April 2016 - openSUSE Commits - openSUSE Mailing Lists

commit rubygem-mixlib-authentication for openSUSE:Factory
by root＠hilbert.suse.de 28 Apr '16

28 Apr '16

Hello community, here is the log from the commit of package rubygem-mixlib-authentication for openSUSE:Factory checked in at 2016-04-28 16:52:40 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-mixlib-authentication (Old) and /work/SRC/openSUSE:Factory/.rubygem-mixlib-authentication.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "rubygem-mixlib-authentication" Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-mixlib-authentication/rubygem-mixlib-authentication.changes 2014-10-23 14:20:53.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.rubygem-mixlib-authentication.new/rubygem-mixlib-authentication.changes 2016-04-28 16:52:55.000000000 +0200 @@ -1,0 +2,6 @@ +Wed Jan 20 05:48:02 UTC 2016 - coolo(a)suse.com + +- updated to version 1.4.0 + no changelog found + +------------------------------------------------------------------- Old: ---- mixlib-authentication-1.3.0.gem New: ---- gem2rpm.yml mixlib-authentication-1.4.0.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-mixlib-authentication.spec ++++++ --- /var/tmp/diff_new_pack.QyIRuS/_old 2016-04-28 16:52:56.000000000 +0200 +++ /var/tmp/diff_new_pack.QyIRuS/_new 2016-04-28 16:52:56.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package rubygem-mixlib-authentication # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,8 +16,15 @@ # +# +# This file was generated with a gem2rpm.yml and not just plain gem2rpm. +# All sections marked as MANUAL, license headers, summaries and descriptions +# can be maintained in that file. Please consult this file before editing any +# of those fields +# + Name: rubygem-mixlib-authentication -Version: 1.3.0 +Version: 1.4.0 Release: 0 %define mod_name mixlib-authentication %define mod_full_name %{mod_name}-%{version} @@ -27,6 +34,7 @@ BuildRequires: ruby-macros >= 5 Url: http://www.opscode.com Source: http://rubygems.org/gems/%{mod_full_name}.gem +Source1: gem2rpm.yml Summary: Mixes in simple per-request authentication License: Apache-2.0 Group: Development/Languages/Ruby ++++++ gem2rpm.yml ++++++ # --- # ## used by gem2rpm # :summary: this is a custom summary # ## used by gem2rpm # :description: |- # this is a custom description # # it can be multiline # ## used by gem2rpm # :license: MIT or Ruby # ## used by gem2rpm and gem_packages # :version_suffix: -x_y # ## used by gem2rpm and gem_packages # :disable_docs: true # ## used by gem2rpm # :disable_automatic_rdoc_dep: true # ## used by gem2rpm # :preamble: |- # BuildRequires: foobar # Requires: foobar # ## used by gem2rpm # :patches: # foo.patch: -p1 # bar.patch: # ## used by gem2rpm :sources: # - foo.desktop # - bar.desktop # :gem_install_args: '....' # ## used by gem2rpm # :pre_install: |- # %if 0%{?use_system_libev} # export USE_VENDORED_LIBEV="no" # %endif # ## used by gem2rpm # :post_install: |- # # delete custom files here or do other fancy stuff # install -D -m 0644 %{S:1} %{buildroot}%{_bindir}/gem2rpm-opensuse # ## used by gem2rpm # :testsuite_command: |- # (pushd %{buildroot}%{gem_base}/gems/%{mod_full_name} && rake test) # ## used by gem2rpm # :filelist: |- # /usr/bin/gem2rpm-opensuse # ## used by gem2rpm # :scripts: # :post: |- # /bin/echo foo # ## used by gem_packages # :main: # :preamble: |- # Requires: util-linux # Recommends: pwgen # :filelist: |- # /usr/bin/gem2rpm-opensuse # ## used by gem_packages # :custom: # apache: # :preamble: |- # Requires: ..... # :filelist: |- # /etc/apache2/conf.d/passenger.conf # :summary: Custom summary is optional # :description: |- # Custom description is optional # # bar # :post: |- # /bin/echo foo # ++++++ mixlib-authentication-1.3.0.gem -> mixlib-authentication-1.4.0.gem ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Gemfile new/Gemfile --- old/Gemfile 1970-01-01 01:00:00.000000000 +0100 +++ new/Gemfile 2016-01-19 18:37:56.000000000 +0100 @@ -0,0 +1,6 @@ +source "https://rubygems.org" +gemspec + +group(:development) do + gem 'pry' +end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/Rakefile new/Rakefile --- old/Rakefile 1970-01-01 01:00:00.000000000 +0100 +++ new/Rakefile 2016-01-19 18:37:56.000000000 +0100 @@ -1,5 +1,5 @@ require 'rubygems' -require 'rake/gempackagetask' +require 'rubygems/package_task' require 'rubygems/specification' require 'date' require 'rspec/core/rake_task' @@ -16,12 +16,12 @@ desc "Run specs" RSpec::Core::RakeTask.new do |t| t.pattern = 'spec/**/*_spec.rb' - t.rspec_opts = %w(-fs --color) + t.rspec_opts = %w(--format documentation --color) end gem_spec = eval(File.read("mixlib-authentication.gemspec")) -Rake::GemPackageTask.new(gem_spec) do |pkg| +Gem::PackageTask.new(gem_spec) do |pkg| pkg.gem_spec = gem_spec end Files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/mixlib/authentication/digester.rb new/lib/mixlib/authentication/digester.rb --- old/lib/mixlib/authentication/digester.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/lib/mixlib/authentication/digester.rb 2016-01-19 18:37:56.000000000 +0100 @@ -17,15 +17,15 @@ # require 'mixlib/authentication' +require 'openssl' module Mixlib module Authentication class Digester - class << self - - def hash_file(f) - digester = Digest::SHA1.new + + def hash_file(f, digest=OpenSSL::Digest::SHA1) + digester = digest.new buf = "" while f.read(16384, buf) digester.update buf @@ -34,15 +34,15 @@ end # Digests a string, base64's and chomps the end - # + # # ====Parameters - # - def hash_string(str) - ::Base64.encode64(Digest::SHA1.digest(str)).chomp + # + def hash_string(str, digest=OpenSSL::Digest::SHA1) + ::Base64.encode64(digest.digest(str)).chomp end - + end - + end end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/mixlib/authentication/http_authentication_request.rb new/lib/mixlib/authentication/http_authentication_request.rb --- old/lib/mixlib/authentication/http_authentication_request.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/lib/mixlib/authentication/http_authentication_request.rb 2016-01-19 18:37:56.000000000 +0100 @@ -64,6 +64,10 @@ headers[:x_ops_content_hash].chomp end + def server_api_version + (headers[:x_ops_server_api_version] || DEFAULT_SERVER_API_VERSION).chomp + end + def request_signature unless @request_signature @request_signature = headers.find_all { |h| h[0].to_s =~ /^x_ops_authorization_/ }.sort { |x,y| x.to_s <=> y.to_s}.map { |i| i[1] }.join("\n") @@ -80,8 +84,6 @@ raise MissingAuthenticationHeader, "missing required authentication header(s) '#{missing_headers.join("', '")}'" end end - - end end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/mixlib/authentication/signatureverification.rb new/lib/mixlib/authentication/signatureverification.rb --- old/lib/mixlib/authentication/signatureverification.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/lib/mixlib/authentication/signatureverification.rb 2016-01-19 18:37:56.000000000 +0100 @@ -48,6 +48,8 @@ def_delegator :@auth_request, :request + def_delegator :@auth_request, :server_api_version + include Mixlib::Authentication::SignedHeaderAuth def initialize(request=nil) @@ -138,8 +140,15 @@ def verify_signature(algorithm, version) candidate_block = canonicalize_request(algorithm, version) - request_decrypted_block = @user_secret.public_decrypt(Base64.decode64(request_signature)) - @valid_signature = (request_decrypted_block == candidate_block) + signature = Base64.decode64(request_signature) + @valid_signature = case version + when '1.3' + digest = validate_sign_version_digest!(algorithm, version) + @user_secret.verify(digest.new, signature, candidate_block) + else + request_decrypted_block = @user_secret.public_decrypt(signature) + (request_decrypted_block == candidate_block) + end # Keep the debug messages lined up so it's easy to scan them Mixlib::Authentication::Log.debug("Verifying request signature:") @@ -171,7 +180,7 @@ # The request signature is based on any file attached, if any. Otherwise # it's based on the body of the request. - def hashed_body + def hashed_body(digest=Digest::SHA1) unless @hashed_body # TODO: tim: 2009-112-28: It'd be nice to remove this special case, and # always hash the entire request body. In the file case it would just be @@ -205,11 +214,11 @@ # we hash the body. if file_param Mixlib::Authentication::Log.debug "Digesting file_param: '#{file_param.inspect}'" - @hashed_body = digester.hash_file(file_param) + @hashed_body = digester.hash_file(file_param, digest) else body = request.raw_post Mixlib::Authentication::Log.debug "Digesting body: '#{body}'" - @hashed_body = digester.hash_string(body) + @hashed_body = digester.hash_string(body, digest) end end @hashed_body diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/mixlib/authentication/signedheaderauth.rb new/lib/mixlib/authentication/signedheaderauth.rb --- old/lib/mixlib/authentication/signedheaderauth.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/lib/mixlib/authentication/signedheaderauth.rb 2016-01-19 18:37:56.000000000 +0100 @@ -19,7 +19,7 @@ require 'time' require 'base64' -require 'digest/sha1' +require 'openssl/digest' require 'mixlib/authentication' require 'mixlib/authentication/digester' @@ -29,13 +29,21 @@ module SignedHeaderAuth NULL_ARG = Object.new + + ALGORITHM_FOR_VERSION = { + '1.0' => 'sha1', + '1.1' => 'sha1', + '1.3' => 'sha256', + }.freeze() + + # Use of SUPPORTED_ALGORITHMS and SUPPORTED_VERSIONS is deprecated. Use + # ALGORITHM_FOR_VERSION instead SUPPORTED_ALGORITHMS = ['sha1'].freeze SUPPORTED_VERSIONS = ['1.0', '1.1'].freeze DEFAULT_SIGN_ALGORITHM = 'sha1'.freeze DEFAULT_PROTO_VERSION = '1.0'.freeze - # === signing_object # This is the intended interface for signing requests with the # Opscode/Chef signed header protocol. This wraps the constructor for a @@ -65,11 +73,20 @@ # These parameters are accepted but not used in the computation of the signature. # * `:host`: The host part of the URI def self.signing_object(args={ }) - SigningObject.new(args[:http_method], args[:path], args[:body], args[:host], args[:timestamp], args[:user_id], args[:file], args[:proto_version]) + SigningObject.new(args[:http_method], + args[:path], + args[:body], + args[:host], + args[:timestamp], + args[:user_id], + args[:file], + args[:proto_version], + args[:headers] + ) end def algorithm - DEFAULT_SIGN_ALGORITHM + ALGORITHM_FOR_VERSION[proto_version] || DEFAULT_SIGN_ALGORITHM end def proto_version @@ -81,28 +98,50 @@ # ====Parameters # private_key<OpenSSL::PKey::RSA>:: user's RSA private key. def sign(private_key, sign_algorithm=algorithm, sign_version=proto_version) + digest = validate_sign_version_digest!(sign_algorithm, sign_version) # Our multiline hash for authorization will be encoded in multiple header # lines - X-Ops-Authorization-1, ... (starts at 1, not 0!) header_hash = { "X-Ops-Sign" => "algorithm=#{sign_algorithm};version=#{sign_version};", "X-Ops-Userid" => user_id, "X-Ops-Timestamp" => canonical_time, - "X-Ops-Content-Hash" => hashed_body, + "X-Ops-Content-Hash" => hashed_body(digest), } - string_to_sign = canonicalize_request(sign_algorithm, sign_version) - signature = Base64.encode64(private_key.private_encrypt(string_to_sign)).chomp + signature = Base64.encode64(do_sign(private_key, digest, sign_algorithm, sign_version)).chomp signature_lines = signature.split(/\n/) signature_lines.each_index do |idx| key = "X-Ops-Authorization-#{idx + 1}" header_hash[key] = signature_lines[idx] end - Mixlib::Authentication::Log.debug "String to sign: '#{string_to_sign}'\nHeader hash: #{header_hash.inspect}" + Mixlib::Authentication::Log.debug "Header hash: #{header_hash.inspect}" header_hash end + def validate_sign_version_digest!(sign_algorithm, sign_version) + if ALGORITHM_FOR_VERSION[sign_version].nil? + raise AuthenticationError, + "Unsupported version '#{sign_version}'" + end + + if ALGORITHM_FOR_VERSION[sign_version] != sign_algorithm + raise AuthenticationError, + "Unsupported algorithm #{sign_algorithm} for version '#{sign_version}'" + end + + case sign_algorithm + when 'sha1' + OpenSSL::Digest::SHA1 + when 'sha256' + OpenSSL::Digest::SHA256 + else + # This case should never happen + raise "Unknown algorithm #{sign_algorithm}" + end + end + # Build the canonicalized time based on utc & iso8601 # # ====Parameters @@ -121,13 +160,27 @@ p.length > 1 ? p.chomp('/') : p end - def hashed_body + def hashed_body(digest=OpenSSL::Digest::SHA1) + # This is weird. sign() is called with the digest type and signing + # version. These are also expected to be properties of the object. + # Hence, we're going to assume the one that is passed to sign is + # the correct one and needs to passed through all the functions + # that do any sort of digest. + if @hashed_body_digest != nil && @hashed_body_digest != digest + raise "hashed_body must always be called with the same digest" + else + @hashed_body_digest = digest + end # Hash the file object if it was passed in, otherwise hash based on # the body. # TODO: tim 2009-12-28: It'd be nice to just remove this special case, # always sign the entire request body, using the expanded multipart # body in the case of a file being include. - @hashed_body ||= (self.file && self.file.respond_to?(:read)) ? digester.hash_file(self.file) : digester.hash_string(self.body) + @hashed_body ||= if self.file && self.file.respond_to?(:read) + digester.hash_file(self.file, digest) + else + digester.hash_string(self.body, digest) + end end # Takes HTTP request method & headers and creates a canonical form @@ -137,21 +190,37 @@ # # def canonicalize_request(sign_algorithm=algorithm, sign_version=proto_version) - unless SUPPORTED_ALGORITHMS.include?(sign_algorithm) && SUPPORTED_VERSIONS.include?(sign_version) - raise AuthenticationError, "Bad algorithm '#{sign_algorithm}' (allowed: #{SUPPORTED_ALGORITHMS.inspect}) or version '#{sign_version}' (allowed: #{SUPPORTED_VERSIONS.inspect})" + digest = validate_sign_version_digest!(sign_algorithm, sign_version) + canonical_x_ops_user_id = canonicalize_user_id(user_id, sign_version, digest) + case sign_version + when "1.3" + [ + "Method:#{http_method.to_s.upcase}", + "Path:#{canonical_path}", + "X-Ops-Content-Hash:#{hashed_body(digest)}", + "X-Ops-Sign:version=#{sign_version}", + "X-Ops-Timestamp:#{canonical_time}", + "X-Ops-UserId:#{canonical_x_ops_user_id}", + "X-Ops-Server-API-Version:#{server_api_version}", + ].join("\n") + else + [ + "Method:#{http_method.to_s.upcase}", + "Hashed Path:#{digester.hash_string(canonical_path, digest)}", + "X-Ops-Content-Hash:#{hashed_body(digest)}", + "X-Ops-Timestamp:#{canonical_time}", + "X-Ops-UserId:#{canonical_x_ops_user_id}" + ].join("\n") end - - canonical_x_ops_user_id = canonicalize_user_id(user_id, sign_version) - "Method:#{http_method.to_s.upcase}\nHashed Path:#{digester.hash_string(canonical_path)}\nX-Ops-Content-Hash:#{hashed_body}\nX-Ops-Timestamp:#{canonical_time}\nX-Ops-UserId:#{canonical_x_ops_user_id}" end - def canonicalize_user_id(user_id, proto_version) + def canonicalize_user_id(user_id, proto_version, digest=OpenSSL::Digest::SHA1) case proto_version when "1.1" - digester.hash_string(user_id) - when "1.0" - user_id + # and 1.2 if that ever gets implemented + digester.hash_string(user_id, digest) else + # versions 1.0 and 1.3 user_id end end @@ -174,6 +243,18 @@ Mixlib::Authentication::Digester end + # private + def do_sign(private_key, digest, sign_algorithm, sign_version) + string_to_sign = canonicalize_request(sign_algorithm, sign_version) + Mixlib::Authentication::Log.debug "String to sign: '#{string_to_sign}'" + case sign_version + when '1.3' + private_key.sign(digest.new, string_to_sign) + else + private_key.private_encrypt(string_to_sign) + end + end + private :canonical_time, :canonical_path, :parse_signing_description, :digester, :canonicalize_user_id end @@ -182,13 +263,25 @@ # A Struct-based value object that contains the necessary information to # generate a request signature. `SignedHeaderAuth.signing_object()` # provides a more convenient interface to the constructor. - class SigningObject < Struct.new(:http_method, :path, :body, :host, :timestamp, :user_id, :file, :proto_version) + class SigningObject < Struct.new(:http_method, :path, :body, :host, + :timestamp, :user_id, :file, :proto_version, + :headers) include SignedHeaderAuth def proto_version (self[:proto_version] or DEFAULT_PROTO_VERSION).to_s end - end + def server_api_version + key = (self[:headers] || {}).keys.select do |k| + k.downcase == 'x-ops-server-api-version' + end.first + if key + self[:headers][key] + else + DEFAULT_SERVER_API_VERSION + end + end + end end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/mixlib/authentication/version.rb new/lib/mixlib/authentication/version.rb --- old/lib/mixlib/authentication/version.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/lib/mixlib/authentication/version.rb 2016-01-19 18:37:56.000000000 +0100 @@ -0,0 +1,21 @@ +# Copyright:: Copyright (c) 2010-2015 Chef Software, Inc. +# License:: Apache License, Version 2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +module Mixlib + module Authentication + VERSION = '1.4.0' + end +end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/mixlib/authentication.rb new/lib/mixlib/authentication.rb --- old/lib/mixlib/authentication.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/lib/mixlib/authentication.rb 2016-01-19 18:37:56.000000000 +0100 @@ -20,6 +20,8 @@ module Mixlib module Authentication + DEFAULT_SERVER_API_VERSION = '0' + class AuthenticationError < StandardError end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata 1970-01-01 01:00:00.000000000 +0100 +++ new/metadata 2016-01-19 18:37:56.000000000 +0100 @@ -1,91 +1,131 @@ ---- !ruby/object:Gem::Specification +--- !ruby/object:Gem::Specification name: mixlib-authentication -version: !ruby/object:Gem::Version - hash: 27 - prerelease: - segments: - - 1 - - 3 - - 0 - version: 1.3.0 +version: !ruby/object:Gem::Version + version: 1.4.0 platform: ruby -authors: +authors: - Opscode, Inc. autorequire: bindir: bin cert_chain: [] - -date: 2012-08-06 00:00:00 Z -dependencies: -- !ruby/object:Gem::Dependency +date: 2016-01-19 00:00:00.000000000 Z +dependencies: +- !ruby/object:Gem::Dependency name: mixlib-log + requirement: !ruby/object:Gem::Requirement + requirements: + - - ">=" + - !ruby/object:Gem::Version + version: '0' + type: :runtime prerelease: false - requirement: &id001 !ruby/object:Gem::Requirement - none: false - requirements: + version_requirements: !ruby/object:Gem::Requirement + requirements: - - ">=" - - !ruby/object:Gem::Version - hash: 3 - segments: - - 0 - version: "0" + - !ruby/object:Gem::Version + version: '0' +- !ruby/object:Gem::Dependency + name: rspec-core + requirement: !ruby/object:Gem::Requirement + requirements: + - - "~>" + - !ruby/object:Gem::Version + version: '3.2' type: :runtime - version_requirements: *id001 + prerelease: false + version_requirements: !ruby/object:Gem::Requirement + requirements: + - - "~>" + - !ruby/object:Gem::Version + version: '3.2' +- !ruby/object:Gem::Dependency + name: rspec-expectations + requirement: !ruby/object:Gem::Requirement + requirements: + - - "~>" + - !ruby/object:Gem::Version + version: '3.2' + type: :runtime + prerelease: false + version_requirements: !ruby/object:Gem::Requirement + requirements: + - - "~>" + - !ruby/object:Gem::Version + version: '3.2' +- !ruby/object:Gem::Dependency + name: rspec-mocks + requirement: !ruby/object:Gem::Requirement + requirements: + - - "~>" + - !ruby/object:Gem::Version + version: '3.2' + type: :runtime + prerelease: false + version_requirements: !ruby/object:Gem::Requirement + requirements: + - - "~>" + - !ruby/object:Gem::Version + version: '3.2' +- !ruby/object:Gem::Dependency + name: rake + requirement: !ruby/object:Gem::Requirement + requirements: + - - "~>" + - !ruby/object:Gem::Version + version: '10.4' + type: :development + prerelease: false + version_requirements: !ruby/object:Gem::Requirement + requirements: + - - "~>" + - !ruby/object:Gem::Version + version: '10.4' description: Mixes in simple per-request authentication email: info(a)opscode.com executables: [] - extensions: [] - -extra_rdoc_files: +extra_rdoc_files: - README.rdoc - LICENSE - NOTICE -files: +files: +- Gemfile - LICENSE +- NOTICE - README.rdoc - Rakefile -- NOTICE -- lib/mixlib/authentication/signedheaderauth.rb +- lib/mixlib/authentication.rb - lib/mixlib/authentication/digester.rb - lib/mixlib/authentication/http_authentication_request.rb - lib/mixlib/authentication/signatureverification.rb -- lib/mixlib/authentication.rb -- spec/spec_helper.rb -- spec/mixlib/authentication/mixlib_authentication_spec.rb +- lib/mixlib/authentication/signedheaderauth.rb +- lib/mixlib/authentication/version.rb +- mixlib-authentication.gemspec +- spec/mixlib/authentication/digester_spec.rb - spec/mixlib/authentication/http_authentication_request_spec.rb +- spec/mixlib/authentication/mixlib_authentication_spec.rb +- spec/spec_helper.rb homepage: http://www.opscode.com licenses: [] - +metadata: {} post_install_message: rdoc_options: [] - -require_paths: +require_paths: - lib -required_ruby_version: !ruby/object:Gem::Requirement - none: false - requirements: +required_ruby_version: !ruby/object:Gem::Requirement + requirements: - - ">=" - - !ruby/object:Gem::Version - hash: 3 - segments: - - 0 - version: "0" -required_rubygems_version: !ruby/object:Gem::Requirement - none: false - requirements: + - !ruby/object:Gem::Version + version: '0' +required_rubygems_version: !ruby/object:Gem::Requirement + requirements: - - ">=" - - !ruby/object:Gem::Version - hash: 3 - segments: - - 0 - version: "0" + - !ruby/object:Gem::Version + version: '0' requirements: [] - rubyforge_project: -rubygems_version: 1.8.15 +rubygems_version: 2.5.0 signing_key: -specification_version: 3 +specification_version: 4 summary: Mixes in simple per-request authentication test_files: [] - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/mixlib-authentication.gemspec new/mixlib-authentication.gemspec --- old/mixlib-authentication.gemspec 1970-01-01 01:00:00.000000000 +0100 +++ new/mixlib-authentication.gemspec 2016-01-19 18:37:56.000000000 +0100 @@ -0,0 +1,25 @@ +$:.unshift(File.dirname(__FILE__) + '/lib') +require 'mixlib/authentication/version' + +Gem::Specification.new do |s| + s.name = "mixlib-authentication" + s.version = Mixlib::Authentication::VERSION + s.platform = Gem::Platform::RUBY + s.has_rdoc = true + s.extra_rdoc_files = ["README.rdoc", "LICENSE", 'NOTICE'] + s.summary = "Mixes in simple per-request authentication" + s.description = s.summary + s.author = "Opscode, Inc." + s.email = "info(a)opscode.com" + s.homepage = "http://www.opscode.com" + + # Uncomment this to add a dependency + s.add_dependency "mixlib-log" + + s.require_path = 'lib' + s.files = %w(LICENSE README.rdoc Gemfile Rakefile NOTICE) + Dir.glob("*.gemspec") + + Dir.glob("{lib,spec}/**/*", File::FNM_DOTMATCH).reject {|f| File.directory?(f) } + + %w(rspec-core rspec-expectations rspec-mocks).each { |gem| s.add_dependency gem, "~> 3.2" } + s.add_development_dependency "rake", "~> 10.4" +end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec/mixlib/authentication/digester_spec.rb new/spec/mixlib/authentication/digester_spec.rb --- old/spec/mixlib/authentication/digester_spec.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/spec/mixlib/authentication/digester_spec.rb 2016-01-19 18:37:56.000000000 +0100 @@ -0,0 +1,24 @@ +require 'mixlib/authentication/digester' + +describe Mixlib::Authentication::Digester do + context 'backcompat' do + # The digester API should really have been private, + # however oc-chef-pedant uses it. + let(:test_string) { 'hello' } + let(:test_string_checksum) { 'qvTGHdzF6KLavt4PO0gs2a6pQ00=' } + + describe '#hash_file' do + it 'should default to use SHA1' do + expect(described_class.hash_file(StringIO.new(test_string))).to( + eq(test_string_checksum)) + end + end + + describe '#hash_string' do + it 'should default to use SHA1' do + expect(described_class.hash_string(test_string)).to( + eq(test_string_checksum)) + end + end + end +end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec/mixlib/authentication/http_authentication_request_spec.rb new/spec/mixlib/authentication/http_authentication_request_spec.rb --- old/spec/mixlib/authentication/http_authentication_request_spec.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/spec/mixlib/authentication/http_authentication_request_spec.rb 2016-01-19 18:37:56.000000000 +0100 @@ -76,41 +76,41 @@ :x_ops_authorization_4=>"IWPZDHSiPcw//AYNgW1CCDptt+UFuaFYbtqZegcBd2n/jzcWODA7zL4KWEUy", :x_ops_authorization_5=>"9q4rlh/+1tBReg60QdsmDRsw/cdO1GZrKtuCwbuD4+nbRdVBKv72rqHX9cu0", :x_ops_authorization_6=>"utju9jzczCyB+sSAQWrxSsXB/b8vV2qs0l4VD2ML+w=="} - @http_authentication_request.headers.should == expected + expect((a)http_authentication_request.headers).to eq(expected) end it "raises an error when not all required headers are given" do @merb_headers.delete("HTTP_X_OPS_SIGN") exception = Mixlib::Authentication::MissingAuthenticationHeader - lambda{ Mixlib::Authentication::HTTPAuthenticationRequest.new(@request) }.should raise_error(exception) + expect{ Mixlib::Authentication::HTTPAuthenticationRequest.new(@request) }.to raise_error(exception) end it "extracts the path from the request" do - @http_authentication_request.path.should == '/nodes' + expect((a)http_authentication_request.path).to eq('/nodes') end it "extracts the request method from the request" do - @http_authentication_request.http_method.should == 'POST' + expect((a)http_authentication_request.http_method).to eq('POST') end it "extracts the signing description from the request headers" do - @http_authentication_request.signing_description.should == 'version=1.0' + expect((a)http_authentication_request.signing_description).to eq('version=1.0') end it "extracts the user_id from the request headers" do - @http_authentication_request.user_id.should == 'spec-user' + expect((a)http_authentication_request.user_id).to eq('spec-user') end it "extracts the timestamp from the request headers" do - @http_authentication_request.timestamp.should == "2009-01-01T12:00:00Z" + expect((a)http_authentication_request.timestamp).to eq("2009-01-01T12:00:00Z") end it "extracts the host from the request headers" do - @http_authentication_request.host.should == "127.0.0.1" + expect((a)http_authentication_request.host).to eq("127.0.0.1") end it "extracts the content hash from the request headers" do - @http_authentication_request.content_hash.should == "DFteJZPVv6WKdQmMqZUQUumUyRs=" + expect((a)http_authentication_request.content_hash).to eq("DFteJZPVv6WKdQmMqZUQUumUyRs=") end it "rebuilds the request signature from the headers" do @@ -122,7 +122,11 @@ 9q4rlh/+1tBReg60QdsmDRsw/cdO1GZrKtuCwbuD4+nbRdVBKv72rqHX9cu0 utju9jzczCyB+sSAQWrxSsXB/b8vV2qs0l4VD2ML+w== SIG - @http_authentication_request.request_signature.should == expected.chomp + expect((a)http_authentication_request.request_signature).to eq(expected.chomp) + end + + it "defaults to server api version 0" do + expect((a)http_authentication_request.server_api_version).to eq('0') end end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/spec/mixlib/authentication/mixlib_authentication_spec.rb new/spec/mixlib/authentication/mixlib_authentication_spec.rb --- old/spec/mixlib/authentication/mixlib_authentication_spec.rb 1970-01-01 01:00:00.000000000 +0100 +++ new/spec/mixlib/authentication/mixlib_authentication_spec.rb 2016-01-19 18:37:56.000000000 +0100 @@ -72,52 +72,65 @@ it "should generate the correct string to sign and signature, version 1.0 (default)" do - V1_0_SIGNING_OBJECT.canonicalize_request.should == V1_0_CANONICAL_REQUEST + expect(V1_0_SIGNING_OBJECT.canonicalize_request).to eq(V1_0_CANONICAL_REQUEST) # If you need to regenerate the constants in this test spec, print out # the results of res.inspect and copy them as appropriate into the # the constants in this file. - V1_0_SIGNING_OBJECT.sign(PRIVATE_KEY).should == EXPECTED_SIGN_RESULT_V1_0 + expect(V1_0_SIGNING_OBJECT.sign(PRIVATE_KEY)).to eq(EXPECTED_SIGN_RESULT_V1_0) end it "should generate the correct string to sign and signature, version 1.1" do - V1_1_SIGNING_OBJECT.proto_version.should == "1.1" - V1_1_SIGNING_OBJECT.canonicalize_request.should == V1_1_CANONICAL_REQUEST + expect(V1_1_SIGNING_OBJECT.proto_version).to eq("1.1") + expect(V1_1_SIGNING_OBJECT.canonicalize_request).to eq(V1_1_CANONICAL_REQUEST) # If you need to regenerate the constants in this test spec, print out # the results of res.inspect and copy them as appropriate into the # the constants in this file. - V1_1_SIGNING_OBJECT.sign(PRIVATE_KEY).should == EXPECTED_SIGN_RESULT_V1_1 + expect(V1_1_SIGNING_OBJECT.sign(PRIVATE_KEY)).to eq(EXPECTED_SIGN_RESULT_V1_1) end + it "should generate the correct string to sign and signature for version 1.3 with SHA256" do + expect(V1_3_SHA256_SIGNING_OBJECT.proto_version).to eq("1.3") + expect(V1_3_SHA256_SIGNING_OBJECT.algorithm).to eq("sha256") + expect(V1_3_SHA256_SIGNING_OBJECT.server_api_version).to eq("1") + expect(V1_3_SHA256_SIGNING_OBJECT.canonicalize_request).to eq(V1_3_SHA256_CANONICAL_REQUEST) + + # If you need to regenerate the constants in this test spec, print out + # the results of res.inspect and copy them as appropriate into the + # the constants in this file. + expect(V1_3_SHA256_SIGNING_OBJECT.sign(PRIVATE_KEY)).to eq(EXPECTED_SIGN_RESULT_V1_3_SHA256) + end + + it "should generate the correct string to sign and signature for non-default proto version when used as a mixin" do algorithm = 'sha1' version = '1.1' V1_1_SIGNING_OBJECT.proto_version = "1.0" - V1_1_SIGNING_OBJECT.proto_version.should == "1.0" - V1_1_SIGNING_OBJECT.canonicalize_request(algorithm, version).should == V1_1_CANONICAL_REQUEST + expect(V1_1_SIGNING_OBJECT.proto_version).to eq("1.0") + expect(V1_1_SIGNING_OBJECT.canonicalize_request(algorithm, version)).to eq(V1_1_CANONICAL_REQUEST) # If you need to regenerate the constants in this test spec, print out # the results of res.inspect and copy them as appropriate into the # the constants in this file. - V1_1_SIGNING_OBJECT.sign(PRIVATE_KEY, algorithm, version).should == EXPECTED_SIGN_RESULT_V1_1 + expect(V1_1_SIGNING_OBJECT.sign(PRIVATE_KEY, algorithm, version)).to eq(EXPECTED_SIGN_RESULT_V1_1) end it "should not choke when signing a request for a long user id with version 1.1" do - lambda { LONG_SIGNING_OBJECT.sign(PRIVATE_KEY, 'sha1', '1.1') }.should_not raise_error + expect { LONG_SIGNING_OBJECT.sign(PRIVATE_KEY, 'sha1', '1.1') }.not_to raise_error end it "should choke when signing a request for a long user id with version 1.0" do - lambda { LONG_SIGNING_OBJECT.sign(PRIVATE_KEY, 'sha1', '1.0') }.should raise_error + expect { LONG_SIGNING_OBJECT.sign(PRIVATE_KEY, 'sha1', '1.0') }.to raise_error(OpenSSL::PKey::RSAError) end it "should choke when signing a request with a bad version" do - lambda { V1_1_SIGNING_OBJECT.sign(PRIVATE_KEY, 'sha1', 'poo') }.should raise_error + expect { V1_1_SIGNING_OBJECT.sign(PRIVATE_KEY, 'sha1', 'poo') }.to raise_error(Mixlib::Authentication::AuthenticationError) end it "should choke when signing a request with a bad algorithm" do - lambda { V1_1_SIGNING_OBJECT.sign(PRIVATE_KEY, 'sha_poo', '1.1') }.should raise_error + expect { V1_1_SIGNING_OBJECT.sign(PRIVATE_KEY, 'sha_poo', '1.1') }.to raise_error(Mixlib::Authentication::AuthenticationError) end end @@ -128,17 +141,30 @@ @user_private_key = PRIVATE_KEY end - it "should authenticate a File-containing request - Merb" do + it "should authenticate a File-containing request V1.1 - Merb" do request_params = MERB_REQUEST_PARAMS.clone request_params["file"] = { "size"=>MockFile.length, "content_type"=>"application/octet-stream", "filename"=>"zsh.tar.gz", "tempfile"=>MockFile.new } mock_request = MockRequest.new(PATH, request_params, MERB_HEADERS_V1_1, "") - Time.should_receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ) + expect(Time).to receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ) service = Mixlib::Authentication::SignatureVerification.new res = service.authenticate_user_request(mock_request, @user_private_key) - res.should_not be_nil + expect(res).not_to be_nil + end + + it "should authenticate a File-containing request V1.3 SHA256 - Merb" do + request_params = MERB_REQUEST_PARAMS.clone + request_params["file"] = + { "size"=>MockFile.length, "content_type"=>"application/octet-stream", "filename"=>"zsh.tar.gz", "tempfile"=>MockFile.new } + + mock_request = MockRequest.new(PATH, request_params, MERB_HEADERS_V1_3_SHA256, "") + expect(Time).to receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ) + + service = Mixlib::Authentication::SignatureVerification.new + res = service.authenticate_user_request(mock_request, @user_private_key) + expect(res).not_to be_nil end it "should authenticate a File-containing request from a v1.0 client - Passenger" do @@ -146,29 +172,38 @@ request_params["tarball"] = MockFile.new mock_request = MockRequest.new(PATH, request_params, PASSENGER_HEADERS_V1_0, "") - Time.should_receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ) + expect(Time).to receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ) auth_req = Mixlib::Authentication::SignatureVerification.new res = auth_req.authenticate_user_request(mock_request, @user_private_key) - res.should_not be_nil + expect(res).not_to be_nil + end + + it "should authenticate a normal (post body) request v1.3 SHA256 - Merb" do + mock_request = MockRequest.new(PATH, MERB_REQUEST_PARAMS, MERB_HEADERS_V1_3_SHA256, BODY) + expect(Time).to receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ) + + service = Mixlib::Authentication::SignatureVerification.new + res = service.authenticate_user_request(mock_request, @user_private_key) + expect(res).not_to be_nil end - it "should authenticate a normal (post body) request - Merb" do + it "should authenticate a normal (post body) request v1.1 - Merb" do mock_request = MockRequest.new(PATH, MERB_REQUEST_PARAMS, MERB_HEADERS_V1_1, BODY) - Time.should_receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ) + expect(Time).to receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ) service = Mixlib::Authentication::SignatureVerification.new res = service.authenticate_user_request(mock_request, @user_private_key) - res.should_not be_nil + expect(res).not_to be_nil end it "should authenticate a normal (post body) request from a v1.0 client - Merb" do mock_request = MockRequest.new(PATH, MERB_REQUEST_PARAMS, MERB_HEADERS_V1_0, BODY) - Time.should_receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ) + expect(Time).to receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ) service = Mixlib::Authentication::SignatureVerification.new res = service.authenticate_user_request(mock_request, @user_private_key) - res.should_not be_nil + expect(res).not_to be_nil end it "shouldn't authenticate if an Authorization header is missing" do @@ -176,15 +211,16 @@ headers.delete("HTTP_X_OPS_SIGN") mock_request = MockRequest.new(PATH, MERB_REQUEST_PARAMS, headers, BODY) - Time.stub!(:now).and_return(TIMESTAMP_OBJ) + allow(Time).to receive(:now).and_return(TIMESTAMP_OBJ) + #Time.stub!(:now).and_return(TIMESTAMP_OBJ) auth_req = Mixlib::Authentication::SignatureVerification.new - lambda {auth_req.authenticate_user_request(mock_request, @user_private_key)}.should raise_error(Mixlib::Authentication::AuthenticationError) + expect {auth_req.authenticate_user_request(mock_request, @user_private_key)}.to raise_error(Mixlib::Authentication::AuthenticationError) - auth_req.should_not be_a_valid_request - auth_req.should_not be_a_valid_timestamp - auth_req.should_not be_a_valid_signature - auth_req.should_not be_a_valid_content_hash + expect(auth_req).not_to be_a_valid_request + expect(auth_req).not_to be_a_valid_timestamp + expect(auth_req).not_to be_a_valid_signature + expect(auth_req).not_to be_a_valid_content_hash end @@ -193,52 +229,67 @@ headers["HTTP_X_OPS_CONTENT_HASH"] += "_" mock_request = MockRequest.new(PATH, MERB_REQUEST_PARAMS, headers, BODY) - Time.should_receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ) + expect(Time).to receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ) auth_req = Mixlib::Authentication::SignatureVerification.new res = auth_req.authenticate_user_request(mock_request, @user_private_key) - res.should be_nil + expect(res).to be_nil - auth_req.should_not be_a_valid_request - auth_req.should be_a_valid_timestamp - auth_req.should be_a_valid_signature - auth_req.should_not be_a_valid_content_hash + expect(auth_req).not_to be_a_valid_request + expect(auth_req).to be_a_valid_timestamp + expect(auth_req).to be_a_valid_signature + expect(auth_req).not_to be_a_valid_content_hash end it "shouldn't authenticate if the timestamp is not within bounds" do mock_request = MockRequest.new(PATH, MERB_REQUEST_PARAMS, MERB_HEADERS_V1_1, BODY) - Time.should_receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ - 1000) + expect(Time).to receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ - 1000) auth_req = Mixlib::Authentication::SignatureVerification.new res = auth_req.authenticate_user_request(mock_request, @user_private_key) - res.should be_nil - auth_req.should_not be_a_valid_request - auth_req.should_not be_a_valid_timestamp - auth_req.should be_a_valid_signature - auth_req.should be_a_valid_content_hash + expect(res).to be_nil + expect(auth_req).not_to be_a_valid_request + expect(auth_req).not_to be_a_valid_timestamp + expect(auth_req).to be_a_valid_signature + expect(auth_req).to be_a_valid_content_hash end it "shouldn't authenticate if the signature is wrong" do headers = MERB_HEADERS_V1_1.dup headers["HTTP_X_OPS_AUTHORIZATION_1"] = "epicfail" mock_request = MockRequest.new(PATH, MERB_REQUEST_PARAMS, headers, BODY) - Time.should_receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ) + expect(Time).to receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ) auth_req = Mixlib::Authentication::SignatureVerification.new res = auth_req.authenticate_user_request(mock_request, @user_private_key) - res.should be_nil - auth_req.should_not be_a_valid_request - auth_req.should_not be_a_valid_signature - auth_req.should be_a_valid_timestamp - auth_req.should be_a_valid_content_hash + expect(res).to be_nil + expect(auth_req).not_to be_a_valid_request + expect(auth_req).not_to be_a_valid_signature + expect(auth_req).to be_a_valid_timestamp + expect(auth_req).to be_a_valid_content_hash end + it "shouldn't authenticate if the signature is wrong for v1.3 SHA256" do + headers = MERB_HEADERS_V1_3_SHA256.dup + headers["HTTP_X_OPS_AUTHORIZATION_1"] = "epicfail" + mock_request = MockRequest.new(PATH, MERB_REQUEST_PARAMS, headers, BODY) + expect(Time).to receive(:now).at_least(:once).and_return(TIMESTAMP_OBJ) + + auth_req = Mixlib::Authentication::SignatureVerification.new + res = auth_req.authenticate_user_request(mock_request, @user_private_key) + expect(res).to be_nil + expect(auth_req).not_to be_a_valid_request + expect(auth_req).not_to be_a_valid_signature + expect(auth_req).to be_a_valid_timestamp + expect(auth_req).to be_a_valid_content_hash + end end USER_ID = "spec-user" DIGESTED_USER_ID = Base64.encode64(Digest::SHA1.new.digest(USER_ID)).chomp BODY = "Spec Body" HASHED_BODY = "DFteJZPVv6WKdQmMqZUQUumUyRs=" # Base64.encode64(Digest::SHA1.digest("Spec Body")).chomp +HASHED_BODY_SHA256 = "hDlKNZhIhgso3Fs0S0pZwJ0xyBWtR1RBaeHs1DrzOho=" TIMESTAMP_ISO8601 = "2009-01-01T12:00:00Z" TIMESTAMP_OBJ = Time.parse("Thu Jan 01 12:00:00 -0000 2009") PATH = "/organizations/clownco" @@ -263,6 +314,20 @@ :proto_version => 1.1 } +V1_3_ARGS_SHA256 = { + :body => BODY, + :user_id => USER_ID, + :http_method => :post, + :timestamp => TIMESTAMP_ISO8601, # fixed timestamp so we get back the same answer each time. + :file => MockFile.new, + :path => PATH, + :proto_version => '1.3', + :headers => { + 'X-OpS-SeRvEr-ApI-VerSiOn' => '1' + } + # This defaults to sha256 +} + LONG_PATH_LONG_USER_ARGS = { :body => BODY, :user_id => "A" * 200, @@ -276,6 +341,8 @@ # Content hash is ???TODO X_OPS_CONTENT_HASH = "DFteJZPVv6WKdQmMqZUQUumUyRs=" +X_OPS_CONTENT_HASH_SHA256 = "hDlKNZhIhgso3Fs0S0pZwJ0xyBWtR1RBaeHs1DrzOho=" + X_OPS_AUTHORIZATION_LINES_V1_0 = [ "jVHrNniWzpbez/eGWjFnO6lINRIuKOg40ZTIQudcFe47Z9e/HvrszfVXlKG4", "NMzYZgyooSvU85qkIUmKuCqgG2AIlvYa2Q/2ctrMhoaHhLOCWWoqYNMaEqPc", @@ -294,6 +361,14 @@ "FDlbAG7H8Dmvo+wBxmtNkszhzbBnEYtuwQqT8nM/8A==" ] +X_OPS_AUTHORIZATION_LINES_V1_3_SHA256 = [ + "FZOmXAyOBAZQV/uw188iBljBJXOm+m8xQ/8KTGLkgGwZNcRFxk1m953XjE3W", + "VGy1dFT76KeaNWmPCNtDmprfH2na5UZFtfLIKrPv7xm80V+lzEzTd9WBwsfP", + "42dZ9N+V9I5SVfcL/lWrrlpdybfceJC5jOcP5tzfJXWUITwb6Z3Erg3DU3Uh", + "H9h9E0qWlYGqmiNCVrBnpe6Si1gU/Jl+rXlRSNbLJ4GlArAPuL976iTYJTzE", + "MmbLUIm3JRYi00Yb01IUCCKdI90vUq1HHNtlTEu93YZfQaJwRxXlGkCNwIJe", + "fy49QzaCIEu1XiOx5Jn+4GmkrZch/RrK9VzQWXgs+w==" +] # We expect Mixlib::Authentication::SignedHeaderAuth#sign to return this # if passed the BODY above, based on version @@ -323,6 +398,19 @@ "X-Ops-Timestamp"=>TIMESTAMP_ISO8601 } +EXPECTED_SIGN_RESULT_V1_3_SHA256 = { + "X-Ops-Content-Hash"=>X_OPS_CONTENT_HASH_SHA256, + "X-Ops-Userid"=>USER_ID, + "X-Ops-Sign"=>"algorithm=sha256;version=1.3;", + "X-Ops-Authorization-1"=>X_OPS_AUTHORIZATION_LINES_V1_3_SHA256[0], + "X-Ops-Authorization-2"=>X_OPS_AUTHORIZATION_LINES_V1_3_SHA256[1], + "X-Ops-Authorization-3"=>X_OPS_AUTHORIZATION_LINES_V1_3_SHA256[2], + "X-Ops-Authorization-4"=>X_OPS_AUTHORIZATION_LINES_V1_3_SHA256[3], + "X-Ops-Authorization-5"=>X_OPS_AUTHORIZATION_LINES_V1_3_SHA256[4], + "X-Ops-Authorization-6"=>X_OPS_AUTHORIZATION_LINES_V1_3_SHA256[5], + "X-Ops-Timestamp"=>TIMESTAMP_ISO8601 +} + OTHER_HEADERS = { # An arbitrary sampling of non-HTTP_* headers are in here to # exercise that code path. @@ -339,6 +427,23 @@ "organization_id"=>"local-test-org", "requesting_actor_id"=>REQUESTING_ACTOR_ID, } +MERB_HEADERS_V1_3_SHA256 = { + # These are used by signatureverification. + "HTTP_HOST"=>"127.0.0.1", + "HTTP_X_OPS_SIGN"=>"algorithm=sha256;version=1.3;", + "HTTP_X_OPS_REQUESTID"=>"127.0.0.1 1258566194.85386", + "HTTP_X_OPS_TIMESTAMP"=>TIMESTAMP_ISO8601, + "HTTP_X_OPS_CONTENT_HASH"=>X_OPS_CONTENT_HASH_SHA256, + "HTTP_X_OPS_USERID"=>USER_ID, + "HTTP_X_OPS_SERVER_API_VERSION"=>"1", + "HTTP_X_OPS_AUTHORIZATION_1"=>X_OPS_AUTHORIZATION_LINES_V1_3_SHA256[0], + "HTTP_X_OPS_AUTHORIZATION_2"=>X_OPS_AUTHORIZATION_LINES_V1_3_SHA256[1], + "HTTP_X_OPS_AUTHORIZATION_3"=>X_OPS_AUTHORIZATION_LINES_V1_3_SHA256[2], + "HTTP_X_OPS_AUTHORIZATION_4"=>X_OPS_AUTHORIZATION_LINES_V1_3_SHA256[3], + "HTTP_X_OPS_AUTHORIZATION_5"=>X_OPS_AUTHORIZATION_LINES_V1_3_SHA256[4], + "HTTP_X_OPS_AUTHORIZATION_6"=>X_OPS_AUTHORIZATION_LINES_V1_3_SHA256[5], +}.merge(OTHER_HEADERS) + # Tis is what will be in request.env for the Merb case. MERB_HEADERS_V1_1 = { # These are used by signatureverification. @@ -477,6 +582,18 @@ EOS V1_1_CANONICAL_REQUEST = V1_1_CANONICAL_REQUEST_DATA.chomp +V1_3_SHA256_CANONICAL_REQUEST_DATA = <<EOS +Method:POST +Path:#{PATH} +X-Ops-Content-Hash:#{HASHED_BODY_SHA256} +X-Ops-Sign:version=1.3 +X-Ops-Timestamp:#{TIMESTAMP_ISO8601} +X-Ops-UserId:#{USER_ID} +X-Ops-Server-API-Version:1 +EOS +V1_3_SHA256_CANONICAL_REQUEST = V1_3_SHA256_CANONICAL_REQUEST_DATA.chomp + +V1_3_SHA256_SIGNING_OBJECT = Mixlib::Authentication::SignedHeaderAuth.signing_object(V1_3_ARGS_SHA256) V1_1_SIGNING_OBJECT = Mixlib::Authentication::SignedHeaderAuth.signing_object(V1_1_ARGS) V1_0_SIGNING_OBJECT = Mixlib::Authentication::SignedHeaderAuth.signing_object(V1_0_ARGS) LONG_SIGNING_OBJECT = Mixlib::Authentication::SignedHeaderAuth.signing_object(LONG_PATH_LONG_USER_ARGS)

