Compare commits

...

No commits in common. 'i9' and 'c9' have entirely different histories.
i9 ... c9

Binary file not shown.

Binary file not shown.

@ -5,9 +5,9 @@ prompt = no
x509_extensions = myexts x509_extensions = myexts
[ req_distinguished_name ] [ req_distinguished_name ]
O = NCSD LLC O = The CentOS Project
CN = MSVSphere Stream kernel signing key CN = CentOS Stream kernel signing key
emailAddress = security@msvsphere.ru emailAddress = security@centos.org
[ myexts ] [ myexts ]
basicConstraints=critical,CA:FALSE basicConstraints=critical,CA:FALSE

@ -5,9 +5,9 @@ prompt = no
x509_extensions = myexts x509_extensions = myexts
[ req_distinguished_name ] [ req_distinguished_name ]
O = NCSD LLC O = Red Hat
CN = MSVSphere kernel signing key CN = Red Hat Enterprise Linux kernel signing key
emailAddress = security@msvsphere.ru emailAddress = secalert@redhat.com
[ myexts ] [ myexts ]
basicConstraints=critical,CA:FALSE basicConstraints=critical,CA:FALSE

@ -793,7 +793,20 @@ Source1: Makefile.rhelver
%define secureboot_ca_0 %{_datadir}/pki/sb-certs/secureboot-ca-%{_arch}.cer %define secureboot_ca_0 %{_datadir}/pki/sb-certs/secureboot-ca-%{_arch}.cer
%define secureboot_key_0 %{_datadir}/pki/sb-certs/secureboot-kernel-%{_arch}.cer %define secureboot_key_0 %{_datadir}/pki/sb-certs/secureboot-kernel-%{_arch}.cer
%define pesign_name_0 spheresecureboot001
%if 0%{?centos}
%define pesign_name_0 centossecureboot201
%else
%ifarch x86_64 aarch64
%define pesign_name_0 redhatsecureboot501
%endif
%ifarch s390x
%define pesign_name_0 redhatsecureboot302
%endif
%ifarch ppc64le
%define pesign_name_0 redhatsecureboot701
%endif
%endif
# signkernel # signkernel
%endif %endif
@ -870,8 +883,8 @@ Source82: update_scripts.sh
Source84: mod-internal.list Source84: mod-internal.list
Source85: mod-partner.list Source85: mod-partner.list
Source100: msvspheredup1.x509 Source100: rheldup3.x509
Source101: msvspherepatch1.x509 Source101: rhelkpatch1.x509
Source150: dracut-virt.conf Source150: dracut-virt.conf
@ -1178,11 +1191,11 @@ kernel-gcov includes the gcov graph and source files for gcov coverage collectio
%endif %endif
%package -n kernel-abi-stablelists %package -n kernel-abi-stablelists
Summary: The MSVSphere kernel ABI symbol stablelists Summary: The Red Hat Enterprise Linux kernel ABI symbol stablelists
AutoReqProv: no AutoReqProv: no
%description -n kernel-abi-stablelists %description -n kernel-abi-stablelists
The kABI package contains information pertaining to the MSVSphere The kABI package contains information pertaining to the Red Hat Enterprise
kernel ABI, including lists of kernel symbols that are needed by Linux kernel ABI, including lists of kernel symbols that are needed by
external Linux kernel modules, and a yum plugin to aid enforcement. external Linux kernel modules, and a yum plugin to aid enforcement.
%if %{with_kabidw_base} %if %{with_kabidw_base}
@ -1191,8 +1204,8 @@ Summary: The baseline dataset for kABI verification using DWARF data
Group: System Environment/Kernel Group: System Environment/Kernel
AutoReqProv: no AutoReqProv: no
%description kernel-kabidw-base-internal %description kernel-kabidw-base-internal
The package contains data describing the current ABI of the MSVSphere The package contains data describing the current ABI of the Red Hat Enterprise
kernel, suitable for the kabi-dw tool. Linux kernel, suitable for the kabi-dw tool.
%endif %endif
# #
@ -1291,7 +1304,7 @@ Requires: %{name}%{?1:-%{1}}-modules-core-uname-r = %{KVERREL}%{uname_suffix %{?
AutoReq: no\ AutoReq: no\
AutoProv: yes\ AutoProv: yes\
%description %{?1:%{1}-}modules-internal\ %description %{?1:%{1}-}modules-internal\
This package provides kernel modules for the %{?2:%{2} }kernel package for MSVSphere internal usage.\ This package provides kernel modules for the %{?2:%{2} }kernel package for Red Hat internal usage.\
%{nil} %{nil}
# #
@ -1459,7 +1472,7 @@ Requires: %{name}%{?1:-%{1}}-modules-uname-r = %{KVERREL}%{uname_suffix %{?1:%{1
AutoReq: no\ AutoReq: no\
AutoProv: yes\ AutoProv: yes\
%description %{?1:%{1}-}modules-partner\ %description %{?1:%{1}-}modules-partner\
