Update kernel-std patches for kernel upgrade to version 1062.1.2
This upgrade fixes the CVEs listed below. We refresh the patches against the new kernel source. The patch 15 is now included in new version, so I drop it in the new patch. CVE bug: CVE-2019-11810:kernel: a NULL pointer dereference in drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS CVE bug: CVE-2019-11811: kernel: use-after-free in IPMI Edit CVE bug: CVE-2019-14835: kernel: vhost-net: guest to host kernel escape during migration Closes-Bug: 1849206 Closes-Bug: 1849209 Closes-Bug: 1847817 Change-Id: I217cf8684e31dacea627c33462e5e4b6e089c38f Depends-On: https://review.opendev.org/#/c/695355/ Signed-off-by: Robin Lu <bin1.lu@intel.com>
This commit is contained in:
parent
5be0a50d3b
commit
38c184f1b4
@ -7,7 +7,7 @@ grub2-2.02-0.76.el7.centos.src.rpm
|
|||||||
grubby-8.28-25.el7.src.rpm
|
grubby-8.28-25.el7.src.rpm
|
||||||
haproxy-1.5.18-8.el7.src.rpm
|
haproxy-1.5.18-8.el7.src.rpm
|
||||||
initscripts-9.49.46-1.el7.src.rpm
|
initscripts-9.49.46-1.el7.src.rpm
|
||||||
kernel-3.10.0-957.21.3.el7.src.rpm
|
kernel-3.10.0-1062.1.2.el7.src.rpm
|
||||||
libevent-2.0.21-4.el7.src.rpm
|
libevent-2.0.21-4.el7.src.rpm
|
||||||
# libibverbs-41mlnx1-OFED.4.5.0.1.0.45101.src.rpm
|
# libibverbs-41mlnx1-OFED.4.5.0.1.0.45101.src.rpm
|
||||||
lighttpd-1.4.54-1.el7.src.rpm
|
lighttpd-1.4.54-1.el7.src.rpm
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
COPY_LIST="files/*"
|
COPY_LIST="files/*"
|
||||||
TIS_PATCH_VER=2
|
TIS_PATCH_VER=1
|
||||||
BUILD_IS_BIG=11
|
BUILD_IS_BIG=11
|
||||||
BUILD_IS_SLOW=12
|
BUILD_IS_SLOW=12
|
||||||
|
@ -5,8 +5,9 @@ Subject: [PATCH] Build logic and sources for TiC
|
|||||||
|
|
||||||
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
|
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
|
||||||
Signed-off-by: zhao.shuai <zhaos@neusoft.com>
|
Signed-off-by: zhao.shuai <zhaos@neusoft.com>
|
||||||
|
Signed-off-by: Robin Lu <bin1.lu@intel.com>
|
||||||
---
|
---
|
||||||
SPECS/kernel.spec | 73 +++++++++++++++++++++++++++++++++++++++++++++----------
|
SPECS/kernel.spec | 73 ++++++++++++++++++++++++++++++++++++++---------
|
||||||
1 file changed, 60 insertions(+), 13 deletions(-)
|
1 file changed, 60 insertions(+), 13 deletions(-)
