------------------------------------------------------------------- Fri Mar 19 16:06:58 CET 2021 - nstange@suse.de - Bump up the version number in spec file - commit 922d1dd ------------------------------------------------------------------- Tue Mar 16 14:59:22 CET 2021 - nstange@suse.de - Fix for CVE-2021-27365 ("iscsi_host_get_param() allows sysfs params larger than 4k") Live patch for CVE-2021-27365. Upstream commits ec98ea7070e9 ("scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE") and f9dbdf97a5bd ("scsi: iscsi: Verify lengths on passthrough PDUs"). KLP: CVE-2021-27365 References: bsc#1183491 CVE-2021-27365 - commit 6c5a2f7 ------------------------------------------------------------------- Tue Mar 9 09:44:40 CET 2021 - nstange@suse.de - Fix for CVE-2021-27363 + CVE-2021-27364 ("show_transport_handle() shows iSCSI transport handle to non-root users") Live patch for CVE-2021-27363 and CVE-2021-27364. Upstream commit 688e8128b7a9 ("scsi: iscsi: Restrict sessions and handles to admin capabilities"). KLP: CVE-2021-27363 CVE-2021-27364 References: bsc#1183120 CVE-2021-27363 CVE-2021-27364 - commit 21e9c07 ------------------------------------------------------------------- Wed Mar 3 09:11:50 CET 2021 - nstange@suse.de - Bump up the version number in spec file - commit 7bf0844 ------------------------------------------------------------------- Mon Feb 15 15:53:39 CET 2021 - nstange@suse.de - Fix for CVE-2021-3347 ("UAF in futex") Live patch for CVE-2021-3347. Upstream commits 12bb3f7f1b03 ("futex: Ensure the correct return value from futex_lock_pi()") 04b79c55201f ("futex: Replace pointless printk in fixup_owner()") c5cade200ab9 ("futex: Provide and use pi_state_update_owner()") 2156ac193416 ("rtmutex: Remove unused argument from rt_mutex_proxy_unlock()") 6ccc84f917d3 ("futex: Use pi_state_update_owner() in put_pi_state()") f2dac39d9398 ("futex: Simplify fixup_pi_state_owner()") 34b1a1ce1458 ("futex: Handle faults correctly for PI futexes") KLP: CVE-2021-3347 References: bsc#1181553 CVE-2021-3347 - commit 10bbbe2 ------------------------------------------------------------------- Wed Feb 3 11:09:08 CET 2021 - nstange@suse.de - Fix for CVE-2020-27786 ("use-after-free in kernel midi subsystem snd_rawmidi_kernel_read1()") Live patch for CVE-2020-27786. Upstream commit c1f6e3c818dd ("ALSA: rawmidi: Fix racy buffer resize under concurrent accesses"). KLP: CVE-2020-27786 References: bsc#1179616 CVE-2020-27786 - commit 67b5ca7 ------------------------------------------------------------------- Mon Feb 1 10:48:39 CET 2021 - nstange@suse.de - Fix for CVE-2020-28374 ("LIO security issue") Live patch for CVE-2020-28374. Upstream commit 2896c93811e3 ("scsi: target: Fix XCOPY NAA identifier lookup"). KLP: CVE-2020-28374 References: bsc#1178684 CVE-2020-28374 - commit cc14654 ------------------------------------------------------------------- Thu Jan 28 15:55:24 CET 2021 - nstange@suse.de - Bump up the version number in spec file - commit 8d54798 ------------------------------------------------------------------- Mon Jan 18 10:20:01 CET 2021 - nstange@suse.de - Fix for CVE-2020-36158 ("RCE via a long SSID value in mwifiex_cmd_802_11_ad_hoc_start marvell/mwifiex/join.c") Live patch for CVE-2020-36158. Upstream commit 5c455c5ab332 ("mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start"). KLP: CVE-2020-36158 References: bsc#1180562 CVE-2020-36158 - commit c0db70a ------------------------------------------------------------------- Thu Jan 14 15:03:42 CET 2021 - nstange@suse.de - Fix for CVE-2020-0465 ("In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check.") Live patch for CVE-2020-0465. Upstream commit 35556bed836f ("HID: core: Sanitize event code and type when mapping input"). KLP: CVE-2020-0465 References: bsc#1180030 CVE-2020-0465 - commit 0746b3c ------------------------------------------------------------------- Tue Jan 12 12:50:23 CET 2021 - nstange@suse.de - Fix for CVE-2020-0466 ("In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error.") Live patch for CVE-2020-0466. Upstream commits a9ed4a6560b8 ("epoll: Keep a reference on files added to the check list"), 52c479697c9b ("do_epoll_ctl(): clean the failure exits up a bit"), 77f4689de17c ('fix regression in "epoll: Keep a reference on files added to