diff --git a/SOURCES/0002-contrib-service-don-t-unload-modules-on-stop.patch b/SOURCES/0002-contrib-service-don-t-unload-modules-on-stop.patch new file mode 100644 index 0000000..559b00f --- /dev/null +++ b/SOURCES/0002-contrib-service-don-t-unload-modules-on-stop.patch @@ -0,0 +1,31 @@ +From 8909e63c54adb34a0324200f99c63fcd7db5cbc5 Mon Sep 17 00:00:00 2001 +From: Joe Lawrence +Date: Mon, 10 Jun 2019 16:55:54 -0400 +Subject: [PATCH] contrib/service: don't unload modules on stop + +The kpatch.service file shouldn't unload patch modules on service stop +(this is also executed by systemd on reboot). Patch modules may not be +designed to be safely unloaded and/or may patch kernel routines that +need to continue to run throughout system bring down. + +Suggested-by: disaster123 +Signed-off-by: Joe Lawrence +--- + contrib/kpatch.service | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/contrib/kpatch.service b/contrib/kpatch.service +index 5286f6c929e0..cf13f40105d9 100644 +--- a/contrib/kpatch.service ++++ b/contrib/kpatch.service +@@ -6,7 +6,6 @@ ConditionKernelCommandLine=!kpatch.enable=0 + Type=oneshot + RemainAfterExit=yes + ExecStart=PREFIX/sbin/kpatch load --all +-ExecStop=PREFIX/sbin/kpatch unload --all + + [Install] + WantedBy=multi-user.target +-- +2.21.0 + diff --git a/SOURCES/0003-kpatch-script-don-t-fail-if-module-already-loaded-en.patch b/SOURCES/0003-kpatch-script-don-t-fail-if-module-already-loaded-en.patch new file mode 100644 index 0000000..0b0ae31 --- /dev/null +++ b/SOURCES/0003-kpatch-script-don-t-fail-if-module-already-loaded-en.patch @@ -0,0 +1,77 @@ +From 1d2dffec7a6fad4a8daed9340cd42aada856d03f Mon Sep 17 00:00:00 2001 +From: Joe Lawrence +Date: Wed, 19 Jun 2019 15:29:43 -0400 +Subject: [PATCH] kpatch script: don't fail if module already loaded+enabled + +For "kpatch load" invocations, don't set failing return status if the +kpatch module is already loaded and enabled. Make note of the existing +livepatch module and then verify that is has completed its transition +before continuing. This allows the user to more gracefully re-run +"kpatch load" commands to pick up new kpatch modules. + +Fixes: #979 +Signed-off-by: Joe Lawrence +--- + kpatch/kpatch | 44 ++++++++++++++++++++++---------------------- + 1 file changed, 22 insertions(+), 22 deletions(-) + +diff --git a/kpatch/kpatch b/kpatch/kpatch +index 328f1197259d..8ea6c80ca2d3 100755 +--- a/kpatch/kpatch ++++ b/kpatch/kpatch +@@ -314,30 +314,30 @@ load_module () { + die "error: cannot re-enable patch module $modname, cannot verify checksum match" + fi + else +- die "error: module named $modname already loaded and enabled" ++ echo "module named $modname already loaded and enabled" + fi +- fi ++ else ++ echo "loading patch module: $module" ++ local i=0 ++ while true; do ++ out="$(LC_ALL=C insmod "$module" 2>&1)" ++ [[ -z "$out" ]] && break ++ echo "$out" 1>&2 ++ [[ ! "$out" =~ "Device or resource busy" ]] && ++ die "failed to load module $module" + +- echo "loading patch module: $module" +- local i=0 +- while true; do +- out="$(LC_ALL=C insmod "$module" 2>&1)" +- [[ -z "$out" ]] && break +- echo "$out" 1>&2 +- [[ ! "$out" =~ "Device or resource busy" ]] && +- die "failed to load module $module" +- +- # "Device or resource busy" means the activeness safety check +- # failed. Retry in a few seconds. +- i=$((i+1)) +- if [[ $i -eq $MAX_LOAD_ATTEMPTS ]]; then +- die "failed to load module $module" +- break +- else +- warn "retrying..." +- sleep $RETRY_INTERVAL +- fi +- done ++ # "Device or resource busy" means the activeness safety check ++ # failed. Retry in a few seconds. ++ i=$((i+1)) ++ if [[ $i -eq $MAX_LOAD_ATTEMPTS ]]; then ++ die "failed to load module $module" ++ break ++ else ++ warn "retrying..." ++ sleep $RETRY_INTERVAL ++ fi ++ done ++ fi + + if ! wait_for_patch_transition "$modname" ; then + echo "module $modname did not complete its transition, unloading..." +-- +2.21.0 + diff --git a/SPECS/kpatch.spec b/SPECS/kpatch.spec index a0f29ef..63c6a14 100644 --- a/SPECS/kpatch.spec +++ b/SPECS/kpatch.spec @@ -1,6 +1,6 @@ Name: kpatch Version: 0.6.1 -Release: 1%{?dist} +Release: 4%{?dist} Summary: Dynamic kernel patch manager Group: System Environment/Kernel @@ -8,6 +8,8 @@ License: GPLv2 URL: https://github.com/dynup/kpatch Source0: https://github.com/dynup/kpatch/archive/v%{version}.tar.gz Patch0: 0001-contrib-disable-upstart-kpatch.conf-install.patch +Patch1: 0002-contrib-service-don-t-unload-modules-on-stop.patch +Patch2: 0003-kpatch-script-don-t-fail-if-module-already-loaded-en.patch Requires: bash kmod binutils @@ -23,6 +25,8 @@ patch the kernel without rebooting. %prep %setup -q %patch0 -p1 +%patch1 -p1 +%patch2 -p1 %build @@ -43,6 +47,15 @@ rm -f %{buildroot}/usr/share/man/man1/kpatch-build.1.gz %changelog +* Sun Jun 23 2019 Joe Lawrence 0.6.1-3 +- Rebuild with correct RHEL-7.7 bugzilla number (rhbz#1719309) + +* Sun Jun 23 2019 Joe Lawrence 0.6.1-3 +- kpatch script: don't fail if module already loaded+enabled (rhbz#1719309) + +* Wed Jun 12 2019 Joe Lawrence 0.6.1-2 +- kpatch: patches shouldn't be unloaded on system shutdown (rhbz#1719309) + * Thu Jun 21 2018 Joe Lawrence 0.6.1-1 - update to 0.6.1 (rhbz#1562976)