1
0
forked from rpms/kernel

Compare commits

...

No commits in common. "CVE-2024-1086" and "c8" have entirely different histories.

58 changed files with 157898 additions and 150698 deletions

18
.gitignore vendored
View File

@ -1,10 +1,12 @@
SOURCES/kernel-abi-stablelists-5.14.0-362.24.1.el9_3.tar.bz2 SOURCES/centossecureboot201.cer
SOURCES/kernel-kabi-dw-5.14.0-362.24.1.el9_3.tar.bz2 SOURCES/centossecurebootca2.cer
SOURCES/linux-5.14.0-362.24.1.el9_3.tar.xz SOURCES/kernel-abi-stablelists-4.18.0-553.tar.bz2
SOURCES/kernel-kabi-dw-4.18.0-553.tar.bz2
SOURCES/linux-4.18.0-553.30.1.el8_10.tar.xz
SOURCES/redhatsecureboot302.cer
SOURCES/redhatsecureboot303.cer
SOURCES/redhatsecureboot501.cer
SOURCES/redhatsecurebootca3.cer
SOURCES/redhatsecurebootca7.cer
SOURCES/rheldup3.x509 SOURCES/rheldup3.x509
SOURCES/rhelima.x509
SOURCES/rhelima_centos.x509
SOURCES/rhelimaca1.x509
SOURCES/rhelkpatch1.x509 SOURCES/rhelkpatch1.x509
SOURCES/uki-sb-cert-x86_64-centos.crt
SOURCES/uki-sb-cert-x86_64-rhel.crt

View File

@ -1,10 +1,12 @@
6b3b73a0e5ee8afc75ff184e7579cf193d12e333 SOURCES/kernel-abi-stablelists-5.14.0-362.24.1.el9_3.tar.bz2 2ba40bf9138b48311e5aa1b737b7f0a8ad66066f SOURCES/centossecureboot201.cer
2dbea40d3654901f0bdc4bb48351f07d4590c1c4 SOURCES/kernel-kabi-dw-5.14.0-362.24.1.el9_3.tar.bz2 bfdb3d7cffc43f579655af5155d50c08671d95e5 SOURCES/centossecurebootca2.cer
aa929675bd46443ba8d0036b9247514be09efc00 SOURCES/linux-5.14.0-362.24.1.el9_3.tar.xz 8e4ca83f457b52fc05bac2eea29078a6ba16db37 SOURCES/kernel-abi-stablelists-4.18.0-553.tar.bz2
618f2302d26295e300718d59e8551a0cdfc98022 SOURCES/kernel-kabi-dw-4.18.0-553.tar.bz2
5ba0a0a0aac8e6fff931ff6006040080429265b5 SOURCES/linux-4.18.0-553.30.1.el8_10.tar.xz
13e5cd3f856b472fde80a4deb75f4c18dfb5b255 SOURCES/redhatsecureboot302.cer
e89890ca0ded2f9058651cc5fa838b78db2e6cc2 SOURCES/redhatsecureboot303.cer
ba0b760e594ff668ee72ae348adf3e49b97f75fb SOURCES/redhatsecureboot501.cer
cf9230e69000076727e5b784ec871d22716dc5da SOURCES/redhatsecurebootca3.cer
905d91a282727c7f5ad433a49ac42a0772311c6a SOURCES/redhatsecurebootca7.cer
95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509 95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509
99e571f9de4188f3b5fdf1f84ff73f6cc4bb6a0e SOURCES/rhelima.x509
61d5a223ff0c79189505abae77e0087c4b2d2b47 SOURCES/rhelima_centos.x509
f882610d2554fef65703e5d3c342f005af0390ad SOURCES/rhelimaca1.x509
d90885108d225a234a5a9d054fc80893a5bd54d0 SOURCES/rhelkpatch1.x509 d90885108d225a234a5a9d054fc80893a5bd54d0 SOURCES/rhelkpatch1.x509
20224d67a583b98009a1c1632bb4b639b0e8be6a SOURCES/uki-sb-cert-x86_64-centos.crt
1d51d3a037ad287095b0a13c4deeb1252d8ff0cc SOURCES/uki-sb-cert-x86_64-rhel.crt

View File

@ -1,32 +0,0 @@
From 5c3f4066462a5f6cac04d3dd81c9f551fabbc6c7 Mon Sep 17 00:00:00 2001
From: Keith Busch <kbusch@kernel.org>
Date: Thu, 12 Oct 2023 11:13:51 -0700
Subject: [PATCH] nvme-pci: add BOGUS_NID for Intel 0a54 device
These ones claim cmic and nmic capable, so need special consideration to ignore
their duplicate identifiers.
Link: https://bugzilla.kernel.org/show_bug.cgi?id=217981
Reported-by: welsh@cassens.com
Signed-off-by: Keith Busch <kbusch@kernel.org>
---
drivers/nvme/host/pci.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/nvme/host/pci.c b/drivers/nvme/host/pci.c
index 347cb5daebc3..3f0c9ee09a12 100644
--- a/drivers/nvme/host/pci.c
+++ b/drivers/nvme/host/pci.c
@@ -3329,7 +3329,8 @@ static const struct pci_device_id nvme_id_table[] = {
{ PCI_VDEVICE(INTEL, 0x0a54), /* Intel P4500/P4600 */
.driver_data = NVME_QUIRK_STRIPE_SIZE |
NVME_QUIRK_DEALLOCATE_ZEROES |
- NVME_QUIRK_IGNORE_DEV_SUBNQN, },
+ NVME_QUIRK_IGNORE_DEV_SUBNQN |
+ NVME_QUIRK_BOGUS_NID, },
{ PCI_VDEVICE(INTEL, 0x0a55), /* Dell Express Flash P4600 */
.driver_data = NVME_QUIRK_STRIPE_SIZE |
NVME_QUIRK_DEALLOCATE_ZEROES, },
--
2.27.0

View File

@ -1,34 +0,0 @@
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 38ff119ab..11f4b1aab 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -10442,16 +10442,10 @@ static int nft_verdict_init(const struct nft_ctx *ctx, struct nft_data *data,
data->verdict.code = ntohl(nla_get_be32(tb[NFTA_VERDICT_CODE]));
switch (data->verdict.code) {
- default:
- switch (data->verdict.code & NF_VERDICT_MASK) {
- case NF_ACCEPT:
- case NF_DROP:
- case NF_QUEUE:
- break;
- default:
- return -EINVAL;
- }
- fallthrough;
+ case NF_ACCEPT:
+ case NF_DROP:
+ case NF_QUEUE:
+ break;
case NFT_CONTINUE:
case NFT_BREAK:
case NFT_RETURN:
@@ -10486,6 +10480,8 @@ static int nft_verdict_init(const struct nft_ctx *ctx, struct nft_data *data,
data->verdict.chain = chain;
break;
+ default:
+ return -EINVAL;
}
desc->len = sizeof(data->verdict);

