Browse code
linux: added ENA driver for AMI
Extras for all kernels:
fix CVE-2017-7487 and CVE-2017-9059
Change-Id: I0c29decf94d29dc53661f3949f286d452c37b278
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/2809
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Bo Gan <ganb@vmware.com>
Alexey Makhalov authored on 2017/05/27 07:02:07Showing 5 changed files
- SPECS/linux-api-headers/linux-api-headers.spec
- SPECS/linux/0002-Added-rap_plugin.patch
- SPECS/linux/linux-esx.spec
- SPECS/linux/linux-secure.spec
- SPECS/linux/linux.spec
| ... | ... |
@@ -1,6 +1,6 @@ |
| 1 | 1 |
Summary: Linux API header files |
| 2 | 2 |
Name: linux-api-headers |
| 3 |
-Version: 4.9.28 |
|
| 3 |
+Version: 4.9.30 |
|
| 4 | 4 |
Release: 1%{?dist}
|
| 5 | 5 |
License: GPLv2 |
| 6 | 6 |
URL: http://www.kernel.org/ |
| ... | ... |
@@ -8,7 +8,7 @@ Group: System Environment/Kernel |
| 8 | 8 |
Vendor: VMware, Inc. |
| 9 | 9 |
Distribution: Photon |
| 10 | 10 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 11 |
-%define sha1 linux=58ca565d0675f518465220b8b2515b10c779c426 |
|
| 11 |
+%define sha1 linux=08d55d9392cf4b176ae17d07dbbb9a22abf0d7b2 |
|
| 12 | 12 |
BuildArch: noarch |
| 13 | 13 |
%description |
| 14 | 14 |
The Linux API Headers expose the kernel's API for use by Glibc. |
| ... | ... |
@@ -25,6 +25,8 @@ find /%{buildroot}%{_includedir} \( -name .install -o -name ..install.cmd \) -de
|
| 25 | 25 |
%defattr(-,root,root) |
| 26 | 26 |
%{_includedir}/*
|
| 27 | 27 |
%changelog |
| 28 |
+* Fri May 26 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.30-1 |
|
| 29 |
+- Version update |
|
| 28 | 30 |
* Tue May 16 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.28-1 |
| 29 | 31 |
- Version update |
| 30 | 32 |
* Wed May 10 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.27-1 |
| ... | ... |
@@ -12661,8 +12661,8 @@ index c2d2895..76324ed 100644 |
| 12661 | 12661 |
{
|
| 12662 | 12662 |
+ struct nfsd4_getdeviceinfo *gdev = _gdev; |
| 12663 | 12663 |
struct xdr_stream *xdr = &resp->xdr; |
| 12664 |
- const struct nfsd4_layout_ops *ops = |
|
| 12665 |
- nfsd4_layout_ops[gdev->gd_layout_type]; |
|
| 12664 |
+ const struct nfsd4_layout_ops *ops; |
|
| 12665 |
+ u32 starting_len = xdr->buf->len, needed_len; |
|
| 12666 | 12666 |
@@ -4147,9 +4228,9 @@ nfsd4_encode_getdeviceinfo(struct nfsd4_compoundres *resp, __be32 nfserr, |
| 12667 | 12667 |
} |
| 12668 | 12668 |
|
| ... | ... |
@@ -12673,8 +12673,8 @@ index c2d2895..76324ed 100644 |
| 12673 | 12673 |
{
|
| 12674 | 12674 |
+ struct nfsd4_layoutget *lgp = _lgp; |
| 12675 | 12675 |
struct xdr_stream *xdr = &resp->xdr; |
| 12676 |
- const struct nfsd4_layout_ops *ops = |
|
| 12677 |
- nfsd4_layout_ops[lgp->lg_layout_type]; |
|
| 12676 |
+ const struct nfsd4_layout_ops *ops; |
|
| 12677 |
+ __be32 *p; |
|
| 12678 | 12678 |
@@ -4182,9 +4263,9 @@ nfsd4_encode_layoutget(struct nfsd4_compoundres *resp, __be32 nfserr, |
| 12679 | 12679 |
