And weird code was commented in SpecParser.py
Change-Id: Ia31f44dfba05abb8b783eb95688083db085a5fc2
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/2114
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Bo Gan <ganb@vmware.com>
... | ... |
@@ -930,7 +930,7 @@ CONFIG_NF_CONNTRACK=m |
930 | 930 |
CONFIG_NF_LOG_COMMON=m |
931 | 931 |
CONFIG_NF_CONNTRACK_MARK=y |
932 | 932 |
CONFIG_NF_CONNTRACK_SECMARK=y |
933 |
-# CONFIG_NF_CONNTRACK_ZONES is not set |
|
933 |
+CONFIG_NF_CONNTRACK_ZONES=y |
|
934 | 934 |
CONFIG_NF_CONNTRACK_PROCFS=y |
935 | 935 |
CONFIG_NF_CONNTRACK_EVENTS=y |
936 | 936 |
CONFIG_NF_CONNTRACK_TIMEOUT=y |
... | ... |
@@ -966,7 +966,30 @@ CONFIG_NF_NAT_SIP=m |
966 | 966 |
CONFIG_NF_NAT_TFTP=m |
967 | 967 |
CONFIG_NF_NAT_REDIRECT=m |
968 | 968 |
CONFIG_NETFILTER_SYNPROXY=m |
969 |
-# CONFIG_NF_TABLES is not set |
|
969 |
+CONFIG_NF_TABLES=m |
|
970 |
+CONFIG_NF_TABLES_INET=m |
|
971 |
+CONFIG_NF_TABLES_NETDEV=m |
|
972 |
+CONFIG_NFT_EXTHDR=m |
|
973 |
+CONFIG_NFT_META=m |
|
974 |
+CONFIG_NFT_NUMGEN=m |
|
975 |
+CONFIG_NFT_CT=m |
|
976 |
+CONFIG_NFT_SET_RBTREE=m |
|
977 |
+CONFIG_NFT_SET_HASH=m |
|
978 |
+CONFIG_NFT_COUNTER=m |
|
979 |
+CONFIG_NFT_LOG=m |
|
980 |
+CONFIG_NFT_LIMIT=m |
|
981 |
+CONFIG_NFT_MASQ=m |
|
982 |
+CONFIG_NFT_REDIR=m |
|
983 |
+CONFIG_NFT_NAT=m |
|
984 |
+CONFIG_NFT_QUEUE=m |
|
985 |
+CONFIG_NFT_QUOTA=m |
|
986 |
+CONFIG_NFT_REJECT=m |
|
987 |
+CONFIG_NFT_REJECT_INET=m |
|
988 |
+CONFIG_NFT_COMPAT=m |
|
989 |
+CONFIG_NFT_HASH=m |
|
990 |
+CONFIG_NF_DUP_NETDEV=m |
|
991 |
+CONFIG_NFT_DUP_NETDEV=m |
|
992 |
+CONFIG_NFT_FWD_NETDEV=m |
|
970 | 993 |
CONFIG_NETFILTER_XTABLES=y |
971 | 994 |
|
972 | 995 |
# |
... | ... |
@@ -1119,12 +1142,20 @@ CONFIG_IP_VS_PE_SIP=m |
1119 | 1119 |
# |
1120 | 1120 |
CONFIG_NF_DEFRAG_IPV4=m |
1121 | 1121 |
CONFIG_NF_CONNTRACK_IPV4=m |
1122 |
+CONFIG_NF_TABLES_IPV4=m |
|
1123 |
+# CONFIG_NFT_CHAIN_ROUTE_IPV4 is not set |
|
1124 |
+CONFIG_NFT_REJECT_IPV4=m |
|
1125 |
+# CONFIG_NFT_DUP_IPV4 is not set |
|
1126 |
+# CONFIG_NF_TABLES_ARP is not set |
|
1122 | 1127 |
CONFIG_NF_DUP_IPV4=m |
1123 | 1128 |
# CONFIG_NF_LOG_ARP is not set |
1124 | 1129 |
CONFIG_NF_LOG_IPV4=m |
1125 | 1130 |
CONFIG_NF_REJECT_IPV4=m |
1126 | 1131 |