View File

@ -1,67 +0,0 @@
RHEL_MAJOR = 9
RHEL_MINOR = 3
#
# RHEL_RELEASE
# -------------
#
# Represents build number in 'release' part of RPM's name-version-release.
# name is <package_name>, e.g. kernel
# version is upstream kernel version this kernel is based on, e.g. 4.18.0
# release is <RHEL_RELEASE>.<dist_tag>[<buildid>], e.g. 100.el8
#
# Use this spot to avoid future merge conflicts.
# Do not trim this comment.
RHEL_RELEASE = 362.24.1
#
# ZSTREAM
# -------
#
# This variable controls whether we use zstream numbering or not for the
# package release. The zstream release keeps the build number of the last
# build done for ystream for the Beta milestone, and increments a second
# number for each build. The third number is used for branched builds
# (eg.: for builds with security fixes or hot fixes done outside of the
# batch release process).
#
# For example, with ZSTREAM unset or set to "no", all builds will contain
# a release with only the build number, eg.: kernel-<kernel version>-X.el*,
# where X is the build number. With ZSTREAM set to "yes", we will have
# builds with kernel-<kernel version>-X.Y.Z.el*, where X is the last
# RHEL_RELEASE number before ZSTREAM flag was set to yes, Y will now be the
# build number and Z will always be 1 except if you're doing a branched build
# (when you give RHDISTGIT_BRANCH on the command line, in which case the Z
# number will be incremented instead of the Y).
#
ZSTREAM ?= yes
#
# Early y+1 numbering
# --------------------
#
# In early y+1 process, RHEL_RELEASE consists of 2 numbers: x.y
# First is RHEL_RELEASE inherited/merged from y as-is, second number
# is incremented with each build starting from 1. After merge from y,
# it resets back to 1. This way y+1 nvr reflects status of last merge.
#
# Example:
#
# rhel8.0 rhel-8.1
# kernel-4.18.0-58.el8 --> kernel-4.18.0-58.1.el8
# kernel-4.18.0-58.2.el8
# kernel-4.18.0-59.el8 kernel-4.18.0-59.1.el8
# kernel-4.18.0-60.el8
# kernel-4.18.0-61.el8 --> kernel-4.18.0-61.1.el8
#
#
# Use this spot to avoid future merge conflicts.
# Do not trim this comment.
EARLY_YSTREAM ?= no
EARLY_YBUILD:=
EARLY_YRELEASE:=
ifneq ("$(ZSTREAM)", "yes")
ifeq ("$(EARLY_YSTREAM)","yes")
RHEL_RELEASE:=$(RHEL_RELEASE).$(EARLY_YRELEASE)
endif
endif

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1,25 +0,0 @@
===================
The Kernel dist-git
===================
The kernel is maintained in a `source tree`_ rather than directly in dist-git.
The specfile is maintained as a `template`_ in the source tree along with a set
of build scripts to generate configurations, (S)RPMs, and to populate the
dist-git repository.
The `documentation`_ for the source tree covers how to contribute and maintain
the tree.
If you're looking for the downstream patch set it's available in the source
tree with "git log master..ark-patches" or
`online`_.
Each release in dist-git is tagged in the source repository so you can easily
check out the source tree for a build. The tags are in the format
name-version-release, but note release doesn't contain the dist tag since the
source can be built in different build roots (Fedora, CentOS, etc.)
.. _source tree: https://gitlab.com/cki-project/kernel-ark.git
.. _template: https://gitlab.com/cki-project/kernel-ark/-/blob/os-build/redhat/kernel.spec.template
.. _documentation: https://gitlab.com/cki-project/kernel-ark/-/wikis/home
.. _online: https://gitlab.com/cki-project/kernel-ark/-/commits/ark-patches

Binary file not shown.

Binary file not shown.

Binary file not shown.

Binary file not shown.

View File

@ -41,8 +41,7 @@ def load_symvers(symvers, filename):
break break
if in_line == "\n": if in_line == "\n":
continue continue
checksum, symbol, directory, type, *ns = in_line.split() checksum, symbol, directory, type = in_line.split()
ns = ns[0] if ns else None
symvers[symbol] = in_line[0:-1] symvers[symbol] = in_line[0:-1]
@ -58,8 +57,7 @@ def load_kabi(kabi, filename):
break break
if in_line == "\n": if in_line == "\n":
continue continue
checksum, symbol, directory, type, *ns = in_line.split() checksum, symbol, directory, type = in_line.split()
ns = ns[0] if ns else None
kabi[symbol] = in_line[0:-1] kabi[symbol] = in_line[0:-1]
@ -71,14 +69,11 @@ def check_kabi(symvers, kabi):
warn = 0 warn = 0
changed_symbols = [] changed_symbols = []
moved_symbols = [] moved_symbols = []
ns_symbols = []
for symbol in kabi: for symbol in kabi:
abi_hash, abi_sym, abi_dir, abi_type, *abi_ns = kabi[symbol].split() abi_hash, abi_sym, abi_dir, abi_type = kabi[symbol].split()
abi_ns = abi_ns[0] if abi_ns else None
if symbol in symvers: if symbol in symvers:
sym_hash, sym_sym, sym_dir, sym_type, *sym_ns = symvers[symbol].split() sym_hash, sym_sym, sym_dir, sym_type = symvers[symbol].split()
sym_ns = sym_ns[0] if sym_ns else None
if abi_hash != sym_hash: if abi_hash != sym_hash:
fail = 1 fail = 1
changed_symbols.append(symbol) changed_symbols.append(symbol)
@ -86,10 +81,6 @@ def check_kabi(symvers, kabi):
if abi_dir != sym_dir: if abi_dir != sym_dir:
warn = 1 warn = 1
moved_symbols.append(symbol) moved_symbols.append(symbol)
if abi_ns != sym_ns:
warn = 1
ns_symbols.append(symbol)
else: else:
fail = 1 fail = 1
changed_symbols.append(symbol) changed_symbols.append(symbol)
@ -105,21 +96,13 @@ def check_kabi(symvers, kabi):
if warn: if warn:
print("*** WARNING - ABI SYMBOLS MOVED ***") print("*** WARNING - ABI SYMBOLS MOVED ***")
if moved_symbols: print("")
print("") print("The following symbols moved (typically caused by moving a symbol from being")
print("The following symbols moved (typically caused by moving a symbol from being") print("provided by the kernel vmlinux out to a loadable module):")
print("provided by the kernel vmlinux out to a loadable module):") print("")
print("") for symbol in moved_symbols:
for symbol in moved_symbols: print(symbol)
print(symbol) print("")
print("")
if ns_symbols:
print("")
print("The following symbols changed symbol namespaces:")
print("")
for symbol in ns_symbols:
print(symbol)
print("")
"""Halt the build, if we got errors and/or warnings. In either case, """Halt the build, if we got errors and/or warnings. In either case,
double-checkig is required to avoid introducing / concealing double-checkig is required to avoid introducing / concealing

View File

@ -1,38 +0,0 @@
# generic + compressed please
hostonly="no"
compress="xz"
# VMs can't update microcode anyway
early_microcode="no"
# modules: basics
dracutmodules+=" base systemd systemd-initrd dracut-systemd dbus dbus-broker usrmount shutdown "
# modules: storage support
dracutmodules+=" dm lvm rootfs-block fs-lib "
# modules: tpm and crypto
dracutmodules+=" crypt crypt-loop tpm2-tss "
# WALinuxagent-cvm with CVM specific udev rules
dracutmodules+=" walinuxagentcvm "
# drivers: virtual buses, pci
drivers+=" virtio-pci virtio-mmio " # qemu-kvm
drivers+=" hv-vmbus pci-hyperv " # hyperv
drivers+=" xen-pcifront " # xen
# drivers: storage
drivers+=" ahci nvme sd_mod sr_mod " # generic
drivers+=" virtio-blk virtio-scsi " # qemu-kvm
drivers+=" hv-storvsc " # hyperv
drivers+=" xen-blkfront " # xen
# root encryption
drivers+=" dm_crypt "
# filesystems
filesystems+=" vfat ext4 xfs overlay "
# systemd-pcrphase
install_items+=" /lib/systemd/system/systemd-pcrphase-initrd.service /usr/lib/systemd/systemd-pcrphase /usr/lib/systemd/system/initrd.target.wants/systemd-pcrphase-initrd.service "

