diff --git a/0001-contrib-disable-upstart-kpatch.conf-install.patch b/0001-contrib-disable-upstart-kpatch.conf-install.patch old mode 100644 new mode 100755 diff --git a/0002-contrib-service-don-t-unload-modules-on-stop.patch b/0002-contrib-service-don-t-unload-modules-on-stop.patch deleted file mode 100644 index 559b00f3a3349820c172bf992ef6d99dfbbe27e3..0000000000000000000000000000000000000000 --- a/0002-contrib-service-don-t-unload-modules-on-stop.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 8909e63c54adb34a0324200f99c63fcd7db5cbc5 Mon Sep 17 00:00:00 2001 -From: Joe Lawrence -Date: Mon, 10 Jun 2019 16:55:54 -0400 -Subject: [PATCH] contrib/service: don't unload modules on stop - -The kpatch.service file shouldn't unload patch modules on service stop -(this is also executed by systemd on reboot). Patch modules may not be -designed to be safely unloaded and/or may patch kernel routines that -need to continue to run throughout system bring down. - -Suggested-by: disaster123 -Signed-off-by: Joe Lawrence ---- - contrib/kpatch.service | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/contrib/kpatch.service b/contrib/kpatch.service -index 5286f6c929e0..cf13f40105d9 100644 ---- a/contrib/kpatch.service -+++ b/contrib/kpatch.service -@@ -6,7 +6,6 @@ ConditionKernelCommandLine=!kpatch.enable=0 - Type=oneshot - RemainAfterExit=yes - ExecStart=PREFIX/sbin/kpatch load --all --ExecStop=PREFIX/sbin/kpatch unload --all - - [Install] - WantedBy=multi-user.target --- -2.21.0 - diff --git a/0004-kpatch-clarify-unload-unsupport.patch b/0002-kpatch-clarify-unload-unsupport.patch old mode 100644 new mode 100755 similarity index 89% rename from 0004-kpatch-clarify-unload-unsupport.patch rename to 0002-kpatch-clarify-unload-unsupport.patch index 0d95f93a1e1eefa4b6126643fa5b5f6a3d0170ed..b1c0d2dae4c4b4d1277de4e8fbae86f5f7eabb22 --- a/0004-kpatch-clarify-unload-unsupport.patch +++ b/0002-kpatch-clarify-unload-unsupport.patch @@ -10,8 +10,8 @@ RHEL-only. Signed-off-by: Joe Lawrence diff -Nupr kpatch-0.6.1.old/kpatch/kpatch kpatch-0.6.1/kpatch/kpatch ---- kpatch-0.6.1.old/kpatch/kpatch 2019-08-28 10:35:01.191259434 -0400 -+++ kpatch-0.6.1/kpatch/kpatch 2019-08-28 16:11:13.067926576 -0400 +--- kpatch-0.9.2.old/kpatch/kpatch 2019-08-28 10:35:01.191259434 -0400 ++++ kpatch-0.9.2/kpatch/kpatch 2019-08-28 16:11:13.067926576 -0400 @@ -49,8 +49,8 @@ usage () { echo >&2 usage_cmd "load --all" "load all installed patch modules into the running kernel" @@ -61,8 +61,8 @@ diff -Nupr kpatch-0.6.1.old/kpatch/kpatch kpatch-0.6.1/kpatch/kpatch "load") [[ "$#" -ne 2 ]] && usage diff -Nupr kpatch-0.6.1.old/man/kpatch.1 kpatch-0.6.1/man/kpatch.1 ---- kpatch-0.6.1.old/man/kpatch.1 2019-08-28 10:35:01.191259434 -0400 -+++ kpatch-0.6.1/man/kpatch.1 2019-08-28 14:51:23.268198897 -0400 +--- kpatch-0.9.2.old/man/kpatch.1 2019-08-28 10:35:01.191259434 -0400 ++++ kpatch-0.9.2/man/kpatch.1 2019-08-28 14:51:23.268198897 -0400 @@ -23,10 +23,10 @@ load --all load load patch module into the running kernel diff --git a/0003-kpatch-script-don-t-fail-if-module-already-loaded-en.patch