the check list"'). KLP: CVE-2020-0466 References: bsc#1180032 CVE-2020-0466 - commit 4854026 ------------------------------------------------------------------- Thu Jan 7 13:15:52 CET 2021 - nstange@suse.de - Fix for CVE-2020-29569 ("Use after free triggered by block frontend in Linux blkback (XSA-350 v3)") Live patch for CVE-2020-29569. Upstream commit 1c728719a4da ("xen-blkback: set ring->xenblkd to NULL after kthread_stop()"). KLP: CVE-2020-29569 References: bsc#1180008 CVE-2020-29569 - commit 7f77404 ------------------------------------------------------------------- Wed Jan 6 11:13:29 CET 2021 - nstange@suse.de - Fix for CVE-2020-29660, CVE-2020-29661 ("[tty] hole/race in pgrp & session handling") Live patch for CVE-2020-29660 and CVE-2020-29661. Upstream commits 54ffccbf053b ("tty: Fix ->pgrp locking in tiocspgrp()") and c8bcd9c5be24 ("tty: Fix ->session locking"). KLP: CVE-2020-29660 CVE-2020-29661 References: bsc#1179877 CVE-2020-29660 CVE-2020-29661 - commit 6853e2c ------------------------------------------------------------------- Fri Nov 27 19:01:29 CET 2020 - nstange@suse.de - Bump up the version number in spec file - commit 3d65e02 ------------------------------------------------------------------- Fri Nov 20 14:23:42 CET 2020 - nstange@suse.de - Fix for CVE-2020-25668 ("concurrency use-after-free in con_font_op") Live patch for CVE-2020-25668. Upstream commit 90bfdeef83f1 ("tty: make FONTX ioctl use the tty pointer they were actually passed"). KLP: CVE-2020-25668 References: bsc#1178622 CVE-2020-25668 - commit 829dacb ------------------------------------------------------------------- Fri Nov 20 10:44:48 CET 2020 - nstange@suse.de - Fix for CVE-2020-8694 ("Intel RAPL sidechannel aka PLATYPUS attack") Live patch for CVE-2020-8694. Upstream commit 949dd0104c49 ("powercap: restrict energy meter to root access"). KLP: CVE-2020-8694 References: bsc#1178700 CVE-2020-8694 - commit d91bda1 ------------------------------------------------------------------- Wed Nov 18 15:52:55 CET 2020 - nstange@suse.de - Fix for CVE-2020-25705 ("New vulnerabilities in ICMP rate limiting") Live patch for CVE-2020-25705. Upstream commit b38e7819cae9 ("icmp: randomize the global rate limiter"). KLP: CVE-2020-25705 References: bsc#1178783 CVE-2020-25705 - commit de5744b ------------------------------------------------------------------- Thu Nov 12 09:18:07 CET 2020 - nstange@suse.de - Bump up the version number in spec file - commit 59b8c26 ------------------------------------------------------------------- Tue Oct 27 14:16:51 CET 2020 - nstange@suse.de - Bump up the version number in spec file - commit d6feb6a ------------------------------------------------------------------- Mon Oct 26 12:52:31 CET 2020 - nstange@suse.de - Fix for CVE-2020-25645 ("Geneve/IPsec traffic may be unencrypted between two Geneve endpoints") Live patch for CVE-2020-25645. Upstream commit 34beb2159451 ("geneve: add transport ports in route lookup for geneve"). KLP: CVE-2020-25645 References: bsc#1177513 CVE-2020-25645 - commit 3e11b64 ------------------------------------------------------------------- Mon Oct 5 11:19:22 CEST 2020 - nstange@suse.de - Fix for CVE-2020-0429 ("possible memory corruption in l2tp_session_delete and related functions of l2tp_core.c") Live patch for CVE-2020-0429. Upstream commits 4ac36a4adaf8 ("l2tp: Correctly return -EBADF from pppol2tp_getname.") 61b9a047729b ("l2tp: fix race in l2tp_recv_common()") 57377d635478 ("l2tp: ensure session can't get removed during pppol2tp_session_ioctl()") dbdbc73b4478 ("l2tp: fix duplicate session creation") 54c151d9ed13 ("l2tp: Refactor the codes with existing macros instead of literal number") cdd10c962749 ("l2tp: ensure sessions are freed after their PPPOL2TP socket") b228a9406640 ("l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()") KLP: CVE-2020-0429 References: bsc#1176931 CVE-2020-0429 - commit b0b351b ------------------------------------------------------------------- Tue Sep 29 12:33:24 CEST 2020 - nstange@suse.de - Fix for CVE-2020-14381 ("referencing inode of removed superblock in get_futex_key() causes UAF") Live patch for CVE-2020-14381. Upstream commit 8019ad13ef7f ("futex: Fix inode life-time issue"). KLP: CVE-2020-14381 References: bsc#1176012 CVE-2020-14381 - commit 