1 0

commit perl-AnyEvent for openSUSE:Factory
by root＠hilbert.suse.de 28 Apr '16

28 Apr '16

Hello community, here is the log from the commit of package perl-AnyEvent for openSUSE:Factory checked in at 2016-04-28 16:52:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/perl-AnyEvent (Old) and /work/SRC/openSUSE:Factory/.perl-AnyEvent.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "perl-AnyEvent" Changes: -------- --- /work/SRC/openSUSE:Factory/perl-AnyEvent/perl-AnyEvent.changes 2015-05-05 00:56:06.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.perl-AnyEvent.new/perl-AnyEvent.changes 2016-04-28 16:52:54.000000000 +0200 @@ -1,0 +2,19 @@ +Sun Sep 20 15:35:05 UTC 2015 - coolo(a)suse.com + +- updated to 7.11 + see /usr/share/doc/packages/perl-AnyEvent/Changes + + TODO: more formats for parse_ipv6 (single ipv6 address without port, ...p80, ...#80) + + 7.11 Thu Jul 16 14:36:00 CEST 2015 + - AnyEvent::Socket::parse_ipv6 could accept malformed ipv6 + addresses (extra "::" at end and similar cases). + - add a more explicit warning to AnyEvent::Handle that it doesn't + work on files, people keep getting confused. + - new function AnyEvent::Socket::tcp_bind. + - new functions AnyEvent::fh_block and AnyEvent::fh_unblock. + - aligned ipv6 address formatting with RFC 5952 (by not shortening + a single :0: to ::). + - added stability canary support. + +------------------------------------------------------------------- Old: ---- AnyEvent-7.09.tar.gz New: ---- AnyEvent-7.11.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ perl-AnyEvent.spec ++++++ --- /var/tmp/diff_new_pack.VU0D4T/_old 2016-04-28 16:52:55.000000000 +0200 +++ /var/tmp/diff_new_pack.VU0D4T/_new 2016-04-28 16:52:55.000000000 +0200 @@ -17,7 +17,7 @@ Name: perl-AnyEvent -Version: 7.09 +Version: 7.11 Release: 0 #Upstream: CHECK(GPL-1.0+ or Artistic-1.0) %define cpan_name AnyEvent @@ -32,6 +32,7 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: perl BuildRequires: perl-macros +BuildRequires: perl(Canary::Stability) Recommends: perl(Async::Interrupt) >= 1 Recommends: perl(EV) >= 4 Recommends: perl(Guard) >= 1.02 ++++++ AnyEvent-7.09.tar.gz -> AnyEvent-7.11.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.09/Changes new/AnyEvent-7.11/Changes --- old/AnyEvent-7.09/Changes 2015-05-02 16:39:12.000000000 +0200 +++ new/AnyEvent-7.11/Changes 2015-07-16 14:36:18.000000000 +0200 @@ -9,6 +9,18 @@ TODO: invalid. and localhost. specialcasing inside AEDNS and not AESocket (rfc6761) TODO: maybe implement env variable to give hosts precedence TODO: hosts always read? that's not expected +TODO: more formats for parse_ipv6 (single ipv6 address without port, ...p80, ...#80) + +7.11 Thu Jul 16 14:36:00 CEST 2015 + - AnyEvent::Socket::parse_ipv6 could accept malformed ipv6 + addresses (extra "::" at end and similar cases). + - add a more explicit warning to AnyEvent::Handle that it doesn't + work on files, people keep getting confused. + - new function AnyEvent::Socket::tcp_bind. + - new functions AnyEvent::fh_block and AnyEvent::fh_unblock. + - aligned ipv6 address formatting with RFC 5952 (by not shortening + a single :0: to ::). + - added stability canary support. 7.09 Sat May 2 16:38:53 CEST 2015 - AnyEvent::Debug called an internal function (AnyEvent::Log::ft) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.09/META.json new/AnyEvent-7.11/META.json --- old/AnyEvent-7.09/META.json 2015-05-02 16:39:23.000000000 +0200 +++ new/AnyEvent-7.11/META.json 2015-07-16 14:48:29.000000000 +0200 @@ -4,7 +4,7 @@ "unknown" ], "dynamic_config" : 1, - "generated_by" : "ExtUtils::MakeMaker version 6.98, CPAN::Meta::Converter version 2.142060", + "generated_by" : "ExtUtils::MakeMaker version 7.0401, CPAN::Meta::Converter version 2.150001", "license" : [ "unknown" ], @@ -27,7 +27,8 @@ }, "configure" : { "requires" : { - "ExtUtils::MakeMaker" : "0" + "Canary::Stability" : "0", + "ExtUtils::MakeMaker" : "6.52" } }, "runtime" : { @@ -44,5 +45,5 @@ } }, "release_status" : "stable", - "version" : "7.09" + "version" : 7.11 } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.09/META.yml new/AnyEvent-7.11/META.yml --- old/AnyEvent-7.09/META.yml 2015-05-02 16:39:23.000000000 +0200 +++ new/AnyEvent-7.11/META.yml 2015-07-16 14:48:29.000000000 +0200 @@ -5,9 +5,10 @@ build_requires: ExtUtils::MakeMaker: '0' configure_requires: - ExtUtils::MakeMaker: '0' + Canary::Stability: '0' + ExtUtils::MakeMaker: '6.52' dynamic_config: 1 -generated_by: 'ExtUtils::MakeMaker version 6.98, CPAN::Meta::Converter version 2.142060' +generated_by: 'ExtUtils::MakeMaker version 7.0401, CPAN::Meta::Converter version 2.150001' license: unknown meta-spec: url: http://module-build.sourceforge.net/META-spec-v1.4.html @@ -26,4 +27,4 @@ Net::SSLeay: '1.33' Task::Weaken: '0' requires: {} -version: '7.09' +version: 7.11 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.09/Makefile.PL new/AnyEvent-7.11/Makefile.PL --- old/AnyEvent-7.09/Makefile.PL 2014-08-28 17:01:41.000000000 +0200 +++ new/AnyEvent-7.11/Makefile.PL 2015-07-16 14:38:11.000000000 +0200 @@ -1,6 +1,7 @@ use ExtUtils::MakeMaker; -use 5.008001; # AnyEvent perl event loop seems to work with 5.6, other modules not +# AnyEvent perl event loop seems to work with 5.6, other modules not +eval 'use Canary::Stability AnyEvent => 1, 5.008001'; print <<EOF; @@ -37,6 +38,7 @@ # PREREQ_PM => { # Task::Weaken => 0, # }, + CONFIGURE_REQUIRES => { "ExtUtils::MakeMaker" => 6.52, "Canary::Stability" => 0 }, META_MERGE => { recommends => { "Task::Weaken" => 0, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.09/README new/AnyEvent-7.11/README --- old/AnyEvent-7.09/README 2015-05-02 16:39:23.000000000 +0200 +++ new/AnyEvent-7.11/README 2015-07-16 14:48:29.000000000 +0200 @@ -1032,6 +1032,10 @@ function, which can reduce typing, codesize and can reduce the logging overhead enourmously. + AnyEvent::fh_block $filehandle + AnyEvent::fh_unblock $filehandle + Sets blocking or non-blocking behaviour for the given filehandle. + WHAT TO DO IN A MODULE As a module author, you should "use AnyEvent" and call AnyEvent methods freely, but you should not load a specific event module or rely on it. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.09/lib/AnyEvent/DNS.pm new/AnyEvent-7.11/lib/AnyEvent/DNS.pm --- old/AnyEvent-7.09/lib/AnyEvent/DNS.pm 2014-12-31 14:19:01.000000000 +0100 +++ new/AnyEvent-7.11/lib/AnyEvent/DNS.pm 2015-06-16 05:21:36.000000000 +0200 @@ -812,7 +812,7 @@ if (socket my $fh4, AF_INET , Socket::SOCK_DGRAM(), 0) { ++$got_socket; - AnyEvent::Util::fh_nonblocking $fh4, 1; + AnyEvent::fh_unblock $fh4; $self->{fh4} = $fh4; $self->{rw4} = AE::io $fh4, 0, sub { if (my $peer = recv $fh4, my $pkt, MAX_PKT, 0) { @@ -825,7 +825,7 @@ ++$got_socket; $self->{fh6} = $fh6; - AnyEvent::Util::fh_nonblocking $fh6, 1; + AnyEvent::fh_unblock $fh6; $self->{rw6} = AE::io $fh6, 0, sub { if (my $peer = recv $fh6, my $pkt, MAX_PKT, 0) { $wself->_recv ($pkt, $peer); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.09/lib/AnyEvent/Debug.pm new/AnyEvent-7.11/lib/AnyEvent/Debug.pm --- old/AnyEvent-7.09/lib/AnyEvent/Debug.pm 2015-03-13 08:40:07.000000000 +0100 +++ new/AnyEvent-7.11/lib/AnyEvent/Debug.pm 2015-06-16 05:22:58.000000000 +0200 @@ -128,7 +128,7 @@ while ($rbuf =~ s/^(.*)\015?\012//) { my $line = $1; - AnyEvent::Util::fh_nonblocking $fh, 0; + AnyEvent::fh_block $fh; if ($line =~ /^\s*exit\b/) { syswrite $fh, "sorry, no... if you want to execute exit, try CORE::exit.\015\012"; @@ -175,7 +175,7 @@ } syswrite $fh, "> "; - AnyEvent::Util::fh_nonblocking $fh, 1; + AnyEvent::fh_unblock $fh; } } }; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.09/lib/AnyEvent/Handle.pm new/AnyEvent-7.11/lib/AnyEvent/Handle.pm --- old/AnyEvent-7.09/lib/AnyEvent/Handle.pm 2015-04-01 21:58:51.000000000 +0200 +++ new/AnyEvent-7.11/lib/AnyEvent/Handle.pm 2015-06-28 11:30:06.000000000 +0200 @@ -32,8 +32,10 @@ =head1 DESCRIPTION -This is a helper module to make it easier to do event-based I/O on -stream-based filehandles (sockets, pipes, and other stream things). +This is a helper module to make it easier to do event-based I/O +on stream-based filehandles (sockets, pipes, and other stream +things). Specifically, it doesn't work as expected on files, packet-based +sockets or similar things. The L<AnyEvent::Intro> tutorial contains some well-documented AnyEvent::Handle examples. @@ -93,7 +95,7 @@ The filehandle this L<AnyEvent::Handle> object will operate on. NOTE: The filehandle will be set to non-blocking mode (using -C<AnyEvent::Util::fh_nonblocking>) by the constructor and needs to stay in +C<AnyEvent::fh_unblock>) by the constructor and needs to stay in that mode. =item connect => [$host, $service] [C<fh> or C<connect> MANDATORY] @@ -613,7 +615,7 @@ Carp::croak "AnyEvent::Handle: only stream sockets supported, anything else will NOT work!" if Socket::SOCK_STREAM () != (unpack "I", $type) && defined $type; - AnyEvent::Util::fh_nonblocking $self->{fh}, 1; + AnyEvent::fh_unblock $self->{fh}; $self->{_activity} = $self->{_ractivity} = diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.09/lib/AnyEvent/Socket.pm new/AnyEvent-7.11/lib/AnyEvent/Socket.pm --- old/AnyEvent-7.09/lib/AnyEvent/Socket.pm 2015-03-13 08:41:40.000000000 +0100 +++ new/AnyEvent-7.11/lib/AnyEvent/Socket.pm 2015-07-10 05:10:44.000000000 +0200 @@ -40,7 +40,7 @@ use Socket qw(AF_INET AF_UNIX SOCK_STREAM SOCK_DGRAM SOL_SOCKET SO_REUSEADDR); use AnyEvent (); BEGIN { AnyEvent::common_sense } -use AnyEvent::Util qw(guard fh_nonblocking AF_INET6); +use AnyEvent::Util qw(guard AF_INET6); use AnyEvent::DNS (); use base 'Exporter'; @@ -117,8 +117,8 @@ ($h, $t) = (undef, $h); } - my @h = split /:/, $h; - my @t = split /:/, $t; + my @h = split /:/, $h, -1; + my @t = split /:/, $t, -1; # check for ipv4 tail if (@t && $t[-1]=~ /\./) { @@ -271,7 +271,7 @@ print join ",", parse_hostport "[::1]"; # => "," (empty list) - print join ",", parse_host_port "/tmp/debug.sock"; + print join ",", parse_hostport "/tmp/debug.sock"; # => "unix/", "/tmp/debug.sock" =cut @@ -418,8 +418,7 @@ or $ip =~ s/(?:^|:) 0:0:0:0:0 (?:$|:)/::/x or $ip =~ s/(?:^|:) 0:0:0:0 (?:$|:)/::/x or $ip =~ s/(?:^|:) 0:0:0 (?:$|:)/::/x - or $ip =~ s/(?:^|:) 0:0 (?:$|:)/::/x - or $ip =~ s/(?:^|:) 0 (?:$|:)/::/x; + or $ip =~ s/(?:^|:) 0:0 (?:$|:)/::/x; $ip } @@ -1007,7 +1006,7 @@ socket $state{fh}, $domain, $type, $proto or return $state{next}(); - fh_nonblocking $state{fh}, 1; + AnyEvent::fh_unblock $state{fh}; my $timeout = $prepare && $prepare->($state{fh}); @@ -1144,10 +1143,23 @@ my ($fh) = @_; }; +=item $guard = AnyEvent::Socket::tcp_bind $host, $service, $done_cb[, $prepare_cb] + +Same as C<tcp_server>, except it doesn't call C<accept> in a loop for you +but simply passes the listen socket to the C<$done_cb>. This is useful +when you want to have a convenient set up for your listen socket, but want +to do the C<accept>'ing yourself, for example, in another process. + +In case of an error, C<tcp_bind> either croaks, or passes C<undef> to the +C<$done_cb>. + +The guard only protects the set-up phase, it isn't used after C<$done_cb> +has been invoked. + =cut -sub tcp_server($$$;$) { - my ($host, $service, $accept, $prepare) = @_; +sub _tcp_bind($$$;$) { + my ($host, $service, $done, $prepare) = @_; $host = $AnyEvent::PROTOCOL{ipv4} < $AnyEvent::PROTOCOL{ipv6} && AF_INET6 ? "::" : "0" @@ -1193,7 +1205,7 @@ }; } - fh_nonblocking $state{fh}, 1; + AnyEvent::fh_unblock $state{fh}; my $len; @@ -1207,21 +1219,39 @@ listen $state{fh}, $len or Carp::croak "listen: $!"; - $state{aw} = AE::io $state{fh}, 0, sub { - # this closure keeps $state alive - while ($state{fh} && (my $peer = accept my $fh, $state{fh})) { - fh_nonblocking $fh, 1; # POSIX requires inheritance, the outside world does not - - my ($service, $host) = unpack_sockaddr $peer; - $accept->($fh, format_address $host, $service); - } - }; + $done->(\%state); defined wantarray ? guard { %state = () } # clear fh and watcher, which breaks the circular dependency : () } +sub tcp_bind($$$;$) { + my ($host, $service, $done, $prepare) = @_; + + _tcp_bind $host, $service, sub { + $done->(delete shift->{fh}); + }, $prepare +} + +sub tcp_server($$$;$) { + my ($host, $service, $accept, $prepare) = @_; + + _tcp_bind $host, $service, sub { + my $rstate = shift; + + $rstate->{aw} = AE::io $rstate->{fh}, 0, sub { + # this closure keeps $state alive + while ($rstate->{fh} && (my $peer = accept my $fh, $rstate->{fh})) { + AnyEvent::fh_unblock $fh; # POSIX requires inheritance, the outside world does not + + my ($service, $host) = unpack_sockaddr $peer; + $accept->($fh, format_address $host, $service); + } + }; + }, $prepare +} + =item tcp_nodelay $fh, $enable Enables (or disables) the C<TCP_NODELAY> socket option (also known as diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.09/lib/AnyEvent/Util.pm new/AnyEvent-7.11/lib/AnyEvent/Util.pm --- old/AnyEvent-7.09/lib/AnyEvent/Util.pm 2015-03-13 08:45:11.000000000 +0100 +++ new/AnyEvent-7.11/lib/AnyEvent/Util.pm 2015-06-16 05:15:55.000000000 +0200 @@ -354,17 +354,13 @@ false == blocking). Uses fcntl on anything sensible and ioctl FIONBIO on broken (i.e. windows) platforms. +Instead of using this function, you could use C<AnyEvent::fh_block> or +C<AnyEvent::fh_unblock>. + =cut BEGIN { - *fh_nonblocking = AnyEvent::WIN32 - ? sub($$) { - ioctl $_[0], 0x8004667e, pack "L", $_[1]; # FIONBIO - } - : sub($$) { - fcntl $_[0], AnyEvent::F_SETFL, $_[1] ? AnyEvent::O_NONBLOCK : 0; - } - ; + *fh_nonblocking = \&AnyEvent::_fh_nonblocking; } =item $guard = guard { CODE } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/AnyEvent-7.09/lib/AnyEvent.pm new/AnyEvent-7.11/lib/AnyEvent.pm --- old/AnyEvent-7.09/lib/AnyEvent.pm 2015-05-02 16:39:21.000000000 +0200 +++ new/AnyEvent-7.11/lib/AnyEvent.pm 2015-07-16 14:39:33.000000000 +0200 @@ -1080,6 +1080,12 @@ which can reduce typing, codesize and can reduce the logging overhead enourmously. +=item AnyEvent::fh_block $filehandle + +=item AnyEvent::fh_unblock $filehandle + +Sets blocking or non-blocking behaviour for the given filehandle. + =back =head1 WHAT TO DO IN A MODULE @@ -1250,7 +1256,7 @@ use Carp (); -our $VERSION = '7.09'; +our $VERSION = 7.11; our $MODEL; our @ISA; our @REGISTRY; @@ -1357,6 +1363,25 @@ require AnyEvent::Log; # AnyEvent::Log does the thing for us } +BEGIN { + *_fh_nonblocking = AnyEvent::WIN32 + ? sub($$) { + ioctl $_[0], 0x8004667e, pack "L", $_[1]; # FIONBIO + } + : sub($$) { + fcntl $_[0], AnyEvent::F_SETFL, $_[1] ? AnyEvent::O_NONBLOCK : 0; + } + ; +} + +sub fh_block($) { + _fh_nonblocking shift, 0 +} + +sub fh_unblock($) { + _fh_nonblocking shift, 1 +} + our @models = ( [EV:: => AnyEvent::Impl::EV::], [AnyEvent::Loop:: => AnyEvent::Impl::Perl::],

