diff --git a/backport-Fix-deadlock-issue-in-directory-iterating.patch b/backport-Fix-deadlock-issue-in-directory-iterating.patch
new file mode 100644
index 0000000000000000000000000000000000000000..ffd2890d483b086513fa75068f2c552423fb82e2
--- /dev/null
+++ b/backport-Fix-deadlock-issue-in-directory-iterating.patch
@@ -0,0 +1,141 @@
+From 790c5a47844ec464083984771a6128a84420c4a8 Mon Sep 17 00:00:00 2001
+From: jinlun <jinlun@huawei.com>
+Date: Mon, 26 Aug 2024 09:49:45 +0800
+Subject: [PATCH] Fix deadlock issue in directory iterating
+
+---
+ .../dim_core_static_baseline.c                | 70 ++++++++++++-------
+ .../dim_core_static_baseline.h                |  4 +-
+ 2 files changed, 46 insertions(+), 28 deletions(-)
+
+diff --git a/src/core/static_baseline/dim_core_static_baseline.c b/src/core/static_baseline/dim_core_static_baseline.c
+index ff05690..4fb6e51 100644
+--- a/src/core/static_baseline/dim_core_static_baseline.c
++++ b/src/core/static_baseline/dim_core_static_baseline.c
+@@ -65,41 +65,38 @@ static int baseline_check_add(const char *name, int type,
+ 	return ret;
+ }
+ 
++struct name_entry {
++	char name[NAME_MAX];
++	struct list_head list;
++};
++
+ #if LINUX_VERSION_CODE < KERNEL_VERSION(6, 4, 0)
+ static int
+ #else
+ static bool
+ #endif
+-static_baseline_load(struct dir_context *__ctx,
+-		     const char *name,
+-		     int name_len,
+-		     loff_t offset,
+-		     unsigned long long ino,
+-		     unsigned d_type)
++baseline_fill_dir(struct dir_context *__ctx,
++		  const char *name,
++		  int name_len,
++		  loff_t offset,
++		  unsigned long long ino,
++		  unsigned d_type)
+ {
+ 	struct baseline_parse_ctx *ctx = container_of(__ctx, typeof(*ctx), ctx);
+-	int ret;
+-	void *buf = NULL;
+-	unsigned long buf_len = 0;
++	struct name_entry *entry = NULL;
+ 
+ 	/* baseline file must end with '.hash' */
+-	if (d_type != DT_REG || (!dim_string_end_with(name, ".hash")))
++	if (d_type != DT_REG || strlen(name) >= NAME_MAX ||
++	    (!dim_string_end_with(name, ".hash")))
+ 		goto out; /* ignore invalid files */
+ 
+-	ret = dim_read_verify_file(ctx->path, name, &buf);
+-	if (ret < 0 || buf == NULL) {
+-		dim_err("failed to read and verify %s: %d\n", name, ret);
++	entry = dim_kzalloc_gfp(sizeof(struct name_entry));
++	if (entry == NULL)
+ 		goto out;
+-	}
+ 
+-	buf_len = ret;
+-	ret = dim_baseline_parse(buf, buf_len, ctx);
+-	if (ret < 0)
+-		dim_err("failed to parse baseline file %s: %d\n", name, ret);
++	strcpy(entry->name, name);
++	list_add( &entry->list, &ctx->name_list);
+ out:
+-	if (buf != NULL)
+-		dim_vfree(buf);
+-
+ #if LINUX_VERSION_CODE < KERNEL_VERSION(6, 4, 0)
+ 	return 0; /* ignore fail */
+ #else
+@@ -112,12 +109,16 @@ int dim_core_static_baseline_load(struct dim_measure *m)
+ 	int ret = 0;
+ 	struct path kpath;
+ 	struct file *file = NULL;
+-	struct baseline_parse_ctx buf = {
+-		.ctx.actor = static_baseline_load,
+-		.path = &kpath,
++	struct name_entry *entry = NULL;
++	struct name_entry *tmp = NULL;
++	void *buf = NULL;
++	unsigned long buf_len = 0;
++	struct baseline_parse_ctx ctx = {
+ 		.m = m,
++		.ctx.actor = baseline_fill_dir,
+ 		.add = baseline_check_add,
+ 		.match = baseline_match_policy,
++		.name_list = LIST_HEAD_INIT(ctx.name_list)
+ 	};
+ 
+ 	if (m == NULL)
+@@ -137,9 +138,26 @@ int dim_core_static_baseline_load(struct dim_measure *m)
+ 		return ret;
+ 	}
+ 
+-	(void)iterate_dir(file, &buf.ctx);
++	(void)iterate_dir(file, &ctx.ctx);
++	filp_close(file, NULL);
++
++	list_for_each_entry_safe(entry, tmp, &ctx.name_list, list) {
++		ret = dim_read_verify_file(&kpath, entry->name, &buf);
++		if (ret < 0 || buf == NULL) {
++			dim_err("failed to read and verify %s: %d\n", entry->name, ret);
++			dim_kfree(entry);
++			continue;
++		}
++
++		buf_len = ret;
++		ret = dim_baseline_parse(buf, buf_len, &ctx);
++		if (ret < 0)
