diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 0000000000..11bf9b27cd --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,24 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: bug +assignees: '' + +--- + +**Describe the bug** +A clear and concise description of what the bug is. + +**To Reproduce** +Steps to reproduce the behavior: +1. Go to '...' +2. Click on '....' +3. Scroll down to '....' +4. See error + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Screenshots** +If applicable, add screenshots or log outputs to help explain your problem. diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 0000000000..982a4dc0dc --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,20 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: '' +labels: feature-request +assignees: '' + +--- + +**Is your feature request related to a problem? Please describe.** +A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + +**Describe the solution you'd like** +A clear and concise description of what you want to happen. + +**Describe alternatives you've considered** +A clear and concise description of any alternative solutions or features you've considered. + +**Additional context** +Add any other context or screenshots about the feature request here. diff --git a/.github/ISSUE_TEMPLATE/questions-feedback.md b/.github/ISSUE_TEMPLATE/questions-feedback.md new file mode 100644 index 0000000000..18c92663fd --- /dev/null +++ b/.github/ISSUE_TEMPLATE/questions-feedback.md @@ -0,0 +1,14 @@ +--- +name: Questions/Feedback +about: Ask general questions or provide feedback other than a bug or feature +title: '' +labels: question +assignees: '' + +--- + +**Ask your question or provide your feedback** +A clear and concise description of what the question/feedback is. + +**Screenshots** +If applicable, add screenshots or log outputs to help explain your question/feedback. diff --git a/.github/workflows/check-entangled-specs.yml b/.github/workflows/check-entangled-specs.yml index d9d130a658..e1e8648d4a 100644 --- a/.github/workflows/check-entangled-specs.yml +++ b/.github/workflows/check-entangled-specs.yml @@ -30,5 +30,9 @@ jobs: - name: Get Python dependencies run: python3 -m pip install -r toolkit/scripts/requirements.txt - - name: Run entanglement checking script + # Run unit test for check_entangled_specs.py before invoking it + - name: Unit test for spec entanglement check + run: PYTHONPATH=toolkit/scripts python3 toolkit/scripts/tests/test_check_entangled_specs.py + + - name: Run spec entanglement checking script run: python3 toolkit/scripts/check_entangled_specs.py . diff --git a/.github/workflows/check-package-update-gate.yml b/.github/workflows/check-package-update-gate.yml new file mode 100644 index 0000000000..e8ed034dc5 --- /dev/null +++ b/.github/workflows/check-package-update-gate.yml @@ -0,0 +1,89 @@ +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. + +name: Check Package Update Gate + +on: + push: + branches: [main, 2.0*, 3.0*, fasttrack/*] + pull_request: + branches: [main, 2.0*, 3.0*, fasttrack/*] + +jobs: + + build: + name: Check Package Update Gate + runs-on: ubuntu-latest + steps: + + - name: Check out code + uses: actions/checkout@v4 + + - name: Get base commit for PRs + if: ${{ github.event_name == 'pull_request' }} + run: | + git fetch origin ${{ github.base_ref }} + echo "base_sha=$(git rev-parse origin/${{ github.base_ref }})" >> $GITHUB_ENV + echo "Merging ${{ github.sha }} into ${{ github.base_ref }}" + + - name: Get base commit for Pushes + if: ${{ github.event_name == 'push' }} + run: | + git fetch origin ${{ github.event.before }} + echo "base_sha=${{ github.event.before }}" >> $GITHUB_ENV + echo "Merging ${{ github.sha }} into ${{ github.event.before }}" + + - name: Get the changed files + run: | + echo "Files changed: '$(git diff-tree --no-commit-id --name-only -r ${{ env.base_sha }} ${{ github.sha }})'" + changed_specs=$(git diff-tree --diff-filter=d --no-commit-id --name-only -r ${{ env.base_sha }} ${{ github.sha }} | { grep "SPECS.*/.*\.spec$" || test $? = 1; }) + echo "Files to validate: '${changed_specs}'" + echo "updated-specs=$(echo ${changed_specs})" >> $GITHUB_ENV + + - name: Check each spec + run: | + + if [[ -z "${{ env.updated-specs }}" ]]; then + echo "No spec files to validate. Exiting." + exit 0 + fi + + for spec in ${{ env.updated-specs }} + do + echo "Checking '$spec'." + # Expand macros if present + name=$(rpmspec --parse "$spec" | grep -E "^Name:\s*(.*)" | awk '{print $2}') + version=$(rpmspec --parse "$spec" | grep -E "^Version:\s*(.*)" | awk '{print $2}') + + # Read from packagelist-gate.csv and iterate each row + # 1st column: package name + # 2nd column: condition (>=, =,'') + # 3rd column: version number + + while IFS=, read -r package_name condition version_number; do + if [[ "$name" == "$package_name" ]]; then + case "$condition" in + ">=" | "=" ) + if [[ ("$condition" == ">=" && "$(printf '%s\n' "$version" "$version_number" | sort -V | head -n1)" == "$version_number") || + ("$condition" == "=" && "$version" == "$version_number") ]]; then + 1>&2 echo "**** ERROR ****" + 1>&2 echo "Spec '$spec' version '$version' is not allowed in Azure Linux. Error:'$spec $condition $version_number'." + 1>&2 echo "**** ERROR ****" + error_found=1 + fi + ;; + *) + 1>&2 echo "**** ERROR ****" + 1>&2 echo "Spec $spec is not allowed in Azure Linux" + 1>&2 echo "**** ERROR ****" + error_found=1 + ;; + esac + fi + done < .github/workflows/packagelist-gate.csv + done + + if [[ -n $error_found ]] + then + exit 1 + fi diff --git a/.github/workflows/packagelist-gate.csv b/.github/workflows/packagelist-gate.csv new file mode 100644 index 0000000000..6beea8d550 --- /dev/null +++ b/.github/workflows/packagelist-gate.csv @@ -0,0 +1,6 @@ +fdk-aac-free,, +opus,, +opus-file,, +packer,>=,1.10.0 +redis,>=,7.4 +terraform,>=,1.6.0 \ No newline at end of file diff --git a/LICENSES-AND-NOTICES/SPECS/data/licenses.json b/LICENSES-AND-NOTICES/SPECS/data/licenses.json index e1816f3b29..82d6f3b296 100644 --- a/LICENSES-AND-NOTICES/SPECS/data/licenses.json +++ b/LICENSES-AND-NOTICES/SPECS/data/licenses.json @@ -215,6 +215,7 @@ "enchant2", "enscript", "environment-modules", + "erofs-utils", "evemu", "execstack", "exempi", @@ -931,7 +932,7 @@ "microcode_ctl", "microdnf", "minicom", - "minizip", + "minizip-ng", "mksh", "mobile-broadband-provider-info", "mock", @@ -1614,6 +1615,7 @@ "pkgconf", "plexus-cipher", "plexus-containers", + "plexus-pom", "plexus-sec-dispatcher", "plotutils", "pmdk-convert", @@ -1663,6 +1665,7 @@ "python-aiodns", "python-aiohttp", "python-alsa", + "python-archspec", "python-apscheduler", "python-argcomplete", "python-argparse-manpage", @@ -1676,6 +1679,7 @@ "python-betamax", "python-blinker", "python-blivet", + "python-boltons", "python-breathe", "python-cached_property", "python-cbor2", @@ -1685,7 +1689,9 @@ "python-cmd2", "python-colorama", "python-CommonMark", + "python-conda-libmamba-solver", "python-conda-package-handling", + "python-conda-package-streaming", "python-configshell", "python-cpuinfo", "python-cups", @@ -1770,6 +1776,7 @@ "python-mccabe", "python-mdurl", "python-memcached", + "python-menuinst", "python-mimeparse", "python-mock", "python-monotonic", @@ -1806,6 +1813,7 @@ "python-pymongo", "python-PyMySQL", "python-pyperclip", + "python-pyproject-api", "python-pyproject-metadata", "python-pyroute2", "python-pyrsistent", @@ -1919,6 +1927,7 @@ "python-yubico", "python-zipp", "python-zmq", + "python-zstandard", "python-zstd", "python3-mallard-ducktype", "python3-pytest-asyncio", @@ -2649,7 +2658,6 @@ "patterns-ceph-containers", "plexus-classworlds", "plexus-interpolation", - "plexus-pom", "plexus-utils", "proj", "psl-make-dafsa", @@ -2832,6 +2840,7 @@ "kernel", "kernel-64k", "kernel-headers", + "kernel-ipe", "kernel-uvm", "keyutils", "kmod", diff --git a/SPECS-EXTENDED/flite/flite-2.2-lto.patch b/SPECS-EXTENDED/flite/flite-2.2-lto.patch new file mode 100644 index 0000000000..ae6d3414e3 --- /dev/null +++ b/SPECS-EXTENDED/flite/flite-2.2-lto.patch @@ -0,0 +1,24 @@ +diff -up flite-2.2/lang/cmu_grapheme_lex/cmu_grapheme_lex.h.lto flite-2.2/lang/cmu_grapheme_lex/cmu_grapheme_lex.h +--- flite-2.2/lang/cmu_grapheme_lex/cmu_grapheme_lex.h.lto 2020-08-13 02:17:09.000000000 +0200 ++++ flite-2.2/lang/cmu_grapheme_lex/cmu_grapheme_lex.h 2021-10-06 00:06:41.891126362 +0200 +@@ -44,7 +44,7 @@ extern "C" { + cst_lexicon *cmu_grapheme_lex_init(void); + + extern const int num_unicode_sampa_mapping; +-extern const char * const unicode_sampa_mapping[16663][5]; ++extern const char * const unicode_sampa_mapping[16798][5]; + + #ifdef __cplusplus + } /* extern "C" */ +diff -up flite-2.2/lang/cmulex/cmu_lex.c.lto flite-2.2/lang/cmulex/cmu_lex.c +--- flite-2.2/lang/cmulex/cmu_lex.c.lto 2020-08-13 02:17:09.000000000 +0200 ++++ flite-2.2/lang/cmulex/cmu_lex.c 2021-10-06 00:05:48.817719935 +0200 +@@ -46,7 +46,7 @@ extern const int cmu_lex_entry[]; + extern const unsigned char cmu_lex_data[]; + extern const int cmu_lex_num_entries; + extern const int cmu_lex_num_bytes; +-extern const char * const cmu_lex_phone_table[54]; ++extern const char * const cmu_lex_phone_table[57]; + extern const char * const cmu_lex_phones_huff_table[]; + extern const char * const cmu_lex_entries_huff_table[]; + diff --git a/SPECS-EXTENDED/flite/flite-2.2-texinfo-7.0.patch b/SPECS-EXTENDED/flite/flite-2.2-texinfo-7.0.patch new file mode 100644 index 0000000000..525890b87c --- /dev/null +++ b/SPECS-EXTENDED/flite/flite-2.2-texinfo-7.0.patch @@ -0,0 +1,25 @@ +diff -up flite-2.2/doc/flite.texi.ti7 flite-2.2/doc/flite.texi +--- flite-2.2/doc/flite.texi.ti7 2020-08-13 02:17:09.000000000 +0200 ++++ flite-2.2/doc/flite.texi 2023-02-21 21:47:30.474291637 +0100 +@@ -971,7 +971,7 @@ utterance. Please note that the @file{i + is not set by anyone at all. The previous sentence exists in the + documentation so that I can point at it, when user's fail to read it. + +-@node Converting FestVox Voices, , APIs, top ++@node Converting FestVox Voices, , APIs, Top + @chapter Converting FestVox Voices + + As of 1.2 initial scripts have been added to aid the conversion of +diff -up flite-2.2/doc/Makefile.ti7 flite-2.2/doc/Makefile +--- flite-2.2/doc/Makefile.ti7 2020-08-13 02:17:09.000000000 +0200 ++++ flite-2.2/doc/Makefile 2023-02-21 21:49:04.185913824 +0100 +@@ -54,6 +54,9 @@ flite.html: flite.texi + @ if [ -d html/flite ] ; \ + then mv html/flite/*.html html ; \ + rmdir html/flite; fi ++ @ if [ -d html/flite_html ] ; \ ++ then mv html/flite_html/*.html html ; \ ++ rmdir html/flite_html; fi + @ for i in html/*.html ; \ + do \ + sed 's///' $$i >ttt.html; \ diff --git a/SPECS-EXTENDED/flite/flite.signatures.json b/SPECS-EXTENDED/flite/flite.signatures.json index 91fb40b24f..936642cb36 100644 --- a/SPECS-EXTENDED/flite/flite.signatures.json +++ b/SPECS-EXTENDED/flite/flite.signatures.json @@ -1,6 +1,5 @@ { "Signatures": { - "README-ALSA.txt": "903d5832b51548b1a7921285fd94adfc295ba070f2bc9d07d4a7a846f28d0835", - "flite-1.3-release.tar.gz": "922225f7001e57a0fbace8833b0a48790a68f6c7b491f2d47c78ad537ab78a8b" + "flite-2.2.tar.gz": "ab1555fe5adc3f99f1d4a1a0eb1596d329fd6d74f1464a0097c81f53c0cf9e5c" } } diff --git a/SPECS-EXTENDED/flite/flite.spec b/SPECS-EXTENDED/flite/flite.spec index 59d9408cb8..4a10f8075c 100644 --- a/SPECS-EXTENDED/flite/flite.spec +++ b/SPECS-EXTENDED/flite/flite.spec @@ -1,33 +1,30 @@ %bcond_with docs Name: flite -Version: 1.3 -Release: 36%{?dist} +Version: 2.2 +Release: 1%{?dist} Summary: Small, fast speech synthesis engine (text-to-speech) License: MIT Vendor: Microsoft Corporation Distribution: Azure Linux URL: http://www.speech.cs.cmu.edu/flite/ -Source0: http://www.speech.cs.cmu.edu/flite/packed/%{name}-%{version}/%{name}-%{version}-release.tar.gz -Source1: README-ALSA.txt -Patch0: flite-1.3-sharedlibs.patch -Patch1: flite-1.3-doc_texinfo.patch -Patch2: flite-1.3-alsa_support.patch -Patch3: flite-1.3-implicit_dso_linking.patch -Patch4: 0001-auserver.c-Only-write-audio-data-to-a-file-in-debug-.patch -Patch5: flite-0001-Fixed-texi2html-ambiguity.patch - -%if %{with docs} -BuildRequires: texi2html +Source0: https://github.com/festvox/flite/archive/refs/tags/v2.2.tar.gz#/%{name}-%{version}.tar.gz + +Patch0: flite-2.2-lto.patch +# fixes build with texinfo-7.0+, see https://lists.gnu.org/archive/html/bug-texinfo/2022-11/msg00036.html +Patch1: flite-2.2-texinfo-7.0.patch # texi2pdf + # WARNING see explanation about PDF doc below. #BuildRequires: texinfo-tex -%endif BuildRequires: gcc BuildRequires: autoconf automake libtool BuildRequires: ed alsa-lib-devel +BuildRequires: make +BuildRequires: pulseaudio-libs-devel +BuildRequires: texinfo %description @@ -46,42 +43,36 @@ Development files for Flite, a small, fast speech synthesis engine. %prep -%setup -q -n %{name}-%{version}-release -%patch 0 -p1 -b .flite-1.3-sharedlibs -%patch 1 -p1 -b .flite-1.3-doc_texinfo -%patch 2 -p1 -b .flite-1.3-alsa_support -%patch 3 -p1 -b .flite-1.3-implicit_dso_linking -%patch 4 -p1 -%patch 5 -p1 -cp -p %{SOURCE1} . - +%setup -q +%patch -P0 -p1 -b .lto +%patch -P1 -p1 -b .ti7 %build autoreconf -vif %configure --enable-shared --with-audio=alsa -# This package fails parallel make (thus cannot be built using "_smp_flags") make -%if %{with docs} + # Build documentation cd doc # WARNING "make doc" provides a huge PDF file. It was decided not to produce/package it. #make doc make flite.html -%endif - -%install -make install INSTALLBINDIR=%{buildroot}%{_bindir} INSTALLLIBDIR=%{buildroot}%{_libdir} INSTALLINCDIR=%{buildroot}%{_includedir}/flite -%ldconfig_scriptlets +%install +%make_install +rm %{buildroot}%{_libdir}/libflite*.a +%if %{with check} +%check +LD_LIBRARY_PATH=%{buildroot}%{_libdir} make -C testsuite do_thread_test +%endif %files %license COPYING -%doc ACKNOWLEDGEMENTS README README-ALSA.txt -%if %{with docs} +%doc ACKNOWLEDGEMENTS %doc doc/html -%endif +%doc README.md %{_libdir}/*.so.* %{_bindir}/* @@ -92,6 +83,10 @@ make install INSTALLBINDIR=%{buildroot}%{_bindir} INSTALLLIBDIR=%{buildroot}%{_l %changelog +* Fri Nov 29 2024 Jyoti Kanase - 2.2-1 +- Update to 2.2 +- License verified + * Mon Jun 14 2021 Thomas Crain - 1.3-36 - Initial CBL-Mariner import from Fedora 32 (license: MIT). - Conditionally build documentation, and turn off documentation building by default diff --git a/SPECS-EXTENDED/glassfish-annotation-api/glassfish-annotation-api-build.xml b/SPECS-EXTENDED/glassfish-annotation-api/glassfish-annotation-api-build.xml index c41c8d4c89..675d88b48c 100644 --- a/SPECS-EXTENDED/glassfish-annotation-api/glassfish-annotation-api-build.xml +++ b/SPECS-EXTENDED/glassfish-annotation-api/glassfish-annotation-api-build.xml @@ -19,8 +19,8 @@ - - + + diff --git a/SPECS-EXTENDED/glassfish-annotation-api/glassfish-annotation-api.signatures.json b/SPECS-EXTENDED/glassfish-annotation-api/glassfish-annotation-api.signatures.json index 2ed5a58973..61607ccf0e 100644 --- a/SPECS-EXTENDED/glassfish-annotation-api/glassfish-annotation-api.signatures.json +++ b/SPECS-EXTENDED/glassfish-annotation-api/glassfish-annotation-api.signatures.json @@ -2,6 +2,7 @@ "Signatures": { "LICENSE": "1b087ad282cb3cd0a11e4e160318eab4ff0995aae7d22e6ac0d30367e196c6e3", "glassfish-annotation-api-1.3.2.tar.gz": "88bc56ca4fe7c1b0b2825ffc3bc449bf97d6193e5d5fe534fbb6c83286d6b2fb", - "glassfish-annotation-api-build.xml": "33b450cc3b2b696a060900c5ed7dddc431ec0c96325d573089415a5f4c4ef046" + "glassfish-annotation-api-build.xml": "da40140b99f03b34cb36f35311203a6f97e9e88d46833fe11d412451b82cab87" } } + diff --git a/SPECS-EXTENDED/glassfish-annotation-api/glassfish-annotation-api.spec b/SPECS-EXTENDED/glassfish-annotation-api/glassfish-annotation-api.spec index 6c55b75947..2757b6e58f 100644 --- a/SPECS-EXTENDED/glassfish-annotation-api/glassfish-annotation-api.spec +++ b/SPECS-EXTENDED/glassfish-annotation-api/glassfish-annotation-api.spec @@ -22,7 +22,7 @@ Distribution: Azure Linux %global artifactId javax.annotation-api Name: glassfish-annotation-api Version: 1.3.2 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Common Annotations API Specification (JSR 250) License: CDDL-1.0 OR GPL-2.0-only WITH Classpath-exception-2.0 Group: Development/Libraries/Java @@ -76,6 +76,10 @@ install -pdm 0755 target/site/apidocs %{buildroot}%{_javadocdir}/%{name} %{_javadocdir}/%{name} %changelog +* Fri Feb 28 2025 Durga Jagadeesh Palli - 1.3.2-4 +- Build error fix, bump up the java source version from 1.6 to 1.8. +- License verified + * Thu Oct 14 2021 Pawel Winogrodzki - 1.3.2-3 - Converting the 'Release' tag to the '[number].[distribution]' format. diff --git a/SPECS-EXTENDED/go-rpm-macros/fixing_ldflags_for_azl.patch b/SPECS-EXTENDED/go-rpm-macros/fixing_ldflags_for_azl.patch new file mode 100644 index 0000000000..10c90e2fc6 --- /dev/null +++ b/SPECS-EXTENDED/go-rpm-macros/fixing_ldflags_for_azl.patch @@ -0,0 +1,39 @@ +From 518b1539d86b508ba65693459ae904dc828ae849 Mon Sep 17 00:00:00 2001 +From: Pawel Winogrodzki +Date: Tue, 1 Mar 2022 16:34:45 -0800 +Subject: [PATCH] Fixing_ldflags_for_Azure_Linux + +--- + rpm/macros.d/macros.go-compilers-golang | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/rpm/macros.d/macros.go-compilers-golang b/rpm/macros.d/macros.go-compilers-golang +index b0ab4c4..ec6b198 100644 +--- a/rpm/macros.d/macros.go-compilers-golang ++++ b/rpm/macros.d/macros.go-compilers-golang +@@ -29,7 +29,7 @@ + # + # %make GOBUILDFLAGS="%gobuildflags" + # +-%gobuildflags() %{expand:%{gocompilerflags} -tags=\\"rpm_crashtraceback \\" -ldflags \\"${LDFLAGS:-}%{?currentgoldflags} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags %{?__golang_extldflags}'\\" -a -v -x} ++%gobuildflags() %{expand:%{gocompilerflags} -tags=\\"rpm_crashtraceback \\" -ldflags \\"%{?currentgoldflags} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags %{?__golang_extldflags}'\\" -a -v -x} + + # Turn off Go modules + %gomodulesmode GO111MODULE=off +@@ -40,11 +40,11 @@ + # https://bugzilla.redhat.com/show_bug.cgi?id=995136#c12 + %global _dwz_low_mem_die_limit 0 + %{?gobuilddir:GOPATH="%{gobuilddir}:${GOPATH:+${GOPATH}:}%{?gopath}"} %{?gomodulesmode} \\ +- go build %{?gocompilerflags} -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-}%{?currentgoldflags} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags %{?__golang_extldflags}'" -a -v -x %{?**}; ++ go build %{?gocompilerflags} -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "%{?currentgoldflags} -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags %{?__golang_extldflags}'" -a -v -x %{?**}; + } + ${workroot}${GOPATH:+:${GOPATH}} + + # Define commands for testing + %gotestflags %{gocompilerflags} + %gotestextldflags %__global_ldflags %{?__golang_extldflags} +-%gotest() %{?gomodulesmode} go test %{gotestflags} -ldflags "${LDFLAGS:-}%{?currentgoldflags} -extldflags '%{gotestextldflags}'" %{?**}; ++%gotest() %{?gomodulesmode} go test %{gotestflags} -ldflags "%{?currentgoldflags} -extldflags '%{gotestextldflags}'" %{?**}; +-- +2.17.1 + diff --git a/SPECS-EXTENDED/go-rpm-macros/go-rpm-macros.signatures.json b/SPECS-EXTENDED/go-rpm-macros/go-rpm-macros.signatures.json new file mode 100644 index 0000000000..80145751f4 --- /dev/null +++ b/SPECS-EXTENDED/go-rpm-macros/go-rpm-macros.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "go-rpm-macros-3.6.0.tar.gz": "890a1f4fc53fd13083ec95c94b05f8d8e299b27bcb9085e3e9b4b0446c87ef0c" + } +} diff --git a/SPECS-EXTENDED/go-rpm-macros/go-rpm-macros.spec b/SPECS-EXTENDED/go-rpm-macros/go-rpm-macros.spec new file mode 100644 index 0000000000..fa57c80f96 --- /dev/null +++ b/SPECS-EXTENDED/go-rpm-macros/go-rpm-macros.spec @@ -0,0 +1,189 @@ +%global rcluadir %{_rpmconfigdir}/lua/azl +%global rpmmacrodir %{_rpmconfigdir}/macros.d + +Vendor: Microsoft Corporation +Distribution: Azure Linux +%global forgeurl https://pagure.io/go-rpm-macros +Version: 3.6.0 +%forgemeta + +%global _spectemplatedir %{_datadir}/rpmdevtools/azl +%global _docdir_fmt %{name} + +# Master definition that will be written to macro files +%global golang_arches %{ix86} x86_64 %{arm} aarch64 ppc64le s390x +%global gccgo_arches %{mips} +# Go sources can contain arch-specific files and our macros will package the +# correct files for each architecture. Therefore, move gopath to _libdir and +# make Go devel packages archful +%global gopath %{_datadir}/gocode + +ExclusiveArch: %{golang_arches} %{gccgo_arches} + +Name: go-rpm-macros +Release: 1%{?dist} +Summary: Build-stage rpm automation for Go packages + +License: GPLv3+ +URL: %{forgeurl} +Source0: https://pagure.io/go-rpm-macros/archive/3.6.0/%{name}-%{version}.tar.gz +Source1: %{forgesource} + +Requires: go-srpm-macros = %{version}-%{release} +Requires: go-filesystem = %{version}-%{release} + +%ifarch %{golang_arches} +Requires: golang +Provides: compiler(golang) +Provides: compiler(go-compiler) = 2 +Obsoletes: go-compilers-golang-compiler < %{version}-%{release} +%endif + +%ifarch %{gccgo_arches} +Requires: gcc-go +Provides: compiler(gcc-go) +Provides: compiler(go-compiler) = 1 +Obsoletes: go-compilers-gcc-go-compiler < %{version}-%{release} +%endif + +%description +This package provides build-stage rpm automation to simplify the creation of Go +language (golang) packages. + +It does not need to be included in the default build root: go-srpm-macros will +pull it in for Go packages only. + +%package -n go-srpm-macros +Summary: Source-stage rpm automation for Go packages +BuildArch: noarch +Requires: redhat-rpm-config + +%description -n go-srpm-macros +This package provides SRPM-stage rpm automation to simplify the creation of Go +language (golang) packages. + +It limits itself to the automation subset required to create Go SRPM packages +and needs to be included in the default build root. + +The rest of the automation is provided by the go-rpm-macros package, that +go-srpm-macros will pull in for Go packages only. + +%package -n go-filesystem +Summary: Directories used by Go packages +License: Public Domain + +%description -n go-filesystem +This package contains the basic directory layout used by Go packages. + +%package -n go-rpm-templates +Summary: RPM spec templates for Go packages +License: MIT +BuildArch: noarch +Requires: go-rpm-macros = %{version}-%{release} + +%description -n go-rpm-templates +This package contains documented rpm spec templates showcasing how to use the +macros provided by go-rpm-macros to create Go packages. + +%prep +%forgeautosetup -p1 +%writevars -f rpm/macros.d/macros.go-srpm golang_arches gccgo_arches gopath +for template in templates/rpm/*\.spec ; do + target=$(echo "${template}" | sed "s|^\(.*\)\.spec$|\1-bare.spec|g") + grep -v '^#' "${template}" > "${target}" + touch -r "${template}" "${target}" +done + +%install +install -m 0755 -vd %{buildroot}%{gopath}/src + +install -m 0755 -vd %{buildroot}%{_spectemplatedir} + +install -m 0644 -vp templates/rpm/*spec \ + %{buildroot}%{_spectemplatedir} + +install -m 0755 -vd %{buildroot}%{_bindir} +install -m 0755 bin/* %{buildroot}%{_bindir} + +install -m 0755 -vd %{buildroot}%{rpmmacrodir} +install -m 0644 -vp rpm/macros.d/macros.go-* \ + %{buildroot}%{rpmmacrodir} +install -m 0755 -vd %{buildroot}%{rcluadir}/srpm +install -m 0644 -vp rpm/lua/srpm/*lua \ + %{buildroot}%{rcluadir}/srpm +install -m 0755 -vd %{buildroot}%{rcluadir}/rpm +install -m 0644 -vp rpm/lua/rpm/*lua \ + %{buildroot}%{rcluadir}/rpm +install -m 0755 -vd %{buildroot}%{_rpmconfigdir}/fileattrs +install -m 0644 -vp rpm/fileattrs/*.attr \ + %{buildroot}%{_rpmconfigdir}/fileattrs/ +install -m 0755 -vp rpm/*\.{prov,deps} \ + %{buildroot}%{_rpmconfigdir}/ + +%ifarch %{golang_arches} +install -m 0644 -vp rpm/macros.d/macros.go-compilers-golang \ + %{buildroot}%{rpmmacrodir}/macros.go-compiler-golang +%endif + +%ifarch %{gccgo_arches} +install -m 0644 -vp rpm/macros.d/macros.go-compilers-gcc \ + %{buildroot}%{rpmmacrodir}/macros.go-compiler-gcc +%endif + +%files +%license LICENSE.txt +%doc README.md +%{_bindir}/* +%{_rpmconfigdir}/fileattrs/*.attr +%{_rpmconfigdir}/*.prov +%{_rpmconfigdir}/*.deps +%{rpmmacrodir}/macros.go-rpm* +%{rpmmacrodir}/macros.go-compiler* +%{rcluadir}/rpm/*.lua + +%files -n go-srpm-macros +%license LICENSE.txt +%doc README.md +%{rpmmacrodir}/macros.go-srpm +%{rcluadir}/srpm/*.lua + +%files -n go-filesystem +%dir %{gopath} +%dir %{gopath}/src + +%files -n go-rpm-templates +%license LICENSE-templates.txt +%doc README.md +%dir %{dirname:%{_spectemplatedir}} +%dir %{_spectemplatedir} +%{_spectemplatedir}/*.spec + +%changelog +* Wed Nov 20 2024 Durga Jagadeesh Palli - 3.6.0-1 +- Update to 3.6.0. +- License verified + +* Tue Mar 01 2022 Pawel Winogrodzki - 3.0.9-3 +- Fixing Go's linker flags. +- License verified. + +* Thu Sep 23 2021 Pawel Winogrodzki - 3.0.9-2 +- Initial CBL-Mariner import from Fedora 33 (license: MIT). +- Adjusting directories to CBL-Mariner. +- Removed dependency on 'golist'. + +* Thu Aug 13 2020 Neal Gompa - 3.0.9-1 +- Update to 3.0.9 + +* Mon Jul 27 2020 Fedora Release Engineering - 3.0.8-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jan 28 2020 Fedora Release Engineering - 3.0.8-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Thu Jul 25 2019 Fedora Release Engineering - 3.0.8-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Wed Jun 05 2019 Nicolas Mailhot +- 3.0.8-3 +- initial Fedora import, for golist 0.10.0 and redhat-rpm-config 130 diff --git a/SPECS-EXTENDED/kde-filesystem/kde-filesystem.signatures.json b/SPECS-EXTENDED/kde-filesystem/kde-filesystem.signatures.json index f13c86396b..238566b4ad 100644 --- a/SPECS-EXTENDED/kde-filesystem/kde-filesystem.signatures.json +++ b/SPECS-EXTENDED/kde-filesystem/kde-filesystem.signatures.json @@ -2,6 +2,6 @@ "Signatures": { "applnk-hidden-directory": "4f9331c90f76855579ab2de49dba6bd4e82b88409261035cb7e354e3a054c693", "macros.kde4": "e73f416144bd39f03b3ca22a3202f2fc1faefd05ab5e13ddc5bd65dec896b13f", - "teamnames": "ddc137b44dcd45b3c86b4c99aec7024541930c4bde810015576010ec590cea53" + "teamnames": "0cc11aefa62e4b36bc8bbcc176602a9b4c6d989464bf7dff1858a9f5f73cddcd" } } diff --git a/SPECS-EXTENDED/kde-filesystem/kde-filesystem.spec b/SPECS-EXTENDED/kde-filesystem/kde-filesystem.spec index 9a214987e2..3d82076e96 100644 --- a/SPECS-EXTENDED/kde-filesystem/kde-filesystem.spec +++ b/SPECS-EXTENDED/kde-filesystem/kde-filesystem.spec @@ -16,15 +16,12 @@ Distribution: Azure Linux %define _kde4_buildtype release %define _kde4_macros_api 2 -%define rpm_macros_dir %{_sysconfdir}/rpm - %define rpm_macros_dir %{_rpmconfigdir}/macros.d - Summary: KDE filesystem layout Name: kde-filesystem -Version: 4 -Release: 65%{?dist} +Version: 5 +Release: 5%{?dist} License: Public Domain @@ -40,29 +37,32 @@ Source2: macros.kde4 Source3: applnk-hidden-directory -Provides: kde4-macros(api) = %{_kde4_macros_api} - BuildRequires: gawk Requires: filesystem Requires: rpm -# Help obsolete old package retirements - -Obsoletes: kdegraphics <= 7:4.14.3 -Obsoletes: kdegraphics-devel <= 7:4.14.3 -Obsoletes: kdegraphics-libs <= 7:4.14.3 -Obsoletes: kdenetwork <= 7:4.14.3 -Obsoletes: kdenetwork-common <= 7:4.14.3 -Obsoletes: kdenetwork-devel <= 7:4.14.3 -Obsoletes: kdesdk <= 4.14.3 -Obsoletes: kdesdk-common <= 4.14.3 -Obsoletes: kdesdk-devel <= 4.14.3 - %description This package provides some directories that are required/used by KDE. +%package -n kde3-filesystem +Summary: Filesystem for KDE 3 +License: Public Domain +Requires: %{name} = %{version}-%{release} + +%description -n kde3-filesystem +This package provides some directories that are required/used by KDE 3 applications. + +%package -n kde4-filesystem +Summary: Filesystem and RPM macros for KDE 4 +License: Public Domain +Provides: kde4-macros(api) = %{_kde4_macros_api} +Requires: %{name} = %{version}-%{release} + +%description -n kde4-filesystem +This package provides some directories that are required/used by KDE 4 applications. + %prep @@ -146,58 +146,94 @@ cat %{SOURCE2} >> $RPM_BUILD_ROOT%{rpm_macros_dir}/macros.kde4 ## Plasma5, forward compatibility mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/xdg/plasma-workspace/{env,shutdown} +mkdir -p $RPM_BUILD_ROOT%{_prefix}/{lib,%{_lib}}/kconf_update_bin +mkdir -p $RPM_BUILD_ROOT%{_datadir}/kconf_update +mkdir -p $RPM_BUILD_ROOT%{_datadir}/knsrcfiles +mkdir -p $RPM_BUILD_ROOT%{_datadir}/kpackage/{genericqml,kcms} +mkdir -p $RPM_BUILD_ROOT%{_datadir}/solid/{actions,devices} %files -f %{name}.list -# KDE3 +%{_sysconfdir}/xdg/plasma-workspace/ +%{_prefix}/lib/kconf_update_bin/ +%{_prefix}/%{_lib}/kconf_update_bin/ +%dir %{_docdir}/HTML/ +%lang(en) %{_docdir}/HTML/en/ +%{_datadir}/config.kcfg/ +%{_datadir}/emoticons/ +%{_datadir}/icons/locolor/ +%{_datadir}/kconf_update/ +%{_datadir}/knsrcfiles/ +%{_datadir}/kpackage/ +%{_datadir}/solid/ +%{_datadir}/templates/ +%{_datadir}/wallpapers/ + +%files -n kde3-filesystem %{_sysconfdir}/kde/ %{_datadir}/applications/kde/ %{_datadir}/applnk/ %{_datadir}/apps/ %{_datadir}/autostart/ %{_datadir}/config/ -%{_datadir}/config.kcfg/ -%{_datadir}/emoticons/ -%{_datadir}/icons/locolor %{_datadir}/mimelnk/ %{_datadir}/services/ %{_datadir}/servicetypes/ -%{_datadir}/templates/ %{_prefix}/lib/kde3/ %{_prefix}/%{_lib}/kde3/ -%dir %{_docdir}/HTML/ -%lang(en) %{_docdir}/HTML/en/ -# KDE4 +%files -n kde4-filesystem %{rpm_macros_dir}/macros.kde4 %{_kde4_sysconfdir}/kde/ %{_kde4_libexecdir}/ %{_kde4_includedir}/ %{_kde4_appsdir}/ %{_kde4_configdir}/ -%{_kde4_sharedir}/config.kcfg/ -%{_kde4_sharedir}/emoticons/ %{_kde4_sharedir}/kde4/ -%{_kde4_sharedir}/templates/ %{_kde4_datadir}/applications/kde4/ %{_kde4_datadir}/autostart/ -%{_kde4_datadir}/icons/locolor/ -%{_kde4_datadir}/wallpapers/ %{_kde4_prefix}/lib/kde4/ %{_kde4_prefix}/%{_lib}/kde4/ -%dir %{_kde4_docdir}/HTML/ -%lang(en) %{_kde4_docdir}/HTML/en/ - -# Plasma5 -%{_sysconfdir}/xdg/plasma-workspace/ %changelog -* Fri Dec 10 2021 Thomas Crain - 4-65 +* Thu Jan 02 2025 Aninda Pradhan - 5-5 +- Initial Azure Linux import from Fedora 41 (license: MIT) - License verified -* Fri Oct 15 2021 Pawel Winogrodzki - 4-64 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Thu Jul 18 2024 Fedora Release Engineering - 5-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Wed Jan 24 2024 Fedora Release Engineering - 5-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Aug 21 2023 Yaakov Selkowitz - 5-1 +- Consolidate all common KDE directories +- Split out KDE 3 and 4 directories into subpackages + +* Thu Jul 20 2023 Fedora Release Engineering - 4-70 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Thu Jan 19 2023 Fedora Release Engineering - 4-69 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Thu Jul 21 2022 Fedora Release Engineering - 4-68 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Thu Jan 20 2022 Fedora Release Engineering - 4-67 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Thu Jul 22 2021 Fedora Release Engineering - 4-66 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Tue Jan 26 2021 Fedora Release Engineering - 4-65 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jul 28 2020 Fedora Release Engineering - 4-64 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Wed Jan 29 2020 Fedora Release Engineering - 4-63 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/SPECS-EXTENDED/kde-filesystem/teamnames b/SPECS-EXTENDED/kde-filesystem/teamnames index 29173fe391..ceb0fdc066 100644 --- a/SPECS-EXTENDED/kde-filesystem/teamnames +++ b/SPECS-EXTENDED/kde-filesystem/teamnames @@ -22,6 +22,7 @@ bo=Tibetan br=Breton bs=Bosnian ca=Catalan +ca@valencia=Catalan (Valencian) cs=Czech cy=Welsh da=Danish @@ -64,6 +65,7 @@ ms=Malay mt=Maltese nl=Dutch nb=Norwegian Bokmal +nds=Low Saxon nso=Northern Sotho nn=Norwegian Nynorsk oc=Occitan @@ -78,7 +80,7 @@ sk=Slovak sl=Slovenian sq=Albanian sr=Serbian -sr@Latn=Serbian Latin +sr@latin=Serbian Latin ss=Swati sv=Swedish ta=Tamil diff --git a/SPECS-EXTENDED/libcdio-paranoia/38.patch b/SPECS-EXTENDED/libcdio-paranoia/38.patch new file mode 100644 index 0000000000..1c19f6b7fb --- /dev/null +++ b/SPECS-EXTENDED/libcdio-paranoia/38.patch @@ -0,0 +1,620 @@ +From 9106b5c9031dee5175d8b347114553362c916166 Mon Sep 17 00:00:00 2001 +From: Matt McKenzie +Date: Wed, 14 Feb 2024 15:43:11 -0800 +Subject: [PATCH 1/8] Ignore drive offset when verifying track numbers. cdio + doesn't bias by them and the results are wrong for drives with offsets + greater than a sector's worth of samples (588). + +--- + include/cdio/paranoia/cdda.h | 1 + + lib/cdda_interface/toc.c | 2 +- + src/cd-paranoia.c | 12 +++++++----- + 3 files changed, 9 insertions(+), 6 deletions(-) + +diff --git a/include/cdio/paranoia/cdda.h b/include/cdio/paranoia/cdda.h +index 05718ea..bd638c9 100644 +--- a/include/cdio/paranoia/cdda.h ++++ b/include/cdio/paranoia/cdda.h +@@ -137,6 +137,7 @@ struct cdrom_drive_s { + the flag masks to simulate a particular kind of + failure. */ + ++ long toc_offset; + }; + + +diff --git a/lib/cdda_interface/toc.c b/lib/cdda_interface/toc.c +index 2e32be8..4c2d6fc 100644 +--- a/lib/cdda_interface/toc.c ++++ b/lib/cdda_interface/toc.c +@@ -172,7 +172,7 @@ cdio_cddap_sector_gettrack(cdrom_drive_t *d, lsn_t lsn) + cderror(d,"400: Device not open\n"); + return CDIO_INVALID_TRACK; + } else { +- if (lsn < d->disc_toc[0].dwStartSector) ++ if (lsn < d->disc_toc[0].dwStartSector - d->toc_offset) + return 0; /* We're in the pre-gap of first track */ + + return cdio_get_track(d->p_cdio, lsn); +diff --git a/src/cd-paranoia.c b/src/cd-paranoia.c +index 1bb3af8..ee424aa 100644 +--- a/src/cd-paranoia.c ++++ b/src/cd-paranoia.c +@@ -225,7 +225,7 @@ parse_offset(cdrom_drive_t *d, char *offset, int begin) + + /* We don't want to outside of the track; if it's relative, that's OK... */ + if( i_track != CDIO_INVALID_TRACK ){ +- if (cdda_sector_gettrack(d,ret) != i_track) { ++ if (cdda_sector_gettrack(d,ret - d->toc_offset) != i_track) { + report("Time/sector offset goes beyond end of specified track."); + exit(1); + } +@@ -1123,6 +1123,8 @@ main(int argc,char *argv[]) + toc_offset = -cdda_track_firstsector(d,1); + } + ++ d->toc_offset = toc_offset; ++ + { + int i; + for( i=0; i < d->tracks+1; i++ ) +@@ -1189,9 +1191,9 @@ main(int argc,char *argv[]) + } + + { +- int track1 = cdda_sector_gettrack(d, i_first_lsn); ++ int track1 = cdda_sector_gettrack(d, i_first_lsn - d->toc_offset); + +- int track2 = cdda_sector_gettrack(d, i_last_lsn); ++ int track2 = cdda_sector_gettrack(d, i_last_lsn - d->toc_offset); + long off1 = i_first_lsn - cdda_track_firstsector(d, track1); + long off2 = i_last_lsn - cdda_track_firstsector(d, track2); + int i; +@@ -1468,7 +1470,7 @@ main(int argc,char *argv[]) + + /* One last bit of silliness to deal with sample offsets */ + if(sample_offset && cursor>batch_last){ +- if (cdda_sector_gettrack(d, batch_last) < d->tracks || force_overread) { ++ if (cdda_sector_gettrack(d, batch_last - toc_offset) < d->tracks || force_overread) { + int i; + + /* Need to flush the buffer when overreading into the leadout */ +@@ -1521,7 +1523,7 @@ main(int argc,char *argv[]) + + /* Write sectors of silent audio to compensate for + missing samples that would be in the leadout */ +- if (cdda_sector_gettrack(d, batch_last) == d->tracks && ++ if (cdda_sector_gettrack(d, batch_last - toc_offset) == d->tracks && + toc_offset > 0 && !force_overread) + { + char *silence; + +From b5f04b7d1e70fdec06f516551a6b18590379f273 Mon Sep 17 00:00:00 2001 +From: Matt McKenzie +Date: Thu, 15 Feb 2024 00:48:45 -0800 +Subject: [PATCH 2/8] Attempt to catch all cases of biased sectors in + cd-paranoia and toc. Use correct, raw values when calling cdio. + +--- + lib/cdda_interface/toc.c | 16 ++++++++-------- + src/cd-paranoia.c | 14 +++++++++----- + 2 files changed, 17 insertions(+), 13 deletions(-) + +diff --git a/lib/cdda_interface/toc.c b/lib/cdda_interface/toc.c +index 4c2d6fc..9d945f6 100644 +--- a/lib/cdda_interface/toc.c ++++ b/lib/cdda_interface/toc.c +@@ -43,7 +43,7 @@ cdda_track_firstsector(cdrom_drive_t *d, track_t i_track) + + if (i_track == CDIO_CDROM_LEADOUT_TRACK) i_track = i_last_track; + if (i_track == 0) { +- if (d->disc_toc[0].dwStartSector == 0) { ++ if (d->disc_toc[0].dwStartSector - d->toc_offset == 0) { + /* first track starts at lba 0 -> no pre-gap */ + cderror(d,"402: No initial pregap\n"); + return(-402); +@@ -57,7 +57,7 @@ cdda_track_firstsector(cdrom_drive_t *d, track_t i_track) + cderror(d, buf); + return(-401); + } +- return(d->disc_toc[i_track-i_first_track].dwStartSector); ++ return(d->disc_toc[i_track-i_first_track].dwStartSector - d->toc_offset); + } + } + +@@ -99,13 +99,13 @@ cdda_track_lastsector(cdrom_drive_t *d, track_t i_track) + const track_t i_last_track = cdio_get_last_track_num(d->p_cdio); + + if (i_track == 0) { +- if (d->disc_toc[0].dwStartSector == 0) { ++ if (d->disc_toc[0].dwStartSector - d->toc_offset == 0) { + /* first track starts at lba 0 -> no pre-gap */ + cderror(d,"402: No initial pregap\n"); + return(-402); + } + else { +- return d->disc_toc[0].dwStartSector-1; ++ return ((d->disc_toc[0].dwStartSector - d->toc_offset) - 1); + } + } else if (i_track < i_first_track || i_track > i_last_track) { + char buf[100]; +@@ -116,15 +116,15 @@ cdda_track_lastsector(cdrom_drive_t *d, track_t i_track) + + /* CD Extra have their first session ending at the last audio track */ + if (d->cd_extra > 0 && i_track-i_first_track+2 <= d->tracks) { +- if (d->audio_last_sector >= d->disc_toc[i_track-i_first_track].dwStartSector && +- d->audio_last_sector < d->disc_toc[i_track-i_first_track+1].dwStartSector) { ++ if (d->audio_last_sector >= (d->disc_toc[i_track-i_first_track].dwStartSector - d->toc_offset) && ++ d->audio_last_sector < (d->disc_toc[i_track-i_first_track+1].dwStartSector - d->toc_offset)) { + return d->audio_last_sector; + } + } + + /* Index safe because we always have the leadout at + * disc_toc[tracks] */ +- return(d->disc_toc[i_track-i_first_track+1].dwStartSector-1); ++ return((d->disc_toc[i_track-i_first_track+1].dwStartSector - d->toc_offset) - 1); + } + } + +@@ -172,7 +172,7 @@ cdio_cddap_sector_gettrack(cdrom_drive_t *d, lsn_t lsn) + cderror(d,"400: Device not open\n"); + return CDIO_INVALID_TRACK; + } else { +- if (lsn < d->disc_toc[0].dwStartSector - d->toc_offset) ++ if (lsn < (d->disc_toc[0].dwStartSector - d->toc_offset)) + return 0; /* We're in the pre-gap of first track */ + + return cdio_get_track(d->p_cdio, lsn); +diff --git a/src/cd-paranoia.c b/src/cd-paranoia.c +index ee424aa..b81f077 100644 +--- a/src/cd-paranoia.c ++++ b/src/cd-paranoia.c +@@ -225,7 +225,7 @@ parse_offset(cdrom_drive_t *d, char *offset, int begin) + + /* We don't want to outside of the track; if it's relative, that's OK... */ + if( i_track != CDIO_INVALID_TRACK ){ +- if (cdda_sector_gettrack(d,ret - d->toc_offset) != i_track) { ++ if (cdda_sector_gettrack(d,ret) != i_track) { + report("Time/sector offset goes beyond end of specified track."); + exit(1); + } +@@ -1191,9 +1191,9 @@ main(int argc,char *argv[]) + } + + { +- int track1 = cdda_sector_gettrack(d, i_first_lsn - d->toc_offset); ++ int track1 = cdda_sector_gettrack(d, i_first_lsn); + +- int track2 = cdda_sector_gettrack(d, i_last_lsn - d->toc_offset); ++ int track2 = cdda_sector_gettrack(d, i_last_lsn); + long off1 = i_first_lsn - cdda_track_firstsector(d, track1); + long off2 = i_last_lsn - cdda_track_firstsector(d, track2); + int i; +@@ -1220,11 +1220,15 @@ main(int argc,char *argv[]) + + } + ++ i_first_lsn += toc_offset; ++ i_last_lsn += toc_offset; ++ + if (toc_offset && !force_overread) { + d->disc_toc[d->tracks].dwStartSector -= toc_offset; + if (i_last_lsn > cdda_track_lastsector(d, d->tracks)) + i_last_lsn -= toc_offset; + } ++ + { + long cursor; + int16_t offset_buffer[1176]; +@@ -1267,7 +1271,7 @@ main(int argc,char *argv[]) + char outfile_name[PATH_MAX]; + if ( batch ){ + batch_first = cursor; +- batch_track = cdda_sector_gettrack(d,cursor); ++ batch_track = cdda_sector_gettrack(d,cursor - toc_offset); + batch_last = cdda_track_lastsector(d, batch_track); + if (batch_last>i_last_lsn) batch_last=i_last_lsn; + } else { +@@ -1385,7 +1389,7 @@ main(int argc,char *argv[]) + } + + sectorlen = batch_last - batch_first + 1; +- if (cdda_sector_gettrack(d, cursor) == d->tracks && ++ if (cdda_sector_gettrack(d, cursor - toc_offset) == d->tracks && + toc_offset > 0 && !force_overread){ + sectorlen += toc_offset; + } + +From 2477ee52efc34d75caa8c70dd6ae946a1a5965c6 Mon Sep 17 00:00:00 2001 +From: Matt McKenzie +Date: Fri, 16 Feb 2024 00:24:56 -0800 +Subject: [PATCH 3/8] Hopefully a better fix. Keep the drive offset management + in cd-paranoia.c and only deal with raw sector id's when calling + libcdio_cdda. + +--- + include/cdio/paranoia/cdda.h | 2 -- + lib/cdda_interface/toc.c | 16 ++++++++-------- + src/cd-paranoia.c | 16 ++++------------ + 3 files changed, 12 insertions(+), 22 deletions(-) + +diff --git a/include/cdio/paranoia/cdda.h b/include/cdio/paranoia/cdda.h +index bd638c9..2b23809 100644 +--- a/include/cdio/paranoia/cdda.h ++++ b/include/cdio/paranoia/cdda.h +@@ -136,8 +136,6 @@ struct cdrom_drive_s { + paranoia operation this can be set to one of + the flag masks to simulate a particular kind of + failure. */ +- +- long toc_offset; + }; + + +diff --git a/lib/cdda_interface/toc.c b/lib/cdda_interface/toc.c +index 9d945f6..cd24867 100644 +--- a/lib/cdda_interface/toc.c ++++ b/lib/cdda_interface/toc.c +@@ -43,7 +43,7 @@ cdda_track_firstsector(cdrom_drive_t *d, track_t i_track) + + if (i_track == CDIO_CDROM_LEADOUT_TRACK) i_track = i_last_track; + if (i_track == 0) { +- if (d->disc_toc[0].dwStartSector - d->toc_offset == 0) { ++ if (d->disc_toc[0].dwStartSector == 0) { + /* first track starts at lba 0 -> no pre-gap */ + cderror(d,"402: No initial pregap\n"); + return(-402); +@@ -57,7 +57,7 @@ cdda_track_firstsector(cdrom_drive_t *d, track_t i_track) + cderror(d, buf); + return(-401); + } +- return(d->disc_toc[i_track-i_first_track].dwStartSector - d->toc_offset); ++ return(d->disc_toc[i_track-i_first_track].dwStartSector); + } + } + +@@ -99,13 +99,13 @@ cdda_track_lastsector(cdrom_drive_t *d, track_t i_track) + const track_t i_last_track = cdio_get_last_track_num(d->p_cdio); + + if (i_track == 0) { +- if (d->disc_toc[0].dwStartSector - d->toc_offset == 0) { ++ if (d->disc_toc[0].dwStartSector == 0) { + /* first track starts at lba 0 -> no pre-gap */ + cderror(d,"402: No initial pregap\n"); + return(-402); + } + else { +- return ((d->disc_toc[0].dwStartSector - d->toc_offset) - 1); ++ return (d->disc_toc[0].dwStartSector - 1); + } + } else if (i_track < i_first_track || i_track > i_last_track) { + char buf[100]; +@@ -116,15 +116,15 @@ cdda_track_lastsector(cdrom_drive_t *d, track_t i_track) + + /* CD Extra have their first session ending at the last audio track */ + if (d->cd_extra > 0 && i_track-i_first_track+2 <= d->tracks) { +- if (d->audio_last_sector >= (d->disc_toc[i_track-i_first_track].dwStartSector - d->toc_offset) && +- d->audio_last_sector < (d->disc_toc[i_track-i_first_track+1].dwStartSector - d->toc_offset)) { ++ if (d->audio_last_sector >= d->disc_toc[i_track-i_first_track].dwStartSector && ++ d->audio_last_sector < d->disc_toc[i_track-i_first_track+1].dwStartSector) { + return d->audio_last_sector; + } + } + + /* Index safe because we always have the leadout at + * disc_toc[tracks] */ +- return((d->disc_toc[i_track-i_first_track+1].dwStartSector - d->toc_offset) - 1); ++ return(d->disc_toc[i_track-i_first_track+1].dwStartSector - 1); + } + } + +@@ -172,7 +172,7 @@ cdio_cddap_sector_gettrack(cdrom_drive_t *d, lsn_t lsn) + cderror(d,"400: Device not open\n"); + return CDIO_INVALID_TRACK; + } else { +- if (lsn < (d->disc_toc[0].dwStartSector - d->toc_offset)) ++ if (lsn < (d->disc_toc[0].dwStartSector)) + return 0; /* We're in the pre-gap of first track */ + + return cdio_get_track(d->p_cdio, lsn); +diff --git a/src/cd-paranoia.c b/src/cd-paranoia.c +index b81f077..3a4d9ec 100644 +--- a/src/cd-paranoia.c ++++ b/src/cd-paranoia.c +@@ -1123,14 +1123,6 @@ main(int argc,char *argv[]) + toc_offset = -cdda_track_firstsector(d,1); + } + +- d->toc_offset = toc_offset; +- +- { +- int i; +- for( i=0; i < d->tracks+1; i++ ) +- d->disc_toc[i].dwStartSector+=toc_offset; +- } +- + if (d->nsectors==1) { + report("WARNING: The autosensed/selected sectors per read value is\n" + " one sector, making it very unlikely Paranoia can \n" +@@ -1220,13 +1212,13 @@ main(int argc,char *argv[]) + + } + ++ // Apply the sector read offset now that we are starting to read data + i_first_lsn += toc_offset; + i_last_lsn += toc_offset; + + if (toc_offset && !force_overread) { +- d->disc_toc[d->tracks].dwStartSector -= toc_offset; +- if (i_last_lsn > cdda_track_lastsector(d, d->tracks)) +- i_last_lsn -= toc_offset; ++ if (i_last_lsn > cdda_track_lastsector(d, d->tracks)) ++ i_last_lsn -= toc_offset; + } + + { +@@ -1265,7 +1257,7 @@ main(int argc,char *argv[]) + willing to read past, assuming that works on the hardware, of + course */ + if(sample_offset && force_overread) +- d->disc_toc[d->tracks].dwStartSector++; ++ i_last_lsn++; + + while(cursor<=i_last_lsn){ + char outfile_name[PATH_MAX]; + +From 6908b9df7c1567dc37645cf973c67f58d1f8294e Mon Sep 17 00:00:00 2001 +From: Matt McKenzie +Date: Fri, 16 Feb 2024 00:36:59 -0800 +Subject: [PATCH 4/8] Revert formatting changes to files where I reverted + functional changes. + +--- + include/cdio/paranoia/cdda.h | 1 + + lib/cdda_interface/toc.c | 6 +++--- + 2 files changed, 4 insertions(+), 3 deletions(-) + +diff --git a/include/cdio/paranoia/cdda.h b/include/cdio/paranoia/cdda.h +index 2b23809..05718ea 100644 +--- a/include/cdio/paranoia/cdda.h ++++ b/include/cdio/paranoia/cdda.h +@@ -136,6 +136,7 @@ struct cdrom_drive_s { + paranoia operation this can be set to one of + the flag masks to simulate a particular kind of + failure. */ ++ + }; + + +diff --git a/lib/cdda_interface/toc.c b/lib/cdda_interface/toc.c +index cd24867..9f67bc3 100644 +--- a/lib/cdda_interface/toc.c ++++ b/lib/cdda_interface/toc.c +@@ -105,7 +105,7 @@ cdda_track_lastsector(cdrom_drive_t *d, track_t i_track) + return(-402); + } + else { +- return (d->disc_toc[0].dwStartSector - 1); ++ return (d->disc_toc[0].dwStartSector-1); + } + } else if (i_track < i_first_track || i_track > i_last_track) { + char buf[100]; +@@ -124,7 +124,7 @@ cdda_track_lastsector(cdrom_drive_t *d, track_t i_track) + + /* Index safe because we always have the leadout at + * disc_toc[tracks] */ +- return(d->disc_toc[i_track-i_first_track+1].dwStartSector - 1); ++ return(d->disc_toc[i_track-i_first_track+1].dwStartSector-1); + } + } + +@@ -172,7 +172,7 @@ cdio_cddap_sector_gettrack(cdrom_drive_t *d, lsn_t lsn) + cderror(d,"400: Device not open\n"); + return CDIO_INVALID_TRACK; + } else { +- if (lsn < (d->disc_toc[0].dwStartSector)) ++ if (lsn < d->disc_toc[0].dwStartSector) + return 0; /* We're in the pre-gap of first track */ + + return cdio_get_track(d->p_cdio, lsn); + +From a327427124fec7d326c35b2e5f322696750ee44a Mon Sep 17 00:00:00 2001 +From: Matt McKenzie +Date: Fri, 16 Feb 2024 00:38:36 -0800 +Subject: [PATCH 5/8] Missed one + +--- + lib/cdda_interface/toc.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/cdda_interface/toc.c b/lib/cdda_interface/toc.c +index 9f67bc3..2e32be8 100644 +--- a/lib/cdda_interface/toc.c ++++ b/lib/cdda_interface/toc.c +@@ -105,7 +105,7 @@ cdda_track_lastsector(cdrom_drive_t *d, track_t i_track) + return(-402); + } + else { +- return (d->disc_toc[0].dwStartSector-1); ++ return d->disc_toc[0].dwStartSector-1; + } + } else if (i_track < i_first_track || i_track > i_last_track) { + char buf[100]; + +From c0b25be7025b561084f638c4659728710939fa65 Mon Sep 17 00:00:00 2001 +From: Matt McKenzie +Date: Fri, 16 Feb 2024 01:50:37 -0800 +Subject: [PATCH 6/8] Fix batch reads - add offset to returned track last + sector + +--- + src/cd-paranoia.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/cd-paranoia.c b/src/cd-paranoia.c +index 3a4d9ec..c33eb95 100644 +--- a/src/cd-paranoia.c ++++ b/src/cd-paranoia.c +@@ -1264,7 +1264,7 @@ main(int argc,char *argv[]) + if ( batch ){ + batch_first = cursor; + batch_track = cdda_sector_gettrack(d,cursor - toc_offset); +- batch_last = cdda_track_lastsector(d, batch_track); ++ batch_last = cdda_track_lastsector(d, batch_track) + toc_offset; + if (batch_last>i_last_lsn) batch_last=i_last_lsn; + } else { + batch_first = i_first_lsn; + +From 847f2f4be7e92b40af622ea5e12bb3a3d0c6d580 Mon Sep 17 00:00:00 2001 +From: Matt McKenzie +Date: Fri, 16 Feb 2024 03:50:24 -0800 +Subject: [PATCH 7/8] Tweak the sector read offset configuration and adjust + comments + +--- + src/cd-paranoia.c | 15 ++++++++------- + 1 file changed, 8 insertions(+), 7 deletions(-) + +diff --git a/src/cd-paranoia.c b/src/cd-paranoia.c +index c33eb95..540531f 100644 +--- a/src/cd-paranoia.c ++++ b/src/cd-paranoia.c +@@ -1212,14 +1212,15 @@ main(int argc,char *argv[]) + + } + +- // Apply the sector read offset now that we are starting to read data ++ /* Apply read sector offset to the first and last sector indicies. ++ If the option has not been given to force overreading, do not offset ++ the last index beyond the last sector of the final track. */ + i_first_lsn += toc_offset; +- i_last_lsn += toc_offset; +- +- if (toc_offset && !force_overread) { +- if (i_last_lsn > cdda_track_lastsector(d, d->tracks)) +- i_last_lsn -= toc_offset; +- } ++ lsn_t lasttrack_lastsector = cdda_track_lastsector(d, d->tracks); ++ if (!force_overread && i_last_lsn + toc_offset >= lasttrack_lastsector) ++ i_last_lsn = lasttrack_lastsector; ++ else ++ i_last_lsn += toc_offset; + + { + long cursor; + +From 2389007b1eb3e43c8d3f3034dcbd9c478afc7dc4 Mon Sep 17 00:00:00 2001 +From: Matt McKenzie +Date: Fri, 16 Feb 2024 03:51:43 -0800 +Subject: [PATCH 8/8] Fix --force-overread behavior and add comments on the + offset behavior + +--- + src/cd-paranoia.c | 78 ++++++++++++++++++++++++++++++++++------------- + 1 file changed, 57 insertions(+), 21 deletions(-) + +diff --git a/src/cd-paranoia.c b/src/cd-paranoia.c +index 540531f..d89af2b 100644 +--- a/src/cd-paranoia.c ++++ b/src/cd-paranoia.c +@@ -1093,19 +1093,62 @@ main(int argc,char *argv[]) + + if (query_only) exit(0); + +- /* bias the disc. A hack. Of course. this is never the default. */ + /* +- Some CD-ROM/CD-R drives will add an offset to the position on +- reading audio data. This is usually around 500-700 audio samples +- (ca. 1/75 second) on reading. So when this program queries a +- specific sector, it might not receive exactly that sector, but +- shifted by some amount. +- +- Note that if ripping includes the end of the CD, this will this +- cause this program to attempt to read partial sectors before or +- past the known user data area of the disc, probably causing read +- errors on most drives and possibly even hard lockups on some +- buggy hardware. ++ Nearly all CD-ROM/CD-R drives will add a sample offset (either ++ positive or negative) to the position when reading audio data. ++ This is usually around 500-700 audio samples (ca. 1/75 second) ++ but can consist of multiple sectors for some drives. ++ ++ To account for this, the --sample-offset option can be specified ++ to adjust for a drive's read offset by a given number of ++ samples. In doing so, the exact data desired can be retrieved, ++ assuming the proper offset is specified for a given drive. ++ ++ An audio CD sector is 2352 bytes in size, consisting of 1176 ++ 16-bit (2-byte) samples or 588 paris of samples (left and right ++ channels). Therefore, every 588 samples of offset required for a ++ given drive will necesitate shifting reads by N sectors and by M ++ samples (assuming the sample offset is not an exact multiple of ++ 588). ++ ++ For example: ++ --sample-offset 0 (default) ++ results in a sector offset of 0 and a sample offset of 0 ++ ++ --sample-offset +48 ++ results in a sector offset of 0 and a sample offset of 48 ++ ++ --sample-offset +667 ++ results in a sector offset of 1 and a sample offset of 79 ++ ++ --sample-offset +1776 ++ results in a sector offset of 3 and a sample offset of 12 ++ ++ --sample-offset -54 ++ results in a sector offset of -1 and a sample offset of 534 ++ ++ --sample-offset -589 ++ results in a sector offset of -2 and a sample offset of 587 ++ ++ --sample-offset -1164 ++ results in a sector offset of -2 and a sample offset of 12 ++ ++ toc_offset - accounts for the number of sectors to offset reads ++ sample_offset - accounts for the number of samples to shift the ++ results ++ ++ Note that if ripping includes the end of the CD and the ++ --force-overread option is specified, this program will attempt ++ to read partial sectors before or past the known user data area ++ of the disc. The drive must suppport this or it will probably ++ cause read errors on most drives and possibly even hard lockups ++ on some buggy hardware. If the --force-overread is not provided, ++ tracks will be padded with empty data rather than attempting to ++ read beyond the disk lead-in/lead-out. ++ ++ For more info, see: ++ - https://www.exactaudiocopy.de/en/index.php/support/faq/offset-questions/ ++ - https://wiki.hydrogenaud.io/index.php?title=AccurateRip#Drive_read_offsets + + [Note to libcdio driver hackers: make sure all CD-drivers don't + try to read outside of the stated disc boundaries.] +@@ -1214,7 +1257,8 @@ main(int argc,char *argv[]) + + /* Apply read sector offset to the first and last sector indicies. + If the option has not been given to force overreading, do not offset +- the last index beyond the last sector of the final track. */ ++ the last sector index beyond the last sector of the final track. ++ */ + i_first_lsn += toc_offset; + lsn_t lasttrack_lastsector = cdda_track_lastsector(d, d->tracks); + if (!force_overread && i_last_lsn + toc_offset >= lasttrack_lastsector) +@@ -1252,14 +1296,6 @@ main(int argc,char *argv[]) + dummy = setegid(getgid()); + #endif + +- /* we'll need to be able to read one sector past user data if we +- have a sample offset in order to pick up the last bytes. We +- need to set the disc length forward here so that the libs are +- willing to read past, assuming that works on the hardware, of +- course */ +- if(sample_offset && force_overread) +- i_last_lsn++; +- + while(cursor<=i_last_lsn){ + char outfile_name[PATH_MAX]; + if ( batch ){ diff --git a/SPECS-EXTENDED/libcdio-paranoia/libcdio-paranoia.signatures.json b/SPECS-EXTENDED/libcdio-paranoia/libcdio-paranoia.signatures.json index 84792a760a..31bd813a91 100644 --- a/SPECS-EXTENDED/libcdio-paranoia/libcdio-paranoia.signatures.json +++ b/SPECS-EXTENDED/libcdio-paranoia/libcdio-paranoia.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "libcdio-paranoia-10.2+2.0.0.tar.bz2": "4565c18caf401083c53733e6d2847b6671ba824cff1c7792b9039693d34713c1" + "libcdio-paranoia-10.2+2.0.1.tar.bz2": "33b1cf305ccfbfd03b43936975615000ce538b119989c4bec469577570b60e8a" } } diff --git a/SPECS-EXTENDED/libcdio-paranoia/libcdio-paranoia.spec b/SPECS-EXTENDED/libcdio-paranoia/libcdio-paranoia.spec index 9f16c73888..af6e880063 100644 --- a/SPECS-EXTENDED/libcdio-paranoia/libcdio-paranoia.spec +++ b/SPECS-EXTENDED/libcdio-paranoia/libcdio-paranoia.spec @@ -1,18 +1,21 @@ Vendor: Microsoft Corporation Distribution: Azure Linux Name: libcdio-paranoia -Version: 10.2+2.0.0 -Release: 5%{?dist} +Version: 10.2+2.0.1 +Release: 1%{?dist} Summary: CD paranoia on top of libcdio License: GPLv3+ -URL: http://www.gnu.org/software/libcdio/ -Source0: http://ftp.gnu.org/gnu/libcdio/libcdio-paranoia-%{version}.tar.bz2 +URL: https://www.gnu.org/software/libcdio/ +Source0: https://ftp.gnu.org/gnu/libcdio/libcdio-paranoia-%{version}.tar.bz2 Patch0: libcdio-paranoia-manpage.patch +Patch1: 38.patch + BuildRequires: gcc BuildRequires: pkgconfig BuildRequires: gettext-devel BuildRequires: chrpath BuildRequires: libcdio-devel +BuildRequires: make %description This CDDA reader distribution ('libcdio-cdparanoia') reads audio from the @@ -32,7 +35,8 @@ This package contains header files and libraries for %{name}. %prep %setup -q -%patch 0 -p1 +%patch -P0 -p1 +%patch -P1 -p1 # fix pkgconfig files sed -i -e 's,-I${includedir},-I${includedir}/cdio,g' libcdio_paranoia.pc.in @@ -47,10 +51,10 @@ iconv -f ISO88591 -t utf-8 -o THANKS.utf8 THANKS && mv THANKS.utf8 THANKS --disable-dependency-tracking \ --disable-static \ --disable-rpath -make %{?_smp_mflags} +%make_build %install -make install DESTDIR=$RPM_BUILD_ROOT +%make_install find $RPM_BUILD_ROOT -type f -name "*.la" -exec rm -f {} ';' @@ -65,11 +69,11 @@ chrpath --delete $RPM_BUILD_ROOT%{_bindir}/* chrpath --delete $RPM_BUILD_ROOT%{_libdir}/*.so.* %check -make %{?_smp_mflags} check +%make_build check %files %license COPYING -%doc AUTHORS NEWS README.md THANKS +%doc AUTHORS NEWS.md README.md THANKS %{_bindir}/* %{_libdir}/*.so.* %{_mandir}/man1/* @@ -84,6 +88,10 @@ make %{?_smp_mflags} check %changelog +* Mon Nov 11 2024 Jyoti Kanase - 10.2+2.0.1 - 1 +- Update to 10.2+2.0.1 +- License verified + * Fri Oct 15 2021 Pawel Winogrodzki - 10.2+2.0.0-5 - Initial CBL-Mariner import from Fedora 32 (license: MIT). diff --git a/SPECS-EXTENDED/libcdio/format-security.patch b/SPECS-EXTENDED/libcdio/format-security.patch new file mode 100644 index 0000000000..a9c4b19383 --- /dev/null +++ b/SPECS-EXTENDED/libcdio/format-security.patch @@ -0,0 +1,48 @@ +From 2adb43c60afc6e98e94d86dad9f93d3df52862b1 Mon Sep 17 00:00:00 2001 +From: Sergei Trofimovich +Date: Mon, 1 Nov 2021 08:00:30 +0000 +Subject: src/cdda-player.c: always use "%s"-style format for printf()-style + functions + +`ncuses-6.3` added printf-style function attributes and now makes +it easier to catch cases when user input is used in palce of format +string when built with CFLAGS=-Werror=format-security: + + cdda-player.c:1032:31: + error: format not a string literal and no format arguments [-Werror=format-security] + 1032 | mvprintw(i_line++, 0, line); + | ^~~~ + +Let's wrap all the missing places with "%s" format. +--- + src/cdda-player.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/cdda-player.c b/src/cdda-player.c +index 69eddee..8834d60 100644 +--- a/src/cdda-player.c ++++ b/src/cdda-player.c +@@ -298,7 +298,7 @@ action(const char *psz_action) + psz_action); + else + snprintf(psz_action_line, sizeof(psz_action_line), "%s", "" ); +- mvprintw(LINE_ACTION, 0, psz_action_line); ++ mvprintw(LINE_ACTION, 0, "%s", psz_action_line); + clrtoeol(); + refresh(); + } +@@ -1029,10 +1029,10 @@ display_tracks(void) + } + if (sub.track == i) { + attron(A_STANDOUT); +- mvprintw(i_line++, 0, line); ++ mvprintw(i_line++, 0, "%s", line); + attroff(A_STANDOUT); + } else +- mvprintw(i_line++, 0, line); ++ mvprintw(i_line++, 0, "%s", line); + clrtoeol(); + } + } +-- +cgit v1.1 diff --git a/SPECS-EXTENDED/libcdio/libcdio-2.1.0.tar.bz2.sig b/SPECS-EXTENDED/libcdio/libcdio-2.1.0.tar.bz2.sig new file mode 100644 index 0000000000..316f7c99b1 --- /dev/null +++ b/SPECS-EXTENDED/libcdio/libcdio-2.1.0.tar.bz2.sig @@ -0,0 +1,6 @@ +-----BEGIN PGP SIGNATURE----- + +iF0EABECAB0WIQTapjvCWCA0oCuSPVIajeUAgnXsIQUCXLfTGgAKCRAajeUAgnXs +IbgPAJ9VeCzDcgfxpLh+zfNIwrRfEYxEegCffF1BoaCcEB9CKxx7rleF2CYRosA= +=tmRS +-----END PGP SIGNATURE----- diff --git a/SPECS-EXTENDED/libcdio/libcdio.signatures.json b/SPECS-EXTENDED/libcdio/libcdio.signatures.json index ee333c03ea..f184262875 100644 --- a/SPECS-EXTENDED/libcdio/libcdio.signatures.json +++ b/SPECS-EXTENDED/libcdio/libcdio.signatures.json @@ -1,8 +1,8 @@ { "Signatures": { "cdio_config.h": "e4997d5f11882ffe1901724cb1617f0c2e8ac7df8295cd12c85fd4d5244f0984", - "libcdio-2.0.0.tar.gz": "1b481b5da009bea31db875805665974e2fc568e2b2afa516f4036733657cf958", - "libcdio-2.0.0.tar.gz.sig": "1ca33fe6e86266f7829f0d4cdef36e0268144484c86090d6608fa53da782e8ac", + "libcdio-2.1.0.tar.bz2": "8550e9589dbd594bfac93b81ecf129b1dc9d0d51e90f9696f1b2f9b2af32712b", + "libcdio-2.1.0.tar.bz2.sig": "56c77b212c84b5b2587dc33c35ae310478bb170f30ad5a9cd0d62eaf8c224765", "libcdio-no_date_footer.hml": "09b8cec866f439f326dfb058ce8a1efcbab6ebf5a9699828a5f291edd86e0989" } } diff --git a/SPECS-EXTENDED/libcdio/libcdio.spec b/SPECS-EXTENDED/libcdio/libcdio.spec index 078390c470..381924ca75 100644 --- a/SPECS-EXTENDED/libcdio/libcdio.spec +++ b/SPECS-EXTENDED/libcdio/libcdio.spec @@ -1,28 +1,34 @@ +Name: libcdio +Version: 2.1.0 +Release: 14%{?dist} +Summary: CD-ROM input and control library + +# include/cdio/ecma_167.h and lib/driver/netbsd.c and lib/udf/udf_fs.c are BSD-2-Clause +# src/getopt* are LGPL-2.1-or-later +License: GPL-3.0-or-later AND BSD-2-Clause AND LGPL-2.1-or-later Vendor: Microsoft Corporation Distribution: Azure Linux -Name: libcdio -Version: 2.0.0 -Release: 8%{?dist} -Summary: CD-ROM input and control library -License: GPLv3+ + URL: http://www.gnu.org/software/libcdio/ -Source0: http://ftp.gnu.org/gnu/libcdio/libcdio-%{version}.tar.gz -Source1: http://ftp.gnu.org/gnu/libcdio/libcdio-%{version}.tar.gz.sig +Source0: https://ftp.gnu.org/gnu/libcdio/libcdio-%{version}.tar.bz2 +Source1: https://ftp.gnu.org/gnu/libcdio/libcdio-%{version}.tar.bz2.sig Source2: libcdio-no_date_footer.hml Source3: cdio_config.h -BuildRequires: gcc gcc-c++ -BuildRequires: pkgconfig doxygen +# Fixed upstream but not in a stable release yet. +# http://git.savannah.gnu.org/cgit/libcdio.git/commit/?id=2adb43c60afc6e98e94d86dad9f93d3df52862b1 +Patch0: format-security.patch +# http://git.savannah.gnu.org/cgit/libcdio.git/commit/?id=56335fff0f21d294cd0e478d49542a43e9495ed0 +Patch1: realpath-test-fix.patch + +BuildRequires: gcc +BuildRequires: gcc-c++ +BuildRequires: pkgconfig +BuildRequires: doxygen BuildRequires: ncurses-devel BuildRequires: help2man BuildRequires: gettext-devel BuildRequires: chrpath -Patch0: fix_format_security.patch - - -# ABI compatibility package dropped in F23 -Obsoletes: compat-libcdio15 < 0.93 - - +BuildRequires: make %description This library provides an interface for CD-ROM access. It can be used @@ -31,6 +37,8 @@ devices. %package devel Summary: Header files and libraries for %{name} +# doc/* is GFDL-1.2-or-later +License: GPL-3.0-or-later AND BSD-2-Clause AND LGPL-2.1-or-later AND GFDL-1.2-or-later Requires: %{name} = %{version}-%{release} %description devel @@ -38,19 +46,22 @@ This package contains header files and libraries for %{name}. %prep -%setup -q -%patch 0 -p1 +%autosetup -p1 iconv -f ISO88591 -t utf-8 -o THANKS.utf8 THANKS && mv THANKS.utf8 THANKS %build +%ifarch %{ix86} +# avoid implicit declaration of fseeko64, lseek64 +export CPPFLAGS="$CPPFLAGS -D_LARGEFILE64_SOURCE" +%endif %configure \ --disable-vcd-info \ --disable-dependency-tracking \ --disable-cddb \ --disable-static \ --disable-rpath -make %{?_smp_mflags} +%make_build # another multilib fix; remove the architecture information from version.h sed -i -e "s,%{version} .*$,%{version}\\\",g" include/cdio/version.h @@ -62,7 +73,7 @@ cp %{SOURCE2} . ./run_doxygen %install -make install DESTDIR=$RPM_BUILD_ROOT +%make_install # multilib header hack; taken from postgresql.spec case `uname -i` in @@ -107,7 +118,7 @@ make check %files %license COPYING -%doc AUTHORS NEWS README README.libcdio THANKS TODO +%doc AUTHORS NEWS.md README README.libcdio THANKS TODO %{_bindir}/* %{_libdir}/*.so.* %{_infodir}/* @@ -123,12 +134,49 @@ make check %changelog -* Tue Jun 21 2022 Andrew Phelps - 2.0.0-8 -- Add patch to fix build error with ncurses 6.3 +* Tue Mar 04 2025 Jyoti Kanase - 2.1.0-14 +- Initial Azure Linux import from Fedora 41 (license: MIT). - License verified -* Fri Oct 15 2021 Pawel Winogrodzki - 2.0.0-7 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Thu Jul 18 2024 Fedora Release Engineering - 2.1.0-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Thu Jan 25 2024 Fedora Release Engineering - 2.1.0-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 2.1.0-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Thu Jul 20 2023 Fedora Release Engineering - 2.1.0-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Thu Jan 19 2023 Fedora Release Engineering - 2.1.0-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Tue Aug 30 2022 Parag Nemade - 2.1.0-8 +- Fix the realpath test failure (upstream patch) + +* Thu Jul 21 2022 Fedora Release Engineering - 2.1.0-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Thu Jan 20 2022 Fedora Release Engineering - 2.1.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Thu Jul 22 2021 Fedora Release Engineering - 2.1.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Tue Jan 26 2021 Fedora Release Engineering - 2.1.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jul 28 2020 Fedora Release Engineering - 2.1.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Jul 13 2020 Tom Stellard - 2.1.0-2 +- Use make macros +- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro + +* Mon Mar 30 2020 Adrian Reber - 2.1.0-1 +- updated to 2.1.0 * Wed Jan 29 2020 Fedora Release Engineering - 2.0.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/SPECS-EXTENDED/libcdio/realpath-test-fix.patch b/SPECS-EXTENDED/libcdio/realpath-test-fix.patch new file mode 100644 index 0000000000..d666705630 --- /dev/null +++ b/SPECS-EXTENDED/libcdio/realpath-test-fix.patch @@ -0,0 +1,52 @@ +From 56335fff0f21d294cd0e478d49542a43e9495ed0 Mon Sep 17 00:00:00 2001 +From: "R. Bernstein" +Date: Wed, 24 Aug 2022 14:34:33 -0400 +Subject: Correct realpath test failure +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +See https://savannah.gnu.org/bugs/?62948 +Patch courtesy of Martin Liška +--- + test/driver/realpath.c | 13 ++++++++----- + 1 file changed, 8 insertions(+), 5 deletions(-) + +diff --git a/test/driver/realpath.c b/test/driver/realpath.c +index 289253e..cd46d62 100644 +--- a/test/driver/realpath.c ++++ b/test/driver/realpath.c +@@ -1,5 +1,7 @@ + /* -*- C -*- +- Copyright (C) 2010-2012, 2015, 2017 Rocky Bernstein ++ ++ Copyright (C) 2010-2012, 2015, 2017, 2022 Rocky Bernstein ++ + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by +@@ -175,16 +177,17 @@ main(int argc, const char *argv[]) + rc = check_rc(symlink(psz_symlink_file, psz_symlink_file), + "symlink", psz_symlink_file); + if (0 == rc) { +- cdio_realpath(psz_symlink_file, psz_file_check); +- if (0 != strncmp(psz_file_check, symlink_file, PATH_MAX)) { ++ char *retvalue = cdio_realpath(psz_symlink_file, psz_file_check); ++ if (0 != retvalue) { ++ if (0 != strncmp(psz_file_check, symlink_file, PATH_MAX)) { + fprintf(stderr, "direct cdio_realpath cycle test failed. %s vs %s\n", + psz_file_check, symlink_file); + rc = 5; + goto err_exit; ++ } ++ check_rc(unlink(psz_symlink_file), "unlink", psz_symlink_file); + } +- check_rc(unlink(psz_symlink_file), "unlink", psz_symlink_file); + } +- + } + + check_rc(unlink(psz_orig_file), "unlink", psz_orig_file); +-- +cgit v1.1 + diff --git a/SPECS-EXTENDED/libcdr/libcdr.signatures.json b/SPECS-EXTENDED/libcdr/libcdr.signatures.json index 1d650db664..ae5922ae46 100644 --- a/SPECS-EXTENDED/libcdr/libcdr.signatures.json +++ b/SPECS-EXTENDED/libcdr/libcdr.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "libcdr-0.1.6.tar.xz": "01cd00b04a030977e544433c2d127c997205332cd9b8e35ec0ee17110da7f861" + "libcdr-0.1.7.tar.xz": "5666249d613466b9aa1e987ea4109c04365866e9277d80f6cd9663e86b8ecdd4" } } diff --git a/SPECS-EXTENDED/libcdr/libcdr.spec b/SPECS-EXTENDED/libcdr/libcdr.spec index ea5bcf3edc..efa9a5b078 100644 --- a/SPECS-EXTENDED/libcdr/libcdr.spec +++ b/SPECS-EXTENDED/libcdr/libcdr.spec @@ -3,20 +3,20 @@ Distribution: Azure Linux %global apiversion 0.1 Name: libcdr -Version: 0.1.6 -Release: 2%{?dist} +Version: 0.1.7 +Release: 1%{?dist} Summary: A library for import of CorelDRAW drawings # the only Public Domain source is src/lib/CDRColorProfiles.h License: MPLv2.0 and Public Domain -URL: http://wiki.documentfoundation.org/DLP/Libraries/libcdr -Source: http://dev-www.libreoffice.org/src/%{name}/%{name}-%{version}.tar.xz -Patch0: icu-68-1-build-fix.patch +URL: https://wiki.documentfoundation.org/DLP/Libraries/libcdr +Source: https://dev-www.libreoffice.org/src/%{name}/%{name}-%{version}.tar.xz BuildRequires: boost-devel BuildRequires: doxygen BuildRequires: gcc-c++ BuildRequires: help2man +BuildRequires: make BuildRequires: pkgconfig(cppunit) BuildRequires: pkgconfig(icu-i18n) BuildRequires: pkgconfig(lcms2) @@ -54,7 +54,7 @@ Tools to transform CorelDRAW drawings into other formats. Currently supported: XHTML, text, raw. %prep -%autosetup -p1 +%autosetup %build %configure --disable-silent-rules --disable-static --disable-werror @@ -62,10 +62,10 @@ sed -i \ -e 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' \ -e 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' \ libtool -make %{?_smp_mflags} +%make_build %install -make install DESTDIR=%{buildroot} +%make_install rm -f %{buildroot}/%{_libdir}/*.la # rhbz#1001251 we install API docs directly from build rm -rf %{buildroot}/%{_docdir}/%{name} @@ -114,6 +114,10 @@ make %{?_smp_mflags} check %{_mandir}/man1/cmx2xhtml.1* %changelog +* Mon Nov 11 2024 Jyoti Kanase - 0.1.7-1 +- Update to 0.1.7 +- License verified + * Wed May 19 2021 Thomas Crain - 0.1.6-2 - Initial CBL-Mariner import from Fedora 32 (license: MIT). - Apply build fix for break caused by icu package upgrade diff --git a/SPECS-EXTENDED/libdazzle/libdazzle.signatures.json b/SPECS-EXTENDED/libdazzle/libdazzle.signatures.json index 36162898c8..92efe0e1a9 100644 --- a/SPECS-EXTENDED/libdazzle/libdazzle.signatures.json +++ b/SPECS-EXTENDED/libdazzle/libdazzle.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "libdazzle-3.36.0.tar.xz": "82b31bbf550fc62970c78bf7f9d55e5fae5b8ea13b24fe2d13c8c6039409d958" + "libdazzle-3.44.0.tar.xz": "3cd3e45eb6e2680cb05d52e1e80dd8f9d59d4765212f0e28f78e6c1783d18eae" } } diff --git a/SPECS-EXTENDED/libdazzle/libdazzle.spec b/SPECS-EXTENDED/libdazzle/libdazzle.spec index d08fdf9c8d..40309f8c7e 100644 --- a/SPECS-EXTENDED/libdazzle/libdazzle.spec +++ b/SPECS-EXTENDED/libdazzle/libdazzle.spec @@ -4,15 +4,14 @@ Distribution: Azure Linux %global gtk3_version 3.24.0 Name: libdazzle -Version: 3.36.0 -Release: 3%{?dist} +Version: 3.44.0 +Release: 1%{?dist} Summary: Experimental new features for GTK+ and GLib License: GPLv3+ URL: https://git.gnome.org/browse/libdazzle/ -Source0: https://download.gnome.org/sources/%{name}/3.36/%{name}-%{version}.tar.xz +Source0: https://download.gnome.org/sources/%{name}/3.44/%{name}-%{version}.tar.xz -BuildRequires: %{_bindir}/xsltproc BuildRequires: meson BuildRequires: vala @@ -23,8 +22,8 @@ BuildRequires: pkgconfig(gobject-introspection-1.0) BuildRequires: pkgconfig(gtk+-3.0) >= %{gtk3_version} # for tests -BuildRequires: xorg-x11-server-Xvfb BuildRequires: words +BuildRequires: xorg-x11-server-Xvfb Requires: glib2%{?_isa} >= %{glib2_version} Requires: gtk3%{?_isa} >= %{gtk3_version} @@ -57,12 +56,14 @@ developing applications that use %{name}. %install %meson_install +%find_lang libdazzle-1.0 %check xvfb-run -w 10 ninja test %{__ninja_common_opts} -C %{_vpath_builddir} -%files + +%files -f libdazzle-1.0.lang %license COPYING %doc AUTHORS NEWS README.md %{_bindir}/dazzle-list-counters @@ -83,6 +84,10 @@ xvfb-run -w 10 ninja test %{__ninja_common_opts} -C %{_vpath_builddir} %changelog +* Wed Nov 13 2024 Jyoti Kanase - 3.44.0-1 +- Update to 3.44.0 +- License verified + * Mon Mar 21 2022 Pawel Winogrodzki - 3.36.0-3 - Adding BR on '%%{_bindir}/xsltproc'. - Disabled gtk doc generation to remove network dependency during build-time. diff --git a/SPECS-EXTENDED/libdc1394/libdc1394-sdl.patch b/SPECS-EXTENDED/libdc1394/libdc1394-sdl.patch new file mode 100644 index 0000000000..f3c584b690 --- /dev/null +++ b/SPECS-EXTENDED/libdc1394/libdc1394-sdl.patch @@ -0,0 +1,23 @@ +diff -Naur libdc1394-2.2.6.old/configure.ac libdc1394-2.2.6/configure.ac +--- libdc1394-2.2.6.old/configure.ac 2022-05-31 18:11:17.320426983 +0200 ++++ libdc1394-2.2.6/configure.ac 2022-05-31 18:11:32.882714398 +0200 +@@ -45,12 +45,6 @@ + [AC_DEFINE(HAVE_LIBUSB,[],[Defined if libusb is present])], + [AC_MSG_WARN([libusb-1.0 not found])]) + +-MIN_SDL_VERSION=1.2.4 +-AH_TEMPLATE(HAVE_LIBSDL, [SDL library]) +-AM_PATH_SDL($MIN_SDL_VERSION, [AC_DEFINE(HAVE_LIBSDL) HAVE_LIBSDL="yes"]) +-AC_SUBST(SDL_CFLAGS) +-AC_SUBST(SDL_LIBS) +- + case "$host" in + *-*-linux*) + have_linux=true +@@ -233,4 +227,4 @@ + Build V4L examples: ${VIDEXAMPLESMSG}" + fi + dnl extra newline: +-echo "" +\ No newline at end of file ++echo "" diff --git a/SPECS-EXTENDED/libdc1394/libdc1394.signatures.json b/SPECS-EXTENDED/libdc1394/libdc1394.signatures.json index 1198bf4070..a00b0658fa 100644 --- a/SPECS-EXTENDED/libdc1394/libdc1394.signatures.json +++ b/SPECS-EXTENDED/libdc1394/libdc1394.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "libdc1394-2.2.2.tar.gz": "ff8744a92ab67a276cfaf23fa504047c20a1ff63262aef69b4f5dbaa56a45059" + "libdc1394-2.2.7.tar.gz": "537ceb78dd3cef271a183f4a176191d1cecf85f025520e6bd3758b0e19e6609f" } } diff --git a/SPECS-EXTENDED/libdc1394/libdc1394.spec b/SPECS-EXTENDED/libdc1394/libdc1394.spec index 429333e8ff..a0e7e1eabe 100644 --- a/SPECS-EXTENDED/libdc1394/libdc1394.spec +++ b/SPECS-EXTENDED/libdc1394/libdc1394.spec @@ -1,28 +1,32 @@ Vendor: Microsoft Corporation Distribution: Azure Linux -#define svn_snapshot .svn459 -#define real_version 2.1.0 %define svn_build %{?svn_snapshot:1}%{!?svn_snapshot:0} +%global sover 26 Summary: 1394-based digital camera control library Name: libdc1394 -Version: 2.2.2 -Release: 15%{?dist} +Version: 2.2.7 +Release: 1%{?dist} License: LGPLv2+ -URL: http://sourceforge.net/projects/libdc1394/ -Source: http://downloads.sourceforge.net/project/libdc1394/libdc1394-2/%{version}/libdc1394-%{version}.tar.gz +URL: https://sourceforge.net/projects/libdc1394/ +Source: https://downloads.sourceforge.net/project/%{name}/%{name}-2/%{version}/%{name}-%{version}.tar.gz +Patch0: %{name}-sdl.patch + ExcludeArch: s390 s390x BuildRequires: gcc +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: make BuildRequires: kernel-headers -BuildRequires: libraw1394-devel libusb1-devel +BuildRequires: libraw1394-devel +BuildRequires: libusb1-devel BuildRequires: doxygen BuildRequires: perl-interpreter -BuildRequires: libX11-devel libXv-devel -%if %{svn_build} +BuildRequires: libX11-devel +BuildRequires: libXv-devel BuildRequires: libtool -%endif %description Libdc1394 is a library that is intended to provide a high level programming @@ -54,54 +58,65 @@ This package contains tools that are useful when working and developing with %{name}. %prep -%setup -q -n libdc1394-%{version} +%autosetup -p1 %build -%if %{svn_build} -cp /usr/share/libtool/ltmain.sh . -aclocal -autoheader -autoconf -automake --add-missing -%endif +autoreconf -vif %configure --disable-static --enable-doxygen-html --enable-doxygen-dot -sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool -sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool -make %{?_smp_mflags} -make doc +%make_build +%make_build doc %install -%{__rm} -rf %{buildroot} -make install DESTDIR=%{buildroot} INSTALL="%{__install} -p" +%make_install + for p in grab_color_image grab_gray_image grab_partial_image ladybug grab_partial_pvn; do - %{__install} -p -m 0644 -s examples/.libs/$p %{buildroot}%{_bindir}/dc1394_$p + install -p -m 0755 -s examples/.libs/$p %{buildroot}%{_bindir}/dc1394_$p done -%{__install} -p -m 0644 examples/dc1394_multiview %{buildroot}%{_bindir}/dc1394_multiview +install -p -m 0755 examples/dc1394_multiview %{buildroot}%{_bindir}/dc1394_multiview + for f in grab_color_image grab_gray_image grab_partial_image; do mv %{buildroot}%{_mandir}/man1/$f.1 %{buildroot}%{_mandir}/man1/dc1394_$f.1 done -%ldconfig_scriptlets +find %{buildroot} -name "*.la" -delete + +%{?ldconfig_scriptlets} %files -%doc AUTHORS ChangeLog COPYING NEWS README -%{_libdir}/libdc1394*.so.* +%license COPYING +%doc AUTHORS ChangeLog NEWS README +%{_libdir}/%{name}.so.%{sover}* %files devel %doc examples/*.h examples/*.c %{_includedir}/dc1394/ -%{_libdir}/libdc1394*.so +%{_libdir}/%{name}.so %{_libdir}/pkgconfig/%{name}-2.pc -%exclude %{_libdir}/*.la + %files docs %doc doc/html/* %files tools -%{_bindir}/dc1394_* -%{_mandir}/man1/dc1394_*.1.gz +%{_bindir}/dc1394_grab_color_image +%{_bindir}/dc1394_grab_gray_image +%{_bindir}/dc1394_grab_partial_image +%{_bindir}/dc1394_grab_partial_pvn +%{_bindir}/dc1394_ladybug +%{_bindir}/dc1394_multiview +%{_bindir}/dc1394_reset_bus +%{_mandir}/man1/dc1394_grab_color_image.* +%{_mandir}/man1/dc1394_grab_gray_image.* +%{_mandir}/man1/dc1394_grab_partial_image.* +%{_mandir}/man1/dc1394_multiview.* +%{_mandir}/man1/dc1394_reset_bus.* +%{_mandir}/man1/dc1394_vloopback.* %changelog +* Thu Nov 14 2024 Jyoti Kanase - 2.2.7-1 +- Update to 2.2.7 +- License verified + * Thu Oct 14 2021 Pawel Winogrodzki - 2.2.2-15 - Initial CBL-Mariner import from Fedora 32 (license: MIT). - Converting the 'Release' tag to the '[number].[distribution]' format. diff --git a/SPECS-EXTENDED/libdvdnav/libdvdnav-6.1.1.tar.bz2.asc b/SPECS-EXTENDED/libdvdnav/libdvdnav-6.1.1.tar.bz2.asc new file mode 100644 index 0000000000..c723397f25 --- /dev/null +++ b/SPECS-EXTENDED/libdvdnav/libdvdnav-6.1.1.tar.bz2.asc @@ -0,0 +1,6 @@ +-----BEGIN PGP SIGNATURE----- + +iF0EABECAB0WIQRl98a0IGvQV6frc3hxgHE75Y0a3AUCYH73lwAKCRBxgHE75Y0a +3IQEAKCSMnMQBjvgNc63lYgfU0vxPBfdLQCfYyUHiJcGgZvrSplqvYNf3/g4cNQ= +=49PA +-----END PGP SIGNATURE----- diff --git a/SPECS-EXTENDED/libdvdnav/libdvdnav.signatures.json b/SPECS-EXTENDED/libdvdnav/libdvdnav.signatures.json index 5874c45df9..ac69f3ebeb 100644 --- a/SPECS-EXTENDED/libdvdnav/libdvdnav.signatures.json +++ b/SPECS-EXTENDED/libdvdnav/libdvdnav.signatures.json @@ -1,7 +1,7 @@ { "Signatures": { "7180713BE58D1ADC.asc": "3e62e0776b9ffe71449d553ceff56e60e9ad7902ec18199c953a1392f7974628", - "libdvdnav-6.0.1.tar.bz2": "e566a396f1950017088bfd760395b0565db44234195ada5413366c9d23926733", - "libdvdnav-6.0.1.tar.bz2.asc": "551428a76312db6ea063827c379ecdf6084fd8aa5c99de1717aa5091dbd23790" + "libdvdnav-6.1.1.tar.bz2": "c191a7475947d323ff7680cf92c0fb1be8237701885f37656c64d04e98d18d48", + "libdvdnav-6.1.1.tar.bz2.asc": "8f71e9acfb2856554b257c0d72b64daf4d74f9ea28038dd0b3b321c8dd585551" } } diff --git a/SPECS-EXTENDED/libdvdnav/libdvdnav.spec b/SPECS-EXTENDED/libdvdnav/libdvdnav.spec index 166fe235ae..cc9ad14b30 100644 --- a/SPECS-EXTENDED/libdvdnav/libdvdnav.spec +++ b/SPECS-EXTENDED/libdvdnav/libdvdnav.spec @@ -1,18 +1,21 @@ +%global abi 4 + Vendor: Microsoft Corporation Distribution: Azure Linux Name: libdvdnav -Version: 6.0.1 -Release: 4%{?dist} +Version: 6.1.1 +Release: 1%{?dist} Summary: A library for reading DVD video discs based on Ogle code License: GPLv2+ -URL: http://dvdnav.mplayerhq.hu/ +URL: https://dvdnav.mplayerhq.hu/ Source0: https://download.videolan.org/pub/videolan/libdvdnav/%{version}/libdvdnav-%{version}.tar.bz2 Source1: https://download.videolan.org/pub/videolan/libdvdnav/%{version}/libdvdnav-%{version}.tar.bz2.asc Source2: https://download.videolan.org/pub/keys/7180713BE58D1ADC.asc BuildRequires: doxygen BuildRequires: gcc BuildRequires: gnupg2 -BuildRequires: libdvdread-devel >= 5.0.2 +BuildRequires: make +BuildRequires: libdvdread-devel >= 6.0.0 %description libdvdnav provides a simple library for reading DVD video discs. @@ -30,7 +33,7 @@ libdvdnav library. %prep %{gpgverify} --keyring='%{S:2}' --signature='%{S:1}' --data='%{S:0}' -%setup -q +%autosetup %build %configure --disable-static @@ -50,7 +53,7 @@ rm %{buildroot}%{_pkgdocdir}/{COPYING,TODO} %files %license COPYING %doc AUTHORS ChangeLog README -%{_libdir}/libdvdnav.so.* +%{_libdir}/libdvdnav.so.%{abi}* %files devel %doc TODO doc/html/* @@ -59,6 +62,10 @@ rm %{buildroot}%{_pkgdocdir}/{COPYING,TODO} %{_libdir}/pkgconfig/dvdnav.pc %changelog +* Thu Nov 14 2024 Jyoti Kanase - 6.1.1-1 +- Update to 6.1.1 +- License verified + * Fri Oct 15 2021 Pawel Winogrodzki - 6.0.1-4 - Initial CBL-Mariner import from Fedora 32 (license: MIT). diff --git a/SPECS-EXTENDED/libsecret/libsecret.signatures.json b/SPECS-EXTENDED/libsecret/libsecret.signatures.json index 12c521ed52..aaf18c8c33 100644 --- a/SPECS-EXTENDED/libsecret/libsecret.signatures.json +++ b/SPECS-EXTENDED/libsecret/libsecret.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "libsecret-0.20.4.tar.xz": "325a4c54db320c406711bf2b55e5cb5b6c29823426aa82596a907595abb39d28" + "libsecret-0.21.4.tar.xz": "163d08d783be6d4ab9a979ceb5a4fecbc1d9660d3c34168c581301cd53912b20" } } diff --git a/SPECS-EXTENDED/libsecret/libsecret.spec b/SPECS-EXTENDED/libsecret/libsecret.spec index b52335a30e..c7e09329f5 100644 --- a/SPECS-EXTENDED/libsecret/libsecret.spec +++ b/SPECS-EXTENDED/libsecret/libsecret.spec @@ -8,14 +8,15 @@ Distribution: Azure Linux %endif Name: libsecret -Version: 0.20.4 -Release: 2%{?dist} +Version: 0.21.4 +Release: 1%{?dist} Summary: Library for storing and retrieving passwords and other secrets License: LGPLv2+ URL: https://wiki.gnome.org/Projects/Libsecret Source0: https://download.gnome.org/sources/libsecret/%{release_version}/libsecret-%{version}.tar.xz +BuildRequires: meson BuildRequires: gettext BuildRequires: glib2-devel BuildRequires: gobject-introspection-devel @@ -27,6 +28,8 @@ BuildRequires: docbook-style-xsl %if 0%{?has_valgrind} BuildRequires: valgrind-devel %endif +BuildRequires: python3-devel +BuildRequires: /usr/bin/xsltproc Provides: bundled(egglib) @@ -45,8 +48,20 @@ The %{name}-devel package contains libraries and header files for developing applications that use %{name}. +%package mock-service +Summary: Python mock-service files from %{name} +# This subpackage does not need libsecret installed, +# but this ensure that if it is installed, the version matches (for good measure): +Requires: (%{name} = %{version}-%{release} if %{name}) +BuildArch: noarch + +%description mock-service +The %{name}-mock-service package contains testing Python files from %{name}, +for testing of other similar tools, such as the Python SecretStorage package. + + %prep -%setup -q +%autosetup -p1 # Use system valgrind headers instead %if 0%{?has_valgrind} @@ -55,21 +70,31 @@ rm -rf build/valgrind/ %build -%configure --disable-static -%make_build +%meson \ +-Dgtk_doc=false \ +%if %{with gnutls} +-Dcrypto=gnutls \ +%else +-Dcrypto=libgcrypt \ +%endif +%{nil} +%meson_build %install -%make_install - -find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';' - +%meson_install %find_lang libsecret +# For the mock-service subpackage +mkdir -p %{buildroot}%{_datadir}/libsecret/mock +cp -a libsecret/mock/*.py %{buildroot}%{_datadir}/libsecret/mock/ +cp -a libsecret/mock-service*.py %{buildroot}%{_datadir}/libsecret/ +%py_byte_compile %{python3} %{buildroot}%{_datadir}/libsecret/mock/ + %files -f libsecret.lang %license COPYING -%doc AUTHORS NEWS README +%doc NEWS README.md %{_bindir}/secret-tool %{_libdir}/libsecret-1.so.0* %dir %{_libdir}/girepository-1.0 @@ -77,6 +102,7 @@ find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';' %{_mandir}/man1/secret-tool.1* %files devel +%license COPYING docs/reference/COPYING %{_includedir}/libsecret-1/ %{_libdir}/libsecret-1.so %{_libdir}/pkgconfig/libsecret-1.pc @@ -87,10 +113,19 @@ find $RPM_BUILD_ROOT -name '*.la' -exec rm -f {} ';' %dir %{_datadir}/vala/vapi %{_datadir}/vala/vapi/libsecret-1.deps %{_datadir}/vala/vapi/libsecret-1.vapi -%doc %{_datadir}/gtk-doc/ + +%files mock-service +%license COPYING +%dir %{_datadir}/libsecret +%{_datadir}/libsecret/mock/ +%{_datadir}/libsecret/mock-service*.py %changelog +* Tue Nov 12 2024 Sumit Jena - 0.21.4-1 +- Update to version 0.21.4 +- License verified. + * Fri Oct 15 2021 Pawel Winogrodzki - 0.20.4-2 - Initial CBL-Mariner import from Fedora 31 (license: MIT). diff --git a/SPECS-EXTENDED/memkind/Makefile.am.patch b/SPECS-EXTENDED/memkind/Makefile.am.patch new file mode 100644 index 0000000000..e8354a7e1d --- /dev/null +++ b/SPECS-EXTENDED/memkind/Makefile.am.patch @@ -0,0 +1,17 @@ +diff --git a/Makefile.am b/Makefile.am +index 94937c2..f9763c8 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -684,9 +684,11 @@ end + endef + + static_lib: libmemkind.la +- bash -c "ar -M < <(echo -e '$(ar_prog)')" ++ echo -e "$(ar_prog)" > arprog.txt ++ ar -M < arprog.txt + cp libmemkind.a .libs/ + rm libmemkind.a ++ rm arprog.txt + + JEMALLOC_CONFIG = --enable-autogen @min_lg_align_opt@ --without-export --with-version=5.3.0-0-g54eaed1d8b56b1aa528be3bdd1877e59c56fa90c \ + @jemalloc_build_type_flags@ @memkind_initial_exec_tls@ --with-jemalloc-prefix=@memkind_prefix@ \ diff --git a/SPECS-EXTENDED/memkind/memkind.signatures.json b/SPECS-EXTENDED/memkind/memkind.signatures.json index 5a31f48b58..68d41f2ec9 100644 --- a/SPECS-EXTENDED/memkind/memkind.signatures.json +++ b/SPECS-EXTENDED/memkind/memkind.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "memkind-1.10.0.tar.gz": "fcfd374b35d9b6865aa41fe2412f8a333aaa7a888f4adfeece56be259b3318aa" + "memkind-1.14.0.tar.gz": "ab366b20b5a87ea655483631fc762ba6eb59eb6c3a08652e643f1ee3f06a6a12" } } diff --git a/SPECS-EXTENDED/memkind/memkind.spec b/SPECS-EXTENDED/memkind/memkind.spec index dfae2358b6..a6e54759ea 100644 --- a/SPECS-EXTENDED/memkind/memkind.spec +++ b/SPECS-EXTENDED/memkind/memkind.spec @@ -1,26 +1,35 @@ +%global gittag0 v1.14.0 +# WORKAROUND to avoid breaking the build at the atrocious libtool shell scrip +# due to RPM environmental macros being lost for the subshells +%undefine _package_note_file + +Name: memkind +Summary: User Extensible Heap Manager +Version: 1.14.0 +Release: 10%{?dist} +License: BSD-3-Clause +URL: http://memkind.github.io/memkind Vendor: Microsoft Corporation Distribution: Azure Linux -%global gittag0 v1.10.0 - -Name: memkind -Summary: User Extensible Heap Manager -Version: 1.10.0 -Release: 2%{?dist} -License: BSD -URL: http://memkind.github.io/memkind -BuildRequires: automake libtool numactl-devel systemd gcc gcc-c++ - -# x86_64 is the only arch memkind will build and work due to -# its current dependency on SSE4.2 CRC32 instruction which -# is used to compute thread local storage arena mappings -# with polynomial accumulations via GCC's intrinsic _mm_crc32_u64 -# For further info check: -# - /lib/gcc///include/smmintrin.h -# - https://gcc.gnu.org/bugzilla/show_bug.cgi?id=36095 -# - http://en.wikipedia.org/wiki/SSE4 -ExclusiveArch: x86_64 - -Source0: https://github.com/%{name}/%{name}/archive/%{gittag0}/%{name}-%{version}.tar.gz + +BuildRequires: make +BuildRequires: patch +BuildRequires: automake +BuildRequires: libtool +BuildRequires: numactl-devel +BuildRequires: systemd +BuildRequires: gcc +BuildRequires: gcc-c++ +BuildRequires: daxctl-devel +# memkind has been discontinued and archived upstream. See Bugzilla 2296288. +# We are deprecating it now, to flag any potential user of its future removal. +Provides: deprecated() + +Source0: https://github.com/%{name}/%{name}/archive/%{gittag0}/%{name}-%{version}.tar.gz + +# unbreak the atrocious autotools Makefile.am construction for +# libmemkind archive creation target +Patch0: Makefile.am.patch %description The memkind library is an user extensible heap manager built on top of @@ -38,8 +47,9 @@ features. This software is being made available for early evaluation. Feedback on design or implementation is greatly appreciated. %package devel -Summary: Memkind User Extensible Heap Manager development lib and tools -Requires: %{name} = %{version}-%{release} +Summary: Memkind User Extensible Heap Manager development lib and tools +Requires: %{name} = %{version}-%{release} +Provides: deprecated() %description devel Install header files and development aids to link memkind library @@ -51,36 +61,40 @@ pre-alpha: bugs may exist and the interfaces may be subject to change prior to alpha release. Feedback on design or implementation is greatly appreciated. %prep -%setup -q -a 0 -n %{name}-%{version} +%autosetup -n %{name}-%{version} %build -# It is required that we configure and build the jemalloc subdirectory -# before we configure and start building the top level memkind directory. -# To ensure the memkind build step is able to discover the output -# of the jemalloc build we must create an 'obj' directory, and build -# from within that directory. cd %{_builddir}/%{name}-%{version} echo %{version} > %{_builddir}/%{name}-%{version}/VERSION -./build.sh --prefix=%{_prefix} --includedir=%{_includedir} --libdir=%{_libdir} \ - --bindir=%{_bindir} --docdir=%{_docdir}/%{name} --mandir=%{_mandir} \ - --sbindir=%{_sbindir} +test -f configure || ./autogen.sh +%configure --enable-secure --enable-tls --prefix=%{_prefix} --libdir=%{_libdir} \ + --includedir=%{_includedir} --sbindir=%{_sbindir} --bindir=%{_bindir} \ + --mandir=%{_mandir} --docdir=%{_docdir}/%{name} \ + CFLAGS="$RPM_OPT_FLAGS -std=gnu99" LDFLAGS="%{build_ldflags}" +%{__make} V=1 %install cd %{_builddir}/%{name}-%{version} make DESTDIR=%{buildroot} INSTALL='install -p' install rm -f %{buildroot}/%{_libdir}/lib%{name}.{l,}a rm -f %{buildroot}/%{_libdir}/libautohbw.{l,}a +rm -f %{buildroot}/%{_libdir}/libmemtier.{l,}a rm -f %{buildroot}/%{_docdir}/%{name}/VERSION %ldconfig_scriptlets %files +%{_bindir}/memtier %{_libdir}/lib%{name}.so.* %{_libdir}/libautohbw.so.* +%{_libdir}/libmemtier.so.* %{_bindir}/%{name}-hbw-nodes %{_bindir}/%{name}-auto-dax-kmem-nodes %{_mandir}/man1/%{name}*.1.* +%{_mandir}/man1/memtier.1.* %{_mandir}/man7/autohbw.7.* +%{_mandir}/man7/memtier.7.* +%{_mandir}/man7/libmemtier.7.* %dir %{_docdir}/%{name} %doc %{_docdir}/%{name}/README %license %{_docdir}/%{name}/COPYING @@ -90,18 +104,80 @@ rm -f %{buildroot}/%{_docdir}/%{name}/VERSION %{_includedir}/hbwmalloc.h %{_includedir}/hbw_allocator.h %{_includedir}/pmem_allocator.h +%{_includedir}/fixed_allocator.h %{_libdir}/lib%{name}.so %{_libdir}/libautohbw.so +%{_libdir}/libmemtier.so %{_libdir}/pkgconfig/memkind.pc %{_mandir}/man3/%{name}*.3.* %{_mandir}/man3/hbwmalloc.3.* %{_mandir}/man3/hbwallocator.3.* %{_mandir}/man3/pmemallocator.3.* +%{_mandir}/man3/fixedallocator.3.* +%{_mandir}/man3/libmemtier.3.* %changelog -* Thu Oct 14 2021 Pawel Winogrodzki - 1.10.0-2 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). -- Converting the 'Release' tag to the '[number].[distribution]' format. +* Wed Jan 15 2025 Akhila Guruju - 1.14.0-10 +- Initial Azure Linux import from Fedora 41 (license: MIT). +- License verified. + +* Thu Jul 18 2024 Fedora Release Engineering - 1.14.0-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Mon Jul 8 2024 Rafael Aquini - 1.14.0-8 +- Mark memkind as deprecated following its upstream discontinuation notice +- Fix minor typo on memkind.spec changelog section + +* Thu Jan 25 2024 Fedora Release Engineering - 1.14.0-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 1.14.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Wed Nov 8 2023 Rafael Aquini - 1.14.0-5 +- SPDX migration + +* Thu Jul 20 2023 Fedora Release Engineering - 1.14.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Tue Jan 24 2023 Rafael Aquini - 1.14.0-3 +- Fix build issues after https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Thu Jan 19 2023 Fedora Release Engineering - 1.14.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Fri Jan 13 2023 Rafael Aquini - 1.14.0-1 +- Update memkind source file to 1.14.0 upstream + +* Thu Jul 21 2022 Fedora Release Engineering - 1.13.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Fri Jan 28 2022 Rafael Aquini - 1.13.0-1 +- Update memkind source file to 1.13.0 upstream + +* Thu Jan 20 2022 Fedora Release Engineering - 1.11.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Mon Aug 23 2021 Rafael Aquini - 1.11.0-1 +- Update memkind source file to 1.11.0 upstream + +* Thu Jul 22 2021 Fedora Release Engineering - 1.10.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Tue Jan 26 2021 Fedora Release Engineering - 1.10.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Thu Oct 15 2020 Rafael Aquini - 1.10.1-2 +- Work around false positive warning with gcc-11 + +* Wed Oct 07 2020 Rafael Aquini - 1.10.1-1 +- Update memkind source file to 1.10.1 upstream + +* Wed Jul 29 2020 Jeff Law - 1.10.0-3 +- Avoid uninitialized variable in testsuite + +* Tue Jul 28 2020 Fedora Release Engineering - 1.10.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Sat Feb 01 2020 Rafael Aquini - 1.10.0-1 - Update memkind source file to 1.10.0 upstream @@ -185,3 +261,4 @@ rm -f %{buildroot}/%{_docdir}/%{name}/VERSION * Mon May 18 2015 Rafael Aquini - 0.2.2-1.20150518git - Initial RPM packaging for Fedora + diff --git a/SPECS-EXTENDED/minizip-ng/minizip-2.10.0-use-pkgconfig-for-zstd.patch b/SPECS-EXTENDED/minizip-ng/minizip-2.10.0-use-pkgconfig-for-zstd.patch new file mode 100644 index 0000000000..456763cc9d --- /dev/null +++ b/SPECS-EXTENDED/minizip-ng/minizip-2.10.0-use-pkgconfig-for-zstd.patch @@ -0,0 +1,19 @@ +diff --git a/CMakeLists.txt b/CMakeLists.txt +index a6deb4c..c579059 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -115,7 +115,13 @@ endif() + # Check if zstd installation is present + if(MZ_ZSTD) + if(NOT ZSTD_FORCE_FETCH) +- find_package(ZSTD QUIET) ++ find_package(PkgConfig) ++ if(PKGCONFIG_FOUND) ++ pkg_check_modules(ZSTD libzstd) ++ endif() ++ if(NOT ZSTD_FOUND) ++ find_package(ZSTD QUIET) ++ endif() + endif() + if(ZSTD_FOUND AND NOT ZSTD_FORCE_FETCH) + message(STATUS "Using ZSTD") diff --git a/SPECS-EXTENDED/minizip-ng/minizip-ng.signatures.json b/SPECS-EXTENDED/minizip-ng/minizip-ng.signatures.json new file mode 100644 index 0000000000..0b8db57b4a --- /dev/null +++ b/SPECS-EXTENDED/minizip-ng/minizip-ng.