b/0003-kpatch-script-don-t-fail-if-module-already-loaded-en.patch deleted file mode 100644 index 0b0ae319b183f220ff134ec8618ebba55b59bb96..0000000000000000000000000000000000000000 --- a/0003-kpatch-script-don-t-fail-if-module-already-loaded-en.patch +++ /dev/null @@ -1,77 +0,0 @@ -From 1d2dffec7a6fad4a8daed9340cd42aada856d03f Mon Sep 17 00:00:00 2001 -From: Joe Lawrence -Date: Wed, 19 Jun 2019 15:29:43 -0400 -Subject: [PATCH] kpatch script: don't fail if module already loaded+enabled - -For "kpatch load" invocations, don't set failing return status if the -kpatch module is already loaded and enabled. Make note of the existing -livepatch module and then verify that is has completed its transition -before continuing. This allows the user to more gracefully re-run -"kpatch load" commands to pick up new kpatch modules. - -Fixes: #979 -Signed-off-by: Joe Lawrence ---- - kpatch/kpatch | 44 ++++++++++++++++++++++---------------------- - 1 file changed, 22 insertions(+), 22 deletions(-) - -diff --git a/kpatch/kpatch b/kpatch/kpatch -index 328f1197259d..8ea6c80ca2d3 100755 ---- a/kpatch/kpatch -+++ b/kpatch/kpatch -@@ -314,30 +314,30 @@ load_module () { - die "error: cannot re-enable patch module $modname, cannot verify checksum match" - fi - else -- die "error: module named $modname already loaded and enabled" -+ echo "module named $modname already loaded and enabled" - fi -- fi -+ else -+ echo "loading patch module: $module" -+ local i=0 -+ while true; do -+ out="$(LC_ALL=C insmod "$module" 2>&1)" -+ [[ -z "$out" ]] && break -+ echo "$out" 1>&2 -+ [[ ! "$out" =~ "Device or resource busy" ]] && -+ die "failed to load module $module" - -- echo "loading patch module: $module" -- local i=0 -- while true; do -- out="$(LC_ALL=C insmod "$module" 2>&1)" -- [[ -z "$out" ]] && break -- echo "$out" 1>&2 -- [[ ! "$out" =~ "Device or resource busy" ]] && -- die "failed to load module $module" -- -- # "Device or resource busy" means the activeness safety check -- # failed. Retry in a few seconds. -- i=$((i+1)) -- if [[ $i -eq $MAX_LOAD_ATTEMPTS ]]; then -- die "failed to load module $module" -- break -- else -- warn "retrying..." -- sleep $RETRY_INTERVAL -- fi -- done -+ # "Device or resource busy" means the activeness safety check -+ # failed. Retry in a few seconds. -+ i=$((i+1)) -+ if [[ $i -eq $MAX_LOAD_ATTEMPTS ]]; then -+ die "failed to load module $module" -+ break -+ else -+ warn "retrying..." -+ sleep $RETRY_INTERVAL -+ fi -+ done -+ fi - - if ! wait_for_patch_transition "$modname" ; then - echo "module $modname did not complete its transition, unloading..." --- -2.21.0 - diff --git a/0005-Fix-livepatch-enabled-kernel-detection-in-kpatch-scr.patch b/0005-Fix-livepatch-enabled-kernel-detection-in-kpatch-scr.patch deleted file mode 100644 index 1ec00a49ffe3318a988817d1487657c24829488c..0000000000000000000000000000000000000000 --- a/0005-Fix-livepatch-enabled-kernel-detection-in-kpatch-scr.