This package provides kernel modules for the %{?2:%{2} }kernel package for MSVSphere partners usage.\ This package provides kernel modules for the %{?2:%{2} }kernel package for Red Hat partners usage.\
%{nil} %{nil}
# Now, each variant package. # Now, each variant package.
@ -1703,7 +1716,7 @@ done
# Adjust FIPS module name for RHEL # Adjust FIPS module name for RHEL
%if 0%{?rhel} %if 0%{?rhel}
for i in *.config; do for i in *.config; do
sed -i 's/CONFIG_CRYPTO_FIPS_NAME=.*/CONFIG_CRYPTO_FIPS_NAME="MSVSphere %{rhel} - Kernel Cryptographic API"/' $i sed -i 's/CONFIG_CRYPTO_FIPS_NAME=.*/CONFIG_CRYPTO_FIPS_NAME="Red Hat Enterprise Linux %{rhel} - Kernel Cryptographic API"/' $i
done done
%endif %endif
@ -1722,6 +1735,18 @@ RHJOBS=$RPM_BUILD_NCPUS PACKAGE_NAME=kernel-rt ./process_configs.sh $OPTS ${spec
cp %{SOURCE82} . cp %{SOURCE82} .
RPM_SOURCE_DIR=$RPM_SOURCE_DIR ./update_scripts.sh %{primary_target} RPM_SOURCE_DIR=$RPM_SOURCE_DIR ./update_scripts.sh %{primary_target}
# We may want to override files from the primary target in case of building
# against a flavour of it (eg. centos not rhel), thus override it here if
# necessary
if [ "%{primary_target}" == "rhel" ]; then
%if 0%{?centos}
echo "Updating scripts/sources to centos version"
RPM_SOURCE_DIR=$RPM_SOURCE_DIR ./update_scripts.sh centos
%else
echo "Not updating scripts/sources to centos version"
%endif
fi
# end of kernel config # end of kernel config
%endif %endif
@ -2424,7 +2449,7 @@ BuildKernel() {
# prune junk from kernel-devel # prune junk from kernel-devel
find $RPM_BUILD_ROOT/usr/src/kernels -name ".*.cmd" -delete find $RPM_BUILD_ROOT/usr/src/kernels -name ".*.cmd" -delete
# MSVSphere UEFI Secure Boot CA cert, which can be used to authenticate the kernel # Red Hat UEFI Secure Boot CA cert, which can be used to authenticate the kernel
mkdir -p $RPM_BUILD_ROOT%{_datadir}/doc/kernel-keys/$KernelVer mkdir -p $RPM_BUILD_ROOT%{_datadir}/doc/kernel-keys/$KernelVer
%if %{signkernel} %if %{signkernel}
install -m 0644 %{secureboot_ca_0} $RPM_BUILD_ROOT%{_datadir}/doc/kernel-keys/$KernelVer/kernel-signing-ca.cer install -m 0644 %{secureboot_ca_0} $RPM_BUILD_ROOT%{_datadir}/doc/kernel-keys/$KernelVer/kernel-signing-ca.cer
@ -3741,10 +3766,6 @@ fi
- powerpc/vdso: augment VDSO32 functions to support 64 bits build (Mamatha Inamdar) [2210074 2203363] - powerpc/vdso: augment VDSO32 functions to support 64 bits build (Mamatha Inamdar) [2210074 2203363]
- redhat: configs: enable CONFIG_DELL_WMI_PRIVACY (Foggy Liu) [2209808 2186163] - redhat: configs: enable CONFIG_DELL_WMI_PRIVACY (Foggy Liu) [2209808 2186163]
* Wed Jun 21 2023 Arkady L. Shane <ashejn@msvsphere.ru> [5.14.0-284.20.1.rt14.305.el9_2]
- Modified to use MSVSphere Secure Boot certificates
- Rebuilt for MSVSphere 9.2.
* Fri Jun 16 2023 Herton R. Krzesinski <herton@redhat.com> [5.14.0-284.20.1.rt14.305.el9_2] * Fri Jun 16 2023 Herton R. Krzesinski <herton@redhat.com> [5.14.0-284.20.1.rt14.305.el9_2]
- [rt] build kernel-rt-5.14.0-284.20.1.rt14.305.el9_2 [2215122] - [rt] build kernel-rt-5.14.0-284.20.1.rt14.305.el9_2 [2215122]
- ice: make writes to /dev/gnssX synchronous (Michal Schmidt) [2213186 2175764] - ice: make writes to /dev/gnssX synchronous (Michal Schmidt) [2213186 2175764]
@ -3881,9 +3902,6 @@ fi
- crypto: jitter - drop kernel-doc notation (Vladis Dronov) [2181727 2175240] - crypto: jitter - drop kernel-doc notation (Vladis Dronov) [2181727 2175240]
- KVM: VMX: Fix crash due to uninitialized current_vmcs (Vitaly Kuznetsov) [2186822 2181329] - KVM: VMX: Fix crash due to uninitialized current_vmcs (Vitaly Kuznetsov) [2186822 2181329]
* Fri Apr 14 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 5.14.0-162.6.1.rt21.168
- Rebuilt for MSVSphere 9.1.
* Wed Apr 12 2023 Luis Claudio R. Goncalves <lgoncalv@redhat.com> [5.14.0-284.11.1.rt14.296.el9_2] * Wed Apr 12 2023 Luis Claudio R. Goncalves <lgoncalv@redhat.com> [5.14.0-284.11.1.rt14.296.el9_2]
- [rt] build kernel-rt-5.14.0-284.11.1.rt14.296.el9_2 [2125474] - [rt] build kernel-rt-5.14.0-284.11.1.rt14.296.el9_2 [2125474]
- vfio: Make the group FD disassociate from the iommu_group (Alex Williamson) [2180649] - vfio: Make the group FD disassociate from the iommu_group (Alex Williamson) [2180649]

Loading…
Cancel
Save