diff --git a/.gitignore b/.gitignore
index e69de29..5dd3810 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+/sedutil-1.12.tar.gz
diff --git a/56.patch b/56.patch
new file mode 100644
index 0000000..70ab6a3
--- /dev/null
+++ b/56.patch
@@ -0,0 +1,138 @@
+From 5ca6100917a025f6e11ae20838e1e37e7db2d587 Mon Sep 17 00:00:00 2001
+From: JanLuca <jan@naumannsfamily.de>
+Date: Mon, 30 May 2016 00:21:48 +0200
+Subject: [PATCH] Use nvme_ioctl.h for newer kernel versions #55
+
+The header linux/nvme.h was replaced by linux/nvme_ioctl.h in kernel versions greater than 4.4: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9d99a8dda154
+
+The needed structs and opcodes are copied into a new header file from nvme.h.
+
+See also:
+https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a9cf8284b45110a4d98aea180a89c857e53bf850
+https://www.bountysource.com/issues/29775575-linux-nvme-h-has-been-renamed-in-linux-4-4
+---
+ linux/DtaDevLinuxNvme.h | 8 ++-
+ linux/DtaDevLinuxNvmeStructsOpCodes.h | 95 +++++++++++++++++++++++++++++++++++
+ 2 files changed, 102 insertions(+), 1 deletion(-)
+ create mode 100755 linux/DtaDevLinuxNvmeStructsOpCodes.h
+
+diff --git a/linux/DtaDevLinuxNvme.h b/linux/DtaDevLinuxNvme.h
+index cc55761..7a67385 100755
+--- a/linux/DtaDevLinuxNvme.h
++++ b/linux/DtaDevLinuxNvme.h
+@@ -18,7 +18,13 @@ along with sedutil. If not, see <http://www.gnu.org/licenses/>.
+
+ * C:E********************************************************************** */
+ #pragma once
+-#include "linux/nvme.h"
++#include <linux/version.h>
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0)
++#include <linux/nvme_ioctl.h>
++#include "DtaDevLinuxNvmeStructsOpCodes.h"
++#else
++#include <linux/nvme.h>
++#endif
+ #include "DtaStructures.h"
+ #include "DtaDevLinuxDrive.h"
+
+diff --git a/linux/DtaDevLinuxNvmeStructsOpCodes.h b/linux/DtaDevLinuxNvmeStructsOpCodes.h
+new file mode 100755
+index 0000000..b781949
+--- /dev/null
++++ b/linux/DtaDevLinuxNvmeStructsOpCodes.h
+@@ -0,0 +1,95 @@
++/*
++ * Definitions for the NVM Express interface
++ * Copyright (c) 2011-2014, Intel Corporation.
++ *
++ * This program is free software; you can redistribute it and/or modify it
++ * under the terms and conditions of the GNU General Public License,
++ * version 2, as published by the Free Software Foundation.
++ *
++ * This program is distributed in the hope it will be useful, but WITHOUT
++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
++ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
++ * more details.
++ */
++#pragma once
++
++enum nvme_admin_opcode {
++ nvme_admin_delete_sq = 0x00,
++ nvme_admin_create_sq = 0x01,
++ nvme_admin_get_log_page = 0x02,
++ nvme_admin_delete_cq = 0x04,
++ nvme_admin_create_cq = 0x05,
++ nvme_admin_identify = 0x06,
++ nvme_admin_abort_cmd = 0x08,
++ nvme_admin_set_features = 0x09,
++ nvme_admin_get_features = 0x0a,
++ nvme_admin_async_event = 0x0c,
++ nvme_admin_activate_fw = 0x10,
++ nvme_admin_download_fw = 0x11,
++ nvme_admin_format_nvm = 0x80,
++ nvme_admin_security_send = 0x81,
++ nvme_admin_security_recv = 0x82,
++};
++
++struct nvme_id_power_state {
++ __le16 max_power; /* centiwatts */
++ __u8 rsvd2;
++ __u8 flags;
++ __le32 entry_lat; /* microseconds */
++ __le32 exit_lat; /* microseconds */
++ __u8 read_tput;
++ __u8 read_lat;
++ __u8 write_tput;
++ __u8 write_lat;
++ __le16 idle_power;
++ __u8 idle_scale;
++ __u8 rsvd19;
++ __le16 active_power;
++ __u8 active_work_scale;
++ __u8 rsvd23[9];
++};
++
++struct nvme_id_ctrl {
++ __le16 vid;
++ __le16 ssvid;
++ char sn[20];
++ char mn[40];
++ char fr[8];
++ __u8 rab;
++ __u8 ieee[3];
++ __u8 mic;
++ __u8 mdts;
++ __le16 cntlid;
++ __le32 ver;
++ __u8 rsvd84[172];
++ __le16 oacs;
++ __u8 acl;
++ __u8 aerl;
++ __u8 frmw;
++ __u8 lpa;
++ __u8 elpe;
++ __u8 npss;
++ __u8 avscc;
++ __u8 apsta;
++ __le16 wctemp;
++ __le16 cctemp;
++ __u8 rsvd270[242];
++ __u8 sqes;
++ __u8 cqes;
++ __u8 rsvd514[2];
++ __le32 nn;
++ __le16 oncs;
++ __le16 fuses;
++ __u8 fna;
++ __u8 vwc;
++ __le16 awun;
++ __le16 awupf;
++ __u8 nvscc;
++ __u8 rsvd531;
++ __le16 acwu;
++ __u8 rsvd534[2];
++ __le32 sgls;
++ __u8 rsvd540[1508];
++ struct nvme_id_power_state psd[32];
++ __u8 vs[1024];
++};
diff --git a/sedutil-cli.8 b/sedutil-cli.8
new file mode 100644
index 0000000..dcf5b57
--- /dev/null
+++ b/sedutil-cli.8
@@ -0,0 +1,93 @@
+.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.4.
