------------------------------------------------------------------- Fri Dec 1 16:45:10 CET 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit 7521ec7 ------------------------------------------------------------------- Fri Dec 1 11:42:06 CET 2017 - nstange@suse.de - Fix for CVE-2017-1000405 ("huge dirty cow in THP pages") Live patch for CVE-2017-1000405. No upstream commit yet. Fixes: CVE-2017-1000405 References: bsc#1070307, CVE-2017-1000405 - commit a9a119c ------------------------------------------------------------------- Thu Nov 30 15:15:20 CET 2017 - mbenes@suse.cz - scripts: Generate ExclusiveArch in spec file dynamically ppc64le architecture kernel support is not present in all currently supported branches. It may cause problem for the maintenance team. Generate ExclusiveArch dynamically. It should be 'ppc64le x86_64' for SLE12-SP3 and 'x86_64' for the rest. - commit 95ed856 ------------------------------------------------------------------- Mon Nov 27 14:15:48 CET 2017 - nstange@suse.de - Fix for CVE-2017-16939 ("local privilege escalation with XFRM sockets") Live patch for CVE-2017-16939. Upstream commit 1137b5e2529a ("ipsec: Fix aborted xfrm policy dump crash"). Fixes: CVE-2017-16939 References: bsc#1069708, CVE-2017-16939 - commit bd00d45 ------------------------------------------------------------------- Wed Nov 22 14:10:47 CET 2017 - nstange@suse.de - Livepatch for bsc#1062847 ("Server does not shut down correctly if NIC teaming is enabled") Livepatch for bsc#1062847. Upstream commit 16cf72bb0856 ("team: call netdev_change_features out of team lock"). Fixes: bsc#1062847 References: bsc#1062847, bsc#1055567 [ mb: note added wrt team_compute_features() ] [ mb: s/if (err)/if (!err)/ in Fix sections ] - commit e9f1836 ------------------------------------------------------------------- Fri Nov 17 12:55:05 CET 2017 - nstange@suse.de - Fix for CVE-2017-10661 ("timerfd: missing locking in cancel might cause races and use-after-free") Live patch for CVE-2017-10661. Upstream commit 1e38da300e1e ("timerfd: Protect the might cancel mechanism proper"). Fixes: CVE-2017-10661 References: bsc#1053153 CVE-2017-10661 - commit da5aa5b ------------------------------------------------------------------- Thu Nov 16 14:27:46 CET 2017 - mbenes@suse.cz - rpm/kgraft-patch.spec: Add ppc64le as a supported arch ppc64le is about to be supported in Live Patching product. Add it to ExclusiveArch tag. - commit 8437c94 ------------------------------------------------------------------- Thu Nov 16 14:26:35 CET 2017 - mbenes@suse.cz - rpm/kgraft-patch.spec: Remove s390x from supported archs s390x is not supported in Live Patching product. Remove it from ExclusiveArch. - commit f9614f2 ------------------------------------------------------------------- Fri Nov 10 15:51:28 CET 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit 09864a7 ------------------------------------------------------------------- Mon Nov 6 16:52:09 CET 2017 - mbenes@suse.cz - bsc#1063671: Backport upstream commit cfbb0d90a7ab ("mac80211: don't compare TKIP TX MIC key in reinstall prevention") References: bsc#1066472 - commit 102a48a ------------------------------------------------------------------- Mon Nov 6 16:40:28 CET 2017 - mbenes@suse.cz - bsc#1063671: Backport upstream commit 2bdd713b92a9 ("mac80211: use constant time comparison with keys") References: bsc#1066471 - commit 13fd89e ------------------------------------------------------------------- Mon Nov 6 14:51:51 CET 2017 - mbenes@suse.cz - bsc#1063671: increment_tailroom_need_count() is not inlined in SLE12-SP{2,3} Remove it and kgr_assert_key_lock() and kgr_update_vlan_tailroom_need_count() along with it. - commit 5a25b61 ------------------------------------------------------------------- Tue Oct 31 18:56:41 CET 2017 - nstange@suse.de - Fix for CVE-2017-15649 ("net/packet/af_packet.c allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures") Live patch for CVE-2017-15649. Upstream commits 4971613c1639 ("packet: in packet_do_bind, test fanout with bind_lock held") and 008ba2a13f2d ("packet: hold bind lock when rebinding to fanout hook"). Fixes: CVE-2017-15649 References: bsc#1064392, CVE-2017-15649 - commit d826f30 ------------------------------------------------------------------- Thu Oct 19 15:30:33 CEST 2017 - nstange@suse.de - Fix for CVE-2017-13080 ("Reinstallation of the group key (GTK) in the group key handshake") Live patch for CVE-2017-13080. Upstream commit fdf7cb4185b6 ("mac80211: accept key reinstall without changing anything"). Note: this addresses _only_ CVE-2017-13080 which is a minor part of "KRACK" related to WoWLAN. All the remaining CVE's associated with "KRACK" refer to userspace and thus, are _not_ fixed by this live patch! Fixes: CVE-2017-13080 References: bsc#1063671, CVE-2017-13080 - commit 8be6a04 ------------------------------------------------------------------- Wed Oct 11 15:43:58 CEST 2017 - nstange@suse.de - Fix for bsc#1062471 ("add_key syscall causes NULL pointer dereference") Live patch for bsc#1062471. Upstream commit 5649645d725c ("KEYS: fix dereferencing NULL payload with nonzero length"). Fixes: CVE-2017-15274 References: bsc#1062471 CVE-2017-15274 [ mb: CVE and commit hashes ] - commit 8886d11 ------------------------------------------------------------------- Mon Oct 9 11:28:16 CEST 2017 - nstange@suse.de - bsc#1053150: fix build failure on s390x On s390x, building fails because CONFIG_ISDN_I4L=n and thus, this livepatch is simply not applicable to this arch. Fix this by adding some #ifdefery and dummy stubs as needed. - commit 3d3bd29 ------------------------------------------------------------------- Fri Oct 6 14:20:41 CEST 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit e6ba271 ------------------------------------------------------------------- Thu Oct 5 12:12:29 CEST 2017 - nstange@suse.de - shadow variables: add KGR_SHADOW_ID helper As shadow variables are supposed to be shared among different KGraft modules their id's must be compile time constants. Introduce the KGR_SHADOW_ID helper macro for generating them in a uniform manner based on the bsc# number and a local id. - commit 237c8f3 ------------------------------------------------------------------- Thu Oct 5 12:12:28 CEST 2017 - nstange@suse.de - shadow variables: share shadow data among KGraft modules As it stands, each KGraft module maintains its own set of shadow variable management structures and thus, shadow variables are not sharable between livepatch modules. This behaviour is different from the upstream implementation and, as pointed out by Miroslav Benes, it also opens up an opportunity for a small window where the system might become vulnerable again during transition as we stack new livepatches on top. Let all KGraft patches share the shadow data. Sharing is implemented by moving the management structures from a KGraft module's .data to dynamically allocated memory. Each KGraft module will have specifically named pointers, 'kgr_shadow_hash12' and 'kgr_shadow_lock12', referencing them. Upon initialization, a KGraft module will discover already existing such shadow data by kallsyms-searching all loaded modules for these pointer symbols. If none is found, a new instance is allocated. The newly introduced kgr_shadow_init() implementing this is idempotent and can thus be called from the bsc# subpatches' initializers if needed. Upon KGraft module removal, the new kgr_shadow_cleanup() will conduct another kallsyms search and deallocate the shadow data in case there are no more users. kgr_shadow_cleanup() is also idempotent. Initialization and teardown of the common shadow data is serialized with the module_mutex which has to be taken for the kallsyms search anyway. - commit 8e1e705 ------------------------------------------------------------------- Thu Oct 5 12:12:27 CEST 2017 - nstange@suse.de - shadow variables: drop EXPORT_SYMBOL()s The shadow variable API will only ever get used by the KGraft module itself and thus, there's no need for exporting it. Drop all EXPORT_SYMBOL annotations. - commit ac6cfeb ------------------------------------------------------------------- Thu Oct 5 12:12:26 CEST 2017 - nstange@suse.de - shadow variables: introduce upstream patch Joe Lawrence posted the sixth version of his shadow variable patch [1] implementing the association of additional out-of-band data members to existing structure instances from livepatches. Jiri Kosina has applied this to his git://git.kernel.org/pub/scm/linux/kernel/git/jikos/livepatching.git for-4.15/shadow-variables tree and thus, it's queued up and close to getting merged. The plan is to eventually backport this shadow variable support to SLE kernels, but we also want to have it usable from KGraft modules by now. Port the implementation to the kraft-patches module. Namely, - dump shadow.c in it's current upstream state as it is after commits 439e7271dc2b ("livepatch: introduce shadow variable API") 5d9da759f758 ("livepatch: __klp_shadow_get_or_alloc() is local to shadow.c") 19205da6a0da ("livepatch: Small shadow variable documentation fixes") - add a shadow.h header and declare the newly introduced functions there - and incorporate the new files into the KGraft module's build system. [1] 1504211861-19899-2-git-send-email-joe.lawrence@redhat.com ("[PATCH v6] livepatch: introduce shadow variable API") - commit e899c4f ------------------------------------------------------------------- Tue Oct 3 14:48:25 CEST 2017 - nstange@suse.de - Fix for CVE-2017-1000251 ("bluetooth l2cap remote (bluetooth) code execution") Live patch for CVE-2017-1000251. Upstream commit e860d2c904d1 ("Bluetooth: Properly check L2CAP config option output buffer length"). Fixes: CVE-2017-1000251 References: bsc#1057950 CVE-2017-1000251 - commit cc6b209 ------------------------------------------------------------------- Wed Sep 6 15:00:48 CEST 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit 538cfa6 ------------------------------------------------------------------- Thu Aug 17 12:13:44 CEST 2017 - nstange@suse.de - Fix for CVE-2017-12762 (drivers/isdn/i4l/isdn_net.c: user-controlled buffer is copied into a localbuffer of constant size using strcpy without a length check which can cause a buffer overflow) Live patch for CVE-2017-12762. Upstream commit 9f5af546e6ac ("isdn/i4l: fix buffer overflow"). Fixes: CVE-2017-12762 References: bsc#1053150 CVE-2017-12762 - commit 17bfc3d ------------------------------------------------------------------- Wed Aug 16 15:11:03 CEST 2017 - nstange@suse.de - bsc#1052368: Refresh The upstream commit for CVE-2017-1000112 differs from the embargoed patch in that the former changes udp_send_skb() as well. Livepatch udp_send_skb() accordingly. References: CVE-2017-1000112 bsc#1052368 bsc#1052311 - commit 669136b ------------------------------------------------------------------- Tue Aug 15 15:00:55 CEST 2017 - nstange@suse.de - Fix CVE-2017-1000112 ("udp: consistently apply ufo or fragmentation") Live patch for CVE-2017-1000112. Upstream commit 85f1bd9a7b5a ("udp: consistently apply ufo or fragmentation"). Fixes: CVE-2017-1000112 References: bsc#1052368 CVE-2017-1000112 - commit b99998e ------------------------------------------------------------------- Thu Aug 3 10:52:21 CEST 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit a191e0a ------------------------------------------------------------------- Tue Aug 1 19:27:26 CEST 2017 - nstange@suse.de - Fix for CVE-2017-7533 (Local privilege escalation issue through dentry name / fsnotify race) Live patch for