From 18108b1a9643197f8e5496e850575a9a1855488e Mon Sep 17 00:00:00 2001
From: Anakin Zhang <benjamin93@163.com>
Date: Wed, 2 Sep 2020 23:22:51 +0800
Subject: [PATCH] carry security.evm when copying files

---
 ...arry-security.evm-when-copying-files.patch | 31 +++++++++++++++++++
 attr.spec                                     |  9 +++++-
 2 files changed, 39 insertions(+), 1 deletion(-)
 create mode 100644 0008-carry-security.evm-when-copying-files.patch

diff --git a/0008-carry-security.evm-when-copying-files.patch b/0008-carry-security.evm-when-copying-files.patch
new file mode 100644
index 0000000..aee3b8a
--- /dev/null
+++ b/0008-carry-security.evm-when-copying-files.patch
@@ -0,0 +1,31 @@
+From a0be13cb66e2297adce275d4308cae10ac4eb5e9 Mon Sep 17 00:00:00 2001
+From: Anakin Zhang <benjamin93@163.com>
+Date: Wed, 2 Sep 2020 23:18:56 +0800
+Subject: [PATCH] carry security.evm when copy files
+
+security.evm xattr is used to store a file's EVM signature. This xattr is
+needed by kernel EVM (Extended Verification Module) to provide file integrity
+protection.
+
+This patch is intended to allow carrying security.evm xattr when copying files.
+Without this patch, digest lists' security.evm xattr will miss when running
+dracut to make new initramfs.
+
+Signed-off-by: Anakin Zhang <benjamin93@163.com>
+---
+ xattr.conf | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/xattr.conf b/xattr.conf
+index dcbc12c..125fd18 100644
+--- a/xattr.conf
++++ b/xattr.conf
+@@ -18,4 +18,4 @@ trusted.SGI_DMI_*		skip		# xfs specific
+ trusted.SGI_MAC_FILE		skip		# xfs specific
+ xfsroot.*			skip		# xfs specific; obsolete
+ user.Beagle.*			skip		# ignore Beagle index data
+-security.evm			skip		# may only be written by kernel
++#security.evm			skip		# may only be written by kernel
+-- 
+2.23.0.windows.1
+
diff --git a/attr.spec b/attr.spec
index b500d69..f155288 100644
--- a/attr.spec
+++ b/attr.spec
@@ -1,7 +1,7 @@
 %{!?_licensedir:%global license %%doc}
 Name:    attr
 Version: 2.4.48
-Release: 11
+Release: 12
 Summary: Commands for Manipulating Filesystem Extended Attributes
 License: GPLv2+ AND LGPLv2+
 URL:     https://savannah.nongnu.org/projects/attr
@@ -15,6 +15,7 @@ Patch4:  0004-getfattr-don-t-count-terminating-NULL-in-well_enough.patch
 Patch5:  0005-attr-Replace-bzero-with-memset.patch
 Patch6:  0006-Switch-back-to-syscall.patch
 Patch7:  0007-bypass-wrong-output-when-enabled-selinux.patch
+Patch8:  0008-carry-security.evm-when-copying-files.patch
 
 BuildRequires: gettext, libtool, chrpath, gcc, git, gdb
 Provides:      libattr
@@ -101,6 +102,12 @@ fi
 %{_mandir}/man3/*
 
 %changelog
+* Wed Sep 2 2020 Anakin Zhang <benjamin93@163.com> - 2.4.48-12
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC: carry security.evm when copying files
+
 * Sun Jul 12 2020 Zhiqiang Liu <liuzhiqiang26@huawei.com> - 2.4.48-11
 - backport upstream bugfix patches
 
-- 
Gitee