autopatch/kernel
4
0
Fork 0
Code Issues Pull Requests Releases Activity
151f0dbd2d
kernel/config.yaml

460 lines
18 KiB
YAML
Raw Blame History

actions:
- add_files:
- type: "patch"
name: "0001-Enable-all-disabled-pci-devices-by-moving-to-unmaint.patch"
number: 2001
- type: "patch"
name: "0002-Bring-back-deprecated-pci-ids-to-mptsas-mptspi-drive.patch"
number: 2002
- type: "patch"
name: "0003-Bring-back-deprecated-pci-ids-to-hpsa-driver.patch"
number: 2003
- type: "patch"
name: "0004-Bring-back-deprecated-pci-ids-to-qla2xxx-driver.patch"
number: 2004
- type: "patch"
name: "0005-Bring-back-deprecated-pci-ids-to-lpfc-driver.patch"
number: 2005
- type: "patch"
name: "0006-Bring-back-deprecated-pci-ids-to-qla4xxx-driver.patch"
number: 2006
- type: "patch"
name: "0007-Bring-back-deprecated-pci-ids-to-be2iscsi-driver.patch"
number: 2007
- type: "source"
name: "almalinuxdup1.x509"
number: 100
- type: "source"
name: "almalinuxkpatch1.x509"
number: 101
- type: "source"
name: "almalinuximaca1.x509"
number: 102
- type: "source"
name: "almalinuxima.x509"
number: 103
- type: "source"
name: "almalinuxnvidia1.x509"
number: 106
- type: "patch"
name: "ppc64le-kvm-support.patch"
number: "Latest"
modify_spec: false
- replace:
- target: "kernel*rhel.config"
find: |
# CONFIG_BE2NET_BE2 is not set
# CONFIG_BE2NET_BE3 is not set
replace: |
CONFIG_BE2NET_BE2=y
CONFIG_BE2NET_BE3=y
count: 1
- target: "kernel*rhel.config"
find: "# CONFIG_MLX4_CORE_GEN2 is not set"
replace: "CONFIG_MLX4_CORE_GEN2=y"
count: 1
- target: "x509.genkey.centos"
find: |
O = The CentOS Project
CN = CentOS Stream kernel signing key
emailAddress = security@centos.org
replace: |
O = AlmaLinux
CN = AlmaLinux kernel signing key
emailAddress = security@almalinux.org
count: 1
- target: "x509.genkey.rhel"
find: |
O = Red Hat
CN = Red Hat Enterprise Linux kernel signing key
emailAddress = secalert@redhat.com
replace: |
O = AlmaLinux
CN = AlmaLinux kernel signing key
emailAddress = security@almalinux.org
count: 1
- target: "spec"
find: "%ifnarch noarch"
replace: "%ifnarch x86_64"
count: 2
- target: "spec"
find: |
%if 0%{?centos}
%define pesign_name_0 centossecureboot201
%else
%ifarch x86_64 aarch64
%define pesign_name_0 redhatsecureboot501
%endif
%ifarch s390x
%define pesign_name_0 redhatsecureboot302
%endif
%ifarch ppc64le
%define pesign_name_0 redhatsecureboot701
%endif
%endif
replace: "%define pesign_name_0 almalinuxsecurebootca0"
count: 1
- target: "spec"
find: "Source103: almalinuxima.x509"
replace: |
Source103: almalinuxima.x509
Source104: almalinuxima.x509
count: 1
- target: "spec"
find: |
openssl x509 -inform der -in %{SOURCE105} -out nvidiagpuoot001.pem
cat rheldup3.pem rhelkpatch1.pem rhelimaca1.pem nvidiagpuoot001.pem > ../certs/rhel.pem
replace: |
openssl x509 -inform der -in %{SOURCE105} -out nvidiagpuoot001.pem
openssl x509 -inform der -in %{SOURCE106} -out almalinuxnvidia.pem
cat rheldup3.pem rhelkpatch1.pem rhelimaca1.pem nvidiagpuoot001.pem almalinuxnvidia.pem > ../certs/rhel.pem
count: 1
- target: "spec"
find: "Summary: Various documentation bits found in the kernel source"
replace: |
Summary: Various documentation bits found in the kernel source
BuildArch: noarch
count: 1
- target: "spec"
find: "Summary: The Red Hat Enterprise Linux kernel ABI symbol stablelists"
replace: |
Summary: The AlmaLinux kernel ABI symbol stablelists
BuildArch: noarch
count: 1
- target: "spec"
find: |
The kABI package contains information pertaining to the Red Hat Enterprise
Linux kernel ABI, including lists of kernel symbols that are needed by
replace: |
The kABI package contains information pertaining to the AlmaLinux
kernel ABI, including lists of kernel symbols that are needed by
count: 1
- target: "spec"
find: |
The package contains data describing the current ABI of the Red Hat Enterprise
Linux kernel, suitable for the kabi-dw tool.
replace: |
The package contains data describing the current ABI of the AlmaLinux
kernel, suitable for the kabi-dw tool.
count: 1
- target: "spec"
find: "This package provides kernel modules for the %{?2:%{2} }kernel package for Red Hat internal usage.\\"
replace: "This package provides kernel modules for the %{?2:%{2} }kernel package for AlmaLinux internal usage.\\"
count: 1
- target: "spec"
find: "%{expand:%%kernel_reqprovconf %{?1:%{1}} %{-o:%{-o}}}\\"
replace: |
%if "%{1}" == "rt" || "%{?1}" == ""\
Provides: almalinux(kernel-sig-key) = 202303\
Conflicts: shim-ia32 < 15.8-4.el9_3.alma.2\
Conflicts: shim-x64 < 15.8-4.el9_3.alma.2\
%endif\
%{expand:%%kernel_reqprovconf %{?1:%{1}} %{-o:%{-o}}}\
count: 1
- target: "spec"
find: " sed -i 's/CONFIG_CRYPTO_FIPS_NAME=.*/CONFIG_CRYPTO_FIPS_NAME=\"Red Hat Enterprise Linux %{rhel} - Kernel Cryptographic API\"/' $i"
replace: " sed -i 's/CONFIG_CRYPTO_FIPS_NAME=.*/CONFIG_CRYPTO_FIPS_NAME=\"AlmaLinux %{rhel} - Kernel Cryptographic API\"/' $i"
count: 1
- target: "spec"
find: "SBATsuffix=\"centos\""
replace: "SBATsuffix=\"rhel\""
count: 1
- target: "spec"
find: |
linux,1,Red Hat,linux,$KernelVer,mailto:secalert@redhat.com
linux.$SBATsuffix,1,Red Hat,linux,$KernelVer,mailto:secalert@redhat.com
kernel-uki-virt.$SBATsuffix,1,Red Hat,kernel-uki-virt,$KernelVer,mailto:secalert@redhat.com
replace: |
linux,1,Red Hat,linux,$KernelVer,mailto:secalert@redhat.com
linux,1,AlmaLinux,linux,$KernelVer,mailto:security@almalinux.org
linux.$SBATsuffix,1,Red Hat,linux,$KernelVer,mailto:secalert@redhat.com
linux.almalinux,1,AlmaLinux,linux,$KernelVer,mailto:security@almalinux.org
kernel-uki-virt.$SBATsuffix,1,Red Hat,kernel-uki-virt,$KernelVer,mailto:secalert@redhat.com
kernel-uki-virt.almalinux,1,AlmaLinux,kernel-uki-virt,$KernelVer,mailto:security@almalinux.org
count: 1
- target: "spec"
find: "UKI_secureboot_name=centossecureboot204"
replace: "UKI_secureboot_name=alsecureboot001"
count: 1
- target: "spec"
find: "UKI_secureboot_name=redhatsecureboot504"
replace: "UKI_secureboot_name=alsecureboot001"
count: 1
- target: "spec"
find: "# Red Hat UEFI Secure Boot CA cert, which can be used to authenticate the kernel"
replace: "# AlmaLinux UEFI Secure Boot CA cert, which can be used to authenticate the kernel"
count: 1
- target: "spec"
find: |
# kernel-64k (aarch64 kernel with 64K page_size)
%define with_arm64_64k %{?_without_arm64_64k: 0} %{?!_without_arm64_64k: 1}
replace: |
# kernel-64k (aarch64 kernel with 64K page_size)
%define with_arm64_64k %{?_without_arm64_64k: 0} %{?!_without_arm64_64k: 1}
# kernel-kvm ppc64le kernel with kvm support)
%define with_ppc_kvm %{?_without_ppc_kvm: 0} %{?!_without_ppc_kvm: 1}
count: 1
- target: "spec"
find: |
# 64k variant only for aarch64
%ifnarch aarch64
%define with_arm64_64k 0
%define with_realtime_arm64_64k 0
%endif
replace: |
# 64k variant only for aarch64
%ifnarch aarch64
%define with_arm64_64k 0
%define with_realtime_arm64_64k 0
%endif
# kvm variant only for ppc64le
%ifnarch ppc64le
%define with_ppc_kvm 0
%endif
count: 1
- target: "spec"
find: |
%ifarch %nobuildarches
# disable BuildKernel commands
%define with_up 0
%define with_debug 0
%define with_pae 0
%define with_zfcpdump 0
%define with_arm64_64k 0
replace: |
%ifarch %nobuildarches
# disable BuildKernel commands
%define with_up 0
