Djam/kernel-6.6
1
0
Fork 0
mirror of https://abf.rosa.ru/djam/kernel-6.6.git synced 2025-02-25 11:52:46 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
kernel-6.6/kernel.spec
Mikhail Novosyolov 9767127bec [bot] upd: 6.1.34 -> 6.1.38 
Changelog:

ACPI: sleep: Avoid breaking S3 wakeup due to might_sleep()
afs: Fix vlserver probe RTT handling
ALSA: hda/realtek: Add a quirk for Compaq N14JP6
ALSA: hda/realtek: Add "Intel Reference board" and "NUC 13" SSID in the ALC256
ALSA: usb-audio: Add quirk flag for HEM devices to enable native DSD playback
ALSA: usb-audio: Fix broken resume due to UAC3 power state
arm64: Add missing Set/Way CMO encodings
arm64: dts: qcom: sc7280-idp: drop incorrect dai-cells from WCD938x SDW
arm64: dts: qcom: sc7280-qcard: drop incorrect dai-cells from WCD938x SDW
arm64: dts: rockchip: Enable GPU on SOQuartz CM4
arm64: dts: rockchip: fix nEXTRST on SOQuartz
arm64: dts: rockchip: Fix rk356x PCIe register and range mappings
arm64/mm: Convert to using lock_mm_and_find_vma()
ARM: dts: Fix erroneous ADS touchscreen polarities
ARM: dts: vexpress: add missing cache properties
arm/mm: Convert to using lock_mm_and_find_vma()
ASoC: amd: yc: Add Thinkpad Neo14 to quirks list for acp6x
ASoC: codecs: wcd938x-sdw: do not set can_multi_write flag
ASoC: cs35l41: Fix default regmap values for some registers
ASoC: dwc: move DMA init to snd_soc_dai_driver probe()
ASoC: fsl_sai: Enable BCI bit if SAI works on synchronous mode with BYP asserted
ASoC: Intel: avs: Account for UID of ACPI device
ASoC: Intel: avs: Add missing checks on FE startup
ASoC: nau8824: Add quirk to active-high jack-detect
ASoC: simple-card: Add missing of_node_put() in case of error
ASoC: soc-pcm: test if a BE can be prepared
ata: libata-scsi: Avoid deadlock on rescan after device resume
be2net: Extend xmit workaround to BE3 chip
bpf/btf: Accept function names that contain dots
bpf: ensure main program has an extable
bpf: Fix a bpf_jit_dump issue for x86_64 with sysctl bpf_jit_enable.
bpf: Fix verifier id tracking of scalars on spill
bpf: Force kprobe multi expected_attach_type for kprobe_multi link
bpf: track immediate values written to stack by BPF_ST instruction
btrfs: can_nocow_file_extent should pass down args->strict from callers
btrfs: do not ASSERT() on duplicated global roots
btrfs: fix an uninitialized variable warning in btrfs_log_inode
btrfs: fix iomap_begin length for nocow writes
btrfs: handle memory allocation failure in btrfs_csum_one_bio
btrfs: scrub: try harder to mark RAID56 block groups read-only
can: isotp: isotp_sendmsg(): fix return error fix on TX path
cgroup: always put cset in cgroup_css_set_put_fork
cgroup: bpf: use cgroup_lock()/cgroup_unlock() wrappers
cgroup: Do not corrupt task iteration when rebinding subsystem
cgroup: fix missing cpus_read_{lock,unlock}() in cgroup_transfer_tasks()
cgroup,freezer: hold cpu_hotplug_lock before freezer_mutex in freezer_css_{online,offline}()
cifs: fix lease break oops in xfstest generic/098
clk: pxa: fix NULL pointer dereference in pxa3xx_clk_update_accr
csky: fix up lock_mm_and_find_vma() conversion
dm: don't lock fs when the map is NULL during suspend or resume
dm thin: fix issue_discard to pass GFP_NOIO to __blkdev_issue_discard
dm thin metadata: check fail_io before using data_sm
docs: Set minimal gtags / GNU GLOBAL version to 6.6.5
Drivers: hv: vmbus: Call hv_synic_free() if hv_synic_alloc() fails
Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs
drm:amd:amdgpu: Fix missing buffer object unlock in failure path
drm/amd/display: Add wrapper to call planes and stream update
drm/amd/display: Do not update DRR while BW optimizations pending
drm/amd/display: edp do not add non-edid timings
drm/amd/display: Ensure vmin and vmax adjust for DCE
drm/amd/display: fix the system hang while disable PSR
drm/amd/display: Remove optimization for VRR updates
drm/amd/display: Use dc_update_planes_and_stream
drm/amdgpu: add missing radeon secondary PCI ID
drm/amdgpu: Don't set struct drm_driver.output_poll_changed
drm/amdgpu: Validate VM ioctl flags.
drm/amdgpu: vcn_4_0 set instance 0 init sched score to 1
drm/amd: Make sure image is written to trigger VBIOS image update flow
drm/amd/pm: workaround for compute workload type on some skus
drm/amd: Tighten permissions on VBIOS flashing attributes
drm/bridge: ti-sn65dsi86: Avoid possible buffer overflow
drm/exynos: fix race condition UAF in exynos_g2d_exec_ioctl
drm/exynos: vidi: fix a wrong error return
drm/nouveau: add nv_encoder pointer check for NULL
drm/nouveau: don't detect DSM for non-NVIDIA device
drm/nouveau/dp: check for NULL nv_connector->native_mode
drm: panel-orientation-quirks: Change Air's quirk to support Air Plus
drm/radeon: fix race condition UAF in radeon_gem_set_domain_ioctl
EDAC/qcom: Get rid of hardcoded register offsets
epoll: ep_autoremove_wake_function should use list_del_init_careful
execve: always mark stack as growing down during early stack setup
execve: expand new process stack manually ahead of time
ext4: drop the call to ext4_error() from ext4_get_group_info()
fbdev: fix potential OOB read in fast_imageblit()
gfs2: Don't get stuck writing page onto itself under direct I/O
gpiolib: Fix GPIO chip IRQ initialization restriction
gpiolib: Fix irq_domain resource tracking for gpiochip_irqchip_add_domain()
gpio: sifive: add missing check for platform_get_irq
HID: hidraw: fix data race on device refcount
HID: logitech-hidpp: add HIDPP_QUIRK_DELAYED_INIT for the T651.
HID: wacom: Add error check to wacom_parse_and_register()
HID: wacom: Use ktime_t rather than int when dealing with timestamps
i2c: imx-lpi2c: fix type char overflow issue when calculating the clock cycle
i2c: mchp-pci1xxxx: Avoid cast to incompatible function type
iavf: remove mask from iavf_irq_enable_queues()
IB/isert: Fix dead lock in ib_isert
IB/isert: Fix incorrect release of isert connection
IB/isert: Fix possible list corruption in CMA handler
IB/uverbs: Fix to consider event queue closing also upon non-blocking mode
ice: Fix XDP memory leak when NIC is brought up and down
ieee802154: hwsim: Fix possible memory leaks
igb: Fix extts capture value format for 82580/i354/i350
igb: fix nvm.ops.read() error handling
igc: Clean the TX buffer and TX descriptor ring
igc: Fix possible system crash when loading module
Input: soc_button_array - add invalid acpi_index DMI quirk handling
io_uring/net: clear msg_controllen on partial sendmsg retry
io_uring/net: disable partial retries for recvmsg with cmsg
io_uring/net: save msghdr->msg_control for retries
io_uring/net: use the correct msghdr union member in io_sendmsg_copy_hdr
io_uring/poll: serialize poll linked timer start with poll removal
io_uring: unlock sqd->lock before sq thread release CPU
ipvlan: fix bound dev checking for IPv6 l3s mode
ipvs: align inner_mac_header for encapsulation
irqchip/gic: Correctly validate OF quirk descriptors
irqchip/gic-v3: Disable pseudo NMIs on Mediatek devices w/ firmware issues
irqchip/meson-gpio: Mark OF related data as maybe unused
kbuild: Update assembler calls to use proper flags and language target
kexec: support purgatories with .text.hot sections
ksmbd: fix out-of-bound read in smb2_write
ksmbd: validate command payload size
ksmbd: validate session id and tree id in the compound request
ksmbd: validate smb request protocol id
KVM: arm64: PMU: Restore the host's PMUSERENR_EL0
KVM: arm64: Restore GICv2-on-GICv3 functionality
KVM: Avoid illegal stage2 mapping on invalid memory slot
LoongArch: Fix perf event id calculation
maple_tree: fix potential out-of-bounds access in mas_wr_end_piv()
media: cec: core: disable adapter in cec_devnode_unregister
media: cec: core: don't set last_initiator if tx in progress
memfd: check for non-NULL file_seals in memfd_create() syscall
MIPS: Alchemy: fix dbdma2
mips/mm: Convert to using lock_mm_and_find_vma()
mips: Move initrd_start check after initrd address sanitisation.
MIPS: Move '-Wa,-msoft-float' check from as-option to cc-option
MIPS: Prefer cc-option for additions to cflags
MIPS: Restore Au1300 support
MIPS: unhide PATA_PLATFORM
mm: always expand the stack with the mmap write lock held
mmc: bcm2835: fix deferred probing
mmc: litex_mmc: set PROBE_PREFER_ASYNCHRONOUS
mmc: meson-gx: fix deferred probing
mmc: meson-gx: remove redundant mmc_request_done() call from irq context
mmc: mmci: stm32: fix max busy timeout calculation
mmc: mtk-sd: fix deferred probing
mmc: mvsdio: fix deferred probing
mmc: omap: fix deferred probing
mmc: omap_hsmmc: fix deferred probing
mmc: owl: fix deferred probing
mmc: sdhci-acpi: fix deferred probing
mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916
mmc: sdhci-spear: fix deferred probing
mmc: sh_mmcif: fix deferred probing
mmc: sunxi: fix deferred probing
mmc: usdhi60rol0: fix deferred probing
mm/fault: convert remaining simple cases to lock_mm_and_find_vma()
mm: Fix copy_from_user_nofault().
mm, hwpoison: try to recover from copy-on write faults
mm, hwpoison: when copy-on-write hits poison, take page offline
mm: introduce new 'lock_mm_and_find_vma()' page fault helper
mm: make find_extend_vma() fail if write lock not held
mm: make the page fault mmap locking killable
mm/mmap: Fix error path in do_vmi_align_munmap()
mm/mmap: Fix error return in do_vmi_align_munmap()
mptcp: consolidate fallback and non fallback state machine
mptcp: ensure listener is unhashed before updating the sk status
mptcp: fix possible divide by zero in recvmsg()
mptcp: fix possible list corruption on passive MPJ
mptcp: handle correctly disconnect() failures
neighbour: delete neigh_lookup_nodev as not used
net: dsa: felix: fix taprio guard band overflow at 10Mbps with jumbo frames
net: dsa: mt7530: fix handling of BPDUs on MT7530 switch
net: dsa: mt7530: fix handling of LLDP frames
net: dsa: mt7530: fix trapping frames on non-MT7621 SoC MT7530 switch
net: enetc: correct the indexes of highest and 2nd highest TCs
net: ethernet: stmicro: stmmac: fix possible memory leak in __stmmac_open
net: ethtool: correct MAX attribute value for stats
netfilter: nfnetlink_osf: fix module autoload
netfilter: nfnetlink: skip error delivery on batch in case of ENOMEM
netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain
netfilter: nf_tables: disallow element updates of bound anonymous sets
netfilter: nf_tables: disallow updates of anonymous sets
netfilter: nf_tables: drop map element references from preparation phase
netfilter: nf_tables: fix chain binding transaction logic
netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
netfilter: nf_tables: integrate pipapo into commit protocol
netfilter: nf_tables: reject unbound anonymous set before commit phase
netfilter: nf_tables: reject unbound chain set before commit phase
netfilter: nft_set_pipapo: .walk does not deal with generations
net: lapbether: only support ethernet devices
net: macsec: fix double free of percpu stats
net/mlx5: DR, Fix wrong action data allocation in decap action
net: phylink: report correct max speed for QUSGMII
net: phylink: use a dedicated helper to parse usgmii control word
net: qca_spi: Avoid high load if QCA7000 is not available
net/sched: act_api: add specific EXT_WARN_MSG for tc action
net/sched: act_api: move TCA_EXT_WARN_MSG to the correct hierarchy
net/sched: act_pedit: Parse L3 Header for L4 offset
net/sched: act_pedit: remove extra check for key type
net/sched: cls_api: Fix lockup on flushing explicitly created chain
net/sched: cls_u32: Fix reference counter leak leading to overflow
net/sched: qdisc_destroy() old ingress and clsact Qdiscs before grafting
net/sched: Refactor qdisc_graft() for ingress and clsact Qdiscs
net/sched: simplify tcf_pedit_act
net: tipc: resize nlattr array to correct size
net: usb: qmi_wwan: add support for Compal RXM-G1
nfcsim.c: Fix error checking for debugfs_create_dir
nilfs2: fix buffer corruption due to concurrent device reads
nilfs2: fix incomplete buffer cleanup in nilfs_btnode_abort_change_key()
nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
nilfs2: prevent general protection fault in nilfs_clear_dirty_page()
nilfs2: reject devices with insufficient block count
nios2: dts: Fix tse_mac "max-frame-size" property
nouveau: fix client work fence deletion race
nubus: Partially revert proc_create_single_data() conversion
null_blk: Fix: memory release when memory_backed=1
NVMe: Add MAXIO 1602 to bogus nid list.
