Sync from SUSE:ALP:Source:Standard:1.0 kernel-livepatch-tools revision 9a01f66af536561b9079b3bd720cf5bb
This commit is contained in:
parent
32ce0bd1ad
commit
92b6dae79f
@ -2,7 +2,10 @@
|
||||
|
||||
rm -f /var/cache/livepatch/*
|
||||
|
||||
for module in /sys/kernel/livepatch/*; do
|
||||
for module in /sys/kernel/livepatch/* ; do
|
||||
# go out when the directory is empty
|
||||
[ "$module" == '/sys/kernel/livepatch/*' ] && break
|
||||
|
||||
/usr/bin/klp store_patch_info "${module#/sys/kernel/livepatch/}"
|
||||
done
|
||||
|
||||
|
||||
@ -1,3 +1,31 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 9 13:59:01 UTC 2024 - Petr Mladek <pmladek@suse.com>
|
||||
|
||||
- Release version 1.5
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 9 13:46:25 UTC 2024 - Petr Mladek <pmladek@suse.com>
|
||||
|
||||
- cache-cleaner: Correctly handle situation when there is no livepatch
|
||||
loaded (bsc#1231422)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 9 13:38:50 UTC 2024 - Petr Mladek <pmladek@suse.com>
|
||||
|
||||
- klp-info-cache.service: Expand %%{_libexecdir} when setting
|
||||
ExecStart. The cache-cleaner script has been moved in SL Micro 6.0
|
||||
(bsc#1231397)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 9 13:35:00 UTC 2024 - Petr Mladek <pmladek@suse.com>
|
||||
|
||||
- klp.sh: Fix downgrade with skipped package version (bsc#1223966)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 9 13:29:52 UTC 2024 - Petr Mladek <pmladek@suse.com>
|
||||
|
||||
- klp.sh: Exit with an error code when downgrade fails (bsc#1223930)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue May 14 14:12:02 UTC 2024 - Petr Mladek <pmladek@suse.com>
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@
|
||||
%define dracutlibdir %{_prefix}/lib/dracut
|
||||
|
||||
Name: kernel-livepatch-tools
|
||||
Version: 1.4
|
||||
Version: 1.5
|
||||
Release: 0
|
||||
Summary: Scripts for installing kernel live patches
|
||||
License: GPL-2.0-only
|
||||
@ -35,7 +35,7 @@ Source8: COPYING
|
||||
Source12: sysconfig.livepatching
|
||||
Source13: cache-cleaner
|
||||
Source14: systemd-default-klp.preset
|
||||
Source15: systemd-klp-info-cache.service
|
||||
Source15: systemd-klp-info-cache.service.in
|
||||
# compatibility with SLE 12, to be removed in SLE > 15
|
||||
Source50: kgr.sh
|
||||
Source51: kgr.man
|
||||
@ -66,10 +66,12 @@ packages.
|
||||
cp %{_sourcedir}/{rpm-helper,dracut-{module-setup,kernel-livepatch}.sh,sysconfig.livepatching} .
|
||||
cp %{_sourcedir}/{kernel-livepatch-subpackage,macros.kernel-livepatch} .
|
||||
cp %{_sourcedir}/k{lp,gr}.{sh,man} .
|
||||
cp %{_sourcedir}/{cache-cleaner,systemd-{default-klp.preset,klp-info-cache.service}} .
|
||||
cp %{_sourcedir}/{cache-cleaner,systemd-{default-klp.preset,klp-info-cache.service.in}} .
|
||||
cp %{_sourcedir}/COPYING .
|
||||
|
||||
%build
|
||||
sed -e "s|@_LIBEXECDIR@|%{_libexecdir}|g" \
|
||||
systemd-klp-info-cache.service.in >systemd-klp-info-cache.service
|
||||
|
||||
%install
|
||||
install -D rpm-helper %{buildroot}%{_libexecdir}/kernel-livepatch/rpm-helper
|
||||
|
||||
84
klp.sh
84
klp.sh
@ -73,9 +73,17 @@ function klp_check() {
|
||||
}
|
||||
|
||||
function klp_patches() {
|
||||
local TYPE="$1"
|
||||
|
||||
unset PATCHES_FOUND
|
||||
for d in /sys/kernel/livepatch/*; do
|
||||
[ ! -d "$d" ] && continue
|
||||
|
||||
if [ "$TYPE" = "active" ] ; then
|
||||
PATCH_ENABLED=$(cat "$d/enabled" 2>/dev/null)
|
||||
[ "$PATCH_ENABLED" -ne 1 ] && continue
|
||||
fi
|
||||
|
||||
PATCH_NAME=${d#/sys/kernel/livepatch/}
|
||||
PATCH_MOD=${PATCH_NAME}
|
||||
echo "${PATCH_MOD}"
|
||||
@ -191,35 +199,59 @@ function klp_downgrade()
|
||||
VERBOSE_ORIG="$VERBOSE"
|
||||
unset VERBOSE
|
||||
|
||||
for patch in $(klp_patches); do
|
||||
RPM_FULL_NAME=$(klp_patch_rpm_name "$patch")
|
||||
if [ -z "$RPM_FULL_NAME" ]; then
|
||||
echo "Warning: cannot determine RPM package for $patch" >&2
|
||||
continue
|
||||
fi
|
||||
ACTIVE_PATCHES=$(klp_patches active)
|
||||
ACTIVE_PATCHES_NUM=$(echo $ACTIVE_PATCHES | wc -w)
|
||||
if [ "$ACTIVE_PATCHES_NUM" -eq 0 ] ; then
|
||||
echo "Error: cannot determine livepatch for downgrade. No active livepatch." >&2
|
||||
exit 1
|
||||
fi
|
||||
if [ "$ACTIVE_PATCHES_NUM" -gt 1 ] ; then
|
||||
echo "Error: cannot determine livepatch for downgrade. Too many active livepatches: $ACTIVE_PATCHES" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
RPM_INFO=$(rpm -q --qf '%{name};%{version}' "$RPM_FULL_NAME")
|
||||
RPM_VERSION=${RPM_INFO#*;}
|
||||
RPM_NAME=${RPM_INFO%;*}
|
||||
if [ "$RPM_VERSION" -le 1 ]; then
|
||||
echo "$RPM_FULL_NAME is the initial kernel live patch and cannot be downgraded."