View File

@ -15,4 +15,4 @@ ethdrvs="3com adaptec arc alteon atheros broadcom cadence calxeda chelsio cisco
drmdrvs="amd arm bridge ast exynos hisilicon i2c imx mgag200 meson msm nouveau panel radeon rockchip tegra sun4i tinydrm vc4" drmdrvs="amd arm bridge ast exynos hisilicon i2c imx mgag200 meson msm nouveau panel radeon rockchip tegra sun4i tinydrm vc4"
singlemods="ntb_netdev iscsi_ibft iscsi_boot_sysfs megaraid pmcraid qedi qla1280 9pnet_rdma rpcrdma nvmet-rdma nvme-rdma hid-picolcd hid-prodikeys hwa-hc hwpoison-inject target_core_user sbp_target cxgbit iw_cxgb3 iw_cxgb4 cxgb3i cxgb3i cxgb3i_ddp cxgb4i chcr chtls" singlemods="ntb_netdev iscsi_ibft iscsi_boot_sysfs megaraid pmcraid qedi qla1280 9pnet_rdma rpcrdma nvmet-rdma nvme-rdma hid-picolcd hid-prodikeys hwa-hc hwpoison-inject target_core_user sbp_target cxgbit iw_cxgb3 iw_cxgb4 cxgb3i cxgb3i cxgb3i_ddp cxgb4i chcr"

View File

@ -13,11 +13,8 @@
# subsys should be in kernel-modules on all arches, please change the defaults # subsys should be in kernel-modules on all arches, please change the defaults
# listed here. # listed here.
# Overrides is individual modules which need to remain in kernel-core due to deps.
overrides="cec"
# Set the default dirs/modules to filter out # Set the default dirs/modules to filter out
driverdirs="atm auxdisplay bcma bluetooth firewire fmc iio infiniband isdn leds media memstick mfd mmc mtd nfc ntb pcmcia platform power ssb staging tty uio uwb w1" driverdirs="atm auxdisplay bcma bluetooth firewire fmc iio infiniband isdn leds media memstick mfd mmc mtd nfc ntb pcmcia platform power ssb staging tty uio uwb w1 virt"
chardrvs="mwave pcmcia" chardrvs="mwave pcmcia"
@ -25,8 +22,6 @@ netdrvs="appletalk can dsa hamradio ieee802154 irda ppp slip usb wireless"
ethdrvs="3com adaptec alteon amd aquantia atheros broadcom cadence calxeda chelsio cisco dec dlink emulex icplus marvell neterion nvidia oki-semi packetengines qlogic rdc renesas sfc silan sis smsc stmicro sun tehuti ti wiznet xircom" ethdrvs="3com adaptec alteon amd aquantia atheros broadcom cadence calxeda chelsio cisco dec dlink emulex icplus marvell neterion nvidia oki-semi packetengines qlogic rdc renesas sfc silan sis smsc stmicro sun tehuti ti wiznet xircom"
cryptdrvs="bcm caam cavium chelsio hisilicon marvell qat"
inputdrvs="gameport tablet touchscreen" inputdrvs="gameport tablet touchscreen"
scsidrvs="aacraid aic7xxx aic94xx be2iscsi bfa bnx2i bnx2fc csiostor cxgbi esas2r fcoe fnic hisi_sas isci libsas lpfc megaraid mpt2sas mpt3sas mvsas pm8001 qla2xxx qla4xxx sym53c8xx_2 ufs qedf" scsidrvs="aacraid aic7xxx aic94xx be2iscsi bfa bnx2i bnx2fc csiostor cxgbi esas2r fcoe fnic hisi_sas isci libsas lpfc megaraid mpt2sas mpt3sas mvsas pm8001 qla2xxx qla4xxx sym53c8xx_2 ufs qedf"
@ -39,7 +34,7 @@ netprots="6lowpan appletalk atm ax25 batman-adv bluetooth can dccp dsa ieee80215
drmdrvs="amd ast gma500 i2c i915 mgag200 nouveau radeon via " drmdrvs="amd ast gma500 i2c i915 mgag200 nouveau radeon via "
singlemods="ntb_netdev iscsi_ibft iscsi_boot_sysfs megaraid pmcraid qedi qla1280 9pnet_rdma rpcrdma nvmet-rdma nvme-rdma hid-picolcd hid-prodikeys hwa-hc hwpoison-inject hid-sensor-hub target_core_user sbp_target cxgbit iw_cxgb3 iw_cxgb4 cxgb3i cxgb3i cxgb3i_ddp cxgb4i chcr chtls parport_serial ism regmap-sdw regmap-sdw-mbq arizona-micsupp hid-asus nct6775 ntc_thermistor video" singlemods="ntb_netdev iscsi_ibft iscsi_boot_sysfs megaraid pmcraid qedi qla1280 9pnet_rdma rpcrdma nvmet-rdma nvme-rdma hid-picolcd hid-prodikeys hwa-hc hwpoison-inject hid-sensor-hub target_core_user sbp_target cxgbit iw_cxgb3 iw_cxgb4 cxgb3i cxgb3i cxgb3i_ddp cxgb4i chcr parport_serial ism xt_u32 act_ct"
# Grab the arch-specific filter list overrides # Grab the arch-specific filter list overrides
source ./filter-$2.sh source ./filter-$2.sh
@ -93,7 +88,7 @@ done
# Filter the char drivers # Filter the char drivers
for char in ${chardrvs} for char in ${chardrvs}
do do
filter_dir $1 drivers/char/${char} filter_dir $1 drivers/char/${input}
done done
# Filter the ethernet drivers # Filter the ethernet drivers
@ -102,12 +97,6 @@ do
filter_dir $1 drivers/net/ethernet/${eth} filter_dir $1 drivers/net/ethernet/${eth}
done done
# Filter the crypto drivers
for crypt in ${cryptdrvs}
do
filter_dir $1 drivers/crypto/${crypt}
done
# SCSI # SCSI
for scsi in ${scsidrvs} for scsi in ${scsidrvs}
do do
@ -146,7 +135,9 @@ done
# Just kill sound. # Just kill sound.
filter_dir $1 kernel/sound filter_dir $1 kernel/sound
filter_dir $1 kernel/drivers/soundwire filter_ko $1 drivers/base/regmap/regmap-sdw
filter_ko $1 drivers/base/regmap/regmap-sdw-mbq
filter_dir $1 drivers/soundwire
# Now go through and filter any single .ko files that might have deps on the # Now go through and filter any single .ko files that might have deps on the
# things we filtered above # things we filtered above
@ -155,20 +146,6 @@ do
filter_ko $1 ${mod} filter_ko $1 ${mod}
done done
# Now process the override list to bring those modules back into core
for mod in ${overrides}
do
grep -v -e "/${mod}.ko" k-d.list > k-d.list.tmp
if [ $? -ne 0 ]
then
echo "Couldn't save ${mod}.ko Skipping."
else
grep -e "/${mod}.ko" k-d.list >> $filelist
mv k-d.list.tmp k-d.list
fi
done
# Go through our generated drivers list and remove the .ko files. We'll # Go through our generated drivers list and remove the .ko files. We'll
# restore them later. # restore them later.
for mod in `cat k-d.list` for mod in `cat k-d.list`

View File

@ -11,4 +11,4 @@
driverdirs="atm auxdisplay bcma bluetooth firewire fmc infiniband isdn leds media memstick message mmc mtd mwave nfc ntb pcmcia platform power ssb staging tty uio uwb w1" driverdirs="atm auxdisplay bcma bluetooth firewire fmc infiniband isdn leds media memstick message mmc mtd mwave nfc ntb pcmcia platform power ssb staging tty uio uwb w1"
singlemods="ntb_netdev iscsi_ibft iscsi_boot_sysfs megaraid pmcraid qedi qla1280 9pnet_rdma rpcrdma nvmet-rdma nvme-rdma hid-picolcd hid-prodikeys hwa-hc hwpoison-inject target_core_user sbp_target cxgbit iw_cxgb3 iw_cxgb4 cxgb3i cxgb3i cxgb3i_ddp cxgb4i chcr chtls" singlemods="ntb_netdev iscsi_ibft iscsi_boot_sysfs megaraid pmcraid qedi qla1280 9pnet_rdma rpcrdma nvmet-rdma nvme-rdma hid-picolcd hid-prodikeys hwa-hc hwpoison-inject target_core_user sbp_target cxgbit iw_cxgb3 iw_cxgb4 cxgb3i cxgb3i cxgb3i_ddp cxgb4i chcr"

