From f5411aab3695a16af55d292e4699183acee52b7b Mon Sep 17 00:00:00 2001
From: Tommy <contact@tommytran.io>
Date: Tue, 5 Mar 2024 14:24:45 -0700
Subject: [PATCH] Add ARM hardened malloc

Signed-off-by: Tommy <contact@tommytran.io>
---
 UTM-Chrony.ign                                         |  6 ++++++
 UTM-Chrony.yml                                         |  3 +++
 ...edorainfracloud.org:secureblue:hardened_malloc.repo | 10 ++++++++++
 3 files changed, 19 insertions(+)
 create mode 100644 etc/yum.repos.d/_copr:copr.fedorainfracloud.org:secureblue:hardened_malloc.repo

diff --git a/UTM-Chrony.ign b/UTM-Chrony.ign
index 43ee4c6..e07f09f 100644
--- a/UTM-Chrony.ign
+++ b/UTM-Chrony.ign
@@ -60,6 +60,12 @@
           "source": "data:,%5Bupdates%5D%0Astrategy%20%3D%20%22immediate%22%0A"
         }
       },
+      {
+        "path": "/etc/yum.repos.d/_copr:copr.fedorainfracloud.org:secureblue:hardened_malloc.repo",
+        "contents": {
+          "source": "https://raw.githubusercontent.com/TommyTran732/Fedora-CoreOS-Ignition/main/etc/yum.repos.d/_copr:copr.fedorainfracloud.org:secureblue:hardened_malloc.repo"
+        }
+      },
       {
         "overwrite": true,
         "path": "/etc/chrony.conf",
diff --git a/UTM-Chrony.yml b/UTM-Chrony.yml
index 385a9aa..326cca3 100644
--- a/UTM-Chrony.yml
+++ b/UTM-Chrony.yml
@@ -111,6 +111,9 @@ storage:
         inline: |
           [updates]
           strategy = "immediate"
+    - path: /etc/yum.repos.d/_copr:copr.fedorainfracloud.org:secureblue:hardened_malloc.repo
+      contents:
+        source: https://raw.githubusercontent.com/TommyTran732/Fedora-CoreOS-Ignition/main/etc/yum.repos.d/_copr:copr.fedorainfracloud.org:secureblue:hardened_malloc.repo
     - path: /etc/chrony.conf
       contents:
         source: https://raw.githubusercontent.com/GrapheneOS/infrastructure/main/chrony.conf
diff --git a/etc/yum.repos.d/_copr:copr.fedorainfracloud.org:secureblue:hardened_malloc.repo b/etc/yum.repos.d/_copr:copr.fedorainfracloud.org:secureblue:hardened_malloc.repo
new file mode 100644
index 0000000..8b4952d
--- /dev/null
+++ b/etc/yum.repos.d/_copr:copr.fedorainfracloud.org:secureblue:hardened_malloc.repo
@@ -0,0 +1,10 @@
+[copr:copr.fedorainfracloud.org:secureblue:hardened_malloc]
+name=Copr repo for hardened_malloc owned by secureblue
+baseurl=https://download.copr.fedorainfracloud.org/results/secureblue/hardened_malloc/fedora-$releasever-$basearch/
+type=rpm-md
+skip_if_unavailable=True
+gpgcheck=1
+gpgkey=https://download.copr.fedorainfracloud.org/results/secureblue/hardened_malloc/pubkey.gpg
+repo_gpgcheck=0
+enabled=1
+enabled_metadata=1
\ No newline at end of file