Resolves: #1959067

0100-kpatch-wait-for-module-ref-counts-on-unload.patch

@@ -1,100 +0,0 @@
-From cdee6bd650a35075515d4fe2bb67657811c9640c Mon Sep 17 00:00:00 2001
-From: Joe Lawrence <joe.lawrence@redhat.com>
-Date: Mon, 16 Nov 2020 15:21:59 -0500
-Subject: [PATCH] kpatch: wait for module ref counts on unload
-
-There exists a very small timing window in which "kpatch unload" gets to
-its "rmmod" step before the kpatch-patch module's reference count has
-cleared and the "rmmod" fails.
-
-This is only a transient problem, but we can adopt code from upstream
-livepatch kselftests which wait for the module refcounts to settle
-before moving onto "rmmod".
-
-A small wrinkle is that this is not supported by the older kpatch.ko
-core.  The price for circumventing the activeness safety check via
-KPATCH_FORCE_UNSAFE is that it must leave the kpatch patch modules in
-place (see e1890e627a9b ("prevent rmmod of forced modules")).
-
-Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
----
- kpatch/kpatch | 40 ++++++++++++++++++++++++++++++++++++++--
- 1 file changed, 38 insertions(+), 2 deletions(-)
-
-diff --git a/kpatch/kpatch b/kpatch/kpatch
-index bca8f41..b35b742 100755
---- a/kpatch/kpatch
-+++ b/kpatch/kpatch
-@@ -28,6 +28,7 @@ SCRIPTDIR="$(readlink -f "$(dirname "$(type -p "$0")")")"
- VERSION="0.9.2"
- POST_ENABLE_WAIT=15	# seconds
- POST_SIGNAL_WAIT=60	# seconds
-+MODULE_REF_WAIT=15	# seconds
- 
- # How many times to try loading the patch if activeness safety check fails.
- MAX_LOAD_ATTEMPTS=5
-@@ -125,6 +126,10 @@ find_core_module() {
- 	return 1
- }
- 
-+kpatch_core_loaded() {
-+	grep -q -e "T kpatch_register" /proc/kallsyms
-+}
-+
- core_loaded () {
- 	grep -q -e "T klp_enable_patch" -e "T kpatch_register" /proc/kallsyms
- }
-@@ -265,6 +270,31 @@ wait_for_patch_transition() {
- 	return 1
- }
- 
-+module_ref_count() {
-+	local modname="$1"
-+	[[ $(cat "/sys/module/$modname/refcnt" 2>/dev/null) != "0" ]]
-+}
-+
-+wait_for_zero_module_ref_count() {
-+	local modname="$1"
-+	local i=0
-+
-+	# We can't rely on a zero refcount with kpatch.ko as it
-+	# implements KPATCH_FORCE_UNSAFE with an additional reference on
-+	# kpatch-patch modules to avoid potential crashes.
-+	kpatch_core_loaded && return 0
-+
-+	module_ref_count "$modname" || return 0
-+
-+	echo "waiting (up to $MODULE_REF_WAIT seconds) for module refcount..."
-+	for (( i=0; i<MODULE_REF_WAIT; i++ )); do
-+		module_ref_count "$modname" || return 0
-+		sleep 1s
-+	done
-+
-+	return 1
-+}
-+
- load_module () {
- 	local module="$1"
- 
-@@ -381,10 +411,16 @@ disable_patch_strict () {
- }
- 
- remove_module () {
--	echo "unloading patch module: $1"
-+	local modname="$1"
-+
-+	if ! wait_for_zero_module_ref_count "$modname"; then
-+		die "failed to unload module $modname (refcnt)"
-+	fi
-+
-+	echo "unloading patch module: $modname"
- 	# ignore any error here because rmmod can fail if the module used
- 	# KPATCH_FORCE_UNSAFE.
--	rmmod "$1" 2> /dev/null || return 0
-+	rmmod "$modname" 2> /dev/null || return 0
- }
- 
- unload_module () {
--- 
-2.25.4
-