View File

@ -1,9 +1,14 @@
--- !Policy --- !Policy
product_versions: product_versions:
- rhel-9 - rhel-8
decision_context: osci_compose_gate decision_context: osci_compose_gate
rules: rules:
- !PassingTestCaseRule {test_case_name: cki.tier1-aarch64.functional} - !PassingTestCaseRule {test_case_name: cki.tier1-aarch64.functional}
- !PassingTestCaseRule {test_case_name: cki.tier1-ppc64le.functional} - !PassingTestCaseRule {test_case_name: cki.tier1-ppc64le.functional}
- !PassingTestCaseRule {test_case_name: cki.tier1-s390x.functional} - !PassingTestCaseRule {test_case_name: cki.tier1-s390x.functional}
- !PassingTestCaseRule {test_case_name: cki.tier1-x86_64.functional} - !PassingTestCaseRule {test_case_name: cki.tier1-x86_64.functional}
- !PassingTestCaseRule {test_case_name: s1-aws-ci_x86_64.brew-build.tier1.functional}
- !PassingTestCaseRule {test_case_name: s1-aws-ci_aarch64.brew-build.tier1.functional}
- !PassingTestCaseRule {test_case_name: s1-azure-ci_x86_64.brew-build.tier1.functional}
- !PassingTestCaseRule {test_case_name: s1-azure-ci_aarch64.brew-build.tier1.functional}
- !PassingTestCaseRule {test_case_name: s1-gcp-ci.brew-build.tier1.functional}

View File

@ -1,36 +1,6 @@
#!/bin/sh #!/bin/sh
# Adjusts the configuration options to build the variants correctly for i in ${NAME}-*.config; do
NEW=${NAME}-${VERSION}-`echo $i | cut -d - -f2-`
test -n "$RHTEST" && exit 0 mv ${i} ${NEW}
DEBUGBUILDSENABLED=$1
if [ -z "$DEBUGBUILDSENABLED" ]; then
exit 1
fi
if [ -z "$FLAVOR" ]; then
FLAVOR=rhel
fi
if [ "$FLAVOR" = "fedora" ]; then
SECONDARY=rhel
else
SECONDARY=fedora
fi
for i in kernel-*-"$FLAVOR".config; do
NEW=kernel-"$SPECVERSION"-$(echo "$i" | cut -d - -f2- | sed s/-"$FLAVOR"//)
#echo $NEW
mv "$i" "$NEW"
done done
rm -f kernel-*-"$SECONDARY".config
if [ "$DEBUGBUILDSENABLED" -eq 0 ]; then
for i in kernel-*debug*.config; do
base=$(echo "$i" | sed -r s/-?debug//g)
NEW=kernel-$(echo "$base" | cut -d - -f2-)
mv "$i" "$NEW"
done
fi

31
SOURCES/generate_bls_conf.sh Executable file
View File

@ -0,0 +1,31 @@
#!/bin/bash
set -e
. /etc/os-release
kernelver=$1 && shift
rootfs=$1 && shift
variant=$1 && shift
output="${rootfs}/lib/modules/${kernelver}/bls.conf"
date=$(date -u +%Y%m%d%H%M%S)
if [ "${variant:-5}" = "debug" ]; then
debugname=" with debugging"
debugid="-debug"
else
debugname=""
debugid=""
fi
cat >${output} <<EOF
title ${NAME} (${kernelver}) ${VERSION}${debugname}
version ${kernelver}${debugid}
linux ${bootprefix}/vmlinuz-${kernelver}
initrd ${bootprefix}/initramfs-${kernelver}.img
options \$kernelopts
id ${ID}-${date}-${kernelver}${debugid}
grub_users \$grub_users
grub_arg --unrestricted
grub_class kernel${variant}
EOF

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1,2 +0,0 @@
# This file is intentionally left empty in the stock kernel. Its a nicety
# added for those wanting to do custom rebuilds with altered config opts.

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@ -1,72 +0,0 @@
#! /usr/bin/perl
my @args=@ARGV;
my %configvalues;
my @configoptions;
my $configcounter = 0;
# optionally print out the architecture as the first line of our output
my $arch = $args[2];
if (defined $arch) {
print "# $arch\n";
}
# first, read the override file
open (FILE,"$args[0]") || die "Could not open $args[0]";
while (<FILE>) {
my $str = $_;
my $configname;
if (/\# ([\w]+) is not set/) {
$configname = $1;
} elsif (/^\#/) {
# fall through on comments like 'avoid CONFIG_FOO=y'
;
} elsif (/([\w]+)=/) {
$configname = $1;
}
if (defined($configname) && !exists($configvalues{$configname})) {
$configvalues{$configname} = $str;
$configoptions[$configcounter] = $configname;
$configcounter ++;
}
};
# now, read and output the entire configfile, except for the overridden
# parts... for those the new value is printed.
open (FILE2,"$args[1]") || die "Could not open $args[1]";
while (<FILE2>) {
my $configname;
if (/\# ([\w]+) is not set/) {
$configname = $1;
} elsif (/^\#/) {
# fall through on comments like 'avoid CONFIG_FOO=y'
;
} elsif (/([\w]+)=/) {
$configname = $1;
}
if (defined($configname) && exists($configvalues{$configname})) {
print "$configvalues{$configname}";
delete($configvalues{$configname});
} else {
print "$_";
}
}
# now print the new values from the overridden configfile
my $counter = 0;
while ($counter < $configcounter) {
my $configname = $configoptions[$counter];
if (exists($configvalues{$configname})) {
print "$configvalues{$configname}";
}
$counter++;
}
1;

