45afda Add fsverity backport to SIG

Authored and Committed by malmond 3 years ago
34 files changed. 3514 lines added. 1 lines removed.
SOURCES/0001-Add-RPMTAG_AUTOINSTALLED-reservation.patch
file added
+32
SOURCES/0002-Add-RPMTAG_IDENTITY-reservation.patch
file added
+34
SOURCES/0003-Use-lower-level-headerPut-for-file-signing.patch
file added
+58
SOURCES/0004-Place-file-signatures-into-the-signature-header-wher.patch
file added
+329
SOURCES/0005-Unbreak-file-signing-from-previous-commit.patch
file added
+30
SOURCES/0006-Assume-failure-in-rpmSignFiles.patch
file added
+71
SOURCES/0007-Use-rpm-file-info-sets-instead-of-header-for-retriev.patch
file added
+108
SOURCES/0008-Eliminate-redundant-signature-length-calculation-fun.patch
file added
+105
SOURCES/0009-Drop-redundant-check-on-hash-algo-name.patch
file added
+29
SOURCES/0010-Drop-redundant-check-on-hash-algo-name.patch
file added
+40
SOURCES/0011-Generalize-file-signing-to-use-a-generic-flags-field.patch
file added
+129
SOURCES/0012-Stop-adding-rpm-v3-header-payload-signatures-by-defa.patch
file added
+201
SOURCES/0013-RPMTAG_PAYLOADDIGESTALT-is-not-backported-here-don-t.patch
file added
+27
SOURCES/0014-Drop-support-for-dmalloc.patch
file added
+48
SOURCES/0015-rpmsign-RPMSIGN_FLAG_IMA-is-already-set.patch
file added
+28
SOURCES/0016-Add-basic-autoconf-and-framework-for-fsverity-suppor.patch
file added
+136
SOURCES/0017-rpmsign-Add-helper-to-indicate-file-signing-enabled.patch
file added
+51
SOURCES/0018-rpmsign-Handle-certpath-for-signing-certificate.patch
file added
+52
SOURCES/0019-Implement-rpmSignVerity.patch
file added
+243
SOURCES/0020-Introduce-base2bin-a-helper-to-convert-tag-array-of-.patch
file added
+95
SOURCES/0021-rpmsignverity-Add-verity-signature-headers-to-the-pa.patch
file added
+210
SOURCES/0022-rpmSignVerity-Generate-signatures-for-files-not-pres.patch
file added
+162
SOURCES/0023-Process-verity-tag-on-package-read.patch
file added
+189
SOURCES/0024-Generate-a-zero-length-signature-for-symlinks.patch
file added
+33
SOURCES/0025-rpmsignverity.c-Clean-up-debug-logging.patch
file added
+40
SOURCES/0026-fsverity-add-tag-for-fsverity-algorithm.patch
file added
+161
SOURCES/0027-plugins-fsverity-Install-fsverity-signatures.patch
file added
+281
SOURCES/0028-fsverity-plugin-Use-tag-for-algorithm.patch
file added
+116
SOURCES/0029-Add-fsverity-tags-to-rpmgeneral.at.patch
file added
+28
SOURCES/0030-Add-delfilesign-flag-to-delete-IMA-and-fsverity-file.patch
file added
+117
SOURCES/0031-Update-man-page-for-rpmsign.patch
file added
+72
SOURCES/0032-rpmsign-Add-argument-to-specify-algorithm-for-fsveri.patch
file added
+168
SOURCES/0033-Enable-fsverity-in-CI.patch
file added
+27
SPECS/rpm.spec
file modified
+64 -1
    Add fsverity backport to SIG
    
    These patches have been in production at Facebook for a while. This was
    blocked on the absence of `fsverity-utils-devel`. This is now in EPEL,
    and EPEL itself is enabled in `centos-stream-8-x86_64` mock config.
    
        
file modified
+64 -1