kernel-6.11.0-0.rc2.17.el10

* Fri Aug 09 2024 Jan Stancek <jstancek@redhat.com> [6.11.0-0.rc2.17.el10]
- btrfs: avoid using fixed char array size for tree names (Qu Wenruo)
- btrfs: fix double inode unlock for direct IO sync writes (Filipe Manana)
- btrfs: emit a warning about space cache v1 being deprecated (Josef Bacik)
- btrfs: fix qgroup reserve leaks in cow_file_range (Boris Burkov)
- btrfs: implement launder_folio for clearing dirty page reserve (Boris Burkov)
- btrfs: scrub: update last_physical after scrubbing one stripe (Qu Wenruo)
- btrfs: factor out stripe length calculation into a helper (Qu Wenruo)
- power: supply: qcom_battmgr: Ignore extra __le32 in info payload (Stephan Gerhold)
- power: supply: qcom_battmgr: return EAGAIN when firmware service is not up (Neil Armstrong)
- power: supply: axp288_charger: Round constant_charge_voltage writes down (Hans de Goede)
- power: supply: axp288_charger: Fix constant_charge_voltage writes (Hans de Goede)
- power: supply: rt5033: Bring back i2c_set_clientdata (Nikita Travkin)
- vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (Jason Wang)
- platform/x86/intel/ifs: Initialize union ifs_status to zero (Kuppuswamy Sathyanarayanan)
- platform/x86: msi-wmi-platform: Fix spelling mistakes (Luis Felipe Hernandez)
- platform/x86/amd/pmf: Add new ACPI ID AMDI0107 (Shyam Sundar S K)
- platform/x86/amd/pmc: Send OS_HINT command for new AMD platform (Shyam Sundar S K)
- platform/x86/amd: pmf: Add quirk for ROG Ally X (Luke D. Jones)
- platform/x86: intel-vbtn: Protect ACPI notify handler against recursion (Hans de Goede)
- selftests: ksft: Fix finished() helper exit code on skipped tests (Laura Nao)
- mm, slub: do not call do_slab_free for kfence object (Rik van Riel)
- redhat/configs: Disable gfs2 in rhel configs (Andrew Price)
- redhat/uki_addons/virt: add common FIPS addon (Emanuele Giuseppe Esposito)
- redhat/kernel.spec: add uki_addons to create UKI kernel cmdline addons (Emanuele Giuseppe Esposito)
- Linux v6.11.0-0.rc2
Resolves: RHEL-29722

Signed-off-by: Jan Stancek <jstancek@redhat.com>
This commit is contained in:
Jan Stancek 2024-08-09 12:20:36 +02:00
parent dd4d0c66be
commit 83f40e0ddf
15 changed files with 319 additions and 26 deletions

View File

@ -12,7 +12,7 @@ RHEL_MINOR = 0
# #
# Use this spot to avoid future merge conflicts. # Use this spot to avoid future merge conflicts.
# Do not trim this comment. # Do not trim this comment.
RHEL_RELEASE = 16 RHEL_RELEASE = 17
# #
# RHEL_REBASE_NUM # RHEL_REBASE_NUM

View File

@ -1961,8 +1961,7 @@ CONFIG_GENEVE=m
# CONFIG_GEN_RTC is not set # CONFIG_GEN_RTC is not set
CONFIG_GENWQE=m CONFIG_GENWQE=m
CONFIG_GENWQE_PLATFORM_ERROR_RECOVERY=1 CONFIG_GENWQE_PLATFORM_ERROR_RECOVERY=1
CONFIG_GFS2_FS_LOCKING_DLM=y # CONFIG_GFS2_FS is not set
CONFIG_GFS2_FS=m
# CONFIG_GIGABYTE_WMI is not set # CONFIG_GIGABYTE_WMI is not set
# CONFIG_GLOB_SELFTEST is not set # CONFIG_GLOB_SELFTEST is not set
CONFIG_GLOB=y CONFIG_GLOB=y

View File

@ -1945,8 +1945,7 @@ CONFIG_GENEVE=m
# CONFIG_GEN_RTC is not set # CONFIG_GEN_RTC is not set
CONFIG_GENWQE=m CONFIG_GENWQE=m
CONFIG_GENWQE_PLATFORM_ERROR_RECOVERY=1 CONFIG_GENWQE_PLATFORM_ERROR_RECOVERY=1
CONFIG_GFS2_FS_LOCKING_DLM=y # CONFIG_GFS2_FS is not set
CONFIG_GFS2_FS=m
# CONFIG_GIGABYTE_WMI is not set # CONFIG_GIGABYTE_WMI is not set
# CONFIG_GLOB_SELFTEST is not set # CONFIG_GLOB_SELFTEST is not set
CONFIG_GLOB=y CONFIG_GLOB=y