|
||||||
|
|
||||||
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
|
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
|
||||||
@ -24,23 +25,23 @@ index 852fd10..e42177e 100644
|
|||||||
# For a kernel released for public testing, released_kernel should be 1.
|
# For a kernel released for public testing, released_kernel should be 1.
|
||||||
# For internal testing builds during development, it should be 0.
|
# For internal testing builds during development, it should be 0.
|
||||||
@@ -14,12 +15,14 @@ Summary: The Linux kernel
|
@@ -14,12 +15,14 @@ Summary: The Linux kernel
|
||||||
%global distro_build 957
|
%global distro_build 1062
|
||||||
|
|
||||||
%define rpmversion 3.10.0
|
%define rpmversion 3.10.0
|
||||||
-%define pkgrelease 957.21.3.el7
|
-%define pkgrelease 1062.1.2.el7
|
||||||
+%define _pkgrelease 957.21.3
|
+%define _pkgrelease 1062.1.2
|
||||||
+%define pkgrelease %{_pkgrelease}.el7
|
+%define pkgrelease %{_pkgrelease}.el7
|
||||||
+
|
+
|
||||||
|
|
||||||
# allow pkg_release to have configurable %%{?dist} tag
|
# allow pkg_release to have configurable %%{?dist} tag
|
||||||
%define specrelease 957.21.3%{?dist}
|
%define specrelease 1062.1.2%{?dist}
|
||||||
|
|
||||||
-%define pkg_release %{specrelease}%{?buildid}
|
-%define pkg_release %{specrelease}%{?buildid}
|
||||||
+%define pkg_release %{specrelease}%{buildid}
|
+%define pkg_release %{specrelease}%{buildid}
|
||||||
|
|
||||||
# The kernel tarball/base version
|
# The kernel tarball/base version
|
||||||
%define rheltarball %{rpmversion}-%{pkgrelease}
|
%define rheltarball %{rpmversion}-%{pkgrelease}
|
||||||
@@ -68,7 +71,7 @@ Summary: The Linux kernel
|
@@ -69,7 +72,7 @@ Summary: The Linux kernel
|
||||||
%define with_dbgonly %{?_with_dbgonly: 1} %{?!_with_dbgonly: 0}
|
%define with_dbgonly %{?_with_dbgonly: 1} %{?!_with_dbgonly: 0}
|
||||||
|
|
||||||
# Control whether we perform a compat. check against published ABI.
|
# Control whether we perform a compat. check against published ABI.
|
||||||
@ -48,8 +49,8 @@ index 852fd10..e42177e 100644
|
|||||||
+%define with_kabichk 0
|
+%define with_kabichk 0
|
||||||
|
|
||||||
# Control whether we perform a compat. check against DUP ABI.
|
# Control whether we perform a compat. check against DUP ABI.
|
||||||
%define with_kabidupchk 1
|
%define with_kabidupchk %{?_with_kabidupchk: 1} %{?!_with_kabidupchk: 0}
|
||||||
@@ -91,7 +94,7 @@ Summary: The Linux kernel
|
@@ -92,7 +95,7 @@ Summary: The Linux kernel
|
||||||
# Set debugbuildsenabled to 1 for production (build separate debug kernels)
|
# Set debugbuildsenabled to 1 for production (build separate debug kernels)
|
||||||
# and 0 for rawhide (all kernels are debug kernels).
|
# and 0 for rawhide (all kernels are debug kernels).
|
||||||
# See also 'make debug' and 'make release'. RHEL only ever does 1.
|
# See also 'make debug' and 'make release'. RHEL only ever does 1.
|
||||||
@ -58,7 +59,7 @@ index 852fd10..e42177e 100644
|
|||||||
|
|
||||||
%define with_gcov %{?_with_gcov: 1} %{?!_with_gcov: 0}
|
%define with_gcov %{?_with_gcov: 1} %{?!_with_gcov: 0}
|
||||||
|
|
||||||
@@ -385,6 +388,7 @@ BuildRequires: bison flex
|
@@ -386,6 +389,7 @@ BuildRequires: bison flex
|
||||||
# required for zfcpdump
|
# required for zfcpdump
|
||||||
BuildRequires: glibc-static
|
BuildRequires: glibc-static
|
||||||
%endif
|
%endif
|
||||||
@ -66,7 +67,7 @@ index 852fd10..e42177e 100644
|
|||||||
|
|
||||||
Source0: linux-%{rpmversion}-%{pkgrelease}.tar.xz
|
Source0: linux-%{rpmversion}-%{pkgrelease}.tar.xz
|
||||||
|
|
||||||
@@ -450,6 +454,12 @@ Patch1000: debrand-single-cpu.patch
|
@@ -453,6 +457,12 @@ Patch1000: debrand-single-cpu.patch
|
||||||
Patch1001: debrand-rh_taint.patch
|
Patch1001: debrand-rh_taint.patch
|
||||||
Patch1002: debrand-rh-i686-cpu.patch
|
Patch1002: debrand-rh-i686-cpu.patch
|
||||||
|
|
||||||
@ -79,7 +80,7 @@ index 852fd10..e42177e 100644
|
|||||||
BuildRoot: %{_tmppath}/kernel-%{KVRA}-root
|
BuildRoot: %{_tmppath}/kernel-%{KVRA}-root
|
||||||
|
|
||||||
%description
|
%description
|
||||||
@@ -612,6 +622,13 @@ manipulation of eBPF programs and maps.
|
@@ -626,6 +636,13 @@ This package provides debug information for the bpftool package.
|
||||||
|
|
||||||
%endif # with_bpftool
|
%endif # with_bpftool
|
||||||
|
|
||||||
@ -93,7 +94,7 @@ index 852fd10..e42177e 100644
|
|||||||
%if %{with_gcov}
|
%if %{with_gcov}
|
||||||
%package gcov
|
%package gcov
|
||||||
Summary: gcov graph and source files for coverage data collection.
