Change .s.0 to .s.1 for newer kernel, and add SIG cert
This commit is contained in:
parent
90871a3baf
commit
021646197c
GPG Key ID:
DCDF010D946438C1
|
|
@ -17,6 +17,7 @@ go_library(
|
|||
"data/kvm_stat.logrotate",
|
||||
"data/mod-denylist.sh",
|
||||
"data/mod-sign.sh",
|
||||
"data/rocky-sigkernel.cer",
|
||||
"data/rockykpatch1.x509",
|
||||
"data/x509.genkey",
|
||||
"data/rockydup1.x509",
|
||||
|
|
|
|||
|
|
@ -55,13 +55,6 @@
|
|||
%global signmodules 0
|
||||
%endif
|
||||
|
||||
### BCAT
|
||||
# Further investigation is required before these features
|
||||
# are enabled for the ELRepo Project kernels.
|
||||
%global signkernel 0
|
||||
%global signmodules 0
|
||||
### BCAT
|
||||
|
||||
# Compress modules on all architectures that build modules.
|
||||
%ifarch x86_64 || aarch64
|
||||
%global zipmodules 1
|
||||
|
|
@ -247,11 +240,13 @@ Source2000: cpupower.service
|
|||
Source2001: cpupower.config
|
||||
Source2002: kvm_stat.logrotate
|
||||
|
||||
Source3000: rocky-sigkernel.cer
|
||||
|
||||
%if %{signkernel}
|
||||
%define secureboot_ca_0 %{_datadir}/pki/sb-certs/secureboot-ca-%{_arch}.cer
|
||||
%define secureboot_key_0 %{_datadir}/pki/sb-certs/secureboot-kernel-%{_arch}.cer
|
||||
%define secureboot_key_0 %{SOURCE3000}
|
||||
|
||||
%define pesign_name_0 redhatsecureboot501
|
||||
%define pesign_name_0 rockybootsigningsigkernelcert
|
||||
%endif
|
||||
|
||||
%description
|
||||
|
|
@ -707,6 +702,7 @@ popd > /dev/null
|
|||
|
||||
%install
|
||||
%define __modsign_install_post \
|
||||
pushd linux-%{KVERREL} > /dev/null \
|
||||
if [ "%{signmodules}" -eq "1" ]; then \
|
||||
if [ "%{with_std}" -ne "0" ]; then \
|
||||
%{SOURCE21} certs/signing_key.pem.sign certs/signing_key.x509.sign $RPM_BUILD_ROOT/lib/modules/%{KVERREL}/ \
|
||||
|
|
@ -1404,7 +1400,7 @@ fi
|
|||
### BCAT
|
||||
|
||||
%files -n %{name}-tools-libs
|
||||
%{_libdir}/libcpupower.so.0
|
||||
%{_libdir}/libcpupower.so.1
|
||||
%{_libdir}/libcpupower.so.0.0.1
|
||||
|
||||
%files -n %{name}-tools-libs-devel
|
||||
|
|
@ -1488,3 +1484,7 @@ fi
|
|||
%kernel_ml_variant_files %{_use_vdso} %{with_std}
|
||||
|
||||
%changelog
|
||||
{{range $val := .Changelog}}
|
||||
* {{$val.Date}} {{$val.Name}} - {{$val.Version}}-{{$val.BuildID}}
|
||||
- {{$val.Text}}
|
||||
{{end}}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,30 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIFLDCCBBSgAwIBAgIBFTANBgkqhkiG9w0BAQsFADCB1DELMAkGA1UEBhMCVVMx
|
||||
ETAPBgNVBAgMCERlbGF3YXJlMQ4wDAYDVQQHDAVEb3ZlcjEtMCsGA1UECgwkUm9j
|
||||
a3kgRW50ZXJwcmlzZSBTb2Z0d2FyZSBGb3VuZGF0aW9uMSEwHwYDVQQLDBhSZWxl
|
||||
YXNlIGVuZ2luZWVyaW5nIHRlYW0xKDAmBgNVBAMMH1JvY2t5IExpbnV4IFNlY3Vy
|
||||
ZSBCb290IFJvb3QgQ0ExJjAkBgkqhkiG9w0BCQEWF3NlY3VyaXR5QHJvY2t5bGlu
|
||||
dXgub3JnMB4XDTIzMTAxOTE5MzczNloXDTI0MTAxODE5MzczNlowgeMxCzAJBgNV
|
||||
BAYTAlVTMREwDwYDVQQIDAhEZWxhd2FyZTEOMAwGA1UEBwwFRG92ZXIxLTArBgNV
|
||||
BAoMJFJvY2t5IEVudGVycHJpc2UgU29mdHdhcmUgRm91bmRhdGlvbjEhMB8GA1UE
|
||||
CwwYUmVsZWFzZSBlbmdpbmVlcmluZyB0ZWFtMTcwNQYDVQQDDC5Sb2NreSBMaW51
|
||||
eCBLZXJuZWwgU0lHIEtlcm5lbCBTaWduaW5nIENlcnQgMTAxMSYwJAYJKoZIhvcN
|
||||
AQkBFhdzZWN1cml0eUByb2NreWxpbnV4Lm9yZzCCAaIwDQYJKoZIhvcNAQEBBQAD
|
||||
ggGPADCCAYoCggGBALd7czYlm7KN34SFNxIYktTHMMfw5TdOTB9tm8IDN8YVvCMP
|
||||
nigAE0i+BjtgMPPd7lQPMy46ZYIqtg4/jLceQGpyjFm6UI676fTN4te7HC/nAFC0
|
||||
IszCQgLgj3QAUF00+9ffjtgsU6tiX5pp246aMUAjvN8rI1bjJ+N4G9PC58D4FDRm
|
||||
x6iik7IrK4fL2TUGZG24M5BiI1NsjUroNkLZ9o/iZAYTq6Ff6cAJZcXqnc+vS7ve