CVE-2017-7533. Upstream commit 49d31c2f389a ("dentry snapshots"). Note that the upstream changes to vfs_rename() and debugfs_rename() have been left out from this live patch because they are cleanup only and not needed to fix the race in question. Fixes: CVE-2017-7533 References: bsc#1050751 CVE-2017-7533 - commit 9e00b94 ------------------------------------------------------------------- Wed Jul 19 10:28:22 CEST 2017 - nstange@suse.de - Fix for bsc#1047518 ("Btrfs deadlock between btrfs-cleaner and user space thread") Livepatch for bsc#1047518 regression. Can cause spurious WARN_ON's from fs/btrfs/qgroup.c:1445 during patch application if BTRFS quota groups are enabled. Fixes: bsc#1047518 References: bsc#1047518 - commit edbf090 ------------------------------------------------------------------- Tue Jul 11 13:18:26 CEST 2017 - mbenes@suse.cz - bsc#1038564: Prepare for dynamic patch registration In order to prepare for the merge of 4e8dc885be22 ("scripts: create kgr_patch_main.c dynamically"), kgr_patch_bsc1038564.h must declare kgr_patch_bsc1038564_cleanup() and define KGR_PATCH_BSC1038564_FUNCS. Add an empty kgr_patch_bsc1038564_cleanup() implementation. Define KGR_PATCH_BSC1038564_FUNCS in accordance to the KGR_PATCH*() enumeration currently found in kgr_patch_main.c. - commit 37df8c1 ------------------------------------------------------------------- Tue Jul 11 11:46:52 CEST 2017 - nstange@suse.de - bsc#1046206: Fix for CVE-2017-8797 ("remote DoS in nfsd") Live patch for CVE-2017-8797. Upstream commit f961e3f2acae ("nfsd: encoders mustn't use unitialized values in error cases"). Fixes: CVE-2017-8797 References: bsc#1046206 CVE-2017-8797 [ mb: remove spurious colon in kallsyms table s/xdr_reserve_space/kgr_xdr_reserve_space/ ] - commit d907dc2 ------------------------------------------------------------------- Mon Jul 3 13:21:22 CEST 2017 - mbenes@suse.cz - Fix obvious mistake wrt. rpm version and release number - commit cc77a78 ------------------------------------------------------------------- Mon Jul 3 10:51:13 CEST 2017 - mbenes@suse.cz - Bump up the version number in spec file - commit e199959 ------------------------------------------------------------------- Fri Jun 30 16:50:06 CEST 2017 - nstange@suse.de - bsc#1039496: Fix for bsc#1045340 ("regression: java segfaults on latest kernels caused by the stack gap fix") Live patch for bsc#1045340, a SLE specific regression. Affected are SLE12_Update_22, SLE12-SP1_Update_16 and SLE12-SP2_Update_8. This live patch is based on SLE11-SP4 commit cf4d269b082a ("mm, mmap: do not blow on PROT_NONE MAP_FIXED holes in the stack"). Fixes: bsc#1045340 References: bsc#1039496 bsc#1045340 bsc#1045406 bsc#1039348 [mb: s/bnc/bsc/] - commit 9ddc7bf ------------------------------------------------------------------- Thu Jun 29 15:22:43 CEST 2017 - nstange@suse.de - Fix for CVE-2017-7645 ("The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attac...") Live patch for CVE-2017-7645. Upstream commit e6838a29ecb4 ("nfsd: check for oversized NFSv2/v3 arguments"). Fixes: CVE-2017-7645 References: bsc#1046191 CVE-2017-7645 - commit 099953d ------------------------------------------------------------------- Thu Jun 15 17:54:19 CEST 2017 - nstange@suse.de - Fix for CVE-2017-9242 ("Incorrect overwrite check in __ip6_append_data()") Live patch for CVE-2017-9242. Upstream commit 232cd35d0804 ("ipv6: fix out of bound writes in __ip6_append_data()"). Fixes: CVE-2017-9242 References: bsc#1042892 CVE-2017-9242 - commit 1931ec9 ------------------------------------------------------------------- Tue Jun 13 15:54:27 CEST 2017 - nstange@suse.de - scripts/register-patches.sh: register subpatch sources in rpm spec In order to reduce the manual merging work upon addition of new (sub)patches, commit 4e8dc885be22 ("scripts: create kgr_patch_main.c dynamically") introduced the