|
Summary: gcov graph and source files for coverage data collection.
|
||||||
@@ -777,6 +794,9 @@ cd linux-%{KVRA}
|
@@ -791,6 +808,9 @@ cd linux-%{KVRA}
|
||||||
# Drop some necessary files from the source dir into the buildroot
|
# Drop some necessary files from the source dir into the buildroot
|
||||||
cp $RPM_SOURCE_DIR/kernel-%{version}-*.config .
|
cp $RPM_SOURCE_DIR/kernel-%{version}-*.config .
|
||||||
|
|
||||||
@ -103,7 +104,7 @@ index 852fd10..e42177e 100644
|
|||||||
ApplyOptionalPatch linux-kernel-test.patch
|
ApplyOptionalPatch linux-kernel-test.patch
|
||||||
ApplyOptionalPatch debrand-single-cpu.patch
|
ApplyOptionalPatch debrand-single-cpu.patch
|
||||||
ApplyOptionalPatch debrand-rh_taint.patch
|
ApplyOptionalPatch debrand-rh_taint.patch
|
||||||
@@ -821,6 +841,15 @@ for i in *.config
|
@@ -835,6 +855,15 @@ for i in *.config
|
||||||
do
|
do
|
||||||
mv $i .config
|
mv $i .config
|
||||||
Arch=`head -1 .config | cut -b 3-`
|
Arch=`head -1 .config | cut -b 3-`
|
||||||
@ -119,7 +120,7 @@ index 852fd10..e42177e 100644
|
|||||||
make %{?cross_opts} ARCH=$Arch listnewconfig | grep -E '^CONFIG_' >.newoptions || true
|
make %{?cross_opts} ARCH=$Arch listnewconfig | grep -E '^CONFIG_' >.newoptions || true
|
||||||
%if %{listnewconfig_fail}
|
%if %{listnewconfig_fail}
|
||||||
if [ -s .newoptions ]; then
|
if [ -s .newoptions ]; then
|
||||||
@@ -894,12 +923,13 @@ BuildKernel() {
|
@@ -908,12 +937,13 @@ BuildKernel() {
|
||||||
|
|
||||||
# and now to start the build process
|
# and now to start the build process
|
||||||
|
|
||||||
@ -134,7 +135,7 @@ index 852fd10..e42177e 100644
|
|||||||
|
|
||||||
cp configs/$Config .config
|
cp configs/$Config .config
|
||||||
|
|
||||||
@@ -914,8 +944,8 @@ BuildKernel() {
|
@@ -928,8 +958,8 @@ BuildKernel() {
|
||||||
fi
|
fi
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
@ -145,7 +146,7 @@ index 852fd10..e42177e 100644
|
|||||||
|
|
||||||
if [ "$Flavour" != "kdump" ]; then
|
if [ "$Flavour" != "kdump" ]; then
|
||||||
make -s %{?cross_opts} ARCH=$Arch V=1 %{?_smp_mflags} KCFLAGS="%{?kcflags}" WITH_GCOV="%{?with_gcov}" modules %{?sparse_mflags} || exit 1
|
make -s %{?cross_opts} ARCH=$Arch V=1 %{?_smp_mflags} KCFLAGS="%{?kcflags}" WITH_GCOV="%{?with_gcov}" modules %{?sparse_mflags} || exit 1
|
||||||
@@ -939,6 +969,8 @@ BuildKernel() {
|
@@ -953,6 +983,8 @@ BuildKernel() {
|
||||||
fi
|
fi
|
||||||
# EFI SecureBoot signing, x86_64-only
|
# EFI SecureBoot signing, x86_64-only
|
||||||
%ifarch x86_64
|
%ifarch x86_64
|
||||||
@ -154,7 +155,7 @@ index 852fd10..e42177e 100644
|
|||||||
%pesign -s -i $KernelImage -o $KernelImage.signed -a %{SOURCE13} -c %{SOURCE14} -n %{pesign_name}
|
%pesign -s -i $KernelImage -o $KernelImage.signed -a %{SOURCE13} -c %{SOURCE14} -n %{pesign_name}
|
||||||
mv $KernelImage.signed $KernelImage
|
mv $KernelImage.signed $KernelImage
|
||||||
%endif
|
%endif
|
||||||
@@ -955,7 +987,7 @@ BuildKernel() {
|
@@ -969,7 +1001,7 @@ BuildKernel() {
|
||||||
if [ "$Flavour" != "kdump" ]; then
|
if [ "$Flavour" != "kdump" ]; then
|
||||||
# Override $(mod-fw) because we don't want it to install any firmware
|
# Override $(mod-fw) because we don't want it to install any firmware
|
||||||
# we'll get it from the linux-firmware package and we don't want conflicts
|
# we'll get it from the linux-firmware package and we don't want conflicts
|
||||||
@ -163,7 +164,7 @@ index 852fd10..e42177e 100644
|
|||||||
%if %{with_gcov}
|
%if %{with_gcov}
|
||||||
# install gcov-needed files to $BUILDROOT/$BUILD/...:
|
# install gcov-needed files to $BUILDROOT/$BUILD/...:
|
||||||
# gcov_info->filename is absolute path
|
# gcov_info->filename is absolute path
|
||||||
@@ -965,7 +997,7 @@ BuildKernel() {
|
@@ -979,7 +1011,7 @@ BuildKernel() {
|
||||||
%endif
|
%endif
|
||||||
fi
|
fi
|
||||||
%ifarch %{vdso_arches}
|
%ifarch %{vdso_arches}
|
||||||
@ -172,7 +173,7 @@ index 852fd10..e42177e 100644
|
|||||||
if [ ! -s ldconfig-kernel.conf ]; then
|
if [ ! -s ldconfig-kernel.conf ]; then
|
||||||
echo > ldconfig-kernel.conf "\
|
echo > ldconfig-kernel.conf "\
|
||||||
# Placeholder file, no vDSO hwcap entries used in this kernel."
|
# Placeholder file, no vDSO hwcap entries used in this kernel."
|
||||||
@@ -1174,6 +1206,12 @@ BuildKernel() {
|
@@ -1188,6 +1220,12 @@ BuildKernel() {
|
||||||
cp signing_key.priv signing_key.priv.sign${Flavour:+.${Flavour}}
|
cp signing_key.priv signing_key.priv.sign${Flavour:+.${Flavour}}
|
||||||