nvme: check IO start time when deciding to defer KA
nvme: double KA polling frequency to avoid KATO with TBKAS on
nvme: improve handling of long keep alives
ocfs2: check new file size on fallocate call
ocfs2: fix use-after-free when unmounting read-only filesystem
octeon_ep: Add missing check for ioremap
octeontx2-af: fixed resource availability check
octeontx2-af: fix lbk link credits on cn10k
octeontx2-af: Fix promiscuous mode
of: overlay: Fix missing of_node_put() in error case of init_overlay_changeset()
parisc: Delete redundant register definitions in <asm/assembly.h>
parisc: fix expand_stack() conversion
parisc: Flush gatt writes and adjust gatt mask in parisc_agp_mask_memory()
parisc: Improve cache flushing for PCXL in arch_sync_dma_for_cpu()
PCI/ACPI: Call _REG when transitioning D-states
PCI/ACPI: Validate acpi_pci_set_power_state() parameter
PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports
PCI: hv: Add a per-bus mutex state_lock
PCI: hv: Fix a race condition bug in hv_pci_query_relations()
PCI: hv: Fix a race condition in hv_irq_unmask() that can cause panic
PCI: hv: Remove the useless hv_pcichild_state from struct hv_pci_dev
perf symbols: Symbol lookup with kcore can fail if multiple segments match stext
ping6: Fix send to link-local addresses with VRF.
platform/x86/amd/pmf: Register notify handler only if SPS is enabled
platform/x86: asus-wmi: Ignore WMI events with codes 0x7B, 0xC0
powerpc/mm: convert coprocessor fault to lock_mm_and_find_vma()
powerpc/mm: Convert to using lock_mm_and_find_vma()
powerpc/purgatory: remove PGO flags
power: supply: ab8500: Fix external_power_changed race
power: supply: bq27xxx: Use mod_delayed_work() instead of cancel() + schedule()
power: supply: Fix logic checking if system is running from battery
power: supply: Ratelimit no data debug output
power: supply: sc27xx: Fix external_power_changed race
qcom: llcc/edac: Fix the base address used for accessing LLCC banks
rcu/kvfree: Avoid freeing new kfree_rcu() memory after old grace period
RDMA/cma: Always set static rate to 0 for RoCE
RDMA/mlx5: Create an indirect flow table for steering anchor
RDMA/mlx5: Fix affinity assignment
RDMA/mlx5: Initiate dropless RQ for RAW Ethernet functions
RDMA/rtrs: Fix rxe_dealloc_pd warning
RDMA/rtrs: Fix the last iu->buf leak in err path
RDMA/rxe: Fix packet length checks
RDMA/rxe: Fix ref count error in check_rkey()
RDMA/rxe: Fix the use-before-initialization error of resp_pkts
RDMA/rxe: Removed unused name from rxe_task struct
RDMA/uverbs: Restrict usage of privileged QKEYs
regmap: spi-avmm: Fix regmap_bus max_raw_write
regulator: Fix error checking for debugfs_create_dir
regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK
revert "net: align SO_RCVMARK required privileges with SO_MARK"
Revert "net: phy: dp83867: perform soft reset and retain established link"
Revert "net/sched: act_api: move TCA_EXT_WARN_MSG to the correct hierarchy"
Revert "PCI: hv: Fix a timing issue which causes kdump to fail occasionally"
Revert "thermal/drivers/mediatek: Use devm_of_iomap to avoid resource leak in mtk_thermal_probe"
riscv/mm: Convert to using lock_mm_and_find_vma()
riscv/purgatory: remove PGO flags
s390/cio: unregister device when the only path is gone
s390/purgatory: disable branch profiling
sched: add new attr TCA_EXT_WARN_MSG to report tc extact message
sch_netem: acquire qdisc lock in netem_change()
scripts: fix the gfp flags header path in gfp-translate
scripts/tags.sh: Resolve gtags empty index generation
scsi: target: core: Fix error path in target_setup_session()
scsi: target: iscsi: Prevent login threads from racing between each other
sctp: fix an error code in sctp_sf_eat_auth()
selftests: forwarding: Fix race condition in mirror installation
selftests: forwarding: hw_stats_l3: Set addrgenmode in a separate step
selftests: gpio: gpio-sim: Fix BUG: test FAILED due to recent change
selftests/mount_setattr: fix redefine struct mount_attr build error
selftests: mptcp: connect: skip disconnect tests if not supported
selftests: mptcp: connect: skip transp tests if not supported
selftests: mptcp: diag: skip listen tests if not supported
selftests: mptcp: join: fix ShellCheck warnings
selftests: mptcp: join: fix "userspace pm add & remove address"
selftests: mptcp: join: helpers to skip tests
selftests: mptcp: join: skip backup if set flag on ID not supported
selftests: mptcp: join: skip check if MIB counter not supported
selftests: mptcp: join: skip fail tests if not supported
selftests: mptcp: join: skip Fastclose tests if not supported
selftests: mptcp: join: skip fullmesh flag tests if not supported
selftests: mptcp: join: skip implicit tests if not supported
selftests: mptcp: join: skip MPC backups tests if not supported
selftests: mptcp: join: skip test if iptables/tc cmds fail
selftests: mptcp: join: skip userspace PM tests if not supported
selftests: mptcp: join: support local endpoint being tracked or not
selftests: mptcp: join: support RM_ADDR for used endpoints or not
selftests: mptcp: join: use 'iptables-legacy' if available
selftests: mptcp: lib: skip if missing symbol
selftests: mptcp: lib: skip if not below kernel version
selftests: mptcp: pm nl: remove hardcoded default limits
selftests: mptcp: pm nl: skip fullmesh flag checks if not supported
selftests: mptcp: remove duplicated entries in usage
selftests: mptcp: sockopt: relax expected returned size
selftests: mptcp: sockopt: skip getsockopt checks if not supported
selftests: mptcp: sockopt: skip TCP_INQ checks if not supported
selftests: mptcp: userspace pm: skip if 'ip' tool is unavailable
selftests: mptcp: userspace pm: skip if not supported
selftests: net: fcnal-test: check if FIPS mode is enabled
selftests: net: tls: check if FIPS mode is enabled
selftests: net: vrf-xfrm-tests: change authentication and encryption algos
selftests/ptp: Fix timestamp printf format for PTP_SYS_OFFSET
selftests/tc-testing: Fix Error: failed to find target LOG
selftests/tc-testing: Fix Error: Specified qdisc kind is unknown.
selftests/tc-testing: Fix SFB db test
serial: lantiq: add missing interrupt ack
sfc: fix XDP queues mode with legacy IRQ
sfc: use budget for TX completions
smb3: missing null check in SMB2_change_notify
smb: move client and server files to common directory fs/smb
soundwire: dmi-quirks: add new mapping for HP Spectre x360
soundwire: qcom: add proper error paths in qcom_swrm_startup()
sparc32: fix lock_mm_and_find_vma() conversion
spi: cadence-quadspi: Add missing check for dma_set_mask
spi: fsl-dspi: avoid SCK glitches with continuous transfers
spi: lpspi: disable lpspi module irq in DMA mode
spi: spi-geni-qcom: correctly handle -EPROBE_DEFER from dma_request_chan()
test_firmware: prevent race conditions by a correct implementation of locking
test_firmware: Use kstrtobool() instead of strtobool()
thunderbolt: dma_test: Use correct value for absent rings when creating paths
thunderbolt: Do not touch CL state configuration during discovery
thunderbolt: Mask ring interrupt on Intel hardware as well
tick/common: Align tick period during sched_timer setup
tools: gpio: fix debounce_period_us output of lsgpio
tpm_crb: Add support for CRB devices based on Pluton
tpm, tpm_tis: Claim locality in interrupt handler
tty: serial: fsl_lpuart: make rx_watermark configurable for different platforms
tty: serial: fsl_lpuart: reduce RX watermark to 0 on LS1028A
USB: dwc3: fix use-after-free on core driver unbind
usb: dwc3: gadget: Reset num TRBs before giving back the request
USB: dwc3: qcom: fix NULL-deref on suspend
usb: gadget: udc: core: Offload usb_udc_vbus_handler processing
usb: gadget: udc: core: Prevent soft_connect_store() race
usb: gadget: udc: fix NULL dereference in remove()
USB: serial: option: add Quectel EM061KGL series
usb: typec: Fix fast_role_swap_current show function
usb: typec: ucsi: Fix command cancellation
vhost_net: revert upend_idx only on retriable error
vhost_vdpa: tell vqs about the negotiated
wifi: cfg80211: fix double lock bug in reg_wdev_chan_valid()
wifi: cfg80211: fix link del callback to call correct handler
wifi: cfg80211: fix locking in regulatory disconnect
wifi: iwlwifi: pcie: Handle SO-F device for PCI id 0x7AF0
wifi: mac80211: fix link activation settings order
wifi: mac80211: take lock before setting vif links
writeback: fix dereferencing NULL mapping->host on writeback_page_template
x86/apic: Fix kernel panic when booting with intremap=off and x2apic_phys
x86/boot/compressed: prefer cc-option for CFLAGS additions
x86/head/64: Switch to KERNEL_CS as soon as new GDT is installed
x86/microcode/AMD: Load late on both threads too
x86/mm: Avoid using set_pgd() outside of real PGD pages
x86/purgatory: remove PGO flags
x86/smp: Cure kexec() vs. mwait_play_dead() breakage
x86/smp: Dont access non-existing CPUID leaf
x86/smp: Make stop_other_cpus() more robust
x86/smp: Remove pointless wmb()s from native_stop_other_cpus()
x86/smp: Use dedicated cache-line for mwait_play_dead()
xen/blkfront: Only check REQ_FUA for writes
xfrm: Ensure policies always checked on XFRM-I input path
xfrm: fix inbound ipv4/udp/esp packets to UDPv6 dualstack sockets
xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c
xfrm: Linearize the skb after offloading if needed.
xfrm: Treat already-verified secpath entries as optional
xtensa: fix lock_mm_and_find_vma in case VMA not found
xtensa: fix NOMMU build with lock_mm_and_find_vma() conversion
zswap: do not shrink if cgroup may not zswap

Updated by kernel-updater-bot (https://abf.io/mikhailnov/kernel-updater-bot)
2023-07-05 23:17:06 +03:00

1815 lines
65 KiB
RPMSpec
Raw Blame History

# _get_email() in %%build contains bashisms for regexping
%define _buildshell /bin/bash
# brp-python-bytecompile uses /usr/bin/python,
# but it is a different python version in different ROSA
# releases; there is no good way to tell brp-python-bytecompile
# which iterpreter to use; so just disable it to avoid problems
%define _python_bytecompile_build 0
# Probably dwz bug, on i686 only file is not packaged:
# /usr/lib/debug/usr/bin/trace-5.4.40-3.i386.debug.#dwz#.b5xuKG
# dwz compresses only debuginfo from perf, cpupower, uml,
# not the kernel itself (because it is stripped not by RPM),
# so we do not loose much by disabling it.
%global _find_debuginfo_dwz_opts %{nil}
# Put everything into one non-standard debuginfo subpackage
# TODO: make multiple debuginfo packages coinstallable as installonlypkg,
# to achive this, there must be no conflicting files.
# Probably signing and compressing of kernel modules
# has to be moved to %%_spec_install_post.
%global _debuginfo_subpackages %{nil}
%global _debuginfo_template %{nil}
%undefine _debugsource_packages
# Avoid rediffing patches like AUFS when possible
%define _default_patch_fuzz 10
# Hack: flavour and major version are variable, make %%_build_pkgcheck_* always detect and use this config
%global _build_pkgcheck_set %(echo "%{_build_pkgcheck_set}" | sed -e 's,/%{name}.rpmlintrc,/kernel.rpmlintrc,')
%global _build_pkgcheck_srpm %(echo "%{_build_pkgcheck_srpm}" | sed -e 's,/%{name}.rpmlintrc,/kernel.rpmlintrc,')