1 0

commit kernel-source for openSUSE:Factory
by root＠hilbert.suse.de 28 Apr '16

28 Apr '16

Hello community, here is the log from the commit of package kernel-source for openSUSE:Factory checked in at 2016-04-28 16:52:30 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/kernel-source (Old) and /work/SRC/openSUSE:Factory/.kernel-source.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "kernel-source" Changes: -------- --- /work/SRC/openSUSE:Factory/kernel-source/kernel-debug.changes 2016-04-06 11:48:22.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.kernel-source.new/kernel-debug.changes 2016-04-28 16:52:46.000000000 +0200 @@ -1,0 +2,229 @@ +Thu Apr 21 11:07:52 CEST 2016 - jslaby(a)suse.cz + +- Update patches.kernel.org/patch-4.5.1-2 (fate#318900 bsc#963490 + bnc#972330). + One more bnc. +- commit 0454a6e + +------------------------------------------------------------------- +Wed Apr 20 09:06:29 CEST 2016 - jslaby(a)suse.cz + +- Linux 4.5.2 (fate#318900 bsc#963490). +- Delete patches.suse/fs_add_file_dentry.patch. +- Delete patches.suse/nfs-use-file-dentry.patch. +- commit 8a6791e + +------------------------------------------------------------------- +Tue Apr 19 14:04:21 CEST 2016 - mkubecek(a)suse.cz + +- netfilter: x_tables: fix unconditional helper (CVE-2016-3134 + bsc#971126). +- netfilter: x_tables: make sure e->next_offset covers remaining + blob size (CVE-2016-3134 bsc#971126). +- netfilter: x_tables: validate e->target_offset early + (CVE-2016-3134 bsc#971126). +- netfilter: x_tables: check for size overflow (CVE-2016-3135 + bsc#970904). +- commit 99697f1 + +------------------------------------------------------------------- +Tue Apr 19 14:02:14 CEST 2016 - mkubecek(a)suse.cz + +- series.conf: move netfilter section right after core networking +- commit 9105886 + +------------------------------------------------------------------- +Mon Apr 18 11:17:41 CEST 2016 - jslaby(a)suse.cz + +- Update patches.kernel.org/patch-4.5.1 (CVE-2016-2184 + CVE-2016-2185 CVE-2016-2186 CVE-2016-3140 CVE-2016-3689 + bnc#967903 bnc#970892 bnc#970958 bnc#971124 bnc#971628 + boo#969098 boo#970968 boo#971737 boo#971853 bsc#969383 + bsc#969870 bsc#971125 bnc#970955 CVE-2016-3136). + One more reference. +- commit da73f3b + +------------------------------------------------------------------- +Thu Apr 14 10:40:34 CEST 2016 - agraf(a)suse.de + +- Update config files: arm64: Enable Xilinx ZynqMP +- commit fd7ad3d + +------------------------------------------------------------------- +Wed Apr 13 16:17:39 CEST 2016 - mmarek(a)suse.cz + +- rpm/kernel-binary.spec.in: No -kgraft subpackage for openSUSE (fate#320268) +- commit 269d6bf + +------------------------------------------------------------------- +Wed Apr 13 08:19:22 CEST 2016 - jslaby(a)suse.cz + +- Linux 4.5.1 (CVE-2016-2184 CVE-2016-2185 CVE-2016-2186 + CVE-2016-3140 CVE-2016-3689 bnc#967903 bnc#970892 bnc#970958 + bnc#971124 bnc#971628 boo#969098 boo#970968 boo#971737 + boo#971853 bsc#969383 bsc#969870 bsc#971125). +- Delete + patches.arch/intel_idle-prevent-SKL-H-boot-failure-when-C8-C9-C10. +- Delete + patches.drivers/0001-Input-ims-pcu-sanity-check-against-missing-interface.patch. +- Delete + patches.drivers/0001-Input-powermate-fix-oops-with-malicious-USB-descript.patch. +- Delete + patches.drivers/0001-USB-digi_acceleport-do-sanity-checking-for-the-numbe.patch. +- Delete + patches.drivers/0001-USB-usb_driver_claim_interface-add-sanity-checking.patch. +- Delete + patches.drivers/ALSA-hda-Don-t-handle-ELD-notify-from-invalid-port. +- Delete + patches.drivers/ALSA-hda-Fix-forgotten-HDMI-monitor_present-update. +- Delete + patches.drivers/ALSA-hda-Fix-spurious-kernel-WARNING-on-Baytrail-HDM. +- Delete + patches.drivers/ALSA-hda-Fix-unexpected-resume-through-regmap-code-p. +- Delete + patches.drivers/ALSA-hda-Limit-i915-HDMI-binding-only-for-HSW-and-la. +- Delete + patches.drivers/ALSA-hda-Really-restrict-i915-notifier-to-HSW. +- Delete + patches.drivers/ALSA-usb-audio-Add-sanity-checks-for-endpoint-access. +- Delete + patches.drivers/ALSA-usb-audio-Fix-NULL-dereference-in-create_fixed. +- Delete + patches.drivers/drm-radeon-rework-fbdev-handling-on-chips-with-no-co. +- Delete + patches.fixes/net-irda-Fix-use-after-free-in-irtty_open.patch. +- commit cf9b28d + +------------------------------------------------------------------- +Sat Apr 9 22:36:02 CEST 2016 - afaerber(a)suse.de + +- config: armv7hl: Enable R8169 + Enable RTL8169 PCI NIC, found on Jetson TK1 board. +- commit b98c3d3 + +------------------------------------------------------------------- +Thu Apr 7 11:44:00 CEST 2016 - oneukum(a)suse.com + +- USB: digi_acceleport: do sanity checking for the number of ports + (bnc#970892, CVE-2016-3140). +- commit c3d2a95 + +------------------------------------------------------------------- +Wed Apr 6 14:04:49 CEST 2016 - agraf(a)suse.de + +- KVM: arm/arm64: Handle forward time correction gracefully (bnc#974266). +- commit 76b2c0d + +------------------------------------------------------------------- +Tue Apr 5 16:56:41 CEST 2016 - oneukum(a)suse.com + +- Input: powermate - fix oops with malicious USB descriptors + (bnc#970958, CVE-2016-2186). +- commit 9c51535 + +------------------------------------------------------------------- +Tue Apr 5 12:11:05 CEST 2016 - oneukum(a)suse.com + +- USB: usb_driver_claim_interface: add sanity checking + (bnc#971124, CVE-2016-2185). +- commit babf987 + +------------------------------------------------------------------- +Tue Apr 5 11:27:25 CEST 2016 - oneukum(a)suse.com + +- Input: ims-pcu - sanity check against missing interfaces + (bnc#971628, CVE-2016-3689). +- commit f5cb5e8 + +------------------------------------------------------------------- +Mon Apr 4 17:24:17 CEST 2016 - mmarek(a)suse.com + +- rpm/find-requires: Generate dependencies for KMPs defined in supported.conf (fate#319339) +- commit 007a83c + +------------------------------------------------------------------- +Mon Apr 4 10:35:39 CEST 2016 - mmarek(a)suse.com + +- rpm/kernel-source.rpmlintrc: Disable rpmlint check for KMP subpackages + The check is there to ensure that KMPs are built using the + %kernel_module_package macro, but we are deliberately not doing this for + KMPs built from the kernel specfile (fate#319339). +- commit 7c48b60 + +------------------------------------------------------------------- +Sun Apr 3 12:33:45 CEST 2016 - jslaby(a)suse.cz + +- Update config files. + Set SERIAL_8250_SHARE_IRQ (bnc#973748). +- commit 606f94a + +------------------------------------------------------------------- +Sat Apr 2 10:18:27 CEST 2016 - tiwai(a)suse.de + +- ACPI / processor: Request native thermal interrupt handling + via _OSC (bsc#969870). +- commit f6eec7e + +------------------------------------------------------------------- +Fri Apr 1 15:41:27 CEST 2016 - mmarek(a)suse.com + +- rpm/kernel-binary.spec.in: Only build the -kgraft package for modular kernels (fate#320268) +- commit 9bab96f + +------------------------------------------------------------------- +Fri Apr 1 15:39:13 CEST 2016 - mmarek(a)suse.com + +- rpm/kernel-binary.spec.in: Only build KMPs if CONFIG_SPLIT_PACKAGE=y (fate#319339) +- commit def905b + +------------------------------------------------------------------- +Fri Apr 1 13:34:49 CEST 2016 - mmarek(a)suse.com + +- rpm/kernel-binary.spec.in: Tag KMPs so that weak-modules2 ignores them + Also require a suse-module-tools version that can handle this (fate#319339). +- commit 58d21f9 + +------------------------------------------------------------------- +Fri Apr 1 12:49:52 CEST 2016 - mmarek(a)suse.com + +- rpm/kernel-binary.spec.in: Add rpm scriptlets for KMPs (fate#319339) + Use the --{add,remove}-kernel-modules options of weak-modules2 instead + of --{add,remove}-kmp, because we do not want any symlinks to be created + for these KMPs. +- commit 95f8b94 + +------------------------------------------------------------------- +Thu Mar 31 13:23:55 CEST 2016 - mmarek(a)suse.com + ++++ 74 more lines (skipped) ++++ between /work/SRC/openSUSE:Factory/kernel-source/kernel-debug.changes ++++ and /work/SRC/openSUSE:Factory/.kernel-source.new/kernel-debug.changes kernel-default.changes: same change kernel-docs.changes: same change kernel-lpae.changes: same change kernel-obs-build.changes: same change kernel-obs-qa.changes: same change kernel-pae.changes: same change kernel-source.changes: same change kernel-syms.changes: same change kernel-vanilla.changes: same change New: ---- find-requires ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ kernel-debug.spec ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:52.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:52.000000000 +0200 @@ -20,7 +20,7 @@ # needssslcertforbuild %define srcversion 4.5 -%define patchversion 4.5.0 +%define patchversion 4.5.2 %define variant %{nil} %define vanilla_only 0 @@ -39,7 +39,7 @@ %define rpm_install_dir %buildroot%obj_install_dir %define kernel_build_dir %my_builddir/linux-%srcversion/linux-obj -%(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,find-provides,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh}) +%(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,find-provides,find-requires,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh}) %global cpu_arch %(%_sourcedir/arch-symbols %_target_cpu) %define cpu_arch_flavor %cpu_arch/%build_flavor @@ -61,9 +61,9 @@ Summary: A Debug Version of the Kernel License: GPL-2.0 Group: System/Kernel -Version: 4.5.0 +Version: 4.5.2 %if 0%{?is_kotd} -Release: <RELEASE>.g8cf0ce6 +Release: <RELEASE>.g0454a6e %else Release: 0 %endif @@ -79,6 +79,8 @@ # Used to sign the kernel in the buildservice BuildRequires: openssl BuildRequires: pesign-obs-integration +# for objtool +BuildRequires: libelf-devel Provides: %name = %version-%source_rel # bnc#901925 Provides: %name-%version-%source_rel @@ -185,8 +187,9 @@ Source39: config-options.changes.txt Source40: source-timestamp Source44: find-provides -Source45: split-modules -Source46: modversions +Source45: find-requires +Source46: split-modules +Source47: modversions Source48: macros.kernel-source Source49: kernel-module-subpackage Source50: kabi.pl @@ -265,6 +268,7 @@ NoSource: 44 NoSource: 45 NoSource: 46 +NoSource: 47 NoSource: 48 NoSource: 49 NoSource: 50 @@ -357,8 +361,12 @@ %obsolete_kmp xen 4.6.1 # Provide the exported symbols as "ksym(symbol) = hash" +%define _use_internal_dependency_generator 0 %define __find_provides %_sourcedir/find-provides %name +# Generate dependencies for KMPs defined in supported.conf +%define __find_requires %_sourcedir/find-requires %name %version-%release %my_builddir + # Will modules not listed in supported.conf abort the kernel build (0/1)? %define supported_modules_check 0 @@ -389,15 +397,11 @@ # Generate a list of modules with their support status marking %_sourcedir/guards --list --with-guards <%_sourcedir/supported.conf | \ awk ' - /^\+(base|yes) / { - print $(NF); - next; - } - /^\+external / { + /\+external / { print $(NF) " external"; next; } - /^[-+]/ { + /^-/ { print $(NF) " no"; next; } @@ -405,8 +409,11 @@ print $(NF); } ' >%kernel_build_dir/Module.supported -%_sourcedir/guards --default=0 base < %_sourcedir/supported.conf | \ - sed 's,.*/,,; s,\.ko$,,' | sort -u >%kernel_build_dir/Module.base +for package in base ; do + %_sourcedir/guards --default=0 "$package" \ + <%_sourcedir/supported.conf | sed 's,.*/,,; s,\.ko$,,' | \ + sort -u >%kernel_build_dir/Module."$package" +done cd linux-%srcversion @@ -771,7 +778,7 @@ %if %split_base %_sourcedir/split-modules -d %buildroot \ -o %my_builddir \ - -b %kernel_build_dir/Module.base \ + -b %kernel_build_dir \ %if %CONFIG_SUSE_KERNEL_SUPPORTED == "y" -e \ %endif @@ -916,6 +923,11 @@ %if %split_extra add_dirs_to_filelist %my_builddir/unsupported-modules > %my_builddir/kernel-extra.files %endif +for f in %my_builddir/*-kmp-modules; do + f2=${f%%-modules}.files + add_dirs_to_filelist "$f" >"$f2" +done + # Hardlink duplicate files automatically (from package fdupes): It doesn't save # much, but it keeps rpmlint from breaking the package build. Note that we skip @@ -1107,4 +1119,26 @@ %endif %endif +%if %CONFIG_MODULES == "y" && %CONFIG_SUSE_KERNEL_SUPPORTED == "y" +%package kgraft +Summary: Metapackage to pull in matching kgraft-patch package +Group: System/Kernel +Requires: kgraft-patch-%(echo %version-%source_rel | sed 'y/\./_/')-%build_flavor +Provides: multiversion(kernel) + +%description kgraft +This is a metapackage that pulls in the matching kgraft-patch package for a +given kernel version. The advantage of the metapackage is that its name is +static, unlike the kgraft-patch-<kernel-version>-flavor package names. + +%files kgraft +# rpmlint complains about empty packages, so lets own something +%defattr(-, root, root) +%dir /lib/modules/%kernelrelease-%build_flavor +%endif + +%if %split_base + +%endif + %changelog kernel-default.spec: same change ++++++ kernel-docs.spec ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:52.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:52.000000000 +0200 @@ -16,7 +16,7 @@ # -%define patchversion 4.5.0 +%define patchversion 4.5.2 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -27,9 +27,9 @@ Summary: Kernel Documentation (man pages) License: GPL-2.0 Group: Documentation/Man -Version: 4.5.0 +Version: 4.5.2 %if 0%{?is_kotd} -Release: <RELEASE>.g8cf0ce6 +Release: <RELEASE>.g0454a6e %else Release: 0 %endif ++++++ kernel-lpae.spec ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:52.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:52.000000000 +0200 @@ -20,7 +20,7 @@ # needssslcertforbuild %define srcversion 4.5 -%define patchversion 4.5.0 +%define patchversion 4.5.2 %define variant %{nil} %define vanilla_only 0 @@ -39,7 +39,7 @@ %define rpm_install_dir %buildroot%obj_install_dir %define kernel_build_dir %my_builddir/linux-%srcversion/linux-obj -%(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,find-provides,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh}) +%(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,find-provides,find-requires,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh}) %global cpu_arch %(%_sourcedir/arch-symbols %_target_cpu) %define cpu_arch_flavor %cpu_arch/%build_flavor @@ -61,9 +61,9 @@ Summary: Kernel for LPAE enabled systems License: GPL-2.0 Group: System/Kernel -Version: 4.5.0 +Version: 4.5.2 %if 0%{?is_kotd} -Release: <RELEASE>.g8cf0ce6 +Release: <RELEASE>.g0454a6e %else Release: 0 %endif @@ -79,6 +79,8 @@ # Used to sign the kernel in the buildservice BuildRequires: openssl BuildRequires: pesign-obs-integration +# for objtool +BuildRequires: libelf-devel Provides: %name = %version-%source_rel # bnc#901925 Provides: %name-%version-%source_rel @@ -179,8 +181,9 @@ Source39: config-options.changes.txt Source40: source-timestamp Source44: find-provides -Source45: split-modules -Source46: modversions +Source45: find-requires +Source46: split-modules +Source47: modversions Source48: macros.kernel-source Source49: kernel-module-subpackage Source50: kabi.pl @@ -259,6 +262,7 @@ NoSource: 44 NoSource: 45 NoSource: 46 +NoSource: 47 NoSource: 48 NoSource: 49 NoSource: 50 @@ -351,8 +355,12 @@ %obsolete_kmp xen 4.6.1 # Provide the exported symbols as "ksym(symbol) = hash" +%define _use_internal_dependency_generator 0 %define __find_provides %_sourcedir/find-provides %name +# Generate dependencies for KMPs defined in supported.conf +%define __find_requires %_sourcedir/find-requires %name %version-%release %my_builddir + # Will modules not listed in supported.conf abort the kernel build (0/1)? %define supported_modules_check 0 @@ -383,15 +391,11 @@ # Generate a list of modules with their support status marking %_sourcedir/guards --list --with-guards <%_sourcedir/supported.conf | \ awk ' - /^\+(base|yes) / { - print $(NF); - next; - } - /^\+external / { + /\+external / { print $(NF) " external"; next; } - /^[-+]/ { + /^-/ { print $(NF) " no"; next; } @@ -399,8 +403,11 @@ print $(NF); } ' >%kernel_build_dir/Module.supported -%_sourcedir/guards --default=0 base < %_sourcedir/supported.conf | \ - sed 's,.*/,,; s,\.ko$,,' | sort -u >%kernel_build_dir/Module.base +for package in base ; do + %_sourcedir/guards --default=0 "$package" \ + <%_sourcedir/supported.conf | sed 's,.*/,,; s,\.ko$,,' | \ + sort -u >%kernel_build_dir/Module."$package" +done cd linux-%srcversion @@ -765,7 +772,7 @@ %if %split_base %_sourcedir/split-modules -d %buildroot \ -o %my_builddir \ - -b %kernel_build_dir/Module.base \ + -b %kernel_build_dir \ %if %CONFIG_SUSE_KERNEL_SUPPORTED == "y" -e \ %endif @@ -910,6 +917,11 @@ %if %split_extra add_dirs_to_filelist %my_builddir/unsupported-modules > %my_builddir/kernel-extra.files %endif +for f in %my_builddir/*-kmp-modules; do + f2=${f%%-modules}.files + add_dirs_to_filelist "$f" >"$f2" +done + # Hardlink duplicate files automatically (from package fdupes): It doesn't save # much, but it keeps rpmlint from breaking the package build. Note that we skip @@ -1092,4 +1104,26 @@ %endif %endif +%if %CONFIG_MODULES == "y" && %CONFIG_SUSE_KERNEL_SUPPORTED == "y" +%package kgraft +Summary: Metapackage to pull in matching kgraft-patch package +Group: System/Kernel +Requires: kgraft-patch-%(echo %version-%source_rel | sed 'y/\./_/')-%build_flavor +Provides: multiversion(kernel) + +%description kgraft +This is a metapackage that pulls in the matching kgraft-patch package for a +given kernel version. The advantage of the metapackage is that its name is +static, unlike the kgraft-patch-<kernel-version>-flavor package names. + +%files kgraft +# rpmlint complains about empty packages, so lets own something +%defattr(-, root, root) +%dir /lib/modules/%kernelrelease-%build_flavor +%endif + +%if %split_base + +%endif + %changelog ++++++ kernel-obs-build.spec ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:52.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:52.000000000 +0200 @@ -19,7 +19,7 @@ #!BuildIgnore: post-build-checks -%define patchversion 4.5.0 +%define patchversion 4.5.2 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -51,9 +51,9 @@ Summary: package kernel and initrd for OBS VM builds License: GPL-2.0 Group: SLES -Version: 4.5.0 +Version: 4.5.2 %if 0%{?is_kotd} -Release: <RELEASE>.g8cf0ce6 +Release: <RELEASE>.g0454a6e %else Release: 0 %endif @@ -103,7 +103,7 @@ # a longer list to have them also available for qemu cross builds where x86_64 kernel runs in eg. arm env. # this list of modules where available on build workers of build.opensuse.org, so we stay compatible. -export KERNEL_MODULES="loop dm-mod dm-snapshot binfmt-misc fuse kqemu squashfs ext2 ext3 ext4 reiserfs btrfs nf_conntrack_ipv6 binfmt_misc virtio_pci virtio_mmio virtio_blk virtio_rng fat vfat nls_cp437 nls_iso8859-1 ibmvscsi sd_mod" +export KERNEL_MODULES="loop dm-mod dm-snapshot binfmt-misc fuse kqemu squashfs ext2 ext3 ext4 reiserfs btrfs nf_conntrack_ipv6 binfmt_misc virtio_pci virtio_mmio virtio_blk virtio_rng fat vfat nls_cp437 nls_iso8859-1 ibmvscsi sd_mod e1000 ibmveth" # manually load all modules to make sure they're available for i in $KERNEL_MODULES; do ++++++ kernel-obs-qa.spec ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:52.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:52.000000000 +0200 @@ -17,7 +17,7 @@ # needsrootforbuild -%define patchversion 4.5.0 +%define patchversion 4.5.2 %define variant %{nil} %include %_sourcedir/kernel-spec-macros @@ -36,9 +36,9 @@ Summary: Basic QA tests for the kernel License: GPL-2.0 Group: SLES -Version: 4.5.0 +Version: 4.5.2 %if 0%{?is_kotd} -Release: <RELEASE>.g8cf0ce6 +Release: <RELEASE>.g0454a6e %else Release: 0 %endif ++++++ kernel-pae.spec ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:52.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:52.000000000 +0200 @@ -20,7 +20,7 @@ # needssslcertforbuild %define srcversion 4.5 -%define patchversion 4.5.0 +%define patchversion 4.5.2 %define variant %{nil} %define vanilla_only 0 @@ -39,7 +39,7 @@ %define rpm_install_dir %buildroot%obj_install_dir %define kernel_build_dir %my_builddir/linux-%srcversion/linux-obj -%(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,find-provides,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh}) +%(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,find-provides,find-requires,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh}) %global cpu_arch %(%_sourcedir/arch-symbols %_target_cpu) %define cpu_arch_flavor %cpu_arch/%build_flavor @@ -61,9 +61,9 @@ Summary: Kernel with PAE Support License: GPL-2.0 Group: System/Kernel -Version: 4.5.0 +Version: 4.5.2 %if 0%{?is_kotd} -Release: <RELEASE>.g8cf0ce6 +Release: <RELEASE>.g0454a6e %else Release: 0 %endif @@ -79,6 +79,8 @@ # Used to sign the kernel in the buildservice BuildRequires: openssl BuildRequires: pesign-obs-integration +# for objtool +BuildRequires: libelf-devel Provides: %name = %version-%source_rel # bnc#901925 Provides: %name-%version-%source_rel @@ -199,8 +201,9 @@ Source39: config-options.changes.txt Source40: source-timestamp Source44: find-provides -Source45: split-modules -Source46: modversions +Source45: find-requires +Source46: split-modules +Source47: modversions Source48: macros.kernel-source Source49: kernel-module-subpackage Source50: kabi.pl @@ -279,6 +282,7 @@ NoSource: 44 NoSource: 45 NoSource: 46 +NoSource: 47 NoSource: 48 NoSource: 49 NoSource: 50 @@ -371,8 +375,12 @@ %obsolete_kmp xen 4.6.1 # Provide the exported symbols as "ksym(symbol) = hash" +%define _use_internal_dependency_generator 0 %define __find_provides %_sourcedir/find-provides %name +# Generate dependencies for KMPs defined in supported.conf +%define __find_requires %_sourcedir/find-requires %name %version-%release %my_builddir + # Will modules not listed in supported.conf abort the kernel build (0/1)? %define supported_modules_check 0 @@ -409,15 +417,11 @@ # Generate a list of modules with their support status marking %_sourcedir/guards --list --with-guards <%_sourcedir/supported.conf | \ awk ' - /^\+(base|yes) / { - print $(NF); - next; - } - /^\+external / { + /\+external / { print $(NF) " external"; next; } - /^[-+]/ { + /^-/ { print $(NF) " no"; next; } @@ -425,8 +429,11 @@ print $(NF); } ' >%kernel_build_dir/Module.supported -%_sourcedir/guards --default=0 base < %_sourcedir/supported.conf | \ - sed 's,.*/,,; s,\.ko$,,' | sort -u >%kernel_build_dir/Module.base +for package in base ; do + %_sourcedir/guards --default=0 "$package" \ + <%_sourcedir/supported.conf | sed 's,.*/,,; s,\.ko$,,' | \ + sort -u >%kernel_build_dir/Module."$package" +done cd linux-%srcversion @@ -791,7 +798,7 @@ %if %split_base %_sourcedir/split-modules -d %buildroot \ -o %my_builddir \ - -b %kernel_build_dir/Module.base \ + -b %kernel_build_dir \ %if %CONFIG_SUSE_KERNEL_SUPPORTED == "y" -e \ %endif @@ -936,6 +943,11 @@ %if %split_extra add_dirs_to_filelist %my_builddir/unsupported-modules > %my_builddir/kernel-extra.files %endif +for f in %my_builddir/*-kmp-modules; do + f2=${f%%-modules}.files + add_dirs_to_filelist "$f" >"$f2" +done + # Hardlink duplicate files automatically (from package fdupes): It doesn't save # much, but it keeps rpmlint from breaking the package build. Note that we skip @@ -1157,4 +1169,26 @@ %endif %endif +%if %CONFIG_MODULES == "y" && %CONFIG_SUSE_KERNEL_SUPPORTED == "y" +%package kgraft +Summary: Metapackage to pull in matching kgraft-patch package +Group: System/Kernel +Requires: kgraft-patch-%(echo %version-%source_rel | sed 'y/\./_/')-%build_flavor +Provides: multiversion(kernel) + +%description kgraft +This is a metapackage that pulls in the matching kgraft-patch package for a +given kernel version. The advantage of the metapackage is that its name is +static, unlike the kgraft-patch-<kernel-version>-flavor package names. + +%files kgraft +# rpmlint complains about empty packages, so lets own something +%defattr(-, root, root) +%dir /lib/modules/%kernelrelease-%build_flavor +%endif + +%if %split_base + +%endif + %changelog ++++++ kernel-source.spec ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:52.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:52.000000000 +0200 @@ -18,7 +18,7 @@ %define srcversion 4.5 -%define patchversion 4.5.0 +%define patchversion 4.5.2 %define variant %{nil} %define vanilla_only 0 @@ -30,9 +30,9 @@ Summary: The Linux Kernel Sources License: GPL-2.0 Group: Development/Sources -Version: 4.5.0 +Version: 4.5.2 %if 0%{?is_kotd} -Release: <RELEASE>.g8cf0ce6 +Release: <RELEASE>.g0454a6e %else Release: 0 %endif @@ -67,8 +67,9 @@ Source39: config-options.changes.txt Source40: source-timestamp Source44: find-provides -Source45: split-modules -Source46: modversions +Source45: find-requires +Source46: split-modules +Source47: modversions Source48: macros.kernel-source Source49: kernel-module-subpackage Source50: kabi.pl @@ -114,7 +115,7 @@ # Source is only complete with devel files. Requires: kernel-devel%variant = %version-%release -%(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,find-provides,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh}) +%(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,find-provides,find-requires,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh}) %define symbols %(set -- $([ -e %_sourcedir/extra-symbols ] && cat %_sourcedir/extra-symbols) ; echo $*) %define variant_symbols %(case %name in (*-rt) echo "RT" ;; esac) ++++++ kernel-syms.spec ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:52.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:52.000000000 +0200 @@ -24,10 +24,10 @@ Summary: Kernel Symbol Versions (modversions) License: GPL-2.0 Group: Development/Sources -Version: 4.5.0 +Version: 4.5.2 %if %using_buildservice %if 0%{?is_kotd} -Release: <RELEASE>.g8cf0ce6 +Release: <RELEASE>.g0454a6e %else Release: 0 %endif ++++++ kernel-vanilla.spec ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:52.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:52.000000000 +0200 @@ -20,7 +20,7 @@ # needssslcertforbuild %define srcversion 4.5 -%define patchversion 4.5.0 +%define patchversion 4.5.2 %define variant %{nil} %define vanilla_only 0 @@ -39,7 +39,7 @@ %define rpm_install_dir %buildroot%obj_install_dir %define kernel_build_dir %my_builddir/linux-%srcversion/linux-obj -%(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,find-provides,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh}) +%(chmod +x %_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,find-provides,find-requires,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh}) %global cpu_arch %(%_sourcedir/arch-symbols %_target_cpu) %define cpu_arch_flavor %cpu_arch/%build_flavor @@ -61,9 +61,9 @@ Summary: The Standard Kernel - without any SUSE patches License: GPL-2.0 Group: System/Kernel -Version: 4.5.0 +Version: 4.5.2 %if 0%{?is_kotd} -Release: <RELEASE>.g8cf0ce6 +Release: <RELEASE>.g0454a6e %else Release: 0 %endif @@ -79,6 +79,8 @@ # Used to sign the kernel in the buildservice BuildRequires: openssl BuildRequires: pesign-obs-integration +# for objtool +BuildRequires: libelf-devel Provides: %name = %version-%source_rel # bnc#901925 Provides: %name-%version-%source_rel @@ -179,8 +181,9 @@ Source39: config-options.changes.txt Source40: source-timestamp Source44: find-provides -Source45: split-modules -Source46: modversions +Source45: find-requires +Source46: split-modules +Source47: modversions Source48: macros.kernel-source Source49: kernel-module-subpackage Source50: kabi.pl @@ -259,6 +262,7 @@ NoSource: 44 NoSource: 45 NoSource: 46 +NoSource: 47 NoSource: 48 NoSource: 49 NoSource: 50 @@ -351,8 +355,12 @@ %obsolete_kmp xen 4.6.1 # Provide the exported symbols as "ksym(symbol) = hash" +%define _use_internal_dependency_generator 0 %define __find_provides %_sourcedir/find-provides %name +# Generate dependencies for KMPs defined in supported.conf +%define __find_requires %_sourcedir/find-requires %name %version-%release %my_builddir + # Will modules not listed in supported.conf abort the kernel build (0/1)? %define supported_modules_check 0 @@ -382,15 +390,11 @@ # Generate a list of modules with their support status marking %_sourcedir/guards --list --with-guards <%_sourcedir/supported.conf | \ awk ' - /^\+(base|yes) / { - print $(NF); - next; - } - /^\+external / { + /\+external / { print $(NF) " external"; next; } - /^[-+]/ { + /^-/ { print $(NF) " no"; next; } @@ -398,8 +402,11 @@ print $(NF); } ' >%kernel_build_dir/Module.supported -%_sourcedir/guards --default=0 base < %_sourcedir/supported.conf | \ - sed 's,.*/,,; s,\.ko$,,' | sort -u >%kernel_build_dir/Module.base +for package in base ; do + %_sourcedir/guards --default=0 "$package" \ + <%_sourcedir/supported.conf | sed 's,.*/,,; s,\.ko$,,' | \ + sort -u >%kernel_build_dir/Module."$package" +done cd linux-%srcversion @@ -764,7 +771,7 @@ %if %split_base %_sourcedir/split-modules -d %buildroot \ -o %my_builddir \ - -b %kernel_build_dir/Module.base \ + -b %kernel_build_dir \ %if %CONFIG_SUSE_KERNEL_SUPPORTED == "y" -e \ %endif @@ -909,6 +916,11 @@ %if %split_extra add_dirs_to_filelist %my_builddir/unsupported-modules > %my_builddir/kernel-extra.files %endif +for f in %my_builddir/*-kmp-modules; do + f2=${f%%-modules}.files + add_dirs_to_filelist "$f" >"$f2" +done + # Hardlink duplicate files automatically (from package fdupes): It doesn't save # much, but it keeps rpmlint from breaking the package build. Note that we skip @@ -1089,4 +1101,26 @@ %endif %endif +%if %CONFIG_MODULES == "y" && %CONFIG_SUSE_KERNEL_SUPPORTED == "y" +%package kgraft +Summary: Metapackage to pull in matching kgraft-patch package +Group: System/Kernel +Requires: kgraft-patch-%(echo %version-%source_rel | sed 'y/\./_/')-%build_flavor +Provides: multiversion(kernel) + +%description kgraft +This is a metapackage that pulls in the matching kgraft-patch package for a +given kernel version. The advantage of the metapackage is that its name is +static, unlike the kgraft-patch-<kernel-version>-flavor package names. + +%files kgraft +# rpmlint complains about empty packages, so lets own something +%defattr(-, root, root) +%dir /lib/modules/%kernelrelease-%build_flavor +%endif + +%if %split_base + +%endif + %changelog ++++++ config.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/arm64/default new/config/arm64/default --- old/config/arm64/default 2016-03-18 16:23:56.000000000 +0100 +++ new/config/arm64/default 2016-04-14 10:44:07.000000000 +0200 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/arm64 4.5.0 Kernel Configuration +# Linux/arm64 4.5.1 Kernel Configuration # CONFIG_ARM64=y CONFIG_64BIT=y @@ -3267,7 +3267,11 @@ CONFIG_SERIAL_8250_PCI=y CONFIG_SERIAL_8250_NR_UARTS=4 CONFIG_SERIAL_8250_RUNTIME_UARTS=4 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set CONFIG_SERIAL_8250_FSL=y CONFIG_SERIAL_8250_DW=y # CONFIG_SERIAL_8250_RT288X is not set @@ -3307,7 +3311,8 @@ # CONFIG_SERIAL_ALTERA_JTAGUART is not set # CONFIG_SERIAL_ALTERA_UART is not set # CONFIG_SERIAL_IFX6X60 is not set -# CONFIG_SERIAL_XILINX_PS_UART is not set +CONFIG_SERIAL_XILINX_PS_UART=y +CONFIG_SERIAL_XILINX_PS_UART_CONSOLE=y # CONFIG_SERIAL_ARC is not set CONFIG_SERIAL_RP2=m CONFIG_SERIAL_RP2_NR_UARTS=32 @@ -3615,7 +3620,7 @@ CONFIG_GPIO_XGENE=y CONFIG_GPIO_XGENE_SB=m CONFIG_GPIO_XILINX=m -# CONFIG_GPIO_ZYNQ is not set +CONFIG_GPIO_ZYNQ=m # CONFIG_GPIO_ZX is not set # @@ -3920,10 +3925,10 @@ CONFIG_SOFT_WATCHDOG=m # CONFIG_GPIO_WATCHDOG is not set # CONFIG_MENF21BMC_WATCHDOG is not set -# CONFIG_XILINX_WATCHDOG is not set +CONFIG_XILINX_WATCHDOG=m CONFIG_ZIIRAVE_WATCHDOG=m # CONFIG_ARM_SP805_WATCHDOG is not set -# CONFIG_CADENCE_WATCHDOG is not set +CONFIG_CADENCE_WATCHDOG=m CONFIG_HAVE_S3C2410_WATCHDOG=y CONFIG_S3C2410_WATCHDOG=m # CONFIG_DW_WATCHDOG is not set @@ -5636,7 +5641,7 @@ CONFIG_MMC_RICOH_MMC=y # CONFIG_MMC_SDHCI_ACPI is not set CONFIG_MMC_SDHCI_PLTFM=m -# CONFIG_MMC_SDHCI_OF_ARASAN is not set +CONFIG_MMC_SDHCI_OF_ARASAN=m # CONFIG_MMC_SDHCI_OF_AT91 is not set CONFIG_MMC_SDHCI_OF_ESDHC=m CONFIG_MMC_SDHCI_TEGRA=m diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/arm64/vanilla new/config/arm64/vanilla --- old/config/arm64/vanilla 2016-03-18 16:23:56.000000000 +0100 +++ new/config/arm64/vanilla 2016-04-14 10:44:07.000000000 +0200 @@ -3249,7 +3249,11 @@ CONFIG_SERIAL_8250_PCI=y CONFIG_SERIAL_8250_NR_UARTS=4 CONFIG_SERIAL_8250_RUNTIME_UARTS=4 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set CONFIG_SERIAL_8250_FSL=y CONFIG_SERIAL_8250_DW=y # CONFIG_SERIAL_8250_RT288X is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/armv7hl/default new/config/armv7hl/default --- old/config/armv7hl/default 2016-03-18 16:23:56.000000000 +0100 +++ new/config/armv7hl/default 2016-04-14 10:44:07.000000000 +0200 @@ -2720,7 +2720,7 @@ CONFIG_NET_VENDOR_REALTEK=y # CONFIG_8139CP is not set # CONFIG_8139TOO is not set -# CONFIG_R8169 is not set +CONFIG_R8169=m CONFIG_NET_VENDOR_RENESAS=y CONFIG_NET_VENDOR_RDC=y # CONFIG_R6040 is not set @@ -3533,7 +3533,11 @@ CONFIG_SERIAL_8250_PCI=y CONFIG_SERIAL_8250_NR_UARTS=32 CONFIG_SERIAL_8250_RUNTIME_UARTS=32 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set CONFIG_SERIAL_8250_FSL=y CONFIG_SERIAL_8250_DW=y CONFIG_SERIAL_8250_EM=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/armv7hl/lpae new/config/armv7hl/lpae --- old/config/armv7hl/lpae 2016-03-18 16:23:56.000000000 +0100 +++ new/config/armv7hl/lpae 2016-04-14 10:44:07.000000000 +0200 @@ -2615,7 +2615,7 @@ CONFIG_NET_VENDOR_REALTEK=y # CONFIG_8139CP is not set # CONFIG_8139TOO is not set -# CONFIG_R8169 is not set +CONFIG_R8169=m CONFIG_NET_VENDOR_RENESAS=y CONFIG_NET_VENDOR_RDC=y # CONFIG_R6040 is not set @@ -3413,7 +3413,11 @@ CONFIG_SERIAL_8250_PCI=y CONFIG_SERIAL_8250_NR_UARTS=32 CONFIG_SERIAL_8250_RUNTIME_UARTS=32 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set CONFIG_SERIAL_8250_FSL=y CONFIG_SERIAL_8250_DW=y # CONFIG_SERIAL_8250_EM is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/armv7hl/vanilla new/config/armv7hl/vanilla --- old/config/armv7hl/vanilla 2016-03-18 16:23:56.000000000 +0100 +++ new/config/armv7hl/vanilla 2016-04-14 10:44:07.000000000 +0200 @@ -2712,7 +2712,7 @@ CONFIG_NET_VENDOR_REALTEK=y # CONFIG_8139CP is not set # CONFIG_8139TOO is not set -# CONFIG_R8169 is not set +CONFIG_R8169=m CONFIG_NET_VENDOR_RENESAS=y CONFIG_NET_VENDOR_RDC=y # CONFIG_R6040 is not set @@ -3525,7 +3525,11 @@ CONFIG_SERIAL_8250_PCI=y CONFIG_SERIAL_8250_NR_UARTS=32 CONFIG_SERIAL_8250_RUNTIME_UARTS=32 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set CONFIG_SERIAL_8250_FSL=y CONFIG_SERIAL_8250_DW=y CONFIG_SERIAL_8250_EM=y diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/i386/debug new/config/i386/debug --- old/config/i386/debug 2016-03-18 16:23:56.000000000 +0100 +++ new/config/i386/debug 2016-04-14 10:44:07.000000000 +0200 @@ -3675,7 +3675,11 @@ CONFIG_SERIAL_8250_CS=m CONFIG_SERIAL_8250_NR_UARTS=16 CONFIG_SERIAL_8250_RUNTIME_UARTS=8 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set # CONFIG_SERIAL_8250_FSL is not set CONFIG_SERIAL_8250_DW=m # CONFIG_SERIAL_8250_RT288X is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/i386/default new/config/i386/default --- old/config/i386/default 2016-03-18 16:23:56.000000000 +0100 +++ new/config/i386/default 2016-04-14 10:44:07.000000000 +0200 @@ -3674,7 +3674,11 @@ CONFIG_SERIAL_8250_CS=m CONFIG_SERIAL_8250_NR_UARTS=32 CONFIG_SERIAL_8250_RUNTIME_UARTS=32 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set # CONFIG_SERIAL_8250_FSL is not set CONFIG_SERIAL_8250_DW=m # CONFIG_SERIAL_8250_RT288X is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/i386/pae new/config/i386/pae --- old/config/i386/pae 2016-03-18 16:23:56.000000000 +0100 +++ new/config/i386/pae 2016-04-14 10:44:07.000000000 +0200 @@ -3590,7 +3590,11 @@ CONFIG_SERIAL_8250_CS=m CONFIG_SERIAL_8250_NR_UARTS=16 CONFIG_SERIAL_8250_RUNTIME_UARTS=8 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set # CONFIG_SERIAL_8250_FSL is not set CONFIG_SERIAL_8250_DW=m # CONFIG_SERIAL_8250_RT288X is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/i386/vanilla new/config/i386/vanilla --- old/config/i386/vanilla 2016-03-18 16:23:56.000000000 +0100 +++ new/config/i386/vanilla 2016-04-14 10:44:07.000000000 +0200 @@ -3587,7 +3587,11 @@ CONFIG_SERIAL_8250_CS=m CONFIG_SERIAL_8250_NR_UARTS=16 CONFIG_SERIAL_8250_RUNTIME_UARTS=8 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set # CONFIG_SERIAL_8250_FSL is not set CONFIG_SERIAL_8250_DW=m # CONFIG_SERIAL_8250_RT288X is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/ppc64/debug new/config/ppc64/debug --- old/config/ppc64/debug 2016-03-18 16:23:56.000000000 +0100 +++ new/config/ppc64/debug 2016-04-14 10:44:07.000000000 +0200 @@ -3146,7 +3146,11 @@ CONFIG_SERIAL_8250_PCI=y CONFIG_SERIAL_8250_NR_UARTS=4 CONFIG_SERIAL_8250_RUNTIME_UARTS=4 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set CONFIG_SERIAL_8250_FSL=y CONFIG_SERIAL_8250_DW=m # CONFIG_SERIAL_8250_RT288X is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/ppc64/default new/config/ppc64/default --- old/config/ppc64/default 2016-03-18 16:23:56.000000000 +0100 +++ new/config/ppc64/default 2016-04-14 10:44:07.000000000 +0200 @@ -3135,7 +3135,11 @@ CONFIG_SERIAL_8250_PCI=y CONFIG_SERIAL_8250_NR_UARTS=4 CONFIG_SERIAL_8250_RUNTIME_UARTS=4 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set CONFIG_SERIAL_8250_FSL=y CONFIG_SERIAL_8250_DW=m # CONFIG_SERIAL_8250_RT288X is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/ppc64/vanilla new/config/ppc64/vanilla --- old/config/ppc64/vanilla 2016-03-18 16:23:56.000000000 +0100 +++ new/config/ppc64/vanilla 2016-04-14 10:44:07.000000000 +0200 @@ -3130,7 +3130,11 @@ CONFIG_SERIAL_8250_PCI=y CONFIG_SERIAL_8250_NR_UARTS=4 CONFIG_SERIAL_8250_RUNTIME_UARTS=4 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set CONFIG_SERIAL_8250_FSL=y CONFIG_SERIAL_8250_DW=m # CONFIG_SERIAL_8250_RT288X is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/ppc64le/debug new/config/ppc64le/debug --- old/config/ppc64le/debug 2016-03-18 16:23:56.000000000 +0100 +++ new/config/ppc64le/debug 2016-04-14 10:44:07.000000000 +0200 @@ -3025,7 +3025,11 @@ CONFIG_SERIAL_8250_PCI=y CONFIG_SERIAL_8250_NR_UARTS=4 CONFIG_SERIAL_8250_RUNTIME_UARTS=4 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set CONFIG_SERIAL_8250_FSL=y CONFIG_SERIAL_8250_DW=m # CONFIG_SERIAL_8250_RT288X is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/ppc64le/default new/config/ppc64le/default --- old/config/ppc64le/default 2016-03-18 16:23:56.000000000 +0100 +++ new/config/ppc64le/default 2016-04-14 10:44:07.000000000 +0200 @@ -3014,7 +3014,11 @@ CONFIG_SERIAL_8250_PCI=y CONFIG_SERIAL_8250_NR_UARTS=4 CONFIG_SERIAL_8250_RUNTIME_UARTS=4 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set CONFIG_SERIAL_8250_FSL=y CONFIG_SERIAL_8250_DW=m # CONFIG_SERIAL_8250_RT288X is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/ppc64le/vanilla new/config/ppc64le/vanilla --- old/config/ppc64le/vanilla 2016-03-18 16:23:56.000000000 +0100 +++ new/config/ppc64le/vanilla 2016-04-14 10:44:07.000000000 +0200 @@ -3011,7 +3011,11 @@ CONFIG_SERIAL_8250_PCI=y CONFIG_SERIAL_8250_NR_UARTS=4 CONFIG_SERIAL_8250_RUNTIME_UARTS=4 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set CONFIG_SERIAL_8250_FSL=y CONFIG_SERIAL_8250_DW=m # CONFIG_SERIAL_8250_RT288X is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/x86_64/debug new/config/x86_64/debug --- old/config/x86_64/debug 2016-03-18 16:23:56.000000000 +0100 +++ new/config/x86_64/debug 2016-04-14 10:44:07.000000000 +0200 @@ -3586,7 +3586,11 @@ CONFIG_SERIAL_8250_CS=m CONFIG_SERIAL_8250_NR_UARTS=32 CONFIG_SERIAL_8250_RUNTIME_UARTS=32 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set # CONFIG_SERIAL_8250_FSL is not set CONFIG_SERIAL_8250_DW=m # CONFIG_SERIAL_8250_RT288X is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/x86_64/default new/config/x86_64/default --- old/config/x86_64/default 2016-03-18 16:23:56.000000000 +0100 +++ new/config/x86_64/default 2016-04-14 10:44:07.000000000 +0200 @@ -3572,7 +3572,11 @@ CONFIG_SERIAL_8250_CS=m CONFIG_SERIAL_8250_NR_UARTS=32 CONFIG_SERIAL_8250_RUNTIME_UARTS=32 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set # CONFIG_SERIAL_8250_FSL is not set CONFIG_SERIAL_8250_DW=m # CONFIG_SERIAL_8250_RT288X is not set diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/config/x86_64/vanilla new/config/x86_64/vanilla --- old/config/x86_64/vanilla 2016-03-18 16:23:56.000000000 +0100 +++ new/config/x86_64/vanilla 2016-04-14 10:44:07.000000000 +0200 @@ -3569,7 +3569,11 @@ CONFIG_SERIAL_8250_CS=m CONFIG_SERIAL_8250_NR_UARTS=32 CONFIG_SERIAL_8250_RUNTIME_UARTS=32 -# CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_EXTENDED=y +# CONFIG_SERIAL_8250_MANY_PORTS is not set +CONFIG_SERIAL_8250_SHARE_IRQ=y +# CONFIG_SERIAL_8250_DETECT_IRQ is not set +# CONFIG_SERIAL_8250_RSA is not set # CONFIG_SERIAL_8250_FSL is not set CONFIG_SERIAL_8250_DW=m # CONFIG_SERIAL_8250_RT288X is not set ++++++ find-requires ++++++ #!