commit 77b632e28f27ab53a840f098fcfbba3db2714a1f
Author: Don Penney <email address hidden>
Date: Wed Feb 5 11:28:32 2020 -0500
Fix containerd build failure
The 20200205T023000Z CENGN build failed on containerd due to a build
ordering issue. In the failed build, containerd was built ahead of
rpm, and the mock build environment for the containerd build ran with
the stock CentOS version of RPM. Unfortunately, it appears this
version of RPM fails when trying to build the debuginfo for a golang
package. There are currently two other golang packages in StarlingX,
but these have debuginfo disabled in the spec.
Adding a version-specific dependency in the containerd spec to ensure
the newer RPM is installed resolves the issue.
Change-Id: Ia7c85751012bbd0c3b83a2496bd7424e123eef93
Closes-Bug: 1862038
Co-Authored-By: Scott Little <email address hidden>
Signed-off-by: Don Penney <email address hidden>
commit 7b7959e9b5cc9a68a6fcffba44bca2f84643b133
Author: Al Bailey <email address hidden>
Date: Tue Jan 28 07:49:23 2020 -0600
Update pylint target for python3 and upper constraints
This change imposes the upper constraint in tox to protect from
future releases causing random breakage.
Ex: A new version of python-libvirt was released Jan 23 2020
which will not install on python2.
This change also enables the python3 target for pylint which will
allow the upper constraint to be changed to a more recent version
when all the tox files are aligned.
commit 424ba94a9aa9e64fe1c0d2099b63e7d979b492cd
Author: Jim Somerville <email address hidden>
Date: Fri Jan 24 12:36:06 2020 -0500
Mellanox Driver: Disable use of kernel page pool functionality
Problem: The out-of-tree Mellanox driver detects the presence
of page pool support in the new kernel, and thus wants to use it.
However, page pools are not configured to be on in the new kernel
by default (CONFIG_PAGE_POOL), and not only that, the config
option is hidden ie. it is not user selectable. The built-in
Mellanox driver selects it, but we don't use the built-in driver.
The out-of-tree driver does compile but not all pieces of it
will load properly, specifically the mlx5 pieces which rely on
page pool functionality being enabled in the kernel.
Solution: Simply disable kernel page pool use in the
out-of-tree Mellanox driver, making it work the same way as
it did with the older kernel.
Change-Id: If7e7155867d539352fcd0ea3acd5a17dd9d9579f
Closes-Bug: 1860347
Signed-off-by: Jim Somerville <email address hidden>
commit 7165b3539c75009311d3d4360a15b6ee4c7a4573
Author: Lin Shuicheng <email address hidden>
Date: Sun Jan 19 01:59:42 2020 +0000
Revert "Revert "add containerd package for kata container support""
This reverts commit ff7b8ffd6a91d4fe3b59f939d59bf1512e524c60.
Depends-On: https://review.opendev.org/703263
Change-Id: I9ed3cc54bb61d6e49219c9c98571740f0e066c3f
Signed-off-by: Shuicheng Lin <email address hidden>
The cgcs-users package provides a restricted shell ibsh (Iron Bars SHell)
that is no longer being referenced in StarlingX, so we can remove this
package.
commit 38c184f1b415dbe2eca4a062f9f464a2dca01aa9
Author: Robin Lu <email address hidden>
Date: Thu Nov 21 15:04:40 2019 +0800
Update kernel-std patches for kernel upgrade to version 1062.1.2
This upgrade fixes the CVEs listed below. We refresh the patches
against the new kernel source.
The patch 15 is now included in new version, so I drop it
in the new patch.
CVE bug: CVE-2019-11810:kernel: a NULL pointer dereference in
drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
CVE bug: CVE-2019-11811: kernel: use-after-free in IPMI Edit
CVE bug: CVE-2019-14835: kernel: vhost-net: guest to host kernel
escape during migration
We are currently carrying patches for python-eventlet and
python-requests that are over three years old and were
created to "fix" a nova issue. Now that nova is in a
container, it no longer uses our eventlet or requests so
these patches do not have any effect.
The patches need to be removed to allow eventlet to be
upversioned, which is being done in another commit.
commit 0656fa94dcb9a32a52d2d7757f1b138b88ba9a43
Author: Robin Lu <email address hidden>
Date: Thu Nov 21 15:13:50 2019 +0800
Update kernel-rt patches for kernel upgrade to version 1062.1.2
This upgrade fixes the CVEs listed below. We refresh the patches
against the new rt-kernel source.
rcu-Don-t-wake-rcuc-X-kthreads-on-NOCB-CPUs.patch is deleted
because upstream has fixed this bug, and it is no longer needed.
