import kpatch-0.6.1-5.el8

SOURCES/0002-contrib-service-don-t-unload-modules-on-stop.patch

@@ -0,0 +1,31 @@
+From 8909e63c54adb34a0324200f99c63fcd7db5cbc5 Mon Sep 17 00:00:00 2001
+From: Joe Lawrence <joe.lawrence@redhat.com>
+Date: Mon, 10 Jun 2019 16:55:54 -0400
+Subject: [PATCH] contrib/service: don't unload modules on stop
+
+The kpatch.service file shouldn't unload patch modules on service stop
+(this is also executed by systemd on reboot).  Patch modules may not be
+designed to be safely unloaded and/or may patch kernel routines that
+need to continue to run throughout system bring down.
+
+Suggested-by: disaster123
+Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
+---
+ contrib/kpatch.service | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/contrib/kpatch.service b/contrib/kpatch.service
+index 5286f6c929e0..cf13f40105d9 100644
+--- a/contrib/kpatch.service
++++ b/contrib/kpatch.service
+@@ -6,7 +6,6 @@ ConditionKernelCommandLine=!kpatch.enable=0
+ Type=oneshot
+ RemainAfterExit=yes
+ ExecStart=PREFIX/sbin/kpatch load --all
+-ExecStop=PREFIX/sbin/kpatch unload --all
+ 
+ [Install]
+ WantedBy=multi-user.target
+-- 
+2.21.0
+

SOURCES/0003-kpatch-script-don-t-fail-if-module-already-loaded-en.patch

@@ -0,0 +1,77 @@
+From 1d2dffec7a6fad4a8daed9340cd42aada856d03f Mon Sep 17 00:00:00 2001
+From: Joe Lawrence <joe.lawrence@redhat.com>
+Date: Wed, 19 Jun 2019 15:29:43 -0400
+Subject: [PATCH] kpatch script: don't fail if module already loaded+enabled
+
+For "kpatch load" invocations, don't set failing return status if the
+kpatch module is already loaded and enabled.  Make note of the existing
+livepatch module and then verify that is has completed its transition
+before continuing.  This allows the user to more gracefully re-run
+"kpatch load" commands to pick up new kpatch modules.
+
+Fixes: #979
+Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
+---
+ kpatch/kpatch | 44 ++++++++++++++++++++++----------------------
+ 1 file changed, 22 insertions(+), 22 deletions(-)
+
+diff --git a/kpatch/kpatch b/kpatch/kpatch
+index 328f1197259d..8ea6c80ca2d3 100755
+--- a/kpatch/kpatch
++++ b/kpatch/kpatch
+@@ -314,30 +314,30 @@ load_module () {
+ 				die "error: cannot re-enable patch module $modname, cannot verify checksum match"
+ 			fi
+ 		else
+-			die "error: module named $modname already loaded and enabled"
++			echo "module named $modname already loaded and enabled"
+ 		fi
+-	fi
++	else
++		echo "loading patch module: $module"
++		local i=0
++		while true; do
++			out="$(LC_ALL=C insmod "$module" 2>&1)"
++			[[ -z "$out" ]] && break
++			echo "$out" 1>&2
++			[[ ! "$out" =~ "Device or resource busy" ]] &&
++				die "failed to load module $module"
+ 
+-	echo "loading patch module: $module"
+-	local i=0
+-	while true; do
+-		out="$(LC_ALL=C insmod "$module" 2>&1)"
+-		[[ -z "$out" ]] && break
+-		echo "$out" 1>&2
+-		[[ ! "$out" =~ "Device or resource busy" ]] &&
+-			die "failed to load module $module"
+-
+-		# "Device or resource busy" means the activeness safety check
+-		# failed.  Retry in a few seconds.
+-		i=$((i+1))
+-		if [[ $i -eq $MAX_LOAD_ATTEMPTS ]]; then
+-			die "failed to load module $module"
+-			break
+-		else
+-			warn "retrying..."
+-			sleep $RETRY_INTERVAL
+-		fi
+-	done
++			# "Device or resource busy" means the activeness safety check
++			# failed.  Retry in a few seconds.
++			i=$((i+1))
++			if [[ $i -eq $MAX_LOAD_ATTEMPTS ]]; then
++				die "failed to load module $module"
++				break
++			else
++				warn "retrying..."
++				sleep $RETRY_INTERVAL
++			fi
++		done
++	fi
+ 
+ 	if ! wait_for_patch_transition "$modname" ; then
+ 		echo "module $modname did not complete its transition, unloading..."
+-- 
+2.21.0
+