%define kernelversion 6
%define patchlevel 1
%define sublevel 38
# Release number. Increase this before a rebuild.
%define rpmrel 1
%define fullrpmrel %{rpmrel}
%define rpmtag %{disttag}
# Version defines
%define kversion %{kernelversion}.%{patchlevel}.%{sublevel}
%define kverrel %{kversion}-%{fullrpmrel}
%define tar_ver %{kernelversion}.%{patchlevel}
%ifarch %{ix86}
%define arch_suffix i686
%endif
%ifarch %{x86_64}
%define arch_suffix x86_64
%endif
%ifarch aarch64
%define arch_suffix arm64
%endif
%define buildrpmrel %{fullrpmrel}%{rpmtag}-%{arch_suffix}
%define buildrel %{kversion}-%{buildrpmrel}
# Add not only the build time generated key to the trusted keyring,
# but also add public keys of private ROSA's keys
%bcond_without additional_keys
# Fail the build after "make oldconfig" to edit kernel configs
%bcond_with fail
# User Mode Linux, https://habr.com/ru/company/itsumma/blog/459558/
# Not buildable on aarch64, rarely needed in general
%bcond_with uml
# "Nickel" is a special brand for certified distros
%if %{mdvver} == 201905
%bcond_without nickel
# Require kernel modules to be signed
%bcond_without oblig_signed_modules
%else
%bcond_with nickel
%bcond_with oblig_signed_modules
%endif
# Build binary out-of-tree kernel modules (experimental)
%bcond_without binary_extra_modules
# Sign kernel modules with GOST key (experimental)
%bcond_without gost_sign
%bcond_with ccache
%bcond_without flow_abi
%bcond_without aufs
# 1. VirtualBox is for x86_32 and x86_64 only
# 2. I do not know how to solve the problem that userspace part of VirtualBox
# will be updated ahead of these binary modules. So just off building them.
%bcond_with binary_virtualbox_host
# Shredder-kernel works only on x86_64, makes manipulations with syscalls tables,
# loading/unloading of the module failed sometimes on kernel 5.4
# and it has not been adapted for kernel 5.10 (is not buildable)
%bcond_with binary_shredder
# Compress modules with zstd (zstd is good compression and fast decompression)
%bcond_without compress_modules
# Spend more resources on compression, but make resulting size less;
# decompression speed will not be affected, but more memory will be required
# which should not a problem here (performance penalty from allocating more
# memory should not be big, I think, but I did not benchmark).
%define zstd_cmd zstd -q --format=zstd --ultra -22
# Kernel flavour
%if %{with nickel}
%define flavour nickel
%else
%define flavour generic
%endif
# The full kernel version
%define kver_full %{kversion}-%{flavour}-%{buildrpmrel}
############################################################################
%define top_dir_name kernel-%{_arch}
%define build_dir ${RPM_BUILD_DIR}/%{top_dir_name}
%define src_dir %{build_dir}/linux-%{tar_ver}
# Common target directories
%define _bootdir /boot
%define _modulesdir /lib/modules
%define devel_root /usr/src/linux-%{kver_full}
%define initrd_path %{_bootdir}/initrd-%{kver_full}.img
# Directories needed for building
%define temp_root %{build_dir}/temp-root
%define temp_boot %{temp_root}%{_bootdir}
%define temp_modules %{temp_root}%{_modulesdir}
%define temp_devel_root %{temp_root}%{devel_root}
# Directories definition needed for installing
%define target_boot %{buildroot}%{_bootdir}
%define target_modules %{buildroot}%{_modulesdir}
# Manual control of creating and deleting keys
# "rnd" is "random" and means that a key pair is generated at build time
# and is not saved anywhere.
%define certs_dir_rnd certs
%define certs_signing_key_priv_rnd %{certs_dir_rnd}/signing_key_priv.key
%define certs_signing_der %{certs_dir_rnd}/signing_key.x509
%define certs_key_config_rnd %{certs_dir_rnd}/x509.genkey
%define certs_public_keys %{certs_dir_rnd}/public.pem
%define certs_verify_tmp %{certs_dir_rnd}/verify.tmp
%define kernel_files %{_builddir}/kernel_files.list
%define debuginfo_files %{_builddir}/debuginfo_files.list
# Append list of files generate by find-debuginfo.sh to our custom list
%global __debug_install_post \
%{__debug_install_post} \
cat %{_builddir}/debugfiles.list >> %{debuginfo_files}
############################################################################
%if %{with binary_extra_modules}
# global instead of define to speed up things
%global nvidia_340_j %{kroko_j -p kernel-source-nvidia340 -r 340}
%global nvidia_340_n %{kroko_n -p kernel-source-nvidia340 -r 340}
%global nvidia_390_j %{kroko_j -p kernel-source-nvidia390 -r 390}
%global nvidia_390_n %{kroko_n -p kernel-source-nvidia390 -r 390}
%global nvidia_470_j %{kroko_j -p kernel-source-nvidia470 -r 470}
%global nvidia_470_n %{kroko_n -p kernel-source-nvidia470 -r 470}
%global nvidia_510_j %{kroko_j -p kernel-source-nvidia510 -r 510}
%global nvidia_510_n %{kroko_n -p kernel-source-nvidia510 -r 510}
%global nvidia_515_j %{kroko_j -p kernel-source-nvidia515 -r 515}
%global nvidia_515_n %{kroko_n -p kernel-source-nvidia515 -r 515}
%global nvidia_520_j %{kroko_j -p kernel-source-nvidia520 -r 520}
%global nvidia_520_n %{kroko_n -p kernel-source-nvidia520 -r 520}
%global nvidia_525_j %{kroko_j -p kernel-source-nvidia525 -r 525}
%global nvidia_525_n %{kroko_n -p kernel-source-nvidia525 -r 525}
# For SRPM stage when auto-krokodil-rpm-macros is not installed
%{?!kroko_mk_release:%global kroko_mk_release(n:) %{nil}}
%{?!kroko_req_modules_in_kernel:%global kroko_req_modules_in_kernel(j:n:p:) %{nil}}
# global, not define, must be expanded only once
%global kroko_release %kroko_mk_release -n kernel-%{kernelversion}.%{patchlevel}-%{flavour}
%endif #/binary_extra_modules
############################################################################
# Buildtime flags
%{?_without_doc: %global build_doc 0}
%{?_without_devel: %global build_devel 0}
%{?_without_debug: %global build_debug 0}
%{?_without_perf: %global build_perf 0}
%{?_without_cpupower: %global build_cpupower 0}
%{?_with_doc: %global build_doc 1}
%{?_with_devel: %global build_devel 1}
%{?_with_debug: %global build_debug 1}
%{?_with_perf: %global build_perf 1}
%{?_with_cpupower: %global build_cpupower 1}
%{?_with_modxz: %global build_modxz 0}
# Build defines
%define build_doc 1
%define build_devel 1
%define build_debug 1
# Build kernel-headers package
%define build_headers 0
# Build perf and cpupower tools
%define build_perf 1
%define build_cpupower 1
%if %{with compress_modules}
%if %{with modxz}
%define kmod_suffix .xz
%else
%define kmod_suffix .zst
%endif
%else
%define kmod_suffix %{nil}
%endif
%if !%{build_debug}
# Disable debug rpms.
%define _enable_debug_packages %{nil}
%define debug_package %{nil}
%endif
# End of user definitions
# http://nickdesaulniers.github.io/blog/2018/06/02/speeding-up-linux-kernel-builds-with-ccache/
%if %{with ccache}
%define kmake KBUILD_BUILD_TIMESTAMP='' %make CC='ccache gcc' ARCH="%{arch_type}"
%else
%define kmake %make CC='gcc' ARCH="%{arch_type}"
%endif
# There are places where parallel make don't work
%define smake make
%ifarch %{ix86} %{x86_64}
%define arch_type x86
%endif
%ifarch aarch64
%define arch_type arm64
%endif
# Parallelize xargs invocations on smp machines
%define kxargs xargs %([ -z "$RPM_BUILD_NCPUS" ] \\\
&& RPM_BUILD_NCPUS="`/usr/bin/getconf _NPROCESSORS_ONLN`"; \\\
[ "$RPM_BUILD_NCPUS" -gt 1 ] && echo "-P $RPM_BUILD_NCPUS")
#
# SRC RPM description
#
Summary: The Linux kernel
Name: kernel-%{kernelversion}.%{patchlevel}-%{flavour}
Version: %{kversion}
Release: %{fullrpmrel}
License: GPLv2
Group: System/Kernel and hardware
Url: https://www.kernel.org
ExclusiveArch: %{x86_64} %{ix86} aarch64
####################################################################
#
# Sources
#
#Source0: https://cdn.kernel.org/pub/linux/kernel/v%{kernelversion}.x/linux-%{tar_ver}.tar.xz
Source0: https://github.com/torvalds/linux/archive/refs/tags/v6.1.tar.gz?/linux-6.1.tar.gz
# This is for disabling *config, mrproper, prepare, scripts on -devel rpms
# Needed, because otherwise the -devel won't build correctly.
#Source2: 0001-disable-mrproper-prepare-scripts-configs-in-devel-rp.patch
# TODO: Make a separate package "ksobirator" and BR it
# after testing these macros properly
Source3: macros.ksobirator
%{load:%{SOURCE3}}
# Kernel configuration files.
Source111: kernel-x86_64.config
Source112: kernel-i686.config
Source113: kernel-arm64.config
# Cpupower: the service, the config, etc.
Source50: cpupower.service
Source51: cpupower.config
Source52: cpupower-start.sh
Source53: cpupower.path
Source80: kernel.rpmlintrc
# Additional keys that can be used to sign kernel modules
# Generated by https://abf.io/soft/kernel-keys
# Source201..206: public_key_GOST_*.pem
%{expand:%(for i in `seq 1 6`; do echo "Source$((200+${i})): public_key_GOST_${i}.pem"; done)}
# Source207..212: public_key_RSA_*.pem
%{expand:%(for i in `seq 7 12`; do echo "Source$((200+${i})): public_key_RSA_${i}.pem"; done)}
####################################################################
# Patches
# The patch to make kernel x.y.z from x.y.0.
Patch1: https://cdn.kernel.org/pub/linux/kernel/v%{kernelversion}.x/patch-%{kversion}.xz