CONFIG_NF_NAT_IPV4=m |
1132 |
+# CONFIG_NFT_CHAIN_NAT_IPV4 is not set |
|
1127 | 1133 |
CONFIG_NF_NAT_MASQUERADE_IPV4=m |
1134 |
+# CONFIG_NFT_MASQ_IPV4 is not set |
|
1135 |
+# CONFIG_NFT_REDIR_IPV4 is not set |
|
1128 | 1136 |
CONFIG_NF_NAT_SNMP_BASIC=m |
1129 | 1137 |
CONFIG_NF_NAT_PROTO_GRE=m |
1130 | 1138 |
CONFIG_NF_NAT_PPTP=m |
... | ... |
@@ -1156,11 +1187,18 @@ CONFIG_IP_NF_ARP_MANGLE=m |
1156 | 1156 |
# |
1157 | 1157 |
CONFIG_NF_DEFRAG_IPV6=m |
1158 | 1158 |
CONFIG_NF_CONNTRACK_IPV6=m |
1159 |
+CONFIG_NF_TABLES_IPV6=m |
|
1160 |
+# CONFIG_NFT_CHAIN_ROUTE_IPV6 is not set |
|
1161 |
+CONFIG_NFT_REJECT_IPV6=m |
|
1162 |
+# CONFIG_NFT_DUP_IPV6 is not set |
|
1159 | 1163 |
CONFIG_NF_DUP_IPV6=m |
1160 | 1164 |
CONFIG_NF_REJECT_IPV6=m |
1161 | 1165 |
CONFIG_NF_LOG_IPV6=m |
1162 | 1166 |
CONFIG_NF_NAT_IPV6=m |
1167 |
+# CONFIG_NFT_CHAIN_NAT_IPV6 is not set |
|
1163 | 1168 |
# CONFIG_NF_NAT_MASQUERADE_IPV6 is not set |
1169 |
+# CONFIG_NFT_MASQ_IPV6 is not set |
|
1170 |
+# CONFIG_NFT_REDIR_IPV6 is not set |
|
1164 | 1171 |
CONFIG_IP6_NF_IPTABLES=m |
1165 | 1172 |
CONFIG_IP6_NF_MATCH_AH=m |
1166 | 1173 |
CONFIG_IP6_NF_MATCH_EUI64=m |
... | ... |
@@ -1179,6 +1217,7 @@ CONFIG_IP6_NF_MANGLE=m |
1179 | 1179 |
CONFIG_IP6_NF_RAW=m |
1180 | 1180 |
# CONFIG_IP6_NF_SECURITY is not set |
1181 | 1181 |
# CONFIG_IP6_NF_NAT is not set |
1182 |
+# CONFIG_NF_TABLES_BRIDGE is not set |
|
1182 | 1183 |
CONFIG_BRIDGE_NF_EBTABLES=m |
1183 | 1184 |
CONFIG_BRIDGE_EBT_BROUTE=m |
1184 | 1185 |
CONFIG_BRIDGE_EBT_T_FILTER=m |
... | ... |
@@ -4450,7 +4489,7 @@ CONFIG_CRYPTO_WORKQUEUE=y |
4450 | 4450 |
CONFIG_CRYPTO_CRYPTD=m |
4451 | 4451 |
# CONFIG_CRYPTO_MCRYPTD is not set |
4452 | 4452 |
CONFIG_CRYPTO_AUTHENC=m |
4453 |
-# CONFIG_CRYPTO_TEST is not set |
|
4453 |
+CONFIG_CRYPTO_TEST=m |
|
4454 | 4454 |
CONFIG_CRYPTO_ABLK_HELPER=m |
4455 | 4455 |
CONFIG_CRYPTO_GLUE_HELPER_X86=m |
4456 | 4456 |
|
... | ... |
@@ -4460,14 +4499,14 @@ CONFIG_CRYPTO_GLUE_HELPER_X86=m |
4460 | 4460 |
# CONFIG_CRYPTO_CCM is not set |
4461 | 4461 |
# CONFIG_CRYPTO_GCM is not set |
4462 | 4462 |
# CONFIG_CRYPTO_CHACHA20POLY1305 is not set |
4463 |
-# CONFIG_CRYPTO_SEQIV is not set |
|
4463 |
+CONFIG_CRYPTO_SEQIV=m |
|
4464 | 4464 |
CONFIG_CRYPTO_ECHAINIV=m |
4465 | 4465 |
|
4466 | 4466 |
# |
4467 | 4467 |
# Block modes |
4468 | 4468 |
# |
4469 | 4469 |
CONFIG_CRYPTO_CBC=m |
4470 |
-# CONFIG_CRYPTO_CTR is not set |
|
4470 |
+CONFIG_CRYPTO_CTR=m |
|
4471 | 4471 |
CONFIG_CRYPTO_CTS=m |
4472 | 4472 |
CONFIG_CRYPTO_ECB=m |
4473 | 4473 |
CONFIG_CRYPTO_LRW=m |
... | ... |
@@ -4503,8 +4542,8 @@ CONFIG_CRYPTO_MD5=y |
4503 | 4503 |
# CONFIG_CRYPTO_RMD256 is not set |
4504 | 4504 |
# CONFIG_CRYPTO_RMD320 is not set |
4505 | 4505 |
CONFIG_CRYPTO_SHA1=y |
4506 |
-CONFIG_CRYPTO_SHA1_SSSE3=m |
|
4507 |
-CONFIG_CRYPTO_SHA256_SSSE3=m |
|
4506 |
+# CONFIG_CRYPTO_SHA1_SSSE3 is not set |
|
4507 |
+# CONFIG_CRYPTO_SHA256_SSSE3 is not set |
|
4508 | 4508 |
# CONFIG_CRYPTO_SHA512_SSSE3 is not set |
4509 | 4509 |
# CONFIG_CRYPTO_SHA1_MB is not set |
4510 | 4510 |
# CONFIG_CRYPTO_SHA256_MB is not set |
... | ... |
@@ -4569,6 +4608,7 @@ CONFIG_CRYPTO_ANSI_CPRNG=m |
4569 | 4569 |
CONFIG_CRYPTO_DRBG_MENU=m |
4570 | 4570 |
CONFIG_CRYPTO_DRBG_HMAC=y |
4571 | 4571 |
# CONFIG_CRYPTO_DRBG_HASH is not set |
4572 |
+# CONFIG_CRYPTO_DRBG_CTR is not set |
|
4572 | 4573 |
CONFIG_CRYPTO_DRBG=m |
4573 | 4574 |
CONFIG_CRYPTO_JITTERENTROPY=m |
4574 | 4575 |
CONFIG_CRYPTO_USER_API=m |
... | ... |
@@ -1,6 +1,6 @@ |
1 | 1 |
# |
2 | 2 |
# Automatically generated file; DO NOT EDIT. |
3 |
-# Linux/x86 4.9.2 Kernel Configuration |
|
3 |
+# Linux/x86 4.9.9 Kernel Configuration |
|
4 | 4 |
# |
5 | 5 |
CONFIG_64BIT=y |
6 | 6 |
CONFIG_X86_64=y |
... | ... |
@@ -937,7 +937,30 @@ CONFIG_NF_NAT_SIP=m |
937 | 937 |
CONFIG_NF_NAT_TFTP=m |
938 | 938 |
CONFIG_NF_NAT_REDIRECT=m |
939 | 939 |
CONFIG_NETFILTER_SYNPROXY=m |
940 |
-# CONFIG_NF_TABLES is not set |
|
940 |
+CONFIG_NF_TABLES=m |
|
941 |
+CONFIG_NF_TABLES_INET=m |
|
942 |
+CONFIG_NF_TABLES_NETDEV=m |
|
943 |
+CONFIG_NFT_EXTHDR=m |
|
944 |
+CONFIG_NFT_META=m |
|
945 |
+CONFIG_NFT_NUMGEN=m |
|
946 |
+CONFIG_NFT_CT=m |
|
947 |
+CONFIG_NFT_SET_RBTREE=m |
|
948 |
+CONFIG_NFT_SET_HASH=m |
|
949 |
+CONFIG_NFT_COUNTER=m |
|
950 |
+CONFIG_NFT_LOG=m |
|
951 |
+CONFIG_NFT_LIMIT=m |
|
952 |
+CONFIG_NFT_MASQ=m |
|
953 |
+CONFIG_NFT_REDIR=m |
|
954 |
+CONFIG_NFT_NAT=m |
|
955 |
+CONFIG_NFT_QUEUE=m |
|
956 |
+CONFIG_NFT_QUOTA=m |
|
957 |
