccw_init
+++ b/SOURCES/ccw_init
--- a/SOURCES/cmsfs-1.1.8-args.patch
+++ b/SOURCES/cmsfs-1.1.8-args.patch
@ -0,0 +1,12 @@
 diff -up cmsfs-1.1.8c/cmsfslst.c.orig cmsfs-1.1.8c/cmsfslst.c
 --- cmsfs-1.1.8c/cmsfslst.c.orig	2020-08-19 09:47:36.459063820 +0000
 +++ cmsfs-1.1.8c/cmsfslst.c	2020-08-19 09:47:45.619063820 +0000
@@ -49,7 +49,7 @@ int main(int argc,unsigned char *argv[])
       }
     /*  sanity check  */
 -    if (*devname == 0x00)
 +    if ((devname == NULL) || (*devname == 0x00))
       {
         (void) fprintf(stderr,"Please specify a CMS volume.\n");
         (void) fprintf(stderr,USAGE,argv[0]);
--- a/SOURCES/cmsfs-1.1.8-kernel26.patch
+++ b/SOURCES/cmsfs-1.1.8-kernel26.patch
@ -0,0 +1,12 @@
 diff -urN cmsfs-1.1.8/cmsfssed.sh cmsfs-1.1.8_/cmsfssed.sh
 --- cmsfs-1.1.8/cmsfssed.sh	2003-02-28 17:52:59.000000000 -0500
 +++ cmsfs-1.1.8_/cmsfssed.sh	2004-05-28 16:36:22.000000000 -0400
@@ -85,7 +85,7 @@
         DRIVER_SOURCE="cmsfs22x.c"
         MODULES_DIRECTORY="/lib/modules/`uname -r`/fs"
         ;;
 -    2.4*|2.5*)
 +    2.4*|2.5*|2.6*|3.*|4.*)
         LINUX_RELEASE="2.4"
 #       ln -s cmsfs24x.c cmsfsvfs.c
         INCLUDES="-I/lib/modules/`uname -r`/build/include"
--- a/SOURCES/cmsfs-1.1.8-use-detected-filesystem-block-size-on-FBA-devices.patch
+++ b/SOURCES/cmsfs-1.1.8-use-detected-filesystem-block-size-on-FBA-devices.patch
@ -0,0 +1,31 @@
 From 25442f958a12b428b7d063b927ac48965dcd8164 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Dan=20Hor=C3=A1k?= <dan@danny.cz>
 Date: Fri, 28 Jan 2011 16:11:19 +0100
 Subject: [PATCH] use detected filesystem block size on FBA devices
 If a FBA device is not properly formated, then the CMS file system can
 have a different block size. The cmsfs tools were able to detect the file
 system block size, but in fact they still used default 512 instead. And
 using the default was causing crashes. Now the detected value is used.