View File

@ -1961,8 +1961,7 @@ CONFIG_GENEVE=m
# CONFIG_GEN_RTC is not set # CONFIG_GEN_RTC is not set
CONFIG_GENWQE=m CONFIG_GENWQE=m
CONFIG_GENWQE_PLATFORM_ERROR_RECOVERY=0 CONFIG_GENWQE_PLATFORM_ERROR_RECOVERY=0
CONFIG_GFS2_FS_LOCKING_DLM=y # CONFIG_GFS2_FS is not set
CONFIG_GFS2_FS=m
# CONFIG_GIGABYTE_WMI is not set # CONFIG_GIGABYTE_WMI is not set
# CONFIG_GLOB_SELFTEST is not set # CONFIG_GLOB_SELFTEST is not set
CONFIG_GLOB=y CONFIG_GLOB=y

View File

@ -1945,8 +1945,7 @@ CONFIG_GENEVE=m
# CONFIG_GEN_RTC is not set # CONFIG_GEN_RTC is not set
CONFIG_GENWQE=m CONFIG_GENWQE=m
CONFIG_GENWQE_PLATFORM_ERROR_RECOVERY=0 CONFIG_GENWQE_PLATFORM_ERROR_RECOVERY=0
CONFIG_GFS2_FS_LOCKING_DLM=y # CONFIG_GFS2_FS is not set
CONFIG_GFS2_FS=m
# CONFIG_GIGABYTE_WMI is not set # CONFIG_GIGABYTE_WMI is not set
# CONFIG_GLOB_SELFTEST is not set # CONFIG_GLOB_SELFTEST is not set
CONFIG_GLOB=y CONFIG_GLOB=y

View File

@ -1951,7 +1951,6 @@ CONFIG_GENEVE=m
CONFIG_GENWQE=m CONFIG_GENWQE=m
CONFIG_GENWQE_PLATFORM_ERROR_RECOVERY=0 CONFIG_GENWQE_PLATFORM_ERROR_RECOVERY=0
# CONFIG_GFS2_FS is not set # CONFIG_GFS2_FS is not set
CONFIG_GFS2_FS_LOCKING_DLM=y
# CONFIG_GIGABYTE_WMI is not set # CONFIG_GIGABYTE_WMI is not set
# CONFIG_GLOB_SELFTEST is not set # CONFIG_GLOB_SELFTEST is not set
CONFIG_GLOB=y CONFIG_GLOB=y

View File

@ -2094,8 +2094,7 @@ CONFIG_GENERIC_ISA_DMA=y
CONFIG_GENEVE=m CONFIG_GENEVE=m
# CONFIG_GEN_RTC is not set # CONFIG_GEN_RTC is not set
# CONFIG_GENWQE is not set # CONFIG_GENWQE is not set
CONFIG_GFS2_FS_LOCKING_DLM=y # CONFIG_GFS2_FS is not set
CONFIG_GFS2_FS=m
# CONFIG_GIGABYTE_WMI is not set # CONFIG_GIGABYTE_WMI is not set
# CONFIG_GLOB_SELFTEST is not set # CONFIG_GLOB_SELFTEST is not set
CONFIG_GLOB=y CONFIG_GLOB=y

View File

@ -2078,8 +2078,7 @@ CONFIG_GENERIC_ISA_DMA=y
CONFIG_GENEVE=m CONFIG_GENEVE=m
# CONFIG_GEN_RTC is not set # CONFIG_GEN_RTC is not set
# CONFIG_GENWQE is not set # CONFIG_GENWQE is not set
CONFIG_GFS2_FS_LOCKING_DLM=y # CONFIG_GFS2_FS is not set
CONFIG_GFS2_FS=m
# CONFIG_GIGABYTE_WMI is not set # CONFIG_GIGABYTE_WMI is not set
# CONFIG_GLOB_SELFTEST is not set # CONFIG_GLOB_SELFTEST is not set
CONFIG_GLOB=y CONFIG_GLOB=y

View File

@ -2133,8 +2133,7 @@ CONFIG_GENERIC_ISA_DMA=y
CONFIG_GENEVE=m CONFIG_GENEVE=m
# CONFIG_GEN_RTC is not set # CONFIG_GEN_RTC is not set
# CONFIG_GENWQE is not set # CONFIG_GENWQE is not set
CONFIG_GFS2_FS_LOCKING_DLM=y # CONFIG_GFS2_FS is not set
CONFIG_GFS2_FS=m
# CONFIG_GIGABYTE_WMI is not set # CONFIG_GIGABYTE_WMI is not set
# CONFIG_GLOB_SELFTEST is not set # CONFIG_GLOB_SELFTEST is not set
CONFIG_GLOB=y CONFIG_GLOB=y