cp signing_key.x509 signing_key.x509.sign${Flavour:+.${Flavour}}
|
cp signing_key.x509 signing_key.x509.sign${Flavour:+.${Flavour}}
|
||||||
|
|
||||||
@ -185,7 +186,7 @@ index 852fd10..e42177e 100644
|
|||||||
# remove files that will be auto generated by depmod at rpm -i time
|
# remove files that will be auto generated by depmod at rpm -i time
|
||||||
for i in alias alias.bin builtin.bin ccwmap dep dep.bin ieee1394map inputmap isapnpmap ofmap pcimap seriomap symbols symbols.bin usbmap softdep devname
|
for i in alias alias.bin builtin.bin ccwmap dep dep.bin ieee1394map inputmap isapnpmap ofmap pcimap seriomap symbols symbols.bin usbmap softdep devname
|
||||||
do
|
do
|
||||||
@@ -1234,15 +1272,15 @@ make %{?cross_opts} %{?_smp_mflags} -C tools/power/cpupower CPUFREQ_BENCH=false
|
@@ -1248,15 +1286,15 @@ make %{?cross_opts} %{?_smp_mflags} -C tools/power/cpupower CPUFREQ_BENCH=false
|
||||||
%endif
|
%endif
|
||||||
%ifarch x86_64
|
%ifarch x86_64
|
||||||
pushd tools/power/x86/x86_energy_perf_policy/
|
pushd tools/power/x86/x86_energy_perf_policy/
|
||||||
@ -204,7 +205,7 @@ index 852fd10..e42177e 100644
|
|||||||
popd
|
popd
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
@@ -1536,6 +1574,10 @@ fi}\
|
@@ -1550,6 +1588,10 @@ fi}\
|
||||||
%{expand:\
|
%{expand:\
|
||||||
%{_sbindir}/new-kernel-pkg --package kernel%{?-v:-%{-v*}} --install %{KVRA}%{?-v:.%{-v*}} || exit $?\
|
%{_sbindir}/new-kernel-pkg --package kernel%{?-v:-%{-v*}} --install %{KVRA}%{?-v:.%{-v*}} || exit $?\
|
||||||
}\
|
}\
|
||||||
@ -215,7 +216,7 @@ index 852fd10..e42177e 100644
|
|||||||
%{nil}
|
%{nil}
|
||||||
|
|
||||||
#
|
#
|
||||||
@@ -1756,6 +1798,11 @@ fi
|
@@ -1775,6 +1817,11 @@ fi
|
||||||
%kernel_variant_files %{with_debug} debug
|
%kernel_variant_files %{with_debug} debug
|
||||||
%kernel_variant_files %{with_kdump} kdump
|
%kernel_variant_files %{with_kdump} kdump
|
||||||
|
|
||||||
@ -225,7 +226,7 @@ index 852fd10..e42177e 100644
|
|||||||
+%endif
|
+%endif
|
||||||
+
|
+
|
||||||
%changelog
|
%changelog
|
||||||
* Mon Jun 17 2019 CentOS Sources <bugs@centos.org> - 3.10.0-957.21.3.el7
|
* Fri Sep 20 2019 CentOS Sources <bugs@centos.org> - 3.10.0-1062.1.2.el7
|
||||||
- Apply debranding changes
|
- Apply debranding changes
|
||||||
--
|
--
|
||||||
1.8.3.1
|
1.8.3.1
|
||||||
|
@ -16,7 +16,7 @@ diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
|
|||||||
index d5df4a4..1d765ed 100644
|
index d5df4a4..1d765ed 100644
|
||||||
--- a/SPECS/kernel.spec
|
--- a/SPECS/kernel.spec
|
||||||
+++ b/SPECS/kernel.spec
|
+++ b/SPECS/kernel.spec
|
||||||
@@ -495,6 +495,12 @@ Patch40027: epoll-fix-use-after-free-in-eventpoll_release_file.patch
|
@@ -497,6 +497,12 @@ Patch40027: epoll-fix-use-after-free-in-eventpoll_release_file.patch
|
||||||
Patch40028: ipvs-fix-memory-leak-in-ip_vs_ctl.c.patch
|
Patch40028: ipvs-fix-memory-leak-in-ip_vs_ctl.c.patch
|
||||||
Patch40029: rh-ext4-release-leaked-posix-acl-in-ext4_acl_chmod.patch
|
Patch40029: rh-ext4-release-leaked-posix-acl-in-ext4_acl_chmod.patch
|
||||||
Patch40030: rh-ext4-release-leaked-posix-acl-in-ext4_xattr_set_a.patch
|
Patch40030: rh-ext4-release-leaked-posix-acl-in-ext4_xattr_set_a.patch
|
||||||
@ -29,7 +29,7 @@ index d5df4a4..1d765ed 100644
|
|||||||
|
|
||||||
BuildRoot: %{_tmppath}/kernel-%{KVRA}-root
|
BuildRoot: %{_tmppath}/kernel-%{KVRA}-root
|
||||||
|
|
||||||
@@ -869,6 +875,9 @@ ApplyOptionalPatch epoll-fix-use-after-free-in-eventpoll_release_file.patch
|
@@ -881,6 +887,9 @@ ApplyOptionalPatch epoll-fix-use-after-free-in-eventpoll_release_file.patch
|
||||||
ApplyOptionalPatch ipvs-fix-memory-leak-in-ip_vs_ctl.c.patch
|
ApplyOptionalPatch ipvs-fix-memory-leak-in-ip_vs_ctl.c.patch
|
||||||
ApplyOptionalPatch rh-ext4-release-leaked-posix-acl-in-ext4_acl_chmod.patch
|
ApplyOptionalPatch rh-ext4-release-leaked-posix-acl-in-ext4_acl_chmod.patch
|
||||||
ApplyOptionalPatch rh-ext4-release-leaked-posix-acl-in-ext4_xattr_set_a.patch
|
ApplyOptionalPatch rh-ext4-release-leaked-posix-acl-in-ext4_xattr_set_a.patch
|
||||||
|
@ -6,15 +6,16 @@ Subject: [PATCH 1/2] Kernel-source-patches-for-TiC
|
|||||||
|
|
||||||
Signed-off-by: zhao.shuai <zhaos@neusoft.com>
|
Signed-off-by: zhao.shuai <zhaos@neusoft.com>
|
||||||
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
|
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
|
||||||
|
Signed-off-by: Robin Lu <bin1.lu@intel.com>
|
||||||
---
|
---
|
||||||
SPECS/kernel.spec | 68 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
|