 https://bugzilla.redhat.com/show_bug.cgi?id=651012
 ---
 cmsfsany.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
 diff --git a/cmsfsany.c b/cmsfsany.c
 index 55bcfdc..18efffb 100644
 --- a/cmsfsany.c
 +++ b/cmsfsany.c
@@ -102,7 +102,7 @@ int cmsfs_find_label(struct CMSSUPER *vol,struct CMSFSADT *adt)
             cmsfs_error(cmsfs_ermsg);
           }
         vol->flags = CMSFSFBA;
 -        vol->blksz = 512;
 +        vol->blksz = blksz;
         return vol->blksz;
       } }
 -- 
 1.7.3.5
--- a/SOURCES/cmsfs-1.1.8-warnings.patch
+++ b/SOURCES/cmsfs-1.1.8-warnings.patch
@ -0,0 +1,11 @@
 --- cmsfs-1.1.8/cmsfsvol.c.warnings	2003-07-18 01:38:57.000000000 +0200
 +++ cmsfs-1.1.8/cmsfsvol.c	2005-09-06 16:57:15.000000000 +0200
@@ -52,7 +52,7 @@
     /*  print a header;  looks like CMS  */
     (void) printf("LABEL  VDEV M  STAT   CYL TYPE \
 -BLKSZ   FILES  BLKS USED-(%) BLKS LEFT  BLK TOTAL\n");
 +BLKSZ   FILES  BLKS USED-(%%) BLKS LEFT  BLK TOTAL\n");
     for (      ; i < argc ; i++)
       {
--- a/SOURCES/dasd.udev
+++ b/SOURCES/dasd.udev
--- a/SOURCES/dasdconf.sh
+++ b/SOURCES/dasdconf.sh
--- a/SOURCES/device_cio_free
+++ b/SOURCES/device_cio_free
--- a/SOURCES/device_cio_free.service
+++ b/SOURCES/device_cio_free.service
@ -7,6 +7,7 @@ Before=sysinit.target systemd-udev-trigger.service
 Type=oneshot
 RemainAfterExit=yes
 ExecStart=/usr/sbin/device_cio_free
 StandardOutput=syslog
 [Install]
 WantedBy=sysinit.target
--- a/SOURCES/normalize_dasd_arg
+++ b/SOURCES/normalize_dasd_arg
--- a/SOURCES/s390-tools-zipl-blscfg-rpm-nvr-sort.patch
+++ b/SOURCES/s390-tools-zipl-blscfg-rpm-nvr-sort.patch
--- a/SOURCES/s390-tools-zipl-invert-script-options.patch
+++ b/SOURCES/s390-tools-zipl-invert-script-options.patch
--- a/SOURCES/s390utils-2.29.0-rhel.patch
+++ b/SOURCES/s390utils-2.29.0-rhel.patch
--- a/SOURCES/src_vipa-2.1.0-deprecate.patch
+++ b/SOURCES/src_vipa-2.1.0-deprecate.patch
@ -0,0 +1,12 @@
 diff -up s390-tools-2.2.0/src_vipa-2.1.0/Makefile.orig s390-tools-2.2.0/src_vipa-2.1.0/Makefile
 --- s390-tools-2.2.0/src_vipa-2.1.0/Makefile.orig	2020-02-21 13:51:23.502305796 +0100
 +++ s390-tools-2.2.0/src_vipa-2.1.0/Makefile	2020-02-21 13:53:51.353817181 +0100
@@ -44,6 +44,8 @@ src_vipa.sh:
 	echo '#!/bin/bash' > src_vipa.sh
 	echo 'export LD_LIBRARY_PATH=$(LIBDIR):$$LD_LIBRARY_PATH' >> src_vipa.sh
 	echo 'export LD_PRELOAD=$(LIBDIR)/src_vipa.so' >> src_vipa.sh
 +	echo 'echo "WARNING: The src_vipa (flexible source address selection) feature is DEPRECATED"' >> src_vipa.sh
 +	echo 'echo "WARNING: It will be removed in the future."' >> src_vipa.sh
 	echo 'exec $$@' >> src_vipa.sh
 	chmod 755 src_vipa.sh
--- a/SOURCES/zfcp.udev
+++ b/SOURCES/zfcp.udev
--- a/SOURCES/zfcpconf.sh
+++ b/SOURCES/zfcpconf.sh
--- a/SPECS/s390utils.spec
+++ b/SPECS/s390utils.spec
--- a/ccw.udev
+++ b/ccw.udev
@ -1,4 +0,0 @@
 ACTION!="add|bind|change", GOTO="ccw_end"
 SUBSYSTEM!="ccw", GOTO="ccw_end"
 DRIVER=="ctcm|lcs|qeth", RUN+="ccw_init"
 LABEL="ccw_end"
--- a/gating.yaml
+++ b/gating.yaml
@ -1,6 +0,0 @@
 --- !Policy
 product_versions:
  - rhel-10
 decision_context: osci_compose_gate
 rules:
  - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.beaker-tier1.functional}
--- a/plans/gating-multiarch.fmf
+++ b/plans/gating-multiarch.fmf
@ -1,14 +0,0 @@
 summary: Run s390utils multiarch gating tests
 discover:
  how: fmf
  test:
   - "^/tests/sanity-multiarch"
 execute:
  how: tmt
 adjust:
  - when: arch = s390x
    enabled: false
    because: The s390utils package here is for non-s390x platforms only.