View File

@ -2117,8 +2117,7 @@ CONFIG_GENERIC_ISA_DMA=y
CONFIG_GENEVE=m CONFIG_GENEVE=m
# CONFIG_GEN_RTC is not set # CONFIG_GEN_RTC is not set
# CONFIG_GENWQE is not set # CONFIG_GENWQE is not set
CONFIG_GFS2_FS_LOCKING_DLM=y # CONFIG_GFS2_FS is not set
CONFIG_GFS2_FS=m
# CONFIG_GIGABYTE_WMI is not set # CONFIG_GIGABYTE_WMI is not set
# CONFIG_GLOB_SELFTEST is not set # CONFIG_GLOB_SELFTEST is not set
CONFIG_GLOB=y CONFIG_GLOB=y

View File

@ -1,3 +1,31 @@
* Fri Aug 09 2024 Jan Stancek <jstancek@redhat.com> [6.11.0-0.rc2.17.el10]
- btrfs: avoid using fixed char array size for tree names (Qu Wenruo)
- btrfs: fix double inode unlock for direct IO sync writes (Filipe Manana)
- btrfs: emit a warning about space cache v1 being deprecated (Josef Bacik)
- btrfs: fix qgroup reserve leaks in cow_file_range (Boris Burkov)
- btrfs: implement launder_folio for clearing dirty page reserve (Boris Burkov)
- btrfs: scrub: update last_physical after scrubbing one stripe (Qu Wenruo)
- btrfs: factor out stripe length calculation into a helper (Qu Wenruo)
- power: supply: qcom_battmgr: Ignore extra __le32 in info payload (Stephan Gerhold)
- power: supply: qcom_battmgr: return EAGAIN when firmware service is not up (Neil Armstrong)
- power: supply: axp288_charger: Round constant_charge_voltage writes down (Hans de Goede)
- power: supply: axp288_charger: Fix constant_charge_voltage writes (Hans de Goede)
- power: supply: rt5033: Bring back i2c_set_clientdata (Nikita Travkin)
- vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (Jason Wang)
- platform/x86/intel/ifs: Initialize union ifs_status to zero (Kuppuswamy Sathyanarayanan)
- platform/x86: msi-wmi-platform: Fix spelling mistakes (Luis Felipe Hernandez)
- platform/x86/amd/pmf: Add new ACPI ID AMDI0107 (Shyam Sundar S K)
- platform/x86/amd/pmc: Send OS_HINT command for new AMD platform (Shyam Sundar S K)
- platform/x86/amd: pmf: Add quirk for ROG Ally X (Luke D. Jones)
- platform/x86: intel-vbtn: Protect ACPI notify handler against recursion (Hans de Goede)
- selftests: ksft: Fix finished() helper exit code on skipped tests (Laura Nao)
- mm, slub: do not call do_slab_free for kfence object (Rik van Riel)
- redhat/configs: Disable gfs2 in rhel configs (Andrew Price)
- redhat/uki_addons/virt: add common FIPS addon (Emanuele Giuseppe Esposito)
- redhat/kernel.spec: add uki_addons to create UKI kernel cmdline addons (Emanuele Giuseppe Esposito)
- Linux v6.11.0-0.rc2
Resolves: RHEL-29722
* Tue Aug 06 2024 Jan Stancek <jstancek@redhat.com> [6.11.0-0.rc2.16.el10] * Tue Aug 06 2024 Jan Stancek <jstancek@redhat.com> [6.11.0-0.rc2.16.el10]
- Linux 6.11-rc2 (Linus Torvalds) - Linux 6.11-rc2 (Linus Torvalds)
- profiling: remove profile=sleep support (Tetsuo Handa) - profiling: remove profile=sleep support (Tetsuo Handa)
@ -156,6 +184,34 @@
- task_work: make TWA_NMI_CURRENT handling conditional on IRQ_WORK (Linus Torvalds) - task_work: make TWA_NMI_CURRENT handling conditional on IRQ_WORK (Linus Torvalds)
Resolves: RHEL-29722 Resolves: RHEL-29722
* Fri Aug 09 2024 Jan Stancek <jstancek@redhat.com> [6.11.0-0.rc2.17.el10]
- btrfs: avoid using fixed char array size for tree names (Qu Wenruo)
- btrfs: fix double inode unlock for direct IO sync writes (Filipe Manana)
- btrfs: emit a warning about space cache v1 being deprecated (Josef Bacik)
- btrfs: fix qgroup reserve leaks in cow_file_range (Boris Burkov)
- btrfs: implement launder_folio for clearing dirty page reserve (Boris Burkov)