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "minizip-ng-4.0.7.tar.gz": "a87f1f734f97095fe1ef0018217c149d53d0f78438bcb77af38adc21dff2dfbc" + } +} diff --git a/SPECS-EXTENDED/minizip-ng/minizip-ng.spec b/SPECS-EXTENDED/minizip-ng/minizip-ng.spec new file mode 100644 index 0000000000..6843d6558f --- /dev/null +++ b/SPECS-EXTENDED/minizip-ng/minizip-ng.spec @@ -0,0 +1,361 @@ +%global compat_soname libminizip.so.1 + +# Compatible with the following minizip-compat version. +%global minizip_ver 1.2.13 +# Obsoletes minizip versions less than. +%global minizip_obsoletes 1.3 +# Old minizip-ng version before it was renamed to minizip-ng-compat +%global minizip_ng_ver 3.0.7 +# Obsolete version of old minizip-ng +%global minizip_ng_obsoletes 3.0.7-5 + +Name: minizip-ng +Version: 4.0.7 +Release: 2%{?dist} +Summary: Minizip-ng contrib in zlib-ng with the latest bug fixes and advanced features +Vendor: Microsoft Corporation +Distribution: Azure Linux +License: Zlib +URL: https://github.com/nmoinvaz/%{name} +Source0: https://github.com/nmoinvaz/%{name}/archive/%{version}/%{name}-%{version}.tar.gz + +BuildRequires: cmake +BuildRequires: gcc-c++ +BuildRequires: libbsd-devel +BuildRequires: zlib-devel +BuildRequires: bzip2-devel +BuildRequires: libzstd-devel +BuildRequires: xz-devel + +%description +Minizip-ng zlib-ng contribution that includes: +* AES encryption +* I/O buffering +* PKWARE disk splitting +It also has the latest bug fixes that having been found all over the internet. + + +%package devel +Summary: Development files for %{name} +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: zlib-devel + +%description devel +Development files for %{name} library. + +%if %{with compat} + +%package compat +Summary: Minizip implementation provided by %{name} +Provides: minizip = %{minizip_ver} +Provides: minizip-compat%{?_isa} = %{minizip_ver} +Obsoletes: minizip-compat < %{minizip_obsoletes} +# We need to Provide and Obsolete the old minizip-ng package before it was rename to minizip-ng-compat +Provides: minizip-ng = %{minizip_ng_ver} +Obsoletes: minizip-ng < %{minizip_ng_obsoletes} + +# This part is mandatory for the renaming process +# It can be removed in Fedora 42 +Provides: minizip <= %{version}-%{release} +Obsoletes: minizip < 3.0.3 + +%description compat +minizip-ng is a minizip replacement that provides optimizations for "next generation" +systems. +The %{name}-compat package contains the library that is API and binary +compatible with minizip. + +%package compat-devel +Summary: Development files for %{name}-compat +Requires: %{name}-compat%{?_isa} = %{version}-%{release} +Provides: minizip-compat-devel = %{minizip_ver} +Provides: minizip-compat-devel%{?_isa} = %{minizip_ver} +Obsoletes: minizip-compat-devel < %{minizip_obsoletes} +# We need to Provide and Obsolete the old minizip-ng package before it was rename to minizip-ng-compat +Provides: minizip-ng-devel = %{minizip_ng_ver} +Obsoletes: minizip-ng-devel < %{minizip_ng_obsoletes} + +# This part is mandatory for the renaming process +# It can be removed in Fedora 42 +Provides: minizip-devel <= %{version}-%{release} +Obsoletes: minizip-devel < 3.0.3 + +%description compat-devel +The %{name}-compat-devel package contains libraries and header files for +developing application that use minizip. + +%endif + + +%prep +%autosetup -p 1 -n %{name}-%{version} + + +%build + +cat <<_EOF_ +########################################################################### +# +# Build the default minizip-ng library +# +########################################################################### +_EOF_ + +%global __cmake_builddir %{_vpath_builddir} +%cmake \ + -DMZ_BUILD_TESTS:BOOL=ON \ + -DSKIP_INSTALL_BINARIES:BOOL=ON \ + -DCMAKE_INSTALL_INCLUDEDIR=include \ + -DCMAKE_INSTALL_LIBDIR=%{_libdir} \ + -DMZ_FORCE_FETCH_LIBS:BOOL=OFF \ + -DMZ_COMPAT:BOOL=OFF + +%cmake_build + +%if %{with compat} +cat <<_EOF_ +########################################################################### +# +# Build the compat mode library +# +########################################################################### +_EOF_ + +%global __cmake_builddir %{_vpath_builddir}-compat +%cmake \ + -DMZ_BUILD_TESTS:BOOL=ON \ + -DSKIP_INSTALL_BINARIES:BOOL=ON \ + -DCMAKE_INSTALL_INCLUDEDIR=include \ + -DCMAKE_INSTALL_LIBDIR=%{_libdir} \ + -DMZ_FORCE_FETCH_LIBS:BOOL=OFF \ + -DMZ_COMPAT:BOOL=ON + +%cmake_build +%endif + +%install +%global __cmake_builddir %{_vpath_builddir} +%cmake_install + +%if %{with compat} +%global __cmake_builddir %{_vpath_builddir}-compat +%cmake_install +%endif + + +%files +%license LICENSE +%doc README.md +%{_libdir}/libminizip-ng.so.4 +%{_libdir}/libminizip-ng.so.4{,.*} + + +%files devel +%{_libdir}/libminizip-ng.so +%{_libdir}/pkgconfig/minizip-ng.pc +%{_libdir}/cmake/minizip-ng/ +%{_includedir}/minizip-ng/mz*.h + + +# Compat files +%if %{with compat} + +%files compat +%{_libdir}/%{compat_soname} +%{_libdir}/libminizip.so.4{,.*} + +%files compat-devel +%{_libdir}/libminizip.so +%{_libdir}/pkgconfig/minizip.pc +%{_libdir}/cmake/minizip/ +%{_includedir}/minizip/mz*.h +%{_includedir}/minizip/unzip.h +%{_includedir}/minizip/zip.h +%{_includedir}/minizip/ioapi.h + +%endif + + +%changelog +* Fri Feb 21 2025 Archana Shettigar - 4.0.7-2 +- Initial Azure Linux import from Fedora 41 (license: MIT). +- License verified + +* Tue Jul 30 2024 Lukas Javorsky - 4.0.7-1 +- Rebase to version 4.0.7 + +* Thu Jul 18 2024 Fedora Release Engineering - 3.0.10-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Thu Feb 15 2024 Orion Poplawski - 3.0.10-8 +- Backport upstream change of MZ_VERSION_BUILD to hex number + +* Thu Jan 25 2024 Fedora Release Engineering - 3.0.10-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 3.0.10-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Dec 18 2023 Lukas Javorsky - 3.0.10-5 +- Fix unzLocateFile incompability (upstream commit) +- Fix zip_fileinfo incompability (upstream commit) + +* Mon Dec 18 2023 Lukas Javorsky - 3.0.10-4 +- Fix CVE-2023-48107 (Heapbuffer Overflow) + +* Mon Dec 04 2023 Lukas Javorsky - 3.0.10-3 +- Release bump + +* Tue Aug 29 2023 Lukas Javorsky - 3.0.10-1 +- Rebase to version 3.0.10 +- Build both compat and classic minizip-ng libraries + +* Thu Jul 20 2023 Fedora Release Engineering - 3.0.7-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Thu Jan 19 2023 Fedora Release Engineering - 3.0.7-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Mon Nov 14 2022 Julian Sikorski - 3.0.7-2 +- Fix broken pkg-config file (RH #1998742) +- Update %%cmake call to use current and supported variables + +* Fri Nov 04 2022 Lukas Javorsky - 3.0.7-1 +- Rebase to version 3.0.7 + +* Fri Nov 04 2022 Lukas Javorsky - 3.0.6-1 +- Rebase to version 3.0.6 + +* Fri Nov 04 2022 Lukas Javorsky - 3.0.5-1 +- Rebase to version 3.0.5 + +* Fri Nov 04 2022 Lukas Javorsky - 3.0.4-1 +- Rebase to version 3.0.4 + +* Fri Nov 04 2022 Lukas Javorsky - 3.0.3-1 +- Rebase to version 3.0.3 + +* Thu Oct 06 2022 Lukas Javorsky - 3.0.2-7 +- Renaming the minizip package to minizip-ng +- Fedora change dedicated to this: https://fedoraproject.org/wiki/Changes/MinizipRenaming + +* Thu Jan 20 2022 Fedora Release Engineering - 3.0.2-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Tue Sep 14 2021 Sahana Prasad - 3.0.2-5 +- Rebuilt with OpenSSL 3.0.0 + +* Wed Aug 11 2021 Björn Esser - 3.0.2-4 +- Add patch to fix pkgconfig file + +* Thu Jul 22 2021 Fedora Release Engineering - 3.0.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Wed Jun 23 2021 Rex Dieter - 3.0.2-2 +- drop ldconfig scriptlets (https://fedoraproject.org/wiki/Changes/Removing_ldconfig_scriptlets) +- drop explicit BR: make (already pulled in via cmake) +- %%build: one cmake option per line +- %%check: drop 'make test', does nothing +- -devel: drop explicit cmake dep (autodeps should add cmake-filesystem already) + +* Wed Jun 09 2021 Patrik Novotný - 3.0.2-1 +- Rebase to upstream release 3.0.2 + +* Wed Apr 14 2021 Patrik Novotný - 3.0.1-1 +- Rebase to upstream release 3.0.1 + +* Tue Feb 09 2021 Patrik Novotný - 3.0.0-1 +- Rebase to upstream release 3.0.0 +- Use OpenSSL instead of BRG libraries + +* Tue Jan 26 2021 Fedora Release Engineering - 2.10.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jan 12 2021 Patrik Novotný - 2.10.6-1 +- Rebase to upstream release 2.10.6 + +* Mon Oct 26 2020 Patrik Novotný - 2.10.2-1 +- Rebase to upstream release 2.10.2 + +* Tue Oct 13 2020 Patrik Novotný - 2.10.1 +- Rebase to upstream release 2.10.1 + +* Tue Aug 11 2020 Honza Horak - 2.10.0-4 +- Fix FTBFS caused by cmake changes + Resolves: #1864153 + +* Sat Aug 01 2020 Fedora Release Engineering - 2.10.0-3 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jul 28 2020 Fedora Release Engineering - 2.10.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Wed Jul 01 2020 Patrik Novotný - 2.10.0-1 +- Rebase to upstream release 2.10.0 + +* Tue May 26 2020 Patrik Novotný - 2.9.3-1 +- Rebase to upstream release 2.9.3 + +* Tue May 05 2020 Patrik Novotný - 2.9.2-1 +- Rebase to upstream release 2.9.2 + +* Wed Jan 29 2020 Fedora Release Engineering - 2.9.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Mon Nov 25 2019 Patrik Novotný - 2.9.1-1 +- New upstream release: 2.9.1 + +* Tue Sep 24 2019 Patrik Novotný - 2.9.0-1 +- New upstream release: 2.9.0 + +* Thu Jul 25 2019 Fedora Release Engineering - 2.8.9-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Mon Jul 08 2019 Patrik Novotný - 2.8.9-1 +- New upstream release: 2.8.9 + +* Mon Jun 17 2019 Patrik Novotný - 2.8.8-2 +- Move header files to minizip subdirectory (fix implicit conflict) + +* Wed Jun 12 2019 Patrik Novotný - 2.8.8-1 +- New upstream release: 2.8.8 + +* Tue Apr 09 2019 Patrik Novotný - 2.8.6-1 +- Rebase to upstream version 2.8.6 + +* Thu Mar 21 2019 Patrik Novotný 2.8.5-1 +- Rebase to upstream version 2.8.5 + +* Wed Feb 13 2019 Patrik Novotný 2.8.3-4 +- Fix shared library prefix + +* Tue Feb 12 2019 Patrik Novotný 2.8.3-3 +- Fix ldconfig execution during build + +* Fri Feb 01 2019 Fedora Release Engineering - 2.8.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Wed Jan 30 2019 Patrik Novotný 2.8.3-1 +- Update to upstream version 2.8.3 + +* Thu Dec 06 2018 Patrik Novotný 2.8.1-1 +- Update to upstream version 2.8.1 + +* Wed Nov 28 2018 Patrik Novotný 2.8.0-2 +- Use absolute paths for install directories + +* Wed Nov 28 2018 Patrik Novotný 2.8.0-1 +- Update to upstream version 2.8.0 + +* Sun Oct 7 2018 Orion Poplawski 2.5.4-1 +- Update to 2.5.4 + +* Thu Aug 30 2018 Patrik Novotný 2.5.0-2 +- Provide bundled AES and SHA1 libraries + +* Thu Aug 16 2018 Patrik Novotný 2.5.0-1 +- Version update. Build againts system bzip2. + +* Thu Aug 9 2018 Patrik Novotný 2.3.9-1 +- Initial build diff --git a/SPECS-EXTENDED/ocaml-curses/ocaml-curses.signatures.json b/SPECS-EXTENDED/ocaml-curses/ocaml-curses.signatures.json index eb187a0078..a6d97e7d53 100644 --- a/SPECS-EXTENDED/ocaml-curses/ocaml-curses.signatures.json +++ b/SPECS-EXTENDED/ocaml-curses/ocaml-curses.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "ocaml-curses-1.0.4.tar.gz": "1f03655592a1554fb49595c5a52d25f95a74e533babd682fc6e6cf3d0eb1a6dc" + "ocaml-curses-1.0.11.tar.gz": "603c08e816b22e200f7818544ffd016620a808945cfa757dd1aeb245e0b51c0e" } } diff --git a/SPECS-EXTENDED/ocaml-curses/ocaml-curses.spec b/SPECS-EXTENDED/ocaml-curses/ocaml-curses.spec index e9a3272ac8..f13cbbf9cc 100644 --- a/SPECS-EXTENDED/ocaml-curses/ocaml-curses.spec +++ b/SPECS-EXTENDED/ocaml-curses/ocaml-curses.spec @@ -1,23 +1,20 @@ Vendor: Microsoft Corporation Distribution: Azure Linux -%global opt %(test -x %{_bindir}/ocamlopt && echo 1 || echo 0) +%global srcname curses -Name: ocaml-curses -Version: 1.0.4 -Release: 13%{?dist} +Name: ocaml-%{srcname} +Version: 1.0.11 +Release: 11%{?dist} Summary: OCaml bindings for ncurses -License: LGPLv2+ +License: LGPL-2.1-or-later WITH OCaml-LGPL-linking-exception -URL: http://savannah.nongnu.org/projects/ocaml-tmk/ -Source0: http://download.savannah.gnu.org/releases/ocaml-tmk/%{name}-%{version}.tar.gz +URL: https://github.com/mbacarella/curses +Source0: https://github.com/mbacarella/curses/archive/%{version}/%{srcname}-%{version}.tar.gz#/%{name}-%{version}.tar.gz -BuildRequires: ocaml >= 4.00.1 -BuildRequires: ocaml-findlib-devel >= 1.3.3-3 -BuildRequires: ncurses-devel -BuildRequires: gawk - -# Doesn't include a configure script, so we have to make one. -BuildRequires: autoconf, automake, libtool +BuildRequires: ocaml >= 4.02.0 +BuildRequires: ocaml-dune >= 2.7 +BuildRequires: ocaml-dune-configurator-devel +BuildRequires: pkgconfig(ncurses) %description @@ -26,13 +23,8 @@ OCaml bindings for ncurses. %package devel Summary: Development files for %{name} -Requires: %{name} = %{version}-%{release} - -# On aarch64, it is reported that ncurses-devel is not pulled in -# implicitly by ocaml (as is the case on x86-64 for some reason). In -# any case, it is likely that people installing ocaml-curses-devel -# will desire ncurses-devel, hence: -Requires: ncurses-devel +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: ncurses-devel%{?_isa} %description devel @@ -41,57 +33,122 @@ developing applications that use %{name}. %prep -%setup -q - -autoreconf +%autosetup -n curses-%{version} %build -%configure --enable-widec -make all -%if %opt -make opt -%endif +%dune_build %install -export DESTDIR=$RPM_BUILD_ROOT -export OCAMLFIND_DESTDIR=$RPM_BUILD_ROOT%{_libdir}/ocaml -mkdir -p $OCAMLFIND_DESTDIR $OCAMLFIND_DESTDIR/stublibs -%if %opt -ocamlfind install curses META *.cmi *.cmx *.cma *.cmxa *.a *.so *.mli -%else -ocamlfind install curses META *.cmi *.cma *.a *.so *.mli -%endif - - -%files -%doc COPYING -%{_libdir}/ocaml/curses -%if %opt -%exclude %{_libdir}/ocaml/curses/*.a -%exclude %{_libdir}/ocaml/curses/*.cmxa -%exclude %{_libdir}/ocaml/curses/*.cmx -%endif -%exclude %{_libdir}/ocaml/curses/*.mli -%{_libdir}/ocaml/stublibs/*.so -%{_libdir}/ocaml/stublibs/*.so.owner - - -%files devel -%doc COPYING -%if %opt -%{_libdir}/ocaml/curses/*.a -%{_libdir}/ocaml/curses/*.cmxa -%{_libdir}/ocaml/curses/*.cmx -%endif -%{_libdir}/ocaml/curses/*.mli +%dune_install + + +%check +%dune_check + + +%files -f .ofiles +%doc CHANGES.md README.md +%license COPYING + + +%files devel -f .ofiles-devel +%license COPYING %changelog -* Thu Oct 14 2021 Pawel Winogrodzki - 1.0.4-13 -- Switching to using full number for the 'Release' tag. -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Fri Dec 20 2024 Durga Jagadeesh Palli - 1.0.11-11 +- Initial Azure Linux import from Fedora 41 (license: MIT) +- License verified + +* Wed Jun 19 2024 Richard W.M. Jones - 1.0.11-10 +- OCaml 5.2.0 ppc64le fix + +* Wed May 29 2024 Richard W.M. Jones - 1.0.11-9 +- OCaml 5.2.0 for Fedora 41 + +* Thu Jan 25 2024 Fedora Release Engineering - 1.0.11-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 1.0.11-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Dec 18 2023 Richard W.M. Jones - 1.0.11-6 +- OCaml 5.1.1 + s390x code gen fix for Fedora 40 + +* Tue Dec 12 2023 Richard W.M. Jones - 1.0.11-5 +- OCaml 5.1.1 rebuild for Fedora 40 + +* Thu Oct 05 2023 Richard W.M. Jones - 1.0.11-4 +- OCaml 5.1 rebuild for Fedora 40 + +* Thu Jul 20 2023 Fedora Release Engineering - 1.0.11-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Tue Jul 11 2023 Richard W.M. Jones - 1.0.11-2 +- OCaml 5.0 rebuild for Fedora 39 + +* Mon Jul 10 2023 Jerry James - 1.0.11-1 +- Version 1.0.11 +- New project URLs +- Convert License tag to SPDX +- Build with dune +- Add %%check script + +* Tue Apr 25 2023 Florian Weimer - 1.0.4-30 +- Port configure script to C99 + +* Tue Jan 24 2023 Richard W.M. Jones - 1.0.4-29 +- Rebuild OCaml packages for F38 + +* Thu Jan 19 2023 Fedora Release Engineering - 1.0.4-28 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Fri Jul 22 2022 Fedora Release Engineering - 1.0.4-27 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Sat Jun 18 2022 Richard W.M. Jones - 1.0.4-26 +- OCaml 4.14.0 rebuild + +* Fri Feb 04 2022 Richard W.M. Jones - 1.0.4-25 +- OCaml 4.13.1 rebuild to remove package notes + +* Thu Jan 20 2022 Fedora Release Engineering - 1.0.4-24 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Mon Oct 04 2021 Richard W.M. Jones - 1.0.4-23 +- OCaml 4.13.1 build + +* Thu Jul 22 2021 Fedora Release Engineering - 1.0.4-22 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Mon Mar 1 14:31:54 GMT 2021 Richard W.M. Jones - 1.0.4-21 +- OCaml 4.12.0 build + +* Tue Jan 26 2021 Fedora Release Engineering - 1.0.4-20 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Sep 01 2020 Richard W.M. Jones - 1.0.4-19 +- OCaml 4.11.1 rebuild + +* Fri Aug 21 2020 Richard W.M. Jones - 1.0.4-18 +- OCaml 4.11.0 rebuild + +* Tue Jul 28 2020 Fedora Release Engineering - 1.0.4-17 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon May 04 2020 Richard W.M. Jones - 1.0.4-16 +- OCaml 4.11.0+dev2-2020-04-22 rebuild + +* Tue Apr 21 2020 Richard W.M. Jones - 1.0.4-15 +- OCaml 4.11.0 pre-release attempt 2 + +* Fri Apr 17 2020 Richard W.M. Jones - 1.0.4-14 +- OCaml 4.11.0 pre-release + +* Thu Apr 02 2020 Richard W.M. Jones - 1.0.4-13 +- Update all OCaml dependencies for RPM 4.16. * Thu Feb 27 2020 Richard W.M. Jones - 1.0.4-12.1 - OCaml 4.10.0 final (Fedora 32). diff --git a/SPECS-EXTENDED/ocaml-extlib/ocaml-extlib.signatures.json b/SPECS-EXTENDED/ocaml-extlib/ocaml-extlib.signatures.json index e66f29eec8..ff9b2f46fb 100644 --- a/SPECS-EXTENDED/ocaml-extlib/ocaml-extlib.signatures.json +++ b/SPECS-EXTENDED/ocaml-extlib/ocaml-extlib.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "extlib-1.7.8.tar.gz": "935ca46843af40dc33306d9cce66163d3733312bf444e969b5a8fa3f3024f85a" + "extlib-1.7.9.tar.gz": "58de4dde016deb00b4f33956ab9697282f4e607c6452e3d38f8e116405ffcdcb" } } diff --git a/SPECS-EXTENDED/ocaml-extlib/ocaml-extlib.spec b/SPECS-EXTENDED/ocaml-extlib/ocaml-extlib.spec index eee8d24d78..64b8210d17 100644 --- a/SPECS-EXTENDED/ocaml-extlib/ocaml-extlib.spec +++ b/SPECS-EXTENDED/ocaml-extlib/ocaml-extlib.spec @@ -1,20 +1,26 @@ -# The debuginfo package is empty, so don't generate it. -# Could possibly be fixed by passing -g option correctly to the compiler. +%ifnarch %{ocaml_native_compiler} %global debug_package %{nil} -Summary: OCaml ExtLib additions to the standard library +%endif + Name: ocaml-extlib -Version: 1.7.8 +Version: 1.7.9 Release: 1%{?dist} -License: LGPLv2 with exceptions +Summary: OCaml ExtLib additions to the standard library +License: LGPL-2.1-or-later with OCaml-LGPL-linking-exception Vendor: Microsoft Corporation Distribution: Azure Linux URL: https://github.com/ygrek/ocaml-extlib Source0: https://github.com/ygrek/ocaml-extlib/releases/download/%{version}/extlib-%{version}.tar.gz -BuildRequires: gawk -BuildRequires: ocaml -BuildRequires: ocaml-cppo -BuildRequires: ocaml-findlib-devel >= 1.5.1 + +BuildRequires: make +BuildRequires: ocaml >= 4.02 +BuildRequires: ocaml-findlib-devel >= 1.3.3-3 BuildRequires: ocaml-ocamldoc +BuildRequires: ocaml-cppo +BuildRequires: ocaml-rpm-macros +# In order to apply patches: +BuildRequires: git-core + %description ExtLib is a project aiming at providing a complete - yet small - @@ -24,48 +30,65 @@ modules, to modify some functions in order to get better performances or more safety (tail-recursive) but also to provide new modules which should be useful for the average OCaml programmer. + %package devel Summary: Development files for %{name} -Requires: %{name} = %{version}-%{release} +Requires: %{name}%{?_isa} = %{version}-%{release} + %description devel The %{name}-devel package contains libraries and signature files for developing applications that use %{name}. + %prep -%autosetup -n extlib-%{version} +%autosetup -S git -n extlib-%{version} + +# Remove references to the bytes library for OCaml 5.0 +sed -i '/bytes/d' src/META + %build -# Parallel builds do not work. -unset MAKEFLAGS -make build -j1 +# https://bugzilla.redhat.com/show_bug.cgi?id=1837823 +export minimal=1 +%ifarch %{ocaml_native_compiler} +%make_build +%else +%make_build -C src all +%endif + %install -export DESTDIR=%{buildroot} -export OCAMLFIND_DESTDIR=%{buildroot}%{_libdir}/ocaml +export OCAMLFIND_DESTDIR=$RPM_BUILD_ROOT%{_libdir}/ocaml mkdir -p $OCAMLFIND_DESTDIR $OCAMLFIND_DESTDIR/stublibs -make install -j1 -%files -%doc README.md -%license LICENSE -%{_libdir}/ocaml/extlib -%ifarch %{ocaml_native_compiler} -%exclude %{_libdir}/ocaml/extlib/*.a -%exclude %{_libdir}/ocaml/extlib/*.cmxa -%exclude %{_libdir}/ocaml/extlib/*.cmx -%endif -%exclude %{_libdir}/ocaml/extlib/*.mli +export minimal=1 +%make_install +%ocaml_files -%files devel + +%check +export minimal=1 %ifarch %{ocaml_native_compiler} -%{_libdir}/ocaml/extlib/*.a -%{_libdir}/ocaml/extlib/*.cmxa -%{_libdir}/ocaml/extlib/*.cmx +make test +%else +make -C test all run %endif -%{_libdir}/ocaml/extlib/*.mli + + +%files -f .ofiles +%doc README.md +%license LICENSE + + +%files devel -f .ofiles-devel + %changelog +* Fri Dec 20 2024 Durga Jagadeesh Palli - 1.7.9-1 +- Update to 1.7.9 +- License verified + * Tue Feb 08 2022 Thomas Crain - 1.7.8-1 - Upgrade to latest upstream version - Lint spec @@ -307,3 +330,4 @@ make install -j1 * Fri May 18 2007 Richard W.M. Jones - 1.5-1 - Initial RPM release. + diff --git a/SPECS-EXTENDED/ocl-icd/ocl-icd.signatures.json b/SPECS-EXTENDED/ocl-icd/ocl-icd.signatures.json new file mode 100644 index 0000000000..0e7ed15663 --- /dev/null +++ b/SPECS-EXTENDED/ocl-icd/ocl-icd.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "ocl-icd-2.2.13.tar.gz": "f85d59f3e8327f15637b91e4ae8df0829e94daeff68c647b2927b8376b1f8d92" + } +} diff --git a/SPECS-EXTENDED/ocl-icd/ocl-icd.spec b/SPECS-EXTENDED/ocl-icd/ocl-icd.spec new file mode 100644 index 0000000000..4807f43a80 --- /dev/null +++ b/SPECS-EXTENDED/ocl-icd/ocl-icd.spec @@ -0,0 +1,170 @@ +Vendor: Microsoft Corporation +Distribution: Azure Linux +Name: ocl-icd +Version: 2.2.13 +Release: 2%{?dist} +Summary: OpenCL Library (Installable Client Library) Bindings + +License: BSD +URL: https://github.com/OCL-dev/%{name}/ +Source0: https://github.com/OCL-dev/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz + +BuildRequires: gcc +BuildRequires: automake +BuildRequires: autoconf +BuildRequires: make +BuildRequires: libtool +BuildRequires: opencl-headers +BuildRequires: ruby rubygems + +%description +%{summary}. + +%package devel +Summary: OpenCL Library Development files +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: opencl-headers + +%description devel +This package contains the development files for the OpenCL ICD bindings. + +%prep +%autosetup + +%build +autoreconf -vfi +%configure +%make_build + +%install +%make_install +rm -vf %{buildroot}%{_libdir}/*.la +rm -vrf %{buildroot}%{_defaultdocdir} + +%check +make check + +%ldconfig_scriptlets + +%files +%license COPYING +%doc NEWS README +%{_libdir}/libOpenCL.so.* + +%files devel +%doc ocl_icd_loader_gen.map ocl_icd_bindings.c +%{_includedir}/ocl_icd.h +%{_libdir}/libOpenCL.so +%{_libdir}/pkgconfig/%{name}.pc +%{_libdir}/pkgconfig/OpenCL.pc + +%changelog +* Fri Oct 15 2021 Pawel Winogrodzki - 2.2.13-2 +- Initial CBL-Mariner import from Fedora 33 (license: MIT). + +* Tue Oct 06 2020 Dave Airlie - 2.2.13-1 +- update to 2.2.13 + +* Tue Jul 28 2020 Fedora Release Engineering - 2.2.12-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Fri Feb 07 2020 Dave Airlie - 2.2.12-9 +- Fix build with gcc10 + +* Wed Jan 29 2020 Fedora Release Engineering - 2.2.12-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Sat Aug 31 2019 Igor Gnatenko - 2.2.12-7 +- Drop Recommends for OCL implementations + +* Thu Jul 25 2019 Fedora Release Engineering - 2.2.12-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Thu Jul 11 2019 Adam Jackson - 2.2.12-5 +- Drop Recommends: beignet, retired in F30+ + +* Sat Mar 30 2019 Dave Airlie - 2.2.12-4 +- Update ocl icd names (#1653503) + +* Fri Feb 01 2019 Fedora Release Engineering - 2.2.12-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Fri Jul 13 2018 Fedora Release Engineering - 2.2.12-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Fri Mar 23 2018 Simone Caronni - 2.2.12-1 +- Update to 2.2.12, adds OpenCL 2.2 support. + +* Thu Feb 08 2018 Fedora Release Engineering - 2.2.11-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Thu Aug 03 2017 Fedora Release Engineering - 2.2.11-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 2.2.11-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Thu Feb 09 2017 Igor Gnatenko - 2.2.11-2 +- Add Recommends for all OpenCL implementations + +* Fri Jan 20 2017 Igor Gnatenko - 2.2.11-1 +- Update to 2.2.11 (RHBZ #1415150) + +* Sun Dec 04 2016 Igor Gnatenko - 2.2.10-1 +- Update to 2.2.10 + +* Mon Nov 21 2016 Orion Poplawski - 2.2.9-3 +- Drop unneeded BR on rubypick + +* Wed Aug 31 2016 Igor Gnatenko - 2.2.9-2 +- Rebuild for OpenCL 2.1 + +* Sun Aug 14 2016 Igor Gnatenko - 2.2.9-1 +- Update to 2.2.9 +- Drop requires for opencl-icd + +* Fri Apr 08 2016 Björn Esser - 2.2.8-3.git20151217.0122332 +- add Requires for virtual Provides: opencl-icd (RHBZ #1317600) +- add rubygems and rubypick to BuildRequires + +* Thu Feb 04 2016 Fedora Release Engineering - 2.2.8-2.git20151217.0122332 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Mon Dec 21 2015 François Cami - 2.2.8-1.git20151217.0122332 +- Update to 2.2.8. + +* Wed Jun 17 2015 Fedora Release Engineering - 2.2.7-2.git20150606.ebbc4c1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Tue Jun 09 2015 François Cami - 2.2.7-1.git20150609.ebbc4c1 +- Update to 2.2.7. + +* Sun Jun 07 2015 François Cami - 2.2.5-1.git20150606.de64dec +- Update to 2.2.5 (de64dec). + +* Mon May 18 2015 Fabian Deutsch - 2.2.4-1.git20150518.7c94f4a +- Update to 2.2.4 (7c94f4a) + +* Mon Jan 05 2015 François Cami - 2.2.3-1.git20141005.7cd0c2f +- Update to 2.2.3 (7cd0c2f). + +* Sun Aug 17 2014 Fedora Release Engineering - 2.0.4-3.git20131001.4ee231e +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 2.0.4-2.git20131001.4ee231e +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Tue Oct 01 2013 Björn Esser - 2.0.4-1.git20131001.4ee231e +- update to recent git-snapshot +- general cleanup, squashed unneeded BuildRequires +- cleanup the %%doc mess. +- add %%check for running the testsuite + +* Wed Aug 14 2013 Fedora Release Engineering - 2.0.2-3 +- Specfile cleanup + +* Sat Aug 03 2013 Fedora Release Engineering - 2.0.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Fri Mar 08 2013 Rob Clark 2.0.2-1 +- ocl-icd 2.0.2 diff --git a/SPECS-EXTENDED/ogdi/ogdi.signatures.json b/SPECS-EXTENDED/ogdi/ogdi.signatures.json index 620a32e56a..fc02a518a4 100644 --- a/SPECS-EXTENDED/ogdi/ogdi.signatures.json +++ b/SPECS-EXTENDED/ogdi/ogdi.signatures.json @@ -1,6 +1,7 @@ { "Signatures": { - "ogdi-4.1.0.tar.gz": "e69ba86f32fa0c91564e128dd8352f8f4280fefd9b820c8e4db1a5b03bf22ef1", + "ogdi-4.1.1.tar.gz": "ded93d519ea6aa153f6a7bd13b6782eefe9f2e44b15e2f699bf356558bbbf74b", "ogdi.pdf": "fbfcfaf7aebd713051c2a9ab500a273e9a11c882e0f1b4bf3ea8a5525cf7f2a9" } } + diff --git a/SPECS-EXTENDED/ogdi/ogdi.spec b/SPECS-EXTENDED/ogdi/ogdi.spec index 4318502d03..4e2a6653bf 100644 --- a/SPECS-EXTENDED/ogdi/ogdi.spec +++ b/SPECS-EXTENDED/ogdi/ogdi.spec @@ -1,23 +1,26 @@ +%global gittag 4_1_1 Summary: Open Geographic Datastore Interface -Name: ogdi -Version: 4.1.0 -Release: 9%{?dist} -License: BSD +Name: ogdi +Version: 4.1.1 +Release: 3%{?dist} +License: BSD Vendor: Microsoft Corporation Distribution: Azure Linux -URL: https://ogdi.sourceforge.net/ +URL: https://ogdi.sourceforge.net/ # new project location is https://github.com/libogdi/ogdi -Source0: https://github.com/libogdi/ogdi/archive/%{name}_4_1_0.tar.gz#/%{name}-%{version}.tar.gz -Source1: https://ogdi.sourceforge.net/ogdi.pdf -# https://bugzilla.redhat.com/show_bug.cgi?id=1470896 -Patch0: ogdi-%{version}-sailer.patch -BuildRequires: expat-devel -BuildRequires: gcc -BuildRequires: libtirpc-devel -BuildRequires: make -BuildRequires: tcl-devel -BuildRequires: unixODBC-devel -BuildRequires: zlib-devel +Source0: https://github.com/libogdi/ogdi/archive/%{name}_%{gittag}.tar.gz#/%{name}-%{version}.tar.gz +Source1: https://ogdi.sourceforge.net/ogdi.pdf +Patch0: ogdi-4.1.0-sailer.patch + +BuildRequires: make +BuildRequires: gcc +BuildRequires: zlib-devel +BuildRequires: expat-devel +BuildRequires: tcl-devel +BuildRequires: libtirpc-devel + +# ODBC driver has been removed in 4.1.1 without replacement +Obsoletes: %{name}-odbc < 4.1.1 %description OGDI is the Open Geographic Datastore Interface. OGDI is an @@ -29,35 +32,31 @@ geospatial data products over any TCP/IP network, and a driver-oriented approach to facilitate access to several geospatial data products/formats. + %package devel -Summary: OGDI header files and documentation -Requires: %{name} = %{version}-%{release} -Requires: expat-devel -Requires: pkgconfig -Requires: zlib-devel +Summary: OGDI header files and documentation +Requires: %{name} = %{version}-%{release} +Requires: pkgconfig +Requires: zlib-devel +Requires: expat-devel %description devel OGDI header files and developer's documentation. -%package odbc -Summary: ODBC driver for OGDI -Requires: %{name} = %{version}-%{release} - -%description odbc -ODBC driver for OGDI. %package tcl -Summary: TCL wrapper for OGDI -Requires: %{name} = %{version}-%{release} +Summary: TCL wrapper for OGDI +Requires: %{name} = %{version}-%{release} %description tcl TCL wrapper for OGDI. + %prep -%autosetup -p1 -n %{name}-%{version} +%autosetup -p1 -n %{name}-%{name}_%{gittag} # include documentation -cp -p %{SOURCE1} . +%{__cp} -p %{SOURCE1} . %build @@ -67,7 +66,7 @@ export CFG=debug # for -g # removal of -D_FORTIFY_SOURCE from preprocessor flags seems not needed any more # ogdits-3.1 test suite produces same result with and without the flag -export CFLAGS="%{optflags} -DDONT_TD_VOID -DUSE_TERMIO" +export CFLAGS="$RPM_OPT_FLAGS -DDONT_TD_VOID -DUSE_TERMIO" %configure \ --with-binconfigs \ --with-expat \ @@ -75,38 +74,33 @@ export CFLAGS="%{optflags} -DDONT_TD_VOID -DUSE_TERMIO" # WARNING !!! # using %{?_smp_mflags} may break build -make +%{__make} # build tcl interface -make -C ogdi/tcl_interface \ +%{__make} -C ogdi/tcl_interface \ TCL_LINKLIB="-ltcl" # build contributions -make -C contrib/gdal +%{__make} -C contrib/gdal -# build odbc drivers -make -C ogdi/attr_driver/odbc \ - ODBC_LINKLIB="-lodbc" %install # export env TOPDIR=`pwd`; TARGET=Linux; export TOPDIR TARGET -make install \ +%{__make} install \ INST_INCLUDE=%{buildroot}%{_includedir}/%{name} \ INST_LIB=%{buildroot}%{_libdir} \ INST_BIN=%{buildroot}%{_bindir} # install plugins olso -make install -C ogdi/tcl_interface \ - INST_LIB=%{buildroot}%{_libdir} -make install -C contrib/gdal \ +%{__make} install -C ogdi/tcl_interface \ INST_LIB=%{buildroot}%{_libdir} -make install -C ogdi/attr_driver/odbc \ +%{__make} install -C contrib/gdal \ INST_LIB=%{buildroot}%{_libdir} # remove example binary -rm %{buildroot}%{_bindir}/example? +%{__rm} %{buildroot}%{_bindir}/example? # we have multilib ogdi-config %if "%{_lib}" == "lib" @@ -119,9 +113,9 @@ rm %{buildroot}%{_bindir}/example? touch -r ogdi-config.in ogdi-config # install pkgconfig file and ogdi-config -mkdir -p %{buildroot}%{_libdir}/pkgconfig -install -p -m 644 ogdi.pc %{buildroot}%{_libdir}/pkgconfig/ -install -p -m 755 ogdi-config %{buildroot}%{_bindir}/ogdi-config-%{cpuarch} +%{__mkdir} -p %{buildroot}%{_libdir}/pkgconfig +%{__install} -p -m 644 ogdi.pc %{buildroot}%{_libdir}/pkgconfig/ +%{__install} -p -m 755 ogdi-config %{buildroot}%{_bindir}/ogdi-config-%{cpuarch} # ogdi-config wrapper for multiarch cat > %{buildroot}%{_bindir}/%{name}-config < - 4.1.0-9 -- Initial CBL-Mariner import from Fedora 37 (license: MIT). -- License verified +* Wed Dec 11 2024 Durga Jagadeesh Palli - 4.1.1-3 +- Initial Azure Linux import from Fedora 41 (license: MIT) +- License Verified + +* Thu Jul 18 2024 Fedora Release Engineering - 4.1.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Thu Feb 01 2024 Dan Horák - 4.1.1-1 +- Update to 4.1.1 (fixes rhbz#2261412) +- Remove odbc subpackage + +* Thu Jan 25 2024 Fedora Release Engineering - 4.1.0-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 4.1.0-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Thu Jul 20 2023 Fedora Release Engineering - 4.1.0-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Sun Feb 05 2023 Florian Weimer - 4.1.0-10 +- Fix C99 compatibility issue + +* Thu Jan 19 2023 Fedora Release Engineering - 4.1.0-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild * Fri Jul 22 2022 Fedora Release Engineering - 4.1.0-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild diff --git a/SPECS-EXTENDED/opencl-headers/cl.hpp b/SPECS-EXTENDED/opencl-headers/cl.hpp new file mode 100644 index 0000000000..396b86719f --- /dev/null +++ b/SPECS-EXTENDED/opencl-headers/cl.hpp @@ -0,0 +1,12934 @@ +/******************************************************************************* + * Copyright (c) 2008-2015 The Khronos Group Inc. + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and/or associated documentation files (the + * "Materials"), to deal in the Materials without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Materials, and to + * permit persons to whom the Materials are furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be included + * in all copies or substantial portions of the Materials. + * + * THE MATERIALS ARE PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. + * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY + * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, + * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * MATERIALS OR THE USE OR OTHER DEALINGS IN THE MATERIALS. + ******************************************************************************/ + +/*! \file + * + * \brief C++ bindings for OpenCL 1.0 (rev 48), OpenCL 1.1 (rev 33) and + * OpenCL 1.2 (rev 15) + * \author Benedict R. Gaster, Laurent Morichetti and Lee Howes + * + * Additions and fixes from: + * Brian Cole, March 3rd 2010 and April 2012 + * Matt Gruenke, April 2012. + * Bruce Merry, February 2013. + * Tom Deakin and Simon McIntosh-Smith, July 2013 + * + * \version 1.2.8 + * \date October 2015 + * + * Optional extension support + * + * cl + * cl_ext_device_fission + * #define USE_CL_DEVICE_FISSION + */ + +/*! \mainpage + * \section intro Introduction + * For many large applications C++ is the language of choice and so it seems + * reasonable to define C++ bindings for OpenCL. + * + * + * The interface is contained with a single C++ header file \em cl.hpp and all + * definitions are contained within the namespace \em cl. There is no additional + * requirement to include \em cl.h and to use either the C++ or original C + * bindings it is enough to simply include \em cl.hpp. + * + * The bindings themselves are lightweight and correspond closely to the + * underlying C API. Using the C++ bindings introduces no additional execution + * overhead. + * + * For detail documentation on the bindings see: + * + * The OpenCL C++ Wrapper API 1.2 (revision 09) + * http://www.khronos.org/registry/cl/specs/opencl-cplusplus-1.2.pdf + * + * \section example Example + * + * The following example shows a general use case for the C++ + * bindings, including support for the optional exception feature and + * also the supplied vector and string classes, see following sections for + * decriptions of these features. + * + * \code + * #define __CL_ENABLE_EXCEPTIONS + * + * #if defined(__APPLE__) || defined(__MACOSX) + * #include + * #else + * #include + * #endif + * #include + * #include + * #include + * + * const char * helloStr = "__kernel void " + * "hello(void) " + * "{ " + * " " + * "} "; + * + * int + * main(void) + * { + * cl_int err = CL_SUCCESS; + * try { + * + * std::vector platforms; + * cl::Platform::get(&platforms); + * if (platforms.size() == 0) { + * std::cout << "Platform size 0\n"; + * return -1; + * } + * + * cl_context_properties properties[] = + * { CL_CONTEXT_PLATFORM, (cl_context_properties)(platforms[0])(), 0}; + * cl::Context context(CL_DEVICE_TYPE_CPU, properties); + * + * std::vector devices = context.getInfo(); + * + * cl::Program::Sources source(1, + * std::make_pair(helloStr,strlen(helloStr))); + * cl::Program program_ = cl::Program(context, source); + * program_.build(devices); + * + * cl::Kernel kernel(program_, "hello", &err); + * + * cl::Event event; + * cl::CommandQueue queue(context, devices[0], 0, &err); + * queue.enqueueNDRangeKernel( + * kernel, + * cl::NullRange, + * cl::NDRange(4,4), + * cl::NullRange, + * NULL, + * &event); + * + * event.wait(); + * } + * catch (cl::Error err) { + * std::cerr + * << "ERROR: " + * << err.what() + * << "(" + * << err.err() + * << ")" + * << std::endl; + * } + * + * return EXIT_SUCCESS; + * } + * + * \endcode + * + */ +#ifndef CL_HPP_ +#define CL_HPP_ + +#ifdef _WIN32 + +#include + +#if defined(USE_DX_INTEROP) +#include +#include +#endif +#endif // _WIN32 + +#if defined(_MSC_VER) +#include +#endif // _MSC_VER + +// +#if defined(USE_CL_DEVICE_FISSION) +#include +#endif + +#if defined(__APPLE__) || defined(__MACOSX) +#include +#else +#include +#endif // !__APPLE__ + +#if (_MSC_VER >= 1700) || (__cplusplus >= 201103L) +#define CL_HPP_RVALUE_REFERENCES_SUPPORTED +#define CL_HPP_CPP11_ATOMICS_SUPPORTED +#include +#endif + +#if (__cplusplus >= 201103L) +#define CL_HPP_NOEXCEPT noexcept +#else +#define CL_HPP_NOEXCEPT +#endif + + +// To avoid accidentally taking ownership of core OpenCL types +// such as cl_kernel constructors are made explicit +// under OpenCL 1.2 +#if defined(CL_VERSION_1_2) && !defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) +#define __CL_EXPLICIT_CONSTRUCTORS explicit +#else // #if defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) +#define __CL_EXPLICIT_CONSTRUCTORS +#endif // #if defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) + +// Define deprecated prefixes and suffixes to ensure compilation +// in case they are not pre-defined +#if !defined(CL_EXT_PREFIX__VERSION_1_1_DEPRECATED) +#define CL_EXT_PREFIX__VERSION_1_1_DEPRECATED +#endif // #if !defined(CL_EXT_PREFIX__VERSION_1_1_DEPRECATED) +#if !defined(CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED) +#define CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED +#endif // #if !defined(CL_EXT_PREFIX__VERSION_1_1_DEPRECATED) + +#if !defined(CL_CALLBACK) +#define CL_CALLBACK +#endif //CL_CALLBACK + +#include +#include +#include + +#if defined(__CL_ENABLE_EXCEPTIONS) +#include +#endif // #if defined(__CL_ENABLE_EXCEPTIONS) + +#if !defined(__NO_STD_VECTOR) +#include +#endif + +#if !defined(__NO_STD_STRING) +#include +#endif + +#if defined(__ANDROID__) || defined(linux) || defined(__APPLE__) || defined(__MACOSX) +#include +#endif // linux + +#include + + +/*! \namespace cl + * + * \brief The OpenCL C++ bindings are defined within this namespace. + * + */ +namespace cl { + +class Memory; + +/** + * Deprecated APIs for 1.2 + */ +#if defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) || (defined(CL_VERSION_1_1) && !defined(CL_VERSION_1_2)) +#define __INIT_CL_EXT_FCN_PTR(name) \ + if(!pfn_##name) { \ + pfn_##name = (PFN_##name) \ + clGetExtensionFunctionAddress(#name); \ + if(!pfn_##name) { \ + } \ + } +#endif // #if defined(CL_VERSION_1_1) + +#if defined(CL_VERSION_1_2) +#define __INIT_CL_EXT_FCN_PTR_PLATFORM(platform, name) \ + if(!pfn_##name) { \ + pfn_##name = (PFN_##name) \ + clGetExtensionFunctionAddressForPlatform(platform, #name); \ + if(!pfn_##name) { \ + } \ + } +#endif // #if defined(CL_VERSION_1_1) + +class Program; +class Device; +class Context; +class CommandQueue; +class Memory; +class Buffer; + +#if defined(__CL_ENABLE_EXCEPTIONS) +/*! \brief Exception class + * + * This may be thrown by API functions when __CL_ENABLE_EXCEPTIONS is defined. + */ +class Error : public std::exception +{ +private: + cl_int err_; + const char * errStr_; +public: + /*! \brief Create a new CL error exception for a given error code + * and corresponding message. + * + * \param err error code value. + * + * \param errStr a descriptive string that must remain in scope until + * handling of the exception has concluded. If set, it + * will be returned by what(). + */ + Error(cl_int err, const char * errStr = NULL) : err_(err), errStr_(errStr) + {} + + ~Error() throw() {} + + /*! \brief Get error string associated with exception + * + * \return A memory pointer to the error message string. + */ + virtual const char * what() const throw () + { + if (errStr_ == NULL) { + return "empty"; + } + else { + return errStr_; + } + } + + /*! \brief Get error code associated with exception + * + * \return The error code. + */ + cl_int err(void) const { return err_; } +}; + +#define __ERR_STR(x) #x +#else +#define __ERR_STR(x) NULL +#endif // __CL_ENABLE_EXCEPTIONS + + +namespace detail +{ +#if defined(__CL_ENABLE_EXCEPTIONS) +static inline cl_int errHandler ( + cl_int err, + const char * errStr = NULL) +{ + if (err != CL_SUCCESS) { + throw Error(err, errStr); + } + return err; +} +#else +static inline cl_int errHandler (cl_int err, const char * errStr = NULL) +{ + (void) errStr; // suppress unused variable warning + return err; +} +#endif // __CL_ENABLE_EXCEPTIONS +} + + + +//! \cond DOXYGEN_DETAIL +#if !defined(__CL_USER_OVERRIDE_ERROR_STRINGS) +#define __GET_DEVICE_INFO_ERR __ERR_STR(clGetDeviceInfo) +#define __GET_PLATFORM_INFO_ERR __ERR_STR(clGetPlatformInfo) +#define __GET_DEVICE_IDS_ERR __ERR_STR(clGetDeviceIDs) +#define __GET_PLATFORM_IDS_ERR __ERR_STR(clGetPlatformIDs) +#define __GET_CONTEXT_INFO_ERR __ERR_STR(clGetContextInfo) +#define __GET_EVENT_INFO_ERR __ERR_STR(clGetEventInfo) +#define __GET_EVENT_PROFILE_INFO_ERR __ERR_STR(clGetEventProfileInfo) +#define __GET_MEM_OBJECT_INFO_ERR __ERR_STR(clGetMemObjectInfo) +#define __GET_IMAGE_INFO_ERR __ERR_STR(clGetImageInfo) +#define __GET_SAMPLER_INFO_ERR __ERR_STR(clGetSamplerInfo) +#define __GET_KERNEL_INFO_ERR __ERR_STR(clGetKernelInfo) +#if defined(CL_VERSION_1_2) +#define __GET_KERNEL_ARG_INFO_ERR __ERR_STR(clGetKernelArgInfo) +#endif // #if defined(CL_VERSION_1_2) +#define __GET_KERNEL_WORK_GROUP_INFO_ERR __ERR_STR(clGetKernelWorkGroupInfo) +#define __GET_PROGRAM_INFO_ERR __ERR_STR(clGetProgramInfo) +#define __GET_PROGRAM_BUILD_INFO_ERR __ERR_STR(clGetProgramBuildInfo) +#define __GET_COMMAND_QUEUE_INFO_ERR __ERR_STR(clGetCommandQueueInfo) + +#define __CREATE_CONTEXT_ERR __ERR_STR(clCreateContext) +#define __CREATE_CONTEXT_FROM_TYPE_ERR __ERR_STR(clCreateContextFromType) +#define __GET_SUPPORTED_IMAGE_FORMATS_ERR __ERR_STR(clGetSupportedImageFormats) + +#define __CREATE_BUFFER_ERR __ERR_STR(clCreateBuffer) +#define __COPY_ERR __ERR_STR(cl::copy) +#define __CREATE_SUBBUFFER_ERR __ERR_STR(clCreateSubBuffer) +#define __CREATE_GL_BUFFER_ERR __ERR_STR(clCreateFromGLBuffer) +#define __CREATE_GL_RENDER_BUFFER_ERR __ERR_STR(clCreateFromGLBuffer) +#define __GET_GL_OBJECT_INFO_ERR __ERR_STR(clGetGLObjectInfo) +#if defined(CL_VERSION_1_2) +#define __CREATE_IMAGE_ERR __ERR_STR(clCreateImage) +#define __CREATE_GL_TEXTURE_ERR __ERR_STR(clCreateFromGLTexture) +#define __IMAGE_DIMENSION_ERR __ERR_STR(Incorrect image dimensions) +#endif // #if defined(CL_VERSION_1_2) +#define __CREATE_SAMPLER_ERR __ERR_STR(clCreateSampler) +#define __SET_MEM_OBJECT_DESTRUCTOR_CALLBACK_ERR __ERR_STR(clSetMemObjectDestructorCallback) + +#define __CREATE_USER_EVENT_ERR __ERR_STR(clCreateUserEvent) +#define __SET_USER_EVENT_STATUS_ERR __ERR_STR(clSetUserEventStatus) +#define __SET_EVENT_CALLBACK_ERR __ERR_STR(clSetEventCallback) +#define __WAIT_FOR_EVENTS_ERR __ERR_STR(clWaitForEvents) + +#define __CREATE_KERNEL_ERR __ERR_STR(clCreateKernel) +#define __SET_KERNEL_ARGS_ERR __ERR_STR(clSetKernelArg) +#define __CREATE_PROGRAM_WITH_SOURCE_ERR __ERR_STR(clCreateProgramWithSource) +#define __CREATE_PROGRAM_WITH_BINARY_ERR __ERR_STR(clCreateProgramWithBinary) +#if defined(CL_VERSION_1_2) +#define __CREATE_PROGRAM_WITH_BUILT_IN_KERNELS_ERR __ERR_STR(clCreateProgramWithBuiltInKernels) +#endif // #if defined(CL_VERSION_1_2) +#define __BUILD_PROGRAM_ERR __ERR_STR(clBuildProgram) +#if defined(CL_VERSION_1_2) +#define __COMPILE_PROGRAM_ERR __ERR_STR(clCompileProgram) +#define __LINK_PROGRAM_ERR __ERR_STR(clLinkProgram) +#endif // #if defined(CL_VERSION_1_2) +#define __CREATE_KERNELS_IN_PROGRAM_ERR __ERR_STR(clCreateKernelsInProgram) + +#define __CREATE_COMMAND_QUEUE_ERR __ERR_STR(clCreateCommandQueue) +#define __SET_COMMAND_QUEUE_PROPERTY_ERR __ERR_STR(clSetCommandQueueProperty) +#define __ENQUEUE_READ_BUFFER_ERR __ERR_STR(clEnqueueReadBuffer) +#define __ENQUEUE_READ_BUFFER_RECT_ERR __ERR_STR(clEnqueueReadBufferRect) +#define __ENQUEUE_WRITE_BUFFER_ERR __ERR_STR(clEnqueueWriteBuffer) +#define __ENQUEUE_WRITE_BUFFER_RECT_ERR __ERR_STR(clEnqueueWriteBufferRect) +#define __ENQEUE_COPY_BUFFER_ERR __ERR_STR(clEnqueueCopyBuffer) +#define __ENQEUE_COPY_BUFFER_RECT_ERR __ERR_STR(clEnqueueCopyBufferRect) +#define __ENQUEUE_FILL_BUFFER_ERR __ERR_STR(clEnqueueFillBuffer) +#define __ENQUEUE_READ_IMAGE_ERR __ERR_STR(clEnqueueReadImage) +#define __ENQUEUE_WRITE_IMAGE_ERR __ERR_STR(clEnqueueWriteImage) +#define __ENQUEUE_COPY_IMAGE_ERR __ERR_STR(clEnqueueCopyImage) +#define __ENQUEUE_FILL_IMAGE_ERR __ERR_STR(clEnqueueFillImage) +#define __ENQUEUE_COPY_IMAGE_TO_BUFFER_ERR __ERR_STR(clEnqueueCopyImageToBuffer) +#define __ENQUEUE_COPY_BUFFER_TO_IMAGE_ERR __ERR_STR(clEnqueueCopyBufferToImage) +#define __ENQUEUE_MAP_BUFFER_ERR __ERR_STR(clEnqueueMapBuffer) +#define __ENQUEUE_MAP_IMAGE_ERR __ERR_STR(clEnqueueMapImage) +#define __ENQUEUE_UNMAP_MEM_OBJECT_ERR __ERR_STR(clEnqueueUnMapMemObject) +#define __ENQUEUE_NDRANGE_KERNEL_ERR __ERR_STR(clEnqueueNDRangeKernel) +#define __ENQUEUE_TASK_ERR __ERR_STR(clEnqueueTask) +#define __ENQUEUE_NATIVE_KERNEL __ERR_STR(clEnqueueNativeKernel) +#if defined(CL_VERSION_1_2) +#define __ENQUEUE_MIGRATE_MEM_OBJECTS_ERR __ERR_STR(clEnqueueMigrateMemObjects) +#endif // #if defined(CL_VERSION_1_2) + +#define __ENQUEUE_ACQUIRE_GL_ERR __ERR_STR(clEnqueueAcquireGLObjects) +#define __ENQUEUE_RELEASE_GL_ERR __ERR_STR(clEnqueueReleaseGLObjects) + + +#define __RETAIN_ERR __ERR_STR(Retain Object) +#define __RELEASE_ERR __ERR_STR(Release Object) +#define __FLUSH_ERR __ERR_STR(clFlush) +#define __FINISH_ERR __ERR_STR(clFinish) +#define __VECTOR_CAPACITY_ERR __ERR_STR(Vector capacity error) + +/** + * CL 1.2 version that uses device fission. + */ +#if defined(CL_VERSION_1_2) +#define __CREATE_SUB_DEVICES __ERR_STR(clCreateSubDevices) +#else +#define __CREATE_SUB_DEVICES __ERR_STR(clCreateSubDevicesEXT) +#endif // #if defined(CL_VERSION_1_2) + +/** + * Deprecated APIs for 1.2 + */ +#if defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) || (defined(CL_VERSION_1_1) && !defined(CL_VERSION_1_2)) +#define __ENQUEUE_MARKER_ERR __ERR_STR(clEnqueueMarker) +#define __ENQUEUE_WAIT_FOR_EVENTS_ERR __ERR_STR(clEnqueueWaitForEvents) +#define __ENQUEUE_BARRIER_ERR __ERR_STR(clEnqueueBarrier) +#define __UNLOAD_COMPILER_ERR __ERR_STR(clUnloadCompiler) +#define __CREATE_GL_TEXTURE_2D_ERR __ERR_STR(clCreateFromGLTexture2D) +#define __CREATE_GL_TEXTURE_3D_ERR __ERR_STR(clCreateFromGLTexture3D) +#define __CREATE_IMAGE2D_ERR __ERR_STR(clCreateImage2D) +#define __CREATE_IMAGE3D_ERR __ERR_STR(clCreateImage3D) +#endif // #if defined(CL_VERSION_1_1) + +#endif // __CL_USER_OVERRIDE_ERROR_STRINGS +//! \endcond + +/** + * CL 1.2 marker and barrier commands + */ +#if defined(CL_VERSION_1_2) +#define __ENQUEUE_MARKER_WAIT_LIST_ERR __ERR_STR(clEnqueueMarkerWithWaitList) +#define __ENQUEUE_BARRIER_WAIT_LIST_ERR __ERR_STR(clEnqueueBarrierWithWaitList) +#endif // #if defined(CL_VERSION_1_2) + +#if !defined(__USE_DEV_STRING) && !defined(__NO_STD_STRING) +typedef std::string STRING_CLASS; +#elif !defined(__USE_DEV_STRING) + +/*! \class string + * \brief Simple string class, that provides a limited subset of std::string + * functionality but avoids many of the issues that come with that class. + + * \note Deprecated. Please use std::string as default or + * re-define the string class to match the std::string + * interface by defining STRING_CLASS + */ +class CL_EXT_PREFIX__VERSION_1_1_DEPRECATED string CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED +{ +private: + ::size_t size_; + char * str_; +public: + //! \brief Constructs an empty string, allocating no memory. + string(void) : size_(0), str_(NULL) + { + } + + /*! \brief Constructs a string populated from an arbitrary value of + * specified size. + * + * An extra '\0' is added, in case none was contained in str. + * + * \param str the initial value of the string instance. Note that '\0' + * characters receive no special treatment. If NULL, + * the string is left empty, with a size of 0. + * + * \param size the number of characters to copy from str. + */ + string(const char * str, ::size_t size) : + size_(size), + str_(NULL) + { + if( size > 0 ) { + str_ = new char[size_+1]; + if (str_ != NULL) { + memcpy(str_, str, size_ * sizeof(char)); + str_[size_] = '\0'; + } + else { + size_ = 0; + } + } + } + + /*! \brief Constructs a string populated from a null-terminated value. + * + * \param str the null-terminated initial value of the string instance. + * If NULL, the string is left empty, with a size of 0. + */ + string(const char * str) : + size_(0), + str_(NULL) + { + if( str ) { + size_= ::strlen(str); + } + if( size_ > 0 ) { + str_ = new char[size_ + 1]; + if (str_ != NULL) { + memcpy(str_, str, (size_ + 1) * sizeof(char)); + } + } + } + + void resize( ::size_t n ) + { + if( size_ == n ) { + return; + } + if (n == 0) { + if( str_ ) { + delete [] str_; + } + str_ = NULL; + size_ = 0; + } + else { + char *newString = new char[n + 1]; + ::size_t copySize = n; + if( size_ < n ) { + copySize = size_; + } + size_ = n; + + if(str_) { + memcpy(newString, str_, (copySize + 1) * sizeof(char)); + } + if( copySize < size_ ) { + memset(newString + copySize, 0, size_ - copySize); + } + newString[size_] = '\0'; + + delete [] str_; + str_ = newString; + } + } + + const char& operator[] ( ::size_t pos ) const + { + return str_[pos]; + } + + char& operator[] ( ::size_t pos ) + { + return str_[pos]; + } + + /*! \brief Copies the value of another string to this one. + * + * \param rhs the string to copy. + * + * \returns a reference to the modified instance. + */ + string& operator=(const string& rhs) + { + if (this == &rhs) { + return *this; + } + + if( str_ != NULL ) { + delete [] str_; + str_ = NULL; + size_ = 0; + } + + if (rhs.size_ == 0 || rhs.str_ == NULL) { + str_ = NULL; + size_ = 0; + } + else { + str_ = new char[rhs.size_ + 1]; + size_ = rhs.size_; + + if (str_ != NULL) { + memcpy(str_, rhs.str_, (size_ + 1) * sizeof(char)); + } + else { + size_ = 0; + } + } + + return *this; + } + + /*! \brief Constructs a string by copying the value of another instance. + * + * \param rhs the string to copy. + */ + string(const string& rhs) : + size_(0), + str_(NULL) + { + *this = rhs; + } + + //! \brief Destructor - frees memory used to hold the current value. + ~string() + { + delete[] str_; + str_ = NULL; + } + + //! \brief Queries the length of the string, excluding any added '\0's. + ::size_t size(void) const { return size_; } + + //! \brief Queries the length of the string, excluding any added '\0's. + ::size_t length(void) const { return size(); } + + /*! \brief Returns a pointer to the private copy held by this instance, + * or "" if empty/unset. + */ + const char * c_str(void) const { return (str_) ? str_ : "";} +}; +typedef cl::string STRING_CLASS; +#endif // #elif !defined(__USE_DEV_STRING) + +#if !defined(__USE_DEV_VECTOR) && !defined(__NO_STD_VECTOR) +#define VECTOR_CLASS std::vector +#elif !defined(__USE_DEV_VECTOR) +#define VECTOR_CLASS cl::vector + +#if !defined(__MAX_DEFAULT_VECTOR_SIZE) +#define __MAX_DEFAULT_VECTOR_SIZE 10 +#endif + +/*! \class vector + * \brief Fixed sized vector implementation that mirroring + * + * \note Deprecated. Please use std::vector as default or + * re-define the vector class to match the std::vector + * interface by defining VECTOR_CLASS + + * \note Not recommended for use with custom objects as + * current implementation will construct N elements + * + * std::vector functionality. + * \brief Fixed sized vector compatible with std::vector. + * + * \note + * This differs from std::vector<> not just in memory allocation, + * but also in terms of when members are constructed, destroyed, + * and assigned instead of being copy constructed. + * + * \param T type of element contained in the vector. + * + * \param N maximum size of the vector. + */ +template +class CL_EXT_PREFIX__VERSION_1_1_DEPRECATED vector +{ +private: + T data_[N]; + unsigned int size_; + +public: + //! \brief Constructs an empty vector with no memory allocated. + vector() : + size_(static_cast(0)) + {} + + //! \brief Deallocates the vector's memory and destroys all of its elements. + ~vector() + { + clear(); + } + + //! \brief Returns the number of elements currently contained. + unsigned int size(void) const + { + return size_; + } + + /*! \brief Empties the vector of all elements. + * \note + * This does not deallocate memory but will invoke destructors + * on contained elements. + */ + void clear() + { + while(!empty()) { + pop_back(); + } + } + + /*! \brief Appends an element after the last valid element. + * Calling this on a vector that has reached capacity will throw an + * exception if exceptions are enabled. + */ + void push_back (const T& x) + { + if (size() < N) { + new (&data_[size_]) T(x); + size_++; + } else { + detail::errHandler(CL_MEM_OBJECT_ALLOCATION_FAILURE, __VECTOR_CAPACITY_ERR); + } + } + + /*! \brief Removes the last valid element from the vector. + * Calling this on an empty vector will throw an exception + * if exceptions are enabled. + */ + void pop_back(void) + { + if (size_ != 0) { + --size_; + data_[size_].~T(); + } else { + detail::errHandler(CL_MEM_OBJECT_ALLOCATION_FAILURE, __VECTOR_CAPACITY_ERR); + } + } + + /*! \brief Constructs with a value copied from another. + * + * \param vec the vector to copy. + */ + vector(const vector& vec) : + size_(vec.size_) + { + if (size_ != 0) { + assign(vec.begin(), vec.end()); + } + } + + /*! \brief Constructs with a specified number of initial elements. + * + * \param size number of initial elements. + * + * \param val value of initial elements. + */ + vector(unsigned int size, const T& val = T()) : + size_(0) + { + for (unsigned int i = 0; i < size; i++) { + push_back(val); + } + } + + /*! \brief Overwrites the current content with that copied from another + * instance. + * + * \param rhs vector to copy. + * + * \returns a reference to this. + */ + vector& operator=(const vector& rhs) + { + if (this == &rhs) { + return *this; + } + + if (rhs.size_ != 0) { + assign(rhs.begin(), rhs.end()); + } else { + clear(); + } + + return *this; + } + + /*! \brief Tests equality against another instance. + * + * \param vec the vector against which to compare. + */ + bool operator==(vector &vec) + { + if (size() != vec.size()) { + return false; + } + + for( unsigned int i = 0; i < size(); ++i ) { + if( operator[](i) != vec[i] ) { + return false; + } + } + return true; + } + + //! \brief Conversion operator to T*. + operator T* () { return data_; } + + //! \brief Conversion operator to const T*. + operator const T* () const { return data_; } + + //! \brief Tests whether this instance has any elements. + bool empty (void) const + { + return size_==0; + } + + //! \brief Returns the maximum number of elements this instance can hold. + unsigned int max_size (void) const + { + return N; + } + + //! \brief Returns the maximum number of elements this instance can hold. + unsigned int capacity () const + { + return N; + } + + //! \brief Resizes the vector to the given size + void resize(unsigned int newSize, T fill = T()) + { + if (newSize > N) + { + detail::errHandler(CL_MEM_OBJECT_ALLOCATION_FAILURE, __VECTOR_CAPACITY_ERR); + } + else + { + while (size_ < newSize) + { + new (&data_[size_]) T(fill); + size_++; + } + while (size_ > newSize) + { + --size_; + data_[size_].~T(); + } + } + } + + /*! \brief Returns a reference to a given element. + * + * \param index which element to access. * + * \note + * The caller is responsible for ensuring index is >= 0 and < size(). + */ + T& operator[](int index) + { + return data_[index]; + } + + /*! \brief Returns a const reference to a given element. + * + * \param index which element to access. + * + * \note + * The caller is responsible for ensuring index is >= 0 and < size(). + */ + const T& operator[](int index) const + { + return data_[index]; + } + + /*! \brief Assigns elements of the vector based on a source iterator range. + * + * \param start Beginning iterator of source range + * \param end Enditerator of source range + * + * \note + * Will throw an exception if exceptions are enabled and size exceeded. + */ + template + void assign(I start, I end) + { + clear(); + while(start != end) { + push_back(*start); + start++; + } + } + + /*! \class iterator + * \brief Const iterator class for vectors + */ + class iterator + { + private: + const vector *vec_; + int index_; + + /** + * Internal iterator constructor to capture reference + * to the vector it iterates over rather than taking + * the vector by copy. + */ + iterator (const vector &vec, int index) : + vec_(&vec) + { + if( !vec.empty() ) { + index_ = index; + } else { + index_ = -1; + } + } + + public: + iterator(void) : + index_(-1), + vec_(NULL) + { + } + + iterator(const iterator& rhs) : + vec_(rhs.vec_), + index_(rhs.index_) + { + } + + ~iterator(void) {} + + static iterator begin(const cl::vector &vec) + { + iterator i(vec, 0); + + return i; + } + + static iterator end(const cl::vector &vec) + { + iterator i(vec, vec.size()); + + return i; + } + + bool operator==(iterator i) + { + return ((vec_ == i.vec_) && + (index_ == i.index_)); + } + + bool operator!=(iterator i) + { + return (!(*this==i)); + } + + iterator& operator++() + { + ++index_; + return *this; + } + + iterator operator++(int) + { + iterator retVal(*this); + ++index_; + return retVal; + } + + iterator& operator--() + { + --index_; + return *this; + } + + iterator operator--(int) + { + iterator retVal(*this); + --index_; + return retVal; + } + + const T& operator *() const + { + return (*vec_)[index_]; + } + }; + + iterator begin(void) + { + return iterator::begin(*this); + } + + iterator begin(void) const + { + return iterator::begin(*this); + } + + iterator end(void) + { + return iterator::end(*this); + } + + iterator end(void) const + { + return iterator::end(*this); + } + + T& front(void) + { + return data_[0]; + } + + T& back(void) + { + return data_[size_]; + } + + const T& front(void) const + { + return data_[0]; + } + + const T& back(void) const + { + return data_[size_-1]; + } +} CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED; +#endif // #if !defined(__USE_DEV_VECTOR) && !defined(__NO_STD_VECTOR) + + + + + +namespace detail { +#define __DEFAULT_NOT_INITIALIZED 1 +#define __DEFAULT_BEING_INITIALIZED 2 +#define __DEFAULT_INITIALIZED 4 + + /* + * Compare and exchange primitives are needed for handling of defaults + */ + +#ifdef CL_HPP_CPP11_ATOMICS_SUPPORTED + inline int compare_exchange(std::atomic * dest, int exchange, int comparand) +#else // !CL_HPP_CPP11_ATOMICS_SUPPORTED + inline int compare_exchange(volatile int * dest, int exchange, int comparand) +#endif // !CL_HPP_CPP11_ATOMICS_SUPPORTED + { +#ifdef CL_HPP_CPP11_ATOMICS_SUPPORTED + std::atomic_compare_exchange_strong(dest, &comparand, exchange); + return comparand; +#elif _MSC_VER + return (int)(_InterlockedCompareExchange( + (volatile long*)dest, + (long)exchange, + (long)comparand)); +#else // !_MSC_VER && !CL_HPP_CPP11_ATOMICS_SUPPORTED + return (__sync_val_compare_and_swap( + dest, + comparand, + exchange)); +#endif // !CL_HPP_CPP11_ATOMICS_SUPPORTED + } + + inline void fence() { +#ifdef CL_HPP_CPP11_ATOMICS_SUPPORTED + std::atomic_thread_fence(std::memory_order_seq_cst); +#elif _MSC_VER // !CL_HPP_CPP11_ATOMICS_SUPPORTED + _ReadWriteBarrier(); +#else // !_MSC_VER && !CL_HPP_CPP11_ATOMICS_SUPPORTED + __sync_synchronize(); +#endif // !CL_HPP_CPP11_ATOMICS_SUPPORTED + } +} // namespace detail + + +/*! \brief class used to interface between C++ and + * OpenCL C calls that require arrays of size_t values, whose + * size is known statically. + */ +template +class size_t +{ +private: + ::size_t data_[N]; + +public: + //! \brief Initialize size_t to all 0s + size_t() + { + for( int i = 0; i < N; ++i ) { + data_[i] = 0; + } + } + + ::size_t& operator[](int index) + { + return data_[index]; + } + + const ::size_t& operator[](int index) const + { + return data_[index]; + } + + //! \brief Conversion operator to T*. + operator ::size_t* () { return data_; } + + //! \brief Conversion operator to const T*. + operator const ::size_t* () const { return data_; } +}; + +namespace detail { + +// Generic getInfoHelper. The final parameter is used to guide overload +// resolution: the actual parameter passed is an int, which makes this +// a worse conversion sequence than a specialization that declares the +// parameter as an int. +template +inline cl_int getInfoHelper(Functor f, cl_uint name, T* param, long) +{ + return f(name, sizeof(T), param, NULL); +} + +// Specialized getInfoHelper for VECTOR_CLASS params +template +inline cl_int getInfoHelper(Func f, cl_uint name, VECTOR_CLASS* param, long) +{ + ::size_t required; + cl_int err = f(name, 0, NULL, &required); + if (err != CL_SUCCESS) { + return err; + } + + T* value = (T*) alloca(required); + err = f(name, required, value, NULL); + if (err != CL_SUCCESS) { + return err; + } + + param->assign(&value[0], &value[required/sizeof(T)]); + return CL_SUCCESS; +} + +/* Specialization for reference-counted types. This depends on the + * existence of Wrapper::cl_type, and none of the other types having the + * cl_type member. Note that simplify specifying the parameter as Wrapper + * does not work, because when using a derived type (e.g. Context) the generic + * template will provide a better match. + */ +template +inline cl_int getInfoHelper(Func f, cl_uint name, VECTOR_CLASS* param, int, typename T::cl_type = 0) +{ + ::size_t required; + cl_int err = f(name, 0, NULL, &required); + if (err != CL_SUCCESS) { + return err; + } + + typename T::cl_type * value = (typename T::cl_type *) alloca(required); + err = f(name, required, value, NULL); + if (err != CL_SUCCESS) { + return err; + } + + ::size_t elements = required / sizeof(typename T::cl_type); + param->assign(&value[0], &value[elements]); + for (::size_t i = 0; i < elements; i++) + { + if (value[i] != NULL) + { + err = (*param)[i].retain(); + if (err != CL_SUCCESS) { + return err; + } + } + } + return CL_SUCCESS; +} + +// Specialized for getInfo +template +inline cl_int getInfoHelper(Func f, cl_uint name, VECTOR_CLASS* param, int) +{ + cl_int err = f(name, param->size() * sizeof(char *), &(*param)[0], NULL); + + if (err != CL_SUCCESS) { + return err; + } + + return CL_SUCCESS; +} + +// Specialized GetInfoHelper for STRING_CLASS params +template +inline cl_int getInfoHelper(Func f, cl_uint name, STRING_CLASS* param, long) +{ +#if defined(__NO_STD_VECTOR) || defined(__NO_STD_STRING) + ::size_t required; + cl_int err = f(name, 0, NULL, &required); + if (err != CL_SUCCESS) { + return err; + } + + char* value = (char*)alloca(required); + err = f(name, required, value, NULL); + if (err != CL_SUCCESS) { + return err; + } + + *param = value; + return CL_SUCCESS; +#else + ::size_t required; + cl_int err = f(name, 0, NULL, &required); + if (err != CL_SUCCESS) { + return err; + } + + // std::string has a constant data member + // a char vector does not + VECTOR_CLASS value(required); + err = f(name, required, value.data(), NULL); + if (err != CL_SUCCESS) { + return err; + } + if (param) { + param->assign(value.begin(), value.end()); + } +#endif + return CL_SUCCESS; +} + +// Specialized GetInfoHelper for cl::size_t params +template +inline cl_int getInfoHelper(Func f, cl_uint name, size_t* param, long) +{ + ::size_t required; + cl_int err = f(name, 0, NULL, &required); + if (err != CL_SUCCESS) { + return err; + } + + ::size_t* value = (::size_t*) alloca(required); + err = f(name, required, value, NULL); + if (err != CL_SUCCESS) { + return err; + } + + for(int i = 0; i < N; ++i) { + (*param)[i] = value[i]; + } + + return CL_SUCCESS; +} + +template struct ReferenceHandler; + +/* Specialization for reference-counted types. This depends on the + * existence of Wrapper::cl_type, and none of the other types having the + * cl_type member. Note that simplify specifying the parameter as Wrapper + * does not work, because when using a derived type (e.g. Context) the generic + * template will provide a better match. + */ +template +inline cl_int getInfoHelper(Func f, cl_uint name, T* param, int, typename T::cl_type = 0) +{ + typename T::cl_type value; + cl_int err = f(name, sizeof(value), &value, NULL); + if (err != CL_SUCCESS) { + return err; + } + *param = value; + if (value != NULL) + { + err = param->retain(); + if (err != CL_SUCCESS) { + return err; + } + } + return CL_SUCCESS; +} + +#define __PARAM_NAME_INFO_1_0(F) \ + F(cl_platform_info, CL_PLATFORM_PROFILE, STRING_CLASS) \ + F(cl_platform_info, CL_PLATFORM_VERSION, STRING_CLASS) \ + F(cl_platform_info, CL_PLATFORM_NAME, STRING_CLASS) \ + F(cl_platform_info, CL_PLATFORM_VENDOR, STRING_CLASS) \ + F(cl_platform_info, CL_PLATFORM_EXTENSIONS, STRING_CLASS) \ + \ + F(cl_device_info, CL_DEVICE_TYPE, cl_device_type) \ + F(cl_device_info, CL_DEVICE_VENDOR_ID, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_COMPUTE_UNITS, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_WORK_ITEM_DIMENSIONS, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_WORK_GROUP_SIZE, ::size_t) \ + F(cl_device_info, CL_DEVICE_MAX_WORK_ITEM_SIZES, VECTOR_CLASS< ::size_t>) \ + F(cl_device_info, CL_DEVICE_PREFERRED_VECTOR_WIDTH_CHAR, cl_uint) \ + F(cl_device_info, CL_DEVICE_PREFERRED_VECTOR_WIDTH_SHORT, cl_uint) \ + F(cl_device_info, CL_DEVICE_PREFERRED_VECTOR_WIDTH_INT, cl_uint) \ + F(cl_device_info, CL_DEVICE_PREFERRED_VECTOR_WIDTH_LONG, cl_uint) \ + F(cl_device_info, CL_DEVICE_PREFERRED_VECTOR_WIDTH_FLOAT, cl_uint) \ + F(cl_device_info, CL_DEVICE_PREFERRED_VECTOR_WIDTH_DOUBLE, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_CLOCK_FREQUENCY, cl_uint) \ + F(cl_device_info, CL_DEVICE_ADDRESS_BITS, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_READ_IMAGE_ARGS, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_WRITE_IMAGE_ARGS, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_MEM_ALLOC_SIZE, cl_ulong) \ + F(cl_device_info, CL_DEVICE_IMAGE2D_MAX_WIDTH, ::size_t) \ + F(cl_device_info, CL_DEVICE_IMAGE2D_MAX_HEIGHT, ::size_t) \ + F(cl_device_info, CL_DEVICE_IMAGE3D_MAX_WIDTH, ::size_t) \ + F(cl_device_info, CL_DEVICE_IMAGE3D_MAX_HEIGHT, ::size_t) \ + F(cl_device_info, CL_DEVICE_IMAGE3D_MAX_DEPTH, ::size_t) \ + F(cl_device_info, CL_DEVICE_IMAGE_SUPPORT, cl_bool) \ + F(cl_device_info, CL_DEVICE_MAX_PARAMETER_SIZE, ::size_t) \ + F(cl_device_info, CL_DEVICE_MAX_SAMPLERS, cl_uint) \ + F(cl_device_info, CL_DEVICE_MEM_BASE_ADDR_ALIGN, cl_uint) \ + F(cl_device_info, CL_DEVICE_MIN_DATA_TYPE_ALIGN_SIZE, cl_uint) \ + F(cl_device_info, CL_DEVICE_SINGLE_FP_CONFIG, cl_device_fp_config) \ + F(cl_device_info, CL_DEVICE_GLOBAL_MEM_CACHE_TYPE, cl_device_mem_cache_type) \ + F(cl_device_info, CL_DEVICE_GLOBAL_MEM_CACHELINE_SIZE, cl_uint)\ + F(cl_device_info, CL_DEVICE_GLOBAL_MEM_CACHE_SIZE, cl_ulong) \ + F(cl_device_info, CL_DEVICE_GLOBAL_MEM_SIZE, cl_ulong) \ + F(cl_device_info, CL_DEVICE_MAX_CONSTANT_BUFFER_SIZE, cl_ulong) \ + F(cl_device_info, CL_DEVICE_MAX_CONSTANT_ARGS, cl_uint) \ + F(cl_device_info, CL_DEVICE_LOCAL_MEM_TYPE, cl_device_local_mem_type) \ + F(cl_device_info, CL_DEVICE_LOCAL_MEM_SIZE, cl_ulong) \ + F(cl_device_info, CL_DEVICE_ERROR_CORRECTION_SUPPORT, cl_bool) \ + F(cl_device_info, CL_DEVICE_PROFILING_TIMER_RESOLUTION, ::size_t) \ + F(cl_device_info, CL_DEVICE_ENDIAN_LITTLE, cl_bool) \ + F(cl_device_info, CL_DEVICE_AVAILABLE, cl_bool) \ + F(cl_device_info, CL_DEVICE_COMPILER_AVAILABLE, cl_bool) \ + F(cl_device_info, CL_DEVICE_EXECUTION_CAPABILITIES, cl_device_exec_capabilities) \ + F(cl_device_info, CL_DEVICE_QUEUE_PROPERTIES, cl_command_queue_properties) \ + F(cl_device_info, CL_DEVICE_PLATFORM, cl_platform_id) \ + F(cl_device_info, CL_DEVICE_NAME, STRING_CLASS) \ + F(cl_device_info, CL_DEVICE_VENDOR, STRING_CLASS) \ + F(cl_device_info, CL_DRIVER_VERSION, STRING_CLASS) \ + F(cl_device_info, CL_DEVICE_PROFILE, STRING_CLASS) \ + F(cl_device_info, CL_DEVICE_VERSION, STRING_CLASS) \ + F(cl_device_info, CL_DEVICE_EXTENSIONS, STRING_CLASS) \ + \ + F(cl_context_info, CL_CONTEXT_REFERENCE_COUNT, cl_uint) \ + F(cl_context_info, CL_CONTEXT_DEVICES, VECTOR_CLASS) \ + F(cl_context_info, CL_CONTEXT_PROPERTIES, VECTOR_CLASS) \ + \ + F(cl_event_info, CL_EVENT_COMMAND_QUEUE, cl::CommandQueue) \ + F(cl_event_info, CL_EVENT_COMMAND_TYPE, cl_command_type) \ + F(cl_event_info, CL_EVENT_REFERENCE_COUNT, cl_uint) \ + F(cl_event_info, CL_EVENT_COMMAND_EXECUTION_STATUS, cl_int) \ + \ + F(cl_profiling_info, CL_PROFILING_COMMAND_QUEUED, cl_ulong) \ + F(cl_profiling_info, CL_PROFILING_COMMAND_SUBMIT, cl_ulong) \ + F(cl_profiling_info, CL_PROFILING_COMMAND_START, cl_ulong) \ + F(cl_profiling_info, CL_PROFILING_COMMAND_END, cl_ulong) \ + \ + F(cl_mem_info, CL_MEM_TYPE, cl_mem_object_type) \ + F(cl_mem_info, CL_MEM_FLAGS, cl_mem_flags) \ + F(cl_mem_info, CL_MEM_SIZE, ::size_t) \ + F(cl_mem_info, CL_MEM_HOST_PTR, void*) \ + F(cl_mem_info, CL_MEM_MAP_COUNT, cl_uint) \ + F(cl_mem_info, CL_MEM_REFERENCE_COUNT, cl_uint) \ + F(cl_mem_info, CL_MEM_CONTEXT, cl::Context) \ + \ + F(cl_image_info, CL_IMAGE_FORMAT, cl_image_format) \ + F(cl_image_info, CL_IMAGE_ELEMENT_SIZE, ::size_t) \ + F(cl_image_info, CL_IMAGE_ROW_PITCH, ::size_t) \ + F(cl_image_info, CL_IMAGE_SLICE_PITCH, ::size_t) \ + F(cl_image_info, CL_IMAGE_WIDTH, ::size_t) \ + F(cl_image_info, CL_IMAGE_HEIGHT, ::size_t) \ + F(cl_image_info, CL_IMAGE_DEPTH, ::size_t) \ + \ + F(cl_sampler_info, CL_SAMPLER_REFERENCE_COUNT, cl_uint) \ + F(cl_sampler_info, CL_SAMPLER_CONTEXT, cl::Context) \ + F(cl_sampler_info, CL_SAMPLER_NORMALIZED_COORDS, cl_bool) \ + F(cl_sampler_info, CL_SAMPLER_ADDRESSING_MODE, cl_addressing_mode) \ + F(cl_sampler_info, CL_SAMPLER_FILTER_MODE, cl_filter_mode) \ + \ + F(cl_program_info, CL_PROGRAM_REFERENCE_COUNT, cl_uint) \ + F(cl_program_info, CL_PROGRAM_CONTEXT, cl::Context) \ + F(cl_program_info, CL_PROGRAM_NUM_DEVICES, cl_uint) \ + F(cl_program_info, CL_PROGRAM_DEVICES, VECTOR_CLASS) \ + F(cl_program_info, CL_PROGRAM_SOURCE, STRING_CLASS) \ + F(cl_program_info, CL_PROGRAM_BINARY_SIZES, VECTOR_CLASS< ::size_t>) \ + F(cl_program_info, CL_PROGRAM_BINARIES, VECTOR_CLASS) \ + \ + F(cl_program_build_info, CL_PROGRAM_BUILD_STATUS, cl_build_status) \ + F(cl_program_build_info, CL_PROGRAM_BUILD_OPTIONS, STRING_CLASS) \ + F(cl_program_build_info, CL_PROGRAM_BUILD_LOG, STRING_CLASS) \ + \ + F(cl_kernel_info, CL_KERNEL_FUNCTION_NAME, STRING_CLASS) \ + F(cl_kernel_info, CL_KERNEL_NUM_ARGS, cl_uint) \ + F(cl_kernel_info, CL_KERNEL_REFERENCE_COUNT, cl_uint) \ + F(cl_kernel_info, CL_KERNEL_CONTEXT, cl::Context) \ + F(cl_kernel_info, CL_KERNEL_PROGRAM, cl::Program) \ + \ + F(cl_kernel_work_group_info, CL_KERNEL_WORK_GROUP_SIZE, ::size_t) \ + F(cl_kernel_work_group_info, CL_KERNEL_COMPILE_WORK_GROUP_SIZE, cl::size_t<3>) \ + F(cl_kernel_work_group_info, CL_KERNEL_LOCAL_MEM_SIZE, cl_ulong) \ + \ + F(cl_command_queue_info, CL_QUEUE_CONTEXT, cl::Context) \ + F(cl_command_queue_info, CL_QUEUE_DEVICE, cl::Device) \ + F(cl_command_queue_info, CL_QUEUE_REFERENCE_COUNT, cl_uint) \ + F(cl_command_queue_info, CL_QUEUE_PROPERTIES, cl_command_queue_properties) + +#if defined(CL_VERSION_1_1) +#define __PARAM_NAME_INFO_1_1(F) \ + F(cl_context_info, CL_CONTEXT_NUM_DEVICES, cl_uint)\ + F(cl_device_info, CL_DEVICE_PREFERRED_VECTOR_WIDTH_HALF, cl_uint) \ + F(cl_device_info, CL_DEVICE_NATIVE_VECTOR_WIDTH_CHAR, cl_uint) \ + F(cl_device_info, CL_DEVICE_NATIVE_VECTOR_WIDTH_SHORT, cl_uint) \ + F(cl_device_info, CL_DEVICE_NATIVE_VECTOR_WIDTH_INT, cl_uint) \ + F(cl_device_info, CL_DEVICE_NATIVE_VECTOR_WIDTH_LONG, cl_uint) \ + F(cl_device_info, CL_DEVICE_NATIVE_VECTOR_WIDTH_FLOAT, cl_uint) \ + F(cl_device_info, CL_DEVICE_NATIVE_VECTOR_WIDTH_DOUBLE, cl_uint) \ + F(cl_device_info, CL_DEVICE_NATIVE_VECTOR_WIDTH_HALF, cl_uint) \ + F(cl_device_info, CL_DEVICE_DOUBLE_FP_CONFIG, cl_device_fp_config) \ + F(cl_device_info, CL_DEVICE_HALF_FP_CONFIG, cl_device_fp_config) \ + F(cl_device_info, CL_DEVICE_HOST_UNIFIED_MEMORY, cl_bool) \ + F(cl_device_info, CL_DEVICE_OPENCL_C_VERSION, STRING_CLASS) \ + \ + F(cl_mem_info, CL_MEM_ASSOCIATED_MEMOBJECT, cl::Memory) \ + F(cl_mem_info, CL_MEM_OFFSET, ::size_t) \ + \ + F(cl_kernel_work_group_info, CL_KERNEL_PREFERRED_WORK_GROUP_SIZE_MULTIPLE, ::size_t) \ + F(cl_kernel_work_group_info, CL_KERNEL_PRIVATE_MEM_SIZE, cl_ulong) \ + \ + F(cl_event_info, CL_EVENT_CONTEXT, cl::Context) +#endif // CL_VERSION_1_1 + + +#if defined(CL_VERSION_1_2) +#define __PARAM_NAME_INFO_1_2(F) \ + F(cl_image_info, CL_IMAGE_BUFFER, cl::Buffer) \ + \ + F(cl_program_info, CL_PROGRAM_NUM_KERNELS, ::size_t) \ + F(cl_program_info, CL_PROGRAM_KERNEL_NAMES, STRING_CLASS) \ + \ + F(cl_program_build_info, CL_PROGRAM_BINARY_TYPE, cl_program_binary_type) \ + \ + F(cl_kernel_info, CL_KERNEL_ATTRIBUTES, STRING_CLASS) \ + \ + F(cl_kernel_arg_info, CL_KERNEL_ARG_ADDRESS_QUALIFIER, cl_kernel_arg_address_qualifier) \ + F(cl_kernel_arg_info, CL_KERNEL_ARG_ACCESS_QUALIFIER, cl_kernel_arg_access_qualifier) \ + F(cl_kernel_arg_info, CL_KERNEL_ARG_TYPE_NAME, STRING_CLASS) \ + F(cl_kernel_arg_info, CL_KERNEL_ARG_NAME, STRING_CLASS) \ + F(cl_kernel_arg_info, CL_KERNEL_ARG_TYPE_QUALIFIER, cl_kernel_arg_type_qualifier) \ + \ + F(cl_device_info, CL_DEVICE_PARENT_DEVICE, cl_device_id) \ + F(cl_device_info, CL_DEVICE_PARTITION_PROPERTIES, VECTOR_CLASS) \ + F(cl_device_info, CL_DEVICE_PARTITION_TYPE, VECTOR_CLASS) \ + F(cl_device_info, CL_DEVICE_REFERENCE_COUNT, cl_uint) \ + F(cl_device_info, CL_DEVICE_PREFERRED_INTEROP_USER_SYNC, ::size_t) \ + F(cl_device_info, CL_DEVICE_PARTITION_AFFINITY_DOMAIN, cl_device_affinity_domain) \ + F(cl_device_info, CL_DEVICE_BUILT_IN_KERNELS, STRING_CLASS) +#endif // #if defined(CL_VERSION_1_2) + +#if defined(USE_CL_DEVICE_FISSION) +#define __PARAM_NAME_DEVICE_FISSION(F) \ + F(cl_device_info, CL_DEVICE_PARENT_DEVICE_EXT, cl_device_id) \ + F(cl_device_info, CL_DEVICE_PARTITION_TYPES_EXT, VECTOR_CLASS) \ + F(cl_device_info, CL_DEVICE_AFFINITY_DOMAINS_EXT, VECTOR_CLASS) \ + F(cl_device_info, CL_DEVICE_REFERENCE_COUNT_EXT , cl_uint) \ + F(cl_device_info, CL_DEVICE_PARTITION_STYLE_EXT, VECTOR_CLASS) +#endif // USE_CL_DEVICE_FISSION + +template +struct param_traits {}; + +#define __CL_DECLARE_PARAM_TRAITS(token, param_name, T) \ +struct token; \ +template<> \ +struct param_traits \ +{ \ + enum { value = param_name }; \ + typedef T param_type; \ +}; + +__PARAM_NAME_INFO_1_0(__CL_DECLARE_PARAM_TRAITS) +#if defined(CL_VERSION_1_1) +__PARAM_NAME_INFO_1_1(__CL_DECLARE_PARAM_TRAITS) +#endif // CL_VERSION_1_1 +#if defined(CL_VERSION_1_2) +__PARAM_NAME_INFO_1_2(__CL_DECLARE_PARAM_TRAITS) +#endif // CL_VERSION_1_1 + +#if defined(USE_CL_DEVICE_FISSION) +__PARAM_NAME_DEVICE_FISSION(__CL_DECLARE_PARAM_TRAITS); +#endif // USE_CL_DEVICE_FISSION + +#ifdef CL_PLATFORM_ICD_SUFFIX_KHR +__CL_DECLARE_PARAM_TRAITS(cl_platform_info, CL_PLATFORM_ICD_SUFFIX_KHR, STRING_CLASS) +#endif + +#ifdef CL_DEVICE_PROFILING_TIMER_OFFSET_AMD +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_PROFILING_TIMER_OFFSET_AMD, cl_ulong) +#endif + +#ifdef CL_DEVICE_GLOBAL_FREE_MEMORY_AMD +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_GLOBAL_FREE_MEMORY_AMD, VECTOR_CLASS< ::size_t>) +#endif +#ifdef CL_DEVICE_SIMD_PER_COMPUTE_UNIT_AMD +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_SIMD_PER_COMPUTE_UNIT_AMD, cl_uint) +#endif +#ifdef CL_DEVICE_SIMD_WIDTH_AMD +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_SIMD_WIDTH_AMD, cl_uint) +#endif +#ifdef CL_DEVICE_SIMD_INSTRUCTION_WIDTH_AMD +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_SIMD_INSTRUCTION_WIDTH_AMD, cl_uint) +#endif +#ifdef CL_DEVICE_WAVEFRONT_WIDTH_AMD +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_WAVEFRONT_WIDTH_AMD, cl_uint) +#endif +#ifdef CL_DEVICE_GLOBAL_MEM_CHANNELS_AMD +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_GLOBAL_MEM_CHANNELS_AMD, cl_uint) +#endif +#ifdef CL_DEVICE_GLOBAL_MEM_CHANNEL_BANKS_AMD +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_GLOBAL_MEM_CHANNEL_BANKS_AMD, cl_uint) +#endif +#ifdef CL_DEVICE_GLOBAL_MEM_CHANNEL_BANK_WIDTH_AMD +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_GLOBAL_MEM_CHANNEL_BANK_WIDTH_AMD, cl_uint) +#endif +#ifdef CL_DEVICE_LOCAL_MEM_SIZE_PER_COMPUTE_UNIT_AMD +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_LOCAL_MEM_SIZE_PER_COMPUTE_UNIT_AMD, cl_uint) +#endif +#ifdef CL_DEVICE_LOCAL_MEM_BANKS_AMD +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_LOCAL_MEM_BANKS_AMD, cl_uint) +#endif + +#ifdef CL_DEVICE_COMPUTE_CAPABILITY_MAJOR_NV +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_COMPUTE_CAPABILITY_MAJOR_NV, cl_uint) +#endif +#ifdef CL_DEVICE_COMPUTE_CAPABILITY_MINOR_NV +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_COMPUTE_CAPABILITY_MINOR_NV, cl_uint) +#endif +#ifdef CL_DEVICE_REGISTERS_PER_BLOCK_NV +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_REGISTERS_PER_BLOCK_NV, cl_uint) +#endif +#ifdef CL_DEVICE_WARP_SIZE_NV +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_WARP_SIZE_NV, cl_uint) +#endif +#ifdef CL_DEVICE_GPU_OVERLAP_NV +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_GPU_OVERLAP_NV, cl_bool) +#endif +#ifdef CL_DEVICE_KERNEL_EXEC_TIMEOUT_NV +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_KERNEL_EXEC_TIMEOUT_NV, cl_bool) +#endif +#ifdef CL_DEVICE_INTEGRATED_MEMORY_NV +__CL_DECLARE_PARAM_TRAITS(cl_device_info, CL_DEVICE_INTEGRATED_MEMORY_NV, cl_bool) +#endif + +// Convenience functions + +template +inline cl_int +getInfo(Func f, cl_uint name, T* param) +{ + return getInfoHelper(f, name, param, 0); +} + +template +struct GetInfoFunctor0 +{ + Func f_; const Arg0& arg0_; + cl_int operator ()( + cl_uint param, ::size_t size, void* value, ::size_t* size_ret) + { return f_(arg0_, param, size, value, size_ret); } +}; + +template +struct GetInfoFunctor1 +{ + Func f_; const Arg0& arg0_; const Arg1& arg1_; + cl_int operator ()( + cl_uint param, ::size_t size, void* value, ::size_t* size_ret) + { return f_(arg0_, arg1_, param, size, value, size_ret); } +}; + +template +inline cl_int +getInfo(Func f, const Arg0& arg0, cl_uint name, T* param) +{ + GetInfoFunctor0 f0 = { f, arg0 }; + return getInfoHelper(f0, name, param, 0); +} + +template +inline cl_int +getInfo(Func f, const Arg0& arg0, const Arg1& arg1, cl_uint name, T* param) +{ + GetInfoFunctor1 f0 = { f, arg0, arg1 }; + return getInfoHelper(f0, name, param, 0); +} + +template +struct ReferenceHandler +{ }; + +#if defined(CL_VERSION_1_2) +/** + * OpenCL 1.2 devices do have retain/release. + */ +template <> +struct ReferenceHandler +{ + /** + * Retain the device. + * \param device A valid device created using createSubDevices + * \return + * CL_SUCCESS if the function executed successfully. + * CL_INVALID_DEVICE if device was not a valid subdevice + * CL_OUT_OF_RESOURCES + * CL_OUT_OF_HOST_MEMORY + */ + static cl_int retain(cl_device_id device) + { return ::clRetainDevice(device); } + /** + * Retain the device. + * \param device A valid device created using createSubDevices + * \return + * CL_SUCCESS if the function executed successfully. + * CL_INVALID_DEVICE if device was not a valid subdevice + * CL_OUT_OF_RESOURCES + * CL_OUT_OF_HOST_MEMORY + */ + static cl_int release(cl_device_id device) + { return ::clReleaseDevice(device); } +}; +#else // #if defined(CL_VERSION_1_2) +/** + * OpenCL 1.1 devices do not have retain/release. + */ +template <> +struct ReferenceHandler +{ + // cl_device_id does not have retain(). + static cl_int retain(cl_device_id) + { return CL_SUCCESS; } + // cl_device_id does not have release(). + static cl_int release(cl_device_id) + { return CL_SUCCESS; } +}; +#endif // #if defined(CL_VERSION_1_2) + +template <> +struct ReferenceHandler +{ + // cl_platform_id does not have retain(). + static cl_int retain(cl_platform_id) + { return CL_SUCCESS; } + // cl_platform_id does not have release(). + static cl_int release(cl_platform_id) + { return CL_SUCCESS; } +}; + +template <> +struct ReferenceHandler +{ + static cl_int retain(cl_context context) + { return ::clRetainContext(context); } + static cl_int release(cl_context context) + { return ::clReleaseContext(context); } +}; + +template <> +struct ReferenceHandler +{ + static cl_int retain(cl_command_queue queue) + { return ::clRetainCommandQueue(queue); } + static cl_int release(cl_command_queue queue) + { return ::clReleaseCommandQueue(queue); } +}; + +template <> +struct ReferenceHandler +{ + static cl_int retain(cl_mem memory) + { return ::clRetainMemObject(memory); } + static cl_int release(cl_mem memory) + { return ::clReleaseMemObject(memory); } +}; + +template <> +struct ReferenceHandler +{ + static cl_int retain(cl_sampler sampler) + { return ::clRetainSampler(sampler); } + static cl_int release(cl_sampler sampler) + { return ::clReleaseSampler(sampler); } +}; + +template <> +struct ReferenceHandler +{ + static cl_int retain(cl_program program) + { return ::clRetainProgram(program); } + static cl_int release(cl_program program) + { return ::clReleaseProgram(program); } +}; + +template <> +struct ReferenceHandler +{ + static cl_int retain(cl_kernel kernel) + { return ::clRetainKernel(kernel); } + static cl_int release(cl_kernel kernel) + { return ::clReleaseKernel(kernel); } +}; + +template <> +struct ReferenceHandler +{ + static cl_int retain(cl_event event) + { return ::clRetainEvent(event); } + static cl_int release(cl_event event) + { return ::clReleaseEvent(event); } +}; + + +// Extracts version number with major in the upper 16 bits, minor in the lower 16 +static cl_uint getVersion(const char *versionInfo) +{ + int highVersion = 0; + int lowVersion = 0; + int index = 7; + while(versionInfo[index] != '.' ) { + highVersion *= 10; + highVersion += versionInfo[index]-'0'; + ++index; + } + ++index; + while(versionInfo[index] != ' ' && versionInfo[index] != '\0') { + lowVersion *= 10; + lowVersion += versionInfo[index]-'0'; + ++index; + } + return (highVersion << 16) | lowVersion; +} + +static cl_uint getPlatformVersion(cl_platform_id platform) +{ + ::size_t size = 0; + clGetPlatformInfo(platform, CL_PLATFORM_VERSION, 0, NULL, &size); + char *versionInfo = (char *) alloca(size); + clGetPlatformInfo(platform, CL_PLATFORM_VERSION, size, &versionInfo[0], &size); + return getVersion(versionInfo); +} + +static cl_uint getDevicePlatformVersion(cl_device_id device) +{ + cl_platform_id platform; + clGetDeviceInfo(device, CL_DEVICE_PLATFORM, sizeof(platform), &platform, NULL); + return getPlatformVersion(platform); +} + +#if defined(CL_VERSION_1_2) && defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) +static cl_uint getContextPlatformVersion(cl_context context) +{ + // The platform cannot be queried directly, so we first have to grab a + // device and obtain its context + ::size_t size = 0; + clGetContextInfo(context, CL_CONTEXT_DEVICES, 0, NULL, &size); + if (size == 0) + return 0; + cl_device_id *devices = (cl_device_id *) alloca(size); + clGetContextInfo(context, CL_CONTEXT_DEVICES, size, devices, NULL); + return getDevicePlatformVersion(devices[0]); +} +#endif // #if defined(CL_VERSION_1_2) && defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) + +template +class Wrapper +{ +public: + typedef T cl_type; + +protected: + cl_type object_; + +public: + Wrapper() : object_(NULL) { } + + Wrapper(const cl_type &obj) : object_(obj) { } + + ~Wrapper() + { + if (object_ != NULL) { release(); } + } + + Wrapper(const Wrapper& rhs) + { + object_ = rhs.object_; + if (object_ != NULL) { detail::errHandler(retain(), __RETAIN_ERR); } + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + Wrapper(Wrapper&& rhs) CL_HPP_NOEXCEPT + { + object_ = rhs.object_; + rhs.object_ = NULL; + } +#endif + + Wrapper& operator = (const Wrapper& rhs) + { + if (this != &rhs) { + if (object_ != NULL) { detail::errHandler(release(), __RELEASE_ERR); } + object_ = rhs.object_; + if (object_ != NULL) { detail::errHandler(retain(), __RETAIN_ERR); } + } + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + Wrapper& operator = (Wrapper&& rhs) + { + if (this != &rhs) { + if (object_ != NULL) { detail::errHandler(release(), __RELEASE_ERR); } + object_ = rhs.object_; + rhs.object_ = NULL; + } + return *this; + } +#endif + + Wrapper& operator = (const cl_type &rhs) + { + if (object_ != NULL) { detail::errHandler(release(), __RELEASE_ERR); } + object_ = rhs; + return *this; + } + + cl_type operator ()() const { return object_; } + + cl_type& operator ()() { return object_; } + +protected: + template + friend inline cl_int getInfoHelper(Func, cl_uint, U*, int, typename U::cl_type); + + cl_int retain() const + { + return ReferenceHandler::retain(object_); + } + + cl_int release() const + { + return ReferenceHandler::release(object_); + } +}; + +template <> +class Wrapper +{ +public: + typedef cl_device_id cl_type; + +protected: + cl_type object_; + bool referenceCountable_; + + static bool isReferenceCountable(cl_device_id device) + { + bool retVal = false; + if (device != NULL) { + int version = getDevicePlatformVersion(device); + if(version > ((1 << 16) + 1)) { + retVal = true; + } + } + return retVal; + } + +public: + Wrapper() : object_(NULL), referenceCountable_(false) + { + } + + Wrapper(const cl_type &obj) : object_(obj), referenceCountable_(false) + { + referenceCountable_ = isReferenceCountable(obj); + } + + ~Wrapper() + { + if (object_ != NULL) { release(); } + } + + Wrapper(const Wrapper& rhs) + { + object_ = rhs.object_; + referenceCountable_ = isReferenceCountable(object_); + if (object_ != NULL) { detail::errHandler(retain(), __RETAIN_ERR); } + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + Wrapper(Wrapper&& rhs) CL_HPP_NOEXCEPT + { + object_ = rhs.object_; + referenceCountable_ = rhs.referenceCountable_; + rhs.object_ = NULL; + rhs.referenceCountable_ = false; + } +#endif + + Wrapper& operator = (const Wrapper& rhs) + { + if (this != &rhs) { + if (object_ != NULL) { detail::errHandler(release(), __RELEASE_ERR); } + object_ = rhs.object_; + referenceCountable_ = rhs.referenceCountable_; + if (object_ != NULL) { detail::errHandler(retain(), __RETAIN_ERR); } + } + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + Wrapper& operator = (Wrapper&& rhs) + { + if (this != &rhs) { + if (object_ != NULL) { detail::errHandler(release(), __RELEASE_ERR); } + object_ = rhs.object_; + referenceCountable_ = rhs.referenceCountable_; + rhs.object_ = NULL; + rhs.referenceCountable_ = false; + } + return *this; + } +#endif + + Wrapper& operator = (const cl_type &rhs) + { + if (object_ != NULL) { detail::errHandler(release(), __RELEASE_ERR); } + object_ = rhs; + referenceCountable_ = isReferenceCountable(object_); + return *this; + } + + cl_type operator ()() const { return object_; } + + cl_type& operator ()() { return object_; } + +protected: + template + friend inline cl_int getInfoHelper(Func, cl_uint, U*, int, typename U::cl_type); + + template + friend inline cl_int getInfoHelper(Func, cl_uint, VECTOR_CLASS*, int, typename U::cl_type); + + cl_int retain() const + { + if( referenceCountable_ ) { + return ReferenceHandler::retain(object_); + } + else { + return CL_SUCCESS; + } + } + + cl_int release() const + { + if( referenceCountable_ ) { + return ReferenceHandler::release(object_); + } + else { + return CL_SUCCESS; + } + } +}; + +} // namespace detail +//! \endcond + +/*! \stuct ImageFormat + * \brief Adds constructors and member functions for cl_image_format. + * + * \see cl_image_format + */ +struct ImageFormat : public cl_image_format +{ + //! \brief Default constructor - performs no initialization. + ImageFormat(){} + + //! \brief Initializing constructor. + ImageFormat(cl_channel_order order, cl_channel_type type) + { + image_channel_order = order; + image_channel_data_type = type; + } + + //! \brief Assignment operator. + ImageFormat& operator = (const ImageFormat& rhs) + { + if (this != &rhs) { + this->image_channel_data_type = rhs.image_channel_data_type; + this->image_channel_order = rhs.image_channel_order; + } + return *this; + } +}; + +/*! \brief Class interface for cl_device_id. + * + * \note Copies of these objects are inexpensive, since they don't 'own' + * any underlying resources or data structures. + * + * \see cl_device_id + */ +class Device : public detail::Wrapper +{ +public: + //! \brief Default constructor - initializes to NULL. + Device() : detail::Wrapper() { } + + /*! \brief Constructor from cl_device_id. + * + * This simply copies the device ID value, which is an inexpensive operation. + */ + __CL_EXPLICIT_CONSTRUCTORS Device(const cl_device_id &device) : detail::Wrapper(device) { } + + /*! \brief Returns the first device on the default context. + * + * \see Context::getDefault() + */ + static Device getDefault(cl_int * err = NULL); + + /*! \brief Assignment operator from cl_device_id. + * + * This simply copies the device ID value, which is an inexpensive operation. + */ + Device& operator = (const cl_device_id& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Device(const Device& dev) : detail::Wrapper(dev) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Device& operator = (const Device &dev) + { + detail::Wrapper::operator=(dev); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Device(Device&& dev) CL_HPP_NOEXCEPT : detail::Wrapper(std::move(dev)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Device& operator = (Device &&dev) + { + detail::Wrapper::operator=(std::move(dev)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + + //! \brief Wrapper for clGetDeviceInfo(). + template + cl_int getInfo(cl_device_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetDeviceInfo, object_, name, param), + __GET_DEVICE_INFO_ERR); + } + + //! \brief Wrapper for clGetDeviceInfo() that returns by value. + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_device_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + /** + * CL 1.2 version + */ +#if defined(CL_VERSION_1_2) + //! \brief Wrapper for clCreateSubDevicesEXT(). + cl_int createSubDevices( + const cl_device_partition_property * properties, + VECTOR_CLASS* devices) + { + cl_uint n = 0; + cl_int err = clCreateSubDevices(object_, properties, 0, NULL, &n); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __CREATE_SUB_DEVICES); + } + + cl_device_id* ids = (cl_device_id*) alloca(n * sizeof(cl_device_id)); + err = clCreateSubDevices(object_, properties, n, ids, NULL); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __CREATE_SUB_DEVICES); + } + + devices->assign(&ids[0], &ids[n]); + return CL_SUCCESS; + } +#endif // #if defined(CL_VERSION_1_2) + +/** + * CL 1.1 version that uses device fission. + */ +#if defined(CL_VERSION_1_1) +#if defined(USE_CL_DEVICE_FISSION) + cl_int createSubDevices( + const cl_device_partition_property_ext * properties, + VECTOR_CLASS* devices) + { + typedef CL_API_ENTRY cl_int + ( CL_API_CALL * PFN_clCreateSubDevicesEXT)( + cl_device_id /*in_device*/, + const cl_device_partition_property_ext * /* properties */, + cl_uint /*num_entries*/, + cl_device_id * /*out_devices*/, + cl_uint * /*num_devices*/ ) CL_EXT_SUFFIX__VERSION_1_1; + + static PFN_clCreateSubDevicesEXT pfn_clCreateSubDevicesEXT = NULL; + __INIT_CL_EXT_FCN_PTR(clCreateSubDevicesEXT); + + cl_uint n = 0; + cl_int err = pfn_clCreateSubDevicesEXT(object_, properties, 0, NULL, &n); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __CREATE_SUB_DEVICES); + } + + cl_device_id* ids = (cl_device_id*) alloca(n * sizeof(cl_device_id)); + err = pfn_clCreateSubDevicesEXT(object_, properties, n, ids, NULL); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __CREATE_SUB_DEVICES); + } + + devices->assign(&ids[0], &ids[n]); + return CL_SUCCESS; + } +#endif // #if defined(USE_CL_DEVICE_FISSION) +#endif // #if defined(CL_VERSION_1_1) +}; + +/*! \brief Class interface for cl_platform_id. + * + * \note Copies of these objects are inexpensive, since they don't 'own' + * any underlying resources or data structures. + * + * \see cl_platform_id + */ +class Platform : public detail::Wrapper +{ +public: + //! \brief Default constructor - initializes to NULL. + Platform() : detail::Wrapper() { } + + /*! \brief Constructor from cl_platform_id. + * + * This simply copies the platform ID value, which is an inexpensive operation. + */ + __CL_EXPLICIT_CONSTRUCTORS Platform(const cl_platform_id &platform) : detail::Wrapper(platform) { } + + /*! \brief Assignment operator from cl_platform_id. + * + * This simply copies the platform ID value, which is an inexpensive operation. + */ + Platform& operator = (const cl_platform_id& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + //! \brief