--- a/plans/gating.fmf
+++ b/plans/gating.fmf
@ -1,14 +0,0 @@
 summary: Run s390utils gating tests
 discover:
  how: fmf
  test:
   - "^/tests/sanity"
 execute:
  how: tmt
 adjust:
  - when: arch != s390x
    enabled: false
    because: The s390utils package here is for the s390x platform only.
--- a/plans/main.fmf
+++ b/plans/main.fmf
--- a/rpminspect.yaml
+++ b/rpminspect.yaml
@ -1,9 +0,0 @@
 ---
 pathmigration:
    excluded_paths:
        - /lib/s390-tools
 badfuncs:
    allowed:
        /usr/sbin/qethqoat:
            - inet_ntoa
--- a/s390utils-2.38.0-rhel.patch
+++ b/s390utils-2.38.0-rhel.patch
@ -1,167 +0,0 @@
 From 070317ddb8613243ab284aa3c861f6374fc016ec Mon Sep 17 00:00:00 2001
 From: Shalini Chellathurai Saroja <shalini@linux.ibm.com>
 Date: Fri, 16 May 2025 16:47:24 +0200
 Subject: [PATCH] cpi: Disable CPI for SEL guests by default (RHEL-76930)
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 The cpictl utility sends control-program identification data
 from protected virtualization guests to hosts by default.
 This behaviour leaks the below potentially sensitive
 information to untrusted hosts.
 - system_type
 - system_level
 - sysplex_name
 - system_name
 To prevent this behaviour, enhance the cpictl utility to stop
 setting CPI information on protected virtualization guests by
 default. If the user chooses to set the CPI information, it
 could be set by one of the below options
 - use the command line option --permit-cpi
 - set the environment variable CPI_PERMIT_ON_PVGUEST to 1 to
 control the CPI service behaviour during boot
 Signed-off-by: Hendrik Brueckner <brueckner@linux.ibm.com>
 Signed-off-by: Shalini Chellathurai Saroja <shalini@linux.ibm.com>
 Reviewed-by: Jan Höppner <hoeppner@linux.ibm.com>
 Reviewed-by: Peter Oberparleiter <oberpar@linux.ibm.com>
 Reviewed-by: Hendrik Brueckner <brueckner@linux.ibm.com>
 Signed-off-by: Jan Höppner <hoeppner@linux.ibm.com>
 (cherry picked from commit ce9c518b977925cc4c9eb92a3e508762fd57f551)
 ---
 etc/sysconfig/cpi      | 14 ++++++++++++++
 scripts/cpictl         | 39 +++++++++++++++++++++++++++++++++++++--
 systemd/cpi.service.in |  1 +
 3 files changed, 52 insertions(+), 2 deletions(-)
 diff --git a/etc/sysconfig/cpi b/etc/sysconfig/cpi
 index 866b589..78eb632 100644
 --- a/etc/sysconfig/cpi
 +++ b/etc/sysconfig/cpi
@@ -18,3 +18,17 @@ CPI_SYSTEM_NAME=""
 # CPI sysplex name
 #
 CPI_SYSPLEX_NAME=""
 +
 +#
 +# CPI permit on protected virtualization guests
 +#
 +# Important: Set CPI_PERMIT_ON_PVGUEST=1 only if you trust the host system.