++			dim_err("failed to parse baseline file %s: %d\n", entry->name, ret);
++
++		dim_vfree(buf);
++		dim_kfree(entry);
++	}
+ 
+ 	path_put(&kpath);
+-	filp_close(file, NULL);
+ 	return 0;
+ }
+diff --git a/src/core/static_baseline/dim_core_static_baseline.h b/src/core/static_baseline/dim_core_static_baseline.h
+index 988b02d..e0d1df9 100644
+--- a/src/core/static_baseline/dim_core_static_baseline.h
++++ b/src/core/static_baseline/dim_core_static_baseline.h
+@@ -24,8 +24,8 @@ typedef int (*baseline_add_func)(const char *name, int type,
+ struct baseline_parse_ctx {
+ 	/* context for directory walking */
+ 	struct dir_context ctx;
+-	/* current directory path */
+-	struct path *path;
++	/* entry to store the filenames in directory */
++	struct list_head name_list;
+ 	struct dim_measure *m;
+ 	baseline_match_func match;
+ 	baseline_add_func add;
+-- 
+2.33.0
+
diff --git a/backport-Optimized-directory-suffix-matching.patch b/backport-Optimized-directory-suffix-matching.patch
new file mode 100644
index 0000000000000000000000000000000000000000..73771f5ba70b9f96f420bbb34b37ca0870e465b5
--- /dev/null
+++ b/backport-Optimized-directory-suffix-matching.patch
@@ -0,0 +1,92 @@
+From 3af4724225de2eef2df28d29e74182236c97d4ca Mon Sep 17 00:00:00 2001
+From: jinlun <jinlun@huawei.com>
+Date: Sat, 19 Oct 2024 15:32:59 +0800
+Subject: [PATCH 1/2] Optimized directory suffix matching
+
+Fix an issue where file names were not
+matched correctly when iterating over a
+directory in the XFS file system
+---
+ src/common/dim_utils.c                            | 15 ---------------
+ src/common/dim_utils.h                            |  3 +--
+ .../static_baseline/dim_core_static_baseline.c    | 11 ++++++++---
+ 3 files changed, 9 insertions(+), 20 deletions(-)
+
+diff --git a/src/common/dim_utils.c b/src/common/dim_utils.c
+index 57ea3e9..6746d88 100644
+--- a/src/common/dim_utils.c
++++ b/src/common/dim_utils.c
+@@ -48,21 +48,6 @@ out:
+ 	return ret;	
+ }
+ 
+-bool dim_string_end_with(const char *str, const char *ext)
+-{
+-	int name_len, ext_len;
+-
+-	if (str == NULL || ext == NULL)
+-		return false;
+-
+-	name_len = strlen(str);
+-	ext_len = strlen(ext);
+-	if (name_len < ext_len)
+-		return false;
+-
+-	return dim_strcmp(str + name_len - ext_len, ext) == 0;
+-}
+-
+ int dim_parse_line_buf(char *buf, loff_t len, int (*line_parser)(char *, int, void *), void *data)
+ {
+ 	int ret = 0;
+diff --git a/src/common/dim_utils.h b/src/common/dim_utils.h
+index 8c7d855..db43546 100644
+--- a/src/common/dim_utils.h
++++ b/src/common/dim_utils.h
+@@ -18,7 +18,6 @@
+ #define dim_devel(fmt, ...)
+ 
+ int dim_get_absolute_path(const char *path, const char **result);
+-bool dim_string_end_with(const char *str, const char *ext);
+ int dim_parse_line_buf(char *buf, loff_t len, int (*line_parser)(char *, int, void *), void *data);
+ 
+-#endif
+\ No newline at end of file
++#endif
+diff --git a/src/core/static_baseline/dim_core_static_baseline.c b/src/core/static_baseline/dim_core_static_baseline.c
+index 4fb6e51..7ae5171 100644
+--- a/src/core/static_baseline/dim_core_static_baseline.c
++++ b/src/core/static_baseline/dim_core_static_baseline.c
+@@ -17,6 +17,9 @@
+ #include "dim_core_measure.h"
+ #include "dim_core_static_baseline.h"
+ 
++#define BASELINE_FILE_SUFFIX ".hash"
++#define BASELINE_FILE_SUFFIX_LEN 5
++
+ static bool baseline_match_policy(const char *name, int type)
+ {
+ 	const char *kr = init_uts_ns.name.release;
+@@ -86,15 +89,17 @@ baseline_fill_dir(struct dir_context *__ctx,
+ 	struct name_entry *entry = NULL;
+ 
+ 	/* baseline file must end with '.hash' */
+-	if (d_type != DT_REG || strlen(name) >= NAME_MAX ||
+-	    (!dim_string_end_with(name, ".hash")))
++	if (d_type != DT_REG || name_len >= NAME_MAX ||
++	    name_len <= BASELINE_FILE_SUFFIX_LEN ||
++	    strncmp(name + name_len - BASELINE_FILE_SUFFIX_LEN,