/bin/bash # # Generate dependencies for KMPs defined in supported.conf. We look at each # modules 'depends' field in modinfo and use the $name-kmp-modules lists # in builddir to map dependencies to package names. We do it this way instead # of relying on the ksym() dependencies, because KMPs built from the kernel # spec file are not shared among kernel versions. package_name=$1 version_release=$2 builddir=$3 trap 'rm -f "$filelist"' EXIT filelist=$(mktemp -t ${0##*/}.XXXXXXXXXX) cat >"$filelist" # is this module part of any KMP? in_kmp() { local mod=${1//[-_]/[-_]} res for f in "$builddir"/*-kmp-modules; do if grep -q "/$mod\$" "$f"; then res=${f##*/} echo "${res%-modules}" fi done } grep '\.ko$' "$filelist" | while read f; do mod=${f##*/} kmp=$(in_kmp "$mod") if test -z "$kmp"; then continue fi for dep in $(IFS=,; set -- $(/sbin/modinfo -F depends "$f"); echo $*); do kmp2=$(in_kmp "$dep.ko") if test -n "$kmp2" -a "$kmp2" != "$kmp"; then # Needs another KMP echo "$kmp2-${package_name#kernel-} = $version_release" fi done done /usr/lib/rpm/find-requires "$package_name" <"$filelist" ++++++ kernel-binary.spec.in ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:52.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:52.000000000 +0200 @@ -79,6 +79,8 @@ # Used to sign the kernel in the buildservice BuildRequires: openssl BuildRequires: pesign-obs-integration +# for objtool +BuildRequires: libelf-devel Provides: %name = %version-%source_rel # bnc#901925 Provides: %name-%version-%source_rel @@ -227,8 +229,12 @@ %obsolete_kmp xen 4.6.1 # Provide the exported symbols as "ksym(symbol) = hash" +%define _use_internal_dependency_generator 0 %define __find_provides %_sourcedir/find-provides %name +# Generate dependencies for KMPs defined in supported.conf +%define __find_requires %_sourcedir/find-requires %name %version-%release %my_builddir + # Will modules not listed in supported.conf abort the kernel build (0/1)? %define supported_modules_check 0 @@ -258,15 +264,11 @@ # Generate a list of modules with their support status marking %_sourcedir/guards --list --with-guards <%_sourcedir/supported.conf | \ awk ' - /^\+(base|yes) / { - print $(NF); - next; - } - /^\+external / { + /\+external / { print $(NF) " external"; next; } - /^[-+]/ { + /^-/ { print $(NF) " no"; next; } @@ -274,8 +276,11 @@ print $(NF); } ' >%kernel_build_dir/Module.supported -%_sourcedir/guards --default=0 base < %_sourcedir/supported.conf | \ - sed 's,.*/,,; s,\.ko$,,' | sort -u >%kernel_build_dir/Module.base +for package in base @KMPS@; do + %_sourcedir/guards --default=0 "$package" \ + <%_sourcedir/supported.conf | sed 's,.*/,,; s,\.ko$,,' | \ + sort -u >%kernel_build_dir/Module."$package" +done cd linux-%srcversion @@ -640,7 +645,7 @@ %if %split_base %_sourcedir/split-modules -d %buildroot \ -o %my_builddir \ - -b %kernel_build_dir/Module.base \ + -b %kernel_build_dir \ %if %CONFIG_SUSE_KERNEL_SUPPORTED == "y" -e \ %endif @@ -785,6 +790,11 @@ %if %split_extra add_dirs_to_filelist %my_builddir/unsupported-modules > %my_builddir/kernel-extra.files %endif +for f in %my_builddir/*-kmp-modules; do + f2=${f%%-modules}.files + add_dirs_to_filelist "$f" >"$f2" +done + # Hardlink duplicate files automatically (from package fdupes): It doesn't save # much, but it keeps rpmlint from breaking the package build. Note that we skip @@ -943,4 +953,66 @@ %endif %endif +%if %CONFIG_MODULES == "y" && %CONFIG_SUSE_KERNEL_SUPPORTED == "y" +%package kgraft +Summary: Metapackage to pull in matching kgraft-patch package +Group: System/Kernel +Requires: kgraft-patch-%(echo %version-%source_rel | sed 'y/\./_/')-%build_flavor +Provides: multiversion(kernel) + +%description kgraft +This is a metapackage that pulls in the matching kgraft-patch package for a +given kernel version. The advantage of the metapackage is that its name is +static, unlike the kgraft-patch-<kernel-version>-flavor package names. + +%files kgraft +# rpmlint complains about empty packages, so lets own something +%defattr(-, root, root) +%dir /lib/modules/%kernelrelease-%build_flavor +%endif + +%if %split_base +# BEGIN KMP +%package -n @KMP_NAME@-%build_flavor +Summary: @KMP_SUMMARY@ +Group: System/Kernel +Requires: %name = %version-%release +Provides: multiversion(kernel) +# tell weak-modules2 to ignore this package +Provides: kmp_in_kernel +Requires(post): suse-module-tools >= 12.4 + +%description -n @KMP_NAME@-%build_flavor +@KMP_DESCRIPTION@ + +%post -n @KMP_NAME@-%build_flavor +wm2=/usr/lib/module-init-tools/weak-modules2 +nvr=@KMP_NAME@-%build_flavor-%version-%release +if test -x "$wm2"; then + rpm -ql "$nvr" | INITRD_IN_POSTTRANS=1 /bin/bash -${-/e/} "$wm2" \ + --add-kernel-modules %kernelrelease-%build_flavor +fi + +%posttrans -n @KMP_NAME@-%build_flavor +%{?regenerate_initrd_posttrans} + +%preun -n @KMP_NAME@-%build_flavor +nvr=@KMP_NAME@-%build_flavor-%version-%release +rpm -ql "$nvr" | grep '\.ko$' > "/var/run/rpm-$nvr-modules" + +%postun -n @KMP_NAME@-%build_flavor +wm2=/usr/lib/module-init-tools/weak-modules2 +nvr=@KMP_NAME@-%build_flavor-%version-%release +if test -x "$wm2"; then + /bin/bash -${-/e/} "$wm2" < "/var/run/rpm-$nvr-modules" \ + --remove-kernel-modules %kernelrelease-%build_flavor +fi +rm -f "/var/run/rpm-$nvr-modules" + +%files -n @KMP_NAME@-%build_flavor -f @KMP_NAME@.files +%defattr(-, root, root) + +# END KMP +%endif + %changelog ++++++ kernel-module-subpackage ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:53.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:53.000000000 +0200 @@ -27,19 +27,19 @@ %{-c:Requires: %{-n*}-ueficert} Enhances: kernel-%1 %if %1 == "default" -Obsoletes: %{-n*}-trace +Obsoletes: %{-n*}-kmp-trace %ifarch %ix86 -Obsoletes: %{-n*}-vmi +Obsoletes: %{-n*}-kmp-vmi %endif %ifarch x86_64 -Obsoletes: %{-n*}-desktop +Obsoletes: %{-n*}-kmp-desktop %endif %ifarch %ix86 x86_64 -Obsoletes: %{-n*}-xen +Obsoletes: %{-n*}-kmp-xen %endif %endif %if %1 == "pae" -Obsoletes: %{-n*}-desktop +Obsoletes: %{-n*}-kmp-desktop %endif AutoReqProv: on %{-p:%{expand:%(cd %_sourcedir; cat %{-p*})}} ++++++ kernel-obs-build.spec.in ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:53.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:53.000000000 +0200 @@ -103,7 +103,7 @@ # a longer list to have them also available for qemu cross builds where x86_64 kernel runs in eg. arm env. # this list of modules where available on build workers of build.opensuse.org, so we stay compatible. -export KERNEL_MODULES="loop dm-mod dm-snapshot binfmt-misc fuse kqemu squashfs ext2 ext3 ext4 reiserfs btrfs nf_conntrack_ipv6 binfmt_misc virtio_pci virtio_mmio virtio_blk virtio_rng fat vfat nls_cp437 nls_iso8859-1 ibmvscsi sd_mod" +export KERNEL_MODULES="loop dm-mod dm-snapshot binfmt-misc fuse kqemu squashfs ext2 ext3 ext4 reiserfs btrfs nf_conntrack_ipv6 binfmt_misc virtio_pci virtio_mmio virtio_blk virtio_rng fat vfat nls_cp437 nls_iso8859-1 ibmvscsi sd_mod e1000 ibmveth" # manually load all modules to make sure they're available for i in $KERNEL_MODULES; do ++++++ kernel-source.rpmlintrc ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:53.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:53.000000000 +0200 @@ -9,3 +9,7 @@ addFilter("hidden-file-or-dir /usr/src/linux-.*-obj/.*/.config") addFilter("hidden-file-or-dir /usr/src/linux-.*-obj/.*/.kernel-binary.spec.buildenv") addFilter("hidden-file-or-dir /boot/\..*\.hmac") +# This check ensures that KMPs are built using the %kernel_module_package +# macro, but we are deliberately not doing this for KMPs built from the +# kernel spec file (fate#319339) +addFilter("suse-policy-kmp-missing-supplements") ++++++ kernel-source.spec.in ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:53.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:53.000000000 +0200 @@ -67,8 +67,9 @@ Source39: config-options.changes.txt Source40: source-timestamp Source44: find-provides -Source45: split-modules -Source46: modversions +Source45: find-requires +Source46: split-modules +Source47: modversions Source48: macros.kernel-source Source49: kernel-module-subpackage Source50: kabi.pl ++++++ mkspec ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:53.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:53.000000000 +0200 @@ -23,6 +23,8 @@ # template name -> template body my %templates = read_spec_templates(); +my @kmps = read_kmps(); + # config.sh variables my %vars = parse_config_sh(); my ($srcversion, $variant, $vanilla_only) = @@ -88,6 +90,23 @@ ); # binary spec files +my $kmp_definitions = ""; +for my $kmp (@kmps) { + my ($summary, $description); + if (!exists($binary_descriptions{$kmp})) { + print STDERR "warning: no description for $kmp found\n"; + ($summary = $kmp) =~ s/-kmp$//; + $summary .= " kernel modules"; + $description = "$summary."; + } else { + $summary = $binary_descriptions{$kmp}->[0]; + $description = $binary_descriptions{$kmp}->[1]; + } + $kmp_definitions .= expand_template("kmp", + KMP_NAME => $kmp, + KMP_SUMMARY => $summary, + KMP_DESCRIPTION => $description); +} for my $flavor (sort keys(%flavor_archs)) { my ($summary, $description); if (!exists($binary_descriptions{"kernel-$flavor"})) { @@ -112,6 +131,8 @@ DESCRIPTION => $description, ARCHS => join(" ", arch2rpm(@{$flavor_archs{$flavor}})), COMMON_DEPS => $templates{common_deps}, + KMPS => join(" ", @kmps), + KMP_DEFINITIONS => $kmp_definitions, %obsolete_macros ); } @@ -216,6 +237,12 @@ print STDERR "warning: Expected # BEGIN COMMON DEPS in kernel-binary.spec.in\n"; $res{common_deps} = ""; } + if ($res{$template} =~ s/^# BEGIN KMP\n?(.*)^# END KMP/\@KMP_DEFINITIONS\@/ms) { + $res{kmp} = $1; + } else { + print STDERR "warning: Expected # BEGIN KMP in kernel-binary.spec.in\n"; + $res{kmp} = ""; + } } { xopen(my $fh, '<', "$dir/constraints.in"); @@ -290,6 +317,24 @@ return %res; } +sub read_kmps { + my %res; + + open(my $fh, '-|', "$dir/guards", "--list", "--with-guards", + "-c", "$dir/supported.conf") or die "Error running guards: $!\n"; + while (<$fh>) { + my @guards = split(' '); + pop(@guards); + for my $g (@guards) { + if ($g =~ /^\+(.*-kmp)$/) { + $res{$1} = 1; + } + } + } + close($fh) or die "Error running guards: $!\n"; + return sort(keys(%res)); +} + sub parse_old_flavors{ my %res; @@ -394,9 +439,8 @@ return $commit; } -sub do_spec { +sub expand_template { my $template = shift; - my $specfile = shift; my %macros = @_; my $text = $templates{$template}; @@ -407,6 +451,15 @@ $text =~ s/\@$m\@/$macros{$m}/g; } } while ($prev_text ne $text); + return $text; +} + +sub do_spec { + my $template = shift; + my $specfile = shift; + my %macros = @_; + + my $text = expand_template($template, %macros); print "$specfile\n"; xopen(my $fh, '>', "$dir/$specfile"); print $fh $text; ++++++ patches.arch.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.arch/ACPI-processor-Request-native-thermal-interrupt-hand new/patches.arch/ACPI-processor-Request-native-thermal-interrupt-hand --- old/patches.arch/ACPI-processor-Request-native-thermal-interrupt-hand 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.arch/ACPI-processor-Request-native-thermal-interrupt-hand 2016-04-15 12:59:32.000000000 +0200 @@ -0,0 +1,163 @@ +From a21211672c9a1d730a39aa65d4a5b3414700adfb Mon Sep 17 00:00:00 2001 +From: Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> +Date: Wed, 23 Mar 2016 21:07:39 -0700 +Subject: [PATCH] ACPI / processor: Request native thermal interrupt handling via _OSC +Patch-mainline: 4.6-rc2 +Git-commit: a21211672c9a1d730a39aa65d4a5b3414700adfb +References: bsc#969870 + +There are several reports of freeze on enabling HWP (Hardware PStates) +feature on Skylake-based systems by the Intel P-states driver. The root +cause is identified as the HWP interrupts causing BIOS code to freeze. + +HWP interrupts use the thermal LVT which can be handled by Linux +natively, but on the affected Skylake-based systems SMM will respond +to it by default. This is a problem for several reasons: + - On the affected systems the SMM thermal LVT handler is broken (it + will crash when invoked) and a BIOS update is necessary to fix it. + - With thermal interrupt handled in SMM we lose all of the reporting + features of the arch/x86/kernel/cpu/mcheck/therm_throt driver. + - Some thermal drivers like x86-package-temp depend on the thermal + threshold interrupts signaled via the thermal LVT. + - The HWP interrupts are useful for debugging and tuning + performance (if the kernel can handle them). +The native handling of thermal interrupts needs to be enabled +because of that. + +This requires some way to tell SMM that the OS can handle thermal +interrupts. That can be done by using _OSC/_PDC in processor +scope very early during ACPI initialization. + +The meaning of _OSC/_PDC bit 12 in processor scope is whether or +not the OS supports native handling of interrupts for Collaborative +Processor Performance Control (CPPC) notifications. Since on +HWP-capable systems CPPC is a firmware interface to HWP, setting +this bit effectively tells the firmware that the OS will handle +thermal interrupts natively going forward. + +For details on _OSC/_PDC refer to: +http://www.intel.com/content/www/us/en/standards/processor-vendor-specific-acpi-specification.html + +To implement the _OSC/_PDC handshake as described, introduce a new +function, acpi_early_processor_osc(), that walks the ACPI +namespace looking for ACPI processor objects and invokes _OSC for +them with bit 12 in the capabilities buffer set and terminates the +namespace walk on the first success. + +Also modify intel_thermal_interrupt() to clear HWP status bits in +the HWP_STATUS MSR to acknowledge HWP interrupts (which prevents +them from firing continuously). + +Signed-off-by: Srinivas Pandruvada <srinivas.pandruvada(a)linux.intel.com> +[ rjw: Subject & changelog, function rename ] + +Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki(a)intel.com> +Acked-by: Takashi Iwai <tiwai(a)suse.de> + +--- + arch/x86/kernel/cpu/mcheck/therm_throt.c | 3 + + drivers/acpi/acpi_processor.c | 52 +++++++++++++++++++++++++++++++ + drivers/acpi/bus.c | 3 + + drivers/acpi/internal.h | 6 +++ + 4 files changed, 64 insertions(+) + +--- a/arch/x86/kernel/cpu/mcheck/therm_throt.c ++++ b/arch/x86/kernel/cpu/mcheck/therm_throt.c +@@ -385,6 +385,9 @@ static void intel_thermal_interrupt(void + { + __u64 msr_val; + ++ if (static_cpu_has(X86_FEATURE_HWP)) ++ wrmsrl_safe(MSR_HWP_STATUS, 0); ++ + rdmsrl(MSR_IA32_THERM_STATUS, msr_val); + + /* Check for violation of core thermal thresholds*/ +--- a/drivers/acpi/acpi_processor.c ++++ b/drivers/acpi/acpi_processor.c +@@ -491,6 +491,58 @@ static void acpi_processor_remove(struct + } + #endif /* CONFIG_ACPI_HOTPLUG_CPU */ + ++#ifdef CONFIG_X86 ++static bool acpi_hwp_native_thermal_lvt_set; ++static acpi_status __init acpi_hwp_native_thermal_lvt_osc(acpi_handle handle, ++ u32 lvl, ++ void *context, ++ void **rv) ++{ ++ u8 sb_uuid_str[] = "4077A616-290C-47BE-9EBD-D87058713953"; ++ u32 capbuf[2]; ++ struct acpi_osc_context osc_context = { ++ .uuid_str = sb_uuid_str, ++ .rev = 1, ++ .cap.length = 8, ++ .cap.pointer = capbuf, ++ }; ++ ++ if (acpi_hwp_native_thermal_lvt_set) ++ return AE_CTRL_TERMINATE; ++ ++ capbuf[0] = 0x0000; ++ capbuf[1] = 0x1000; /* set bit 12 */ ++ ++ if (ACPI_SUCCESS(acpi_run_osc(handle, &osc_context))) { ++ if (osc_context.ret.pointer && osc_context.ret.length > 1) { ++ u32 *capbuf_ret = osc_context.ret.pointer; ++ ++ if (capbuf_ret[1] & 0x1000) { ++ acpi_handle_info(handle, ++ "_OSC native thermal LVT Acked\n"); ++ acpi_hwp_native_thermal_lvt_set = true; ++ } ++ } ++ kfree(osc_context.ret.pointer); ++ } ++ ++ return AE_OK; ++} ++ ++void __init acpi_early_processor_osc(void) ++{ ++ if (boot_cpu_has(X86_FEATURE_HWP)) { ++ acpi_walk_namespace(ACPI_TYPE_PROCESSOR, ACPI_ROOT_OBJECT, ++ ACPI_UINT32_MAX, ++ acpi_hwp_native_thermal_lvt_osc, ++ NULL, NULL, NULL); ++ acpi_get_devices(ACPI_PROCESSOR_DEVICE_HID, ++ acpi_hwp_native_thermal_lvt_osc, ++ NULL, NULL); ++ } ++} ++#endif ++ + /* + * The following ACPI IDs are known to be suitable for representing as + * processor devices. +--- a/drivers/acpi/bus.c ++++ b/drivers/acpi/bus.c +@@ -1005,6 +1005,9 @@ static int __init acpi_bus_init(void) + goto error1; + } + ++ /* Set capability bits for _OSC under processor scope */ ++ acpi_early_processor_osc(); ++ + /* + * _OSC method may exist in module level code, + * so it must be run after ACPI_FULL_INITIALIZATION +--- a/drivers/acpi/internal.h ++++ b/drivers/acpi/internal.h +@@ -138,6 +138,12 @@ void acpi_early_processor_set_pdc(void); + static inline void acpi_early_processor_set_pdc(void) {} + #endif + ++#ifdef CONFIG_X86 ++void acpi_early_processor_osc(void); ++#else ++static inline void acpi_early_processor_osc(void) {} ++#endif ++ + /* -------------------------------------------------------------------------- + Embedded Controller + -------------------------------------------------------------------------- */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.arch/arm64-kvm-fix-hrtimer.patch new/patches.arch/arm64-kvm-fix-hrtimer.patch --- old/patches.arch/arm64-kvm-fix-hrtimer.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.arch/arm64-kvm-fix-hrtimer.patch 2016-04-15 12:59:32.000000000 +0200 @@ -0,0 +1,116 @@ +From: Marc Zyngier <marc.zyngier(a)arm.com> +Subject: [PATCH] KVM: arm/arm64: Handle forward time correction gracefully +Date: Wed, 6 Apr 2016 09:37:22 +0100 +Message-Id: <1459931842-29465-1-git-send-email-marc.zyngier(a)arm.com> +Patch-mainline: 4.6-rc2 +Git-commit: 1c5631c73fc2261a5df64a72c155cb53dcdc0c45 +Reference: bnc#974266 + +On a host that runs NTP, corrections can have a direct impact on +the background timer that we program on the behalf of a vcpu. + +In particular, NTP performing a forward correction will result in +a timer expiring sooner than expected from a guest point of view. +Not a big deal, we kick the vcpu anyway. + +But on wake-up, the vcpu thread is going to perform a check to +find out whether or not it should block. And at that point, the +timer check is going to say "timer has not expired yet, go back +to sleep". This results in the timer event being lost forever. + +There are multiple ways to handle this. One would be record that +the timer has expired and let kvm_cpu_has_pending_timer return +true in that case, but that would be fairly invasive. Another is +to check for the "short sleep" condition in the hrtimer callback, +and restart the timer for the remaining time when the condition +is detected. + +This patch implements the latter, with a bit of refactoring in +order to avoid too much code duplication. + +Reported-by: Alexander Graf <agraf(a)suse.de> +Signed-off-by: Marc Zyngier <marc.zyngier(a)arm.com> +Signed-off-by: Alexander Graf <agraf(a)suse.de> +--- + virt/kvm/arm/arch_timer.c | 47 +++++++++++++++++++++++++++++++++++++---------- + 1 file changed, 37 insertions(+), 10 deletions(-) + +diff --git a/virt/kvm/arm/arch_timer.c b/virt/kvm/arm/arch_timer.c +index a9ad4fe..4d0e77a 100644 +--- a/virt/kvm/arm/arch_timer.c ++++ b/virt/kvm/arm/arch_timer.c +@@ -98,10 +98,46 @@ static void kvm_timer_inject_irq_work(struct work_struct *work) + kvm_vcpu_kick(vcpu); + } + ++static u64 kvm_timer_compute_delta(struct kvm_vcpu *vcpu) ++{ ++ cycle_t cval, now; ++ ++ cval = vcpu->arch.timer_cpu.cntv_cval; ++ now = kvm_phys_timer_read() - vcpu->kvm->arch.timer.cntvoff; ++ ++ if (now < cval) { ++ u64 ns; ++ ++ ns = cyclecounter_cyc2ns(timecounter->cc, ++ cval - now, ++ timecounter->mask, ++ &timecounter->frac); ++ return ns; ++ } ++ ++ return 0; ++} ++ + static enum hrtimer_restart kvm_timer_expire(struct hrtimer *hrt) + { + struct arch_timer_cpu *timer; ++ struct kvm_vcpu *vcpu; ++ u64 ns; ++ + timer = container_of(hrt, struct arch_timer_cpu, timer); ++ vcpu = container_of(timer, struct kvm_vcpu, arch.timer_cpu); ++ ++ /* ++ * Check that the timer has really expired from the guest's ++ * PoV (NTP on the host may have forced it to expire ++ * early). If we should have slept longer, restart it. ++ */ ++ ns = kvm_timer_compute_delta(vcpu); ++ if (unlikely(ns)) { ++ hrtimer_forward_now(hrt, ns_to_ktime(ns)); ++ return HRTIMER_RESTART; ++ } ++ + queue_work(wqueue, &timer->expired); + return HRTIMER_NORESTART; + } +@@ -176,8 +212,6 @@ static int kvm_timer_update_state(struct kvm_vcpu *vcpu) + void kvm_timer_schedule(struct kvm_vcpu *vcpu) + { + struct arch_timer_cpu *timer = &vcpu->arch.timer_cpu; +- u64 ns; +- cycle_t cval, now; + + BUG_ON(timer_is_armed(timer)); + +@@ -197,14 +231,7 @@ void kvm_timer_schedule(struct kvm_vcpu *vcpu) + return; + + /* The timer has not yet expired, schedule a background timer */ +- cval = timer->cntv_cval; +- now = kvm_phys_timer_read() - vcpu->kvm->arch.timer.cntvoff; +- +- ns = cyclecounter_cyc2ns(timecounter->cc, +- cval - now, +- timecounter->mask, +- &timecounter->frac); +- timer_arm(timer, ns); ++ timer_arm(timer, kvm_timer_compute_delta(vcpu)); + } + + void kvm_timer_unschedule(struct kvm_vcpu *vcpu) +-- +2.1.4 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.arch/intel_idle-prevent-SKL-H-boot-failure-when-C8-C9-C10 new/patches.arch/intel_idle-prevent-SKL-H-boot-failure-when-C8-C9-C10 --- old/patches.arch/intel_idle-prevent-SKL-H-boot-failure-when-C8-C9-C10 2016-03-28 09:27:57.000000000 +0200 +++ new/patches.arch/intel_idle-prevent-SKL-H-boot-failure-when-C8-C9-C10 1970-01-01 01:00:00.000000000 +0100 @@ -1,167 +0,0 @@ -From d70e28f57e14a481977436695b0c9ba165472431 Mon Sep 17 00:00:00 2001 -From: Len Brown <len.brown(a)intel.com> -Date: Sun, 13 Mar 2016 00:33:48 -0500 -Subject: [PATCH] intel_idle: prevent SKL-H boot failure when C8+C9+C10 enabled -Git-commit: d70e28f57e14a481977436695b0c9ba165472431 -Patch-mainline: 4.6-rc1 -References: bsc#969870,boo#970968,boo#969098 - -Some SKL-H configurations require "intel_idle.max_cstate=7" to boot. -While that is an effective workaround, it disables C10. - -This patch detects the problematic configuration, -and disables C8 and C9, keeping C10 enabled. - -Note that enabling SGX in BIOS SETUP can also prevent this issue, -if the system BIOS provides that option. - -https://bugzilla.kernel.org/show_bug.cgi?id=109081 -"Freezes with Intel i7 6700HQ (Skylake), unless intel_idle.max_cstate=7" - -Signed-off-by: Len Brown <len.brown(a)intel.com> -Cc: stable(a)vger.kernel.org -Acked-by: Takashi Iwai <tiwai(a)suse.de> - ---- - drivers/idle/intel_idle.c | 106 ++++++++++++++++++++++++++++++++++++---------- - 1 file changed, 85 insertions(+), 21 deletions(-) - ---- a/drivers/idle/intel_idle.c -+++ b/drivers/idle/intel_idle.c -@@ -65,7 +65,7 @@ - #include <asm/mwait.h> - #include <asm/msr.h> - --#define INTEL_IDLE_VERSION "0.4" -+#define INTEL_IDLE_VERSION "0.4.1" - #define PREFIX "intel_idle: " - - static struct cpuidle_driver intel_idle_driver = { -@@ -994,36 +994,92 @@ static void intel_idle_cpuidle_devices_u - } - - /* -- * intel_idle_state_table_update() -- * -- * Update the default state_table for this CPU-id -+ * ivt_idle_state_table_update(void) - * -- * Currently used to access tuned IVT multi-socket targets -+ * Tune IVT multi-socket targets - * Assumption: num_sockets == (max_package_num + 1) - */ --void intel_idle_state_table_update(void) -+static void ivt_idle_state_table_update(void) - { - /* IVT uses a different table for 1-2, 3-4, and > 4 sockets */ -- if (boot_cpu_data.x86_model == 0x3e) { /* IVT */ -- int cpu, package_num, num_sockets = 1; -+ int cpu, package_num, num_sockets = 1; - -- for_each_online_cpu(cpu) { -- package_num = topology_physical_package_id(cpu); -- if (package_num + 1 > num_sockets) { -- num_sockets = package_num + 1; -- -- if (num_sockets > 4) { -- cpuidle_state_table = ivt_cstates_8s; -- return; -- } -+ for_each_online_cpu(cpu) { -+ package_num = topology_physical_package_id(cpu); -+ if (package_num + 1 > num_sockets) { -+ num_sockets = package_num + 1; -+ -+ if (num_sockets > 4) { -+ cpuidle_state_table = ivt_cstates_8s; -+ return; - } - } -+ } -+ -+ if (num_sockets > 2) -+ cpuidle_state_table = ivt_cstates_4s; -+ -+ /* else, 1 and 2 socket systems use default ivt_cstates */ -+} -+/* -+ * sklh_idle_state_table_update(void) -+ * -+ * On SKL-H (model 0x5e) disable C8 and C9 if: -+ * C10 is enabled and SGX disabled -+ */ -+static void sklh_idle_state_table_update(void) -+{ -+ unsigned long long msr; -+ unsigned int eax, ebx, ecx, edx; -+ -+ -+ /* if PC10 disabled via cmdline intel_idle.max_cstate=7 or shallower */ -+ if (max_cstate <= 7) -+ return; -+ -+ /* if PC10 not present in CPUID.MWAIT.EDX */ -+ if ((mwait_substates & (0xF << 28)) == 0) -+ return; -+ -+ rdmsrl(MSR_NHM_SNB_PKG_CST_CFG_CTL, msr); -+ -+ /* PC10 is not enabled in PKG C-state limit */ -+ if ((msr & 0xF) != 8) -+ return; -+ -+ ecx = 0; -+ cpuid(7, &eax, &ebx, &ecx, &edx); -+ -+ /* if SGX is present */ -+ if (ebx & (1 << 2)) { -+ -+ rdmsrl(MSR_IA32_FEATURE_CONTROL, msr); - -- if (num_sockets > 2) -- cpuidle_state_table = ivt_cstates_4s; -- /* else, 1 and 2 socket systems use default ivt_cstates */ -+ /* if SGX is enabled */ -+ if (msr & (1 << 18)) -+ return; -+ } -+ -+ skl_cstates[5].disabled = 1; /* C8-SKL */ -+ skl_cstates[6].disabled = 1; /* C9-SKL */ -+} -+/* -+ * intel_idle_state_table_update() -+ * -+ * Update the default state_table for this CPU-id -+ */ -+ -+static void intel_idle_state_table_update(void) -+{ -+ switch (boot_cpu_data.x86_model) { -+ -+ case 0x3e: /* IVT */ -+ ivt_idle_state_table_update(); -+ break; -+ case 0x5e: /* SKL-H */ -+ sklh_idle_state_table_update(); -+ break; - } -- return; - } - - /* -@@ -1063,6 +1119,14 @@ static int __init intel_idle_cpuidle_dri - if (num_substates == 0) - continue; - -+ /* if state marked as disabled, skip it */ -+ if (cpuidle_state_table[cstate].disabled != 0) { -+ pr_debug(PREFIX "state %s is disabled", -+ cpuidle_state_table[cstate].name); -+ continue; -+ } -+ -+ - if (((mwait_cstate + 1) > 2) && - !boot_cpu_has(X86_FEATURE_NONSTOP_TSC)) - mark_tsc_unstable("TSC halts in idle" ++++++ patches.drivers.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.drivers/ALSA-hda-Don-t-handle-ELD-notify-from-invalid-port new/patches.drivers/ALSA-hda-Don-t-handle-ELD-notify-from-invalid-port --- old/patches.drivers/ALSA-hda-Don-t-handle-ELD-notify-from-invalid-port 2016-03-18 21:35:29.000000000 +0100 +++ new/patches.drivers/ALSA-hda-Don-t-handle-ELD-notify-from-invalid-port 1970-01-01 01:00:00.000000000 +0100 @@ -1,39 +0,0 @@ -From 4f8e4f3537cafc4de128e6bfdf83baa78bc60eb1 Mon Sep 17 00:00:00 2001 -From: Takashi Iwai <tiwai(a)suse.de> -Date: Thu, 10 Mar 2016 12:02:49 +0100 -Subject: [PATCH] ALSA: hda - Don't handle ELD notify from invalid port -Patch-mainline: Queued in subsystem maintainer repository -Git-commit: 4f8e4f3537cafc4de128e6bfdf83baa78bc60eb1 -Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git -References: boo#971737 - -The current Intel HDMI codec driver supports only three fixed ports -from port B to port D. However, i915 driver may assign a DP on other -ports, e.g. port A, when no eDP is used. This incompatibility is -caught later at pin_nid_to_pin_index() and results in a warning -message like "HDMI: pin nid 4 not registered" at each time. - -This patch filters out such invalid events beforehand, so that the -kernel won't be too grumbling. - -Reported-by: Stefan Assmann <sassmann(a)kpanic.de> -Cc: <stable(a)vger.kernel.org> -Signed-off-by: Takashi Iwai <tiwai(a)suse.de> - ---- - sound/pci/hda/patch_hdmi.c | 4 ++++ - 1 file changed, 4 insertions(+) - ---- a/sound/pci/hda/patch_hdmi.c -+++ b/sound/pci/hda/patch_hdmi.c -@@ -2432,6 +2432,10 @@ static void intel_pin_eld_notify(void *a - struct hda_codec *codec = audio_ptr; - int pin_nid = port + 0x04; - -+ /* we assume only from port-B to port-D */ -+ if (port < 1 || port > 3) -+ return; -+ - /* skip notification during system suspend (but not in runtime PM); - * the state will be updated at resume - */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.drivers/ALSA-hda-Fix-forgotten-HDMI-monitor_present-update new/patches.drivers/ALSA-hda-Fix-forgotten-HDMI-monitor_present-update --- old/patches.drivers/ALSA-hda-Fix-forgotten-HDMI-monitor_present-update 2016-03-18 21:35:29.000000000 +0100 +++ new/patches.drivers/ALSA-hda-Fix-forgotten-HDMI-monitor_present-update 1970-01-01 01:00:00.000000000 +0100 @@ -1,31 +0,0 @@ -From bd48128539ab89986b24ad08ecd3e027dd1993a1 Mon Sep 17 00:00:00 2001 -From: Takashi Iwai <tiwai(a)suse.de> -Date: Fri, 18 Mar 2016 18:01:53 +0100 -Subject: [PATCH] ALSA: hda - Fix forgotten HDMI monitor_present update -Patch-mainline: Queued in subsystem maintainer repository -Git-commit: bd48128539ab89986b24ad08ecd3e027dd1993a1 -Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git -References: boo#971737 - -We forgot to copy monitor_present value when updating the ELD -information. This won't change the ELD retrieval and the jack -notification behavior, but appears only in the proc output. In that -sense, it's no fatal error, but a bug is a bug is a bug. - -Cc: <stable(a)vger.kernel.org> -Signed-off-by: Takashi Iwai <tiwai(a)suse.de> - ---- - sound/pci/hda/patch_hdmi.c | 1 + - 1 file changed, 1 insertion(+) - ---- a/sound/pci/hda/patch_hdmi.c -+++ b/sound/pci/hda/patch_hdmi.c -@@ -1566,6 +1566,7 @@ static void update_eld(struct hda_codec - eld->eld_size) != 0) - eld_changed = true; - -+ pin_eld->monitor_present = eld->monitor_present; - pin_eld->eld_valid = eld->eld_valid; - pin_eld->eld_size = eld->eld_size; - if (eld->eld_valid) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.drivers/ALSA-hda-Fix-spurious-kernel-WARNING-on-Baytrail-HDM new/patches.drivers/ALSA-hda-Fix-spurious-kernel-WARNING-on-Baytrail-HDM --- old/patches.drivers/ALSA-hda-Fix-spurious-kernel-WARNING-on-Baytrail-HDM 2016-03-18 21:35:29.000000000 +0100 +++ new/patches.drivers/ALSA-hda-Fix-spurious-kernel-WARNING-on-Baytrail-HDM 1970-01-01 01:00:00.000000000 +0100 @@ -1,44 +0,0 @@ -From 93a9ff151754fbdf951b1b993bcf96453f6e36b3 Mon Sep 17 00:00:00 2001 -From: Takashi Iwai <tiwai(a)suse.de> -Date: Fri, 18 Mar 2016 19:45:13 +0100 -Subject: [PATCH] ALSA: hda - Fix spurious kernel WARNING on Baytrail HDMI -Patch-mainline: Queued in subsystem maintainer repository -Git-commit: 93a9ff151754fbdf951b1b993bcf96453f6e36b3 -Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git -References: boo#971737 -Mime-version: 1.0 -Content-type: text/plain; charset=UTF-8 -Content-transfer-encoding: 8bit - -snd_hdac_sync_audio_rate() call is mandatory only for HSW and later -models, but we call the function unconditionally blindly assuming that -the function doesn't do anything harmful. But since recently, the -function checks the validity of the passed pin NID, and eventually -spews the warning if an unexpected pin is passed. This is seen on old -chips like Baytrail. - -The fix is to limit the call of this function again only for the chips -with the proper binding. This can be identified by the same flag as -the eld notifier. - -Reported-by: Ville Syrjälä <ville.syrjala(a)linux.intel.com> -Tested-by: Ville Syrjälä <ville.syrjala(a)linux.intel.com> -Cc: <stable(a)vger.kernel.org> # v4.5 -Signed-off-by: Takashi Iwai <tiwai(a)suse.de> - ---- - sound/pci/hda/patch_hdmi.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - ---- a/sound/pci/hda/patch_hdmi.c -+++ b/sound/pci/hda/patch_hdmi.c -@@ -1878,7 +1878,8 @@ static int generic_hdmi_playback_pcm_pre - - /* Call sync_audio_rate to set the N/CTS/M manually if necessary */ - /* Todo: add DP1.2 MST audio support later */ -- snd_hdac_sync_audio_rate(&codec->bus->core, pin_nid, runtime->rate); -+ if (codec_has_acomp(codec)) -+ snd_hdac_sync_audio_rate(&codec->bus->core, pin_nid, runtime->rate); - - non_pcm = check_non_pcm_per_cvt(codec, cvt_nid); - mutex_lock(&per_pin->lock); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.drivers/ALSA-hda-Fix-unexpected-resume-through-regmap-code-p new/patches.drivers/ALSA-hda-Fix-unexpected-resume-through-regmap-code-p --- old/patches.drivers/ALSA-hda-Fix-unexpected-resume-through-regmap-code-p 2016-03-18 21:35:29.000000000 +0100 +++ new/patches.drivers/ALSA-hda-Fix-unexpected-resume-through-regmap-code-p 1970-01-01 01:00:00.000000000 +0100 @@ -1,205 +0,0 @@ -From fc4f000bf8c0cbf38f44de6bd5e225574e572ed4 Mon Sep 17 00:00:00 2001 -From: Takashi Iwai <tiwai(a)suse.de> -Date: Fri, 4 Mar 2016 11:34:18 +0100 -Subject: [PATCH] ALSA: hda - Fix unexpected resume through regmap code path -Git-commit: fc4f000bf8c0cbf38f44de6bd5e225574e572ed4 -Patch-mainline: Queued in subsystem maintainer repository -Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git -References: bsc#969383 - -HD-audio driver has a mechanism to trigger the runtime resume -automatically at accessing the verbs. This auto-resume, however, -causes the mutex deadlock when invoked from the regmap handler since -the regmap keeps the mutex while auto-resuming. For avoiding that, -there is some tricky check in the HDA regmap handler to return -EAGAIN -error to back-off when the codec is powered down. Then the caller of -regmap r/w will retry after properly turning on the codec power. - -This works in most cases, but there seems a slight race between the -codec power check and the actual on-demand auto-resume trigger. This -resulted in the lockdep splat, eventually leading to a real deadlock. - -This patch tries to address the race window by getting the runtime PM -refcount at the check time using pm_runtime_get_if_in_use(). With -this call, we can keep the power on only when the codec has been -already turned on, and back off if not. - -For keeping the code consistency, the code touching the runtime PM is -stored in hdac_device.c although it's used only locally in -hdac_regmap.c. - -Reported-by: Jiri Slaby <jslaby(a)suse.cz> -Cc: <stable(a)vger.kernel.org> -Signed-off-by: Takashi Iwai <tiwai(a)suse.de> - ---- - include/sound/hdaudio.h | 2 + - sound/hda/hdac_device.c | 16 +++++++++++ - sound/hda/hdac_regmap.c | 69 ++++++++++++++++++++++++++++++++---------------- - 3 files changed, 64 insertions(+), 23 deletions(-) - ---- a/include/sound/hdaudio.h -+++ b/include/sound/hdaudio.h -@@ -168,11 +168,13 @@ int snd_hdac_power_up(struct hdac_device - int snd_hdac_power_down(struct hdac_device *codec); - int snd_hdac_power_up_pm(struct hdac_device *codec); - int snd_hdac_power_down_pm(struct hdac_device *codec); -+int snd_hdac_keep_power_up(struct hdac_device *codec); - #else - static inline int snd_hdac_power_up(struct hdac_device *codec) { return 0; } - static inline int snd_hdac_power_down(struct hdac_device *codec) { return 0; } - static inline int snd_hdac_power_up_pm(struct hdac_device *codec) { return 0; } - static inline int snd_hdac_power_down_pm(struct hdac_device *codec) { return 0; } -+static inline int snd_hdac_keep_power_up(struct hdac_device *codec) { return 0; } - #endif - - /* ---- a/sound/hda/hdac_device.c -+++ b/sound/hda/hdac_device.c -@@ -611,6 +611,22 @@ int snd_hdac_power_up_pm(struct hdac_dev - } - EXPORT_SYMBOL_GPL(snd_hdac_power_up_pm); - -+/* like snd_hdac_power_up_pm(), but only increment the pm count when -+ * already powered up. Returns -1 if not powered up, 1 if incremented -+ * or 0 if unchanged. Only used in hdac_regmap.c -+ */ -+int snd_hdac_keep_power_up(struct hdac_device *codec) -+{ -+ if (!atomic_inc_not_zero(&codec->in_pm)) { -+ int ret = pm_runtime_get_if_in_use(&codec->dev); -+ if (!ret) -+ return -1; -+ if (ret < 0) -+ return 0; -+ } -+ return 1; -+} -+ - /** - * snd_hdac_power_down_pm - power down the codec - * @codec: the codec object ---- a/sound/hda/hdac_regmap.c -+++ b/sound/hda/hdac_regmap.c -@@ -21,13 +21,16 @@ - #include <sound/hdaudio.h> - #include <sound/hda_regmap.h> - --#ifdef CONFIG_PM --#define codec_is_running(codec) \ -- (atomic_read(&(codec)->in_pm) || \ -- !pm_runtime_suspended(&(codec)->dev)) --#else --#define codec_is_running(codec) true --#endif -+static int codec_pm_lock(struct hdac_device *codec) -+{ -+ return snd_hdac_keep_power_up(codec); -+} -+ -+static void codec_pm_unlock(struct hdac_device *codec, int lock) -+{ -+ if (lock == 1) -+ snd_hdac_power_down_pm(codec); -+} - - #define get_verb(reg) (((reg) >> 8) & 0xfff) - -@@ -238,20 +241,28 @@ static int hda_reg_read(void *context, u - struct hdac_device *codec = context; - int verb = get_verb(reg); - int err; -+ int pm_lock = 0; - -- if (!codec_is_running(codec) && verb != AC_VERB_GET_POWER_STATE) -- return -EAGAIN; -+ if (verb != AC_VERB_GET_POWER_STATE) { -+ pm_lock = codec_pm_lock(codec); -+ if (pm_lock < 0) -+ return -EAGAIN; -+ } - reg |= (codec->addr << 28); -- if (is_stereo_amp_verb(reg)) -- return hda_reg_read_stereo_amp(codec, reg, val); -- if (verb == AC_VERB_GET_PROC_COEF) -- return hda_reg_read_coef(codec, reg, val); -+ if (is_stereo_amp_verb(reg)) { -+ err = hda_reg_read_stereo_amp(codec, reg, val); -+ goto out; -+ } -+ if (verb == AC_VERB_GET_PROC_COEF) { -+ err = hda_reg_read_coef(codec, reg, val); -+ goto out; -+ } - if ((verb & 0x700) == AC_VERB_SET_AMP_GAIN_MUTE) - reg &= ~AC_AMP_FAKE_MUTE; - - err = snd_hdac_exec_verb(codec, reg, 0, val); - if (err < 0) -- return err; -+ goto out; - /* special handling for asymmetric reads */ - if (verb == AC_VERB_GET_POWER_STATE) { - if (*val & AC_PWRST_ERROR) -@@ -259,7 +270,9 @@ static int hda_reg_read(void *context, u - else /* take only the actual state */ - *val = (*val >> 4) & 0x0f; - } -- return 0; -+ out: -+ codec_pm_unlock(codec, pm_lock); -+ return err; - } - - static int hda_reg_write(void *context, unsigned int reg, unsigned int val) -@@ -267,6 +280,7 @@ static int hda_reg_write(void *context, - struct hdac_device *codec = context; - unsigned int verb; - int i, bytes, err; -+ int pm_lock = 0; - - if (codec->caps_overwriting) - return 0; -@@ -275,14 +289,21 @@ static int hda_reg_write(void *context, - reg |= (codec->addr << 28); - verb = get_verb(reg); - -- if (!codec_is_running(codec) && verb != AC_VERB_SET_POWER_STATE) -- return codec->lazy_cache ? 0 : -EAGAIN; -+ if (verb != AC_VERB_SET_POWER_STATE) { -+ pm_lock = codec_pm_lock(codec); -+ if (pm_lock < 0) -+ return codec->lazy_cache ? 0 : -EAGAIN; -+ } - -- if (is_stereo_amp_verb(reg)) -- return hda_reg_write_stereo_amp(codec, reg, val); -+ if (is_stereo_amp_verb(reg)) { -+ err = hda_reg_write_stereo_amp(codec, reg, val); -+ goto out; -+ } - -- if (verb == AC_VERB_SET_PROC_COEF) -- return hda_reg_write_coef(codec, reg, val); -+ if (verb == AC_VERB_SET_PROC_COEF) { -+ err = hda_reg_write_coef(codec, reg, val); -+ goto out; -+ } - - switch (verb & 0xf00) { - case AC_VERB_SET_AMP_GAIN_MUTE: -@@ -319,10 +340,12 @@ static int hda_reg_write(void *context, - reg |= (verb + i) << 8 | ((val >> (8 * i)) & 0xff); - err = snd_hdac_exec_verb(codec, reg, 0, NULL); - if (err < 0) -- return err; -+ goto out; - } - -- return 0; -+ out: -+ codec_pm_unlock(codec, pm_lock); -+ return err; - } - - static const struct regmap_config hda_regmap_cfg = { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.drivers/ALSA-hda-Limit-i915-HDMI-binding-only-for-HSW-and-la new/patches.drivers/ALSA-hda-Limit-i915-HDMI-binding-only-for-HSW-and-la --- old/patches.drivers/ALSA-hda-Limit-i915-HDMI-binding-only-for-HSW-and-la 2016-03-18 21:35:29.000000000 +0100 +++ new/patches.drivers/ALSA-hda-Limit-i915-HDMI-binding-only-for-HSW-and-la 1970-01-01 01:00:00.000000000 +0100 @@ -1,43 +0,0 @@ -From b62232d429fa8b1dcf5d8503aa5a5397a03e646a Mon Sep 17 00:00:00 2001 -From: Takashi Iwai <tiwai(a)suse.de> -Date: Tue, 15 Mar 2016 18:15:26 +0100 -Subject: [PATCH] ALSA: hda - Limit i915 HDMI binding only for HSW and later -Patch-mainline: Queued in subsystem maintainer repository -Git-commit: b62232d429fa8b1dcf5d8503aa5a5397a03e646a -Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git -References: boo#971737 -Mime-version: 1.0 -Content-type: text/plain; charset=UTF-8 -Content-transfer-encoding: 8bit - -It turned out that the pre-HSW Intel chips are incompatible with the -naive assumption we had -- the fixed mapping between the port and the -HD-audio widget. This may result in the bad access, as captured by -the recent patch to add a WARN_ON() for the port mapping check. - -As a quick workaround, disable the i915 audio component binding for -all pre-Haswell models. - -Reported-by: Ville Syrjälä <ville.syrjala(a)linux.intel.com> -Cc: <stable(a)vger.kernel.org> # v4.5 -Signed-off-by: Takashi Iwai <tiwai(a)suse.de> - ---- - sound/pci/hda/patch_hdmi.