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 54c3d6d8fef188da10a5040c9cc841f35e01bfbf Mon Sep 17 00:00:00 2001 -From: Artem Savkov -Date: Tue, 7 May 2019 14:12:38 +0200 -Subject: [PATCH] Fix livepatch-enabled kernel detection in kpatch script - -We can no longer use klp_register_patch symbol to determine if the -kernel is livepatch-enabled. Use klp_enable_patch instead. - -Signed-off-by: Artem Savkov ---- - kpatch/kpatch | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/kpatch/kpatch b/kpatch/kpatch -index 1d9f90c..bdceff1 100755 ---- a/kpatch/kpatch -+++ b/kpatch/kpatch -@@ -126,7 +126,7 @@ find_core_module() { - } - - core_loaded () { -- grep -q -e "T klp_register_patch" -e "T kpatch_register" /proc/kallsyms -+ grep -q -e "T klp_enable_patch" -e "T kpatch_register" /proc/kallsyms - } - - get_module_name () { --- -2.21.0 - diff --git a/0200-Makefile-set-install-permission-modes.patch b/0200-Makefile-set-install-permission-modes.patch new file mode 100755 index 0000000000000000000000000000000000000000..aecd2254d8f0256d7de444bc3c35d65c99ba72f4 --- /dev/null +++ b/0200-Makefile-set-install-permission-modes.patch @@ -0,0 +1,39 @@ +From 73f6d5cdb2a4ce78cec6f49517116a3c7616f393 Mon Sep 17 00:00:00 2001 +From: Joe Lawrence +Date: Thu, 12 Nov 2020 15:15:47 -0500 +Subject: [PATCH] Makefile: set install permission modes + +By default, the install command will apply rwxr-xr-x permissions (how +intuitive). Give the command expected file modes to avoid rpmbuild +complaints like this: + + *** WARNING: ./usr/lib/python3.9/site-packages/dnf-plugins/kpatch.py is executable but has no shebang, removing executable bit + *** WARNING: ./etc/dnf/plugins/kpatch.conf is executable but has no shebang, removing executable bit + +Signed-off-by: Joe Lawrence +--- + Makefile | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/Makefile b/Makefile +index fb92d06..77c8eb5 100644 +--- a/Makefile ++++ b/Makefile +@@ -23,11 +23,11 @@ all: $(TARGETS) + + install: $(TARGETS) + install -d $(MANDIR) +- install man/dnf.kpatch.8.gz $(MANDIR) ++ install -m 644 man/dnf.kpatch.8.gz $(MANDIR) + install -d $(CONFDIR) +- install conf/kpatch.conf $(CONFDIR) ++ install -m 644 conf/kpatch.conf $(CONFDIR) + install -d $(DNFPLUGINDIR) +- install kpatch.py $(DNFPLUGINDIR) ++ install -m 644 kpatch.py $(DNFPLUGINDIR) + + %.gz: % + gzip --keep $^ +-- +2.25.4 + diff --git a/kpatch-dnf-v0.2.tar.gz b/kpatch-dnf-v0.2.tar.gz new file mode 100755 index 0000000000000000000000000000000000000000..2713efd449c4b01d46c58d391f4e646f665cd843 Binary files /dev/null and b/kpatch-dnf-v0.2.tar.gz differ diff --git a/kpatch.spec b/kpatch.spec old mode 100644 new mode 100755 index dd764a9b143454d073f29c7b5601b1a1c5187eb7..76ed231a8c3bc62db1e47df3f0224f7b115a683f --- a/kpatch.spec +++ b/kpatch.spec @@ -1,18 +1,16 @@ -%define alicloud_base_release 1 Name: kpatch -Version: 0.6.1 -Release: 6.