nxt5656 / rpms / kernel

Forked from rpms/kernel 4 years ago
Clone

00d168 debrand kernel-3.10.0-327.4.5.el7

Authored and Committed by centosrcm 9 years ago
    debrand kernel-3.10.0-327.4.5.el7
    
        
file modified
+3 -0
.gitignore CHANGED
@@ -2,3 +2,6 @@ SOURCES/kernel-abi-whitelists-327.tar.bz2
2
2
SOURCES/linux-3.10.0-327.4.5.el7.tar.xz
3
3
SOURCES/rheldup3.x509
4
4
SOURCES/rhelkpatch1.x509
5
+ SOURCES/centos-kpatch.x509
6
+ SOURCES/centos-ldup.x509
7
+ SOURCES/centos.cer
file modified
+3 -0
.kernel.metadata CHANGED
@@ -2,3 +2,6 @@
2
2
39e3921cdb55f114db6ea6b967961d5fcfd1c018 SOURCES/linux-3.10.0-327.4.5.el7.tar.xz
3
3
95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509
4
4
d90885108d225a234a5a9d054fc80893a5bd54d0 SOURCES/rhelkpatch1.x509
5
+ 5a7d05a8298cf38d43689470e8e43230d8add0f9 SOURCES/centos-kpatch.x509
6
+ c61172887746663d3bdd9acaa263cbfacf99e8b3 SOURCES/centos-ldup.x509
7
+ 6e9105eb51e55a46761838f289a917611cad8091 SOURCES/centos.cer
SOURCES/debrand-rh-i686-cpu.patch ADDED
@@ -0,0 +1,11 @@
1
+ --- a/arch/x86/boot/main.c 2014-06-04 10:05:04.000000000 -0700
2
+ +++ b/arch/x86/boot/main.c 2014-07-09 12:54:40.000000000 -0700
3
+ @@ -146,7 +146,7 @@ void main(void)
4
+
5
+ /* Make sure we have all the proper CPU support */
6
+ if (validate_cpu()) {
7
+ - puts("This processor is unsupported in RHEL7.\n");
8
+ + puts("This processor is unsupported in CentOS 7.\n");
9
+ die();
10
+ }
11
+
SOURCES/debrand-rh_taint.patch ADDED
@@ -0,0 +1,25 @@
1
+ From 69c0d42cfa26515196896dea086857c2caccb6eb Mon Sep 17 00:00:00 2001
2
+ From: Jim Perrin <jperrin@centos.org>
3
+ Date: Thu, 19 Jun 2014 10:05:12 -0500
4
+ Subject: [PATCH] branding patch for rh_taint
5
+
6
+ ---
7
+ kernel/rh_taint.c | 2 +-
8
+ 1 file changed, 1 insertion(+), 1 deletion(-)
9
+
10
+ diff --git a/kernel/rh_taint.c b/kernel/rh_taint.c
11
+ index 59a74b0..0708e15 100644
12
+ --- a/kernel/rh_taint.c
13
+ +++ b/kernel/rh_taint.c
14
+ @@ -8,7 +8,7 @@
15
+ void mark_hardware_unsupported(const char *msg)
16
+ {
17
+ /* Print one single message */
18
+ - pr_crit("Warning: %s - this hardware has not undergone testing by Red Hat and might not be certified. Please consult https://hardware.redhat.com for certified hardware.\n", msg);
19
+ + pr_crit("Warning: %s - this hardware has not undergone upstream testing. Please consult http://wiki.centos.org/FAQ for more information\n", msg);
20
+ }
21
+ EXPORT_SYMBOL(mark_hardware_unsupported);
22
+
23
+ --
24
+ 1.8.3.1
25
+
SOURCES/debrand-single-cpu.patch ADDED
@@ -0,0 +1,25 @@
1
+ From 66185f5c6f881847776702e3a7956c504400f4f2 Mon Sep 17 00:00:00 2001
2
+ From: Jim Perrin <jperrin@centos.org>
3
+ Date: Thu, 19 Jun 2014 09:53:13 -0500
4
+ Subject: [PATCH] branding patch for single-cpu systems
5
+
6
+ ---
7
+ arch/x86/kernel/setup.c | 2 +-
8
+ 1 file changed, 1 insertion(+), 1 deletion(-)
9
+
10
+ diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
11
+ index b289118..9d25982 100644
12
+ --- a/arch/x86/kernel/setup.c
13
+ +++ b/arch/x86/kernel/setup.c
14
+ @@ -846,7 +846,7 @@ static void rh_check_supported(void)
15
+ if (((boot_cpu_data.x86_max_cores * smp_num_siblings) == 1) &&
16
+ !x86_hyper && !cpu_has_hypervisor && !is_kdump_kernel()) {
17
+ pr_crit("Detected single cpu native boot.\n");
18
+ - pr_crit("Important: In Red Hat Enterprise Linux 7, single threaded, single CPU 64-bit physical systems are unsupported by Red Hat. Please contact your Red Hat support representative for a list of certified and supported systems.");
19
+ + pr_crit("Important: In CentOS 7, single threaded, single CPU 64-bit physical systems are unsupported. Please see http://wiki.centos.org/FAQ for more information");