register-patches.sh helper. It discovers those and tweaks the main entry point, kgr_patch_main.c, as needed. However, a remaining manual merging task is to list a (sub)patch's source archive in rpm/kgraft-patch.spec and to %setup it. Make scripts/register-patches.sh do this. Namely, - introduce the @@KGR_PATCHES_SOURCES@@ and @@KGR_PATCHES_SETUP_SOURCES@@ placeholders in rpm/kgraft-patch.spec - and make scripts/register-patches.sh expand those within a spec file to be given as an additional command line argument. Finally, adjust scripts/tar-up.sh accordingly. - commit 9eafc8a ------------------------------------------------------------------- Tue Jun 13 15:51:42 CEST 2017 - nstange@suse.de - scripts/register-patches.sh: don't add ','s to @@KGR_PATCHES_FUNCS@@ register-patches.sh expands kgr_patch_main.c's @@KGR_PATCHES_FUNCS@@ placeholder by concatenating all available patches' KGR_PATCH__FUNCS together, separating them by commas. The KGR_PATCH__FUNCS are CPP macros supposed to be provided by each patch. If one of these happens to be empty, the preprocessed expansion will contain two consecutive commas which gcc doesn't like in array initializers. Do not add any commas to the @@KGR_PATCHES_FUNCS@@ expansion but require the individual KGR_PATCH__FUNCS macros to already contain trailing ones as needed. Fixes: 4e8dc885be22 ("scripts: create kgr_patch_main.c dynamically") - commit ba41416 ------------------------------------------------------------------- Mon Jun 12 00:28:32 CEST 2017 - nstange@suse.de - Fix for CVE-2017-9077 (tcp_v6_syn_recv_sock function mishandles inheritance) Live patch for CVE-2017-9077. Upstream commit 83eaddab4378 ("ipv6/dccp: do not inherit ipv6_mc_list from parent"). Only tcpv6 gets fixed, dccp has been left out as we don't build dccp into SLES kernels. Fixes: CVE-2017-9077 References: bsc#1042364 CVE-2017-9077 [mbenes: spec file is auto generated] - commit 88eef90 ------------------------------------------------------------------- Wed Jun 7 12:05:41 CEST 2017 - nstange@suse.de - scripts: create kgr_patch_main.c dynamically The kgraft-patches repository has got many branches, each corresponding to a supported codestream. Each of those carries a potentially different set of live (sub)patches which are controlled through the entry points in kgr_patch_main.c. According to Miroslav, merging of a new (sub)patch based on the pristine master is a pita due to conflicts. Since all (sub)patches stick to certain conventions already, the required modifications of the merging-hotspot kgr_patch_main.c are quite mechanic. Let a script do the work. Namely, - insert some special @@-embraced placeholders at the few places depending on the actual set of (sub)patches, - let register-patches.sh discover the available (sub)patches by searching for directories - and let register-patches.sh replace those placeholders in kgr_patch_main.c Finally, add a register-patches.sh invocation to tar-up.sh. This procedure requires that a SUBPATCH located in directory SUBPATCH/ adheres to the following conventions: - It must provide a provide a SUBPATCH/kgr_patch_SUBPATCH.h header. - This header must provide declarations for kgr_patch_SUBPATCH_init() and kgr_patch_SUBPATCH_cleanup(). - This header must also #define a KGR_PATCH_SUBPATCH_FUNCS macro. It should expand to a comma separated list of KGR_PATCH*() entries, each corresponding to a function the subpatch wants to replace. [mbenes: fixed typos, empty line removed] - commit 4e8dc88 ------------------------------------------------------------------- Tue Jun 6 09:22:11 CEST 2017 - mbenes@suse.cz - Update IBS_PROJECT to correct maintenance incident after initial submission - commit 289ed71 ------------------------------------------------------------------- Thu Jun 1 17:59:47 CEST 2017 - mbenes@suse.cz - Fix for CVE-2017-8890 (denial of service (double free) by