Wrapper for clGetPlatformInfo(). + cl_int getInfo(cl_platform_info name, STRING_CLASS* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetPlatformInfo, object_, name, param), + __GET_PLATFORM_INFO_ERR); + } + + //! \brief Wrapper for clGetPlatformInfo() that returns by value. + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_platform_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + /*! \brief Gets a list of devices for this platform. + * + * Wraps clGetDeviceIDs(). + */ + cl_int getDevices( + cl_device_type type, + VECTOR_CLASS* devices) const + { + cl_uint n = 0; + if( devices == NULL ) { + return detail::errHandler(CL_INVALID_ARG_VALUE, __GET_DEVICE_IDS_ERR); + } + cl_int err = ::clGetDeviceIDs(object_, type, 0, NULL, &n); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_DEVICE_IDS_ERR); + } + + cl_device_id* ids = (cl_device_id*) alloca(n * sizeof(cl_device_id)); + err = ::clGetDeviceIDs(object_, type, n, ids, NULL); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_DEVICE_IDS_ERR); + } + + devices->assign(&ids[0], &ids[n]); + return CL_SUCCESS; + } + +#if defined(USE_DX_INTEROP) + /*! \brief Get the list of available D3D10 devices. + * + * \param d3d_device_source. + * + * \param d3d_object. + * + * \param d3d_device_set. + * + * \param devices returns a vector of OpenCL D3D10 devices found. The cl::Device + * values returned in devices can be used to identify a specific OpenCL + * device. If \a devices argument is NULL, this argument is ignored. + * + * \return One of the following values: + * - CL_SUCCESS if the function is executed successfully. + * + * The application can query specific capabilities of the OpenCL device(s) + * returned by cl::getDevices. This can be used by the application to + * determine which device(s) to use. + * + * \note In the case that exceptions are enabled and a return value + * other than CL_SUCCESS is generated, then cl::Error exception is + * generated. + */ + cl_int getDevices( + cl_d3d10_device_source_khr d3d_device_source, + void * d3d_object, + cl_d3d10_device_set_khr d3d_device_set, + VECTOR_CLASS* devices) const + { + typedef CL_API_ENTRY cl_int (CL_API_CALL *PFN_clGetDeviceIDsFromD3D10KHR)( + cl_platform_id platform, + cl_d3d10_device_source_khr d3d_device_source, + void * d3d_object, + cl_d3d10_device_set_khr d3d_device_set, + cl_uint num_entries, + cl_device_id * devices, + cl_uint* num_devices); + + if( devices == NULL ) { + return detail::errHandler(CL_INVALID_ARG_VALUE, __GET_DEVICE_IDS_ERR); + } + + static PFN_clGetDeviceIDsFromD3D10KHR pfn_clGetDeviceIDsFromD3D10KHR = NULL; + __INIT_CL_EXT_FCN_PTR_PLATFORM(object_, clGetDeviceIDsFromD3D10KHR); + + cl_uint n = 0; + cl_int err = pfn_clGetDeviceIDsFromD3D10KHR( + object_, + d3d_device_source, + d3d_object, + d3d_device_set, + 0, + NULL, + &n); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_DEVICE_IDS_ERR); + } + + cl_device_id* ids = (cl_device_id*) alloca(n * sizeof(cl_device_id)); + err = pfn_clGetDeviceIDsFromD3D10KHR( + object_, + d3d_device_source, + d3d_object, + d3d_device_set, + n, + ids, + NULL); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_DEVICE_IDS_ERR); + } + + devices->assign(&ids[0], &ids[n]); + return CL_SUCCESS; + } +#endif + + /*! \brief Gets a list of available platforms. + * + * Wraps clGetPlatformIDs(). + */ + static cl_int get( + VECTOR_CLASS* platforms) + { + cl_uint n = 0; + + if( platforms == NULL ) { + return detail::errHandler(CL_INVALID_ARG_VALUE, __GET_PLATFORM_IDS_ERR); + } + + cl_int err = ::clGetPlatformIDs(0, NULL, &n); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_PLATFORM_IDS_ERR); + } + + cl_platform_id* ids = (cl_platform_id*) alloca( + n * sizeof(cl_platform_id)); + err = ::clGetPlatformIDs(n, ids, NULL); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_PLATFORM_IDS_ERR); + } + + platforms->assign(&ids[0], &ids[n]); + return CL_SUCCESS; + } + + /*! \brief Gets the first available platform. + * + * Wraps clGetPlatformIDs(), returning the first result. + */ + static cl_int get( + Platform * platform) + { + cl_uint n = 0; + + if( platform == NULL ) { + return detail::errHandler(CL_INVALID_ARG_VALUE, __GET_PLATFORM_IDS_ERR); + } + + cl_int err = ::clGetPlatformIDs(0, NULL, &n); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_PLATFORM_IDS_ERR); + } + + cl_platform_id* ids = (cl_platform_id*) alloca( + n * sizeof(cl_platform_id)); + err = ::clGetPlatformIDs(n, ids, NULL); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_PLATFORM_IDS_ERR); + } + + *platform = ids[0]; + return CL_SUCCESS; + } + + /*! \brief Gets the first available platform, returning it by value. + * + * Wraps clGetPlatformIDs(), returning the first result. + */ + static Platform get( + cl_int * errResult = NULL) + { + Platform platform; + cl_uint n = 0; + cl_int err = ::clGetPlatformIDs(0, NULL, &n); + if (err != CL_SUCCESS) { + detail::errHandler(err, __GET_PLATFORM_IDS_ERR); + if (errResult != NULL) { + *errResult = err; + } + return Platform(); + } + + cl_platform_id* ids = (cl_platform_id*) alloca( + n * sizeof(cl_platform_id)); + err = ::clGetPlatformIDs(n, ids, NULL); + + if (err != CL_SUCCESS) { + detail::errHandler(err, __GET_PLATFORM_IDS_ERR); + if (errResult != NULL) { + *errResult = err; + } + return Platform(); + } + + + return Platform(ids[0]); + } + + static Platform getDefault( + cl_int *errResult = NULL ) + { + return get(errResult); + } + + +#if defined(CL_VERSION_1_2) + //! \brief Wrapper for clUnloadCompiler(). + cl_int + unloadCompiler() + { + return ::clUnloadPlatformCompiler(object_); + } +#endif // #if defined(CL_VERSION_1_2) +}; // class Platform + +/** + * Deprecated APIs for 1.2 + */ +#if defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) || (defined(CL_VERSION_1_1) && !defined(CL_VERSION_1_2)) +/** + * Unload the OpenCL compiler. + * \note Deprecated for OpenCL 1.2. Use Platform::unloadCompiler instead. + */ +inline CL_EXT_PREFIX__VERSION_1_1_DEPRECATED cl_int +UnloadCompiler() CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED; +inline cl_int +UnloadCompiler() +{ + return ::clUnloadCompiler(); +} +#endif // #if defined(CL_VERSION_1_1) + +/*! \brief Class interface for cl_context. + * + * \note Copies of these objects are shallow, meaning that the copy will refer + * to the same underlying cl_context as the original. For details, see + * clRetainContext() and clReleaseContext(). + * + * \see cl_context + */ +class Context + : public detail::Wrapper +{ +private: + +#ifdef CL_HPP_CPP11_ATOMICS_SUPPORTED + static std::atomic default_initialized_; +#else // !CL_HPP_CPP11_ATOMICS_SUPPORTED + static volatile int default_initialized_; +#endif // !CL_HPP_CPP11_ATOMICS_SUPPORTED + static Context default_; + static volatile cl_int default_error_; +public: + /*! \brief Constructs a context including a list of specified devices. + * + * Wraps clCreateContext(). + */ + Context( + const VECTOR_CLASS& devices, + cl_context_properties* properties = NULL, + void (CL_CALLBACK * notifyFptr)( + const char *, + const void *, + ::size_t, + void *) = NULL, + void* data = NULL, + cl_int* err = NULL) + { + cl_int error; + + ::size_t numDevices = devices.size(); + cl_device_id* deviceIDs = (cl_device_id*) alloca(numDevices * sizeof(cl_device_id)); + for( ::size_t deviceIndex = 0; deviceIndex < numDevices; ++deviceIndex ) { + deviceIDs[deviceIndex] = (devices[deviceIndex])(); + } + + object_ = ::clCreateContext( + properties, (cl_uint) numDevices, + deviceIDs, + notifyFptr, data, &error); + + detail::errHandler(error, __CREATE_CONTEXT_ERR); + if (err != NULL) { + *err = error; + } + } + + Context( + const Device& device, + cl_context_properties* properties = NULL, + void (CL_CALLBACK * notifyFptr)( + const char *, + const void *, + ::size_t, + void *) = NULL, + void* data = NULL, + cl_int* err = NULL) + { + cl_int error; + + cl_device_id deviceID = device(); + + object_ = ::clCreateContext( + properties, 1, + &deviceID, + notifyFptr, data, &error); + + detail::errHandler(error, __CREATE_CONTEXT_ERR); + if (err != NULL) { + *err = error; + } + } + + /*! \brief Constructs a context including all or a subset of devices of a specified type. + * + * Wraps clCreateContextFromType(). + */ + Context( + cl_device_type type, + cl_context_properties* properties = NULL, + void (CL_CALLBACK * notifyFptr)( + const char *, + const void *, + ::size_t, + void *) = NULL, + void* data = NULL, + cl_int* err = NULL) + { + cl_int error; + +#if !defined(__APPLE__) && !defined(__MACOS) + cl_context_properties prop[4] = {CL_CONTEXT_PLATFORM, 0, 0, 0 }; + + if (properties == NULL) { + // Get a valid platform ID as we cannot send in a blank one + VECTOR_CLASS platforms; + error = Platform::get(&platforms); + if (error != CL_SUCCESS) { + detail::errHandler(error, __CREATE_CONTEXT_FROM_TYPE_ERR); + if (err != NULL) { + *err = error; + } + return; + } + + // Check the platforms we found for a device of our specified type + cl_context_properties platform_id = 0; + for (unsigned int i = 0; i < platforms.size(); i++) { + + VECTOR_CLASS devices; + +#if defined(__CL_ENABLE_EXCEPTIONS) + try { +#endif + + error = platforms[i].getDevices(type, &devices); + +#if defined(__CL_ENABLE_EXCEPTIONS) + } catch (Error) {} + // Catch if exceptions are enabled as we don't want to exit if first platform has no devices of type + // We do error checking next anyway, and can throw there if needed +#endif + + // Only squash CL_SUCCESS and CL_DEVICE_NOT_FOUND + if (error != CL_SUCCESS && error != CL_DEVICE_NOT_FOUND) { + detail::errHandler(error, __CREATE_CONTEXT_FROM_TYPE_ERR); + if (err != NULL) { + *err = error; + } + } + + if (devices.size() > 0) { + platform_id = (cl_context_properties)platforms[i](); + break; + } + } + + if (platform_id == 0) { + detail::errHandler(CL_DEVICE_NOT_FOUND, __CREATE_CONTEXT_FROM_TYPE_ERR); + if (err != NULL) { + *err = CL_DEVICE_NOT_FOUND; + } + return; + } + + prop[1] = platform_id; + properties = &prop[0]; + } +#endif + object_ = ::clCreateContextFromType( + properties, type, notifyFptr, data, &error); + + detail::errHandler(error, __CREATE_CONTEXT_FROM_TYPE_ERR); + if (err != NULL) { + *err = error; + } + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Context(const Context& ctx) : detail::Wrapper(ctx) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Context& operator = (const Context &ctx) + { + detail::Wrapper::operator=(ctx); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Context(Context&& ctx) CL_HPP_NOEXCEPT : detail::Wrapper(std::move(ctx)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Context& operator = (Context &&ctx) + { + detail::Wrapper::operator=(std::move(ctx)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + + /*! \brief Returns a singleton context including all devices of CL_DEVICE_TYPE_DEFAULT. + * + * \note All calls to this function return the same cl_context as the first. + */ + static Context getDefault(cl_int * err = NULL) + { + int state = detail::compare_exchange( + &default_initialized_, + __DEFAULT_BEING_INITIALIZED, __DEFAULT_NOT_INITIALIZED); + + if (state & __DEFAULT_INITIALIZED) { + if (err != NULL) { + *err = default_error_; + } + return default_; + } + + if (state & __DEFAULT_BEING_INITIALIZED) { + // Assume writes will propagate eventually... + while(default_initialized_ != __DEFAULT_INITIALIZED) { + detail::fence(); + } + + if (err != NULL) { + *err = default_error_; + } + return default_; + } + + cl_int error; + default_ = Context( + CL_DEVICE_TYPE_DEFAULT, + NULL, + NULL, + NULL, + &error); + + detail::fence(); + + default_error_ = error; + // Assume writes will propagate eventually... + default_initialized_ = __DEFAULT_INITIALIZED; + + detail::fence(); + + if (err != NULL) { + *err = default_error_; + } + return default_; + + } + + //! \brief Default constructor - initializes to NULL. + Context() : detail::Wrapper() { } + + /*! \brief Constructor from cl_context - takes ownership. + * + * This effectively transfers ownership of a refcount on the cl_context + * into the new Context object. + */ + __CL_EXPLICIT_CONSTRUCTORS Context(const cl_context& context) : detail::Wrapper(context) { } + + /*! \brief Assignment operator from cl_context - takes ownership. + * + * This effectively transfers ownership of a refcount on the rhs and calls + * clReleaseContext() on the value previously held by this instance. + */ + Context& operator = (const cl_context& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + //! \brief Wrapper for clGetContextInfo(). + template + cl_int getInfo(cl_context_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetContextInfo, object_, name, param), + __GET_CONTEXT_INFO_ERR); + } + + //! \brief Wrapper for clGetContextInfo() that returns by value. + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_context_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + /*! \brief Gets a list of supported image formats. + * + * Wraps clGetSupportedImageFormats(). + */ + cl_int getSupportedImageFormats( + cl_mem_flags flags, + cl_mem_object_type type, + VECTOR_CLASS* formats) const + { + cl_uint numEntries; + + if (!formats) { + return CL_SUCCESS; + } + + cl_int err = ::clGetSupportedImageFormats( + object_, + flags, + type, + 0, + NULL, + &numEntries); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_SUPPORTED_IMAGE_FORMATS_ERR); + } + + if (numEntries > 0) { + ImageFormat* value = (ImageFormat*) + alloca(numEntries * sizeof(ImageFormat)); + err = ::clGetSupportedImageFormats( + object_, + flags, + type, + numEntries, + (cl_image_format*)value, + NULL); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_SUPPORTED_IMAGE_FORMATS_ERR); + } + + formats->assign(&value[0], &value[numEntries]); + } + else { + formats->clear(); + } + return CL_SUCCESS; + } +}; + +inline Device Device::getDefault(cl_int * err) +{ + cl_int error; + Device device; + + Context context = Context::getDefault(&error); + detail::errHandler(error, __CREATE_CONTEXT_ERR); + + if (error != CL_SUCCESS) { + if (err != NULL) { + *err = error; + } + } + else { + device = context.getInfo()[0]; + if (err != NULL) { + *err = CL_SUCCESS; + } + } + + return device; +} + + +#ifdef _WIN32 +#ifdef CL_HPP_CPP11_ATOMICS_SUPPORTED +__declspec(selectany) std::atomic Context::default_initialized_; +#else // !CL_HPP_CPP11_ATOMICS_SUPPORTED +__declspec(selectany) volatile int Context::default_initialized_ = __DEFAULT_NOT_INITIALIZED; +#endif // !CL_HPP_CPP11_ATOMICS_SUPPORTED +__declspec(selectany) Context Context::default_; +__declspec(selectany) volatile cl_int Context::default_error_ = CL_SUCCESS; +#else // !_WIN32 +#ifdef CL_HPP_CPP11_ATOMICS_SUPPORTED +__attribute__((weak)) std::atomic Context::default_initialized_; +#else // !CL_HPP_CPP11_ATOMICS_SUPPORTED +__attribute__((weak)) volatile int Context::default_initialized_ = __DEFAULT_NOT_INITIALIZED; +#endif // !CL_HPP_CPP11_ATOMICS_SUPPORTED +__attribute__((weak)) Context Context::default_; +__attribute__((weak)) volatile cl_int Context::default_error_ = CL_SUCCESS; +#endif // !_WIN32 + +/*! \brief Class interface for cl_event. + * + * \note Copies of these objects are shallow, meaning that the copy will refer + * to the same underlying cl_event as the original. For details, see + * clRetainEvent() and clReleaseEvent(). + * + * \see cl_event + */ +class Event : public detail::Wrapper +{ +public: + //! \brief Default constructor - initializes to NULL. + Event() : detail::Wrapper() { } + + /*! \brief Constructor from cl_event - takes ownership. + * + * This effectively transfers ownership of a refcount on the cl_event + * into the new Event object. + */ + __CL_EXPLICIT_CONSTRUCTORS Event(const cl_event& event) : detail::Wrapper(event) { } + + /*! \brief Assignment operator from cl_event - takes ownership. + * + * This effectively transfers ownership of a refcount on the rhs and calls + * clReleaseEvent() on the value previously held by this instance. + */ + Event& operator = (const cl_event& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + //! \brief Wrapper for clGetEventInfo(). + template + cl_int getInfo(cl_event_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetEventInfo, object_, name, param), + __GET_EVENT_INFO_ERR); + } + + //! \brief Wrapper for clGetEventInfo() that returns by value. + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_event_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + //! \brief Wrapper for clGetEventProfilingInfo(). + template + cl_int getProfilingInfo(cl_profiling_info name, T* param) const + { + return detail::errHandler(detail::getInfo( + &::clGetEventProfilingInfo, object_, name, param), + __GET_EVENT_PROFILE_INFO_ERR); + } + + //! \brief Wrapper for clGetEventProfilingInfo() that returns by value. + template typename + detail::param_traits::param_type + getProfilingInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_profiling_info, name>::param_type param; + cl_int result = getProfilingInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + /*! \brief Blocks the calling thread until this event completes. + * + * Wraps clWaitForEvents(). + */ + cl_int wait() const + { + return detail::errHandler( + ::clWaitForEvents(1, &object_), + __WAIT_FOR_EVENTS_ERR); + } + +#if defined(CL_VERSION_1_1) + /*! \brief Registers a user callback function for a specific command execution status. + * + * Wraps clSetEventCallback(). + */ + cl_int setCallback( + cl_int type, + void (CL_CALLBACK * pfn_notify)(cl_event, cl_int, void *), + void * user_data = NULL) + { + return detail::errHandler( + ::clSetEventCallback( + object_, + type, + pfn_notify, + user_data), + __SET_EVENT_CALLBACK_ERR); + } +#endif + + /*! \brief Blocks the calling thread until every event specified is complete. + * + * Wraps clWaitForEvents(). + */ + static cl_int + waitForEvents(const VECTOR_CLASS& events) + { + return detail::errHandler( + ::clWaitForEvents( + (cl_uint) events.size(), (events.size() > 0) ? (cl_event*)&events.front() : NULL), + __WAIT_FOR_EVENTS_ERR); + } +}; + +#if defined(CL_VERSION_1_1) +/*! \brief Class interface for user events (a subset of cl_event's). + * + * See Event for details about copy semantics, etc. + */ +class UserEvent : public Event +{ +public: + /*! \brief Constructs a user event on a given context. + * + * Wraps clCreateUserEvent(). + */ + UserEvent( + const Context& context, + cl_int * err = NULL) + { + cl_int error; + object_ = ::clCreateUserEvent( + context(), + &error); + + detail::errHandler(error, __CREATE_USER_EVENT_ERR); + if (err != NULL) { + *err = error; + } + } + + //! \brief Default constructor - initializes to NULL. + UserEvent() : Event() { } + + /*! \brief Sets the execution status of a user event object. + * + * Wraps clSetUserEventStatus(). + */ + cl_int setStatus(cl_int status) + { + return detail::errHandler( + ::clSetUserEventStatus(object_,status), + __SET_USER_EVENT_STATUS_ERR); + } +}; +#endif + +/*! \brief Blocks the calling thread until every event specified is complete. + * + * Wraps clWaitForEvents(). + */ +inline static cl_int +WaitForEvents(const VECTOR_CLASS& events) +{ + return detail::errHandler( + ::clWaitForEvents( + (cl_uint) events.size(), (events.size() > 0) ? (cl_event*)&events.front() : NULL), + __WAIT_FOR_EVENTS_ERR); +} + +/*! \brief Class interface for cl_mem. + * + * \note Copies of these objects are shallow, meaning that the copy will refer + * to the same underlying cl_mem as the original. For details, see + * clRetainMemObject() and clReleaseMemObject(). + * + * \see cl_mem + */ +class Memory : public detail::Wrapper +{ +public: + //! \brief Default constructor - initializes to NULL. + Memory() : detail::Wrapper() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * This effectively transfers ownership of a refcount on the cl_mem + * into the new Memory object. + */ + __CL_EXPLICIT_CONSTRUCTORS Memory(const cl_mem& memory) : detail::Wrapper(memory) { } + + /*! \brief Assignment operator from cl_mem - takes ownership. + * + * This effectively transfers ownership of a refcount on the rhs and calls + * clReleaseMemObject() on the value previously held by this instance. + */ + Memory& operator = (const cl_mem& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Memory(const Memory& mem) : detail::Wrapper(mem) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Memory& operator = (const Memory &mem) + { + detail::Wrapper::operator=(mem); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Memory(Memory&& mem) CL_HPP_NOEXCEPT : detail::Wrapper(std::move(mem)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Memory& operator = (Memory &&mem) + { + detail::Wrapper::operator=(std::move(mem)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + + //! \brief Wrapper for clGetMemObjectInfo(). + template + cl_int getInfo(cl_mem_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetMemObjectInfo, object_, name, param), + __GET_MEM_OBJECT_INFO_ERR); + } + + //! \brief Wrapper for clGetMemObjectInfo() that returns by value. + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_mem_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + +#if defined(CL_VERSION_1_1) + /*! \brief Registers a callback function to be called when the memory object + * is no longer needed. + * + * Wraps clSetMemObjectDestructorCallback(). + * + * Repeated calls to this function, for a given cl_mem value, will append + * to the list of functions called (in reverse order) when memory object's + * resources are freed and the memory object is deleted. + * + * \note + * The registered callbacks are associated with the underlying cl_mem + * value - not the Memory class instance. + */ + cl_int setDestructorCallback( + void (CL_CALLBACK * pfn_notify)(cl_mem, void *), + void * user_data = NULL) + { + return detail::errHandler( + ::clSetMemObjectDestructorCallback( + object_, + pfn_notify, + user_data), + __SET_MEM_OBJECT_DESTRUCTOR_CALLBACK_ERR); + } +#endif + +}; + +// Pre-declare copy functions +class Buffer; +template< typename IteratorType > +cl_int copy( IteratorType startIterator, IteratorType endIterator, cl::Buffer &buffer ); +template< typename IteratorType > +cl_int copy( const cl::Buffer &buffer, IteratorType startIterator, IteratorType endIterator ); +template< typename IteratorType > +cl_int copy( const CommandQueue &queue, IteratorType startIterator, IteratorType endIterator, cl::Buffer &buffer ); +template< typename IteratorType > +cl_int copy( const CommandQueue &queue, const cl::Buffer &buffer, IteratorType startIterator, IteratorType endIterator ); + + +/*! \brief Class interface for Buffer Memory Objects. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class Buffer : public Memory +{ +public: + + /*! \brief Constructs a Buffer in a specified context. + * + * Wraps clCreateBuffer(). + * + * \param host_ptr Storage to be used if the CL_MEM_USE_HOST_PTR flag was + * specified. Note alignment & exclusivity requirements. + */ + Buffer( + const Context& context, + cl_mem_flags flags, + ::size_t size, + void* host_ptr = NULL, + cl_int* err = NULL) + { + cl_int error; + object_ = ::clCreateBuffer(context(), flags, size, host_ptr, &error); + + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + } + + /*! \brief Constructs a Buffer in the default context. + * + * Wraps clCreateBuffer(). + * + * \param host_ptr Storage to be used if the CL_MEM_USE_HOST_PTR flag was + * specified. Note alignment & exclusivity requirements. + * + * \see Context::getDefault() + */ + Buffer( + cl_mem_flags flags, + ::size_t size, + void* host_ptr = NULL, + cl_int* err = NULL) + { + cl_int error; + + Context context = Context::getDefault(err); + + object_ = ::clCreateBuffer(context(), flags, size, host_ptr, &error); + + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + } + + /*! + * \brief Construct a Buffer from a host container via iterators. + * IteratorType must be random access. + * If useHostPtr is specified iterators must represent contiguous data. + */ + template< typename IteratorType > + Buffer( + IteratorType startIterator, + IteratorType endIterator, + bool readOnly, + bool useHostPtr = false, + cl_int* err = NULL) + { + typedef typename std::iterator_traits::value_type DataType; + cl_int error; + + cl_mem_flags flags = 0; + if( readOnly ) { + flags |= CL_MEM_READ_ONLY; + } + else { + flags |= CL_MEM_READ_WRITE; + } + if( useHostPtr ) { + flags |= CL_MEM_USE_HOST_PTR; + } + + ::size_t size = sizeof(DataType)*(endIterator - startIterator); + + Context context = Context::getDefault(err); + + if( useHostPtr ) { + object_ = ::clCreateBuffer(context(), flags, size, static_cast(&*startIterator), &error); + } else { + object_ = ::clCreateBuffer(context(), flags, size, 0, &error); + } + + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + + if( !useHostPtr ) { + error = cl::copy(startIterator, endIterator, *this); + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + } + } + + /*! + * \brief Construct a Buffer from a host container via iterators using a specified context. + * IteratorType must be random access. + * If useHostPtr is specified iterators must represent contiguous data. + */ + template< typename IteratorType > + Buffer(const Context &context, IteratorType startIterator, IteratorType endIterator, + bool readOnly, bool useHostPtr = false, cl_int* err = NULL); + + /*! + * \brief Construct a Buffer from a host container via iterators using a specified queue. + * If useHostPtr is specified iterators must represent contiguous data. + */ + template< typename IteratorType > + Buffer(const CommandQueue &queue, IteratorType startIterator, IteratorType endIterator, + bool readOnly, bool useHostPtr = false, cl_int* err = NULL); + + //! \brief Default constructor - initializes to NULL. + Buffer() : Memory() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * See Memory for further details. + */ + __CL_EXPLICIT_CONSTRUCTORS Buffer(const cl_mem& buffer) : Memory(buffer) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + Buffer& operator = (const cl_mem& rhs) + { + Memory::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Buffer(const Buffer& buf) : Memory(buf) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Buffer& operator = (const Buffer &buf) + { + Memory::operator=(buf); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Buffer(Buffer&& buf) CL_HPP_NOEXCEPT : Memory(std::move(buf)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Buffer& operator = (Buffer &&buf) + { + Memory::operator=(std::move(buf)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + +#if defined(CL_VERSION_1_1) + /*! \brief Creates a new buffer object from this. + * + * Wraps clCreateSubBuffer(). + */ + Buffer createSubBuffer( + cl_mem_flags flags, + cl_buffer_create_type buffer_create_type, + const void * buffer_create_info, + cl_int * err = NULL) + { + Buffer result; + cl_int error; + result.object_ = ::clCreateSubBuffer( + object_, + flags, + buffer_create_type, + buffer_create_info, + &error); + + detail::errHandler(error, __CREATE_SUBBUFFER_ERR); + if (err != NULL) { + *err = error; + } + + return result; + } +#endif +}; + +#if defined (USE_DX_INTEROP) +/*! \brief Class interface for creating OpenCL buffers from ID3D10Buffer's. + * + * This is provided to facilitate interoperability with Direct3D. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class BufferD3D10 : public Buffer +{ +public: + typedef CL_API_ENTRY cl_mem (CL_API_CALL *PFN_clCreateFromD3D10BufferKHR)( + cl_context context, cl_mem_flags flags, ID3D10Buffer* buffer, + cl_int* errcode_ret); + + /*! \brief Constructs a BufferD3D10, in a specified context, from a + * given ID3D10Buffer. + * + * Wraps clCreateFromD3D10BufferKHR(). + */ + BufferD3D10( + const Context& context, + cl_mem_flags flags, + ID3D10Buffer* bufobj, + cl_int * err = NULL) + { + static PFN_clCreateFromD3D10BufferKHR pfn_clCreateFromD3D10BufferKHR = NULL; + +#if defined(CL_VERSION_1_2) + vector props = context.getInfo(); + cl_platform platform = -1; + for( int i = 0; i < props.size(); ++i ) { + if( props[i] == CL_CONTEXT_PLATFORM ) { + platform = props[i+1]; + } + } + __INIT_CL_EXT_FCN_PTR_PLATFORM(platform, clCreateFromD3D10BufferKHR); +#endif +#if defined(CL_VERSION_1_1) + __INIT_CL_EXT_FCN_PTR(clCreateFromD3D10BufferKHR); +#endif + + cl_int error; + object_ = pfn_clCreateFromD3D10BufferKHR( + context(), + flags, + bufobj, + &error); + + detail::errHandler(error, __CREATE_GL_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + } + + //! \brief Default constructor - initializes to NULL. + BufferD3D10() : Buffer() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * See Memory for further details. + */ + __CL_EXPLICIT_CONSTRUCTORS BufferD3D10(const cl_mem& buffer) : Buffer(buffer) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + BufferD3D10& operator = (const cl_mem& rhs) + { + Buffer::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + BufferD3D10(const BufferD3D10& buf) : Buffer(buf) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + BufferD3D10& operator = (const BufferD3D10 &buf) + { + Buffer::operator=(buf); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + BufferD3D10(BufferD3D10&& buf) CL_HPP_NOEXCEPT : Buffer(std::move(buf)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + BufferD3D10& operator = (BufferD3D10 &&buf) + { + Buffer::operator=(std::move(buf)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) +}; +#endif + +/*! \brief Class interface for GL Buffer Memory Objects. + * + * This is provided to facilitate interoperability with OpenGL. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class BufferGL : public Buffer +{ +public: + /*! \brief Constructs a BufferGL in a specified context, from a given + * GL buffer. + * + * Wraps clCreateFromGLBuffer(). + */ + BufferGL( + const Context& context, + cl_mem_flags flags, + cl_GLuint bufobj, + cl_int * err = NULL) + { + cl_int error; + object_ = ::clCreateFromGLBuffer( + context(), + flags, + bufobj, + &error); + + detail::errHandler(error, __CREATE_GL_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + } + + //! \brief Default constructor - initializes to NULL. + BufferGL() : Buffer() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * See Memory for further details. + */ + __CL_EXPLICIT_CONSTRUCTORS BufferGL(const cl_mem& buffer) : Buffer(buffer) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + BufferGL& operator = (const cl_mem& rhs) + { + Buffer::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + BufferGL(const BufferGL& buf) : Buffer(buf) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + BufferGL& operator = (const BufferGL &buf) + { + Buffer::operator=(buf); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + BufferGL(BufferGL&& buf) CL_HPP_NOEXCEPT : Buffer(std::move(buf)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + BufferGL& operator = (BufferGL &&buf) + { + Buffer::operator=(std::move(buf)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + + //! \brief Wrapper for clGetGLObjectInfo(). + cl_int getObjectInfo( + cl_gl_object_type *type, + cl_GLuint * gl_object_name) + { + return detail::errHandler( + ::clGetGLObjectInfo(object_,type,gl_object_name), + __GET_GL_OBJECT_INFO_ERR); + } +}; + +/*! \brief C++ base class for Image Memory objects. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class Image : public Memory +{ +protected: + //! \brief Default constructor - initializes to NULL. + Image() : Memory() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * See Memory for further details. + */ + __CL_EXPLICIT_CONSTRUCTORS Image(const cl_mem& image) : Memory(image) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + Image& operator = (const cl_mem& rhs) + { + Memory::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image(const Image& img) : Memory(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image& operator = (const Image &img) + { + Memory::operator=(img); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image(Image&& img) CL_HPP_NOEXCEPT : Memory(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image& operator = (Image &&img) + { + Memory::operator=(std::move(img)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + +public: + //! \brief Wrapper for clGetImageInfo(). + template + cl_int getImageInfo(cl_image_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetImageInfo, object_, name, param), + __GET_IMAGE_INFO_ERR); + } + + //! \brief Wrapper for clGetImageInfo() that returns by value. + template typename + detail::param_traits::param_type + getImageInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_image_info, name>::param_type param; + cl_int result = getImageInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } +}; + +#if defined(CL_VERSION_1_2) +/*! \brief Class interface for 1D Image Memory objects. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class Image1D : public Image +{ +public: + /*! \brief Constructs a 1D Image in a specified context. + * + * Wraps clCreateImage(). + */ + Image1D( + const Context& context, + cl_mem_flags flags, + ImageFormat format, + ::size_t width, + void* host_ptr = NULL, + cl_int* err = NULL) + { + cl_int error; + cl_image_desc desc = + { + CL_MEM_OBJECT_IMAGE1D, + width, + 0, 0, 0, 0, 0, 0, 0, 0 + }; + object_ = ::clCreateImage( + context(), + flags, + &format, + &desc, + host_ptr, + &error); + + detail::errHandler(error, __CREATE_IMAGE_ERR); + if (err != NULL) { + *err = error; + } + } + + //! \brief Default constructor - initializes to NULL. + Image1D() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * See Memory for further details. + */ + __CL_EXPLICIT_CONSTRUCTORS Image1D(const cl_mem& image1D) : Image(image1D) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + Image1D& operator = (const cl_mem& rhs) + { + Image::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image1D(const Image1D& img) : Image(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image1D& operator = (const Image1D &img) + { + Image::operator=(img); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image1D(Image1D&& img) CL_HPP_NOEXCEPT : Image(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image1D& operator = (Image1D &&img) + { + Image::operator=(std::move(img)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) +}; + +/*! \class Image1DBuffer + * \brief Image interface for 1D buffer images. + */ +class Image1DBuffer : public Image +{ +public: + Image1DBuffer( + const Context& context, + cl_mem_flags flags, + ImageFormat format, + ::size_t width, + const Buffer &buffer, + cl_int* err = NULL) + { + cl_int error; + cl_image_desc desc = + { + CL_MEM_OBJECT_IMAGE1D_BUFFER, + width, + 0, 0, 0, 0, 0, 0, 0, + buffer() + }; + object_ = ::clCreateImage( + context(), + flags, + &format, + &desc, + NULL, + &error); + + detail::errHandler(error, __CREATE_IMAGE_ERR); + if (err != NULL) { + *err = error; + } + } + + Image1DBuffer() { } + + __CL_EXPLICIT_CONSTRUCTORS Image1DBuffer(const cl_mem& image1D) : Image(image1D) { } + + Image1DBuffer& operator = (const cl_mem& rhs) + { + Image::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image1DBuffer(const Image1DBuffer& img) : Image(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image1DBuffer& operator = (const Image1DBuffer &img) + { + Image::operator=(img); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image1DBuffer(Image1DBuffer&& img) CL_HPP_NOEXCEPT : Image(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image1DBuffer& operator = (Image1DBuffer &&img) + { + Image::operator=(std::move(img)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) +}; + +/*! \class Image1DArray + * \brief Image interface for arrays of 1D images. + */ +class Image1DArray : public Image +{ +public: + Image1DArray( + const Context& context, + cl_mem_flags flags, + ImageFormat format, + ::size_t arraySize, + ::size_t width, + ::size_t rowPitch, + void* host_ptr = NULL, + cl_int* err = NULL) + { + cl_int error; + cl_image_desc desc = + { + CL_MEM_OBJECT_IMAGE1D_ARRAY, + width, + 0, 0, // height, depth (unused) + arraySize, + rowPitch, + 0, 0, 0, 0 + }; + object_ = ::clCreateImage( + context(), + flags, + &format, + &desc, + host_ptr, + &error); + + detail::errHandler(error, __CREATE_IMAGE_ERR); + if (err != NULL) { + *err = error; + } + } + + Image1DArray() { } + + __CL_EXPLICIT_CONSTRUCTORS Image1DArray(const cl_mem& imageArray) : Image(imageArray) { } + + Image1DArray& operator = (const cl_mem& rhs) + { + Image::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image1DArray(const Image1DArray& img) : Image(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image1DArray& operator = (const Image1DArray &img) + { + Image::operator=(img); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image1DArray(Image1DArray&& img) CL_HPP_NOEXCEPT : Image(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image1DArray& operator = (Image1DArray &&img) + { + Image::operator=(std::move(img)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) +}; +#endif // #if defined(CL_VERSION_1_2) + + +/*! \brief Class interface for 2D Image Memory objects. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class Image2D : public Image +{ +public: + /*! \brief Constructs a 1D Image in a specified context. + * + * Wraps clCreateImage(). + */ + Image2D( + const Context& context, + cl_mem_flags flags, + ImageFormat format, + ::size_t width, + ::size_t height, + ::size_t row_pitch = 0, + void* host_ptr = NULL, + cl_int* err = NULL) + { + cl_int error; + bool useCreateImage; + +#if defined(CL_VERSION_1_2) && defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) + // Run-time decision based on the actual platform + { + cl_uint version = detail::getContextPlatformVersion(context()); + useCreateImage = (version >= 0x10002); // OpenCL 1.2 or above + } +#elif defined(CL_VERSION_1_2) + useCreateImage = true; +#else + useCreateImage = false; +#endif + +#if defined(CL_VERSION_1_2) + if (useCreateImage) + { + cl_image_desc desc = + { + CL_MEM_OBJECT_IMAGE2D, + width, + height, + 0, 0, // depth, array size (unused) + row_pitch, + 0, 0, 0, 0 + }; + object_ = ::clCreateImage( + context(), + flags, + &format, + &desc, + host_ptr, + &error); + + detail::errHandler(error, __CREATE_IMAGE_ERR); + if (err != NULL) { + *err = error; + } + } +#endif // #if defined(CL_VERSION_1_2) +#if !defined(CL_VERSION_1_2) || defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) + if (!useCreateImage) + { + object_ = ::clCreateImage2D( + context(), flags,&format, width, height, row_pitch, host_ptr, &error); + + detail::errHandler(error, __CREATE_IMAGE2D_ERR); + if (err != NULL) { + *err = error; + } + } +#endif // #if !defined(CL_VERSION_1_2) || defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) + } + + //! \brief Default constructor - initializes to NULL. + Image2D() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * See Memory for further details. + */ + __CL_EXPLICIT_CONSTRUCTORS Image2D(const cl_mem& image2D) : Image(image2D) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + Image2D& operator = (const cl_mem& rhs) + { + Image::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image2D(const Image2D& img) : Image(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image2D& operator = (const Image2D &img) + { + Image::operator=(img); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image2D(Image2D&& img) CL_HPP_NOEXCEPT : Image(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image2D& operator = (Image2D &&img) + { + Image::operator=(std::move(img)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) +}; + + +#if !defined(CL_VERSION_1_2) +/*! \brief Class interface for GL 2D Image Memory objects. + * + * This is provided to facilitate interoperability with OpenGL. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + * \note Deprecated for OpenCL 1.2. Please use ImageGL instead. + */ +class CL_EXT_PREFIX__VERSION_1_1_DEPRECATED Image2DGL CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED : public Image2D +{ +public: + /*! \brief Constructs an Image2DGL in a specified context, from a given + * GL Texture. + * + * Wraps clCreateFromGLTexture2D(). + */ + Image2DGL( + const Context& context, + cl_mem_flags flags, + cl_GLenum target, + cl_GLint miplevel, + cl_GLuint texobj, + cl_int * err = NULL) + { + cl_int error; + object_ = ::clCreateFromGLTexture2D( + context(), + flags, + target, + miplevel, + texobj, + &error); + + detail::errHandler(error, __CREATE_GL_TEXTURE_2D_ERR); + if (err != NULL) { + *err = error; + } + + } + + //! \brief Default constructor - initializes to NULL. + Image2DGL() : Image2D() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * See Memory for further details. + */ + __CL_EXPLICIT_CONSTRUCTORS Image2DGL(const cl_mem& image) : Image2D(image) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + Image2DGL& operator = (const cl_mem& rhs) + { + Image2D::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image2DGL(const Image2DGL& img) : Image2D(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image2DGL& operator = (const Image2DGL &img) + { + Image2D::operator=(img); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image2DGL(Image2DGL&& img) CL_HPP_NOEXCEPT : Image2D(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image2DGL& operator = (Image2DGL &&img) + { + Image2D::operator=(std::move(img)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) +}; +#endif // #if !defined(CL_VERSION_1_2) + +#if defined(CL_VERSION_1_2) +/*! \class Image2DArray + * \brief Image interface for arrays of 2D images. + */ +class Image2DArray : public Image +{ +public: + Image2DArray( + const Context& context, + cl_mem_flags flags, + ImageFormat format, + ::size_t arraySize, + ::size_t width, + ::size_t height, + ::size_t rowPitch, + ::size_t slicePitch, + void* host_ptr = NULL, + cl_int* err = NULL) + { + cl_int error; + cl_image_desc desc = + { + CL_MEM_OBJECT_IMAGE2D_ARRAY, + width, + height, + 0, // depth (unused) + arraySize, + rowPitch, + slicePitch, + 0, 0, 0 + }; + object_ = ::clCreateImage( + context(), + flags, + &format, + &desc, + host_ptr, + &error); + + detail::errHandler(error, __CREATE_IMAGE_ERR); + if (err != NULL) { + *err = error; + } + } + + Image2DArray() { } + + __CL_EXPLICIT_CONSTRUCTORS Image2DArray(const cl_mem& imageArray) : Image(imageArray) { } + + Image2DArray& operator = (const cl_mem& rhs) + { + Image::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image2DArray(const Image2DArray& img) : Image(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image2DArray& operator = (const Image2DArray &img) + { + Image::operator=(img); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image2DArray(Image2DArray&& img) CL_HPP_NOEXCEPT : Image(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image2DArray& operator = (Image2DArray &&img) + { + Image::operator=(std::move(img)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) +}; +#endif // #if defined(CL_VERSION_1_2) + +/*! \brief Class interface for 3D Image Memory objects. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class Image3D : public Image +{ +public: + /*! \brief Constructs a 3D Image in a specified context. + * + * Wraps clCreateImage(). + */ + Image3D( + const Context& context, + cl_mem_flags flags, + ImageFormat format, + ::size_t width, + ::size_t height, + ::size_t depth, + ::size_t row_pitch = 0, + ::size_t slice_pitch = 0, + void* host_ptr = NULL, + cl_int* err = NULL) + { + cl_int error; + bool useCreateImage; + +#if defined(CL_VERSION_1_2) && defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) + // Run-time decision based on the actual platform + { + cl_uint version = detail::getContextPlatformVersion(context()); + useCreateImage = (version >= 0x10002); // OpenCL 1.2 or above + } +#elif defined(CL_VERSION_1_2) + useCreateImage = true; +#else + useCreateImage = false; +#endif + +#if defined(CL_VERSION_1_2) + if (useCreateImage) + { + cl_image_desc desc = + { + CL_MEM_OBJECT_IMAGE3D, + width, + height, + depth, + 0, // array size (unused) + row_pitch, + slice_pitch, + 0, 0, 0 + }; + object_ = ::clCreateImage( + context(), + flags, + &format, + &desc, + host_ptr, + &error); + + detail::errHandler(error, __CREATE_IMAGE_ERR); + if (err != NULL) { + *err = error; + } + } +#endif // #if defined(CL_VERSION_1_2) +#if !defined(CL_VERSION_1_2) || defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) + if (!useCreateImage) + { + object_ = ::clCreateImage3D( + context(), flags, &format, width, height, depth, row_pitch, + slice_pitch, host_ptr, &error); + + detail::errHandler(error, __CREATE_IMAGE3D_ERR); + if (err != NULL) { + *err = error; + } + } +#endif // #if !defined(CL_VERSION_1_2) || defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) + } + + //! \brief Default constructor - initializes to NULL. + Image3D() : Image() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * See Memory for further details. + */ + __CL_EXPLICIT_CONSTRUCTORS Image3D(const cl_mem& image3D) : Image(image3D) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + Image3D& operator = (const cl_mem& rhs) + { + Image::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image3D(const Image3D& img) : Image(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image3D& operator = (const Image3D &img) + { + Image::operator=(img); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image3D(Image3D&& img) CL_HPP_NOEXCEPT : Image(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image3D& operator = (Image3D &&img) + { + Image::operator=(std::move(img)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) +}; + +#if !defined(CL_VERSION_1_2) +/*! \brief Class interface for GL 3D Image Memory objects. + * + * This is provided to facilitate interoperability with OpenGL. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class Image3DGL : public Image3D +{ +public: + /*! \brief Constructs an Image3DGL in a specified context, from a given + * GL Texture. + * + * Wraps clCreateFromGLTexture3D(). + */ + Image3DGL( + const Context& context, + cl_mem_flags flags, + cl_GLenum target, + cl_GLint miplevel, + cl_GLuint texobj, + cl_int * err = NULL) + { + cl_int error; + object_ = ::clCreateFromGLTexture3D( + context(), + flags, + target, + miplevel, + texobj, + &error); + + detail::errHandler(error, __CREATE_GL_TEXTURE_3D_ERR); + if (err != NULL) { + *err = error; + } + } + + //! \brief Default constructor - initializes to NULL. + Image3DGL() : Image3D() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * See Memory for further details. + */ + __CL_EXPLICIT_CONSTRUCTORS Image3DGL(const cl_mem& image) : Image3D(image) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + Image3DGL& operator = (const cl_mem& rhs) + { + Image3D::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image3DGL(const Image3DGL& img) : Image3D(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image3DGL& operator = (const Image3DGL &img) + { + Image3D::operator=(img); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image3DGL(Image3DGL&& img) CL_HPP_NOEXCEPT : Image3D(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image3DGL& operator = (Image3DGL &&img) + { + Image3D::operator=(std::move(img)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) +}; +#endif // #if !defined(CL_VERSION_1_2) + +#if defined(CL_VERSION_1_2) +/*! \class ImageGL + * \brief general image interface for GL interop. + * We abstract the 2D and 3D GL images into a single instance here + * that wraps all GL sourced images on the grounds that setup information + * was performed by OpenCL anyway. + */ +class ImageGL : public Image +{ +public: + ImageGL( + const Context& context, + cl_mem_flags flags, + cl_GLenum target, + cl_GLint miplevel, + cl_GLuint texobj, + cl_int * err = NULL) + { + cl_int error; + object_ = ::clCreateFromGLTexture( + context(), + flags, + target, + miplevel, + texobj, + &error); + + detail::errHandler(error, __CREATE_GL_TEXTURE_ERR); + if (err != NULL) { + *err = error; + } + } + + ImageGL() : Image() { } + + __CL_EXPLICIT_CONSTRUCTORS ImageGL(const cl_mem& image) : Image(image) { } + + ImageGL& operator = (const cl_mem& rhs) + { + Image::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + ImageGL(const ImageGL& img) : Image(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + ImageGL& operator = (const ImageGL &img) + { + Image::operator=(img); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + ImageGL(ImageGL&& img) CL_HPP_NOEXCEPT : Image(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + ImageGL& operator = (ImageGL &&img) + { + Image::operator=(std::move(img)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) +}; +#endif // #if defined(CL_VERSION_1_2) + +/*! \brief Class interface for GL Render Buffer Memory Objects. +* +* This is provided to facilitate interoperability with OpenGL. +* +* See Memory for details about copy semantics, etc. +* +* \see Memory +*/ +class BufferRenderGL : +#if defined(CL_VERSION_1_2) + public ImageGL +#else // #if defined(CL_VERSION_1_2) + public Image2DGL +#endif //#if defined(CL_VERSION_1_2) +{ +public: + /*! \brief Constructs a BufferRenderGL in a specified context, from a given + * GL Renderbuffer. + * + * Wraps clCreateFromGLRenderbuffer(). + */ + BufferRenderGL( + const Context& context, + cl_mem_flags flags, + cl_GLuint bufobj, + cl_int * err = NULL) + { + cl_int error; + object_ = ::clCreateFromGLRenderbuffer( + context(), + flags, + bufobj, + &error); + + detail::errHandler(error, __CREATE_GL_RENDER_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + } + + //! \brief Default constructor - initializes to NULL. +#if defined(CL_VERSION_1_2) + BufferRenderGL() : ImageGL() {}; +#else // #if defined(CL_VERSION_1_2) + BufferRenderGL() : Image2DGL() {}; +#endif //#if defined(CL_VERSION_1_2) + + /*! \brief Constructor from cl_mem - takes ownership. + * + * See Memory for further details. + */ +#if defined(CL_VERSION_1_2) + __CL_EXPLICIT_CONSTRUCTORS BufferRenderGL(const cl_mem& buffer) : ImageGL(buffer) { } +#else // #if defined(CL_VERSION_1_2) + __CL_EXPLICIT_CONSTRUCTORS BufferRenderGL(const cl_mem& buffer) : Image2DGL(buffer) { } +#endif //#if defined(CL_VERSION_1_2) + + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + BufferRenderGL& operator = (const cl_mem& rhs) + { +#if defined(CL_VERSION_1_2) + ImageGL::operator=(rhs); +#else // #if defined(CL_VERSION_1_2) + Image2DGL::operator=(rhs); +#endif //#if defined(CL_VERSION_1_2) + + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ +#if defined(CL_VERSION_1_2) + BufferRenderGL(const BufferRenderGL& buf) : ImageGL(buf) {} +#else // #if defined(CL_VERSION_1_2) + BufferRenderGL(const BufferRenderGL& buf) : Image2DGL(buf) {} +#endif //#if defined(CL_VERSION_1_2) + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + BufferRenderGL& operator = (const BufferRenderGL &rhs) + { +#if defined(CL_VERSION_1_2) + ImageGL::operator=(rhs); +#else // #if defined(CL_VERSION_1_2) + Image2DGL::operator=(rhs); +#endif //#if defined(CL_VERSION_1_2) + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ +#if defined(CL_VERSION_1_2) + BufferRenderGL(BufferRenderGL&& buf) CL_HPP_NOEXCEPT : ImageGL(std::move(buf)) {} +#else // #if defined(CL_VERSION_1_2) + BufferRenderGL(BufferRenderGL&& buf) CL_HPP_NOEXCEPT : Image2DGL(std::move(buf)) {} +#endif //#if defined(CL_VERSION_1_2) + + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + BufferRenderGL& operator = (BufferRenderGL &&buf) + { +#if defined(CL_VERSION_1_2) + ImageGL::operator=(std::move(buf)); +#else // #if defined(CL_VERSION_1_2) + Image2DGL::operator=(std::move(buf)); +#endif //#if defined(CL_VERSION_1_2) + + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + + //! \brief Wrapper for clGetGLObjectInfo(). + cl_int getObjectInfo( + cl_gl_object_type *type, + cl_GLuint * gl_object_name) + { + return detail::errHandler( + ::clGetGLObjectInfo(object_, type, gl_object_name), + __GET_GL_OBJECT_INFO_ERR); + } +}; + +/*! \brief Class interface for cl_sampler. + * + * \note Copies of these objects are shallow, meaning that the copy will refer + * to the same underlying cl_sampler as the original. For details, see + * clRetainSampler() and clReleaseSampler(). + * + * \see cl_sampler + */ +class Sampler : public detail::Wrapper +{ +public: + //! \brief Default constructor - initializes to NULL. + Sampler() { } + + /*! \brief Constructs a Sampler in a specified context. + * + * Wraps clCreateSampler(). + */ + Sampler( + const Context& context, + cl_bool normalized_coords, + cl_addressing_mode addressing_mode, + cl_filter_mode filter_mode, + cl_int* err = NULL) + { + cl_int error; + object_ = ::clCreateSampler( + context(), + normalized_coords, + addressing_mode, + filter_mode, + &error); + + detail::errHandler(error, __CREATE_SAMPLER_ERR); + if (err != NULL) { + *err = error; + } + } + + /*! \brief Constructor from cl_sampler - takes ownership. + * + * This effectively transfers ownership of a refcount on the cl_sampler + * into the new Sampler object. + */ + __CL_EXPLICIT_CONSTRUCTORS Sampler(const cl_sampler& sampler) : detail::Wrapper(sampler) { } + + /*! \brief Assignment operator from cl_sampler - takes ownership. + * + * This effectively transfers ownership of a refcount on the rhs and calls + * clReleaseSampler() on the value previously held by this instance. + */ + Sampler& operator = (const cl_sampler& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Sampler(const Sampler& sam) : detail::Wrapper(sam) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Sampler& operator = (const Sampler &sam) + { + detail::Wrapper::operator=(sam); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Sampler(Sampler&& sam) CL_HPP_NOEXCEPT : detail::Wrapper(std::move(sam)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Sampler& operator = (Sampler &&sam) + { + detail::Wrapper::operator=(std::move(sam)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + + //! \brief Wrapper for clGetSamplerInfo(). + template + cl_int getInfo(cl_sampler_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetSamplerInfo, object_, name, param), + __GET_SAMPLER_INFO_ERR); + } + + //! \brief Wrapper for clGetSamplerInfo() that returns by value. + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_sampler_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } +}; + +class Program; +class CommandQueue; +class Kernel; + +//! \brief Class interface for specifying NDRange values. +class NDRange +{ +private: + size_t<3> sizes_; + cl_uint dimensions_; + +public: + //! \brief Default constructor - resulting range has zero dimensions. + NDRange() + : dimensions_(0) + { } + + //! \brief Constructs one-dimensional range. + NDRange(::size_t size0) + : dimensions_(1) + { + sizes_[0] = size0; + } + + //! \brief Constructs two-dimensional range. + NDRange(::size_t size0, ::size_t size1) + : dimensions_(2) + { + sizes_[0] = size0; + sizes_[1] = size1; + } + + //! \brief Constructs three-dimensional range. + NDRange(::size_t size0, ::size_t size1, ::size_t size2) + : dimensions_(3) + { + sizes_[0] = size0; + sizes_[1] = size1; + sizes_[2] = size2; + } + + /*! \brief Conversion operator to const ::size_t *. + * + * \returns a pointer to the size of the first dimension. + */ + operator const ::size_t*() const { + return (const ::size_t*) sizes_; + } + + //! \brief Queries the number of dimensions in the range. + ::size_t dimensions() const { return dimensions_; } +}; + +//! \brief A zero-dimensional range. +static const NDRange NullRange; + +//! \brief Local address wrapper for use with Kernel::setArg +struct LocalSpaceArg +{ + ::size_t size_; +}; + +namespace detail { + +template +struct KernelArgumentHandler +{ + static ::size_t size(const T&) { return sizeof(T); } + static const T* ptr(const T& value) { return &value; } +}; + +template <> +struct KernelArgumentHandler +{ + static ::size_t size(const LocalSpaceArg& value) { return value.size_; } + static const void* ptr(const LocalSpaceArg&) { return NULL; } +}; + +} +//! \endcond + +/*! __local + * \brief Helper function for generating LocalSpaceArg objects. + * Deprecated. Replaced with Local. + */ +inline CL_EXT_PREFIX__VERSION_1_1_DEPRECATED LocalSpaceArg +__local(::size_t size) CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED; +inline LocalSpaceArg +__local(::size_t size) +{ + LocalSpaceArg ret = { size }; + return ret; +} + +/*! Local + * \brief Helper function for generating LocalSpaceArg objects. + */ +inline LocalSpaceArg +Local(::size_t size) +{ + LocalSpaceArg ret = { size }; + return ret; +} + +//class KernelFunctor; + +/*! \brief Class interface for cl_kernel. + * + * \note Copies of these objects are shallow, meaning that the copy will refer + * to the same underlying cl_kernel as the original. For details, see + * clRetainKernel() and clReleaseKernel(). + * + * \see cl_kernel + */ +class Kernel : public detail::Wrapper +{ +public: + inline Kernel(const Program& program, const char* name, cl_int* err = NULL); + + //! \brief Default constructor - initializes to NULL. + Kernel() { } + + /*! \brief Constructor from cl_kernel - takes ownership. + * + * This effectively transfers ownership of a refcount on the cl_kernel + * into the new Kernel object. + */ + __CL_EXPLICIT_CONSTRUCTORS Kernel(const cl_kernel& kernel) : detail::Wrapper(kernel) { } + + /*! \brief Assignment operator from cl_kernel - takes ownership. + * + * This effectively transfers ownership of a refcount on the rhs and calls + * clReleaseKernel() on the value previously held by this instance. + */ + Kernel& operator = (const cl_kernel& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Kernel(const Kernel& kernel) : detail::Wrapper(kernel) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Kernel& operator = (const Kernel &kernel) + { + detail::Wrapper::operator=(kernel); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Kernel(Kernel&& kernel) CL_HPP_NOEXCEPT : detail::Wrapper(std::move(kernel)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Kernel& operator = (Kernel &&kernel) + { + detail::Wrapper::operator=(std::move(kernel)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + + template + cl_int getInfo(cl_kernel_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetKernelInfo, object_, name, param), + __GET_KERNEL_INFO_ERR); + } + + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_kernel_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + +#if defined(CL_VERSION_1_2) + template + cl_int getArgInfo(cl_uint argIndex, cl_kernel_arg_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetKernelArgInfo, object_, argIndex, name, param), + __GET_KERNEL_ARG_INFO_ERR); + } + + template typename + detail::param_traits::param_type + getArgInfo(cl_uint argIndex, cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_kernel_arg_info, name>::param_type param; + cl_int result = getArgInfo(argIndex, name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } +#endif // #if defined(CL_VERSION_1_2) + + template + cl_int getWorkGroupInfo( + const Device& device, cl_kernel_work_group_info name, T* param) const + { + return detail::errHandler( + detail::getInfo( + &::clGetKernelWorkGroupInfo, object_, device(), name, param), + __GET_KERNEL_WORK_GROUP_INFO_ERR); + } + + template typename + detail::param_traits::param_type + getWorkGroupInfo(const Device& device, cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_kernel_work_group_info, name>::param_type param; + cl_int result = getWorkGroupInfo(device, name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + template + cl_int setArg(cl_uint index, const T &value) + { + return detail::errHandler( + ::clSetKernelArg( + object_, + index, + detail::KernelArgumentHandler::size(value), + detail::KernelArgumentHandler::ptr(value)), + __SET_KERNEL_ARGS_ERR); + } + + cl_int setArg(cl_uint index, ::size_t size, const void* argPtr) + { + return detail::errHandler( + ::clSetKernelArg(object_, index, size, argPtr), + __SET_KERNEL_ARGS_ERR); + } +}; + +/*! \class Program + * \brief Program interface that implements cl_program. + */ +class Program : public detail::Wrapper +{ +public: + typedef VECTOR_CLASS > Binaries; + typedef VECTOR_CLASS > Sources; + + Program( + const STRING_CLASS& source, + bool build = false, + cl_int* err = NULL) + { + cl_int error; + + const char * strings = source.c_str(); + const ::size_t length = source.size(); + + Context context = Context::getDefault(err); + + object_ = ::clCreateProgramWithSource( + context(), (cl_uint)1, &strings, &length, &error); + + detail::errHandler(error, __CREATE_PROGRAM_WITH_SOURCE_ERR); + + if (error == CL_SUCCESS && build) { + + error = ::clBuildProgram( + object_, + 0, + NULL, + "", + NULL, + NULL); + + detail::errHandler(error, __BUILD_PROGRAM_ERR); + } + + if (err != NULL) { + *err = error; + } + } + + Program( + const Context& context, + const STRING_CLASS& source, + bool build = false, + cl_int* err = NULL) + { + cl_int error; + + const char * strings = source.c_str(); + const ::size_t length = source.size(); + + object_ = ::clCreateProgramWithSource( + context(), (cl_uint)1, &strings, &length, &error); + + detail::errHandler(error, __CREATE_PROGRAM_WITH_SOURCE_ERR); + + if (error == CL_SUCCESS && build) { + + error = ::clBuildProgram( + object_, + 0, + NULL, + "", + NULL, + NULL); + + detail::errHandler(error, __BUILD_PROGRAM_ERR); + } + + if (err != NULL) { + *err = error; + } + } + + Program( + const Context& context, + const Sources& sources, + cl_int* err = NULL) + { + cl_int error; + + const ::size_t n = (::size_t)sources.size(); + ::size_t* lengths = (::size_t*) alloca(n * sizeof(::size_t)); + const char** strings = (const char**) alloca(n * sizeof(const char*)); + + for (::size_t i = 0; i < n; ++i) { + strings[i] = sources[(int)i].first; + lengths[i] = sources[(int)i].second; + } + + object_ = ::clCreateProgramWithSource( + context(), (cl_uint)n, strings, lengths, &error); + + detail::errHandler(error, __CREATE_PROGRAM_WITH_SOURCE_ERR); + if (err != NULL) { + *err = error; + } + } + + /** + * Construct a program object from a list of devices and a per-device list of binaries. + * \param context A valid OpenCL context in which to construct the program. + * \param devices A vector of OpenCL device objects for which the program will be created. + * \param binaries A vector of pairs of a pointer to a binary object and its length. + * \param binaryStatus An optional vector that on completion will be resized to + * match the size of binaries and filled with values to specify if each binary + * was successfully loaded. + * Set to CL_SUCCESS if the binary was successfully loaded. + * Set to CL_INVALID_VALUE if the length is 0 or the binary pointer is NULL. + * Set to CL_INVALID_BINARY if the binary provided is not valid for the matching device. + * \param err if non-NULL will be set to CL_SUCCESS on successful operation or one of the following errors: + * CL_INVALID_CONTEXT if context is not a valid context. + * CL_INVALID_VALUE if the length of devices is zero; or if the length of binaries does not match the length of devices; + * or if any entry in binaries is NULL or has length 0. + * CL_INVALID_DEVICE if OpenCL devices listed in devices are not in the list of devices associated with context. + * CL_INVALID_BINARY if an invalid program binary was encountered for any device. binaryStatus will return specific status for each device. + * CL_OUT_OF_HOST_MEMORY if there is a failure to allocate resources required by the OpenCL implementation on the host. + */ + Program( + const Context& context, + const VECTOR_CLASS& devices, + const Binaries& binaries, + VECTOR_CLASS* binaryStatus = NULL, + cl_int* err = NULL) + { + cl_int error; + + const ::size_t numDevices = devices.size(); + + // Catch size mismatch early and return + if(binaries.size() != numDevices) { + error = CL_INVALID_VALUE; + detail::errHandler(error, __CREATE_PROGRAM_WITH_BINARY_ERR); + if (err != NULL) { + *err = error; + } + return; + } + + ::size_t* lengths = (::size_t*) alloca(numDevices * sizeof(::size_t)); + const unsigned char** images = (const unsigned char**) alloca(numDevices * sizeof(const unsigned char**)); + + for (::size_t i = 0; i < numDevices; ++i) { + images[i] = (const unsigned char*)binaries[i].first; + lengths[i] = binaries[(int)i].second; + } + + cl_device_id* deviceIDs = (cl_device_id*) alloca(numDevices * sizeof(cl_device_id)); + for( ::size_t deviceIndex = 0; deviceIndex < numDevices; ++deviceIndex ) { + deviceIDs[deviceIndex] = (devices[deviceIndex])(); + } + + if(binaryStatus) { + binaryStatus->resize(numDevices); + } + + object_ = ::clCreateProgramWithBinary( + context(), (cl_uint) devices.size(), + deviceIDs, + lengths, images, (binaryStatus != NULL && numDevices > 0) + ? &binaryStatus->front() + : NULL, &error); + + detail::errHandler(error, __CREATE_PROGRAM_WITH_BINARY_ERR); + if (err != NULL) { + *err = error; + } + } + + +#if defined(CL_VERSION_1_2) + /** + * Create program using builtin kernels. + * \param kernelNames Semi-colon separated list of builtin kernel names + */ + Program( + const Context& context, + const VECTOR_CLASS& devices, + const STRING_CLASS& kernelNames, + cl_int* err = NULL) + { + cl_int error; + + + ::size_t numDevices = devices.size(); + cl_device_id* deviceIDs = (cl_device_id*) alloca(numDevices * sizeof(cl_device_id)); + for( ::size_t deviceIndex = 0; deviceIndex < numDevices; ++deviceIndex ) { + deviceIDs[deviceIndex] = (devices[deviceIndex])(); + } + + object_ = ::clCreateProgramWithBuiltInKernels( + context(), + (cl_uint) devices.size(), + deviceIDs, + kernelNames.c_str(), + &error); + + detail::errHandler(error, __CREATE_PROGRAM_WITH_BUILT_IN_KERNELS_ERR); + if (err != NULL) { + *err = error; + } + } +#endif // #if defined(CL_VERSION_1_2) + + Program() { } + + __CL_EXPLICIT_CONSTRUCTORS Program(const cl_program& program) : detail::Wrapper(program) { } + + Program& operator = (const cl_program& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Program(const Program& program) : detail::Wrapper(program) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Program& operator = (const Program &program) + { + detail::Wrapper::operator=(program); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Program(Program&& program) CL_HPP_NOEXCEPT : detail::Wrapper(std::move(program)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Program& operator = (Program &&program) + { + detail::Wrapper::operator=(std::move(program)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + + cl_int build( + const VECTOR_CLASS& devices, + const char* options = NULL, + void (CL_CALLBACK * notifyFptr)(cl_program, void *) = NULL, + void* data = NULL) const + { + ::size_t numDevices = devices.size(); + cl_device_id* deviceIDs = (cl_device_id*) alloca(numDevices * sizeof(cl_device_id)); + for( ::size_t deviceIndex = 0; deviceIndex < numDevices; ++deviceIndex ) { + deviceIDs[deviceIndex] = (devices[deviceIndex])(); + } + + return detail::errHandler( + ::clBuildProgram( + object_, + (cl_uint) + devices.size(), + deviceIDs, + options, + notifyFptr, + data), + __BUILD_PROGRAM_ERR); + } + + cl_int build( + const char* options = NULL, + void (CL_CALLBACK * notifyFptr)(cl_program, void *) = NULL, + void* data = NULL) const + { + return detail::errHandler( + ::clBuildProgram( + object_, + 0, + NULL, + options, + notifyFptr, + data), + __BUILD_PROGRAM_ERR); + } + +#if defined(CL_VERSION_1_2) + cl_int compile( + const char* options = NULL, + void (CL_CALLBACK * notifyFptr)(cl_program, void *) = NULL, + void* data = NULL) const + { + return detail::errHandler( + ::clCompileProgram( + object_, + 0, + NULL, + options, + 0, + NULL, + NULL, + notifyFptr, + data), + __COMPILE_PROGRAM_ERR); + } +#endif + + template + cl_int getInfo(cl_program_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetProgramInfo, object_, name, param), + __GET_PROGRAM_INFO_ERR); + } + + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_program_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + template + cl_int getBuildInfo( + const Device& device, cl_program_build_info name, T* param) const + { + return detail::errHandler( + detail::getInfo( + &::clGetProgramBuildInfo, object_, device(), name, param), + __GET_PROGRAM_BUILD_INFO_ERR); + } + + template typename + detail::param_traits::param_type + getBuildInfo(const Device& device, cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_program_build_info, name>::param_type param; + cl_int result = getBuildInfo(device, name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + cl_int createKernels(VECTOR_CLASS* kernels) + { + cl_uint numKernels; + cl_int err = ::clCreateKernelsInProgram(object_, 0, NULL, &numKernels); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __CREATE_KERNELS_IN_PROGRAM_ERR); + } + + Kernel* value = (Kernel*) alloca(numKernels * sizeof(Kernel)); + err = ::clCreateKernelsInProgram( + object_, numKernels, (cl_kernel*) value, NULL); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __CREATE_KERNELS_IN_PROGRAM_ERR); + } + + kernels->assign(&value[0], &value[numKernels]); + return CL_SUCCESS; + } +}; + +#if defined(CL_VERSION_1_2) +inline Program linkProgram( + Program input1, + Program input2, + const char* options = NULL, + void (CL_CALLBACK * notifyFptr)(cl_program, void *) = NULL, + void* data = NULL, + cl_int* err = NULL) +{ + cl_int error_local = CL_SUCCESS; + + cl_program programs[2] = { input1(), input2() }; + + Context ctx = input1.getInfo(&error_local); + if(error_local!=CL_SUCCESS) { + detail::errHandler(error_local, __LINK_PROGRAM_ERR); + } + + cl_program prog = ::clLinkProgram( + ctx(), + 0, + NULL, + options, + 2, + programs, + notifyFptr, + data, + &error_local); + + detail::errHandler(error_local,__COMPILE_PROGRAM_ERR); + if (err != NULL) { + *err = error_local; + } + + return Program(prog); +} + +inline Program linkProgram( + VECTOR_CLASS inputPrograms, + const char* options = NULL, + void (CL_CALLBACK * notifyFptr)(cl_program, void *) = NULL, + void* data = NULL, + cl_int* err = NULL) +{ + cl_int error_local = CL_SUCCESS; + + cl_program * programs = (cl_program*) alloca(inputPrograms.size() * sizeof(cl_program)); + + if (programs != NULL) { + for (unsigned int i = 0; i < inputPrograms.size(); i++) { + programs[i] = inputPrograms[i](); + } + } + + Context ctx; + if(inputPrograms.size() > 0) { + ctx = inputPrograms[0].getInfo(&error_local); + if(error_local!=CL_SUCCESS) { + detail::errHandler(error_local, __LINK_PROGRAM_ERR); + } + } + cl_program prog = ::clLinkProgram( + ctx(), + 0, + NULL, + options, + (cl_uint)inputPrograms.size(), + programs, + notifyFptr, + data, + &error_local); + + detail::errHandler(error_local,__COMPILE_PROGRAM_ERR); + if (err != NULL) { + *err = error_local; + } + + return Program(prog); +} +#endif + +template<> +inline VECTOR_CLASS cl::Program::getInfo(cl_int* err) const +{ + VECTOR_CLASS< ::size_t> sizes = getInfo(); + VECTOR_CLASS binaries; + for (VECTOR_CLASS< ::size_t>::iterator s = sizes.begin(); s != sizes.end(); ++s) + { + char *ptr = NULL; + if (*s != 0) + ptr = new char[*s]; + binaries.push_back(ptr); + } + + cl_int result = getInfo(CL_PROGRAM_BINARIES, &binaries); + if (err != NULL) { + *err = result; + } + return binaries; +} + +inline Kernel::Kernel(const Program& program, const char* name, cl_int* err) +{ + cl_int error; + + object_ = ::clCreateKernel(program(), name, &error); + detail::errHandler(error, __CREATE_KERNEL_ERR); + + if (err != NULL) { + *err = error; + } + +} + +/*! \class CommandQueue + * \brief CommandQueue interface for cl_command_queue. + */ +class CommandQueue : public detail::Wrapper +{ +private: +#ifdef CL_HPP_CPP11_ATOMICS_SUPPORTED + static std::atomic default_initialized_; +#else // !CL_HPP_CPP11_ATOMICS_SUPPORTED + static volatile int default_initialized_; +#endif // !CL_HPP_CPP11_ATOMICS_SUPPORTED + static CommandQueue default_; + static volatile cl_int default_error_; +public: + CommandQueue( + cl_command_queue_properties properties, + cl_int* err = NULL) + { + cl_int error; + + Context context = Context::getDefault(&error); + detail::errHandler(error, __CREATE_CONTEXT_ERR); + + if (error != CL_SUCCESS) { + if (err != NULL) { + *err = error; + } + } + else { + Device device = context.getInfo()[0]; + + object_ = ::clCreateCommandQueue( + context(), device(), properties, &error); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_ERR); + if (err != NULL) { + *err = error; + } + } + } + /*! + * \brief Constructs a CommandQueue for an implementation defined device in the given context + */ + explicit CommandQueue( + const Context& context, + cl_command_queue_properties properties = 0, + cl_int* err = NULL) + { + cl_int error; + VECTOR_CLASS devices; + error = context.getInfo(CL_CONTEXT_DEVICES, &devices); + + detail::errHandler(error, __CREATE_CONTEXT_ERR); + + if (error != CL_SUCCESS) + { + if (err != NULL) { + *err = error; + } + return; + } + + object_ = ::clCreateCommandQueue(context(), devices[0](), properties, &error); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_ERR); + + if (err != NULL) { + *err = error; + } + + } + + CommandQueue( + const Context& context, + const Device& device, + cl_command_queue_properties properties = 0, + cl_int* err = NULL) + { + cl_int error; + object_ = ::clCreateCommandQueue( + context(), device(), properties, &error); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_ERR); + if (err != NULL) { + *err = error; + } + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + CommandQueue(const CommandQueue& queue) : detail::Wrapper(queue) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + CommandQueue& operator = (const CommandQueue &queue) + { + detail::Wrapper::operator=(queue); + return *this; + } + +#if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + CommandQueue(CommandQueue&& queue) CL_HPP_NOEXCEPT : detail::Wrapper(std::move(queue)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + CommandQueue& operator = (CommandQueue &&queue) + { + detail::Wrapper::operator=(std::move(queue)); + return *this; + } +#endif // #if defined(CL_HPP_RVALUE_REFERENCES_SUPPORTED) + + static CommandQueue getDefault(cl_int * err = NULL) + { + int state = detail::compare_exchange( + &default_initialized_, + __DEFAULT_BEING_INITIALIZED, __DEFAULT_NOT_INITIALIZED); + + if (state & __DEFAULT_INITIALIZED) { + if (err != NULL) { + *err = default_error_; + } + return default_; + } + + if (state & __DEFAULT_BEING_INITIALIZED) { + // Assume writes will propagate eventually... + while(default_initialized_ != __DEFAULT_INITIALIZED) { + detail::fence(); + } + + if (err != NULL) { + *err = default_error_; + } + return default_; + } + + cl_int error; + + Context context = Context::getDefault(&error); + detail::errHandler(error, __CREATE_COMMAND_QUEUE_ERR); + + if (error != CL_SUCCESS) { + if (err != NULL) { + *err = error; + } + } + else { + Device device = context.getInfo()[0]; + + default_ = CommandQueue(context, device, 0, &error); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_ERR); + if (err != NULL) { + *err = error; + } + } + + detail::fence(); + + default_error_ = error; + // Assume writes will propagate eventually... + default_initialized_ = __DEFAULT_INITIALIZED; + + detail::fence(); + + if (err != NULL) { + *err = default_error_; + } + return default_; + + } + + CommandQueue() { } + + __CL_EXPLICIT_CONSTRUCTORS CommandQueue(const cl_command_queue& commandQueue) : detail::Wrapper(commandQueue) { } + + CommandQueue& operator = (const cl_command_queue& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + template + cl_int getInfo(cl_command_queue_info name, T* param) const + { + return detail::errHandler( + detail::getInfo( + &::clGetCommandQueueInfo, object_, name, param), + __GET_COMMAND_QUEUE_INFO_ERR); + } + + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_command_queue_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + cl_int enqueueReadBuffer( + const Buffer& buffer, + cl_bool blocking, + ::size_t offset, + ::size_t size, + void* ptr, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueReadBuffer( + object_, buffer(), blocking, offset, size, + ptr, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_READ_BUFFER_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueWriteBuffer( + const Buffer& buffer, + cl_bool blocking, + ::size_t offset, + ::size_t size, + const void* ptr, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueWriteBuffer( + object_, buffer(), blocking, offset, size, + ptr, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_WRITE_BUFFER_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueCopyBuffer( + const Buffer& src, + const Buffer& dst, + ::size_t src_offset, + ::size_t dst_offset, + ::size_t size, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueCopyBuffer( + object_, src(), dst(), src_offset, dst_offset, size, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQEUE_COPY_BUFFER_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueReadBufferRect( + const Buffer& buffer, + cl_bool blocking, + const size_t<3>& buffer_offset, + const size_t<3>& host_offset, + const size_t<3>& region, + ::size_t buffer_row_pitch, + ::size_t buffer_slice_pitch, + ::size_t host_row_pitch, + ::size_t host_slice_pitch, + void *ptr, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueReadBufferRect( + object_, + buffer(), + blocking, + (const ::size_t *)buffer_offset, + (const ::size_t *)host_offset, + (const ::size_t *)region, + buffer_row_pitch, + buffer_slice_pitch, + host_row_pitch, + host_slice_pitch, + ptr, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_READ_BUFFER_RECT_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueWriteBufferRect( + const Buffer& buffer, + cl_bool blocking, + const size_t<3>& buffer_offset, + const size_t<3>& host_offset, + const size_t<3>& region, + ::size_t buffer_row_pitch, + ::size_t buffer_slice_pitch, + ::size_t host_row_pitch, + ::size_t host_slice_pitch, + void *ptr, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueWriteBufferRect( + object_, + buffer(), + blocking, + (const ::size_t *)buffer_offset, + (const ::size_t *)host_offset, + (const ::size_t *)region, + buffer_row_pitch, + buffer_slice_pitch, + host_row_pitch, + host_slice_pitch, + ptr, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_WRITE_BUFFER_RECT_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueCopyBufferRect( + const Buffer& src, + const Buffer& dst, + const size_t<3>& src_origin, + const size_t<3>& dst_origin, + const size_t<3>& region, + ::size_t src_row_pitch, + ::size_t src_slice_pitch, + ::size_t dst_row_pitch, + ::size_t dst_slice_pitch, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueCopyBufferRect( + object_, + src(), + dst(), + (const ::size_t *)src_origin, + (const ::size_t *)dst_origin, + (const ::size_t *)region, + src_row_pitch, + src_slice_pitch, + dst_row_pitch, + dst_slice_pitch, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQEUE_COPY_BUFFER_RECT_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + +#if defined(CL_VERSION_1_2) + /** + * Enqueue a command to fill a buffer object with a pattern + * of a given size. The pattern is specified a as vector. + * \tparam PatternType The datatype of the pattern field. + * The pattern type must be an accepted OpenCL data type. + */ + template + cl_int enqueueFillBuffer( + const Buffer& buffer, + PatternType pattern, + ::size_t offset, + ::size_t size, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueFillBuffer( + object_, + buffer(), + static_cast(&pattern), + sizeof(PatternType), + offset, + size, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_FILL_BUFFER_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } +#endif // #if defined(CL_VERSION_1_2) + + cl_int enqueueReadImage( + const Image& image, + cl_bool blocking, + const size_t<3>& origin, + const size_t<3>& region, + ::size_t row_pitch, + ::size_t slice_pitch, + void* ptr, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueReadImage( + object_, image(), blocking, (const ::size_t *) origin, + (const ::size_t *) region, row_pitch, slice_pitch, ptr, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_READ_IMAGE_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueWriteImage( + const Image& image, + cl_bool blocking, + const size_t<3>& origin, + const size_t<3>& region, + ::size_t row_pitch, + ::size_t slice_pitch, + void* ptr, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueWriteImage( + object_, image(), blocking, (const ::size_t *) origin, + (const ::size_t *) region, row_pitch, slice_pitch, ptr, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_WRITE_IMAGE_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueCopyImage( + const Image& src, + const Image& dst, + const size_t<3>& src_origin, + const size_t<3>& dst_origin, + const size_t<3>& region, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueCopyImage( + object_, src(), dst(), (const ::size_t *) src_origin, + (const ::size_t *)dst_origin, (const ::size_t *) region, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_COPY_IMAGE_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + +#if defined(CL_VERSION_1_2) + /** + * Enqueue a command to fill an image object with a specified color. + * \param fillColor is the color to use to fill the image. + * This is a four component RGBA floating-point color value if + * the image channel data type is not an unnormalized signed or + * unsigned data type. + */ + cl_int enqueueFillImage( + const Image& image, + cl_float4 fillColor, + const size_t<3>& origin, + const size_t<3>& region, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueFillImage( + object_, + image(), + static_cast(&fillColor), + (const ::size_t *) origin, + (const ::size_t *) region, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_FILL_IMAGE_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + /** + * Enqueue a command to fill an image object with a specified color. + * \param fillColor is the color to use to fill the image. + * This is a four component RGBA signed integer color value if + * the image channel data type is an unnormalized signed integer + * type. + */ + cl_int enqueueFillImage( + const Image& image, + cl_int4 fillColor, + const size_t<3>& origin, + const size_t<3>& region, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueFillImage( + object_, + image(), + static_cast(&fillColor), + (const ::size_t *) origin, + (const ::size_t *) region, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_FILL_IMAGE_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + /** + * Enqueue a command to fill an image object with a specified color. + * \param fillColor is the color to use to fill the image. + * This is a four component RGBA unsigned integer color value if + * the image channel data type is an unnormalized unsigned integer + * type. + */ + cl_int enqueueFillImage( + const Image& image, + cl_uint4 fillColor, + const size_t<3>& origin, + const size_t<3>& region, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueFillImage( + object_, + image(), + static_cast(&fillColor), + (const ::size_t *) origin, + (const ::size_t *) region, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_FILL_IMAGE_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } +#endif // #if defined(CL_VERSION_1_2) + + cl_int enqueueCopyImageToBuffer( + const Image& src, + const Buffer& dst, + const size_t<3>& src_origin, + const size_t<3>& region, + ::size_t dst_offset, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueCopyImageToBuffer( + object_, src(), dst(), (const ::size_t *) src_origin, + (const ::size_t *) region, dst_offset, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_COPY_IMAGE_TO_BUFFER_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueCopyBufferToImage( + const Buffer& src, + const Image& dst, + ::size_t src_offset, + const size_t<3>& dst_origin, + const size_t<3>& region, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueCopyBufferToImage( + object_, src(), dst(), src_offset, + (const ::size_t *) dst_origin, (const ::size_t *) region, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_COPY_BUFFER_TO_IMAGE_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + void* enqueueMapBuffer( + const Buffer& buffer, + cl_bool blocking, + cl_map_flags flags, + ::size_t offset, + ::size_t size, + const VECTOR_CLASS* events = NULL, + Event* event = NULL, + cl_int* err = NULL) const + { + cl_event tmp; + cl_int error; + void * result = ::clEnqueueMapBuffer( + object_, buffer(), blocking, flags, offset, size, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL, + &error); + + detail::errHandler(error, __ENQUEUE_MAP_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + if (event != NULL && error == CL_SUCCESS) + *event = tmp; + + return result; + } + + void* enqueueMapImage( + const Image& buffer, + cl_bool blocking, + cl_map_flags flags, + const size_t<3>& origin, + const size_t<3>& region, + ::size_t * row_pitch, + ::size_t * slice_pitch, + const VECTOR_CLASS* events = NULL, + Event* event = NULL, + cl_int* err = NULL) const + { + cl_event tmp; + cl_int error; + void * result = ::clEnqueueMapImage( + object_, buffer(), blocking, flags, + (const ::size_t *) origin, (const ::size_t *) region, + row_pitch, slice_pitch, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL, + &error); + + detail::errHandler(error, __ENQUEUE_MAP_IMAGE_ERR); + if (err != NULL) { + *err = error; + } + if (event != NULL && error == CL_SUCCESS) + *event = tmp; + return result; + } + + cl_int enqueueUnmapMemObject( + const Memory& memory, + void* mapped_ptr, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueUnmapMemObject( + object_, memory(), mapped_ptr, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_UNMAP_MEM_OBJECT_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + +#if defined(CL_VERSION_1_2) + /** + * Enqueues a marker command which waits for either a list of events to complete, + * or all previously enqueued commands to complete. + * + * Enqueues a marker command which waits for either a list of events to complete, + * or if the list is empty it waits for all commands previously enqueued in command_queue + * to complete before it completes. This command returns an event which can be waited on, + * i.e. this event can be waited on to insure that all events either in the event_wait_list + * or all previously enqueued commands, queued before this command to command_queue, + * have completed. + */ + cl_int enqueueMarkerWithWaitList( + const VECTOR_CLASS *events = 0, + Event *event = 0) + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueMarkerWithWaitList( + object_, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_MARKER_WAIT_LIST_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + /** + * A synchronization point that enqueues a barrier operation. + * + * Enqueues a barrier command which waits for either a list of events to complete, + * or if the list is empty it waits for all commands previously enqueued in command_queue + * to complete before it completes. This command blocks command execution, that is, any + * following commands enqueued after it do not execute until it completes. This command + * returns an event which can be waited on, i.e. this event can be waited on to insure that + * all events either in the event_wait_list or all previously enqueued commands, queued + * before this command to command_queue, have completed. + */ + cl_int enqueueBarrierWithWaitList( + const VECTOR_CLASS *events = 0, + Event *event = 0) + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueBarrierWithWaitList( + object_, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_BARRIER_WAIT_LIST_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + /** + * Enqueues a command to indicate with which device a set of memory objects + * should be associated. + */ + cl_int enqueueMigrateMemObjects( + const VECTOR_CLASS &memObjects, + cl_mem_migration_flags flags, + const VECTOR_CLASS* events = NULL, + Event* event = NULL + ) + { + cl_event tmp; + + cl_mem* localMemObjects = static_cast(alloca(memObjects.size() * sizeof(cl_mem))); + for( int i = 0; i < (int)memObjects.size(); ++i ) { + localMemObjects[i] = memObjects[i](); + } + + + cl_int err = detail::errHandler( + ::clEnqueueMigrateMemObjects( + object_, + (cl_uint)memObjects.size(), + static_cast(localMemObjects), + flags, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_UNMAP_MEM_OBJECT_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } +#endif // #if defined(CL_VERSION_1_2) + + cl_int enqueueNDRangeKernel( + const Kernel& kernel, + const NDRange& offset, + const NDRange& global, + const NDRange& local = NullRange, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueNDRangeKernel( + object_, kernel(), (cl_uint) global.dimensions(), + offset.dimensions() != 0 ? (const ::size_t*) offset : NULL, + (const ::size_t*) global, + local.dimensions() != 0 ? (const ::size_t*) local : NULL, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_NDRANGE_KERNEL_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueTask( + const Kernel& kernel, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueTask( + object_, kernel(), + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_TASK_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueNativeKernel( + void (CL_CALLBACK *userFptr)(void *), + std::pair args, + const VECTOR_CLASS* mem_objects = NULL, + const VECTOR_CLASS* mem_locs = NULL, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_mem * mems = (mem_objects != NULL && mem_objects->size() > 0) + ? (cl_mem*) alloca(mem_objects->size() * sizeof(cl_mem)) + : NULL; + + if (mems != NULL) { + for (unsigned int i = 0; i < mem_objects->size(); i++) { + mems[i] = ((*mem_objects)[i])(); + } + } + + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueNativeKernel( + object_, userFptr, args.first, args.second, + (mem_objects != NULL) ? (cl_uint) mem_objects->size() : 0, + mems, + (mem_locs != NULL && mem_locs->size() > 0) ? (const void **) &mem_locs->front() : NULL, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_NATIVE_KERNEL); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + +/** + * Deprecated APIs for 1.2 + */ +#if defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) || (defined(CL_VERSION_1_1) && !defined(CL_VERSION_1_2)) + CL_EXT_PREFIX__VERSION_1_1_DEPRECATED + cl_int enqueueMarker(Event* event = NULL) const CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueMarker( + object_, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_MARKER_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + CL_EXT_PREFIX__VERSION_1_1_DEPRECATED + cl_int enqueueWaitForEvents(const VECTOR_CLASS& events) const CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED + { + return detail::errHandler( + ::clEnqueueWaitForEvents( + object_, + (cl_uint) events.size(), + events.size() > 0 ? (const cl_event*) &events.front() : NULL), + __ENQUEUE_WAIT_FOR_EVENTS_ERR); + } +#endif // #if defined(CL_VERSION_1_1) + + cl_int enqueueAcquireGLObjects( + const VECTOR_CLASS* mem_objects = NULL, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueAcquireGLObjects( + object_, + (mem_objects != NULL) ? (cl_uint) mem_objects->size() : 0, + (mem_objects != NULL && mem_objects->size() > 0) ? (const cl_mem *) &mem_objects->front(): NULL, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_ACQUIRE_GL_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueReleaseGLObjects( + const VECTOR_CLASS* mem_objects = NULL, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueReleaseGLObjects( + object_, + (mem_objects != NULL) ? (cl_uint) mem_objects->size() : 0, + (mem_objects != NULL && mem_objects->size() > 0) ? (const cl_mem *) &mem_objects->front(): NULL, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_RELEASE_GL_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + +#if defined (USE_DX_INTEROP) +typedef CL_API_ENTRY cl_int (CL_API_CALL *PFN_clEnqueueAcquireD3D10ObjectsKHR)( + cl_command_queue command_queue, cl_uint num_objects, + const cl_mem* mem_objects, cl_uint num_events_in_wait_list, + const cl_event* event_wait_list, cl_event* event); +typedef CL_API_ENTRY cl_int (CL_API_CALL *PFN_clEnqueueReleaseD3D10ObjectsKHR)( + cl_command_queue command_queue, cl_uint num_objects, + const cl_mem* mem_objects, cl_uint num_events_in_wait_list, + const cl_event* event_wait_list, cl_event* event); + + cl_int enqueueAcquireD3D10Objects( + const VECTOR_CLASS* mem_objects = NULL, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + static PFN_clEnqueueAcquireD3D10ObjectsKHR pfn_clEnqueueAcquireD3D10ObjectsKHR = NULL; +#if defined(CL_VERSION_1_2) + cl_context context = getInfo(); + cl::Device device(getInfo()); + cl_platform_id platform = device.getInfo(); + __INIT_CL_EXT_FCN_PTR_PLATFORM(platform, clEnqueueAcquireD3D10ObjectsKHR); +#endif +#if defined(CL_VERSION_1_1) + __INIT_CL_EXT_FCN_PTR(clEnqueueAcquireD3D10ObjectsKHR); +#endif + + cl_event tmp; + cl_int err = detail::errHandler( + pfn_clEnqueueAcquireD3D10ObjectsKHR( + object_, + (mem_objects != NULL) ? (cl_uint) mem_objects->size() : 0, + (mem_objects != NULL && mem_objects->size() > 0) ? (const cl_mem *) &mem_objects->front(): NULL, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_ACQUIRE_GL_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueReleaseD3D10Objects( + const VECTOR_CLASS* mem_objects = NULL, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) const + { + static PFN_clEnqueueReleaseD3D10ObjectsKHR pfn_clEnqueueReleaseD3D10ObjectsKHR = NULL; +#if defined(CL_VERSION_1_2) + cl_context context = getInfo(); + cl::Device device(getInfo()); + cl_platform_id platform = device.getInfo(); + __INIT_CL_EXT_FCN_PTR_PLATFORM(platform, clEnqueueReleaseD3D10ObjectsKHR); +#endif // #if defined(CL_VERSION_1_2) +#if defined(CL_VERSION_1_1) + __INIT_CL_EXT_FCN_PTR(clEnqueueReleaseD3D10ObjectsKHR); +#endif // #if defined(CL_VERSION_1_1) + + cl_event tmp; + cl_int err = detail::errHandler( + pfn_clEnqueueReleaseD3D10ObjectsKHR( + object_, + (mem_objects != NULL) ? (cl_uint) mem_objects->size() : 0, + (mem_objects != NULL && mem_objects->size() > 0) ? (const cl_mem *) &mem_objects->front(): NULL, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_RELEASE_GL_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } +#endif + +/** + * Deprecated APIs for 1.2 + */ +#if defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) || (defined(CL_VERSION_1_1) && !defined(CL_VERSION_1_2)) + CL_EXT_PREFIX__VERSION_1_1_DEPRECATED + cl_int enqueueBarrier() const CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED + { + return detail::errHandler( + ::clEnqueueBarrier(object_), + __ENQUEUE_BARRIER_ERR); + } +#endif // #if defined(CL_VERSION_1_1) + + cl_int flush() const + { + return detail::errHandler(::clFlush(object_), __FLUSH_ERR); + } + + cl_int finish() const + { + return detail::errHandler(::clFinish(object_), __FINISH_ERR); + } +}; + +#ifdef _WIN32 +#ifdef CL_HPP_CPP11_ATOMICS_SUPPORTED +__declspec(selectany) std::atomic CommandQueue::default_initialized_; +#else // !CL_HPP_CPP11_ATOMICS_SUPPORTED +__declspec(selectany) volatile int CommandQueue::default_initialized_ = __DEFAULT_NOT_INITIALIZED; +#endif // !CL_HPP_CPP11_ATOMICS_SUPPORTED +__declspec(selectany) CommandQueue CommandQueue::default_; +__declspec(selectany) volatile cl_int CommandQueue::default_error_ = CL_SUCCESS; +#else // !