------------------------------------------------------------------- Mon Nov 20 16:36:19 CET 2017 - nstange@suse.de - bsc#1064392: only call dev_add_pack() on freshly allocated fanout instances This livepatch contains a port of suse-commit dca1366040e8 ("packet: fix use-after-free in fanout_add()") which attempted to repair the upstream fix' backport to kernels missing upstream commit 2bd624b4611f ("packet: Do not call fanout_release from atomic contexts"). Unfortunately this fix is broken as follows: it moves the call to dev_add_pack() in fanout_add() outside of the allocation path to some later place. At this location it is possible though that the instance has already been dev_add_pack()ed before, namely if it hasn't been freshly allocated but discovered through the fanout_list instead. This results in match->prot_hook getting added to the ptype list multiple times, leading to a list corruption. Fix this by tracking in fanout_add() whether the packet_fanout instance has been newly allocated and only call dev_add_pack() if this is the case. - commit 37e209c ------------------------------------------------------------------- Fri Nov 10 16:17:50 CET 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit 633df10 ------------------------------------------------------------------- Mon Nov 6 16:52:09 CET 2017 - mbenes@suse.cz - bsc#1063671: Backport upstream commit cfbb0d90a7ab ("mac80211: don't compare TKIP TX MIC key in reinstall prevention") References: bsc#1066472 - commit 102a48a ------------------------------------------------------------------- Mon Nov 6 16:40:28 CET 2017 - mbenes@suse.cz - bsc#1063671: Backport upstream commit 2bdd713b92a9 ("mac80211: use constant time comparison with keys") References: bsc#1066471 - commit 13fd89e ------------------------------------------------------------------- Mon Nov 6 14:51:51 CET 2017 - mbenes@suse.cz - bsc#1063671: increment_tailroom_need_count() is not inlined in SLE12-SP{2,3} Remove it and kgr_assert_key_lock() and kgr_update_vlan_tailroom_need_count() along with it. - commit 5a25b61 ------------------------------------------------------------------- Tue Oct 31 18:56:40 CET 2017 - nstange@suse.de - Fix for CVE-2017-15649 ("net/packet/af_packet.c allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures") Live patch for CVE-2017-15649. Upstream commits 4971613c1639 ("packet: in packet_do_bind, test fanout with bind_lock held") and 008ba2a13f2d ("packet: hold bind lock when rebinding to fanout hook"). Fixes: CVE-2017-15649 References: bsc#1064392, CVE-2017-15649 - commit 52812b3 ------------------------------------------------------------------- Thu Oct 19 15:30:33 CEST 2017 - nstange@suse.de - Fix for CVE-2017-13080 ("Reinstallation of the group key (GTK) in the group key handshake") Live patch for CVE-2017-13080. Upstream commit fdf7cb4185b6 ("mac80211: accept key reinstall without changing anything"). Note: this addresses _only_ CVE-2017-13080 which is a minor part of "KRACK" related to WoWLAN. All the remaining CVE's associated with "KRACK" refer to userspace and thus, are _not_ fixed by this live patch! Fixes: CVE-2017-13080 References: bsc#1063671, CVE-2017-13080 - commit 8be6a04 ------------------------------------------------------------------- Wed Oct 11 15:43:58 CEST 2017 - nstange@suse.de - Fix for bsc#1062471 ("add_key syscall causes NULL pointer dereference") Live patch for bsc#1062471. Upstream commit 5649645d725c ("KEYS: fix dereferencing NULL payload with nonzero length"). Fixes: CVE-2017-15274 References: bsc#1062471 CVE-2017-15274 [ mb: CVE and commit hashes ] - commit 8886d11 ------------------------------------------------------------------- Mon Oct 9 11:28:16 CEST 2017 - nstange@suse.de - bsc#1053150: fix build