# ROSA-specific patches
Patch2: kernel-5.10.93-fix-perf-build.patch
# Keep in sync with patch in r8168
Patch3: 0001-r8169-remove-devices-supported-by-r8168.patch
# Perf docs are built after all the kernels. To validate the xml files
# generated during that process, xmlto tries to get DTD files from the Net.
# If it fails, the whole build fails, which is unfortunate. Let us avoid
# this.
Patch101: 0001-perf-skip-xmlto-validation.patch
# http://bugs.rosalinux.ru/show_bug.cgi?id=6235
# http://bugs.rosalinux.ru/show_bug.cgi?id=6459
Patch102: 0001-audit-make-it-less-verbose.patch
%if %{with aufs}
# https://github.com/sfjro/aufs-linux/compare/830b3c68c1fb1e9176028d02ef86f3cf76aa2476..834d19786ccd95485e397fc0f36ef7d6c3b04c95.diff
Patch103: aufs-6.1.diff
%endif
# For kmod() generator of RPM Provides
# Changes version of aacraid.ko
Patch111: 0001-Remove-RPM-illegal-chars-from-module-version.patch
# AltHa LSM Module
# https://www.altlinux.org/AltHa
# http://git.altlinux.org/gears/k/kernel-image-un-def.git
# TODO: known problem: https://bugzilla.altlinux.org/show_bug.cgi?id=38225
Patch201: 0001-altha.patch
# sent to upstream, https://patchwork.kernel.org/patch/11446123/
Patch302: 0001-sign-file-full-functionality-with-modern-LibreSSL.patch
# Allow to off modules signature check dynamically
Patch306: 0001-ROSA-ima-allow-to-off-modules-signature-check-dynami.patch
# Support sound on notebook Aquarius NS685U R11 (https://linux-hardware.org/?probe=339dc3db60)
Patch0401: 0401-ASoC-es8316-Use-increased-GPIO-debounce-time.patch
Patch0402: 0402-ASoC-Intel-sof_es8336-Add-more-quirks-for-Russian-ha.patch
Patch0403: 0403-ASoC-Intel-sof_es8336-Add-a-quirk-for-Aquarius-NS685.patch
# Support Baikal-M (aarch64)
# From https://github.com/asheplyakov/linux/commits/baikalm-6.1.y
Patch0600: 0600-clk-added-Baikal-M-clock-management-unit-driver.patch
Patch0601: 0601-cpufreq-dt-don-t-load-on-Baikal-M-SoC.patch
Patch0602: 0602-serial-8250_dw-verify-clock-rate-in-dw8250_set_termi.patch
Patch0603: 0603-usb-dwc3-of-simple-added-compatible-string-for-Baika.patch
Patch0604: 0604-dw-pcie-refuse-to-load-on-Baikal-M-with-recent-firmw.patch
Patch0605: 0605-arm64-Enable-armv8-based-Baikal-M-SoC-support.patch
Patch0606: 0606-efi-rtc-avoid-calling-efi.get_time-on-Baikal-M-SoC.patch
Patch0607: 0607-arm64-stub-fixed-secondary-cores-boot-on-Baikal-M-So.patch
Patch0608: 0608-pm-disable-all-sleep-states-on-Baikal-M-based-boards.patch
Patch0609: 0609-net-fwnode_get_phy_id-consider-all-compatible-string.patch
Patch0610: 0610-net-stmmac-inital-support-of-Baikal-T1-M-SoCs-GMAC.patch
Patch0611: 0611-dt-bindings-dwmac-Add-bindings-for-Baikal-T1-M-SoCs.patch
Patch0612: 0612-net-dwmac-baikal-added-compatible-strings.patch
Patch0613: 0613-Added-TF307-TF306-board-management-controller-driver.patch
Patch0614: 0614-hwmon-bt1-pvt-access-registers-via-pvt_-readl-writel.patch
Patch0615: 0615-hwmon-bt1-pvt-define-pvt_readl-pvt_writel-for-Baikal.patch
Patch0616: 0616-hwmon-bt1-pvt-adjusted-probing-for-Baikal-M-SoC.patch
Patch0617: 0617-hwmon-bt1-pvt-added-compatible-baikal-pvt.patch
Patch0618: 0618-drm-new-bridge-driver-stdp4028.patch
Patch0619: 0619-drm-added-Baikal-M-SoC-video-display-unit-driver.patch
Patch0620: 0620-drm-bridge-dw-hdmi-support-ahb-audio-hw-revision-0x2.patch
Patch0621: 0621-dt-bindings-dw-hdmi-added-ahb-audio-regshift.patch
Patch0622: 0622-drm-bridge-dw-hdmi-force-ahb-audio-register-offset-f.patch
Patch0623: 0623-drm-panfrost-forcibly-set-dma-coherent-on-Baikal-M.patch
Patch0624: 0624-drm-panfrost-disable-devfreq-on-Baikal-M.patch
Patch0625: 0625-ALSA-hda-Baikal-M-support.patch
Patch0626: 0626-PCI-pcie-baikal-driver-for-Baikal-M-with-new-firmwar.patch
Patch0627: 0627-BROKEN-dwc-i2s-support-Baikal-M-SoC.patch
Patch0628: 0628-input-added-TF307-serio-PS-2-emulator-driver.patch
Patch0629: 0629-input-new-driver-serdev-serio.patch
Patch0630: 0630-phy-realtek-leds-configuration-for-RTL8211f.patch
Patch0631: 0631-arm64-defconfig-for-Baikal-M-testing.patch
# Disable AutoReq
AutoReq: 0
# but keep autoprov for kmod(xxx)
AutoProv: 1
BuildRequires: bash
BuildRequires: bc
BuildRequires: binutils
BuildRequires: bison
BuildRequires: bzip2
%if %{with ccache}
BuildRequires: ccache
%endif
BuildRequires: flex
BuildRequires: gcc
# ./scripts/mkcompile_h
BuildRequires: hostname
BuildRequires: kmod-compat
BuildRequires: rsync
%if %{with compress_modules}
%if %{with modxz}
BuildRequires: xz
%else
BuildRequires: zstd
%endif
%endif
%ifarch aarch64
BuildRequires: uboot-tools
%endif
BuildRequires: kmod-devel
BuildRequires: pkgconfig(libelf)
%ifarch x86_64 aarch64
BuildRequires: numa-devel
%endif
%if %{with uml}
BuildRequires: vde-devel
%endif
# For power tools
BuildRequires: pkgconfig(ncurses)
# For perf, cpufreq and all other tools
# For cpupower
%if %{build_cpupower}
BuildRequires: pciutils-devel
%endif
# For perf
%if %{build_perf}
BuildRequires: asciidoc
BuildRequires: perl-ExtUtils-Embed
BuildRequires: python3
BuildRequires: xmlto
BuildRequires: audit-devel
BuildRequires: binutils-devel
BuildRequires: elfutils-devel
BuildRequires: java-1.8.0-openjdk-devel
BuildRequires: libunwind-devel
BuildRequires: newt-devel
BuildRequires: perl-devel
BuildRequires: pkgconfig(babeltrace)
BuildRequires: pkgconfig(libcap)
BuildRequires: pkgconfig(libcrypto)
BuildRequires: pkgconfig(python3)
BuildRequires: pkgconfig(slang)
BuildRequires: pkgconfig(zlib)
BuildRequires: python3-setuptools
%endif
# (To generate keys)
# LibreSSL has GOST support without editing openssl.cnf
# or dlopen()-ing external library
BuildRequires: libressl
BuildRequires: libressl-devel
# To verify signatures (find, xargs, hexdump)
BuildRequires: findutils
BuildRequires: util-linux
%if %{with binary_extra_modules}
BuildRequires: auto-krokodil-rpm-macros
BuildRequires: kernel-source-rtl8821cu
BuildRequires: kernel-source-rtl88x2bu
BuildRequires: kernel-source-rtl8812au
BuildRequires: kernel-source-rtl8821au
BuildRequires: kernel-source-rtl8814au
BuildRequires: kernel-source-rtk_btusb
BuildRequires: kernel-source-rtl8188gu
BuildRequires: kernel-source-rtl8723du
BuildRequires: kernel-source-rtl8852au
BuildRequires: kernel-source-rtl8192du
BuildRequires: kernel-source-rtw89
BuildRequires: kernel-source-r8168
# Broadcom-wl and nvidia contain a proprietary blob which is only for x86
%ifarch %{ix86} %{x86_64}
BuildRequires: kernel-source-broadcom-wl
BuildRequires: kernel-source-nvidia340
BuildRequires: kernel-source-nvidia390
%endif
# Nvidia470+ are x86_64 only (maybe aarch64 will be also packaged later)
%ifarch %{x86_64}
BuildRequires: kernel-source-nvidia470
BuildRequires: kernel-source-nvidia510
BuildRequires: kernel-source-nvidia515
BuildRequires: kernel-source-nvidia520
BuildRequires: kernel-source-nvidia525
%endif
BuildRequires: kernel-source-tripso
BuildRequires: kernel-source-ipt-so
%if %{with binary_virtualbox_host}
BuildRequires: kernel-source-virtualbox
%endif
BuildRequires: kernel-source-v4l2loopback
%if %{with binary_shredder}
BuildRequires: kernel-source-shredder-kernel
%endif
# Rosa-test-suite is maintained in certified branches only nlkm, memfreetest, pcietest
%if %{with nickel}
BuildRequires: kernel-source-rosa-test-suite
%endif
%endif
# End of with binary_extra_modules
Provides: kernel = %{EVRD}
Provides: kernel-%{flavour} = %{EVRD}
Provides: kernel-abi(%{kver_full}) = %{EVRD}
# Dnf config-manager --dump | grep installonly
Provides: installonlypkg(kernel) = %{EVRD}.image
Provides: installonlypkg(kernel) = %{EVRD}.modules
# >= because of added support of zstd-compressed modules
Requires(posttrans): dracut >= 053-0.git5eb736.5
Requires(posttrans): kmod >= 28-3
# Need for rebuild dkms drivers
Recommends: (%{name}-devel%{_isa} = %{EVRD} if dkms)
# not blob, support of devices supported by r8168 is removed from r8169
Recommends: %{ksob_module_pkg_name r8168} = %{EVRD}
# Usually necessary, but sometimes user may want to not install them
Recommends: crda
Recommends: linux-firmware
Recommends: microcode
# Set BFQ as default scheduler for HDDs
# https://www.phoronix.com/scan.php?page=article&item=linux-50hdd-io
Recommends: udev-rules-ioschedulers
Recommends: wireless-regdb
%if %{with flow_abi}
Requires: kernel-%{kernelversion}.%{patchlevel}-rosa-flow-abi
%endif
%ifarch %{ix86}
Conflicts: arch(x86_64)
%endif
# XXX temporary hack to upgrade from kernel-headers 1:5.4
%if %{build_headers}
Recommends: kernel-headers = %{EVRD}
%endif
%if %{with binary_extra_modules}
%ifarch %{ix86} %{x86_64}
%kroko_req_modules_in_kernel -j %{nvidia_340_j} -n %{nvidia_340_n} -p %{kver_full}
%kroko_req_modules_in_kernel -j %{nvidia_390_j} -n %{nvidia_390_n} -p %{kver_full}
%endif
%ifarch %{x86_64}
%kroko_req_modules_in_kernel -j %{nvidia_470_j} -n %{nvidia_470_n} -p %{kver_full}
%kroko_req_modules_in_kernel -j %{nvidia_510_j} -n %{nvidia_510_n} -p %{kver_full}
%kroko_req_modules_in_kernel -j %{nvidia_515_j} -n %{nvidia_515_n} -p %{kver_full}
%kroko_req_modules_in_kernel -j %{nvidia_520_j} -n %{nvidia_520_n} -p %{kver_full}
%kroko_req_modules_in_kernel -j %{nvidia_525_j} -n %{nvidia_525_n} -p %{kver_full}
%endif
%endif
%description
The kernel package contains the Linux kernel (vmlinuz), the core of your
operating system. The kernel handles the basic functions
of the operating system: memory allocation, process allocation, device
input and output, etc. This is a general-purpose kernel.
%posttrans
# update information about modules, useful if kernel-module* packages were
# installed in one transaction with this kernel (%%transfiletrigger* will run later)
depmod -a %{kver_full}
# We always regenerate initrd here, even if it already exists. This may
# happen if kernel-<...>-devel is installed first, triggers rebuild of
# DKMS modules and some of these request remaking of initrd. The initrd
# that is created then will be non-functional. But when the user installs
# kernel-<...> package, that defunct initrd will be replaced with a working
# one here.
dracut -f %{initrd_path} %{kver_full}
# File triggers from grub packages will handle this.
#/usr/sbin/update-grub2
%transfiletriggerin -- %{_modulesdir}/%{kver_full}
# Detect all modules, including ones inside kernel-module* packages
if grep -qE '/.*\.ko(|\..*)' ; then
depmod -a %{kver_full}
fi
%transfiletriggerpostun -- %{_modulesdir}/%{kver_full}
# Handle e.g. removal of kernel-module* packages
# List of files is not available here (?)
depmod -a %{kver_full}
%files -f %{kernel_files}
%{_bootdir}/System.map-%{kver_full}
%{_bootdir}/symvers-%{kver_full}.*
%{_bootdir}/config-%{kver_full}
%{_bootdir}/vmlinuz-%{kver_full}
%ghost %{initrd_path}
%ifarch %{armx}
%{_bootdir}/dtb-%{kver_full}
%endif
%{_modulesdir}/%{kver_full}/modules.*
%if %{with flow_abi}
%{_modulesdir}/%{kver_full}/kernel/zzz-%{kernelversion}.%{patchlevel}-rosa-flow-abi
%endif
%if %{with binary_extra_modules}
%exclude %{_modulesdir}/%{kver_full}/kernel/net/wireless/8821cu.ko%{kmod_suffix}
%exclude %{_modulesdir}/%{kver_full}/kernel/net/wireless/88x2bu.ko%{kmod_suffix}
%exclude %{_modulesdir}/%{kver_full}/kernel/net/wireless/8812au.ko%{kmod_suffix}
%exclude %{_modulesdir}/%{kver_full}/kernel/net/wireless/8821au.ko%{kmod_suffix}
%exclude %{_modulesdir}/%{kver_full}/kernel/net/wireless/8814au.ko%{kmod_suffix}
%exclude %{_modulesdir}/%{kver_full}/kernel/drivers/bluetooth/rtk_btusb.ko%{kmod_suffix}
%exclude %{_modulesdir}/%{kver_full}/kernel/net/wireless/8188gu.ko%{kmod_suffix}
%exclude %{_modulesdir}/%{kver_full}/kernel/net/wireless/8723du.ko%{kmod_suffix}
%exclude %{_modulesdir}/%{kver_full}/kernel/net/wireless/8852au.ko%{kmod_suffix}
%exclude %{_modulesdir}/%{kver_full}/kernel/net/wireless/8192du.ko%{kmod_suffix}
%exclude %{_modulesdir}/%{kver_full}/kernel/net/wireless/realtek/rtw89p
%exclude %{_modulesdir}/%{kver_full}/kernel/drivers/net/ethernet/realtek/r8168.ko%{kmod_suffix}
%ifarch %{ix86} %{x86_64}
%exclude %{_modulesdir}/%{kver_full}/kernel/net/wireless/wl.ko%{kmod_suffix}
%endif
%if %{with binary_shredder}
%exclude %{_modulesdir}/%{kver_full}/kernel/extra/shredder-kernel.ko%{kmod_suffix}
%endif
%exclude %{_modulesdir}/%{kver_full}/kernel/drivers/media/v4l2loopback.ko%{kmod_suffix}
%if %{with binary_virtualbox_host}
# vbox host modules may be built here (vboxnetflt vboxnetadp vboxdrv vboxpci)
# vbox guest modules are in the mainline kernel now (vboxvideo vboxguest vboxsf)
%exclude %{_modulesdir}/%{kver_full}/kernel/misc/vbox*.ko%{kmod_suffix}
%endif
%exclude %{_modulesdir}/%{kver_full}/kernel/net/xt_TRIPSO.ko%{kmod_suffix}
%exclude %{_modulesdir}/%{kver_full}/kernel/net/xt_so.ko%{kmod_suffix}
%if %{with nickel}
%exclude %{_modulesdir}/%{kver_full}/kernel/misc/nlkm.ko%{kmod_suffix}
%exclude %{_modulesdir}/%{kver_full}/kernel/misc/memfreetest.ko%{kmod_suffix}
%exclude %{_modulesdir}/%{kver_full}/kernel/misc/pcietest.ko%{kmod_suffix}
%endif
%endif
# End of with binary_extra_modules
############################################################################
%if %{build_devel}
%package devel
Summary: Development files for %{name}
Group: Development/Kernel
Requires: glibc-devel
Requires: ncurses-devel
Requires: gcc
Requires: make
Requires: perl
Requires: %{name} = %{EVRD}
Provides: kernel-devel = %{kverrel}
Provides: kernel-%{flavour}-devel = %{kverrel}
Provides: installonlypkg(kernel) = %{EVRD}.devel
# Have dkms updated/installed before the kernel, scriptlet here checks if dkms exists
OrderWithRequires(post): dkms
# Try to remove the main kernel package after removing this devel package
# because there may be dkms-built kernel modules inside directories owned
# by the main package, try to get rid of such files before RPM starts to
# deal with directories owned in the main package
# (note that the devel package does not explicitly require the main package,
# there is no need to do so, a kernel module may be built using just the devel part).
OrderWithRequires(postun): %{name} = %{EVRD}
%ifarch %{ix86}
Conflicts: arch(x86_64)
%endif
%description devel
This package contains the kernel files (headers and build tools) that should
be enough to build additional drivers for use with %{name}.