62270c6 ------------------------------------------------------------------- Fri Sep 25 10:26:18 CEST 2020 - nstange@suse.de - Fix for CVE-2020-0431 ("possible out of bounds write in kbd_keycode of keyboard.c") Live patch for CVE-2020-0431. Upstream commit 4f3882177240 ("HID: hid-input: clear unmapped usages"). KLP: CVE-2020-0431 References: bsc#1176896 CVE-2020-0431 - commit 46b7b20 ------------------------------------------------------------------- Thu Sep 24 15:11:09 CEST 2020 - nstange@suse.de - Fix for CVE-2020-25212 ("TOCTOU mismatch in the NFS client code") Live patch for CVE-2020-25212. Upstream commit b4487b935452 ("nfs: Fix getxattr kernel panic and memory overflow"). KLP: CVE-2020-25212 References: bsc#1176382 CVE-2020-25212 - commit 1ae1bce ------------------------------------------------------------------- Mon Sep 7 12:49:20 CEST 2020 - mbenes@suse.cz - Update IBS_PROJECT to correct maintenance incident after initial submission - commit e1cec10 ------------------------------------------------------------------- Fri Sep 4 10:42:58 CEST 2020 - nstange@suse.de - New branch for SLE12-SP2_Update_37 - commit db6ab5d ------------------------------------------------------------------- Tue Jul 14 16:16:44 CEST 2020 - nstange@suse.de - Fix for CVE-2020-11668 ("malicious USB device pretending to be Xirlink camera can corrupt random kernel memory") Live patch for CVE-2020-11668. Upstream commit a246b4d54770 ("media: xirlink_cit: add missing descriptor sanity checks"). KLP: CVE-2020-11668 References: bsc#1173942 CVE-2020-11668 - commit c272e02 ------------------------------------------------------------------- Mon Mar 23 15:08:56 CET 2020 - nstange@suse.de - Fix for CVE-2020-1749 ("some ipv6 protocols not encrypted over ipsec tunnel") Live patch for CVE-2020-1749. Upstream commit 6c8991f41546 ("net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup"). KLP: CVE-2020-1749 References: bsc#1165631 CVE-2020-1749 - commit 3794c7b ------------------------------------------------------------------- Mon Dec 2 13:49:24 CET 2019 - mbenes@suse.cz - Revert "shadow variables: allow for dynamic initialization" This reverts commit 843c6fa42429afc1682cdb39119e7a011af2abc9. - commit 23d37c8 ------------------------------------------------------------------- Mon Dec 2 13:40:37 CET 2019 - mbenes@suse.cz - Revert "shadow variables: introduce upstream patch" This reverts commit e899c4fd3fe7602ebd70f578d8475f1049de7c78. - commit c1be24c ------------------------------------------------------------------- Mon Dec 2 13:38:18 CET 2019 - mbenes@suse.cz - Revert "shadow variables: drop EXPORT_SYMBOL()s" This reverts commit ac6cfebd7f831213ebcd4b2690672871572ec49e. - commit 5771a4b ------------------------------------------------------------------- Mon Dec 2 13:38:04 CET 2019 - mbenes@suse.cz - Revert "shadow variables: share shadow data among KGraft modules" This reverts commit 8e1e705d4d56981949f7ae3854d8e1cc2be7f40f. - commit 1c87412 ------------------------------------------------------------------- Mon Dec 2 13:37:30 CET 2019 - mbenes@suse.cz - Revert "shadow variables: add KGR_SHADOW_ID helper" This reverts commit 237c8f3d13c382321d3e65d138d328eae0b82f6c. - commit 41936fd ------------------------------------------------------------------- Tue Dec 11 11:27:23 CET 2018 - mbenes@suse.cz - uname_patch: don't hold uts_sem while accessing userspace memory Backport upstream patch 42a0cc347858 ("sys: don't hold uts_sem while accessing userspace memory"). - commit d4e00de ------------------------------------------------------------------- Tue Oct 2 16:38:19 CEST 2018 - mbenes@suse.cz - scripts/tar-up.sh: Add ppc64le to ExclusiveArch even for SLE12-SP2 - commit 77a8a8b ------------------------------------------------------------------- Wed Aug 8 15:07:59 CEST 2018 - nstange@suse.de - Provide common kallsyms wrapper API With bsc#1103203, the need for disambiguating between a multiply defined symbol arose. This is something the kallsyms_lookup_name() based code snippet we used to copy&paste to every individual CVE fix can't handle. Implement a proper wrapper API for doing the kallsyms lookups. - commit 4aed7d2 ------------------------------------------------------------------- Wed Jul 11 13:55:14 CEST 2018 - nstange@suse.de - provide KGR_SHADOW_ID() helper