20
+ }
21
+
22
+ /* The RHEL7 kernel does not support this hardware. The kernel will
23
+ --
24
+ 1.8.3.1
25
+
file modified
+3 -3
SOURCES/x509.genkey CHANGED
@@ -5,9 +5,9 @@ prompt = no
5
5
x509_extensions = myexts
6
6
7
7
[ req_distinguished_name ]
8
- O = Red Hat
9
- CN = Red Hat Enterprise Linux kernel signing key
10
- emailAddress = secalert@redhat.com
8
+ O = CentOS
9
+ CN = CentOS Linux kernel signing key
10
+ emailAddress = security@centos.org
11
11
12
12
[ myexts ]
13
13
basicConstraints=critical,CA:FALSE
file modified
+17 -8
SPECS/kernel.spec CHANGED
@@ -339,16 +339,16 @@ Source10: sign-modules
339
339
Source11: x509.genkey
340
340
Source12: extra_certificates
341
341
%if %{?released_kernel}
342
- Source13: securebootca.cer
342
+ Source13: centos.cer
343
343
Source14: secureboot.cer
344
344
%define pesign_name redhatsecureboot301
345
345
%else
346
- Source13: redhatsecurebootca2.cer
347
- Source14: redhatsecureboot003.cer
346
+ Source13: centos.cer
347
+ Source14: secureboot.cer
348
348
%define pesign_name redhatsecureboot003
349
349
%endif
350
- Source15: rheldup3.x509
351
- Source16: rhelkpatch1.x509
350
+ Source15: centos-ldup.x509
351
+ Source16: centos-kpatch.x509
352
352
353
353
Source18: check-kabi
354
354
@@ -377,6 +377,9 @@ Source2001: cpupower.config
377
377
378
378
# empty final patch to facilitate testing of kernel patches
379
379
Patch999999: linux-kernel-test.patch
380
+ Patch1000: debrand-single-cpu.patch
381
+ Patch1001: debrand-rh_taint.patch
382
+ Patch1002: debrand-rh-i686-cpu.patch
380
383
381
384
BuildRoot: %{_tmppath}/kernel-%{KVRA}-root
382
385
@@ -538,11 +541,11 @@ kernel-gcov includes the gcov graph and source files for gcov coverage collectio
538
541
%endif
539
542
540
543
%package -n kernel-abi-whitelists
541
- Summary: The Red Hat Enterprise Linux kernel ABI symbol whitelists
544
+ Summary: The CentOS Linux kernel ABI symbol whitelists
542
545
Group: System Environment/Kernel
543
546
AutoReqProv: no
544
547
%description -n kernel-abi-whitelists
545
- The kABI package contains information pertaining to the Red Hat Enterprise
548
+ The kABI package contains information pertaining to the CentOS
546
549
Linux kernel ABI, including lists of kernel symbols that are needed by
547
550
external Linux kernel modules, and a yum plugin to aid enforcement.
548
551
@@ -685,6 +688,9 @@ cd linux-%{KVRA}
685
688
cp $RPM_SOURCE_DIR/kernel-%{version}-*.config .
686
689
687
690
ApplyOptionalPatch linux-kernel-test.patch
691
+ ApplyOptionalPatch debrand-single-cpu.patch
692
+ ApplyOptionalPatch debrand-rh_taint.patch
693
+ ApplyOptionalPatch debrand-rh-i686-cpu.patch
688
694
689
695
# Any further pre-build tree manipulations happen here.
690
696
@@ -843,7 +849,7 @@ BuildKernel() {
843
849
fi
844
850
# EFI SecureBoot signing, x86_64-only
845
851
%ifarch x86_64
846
- %pesign -s -i $KernelImage -o $KernelImage.signed -a %{SOURCE13} -c %{SOURCE14} -n %{pesign_name}
852
+ %pesign -s -i $KernelImage -o $KernelImage.signed -a %{SOURCE13} -c %{SOURCE13}
847
853
mv $KernelImage.signed $KernelImage
848
854
%endif
849
855
$CopyKernel $KernelImage $RPM_BUILD_ROOT/%{image_install_path}/$InstallName-$KernelVer
@@ -1530,6 +1536,9 @@ fi
1530
1536
%kernel_variant_files %{with_kdump} kdump
1531
1537
1532
1538
%changelog
1539
+ * Mon Jan 25 2016 CentOS Sources <bugs@centos.org> - 3.10.0-327.4.5.el7
1540
+ - Apply debranding changes
1541
+
1533
1542
* Thu Jan 21 2016 Alexander Gordeev <agordeev@redhat.com> [3.10.0-327.4.5.el7]
1534
1543
- [security] keys: Fix keyring ref leak in join_session_keyring() (David Howells) [1298931 1298036] {CVE-2016-0728}
1535
1544