_WIN32 +#ifdef CL_HPP_CPP11_ATOMICS_SUPPORTED +__attribute__((weak)) std::atomic CommandQueue::default_initialized_; +#else // !CL_HPP_CPP11_ATOMICS_SUPPORTED +__attribute__((weak)) volatile int CommandQueue::default_initialized_ = __DEFAULT_NOT_INITIALIZED; +#endif // !CL_HPP_CPP11_ATOMICS_SUPPORTED +__attribute__((weak)) CommandQueue CommandQueue::default_; +__attribute__((weak)) volatile cl_int CommandQueue::default_error_ = CL_SUCCESS; +#endif // !_WIN32 + +template< typename IteratorType > +Buffer::Buffer( + const Context &context, + IteratorType startIterator, + IteratorType endIterator, + bool readOnly, + bool useHostPtr, + cl_int* err) +{ + typedef typename std::iterator_traits::value_type DataType; + cl_int error; + + cl_mem_flags flags = 0; + if( readOnly ) { + flags |= CL_MEM_READ_ONLY; + } + else { + flags |= CL_MEM_READ_WRITE; + } + if( useHostPtr ) { + flags |= CL_MEM_USE_HOST_PTR; + } + + ::size_t size = sizeof(DataType)*(endIterator - startIterator); + + if( useHostPtr ) { + object_ = ::clCreateBuffer(context(), flags, size, static_cast(&*startIterator), &error); + } else { + object_ = ::clCreateBuffer(context(), flags, size, 0, &error); + } + + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + + if( !useHostPtr ) { + CommandQueue queue(context, 0, &error); + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + + error = cl::copy(queue, startIterator, endIterator, *this); + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + } +} + +template< typename IteratorType > +Buffer::Buffer( + const CommandQueue &queue, + IteratorType startIterator, + IteratorType endIterator, + bool readOnly, + bool useHostPtr, + cl_int* err) +{ + typedef typename std::iterator_traits::value_type DataType; + cl_int error; + + cl_mem_flags flags = 0; + if (readOnly) { + flags |= CL_MEM_READ_ONLY; + } + else { + flags |= CL_MEM_READ_WRITE; + } + if (useHostPtr) { + flags |= CL_MEM_USE_HOST_PTR; + } + + ::size_t size = sizeof(DataType)*(endIterator - startIterator); + + Context context = queue.getInfo(); + + if (useHostPtr) { + object_ = ::clCreateBuffer(context(), flags, size, static_cast(&*startIterator), &error); + } + else { + object_ = ::clCreateBuffer(context(), flags, size, 0, &error); + } + + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + + if (!useHostPtr) { + error = cl::copy(queue, startIterator, endIterator, *this); + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + } +} + +inline cl_int enqueueReadBuffer( + const Buffer& buffer, + cl_bool blocking, + ::size_t offset, + ::size_t size, + void* ptr, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueReadBuffer(buffer, blocking, offset, size, ptr, events, event); +} + +inline cl_int enqueueWriteBuffer( + const Buffer& buffer, + cl_bool blocking, + ::size_t offset, + ::size_t size, + const void* ptr, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueWriteBuffer(buffer, blocking, offset, size, ptr, events, event); +} + +inline void* enqueueMapBuffer( + const Buffer& buffer, + cl_bool blocking, + cl_map_flags flags, + ::size_t offset, + ::size_t size, + const VECTOR_CLASS* events = NULL, + Event* event = NULL, + cl_int* err = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + detail::errHandler(error, __ENQUEUE_MAP_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + + void * result = ::clEnqueueMapBuffer( + queue(), buffer(), blocking, flags, offset, size, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (cl_event*) event, + &error); + + detail::errHandler(error, __ENQUEUE_MAP_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + return result; +} + +inline cl_int enqueueUnmapMemObject( + const Memory& memory, + void* mapped_ptr, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + detail::errHandler(error, __ENQUEUE_MAP_BUFFER_ERR); + if (error != CL_SUCCESS) { + return error; + } + + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueUnmapMemObject( + queue(), memory(), mapped_ptr, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_UNMAP_MEM_OBJECT_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; +} + +inline cl_int enqueueCopyBuffer( + const Buffer& src, + const Buffer& dst, + ::size_t src_offset, + ::size_t dst_offset, + ::size_t size, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueCopyBuffer(src, dst, src_offset, dst_offset, size, events, event); +} + +/** + * Blocking copy operation between iterators and a buffer. + * Host to Device. + * Uses default command queue. + */ +template< typename IteratorType > +inline cl_int copy( IteratorType startIterator, IteratorType endIterator, cl::Buffer &buffer ) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + if (error != CL_SUCCESS) + return error; + + return cl::copy(queue, startIterator, endIterator, buffer); +} + +/** + * Blocking copy operation between iterators and a buffer. + * Device to Host. + * Uses default command queue. + */ +template< typename IteratorType > +inline cl_int copy( const cl::Buffer &buffer, IteratorType startIterator, IteratorType endIterator ) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + if (error != CL_SUCCESS) + return error; + + return cl::copy(queue, buffer, startIterator, endIterator); +} + +/** + * Blocking copy operation between iterators and a buffer. + * Host to Device. + * Uses specified queue. + */ +template< typename IteratorType > +inline cl_int copy( const CommandQueue &queue, IteratorType startIterator, IteratorType endIterator, cl::Buffer &buffer ) +{ + typedef typename std::iterator_traits::value_type DataType; + cl_int error; + + ::size_t length = endIterator-startIterator; + ::size_t byteLength = length*sizeof(DataType); + + DataType *pointer = + static_cast(queue.enqueueMapBuffer(buffer, CL_TRUE, CL_MAP_WRITE, 0, byteLength, 0, 0, &error)); + // if exceptions enabled, enqueueMapBuffer will throw + if( error != CL_SUCCESS ) { + return error; + } +#if defined(_MSC_VER) + std::copy( + startIterator, + endIterator, + stdext::checked_array_iterator( + pointer, length)); +#else + std::copy(startIterator, endIterator, pointer); +#endif + Event endEvent; + error = queue.enqueueUnmapMemObject(buffer, pointer, 0, &endEvent); + // if exceptions enabled, enqueueUnmapMemObject will throw + if( error != CL_SUCCESS ) { + return error; + } + endEvent.wait(); + return CL_SUCCESS; +} + +/** + * Blocking copy operation between iterators and a buffer. + * Device to Host. + * Uses specified queue. + */ +template< typename IteratorType > +inline cl_int copy( const CommandQueue &queue, const cl::Buffer &buffer, IteratorType startIterator, IteratorType endIterator ) +{ + typedef typename std::iterator_traits::value_type DataType; + cl_int error; + + ::size_t length = endIterator-startIterator; + ::size_t byteLength = length*sizeof(DataType); + + DataType *pointer = + static_cast(queue.enqueueMapBuffer(buffer, CL_TRUE, CL_MAP_READ, 0, byteLength, 0, 0, &error)); + // if exceptions enabled, enqueueMapBuffer will throw + if( error != CL_SUCCESS ) { + return error; + } + std::copy(pointer, pointer + length, startIterator); + Event endEvent; + error = queue.enqueueUnmapMemObject(buffer, pointer, 0, &endEvent); + // if exceptions enabled, enqueueUnmapMemObject will throw + if( error != CL_SUCCESS ) { + return error; + } + endEvent.wait(); + return CL_SUCCESS; +} + +#if defined(CL_VERSION_1_1) +inline cl_int enqueueReadBufferRect( + const Buffer& buffer, + cl_bool blocking, + const size_t<3>& buffer_offset, + const size_t<3>& host_offset, + const size_t<3>& region, + ::size_t buffer_row_pitch, + ::size_t buffer_slice_pitch, + ::size_t host_row_pitch, + ::size_t host_slice_pitch, + void *ptr, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueReadBufferRect( + buffer, + blocking, + buffer_offset, + host_offset, + region, + buffer_row_pitch, + buffer_slice_pitch, + host_row_pitch, + host_slice_pitch, + ptr, + events, + event); +} + +inline cl_int enqueueWriteBufferRect( + const Buffer& buffer, + cl_bool blocking, + const size_t<3>& buffer_offset, + const size_t<3>& host_offset, + const size_t<3>& region, + ::size_t buffer_row_pitch, + ::size_t buffer_slice_pitch, + ::size_t host_row_pitch, + ::size_t host_slice_pitch, + void *ptr, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueWriteBufferRect( + buffer, + blocking, + buffer_offset, + host_offset, + region, + buffer_row_pitch, + buffer_slice_pitch, + host_row_pitch, + host_slice_pitch, + ptr, + events, + event); +} + +inline cl_int enqueueCopyBufferRect( + const Buffer& src, + const Buffer& dst, + const size_t<3>& src_origin, + const size_t<3>& dst_origin, + const size_t<3>& region, + ::size_t src_row_pitch, + ::size_t src_slice_pitch, + ::size_t dst_row_pitch, + ::size_t dst_slice_pitch, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueCopyBufferRect( + src, + dst, + src_origin, + dst_origin, + region, + src_row_pitch, + src_slice_pitch, + dst_row_pitch, + dst_slice_pitch, + events, + event); +} +#endif + +inline cl_int enqueueReadImage( + const Image& image, + cl_bool blocking, + const size_t<3>& origin, + const size_t<3>& region, + ::size_t row_pitch, + ::size_t slice_pitch, + void* ptr, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueReadImage( + image, + blocking, + origin, + region, + row_pitch, + slice_pitch, + ptr, + events, + event); +} + +inline cl_int enqueueWriteImage( + const Image& image, + cl_bool blocking, + const size_t<3>& origin, + const size_t<3>& region, + ::size_t row_pitch, + ::size_t slice_pitch, + void* ptr, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueWriteImage( + image, + blocking, + origin, + region, + row_pitch, + slice_pitch, + ptr, + events, + event); +} + +inline cl_int enqueueCopyImage( + const Image& src, + const Image& dst, + const size_t<3>& src_origin, + const size_t<3>& dst_origin, + const size_t<3>& region, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueCopyImage( + src, + dst, + src_origin, + dst_origin, + region, + events, + event); +} + +inline cl_int enqueueCopyImageToBuffer( + const Image& src, + const Buffer& dst, + const size_t<3>& src_origin, + const size_t<3>& region, + ::size_t dst_offset, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueCopyImageToBuffer( + src, + dst, + src_origin, + region, + dst_offset, + events, + event); +} + +inline cl_int enqueueCopyBufferToImage( + const Buffer& src, + const Image& dst, + ::size_t src_offset, + const size_t<3>& dst_origin, + const size_t<3>& region, + const VECTOR_CLASS* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueCopyBufferToImage( + src, + dst, + src_offset, + dst_origin, + region, + events, + event); +} + + +inline cl_int flush(void) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.flush(); +} + +inline cl_int finish(void) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + + return queue.finish(); +} + +// Kernel Functor support +// New interface as of September 2011 +// Requires the C++11 std::tr1::function (note do not support TR1) +// Visual Studio 2010 and GCC 4.2 + +struct EnqueueArgs +{ + CommandQueue queue_; + const NDRange offset_; + const NDRange global_; + const NDRange local_; + VECTOR_CLASS events_; + + EnqueueArgs(NDRange global) : + queue_(CommandQueue::getDefault()), + offset_(NullRange), + global_(global), + local_(NullRange) + { + + } + + EnqueueArgs(NDRange global, NDRange local) : + queue_(CommandQueue::getDefault()), + offset_(NullRange), + global_(global), + local_(local) + { + + } + + EnqueueArgs(NDRange offset, NDRange global, NDRange local) : + queue_(CommandQueue::getDefault()), + offset_(offset), + global_(global), + local_(local) + { + + } + + EnqueueArgs(Event e, NDRange global) : + queue_(CommandQueue::getDefault()), + offset_(NullRange), + global_(global), + local_(NullRange) + { + events_.push_back(e); + } + + EnqueueArgs(Event e, NDRange global, NDRange local) : + queue_(CommandQueue::getDefault()), + offset_(NullRange), + global_(global), + local_(local) + { + events_.push_back(e); + } + + EnqueueArgs(Event e, NDRange offset, NDRange global, NDRange local) : + queue_(CommandQueue::getDefault()), + offset_(offset), + global_(global), + local_(local) + { + events_.push_back(e); + } + + EnqueueArgs(const VECTOR_CLASS &events, NDRange global) : + queue_(CommandQueue::getDefault()), + offset_(NullRange), + global_(global), + local_(NullRange), + events_(events) + { + + } + + EnqueueArgs(const VECTOR_CLASS &events, NDRange global, NDRange local) : + queue_(CommandQueue::getDefault()), + offset_(NullRange), + global_(global), + local_(local), + events_(events) + { + + } + + EnqueueArgs(const VECTOR_CLASS &events, NDRange offset, NDRange global, NDRange local) : + queue_(CommandQueue::getDefault()), + offset_(offset), + global_(global), + local_(local), + events_(events) + { + + } + + EnqueueArgs(CommandQueue &queue, NDRange global) : + queue_(queue), + offset_(NullRange), + global_(global), + local_(NullRange) + { + + } + + EnqueueArgs(CommandQueue &queue, NDRange global, NDRange local) : + queue_(queue), + offset_(NullRange), + global_(global), + local_(local) + { + + } + + EnqueueArgs(CommandQueue &queue, NDRange offset, NDRange global, NDRange local) : + queue_(queue), + offset_(offset), + global_(global), + local_(local) + { + + } + + EnqueueArgs(CommandQueue &queue, Event e, NDRange global) : + queue_(queue), + offset_(NullRange), + global_(global), + local_(NullRange) + { + events_.push_back(e); + } + + EnqueueArgs(CommandQueue &queue, Event e, NDRange global, NDRange local) : + queue_(queue), + offset_(NullRange), + global_(global), + local_(local) + { + events_.push_back(e); + } + + EnqueueArgs(CommandQueue &queue, Event e, NDRange offset, NDRange global, NDRange local) : + queue_(queue), + offset_(offset), + global_(global), + local_(local) + { + events_.push_back(e); + } + + EnqueueArgs(CommandQueue &queue, const VECTOR_CLASS &events, NDRange global) : + queue_(queue), + offset_(NullRange), + global_(global), + local_(NullRange), + events_(events) + { + + } + + EnqueueArgs(CommandQueue &queue, const VECTOR_CLASS &events, NDRange global, NDRange local) : + queue_(queue), + offset_(NullRange), + global_(global), + local_(local), + events_(events) + { + + } + + EnqueueArgs(CommandQueue &queue, const VECTOR_CLASS &events, NDRange offset, NDRange global, NDRange local) : + queue_(queue), + offset_(offset), + global_(global), + local_(local), + events_(events) + { + + } +}; + +namespace detail { + +class NullType {}; + +template +struct SetArg +{ + static void set (Kernel kernel, T0 arg) + { + kernel.setArg(index, arg); + } +}; + +template +struct SetArg +{ + static void set (Kernel, NullType) + { + } +}; + +template < + typename T0, typename T1, typename T2, typename T3, + typename T4, typename T5, typename T6, typename T7, + typename T8, typename T9, typename T10, typename T11, + typename T12, typename T13, typename T14, typename T15, + typename T16, typename T17, typename T18, typename T19, + typename T20, typename T21, typename T22, typename T23, + typename T24, typename T25, typename T26, typename T27, + typename T28, typename T29, typename T30, typename T31 +> +class KernelFunctorGlobal +{ +private: + Kernel kernel_; + +public: + KernelFunctorGlobal( + Kernel kernel) : + kernel_(kernel) + {} + + KernelFunctorGlobal( + const Program& program, + const STRING_CLASS name, + cl_int * err = NULL) : + kernel_(program, name.c_str(), err) + {} + + Event operator() ( + const EnqueueArgs& args, + T0 t0, + T1 t1 = NullType(), + T2 t2 = NullType(), + T3 t3 = NullType(), + T4 t4 = NullType(), + T5 t5 = NullType(), + T6 t6 = NullType(), + T7 t7 = NullType(), + T8 t8 = NullType(), + T9 t9 = NullType(), + T10 t10 = NullType(), + T11 t11 = NullType(), + T12 t12 = NullType(), + T13 t13 = NullType(), + T14 t14 = NullType(), + T15 t15 = NullType(), + T16 t16 = NullType(), + T17 t17 = NullType(), + T18 t18 = NullType(), + T19 t19 = NullType(), + T20 t20 = NullType(), + T21 t21 = NullType(), + T22 t22 = NullType(), + T23 t23 = NullType(), + T24 t24 = NullType(), + T25 t25 = NullType(), + T26 t26 = NullType(), + T27 t27 = NullType(), + T28 t28 = NullType(), + T29 t29 = NullType(), + T30 t30 = NullType(), + T31 t31 = NullType() + ) + { + Event event; + SetArg<0, T0>::set(kernel_, t0); + SetArg<1, T1>::set(kernel_, t1); + SetArg<2, T2>::set(kernel_, t2); + SetArg<3, T3>::set(kernel_, t3); + SetArg<4, T4>::set(kernel_, t4); + SetArg<5, T5>::set(kernel_, t5); + SetArg<6, T6>::set(kernel_, t6); + SetArg<7, T7>::set(kernel_, t7); + SetArg<8, T8>::set(kernel_, t8); + SetArg<9, T9>::set(kernel_, t9); + SetArg<10, T10>::set(kernel_, t10); + SetArg<11, T11>::set(kernel_, t11); + SetArg<12, T12>::set(kernel_, t12); + SetArg<13, T13>::set(kernel_, t13); + SetArg<14, T14>::set(kernel_, t14); + SetArg<15, T15>::set(kernel_, t15); + SetArg<16, T16>::set(kernel_, t16); + SetArg<17, T17>::set(kernel_, t17); + SetArg<18, T18>::set(kernel_, t18); + SetArg<19, T19>::set(kernel_, t19); + SetArg<20, T20>::set(kernel_, t20); + SetArg<21, T21>::set(kernel_, t21); + SetArg<22, T22>::set(kernel_, t22); + SetArg<23, T23>::set(kernel_, t23); + SetArg<24, T24>::set(kernel_, t24); + SetArg<25, T25>::set(kernel_, t25); + SetArg<26, T26>::set(kernel_, t26); + SetArg<27, T27>::set(kernel_, t27); + SetArg<28, T28>::set(kernel_, t28); + SetArg<29, T29>::set(kernel_, t29); + SetArg<30, T30>::set(kernel_, t30); + SetArg<31, T31>::set(kernel_, t31); + + args.queue_.enqueueNDRangeKernel( + kernel_, + args.offset_, + args.global_, + args.local_, + &args.events_, + &event); + + return event; + } + +}; + +//------------------------------------------------------------------------------------------------------ + + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15, + typename T16, + typename T17, + typename T18, + typename T19, + typename T20, + typename T21, + typename T22, + typename T23, + typename T24, + typename T25, + typename T26, + typename T27, + typename T28, + typename T29, + typename T30, + typename T31> +struct functionImplementation_ +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26, + T27, + T28, + T29, + T30, + T31> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 32)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26, + T27, + T28, + T29, + T30, + T31); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15, + T16 arg16, + T17 arg17, + T18 arg18, + T19 arg19, + T20 arg20, + T21 arg21, + T22 arg22, + T23 arg23, + T24 arg24, + T25 arg25, + T26 arg26, + T27 arg27, + T28 arg28, + T29 arg29, + T30 arg30, + T31 arg31) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15, + arg16, + arg17, + arg18, + arg19, + arg20, + arg21, + arg22, + arg23, + arg24, + arg25, + arg26, + arg27, + arg28, + arg29, + arg30, + arg31); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15, + typename T16, + typename T17, + typename T18, + typename T19, + typename T20, + typename T21, + typename T22, + typename T23, + typename T24, + typename T25, + typename T26, + typename T27, + typename T28, + typename T29, + typename T30> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26, + T27, + T28, + T29, + T30, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26, + T27, + T28, + T29, + T30, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 31)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26, + T27, + T28, + T29, + T30); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15, + T16 arg16, + T17 arg17, + T18 arg18, + T19 arg19, + T20 arg20, + T21 arg21, + T22 arg22, + T23 arg23, + T24 arg24, + T25 arg25, + T26 arg26, + T27 arg27, + T28 arg28, + T29 arg29, + T30 arg30) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15, + arg16, + arg17, + arg18, + arg19, + arg20, + arg21, + arg22, + arg23, + arg24, + arg25, + arg26, + arg27, + arg28, + arg29, + arg30); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15, + typename T16, + typename T17, + typename T18, + typename T19, + typename T20, + typename T21, + typename T22, + typename T23, + typename T24, + typename T25, + typename T26, + typename T27, + typename T28, + typename T29> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26, + T27, + T28, + T29, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26, + T27, + T28, + T29, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 30)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26, + T27, + T28, + T29); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15, + T16 arg16, + T17 arg17, + T18 arg18, + T19 arg19, + T20 arg20, + T21 arg21, + T22 arg22, + T23 arg23, + T24 arg24, + T25 arg25, + T26 arg26, + T27 arg27, + T28 arg28, + T29 arg29) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15, + arg16, + arg17, + arg18, + arg19, + arg20, + arg21, + arg22, + arg23, + arg24, + arg25, + arg26, + arg27, + arg28, + arg29); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15, + typename T16, + typename T17, + typename T18, + typename T19, + typename T20, + typename T21, + typename T22, + typename T23, + typename T24, + typename T25, + typename T26, + typename T27, + typename T28> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26, + T27, + T28, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26, + T27, + T28, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 29)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26, + T27, + T28); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15, + T16 arg16, + T17 arg17, + T18 arg18, + T19 arg19, + T20 arg20, + T21 arg21, + T22 arg22, + T23 arg23, + T24 arg24, + T25 arg25, + T26 arg26, + T27 arg27, + T28 arg28) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15, + arg16, + arg17, + arg18, + arg19, + arg20, + arg21, + arg22, + arg23, + arg24, + arg25, + arg26, + arg27, + arg28); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15, + typename T16, + typename T17, + typename T18, + typename T19, + typename T20, + typename T21, + typename T22, + typename T23, + typename T24, + typename T25, + typename T26, + typename T27> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26, + T27, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26, + T27, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 28)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26, + T27); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15, + T16 arg16, + T17 arg17, + T18 arg18, + T19 arg19, + T20 arg20, + T21 arg21, + T22 arg22, + T23 arg23, + T24 arg24, + T25 arg25, + T26 arg26, + T27 arg27) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15, + arg16, + arg17, + arg18, + arg19, + arg20, + arg21, + arg22, + arg23, + arg24, + arg25, + arg26, + arg27); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15, + typename T16, + typename T17, + typename T18, + typename T19, + typename T20, + typename T21, + typename T22, + typename T23, + typename T24, + typename T25, + typename T26> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 27)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + T26); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15, + T16 arg16, + T17 arg17, + T18 arg18, + T19 arg19, + T20 arg20, + T21 arg21, + T22 arg22, + T23 arg23, + T24 arg24, + T25 arg25, + T26 arg26) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15, + arg16, + arg17, + arg18, + arg19, + arg20, + arg21, + arg22, + arg23, + arg24, + arg25, + arg26); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15, + typename T16, + typename T17, + typename T18, + typename T19, + typename T20, + typename T21, + typename T22, + typename T23, + typename T24, + typename T25> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 26)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + T25); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15, + T16 arg16, + T17 arg17, + T18 arg18, + T19 arg19, + T20 arg20, + T21 arg21, + T22 arg22, + T23 arg23, + T24 arg24, + T25 arg25) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15, + arg16, + arg17, + arg18, + arg19, + arg20, + arg21, + arg22, + arg23, + arg24, + arg25); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15, + typename T16, + typename T17, + typename T18, + typename T19, + typename T20, + typename T21, + typename T22, + typename T23, + typename T24> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 25)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + T24); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15, + T16 arg16, + T17 arg17, + T18 arg18, + T19 arg19, + T20 arg20, + T21 arg21, + T22 arg22, + T23 arg23, + T24 arg24) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15, + arg16, + arg17, + arg18, + arg19, + arg20, + arg21, + arg22, + arg23, + arg24); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15, + typename T16, + typename T17, + typename T18, + typename T19, + typename T20, + typename T21, + typename T22, + typename T23> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 24)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + T23); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15, + T16 arg16, + T17 arg17, + T18 arg18, + T19 arg19, + T20 arg20, + T21 arg21, + T22 arg22, + T23 arg23) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15, + arg16, + arg17, + arg18, + arg19, + arg20, + arg21, + arg22, + arg23); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15, + typename T16, + typename T17, + typename T18, + typename T19, + typename T20, + typename T21, + typename T22> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 23)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + T22); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15, + T16 arg16, + T17 arg17, + T18 arg18, + T19 arg19, + T20 arg20, + T21 arg21, + T22 arg22) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15, + arg16, + arg17, + arg18, + arg19, + arg20, + arg21, + arg22); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15, + typename T16, + typename T17, + typename T18, + typename T19, + typename T20, + typename T21> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 22)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + T21); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15, + T16 arg16, + T17 arg17, + T18 arg18, + T19 arg19, + T20 arg20, + T21 arg21) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15, + arg16, + arg17, + arg18, + arg19, + arg20, + arg21); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15, + typename T16, + typename T17, + typename T18, + typename T19, + typename T20> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 21)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + T20); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15, + T16 arg16, + T17 arg17, + T18 arg18, + T19 arg19, + T20 arg20) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15, + arg16, + arg17, + arg18, + arg19, + arg20); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15, + typename T16, + typename T17, + typename T18, + typename T19> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 20)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + T19); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15, + T16 arg16, + T17 arg17, + T18 arg18, + T19 arg19) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15, + arg16, + arg17, + arg18, + arg19); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15, + typename T16, + typename T17, + typename T18> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 19)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + T18); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15, + T16 arg16, + T17 arg17, + T18 arg18) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15, + arg16, + arg17, + arg18); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15, + typename T16, + typename T17> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 18)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + T17); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15, + T16 arg16, + T17 arg17) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15, + arg16, + arg17); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15, + typename T16> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 17)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + T16); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15, + T16 arg16) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15, + arg16); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14, + typename T15> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 16)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + T15); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14, + T15 arg15) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14, + arg15); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13, + typename T14> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 15)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + T14); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13, + T14 arg14) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13, + arg14); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12, + typename T13> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 14)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + T13); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12, + T13 arg13) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12, + arg13); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11, + typename T12> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 13)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + T12); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11, + T12 arg12) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11, + arg12); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10, + typename T11> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 12)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + T11); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10, + T11 arg11) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10, + arg11); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9, + typename T10> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 11)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + T10); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9, + T10 arg10) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9, + arg10); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8, + typename T9> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 10)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + T9); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8, + T9 arg9) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8, + arg9); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7, + typename T8> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 9)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + T8); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7, + T8 arg8) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7, + arg8); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6, + typename T7> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 8)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6, + T7); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6, + T7 arg7) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6, + arg7); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5, + typename T6> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + T6, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + T6, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 7)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5, + T6); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5, + T6 arg6) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5, + arg6); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4, + typename T5> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + T5, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + T5, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 6)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4, + T5); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4, + T5 arg5) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4, + arg5); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3, + typename T4> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + T4, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + T4, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 5)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3, + T4); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3, + T4 arg4) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3, + arg4); + } + + +}; + +template< + typename T0, + typename T1, + typename T2, + typename T3> +struct functionImplementation_ +< T0, + T1, + T2, + T3, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + T3, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 4)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2, + T3); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2, + T3 arg3) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2, + arg3); + } + + +}; + +template< + typename T0, + typename T1, + typename T2> +struct functionImplementation_ +< T0, + T1, + T2, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + T2, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 3)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1, + T2); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1, + T2 arg2) + { + return functor_( + enqueueArgs, + arg0, + arg1, + arg2); + } + + +}; + +template< + typename T0, + typename T1> +struct functionImplementation_ +< T0, + T1, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + T1, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 2)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0, + T1); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0, + T1 arg1) + { + return functor_( + enqueueArgs, + arg0, + arg1); + } + + +}; + +template< + typename T0> +struct functionImplementation_ +< T0, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> +{ + typedef detail::KernelFunctorGlobal< + T0, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType, + NullType> FunctorType; + + FunctorType functor_; + + functionImplementation_(const FunctorType &functor) : + functor_(functor) + { + + #if (defined(_WIN32) && defined(_VARIADIC_MAX) && (_VARIADIC_MAX < 1)) + // Fail variadic expansion for dev11 + static_assert(0, "Visual Studio has a hard limit of argument count for a std::function expansion. Please define _VARIADIC_MAX to be 10. If you need more arguments than that VC12 and below cannot support it."); + #endif + + } + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + T0); + + Event operator()( + const EnqueueArgs& enqueueArgs, + T0 arg0) + { + return functor_( + enqueueArgs, + arg0); + } + + +}; + + + + + +} // namespace detail + +//---------------------------------------------------------------------------------------------- + +template < + typename T0, typename T1 = detail::NullType, typename T2 = detail::NullType, + typename T3 = detail::NullType, typename T4 = detail::NullType, + typename T5 = detail::NullType, typename T6 = detail::NullType, + typename T7 = detail::NullType, typename T8 = detail::NullType, + typename T9 = detail::NullType, typename T10 = detail::NullType, + typename T11 = detail::NullType, typename T12 = detail::NullType, + typename T13 = detail::NullType, typename T14 = detail::NullType, + typename T15 = detail::NullType, typename T16 = detail::NullType, + typename T17 = detail::NullType, typename T18 = detail::NullType, + typename T19 = detail::NullType, typename T20 = detail::NullType, + typename T21 = detail::NullType, typename T22 = detail::NullType, + typename T23 = detail::NullType, typename T24 = detail::NullType, + typename T25 = detail::NullType, typename T26 = detail::NullType, + typename T27 = detail::NullType, typename T28 = detail::NullType, + typename T29 = detail::NullType, typename T30 = detail::NullType, + typename T31 = detail::NullType +> +struct make_kernel : + public detail::functionImplementation_< + T0, T1, T2, T3, + T4, T5, T6, T7, + T8, T9, T10, T11, + T12, T13, T14, T15, + T16, T17, T18, T19, + T20, T21, T22, T23, + T24, T25, T26, T27, + T28, T29, T30, T31 + > +{ +public: + typedef detail::KernelFunctorGlobal< + T0, T1, T2, T3, + T4, T5, T6, T7, + T8, T9, T10, T11, + T12, T13, T14, T15, + T16, T17, T18, T19, + T20, T21, T22, T23, + T24, T25, T26, T27, + T28, T29, T30, T31 + > FunctorType; + + make_kernel( + const Program& program, + const STRING_CLASS name, + cl_int * err = NULL) : + detail::functionImplementation_< + T0, T1, T2, T3, + T4, T5, T6, T7, + T8, T9, T10, T11, + T12, T13, T14, T15, + T16, T17, T18, T19, + T20, T21, T22, T23, + T24, T25, T26, T27, + T28, T29, T30, T31 + >( + FunctorType(program, name, err)) + {} + + make_kernel( + const Kernel kernel) : + detail::functionImplementation_< + T0, T1, T2, T3, + T4, T5, T6, T7, + T8, T9, T10, T11, + T12, T13, T14, T15, + T16, T17, T18, T19, + T20, T21, T22, T23, + T24, T25, T26, T27, + T28, T29, T30, T31 + >( + FunctorType(kernel)) + {} +}; + + +//---------------------------------------------------------------------------------------------------------------------- + +#undef __ERR_STR +#if !defined(__CL_USER_OVERRIDE_ERROR_STRINGS) +#undef __GET_DEVICE_INFO_ERR +#undef __GET_PLATFORM_INFO_ERR +#undef __GET_DEVICE_IDS_ERR +#undef __GET_CONTEXT_INFO_ERR +#undef __GET_EVENT_INFO_ERR +#undef __GET_EVENT_PROFILE_INFO_ERR +#undef __GET_MEM_OBJECT_INFO_ERR +#undef __GET_IMAGE_INFO_ERR +#undef __GET_SAMPLER_INFO_ERR +#undef __GET_KERNEL_INFO_ERR +#undef __GET_KERNEL_ARG_INFO_ERR +#undef __GET_KERNEL_WORK_GROUP_INFO_ERR +#undef __GET_PROGRAM_INFO_ERR +#undef __GET_PROGRAM_BUILD_INFO_ERR +#undef __GET_COMMAND_QUEUE_INFO_ERR + +#undef __CREATE_CONTEXT_ERR +#undef __CREATE_CONTEXT_FROM_TYPE_ERR +#undef __GET_SUPPORTED_IMAGE_FORMATS_ERR + +#undef __CREATE_BUFFER_ERR +#undef __CREATE_SUBBUFFER_ERR +#undef __CREATE_IMAGE2D_ERR +#undef __CREATE_IMAGE3D_ERR +#undef __CREATE_SAMPLER_ERR +#undef __SET_MEM_OBJECT_DESTRUCTOR_CALLBACK_ERR + +#undef __CREATE_USER_EVENT_ERR +#undef __SET_USER_EVENT_STATUS_ERR +#undef __SET_EVENT_CALLBACK_ERR +#undef __SET_PRINTF_CALLBACK_ERR + +#undef __WAIT_FOR_EVENTS_ERR + +#undef __CREATE_KERNEL_ERR +#undef __SET_KERNEL_ARGS_ERR +#undef __CREATE_PROGRAM_WITH_SOURCE_ERR +#undef __CREATE_PROGRAM_WITH_BINARY_ERR +#undef __CREATE_PROGRAM_WITH_BUILT_IN_KERNELS_ERR +#undef __BUILD_PROGRAM_ERR +#undef __CREATE_KERNELS_IN_PROGRAM_ERR + +#undef __CREATE_COMMAND_QUEUE_ERR +#undef __SET_COMMAND_QUEUE_PROPERTY_ERR +#undef __ENQUEUE_READ_BUFFER_ERR +#undef __ENQUEUE_WRITE_BUFFER_ERR +#undef __ENQUEUE_READ_BUFFER_RECT_ERR +#undef __ENQUEUE_WRITE_BUFFER_RECT_ERR +#undef __ENQEUE_COPY_BUFFER_ERR +#undef __ENQEUE_COPY_BUFFER_RECT_ERR +#undef __ENQUEUE_READ_IMAGE_ERR +#undef __ENQUEUE_WRITE_IMAGE_ERR +#undef __ENQUEUE_COPY_IMAGE_ERR +#undef __ENQUEUE_COPY_IMAGE_TO_BUFFER_ERR +#undef __ENQUEUE_COPY_BUFFER_TO_IMAGE_ERR +#undef __ENQUEUE_MAP_BUFFER_ERR +#undef __ENQUEUE_MAP_IMAGE_ERR +#undef __ENQUEUE_UNMAP_MEM_OBJECT_ERR +#undef __ENQUEUE_NDRANGE_KERNEL_ERR +#undef __ENQUEUE_TASK_ERR +#undef __ENQUEUE_NATIVE_KERNEL + +#undef __CL_EXPLICIT_CONSTRUCTORS + +#undef __UNLOAD_COMPILER_ERR +#endif //__CL_USER_OVERRIDE_ERROR_STRINGS + +#undef __CL_FUNCTION_TYPE + +// Extensions +/** + * Deprecated APIs for 1.2 + */ +#if defined(CL_VERSION_1_1) +#undef __INIT_CL_EXT_FCN_PTR +#endif // #if defined(CL_VERSION_1_1) +#undef __CREATE_SUB_DEVICES + +#if defined(USE_CL_DEVICE_FISSION) +#undef __PARAM_NAME_DEVICE_FISSION +#endif // USE_CL_DEVICE_FISSION + +#undef __DEFAULT_NOT_INITIALIZED +#undef __DEFAULT_BEING_INITIALIZED +#undef __DEFAULT_INITIALIZED + +#undef CL_HPP_RVALUE_REFERENCES_SUPPORTED +#undef CL_HPP_NOEXCEPT + +} // namespace cl + +#endif // CL_HPP_ diff --git a/SPECS-EXTENDED/opencl-headers/cl2.hpp b/SPECS-EXTENDED/opencl-headers/cl2.hpp new file mode 100644 index 0000000000..0d6e805a0b --- /dev/null +++ b/SPECS-EXTENDED/opencl-headers/cl2.hpp @@ -0,0 +1,9570 @@ +/******************************************************************************* + * Copyright (c) 2008-2016 The Khronos Group Inc. + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and/or associated documentation files (the + * "Materials"), to deal in the Materials without restriction, including + * without limitation the rights to use, copy, modify, merge, publish, + * distribute, sublicense, and/or sell copies of the Materials, and to + * permit persons to whom the Materials are furnished to do so, subject to + * the following conditions: + * + * The above copyright notice and this permission notice shall be included + * in all copies or substantial portions of the Materials. + * + * MODIFICATIONS TO THIS FILE MAY MEAN IT NO LONGER ACCURATELY REFLECTS + * KHRONOS STANDARDS. THE UNMODIFIED, NORMATIVE VERSIONS OF KHRONOS + * SPECIFICATIONS AND HEADER INFORMATION ARE LOCATED AT + * https://www.khronos.org/registry/ + * + * THE MATERIALS ARE PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. + * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY + * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, + * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE + * MATERIALS OR THE USE OR OTHER DEALINGS IN THE MATERIALS. + ******************************************************************************/ + +/*! \file + * + * \brief C++ bindings for OpenCL 1.0 (rev 48), OpenCL 1.1 (rev 33), + * OpenCL 1.2 (rev 15) and OpenCL 2.0 (rev 29) + * \author Lee Howes and Bruce Merry + * + * Derived from the OpenCL 1.x C++ bindings written by + * Benedict R. Gaster, Laurent Morichetti and Lee Howes + * With additions and fixes from: + * Brian Cole, March 3rd 2010 and April 2012 + * Matt Gruenke, April 2012. + * Bruce Merry, February 2013. + * Tom Deakin and Simon McIntosh-Smith, July 2013 + * James Price, 2015- + * + * \version 2.0.10 + * \date 2016-07-20 + * + * Optional extension support + * + * cl_ext_device_fission + * #define CL_HPP_USE_CL_DEVICE_FISSION + * cl_khr_d3d10_sharing + * #define CL_HPP_USE_DX_INTEROP + * cl_khr_sub_groups + * #define CL_HPP_USE_CL_SUB_GROUPS_KHR + * + * Doxygen documentation for this header is available here: + * + * http://khronosgroup.github.io/OpenCL-CLHPP/ + * + * The latest version of this header can be found on the GitHub releases page: + * + * https://github.com/KhronosGroup/OpenCL-CLHPP/releases + * + * Bugs and patches can be submitted to the GitHub repository: + * + * https://github.com/KhronosGroup/OpenCL-CLHPP + */ + +/*! \mainpage + * \section intro Introduction + * For many large applications C++ is the language of choice and so it seems + * reasonable to define C++ bindings for OpenCL. + * + * The interface is contained with a single C++ header file \em cl2.hpp and all + * definitions are contained within the namespace \em cl. There is no additional + * requirement to include \em cl.h and to use either the C++ or original C + * bindings; it is enough to simply include \em cl2.hpp. + * + * The bindings themselves are lightweight and correspond closely to the + * underlying C API. Using the C++ bindings introduces no additional execution + * overhead. + * + * There are numerous compatibility, portability and memory management + * fixes in the new header as well as additional OpenCL 2.0 features. + * As a result the header is not directly backward compatible and for this + * reason we release it as cl2.hpp rather than a new version of cl.hpp. + * + * + * \section compatibility Compatibility + * Due to the evolution of the underlying OpenCL API the 2.0 C++ bindings + * include an updated approach to defining supported feature versions + * and the range of valid underlying OpenCL runtime versions supported. + * + * The combination of preprocessor macros CL_HPP_TARGET_OPENCL_VERSION and + * CL_HPP_MINIMUM_OPENCL_VERSION control this range. These are three digit + * decimal values representing OpenCL runime versions. The default for + * the target is 200, representing OpenCL 2.0 and the minimum is also + * defined as 200. These settings would use 2.0 API calls only. + * If backward compatibility with a 1.2 runtime is required, the minimum + * version may be set to 120. + * + * Note that this is a compile-time setting, and so affects linking against + * a particular SDK version rather than the versioning of the loaded runtime. + * + * The earlier versions of the header included basic vector and string + * classes based loosely on STL versions. These were difficult to + * maintain and very rarely used. For the 2.0 header we now assume + * the presence of the standard library unless requested otherwise. + * We use std::array, std::vector, std::shared_ptr and std::string + * throughout to safely manage memory and reduce the chance of a + * recurrance of earlier memory management bugs. + * + * These classes are used through typedefs in the cl namespace: + * cl::array, cl::vector, cl::pointer and cl::string. + * In addition cl::allocate_pointer forwards to std::allocate_shared + * by default. + * In all cases these standard library classes can be replaced with + * custom interface-compatible versions using the CL_HPP_NO_STD_ARRAY, + * CL_HPP_NO_STD_VECTOR, CL_HPP_NO_STD_UNIQUE_PTR and + * CL_HPP_NO_STD_STRING macros. + * + * The OpenCL 1.x versions of the C++ bindings included a size_t wrapper + * class to interface with kernel enqueue. This caused unpleasant interactions + * with the standard size_t declaration and led to namespacing bugs. + * In the 2.0 version we have replaced this with a std::array-based interface. + * However, the old behaviour can be regained for backward compatibility + * using the CL_HPP_ENABLE_SIZE_T_COMPATIBILITY macro. + * + * Finally, the program construction interface used a clumsy vector-of-pairs + * design in the earlier versions. We have replaced that with a cleaner + * vector-of-vectors and vector-of-strings design. However, for backward + * compatibility old behaviour can be regained with the + * CL_HPP_ENABLE_PROGRAM_CONSTRUCTION_FROM_ARRAY_COMPATIBILITY macro. + * + * In OpenCL 2.0 OpenCL C is not entirely backward compatibility with + * earlier versions. As a result a flag must be passed to the OpenCL C + * compiled to request OpenCL 2.0 compilation of kernels with 1.2 as + * the default in the absence of the flag. + * In some cases the C++ bindings automatically compile code for ease. + * For those cases the compilation defaults to OpenCL C 2.0. + * If this is not wanted, the CL_HPP_CL_1_2_DEFAULT_BUILD macro may + * be specified to assume 1.2 compilation. + * If more fine-grained decisions on a per-kernel bases are required + * then explicit build operations that take the flag should be used. + * + * + * \section parameterization Parameters + * This header may be parameterized by a set of preprocessor macros. + * + * - CL_HPP_TARGET_OPENCL_VERSION + * + * Defines the target OpenCL runtime version to build the header + * against. Defaults to 200, representing OpenCL 2.0. + * + * - CL_HPP_NO_STD_STRING + * + * Do not use the standard library string class. cl::string is not + * defined and may be defined by the user before cl2.hpp is + * included. + * + * - CL_HPP_NO_STD_VECTOR + * + * Do not use the standard library vector class. cl::vector is not + * defined and may be defined by the user before cl2.hpp is + * included. + * + * - CL_HPP_NO_STD_ARRAY + * + * Do not use the standard library array class. cl::array is not + * defined and may be defined by the user before cl2.hpp is + * included. + * + * - CL_HPP_NO_STD_UNIQUE_PTR + * + * Do not use the standard library unique_ptr class. cl::pointer and + * the cl::allocate_pointer functions are not defined and may be + * defined by the user before cl2.hpp is included. + * + * - CL_HPP_ENABLE_DEVICE_FISSION + * + * Enables device fission for OpenCL 1.2 platforms. + * + * - CL_HPP_ENABLE_EXCEPTIONS + * + * Enable exceptions for use in the C++ bindings header. This is the + * preferred error handling mechanism but is not required. + * + * - CL_HPP_ENABLE_SIZE_T_COMPATIBILITY + * + * Backward compatibility option to support cl.hpp-style size_t + * class. Replaces the updated std::array derived version and + * removal of size_t from the namespace. Note that in this case the + * new size_t class is placed in the cl::compatibility namespace and + * thus requires an additional using declaration for direct backward + * compatibility. + * + * - CL_HPP_ENABLE_PROGRAM_CONSTRUCTION_FROM_ARRAY_COMPATIBILITY + * + * Enable older vector of pairs interface for construction of + * programs. + * + * - CL_HPP_CL_1_2_DEFAULT_BUILD + * + * Default to OpenCL C 1.2 compilation rather than OpenCL C 2.0 + * applies to use of cl::Program construction and other program + * build variants. + * + * + * \section example Example + * + * The following example shows a general use case for the C++ + * bindings, including support for the optional exception feature and + * also the supplied vector and string classes, see following sections for + * decriptions of these features. + * + * \code + #define CL_HPP_ENABLE_EXCEPTIONS + #define CL_HPP_TARGET_OPENCL_VERSION 200 + + #include + #include + #include + #include + #include + + const int numElements = 32; + + int main(void) + { + // Filter for a 2.0 platform and set it as the default + std::vector platforms; + cl::Platform::get(&platforms); + cl::Platform plat; + for (auto &p : platforms) { + std::string platver = p.getInfo(); + if (platver.find("OpenCL 2.") != std::string::npos) { + plat = p; + } + } + if (plat() == 0) { + std::cout << "No OpenCL 2.0 platform found."; + return -1; + } + + cl::Platform newP = cl::Platform::setDefault(plat); + if (newP != plat) { + std::cout << "Error setting default platform."; + return -1; + } + + // Use C++11 raw string literals for kernel source code + std::string kernel1{R"CLC( + global int globalA; + kernel void updateGlobal() + { + globalA = 75; + } + )CLC"}; + std::string kernel2{R"CLC( + typedef struct { global int *bar; } Foo; + kernel void vectorAdd(global const Foo* aNum, global const int *inputA, global const int *inputB, + global int *output, int val, write_only pipe int outPipe, queue_t childQueue) + { + output[get_global_id(0)] = inputA[get_global_id(0)] + inputB[get_global_id(0)] + val + *(aNum->bar); + write_pipe(outPipe, &val); + queue_t default_queue = get_default_queue(); + ndrange_t ndrange = ndrange_1D(get_global_size(0)/2, get_global_size(0)/2); + + // Have a child kernel write into third quarter of output + enqueue_kernel(default_queue, CLK_ENQUEUE_FLAGS_WAIT_KERNEL, ndrange, + ^{ + output[get_global_size(0)*2 + get_global_id(0)] = + inputA[get_global_size(0)*2 + get_global_id(0)] + inputB[get_global_size(0)*2 + get_global_id(0)] + globalA; + }); + + // Have a child kernel write into last quarter of output + enqueue_kernel(childQueue, CLK_ENQUEUE_FLAGS_WAIT_KERNEL, ndrange, + ^{ + output[get_global_size(0)*3 + get_global_id(0)] = + inputA[get_global_size(0)*3 + get_global_id(0)] + inputB[get_global_size(0)*3 + get_global_id(0)] + globalA + 2; + }); + } + )CLC"}; + + // New simpler string interface style + std::vector programStrings {kernel1, kernel2}; + + cl::Program vectorAddProgram(programStrings); + try { + vectorAddProgram.build("-cl-std=CL2.0"); + } + catch (...) { + // Print build info for all devices + cl_int buildErr = CL_SUCCESS; + auto buildInfo = vectorAddProgram.getBuildInfo(&buildErr); + for (auto &pair : buildInfo) { + std::cerr << pair.second << std::endl << std::endl; + } + + return 1; + } + + typedef struct { int *bar; } Foo; + + // Get and run kernel that initializes the program-scope global + // A test for kernels that take no arguments + auto program2Kernel = + cl::KernelFunctor<>(vectorAddProgram, "updateGlobal"); + program2Kernel( + cl::EnqueueArgs( + cl::NDRange(1))); + + ////////////////// + // SVM allocations + + auto anSVMInt = cl::allocate_svm>(); + *anSVMInt = 5; + cl::SVMAllocator>> svmAllocReadOnly; + auto fooPointer = cl::allocate_pointer(svmAllocReadOnly); + fooPointer->bar = anSVMInt.get(); + cl::SVMAllocator> svmAlloc; + std::vector>> inputA(numElements, 1, svmAlloc); + cl::coarse_svm_vector inputB(numElements, 2, svmAlloc); + + // + ////////////// + + // Traditional cl_mem allocations + std::vector output(numElements, 0xdeadbeef); + cl::Buffer outputBuffer(begin(output), end(output), false); + cl::Pipe aPipe(sizeof(cl_int), numElements / 2); + + // Default command queue, also passed in as a parameter + cl::DeviceCommandQueue defaultDeviceQueue = cl::DeviceCommandQueue::makeDefault( + cl::Context::getDefault(), cl::Device::getDefault()); + + auto vectorAddKernel = + cl::KernelFunctor< + decltype(fooPointer)&, + int*, + cl::coarse_svm_vector&, + cl::Buffer, + int, + cl::Pipe&, + cl::DeviceCommandQueue + >(vectorAddProgram, "vectorAdd"); + + // Ensure that the additional SVM pointer is available to the kernel + // This one was not passed as a parameter + vectorAddKernel.setSVMPointers(anSVMInt); + + // Hand control of coarse allocations to runtime + cl::enqueueUnmapSVM(anSVMInt); + cl::enqueueUnmapSVM(fooPointer); + cl::unmapSVM(inputB); + cl::unmapSVM(output2); + + cl_int error; + vectorAddKernel( + cl::EnqueueArgs( + cl::NDRange(numElements/2), + cl::NDRange(numElements/2)), + fooPointer, + inputA.data(), + inputB, + outputBuffer, + 3, + aPipe, + defaultDeviceQueue, + error + ); + + cl::copy(outputBuffer, begin(output), end(output)); + // Grab the SVM output vector using a map + cl::mapSVM(output2); + + cl::Device d = cl::Device::getDefault(); + + std::cout << "Output:\n"; + for (int i = 1; i < numElements; ++i) { + std::cout << "\t" << output[i] << "\n"; + } + std::cout << "\n\n"; + + return 0; + } + * + * \endcode + * + */ +#ifndef CL_HPP_ +#define CL_HPP_ + +/* Handle deprecated preprocessor definitions. In each case, we only check for + * the old name if the new name is not defined, so that user code can define + * both and hence work with either version of the bindings. + */ +#if !defined(CL_HPP_USE_DX_INTEROP) && defined(USE_DX_INTEROP) +# pragma message("cl2.hpp: USE_DX_INTEROP is deprecated. Define CL_HPP_USE_DX_INTEROP instead") +# define CL_HPP_USE_DX_INTEROP +#endif +#if !defined(CL_HPP_USE_CL_DEVICE_FISSION) && defined(USE_CL_DEVICE_FISSION) +# pragma message("cl2.hpp: USE_CL_DEVICE_FISSION is deprecated. Define CL_HPP_USE_CL_DEVICE_FISSION instead") +# define CL_HPP_USE_CL_DEVICE_FISSION +#endif +#if !defined(CL_HPP_ENABLE_EXCEPTIONS) && defined(__CL_ENABLE_EXCEPTIONS) +# pragma message("cl2.hpp: __CL_ENABLE_EXCEPTIONS is deprecated. Define CL_HPP_ENABLE_EXCEPTIONS instead") +# define CL_HPP_ENABLE_EXCEPTIONS +#endif +#if !defined(CL_HPP_NO_STD_VECTOR) && defined(__NO_STD_VECTOR) +# pragma message("cl2.hpp: __NO_STD_VECTOR is deprecated. Define CL_HPP_NO_STD_VECTOR instead") +# define CL_HPP_NO_STD_VECTOR +#endif +#if !defined(CL_HPP_NO_STD_STRING) && defined(__NO_STD_STRING) +# pragma message("cl2.hpp: __NO_STD_STRING is deprecated. Define CL_HPP_NO_STD_STRING instead") +# define CL_HPP_NO_STD_STRING +#endif +#if defined(VECTOR_CLASS) +# pragma message("cl2.hpp: VECTOR_CLASS is deprecated. Alias cl::vector instead") +#endif +#if defined(STRING_CLASS) +# pragma message("cl2.hpp: STRING_CLASS is deprecated. Alias cl::string instead.") +#endif +#if !defined(CL_HPP_USER_OVERRIDE_ERROR_STRINGS) && defined(__CL_USER_OVERRIDE_ERROR_STRINGS) +# pragma message("cl2.hpp: __CL_USER_OVERRIDE_ERROR_STRINGS is deprecated. Define CL_HPP_USER_OVERRIDE_ERROR_STRINGS instead") +# define CL_HPP_USER_OVERRIDE_ERROR_STRINGS +#endif + +/* Warn about features that are no longer supported + */ +#if defined(__USE_DEV_VECTOR) +# pragma message("cl2.hpp: __USE_DEV_VECTOR is no longer supported. Expect compilation errors") +#endif +#if defined(__USE_DEV_STRING) +# pragma message("cl2.hpp: __USE_DEV_STRING is no longer supported. Expect compilation errors") +#endif + +/* Detect which version to target */ +#if !defined(CL_HPP_TARGET_OPENCL_VERSION) +# pragma message("cl2.hpp: CL_HPP_TARGET_OPENCL_VERSION is not defined. It will default to 200 (OpenCL 2.0)") +# define CL_HPP_TARGET_OPENCL_VERSION 200 +#endif +#if CL_HPP_TARGET_OPENCL_VERSION != 100 && CL_HPP_TARGET_OPENCL_VERSION != 110 && CL_HPP_TARGET_OPENCL_VERSION != 120 && CL_HPP_TARGET_OPENCL_VERSION != 200 +# pragma message("cl2.hpp: CL_HPP_TARGET_OPENCL_VERSION is not a valid value (100, 110, 120 or 200). It will be set to 200") +# undef CL_HPP_TARGET_OPENCL_VERSION +# define CL_HPP_TARGET_OPENCL_VERSION 200 +#endif + +#if !defined(CL_HPP_MINIMUM_OPENCL_VERSION) +# define CL_HPP_MINIMUM_OPENCL_VERSION 200 +#endif +#if CL_HPP_MINIMUM_OPENCL_VERSION != 100 && CL_HPP_MINIMUM_OPENCL_VERSION != 110 && CL_HPP_MINIMUM_OPENCL_VERSION != 120 && CL_HPP_MINIMUM_OPENCL_VERSION != 200 +# pragma message("cl2.hpp: CL_HPP_MINIMUM_OPENCL_VERSION is not a valid value (100, 110, 120 or 200). It will be set to 100") +# undef CL_HPP_MINIMUM_OPENCL_VERSION +# define CL_HPP_MINIMUM_OPENCL_VERSION 100 +#endif +#if CL_HPP_MINIMUM_OPENCL_VERSION > CL_HPP_TARGET_OPENCL_VERSION +# error "CL_HPP_MINIMUM_OPENCL_VERSION must not be greater than CL_HPP_TARGET_OPENCL_VERSION" +#endif + +#if CL_HPP_MINIMUM_OPENCL_VERSION <= 100 && !defined(CL_USE_DEPRECATED_OPENCL_1_0_APIS) +# define CL_USE_DEPRECATED_OPENCL_1_0_APIS +#endif +#if CL_HPP_MINIMUM_OPENCL_VERSION <= 110 && !defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) +# define CL_USE_DEPRECATED_OPENCL_1_1_APIS +#endif +#if CL_HPP_MINIMUM_OPENCL_VERSION <= 120 && !defined(CL_USE_DEPRECATED_OPENCL_1_2_APIS) +# define CL_USE_DEPRECATED_OPENCL_1_2_APIS +#endif +#if CL_HPP_MINIMUM_OPENCL_VERSION <= 200 && !defined(CL_USE_DEPRECATED_OPENCL_2_0_APIS) +# define CL_USE_DEPRECATED_OPENCL_2_0_APIS +#endif + +#ifdef _WIN32 + +#include + +#if defined(CL_HPP_USE_DX_INTEROP) +#include +#include +#endif +#endif // _WIN32 + +#if defined(_MSC_VER) +#include +#endif // _MSC_VER + + // Check for a valid C++ version + +// Need to do both tests here because for some reason __cplusplus is not +// updated in visual studio +#if (!defined(_MSC_VER) && __cplusplus < 201103L) || (defined(_MSC_VER) && _MSC_VER < 1700) +#error Visual studio 2013 or another C++11-supporting compiler required +#endif + +// +#if defined(CL_HPP_USE_CL_DEVICE_FISSION) || defined(CL_HPP_USE_CL_SUB_GROUPS_KHR) +#include +#endif + +#if defined(__APPLE__) || defined(__MACOSX) +#include +#else +#include +#endif // !__APPLE__ + +#if (__cplusplus >= 201103L) +#define CL_HPP_NOEXCEPT_ noexcept +#else +#define CL_HPP_NOEXCEPT_ +#endif + +#if defined(_MSC_VER) +# define CL_HPP_DEFINE_STATIC_MEMBER_ __declspec(selectany) +#else +# define CL_HPP_DEFINE_STATIC_MEMBER_ __attribute__((weak)) +#endif // !_MSC_VER + +// Define deprecated prefixes and suffixes to ensure compilation +// in case they are not pre-defined +#if !defined(CL_EXT_PREFIX__VERSION_1_1_DEPRECATED) +#define CL_EXT_PREFIX__VERSION_1_1_DEPRECATED +#endif // #if !defined(CL_EXT_PREFIX__VERSION_1_1_DEPRECATED) +#if !defined(CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED) +#define CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED +#endif // #if !defined(CL_EXT_PREFIX__VERSION_1_1_DEPRECATED) + +#if !defined(CL_EXT_PREFIX__VERSION_1_2_DEPRECATED) +#define CL_EXT_PREFIX__VERSION_1_2_DEPRECATED +#endif // #if !defined(CL_EXT_PREFIX__VERSION_1_2_DEPRECATED) +#if !defined(CL_EXT_SUFFIX__VERSION_1_2_DEPRECATED) +#define CL_EXT_SUFFIX__VERSION_1_2_DEPRECATED +#endif // #if !defined(CL_EXT_PREFIX__VERSION_1_2_DEPRECATED) + +#if !defined(CL_CALLBACK) +#define CL_CALLBACK +#endif //CL_CALLBACK + +#include +#include +#include +#include +#include +#include + + +// Define a size_type to represent a correctly resolved size_t +#if defined(CL_HPP_ENABLE_SIZE_T_COMPATIBILITY) +namespace cl { + using size_type = ::size_t; +} // namespace cl +#else // #if defined(CL_HPP_ENABLE_SIZE_T_COMPATIBILITY) +namespace cl { + using size_type = size_t; +} // namespace cl +#endif // #if defined(CL_HPP_ENABLE_SIZE_T_COMPATIBILITY) + + +#if defined(CL_HPP_ENABLE_EXCEPTIONS) +#include +#endif // #if defined(CL_HPP_ENABLE_EXCEPTIONS) + +#if !defined(CL_HPP_NO_STD_VECTOR) +#include +namespace cl { + template < class T, class Alloc = std::allocator > + using vector = std::vector; +} // namespace cl +#endif // #if !defined(CL_HPP_NO_STD_VECTOR) + +#if !defined(CL_HPP_NO_STD_STRING) +#include +namespace cl { + using string = std::string; +} // namespace cl +#endif // #if !defined(CL_HPP_NO_STD_STRING) + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + +#if !defined(CL_HPP_NO_STD_UNIQUE_PTR) +#include +namespace cl { + // Replace unique_ptr and allocate_pointer for internal use + // to allow user to replace them + template + using pointer = std::unique_ptr; +} // namespace cl +#endif +#endif // #if CL_HPP_TARGET_OPENCL_VERSION >= 200 +#if !defined(CL_HPP_NO_STD_ARRAY) +#include +namespace cl { + template < class T, size_type N > + using array = std::array; +} // namespace cl +#endif // #if !defined(CL_HPP_NO_STD_ARRAY) + +// Define size_type appropriately to allow backward-compatibility +// use of the old size_t interface class +#if defined(CL_HPP_ENABLE_SIZE_T_COMPATIBILITY) +namespace cl { + namespace compatibility { + /*! \brief class used to interface between C++ and + * OpenCL C calls that require arrays of size_t values, whose + * size is known statically. + */ + template + class size_t + { + private: + size_type data_[N]; + + public: + //! \brief Initialize size_t to all 0s + size_t() + { + for (int i = 0; i < N; ++i) { + data_[i] = 0; + } + } + + size_t(const array &rhs) + { + for (int i = 0; i < N; ++i) { + data_[i] = rhs[i]; + } + } + + size_type& operator[](int index) + { + return data_[index]; + } + + const size_type& operator[](int index) const + { + return data_[index]; + } + + //! \brief Conversion operator to T*. + operator size_type* () { return data_; } + + //! \brief Conversion operator to const T*. + operator const size_type* () const { return data_; } + + operator array() const + { + array ret; + + for (int i = 0; i < N; ++i) { + ret[i] = data_[i]; + } + return ret; + } + }; + } // namespace compatibility + + template + using size_t = compatibility::size_t; +} // namespace cl +#endif // #if defined(CL_HPP_ENABLE_SIZE_T_COMPATIBILITY) + +// Helper alias to avoid confusing the macros +namespace cl { + namespace detail { + using size_t_array = array; + } // namespace detail +} // namespace cl + + +/*! \namespace cl + * + * \brief The OpenCL C++ bindings are defined within this namespace. + * + */ +namespace cl { + class Memory; + +#define CL_HPP_INIT_CL_EXT_FCN_PTR_(name) \ + if (!pfn_##name) { \ + pfn_##name = (PFN_##name) \ + clGetExtensionFunctionAddress(#name); \ + if (!pfn_##name) { \ + } \ + } + +#define CL_HPP_INIT_CL_EXT_FCN_PTR_PLATFORM_(platform, name) \ + if (!pfn_##name) { \ + pfn_##name = (PFN_##name) \ + clGetExtensionFunctionAddressForPlatform(platform, #name); \ + if (!pfn_##name) { \ + } \ + } + + class Program; + class Device; + class Context; + class CommandQueue; + class DeviceCommandQueue; + class Memory; + class Buffer; + class Pipe; + +#if defined(CL_HPP_ENABLE_EXCEPTIONS) + /*! \brief Exception class + * + * This may be thrown by API functions when CL_HPP_ENABLE_EXCEPTIONS is defined. + */ + class Error : public std::exception + { + private: + cl_int err_; + const char * errStr_; + public: + /*! \brief Create a new CL error exception for a given error code + * and corresponding message. + * + * \param err error code value. + * + * \param errStr a descriptive string that must remain in scope until + * handling of the exception has concluded. If set, it + * will be returned by what(). + */ + Error(cl_int err, const char * errStr = NULL) : err_(err), errStr_(errStr) + {} + + ~Error() throw() {} + + /*! \brief Get error string associated with exception + * + * \return A memory pointer to the error message string. + */ + virtual const char * what() const throw () + { + if (errStr_ == NULL) { + return "empty"; + } + else { + return errStr_; + } + } + + /*! \brief Get error code associated with exception + * + * \return The error code. + */ + cl_int err(void) const { return err_; } + }; +#define CL_HPP_ERR_STR_(x) #x +#else +#define CL_HPP_ERR_STR_(x) NULL +#endif // CL_HPP_ENABLE_EXCEPTIONS + + +namespace detail +{ +#if defined(CL_HPP_ENABLE_EXCEPTIONS) +static inline cl_int errHandler ( + cl_int err, + const char * errStr = NULL) +{ + if (err != CL_SUCCESS) { + throw Error(err, errStr); + } + return err; +} +#else +static inline cl_int errHandler (cl_int err, const char * errStr = NULL) +{ + (void) errStr; // suppress unused variable warning + return err; +} +#endif // CL_HPP_ENABLE_EXCEPTIONS +} + + + +//! \cond DOXYGEN_DETAIL +#if !defined(CL_HPP_USER_OVERRIDE_ERROR_STRINGS) +#define __GET_DEVICE_INFO_ERR CL_HPP_ERR_STR_(clGetDeviceInfo) +#define __GET_PLATFORM_INFO_ERR CL_HPP_ERR_STR_(clGetPlatformInfo) +#define __GET_DEVICE_IDS_ERR CL_HPP_ERR_STR_(clGetDeviceIDs) +#define __GET_PLATFORM_IDS_ERR CL_HPP_ERR_STR_(clGetPlatformIDs) +#define __GET_CONTEXT_INFO_ERR CL_HPP_ERR_STR_(clGetContextInfo) +#define __GET_EVENT_INFO_ERR CL_HPP_ERR_STR_(clGetEventInfo) +#define __GET_EVENT_PROFILE_INFO_ERR CL_HPP_ERR_STR_(clGetEventProfileInfo) +#define __GET_MEM_OBJECT_INFO_ERR CL_HPP_ERR_STR_(clGetMemObjectInfo) +#define __GET_IMAGE_INFO_ERR CL_HPP_ERR_STR_(clGetImageInfo) +#define __GET_SAMPLER_INFO_ERR CL_HPP_ERR_STR_(clGetSamplerInfo) +#define __GET_KERNEL_INFO_ERR CL_HPP_ERR_STR_(clGetKernelInfo) +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 +#define __GET_KERNEL_ARG_INFO_ERR CL_HPP_ERR_STR_(clGetKernelArgInfo) +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 +#define __GET_KERNEL_WORK_GROUP_INFO_ERR CL_HPP_ERR_STR_(clGetKernelWorkGroupInfo) +#define __GET_PROGRAM_INFO_ERR CL_HPP_ERR_STR_(clGetProgramInfo) +#define __GET_PROGRAM_BUILD_INFO_ERR CL_HPP_ERR_STR_(clGetProgramBuildInfo) +#define __GET_COMMAND_QUEUE_INFO_ERR CL_HPP_ERR_STR_(clGetCommandQueueInfo) + +#define __CREATE_CONTEXT_ERR CL_HPP_ERR_STR_(clCreateContext) +#define __CREATE_CONTEXT_FROM_TYPE_ERR CL_HPP_ERR_STR_(clCreateContextFromType) +#define __GET_SUPPORTED_IMAGE_FORMATS_ERR CL_HPP_ERR_STR_(clGetSupportedImageFormats) + +#define __CREATE_BUFFER_ERR CL_HPP_ERR_STR_(clCreateBuffer) +#define __COPY_ERR CL_HPP_ERR_STR_(cl::copy) +#define __CREATE_SUBBUFFER_ERR CL_HPP_ERR_STR_(clCreateSubBuffer) +#define __CREATE_GL_BUFFER_ERR CL_HPP_ERR_STR_(clCreateFromGLBuffer) +#define __CREATE_GL_RENDER_BUFFER_ERR CL_HPP_ERR_STR_(clCreateFromGLBuffer) +#define __GET_GL_OBJECT_INFO_ERR CL_HPP_ERR_STR_(clGetGLObjectInfo) +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 +#define __CREATE_IMAGE_ERR CL_HPP_ERR_STR_(clCreateImage) +#define __CREATE_GL_TEXTURE_ERR CL_HPP_ERR_STR_(clCreateFromGLTexture) +#define __IMAGE_DIMENSION_ERR CL_HPP_ERR_STR_(Incorrect image dimensions) +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 +#define __SET_MEM_OBJECT_DESTRUCTOR_CALLBACK_ERR CL_HPP_ERR_STR_(clSetMemObjectDestructorCallback) + +#define __CREATE_USER_EVENT_ERR CL_HPP_ERR_STR_(clCreateUserEvent) +#define __SET_USER_EVENT_STATUS_ERR CL_HPP_ERR_STR_(clSetUserEventStatus) +#define __SET_EVENT_CALLBACK_ERR CL_HPP_ERR_STR_(clSetEventCallback) +#define __WAIT_FOR_EVENTS_ERR CL_HPP_ERR_STR_(clWaitForEvents) + +#define __CREATE_KERNEL_ERR CL_HPP_ERR_STR_(clCreateKernel) +#define __SET_KERNEL_ARGS_ERR CL_HPP_ERR_STR_(clSetKernelArg) +#define __CREATE_PROGRAM_WITH_SOURCE_ERR CL_HPP_ERR_STR_(clCreateProgramWithSource) +#define __CREATE_PROGRAM_WITH_BINARY_ERR CL_HPP_ERR_STR_(clCreateProgramWithBinary) +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 +#define __CREATE_PROGRAM_WITH_BUILT_IN_KERNELS_ERR CL_HPP_ERR_STR_(clCreateProgramWithBuiltInKernels) +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 +#define __BUILD_PROGRAM_ERR CL_HPP_ERR_STR_(clBuildProgram) +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 +#define __COMPILE_PROGRAM_ERR CL_HPP_ERR_STR_(clCompileProgram) +#define __LINK_PROGRAM_ERR CL_HPP_ERR_STR_(clLinkProgram) +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 +#define __CREATE_KERNELS_IN_PROGRAM_ERR CL_HPP_ERR_STR_(clCreateKernelsInProgram) + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 +#define __CREATE_COMMAND_QUEUE_WITH_PROPERTIES_ERR CL_HPP_ERR_STR_(clCreateCommandQueueWithProperties) +#define __CREATE_SAMPLER_WITH_PROPERTIES_ERR CL_HPP_ERR_STR_(clCreateSamplerWithProperties) +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 200 +#define __SET_COMMAND_QUEUE_PROPERTY_ERR CL_HPP_ERR_STR_(clSetCommandQueueProperty) +#define __ENQUEUE_READ_BUFFER_ERR CL_HPP_ERR_STR_(clEnqueueReadBuffer) +#define __ENQUEUE_READ_BUFFER_RECT_ERR CL_HPP_ERR_STR_(clEnqueueReadBufferRect) +#define __ENQUEUE_WRITE_BUFFER_ERR CL_HPP_ERR_STR_(clEnqueueWriteBuffer) +#define __ENQUEUE_WRITE_BUFFER_RECT_ERR CL_HPP_ERR_STR_(clEnqueueWriteBufferRect) +#define __ENQEUE_COPY_BUFFER_ERR CL_HPP_ERR_STR_(clEnqueueCopyBuffer) +#define __ENQEUE_COPY_BUFFER_RECT_ERR CL_HPP_ERR_STR_(clEnqueueCopyBufferRect) +#define __ENQUEUE_FILL_BUFFER_ERR CL_HPP_ERR_STR_(clEnqueueFillBuffer) +#define __ENQUEUE_READ_IMAGE_ERR CL_HPP_ERR_STR_(clEnqueueReadImage) +#define __ENQUEUE_WRITE_IMAGE_ERR CL_HPP_ERR_STR_(clEnqueueWriteImage) +#define __ENQUEUE_COPY_IMAGE_ERR CL_HPP_ERR_STR_(clEnqueueCopyImage) +#define __ENQUEUE_FILL_IMAGE_ERR CL_HPP_ERR_STR_(clEnqueueFillImage) +#define __ENQUEUE_COPY_IMAGE_TO_BUFFER_ERR CL_HPP_ERR_STR_(clEnqueueCopyImageToBuffer) +#define __ENQUEUE_COPY_BUFFER_TO_IMAGE_ERR CL_HPP_ERR_STR_(clEnqueueCopyBufferToImage) +#define __ENQUEUE_MAP_BUFFER_ERR CL_HPP_ERR_STR_(clEnqueueMapBuffer) +#define __ENQUEUE_MAP_IMAGE_ERR CL_HPP_ERR_STR_(clEnqueueMapImage) +#define __ENQUEUE_UNMAP_MEM_OBJECT_ERR CL_HPP_ERR_STR_(clEnqueueUnMapMemObject) +#define __ENQUEUE_NDRANGE_KERNEL_ERR CL_HPP_ERR_STR_(clEnqueueNDRangeKernel) +#define __ENQUEUE_NATIVE_KERNEL CL_HPP_ERR_STR_(clEnqueueNativeKernel) +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 +#define __ENQUEUE_MIGRATE_MEM_OBJECTS_ERR CL_HPP_ERR_STR_(clEnqueueMigrateMemObjects) +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 + +#define __ENQUEUE_ACQUIRE_GL_ERR CL_HPP_ERR_STR_(clEnqueueAcquireGLObjects) +#define __ENQUEUE_RELEASE_GL_ERR CL_HPP_ERR_STR_(clEnqueueReleaseGLObjects) + +#define __CREATE_PIPE_ERR CL_HPP_ERR_STR_(clCreatePipe) +#define __GET_PIPE_INFO_ERR CL_HPP_ERR_STR_(clGetPipeInfo) + + +#define __RETAIN_ERR CL_HPP_ERR_STR_(Retain Object) +#define __RELEASE_ERR CL_HPP_ERR_STR_(Release Object) +#define __FLUSH_ERR CL_HPP_ERR_STR_(clFlush) +#define __FINISH_ERR CL_HPP_ERR_STR_(clFinish) +#define __VECTOR_CAPACITY_ERR CL_HPP_ERR_STR_(Vector capacity error) + +/** + * CL 1.2 version that uses device fission. + */ +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 +#define __CREATE_SUB_DEVICES_ERR CL_HPP_ERR_STR_(clCreateSubDevices) +#else +#define __CREATE_SUB_DEVICES_ERR CL_HPP_ERR_STR_(clCreateSubDevicesEXT) +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 + +/** + * Deprecated APIs for 1.2 + */ +#if defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) +#define __ENQUEUE_MARKER_ERR CL_HPP_ERR_STR_(clEnqueueMarker) +#define __ENQUEUE_WAIT_FOR_EVENTS_ERR CL_HPP_ERR_STR_(clEnqueueWaitForEvents) +#define __ENQUEUE_BARRIER_ERR CL_HPP_ERR_STR_(clEnqueueBarrier) +#define __UNLOAD_COMPILER_ERR CL_HPP_ERR_STR_(clUnloadCompiler) +#define __CREATE_GL_TEXTURE_2D_ERR CL_HPP_ERR_STR_(clCreateFromGLTexture2D) +#define __CREATE_GL_TEXTURE_3D_ERR CL_HPP_ERR_STR_(clCreateFromGLTexture3D) +#define __CREATE_IMAGE2D_ERR CL_HPP_ERR_STR_(clCreateImage2D) +#define __CREATE_IMAGE3D_ERR CL_HPP_ERR_STR_(clCreateImage3D) +#endif // #if defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) + +/** + * Deprecated APIs for 2.0 + */ +#if defined(CL_USE_DEPRECATED_OPENCL_1_2_APIS) +#define __CREATE_COMMAND_QUEUE_ERR CL_HPP_ERR_STR_(clCreateCommandQueue) +#define __ENQUEUE_TASK_ERR CL_HPP_ERR_STR_(clEnqueueTask) +#define __CREATE_SAMPLER_ERR CL_HPP_ERR_STR_(clCreateSampler) +#endif // #if defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) + +/** + * CL 1.2 marker and barrier commands + */ +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 +#define __ENQUEUE_MARKER_WAIT_LIST_ERR CL_HPP_ERR_STR_(clEnqueueMarkerWithWaitList) +#define __ENQUEUE_BARRIER_WAIT_LIST_ERR CL_HPP_ERR_STR_(clEnqueueBarrierWithWaitList) +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 + +#endif // CL_HPP_USER_OVERRIDE_ERROR_STRINGS +//! \endcond + + +namespace detail { + +// Generic getInfoHelper. The final parameter is used to guide overload +// resolution: the actual parameter passed is an int, which makes this +// a worse conversion sequence than a specialization that declares the +// parameter as an int. +template +inline cl_int getInfoHelper(Functor f, cl_uint name, T* param, long) +{ + return f(name, sizeof(T), param, NULL); +} + +// Specialized for getInfo +// Assumes that the output vector was correctly resized on the way in +template +inline cl_int getInfoHelper(Func f, cl_uint name, vector>* param, int) +{ + if (name != CL_PROGRAM_BINARIES) { + return CL_INVALID_VALUE; + } + if (param) { + // Create array of pointers, calculate total size and pass pointer array in + size_type numBinaries = param->size(); + vector binariesPointers(numBinaries); + + for (size_type i = 0; i < numBinaries; ++i) + { + binariesPointers[i] = (*param)[i].data(); + } + + cl_int err = f(name, numBinaries * sizeof(unsigned char*), binariesPointers.data(), NULL); + + if (err != CL_SUCCESS) { + return err; + } + } + + + return CL_SUCCESS; +} + +// Specialized getInfoHelper for vector params +template +inline cl_int getInfoHelper(Func f, cl_uint name, vector* param, long) +{ + size_type required; + cl_int err = f(name, 0, NULL, &required); + if (err != CL_SUCCESS) { + return err; + } + const size_type elements = required / sizeof(T); + + // Temporary to avoid changing param on an error + vector localData(elements); + err = f(name, required, localData.data(), NULL); + if (err != CL_SUCCESS) { + return err; + } + if (param) { + *param = std::move(localData); + } + + return CL_SUCCESS; +} + +/* Specialization for reference-counted types. This depends on the + * existence of Wrapper::cl_type, and none of the other types having the + * cl_type member. Note that simplify specifying the parameter as Wrapper + * does not work, because when using a derived type (e.g. Context) the generic + * template will provide a better match. + */ +template +inline cl_int getInfoHelper( + Func f, cl_uint name, vector* param, int, typename T::cl_type = 0) +{ + size_type required; + cl_int err = f(name, 0, NULL, &required); + if (err != CL_SUCCESS) { + return err; + } + + const size_type elements = required / sizeof(typename T::cl_type); + + vector value(elements); + err = f(name, required, value.data(), NULL); + if (err != CL_SUCCESS) { + return err; + } + + if (param) { + // Assign to convert CL type to T for each element + param->resize(elements); + + // Assign to param, constructing with retain behaviour + // to correctly capture each underlying CL object + for (size_type i = 0; i < elements; i++) { + (*param)[i] = T(value[i], true); + } + } + return CL_SUCCESS; +} + +// Specialized GetInfoHelper for string params +template +inline cl_int getInfoHelper(Func f, cl_uint name, string* param, long) +{ + size_type required; + cl_int err = f(name, 0, NULL, &required); + if (err != CL_SUCCESS) { + return err; + } + + // std::string has a constant data member + // a char vector does not + if (required > 0) { + vector value(required); + err = f(name, required, value.data(), NULL); + if (err != CL_SUCCESS) { + return err; + } + if (param) { + param->assign(begin(value), prev(end(value))); + } + } + else if (param) { + param->assign(""); + } + return CL_SUCCESS; +} + +// Specialized GetInfoHelper for clsize_t params +template +inline cl_int getInfoHelper(Func f, cl_uint name, array* param, long) +{ + size_type required; + cl_int err = f(name, 0, NULL, &required); + if (err != CL_SUCCESS) { + return err; + } + + size_type elements = required / sizeof(size_type); + vector value(elements, 0); + + err = f(name, required, value.data(), NULL); + if (err != CL_SUCCESS) { + return err; + } + + // Bound the copy with N to prevent overruns + // if passed N > than the amount copied + if (elements > N) { + elements = N; + } + for (size_type i = 0; i < elements; ++i) { + (*param)[i] = value[i]; + } + + return CL_SUCCESS; +} + +template struct ReferenceHandler; + +/* Specialization for reference-counted types. This depends on the + * existence of Wrapper::cl_type, and none of the other types having the + * cl_type member. Note that simplify specifying the parameter as Wrapper + * does not work, because when using a derived type (e.g. Context) the generic + * template will provide a better match. + */ +template +inline cl_int getInfoHelper(Func f, cl_uint name, T* param, int, typename T::cl_type = 0) +{ + typename T::cl_type value; + cl_int err = f(name, sizeof(value), &value, NULL); + if (err != CL_SUCCESS) { + return err; + } + *param = value; + if (value != NULL) + { + err = param->retain(); + if (err != CL_SUCCESS) { + return err; + } + } + return CL_SUCCESS; +} + +#define CL_HPP_PARAM_NAME_INFO_1_0_(F) \ + F(cl_platform_info, CL_PLATFORM_PROFILE, string) \ + F(cl_platform_info, CL_PLATFORM_VERSION, string) \ + F(cl_platform_info, CL_PLATFORM_NAME, string) \ + F(cl_platform_info, CL_PLATFORM_VENDOR, string) \ + F(cl_platform_info, CL_PLATFORM_EXTENSIONS, string) \ + \ + F(cl_device_info, CL_DEVICE_TYPE, cl_device_type) \ + F(cl_device_info, CL_DEVICE_VENDOR_ID, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_COMPUTE_UNITS, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_WORK_ITEM_DIMENSIONS, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_WORK_GROUP_SIZE, size_type) \ + F(cl_device_info, CL_DEVICE_MAX_WORK_ITEM_SIZES, cl::vector) \ + F(cl_device_info, CL_DEVICE_PREFERRED_VECTOR_WIDTH_CHAR, cl_uint) \ + F(cl_device_info, CL_DEVICE_PREFERRED_VECTOR_WIDTH_SHORT, cl_uint) \ + F(cl_device_info, CL_DEVICE_PREFERRED_VECTOR_WIDTH_INT, cl_uint) \ + F(cl_device_info, CL_DEVICE_PREFERRED_VECTOR_WIDTH_LONG, cl_uint) \ + F(cl_device_info, CL_DEVICE_PREFERRED_VECTOR_WIDTH_FLOAT, cl_uint) \ + F(cl_device_info, CL_DEVICE_PREFERRED_VECTOR_WIDTH_DOUBLE, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_CLOCK_FREQUENCY, cl_uint) \ + F(cl_device_info, CL_DEVICE_ADDRESS_BITS, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_READ_IMAGE_ARGS, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_WRITE_IMAGE_ARGS, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_MEM_ALLOC_SIZE, cl_ulong) \ + F(cl_device_info, CL_DEVICE_IMAGE2D_MAX_WIDTH, size_type) \ + F(cl_device_info, CL_DEVICE_IMAGE2D_MAX_HEIGHT, size_type) \ + F(cl_device_info, CL_DEVICE_IMAGE3D_MAX_WIDTH, size_type) \ + F(cl_device_info, CL_DEVICE_IMAGE3D_MAX_HEIGHT, size_type) \ + F(cl_device_info, CL_DEVICE_IMAGE3D_MAX_DEPTH, size_type) \ + F(cl_device_info, CL_DEVICE_IMAGE_SUPPORT, cl_bool) \ + F(cl_device_info, CL_DEVICE_MAX_PARAMETER_SIZE, size_type) \ + F(cl_device_info, CL_DEVICE_MAX_SAMPLERS, cl_uint) \ + F(cl_device_info, CL_DEVICE_MEM_BASE_ADDR_ALIGN, cl_uint) \ + F(cl_device_info, CL_DEVICE_MIN_DATA_TYPE_ALIGN_SIZE, cl_uint) \ + F(cl_device_info, CL_DEVICE_SINGLE_FP_CONFIG, cl_device_fp_config) \ + F(cl_device_info, CL_DEVICE_GLOBAL_MEM_CACHE_TYPE, cl_device_mem_cache_type) \ + F(cl_device_info, CL_DEVICE_GLOBAL_MEM_CACHELINE_SIZE, cl_uint)\ + F(cl_device_info, CL_DEVICE_GLOBAL_MEM_CACHE_SIZE, cl_ulong) \ + F(cl_device_info, CL_DEVICE_GLOBAL_MEM_SIZE, cl_ulong) \ + F(cl_device_info, CL_DEVICE_MAX_CONSTANT_BUFFER_SIZE, cl_ulong) \ + F(cl_device_info, CL_DEVICE_MAX_CONSTANT_ARGS, cl_uint) \ + F(cl_device_info, CL_DEVICE_LOCAL_MEM_TYPE, cl_device_local_mem_type) \ + F(cl_device_info, CL_DEVICE_LOCAL_MEM_SIZE, cl_ulong) \ + F(cl_device_info, CL_DEVICE_ERROR_CORRECTION_SUPPORT, cl_bool) \ + F(cl_device_info, CL_DEVICE_PROFILING_TIMER_RESOLUTION, size_type) \ + F(cl_device_info, CL_DEVICE_ENDIAN_LITTLE, cl_bool) \ + F(cl_device_info, CL_DEVICE_AVAILABLE, cl_bool) \ + F(cl_device_info, CL_DEVICE_COMPILER_AVAILABLE, cl_bool) \ + F(cl_device_info, CL_DEVICE_EXECUTION_CAPABILITIES, cl_device_exec_capabilities) \ + F(cl_device_info, CL_DEVICE_PLATFORM, cl_platform_id) \ + F(cl_device_info, CL_DEVICE_NAME, string) \ + F(cl_device_info, CL_DEVICE_VENDOR, string) \ + F(cl_device_info, CL_DRIVER_VERSION, string) \ + F(cl_device_info, CL_DEVICE_PROFILE, string) \ + F(cl_device_info, CL_DEVICE_VERSION, string) \ + F(cl_device_info, CL_DEVICE_EXTENSIONS, string) \ + \ + F(cl_context_info, CL_CONTEXT_REFERENCE_COUNT, cl_uint) \ + F(cl_context_info, CL_CONTEXT_DEVICES, cl::vector) \ + F(cl_context_info, CL_CONTEXT_PROPERTIES, cl::vector) \ + \ + F(cl_event_info, CL_EVENT_COMMAND_QUEUE, cl::CommandQueue) \ + F(cl_event_info, CL_EVENT_COMMAND_TYPE, cl_command_type) \ + F(cl_event_info, CL_EVENT_REFERENCE_COUNT, cl_uint) \ + F(cl_event_info, CL_EVENT_COMMAND_EXECUTION_STATUS, cl_int) \ + \ + F(cl_profiling_info, CL_PROFILING_COMMAND_QUEUED, cl_ulong) \ + F(cl_profiling_info, CL_PROFILING_COMMAND_SUBMIT, cl_ulong) \ + F(cl_profiling_info, CL_PROFILING_COMMAND_START, cl_ulong) \ + F(cl_profiling_info, CL_PROFILING_COMMAND_END, cl_ulong) \ + \ + F(cl_mem_info, CL_MEM_TYPE, cl_mem_object_type) \ + F(cl_mem_info, CL_MEM_FLAGS, cl_mem_flags) \ + F(cl_mem_info, CL_MEM_SIZE, size_type) \ + F(cl_mem_info, CL_MEM_HOST_PTR, void*) \ + F(cl_mem_info, CL_MEM_MAP_COUNT, cl_uint) \ + F(cl_mem_info, CL_MEM_REFERENCE_COUNT, cl_uint) \ + F(cl_mem_info, CL_MEM_CONTEXT, cl::Context) \ + \ + F(cl_image_info, CL_IMAGE_FORMAT, cl_image_format) \ + F(cl_image_info, CL_IMAGE_ELEMENT_SIZE, size_type) \ + F(cl_image_info, CL_IMAGE_ROW_PITCH, size_type) \ + F(cl_image_info, CL_IMAGE_SLICE_PITCH, size_type) \ + F(cl_image_info, CL_IMAGE_WIDTH, size_type) \ + F(cl_image_info, CL_IMAGE_HEIGHT, size_type) \ + F(cl_image_info, CL_IMAGE_DEPTH, size_type) \ + \ + F(cl_sampler_info, CL_SAMPLER_REFERENCE_COUNT, cl_uint) \ + F(cl_sampler_info, CL_SAMPLER_CONTEXT, cl::Context) \ + F(cl_sampler_info, CL_SAMPLER_NORMALIZED_COORDS, cl_bool) \ + F(cl_sampler_info, CL_SAMPLER_ADDRESSING_MODE, cl_addressing_mode) \ + F(cl_sampler_info, CL_SAMPLER_FILTER_MODE, cl_filter_mode) \ + \ + F(cl_program_info, CL_PROGRAM_REFERENCE_COUNT, cl_uint) \ + F(cl_program_info, CL_PROGRAM_CONTEXT, cl::Context) \ + F(cl_program_info, CL_PROGRAM_NUM_DEVICES, cl_uint) \ + F(cl_program_info, CL_PROGRAM_DEVICES, cl::vector) \ + F(cl_program_info, CL_PROGRAM_SOURCE, string) \ + F(cl_program_info, CL_PROGRAM_BINARY_SIZES, cl::vector) \ + F(cl_program_info, CL_PROGRAM_BINARIES, cl::vector>) \ + \ + F(cl_program_build_info, CL_PROGRAM_BUILD_STATUS, cl_build_status) \ + F(cl_program_build_info, CL_PROGRAM_BUILD_OPTIONS, string) \ + F(cl_program_build_info, CL_PROGRAM_BUILD_LOG, string) \ + \ + F(cl_kernel_info, CL_KERNEL_FUNCTION_NAME, string) \ + F(cl_kernel_info, CL_KERNEL_NUM_ARGS, cl_uint) \ + F(cl_kernel_info, CL_KERNEL_REFERENCE_COUNT, cl_uint) \ + F(cl_kernel_info, CL_KERNEL_CONTEXT, cl::Context) \ + F(cl_kernel_info, CL_KERNEL_PROGRAM, cl::Program) \ + \ + F(cl_kernel_work_group_info, CL_KERNEL_WORK_GROUP_SIZE, size_type) \ + F(cl_kernel_work_group_info, CL_KERNEL_COMPILE_WORK_GROUP_SIZE, cl::detail::size_t_array) \ + F(cl_kernel_work_group_info, CL_KERNEL_LOCAL_MEM_SIZE, cl_ulong) \ + \ + F(cl_command_queue_info, CL_QUEUE_CONTEXT, cl::Context) \ + F(cl_command_queue_info, CL_QUEUE_DEVICE, cl::Device) \ + F(cl_command_queue_info, CL_QUEUE_REFERENCE_COUNT, cl_uint) \ + F(cl_command_queue_info, CL_QUEUE_PROPERTIES, cl_command_queue_properties) + + +#define CL_HPP_PARAM_NAME_INFO_1_1_(F) \ + F(cl_context_info, CL_CONTEXT_NUM_DEVICES, cl_uint)\ + F(cl_device_info, CL_DEVICE_PREFERRED_VECTOR_WIDTH_HALF, cl_uint) \ + F(cl_device_info, CL_DEVICE_NATIVE_VECTOR_WIDTH_CHAR, cl_uint) \ + F(cl_device_info, CL_DEVICE_NATIVE_VECTOR_WIDTH_SHORT, cl_uint) \ + F(cl_device_info, CL_DEVICE_NATIVE_VECTOR_WIDTH_INT, cl_uint) \ + F(cl_device_info, CL_DEVICE_NATIVE_VECTOR_WIDTH_LONG, cl_uint) \ + F(cl_device_info, CL_DEVICE_NATIVE_VECTOR_WIDTH_FLOAT, cl_uint) \ + F(cl_device_info, CL_DEVICE_NATIVE_VECTOR_WIDTH_DOUBLE, cl_uint) \ + F(cl_device_info, CL_DEVICE_NATIVE_VECTOR_WIDTH_HALF, cl_uint) \ + F(cl_device_info, CL_DEVICE_DOUBLE_FP_CONFIG, cl_device_fp_config) \ + F(cl_device_info, CL_DEVICE_HALF_FP_CONFIG, cl_device_fp_config) \ + F(cl_device_info, CL_DEVICE_OPENCL_C_VERSION, string) \ + \ + F(cl_mem_info, CL_MEM_ASSOCIATED_MEMOBJECT, cl::Memory) \ + F(cl_mem_info, CL_MEM_OFFSET, size_type) \ + \ + F(cl_kernel_work_group_info, CL_KERNEL_PREFERRED_WORK_GROUP_SIZE_MULTIPLE, size_type) \ + F(cl_kernel_work_group_info, CL_KERNEL_PRIVATE_MEM_SIZE, cl_ulong) \ + \ + F(cl_event_info, CL_EVENT_CONTEXT, cl::Context) + +#define CL_HPP_PARAM_NAME_INFO_1_2_(F) \ + F(cl_program_info, CL_PROGRAM_NUM_KERNELS, size_type) \ + F(cl_program_info, CL_PROGRAM_KERNEL_NAMES, string) \ + \ + F(cl_program_build_info, CL_PROGRAM_BINARY_TYPE, cl_program_binary_type) \ + \ + F(cl_kernel_info, CL_KERNEL_ATTRIBUTES, string) \ + \ + F(cl_kernel_arg_info, CL_KERNEL_ARG_ADDRESS_QUALIFIER, cl_kernel_arg_address_qualifier) \ + F(cl_kernel_arg_info, CL_KERNEL_ARG_ACCESS_QUALIFIER, cl_kernel_arg_access_qualifier) \ + F(cl_kernel_arg_info, CL_KERNEL_ARG_TYPE_NAME, string) \ + F(cl_kernel_arg_info, CL_KERNEL_ARG_NAME, string) \ + F(cl_kernel_arg_info, CL_KERNEL_ARG_TYPE_QUALIFIER, cl_kernel_arg_type_qualifier) \ + \ + F(cl_device_info, CL_DEVICE_PARENT_DEVICE, cl::Device) \ + F(cl_device_info, CL_DEVICE_PARTITION_PROPERTIES, cl::vector) \ + F(cl_device_info, CL_DEVICE_PARTITION_TYPE, cl::vector) \ + F(cl_device_info, CL_DEVICE_REFERENCE_COUNT, cl_uint) \ + F(cl_device_info, CL_DEVICE_PREFERRED_INTEROP_USER_SYNC, size_type) \ + F(cl_device_info, CL_DEVICE_PARTITION_AFFINITY_DOMAIN, cl_device_affinity_domain) \ + F(cl_device_info, CL_DEVICE_BUILT_IN_KERNELS, string) \ + \ + F(cl_image_info, CL_IMAGE_ARRAY_SIZE, size_type) \ + F(cl_image_info, CL_IMAGE_NUM_MIP_LEVELS, cl_uint) \ + F(cl_image_info, CL_IMAGE_NUM_SAMPLES, cl_uint) + +#define CL_HPP_PARAM_NAME_INFO_2_0_(F) \ + F(cl_device_info, CL_DEVICE_QUEUE_ON_HOST_PROPERTIES, cl_command_queue_properties) \ + F(cl_device_info, CL_DEVICE_QUEUE_ON_DEVICE_PROPERTIES, cl_command_queue_properties) \ + F(cl_device_info, CL_DEVICE_QUEUE_ON_DEVICE_PREFERRED_SIZE, cl_uint) \ + F(cl_device_info, CL_DEVICE_QUEUE_ON_DEVICE_MAX_SIZE, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_ON_DEVICE_QUEUES, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_ON_DEVICE_EVENTS, cl_uint) \ + F(cl_device_info, CL_DEVICE_MAX_PIPE_ARGS, cl_uint) \ + F(cl_device_info, CL_DEVICE_PIPE_MAX_ACTIVE_RESERVATIONS, cl_uint) \ + F(cl_device_info, CL_DEVICE_PIPE_MAX_PACKET_SIZE, cl_uint) \ + F(cl_device_info, CL_DEVICE_SVM_CAPABILITIES, cl_device_svm_capabilities) \ + F(cl_device_info, CL_DEVICE_PREFERRED_PLATFORM_ATOMIC_ALIGNMENT, cl_uint) \ + F(cl_device_info, CL_DEVICE_PREFERRED_GLOBAL_ATOMIC_ALIGNMENT, cl_uint) \ + F(cl_device_info, CL_DEVICE_PREFERRED_LOCAL_ATOMIC_ALIGNMENT, cl_uint) \ + F(cl_command_queue_info, CL_QUEUE_SIZE, cl_uint) \ + F(cl_mem_info, CL_MEM_USES_SVM_POINTER, cl_bool) \ + F(cl_program_build_info, CL_PROGRAM_BUILD_GLOBAL_VARIABLE_TOTAL_SIZE, size_type) \ + F(cl_pipe_info, CL_PIPE_PACKET_SIZE, cl_uint) \ + F(cl_pipe_info, CL_PIPE_MAX_PACKETS, cl_uint) + +#define CL_HPP_PARAM_NAME_DEVICE_FISSION_(F) \ + F(cl_device_info, CL_DEVICE_PARENT_DEVICE_EXT, cl_device_id) \ + F(cl_device_info, CL_DEVICE_PARTITION_TYPES_EXT, cl::vector) \ + F(cl_device_info, CL_DEVICE_AFFINITY_DOMAINS_EXT, cl::vector) \ + F(cl_device_info, CL_DEVICE_REFERENCE_COUNT_EXT , cl_uint) \ + F(cl_device_info, CL_DEVICE_PARTITION_STYLE_EXT, cl::vector) + +template +struct param_traits {}; + +#define CL_HPP_DECLARE_PARAM_TRAITS_(token, param_name, T) \ +struct token; \ +template<> \ +struct param_traits \ +{ \ + enum { value = param_name }; \ + typedef T param_type; \ +}; + +CL_HPP_PARAM_NAME_INFO_1_0_(CL_HPP_DECLARE_PARAM_TRAITS_) +#if CL_HPP_TARGET_OPENCL_VERSION >= 110 +CL_HPP_PARAM_NAME_INFO_1_1_(CL_HPP_DECLARE_PARAM_TRAITS_) +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 110 +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 +CL_HPP_PARAM_NAME_INFO_1_2_(CL_HPP_DECLARE_PARAM_TRAITS_) +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 110 +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 +CL_HPP_PARAM_NAME_INFO_2_0_(CL_HPP_DECLARE_PARAM_TRAITS_) +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 110 + + +// Flags deprecated in OpenCL 2.0 +#define CL_HPP_PARAM_NAME_INFO_1_0_DEPRECATED_IN_2_0_(F) \ + F(cl_device_info, CL_DEVICE_QUEUE_PROPERTIES, cl_command_queue_properties) + +#define CL_HPP_PARAM_NAME_INFO_1_1_DEPRECATED_IN_2_0_(F) \ + F(cl_device_info, CL_DEVICE_HOST_UNIFIED_MEMORY, cl_bool) + +#define CL_HPP_PARAM_NAME_INFO_1_2_DEPRECATED_IN_2_0_(F) \ + F(cl_image_info, CL_IMAGE_BUFFER, cl::Buffer) + +// Include deprecated query flags based on versions +// Only include deprecated 1.0 flags if 2.0 not active as there is an enum clash +#if CL_HPP_TARGET_OPENCL_VERSION > 100 && CL_HPP_MINIMUM_OPENCL_VERSION < 200 && CL_HPP_TARGET_OPENCL_VERSION < 200 +CL_HPP_PARAM_NAME_INFO_1_0_DEPRECATED_IN_2_0_(CL_HPP_DECLARE_PARAM_TRAITS_) +#endif // CL_HPP_MINIMUM_OPENCL_VERSION < 110 +#if CL_HPP_TARGET_OPENCL_VERSION > 110 && CL_HPP_MINIMUM_OPENCL_VERSION < 200 +CL_HPP_PARAM_NAME_INFO_1_1_DEPRECATED_IN_2_0_(CL_HPP_DECLARE_PARAM_TRAITS_) +#endif // CL_HPP_MINIMUM_OPENCL_VERSION < 120 +#if CL_HPP_TARGET_OPENCL_VERSION > 120 && CL_HPP_MINIMUM_OPENCL_VERSION < 200 +CL_HPP_PARAM_NAME_INFO_1_2_DEPRECATED_IN_2_0_(CL_HPP_DECLARE_PARAM_TRAITS_) +#endif // CL_HPP_MINIMUM_OPENCL_VERSION < 200 + +#if defined(CL_HPP_USE_CL_DEVICE_FISSION) +CL_HPP_PARAM_NAME_DEVICE_FISSION_(CL_HPP_DECLARE_PARAM_TRAITS_); +#endif // CL_HPP_USE_CL_DEVICE_FISSION + +#ifdef CL_PLATFORM_ICD_SUFFIX_KHR +CL_HPP_DECLARE_PARAM_TRAITS_(cl_platform_info, CL_PLATFORM_ICD_SUFFIX_KHR, string) +#endif + +#ifdef CL_DEVICE_PROFILING_TIMER_OFFSET_AMD +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_PROFILING_TIMER_OFFSET_AMD, cl_ulong) +#endif + +#ifdef CL_DEVICE_GLOBAL_FREE_MEMORY_AMD +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_GLOBAL_FREE_MEMORY_AMD, vector) +#endif +#ifdef CL_DEVICE_SIMD_PER_COMPUTE_UNIT_AMD +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_SIMD_PER_COMPUTE_UNIT_AMD, cl_uint) +#endif +#ifdef CL_DEVICE_SIMD_WIDTH_AMD +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_SIMD_WIDTH_AMD, cl_uint) +#endif +#ifdef CL_DEVICE_SIMD_INSTRUCTION_WIDTH_AMD +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_SIMD_INSTRUCTION_WIDTH_AMD, cl_uint) +#endif +#ifdef CL_DEVICE_WAVEFRONT_WIDTH_AMD +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_WAVEFRONT_WIDTH_AMD, cl_uint) +#endif +#ifdef CL_DEVICE_GLOBAL_MEM_CHANNELS_AMD +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_GLOBAL_MEM_CHANNELS_AMD, cl_uint) +#endif +#ifdef CL_DEVICE_GLOBAL_MEM_CHANNEL_BANKS_AMD +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_GLOBAL_MEM_CHANNEL_BANKS_AMD, cl_uint) +#endif +#ifdef CL_DEVICE_GLOBAL_MEM_CHANNEL_BANK_WIDTH_AMD +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_GLOBAL_MEM_CHANNEL_BANK_WIDTH_AMD, cl_uint) +#endif +#ifdef CL_DEVICE_LOCAL_MEM_SIZE_PER_COMPUTE_UNIT_AMD +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_LOCAL_MEM_SIZE_PER_COMPUTE_UNIT_AMD, cl_uint) +#endif +#ifdef CL_DEVICE_LOCAL_MEM_BANKS_AMD +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_LOCAL_MEM_BANKS_AMD, cl_uint) +#endif + +#ifdef CL_DEVICE_COMPUTE_CAPABILITY_MAJOR_NV +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_COMPUTE_CAPABILITY_MAJOR_NV, cl_uint) +#endif +#ifdef CL_DEVICE_COMPUTE_CAPABILITY_MINOR_NV +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_COMPUTE_CAPABILITY_MINOR_NV, cl_uint) +#endif +#ifdef CL_DEVICE_REGISTERS_PER_BLOCK_NV +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_REGISTERS_PER_BLOCK_NV, cl_uint) +#endif +#ifdef CL_DEVICE_WARP_SIZE_NV +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_WARP_SIZE_NV, cl_uint) +#endif +#ifdef CL_DEVICE_GPU_OVERLAP_NV +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_GPU_OVERLAP_NV, cl_bool) +#endif +#ifdef CL_DEVICE_KERNEL_EXEC_TIMEOUT_NV +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_KERNEL_EXEC_TIMEOUT_NV, cl_bool) +#endif +#ifdef CL_DEVICE_INTEGRATED_MEMORY_NV +CL_HPP_DECLARE_PARAM_TRAITS_(cl_device_info, CL_DEVICE_INTEGRATED_MEMORY_NV, cl_bool) +#endif + +// Convenience functions + +template +inline cl_int +getInfo(Func f, cl_uint name, T* param) +{ + return getInfoHelper(f, name, param, 0); +} + +template +struct GetInfoFunctor0 +{ + Func f_; const Arg0& arg0_; + cl_int operator ()( + cl_uint param, size_type size, void* value, size_type* size_ret) + { return f_(arg0_, param, size, value, size_ret); } +}; + +template +struct GetInfoFunctor1 +{ + Func f_; const Arg0& arg0_; const Arg1& arg1_; + cl_int operator ()( + cl_uint param, size_type size, void* value, size_type* size_ret) + { return f_(arg0_, arg1_, param, size, value, size_ret); } +}; + +template +inline cl_int +getInfo(Func f, const Arg0& arg0, cl_uint name, T* param) +{ + GetInfoFunctor0 f0 = { f, arg0 }; + return getInfoHelper(f0, name, param, 0); +} + +template +inline cl_int +getInfo(Func f, const Arg0& arg0, const Arg1& arg1, cl_uint name, T* param) +{ + GetInfoFunctor1 f0 = { f, arg0, arg1 }; + return getInfoHelper(f0, name, param, 0); +} + + +template +struct ReferenceHandler +{ }; + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 +/** + * OpenCL 1.2 devices do have retain/release. + */ +template <> +struct ReferenceHandler +{ + /** + * Retain the device. + * \param device A valid device created using createSubDevices + * \return + * CL_SUCCESS if the function executed successfully. + * CL_INVALID_DEVICE if device was not a valid subdevice + * CL_OUT_OF_RESOURCES + * CL_OUT_OF_HOST_MEMORY + */ + static cl_int retain(cl_device_id device) + { return ::clRetainDevice(device); } + /** + * Retain the device. + * \param device A valid device created using createSubDevices + * \return + * CL_SUCCESS if the function executed successfully. + * CL_INVALID_DEVICE if device was not a valid subdevice + * CL_OUT_OF_RESOURCES + * CL_OUT_OF_HOST_MEMORY + */ + static cl_int release(cl_device_id device) + { return ::clReleaseDevice(device); } +}; +#else // CL_HPP_TARGET_OPENCL_VERSION >= 120 +/** + * OpenCL 1.1 devices do not have retain/release. + */ +template <> +struct ReferenceHandler +{ + // cl_device_id does not have retain(). + static cl_int retain(cl_device_id) + { return CL_SUCCESS; } + // cl_device_id does not have release(). + static cl_int release(cl_device_id) + { return CL_SUCCESS; } +}; +#endif // ! (CL_HPP_TARGET_OPENCL_VERSION >= 120) + +template <> +struct ReferenceHandler +{ + // cl_platform_id does not have retain(). + static cl_int retain(cl_platform_id) + { return CL_SUCCESS; } + // cl_platform_id does not have release(). + static cl_int release(cl_platform_id) + { return CL_SUCCESS; } +}; + +template <> +struct ReferenceHandler +{ + static cl_int retain(cl_context context) + { return ::clRetainContext(context); } + static cl_int release(cl_context context) + { return ::clReleaseContext(context); } +}; + +template <> +struct ReferenceHandler +{ + static cl_int retain(cl_command_queue queue) + { return ::clRetainCommandQueue(queue); } + static cl_int release(cl_command_queue queue) + { return ::clReleaseCommandQueue(queue); } +}; + +template <> +struct ReferenceHandler +{ + static cl_int retain(cl_mem memory) + { return ::clRetainMemObject(memory); } + static cl_int release(cl_mem memory) + { return ::clReleaseMemObject(memory); } +}; + +template <> +struct ReferenceHandler +{ + static cl_int retain(cl_sampler sampler) + { return ::clRetainSampler(sampler); } + static cl_int release(cl_sampler sampler) + { return ::clReleaseSampler(sampler); } +}; + +template <> +struct ReferenceHandler +{ + static cl_int retain(cl_program program) + { return ::clRetainProgram(program); } + static cl_int release(cl_program program) + { return ::clReleaseProgram(program); } +}; + +template <> +struct ReferenceHandler +{ + static cl_int retain(cl_kernel kernel) + { return ::clRetainKernel(kernel); } + static cl_int release(cl_kernel kernel) + { return ::clReleaseKernel(kernel); } +}; + +template <> +struct ReferenceHandler +{ + static cl_int retain(cl_event event) + { return ::clRetainEvent(event); } + static cl_int release(cl_event event) + { return ::clReleaseEvent(event); } +}; + + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 && CL_HPP_MINIMUM_OPENCL_VERSION < 120 +// Extracts version number with major in the upper 16 bits, minor in the lower 16 +static cl_uint getVersion(const vector &versionInfo) +{ + int highVersion = 0; + int lowVersion = 0; + int index = 7; + while(versionInfo[index] != '.' ) { + highVersion *= 10; + highVersion += versionInfo[index]-'0'; + ++index; + } + ++index; + while(versionInfo[index] != ' ' && versionInfo[index] != '\0') { + lowVersion *= 10; + lowVersion += versionInfo[index]-'0'; + ++index; + } + return (highVersion << 16) | lowVersion; +} + +static cl_uint getPlatformVersion(cl_platform_id platform) +{ + size_type size = 0; + clGetPlatformInfo(platform, CL_PLATFORM_VERSION, 0, NULL, &size); + + vector versionInfo(size); + clGetPlatformInfo(platform, CL_PLATFORM_VERSION, size, versionInfo.data(), &size); + return getVersion(versionInfo); +} + +static cl_uint getDevicePlatformVersion(cl_device_id device) +{ + cl_platform_id platform; + clGetDeviceInfo(device, CL_DEVICE_PLATFORM, sizeof(platform), &platform, NULL); + return getPlatformVersion(platform); +} + +static cl_uint getContextPlatformVersion(cl_context context) +{ + // The platform cannot be queried directly, so we first have to grab a + // device and obtain its context + size_type size = 0; + clGetContextInfo(context, CL_CONTEXT_DEVICES, 0, NULL, &size); + if (size == 0) + return 0; + vector devices(size/sizeof(cl_device_id)); + clGetContextInfo(context, CL_CONTEXT_DEVICES, size, devices.data(), NULL); + return getDevicePlatformVersion(devices[0]); +} +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 && CL_HPP_MINIMUM_OPENCL_VERSION < 120 + +template +class Wrapper +{ +public: + typedef T cl_type; + +protected: + cl_type object_; + +public: + Wrapper() : object_(NULL) { } + + Wrapper(const cl_type &obj, bool retainObject) : object_(obj) + { + if (retainObject) { + detail::errHandler(retain(), __RETAIN_ERR); + } + } + + ~Wrapper() + { + if (object_ != NULL) { release(); } + } + + Wrapper(const Wrapper& rhs) + { + object_ = rhs.object_; + detail::errHandler(retain(), __RETAIN_ERR); + } + + Wrapper(Wrapper&& rhs) CL_HPP_NOEXCEPT_ + { + object_ = rhs.object_; + rhs.object_ = NULL; + } + + Wrapper& operator = (const Wrapper& rhs) + { + if (this != &rhs) { + detail::errHandler(release(), __RELEASE_ERR); + object_ = rhs.object_; + detail::errHandler(retain(), __RETAIN_ERR); + } + return *this; + } + + Wrapper& operator = (Wrapper&& rhs) + { + if (this != &rhs) { + detail::errHandler(release(), __RELEASE_ERR); + object_ = rhs.object_; + rhs.object_ = NULL; + } + return *this; + } + + Wrapper& operator = (const cl_type &rhs) + { + detail::errHandler(release(), __RELEASE_ERR); + object_ = rhs; + return *this; + } + + const cl_type& operator ()() const { return object_; } + + cl_type& operator ()() { return object_; } + + const cl_type get() const { return object_; } + + cl_type get() { return object_; } + + +protected: + template + friend inline cl_int getInfoHelper(Func, cl_uint, U*, int, typename U::cl_type); + + cl_int retain() const + { + if (object_ != nullptr) { + return ReferenceHandler::retain(object_); + } + else { + return CL_SUCCESS; + } + } + + cl_int release() const + { + if (object_ != nullptr) { + return ReferenceHandler::release(object_); + } + else { + return CL_SUCCESS; + } + } +}; + +template <> +class Wrapper +{ +public: + typedef cl_device_id cl_type; + +protected: + cl_type object_; + bool referenceCountable_; + + static bool isReferenceCountable(cl_device_id device) + { + bool retVal = false; +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 +#if CL_HPP_MINIMUM_OPENCL_VERSION < 120 + if (device != NULL) { + int version = getDevicePlatformVersion(device); + if(version > ((1 << 16) + 1)) { + retVal = true; + } + } +#else // CL_HPP_MINIMUM_OPENCL_VERSION < 120 + retVal = true; +#endif // CL_HPP_MINIMUM_OPENCL_VERSION < 120 +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 + return retVal; + } + +public: + Wrapper() : object_(NULL), referenceCountable_(false) + { + } + + Wrapper(const cl_type &obj, bool retainObject) : + object_(obj), + referenceCountable_(false) + { + referenceCountable_ = isReferenceCountable(obj); + + if (retainObject) { + detail::errHandler(retain(), __RETAIN_ERR); + } + } + + ~Wrapper() + { + release(); + } + + Wrapper(const Wrapper& rhs) + { + object_ = rhs.object_; + referenceCountable_ = isReferenceCountable(object_); + detail::errHandler(retain(), __RETAIN_ERR); + } + + Wrapper(Wrapper&& rhs) CL_HPP_NOEXCEPT_ + { + object_ = rhs.object_; + referenceCountable_ = rhs.referenceCountable_; + rhs.object_ = NULL; + rhs.referenceCountable_ = false; + } + + Wrapper& operator = (const Wrapper& rhs) + { + if (this != &rhs) { + detail::errHandler(release(), __RELEASE_ERR); + object_ = rhs.object_; + referenceCountable_ = rhs.referenceCountable_; + detail::errHandler(retain(), __RETAIN_ERR); + } + return *this; + } + + Wrapper& operator = (Wrapper&& rhs) + { + if (this != &rhs) { + detail::errHandler(release(), __RELEASE_ERR); + object_ = rhs.object_; + referenceCountable_ = rhs.referenceCountable_; + rhs.object_ = NULL; + rhs.referenceCountable_ = false; + } + return *this; + } + + Wrapper& operator = (const cl_type &rhs) + { + detail::errHandler(release(), __RELEASE_ERR); + object_ = rhs; + referenceCountable_ = isReferenceCountable(object_); + return *this; + } + + const cl_type& operator ()() const { return object_; } + + cl_type& operator ()() { return object_; } + + const cl_type get() const { return object_; } + + cl_type get() { return object_; } + +protected: + template + friend inline cl_int getInfoHelper(Func, cl_uint, U*, int, typename U::cl_type); + + template + friend inline cl_int getInfoHelper(Func, cl_uint, vector*, int, typename U::cl_type); + + cl_int retain() const + { + if( object_ != nullptr && referenceCountable_ ) { + return ReferenceHandler::retain(object_); + } + else { + return CL_SUCCESS; + } + } + + cl_int release() const + { + if (object_ != nullptr && referenceCountable_) { + return ReferenceHandler::release(object_); + } + else { + return CL_SUCCESS; + } + } +}; + +template +inline bool operator==(const Wrapper &lhs, const Wrapper &rhs) +{ + return lhs() == rhs(); +} + +template +inline bool operator!