 +# Enabling these options allows the host to receive potentially sensitive
 +# Control-Program Identification (CPI) data from the protected virtualization
 +# guest, including:
 +# - system_type
 +# - system_level
 +# - sysplex_name
 +# - system_name
 +#
 +CPI_PERMIT_ON_PVGUEST=
 diff --git a/scripts/cpictl b/scripts/cpictl
 index 16cadde..6096a67 100755
 --- a/scripts/cpictl
 +++ b/scripts/cpictl
@@ -32,6 +32,9 @@ declare TYPE
 declare NAME
 declare SYSPLEX
 +declare PV_GUEST
 +declare -i CPI_PERMIT="$CPI_PERMIT_ON_PVGUEST"
 +
 declare -i DRYRUN=0
 # Exit codes
@@ -40,6 +43,7 @@ readonly EXIT_FAILURE=1
 readonly EXIT_ARG_TOO_LONG=3
 readonly EXIT_INVALID_CHARS=4
 readonly EXIT_INVALID_ARGS=5
 +readonly EXIT_NO_PERMIT_CPI=6
 # Distro-IDs as supported by SE/HMC firmware
 readonly DISTRO_GENERIC=0
@@ -69,6 +73,10 @@ Configure the Control-Program-Information (CPI) settings.
   -S, --sysplex SYSPLEX  Set and commit the sysplex name to SYSPLEX
   -T, --type TYPE        Set and commit OS type to TYPE
   -v, --version          Print version information, then exit
 +  --permit-cpi           Permit to send Control-Program Identification data of
 +                         protected virtualization guest to the host (must be
 +                         specified before any commit option). See also the
 +                         important note.
   --commit               Ignore all other options and commit any uncommitted
                          values
   --dry-run              Do not actually set or commit anything, but show what
@@ -77,7 +85,17 @@ Configure the Control-Program-Information (CPI) settings.
                          uncommitted) values
 Environment variables used for the --defaults option:
 -  CPI_SYSTEM_TYPE, CPI_SYSTEM_LEVEL, CPI_SYSTEM_NAME, CPI_SYSPLEX_NAME
 +  CPI_SYSTEM_TYPE, CPI_SYSTEM_LEVEL, CPI_SYSTEM_NAME, CPI_SYSPLEX_NAME,
 +  CPI_PERMIT_ON_PVGUEST (See also the important note.)
 +
 +Important: Set CPI_PERMIT_ON_PVGUEST=1 or use --permit_cpi option only if you
 +trust the host system. Enabling these options allows the host to receive
 +potentially sensitive Control-Program Identification (CPI) data from the
 +protected virtualization guest, including:
 +- system_type
 +- system_level
 +- sysplex_name
 +- system_name
 Available bits for the --set-bit option:
   kvm: Indicate that system is a KVM host
@@ -124,6 +142,19 @@ fail_with()
 cpi_commit()
 {
 +	# Commit Control-Program Identification changes on protected
 +	# virtualization guests only if it is permitted by the guest. This
 +	# prevents leakage of potentially sensitive information to untrusted
 +	# hosts.
