From: Jan Stancek <jstan...@redhat.com>
redhat: Use redhatsecureboot701 for ppc64le
Forward-port of c9s commit
dd9a91221db9 ("redhat: Use redhatsecureboot701 for ppc64le")
Conflicts: RHEL has certs stored in system-sb-certs package,
but ARK/Fedora has them in tree.
When addressing CVE-2022-1665 the ppc64le signing keys were rotated but
the kernel itself was not updated to use the new key.
Signed-off-by: Patrick Talbert <ptalb...@redhat.com>
Signed-off-by: Prarit Bhargava <pra...@redhat.com>
Signed-off-by: Jan Stancek <jstan...@redhat.com>
diff --git a/redhat/kernel.spec.template b/redhat/kernel.spec.template
index blahblah..blahblah 100644
--- a/redhat/kernel.spec.template
+++ b/redhat/kernel.spec.template
@@ -839,7 +839,7 @@ Source13: redhatsecureboot501.cer
%define pesign_name_0 redhatsecureboot302
%endif
%ifarch ppc64le
-%define pesign_name_0 redhatsecureboot601
+%define pesign_name_0 redhatsecureboot701
%endif
%endif
# rhel && !eln
--
https://gitlab.com/cki-project/kernel-ark/-/merge_requests/2849
--
_______________________________________________
kernel mailing list -- kernel@lists.fedoraproject.org
To unsubscribe send an email to kernel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/kernel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