=(const Wrapper &lhs, const Wrapper &rhs) +{ + return !operator==(lhs, rhs); +} + +} // namespace detail +//! \endcond + + +using BuildLogType = vector::param_type>>; +#if defined(CL_HPP_ENABLE_EXCEPTIONS) +/** +* Exception class for build errors to carry build info +*/ +class BuildError : public Error +{ +private: + BuildLogType buildLogs; +public: + BuildError(cl_int err, const char * errStr, const BuildLogType &vec) : Error(err, errStr), buildLogs(vec) + { + } + + BuildLogType getBuildLog() const + { + return buildLogs; + } +}; +namespace detail { + static inline cl_int buildErrHandler( + cl_int err, + const char * errStr, + const BuildLogType &buildLogs) + { + if (err != CL_SUCCESS) { + throw BuildError(err, errStr, buildLogs); + } + return err; + } +} // namespace detail + +#else +namespace detail { + static inline cl_int buildErrHandler( + cl_int err, + const char * errStr, + const BuildLogType &buildLogs) + { + (void)buildLogs; // suppress unused variable warning + (void)errStr; + return err; + } +} // namespace detail +#endif // #if defined(CL_HPP_ENABLE_EXCEPTIONS) + + +/*! \stuct ImageFormat + * \brief Adds constructors and member functions for cl_image_format. + * + * \see cl_image_format + */ +struct ImageFormat : public cl_image_format +{ + //! \brief Default constructor - performs no initialization. + ImageFormat(){} + + //! \brief Initializing constructor. + ImageFormat(cl_channel_order order, cl_channel_type type) + { + image_channel_order = order; + image_channel_data_type = type; + } + + //! \brief Assignment operator. + ImageFormat& operator = (const ImageFormat& rhs) + { + if (this != &rhs) { + this->image_channel_data_type = rhs.image_channel_data_type; + this->image_channel_order = rhs.image_channel_order; + } + return *this; + } +}; + +/*! \brief Class interface for cl_device_id. + * + * \note Copies of these objects are inexpensive, since they don't 'own' + * any underlying resources or data structures. + * + * \see cl_device_id + */ +class Device : public detail::Wrapper +{ +private: + static std::once_flag default_initialized_; + static Device default_; + static cl_int default_error_; + + /*! \brief Create the default context. + * + * This sets @c default_ and @c default_error_. It does not throw + * @c cl::Error. + */ + static void makeDefault(); + + /*! \brief Create the default platform from a provided platform. + * + * This sets @c default_. It does not throw + * @c cl::Error. + */ + static void makeDefaultProvided(const Device &p) { + default_ = p; + } + +public: +#ifdef CL_HPP_UNIT_TEST_ENABLE + /*! \brief Reset the default. + * + * This sets @c default_ to an empty value to support cleanup in + * the unit test framework. + * This function is not thread safe. + */ + static void unitTestClearDefault() { + default_ = Device(); + } +#endif // #ifdef CL_HPP_UNIT_TEST_ENABLE + + //! \brief Default constructor - initializes to NULL. + Device() : detail::Wrapper() { } + + /*! \brief Constructor from cl_device_id. + * + * This simply copies the device ID value, which is an inexpensive operation. + */ + explicit Device(const cl_device_id &device, bool retainObject = false) : + detail::Wrapper(device, retainObject) { } + + /*! \brief Returns the first device on the default context. + * + * \see Context::getDefault() + */ + static Device getDefault( + cl_int *errResult = NULL) + { + std::call_once(default_initialized_, makeDefault); + detail::errHandler(default_error_); + if (errResult != NULL) { + *errResult = default_error_; + } + return default_; + } + + /** + * Modify the default device to be used by + * subsequent operations. + * Will only set the default if no default was previously created. + * @return updated default device. + * Should be compared to the passed value to ensure that it was updated. + */ + static Device setDefault(const Device &default_device) + { + std::call_once(default_initialized_, makeDefaultProvided, std::cref(default_device)); + detail::errHandler(default_error_); + return default_; + } + + /*! \brief Assignment operator from cl_device_id. + * + * This simply copies the device ID value, which is an inexpensive operation. + */ + Device& operator = (const cl_device_id& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Device(const Device& dev) : detail::Wrapper(dev) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Device& operator = (const Device &dev) + { + detail::Wrapper::operator=(dev); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Device(Device&& dev) CL_HPP_NOEXCEPT_ : detail::Wrapper(std::move(dev)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Device& operator = (Device &&dev) + { + detail::Wrapper::operator=(std::move(dev)); + return *this; + } + + //! \brief Wrapper for clGetDeviceInfo(). + template + cl_int getInfo(cl_device_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetDeviceInfo, object_, name, param), + __GET_DEVICE_INFO_ERR); + } + + //! \brief Wrapper for clGetDeviceInfo() that returns by value. + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_device_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + /** + * CL 1.2 version + */ +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 + //! \brief Wrapper for clCreateSubDevices(). + cl_int createSubDevices( + const cl_device_partition_property * properties, + vector* devices) + { + cl_uint n = 0; + cl_int err = clCreateSubDevices(object_, properties, 0, NULL, &n); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __CREATE_SUB_DEVICES_ERR); + } + + vector ids(n); + err = clCreateSubDevices(object_, properties, n, ids.data(), NULL); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __CREATE_SUB_DEVICES_ERR); + } + + // Cannot trivially assign because we need to capture intermediates + // with safe construction + if (devices) { + devices->resize(ids.size()); + + // Assign to param, constructing with retain behaviour + // to correctly capture each underlying CL object + for (size_type i = 0; i < ids.size(); i++) { + // We do not need to retain because this device is being created + // by the runtime + (*devices)[i] = Device(ids[i], false); + } + } + + return CL_SUCCESS; + } +#elif defined(CL_HPP_USE_CL_DEVICE_FISSION) + +/** + * CL 1.1 version that uses device fission extension. + */ + cl_int createSubDevices( + const cl_device_partition_property_ext * properties, + vector* devices) + { + typedef CL_API_ENTRY cl_int + ( CL_API_CALL * PFN_clCreateSubDevicesEXT)( + cl_device_id /*in_device*/, + const cl_device_partition_property_ext * /* properties */, + cl_uint /*num_entries*/, + cl_device_id * /*out_devices*/, + cl_uint * /*num_devices*/ ) CL_EXT_SUFFIX__VERSION_1_1; + + static PFN_clCreateSubDevicesEXT pfn_clCreateSubDevicesEXT = NULL; + CL_HPP_INIT_CL_EXT_FCN_PTR_(clCreateSubDevicesEXT); + + cl_uint n = 0; + cl_int err = pfn_clCreateSubDevicesEXT(object_, properties, 0, NULL, &n); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __CREATE_SUB_DEVICES_ERR); + } + + vector ids(n); + err = pfn_clCreateSubDevicesEXT(object_, properties, n, ids.data(), NULL); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __CREATE_SUB_DEVICES_ERR); + } + // Cannot trivially assign because we need to capture intermediates + // with safe construction + if (devices) { + devices->resize(ids.size()); + + // Assign to param, constructing with retain behaviour + // to correctly capture each underlying CL object + for (size_type i = 0; i < ids.size(); i++) { + // We do not need to retain because this device is being created + // by the runtime + (*devices)[i] = Device(ids[i], false); + } + } + return CL_SUCCESS; + } +#endif // defined(CL_HPP_USE_CL_DEVICE_FISSION) +}; + +CL_HPP_DEFINE_STATIC_MEMBER_ std::once_flag Device::default_initialized_; +CL_HPP_DEFINE_STATIC_MEMBER_ Device Device::default_; +CL_HPP_DEFINE_STATIC_MEMBER_ cl_int Device::default_error_ = CL_SUCCESS; + +/*! \brief Class interface for cl_platform_id. + * + * \note Copies of these objects are inexpensive, since they don't 'own' + * any underlying resources or data structures. + * + * \see cl_platform_id + */ +class Platform : public detail::Wrapper +{ +private: + static std::once_flag default_initialized_; + static Platform default_; + static cl_int default_error_; + + /*! \brief Create the default context. + * + * This sets @c default_ and @c default_error_. It does not throw + * @c cl::Error. + */ + static void makeDefault() { + /* Throwing an exception from a call_once invocation does not do + * what we wish, so we catch it and save the error. + */ +#if defined(CL_HPP_ENABLE_EXCEPTIONS) + try +#endif + { + // If default wasn't passed ,generate one + // Otherwise set it + cl_uint n = 0; + + cl_int err = ::clGetPlatformIDs(0, NULL, &n); + if (err != CL_SUCCESS) { + default_error_ = err; + return; + } + if (n == 0) { + default_error_ = CL_INVALID_PLATFORM; + return; + } + + vector ids(n); + err = ::clGetPlatformIDs(n, ids.data(), NULL); + if (err != CL_SUCCESS) { + default_error_ = err; + return; + } + + default_ = Platform(ids[0]); + } +#if defined(CL_HPP_ENABLE_EXCEPTIONS) + catch (cl::Error &e) { + default_error_ = e.err(); + } +#endif + } + + /*! \brief Create the default platform from a provided platform. + * + * This sets @c default_. It does not throw + * @c cl::Error. + */ + static void makeDefaultProvided(const Platform &p) { + default_ = p; + } + +public: +#ifdef CL_HPP_UNIT_TEST_ENABLE + /*! \brief Reset the default. + * + * This sets @c default_ to an empty value to support cleanup in + * the unit test framework. + * This function is not thread safe. + */ + static void unitTestClearDefault() { + default_ = Platform(); + } +#endif // #ifdef CL_HPP_UNIT_TEST_ENABLE + + //! \brief Default constructor - initializes to NULL. + Platform() : detail::Wrapper() { } + + /*! \brief Constructor from cl_platform_id. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * This simply copies the platform ID value, which is an inexpensive operation. + */ + explicit Platform(const cl_platform_id &platform, bool retainObject = false) : + detail::Wrapper(platform, retainObject) { } + + /*! \brief Assignment operator from cl_platform_id. + * + * This simply copies the platform ID value, which is an inexpensive operation. + */ + Platform& operator = (const cl_platform_id& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + static Platform getDefault( + cl_int *errResult = NULL) + { + std::call_once(default_initialized_, makeDefault); + detail::errHandler(default_error_); + if (errResult != NULL) { + *errResult = default_error_; + } + return default_; + } + + /** + * Modify the default platform to be used by + * subsequent operations. + * Will only set the default if no default was previously created. + * @return updated default platform. + * Should be compared to the passed value to ensure that it was updated. + */ + static Platform setDefault(const Platform &default_platform) + { + std::call_once(default_initialized_, makeDefaultProvided, std::cref(default_platform)); + detail::errHandler(default_error_); + return default_; + } + + //! \brief Wrapper for clGetPlatformInfo(). + cl_int getInfo(cl_platform_info name, string* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetPlatformInfo, object_, name, param), + __GET_PLATFORM_INFO_ERR); + } + + //! \brief Wrapper for clGetPlatformInfo() that returns by value. + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_platform_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + /*! \brief Gets a list of devices for this platform. + * + * Wraps clGetDeviceIDs(). + */ + cl_int getDevices( + cl_device_type type, + vector* devices) const + { + cl_uint n = 0; + if( devices == NULL ) { + return detail::errHandler(CL_INVALID_ARG_VALUE, __GET_DEVICE_IDS_ERR); + } + cl_int err = ::clGetDeviceIDs(object_, type, 0, NULL, &n); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_DEVICE_IDS_ERR); + } + + vector ids(n); + err = ::clGetDeviceIDs(object_, type, n, ids.data(), NULL); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_DEVICE_IDS_ERR); + } + + // Cannot trivially assign because we need to capture intermediates + // with safe construction + // We must retain things we obtain from the API to avoid releasing + // API-owned objects. + if (devices) { + devices->resize(ids.size()); + + // Assign to param, constructing with retain behaviour + // to correctly capture each underlying CL object + for (size_type i = 0; i < ids.size(); i++) { + (*devices)[i] = Device(ids[i], true); + } + } + return CL_SUCCESS; + } + +#if defined(CL_HPP_USE_DX_INTEROP) + /*! \brief Get the list of available D3D10 devices. + * + * \param d3d_device_source. + * + * \param d3d_object. + * + * \param d3d_device_set. + * + * \param devices returns a vector of OpenCL D3D10 devices found. The cl::Device + * values returned in devices can be used to identify a specific OpenCL + * device. If \a devices argument is NULL, this argument is ignored. + * + * \return One of the following values: + * - CL_SUCCESS if the function is executed successfully. + * + * The application can query specific capabilities of the OpenCL device(s) + * returned by cl::getDevices. This can be used by the application to + * determine which device(s) to use. + * + * \note In the case that exceptions are enabled and a return value + * other than CL_SUCCESS is generated, then cl::Error exception is + * generated. + */ + cl_int getDevices( + cl_d3d10_device_source_khr d3d_device_source, + void * d3d_object, + cl_d3d10_device_set_khr d3d_device_set, + vector* devices) const + { + typedef CL_API_ENTRY cl_int (CL_API_CALL *PFN_clGetDeviceIDsFromD3D10KHR)( + cl_platform_id platform, + cl_d3d10_device_source_khr d3d_device_source, + void * d3d_object, + cl_d3d10_device_set_khr d3d_device_set, + cl_uint num_entries, + cl_device_id * devices, + cl_uint* num_devices); + + if( devices == NULL ) { + return detail::errHandler(CL_INVALID_ARG_VALUE, __GET_DEVICE_IDS_ERR); + } + + static PFN_clGetDeviceIDsFromD3D10KHR pfn_clGetDeviceIDsFromD3D10KHR = NULL; + CL_HPP_INIT_CL_EXT_FCN_PTR_PLATFORM_(object_, clGetDeviceIDsFromD3D10KHR); + + cl_uint n = 0; + cl_int err = pfn_clGetDeviceIDsFromD3D10KHR( + object_, + d3d_device_source, + d3d_object, + d3d_device_set, + 0, + NULL, + &n); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_DEVICE_IDS_ERR); + } + + vector ids(n); + err = pfn_clGetDeviceIDsFromD3D10KHR( + object_, + d3d_device_source, + d3d_object, + d3d_device_set, + n, + ids.data(), + NULL); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_DEVICE_IDS_ERR); + } + + // Cannot trivially assign because we need to capture intermediates + // with safe construction + // We must retain things we obtain from the API to avoid releasing + // API-owned objects. + if (devices) { + devices->resize(ids.size()); + + // Assign to param, constructing with retain behaviour + // to correctly capture each underlying CL object + for (size_type i = 0; i < ids.size(); i++) { + (*devices)[i] = Device(ids[i], true); + } + } + return CL_SUCCESS; + } +#endif + + /*! \brief Gets a list of available platforms. + * + * Wraps clGetPlatformIDs(). + */ + static cl_int get( + vector* platforms) + { + cl_uint n = 0; + + if( platforms == NULL ) { + return detail::errHandler(CL_INVALID_ARG_VALUE, __GET_PLATFORM_IDS_ERR); + } + + cl_int err = ::clGetPlatformIDs(0, NULL, &n); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_PLATFORM_IDS_ERR); + } + + vector ids(n); + err = ::clGetPlatformIDs(n, ids.data(), NULL); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_PLATFORM_IDS_ERR); + } + + if (platforms) { + platforms->resize(ids.size()); + + // Platforms don't reference count + for (size_type i = 0; i < ids.size(); i++) { + (*platforms)[i] = Platform(ids[i]); + } + } + return CL_SUCCESS; + } + + /*! \brief Gets the first available platform. + * + * Wraps clGetPlatformIDs(), returning the first result. + */ + static cl_int get( + Platform * platform) + { + cl_int err; + Platform default_platform = Platform::getDefault(&err); + if (platform) { + *platform = default_platform; + } + return err; + } + + /*! \brief Gets the first available platform, returning it by value. + * + * \return Returns a valid platform if one is available. + * If no platform is available will return a null platform. + * Throws an exception if no platforms are available + * or an error condition occurs. + * Wraps clGetPlatformIDs(), returning the first result. + */ + static Platform get( + cl_int * errResult = NULL) + { + cl_int err; + Platform default_platform = Platform::getDefault(&err); + if (errResult) { + *errResult = err; + } + return default_platform; + } + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 + //! \brief Wrapper for clUnloadCompiler(). + cl_int + unloadCompiler() + { + return ::clUnloadPlatformCompiler(object_); + } +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 +}; // class Platform + +CL_HPP_DEFINE_STATIC_MEMBER_ std::once_flag Platform::default_initialized_; +CL_HPP_DEFINE_STATIC_MEMBER_ Platform Platform::default_; +CL_HPP_DEFINE_STATIC_MEMBER_ cl_int Platform::default_error_ = CL_SUCCESS; + + +/** + * Deprecated APIs for 1.2 + */ +#if defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) +/** + * Unload the OpenCL compiler. + * \note Deprecated for OpenCL 1.2. Use Platform::unloadCompiler instead. + */ +inline CL_EXT_PREFIX__VERSION_1_1_DEPRECATED cl_int +UnloadCompiler() CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED; +inline cl_int +UnloadCompiler() +{ + return ::clUnloadCompiler(); +} +#endif // #if defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) + +/*! \brief Class interface for cl_context. + * + * \note Copies of these objects are shallow, meaning that the copy will refer + * to the same underlying cl_context as the original. For details, see + * clRetainContext() and clReleaseContext(). + * + * \see cl_context + */ +class Context + : public detail::Wrapper +{ +private: + static std::once_flag default_initialized_; + static Context default_; + static cl_int default_error_; + + /*! \brief Create the default context from the default device type in the default platform. + * + * This sets @c default_ and @c default_error_. It does not throw + * @c cl::Error. + */ + static void makeDefault() { + /* Throwing an exception from a call_once invocation does not do + * what we wish, so we catch it and save the error. + */ +#if defined(CL_HPP_ENABLE_EXCEPTIONS) + try +#endif + { +#if !defined(__APPLE__) && !defined(__MACOS) + const Platform &p = Platform::getDefault(); + cl_platform_id defaultPlatform = p(); + cl_context_properties properties[3] = { + CL_CONTEXT_PLATFORM, (cl_context_properties)defaultPlatform, 0 + }; +#else // #if !defined(__APPLE__) && !defined(__MACOS) + cl_context_properties *properties = nullptr; +#endif // #if !defined(__APPLE__) && !defined(__MACOS) + + default_ = Context( + CL_DEVICE_TYPE_DEFAULT, + properties, + NULL, + NULL, + &default_error_); + } +#if defined(CL_HPP_ENABLE_EXCEPTIONS) + catch (cl::Error &e) { + default_error_ = e.err(); + } +#endif + } + + + /*! \brief Create the default context from a provided Context. + * + * This sets @c default_. It does not throw + * @c cl::Error. + */ + static void makeDefaultProvided(const Context &c) { + default_ = c; + } + +public: +#ifdef CL_HPP_UNIT_TEST_ENABLE + /*! \brief Reset the default. + * + * This sets @c default_ to an empty value to support cleanup in + * the unit test framework. + * This function is not thread safe. + */ + static void unitTestClearDefault() { + default_ = Context(); + } +#endif // #ifdef CL_HPP_UNIT_TEST_ENABLE + + /*! \brief Constructs a context including a list of specified devices. + * + * Wraps clCreateContext(). + */ + Context( + const vector& devices, + cl_context_properties* properties = NULL, + void (CL_CALLBACK * notifyFptr)( + const char *, + const void *, + size_type, + void *) = NULL, + void* data = NULL, + cl_int* err = NULL) + { + cl_int error; + + size_type numDevices = devices.size(); + vector deviceIDs(numDevices); + + for( size_type deviceIndex = 0; deviceIndex < numDevices; ++deviceIndex ) { + deviceIDs[deviceIndex] = (devices[deviceIndex])(); + } + + object_ = ::clCreateContext( + properties, (cl_uint) numDevices, + deviceIDs.data(), + notifyFptr, data, &error); + + detail::errHandler(error, __CREATE_CONTEXT_ERR); + if (err != NULL) { + *err = error; + } + } + + Context( + const Device& device, + cl_context_properties* properties = NULL, + void (CL_CALLBACK * notifyFptr)( + const char *, + const void *, + size_type, + void *) = NULL, + void* data = NULL, + cl_int* err = NULL) + { + cl_int error; + + cl_device_id deviceID = device(); + + object_ = ::clCreateContext( + properties, 1, + &deviceID, + notifyFptr, data, &error); + + detail::errHandler(error, __CREATE_CONTEXT_ERR); + if (err != NULL) { + *err = error; + } + } + + /*! \brief Constructs a context including all or a subset of devices of a specified type. + * + * Wraps clCreateContextFromType(). + */ + Context( + cl_device_type type, + cl_context_properties* properties = NULL, + void (CL_CALLBACK * notifyFptr)( + const char *, + const void *, + size_type, + void *) = NULL, + void* data = NULL, + cl_int* err = NULL) + { + cl_int error; + +#if !defined(__APPLE__) && !defined(__MACOS) + cl_context_properties prop[4] = {CL_CONTEXT_PLATFORM, 0, 0, 0 }; + + if (properties == NULL) { + // Get a valid platform ID as we cannot send in a blank one + vector platforms; + error = Platform::get(&platforms); + if (error != CL_SUCCESS) { + detail::errHandler(error, __CREATE_CONTEXT_FROM_TYPE_ERR); + if (err != NULL) { + *err = error; + } + return; + } + + // Check the platforms we found for a device of our specified type + cl_context_properties platform_id = 0; + for (unsigned int i = 0; i < platforms.size(); i++) { + + vector devices; + +#if defined(CL_HPP_ENABLE_EXCEPTIONS) + try { +#endif + + error = platforms[i].getDevices(type, &devices); + +#if defined(CL_HPP_ENABLE_EXCEPTIONS) + } catch (Error) {} + // Catch if exceptions are enabled as we don't want to exit if first platform has no devices of type + // We do error checking next anyway, and can throw there if needed +#endif + + // Only squash CL_SUCCESS and CL_DEVICE_NOT_FOUND + if (error != CL_SUCCESS && error != CL_DEVICE_NOT_FOUND) { + detail::errHandler(error, __CREATE_CONTEXT_FROM_TYPE_ERR); + if (err != NULL) { + *err = error; + } + } + + if (devices.size() > 0) { + platform_id = (cl_context_properties)platforms[i](); + break; + } + } + + if (platform_id == 0) { + detail::errHandler(CL_DEVICE_NOT_FOUND, __CREATE_CONTEXT_FROM_TYPE_ERR); + if (err != NULL) { + *err = CL_DEVICE_NOT_FOUND; + } + return; + } + + prop[1] = platform_id; + properties = &prop[0]; + } +#endif + object_ = ::clCreateContextFromType( + properties, type, notifyFptr, data, &error); + + detail::errHandler(error, __CREATE_CONTEXT_FROM_TYPE_ERR); + if (err != NULL) { + *err = error; + } + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Context(const Context& ctx) : detail::Wrapper(ctx) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Context& operator = (const Context &ctx) + { + detail::Wrapper::operator=(ctx); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Context(Context&& ctx) CL_HPP_NOEXCEPT_ : detail::Wrapper(std::move(ctx)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Context& operator = (Context &&ctx) + { + detail::Wrapper::operator=(std::move(ctx)); + return *this; + } + + + /*! \brief Returns a singleton context including all devices of CL_DEVICE_TYPE_DEFAULT. + * + * \note All calls to this function return the same cl_context as the first. + */ + static Context getDefault(cl_int * err = NULL) + { + std::call_once(default_initialized_, makeDefault); + detail::errHandler(default_error_); + if (err != NULL) { + *err = default_error_; + } + return default_; + } + + /** + * Modify the default context to be used by + * subsequent operations. + * Will only set the default if no default was previously created. + * @return updated default context. + * Should be compared to the passed value to ensure that it was updated. + */ + static Context setDefault(const Context &default_context) + { + std::call_once(default_initialized_, makeDefaultProvided, std::cref(default_context)); + detail::errHandler(default_error_); + return default_; + } + + //! \brief Default constructor - initializes to NULL. + Context() : detail::Wrapper() { } + + /*! \brief Constructor from cl_context - takes ownership. + * + * This effectively transfers ownership of a refcount on the cl_context + * into the new Context object. + */ + explicit Context(const cl_context& context, bool retainObject = false) : + detail::Wrapper(context, retainObject) { } + + /*! \brief Assignment operator from cl_context - takes ownership. + * + * This effectively transfers ownership of a refcount on the rhs and calls + * clReleaseContext() on the value previously held by this instance. + */ + Context& operator = (const cl_context& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + //! \brief Wrapper for clGetContextInfo(). + template + cl_int getInfo(cl_context_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetContextInfo, object_, name, param), + __GET_CONTEXT_INFO_ERR); + } + + //! \brief Wrapper for clGetContextInfo() that returns by value. + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_context_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + /*! \brief Gets a list of supported image formats. + * + * Wraps clGetSupportedImageFormats(). + */ + cl_int getSupportedImageFormats( + cl_mem_flags flags, + cl_mem_object_type type, + vector* formats) const + { + cl_uint numEntries; + + if (!formats) { + return CL_SUCCESS; + } + + cl_int err = ::clGetSupportedImageFormats( + object_, + flags, + type, + 0, + NULL, + &numEntries); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_SUPPORTED_IMAGE_FORMATS_ERR); + } + + if (numEntries > 0) { + vector value(numEntries); + err = ::clGetSupportedImageFormats( + object_, + flags, + type, + numEntries, + (cl_image_format*)value.data(), + NULL); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __GET_SUPPORTED_IMAGE_FORMATS_ERR); + } + + formats->assign(begin(value), end(value)); + } + else { + // If no values are being returned, ensure an empty vector comes back + formats->clear(); + } + + return CL_SUCCESS; + } +}; + +inline void Device::makeDefault() +{ + /* Throwing an exception from a call_once invocation does not do + * what we wish, so we catch it and save the error. + */ +#if defined(CL_HPP_ENABLE_EXCEPTIONS) + try +#endif + { + cl_int error = 0; + + Context context = Context::getDefault(&error); + detail::errHandler(error, __CREATE_CONTEXT_ERR); + + if (error != CL_SUCCESS) { + default_error_ = error; + } + else { + default_ = context.getInfo()[0]; + default_error_ = CL_SUCCESS; + } + } +#if defined(CL_HPP_ENABLE_EXCEPTIONS) + catch (cl::Error &e) { + default_error_ = e.err(); + } +#endif +} + +CL_HPP_DEFINE_STATIC_MEMBER_ std::once_flag Context::default_initialized_; +CL_HPP_DEFINE_STATIC_MEMBER_ Context Context::default_; +CL_HPP_DEFINE_STATIC_MEMBER_ cl_int Context::default_error_ = CL_SUCCESS; + +/*! \brief Class interface for cl_event. + * + * \note Copies of these objects are shallow, meaning that the copy will refer + * to the same underlying cl_event as the original. For details, see + * clRetainEvent() and clReleaseEvent(). + * + * \see cl_event + */ +class Event : public detail::Wrapper +{ +public: + //! \brief Default constructor - initializes to NULL. + Event() : detail::Wrapper() { } + + /*! \brief Constructor from cl_event - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * This effectively transfers ownership of a refcount on the cl_event + * into the new Event object. + */ + explicit Event(const cl_event& event, bool retainObject = false) : + detail::Wrapper(event, retainObject) { } + + /*! \brief Assignment operator from cl_event - takes ownership. + * + * This effectively transfers ownership of a refcount on the rhs and calls + * clReleaseEvent() on the value previously held by this instance. + */ + Event& operator = (const cl_event& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + //! \brief Wrapper for clGetEventInfo(). + template + cl_int getInfo(cl_event_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetEventInfo, object_, name, param), + __GET_EVENT_INFO_ERR); + } + + //! \brief Wrapper for clGetEventInfo() that returns by value. + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_event_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + //! \brief Wrapper for clGetEventProfilingInfo(). + template + cl_int getProfilingInfo(cl_profiling_info name, T* param) const + { + return detail::errHandler(detail::getInfo( + &::clGetEventProfilingInfo, object_, name, param), + __GET_EVENT_PROFILE_INFO_ERR); + } + + //! \brief Wrapper for clGetEventProfilingInfo() that returns by value. + template typename + detail::param_traits::param_type + getProfilingInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_profiling_info, name>::param_type param; + cl_int result = getProfilingInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + /*! \brief Blocks the calling thread until this event completes. + * + * Wraps clWaitForEvents(). + */ + cl_int wait() const + { + return detail::errHandler( + ::clWaitForEvents(1, &object_), + __WAIT_FOR_EVENTS_ERR); + } + +#if CL_HPP_TARGET_OPENCL_VERSION >= 110 + /*! \brief Registers a user callback function for a specific command execution status. + * + * Wraps clSetEventCallback(). + */ + cl_int setCallback( + cl_int type, + void (CL_CALLBACK * pfn_notify)(cl_event, cl_int, void *), + void * user_data = NULL) + { + return detail::errHandler( + ::clSetEventCallback( + object_, + type, + pfn_notify, + user_data), + __SET_EVENT_CALLBACK_ERR); + } +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 110 + + /*! \brief Blocks the calling thread until every event specified is complete. + * + * Wraps clWaitForEvents(). + */ + static cl_int + waitForEvents(const vector& events) + { + return detail::errHandler( + ::clWaitForEvents( + (cl_uint) events.size(), (events.size() > 0) ? (cl_event*)&events.front() : NULL), + __WAIT_FOR_EVENTS_ERR); + } +}; + +#if CL_HPP_TARGET_OPENCL_VERSION >= 110 +/*! \brief Class interface for user events (a subset of cl_event's). + * + * See Event for details about copy semantics, etc. + */ +class UserEvent : public Event +{ +public: + /*! \brief Constructs a user event on a given context. + * + * Wraps clCreateUserEvent(). + */ + UserEvent( + const Context& context, + cl_int * err = NULL) + { + cl_int error; + object_ = ::clCreateUserEvent( + context(), + &error); + + detail::errHandler(error, __CREATE_USER_EVENT_ERR); + if (err != NULL) { + *err = error; + } + } + + //! \brief Default constructor - initializes to NULL. + UserEvent() : Event() { } + + /*! \brief Sets the execution status of a user event object. + * + * Wraps clSetUserEventStatus(). + */ + cl_int setStatus(cl_int status) + { + return detail::errHandler( + ::clSetUserEventStatus(object_,status), + __SET_USER_EVENT_STATUS_ERR); + } +}; +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 110 + +/*! \brief Blocks the calling thread until every event specified is complete. + * + * Wraps clWaitForEvents(). + */ +inline static cl_int +WaitForEvents(const vector& events) +{ + return detail::errHandler( + ::clWaitForEvents( + (cl_uint) events.size(), (events.size() > 0) ? (cl_event*)&events.front() : NULL), + __WAIT_FOR_EVENTS_ERR); +} + +/*! \brief Class interface for cl_mem. + * + * \note Copies of these objects are shallow, meaning that the copy will refer + * to the same underlying cl_mem as the original. For details, see + * clRetainMemObject() and clReleaseMemObject(). + * + * \see cl_mem + */ +class Memory : public detail::Wrapper +{ +public: + //! \brief Default constructor - initializes to NULL. + Memory() : detail::Wrapper() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * Optionally transfer ownership of a refcount on the cl_mem + * into the new Memory object. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * + * See Memory for further details. + */ + explicit Memory(const cl_mem& memory, bool retainObject) : + detail::Wrapper(memory, retainObject) { } + + /*! \brief Assignment operator from cl_mem - takes ownership. + * + * This effectively transfers ownership of a refcount on the rhs and calls + * clReleaseMemObject() on the value previously held by this instance. + */ + Memory& operator = (const cl_mem& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Memory(const Memory& mem) : detail::Wrapper(mem) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Memory& operator = (const Memory &mem) + { + detail::Wrapper::operator=(mem); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Memory(Memory&& mem) CL_HPP_NOEXCEPT_ : detail::Wrapper(std::move(mem)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Memory& operator = (Memory &&mem) + { + detail::Wrapper::operator=(std::move(mem)); + return *this; + } + + + //! \brief Wrapper for clGetMemObjectInfo(). + template + cl_int getInfo(cl_mem_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetMemObjectInfo, object_, name, param), + __GET_MEM_OBJECT_INFO_ERR); + } + + //! \brief Wrapper for clGetMemObjectInfo() that returns by value. + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_mem_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + +#if CL_HPP_TARGET_OPENCL_VERSION >= 110 + /*! \brief Registers a callback function to be called when the memory object + * is no longer needed. + * + * Wraps clSetMemObjectDestructorCallback(). + * + * Repeated calls to this function, for a given cl_mem value, will append + * to the list of functions called (in reverse order) when memory object's + * resources are freed and the memory object is deleted. + * + * \note + * The registered callbacks are associated with the underlying cl_mem + * value - not the Memory class instance. + */ + cl_int setDestructorCallback( + void (CL_CALLBACK * pfn_notify)(cl_mem, void *), + void * user_data = NULL) + { + return detail::errHandler( + ::clSetMemObjectDestructorCallback( + object_, + pfn_notify, + user_data), + __SET_MEM_OBJECT_DESTRUCTOR_CALLBACK_ERR); + } +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 110 + +}; + +// Pre-declare copy functions +class Buffer; +template< typename IteratorType > +cl_int copy( IteratorType startIterator, IteratorType endIterator, cl::Buffer &buffer ); +template< typename IteratorType > +cl_int copy( const cl::Buffer &buffer, IteratorType startIterator, IteratorType endIterator ); +template< typename IteratorType > +cl_int copy( const CommandQueue &queue, IteratorType startIterator, IteratorType endIterator, cl::Buffer &buffer ); +template< typename IteratorType > +cl_int copy( const CommandQueue &queue, const cl::Buffer &buffer, IteratorType startIterator, IteratorType endIterator ); + + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 +namespace detail +{ + class SVMTraitNull + { + public: + static cl_svm_mem_flags getSVMMemFlags() + { + return 0; + } + }; +} // namespace detail + +template +class SVMTraitReadWrite +{ +public: + static cl_svm_mem_flags getSVMMemFlags() + { + return CL_MEM_READ_WRITE | + Trait::getSVMMemFlags(); + } +}; + +template +class SVMTraitReadOnly +{ +public: + static cl_svm_mem_flags getSVMMemFlags() + { + return CL_MEM_READ_ONLY | + Trait::getSVMMemFlags(); + } +}; + +template +class SVMTraitWriteOnly +{ +public: + static cl_svm_mem_flags getSVMMemFlags() + { + return CL_MEM_WRITE_ONLY | + Trait::getSVMMemFlags(); + } +}; + +template> +class SVMTraitCoarse +{ +public: + static cl_svm_mem_flags getSVMMemFlags() + { + return Trait::getSVMMemFlags(); + } +}; + +template> +class SVMTraitFine +{ +public: + static cl_svm_mem_flags getSVMMemFlags() + { + return CL_MEM_SVM_FINE_GRAIN_BUFFER | + Trait::getSVMMemFlags(); + } +}; + +template> +class SVMTraitAtomic +{ +public: + static cl_svm_mem_flags getSVMMemFlags() + { + return + CL_MEM_SVM_FINE_GRAIN_BUFFER | + CL_MEM_SVM_ATOMICS | + Trait::getSVMMemFlags(); + } +}; + +// Pre-declare SVM map function +template +inline cl_int enqueueMapSVM( + T* ptr, + cl_bool blocking, + cl_map_flags flags, + size_type size, + const vector* events = NULL, + Event* event = NULL); + +/** + * STL-like allocator class for managing SVM objects provided for convenience. + * + * Note that while this behaves like an allocator for the purposes of constructing vectors and similar objects, + * care must be taken when using with smart pointers. + * The allocator should not be used to construct a unique_ptr if we are using coarse-grained SVM mode because + * the coarse-grained management behaviour would behave incorrectly with respect to reference counting. + * + * Instead the allocator embeds a Deleter which may be used with unique_ptr and is used + * with the allocate_shared and allocate_ptr supplied operations. + */ +template +class SVMAllocator { +private: + Context context_; + +public: + typedef T value_type; + typedef value_type* pointer; + typedef const value_type* const_pointer; + typedef value_type& reference; + typedef const value_type& const_reference; + typedef std::size_t size_type; + typedef std::ptrdiff_t difference_type; + + template + struct rebind + { + typedef SVMAllocator other; + }; + + template + friend class SVMAllocator; + + SVMAllocator() : + context_(Context::getDefault()) + { + } + + explicit SVMAllocator(cl::Context context) : + context_(context) + { + } + + + SVMAllocator(const SVMAllocator &other) : + context_(other.context_) + { + } + + template + SVMAllocator(const SVMAllocator &other) : + context_(other.context_) + { + } + + ~SVMAllocator() + { + } + + pointer address(reference r) CL_HPP_NOEXCEPT_ + { + return std::addressof(r); + } + + const_pointer address(const_reference r) CL_HPP_NOEXCEPT_ + { + return std::addressof(r); + } + + /** + * Allocate an SVM pointer. + * + * If the allocator is coarse-grained, this will take ownership to allow + * containers to correctly construct data in place. + */ + pointer allocate( + size_type size, + typename cl::SVMAllocator::const_pointer = 0) + { + // Allocate memory with default alignment matching the size of the type + void* voidPointer = + clSVMAlloc( + context_(), + SVMTrait::getSVMMemFlags(), + size*sizeof(T), + 0); + pointer retValue = reinterpret_cast( + voidPointer); +#if defined(CL_HPP_ENABLE_EXCEPTIONS) + if (!retValue) { + std::bad_alloc excep; + throw excep; + } +#endif // #if defined(CL_HPP_ENABLE_EXCEPTIONS) + + // If allocation was coarse-grained then map it + if (!(SVMTrait::getSVMMemFlags() & CL_MEM_SVM_FINE_GRAIN_BUFFER)) { + cl_int err = enqueueMapSVM(retValue, CL_TRUE, CL_MAP_READ | CL_MAP_WRITE, size*sizeof(T)); + if (err != CL_SUCCESS) { + std::bad_alloc excep; + throw excep; + } + } + + // If exceptions disabled, return null pointer from allocator + return retValue; + } + + void deallocate(pointer p, size_type) + { + clSVMFree(context_(), p); + } + + /** + * Return the maximum possible allocation size. + * This is the minimum of the maximum sizes of all devices in the context. + */ + size_type max_size() const CL_HPP_NOEXCEPT_ + { + size_type maxSize = std::numeric_limits::max() / sizeof(T); + + for (Device &d : context_.getInfo()) { + maxSize = std::min( + maxSize, + static_cast(d.getInfo())); + } + + return maxSize; + } + + template< class U, class... Args > + void construct(U* p, Args&&... args) + { + new(p)T(args...); + } + + template< class U > + void destroy(U* p) + { + p->~U(); + } + + /** + * Returns true if the contexts match. + */ + inline bool operator==(SVMAllocator const& rhs) + { + return (context_==rhs.context_); + } + + inline bool operator!=(SVMAllocator const& a) + { + return !operator==(a); + } +}; // class SVMAllocator return cl::pointer(tmp, detail::Deleter{alloc, copies}); + + +template +class SVMAllocator { +public: + typedef void value_type; + typedef value_type* pointer; + typedef const value_type* const_pointer; + + template + struct rebind + { + typedef SVMAllocator other; + }; + + template + friend class SVMAllocator; +}; + +#if !defined(CL_HPP_NO_STD_UNIQUE_PTR) +namespace detail +{ + template + class Deleter { + private: + Alloc alloc_; + size_type copies_; + + public: + typedef typename std::allocator_traits::pointer pointer; + + Deleter(const Alloc &alloc, size_type copies) : alloc_{ alloc }, copies_{ copies } + { + } + + void operator()(pointer ptr) const { + Alloc tmpAlloc{ alloc_ }; + std::allocator_traits::destroy(tmpAlloc, std::addressof(*ptr)); + std::allocator_traits::deallocate(tmpAlloc, ptr, copies_); + } + }; +} // namespace detail + +/** + * Allocation operation compatible with std::allocate_ptr. + * Creates a unique_ptr by default. + * This requirement is to ensure that the control block is not + * allocated in memory inaccessible to the host. + */ +template +cl::pointer> allocate_pointer(const Alloc &alloc_, Args&&... args) +{ + Alloc alloc(alloc_); + static const size_type copies = 1; + + // Ensure that creation of the management block and the + // object are dealt with separately such that we only provide a deleter + + T* tmp = std::allocator_traits::allocate(alloc, copies); + if (!tmp) { + std::bad_alloc excep; + throw excep; + } + try { + std::allocator_traits::construct( + alloc, + std::addressof(*tmp), + std::forward(args)...); + + return cl::pointer>(tmp, detail::Deleter{alloc, copies}); + } + catch (std::bad_alloc b) + { + std::allocator_traits::deallocate(alloc, tmp, copies); + throw; + } +} + +template< class T, class SVMTrait, class... Args > +cl::pointer>> allocate_svm(Args... args) +{ + SVMAllocator alloc; + return cl::allocate_pointer(alloc, args...); +} + +template< class T, class SVMTrait, class... Args > +cl::pointer>> allocate_svm(const cl::Context &c, Args... args) +{ + SVMAllocator alloc(c); + return cl::allocate_pointer(alloc, args...); +} +#endif // #if !defined(CL_HPP_NO_STD_UNIQUE_PTR) + +/*! \brief Vector alias to simplify contruction of coarse-grained SVM containers. + * + */ +template < class T > +using coarse_svm_vector = vector>>; + +/*! \brief Vector alias to simplify contruction of fine-grained SVM containers. +* +*/ +template < class T > +using fine_svm_vector = vector>>; + +/*! \brief Vector alias to simplify contruction of fine-grained SVM containers that support platform atomics. +* +*/ +template < class T > +using atomic_svm_vector = vector>>; + +#endif // #if CL_HPP_TARGET_OPENCL_VERSION >= 200 + + +/*! \brief Class interface for Buffer Memory Objects. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class Buffer : public Memory +{ +public: + + /*! \brief Constructs a Buffer in a specified context. + * + * Wraps clCreateBuffer(). + * + * \param host_ptr Storage to be used if the CL_MEM_USE_HOST_PTR flag was + * specified. Note alignment & exclusivity requirements. + */ + Buffer( + const Context& context, + cl_mem_flags flags, + size_type size, + void* host_ptr = NULL, + cl_int* err = NULL) + { + cl_int error; + object_ = ::clCreateBuffer(context(), flags, size, host_ptr, &error); + + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + } + + /*! \brief Constructs a Buffer in the default context. + * + * Wraps clCreateBuffer(). + * + * \param host_ptr Storage to be used if the CL_MEM_USE_HOST_PTR flag was + * specified. Note alignment & exclusivity requirements. + * + * \see Context::getDefault() + */ + Buffer( + cl_mem_flags flags, + size_type size, + void* host_ptr = NULL, + cl_int* err = NULL) + { + cl_int error; + + Context context = Context::getDefault(err); + + object_ = ::clCreateBuffer(context(), flags, size, host_ptr, &error); + + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + } + + /*! + * \brief Construct a Buffer from a host container via iterators. + * IteratorType must be random access. + * If useHostPtr is specified iterators must represent contiguous data. + */ + template< typename IteratorType > + Buffer( + IteratorType startIterator, + IteratorType endIterator, + bool readOnly, + bool useHostPtr = false, + cl_int* err = NULL) + { + typedef typename std::iterator_traits::value_type DataType; + cl_int error; + + cl_mem_flags flags = 0; + if( readOnly ) { + flags |= CL_MEM_READ_ONLY; + } + else { + flags |= CL_MEM_READ_WRITE; + } + if( useHostPtr ) { + flags |= CL_MEM_USE_HOST_PTR; + } + + size_type size = sizeof(DataType)*(endIterator - startIterator); + + Context context = Context::getDefault(err); + + if( useHostPtr ) { + object_ = ::clCreateBuffer(context(), flags, size, static_cast(&*startIterator), &error); + } else { + object_ = ::clCreateBuffer(context(), flags, size, 0, &error); + } + + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + + if( !useHostPtr ) { + error = cl::copy(startIterator, endIterator, *this); + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + } + } + + /*! + * \brief Construct a Buffer from a host container via iterators using a specified context. + * IteratorType must be random access. + * If useHostPtr is specified iterators must represent contiguous data. + */ + template< typename IteratorType > + Buffer(const Context &context, IteratorType startIterator, IteratorType endIterator, + bool readOnly, bool useHostPtr = false, cl_int* err = NULL); + + /*! + * \brief Construct a Buffer from a host container via iterators using a specified queue. + * If useHostPtr is specified iterators must be random access. + */ + template< typename IteratorType > + Buffer(const CommandQueue &queue, IteratorType startIterator, IteratorType endIterator, + bool readOnly, bool useHostPtr = false, cl_int* err = NULL); + + //! \brief Default constructor - initializes to NULL. + Buffer() : Memory() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with earlier versions. + * + * See Memory for further details. + */ + explicit Buffer(const cl_mem& buffer, bool retainObject = false) : + Memory(buffer, retainObject) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + Buffer& operator = (const cl_mem& rhs) + { + Memory::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Buffer(const Buffer& buf) : Memory(buf) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Buffer& operator = (const Buffer &buf) + { + Memory::operator=(buf); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Buffer(Buffer&& buf) CL_HPP_NOEXCEPT_ : Memory(std::move(buf)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Buffer& operator = (Buffer &&buf) + { + Memory::operator=(std::move(buf)); + return *this; + } + +#if CL_HPP_TARGET_OPENCL_VERSION >= 110 + /*! \brief Creates a new buffer object from this. + * + * Wraps clCreateSubBuffer(). + */ + Buffer createSubBuffer( + cl_mem_flags flags, + cl_buffer_create_type buffer_create_type, + const void * buffer_create_info, + cl_int * err = NULL) + { + Buffer result; + cl_int error; + result.object_ = ::clCreateSubBuffer( + object_, + flags, + buffer_create_type, + buffer_create_info, + &error); + + detail::errHandler(error, __CREATE_SUBBUFFER_ERR); + if (err != NULL) { + *err = error; + } + + return result; + } +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 110 +}; + +#if defined (CL_HPP_USE_DX_INTEROP) +/*! \brief Class interface for creating OpenCL buffers from ID3D10Buffer's. + * + * This is provided to facilitate interoperability with Direct3D. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class BufferD3D10 : public Buffer +{ +public: + + + /*! \brief Constructs a BufferD3D10, in a specified context, from a + * given ID3D10Buffer. + * + * Wraps clCreateFromD3D10BufferKHR(). + */ + BufferD3D10( + const Context& context, + cl_mem_flags flags, + ID3D10Buffer* bufobj, + cl_int * err = NULL) : pfn_clCreateFromD3D10BufferKHR(nullptr) + { + typedef CL_API_ENTRY cl_mem (CL_API_CALL *PFN_clCreateFromD3D10BufferKHR)( + cl_context context, cl_mem_flags flags, ID3D10Buffer* buffer, + cl_int* errcode_ret); + PFN_clCreateFromD3D10BufferKHR pfn_clCreateFromD3D10BufferKHR; +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 + vector props = context.getInfo(); + cl_platform platform = -1; + for( int i = 0; i < props.size(); ++i ) { + if( props[i] == CL_CONTEXT_PLATFORM ) { + platform = props[i+1]; + } + } + CL_HPP_INIT_CL_EXT_FCN_PTR_PLATFORM_(platform, clCreateFromD3D10BufferKHR); +#elif CL_HPP_TARGET_OPENCL_VERSION >= 110 + CL_HPP_INIT_CL_EXT_FCN_PTR_(clCreateFromD3D10BufferKHR); +#endif + + cl_int error; + object_ = pfn_clCreateFromD3D10BufferKHR( + context(), + flags, + bufobj, + &error); + + detail::errHandler(error, __CREATE_GL_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + } + + //! \brief Default constructor - initializes to NULL. + BufferD3D10() : Buffer() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * See Memory for further details. + */ + explicit BufferD3D10(const cl_mem& buffer, bool retainObject = false) : + Buffer(buffer, retainObject) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + BufferD3D10& operator = (const cl_mem& rhs) + { + Buffer::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + BufferD3D10(const BufferD3D10& buf) : + Buffer(buf) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + BufferD3D10& operator = (const BufferD3D10 &buf) + { + Buffer::operator=(buf); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + BufferD3D10(BufferD3D10&& buf) CL_HPP_NOEXCEPT_ : Buffer(std::move(buf)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + BufferD3D10& operator = (BufferD3D10 &&buf) + { + Buffer::operator=(std::move(buf)); + return *this; + } +}; +#endif + +/*! \brief Class interface for GL Buffer Memory Objects. + * + * This is provided to facilitate interoperability with OpenGL. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class BufferGL : public Buffer +{ +public: + /*! \brief Constructs a BufferGL in a specified context, from a given + * GL buffer. + * + * Wraps clCreateFromGLBuffer(). + */ + BufferGL( + const Context& context, + cl_mem_flags flags, + cl_GLuint bufobj, + cl_int * err = NULL) + { + cl_int error; + object_ = ::clCreateFromGLBuffer( + context(), + flags, + bufobj, + &error); + + detail::errHandler(error, __CREATE_GL_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + } + + //! \brief Default constructor - initializes to NULL. + BufferGL() : Buffer() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * See Memory for further details. + */ + explicit BufferGL(const cl_mem& buffer, bool retainObject = false) : + Buffer(buffer, retainObject) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + BufferGL& operator = (const cl_mem& rhs) + { + Buffer::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + BufferGL(const BufferGL& buf) : Buffer(buf) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + BufferGL& operator = (const BufferGL &buf) + { + Buffer::operator=(buf); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + BufferGL(BufferGL&& buf) CL_HPP_NOEXCEPT_ : Buffer(std::move(buf)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + BufferGL& operator = (BufferGL &&buf) + { + Buffer::operator=(std::move(buf)); + return *this; + } + + //! \brief Wrapper for clGetGLObjectInfo(). + cl_int getObjectInfo( + cl_gl_object_type *type, + cl_GLuint * gl_object_name) + { + return detail::errHandler( + ::clGetGLObjectInfo(object_,type,gl_object_name), + __GET_GL_OBJECT_INFO_ERR); + } +}; + +/*! \brief Class interface for GL Render Buffer Memory Objects. + * + * This is provided to facilitate interoperability with OpenGL. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class BufferRenderGL : public Buffer +{ +public: + /*! \brief Constructs a BufferRenderGL in a specified context, from a given + * GL Renderbuffer. + * + * Wraps clCreateFromGLRenderbuffer(). + */ + BufferRenderGL( + const Context& context, + cl_mem_flags flags, + cl_GLuint bufobj, + cl_int * err = NULL) + { + cl_int error; + object_ = ::clCreateFromGLRenderbuffer( + context(), + flags, + bufobj, + &error); + + detail::errHandler(error, __CREATE_GL_RENDER_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + } + + //! \brief Default constructor - initializes to NULL. + BufferRenderGL() : Buffer() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * See Memory for further details. + */ + explicit BufferRenderGL(const cl_mem& buffer, bool retainObject = false) : + Buffer(buffer, retainObject) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + BufferRenderGL& operator = (const cl_mem& rhs) + { + Buffer::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + BufferRenderGL(const BufferRenderGL& buf) : Buffer(buf) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + BufferRenderGL& operator = (const BufferRenderGL &buf) + { + Buffer::operator=(buf); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + BufferRenderGL(BufferRenderGL&& buf) CL_HPP_NOEXCEPT_ : Buffer(std::move(buf)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + BufferRenderGL& operator = (BufferRenderGL &&buf) + { + Buffer::operator=(std::move(buf)); + return *this; + } + + //! \brief Wrapper for clGetGLObjectInfo(). + cl_int getObjectInfo( + cl_gl_object_type *type, + cl_GLuint * gl_object_name) + { + return detail::errHandler( + ::clGetGLObjectInfo(object_,type,gl_object_name), + __GET_GL_OBJECT_INFO_ERR); + } +}; + +/*! \brief C++ base class for Image Memory objects. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class Image : public Memory +{ +protected: + //! \brief Default constructor - initializes to NULL. + Image() : Memory() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * See Memory for further details. + */ + explicit Image(const cl_mem& image, bool retainObject = false) : + Memory(image, retainObject) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + Image& operator = (const cl_mem& rhs) + { + Memory::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image(const Image& img) : Memory(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image& operator = (const Image &img) + { + Memory::operator=(img); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image(Image&& img) CL_HPP_NOEXCEPT_ : Memory(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image& operator = (Image &&img) + { + Memory::operator=(std::move(img)); + return *this; + } + + +public: + //! \brief Wrapper for clGetImageInfo(). + template + cl_int getImageInfo(cl_image_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetImageInfo, object_, name, param), + __GET_IMAGE_INFO_ERR); + } + + //! \brief Wrapper for clGetImageInfo() that returns by value. + template typename + detail::param_traits::param_type + getImageInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_image_info, name>::param_type param; + cl_int result = getImageInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } +}; + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 +/*! \brief Class interface for 1D Image Memory objects. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class Image1D : public Image +{ +public: + /*! \brief Constructs a 1D Image in a specified context. + * + * Wraps clCreateImage(). + */ + Image1D( + const Context& context, + cl_mem_flags flags, + ImageFormat format, + size_type width, + void* host_ptr = NULL, + cl_int* err = NULL) + { + cl_int error; + cl_image_desc desc = + { + CL_MEM_OBJECT_IMAGE1D, + width, + 0, 0, 0, 0, 0, 0, 0, 0 + }; + object_ = ::clCreateImage( + context(), + flags, + &format, + &desc, + host_ptr, + &error); + + detail::errHandler(error, __CREATE_IMAGE_ERR); + if (err != NULL) { + *err = error; + } + } + + //! \brief Default constructor - initializes to NULL. + Image1D() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * See Memory for further details. + */ + explicit Image1D(const cl_mem& image1D, bool retainObject = false) : + Image(image1D, retainObject) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + Image1D& operator = (const cl_mem& rhs) + { + Image::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image1D(const Image1D& img) : Image(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image1D& operator = (const Image1D &img) + { + Image::operator=(img); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image1D(Image1D&& img) CL_HPP_NOEXCEPT_ : Image(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image1D& operator = (Image1D &&img) + { + Image::operator=(std::move(img)); + return *this; + } + +}; + +/*! \class Image1DBuffer + * \brief Image interface for 1D buffer images. + */ +class Image1DBuffer : public Image +{ +public: + Image1DBuffer( + const Context& context, + cl_mem_flags flags, + ImageFormat format, + size_type width, + const Buffer &buffer, + cl_int* err = NULL) + { + cl_int error; + cl_image_desc desc = + { + CL_MEM_OBJECT_IMAGE1D_BUFFER, + width, + 0, 0, 0, 0, 0, 0, 0, + buffer() + }; + object_ = ::clCreateImage( + context(), + flags, + &format, + &desc, + NULL, + &error); + + detail::errHandler(error, __CREATE_IMAGE_ERR); + if (err != NULL) { + *err = error; + } + } + + Image1DBuffer() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * See Memory for further details. + */ + explicit Image1DBuffer(const cl_mem& image1D, bool retainObject = false) : + Image(image1D, retainObject) { } + + Image1DBuffer& operator = (const cl_mem& rhs) + { + Image::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image1DBuffer(const Image1DBuffer& img) : Image(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image1DBuffer& operator = (const Image1DBuffer &img) + { + Image::operator=(img); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image1DBuffer(Image1DBuffer&& img) CL_HPP_NOEXCEPT_ : Image(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image1DBuffer& operator = (Image1DBuffer &&img) + { + Image::operator=(std::move(img)); + return *this; + } + +}; + +/*! \class Image1DArray + * \brief Image interface for arrays of 1D images. + */ +class Image1DArray : public Image +{ +public: + Image1DArray( + const Context& context, + cl_mem_flags flags, + ImageFormat format, + size_type arraySize, + size_type width, + size_type rowPitch, + void* host_ptr = NULL, + cl_int* err = NULL) + { + cl_int error; + cl_image_desc desc = + { + CL_MEM_OBJECT_IMAGE1D_ARRAY, + width, + 0, 0, // height, depth (unused) + arraySize, + rowPitch, + 0, 0, 0, 0 + }; + object_ = ::clCreateImage( + context(), + flags, + &format, + &desc, + host_ptr, + &error); + + detail::errHandler(error, __CREATE_IMAGE_ERR); + if (err != NULL) { + *err = error; + } + } + + Image1DArray() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * See Memory for further details. + */ + explicit Image1DArray(const cl_mem& imageArray, bool retainObject = false) : + Image(imageArray, retainObject) { } + + + Image1DArray& operator = (const cl_mem& rhs) + { + Image::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image1DArray(const Image1DArray& img) : Image(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image1DArray& operator = (const Image1DArray &img) + { + Image::operator=(img); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image1DArray(Image1DArray&& img) CL_HPP_NOEXCEPT_ : Image(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image1DArray& operator = (Image1DArray &&img) + { + Image::operator=(std::move(img)); + return *this; + } + +}; +#endif // #if CL_HPP_TARGET_OPENCL_VERSION >= 120 + + +/*! \brief Class interface for 2D Image Memory objects. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class Image2D : public Image +{ +public: + /*! \brief Constructs a 2D Image in a specified context. + * + * Wraps clCreateImage(). + */ + Image2D( + const Context& context, + cl_mem_flags flags, + ImageFormat format, + size_type width, + size_type height, + size_type row_pitch = 0, + void* host_ptr = NULL, + cl_int* err = NULL) + { + cl_int error; + bool useCreateImage; + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 && CL_HPP_MINIMUM_OPENCL_VERSION < 120 + // Run-time decision based on the actual platform + { + cl_uint version = detail::getContextPlatformVersion(context()); + useCreateImage = (version >= 0x10002); // OpenCL 1.2 or above + } +#elif CL_HPP_TARGET_OPENCL_VERSION >= 120 + useCreateImage = true; +#else + useCreateImage = false; +#endif + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 + if (useCreateImage) + { + cl_image_desc desc = + { + CL_MEM_OBJECT_IMAGE2D, + width, + height, + 0, 0, // depth, array size (unused) + row_pitch, + 0, 0, 0, 0 + }; + object_ = ::clCreateImage( + context(), + flags, + &format, + &desc, + host_ptr, + &error); + + detail::errHandler(error, __CREATE_IMAGE_ERR); + if (err != NULL) { + *err = error; + } + } +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 +#if CL_HPP_MINIMUM_OPENCL_VERSION < 120 + if (!useCreateImage) + { + object_ = ::clCreateImage2D( + context(), flags,&format, width, height, row_pitch, host_ptr, &error); + + detail::errHandler(error, __CREATE_IMAGE2D_ERR); + if (err != NULL) { + *err = error; + } + } +#endif // CL_HPP_MINIMUM_OPENCL_VERSION < 120 + } + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + /*! \brief Constructs a 2D Image from a buffer. + * \note This will share storage with the underlying buffer. + * + * Wraps clCreateImage(). + */ + Image2D( + const Context& context, + ImageFormat format, + const Buffer &sourceBuffer, + size_type width, + size_type height, + size_type row_pitch = 0, + cl_int* err = nullptr) + { + cl_int error; + + cl_image_desc desc = + { + CL_MEM_OBJECT_IMAGE2D, + width, + height, + 0, 0, // depth, array size (unused) + row_pitch, + 0, 0, 0, + // Use buffer as input to image + sourceBuffer() + }; + object_ = ::clCreateImage( + context(), + 0, // flags inherited from buffer + &format, + &desc, + nullptr, + &error); + + detail::errHandler(error, __CREATE_IMAGE_ERR); + if (err != nullptr) { + *err = error; + } + } +#endif //#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + /*! \brief Constructs a 2D Image from an image. + * \note This will share storage with the underlying image but may + * reinterpret the channel order and type. + * + * The image will be created matching with a descriptor matching the source. + * + * \param order is the channel order to reinterpret the image data as. + * The channel order may differ as described in the OpenCL + * 2.0 API specification. + * + * Wraps clCreateImage(). + */ + Image2D( + const Context& context, + cl_channel_order order, + const Image &sourceImage, + cl_int* err = nullptr) + { + cl_int error; + + // Descriptor fields have to match source image + size_type sourceWidth = + sourceImage.getImageInfo(); + size_type sourceHeight = + sourceImage.getImageInfo(); + size_type sourceRowPitch = + sourceImage.getImageInfo(); + cl_uint sourceNumMIPLevels = + sourceImage.getImageInfo(); + cl_uint sourceNumSamples = + sourceImage.getImageInfo(); + cl_image_format sourceFormat = + sourceImage.getImageInfo(); + + // Update only the channel order. + // Channel format inherited from source. + sourceFormat.image_channel_order = order; + cl_image_desc desc = + { + CL_MEM_OBJECT_IMAGE2D, + sourceWidth, + sourceHeight, + 0, 0, // depth (unused), array size (unused) + sourceRowPitch, + 0, // slice pitch (unused) + sourceNumMIPLevels, + sourceNumSamples, + // Use buffer as input to image + sourceImage() + }; + object_ = ::clCreateImage( + context(), + 0, // flags should be inherited from mem_object + &sourceFormat, + &desc, + nullptr, + &error); + + detail::errHandler(error, __CREATE_IMAGE_ERR); + if (err != nullptr) { + *err = error; + } + } +#endif //#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + + //! \brief Default constructor - initializes to NULL. + Image2D() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * See Memory for further details. + */ + explicit Image2D(const cl_mem& image2D, bool retainObject = false) : + Image(image2D, retainObject) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + Image2D& operator = (const cl_mem& rhs) + { + Image::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image2D(const Image2D& img) : Image(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image2D& operator = (const Image2D &img) + { + Image::operator=(img); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image2D(Image2D&& img) CL_HPP_NOEXCEPT_ : Image(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image2D& operator = (Image2D &&img) + { + Image::operator=(std::move(img)); + return *this; + } + +}; + + +#if defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) +/*! \brief Class interface for GL 2D Image Memory objects. + * + * This is provided to facilitate interoperability with OpenGL. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + * \note Deprecated for OpenCL 1.2. Please use ImageGL instead. + */ +class CL_EXT_PREFIX__VERSION_1_1_DEPRECATED Image2DGL : public Image2D +{ +public: + /*! \brief Constructs an Image2DGL in a specified context, from a given + * GL Texture. + * + * Wraps clCreateFromGLTexture2D(). + */ + Image2DGL( + const Context& context, + cl_mem_flags flags, + cl_GLenum target, + cl_GLint miplevel, + cl_GLuint texobj, + cl_int * err = NULL) + { + cl_int error; + object_ = ::clCreateFromGLTexture2D( + context(), + flags, + target, + miplevel, + texobj, + &error); + + detail::errHandler(error, __CREATE_GL_TEXTURE_2D_ERR); + if (err != NULL) { + *err = error; + } + + } + + //! \brief Default constructor - initializes to NULL. + Image2DGL() : Image2D() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * See Memory for further details. + */ + explicit Image2DGL(const cl_mem& image, bool retainObject = false) : + Image2D(image, retainObject) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + *c + * See Memory for further details. + */ + Image2DGL& operator = (const cl_mem& rhs) + { + Image2D::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image2DGL(const Image2DGL& img) : Image2D(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image2DGL& operator = (const Image2DGL &img) + { + Image2D::operator=(img); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image2DGL(Image2DGL&& img) CL_HPP_NOEXCEPT_ : Image2D(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image2DGL& operator = (Image2DGL &&img) + { + Image2D::operator=(std::move(img)); + return *this; + } + +} CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED; +#endif // CL_USE_DEPRECATED_OPENCL_1_1_APIS + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 +/*! \class Image2DArray + * \brief Image interface for arrays of 2D images. + */ +class Image2DArray : public Image +{ +public: + Image2DArray( + const Context& context, + cl_mem_flags flags, + ImageFormat format, + size_type arraySize, + size_type width, + size_type height, + size_type rowPitch, + size_type slicePitch, + void* host_ptr = NULL, + cl_int* err = NULL) + { + cl_int error; + cl_image_desc desc = + { + CL_MEM_OBJECT_IMAGE2D_ARRAY, + width, + height, + 0, // depth (unused) + arraySize, + rowPitch, + slicePitch, + 0, 0, 0 + }; + object_ = ::clCreateImage( + context(), + flags, + &format, + &desc, + host_ptr, + &error); + + detail::errHandler(error, __CREATE_IMAGE_ERR); + if (err != NULL) { + *err = error; + } + } + + Image2DArray() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * See Memory for further details. + */ + explicit Image2DArray(const cl_mem& imageArray, bool retainObject = false) : Image(imageArray, retainObject) { } + + Image2DArray& operator = (const cl_mem& rhs) + { + Image::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image2DArray(const Image2DArray& img) : Image(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image2DArray& operator = (const Image2DArray &img) + { + Image::operator=(img); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image2DArray(Image2DArray&& img) CL_HPP_NOEXCEPT_ : Image(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image2DArray& operator = (Image2DArray &&img) + { + Image::operator=(std::move(img)); + return *this; + } +}; +#endif // #if CL_HPP_TARGET_OPENCL_VERSION >= 120 + +/*! \brief Class interface for 3D Image Memory objects. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class Image3D : public Image +{ +public: + /*! \brief Constructs a 3D Image in a specified context. + * + * Wraps clCreateImage(). + */ + Image3D( + const Context& context, + cl_mem_flags flags, + ImageFormat format, + size_type width, + size_type height, + size_type depth, + size_type row_pitch = 0, + size_type slice_pitch = 0, + void* host_ptr = NULL, + cl_int* err = NULL) + { + cl_int error; + bool useCreateImage; + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 && CL_HPP_MINIMUM_OPENCL_VERSION < 120 + // Run-time decision based on the actual platform + { + cl_uint version = detail::getContextPlatformVersion(context()); + useCreateImage = (version >= 0x10002); // OpenCL 1.2 or above + } +#elif CL_HPP_TARGET_OPENCL_VERSION >= 120 + useCreateImage = true; +#else + useCreateImage = false; +#endif + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 + if (useCreateImage) + { + cl_image_desc desc = + { + CL_MEM_OBJECT_IMAGE3D, + width, + height, + depth, + 0, // array size (unused) + row_pitch, + slice_pitch, + 0, 0, 0 + }; + object_ = ::clCreateImage( + context(), + flags, + &format, + &desc, + host_ptr, + &error); + + detail::errHandler(error, __CREATE_IMAGE_ERR); + if (err != NULL) { + *err = error; + } + } +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 +#if CL_HPP_MINIMUM_OPENCL_VERSION < 120 + if (!useCreateImage) + { + object_ = ::clCreateImage3D( + context(), flags, &format, width, height, depth, row_pitch, + slice_pitch, host_ptr, &error); + + detail::errHandler(error, __CREATE_IMAGE3D_ERR); + if (err != NULL) { + *err = error; + } + } +#endif // CL_HPP_MINIMUM_OPENCL_VERSION < 120 + } + + //! \brief Default constructor - initializes to NULL. + Image3D() : Image() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * See Memory for further details. + */ + explicit Image3D(const cl_mem& image3D, bool retainObject = false) : + Image(image3D, retainObject) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + Image3D& operator = (const cl_mem& rhs) + { + Image::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image3D(const Image3D& img) : Image(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image3D& operator = (const Image3D &img) + { + Image::operator=(img); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image3D(Image3D&& img) CL_HPP_NOEXCEPT_ : Image(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image3D& operator = (Image3D &&img) + { + Image::operator=(std::move(img)); + return *this; + } +}; + +#if defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) +/*! \brief Class interface for GL 3D Image Memory objects. + * + * This is provided to facilitate interoperability with OpenGL. + * + * See Memory for details about copy semantics, etc. + * + * \see Memory + */ +class Image3DGL : public Image3D +{ +public: + /*! \brief Constructs an Image3DGL in a specified context, from a given + * GL Texture. + * + * Wraps clCreateFromGLTexture3D(). + */ + Image3DGL( + const Context& context, + cl_mem_flags flags, + cl_GLenum target, + cl_GLint miplevel, + cl_GLuint texobj, + cl_int * err = NULL) + { + cl_int error; + object_ = ::clCreateFromGLTexture3D( + context(), + flags, + target, + miplevel, + texobj, + &error); + + detail::errHandler(error, __CREATE_GL_TEXTURE_3D_ERR); + if (err != NULL) { + *err = error; + } + } + + //! \brief Default constructor - initializes to NULL. + Image3DGL() : Image3D() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * See Memory for further details. + */ + explicit Image3DGL(const cl_mem& image, bool retainObject = false) : + Image3D(image, retainObject) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + Image3DGL& operator = (const cl_mem& rhs) + { + Image3D::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image3DGL(const Image3DGL& img) : Image3D(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Image3DGL& operator = (const Image3DGL &img) + { + Image3D::operator=(img); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Image3DGL(Image3DGL&& img) CL_HPP_NOEXCEPT_ : Image3D(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Image3DGL& operator = (Image3DGL &&img) + { + Image3D::operator=(std::move(img)); + return *this; + } +}; +#endif // CL_USE_DEPRECATED_OPENCL_1_1_APIS + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 +/*! \class ImageGL + * \brief general image interface for GL interop. + * We abstract the 2D and 3D GL images into a single instance here + * that wraps all GL sourced images on the grounds that setup information + * was performed by OpenCL anyway. + */ +class ImageGL : public Image +{ +public: + ImageGL( + const Context& context, + cl_mem_flags flags, + cl_GLenum target, + cl_GLint miplevel, + cl_GLuint texobj, + cl_int * err = NULL) + { + cl_int error; + object_ = ::clCreateFromGLTexture( + context(), + flags, + target, + miplevel, + texobj, + &error); + + detail::errHandler(error, __CREATE_GL_TEXTURE_ERR); + if (err != NULL) { + *err = error; + } + } + + ImageGL() : Image() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * See Memory for further details. + */ + explicit ImageGL(const cl_mem& image, bool retainObject = false) : + Image(image, retainObject) { } + + ImageGL& operator = (const cl_mem& rhs) + { + Image::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + ImageGL(const ImageGL& img) : Image(img) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + ImageGL& operator = (const ImageGL &img) + { + Image::operator=(img); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + ImageGL(ImageGL&& img) CL_HPP_NOEXCEPT_ : Image(std::move(img)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + ImageGL& operator = (ImageGL &&img) + { + Image::operator=(std::move(img)); + return *this; + } +}; +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 + + + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 +/*! \brief Class interface for Pipe Memory Objects. +* +* See Memory for details about copy semantics, etc. +* +* \see Memory +*/ +class Pipe : public Memory +{ +public: + + /*! \brief Constructs a Pipe in a specified context. + * + * Wraps clCreatePipe(). + * @param context Context in which to create the pipe. + * @param flags Bitfield. Only CL_MEM_READ_WRITE and CL_MEM_HOST_NO_ACCESS are valid. + * @param packet_size Size in bytes of a single packet of the pipe. + * @param max_packets Number of packets that may be stored in the pipe. + * + */ + Pipe( + const Context& context, + cl_uint packet_size, + cl_uint max_packets, + cl_int* err = NULL) + { + cl_int error; + + cl_mem_flags flags = CL_MEM_READ_WRITE | CL_MEM_HOST_NO_ACCESS; + object_ = ::clCreatePipe(context(), flags, packet_size, max_packets, nullptr, &error); + + detail::errHandler(error, __CREATE_PIPE_ERR); + if (err != NULL) { + *err = error; + } + } + + /*! \brief Constructs a Pipe in a the default context. + * + * Wraps clCreatePipe(). + * @param flags Bitfield. Only CL_MEM_READ_WRITE and CL_MEM_HOST_NO_ACCESS are valid. + * @param packet_size Size in bytes of a single packet of the pipe. + * @param max_packets Number of packets that may be stored in the pipe. + * + */ + Pipe( + cl_uint packet_size, + cl_uint max_packets, + cl_int* err = NULL) + { + cl_int error; + + Context context = Context::getDefault(err); + + cl_mem_flags flags = CL_MEM_READ_WRITE | CL_MEM_HOST_NO_ACCESS; + object_ = ::clCreatePipe(context(), flags, packet_size, max_packets, nullptr, &error); + + detail::errHandler(error, __CREATE_PIPE_ERR); + if (err != NULL) { + *err = error; + } + } + + //! \brief Default constructor - initializes to NULL. + Pipe() : Memory() { } + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with earlier versions. + * + * See Memory for further details. + */ + explicit Pipe(const cl_mem& pipe, bool retainObject = false) : + Memory(pipe, retainObject) { } + + /*! \brief Assignment from cl_mem - performs shallow copy. + * + * See Memory for further details. + */ + Pipe& operator = (const cl_mem& rhs) + { + Memory::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Pipe(const Pipe& pipe) : Memory(pipe) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Pipe& operator = (const Pipe &pipe) + { + Memory::operator=(pipe); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Pipe(Pipe&& pipe) CL_HPP_NOEXCEPT_ : Memory(std::move(pipe)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Pipe& operator = (Pipe &&pipe) + { + Memory::operator=(std::move(pipe)); + return *this; + } + + //! \brief Wrapper for clGetMemObjectInfo(). + template + cl_int getInfo(cl_pipe_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetPipeInfo, object_, name, param), + __GET_PIPE_INFO_ERR); + } + + //! \brief Wrapper for clGetMemObjectInfo() that returns by value. + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_pipe_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } +}; // class Pipe +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 200 + + +/*! \brief Class interface for cl_sampler. + * + * \note Copies of these objects are shallow, meaning that the copy will refer + * to the same underlying cl_sampler as the original. For details, see + * clRetainSampler() and clReleaseSampler(). + * + * \see cl_sampler + */ +class Sampler : public detail::Wrapper +{ +public: + //! \brief Default constructor - initializes to NULL. + Sampler() { } + + /*! \brief Constructs a Sampler in a specified context. + * + * Wraps clCreateSampler(). + */ + Sampler( + const Context& context, + cl_bool normalized_coords, + cl_addressing_mode addressing_mode, + cl_filter_mode filter_mode, + cl_int* err = NULL) + { + cl_int error; + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + cl_sampler_properties sampler_properties[] = { + CL_SAMPLER_NORMALIZED_COORDS, normalized_coords, + CL_SAMPLER_ADDRESSING_MODE, addressing_mode, + CL_SAMPLER_FILTER_MODE, filter_mode, + 0 }; + object_ = ::clCreateSamplerWithProperties( + context(), + sampler_properties, + &error); + + detail::errHandler(error, __CREATE_SAMPLER_WITH_PROPERTIES_ERR); + if (err != NULL) { + *err = error; + } +#else + object_ = ::clCreateSampler( + context(), + normalized_coords, + addressing_mode, + filter_mode, + &error); + + detail::errHandler(error, __CREATE_SAMPLER_ERR); + if (err != NULL) { + *err = error; + } +#endif + } + + /*! \brief Constructor from cl_sampler - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * This effectively transfers ownership of a refcount on the cl_sampler + * into the new Sampler object. + */ + explicit Sampler(const cl_sampler& sampler, bool retainObject = false) : + detail::Wrapper(sampler, retainObject) { } + + /*! \brief Assignment operator from cl_sampler - takes ownership. + * + * This effectively transfers ownership of a refcount on the rhs and calls + * clReleaseSampler() on the value previously held by this instance. + */ + Sampler& operator = (const cl_sampler& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Sampler(const Sampler& sam) : detail::Wrapper(sam) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Sampler& operator = (const Sampler &sam) + { + detail::Wrapper::operator=(sam); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Sampler(Sampler&& sam) CL_HPP_NOEXCEPT_ : detail::Wrapper(std::move(sam)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Sampler& operator = (Sampler &&sam) + { + detail::Wrapper::operator=(std::move(sam)); + return *this; + } + + //! \brief Wrapper for clGetSamplerInfo(). + template + cl_int getInfo(cl_sampler_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetSamplerInfo, object_, name, param), + __GET_SAMPLER_INFO_ERR); + } + + //! \brief Wrapper for clGetSamplerInfo() that returns by value. + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_sampler_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } +}; + +class Program; +class CommandQueue; +class DeviceCommandQueue; +class Kernel; + +//! \brief Class interface for specifying NDRange values. +class NDRange +{ +private: + size_type sizes_[3]; + cl_uint dimensions_; + +public: + //! \brief Default constructor - resulting range has zero dimensions. + NDRange() + : dimensions_(0) + { + sizes_[0] = 0; + sizes_[1] = 0; + sizes_[2] = 0; + } + + //! \brief Constructs one-dimensional range. + NDRange(size_type size0) + : dimensions_(1) + { + sizes_[0] = size0; + sizes_[1] = 1; + sizes_[2] = 1; + } + + //! \brief Constructs two-dimensional range. + NDRange(size_type size0, size_type size1) + : dimensions_(2) + { + sizes_[0] = size0; + sizes_[1] = size1; + sizes_[2] = 1; + } + + //! \brief Constructs three-dimensional range. + NDRange(size_type size0, size_type size1, size_type size2) + : dimensions_(3) + { + sizes_[0] = size0; + sizes_[1] = size1; + sizes_[2] = size2; + } + + /*! \brief Conversion operator to const size_type *. + * + * \returns a pointer to the size of the first dimension. + */ + operator const size_type*() const { + return sizes_; + } + + //! \brief Queries the number of dimensions in the range. + size_type dimensions() const + { + return dimensions_; + } + + //! \brief Returns the size of the object in bytes based on the + // runtime number of dimensions + size_type size() const + { + return dimensions_*sizeof(size_type); + } + + size_type* get() + { + return sizes_; + } + + const size_type* get() const + { + return sizes_; + } +}; + +//! \brief A zero-dimensional range. +static const NDRange NullRange; + +//! \brief Local address wrapper for use with Kernel::setArg +struct LocalSpaceArg +{ + size_type size_; +}; + +namespace detail { + +template +struct KernelArgumentHandler; + +// Enable for objects that are not subclasses of memory +// Pointers, constants etc +template +struct KernelArgumentHandler::value>::type> +{ + static size_type size(const T&) { return sizeof(T); } + static const T* ptr(const T& value) { return &value; } +}; + +// Enable for subclasses of memory where we want to get a reference to the cl_mem out +// and pass that in for safety +template +struct KernelArgumentHandler::value>::type> +{ + static size_type size(const T&) { return sizeof(cl_mem); } + static const cl_mem* ptr(const T& value) { return &(value()); } +}; + +// Specialization for DeviceCommandQueue defined later + +template <> +struct KernelArgumentHandler +{ + static size_type size(const LocalSpaceArg& value) { return value.size_; } + static const void* ptr(const LocalSpaceArg&) { return NULL; } +}; + +} +//! \endcond + +/*! Local + * \brief Helper function for generating LocalSpaceArg objects. + */ +inline LocalSpaceArg +Local(size_type size) +{ + LocalSpaceArg ret = { size }; + return ret; +} + +/*! \brief Class interface for cl_kernel. + * + * \note Copies of these objects are shallow, meaning that the copy will refer + * to the same underlying cl_kernel as the original. For details, see + * clRetainKernel() and clReleaseKernel(). + * + * \see cl_kernel + */ +class Kernel : public detail::Wrapper +{ +public: + inline Kernel(const Program& program, const char* name, cl_int* err = NULL); + + //! \brief Default constructor - initializes to NULL. + Kernel() { } + + /*! \brief Constructor from cl_kernel - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + * This effectively transfers ownership of a refcount on the cl_kernel + * into the new Kernel object. + */ + explicit Kernel(const cl_kernel& kernel, bool retainObject = false) : + detail::Wrapper(kernel, retainObject) { } + + /*! \brief Assignment operator from cl_kernel - takes ownership. + * + * This effectively transfers ownership of a refcount on the rhs and calls + * clReleaseKernel() on the value previously held by this instance. + */ + Kernel& operator = (const cl_kernel& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Kernel(const Kernel& kernel) : detail::Wrapper(kernel) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Kernel& operator = (const Kernel &kernel) + { + detail::Wrapper::operator=(kernel); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Kernel(Kernel&& kernel) CL_HPP_NOEXCEPT_ : detail::Wrapper(std::move(kernel)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Kernel& operator = (Kernel &&kernel) + { + detail::Wrapper::operator=(std::move(kernel)); + return *this; + } + + template + cl_int getInfo(cl_kernel_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetKernelInfo, object_, name, param), + __GET_KERNEL_INFO_ERR); + } + + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_kernel_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 + template + cl_int getArgInfo(cl_uint argIndex, cl_kernel_arg_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetKernelArgInfo, object_, argIndex, name, param), + __GET_KERNEL_ARG_INFO_ERR); + } + + template typename + detail::param_traits::param_type + getArgInfo(cl_uint argIndex, cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_kernel_arg_info, name>::param_type param; + cl_int result = getArgInfo(argIndex, name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 + + template + cl_int getWorkGroupInfo( + const Device& device, cl_kernel_work_group_info name, T* param) const + { + return detail::errHandler( + detail::getInfo( + &::clGetKernelWorkGroupInfo, object_, device(), name, param), + __GET_KERNEL_WORK_GROUP_INFO_ERR); + } + + template typename + detail::param_traits::param_type + getWorkGroupInfo(const Device& device, cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_kernel_work_group_info, name>::param_type param; + cl_int result = getWorkGroupInfo(device, name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 +#if defined(CL_HPP_USE_CL_SUB_GROUPS_KHR) + cl_int getSubGroupInfo(const cl::Device &dev, cl_kernel_sub_group_info name, const cl::NDRange &range, size_type* param) const + { + typedef clGetKernelSubGroupInfoKHR_fn PFN_clGetKernelSubGroupInfoKHR; + static PFN_clGetKernelSubGroupInfoKHR pfn_clGetKernelSubGroupInfoKHR = NULL; + CL_HPP_INIT_CL_EXT_FCN_PTR_(clGetKernelSubGroupInfoKHR); + + return detail::errHandler( + pfn_clGetKernelSubGroupInfoKHR(object_, dev(), name, range.size(), range.get(), sizeof(size_type), param, nullptr), + __GET_KERNEL_ARG_INFO_ERR); + } + + template + size_type getSubGroupInfo(const cl::Device &dev, const cl::NDRange &range, cl_int* err = NULL) const + { + size_type param; + cl_int result = getSubGroupInfo(dev, name, range, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } +#endif // #if defined(CL_HPP_USE_CL_SUB_GROUPS_KHR) +#endif // #if CL_HPP_TARGET_OPENCL_VERSION >= 200 + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + /*! \brief setArg overload taking a shared_ptr type + */ + template + cl_int setArg(cl_uint index, const cl::pointer &argPtr) + { + return detail::errHandler( + ::clSetKernelArgSVMPointer(object_, index, argPtr.get()), + __SET_KERNEL_ARGS_ERR); + } + + /*! \brief setArg overload taking a vector type. + */ + template + cl_int setArg(cl_uint index, const cl::vector &argPtr) + { + return detail::errHandler( + ::clSetKernelArgSVMPointer(object_, index, argPtr.data()), + __SET_KERNEL_ARGS_ERR); + } + + /*! \brief setArg overload taking a pointer type + */ + template + typename std::enable_if::value, cl_int>::type + setArg(cl_uint index, const T argPtr) + { + return detail::errHandler( + ::clSetKernelArgSVMPointer(object_, index, argPtr), + __SET_KERNEL_ARGS_ERR); + } +#endif // #if CL_HPP_TARGET_OPENCL_VERSION >= 200 + + /*! \brief setArg overload taking a POD type + */ + template + typename std::enable_if::value, cl_int>::type + setArg(cl_uint index, const T &value) + { + return detail::errHandler( + ::clSetKernelArg( + object_, + index, + detail::KernelArgumentHandler::size(value), + detail::KernelArgumentHandler::ptr(value)), + __SET_KERNEL_ARGS_ERR); + } + + cl_int setArg(cl_uint index, size_type size, const void* argPtr) + { + return detail::errHandler( + ::clSetKernelArg(object_, index, size, argPtr), + __SET_KERNEL_ARGS_ERR); + } + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + /*! + * Specify a vector of SVM pointers that the kernel may access in + * addition to its arguments. + */ + cl_int setSVMPointers(const vector &pointerList) + { + return detail::errHandler( + ::clSetKernelExecInfo( + object_, + CL_KERNEL_EXEC_INFO_SVM_PTRS, + sizeof(void*)*pointerList.size(), + pointerList.data())); + } + + /*! + * Specify a std::array of SVM pointers that the kernel may access in + * addition to its arguments. + */ + template + cl_int setSVMPointers(const std::array &pointerList) + { + return detail::errHandler( + ::clSetKernelExecInfo( + object_, + CL_KERNEL_EXEC_INFO_SVM_PTRS, + sizeof(void*)*pointerList.size(), + pointerList.data())); + } + + /*! \brief Enable fine-grained system SVM. + * + * \note It is only possible to enable fine-grained system SVM if all devices + * in the context associated with kernel support it. + * + * \param svmEnabled True if fine-grained system SVM is requested. False otherwise. + * \return CL_SUCCESS if the function was executed succesfully. CL_INVALID_OPERATION + * if no devices in the context support fine-grained system SVM. + * + * \see clSetKernelExecInfo + */ + cl_int enableFineGrainedSystemSVM(bool svmEnabled) + { + cl_bool svmEnabled_ = svmEnabled ? CL_TRUE : CL_FALSE; + return detail::errHandler( + ::clSetKernelExecInfo( + object_, + CL_KERNEL_EXEC_INFO_SVM_FINE_GRAIN_SYSTEM, + sizeof(cl_bool), + &svmEnabled_ + ) + ); + } + + template + void setSVMPointersHelper(std::array &pointerList, const pointer &t0, Ts... ts) + { + pointerList[index] = static_cast(t0.get()); + setSVMPointersHelper(ts...); + } + + template + typename std::enable_if::value, void>::type + setSVMPointersHelper(std::array &pointerList, T0 t0, Ts... ts) + { + pointerList[index] = static_cast(t0); + setSVMPointersHelper(ts...); + } + + template + void setSVMPointersHelper(std::array &pointerList, const pointer &t0) + { + pointerList[index] = static_cast(t0.get()); + } + + template + typename std::enable_if::value, void>::type + setSVMPointersHelper(std::array &pointerList, T0 t0) + { + pointerList[index] = static_cast(t0); + } + + template + cl_int setSVMPointers(const T0 &t0, Ts... ts) + { + std::array pointerList; + + setSVMPointersHelper<0, 1 + sizeof...