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - ---- a/sound/pci/hda/patch_hdmi.c -+++ b/sound/pci/hda/patch_hdmi.c -@@ -2460,9 +2460,10 @@ static int patch_generic_hdmi(struct hda - codec->spec = spec; - hdmi_array_init(spec, 4); - -- /* Try to bind with i915 for any Intel codecs (if not done yet) */ -+ /* Try to bind with i915 for Intel HSW+ codecs (if not done yet) */ - if (!codec_has_acomp(codec) && -- (codec->core.vendor_id >> 16) == 0x8086) -+ (codec->core.vendor_id >> 16) == 0x8086 && -+ is_haswell_plus(codec)) - if (!snd_hdac_i915_init(&codec->bus->core)) - spec->i915_bound = true; - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.drivers/ALSA-hda-Really-restrict-i915-notifier-to-HSW new/patches.drivers/ALSA-hda-Really-restrict-i915-notifier-to-HSW --- old/patches.drivers/ALSA-hda-Really-restrict-i915-notifier-to-HSW 2016-03-18 21:35:29.000000000 +0100 +++ new/patches.drivers/ALSA-hda-Really-restrict-i915-notifier-to-HSW 1970-01-01 01:00:00.000000000 +0100 @@ -1,78 +0,0 @@ -From 691be973c0621255abb31572a98e35c57be70212 Mon Sep 17 00:00:00 2001 -From: Takashi Iwai <tiwai(a)suse.de> -Date: Fri, 18 Mar 2016 15:10:08 +0100 -Subject: [PATCH] ALSA: hda - Really restrict i915 notifier to HSW+ -Patch-mainline: Queued in subsystem maintainer repository -Git-commit: 691be973c0621255abb31572a98e35c57be70212 -Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git -References: boo#971737 -Mime-version: 1.0 -Content-type: text/plain; charset=UTF-8 -Content-transfer-encoding: 8bit - -The commit [b62232d429fa: ALSA: hda - Limit i915 HDMI binding only for -HSW and later] tried to limit the usage of i915 audio notifier to the -recent Intel models and switch to the old method on pre-Haswell -models. However, it assumed that the i915 component binding hasn't -been done on such models, and the assumption was wrong: namely, -Baytrail had already the i915 component binding due to powerwell -control. Thus, the workaround wasn't applied to Baytrail. - -For fixing this properly, this patch introduces a new flag indicating -the usage of audio notifier and codec_has_acomp() refers to this flag -instead of checking the existence of audio component. - -Reported-by: Ville Syrjälä <ville.syrjala(a)linux.intel.com> -Cc: <stable(a)vger.kernel.org> # v4.5 -Signed-off-by: Takashi Iwai <tiwai(a)suse.de> - ---- - sound/pci/hda/patch_hdmi.c | 24 +++++++++++++++++------- - 1 file changed, 17 insertions(+), 7 deletions(-) - ---- a/sound/pci/hda/patch_hdmi.c -+++ b/sound/pci/hda/patch_hdmi.c -@@ -152,13 +152,17 @@ struct hdmi_spec { - struct hda_pcm_stream pcm_playback; - - /* i915/powerwell (Haswell+/Valleyview+) specific */ -+ bool use_acomp_notifier; /* use i915 eld_notify callback for hotplug */ - struct i915_audio_component_audio_ops i915_audio_ops; - bool i915_bound; /* was i915 bound in this driver? */ - }; - - #ifdef CONFIG_SND_HDA_I915 --#define codec_has_acomp(codec) \ -- ((codec)->bus->core.audio_component != NULL) -+static inline bool codec_has_acomp(struct hda_codec *codec) -+{ -+ struct hdmi_spec *spec = codec->spec; -+ return spec->use_acomp_notifier; -+} - #else - #define codec_has_acomp(codec) false - #endif -@@ -2460,12 +2464,18 @@ static int patch_generic_hdmi(struct hda - codec->spec = spec; - hdmi_array_init(spec, 4); - -+#ifdef CONFIG_SND_HDA_I915 - /* Try to bind with i915 for Intel HSW+ codecs (if not done yet) */ -- if (!codec_has_acomp(codec) && -- (codec->core.vendor_id >> 16) == 0x8086 && -- is_haswell_plus(codec)) -- if (!snd_hdac_i915_init(&codec->bus->core)) -- spec->i915_bound = true; -+ if ((codec->core.vendor_id >> 16) == 0x8086 && -+ is_haswell_plus(codec)) { -+ if (!codec->bus->core.audio_component) -+ if (!snd_hdac_i915_init(&codec->bus->core)) -+ spec->i915_bound = true; -+ /* use i915 audio component notifier for hotplug */ -+ if (codec->bus->core.audio_component) -+ spec->use_acomp_notifier = true; -+ } -+#endif - - if (is_haswell_plus(codec)) { - intel_haswell_enable_all_pins(codec, true); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.drivers/ALSA-usb-audio-Add-sanity-checks-for-endpoint-access new/patches.drivers/ALSA-usb-audio-Add-sanity-checks-for-endpoint-access --- old/patches.drivers/ALSA-usb-audio-Add-sanity-checks-for-endpoint-access 2016-03-18 21:35:29.000000000 +0100 +++ new/patches.drivers/ALSA-usb-audio-Add-sanity-checks-for-endpoint-access 1970-01-01 01:00:00.000000000 +0100 @@ -1,74 +0,0 @@ -From 447d6275f0c21f6cc97a88b3a0c601436a4cdf2a Mon Sep 17 00:00:00 2001 -From: Takashi Iwai <tiwai(a)suse.de> -Date: Tue, 15 Mar 2016 15:20:58 +0100 -Subject: [PATCH] ALSA: usb-audio: Add sanity checks for endpoint accesses -Patch-mainline: Queued in subsystem maintainer repository -Git-commit: 447d6275f0c21f6cc97a88b3a0c601436a4cdf2a -Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git -References: CVE-2016-2184,bsc#971125 - -Add some sanity check codes before actually accessing the endpoint via -get_endpoint() in order to avoid the invalid access through a -malformed USB descriptor. Mostly just checking bNumEndpoints, but in -one place (snd_microii_spdif_default_get()), the validity of iface and -altsetting index is checked as well. - -Bugzilla: https://bugzilla.suse.com/show_bug.cgi?id=971125 -Cc: <stable(a)vger.kernel.org> -Signed-off-by: Takashi Iwai <tiwai(a)suse.de> - ---- - sound/usb/clock.c | 2 ++ - sound/usb/endpoint.c | 3 +++ - sound/usb/mixer_quirks.c | 4 ++++ - sound/usb/pcm.c | 2 ++ - 4 files changed, 11 insertions(+) - ---- a/sound/usb/clock.c -+++ b/sound/usb/clock.c -@@ -285,6 +285,8 @@ static int set_sample_rate_v1(struct snd - unsigned char data[3]; - int err, crate; - -+ if (get_iface_desc(alts)->bNumEndpoints < 1) -+ return -EINVAL; - ep = get_endpoint(alts, 0)->bEndpointAddress; - - /* if endpoint doesn't have sampling rate control, bail out */ ---- a/sound/usb/endpoint.c -+++ b/sound/usb/endpoint.c -@@ -438,6 +438,9 @@ exit_clear: - * - * New endpoints will be added to chip->ep_list and must be freed by - * calling snd_usb_endpoint_free(). -+ * -+ * For SND_USB_ENDPOINT_TYPE_SYNC, the caller needs to guarantee that -+ * bNumEndpoints > 1 beforehand. - */ - struct snd_usb_endpoint *snd_usb_add_endpoint(struct snd_usb_audio *chip, - struct usb_host_interface *alts, ---- a/sound/usb/mixer_quirks.c -+++ b/sound/usb/mixer_quirks.c -@@ -1519,7 +1519,11 @@ static int snd_microii_spdif_default_get - - /* use known values for that card: interface#1 altsetting#1 */ - iface = usb_ifnum_to_if(chip->dev, 1); -+ if (!iface || iface->num_altsetting < 2) -+ return -EINVAL; - alts = &iface->altsetting[1]; -+ if (get_iface_desc(alts)->bNumEndpoints < 1) -+ return -EINVAL; - ep = get_endpoint(alts, 0)->bEndpointAddress; - - err = snd_usb_ctl_msg(chip->dev, ---- a/sound/usb/pcm.c -+++ b/sound/usb/pcm.c -@@ -159,6 +159,8 @@ static int init_pitch_v1(struct snd_usb_ - unsigned char data[1]; - int err; - -+ if (get_iface_desc(alts)->bNumEndpoints < 1) -+ return -EINVAL; - ep = get_endpoint(alts, 0)->bEndpointAddress; - - data[0] = 1; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.drivers/ALSA-usb-audio-Fix-NULL-dereference-in-create_fixed new/patches.drivers/ALSA-usb-audio-Fix-NULL-dereference-in-create_fixed --- old/patches.drivers/ALSA-usb-audio-Fix-NULL-dereference-in-create_fixed 2016-03-18 21:35:29.000000000 +0100 +++ new/patches.drivers/ALSA-usb-audio-Fix-NULL-dereference-in-create_fixed 1970-01-01 01:00:00.000000000 +0100 @@ -1,39 +0,0 @@ -From 0f886ca12765d20124bd06291c82951fd49a33be Mon Sep 17 00:00:00 2001 -From: Takashi Iwai <tiwai(a)suse.de> -Date: Tue, 15 Mar 2016 12:09:10 +0100 -Subject: [PATCH] ALSA: usb-audio: Fix NULL dereference in create_fixed_stream_quirk() -Patch-mainline: Queued in subsystem maintainer repository -Git-commit: 0f886ca12765d20124bd06291c82951fd49a33be -Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git -References: CVE-2016-2184,bsc#971125 - -create_fixed_stream_quirk() may cause a NULL-pointer dereference by -accessing the non-existing endpoint when a USB device with a malformed -USB descriptor is used. - -This patch avoids it simply by adding a sanity check of bNumEndpoints -before the accesses. - -Bugzilla: https://bugzilla.suse.com/show_bug.cgi?id=971125 -Cc: <stable(a)vger.kernel.org> -Signed-off-by: Takashi Iwai <tiwai(a)suse.de> - ---- - sound/usb/quirks.c | 6 ++++++ - 1 file changed, 6 insertions(+) - ---- a/sound/usb/quirks.c -+++ b/sound/usb/quirks.c -@@ -180,6 +180,12 @@ static int create_fixed_stream_quirk(str - } - alts = &iface->altsetting[fp->altset_idx]; - altsd = get_iface_desc(alts); -+ if (altsd->bNumEndpoints < 1) { -+ kfree(fp); -+ kfree(rate_table); -+ return -EINVAL; -+ } -+ - fp->protocol = altsd->bInterfaceProtocol; - - if (fp->datainterval == 0) ++++++ patches.fixes.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/net-irda-Fix-use-after-free-in-irtty_open.patch new/patches.fixes/net-irda-Fix-use-after-free-in-irtty_open.patch --- old/patches.fixes/net-irda-Fix-use-after-free-in-irtty_open.patch 2016-03-18 13:33:44.000000000 +0100 +++ new/patches.fixes/net-irda-Fix-use-after-free-in-irtty_open.patch 1970-01-01 01:00:00.000000000 +0100 @@ -1,69 +0,0 @@ -From: Peter Hurley <peter(a)hurleysoftware.com> -Date: Sat, 9 Jan 2016 17:48:45 -0800 -Subject: net: irda: Fix use-after-free in irtty_open() -Patch-mainline: v4.6-rc1 -Git-commit: 401879c57f01cbf2da204ad2e8db910525c6dbea -References: bnc#967903 - -The N_IRDA line discipline may access the previous line discipline's closed -and already-fre private data on open [1]. - -The tty->disc_data field _never_ refers to valid data on entry to the -line discipline's open() method. Rather, the ldisc is expected to -initialize that field for its own use for the lifetime of the instance -(ie. from open() to close() only). - -[1] - ================================================================== - BUG: KASAN: use-after-free in irtty_open+0x422/0x550 at addr ffff8800331dd068 - Read of size 4 by task a.out/13960 - ============================================================================= - BUG kmalloc-512 (Tainted: G B ): kasan: bad access detected - ----------------------------------------------------------------------------- - ... - Call Trace: - [<ffffffff815fa2ae>] __asan_report_load4_noabort+0x3e/0x40 mm/kasan/report.c:279 - [<ffffffff836938a2>] irtty_open+0x422/0x550 drivers/net/irda/irtty-sir.c:436 - [<ffffffff829f1b80>] tty_ldisc_open.isra.2+0x60/0xa0 drivers/tty/tty_ldisc.c:447 - [<ffffffff829f21c0>] tty_set_ldisc+0x1a0/0x940 drivers/tty/tty_ldisc.c:567 - [< inline >] tiocsetd drivers/tty/tty_io.c:2650 - [<ffffffff829da49e>] tty_ioctl+0xace/0x1fd0 drivers/tty/tty_io.c:2883 - [< inline >] vfs_ioctl fs/ioctl.c:43 - [<ffffffff816708ac>] do_vfs_ioctl+0x57c/0xe60 fs/ioctl.c:607 - [< inline >] SYSC_ioctl fs/ioctl.c:622 - [<ffffffff81671204>] SyS_ioctl+0x74/0x80 fs/ioctl.c:613 - [<ffffffff852a7876>] entry_SYSCALL_64_fastpath+0x16/0x7a - -Reported-and-tested-by: Dmitry Vyukov <dvyukov(a)google.com> -Cc: <stable(a)vger.kernel.org> -Signed-off-by: Peter Hurley <peter(a)hurleysoftware.com> -Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> -Signed-off-by: Jiri Slaby <jslaby(a)suse.cz> ---- - drivers/net/irda/irtty-sir.c | 10 ---------- - 1 file changed, 10 deletions(-) - -diff --git a/drivers/net/irda/irtty-sir.c b/drivers/net/irda/irtty-sir.c -index 696852eb23c3..7a3f990c1935 100644 ---- a/drivers/net/irda/irtty-sir.c -+++ b/drivers/net/irda/irtty-sir.c -@@ -430,16 +430,6 @@ static int irtty_open(struct tty_struct *tty) - - /* Module stuff handled via irda_ldisc.owner - Jean II */ - -- /* First make sure we're not already connected. */ -- if (tty->disc_data != NULL) { -- priv = tty->disc_data; -- if (priv && priv->magic == IRTTY_MAGIC) { -- ret = -EEXIST; -- goto out; -- } -- tty->disc_data = NULL; /* ### */ -- } -- - /* stop the underlying driver */ - irtty_stop_receiver(tty, TRUE); - if (tty->ops->stop) --- -2.7.4 - diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/netfilter-x_tables-check-for-size-overflow.patch new/patches.fixes/netfilter-x_tables-check-for-size-overflow.patch --- old/patches.fixes/netfilter-x_tables-check-for-size-overflow.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.fixes/netfilter-x_tables-check-for-size-overflow.patch 2016-04-19 14:04:23.000000000 +0200 @@ -0,0 +1,38 @@ +From: Florian Westphal <fw(a)strlen.de> +Date: Thu, 10 Mar 2016 01:56:23 +0100 +Subject: netfilter: x_tables: check for size overflow +Patch-mainline: v4.6-rc1 +Git-commit: d157bd761585605b7882935ffb86286919f62ea1 +References: CVE-2016-3135 bsc#970904 + +Ben Hawkes says: + integer overflow in xt_alloc_table_info, which on 32-bit systems can + lead to small structure allocation and a copy_from_user based heap + corruption. + +Reported-by: Ben Hawkes <hawkes(a)google.com> +Signed-off-by: Florian Westphal <fw(a)strlen.de> +Signed-off-by: Pablo Neira Ayuso <pablo(a)netfilter.org> +Acked-by: Michal Kubecek <mkubecek(a)suse.cz> + +--- + net/netfilter/x_tables.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c +index c8a0b7da5ff4..f6950b8003e8 100644 +--- a/net/netfilter/x_tables.c ++++ b/net/netfilter/x_tables.c +@@ -659,6 +659,9 @@ struct xt_table_info *xt_alloc_table_info(unsigned int size) + struct xt_table_info *info = NULL; + size_t sz = sizeof(*info) + size; + ++ if (sz < sizeof(*info)) ++ return NULL; ++ + /* Pedantry: prevent them from hitting BUG() in vmalloc.c --RR */ + if ((SMP_ALIGN(size) >> PAGE_SHIFT) + 2 > totalram_pages) + return NULL; +-- +2.8.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/netfilter-x_tables-fix-unconditional-helper.patch new/patches.fixes/netfilter-x_tables-fix-unconditional-helper.patch --- old/patches.fixes/netfilter-x_tables-fix-unconditional-helper.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.fixes/netfilter-x_tables-fix-unconditional-helper.patch 2016-04-19 14:04:23.000000000 +0200 @@ -0,0 +1,238 @@ +From: Florian Westphal <fw(a)strlen.de> +Date: Tue, 22 Mar 2016 18:02:52 +0100 +Subject: netfilter: x_tables: fix unconditional helper +Patch-mainline: v4.6-rc2 +Git-commit: 54d83fc74aa9ec72794373cb47432c5f7fb1a309 +References: CVE-2016-3134 bsc#971126 + +Ben Hawkes says: + + In the mark_source_chains function (net/ipv4/netfilter/ip_tables.c) it + is possible for a user-supplied ipt_entry structure to have a large + next_offset field. This field is not bounds checked prior to writing a + counter value at the supplied offset. + +Problem is that mark_source_chains should not have been called -- +the rule doesn't have a next entry, so its supposed to return +an absolute verdict of either ACCEPT or DROP. + +However, the function conditional() doesn't work as the name implies. +It only checks that the rule is using wildcard address matching. + +However, an unconditional rule must also not be using any matches +(no -m args). + +The underflow validator only checked the addresses, therefore +passing the 'unconditional absolute verdict' test, while +mark_source_chains also tested for presence of matches, and thus +proceeeded to the next (not-existent) rule. + +Unify this so that all the callers have same idea of 'unconditional rule'. + +Reported-by: Ben Hawkes <hawkes(a)google.com> +Signed-off-by: Florian Westphal <fw(a)strlen.de> +Signed-off-by: Pablo Neira Ayuso <pablo(a)netfilter.org> +Acked-by: Michal Kubecek <mkubecek(a)suse.cz> + +--- + net/ipv4/netfilter/arp_tables.c | 18 +++++++++--------- + net/ipv4/netfilter/ip_tables.c | 23 +++++++++++------------ + net/ipv6/netfilter/ip6_tables.c | 23 +++++++++++------------ + 3 files changed, 31 insertions(+), 33 deletions(-) + +diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c +index 815868e08b0b..08b315a3ce87 100644 +--- a/net/ipv4/netfilter/arp_tables.c ++++ b/net/ipv4/netfilter/arp_tables.c +@@ -359,11 +359,12 @@ unsigned int arpt_do_table(struct sk_buff *skb, + } + + /* All zeroes == unconditional rule. */ +-static inline bool unconditional(const struct arpt_arp *arp) ++static inline bool unconditional(const struct arpt_entry *e) + { + static const struct arpt_arp uncond; + +- return memcmp(arp, &uncond, sizeof(uncond)) == 0; ++ return e->target_offset == sizeof(struct arpt_entry) && ++ memcmp(&e->arp, &uncond, sizeof(uncond)) == 0; + } + + /* Figures out from what hook each rule can be called: returns 0 if +@@ -402,11 +403,10 @@ static int mark_source_chains(const struct xt_table_info *newinfo, + |= ((1 << hook) | (1 << NF_ARP_NUMHOOKS)); + + /* Unconditional return/END. */ +- if ((e->target_offset == sizeof(struct arpt_entry) && ++ if ((unconditional(e) && + (strcmp(t->target.u.user.name, + XT_STANDARD_TARGET) == 0) && +- t->verdict < 0 && unconditional(&e->arp)) || +- visited) { ++ t->verdict < 0) || visited) { + unsigned int oldpos, size; + + if ((strcmp(t->target.u.user.name, +@@ -551,7 +551,7 @@ static bool check_underflow(const struct arpt_entry *e) + const struct xt_entry_target *t; + unsigned int verdict; + +- if (!unconditional(&e->arp)) ++ if (!unconditional(e)) + return false; + t = arpt_get_target_c(e); + if (strcmp(t->u.user.name, XT_STANDARD_TARGET) != 0) +@@ -598,9 +598,9 @@ static inline int check_entry_size_and_hooks(struct arpt_entry *e, + newinfo->hook_entry[h] = hook_entries[h]; + if ((unsigned char *)e - base == underflows[h]) { + if (!check_underflow(e)) { +- pr_err("Underflows must be unconditional and " +- "use the STANDARD target with " +- "ACCEPT/DROP\n"); ++ pr_debug("Underflows must be unconditional and " ++ "use the STANDARD target with " ++ "ACCEPT/DROP\n"); + return -EINVAL; + } + newinfo->underflow[h] = underflows[h]; +diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c +index 0a81558c932e..99d46b0a4ead 100644 +--- a/net/ipv4/netfilter/ip_tables.c ++++ b/net/ipv4/netfilter/ip_tables.c +@@ -168,11 +168,12 @@ get_entry(const void *base, unsigned int offset) + + /* All zeroes == unconditional rule. */ + /* Mildly perf critical (only if packet tracing is on) */ +-static inline bool unconditional(const struct ipt_ip *ip) ++static inline bool unconditional(const struct ipt_entry *e) + { + static const struct ipt_ip uncond; + +- return memcmp(ip, &uncond, sizeof(uncond)) == 0; ++ return e->target_offset == sizeof(struct ipt_entry) && ++ memcmp(&e->ip, &uncond, sizeof(uncond)) == 0; + #undef FWINV + } + +@@ -229,11 +230,10 @@ get_chainname_rulenum(const struct ipt_entry *s, const struct ipt_entry *e, + } else if (s == e) { + (*rulenum)++; + +- if (s->target_offset == sizeof(struct ipt_entry) && ++ if (unconditional(s) && + strcmp(t->target.u.kernel.target->name, + XT_STANDARD_TARGET) == 0 && +- t->verdict < 0 && +- unconditional(&s->ip)) { ++ t->verdict < 0) { + /* Tail of chains: STANDARD target (return/policy) */ + *comment = *chainname == hookname + ? comments[NF_IP_TRACE_COMMENT_POLICY] +@@ -476,11 +476,10 @@ mark_source_chains(const struct xt_table_info *newinfo, + e->comefrom |= ((1 << hook) | (1 << NF_INET_NUMHOOKS)); + + /* Unconditional return/END. */ +- if ((e->target_offset == sizeof(struct ipt_entry) && ++ if ((unconditional(e) && + (strcmp(t->target.u.user.name, + XT_STANDARD_TARGET) == 0) && +- t->verdict < 0 && unconditional(&e->ip)) || +- visited) { ++ t->verdict < 0) || visited) { + unsigned int oldpos, size; + + if ((strcmp(t->target.u.user.name, +@@ -715,7 +714,7 @@ static bool check_underflow(const struct ipt_entry *e) + const struct xt_entry_target *t; + unsigned int verdict; + +- if (!unconditional(&e->ip)) ++ if (!unconditional(e)) + return false; + t = ipt_get_target_c(e); + if (strcmp(t->u.user.name, XT_STANDARD_TARGET) != 0) +@@ -763,9 +762,9 @@ check_entry_size_and_hooks(struct ipt_entry *e, + newinfo->hook_entry[h] = hook_entries[h]; + if ((unsigned char *)e - base == underflows[h]) { + if (!check_underflow(e)) { +- pr_err("Underflows must be unconditional and " +- "use the STANDARD target with " +- "ACCEPT/DROP\n"); ++ pr_debug("Underflows must be unconditional and " ++ "use the STANDARD target with " ++ "ACCEPT/DROP\n"); + return -EINVAL; + } + newinfo->underflow[h] = underflows[h]; +diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c +index 69a4ebec2012..6198807e06f4 100644 +--- a/net/ipv6/netfilter/ip6_tables.c ++++ b/net/ipv6/netfilter/ip6_tables.c +@@ -198,11 +198,12 @@ get_entry(const void *base, unsigned int offset) + + /* All zeroes == unconditional rule. */ + /* Mildly perf critical (only if packet tracing is on) */ +-static inline bool unconditional(const struct ip6t_ip6 *ipv6) ++static inline bool unconditional(const struct ip6t_entry *e) + { + static const struct ip6t_ip6 uncond; + +- return memcmp(ipv6, &uncond, sizeof(uncond)) == 0; ++ return e->target_offset == sizeof(struct ip6t_entry) && ++ memcmp(&e->ipv6, &uncond, sizeof(uncond)) == 0; + } + + static inline const struct xt_entry_target * +@@ -258,11 +259,10 @@ get_chainname_rulenum(const struct ip6t_entry *s, const struct ip6t_entry *e, + } else if (s == e) { + (*rulenum)++; + +- if (s->target_offset == sizeof(struct ip6t_entry) && ++ if (unconditional(s) && + strcmp(t->target.u.kernel.target->name, + XT_STANDARD_TARGET) == 0 && +- t->verdict < 0 && +- unconditional(&s->ipv6)) { ++ t->verdict < 0) { + /* Tail of chains: STANDARD target (return/policy) */ + *comment = *chainname == hookname + ? comments[NF_IP6_TRACE_COMMENT_POLICY] +@@ -488,11 +488,10 @@ mark_source_chains(const struct xt_table_info *newinfo, + e->comefrom |= ((1 << hook) | (1 << NF_INET_NUMHOOKS)); + + /* Unconditional return/END. */ +- if ((e->target_offset == sizeof(struct ip6t_entry) && ++ if ((unconditional(e) && + (strcmp(t->target.u.user.name, + XT_STANDARD_TARGET) == 0) && +- t->verdict < 0 && +- unconditional(&e->ipv6)) || visited) { ++ t->verdict < 0) || visited) { + unsigned int oldpos, size; + + if ((strcmp(t->target.u.user.name, +@@ -727,7 +726,7 @@ static bool check_underflow(const struct ip6t_entry *e) + const struct xt_entry_target *t; + unsigned int verdict; + +- if (!unconditional(&e->ipv6)) ++ if (!unconditional(e)) + return false; + t = ip6t_get_target_c(e); + if (strcmp(t->u.user.name, XT_STANDARD_TARGET) != 0) +@@ -775,9 +774,9 @@ check_entry_size_and_hooks(struct ip6t_entry *e, + newinfo->hook_entry[h] = hook_entries[h]; + if ((unsigned char *)e - base == underflows[h]) { + if (!check_underflow(e)) { +- pr_err("Underflows must be unconditional and " +- "use the STANDARD target with " +- "ACCEPT/DROP\n"); ++ pr_debug("Underflows must be unconditional and " ++ "use the STANDARD target with " ++ "ACCEPT/DROP\n"); + return -EINVAL; + } + newinfo->underflow[h] = underflows[h]; +-- +2.8.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/netfilter-x_tables-make-sure-e-next_offset-covers-re.patch new/patches.fixes/netfilter-x_tables-make-sure-e-next_offset-covers-re.patch --- old/patches.fixes/netfilter-x_tables-make-sure-e-next_offset-covers-re.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.fixes/netfilter-x_tables-make-sure-e-next_offset-covers-re.patch 2016-04-19 14:04:23.000000000 +0200 @@ -0,0 +1,95 @@ +From: Florian Westphal <fw(a)strlen.de> +Date: Tue, 22 Mar 2016 18:02:50 +0100 +Subject: netfilter: x_tables: make sure e->next_offset covers + remaining blob size +Patch-mainline: v4.6-rc2 +Git-commit: 6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91 +References: CVE-2016-3134 bsc#971126 + +Otherwise this function may read data beyond the ruleset blob. + +Signed-off-by: Florian Westphal <fw(a)strlen.de> +Signed-off-by: Pablo Neira Ayuso <pablo(a)netfilter.org> +Acked-by: Michal Kubecek <mkubecek(a)suse.cz> + +--- + net/ipv4/netfilter/arp_tables.c | 6 ++++-- + net/ipv4/netfilter/ip_tables.c | 6 ++++-- + net/ipv6/netfilter/ip6_tables.c | 6 ++++-- + 3 files changed, 12 insertions(+), 6 deletions(-) + +diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c +index ef4d1a573dbb..815868e08b0b 100644 +--- a/net/ipv4/netfilter/arp_tables.c ++++ b/net/ipv4/netfilter/arp_tables.c +@@ -573,7 +573,8 @@ static inline int check_entry_size_and_hooks(struct arpt_entry *e, + int err; + + if ((unsigned long)e % __alignof__(struct arpt_entry) != 0 || +- (unsigned char *)e + sizeof(struct arpt_entry) >= limit) { ++ (unsigned char *)e + sizeof(struct arpt_entry) >= limit || ++ (unsigned char *)e + e->next_offset > limit) { + duprintf("Bad offset %p\n", e); + return -EINVAL; + } +@@ -1232,7 +1233,8 @@ check_compat_entry_size_and_hooks(struct compat_arpt_entry *e, + + duprintf("check_compat_entry_size_and_hooks %p\n", e); + if ((unsigned long)e % __alignof__(struct compat_arpt_entry) != 0 || +- (unsigned char *)e + sizeof(struct compat_arpt_entry) >= limit) { ++ (unsigned char *)e + sizeof(struct compat_arpt_entry) >= limit || ++ (unsigned char *)e + e->next_offset > limit) { + duprintf("Bad offset %p, limit = %p\n", e, limit); + return -EINVAL; + } +diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c +index ae55f23a851c..0a81558c932e 100644 +--- a/net/ipv4/netfilter/ip_tables.c ++++ b/net/ipv4/netfilter/ip_tables.c +@@ -738,7 +738,8 @@ check_entry_size_and_hooks(struct ipt_entry *e, + int err; + + if ((unsigned long)e % __alignof__(struct ipt_entry) != 0 || +- (unsigned char *)e + sizeof(struct ipt_entry) >= limit) { ++ (unsigned char *)e + sizeof(struct ipt_entry) >= limit || ++ (unsigned char *)e + e->next_offset > limit) { + duprintf("Bad offset %p\n", e); + return -EINVAL; + } +@@ -1492,7 +1493,8 @@ check_compat_entry_size_and_hooks(struct compat_ipt_entry *e, + + duprintf("check_compat_entry_size_and_hooks %p\n", e); + if ((unsigned long)e % __alignof__(struct compat_ipt_entry) != 0 || +- (unsigned char *)e + sizeof(struct compat_ipt_entry) >= limit) { ++ (unsigned char *)e + sizeof(struct compat_ipt_entry) >= limit || ++ (unsigned char *)e + e->next_offset > limit) { + duprintf("Bad offset %p, limit = %p\n", e, limit); + return -EINVAL; + } +diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c +index 88221aba4639..69a4ebec2012 100644 +--- a/net/ipv6/netfilter/ip6_tables.c ++++ b/net/ipv6/netfilter/ip6_tables.c +@@ -750,7 +750,8 @@ check_entry_size_and_hooks(struct ip6t_entry *e, + int err; + + if ((unsigned long)e % __alignof__(struct ip6t_entry) != 0 || +- (unsigned char *)e + sizeof(struct ip6t_entry) >= limit) { ++ (unsigned char *)e + sizeof(struct ip6t_entry) >= limit || ++ (unsigned char *)e + e->next_offset > limit) { + duprintf("Bad offset %p\n", e); + return -EINVAL; + } +@@ -1504,7 +1505,8 @@ check_compat_entry_size_and_hooks(struct compat_ip6t_entry *e, + + duprintf("check_compat_entry_size_and_hooks %p\n", e); + if ((unsigned long)e % __alignof__(struct compat_ip6t_entry) != 0 || +- (unsigned char *)e + sizeof(struct compat_ip6t_entry) >= limit) { ++ (unsigned char *)e + sizeof(struct compat_ip6t_entry) >= limit || ++ (unsigned char *)e + e->next_offset > limit) { + duprintf("Bad offset %p, limit = %p\n", e, limit); + return -EINVAL; + } +-- +2.8.1 + diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/patches.fixes/netfilter-x_tables-validate-e-target_offset-early.patch new/patches.fixes/netfilter-x_tables-validate-e-target_offset-early.patch --- old/patches.fixes/netfilter-x_tables-validate-e-target_offset-early.patch 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.fixes/netfilter-x_tables-validate-e-target_offset-early.patch 2016-04-19 14:04:23.000000000 +0200 @@ -0,0 +1,204 @@ +From: Florian Westphal <fw(a)strlen.de> +Date: Tue, 22 Mar 2016 18:02:49 +0100 +Subject: netfilter: x_tables: validate e->target_offset early +Patch-mainline: v4.6-rc2 +Git-commit: bdf533de6968e9686df777dc178486f600c6e617 +References: CVE-2016-3134 bsc#971126 + +We should check that e->target_offset is sane before +mark_source_chains gets called since it will fetch the target entry +for loop detection. + +Signed-off-by: Florian Westphal <fw(a)strlen.de> +Signed-off-by: Pablo Neira Ayuso <pablo(a)netfilter.org> +Acked-by: Michal Kubecek <mkubecek(a)suse.cz> + +--- + net/ipv4/netfilter/arp_tables.c | 17 ++++++++--------- + net/ipv4/netfilter/ip_tables.c | 17 ++++++++--------- + net/ipv6/netfilter/ip6_tables.c | 17 ++++++++--------- + 3 files changed, 24 insertions(+), 27 deletions(-) + +diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c +index b488cac9c5ca..ef4d1a573dbb 100644 +--- a/net/ipv4/netfilter/arp_tables.c ++++ b/net/ipv4/netfilter/arp_tables.c +@@ -474,14 +474,12 @@ next: + return 1; + } + +-static inline int check_entry(const struct arpt_entry *e, const char *name) ++static inline int check_entry(const struct arpt_entry *e) + { + const struct xt_entry_target *t; + +- if (!arp_checkentry(&e->arp)) { +- duprintf("arp_tables: arp check failed %p %s.\n", e, name); ++ if (!arp_checkentry(&e->arp)) + return -EINVAL; +- } + + if (e->target_offset + sizeof(struct xt_entry_target) > e->next_offset) + return -EINVAL; +@@ -522,10 +520,6 @@ find_check_entry(struct arpt_entry *e, const char *name, unsigned int size) + struct xt_target *target; + int ret; + +- ret = check_entry(e, name); +- if (ret) +- return ret; +- + e->counters.pcnt = xt_percpu_counter_alloc(); + if (IS_ERR_VALUE(e->counters.pcnt)) + return -ENOMEM; +@@ -576,6 +570,7 @@ static inline int check_entry_size_and_hooks(struct arpt_entry *e, + unsigned int valid_hooks) + { + unsigned int h; ++ int err; + + if ((unsigned long)e % __alignof__(struct arpt_entry) != 0 || + (unsigned char *)e + sizeof(struct arpt_entry) >= limit) { +@@ -590,6 +585,10 @@ static inline int check_entry_size_and_hooks(struct arpt_entry *e, + return -EINVAL; + } + ++ err = check_entry(e); ++ if (err) ++ return err; ++ + /* Check hooks & underflows */ + for (h = 0; h < NF_ARP_NUMHOOKS; h++) { + if (!(valid_hooks & (1 << h))) +@@ -1246,7 +1245,7 @@ check_compat_entry_size_and_hooks(struct compat_arpt_entry *e, + } + + /* For purposes of check_entry casting the compat entry is fine */ +- ret = check_entry((struct arpt_entry *)e, name); ++ ret = check_entry((struct arpt_entry *)e); + if (ret) + return ret; + +diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c +index b99affad6ba1..ae55f23a851c 100644 +--- a/net/ipv4/netfilter/ip_tables.c ++++ b/net/ipv4/netfilter/ip_tables.c +@@ -569,14 +569,12 @@ static void cleanup_match(struct xt_entry_match *m, struct net *net) + } + + static int +-check_entry(const struct ipt_entry *e, const char *name) ++check_entry(const struct ipt_entry *e) + { + const struct xt_entry_target *t; + +- if (!ip_checkentry(&e->ip)) { +- duprintf("ip check failed %p %s.\n", e, name); ++ if (!ip_checkentry(&e->ip)) + return -EINVAL; +- } + + if (e->target_offset + sizeof(struct xt_entry_target) > + e->next_offset) +@@ -666,10 +664,6 @@ find_check_entry(struct ipt_entry *e, struct net *net, const char *name, + struct xt_mtchk_param mtpar; + struct xt_entry_match *ematch; + +- ret = check_entry(e, name); +- if (ret) +- return ret; +- + e->counters.pcnt = xt_percpu_counter_alloc(); + if (IS_ERR_VALUE(e->counters.pcnt)) + return -ENOMEM; +@@ -741,6 +735,7 @@ check_entry_size_and_hooks(struct ipt_entry *e, + unsigned int valid_hooks) + { + unsigned int h; ++ int err; + + if ((unsigned long)e % __alignof__(struct ipt_entry) != 0 || + (unsigned char *)e + sizeof(struct ipt_entry) >= limit) { +@@ -755,6 +750,10 @@ check_entry_size_and_hooks(struct ipt_entry *e, + return -EINVAL; + } + ++ err = check_entry(e); ++ if (err) ++ return err; ++ + /* Check hooks & underflows */ + for (h = 0; h < NF_INET_NUMHOOKS; h++) { + if (!(valid_hooks & (1 << h))) +@@ -1506,7 +1505,7 @@ check_compat_entry_size_and_hooks(struct compat_ipt_entry *e, + } + + /* For purposes of check_entry casting the compat entry is fine */ +- ret = check_entry((struct ipt_entry *)e, name); ++ ret = check_entry((struct ipt_entry *)e); + if (ret) + return ret; + +diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c +index 99425cf2819b..88221aba4639 100644 +--- a/net/ipv6/netfilter/ip6_tables.c ++++ b/net/ipv6/netfilter/ip6_tables.c +@@ -581,14 +581,12 @@ static void cleanup_match(struct xt_entry_match *m, struct net *net) + } + + static int +-check_entry(const struct ip6t_entry *e, const char *name) ++check_entry(const struct ip6t_entry *e) + { + const struct xt_entry_target *t; + +- if (!ip6_checkentry(&e->ipv6)) { +- duprintf("ip_tables: ip check failed %p %s.\n", e, name); ++ if (!ip6_checkentry(&e->ipv6)) + return -EINVAL; +- } + + if (e->target_offset + sizeof(struct xt_entry_target) > + e->next_offset) +@@ -679,10 +677,6 @@ find_check_entry(struct ip6t_entry *e, struct net *net, const char *name, + struct xt_mtchk_param mtpar; + struct xt_entry_match *ematch; + +- ret = check_entry(e, name); +- if (ret) +- return ret; +- + e->counters.pcnt = xt_percpu_counter_alloc(); + if (IS_ERR_VALUE(e->counters.pcnt)) + return -ENOMEM; +@@ -753,6 +747,7 @@ check_entry_size_and_hooks(struct ip6t_entry *e, + unsigned int valid_hooks) + { + unsigned int h; ++ int err; + + if ((unsigned long)e % __alignof__(struct ip6t_entry) != 0 || + (unsigned char *)e + sizeof(struct ip6t_entry) >= limit) { +@@ -767,6 +762,10 @@ check_entry_size_and_hooks(struct ip6t_entry *e, + return -EINVAL; + } + ++ err = check_entry(e); ++ if (err) ++ return err; ++ + /* Check hooks & underflows */ + for (h = 0; h < NF_INET_NUMHOOKS; h++) { + if (!(valid_hooks & (1 << h))) +@@ -1518,7 +1517,7 @@ check_compat_entry_size_and_hooks(struct compat_ip6t_entry *e, + } + + /* For purposes of check_entry casting the compat entry is fine */ +- ret = check_entry((struct ip6t_entry *)e, name); ++ ret = check_entry((struct ip6t_entry *)e); + if (ret) + return ret; + +-- +2.8.1 + ++++++ patches.kernel.org.tar.bz2 ++++++ ++++ 14767 lines of diff (skipped) ++++++ patches.suse.tar.bz2 ++++++ ++++++ series.conf ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:53.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:53.000000000 +0200 @@ -27,6 +27,8 @@ # DO NOT MODIFY THEM! # Send separate patches upstream if you find a problem... ######################################################## + patches.kernel.org/patch-4.5.1 + patches.kernel.org/patch-4.5.1-2 ######################################################## # Build fixes that apply to the vanilla kernel too. @@ -159,6 +161,7 @@ +needs_update patches.arch/arm64-0004-net-xgbe-Add-A0-silicon-support.patch patches.arch/arm64-0006-arm64-Select-reboot-driver-for-X-Gene-platform.patch patches.arch/arm64-0010-KVM-ARM-Hack-to-enable-VGIC-mapping-on-64k-PAGE_SIZE.patch + patches.arch/arm64-kvm-fix-hrtimer.patch ######################################################## # S/390 @@ -200,6 +203,8 @@ patches.arch/acpi_thermal_passive_blacklist.patch + patches.arch/ACPI-processor-Request-native-thermal-interrupt-hand + ######################################################## # CPUFREQ ######################################################## @@ -207,7 +212,6 @@ ## cpuidle perf events cleanups and related patches.arch/perf_timechart_fix_zero_timestamps.patch - patches.arch/intel_idle-prevent-SKL-H-boot-failure-when-C8-C9-C10 ######################################################## # AGP, graphics related stuff @@ -222,7 +226,15 @@ ######################################################## # Networking, IPv6 ######################################################## - patches.fixes/net-irda-Fix-use-after-free-in-irtty_open.patch + + ######################################################## + # Netfilter + ######################################################## + patches.suse/netfilter-ip_conntrack_slp.patch + patches.fixes/netfilter-x_tables-check-for-size-overflow.patch + patches.fixes/netfilter-x_tables-validate-e-target_offset-early.patch + patches.fixes/netfilter-x_tables-make-sure-e-next_offset-covers-re.patch + patches.fixes/netfilter-x_tables-fix-unconditional-helper.patch ######################################################## # NFS @@ -288,12 +300,6 @@ ######################################################## ######################################################## - # Netfilter - ######################################################## - - patches.suse/netfilter-ip_conntrack_slp.patch - - ######################################################## # # Device drivers # @@ -361,6 +367,7 @@ # USB ######################################################## + ######################################################## # I2C ######################################################## @@ -374,14 +381,6 @@ ########################################################## # Sound ########################################################## - patches.drivers/ALSA-usb-audio-Fix-NULL-dereference-in-create_fixed - patches.drivers/ALSA-usb-audio-Add-sanity-checks-for-endpoint-access - patches.drivers/ALSA-hda-Fix-unexpected-resume-through-regmap-code-p - patches.drivers/ALSA-hda-Don-t-handle-ELD-notify-from-invalid-port - patches.drivers/ALSA-hda-Limit-i915-HDMI-binding-only-for-HSW-and-la - patches.drivers/ALSA-hda-Really-restrict-i915-notifier-to-HSW - patches.drivers/ALSA-hda-Fix-forgotten-HDMI-monitor_present-update - patches.drivers/ALSA-hda-Fix-spurious-kernel-WARNING-on-Baytrail-HDM ######################################################## # Char / serial ++++++ source-timestamp ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:53.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:53.000000000 +0200 @@ -1,3 +1,3 @@ -2016-03-28 09:27:57 +0200 -GIT Revision: 8cf0ce6b84d58647e9ee955bc81db84023542f5f +2016-04-21 11:07:52 +0200 +GIT Revision: 0454a6e065527b6fcfa81eaf5c22e5cf02755002 GIT Branch: stable ++++++ split-modules ++++++ --- /var/tmp/diff_new_pack.e0T37a/_old 2016-04-28 16:52:53.000000000 +0200 +++ /var/tmp/diff_new_pack.e0T37a/_new 2016-04-28 16:52:53.000000000 +0200 @@ -19,7 +19,7 @@ exit 1 fi eval set -- "$options" -opt_base= +opt_builddir= opt_out=. opt_dir=. opt_ignore_errors=false @@ -34,7 +34,7 @@ esac case "$opt" in -b) - opt_base=$arg ;; + opt_builddir=$arg ;; -d) opt_dir=$arg ;; -o) @@ -50,7 +50,7 @@ exit 1 esac done -if test -z "$opt_base"; then +if test -z "$opt_builddir"; then usage >&2 exit 1 fi @@ -110,15 +110,26 @@ } # base -sed 'y/-/_/' <"$opt_base" | add_dependent_modules >"$tmp/base" +sed 'y/-/_/' <"$opt_builddir/Module.base" | add_dependent_modules >"$tmp/base" join -j 1 -o 2.2 "$tmp/base" "$tmp/all" >"$opt_out/base-modules" +# kmps +for f in "$opt_builddir"/Module.*-kmp; do + kmp=${f##*/Module.} + sed 'y/-/_/' <"$f" >"$tmp/$kmp" + join -j 1 -o 2.2 "$tmp/$kmp" "$tmp/all" >"$opt_out/$kmp-modules" + cat "$tmp/$kmp" +done | sort -u >"$tmp/kmp-all" +join -v1 "$tmp/supp" "$tmp/kmp-all" >"$tmp/supp-main" + # main -add_dependent_modules "$tmp/supp-explain" <"$tmp/supp" >"$tmp/supp-all" -if ! cmp -s "$tmp/supp" "$tmp/supp-all"; then +add_dependent_modules "$tmp/supp-explain" <"$tmp/supp-main" >"$tmp/supp-all" +if ! cmp -s "$tmp/supp-main" "$tmp/supp-all"; then + # FIXME: Error message not accurate if a supported KMP module is + # needed by a module in the main package echo "The following unsupported modules are used by supported modules:" >&2 join -j1 -a2 <(sort "$tmp/supp-explain") \ - <(join -v2 "$tmp/supp" "$tmp/supp-all") >&2 + <(join -v2 "$tmp/supp-main" "$tmp/supp-all") >&2 echo "Please fix supported.conf." >&2 if ! $opt_ignore_errors; then exit 1 @@ -127,7 +138,7 @@ join -j 1 -o 2.2 "$tmp/supp-all" "$tmp/all" >"$opt_out/main-modules" # unsupported -join -j 1 -v 2 -o 2.2 "$tmp/supp-all" "$tmp/all" >"$opt_out/unsupported-modules" +join -j 1 -v 2 -o 2.2 <(sort -u "$tmp/supp-all" "$tmp/kmp-all") "$tmp/all" >"$opt_out/unsupported-modules" exit 0