|
||||
MiEqKpAeO4SQSnyoNzYK/ApTJB4vegfbvCPx0W00ZhNMqO73/zjXE95dbT18jZx/
|
||||
b6XNhnsqODolGbK7IInNJNnkSwV7nXEC4YYfhNu4BK7v/v94xG53ruwdkKJDV/D0
|
||||
fpHo0KccGr9HwgZnqVO7aQrSPuI42B7+2R6QPFYNynwVtlJ1iNyZloiyA4DgmWBg
|
||||
caGhXVnJcobqw/KjBFZsmH3sYEIoUbihXHsgvFtqPs/YORrBADy5Wnt0ZGHJN9xg
|
||||
yMRw1fO1Wv/17an2DQIDAQABo3gwdjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQE
|
||||
AwIHgDAWBgNVHSUBAf8EDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUE5nV9l42MZKa
|
||||
Ujwu5B9Vg+L4eI8wHwYDVR0jBBgwFoAUTCxr19ZO6BWByrjphmYfZeIWb8QwDQYJ
|
||||
KoZIhvcNAQELBQADggEBAK82djaZ4M5LOdlAE9Q6Ry2YypdmZ31c8eqpExNHxUeD
|
||||
IV7KmYNByhu95bmkunAJMdnYVkCIrAgDhM3WYuzB9Fg2kgrOBW2ZNFdyn2VtayLA
|
||||
ng1gFfYf22yLBhEYVwvTOmM9WxIwjoSIo9rskkFL5BKwjwPwHcoH6rw1kEqOB1TW
|
||||
LStbQ6q78y3EDwEOTudO/WAjejR4d5sYil6tPtRxq6Nt0g8W9rsc8cTpKbsYBkZA
|
||||
OrnmfkSprUh13BLj5fbjtQaDRsQXz9EPRIASrAT7nphPJKI8VkXHVtVDorr2VovA
|
||||
MvVRhQTw4nXpYZXvFETDkwCKtumjZWbgKL8mcjUxI24=
|
||||
-----END CERTIFICATE-----
|
||||
|
|
@ -14,7 +14,6 @@ go_library(
|
|||
"//base/go/kv",
|
||||
"//third_party/googleapis/google/longrunning:longrunning_go_proto",
|
||||
"//tools/kernelmanager/proto/v1:pb",
|
||||
"//tools/mothership/proto/v1:pb",
|
||||
"//vendor/go.temporal.io/api/enums/v1:enums",
|
||||
"//vendor/go.temporal.io/api/serviceerror",
|
||||
"//vendor/go.temporal.io/api/workflowservice/v1:workflowservice",
|
||||
|
|
|
|||
|
|
@ -15,20 +15,19 @@
|
|||
package kernelmanager_rpc
|
||||
|
||||
import (
|
||||
"context"
|
||||
base "go.resf.org/peridot/base/go"
|
||||
kernelmanagerpb "go.resf.org/peridot/tools/kernelmanager/pb"
|
||||
mothershippb "go.resf.org/peridot/tools/mothership/pb"
|
||||
v11 "go.temporal.io/api/enums/v1"
|
||||
"go.temporal.io/api/serviceerror"
|
||||
"go.temporal.io/api/workflowservice/v1"
|
||||
"google.golang.org/genproto/googleapis/longrunning"
|
||||
rpccode "google.golang.org/genproto/googleapis/rpc/code"
|
||||
rpcstatus "google.golang.org/genproto/googleapis/rpc/status"
|
||||
"google.golang.org/grpc/codes"
|
||||
"google.golang.org/grpc/status"
|
||||
"google.golang.org/protobuf/types/known/anypb"
|
||||
"google.golang.org/protobuf/types/known/timestamppb"
|
||||
"context"
|
||||
base "go.resf.org/peridot/base/go"
|
||||
kernelmanagerpb "go.resf.org/peridot/tools/kernelmanager/pb"
|
||||
v11 "go.temporal.io/api/enums/v1"
|
||||
"go.temporal.io/api/serviceerror"
|
||||
"go.temporal.io/api/workflowservice/v1"
|
||||
"google.golang.org/genproto/googleapis/longrunning"
|
||||
rpccode "google.golang.org/genproto/googleapis/rpc/code"
|
||||
rpcstatus "google.golang.org/genproto/googleapis/rpc/status"
|
||||
"google.golang.org/grpc/codes"
|
||||
"google.golang.org/grpc/status"
|
||||
"google.golang.org/protobuf/types/known/anypb"
|
||||
"google.golang.org/protobuf/types/known/timestamppb"
|
||||
)
|
||||
|
||||
func (s *Server) describeWorkflowToOperation(ctx context.Context, res *workflowservice.DescribeWorkflowExecutionResponse) (*longrunning.Operation, error) {
|
||||
|
|
@ -75,7 +74,7 @@ func (s *Server) describeWorkflowToOperation(ctx context.Context, res *workflows
|
|||
// Complete, we need to get the result using GetWorkflow
|
||||
run := s.temporal.GetWorkflow(ctx, op.Name, "")
|
||||
|
||||
var res mothershippb.ProcessRPMResponse
|
||||
var res kernelmanagerpb.TriggerKernelUpdateResponse
|
||||
if err := run.Get(ctx, &res); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue