diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..40d972e --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +SOURCES/kpatch-dnf-v0.3.tar.gz +SOURCES/v0.9.3.tar.gz diff --git a/.kpatch.metadata b/.kpatch.metadata new file mode 100644 index 0000000..d994ee3 --- /dev/null +++ b/.kpatch.metadata @@ -0,0 +1,2 @@ +6e905f1a910777a0a5f7a41d22331f6508cbd260 SOURCES/kpatch-dnf-v0.3.tar.gz +2b781cf5acd4869510950696e610b747ed508913 SOURCES/v0.9.3.tar.gz diff --git a/SOURCES/0001-contrib-disable-upstart-kpatch.conf-install.patch b/SOURCES/0001-contrib-disable-upstart-kpatch.conf-install.patch new file mode 100644 index 0000000..44eb5b4 --- /dev/null +++ b/SOURCES/0001-contrib-disable-upstart-kpatch.conf-install.patch @@ -0,0 +1,46 @@ +From f056d60fb309896a52882fd3fc10fb5305f5a47e Mon Sep 17 00:00:00 2001 +From: Joe Lawrence +Date: Thu, 21 Jun 2018 15:40:20 -0400 +Subject: [PATCH] contrib: disable upstart kpatch.conf install + +Do not install the upstart configuration file to avoid this rhpkg +build complaint: + + Checking for unpackaged file(s): /usr/lib/rpm/check-files /builddir/build/BUILDROOT/kpatch-0.6.1-1.el7.noarch + error: Installed (but unpackaged) file(s) found: + /etc/init/kpatch.conf + Installed (but unpackaged) file(s) found: + /etc/init/kpatch.conf + +We'll need to think of a better way to do this upstream, but for now, +just skip the unneeded file on RHEL. + +Signed-off-by: Joe Lawrence +--- + contrib/Makefile | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/contrib/Makefile b/contrib/Makefile +index 0b0eeeb23a56..e873f27d6eae 100644 +--- a/contrib/Makefile ++++ b/contrib/Makefile +@@ -6,12 +6,12 @@ install: all + $(INSTALL) -d $(SYSTEMDDIR) + $(INSTALL) -m 0644 kpatch.service $(SYSTEMDDIR) + sed -i 's~PREFIX~$(PREFIX)~' $(SYSTEMDDIR)/kpatch.service +- $(INSTALL) -d $(UPSTARTDIR) +- $(INSTALL) -m 0644 kpatch.conf $(UPSTARTDIR) +- sed -i 's~PREFIX~$(PREFIX)~' $(UPSTARTDIR)/kpatch.conf ++# $(INSTALL) -d $(UPSTARTDIR) ++# $(INSTALL) -m 0644 kpatch.conf $(UPSTARTDIR) ++# sed -i 's~PREFIX~$(PREFIX)~' $(UPSTARTDIR)/kpatch.conf + + uninstall: + $(RM) $(SYSTEMDDIR)/kpatch.service +- $(RM) $(UPSTARTDIR)/kpatch.conf ++# $(RM) $(UPSTARTDIR)/kpatch.conf + + clean: +-- +1.8.3.1 + diff --git a/SOURCES/0002-kpatch-clarify-unload-unsupport.patch b/SOURCES/0002-kpatch-clarify-unload-unsupport.patch new file mode 100644 index 0000000..b1c0d2d --- /dev/null +++ b/SOURCES/0002-kpatch-clarify-unload-unsupport.patch @@ -0,0 +1,78 @@ +kpatch: clarify that "kpatch unload" isn't supported + +Add a user-prompt to the kpatch unload subcommand and make a similiar +mention in the manual page. + +Provide an undocumented force option so that QE and dev scripts can +still run unload kpatch modules from scripts. + +RHEL-only. + +Signed-off-by: Joe Lawrence +diff -Nupr kpatch-0.6.1.old/kpatch/kpatch kpatch-0.6.1/kpatch/kpatch +--- kpatch-0.9.2.old/kpatch/kpatch 2019-08-28 10:35:01.191259434 -0400 ++++ kpatch-0.9.2/kpatch/kpatch 2019-08-28 16:11:13.067926576 -0400 +@@ -49,8 +49,8 @@ usage () { + echo >&2 + usage_cmd "load --all" "load all installed patch modules into the running kernel" + usage_cmd "load " "load patch module into the running kernel" +- usage_cmd "unload --all" "unload all patch modules from the running kernel" +- usage_cmd "unload " "unload patch module from the running kernel" ++ usage_cmd "unload --all (UNSUPPORTED)" "unload all patch modules from the running kernel" ++ usage_cmd "unload (UNSUPPORTED)" "unload patch module from the running kernel" + echo >&2 + usage_cmd "info " "show information about a patch module" + echo >&2 +@@ -71,6 +71,16 @@ die() { + exit 1 + } + ++confirm_prompt() { ++ local prompt="$1" ++ local answer ++ while true; do ++ read -rp "$prompt [Y/N] " answer ++ [[ $answer == 'Y' || $answer == 'y' ]] && return 0 ++ [[ $answer == 'N' || $answer == 'n' ]] && return 1 ++ done ++} ++ + __find_module () { + MODULE="$1" + [[ -f "$MODULE" ]] && return +@@ -406,6 +416,19 @@ unset MODULE + init_sysfs_var + + [[ "$#" -lt 1 ]] && usage ++ ++# RHEL-specific support options ++case "$1" in ++"force") ++ # For scripting purposes, support "kpatch force unload". ++ # Shift out the "force" to avoid the user-prompt check below. ++ shift ++ ;; ++"unload") ++ confirm_prompt "WARNING: Red Hat doesn't support unloading of kpatches, continue anyway?" || exit 1 ++ ;; ++esac ++ + case "$1" in + "load") + [[ "$#" -ne 2 ]] && usage +diff -Nupr kpatch-0.6.1.old/man/kpatch.1 kpatch-0.6.1/man/kpatch.1 +--- kpatch-0.9.2.old/man/kpatch.1 2019-08-28 10:35:01.191259434 -0400 ++++ kpatch-0.9.2/man/kpatch.1 2019-08-28 14:51:23.268198897 -0400 +@@ -23,10 +23,10 @@ load --all + load + load patch module into the running kernel + +-unload --all ++unload --all (UNSUPPORTED) + unload all patch modules from the running kernel + +-unload ++unload (UNSUPPORTED) + unload patch module from the running kernel + + info diff --git a/SOURCES/0100-kpatch-Sync-signal-subcmd-usage-output-with-manpage.patch b/SOURCES/0100-kpatch-Sync-signal-subcmd-usage-output-with-manpage.patch new file mode 100644 index 0000000..e1941ba --- /dev/null +++ b/SOURCES/0100-kpatch-Sync-signal-subcmd-usage-output-with-manpage.patch @@ -0,0 +1,37 @@ +From 17539e71e7ac112f04d5e34aa2644b41be39926d Mon Sep 17 00:00:00 2001 +From: Joel Savitz +Date: Mon, 7 Jun 2021 16:26:00 -0400 +Subject: [PATCH] kpatch: Sync signal subcmd usage output with manpage + +Fixes: 1188 + +Signed-off-by: Joel Savitz +--- + kpatch/kpatch | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/kpatch/kpatch b/kpatch/kpatch +index da538069c014..4e46b124e492 100755 +--- a/kpatch/kpatch ++++ b/kpatch/kpatch +@@ -36,7 +36,7 @@ MAX_LOAD_ATTEMPTS=5 + RETRY_INTERVAL=2 + + usage_cmd() { +- printf ' %-20s\n %s\n' "$1" "$2" >&2 ++ printf ' %-20s\n%s\n' "$1" "$(fmt -w 80 <(echo " $2"))" >&2 + } + + usage () { +@@ -57,7 +57,7 @@ usage () { + echo >&2 + usage_cmd "list" "list installed patch modules" + echo >&2 +- usage_cmd "signal" "signal/poke any process stalling the current patch transition" ++ usage_cmd "signal" "signal/poke any process stalling the current patch transition. This is only useful on systems that have the sysfs livepatch signal interface. On other systems, the signaling should be done automatically by the OS and this subcommand is a no-op." + echo >&2 + usage_cmd "version" "display the kpatch version" + exit 1 +-- +2.26.3 + diff --git a/SPECS/kpatch.spec b/SPECS/kpatch.spec new file mode 100644 index 0000000..78432be --- /dev/null +++ b/SPECS/kpatch.spec @@ -0,0 +1,111 @@ +%define kpatch_dnf_ver 0.3 + +Name: kpatch +Version: 0.9.3 +Release: 3%{?dist} +Summary: Dynamic kernel patch manager + +Group: System Environment/Kernel +License: GPLv2 +URL: https://github.com/dynup/kpatch +Source0: https://github.com/dynup/kpatch/archive/v%{version}.tar.gz +Source1: kpatch-dnf-v%{kpatch_dnf_ver}.tar.gz + +# RHEL-only +Patch0: 0001-contrib-disable-upstart-kpatch.conf-install.patch +Patch1: 0002-kpatch-clarify-unload-unsupport.patch + +# Upstream backports (inactive -- for future reference) +Patch100: 0100-kpatch-Sync-signal-subcmd-usage-output-with-manpage.patch + +# kpatch-dnf backports (inactive -- for future reference) +#Patch200: 0200-foo-bar-etcetera.patch + +Requires: bash kmod binutils +Recommends: kpatch-dnf + +BuildArch: noarch + + +%description +kpatch is a live kernel patch module manager. It allows the user to manage +a collection of binary kernel patch modules which can be used to dynamically +patch the kernel without rebooting. + + +%package -n kpatch-dnf +Summary: kpatch-patch manager plugin for DNF +Version: %kpatch_dnf_ver +BuildRequires: python3-devel python3-dnf +Requires: python3-dnf python3-hawkey +Provides: kpatch-dnf + +%description -n kpatch-dnf +kpatch-dnf is a DNF plugin that manages subscription to kpatch-patch updates. +When enabled, kernel packages are automatically subscribed to corresponding +kpatch-patch packages updates. + +%prep +%setup -q +%patch0 -p1 +%patch1 -p1 +# Use this to apply upstream patches to kpatch +%patch100 -p1 + +%setup -D -T -a 1 + +# Use this to apply patches to kpatch-dnf (inactive) +#cd kpatch-dnf-%{kpatch_dnf_ver} +#%patch200 -p1 +#cd .. + +%build +make -C man + +make -C kpatch-dnf-%{kpatch_dnf_ver} + +%install +make install PREFIX=/usr DESTDIR=%{buildroot} -C kpatch +make install PREFIX=/usr DESTDIR=%{buildroot} -C man +make install PREFIX=/usr DESTDIR=%{buildroot} -C contrib +rm -f %{buildroot}/usr/share/man/man1/kpatch-build.1.gz + +make install PREFIX=/usr DESTDIR=%{buildroot} PYTHONSITES=%{python3_sitelib} -C kpatch-dnf-%{kpatch_dnf_ver} + +%files +%{_sbindir}/kpatch +%{_usr}/lib/systemd/system/kpatch.service +%doc %{_mandir}/man1/kpatch.1.gz + +%files -n kpatch-dnf +%{python3_sitelib}/dnf-plugins/kpatch.py +%{python3_sitelib}/dnf-plugins/__pycache__ +%config(noreplace) %{_sysconfdir}/dnf/plugins/kpatch.conf +%doc %{_mandir}/man8/dnf.kpatch.8.gz + +%post -n kpatch-dnf +echo "To enable automatic kpatch-patch subscription, run:" +echo -e "\t$ dnf kpatch auto" + +%changelog +* Mon Aug 09 2021 Mohan Boddu - 0.9.3-3 +- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags + Related: rhbz#1991688 + +* Thu Jun 10 2021 Joe Lawrence - 0.9.3-2 +- Rebase to latest upstream (via backport patch) + +* Tue May 18 2021 Joel Savitz - 0.9.3-1 +- Rebase to latest upstream + +* Fri Apr 16 2021 Mohan Boddu - 0.9.2-5 +- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 + +* Fri Mar 05 2021 Joe Lawrence 0.9.2-4 +- Fix kpatch-dnf package description typos (rhbz#1934292) + +* Mon Jan 04 2021 Julien Thierry 0.9.2-2 +- Remove kpatch-dnf dependency on python3 (rhbz#1912457) + +* Wed Dec 2 2020 Joe Lawrence 0.9.2-1 +- initial kpatch utility build for rhel-9.0.0 (rhbz#1901593)