From d23f9c3185f2ea09e251ff3cd8298daaf48515c8 Mon Sep 17 00:00:00 2001
From: Paul Meyer <katexochen0@gmail.com>
Date: Fri, 10 Jan 2025 11:34:20 +0100
Subject: [PATCH] microsoft.genpolicy: 3.2.0.azl3.genpolicy2 ->
 3.2.0.azl3.genpolicy3

Signed-off-by: Paul Meyer <katexochen0@gmail.com>
---
 ...olicy-add-rules-and-types-for-volumeDevices.patch | 12 ++++++------
 ...-regex-check-contrast-specific-layer-src-pr.patch |  4 ++--
 packages/by-name/microsoft/genpolicy/package.nix     |  6 +++---
 3 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/packages/by-name/microsoft/genpolicy/0001-genpolicy-add-rules-and-types-for-volumeDevices.patch b/packages/by-name/microsoft/genpolicy/0001-genpolicy-add-rules-and-types-for-volumeDevices.patch
index 1fb09b37d1..44beb6db6f 100644
--- a/packages/by-name/microsoft/genpolicy/0001-genpolicy-add-rules-and-types-for-volumeDevices.patch
+++ b/packages/by-name/microsoft/genpolicy/0001-genpolicy-add-rules-and-types-for-volumeDevices.patch
@@ -14,10 +14,10 @@ Signed-off-by: Markus Rudy <mr@edgeless.systems>
  6 files changed, 85 insertions(+)
 
 diff --git a/src/tools/genpolicy/rules.rego b/src/tools/genpolicy/rules.rego
-index a5208cf9d3b38edfe6ab777ce0bafb81bf3b84dc..aa0488ae2dffc63780967ca706ea2c8ffcfb1391 100644
+index 4e4c3b3e03ddf173ebfcf07915f3f16a6801627b..b904391af531327d7def819cb9da47cd04d7124e 100644
 --- a/src/tools/genpolicy/rules.rego
 +++ b/src/tools/genpolicy/rules.rego
-@@ -62,6 +62,7 @@ CreateContainerRequest {
+@@ -63,6 +63,7 @@ CreateContainerRequest {
  
      i_oci := input.OCI
      i_storages := input.storages
@@ -25,7 +25,7 @@ index a5208cf9d3b38edfe6ab777ce0bafb81bf3b84dc..aa0488ae2dffc63780967ca706ea2c8f
  
      # Check if any element from the policy_data.containers array allows the input request.
      some p_container in policy_data.containers
-@@ -85,6 +86,9 @@ CreateContainerRequest {
+@@ -86,6 +87,9 @@ CreateContainerRequest {
      p_storages := p_container.storages
      allow_by_anno(p_oci, i_oci, p_storages, i_storages)
  
@@ -35,7 +35,7 @@ index a5208cf9d3b38edfe6ab777ce0bafb81bf3b84dc..aa0488ae2dffc63780967ca706ea2c8f
      allow_linux(p_oci, i_oci)
  
      print("CreateContainerRequest: true")
-@@ -361,6 +365,16 @@ allow_log_directory(p_oci, i_oci) {
+@@ -362,6 +366,16 @@ allow_log_directory(p_oci, i_oci) {
      print("allow_log_directory: true")
  }
  
@@ -52,7 +52,7 @@ index a5208cf9d3b38edfe6ab777ce0bafb81bf3b84dc..aa0488ae2dffc63780967ca706ea2c8f
  allow_linux(p_oci, i_oci) {
      p_namespaces := p_oci.Linux.Namespaces
      print("allow_linux: p namespaces =", p_namespaces)
-@@ -372,6 +386,7 @@ allow_linux(p_oci, i_oci) {
+@@ -373,6 +387,7 @@ allow_linux(p_oci, i_oci) {
  
      allow_masked_paths(p_oci, i_oci)
      allow_readonly_paths(p_oci, i_oci)
@@ -60,7 +60,7 @@ index a5208cf9d3b38edfe6ab777ce0bafb81bf3b84dc..aa0488ae2dffc63780967ca706ea2c8f
  
      print("allow_linux: true")
  }
-@@ -460,6 +475,13 @@ allow_readonly_path(p_elem, i_array, masked_paths) {
+@@ -461,6 +476,13 @@ allow_readonly_path(p_elem, i_array, masked_paths) {
      print("allow_readonly_path 2: true")
  }
  
diff --git a/packages/by-name/microsoft/genpolicy/0004-genpolicy-regex-check-contrast-specific-layer-src-pr.patch b/packages/by-name/microsoft/genpolicy/0004-genpolicy-regex-check-contrast-specific-layer-src-pr.patch
index 2f46ee8cd8..a6eb1c452e 100644
--- a/packages/by-name/microsoft/genpolicy/0004-genpolicy-regex-check-contrast-specific-layer-src-pr.patch
+++ b/packages/by-name/microsoft/genpolicy/0004-genpolicy-regex-check-contrast-specific-layer-src-pr.patch
@@ -9,10 +9,10 @@ Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/src/tools/genpolicy/rules.rego b/src/tools/genpolicy/rules.rego
-index aa0488ae2dffc63780967ca706ea2c8ffcfb1391..38171ac667d6084b085633aedf669ed381c10e22 100644
+index b904391af531327d7def819cb9da47cd04d7124e..33c44fd4c8d20dcc4c13cbd12fcd9e577994ee97 100644
 --- a/src/tools/genpolicy/rules.rego
 +++ b/src/tools/genpolicy/rules.rego
-@@ -944,7 +944,7 @@ allow_storage_options(p_storage, i_storage, layer_ids, root_hashes) {
+@@ -948,7 +948,7 @@ allow_storage_options(p_storage, i_storage, layer_ids, root_hashes) {
      i_count == p_count + 3
  
      print("allow_storage_options 2: i_storage.options[0] =", i_storage.options[0])
diff --git a/packages/by-name/microsoft/genpolicy/package.nix b/packages/by-name/microsoft/genpolicy/package.nix
index 53766d0006..e74b2a36ae 100644
--- a/packages/by-name/microsoft/genpolicy/package.nix
+++ b/packages/by-name/microsoft/genpolicy/package.nix
@@ -17,14 +17,14 @@
 
 rustPlatform.buildRustPackage rec {
   pname = "genpolicy";
-  version = "3.2.0.azl3.genpolicy2";
+  version = "3.2.0.azl3.genpolicy3";
 
   src = applyPatches {
     src = fetchFromGitHub {
       owner = "microsoft";
       repo = "kata-containers";
       rev = "refs/tags/${version}";
-      hash = "sha256-kdXCwiDQSs9K70KCgvYjglQrU80PgjHFYXWPM/1+1/I=";
+      hash = "sha256-1LodjolEG45EcYVoV07TlAb6ym4GR1bOiS7A5Bib8jY=";
     };
 
     patches = [
@@ -82,7 +82,7 @@ rustPlatform.buildRustPackage rec {
 
   sourceRoot = "${src.name}/src/tools/genpolicy";
 
-  cargoHash = "sha256-/s8D6uHVU6iao6Jq/pyiK1inXPlousICoYaqbyzH/II=";
+  cargoHash = "sha256-gmO8DYMcNjkHWXJlGEJcD9qgilfJ3HFDeF/UPEshqwk=";
 
   OPENSSL_NO_VENDOR = 1;