1 0

commit libreoffice for openSUSE:Factory
by root＠hilbert.suse.de 28 Apr '16

28 Apr '16

Hello community, here is the log from the commit of package libreoffice for openSUSE:Factory checked in at 2016-04-28 16:52:21 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libreoffice (Old) and /work/SRC/openSUSE:Factory/.libreoffice.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libreoffice" Changes: -------- --- /work/SRC/openSUSE:Factory/libreoffice/libreoffice.changes 2016-04-11 09:11:17.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.libreoffice.new/libreoffice.changes 2016-04-28 16:52:28.000000000 +0200 @@ -1,0 +2,17 @@ +Tue Apr 26 09:46:38 UTC 2016 - andras.timar(a)collabora.com + +- Version update to 5.1.3.1: + * Various small bugfixes all around 5.1 series + +------------------------------------------------------------------- +Tue Apr 26 09:10:05 UTC 2016 - andras.timar(a)collabora.com + +- fix bnc#856729 - LO-L3: Double borders in Calc + * bnc856729.patch + +------------------------------------------------------------------- +Sat Apr 23 07:09:45 UTC 2016 - dmueller(a)suse.com + +- update constraints file for aarch64 + +------------------------------------------------------------------- @@ -454,0 +472,5 @@ + +------------------------------------------------------------------- +Wed May 6 16:54:47 UTC 2015 - dmueller(a)suse.com + +- enable aarch64 build Old: ---- libreoffice-5.1.2.2.tar.xz libreoffice-help-5.1.2.2.tar.xz libreoffice-translations-5.1.2.2.tar.xz New: ---- bnc856729.patch libreoffice-5.1.3.1.tar.xz libreoffice-help-5.1.3.1.tar.xz libreoffice-translations-5.1.3.1.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libreoffice.spec ++++++ --- /var/tmp/diff_new_pack.vew8ct/_old 2016-04-28 16:52:44.000000000 +0200 +++ /var/tmp/diff_new_pack.vew8ct/_new 2016-04-28 16:52:44.000000000 +0200 @@ -22,7 +22,7 @@ %define numbertext_version 0.9.5 # Urls %define external_url http://dev-www.libreoffice.org/src/ -%define tarball_url http://download.documentfoundation.org/libreoffice/src/5.1.2 +%define tarball_url http://download.documentfoundation.org/libreoffice/src/5.1.3 # Old Make and bundle or not %if 0%{?suse_version} > 1230 %bcond_with oldmake @@ -64,7 +64,7 @@ %endif # This is used due to the need for beta releases Name: libreoffice -Version: 5.1.2.2 +Version: 5.1.3.1 Release: 0 Summary: A Free Office Suite (Framework) License: Apache-2.0 and Artistic-1.0 and BSD-3-Clause and BSD-4-Clause and GPL-2.0+ and LPPL-1.3c and LGPL-2.1+ and LGPL-3.0 and MPL-1.1 and MIT and SUSE-Public-Domain and W3C @@ -178,6 +178,8 @@ Patch15: 0003-boost-filesystem2.patch # PATCH-HOTFIX-UPSTREAM: disable test that rounds wrongly on most archs Patch16: libreoffice-hotfix-disablebrokenshapetest.patch +# bnc#856729 - LO-L3: fix double borders in Calc +Patch17: bnc856729.patch # try to save space by using hardlinks Patch990: install-with-hardlinks.diff BuildRequires: %{name}-share-linker @@ -262,7 +264,7 @@ Provides: %{name}-icon-theme-crystal = %{version} Obsoletes: %{name}-icon-theme-crystal < %{version} BuildRoot: %{_tmppath}/%{name}-%{version}-build -ExclusiveArch: %arm %ix86 x86_64 ppc ppc64 +ExclusiveArch: %arm aarch64 %ix86 x86_64 ppc ppc64 %if %{with kdeintegration} BuildRequires: libkde4-devel %endif @@ -350,7 +352,7 @@ %ifarch %ix86 Recommends: jre-32 >= 1.6 %endif -%ifarch x86_64 +%ifarch x86_64 aarch64 ppc64 Recommends: jre-64 >= 1.6 %endif %ifarch ppc @@ -773,7 +775,7 @@ Requires: jre-32 > 1.5 Recommends: jre-32 >= 1.6 %endif -%ifarch x86_64 +%ifarch x86_64 aarch64 ppc64 Requires: jre-64 > 1.5 Recommends: jre-64 >= 1.6 %endif @@ -796,7 +798,7 @@ Requires: jre-32 > 1.5 Recommends: jre-32 >= 1.6 %endif -%ifarch x86_64 +%ifarch x86_64 aarch64 ppc64 Requires: jre-64 > 1.5 Recommends: jre-64 >= 1.6 %endif @@ -1073,6 +1075,7 @@ %patch14 -p1 %patch15 -p1 %patch16 -p1 +%patch17 -p1 %patch990 -p1 # 256x256 icons tar -xjf %{SOURCE20} ++++++ _constraints ++++++ --- /var/tmp/diff_new_pack.vew8ct/_old 2016-04-28 16:52:44.000000000 +0200 +++ /var/tmp/diff_new_pack.vew8ct/_new 2016-04-28 16:52:44.000000000 +0200 @@ -1,10 +1,32 @@ <constraints> - <hardware> - <physicalmemory> - <size unit="M">6000</size> - </physicalmemory> - <disk> - <size unit="G">30</size> - </disk> - </hardware> + + <overwrite> + <conditions> + <arch>aarch64</arch> + </conditions> + <hardware> + <physicalmemory> + <size unit="M">2000</size> + </physicalmemory> + <disk> + <size unit="G">40</size> + </disk> + </hardware> + </overwrite> + + <overwrite> + <conditions> + <arch>i586</arch> + <arch>x86_64</arch> + <arch>ppc64</arch> + </conditions> + <hardware> + <physicalmemory> + <size unit="M">4000</size> + </physicalmemory> + <disk> + <size unit="G">40</size> + </disk> + </hardware> + </overwrite> </constraints> ++++++ bnc856729.patch ++++++ >From a5928a57a53df84cacd2975e227f9e03d50456a6 Mon Sep 17 00:00:00 2001 From: Miklos Vajna <vmiklos(a)collabora.co.uk> Date: Fri, 15 Apr 2016 15:46:06 +0200 Subject: [PATCH] tdf#99315 VclPixelProcessor2D: fix double border line width Regression from commit 2c91cb08d65cd35fa8ef6eaca3677aa82fb58cbe (better drawing support for borders of different width, fdo#33634, 2012-04-04), the problem is that previously the width of inner/outer double border lines got rounded to integer values quite early, but after the commit they are kept at a double precision for much longer, which needs pixel correction in VclPixelProcessor2D. Example: if the border with is 1.47, and the line gets moved by 0.2 pixels, then the inner and outer edge of the line will be 0.2 and 1.67, which gets rounded to 0 -> 2 in the pixel processor. Previously the input was rounded to 1, so moving by 0.2 resulted in 0.2 -> 1.2, which got rounded to 0 -> 1. The result is that sometimes the line width is 1 pixel wider than expected. Fix the problem by allowing VclPixelProcessor2D to request pixel correction from BorderLinePrimitive2D. It wouldn't be possible to do pixel correction only in VclPixelProcessor2D, as it has no idea what to correct: it only gets polygons, so it has no idea if e.g. the top of a polygon is the outer edge of a top border line or an inner edge of a bottom border line. Conflicts: drawinglayer/source/primitive2d/borderlineprimitive2d.cxx (cherry picked from commits 1ee570a4e625719f8bf270d372926c0d829ae6f0, 555c9add26e06030402c73f885de98f4b96826f0, 304f50684d3ac08e973fd27e6acf3e821394d164, 422f10c5d7ebe6f4b778636c9c1eb6dbdf708a27, ce12a5021a080cc1781e0e0256af5e0085e11ef2 and cac70559013e575009657aa3c5168b88b1f14691) Change-Id: I1971f3a952fbcdc598ab46c659e12d976c13cbe6 Reviewed-on: https://gerrit.libreoffice.org/24238 Tested-by: Jenkins <ci(a)libreoffice.org> Reviewed-by: Eike Rathke <erack(a)redhat.com> Tested-by: Eike Rathke <erack(a)redhat.com> --- drawinglayer/CppunitTest_drawinglayer_border.mk | 52 +++++++ drawinglayer/Module_drawinglayer.mk | 4 + drawinglayer/qa/unit/border.cxx | 150 +++++++++++++++++++++ .../source/primitive2d/borderlineprimitive2d.cxx | 28 +++- .../source/processor2d/vclpixelprocessor2d.cxx | 7 +- .../primitive2d/borderlineprimitive2d.hxx | 2 + 6 files changed, 239 insertions(+), 4 deletions(-) create mode 100644 drawinglayer/CppunitTest_drawinglayer_border.mk create mode 100644 drawinglayer/qa/unit/border.cxx diff --git a/drawinglayer/source/primitive2d/borderlineprimitive2d.cxx b/drawinglayer/source/primitive2d/borderlineprimitive2d.cxx index 30e656d..30e7dcb 100644 --- a/drawinglayer/source/primitive2d/borderlineprimitive2d.cxx +++ b/drawinglayer/source/primitive2d/borderlineprimitive2d.cxx @@ -28,6 +28,17 @@ #include <numeric> #include <algorithm> +#if defined(ANDROID) +namespace std +{ +template<typename T> +T round(T x) +{ + return ::round(x); +} +} +#endif + namespace drawinglayer { namespace { @@ -63,7 +74,7 @@ primitive2d::Primitive2DReference makeSolidLinePrimitive( const basegfx::B2DVector& rVector, const basegfx::BColor& rColor, double fLineWidth, double fGap) { const basegfx::B2DVector aPerpendicular = basegfx::getPerpendicular(rVector); - const basegfx::B2DVector aLineWidthOffset = ((fLineWidth + 1.0) * 0.5) * aPerpendicular; + const basegfx::B2DVector aLineWidthOffset = (fLineWidth * 0.5) * aPerpendicular; basegfx::B2DPolygon aPolygon; aPolygon.append(rStart + aLineWidthOffset); @@ -163,6 +174,11 @@ primitive2d::Primitive2DReference makeSolidLinePrimitive( Primitive2DSequence BorderLinePrimitive2D::create2DDecomposition(const geometry::ViewInformation2D& rViewInformation) const { + return createDecomposition(rViewInformation, false); + } + + Primitive2DSequence BorderLinePrimitive2D::createDecomposition(const geometry::ViewInformation2D& rViewInformation, bool bPixelCorrection) const + { Primitive2DSequence xRetval; if(!getStart().equal(getEnd()) && ( isInsideUsed() || isOutsideUsed() ) ) @@ -199,8 +215,11 @@ primitive2d::Primitive2DReference makeSolidLinePrimitive( xRetval[0] = makeHairLinePrimitive( getStart(), getEnd(), aVector, getRGBColorLeft(), 0.0); else + { + double fWidth = bPixelCorrection ? std::round(fLeftWidth) : fLeftWidth; xRetval[0] = makeSolidLinePrimitive( - aClipRegion, aTmpStart, aTmpEnd, aVector, getRGBColorLeft(), fLeftWidth, -fLeftWidth/2.0); + aClipRegion, aTmpStart, aTmpEnd, aVector, getRGBColorLeft(), fWidth, -fLeftWidth/2.0); + } // "outside" line @@ -208,8 +227,11 @@ primitive2d::Primitive2DReference makeSolidLinePrimitive( xRetval[1] = makeHairLinePrimitive( getStart(), getEnd(), aVector, getRGBColorRight(), fLeftWidth+mfDistance); else + { + double fWidth = bPixelCorrection ? std::round(fRightWidth) : fRightWidth; xRetval[1] = makeSolidLinePrimitive( - aClipRegion, aTmpStart, aTmpEnd, aVector, getRGBColorRight(), fRightWidth, mfDistance+fRightWidth/2.0); + aClipRegion, aTmpStart, aTmpEnd, aVector, getRGBColorRight(), fWidth, mfDistance+fRightWidth/2.0); + } } else { diff --git a/drawinglayer/source/processor2d/vclpixelprocessor2d.cxx b/drawinglayer/source/processor2d/vclpixelprocessor2d.cxx index 8dcd74e..8398573 100644 --- a/drawinglayer/source/processor2d/vclpixelprocessor2d.cxx +++ b/drawinglayer/source/processor2d/vclpixelprocessor2d.cxx @@ -1232,7 +1232,12 @@ namespace drawinglayer static_cast<const drawinglayer::primitive2d::BorderLinePrimitive2D&>(rCandidate); if (!tryDrawBorderLinePrimitive2DDirect(rBorder)) - process(rCandidate.get2DDecomposition(getViewInformation2D())); + { + if (rBorder.getStyle() == table::BorderLineStyle::DOUBLE) + process(rBorder.createDecomposition(getViewInformation2D(), true)); + else + process(rCandidate.get2DDecomposition(getViewInformation2D())); + } mpOutputDevice->SetAntialiasing(nAntiAliasing); break; diff --git a/include/drawinglayer/primitive2d/borderlineprimitive2d.hxx b/include/drawinglayer/primitive2d/borderlineprimitive2d.hxx index 72e04d5..f152f2d 100644 --- a/include/drawinglayer/primitive2d/borderlineprimitive2d.hxx +++ b/include/drawinglayer/primitive2d/borderlineprimitive2d.hxx @@ -132,6 +132,8 @@ namespace drawinglayer bool hasGapColor( ) const { return mbHasGapColor; } short getStyle () const { return mnStyle; } double getPatternScale() const { return mfPatternScale; } + /// Same as create2DDecomposition(), but can do pixel correction if requested. + Primitive2DSequence createDecomposition(const geometry::ViewInformation2D& rViewInformation, bool bPixelCorrection) const; /// compare operator virtual bool operator==(const BasePrimitive2D& rPrimitive) const override; -- 2.6.6 ++++++ libreoffice-5.1.2.2.tar.xz -> libreoffice-5.1.3.1.tar.xz ++++++ /work/SRC/openSUSE:Factory/libreoffice/libreoffice-5.1.2.2.tar.xz /work/SRC/openSUSE:Factory/.libreoffice.new/libreoffice-5.1.3.1.tar.xz differ: char 25, line 1 ++++++ libreoffice-help-5.1.2.2.tar.xz -> libreoffice-help-5.1.3.1.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libreoffice-5.1.2.2/ChangeLog-helpcontent2 new/libreoffice-5.1.3.1/ChangeLog-helpcontent2 --- old/libreoffice-5.1.2.2/ChangeLog-helpcontent2 2016-03-29 18:00:09.000000000 +0200 +++ new/libreoffice-5.1.3.1/ChangeLog-helpcontent2 2016-04-20 01:55:45.000000000 +0200 @@ -1,14 +1,14 @@ -2016-03-29 Jan Iversen <jani(a)documentfoundation.org> [d015a3ceac681c257734620c0d5996940dad4c7d] +2016-04-20 Christian Lohmaier <lohmaier+LibreOffice(a)googlemail.com> [857050cca29aa33725e5193358a494f7934eb0ec] -Version 5.1.2.2, tag libreoffice-5.1.2.2 +Version 5.1.3.1, tag libreoffice-5.1.3.1 -Change-Id: I394c061e7d50f00d5eba93b3fec792d8319dea06 +Change-Id: Ib9b7873ebc06fa952754bc8931040734456d7b9b -2016-03-16 Jan Iversen <jani(a)documentfoundation.org> [5215695e5607db25f4ac1957395c27d00f63f409] +2016-04-20 Christian Lohmaier <lohmaier+LibreOffice(a)googlemail.com> [c996c20eb7664c7df7bf09fde6c2813aaf4fd481] -Branch libreoffice-5-1-2 +Branch libreoffice-5-1-3 -This is 'libreoffice-5-1-2' - the stable branch for the 5.1.2 release. +This is 'libreoffice-5-1-3' - the stable branch for the 5.1.3 release. Only very safe changes, reviewed by three people are allowed. If you want to commit more complicated fix for the next 5.1.x release, @@ -16,7 +16,15 @@ If you want to build something cool, unstable, and risky, use master. -Change-Id: I1191657ac2af2cd648ffc00fb90e768c2b6f3318 +Change-Id: Ie05ab5ff54d45ba6222a7d45a5b914fc40ddb922 + +2016-04-16 Christian Lohmaier <lohmaier+LibreOffice(a)googlemail.com> [0115dc3ebecd36362fc6a1082738a5c8506c2ba9] + +remove doubled + in switchinline + +via pootle-feedback + +Change-Id: I9fcee24ad480d35a42fbcea00e4881ebbfa968dd 2016-03-02 Adolfo Jayme Barrientos <fitojb(a)ubuntu.com> [32494e774e5e99a58ad49ce90d18c33264d0a00d] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libreoffice-5.1.2.2/helpcontent2/source/text/swriter/01/06030000.xhp new/libreoffice-5.1.3.1/helpcontent2/source/text/swriter/01/06030000.xhp --- old/libreoffice-5.1.2.2/helpcontent2/source/text/swriter/01/06030000.xhp 2016-03-29 17:38:47.000000000 +0200 +++ new/libreoffice-5.1.3.1/helpcontent2/source/text/swriter/01/06030000.xhp 2016-04-20 01:35:31.000000000 +0200 @@ -63,8 +63,7 @@ <paragraph role="note" id="par_id3154276" xml-lang="en-US" l10n="U" oldref="18">To disable the Hyphenation dialog and always hyphenate automatically, choose <emph><switchinline select="sys"><caseinline select="MAC">%PRODUCTNAME - Preferences</caseinline><defaultinline>Tools - Options</defaultinline></switchinline> - <link href="text/shared/optionen/01010400.xhp" name="Language Settings - Writing Aids">Language Settings - Writing Aids</link></emph>, and select the <emph>Hyphenate without inquiry</emph> check box.</paragraph> <paragraph role="paragraph" id="par_id3152950" xml-lang="en-US" l10n="U" oldref="17">To manually enter a hyphen directly in the document, click in the word where you want to add the hyphen, and then press <switchinline select="sys"><caseinline select="MAC">Command </caseinline><defaultinline>Ctrl</defaultinline></switchinline>+Minus sign (-).</paragraph> -<paragraph role="paragraph" id="par_id3147523" xml-lang="en-US" l10n="U" oldref="32">To insert a non-breaking (protected) hyphen directly in the document, click in the word that you want to hyphenate, and then press Shift+<switchinline select="sys"><caseinline select="MAC">Command -</caseinline><defaultinline>+Ctrl </defaultinline></switchinline>+Minus sign(-).</paragraph> +<paragraph role="paragraph" id="par_id3147523" xml-lang="en-US" l10n="U" oldref="32">To insert a non-breaking (protected) hyphen directly in the document, click in the word that you want to hyphenate, and then press Shift+<switchinline select="sys"><caseinline select="MAC">Command</caseinline><defaultinline>Ctrl</defaultinline></switchinline>+Minus sign(-).</paragraph> <paragraph role="paragraph" id="par_id3154573" xml-lang="en-US" l10n="U" oldref="33">To hide soft hyphens, choose <emph><switchinline select="sys"><caseinline select="MAC">%PRODUCTNAME - Preferences</caseinline><defaultinline>Tools - Options</defaultinline></switchinline> - <link href="text/shared/optionen/01040600.xhp" name="Text Document - Formatting Aids">%PRODUCTNAME Writer - Formatting Aids</link></emph>, and then clear the <emph>Custom hyphens</emph> check box.</paragraph> <paragraph role="heading" id="hd_id3150360" xml-lang="en-US" level="2" l10n="U" oldref="20">Word</paragraph> <bookmark xml-lang="en-US" branch="hid/cui/ui/hyphenate/worded" id="bm_id3155903" localize="false"/> ++++++ libreoffice-translations-5.1.2.2.tar.xz -> libreoffice-translations-5.1.3.1.tar.xz ++++++ /work/SRC/openSUSE:Factory/libreoffice/libreoffice-translations-5.1.2.2.tar.xz /work/SRC/openSUSE:Factory/.libreoffice.new/libreoffice-translations-5.1.3.1.tar.xz differ: char 25, line 1

1 0

commit libsoup for openSUSE:Factory
by root＠hilbert.suse.de 28 Apr '16

28 Apr '16

Hello community, here is the log from the commit of package libsoup for openSUSE:Factory checked in at 2016-04-28 16:52:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libsoup (Old) and /work/SRC/openSUSE:Factory/.libsoup.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libsoup" Changes: -------- --- /work/SRC/openSUSE:Factory/libsoup/libsoup.changes 2016-04-05 10:40:24.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.libsoup.new/libsoup.changes 2016-04-28 16:52:16.000000000 +0200 @@ -1,0 +2,21 @@ +Tue Apr 26 12:55:08 UTC 2016 - zaitor(a)opensuse.org + +- Update to version 2.54.1: + + Fixed an ABI break in 2.54.0 caused by adding a member to + SoupAuthClass; 2.54.1 is ABI-compatible with 2.53.92 and + earlier, but NOT with the anomalous 2.54.0. If you built + packages against 2.54.0, you will need to rebuild them against + 2.54.1. + + Fixed NTLM authentication when ntlm_auth from the latest + version of Samba is present (bgo#765106). + + Updates to MSVC build, including for GSS-API support. + + Updated translations. +- Drop libsoup-auth-ntlm-fix.patch: Fixed upstream. + +------------------------------------------------------------------- +Fri Apr 22 17:02:56 UTC 2016 - zaitor(a)opensuse.org + +- Add libsoup-auth-ntlm-fix.patch: Fix NTLM auth failure with + latest samba (bgo#765106, boo#976110). + +------------------------------------------------------------------- Old: ---- libsoup-2.54.0.1.tar.xz New: ---- libsoup-2.54.1.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libsoup.spec ++++++ --- /var/tmp/diff_new_pack.IBOb90/_old 2016-04-28 16:52:17.000000000 +0200 +++ /var/tmp/diff_new_pack.IBOb90/_new 2016-04-28 16:52:17.000000000 +0200 @@ -20,7 +20,7 @@ Summary: HTTP client/server library for GNOME License: LGPL-2.1+ Group: Development/Libraries/GNOME -Version: 2.54.0.1 +Version: 2.54.1 Release: 0 Url: http://www.gnome.org Source: http://download.gnome.org/sources/libsoup/2.54/%{name}-%{version}.tar.xz ++++++ libsoup-2.54.0.1.tar.xz -> libsoup-2.54.1.tar.xz ++++++ ++++ 2176 lines of diff (skipped)

1 0

commit phonon for openSUSE:Factory
by root＠hilbert.suse.de 28 Apr '16

28 Apr '16

Hello community, here is the log from the commit of package phonon for openSUSE:Factory checked in at 2016-04-28 16:52:09 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/phonon (Old) and /work/SRC/openSUSE:Factory/.phonon.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "phonon" Changes: -------- --- /work/SRC/openSUSE:Factory/phonon/phonon.changes 2014-10-25 08:32:25.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.phonon.new/phonon.changes 2016-04-28 16:52:10.000000000 +0200 @@ -1,0 +2,78 @@ +Sat Apr 23 10:46:46 UTC 2016 - wbauer(a)tmo.at + +- Remove now unused automoc4 BuildRequires + +------------------------------------------------------------------- +Fri Apr 22 23:55:42 UTC 2016 - wbauer(a)tmo.at + +- Update to 4.9.0: + * Changes + * Builsystem helpers are now installed to CMAKE_INSTALL_DATAROOTDIR + * CMake 2.8.9 is required to use GNUInstallDirs and for the Qt5 + code branches + * automoc4 support was removed. Building always use the cmake + built-in solution now. + * Qt5 and Qt4 builds use different CMake configurations now + Qt4 is as it always has been + * Qt5 moved away from crudely ported Qt4 configurations to using + extra-cmake-modules' KDE compiler and cmake flags. + * Installation paths and so forth are still jointly configured as + to retain backwards compatibility (i.e. Qt5 build does not + follow ECM's KDEInstallationPaths) + * Bug Fixes + * VolumeSlider has seen async behavior improvements making the + slider not hop around when changing the volume rapidly and + the backend is lagging a bit behind. + * The volume change now occurs upon slider release rather + than instantly. + * Fixed a duble encoding issue with local paths that contain + percent encoded characters being double-encoded [kde#356218] + * New API + * New AudioOutputInterface49 for backends to implement. This + interface implements long-existing frontend interfaces for + muting, giving the backend easier access and control. + * setMuted(bool) mutes an AudioOuput (without the 4.9 + interface this is done via setVolume(0.0) on the backend) + * mutedChanged(bool) signal emitted by the backend to + asyncronuously notify of the mute application + * The interface is only used if PulseSupport is not + intercepting calls + * New methods to differntiate states of PulseSupport + * request(bool) is used by backends to request PulseAudio + usage but no interception, this essentially enables device + listing but lets everything else fall through to the backend + (the existing isActive() method will not return true after + request(true), which makes it different from enable(true)) + * isRequested() is a getter for request()'s state + * isUsable() is part of the previouys isActive() behavior, + it is true iff pulseaudio can be used + (daemon running, connected etc) + * isUsed() is a combination of isRequested() and isUsable() + (i.e. active but not intercepting) + * The existing isActive() communicates the same state as + before (active and intercepting) but now also takes + requested into consideration + * Enabling always implies requsting automatically, so + request(false) and enable(true) will ultimately still + restul in isRequested==true +- Update to 4.8.3: + * Set target interface include install dir + * Do not assume we have a backend when setting an output device, + kde#341296 + +------------------------------------------------------------------- +Wed Nov 5 22:48:14 UTC 2014 - hrvoje.senjan(a)gmail.com + +- Update to 4.8.2: + * Revised the logic used by PulseSupport to come up with an icon + name for PulseAudio. If the application has + QApplication::windowIcon set with an QIcon constructed through + QIcon::fromTheme(string) the actual icon name will be used. + Otherwise the lower-case version of + QCoreApplication::applicationName is used. + * Fixed building with the compiler clang by reverting + a previously introduced workaround. +- Drop phonon obsoletes/provides, it was last used in openSUSE 11.4 +- Move DBus interface file into devel package, it's unused at runtime + +------------------------------------------------------------------- Old: ---- phonon-4.8.1.tar.xz New: ---- phonon-4.9.0.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ phonon.spec ++++++ --- /var/tmp/diff_new_pack.B4ILtX/_old 2016-04-28 16:52:11.000000000 +0200 +++ /var/tmp/diff_new_pack.B4ILtX/_new 2016-04-28 16:52:11.000000000 +0200 @@ -17,7 +17,7 @@ Name: phonon -Version: 4.8.1 +Version: 4.9.0 Release: 0 Summary: Multimedia Platform Abstraction License: LGPL-2.0+ @@ -25,7 +25,6 @@ Url: http://phonon.kde.org/ Source: http://download.kde.org/stable/%{name}/%{version}/%{name}-%{version}.tar.xz Source1: baselibs.conf -BuildRequires: automoc4 BuildRequires: cmake BuildRequires: fdupes BuildRequires: kde4-filesystem @@ -56,8 +55,6 @@ Summary: Phonon Multimedia Platform Abstraction Group: System/Libraries Recommends: phonon-backend -Provides: %{name} = %{version} -Obsoletes: %{name} <= %{version} %requires_ge libqt4-x11 %description -n libphonon4 @@ -74,8 +71,7 @@ %make_jobs %install - cd build - %kde4_makeinstall + %kde4_makeinstall -C build install -d -m 0755 %{buildroot}%{_libdir}/kde4/plugins install -d -m 0755 %{buildroot}%{_libdir}/kde4/plugins/phonon_backend %fdupes %{buildroot}%{_includedir} @@ -90,7 +86,6 @@ %{_libdir}/libphononexperimental.so.* %dir %{_libdir}/kde4/plugins %dir %{_libdir}/kde4/plugins/phonon_backend -%{_datadir}/dbus-1/interfaces/org.kde.Phonon.AudioOutput.xml %files devel %defattr(-,root,root) @@ -103,5 +98,6 @@ %{_libdir}/cmake/phonon/ %{_libdir}/pkgconfig/phonon.pc %{_libdir}/qt4/plugins/designer/libphononwidgets.so +%{_datadir}/dbus-1/interfaces/org.kde.Phonon.AudioOutput.xml %changelog ++++++ phonon-4.8.1.tar.xz -> phonon-4.9.0.tar.xz ++++++ ++++ 2229 lines of diff (skipped)

1 0

commit doxygen for openSUSE:Factory
by root＠hilbert.suse.de 28 Apr '16

28 Apr '16

Hello community, here is the log from the commit of package doxygen for openSUSE:Factory checked in at 2016-04-28 16:52:02 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/doxygen (Old) and /work/SRC/openSUSE:Factory/.doxygen.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "doxygen" Changes: -------- --- /work/SRC/openSUSE:Factory/doxygen/doxygen-doc.changes 2016-01-08 15:22:08.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.doxygen.new/doxygen-doc.changes 2016-04-28 16:52:03.000000000 +0200 @@ -1,0 +2,5 @@ +Mon Apr 25 07:29:18 UTC 2016 - pgajdos(a)suse.com + +- fix build: added texlive-wasy2-ps to buildrequires + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/doxygen/doxygen.changes 2016-03-01 09:36:10.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.doxygen.new/doxygen.changes 2016-04-28 16:52:03.000000000 +0200 @@ -1,0 +2,5 @@ +Thu Apr 21 12:43:38 UTC 2016 - normand(a)linux.vnet.ibm.com + +- same work around ppc64 as already done for ppc64le [boo#921577] + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ doxygen-doc.spec ++++++ --- /var/tmp/diff_new_pack.zFOsH0/_old 2016-04-28 16:52:04.000000000 +0200 +++ /var/tmp/diff_new_pack.zFOsH0/_new 2016-04-28 16:52:04.000000000 +0200 @@ -61,6 +61,7 @@ BuildRequires: texlive-times BuildRequires: texlive-tocloft BuildRequires: texlive-wasy +BuildRequires: texlive-wasy2-ps BuildRequires: texlive-wasysym BuildRequires: texlive-xtab BuildRoot: %{_tmppath}/%{name}-%{version}-build ++++++ doxygen.spec ++++++ --- /var/tmp/diff_new_pack.zFOsH0/_old 2016-04-28 16:52:04.000000000 +0200 +++ /var/tmp/diff_new_pack.zFOsH0/_new 2016-04-28 16:52:04.000000000 +0200 @@ -30,7 +30,7 @@ Patch1: %{name}-no-lowercase-man-names.patch # PATCH-FIX-UPSTREAM: add missing returns to non-void functions Patch3: vhdlparser-no-return.patch -# suse specific, for ppc64le, workaround for bnc#921577 +# suse specific, for ppc64le ppc64, workaround for bnc#921577 Patch4: doxygen-dot-one-thread.patch BuildRequires: bison BuildRequires: cmake >= 2.8.12 @@ -53,7 +53,7 @@ %patch0 %patch1 -p1 %patch3 -p1 -%ifarch ppc64le +%ifarch ppc64le ppc64 %patch4 -p1 %endif

1 0

commit apparmor for openSUSE:Factory
by root＠hilbert.suse.de 28 Apr '16

28 Apr '16

Hello community, here is the log from the commit of package apparmor for openSUSE:Factory checked in at 2016-04-28 16:51:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/apparmor (Old) and /work/SRC/openSUSE:Factory/.apparmor.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "apparmor" Changes: -------- --- /work/SRC/openSUSE:Factory/apparmor/apparmor.changes 2015-10-17 16:38:04.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.apparmor.new/apparmor.changes 2016-04-28 16:51:58.000000000 +0200 @@ -1,0 +2,30 @@ +Fri Apr 22 20:49:24 UTC 2016 - suse-beta(a)cboltz.de + +- update to AppArmor 2.10.1 (2.10 branch r3326): + - fix incorrect output of child profile names (apparmor_parser -N) which + caused 'rcapparmor reload' to remove child profiles and hats (lp#1551950) + - fix a crash in aa-logprof / logparser.py for change_hat log events + (lp#1523297) and log events that look like file events, but aren't + (lp#1540562, lp#1525119, lp#1466812) + - write unix rules when saving a profile (lp#1522938, boo#954104#c3) + - several fixes for variable handling in aa-logprof + - map c (create) log events to w instead of a + - add python to the "no Px rule" list in logprof.conf + - let aa-logprof check for duplicate profiles + - let aa-status work without the apparmor.fail python module (boo#971917, + lp#1480492) + - add permissions in several profiles (including boo#948584, boo#948753, + boo#954959, boo#954958, boo#971790, boo#964971, boo#921098, boo#923201 and + boo#921098#c15). + - and many more fixes, see the full changelog at + http://wiki.apparmor.net/index.php/ReleaseNotes_2_10_1 +- drop upstream(ed) patches: + - fix-initscript-aa_log_end_msg.diff + - syslog-ng-profile-boo948584.diff + - upstream-profile-updates-r3205-3241.diff +- refresh patches: + - apparmor-abstractions-no-multiline.diff + - apparmor-samba-include-permissions-for-shares.diff +- drop libapparmor autogen.sh call (broke the build) and remove libtool BR + +------------------------------------------------------------------- Old: ---- apparmor-2.10.tar.gz apparmor-2.10.tar.gz.asc fix-initscript-aa_log_end_msg.diff syslog-ng-profile-boo948584.diff upstream-profile-updates-r3205-3241.diff New: ---- apparmor-2.10.1.tar.gz apparmor-2.10.1.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ apparmor.spec ++++++ --- /var/tmp/diff_new_pack.nNodXj/_old 2016-04-28 16:51:59.000000000 +0200 +++ /var/tmp/diff_new_pack.nNodXj/_new 2016-04-28 16:51:59.000000000 +0200 @@ -1,8 +1,8 @@ # # spec file for package apparmor # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. -# Copyright (c) 2011-2015 Christian Boltz +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2011-2016 Christian Boltz # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -60,7 +60,7 @@ %if ! %{?distro:1}0 %define distro suse %endif -Version: 2.10 +Version: 2.10.1 Release: 0 Summary: AppArmor userlevel parser utility License: GPL-2.0+ @@ -92,15 +92,6 @@ # bug 906858 - confine lessopen.sh (submitted upstream 2014-12-21) Patch7: apparmor-lessopen-profile.patch -# boo#862170 - fix ugly initscript output (commited upstream trunk r3208) -Patch8: fix-initscript-aa_log_end_msg.diff - -# additional syslog-ng permissions (submitted upstream 2015-10-07) (boo#948584, boo#948753) -Patch9: syslog-ng-profile-boo948584.diff - -# several profile updates taken from upstream bzr trunk r3205..3241 -Patch10: upstream-profile-updates-r3205-3241.diff - Url: https://launchpad.net/apparmor PreReq: sed BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -113,7 +104,6 @@ BuildRequires: flex BuildRequires: gcc-c++ BuildRequires: latex2html -BuildRequires: libtool BuildRequires: pcre-devel BuildRequires: pkg-config BuildRequires: python @@ -449,9 +439,6 @@ %patch6 %patch7 -p1 -%patch8 -%patch9 -%patch10 # search for left-over multiline rules test -z "$(grep -r '^\s*$unix\|dbus$[^,]$([^)]*)$*[^,]*$' profiles/apparmor.d/)" @@ -472,7 +459,6 @@ # libapparmor: ( cd ./libraries/libapparmor - sh ./autogen.sh %configure \ %if %{with perl} --with-perl \ ++++++ apparmor-2.10.tar.gz -> apparmor-2.10.1.tar.gz ++++++ ++++ 38576 lines of diff (skipped) ++++++ apparmor-abstractions-no-multiline.diff ++++++ --- /var/tmp/diff_new_pack.nNodXj/_old 2016-04-28 16:52:00.000000000 +0200 +++ /var/tmp/diff_new_pack.nNodXj/_new 2016-04-28 16:52:00.000000000 +0200 @@ -1,16 +1,20 @@ === modified file 'profiles/apparmor.d/abstractions/X' Index: profiles/apparmor.d/abstractions/X =================================================================== ---- profiles/apparmor.d/abstractions/X.orig 2014-10-18 13:11:18.498652324 +0200 -+++ profiles/apparmor.d/abstractions/X 2014-10-18 13:11:31.097494817 +0200 -@@ -24,9 +24,7 @@ +--- profiles/apparmor.d/abstractions/X.orig 2016-04-22 22:35:12.416535187 +0200 ++++ profiles/apparmor.d/abstractions/X 2016-04-22 22:35:46.556500929 +0200 +@@ -24,12 +24,8 @@ # the unix socket to use to connect to the display /tmp/.X11-unix/* w, - unix (connect, receive, send) - type=stream - peer=(addr="@/tmp/.X11-unix/X[0-9]*"), +- unix (connect, receive, send) +- type=stream +- peer=(addr="@/tmp/.ICE-unix/[0-9]*"), + unix (connect, receive, send) type=stream peer=(addr="@/tmp/.X11-unix/X[0-9]*"), ++ unix (connect, receive, send) type=stream peer=(addr="@/tmp/.ICE-unix/[0-9]*"), /usr/include/X11/ r, /usr/include/X11/** r, ++++++ apparmor-samba-include-permissions-for-shares.diff ++++++ --- /var/tmp/diff_new_pack.nNodXj/_old 2016-04-28 16:52:00.000000000 +0200 +++ /var/tmp/diff_new_pack.nNodXj/_new 2016-04-28 16:52:00.000000000 +0200 @@ -20,7 +20,7 @@ === modified file 'profiles/apparmor.d/usr.sbin.smbd' --- profiles/apparmor.d/usr.sbin.smbd 2011-08-27 18:50:42 +0000 +++ profiles/apparmor.d/usr.sbin.smbd 2011-10-19 09:37:04 +0000 -@@ -46,6 +46,10 @@ +@@ -47,6 +47,10 @@ @{HOMEDIRS}/** lrwk,

1 0

commit phonon-backend-gstreamer for openSUSE:Factory
by root＠hilbert.suse.de 28 Apr '16