(Ts)>(pointerList, t0, ts...); + return detail::errHandler( + ::clSetKernelExecInfo( + object_, + CL_KERNEL_EXEC_INFO_SVM_PTRS, + sizeof(void*)*(1 + sizeof...(Ts)), + pointerList.data())); + } +#endif // #if CL_HPP_TARGET_OPENCL_VERSION >= 200 +}; + +/*! \class Program + * \brief Program interface that implements cl_program. + */ +class Program : public detail::Wrapper +{ +public: +#if !defined(CL_HPP_ENABLE_PROGRAM_CONSTRUCTION_FROM_ARRAY_COMPATIBILITY) + typedef vector> Binaries; + typedef vector Sources; +#else // #if !defined(CL_HPP_ENABLE_PROGRAM_CONSTRUCTION_FROM_ARRAY_COMPATIBILITY) + typedef vector > Binaries; + typedef vector > Sources; +#endif // #if !defined(CL_HPP_ENABLE_PROGRAM_CONSTRUCTION_FROM_ARRAY_COMPATIBILITY) + + Program( + const string& source, + bool build = false, + cl_int* err = NULL) + { + cl_int error; + + const char * strings = source.c_str(); + const size_type length = source.size(); + + Context context = Context::getDefault(err); + + object_ = ::clCreateProgramWithSource( + context(), (cl_uint)1, &strings, &length, &error); + + detail::errHandler(error, __CREATE_PROGRAM_WITH_SOURCE_ERR); + + if (error == CL_SUCCESS && build) { + + error = ::clBuildProgram( + object_, + 0, + NULL, +#if !defined(CL_HPP_CL_1_2_DEFAULT_BUILD) + "-cl-std=CL2.0", +#else + "", +#endif // #if !defined(CL_HPP_CL_1_2_DEFAULT_BUILD) + NULL, + NULL); + + detail::buildErrHandler(error, __BUILD_PROGRAM_ERR, getBuildInfo()); + } + + if (err != NULL) { + *err = error; + } + } + + Program( + const Context& context, + const string& source, + bool build = false, + cl_int* err = NULL) + { + cl_int error; + + const char * strings = source.c_str(); + const size_type length = source.size(); + + object_ = ::clCreateProgramWithSource( + context(), (cl_uint)1, &strings, &length, &error); + + detail::errHandler(error, __CREATE_PROGRAM_WITH_SOURCE_ERR); + + if (error == CL_SUCCESS && build) { + error = ::clBuildProgram( + object_, + 0, + NULL, +#if !defined(CL_HPP_CL_1_2_DEFAULT_BUILD) + "-cl-std=CL2.0", +#else + "", +#endif // #if !defined(CL_HPP_CL_1_2_DEFAULT_BUILD) + NULL, + NULL); + + detail::buildErrHandler(error, __BUILD_PROGRAM_ERR, getBuildInfo()); + } + + if (err != NULL) { + *err = error; + } + } + + /** + * Create a program from a vector of source strings and the default context. + * Does not compile or link the program. + */ + Program( + const Sources& sources, + cl_int* err = NULL) + { + cl_int error; + Context context = Context::getDefault(err); + + const size_type n = (size_type)sources.size(); + + vector lengths(n); + vector strings(n); + + for (size_type i = 0; i < n; ++i) { +#if !defined(CL_HPP_ENABLE_PROGRAM_CONSTRUCTION_FROM_ARRAY_COMPATIBILITY) + strings[i] = sources[(int)i].data(); + lengths[i] = sources[(int)i].length(); +#else // #if !defined(CL_HPP_ENABLE_PROGRAM_CONSTRUCTION_FROM_ARRAY_COMPATIBILITY) + strings[i] = sources[(int)i].first; + lengths[i] = sources[(int)i].second; +#endif // #if !defined(CL_HPP_ENABLE_PROGRAM_CONSTRUCTION_FROM_ARRAY_COMPATIBILITY) + } + + object_ = ::clCreateProgramWithSource( + context(), (cl_uint)n, strings.data(), lengths.data(), &error); + + detail::errHandler(error, __CREATE_PROGRAM_WITH_SOURCE_ERR); + if (err != NULL) { + *err = error; + } + } + + /** + * Create a program from a vector of source strings and a provided context. + * Does not compile or link the program. + */ + Program( + const Context& context, + const Sources& sources, + cl_int* err = NULL) + { + cl_int error; + + const size_type n = (size_type)sources.size(); + + vector lengths(n); + vector strings(n); + + for (size_type i = 0; i < n; ++i) { +#if !defined(CL_HPP_ENABLE_PROGRAM_CONSTRUCTION_FROM_ARRAY_COMPATIBILITY) + strings[i] = sources[(int)i].data(); + lengths[i] = sources[(int)i].length(); +#else // #if !defined(CL_HPP_ENABLE_PROGRAM_CONSTRUCTION_FROM_ARRAY_COMPATIBILITY) + strings[i] = sources[(int)i].first; + lengths[i] = sources[(int)i].second; +#endif // #if !defined(CL_HPP_ENABLE_PROGRAM_CONSTRUCTION_FROM_ARRAY_COMPATIBILITY) + } + + object_ = ::clCreateProgramWithSource( + context(), (cl_uint)n, strings.data(), lengths.data(), &error); + + detail::errHandler(error, __CREATE_PROGRAM_WITH_SOURCE_ERR); + if (err != NULL) { + *err = error; + } + } + + /** + * Construct a program object from a list of devices and a per-device list of binaries. + * \param context A valid OpenCL context in which to construct the program. + * \param devices A vector of OpenCL device objects for which the program will be created. + * \param binaries A vector of pairs of a pointer to a binary object and its length. + * \param binaryStatus An optional vector that on completion will be resized to + * match the size of binaries and filled with values to specify if each binary + * was successfully loaded. + * Set to CL_SUCCESS if the binary was successfully loaded. + * Set to CL_INVALID_VALUE if the length is 0 or the binary pointer is NULL. + * Set to CL_INVALID_BINARY if the binary provided is not valid for the matching device. + * \param err if non-NULL will be set to CL_SUCCESS on successful operation or one of the following errors: + * CL_INVALID_CONTEXT if context is not a valid context. + * CL_INVALID_VALUE if the length of devices is zero; or if the length of binaries does not match the length of devices; + * or if any entry in binaries is NULL or has length 0. + * CL_INVALID_DEVICE if OpenCL devices listed in devices are not in the list of devices associated with context. + * CL_INVALID_BINARY if an invalid program binary was encountered for any device. binaryStatus will return specific status for each device. + * CL_OUT_OF_HOST_MEMORY if there is a failure to allocate resources required by the OpenCL implementation on the host. + */ + Program( + const Context& context, + const vector& devices, + const Binaries& binaries, + vector* binaryStatus = NULL, + cl_int* err = NULL) + { + cl_int error; + + const size_type numDevices = devices.size(); + + // Catch size mismatch early and return + if(binaries.size() != numDevices) { + error = CL_INVALID_VALUE; + detail::errHandler(error, __CREATE_PROGRAM_WITH_BINARY_ERR); + if (err != NULL) { + *err = error; + } + return; + } + + + vector lengths(numDevices); + vector images(numDevices); +#if !defined(CL_HPP_ENABLE_PROGRAM_CONSTRUCTION_FROM_ARRAY_COMPATIBILITY) + for (size_type i = 0; i < numDevices; ++i) { + images[i] = binaries[i].data(); + lengths[i] = binaries[(int)i].size(); + } +#else // #if !defined(CL_HPP_ENABLE_PROGRAM_CONSTRUCTION_FROM_ARRAY_COMPATIBILITY) + for (size_type i = 0; i < numDevices; ++i) { + images[i] = (const unsigned char*)binaries[i].first; + lengths[i] = binaries[(int)i].second; + } +#endif // #if !defined(CL_HPP_ENABLE_PROGRAM_CONSTRUCTION_FROM_ARRAY_COMPATIBILITY) + + vector deviceIDs(numDevices); + for( size_type deviceIndex = 0; deviceIndex < numDevices; ++deviceIndex ) { + deviceIDs[deviceIndex] = (devices[deviceIndex])(); + } + + if(binaryStatus) { + binaryStatus->resize(numDevices); + } + + object_ = ::clCreateProgramWithBinary( + context(), (cl_uint) devices.size(), + deviceIDs.data(), + lengths.data(), images.data(), (binaryStatus != NULL && numDevices > 0) + ? &binaryStatus->front() + : NULL, &error); + + detail::errHandler(error, __CREATE_PROGRAM_WITH_BINARY_ERR); + if (err != NULL) { + *err = error; + } + } + + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 + /** + * Create program using builtin kernels. + * \param kernelNames Semi-colon separated list of builtin kernel names + */ + Program( + const Context& context, + const vector& devices, + const string& kernelNames, + cl_int* err = NULL) + { + cl_int error; + + + size_type numDevices = devices.size(); + vector deviceIDs(numDevices); + for( size_type deviceIndex = 0; deviceIndex < numDevices; ++deviceIndex ) { + deviceIDs[deviceIndex] = (devices[deviceIndex])(); + } + + object_ = ::clCreateProgramWithBuiltInKernels( + context(), + (cl_uint) devices.size(), + deviceIDs.data(), + kernelNames.c_str(), + &error); + + detail::errHandler(error, __CREATE_PROGRAM_WITH_BUILT_IN_KERNELS_ERR); + if (err != NULL) { + *err = error; + } + } +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 + + Program() { } + + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + */ + explicit Program(const cl_program& program, bool retainObject = false) : + detail::Wrapper(program, retainObject) { } + + Program& operator = (const cl_program& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + Program(const Program& program) : detail::Wrapper(program) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + Program& operator = (const Program &program) + { + detail::Wrapper::operator=(program); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + Program(Program&& program) CL_HPP_NOEXCEPT_ : detail::Wrapper(std::move(program)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + Program& operator = (Program &&program) + { + detail::Wrapper::operator=(std::move(program)); + return *this; + } + + cl_int build( + const vector& devices, + const char* options = NULL, + void (CL_CALLBACK * notifyFptr)(cl_program, void *) = NULL, + void* data = NULL) const + { + size_type numDevices = devices.size(); + vector deviceIDs(numDevices); + + for( size_type deviceIndex = 0; deviceIndex < numDevices; ++deviceIndex ) { + deviceIDs[deviceIndex] = (devices[deviceIndex])(); + } + + cl_int buildError = ::clBuildProgram( + object_, + (cl_uint) + devices.size(), + deviceIDs.data(), + options, + notifyFptr, + data); + + return detail::buildErrHandler(buildError, __BUILD_PROGRAM_ERR, getBuildInfo()); + } + + cl_int build( + const char* options = NULL, + void (CL_CALLBACK * notifyFptr)(cl_program, void *) = NULL, + void* data = NULL) const + { + cl_int buildError = ::clBuildProgram( + object_, + 0, + NULL, + options, + notifyFptr, + data); + + + return detail::buildErrHandler(buildError, __BUILD_PROGRAM_ERR, getBuildInfo()); + } + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 + cl_int compile( + const char* options = NULL, + void (CL_CALLBACK * notifyFptr)(cl_program, void *) = NULL, + void* data = NULL) const + { + cl_int error = ::clCompileProgram( + object_, + 0, + NULL, + options, + 0, + NULL, + NULL, + notifyFptr, + data); + return detail::buildErrHandler(error, __COMPILE_PROGRAM_ERR, getBuildInfo()); + } +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 + + template + cl_int getInfo(cl_program_info name, T* param) const + { + return detail::errHandler( + detail::getInfo(&::clGetProgramInfo, object_, name, param), + __GET_PROGRAM_INFO_ERR); + } + + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_program_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + template + cl_int getBuildInfo( + const Device& device, cl_program_build_info name, T* param) const + { + return detail::errHandler( + detail::getInfo( + &::clGetProgramBuildInfo, object_, device(), name, param), + __GET_PROGRAM_BUILD_INFO_ERR); + } + + template typename + detail::param_traits::param_type + getBuildInfo(const Device& device, cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_program_build_info, name>::param_type param; + cl_int result = getBuildInfo(device, name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + /** + * Build info function that returns a vector of device/info pairs for the specified + * info type and for all devices in the program. + * On an error reading the info for any device, an empty vector of info will be returned. + */ + template + vector::param_type>> + getBuildInfo(cl_int *err = NULL) const + { + cl_int result = CL_SUCCESS; + + auto devs = getInfo(&result); + vector::param_type>> + devInfo; + + // If there was an initial error from getInfo return the error + if (result != CL_SUCCESS) { + if (err != NULL) { + *err = result; + } + return devInfo; + } + + for (cl::Device d : devs) { + typename detail::param_traits< + detail::cl_program_build_info, name>::param_type param; + result = getBuildInfo(d, name, ¶m); + devInfo.push_back( + std::pair::param_type> + (d, param)); + if (result != CL_SUCCESS) { + // On error, leave the loop and return the error code + break; + } + } + if (err != NULL) { + *err = result; + } + if (result != CL_SUCCESS) { + devInfo.clear(); + } + return devInfo; + } + + cl_int createKernels(vector* kernels) + { + cl_uint numKernels; + cl_int err = ::clCreateKernelsInProgram(object_, 0, NULL, &numKernels); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __CREATE_KERNELS_IN_PROGRAM_ERR); + } + + vector value(numKernels); + + err = ::clCreateKernelsInProgram( + object_, numKernels, value.data(), NULL); + if (err != CL_SUCCESS) { + return detail::errHandler(err, __CREATE_KERNELS_IN_PROGRAM_ERR); + } + + if (kernels) { + kernels->resize(value.size()); + + // Assign to param, constructing with retain behaviour + // to correctly capture each underlying CL object + for (size_type i = 0; i < value.size(); i++) { + // We do not need to retain because this kernel is being created + // by the runtime + (*kernels)[i] = Kernel(value[i], false); + } + } + return CL_SUCCESS; + } +}; + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 +inline Program linkProgram( + Program input1, + Program input2, + const char* options = NULL, + void (CL_CALLBACK * notifyFptr)(cl_program, void *) = NULL, + void* data = NULL, + cl_int* err = NULL) +{ + cl_int error_local = CL_SUCCESS; + + cl_program programs[2] = { input1(), input2() }; + + Context ctx = input1.getInfo(&error_local); + if(error_local!=CL_SUCCESS) { + detail::errHandler(error_local, __LINK_PROGRAM_ERR); + } + + cl_program prog = ::clLinkProgram( + ctx(), + 0, + NULL, + options, + 2, + programs, + notifyFptr, + data, + &error_local); + + detail::errHandler(error_local,__COMPILE_PROGRAM_ERR); + if (err != NULL) { + *err = error_local; + } + + return Program(prog); +} + +inline Program linkProgram( + vector inputPrograms, + const char* options = NULL, + void (CL_CALLBACK * notifyFptr)(cl_program, void *) = NULL, + void* data = NULL, + cl_int* err = NULL) +{ + cl_int error_local = CL_SUCCESS; + + vector programs(inputPrograms.size()); + + for (unsigned int i = 0; i < inputPrograms.size(); i++) { + programs[i] = inputPrograms[i](); + } + + Context ctx; + if(inputPrograms.size() > 0) { + ctx = inputPrograms[0].getInfo(&error_local); + if(error_local!=CL_SUCCESS) { + detail::errHandler(error_local, __LINK_PROGRAM_ERR); + } + } + cl_program prog = ::clLinkProgram( + ctx(), + 0, + NULL, + options, + (cl_uint)inputPrograms.size(), + programs.data(), + notifyFptr, + data, + &error_local); + + detail::errHandler(error_local,__COMPILE_PROGRAM_ERR); + if (err != NULL) { + *err = error_local; + } + + return Program(prog, false); +} +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 + +// Template specialization for CL_PROGRAM_BINARIES +template <> +inline cl_int cl::Program::getInfo(cl_program_info name, vector>* param) const +{ + if (name != CL_PROGRAM_BINARIES) { + return CL_INVALID_VALUE; + } + if (param) { + // Resize the parameter array appropriately for each allocation + // and pass down to the helper + + vector sizes = getInfo(); + size_type numBinaries = sizes.size(); + + // Resize the parameter array and constituent arrays + param->resize(numBinaries); + for (size_type i = 0; i < numBinaries; ++i) { + (*param)[i].resize(sizes[i]); + } + + return detail::errHandler( + detail::getInfo(&::clGetProgramInfo, object_, name, param), + __GET_PROGRAM_INFO_ERR); + } + + return CL_SUCCESS; +} + +template<> +inline vector> cl::Program::getInfo(cl_int* err) const +{ + vector> binariesVectors; + + cl_int result = getInfo(CL_PROGRAM_BINARIES, &binariesVectors); + if (err != NULL) { + *err = result; + } + return binariesVectors; +} + +inline Kernel::Kernel(const Program& program, const char* name, cl_int* err) +{ + cl_int error; + + object_ = ::clCreateKernel(program(), name, &error); + detail::errHandler(error, __CREATE_KERNEL_ERR); + + if (err != NULL) { + *err = error; + } + +} + +enum class QueueProperties : cl_command_queue_properties +{ + None = 0, + Profiling = CL_QUEUE_PROFILING_ENABLE, + OutOfOrder = CL_QUEUE_OUT_OF_ORDER_EXEC_MODE_ENABLE, +}; + +inline QueueProperties operator|(QueueProperties lhs, QueueProperties rhs) +{ + return static_cast(static_cast(lhs) | static_cast(rhs)); +} + +/*! \class CommandQueue + * \brief CommandQueue interface for cl_command_queue. + */ +class CommandQueue : public detail::Wrapper +{ +private: + static std::once_flag default_initialized_; + static CommandQueue default_; + static cl_int default_error_; + + /*! \brief Create the default command queue returned by @ref getDefault. + * + * It sets default_error_ to indicate success or failure. It does not throw + * @c cl::Error. + */ + static void makeDefault() + { + /* We don't want to throw an error from this function, so we have to + * catch and set the error flag. + */ +#if defined(CL_HPP_ENABLE_EXCEPTIONS) + try +#endif + { + int error; + Context context = Context::getDefault(&error); + + if (error != CL_SUCCESS) { + default_error_ = error; + } + else { + Device device = Device::getDefault(); + default_ = CommandQueue(context, device, 0, &default_error_); + } + } +#if defined(CL_HPP_ENABLE_EXCEPTIONS) + catch (cl::Error &e) { + default_error_ = e.err(); + } +#endif + } + + /*! \brief Create the default command queue. + * + * This sets @c default_. It does not throw + * @c cl::Error. + */ + static void makeDefaultProvided(const CommandQueue &c) { + default_ = c; + } + +public: +#ifdef CL_HPP_UNIT_TEST_ENABLE + /*! \brief Reset the default. + * + * This sets @c default_ to an empty value to support cleanup in + * the unit test framework. + * This function is not thread safe. + */ + static void unitTestClearDefault() { + default_ = CommandQueue(); + } +#endif // #ifdef CL_HPP_UNIT_TEST_ENABLE + + + /*! + * \brief Constructs a CommandQueue based on passed properties. + * Will return an CL_INVALID_QUEUE_PROPERTIES error if CL_QUEUE_ON_DEVICE is specified. + */ + CommandQueue( + cl_command_queue_properties properties, + cl_int* err = NULL) + { + cl_int error; + + Context context = Context::getDefault(&error); + detail::errHandler(error, __CREATE_CONTEXT_ERR); + + if (error != CL_SUCCESS) { + if (err != NULL) { + *err = error; + } + } + else { + Device device = context.getInfo()[0]; + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + cl_queue_properties queue_properties[] = { + CL_QUEUE_PROPERTIES, properties, 0 }; + if ((properties & CL_QUEUE_ON_DEVICE) == 0) { + object_ = ::clCreateCommandQueueWithProperties( + context(), device(), queue_properties, &error); + } + else { + error = CL_INVALID_QUEUE_PROPERTIES; + } + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_WITH_PROPERTIES_ERR); + if (err != NULL) { + *err = error; + } +#else + object_ = ::clCreateCommandQueue( + context(), device(), properties, &error); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_ERR); + if (err != NULL) { + *err = error; + } +#endif + } + } + + /*! + * \brief Constructs a CommandQueue based on passed properties. + * Will return an CL_INVALID_QUEUE_PROPERTIES error if CL_QUEUE_ON_DEVICE is specified. + */ + CommandQueue( + QueueProperties properties, + cl_int* err = NULL) + { + cl_int error; + + Context context = Context::getDefault(&error); + detail::errHandler(error, __CREATE_CONTEXT_ERR); + + if (error != CL_SUCCESS) { + if (err != NULL) { + *err = error; + } + } + else { + Device device = context.getInfo()[0]; + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + cl_queue_properties queue_properties[] = { + CL_QUEUE_PROPERTIES, static_cast(properties), 0 }; + + object_ = ::clCreateCommandQueueWithProperties( + context(), device(), queue_properties, &error); + + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_WITH_PROPERTIES_ERR); + if (err != NULL) { + *err = error; + } +#else + object_ = ::clCreateCommandQueue( + context(), device(), static_cast(properties), &error); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_ERR); + if (err != NULL) { + *err = error; + } +#endif + } + } + + /*! + * \brief Constructs a CommandQueue for an implementation defined device in the given context + * Will return an CL_INVALID_QUEUE_PROPERTIES error if CL_QUEUE_ON_DEVICE is specified. + */ + explicit CommandQueue( + const Context& context, + cl_command_queue_properties properties = 0, + cl_int* err = NULL) + { + cl_int error; + vector devices; + error = context.getInfo(CL_CONTEXT_DEVICES, &devices); + + detail::errHandler(error, __CREATE_CONTEXT_ERR); + + if (error != CL_SUCCESS) + { + if (err != NULL) { + *err = error; + } + return; + } + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + cl_queue_properties queue_properties[] = { + CL_QUEUE_PROPERTIES, properties, 0 }; + if ((properties & CL_QUEUE_ON_DEVICE) == 0) { + object_ = ::clCreateCommandQueueWithProperties( + context(), devices[0](), queue_properties, &error); + } + else { + error = CL_INVALID_QUEUE_PROPERTIES; + } + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_WITH_PROPERTIES_ERR); + if (err != NULL) { + *err = error; + } +#else + object_ = ::clCreateCommandQueue( + context(), devices[0](), properties, &error); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_ERR); + if (err != NULL) { + *err = error; + } +#endif + + } + + /*! + * \brief Constructs a CommandQueue for an implementation defined device in the given context + * Will return an CL_INVALID_QUEUE_PROPERTIES error if CL_QUEUE_ON_DEVICE is specified. + */ + explicit CommandQueue( + const Context& context, + QueueProperties properties, + cl_int* err = NULL) + { + cl_int error; + vector devices; + error = context.getInfo(CL_CONTEXT_DEVICES, &devices); + + detail::errHandler(error, __CREATE_CONTEXT_ERR); + + if (error != CL_SUCCESS) + { + if (err != NULL) { + *err = error; + } + return; + } + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + cl_queue_properties queue_properties[] = { + CL_QUEUE_PROPERTIES, static_cast(properties), 0 }; + object_ = ::clCreateCommandQueueWithProperties( + context(), devices[0](), queue_properties, &error); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_WITH_PROPERTIES_ERR); + if (err != NULL) { + *err = error; + } +#else + object_ = ::clCreateCommandQueue( + context(), devices[0](), static_cast(properties), &error); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_ERR); + if (err != NULL) { + *err = error; + } +#endif + + } + + /*! + * \brief Constructs a CommandQueue for a passed device and context + * Will return an CL_INVALID_QUEUE_PROPERTIES error if CL_QUEUE_ON_DEVICE is specified. + */ + CommandQueue( + const Context& context, + const Device& device, + cl_command_queue_properties properties = 0, + cl_int* err = NULL) + { + cl_int error; + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + cl_queue_properties queue_properties[] = { + CL_QUEUE_PROPERTIES, properties, 0 }; + object_ = ::clCreateCommandQueueWithProperties( + context(), device(), queue_properties, &error); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_WITH_PROPERTIES_ERR); + if (err != NULL) { + *err = error; + } +#else + object_ = ::clCreateCommandQueue( + context(), device(), properties, &error); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_ERR); + if (err != NULL) { + *err = error; + } +#endif + } + + /*! + * \brief Constructs a CommandQueue for a passed device and context + * Will return an CL_INVALID_QUEUE_PROPERTIES error if CL_QUEUE_ON_DEVICE is specified. + */ + CommandQueue( + const Context& context, + const Device& device, + QueueProperties properties, + cl_int* err = NULL) + { + cl_int error; + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + cl_queue_properties queue_properties[] = { + CL_QUEUE_PROPERTIES, static_cast(properties), 0 }; + object_ = ::clCreateCommandQueueWithProperties( + context(), device(), queue_properties, &error); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_WITH_PROPERTIES_ERR); + if (err != NULL) { + *err = error; + } +#else + object_ = ::clCreateCommandQueue( + context(), device(), static_cast(properties), &error); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_ERR); + if (err != NULL) { + *err = error; + } +#endif + } + + static CommandQueue getDefault(cl_int * err = NULL) + { + std::call_once(default_initialized_, makeDefault); +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + detail::errHandler(default_error_, __CREATE_COMMAND_QUEUE_WITH_PROPERTIES_ERR); +#else // CL_HPP_TARGET_OPENCL_VERSION >= 200 + detail::errHandler(default_error_, __CREATE_COMMAND_QUEUE_ERR); +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 200 + if (err != NULL) { + *err = default_error_; + } + return default_; + } + + /** + * Modify the default command queue to be used by + * subsequent operations. + * Will only set the default if no default was previously created. + * @return updated default command queue. + * Should be compared to the passed value to ensure that it was updated. + */ + static CommandQueue setDefault(const CommandQueue &default_queue) + { + std::call_once(default_initialized_, makeDefaultProvided, std::cref(default_queue)); + detail::errHandler(default_error_); + return default_; + } + + CommandQueue() { } + + + /*! \brief Constructor from cl_mem - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + */ + explicit CommandQueue(const cl_command_queue& commandQueue, bool retainObject = false) : + detail::Wrapper(commandQueue, retainObject) { } + + CommandQueue& operator = (const cl_command_queue& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + CommandQueue(const CommandQueue& queue) : detail::Wrapper(queue) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + CommandQueue& operator = (const CommandQueue &queue) + { + detail::Wrapper::operator=(queue); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + CommandQueue(CommandQueue&& queue) CL_HPP_NOEXCEPT_ : detail::Wrapper(std::move(queue)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + CommandQueue& operator = (CommandQueue &&queue) + { + detail::Wrapper::operator=(std::move(queue)); + return *this; + } + + template + cl_int getInfo(cl_command_queue_info name, T* param) const + { + return detail::errHandler( + detail::getInfo( + &::clGetCommandQueueInfo, object_, name, param), + __GET_COMMAND_QUEUE_INFO_ERR); + } + + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_command_queue_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + cl_int enqueueReadBuffer( + const Buffer& buffer, + cl_bool blocking, + size_type offset, + size_type size, + void* ptr, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueReadBuffer( + object_, buffer(), blocking, offset, size, + ptr, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_READ_BUFFER_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueWriteBuffer( + const Buffer& buffer, + cl_bool blocking, + size_type offset, + size_type size, + const void* ptr, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueWriteBuffer( + object_, buffer(), blocking, offset, size, + ptr, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_WRITE_BUFFER_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueCopyBuffer( + const Buffer& src, + const Buffer& dst, + size_type src_offset, + size_type dst_offset, + size_type size, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueCopyBuffer( + object_, src(), dst(), src_offset, dst_offset, size, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQEUE_COPY_BUFFER_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueReadBufferRect( + const Buffer& buffer, + cl_bool blocking, + const array& buffer_offset, + const array& host_offset, + const array& region, + size_type buffer_row_pitch, + size_type buffer_slice_pitch, + size_type host_row_pitch, + size_type host_slice_pitch, + void *ptr, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueReadBufferRect( + object_, + buffer(), + blocking, + buffer_offset.data(), + host_offset.data(), + region.data(), + buffer_row_pitch, + buffer_slice_pitch, + host_row_pitch, + host_slice_pitch, + ptr, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_READ_BUFFER_RECT_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueWriteBufferRect( + const Buffer& buffer, + cl_bool blocking, + const array& buffer_offset, + const array& host_offset, + const array& region, + size_type buffer_row_pitch, + size_type buffer_slice_pitch, + size_type host_row_pitch, + size_type host_slice_pitch, + const void *ptr, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueWriteBufferRect( + object_, + buffer(), + blocking, + buffer_offset.data(), + host_offset.data(), + region.data(), + buffer_row_pitch, + buffer_slice_pitch, + host_row_pitch, + host_slice_pitch, + ptr, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_WRITE_BUFFER_RECT_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueCopyBufferRect( + const Buffer& src, + const Buffer& dst, + const array& src_origin, + const array& dst_origin, + const array& region, + size_type src_row_pitch, + size_type src_slice_pitch, + size_type dst_row_pitch, + size_type dst_slice_pitch, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueCopyBufferRect( + object_, + src(), + dst(), + src_origin.data(), + dst_origin.data(), + region.data(), + src_row_pitch, + src_slice_pitch, + dst_row_pitch, + dst_slice_pitch, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQEUE_COPY_BUFFER_RECT_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 + /** + * Enqueue a command to fill a buffer object with a pattern + * of a given size. The pattern is specified as a vector type. + * \tparam PatternType The datatype of the pattern field. + * The pattern type must be an accepted OpenCL data type. + * \tparam offset Is the offset in bytes into the buffer at + * which to start filling. This must be a multiple of + * the pattern size. + * \tparam size Is the size in bytes of the region to fill. + * This must be a multiple of the pattern size. + */ + template + cl_int enqueueFillBuffer( + const Buffer& buffer, + PatternType pattern, + size_type offset, + size_type size, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueFillBuffer( + object_, + buffer(), + static_cast(&pattern), + sizeof(PatternType), + offset, + size, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_FILL_BUFFER_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 + + cl_int enqueueReadImage( + const Image& image, + cl_bool blocking, + const array& origin, + const array& region, + size_type row_pitch, + size_type slice_pitch, + void* ptr, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueReadImage( + object_, + image(), + blocking, + origin.data(), + region.data(), + row_pitch, + slice_pitch, + ptr, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_READ_IMAGE_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueWriteImage( + const Image& image, + cl_bool blocking, + const array& origin, + const array& region, + size_type row_pitch, + size_type slice_pitch, + const void* ptr, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueWriteImage( + object_, + image(), + blocking, + origin.data(), + region.data(), + row_pitch, + slice_pitch, + ptr, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_WRITE_IMAGE_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueCopyImage( + const Image& src, + const Image& dst, + const array& src_origin, + const array& dst_origin, + const array& region, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueCopyImage( + object_, + src(), + dst(), + src_origin.data(), + dst_origin.data(), + region.data(), + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_COPY_IMAGE_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 + /** + * Enqueue a command to fill an image object with a specified color. + * \param fillColor is the color to use to fill the image. + * This is a four component RGBA floating-point color value if + * the image channel data type is not an unnormalized signed or + * unsigned data type. + */ + cl_int enqueueFillImage( + const Image& image, + cl_float4 fillColor, + const array& origin, + const array& region, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueFillImage( + object_, + image(), + static_cast(&fillColor), + origin.data(), + region.data(), + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_FILL_IMAGE_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + /** + * Enqueue a command to fill an image object with a specified color. + * \param fillColor is the color to use to fill the image. + * This is a four component RGBA signed integer color value if + * the image channel data type is an unnormalized signed integer + * type. + */ + cl_int enqueueFillImage( + const Image& image, + cl_int4 fillColor, + const array& origin, + const array& region, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueFillImage( + object_, + image(), + static_cast(&fillColor), + origin.data(), + region.data(), + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_FILL_IMAGE_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + /** + * Enqueue a command to fill an image object with a specified color. + * \param fillColor is the color to use to fill the image. + * This is a four component RGBA unsigned integer color value if + * the image channel data type is an unnormalized unsigned integer + * type. + */ + cl_int enqueueFillImage( + const Image& image, + cl_uint4 fillColor, + const array& origin, + const array& region, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueFillImage( + object_, + image(), + static_cast(&fillColor), + origin.data(), + region.data(), + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_FILL_IMAGE_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 + + cl_int enqueueCopyImageToBuffer( + const Image& src, + const Buffer& dst, + const array& src_origin, + const array& region, + size_type dst_offset, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueCopyImageToBuffer( + object_, + src(), + dst(), + src_origin.data(), + region.data(), + dst_offset, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_COPY_IMAGE_TO_BUFFER_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueCopyBufferToImage( + const Buffer& src, + const Image& dst, + size_type src_offset, + const array& dst_origin, + const array& region, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueCopyBufferToImage( + object_, + src(), + dst(), + src_offset, + dst_origin.data(), + region.data(), + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_COPY_BUFFER_TO_IMAGE_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + void* enqueueMapBuffer( + const Buffer& buffer, + cl_bool blocking, + cl_map_flags flags, + size_type offset, + size_type size, + const vector* events = NULL, + Event* event = NULL, + cl_int* err = NULL) const + { + cl_event tmp; + cl_int error; + void * result = ::clEnqueueMapBuffer( + object_, buffer(), blocking, flags, offset, size, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL, + &error); + + detail::errHandler(error, __ENQUEUE_MAP_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + if (event != NULL && error == CL_SUCCESS) + *event = tmp; + + return result; + } + + void* enqueueMapImage( + const Image& buffer, + cl_bool blocking, + cl_map_flags flags, + const array& origin, + const array& region, + size_type * row_pitch, + size_type * slice_pitch, + const vector* events = NULL, + Event* event = NULL, + cl_int* err = NULL) const + { + cl_event tmp; + cl_int error; + void * result = ::clEnqueueMapImage( + object_, buffer(), blocking, flags, + origin.data(), + region.data(), + row_pitch, slice_pitch, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL, + &error); + + detail::errHandler(error, __ENQUEUE_MAP_IMAGE_ERR); + if (err != NULL) { + *err = error; + } + if (event != NULL && error == CL_SUCCESS) + *event = tmp; + return result; + } + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + /** + * Enqueues a command that will allow the host to update a region of a coarse-grained SVM buffer. + * This variant takes a raw SVM pointer. + */ + template + cl_int enqueueMapSVM( + T* ptr, + cl_bool blocking, + cl_map_flags flags, + size_type size, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler(::clEnqueueSVMMap( + object_, blocking, flags, static_cast(ptr), size, + (events != NULL) ? (cl_uint)events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*)&events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_MAP_BUFFER_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + + /** + * Enqueues a command that will allow the host to update a region of a coarse-grained SVM buffer. + * This variant takes a cl::pointer instance. + */ + template + cl_int enqueueMapSVM( + cl::pointer &ptr, + cl_bool blocking, + cl_map_flags flags, + size_type size, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler(::clEnqueueSVMMap( + object_, blocking, flags, static_cast(ptr.get()), size, + (events != NULL) ? (cl_uint)events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*)&events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_MAP_BUFFER_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + /** + * Enqueues a command that will allow the host to update a region of a coarse-grained SVM buffer. + * This variant takes a cl::vector instance. + */ + template + cl_int enqueueMapSVM( + cl::vector &container, + cl_bool blocking, + cl_map_flags flags, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler(::clEnqueueSVMMap( + object_, blocking, flags, static_cast(container.data()), container.size(), + (events != NULL) ? (cl_uint)events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*)&events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_MAP_BUFFER_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } +#endif // #if CL_HPP_TARGET_OPENCL_VERSION >= 200 + + cl_int enqueueUnmapMemObject( + const Memory& memory, + void* mapped_ptr, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueUnmapMemObject( + object_, memory(), mapped_ptr, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_UNMAP_MEM_OBJECT_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + /** + * Enqueues a command that will release a coarse-grained SVM buffer back to the OpenCL runtime. + * This variant takes a raw SVM pointer. + */ + template + cl_int enqueueUnmapSVM( + T* ptr, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueSVMUnmap( + object_, static_cast(ptr), + (events != NULL) ? (cl_uint)events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*)&events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_UNMAP_MEM_OBJECT_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + /** + * Enqueues a command that will release a coarse-grained SVM buffer back to the OpenCL runtime. + * This variant takes a cl::pointer instance. + */ + template + cl_int enqueueUnmapSVM( + cl::pointer &ptr, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueSVMUnmap( + object_, static_cast(ptr.get()), + (events != NULL) ? (cl_uint)events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*)&events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_UNMAP_MEM_OBJECT_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + /** + * Enqueues a command that will release a coarse-grained SVM buffer back to the OpenCL runtime. + * This variant takes a cl::vector instance. + */ + template + cl_int enqueueUnmapSVM( + cl::vector &container, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueSVMUnmap( + object_, static_cast(container.data()), + (events != NULL) ? (cl_uint)events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*)&events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_UNMAP_MEM_OBJECT_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } +#endif // #if CL_HPP_TARGET_OPENCL_VERSION >= 200 + +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 + /** + * Enqueues a marker command which waits for either a list of events to complete, + * or all previously enqueued commands to complete. + * + * Enqueues a marker command which waits for either a list of events to complete, + * or if the list is empty it waits for all commands previously enqueued in command_queue + * to complete before it completes. This command returns an event which can be waited on, + * i.e. this event can be waited on to insure that all events either in the event_wait_list + * or all previously enqueued commands, queued before this command to command_queue, + * have completed. + */ + cl_int enqueueMarkerWithWaitList( + const vector *events = 0, + Event *event = 0) + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueMarkerWithWaitList( + object_, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_MARKER_WAIT_LIST_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + /** + * A synchronization point that enqueues a barrier operation. + * + * Enqueues a barrier command which waits for either a list of events to complete, + * or if the list is empty it waits for all commands previously enqueued in command_queue + * to complete before it completes. This command blocks command execution, that is, any + * following commands enqueued after it do not execute until it completes. This command + * returns an event which can be waited on, i.e. this event can be waited on to insure that + * all events either in the event_wait_list or all previously enqueued commands, queued + * before this command to command_queue, have completed. + */ + cl_int enqueueBarrierWithWaitList( + const vector *events = 0, + Event *event = 0) + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueBarrierWithWaitList( + object_, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_BARRIER_WAIT_LIST_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + /** + * Enqueues a command to indicate with which device a set of memory objects + * should be associated. + */ + cl_int enqueueMigrateMemObjects( + const vector &memObjects, + cl_mem_migration_flags flags, + const vector* events = NULL, + Event* event = NULL + ) + { + cl_event tmp; + + vector localMemObjects(memObjects.size()); + + for( int i = 0; i < (int)memObjects.size(); ++i ) { + localMemObjects[i] = memObjects[i](); + } + + + cl_int err = detail::errHandler( + ::clEnqueueMigrateMemObjects( + object_, + (cl_uint)memObjects.size(), + localMemObjects.data(), + flags, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_UNMAP_MEM_OBJECT_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 + + cl_int enqueueNDRangeKernel( + const Kernel& kernel, + const NDRange& offset, + const NDRange& global, + const NDRange& local = NullRange, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueNDRangeKernel( + object_, kernel(), (cl_uint) global.dimensions(), + offset.dimensions() != 0 ? (const size_type*) offset : NULL, + (const size_type*) global, + local.dimensions() != 0 ? (const size_type*) local : NULL, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_NDRANGE_KERNEL_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + +#if defined(CL_USE_DEPRECATED_OPENCL_1_2_APIS) + CL_EXT_PREFIX__VERSION_1_2_DEPRECATED cl_int enqueueTask( + const Kernel& kernel, + const vector* events = NULL, + Event* event = NULL) const CL_EXT_SUFFIX__VERSION_1_2_DEPRECATED + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueTask( + object_, kernel(), + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_TASK_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } +#endif // #if defined(CL_USE_DEPRECATED_OPENCL_1_2_APIS) + + cl_int enqueueNativeKernel( + void (CL_CALLBACK *userFptr)(void *), + std::pair args, + const vector* mem_objects = NULL, + const vector* mem_locs = NULL, + const vector* events = NULL, + Event* event = NULL) const + { + size_type elements = 0; + if (mem_objects != NULL) { + elements = mem_objects->size(); + } + vector mems(elements); + for (unsigned int i = 0; i < elements; i++) { + mems[i] = ((*mem_objects)[i])(); + } + + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueNativeKernel( + object_, userFptr, args.first, args.second, + (mem_objects != NULL) ? (cl_uint) mem_objects->size() : 0, + mems.data(), + (mem_locs != NULL && mem_locs->size() > 0) ? (const void **) &mem_locs->front() : NULL, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_NATIVE_KERNEL); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + +/** + * Deprecated APIs for 1.2 + */ +#if defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) + CL_EXT_PREFIX__VERSION_1_1_DEPRECATED + cl_int enqueueMarker(Event* event = NULL) const CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueMarker( + object_, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_MARKER_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + CL_EXT_PREFIX__VERSION_1_1_DEPRECATED + cl_int enqueueWaitForEvents(const vector& events) const CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED + { + return detail::errHandler( + ::clEnqueueWaitForEvents( + object_, + (cl_uint) events.size(), + events.size() > 0 ? (const cl_event*) &events.front() : NULL), + __ENQUEUE_WAIT_FOR_EVENTS_ERR); + } +#endif // defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) + + cl_int enqueueAcquireGLObjects( + const vector* mem_objects = NULL, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueAcquireGLObjects( + object_, + (mem_objects != NULL) ? (cl_uint) mem_objects->size() : 0, + (mem_objects != NULL && mem_objects->size() > 0) ? (const cl_mem *) &mem_objects->front(): NULL, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_ACQUIRE_GL_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueReleaseGLObjects( + const vector* mem_objects = NULL, + const vector* events = NULL, + Event* event = NULL) const + { + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueReleaseGLObjects( + object_, + (mem_objects != NULL) ? (cl_uint) mem_objects->size() : 0, + (mem_objects != NULL && mem_objects->size() > 0) ? (const cl_mem *) &mem_objects->front(): NULL, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_RELEASE_GL_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + +#if defined (CL_HPP_USE_DX_INTEROP) +typedef CL_API_ENTRY cl_int (CL_API_CALL *PFN_clEnqueueAcquireD3D10ObjectsKHR)( + cl_command_queue command_queue, cl_uint num_objects, + const cl_mem* mem_objects, cl_uint num_events_in_wait_list, + const cl_event* event_wait_list, cl_event* event); +typedef CL_API_ENTRY cl_int (CL_API_CALL *PFN_clEnqueueReleaseD3D10ObjectsKHR)( + cl_command_queue command_queue, cl_uint num_objects, + const cl_mem* mem_objects, cl_uint num_events_in_wait_list, + const cl_event* event_wait_list, cl_event* event); + + cl_int enqueueAcquireD3D10Objects( + const vector* mem_objects = NULL, + const vector* events = NULL, + Event* event = NULL) const + { + static PFN_clEnqueueAcquireD3D10ObjectsKHR pfn_clEnqueueAcquireD3D10ObjectsKHR = NULL; +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 + cl_context context = getInfo(); + cl::Device device(getInfo()); + cl_platform_id platform = device.getInfo(); + CL_HPP_INIT_CL_EXT_FCN_PTR_PLATFORM_(platform, clEnqueueAcquireD3D10ObjectsKHR); +#endif +#if CL_HPP_TARGET_OPENCL_VERSION >= 110 + CL_HPP_INIT_CL_EXT_FCN_PTR_(clEnqueueAcquireD3D10ObjectsKHR); +#endif + + cl_event tmp; + cl_int err = detail::errHandler( + pfn_clEnqueueAcquireD3D10ObjectsKHR( + object_, + (mem_objects != NULL) ? (cl_uint) mem_objects->size() : 0, + (mem_objects != NULL && mem_objects->size() > 0) ? (const cl_mem *) &mem_objects->front(): NULL, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_ACQUIRE_GL_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } + + cl_int enqueueReleaseD3D10Objects( + const vector* mem_objects = NULL, + const vector* events = NULL, + Event* event = NULL) const + { + static PFN_clEnqueueReleaseD3D10ObjectsKHR pfn_clEnqueueReleaseD3D10ObjectsKHR = NULL; +#if CL_HPP_TARGET_OPENCL_VERSION >= 120 + cl_context context = getInfo(); + cl::Device device(getInfo()); + cl_platform_id platform = device.getInfo(); + CL_HPP_INIT_CL_EXT_FCN_PTR_PLATFORM_(platform, clEnqueueReleaseD3D10ObjectsKHR); +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 120 +#if CL_HPP_TARGET_OPENCL_VERSION >= 110 + CL_HPP_INIT_CL_EXT_FCN_PTR_(clEnqueueReleaseD3D10ObjectsKHR); +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 110 + + cl_event tmp; + cl_int err = detail::errHandler( + pfn_clEnqueueReleaseD3D10ObjectsKHR( + object_, + (mem_objects != NULL) ? (cl_uint) mem_objects->size() : 0, + (mem_objects != NULL && mem_objects->size() > 0) ? (const cl_mem *) &mem_objects->front(): NULL, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_RELEASE_GL_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; + } +#endif + +/** + * Deprecated APIs for 1.2 + */ +#if defined(CL_USE_DEPRECATED_OPENCL_1_1_APIS) + CL_EXT_PREFIX__VERSION_1_1_DEPRECATED + cl_int enqueueBarrier() const CL_EXT_SUFFIX__VERSION_1_1_DEPRECATED + { + return detail::errHandler( + ::clEnqueueBarrier(object_), + __ENQUEUE_BARRIER_ERR); + } +#endif // CL_USE_DEPRECATED_OPENCL_1_1_APIS + + cl_int flush() const + { + return detail::errHandler(::clFlush(object_), __FLUSH_ERR); + } + + cl_int finish() const + { + return detail::errHandler(::clFinish(object_), __FINISH_ERR); + } +}; // CommandQueue + +CL_HPP_DEFINE_STATIC_MEMBER_ std::once_flag CommandQueue::default_initialized_; +CL_HPP_DEFINE_STATIC_MEMBER_ CommandQueue CommandQueue::default_; +CL_HPP_DEFINE_STATIC_MEMBER_ cl_int CommandQueue::default_error_ = CL_SUCCESS; + + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 +enum class DeviceQueueProperties : cl_command_queue_properties +{ + None = 0, + Profiling = CL_QUEUE_PROFILING_ENABLE, +}; + +inline DeviceQueueProperties operator|(DeviceQueueProperties lhs, DeviceQueueProperties rhs) +{ + return static_cast(static_cast(lhs) | static_cast(rhs)); +} + +/*! \class DeviceCommandQueue + * \brief DeviceCommandQueue interface for device cl_command_queues. + */ +class DeviceCommandQueue : public detail::Wrapper +{ +public: + + /*! + * Trivial empty constructor to create a null queue. + */ + DeviceCommandQueue() { } + + /*! + * Default construct device command queue on default context and device + */ + DeviceCommandQueue(DeviceQueueProperties properties, cl_int* err = NULL) + { + cl_int error; + cl::Context context = cl::Context::getDefault(); + cl::Device device = cl::Device::getDefault(); + + cl_command_queue_properties mergedProperties = + CL_QUEUE_OUT_OF_ORDER_EXEC_MODE_ENABLE | CL_QUEUE_ON_DEVICE | static_cast(properties); + + cl_queue_properties queue_properties[] = { + CL_QUEUE_PROPERTIES, mergedProperties, 0 }; + object_ = ::clCreateCommandQueueWithProperties( + context(), device(), queue_properties, &error); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_WITH_PROPERTIES_ERR); + if (err != NULL) { + *err = error; + } + } + + /*! + * Create a device command queue for a specified device in the passed context. + */ + DeviceCommandQueue( + const Context& context, + const Device& device, + DeviceQueueProperties properties = DeviceQueueProperties::None, + cl_int* err = NULL) + { + cl_int error; + + cl_command_queue_properties mergedProperties = + CL_QUEUE_OUT_OF_ORDER_EXEC_MODE_ENABLE | CL_QUEUE_ON_DEVICE | static_cast(properties); + cl_queue_properties queue_properties[] = { + CL_QUEUE_PROPERTIES, mergedProperties, 0 }; + object_ = ::clCreateCommandQueueWithProperties( + context(), device(), queue_properties, &error); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_WITH_PROPERTIES_ERR); + if (err != NULL) { + *err = error; + } + } + + /*! + * Create a device command queue for a specified device in the passed context. + */ + DeviceCommandQueue( + const Context& context, + const Device& device, + cl_uint queueSize, + DeviceQueueProperties properties = DeviceQueueProperties::None, + cl_int* err = NULL) + { + cl_int error; + + cl_command_queue_properties mergedProperties = + CL_QUEUE_OUT_OF_ORDER_EXEC_MODE_ENABLE | CL_QUEUE_ON_DEVICE | static_cast(properties); + cl_queue_properties queue_properties[] = { + CL_QUEUE_PROPERTIES, mergedProperties, + CL_QUEUE_SIZE, queueSize, + 0 }; + object_ = ::clCreateCommandQueueWithProperties( + context(), device(), queue_properties, &error); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_WITH_PROPERTIES_ERR); + if (err != NULL) { + *err = error; + } + } + + /*! \brief Constructor from cl_command_queue - takes ownership. + * + * \param retainObject will cause the constructor to retain its cl object. + * Defaults to false to maintain compatibility with + * earlier versions. + */ + explicit DeviceCommandQueue(const cl_command_queue& commandQueue, bool retainObject = false) : + detail::Wrapper(commandQueue, retainObject) { } + + DeviceCommandQueue& operator = (const cl_command_queue& rhs) + { + detail::Wrapper::operator=(rhs); + return *this; + } + + /*! \brief Copy constructor to forward copy to the superclass correctly. + * Required for MSVC. + */ + DeviceCommandQueue(const DeviceCommandQueue& queue) : detail::Wrapper(queue) {} + + /*! \brief Copy assignment to forward copy to the superclass correctly. + * Required for MSVC. + */ + DeviceCommandQueue& operator = (const DeviceCommandQueue &queue) + { + detail::Wrapper::operator=(queue); + return *this; + } + + /*! \brief Move constructor to forward move to the superclass correctly. + * Required for MSVC. + */ + DeviceCommandQueue(DeviceCommandQueue&& queue) CL_HPP_NOEXCEPT_ : detail::Wrapper(std::move(queue)) {} + + /*! \brief Move assignment to forward move to the superclass correctly. + * Required for MSVC. + */ + DeviceCommandQueue& operator = (DeviceCommandQueue &&queue) + { + detail::Wrapper::operator=(std::move(queue)); + return *this; + } + + template + cl_int getInfo(cl_command_queue_info name, T* param) const + { + return detail::errHandler( + detail::getInfo( + &::clGetCommandQueueInfo, object_, name, param), + __GET_COMMAND_QUEUE_INFO_ERR); + } + + template typename + detail::param_traits::param_type + getInfo(cl_int* err = NULL) const + { + typename detail::param_traits< + detail::cl_command_queue_info, name>::param_type param; + cl_int result = getInfo(name, ¶m); + if (err != NULL) { + *err = result; + } + return param; + } + + /*! + * Create a new default device command queue for the default device, + * in the default context and of the default size. + * If there is already a default queue for the specified device this + * function will return the pre-existing queue. + */ + static DeviceCommandQueue makeDefault( + cl_int *err = nullptr) + { + cl_int error; + cl::Context context = cl::Context::getDefault(); + cl::Device device = cl::Device::getDefault(); + + cl_command_queue_properties properties = + CL_QUEUE_OUT_OF_ORDER_EXEC_MODE_ENABLE | CL_QUEUE_ON_DEVICE | CL_QUEUE_ON_DEVICE_DEFAULT; + cl_queue_properties queue_properties[] = { + CL_QUEUE_PROPERTIES, properties, + 0 }; + DeviceCommandQueue deviceQueue( + ::clCreateCommandQueueWithProperties( + context(), device(), queue_properties, &error)); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_WITH_PROPERTIES_ERR); + if (err != NULL) { + *err = error; + } + + return deviceQueue; + } + + /*! + * Create a new default device command queue for the specified device + * and of the default size. + * If there is already a default queue for the specified device this + * function will return the pre-existing queue. + */ + static DeviceCommandQueue makeDefault( + const Context &context, const Device &device, cl_int *err = nullptr) + { + cl_int error; + + cl_command_queue_properties properties = + CL_QUEUE_OUT_OF_ORDER_EXEC_MODE_ENABLE | CL_QUEUE_ON_DEVICE | CL_QUEUE_ON_DEVICE_DEFAULT; + cl_queue_properties queue_properties[] = { + CL_QUEUE_PROPERTIES, properties, + 0 }; + DeviceCommandQueue deviceQueue( + ::clCreateCommandQueueWithProperties( + context(), device(), queue_properties, &error)); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_WITH_PROPERTIES_ERR); + if (err != NULL) { + *err = error; + } + + return deviceQueue; + } + + /*! + * Create a new default device command queue for the specified device + * and of the requested size in bytes. + * If there is already a default queue for the specified device this + * function will return the pre-existing queue. + */ + static DeviceCommandQueue makeDefault( + const Context &context, const Device &device, cl_uint queueSize, cl_int *err = nullptr) + { + cl_int error; + + cl_command_queue_properties properties = + CL_QUEUE_OUT_OF_ORDER_EXEC_MODE_ENABLE | CL_QUEUE_ON_DEVICE | CL_QUEUE_ON_DEVICE_DEFAULT; + cl_queue_properties queue_properties[] = { + CL_QUEUE_PROPERTIES, properties, + CL_QUEUE_SIZE, queueSize, + 0 }; + DeviceCommandQueue deviceQueue( + ::clCreateCommandQueueWithProperties( + context(), device(), queue_properties, &error)); + + detail::errHandler(error, __CREATE_COMMAND_QUEUE_WITH_PROPERTIES_ERR); + if (err != NULL) { + *err = error; + } + + return deviceQueue; + } +}; // DeviceCommandQueue + +namespace detail +{ + // Specialization for device command queue + template <> + struct KernelArgumentHandler + { + static size_type size(const cl::DeviceCommandQueue&) { return sizeof(cl_command_queue); } + static const cl_command_queue* ptr(const cl::DeviceCommandQueue& value) { return &(value()); } + }; +} // namespace detail + +#endif // #if CL_HPP_TARGET_OPENCL_VERSION >= 200 + + +template< typename IteratorType > +Buffer::Buffer( + const Context &context, + IteratorType startIterator, + IteratorType endIterator, + bool readOnly, + bool useHostPtr, + cl_int* err) +{ + typedef typename std::iterator_traits::value_type DataType; + cl_int error; + + cl_mem_flags flags = 0; + if( readOnly ) { + flags |= CL_MEM_READ_ONLY; + } + else { + flags |= CL_MEM_READ_WRITE; + } + if( useHostPtr ) { + flags |= CL_MEM_USE_HOST_PTR; + } + + size_type size = sizeof(DataType)*(endIterator - startIterator); + + if( useHostPtr ) { + object_ = ::clCreateBuffer(context(), flags, size, static_cast(&*startIterator), &error); + } else { + object_ = ::clCreateBuffer(context(), flags, size, 0, &error); + } + + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + + if( !useHostPtr ) { + CommandQueue queue(context, 0, &error); + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + + error = cl::copy(queue, startIterator, endIterator, *this); + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + } +} + +template< typename IteratorType > +Buffer::Buffer( + const CommandQueue &queue, + IteratorType startIterator, + IteratorType endIterator, + bool readOnly, + bool useHostPtr, + cl_int* err) +{ + typedef typename std::iterator_traits::value_type DataType; + cl_int error; + + cl_mem_flags flags = 0; + if (readOnly) { + flags |= CL_MEM_READ_ONLY; + } + else { + flags |= CL_MEM_READ_WRITE; + } + if (useHostPtr) { + flags |= CL_MEM_USE_HOST_PTR; + } + + size_type size = sizeof(DataType)*(endIterator - startIterator); + + Context context = queue.getInfo(); + + if (useHostPtr) { + object_ = ::clCreateBuffer(context(), flags, size, static_cast(&*startIterator), &error); + } + else { + object_ = ::clCreateBuffer(context(), flags, size, 0, &error); + } + + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + + if (!useHostPtr) { + error = cl::copy(queue, startIterator, endIterator, *this); + detail::errHandler(error, __CREATE_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + } +} + +inline cl_int enqueueReadBuffer( + const Buffer& buffer, + cl_bool blocking, + size_type offset, + size_type size, + void* ptr, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueReadBuffer(buffer, blocking, offset, size, ptr, events, event); +} + +inline cl_int enqueueWriteBuffer( + const Buffer& buffer, + cl_bool blocking, + size_type offset, + size_type size, + const void* ptr, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueWriteBuffer(buffer, blocking, offset, size, ptr, events, event); +} + +inline void* enqueueMapBuffer( + const Buffer& buffer, + cl_bool blocking, + cl_map_flags flags, + size_type offset, + size_type size, + const vector* events = NULL, + Event* event = NULL, + cl_int* err = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + detail::errHandler(error, __ENQUEUE_MAP_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + + void * result = ::clEnqueueMapBuffer( + queue(), buffer(), blocking, flags, offset, size, + (events != NULL) ? (cl_uint) events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*) &events->front() : NULL, + (cl_event*) event, + &error); + + detail::errHandler(error, __ENQUEUE_MAP_BUFFER_ERR); + if (err != NULL) { + *err = error; + } + return result; +} + + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 +/** + * Enqueues to the default queue a command that will allow the host to + * update a region of a coarse-grained SVM buffer. + * This variant takes a raw SVM pointer. + */ +template +inline cl_int enqueueMapSVM( + T* ptr, + cl_bool blocking, + cl_map_flags flags, + size_type size, + const vector* events, + Event* event) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + if (error != CL_SUCCESS) { + return detail::errHandler(error, __ENQUEUE_MAP_BUFFER_ERR); + } + + return queue.enqueueMapSVM( + ptr, blocking, flags, size, events, event); +} + +/** + * Enqueues to the default queue a command that will allow the host to + * update a region of a coarse-grained SVM buffer. + * This variant takes a cl::pointer instance. + */ +template +inline cl_int enqueueMapSVM( + cl::pointer ptr, + cl_bool blocking, + cl_map_flags flags, + size_type size, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + if (error != CL_SUCCESS) { + return detail::errHandler(error, __ENQUEUE_MAP_BUFFER_ERR); + } + + return queue.enqueueMapSVM( + ptr, blocking, flags, size, events, event); +} + +/** + * Enqueues to the default queue a command that will allow the host to + * update a region of a coarse-grained SVM buffer. + * This variant takes a cl::vector instance. + */ +template +inline cl_int enqueueMapSVM( + cl::vector container, + cl_bool blocking, + cl_map_flags flags, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + if (error != CL_SUCCESS) { + return detail::errHandler(error, __ENQUEUE_MAP_BUFFER_ERR); + } + + return queue.enqueueMapSVM( + container, blocking, flags, events, event); +} + +#endif // #if CL_HPP_TARGET_OPENCL_VERSION >= 200 + +inline cl_int enqueueUnmapMemObject( + const Memory& memory, + void* mapped_ptr, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + detail::errHandler(error, __ENQUEUE_MAP_BUFFER_ERR); + if (error != CL_SUCCESS) { + return error; + } + + cl_event tmp; + cl_int err = detail::errHandler( + ::clEnqueueUnmapMemObject( + queue(), memory(), mapped_ptr, + (events != NULL) ? (cl_uint)events->size() : 0, + (events != NULL && events->size() > 0) ? (cl_event*)&events->front() : NULL, + (event != NULL) ? &tmp : NULL), + __ENQUEUE_UNMAP_MEM_OBJECT_ERR); + + if (event != NULL && err == CL_SUCCESS) + *event = tmp; + + return err; +} + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 +/** + * Enqueues to the default queue a command that will release a coarse-grained + * SVM buffer back to the OpenCL runtime. + * This variant takes a raw SVM pointer. + */ +template +inline cl_int enqueueUnmapSVM( + T* ptr, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + if (error != CL_SUCCESS) { + return detail::errHandler(error, __ENQUEUE_UNMAP_MEM_OBJECT_ERR); + } + + return detail::errHandler(queue.enqueueUnmapSVM(ptr, events, event), + __ENQUEUE_UNMAP_MEM_OBJECT_ERR); + +} + +/** + * Enqueues to the default queue a command that will release a coarse-grained + * SVM buffer back to the OpenCL runtime. + * This variant takes a cl::pointer instance. + */ +template +inline cl_int enqueueUnmapSVM( + cl::pointer &ptr, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + if (error != CL_SUCCESS) { + return detail::errHandler(error, __ENQUEUE_UNMAP_MEM_OBJECT_ERR); + } + + return detail::errHandler(queue.enqueueUnmapSVM(ptr, events, event), + __ENQUEUE_UNMAP_MEM_OBJECT_ERR); +} + +/** + * Enqueues to the default queue a command that will release a coarse-grained + * SVM buffer back to the OpenCL runtime. + * This variant takes a cl::vector instance. + */ +template +inline cl_int enqueueUnmapSVM( + cl::vector &container, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + if (error != CL_SUCCESS) { + return detail::errHandler(error, __ENQUEUE_UNMAP_MEM_OBJECT_ERR); + } + + return detail::errHandler(queue.enqueueUnmapSVM(container, events, event), + __ENQUEUE_UNMAP_MEM_OBJECT_ERR); +} + +#endif // #if CL_HPP_TARGET_OPENCL_VERSION >= 200 + +inline cl_int enqueueCopyBuffer( + const Buffer& src, + const Buffer& dst, + size_type src_offset, + size_type dst_offset, + size_type size, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueCopyBuffer(src, dst, src_offset, dst_offset, size, events, event); +} + +/** + * Blocking copy operation between iterators and a buffer. + * Host to Device. + * Uses default command queue. + */ +template< typename IteratorType > +inline cl_int copy( IteratorType startIterator, IteratorType endIterator, cl::Buffer &buffer ) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + if (error != CL_SUCCESS) + return error; + + return cl::copy(queue, startIterator, endIterator, buffer); +} + +/** + * Blocking copy operation between iterators and a buffer. + * Device to Host. + * Uses default command queue. + */ +template< typename IteratorType > +inline cl_int copy( const cl::Buffer &buffer, IteratorType startIterator, IteratorType endIterator ) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + if (error != CL_SUCCESS) + return error; + + return cl::copy(queue, buffer, startIterator, endIterator); +} + +/** + * Blocking copy operation between iterators and a buffer. + * Host to Device. + * Uses specified queue. + */ +template< typename IteratorType > +inline cl_int copy( const CommandQueue &queue, IteratorType startIterator, IteratorType endIterator, cl::Buffer &buffer ) +{ + typedef typename std::iterator_traits::value_type DataType; + cl_int error; + + size_type length = endIterator-startIterator; + size_type byteLength = length*sizeof(DataType); + + DataType *pointer = + static_cast(queue.enqueueMapBuffer(buffer, CL_TRUE, CL_MAP_WRITE, 0, byteLength, 0, 0, &error)); + // if exceptions enabled, enqueueMapBuffer will throw + if( error != CL_SUCCESS ) { + return error; + } +#if defined(_MSC_VER) + std::copy( + startIterator, + endIterator, + stdext::checked_array_iterator( + pointer, length)); +#else + std::copy(startIterator, endIterator, pointer); +#endif + Event endEvent; + error = queue.enqueueUnmapMemObject(buffer, pointer, 0, &endEvent); + // if exceptions enabled, enqueueUnmapMemObject will throw + if( error != CL_SUCCESS ) { + return error; + } + endEvent.wait(); + return CL_SUCCESS; +} + +/** + * Blocking copy operation between iterators and a buffer. + * Device to Host. + * Uses specified queue. + */ +template< typename IteratorType > +inline cl_int copy( const CommandQueue &queue, const cl::Buffer &buffer, IteratorType startIterator, IteratorType endIterator ) +{ + typedef typename std::iterator_traits::value_type DataType; + cl_int error; + + size_type length = endIterator-startIterator; + size_type byteLength = length*sizeof(DataType); + + DataType *pointer = + static_cast(queue.enqueueMapBuffer(buffer, CL_TRUE, CL_MAP_READ, 0, byteLength, 0, 0, &error)); + // if exceptions enabled, enqueueMapBuffer will throw + if( error != CL_SUCCESS ) { + return error; + } + std::copy(pointer, pointer + length, startIterator); + Event endEvent; + error = queue.enqueueUnmapMemObject(buffer, pointer, 0, &endEvent); + // if exceptions enabled, enqueueUnmapMemObject will throw + if( error != CL_SUCCESS ) { + return error; + } + endEvent.wait(); + return CL_SUCCESS; +} + + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 +/** + * Blocking SVM map operation - performs a blocking map underneath. + */ +template +inline cl_int mapSVM(cl::vector &container) +{ + return enqueueMapSVM(container, CL_TRUE, CL_MAP_READ | CL_MAP_WRITE); +} + +/** +* Blocking SVM map operation - performs a blocking map underneath. +*/ +template +inline cl_int unmapSVM(cl::vector &container) +{ + return enqueueUnmapSVM(container); +} + +#endif // #if CL_HPP_TARGET_OPENCL_VERSION >= 200 + +#if CL_HPP_TARGET_OPENCL_VERSION >= 110 +inline cl_int enqueueReadBufferRect( + const Buffer& buffer, + cl_bool blocking, + const array& buffer_offset, + const array& host_offset, + const array& region, + size_type buffer_row_pitch, + size_type buffer_slice_pitch, + size_type host_row_pitch, + size_type host_slice_pitch, + void *ptr, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueReadBufferRect( + buffer, + blocking, + buffer_offset, + host_offset, + region, + buffer_row_pitch, + buffer_slice_pitch, + host_row_pitch, + host_slice_pitch, + ptr, + events, + event); +} + +inline cl_int enqueueWriteBufferRect( + const Buffer& buffer, + cl_bool blocking, + const array& buffer_offset, + const array& host_offset, + const array& region, + size_type buffer_row_pitch, + size_type buffer_slice_pitch, + size_type host_row_pitch, + size_type host_slice_pitch, + const void *ptr, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueWriteBufferRect( + buffer, + blocking, + buffer_offset, + host_offset, + region, + buffer_row_pitch, + buffer_slice_pitch, + host_row_pitch, + host_slice_pitch, + ptr, + events, + event); +} + +inline cl_int enqueueCopyBufferRect( + const Buffer& src, + const Buffer& dst, + const array& src_origin, + const array& dst_origin, + const array& region, + size_type src_row_pitch, + size_type src_slice_pitch, + size_type dst_row_pitch, + size_type dst_slice_pitch, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueCopyBufferRect( + src, + dst, + src_origin, + dst_origin, + region, + src_row_pitch, + src_slice_pitch, + dst_row_pitch, + dst_slice_pitch, + events, + event); +} +#endif // CL_HPP_TARGET_OPENCL_VERSION >= 110 + +inline cl_int enqueueReadImage( + const Image& image, + cl_bool blocking, + const array& origin, + const array& region, + size_type row_pitch, + size_type slice_pitch, + void* ptr, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueReadImage( + image, + blocking, + origin, + region, + row_pitch, + slice_pitch, + ptr, + events, + event); +} + +inline cl_int enqueueWriteImage( + const Image& image, + cl_bool blocking, + const array& origin, + const array& region, + size_type row_pitch, + size_type slice_pitch, + const void* ptr, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueWriteImage( + image, + blocking, + origin, + region, + row_pitch, + slice_pitch, + ptr, + events, + event); +} + +inline cl_int enqueueCopyImage( + const Image& src, + const Image& dst, + const array& src_origin, + const array& dst_origin, + const array& region, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueCopyImage( + src, + dst, + src_origin, + dst_origin, + region, + events, + event); +} + +inline cl_int enqueueCopyImageToBuffer( + const Image& src, + const Buffer& dst, + const array& src_origin, + const array& region, + size_type dst_offset, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueCopyImageToBuffer( + src, + dst, + src_origin, + region, + dst_offset, + events, + event); +} + +inline cl_int enqueueCopyBufferToImage( + const Buffer& src, + const Image& dst, + size_type src_offset, + const array& dst_origin, + const array& region, + const vector* events = NULL, + Event* event = NULL) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.enqueueCopyBufferToImage( + src, + dst, + src_offset, + dst_origin, + region, + events, + event); +} + + +inline cl_int flush(void) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + return queue.flush(); +} + +inline cl_int finish(void) +{ + cl_int error; + CommandQueue queue = CommandQueue::getDefault(&error); + + if (error != CL_SUCCESS) { + return error; + } + + + return queue.finish(); +} + +class EnqueueArgs +{ +private: + CommandQueue queue_; + const NDRange offset_; + const NDRange global_; + const NDRange local_; + vector events_; + + template + friend class KernelFunctor; + +public: + EnqueueArgs(NDRange global) : + queue_(CommandQueue::getDefault()), + offset_(NullRange), + global_(global), + local_(NullRange) + { + + } + + EnqueueArgs(NDRange global, NDRange local) : + queue_(CommandQueue::getDefault()), + offset_(NullRange), + global_(global), + local_(local) + { + + } + + EnqueueArgs(NDRange offset, NDRange global, NDRange local) : + queue_(CommandQueue::getDefault()), + offset_(offset), + global_(global), + local_(local) + { + + } + + EnqueueArgs(Event e, NDRange global) : + queue_(CommandQueue::getDefault()), + offset_(NullRange), + global_(global), + local_(NullRange) + { + events_.push_back(e); + } + + EnqueueArgs(Event e, NDRange global, NDRange local) : + queue_(CommandQueue::getDefault()), + offset_(NullRange), + global_(global), + local_(local) + { + events_.push_back(e); + } + + EnqueueArgs(Event e, NDRange offset, NDRange global, NDRange local) : + queue_(CommandQueue::getDefault()), + offset_(offset), + global_(global), + local_(local) + { + events_.push_back(e); + } + + EnqueueArgs(const vector &events, NDRange global) : + queue_(CommandQueue::getDefault()), + offset_(NullRange), + global_(global), + local_(NullRange), + events_(events) + { + + } + + EnqueueArgs(const vector &events, NDRange global, NDRange local) : + queue_(CommandQueue::getDefault()), + offset_(NullRange), + global_(global), + local_(local), + events_(events) + { + + } + + EnqueueArgs(const vector &events, NDRange offset, NDRange global, NDRange local) : + queue_(CommandQueue::getDefault()), + offset_(offset), + global_(global), + local_(local), + events_(events) + { + + } + + EnqueueArgs(CommandQueue &queue, NDRange global) : + queue_(queue), + offset_(NullRange), + global_(global), + local_(NullRange) + { + + } + + EnqueueArgs(CommandQueue &queue, NDRange global, NDRange local) : + queue_(queue), + offset_(NullRange), + global_(global), + local_(local) + { + + } + + EnqueueArgs(CommandQueue &queue, NDRange offset, NDRange global, NDRange local) : + queue_(queue), + offset_(offset), + global_(global), + local_(local) + { + + } + + EnqueueArgs(CommandQueue &queue, Event e, NDRange global) : + queue_(queue), + offset_(NullRange), + global_(global), + local_(NullRange) + { + events_.push_back(e); + } + + EnqueueArgs(CommandQueue &queue, Event e, NDRange global, NDRange local) : + queue_(queue), + offset_(NullRange), + global_(global), + local_(local) + { + events_.push_back(e); + } + + EnqueueArgs(CommandQueue &queue, Event e, NDRange offset, NDRange global, NDRange local) : + queue_(queue), + offset_(offset), + global_(global), + local_(local) + { + events_.push_back(e); + } + + EnqueueArgs(CommandQueue &queue, const vector &events, NDRange global) : + queue_(queue), + offset_(NullRange), + global_(global), + local_(NullRange), + events_(events) + { + + } + + EnqueueArgs(CommandQueue &queue, const vector &events, NDRange global, NDRange local) : + queue_(queue), + offset_(NullRange), + global_(global), + local_(local), + events_(events) + { + + } + + EnqueueArgs(CommandQueue &queue, const vector &events, NDRange offset, NDRange global, NDRange local) : + queue_(queue), + offset_(offset), + global_(global), + local_(local), + events_(events) + { + + } +}; + + +//---------------------------------------------------------------------------------------------- + + +/** + * Type safe kernel functor. + * + */ +template +class KernelFunctor +{ +private: + Kernel kernel_; + + template + void setArgs(T0&& t0, T1s&&... t1s) + { + kernel_.setArg(index, t0); + setArgs(std::forward(t1s)...); + } + + template + void setArgs(T0&& t0) + { + kernel_.setArg(index, t0); + } + + template + void setArgs() + { + } + + +public: + KernelFunctor(Kernel kernel) : kernel_(kernel) + {} + + KernelFunctor( + const Program& program, + const string name, + cl_int * err = NULL) : + kernel_(program, name.c_str(), err) + {} + + //! \brief Return type of the functor + typedef Event result_type; + + /** + * Enqueue kernel. + * @param args Launch parameters of the kernel. + * @param t0... List of kernel arguments based on the template type of the functor. + */ + Event operator() ( + const EnqueueArgs& args, + Ts... ts) + { + Event event; + setArgs<0>(std::forward(ts)...); + + args.queue_.enqueueNDRangeKernel( + kernel_, + args.offset_, + args.global_, + args.local_, + &args.events_, + &event); + + return event; + } + + /** + * Enqueue kernel with support for error code. + * @param args Launch parameters of the kernel. + * @param t0... List of kernel arguments based on the template type of the functor. + * @param error Out parameter returning the error code from the execution. + */ + Event operator() ( + const EnqueueArgs& args, + Ts... ts, + cl_int &error) + { + Event event; + setArgs<0>(std::forward(ts)...); + + error = args.queue_.enqueueNDRangeKernel( + kernel_, + args.offset_, + args.global_, + args.local_, + &args.events_, + &event); + + return event; + } + +#if CL_HPP_TARGET_OPENCL_VERSION >= 200 + cl_int setSVMPointers(const vector &pointerList) + { + return kernel_.setSVMPointers(pointerList); + } + + template + cl_int setSVMPointers(const T0 &t0, T1s... ts) + { + return kernel_.setSVMPointers(t0, ts...); + } +#endif // #if CL_HPP_TARGET_OPENCL_VERSION >= 200 + + Kernel getKernel() + { + return kernel_; + } +}; + +namespace compatibility { + /** + * Backward compatibility class to ensure that cl.hpp code works with cl2.hpp. + * Please use KernelFunctor directly. + */ + template + struct make_kernel + { + typedef KernelFunctor FunctorType; + + FunctorType functor_; + + make_kernel( + const Program& program, + const string name, + cl_int * err = NULL) : + functor_(FunctorType(program, name, err)) + {} + + make_kernel( + const Kernel kernel) : + functor_(FunctorType(kernel)) + {} + + //! \brief Return type of the functor + typedef Event result_type; + + //! \brief Function signature of kernel functor with no event dependency. + typedef Event type_( + const EnqueueArgs&, + Ts...); + + Event operator()( + const EnqueueArgs& enqueueArgs, + Ts... args) + { + return functor_( + enqueueArgs, args...); + } + }; +} // namespace compatibility + + +//---------------------------------------------------------------------------------------------------------------------- + +#undef CL_HPP_ERR_STR_ +#if !defined(CL_HPP_USER_OVERRIDE_ERROR_STRINGS) +#undef __GET_DEVICE_INFO_ERR +#undef __GET_PLATFORM_INFO_ERR +#undef __GET_DEVICE_IDS_ERR +#undef __GET_CONTEXT_INFO_ERR +#undef __GET_EVENT_INFO_ERR +#undef __GET_EVENT_PROFILE_INFO_ERR +#undef __GET_MEM_OBJECT_INFO_ERR +#undef __GET_IMAGE_INFO_ERR +#undef __GET_SAMPLER_INFO_ERR +#undef __GET_KERNEL_INFO_ERR +#undef __GET_KERNEL_ARG_INFO_ERR +#undef __GET_KERNEL_WORK_GROUP_INFO_ERR +#undef __GET_PROGRAM_INFO_ERR +#undef __GET_PROGRAM_BUILD_INFO_ERR +#undef __GET_COMMAND_QUEUE_INFO_ERR + +#undef __CREATE_CONTEXT_ERR +#undef __CREATE_CONTEXT_FROM_TYPE_ERR +#undef __GET_SUPPORTED_IMAGE_FORMATS_ERR + +#undef __CREATE_BUFFER_ERR +#undef __CREATE_SUBBUFFER_ERR +#undef __CREATE_IMAGE2D_ERR +#undef __CREATE_IMAGE3D_ERR +#undef __CREATE_SAMPLER_ERR +#undef __SET_MEM_OBJECT_DESTRUCTOR_CALLBACK_ERR + +#undef __CREATE_USER_EVENT_ERR +#undef __SET_USER_EVENT_STATUS_ERR +#undef __SET_EVENT_CALLBACK_ERR +#undef __SET_PRINTF_CALLBACK_ERR + +#undef __WAIT_FOR_EVENTS_ERR + +#undef __CREATE_KERNEL_ERR +#undef __SET_KERNEL_ARGS_ERR +#undef __CREATE_PROGRAM_WITH_SOURCE_ERR +#undef __CREATE_PROGRAM_WITH_BINARY_ERR +#undef __CREATE_PROGRAM_WITH_BUILT_IN_KERNELS_ERR +#undef __BUILD_PROGRAM_ERR +#undef __CREATE_KERNELS_IN_PROGRAM_ERR + +#undef __CREATE_COMMAND_QUEUE_ERR +#undef __SET_COMMAND_QUEUE_PROPERTY_ERR +#undef __ENQUEUE_READ_BUFFER_ERR +#undef __ENQUEUE_WRITE_BUFFER_ERR +#undef __ENQUEUE_READ_BUFFER_RECT_ERR +#undef __ENQUEUE_WRITE_BUFFER_RECT_ERR +#undef __ENQEUE_COPY_BUFFER_ERR +#undef __ENQEUE_COPY_BUFFER_RECT_ERR +#undef __ENQUEUE_READ_IMAGE_ERR +#undef __ENQUEUE_WRITE_IMAGE_ERR +#undef __ENQUEUE_COPY_IMAGE_ERR +#undef __ENQUEUE_COPY_IMAGE_TO_BUFFER_ERR +#undef __ENQUEUE_COPY_BUFFER_TO_IMAGE_ERR +#undef __ENQUEUE_MAP_BUFFER_ERR +#undef __ENQUEUE_MAP_IMAGE_ERR +#undef __ENQUEUE_UNMAP_MEM_OBJECT_ERR +#undef __ENQUEUE_NDRANGE_KERNEL_ERR +#undef __ENQUEUE_TASK_ERR +#undef __ENQUEUE_NATIVE_KERNEL + +#undef __UNLOAD_COMPILER_ERR +#undef __CREATE_SUB_DEVICES_ERR + +#undef __CREATE_PIPE_ERR +#undef __GET_PIPE_INFO_ERR + +#endif //CL_HPP_USER_OVERRIDE_ERROR_STRINGS + +// Extensions +#undef CL_HPP_INIT_CL_EXT_FCN_PTR_ +#undef CL_HPP_INIT_CL_EXT_FCN_PTR_PLATFORM_ + +#if defined(CL_HPP_USE_CL_DEVICE_FISSION) +#undef CL_HPP_PARAM_NAME_DEVICE_FISSION_ +#endif // CL_HPP_USE_CL_DEVICE_FISSION + +#undef CL_HPP_NOEXCEPT_ +#undef CL_HPP_DEFINE_STATIC_MEMBER_ + +} // namespace cl + +#endif // CL_HPP_ diff --git a/SPECS-EXTENDED/opencl-headers/opencl-headers.signatures.json b/SPECS-EXTENDED/opencl-headers/opencl-headers.signatures.json new file mode 100644 index 0000000000..f8059cb6b1 --- /dev/null +++ b/SPECS-EXTENDED/opencl-headers/opencl-headers.signatures.json @@ -0,0 +1,7 @@ +{ + "Signatures": { + "OpenCL-Headers-49f07d3.tar.gz": "71bf87f27a5c4336d2af75bb7b07696380533def5213a93cfdfbf5bfc0f8f70a", + "cl.hpp": "08034743b513512bb6ea3a1e9a59bdf1842d8199fccad73ac1b406a88d60f7e0", + "cl2.hpp": "7c5bce92a5c38480db1f8d929c965378c8448e956b1e3b41d49c57b3cc0398ec" + } +} diff --git a/SPECS-EXTENDED/opencl-headers/opencl-headers.spec b/SPECS-EXTENDED/opencl-headers/opencl-headers.spec new file mode 100644 index 0000000000..a38cfb8e03 --- /dev/null +++ b/SPECS-EXTENDED/opencl-headers/opencl-headers.spec @@ -0,0 +1,117 @@ +Vendor: Microsoft Corporation +Distribution: Azure Linux +%global commit0 49f07d313344ddb22701847ea5c18cb7db03b0d7 +%global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) +%global cl_hpp_ver 2.0.10 + +Name: opencl-headers +Version: 2.2 +Release: 7%{?dist} +Summary: OpenCL (Open Computing Language) header files + +License: MIT +URL: https://www.khronos.org/registry/cl/ + +Source0: https://github.com/KhronosGroup/OpenCL-Headers/archive/%{commit0}/OpenCL-Headers-%{commit0}.tar.gz#/OpenCL-Headers-%{shortcommit0}.tar.gz +Source1: https://github.com/KhronosGroup/OpenCL-CLHPP/releases/download/v%{cl_hpp_ver}/cl2.hpp +# OCL 1.2 compatibility +Source2: https://www.khronos.org/registry/cl/api/2.1/cl.hpp + +BuildArch: noarch + +%description +%{summary}. + +%prep +%autosetup -n OpenCL-Headers-%{commit0} + +cp -p %{SOURCE1} %{SOURCE2} . + +%build +# Nothing to build + +%install +mkdir -p %{buildroot}%{_includedir}/CL/ +install -p -m 0644 *hpp CL/* -t %{buildroot}%{_includedir}/CL/ +# We're not interested in Direct3D things +rm -vf %{buildroot}%{_includedir}/CL/cl_{dx9,d3d}* + +%files +%license LICENSE +%dir %{_includedir}/CL +%{_includedir}/CL/opencl.h +%{_includedir}/CL/cl_platform.h +%{_includedir}/CL/cl.h +%{_includedir}/CL/cl_ext.h +%{_includedir}/CL/cl_egl.h +%{_includedir}/CL/cl_gl.h +%{_includedir}/CL/cl_gl_ext.h +%{_includedir}/CL/cl_ext_intel.h +%{_includedir}/CL/cl_va_api_media_sharing_intel.h +%{_includedir}/CL/cl_version.h +%{_includedir}/CL/cl2.hpp +%{_includedir}/CL/cl.hpp + +%changelog +* Thu Oct 14 2021 Pawel Winogrodzki - 2.2-7 +- Initial CBL-Mariner import from Fedora 32 (license: MIT). +- Converting the 'Release' tag to the '[number].[distribution]' format. + +* Wed Jan 29 2020 Fedora Release Engineering - 2.2-6.20190205git49f07d3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Thu Jul 25 2019 Fedora Release Engineering - 2.2-5.20190205git49f07d3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Tue Feb 05 2019 Dave Airlie - 2.2-4.20190205git49f07d3 +- Update to latest upstream, pick up the ppc fix + +* Fri Feb 01 2019 Fedora Release Engineering - 2.2-3.20180306gite986688 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Fri Jul 13 2018 Fedora Release Engineering - 2.2-2.20180306gite986688 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Fri Mar 23 2018 Simone Caronni - 2.2-1.20180306gite986688 +- Update to 2.2. +- Use packaging guidelines for snapshots. + +* Thu Feb 08 2018 Fedora Release Engineering - 2.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 2.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Sat Feb 11 2017 Fedora Release Engineering - 2.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Wed Aug 31 2016 Igor Gnatenko - 2.1-1 +- Update to 2.1 + +* Thu Feb 04 2016 Fedora Release Engineering - 1.2-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Sun Jan 17 2016 Dave Airlie - 1.2-8 +- add cl_egl.h + +* Wed Jun 17 2015 Fedora Release Engineering - 1.2-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 1.2-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Fri Apr 25 2014 Fabian Deutsch - 1.2-5 +- Pull patch application into pre + +* Fri Apr 25 2014 Fabian Deutsch - 1.2-4 +- Add patch for cl.hpp to be usable on arm rhbz#1027199 + +* Sat Aug 03 2013 Fedora Release Engineering - 1.