leveraging use of the accept system call) Live patch for CVE-2017-8890. Upstream commit 657831ffc38e ("dccp/tcp: do not inherit mc_list from parent"). Fixes: CVE-2017-8890 References: bsc#1038564 CVE-2017-8890 - commit 8712479 ------------------------------------------------------------------- Wed May 31 19:20:31 CEST 2017 - mbenes@suse.cz - New branch for SLE12-SP2_Update_8 - commit 06e1caa ------------------------------------------------------------------- Mon Apr 24 16:00:54 CEST 2017 - mbenes@suse.cz - Replace $(PWD) with $(CURDIR) in Makefile CURDIR is an internal variable of make and more suitable. - commit 03bf1d5 ------------------------------------------------------------------- Wed Apr 19 14:02:27 CEST 2017 - mbenes@suse.cz - Create Makefile automatically Introduce scripts/create-makefile.sh script to automatically create a makefile. The scripts is called from tar-up.sh or could be called manually. - commit 1af6c29 ------------------------------------------------------------------- Mon Oct 24 13:26:09 CEST 2016 - mbenes@suse.cz - Better to use SUSE:SLE-12:Update than Devel:kGraft:SLE12 project - commit bdc7598 ------------------------------------------------------------------- Tue May 10 15:43:59 CEST 2016 - mbenes@suse.cz - Add compat.h to deal with changes of KGR_PATCH macro Sympos patch set for kGraft redefined KGR_PATCH macro and added two new ones. Add new compat.h which contains macro magic so that all kGraft patches would work on both old and new kernels with the patch set merged. - commit 4186bef ------------------------------------------------------------------- Fri May 6 17:01:17 CEST 2016 - mbenes@suse.cz - Fix the number of parameters of KGR_PATCH macro New kernels contain kGraft's sympos patch set which changed number of paramaters of KGR_PATCH macro and introduced new macros. Fix it in master so it will be ok for new branches. - commit 78cf676 ------------------------------------------------------------------- Tue Sep 1 13:00:23 CEST 2015 - mmarek@suse.com - Include the RPM version number in the module name - commit 8fa02c6 ------------------------------------------------------------------- Wed Aug 26 11:29:44 CEST 2015 - mbenes@suse.cz - Remove forgotten debug option in the Makefile - commit 9c24ab8 ------------------------------------------------------------------- Mon Aug 17 13:42:04 CEST 2015 - mbenes@suse.cz - Add license and copyright notices - commit d42d3aa ------------------------------------------------------------------- Wed Jul 15 15:58:35 CEST 2015 - mbenes@suse.cz - Remove immediate flag Fake signal was merged to kGraft and immediate feature removed. Remove it in kGraft patches from now on too. - commit c767ad2 ------------------------------------------------------------------- Wed May 20 16:32:17 CEST 2015 - mbenes@suse.cz - Set immediate flag to false Using immediate set to true can lead to BUGs and oopses when downgrading, reverting or applying replace_all patches. There is no way how to find out if there is a process in the old code which is being removed. The module would be put, removed and the process will crash. The consistency model guarantees that there is no one in the old code when the finalization ends. Thus use it for all case to be safe. - commit 830e1a3 ------------------------------------------------------------------- Tue May 12 15:48:07 CEST 2015 - mbenes@suse.cz - Fix description in rpm spec file Spec file description mentions initial kGraft patch which is only true for real initial patch. Make it more neutral. References: bsc#930408 - commit a55e023 ------------------------------------------------------------------- Wed Apr 1 15:36:24 CEST 2015 - mbenes@suse.cz - Generate archives names automatically in tar-up.sh - commit 1f34f18 ------------------------------------------------------------------- Wed Apr 1 13:39:26 CEST 2015 - mbenes@suse.cz - Automatically generate .changes file from git log Also add comments to tar-up.sh script to distinguish between sections. - commit 212a7ae ------------------------------------------------------------------- Thu Mar 26 14:24:21 CET 2015 - mmarek@suse.cz - Revert "Require exact kernel version in the patch" This needs to be done differently, so that modprobe --force works as expected. References: bnc#920615 This reverts commit c62c11aecd4e3f8822e1b835fea403acc3148c5a. - commit bc88dd7 ------------------------------------------------------------------- Wed Mar 25 13:10:24 CET 2015 - mmarek@suse.cz - Require exact kernel version in the patch References: bnc#920615 - commit c62c11a ------------------------------------------------------------------- Tue Mar 24 12:15:41 CET 2015 - mmarek@suse.cz - Add the git commit and branch to the package description References: bnc#920633 - commit 1ff4e48 ------------------------------------------------------------------- Wed Nov 26 10:09:14 CET 2014 - mbenes@suse.cz - Set immediate flag for the initial patch Setting immediate to true will simplify installation of the initial patch and possibly also of the further updates. References: bnc#907150 - commit 391b810 ------------------------------------------------------------------- Tue Nov 25 16:26:40 CET 2014 - mbenes@suse.cz - Add .replace_all set to true Add .replace_all flag set to true even to the initial patch. Thus we will not forget to add that later. Also .immediate is there as a comment. - commit 933e15e ------------------------------------------------------------------- Mon Nov 24 15:02:33 CET 2014 - mmarek@suse.cz - Drop the hardcoded kernel release string The updated kgraft-devel macros set this during build time, so we do not need to know the kernel release string beforehand. As a name suffix for the source packages, let's use SLE12_Test in the master branch and SLE12_Update_ in the update branches. - commit 65f7a25 ------------------------------------------------------------------- Fri Nov 21 15:48:48 CET 2014 - mmarek@suse.cz - Check that we are building against the set kernel version - commit 689e44a ------------------------------------------------------------------- Wed Nov 12 04:11:14 CET 2014 - mmarek@suse.cz - Mark the module as supported References: bnc#904970 - commit 6249314 ------------------------------------------------------------------- Tue Nov 11 17:11:28 CET 2014 - mmarek@suse.cz - Build the test packages against Devel:kGraft:SLE12 - commit c952fbb ------------------------------------------------------------------- Thu Nov 6 13:55:43 CET 2014 - mbenes@suse.cz - Add top git commit hash to uname -v Add top git commit hash to version part of uname. This makes the identification of current patch level easy (even in crash: p kgr_tag). References: fate#317769 - commit 54c9595 ------------------------------------------------------------------- Tue Nov 4 16:23:50 CET 2014 - mbenes@suse.cz - Replace @@RELEASE@@ in kgr_patch->name with @@RPMRELEASE@@ We need to replace @@RELEASE@@ in kgr_patch->name with @@RPMRELEASE@@ due to sysfs tree. @@RELEASE@@ changes with each new version of package. - commit 51fd9dd ------------------------------------------------------------------- Mon Nov 3 17:27:24 CET 2014 - mmarek@suse.cz - Add a source-timestamp file with the git commit hash and branch This is required by the bs-upload-kernel script to upload packages to the BS. It can also be used by the specfile in the future. - commit feab4f1 ------------------------------------------------------------------- Mon Nov 3 16:56:31 CET 2014 - mbenes@suse.cz - Initial commit - commit 600de9d ------------------------------------------------------------------- Mon Nov 3 14:59:46 CET 2014 - mmarek@suse.cz - Add config.sh script This tells the automatic builder which IBS project to use. - commit aa7f1cb