macro - commit 7325c49 ------------------------------------------------------------------- Mon May 14 08:30:00 CEST 2018 - nstange@suse.de - scrips/create-makefile.sh: add support for assembly files - commit cf2464a ------------------------------------------------------------------- Mon Mar 5 15:44:31 CET 2018 - nstange@suse.de - shadow variables: allow for dynamic initialization Currently, the only shadow variable initialization scheme exposed by the allocation API is to let klp_shadow_alloc() resp. klp_shadow_get_or_alloc() memcpy some user provided buffer to the freshly allocated shadow variable. This is too limited for shadow structures containing pointers into themselves like list_heads or mutexes. Change the internal __klp_shadow_get_or_alloc() to take a pointer to an initializer functions and call that in place of the memcpy() operation. In order to retain former functionality of klp_shadow_alloc() and klp_shadow_get_or_alloc(), make them pass the new __klp_shadow_memcpy_init() wrapper to __klp_shadow_get_or_alloc(). Finally, introduce the new klp_shadow_alloc_with_init() and klp_shadow_get_or_alloc_with_init() which pass a user provided initializer function pointer onwards to __klp_shadow_get_or_alloc(). - commit 843c6fa ------------------------------------------------------------------- Tue Dec 5 16:42:04 CET 2017 - mbenes@suse.cz - uname_patch: fix UNAME26 for 4.0 Backport upstream commit 39afb5ee4640 ("kernel/sys.c: fix UNAME26 for 4.0"). - commit 5988feb ------------------------------------------------------------------- Mon Dec 4 15:25:24 CET 2017 - mbenes@suse.cz - Revert "Add compat.h to deal with changes of KGR_PATCH macro" This reverts commit 4186bef35862029a2fd36ba4a73d5fa538992709. All currently supported kernels (that is, everything since SLE12_Update_14 and SLE12-SP1_Update_5) have sympos support. We can drop compat, because we don't need it anymore. - commit 11e3220 ------------------------------------------------------------------- Thu Nov 30 15:15:20 CET 2017 - mbenes@suse.cz - scripts: Generate ExclusiveArch in spec file dynamically ppc64le architecture kernel support is not present in all currently supported branches. It may cause problem for the maintenance team. Generate ExclusiveArch dynamically. It should be 'ppc64le x86_64' for SLE12-SP3 and 'x86_64' for the rest. - commit 95ed856 ------------------------------------------------------------------- Thu Nov 16 14:27:46 CET 2017 - mbenes@suse.cz - rpm/kgraft-patch.spec: Add ppc64le as a supported arch ppc64le is about to be supported in Live Patching product. Add it to ExclusiveArch tag. - commit 8437c94 ------------------------------------------------------------------- Thu Nov 16 14:26:35 CET 2017 - mbenes@suse.cz - rpm/kgraft-patch.spec: Remove s390x from supported archs s390x is not supported in Live Patching product. Remove it from ExclusiveArch. - commit f9614f2 ------------------------------------------------------------------- Thu Oct 5 12:12:29 CEST 2017 - nstange@suse.de - shadow variables: add KGR_SHADOW_ID helper As shadow variables are supposed to be shared among different KGraft modules their id's must be compile time constants. Introduce the KGR_SHADOW_ID helper macro for generating them in a uniform manner based on the bsc# number and a local id. - commit 237c8f3 ------------------------------------------------------------------- Thu Oct 5 12:12:28 CEST 2017 - nstange@suse.de - shadow variables: share shadow data among KGraft modules As it stands, each KGraft module maintains its own set of shadow variable management structures and thus, shadow variables are not sharable between livepatch modules. This behaviour is different from the upstream implementation and, as pointed out by Miroslav Benes, it also opens up an opportunity for a small window where the system might become vulnerable again during transition as we stack new livepatches on top. Let all KGraft patches share the shadow data. Sharing is implemented by moving the management structures from a KGraft module's .data to dynamically allocated memory. Each KGraft module will have specifically named pointers, 'kgr_shadow_hash12' and 'kgr_shadow_lock12', referencing them. Upon initialization, a KGraft module will discover already existing such shadow data by