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Fri Mar 01 2013 Dave Airlie 1.2-2 +- fix missing dir and remove defattr. + +* Wed Feb 27 2013 Dave Airlie 1.2-1 +- OpenCL header files from Khronos for OpenCL 1.2 + diff --git a/SPECS-EXTENDED/opencryptoki/opencryptoki-3.24.0-compile-error-due-to-incompatible-pointer-types.patch b/SPECS-EXTENDED/opencryptoki/opencryptoki-3.24.0-compile-error-due-to-incompatible-pointer-types.patch new file mode 100644 index 0000000000..a0b77dd3c9 --- /dev/null +++ b/SPECS-EXTENDED/opencryptoki/opencryptoki-3.24.0-compile-error-due-to-incompatible-pointer-types.patch @@ -0,0 +1,66 @@ +commit e58d2086cf9268a1dd2431c64c6bcdd74c2c3233 +Author: Ingo Franzki +Date: Mon Sep 16 09:16:03 2024 +0200 + + COMMON: Fix compile error due to incompatible pointer types + + usr/lib/common/mech_openssl.c:4751:36: error: passing argument 2 of + 'get_sha_size' from incompatible pointer type [-Wincompatible-pointer-types] + 4751 | rc = get_sha_size(digest_mech, &mac_len); + + usr/lib/common/mech_openssl.c:4851:36: error: passing argument 2 of + 'get_sha_size' from incompatible pointer type [-Wincompatible-pointer-types] + 4851 | rc = get_sha_size(digest_mech, &mac_len); + + Closes: https://github.com/opencryptoki/opencryptoki/issues/809 + + Signed-off-by: Ingo Franzki + +diff --git a/usr/lib/common/mech_openssl.c b/usr/lib/common/mech_openssl.c +index 296b5e0a..500b6f91 100644 +--- a/usr/lib/common/mech_openssl.c ++++ b/usr/lib/common/mech_openssl.c +@@ -4731,6 +4731,7 @@ CK_RV openssl_specific_hmac(SIGN_VERIFY_CONTEXT *ctx, CK_BYTE *in_data, + CK_RV rv = CKR_OK; + CK_BBOOL general = FALSE; + CK_MECHANISM_TYPE digest_mech; ++ CK_ULONG mac_len2; + + if (!ctx || !ctx->context) { + TRACE_ERROR("%s received bad argument(s)\n", __func__); +@@ -4748,11 +4749,12 @@ CK_RV openssl_specific_hmac(SIGN_VERIFY_CONTEXT *ctx, CK_BYTE *in_data, + return rc; + } + +- rc = get_sha_size(digest_mech, &mac_len); ++ rc = get_sha_size(digest_mech, &mac_len2); + if (rc != CKR_OK) { + TRACE_ERROR("%s get_sha_size failed\n", __func__); + return rc; + } ++ mac_len = mac_len2; + + mdctx = (EVP_MD_CTX *) ctx->context; + +@@ -4833,6 +4835,7 @@ CK_RV openssl_specific_hmac_final(SIGN_VERIFY_CONTEXT *ctx, CK_BYTE *signature, + CK_RV rv = CKR_OK; + CK_BBOOL general = FALSE; + CK_MECHANISM_TYPE digest_mech; ++ CK_ULONG mac_len2; + + if (!ctx || !ctx->context) + return CKR_OPERATION_NOT_INITIALIZED; +@@ -4848,11 +4851,12 @@ CK_RV openssl_specific_hmac_final(SIGN_VERIFY_CONTEXT *ctx, CK_BYTE *signature, + return rc; + } + +- rc = get_sha_size(digest_mech, &mac_len); ++ rc = get_sha_size(digest_mech, &mac_len2); + if (rc != CKR_OK) { + TRACE_ERROR("%s get_sha_size failed\n", __func__); + return rc; + } ++ mac_len = mac_len2; + + if (signature == NULL) { + if (sign) { diff --git a/SPECS-EXTENDED/opencryptoki/opencryptoki-3.24.0-p11sak.patch b/SPECS-EXTENDED/opencryptoki/opencryptoki-3.24.0-p11sak.patch new file mode 100644 index 0000000000..a730c0bee3 --- /dev/null +++ b/SPECS-EXTENDED/opencryptoki/opencryptoki-3.24.0-p11sak.patch @@ -0,0 +1,42 @@ +diff -up opencryptoki-3.24.0/Makefile.am.me opencryptoki-3.24.0/Makefile.am +--- opencryptoki-3.24.0/Makefile.am.me 2024-09-12 12:53:05.023882913 +0200 ++++ opencryptoki-3.24.0/Makefile.am 2024-09-12 12:55:34.366644836 +0200 +@@ -51,20 +51,8 @@ include tools/tools.mk + include doc/doc.mk + + install-data-hook: +-if AIX +- lsgroup $(pkcs_group) > /dev/null || $(GROUPADD) -a pkcs11 +- lsuser $(pkcsslotd_user) > /dev/null || $(USERADD) -g $(pkcs_group) -d $(DESTDIR)$(RUN_PATH)/opencryptoki -c "Opencryptoki pkcsslotd user" $(pkcsslotd_user) +-else +- getent group $(pkcs_group) > /dev/null || $(GROUPADD) -r $(pkcs_group) +- getent passwd $(pkcsslotd_user) >/dev/null || $(USERADD) -r -g $(pkcs_group) -d $(RUN_PATH)/opencryptoki -s /sbin/nologin -c "Opencryptoki pkcsslotd user" $(pkcsslotd_user) +-endif + $(MKDIR_P) $(DESTDIR)$(RUN_PATH)/opencryptoki/ +- $(CHOWN) $(pkcsslotd_user):$(pkcs_group) $(DESTDIR)$(RUN_PATH)/opencryptoki/ +- $(CHGRP) $(pkcs_group) $(DESTDIR)$(RUN_PATH)/opencryptoki/ +- $(CHMOD) 0710 $(DESTDIR)$(RUN_PATH)/opencryptoki/ + $(MKDIR_P) $(DESTDIR)$(localstatedir)/lib/opencryptoki +- $(CHGRP) $(pkcs_group) $(DESTDIR)$(localstatedir)/lib/opencryptoki +- $(CHMOD) 0770 $(DESTDIR)$(localstatedir)/lib/opencryptoki + if ENABLE_LIBRARY + $(MKDIR_P) $(DESTDIR)$(libdir)/opencryptoki/stdll + $(MKDIR_P) $(DESTDIR)$(libdir)/pkcs11 +@@ -117,7 +105,7 @@ if ENABLE_EP11TOK + endif + if ENABLE_P11SAK + test -f $(DESTDIR)$(sysconfdir)/opencryptoki || $(MKDIR_P) $(DESTDIR)$(sysconfdir)/opencryptoki || true +- test -f $(DESTDIR)$(sysconfdir)/opencryptoki/p11sak_defined_attrs.conf || $(INSTALL) -g $(pkcs_group) -m 0640 $(srcdir)/usr/sbin/p11sak/p11sak_defined_attrs.conf $(DESTDIR)$(sysconfdir)/opencryptoki/p11sak_defined_attrs.conf || true ++ test -f $(DESTDIR)$(sysconfdir)/opencryptoki/p11sak_defined_attrs.conf || $(INSTALL) -m 0640 $(srcdir)/usr/sbin/p11sak/p11sak_defined_attrs.conf $(DESTDIR)$(sysconfdir)/opencryptoki/p11sak_defined_attrs.conf || true + endif + if ENABLE_ICATOK + cd $(DESTDIR)$(libdir)/opencryptoki/stdll && \ +@@ -168,7 +156,7 @@ endif + if ENABLE_DAEMON + test -f $(DESTDIR)$(sysconfdir)/opencryptoki || $(MKDIR_P) $(DESTDIR)$(sysconfdir)/opencryptoki || true + test -f $(DESTDIR)$(sysconfdir)/opencryptoki/opencryptoki.conf || $(INSTALL) -m 644 $(srcdir)/usr/sbin/pkcsslotd/opencryptoki.conf $(DESTDIR)$(sysconfdir)/opencryptoki/opencryptoki.conf || true +- test -f $(DESTDIR)$(sysconfdir)/opencryptoki/strength.conf || $(INSTALL) -m 640 -o root -g $(pkcs_group) -T $(srcdir)/doc/strength-example.conf $(DESTDIR)$(sysconfdir)/opencryptoki/strength.conf || true ++ test -f $(DESTDIR)$(sysconfdir)/opencryptoki/strength.conf || $(INSTALL) -m 640 -o root -T $(srcdir)/doc/strength-example.conf $(DESTDIR)$(sysconfdir)/opencryptoki/strength.conf || true + endif + if !AIX + $(MKDIR_P) $(DESTDIR)/etc/ld.so.conf.d diff --git a/SPECS-EXTENDED/opencryptoki/opencryptoki.signatures.json b/SPECS-EXTENDED/opencryptoki/opencryptoki.signatures.json index 8bc0c74ae5..df2e98b0fe 100644 --- a/SPECS-EXTENDED/opencryptoki/opencryptoki.signatures.json +++ b/SPECS-EXTENDED/opencryptoki/opencryptoki.signatures.json @@ -1,6 +1,7 @@ { - "Signatures": { - "opencryptoki.module": "d335359abeb5d4d1e684841f055ac99b98e8fcc77578e480ef86ef2621ab363d", - "opencryptoki-3.17.0.tar.gz": "785596925738855b33b29bdff2399f613b892e7c6000d9ffbf79fe32c2aeaeee" - } + "Signatures": { + "opencryptoki-3.24.0.tar.gz": "36873a867853b2327ca42ec231be8603d83cac2008ead23296b522fe64443764", + "opencryptoki.module": "d335359abeb5d4d1e684841f055ac99b98e8fcc77578e480ef86ef2621ab363d" + } } + diff --git a/SPECS-EXTENDED/opencryptoki/opencryptoki.spec b/SPECS-EXTENDED/opencryptoki/opencryptoki.spec index 251cf9d0c9..f7349614af 100644 --- a/SPECS-EXTENDED/opencryptoki/opencryptoki.spec +++ b/SPECS-EXTENDED/opencryptoki/opencryptoki.spec @@ -1,56 +1,59 @@ -Summary: Implementation of the PKCS#11 (Cryptoki) specification v2.11 -Name: opencryptoki -Version: 3.17.0 -Release: 2%{?dist} -License: CPL +Name: opencryptoki +Summary: Implementation of the PKCS#11 (Cryptoki) specification v3.0 +Version: 3.24.0 +Release: 3%{?dist} +License: CPL-1.0 Vendor: Microsoft Corporation Distribution: Azure Linux -URL: https://github.com/opencryptoki/opencryptoki -Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz -Source1: opencryptoki.module -# https://bugzilla.redhat.com/show_bug.cgi?id=732756 -Patch0: opencryptoki-3.11.0-group.patch -# bz#1373833, change tmpfiles snippets from /var/lock/* to /run/lock/* -Patch1: opencryptoki-3.11.0-lockdir.patch -BuildRequires: autoconf -BuildRequires: automake -BuildRequires: bison -BuildRequires: expect -BuildRequires: flex -BuildRequires: gcc -BuildRequires: libtool -BuildRequires: openldap-devel -BuildRequires: openssl-devel -BuildRequires: systemd -%if !0%{?tmv} -# Azure Linux only supports tpm 2.0, so drop tpm 1.2 support -BuildRequires: trousers-devel +URL: https://github.com/opencryptoki/opencryptoki +Source0: https://github.com/opencryptoki/%{name}/archive/v%{version}/%{name}-%{version}.tar.gz +Source1: opencryptoki.module +# fix install problem in buildroot +Patch1: opencryptoki-3.24.0-p11sak.patch +# upstream patches +Patch2: opencryptoki-3.24.0-compile-error-due-to-incompatible-pointer-types.patch + +Requires(pre): coreutils +Requires: (selinux-policy >= 34.9-1 if selinux-policy-targeted) +BuildRequires: gcc gcc-c++ +BuildRequires: openssl-devel >= 1.1.1 +%if 0%{?tmptok} +BuildRequires: trousers-devel %endif -Requires: %{name}(token) -Requires: %{name}-libs%{?_isa} = %{version}-%{release} -Requires(post): systemd -Requires(postun): systemd -Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release} -Requires(pre): coreutils -Requires(preun): systemd +BuildRequires: openldap-devel +BuildRequires: autoconf automake libtool +BuildRequires: bison flex +BuildRequires: libcap-devel +BuildRequires: expect +BuildRequires: make +BuildRequires: systemd-rpm-macros %ifarch s390 s390x -BuildRequires: libica-devel >= 2.3 +BuildRequires: libica-devel >= 3.3 +# for /usr/include/libudev.h +BuildRequires: systemd-devel %endif +Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release} +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Requires: %{name}(token) +Requires(post): systemd diffutils +Requires(preun): systemd +Requires(postun): systemd %description -Opencryptoki implements the PKCS#11 specification v2.11 for a set of +Opencryptoki implements the PKCS#11 specification v2.20 for a set of cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the Trusted Platform Module (TPM) chip. Opencryptoki also brings a software token implementation that can be used without any cryptographic hardware. This package contains the Slot Daemon (pkcsslotd) and general utilities. + %package libs -Summary: The run-time libraries for opencryptoki package -Requires(pre): shadow-utils +Summary: The run-time libraries for opencryptoki package +Requires(pre): shadow-utils %description libs -Opencryptoki implements the PKCS#11 specification v2.11 for a set of +Opencryptoki implements the PKCS#11 specification v2.20 for a set of cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the Trusted Platform Module (TPM) chip. Opencryptoki also brings a software token implementation that can be used without any cryptographic @@ -59,22 +62,24 @@ This package contains the PKCS#11 library implementation, and requires at least one token implementation (packaged separately) to be fully functional. + %package devel -Summary: Development files for openCryptoki -Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Summary: Development files for openCryptoki +Requires: %{name}-libs%{?_isa} = %{version}-%{release} %description devel This package contains the development header files for building opencryptoki and PKCS#11 based applications + %package swtok -Summary: The software token implementation for opencryptoki -Requires: %{name}-libs%{?_isa} = %{version}-%{release} -Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release} -Provides: %{name}(token) +Summary: The software token implementation for opencryptoki +Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release} +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Provides: %{name}(token) %description swtok -Opencryptoki implements the PKCS#11 specification v2.11 for a set of +Opencryptoki implements the PKCS#11 specification v2.20 for a set of cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the Trusted Platform Module (TPM) chip. Opencryptoki also brings a software token implementation that can be used without any cryptographic @@ -82,31 +87,31 @@ hardware. This package brings the software token implementation to use opencryptoki without any specific cryptographic hardware. -%if !0%{?tmv} + %package tpmtok -Summary: Trusted Platform Module (TPM) device support for opencryptoki -Requires: %{name}-libs%{?_isa} = %{version}-%{release} -Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release} -Provides: %{name}(token) +Summary: Trusted Platform Module (TPM) device support for opencryptoki +Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release} +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Provides: %{name}(token) %description tpmtok -Opencryptoki implements the PKCS#11 specification v2.11 for a set of +Opencryptoki implements the PKCS#11 specification v2.20 for a set of cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the Trusted Platform Module (TPM) chip. Opencryptoki also brings a software token implementation that can be used without any cryptographic hardware. This package brings the necessary libraries and files to support Trusted Platform Module (TPM) devices in the opencryptoki stack. -%endif + %package icsftok -Summary: ICSF token support for opencryptoki -Requires: %{name}-libs%{?_isa} = %{version}-%{release} -Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release} -Provides: %{name}(token) +Summary: ICSF token support for opencryptoki +Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release} +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Provides: %{name}(token) %description icsftok -Opencryptoki implements the PKCS#11 specification v2.11 for a set of +Opencryptoki implements the PKCS#11 specification v2.20 for a set of cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the Trusted Platform Module (TPM) chip. Opencryptoki also brings a software token implementation that can be used without any cryptographic @@ -114,15 +119,15 @@ hardware. This package brings the necessary libraries and files to support ICSF token in the opencryptoki stack. -%ifarch s390 s390x + %package icatok -Summary: ICA cryptographic devices (clear-key) support for opencryptoki -Requires: %{name}-libs%{?_isa} = %{version}-%{release} -Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release} -Provides: %{name}(token) +Summary: ICA cryptographic devices (clear-key) support for opencryptoki +Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release} +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Provides: %{name}(token) %description icatok -Opencryptoki implements the PKCS#11 specification v2.11 for a set of +Opencryptoki implements the PKCS#11 specification v2.20 for a set of cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the Trusted Platform Module (TPM) chip. Opencryptoki also brings a software token implementation that can be used without any cryptographic @@ -133,13 +138,13 @@ cryptographic hardware such as IBM 4764 or 4765 that uses the "accelerator" or "clear-key" path. %package ccatok -Summary: CCA cryptographic devices (secure-key) support for opencryptoki -Requires: %{name}-libs%{?_isa} = %{version}-%{release} -Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release} -Provides: %{name}(token) +Summary: CCA cryptographic devices (secure-key) support for opencryptoki +Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release} +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Provides: %{name}(token) %description ccatok -Opencryptoki implements the PKCS#11 specification v2.11 for a set of +Opencryptoki implements the PKCS#11 specification v2.20 for a set of cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the Trusted Platform Module (TPM) chip. Opencryptoki also brings a software token implementation that can be used without any cryptographic @@ -150,13 +155,13 @@ cryptographic hardware such as IBM 4764 or 4765 that uses the "co-processor" or "secure-key" path. %package ep11tok -Summary: CCA cryptographic devices (secure-key) support for opencryptoki -Requires: %{name}-libs%{?_isa} = %{version}-%{release} -Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release} -Provides: %{name}(token) +Summary: EP11 cryptographic devices (secure-key) support for opencryptoki +Requires(pre): %{name}-libs%{?_isa} = %{version}-%{release} +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Provides: %{name}(token) %description ep11tok -Opencryptoki implements the PKCS#11 specification v2.11 for a set of +Opencryptoki implements the PKCS#11 specification v2.20 for a set of cryptographic hardware, such as IBM 4764 and 4765 crypto cards, and the Trusted Platform Module (TPM) chip. Opencryptoki also brings a software token implementation that can be used without any cryptographic @@ -165,7 +170,6 @@ This package brings the necessary libraries and files to support EP11 tokens in the opencryptoki stack. The EP11 token is a token that uses the IBM Crypto Express adapters (starting with Crypto Express 4S adapters) configured with Enterprise PKCS#11 (EP11) firmware. -%endif %prep @@ -176,28 +180,53 @@ configured with Enterprise PKCS#11 (EP11) firmware. ./bootstrap.sh %configure --with-systemd=%{_unitdir} --enable-testcases \ -%if 0%{?tmv} + --with-pkcsslotd-user=pkcsslotd --with-pkcs-group=pkcs11 \ +%if 0%{?tpmtok} + --enable-tpmtok \ +%else --disable-tpmtok \ %endif +%ifarch s390 s390x x86_64 ppc64le + --enable-ccatok \ +%else + --disable-ccatok \ +%endif %ifarch s390 s390x - --enable-icatok --enable-ccatok --enable-ep11tok --enable-pkcsep11_migrate + --enable-icatok --enable-ep11tok --enable-pkcsep11_migrate %else - --disable-icatok --disable-ccatok --disable-ep11tok --disable-pkcsep11_migrate + --disable-icatok --disable-ep11tok --disable-pkcsep11_migrate --enable-pkcscca_migrate %endif -make %{?_smp_mflags} CHGRP=/bin/true +%make_build CHGRP=/bin/true %install -make install DESTDIR=%{buildroot} CHGRP=/bin/true -install -Dpm 644 %{SOURCE1} %{buildroot}%{_datadir}/p11-kit/modules/opencryptoki.module +%make_install CHGRP=/bin/true +%pre +# don't touch opencryptoki.conf even if it is unchanged due to new tokversion +# backup config file. bz#2044179 +%global cfile /etc/opencryptoki/opencryptoki.conf +%global csuffix .rpmsave.XyoP +if test $1 -gt 1 && test -f %{cfile} ; then + cp -p %{cfile} %{cfile}%{csuffix} +fi + %pre libs getent group pkcs11 >/dev/null || groupadd -r pkcs11 +getent passwd pkcsslotd >/dev/null || useradd -r -g pkcs11 -d /run/opencryptoki -s /sbin/nologin -c "Opencryptoki pkcsslotd user" pkcsslotd exit 0 %post +# restore the config file from %pre +if test $1 -gt 1 && test -f %{cfile} ; then + if ( ! cmp -s %{cfile} %{cfile}%{csuffix} ) ; then + cp -p %{cfile} %{cfile}.rpmnew + fi + cp -p %{cfile}%{csuffix} %{cfile} && rm -f %{cfile}%{csuffix} +fi + %systemd_post pkcsslotd.service if test $1 -eq 1; then %tmpfiles_create %{name}.conf @@ -209,21 +238,33 @@ fi %postun %systemd_postun_with_restart pkcsslotd.service + %files %doc ChangeLog FAQ README.md %doc doc/opencryptoki-howto.md %doc doc/README.token_data +%doc %{_docdir}/%{name}/*.conf %dir %{_sysconfdir}/%{name} -%config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf +%verify(not md5 size mtime) %config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf +%attr(0640, root, pkcs11) %config(noreplace) %{_sysconfdir}/%{name}/p11sak_defined_attrs.conf +%attr(0640, root, pkcs11) %config(noreplace) %{_sysconfdir}/%{name}/strength.conf %{_tmpfilesdir}/%{name}.conf %{_unitdir}/pkcsslotd.service -%{_sbindir}/pkcsconf -%{_sbindir}/pkcsslotd %{_sbindir}/p11sak %{_sbindir}/pkcstok_migrate -%{_mandir}/man1/pkcsconf.1* +%{_sbindir}/pkcsconf +%{_sbindir}/pkcsslotd +%{_sbindir}/pkcsstats +%{_sbindir}/pkcshsm_mk_change +%{_sbindir}/pkcstok_admin %{_mandir}/man1/p11sak.1* %{_mandir}/man1/pkcstok_migrate.1* +%{_mandir}/man1/pkcsconf.1* +%{_mandir}/man1/pkcsstats.1* +%{_mandir}/man1/pkcshsm_mk_change.1* +%{_mandir}/man1/pkcstok_admin.1* +%{_mandir}/man5/policy.conf.5* +%{_mandir}/man5/strength.conf.5* %{_mandir}/man5/%{name}.conf.5* %{_mandir}/man5/p11sak_defined_attrs.conf.5* %{_mandir}/man7/%{name}.7* @@ -231,16 +272,17 @@ fi %{_libdir}/opencryptoki/methods %{_libdir}/pkcs11/methods %dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name} +%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/HSM_MK_CHANGE %ghost %dir %attr(770,root,pkcs11) %{_rundir}/lock/%{name} %ghost %dir %attr(770,root,pkcs11) %{_rundir}/lock/%{name}/* -%dir %attr(770,root,pkcs11) %{_localstatedir}/log/opencryptoki +%dir %attr(710,pkcsslotd,pkcs11) /run/%{name} %files libs %license LICENSE %{_sysconfdir}/ld.so.conf.d/* # Unversioned .so symlinks usually belong to -devel packages, but opencryptoki # needs them in the main package, because: -# documentation suggests that programs should dlopen "PKCS11_API.so". +# documentation suggests that programs should dlopen "PKCS11_API.so". %dir %{_libdir}/opencryptoki %{_libdir}/opencryptoki/libopencryptoki.* %{_libdir}/opencryptoki/PKCS11_API.so @@ -249,13 +291,11 @@ fi %{_libdir}/pkcs11/libopencryptoki.so %{_libdir}/pkcs11/PKCS11_API.so %{_libdir}/pkcs11/stdll -# Co-owned with p11-kit -%dir %{_datadir}/p11-kit/ -%dir %{_datadir}/p11-kit/modules/ -%{_datadir}/p11-kit/modules/opencryptoki.module +%dir %attr(770,root,pkcs11) %{_localstatedir}/log/opencryptoki %files devel %{_includedir}/%{name}/ +%{_libdir}/pkgconfig/%{name}.pc %files swtok %{_libdir}/opencryptoki/stdll/libpkcs11_sw.* @@ -263,7 +303,7 @@ fi %dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/swtok/ %dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/swtok/TOK_OBJ/ -%if !0%{?tmv} +%if 0%{?tmptok} %files tpmtok %doc doc/README.tpm_stdll %{_libdir}/opencryptoki/stdll/libpkcs11_tpm.* @@ -279,49 +319,212 @@ fi %{_libdir}/opencryptoki/stdll/PKCS11_ICSF.so %dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/icsf/ -%ifarch s390 s390x -%files icatok -%{_libdir}/opencryptoki/stdll/libpkcs11_ica.* -%{_libdir}/opencryptoki/stdll/PKCS11_ICA.so -%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/lite/ -%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/lite/TOK_OBJ/ - +%ifarch x86_64 %files ccatok %doc doc/README.cca_stdll +%config(noreplace) %{_sysconfdir}/%{name}/ccatok.conf %{_sbindir}/pkcscca %{_mandir}/man1/pkcscca.1* %{_libdir}/opencryptoki/stdll/libpkcs11_cca.* %{_libdir}/opencryptoki/stdll/PKCS11_CCA.so %dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/ccatok/ %dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/ccatok/TOK_OBJ/ - -%files ep11tok -%doc doc/README.ep11_stdll -%config(noreplace) %{_sysconfdir}/%{name}/ep11tok.conf -%config(noreplace) %{_sysconfdir}/%{name}/ep11cpfilter.conf -%{_sbindir}/pkcsep11_migrate -%{_sbindir}/pkcsep11_session -%{_mandir}/man1/pkcsep11_migrate.1* -%{_mandir}/man1/pkcsep11_session.1* -%{_libdir}/opencryptoki/stdll/libpkcs11_ep11.* -%{_libdir}/opencryptoki/stdll/PKCS11_EP11.so -%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/ep11tok/ -%dir %attr(770,root,pkcs11) %{_sharedstatedir}/%{name}/ep11tok/TOK_OBJ/ %endif - %changelog -* Fri Mar 29 2024 Chris Co - 3.17.0-2 -- Drop tpm 1.2 support - -* Mon Sep 04 2023 Muhammad Falak - 3.17.0-1 -- Upgrade version to address CVE-2021-3798 -- Lint spec +* Wed Jan 15 2025 Durga Jagadeesh Palli - 3.24.0-3 +- Initial Azure Linux import from Fedora 41 (license: MIT) - License verified -* Thu Mar 18 2021 Henry Li - 3.13.0-2 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). -- Remove libitm-devel from build requirement because gcc already includes the necessary binaries it covers +* Fri Sep 13 2024 Than Ngo - 3.24.0-2 +- build with --enable-pkcscca_migrate +- fix build error due to incompatible pointer types + +* Fri Sep 13 2024 Than Ngo - 3.24.0-1 +- Update to 3.24.0 + * Add support for building Opencryptoki on the IBM AIX platform + * Add support for the CCA token on non-IBM Z platforms (x86_64, ppc64) + * Add support for protecting tokens with a token specific user group + * EP11: Add support for combined CKA_EXTRACTABLE and CKA_IBM_PROTKEY_EXTRACTABLE + * CCA: Add support for Koblitz curve secp256k1. Requires CCA v7.2 or later + * CCA: Add support for IBM Dilithium (CKM_IBM_DILITHIUM). + On Linux on IBM Z: Requires CCA v7.1 or later for Round2-65, and CCA v8.0 for the Round 3 variants. + On other platforms: Requires CCA v7.2.43 or later for Round2-65, the Round 3 variants are currently not supported + * CCA: Add support for RSA-OAEP with SHA224, SHA384, and SHA512 on en-/decrypt. Requires CCA v8.1 or later on Linux on IBM Z, not supported on other platforms + * CCA: Add support for PKCS#11 v3.0 SHA3 mechanisms. Requires CCA v8.1 on Linux on IBM Z, not supported on other platforms + * ICA: Support new libica AES-GCM api using the KMA instruction on z14 and later + * ICA/Soft/ICSF: Add support for PKCS#11 v3.0 SHA3 mechanisms + * ICA/Soft: Add support for SHA based key derivation mechanisms + * ICA/Soft: Add support for CKD_*_SP800 KDFs for ECDH + * EP11/CCA/ICA/Soft: Add support for CKA_ALWAYS_AUTHENTICATE + * EP11/CCA: Support live guest relocation for protected key (PKEY) operations + * Soft: Experimental support for IBM Dilithium via OpenSSL OQS provider + * ICSF: Add support for SHA-2 mechanisms + * ICSF: Performance improvements for attribute retrieval + * p11sak: Add support for exporting a key or certificate as URI-PEM file + * p11sak: Import/export of IBM Dilithium keys in 'oqsprovider' format PEM files + * p11sak: Add option to show the master key verification patterns of secure keys + * Bug fixes +- Remove i686 support as upsrtream will get rid of 32-bit support, https://github.com/opencryptoki/opencryptoki/issues/174 +- Remove lockdir.patch + +* Thu Jul 18 2024 Fedora Release Engineering - 3.23.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Wed Feb 07 2024 Than Ngo - 3.23.0-1 +- 3.23.0 + * EP11: Add support for FIPS-session mode + * Updates to harden against RSA timing attacks + * Bug fixes + +* Tue Jan 30 2024 Dan Horák - 3.22.0-4 +- fix all errors and warnings (rhbz#2261419) + +* Thu Jan 25 2024 Fedora Release Engineering - 3.22.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 3.22.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Thu Sep 21 2023 Than Ngo - 3.22.0-1 +- update to 3.22.0 + +* Thu Jul 20 2023 Fedora Release Engineering - 3.21.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Mon Jul 17 2023 Than Ngo - 3.21.0-5 +- p11sak tool: slot option does not accept argument 0 for slot index 0 +- p11sak fails as soon as there reside non-key objects + +* Thu May 25 2023 Than Ngo - 3.21.0-4 +- add verify attributes for opencryptoki.conf to ignore the + verification + +* Mon May 22 2023 Than Ngo - 3.21.0-3 +- drop p11_kit_support +- fix handling of user name +- fix user confirmation prompt behavior when stdin is closed + +* Tue May 16 2023 Than Ngo - 3.21.0-2 +- add missing /var/lib/opencryptoki/HSM_MK_CHANGE + +* Mon May 15 2023 Than Ngo - 3.21.0-1 +- update to 3.21.0 + +* Tue Feb 14 2023 Than Ngo - 3.20.0-2 +- migrated to SPDX license + +* Mon Feb 13 2023 Than Ngo - 3.20.0-1 +- update to 3.20.0 +- drop unnecessary opencryptoki-3.11.0-group.patch + +* Wed Feb 08 2023 Than Ngo - 3.19.0-3 +- Add support of ep11 token for new IBM Z Hardware (IBM z16) + +* Thu Jan 19 2023 Fedora Release Engineering - 3.19.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Tue Oct 11 2022 Than Ngo - 3.19.0-1 +- update to 3.19.0 + +* Wed Sep 14 2022 Florian Weimer - 3.18.0-5 +- Add missing build dependency on systemd-rpm-macros + +* Mon Aug 01 2022 Than Ngo - 3.18.0-4 +- fix json output +- do not touch opencryptoki.conf if it is in place already and even if it is unchanged + +* Fri Jul 22 2022 Fedora Release Engineering - 3.18.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Mon May 09 2022 Than Ngo - 3.18.0-2 +- add missing strength.conf + +* Mon May 02 2022 Than Ngo - 3.18.0-1 +- 3.18.0 + +* Wed Apr 20 2022 Dan Horák - 3.17.0-7 +- fix initialization (#2075851, #2074587) + +* Wed Apr 06 2022 Than Ngo - 3.17.0-6 +- add tokversion + +* Wed Apr 06 2022 Than Ngo - 3.17.0-5 +- upstream fixes - openssl cleanup for opencryptoki, Avoid deadlock when stopping event thread + +* Thu Jan 20 2022 Fedora Release Engineering - 3.17.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Thu Nov 25 2021 Than Ngo - 3.17.0-3 +- fix covscan issues + +* Tue Nov 09 2021 Than Ngo - 3.17.0-2 +- add missing config file p11sak_defined_attrs.conf + +* Tue Oct 19 2021 Than Ngo - 3.17.0-1 +- rebase to 3.17.0 + +* Tue Sep 14 2021 Sahana Prasad - 3.16.0-5 +- Rebuilt with OpenSSL 3.0.0 + +* Fri Sep 03 2021 Than Ngo - 3.16.0-4 +- Resolves: #1987186, pkcstok_migrate leaves options with multiple strings in opencryptoki.conf options without double-quotes +- Resolves: #1974365, Fix detection if pkcsslotd is still running + +* Thu Jul 22 2021 Fedora Release Engineering - 3.16.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Wed Jun 30 2021 Than Ngo - 3.16.0-2 +- Added Event Notification Support +- Added conditional requirement on selinux-policy >= 34.10-1 +- pkcsslotd PIDfile below legacy directory +- Added BR on systemd-devel + +* Wed Mar 31 2021 Dan Horák - 3.16.0-1 +- Rebase to 3.16.0 + +* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek - 3.15.1-6 +- Rebuilt for updated systemd-rpm-macros + See https://pagure.io/fesco/issue/2583. + +* Fri Feb 12 2021 Than Ngo - 3.15.1-5 +- Added upstream patch, a slot ID has nothing to do with the number of slots + +* Tue Jan 26 2021 Fedora Release Engineering - 3.15.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Dec 22 2020 Than Ngo - 3.15.1-3 +- Drop tpm1.2 support by default + +* Tue Dec 22 2020 Than Ngo - 3.15.1-2 +- Fix compiling with c++ +- Added error message handling for p11sak remove-key command +- Add BR on make + +* Mon Nov 02 2020 Than Ngo - 3.15.1-1 +- Rebase to 3.15.1 + +* Mon Oct 19 2020 Dan Horák - 3.15.0-1 +- Rebase to 3.15.0 + +* Tue Jul 28 2020 Fedora Release Engineering - 3.14.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jul 14 2020 Tom Stellard - 3.14.0-5 +- Use make macros +- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro + +* Wed Jul 08 2020 Than Ngo - 3.14.0-4 +- added PIN conversion tool + +* Wed Jul 01 2020 Than Ngo - 3.14.0-3 +- upstream fix - handle early error cases in C_Initialize + +* Wed May 27 2020 Than Ngo - 3.14.0-2 +- fix regression, segfault in C_SetPin + +* Fri May 15 2020 Dan Horák - 3.14.0-1 +- Rebase to 3.14.0 * Fri Mar 06 2020 Dan Horák - 3.13.0-1 - Rebase to 3.13.0 diff --git a/SPECS-EXTENDED/optipng/optipng.signatures.json b/SPECS-EXTENDED/optipng/optipng.signatures.json index 1d657baf0a..42eccaa0d9 100644 --- a/SPECS-EXTENDED/optipng/optipng.signatures.json +++ b/SPECS-EXTENDED/optipng/optipng.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "optipng-0.7.7.tar.gz": "4f32f233cef870b3f95d3ad6428bfe4224ef34908f1b42b0badf858216654452" + "optipng-0.7.8.tar.gz": "25a3bd68481f21502ccaa0f4c13f84dcf6b20338e4c4e8c51f2cefbd8513398c" } } diff --git a/SPECS-EXTENDED/optipng/optipng.spec b/SPECS-EXTENDED/optipng/optipng.spec index 3a03c21698..d577c5a021 100644 --- a/SPECS-EXTENDED/optipng/optipng.spec +++ b/SPECS-EXTENDED/optipng/optipng.spec @@ -1,16 +1,17 @@ Vendor: Microsoft Corporation Distribution: Azure Linux Name: optipng -Version: 0.7.7 -Release: 7%{?dist} +Version: 0.7.8 +Release: 5%{?dist} Summary: PNG optimizer and converter License: zlib -URL: http://optipng.sourceforge.net/ -Source0: http://downloads.sourceforge.net/optipng/%{name}-%{version}.tar.gz +URL: https://optipng.sourceforge.net/ +Source0: https://downloads.sourceforge.net/optipng/%{name}-%{version}.tar.gz -BuildRequires: gcc -BuildRequires: zlib-devel libpng-devel +BuildRequires: make +BuildRequires: gcc +BuildRequires: zlib-devel libpng-devel %description OptiPNG is a PNG optimizer that recompresses image files to a smaller size, @@ -56,8 +57,40 @@ chmod -c 755 $RPM_BUILD_ROOT%{_bindir}/optipng %changelog -* Fri Oct 15 2021 Pawel Winogrodzki - 0.7.7-7 -- Initial CBL-Mariner import from Fedora 33 (license: MIT). +* Wed Jan 15 2025 Durga Jagadeesh Palli - 0.7.8-5 +- Initial Azure Linux import from Fedora 41 (license: MIT) +- change the URL and Source0 from http to https +- License verified + +* Thu Jul 18 2024 Fedora Release Engineering - 0.7.8-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Thu Jan 25 2024 Fedora Release Engineering - 0.7.8-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 0.7.8-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Nov 5 2023 Peter Hanecak - 0.7.8-1 +- Update to 0.7.8 + +* Thu Jul 20 2023 Fedora Release Engineering - 0.7.7-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Thu Jan 19 2023 Fedora Release Engineering - 0.7.7-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Fri Jul 22 2022 Fedora Release Engineering - 0.7.7-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Thu Jan 20 2022 Fedora Release Engineering - 0.7.7-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Thu Jul 22 2021 Fedora Release Engineering - 0.7.7-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Tue Jan 26 2021 Fedora Release Engineering - 0.7.7-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild * Thu Dec 10 2020 Peter Hanecak - 0.7.7-6 - Use make macros (PR from tbaeder) diff --git a/SPECS-EXTENDED/perl-Authen-SASL/perl-Authen-SASL.signatures.json b/SPECS-EXTENDED/perl-Authen-SASL/perl-Authen-SASL.signatures.json index 6be74c7098..4d824648ea 100644 --- a/SPECS-EXTENDED/perl-Authen-SASL/perl-Authen-SASL.signatures.json +++ b/SPECS-EXTENDED/perl-Authen-SASL/perl-Authen-SASL.signatures.json @@ -1,6 +1,5 @@ { "Signatures": { - "LICENSE.PTR": "56ba56e252badff365b7d6200531d75a11df54927e7a74279f6f3cf154967e60", - "perl-Authen-SASL-2.16.tar.gz": "6614fa7518f094f853741b63c73f3627168c5d3aca89b1d02b1016dc32854e09" + "perl-Authen-SASL-2.1700.tar.gz": "b86d5a576b8d387aee24f39f47a54afd14bb66b09003db5065001f1de03a8ece" } } diff --git a/SPECS-EXTENDED/perl-Authen-SASL/perl-Authen-SASL.spec b/SPECS-EXTENDED/perl-Authen-SASL/perl-Authen-SASL.spec index 936a80558d..b454c59e14 100644 --- a/SPECS-EXTENDED/perl-Authen-SASL/perl-Authen-SASL.spec +++ b/SPECS-EXTENDED/perl-Authen-SASL/perl-Authen-SASL.spec @@ -1,30 +1,23 @@ Vendor: Microsoft Corporation Distribution: Azure Linux Name: perl-Authen-SASL -Version: 2.16 -Release: 21%{?dist} +Version: 2.1700 +Release: 5%{?dist} Summary: SASL Authentication framework for Perl -License: GPL+ or Artistic +License: GPL-1.0-or-later OR Artistic-1.0-Perl URL: https://metacpan.org/release/Authen-SASL -Source0: https://cpan.metacpan.org/authors/id/G/GB/GBARR/Authen-SASL-%{version}.tar.gz#/perl-Authen-SASL-%{version}.tar.gz -Source1: LICENSE.PTR -# Update the function WRITE to properly handle string which is shorter than -# provided length -Patch0: Authen-SASL-RT85294-Fix-WRITE.patch +Source0: https://cpan.metacpan.org/authors/id/E/EH/EHUELS/Authen-SASL-%{version}.tar.gz#/perl-Authen-SASL-%{version}.tar.gz BuildArch: noarch BuildRequires: coreutils BuildRequires: findutils BuildRequires: make -BuildRequires: perl-interpreter BuildRequires: perl-generators -BuildRequires: perl(inc::Module::Install) -BuildRequires: perl(Module::CoreList) -BuildRequires: perl(Module::Install::Makefile) -BuildRequires: perl(Module::Install::Metadata) -BuildRequires: perl(Module::Install::WriteAll) +BuildRequires: perl-interpreter +BuildRequires: perl(:VERSION) >= 5.6 +BuildRequires: perl(Config) +BuildRequires: perl(ExtUtils::MakeMaker) BuildRequires: perl(strict) BuildRequires: perl(warnings) -BuildRequires: sed # Run-time BuildRequires: perl(bytes) BuildRequires: perl(Carp) @@ -36,49 +29,119 @@ BuildRequires: perl(vars) # Tests BuildRequires: perl(FindBin) BuildRequires: perl(Test::More) -Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) +Requires: perl(Tie::Handle) %description SASL is a generic mechanism for authentication used by several network protocols. Authen::SASL provides an implementation framework that all protocols should be able to share. -%prep -%setup -q -n Authen-SASL-%{version} -%patch 0 -p1 +%package tests +Summary: Tests for %{name} +Requires: %{name} = %{?epoch:%{epoch}:}%{version}-%{release} +Requires: perl-Test-Harness +Requires: perl(Carp) +Requires: perl(Digest::MD5) +Requires: perl(Digest::HMAC_MD5) -# Remove bundled libraries -rm -r inc -sed -i -e '/^inc\// d' MANIFEST +%description tests +Tests from %{name}. Execute them +with "%{_libexecdir}/%{name}/test". +%prep +%autosetup -p1 -n Authen-SASL-%{version} + +# Fix permissions chmod -c a-x example_pl +# Help generators to recognize Perl scripts +for F in `find t -name *.t -o -name *.pl`; do + perl -i -MConfig -ple 'print $Config{startperl} if $. == 1 && !s{\A#!.*perl\b}{$Config{startperl}}' "$F" + chmod +x "$F" +done + %build -%{__perl} Makefile.PL INSTALLDIRS=vendor -make %{?_smp_mflags} +perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 NO_PERLLOCAL=1 +%{make_build} %install -make pure_install DESTDIR=$RPM_BUILD_ROOT -find $RPM_BUILD_ROOT -type f -name .packlist -delete -%{_fixperms} $RPM_BUILD_ROOT - -cp %{SOURCE1} . +%{make_install} +%{_fixperms} %{buildroot} + +# Install tests +mkdir -p %{buildroot}%{_libexecdir}/%{name} +cp -a t %{buildroot}%{_libexecdir}/%{name} +rm %{buildroot}%{_libexecdir}/%{name}/t/author-pod-syntax.t +cat > %{buildroot}%{_libexecdir}/%{name}/test << 'EOF' +#!/bin/sh +cd %{_libexecdir}/%{name} && exec prove -I . -r -j "$(getconf _NPROCESSORS_ONLN)" +EOF +chmod +x %{buildroot}%{_libexecdir}/%{name}/test %check +export HARNESS_OPTIONS=j$(perl -e 'if ($ARGV[0] =~ /.*-j([0-9][0-9]*).*/) {print $1} else {print 1}' -- '%{?_smp_mflags}') +unset AUTHOR_TESTING make test %files -%license LICENSE.PTR -%doc api.txt Changes example_pl +%license LICENSE +%doc api.txt Changes example_pl README %{perl_vendorlib}/* %{_mandir}/man3/* +%files tests +%{_libexecdir}/%{name} + %changelog -* Thu Jan 13 2022 Pawel Winogrodzki - 2.16-21 -- License verified. +* Mon Feb 27 2025 Sumit Jena - 2.1700-5 +- Initial Azure Linux import from Fedora 41 (license: MIT). +- License verified + +* Thu Jul 18 2024 Fedora Release Engineering - 2.1700-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Thu Jan 25 2024 Fedora Release Engineering - 2.1700-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 2.1700-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Aug 21 2023 Jitka Plesnikova - 2.1700-1 +- 2.1700 bump (rhbz#2231059) +- Package tests -* Fri Oct 15 2021 Pawel Winogrodzki - 2.16-20 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Thu Jul 20 2023 Fedora Release Engineering - 2.16-30 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Fri Jan 20 2023 Fedora Release Engineering - 2.16-29 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Fri Jul 22 2022 Fedora Release Engineering - 2.16-28 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Wed Jun 01 2022 Jitka Plesnikova - 2.16-27 +- Perl 5.36 rebuild + +* Thu Jan 20 2022 Fedora Release Engineering - 2.16-26 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Thu Jul 22 2021 Fedora Release Engineering - 2.16-25 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Fri May 21 2021 Jitka Plesnikova - 2.16-24 +- Perl 5.34 rebuild + +* Tue Jan 26 2021 Fedora Release Engineering - 2.16-23 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jul 28 2020 Fedora Release Engineering - 2.16-22 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jun 23 2020 Jitka Plesnikova - 2.16-21 +- Perl 5.32 rebuild + +* Tue Mar 10 2020 Petr Pisar - 2.16-20 +- Specify all dependencies * Wed Jan 29 2020 Fedora Release Engineering - 2.16-19 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/SPECS-EXTENDED/perl-B-Hooks-EndOfScope/perl-B-Hooks-EndOfScope.signatures.json b/SPECS-EXTENDED/perl-B-Hooks-EndOfScope/perl-B-Hooks-EndOfScope.signatures.json index c8c59403eb..b2c7c7ecfd 100644 --- a/SPECS-EXTENDED/perl-B-Hooks-EndOfScope/perl-B-Hooks-EndOfScope.signatures.json +++ b/SPECS-EXTENDED/perl-B-Hooks-EndOfScope/perl-B-Hooks-EndOfScope.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "perl-B-Hooks-EndOfScope-0.24.tar.gz": "03aa3dfe5d0aa6471a96f43fe8318179d19794d4a640708f0288f9216ec7acc6" + "perl-B-Hooks-EndOfScope-0.28.tar.gz": "edac77a17fc36620c8324cc194ce1fad2f02e9fcbe72d08ad0b2c47f0c7fd8ef" } } diff --git a/SPECS-EXTENDED/perl-B-Hooks-EndOfScope/perl-B-Hooks-EndOfScope.spec b/SPECS-EXTENDED/perl-B-Hooks-EndOfScope/perl-B-Hooks-EndOfScope.spec index e1d6f0360c..f0e90bbb7f 100644 --- a/SPECS-EXTENDED/perl-B-Hooks-EndOfScope/perl-B-Hooks-EndOfScope.spec +++ b/SPECS-EXTENDED/perl-B-Hooks-EndOfScope/perl-B-Hooks-EndOfScope.spec @@ -8,20 +8,22 @@ %bcond_without perl_B_Hooks_EndOfScope_enables_optional_test Name: perl-B-Hooks-EndOfScope -Version: 0.24 -Release: 10%{?dist} -License: GPL+ or Artistic +Version: 0.28 +Release: 3%{?dist} +License: GPL-1.0-or-later OR Artistic-1.0-Perl Vendor: Microsoft Corporation Distribution: Azure Linux Summary: Execute code after scope compilation finishes URL: https://metacpan.org/release/B-Hooks-EndOfScope -Source0: https://cpan.metacpan.org/authors/id/E/ET/ETHER/B-Hooks-EndOfScope-%{version}.tar.gz#/perl-B-Hooks-EndOfScope-%{version}.tar.gz +Source0: https://cpan.metacpan.org/modules/by-module/B/B-Hooks-EndOfScope-%{version}.tar.gz#/perl-B-Hooks-EndOfScope-%{version}.tar.gz Patch0: B-Hooks-EndOfScope-0.13-shellbangs.patch BuildArch: noarch # Build BuildRequires: coreutils BuildRequires: findutils +BuildRequires: gcc BuildRequires: make +BuildRequires: perl-devel BuildRequires: perl-generators BuildRequires: perl-interpreter BuildRequires: perl(ExtUtils::MakeMaker) @@ -90,6 +92,8 @@ BuildRequires: perl(Test::Spelling), hunspell-en %endif # Runtime Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) +# Dependencies +# (none) %description This module allows you to execute code when Perl has finished compiling the @@ -99,7 +103,7 @@ surrounding scope. %setup -q -n B-Hooks-EndOfScope-%{version} # Remove shellbangs from tests to placate rpmlint -%patch 0 +%patch -P 0 # British-English spelling LICENCE upsets US spell checker echo LICENCE >> xt/author/pod-spell.t @@ -131,8 +135,76 @@ make test TEST_FILES="$(echo $(find xt/ -name '*.t'))" %{_mandir}/man3/B::Hooks::EndOfScope::XS.3* %changelog -* Fri Oct 15 2021 Pawel Winogrodzki - 0.24-10 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Fri Dec 20 2024 Jyoti kanase - 0.28-3 +- Initial Azure Linux import from Fedora 41 (license: MIT). +- License verified. + +* Thu Jul 18 2024 Fedora Release Engineering - 0.28-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Fri Mar 1 2024 Paul Howarth - 0.28-1 +- Update to 0.28 + - Add optional prereqs to metadata to help prereq analysis tools + (CPAN RT#151992) +- Avoid use of deprecated patch syntax + +* Thu Jan 25 2024 Fedora Release Engineering - 0.26-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 0.26-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Thu Jul 20 2023 Fedora Release Engineering - 0.26-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Fri Mar 03 2023 Michal Josef Špaček - 0.26-6 +- Update license to SPDX format + +* Fri Jan 20 2023 Fedora Release Engineering - 0.26-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Fri Jul 22 2022 Fedora Release Engineering - 0.26-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Fri Jun 03 2022 Jitka Plesnikova - 0.26-3 +- Perl 5.36 re-rebuild of bootstrapped packages + +* Wed Jun 01 2022 Jitka Plesnikova - 0.26-2 +- Perl 5.36 rebuild + +* Mon Feb 21 2022 Paul Howarth - 0.26-1 +- Update to 0.26 (no changes) + +* Thu Jan 20 2022 Fedora Release Engineering - 0.25-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Mon Oct 11 2021 Paul Howarth - 0.25-1 +- Update to 0.25 + - Add test of dieing inside an on_scope_end() (GH#8) + - Update bundled version of ExtUtils::HasCompiler, for new Apple include + paths +- Use author-independent source URL + +* Thu Jul 22 2021 Fedora Release Engineering - 0.24-16 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Mon May 24 2021 Jitka Plesnikova - 0.24-15 +- Perl 5.34 re-rebuild of bootstrapped packages + +* Fri May 21 2021 Jitka Plesnikova - 0.24-14 +- Perl 5.34 rebuild + +* Tue Jan 26 2021 Fedora Release Engineering - 0.24-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jul 28 2020 Fedora Release Engineering - 0.24-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Fri Jun 26 2020 Jitka Plesnikova - 0.24-11 +- Perl 5.32 re-rebuild of bootstrapped packages + +* Tue Jun 23 2020 Jitka Plesnikova - 0.24-10 +- Perl 5.32 rebuild * Wed Jan 29 2020 Fedora Release Engineering - 0.24-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/SPECS-EXTENDED/perl-Business-ISBN-Data/perl-Business-ISBN-Data.signatures.json b/SPECS-EXTENDED/perl-Business-ISBN-Data/perl-Business-ISBN-Data.signatures.json index 06bdbd8653..b5059f4c9f 100644 --- a/SPECS-EXTENDED/perl-Business-ISBN-Data/perl-Business-ISBN-Data.signatures.json +++ b/SPECS-EXTENDED/perl-Business-ISBN-Data/perl-Business-ISBN-Data.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "perl-Business-ISBN-Data-20191107.tar.gz": "844c4f64f193d389340b4465a1d5bc34c60f0c8e42e5c69ac8afe3d3bbc5ca0d" + "perl-Business-ISBN-Data-20240930.001.tar.gz": "03aed151c3a76f393d33c3c728c85dcda4d17adad26eb385bfbb0f719bec01cf" } } diff --git a/SPECS-EXTENDED/perl-Business-ISBN-Data/perl-Business-ISBN-Data.spec b/SPECS-EXTENDED/perl-Business-ISBN-Data/perl-Business-ISBN-Data.spec index 38336993a7..b21c84bc15 100644 --- a/SPECS-EXTENDED/perl-Business-ISBN-Data/perl-Business-ISBN-Data.spec +++ b/SPECS-EXTENDED/perl-Business-ISBN-Data/perl-Business-ISBN-Data.spec @@ -1,21 +1,19 @@ Vendor: Microsoft Corporation Distribution: Azure Linux Name: perl-Business-ISBN-Data -Version: 20191107 -Release: 3%{?dist} +Version: 20240930.001 +Release: 2%{?dist} Summary: The data pack for Business::ISBN -License: Artistic 2.0 +License: Artistic-2.0 URL: https://metacpan.org/release/Business-ISBN-Data -Source0: https://cpan.metacpan.org/authors/id/B/BD/BDFOY/Business-ISBN-Data-%{version}.tar.gz#/perl-Business-ISBN-Data-%{version}.tar.gz -Patch0: Business-ISBN-Data-20120719-shellbang.patch +Source0: https://cpan.metacpan.org/modules/by-module/Business/Business-ISBN-Data-%{version}.tar.gz#/perl-Business-ISBN-Data-%{version}.tar.gz BuildArch: noarch # Module Build BuildRequires: coreutils -BuildRequires: findutils BuildRequires: make BuildRequires: perl-generators BuildRequires: perl-interpreter -BuildRequires: perl(ExtUtils::MakeMaker) >= 6.64 +BuildRequires: perl(ExtUtils::MakeMaker) >= 6.76 BuildRequires: perl(File::Spec) BuildRequires: perl(Test::Manifest) >= 1.21 # Module Runtime @@ -23,15 +21,18 @@ BuildRequires: perl(Carp) BuildRequires: perl(File::Basename) BuildRequires: perl(File::Spec::Functions) BuildRequires: perl(strict) -BuildRequires: perl(vars) +BuildRequires: perl(utf8) BuildRequires: perl(warnings) # Test Suite +BuildRequires: perl(Data::Dumper) BuildRequires: perl(Test::More) >= 0.95 BuildRequires: perl(Test::Pod) >= 1.00 BuildRequires: perl(Test::Pod::Coverage) -# Runtime Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) +# Dependencies +# (none) + %description This is a data pack for Business::ISBN. You can update the ISBN data without changing the version of Business::ISBN. @@ -40,17 +41,13 @@ Most of the interesting stuff is in Business::ISBN. %prep %setup -q -n Business-ISBN-Data-%{version} -# Fix shellbang and script permissions for make_data.pl -%patch 0 -chmod -c +x make_data.pl - %build perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 NO_PERLLOCAL=1 %{make_build} %install %{make_install} -%{_fixperms} %{buildroot} +%{_fixperms} -c %{buildroot} %check make test @@ -62,8 +59,261 @@ make test %{_mandir}/man3/Business::ISBN::Data.3* %changelog -* Fri Oct 15 2021 Pawel Winogrodzki - 20191107-3 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Thu Dec 12 2024 Jyoti Kanase - 20240930.001-2 +- Initial CBL-Mariner import from Fedora 41 (license: MIT). +- License verified + +* Mon Sep 30 2024 Jitka Plesnikova - 20240930.001-1 +- 20240930.001 bump (rhbz#2315652) + +* Thu Sep 19 2024 Paul Howarth - 20240918.001-1 +- 20240918.001 bump + +* Sun Sep 15 2024 Paul Howarth - 20240914.001-1 +- 20240914.001 bump (rhbz#2312391) + +* Fri Sep 6 2024 Paul Howarth - 20240906.001-1 +- 20240906.001 bump (rhbz#2310418) + +* Wed Aug 21 2024 Paul Howarth - 20240821.001-1 +- 20240821.001 bump (rhbz#2306448) + +* Tue Aug 20 2024 Paul Howarth - 20240820.001-1 +- 20240820.001 bump + +* Sat Aug 17 2024 Paul Howarth - 20240817.001-1 +- 20240817.001 bump + +* Thu Aug 15 2024 Paul Howarth - 20240815.001-1 +- 20240815.001 bump (rhbz#2305174) + +* Wed Aug 7 2024 Paul Howarth - 20240807.001-1 +- 20240807.001 bump (rhbz#2303454) + +* Sat Aug 3 2024 Paul Howarth - 20240803.001-1 +- 20240803.001 bump (rhbz#2302579) + +* Thu Jul 25 2024 Paul Howarth - 20240725.001-1 +- 20240725.001 bump + +* Fri Jul 19 2024 Paul Howarth - 20240718.001-1 +- 20240718.001 bump (rhbz#2298736) + +* Thu Jul 18 2024 Fedora Release Engineering - 20240716.001-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Tue Jul 16 2024 Paul Howarth - 20240716.001-1 +- 20240716.001 bump (rhbz#2298226) + +* Wed Jul 10 2024 Paul Howarth - 20240710.001-1 +- 20240710.001 bump (rhbz#2297072) + +* Tue Jul 9 2024 Paul Howarth - 20240709.001-1 +- 20240709.001 bump (rhbz#2296627) + +* Sat Jun 15 2024 Paul Howarth - 20240614.001-1 +- 20240614.001 bump (rhbz#2292468) + +* Sun Jun 2 2024 Paul Howarth - 20240601.001-1 +- 20240601.001 bump (rhbz#2284202) + +* Fri May 24 2024 Paul Howarth - 20240523.001-1 +- 20240523.001 bump (rhbz#2283021) + +* Fri May 10 2024 Paul Howarth - 20240509.001-1 +- 20240509.001 bump + +* Mon Apr 29 2024 Jitka Plesnikova - 20240426.001-1 +- 20240426.001 bump (rhbz#2277396) + +* Sat Apr 20 2024 Paul Howarth - 20240420.001-1 +- 20240420.001 bump (rhbz#2276198) + +* Sun Apr 14 2024 Paul Howarth - 20240413.001-1 +- 20240413.001 bump (rhbz#2274936) + +* Sun Mar 24 2024 Paul Howarth - 20240323.001-1 +- 20240323.001 bump (rhbz#2271173) + +* Thu Mar 21 2024 Paul Howarth - 20240321.001-1 +- 20240321.001 bump + +* Wed Mar 13 2024 Paul Howarth - 20240313.001-1 +- 20240313.001 bump (rhbz#2269338) + +* Fri Mar 8 2024 Paul Howarth - 20240308.001-1 +- 20240308.001 bump (rhbz#2268556) + +* Sun Mar 3 2024 Paul Howarth - 20240302.001-1 +- 20240302.001 bump (rhbz#2267478) + +* Fri Mar 1 2024 Paul Howarth - 20240229.001-1 +- 20240229.001 bump (rhbz#2267133) + +* Sun Feb 11 2024 Paul Howarth - 20240209.001-1 +- 20240209.001 bump (rhbz#2263590) + +* Tue Feb 06 2024 Jitka Plesnikova - 20240206.001-1 +- 20240206.001 bump (rhbz#2262917) + +* Fri Jan 26 2024 Jitka Plesnikova - 20240126.001-1 +- 20240126.001 bump (rhbz#2260428) + +* Tue Jan 23 2024 Paul Howarth - 20240123.001-1 +- 20240123.001 bump + +* Sun Jan 21 2024 Fedora Release Engineering - 20240116.001-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Tue Jan 16 2024 Paul Howarth - 20240116.001-1 +- 20240116.001 bump (rhbz#2258613) + +* Fri Jan 12 2024 Paul Howarth - 20240111.001-1 +- 20240111.001 bump (rhbz#2257961) + +* Thu Dec 21 2023 Paul Howarth - 20231220.001-1 +- 20231220.001 bump (rhbz#2255496) + +* Fri Dec 15 2023 Paul Howarth - 20231215.001-1 +- 20231215.001 bump (rhbz#2254689) + +* Thu Nov 30 2023 Paul Howarth - 20231130.001-1 +- 20231130.001 bump + +* Sat Nov 25 2023 Paul Howarth - 20231125.001-1 +- 20231125.001 bump (rhbz#2251459) + +* Sun Nov 19 2023 Paul Howarth - 20231118.001-1 +- 20231118.001 bump (rhbz#2250416) + +* Tue Nov 14 2023 Paul Howarth - 20231114.001-1 +- 20231114.001 bump (rhbz#2249602) + +* Fri Nov 10 2023 Paul Howarth - 20231110.001-1 +- 20231110.001 bump (rhbz#2249035) + +* Thu Nov 2 2023 Paul Howarth - 20231102.001-1 +- 20231102.001 bump (rhbz#2247582) + +* Tue Oct 31 2023 Paul Howarth - 20231031.001-1 +- 20231031.001 bump (rhbz#2247270) + +* Fri Oct 20 2023 Paul Howarth - 20231020.001-1 +- 20231020.001 bump (rhbz#2245229) + +* Fri Oct 13 2023 Paul Howarth - 20231013.001-1 +- 20231013.001 bump (rhbz#2243835) + +* Tue Oct 10 2023 Paul Howarth - 20231010.001-1 +- 20231010.001 bump (rhbz#2243069) + +* Sun Oct 8 2023 Paul Howarth - 20231006.001-1 +- 20231006.001 bump (rhbz#2242684) + +* Tue Sep 26 2023 Paul Howarth - 20230926.001-1 +- 20230926.001 bump + +* Sun Sep 24 2023 Paul Howarth - 20230923.001-1 +- 20230923.001 bump (rhbz#2240303) + +* Thu Sep 7 2023 Paul Howarth - 20230907.001-1 +- 20230907.001 bump (rhbz#2237858) + +* Tue Sep 5 2023 Paul Howarth - 20230904.001-1 +- 20230904.001 bump (rhbz#2237353) + +* Wed Aug 30 2023 Jitka Plesnikova - 20230830.001-1 +- 20230830.001 bump (rhbz#2236151) + +* Tue Aug 22 2023 Paul Howarth - 20230822.001-1 +- 20230822.001 bump (rhbz#2233365) + +* Fri Aug 11 2023 Paul Howarth - 20230811.001-1 +- 20230811.001 bump (rhbz#2231347) + +* Sun Jul 30 2023 Paul Howarth - 20230729.001-1 +- 20230729.001 bump (rhbz#2227461) + +* Thu Jul 20 2023 Paul Howarth - 20230719.001-1 +- 20230719.001 bump (rhbz#2224116) + +* Wed Jul 19 2023 Jitka Plesnikova - 20230718.001-1 +- 20230718.001 bump (rhbz#2223772) + +* Sun Jul 16 2023 Paul Howarth - 20230714.001-1 +- 20230714.001 bump (rhbz#2222866) + +* Fri Jul 7 2023 Paul Howarth - 20230707.001-1 +- 20230707.001 bump (rhbz#2221022) + +* Mon Jun 26 2023 Paul Howarth - 20230626.001-1 +- 20230626.001 bump (rhbz#2217555) + +* Mon May 29 2023 Jitka Plesnikova - 20230528.001-1 +- 20230528.001 bump + +* Wed May 17 2023 Jitka Plesnikova - 20230516.001-1 +- 20230516.001 bump + +* Thu May 4 2023 Paul Howarth - 20230426.002-1 +- 20230426.002 bump + +* Thu Apr 27 2023 Jitka Plesnikova - 20230426.001-1 +- 20230426.001 bump (rhbz#2190042) + +* Mon Apr 10 2023 Paul Howarth - 20230410.001-1 +- 20230410.001 bump (rhbz#2185525) + +* Mon Apr 03 2023 Jitka Plesnikova - 20230331.001-1 +- 20230331.001 bump + +* Thu Mar 23 2023 Jitka Plesnikova - 20230322.001-1 +- 20230322.001 bump + +* Fri Mar 17 2023 Paul Howarth - 20230316.001-1 +- 20230316.001 bump (rhbz#2179198) + +* Fri Jan 20 2023 Fedora Release Engineering - 20210112.006-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Fri Jul 22 2022 Fedora Release Engineering - 20210112.006-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Tue May 31 2022 Jitka Plesnikova - 20210112.006-5 +- Perl 5.36 rebuild + +* Thu Jan 20 2022 Fedora Release Engineering - 20210112.006-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Thu Jul 22 2021 Fedora Release Engineering - 20210112.006-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Fri May 21 2021 Jitka Plesnikova - 20210112.006-2 +- Perl 5.34 rebuild + +* Tue Feb 16 2021 Jitka Plesnikova - 20210112.006-1 +- 20210112.006 bump + +* Sat Feb 13 2021 Paul Howarth - 20210112.005-1 +- 20210112.005 bump + +* Wed Feb 10 2021 Jitka Plesnikova - 20210112.004-1 +- 20210112.004 bump + +* Sun Feb 7 2021 Paul Howarth - 20210112.002-1 +- 20210112.002 bump + +* Tue Jan 26 2021 Fedora Release Engineering - 20210112.001-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jan 19 2021 Jitka Plesnikova - 20210112.001-1 +- 20210112.001 bump + +* Tue Jul 28 2020 Fedora Release Engineering - 20191107-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jun 23 2020 Jitka Plesnikova - 20191107-3 +- Perl 5.32 rebuild * Wed Jan 29 2020 Fedora Release Engineering - 20191107-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/SPECS-EXTENDED/perl-Compress-Raw-Lzma/perl-Compress-Raw-Lzma.signatures.json b/SPECS-EXTENDED/perl-Compress-Raw-Lzma/perl-Compress-Raw-Lzma.signatures.json index e67dcbe8a5..ab6da050d4 100644 --- a/SPECS-EXTENDED/perl-Compress-Raw-Lzma/perl-Compress-Raw-Lzma.signatures.json +++ b/SPECS-EXTENDED/perl-Compress-Raw-Lzma/perl-Compress-Raw-Lzma.signatures.json @@ -1,6 +1,6 @@ { "Signatures": { - "Compress-Raw-Lzma-2.101.tar.gz": "bb267fd31981eda11f444038f8a0fca4b94a51ae61b2db71246abf6a4d322a36", + "Compress-Raw-Lzma-2.213.tar.gz": "6b979a8347701ced3ac26123d428c1f202b7999850444da19c4aedbb7c862cb7", "LICENSE.PTR": "3127eaa628d76a647388ad2b25876f5dde0ff386266b7e498bcc599549348808" } } diff --git a/SPECS-EXTENDED/perl-Compress-Raw-Lzma/perl-Compress-Raw-Lzma.spec b/SPECS-EXTENDED/perl-Compress-Raw-Lzma/perl-Compress-Raw-Lzma.spec index 9f042cca38..0d4f33f4db 100644 --- a/SPECS-EXTENDED/perl-Compress-Raw-Lzma/perl-Compress-Raw-Lzma.spec +++ b/SPECS-EXTENDED/perl-Compress-Raw-Lzma/perl-Compress-Raw-Lzma.spec @@ -1,8 +1,11 @@ -Summary: Low-level interface to lzma compression library -Name: perl-Compress-Raw-Lzma -Version: 2.101 -Release: 4%{?dist} -License: GPL+ OR Artistic +# Perform optional tests +%bcond_without perl_Compress_Raw_Lzma_enables_optional_test + +Name: perl-Compress-Raw-Lzma +Version: 2.213 +Release: 1%{?dist} +Summary: Low-level interface to lzma compression library +License: GPL-1.0-or-later OR Artistic-1.0-Perl Vendor: Microsoft Corporation Distribution: Azure Linux URL: https://metacpan.org/release/Compress-Raw-Lzma @@ -10,55 +13,50 @@ Source0: https://cpan.metacpan.org/modules/by-module/Compress/Compress-Ra Source1: LICENSE.PTR # Module Build -BuildRequires: coreutils -BuildRequires: findutils -BuildRequires: gcc -BuildRequires: make -BuildRequires: perl-devel -BuildRequires: perl-generators -BuildRequires: perl-interpreter -BuildRequires: xz-devel -BuildRequires: perl(Config) -BuildRequires: perl(ExtUtils::Constant) -BuildRequires: perl(ExtUtils::MakeMaker) >= 6.76 -BuildRequires: perl(File::Copy) -BuildRequires: perl(File::Spec::Functions) -BuildRequires: perl(FindBin) -BuildRequires: perl(lib) -BuildRequires: perl(Module::CoreList) - +BuildRequires: coreutils +BuildRequires: findutils +BuildRequires: gcc +BuildRequires: make +BuildRequires: perl-devel +BuildRequires: perl-generators +BuildRequires: perl-interpreter +BuildRequires: perl(Config) +BuildRequires: perl(ExtUtils::Constant) +BuildRequires: perl(ExtUtils::MakeMaker) >= 6.76 +BuildRequires: perl(File::Copy) +BuildRequires: perl(File::Spec::Functions) +BuildRequires: perl(lib) +BuildRequires: xz-devel # Module Runtime -BuildRequires: perl(AutoLoader) -BuildRequires: perl(Carp) -BuildRequires: perl(Exporter) -BuildRequires: perl(Scalar::Util) -BuildRequires: perl(UNIVERSAL) -BuildRequires: perl(XSLoader) -BuildRequires: perl(bytes) -BuildRequires: perl(constant) -BuildRequires: perl(strict) -BuildRequires: perl(warnings) - -%if 0%{?with_check} +BuildRequires: perl(AutoLoader) +BuildRequires: perl(bytes) +BuildRequires: perl(Carp) +BuildRequires: perl(constant) +BuildRequires: perl(Exporter) +BuildRequires: perl(Scalar::Util) +BuildRequires: perl(strict) +BuildRequires: perl(UNIVERSAL) +BuildRequires: perl(warnings) +BuildRequires: perl(XSLoader) # Test Suite -BuildRequires: perl(File::Path) -BuildRequires: perl(Test::More) - +BuildRequires: perl(File::Path) +BuildRequires: perl(Test::More) +%if %{with perl_Compress_Raw_Lzma_enables_optional_test} # Optional Tests -BuildRequires: xz -BuildRequires: perl(Test::CPAN::Meta) -BuildRequires: perl(Test::CPAN::Meta::JSON) -BuildRequires: perl(Test::NoWarnings) -BuildRequires: perl(Test::Pod) >= 1.00 +BuildRequires: perl(Test::CPAN::Meta) +BuildRequires: perl(Test::CPAN::Meta::JSON) +BuildRequires: perl(Test::NoWarnings) +BuildRequires: perl(Test::Pod) >= 1.00 +BuildRequires: xz %endif +# Dependencies +Requires: perl(XSLoader) -# Built-against version is embedded in module, so we have a strict version dependency -Requires: xz-libs%{?_isa} = %((pkg-config --modversion liblzma 2>/dev/null || echo 0) | tr -dc '[0-9.]') -# Runtime -Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) -Requires: perl(XSLoader) # Don't "provide" private Perl libs %{?perl_default_filter} +# Filter modules bundled for tests +%global __provides_exclude_from %{?__provides_exclude_from:%__provides_exclude_from|}^%{_libexecdir} +%global __requires_exclude %{?__requires_exclude:%__requires_exclude|}^perl\\(CompTestUtils\\) %description This module provides a Perl interface to the lzma compression library. @@ -71,23 +69,29 @@ It is used by IO::Compress::Lzma. rm -rv t/Test/ perl -i -ne 'print $_ unless m{^t/Test/}' MANIFEST +# Help generators to recognize Perl scripts +for F in t/*.t; do + perl -i -MConfig -ple 'print $Config{startperl} if $. == 1 && !s{\A#!.*perl\b}{$Config{startperl}}' "$F" + chmod +x "$F" +done + %build perl Makefile.PL \ INSTALLDIRS=vendor \ NO_PACKLIST=1 \ NO_PERLLOCAL=1 \ OPTIMIZE="%{optflags}" -%make_build +%{make_build} %install -%make_install +%{make_install} find %{buildroot} -type f -name '*.bs' -empty -delete %{_fixperms} -c %{buildroot} cp %{SOURCE1} . %check -%make_build test +make test %files %license LICENSE.PTR @@ -97,6 +101,10 @@ cp %{SOURCE1} . %{_mandir}/man3/Compress::Raw::Lzma.3* %changelog +* Mon Feb 27 2025 Sumit Jena - 2.213-1 +- Update to version 2.213 +- License verified + * Wed Jan 19 2022 Pawel Winogrodzki - 2.101-4 - Initial CBL-Mariner import from Fedora 36 (license: MIT). - License verified. diff --git a/SPECS-EXTENDED/perl-Config-Tiny/perl-Config-Tiny.signatures.json b/SPECS-EXTENDED/perl-Config-Tiny/perl-Config-Tiny.signatures.json index 12d1c398b0..1b5abd4805 100644 --- a/SPECS-EXTENDED/perl-Config-Tiny/perl-Config-Tiny.signatures.json +++ b/SPECS-EXTENDED/perl-Config-Tiny/perl-Config-Tiny.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "Config-Tiny-2.24.tgz": "1064948e4bc57e86e318dbc8791c53ca5b9d95b958cc474367c3277981135232" + "Config-Tiny-2.30.tgz": "b2f7345619b3b8e636dd39ea010731c9dc2bfb8f022bcbd86ae6ad17866e110d" } } diff --git a/SPECS-EXTENDED/perl-Config-Tiny/perl-Config-Tiny.spec b/SPECS-EXTENDED/perl-Config-Tiny/perl-Config-Tiny.spec index f7a11df1f6..a23195eea1 100644 --- a/SPECS-EXTENDED/perl-Config-Tiny/perl-Config-Tiny.spec +++ b/SPECS-EXTENDED/perl-Config-Tiny/perl-Config-Tiny.spec @@ -6,10 +6,10 @@ %endif Name: perl-Config-Tiny -Version: 2.24 -Release: 4%{?dist} +Version: 2.30 +Release: 1%{?dist} Summary: Perl module for reading and writing .ini style configuration files -License: GPL+ or Artistic +License: GPL-1.0-or-later OR Artistic-1.0-Perl Vendor: Microsoft Corporation Distribution: Azure Linux URL: https://metacpan.org/release/Config-Tiny @@ -28,8 +28,8 @@ BuildRequires: perl(strict) # Test Suite BuildRequires: perl(File::Spec) >= 3.30 BuildRequires: perl(File::Temp) >= 0.22 -BuildRequires: perl(Test::More) >= 0.47 -BuildRequires: perl(UNIVERSAL) +BuildRequires: perl(Test::More) >= 1.001002 +BuildRequires: perl(UNIVERSAL::isa) BuildRequires: perl(utf8) %if %{with perl_Config_Tiny_enables_extra_test} # Extra Tests @@ -40,8 +40,6 @@ BuildRequires: perl(Test::MinimumVersion) >= 0.101080 %endif BuildRequires: perl(Test::Pod) >= 1.44 %endif -# Runtime -Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) %description Config::Tiny is a Perl module designed for reading and writing .ini @@ -73,6 +71,10 @@ make test TEST_FILES="$(echo $(find xt/ -name '*.t'))" AUTOMATED_TESTING=1 %{_mandir}/man3/Config::Tiny.3* %changelog +* Mon Feb 27 2025 Sumit Jena - 2.30-1 +- Update to version 2.30 +- License verified + * Fri Oct 15 2021 Pawel Winogrodzki - 2.24-4 - Initial CBL-Mariner import from Fedora 32 (license: MIT). diff --git a/SPECS-EXTENDED/perl-Crypt-OpenSSL-Random/perl-Crypt-OpenSSL-Random.signatures.json b/SPECS-EXTENDED/perl-Crypt-OpenSSL-Random/perl-Crypt-OpenSSL-Random.signatures.json index f96aea43c6..fcb1c20cc6 100644 --- a/SPECS-EXTENDED/perl-Crypt-OpenSSL-Random/perl-Crypt-OpenSSL-Random.signatures.json +++ b/SPECS-EXTENDED/perl-Crypt-OpenSSL-Random/perl-Crypt-OpenSSL-Random.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "perl-Crypt-OpenSSL-Random-0.15.tar.gz": "f0876faa1ba3111e39b86aa730c603211eff2905e460c72a57b61e8cf475cef4" + "perl-Crypt-OpenSSL-Random-0.17.tar.gz": "a571b24181baaa76c96704e92acffc6934ff593e380dade274db4e43c140ad51" } } diff --git a/SPECS-EXTENDED/perl-Crypt-OpenSSL-Random/perl-Crypt-OpenSSL-Random.spec b/SPECS-EXTENDED/perl-Crypt-OpenSSL-Random/perl-Crypt-OpenSSL-Random.spec index b040be8710..ff28175676 100644 --- a/SPECS-EXTENDED/perl-Crypt-OpenSSL-Random/perl-Crypt-OpenSSL-Random.spec +++ b/SPECS-EXTENDED/perl-Crypt-OpenSSL-Random/perl-Crypt-OpenSSL-Random.spec @@ -1,69 +1,166 @@ -Vendor: Microsoft Corporation -Distribution: Azure Linux Name: perl-Crypt-OpenSSL-Random -Version: 0.15 -Release: 8%{?dist} +Version: 0.17 +Release: 3%{?dist} Summary: OpenSSL/LibreSSL pseudo-random number generator access -License: GPL+ or Artistic +License: GPL-1.0-or-later OR Artistic-1.0-Perl +Vendor: Microsoft Corporation +Distribution: Azure Linux URL: https://metacpan.org/release/Crypt-OpenSSL-Random Source0: https://cpan.metacpan.org/authors/id/R/RU/RURBAN/Crypt-OpenSSL-Random-%{version}.tar.gz#/perl-Crypt-OpenSSL-Random-%{version}.tar.gz -BuildRequires: gcc -BuildRequires: openssl -BuildRequires: openssl-devel BuildRequires: coreutils BuildRequires: findutils +BuildRequires: gcc +BuildRequires: openssl-devel BuildRequires: make BuildRequires: perl-devel BuildRequires: perl-generators BuildRequires: perl-interpreter +# perl-podlators for pod2text not needed if Random.pm is older than README +BuildRequires: perl(:VERSION) >= 5.6 BuildRequires: perl(Config) BuildRequires: perl(Crypt::OpenSSL::Guess) >= 0.11 +BuildRequires: perl(ExtUtils::MakeMaker) >= 6.76 +# Run-time: BuildRequires: perl(Exporter) -BuildRequires: perl(ExtUtils::MakeMaker) BuildRequires: perl(strict) -BuildRequires: perl(Test::More) BuildRequires: perl(vars) BuildRequires: perl(XSLoader) - Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) +# Tests: +BuildRequires: perl(Test::More) +# Optional tests: +BuildRequires: perl(Test::Pod) >= 1.00 + %{?perl_default_filter} %description Crypt::OpenSSL::Random provides the ability to seed and query the OpenSSL and LibreSSL library's pseudo-random number generators. +%package tests +Summary: Tests for %{name} +BuildArch: noarch +Requires: %{name} = %{?epoch:%{epoch}:}%{version}-%{release} +Requires: perl-Test-Harness + +%description tests +Tests from %{name}. Execute them +with "%{_libexecdir}/%{name}/test". + %prep %setup -q -n Crypt-OpenSSL-Random-%{version} +# Remove author-only tests that are always skipped +for F in t/z_kwalitee.t t/z_manifest.t t/z_meta.t t/z_perl_minimum_version.t \ + t/z_pod-coverage.t; do + rm "$F" + perl -i -ne 'print $_ unless m{^\E'"$F"'\Q}' MANIFEST +done; %build -%{__perl} Makefile.PL INSTALLDIRS=vendor -make %{?_smp_mflags} +unset AUTOMATED_TESTING +perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 NO_PERLLOCAL=1 +%{make_build} %install -rm -rf %{buildroot} - -make pure_install DESTDIR=%{buildroot} - -find %{buildroot} -type f \( -name .packlist -o \ - -name '*.bs' -empty \) -exec rm -f {} \; -find %{buildroot} -depth -type d -empty -exec rmdir {} \; +%{make_install} +find %{buildroot} -type f -name '*.bs' -empty -delete %{_fixperms} %{buildroot}/* +# Install tests +mkdir -p %{buildroot}%{_libexecdir}/%{name} +cp -a t %{buildroot}%{_libexecdir}/%{name} +rm %{buildroot}%{_libexecdir}/%{name}/t/z_pod.t +cat > %{buildroot}%{_libexecdir}/%{name}/test << 'EOF' +#!/bin/sh +cd %{_libexecdir}/%{name} && exec prove -I . -j "$(getconf _NPROCESSORS_ONLN)" +EOF +chmod +x %{buildroot}%{_libexecdir}/%{name}/test %check +export HARNESS_OPTIONS=j$(perl -e 'if ($ARGV[0] =~ /.*-j([0-9][0-9]*).*/) {print $1} else {print 1}' -- '%{?_smp_mflags}') make test %files -%{!?_licensedir:%global license %%doc} %license LICENSE -%doc Changes -%{perl_vendorarch}/auto/* -%{perl_vendorarch}/Crypt/ -%{_mandir}/man3/* +%doc Changes README +%dir %{perl_vendorarch}/auto/Crypt +%dir %{perl_vendorarch}/auto/Crypt/OpenSSL +%{perl_vendorarch}/auto/Crypt/OpenSSL/Random +%dir %{perl_vendorarch}/Crypt +%dir %{perl_vendorarch}/Crypt/OpenSSL +%{perl_vendorarch}/Crypt/OpenSSL/Random.pm +%{_mandir}/man3/Crypt::OpenSSL::Random.* + +%files tests +%{_libexecdir}/%{name} %changelog -* Fri Oct 15 2021 Pawel Winogrodzki - 0.15-8 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Thu Dec 19 2024 Jyoti kanase - 0.17-3 +- Initial Azure Linux import from Fedora 41 (license: MIT). +- License verified. + +* Thu Jul 18 2024 Fedora Release Engineering - 0.17-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Fri Jun 14 2024 Petr Pisar - 0.17-1 +- 0.17 bump + +* Mon Jun 10 2024 Jitka Plesnikova - 0.16-2 +- Perl 5.40 rebuild + +* Fri May 17 2024 Petr Pisar - 0.16-1 +- 0.16 bump +- Package the tests + +* Thu Jan 25 2024 Fedora Release Engineering - 0.15-23 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 0.15-22 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Thu Jul 20 2023 Fedora Release Engineering - 0.15-21 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Tue Jul 11 2023 Jitka Plesnikova - 0.15-20 +- Perl 5.38 rebuild + +* Wed Jun 07 2023 Michal Josef Špaček - 0.15-19 +- Update license to SPDX format +- Modernize spec + +* Fri Jan 20 2023 Fedora Release Engineering - 0.15-18 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Fri Jul 22 2022 Fedora Release Engineering - 0.15-17 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Tue May 31 2022 Jitka Plesnikova - 0.15-16 +- Perl 5.36 rebuild + +* Fri Jan 21 2022 Fedora Release Engineering - 0.15-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Tue Sep 14 2021 Sahana Prasad - 0.15-14 +- Rebuilt with OpenSSL 3.0.0 + +* Thu Jul 22 2021 Fedora Release Engineering - 0.15-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Fri May 21 2021 Jitka Plesnikova - 0.15-12 +- Perl 5.34 rebuild + +* Wed Jan 27 2021 Fedora Release Engineering - 0.15-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jul 28 2020 Fedora Release Engineering - 0.15-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jun 23 2020 Jitka Plesnikova - 0.15-9 +- Perl 5.32 rebuild + +* Tue Feb 04 2020 Tom Stellard - 0.15-8 +- Use make_build macro +- https://docs.fedoraproject.org/en-US/packaging-guidelines/#_parallel_make * Wed Jan 29 2020 Fedora Release Engineering - 0.15-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/SPECS-EXTENDED/perl-Data-Peek/perl-Data-Peek.signatures.json b/SPECS-EXTENDED/perl-Data-Peek/perl-Data-Peek.signatures.json index 96f694153c..4cbf5f57c1 100644 --- a/SPECS-EXTENDED/perl-Data-Peek/perl-Data-Peek.signatures.json +++ b/SPECS-EXTENDED/perl-Data-Peek/perl-Data-Peek.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "Data-Peek-0.49.tgz": "deba73cd6f88a3987b20234bebdfd1502805a2bf4278161afbc0ab43894d456e" + "perl-Data-Peek-0.52.tgz": "6b78ae513c068bd1ed629d08531283c12a9888f61e96ffbdf166d6ab51e277d0" } } diff --git a/SPECS-EXTENDED/perl-Data-Peek/perl-Data-Peek.spec b/SPECS-EXTENDED/perl-Data-Peek/perl-Data-Peek.spec index 9db990bc7d..e524c4db49 100644 --- a/SPECS-EXTENDED/perl-Data-Peek/perl-Data-Peek.spec +++ b/SPECS-EXTENDED/perl-Data-Peek/perl-Data-Peek.spec @@ -1,15 +1,16 @@ -Vendor: Microsoft Corporation -Distribution: Azure Linux # Run optional test %{bcond_without perl_Data_Peek_enables_option_test} Name: perl-Data-Peek -Version: 0.49 -Release: 2%{?dist} +Version: 0.52 +Release: 9%{?dist} Summary: Collection of low-level debug facilities -License: GPL+ or Artistic +License: GPL-1.0-or-later OR Artistic-1.0-Perl +Vendor: Microsoft Corporation +Distribution: Azure Linux URL: https://metacpan.org/release/Data-Peek -Source0: https://cpan.metacpan.org/authors/id/H/HM/HMBRAND/Data-Peek-%{version}.tgz +Source0: https://cpan.metacpan.org/authors/id/H/HM/HMBRAND/Data-Peek-%{version}.tgz#/%{name}-%{version}.tgz +BuildRequires: coreutils BuildRequires: findutils BuildRequires: gcc BuildRequires: make @@ -23,19 +24,20 @@ BuildRequires: perl(strict) BuildRequires: perl(bytes) BuildRequires: perl(Config) BuildRequires: perl(Data::Dumper) -BuildRequires: perl(DynaLoader) +BuildRequires: perl(XSLoader) BuildRequires: perl(vars) BuildRequires: perl(warnings) # Tests: -BuildRequires: perl(Test::More) >= 0.88 +BuildRequires: perl(Test::More) >= 0.90 BuildRequires: perl(Test::Warnings) +Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) + %if %{with perl_Data_Peek_enables_option_test} # Optional tests: BuildRequires: perl(Perl::Tidy) >= 20120714 BuildRequires: perl(Test::Pod) >= 1.00 BuildRequires: perl(Test::Pod::Coverage) %endif -Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) %{?perl_default_filter} @@ -45,8 +47,22 @@ but grew out to be a set of low-level data introspection utilities that no other module provided yet, using the lowest level of the perl internals API as possible. +%package tests +Summary: Tests for %{name} +Requires: %{name} = %{?epoch:%{epoch}:}%{version}-%{release} +Requires: perl-Test-Harness + +%description tests +Tests from %{name}. Execute them +with "%{_libexecdir}/%{name}/test". + %prep %setup -q -n Data-Peek-%{version} +# Help generators to recognize Perl scripts +for F in t/*.t; do + perl -i -MConfig -ple 'print $Config{startperl} if $. == 1 && !s{\A#!.*perl\b}{$Config{startperl}}' "$F" + chmod +x "$F" +done %build perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 NO_PERLLOCAL=1 OPTIMIZE="$RPM_OPT_FLAGS" @@ -54,10 +70,20 @@ perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 NO_PERLLOCAL=1 OPTIMIZE="$RPM_ %install %{make_install} -find $RPM_BUILD_ROOT -type f -name '*.bs' -size 0 -delete -%{_fixperms} $RPM_BUILD_ROOT/* +find %{buildroot} -type f -name '*.bs' -size 0 -delete +%{_fixperms} %{buildroot}/* +# Install tests +mkdir -p %{buildroot}%{_libexecdir}/%{name} +cp -a t %{buildroot}%{_libexecdir}/%{name} +rm %{buildroot}%{_libexecdir}/%{name}/t/*pod.t +cat > %{buildroot}%{_libexecdir}/%{name}/test << 'EOF' +#!/bin/sh +cd %{_libexecdir}/%{name} && exec prove -I . -r -j "$(getconf _NPROCESSORS_ONLN)" +EOF +chmod +x %{buildroot}%{_libexecdir}/%{name}/test %check +export HARNESS_OPTIONS=j$(perl -e 'if ($ARGV[0] =~ /.*-j([0-9][0-9]*).*/) {print $1} else {print 1}' -- '%{?_smp_mflags}') make test %files @@ -67,9 +93,68 @@ make test %{perl_vendorarch}/DP.pm %{_mandir}/man3/* +%files tests +%{_libexecdir}/%{name} + %changelog -* Fri Oct 15 2021 Pawel Winogrodzki - 0.49-2 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Thu Dec 19 2024 Jyoti kanase - 0.52-9 +- Initial Azure Linux import from Fedora 41 (license: MIT). +- License verified. + +* Thu Jul 18 2024 Fedora Release Engineering - 0.52-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Tue Jun 11 2024 Jitka Plesnikova - 0.52-7 +- Perl 5.40 rebuild + +* Thu Jan 25 2024 Fedora Release Engineering - 0.52-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 0.52-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Thu Jul 20 2023 Fedora Release Engineering - 0.52-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Tue Jul 11 2023 Jitka Plesnikova - 0.52-3 +- Perl 5.38 rebuild + +* Fri Jan 20 2023 Fedora Release Engineering - 0.52-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Wed Jan 04 2023 Jitka Plesnikova - 0.52-1 +- 0.52 bump +- Package tests + +* Fri Jul 22 2022 Fedora Release Engineering - 0.51-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Wed Jun 01 2022 Jitka Plesnikova - 0.51-3 +- Perl 5.36 rebuild + +* Fri Jan 21 2022 Fedora Release Engineering - 0.51-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Wed Jan 05 2022 Jitka Plesnikova - 0.51-1 +- 0.51 bump + +* Thu Jul 22 2021 Fedora Release Engineering - 0.50-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Fri May 21 2021 Jitka Plesnikova - 0.50-3 +- Perl 5.34 rebuild + +* Wed Jan 27 2021 Fedora Release Engineering - 0.50-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Mon Dec 21 2020 Jitka Plesnikova - 0.50-1 +- 0.50 bump + +* Tue Jul 28 2020 Fedora Release Engineering - 0.49-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jun 23 2020 Jitka Plesnikova - 0.49-2 +- Perl 5.32 rebuild * Fri Jan 31 2020 Jitka Plesnikova - 0.49-1 - 0.49 bump diff --git a/SPECS-EXTENDED/perl-File-Slurp/perl-File-Slurp.signatures.json b/SPECS-EXTENDED/perl-File-Slurp/perl-File-Slurp.signatures.json index 612c1d2f7c..a5a08462df 100644 --- a/SPECS-EXTENDED/perl-File-Slurp/perl-File-Slurp.signatures.json +++ b/SPECS-EXTENDED/perl-File-Slurp/perl-File-Slurp.signatures.json @@ -1,5 +1,6 @@ { "Signatures": { - "perl-File-Slurp-9999.29.tar.gz": "0e6e47e0bba639e37e51fdc7a43b187cd90ac642e4baa13a7185bc6c223e19c7" + "perl-File-Slurp-9999.32.tar.gz": "4c3c21992a9d42be3a79dd74a3c83d27d38057269d65509a2f555ea0fb2bc5b0" } } + diff --git a/SPECS-EXTENDED/perl-File-Slurp/perl-File-Slurp.spec b/SPECS-EXTENDED/perl-File-Slurp/perl-File-Slurp.spec index d4bd9b167f..d24b4be38a 100644 --- a/SPECS-EXTENDED/perl-File-Slurp/perl-File-Slurp.spec +++ b/SPECS-EXTENDED/perl-File-Slurp/perl-File-Slurp.spec @@ -1,6 +1,6 @@ Name: perl-File-Slurp -Version: 9999.29 -Release: 3%{?dist} +Version: 9999.32 +Release: 1%{?dist} Summary: Efficient Reading/Writing of Complete Files License: GPL+ or Artistic Vendor: Microsoft Corporation @@ -70,6 +70,10 @@ chmod -R u+w $RPM_BUILD_ROOT/* %{_mandir}/man3/* %changelog +* Mon Dec 23 2024 Kevin Lockwood - 9999.32-1 +- Update to version 9999.32 +- License verified + * Fri Oct 15 2021 Pawel Winogrodzki - 9999.29-3 - Initial CBL-Mariner import from Fedora 32 (license: MIT). diff --git a/SPECS-EXTENDED/perl-Importer/perl-Importer.signatures.json b/SPECS-EXTENDED/perl-Importer/perl-Importer.signatures.json index db063a45de..fd10940948 100644 --- a/SPECS-EXTENDED/perl-Importer/perl-Importer.signatures.json +++ b/SPECS-EXTENDED/perl-Importer/perl-Importer.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "perl-Importer-0.025.tar.gz": "0745138c487d74033d0cbeb36f06595036dc7e688f1a5dbec9cc2fa799e13946" + "perl-Importer-0.026.tar.gz": "e08fa84e13cb998b7a897fc8ec9c3459fcc1716aff25cc343e36ef875891b0ef" } -} +} \ No newline at end of file diff --git a/SPECS-EXTENDED/perl-Importer/perl-Importer.spec b/SPECS-EXTENDED/perl-Importer/perl-Importer.spec index 27377ded82..6131df5be6 100644 --- a/SPECS-EXTENDED/perl-Importer/perl-Importer.spec +++ b/SPECS-EXTENDED/perl-Importer/perl-Importer.spec @@ -1,6 +1,6 @@ Name: perl-Importer -Version: 0.025 -Release: 8%{?dist} +Version: 0.026 +Release: 1%{?dist} Summary: Alternative interface to modules that export symbols License: GPL+ or Artistic Vendor: Microsoft Corporation @@ -49,6 +49,10 @@ make test %{_mandir}/man3/* %changelog +* Tue Dec 24 2025 Kevin Lockwood - 0.026-1 +- Update to 0.026 +- License verified. + * Fri Oct 15 2021 Pawel Winogrodzki - 0.025-8 - Initial CBL-Mariner import from Fedora 32 (license: MIT). diff --git a/SPECS-EXTENDED/perl-Net-Telnet/perl-Net-Telnet.signatures.json b/SPECS-EXTENDED/perl-Net-Telnet/perl-Net-Telnet.signatures.json index 4b9b6852ec..c8389c38d6 100644 --- a/SPECS-EXTENDED/perl-Net-Telnet/perl-Net-Telnet.signatures.json +++ b/SPECS-EXTENDED/perl-Net-Telnet/perl-Net-Telnet.signatures.json @@ -1,5 +1,6 @@ { "Signatures": { - "Net-Telnet-3.04.tar.gz": "e64d567a4e16295ecba949368e7a6b8b5ae2a16b3ad682121d9b007dc5d2a37a" + "perl-Net-Telnet-3.05.tar.gz": "677f68ba2cd2a824fae323fa82e183bf7e3d03c3c499c91d923bd6283796a743" } } + diff --git a/SPECS-EXTENDED/perl-Net-Telnet/perl-Net-Telnet.spec b/SPECS-EXTENDED/perl-Net-Telnet/perl-Net-Telnet.spec index 9dbd76e461..0fee7aeb31 100644 --- a/SPECS-EXTENDED/perl-Net-Telnet/perl-Net-Telnet.spec +++ b/SPECS-EXTENDED/perl-Net-Telnet/perl-Net-Telnet.spec @@ -2,14 +2,13 @@ Vendor: Microsoft Corporation Distribution: Azure Linux Name: perl-Net-Telnet Summary: Interact with TELNET port or other TCP ports -Version: 3.04 -Release: 14%{?dist} -License: GPL+ or Artistic +Version: 3.05 +Release: 12%{?dist} +License: GPL-1.0-or-later OR Artistic-1.0-Perl URL: https://metacpan.org/release/Net-Telnet -Source0: ftp://ftp.cpan.org/pub/CPAN/authors/id/J/JR/JROGERS/Net-Telnet-%{version}.tar.gz +Source0: https://cpan.metacpan.org/authors/id/J/JR/JROGERS/Net-Telnet-%{version}.tar.gz#/perl-Net-Telnet-%{version}.tar.gz # runtime depends -Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) Requires: perl(IO::Socket::INET) # build @@ -17,8 +16,8 @@ BuildArch: noarch BuildRequires: coreutils BuildRequires: findutils BuildRequires: make -BuildRequires: perl-interpreter BuildRequires: perl-generators +BuildRequires: perl-interpreter BuildRequires: perl(Exporter) BuildRequires: perl(ExtUtils::MakeMaker) BuildRequires: perl(FileHandle) @@ -27,6 +26,8 @@ BuildRequires: perl(Socket) BuildRequires: perl(strict) BuildRequires: perl(Symbol) BuildRequires: perl(vars) +# Runtime +Requires: perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version)) %description Net::Telnet allows you to make client connections to a TCP port and do @@ -59,9 +60,54 @@ make test %{_mandir}/man3/*.3* %changelog -* Thu Oct 14 2021 Pawel Winogrodzki - 3.04-14 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). -- Converting the 'Release' tag to the '[number].[distribution]' format. +* Mon Dec 16 2024 Sreenivasulu Malavathula - 3.05-12 +- Initial Azure Linux import from Fedora 41 (license: MIT) +- License verified + +* Fri Jul 19 2024 Fedora Release Engineering - 3.05-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Mon Jan 29 2024 Fedora Release Engineering - 3.05-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Thu Jan 25 2024 Fedora Release Engineering - 3.05-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 3.05-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jul 21 2023 Fedora Release Engineering - 3.05-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Fri Jan 20 2023 Fedora Release Engineering - 3.05-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Fri Jul 22 2022 Fedora Release Engineering - 3.05-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Mon May 30 2022 Jitka Plesnikova - 3.05-4 +- Perl 5.36 rebuild + +* Fri Jan 21 2022 Fedora Release Engineering - 3.05-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Thu Jul 22 2021 Fedora Release Engineering - 3.05-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Mon Jun 28 2021 Robin Lee - 3.05-1 +- 3.05 bump + +* Fri May 21 2021 Jitka Plesnikova - 3.04-17 +- Perl 5.34 rebuild + +* Wed Jan 27 2021 Fedora Release Engineering - 3.04-16 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jul 28 2020 Fedora Release Engineering - 3.04-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Jun 22 2020 Jitka Plesnikova - 3.04-14 +- Perl 5.32 rebuild * Thu Jan 30 2020 Fedora Release Engineering - 3.04-13 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/SPECS-EXTENDED/perl-Test-Harness/perl-Test-Harness.signatures.json b/SPECS-EXTENDED/perl-Test-Harness/perl-Test-Harness.signatures.json index 141d2bdee7..172a93874a 100644 --- a/SPECS-EXTENDED/perl-Test-Harness/perl-Test-Harness.signatures.json +++ b/SPECS-EXTENDED/perl-Test-Harness/perl-Test-Harness.signatures.json @@ -1,5 +1,6 @@ { "Signatures": { - "perl-Test-Harness-3.42.tar.gz": "0fd90d4efea82d6e262e6933759e85d27cbcfa4091b14bf4042ae20bab528e53" + "perl-Test-Harness-3.50.tar.gz": "79b6acdc444f1924cd4c2e9ed868bdc6e09580021aca8ff078ede2ffef8a6f54" } } + diff --git a/SPECS-EXTENDED/perl-Test-Harness/perl-Test-Harness.spec b/SPECS-EXTENDED/perl-Test-Harness/perl-Test-Harness.spec index 3478926025..224a9b416e 100644 --- a/SPECS-EXTENDED/perl-Test-Harness/perl-Test-Harness.spec +++ b/SPECS-EXTENDED/perl-Test-Harness/perl-Test-Harness.spec @@ -1,52 +1,62 @@ -# Filter example dependencies -%global __requires_exclude_from %{?__requires_exclude_from:%__requires_exclude_from|}^%{_docdir} -%global __provides_exclude_from %{?__provides_exclude_from:%__provides_exclude_from|}^%{_docdir} - +Vendor: Microsoft Corporation +Distribution: Azure Linux # Run optional tests +%if ! (0%{?rhel}) %bcond_without perl_Test_Harness_enables_optional_test -Summary: Run Perl standard test scripts with statistics +%else +%bcond_with perl_Test_Harness_enables_optional_test +%endif + Name: perl-Test-Harness -Version: 3.42 -Release: 444%{?dist} -License: GPL+ OR Artistic -Vendor: Microsoft Corporation -Distribution: Azure Linux +Version: 3.50 +Release: 2%{?dist} +Summary: Run Perl standard test scripts with statistics +License: GPL-1.0-or-later OR Artistic-1.0-Perl URL: https://metacpan.org/release/Test-Harness Source0: https://cpan.metacpan.org/authors/id/L/LE/LEONT/Test-Harness-%{version}.tar.gz#/%{name}-%{version}.tar.gz # Remove hard-coded shell bangs Patch0: Test-Harness-3.38-Remove-shell-bangs.patch +BuildArch: noarch +BuildRequires: coreutils +BuildRequires: findutils BuildRequires: make BuildRequires: perl-generators BuildRequires: perl-interpreter +BuildRequires: perl(ExtUtils::MakeMaker) >= 6.76 +BuildRequires: perl(strict) +BuildRequires: perl(warnings) +# Run-time: +BuildRequires: perl(base) BuildRequires: perl(Benchmark) BuildRequires: perl(Carp) BuildRequires: perl(Config) -BuildRequires: perl(Data::Dumper) -BuildRequires: perl(Encode) +BuildRequires: perl(constant) +BuildRequires: perl(Errno) BuildRequires: perl(Exporter) -BuildRequires: perl(ExtUtils::MakeMaker) >= 6.76 BuildRequires: perl(File::Basename) BuildRequires: perl(File::Find) BuildRequires: perl(File::Path) BuildRequires: perl(File::Spec) -BuildRequires: perl(File::Spec::Functions) BuildRequires: perl(Getopt::Long) -BuildRequires: perl(IO::File) BuildRequires: perl(IO::Handle) BuildRequires: perl(IO::Select) BuildRequires: perl(POSIX) -BuildRequires: perl(Symbol) -BuildRequires: perl(Term::ANSIColor) -BuildRequires: perl(Test::More) BuildRequires: perl(Text::ParseWords) +Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) +# Optional run-time: +BuildRequires: perl(Encode) +# Keep Pod::Usage 1.12 really optional +BuildRequires: perl(Term::ANSIColor) BuildRequires: perl(Time::HiRes) -BuildRequires: perl(base) -BuildRequires: perl(constant) +# Tests: +BuildRequires: perl(Data::Dumper) +# Dev::Null bundled for bootstrap +BuildRequires: perl(File::Spec::Functions) +BuildRequires: perl(IO::File) BuildRequires: perl(lib) -BuildRequires: perl(strict) -BuildRequires: perl(warnings) -Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) -BuildArch: noarch +BuildRequires: perl(Symbol) +BuildRequires: perl(Test::More) +# Optional tests: %if %{with perl_Test_Harness_enables_optional_test} BuildRequires: perl(CPAN::Meta::YAML) BuildRequires: perl(File::Temp) @@ -56,6 +66,20 @@ BuildRequires: perl(TAP::Harness::Archive) BuildRequires: perl(YAML) %endif %endif +Suggests: perl(Term::ANSIColor) +Suggests: perl(Time::HiRes) + +# Filter example dependencies +%global __requires_exclude_from %{?__requires_exclude_from:%__requires_exclude_from|}^%{_datadir}/doc +%global __provides_exclude_from %{?__provides_exclude_from:%__provides_exclude_from|}^%{_datadir}/doc + +# Filter modules bundled for tests +%global __provides_exclude_from %{?__provides_exclude_from:%__provides_exclude_from|}^%{_libexecdir} +%global __requires_exclude %{?__requires_exclude:%__requires_exclude|}^perl\\(My.*\\) +%global __requires_exclude %{__requires_exclude}|^perl\\(Dev::Null\\) +%global __requires_exclude %{__requires_exclude}|^perl\\(EmptyParser\\) +%global __requires_exclude %{__requires_exclude}|^perl\\(IO::c55Capture\\) +%global __requires_exclude %{__requires_exclude}|^perl\\(NoFork\\) %description This package allows tests to be run and results automatically aggregated and @@ -66,37 +90,158 @@ from this module it now exists only to provide TAP::Harness with an interface that is somewhat backwards compatible with Test::Harness 2.xx. If you're writing new code consider using TAP::Harness directly instead. +%package tests +Summary: Tests for %{name} +Requires: %{name} = %{?epoch:%{epoch}:}%{version}-%{release} +Requires: perl-Test-Harness + +%description tests +Tests from %{name}. Execute them +with "%{_libexecdir}/%{name}/test". + %prep -%autosetup -p1 -n Test-Harness-%{version} +%setup -q -n Test-Harness-%{version} +%patch -P0 -p1 + +# Help generators to recognize Perl scripts +for F in `find t -name *.t -o -name *.pl`; do + perl -i -MConfig -ple 'print $Config{startperl} if $. == 1 && !s{\A#!.*perl\b}{$Config{startperl}}' "$F" + chmod +x "$F" +done %build -perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 -%make_build +perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 NO_PERLLOCAL=1 +%{make_build} %install -make pure_install DESTDIR=%{buildroot} +%{make_install} %{_fixperms} %{buildroot}/* +# Install tests +mkdir -p %{buildroot}%{_libexecdir}/%{name} +cp -a t %{buildroot}%{_libexecdir}/%{name} +rm %{buildroot}%{_libexecdir}/%{name}/t/000-load.t +cat > %{buildroot}%{_libexecdir}/%{name}/test << 'EOF' +#!/bin/bash +set -e +# Some tests write into temporary files/directories. The easiest solution +# is to copy the tests into a writable directory and execute them from there. +DIR=$(mktemp -d) +pushd "$DIR" +cp -a %{_libexecdir}/%{name}/* ./ +prove -I . -j "$(getconf _NPROCESSORS_ONLN)" +popd +rm -rf "$DIR" +EOF +chmod +x %{buildroot}%{_libexecdir}/%{name}/test + %check +export HARNESS_OPTIONS=j$(perl -e 'if ($ARGV[0] =~ /.*-j([0-9][0-9]*).*/) {print $1} else {print 1}' -- '%{?_smp_mflags}') make test %files -%license README -%doc Changes Changes-2.64 examples -%{perl_vendorlib}/* -%{_bindir}/* -%{_mandir}/man1/* -%{_mandir}/man3/* +%doc Changes Changes-2.64 examples README +%{perl_vendorlib}/App* +%{perl_vendorlib}/TAP* +%{perl_vendorlib}/Test* +%{_bindir}/prove +%{_mandir}/man1/prove* +%{_mandir}/man3/App::Prove* +%{_mandir}/man3/TAP::Base* +%{_mandir}/man3/TAP::Formatter* +%{_mandir}/man3/TAP::Harness* +%{_mandir}/man3/TAP::Object* +%{_mandir}/man3/TAP::Parser* +%{_mandir}/man3/Test::* + +%files tests +%{_libexecdir}/%{name} %changelog -* Tue Mar 07 2023 Muhammad Falak - 3.42-444 + +%changelog +* Thu Dec 19 2024 Sreenivasulu Malavathula - 3.50-2 +- Initial Azure Linux import from Fedora 41 (license: MIT) - License verified -* Mon Nov 01 2021 Muhammad Falak - 3.42-443 -- Remove epoch +* Thu Aug 15 2024 Jitka Plesnikova - 1:3.50-1 +- 3.50 bump (rhbz#2304673) + +* Fri Jul 19 2024 Fedora Release Engineering - 1:3.48-512 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Wed Jun 12 2024 Jitka Plesnikova - 1:3.48-511 +- Perl 5.40 re-rebuild of bootstrapped packages + +* Mon Jun 10 2024 Jitka Plesnikova - 1:3.48-510 +- Increase release to favour standalone package + +* Thu Jan 25 2024 Fedora Release Engineering - 1:3.48-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 1:3.48-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Tue Oct 03 2023 Jitka Plesnikova - 1:3.48-1 +- 3.48 bump (rhbz#2241802) + +* Wed Aug 23 2023 Jitka Plesnikova - 1:3.47-1 +- 3.47 bump (rhbz#2231692) + +* Wed Aug 09 2023 Jitka Plesnikova - 1:3.46-1 +- 3.46 bump (rhbz#2229823) + +* Fri Jul 21 2023 Fedora Release Engineering - 1:3.44-501 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -* Fri Oct 15 2021 Pawel Winogrodzki - 1:3.42-442 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Wed Jul 12 2023 Jitka Plesnikova - 1:3.44-500 +- Perl 5.38 re-rebuild of bootstrapped packages + +* Tue Jul 11 2023 Jitka Plesnikova - 1:3.44-499 +- Increase release to favour standalone package + +* Fri Jan 20 2023 Fedora Release Engineering - 1:3.44-491 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Fri Jul 22 2022 Fedora Release Engineering - 1:3.44-490 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Fri Jun 03 2022 Jitka Plesnikova - 1:3.44-489 +- Perl 5.36 re-rebuild of bootstrapped packages + +* Mon May 30 2022 Jitka Plesnikova - 1:3.44-488 +- Increase release to favour standalone package + +* Tue Apr 19 2022 Jitka Plesnikova - 1:3.44-1 +- 3.44 bump +- Package tests + +* Fri Jan 21 2022 Fedora Release Engineering - 1:3.43-480 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Fri Jul 23 2021 Fedora Release Engineering - 1:3.43-479 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Mon May 24 2021 Jitka Plesnikova - 1:3.43-478 +- Perl 5.34 re-rebuild of bootstrapped packages + +* Fri May 21 2021 Jitka Plesnikova - 1:3.43-477 +- Increase release to favour standalone package + +* Thu May 06 2021 Jitka Plesnikova - 1:3.43-1 +- Upgrade to 3.43 as provided in perl-5.34.0 + +* Wed Jan 27 2021 Fedora Release Engineering - 1:3.42-459 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jul 28 2020 Fedora Release Engineering - 1:3.42-458 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Fri Jun 26 2020 Jitka Plesnikova - 1:3.42-457 +- Perl 5.32 re-rebuild of bootstrapped packages + +* Mon Jun 22 2020 Jitka Plesnikova - 1:3.42-456 +- Increase release to favour standalone package * Thu Jan 30 2020 Fedora Release Engineering - 1:3.42-441 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/SPECS-EXTENDED/perl-Test-Inter/perl-Test-Inter.signatures.json b/SPECS-EXTENDED/perl-Test-Inter/perl-Test-Inter.signatures.json index 9a0c3743d5..0d5e89e0ea 100644 --- a/SPECS-EXTENDED/perl-Test-Inter/perl-Test-Inter.signatures.json +++ b/SPECS-EXTENDED/perl-Test-Inter/perl-Test-Inter.signatures.json @@ -1,5 +1,6 @@ { "Signatures": { - "perl-Test-Inter-1.09.tar.gz": "1e9f129cc1a001fb95449d385253b38afabf5b466e3b3bd33e4e430f216e177a" + "perl-Test-Inter-1.11.tar.gz": "2b9845212547cd6056753f87866d19368efc67c080146bcbb929a51ab055da37" } } + diff --git a/SPECS-EXTENDED/perl-Test-Inter/perl-Test-Inter.spec b/SPECS-EXTENDED/perl-Test-Inter/perl-Test-Inter.spec index 69a36227e8..8218a35453 100644 --- a/SPECS-EXTENDED/perl-Test-Inter/perl-Test-Inter.spec +++ b/SPECS-EXTENDED/perl-Test-Inter/perl-Test-Inter.spec @@ -1,15 +1,12 @@ -Name: perl-Test-Inter -Version: 1.09 -Release: 5%{?dist} -Summary: Framework for more readable interactive test scripts -License: GPL+ or Artistic Vendor: Microsoft Corporation Distribution: Azure Linux +Name: perl-Test-Inter +Version: 1.11 +Release: 3%{?dist} +Summary: Framework for more readable interactive test scripts +License: GPL-1.0-or-later OR Artistic-1.0-Perl URL: https://metacpan.org/release/Test-Inter Source0: https://cpan.metacpan.org/authors/id/S/SB/SBECK/Test-Inter-%{version}.tar.gz#/perl-Test-Inter-%{version}.tar.gz -# Remove dependencies on release tests that are skipped, proposed to upstream, -# -Patch0: Test-Inter-1.09-Do-not-require-release-test-dependencies.patch BuildArch: noarch BuildRequires: coreutils BuildRequires: make @@ -39,10 +36,23 @@ This is another framework for writing test scripts. It is loosely inspired by Test::More, and has most of it's functionality, but it is not a drop-in replacement. +%package tests +Summary: Tests for %{name} +Requires: %{name} = %{version}-%{release} +Requires: perl-Test-Harness + +%description tests +Tests from %{name}. Execute them +with "%{_libexecdir}/%{name}/test". + %prep %setup -q -n Test-Inter-%{version} -%patch 0 -p1 chmod -x examples/* +# Help generators to recognize Perl scripts +for F in t/*.t; do + perl -i -MConfig -ple 'print $Config{startperl} if $. == 1 && !s{\A#!