0200-Makefile-set-install-permission-modes.patch

@@ -1,39 +0,0 @@
-From 73f6d5cdb2a4ce78cec6f49517116a3c7616f393 Mon Sep 17 00:00:00 2001
-From: Joe Lawrence <joe.lawrence@redhat.com>
-Date: Thu, 12 Nov 2020 15:15:47 -0500
-Subject: [PATCH] Makefile: set install permission modes
-
-By default, the install command will apply rwxr-xr-x permissions (how
-intuitive).  Give the command expected file modes to avoid rpmbuild
-complaints like this:
-
-  *** WARNING: ./usr/lib/python3.9/site-packages/dnf-plugins/kpatch.py is executable but has no shebang, removing executable bit
-  *** WARNING: ./etc/dnf/plugins/kpatch.conf is executable but has no shebang, removing executable bit
-
-Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
----
- Makefile | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/Makefile b/Makefile
-index fb92d06..77c8eb5 100644
---- a/Makefile
-+++ b/Makefile
-@@ -23,11 +23,11 @@ all: $(TARGETS)
- 
- install: $(TARGETS)
- 	install -d $(MANDIR)
--	install man/dnf.kpatch.8.gz $(MANDIR)
-+	install -m 644 man/dnf.kpatch.8.gz $(MANDIR)
- 	install -d $(CONFDIR)
--	install conf/kpatch.conf $(CONFDIR)
-+	install -m 644 conf/kpatch.conf $(CONFDIR)
- 	install -d $(DNFPLUGINDIR)
--	install kpatch.py $(DNFPLUGINDIR)
-+	install -m 644 kpatch.py $(DNFPLUGINDIR)
- 
- %.gz: %
- 	gzip --keep $^
--- 
-2.25.4
-

kpatch.spec

@@ -1,8 +1,8 @@
-%define kpatch_dnf_ver	0.2
+%define kpatch_dnf_ver	0.3
 
 Name:		kpatch
-Version:	0.9.2
-Release:	5%{?dist}
+Version:	0.9.3
+Release:	1%{?dist}
 Summary:	Dynamic kernel patch manager
 
 Group:		System Environment/Kernel
@@ -15,11 +15,11 @@ Source1:	kpatch-dnf-v%{kpatch_dnf_ver}.tar.gz
 Patch0:		0001-contrib-disable-upstart-kpatch.conf-install.patch
 Patch1:		0002-kpatch-clarify-unload-unsupport.patch
 
-# Upstream backports
-Patch100:	0100-kpatch-wait-for-module-ref-counts-on-unload.patch
+# Upstream backports (inactive -- for future reference)
+#Patch100:	0100-kpatch-wait-for-module-ref-counts-on-unload.patch
 
-# kpatch-dnf backports
-Patch200:	0200-Makefile-set-install-permission-modes.patch
+# kpatch-dnf backports (inactive -- for future reference)
+#Patch200:	0200-foo-bar-etcetera.patch
 
 Requires:	bash kmod binutils
 Recommends:	kpatch-dnf
@@ -49,12 +49,15 @@ kpatch-patch packages updates.
 %setup -q
 %patch0 -p1
 %patch1 -p1
-%patch100 -p1
+# Use this to apply upstream patches to kpatch (inactive)
+#%patch100 -p1
 
 %setup -D -T -a 1
-cd kpatch-dnf-%{kpatch_dnf_ver}
-%patch200 -p1
-cd ..
+
+# Use this to apply patches to kpatch-dnf (inactive)
+#cd kpatch-dnf-%{kpatch_dnf_ver}
+#%patch200 -p1
+#cd ..
 
 %build
 make -C man
@@ -85,6 +88,9 @@ echo "To enable automatic kpatch-patch subscription, run:"
 echo -e "\t$ dnf kpatch auto"
 
 %changelog
+* Tue May 18 2021 Joel Savitz <jsavitz@redhat.com> - 0.9.3-1
+- Rebase to latest upstream
+
 * Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 0.9.2-5
 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937