ALP-pool/kernel-livepatch-tools
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sync from SUSE:ALP:Source:Standard:1.0 kernel-livepatch-tools revision 9a01f66af536561b9079b3bd720cf5bb

Browse Source
This commit is contained in:
Adrian Schröter 2024-10-14 15:17:36 +02:00
parent 32ce0bd1ad
commit 92b6dae79f
5 changed files with 96 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
cache-cleaner
View File

@ -2,7 +2,10 @@
rm -f /var/cache/livepatch/* rm -f /var/cache/livepatch/*
for module in /sys/kernel/livepatch/*; do for module in /sys/kernel/livepatch/* ; do
# go out when the directory is empty
[ "$module" == '/sys/kernel/livepatch/*' ] && break
/usr/bin/klp store_patch_info "${module#/sys/kernel/livepatch/}" /usr/bin/klp store_patch_info "${module#/sys/kernel/livepatch/}"
done done

28
kernel-livepatch-tools.changes
View File

@ -1,3 +1,31 @@
-------------------------------------------------------------------
Wed Oct 9 13:59:01 UTC 2024 - Petr Mladek <pmladek@suse.com>
- Release version 1.5
-------------------------------------------------------------------
Wed Oct 9 13:46:25 UTC 2024 - Petr Mladek <pmladek@suse.com>
- cache-cleaner: Correctly handle situation when there is no livepatch
loaded (bsc#1231422)
-------------------------------------------------------------------
Wed Oct 9 13:38:50 UTC 2024 - Petr Mladek <pmladek@suse.com>
- klp-info-cache.service: Expand %%{_libexecdir} when setting
ExecStart. The cache-cleaner script has been moved in SL Micro 6.0
(bsc#1231397)
-------------------------------------------------------------------
Wed Oct 9 13:35:00 UTC 2024 - Petr Mladek <pmladek@suse.com>
- klp.sh: Fix downgrade with skipped package version (bsc#1223966)
-------------------------------------------------------------------
Wed Oct 9 13:29:52 UTC 2024 - Petr Mladek <pmladek@suse.com>
- klp.sh: Exit with an error code when downgrade fails (bsc#1223930)
------------------------------------------------------------------- -------------------------------------------------------------------
Tue May 14 14:12:02 UTC 2024 - Petr Mladek <pmladek@suse.com> Tue May 14 14:12:02 UTC 2024 - Petr Mladek <pmladek@suse.com>

8
kernel-livepatch-tools.spec
View File

@ -19,7 +19,7 @@
%define dracutlibdir %{_prefix}/lib/dracut %define dracutlibdir %{_prefix}/lib/dracut
Name: kernel-livepatch-tools Name: kernel-livepatch-tools
Version: 1.4 Version: 1.5
Release: 0 Release: 0
Summary: Scripts for installing kernel live patches Summary: Scripts for installing kernel live patches
License: GPL-2.0-only License: GPL-2.0-only
@ -35,7 +35,7 @@ Source8: COPYING
Source12: sysconfig.livepatching Source12: sysconfig.livepatching
Source13: cache-cleaner Source13: cache-cleaner
Source14: systemd-default-klp.preset Source14: systemd-default-klp.preset
Source15: systemd-klp-info-cache.service Source15: systemd-klp-info-cache.service.in
# compatibility with SLE 12, to be removed in SLE > 15 # compatibility with SLE 12, to be removed in SLE > 15
Source50: kgr.sh Source50: kgr.sh
Source51: kgr.man Source51: kgr.man
@ -66,10 +66,12 @@ packages.
cp %{_sourcedir}/{rpm-helper,dracut-{module-setup,kernel-livepatch}.sh,sysconfig.livepatching} . cp %{_sourcedir}/{rpm-helper,dracut-{module-setup,kernel-livepatch}.sh,sysconfig.livepatching} .
cp %{_sourcedir}/{kernel-livepatch-subpackage,macros.kernel-livepatch} . cp %{_sourcedir}/{kernel-livepatch-subpackage,macros.kernel-livepatch} .
cp %{_sourcedir}/k{lp,gr}.{sh,man} . cp %{_sourcedir}/k{lp,gr}.{sh,man} .
cp %{_sourcedir}/{cache-cleaner,systemd-{default-klp.preset,klp-info-cache.service}} . cp %{_sourcedir}/{cache-cleaner,systemd-{default-klp.preset,klp-info-cache.service.in}} .
cp %{_sourcedir}/COPYING . cp %{_sourcedir}/COPYING .
%build %build
sed -e "s|@_LIBEXECDIR@|%{_libexecdir}|g" \
systemd-klp-info-cache.service.in >systemd-klp-info-cache.service
%install %install
install -D rpm-helper %{buildroot}%{_libexecdir}/kernel-livepatch/rpm-helper install -D rpm-helper %{buildroot}%{_libexecdir}/kernel-livepatch/rpm-helper