View File

@ -1,5 +1,4 @@
#! /bin/bash #! /bin/bash
# shellcheck disable=SC2164
RpmDir=$1 RpmDir=$1
ModDir=$2 ModDir=$2
@ -25,9 +24,9 @@ __EOF__
check_blacklist() check_blacklist()
{ {
mod=$(find "$RpmDir/$ModDir" -name "$1") mod=$(find $RpmDir/$ModDir -name "$1")
[ ! "$mod" ] && return 0 [ ! "$mod" ] && return 0
if modinfo "$mod" | grep -q '^alias:\s\+net-'; then if modinfo $mod | grep -q '^alias:\s\+net-'; then
mod="${1##*/}" mod="${1##*/}"
mod="${mod%.ko*}" mod="${mod%.ko*}"
echo "$mod has an alias that allows auto-loading. Blacklisting." echo "$mod has an alias that allows auto-loading. Blacklisting."
@ -38,7 +37,7 @@ check_blacklist()
find_depends() find_depends()
{ {
dep=$1 dep=$1
depends=$(modinfo "$dep" | sed -n -e "/^depends/ s/^depends:[ \t]*//p") depends=`modinfo $dep | sed -n -e "/^depends/ s/^depends:[ \t]*//p"`
[ -z "$depends" ] && exit [ -z "$depends" ] && exit
for mod in ${depends//,/ } for mod in ${depends//,/ }
do do
@ -46,14 +45,14 @@ find_depends()
[ -z "$match" ] && continue [ -z "$match" ] && continue
# check if the module we are looking at is in mod-* too. # check if the module we are looking at is in mod-* too.
# if so we do not need to mark the dep as required. # if so we do not need to mark the dep as required.
mod2=${dep##*/} # same as $(basename $dep), but faster mod2=${dep##*/} # same as `basename $dep`, but faster
match2=$(grep "^$mod2" "$ListName") match2=$(grep "^$mod2" "$ListName")
if [ -n "$match2" ] if [ -n "$match2" ]
then then
#echo $mod2 >> notreq.list #echo $mod2 >> notreq.list
continue continue
fi fi
echo "$mod".ko >> req.list echo $mod.ko >> req.list
done done
} }
@ -61,11 +60,11 @@ foreachp()
{ {
P=$(nproc) P=$(nproc)
bgcount=0 bgcount=0
while read -r mod; do while read mod; do
$1 "$mod" & $1 "$mod" &
bgcount=$((bgcount + 1)) bgcount=$((bgcount + 1))
if [ $bgcount -eq "$P" ]; then if [ $bgcount -eq $P ]; then
wait -n wait -n
bgcount=$((bgcount - 1)) bgcount=$((bgcount - 1))
fi fi
@ -77,12 +76,12 @@ foreachp()
# Destination was specified on the command line # Destination was specified on the command line
test -n "$4" && echo "$0: Override Destination $Dest has been specified." test -n "$4" && echo "$0: Override Destination $Dest has been specified."
pushd "$Dir" pushd $Dir
OverrideDir=$(basename "$List") OverrideDir=$(basename $List)
OverrideDir=${OverrideDir%.*} OverrideDir=${OverrideDir%.*}
OverrideDir=${OverrideDir#*-} OverrideDir=${OverrideDir#*-}
mkdir -p "$OverrideDir" mkdir -p $OverrideDir
rm -rf modnames rm -rf modnames
find . -name "*.ko" -type f > modnames find . -name "*.ko" -type f > modnames
@ -95,8 +94,7 @@ cp "$List" .
# This variable needs to be exported because it is used in sub-script # This variable needs to be exported because it is used in sub-script
# executed by xargs # executed by xargs
ListName=$(basename "$List") export ListName=$(basename "$List")
export ListName
foreachp find_depends < modnames foreachp find_depends < modnames
@ -104,25 +102,25 @@ sort -u req.list > req2.list
sort -u "$ListName" > modules2.list sort -u "$ListName" > modules2.list
join -v 1 modules2.list req2.list > modules3.list join -v 1 modules2.list req2.list > modules3.list
while IFS= read -r mod for mod in $(cat modules3.list)
do do
# get the path for the module # get the path for the module
modpath=$(grep /"$mod" modnames) modpath=`grep /$mod modnames`
[ -z "$modpath" ] && continue [ -z "$modpath" ] && continue
echo "$modpath" >> dep.list echo $modpath >> dep.list
done < modules3.list done
sort -u dep.list > dep2.list sort -u dep.list > dep2.list
if [ -n "$Dest" ]; then if [ -n "$Dest" ]; then
# now move the modules into the $Dest directory # now move the modules into the $Dest directory
while IFS= read -r mod for mod in `cat dep2.list`
do do
newpath=$(dirname "$mod" | sed -e "s/kernel\\//$Dest\//") newpath=`dirname $mod | sed -e "s/kernel\\//$Dest\//"`
mkdir -p "$newpath" mkdir -p $newpath
mv "$mod" "$newpath" mv $mod $newpath
echo "$mod" | sed -e "s/kernel\\//$Dest\//" | sed -e "s|^.|${ModDir}|g" >> "$RpmDir"/"$ListName" echo $mod | sed -e "s/kernel\\//$Dest\//" | sed -e "s|^.|${ModDir}|g" >> $RpmDir/$ListName
done < dep2.list done
fi fi
popd popd
@ -132,33 +130,23 @@ popd
# target doesn't try to sign a non-existent file. This is kinda ugly, but # target doesn't try to sign a non-existent file. This is kinda ugly, but
# so are the modules-* packages. # so are the modules-* packages.
while IFS= read -r mod for mod in `cat ${Dir}/dep2.list`
do do
modfile=$(basename "$mod" | sed -e 's/.ko/.mod/') modfile=`basename $mod | sed -e 's/.ko/.mod/'`
rm .tmp_versions/"$modfile" rm .tmp_versions/$modfile
done < "$Dir"/dep2.list done
if [ -z "$Dest" ]; then if [ ! -n "$Dest" ]; then
sed -e "s|^.|${ModDir}|g" "$Dir"/dep2.list > "$RpmDir/$ListName" sed -e "s|^.|${ModDir}|g" ${Dir}/dep2.list > $RpmDir/$ListName
echo "./$RpmDir/$ListName created." echo "./$RpmDir/$ListName created."
[ -d "$RpmDir/etc/modprobe.d/" ] || mkdir -p "$RpmDir/etc/modprobe.d/" [ -d "$RpmDir/etc/modprobe.d/" ] || mkdir -p "$RpmDir/etc/modprobe.d/"
foreachp check_blacklist < "$List" foreachp check_blacklist < $List
fi
# Many BIOS-es export a PNP-id which causes the floppy driver to autoload
# even though most modern systems don't have a 3.5" floppy driver anymore
# this replaces the old die_floppy_die.patch which removed the PNP-id from
# the module
floppylist=("$RpmDir"/"$ModDir"/kernel/drivers/block/floppy.ko*)
if [[ -n ${floppylist[0]} && -f ${floppylist[0]} ]]; then
blacklist "floppy"
fi fi
# avoid an empty kernel-extra package # avoid an empty kernel-extra package
echo "$ModDir/$OverrideDir" >> "$RpmDir/$ListName" echo "$ModDir/$OverrideDir" >> $RpmDir/$ListName
pushd "$Dir" pushd $Dir
rm modnames dep.list dep2.list req.list req2.list rm modnames dep.list dep2.list req.list req2.list
rm "$ListName" modules2.list modules3.list rm "$ListName" modules2.list modules3.list
popd popd

View File

@ -2,6 +2,8 @@
a3d.ko a3d.ko
act200l-sir.ko act200l-sir.ko
actisys-sir.ko actisys-sir.ko
act_mpls.ko
act_ct.ko
adi.ko adi.ko
aer_inject.ko aer_inject.ko
af_802154.ko af_802154.ko
@ -15,6 +17,7 @@ avm_cs.ko
avmfritz.ko avmfritz.ko
ax25.ko ax25.ko
b1.ko b1.ko
bareudp.ko
bas_gigaset.ko bas_gigaset.ko
batman-adv.ko batman-adv.ko
baycom_par.ko baycom_par.ko
@ -69,6 +72,7 @@ iforce.ko
interact.ko interact.ko
ipddp.ko ipddp.ko
ipx.ko ipx.ko
ip_vs_mh.ko
isdn.ko isdn.ko
joydump.ko joydump.ko
kingsun-sir.ko kingsun-sir.ko
@ -79,7 +83,6 @@ l2tp_core.ko
l2tp_debugfs.ko l2tp_debugfs.ko
l2tp_eth.ko l2tp_eth.ko
l2tp_ip.ko l2tp_ip.ko
l2tp_ip6.ko
l2tp_netlink.ko l2tp_netlink.ko
l2tp_ppp.ko l2tp_ppp.ko
lec.ko lec.ko
@ -121,9 +124,11 @@ rds_tcp.ko
rose.ko rose.ko
sch_atm.ko sch_atm.ko
sch_cbq.ko sch_cbq.ko
sch_cbs.ko
sch_choke.ko sch_choke.ko
sch_drr.ko sch_drr.ko
sch_dsmark.ko sch_dsmark.ko
sch_ets.ko
sch_gred.ko sch_gred.ko
sch_mqprio.ko sch_mqprio.ko
sch_multiq.ko sch_multiq.ko
@ -134,7 +139,6 @@ sch_sfb.ko
sch_teql.ko sch_teql.ko
sctp.ko sctp.ko
sctp_diag.ko sctp_diag.ko
sctp_probe.ko
sidewinder.ko sidewinder.ko
sja1000.ko sja1000.ko
sja1000_platform.ko sja1000_platform.ko
@ -188,6 +192,7 @@ wanrouter.ko
warrior.ko warrior.ko
whci.ko whci.ko
wire.ko wire.ko
wwan_hwsim.ko xpad.ko
xt_u32.ko
yam.ko yam.ko
zhenhua.ko zhenhua.ko