%post devel
if command -v dkms_autoinstaller >/dev/null 2>&1; then
dkms_autoinstaller start %{kver_full}
fi
%preun devel
# If any DKMS modules with REMAKE_INITRD=yes in their configs have been
# uninstalled, initrd has been regenerated for the given kernel. However,
# the kernel itself might have been uninstalled before, so that (defunct)
# initrd image files would be left behind. Remove them if the kernel itself
# is no longer installed. Should work if they are uninstalled in parallel
# too.
if ! test -f /boot/vmlinuz-%{kver_full}; then
rm -f /boot/initrd-%{kver_full}.img
rm -f /boot/initrd-%{kver_full}_old.img
fi
if ! command -v dkms >/dev/null 2>&1; then exit 0; fi
for ii in $(/usr/sbin/dkms status -k %{kver_full} | awk '{ print $1 $2; }'); do
mod=$(echo $ii | awk -v FS=',' '{ print $1; }')
ver=$(echo $ii | awk -v FS=',' '{ print $2; }')
/usr/sbin/dkms --rpm_safe_upgrade uninstall -m $mod -v $ver -k %{kver_full} || :
done
%files devel
%{devel_root}
%{_modulesdir}/%{kver_full}/build
%{_modulesdir}/%{kver_full}/source
%endif
# End of build_devel
############################################################################
%if %{build_debug}
%package debuginfo
Summary: Debuginfo for %{name}
Group: Development/Debug
Provides: kernel-debug = %{kverrel}
AutoReq: 0
AutoProv: 0
%description debuginfo
This package contains the files with debuginfo for %{name}.
%files debuginfo -f %{debuginfo_files}
%{_bootdir}/vmlinux-%{kver_full}
%endif
# End of build_debug
############################################################################
%if %{build_doc}
%package doc
Summary: Various documentation bits found in the kernel source
Group: Documentation
BuildArch: noarch
%description doc
This package contains documentation files from the kernel source.
%files doc
%doc linux-%{tar_ver}/Documentation/*
%endif
############################################################################
%if %{build_perf}
%package -n perf
Summary: perf tool and the supporting documentation
Group: System/Kernel and hardware
%description -n perf
The package contains perf tool and the supporting documentation.
%files -n perf
%{_bindir}/perf
%ifarch x86_64
%{_bindir}/perf-read-vdso32
%endif
%{_bindir}/trace
%{_includedir}/perf/perf_dlfilter.h
%dir %{_libexecdir}/perf-core
%dir %{_libdir}/traceevent
%dir %{_libdir}/traceevent/plugins
%{_libdir}/libperf-jvmti.so
%{_libdir}/traceevent/plugins/*
%{_libexecdir}/perf-core/*
%{_mandir}/man[1-8]/perf*
%{_sysconfdir}/bash_completion.d/perf
%{_datadir}/perf-core/strace/groups/*
%{_datadir}/doc/perf-tip/*.txt
/usr/lib/perf/examples/bpf/*
/usr/lib/perf/include/bpf/*
%endif
############################################################################
%if %{build_cpupower}
%package -n cpupower
Summary: The cpupower tools
Group: System/Kernel and hardware
%description -n cpupower
The cpupower tools.
%post -n cpupower
if [ $1 -ge 0 ]; then
# Do not enable/disable cpupower.service directly, because it should start
# when cpupower.path triggers it.
/bin/systemctl enable cpupower.path >/dev/null 2>&1 || :
/bin/systemctl start cpupower.path >/dev/null 2>&1 || :
fi
%preun -n cpupower
if [ $1 -eq 0 ]; then
/bin/systemctl --no-reload disable cpupower.path > /dev/null 2>&1 || :
/bin/systemctl stop cpupower.path > /dev/null 2>&1 || :
fi
%files -n cpupower -f cpupower.lang
%config(noreplace) %{_sysconfdir}/sysconfig/cpupower
%{_bindir}/cpupower
%{_bindir}/cpupower-start.sh
%{_libdir}/libcpupower.so.0
%{_libdir}/libcpupower.so.0.0.1
%{_unitdir}/cpupower.service
%{_unitdir}/cpupower.path
%{_datadir}/bash-completion/completions/cpupower
%{_mandir}/man[1-8]/cpupower*
############################################################################
%package -n cpupower-devel
Summary: Development files for cpupower
Group: Development/Kernel
Requires: cpupower = %{EVRD}
Conflicts: %{_lib}cpufreq-devel
%description -n cpupower-devel
This package contains the development files for cpupower.
%files -n cpupower-devel
%{_libdir}/libcpupower.so
%{_includedir}/cpufreq.h
%{_includedir}/cpuidle.h
%endif
############################################################################
%if %{build_headers}
%package -n kernel-headers
Summary: Linux kernel header files mostly used by your C library
Group: System/Kernel and hardware
Provides: linux-userspace-headers = %{EVRD}
Provides: kernel-release-headers = %{EVRD}
%description -n kernel-headers
C header files from the Linux kernel. The header files define
structures and constants that are needed for building most
standard programs, notably the C library.
This package is not suitable for building kernel modules, you
should use the 'kernel-devel' package instead.
%files -n kernel-headers
%{_includedir}/*
# Don't conflict with cpupower-devel
%if %{build_cpupower}
%exclude %{_includedir}/cpufreq.h
%exclude %{_includedir}/cpuidle.h
%endif
%if %{build_perf}
%exclude %{_includedir}/perf/perf_dlfilter.h
%endif
%endif
############################################################################
%if %{with uml}
%package uml
Summary: User Mode Linux binary
Group: System/Kernel and hardware
Provides: kernel-uml = %{kverrel}
Provides: kernel-uml-%{flavour} = %{kverrel}
Provides: installonlypkg(kernel) = %{EVRD}.uml
%description uml
User Mode Linux binary.
Stripped, debug is in %{name}-debuginfo.
%files uml
%{_bindir}/linux-uml-%{kver_full}
#-----------------------------------------------------------------------------
%package uml-modules
Summary: User Mode Linux (UML) kernel modules
Group: System/Kernel and hardware
Provides: kernel-uml-modules = %{kverrel}
Provides: kernel-uml-modules-%{flavour} = %{kverrel}
Provides: installonlypkg(kernel-module) = %{EVRD}.uml
%description uml-modules
User Mode Linux (UML) kernel modules:
- not compressed;
- not stripped;
- signed.
%files uml-modules
/lib/modules-uml/%{kver_full}
%endif
# End of uml
#-----------------------------------------------------------------------------
###############################
# Extra modules package definitions
%if %{with binary_extra_modules}
%ksob_mk_module_pkg -n 8821cu -s net/wireless
# add "-r rtl88x2bu-blacklist" in 5.18+!!!
%ksob_mk_module_pkg -n 88x2bu -s net/wireless
# "-r xxx-blacklist" was not added for modules bellow because
# blacklisted modules have not appeared in upstream yet
%ksob_mk_module_pkg -n 8812au -s net/wireless
# for RTL8811AU and RTL8821AU
%ksob_mk_module_pkg -n 8821au -s net/wireless
%ksob_mk_module_pkg -n 8814au -s net/wireless
%ksob_mk_module_pkg -n rtk_btusb -s drivers/bluetooth -r rtk_btusb-firmware
%ksob_mk_module_pkg -n 8188gu -s net/wireless
%ksob_mk_module_pkg -n 8723du -s net/wireless
%ksob_mk_module_pkg -n 8852au -s net/wireless
%ksob_mk_module_pkg -n 8192du -s net/wireless
%ksob_mk_modules_pkg -n rtw89 -s net/wireless/realtek/rtw89p
%ksob_mk_module_pkg -n r8168 -s drivers/net/ethernet/realtek
%ifarch %{ix86} %{x86_64}
%ksob_mk_module_pkg -n wl -s net/wireless -r broadcom-wl-aliases
%kroko_kmod_pkg -r %{kroko_release} -j %{nvidia_340_j} -n %{nvidia_340_n} -f %{flavour} -k %{kernelversion}.%{patchlevel} -m %{sublevel} -p %{kver_full} -s %{NAME} -c %{kmod_suffix}
%kroko_kmod_pkg -r %{kroko_release} -j %{nvidia_390_j} -n %{nvidia_390_n} -f %{flavour} -k %{kernelversion}.%{patchlevel} -m %{sublevel} -p %{kver_full} -s %{NAME} -c %{kmod_suffix}
%endif
%ifarch %{x86_64}
%kroko_kmod_pkg -r %{kroko_release} -j %{nvidia_470_j} -n %{nvidia_470_n} -f %{flavour} -k %{kernelversion}.%{patchlevel} -m %{sublevel} -p %{kver_full} -s %{NAME} -c %{kmod_suffix}
%kroko_kmod_pkg -r %{kroko_release} -j %{nvidia_510_j} -n %{nvidia_510_n} -f %{flavour} -k %{kernelversion}.%{patchlevel} -m %{sublevel} -p %{kver_full} -s %{NAME} -c %{kmod_suffix}
%kroko_kmod_pkg -r %{kroko_release} -j %{nvidia_515_j} -n %{nvidia_515_n} -f %{flavour} -k %{kernelversion}.%{patchlevel} -m %{sublevel} -p %{kver_full} -s %{NAME} -c %{kmod_suffix}
%kroko_kmod_pkg -r %{kroko_release} -j %{nvidia_520_j} -n %{nvidia_520_n} -f %{flavour} -k %{kernelversion}.%{patchlevel} -m %{sublevel} -p %{kver_full} -s %{NAME} -c %{kmod_suffix}
%kroko_kmod_pkg -r %{kroko_release} -j %{nvidia_525_j} -n %{nvidia_525_n} -f %{flavour} -k %{kernelversion}.%{patchlevel} -m %{sublevel} -p %{kver_full} -s %{NAME} -c %{kmod_suffix}
%endif
%ksob_mk_module_pkg -n xt_TRIPSO -s net -r tripso
%ksob_mk_module_pkg -n xt_so -s net -r ipt-so
%ksob_mk_module_pkg -n v4l2loopback -s drivers/media -r v4l2loopback
%if %{with binary_shredder}
%ksob_mk_module_pkg -n shredder-kernel -s extra -r rosa-shredder-user
%endif
#-----------------------------------------------------------------------------
###############
# Virtualbox host
%if %{with binary_virtualbox_host}
%ksob_mk_module_pkg -n vboxnetflt -s misc
%ksob_mk_module_pkg -n vboxnetadp -s misc
%ksob_mk_module_pkg -n vboxdrv -s misc
%ksob_mk_module_pkg -n vboxpci -s misc
# A package which will pull all those modules
%package -n kernel-modules-virtualbox-host-%{ksob_kernel}
Summary: Meta package to pull VirtualBox host kernel modules for kernel-%{flavour}-%{kernelversion}.%{patchlevel}
Group: System/Kernel and hardware
Requires: %ksob_module_pkg_name vboxnetflt
Requires: %ksob_module_pkg_name vboxnetadp
Requires: %ksob_module_pkg_name vboxdrv
Requires: %ksob_module_pkg_name vboxpci
%description -n kernel-modules-virtualbox-host-%{ksob_kernel}
Meta package to pull VirtualBox host kernel modules for %{name}.
%files -n kernel-modules-virtualbox-host-%{ksob_kernel}
# empty
%endif
#End of ifarch x86
#-----------------------------------------------------------------------------
%if %{with nickel}
%ksob_mk_module_pkg -n nlkm -s misc
%ksob_mk_module_pkg -n memfreetest -s misc
%ksob_mk_module_pkg -n pcietest -s misc
%endif
%endif
# End of binary_extra_modules
#################################################################
%if %{with flow_abi}
%package -n kernel-%{kernelversion}.%{patchlevel}-rosa-flow-abi
Summary: Directory to install third-party binary kernel modules for kernels %{kernelversion}.%{patchlevel}.x
Group: System/Kernel and hardware
%description -n kernel-%{kernelversion}.%{patchlevel}-rosa-flow-abi
This package contains a directory to install third-party binary kernel modules for kernels %{kernelversion}.%{patchlevel}.x.
Some vendors provide binary-only kernel modules. They can put them into /lib/modules/%{kernelversion}.%{patchlevel}-rosa-flow-abi.
kmod tools will find them for kernels 5.4.x of "generic" and "nickel" flavours
but there is no guarantee that these modules will load and work correctly on
newer or older kernels then the ones they were build against.
We call this "flow ABI" because most ABIs are not changed between %{kernelversion}.%{patchlevel}.x releases,
but there are no specific guarantees. ABI may evolve and change.
We highly recommend to use DKMS and build third-party kernel modules from source for every kernel!
This package does nothing, just owns a directory for third-party binary kernel modules.