failure on s390x On s390x, building fails because CONFIG_ISDN_I4L=n and thus, this livepatch is simply not applicable to this arch. Fix this by adding some #ifdefery and dummy stubs as needed. - commit 3d3bd29 ------------------------------------------------------------------- Fri Oct 6 14:20:41 CEST 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit b0a0c78 ------------------------------------------------------------------- Tue Oct 3 14:48:25 CEST 2017 - nstange@suse.de - Fix for CVE-2017-1000251 ("bluetooth l2cap remote (bluetooth) code execution") Live patch for CVE-2017-1000251. Upstream commit e860d2c904d1 ("Bluetooth: Properly check L2CAP config option output buffer length"). Fixes: CVE-2017-1000251 References: bsc#1057950 CVE-2017-1000251 - commit cc6b209 ------------------------------------------------------------------- Wed Sep 6 15:00:48 CEST 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit 021ddad ------------------------------------------------------------------- Thu Aug 17 12:13:44 CEST 2017 - nstange@suse.de - Fix for CVE-2017-12762 (drivers/isdn/i4l/isdn_net.c: user-controlled buffer is copied into a localbuffer of constant size using strcpy without a length check which can cause a buffer overflow) Live patch for CVE-2017-12762. Upstream commit 9f5af546e6ac ("isdn/i4l: fix buffer overflow"). Fixes: CVE-2017-12762 References: bsc#1053150 CVE-2017-12762 - commit 17bfc3d ------------------------------------------------------------------- Wed Aug 16 15:11:03 CEST 2017 - nstange@suse.de - bsc#1052368: Refresh The upstream commit for CVE-2017-1000112 differs from the embargoed patch in that the former changes udp_send_skb() as well. Livepatch udp_send_skb() accordingly. References: CVE-2017-1000112 bsc#1052368 bsc#1052311 - commit 669136b ------------------------------------------------------------------- Tue Aug 15 15:00:55 CEST 2017 - nstange@suse.de - Fix CVE-2017-1000112 ("udp: consistently apply ufo or fragmentation") Live patch for CVE-2017-1000112. Upstream commit 85f1bd9a7b5a ("udp: consistently apply ufo or fragmentation"). Fixes: CVE-2017-1000112 References: bsc#1052368 CVE-2017-1000112 - commit b99998e ------------------------------------------------------------------- Thu Aug 3 10:52:21 CEST 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit 89f2b02 ------------------------------------------------------------------- Tue Aug 1 19:27:26 CEST 2017 - nstange@suse.de - Fix for CVE-2017-7533 (Local privilege escalation issue through dentry name / fsnotify race) Live patch for CVE-2017-7533. Upstream commit 49d31c2f389a ("dentry snapshots"). Note that the upstream changes to vfs_rename() and debugfs_rename() have been left out from this live patch because they are cleanup only and not needed to fix the race in question. Fixes: CVE-2017-7533 References: bsc#1050751 CVE-2017-7533 - commit 9e00b94 ------------------------------------------------------------------- Tue Jul 11 13:18:26 CEST 2017 - mbenes@suse.cz - bsc#1038564: Prepare for dynamic patch registration In order to prepare for the merge of 4e8dc885be22 ("scripts: create kgr_patch_main.c dynamically"), kgr_patch_bsc1038564.h must declare kgr_patch_bsc1038564_cleanup() and define KGR_PATCH_BSC1038564_FUNCS. Add an empty kgr_patch_bsc1038564_cleanup() implementation. Define KGR_PATCH_BSC1038564_FUNCS in accordance to the KGR_PATCH*() enumeration currently found in kgr_patch_main.c. - commit 37df8c1 ------------------------------------------------------------------- Tue Jul 11 11:46:52 CEST 2017 - nstange@suse.de - bsc#1046206: Fix for CVE-2017-8797 ("remote DoS in nfsd") Live patch for CVE-2017-8797. Upstream commit f961e3f2acae ("nfsd: encoders mustn't use unitialized values in error cases"). Fixes: CVE-2017-8797 References: bsc#1046206 CVE-2017-8797 [ mb: remove spurious colon in kallsyms table s/xdr_reserve_space/kgr_xdr_reserve_space/ ] - commit d907dc2 ------------------------------------------------------------------- Mon Jul 3 13:19:18 CEST 2017 - mbenes@suse.cz - Fix obvious mistake wrt. rpm version and release number - commit 69421d7 ------------------------------------------------------------------- Fri Jun 30 13:06:49 CEST 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit 67541f3 ------------------------------------------------------------------- Thu Jun 29 15:22:43 CEST 2017 - nstange@suse.de - Fix for CVE-2017-7645 ("The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attac...") Live patch for CVE-2017-7645. Upstream commit e6838a29ecb4 ("nfsd: check for oversized NFSv2/v3 arguments"). Fixes: CVE-2017-7645 References: bsc#1046191 CVE-2017-7645 - commit 099953d ------------------------------------------------------------------- Thu Jun 29 13:38:45 CEST 2017 - mbenes@suse.cz - Fix for CVE-2017-1000364 (stack gap guard page too small) Live patch for CVE-2017-1000364. SLE12-SP2 commits d016488325eaa0a060aa72d24cd9c07e904b6f4c and 0b7966455abee733863909156d85b88ce26ba8a2. SLE11-SP4 commit cf4d269b082a02f96d205db88c6622ceb5908815. Fixes: CVE-2017-1000364 References: bsc#1039496 CVE-2017-1000364 - commit 0754d5e ------------------------------------------------------------------- Thu Jun 22 14:49:04 CEST 2017 - nstange@suse.de - Fix for CVE-2017-2636 ("tty: n_hdlc: get rid of racy n_hdlc.tbuf") Live patch for CVE-2017-2636. Upstream commit 82f2341c94d2 ("tty: n_hdlc: get rid of racy n_hdlc.tbuf"). [ mb: based on a slightly different patch by Nicolai. No data structure changes involved. ] Fixes: CVE-2017-2636 References: bsc#1027575 CVE-2017-2636 - commit 82063c8 ------------------------------------------------------------------- Thu Jun 15 17:54:19 CEST 2017 - nstange@suse.de - Fix for CVE-2017-9242 ("Incorrect overwrite check in __ip6_append_data()") Live patch for CVE-2017-9242. Upstream commit 232cd35d0804 ("ipv6: fix out of bound writes in __ip6_append_data()"). Fixes: CVE-2017-9242 References: bsc#1042892 CVE-2017-9242 - commit 1931ec9 ------------------------------------------------------------------- Tue Jun 13 15:54:27 CEST 2017 - nstange@suse.de - scripts/register-patches.sh: register subpatch sources in rpm spec In order to reduce the manual merging work upon addition of new (sub)patches, commit 4e8dc885be22 ("scripts: create kgr_patch_main.c dynamically") introduced the register-patches.sh helper. It discovers those and tweaks the main entry point, kgr_patch_main.c, as needed. However, a remaining manual merging task is to list a (sub)patch's source archive in rpm/kgraft-patch.spec and to %setup it. Make scripts/register-patches.sh do this. Namely, - introduce the @@KGR_PATCHES_SOURCES@@ and @@KGR_PATCHES_SETUP_SOURCES@@ placeholders in rpm/kgraft-patch.spec - and make scripts/register-patches.sh expand those within a spec file to be given as an additional command line argument. Finally, adjust scripts/tar-up.sh accordingly. - commit 9eafc8a ------------------------------------------------------------------- Tue Jun 13 15:51:42 CEST 2017 - nstange@suse.de - scripts/register-patches.sh: don't add ','s to @@KGR_PATCHES_FUNCS@@ register-patches.sh expands kgr_patch_main.c's @@KGR_PATCHES_FUNCS@@ placeholder by concatenating all available patches' KGR_PATCH__FUNCS together, separating them by commas. The KGR_PATCH__FUNCS are CPP macros supposed to be provided by each patch. If one of these happens to be empty, the preprocessed expansion will contain two consecutive commas which gcc doesn't like in array initializers. Do not add any commas to the @@KGR_PATCHES_FUNCS@@ expansion but require the individual KGR_PATCH__FUNCS macros to already contain trailing ones as needed. Fixes: 4e8dc885be22 ("scripts: create kgr_patch_main.c dynamically") - commit ba41416 ------------------------------------------------------------------- Tue Jun 13 11:05:11 CEST 2017 - nstange@suse.de - bsc#1014271: prepare for dynamic patch registration In order to prepare for the merge of 4e8dc885be22 ("scripts: create kgr_patch_main.c dynamically"), kgr_patch_bsc1014271.h must declare kgr_patch_bsc1014271_cleanup() and define KGR_PATCH_BSC1014271_FUNCS. Add an empty kgr_patch_bsc1014271_cleanup() implementation. Define KGR_PATCH_BSC1014271_FUNCS in accordance to the KGR_PATCH*() enumeration currently found in kgr_patch_main.c. - commit 28de8fe ------------------------------------------------------------------- Mon Jun 12 17:09:37 CEST 2017 - nstange@suse.de - bsc#1031660: prepare for dynamic patch registration In order to prepare for the merge of 4e8dc885be22 ("scripts: create kgr_patch_main.c dynamically"), kgr_patch_bsc1031660.h must define KGR_PATCH_BSC1031660_FUNCS. Define KGR_PATCH_BSC1031660_FUNCS in accordance to the KGR_PATCH*() enumeration currently found in kgr_patch_main.c. - commit 8d2faaa ------------------------------------------------------------------- Mon Jun 12 17:03:41 CEST 2017 - nstange@suse.de - bsc#1031481: prepare for dynamic patch registration In order to prepare for the merge of 4e8dc885be22 ("scripts: create kgr_patch_main.c dynamically"), kgr_patch_bsc1031481.h must define KGR_PATCH_BSC1031481_FUNCS. Define KGR_PATCH_BSC1031481_FUNCS in accordance to the KGR_PATCH*() enumeration currently found in kgr_patch_main.c. - commit cd438c6 ------------------------------------------------------------------- Mon Jun 12 16:58:08 CEST 2017 - nstange@suse.de - bsc#1025254: prepare for dynamic patch registration In order to prepare for the merge of 4e8dc885be22 ("scripts: create kgr_patch_main.c dynamically"), kgr_patch_bsc1025254.h must declare kgr_patch_bsc1025254_init() and kgr_patch_bsc1025254_cleanup() as well as define KGR_PATCH_BSC1025254_FUNCS. Add empty implementations for kgr_patch_bsc1025254_init() and kgr_patch_bsc1025254_cleanup(). Define KGR_PATCH_BSC1025254_FUNCS in accordance to the KGR_PATCH*() enumeration currently found in kgr_patch_main.c. - commit 8b47994 ------------------------------------------------------------------- Mon Jun 12 16:42:38 CEST 2017 - nstange@suse.de - bsc#1019079: prepare for dynamic patch registration In order to prepare for the merge of 4e8dc885be22 ("scripts: create kgr_patch_main.c dynamically"), kgr_patch_bsc1019079.h must define KGR_PATCH_BSC1019079_FUNCS. Define KGR_PATCH_BSC1019079_FUNCS in accordance to the KGR_PATCH*() enumeration currently found in kgr_patch_main.c. - commit 738baf9 ------------------------------------------------------------------- Mon Jun 12 15:26:55 CEST 2017 - nstange@suse.de - bsc#1030575: prepare for dynamic patch registration In order to prepare for the merge of 4e8dc885be22 ("scripts: create kgr_patch_main.c dynamically"), kgr_patch_bsc1030575.h must define KGR_PATCH_BSC1030575_FUNCS. Define KGR_PATCH_BSC1030575_FUNCS in accordance to the KGR_PATCH*() enumeration currently found in kgr_patch_main.c. - commit 967f4e6 ------------------------------------------------------------------- Mon Jun 12 15:23:59 CEST 2017 - nstange@suse.de - bsc#1025013: prepare for dynamic patch registration In order to prepare for the merge of 4e8dc885be22 ("scripts: create kgr_patch_main.c dynamically"), kgr_patch_bsc1025013.h must declare kgr_patch_bsc1025013_cleanup() and define KGR_PATCH_BSC1025013_FUNCS. Add an empty kgr_patch_bsc1025013_cleanup() implementation. Define KGR_PATCH_BSC1025013_FUNCS