%{alicloud_base_release}%{?dist} +Version: 0.9.5 +Release: 1%{?dist} Summary: Dynamic kernel patch manager Group: System Environment/Kernel License: GPLv2 URL: https://github.com/dynup/kpatch Source0: https://github.com/dynup/kpatch/archive/v%{version}.tar.gz + +# RHEL-only Patch0: 0001-contrib-disable-upstart-kpatch.conf-install.patch -Patch1: 0002-contrib-service-don-t-unload-modules-on-stop.patch -Patch2: 0003-kpatch-script-don-t-fail-if-module-already-loaded-en.patch -Patch3: 0004-kpatch-clarify-unload-unsupport.patch -Patch4: 0005-Fix-livepatch-enabled-kernel-detection-in-kpatch-scr.patch +Patch1: 0002-kpatch-clarify-unload-unsupport.patch Requires: bash kmod binutils @@ -29,9 +27,6 @@ patch the kernel without rebooting. %setup -q %patch0 -p1 %patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 %build @@ -52,26 +47,49 @@ rm -f %{buildroot}/usr/share/man/man1/kpatch-build.1.gz %changelog -* Tue May 12 2020 Wei Liu - 0.6.1-6.1 -- Rebuild for Alibaba Cloud Linux +* Wed Feb 16 2022 Weitao Zhou 0.9.5-1 +- update to 0.9.5 + +* Mon Mar 15 2021 Artem Savkov 0.9.2-5 +- Cleanup /var/lib/kpatch directory on uninstall (rhbz#1930108) + +* Thu Mar 11 2021 Joe Lawrence 0.9.2-4 +- Fix kpatch-dnf package description typos (rhbz#1934293) + +* Mon Jan 04 2021 Julien Thierry 0.9.2-3 +- Remove kpatch-dnf dependency on python3 (rhbz#1912224) -* Tue Sep 17 2019 Artem Savkov 0.6.1-6 -- fix patch loading issue caused by recent kernel rebase (rhbz#1752698) +* Fri Nov 20 2020 Julien Thierry 0.9.2-2 +- Fix unload issue under stress (rhbz#1883238) +- Fix dnf-kpatch man file permissions (rhbz#1899341) +- Do not replace dnf kpatch configuration file when reinstalling (rhbz#1898191) + +* Thu Sep 24 2020 Julien Thierry 0.9.2-1 +- Add kpatch-dnf subpackage (rhbz#1798711) + +* Thu Sep 24 2020 Julien Thierry 0.9.2-1 +- update to 0.9.2 (rhbz#1877857) + +* Tue Oct 22 2019 Yannick Cote 0.6.1-6 +- fix patch loading issue caused by recent kernel rebase (rhbz#1754679) * Wed Aug 28 2019 Joe Lawrence 0.6.1-5 - kpatch: clarify that "kpatch unload" isn't supported (rhbz#1746461) -* Sun Jun 23 2019 Joe Lawrence 0.6.1-3 -- Rebuild with correct RHEL-7.7 bugzilla number (rhbz#1719309) +* Sun Jun 23 2019 Joe Lawrence 0.6.1-4 +- kpatch script: don't fail if module already loaded+enabled (rhbz#1719305) + +* Wed Jun 12 2019 Joe Lawrence 0.6.1-3 +- kpatch: patches shouldn't be unloaded on system shutdown (rhbz#1719305) -* Sun Jun 23 2019 Joe Lawrence 0.6.1-3 -- kpatch script: don't fail if module already loaded+enabled (rhbz#1719309) +* Wed Jun 5 2019 Josh Poimboeuf 0.6.1-2 +- CI gating test (rhbz#1717417) -* Wed Jun 12 2019 Joe Lawrence 0.6.1-2 -- kpatch: patches shouldn't be unloaded on system shutdown (rhbz#1719309) +* Tue Aug 14 2018 Joe Lawrence 0.6.1-1 +- update to 0.6.1 (rhbz#1615880) -* Thu Jun 21 2018 Joe Lawrence 0.6.1-1 -- update to 0.6.1 (rhbz#1562976) +* Mon Aug 13 2018 Troy Dawson - 0.4.0-4 +- Release Bumped for el8 Mass Rebuild * Thu Nov 16 2017 Joe Lawrence 0.4.0-3 - kpatch: better livepatch module support (rhbz#1504066) diff --git a/v0.6.1.tar.gz b/v0.6.1.tar.gz deleted file mode 100644 index 1be0f4a14e1005da8570ce9ceec88eb43f99ea40..0000000000000000000000000000000000000000 Binary files a/v0.6.1.tar.gz and /dev/null differ diff --git a/v0.9.5.tar.gz b/v0.9.5.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..866cbbbded222463ce497f56cc14691de85130f6 Binary files /dev/null and b/v0.9.5.tar.gz differ