+CONFIG_NFT_REJECT=m |
|
958 |
+CONFIG_NFT_REJECT_INET=m |
|
959 |
+CONFIG_NFT_COMPAT=m |
|
960 |
+CONFIG_NFT_HASH=m |
|
961 |
+CONFIG_NF_DUP_NETDEV=m |
|
962 |
+CONFIG_NFT_DUP_NETDEV=m |
|
963 |
+CONFIG_NFT_FWD_NETDEV=m |
|
941 | 964 |
CONFIG_NETFILTER_XTABLES=y |
942 | 965 |
|
943 | 966 |
# |
... | ... |
@@ -1090,12 +1113,20 @@ CONFIG_IP_VS_PE_SIP=m |
1090 | 1090 |
# |
1091 | 1091 |
CONFIG_NF_DEFRAG_IPV4=m |
1092 | 1092 |
CONFIG_NF_CONNTRACK_IPV4=m |
1093 |
+CONFIG_NF_TABLES_IPV4=m |
|
1094 |
+# CONFIG_NFT_CHAIN_ROUTE_IPV4 is not set |
|
1095 |
+CONFIG_NFT_REJECT_IPV4=m |
|
1096 |
+# CONFIG_NFT_DUP_IPV4 is not set |
|
1097 |
+# CONFIG_NF_TABLES_ARP is not set |
|
1093 | 1098 |
CONFIG_NF_DUP_IPV4=m |
1094 | 1099 |
# CONFIG_NF_LOG_ARP is not set |
1095 | 1100 |
CONFIG_NF_LOG_IPV4=m |
1096 | 1101 |
CONFIG_NF_REJECT_IPV4=m |
1097 | 1102 |
CONFIG_NF_NAT_IPV4=m |
1103 |
+# CONFIG_NFT_CHAIN_NAT_IPV4 is not set |
|
1098 | 1104 |
CONFIG_NF_NAT_MASQUERADE_IPV4=m |
1105 |
+# CONFIG_NFT_MASQ_IPV4 is not set |
|
1106 |
+# CONFIG_NFT_REDIR_IPV4 is not set |
|
1099 | 1107 |
CONFIG_NF_NAT_SNMP_BASIC=m |
1100 | 1108 |
CONFIG_NF_NAT_PROTO_GRE=m |
1101 | 1109 |
CONFIG_NF_NAT_PPTP=m |
... | ... |
@@ -1127,11 +1158,18 @@ CONFIG_IP_NF_ARP_MANGLE=m |
1127 | 1127 |
# |
1128 | 1128 |
CONFIG_NF_DEFRAG_IPV6=m |
1129 | 1129 |
CONFIG_NF_CONNTRACK_IPV6=m |
1130 |
+CONFIG_NF_TABLES_IPV6=m |
|
1131 |
+# CONFIG_NFT_CHAIN_ROUTE_IPV6 is not set |
|
1132 |
+CONFIG_NFT_REJECT_IPV6=m |
|
1133 |
+# CONFIG_NFT_DUP_IPV6 is not set |
|
1130 | 1134 |
CONFIG_NF_DUP_IPV6=m |
1131 | 1135 |
CONFIG_NF_REJECT_IPV6=m |
1132 | 1136 |
CONFIG_NF_LOG_IPV6=m |
1133 | 1137 |
CONFIG_NF_NAT_IPV6=m |
1138 |
+# CONFIG_NFT_CHAIN_NAT_IPV6 is not set |
|
1134 | 1139 |
# CONFIG_NF_NAT_MASQUERADE_IPV6 is not set |
1140 |
+# CONFIG_NFT_MASQ_IPV6 is not set |
|
1141 |
+# CONFIG_NFT_REDIR_IPV6 is not set |
|
1135 | 1142 |
CONFIG_IP6_NF_IPTABLES=m |
1136 | 1143 |
CONFIG_IP6_NF_MATCH_AH=m |
1137 | 1144 |
CONFIG_IP6_NF_MATCH_EUI64=m |
... | ... |
@@ -1150,6 +1188,7 @@ CONFIG_IP6_NF_MANGLE=m |
1150 | 1150 |
CONFIG_IP6_NF_RAW=m |
1151 | 1151 |
# CONFIG_IP6_NF_SECURITY is not set |
1152 | 1152 |
# CONFIG_IP6_NF_NAT is not set |
1153 |
+# CONFIG_NF_TABLES_BRIDGE is not set |