kallsyms-searching all loaded modules for these pointer symbols. If none is found, a new instance is allocated. The newly introduced kgr_shadow_init() implementing this is idempotent and can thus be called from the bsc# subpatches' initializers if needed. Upon KGraft module removal, the new kgr_shadow_cleanup() will conduct another kallsyms search and deallocate the shadow data in case there are no more users. kgr_shadow_cleanup() is also idempotent. Initialization and teardown of the common shadow data is serialized with the module_mutex which has to be taken for the kallsyms search anyway. - commit 8e1e705 ------------------------------------------------------------------- Thu Oct 5 12:12:27 CEST 2017 - nstange@suse.de - shadow variables: drop EXPORT_SYMBOL()s The shadow variable API will only ever get used by the KGraft module itself and thus, there's no need for exporting it. Drop all EXPORT_SYMBOL annotations. - commit ac6cfeb ------------------------------------------------------------------- Thu Oct 5 12:12:26 CEST 2017 - nstange@suse.de - shadow variables: introduce upstream patch Joe Lawrence posted the sixth version of his shadow variable patch [1] implementing the association of additional out-of-band data members to existing structure instances from livepatches. Jiri Kosina has applied this to his git://git.kernel.org/pub/scm/linux/kernel/git/jikos/livepatching.git for-4.15/shadow-variables tree and thus, it's queued up and close to getting merged. The plan is to eventually backport this shadow variable support to SLE kernels, but we also want to have it usable from KGraft modules by now. Port the implementation to the kraft-patches module. Namely, - dump shadow.c in it's current upstream state as it is after commits 439e7271dc2b ("livepatch: introduce shadow variable API") 5d9da759f758 ("livepatch: __klp_shadow_get_or_alloc() is local to shadow.c") 19205da6a0da ("livepatch: Small shadow variable documentation fixes") - add a shadow.h header and declare the newly introduced functions there - and incorporate the new files into the KGraft module's build system. [1] 1504211861-19899-2-git-send-email-joe.lawrence@redhat.com ("[PATCH v6] livepatch: introduce shadow variable API") - commit e899c4f ------------------------------------------------------------------- Tue Jun 13 15:54:27 CEST 2017 - nstange@suse.de - scripts/register-patches.sh: register subpatch sources in rpm spec In order to reduce the manual merging work upon addition of new (sub)patches, commit 4e8dc885be22 ("scripts: create kgr_patch_main.c dynamically") introduced the register-patches.sh helper. It discovers those and tweaks the main entry point, kgr_patch_main.c, as needed. However, a remaining manual merging task is to list a (sub)patch's source archive in rpm/kgraft-patch.spec and to %setup it. Make scripts/register-patches.sh do this. Namely, - introduce the @@KGR_PATCHES_SOURCES@@ and @@KGR_PATCHES_SETUP_SOURCES@@ placeholders in rpm/kgraft-patch.spec - and make scripts/register-patches.sh expand those within a spec file to be given as an additional command line argument. Finally, adjust scripts/tar-up.sh accordingly. - commit 9eafc8a ------------------------------------------------------------------- Tue Jun 13 15:51:42 CEST 2017 - nstange@suse.de - scripts/register-patches.sh: don't add ','s to @@KGR_PATCHES_FUNCS@@ register-patches.sh expands kgr_patch_main.c's @@KGR_PATCHES_FUNCS@@ placeholder by concatenating all available patches' KGR_PATCH__FUNCS together, separating them by commas. The KGR_PATCH__FUNCS are CPP macros supposed to be provided by each patch. If one of these happens to be empty, the preprocessed expansion will contain two consecutive commas which gcc doesn't like in array initializers. Do not add any commas to the @@KGR_PATCHES_FUNCS@@ expansion but require the individual KGR_PATCH__FUNCS macros to already contain trailing ones as needed. Fixes: 4e8dc885be22 ("scripts: create kgr_patch_main.c dynamically") - commit ba41416 ------------------------------------------------------------------- Wed Jun 7 12:05:41 CEST 2017 - nstange@suse.de - scripts: create kgr_patch_main.c dynamically The kgraft-patches repository has got many branches, each corresponding to a supported codestream. Each of those carries a potentially