- btrfs: scrub: update last_physical after scrubbing one stripe (Qu Wenruo)
- btrfs: factor out stripe length calculation into a helper (Qu Wenruo)
- power: supply: qcom_battmgr: Ignore extra __le32 in info payload (Stephan Gerhold)
- power: supply: qcom_battmgr: return EAGAIN when firmware service is not up (Neil Armstrong)
- power: supply: axp288_charger: Round constant_charge_voltage writes down (Hans de Goede)
- power: supply: axp288_charger: Fix constant_charge_voltage writes (Hans de Goede)
- power: supply: rt5033: Bring back i2c_set_clientdata (Nikita Travkin)
- vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (Jason Wang)
- platform/x86/intel/ifs: Initialize union ifs_status to zero (Kuppuswamy Sathyanarayanan)
- platform/x86: msi-wmi-platform: Fix spelling mistakes (Luis Felipe Hernandez)
- platform/x86/amd/pmf: Add new ACPI ID AMDI0107 (Shyam Sundar S K)
- platform/x86/amd/pmc: Send OS_HINT command for new AMD platform (Shyam Sundar S K)
- platform/x86/amd: pmf: Add quirk for ROG Ally X (Luke D. Jones)
- platform/x86: intel-vbtn: Protect ACPI notify handler against recursion (Hans de Goede)
- selftests: ksft: Fix finished() helper exit code on skipped tests (Laura Nao)
- mm, slub: do not call do_slab_free for kfence object (Rik van Riel)
- redhat/configs: Disable gfs2 in rhel configs (Andrew Price)
- redhat/uki_addons/virt: add common FIPS addon (Emanuele Giuseppe Esposito)
- redhat/kernel.spec: add uki_addons to create UKI kernel cmdline addons (Emanuele Giuseppe Esposito)
- Linux v6.11.0-0.rc2
Resolves:
* Tue Aug 06 2024 Jan Stancek <jstancek@redhat.com> [6.11.0-0.rc2.16.el10] * Tue Aug 06 2024 Jan Stancek <jstancek@redhat.com> [6.11.0-0.rc2.16.el10]
- Linux 6.11-rc2 (Linus Torvalds) - Linux 6.11-rc2 (Linus Torvalds)
- profiling: remove profile=sleep support (Tetsuo Handa) - profiling: remove profile=sleep support (Tetsuo Handa)
@ -312,7 +368,22 @@ Resolves: RHEL-29722
- printk: Add notation to console_srcu locking (John Ogness) - printk: Add notation to console_srcu locking (John Ogness)
- crypto: x86/aes-gcm: Disable FPU around skcipher_walk_done(). (Sebastian Andrzej Siewior) - crypto: x86/aes-gcm: Disable FPU around skcipher_walk_done(). (Sebastian Andrzej Siewior)
- task_work: make TWA_NMI_CURRENT handling conditional on IRQ_WORK (Linus Torvalds) - task_work: make TWA_NMI_CURRENT handling conditional on IRQ_WORK (Linus Torvalds)
Resolves: RHEL-29722, RHEL-52629 Resolves: RHEL-29722
* Thu Aug 08 2024 Fedora Kernel Team <kernel-team@fedoraproject.org> [6.11.0-0.rc2.6a0e38264012.25]
- Linux v6.11.0-0.rc2.6a0e38264012
Resolves:
* Wed Aug 07 2024 Fedora Kernel Team <kernel-team@fedoraproject.org> [6.11.0-0.rc2.d4560686726f.24]
- Linux v6.11.0-0.rc2.d4560686726f
Resolves:
* Tue Aug 06 2024 Fedora Kernel Team <kernel-team@fedoraproject.org> [6.11.0-0.rc2.b446a2dae984.23]
- redhat/configs: Disable gfs2 in rhel configs (Andrew Price)
- redhat/uki_addons/virt: add common FIPS addon (Emanuele Giuseppe Esposito)
- redhat/kernel.spec: add uki_addons to create UKI kernel cmdline addons (Emanuele Giuseppe Esposito)
- Linux v6.11.0-0.rc2.b446a2dae984
Resolves:
* Mon Aug 05 2024 Fedora Kernel Team <kernel-team@fedoraproject.org> [6.11.0-0.rc2.22] * Mon Aug 05 2024 Fedora Kernel Team <kernel-team@fedoraproject.org> [6.11.0-0.rc2.22]
- rh_flags: fix failed when register_sysctl_sz rh_flags_table to kernel (Ricardo Robaina) [RHEL-52629] - rh_flags: fix failed when register_sysctl_sz rh_flags_table to kernel (Ricardo Robaina) [RHEL-52629]