SOURCES/0004-kpatch-clarify-unload-unsupport.patch

@@ -0,0 +1,78 @@
+kpatch: clarify that "kpatch unload" isn't supported
+
+Add a user-prompt to the kpatch unload subcommand and make a similiar
+mention in the manual page.
+
+Provide an undocumented force option so that QE and dev scripts can
+still run unload kpatch modules from scripts.
+
+RHEL-only.
+
+Signed-off-by: Joe Lawrence <joe.lawrence@redhat.com>
+diff -Nupr kpatch-0.6.1.old/kpatch/kpatch kpatch-0.6.1/kpatch/kpatch
+--- kpatch-0.6.1.old/kpatch/kpatch	2019-08-28 10:35:01.191259434 -0400
++++ kpatch-0.6.1/kpatch/kpatch	2019-08-28 16:11:13.067926576 -0400
+@@ -49,8 +49,8 @@ usage () {
+ 	echo >&2
+ 	usage_cmd "load --all" "load all installed patch modules into the running kernel"
+ 	usage_cmd "load <module>" "load patch module into the running kernel"
+-	usage_cmd "unload --all" "unload all patch modules from the running kernel"
+-	usage_cmd "unload <module>" "unload patch module from the running kernel"
++	usage_cmd "unload --all (UNSUPPORTED)" "unload all patch modules from the running kernel"
++	usage_cmd "unload <module> (UNSUPPORTED)" "unload patch module from the running kernel"
+ 	echo >&2
+ 	usage_cmd "info <module>" "show information about a patch module"
+ 	echo >&2
+@@ -71,6 +71,16 @@ die() {
+ 	exit 1
+ }
+ 
++confirm_prompt() {
++	local prompt="$1"
++	local answer
++	while true; do
++		read -rp "$prompt [Y/N] " answer
++		[[ $answer == 'Y' || $answer == 'y' ]] && return 0
++		[[ $answer == 'N' || $answer == 'n' ]] && return 1
++	done
++}
++
+ __find_module () {
+ 	MODULE="$1"
+ 	[[ -f "$MODULE" ]] && return
+@@ -406,6 +416,19 @@ unset MODULE
+ init_sysfs_var
+ 
+ [[ "$#" -lt 1 ]] && usage
++
++# RHEL-specific support options
++case "$1" in
++"force")
++	# For scripting purposes, support "kpatch force unload".
++	# Shift out the "force" to avoid the user-prompt check below.
++	shift
++	;;
++"unload")
++	confirm_prompt "WARNING: Red Hat doesn't support unloading of kpatches, continue anyway?" || exit 1
++	;;
++esac
++
+ case "$1" in
+ "load")
+ 	[[ "$#" -ne 2 ]] && usage
+diff -Nupr kpatch-0.6.1.old/man/kpatch.1 kpatch-0.6.1/man/kpatch.1
+--- kpatch-0.6.1.old/man/kpatch.1	2019-08-28 10:35:01.191259434 -0400
++++ kpatch-0.6.1/man/kpatch.1	2019-08-28 14:51:23.268198897 -0400
+@@ -23,10 +23,10 @@ load --all
+ load <module>
+        load patch module into the running kernel
+ 
+-unload --all
++unload --all (UNSUPPORTED)
+        unload all patch modules from the running kernel
+ 
+-unload <module>
++unload <module> (UNSUPPORTED)
+        unload patch module from the running kernel
+ 
+ info <module>

SPECS/kpatch.spec

@@ -1,6 +1,6 @@
 Name:		kpatch
 Version:	0.6.1
-Release:	1%{?dist}
+Release:	5%{?dist}
 Summary:	Dynamic kernel patch manager
 
 Group:		System Environment/Kernel
@@ -8,6 +8,9 @@ License:	GPLv2
 URL:		https://github.com/dynup/kpatch
 Source0:	https://github.com/dynup/kpatch/archive/v%{version}.tar.gz
 Patch0:		0001-contrib-disable-upstart-kpatch.conf-install.patch
+Patch1:		0002-contrib-service-don-t-unload-modules-on-stop.patch
+Patch2:		0003-kpatch-script-don-t-fail-if-module-already-loaded-en.patch
+Patch3:		0004-kpatch-clarify-unload-unsupport.patch
 
 Requires:	bash kmod binutils
 
@@ -15,7 +18,7 @@ BuildArch:	noarch
 
 
 %description
-kpatch is a dynamic kernel patch module manager.  It allows the user to manage
+kpatch is a live kernel patch module manager.  It allows the user to manage
 a collection of binary kernel patch modules which can be used to dynamically
 patch the kernel without rebooting.
 
@@ -23,6 +26,9 @@ patch the kernel without rebooting.
 %prep
 %setup -q
 %patch0 -p1
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
 
 
 %build
@@ -43,6 +49,18 @@ rm -f %{buildroot}/usr/share/man/man1/kpatch-build.1.gz
 
 
 %changelog
+* Wed Aug 28 2019 Joe Lawrence <joe.lawrence@redhat.com> 0.6.1-5
+- kpatch: clarify that "kpatch unload" isn't supported (rhbz#1746461)
+
+* Sun Jun 23 2019 Joe Lawrence <joe.lawrence@redhat.com> 0.6.1-4
+- kpatch script: don't fail if module already loaded+enabled (rhbz#1719305)
+
+* Wed Jun 12 2019 Joe Lawrence <joe.lawrence@redhat.com> 0.6.1-3
+- kpatch: patches shouldn't be unloaded on system shutdown (rhbz#1719305)
+
+* Wed Jun 5 2019 Josh Poimboeuf <jpoimboe@redhat.com> 0.6.1-2
+- CI gating test (rhbz#1717417)
+
 * Tue Aug 14 2018 Joe Lawrence <joe.lawrence@redhat.com> 0.6.1-1
 - update to 0.6.1 (rhbz#1615880)