++	    BASELINE_FILE_SUFFIX, BASELINE_FILE_SUFFIX_LEN))
+ 		goto out; /* ignore invalid files */
+ 
+ 	entry = dim_kzalloc_gfp(sizeof(struct name_entry));
+ 	if (entry == NULL)
+ 		goto out;
+ 
+-	strcpy(entry->name, name);
++	strncpy(entry->name, name, name_len);
+ 	list_add( &entry->list, &ctx->name_list);
+ out:
+ #if LINUX_VERSION_CODE < KERNEL_VERSION(6, 4, 0)
+-- 
+2.33.0
+
diff --git a/backport-Resolved-the-problem-that-the-jump_label_lock-isrepe.patch b/backport-Resolved-the-problem-that-the-jump_label_lock-isrepe.patch
new file mode 100644
index 0000000000000000000000000000000000000000..621a03321f5c6658ff650e362171f0bf338d0428
--- /dev/null
+++ b/backport-Resolved-the-problem-that-the-jump_label_lock-isrepe.patch
@@ -0,0 +1,25 @@
+From f102decbd82da0fa4c11af6f4eb249b2b34c952f Mon Sep 17 00:00:00 2001
+From: jinlun <jinlun@huawei.com>
+Date: Fri, 29 Nov 2024 10:14:27 +0800
+Subject: [PATCH 2/2] Resolved the problem that the jump_label_lock
+ isrepeatedly but the jump_label_unlock does not determine
+
+---
+ src/core/dim_core_symbol.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/core/dim_core_symbol.c b/src/core/dim_core_symbol.c
+index 38c9f02..97bb5fe 100644
+--- a/src/core/dim_core_symbol.c
++++ b/src/core/dim_core_symbol.c
+@@ -51,6 +51,6 @@ int dim_core_kallsyms_init(void)
+ 		k->find_module == NULL || k->find_get_task_by_vpid == NULL ||
+ #endif
+ 		k->start_jump_table == NULL || k->stop_jump_table == NULL ||
+-		k->jump_label_lock == NULL || k->jump_label_lock == NULL ||
++		k->jump_label_lock == NULL || k->jump_label_unlock == NULL ||
+ 		k->walk_process_tree == NULL) ? -ENOENT : 0;
+ }
+-- 
+2.33.0
+
diff --git a/dim.spec b/dim.spec
index eb2fedb75f34c2c636e6b7ac69b55a8c1f7f03f8..8c8e5f2fbd34d8f30bfc13cb9c8e642e0b7d5a2c 100644
--- a/dim.spec
+++ b/dim.spec
@@ -1,10 +1,28 @@
 %global debug_package %{nil}
 %define kernel_version %(ver=`rpm -qa|grep kernel-devel`;echo ${ver#*kernel-devel-})
 
+# Redefining __spec_install_post, Causes the kernel
+# module to be signed at the end of the install phase
+%if 0%{?openEuler_sign_rsa}
+%global __modsign_install_post \
+module_path="$RPM_BUILD_ROOT/lib/modules/%{kernel_version}/extra/dim" \
+sh /usr/lib/rpm/brp-ebs-sign --module $module_path/dim_core.ko ||: \
+mv $module_path/dim_core.ko.sig $module_path/dim_core.ko ||: \
+sh /usr/lib/rpm/brp-ebs-sign --module $module_path/dim_monitor.ko ||: \
+mv $module_path/dim_monitor.ko.sig $module_path/dim_monitor.ko ||: \
+%{nil}
+
+%global __tmp_spec_install_post %{__spec_install_post}
+%global __spec_install_post \
+%{__tmp_spec_install_post} \
+%{__modsign_install_post} \
+%{nil}
+%endif
+
 Name         :  dim
 Summary      :  Dynamic Integrity Measurement
 Version      :  1.0.2
-Release      :  8
+Release      :  10
 License      :  GPL-2.0
 Source0      :  %{name}-v%{version}.tar.gz
 BuildRequires:  kernel-devel kernel-headers
@@ -60,6 +78,9 @@ Patch0048:      backport-Change-the-permissions-of-the-dim-directory-to-500.patc
 Patch0049:      backport-Unified-log-printing-format.patch
 Patch0050:      backport-Fix-print-errors.patch
 Patch0051:      backport-add-parameter-check.patch
+Patch0052:      backport-Fix-deadlock-issue-in-directory-iterating.patch
+Patch0053:      backport-Optimized-directory-suffix-matching.patch
+Patch0054:      backport-Resolved-the-problem-that-the-jump_label_lock-isrepe.patch
 
 %description
 Dynamic Integrity Measurement
@@ -98,6 +119,12 @@ rm -rf %{buildroot}
 %attr(0400,root,root) /lib/modules/%{kernel_version}/extra/dim/dim_monitor.ko
 
 %changelog
+* Mon Jan 20 2025 steven_ygui <steven_ygui@163.com> 1.0.2-10
+- backport some patches
+
+* Mon Jan 20 2025 steven_ygui <steven_ygui@163.com> 1.0.2-9
+- add signature for dim
+
 * Mon Aug 19 2024 gengqihu <gengqihu2@h-partners.com> 1.0.2-8
 - Enabled DIM_HASH_SUPPORT_SM3