View File

@ -163,15 +163,15 @@ Summary: The Linux kernel
%define specrpmversion 6.11.0 %define specrpmversion 6.11.0
%define specversion 6.11.0 %define specversion 6.11.0
%define patchversion 6.11 %define patchversion 6.11
%define pkgrelease 0.rc2.16 %define pkgrelease 0.rc2.17
%define kversion 6 %define kversion 6
%define tarfile_release 6.11.0-0.rc2.16.el10 %define tarfile_release 6.11.0-0.rc2.17.el10
# This is needed to do merge window version magic # This is needed to do merge window version magic
%define patchlevel 11 %define patchlevel 11
# This allows pkg_release to have configurable %%{?dist} tag # This allows pkg_release to have configurable %%{?dist} tag
%define specrelease 0.rc2.16%{?buildid}%{?dist} %define specrelease 0.rc2.17%{?buildid}%{?dist}
# This defines the kabi tarball version # This defines the kabi tarball version
%define kabiversion 6.11.0-0.rc2.16.el10 %define kabiversion 6.11.0-0.rc2.17.el10
# If this variable is set to 1, a bpf selftests build failure will cause a # If this variable is set to 1, a bpf selftests build failure will cause a
# fatal kernel package build error # fatal kernel package build error
@ -797,6 +797,8 @@ BuildRequires: lvm2
BuildRequires: systemd-boot-unsigned BuildRequires: systemd-boot-unsigned
# For systemd-stub and systemd-pcrphase # For systemd-stub and systemd-pcrphase
BuildRequires: systemd-udev >= 252-1 BuildRequires: systemd-udev >= 252-1
# For UKI kernel cmdline addons
BuildRequires: systemd-ukify
# For TPM operations in UKI initramfs # For TPM operations in UKI initramfs
BuildRequires: tpm2-tools BuildRequires: tpm2-tools
# For UKI sb cert # For UKI sb cert
@ -925,6 +927,9 @@ Source86: dracut-virt.conf
Source87: flavors Source87: flavors
Source151: uki_create_addons.py
Source152: uki_addons.json
Source100: rheldup3.x509 Source100: rheldup3.x509
Source101: rhelkpatch1.x509 Source101: rhelkpatch1.x509
Source102: nvidiagpuoot001.x509 Source102: nvidiagpuoot001.x509
@ -1566,6 +1571,11 @@ Provides: kernel-%{?1:%{1}-}uname-r = %{KVERREL}%{uname_suffix %{?1:+%{1}}}\
Requires: kernel%{?1:-%{1}}-modules-core-uname-r = %{KVERREL}%{uname_suffix %{?1:+%{1}}}\ Requires: kernel%{?1:-%{1}}-modules-core-uname-r = %{KVERREL}%{uname_suffix %{?1:+%{1}}}\
Requires(pre): %{kernel_prereq}\ Requires(pre): %{kernel_prereq}\
Requires(pre): systemd >= 254-1\ Requires(pre): systemd >= 254-1\
%package %{?1:%{1}-}uki-virt-addons\
Summary: %{variant_summary} unified kernel image addons for virtual machines\
Provides: installonlypkg(kernel)\
Requires: kernel%{?1:-%{1}}-uki-virt = %{specrpmversion}-%{release}\
Requires(pre): systemd >= 254-1\
%endif\ %endif\
%endif\ %endif\
%if %{with_gcov}\ %if %{with_gcov}\
@ -1705,31 +1715,49 @@ input and output, etc.
%if %{with_up} && %{with_debug} && %{with_efiuki} %if %{with_up} && %{with_debug} && %{with_efiuki}
%description debug-uki-virt %description debug-uki-virt
Prebuilt debug unified kernel image for virtual machines. Prebuilt debug unified kernel image for virtual machines.
%description debug-uki-virt-addons
Prebuilt debug unified kernel image addons for virtual machines.
%endif %endif
%if %{with_up_base} && %{with_efiuki} %if %{with_up_base} && %{with_efiuki}
%description uki-virt %description uki-virt
Prebuilt default unified kernel image for virtual machines. Prebuilt default unified kernel image for virtual machines.
%description uki-virt-addons
Prebuilt default unified kernel image addons for virtual machines.
%endif %endif
%if %{with_arm64_16k} && %{with_debug} && %{with_efiuki} %if %{with_arm64_16k} && %{with_debug} && %{with_efiuki}
%description 16k-debug-uki-virt %description 16k-debug-uki-virt
Prebuilt 16k debug unified kernel image for virtual machines. Prebuilt 16k debug unified kernel image for virtual machines.
%description 16k-debug-uki-virt-addons
Prebuilt 16k debug unified kernel image addons for virtual machines.
%endif %endif
%if %{with_arm64_16k_base} && %{with_efiuki} %if %{with_arm64_16k_base} && %{with_efiuki}
%description 16k-uki-virt %description 16k-uki-virt
Prebuilt 16k unified kernel image for virtual machines. Prebuilt 16k unified kernel image for virtual machines.
%description 16k-uki-virt-addons
Prebuilt 16k unified kernel image addons for virtual machines.
%endif %endif
%if %{with_arm64_64k} && %{with_debug} && %{with_efiuki} %if %{with_arm64_64k} && %{with_debug} && %{with_efiuki}
%description 64k-debug-uki-virt %description 64k-debug-uki-virt
Prebuilt 64k debug unified kernel image for virtual machines. Prebuilt 64k debug unified kernel image for virtual machines.