28 Apr '16

Hello community, here is the log from the commit of package phonon-backend-gstreamer for openSUSE:Factory checked in at 2016-04-28 16:51:51 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/phonon-backend-gstreamer (Old) and /work/SRC/openSUSE:Factory/.phonon-backend-gstreamer.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "phonon-backend-gstreamer" Changes: -------- --- /work/SRC/openSUSE:Factory/phonon-backend-gstreamer/phonon-backend-gstreamer.changes 2015-11-24 22:29:35.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.phonon-backend-gstreamer.new/phonon-backend-gstreamer.changes 2016-04-28 16:51:53.000000000 +0200 @@ -1,0 +2,12 @@ +Sat Apr 23 10:55:29 UTC 2016 - wbauer(a)tmo.at + +- Remove now unused automoc4 BuildRequires + +------------------------------------------------------------------- +Sat Apr 23 00:04:47 UTC 2016 - wbauer(a)tmo.at + +- Update to 4.9.0 + * No changelog provided +- Drop upstreamed Fix-finding-recent-versions-of-GStreamer.patch + +------------------------------------------------------------------- Old: ---- Fix-finding-recent-versions-of-GStreamer.patch phonon-backend-gstreamer-4.8.2.tar.xz New: ---- phonon-backend-gstreamer-4.9.0.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ phonon-backend-gstreamer.spec ++++++ --- /var/tmp/diff_new_pack.gph6Wl/_old 2016-04-28 16:51:54.000000000 +0200 +++ /var/tmp/diff_new_pack.gph6Wl/_new 2016-04-28 16:51:54.000000000 +0200 @@ -18,16 +18,13 @@ %define _phonon_version 4.6.50 Name: phonon-backend-gstreamer -Version: 4.8.2 +Version: 4.9.0 Release: 0 Summary: Phonon Multimedia Platform Abstraction License: LGPL-2.1 or LGPL-3.0 Group: System/GUI/KDE Url: http://phonon.kde.org/ -Source: http://download.kde.org/stable/phonon/%{name}/%{version}/src/%{name}-%{vers… -# PATCH-FIX-UPSTREAM Fix-finding-recent-versions-of-GStreamer.patch -Patch0: Fix-finding-recent-versions-of-GStreamer.patch -BuildRequires: automoc4 +Source: http://download.kde.org/stable/phonon/%{name}/%{version}/%{name}-%{version}… BuildRequires: cmake BuildRequires: fdupes BuildRequires: kde4-filesystem @@ -52,8 +49,7 @@ This is the GStreamer backend for Phonon. %prep -%setup -q -%patch0 -p1 +%setup -q -n phonon-gstreamer-%{version} %build %cmake_kde4 -d build ++++++ phonon-backend-gstreamer-4.8.2.tar.xz -> phonon-backend-gstreamer-4.9.0.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/phonon-backend-gstreamer-4.8.2/.gitignore new/phonon-gstreamer-4.9.0/.gitignore --- old/phonon-backend-gstreamer-4.8.2/.gitignore 1970-01-01 01:00:00.000000000 +0100 +++ new/phonon-gstreamer-4.9.0/.gitignore 2016-04-18 06:25:19.000000000 +0200 @@ -0,0 +1,3 @@ +*.swp +build +build5 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/phonon-backend-gstreamer-4.8.2/.reviewboardrc new/phonon-gstreamer-4.9.0/.reviewboardrc --- old/phonon-backend-gstreamer-4.8.2/.reviewboardrc 1970-01-01 01:00:00.000000000 +0100 +++ new/phonon-gstreamer-4.9.0/.reviewboardrc 2016-04-18 06:25:19.000000000 +0200 @@ -0,0 +1,4 @@ +REVIEWBOARD_URL = "https://git.reviewboard.kde.org" +REPOSITORY = 'git://anongit.kde.org/phonon-gstreamer' +TARGET_GROUPS = 'phonon' +TARGET_PEOPLE = 'dvratil' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/phonon-backend-gstreamer-4.8.2/CMakeLists.txt new/phonon-gstreamer-4.9.0/CMakeLists.txt --- old/phonon-backend-gstreamer-4.8.2/CMakeLists.txt 2014-12-27 15:05:27.000000000 +0100 +++ new/phonon-gstreamer-4.9.0/CMakeLists.txt 2016-04-18 06:25:19.000000000 +0200 @@ -1,13 +1,13 @@ +cmake_minimum_required(VERSION 2.8.9) project(PhononGStreamer) -cmake_minimum_required(VERSION 2.8.6 FATAL_ERROR) option(USE_INSTALL_PLUGIN "Use GStreamer codec installation API" TRUE) set(CMAKE_MODULE_PATH "${CMAKE_CURRENT_SOURCE_DIR}/cmake") set(PHONON_GST_MAJOR_VERSION "4") -set(PHONON_GST_MINOR_VERSION "8") -set(PHONON_GST_PATCH_VERSION "2") +set(PHONON_GST_MINOR_VERSION "9") +set(PHONON_GST_PATCH_VERSION "0") set(PHONON_GST_VERSION "${PHONON_GST_MAJOR_VERSION}.${PHONON_GST_MINOR_VERSION}.${PHONON_GST_PATCH_VERSION}") add_definitions(-DPHONON_GST_VERSION="${PHONON_GST_VERSION}") @@ -23,6 +23,10 @@ find_package(Qt5OpenGL) macro_log_feature(Qt5OpenGL_FOUND "Qt5 OpenGL" "Qt5 OpenGL support is required to compile the gstreamer backend for Phonon" "" FALSE) set(QT_QTOPENGL_FOUND Qt5OpenGL_FOUND) + + set(REQUIRED_QT_VERSION 5.2.0) + macro_optional_find_package(Qt5X11Extras ${REQUIRED_QT_VERSION}) + macro_log_feature(Qt5X11Extras_FOUND "Qt5X11Extras" "Qt5X11Extras is needed for the x11renderer" "http://doc.qt.io/qt-5/qtx11extras-index.html" FALSE "${REQUIRED_QT_VERSION}") else () macro_log_feature(QT_QTOPENGL_FOUND "Qt4 OpenGL" "Qt4 OpenGL support is required to compile the gstreamer backend for Phonon" "" FALSE) endif() @@ -49,8 +53,6 @@ find_package(LibXml2 REQUIRED) macro_log_feature(LIBXML2_FOUND "LibXml2" "LibXml2 is required to compile the gstreamer backend for Phonon" "http://xmlsoft.org/downloads.html" TRUE) - - add_subdirectory(gstreamer) macro_display_feature_log() diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/phonon-backend-gstreamer-4.8.2/cmake/FindGStreamer.cmake new/phonon-gstreamer-4.9.0/cmake/FindGStreamer.cmake --- old/phonon-backend-gstreamer-4.8.2/cmake/FindGStreamer.cmake 2014-12-27 15:05:27.000000000 +0100 +++ new/phonon-gstreamer-4.9.0/cmake/FindGStreamer.cmake 2016-04-18 06:25:19.000000000 +0200 @@ -36,6 +36,27 @@ PATH_SUFFIXES gstreamer-1.0 ) +IF (NOT GSTREAMER_INCLUDE_DIR) + MESSAGE(STATUS "GStreamer: WARNING: include dir not found") +ENDIF (NOT GSTREAMER_INCLUDE_DIR) + +# Newer versions of GStreamer put gst-config.h under lib/gstreamer-1.0/include +FIND_PATH(GSTREAMER_CONF_INCLUDE_DIR gst/gstconfig.h + PATHS + ${PKG_GSTREAMER_INCLUDE_DIRS} + PATH_SUFFIXES gstreamer-1.0 gstreamer-1.0/include + ) + +IF (NOT GSTREAMER_CONF_INCLUDE_DIR) + MESSAGE(STATUS "GStreamer: WARNING: gstconfig.h not found") +ENDIF (NOT GSTREAMER_CONF_INCLUDE_DIR) + +IF (GSTREAMER_INCLUDE_DIR AND GSTREAMER_CONF_INCLUDE_DIR) + IF (NOT GSTREAMER_CONF_INCLUDE_DIR STREQUAL GSTREAMER_INCLUDE_DIR) + LIST(APPEND GSTREAMER_INCLUDE_DIR "${GSTREAMER_CONF_INCLUDE_DIR}") + ENDIF() +ENDIF (GSTREAMER_INCLUDE_DIR AND GSTREAMER_CONF_INCLUDE_DIR) + FIND_LIBRARY(GSTREAMER_LIBRARIES NAMES gstreamer-1.0 PATHS ${PKG_GSTREAMER_LIBRARY_DIRS} @@ -51,11 +72,6 @@ ${PKG_GSTREAMER_LIBRARY_DIRS} ) -IF (GSTREAMER_INCLUDE_DIR) -ELSE (GSTREAMER_INCLUDE_DIR) - MESSAGE(STATUS "GStreamer: WARNING: include dir not found") -ENDIF (GSTREAMER_INCLUDE_DIR) - IF (GSTREAMER_LIBRARIES) ELSE (GSTREAMER_LIBRARIES) MESSAGE(STATUS "GStreamer: WARNING: library not found") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/phonon-backend-gstreamer-4.8.2/gstreamer/CMakeLists.txt new/phonon-gstreamer-4.9.0/gstreamer/CMakeLists.txt --- old/phonon-backend-gstreamer-4.8.2/gstreamer/CMakeLists.txt 2014-12-27 15:05:27.000000000 +0100 +++ new/phonon-gstreamer-4.9.0/gstreamer/CMakeLists.txt 2016-04-18 06:25:19.000000000 +0200 @@ -88,18 +88,35 @@ list(APPEND phonon_gstreamer_SRCS glrenderer.cpp) endif () -if(NOT WIN32) +set(BUILD_X11RENDERER TRUE) +if (PHONON_BUILD_PHONON4QT5) + if (Qt5X11Extras_FOUND) + set(BUILD_X11RENDERER TRUE) + endif() +elseif (NOT WIN32) + set(BUILD_X11RENDERER TRUE) +endif() + +if (BUILD_X11RENDERER) set(phonon_gstreamer_SRCS ${phonon_gstreamer_SRCS} x11renderer.cpp) -endif(NOT WIN32) + add_definitions(-DBUILD_X11RENDERER) +endif() automoc4_add_library(phonon_gstreamer MODULE ${phonon_gstreamer_SRCS}) set_target_properties(phonon_gstreamer PROPERTIES PREFIX "" AUTOMOC_MOC_OPTIONS ${AUTOMOC_MOC_OPTIONS} ) + qt5_use_modules(phonon_gstreamer Core Widgets) + +if(Qt5X11Extras_FOUND) + qt5_use_modules(phonon_gstreamer X11Extras) + target_link_libraries(phonon_gstreamer Qt5::X11Extras) +endif(Qt5X11Extras_FOUND) + target_link_libraries(phonon_gstreamer ${PHONON_LIBRARY} ${GSTREAMER_LIBRARIES} ${GSTREAMER_BASE_LIBRARY} ${GSTREAMER_INTERFACE_LIBRARY} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/phonon-backend-gstreamer-4.8.2/gstreamer/devicemanager.cpp new/phonon-gstreamer-4.9.0/gstreamer/devicemanager.cpp --- old/phonon-backend-gstreamer-4.8.2/gstreamer/devicemanager.cpp 2014-12-27 15:05:27.000000000 +0100 +++ new/phonon-gstreamer-4.9.0/gstreamer/devicemanager.cpp 2016-04-18 06:25:19.000000000 +0200 @@ -32,6 +32,9 @@ #include <gst/gst.h> #include <QtCore/QSettings> +#if QT_VERSION > QT_VERSION_CHECK(5, 0, 0) && defined(BUILD_X11RENDERER) +#include <QtX11Extras/QX11Info> +#endif /* * This class manages the list of currently @@ -355,17 +358,23 @@ if (m_videoSinkWidget == "software") { return new WidgetRenderer(parent); } -#ifndef Q_WS_QWS - else if (m_videoSinkWidget == "xwindow") { - return new X11Renderer(parent); - } else { - GstElementFactory *srcfactory = gst_element_factory_find("ximagesink"); - if (srcfactory) { - gst_object_unref(srcfactory); +#if defined(BUILD_X11RENDERER) +#if QT_VERSION > QT_VERSION_CHECK(5, 0, 0) + else if (QX11Info::isPlatformX11()) { +#else + else { +#endif + if (m_videoSinkWidget == "xwindow") { return new X11Renderer(parent); + } else { + GstElementFactory *srcfactory = gst_element_factory_find("ximagesink"); + if (srcfactory) { + gst_object_unref(srcfactory); + return new X11Renderer(parent); + } } } -#endif +#endif // BUILD_X11RENDERER return new WidgetRenderer(parent); } #endif //QT_NO_PHONON_VIDEO diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/phonon-backend-gstreamer-4.8.2/gstreamer/gstreamer.desktop.cmake new/phonon-gstreamer-4.9.0/gstreamer/gstreamer.desktop.cmake --- old/phonon-backend-gstreamer-4.8.2/gstreamer/gstreamer.desktop.cmake 2014-12-27 15:05:27.000000000 +0100 +++ new/phonon-gstreamer-4.9.0/gstreamer/gstreamer.desktop.cmake 2016-04-18 06:25:19.000000000 +0200 @@ -10,6 +10,7 @@ InitialPreference=15 Name=GStreamer +Name[ast]=GStreamer Name[bg]=GStreamer Name[bs]=Gstreamer Name[ca]=GStreamer @@ -115,7 +116,7 @@ Comment[sr@latin]=GStreamer kao pozadina Phonona Comment[sv]=Phonon Gstreamer-gränssnitt Comment[th]=โปรแกรมเบื้องหลัง GStreamer ของ Phonon -Comment[tr]=Phonon GStreamer arkaucu +Comment[tr]=Phonon GStreamer arka ucu Comment[ug]=Phonon GStreamer نىڭ ئارقائۇچى Comment[uk]=Модуль використання GStreamer у Phonon Comment[x-test]=xxPhonon GStreamer backendxx

1 0

commit java-1_7_0-openjdk for openSUSE:Factory
by root＠hilbert.suse.de 28 Apr '16