 +	if [[ -f "/sys/firmware/uv/prot_virt_guest" ]]; then
 +		read -r PV_GUEST < "/sys/firmware/uv/prot_virt_guest"
 +		if [[ "$PV_GUEST" -eq 1 ]]; then
 +			if [[ -z "$CPI_PERMIT" ]] || [[ "$CPI_PERMIT" -ne 1 ]]; then
 +				echo "Sending CPI data from secure execution Linux guests is disabled. Use --permit-cpi to enable CPI data." >&2
 +				exit "$EXIT_NO_PERMIT_CPI"
 +			fi
 +		fi
 +	fi
 	echo 1 > "$CPI_SET" 2> /dev/null
 }
@@ -404,7 +435,7 @@ if [ $# -le 0 ]; then
 	print_parse_error_and_exit
 fi
 -opts=$(getopt -o b:ehL:N:S:T:v -l set-bit:,environment,help,level:,name:,sysplex:,type:,commit,dry-run,show,version -n $PRG -- "$@")
 +opts=$(getopt -o b:ehL:N:S:T:v -l set-bit:,environment,help,level:,name:,sysplex:,type:,commit,dry-run,permit-cpi,show,version -n "$PRG" -- "$@")
 if [ $? -ne 0 ]; then
 	print_parse_error_and_exit
 fi
@@ -473,6 +504,10 @@ while [ -n $1 ]; do
 		cpi_show
 		exit $EXIT_SUCCESS
 		;;
 +	--permit-cpi)
 +		CPI_PERMIT=1
 +		shift
 +		;;
 	--commit)
 		cpi_commit
 		exit $EXIT_SUCCESS
 diff --git a/systemd/cpi.service.in b/systemd/cpi.service.in
 index 3976f68..ca21a8b 100644
 --- a/systemd/cpi.service.in
 +++ b/systemd/cpi.service.in
@@ -37,6 +37,7 @@ EnvironmentFile=@sysconf_path@/sysconfig/cpi
 # Environment=CPI_SYSPLEX_NAME=
 # Environment=CPI_SYSTEM_LEVEL=
 # Environment=CPI_SYSTEM_TYPE=LINUX
 +# Environment=CPI_PERMIT_ON_PVGUEST=
 #
 # Sending data to the HMC/SE
 -- 
 2.50.1
--- a/2
+++ b/2
@ -1,2 +0,0 @@
 SHA512 (s390-tools-2.38.0.tar.gz) = 9ca9393e9deeab5c1df5e9eaa3c12e340917ffd5fe07d9a09087d6488d8e2ec0a136805650830d128595854b818a1da94151003e15954e556ba373b226a7369e
 SHA512 (s390-tools-2.38.0-rust-vendor.tar.xz) = c55d2870ad9f90333de2536e7921951185746f0972d5d488bf317b56e754525e4dbd0f63d547229197199b51d41b7032172b6ba7ffacd9a96a01dbd13b9c4d9e
--- a/tests/sanity-multiarch/main.fmf
+++ b/tests/sanity-multiarch/main.fmf
@ -1,16 +0,0 @@
 summary: sanity-multiarch
 description: |
    Basic test for multiarch s390utils
 contact: Daniel Horak <dhorak@redhat.com>
 component:
  - s390utils
 test: ./runtest.sh
 framework: beakerlib
 require:
  - s390utils
 duration: 5m
 enabled: true
 adjust:
  - when: arch = s390x
    enabled: false
    because: This test applies to the multiarch tools.
--- a/tests/sanity-multiarch/runtest.sh
+++ b/tests/sanity-multiarch/runtest.sh
@ -1,53 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /CoreOS/s390utils/Sanity/smoke-functionality
 #   Description: Smoke, Sanity and function tests
 #   Author: Dan Horák <sharkcz@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2025 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="s390utils"
 rlJournalStart
    rlPhaseStartSetup
        rlAssertRpm $PACKAGE
        rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
        rlRun "pushd $TmpDir"
    rlPhaseEnd
    rlPhaseStartTest "General tests"
        rlRun "genprotimg --version"
        rlRun "pvattest --version"
        rlRun "pvimg --version"
        rlRun "pvsecret --version"
    rlPhaseEnd
    rlPhaseStartCleanup
        rlRun "popd"
        rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
--- a/tests/sanity/extract-module-sig.pl
+++ b/tests/sanity/extract-module-sig.pl
@ -1,138 +0,0 @@
 #!/usr/bin/env perl
 # SPDX-License-Identifier: GPL-2.0
 #
 # extract-mod-sig <part> <module-file>
 #
 # Reads the module file and writes out some or all of the signature
 # section to stdout.  Part is the bit to be written and is one of:
 #
 #  -0: The unsigned module, no signature data at all
 #  -a: All of the signature data, including magic number
 #  -d: Just the descriptor values as a sequence of numbers
 #  -n: Just the signer's name
 #  -k: Just the key ID
 #  -s: Just the crypto signature or PKCS#7 message
 #
 use warnings;
 use strict;
 die "Format: $0 -[0adnks] module-file >out\n"