%files -n kernel-%{kernelversion}.%{patchlevel}-rosa-flow-abi
/lib/modules/%{kernelversion}.%{patchlevel}-rosa-flow-abi
%endif
# End of flow_abi
################################################
%prep
# Avoid accidental merge
%if 0%{?rpm5}
%{error:Package structure is for dnf, not for urpmi!}
%endif
%setup -q -n %{top_dir_name} -c
%if %{with uml}
cp -r %{src_dir} %{src_dir}.uml
%endif
cd %{src_dir}
%autopatch -p1
#
# Setup Begin
#
##################################
# Kernel configuration
echo "Creating the kernel configuration file."
# Configs
cp %{SOURCE111} .
cp %{SOURCE112} .
cp %{SOURCE113} .
cp kernel-%{arch_suffix}.config .config
touch %{build_dir}/.config.append
# Get rid of unwanted files
find . -name '*~' -o -name '*.orig' -o -name '*.append' -delete
# Wipe all .gitignore/.get_maintainer.ignore files
find . -name "*.g*ignore" -delete
# Disable debug info if requested (enabled by default)
%if ! %build_debug
sed -i -e '/CONFIG_DEBUG_INFO/d' -e '/CONFIG_GDB_SCRIPTS/d' .config
echo '# CONFIG_DEBUG_INFO is not set' >> %{build_dir}/.config.append
echo '# CONFIG_GDB_SCRIPTS is not set' >> %{build_dir}/.config.append
%endif
sed -i '/CONFIG_MODULE_SIG_FORCE/d' .config
%if %{with oblig_signed_modules}
# Disallow loading not signed modules
# But 0001-ROSA-ima-allow-to-off-modules-signature-check-dynami.patch allows to override this in cmdline
echo CONFIG_MODULE_SIG_FORCE=y >> %{build_dir}/.config.append
%else
echo CONFIG_MODULE_SIG_FORCE=n >> %{build_dir}/.config.append
%endif
sed -i '/CONFIG_MODULE_SIG_KEY/d' .config
# Set path to the key that will be generated later by openssl/libressl
echo CONFIG_MODULE_SIG_KEY=\"%{certs_signing_key_priv_rnd}\" >> %{build_dir}/.config.append
# Set path to one PEM file with all keys that the kernel must trust
sed -i '/CONFIG_SYSTEM_TRUSTED_KEYS/d' .config
echo CONFIG_SYSTEM_TRUSTED_KEYS=\"%{certs_public_keys}\" >> %{build_dir}/.config.append
# Memory wiping
# Introduced in kernel 5.3 by commit 6471384af2a6530696fc0203bafe4de41a23c9ef
# Estimated performance impact is described in the commit
# "Fill newly allocated pages and heap objects with zeroes."
# To enable, add to cmdline: init_on_alloc=1
sed -i '/CONFIG_INIT_ON_ALLOC_DEFAULT_ON/d' .config
echo CONFIG_INIT_ON_ALLOC_DEFAULT_ON=n >> %{build_dir}/.config.append
# "Fill freed pages and heap objects with zeroes"
# To disable, add to cmdline: init_on_free=0
sed -i '/CONFIG_INIT_ON_FREE_DEFAULT_ON/d' .config
%if %{with nickel}
echo CONFIG_INIT_ON_FREE_DEFAULT_ON=y >> %{build_dir}/.config.append
%else
echo CONFIG_INIT_ON_FREE_DEFAULT_ON=n >> %{build_dir}/.config.append
%endif
# Here enabling only either only init_on_free or only init_on_alloc
# makes sense; init_on_alloc is not about protecting information.
# To load kernel keyring in UML
for i in STREEBOG SHA1 SHA256 SHA512 ECRDSA RSA ; do
if ! grep -q "^CONFIG_CRYPTO_${i}=y$" .config; then
sed -i "/CONFIG_CRYPTO_${i}/d" .config
echo "CONFIG_CRYPTO_${i}=y" >> %{build_dir}/.config.append
fi
done
cat %{build_dir}/.config.append >> .config
##################
# End of kernel config
# Store the config file in the appropriate directory.
CONFIG_DIR=arch/%{arch_type}/configs
mkdir -p "${CONFIG_DIR}"
cfg_file=arch/%{arch_type}/configs/%{arch_suffix}_defconfig-%{flavour}
make ARCH=%{arch_type} oldconfig
# When it is needed to edit kernel configs, run:
# abf fetch
# rpmbuild --define "_sourcedir $PWD" --with=fail -bb kernel.spec
# and then work with the config in the buildroot with applied patches etc.
%{?_with_fail:exit 1}
mv .config ${cfg_file}
echo "Created ${cfg_file}."
# Make sure the kernel has the sublevel we know it has...
LC_ALL=C sed -ri "s/^SUBLEVEL.*/SUBLEVEL = %{sublevel}/" Makefile
# Get rid of unwanted files
find . -name '*~' -o -name '*.orig' -o -name '*.append' | %kxargs rm -f
find . -name '.get_maintainer.ignore' | %kxargs rm -f
# Versionize python shebang (#!/usr/bin/env python -> #!/usr/bin/python3) in scripts
grep -Irl '^#!/usr/bin/env python' | xargs sed -i '1 s,^#!/usr/bin/env python$,#!%{__python3},'
# Drop env from bash scripts
sed -i '1 s,^#!.*env .*,#!%{_bindir}/bash,' scripts/config
# Drop env from perl scripts
grep -IrlE '^#!.*env perl' | xargs sed -i -e '1 s,^#!/usr/bin/env perl$,#!{_bindir}/perl,'
############################################################################
%build
# Ensure that build time generated private keys don't get published
# as e.g. "RPM build root" on ABF!
# Note that ABF sends SIGKILL to rpm-build.sh when the build is terminated;
# in this case trap will not work, but RPM build root also will not be
# saved because rpm-build.sh saves it, but it is SIGKILLed.
# For best security we could store private keys in RAM (not reachable from
# filesystem, so not in /tmp!) and override sth like fopen() by LD_PRELOAD
# to give the content of keys from RAM when a virtual address of a key file
# is accessed, but currently I don't know how to implement this (TODO: ).
_cleanup(){
# Show resulting kernel public keys for debugging
cat "%{src_dir}/%{certs_dir_rnd}/x509_certificate_list" | base64 -d || :
rm -fvr "%{src_dir}/%{certs_dir_rnd}"
%if %{with uml}
cat "%{src_dir}.uml/%{certs_dir_rnd}/x509_certificate_list" | base64 -d || :
rm -fvr "%{src_dir}.uml/%{certs_dir_rnd}"
%endif
}
# Make a trap to delete keys even if %%build fails in the middle
trap "_cleanup" EXIT
rm -rf %{temp_root}
install -d %{temp_root}
cd %{src_dir}
### Keys for signing kernel modules
# Keys can be generated both manually and automatically,
# let's generate them by ourselves to take full control of the process
# https://www.ibm.com/support/knowledgecenter/en/SSB23S_1.1.0.13/gtps7/cfgcert.html
# See also certs/Makefile in kernel source
mkdir -p "%{certs_dir_rnd}"
# On ABF, %%packager == $username <$email>
# Try to extract email from %%packager if it is set
_get_email(){
# Check that macro %%packager was set and is not empty
if echo '%{packager}' | grep -q 'packager}$' || [ -z "%{packager}" ]
# If was not set or is empty, use default email
then echo 'rpmbuild@rosa.unknown' && return
# Otherwise try to extract email from 'name <email>' or sth else
else temp="$(echo '%{packager}' | tr '[:upper:]' '[:lower:]' | tr ' ' '\n' | tr -d '<>' | grep -E '@.*\..*' | head -n 1)"
fi
# Validate that what we have now is a valid email
# https://stackoverflow.com/a/2138832, https://stackoverflow.com/a/41192733
# Note that we set %%_buildshell to /bin/bash to guarantee the work of this bashism
regex_email="^[a-z0-9!#\$%&'*+/=?^_\`{|}~-]+(\.[a-z0-9!#$%&'*+/=?^_\`{|}~-]+)*@([a-z0-9]([a-z0-9-]*[a-z0-9])?\.)+[a-z0-9]([a-z0-9-]*[a-z0-9])?\$"
if [[ "$temp" =~ ${regex_email} ]]
# If it is, use it
then echo "$temp" && return
# Otherwise use default email
else echo 'rpmbuild@rosa.unknown' && return
fi
# If script above has not return'ed for any reason,
# e.g. because of non-bash shell being not able to
# process regexp, use default email
echo 'rpmbuild@rosa.unknown'
}
email="$(_get_email)"
cat <<EOF > "%{certs_key_config_rnd}"
[ req ]
prompt = no
string_mask = utf8only
#default_keyfile = %%{certs_signing_key_priv_rnd}
distinguished_name = req_distinguished_name
x509_extensions = myexts
[ req_distinguished_name ]
organizationName = %{vendor} rpmbuild
commonName = Build time autogenerated @ALGO@ kernel key
emailAddress = ${email}
[ myexts ]
basicConstraints=critical,CA:FALSE
keyUsage=digitalSignature
subjectKeyIdentifier=hash
authorityKeyIdentifier=keyid
EOF
cat "%{certs_key_config_rnd}"
sed -e 's,@ALGO@,RSA,g' "%{certs_key_config_rnd}" > "%{certs_key_config_rnd}.RSA"
sed -e 's,@ALGO@,GOST R 34.10-2012,g' "%{certs_key_config_rnd}" > "%{certs_key_config_rnd}.GOST"
# Avoid using the template
rm -f "%{certs_key_config_rnd}"
_libressl_gen_key(){
if [ "$GOST_KEY" = 1 ]
then
lssl_req_gost_args="\
-newkey gost2001 \
-pkeyopt dgst:streebog512 -pkeyopt paramset:A \
-streebog512"
OUT="%{certs_signing_key_priv_rnd}.GOST"
CONFIG="%{certs_key_config_rnd}.GOST"
else
lssl_req_gost_args=""
OUT="%{certs_signing_key_priv_rnd}.RSA"
CONFIG="%{certs_key_config_rnd}.RSA"
fi
libressl req -new -nodes -utf8 -batch \
$lssl_req_gost_args \
-days 109500 \
-x509 -config "$CONFIG" \
-out "$OUT" \
-keyout "$OUT"
# Verify
if [ "$GOST_KEY" = 1 ]; then
libressl x509 -in "%{certs_signing_key_priv_rnd}.GOST" -text -noout \
| grep -E 'Signature Algorithm:.*GOST R 34.10-2012'
libressl x509 -in "%{certs_signing_key_priv_rnd}.GOST" -text -noout \
| grep -E 'Digest Algorithm:.*GOST R 34-11-2012'
libressl x509 -in "%{certs_signing_key_priv_rnd}.GOST" -text -noout \
| grep -E 'Public Key Algorithm:.*GOST R 34.10-2012'
fi
}
GOST_KEY=0 _libressl_gen_key
GOST_KEY=1 _libressl_gen_key
# Fake CONFIG_MODULE_SIG_KEY to make build scripts happy
cp -v "%{certs_signing_key_priv_rnd}.RSA" "%{certs_signing_key_priv_rnd}"
# Strip public parts from the generated PEMs
sed -n \
'/^-----BEGIN CERTIFICATE-----$/,/^-----END CERTIFICATE-----$/p' \
"%{certs_signing_key_priv_rnd}.GOST" \
"%{certs_signing_key_priv_rnd}.RSA" \
> "%{certs_public_keys}"
# Link sign-file and extract-cert with LibreSSL instead of OpenSSL
if [ $? != 0 ] ; then exit $? ; fi
sed -i %{src_dir}/scripts/Makefile \
%if %{with uml}
%{src_dir}.uml/scripts/Makefile \
%endif
-e "s, libcrypto , libressl-libcrypto ,g"
%if %{with additional_keys}
# Add additional public RSA keys to the list of trusted keys for kernel modules
# Build kernel --without additional_keys if you do not want to trust them
cat %{expand:%(for i in `seq 1 12`; do echo "%%SOURCE$((200+${i}))" | tr "\n" " "; done)} \
>> "%{certs_public_keys}"
%endif
# End of additional_keys
cat %{certs_public_keys}
# .config
%smake -s mrproper
cp arch/%{arch_type}/configs/%{arch_suffix}_defconfig-%{flavour} .config
# Make sure EXTRAVERSION says what we want it to say
LC_ALL=C sed -ri "s/^EXTRAVERSION.*/EXTRAVERSION = -%{flavour}-%{buildrpmrel}/" Makefile
# Build the kernel
echo "Building kernel %{kver_full}"
TARGETS="all"
# need to install dtbs to proper boot arm64 devices
%ifarch %{armx}