in accordance to the KGR_PATCH*() enumeration currently found in kgr_patch_main.c. - commit 41807c0 ------------------------------------------------------------------- Mon Jun 12 15:09:21 CEST 2017 - nstange@suse.de - bsc#1013543: prepare for dynamic patch registration In order to prepare for the merge of 4e8dc885be22 ("scripts: create kgr_patch_main.c dynamically"), kgr_patch_bsc1013543.h must define KGR_PATCH_BSC1013543_FUNCS. Define KGR_PATCH_BSC1013543_FUNCS in accordance to the KGR_PATCH*() enumeration currently found in kgr_patch_main.c. - commit 5e2d98b ------------------------------------------------------------------- Mon Jun 12 00:28:31 CEST 2017 - nstange@suse.de - Fix for CVE-2017-9077 (tcp_v6_syn_recv_sock function mishandles inheritance) Live patch for CVE-2017-9077. Upstream commit 83eaddab4378 ("ipv6/dccp: do not inherit ipv6_mc_list from parent"). Only tcpv6 gets fixed, dccp has been left out as we don't build dccp into SLES kernels. Fixes: CVE-2017-9077 References: bsc#1042364 CVE-2017-9077 [mbenes: spec file is auto generated] - commit e7a3476 ------------------------------------------------------------------- Wed Jun 7 12:05:41 CEST 2017 - nstange@suse.de - scripts: create kgr_patch_main.c dynamically The kgraft-patches repository has got many branches, each corresponding to a supported codestream. Each of those carries a potentially different set of live (sub)patches which are controlled through the entry points in kgr_patch_main.c. According to Miroslav, merging of a new (sub)patch based on the pristine master is a pita due to conflicts. Since all (sub)patches stick to certain conventions already, the required modifications of the merging-hotspot kgr_patch_main.c are quite mechanic. Let a script do the work. Namely, - insert some special @@-embraced placeholders at the few places depending on the actual set of (sub)patches, - let register-patches.sh discover the available (sub)patches by searching for directories - and let register-patches.sh replace those placeholders in kgr_patch_main.c Finally, add a register-patches.sh invocation to tar-up.sh. This procedure requires that a SUBPATCH located in directory SUBPATCH/ adheres to the following conventions: - It must provide a provide a SUBPATCH/kgr_patch_SUBPATCH.h header. - This header must provide declarations for kgr_patch_SUBPATCH_init() and kgr_patch_SUBPATCH_cleanup(). - This header must also #define a KGR_PATCH_SUBPATCH_FUNCS macro. It should expand to a comma separated list of KGR_PATCH*() entries, each corresponding to a function the subpatch wants to replace. [mbenes: fixed typos, empty line removed] - commit 4e8dc88 ------------------------------------------------------------------- Thu Jun 1 17:59:47 CEST 2017 - mbenes@suse.cz - Fix for CVE-2017-8890 (denial of service (double free) by leveraging use of the accept system call) Live patch for CVE-2017-8890. Upstream commit 657831ffc38e ("dccp/tcp: do not inherit mc_list from parent"). Fixes: CVE-2017-8890 References: bsc#1038564 CVE-2017-8890 - commit 8712479 ------------------------------------------------------------------- Mon Apr 24 16:00:54 CEST 2017 - mbenes@suse.cz - Replace $(PWD) with $(CURDIR) in Makefile CURDIR is an internal variable of make and more suitable. - commit 03bf1d5 ------------------------------------------------------------------- Wed Apr 19 14:02:27 CEST 2017 - mbenes@suse.cz - Create Makefile automatically Introduce scripts/create-makefile.sh script to automatically create a makefile. The scripts is called from tar-up.sh or could be called manually. - commit 1af6c29 ------------------------------------------------------------------- Mon Apr 10 16:50:18 CEST 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit 6ccd026 ------------------------------------------------------------------- Mon Apr 10 11:51:36 CEST 2017 - mbenes@suse.cz - bsc#1030575: Update to upstream version - commit 07d4240 ------------------------------------------------------------------- Fri Apr 7 10:20:14 CEST 2017 - mbenes@suse.cz - Fix for CVE-2017-7308 (packet_set_ring function in net/packet/af_packet.c vulnerable) Live patch for CVE-2017-7308. Upstream commits 2b6867c2ce76 ("net/packet: fix overflow in check for priv area size"), 8f8d28e4d6d8 ("net/packet: fix overflow in check for tp_frame_nr") and bcc5364bdcfe ("net/packet: fix overflow in check for tp_reserve"). Fixes: CVE-2017-7308 References: bsc#1031660 CVE-2017-7308 - commit b773931 ------------------------------------------------------------------- Tue Apr 4 15:08:03 CEST 2017 - mbenes@suse.cz - Fix for CVE-2017-7294 (vmwgfx: vmw_surface_define_ioctl function vuln) Live patch for CVE-2017-7294. SLE12-SP2 commit 560498d4a9a3 ("drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() (boo#1031440 CVE-2017-7294)."). Fixes: CVE-2017-7294 References: bsc#1031481 CVE-2017-7294 - commit f9f3546 ------------------------------------------------------------------- Fri Mar 31 14:04:02 CEST 2017 - mbenes@suse.cz - bsc#1030575: Add references - commit b42d0d4 ------------------------------------------------------------------- Fri Mar 24 15:03:04 CET 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit 78711a3 ------------------------------------------------------------------- Fri Mar 24 12:39:20 CET 2017 - mbenes@suse.cz - Fix for CVE-2017-7184 (xfrm kernel heap out-of-bounds access) Live patch for CVE-2017-7184. Fixes: CVE-2017-7184 References: bsc#1030575 CVE-2017-7184 - commit 901a00f ------------------------------------------------------------------- Wed Mar 8 10:04:37 CET 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit 1a69d7b ------------------------------------------------------------------- Mon Feb 20 14:01:44 CET 2017 - mbenes@suse.cz - Fix for bsc#1025254 ("Data miscompare on a read" is observed during the rebuilding of degraded MDRAID VDs) Live patch for bsc#1025254. SLE12-SP2 c1e6b30fd24b ("Fix a regression reported by bsc#1020048 in patches.fixes/0003-md-lockless-I-O-submission-for-RAID1.patch (bsc#982783,bsc#998106,bsc#1020048)."). Fixes: bsc#1025254 References: bsc#1025254 - commit 00eb5c4 ------------------------------------------------------------------- Tue Feb 14 11:12:42 CET 2017 - mbenes@suse.cz - Fix for CVE-2017-5970 (ipv4: keep skb->dst around in presence of IP options) Live patch for CVE-2017-5970. Upstream commit 34b2cef20f19 ("ipv4: keep skb->dst around in presence of IP options"). Fixes: CVE-2017-5970 References: bsc#1025013 CVE-2017-5970 - commit b643d30 ------------------------------------------------------------------- Wed Jan 11 16:08:46 CET 2017 - mbenes@suse.cz - Fix for CVE-2016-10088 (sg: write operations not properly restricted when KERNEL_DS option is set) Live patch for CVE-2016-10088. Upstream commit 128394eff343 ("sg_write()/bsg_write() is not fit to be called under KERNEL_DS"). Fixes: CVE-2016-10088 References: bsc#1019079 CVE-2016-10088 - commit 2dd1eb0 ------------------------------------------------------------------- Fri Dec 30 12:55:57 CET 2016 - mbenes@suse.cz - Bump up the version number in spec file - commit 841722c ------------------------------------------------------------------- Thu Dec 22 17:15:25 CET 2016 - mbenes@suse.cz - Fix for CVE-2016-9794 (ALSA: use-after-free in,kill_fasync) Live patch for CVE-2016-9794. Upstream commit 3aa02cb664c5 ("ALSA: pcm : Call kill_fasync() in stream lock"). Fixes: CVE-2016-9794 References: bsc#1013543 CVE-2016-9794 - commit 9672bfe ------------------------------------------------------------------- Tue Dec 13 14:47:06 CET 2016 - mbenes@suse.cz - Fix for CVE-2016-9576 (Use-after-free in SCSI Generic driver) Live patch for CVE-2016-9576. Upstream commit a0ac402cfcdc ("Don't feed anything but regular iovec's to blk_rq_map_user_iov"). Fixes: CVE-2016-9576 References: bsc#1014271 CVE-2016-9576 - commit 7f45ab5 ------------------------------------------------------------------- Fri Dec 2 12:58:02 CET 2016 - mbenes@suse.cz - Update IBS_PROJECT to correct maintenance incident after initial submission - commit fcc47dd ------------------------------------------------------------------- Tue Nov 22 09:56:27 CET 2016 - mbenes@suse.cz - New branch for SLE12-SP2_Update_2 - commit ff4477e ------------------------------------------------------------------- Mon Oct 24 13:26:09 CEST 2016 - mbenes@suse.cz - Better to use SUSE:SLE-12:Update than Devel:kGraft:SLE12 project - commit bdc7598 ------------------------------------------------------------------- Tue May 10 15:43:59 CEST 2016 - mbenes@suse.cz - Add compat.h to deal with changes of KGR_PATCH macro Sympos patch set for kGraft redefined KGR_PATCH macro and added two new ones. Add new compat.h which contains macro magic so that all kGraft patches would work on both old and new kernels with the patch set merged. - commit 4186bef ------------------------------------------------------------------- Fri May 6 17:01:17 CEST 2016 - mbenes@suse.cz - Fix the number of parameters of KGR_PATCH macro New kernels contain kGraft's sympos patch set which changed number of paramaters of KGR_PATCH macro and introduced new macros. Fix it in master so it will be ok for new branches. - commit 78cf676 ------------------------------------------------------------------- Tue Sep 1 13:00:23 CEST 2015 - mmarek@suse.com - Include the RPM version number in the module name - commit 8fa02c6 ------------------------------------------------------------------- Wed Aug 26 11:29:44 CEST 2015 - mbenes@suse.cz - Remove forgotten debug option in the Makefile - commit 9c24ab8 ------------------------------------------------------------------- Mon Aug 17 13:42:04 CEST 2015 - mbenes@suse.cz - Add license and copyright notices - commit d42d3aa ------------------------------------------------------------------- Wed Jul 15 15:58:35 CEST 2015 - mbenes@suse.cz - Remove immediate flag Fake signal was merged to kGraft and immediate feature removed. Remove it in kGraft patches from now on too. - commit c767ad2 ------------------------------------------------------------------- Wed May 20 16:32:17 CEST 2015 - mbenes@suse.cz - Set immediate flag to false Using immediate set to true can lead to BUGs and oopses when downgrading, reverting or applying replace_all patches. There is no way how to find out if there is a process in the old code which is being removed. The module would be put, removed and the process will crash. The consistency model guarantees that there is no one in the old code when the finalization ends. Thus use it for all case to be safe. - commit 830e1a3 ------------------------------------------------------------------- Tue May 12 15:48:07 CEST 2015 - mbenes@suse.cz - Fix description in rpm spec file Spec file description mentions initial kGraft patch which is only true for real initial patch. Make it more neutral. References: bsc#930408 - commit a55e023 ------------------------------------------------------------------- Wed Apr 1 15:36:24 CEST 2015 - mbenes@suse.cz - Generate archives names automatically in tar-up.sh - commit 1f34f18 ------------------------------------------------------------------- Wed Apr 1 13:39:26 CEST 2015 - mbenes@suse.cz - Automatically generate .changes file from git log Also add comments to tar-up.sh script to