    if ($#ARGV != 1);
 my $part = $ARGV[0];
 my $modfile = $ARGV[1];
 my $magic_number = "~Module signature appended~\n";
 #
 # Read the module contents
 #
 open FD, "<$modfile" || die $modfile;
 binmode(FD);
 my @st = stat(FD);
 die "$modfile" unless (@st);
 my $buf = "";
 my $len = sysread(FD, $buf, $st[7]);
 die "$modfile" unless (defined($len));
 die "Short read on $modfile\n" unless ($len == $st[7]);
 close(FD) || die $modfile;
 print STDERR "Read ", $len, " bytes from module file\n";
 die "The file is too short to have a sig magic number and descriptor\n"
    if ($len < 12 + length($magic_number));
 #
 # Check for the magic number and extract the information block
 #
 my $p = $len - length($magic_number);
 my $raw_magic = substr($buf, $p);
 die "Magic number not found at $len\n"
    if ($raw_magic ne $magic_number);
 print STDERR "Found magic number at $len\n";
 $p -= 12;
 my $raw_info = substr($buf, $p, 12);
 my @info = unpack("CCCCCxxxN", $raw_info);
 my ($algo, $hash, $id_type, $name_len, $kid_len, $sig_len) = @info;
 if ($id_type == 0) {
    print STDERR "Found PGP key identifier\n";
 } elsif ($id_type == 1) {
    print STDERR "Found X.509 cert identifier\n";
 } elsif ($id_type == 2) {
    print STDERR "Found PKCS#7/CMS encapsulation\n";
 } else {
    print STDERR "Found unsupported identifier type $id_type\n";
 }
 #
 # Extract the three pieces of info data
 #
 die "Insufficient name+kid+sig data in file\n"
    unless ($p >= $name_len + $kid_len + $sig_len);
 $p -= $sig_len;
 my $raw_sig = substr($buf, $p, $sig_len);
 $p -= $kid_len;
 my $raw_kid = substr($buf, $p, $kid_len);
 $p -= $name_len;
 my $raw_name = substr($buf, $p, $name_len);
 my $module_len = $p;
 if ($sig_len > 0) {
    print STDERR "Found $sig_len bytes of signature [";
    my $n = $sig_len > 16 ? 16 : $sig_len;
    foreach my $i (unpack("C" x $n, substr($raw_sig, 0, $n))) {
 	printf STDERR "%02x", $i;
    }
    print STDERR "]\n";
 }
 if ($kid_len > 0) {
    print STDERR "Found $kid_len bytes of key identifier [";
    my $n = $kid_len > 16 ? 16 : $kid_len;
    foreach my $i (unpack("C" x $n, substr($raw_kid, 0, $n))) {
 	printf STDERR "%02x", $i;
    }
    print STDERR "]\n";
 }
 if ($name_len > 0) {
    print STDERR "Found $name_len bytes of signer's name [$raw_name]\n";
 }
 #
 # Produce the requested output
 #
 if ($part eq "-0") {
    # The unsigned module, no signature data at all
    binmode(STDOUT);
    print substr($buf, 0, $module_len);
 } elsif ($part eq "-a") {
    # All of the signature data, including magic number
    binmode(STDOUT);
    print substr($buf, $module_len);
 } elsif ($part eq "-d") {
    # Just the descriptor values as a sequence of numbers
    print join(" ", @info), "\n";
 } elsif ($part eq "-n") {
    # Just the signer's name
    print STDERR "No signer's name for PKCS#7 message type sig\n"
 	if ($id_type == 2);
    binmode(STDOUT);
    print $raw_name;
 } elsif ($part eq "-k") {
    # Just the key identifier
    print STDERR "No key ID for PKCS#7 message type sig\n"
 	if ($id_type == 2);
    binmode(STDOUT);
    print $raw_kid;
 } elsif ($part eq "-s") {
    # Just the crypto signature or PKCS#7 message
    binmode(STDOUT);
    print $raw_sig;
 }
--- a/tests/sanity/main.fmf
+++ b/tests/sanity/main.fmf
@ -1,16 +0,0 @@
 summary: sanity
 description: |
    Basic test for s390utils
 contact: Daniel Horak <dhorak@redhat.com>
 component:
  - s390utils
 test: ./runtest.sh
 framework: beakerlib
 require:
  - s390utils-base
 duration: 5m
 enabled: true
 adjust:
  - when: arch != s390x
    enabled: false
    because: This this package is s390x only
--- a/tests/sanity/runtest.sh
+++ b/tests/sanity/runtest.sh
@ -1,168 +0,0 @@
 #!/bin/bash
 # vim: dict+=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   runtest.sh of /CoreOS/s390utils/Sanity/smoke-functionality