%description 64k-debug-uki-virt-addons
Prebuilt 64k debug unified kernel image addons for virtual machines.
%endif %endif
%if %{with_arm64_64k_base} && %{with_efiuki} %if %{with_arm64_64k_base} && %{with_efiuki}
%description 64k-uki-virt %description 64k-uki-virt
Prebuilt 64k unified kernel image for virtual machines. Prebuilt 64k unified kernel image for virtual machines.
%description 64k-uki-virt-addons
Prebuilt 64k unified kernel image addons for virtual machines.
%endif %endif
%if %{with_ipaclones} %if %{with_ipaclones}
@ -2616,6 +2644,10 @@ BuildKernel() {
--kernel-cmdline 'console=tty0 console=ttyS0' \ --kernel-cmdline 'console=tty0 console=ttyS0' \
$KernelUnifiedImage $KernelUnifiedImage
KernelAddonsDirOut="$KernelUnifiedImage.extra.d"
mkdir -p $KernelAddonsDirOut
python3 %{SOURCE151} %{SOURCE152} $KernelAddonsDirOut virt %{primary_target} %{_target_cpu}
%if %{signkernel} %if %{signkernel}
%{log_msg "Sign the EFI UKI kernel"} %{log_msg "Sign the EFI UKI kernel"}
%if 0%{?fedora}%{?eln} %if 0%{?fedora}%{?eln}
@ -2637,6 +2669,12 @@ BuildKernel() {
fi fi
mv $KernelUnifiedImage.signed $KernelUnifiedImage mv $KernelUnifiedImage.signed $KernelUnifiedImage
for addon in "$KernelAddonsDirOut"/*; do
%pesign -s -i $addon -o $addon.signed -a %{secureboot_ca_0} -c %{secureboot_key_0} -n %{pesign_name_0}
rm -f $addon
mv $addon.signed $addon
done
# signkernel # signkernel
%endif %endif
@ -3974,6 +4012,9 @@ fi\
/lib/modules/%{KVERREL}%{?3:+%{3}}/modules.builtin*\ /lib/modules/%{KVERREL}%{?3:+%{3}}/modules.builtin*\
%attr(0644, root, root) /lib/modules/%{KVERREL}%{?3:+%{3}}/%{?-k:%{-k*}}%{!?-k:vmlinuz}-virt.efi\ %attr(0644, root, root) /lib/modules/%{KVERREL}%{?3:+%{3}}/%{?-k:%{-k*}}%{!?-k:vmlinuz}-virt.efi\
%ghost /%{image_install_path}/efi/EFI/Linux/%{?-k:%{-k*}}%{!?-k:*}-%{KVERREL}%{?3:+%{3}}.efi\ %ghost /%{image_install_path}/efi/EFI/Linux/%{?-k:%{-k*}}%{!?-k:*}-%{KVERREL}%{?3:+%{3}}.efi\
%{expand:%%files %{?3:%{3}-}uki-virt-addons}\
/lib/modules/%{KVERREL}%{?3:+%{3}}/%{?-k:%{-k*}}%{!?-k:vmlinuz}-virt.efi.extra.d/ \
/lib/modules/%{KVERREL}%{?3:+%{3}}/%{?-k:%{-k*}}%{!?-k:vmlinuz}-virt.efi.extra.d/*.addon.efi\
%endif\ %endif\
%endif\ %endif\
%if %{?3:1} %{!?3:0}\ %if %{?3:1} %{!?3:0}\
@ -4048,6 +4089,33 @@ fi\
# #
# #
%changelog %changelog
* Fri Aug 09 2024 Jan Stancek <jstancek@redhat.com> [6.11.0-0.rc2.17.el10]
- btrfs: avoid using fixed char array size for tree names (Qu Wenruo)
- btrfs: fix double inode unlock for direct IO sync writes (Filipe Manana)
- btrfs: emit a warning about space cache v1 being deprecated (Josef Bacik)
- btrfs: fix qgroup reserve leaks in cow_file_range (Boris Burkov)
- btrfs: implement launder_folio for clearing dirty page reserve (Boris Burkov)
- btrfs: scrub: update last_physical after scrubbing one stripe (Qu Wenruo)
- btrfs: factor out stripe length calculation into a helper (Qu Wenruo)
- power: supply: qcom_battmgr: Ignore extra __le32 in info payload (Stephan Gerhold)
- power: supply: qcom_battmgr: return EAGAIN when firmware service is not up (Neil Armstrong)
- power: supply: axp288_charger: Round constant_charge_voltage writes down (Hans de Goede)
- power: supply: axp288_charger: Fix constant_charge_voltage writes (Hans de Goede)
- power: supply: rt5033: Bring back i2c_set_clientdata (Nikita Travkin)
- vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (Jason Wang)
- platform/x86/intel/ifs: Initialize union ifs_status to zero (Kuppuswamy Sathyanarayanan)
- platform/x86: msi-wmi-platform: Fix spelling mistakes (Luis Felipe Hernandez)
- platform/x86/amd/pmf: Add new ACPI ID AMDI0107 (Shyam Sundar S K)
- platform/x86/amd/pmc: Send OS_HINT command for new AMD platform (Shyam Sundar S K)
- platform/x86/amd: pmf: Add quirk for ROG Ally X (Luke D. Jones)
- platform/x86: intel-vbtn: Protect ACPI notify handler against recursion (Hans de Goede)
- selftests: ksft: Fix finished() helper exit code on skipped tests (Laura Nao)
- mm, slub: do not call do_slab_free for kfence object (Rik van Riel)
- redhat/configs: Disable gfs2 in rhel configs (Andrew Price)
- redhat/uki_addons/virt: add common FIPS addon (Emanuele Giuseppe Esposito)
- redhat/kernel.spec: add uki_addons to create UKI kernel cmdline addons (Emanuele Giuseppe Esposito)
- Linux v6.11.0-0.rc2
* Tue Aug 06 2024 Jan Stancek <jstancek@redhat.com> [6.11.0-0.rc2.16.el10] * Tue Aug 06 2024 Jan Stancek <jstancek@redhat.com> [6.11.0-0.rc2.16.el10]
- Linux 6.11-rc2 (Linus Torvalds) - Linux 6.11-rc2 (Linus Torvalds)
- profiling: remove profile=sleep support (Tetsuo Handa) - profiling: remove profile=sleep support (Tetsuo Handa)