|
1153 | 1154 |
CONFIG_BRIDGE_NF_EBTABLES=m |
1154 | 1155 |
CONFIG_BRIDGE_EBT_BROUTE=m |
1155 | 1156 |
CONFIG_BRIDGE_EBT_T_FILTER=m |
... | ... |
@@ -4386,7 +4425,7 @@ CONFIG_CRYPTO_WORKQUEUE=y |
4386 | 4386 |
CONFIG_CRYPTO_CRYPTD=m |
4387 | 4387 |
# CONFIG_CRYPTO_MCRYPTD is not set |
4388 | 4388 |
CONFIG_CRYPTO_AUTHENC=m |
4389 |
-# CONFIG_CRYPTO_TEST is not set |
|
4389 |
+CONFIG_CRYPTO_TEST=m |
|
4390 | 4390 |
CONFIG_CRYPTO_ABLK_HELPER=m |
4391 | 4391 |
CONFIG_CRYPTO_GLUE_HELPER_X86=m |
4392 | 4392 |
|
... | ... |
@@ -4396,14 +4435,14 @@ CONFIG_CRYPTO_GLUE_HELPER_X86=m |
4396 | 4396 |
# CONFIG_CRYPTO_CCM is not set |
4397 | 4397 |
# CONFIG_CRYPTO_GCM is not set |
4398 | 4398 |
# CONFIG_CRYPTO_CHACHA20POLY1305 is not set |
4399 |
-# CONFIG_CRYPTO_SEQIV is not set |
|
4399 |
+CONFIG_CRYPTO_SEQIV=m |
|
4400 | 4400 |
CONFIG_CRYPTO_ECHAINIV=m |
4401 | 4401 |
|
4402 | 4402 |
# |
4403 | 4403 |
# Block modes |
4404 | 4404 |
# |
4405 | 4405 |
CONFIG_CRYPTO_CBC=m |
4406 |
-# CONFIG_CRYPTO_CTR is not set |
|
4406 |
+CONFIG_CRYPTO_CTR=m |
|
4407 | 4407 |
CONFIG_CRYPTO_CTS=m |
4408 | 4408 |
CONFIG_CRYPTO_ECB=m |
4409 | 4409 |
CONFIG_CRYPTO_LRW=m |
... | ... |
@@ -4439,8 +4478,8 @@ CONFIG_CRYPTO_MD5=y |
4439 | 4439 |
# CONFIG_CRYPTO_RMD256 is not set |
4440 | 4440 |
# CONFIG_CRYPTO_RMD320 is not set |
4441 | 4441 |
CONFIG_CRYPTO_SHA1=y |
4442 |
-CONFIG_CRYPTO_SHA1_SSSE3=m |
|
4443 |
-CONFIG_CRYPTO_SHA256_SSSE3=m |
|
4442 |
+# CONFIG_CRYPTO_SHA1_SSSE3 is not set |
|
4443 |
+# CONFIG_CRYPTO_SHA256_SSSE3 is not set |
|
4444 | 4444 |
# CONFIG_CRYPTO_SHA512_SSSE3 is not set |
4445 | 4445 |
# CONFIG_CRYPTO_SHA1_MB is not set |
4446 | 4446 |
# CONFIG_CRYPTO_SHA256_MB is not set |
... | ... |
@@ -4505,6 +4544,7 @@ CONFIG_CRYPTO_DEFLATE=m |
4505 | 4505 |
CONFIG_CRYPTO_DRBG_MENU=m |
4506 | 4506 |
CONFIG_CRYPTO_DRBG_HMAC=y |
4507 | 4507 |
# CONFIG_CRYPTO_DRBG_HASH is not set |
4508 |
+# CONFIG_CRYPTO_DRBG_CTR is not set |
|
4508 | 4509 |
CONFIG_CRYPTO_DRBG=m |
4509 | 4510 |
CONFIG_CRYPTO_JITTERENTROPY=m |
4510 | 4511 |
CONFIG_CRYPTO_USER_API=m |
... | ... |
@@ -2,7 +2,7 @@ |
2 | 2 |
Summary: Kernel |
3 | 3 |
Name: linux-secure |
4 | 4 |
Version: 4.9.13 |
5 |
-Release: 1%{?dist} |
|
5 |
+Release: 2%{?dist} |
|