 #   Description: Smoke, Sanity and function tests
 #   Author: Dan Horák <sharkcz@redhat.com>
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 #
 #   Copyright (c) 2019 Red Hat, Inc.
 #
 #   This program is free software: you can redistribute it and/or
 #   modify it under the terms of the GNU General Public License as
 #   published by the Free Software Foundation, either version 2 of
 #   the License, or (at your option) any later version.
 #
 #   This program is distributed in the hope that it will be
 #   useful, but WITHOUT ANY WARRANTY; without even the implied
 #   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
 #   PURPOSE.  See the GNU General Public License for more details.
 #
 #   You should have received a copy of the GNU General Public License
 #   along with this program. If not, see http://www.gnu.org/licenses/.
 #
 # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 # Include Beaker environment
 . /usr/share/beakerlib/beakerlib.sh || exit 1
 PACKAGE="s390utils-base"
 EXTRACT="$PWD/extract-module-sig.pl"
 rlJournalStart
    rlPhaseStartSetup
        rlAssertRpm $PACKAGE
        rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
        rlRun "pushd $TmpDir"
    rlPhaseEnd
    rlPhaseStartTest "General tests"
        rlRun "chccwdev --version"
        rlRun "chchp --version"
        rlRun "chcpumf --version"
        rlRun "chreipl --version"
        rlRun "chshut --version"
        rlRun "chzcrypt --version"
        rlRun "chzdev --version"
        rlRun "cio_ignore --version"
        rlRun "dasdfmt --version"
        rlRun "dasdinfo --version"
        rlRun "dasdstat --version"
        rlRun "dasdview --version"
        rlRun "fdasd --version"
        rlRun "hyptop --version"
        rlRun "lschp --version"
        rlRun "lscpumf --version"
        rlRun "lscss --version"
        rlRun "lsdasd --version"
        rlRun "lsqeth --version"
        rlRun "lsluns --version"
        rlRun "lsreipl --version"
        rlRun "lsscm --version"
        rlRun "lsshut --version"
        rlRun "lstape --version"
        rlRun "lszcrypt --version"
        rlRun "lszdev --version"
        rlRun "lszfcp --version"
        rlRun "qetharp --version"
        rlRun "qethconf --version"
        rlRun "qethqoat --version"
        rlRun "tape390_crypt --version"
        rlRun "tape390_display --version"
        rlRun "ttyrun --version"
        rlRun "tunedasd --version"
        rlRun "vmcp --version"
        rlRun "vmur --version"
        rlRun "zcryptctl --version"
        rlRun "zcryptstats --version"
        rlRun "zfcpdbf --version"
        rlRun "zgetdump --version"
        rlRun "zipl --version"
        rlRun "znetconf --version"
        rlRun "zpcictl --version"
        rlRun "zkey --version"
        rlRun "zkey-cryptsetup --version"
    rlPhaseEnd
    rlPhaseStartTest "s390utils 2.15.1+ - RHEL 8.4+ and RHEL 9"
        rlRun "hsci --version"