View File

@ -1,5 +1,5 @@
SHA512 (kernel-abi-stablelists-6.6.0.tar.bz2) = 4f917598056dee5e23814621ec96ff2e4a411c8c4ba9d56ecb01b23cb96431825bedbecfcbaac9338efbf5cb21694d85497fa0bf43e7c80d9cd10bc6dd144dbd SHA512 (kernel-abi-stablelists-6.6.0.tar.bz2) = 4f917598056dee5e23814621ec96ff2e4a411c8c4ba9d56ecb01b23cb96431825bedbecfcbaac9338efbf5cb21694d85497fa0bf43e7c80d9cd10bc6dd144dbd
SHA512 (kernel-kabi-dw-6.6.0.tar.bz2) = 19308cd976031d05e18ef7f5d093218acdb89446418bab0cd956ff12cf66369915b9e64bb66fa9f20939428a60e81884fec5be3529c6c7461738d6540d3cc5c6 SHA512 (kernel-kabi-dw-6.6.0.tar.bz2) = 19308cd976031d05e18ef7f5d093218acdb89446418bab0cd956ff12cf66369915b9e64bb66fa9f20939428a60e81884fec5be3529c6c7461738d6540d3cc5c6
SHA512 (linux-6.11.0-0.rc2.16.el10.tar.xz) = ec00b14d35928348ebb9e6463cdf02336b03efe26ab7a056077e0652210837d033910c7e6f706dfba8135d73caea62682c5447fc47852859517b29f2797194c8 SHA512 (linux-6.11.0-0.rc2.17.el10.tar.xz) = fa1ad63d0ce729ad4ac702e89d2b901f30c7e135235f98a40961b371cfde93a6015cb3eb77d93b734df667d7d064f4f06109fb1cfd5b5fb55b6c445169b5e6ca
SHA512 (kernel-abi-stablelists-6.11.0-0.rc2.16.el10.tar.xz) = b5a236b165da1baa176ca5ef0eb1422d1c9d8b923848de7548c0ae141de60cb331c245c3977d62611c02bedd8b0f41a1f6406c6de4aaa0b08074c840378c1385 SHA512 (kernel-abi-stablelists-6.11.0-0.rc2.17.el10.tar.xz) = 8318cfdbeb63f51fc0f7d4254b1eb05bcb6f125b155fa3abda18d42cd052715aa6836256cc44b02282a5a1ebab73d8e8ef4f7dd5abfcc1339e9ecae1a1c5ecb6
SHA512 (kernel-kabi-dw-6.11.0-0.rc2.16.el10.tar.xz) = 058c2398b34608007996d39831d61d82b546674d7b9475e7b5c92f473f70be941be32db4024d6ee0df2571345cacd318f2d72144d561f24b0526e4fb0308cdcc SHA512 (kernel-kabi-dw-6.11.0-0.rc2.17.el10.tar.xz) = 058c2398b34608007996d39831d61d82b546674d7b9475e7b5c92f473f70be941be32db4024d6ee0df2571345cacd318f2d72144d561f24b0526e4fb0308cdcc

12
uki_addons.json Normal file
View File

@ -0,0 +1,12 @@
{
"virt": {
"common": {
"fips-disable.addon": [
"fips=0\n"
],
"fips-enable.addon": [
"fips=1\n"
]
}
}
}