distinguish between sections. - commit 212a7ae ------------------------------------------------------------------- Thu Mar 26 14:24:21 CET 2015 - mmarek@suse.cz - Revert "Require exact kernel version in the patch" This needs to be done differently, so that modprobe --force works as expected. References: bnc#920615 This reverts commit c62c11aecd4e3f8822e1b835fea403acc3148c5a. - commit bc88dd7 ------------------------------------------------------------------- Wed Mar 25 13:10:24 CET 2015 - mmarek@suse.cz - Require exact kernel version in the patch References: bnc#920615 - commit c62c11a ------------------------------------------------------------------- Tue Mar 24 12:15:41 CET 2015 - mmarek@suse.cz - Add the git commit and branch to the package description References: bnc#920633 - commit 1ff4e48 ------------------------------------------------------------------- Wed Nov 26 10:09:14 CET 2014 - mbenes@suse.cz - Set immediate flag for the initial patch Setting immediate to true will simplify installation of the initial patch and possibly also of the further updates. References: bnc#907150 - commit 391b810 ------------------------------------------------------------------- Tue Nov 25 16:26:40 CET 2014 - mbenes@suse.cz - Add .replace_all set to true Add .replace_all flag set to true even to the initial patch. Thus we will not forget to add that later. Also .immediate is there as a comment. - commit 933e15e ------------------------------------------------------------------- Mon Nov 24 15:02:33 CET 2014 - mmarek@suse.cz - Drop the hardcoded kernel release string The updated kgraft-devel macros set this during build time, so we do not need to know the kernel release string beforehand. As a name suffix for the source packages, let's use SLE12_Test in the master branch and SLE12_Update_ in the update branches. - commit 65f7a25 ------------------------------------------------------------------- Fri Nov 21 15:48:48 CET 2014 - mmarek@suse.cz - Check that we are building against the set kernel version - commit 689e44a ------------------------------------------------------------------- Wed Nov 12 04:11:14 CET 2014 - mmarek@suse.cz - Mark the module as supported References: bnc#904970 - commit 6249314 ------------------------------------------------------------------- Tue Nov 11 17:11:28 CET 2014 - mmarek@suse.cz - Build the test packages against Devel:kGraft:SLE12 - commit c952fbb ------------------------------------------------------------------- Thu Nov 6 13:55:43 CET 2014 - mbenes@suse.cz - Add top git commit hash to uname -v Add top git commit hash to version part of uname. This makes the identification of current patch level easy (even in crash: p kgr_tag). References: fate#317769 - commit 54c9595 ------------------------------------------------------------------- Tue Nov 4 16:23:50 CET 2014 - mbenes@suse.cz - Replace @@RELEASE@@ in kgr_patch->name with @@RPMRELEASE@@ We need to replace @@RELEASE@@ in kgr_patch->name with @@RPMRELEASE@@ due to sysfs tree. @@RELEASE@@ changes with each new version of package. - commit 51fd9dd ------------------------------------------------------------------- Mon Nov 3 17:27:24 CET 2014 - mmarek@suse.cz - Add a source-timestamp file with the git commit hash and branch This is required by the bs-upload-kernel script to upload packages to the BS. It can also be used by the specfile in the future. - commit feab4f1 ------------------------------------------------------------------- Mon Nov 3 16:56:31 CET 2014 - mbenes@suse.cz - Initial commit - commit 600de9d ------------------------------------------------------------------- Mon Nov 3 14:59:46 CET 2014 - mmarek@suse.cz - Add config.sh script This tells the automatic builder which IBS project to use. - commit aa7f1cb