SPECS/kernel.spec | 66 +++++++++++++++++++++++++++++++++++++++++++++++
|
||||||
1 file changed, 68 insertions(+)
|
1 file changed, 66 insertions(+)
|
||||||
|
|
||||||
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
|
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
|
||||||
index e42177e..d5df4a4 100644
|
index e42177e..d5df4a4 100644
|
||||||
--- a/SPECS/kernel.spec
|
--- a/SPECS/kernel.spec
|
||||||
+++ b/SPECS/kernel.spec
|
+++ b/SPECS/kernel.spec
|
||||||
@@ -460,6 +460,42 @@ Patch1002: debrand-rh-i686-cpu.patch
|
@@ -463,6 +463,41 @@ Patch1002: debrand-rh-i686-cpu.patch
|
||||||
Source30000: kernel-3.10.0-x86_64.config.tis_extra
|
Source30000: kernel-3.10.0-x86_64.config.tis_extra
|
||||||
Source30001: ima_signing_key.pub
|
Source30001: ima_signing_key.pub
|
||||||
|
|
||||||
@ -33,7 +34,6 @@ index e42177e..d5df4a4 100644
|
|||||||
+Patch40012: Enable-building-mpt2sas-and-mpt3sas-as-builtin-for-C.patch
|
+Patch40012: Enable-building-mpt2sas-and-mpt3sas-as-builtin-for-C.patch
|
||||||
+Patch40013: Enable-building-kernel-with-CONFIG_BLK_DEV_NBD.patch
|
+Patch40013: Enable-building-kernel-with-CONFIG_BLK_DEV_NBD.patch
|
||||||
+Patch40014: x86-make-dma_alloc_coherent-return-zeroed-memory-if-.patch
|
+Patch40014: x86-make-dma_alloc_coherent-return-zeroed-memory-if-.patch
|
||||||
+Patch40015: rcu-Don-t-wake-rcuc-X-kthreads-on-NOCB-CPUs.patch
|
|
||||||
+Patch40016: Porting-Cacheinfo-from-Kernel-4.10.17.patch
|
+Patch40016: Porting-Cacheinfo-from-Kernel-4.10.17.patch
|
||||||
+Patch40017: Fix-cacheinfo-compilation-issues-for-3.10.patch
|
+Patch40017: Fix-cacheinfo-compilation-issues-for-3.10.patch
|
||||||
+Patch40018: cpuidle-menu-stop-seeking-deeper-idle-if-current-sta.patch
|
+Patch40018: cpuidle-menu-stop-seeking-deeper-idle-if-current-sta.patch
|
||||||
@ -57,7 +57,7 @@ index e42177e..d5df4a4 100644
|
|||||||
BuildRoot: %{_tmppath}/kernel-%{KVRA}-root
|
BuildRoot: %{_tmppath}/kernel-%{KVRA}-root
|
||||||
|
|
||||||
%description
|
%description
|
||||||
@@ -802,6 +838,38 @@ ApplyOptionalPatch debrand-single-cpu.patch
|
@@ -816,6 +851,37 @@ ApplyOptionalPatch debrand-single-cpu.patch
|
||||||
ApplyOptionalPatch debrand-rh_taint.patch
|
ApplyOptionalPatch debrand-rh_taint.patch
|
||||||
ApplyOptionalPatch debrand-rh-i686-cpu.patch
|
ApplyOptionalPatch debrand-rh-i686-cpu.patch
|
||||||
|
|
||||||
@ -76,7 +76,6 @@ index e42177e..d5df4a4 100644
|
|||||||
+ApplyOptionalPatch Enable-building-mpt2sas-and-mpt3sas-as-builtin-for-C.patch
|
+ApplyOptionalPatch Enable-building-mpt2sas-and-mpt3sas-as-builtin-for-C.patch
|
||||||
+ApplyOptionalPatch Enable-building-kernel-with-CONFIG_BLK_DEV_NBD.patch
|
+ApplyOptionalPatch Enable-building-kernel-with-CONFIG_BLK_DEV_NBD.patch
|
||||||
+ApplyOptionalPatch x86-make-dma_alloc_coherent-return-zeroed-memory-if-.patch
|
+ApplyOptionalPatch x86-make-dma_alloc_coherent-return-zeroed-memory-if-.patch
|
||||||
+ApplyOptionalPatch rcu-Don-t-wake-rcuc-X-kthreads-on-NOCB-CPUs.patch
|
|
||||||
+ApplyOptionalPatch Porting-Cacheinfo-from-Kernel-4.10.17.patch
|
+ApplyOptionalPatch Porting-Cacheinfo-from-Kernel-4.10.17.patch
|
||||||
+ApplyOptionalPatch Fix-cacheinfo-compilation-issues-for-3.10.patch
|
+ApplyOptionalPatch Fix-cacheinfo-compilation-issues-for-3.10.patch
|
||||||
+ApplyOptionalPatch cpuidle-menu-stop-seeking-deeper-idle-if-current-sta.patch
|
+ApplyOptionalPatch cpuidle-menu-stop-seeking-deeper-idle-if-current-sta.patch
|
||||||
|
@ -5,15 +5,54 @@ Date: Thu, 15 Dec 2016 14:27:48 -0500
|
|||||||
Subject: [PATCH 01/26] Fix compile issue when transparent hugepages are off
|
Subject: [PATCH 01/26] Fix compile issue when transparent hugepages are off
|
||||||
|
|
||||||
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
|
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
|
||||||
|
Signed-off-by: Robin Lu <bin1.lu@intel.com>
|
||||||
---
|
---
|
||||||
|
drivers/gpu/drm/i915/i915_gemfs.c | 4 ++--
|
||||||
|
fs/proc/task_mmu.c | 2 ++
|
||||||
mm/swap.c | 2 ++
|
mm/swap.c | 2 ++
|
||||||
1 file changed, 2 insertions(+)
|
3 files changed, 6 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/drivers/gpu/drm/i915/i915_gemfs.c b/drivers/gpu/drm/i915/i915_gemfs.c
|
||||||
|
index 888b7d3f..efe915c7 100644
|
||||||
|
--- a/drivers/gpu/drm/i915/i915_gemfs.c
|
||||||
|
+++ b/drivers/gpu/drm/i915/i915_gemfs.c
|
||||||
|
@@ -49,7 +49,7 @@ int i915_gemfs_init(struct drm_i915_private *i915)
|
||||||
|
* memory pressure shmem should split any huge-pages which can be
|
||||||
|
* shrunk.
