diff --git a/Add-support-for-DIM.patch b/Add-support-for-DIM.patch new file mode 100644 index 0000000..f250cf6 --- /dev/null +++ b/Add-support-for-DIM.patch @@ -0,0 +1,27 @@ +From 47d79f48c0f5d4b5ce02e33d54fb1954df41fb2f Mon Sep 17 00:00:00 2001 +From: zhangyiru330 +Date: Mon, 7 Mar 2022 14:32:49 +0800 +Subject: [PATCH] Add support for DIM + +--- + pesign-repackage.spec.in | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/pesign-repackage.spec.in b/pesign-repackage.spec.in +index 6dae3a9..8b4b550 100644 +--- a/pesign-repackage.spec.in ++++ b/pesign-repackage.spec.in +@@ -138,6 +138,10 @@ for sig in "${sigs[@]}"; do + mkdir -p %buildroot/etc/ima/digest_lists.sig + cp $sig %buildroot/etc/ima/digest_lists.sig + ;; ++ */etc/dim/digest_list/*) ++ mkdir -p %buildroot/etc/dim/digest_list ++ cp $sig %buildroot/etc/dim/digest_list ++ ;; + *.ko.sig) + /usr/lib/rpm/pesign/kernel-sign-file -i pkcs7 -s "$sig" sha256 "$cert" "$f" + ;; +-- +1.8.3.1 + diff --git a/pesign-obs-integration.spec b/pesign-obs-integration.spec index 3eabdc7..253548f 100644 --- a/pesign-obs-integration.spec +++ b/pesign-obs-integration.spec @@ -23,7 +23,7 @@ Summary: Macros and scripts to sign the kernel and bootloader License: GPL-2.0-only Group: Development/Tools/Other Version: 10.1 -Release: 2 +Release: 3 Requires: fipscheck %if 0%{?suse_version} Requires: mozilla-nss-tools @@ -43,6 +43,7 @@ Patch2: Skip-processing-of-ghost-files-as-they-are-not-extra.patch Patch3: Add-support-for-digest-lists.patch Patch4: Don-t-set-files-variable-in-brp-99-pesign.patch Patch5: Disable-building-debug-packages.patch +Patch6: Add-support-for-DIM.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %if 0%{?suse_version} # suse-module-tools <= 15.0.10 contains modsign-verify @@ -87,6 +88,9 @@ fi /usr/lib/rpm/* %changelog +* Mon Mar 07 2022 w00559322 - 10.1-3 +- Add Add-support-for-DIM.patch + * Wed Jul 22 2020 Roberto Sassu - 10.1-2 - Add Require-nss-util-for-building-in-pesign-repackage.sp.patch