} |
| 12680 | 12680 |
|
| ... | ... |
@@ -1,15 +1,15 @@ |
| 1 | 1 |
%global security_hardening none |
| 2 | 2 |
Summary: Kernel |
| 3 | 3 |
Name: linux-esx |
| 4 |
-Version: 4.9.28 |
|
| 5 |
-Release: 2%{?dist}
|
|
| 4 |
+Version: 4.9.30 |
|
| 5 |
+Release: 1%{?dist}
|
|
| 6 | 6 |
License: GPLv2 |
| 7 | 7 |
URL: http://www.kernel.org/ |
| 8 | 8 |
Group: System Environment/Kernel |
| 9 | 9 |
Vendor: VMware, Inc. |
| 10 | 10 |
Distribution: Photon |
| 11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 12 |
-%define sha1 linux=58ca565d0675f518465220b8b2515b10c779c426 |
|
| 12 |
+%define sha1 linux=08d55d9392cf4b176ae17d07dbbb9a22abf0d7b2 |
|
| 13 | 13 |
Source1: config-esx |
| 14 | 14 |
Source2: initramfs.trigger |
| 15 | 15 |
# common |
| ... | ... |
@@ -189,6 +189,8 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg
|
| 189 | 189 |
/usr/src/linux-headers-%{uname_r}
|
| 190 | 190 |
|
| 191 | 191 |
%changelog |
| 192 |
+* Fri May 26 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.30-1 |
|
| 193 |
+- Fix CVE-2017-7487 and CVE-2017-9059 |
|
| 192 | 194 |
* Wed May 17 2017 Vinay Kulkarni <kulkarniv@vmware.com> 4.9.28-2 |
| 193 | 195 |
- Enable IPVLAN module. |
| 194 | 196 |
* Tue May 16 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.28-1 |
| ... | ... |
@@ -1,15 +1,15 @@ |
| 1 | 1 |
%global security_hardening none |
| 2 | 2 |
Summary: Kernel |
| 3 | 3 |
Name: linux-secure |
| 4 |
-Version: 4.9.28 |
|
| 5 |
-Release: 2%{?dist}
|
|
| 4 |
+Version: 4.9.30 |
|
| 5 |
+Release: 1%{?dist}
|
|
| 6 | 6 |
License: GPLv2 |
| 7 | 7 |
URL: http://www.kernel.org/ |
| 8 | 8 |
Group: System Environment/Kernel |
| 9 | 9 |
Vendor: VMware, Inc. |
| 10 | 10 |
Distribution: Photon |
| 11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 12 |
-%define sha1 linux=58ca565d0675f518465220b8b2515b10c779c426 |
|
| 12 |
+%define sha1 linux=08d55d9392cf4b176ae17d07dbbb9a22abf0d7b2 |
|
| 13 | 13 |
Source1: config-secure |
| 14 | 14 |
Source2: aufs4.9.tar.gz |
| 15 | 15 |
Source3: initramfs.trigger |
| ... | ... |
@@ -228,6 +228,8 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg
|
| 228 | 228 |
/usr/src/linux-headers-%{uname_r}
|
| 229 | 229 |
|
| 230 | 230 |
%changelog |
| 231 |
+* Fri May 26 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.30-1 |
|
| 232 |
+- Fix CVE-2017-7487 and CVE-2017-9059 |
|
| 231 | 233 |
* Wed May 17 2017 Vinay Kulkarni <kulkarniv@vmware.com> 4.9.28-2 |
| 232 | 234 |
- Enable IPVLAN module. |
| 233 | 235 |
* Tue May 16 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.28-1 |
| ... | ... |
@@ -1,17 +1,20 @@ |
| 1 | 1 |
%global security_hardening none |
| 2 | 2 |
Summary: Kernel |
| 3 | 3 |
Name: linux |
| 4 |
-Version: 4.9.28 |
|
| 5 |
-Release: 2%{?dist}
|
|
| 4 |
+Version: 4.9.30 |
|
| 5 |
+Release: 1%{?dist}
|
|
| 6 | 6 |
License: GPLv2 |
| 7 | 7 |
URL: http://www.kernel.org/ |
| 8 | 8 |
Group: System Environment/Kernel |
| 9 | 9 |