6 | 6 |
License: GPLv2 |
7 | 7 |
URL: http://www.kernel.org/ |
8 | 8 |
Group: System Environment/Kernel |
... | ... |
@@ -201,6 +201,8 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg |
201 | 201 |
/usr/src/linux-headers-%{uname_r} |
202 | 202 |
|
203 | 203 |
%changelog |
204 |
+* Mon Mar 6 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.13-2 |
|
205 |
+- .config: NSX requirements for crypto and netfilter |
|
204 | 206 |
* Tue Feb 28 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.13-1 |
205 | 207 |
- Update to linux-4.9.13 to fix CVE-2017-5986 and CVE-2017-6074 |
206 | 208 |
- .config: disable XEN guest (needs rap_plugin verification) |
... | ... |
@@ -2,7 +2,7 @@ |
2 | 2 |
Summary: Kernel |
3 | 3 |
Name: linux |
4 | 4 |
Version: 4.9.13 |
5 |
-Release: 1%{?dist} |
|
5 |
+Release: 2%{?dist} |
|
6 | 6 |
License: GPLv2 |
7 | 7 |
URL: http://www.kernel.org/ |
8 | 8 |
Group: System Environment/Kernel |
... | ... |
@@ -243,6 +243,8 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg |
243 | 243 |
/usr/share/doc/* |
244 | 244 |
|
245 | 245 |
%changelog |
246 |
+* Mon Mar 6 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.13-2 |
|
247 |
+- .config: NSX requirements for crypto and netfilter |
|
246 | 248 |
* Tue Feb 28 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.13-1 |
247 | 249 |
- Update to linux-4.9.13 to fix CVE-2017-5986 and CVE-2017-6074 |
248 | 250 |
* Thu Feb 09 2017 Alexey Makhalov <amakhalov@vmware.com> 4.9.9-1 |
... | ... |
@@ -142,12 +142,13 @@ class SpecParser(object): |
142 | 142 |
|
143 | 143 |
def isPackageMacro(self,line): |
144 | 144 |
line=line.strip() |
145 |
- |
|
146 |
- if re.search('^'+'%post',line) : |
|
147 |
- return True |
|
148 |
- elif re.search('^'+'%postun',line) : |
|
149 |
- return True |
|
150 |
- elif re.search('^'+'%files',line) : |
|
145 |
+# What is the point of this function? |
|
146 |
+# Why does it track post/postun sections? |
|
147 |
+# if re.search('^'+'%post',line) : |
|
148 |
+# return True |
|
149 |
+# elif re.search('^'+'%postun',line) : |
|
150 |
+# return True |
|
151 |
+ if re.search('^'+'%files',line) : |
|
151 | 152 |
return True |
152 | 153 |
elif re.search('^'+'%description',line) : |
153 | 154 |
return True |