|
||||||
|
*/
|
||||||
|
-
|
||||||
|
+#ifdef CONFIG_TRANSPARENT_HUGEPAGE
|
||||||
|
if (has_transparent_hugepage()) {
|
||||||
|
struct super_block *sb = gemfs->mnt_sb;
|
||||||
|
/* FIXME: Disabled until we get W/A for read BW issue. */
|
||||||
|
@@ -63,7 +63,7 @@ int i915_gemfs_init(struct drm_i915_private *i915)
|
||||||
|
return err;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
-
|
||||||
|
+#endif
|
||||||
|
i915->mm.gemfs = gemfs;
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c
|
||||||
|
index e27a1d42..e8a8ba9d 100644
|
||||||
|
--- a/fs/proc/task_mmu.c
|
||||||
|
+++ b/fs/proc/task_mmu.c
|
||||||
|
@@ -1116,7 +1116,9 @@ static int pagemap_pmd_range(pmd_t *pmdp, unsigned long addr, unsigned long end,
|
||||||
|
{
|
||||||
|
struct vm_area_struct *vma;
|
||||||
|
struct pagemapread *pm = walk->private;
|
||||||
|
+#ifdef CONFIG_TRANSPARENT_HUGEPAGE
|
||||||
|
spinlock_t *ptl;
|
||||||
|
+#endif
|
||||||
|
pte_t *pte;
|
||||||
|
int err = 0;
|
||||||
|
|
||||||
diff --git a/mm/swap.c b/mm/swap.c
|
diff --git a/mm/swap.c b/mm/swap.c
|
||||||
index 0982a35..6dcf38c 100644
|
index 0982a35..6dcf38c 100644
|
||||||
--- a/mm/swap.c
|
--- a/mm/swap.c
|
||||||
+++ b/mm/swap.c
|
+++ b/mm/swap.c
|
||||||
@@ -1040,8 +1040,10 @@ void release_pages(struct page **pages, int nr, bool cold)
|
@@ -1043,8 +1043,10 @@ void release_pages(struct page **pages, int nr, bool cold)
|
||||||
if (!put_page_testzero(page))
|
if (!put_page_testzero(page))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
|
@ -1258,8 +1258,8 @@ index 53c3fe1..527d291 100644
|
|||||||
driver.o class.o platform.o \
|
driver.o class.o platform.o \
|
||||||
cpu.o firmware.o init.o map.o devres.o \
|
cpu.o firmware.o init.o map.o devres.o \
|
||||||
attribute_container.o transport_class.o \
|
attribute_container.o transport_class.o \
|
||||||
- topology.o container.o property.o
|
- topology.o container.o property.o devcon.o
|
||||||
+ topology.o container.o property.o cacheinfo.o
|
+ topology.o container.o property.o devcon.o cacheinfo.o
|
||||||
obj-$(CONFIG_DEVTMPFS) += devtmpfs.o
|
obj-$(CONFIG_DEVTMPFS) += devtmpfs.o
|
||||||
obj-$(CONFIG_DMA_CMA) += dma-contiguous.o
|
obj-$(CONFIG_DMA_CMA) += dma-contiguous.o
|
||||||
obj-y += power/
|
obj-y += power/
|
||||||
|
@ -17,21 +17,22 @@ definitions on module deinit
|
|||||||
- modification to ima_file_check to pass in file OPEN status
|
- modification to ima_file_check to pass in file OPEN status
|
||||||
|
|
||||||
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
|
Signed-off-by: Jim Somerville <Jim.Somerville@windriver.com>
|
||||||
|
Signed-off-by: Robin Lu <bin1.lu@intel.com>
|
||||||
---
|
---
|
||||||
fs/namei.c | 2 +-
|
fs/namei.c | 2 +-
|
||||||
fs/nfsd/vfs.c | 2 +-
|
fs/nfsd/vfs.c | 2 +-
|
||||||
fs/xattr.c | 1 +
|
fs/xattr.c | 1 +
|
||||||
include/linux/fs.h | 15 +------
|
include/linux/fs.h | 15 +-----
|
||||||
include/linux/ima.h | 77 +++++++-------------------------
|
include/linux/ima.h | 77 ++++++--------------------
|
||||||
include/linux/integrity.h | 22 ++++-----
|
include/linux/integrity.h | 22 +++-----
|
||||||
security/security.c | 111 +++++++++++++++++++++++++++++++++++++++++++++-
|
security/security.c | 111 +++++++++++++++++++++++++++++++++++++-
|
||||||
7 files changed, 140 insertions(+), 90 deletions(-)
|
7 files changed, 140 insertions(+), 90 deletions(-)
|
||||||
|
|
||||||
diff --git a/fs/namei.c b/fs/namei.c
|
diff --git a/fs/namei.c b/fs/namei.c
|
||||||
index 9f90b63..bf91ea0 100644
|
index 9f90b63..bf91ea0 100644
|
||||||
--- a/fs/namei.c
|
--- a/fs/namei.c
|
||||||
+++ b/fs/namei.c
|
+++ b/fs/namei.c
|
||||||
@@ -3225,7 +3225,7 @@ opened:
|
@@ -3243,7 +3243,7 @@ opened:
|
||||||
error = open_check_o_direct(file);
|
error = open_check_o_direct(file);
|
||||||
if (error)
|
if (error)
|
||||||
goto exit_fput;
|
goto exit_fput;
|
||||||
@ -57,7 +58,7 @@ diff --git a/fs/xattr.c b/fs/xattr.c
|
|||||||
index e540aca..cc307ec 100644
|
index e540aca..cc307ec 100644
|
||||||
--- a/fs/xattr.c
|
--- a/fs/xattr.c
|
||||||
+++ b/fs/xattr.c
|
+++ b/fs/xattr.c
|
||||||
@@ -207,6 +207,7 @@ vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value,
|
@@ -208,6 +208,7 @@ vfs_getxattr_alloc(struct dentry *dentry, const char *name, char **xattr_value,
|
||||||
*xattr_value = value;
|
*xattr_value = value;
|
||||||
return error;
|
return error;
|
||||||
}
|
}
|
||||||
@ -69,18 +70,18 @@ diff --git a/include/linux/fs.h b/include/linux/fs.h
|
|||||||
index eb6f994..2dbaf80 100644
|
index eb6f994..2dbaf80 100644