CVE bug: CVE-2019-11810:kernel: a NULL pointer dereference in
drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
CVE bug: CVE-2019-11811: kernel: use-after-free in IPMI Edit
CVE bug: CVE-2019-14835: kernel: vhost-net: guest to host kernel
escape during migration
Reviewed: https:/ /review. opendev. org/705861 /git.openstack. org/cgit/ starlingx/ integ/commit/ ?id=a3267c2016e 1805f05e72e9063 b2db8a227891c2
Committed: https:/
Submitter: Zuul
Branch: f/centos8
commit 77b632e28f27ab5 3a840f098fcfbba 3db2714a1f
Author: Don Penney <email address hidden>
Date: Wed Feb 5 11:28:32 2020 -0500
Fix containerd build failure
The 20200205T023000Z CENGN build failed on containerd due to a build
ordering issue. In the failed build, containerd was built ahead of
rpm, and the mock build environment for the containerd build ran with
the stock CentOS version of RPM. Unfortunately, it appears this
version of RPM fails when trying to build the debuginfo for a golang
package. There are currently two other golang packages in StarlingX,
but these have debuginfo disabled in the spec.
Adding a version-specific dependency in the containerd spec to ensure
the newer RPM is installed resolves the issue.
Change-Id: Ia7c85751012bbd 0c3b83a2496bd74 24e123eef93
Closes-Bug: 1862038
Co-Authored-By: Scott Little <email address hidden>
Signed-off-by: Don Penney <email address hidden>
commit 7b7959e9b5cc9a6 8a6fcffba44bca2 f84643b133
Author: Al Bailey <email address hidden>
Date: Tue Jan 28 07:49:23 2020 -0600
Update pylint target for python3 and upper constraints
This change imposes the upper constraint in tox to protect from
future releases causing random breakage.
Ex: A new version of python-libvirt was released Jan 23 2020
which will not install on python2.
This change also enables the python3 target for pylint which will
allow the upper constraint to be changed to a more recent version
when all the tox files are aligned.
Change-Id: I9056778085d32b 3401df60c20d67c ff0a21dfe97
Story: 2004515
Task: 38496
Signed-off-by: Al Bailey <email address hidden>
commit 424ba94a9aa9e64 fe1c0d2099b63e7 d979b492cd
Author: Jim Somerville <email address hidden>
Date: Fri Jan 24 12:36:06 2020 -0500
Mellanox Driver: Disable use of kernel page pool functionality
Problem: The out-of-tree Mellanox driver detects the presence
of page pool support in the new kernel, and thus wants to use it.
However, page pools are not configured to be on in the new kernel
by default (CONFIG_PAGE_POOL), and not only that, the config
option is hidden ie. it is not user selectable. The built-in
Mellanox driver selects it, but we don't use the built-in driver.
The out-of-tree driver does compile but not all pieces of it
will load properly, specifically the mlx5 pieces which rely on
page pool functionality being enabled in the kernel.
Solution: Simply disable kernel page pool use in the
out-of-tree Mellanox driver, making it work the same way as
it did with the older kernel.
Change-Id: If7e7155867d539 352fcd0ea3acd5a 17dd9d9579f
Closes-Bug: 1860347
Signed-off-by: Jim Somerville <email address hidden>
commit 7165b3539c75009 311d3d4360a15b6 ee4c7a4573
Author: Lin Shuicheng <email address hidden>
Date: Sun Jan 19 01:59:42 2020 +0000
Revert "Revert "add containerd package for kata container support""
This reverts commit ff7b8ffd6a91d4f e3b59f939d59bf1 512e524c60.
Depends-On: https:/ /review. opendev. org/703263 e49219c9c985717 40f0e066c3f
Change-Id: I9ed3cc54bb61d6
Signed-off-by: Shuicheng Lin <email address hidden>
commit 5ccf5648d8a58b0 ca1ea6460b31d93 16d2b6ec8a
Author: Saul Wold <email address hidden>
Date: Thu Jan 16 09:51:45 2020 -0800
cgcs-users: remove unused package
The cgcs-users package provides a restricted shell ibsh (Iron Bars SHell)
that is no longer being referenced in StarlingX, so we can remove this
package.
Story: 2007102 b0c4ce93ed6499d b1394b1e48e
Task: 38147
Change-Id: Ic8c262d973734b
Signed-off-by: Saul Wold <email address hidden>
commit d2909ed9e350bd6 37e2ee1d57f261a 0ad1c2634b
Author: Don Penney <email address hidden>
Date: Wed Jan 15 23:39:55 2020 -0500
Remove python-smartpm from build
The python-smartpm module is no longer used by the patching framework.