+.TH SEDUTIL-CLI "8" "May 2017" "sedutil-cli 1.12" "System Administration Utilities"
+.SH NAME
+sedutil-cli \- manage self-encrypting drives
+.SH SYNOPSIS
+.B sedutil\-cli
+[\fI\,ACTION\/\fR] [\fI\,OPTION\/\fR]... [\fI\,DEVICE\/\fR]
+.SH DESCRIPTION
+A utility to manage self encrypting drives that conform
+to the Trusted Computing Group OPAL 2.0 SSC specification.
+.TP
+\fB\-v\fR
+increase verbosity, one to five v's
+.TP
+\fB\-n\fR
+no password hashing. Passwords will be sent in clear text!
+.TP
+\fBACTIONS:\fR
+.TP
+\fB\-\-scan\fR
+Scans the devices on the system, identifying Opal compliant devices
+.TP
+\fB\-\-query\fR <device>
+Display the Discovery 0 response of a device
+.TP
+\fB\-\-isValidSED\fR <device>
+Verify whether the given device is SED or not
+.TP
+\fB\-\-listLockingRanges\fR <password> <device>
+List all Locking Ranges
+.TP
+\fB\-\-listLockingRange\fR <0...n> <password> <device>
+List all Locking Ranges, 0 = GLobal 1..n = LRn
+.TP
+\fB\-\-eraseLockingRange\fR <0...n> <password> <device>
+Erase a Locking Range, 0 = GLobal 1..n = LRn
+.TP
+\fB\-\-setupLockingRange\fR <0...n> <RangeStart> <RangeLength> <password> <device>
+Setup a new Locking Range, 0 = GLobal 1..n = LRn
+.TP
+\fB\-\-initialSetup\fR <SIDpassword> <device>
+Setup the device for use with sedutil. <SIDpassword> is new SID and Admin1 password
+.TP
+\fB\-\-setSIDPassword\fR <SIDpassword> <newSIDpassword> <device>
+Change the SID password
+.TP
+\fB\-\-setAdmin1Pwd\fR <Admin1password> <newAdmin1password> <device>
+Change the Admin1 password
+.TP
+\fB\-\-setPassword\fR <oldpassword, "" for MSID> <userid> <newpassword> <device>
+Change the Enterprise password for userid "EraseMaster" or "BandMaster<n>", 0 <= n <= 1023
+.TP
+\fB\-\-setLockingRange\fR <0...n> <RW|RO|LK> <Admin1password> <device>
+Set the status of a Locking Range, 0 = GLobal 1..n = LRn
+.TP
+\fB\-\-enableLockingRange\fR <0...n> <Admin1password> <device>
+Enable a Locking Range, 0 = GLobal 1..n = LRn
+.TP
+\fB\-\-disableLockingRange\fR <0...n> <Admin1password> <device>
+Disable a Locking Range, 0 = GLobal 1..n = LRn
+.TP
+\fB\-\-setMBREnable\fR <on|off> <Admin1password> <device>
+Enable|Disable MBR shadowing
+.TP
+\fB\-\-setMBRDone\fR <on|off> <Admin1password> <device>
+set|unset MBRDone
+.TP
+\fB\-\-loadPBAimage\fR <Admin1password> <file> <device>
+Write <file> to MBR Shadow area
+.TP
+\fB\-\-revertTPer\fR <SIDpassword> <device>
+set the device back to factory defaults. This **ERASES ALL DATA**
+.TP
+\fB\-\-revertNoErase\fR <Admin1password> <device>
+deactivate the Locking SP without erasing the data on GLOBAL RANGE *ONLY*
+.TP
+\fB\-\-yesIreallywanttoERASEALLmydatausingthePSID\fR <PSID> <device>
+revert the device using the PSID *ERASING* *ALL* the data
+.TP
+\fB\-\-printDefaultPassword\fR <device>
+print MSID
+.SH EXAMPLES
+sedutil\-cli \fB\-\-scan\fR
+.PP
+sedutil\-cli \fB\-\-query\fR \fI\,/dev/sdc\/\fP
+.PP
+sedutil\-cli \fB\-\-yesIreallywanttoERASEALLmydatausingthePSID\fR <PSIDALLCAPSNODASHED> \fI\,/dev/sdc\/\fP