|
||||||
--- a/include/linux/fs.h
|
--- a/include/linux/fs.h
|
||||||
+++ b/include/linux/fs.h
|
+++ b/include/linux/fs.h
|
||||||
@@ -677,9 +677,8 @@ struct inode {
|
@@ -681,9 +681,8 @@ struct inode {
|
||||||
struct fsnotify_mark_connector __rcu *i_fsnotify_marks)
|
struct fsnotify_mark_connector __rcu *i_fsnotify_marks)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
-#ifdef CONFIG_IMA
|
-#if defined(CONFIG_IMA) && defined(CONFIG_X86_64)
|
||||||
atomic_t i_readcount; /* struct files open RO */
|
atomic_t i_readcount; /* struct files open RO */
|
||||||
-#endif
|
-#endif
|
||||||
+
|
+
|
||||||
void *i_private; /* fs or device private pointer */
|
void *i_private; /* fs or device private pointer */
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -2830,7 +2829,6 @@ static inline bool inode_is_open_for_write(const struct inode *inode)
|
@@ -2852,7 +2851,6 @@ static inline bool inode_is_open_for_write(const struct inode *inode)
|
||||||
return atomic_read(&inode->i_writecount) > 0;
|
return atomic_read(&inode->i_writecount) > 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -88,7 +89,7 @@ index eb6f994..2dbaf80 100644
|
|||||||
static inline void i_readcount_dec(struct inode *inode)
|
static inline void i_readcount_dec(struct inode *inode)
|
||||||
{
|
{
|
||||||
BUG_ON(!atomic_read(&inode->i_readcount));
|
BUG_ON(!atomic_read(&inode->i_readcount));
|
||||||
@@ -2840,16 +2838,7 @@ static inline void i_readcount_inc(struct inode *inode)
|
@@ -2862,16 +2860,7 @@ static inline void i_readcount_inc(struct inode *inode)
|
||||||
{
|
{
|
||||||
atomic_inc(&inode->i_readcount);
|
atomic_inc(&inode->i_readcount);
|
||||||
}
|
}
|
||||||
@ -340,7 +341,7 @@ index f069482..646a0e3 100644
|
|||||||
int security_ptrace_access_check(struct task_struct *child, unsigned int mode)
|
int security_ptrace_access_check(struct task_struct *child, unsigned int mode)
|
||||||
{
|
{
|
||||||
#ifdef CONFIG_SECURITY_YAMA_STACKED
|
#ifdef CONFIG_SECURITY_YAMA_STACKED
|
||||||
@@ -720,8 +824,11 @@ EXPORT_SYMBOL(security_inode_listsecurity);
|
@@ -718,8 +822,11 @@ EXPORT_SYMBOL(security_inode_listsecurity);
|
||||||
|
|
||||||
void security_inode_getsecid(struct inode *inode, u32 *secid)
|
void security_inode_getsecid(struct inode *inode, u32 *secid)
|
||||||
{
|
{
|
||||||
@ -353,7 +354,7 @@ index f069482..646a0e3 100644
|
|||||||
|
|
||||||
int security_inode_copy_up(struct dentry *src, struct cred **new)
|
int security_inode_copy_up(struct dentry *src, struct cred **new)
|
||||||
{
|
{
|
||||||
@@ -1530,6 +1637,7 @@ int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule)
|
@@ -1528,6 +1635,7 @@ int security_audit_rule_init(u32 field, u32 op, char *rulestr, void **lsmrule)
|
||||||
{
|
{
|
||||||
return security_ops->audit_rule_init(field, op, rulestr, lsmrule);
|
return security_ops->audit_rule_init(field, op, rulestr, lsmrule);
|
||||||
}
|
}
|
||||||
@ -361,7 +362,7 @@ index f069482..646a0e3 100644
|
|||||||
|
|
||||||
int security_audit_rule_known(struct audit_krule *krule)
|
int security_audit_rule_known(struct audit_krule *krule)
|
||||||
{
|
{
|
||||||
@@ -1546,6 +1654,7 @@ int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule,
|
@@ -1544,6 +1652,7 @@ int security_audit_rule_match(u32 secid, u32 field, u32 op, void *lsmrule,
|
||||||
{
|
{
|
||||||
return security_ops->audit_rule_match(secid, field, op, lsmrule, actx);
|
return security_ops->audit_rule_match(secid, field, op, lsmrule, actx);
|
||||||
}
|
}
|
||||||
|
@ -12,17 +12,17 @@ diff --git a/mm/memcontrol.c b/mm/memcontrol.c
|
|||||||
index 175fef9..e475427 100644
|
index 175fef9..e475427 100644
|
||||||
--- a/mm/memcontrol.c
|
--- a/mm/memcontrol.c
|
||||||
+++ b/mm/memcontrol.c
|
+++ b/mm/memcontrol.c
|
||||||
@@ -3007,6 +3007,8 @@ static void __mem_cgroup_commit_charge(struct mem_cgroup *memcg,
|
@@ -2995,6 +2995,8 @@ static void __mem_cgroup_commit_charge(struct mem_cgroup *memcg,
|
||||||
memcg_check_events(memcg, page);
|
memcg_check_events(memcg, page);
|
||||||
}
|
}
|
||||||
|
|
||||||
+static DEFINE_MUTEX(memcg_limit_mutex);
|
+static DEFINE_MUTEX(memcg_limit_mutex);
|
||||||
+
|
+
|
||||||
#ifdef CONFIG_MEMCG_KMEM
|
#ifdef CONFIG_MEMCG_KMEM
|
||||||
static inline bool memcg_can_account_kmem(struct mem_cgroup *memcg)
|
/*
|
||||||
{
|
* The memcg_slab_mutex is held whenever a per memcg kmem cache is created or
|
||||||
@@ -3507,8 +3509,6 @@ out:
|
@@ -3375,8 +3377,6 @@ static inline void memcg_resume_kmem_account(void)
|
||||||
return new_cachep;
|