View File

@ -13,17 +13,34 @@ qos-test
resource_kunit resource_kunit
soc-topology-test soc-topology-test
soc-utils-test soc-utils-test
stackinit_kunit
string-stream-test string-stream-test
test_linear_ranges test_linear_ranges
test_bits test_bits
test_kasan test_kasan
time_test
fat_test fat_test
lib_test
rational-test
test_list_sort test_list_sort
slub_kunit slub_kunit
kfence_test memcpy_kunit
time_test
drm_format_helper_test
drm_damage_helper_test
drm_cmdline_parser_test
drm_kunit_helpers
drm_rect_test
drm_format_test
drm_plane_helper_test
drm_dp_mst_helper_test
drm_framebuffer_test
drm_buddy_test
drm_mm_test
drm_connector_test
drm_managed_test
drm_modes_test
drm_probe_helper_test
lib_test
dev_addr_lists_test
rational-test
test_hash test_hash
locktorture locktorture
mac80211_hwsim mac80211_hwsim
@ -32,6 +49,8 @@ pktgen
rcutorture rcutorture
rocker rocker
scftorture scftorture
torture
test_bpf
test_klp_atomic_replace test_klp_atomic_replace
test_klp_callbacks_demo test_klp_callbacks_demo
test_klp_callbacks_demo2 test_klp_callbacks_demo2
@ -42,38 +61,6 @@ test_klp_shadow_vars
test_klp_state test_klp_state
test_klp_state2 test_klp_state2
test_klp_state3 test_klp_state3
torture
refscale
rcuscale
memcpy_kunit
dev_addr_lists_test
test_bpf
stackinit_kunit
overflow_kunit
clk-gate_test
clk_test
mtty
test_hmm test_hmm
test_vmalloc test_vmalloc
test_sort mtty
cpumask_kunit
iio-test-format
iio-test-rescale
cros_kunit
cpumask_kunit
drm_buddy_test
drm_cmdline_parser_test
drm_damage_helper_test
drm_dp_mst_helper_test
drm_format_helper_test
drm_format_test
drm_framebuffer_test
drm_kunit_helpers
drm_mm_test
drm_plane_helper_test
drm_rect_test
gss_krb5_test
drm_connector_test
drm_managed_test
drm_modes_test
drm_probe_helper_test

View File

@ -1,5 +0,0 @@
kvm-amd
kvm-intel
kvm
kvmgt
ptp_kvm

View File

@ -1,3 +0,0 @@
afs
rxperf
rxrpc

View File

@ -2,7 +2,7 @@
# The modules_sign target checks for corresponding .o files for every .ko that # The modules_sign target checks for corresponding .o files for every .ko that
# is signed. This doesn't work for package builds which re-use the same build # is signed. This doesn't work for package builds which re-use the same build
# directory for every variant, and the .config may change between variants. # directory for every flavour, and the .config may change between flavours.
# So instead of using this script to just sign lib/modules/$KernelVer/extra, # So instead of using this script to just sign lib/modules/$KernelVer/extra,
# sign all .ko in the buildroot. # sign all .ko in the buildroot.
@ -13,9 +13,9 @@ MODSECKEY=$1
MODPUBKEY=$2 MODPUBKEY=$2
moddir=$3 moddir=$3
modules=$(find "$moddir" -type f -name '*.ko') modules=`find $moddir -type f -name '*.ko'`
NPROC=$(nproc) NPROC=`nproc`
[ -z "$NPROC" ] && NPROC=1 [ -z "$NPROC" ] && NPROC=1
# NB: this loop runs 2000+ iterations. Try to be fast. # NB: this loop runs 2000+ iterations. Try to be fast.
@ -27,7 +27,7 @@ done
" DUMMYARG0 # xargs appends ARG1 ARG2..., which go into $mod in for loop. " DUMMYARG0 # xargs appends ARG1 ARG2..., which go into $mod in for loop.
RANDOMMOD=$(echo "$modules" | sort -R | head -n 1) RANDOMMOD=$(echo "$modules" | sort -R | head -n 1)
if [ "~Module signature appended~" != "$(tail -c 28 "$RANDOMMOD")" ]; then if [ "~Module signature appended~" != "$(tail -c 28 $RANDOMMOD)" ]; then
echo "*****************************" echo "*****************************"
echo "*** Modules are unsigned! ***" echo "*** Modules are unsigned! ***"
echo "*****************************" echo "*****************************"

View File

@ -23,4 +23,4 @@ test "$procgroup" = 1 && exec xargs -r xz
# xz has some startup cost. If files are really small, # xz has some startup cost. If files are really small,
# this cost might be significant. To combat this, # this cost might be significant. To combat this,
# process several files (in sequence) by each xz process via -n 16: # process several files (in sequence) by each xz process via -n 16:
exec xargs -r -n 16 -P "$procgroup" xz exec xargs -r -n 16 -P $procgroup xz

View File

@ -1,5 +0,0 @@
# kgcov
CONFIG_GCOV_KERNEL=y
CONFIG_GCOV_PROFILE_ALL=y
# CONFIG_GCOV_PROFILE_FTRACE is not set
# CONFIG_OPEN_DICE is not set