This commit removes it from the build.
Change-Id: I8b3dbffeb9db76 75aa545ec674b91 93a1b2a1bc5
Story: 2006227
Task: 35828
Signed-off-by: Don Penney <email address hidden>
commit ff7b8ffd6a91d4f e3b59f939d59bf1 512e524c60
Author: Don Penney <email address hidden>
Date: Tue Jan 14 20:38:20 2020 +0000
Revert "add containerd package for kata container support"
This reverts commit 90f7e49661653e8 2dbad7cbaa92483 7620fb4b60.
Reverting due to https:/ /bugs.launchpad .net/starlingx/ +bug/1859686
Change-Id: Ief511a012fe61d 5d3016dc13c54fa b1e32a4d6b0
commit 38c184f1b415dbe 2eca4a062f9f464 a2dca01aa9
Author: Robin Lu <email address hidden>
Date: Thu Nov 21 15:04:40 2019 +0800
Update kernel-std patches for kernel upgrade to version 1062.1.2
This upgrade fixes the CVEs listed below. We refresh the patches
against the new kernel source.
The patch 15 is now included in new version, so I drop it
in the new patch.
CVE bug: CVE-2019- 11810:kernel: a NULL pointer dereference in scsi/megaraid/ megaraid_ sas_base. c leading to DoS
drivers/
CVE bug: CVE-2019-11811: kernel: use-after-free in IPMI Edit
CVE bug: CVE-2019-14835: kernel: vhost-net: guest to host kernel
escape during migration
Closes-Bug: 1849206
Closes-Bug: 1849209
Closes-Bug: 1847817
Change-Id: I217cf8684e31da cea627c33462e5e 4b6e089c38f /review. opendev. org/#/c/ 695355/
Depends-On: https:/
Signed-off-by: Robin Lu <email address hidden>
commit bcfade61de1c4e7 4da967cd33aa54f 26661aa436
Author: Bart Wensley <email address hidden>
Date: Fri Dec 20 10:19:31 2019 -0600
Remove obsolete patches for eventlet and requests
We are currently carrying patches for python-eventlet and
python-requests that are over three years old and were
created to "fix" a nova issue. Now that nova is in a
container, it no longer uses our eventlet or requests so
these patches do not have any effect.
The patches need to be removed to allow eventlet to be
upversioned, which is being done in another commit.
Change-Id: I730ba86d8f6ec8 b88b060ada324cf d268af24b35 /review. opendev. org/#/c/ 700071/ /review. opendev. org/#/c/ 700054/
Story: 2006781
Task: 37583
Depends-On: https:/
Depends-On: https:/
Signed-off-by: Bart Wensley <email address hidden>
commit 90f7e49661653e8 2dbad7cbaa92483 7620fb4b60
Author: Shuicheng Lin <email address hidden>
Date: Fri Sep 27 23:22:33 2019 +0800
add containerd package for kata container support
containerd is upgrade from 1.2.5 to 1.3.0 in order to support
kata container.
Story: 2006145 /review. opendev. org/697601 /review. opendev. org/685211 28c865f463cafda bfad5946e02
Task: 36834
Depends-On: https:/
Depends-On: https:/
Change-Id: I2e067a1af19623
Signed-off-by: Shuicheng Lin <email address hidden>
commit 0656fa94dcb9a32 a52d2d7757f1b13 8b88ba9a43
Author: Robin Lu <email address hidden>
Date: Thu Nov 21 15:13:50 2019 +0800
Update kernel-rt patches for kernel upgrade to version 1062.1.2
This upgrade fixes the CVEs listed below. We refresh the patches Don-t-wake- rcuc-X- kthreads- on-NOCB- CPUs.patch is deleted
against the new rt-kernel source.
rcu-
because upstream has fixed this bug, and it is no longer needed.
CVE bug: CVE-2019- 11810:kernel: a NULL pointer dereference in scsi/megaraid/ megaraid_ sas_base. c leading to DoS
drivers/
CVE bug: CVE-2019-11811: kernel: use-after-free in IPMI Edit
CVE bug: CVE-2019-14835: kernel: vhost-net: guest to host kernel
escape during migration
Closes-Bug: 1849206
Closes-Bug: 1849209
Closes-Bug: 1847817
Change-Id: Iaf5eae5d64b621 f44f8faad51d22f 9439431911f /review. opendev. org/#/c/ 695355/
Depends-On: https:/
Signed-off-by: Robin Lu <email address hidden>