        rlRun "lsstp --version"
        # check for perl-free s390utils-core
        rlRun "rpm -q --requires s390utils-core | grep -q perl" 1 "Checking Perl deps in s390utils-core"
        # check kernel installation, must not create /boot/<machineid>
        if [ $UID -eq 0 ]; then
            if rlCheckRpm kernel-core; then
                rlRun "dnf -y reinstall kernel-core" 0 "Reinstalling the kernel to verify BLS scripts function"
                rlAssertNotExists /boot/`cat /etc/machine-id`
            else
                rlLog "Skipping kernel reinstallation / BLS test, kernel-core not installed, probably running in a container"
            fi
        else
            rlLog "Skipping kernel reinstallation / BLS test, needs root permissions"
        fi
    rlPhaseEnd
    rlPhaseStartTest "s390utils 2.16.0+ - RHEL 8.5+ and RHEL 9"
        rlRun "lshwc --version"
    rlPhaseEnd
    rlPhaseStartTest "s390utils 2.19.0+ - RHEL 8.6+ and RHEL 9"
        rlRun "hsavmcore --version"
        rlRun "sclpdbf --version"
        rlRun "zipl-editenv --version"
    rlPhaseEnd
    rlPhaseStartTest "s390utils 2.22.0+ - RHEL 8.7+ and RHEL 9.1+"
        rlRun "pai --version"
        rlRun "pvattest --version"
        rlRun "pvextract-hdr -h"
    rlPhaseEnd
    rlPhaseStartTest "s390utils 2.25.0+ - RHEL 8.8+ and RHEL 9.2+"
        # no new tools
    rlPhaseEnd
    rlPhaseStartTest "s390utils 2.27.0+ - RHEL 8.9+ and RHEL 9.3+"
        # no new tools
    rlPhaseEnd
    rlPhaseStartTest "s390utils 2.29.0+ - RHEL 8.10+ and RHEL 9.4+"
        rlRun "pvsecret --version"
    rlPhaseEnd
    rlPhaseStartTest "s390utils 2.33.1+ - RHEL 9.5+ and RHEL 10"
        rlRun "chpstat --version"
        rlRun "lspai --version"
    rlPhaseEnd
    rlPhaseStartTest "s390utils 2.36.0+ - RHEL 9.6+ and RHEL 10"
        rlRun "opticsmon --version"
        rlRun "cpacfinfo --version"
        rlRun "pvimg --version"
    rlPhaseEnd
    rlPhaseStartTest "s390utils 2.38.0+ - RHEL 9.7+ and RHEL 10.1+"
        rlRun "zmemtopo --version"
        rlRun "zpwr --version"
    rlPhaseEnd
    rlPhaseStartTest "Bootloader signature"
        # only RHEL has signed bootloader
        if rlIsRHEL '>=8'; then
            rlRun "$EXTRACT -s /usr/lib/s390-tools/stage3.bin > stage3.bin.sig" 0 "Check bootloader signature"
        else
            rlLog "Skipping bootloader signature check, not on RHEL"
        fi
    rlPhaseEnd
    rlPhaseStartCleanup
        rlRun "popd"
        rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
    rlPhaseEnd
 rlJournalPrintText
 rlJournalEnd
		`@ -1,2 +0,0 @@`
			`SHA512 (s390-tools-2.38.0.tar.gz) = 9ca9393e9deeab5c1df5e9eaa3c12e340917ffd5fe07d9a09087d6488d8e2ec0a136805650830d128595854b818a1da94151003e15954e556ba373b226a7369e`
			`SHA512 (s390-tools-2.38.0-rust-vendor.tar.xz) = c55d2870ad9f90333de2536e7921951185746f0972d5d488bf317b56e754525e4dbd0f63d547229197199b51d41b7032172b6ba7ffacd9a96a01dbd13b9c4d9e`