different set of live (sub)patches which are controlled through the entry points in kgr_patch_main.c. According to Miroslav, merging of a new (sub)patch based on the pristine master is a pita due to conflicts. Since all (sub)patches stick to certain conventions already, the required modifications of the merging-hotspot kgr_patch_main.c are quite mechanic. Let a script do the work. Namely, - insert some special @@-embraced placeholders at the few places depending on the actual set of (sub)patches, - let register-patches.sh discover the available (sub)patches by searching for directories - and let register-patches.sh replace those placeholders in kgr_patch_main.c Finally, add a register-patches.sh invocation to tar-up.sh. This procedure requires that a SUBPATCH located in directory SUBPATCH/ adheres to the following conventions: - It must provide a provide a SUBPATCH/kgr_patch_SUBPATCH.h header. - This header must provide declarations for kgr_patch_SUBPATCH_init() and kgr_patch_SUBPATCH_cleanup(). - This header must also #define a KGR_PATCH_SUBPATCH_FUNCS macro. It should expand to a comma separated list of KGR_PATCH*() entries, each corresponding to a function the subpatch wants to replace. [mbenes: fixed typos, empty line removed] - commit 4e8dc88 ------------------------------------------------------------------- Mon Apr 24 16:00:54 CEST 2017 - mbenes@suse.cz - Replace $(PWD) with $(CURDIR) in Makefile CURDIR is an internal variable of make and more suitable. - commit 03bf1d5 ------------------------------------------------------------------- Wed Apr 19 14:02:27 CEST 2017 - mbenes@suse.cz - Create Makefile automatically Introduce scripts/create-makefile.sh script to automatically create a makefile. The scripts is called from tar-up.sh or could be called manually. - commit 1af6c29 ------------------------------------------------------------------- Mon Oct 24 13:26:09 CEST 2016 - mbenes@suse.cz - Better to use SUSE:SLE-12:Update than Devel:kGraft:SLE12 project - commit bdc7598 ------------------------------------------------------------------- Tue May 10 15:43:59 CEST 2016 - mbenes@suse.cz - Add compat.h to deal with changes of KGR_PATCH macro Sympos patch set for kGraft redefined KGR_PATCH macro and added two new ones. Add new compat.h which contains macro magic so that all kGraft patches would work on both old and new kernels with the patch set merged. - commit 4186bef ------------------------------------------------------------------- Fri May 6 17:01:17 CEST 2016 - mbenes@suse.cz - Fix the number of parameters of KGR_PATCH macro New kernels contain kGraft's sympos patch set which changed number of paramaters of KGR_PATCH macro and introduced new macros. Fix it in master so it will be ok for new branches. - commit 78cf676 ------------------------------------------------------------------- Tue Sep 1 13:00:23 CEST 2015 - mmarek@suse.com - Include the RPM version number in the module name - commit 8fa02c6 ------------------------------------------------------------------- Wed Aug 26 11:29:44 CEST 2015 - mbenes@suse.cz - Remove forgotten debug option in the Makefile - commit 9c24ab8 ------------------------------------------------------------------- Mon Aug 17 13:42:04 CEST 2015 - mbenes@suse.cz - Add license and copyright notices - commit d42d3aa ------------------------------------------------------------------- Wed Jul 15 15:58:35 CEST 2015 - mbenes@suse.cz - Remove immediate flag Fake signal was merged to kGraft and immediate feature removed. Remove it in kGraft patches from now on too. - commit c767ad2 ------------------------------------------------------------------- Wed May 20 16:32:17 CEST 2015 - mbenes@suse.cz - Set immediate flag to false Using immediate set to true can lead to BUGs and oopses when downgrading, reverting or applying replace_all patches. There is no way how to find out if there is a process in the old code which is being removed. The module would be put, removed and the process will crash. The consistency model guarantees that there is no one in the old code when the finalization ends. Thus use it for all case to be safe. - commit 830e1a3 ------------------------------------------------------------------- Tue May 12 15:48:07 CEST 2015 - mbenes@suse.cz - Fix description in rpm spec file Spec