|
||||
continue
|
||||
fi
|
||||
PATCH="$ACTIVE_PATCHES"
|
||||
RPM_FULL_NAME=$(klp_patch_rpm_name "$PATCH")
|
||||
if [ -z "$RPM_FULL_NAME" ]; then
|
||||
echo "Error: cannot determine RPM package for $PATCH" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
ZYPPER_COMMAND="zypper -n in --oldpackage $RPM_NAME = $(($RPM_VERSION-1))"
|
||||
echo "KLP tool will replace the current kernel live patch with its previous version."
|
||||
echo "The command for downgrade is: $ZYPPER_COMMAND"
|
||||
if [ -z "$NON_INTERACTIVE" ]; then
|
||||
read -p "Continue? (y/N) " -n 1 -r
|
||||
echo
|
||||
else
|
||||
REPLY=Y
|
||||
fi
|
||||
if [[ $REPLY =~ ^[Yy]$ ]]; then
|
||||
eval $ZYPPER_COMMAND
|
||||
fi
|
||||
RPM_INFO=$(rpm -q --qf '%{name};%{version}' "$RPM_FULL_NAME")
|
||||
RPM_VERSION=${RPM_INFO#*;}
|
||||
RPM_NAME=${RPM_INFO%;*}
|
||||
if [ "$RPM_VERSION" -le 1 ]; then
|
||||
echo "Error: $RPM_FULL_NAME is the initial kernel live patch and cannot be downgraded."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
PREV_RPM_VERSION=$(($RPM_VERSION-1))
|
||||
while [ "$PREV_RPM_VERSION" -gt 0 ] ; do
|
||||
zypper -n se -x "$RPM_NAME-$PREV_RPM_VERSION" >/dev/null 2>&1
|
||||
[ "$?" -eq 0 ] && break
|
||||
PREV_RPM_VERSION=$(($PREV_RPM_VERSION-1))
|
||||
done
|
||||
|
||||
if [ "$PREV_RPM_VERSION" -le 0 ] ; then
|
||||
echo "Error: cannot find package with lower version. The currently loaded livepatch is from the package: "$RPM_NAME" = "$RPM_VERSION"" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
ZYPPER_COMMAND="zypper -n in --oldpackage $RPM_NAME = $PREV_RPM_VERSION"
|
||||
echo "KLP tool will replace the current kernel live patch with its previous version."
|
||||
echo "The command for downgrade is: $ZYPPER_COMMAND"
|
||||
if [ -z "$NON_INTERACTIVE" ]; then
|
||||
read -p "Continue? (y/N) " -n 1 -r
|
||||
echo
|
||||
else
|
||||
REPLY=Y
|
||||
fi
|
||||
if [[ $REPLY =~ ^[Yy]$ ]]; then
|
||||
eval $ZYPPER_COMMAND
|
||||
exit_val="$?"
|
||||
[ "$exit_val" -ne 0 ] && exit $exit_val
|
||||
fi
|
||||
|
||||
VERBOSE="$VERBOSE_ORIG"
|
||||
}
|
||||
|
||||
@ -272,7 +304,7 @@ case $1 in
|
||||
store_patch_info)
|
||||
SRCVERSION=$(cat "/sys/module/$2/srcversion")
|
||||
klp_info_from_rpm $2 > "/var/cache/livepatch/$2-$SRCVERSION" ;;
|
||||
patches) klp_patches ;;
|
||||
patches) klp_patches all ;;
|
||||
downgrade) klp_downgrade ;;
|
||||
*) echo "Error: unknown command \`$1'"; exit 1 ;;
|
||||
esac
|
||||
|
||||
@ -7,7 +7,7 @@ ConditionPathIsReadWrite=/var/cache/livepatch
|
||||
Type=oneshot
|
||||
Nice=19
|
||||
IOSchedulingClass=idle
|
||||
ExecStart=/usr/lib/kernel-livepatch/cache-cleaner
|
||||
ExecStart=@_LIBEXECDIR@/kernel-livepatch/cache-cleaner
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
Loading…
Reference in New Issue
Block a user