Vendor: VMware, Inc. |
| 10 | 10 |
Distribution: Photon |
| 11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 12 |
-%define sha1 linux=58ca565d0675f518465220b8b2515b10c779c426 |
|
| 12 |
+%define sha1 linux=08d55d9392cf4b176ae17d07dbbb9a22abf0d7b2 |
|
| 13 | 13 |
Source1: config |
| 14 | 14 |
Source2: initramfs.trigger |
| 15 |
+%define ena_version 1.1.3 |
|
| 16 |
+Source3: https://github.com/amzn/amzn-drivers/archive/ena_linux_1.1.3.tar.gz |
|
| 17 |
+%define sha1 ena_linux=84138e8d7eb230b45cb53835edf03ca08043d471 |
|
| 15 | 18 |
# common |
| 16 | 19 |
Patch0: x86-vmware-read-tsc_khz-only-once-at-boot-time.patch |
| 17 | 20 |
Patch1: x86-vmware-use-tsc_khz-value-for-calibrate_cpu.patch |
| ... | ... |
@@ -91,6 +94,7 @@ This package contains the 'perf' performance analysis tools for Linux kernel. |
| 91 | 91 |
|
| 92 | 92 |
%prep |
| 93 | 93 |
%setup -q -n linux-%{version}
|
| 94 |
+%setup -D -b 3 -n linux-%{version}
|
|
| 94 | 95 |
%patch0 -p1 |
| 95 | 96 |
%patch1 -p1 |
| 96 | 97 |
%patch2 -p1 |
| ... | ... |
@@ -112,6 +116,11 @@ sed -i 's/CONFIG_LOCALVERSION=""/CONFIG_LOCALVERSION="-%{release}"/' .config
|
| 112 | 112 |
make LC_ALL= oldconfig |
| 113 | 113 |
make VERBOSE=1 KBUILD_BUILD_VERSION="1-photon" KBUILD_BUILD_HOST="photon" ARCH="x86_64" %{?_smp_mflags}
|
| 114 | 114 |
make -C tools perf |
| 115 |
+# build ENA module |
|
| 116 |
+bldroot=`pwd` |
|
| 117 |
+pushd ../amzn-drivers-ena_linux_%{ena_version}/kernel/linux/ena
|
|
| 118 |
+make -C $bldroot M=`pwd` VERBOSE=1 modules %{?_smp_mflags}
|
|
| 119 |
+popd |
|
| 115 | 120 |
|
| 116 | 121 |
%define __modules_install_post \ |
| 117 | 122 |
find %{buildroot}/lib/modules/%{uname_r} -name *.ko | xargs xz \
|
| ... | ... |
@@ -134,6 +143,11 @@ install -vdm 755 %{buildroot}/etc/modprobe.d
|
| 134 | 134 |
install -vdm 755 %{buildroot}/usr/src/%{name}-headers-%{uname_r}
|
| 135 | 135 |
install -vdm 755 %{buildroot}/usr/lib/debug/lib/modules/%{uname_r}
|
| 136 | 136 |
make INSTALL_MOD_PATH=%{buildroot} modules_install
|
| 137 |
+# install ENA module |
|
| 138 |
+bldroot=`pwd` |
|
| 139 |
+pushd ../amzn-drivers-ena_linux_%{ena_version}/kernel/linux/ena
|
|
| 140 |
+make -C $bldroot M=`pwd` INSTALL_MOD_PATH=%{buildroot} modules_install
|
|
| 141 |
+popd |
|
| 137 | 142 |
|
| 138 | 143 |
# Verify for build-id match |
| 139 | 144 |
# We observe different IDs sometimes |
| ... | ... |
@@ -253,6 +267,9 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg
|
| 253 | 253 |
/usr/share/doc/* |
| 254 | 254 |
|
| 255 | 255 |
%changelog |
| 256 |
+* Fri May 26 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.30-1 |
|
| 257 |
+- Added ENA driver for AMI |
|
| 258 |
+- Fix CVE-2017-7487 and CVE-2017-9059 |
|
| 256 | 259 |
* Wed May 17 2017 Vinay Kulkarni <kulkarniv@vmware.com> 4.9.28-2 |
| 257 | 260 |
- Enable IPVLAN module. |
| 258 | 261 |
* Tue May 16 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.28-1 |