file description mentions initial kGraft patch which is only true for real initial patch. Make it more neutral. References: bsc#930408 - commit a55e023 ------------------------------------------------------------------- Wed Apr 1 15:36:24 CEST 2015 - mbenes@suse.cz - Generate archives names automatically in tar-up.sh - commit 1f34f18 ------------------------------------------------------------------- Wed Apr 1 13:39:26 CEST 2015 - mbenes@suse.cz - Automatically generate .changes file from git log Also add comments to tar-up.sh script to distinguish between sections. - commit 212a7ae ------------------------------------------------------------------- Thu Mar 26 14:24:21 CET 2015 - mmarek@suse.cz - Revert "Require exact kernel version in the patch" This needs to be done differently, so that modprobe --force works as expected. References: bnc#920615 This reverts commit c62c11aecd4e3f8822e1b835fea403acc3148c5a. - commit bc88dd7 ------------------------------------------------------------------- Wed Mar 25 13:10:24 CET 2015 - mmarek@suse.cz - Require exact kernel version in the patch References: bnc#920615 - commit c62c11a ------------------------------------------------------------------- Tue Mar 24 12:15:41 CET 2015 - mmarek@suse.cz - Add the git commit and branch to the package description References: bnc#920633 - commit 1ff4e48 ------------------------------------------------------------------- Wed Nov 26 10:09:14 CET 2014 - mbenes@suse.cz - Set immediate flag for the initial patch Setting immediate to true will simplify installation of the initial patch and possibly also of the further updates. References: bnc#907150 - commit 391b810 ------------------------------------------------------------------- Tue Nov 25 16:26:40 CET 2014 - mbenes@suse.cz - Add .replace_all set to true Add .replace_all flag set to true even to the initial patch. Thus we will not forget to add that later. Also .immediate is there as a comment. - commit 933e15e ------------------------------------------------------------------- Mon Nov 24 15:02:33 CET 2014 - mmarek@suse.cz - Drop the hardcoded kernel release string The updated kgraft-devel macros set this during build time, so we do not need to know the kernel release string beforehand. As a name suffix for the source packages, let's use SLE12_Test in the master branch and SLE12_Update_ in the update branches. - commit 65f7a25 ------------------------------------------------------------------- Fri Nov 21 15:48:48 CET 2014 - mmarek@suse.cz - Check that we are building against the set kernel version - commit 689e44a ------------------------------------------------------------------- Wed Nov 12 04:11:14 CET 2014 - mmarek@suse.cz - Mark the module as supported References: bnc#904970 - commit 6249314 ------------------------------------------------------------------- Tue Nov 11 17:11:28 CET 2014 - mmarek@suse.cz - Build the test packages against Devel:kGraft:SLE12 - commit c952fbb ------------------------------------------------------------------- Thu Nov 6 13:55:43 CET 2014 - mbenes@suse.cz - Add top git commit hash to uname -v Add top git commit hash to version part of uname. This makes the identification of current patch level easy (even in crash: p kgr_tag). References: fate#317769 - commit 54c9595 ------------------------------------------------------------------- Tue Nov 4 16:23:50 CET 2014 - mbenes@suse.cz - Replace @@RELEASE@@ in kgr_patch->name with @@RPMRELEASE@@ We need to replace @@RELEASE@@ in kgr_patch->name with @@RPMRELEASE@@ due to sysfs tree. @@RELEASE@@ changes with each new version of package. - commit 51fd9dd ------------------------------------------------------------------- Mon Nov 3 17:27:24 CET 2014 - mmarek@suse.cz - Add a source-timestamp file with the git commit hash and branch This is required by the bs-upload-kernel script to upload packages to the BS. It can also be used by the specfile in the future. - commit feab4f1 ------------------------------------------------------------------- Mon Nov 3 16:56:31 CET 2014 - mbenes@suse.cz - Initial commit - commit 600de9d ------------------------------------------------------------------- Mon Nov 3 14:59:46 CET 2014 - mmarek@suse.cz - Add config.sh script This tells the automatic builder which IBS project to use. - commit aa7f1cb