From 854c564e0729cc458e4878c09b63853ad406718b Mon Sep 17 00:00:00 2001 From: "Justin M. Forbes" Date: Thu, 27 Jan 2022 08:59:41 -0600 Subject: [PATCH] kernel-5.17-0.rc1.20220127git626b2dda7651.78 * Thu Jan 27 2022 Fedora Kernel Team [5.17-0.rc1.20220127git626b2dda7651.78] - spec: speed up "cp -r" when it overwrites existing files. (Denys Vlasenko) - redhat: use centos x509.genkey file if building under centos (Herton R. Krzesinski) Resolves: rhbz# Signed-off-by: Justin M. Forbes --- Makefile.rhelver | 2 +- kernel.spec | 39 ++++++++++++++++++++++++++++++++------- sources | 6 +++--- x509.genkey.centos | 16 ++++++++++++++++ 4 files changed, 52 insertions(+), 11 deletions(-) create mode 100644 x509.genkey.centos diff --git a/Makefile.rhelver b/Makefile.rhelver index 1287ea8e5..dbfa75069 100644 --- a/Makefile.rhelver +++ b/Makefile.rhelver @@ -12,7 +12,7 @@ RHEL_MINOR = 99 # # Use this spot to avoid future merge conflicts. # Do not trim this comment. -RHEL_RELEASE = 77 +RHEL_RELEASE = 78 # # Early y+1 numbering diff --git a/kernel.spec b/kernel.spec index 4466490ea..7fd042c3b 100755 --- a/kernel.spec +++ b/kernel.spec @@ -87,7 +87,7 @@ Summary: The Linux kernel # the --with-release option overrides this setting.) %define debugbuildsenabled 0 -%global distro_build 0.rc1.20220126git0280e3c58f92.77 +%global distro_build 0.rc1.20220127git626b2dda7651.78 %if 0%{?fedora} %define secure_boot_arch x86_64 @@ -132,13 +132,13 @@ Summary: The Linux kernel %define rpmversion 5.17.0 %define patchversion 5.17 -%define pkgrelease 0.rc1.20220126git0280e3c58f92.77 +%define pkgrelease 0.rc1.20220127git626b2dda7651.78 # This is needed to do merge window version magic %define patchlevel 17 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 0.rc1.20220126git0280e3c58f92.77%{?buildid}%{?dist} +%define specrelease 0.rc1.20220127git626b2dda7651.78%{?buildid}%{?dist} %define pkg_release %{specrelease} @@ -692,7 +692,7 @@ BuildRequires: lld # exact git commit you can run # # xzcat -qq ${TARBALL} | git get-tar-commit-id -Source0: linux-5.17-rc1-81-g0280e3c58f92.tar.xz +Source0: linux-5.17-rc1-86-g626b2dda7651.tar.xz Source1: Makefile.rhelver @@ -777,6 +777,8 @@ Source37: filter-aarch64.sh.rhel Source38: filter-ppc64le.sh.rhel Source39: filter-s390x.sh.rhel Source40: filter-modules.sh.rhel + +Source41: x509.genkey.centos %endif %if 0%{?include_fedora} @@ -1386,8 +1388,8 @@ ApplyOptionalPatch() fi } -%setup -q -n kernel-5.17-rc1-81-g0280e3c58f92 -c -mv linux-5.17-rc1-81-g0280e3c58f92 linux-%{KVERREL} +%setup -q -n kernel-5.17-rc1-86-g626b2dda7651 -c +mv linux-5.17-rc1-86-g626b2dda7651 linux-%{KVERREL} cd linux-%{KVERREL} cp -a %{SOURCE1} . @@ -1499,6 +1501,18 @@ done cp %{SOURCE82} . RPM_SOURCE_DIR=$RPM_SOURCE_DIR ./update_scripts.sh %{primary_target} +# We may want to override files from the primary target in case of building +# against a flavour of it (eg. centos not rhel), thus override it here if +# necessary +if [ "%{primary_target}" == "rhel" ]; then +%if 0%{?centos} + echo "Updating scripts/sources to centos version" + RPM_SOURCE_DIR=$RPM_SOURCE_DIR ./update_scripts.sh centos +%else + echo "Not updating scripts/sources to centos version" +%endif +fi + # end of kernel config %endif @@ -2075,7 +2089,14 @@ BuildKernel() { # Cleanup rm System.map - cp -r restore/* lib/modules/$KernelVer/. + # Just "cp -r" can be very slow: here, it rewrites _existing files_ + # with open(O_TRUNC). Many filesystems synchronously wait for metadata + # update for such file rewrites (seen in strace as final close syscall + # taking a long time). On a rotational disk, cp was observed to take + # more than 5 minutes on ext4 and more than 15 minutes (!) on xfs. + # With --remove-destination, we avoid this, and copying + # (with enough RAM to cache it) takes 5 seconds: + cp -r --remove-destination restore/* lib/modules/$KernelVer/. rm -rf restore popd @@ -2982,6 +3003,10 @@ fi # # %changelog +* Thu Jan 27 2022 Fedora Kernel Team [5.17-0.rc1.20220127git626b2dda7651.78] +- spec: speed up "cp -r" when it overwrites existing files. (Denys Vlasenko) +- redhat: use centos x509.genkey file if building under centos (Herton R. Krzesinski) + * Tue Jan 25 2022 Fedora Kernel Team [5.17-0.rc1.20220125gita08b41ab9e2e.76] - objtool: check: give big enough buffer for pv_ops (Sergei Trofimovich) diff --git a/sources b/sources index c3841df77..eeaf7bc92 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-5.17-rc1-81-g0280e3c58f92.tar.xz) = 5746fcdd5100c1967bb61959411ca607ef9db05978fdd3c7b5034714636caa965854f13469352cc9b881057caa2b196592df0dc4b0e1b1e3f1c8f782521ab828 -SHA512 (kernel-abi-stablelists-5.17.0-0.rc1.20220126git0280e3c58f92.77.tar.bz2) = 3b63585fa3041766839af98e068e49868214a0afe3576b6f266e2a20871b8d985572ad9b5a8da67b300401d60dfa27853b62cf0ffa60b9d86f8d363d9128facb -SHA512 (kernel-kabi-dw-5.17.0-0.rc1.20220126git0280e3c58f92.77.tar.bz2) = 44924a32a9e53b737bbde16576664533a9749040f7c3d885eaffbbd7bc7f65c4d525eed1b2a1ab207f849739f8e2e215c17b383d3db321ab3d6d2228fed8804e +SHA512 (linux-5.17-rc1-86-g626b2dda7651.tar.xz) = 6886ed2daffee48d965fdb536921344f15ee668e373c994f508ed13d92b920df0c216a8bcebb8986e15e81f00fb6795db956a455740bcebcac9595fdfdfbb10f +SHA512 (kernel-abi-stablelists-5.17.0-0.rc1.20220127git626b2dda7651.78.tar.bz2) = 48b92134a5a87e3b34456703ddc4f425956c744f9ab458ebfa454a705afb0c9db15028634875f919e9adcccf564a07d63639c6af5d2e847ab4e12060bf512a06 +SHA512 (kernel-kabi-dw-5.17.0-0.rc1.20220127git626b2dda7651.78.tar.bz2) = 3d6b1a94c79d3ba13a33cb310522e80a5cf27309a457437092e1c5155dfc166b33e09ff1dce1475369b60890db50aec9896f1af9d9b87ff049ea33b5d87f045f diff --git a/x509.genkey.centos b/x509.genkey.centos new file mode 100644 index 000000000..c91af3b46 --- /dev/null +++ b/x509.genkey.centos @@ -0,0 +1,16 @@ +[ req ] +default_bits = 3072 +distinguished_name = req_distinguished_name +prompt = no +x509_extensions = myexts + +[ req_distinguished_name ] +O = The CentOS Project +CN = CentOS Stream kernel signing key +emailAddress = security@centos.org + +[ myexts ] +basicConstraints=critical,CA:FALSE +keyUsage=digitalSignature +subjectKeyIdentifier=hash +authorityKeyIdentifier=keyid