50
klp.sh
View File

@ -73,9 +73,17 @@ function klp_check() {
} }
function klp_patches() { function klp_patches() {
local TYPE="$1"
unset PATCHES_FOUND unset PATCHES_FOUND
for d in /sys/kernel/livepatch/*; do for d in /sys/kernel/livepatch/*; do
[ ! -d "$d" ] && continue [ ! -d "$d" ] && continue
if [ "$TYPE" = "active" ] ; then
PATCH_ENABLED=$(cat "$d/enabled" 2>/dev/null)
[ "$PATCH_ENABLED" -ne 1 ] && continue
fi
PATCH_NAME=${d#/sys/kernel/livepatch/} PATCH_NAME=${d#/sys/kernel/livepatch/}
PATCH_MOD=${PATCH_NAME} PATCH_MOD=${PATCH_NAME}
echo "${PATCH_MOD}" echo "${PATCH_MOD}"
@ -191,22 +199,45 @@ function klp_downgrade()
VERBOSE_ORIG="$VERBOSE" VERBOSE_ORIG="$VERBOSE"
unset VERBOSE unset VERBOSE
for patch in $(klp_patches); do ACTIVE_PATCHES=$(klp_patches active)
RPM_FULL_NAME=$(klp_patch_rpm_name "$patch") ACTIVE_PATCHES_NUM=$(echo $ACTIVE_PATCHES | wc -w)
if [ "$ACTIVE_PATCHES_NUM" -eq 0 ] ; then
echo "Error: cannot determine livepatch for downgrade. No active livepatch." >&2
exit 1
fi
if [ "$ACTIVE_PATCHES_NUM" -gt 1 ] ; then
echo "Error: cannot determine livepatch for downgrade. Too many active livepatches: $ACTIVE_PATCHES" >&2
exit 1
fi
PATCH="$ACTIVE_PATCHES"
RPM_FULL_NAME=$(klp_patch_rpm_name "$PATCH")
if [ -z "$RPM_FULL_NAME" ]; then if [ -z "$RPM_FULL_NAME" ]; then
echo "Warning: cannot determine RPM package for $patch" >&2 echo "Error: cannot determine RPM package for $PATCH" >&2
continue exit 1
fi fi
RPM_INFO=$(rpm -q --qf '%{name};%{version}' "$RPM_FULL_NAME") RPM_INFO=$(rpm -q --qf '%{name};%{version}' "$RPM_FULL_NAME")
RPM_VERSION=${RPM_INFO#*;} RPM_VERSION=${RPM_INFO#*;}
RPM_NAME=${RPM_INFO%;*} RPM_NAME=${RPM_INFO%;*}
if [ "$RPM_VERSION" -le 1 ]; then if [ "$RPM_VERSION" -le 1 ]; then
echo "$RPM_FULL_NAME is the initial kernel live patch and cannot be downgraded." echo "Error: $RPM_FULL_NAME is the initial kernel live patch and cannot be downgraded."
continue exit 1
fi fi
ZYPPER_COMMAND="zypper -n in --oldpackage $RPM_NAME = $(($RPM_VERSION-1))" PREV_RPM_VERSION=$(($RPM_VERSION-1))
while [ "$PREV_RPM_VERSION" -gt 0 ] ; do
zypper -n se -x "$RPM_NAME-$PREV_RPM_VERSION" >/dev/null 2>&1
[ "$?" -eq 0 ] && break
PREV_RPM_VERSION=$(($PREV_RPM_VERSION-1))
done
if [ "$PREV_RPM_VERSION" -le 0 ] ; then
echo "Error: cannot find package with lower version. The currently loaded livepatch is from the package: "$RPM_NAME" = "$RPM_VERSION"" >&2
exit 1
fi
ZYPPER_COMMAND="zypper -n in --oldpackage $RPM_NAME = $PREV_RPM_VERSION"
echo "KLP tool will replace the current kernel live patch with its previous version." echo "KLP tool will replace the current kernel live patch with its previous version."
echo "The command for downgrade is: $ZYPPER_COMMAND" echo "The command for downgrade is: $ZYPPER_COMMAND"
if [ -z "$NON_INTERACTIVE" ]; then if [ -z "$NON_INTERACTIVE" ]; then
@ -217,8 +248,9 @@ function klp_downgrade()
fi fi
if [[ $REPLY =~ ^[Yy]$ ]]; then if [[ $REPLY =~ ^[Yy]$ ]]; then
eval $ZYPPER_COMMAND eval $ZYPPER_COMMAND
exit_val="$?"
[ "$exit_val" -ne 0 ] && exit $exit_val
fi fi
done
VERBOSE="$VERBOSE_ORIG" VERBOSE="$VERBOSE_ORIG"
} }
@ -272,7 +304,7 @@ case $1 in
store_patch_info) store_patch_info)
SRCVERSION=$(cat "/sys/module/$2/srcversion") SRCVERSION=$(cat "/sys/module/$2/srcversion")
klp_info_from_rpm $2 > "/var/cache/livepatch/$2-$SRCVERSION" ;; klp_info_from_rpm $2 > "/var/cache/livepatch/$2-$SRCVERSION" ;;
patches) klp_patches ;; patches) klp_patches all ;;
downgrade) klp_downgrade ;; downgrade) klp_downgrade ;;
*) echo "Error: unknown command \`$1'"; exit 1 ;; *) echo "Error: unknown command \`$1'"; exit 1 ;;
esac esac

2
systemd-klp-info-cache.service → systemd-klp-info-cache.service.in
View File

@ -7,7 +7,7 @@ ConditionPathIsReadWrite=/var/cache/livepatch
Type=oneshot Type=oneshot
Nice=19 Nice=19
IOSchedulingClass=idle IOSchedulingClass=idle
ExecStart=/usr/lib/kernel-livepatch/cache-cleaner ExecStart=@_LIBEXECDIR@/kernel-livepatch/cache-cleaner
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target