File project.diff of Package qemu

--- qemu.changes.orig
+++ qemu.changes
@@ -1051,6 +1051,12 @@ Wed Jan 12 13:57:31 UTC 2022 - Dario Fag
   Revert-qemu-img-Require-F-with-b-backing.patch
 
 -------------------------------------------------------------------
+Wed Jan  5 16:16:27 UTC 2022 - Michal Suchanek <msuchanek@suse.com>
+
+- SLOF: appended signature: Use SLE certificate in addition to project
+  certificate for verification.
+
+-------------------------------------------------------------------
 Wed Dec 22 08:51:15 UTC 2021 - Dario Faggioli <dfaggioli@suse.com>
 
 - Fix testsuite failures by not using modules when building tests
@@ -1182,6 +1188,26 @@ Mon Dec  6 14:22:18 UTC 2021 - Guillaume
   dropped from Factory - boo#1193424
 
 -------------------------------------------------------------------
+Thu Dec  2 10:19:00 UTC 2021 - Michal Suchanek <msuchanek@suse.com>
+
+- ppc secure boot
+  + 0001-use-PT_LOAD-constant.patch
+  + 0002-calloc.patch
+  + 0003-import-nayna-s-mbedtls.patch
+  + 0004-mbedtls-fixups.patch
+  + 0005-integrate-mbedtls.patch
+  + 0006-appended-signature-infrastructure.patch
+  + 0007-awful-hack-for-building.patch
+  + 0008-Appended-signature-verification.patch
+  + 0009-Update-mbedtls-to-support-multiple-signers.patch
+  + 0010-update-for-new-mbedtls.patch
+  + 0011-verify-ibm-secure-boot-property.patch
+  + 0012-require-signed-binary-if-32bit-and-secureboot.patch
+  + 0001-Create-fake-AIX-style-ibm-secureboot.patch
+  + 0002-Create-fake-ibm-trusted-boot-property.patch
+  + 0003-ppc-make-secure-boot-and-trusted-boot-mode-configura.patch
+
+-------------------------------------------------------------------
 Tue Oct 26 20:53:59 UTC 2021 - José Ricardo Ziviani <jose.ziviani@suse.com>
 
 - qemu: virtio-net: heap use-after-free in virtio_net_receive_rcu
--- qemu.spec.orig
+++ qemu.spec
@@ -14,6 +14,7 @@
 
 # Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
+# needssslcertforbuild
 
 %include %{_sourcedir}/common.inc
 
@@ -86,6 +87,28 @@ Release:        0
 Source:         %{srcname}-%{srcver}.tar.xz
 Source1:        common.inc
 Source303:      README.PACKAGING
+
+# Secure boot support on powerpc
+Patch00900:     0001-Create-fake-AIX-style-ibm-secureboot.patch
+Patch00901:     0002-Create-fake-ibm-trusted-boot-property.patch
+Patch00902:     0003-ppc-make-secure-boot-and-trusted-boot-mode-configura.patch
+Patch07700:     0001-use-PT_LOAD-constant.patch
+Patch07701:     0002-calloc.patch
+Patch07702:     0003-import-nayna-s-mbedtls.patch
+Patch07703:     0004-mbedtls-fixups.patch
+Patch07704:     0005-integrate-mbedtls.patch
+Patch07705:     0006-appended-signature-infrastructure.patch
+Patch07706:     0007-awful-hack-for-building.patch
+Patch07707:     0008-Appended-signature-verification.patch
+Patch07708:     0009-Update-mbedtls-to-support-multiple-signers.patch
+Patch07709:     0010-update-for-new-mbedtls.patch
+Patch07710:     0011-verify-ibm-secure-boot-property.patch
+Patch07711:     0012-require-signed-binary-if-32bit-and-secureboot.patch
+Patch07712:     0013-appended-signature-Support-two-certificates.patch
+Source999:      certificate_SLE.crt
+BuildRequires:  openssl
+BuildRequires:  vim
+
 Source1000:     qemu-rpmlintrc
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %if %{build_x86_firmware}
@@ -1401,6 +1424,13 @@ network adapters available with QEMU.
 %prep
 %autosetup -n %{srcname}-%{srcver} -p1
 
+pushd roms/SLOF/
+openssl x509 -in %{_sourcedir}/_projectcert.crt -outform DER -out certificate.der
+xxd -i certificate.der lib/libcrypto/certificate.h
+cp %{SOURCE999} .
+xxd -i certificate_SLE.crt >> lib/libcrypto/certificate.h
+popd
+
 # for the record, this set of firmware files is installed, but we don't
 # build (yet): bamboo.dtb canyonlands.dtb hppa-firmware.img openbios-ppc
 # openbios-sparc32 openbios-sparc64 palcode-clipper petalogix-ml605.dtb
openSUSE Build Service is sponsored by