+.PP
+sedutil\-cli \fB\-\-initialSetup\fR <newSIDpassword> \fI\,/dev/sdc\/\fP
+.SH COPYRIGHT
+sedutil v1.12 Copyright 2014\-2016 Bright Plaza Inc. <drivetrust@drivetrust.com>
+.SH SEE ALSO
+See further documentation in /usr/share/doc/sedutil
diff --git a/sedutil.spec b/sedutil.spec
new file mode 100644
index 0000000..7c84af7
--- /dev/null
+++ b/sedutil.spec
@@ -0,0 +1,144 @@
+%global gittag0 1.12
+
+%global _hardened_build 1
+
+Name: sedutil
+Version: %{gittag0}
+Release: 3%{?dist}
+Summary: Tools to manage the activation and use of self encrypting drives
+
+# Everything is GPLv3+ except:
+# - Common/pbkdf2/* which is GPLv2+, a bundled copy of some gnulib code.
+# - Common/Dta*Dump* which is BSD (https://github.com/Drive-Trust-Alliance/sedutil/issues/145)
+License: GPLv3+ and GPLv2+ and BSD
+URL: https://github.com/Drive-Trust-Alliance/sedutil/wiki
+Source0: https://github.com/Drive-Trust-Alliance/%{name}/archive/%{gittag0}/%{name}-%{gittag0}.tar.gz
+# Make a manual page from the help output:
+#help2man --name=sedutil-cli \
+# --section=8 \
+# --no-info \
+# --version-string=%%{version} \
+# --no-discard-stderr \
+# --output=./dist/Release_x86_64/GNU-Linux/sedutil-cli.8 \
+# ./dist/Release_x86_64/GNU-Linux/sedutil-cli
+# Cleaned up with manual edits:
+Source1: sedutil-cli.8
+Patch0: https://github.com/Drive-Trust-Alliance/sedutil/pull/56.patch
+
+# sedutil does not work on big-endian architectures
+ExcludeArch: ppc ppc64 s390 s390x
+
+BuildRequires: ncurses-devel
+
+# This package uses gnulib. It was granted an exception in:
+# https://fedorahosted.org/fpc/ticket/174
+Provides: bundled(gnulib)
+
+# Replaces msed, but doesn't provide a compatible CLI command
+Obsoletes: msed <= 0.23-0.20
+
+%description
+The Drive Trust Alliance software (sedutil) is an Open Source (GPLv3)
+effort to make Self Encrypting Drive technology freely available to
+everyone. It is a combination of the two known available Open Source
+code bases today: msed and OpalTool.
+
+sedutil is a Self-Encrypting Drive (SED) management program and
+Pre-Boot Authorization (PBA) image that will allow the activation and
+use of self encrypting drives that comply with the Trusted Computing
+Group Opal 2.0 SSC.
+
+This package provides the sedutil-cli and linuxpba binaries, but not
+the PBA image itself.
+
+%prep
+%setup -q -n sedutil-%{gittag0}
+%patch0 -p1 -b .nvme_ioctl
+# Adjust the GitVersion.sh script to just use the git tag from the
+# checkout so we don't need a full git tree or the git tool itself.
+cd linux
+sed -i -e's/^GITVER=.*/GITVER=%{gittag0}/' GitVersion.sh
+# Remove stray execute permissions from source code
+find . -type f -name '*.h' -exec chmod -x {} \;
+find . -type f -name '*.cpp' -exec chmod -x {} \;
+
+
+%build
+# Always use the x86_64 build configuration, because we override
+# CFLAGS etc. for each arch build anyway and the upstream makefiles
+# don't have build configs for every arch we support.