View File

@ -3,27 +3,14 @@
# This script takes the merged config files and processes them through oldconfig # This script takes the merged config files and processes them through oldconfig
# and listnewconfig # and listnewconfig
# #
# Globally disable suggestion of appending '|| exit' or '|| return' to cd/pushd/popd commands
# shellcheck disable=SC2164
test -n "$RHTEST" && exit 0
usage() usage()
{ {
# alphabetical order please echo "process_configs.sh [ -n|-c|-t ] package_name kernel_version [cross_opts]"
echo "process_configs.sh [ options ] package_name kernel_version"
echo " -a: report all errors, equivalent to [-c -n -w -i]"
echo " -c: error on mismatched config options"
echo " -i: continue on error"
echo " -n: error on unset config options" echo " -n: error on unset config options"
echo " -c: error on mismatched config options"
echo " -t: test run, do not overwrite original config" echo " -t: test run, do not overwrite original config"
echo " -w: error on misconfigured config options" echo " -w: error on misconfigured config options"
echo " -z: commit new configs to pending directory"
echo ""
echo " A special CONFIG file tag, process_configs_known_broken can be added as a"
echo " comment to any CONFIG file. This tag indicates that there is no way to "
echo " fix a CONFIG's entry. This tag should only be used in extreme cases"
echo " and is not to be used as a workaround to solve CONFIG problems."
exit 1 exit 1
} }
@ -33,27 +20,18 @@ die()
exit 1 exit 1
} }
get_cross_compile()
{
arch=$1
if [[ "$CC_IS_CLANG" -eq 1 ]]; then
echo "$arch"
else
echo "scripts/dummy-tools/"
fi
}
# stupid function to find top of tree to do kernel make configs # stupid function to find top of tree to do kernel make configs
switch_to_toplevel() switch_to_toplevel()
{ {
path="$(pwd)" path="$(pwd)"
while test -n "$path" while test -n "$path"
do do
test -e "$path"/MAINTAINERS && \ test -d $path/firmware && \
test -d "$path"/drivers && \ test -e $path/MAINTAINERS && \
test -d $path/drivers && \
break break
path=$(dirname "$path") path="$(dirname $path)"
done done
test -n "$path" || die "Can't find toplevel" test -n "$path" || die "Can't find toplevel"
@ -62,9 +40,6 @@ switch_to_toplevel()
checkoptions() checkoptions()
{ {
count=$3
variant=$4
/usr/bin/awk ' /usr/bin/awk '
/is not set/ { /is not set/ {
@ -87,318 +62,114 @@ checkoptions()
print "Found "a[1]"="a[2]" after generation, had " a[1]"="configs[a[1]]" in Source tree"; print "Found "a[1]"="a[2]" after generation, had " a[1]"="configs[a[1]]" in Source tree";
} }
} }
' "$1" "$2" > .mismatches"${count}" ' $1 $2 > .mismatches
checkoptions_error=false if test -s .mismatches
if test -s .mismatches"${count}"
then then
while read -r LINE echo "Error: Mismatches found in configuration files"
do cat .mismatches
if find "${REDHAT}"/configs -name "$(echo "$LINE" | awk -F "=" ' { print $1 } ' | awk ' { print $2 }')" -print0 | xargs -0 grep ^ | grep -q "process_configs_known_broken"; then exit 1
# This is a known broken config.
# See script help warning.
checkoptions_error=false
else
checkoptions_error=true
break
fi
done < .mismatches"${count}"
! $checkoptions_error && return
sed -i "1s/^/Error: Mismatches found in configuration files for ${arch} ${variant}\n/" .mismatches"${count}"
else
rm -f .mismatches"${count}"
fi fi
} }
parsenewconfigs()
{
tmpdir=$(mktemp -d)
# This awk script reads the output of make listnewconfig
# and puts it into CONFIG_FOO files. Using the output of
# listnewconfig is much easier to ensure we get the default
# output.
/usr/bin/awk -v BASE="$tmpdir" '
/is not set/ {
split ($0, a, "#");
split(a[2], b);
OUT_FILE=BASE"/"b[1];
print $0 >> OUT_FILE;
}
/=/ {
split ($0, a, "=");
OUT_FILE=BASE"/"a[1];
if (a[2] == "n")
print "# " a[1] " is not set" >> OUT_FILE;
else
print $0 >> OUT_FILE;
}
' .newoptions
# This awk script parses the output of helpnewconfig.
# Each option is separated between ----- markers
# The goal is to put all the help text as a comment in
# each CONFIG_FOO file. Because of how awk works
# there's a lot of moving files around and catting to
# get what we need.
/usr/bin/awk -v BASE="$tmpdir" '
BEGIN { inpatch=0;
outfile="none";
symbol="none"; }
/^Symbol: .*$/ {
split($0, a, " ");
symbol="CONFIG_"a[2];
outfile=BASE "/fake_"symbol
}
/-----/ {
if (inpatch == 0) {
inpatch = 1;
}
else {
if (symbol != "none") {
system("cat " outfile " " BASE "/" symbol " > " BASE "/tmpf");
system("mv " BASE "/tmpf " BASE "/" symbol);
symbol="none"
}
outfile="none"
inpatch = 0;
}
}
!/-----/ {
if (inpatch == 1 && outfile != "none") {
print "# "$0 >> outfile;
}
}
' .helpnewconfig
pushd "$tmpdir" &> /dev/null
rm fake_*
popd &> /dev/null
for f in "$tmpdir"/*; do
[[ -e "$f" ]] || break
cp "$f" "$SCRIPT_DIR/pending$FLAVOR/generic/"
done
rm -rf "$tmpdir"
}
function commit_new_configs()
{
# assume we are in $source_tree/configs, need to get to top level
pushd "$(switch_to_toplevel)" &>/dev/null
for cfg in "$SCRIPT_DIR/${PACKAGE_NAME}${KVERREL}"*.config
do
arch=$(head -1 "$cfg" | cut -b 3-)
cfgtmp="${cfg}.tmp"
cfgorig="${cfg}.orig"
cat "$cfg" > "$cfgorig"
if [ "$arch" = "EMPTY" ]
then
# This arch is intentionally left blank
continue
fi
echo -n "Checking for new configs in $cfg ... "
# shellcheck disable=SC2086
make ${MAKEOPTS} ARCH="$arch" CROSS_COMPILE="$(get_cross_compile "$arch")" KCONFIG_CONFIG="$cfgorig" listnewconfig >& .listnewconfig
grep -E 'CONFIG_' .listnewconfig > .newoptions
if test -s .newoptions
then
# shellcheck disable=SC2086
make ${MAKEOPTS} ARCH="$arch" CROSS_COMPILE="$(get_cross_compile "$arch")" KCONFIG_CONFIG="$cfgorig" helpnewconfig >& .helpnewconfig
parsenewconfigs
fi
rm .newoptions
echo "done"
done
git add "$SCRIPT_DIR/pending$FLAVOR"
git commit -m "[redhat] AUTOMATIC: New configs"
}
function process_config()
{
local cfg
local arch
local cfgtmp
local cfgorig
local count
local variant
cfg=$1
count=$2
arch=$(head -1 "$cfg" | cut -b 3-)
if [ "$arch" = "EMPTY" ]
then
# This arch is intentionally left blank
return
fi
variant=$(basename "$cfg" | cut -d"-" -f3- | cut -d"." -f1)
cfgtmp="${cfg}.tmp"
cfgorig="${cfg}.orig"
cat "$cfg" > "$cfgorig"
echo "Processing $cfg ... "
# shellcheck disable=SC2086
make ${MAKEOPTS} ARCH="$arch" CROSS_COMPILE="$(get_cross_compile "$arch")" KCONFIG_CONFIG="$cfgorig" listnewconfig >& .listnewconfig"${count}"
grep -E 'CONFIG_' .listnewconfig"${count}" > .newoptions"${count}"
if test -n "$NEWOPTIONS" && test -s .newoptions"${count}"
then
echo "Found unset config items in ${arch} ${variant}, please set them to an appropriate value" >> .errors"${count}"
cat .newoptions"${count}" >> .errors"${count}"
rm .newoptions"${count}"
RETURNCODE=1
fi
rm -f .newoptions"${count}"
grep -E 'config.*warning' .listnewconfig"${count}" > .warnings"${count}"
if test -n "$CHECKWARNINGS" && test -s .warnings"${count}"
then
echo "Found misconfigured config items in ${arch} ${variant}, please set them to an appropriate value" >> .errors"${count}"
cat .warnings"${count}" >> .errors"${count}"
fi
rm .warnings"${count}"
rm .listnewconfig"${count}"
# shellcheck disable=SC2086
make ${MAKEOPTS} ARCH="$arch" CROSS_COMPILE="$(get_cross_compile "$arch")" KCONFIG_CONFIG="$cfgorig" olddefconfig > /dev/null || exit 1
echo "# $arch" > "$cfgtmp"
cat "$cfgorig" >> "$cfgtmp"
if test -n "$CHECKOPTIONS"
then
checkoptions "$cfg" "$cfgtmp" "$count" "$variant"
fi
# if test run, don't overwrite original
if test -n "$TESTRUN"
then
rm -f "$cfgtmp"
else
mv "$cfgtmp" "$cfg"
fi
rm -f "$cfgorig"
echo "Processing $cfg complete"
}
function process_configs() function process_configs()
{ {
# assume we are in $source_tree/configs, need to get to top level # assume we are in $source_tree/configs, need to get to top level
pushd "$(switch_to_toplevel)" &>/dev/null pushd $(switch_to_toplevel) &>/dev/null
# The next line is throwaway code for transition to parallel for cfg in $SCRIPT_DIR/${PACKAGE_NAME}${KVERREL}*.config
# processing. Leaving this line in place is harmless, but it can be
# removed the next time anyone updates this function.
[ -f .mismatches ] && rm -f .mismatches
count=0
for cfg in "$SCRIPT_DIR/${PACKAGE_NAME}${KVERREL}"*.config
do do
if [ "$count" -eq 0 ]; then arch=$(head -1 $cfg | cut -b 3-)
# do the first one by itself so that tools are built cfgtmp="${cfg}.tmp"
process_config "$cfg" "$count" cfgorig="${cfg}.orig"
cat $cfg > $cfgorig
echo -n "Processing $cfg ... "
make ARCH=$arch ${CROSSOPTS} KCONFIG_CONFIG=$cfgorig listnewconfig >& .listnewconfig
grep -E 'CONFIG_' .listnewconfig > .newoptions
if test -n "$NEWOPTIONS" && test -s .newoptions
then
echo "Found unset config items, please set them to an appropriate value"
cat .newoptions
rm .newoptions
exit 1
fi fi
process_config "$cfg" "$count" & rm .newoptions
waitpids[${count}]=$!
((count++))
while [ "$(jobs | grep -c Running)" -ge "$RHJOBS" ]; do :; done
done
for pid in ${waitpids[*]}; do
wait ${pid}
done
grep -E 'config.*warning' .listnewconfig > .warnings
if test -n "$CHECKWARNINGS" && test -s .warnings
then
echo "Found misconfigured config items, please set them to an appropriate value"
cat .warnings
rm .warnings
exit 1
fi
rm .warnings
rm .listnewconfig
make ARCH=$arch ${CROSSOPTS} KCONFIG_CONFIG=$cfgorig oldnoconfig > /dev/null || exit 1
echo "# $arch" > ${cfgtmp}
cat "${cfgorig}" >> ${cfgtmp}
if test -n "$CHECKOPTIONS"
then
checkoptions $cfg $cfgtmp
fi
# if test run, don't overwrite original
if test -n "$TESTRUN"
then
rm ${cfgtmp}
else
mv ${cfgtmp} ${cfg}
fi
rm ${cfgorig}
echo "done"
done
rm "$SCRIPT_DIR"/*.config*.old rm "$SCRIPT_DIR"/*.config*.old
if ls .errors* 1> /dev/null 2>&1; then
RETURNCODE=1
cat .errors*
rm .errors* -f
fi
if ls .mismatches* 1> /dev/null 2>&1; then
RETURNCODE=1
cat .mismatches*
rm .mismatches* -f
fi
popd > /dev/null popd > /dev/null
[ $RETURNCODE -eq 0 ] && echo "Processed config files are in $SCRIPT_DIR" echo "Processed config files are in $SCRIPT_DIR"
} }
CHECKOPTIONS=""
NEWOPTIONS="" NEWOPTIONS=""
TESTRUN="" CHECKOPTIONS=""
CHECKWARNINGS="" CHECKWARNINGS=""
MAKEOPTS="" TESTRUN=""
CC_IS_CLANG=0
RETURNCODE=0
while [[ $# -gt 0 ]] while [[ $# -gt 0 ]]
do do
key="$1" key="$1"
case $key in case $key in
-a)
CHECKOPTIONS="x"
NEWOPTIONS="x"
CHECKWARNINGS="x"
;;
-c)
CHECKOPTIONS="x"
;;
-h) -h)
usage usage
;; ;;
-n) -n)
NEWOPTIONS="x" NEWOPTIONS="x"
;; ;;
-c)
CHECKOPTIONS="x"
;;
-t) -t)
TESTRUN="x" TESTRUN="x"
;; ;;
-w) -w)
CHECKWARNINGS="x" CHECKWARNINGS="x"
;; ;;
-z)
COMMITNEWCONFIGS="x"
;;
-m)
shift
if [ "$1" = "CC=clang" ] || [ "$1" = "LLVM=1" ]; then
CC_IS_CLANG=1
fi
MAKEOPTS="$MAKEOPTS $1"
;;
*) *)
break;; break;;
esac esac
shift shift
done done
KVERREL="$(test -n "$1" && echo "-$1" || echo "")" PACKAGE_NAME="${1:-kernel}" # defines the package name used
FLAVOR="$(test -n "$2" && echo "-$2" || echo "-rhel")" KVERREL="$(test -n "$2" && echo "-$2" || echo "")"
# shellcheck disable=SC2015 CROSSOPTS="$3"
SCRIPT=$(readlink -f "$0") SCRIPT="$(readlink -f $0)"
SCRIPT_DIR=$(dirname "$SCRIPT") OUTPUT_DIR="$PWD"
SCRIPT_DIR="$(dirname $SCRIPT)"
# to handle this script being a symlink # to handle this script being a symlink
cd "$SCRIPT_DIR" cd $SCRIPT_DIR
if test -n "$COMMITNEWCONFIGS"; then process_configs
commit_new_configs
else
process_configs
fi
exit $RETURNCODE