28 Apr '16

Hello community, here is the log from the commit of package java-1_7_0-openjdk for openSUSE:Factory checked in at 2016-04-28 16:51:30 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/java-1_7_0-openjdk (Old) and /work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "java-1_7_0-openjdk" Changes: -------- --- /work/SRC/openSUSE:Factory/java-1_7_0-openjdk/java-1_7_0-openjdk-bootstrap.changes 2016-04-01 13:01:29.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/java-1_7_0-openjdk-bootstrap.changes 2016-04-28 16:51:32.000000000 +0200 @@ -1,0 +2,76 @@ +Fri Apr 22 09:28:27 UTC 2016 - fstrba(a)suse.com + +- Update to 2.6.6 - OpenJDK 7u101 (bsc#976340) + * Security fixes + - S8129952, CVE-2016-0686: Ensure thread consistency + - S8132051, CVE-2016-0687: Better byte behavior + - S8138593, CVE-2016-0695: Make DSA more fair + - S8139008: Better state table management + - S8143167, CVE-2016-3425: Better buffering of XML strings + - S8144430, CVE-2016-3427: Improve JMX connections + - S8146494: Better ligature substitution + - S8146498: Better device table adjustments + * Import of OpenJDK 7 u101 build 0 + - S4858370: JDWP: Memory Leak: GlobalRefs never deleted when + processing invokeMethod command + - S7127906: (launcher) convert the launcher regression tests to + java + - S8002116: This JdbReadTwiceTest.sh gets an exit 1 + - S8004007: test/sun/tools/jinfo/Basic.sh fails on when runSA is + set to true + - S8007890: [TESTBUG] JcmdWithNMTDisabled.java fails when + invoked with NMT explicitly turned on + - S8027705: com/sun/jdi/JdbMethodExitTest.sh fails when a + background thread is generating events. + - S8028537: PPC64: Updated the JDK regression tests to run on + AIX + - S8036132: Tab characters in test/com/sun/jdi files + - S8038963: com/sun/jdi tests fail because cygwin's ps sometimes + misses processes + - S8044419: TEST_BUG: com/sun/jdi/JdbReadTwiceTest.sh fails when + run under root + - S8059661: Test SoftReference and OOM behavior + - S8072753: Nondeterministic wrong answer on arithmetic + - S8073735: [TEST_BUG] compiler/loopopts/CountedLoopProblem.java + got OOME + - S8074146: [TEST_BUG] jdb has succeded to read an unreadable + file + - S8134297: NPE in GSSNameElement nameType check + - S8134650: Xsl transformation gives different results in 8u66 + - S8141229: [Parfait] Null pointer dereference in cmsstrcasecmp + of cmserr.c + - S8143002: [Parfait] JNI exception pending in fontpath.c:1300 + - S8146477: [TEST_BUG] ClientJSSEServerJSSE.java failing again + - S8146967: [TEST_BUG] javax/security/auth/SubjectDomainCombiner/Optimize.java + should use 4-args ProtectionDomain constructor + - S8147567: InterpreterRuntime::post_field_access not updated + for boolean in JDK-8132051 + - S8148446: (tz) Support tzdata2016a + - S8148475: Missing SA Bytecode updates. + - S8149170: Better byte behavior for native arguments + - S8149367: PolicyQualifierInfo/index_Ctor JCk test fails with + IOE: Invalid encoding for PolicyQualifierInfo + - S8150012: Better byte behavior for reflection + - S8150790: 8u75 L10n resource file translation update + - S8153673: [BACKOUT] JDWP: Memory Leak: GlobalRefs never + deleted when processing invokeMethod command + - S8154210: Zero: Better byte behaviour + * Bug fixes + - PR2889: OpenJDK should check for system cacerts database (e.g. + /etc/pki/java/cacerts) + - PR2929: configure: error: "A JDK home directory could not be + found." + - PR2935: Check that freetype defines + FT_CONFIG_OPTION_INFINALITY_PATCHSET if enabling infinality + - PR2938: Fix build of 8148487 backport + - PR2939: Remove rogue ReleaseStringUTFChars line remaining from + merge of 7u101 b00 + * PPC & AIX port + - S8148487: PPC64: Better byte behavior + * AArch64 port + - S8154413: AArch64: Better byte behaviour + - PR2914: byte_map_base is not page aligned on OpenJDK 7 + * JamVM + - PR2665: icedtea/jamvm 2.6 fails as a build VM for icedtea + +------------------------------------------------------------------- java-1_7_0-openjdk.changes: same change Old: ---- icedtea-2.6.5.tar.xz icedtea-2.6.5.tar.xz.sig New: ---- icedtea-2.6.6.tar.xz icedtea-2.6.6.tar.xz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ java-1_7_0-openjdk-bootstrap.spec ++++++ --- /var/tmp/diff_new_pack.131dwb/_old 2016-04-28 16:51:36.000000000 +0200 +++ /var/tmp/diff_new_pack.131dwb/_new 2016-04-28 16:51:36.000000000 +0200 @@ -19,7 +19,7 @@ %{!?aarch64:%global aarch64 aarch64 arm64 armv8} %global jit_arches %ix86 x86_64 ppc64 ppc64le %arm %aarch64 %global test_arches %ix86 x86_64 ppc64 ppc64le -%global icedtea_version 2.6.5 +%global icedtea_version 2.6.6 %global icedtea_sound_version 1.0.1 %global mauvedate 2008-10-22 %global buildoutputdir openjdk.build/ @@ -31,7 +31,7 @@ # Standard JPackage naming and versioning defines. %global priority 1705 %global javaver 1.7.0 -%global buildver 99 +%global buildver 101 # Standard JPackage directories and symbolic links. %global sdklnk java-%{javaver}-openjdk %global archname %{sdklnk} java-1_7_0-openjdk.spec: same change ++++++ corba.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/corba-389551542e13/.hgtags new/corba-ca3e3c4c5a61/.hgtags --- old/corba-389551542e13/.hgtags 2016-03-24 02:02:28.000000000 +0100 +++ new/corba-ca3e3c4c5a61/.hgtags 2016-04-18 07:49:20.000000000 +0200 @@ -652,3 +652,6 @@ 96b735f85c61ad721113713551271106a5070742 jdk7u95-b00 2135da66cc53a606621024679ca16c06349eea58 icedtea-2.6.4 adda687205a9a40573fdb538240a5699fdc7dbd6 jdk7u99-b00 +389551542e139a9c84735a778726d1fdbac6105e icedtea-2.6.5 +bd2be90026f7655b1c21a67b14d812ca7a495064 icedtea-2.6.6pre01 +9c164195bcc97da6c6567e6e6d55ea349f1c583d jdk7u101-b00 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/corba-389551542e13/src/share/classes/com/sun/corba/se/impl/orbutil/resources/sunorb_ko.properties new/corba-ca3e3c4c5a61/src/share/classes/com/sun/corba/se/impl/orbutil/resources/sunorb_ko.properties --- old/corba-389551542e13/src/share/classes/com/sun/corba/se/impl/orbutil/resources/sunorb_ko.properties 2016-03-24 02:02:28.000000000 +0100 +++ new/corba-ca3e3c4c5a61/src/share/classes/com/sun/corba/se/impl/orbutil/resources/sunorb_ko.properties 2016-04-18 07:49:20.000000000 +0200 @@ -1,5 +1,5 @@ # -# Copyright (c) 2000, 2005, Oracle and/or its affiliates. All rights reserved. +# Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it @@ -23,7 +23,7 @@ # questions. # -orbd.usage=\uC0AC\uC6A9\uBC95: {0} <options> \n\n\uC5EC\uAE30\uC11C <options>\uB294 \uB2E4\uC74C\uACFC \uAC19\uC2B5\uB2C8\uB2E4.\n -port ORBD\uAC00 \uC2DC\uC791\uB418\uC5B4\uC57C \uD558\uB294 \uD65C\uC131 \uD3EC\uD2B8\uB85C, \uAE30\uBCF8\uAC12\uC740 1049\uC785\uB2C8\uB2E4(\uC120\uD0DD \uC0AC\uD56D).\n -defaultdb ORBD \uD30C\uC77C\uC758 \uB514\uB809\uD1A0\uB9AC\uB85C, \uAE30\uBCF8\uAC12\uC740 "./orb.db"\uC785\uB2C8\uB2E4(\uC120\uD0DD \uC0AC\uD56D).\n -serverid ORBD\uC758 \uC11C\uBC84 ID\uB85C, \uAE30\uBCF8\uAC12\uC740 1 \uC785\uB2C8\uB2E4(\uC120\uD0DD \uC0AC\uD56D).\n -ORBInitialPort \uCD08\uAE30 \uD3EC\uD2B8\uC785\uB2C8\uB2E4(\uD544\uC218).\n -ORBInitialHost \uCD08\uAE30 HostName\uC785\uB2C8\uB2E4(\uD544\uC218).\n +orbd.usage=\uC0AC\uC6A9\uBC95: {0} <options> \n\n\uC5EC\uAE30\uC11C <options>\uB294 \uB2E4\uC74C\uACFC \uAC19\uC2B5\uB2C8\uB2E4.\n -port ORBD\uAC00 \uC2DC\uC791\uB418\uC5B4\uC57C \uD558\uB294 \uD65C\uC131 \uD3EC\uD2B8\uB85C, \uAE30\uBCF8\uAC12\uC740 1049\uC785\uB2C8\uB2E4(\uC120\uD0DD\uC0AC\uD56D).\n -defaultdb ORBD \uD30C\uC77C\uC758 \uB514\uB809\uD1A0\uB9AC\uB85C, \uAE30\uBCF8\uAC12\uC740 "./orb.db"\uC785\uB2C8\uB2E4(\uC120\uD0DD\uC0AC\uD56D).\n -serverid ORBD\uC758 \uC11C\uBC84 ID\uB85C, \uAE30\uBCF8\uAC12\uC740 1 \uC785\uB2C8\uB2E4(\uC120\uD0DD\uC0AC\uD56D).\n -ORBInitialPort \uCD08\uAE30 \uD3EC\uD2B8\uC785\uB2C8\uB2E4(\uD544\uC218).\n -ORBInitialHost \uCD08\uAE30 HostName\uC785\uB2C8\uB2E4(\uD544\uC218).\n servertool.usage=\uC0AC\uC6A9\uBC95: {0} <options> \n\n\uC5EC\uAE30\uC11C <options>\uB294 \uB2E4\uC74C\uACFC \uAC19\uC2B5\uB2C8\uB2E4.\n -ORBInitialPort \uCD08\uAE30 \uD3EC\uD2B8\uC785\uB2C8\uB2E4(\uD544\uC218).\n -ORBInitialHost \uCD08\uAE30 HostName\uC785\uB2C8\uB2E4(\uD544\uC218).\n servertool.banner=\n\nJava IDL \uC11C\uBC84 \uD234 \uC2DC\uC791 \n\uD504\uB86C\uD504\uD2B8\uC5D0 \uBA85\uB839\uC744 \uC785\uB825\uD558\uC2ED\uC2DC\uC624. \n @@ -62,7 +62,7 @@ servertool.list=\n\t\uBAA9\uB85D\n servertool.list1=\uB4F1\uB85D\uB41C \uC11C\uBC84 \uBAA8\uB450 \uB098\uC5F4 -servertool.list2=\n\t\uC11C\uBC84 ID\t\uC11C\uBC84 \uD074\uB798\uC2A4 \uC774\uB984\t\t\uC11C\uBC84 \uC751\uC6A9 \uD504\uB85C\uADF8\uB7A8\n\t---------\t-----------------\t\t------------------\n +servertool.list2=\n\t\uC11C\uBC84 ID\t\uC11C\uBC84 \uD074\uB798\uC2A4 \uC774\uB984\t\t\uC11C\uBC84 \uC560\uD50C\uB9AC\uCF00\uC774\uC158\n\t---------\t-----------------\t\t------------------\n servertool.listactive=\n\tlistactive servertool.listactive1=\uD604\uC7AC \uD65C\uC131 \uC11C\uBC84 \uB098\uC5F4 servertool.listappnames=\tlistappnames\n @@ -92,9 +92,9 @@ bootstrap.success=\uD3EC\uD2B8\uB97C {0}(\uC73C)\uB85C \uC124\uC815\uD558\uACE0 {1}\uC5D0\uC11C \uC11C\uBE44\uC2A4\uB97C \uC77D\uB294 \uC911 bootstrap.filenotreadable={0} \uD30C\uC77C\uC744 \uC77D\uC744 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4. bootstrap.filenotfound={0} \uD30C\uC77C\uC744 \uCC3E\uC744 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4. -bootstrap.exception={0} \uD30C\uC77C\uC5D0 \uC18D\uC131\uC744 \uC800\uC7A5\uD558\uB294 \uC911 \uC608\uC678 \uC0AC\uD56D \uBC1C\uC0DD: {1} \uC608\uC678 \uC0AC\uD56D +bootstrap.exception={0} \uD30C\uC77C\uC5D0 \uC18D\uC131\uC744 \uC800\uC7A5\uD558\uB294 \uC911 \uC608\uC678\uC0AC\uD56D \uBC1C\uC0DD: {1} \uC608\uC678\uC0AC\uD56D -tnameserv.exception={0} \uD3EC\uD2B8\uC5D0\uC11C \uBD80\uD2B8\uC2A4\uD2B8\uB7A9 \uC11C\uBE44\uC2A4\uB97C \uC2DC\uC791\uD558\uB294 \uC911 \uC608\uC678 \uC0AC\uD56D\uC774 \uBC1C\uC0DD\uD588\uC2B5\uB2C8\uB2E4. +tnameserv.exception={0} \uD3EC\uD2B8\uC5D0\uC11C \uBD80\uD2B8\uC2A4\uD2B8\uB7A9 \uC11C\uBE44\uC2A4\uB97C \uC2DC\uC791\uD558\uB294 \uC911 \uC608\uC678\uC0AC\uD56D\uC774 \uBC1C\uC0DD\uD588\uC2B5\uB2C8\uB2E4. tnameserv.usage=-ORBInitialPort <portno> \uBA85\uB839\uD589 \uC778\uC218\uB85C \uB2E4\uB978 \uD3EC\uD2B8 \uC0AC\uC6A9 \uC2DC\uB3C4 tnameserv.invalidhostoption=ORBInitialHost\uB294 NameService\uC5D0 \uB300\uD574 \uC801\uD569\uD55C \uC635\uC158\uC774 \uC544\uB2D9\uB2C8\uB2E4. tnameserv.orbinitialport0=ORBInitialPort 0\uC740 NameService\uC5D0 \uB300\uD574 \uC801\uD569\uD55C \uC635\uC158\uC774 \uC544\uB2D9\uB2C8\uB2E4. @@ -103,5 +103,5 @@ tnameserv.hs3=\uC900\uBE44\uB418\uC5C8\uC2B5\uB2C8\uB2E4. orbd.commfailure=\nORBinitialPort\uAC00 \uC774\uBBF8 \uC0AC\uC6A9 \uC911\uC774\uC5B4\uC11C ORBD \uC2DC\uC791\uC744 \uC2E4\uD328\uD588\uC2B5\uB2C8\uB2E4. -orbd.internalexception=\n\uB0B4\uBD80 \uC608\uC678 \uC0AC\uD56D\uC73C\uB85C \uC778\uD574 ORBD \uC2DC\uC791\uC744 \uC2E4\uD328\uD588\uC2B5\uB2C8\uB2E4. \n\uAC00\uB2A5\uD55C \uC6D0\uC778: \n1. \uC9C0\uC815\uB41C ORBInitialPort \uB610\uB294 ORBActivationPort\uAC00 \uC774\uBBF8 \uC0AC\uC6A9 \uC911\uC785\uB2C8\uB2E4.\n2. orb.db\uB97C \uC4F8 \uC218 \uC788\uB294 \uC4F0\uAE30 \uAD8C\uD55C\uC774 \uC5C6\uC2B5\uB2C8\uB2E4. +orbd.internalexception=\n\uB0B4\uBD80 \uC608\uC678\uC0AC\uD56D\uC73C\uB85C \uC778\uD574 ORBD \uC2DC\uC791\uC744 \uC2E4\uD328\uD588\uC2B5\uB2C8\uB2E4. \n\uAC00\uB2A5\uD55C \uC6D0\uC778: \n1. \uC9C0\uC815\uB41C ORBInitialPort \uB610\uB294 ORBActivationPort\uAC00 \uC774\uBBF8 \uC0AC\uC6A9 \uC911\uC785\uB2C8\uB2E4.\n2. orb.db\uB97C \uC4F8 \uC218 \uC788\uB294 \uC4F0\uAE30 \uAD8C\uD55C\uC774 \uC5C6\uC2B5\uB2C8\uB2E4. ++++++ hotspot.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_7_0-openjdk/hotspot.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/hotspot.tar.bz2 differ: char 11, line 1 ++++++ icedtea-2.6.5.tar.xz -> icedtea-2.6.6.tar.xz ++++++ ++++ 4843 lines of diff (skipped) ++++++ jaxp.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jaxp-8a56658cb829/.hgtags new/jaxp-683427778edf/.hgtags --- old/jaxp-8a56658cb829/.hgtags 2016-03-24 02:02:29.000000000 +0100 +++ new/jaxp-683427778edf/.hgtags 2016-04-18 07:49:21.000000000 +0200 @@ -653,3 +653,6 @@ 7c422316234f10b327fdbc181aedd5e74f31fd38 jdk7u95-b00 bc6edb6c12a76b48a83ef8253dba8fe3007328e5 icedtea-2.6.4 c029d7572a67cb2fb3f9f2d8e91cbdda3beab95e jdk7u99-b00 +8a56658cb829a321fba2c80039e6aadc8ff936b1 icedtea-2.6.5 +5ab0648fce587283f45235377a07720aec742e7b icedtea-2.6.6pre01 +dcdbebfaf4b42da4927d3d0c682205a23cd7cdb8 jdk7u101-b00 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jaxp-8a56658cb829/src/com/sun/org/apache/xalan/internal/res/XSLTErrorResources_de.java new/jaxp-683427778edf/src/com/sun/org/apache/xalan/internal/res/XSLTErrorResources_de.java --- old/jaxp-8a56658cb829/src/com/sun/org/apache/xalan/internal/res/XSLTErrorResources_de.java 2016-03-24 02:02:29.000000000 +0100 +++ new/jaxp-683427778edf/src/com/sun/org/apache/xalan/internal/res/XSLTErrorResources_de.java 2016-04-18 07:49:21.000000000 +0200 @@ -1359,8 +1359,8 @@ { "optionLXCIN", " [-LXCIN compiledStylesheetFileNameIn]"}, { "optionLXCOUT", " [-LXCOUT compiledStylesheetFileNameOutOut]"}, { "optionPARSER", " [-PARSER fully qualified class name of parser liaison]"}, - { "optionE", " [-E (Entit\u00E4tsreferenzen nicht einblenden)]"}, - { "optionV", " [-E (Entit\u00E4tsreferenzen nicht einblenden)]"}, + { "optionE", " [-E (Entityreferenzen nicht einblenden)]"}, + { "optionV", " [-E (Entityreferenzen nicht einblenden)]"}, { "optionQC", " [-QC (Stille Musterkonfliktwarnungen)]"}, { "optionQ", " [-Q (Silent-Modus)]"}, { "optionLF", " [-LF (Nur Zeilenvorsch\u00FCbe bei Ausgabe verwenden {Standard ist CR/LF})]"}, @@ -1384,7 +1384,7 @@ { "noParsermsg4", "Wenn Sie nicht \u00FCber den XML-Parser f\u00FCr Java von IBM verf\u00FCgen, k\u00F6nnen Sie ihn hier herunterladen:"}, { "noParsermsg5", "IBMs AlphaWorks: http://www.alphaworks.ibm.com/formula/xml"}, { "optionURIRESOLVER", " [-URIRESOLVER full class name (URIResolver f\u00FCr die Aufl\u00F6sung von URIs)]"}, - { "optionENTITYRESOLVER", " [-ENTITYRESOLVER full class name (EntityResolver f\u00FCr die Aufl\u00F6sung von Entit\u00E4ten)]"}, + { "optionENTITYRESOLVER", " [-ENTITYRESOLVER full class name (EntityResolver f\u00FCr die Aufl\u00F6sung von Entitys)]"}, { "optionCONTENTHANDLER", " [-CONTENTHANDLER full class name (ContentHandler f\u00FCr die Serialisierung der Ausgabe)]"}, { "optionLINENUMBERS", " [-L use line numbers for source document]"}, { "optionSECUREPROCESSING", " [-SECURE (Feature f\u00FCr die sichere Verarbeitung auf \"true\" setzen.)]"}, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jaxp-8a56658cb829/src/com/sun/org/apache/xalan/internal/res/XSLTErrorResources_ko.java new/jaxp-683427778edf/src/com/sun/org/apache/xalan/internal/res/XSLTErrorResources_ko.java --- old/jaxp-8a56658cb829/src/com/sun/org/apache/xalan/internal/res/XSLTErrorResources_ko.java 2016-03-24 02:02:29.000000000 +0100 +++ new/jaxp-683427778edf/src/com/sun/org/apache/xalan/internal/res/XSLTErrorResources_ko.java 2016-04-18 07:49:21.000000000 +0200 @@ -591,7 +591,7 @@ "\uC2A4\uD0C0\uC77C\uC2DC\uD2B8 \uD30C\uC77C\uC744 \uCC3E\uC744 \uC218 \uC5C6\uC74C: {0}"}, { ER_IOEXCEPTION, - "\uC2A4\uD0C0\uC77C\uC2DC\uD2B8 \uD30C\uC77C\uC5D0 IO \uC608\uC678 \uC0AC\uD56D \uBC1C\uC0DD: {0}"}, + "\uC2A4\uD0C0\uC77C\uC2DC\uD2B8 \uD30C\uC77C\uC5D0 IO \uC608\uC678\uC0AC\uD56D \uBC1C\uC0DD: {0}"}, { ER_NO_HREF_ATTRIB, "(StylesheetHandler) {0}\uC5D0 \uB300\uD55C href \uC18D\uC131\uC744 \uCC3E\uC744 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4."}, @@ -717,7 +717,7 @@ "processStylesheet\uB97C \uC2E4\uD328\uD588\uC2B5\uB2C8\uB2E4!"}, { ER_SAX_EXCEPTION, - "SAX \uC608\uC678 \uC0AC\uD56D"}, + "SAX \uC608\uC678\uC0AC\uD56D"}, // add this message to fix bug 21478 { ER_FUNCTION_NOT_SUPPORTED, @@ -1325,7 +1325,7 @@ { "help_language", "ko" }, { "language", "ko" }, { "BAD_CODE", "createMessage\uC5D0 \uB300\uD55C \uB9E4\uAC1C\uBCC0\uC218\uAC00 \uBC94\uC704\uB97C \uBC97\uC5B4\uB0AC\uC2B5\uB2C8\uB2E4."}, - { "FORMAT_FAILED", "messageFormat \uD638\uCD9C \uC911 \uC608\uC678 \uC0AC\uD56D\uC774 \uBC1C\uC0DD\uD588\uC2B5\uB2C8\uB2E4."}, + { "FORMAT_FAILED", "messageFormat \uD638\uCD9C \uC911 \uC608\uC678\uC0AC\uD56D\uC774 \uBC1C\uC0DD\uD588\uC2B5\uB2C8\uB2E4."}, { "version", ">>>>>>> Xalan \uBC84\uC804 "}, { "version2", "<<<<<<<"}, { "yes", "\uC608"}, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jaxp-8a56658cb829/src/com/sun/org/apache/xalan/internal/xsltc/compiler/LiteralElement.java new/jaxp-683427778edf/src/com/sun/org/apache/xalan/internal/xsltc/compiler/LiteralElement.java --- old/jaxp-8a56658cb829/src/com/sun/org/apache/xalan/internal/xsltc/compiler/LiteralElement.java 2016-03-24 02:02:29.000000000 +0100 +++ new/jaxp-683427778edf/src/com/sun/org/apache/xalan/internal/xsltc/compiler/LiteralElement.java 2016-04-18 07:49:21.000000000 +0200 @@ -36,6 +36,7 @@ import com.sun.org.apache.xml.internal.serializer.ToHTMLStream; import java.util.ArrayList; import java.util.HashMap; +import java.util.Hashtable; import java.util.List; import java.util.Map; import java.util.Set; @@ -104,9 +105,9 @@ } } - // Check if we have any declared namesaces + // Check if we have any declared namespaces if (_accessedPrefixes == null) { - _accessedPrefixes = new HashMap<>(); + _accessedPrefixes = new Hashtable<>(); } else { if (!declared) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jaxp-8a56658cb829/src/com/sun/org/apache/xalan/internal/xsltc/compiler/util/ErrorMessages_ko.java new/jaxp-683427778edf/src/com/sun/org/apache/xalan/internal/xsltc/compiler/util/ErrorMessages_ko.java --- old/jaxp-8a56658cb829/src/com/sun/org/apache/xalan/internal/xsltc/compiler/util/ErrorMessages_ko.java 2016-03-24 02:02:29.000000000 +0100 +++ new/jaxp-683427778edf/src/com/sun/org/apache/xalan/internal/xsltc/compiler/util/ErrorMessages_ko.java 2016-04-18 07:49:21.000000000 +0200 @@ -303,7 +303,7 @@ * not recognized. */ {ErrorMsg.ILLEGAL_BINARY_OP_ERR, - "\uC774\uC9C4 \uD45C\uD604\uC2DD\uC5D0 \uB300\uD574 \uC54C \uC218 \uC5C6\uB294 \uC5F0\uC0B0\uC790\uC785\uB2C8\uB2E4."}, + "\uBC14\uC774\uB108\uB9AC \uD45C\uD604\uC2DD\uC5D0 \uB300\uD574 \uC54C \uC218 \uC5C6\uB294 \uC5F0\uC0B0\uC790\uC785\uB2C8\uB2E4."}, /* * Note to translators: This message is produced if a reference to a diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jaxp-8a56658cb829/src/com/sun/org/apache/xerces/internal/impl/XMLScanner.java new/jaxp-683427778edf/src/com/sun/org/apache/xerces/internal/impl/XMLScanner.java --- old/jaxp-8a56658cb829/src/com/sun/org/apache/xerces/internal/impl/XMLScanner.java 2016-03-24 02:02:29.000000000 +0100 +++ new/jaxp-683427778edf/src/com/sun/org/apache/xerces/internal/impl/XMLScanner.java 2016-04-18 07:49:21.000000000 +0200 @@ -975,6 +975,7 @@ fStringBuffer2.append('\n'); } } else if (c != -1 && XMLChar.isHighSurrogate(c)) { + fStringBuffer3.clear(); if (scanSurrogates(fStringBuffer3)) { stringBuffer.append(fStringBuffer3); if (entityDepth == fEntityDepth && fNeedNonNormalizedValue) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jaxp-8a56658cb829/src/com/sun/org/apache/xerces/internal/impl/msg/DOMMessages_de.properties new/jaxp-683427778edf/src/com/sun/org/apache/xerces/internal/impl/msg/DOMMessages_de.properties --- old/jaxp-8a56658cb829/src/com/sun/org/apache/xerces/internal/impl/msg/DOMMessages_de.properties 2016-03-24 02:02:29.000000000 +0100 +++ new/jaxp-683427778edf/src/com/sun/org/apache/xerces/internal/impl/msg/DOMMessages_de.properties 2016-04-18 07:49:21.000000000 +0200 @@ -43,7 +43,7 @@ #Error codes used in DOM Normalizer InvalidXMLCharInDOM = Ung\u00FCltiges XML-Zeichen (Unicode: 0x{0}) wurde bei der Normalisierung im DOM gefunden. -UndeclaredEntRefInAttrValue = Attribut "{0}" Wert "{1}" referenzierte eine nicht deklarierte Entit\u00E4t. +UndeclaredEntRefInAttrValue = Attribut "{0}" Wert "{1}" referenzierte eine nicht deklarierte Entity. NullLocalElementName = Lokaler Nullname wurde bei der Namespace-Normalisierung von Element {0} gefunden. NullLocalAttrName = Lokaler Nullname wurde bei der Namespace-Normalisierung von Attribut {0} gefunden. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jaxp-8a56658cb829/src/com/sun/org/apache/xerces/internal/impl/msg/XIncludeMessages_de.properties new/jaxp-683427778edf/src/com/sun/org/apache/xerces/internal/impl/msg/XIncludeMessages_de.properties --- old/jaxp-8a56658cb829/src/com/sun/org/apache/xerces/internal/impl/msg/XIncludeMessages_de.properties 2016-03-24 02:02:29.000000000 +0100 +++ new/jaxp-683427778edf/src/com/sun/org/apache/xerces/internal/impl/msg/XIncludeMessages_de.properties 2016-04-18 07:49:21.000000000 +0200 @@ -17,14 +17,14 @@ NO_XPointerSchema = Schema f\u00FCr "{0}" wird standardm\u00E4\u00DFig nicht unterst\u00FCtzt. Definieren Sie Ihr eigenes Schema f\u00FCr {0}. Siehe http://apache.org/xml/properties/xpointer-schema NO_SubResourceIdentified = Keine Subressource von XPointer-Prozessor f\u00FCr Zeiger {0} identifiziert. NonDuplicateNotation = Mehrere Notationen mit dem Namen "{0}" wurden verwendet, die aber nicht als Duplikate ermittelt wurden. -NonDuplicateUnparsedEntity = Mehrere nicht geparste Entit\u00E4ten mit dem Namen "{0}" wurden verwendet, die aber nicht als Duplikate ermittelt wurden. +NonDuplicateUnparsedEntity = Mehrere nicht geparste Entitys mit dem Namen "{0}" wurden verwendet, die aber nicht als Duplikate ermittelt wurden. XpointerMissing = xpointer-Attribut muss vorhanden sein, wenn href-Attribut fehlt. AcceptMalformed = Zeichen au\u00DFerhalb des Bereichs #x20 bis #x7E sind im Wert des "accept"-Attributs eines "include"-Elements nicht zul\u00E4ssig. AcceptLanguageMalformed = Zeichen au\u00DFerhalb des Bereichs #x20 bis #x7E sind im Wert des "accept-language"-Attributs eines "include"-Elements nicht zul\u00E4ssig. RootElementRequired = F\u00FCr ein ordnungsgem\u00E4\u00DF formatiertes Dokument ist ein Root-Element erforderlich. MultipleRootElements = Ein ordnungsgem\u00E4\u00DF formatiertes Dokument darf nicht mehrere Root-Elemente enthalten. ContentIllegalAtTopLevel = Der Ersatz eines "include"-Elements, das als Dokumentelement im Quell-Infoset der obersten Ebene angezeigt wird, darf keine Zeichen enthalten. -UnexpandedEntityReferenceIllegal = Der Ersatz eines "include"-Elements, das als Dokumentelement im Quell-Infoset der obersten Ebene angezeigt wird, darf keine nicht erweiterten Entit\u00E4tsreferenzen enthalten. +UnexpandedEntityReferenceIllegal = Der Ersatz eines "include"-Elements, das als Dokumentelement im Quell-Infoset der obersten Ebene angezeigt wird, darf keine nicht erweiterten Entityreferenzen enthalten. HrefFragmentIdentifierIllegal = Fragment-IDs d\u00FCrfen nicht verwendet werden. Der "href"-Attributwert "{0}" ist nicht zul\u00E4ssig. HrefSyntacticallyInvalid = "href"-Attributwert "{0}" hat eine ung\u00FCltige Syntax. Nach Anwenden der Escape-Regeln ist der Wert kein syntaktisch korrekter URI oder IRI. XPointerStreamability = Es wurde ein xpointer angegeben, der auf eine Stelle im Quell-Infoset verweist. Auf diese Stelle kann aufgrund des Streamingcharakters des Prozessors nicht zugegriffen werden. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jaxp-8a56658cb829/src/com/sun/org/apache/xerces/internal/impl/msg/XMLMessages_de.properties new/jaxp-683427778edf/src/com/sun/org/apache/xerces/internal/impl/msg/XMLMessages_de.properties --- old/jaxp-8a56658cb829/src/com/sun/org/apache/xerces/internal/impl/msg/XMLMessages_de.properties 2016-03-24 02:02:29.000000000 +0100 +++ new/jaxp-683427778edf/src/com/sun/org/apache/xerces/internal/impl/msg/XMLMessages_de.properties 2016-04-18 07:49:21.000000000 +0200 @@ -62,9 +62,9 @@ # 4.1 Character and Entity References ReferenceUnterminated = Referenz muss mit einem ";"-Begrenzungszeichen beendet werden. # 4.3.2 Well-Formed Parsed Entities - ReferenceNotInOneEntity = Referenz muss vollst\u00E4ndig in derselben geparsten Entit\u00E4t enthalten sein. - ElementEntityMismatch = Element "{0}" muss innerhalb derselben Entit\u00E4t beginnen und enden. - MarkupEntityMismatch=XML-Dokumentstrukturen m\u00FCssen innerhalb derselben Entit\u00E4t beginnen und enden. + ReferenceNotInOneEntity = Referenz muss vollst\u00E4ndig in derselben geparsten Entity enthalten sein. + ElementEntityMismatch = Element "{0}" muss innerhalb derselben Entity beginnen und enden. + MarkupEntityMismatch=XML-Dokumentstrukturen m\u00FCssen innerhalb derselben Entity beginnen und enden. # Messages common to Document and DTD # 2.2 Characters @@ -81,27 +81,27 @@ InvalidCommentStart = Kommentar muss mit "" enden. - COMMENT_NOT_IN_ONE_ENTITY = Kommentar ist nicht in derselben Entit\u00E4t enthalten. + COMMENT_NOT_IN_ONE_ENTITY = Kommentar ist nicht in derselben Entity enthalten. # 2.6 Processing Instructions PITargetRequired = Verarbeitungsanweisung muss mit dem Namen des Ziels beginnen. SpaceRequiredInPI = Leerstelle ist zwischen dem Ziel der Verarbeitungsanweisung und den Daten erforderlich. PIUnterminated = Verarbeitungsanweisung muss mit "?>" enden. ReservedPITarget = Verarbeitungsanweisungsziel, das "[xX][mM][lL]" entspricht, ist nicht zul\u00E4ssig. - PI_NOT_IN_ONE_ENTITY = Verarbeitungsanweisung ist nicht in derselben Entit\u00E4t enthalten. + PI_NOT_IN_ONE_ENTITY = Verarbeitungsanweisung ist nicht in derselben Entity enthalten. # 2.8 Prolog and Document Type Declaration VersionInfoInvalid = Ung\u00FCltige Version "{0}". VersionNotSupported = XML-Version "{0}" wird nicht unterst\u00FCtzt. Nur XML 1.0 wird unterst\u00FCtzt. VersionNotSupported11 = XML-Version "{0}" wird nicht unterst\u00FCtzt. Nur XML 1.0 und XML 1.1 werden unterst\u00FCtzt. - VersionMismatch= Eine Entit\u00E4t kann keine andere Entit\u00E4t einer sp\u00E4teren Version enthalten. + VersionMismatch= Eine Entity kann keine andere Entity einer sp\u00E4teren Version enthalten. # 4.1 Character and Entity References DigitRequiredInCharRef = Auf "&#" in einer Zeichenreferenz muss umgehend eine Dezimaldarstellung folgen. HexdigitRequiredInCharRef = Auf "&#x" in einer Zeichenreferenz muss umgehend eine hexadezimale Darstellung folgen. SemicolonRequiredInCharRef = Zeichenreferenz muss mit dem Begrenzungszeichen ";" enden. InvalidCharRef = Zeichenreferenz "&#{0}" ist ein ung\u00FCltiges XML-Zeichen. - NameRequiredInReference = Auf "&" in der Entit\u00E4tsreferenz muss umgehend der Entit\u00E4tsname folgen. - SemicolonRequiredInReference = Referenz zu Entit\u00E4t "{0}" muss mit dem Begrenzungszeichen ";" enden. + NameRequiredInReference = Auf "&" in der Entityreferenz muss umgehend der Entityname folgen. + SemicolonRequiredInReference = Referenz zu Entity "{0}" muss mit dem Begrenzungszeichen ";" enden. # 4.3.1 The Text Declaration - TextDeclMustBeFirst = Textdeklaration darf nur ganz am Anfang der externen geparsten Entit\u00E4t enthalten sein. + TextDeclMustBeFirst = Textdeklaration darf nur ganz am Anfang der externen geparsten Entity enthalten sein. EqRequiredInTextDecl = Zeichen " = " muss auf "{0}" in der Textdeklaration folgen. QuoteRequiredInTextDecl = Der Wert nach "{0}" in der Textdeklaration muss eine Zeichenfolge in Anf\u00FChrungszeichen sein. CloseQuoteMissingInTextDecl = Schlie\u00DFendes Anf\u00FChrungszeichen im Wert nach "{0}" in der Textdeklaration fehlt. @@ -113,8 +113,8 @@ MorePseudoAttributes = Es werden weitere Pseudoattribute erwartet. PseudoAttrNameExpected = Pseudoattributname wird erwartet. # 4.3.2 Well-Formed Parsed Entities - CommentNotInOneEntity = Kommentar muss vollst\u00E4ndig in derselben geparsten Entit\u00E4t enthalten sein. - PINotInOneEntity = Verarbeitungsanweisung muss vollst\u00E4ndig in derselben geparsten Entit\u00E4t enthalten sein. + CommentNotInOneEntity = Kommentar muss vollst\u00E4ndig in derselben geparsten Entity enthalten sein. + PINotInOneEntity = Verarbeitungsanweisung muss vollst\u00E4ndig in derselben geparsten Entity enthalten sein. # 4.3.3 Character Encoding in Entities EncodingDeclInvalid = Ung\u00FCltiger Codierungsname "{0}". EncodingByteOrderUnsupported = Angegebene Bytereihenfolge f\u00FCr die Codierung von "{0}" wird nicht unterst\u00FCtzt. @@ -123,11 +123,11 @@ InvalidHighSurrogate = High-Surrogate-Bits in UTF-8-Sequenz d\u00FCrfen 0x10 nicht \u00FCberschreiten, gefunden wurde aber 0x{0}. OperationNotSupported = Vorgang "{0}" nicht unterst\u00FCtzt von {1}-Reader. InvalidASCII = Byte "{0}" geh\u00F6rt nicht zum (7-Bit) ASCII-Zeichensatz. - CharConversionFailure = Eine Entit\u00E4t, f\u00FCr die eine bestimmte Codierung ermittelt wurde, darf keine Sequenzen enthalten, die in dieser Codierung ung\u00FCltig sind. + CharConversionFailure = Eine Entity, f\u00FCr die eine bestimmte Codierung ermittelt wurde, darf keine Sequenzen enthalten, die in dieser Codierung ung\u00FCltig sind. # DTD Messages # 2.2 Characters - InvalidCharInEntityValue = Ung\u00FCltiges XML-Zeichen (Unicode: 0x{0}) wurde im literalen Entit\u00E4tswert gefunden. + InvalidCharInEntityValue = Ung\u00FCltiges XML-Zeichen (Unicode: 0x{0}) wurde im literalen Entitywert gefunden. InvalidCharInExternalSubset = Ung\u00FCltiges XML-Zeichen (Unicode: 0x{0}) wurde in der externen Teilmenge der DTD gefunden. InvalidCharInIgnoreSect = Ung\u00FCltiges XML-Zeichen (Unicode: 0x{0}) wurde im ausgeschlossenen Bedingungsabschnitt gefunden. InvalidCharInPublicID = Ung\u00FCltiges XML-Zeichen (Unicode: 0x{0}) wurde in der \u00F6ffentlichen ID gefunden. @@ -145,7 +145,7 @@ MSG_SPACE_REQUIRED_BEFORE_ROOT_ELEMENT_TYPE_IN_DOCTYPEDECL = Leerstelle nach "<!DOCTYPE" in der Dokumenttypdeklaration erforderlich. MSG_ROOT_ELEMENT_TYPE_REQUIRED = Root-Elementtyp muss nach "<!DOCTYPE" in der Dokumenttypdeklaration enthalten sein. DoctypedeclUnterminated = Dokumenttypdeklaration f\u00FCr Root-Elementtyp "{0}" muss mit ">" enden. - PEReferenceWithinMarkup = Parameterentit\u00E4tsreferenz "%{0};" darf nicht in Markup in der internen Teilmenge der DTD vorkommen. + PEReferenceWithinMarkup = Parameterentityreferenz "%{0};" darf nicht in Markup in der internen Teilmenge der DTD vorkommen. MSG_MARKUP_NOT_RECOGNIZED_IN_DTD = Die Markup-Deklarationen, die in der Dokumenttypdeklaration enthalten sind bzw. auf die von der Dokumenttypdeklaration verwiesen wird, m\u00FCssen ordnungsgem\u00E4\u00DF formatiert sein. # 2.10 White Space Handling MSG_XML_SPACE_DECLARATION_ILLEGAL = Attributdeklaration f\u00FCr "xml:space" muss als aufgez\u00E4hlter Typ angegeben werden, dessen einzigen m\u00F6glichen Werte "default" und "preserve" sind. @@ -186,21 +186,21 @@ IncludeSectUnterminated = Der eingeschlossene Bedingungsabschnitt muss mit "]]>" enden. IgnoreSectUnterminated = Der ausgeschlossene Bedingungsabschnitt muss mit "]]>" enden. # 4.1 Character and Entity References - NameRequiredInPEReference = Auf "%" in der Parameterentit\u00E4tsreferenz muss umgehend der Entit\u00E4tsname folgen. - SemicolonRequiredInPEReference = Parameterentit\u00E4tsreferenz "%{0};" muss mit dem Begrenzungszeichen ";" enden. + NameRequiredInPEReference = Auf "%" in der Parameterentityreferenz muss umgehend der Entityname folgen. + SemicolonRequiredInPEReference = Parameterentityreferenz "%{0};" muss mit dem Begrenzungszeichen ";" enden. # 4.2 Entity Declarations - MSG_SPACE_REQUIRED_BEFORE_ENTITY_NAME_IN_ENTITYDECL = Leerstelle nach "<!ENTITY" in der Entit\u00E4tsdeklaration erforderlich. - MSG_SPACE_REQUIRED_BEFORE_PERCENT_IN_PEDECL = Leerstelle zwischen "<!ENTITY" und dem Zeichen "%" in der Parameterentit\u00E4tsdeklaration erforderlich. - MSG_SPACE_REQUIRED_BEFORE_ENTITY_NAME_IN_PEDECL = Leerstelle zwischen "%" und dem Entit\u00E4tsnamen in der Parameterentit\u00E4tsdeklaration erforderlich. - MSG_ENTITY_NAME_REQUIRED_IN_ENTITYDECL = Name der Entit\u00E4t ist in der Entit\u00E4tsdeklaration erforderlich. - MSG_SPACE_REQUIRED_AFTER_ENTITY_NAME_IN_ENTITYDECL = Leerstelle zwischen dem Entit\u00E4tsnamen "{0}" und der Definition in der Entit\u00E4tsdeklaration erforderlich. - MSG_SPACE_REQUIRED_BEFORE_NOTATION_NAME_IN_UNPARSED_ENTITYDECL = Leerstelle zwischen "NDATA" und dem Notationsnamen in der Deklaration f\u00FCr die Entit\u00E4t "{0} erforderlich. - MSG_SPACE_REQUIRED_BEFORE_NDATA_IN_UNPARSED_ENTITYDECL = Leerstelle vor "NDATA" in der Deklaration f\u00FCr die Entit\u00E4t "{0} erforderlich. - MSG_NOTATION_NAME_REQUIRED_FOR_UNPARSED_ENTITYDECL = Notationsname ist nach "NDATA" in der Deklaration f\u00FCr die Entit\u00E4t "{0} erforderlich. - EntityDeclUnterminated = Deklaration f\u00FCr Entit\u00E4t "{0}" muss mit ">" enden. - MSG_DUPLICATE_ENTITY_DEFINITION = Entit\u00E4t "{0}" wurde mehrmals deklariert. + MSG_SPACE_REQUIRED_BEFORE_ENTITY_NAME_IN_ENTITYDECL = Leerstelle nach "<!ENTITY" in der Entitydeklaration erforderlich. + MSG_SPACE_REQUIRED_BEFORE_PERCENT_IN_PEDECL = Leerstelle zwischen "<!ENTITY" und dem Zeichen "%" in der Parameterentitydeklaration erforderlich. + MSG_SPACE_REQUIRED_BEFORE_ENTITY_NAME_IN_PEDECL = Leerstelle zwischen "%" und dem Entitynamen in der Parameterentitydeklaration erforderlich. + MSG_ENTITY_NAME_REQUIRED_IN_ENTITYDECL = Name der Entity ist in der Entitydeklaration erforderlich. + MSG_SPACE_REQUIRED_AFTER_ENTITY_NAME_IN_ENTITYDECL = Leerstelle zwischen dem Entitynamen "{0}" und der Definition in der Entitydeklaration erforderlich. + MSG_SPACE_REQUIRED_BEFORE_NOTATION_NAME_IN_UNPARSED_ENTITYDECL = Leerstelle zwischen "NDATA" und dem Notationsnamen in der Deklaration f\u00FCr die Entity "{0} erforderlich. + MSG_SPACE_REQUIRED_BEFORE_NDATA_IN_UNPARSED_ENTITYDECL = Leerstelle vor "NDATA" in der Deklaration f\u00FCr die Entity "{0} erforderlich. + MSG_NOTATION_NAME_REQUIRED_FOR_UNPARSED_ENTITYDECL = Notationsname ist nach "NDATA" in der Deklaration f\u00FCr die Entity "{0} erforderlich. + EntityDeclUnterminated = Deklaration f\u00FCr Entity "{0}" muss mit ">" enden. + MSG_DUPLICATE_ENTITY_DEFINITION = Entity "{0}" wurde mehrmals deklariert. # 4.2.2 External Entities - ExternalIDRequired = Externe Entit\u00E4tsdeklaration muss mit "SYSTEM" oder "PUBLIC" beginnen. + ExternalIDRequired = Externe Entitydeklaration muss mit "SYSTEM" oder "PUBLIC" beginnen. MSG_SPACE_REQUIRED_BEFORE_PUBIDLITERAL_IN_EXTERNALID = Leerstelle zwischen "PUBLIC" und der \u00F6ffentlichen ID erforderlich. MSG_SPACE_REQUIRED_AFTER_PUBIDLITERAL_IN_EXTERNALID = Leerstelle zwischen der \u00F6ffentlichen ID und der System-ID erforderlich. MSG_SPACE_REQUIRED_BEFORE_SYSTEMLITERAL_IN_EXTERNALID = Leerstelle zwischen "SYSTEM" und der System-ID erforderlich. @@ -214,8 +214,8 @@ # Validation messages DuplicateTypeInMixedContent = Elementtyp "{1}" wurde bereits im Contentmodell der Elementdeklaration"{0}" angegeben. - ENTITIESInvalid = Attributwert "{1}" mit dem Typ ENTITIES muss aus den Namen von mindestens einer geparsten Entit\u00E4t bestehen. - ENTITYInvalid = Attributwert "{1}" mit dem Typ ENTITY muss aus dem Namen einer geparsten Entit\u00E4t bestehen. + ENTITIESInvalid = Attributwert "{1}" mit dem Typ ENTITIES muss aus den Namen von mindestens einer geparsten Entity bestehen. + ENTITYInvalid = Attributwert "{1}" mit dem Typ ENTITY muss aus dem Namen einer geparsten Entity bestehen. IDDefaultTypeInvalid = ID-Attribut "{0}" muss den deklarierten Standardwert "#IMPLIED" oder "#REQUIRED" haben. IDInvalid = Attributwert "{0}" mit dem Typ ID muss ein Name sein. IDInvalidWithNamespaces = Attributwert "{0}" mit dem Typ ID muss ein NCName sein, wenn Namespaces aktiviert sind. @@ -223,10 +223,10 @@ IDREFInvalid = Attributwert "{0}" mit dem Typ IDREF muss ein Name sein. IDREFInvalidWithNamespaces = Attributwert "{0}" mit dem Typ IDREF muss ein NCName sein, wenn Namespaces aktiviert sind. IDREFSInvalid = Attributwert "{0}" mit dem Typ IDREFS muss mindestens ein Name sein. - ILL_FORMED_PARAMETER_ENTITY_WHEN_USED_IN_DECL = Ersatztext der Parameterentit\u00E4t "{0}" muss ordnungsgem\u00E4\u00DF verschachtelte Deklarationen enthalten, wenn die Entit\u00E4tsreferenz als vollst\u00E4ndige Deklaration verwendet wird. - ImproperDeclarationNesting = Ersatztext der Parameterentit\u00E4t "{0}" muss ordnungsgem\u00E4\u00DF verschachtelte Deklarationen enthalten. - ImproperGroupNesting = Ersatztext der Parameterentit\u00E4t "{0}" muss ordnungsgem\u00E4\u00DF verschachtelte Klammernpaare enthalten. - INVALID_PE_IN_CONDITIONAL = Ersatztext der Parameterentit\u00E4t "{0}" muss den gesamten Bedingungsabschnitt oder nur INCLUDE oder IGNORE enthalten. + ILL_FORMED_PARAMETER_ENTITY_WHEN_USED_IN_DECL = Ersatztext der Parameterentity "{0}" muss ordnungsgem\u00E4\u00DF verschachtelte Deklarationen enthalten, wenn die Entityreferenz als vollst\u00E4ndige Deklaration verwendet wird. + ImproperDeclarationNesting = Ersatztext der Parameterentity "{0}" muss ordnungsgem\u00E4\u00DF verschachtelte Deklarationen enthalten. + ImproperGroupNesting = Ersatztext der Parameterentity "{0}" muss ordnungsgem\u00E4\u00DF verschachtelte Klammernpaare enthalten. + INVALID_PE_IN_CONDITIONAL = Ersatztext der Parameterentity "{0}" muss den gesamten Bedingungsabschnitt oder nur INCLUDE oder IGNORE enthalten. MSG_ATTRIBUTE_NOT_DECLARED = Attribut "{1}" muss f\u00FCr Elementtyp "{0}" deklariert werden. MSG_ATTRIBUTE_VALUE_NOT_IN_LIST = Attribut "{0}" mit Wert "{1}" muss einen Wert aus der Liste "{2}" haben. MSG_ATTVALUE_CHANGED_DURING_NORMALIZATION_WHEN_STANDALONE = Der Wert "{1}" des Attributs "{0}" darf nicht von der Normalisierung (zu "{2}") in einem Standalone-Dokument ge\u00E4ndert werden. @@ -239,15 +239,15 @@ MSG_ELEMENT_NOT_DECLARED = Elementtyp "{0}" muss deklariert werden. MSG_GRAMMAR_NOT_FOUND = Dokument ist ung\u00FCltig. Keine Grammatik gefunden. MSG_ELEMENT_WITH_ID_REQUIRED = Element mit "{0}" ist im Dokument erforderlich. - MSG_EXTERNAL_ENTITY_NOT_PERMITTED = Referenz zur externen Entit\u00E4t "{0}" ist in einem Standalone-Dokument nicht zul\u00E4ssig. + MSG_EXTERNAL_ENTITY_NOT_PERMITTED = Referenz zur externen Entity "{0}" ist in einem Standalone-Dokument nicht zul\u00E4ssig. MSG_FIXED_ATTVALUE_INVALID = Attribut "{1}" mit Wert "{2}" muss den Wert"{3}" haben. MSG_MORE_THAN_ONE_ID_ATTRIBUTE = Elementtyp "{0}" hat bereits ein Attribut "{1}" mit dem Typ ID. Ein zweites Attribut "{2}" mit dem Typ ID ist nicht zul\u00E4ssig. MSG_MORE_THAN_ONE_NOTATION_ATTRIBUTE = Elementtyp "{0}" hat bereits ein Attribut "{1}" mit dem Typ NOTATION. Ein zweites Attribut "{2}" mit dem Typ NOTATION ist nicht zul\u00E4ssig. MSG_NOTATION_NOT_DECLARED_FOR_NOTATIONTYPE_ATTRIBUTE = Notation "{1}" muss deklariert werden, wenn sie in der Notationstypliste f\u00FCr Attribut "{0}" referenziert wird. - MSG_NOTATION_NOT_DECLARED_FOR_UNPARSED_ENTITYDECL = Notation "{1}" muss deklariert werden, wenn sie in der Deklaration der nicht geparsten Entit\u00E4t f\u00FCr "{0}" referenziert wird. - MSG_REFERENCE_TO_EXTERNALLY_DECLARED_ENTITY_WHEN_STANDALONE = Referenz zur Entit\u00E4t "{0}", die in einer externen geparsten Entit\u00E4t deklariert wird, ist in einem Standalone-Dokument nicht zul\u00E4ssig. + MSG_NOTATION_NOT_DECLARED_FOR_UNPARSED_ENTITYDECL = Notation "{1}" muss deklariert werden, wenn sie in der Deklaration der nicht geparsten Entity f\u00FCr "{0}" referenziert wird. + MSG_REFERENCE_TO_EXTERNALLY_DECLARED_ENTITY_WHEN_STANDALONE = Referenz zur Entity "{0}", die in einer externen geparsten Entity deklariert wird, ist in einem Standalone-Dokument nicht zul\u00E4ssig. MSG_REQUIRED_ATTRIBUTE_NOT_SPECIFIED = Attribut "{1}" ist erforderlich und muss f\u00FCr Elementtyp "{0}" angegeben werden. - MSG_WHITE_SPACE_IN_ELEMENT_CONTENT_WHEN_STANDALONE = Es d\u00FCrfen keine Leerstellen zwischen Elementen in einem Standalone-Dokument vorkommen, die in einer externen geparsten Entit\u00E4t mit Elementcontent deklariert sind. + MSG_WHITE_SPACE_IN_ELEMENT_CONTENT_WHEN_STANDALONE = Es d\u00FCrfen keine Leerstellen zwischen Elementen in einem Standalone-Dokument vorkommen, die in einer externen geparsten Entity mit Elementcontent deklariert sind. NMTOKENInvalid = Attributwert "{0}" mit dem Typ NMTOKEN muss ein Namenstoken sein. NMTOKENSInvalid = Attributwert "{0}" mit dem Typ NMTOKENS muss mindestens ein Namenstoken sein. NoNotationOnEmptyElement = Elementtyp "{0}", der als EMPTY deklariert wurde, kann nicht das Attribut "{1}" mit dem Typ NOTATION deklarieren. @@ -261,19 +261,19 @@ # Entity related messages # 3.1 Start-Tags, End-Tags, and Empty-Element Tags - ReferenceToExternalEntity = Externe Entit\u00E4tsreferenz "&{0};" ist in einem Attributwert nicht zul\u00E4ssig. + ReferenceToExternalEntity = Externe Entityreferenz "&{0};" ist in einem Attributwert nicht zul\u00E4ssig. AccessExternalDTD = Externe DTD: Lesen von externer DTD "{0}" nicht erfolgreich, da "{1}"-Zugriff wegen der von der Eigenschaft "accessExternalDTD" festgelegten Einschr\u00E4nkung nicht zul\u00E4ssig ist. - AccessExternalEntity = Externe Entit\u00E4t: Lesen des externen Dokuments "{0}" nicht erfolgreich, da "{1}"-Zugriff wegen der von der Eigenschaft "accessExternalDTD" festgelegten Einschr\u00E4nkung nicht zul\u00E4ssig ist. + AccessExternalEntity = Externe Entity: Lesen des externen Dokuments "{0}" nicht erfolgreich, da "{1}"-Zugriff wegen der von der Eigenschaft "accessExternalDTD" festgelegten Einschr\u00E4nkung nicht zul\u00E4ssig ist. # 4.1 Character and Entity References - EntityNotDeclared = Entit\u00E4t "{0}" wurde referenziert aber nicht deklariert. - ReferenceToUnparsedEntity = Nicht geparste Entit\u00E4tsreferenz "&{0};" ist nicht zul\u00E4ssig. - RecursiveReference = Rekursive Entit\u00E4tsreferenz "{0}". (Referenzpfad: {1}), - RecursiveGeneralReference = Rekursive allgemeine Entit\u00E4tsreferenz "&{0};". (Referenzpfad: {1}), - RecursivePEReference = Rekursive Parameterentit\u00E4tsreferenz "%{0};". (Referenzpfad: {1}), + EntityNotDeclared = Entity "{0}" wurde referenziert aber nicht deklariert. + ReferenceToUnparsedEntity = Nicht geparste Entityreferenz "&{0};" ist nicht zul\u00E4ssig. + RecursiveReference = Rekursive Entityreferenz "{0}". (Referenzpfad: {1}), + RecursiveGeneralReference = Rekursive allgemeine Entityreferenz "&{0};". (Referenzpfad: {1}), + RecursivePEReference = Rekursive Parameterentityreferenz "%{0};". (Referenzpfad: {1}), # 4.3.3 Character Encoding in Entities EncodingNotSupported = Codierung "{0}" wird nicht unterst\u00FCtzt. - EncodingRequired = Eine nicht in UTF-8 oder UTF-16 codierte geparste Entit\u00E4t muss eine Codierungsdeklaration enthalten. + EncodingRequired = Eine nicht in UTF-8 oder UTF-16 codierte geparste Entity muss eine Codierungsdeklaration enthalten. # Namespaces support # 4. Using Qualified Names @@ -294,9 +294,9 @@ # Implementation limits - EntityExpansionLimitExceeded=JAXP00010001: Der Parser hat mehr als {0} Entit\u00E4tserweiterungen in diesem Dokument gefunden. Dies ist der von JDK vorgeschriebene Grenzwert. + EntityExpansionLimitExceeded=JAXP00010001: Der Parser hat mehr als {0} Entityerweiterungen in diesem Dokument gefunden. Dies ist der von JDK vorgeschriebene Grenzwert. ElementAttributeLimit=JAXP00010002: Element "{0}" hat mehr als {1} Attribute. "{1}" ist der von JDK vorgeschriebene Grenzwert. - MaxEntitySizeLimit=JAXP00010003: Die L\u00E4nge von Entit\u00E4t "{0}" ist "{1}" und \u00FCberschreitet den Grenzwert "{2}", der von "{3}" festgelegt wurde. + MaxEntitySizeLimit=JAXP00010003: Die L\u00E4nge von Entity "{0}" ist "{1}" und \u00FCberschreitet den Grenzwert "{2}", der von "{3}" festgelegt wurde. TotalEntitySizeLimit=JAXP00010004: Die akkumulierte Gr\u00F6\u00DFe "{0}" der Entit\u00E4ten \u00FCberschreitet den Grenzwert "{1}", der von "{2}" festgelegt wurde. MaxXMLNameLimit=JAXP00010005: Der Name "{0}" \u00FCberschreitet den Grenzwert "{1}", der von "{2}" festgelegt wurde. MaxElementDepthLimit=JAXP00010006: Die Tiefe von Element "{0}" ist "{1}" und \u00FCberschreitet den Grenzwert "{2}", der von "{3}" festgelegt wurde. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jaxp-8a56658cb829/src/com/sun/org/apache/xerces/internal/impl/msg/XMLSchemaMessages_de.properties new/jaxp-683427778edf/src/com/sun/org/apache/xerces/internal/impl/msg/XMLSchemaMessages_de.properties --- old/jaxp-8a56658cb829/src/com/sun/org/apache/xerces/internal/impl/msg/XMLSchemaMessages_de.properties 2016-03-24 02:02:29.000000000 +0100 +++ new/jaxp-683427778edf/src/com/sun/org/apache/xerces/internal/impl/msg/XMLSchemaMessages_de.properties 2016-04-18 07:49:21.000000000 +0200 @@ -288,5 +288,5 @@ SchemaLocation = SchemaLocation: schemaLocation-Wert = "{0}" muss eine gerade Anzahl an URIs haben. TargetNamespace.1 = TargetNamespace.1: Namespace "{0}" wird erwartet, aber der Ziel-Namespace des Schemadokuments ist "{1}". TargetNamespace.2 = TargetNamespace.2: Kein Namespace wird erwartet, aber das Schemadokument hat den Ziel-Namespace "{1}". - UndeclaredEntity = UndeclaredEntity: Entit\u00E4t "{0}" ist nicht deklariert. + UndeclaredEntity = UndeclaredEntity: Entity ''{0}'' ist nicht deklariert. UndeclaredPrefix = UndeclaredPrefix: "{0}" kann nicht als QName aufgel\u00F6st werden: Pr\u00E4fix "{1}" ist nicht deklariert. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jaxp-8a56658cb829/src/com/sun/org/apache/xml/internal/res/XMLErrorResources_ko.java new/jaxp-683427778edf/src/com/sun/org/apache/xml/internal/res/XMLErrorResources_ko.java --- old/jaxp-8a56658cb829/src/com/sun/org/apache/xml/internal/res/XMLErrorResources_ko.java 2016-03-24 02:02:29.000000000 +0100 +++ new/jaxp-683427778edf/src/com/sun/org/apache/xml/internal/res/XMLErrorResources_ko.java 2016-04-18 07:49:21.000000000 +0200 @@ -254,7 +254,7 @@ "\uAD6C\uBB38 \uBD84\uC11D\uAE30\uB97C \uCD08\uAE30\uD654\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4."}, { ER_EXCEPTION_CREATING_POOL, - "\uD480\uC5D0 \uB300\uD55C \uC0C8 \uC778\uC2A4\uD134\uC2A4\uB97C \uC0DD\uC131\uD558\uB294 \uC911 \uC608\uC678 \uC0AC\uD56D\uC774 \uBC1C\uC0DD\uD588\uC2B5\uB2C8\uB2E4."}, + "\uD480\uC5D0 \uB300\uD55C \uC0C8 \uC778\uC2A4\uD134\uC2A4\uB97C \uC0DD\uC131\uD558\uB294 \uC911 \uC608\uC678\uC0AC\uD56D\uC774 \uBC1C\uC0DD\uD588\uC2B5\uB2C8\uB2E4."}, { ER_PATH_CONTAINS_INVALID_ESCAPE_SEQUENCE, "\uACBD\uB85C\uC5D0 \uBD80\uC801\uD569\uD55C \uC774\uC2A4\uCF00\uC774\uD504 \uC2DC\uD000\uC2A4\uAC00 \uD3EC\uD568\uB418\uC5B4 \uC788\uC2B5\uB2C8\uB2E4."}, @@ -377,7 +377,7 @@ "\uC774\uB984\uC740 \uCF5C\uB860\uC73C\uB85C \uC2DC\uC791\uD560 \uC218 \uC5C6\uC2B5\uB2C8\uB2E4."}, { "BAD_CODE", "createMessage\uC5D0 \uB300\uD55C \uB9E4\uAC1C\uBCC0\uC218\uAC00 \uBC94\uC704\uB97C \uBC97\uC5B4\uB0AC\uC2B5\uB2C8\uB2E4."}, - { "FORMAT_FAILED", "messageFormat \uD638\uCD9C \uC911 \uC608\uC678 \uC0AC\uD56D\uC774 \uBC1C\uC0DD\uD588\uC2B5\uB2C8\uB2E4."}, + { "FORMAT_FAILED", "messageFormat \uD638\uCD9C \uC911 \uC608\uC678\uC0AC\uD56D\uC774 \uBC1C\uC0DD\uD588\uC2B5\uB2C8\uB2E4."}, { "line", "\uD589 \uBC88\uD638"}, { "column","\uC5F4 \uBC88\uD638"}, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jaxp-8a56658cb829/src/com/sun/org/apache/xpath/internal/res/XPATHErrorResources_ko.java new/jaxp-683427778edf/src/com/sun/org/apache/xpath/internal/res/XPATHErrorResources_ko.java --- old/jaxp-8a56658cb829/src/com/sun/org/apache/xpath/internal/res/XPATHErrorResources_ko.java 2016-03-24 02:02:29.000000000 +0100 +++ new/jaxp-683427778edf/src/com/sun/org/apache/xpath/internal/res/XPATHErrorResources_ko.java 2016-04-18 07:49:21.000000000 +0200 @@ -870,7 +870,7 @@ { "help_language", "ko"}, { "language", "ko"}, { "BAD_CODE", "createMessage\uC5D0 \uB300\uD55C \uB9E4\uAC1C\uBCC0\uC218\uAC00 \uBC94\uC704\uB97C \uBC97\uC5B4\uB0AC\uC2B5\uB2C8\uB2E4."}, - { "FORMAT_FAILED", "messageFormat \uD638\uCD9C \uC911 \uC608\uC678 \uC0AC\uD56D\uC774 \uBC1C\uC0DD\uD588\uC2B5\uB2C8\uB2E4."}, + { "FORMAT_FAILED", "messageFormat \uD638\uCD9C \uC911 \uC608\uC678\uC0AC\uD56D\uC774 \uBC1C\uC0DD\uD588\uC2B5\uB2C8\uB2E4."}, { "version", ">>>>>>> Xalan \uBC84\uC804 "}, { "version2", "<<<<<<<"}, { "yes", "\uC608"}, ++++++ jaxws.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/jaxws-9c049d7f5adc/.hgtags new/jaxws-63f7bf7ed2d4/.hgtags --- old/jaxws-9c049d7f5adc/.hgtags 2016-03-24 02:02:30.000000000 +0100 +++ new/jaxws-63f7bf7ed2d4/.hgtags 2016-04-18 07:49:24.000000000 +0200 @@ -652,3 +652,6 @@ 3427b35ce5a1a0143b4aedf3f5e0a1953ad7fd7f jdk7u95-b00 271b555de4386bd63e15dede60e4a18a8ce3199c icedtea-2.6.4 e0764f20b2894c5de39f1e235171d42d5f2703eb jdk7u99-b00 +9c049d7f5adcffa9347029056e0717c983327561 icedtea-2.6.5 +16ce6457a33aac9e72c93cebb4002bed46bf3d32 icedtea-2.6.6pre01 +36ee37eedf25da13abde1c0b8974fb3b95c59c7c jdk7u101-b00 ++++++ jdk.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/java-1_7_0-openjdk/jdk.tar.bz2 /work/SRC/openSUSE:Factory/.java-1_7_0-openjdk.new/jdk.tar.bz2 differ: char 11, line 1 ++++++ langtools.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/langtools-f6593c32cc46/.hgtags new/langtools-e42dd50480d3/.hgtags --- old/langtools-f6593c32cc46/.hgtags 2016-03-24 02:02:32.000000000 +0100 +++ new/langtools-e42dd50480d3/.hgtags 2016-04-18 07:49:33.000000000 +0200 @@ -652,3 +652,6 @@ 3c71abf7435352aee6e74ba2581274181ad3d17e jdk7u95-b00 fd0a34cb97b40c622fc6d3370f5eca062e280979 icedtea-2.6.4 93a2788178e6ebebfbd30075f51ab35ac4f1b2a1 jdk7u99-b00 +f6593c32cc46f60438804b6a5b0d61e532f4a235 icedtea-2.6.5 +83f998d6c0afda7f3882ecc03ea873d988174c19 icedtea-2.6.6pre01 +5713b8d2db3f1fc0c9802fdaf30ca802cddf8f65 jdk7u101-b00 ++++++ openjdk.tar.bz2 ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/icedtea7-forest-2-6-8e728c41fec5/.hgtags new/icedtea7-forest-2-6-882cfee70fe8/.hgtags --- old/icedtea7-forest-2-6-8e728c41fec5/.hgtags 2016-03-24 02:02:26.000000000 +0100 +++ new/icedtea7-forest-2-6-882cfee70fe8/.hgtags 2016-04-18 07:49:18.000000000 +0200 @@ -650,3 +650,6 @@ a28bc539342e4ca724a5abd2521c6a58f04c2113 jdk7u95-b00 4f1e498cad9c7bc7ab0b6df99ebb4a29a8ca1c5e icedtea-2.6.4 251bb2a6d5cfbb76c0f4bdfecea4ca9c8af21558 jdk7u99-b00 +8e728c41fec5b9a945a12aecdd002ae1652d0253 icedtea-2.6.5 +b8b43305701a43c34b3be0957bc8d75a76d1b4c7 icedtea-2.6.6pre01 +12491db47c7ccffcc3e881df68f4c2f727b44e5d jdk7u101-b00

1 0