+cd linux/CLI
+make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" CXXFLAGS="$RPM_OPT_FLAGS" CONF=Release_x86_64
+
+# Copy in our manual page
+cp -p %{SOURCE1} dist/Release_x86_64/GNU-Linux/sedutil-cli.8
+
+cd ../../LinuxPBA
+make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" CXXFLAGS="$RPM_OPT_FLAGS" CONF=Release
+
+%install
+mkdir -p $RPM_BUILD_ROOT%{_sbindir}
+install -p -m755 linux/CLI/dist/Release_x86_64/GNU-Linux/sedutil-cli $RPM_BUILD_ROOT%{_sbindir}/sedutil-cli
+
+mkdir -p $RPM_BUILD_ROOT%{_mandir}/man8
+install -p -m644 linux/CLI/dist/Release_x86_64/GNU-Linux/sedutil-cli.8 $RPM_BUILD_ROOT%{_mandir}/man8/sedutil-cli.8
+
+mkdir -p $RPM_BUILD_ROOT%{_libexecdir}
+install -p -m755 LinuxPBA/dist/Release/GNU-Linux/linuxpba $RPM_BUILD_ROOT%{_libexecdir}/linuxpba
+
+
+%files
+%doc README.md Common/Copyright.txt Common/ReadMe.txt linux/PSIDRevert_LINUX.txt
+%license Common/LICENSE.txt
+%{_sbindir}/sedutil-cli
+%{_mandir}/man8/sedutil-cli.8*
+%{_libexecdir}/linuxpba
+
+
+%changelog
+* Tue May 9 2017 Charles R. Anderson <cra@wpi.edu> - 1.12-3
+- Remove commented out macros
+- Clarify multiple licensing scenario
+- Provides: bundled(gnulib)
+- Move sedutil-cli to /usr/sbin and linuxbpa to /usr/libexec
+- Provide a manual page for sedutil-cli
+
+* Wed May 3 2017 Charles R. Anderson <cra@wpi.edu> - 1.12-2
+- Obsolete msed package
+- Remove stray execute permissions from source code
+
+* Wed May 3 2017 Charles R. Anderson <cra@wpi.edu> - 1.12-1
+- Use nvme_ioctl.h for newer kernel versions (upstream pull request #56)
+
+* Tue Jan 3 2017 Charles R. Anderson <cra@wpi.edu>
+- update to 1.12
+- sedutil-nvme_ioctl_h.patch for renamed linux/nvme.h header
+
+* Wed Nov 11 2015 Charles R. Anderson <cra@wpi.edu> - 1.10-0.1.beta.git350b22c
+- switch to DriveTrustAlliance/sedutil upstream where all further development
+ of msed happens now.
+
+* Fri Aug 07 2015 Rafael Fonseca <rdossant@redhat.com> - 0.23-0.7.beta.gite38a16d
+- disable build on big endian architectures (rhbz#1251520)
+
+* Mon Jul 27 2015 Charles R. Anderson <cra@wpi.edu> - 0.23-0.6.beta.gite38a16d
+- add comments about upstream pull requests for patches
+
+* Sun Jul 26 2015 Charles R. Anderson <cra@wpi.edu> - 0.23-0.5.beta.gite38a16d
+- use Github Source0 URL and standard macros for git hash
+- patch GitVersion.sh to use a static git tag so we do not need a
+ full git tree or the git tool for building.
+- preserve timestamps of installed files
+
+* Tue Jul 21 2015 Charles R. Anderson <cra@wpi.edu> - 0.23-0.4.beta.gite38a16d
+- mark LICENSE.txt as a license text
+- enable hardened build
+
+* Tue Jul 21 2015 Charles R. Anderson <cra@wpi.edu> - 0.23-0.3.beta.gite38a16d
+- add more documentation
+
+* Tue Jul 21 2015 Charles R. Anderson <cra@wpi.edu> - 0.23-0.2.beta.gite38a16d
+- add BR git to properly define GIT_VERSION
+
+* Mon Jul 20 2015 Charles R. Anderson <cra@wpi.edu> - 0.23-0.1.beta.gite38a16d
+- initial package
diff --git a/sources b/sources
index e69de29..eb0efb8 100644
--- a/sources
+++ b/sources
@@ -0,0 +1 @@
+SHA512 (sedutil-1.12.tar.gz) = f17fbb5a6d71d5bdd59d0fc85eed11036a8e365545133bc1374a733ce1975d6c8dd2cdc500bd46cffbec1f2bef621a98ca392e0dd314734c1ef12c073d70b0de