View File

@ -3,11 +3,19 @@
--- ---
inspections: inspections:
abidiff: off abidiff: off
addedfiles: off
badfuncs: off
changedfiles: off
kmidiff: off kmidiff: off
kmod: off
manpage: off
movedfiles: off
permissions: off
removedfiles: off
rpmdeps: off
upstream: off upstream: off
subpackages: off
badfuncs: elf:
ignore: ignore:
- /usr/libexec/ksamples/* - /usr/libexec/ksamples/*
- /usr/libexec/kselftests/* - /usr/libexec/kselftests/*
@ -16,30 +24,13 @@ emptyrpm:
expected_empty: expected_empty:
- kernel - kernel
- kernel-debug - kernel-debug
- kernel-debug-devel-matched
- kernel-devel-matched
- kernel-lpae
- kernel-zfcpdump - kernel-zfcpdump
- kernel-zfcpdump-devel-matched
- kernel-zfcpdump-modules - kernel-zfcpdump-modules
patches: patches:
ignore_list: ignore_list:
- linux-kernel-test.patch - linux-kernel-test.patch
- patch-5.14-redhat.patch
- patch-%{patchversion}-redhat.patch
runpath: types:
ignore: ignore:
- /usr/libexec/kselftests/bpf/urandom_read - /usr/src/kernel/*
- /usr/libexec/kselftests/bpf/no_alu32/urandom_read
debuginfo:
ignore:
- /usr/libexec/kselftests/bpf/*
- /usr/lib/debug/usr/libexec/perf-core/tests/shell/coresight/*
elf:
ignore:
- /usr/libexec/perf-core/tests/shell/coresight/*
- /usr/lib/debug/usr/libexec/perf-core/tests/shell/coresight/*

View File

@ -1,12 +0,0 @@
#!/bin/sh
if [ -z "$1" ]; then
exit 1
fi
TARGET="$1"
for i in "$RPM_SOURCE_DIR"/*."$TARGET"; do
NEW=${i%.$TARGET}
cp "$i" "$(basename "$NEW")"
done

View File

@ -5,9 +5,9 @@ prompt = no
x509_extensions = myexts x509_extensions = myexts
[ req_distinguished_name ] [ req_distinguished_name ]
O = AlmaLinux O = Red Hat
CN = AlmaLinux kernel signing key CN = Red Hat Enterprise Linux kernel signing key
emailAddress = security@almalinux.org emailAddress = secalert@redhat.com
[ myexts ] [ myexts ]
basicConstraints=critical,CA:FALSE basicConstraints=critical,CA:FALSE

View File

@ -1,16 +0,0 @@
[ req ]
default_bits = 3072
distinguished_name = req_distinguished_name
prompt = no
x509_extensions = myexts
[ req_distinguished_name ]
O = AlmaLinux
CN = AlmaLinux kernel signing key
emailAddress = security@almalinux.org
[ myexts ]
basicConstraints=critical,CA:FALSE
keyUsage=digitalSignature
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid

File diff suppressed because it is too large Load Diff