The "regular" definition of the with_kabichk macro does not need to
be commented out while it is temporarily (re-)defined as 0 on the
next line. This avoids a "Macro expanded in comment" warning.
Remove comments on the same line as %endif directives. Instead, make
a couple of these conditionals easier to read (and consistent with
the surrounding ones) by deleting a few blank lines.
The test was failing (after hanging for several hours) because of a
hard-coded assumption about which file descriptor would be returned
by memfd_create(). The actual file descriptor gets printed by the
test program though, so read this and use it instead. (Adjust the
test program so that this is not printed until the file is ready.)
Resolve compiler warnings about implicit function declarations, by
using the #include statements listed in the kernel.org man-pages.
From the original RHEL patch:
This extra '+' causes problems with the regular expression used with
/usr/lib/rpm/find-debuginfo.sh script from rpm-build, which is used to filter
the debug files to the corresponding debuginfo packages. The '+' character
in the release is interpreted as a regular expression operator and the
debuginfo filter fails, with the build failing on an empty debuginfo file list.
Which means we need to escape the extra '+' character if we want debuginfo
filter to work. I tried to use '\' to escape, but rpm "eats" that, in testing
'[+]' worked so is what I'm using to fix/workaround this problem. When RHEL 8
drops the the extra +<number> in the future, we can remove this fix/workaround.
This problem is likely to come up so just add it in now.
Fedora does some validation on config options to catch
errors. There may be cases when we want to turn off that
checking because it doesn't actually matter. Make this a
full --with option to make it easier to turn off.
Some of the downstream users want to package some modules for
internal use only. While Fedora isn't internal, it's still
useful to have packaging aligned. Add a few modules to this
package.
Other products downstream of Fedora offer kernel ABI guarantees.
Fedora doesn't offer this and have no plans to do so but it's
useful to at least have the packaging in our tree. Add support.
Fedora currently only supports x86_64 secureboot signing.
There's ongoing work to enable other arches though. For now,
just bring in the packaging support with some of it commented
out.
While Fedora doesn't officially support kpatch, there's work
being done to enable kpatch elsewhere. Add the packaging work
but don't actually build anything.