TARGETS="$TARGETS dtbs"
%endif
%kmake V=1 -s $TARGETS
# Install modules
mkdir -p %{temp_modules}/%{kver_full}
%smake INSTALL_MOD_PATH=%{temp_root} KERNELRELEASE=%{kver_full} modules_install
%if %{with binary_extra_modules}
# Build and install procedure is specific to each Makefile from kernmel-source-* packages
# See also: https://www.kernel.org/doc/html/latest/kbuild/modules.html
# Copy directory because write permissions are required
# `make modules_install` must be done before this, otherwise these copied files will be deleted
# $1: name of kernel module
# $2: directory (e.g.: kernel/net/wireless)
_build_rtl(){
cp -r "$(rpm -q --qf "/usr/src/rtl${1}-%%{VERSION}-%%{RELEASE}" kernel-source-rtl${1})" kernel-source-rtl${1}
pushd kernel-source-rtl${1}
%kmake KSRC=%{src_dir} M="$PWD"
mkdir -p %{temp_modules}/%{kver_full}/${2}
cp ${1}.ko %{temp_modules}/%{kver_full}/${2}
popd
rm -fr kernel-source-rtl${1}
}
_build_rtl 8821cu kernel/net/wireless
_build_rtl 88x2bu kernel/net/wireless
_build_rtl 8812au kernel/net/wireless
_build_rtl 8821au kernel/net/wireless
_build_rtl 8821au kernel/net/wireless
_build_rtl 8814au kernel/net/wireless
_build_rtl 8188gu kernel/net/wireless
_build_rtl 8723du kernel/net/wireless
_build_rtl 8852au kernel/net/wireless
_build_rtl 8192du kernel/net/wireless
cp -r "$(rpm -q --qf "/usr/src/r8168-%%{VERSION}-%%{RELEASE}" kernel-source-r8168)" kernel-source-r8168
pushd kernel-source-r8168
%kmake -C %{src_dir} KERNELRELEASE=%{kver_full} KERNELDIR=%{src_dir} M="$PWD" modules
mkdir -p %{temp_modules}/%{kver_full}/kernel/drivers/net/ethernet/realtek
cp r8168.ko %{temp_modules}/%{kver_full}/kernel/drivers/net/ethernet/realtek
popd
rm -fr kernel-source-r8168
cp -r "$(rpm -q --qf '/usr/src/rtk_btusb-%%{VERSION}-%%{RELEASE}' kernel-source-rtk_btusb)" kernel-source-rtk_btusb
pushd kernel-source-rtk_btusb
%kmake KDIR=%{src_dir}
mkdir -p %{temp_modules}/%{kver_full}/kernel/drivers/bluetooth/
cp rtk_btusb.ko %{temp_modules}/%{kver_full}/kernel/drivers/bluetooth/rtk_btusb.ko
popd
rm -fr kernel-source-rtk_btusb
cp -r "$(rpm -q --qf '/usr/src/rtw89-%%{VERSION}-%%{RELEASE}' kernel-source-rtw89)" kernel-source-rtw89
pushd kernel-source-rtw89
%kmake KSRC=%{src_dir}
mkdir -p %{temp_modules}/%{kver_full}/kernel/net/wireless/realtek/rtw89p
cp *.ko %{temp_modules}/%{kver_full}/kernel/net/wireless/realtek/rtw89p
popd
rm -fr kernel-source-rtw89
_build_nvidia(){
cp -r "$(rpm -q --qf "/usr/src/nvidia${1}-%%{VERSION}-%%{RELEASE}" kernel-source-nvidia${1})" kernel-source-nvidia${1}
pushd kernel-source-nvidia${1}
%make SYSSRC=%{src_dir}
mkdir -p %{temp_modules}/%{kver_full}/kernel/drivers/video/nvidia${1}.%{kroko_release}
for i in *.ko
do
# put them here to extract debug and compress, will be moved later
install -m0644 "$i" %{temp_modules}/%{kver_full}/kernel/drivers/video/nvidia${1}.%{kroko_release}/"$i"
done
popd
rm -fr kernel-source-nvidia${1}
# for rosa-kernel-tools
mkdir -p %{temp_root}/var/spool/initramfs-regen
touch %{temp_root}/var/spool/initramfs-regen/nvidia${1}.%{kroko_release}
}
%ifarch %{ix86} %{x86_64}
cp -r "$(rpm -q --qf '/usr/src/broadcom-wl-%%{VERSION}-%%{RELEASE}' kernel-source-broadcom-wl)" kernel-source-broadcom-wl
pushd kernel-source-broadcom-wl
%kmake -C %{src_dir} M="$PWD"
mkdir -p %{temp_modules}/%{kver_full}/kernel/net/wireless/
cp wl.ko %{temp_modules}/%{kver_full}/kernel/net/wireless/wl.ko
popd
rm -fr kernel-source-broadcom-wl
_build_nvidia 340
_build_nvidia 390
%endif
%ifarch %{x86_64}
_build_nvidia 470
_build_nvidia 510
_build_nvidia 515
_build_nvidia 520
_build_nvidia 525
%endif
cp -r "$(rpm -q --qf '/usr/src/tripso-%%{VERSION}-%%{RELEASE}' kernel-source-tripso)" kernel-source-tripso
pushd kernel-source-tripso
%kmake KDIR=%{src_dir}
mkdir -p %{temp_modules}/%{kver_full}/kernel/net
cp xt_TRIPSO.ko %{temp_modules}/%{kver_full}/kernel/net/
popd
rm -fr kernel-source-tripso
cp -r "$(rpm -q --qf '/usr/src/ipt-so-%%{VERSION}-%%{RELEASE}' kernel-source-ipt-so)" kernel-source-ipt-so
pushd kernel-source-ipt-so
%kmake KDIR=%{src_dir}
mkdir -p %{temp_modules}/%{kver_full}/kernel/net
cp xt_so.ko %{temp_modules}/%{kver_full}/kernel/net/
popd
rm -fr kernel-source-ipt-so
%if %{with binary_shredder}
cp -r "$(rpm -q --qf '/usr/src/shredder-kernel-%%{VERSION}-%%{RELEASE}' kernel-source-shredder-kernel)" kernel-source-shredder-kernel
pushd kernel-source-shredder-kernel
%kmake KERNEL_PATH=%{src_dir}
mkdir -p %{temp_modules}/%{kver_full}/kernel/extra/
cp shredder-kernel.ko %{temp_modules}/%{kver_full}/kernel/extra/
popd
rm -fr kernel-source-shredder-kernel
%endif
%if %{with binary_virtualbox_host}
# build commands for virtualbox are based on the ones from the virtualbox package
cp -r "$(rpm -q --qf '/usr/src/virtualbox-%%{VERSION}-%%{RELEASE}' kernel-source-virtualbox)" kernel-source-virtualbox
mkdir -p %{temp_modules}/%{kver_full}/kernel/misc/
pushd kernel-source-virtualbox
make -C vboxdrv KERN_DIR=%{src_dir} KERN_VER=%{kver_full}
cp -fv vboxdrv/Module.symvers vboxnetflt
cp -fv vboxdrv/Module.symvers vboxnetadp
make -C vboxnetflt KERN_DIR=%{src_dir} KERN_VER=%{kver_full}
make -C vboxnetadp KERN_DIR=%{src_dir} KERN_VER=%{kver_full}
cp -fv vboxnetadp/Module.symvers vboxpci/
make -C vboxpci KERN_DIR=%{src_dir} KERN_VER=%{kver_full}
for i in vboxnetflt vboxnetadp vboxdrv vboxpci
do
cp -v "${i}/${i}.ko" %{temp_modules}/%{kver_full}/kernel/misc/
done
popd
%endif
cp -r "$(rpm -q --qf '/usr/src/v4l2loopback-%%{VERSION}-%%{RELEASE}' kernel-source-v4l2loopback)" kernel-source-v4l2loopback
pushd kernel-source-v4l2loopback
cat Kbuild > Makefile
mkdir -p %{temp_modules}/%{kver_full}/kernel/drivers/media
make -C %{src_dir} M="$PWD" modules
cp v4l2loopback.ko %{temp_modules}/%{kver_full}/kernel/drivers/media
pushd
rm -fr kernel-source-v4l2loopback
%if %{with nickel}
# rosa-test-suite uses /sr/src/xxx-version, not /usr/src/xxx-version-release
cp -r "$(rpm -q --qf '/usr/src/rosa-test-suite-%%{VERSION}' kernel-source-rosa-test-suite)" kernel-source-rosa-test-suite
pushd kernel-source-rosa-test-suite
mkdir -p %{temp_modules}/%{kver_full}/kernel/misc/
for i in nlkm memfreetest pcietest
do
cat << EOF > Makefile
obj-m := ${i}.o
all:
make -C %{src_dir} M=\$(PWD) modules
EOF
%kmake
cp -fv ${i}.ko %{temp_modules}/%{kver_full}/kernel/misc/
done
popd
%endif
# End with nickel <- with binary_extra_modules
%endif
# End with binary_extra_modules
%if %{with uml}
cp -rv %{certs_dir_rnd} %{src_dir}.uml/
pushd %{src_dir}.uml
%kmake ARCH=um defconfig
%kmake ARCH=um linux
install -Dm0755 linux %{temp_root}%{_bindir}/linux-uml-%{kver_full}
#rm -fv linux
%kmake V=1 ARCH=um modules
mkdir -p %{temp_root}/lib/modules-uml/%{kver_full}/
%kmake ARCH=um INSTALL_MOD_PATH=%{temp_root}/lib/modules-uml/%{kver_full}/ modules_install
popd
%endif
install -d %{temp_boot}
install -m 644 System.map %{temp_boot}/System.map-%{kver_full}
install -m 644 .config %{temp_boot}/config-%{kver_full}
%if %{with modxz}
xz -c Module.symvers > %{temp_boot}/symvers-%{kver_full}.xz
%else
%{zstd_cmd} Module.symvers
install -m 644 Module.symvers.zst %{temp_boot}/symvers-%{kver_full}.zst
%endif
%ifarch %{armx}
%make_build ARCH=%{arch_type} V=1 INSTALL_DTBS_PATH=%{temp_boot}/dtb-%{kver_full} dtbs_install
%endif
%ifarch aarch64
cp -f arch/arm64/boot/Image* %{temp_boot}/vmlinuz-%{kver_full}
%else
cp -f arch/%{arch_type}/boot/bzImage %{temp_boot}/vmlinuz-%{kver_full}
%endif
# Headers
%if %{build_headers}
%make INSTALL_HDR_PATH=%{temp_root}%{_prefix} KERNELRELEASE=%{kver_full} headers_install
find %{temp_root}%{_prefix} -name .install -or -name ..install.cmd | %kxargs rm -f
%endif
# Remove /lib/firmware, we use a separate linux-firmware package
rm -rf %{temp_root}/lib/firmware
# Prepare the files for kernel*-devel
%if %{build_devel}
mkdir -p %{temp_devel_root}
for i in $(find . -name 'Makefile*'); do cp -R --parents $i %{temp_devel_root}; done
for i in $(find . -name 'Kconfig*' -o -name 'Kbuild*'); do cp -R --parents $i %{temp_devel_root}; done
cp -fR include %{temp_devel_root}
cp -fR scripts %{temp_devel_root}
cp -fR kernel/bounds.c %{temp_devel_root}/kernel
cp -fR kernel/time/timeconst.bc %{temp_devel_root}/kernel/time
cp -fR tools %{temp_devel_root}/
cp -fR arch/%{arch_type}/kernel/asm-offsets.{c,s} %{temp_devel_root}/arch/%{arch_type}/kernel/
%ifarch %{ix86} %{x86_64}
cp -fR arch/%{arch_type}/kernel/asm-offsets_{32,64}.c %{temp_devel_root}/arch/%{arch_type}/kernel/
cp -fR arch/%{arch_type}/purgatory/* %{temp_devel_root}/arch/%{arch_type}/purgatory/
# Needed for arch/x86/purgatory
cp -fR lib/*.h lib/*.c %{temp_devel_root}/lib/
cp -fR arch/%{arch_type}/entry/syscalls/syscall* %{temp_devel_root}/arch/%{arch_type}/entry/syscalls/
cp -fR arch/%{arch_type}/tools %{temp_devel_root}/arch/%{arch_type}/
# needed for kexec
cp -fR arch/%{arch_type}/boot/*.h %{temp_devel_root}/arch/%{arch_type}/boot/
cp -fR arch/%{arch_type}/boot/*.c %{temp_devel_root}/arch/%{arch_type}/boot/
%endif
cp -fR arch/%{arch_type}/include %{temp_devel_root}/arch/%{arch_type}/
cp -fR .config Module.symvers %{temp_devel_root}
# Needed for truecrypt build (Danny)
cp -fR drivers/md/dm.h %{temp_devel_root}/drivers/md/
# Needed for lirc_gpio (#39004)
cp -fR drivers/media/pci/bt8xx/bttv{,p}.h %{temp_devel_root}/drivers/media/pci/bt8xx/
cp -fR drivers/media/pci/bt8xx/bt848.h %{temp_devel_root}/drivers/media/pci/bt8xx/
cp -fR drivers/media/common/btcx-risc.h %{temp_devel_root}/drivers/media/common/
# Add acpica header files, needed for fglrx build
cp -fR drivers/acpi/acpica/*.h %{temp_devel_root}/drivers/acpi/acpica/
%if %{with aufs}
# aufs2 has a special file needed
cp -fR fs/aufs/magic.mk %{temp_devel_root}/fs/aufs
%endif
# SELinux needs security/selinux/include
cp -fR security/selinux/include %{temp_devel_root}/security/selinux
for i in alpha arc avr32 blackfin c6x cris csky frv h8300 hexagon ia64 m32r m68k m68knommu metag microblaze \
mips mn10300 nds32 nios2 openrisc parisc powerpc riscv s390 score sh sparc tile unicore32 xtensa; do