%define with_debug 0
%define with_pae 0
%define with_zfcpdump 0
%define with_arm64_64k 0
%define with_ppc_kvm 0
count: 1
- target: "spec"
find: |
Source47: kernel-aarch64-rt-debug-rhel.config
replace: |
Source47: kernel-aarch64-rt-debug-rhel.config
# PPC64le KVM support config
Source10001: kernel-ppc64le-kvm-rhel.config
Source10002: kernel-ppc64le-kvm-debug-rhel.config
count: 1
- target: "spec"
find: |
# END OF PATCH DEFINITIONS
replace: |
Patch11111: ppc64le-kvm-support.patch
# END OF PATCH DEFINITIONS
count: 1
- target: "spec"
find: |
%if %{with_arm64_64k}
%define variant_summary The Linux kernel compiled for 64k pagesize usage
%kernel_variant_package 64k
%description 64k-core
The kernel package contains a variant of the ARM64 Linux kernel using
a 64K page size.
%endif
replace: |
%if %{with_arm64_64k}
%define variant_summary The Linux kernel compiled for 64k pagesize usage
%kernel_variant_package 64k
%description 64k-core
The kernel package contains a variant of the ARM64 Linux kernel using
a 64K page size.
%endif
%if %{with_ppc_kvm}
%define variant_summary The Linux kernel compiled for KVM usage on ppc64le
%kernel_variant_package kvm
%description kvm-core
The kernel package contains a variant of the PPC64le Linux kernel with
KVM support.
%endif
%if %{with_ppc_kvm} && %{with_debug}
%define variant_summary The Linux kernel compiled with extra debugging enabled
%if !%{debugbuildsenabled}
%kernel_variant_package -m kvm-debug
%else
%kernel_variant_package kvm-debug
%endif
%description kvm-debug-core
The debug kernel package contains a variant of the PPC64le Linux kernel with
KVM support.
This variant of the kernel has numerous debugging options enabled.
It should only be installed when trying to gather additional information
on kernel bugs, as some of these options impact performance noticably.
%endif
count: 1
- target: "spec"
find: |
%if %{with_up}
BuildKernel %make_target %kernel_image %{_use_vdso}
%endif
replace: |
%if %{with_up}
BuildKernel %make_target %kernel_image %{_use_vdso}
%endif
%if %{with_ppc_kvm}
git apply $RPM_SOURCE_DIR/ppc64le-kvm-support.patch
%if %{with_debug}
BuildKernel %make_target %kernel_image %{_use_vdso} kvm-debug
%endif
BuildKernel %make_target %kernel_image %{_use_vdso} kvm
%endif
count: 1
- target: "spec"
find: |
%if !%{with_debug} && !%{with_zfcpdump} && !%{with_pae} && !%{with_up} && !%{with_arm64_64k} && !%{with_realtime}
replace: |
%if !%{with_debug} && !%{with_zfcpdump} && !%{with_pae} && !%{with_up} && !%{with_arm64_64k} && !%{with_realtime} && !%{with_ppc_kvm}
count: 1
- target: "spec"
find: |
if [ "%{with_arm64_64k}" -ne "0" ] && [ "%{with_debug}" -ne "0" ]; then \
%{modsign_cmd} certs/signing_key.pem.sign+64k-debug certs/signing_key.x509.sign+64k-debug $RPM_BUILD_ROOT/lib/modules/%{KVERREL}+64k-debug/ \
fi \
replace: |
if [ "%{with_arm64_64k}" -ne "0" ] && [ "%{with_debug}" -ne "0" ]; then \
%{modsign_cmd} certs/signing_key.pem.sign+64k-debug certs/signing_key.x509.sign+64k-debug $RPM_BUILD_ROOT/lib/modules/%{KVERREL}+64k-debug/ \
fi \
if [ "%{with_ppc_kvm}" -ne "0" ]; then \
%{modsign_cmd} certs/signing_key.pem.sign+kvm certs/signing_key.x509.sign+kvm $RPM_BUILD_ROOT/lib/modules/%{KVERREL}+kvm/ \
fi \
if [ "%{with_ppc_kvm}" -ne "0" ] && [ "%{with_debug}" -ne "0" ]; then \
