From 52cd8ce2f838dc2b9769f626781ab7340471dd55 Mon Sep 17 00:00:00 2001
From: Dongsu Park <dpark@linux.microsoft.com>
Date: Tue, 1 Aug 2023 11:51:21 +0200
Subject: [PATCH] overlay sys-kernel/coreos-firmware: update to
 20230625_p20230724

Update coreos-firmware to 20230625_p20230724, mainly to address
CVE-2023-20593.

Gentoo ref: 6390ce05738eac80fc06663a73ca6b22fdaee8d1

Fix issue of dealing with snapshot directory to avoid build failure.
Specify correct symlinks to firmware files of CXGB4, ICE DDP.
---
 .../coreos-overlay/sys-kernel/coreos-firmware/Manifest |  2 +-
 ...build => coreos-firmware-20230625_p20230724.ebuild} |  0
 .../coreos-firmware/coreos-firmware-99999999.ebuild    | 10 ++++++++--
 3 files changed, 9 insertions(+), 3 deletions(-)
 rename sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-firmware/{coreos-firmware-20230117.ebuild => coreos-firmware-20230625_p20230724.ebuild} (100%)

diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-firmware/Manifest b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-firmware/Manifest
index 03ec6333e1..fa71770299 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-firmware/Manifest
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-firmware/Manifest
@@ -1 +1 @@
-DIST linux-firmware-20230117.tar.xz 301424540 BLAKE2B 84a1d1f9d745434f6497cb4e8209b377ff26d815de183e068836a6fca560868a933f0af4d3e7089dc2aeb78427d8374eaf626001d5cbedd39dcb2ec6e05f2c9d SHA512 2ec8bacc1596f3049c8e019868f8496b8bb93080da05105787985f42a0423e2b3c2b51577769f44433e85585f1369c84f3c4742524de21eeaac221a06cd607ee
+DIST linux-firmware-20230625_p20230724.tar.gz 441906566 BLAKE2B 5bed31d9ad78440bb12feeacb1ba27a07ad30b0eb8c7bfd03a4e7a7590012af1f9535a49fbf031abf79dd05ca90be79566f06db6f955910edfdca61281831c67 SHA512 daaf07422eb6f3e1b50f8a5dba5bfff747fe6750c0210ab798745f61d774eef7642ab45b9b404c668cf017d6b7fcf89c34bce9e6c77053b1b81f1a3498c5be18
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-firmware/coreos-firmware-20230117.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-firmware/coreos-firmware-20230625_p20230724.ebuild
similarity index 100%
rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-firmware/coreos-firmware-20230117.ebuild
rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-firmware/coreos-firmware-20230625_p20230724.ebuild
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-firmware/coreos-firmware-99999999.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-firmware/coreos-firmware-99999999.ebuild
index 3d28074116..e562d2eed1 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-firmware/coreos-firmware-99999999.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-firmware/coreos-firmware-99999999.ebuild
@@ -10,7 +10,7 @@ inherit linux-info savedconfig
 
 # In case this is a real snapshot, fill in commit below.
 # For normal, tagged releases, leave blank
-MY_COMMIT=
+MY_COMMIT="59fbffa9ec8e4b0b31d2d13e715cf6580ad0e99c"
 
 if [[ ${PV} == 99999999* ]]; then
 	inherit git-r3
@@ -18,6 +18,7 @@ if [[ ${PV} == 99999999* ]]; then
 else
 	if [[ -n "${MY_COMMIT}" ]]; then
 		SRC_URI="https://git.kernel.org/cgit/linux/kernel/git/firmware/linux-firmware.git/snapshot/${MY_COMMIT}.tar.gz -> linux-firmware-${PV}.tar.gz"
+		S="${WORKDIR}/${MY_COMMIT}"
 	else
 		SRC_URI="https://mirrors.edge.kernel.org/pub/linux/kernel/firmware/linux-firmware-${PV}.tar.xz -> linux-firmware-${PV}.tar.xz"
 	fi
@@ -59,7 +60,7 @@ RESTRICT="binchecks strip"
 # source name is linux-firmware, not coreos-firmware
 S="${WORKDIR}/linux-firmware-${PV}"
 
-CXGB_VERSION="1.27.1.0"
+CXGB_VERSION="1.27.3.0"
 ICE_DDP_VERSION="1.3.30.0"
 
 src_unpack() {
@@ -67,6 +68,11 @@ src_unpack() {
 		git-r3_src_unpack
 	else
 		default
+		# rename directory from git snapshot tarball
+		if [[ ${#MY_COMMIT} -gt 8 ]]; then
+			mv ${MY_COMMIT}/ linux-firmware-${PV} || die
+		fi
+
 		# Upstream linux-firmware tarball does not contain
 		# symlinks for cxgb4 firmware files, but "modinfo
 		# cxgb4.ko" shows it requires t?fw.bin files. These