151
uki_create_addons.py Executable file
View File

@ -0,0 +1,151 @@
#!/usr/bin/env python3
#
# This script inspects a given json proving a list of addons, and
# creates an addon for each key/value pair matching the given uki, distro and
# arch provided in input.
#
# Usage: python uki_create_addons.py input_json out_dir uki distro arch
#
# This tool requires the systemd-ukify and systemd-boot packages.
#
# Addon file
#-----------
# Each addon terminates with .addon
# Each addon contains only two types of lines:
# Lines beginning with '#' are description and thus ignored
# All other lines are command line to be added.
# The name of the end resulting addon is taken from the json hierarchy.
# For example, and addon in json['virt']['rhel']['x86_64']['hello.addon'] will
# result in an UKI addon file generated in out_dir called
# hello-virt.rhel.x86_64.addon.efi
#
# The common key, present in any sub-dict in the provided json (except the leaf dict)
# is used as place for default addons when the same addon is not defined deep
# in the hierarchy. For example, if we define test.addon (text: 'test1\n') in
# json['common']['test.addon'] = ['test1\n'] and another test.addon (text: test2) in
# json['virt']['common']['test.addon'] = ['test2'], any other uki except virt
# will have a test.addon.efi with text "test1", and virt will have a
# test.addon.efi with "test2"
#
# sbat.conf
#----------
# This dict is containing the sbat string for *all* addons being created.
# This dict is optional, but when used has to be put in a sub-dict with
# { 'sbat' : { 'sbat.conf' : ['your text here'] }}
# It follows the same syntax as the addon files, meaning '#' is comment and
# the rest is taken as sbat string and feed to ukify.
import os
import sys
import json
import collections
import subprocess
UKIFY_PATH = '/usr/lib/systemd/ukify'
def usage(err):
print(f'Usage: {os.path.basename(__file__)} input_json output_dir uki distro arch')
print(f'Error:{err}')
sys.exit(1)
def check_clean_arguments(input_json, out_dir):
# Remove end '/'
if out_dir[-1:] == '/':
out_dir = out_dir[:-1]
if not os.path.isfile(input_json):
usage(f'input_json {input_json} is not a file, or does not exist!')
if not os.path.isdir(out_dir):
usage(f'out_dir_dir {out_dir} is not a dir, or does not exist!')
return out_dir
UKICmdlineAddon = collections.namedtuple('UKICmdlineAddon', ['name', 'cmdline'])
uki_addons_list = []
uki_addons = {}
addon_sbat_string = None
def parse_lines(lines, rstrip=True):
cmdline = ''
for l in lines:
l = l.lstrip()
if not l:
continue
if l[0] == '#':
continue
# rstrip is used only for addons cmdline, not sbat.conf, as it replaces
# return lines with spaces.
if rstrip:
l = l.rstrip() + ' '
cmdline += l
if cmdline == '':
return ''
return cmdline
def parse_all_addons(in_obj):
global addon_sbat_string
for el in in_obj.keys():
# addon found: copy it in our global dict uki_addons
if el.endswith('.addon'):
uki_addons[el] = in_obj[el]
if 'sbat' in in_obj and 'sbat.conf' in in_obj['sbat']:
# sbat.conf found: override sbat with the most specific one found
addon_sbat_string = parse_lines(in_obj['sbat']['sbat.conf'], rstrip=False)
def recursively_find_addons(in_obj, folder_list):
# end of recursion, leaf directory. Search all addons here
if len(folder_list) == 0:
parse_all_addons(in_obj)
return
# first, check for common folder
if 'common' in in_obj:
parse_all_addons(in_obj['common'])
# second, check if there is a match with the searched folder
if folder_list[0] in in_obj:
folder_next = in_obj[folder_list[0]]
folder_list = folder_list[1:]
recursively_find_addons(folder_next, folder_list)
def parse_in_json(in_json, uki_name, distro, arch):
with open(in_json, 'r') as f:
in_obj = json.load(f)
recursively_find_addons(in_obj, [uki_name, distro, arch])
for addon_name, cmdline in uki_addons.items():
addon_name = addon_name.replace(".addon","")
addon_full_name = f'{addon_name}-{uki_name}.{distro}.{arch}.addon.efi'
cmdline = parse_lines(cmdline).rstrip()
if cmdline:
uki_addons_list.append(UKICmdlineAddon(addon_full_name, cmdline))
def create_addons(out_dir):
for uki_addon in uki_addons_list:
out_path = os.path.join(out_dir, uki_addon.name)
cmd = [
f'{UKIFY_PATH}', 'build',
f'--cmdline="{uki_addon.cmdline}"',
f'--output={out_path}']
if addon_sbat_string:
cmd.append('--sbat="' + addon_sbat_string.rstrip() +'"')
subprocess.check_call(cmd, text=True)
if __name__ == "__main__":
argc = len(sys.argv) - 1
if argc != 5:
usage('too few or too many parameters!')
input_json = sys.argv[1]
out_dir = sys.argv[2]
uki_name = sys.argv[3]
distro = sys.argv[4]
arch = sys.argv[5]
out_dir = check_clean_arguments(input_json, out_dir)
parse_in_json(input_json, uki_name, distro, arch)
create_addons(out_dir)