%{modsign_cmd} certs/signing_key.pem.sign+kvm-debug certs/signing_key.x509.sign+kvm-debug $RPM_BUILD_ROOT/lib/modules/%{KVERREL}+kvm-debug/ \
fi \
count: 1
- target: "spec"
find: |
%if %{with_arm64_64k}
%kernel_variant_preun -v 64k
%kernel_variant_post -v 64k
%endif
replace: |
%if %{with_arm64_64k}
%kernel_variant_preun -v 64k
%kernel_variant_post -v 64k
%endif
%if %{with_ppc_kvm}
%kernel_variant_preun -v kvm
%kernel_variant_post -v kvm
%endif
%if %{with_ppc_kvm} && %{with_debug}
%kernel_variant_preun -v kvm-debug
%kernel_variant_post -v kvm-debug
%endif
count: 1
- target: "spec"
find: |
%if %{with_debug_meta}
%files debug
%files debug-core
%files debug-devel
%files debug-devel-matched
%files debug-modules
%files debug-modules-core
%files debug-modules-extra
%if %{with_arm64_64k}
%files 64k-debug
%files 64k-debug-core
%files 64k-debug-devel
%files 64k-debug-devel-matched
%files 64k-debug-modules
%files 64k-debug-modules-extra
%endif
replace: |
%if %{with_debug_meta}
%files debug
%files debug-core
%files debug-devel
%files debug-devel-matched
%files debug-modules
%files debug-modules-core
%files debug-modules-extra
%if %{with_arm64_64k}
%files 64k-debug
%files 64k-debug-core
%files 64k-debug-devel
%files 64k-debug-devel-matched
%files 64k-debug-modules
%files 64k-debug-modules-extra
%endif
%if %{with_ppc_kvm}
%files kvm-debug
%files kvm-debug-core
%files kvm-debug-devel
%files kvm-debug-devel-matched
%files kvm-debug-modules
%files kvm-debug-modules-extra
%endif
count: 1
- target: "spec"
find: |
%kernel_variant_files %{_use_vdso} %{with_arm64_64k} 64k
replace: |
%kernel_variant_files %{_use_vdso} %{with_arm64_64k} 64k
%if %{with_ppc_kvm}
%kernel_variant_files %{_use_vdso} %{with_ppc_kvm} kvm
%kernel_variant_files %{_use_vdso} %{with_debug} kvm-debug
%endif
count: 1
- delete_line:
- target: "spec"
lines:
- |
Source100: rheldup3.x509
Source101: rhelkpatch1.x509
Source102: rhelimaca1.x509
Source103: rhelima.x509
Source104: rhelima_centos.x509
- |
# We may want to override files from the primary target in case of building
# against a flavour of it (eg. centos not rhel), thus override it here if
# necessary
if [ "%{primary_target}" == "rhel" ]; then
%if 0%{?centos}
echo "Updating scripts/sources to centos version"
RPM_SOURCE_DIR=$RPM_SOURCE_DIR ./update_scripts.sh centos
%else
echo "Not updating scripts/sources to centos version"
%endif
fi
- |
if [ "$KernelExtension" == "gz" ]; then
gzip -f9 $SignImage
fi
- run_script:
- script: "copy_ppc64le_config.sh"
cwd: "rpms"
- changelog_entry:
- name: "Andrei Lukoshko"
email: "alukoshko@almalinux.org"
line:
- "hpsa: bring back deprecated PCI ids #CFHack #CFHack2024"
- "mptsas: bring back deprecated PCI ids #CFHack #CFHack2024"
- "megaraid_sas: bring back deprecated PCI ids #CFHack #CFHack2024"
- "qla2xxx: bring back deprecated PCI ids #CFHack #CFHack2024"
- "qla4xxx: bring back deprecated PCI ids"
- "lpfc: bring back deprecated PCI ids"
- "be2iscsi: bring back deprecated PCI ids"
- "kernel/rh_messages.h: enable all disabled pci devices by moving to unmaintained"
- name: "Eduard Abdullin"
email: "eabdullin@almalinux.org"
line:
- "Use AlmaLinux OS secure boot cert"
- "Debrand for AlmaLinux OS"
- "Add KVM support for ppc64le"
Reference in New Issue View Git Blame Copy Permalink