current->memcg_kmem_skip_account--;
|
||||||
}
|
}
|
||||||
|
|
||||||
-static DEFINE_MUTEX(memcg_limit_mutex);
|
-static DEFINE_MUTEX(memcg_limit_mutex);
|
||||||
|
@ -14,8 +14,8 @@ defined
|
|||||||
Signed-off-by: Martin, Chen <haochuan.z.chen@intel.com>
|
Signed-off-by: Martin, Chen <haochuan.z.chen@intel.com>
|
||||||
---
|
---
|
||||||
drivers/block/drbd/drbd_req.c | 8 ++++----
|
drivers/block/drbd/drbd_req.c | 8 ++++----
|
||||||
include/linux/filter.h | 4 ++++
|
include/linux/filter.h | 3 +++
|
||||||
2 files changed, 8 insertions(+), 4 deletions(-)
|
2 files changed, 7 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
diff --git a/drivers/block/drbd/drbd_req.c b/drivers/block/drbd/drbd_req.c
|
diff --git a/drivers/block/drbd/drbd_req.c b/drivers/block/drbd/drbd_req.c
|
||||||
index a6f13f7..cbd0a49 100644
|
index a6f13f7..cbd0a49 100644
|
||||||
@ -51,17 +51,16 @@ diff --git a/include/linux/filter.h b/include/linux/filter.h
|
|||||||
index cddbb31..15ce55f 100644
|
index cddbb31..15ce55f 100644
|
||||||
--- a/include/linux/filter.h
|
--- a/include/linux/filter.h
|
||||||
+++ b/include/linux/filter.h
|
+++ b/include/linux/filter.h
|
||||||
@@ -665,6 +665,10 @@ static inline bool bpf_jit_blinding_enabled(struct bpf_prog *prog)
|
@@ -763,6 +763,9 @@ void bpf_prog_kallsyms_add(struct bpf_prog *fp);
|
||||||
return true;
|
void bpf_prog_kallsyms_del(struct bpf_prog *fp);
|
||||||
}
|
|
||||||
#else
|
#else /* CONFIG_BPF_JIT */
|
||||||
+struct bpf_prog * __weak trace_bpf_int_jit_compile(struct bpf_prog *prog);
|
+struct bpf_prog * __weak trace_bpf_int_jit_compile(struct bpf_prog *prog);
|
||||||
+void __weak trace_bpf_jit_compile(struct bpf_prog *prog);
|
+void __weak trace_bpf_jit_compile(struct bpf_prog *prog);
|
||||||
+void __weak trace_bpf_jit_free(struct bpf_prog *fp);
|
+void __weak trace_bpf_jit_free(struct bpf_prog *fp);
|
||||||
+
|
|
||||||
static inline bool ebpf_jit_enabled(void)
|
static inline bool bpf_prog_ebpf_jited(const struct bpf_prog *fp)
|
||||||
{
|
{
|
||||||
return false;
|
|
||||||
--
|
--
|
||||||
1.8.3.1
|
1.8.3.1
|
||||||
|
|
||||||
|
@ -16,12 +16,12 @@ diff --git a/arch/x86/mm/kaiser.c b/arch/x86/mm/kaiser.c
|
|||||||
index e233c88..5564c8d 100644
|
index e233c88..5564c8d 100644
|
||||||
--- a/arch/x86/mm/kaiser.c
|
--- a/arch/x86/mm/kaiser.c
|
||||||
+++ b/arch/x86/mm/kaiser.c
|
+++ b/arch/x86/mm/kaiser.c
|
||||||
@@ -620,7 +620,7 @@ static const struct file_operations fops_kaiser_enabled = {
|
@@ -621,7 +621,7 @@ static const struct file_operations fops_kaiser_enabled = {
|
||||||
|
|
||||||
static int __init create_kpti_enabled(void)
|
static int __init create_kpti_enabled(void)
|
||||||
{
|
{
|
||||||
- if (!xen_pv_domain())
|
- if (!xen_pv_domain() && !sme_active())
|
||||||
+ if (!is_xen_pv_domain())
|
+ if (!is_xen_pv_domain() && !sme_active())
|
||||||
debugfs_create_file("pti_enabled", S_IRUSR | S_IWUSR,
|
debugfs_create_file("pti_enabled", S_IRUSR | S_IWUSR,
|
||||||
arch_debugfs_dir, NULL, &fops_kaiser_enabled);
|
arch_debugfs_dir, NULL, &fops_kaiser_enabled);
|
||||||
return 0;
|
return 0;
|
||||||
@ -29,7 +29,7 @@ diff --git a/drivers/base/dma-contiguous.c b/drivers/base/dma-contiguous.c
|
|||||||
index a7d5bda..403101d 100644
|
index a7d5bda..403101d 100644
|
||||||
--- a/drivers/base/dma-contiguous.c
|
--- a/drivers/base/dma-contiguous.c
|
||||||
+++ b/drivers/base/dma-contiguous.c
|
+++ b/drivers/base/dma-contiguous.c
|
||||||
@@ -309,7 +309,7 @@ struct page *dma_alloc_from_contiguous(struct device *dev, size_t count,
|
@@ -287,7 +287,7 @@ struct page *dma_alloc_from_contiguous(struct device *dev, size_t count,
|
||||||
if (align > CONFIG_CMA_ALIGNMENT)
|
if (align > CONFIG_CMA_ALIGNMENT)
|
||||||
align = CONFIG_CMA_ALIGNMENT;
|
align = CONFIG_CMA_ALIGNMENT;
|
||||||
|
|
||||||
@ -82,7 +82,7 @@ diff --git a/include/linux/huge_mm.h b/include/linux/huge_mm.h
|
|||||||
index 26ec982..45af11b 100644
|
index 26ec982..45af11b 100644
|
||||||
--- a/include/linux/huge_mm.h
|
--- a/include/linux/huge_mm.h
|
||||||
+++ b/include/linux/huge_mm.h
|
+++ b/include/linux/huge_mm.h
|
||||||
@@ -365,7 +365,7 @@ static inline int pud_trans_huge_lock(pud_t *pud, struct vm_area_struct *vma,
|
@@ -362,7 +362,7 @@ static inline int pud_trans_huge_lock(pud_t *pud, struct vm_area_struct *vma,
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,2 +1,2 @@
|
|||||||
mirror:Source/kernel-3.10.0-957.21.3.el7.src.rpm
|
mirror:Source/kernel-3.10.0-1062.1.2.el7.src.rpm
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user