rm -rf %{temp_devel_root}/arch/$i
done
# Clean the scripts tree, and make sure everything is ok (sanity check)
# running prepare+scripts (tree was already "prepared" in build)
pushd %{temp_devel_root}
%smake V=1 -s clean ARCH=%{arch_type}
popd
rm -f %{temp_devel_root}/.config.old
# Fix permissions
chmod -R a+rX %{temp_devel_root}
# Disable mrproper in -devel rpms
#patch -p1 --fuzz=0 -d %{temp_devel_root} -i %{SOURCE2}
%endif
# End of build_devel
# TODO: maybe move to /usr/lib/debug?
%if %{build_debug}
find %{temp_modules}/%{kver_full}/kernel \
-name "*.ko" | \
%kxargs -I '{}' objcopy --only-keep-debug '{}' '{}'.debug
find %{temp_modules}/%{kver_full}/kernel \
-name "*.ko" | %kxargs -I '{}' \
sh -c 'cd `dirname {}`; \
objcopy --add-gnu-debuglink=`basename {}`.debug \
--strip-debug `basename {}`'
%endif
# End of build_debug
# https://patchwork.kernel.org/patch/11446123/
_libressl_sign(){
if [ ! -f "$1" ]; then
echo "No file $1"
return 0
fi
f="$1"
%if %{with gost_sign}
%{src_dir}/scripts/sign-file streebog512 \
"%{certs_signing_key_priv_rnd}.GOST" "%{certs_signing_key_priv_rnd}.GOST" "$f"
%else
%{src_dir}/scripts/sign-file sha512 \
"%{certs_signing_key_priv_rnd}.RSA" "%{certs_signing_key_priv_rnd}.RSA" "$f"
%endif
unset f
}
export -f _libressl_sign
find %{temp_modules}/%{kver_full}/kernel \
%if %{with uml}
%{temp_root}/lib/modules-uml/%{kver_full} \
%endif
-name '*.ko' -print0 | sort -u | \
xargs --null -P "$(nproc)" -I {} "$SHELL" -e -x -c 'if ! _libressl_sign "{}"; \
then echo Failed _libressl_sign on "{}" && exit 1; fi'
# Set extraversion to match srpm to get nice version reported by the tools
LC_ALL=C sed -ri "s/^EXTRAVERSION.*/EXTRAVERSION = -%{fullrpmrel}/" Makefile
%if %{build_perf}
%smake -C tools/perf -s PYTHON=%{__python3} HAVE_CPLUS_DEMANGLE=1 WERROR=0 prefix=%{_prefix} lib=%{_lib} NO_GTK2=1 all
%smake -C tools/perf -s prefix=%{_prefix} lib=%{_lib} NO_GTK2=1 man
%endif
%if %{build_cpupower}
# Make sure version-gen.sh is executable.
chmod +x tools/power/cpupower/utils/version-gen.sh
%make -C tools/power/cpupower CPUFREQ_BENCH=false
%endif
_cleanup
############################################################################
%install
cd %{src_dir}
# TODO: get rid of temporary directory, install to buildroot directly?
# We want to be able to test several times the install part
rm -rf %{buildroot}
cp -a %{temp_root} %{buildroot}
#if %%{with oblig_signed_modules}
# Multithreaded verification that every kernel module has a signature attached to it
mkdir -p "%{certs_dir_rnd}"
touch %{certs_verify_tmp}
_verify_signature(){
if [ -z "$1" ] || [ ! -f "$1" ]; then return; fi
if hexdump -C "$1" | rev | cut -f 2 -d '|' | rev | tr -d '\n' | grep -q '~Module signature appended~'; then
if [ -f %{certs_verify_tmp} ]; then
rm -f %{certs_verify_tmp}
fi
else
echo "ERROR: Module $1 has no signature attached to it!"
exit 1
fi
}
export -f _verify_signature
find %{target_modules} \
%if %{with uml}
%{buildroot}/lib/modules-uml/%{kver_full} \
%endif
-name '*.ko' -print0 | sort -u | \
xargs --null -P "$(nproc)" -I {} "$SHELL" -c '_verify_signature "{}"'
if [ -f %{certs_verify_tmp} ]; then
echo "ERROR: seems that signatures of none modules were verified!"
exit 1
fi
rm -f %{certs_verify_tmp}
#endif
# Compressing modules
%if %{with compress_modules}
# Tested on /lib/modules/5.10.34-generic-2rosa2019.1-x86_64, the results are the following:
# * decompressed: 266.3 MiB
# * xz -9 --extreme: 67.8 MiB
# * zstd --ultra -22 without training: 73.5 MiB
# * zstd -6 without training: 79.6 MiB
# * zstd --ultra -22 with training: 66.3 MiB (the winner!)
# Training takes only a few minutes, make it here in place with current zstd and kernel modules.
# But! Decompressing also requires a dictionary for zstd, that will be too complex, so not using training :(
# We already use zstd in dracut to compress initrds quickly and with good compression ration.
# Testing speed of loading modules:
# `time modinfo bcache.ko.xz` took 0,048s, `time modinfo bcache.ko.zstd` took 0,014s (for multiple times)
# find /lib/modules/5.10.34-generic-2rosa2019.1-x86_64 -type f -name '*.ko.zst' > /tmp/zst.list
# time { for i in `cat /tmp/zst.list`; do modinfo $i >/dev/null 2>&1; done ;}
# took ~31-40s, with disk cache (2+ runs) ~33s
# find /lib/modules/5.10.34-generic-1rosa2019.1-x86_64 -type f -name '*.ko.xz' > /tmp/xz.list
# time { for i in `cat /tmp/xz.list`; do modinfo $i >/dev/null 2>&1; done ;}
# took 43-47s, with disk cache (2+ runs) ~42s, +21%%
# zstd-compressed initramfs image initrd-5.10.34-generic-1rosa2019.1-x86_64.img with *.ko.xz is 56,3 MiB
# zstd-compressed initramfs image initrd-5.10.34-generic-2rosa2019.1-x86_64.img with *.ko.zst is 58,4 MiB (+3.6%%)
# /lib/modules/5.10.34-generic-1rosa2019.1-x86_64 (*.ko.xz) is 78,1 MiB
# /lib/modules/5.10.34-generic-2rosa2019.1-x86_64 (*.ko.zst) is 83,9 MiB (+7%%)
# When zstd is compressing cpio (initrd image) with zstd-compressed kernel modules inside it, does it recompress data?
# It is not easy to make a choice between zstd and xz for kernel modules... Disk space (and so speed of installing
# RPM packages) is not much bigger, we do not try to support super low end devices, operation speed is a bit better.
# I have not seen measurable difference in startup time according to systemd-analyze.
# Note that decompression after zstd --ultra -22 will consume more memory than after zstd -6, see commit message in
# https://github.com/torvalds/linux/commit/73f3d1b48f5069d46b. I did not benchmark -6 vs -22 in runtime.
# Let's use zstd for now.
# zstd may also be used to compress linux-firmware to save a lot of space on disk,
# but upstream kernels still cannot decompress it.
#{zstd_cmd} -T0 --train $(find . -type f -name '*.ko')
#[ -f dictionary ]
# -T1 (one thread) because we run multiple zstd processes by xargs
%if %{with modxz}
find %{target_modules} -name "*.ko" | %kxargs xz -6e
%else
find %{target_modules} -name "*.ko" | %kxargs %{zstd_cmd} --rm -T1 #-D dictionary
rm -f dictionary
%endif
%endif
%if %{with binary_extra_modules}
# Move nvidia modules to manage them via alternatives(8), leave *.debug
# TODO: better handle debug here and in the package in general
find %{target_modules}/%{kver_full}/kernel/drivers/video -name 'nvidia???.*' -type d -maxdepth 1 |
while read -r line
do
nv="$(basename "$line")"
mkdir -p %{buildroot}%{kroko_kmods_dir}/"$nv"-%{kver_full}
mv -v "$line"/*.ko%{kmod_suffix} %{buildroot}%{kroko_kmods_dir}/"$nv"-%{kver_full}
dir_no_buildroot="$(echo "$line" | sed -e 's,^%{buildroot},,')"
echo "%exclude $dir_no_buildroot" >> %{kernel_files}
%if %{build_debug}
echo "%dir $dir_no_buildroot" >> %{debuginfo_files}
%endif
done
%endif #/with binary_extra_modules
find %{buildroot}%{_modulesdir}/%{kver_full} -type f -name '*.ko%{kmod_suffix}' | sed -e 's,^%{buildroot},,' | sort -u >> %{kernel_files}
find %{buildroot}%{_modulesdir}/%{kver_full} -type d | sed -e 's,^%{buildroot},%dir ,' | sort -u >> %{kernel_files}
# We estimate the size of the initramfs because rpm needs to take this size
# into consideration when performing disk space calculations (See rhbz#530778)
# 65 MiB is a bit more than needed, but let's be more sure that there is enought space.
# On my PC, zstd-compressed initrds take 58,5 MiB.
# Real size of the RPM package should not increase because RPM compresses the payload.
# This file is %%ghost, so the real initrd will be deleted when uninstalling this package.
dd if=/dev/zero of=%{buildroot}%{initrd_path} bs=1M count=65
%if %{build_debug}
install -m 644 vmlinux %{buildroot}%{_bootdir}/vmlinux-%{kver_full}
find %{buildroot}%{_modulesdir} -type f -name '*.debug' | sed -e 's,^%{buildroot},,' | sort -u >> %{debuginfo_files}
%endif
# End of build_debug
pushd %{target_modules}
for i in *; do
rm -f $i/build $i/source
ln -sf /usr/src/linux-$i $i/build
ln -sf /usr/src/linux-$i $i/source
done
# Sniff, if we compressed all the modules, we change the stamp :(
# we really need the depmod -ae here
for i in *; do
/sbin/depmod -ae -b %{buildroot} -F %{target_boot}/System.map-$i $i
echo $?
done
# We used to create modules.description files which contained the
# description strings for the modules as shown by modinfo. These files
# are unlikely to be used right now, so create them (in case some old tool
# checks for their existence) but keep them empty.
for i in *; do
touch $i/modules.description
done
popd
# Need to set extraversion to match srpm again to avoid rebuild
LC_ALL=C sed -ri "s/^EXTRAVERSION.*/EXTRAVERSION = -%{fullrpmrel}/" Makefile
%if %{build_perf}
# Perf tool binary and supporting scripts/binaries
make -C tools/perf -s V=1 DESTDIR=%{buildroot} WERROR=0 HAVE_CPLUS_DEMANGLE=1 prefix=%{_prefix} lib=%{_lib} install
# Versionize shebang (#!/usr/bin/env python -> #!/usr/bin/python3)
sed -i '1 s,^#!/usr/bin/env python$,#!%{__python3},' \
%{buildroot}%{_libexecdir}/perf-core/scripts/python/exported-sql-viewer.py \
%{buildroot}%{_libexecdir}/perf-core/scripts/python/libxed.py
sed -i -e '1s,^#!/usr/bin/python$,#!%{__python3},' \
%{buildroot}%{_libexecdir}/perf-core/tests/shell/lib/perf_json_output_lint.py
# Perf man pages (note: implicit rpm magic compresses them later)
make -C tools/perf -s V=1 DESTDIR=%{buildroot} WERROR=0 HAVE_CPLUS_DEMANGLE=1 prefix=%{_prefix} install-man
%endif
%if %{build_cpupower}
make -C tools/power/cpupower DESTDIR=%{buildroot} libdir=%{_libdir} mandir=%{_mandir} CPUFREQ_BENCH=false install
rm -f %{buildroot}%{_libdir}/*.{a,la}
%find_lang cpupower
mv cpupower.lang ../
chmod 0755 %{buildroot}%{_libdir}/libcpupower.so*
mkdir -p %{buildroot}%{_unitdir} %{buildroot}%{_sysconfdir}/sysconfig
install -m644 %{SOURCE50} %{buildroot}%{_unitdir}/cpupower.service
install -m644 %{SOURCE53} %{buildroot}%{_unitdir}/cpupower.path
install -m644 %{SOURCE51} %{buildroot}%{_sysconfdir}/sysconfig/cpupower
install -m755 %{SOURCE52} %{buildroot}%{_bindir}/cpupower-start.sh
%endif
# Delete junk
rm -fr %{buildroot}%{_usr}/src/*/kernel-source-*
%if %{with flow_abi}
# Prefix with "zzz" to put this directory into the end of search list
# and avoid tricks with depmod configs
mkdir -p %{buildroot}/lib/modules/%{kernelversion}.%{patchlevel}-rosa-flow-abi
ln -s /lib/modules/%{kernelversion}.%{patchlevel}-rosa-flow-abi %{buildroot}%{_modulesdir}/%{kver_full}/kernel/zzz-%{kernelversion}.%{patchlevel}-rosa-flow-abi
%endif
# Drop hidden files
rm -f %{buildroot}%{_docdir}/kernel-5.10-generic-doc/devicetree/bindings/.yamllint
# Fix perms
%if %{build_perf}
chmod -x %{buildroot}%{_sysconfdir}/bash_completion.d/perf
chmod -x %{buildroot}%{_prefix}/lib/perf/examples/bpf/*.c
chmod -x %{buildroot}%{_prefix}/lib/perf/include/bpf/*.h
chmod -x %{buildroot}%{_prefix}/lib/perf/include/bpf/linux/*.h
chmod -x %{buildroot}%{_datadir}/doc/perf-tip/*.txt
%endif
Reference in a new issue View git blame Copy permalink