commit e88a9de3128df1c4b89bd4c7312c15bb3eb34593
Author: Ingo Franzki <ifranzki@linux.ibm.com>
Date:   Thu Jul 8 15:18:30 2021 +0200

    pkcstok_migrate: Don't remove 'tokversion = x.y' during migration
    
    When migrating a slot the opencryptoki.conf file is modified. If it
    contains slots that already contain the 'tokversion = x.y' keyword,
    this is accidentally removed when migrating another slot.
    
    Signed-off-by: Ingo Franzki <ifranzki@linux.ibm.com>

diff --git a/usr/sbin/pkcstok_migrate/pkcstok_migrate.c b/usr/sbin/pkcstok_migrate/pkcstok_migrate.c
index 3df1596e..05081aff 100644
--- a/usr/sbin/pkcstok_migrate/pkcstok_migrate.c
+++ b/usr/sbin/pkcstok_migrate/pkcstok_migrate.c
@@ -2119,7 +2119,7 @@ static int parseupdate_key_vers(void *private, int tok, unsigned int vers)
 {
 	struct parseupdate *u = (struct parseupdate *)private;
 
-    if (tok != KW_TOKVERSION)
+    if (tok == KW_TOKVERSION && !u->activeslot)
         fprintf(u->f, "  %s = %d.%d", keyword_token_to_str(tok),
                 vers >> 16, vers & 0xffu);
     return 0;