\s*perl}{$Config{startperl}}' "$F" + chmod +x "$F" +done %build perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 NO_PERLLOCAL=1 @@ -50,7 +60,18 @@ perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 NO_PERLLOCAL=1 %install %{make_install} -%{_fixperms} $RPM_BUILD_ROOT/* +# Install tests +mkdir -p %{buildroot}%{_libexecdir}/%{name} +cp -a t %{buildroot}%{_libexecdir}/%{name} +rm -f %{buildroot}%{_libexecdir}/%{name}/t/_* +# Directory for libraries used in tests +mkdir %{buildroot}%{_libexecdir}/%{name}/lib +cat > %{buildroot}%{_libexecdir}/%{name}/test << 'EOF' +#!/bin/sh +cd %{_libexecdir}/%{name} && exec prove -I . -j "$(getconf _NPROCESSORS_ONLN)" +EOF +chmod +x %{buildroot}%{_libexecdir}/%{name}/test +%{_fixperms} %{buildroot}/* %check unset RELEASE_TESTING TI_END TI_MODE TI_NOCLEAN TI_QUIET TI_START TI_TESTNUM \ @@ -63,9 +84,63 @@ make test %{perl_vendorlib}/* %{_mandir}/man3/* +%files tests +%{_libexecdir}/%{name} + %changelog -* Fri Oct 15 2021 Pawel Winogrodzki - 1.09-5 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Thu Dec 19 2024 Sreenivasulu Malavathula - 1.11-3 +- Initial Azure Linux import from Fedora 41 (license: MIT) +- License verified + +* Fri Jul 19 2024 Fedora Release Engineering - 1.11-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Thu Feb 29 2024 Michal Josef Špaček - 1.11-1 +- 1.11 bump + +* Thu Jan 25 2024 Fedora Release Engineering - 1.10-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 1.10-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jul 21 2023 Fedora Release Engineering - 1.10-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Thu Mar 09 2023 Michal Josef Špaček - 1.10-1 +- 1.10 bump + +* Fri Jan 20 2023 Fedora Release Engineering - 1.09-14 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Wed Dec 07 2022 Michal Josef Špaček - 1.09-13 +- Package tests +- Update license to SPDX format +- Use macros instead of variables + +* Fri Jul 22 2022 Fedora Release Engineering - 1.09-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Mon May 30 2022 Jitka Plesnikova - 1.09-11 +- Perl 5.36 rebuild + +* Fri Jan 21 2022 Fedora Release Engineering - 1.09-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Fri Jul 23 2021 Fedora Release Engineering - 1.09-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Fri May 21 2021 Jitka Plesnikova - 1.09-8 +- Perl 5.34 rebuild + +* Wed Jan 27 2021 Fedora Release Engineering - 1.09-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jul 28 2020 Fedora Release Engineering - 1.09-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Jun 22 2020 Jitka Plesnikova - 1.09-5 +- Perl 5.32 rebuild * Thu Jan 30 2020 Fedora Release Engineering - 1.09-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/SPECS-EXTENDED/perl-XString/perl-XString.signatures.json b/SPECS-EXTENDED/perl-XString/perl-XString.signatures.json index b9919cf2a8..e338e986e6 100644 --- a/SPECS-EXTENDED/perl-XString/perl-XString.signatures.json +++ b/SPECS-EXTENDED/perl-XString/perl-XString.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "perl-XString-0.002.tar.gz": "260e252f7367228c9b4e43ef50c0becb04c4781de660577b3086cc106c0028c0" + "XString-0.005.tar.gz": "f247f55c19aee6ba4a1ae73c0804259452e02ea85a9be07f8acf700a5138f884" } } diff --git a/SPECS-EXTENDED/perl-XString/perl-XString.spec b/SPECS-EXTENDED/perl-XString/perl-XString.spec index 246d38eaef..0d78f2af4b 100644 --- a/SPECS-EXTENDED/perl-XString/perl-XString.spec +++ b/SPECS-EXTENDED/perl-XString/perl-XString.spec @@ -1,12 +1,12 @@ Name: perl-XString -Version: 0.002 -Release: 4%{?dist} +Version: 0.005 +Release: 15%{?dist} Summary: Isolated String helpers from B -License: GPL+ or Artistic +License: GPL-1.0-or-later OR Artistic-1.0-Perl Vendor: Microsoft Corporation Distribution: Azure Linux URL: https://metacpan.org/release/XString -Source0: https://cpan.metacpan.org/authors/id/A/AT/ATOOMIC/XString-%{version}.tar.gz#/perl-XString-%{version}.tar.gz +Source0: https://cpan.metacpan.org/authors/id/A/AT/ATOOMIC/XString-%{version}.tar.gz # Build BuildRequires: coreutils BuildRequires: findutils @@ -28,13 +28,9 @@ BuildRequires: perl(Test::More) >= 0.88 # Optional Tests BuildRequires: perl(CPAN::Meta) >= 2.120900 BuildRequires: perl(CPAN::Meta::Prereqs) -# Requirements from upstream metadata that are not actually used -# https://github.com/atoomic/XString/issues/2 -BuildRequires: perl(Test2::Bundle::Extended) -BuildRequires: perl(Test2::Plugin::NoWarnings) -BuildRequires: perl(Test2::Tools::Explain) -# Runtime +# Dependencies Requires: perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version)) + Requires: perl(XSLoader) %description @@ -64,8 +60,60 @@ make test %{_mandir}/man3/XString.3* %changelog -* Fri Oct 15 2021 Pawel Winogrodzki - 0.002-4 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Wed Dec 18 2024 Sumit Jena - 0.005-15 +- Initial Azure Linux import from Fedora 41 (license: MIT). +- License verified. + +* Fri Jul 19 2024 Fedora Release Engineering - 0.005-14 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Mon Jun 10 2024 Jitka Plesnikova - 0.005-13 +- Perl 5.40 rebuild + +* Thu Jan 25 2024 Fedora Release Engineering - 0.005-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 0.005-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jul 21 2023 Fedora Release Engineering - 0.005-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Tue Jul 11 2023 Jitka Plesnikova - 0.005-9 +- Perl 5.38 rebuild + +* Fri Jan 20 2023 Fedora Release Engineering - 0.005-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Fri Jul 22 2022 Fedora Release Engineering - 0.005-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Mon May 30 2022 Jitka Plesnikova - 0.005-6 +- Perl 5.36 rebuild + +* Fri Jan 21 2022 Fedora Release Engineering - 0.005-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Fri Jul 23 2021 Fedora Release Engineering - 0.005-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Fri May 21 2021 Jitka Plesnikova - 0.005-3 +- Perl 5.34 rebuild + +* Wed Jan 27 2021 Fedora Release Engineering - 0.005-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Oct 20 2020 Paul Howarth - 0.005-1 +- Update to 0.005 + - Fix cstring for Perl 5.32 (GH#6, GH#7) + - Remove unneeded module dependencies (GH#2) + - Add compatibility with Perl 5.8 (GH#9) + +* Tue Jul 28 2020 Fedora Release Engineering - 0.002-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jun 23 2020 Jitka Plesnikova - 0.002-4 +- Perl 5.32 rebuild * Thu Jan 30 2020 Fedora Release Engineering - 0.002-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/SPECS-EXTENDED/plexus-pom/plexus-pom.signatures.json b/SPECS-EXTENDED/plexus-pom/plexus-pom.signatures.json index 2352efc5ae..1c3d0e453f 100644 --- a/SPECS-EXTENDED/plexus-pom/plexus-pom.signatures.json +++ b/SPECS-EXTENDED/plexus-pom/plexus-pom.signatures.json @@ -1,6 +1,6 @@ { "Signatures": { "LICENSE-2.0.txt": "cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30", - "plexus-5.1.tar.gz": "54ffd31144a41fb50ad22e7e5e4a9f081bb0da07befaa7b34cbb2399d7f16260" + "plexus-16.tar.gz": "bd3e9b1ce2e86b3892c0dea44b64b37d4f5f1a21dd5665c4b4d008b462154945" } } diff --git a/SPECS-EXTENDED/plexus-pom/plexus-pom.spec b/SPECS-EXTENDED/plexus-pom/plexus-pom.spec index cd52a7f217..48bec4db9e 100644 --- a/SPECS-EXTENDED/plexus-pom/plexus-pom.spec +++ b/SPECS-EXTENDED/plexus-pom/plexus-pom.spec @@ -1,49 +1,29 @@ Vendor: Microsoft Corporation Distribution: Azure Linux -# -# spec file for package plexus-pom -# -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. -# -# All modifications and additions to the file contributed by third parties -# remain the property of their copyright owners, unless otherwise agreed -# upon. The license for this file, and modifications and additions to the -# file, is the same license as for the pristine package itself (unless the -# license for the pristine package is not an Open Source License, in which -# case the license is the MIT License). An "Open Source License" is a -# license that conforms to the Open Source Definition (Version 1.9) -# published by the Open Source Initiative. - -# Please submit bugfixes or comments via https://bugs.opensuse.org/ -# - - -Name: plexus-pom -Version: 5.1 -Release: 2%{?dist} -Summary: Root Plexus Projects POM -License: Apache-2.0 -Group: Development/Libraries/Java -URL: https://github.com/codehaus-plexus/plexus-pom -Source0: https://github.com/codehaus-plexus/plexus-pom/archive/plexus-%{version}.tar.gz -Source1: http://www.apache.org/licenses/LICENSE-2.0.txt + +Name: plexus-pom +Version: 16 +Release: 5%{?dist} +Summary: Root Plexus Projects POM +License: Apache-2.0 +URL: https://github.com/codehaus-plexus/plexus-pom +Source0: https://github.com/codehaus-plexus/plexus-pom/archive/plexus-%{version}.tar.gz +Source1: https://www.apache.org/licenses/LICENSE-2.0.txt BuildRequires: javapackages-local-bootstrap -BuildArch: noarch +BuildArch: noarch + %description The Plexus project provides a full software stack for creating and -executing software projects. This package provides parent POM for +executing software projects. This package provides parent POM for Plexus packages. %prep -%setup -q -n plexus-pom-plexus-%{version} -# * require: org.codehaus.plexus plexus-stylus-skin 1.0 -# org.apache.maven.wagon wagon-webdav-jackrabbit 1.0 -%pom_remove_plugin :maven-site-plugin +%autosetup -n plexus-pom-plexus-%{version} +cp -p %{SOURCE1} LICENSE -%pom_remove_plugin org.codehaus.mojo:findbugs-maven-plugin -%pom_remove_plugin org.codehaus.mojo:taglist-maven-plugin -#Temporary? +%pom_remove_dep org.junit:junit-bom +%pom_remove_plugin :maven-site-plugin %pom_remove_plugin :maven-enforcer-plugin cp -p %{SOURCE1} LICENSE @@ -58,12 +38,191 @@ install -pm 0644 pom.xml %{buildroot}%{_mavenpomdir}/%{name}/plexus.pom %license LICENSE %changelog -* Thu Oct 14 2021 Pawel Winogrodzki - 5.1-2 -- Converting the 'Release' tag to the '[number].[distribution]' format. - -* Fri Nov 13 2020 Ruying Chen - 5.1-1.6 -- Initial CBL-Mariner import from openSUSE Tumbleweed (license: same as "License" tag). +* Wed Feb 12 2025 Archana Shettigar - 16-5 +- Initial Azure Linux import from Fedora 41 (license: MIT). - Use javapackages-local-bootstrap to avoid build cycle. +- License verified + +* Fri Jul 19 2024 Fedora Release Engineering - 16-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Tue Feb 27 2024 Jiri Vanek - 16-3 +- Rebuilt for java-21-openjdk as system jdk + +* Fri Feb 23 2024 Jiri Vanek - 16-2 +- bump of release for for java-21-openjdk as system jdk + +* Thu Feb 01 2024 Mikolaj Izdebski - 16-1 +- Update to upstream version 16 + +* Thu Jan 25 2024 Fedora Release Engineering - 15-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 15-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Dec 18 2023 Marian Koncek - 15-1 +- Update to upstream version 15 + +* Fri Sep 01 2023 Mikolaj Izdebski - 14-2 +- Rebuild + +* Wed Aug 16 2023 Marian Koncek - 14-1 +- Update to upstream version 14 + +* Fri Jul 21 2023 Fedora Release Engineering - 10-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Fri Jan 20 2023 Fedora Release Engineering - 10-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Tue Sep 06 2022 Marian Koncek - 10-1 +- Update to upstream version 10 + +* Fri Jul 22 2022 Fedora Release Engineering - 8-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Sun Apr 24 2022 Mikolaj Izdebski - 8-1 +- Update to upstream version 8 + +* Sat Feb 05 2022 Jiri Vanek - 7-5 +- Rebuilt for java-17-openjdk as system jdk + +* Fri Jan 21 2022 Fedora Release Engineering - 7-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Tue Jul 27 2021 Fedora Release Engineering - 7-3 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Mon May 17 2021 Mikolaj Izdebski - 7-2 +- Bootstrap build +- Non-bootstrap build + +* Mon Feb 01 2021 Fabio Valentini - 7-1 +- Update to version 7. + +* Wed Jan 27 2021 Fedora Release Engineering - 6.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jan 26 2021 Marian Koncek - 7-1 +- Update to upstream version 7 + +* Fri Dec 4 2020 Mikolaj Izdebski - 6.5-1 +- Update to upstream version 6.5 + +* Sat Oct 24 2020 Fabio Valentini - 6.5-1 +- Update to version 6.5. + +* Fri Sep 11 2020 Marian Koncek - 6.4-2 +- Update to upstream version 6.4 + +* Sun Aug 16 2020 Fabio Valentini - 6.4-1 +- Update to version 6.4. + +* Wed Jul 29 2020 Marian Koncek - 6.3-1 +- Update to upstream version 6.3 + +* Tue Jul 28 2020 Fedora Release Engineering - 6.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Wed Jul 22 2020 Fabio Valentini - 6.3-1 +- Update to version 6.3. + +* Sat Jul 11 2020 Jiri Vanek - 6.2-2 +- Rebuilt for JDK-11, see https://fedoraproject.org/wiki/Changes/Java11 + +* Mon Mar 02 2020 Fabio Valentini - 6.2-1 +- Update to version 6.2. + +* Thu Feb 13 2020 Fabio Valentini - 6.1-1 +- Update to version 6.1. + +* Thu Jan 30 2020 Fedora Release Engineering - 5.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Tue Nov 05 2019 Mikolaj Izdebski - 5.1-2 +- Mass rebuild for javapackages-tools 201902 + +* Thu Oct 24 2019 Fabio Valentini - 5.1-1 +- Update to version 5.1. + +* Mon Jul 29 2019 Marian Koncek - 5.1-1 +- Update to upstream version 5.1 + +* Fri Jul 26 2019 Fedora Release Engineering - 5.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Fri May 24 2019 Mikolaj Izdebski - 5.0-3 +- Mass rebuild for javapackages-tools 201901 + +* Sat Feb 02 2019 Fedora Release Engineering - 5.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Tue Sep 11 2018 Marian Koncek - 5.0-4 +- Remove Group tag + +* Fri Jul 13 2018 Fedora Release Engineering - 5.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Fri Feb 09 2018 Fedora Release Engineering - 5.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Mon Sep 11 2017 Mikolaj Izdebski - 5.0-1 +- Update to upstream version 5.0 + +* Thu Jul 27 2017 Fedora Release Engineering - 3.3.3-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Sat Feb 11 2017 Fedora Release Engineering - 3.3.3-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Thu Feb 04 2016 Fedora Release Engineering - 3.3.3-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Thu Jun 18 2015 Fedora Release Engineering - 3.3.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Tue Apr 14 2015 Mikolaj Izdebski - 3.3.3-1 +- Update to upstream version 3.3.3 + +* Wed Apr 1 2015 Mikolaj Izdebski - 3.3.1-10 +- Update upstream URL + +* Wed Feb 11 2015 gil cattaneo 3.3.1-9 +- introduce license macro + +* Sat Jun 07 2014 Fedora Release Engineering - 3.3.1-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Wed May 28 2014 Mikolaj Izdebski - 3.3.1-7 +- Rebuild to regenerate Maven auto-requires + +* Wed May 28 2014 Mikolaj Izdebski - 3.3.1-6 +- Rebuild to regenerate provides + +* Sun Aug 04 2013 Fedora Release Engineering - 3.3.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Fri Apr 12 2013 Mikolaj Izdebski - 3.3.1-4 +- Build with xmvn + +* Thu Feb 14 2013 Fedora Release Engineering - 3.3.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Wed Feb 06 2013 Java SIG - 3.3.1-2 +- Update for https://fedoraproject.org/wiki/Fedora_19_Maven_Rebuild +- Replace maven BuildRequires with maven-local + +* Sat Dec 08 2012 gil cattaneo 3.3.1-1 +- Update to 3.3.1 + +* Wed Nov 21 2012 Mikolaj Izdebski - 3.0.1-3 +- Install LICENSE file +- Resolves: rhbz#878825 + +* Sat Jul 21 2012 Fedora Release Engineering - 3.0.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild -* Sat Feb 9 2019 Fridrich Strba -- Initial package for root plexus projects pom 5.1 +* Wed Feb 08 2012 gil cattaneo 3.0.1-1 +- initial rpm diff --git a/SPECS-EXTENDED/pps-tools/pps-tools.signatures.json b/SPECS-EXTENDED/pps-tools/pps-tools.signatures.json index bb1435427d..d61e062398 100644 --- a/SPECS-EXTENDED/pps-tools/pps-tools.signatures.json +++ b/SPECS-EXTENDED/pps-tools/pps-tools.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "pps-tools-1.0.2.tar.gz": "1a7efd66152e5439b69143f1f380b40ac5decbbbef516b37a017410b8ba7dff4" + "pps-tools-1.0.3.tar.gz": "89163e29f1a4a0a702bbe25b900fd37d2eb86442329cefee58847e57e1964d7a" } } diff --git a/SPECS-EXTENDED/pps-tools/pps-tools.spec b/SPECS-EXTENDED/pps-tools/pps-tools.spec index cf586565f7..c2d9c9a992 100644 --- a/SPECS-EXTENDED/pps-tools/pps-tools.spec +++ b/SPECS-EXTENDED/pps-tools/pps-tools.spec @@ -1,14 +1,15 @@ Vendor: Microsoft Corporation Distribution: Azure Linux Name: pps-tools -Version: 1.0.2 -Release: 6%{?dist} +Version: 1.0.3 +Release: 10%{?dist} Summary: LinuxPPS user-space tools -License: GPLv2+ +License: GPL-2.0-or-later URL: https://github.com/redlab-i/pps-tools Source0: https://github.com/redlab-i/pps-tools/archive/v%{version}/%{name}-%{version}.tar.gz +BuildRequires: make BuildRequires: gcc %description @@ -42,8 +43,45 @@ install -p -m644 -t $RPM_BUILD_ROOT%{_includedir}/sys timepps.h %{_includedir}/sys/timepps.h %changelog -* Fri Oct 15 2021 Pawel Winogrodzki - 1.0.2-6 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Wed Dec 18 2024 Sumit Jena - 1.0.3-10 +- Initial Azure Linux import from Fedora 41 (license: MIT). +- License verified. + +* Fri Jul 19 2024 Fedora Release Engineering - 1.0.3-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Fri Jan 26 2024 Fedora Release Engineering - 1.0.3-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 1.0.3-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jul 21 2023 Fedora Release Engineering - 1.0.3-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Sun Mar 12 2023 Tim Orling - 1.0.3-5 +- migrated to SPDX license + +* Fri Jan 20 2023 Fedora Release Engineering - 1.0.3-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Fri Jul 22 2022 Fedora Release Engineering - 1.0.3-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Fri Jan 21 2022 Fedora Release Engineering - 1.0.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Mon Nov 22 2021 Miroslav Lichvar 1.0.3-1 +- update to 1.0.3 + +* Fri Jul 23 2021 Fedora Release Engineering - 1.0.2-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Wed Jan 27 2021 Fedora Release Engineering - 1.0.2-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jul 28 2020 Fedora Release Engineering - 1.0.2-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Thu Jan 30 2020 Fedora Release Engineering - 1.0.2-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/SPECS-EXTENDED/pulseaudio/pulseaudio-11.1-autospawn_disable.patch b/SPECS-EXTENDED/pulseaudio/pulseaudio-11.1-autospawn_disable.patch new file mode 100644 index 0000000000..48ce98745d --- /dev/null +++ b/SPECS-EXTENDED/pulseaudio/pulseaudio-11.1-autospawn_disable.patch @@ -0,0 +1,24 @@ +diff -up pulseaudio-11.1/src/pulse/client-conf.c.autospawn pulseaudio-11.1/src/pulse/client-conf.c +--- pulseaudio-11.1/src/pulse/client-conf.c.autospawn 2018-03-01 15:52:25.304612437 -0600 ++++ pulseaudio-11.1/src/pulse/client-conf.c 2018-03-01 15:56:17.643552698 -0600 +@@ -63,7 +63,7 @@ static const pa_client_conf default_conf + .cookie_from_x11_valid = false, + .cookie_file_from_application = NULL, + .cookie_file_from_client_conf = NULL, +- .autospawn = true, ++ .autospawn = false, + .disable_shm = false, + .disable_memfd = false, + .shm_size = 0, +diff -up pulseaudio-11.1/src/pulse/client.conf.in.autospawn pulseaudio-11.1/src/pulse/client.conf.in +--- pulseaudio-11.1/src/pulse/client.conf.in.autospawn 2016-08-23 07:50:10.000000000 -0500 ++++ pulseaudio-11.1/src/pulse/client.conf.in 2018-03-01 15:56:01.201344622 -0600 +@@ -22,7 +22,7 @@ + ; default-server = + ; default-dbus-server = + +-; autospawn = yes ++; autospawn = no + ; daemon-binary = @PA_BINARY@ + ; extra-arguments = --log-target=syslog + diff --git a/SPECS-EXTENDED/pulseaudio/pulseaudio-autostart.patch b/SPECS-EXTENDED/pulseaudio/pulseaudio-autostart.patch new file mode 100644 index 0000000000..ceaa98f6c9 --- /dev/null +++ b/SPECS-EXTENDED/pulseaudio/pulseaudio-autostart.patch @@ -0,0 +1,14 @@ +diff --git a/src/daemon/start-pulseaudio-x11.in b/src/daemon/start-pulseaudio-x11.in +index 722a639c0..7cdf14e4d 100755 +--- a/src/daemon/start-pulseaudio-x11.in ++++ b/src/daemon/start-pulseaudio-x11.in +@@ -17,6 +17,9 @@ + + set -e + ++# probe to test if autospawn works, else resort to starting manually ++@PACTL_BINARY@ info > /dev/null 2>&1 || /usr/bin/pulseaudio --start "$@" ++ + if [ -n "$1" ] ; then + case $1 in + stop) diff --git a/SPECS-EXTENDED/pulseaudio/pulseaudio.signatures.json b/SPECS-EXTENDED/pulseaudio/pulseaudio.signatures.json new file mode 100644 index 0000000000..c9b6befed1 --- /dev/null +++ b/SPECS-EXTENDED/pulseaudio/pulseaudio.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "pulseaudio-16.1.tar.gz": "027266c62f2a84422ac45fa721a649508f0f1628fb1fd9242315ac54ce2d7c92" + } +} diff --git a/SPECS-EXTENDED/pulseaudio/pulseaudio.spec b/SPECS-EXTENDED/pulseaudio/pulseaudio.spec new file mode 100644 index 0000000000..3507169235 --- /dev/null +++ b/SPECS-EXTENDED/pulseaudio/pulseaudio.spec @@ -0,0 +1,1076 @@ +%bcond_with missing_dependencies + +%undefine _strict_symbol_defs_build +%global with_webrtc 1 +%global enable_lirc 0 +%global enable_jack 0 +%global _hardened_build 1 +# support systemd activation +%global systemd 1 +# where/how to apply multilib hacks +%global multilib_archs x86_64 +%global bash_completionsdir %(pkg-config --variable=completionsdir bash-completion 2>/dev/null || echo '%{_sysconfdir}/bash_completion.d') +Summary: Improved Linux Sound Server +Name: pulseaudio +Version: 16.1 +Release: 2%{?dist} +License: LGPLv2+ +Vendor: Microsoft Corporation +Distribution: Azure Linux +URL: http://www.freedesktop.org/wiki/Software/PulseAudio +Source0: https://freedesktop.org/software/%{name}/releases/%{name}-%{version}.tar.gz +# revert upstream commit to rely solely on autospawn for autostart, instead +# include a fallback to manual launch when autospawn fails, like when +# user disables autospawn, or logging in as root +# valid even when using systemd socket activation too +Patch0: pulseaudio-autostart.patch +%if 0%{?systemd} +# disable autospawn +Patch1: pulseaudio-11.1-autospawn_disable.patch +%endif +BuildRequires: meson >= 0.50.0 +BuildRequires: gcc +BuildRequires: g++ +BuildRequires: pkgconfig(bash-completion) +BuildRequires: m4 +BuildRequires: libtool-ltdl-devel +BuildRequires: intltool +BuildRequires: pkgconfig +BuildRequires: doxygen +BuildRequires: xmltoman +BuildRequires: libsndfile-devel +BuildRequires: alsa-lib-devel +BuildRequires: glib2-devel +BuildRequires: gtk2-devel +BuildRequires: avahi-devel +BuildRequires: libatomic_ops-devel +BuildRequires: pkgconfig(bluez) >= 5.0 +BuildRequires: sbc-devel +BuildRequires: libXt-devel +BuildRequires: xorg-x11-proto-devel +BuildRequires: libXtst-devel +BuildRequires: libXi-devel +BuildRequires: libSM-devel +BuildRequires: libX11-devel +BuildRequires: libICE-devel +BuildRequires: xcb-util-devel +BuildRequires: openssl-devel +BuildRequires: orc-devel +BuildRequires: libtdb-devel +BuildRequires: pkgconfig(speexdsp) >= 1.2 +BuildRequires: libasyncns-devel +BuildRequires: dbus-devel +BuildRequires: libcap-devel +BuildRequires: pkgconfig(fftw3f) +BuildRequires: pkgconfig(gstreamer-1.0) >= 1.16.0 +BuildRequires: pkgconfig(gstreamer-app-1.0) >= 1.16.0 +BuildRequires: pkgconfig(gstreamer-rtp-1.0) >= 1.16.0 +%if 0%{?systemd} +BuildRequires: systemd +BuildRequires: systemd-devel >= 184 +%{?systemd_requires} +%endif +%if 0%{?with_webrtc} +BuildRequires: pkgconfig(webrtc-audio-processing) >= 0.2 +%endif +%if 0%{?with_check} +BuildRequires: pkgconfig(check) +%endif +# retired along with -libs-zeroconf, add Obsoletes here for lack of anything better +Obsoletes: padevchooser < 1.0 +Requires(pre): shadow-utils +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Requires: rtkit + +# Virtual Provides to support swapping between PipeWire-PA and PA +Provides: pulseaudio-daemon +Conflicts: pulseaudio-daemon + +# Packages removed in 15.0 +Obsoletes: pulseaudio-esound-compat < 15.0 +Obsoletes: pulseaudio-module-gconf < 15.0 + +%description +PulseAudio is a sound server for Linux and other Unix like operating +systems. It is intended to be an improved drop-in replacement for the +Enlightened Sound Daemon (ESOUND). + +%package qpaeq +Summary: Pulseaudio equalizer interface +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: python3-dbus +%if 0%{with missing_dependencies} +Requires: python3-qt5-base +%endif + +%description qpaeq +qpaeq is a equalizer interface for pulseaudio's equalizer sinks. + +%if 0%{?enable_lirc} +%package module-lirc +Summary: LIRC support for the PulseAudio sound server +BuildRequires: lirc-devel +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description module-lirc +LIRC volume control module for the PulseAudio sound server. +%endif + +%package module-x11 +Summary: X11 support for the PulseAudio sound server +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: %{name}-utils + +%description module-x11 +X11 bell and security modules for the PulseAudio sound server. + +%package module-zeroconf +Summary: Zeroconf support for the PulseAudio sound server +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: %{name}-utils + +%description module-zeroconf +Zeroconf publishing module for the PulseAudio sound server. + +%package module-bluetooth +Summary: Bluetooth support for the PulseAudio sound server +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: bluez >= 5.0 + +%description module-bluetooth +Contains Bluetooth audio (A2DP/HSP/HFP) support for the PulseAudio sound server. + +%if 0%{?enable_jack} +%package module-jack +Summary: JACK support for the PulseAudio sound server +BuildRequires: jack-audio-connection-kit-devel +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description module-jack +JACK sink and source modules for the PulseAudio sound server. +%endif + +%package module-gsettings +Summary: Gsettings support for the PulseAudio sound server +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description module-gsettings +GSettings configuration backend for the PulseAudio sound server. + +%package libs +Summary: Libraries for PulseAudio clients +Obsoletes: pulseaudio-libs-zeroconf < 1.1 + +%description libs +This package contains the runtime libraries for any application that wishes +to interface with a PulseAudio sound server. + +%package libs-glib2 +Summary: GLIB 2.x bindings for PulseAudio clients +Requires: %{name}-libs%{?_isa} = %{version}-%{release} + +%description libs-glib2 +This package contains bindings to integrate the PulseAudio client library with +a GLIB 2.x based application. + +%package libs-devel +Summary: Headers and libraries for PulseAudio client development +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Requires: %{name}-libs-glib2%{?_isa} = %{version}-%{release} + +%description libs-devel +Headers and libraries for developing applications that can communicate with +a PulseAudio sound server. + +%package utils +Summary: PulseAudio sound server utilities +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +# when made non-multilib'd, https://bugzilla.redhat.com/891425 +Obsoletes: pulseaudio-utils < 3.0-3 + +%description utils +This package contains command line utilities for the PulseAudio sound server. + +%prep +%autosetup -p1 -n %{name}-%{version} + +sed -i.no_consolekit -e \ + 's/^load-module module-console-kit/#load-module module-console-kit/' \ + src/daemon/default.pa.in + +%build +%meson \ + -D system_user=pulse \ + -D system_group=pulse \ + -D access_group=pulse-access \ + -D oss-output=disabled \ + -D jack=disabled \ + -D lirc=disabled \ + -D tcpwrap=disabled \ + -D bluez5=enabled \ + -D gstreamer=enabled \ + -D bluez5-gstreamer=enabled \ + -D gsettings=enabled \ + -D elogind=disabled \ + -D valgrind=disabled \ + -D gtk=disabled \ + -D soxr=disabled \ + -D webrtc-aec=%{?with_webrtc:enabled}%{!?with_webrtc:disabled} \ + -D systemd=%{?systemd:enabled}%{!?systemd:disabled} \ + -D tests=true + +# we really should preopen here --preopen-mods=module-udev-detect.la, --force-preopen +%meson_build + +%meson_build doxygen + +%install +%meson_install + +# upstream should use udev.pc +mkdir -p %{buildroot}%{_libdir}/udev/rules.d +mv -fv %{buildroot}/lib/udev/rules.d/90-pulseaudio.rules %{buildroot}%{_libdir}/udev/rules.d + +## unpackaged files +# extraneous libtool crud +rm -fv %{buildroot}%{_libdir}/lib*.la +rm -fv %{buildroot}%{_libdir}/pulseaudio/lib*.la +rm -fv %{buildroot}%{_libdir}/pulseaudio/modules/*.la + +# PA_MODULE_DEPRECATED("Please use module-udev-detect instead of module-detect!"); +rm -fv %{buildroot}%{_libdir}/pulseaudio/modules/module-detect.so + +%find_lang %{name} + +%check +%meson_test + +%pre +getent group pulse-access >/dev/null || groupadd -r pulse-access +getent group pulse-rt >/dev/null || groupadd -r pulse-rt +getent group pulse >/dev/null || groupadd -f -g 171 -r pulse +if ! getent passwd pulse >/dev/null ; then + if ! getent passwd 171 >/dev/null ; then + useradd -r -u 171 -g pulse -d %{_localstatedir}/run/pulse -s /sbin/nologin -c "PulseAudio System Daemon" pulse + else + useradd -r -g pulse -d %{_localstatedir}/run/pulse -s /sbin/nologin -c "PulseAudio System Daemon" pulse + fi +fi +exit 0 + +%posttrans +# handle renamed module-cork-music-on-phone => module-role-cork +(grep '^load-module module-cork-music-on-phone$' %{_sysconfdir}/pulse/default.pa > /dev/null && \ + sed -i.rpmsave -e 's|^load-module module-cork-music-on-phone$|load-module module-role-cork|' \ + %{_sysconfdir}/pulse/default.pa +) ||: + +%post +%{?ldconfig} +%if 0%{?systemd} +%systemd_user_post pulseaudio.socket +%endif + +%if 0%{?systemd} +%preun +%systemd_user_preun pulseaudio.socket +%endif + +%ldconfig_postun + +%if 0%{?systemd} +%triggerun -- pulseaudio < 12.2-4 +# This is for upgrades from previous versions which had a static symlink. +# The %%post scriptlet above only does anything on initial package installation. +# Remove before F33. +systemctl --no-reload preset --global pulseaudio.socket >/dev/null 2>&1 || : +%endif + +%files +%doc README +%license LICENSE GPL LGPL +%config(noreplace) %{_sysconfdir}/pulse/daemon.conf +%config(noreplace) %{_sysconfdir}/pulse/default.pa +%config(noreplace) %{_sysconfdir}/pulse/system.pa +%{_sysconfdir}/dbus-1/system.d/pulseaudio-system.conf +%{bash_completionsdir}/pulseaudio +%if 0%{?systemd} +%{_userunitdir}/pulseaudio.service +%{_userunitdir}/pulseaudio.socket +%endif +%{_bindir}/pa-info +%{_bindir}/pulseaudio +%{_libdir}/pulseaudio/libpulsecore-%{version}.so +%dir %{_libdir}/pulseaudio/ +%dir %{_libdir}/pulseaudio/modules/ +%{_libdir}/pulseaudio/modules/libalsa-util.so +%{_libdir}/pulseaudio/modules/libcli.so +%{_libdir}/pulseaudio/modules/libprotocol-cli.so +%{_libdir}/pulseaudio/modules/libprotocol-http.so +%{_libdir}/pulseaudio/modules/libprotocol-native.so +%{_libdir}/pulseaudio/modules/libprotocol-simple.so +%{_libdir}/pulseaudio/modules/librtp.so +%if 0%{?with_webrtc} +%{_libdir}/pulseaudio/modules/libwebrtc-util.so +%endif +%{_libdir}/pulseaudio/modules/module-allow-passthrough.so +%{_libdir}/pulseaudio/modules/module-alsa-sink.so +%{_libdir}/pulseaudio/modules/module-alsa-source.so +%{_libdir}/pulseaudio/modules/module-alsa-card.so +%{_libdir}/pulseaudio/modules/module-cli-protocol-tcp.so +%{_libdir}/pulseaudio/modules/module-cli-protocol-unix.so +%{_libdir}/pulseaudio/modules/module-cli.so +%{_libdir}/pulseaudio/modules/module-combine.so +%{_libdir}/pulseaudio/modules/module-combine-sink.so +%{_libdir}/pulseaudio/modules/module-dbus-protocol.so +%{_libdir}/pulseaudio/modules/module-filter-apply.so +%{_libdir}/pulseaudio/modules/module-filter-heuristics.so +%{_libdir}/pulseaudio/modules/module-device-manager.so +%{_libdir}/pulseaudio/modules/module-loopback.so +%{_libdir}/pulseaudio/modules/module-udev-detect.so +%{_libdir}/pulseaudio/modules/module-hal-detect.so +%{_libdir}/pulseaudio/modules/module-http-protocol-tcp.so +%{_libdir}/pulseaudio/modules/module-http-protocol-unix.so +%{_libdir}/pulseaudio/modules/module-match.so +%{_libdir}/pulseaudio/modules/module-mmkbd-evdev.so +%{_libdir}/pulseaudio/modules/module-native-protocol-fd.so +%{_libdir}/pulseaudio/modules/module-native-protocol-tcp.so +%{_libdir}/pulseaudio/modules/module-native-protocol-unix.so +%{_libdir}/pulseaudio/modules/module-null-sink.so +%{_libdir}/pulseaudio/modules/module-null-source.so +%{_libdir}/pulseaudio/modules/module-pipe-sink.so +%{_libdir}/pulseaudio/modules/module-pipe-source.so +%{_libdir}/pulseaudio/modules/module-remap-source.so +%{_libdir}/pulseaudio/modules/module-rescue-streams.so +%{_libdir}/pulseaudio/modules/module-role-ducking.so +%{_libdir}/pulseaudio/modules/module-rtp-recv.so +%{_libdir}/pulseaudio/modules/module-rtp-send.so +%{_libdir}/pulseaudio/modules/module-simple-protocol-tcp.so +%{_libdir}/pulseaudio/modules/module-simple-protocol-unix.so +%{_libdir}/pulseaudio/modules/module-sine.so +%{_libdir}/pulseaudio/modules/module-switch-on-port-available.so +%{_libdir}/pulseaudio/modules/module-systemd-login.so +%{_libdir}/pulseaudio/modules/module-tunnel-sink-new.so +%{_libdir}/pulseaudio/modules/module-tunnel-sink.so +%{_libdir}/pulseaudio/modules/module-tunnel-source-new.so +%{_libdir}/pulseaudio/modules/module-tunnel-source.so +%{_libdir}/pulseaudio/modules/module-volume-restore.so +%{_libdir}/pulseaudio/modules/module-suspend-on-idle.so +%{_libdir}/pulseaudio/modules/module-default-device-restore.so +%{_libdir}/pulseaudio/modules/module-device-restore.so +%{_libdir}/pulseaudio/modules/module-stream-restore.so +%{_libdir}/pulseaudio/modules/module-card-restore.so +%{_libdir}/pulseaudio/modules/module-ladspa-sink.so +%{_libdir}/pulseaudio/modules/module-remap-sink.so +%{_libdir}/pulseaudio/modules/module-always-sink.so +%{_libdir}/pulseaudio/modules/module-always-source.so +%{_libdir}/pulseaudio/modules/module-console-kit.so +%{_libdir}/pulseaudio/modules/module-position-event-sounds.so +%{_libdir}/pulseaudio/modules/module-augment-properties.so +%{_libdir}/pulseaudio/modules/module-role-cork.so +%{_libdir}/pulseaudio/modules/module-sine-source.so +%{_libdir}/pulseaudio/modules/module-intended-roles.so +%{_libdir}/pulseaudio/modules/module-rygel-media-server.so +%{_libdir}/pulseaudio/modules/module-echo-cancel.so +%{_libdir}/pulseaudio/modules/module-switch-on-connect.so +%{_libdir}/pulseaudio/modules/module-virtual-sink.so +%{_libdir}/pulseaudio/modules/module-virtual-source.so +%{_libdir}/pulseaudio/modules/module-virtual-surround-sink.so +%dir %{_datadir}/pulseaudio/ +%dir %{_datadir}/pulseaudio/alsa-mixer/ +%{_datadir}/pulseaudio/alsa-mixer/paths/ +%{_datadir}/pulseaudio/alsa-mixer/profile-sets/ +%{_mandir}/man1/pulseaudio.1* +%{_mandir}/man5/default.pa.5* +%{_mandir}/man5/pulse-cli-syntax.5* +%{_mandir}/man5/pulse-client.conf.5* +%{_mandir}/man5/pulse-daemon.conf.5* +%{_libdir}/udev/rules.d/90-pulseaudio.rules +%dir %{_libexecdir}/pulse +%dir %{_datadir}/zsh/ +%dir %{_datadir}/zsh/site-functions/ +%{_datadir}/zsh/site-functions/_pulseaudio + +%files qpaeq +%{_bindir}/qpaeq +%{_libdir}/pulseaudio/modules/module-equalizer-sink.so + +%if 0%{?enable_lirc} +%files module-lirc +%{_libdir}/pulseaudio/modules/module-lirc.so +%endif + +%files module-x11 +%config(noreplace) %{_sysconfdir}/xdg/autostart/pulseaudio.desktop +%config(noreplace) %{_sysconfdir}/xdg/Xwayland-session.d/00-pulseaudio-x11 +%{_userunitdir}/pulseaudio-x11.service +#{_bindir}/start-pulseaudio-kde +%{_bindir}/start-pulseaudio-x11 +%{_libdir}/pulseaudio/modules/module-x11-bell.so +%{_libdir}/pulseaudio/modules/module-x11-publish.so +%{_libdir}/pulseaudio/modules/module-x11-xsmp.so +%{_libdir}/pulseaudio/modules/module-x11-cork-request.so +%{_mandir}/man1/start-pulseaudio-x11.1.gz + +%files module-zeroconf +%{_libdir}/pulseaudio/modules/libavahi-wrap.so +%{_libdir}/pulseaudio/modules/module-zeroconf-publish.so +%{_libdir}/pulseaudio/modules/module-zeroconf-discover.so +%{_libdir}/pulseaudio/modules/libraop.so +%{_libdir}/pulseaudio/modules/module-raop-discover.so +%{_libdir}/pulseaudio/modules/module-raop-sink.so + +%if 0%{?enable_jack} +%files module-jack +%{_libdir}/pulseaudio/modules/module-jackdbus-detect.so +%{_libdir}/pulseaudio/modules/module-jack-sink.so +%{_libdir}/pulseaudio/modules/module-jack-source.so +%endif + +%files module-bluetooth +%{_libdir}/pulseaudio/modules/libbluez*-util.so +%{_libdir}/pulseaudio/modules/module-bluez*-device.so +%{_libdir}/pulseaudio/modules/module-bluez*-discover.so +%{_libdir}/pulseaudio/modules/module-bluetooth-discover.so +%{_libdir}/pulseaudio/modules/module-bluetooth-policy.so + +%files module-gsettings +%{_libdir}/pulseaudio/modules/module-gsettings.so +%{_libexecdir}/pulse/gsettings-helper +%{_datadir}/GConf/gsettings/pulseaudio.convert +%{_datadir}/glib-2.0/schemas/org.freedesktop.pulseaudio.gschema.xml + +%ldconfig_scriptlets libs + +%files libs -f %{name}.lang +%doc README +%license LICENSE GPL LGPL +%dir %{_sysconfdir}/pulse/ +%config(noreplace) %{_sysconfdir}/pulse/client.conf +%{_libdir}/libpulse.so.0* +%{_libdir}/libpulse-simple.so.0* +%dir %{_libdir}/pulseaudio/ +%{_libdir}/pulseaudio/libpulsecommon-%{version}.so + +%ldconfig_scriptlets libs-glib2 + +%files libs-glib2 +%{_libdir}/libpulse-mainloop-glib.so.0* + +%files libs-devel +%doc %{_vpath_builddir}/doxygen/html +%{_includedir}/pulse/ +%{_libdir}/libpulse.so +%{_libdir}/libpulse-mainloop-glib.so +%{_libdir}/libpulse-simple.so +%{_libdir}/pkgconfig/libpulse*.pc +%dir %{_datadir}/vala +%dir %{_datadir}/vala/vapi +%{_datadir}/vala/vapi/libpulse.vapi +%{_datadir}/vala/vapi/libpulse.deps +%{_datadir}/vala/vapi/libpulse-mainloop-glib.vapi +%{_datadir}/vala/vapi/libpulse-mainloop-glib.deps +%{_datadir}/vala/vapi/libpulse-simple.deps +%{_datadir}/vala/vapi/libpulse-simple.vapi + +%dir %{_libdir}/cmake +%{_libdir}/cmake/PulseAudio/ + +%files utils +%{_bindir}/pacat +%{_bindir}/pacmd +%{_bindir}/pactl +%{_bindir}/paplay +%{_bindir}/parec +%{_bindir}/pamon +%{_bindir}/parecord +%{_bindir}/pax11publish +%{_bindir}/pasuspender +%{_mandir}/man1/pacat.1* +%{_mandir}/man1/pacmd.1* +%{_mandir}/man1/pactl.1* +%{_mandir}/man1/pamon.1* +%{_mandir}/man1/paplay.1* +%{_mandir}/man1/parec.1* +%{_mandir}/man1/parecord.1* +%{_mandir}/man1/pasuspender.1* +%{_mandir}/man1/pax11publish.1* +%{bash_completionsdir}/pacat +%{bash_completionsdir}/pacmd +%{bash_completionsdir}/pactl +%{bash_completionsdir}/padsp +%{bash_completionsdir}/paplay +%{bash_completionsdir}/parec +%{bash_completionsdir}/parecord +%{bash_completionsdir}/pasuspender + +%changelog +* Wed Nov 23 2022 Sumedh Sharma - 16.1-2 +- Initial CBL-Mariner import from Fedora 36 (license: MIT) +- Build with lirc and jack disabled +- Enable check section +- License verified + +* Thu Jul 21 2022 Rex Dieter - 16.1-1 +- 16.1 + +* Fri Jan 21 2022 Fedora Release Engineering - 15.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Tue Sep 14 2021 Sahana Prasad - 15.0-4 +- Rebuilt with OpenSSL 3.0.0 + +* Fri Sep 10 2021 Rex Dieter - 15.0-3 +- fix autostart.patch (#2001664) + +* Wed Sep 08 2021 Wim Taymans - 15.0-2 +- Obsoletes: pulseaudio-esound-compat and pulseaudio-module-gconf +- Resolves: #2001334 + +* Wed Jul 28 2021 Wim Taymans - 15.0-1 +- Update to 15.0 +- convert to meson build +- esound, gconf, oss are no longer supported + +* Fri Jul 23 2021 Fedora Release Engineering - 14.2-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Sat Feb 06 2021 Rex Dieter - 14.2-3 +- -utils: move appropriate bash completions here (#1925706) + +* Wed Jan 27 2021 Fedora Release Engineering - 14.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Mon Jan 18 2021 Rex Dieter - 14.2-1 +- 14.2 + +* Wed Jan 13 2021 Rex Dieter - 14.1-1 +- 14.1 + +* Tue Jan 12 2021 Wim Taymans - 14.0-3 +- Move enable_ switches next to the other switches on top +- Only enable gconf on fedora + +* Tue Nov 24 2020 Neal Gompa - 14.0-2 +- Add 'pulseaudio-daemon' Provides + Conflicts to support swapping with PipeWire + +* Mon Nov 23 2020 Rex Dieter - 14.0-1 +- 14.0 + +* Sun Nov 01 2020 Rex Dieter - 13.99.3-1 +- 13.99.3 + +* Tue Sep 22 2020 Rex Dieter - 13.99.2-1 +- 13.99.2 + +* Sat Aug 01 2020 Fedora Release Engineering - 13.99.1-6 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue Jul 28 2020 Fedora Release Engineering - 13.99.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Jun 15 2020 Wim Taymans - 13.99.1-4 +- Add patch to fix crash with profile name (#1817092) + +* Tue Mar 31 2020 Wim Taymans - 13.99.1-3 +- Add more UCM patches (#1818883) + +* Fri Mar 20 2020 Wim Taymans - 13.99.1-2 +- Add some more UCM patches +- Fix missing UCM mixers crash (#1815437) + +* Fri Feb 14 2020 Rex Dieter - 13.99.1-1 +- 13.99.1 + +* Thu Jan 30 2020 Fedora Release Engineering - 13.0-3.20200105gitf5d36 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Wed Jan 08 2020 Jaroslav Kysela - 13.0-2 +- Update to upstream gitsnapshot +- ALSA UCM fixes +- active_port sink selection fixes + +* Fri Sep 13 2019 Rex Dieter - 13.0-1 +- 13.0 + +* Mon Sep 02 2019 Rex Dieter - 12.99.3-1 +- pulseaudio-12.99.3 + +* Wed Aug 07 2019 Rex Dieter - 12.99.2-2 +- -qpaeq: use python3 (#1738047) + +* Tue Aug 06 2019 Rex Dieter - 12.99.2-1 +- pulseaudio-12.99.2 + +* Fri Jul 26 2019 Fedora Release Engineering - 12.99.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Tue Jul 09 2019 Rex Dieter - 12.99.1-1 +- pulseaudio-12.99.1 + +* Wed Jul 03 2019 Rex Dieter - 12.2-7 +- alsa-sink: clear pollfd revents before poll + +* Mon Jun 17 2019 Rex Dieter - 12.2-6 +- pull in upstream patch for alsa include paths + +* Thu May 09 2019 Rex Dieter - 12.2-5 +- Use systemd presets to enable user units +- conditionals: simplify and support rhel8 + +* Wed Apr 10 2019 Rex Dieter - 12.2-4 +- test using only socket activation (f31+ only for now) + +* Tue Feb 12 2019 Rex Dieter - 12.2-3 +- qpaeq_python2.patch + +* Sat Feb 02 2019 Fedora Release Engineering - 12.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Mon Jul 16 2018 Rex Dieter - 12.2-1 +- pulseaudio-12.2 + +* Sat Jul 14 2018 Rex Dieter - 12.1-1 +- pulseaudio-12.1 + +* Fri Jul 13 2018 Fedora Release Engineering - 12.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Thu Jul 05 2018 Rex Dieter - 12.0-3 +- ladspa-sink-fix-search-path.patch (#1594568, fdo#107078) + +* Sun Jul 01 2018 Rex Dieter - 12.0-2 +- switch-on-port-available-ignore-bluetooth-cards.patch (#1594596, fdo#107044) +- use upstreamed exit-idle-time.patch + +* Thu Jun 21 2018 Rex Dieter - 12.0-1 +- pulseaudio-12.0 is available (#1593489) +- -libs: use %%license + +* Sun May 13 2018 Rex Dieter - 11.99.1-1 +- 11.99.1 (#1577603) +- use %%ldconfig_scriptlets +- new pulseaudio--module-gsettings subpkg + +* Tue May 08 2018 Rex Dieter - 11.1-21 +- drop unused getaffinity,memfd patches +- include experimental bluetooth patches only on rawhide + +* Mon Apr 23 2018 Hans de Goede - 11.1-20 +- Fix Intel LPE HDMI problems: +- Update to upstream gitsnapshot which contains a fix for the crash caused + by patch93 (and contains patch93 fixing the Intel LPE HDMI pa crash) +- Fix-realtime-scheduling-on-byt-cht.patch, Fix-Intel-HDMI-LPE-problems.patch: + drop both, both fixes are included in the git snapshot + +* Fri Mar 23 2018 Iryna Shcherbina - 11.1-19 +- Update Python 2 dependency declarations to new packaging standards + (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) + +* Wed Mar 21 2018 Rex Dieter - 11.1-18 +- manually package sockets.target.wants/pulseaudio.socket to help + handle socket activation on upgrades + +* Tue Mar 20 2018 Rex Dieter - 11.1-17 +- omit -gdm-hooks, moved to gdm (f28+) + +* Tue Mar 13 2018 Rex Dieter - 11.1-16 +- skip patch93, seems to cause crashes w/headphone jacks (#1544507,#1551270,#1554035) + +* Mon Mar 05 2018 Igor Gnatenko - 11.1-15 +- Fixup ldconfig scriptlets + +* Thu Mar 01 2018 Rex Dieter - 11.1-14 +- use %%make_build, %%make_install +- enable systemd socket/service activation on f28+ (and disable autospawn) + +* Wed Feb 28 2018 Rex Dieter - 11.1-13 +- use %%license, %%ldconfig_scriptlets +- use better upstream patch for exit-idle-time + +* Sun Feb 25 2018 Rex Dieter - 11.1-12 +- BR: gcc-c++ + +* Fri Feb 09 2018 Igor Gnatenko - 11.1-11 +- Escape macros in %%changelog + +* Fri Feb 09 2018 Fedora Release Engineering - 11.1-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Thu Feb 01 2018 Rex Dieter - 11.1-9 +- backport upstream fixes: memfd, qpape PyQt5 port + +* Mon Jan 08 2018 Rex Dieter - 11.1-8 +- exit-idle-time = 4 (#1510301) +- f28+ ftbfs: memfd_create conflicts +- drop getaffinity.patch (no longer needed) +- enable webrtc support for all archs +- make tests non-fatal on i686,s390x + +* Mon Dec 04 2017 Rex Dieter - 11.1-7 +- backport 'pa_sink_input_assert_ref()' crashfix (#1472285) +- --disable-tcpwrap on f28+ (#1518777) + +* Wed Nov 08 2017 Hans de Goede - 11.1-6 +- Fix pa crashing on Bay- and Cherry-Trail devices + +* Wed Nov 01 2017 Rex Dieter - 11.1-5 +- actually install new dell-dock-tb16-usb-audio.conf alsa profile (#1492344) + +* Thu Oct 12 2017 Rex Dieter - 11.1-4 +- experimental fixes bluetooth profile switching (f28+ only, fdo#93898) + +* Thu Oct 12 2017 Rex Dieter - 11.1-3 +- include experiemental Intel HDMI LPE fixes (fdo#100488) + +* Mon Oct 09 2017 Rex Dieter - 11.1-2 +- backport some alsa-mixer related fixes (#1492344) + +* Wed Sep 20 2017 Rex Dieter - 11.1-1 +- pulseaudio-11.1 + +* Tue Sep 05 2017 Rex Dieter - 11.0-1 +- pulseaudio-11.0 + +* Mon Aug 28 2017 Pete Walter - 10.99.1-6 +- Enable pulseaudio-module-bluetooth on s390x + +* Fri Aug 18 2017 Wim Taymans - 10.99.1-5 +- Remove /var/run/pulse and /var/lib/pulse, they are directories in tmpfs + +* Thu Aug 03 2017 Fedora Release Engineering - 10.99.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Sun Jul 30 2017 Florian Weimer - 10.99.1-3 +- Rebuild with binutils fix for ppc64le (#1475636) + +* Thu Jul 27 2017 Fedora Release Engineering - 10.99.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Tue Jul 25 2017 Rex Dieter - 10.99.1-1 +- pulseaudio-10.99.1 (#1474559) + +* Mon Feb 13 2017 Wim Taymans - 10.0-4 +- Add flatpak access control + +* Sat Feb 11 2017 Fedora Release Engineering - 10.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Thu Jan 19 2017 Kalev Lember - 10.0-2 +- Fix the build on RHEL + +* Thu Jan 19 2017 Kalev Lember - 10.0-1 +- Update to 10.0 + +* Fri Jan 06 2017 Rex Dieter - 9.99.1-1 +- pulseaudio-9.99.1 (#1409939) +- %%check: use %%_smp_mflags + +* Fri Jun 24 2016 Rex Dieter - 9.0-1 +- pulseaudio-9.0 + +* Wed Jun 22 2016 Than Ngo - 8.99.2-3 +- enable %%check +- fix bz#1345826, only start threads on activ CPUs + +* Mon Jun 13 2016 Rex Dieter - 8.99.2-2 +- %%check: make non-fatal, echo test-suite.log on failure (#1345826) + +* Tue May 31 2016 Rex Dieter - 8.99.2-1 +- pulseaudio-8.99.2 + +* Thu May 12 2016 Rex Dieter - 8.99.1-2 +- re-enable webrtc support (arm,x86_64 only for now) + +* Thu May 12 2016 Rex Dieter - 8.99.1-1 +- pulseaudio-8.99.1 (#1335527) +- disable webrtc support for now (waiting on #1335536) + +* Fri May 06 2016 Rex Dieter - 8.0-7 +- use %%tests macro, enable systemd socket activation (#1265720) + +* Sat Mar 05 2016 Rex Dieter - 8.0-6 +- respin disable_flat_volumes.patch harder + +* Sat Mar 05 2016 Rex Dieter - 8.0-5 +- respin disable_flat_volumes.patch + +* Fri Mar 04 2016 Rex Dieter - 8.0-4 +- RFE: Disable PulseAudio's flat volumes f24+ (#1265267) + +* Thu Feb 04 2016 Fedora Release Engineering - 8.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Fri Jan 22 2016 Rex Dieter - 8.0-2 +- own /var/run/pulse (#1173811) + +* Fri Jan 22 2016 Rex Dieter - 8.0-1 +- pulseaudio-8.0 (#1301040) + +* Wed Jan 13 2016 Rex Dieter - 7.99.2-1 +- pulseaudio-7.99.2 (#1297774) + +* Mon Dec 28 2015 Rex Dieter - 7.99.1-1 +- pulseaudio-7.99.1 (8.0 rc1) (#1294555) + +* Sat Oct 31 2015 Rex Dieter - 7.1-1 +- pulseaudio-7.1 (#1276811) + +* Sat Oct 31 2015 Rex Dieter - 7.0-4 +- apply srbchannel patch + +* Tue Oct 27 2015 Rex Dieter - 7.0-3 +- backport srbchannel crasher fix + +* Sun Sep 27 2015 Rex Dieter - 7.0-2 +- PulseAudio doesn't load locales (fdo#92142) + +* Wed Sep 23 2015 Rex Dieter - 7.0-1 +- pulseaudio-7.0 + +* Sat Sep 12 2015 Rex Dieter - 6.99.2-1 +- 6.99.2 (#1262579) + +* Sat Aug 29 2015 Rex Dieter - 6.99.1-2 +- enable libsoxr support + +* Fri Aug 28 2015 Rex Dieter - 6.99.1-1 +- 6.99.1 (#1257770) + +* Mon Jul 06 2015 Rex Dieter - 6.0-8 +- autostart.patch: fix stdout/stderr redirection + +* Mon Jul 06 2015 Rex Dieter - 6.0-7 +- fix resampler-related build dependencies (libsamplerate/speex) (#1239208) + +* Mon Jun 22 2015 Rex Dieter - 6.0-6 +- better autostart.patch, handle case were autospawn is disabled (or otherwise doesn't work, like for root user) + +* Thu Jun 18 2015 Fedora Release Engineering - 6.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Thu Jun 11 2015 Rex Dieter - 6.0-4 +- pulseaudio 6.0 breaks 5.1 network sound configuration (#1230957) + +* Sat May 02 2015 Kalev Lember - 6.0-3 +- Rebuilt for GCC 5 C++11 ABI change + +* Tue Feb 17 2015 Rex Dieter 6.0-2 +- duplicate directory between pulseaudio and pulseaudio-libs (#909690) + +* Fri Feb 13 2015 Rex Dieter 6.0-1 +- pulseaudio-6.0 (#1192384) + +* Thu Jan 22 2015 Rex Dieter 5.99.3-1 +- pulseaudio-5.99.3 (6.0-rc3) (#1184850) + +* Sat Dec 20 2014 Rex Dieter 5.99.2-2 +- fix changelog + +* Fri Dec 19 2014 Rex Dieter 5.99.2-1 +- pulseaudio-5.99.2 (6.0-rc2) + +* Fri Nov 21 2014 Rex Dieter 5.99.1-1 +- pulseaudio-5.99.1 (6.0-rc1) + +* Fri Nov 14 2014 Rex Dieter 5.0-100.20141103gitaec81 +- artificially bump Release to 100, to ensure upgrade path + +* Thu Nov 06 2014 Rex Dieter 5.0-24.20141103gitaec81 +- --disable-systemd-daemon, revert to autospawn mode + +* Thu Nov 06 2014 Rex Dieter - 5.0-23.20141103gitaec81 +- 20141103 327-gaec81 snapshot, pulseaudio socket activation support +- use bash completionsdir + +* Wed Nov 05 2014 Orion Poplawski 5.0-22.20141007git4971d +- Really add pulse-rt group when needed (bug #885020) + +* Wed Oct 22 2014 Rex Dieter 5.0-21.20141007git4971d +- BR: automake libtool (for bootstrap.sh) + +* Wed Oct 22 2014 Rex Dieter 5.0-20.20141007git4971d +- snapshot, with wip bt headset2 patches (#1045548,#1067470) + +* Sun Aug 17 2014 Fedora Release Engineering - 5.0-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Tue Jul 29 2014 Kalev Lember - 5.0-9 +- Rebuilt once more for libjson-c + +* Mon Jul 28 2014 Peter Robinson 5.0-8 +- Rebuild (libjson-c) + +* Wed Jul 16 2014 Rex Dieter 5.0-7 +- Provide padsp-32, /usr/bin/padsp is native arch only (#856146) + +* Mon Jul 07 2014 Rex Dieter - 5.0-6 +- rtp-recv: fix crash on empty UDP packets (CVE-2014-3970,#1104835,#1108011) +- name HDMI outputs uniquely + +* Sat Jun 07 2014 Fedora Release Engineering - 5.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Tue May 13 2014 Dan Horák 5.0-4 +- always run tests, but don't fail the build on big endian arches (relates #1067470) + +* Sat Apr 12 2014 Rex Dieter 5.0-3 +- Pulse Audio settings lost after reboot / HDMI is set as default (#1035025) + +* Tue Mar 11 2014 Rex Dieter 5.0-2 +- drop Requires: kernel (per recent -devel ml thread) + +* Tue Mar 04 2014 Rex Dieter 5.0-1 +- 5.0 (#1072259) + +* Wed Feb 26 2014 Karsten Hopp 4.99.4-3 +- disable make check on PPC* (rhbz #1067470) + +* Mon Feb 17 2014 Rex Dieter 4.99.4-2 +- -qpaeq subpkg (#1002585) + +* Sat Feb 15 2014 Rex Dieter 4.99.4-1 +- 4.99.4 + +* Wed Jan 29 2014 Rex Dieter 4.99.3-1 +- 4.99.3 + +* Mon Jan 27 2014 Wim Taymans - 4.99.2-2 +- don't mark .desktop and dbus configurations as %%config + +* Fri Jan 24 2014 Rex Dieter - 4.99.2-1 +- 4.99.2 (#1057528) + +* Wed Jan 22 2014 Wim Taymans - 4.0-12.gitf81e3 +- Use the statically allocated UID and GID from /usr/share/doc/setup/uidgid (#1056656) +- The pulse-rt group doesn't exist (#885020) + +* Wed Jan 22 2014 Rex Dieter - 4.0-11.gitf81e3 +- handle jack/lirc modules better (#1056619) +- -libs-devel: own some dirs to avoid deps on cmake/vala +- -module-bluetooth: make dep arch'd for consistency + +* Fri Jan 10 2014 Rex Dieter - 4.0-10.gitf81e3 +- enable hardened build (#983606) + +* Sat Dec 07 2013 Rex Dieter - 4.0-9.gitf81e3 +- X-KDE-autostart-phase=1 + +* Wed Oct 30 2013 Rex Dieter - 4.0-8.gitf81e3 +- fix PACKAGE_VERSION + +* Mon Oct 14 2013 Rex Dieter - 4.0-7.gitf81e3 +- %%build fix typo, explicitly --enable-tests + +* Mon Oct 14 2013 Rex Dieter - 4.0-6.gitf81e3 +- ship a single autostart file + +* Fri Oct 11 2013 Rex Dieter - 4.0-5.gitf81e3 +- fresh snapshot + +* Mon Sep 23 2013 Kalev Lember - 4.0-4.gita89ca +- Update to today's git snapshot +- Backport a patch for pulseaudio crash at startup (#1000966) + +* Thu Aug 15 2013 Kalev Lember - 4.0-3.gitbf9b3 +- Update to git snapshot bf9b3f0 for BlueZ 5 support + +* Sun Aug 04 2013 Fedora Release Engineering - 4.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Tue Jun 4 2013 Peter Robinson 4.0-1 +- New 4.0 stable release +- http://www.freedesktop.org/wiki/Software/PulseAudio/Notes/4.0/ + +* Thu May 30 2013 Rex Dieter 3.99.2-2 +- [RFE] Build with libcap (#969232) + +* Sun May 26 2013 Peter Robinson 3.99.2-1 +- pulseaudio-3.99.2 (#966631) + +* Fri May 03 2013 Rex Dieter 3.99.1-1 +- pulseaudio-3.99.1 (#952594) +- RFE: Restore the pipe-sink and pipe-source modules (#958949) +- prune (pre 1.x) changelog + +* Thu Apr 11 2013 Rex Dieter 3.0-7 +- pull a few more patches from upstream stable-3.x branch + +* Fri Feb 08 2013 Rex Dieter 3.0-6 +- default.pa: fix for renamed modules (#908117) + +* Sat Jan 19 2013 Ville Skyttä - 3.0-5 +- Own the %%{_libdir}/pulseaudio dir. +- Fix bogus %%changelog dates. + +* Fri Jan 04 2013 Rex Dieter 3.0-4 +- alsa-mixer: Fix the analog-output-speaker-always path + +* Fri Jan 04 2013 Rex Dieter 3.0-3 +- move libpulsedsp plugin to -libs, avoids -utils multilib (#891425) + +* Wed Dec 19 2012 Dan Horák 3.0-2 +- SBC is needed only when BlueZ is used + +* Tue Dec 18 2012 Rex Dieter 3.0-1 +- pulseaudio-3.0 + +* Tue Dec 11 2012 Peter Robinson 2.99.3-1 +- PulseAudio 2.99.3 (3.0 rc3) + +* Wed Oct 10 2012 Dan Horák 2.1-4 +- fix the with_webrtc condition + +* Tue Oct 09 2012 Dan Horák 2.1-3 +- webrtc-aec is x86 and ARM only for now + +* Mon Oct 08 2012 Debarshi Ray 2.1-2 +- Enable webrtc-aec + +* Tue Sep 25 2012 Rex Dieter 2.1-1 +- pulseaudio-2.1 + +* Sat Jul 21 2012 Fedora Release Engineering - 2.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Sat Jun 23 2012 Kalev Lember - 2.0-3 +- Move module-jackdbus-detect.so to -module-jack subpackage with the + rest of the jack modules + +* Mon Jun 04 2012 Kay Sievers - 2.0-2 +- rebuild for libudev1 + +* Sat May 12 2012 Rex Dieter 2.0-1 +- pulseaudio-2.0 + +* Sat Apr 21 2012 Matthias Clasen - 1.1-9 +- Don't load the ck module in gdm, either + +* Tue Feb 28 2012 Bruno Wolff III - 1.1-8 +- Bring in Lennart's patch from f17 +- Temporary fix for CK/systemd move (#794690) + +* Tue Feb 28 2012 Bruno Wolff III - 1.1-7 +- Fix for building with gcc 4.7 + +* Mon Jan 23 2012 Dan Horák - 1.1-6 +- rebuilt for json-c-0.9-4.fc17 + +* Sat Jan 14 2012 Fedora Release Engineering - 1.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Tue Dec 13 2011 Adam Jackson 1.1-4 +- Fix RHEL build + +* Tue Nov 22 2011 Rex Dieter 1.1-3 +- Obsoletes: padevchooser < 1.0 + +* Thu Nov 10 2011 Rex Dieter 1.1-2 +- -libs: Obsoletes: pulseaudio-libs-zeroconf +- use versioned Obsoletes/Provides +- tighten subpkg deps via %%_isa +- remove autoconf/libtool hackery + +* Thu Nov 3 2011 Lennart Poettering - 1.1-1 +- New upstream release diff --git a/SPECS-EXTENDED/pyserial/pyserial.signatures.json b/SPECS-EXTENDED/pyserial/pyserial.signatures.json new file mode 100644 index 0000000000..3c5afae3d2 --- /dev/null +++ b/SPECS-EXTENDED/pyserial/pyserial.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "pyserial-3.5.tar.gz": "3c77e014170dfffbd816e6ffc205e9842efb10be9f58ec16d3e8675b4925cddb" + } +} \ No newline at end of file diff --git a/SPECS-EXTENDED/pyserial/pyserial.spec b/SPECS-EXTENDED/pyserial/pyserial.spec new file mode 100644 index 0000000000..f51b46862c --- /dev/null +++ b/SPECS-EXTENDED/pyserial/pyserial.spec @@ -0,0 +1,251 @@ +Vendor: Microsoft Corporation +Distribution: Azure Linux +Summary: Python serial port access library +Name: pyserial +Version: 3.5 +Release: 11%{?dist} +Source0: %pypi_source +License: BSD-3-Clause +URL: http://pypi.python.org/pypi/pyserial +BuildRequires: python3-devel +BuildRequires: python3-setuptools +BuildArch: noarch + +%global _description\ +This module encapsulates the access for the serial port. It provides backends\ +for standard Python running on Windows, Linux, BSD (possibly any POSIX\ +compliant system) and Jython. The module named "serial" automatically selects\ +the appropriate backend. + +%description %_description + + +%package -n python3-pyserial +Summary: %{summary} +Conflicts: python2-pyserial < 3.4-6 + +%description -n python3-pyserial %_description + + +%prep +export UNZIP="-aa" +%setup -q + +# Python 3.13+ has removed unittest.findTestCases() +# Reported upstream: https://github.com/pyserial/pyserial/issues/754 +sed -i 's/unittest.findTestCases(module)/unittest.TestLoader().loadTestsFromModule(module)/' test/run_all_tests.py + +%build +%py3_build + + +%install +%py3_install + + +%check +PYTHONPATH=%{buildroot}/%{python3_sitelib} %{python3} test/run_all_tests.py + + +%files -n python3-pyserial +%doc LICENSE.txt CHANGES.rst README.rst examples +%{python3_sitelib}/serial +%{python3_sitelib}/%{name}-%{version}-py%{python3_version}.egg-info +%{_bindir}/pyserial-miniterm +%{_bindir}/pyserial-ports + +%changelog +* Wed Dec 18 2024 Sumit Jena - 3.5-11 +- Initial Azure Linux import from Fedora 41 (license: MIT). +- License verified. + +* Fri Jul 19 2024 Fedora Release Engineering - 3.5-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Fri Jun 07 2024 Python Maint - 3.5-9 +- Rebuilt for Python 3.13 + +* Fri Jan 26 2024 Fedora Release Engineering - 3.5-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 3.5-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jul 21 2023 Fedora Release Engineering - 3.5-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Tue Jun 13 2023 Python Maint - 3.5-5 +- Rebuilt for Python 3.12 + +* Fri Jan 20 2023 Fedora Release Engineering - 3.5-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Fri Jul 22 2022 Fedora Release Engineering - 3.5-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Mon Jun 13 2022 Python Maint - 3.5-2 +- Rebuilt for Python 3.11 + +* Fri Apr 08 2022 Lumír Balhar - 3.5-1 +- Update to 3.5 +- Fix license tag: Python -> BSD +Resolves: rhbz#1983151 + +* Fri Jan 21 2022 Fedora Release Engineering - 3.4-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Fri Jul 23 2021 Fedora Release Engineering - 3.4-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Thu Jun 03 2021 Python Maint - 3.4-11 +- Rebuilt for Python 3.10 + +* Wed Jan 27 2021 Fedora Release Engineering - 3.4-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jul 28 2020 Fedora Release Engineering - 3.4-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Sat May 23 2020 Miro Hrončok - 3.4-8 +- Rebuilt for Python 3.9 + +* Thu Jan 30 2020 Fedora Release Engineering - 3.4-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Fri Nov 15 2019 Miro Hrončok - 3.4-6 +- Subpackage python2-pyserial has been removed + See https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal + +* Thu Oct 03 2019 Miro Hrončok - 3.4-5 +- Rebuilt for Python 3.8.0rc1 (#1748018) + +* Fri Aug 16 2019 Miro Hrončok - 3.4-4 +- Rebuilt for Python 3.8 + +* Fri Jul 26 2019 Fedora Release Engineering - 3.4-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Sat Feb 02 2019 Fedora Release Engineering - 3.4-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Tue Oct 16 2018 Eric Smith - 3.4-1 +- Update to latest upstream release. +- Update Source0 and URL to use Pypi. + +* Tue Jul 17 2018 Miro Hrončok - 3.1.1-10 +- Update Python macros to new packaging standards + (See https://fedoraproject.org/wiki/Changes/Move_usr_bin_python_into_separate_package) + +* Fri Jul 13 2018 Fedora Release Engineering - 3.1.1-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Fri Jun 15 2018 Miro Hrončok - 3.1.1-8 +- Rebuilt for Python 3.7 + +* Wed Feb 14 2018 Iryna Shcherbina - 3.1.1-7 +- Update Python 2 dependency declarations to new packaging standards + (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) + +* Fri Feb 09 2018 Fedora Release Engineering - 3.1.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Sat Aug 19 2017 Zbigniew Jędrzejewski-Szmek - 3.1.1-5 +- Python 2 binary package renamed to python2-pyserial + See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3 + +* Thu Jul 27 2017 Fedora Release Engineering - 3.1.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Sat Feb 11 2017 Fedora Release Engineering - 3.1.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Fri Dec 09 2016 Charalampos Stratakis - 3.1.1-2 +- Rebuild for Python 3.6 + +* Mon Aug 1 2016 Paul Komkoff 3.1.1-1 +- new upstream version + +* Tue Jul 19 2016 Fedora Release Engineering - 2.7-6 +- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages + +* Thu Feb 04 2016 Fedora Release Engineering - 2.7-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Tue Nov 10 2015 Fedora Release Engineering - 2.7-4 +- Rebuilt for https://fedoraproject.org/wiki/Changes/python3.5 + +* Mon Nov 02 2015 Michal Cyprian - 2.7-3 +- Resolve python3 dependency problem, make miniterm.py python2 script, add + python3 version of the script + +* Thu Jun 18 2015 Fedora Release Engineering - 2.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Sun Mar 08 2015 Paul Komkoff 2.7-1 +- new upstream version + +* Sat Jun 07 2014 Fedora Release Engineering - 2.6-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Tue May 27 2014 Kalev Lember - 2.6-8 +- Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3.4 + +* Sat Sep 07 2013 Till Maas - 2.6-7 +- Add python3 package + +* Sat Sep 07 2013 Paul P. Komkoff - 2.6-6 +- patched to allow arbitrary speeds bz#982368 + +* Sun Aug 04 2013 Fedora Release Engineering - 2.6-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Thu Feb 14 2013 Fedora Release Engineering - 2.6-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Sat Jul 21 2012 Fedora Release Engineering - 2.6-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Sat Jan 14 2012 Fedora Release Engineering - 2.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Mon Nov 28 2011 Paul P. Komkoff Jr - 2.6-1 +- new upstream version. + +* Tue Feb 08 2011 Fedora Release Engineering - 2.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Fri Nov 19 2010 Paul P. Komkoff Jr - 2.5-1 +- new upstream version + +* Wed Jul 21 2010 David Malcolm - 2.4-2 +- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild + +* Sun Oct 18 2009 Paul P Komkoff Jr - 2.4-1 +- new upstream version + +* Sun Jul 26 2009 Fedora Release Engineering - 2.2-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Thu Feb 26 2009 Fedora Release Engineering - 2.2-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Sat Nov 29 2008 Ignacio Vazquez-Abrams - 2.2-7 +- Rebuild for Python 2.6 + +* Fri Aug 29 2008 Tom "spot" Callaway - 2.2-6 +- fix license tag + +* Tue Dec 12 2006 Paul P. Komkoff Jr +- rebuilt + +* Mon Nov 6 2006 Paul P Komkoff Jr - 2.2-4 +- remove "export libdirname" + +* Tue Oct 24 2006 Paul P Komkoff Jr - 2.2-3 +- Minor specfile fixes + +* Sat Oct 14 2006 Paul P Komkoff Jr - 2.2-2 +- Minor specfile fixes + +* Tue May 9 2006 Paul P Komkoff Jr - 2.2-1 +- Fedora Extras submission diff --git a/SPECS-EXTENDED/python-dmidecode/python-dmidecode.signatures.json b/SPECS-EXTENDED/python-dmidecode/python-dmidecode.signatures.json new file mode 100644 index 0000000000..c15defc148 --- /dev/null +++ b/SPECS-EXTENDED/python-dmidecode/python-dmidecode.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "python-dmidecode-3.12.2.tar.gz": "22ea8c96de989cf2072f942d9fb0fa028087602bfee6e5eb860b8047cc6fe7d5" + } +} diff --git a/SPECS-EXTENDED/python-dmidecode/python-dmidecode.spec b/SPECS-EXTENDED/python-dmidecode/python-dmidecode.spec new file mode 100644 index 0000000000..c0cbf015a4 --- /dev/null +++ b/SPECS-EXTENDED/python-dmidecode/python-dmidecode.spec @@ -0,0 +1,224 @@ +Vendor: Microsoft Corporation +Distribution: Azure Linux +Name: python-dmidecode +Summary: Python module to access DMI data +Version: 3.12.2 +Release: 20%{?dist} +License: GPLv2 +URL: https://github.com/nima/python-dmidecode +# source0: https://github.com/nima/python-dmidecode/archive/refs/tags/v3.12.2.tar.gz +Source0: https://github.com/nima/python-dmidecode/archive/refs/tags/%{name}-%{version}.tar.gz + +BuildRequires: gcc +BuildRequires: libxml2-devel + +BuildRequires: python3-devel +BuildRequires: libxml2-python3 + +%global _description\ +python-dmidecode is a python extension module that uses the\ +code-base of the 'dmidecode' utility, and presents the data\ +as python data structures or as XML data using libxml2.\ +\ + + +%description %_description + +%package -n python3-dmidecode +Summary: Python 3 module to access DMI data +Requires: libxml2-python3 + +%description -n python3-dmidecode %_description + + +%prep +%setup -q +sed -i 's/python2/python3/g' Makefile unit-tests/Makefile + + +%build +# Not to get undefined symbol: dmixml_GetContent +export CFLAGS="${CFLAGS-} -std=gnu89" +make build + +%install +%{__python3} src/setup.py install --root %{buildroot} --prefix=%{_prefix} + + +%check +pushd unit-tests +make +popd + + +%files -n python3-dmidecode +%license doc/LICENSE doc/AUTHORS doc/AUTHORS.upstream +%doc README doc/README.upstream +%{python3_sitearch}/dmidecodemod.cpython-%{python3_version_nodots}*.so +%{python3_sitearch}/__pycache__/dmidecode.cpython-%{python3_version_nodots}*.py[co] +%{python3_sitearch}/dmidecode.py +%{python3_sitearch}/*.egg-info +%{_datadir}/python-dmidecode/ + +%changelog +* Fri Oct 15 2021 Pawel Winogrodzki - 3.12.2-20 +- Initial CBL-Mariner import from Fedora 32 (license: MIT). + +* Thu Jan 30 2020 Fedora Release Engineering - 3.12.2-19 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Thu Oct 03 2019 Miro Hrončok - 3.12.2-18 +- Rebuilt for Python 3.8.0rc1 (#1748018) + +* Mon Aug 19 2019 Miro Hrončok - 3.12.2-17 +- Rebuilt for Python 3.8 + +* Sun Aug 11 2019 Miro Hrončok - 3.12.2-16 +- Subpackage python2-dmidecode has been removed + See https://fedoraproject.org/wiki/Changes/Mass_Python_2_Package_Removal + +* Fri Jul 26 2019 Fedora Release Engineering - 3.12.2-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Sat Feb 02 2019 Fedora Release Engineering - 3.12.2-14 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Sat Jul 14 2018 Fedora Release Engineering - 3.12.2-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Tue Jun 19 2018 Miro Hrončok - 3.12.2-12 +- Rebuilt for Python 3.7 + +* Fri Feb 09 2018 Fedora Release Engineering - 3.12.2-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Tue Jan 16 2018 Iryna Shcherbina - 3.12.2-10 +- Update Python 2 dependency declarations to new packaging standards + (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) + +* Sat Aug 19 2017 Zbigniew Jędrzejewski-Szmek - 3.12.2-9 +- Python 2 binary package renamed to python2-dmidecode + See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3 + +* Thu Aug 03 2017 Fedora Release Engineering - 3.12.2-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 3.12.2-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Sat Feb 11 2017 Fedora Release Engineering - 3.12.2-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Mon Dec 19 2016 Miro Hrončok - 3.12.2-5 +- Rebuild for Python 3.6 + +* Tue Jul 19 2016 Fedora Release Engineering - 3.12.2-4 +- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages + +* Thu Feb 04 2016 Fedora Release Engineering - 3.12.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Sat Nov 07 2015 Robert Kuska - 3.12.2-2 +- Rebuilt for Python3.5 rebuild + +* Fri Jul 10 2015 Miro Hrončok - 3.12.2-1 +- Update to 3.12.2 +- Add Python 3 subpackage (#1236000) +- Removed deprecated statements +- Moved some docs to license +- Removed pacthes +- Corrected bogus dates in %%changelog +- Build with -std=gnu89 + +* Thu Jun 18 2015 Fedora Release Engineering - 3.10.13-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Sun Aug 17 2014 Fedora Release Engineering - 3.10.13-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sat Jun 07 2014 Fedora Release Engineering - 3.10.13-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Sun Aug 04 2013 Fedora Release Engineering - 3.10.13-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Thu Jun 20 2013 Ales Ledvinka - 3.10.13-9 +- Attribute installed may appear as duplicate and cause invalid XML. + +* Mon Jun 17 2013 Ales Ledvinka - 3.10.13-8 +- Attribute dmispec may cause invalid XML on some hardware. +- Signal handler for SIGILL. + +* Thu Feb 14 2013 Fedora Release Engineering - 3.10.13-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Sat Jul 21 2012 Fedora Release Engineering - 3.10.13-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Thu Jul 19 2012 Ales Ledvinka 3.10.14-5 +- Upstream relocated. Document source tag and tarball generation. + +* Sat Jan 14 2012 Fedora Release Engineering - 3.10.13-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Tue Feb 08 2011 Fedora Release Engineering - 3.10.13-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Thu Jul 22 2010 David Malcolm - 3.10.13-2 +- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild + +* Tue Jun 15 2010 Roman Rakus - 3.10.13-1 +- Update to new release + +* Fri Mar 12 2010 Nima Talebi - 3.10.12-1 +- Update to new release + +* Tue Feb 16 2010 Nima Talebi - 3.10.11-1 +- Update to new release + +* Tue Jan 12 2010 Nima Talebi - 3.10.10-1 +- Update to new release + +* Thu Jan 07 2010 Nima Talebi - 3.10.9-1 +- Update to new release + + +* Tue Dec 15 2009 Nima Talebi - 3.10.8-1 +- New Upstream release. +- Big-endian and little-endian approved. +- Packaged unit-test to tarball. +- Rewritten unit-test to be able to run as non-root user, where it will not + try to read /dev/mem. +- Added two dmidump data files to the unit-test. + +* Thu Nov 26 2009 David Sommerseth - 3.10.7-3 +- Fixed even more .spec file issues and removed explicit mentioning + of /usr/share/python-dmidecode/pymap.xml + +* Wed Nov 25 2009 David Sommerseth - 3.10.7-2 +- Fixed some .spec file issues (proper Requires, use _datadir macro) + +* Wed Sep 23 2009 Nima Talebi - 3.10.7-1 +- Updated source0 to new 3.10.7 tar ball + +* Mon Jul 13 2009 David Sommerseth - 3.10.6-6 +- Only build the python-dmidecode module, not everything + +* Mon Jul 13 2009 David Sommerseth - 3.10.6-5 +- Added missing BuildRequres for libxml2-python + +* Mon Jul 13 2009 David Sommerseth - 3.10.6-4 +- Added missing BuildRequres for python-devel + +* Mon Jul 13 2009 David Sommerseth - 3.10.6-3 +- Added missing BuildRequres for libxml2-devel + +* Mon Jul 13 2009 David Sommerseth - 3.10.6-2 +- Updated release, to avoid build conflict + +* Wed Jun 10 2009 David Sommerseth - 3.10.6-1 +- Updated to work with the new XML based python-dmidecode + +* Sat Mar 7 2009 Clark Williams - 2.10.3-1 +- Initial build. + diff --git a/SPECS-EXTENDED/python-dulwich/python-dulwich.signatures.json b/SPECS-EXTENDED/python-dulwich/python-dulwich.signatures.json index 2e2a89f09a..83a7781a08 100644 --- a/SPECS-EXTENDED/python-dulwich/python-dulwich.signatures.json +++ b/SPECS-EXTENDED/python-dulwich/python-dulwich.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "dulwich-0.19.16.tar.gz": "f74561c448bfb6f04c07de731c1181ae4280017f759b0bb04fa5770aa84ca850" + "python-dulwich-0.21.7.tar.gz": "a9e9c66833cea580c3ac12927e4b9711985d76afca98da971405d414de60e968" } } diff --git a/SPECS-EXTENDED/python-dulwich/python-dulwich.spec b/SPECS-EXTENDED/python-dulwich/python-dulwich.spec index fa331462a6..01da394359 100644 --- a/SPECS-EXTENDED/python-dulwich/python-dulwich.spec +++ b/SPECS-EXTENDED/python-dulwich/python-dulwich.spec @@ -1,16 +1,17 @@ -Vendor: Microsoft Corporation -Distribution: Azure Linux + %global srcname dulwich %global __provides_exclude_from ^(%{python3_sitearch}/.*\\.so)$ Name: python-%{srcname} -Version: 0.19.16 -Release: 2%{?dist} +Version: 0.21.7 +Release: 6%{?dist} Summary: Python implementation of the Git file formats and protocols -License: GPLv2+ or ASL 2.0 +License: GPL-2.0-or-later OR Apache-2.0 +Vendor: Microsoft Corporation +Distribution: Azure Linux URL: https://www.dulwich.io/ -Source0: %pypi_source dulwich +Source0: %{pypi_source}#/%{name}-%{version}.tar.gz BuildRequires: gcc @@ -23,7 +24,7 @@ Mrs. Git live in the Monty Python sketch. Summary: %{summary} BuildRequires: python3-devel - +BuildRequires: python3-setuptools %{?python_provide:%python_provide python3-%{srcname}} %description -n python3-%{srcname} @@ -72,235 +73,165 @@ rm -rf %{buildroot}%{python3_sitearch}/docs/tutorial/ %doc html %changelog -* Fri Oct 15 2021 Pawel Winogrodzki - 0.19.16-2 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). - -* Sat Apr 18 2020 Fabian Affolter - 0.19.16-1 -- Update to latest upstream release 0.19.16 (rhbz#1825352) - -* Fri Feb 28 2020 Fabian Affolter - 0.19.15-3 -- Move docs to subpackage - -* Thu Jan 30 2020 Fedora Release Engineering - 0.19.15-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild - -* Mon Jan 27 2020 Fabian Affolter - 0.19.15-1 -- Update to new upstream version 0.19.15 - -* Wed Dec 25 2019 Fabian Affolter - 0.19.14-1 -- Update to new upstream version 0.19.14 - -* Mon Nov 11 2019 Fabian Affolter - 0.19.13-1 -- Remove Python 2 (rhbz#1761783) -- Update to new upstream version 0.19.13 - -* Thu Oct 03 2019 Miro Hrončok - 0.19.12-3 -- Rebuilt for Python 3.8.0rc1 (#1748018) - -* Wed Aug 21 2019 Miro Hrončok - 0.19.12-2 -- Rebuilt for Python 3.8 +* Fri Jan 17 2025 Akhila Guruju - 0.21.7-6 +- Initial Azure Linux import from Fedora 41 (license: MIT). +- License verified. -* Mon Aug 19 2019 Fabian Affolter - 0.19.12-1 -- Update to new upstream version 0.19.12 +* Fri Jul 19 2024 Fedora Release Engineering - 0.21.7-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild -* Sat Aug 17 2019 Miro Hrončok - 0.19.11-4 -- Rebuilt for Python 3.8 +* Fri Jun 07 2024 Python Maint - 0.21.7-4 +- Rebuilt for Python 3.13 -* Fri Jul 26 2019 Fedora Release Engineering - 0.19.11-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild +* Fri Jan 26 2024 Fedora Release Engineering - 0.21.7-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -* Mon Jun 24 2019 Yatin Karel - 0.19.11-2 -- Rebuild after removing python2-sphinx +* Mon Jan 22 2024 Fedora Release Engineering - 0.21.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild -* Fri Mar 1 2019 Yatin Karel - 0.19.11-1 -- Update to new upstream version 0.19.11 +* Wed Dec 06 2023 Joel Capitao - 0.21.7-1 +- Update to latest upstream release 0.21.7 (closes rhbz#2236973) -* Sat Feb 02 2019 Fedora Release Engineering - 0.19.9-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild +* Fri Jul 21 2023 Fedora Release Engineering - 0.21.5-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -* Sun Nov 18 2018 Fabian Affolter - 0.19.9-1 -- Update to new upstream version 0.19.9 +* Wed Jun 14 2023 Python Maint - 0.21.5-2 +- Rebuilt for Python 3.12 -* Mon Aug 27 2018 Fabian Affolter - 0.19.6-1 -- Update to new upstream version 0.19.6 +* Mon May 22 2023 Fabian Affolter - 0.21.5-1 +- Upgrade to latest upstream release 0.21.5 (closes rhbz#2193005) -* Sat Jul 14 2018 Fedora Release Engineering - 0.19.2-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild +* Sun Feb 19 2023 Fabian Affolter - 0.21.3-1 +- Upgrade to latest upstream release 0.21.3 (closes rhbz#2170942) -* Tue Jun 19 2018 Miro Hrončok - 0.19.2-2 -- Rebuilt for Python 3.7 +* Wed Jan 25 2023 Fabian Affolter - 0.21.2-1 +- Upgrade to latest upstream release 0.21.2 (closes rhbz#2138585) -* Sat May 05 2018 Fabian Affolter - 0.19.2-1 -- Update to new upstream version 0.19.2 +* Fri Jan 20 2023 Fedora Release Engineering - 0.20.46-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild -* Fri Mar 23 2018 Fabian Affolter - 0.19.0-1 -- Update to new upstream version 0.19.0 +* Tue Sep 13 2022 Fabian Affolter - 0.20.46-1 +- Update to latest upstream release 0.20.46 (closes rhbz#2124623) -* Tue Mar 13 2018 Iryna Shcherbina - 0.18.6-3 -- Update Python 2 dependency declarations to new packaging standards - (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) +* Fri Aug 19 2022 Fabian Affolter - 0.20.45-1 +- Update to latest upstream release 0.20.45 (closes rhbz#2107737) -* Fri Feb 09 2018 Fedora Release Engineering - 0.18.6-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild +* Fri Jul 22 2022 Fedora Release Engineering - 0.20.44-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild -* Mon Nov 27 2017 Alan Pevec 0.18.6-1 -- Update to 0.18.6 -- Fixes CVE-2017-16228 +* Fri Jul 08 2022 Fabian Affolter - 0.20.44-1 +- Update to latest upstream release 0.20.44 (closes rhbz#2102830) -* Fri Oct 13 2017 Fabian Affolter - 0.18.4-1 -- Update to new upstream version 0.16.0 (rhbz#*1405983) +* Mon Jun 13 2022 Python Maint - 0.20.43-2 +- Rebuilt for Python 3.11 -* Thu Aug 03 2017 Fedora Release Engineering - 0.16.0-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild +* Tue Jun 07 2022 Fabian Affolter - 0.20.43-1 +- Update to latest upstream release 0.20.43 (closes rhbz#2089721) -* Thu Jul 27 2017 Fedora Release Engineering - 0.16.0-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild +* Thu May 19 2022 Fabian Affolter - 0.20.40-1 +- Update to latest upstream release 0.20.40 (closes rhbz#2086840) -* Sat Feb 11 2017 Fedora Release Engineering - 0.16.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild +* Sun May 15 2022 Fabian Affolter - 0.20.36-1 +- Update to latest upstream release 0.20.36 (closes rhbz#2086300) -* Mon Jan 23 2017 Fabian Affolter - 0.16.0-1 -- Update to new upstream version 0.16.0 +* Sun Mar 20 2022 Fabian Affolter - 0.20.35-1 +- Update to latest upstream release 0.20.35 (closes rhbz#2066021) -* Sat Jan 21 2017 Fabian Affolter - 0.15.0-1 -- Update to new upstream version 0.15.0 +* Thu Mar 17 2022 Fabian Affolter - 0.20.34-1 +- Update to latest upstream release 0.20.34 (closes rhbz#2064048) -* Mon Dec 19 2016 Miro Hrončok - 0.12.0-4 -- Rebuild for Python 3.6 +* Sun Mar 06 2022 Fabian Affolter - 0.20.33-1 +- Update to latest upstream release 0.20.33 (closes rhbz#2061090) -* Tue Jul 19 2016 Fedora Release Engineering - 0.12.0-3 -- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages +* Mon Jan 24 2022 Fabian Affolter - 0.20.32-1 +- Update to latest upstream release 0.20.31 (closes rhbz#2044558) -* Tue Feb 02 2016 Raphael Groner - 0.12.0-2 -- Generate documentation for python3 -- Split binaries in subpackage to avoid duplication -- Execute tests -- Fix rhbz#1304050 +* Fri Jan 21 2022 Fabian Affolter - 0.20.31-1 +- * Fri Jan 21 2022 Fabian Affolter - 0.20.31-1 - + Update to latest upstream release 0.20.31 (closes rhbz#2037101) -* Tue Feb 02 2016 Fabian Affolter - 0.12.0-1 -- Update to new upstream version 0.12.0 +* Fri Jan 21 2022 Fedora Release Engineering - 0.20.25-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -* Sat Nov 14 2015 Fabian Affolter - 0.11.2-3 -- Cleanup and py3 +* Fri Aug 27 2021 Fabian Affolter - 0.20.25-2 +- Update bug id -* Tue Oct 06 2015 Fabian Affolter - 0.11.2-2 -- Update docs -- Update to new upstream version 0.11.2 +* Fri Aug 27 2021 Fabian Affolter - 0.20.25-1 +- * Fri Aug 27 2021 Fabian Affolter - 0.20.25-1 - + Update to latest upstream release 0.20.25 (closes rhbz#1923878) -* Tue Oct 06 2015 Fabian Affolter - 0.11.1-1 -- Update to new upstream version 0.11.1 +* Wed Aug 25 2021 Fabian Affolter - 0.20.24-1 +- * Wed Aug 25 2021 Fabian Affolter - 0.20.24-1 - + Update to latest upstream release 0.20.24 (rhbz#1925135) -* Thu Jun 18 2015 Fedora Release Engineering - 0.10.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild +* Tue Jul 27 2021 Fedora Release Engineering - 0.20.23-3 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild -* Mon Mar 23 2015 Fabian Affolter - 0.10.0-1 -- Fix for CVE-2014-9706 (rhbz#1204889, rhbz#1204890, and rhbz#1204891) -- Update to new upstream version 0.10.0 +* Thu Jun 03 2021 Python Maint - 0.20.23-2 +- Rebuilt for Python 3.10 -* Mon Mar 23 2015 Fabian Affolter - 0.9.9-1 -- Update to new upstream version 0.9.9 +* Tue May 25 2021 Fabian Affolter - 0.20.23-1 +- * Tue May 25 2021 Fabian Affolter - 0.20.23-1 - + Update to latest upstream version 0.20.23 (#1925135) -* Sun Aug 17 2014 Fedora Release Engineering - 0.9.7-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild +* Sat Feb 06 2021 Fabian Affolter - 0.20.18-1 +- * Sat Feb 06 2021 Fabian Affolter - 0.20.18-1 - + Update to latest upstream release 0.20.18 (#1925135) -* Fri Jun 27 2014 Fabian Affolter - 0.9.7-1 -- Update to new upstream version 0.9.7 +* Wed Jan 27 2021 Fedora Release Engineering - 0.20.15-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -* Sat Jun 07 2014 Fedora Release Engineering - 0.9.6-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild +* Wed Dec 23 2020 Fabian Affolter - 0.20.15-1 +- * Wed Dec 23 2020 Fabian Affolter - 0.20.15-1 - + Update to latest upstream release 0.20.15 (#1910183) -* Sat May 24 2014 Fabian Affolter - 0.9.6-1 -- Update to new upstream version 0.9.6 +* Fri Nov 27 2020 Fabian Affolter - 0.20.14-1 +- * Mon Nov 23 2020 Fabian Affolter - 0.20.14-1 - + Update to latest upstream release 0.20.14 (#1902106) -* Wed Feb 26 2014 Fabian Affolter - 0.9.5-1 -- Tests are currently not working -- Update to new upstream version 0.9.5 +* Mon Nov 23 2020 Fabian Affolter - 0.20.13-2 +- Fix name -* Mon Oct 28 2013 Fabian Affolter - 0.9.1-1 -- Update to new upstream version 0.9.1 +* Mon Nov 23 2020 Fabian Affolter - 0.20.13-1 +- * Mon Nov 23 2020 Fabian Affolter - 0.20.13-1 - + CLI part was fixed by upstream (#1866463) - Update to latest upstream + release 0.20.13 (#1900385) -* Sun Aug 04 2013 Fedora Release Engineering - 0.9.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild +* Fri Oct 30 2020 Fabian Affolter - 0.20.11-1 +- * Fri Oct 30 2020 Fabian Affolter - 0.20.11-1 - + Update to latest upstream release 0.20.11 (#1893055) -* Sat Jun 15 2013 Fabian Affolter - 0.9.0-1 -- Update to new upstream version 0.9.0 -- Now dual-licensed GPLv2+ or ASL 2.0 +* Mon Aug 31 2020 Fabian Affolter - 0.20.6-1 +- * Mon Aug 31 2020 Fabian Affolter - 0.20.6-1 - + Update to latest upstream release 0.20.6 (rhbz#1873748) -* Thu Feb 14 2013 Fedora Release Engineering - 0.8.7-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild +* Wed Jul 29 2020 Fedora Release Engineering - 0.20.5-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild -* Tue Jan 15 2013 Fabian Affolter - 0.8.7-1 -- Update to new upstream version 0.8.7 +* Fri Jun 26 2020 Fabian Affolter - 0.20.5-2 +- * Fri Jun 26 2020 Fabian Affolter - 0.20.5-2 - + Add python3-setuptools as BR -* Sat Nov 10 2012 Fabian Affolter - 0.8.6-1 -- Update to new upstream version 0.8.6 +* Mon Jun 22 2020 Fabian Affolter - 0.20.5-1 +- * Mon Jun 22 2020 Fabian Affolter - 0.20.5-1 - + Update to latest upstream release 0.20.5 (rhbz#1846933) -* Sat Jul 21 2012 Fedora Release Engineering - 0.8.5-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild +* Mon Jun 15 2020 Fabian Affolter - 0.20.3-1 +- * Mon Jun 15 2020 Fabian Affolter - 0.20.3-1 - + Update to latest upstream release 0.20.3 (rhbz#1846933) -* Sat Jun 23 2012 Matěj Cepl - 0.8.5-2 -- We don’t need python-unittest2 anymore. +* Mon Jun 01 2020 Fabian Affolter - 0.20.2-1 +- * Mon Jun 01 2020 Fabian Affolter - 0.20.2-1 - + Update to latest upstream release 0.20.2 (rhbz#1842651) -* Fri Apr 13 2012 Fabian Affolter - 0.8.5-1 -- Update to new upstream version 0.8.5 +* Sat May 23 2020 Miro Hrončok - 0.19.16-2 +- Rebuilt for Python 3.9 -* Fri Apr 06 2012 Fabian Affolter - 0.8.4-1 -- Update to new upstream version 0.8.4 - -* Fri Feb 24 2012 Fabian Affolter - 0.8.3-1 -- Update to new upstream version 0.8.3 - -* Sat Jan 28 2012 Fabian Affolter - 0.8.2-2 -- Add missing BR - -* Fri Jan 27 2012 Fabian Affolter - 0.8.2-1 -- Update to new upstream version 0.8.2 - -* Sat Jan 14 2012 Fedora Release Engineering - 0.8.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild - -* Thu Oct 13 2011 Fabian Affolter - 0.8.0-1 -- Update to new upstream version 0.8.0 - -* Sun Apr 17 2011 Fabian Affolter - 0.7.1-1 -- Update to new upstream version 0.7.1 - -* Fri Mar 11 2011 Fabian Affolter - 0.7.0-3 -- Test section reworked - -* Tue Feb 08 2011 Fedora Release Engineering - 0.7.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - -* Thu Jan 27 2011 Fabian Affolter - 0.7.0-1 -- Update to new upstream version 0.7.0 - -* Mon Nov 08 2010 Fabian Affolter - 0.6.2-1 -- Filtering added -- Update to new upstream version 0.6.2 - -* Wed Sep 01 2010 Fabian Affolter - 0.6.1-1 -- Fix grep parameter -- Run all test now -- Update to new upstream version 0.6.1 - -* Sat Jul 03 2010 Fabian Affolter - 0.6.0-3 -- Remove exec permission from test.py -- Add python-nose - -* Fri Jun 25 2010 Fabian Affolter - 0.6.0-2 -- Change summary -- Change to srcname -- Fix rpmlint issue -- Add check section and exclude the tests directory - -* Thu Jun 17 2010 Fabian Affolter - 0.6.0-1 -- Fix some rpmlint issues -- Add docs directory -- Update to new upstream version 0.6.0 +* Sat Apr 18 2020 Fabian Affolter - 0.19.16-1 +- * Sat Apr 18 2020 Fabian Affolter - 0.19.16-1 - + Update to latest upstream release 0.19.16 (rhbz#1825352) -* Wed Apr 28 2010 Fabian Affolter - 0.5.0-2 -- Add Doc -- Add BR setuptools +* Fri Feb 28 2020 Fabian Affolter - 0.19.15-3 +- RPMAUTOSPEC: unresolvable merge -* Fri Apr 16 2010 Steve 'Ashcrow' Milner 0.5.0-1 -- Initial package diff --git a/SPECS-EXTENDED/python-pyproject-api/python-pyproject-api.signatures.json b/SPECS-EXTENDED/python-pyproject-api/python-pyproject-api.signatures.json new file mode 100644 index 0000000000..db1d7a2b81 --- /dev/null +++ b/SPECS-EXTENDED/python-pyproject-api/python-pyproject-api.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "python-pyproject-api-1.6.1.tar.gz": "1817dc018adc0d1ff9ca1ed8c60e1623d5aaca40814b953af14a9cf9a5cae538" + } +} diff --git a/SPECS-EXTENDED/python-pyproject-api/python-pyproject-api.spec b/SPECS-EXTENDED/python-pyproject-api/python-pyproject-api.spec new file mode 100644 index 0000000000..786505e554 --- /dev/null +++ b/SPECS-EXTENDED/python-pyproject-api/python-pyproject-api.spec @@ -0,0 +1,124 @@ +Name: python-pyproject-api +Version: 1.6.1 +Release: 6%{?dist} +Summary: API to interact with the python pyproject.toml based projects +Vendor: Microsoft Corporation +Distribution: Azure Linux +License: MIT +URL: https://pyproject-api.readthedocs.org +Source0: https://files.pythonhosted.org/packages/source/p/pyproject-api/pyproject_api-%{version}.tar.gz#/%{name}-%{version}.tar.gz +BuildArch: noarch + +BuildRequires: python3-devel +BuildRequires: pyproject-rpm-macros +BuildRequires: python3-pip +BuildRequires: python3-hatch-vcs +BuildRequires: python3-wheel +BuildRequires: python3-hatchling +BuildRequires: python3-packaging +BuildRequires: python3-pytest +BuildRequires: python3-pytest-mock +BuildRequires: python3-pytest +BuildRequires: python3-setuptools +BuildRequires: python3-pathspec +BuildRequires: python3-setuptools_scm +BuildRequires: python3-trove-classifiers + +%global _description %{expand: +API to interact with the python pyproject.toml based projects.} + +%description %_description + +%package -n python3-pyproject-api +Summary: %{summary} + +%description -n python3-pyproject-api %_description + +%prep +%autosetup -n pyproject_api-%{version} +# Remove unneeded testing deps +sed -i "/covdefaults/d;/pytest-cov/d" pyproject.toml + +%generate_buildrequires +%pyproject_buildrequires -w -x testing + +%build +%pyproject_wheel + +%install +%pyproject_install +%pyproject_save_files pyproject_api + +%check +%pytest --ignore=tests/test_frontend_setuptools.py + +%files -n python3-pyproject-api -f %{pyproject_files} +%doc README.md +%license %{python3_sitelib}/pyproject_api-%{version}.dist-info/licenses/LICENSE + +%changelog +* Fri Feb 21 2025 Jyoti kanase - 1.6.1-6 +- Initial Azure Linux import from Fedora 41 (license: MIT). +- License verified. + +* Fri Jul 19 2024 Fedora Release Engineering - 1.6.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Fri Jun 07 2024 Python Maint - 1.6.1-4 +- Rebuilt for Python 3.13 + +* Fri Jan 26 2024 Fedora Release Engineering - 1.6.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Jan 22 2024 Fedora Release Engineering - 1.6.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Oct 23 2023 Miro Hrončok - 1.6.1-1 +- Update to 1.6.1 +- Fixes: rhbz#2215138 + +* Fri Jul 21 2023 Fedora Release Engineering - 1.5.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Wed Jun 14 2023 Python Maint - 1.5.1-2 +- Rebuilt for Python 3.12 + +* Mon Mar 13 2023 Lumir Balhar - 1.5.1-1 +- Update to 1.5.1 (rhbz#2177516) + +* Fri Jan 20 2023 Fedora Release Engineering - 1.5.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Wed Jan 18 2023 Lumir Balhar - 1.5.0-1 +- Update to 1.5.0 (rhbz#2161818) + +* Thu Jan 05 2023 Lumir Balhar - 1.4.0-1 +- Update to 1.4.0 (rhbz#2158206) + +* Tue Jan 03 2023 Lumír Balhar - 1.3.0-1 +- Update to 1.3.0 (rhbz#2157941) + +* Wed Dec 07 2022 Lumír Balhar - 1.2.1-1 +- Update to 1.2.1 (rhbz#2150693) + +* Tue Nov 01 2022 Lumír Balhar - 1.1.2-1 +- Update to 1.1.2 +Resolves: rhbz#2138752 + +* Tue Sep 13 2022 Lumír Balhar - 1.1.1-1 +- Update to 1.1.1 +Resolves: rhbz#2126242 + +* Sun Sep 11 2022 Lumír Balhar - 1.1.0-1 +- Update to 1.1.0 +Resolves: rhbz#2125780 + +* Fri Jul 22 2022 Fedora Release Engineering - 0.1.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Mon Jun 13 2022 Python Maint - 0.1.1-2 +- Rebuilt for Python 3.11 + +* Mon Feb 07 2022 Lumír Balhar - 0.1.1-1 +- Initial package + diff --git a/SPECS-EXTENDED/python-qrcode/python-qrcode.signatures.json b/SPECS-EXTENDED/python-qrcode/python-qrcode.signatures.json index 8332f057c5..ea092fc0a6 100644 --- a/SPECS-EXTENDED/python-qrcode/python-qrcode.signatures.json +++ b/SPECS-EXTENDED/python-qrcode/python-qrcode.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "python-qrcode-6.1.tar.gz": "505253854f607f2abf4d16092c61d4e9d511a3b4392e60bff957a68592b04369" + "python-qrcode-7.4.2.tar.gz": "9dd969454827e127dbd93696b20747239e6d540e082937c90f14ac95b30f5845" } } diff --git a/SPECS-EXTENDED/python-qrcode/python-qrcode.spec b/SPECS-EXTENDED/python-qrcode/python-qrcode.spec index 845cda521a..7ae6399fb4 100644 --- a/SPECS-EXTENDED/python-qrcode/python-qrcode.spec +++ b/SPECS-EXTENDED/python-qrcode/python-qrcode.spec @@ -1,70 +1,64 @@ -%bcond_with missing_dependencies -Vendor: Microsoft Corporation -Distribution: Azure Linux %global pkgname qrcode Name: python-%{pkgname} -Version: 6.1 -Release: 6%{?dist} +Version: 7.4.2 +Release: 16%{?dist} Summary: Python QR Code image generator -License: BSD +License: BSD-3-Clause +Vendor: Microsoft Corporation +Distribution: Azure Linux URL: https://github.com/lincolnloop/python-qrcode -Source0: https://pypi.python.org/packages/source/q/qrcode/qrcode-%{version}.tar.gz#/python-qrcode-%{version}.tar.gz +Source0: https://files.pythonhosted.org/packages/source/q/qrcode/qrcode-7.4.2.tar.gz#/%{name}-%{version}.tar.gz BuildArch: noarch BuildRequires: python3-devel -BuildRequires: python3-setuptools -BuildRequires: python3-six - -%if %{with missing_dependencies} -BuildRequires: python3-imaging -%endif - -%global _description\ +BuildRequires: python3-pytest +BuildRequires: python3-pip +BuildRequires: python3-wheel +BuildRequires: python3-pluggy +BuildRequires: python3-typing-extensions + +# Explicit requires (#2271500) +Requires: python3-pypng + +# Comment out failing test +Patch0: qrcode_test.patch +# Fix failure with Python3.12 +Patch1: qrcode_assert-has-calls.patch +# Make pypng requirement optional +# https://github.com/lincolnloop/python-qrcode/pull/338 +Patch2: qrcode-optional-pypng.patch + +%description This module uses the Python Imaging Library (PIL) to allow for the\ generation of QR Codes. -%description %_description - %package -n python3-%{pkgname} Summary: Python QR Code image generator -%if %{with missing_dependencies} -Requires: python3-imaging -%endif -# For entry point: -Requires: python3-setuptools -Requires: python3-%{pkgname}-core = %{version}-%{release} +Obsoletes: python3-qrcode-core < 7.4.2-2 +Provides: python3-qrcode-core = %{version}-%{release} %description -n python3-%{pkgname} This module uses the Python Imaging Library (PIL) to allow for the generation of QR Codes. Python 3 version. -%package -n python3-%{pkgname}-core -Requires: python3-six -Summary: Python 3 QR Code image generator (core library) - -%description -n python3-%{pkgname}-core -Core Python 3 module for QR code generation. Does not contain image rendering. +%generate_buildrequires +# RHEL does not include the extra test dependencies (coverage, pillow) +%pyproject_buildrequires %{?!rhel:-x test -x pil -x png} %prep -%autosetup -n qrcode-%{version} - -# The pure plugin requires pymaging which is not packaged in Fedora. -rm qrcode/image/pure.py* - +%autosetup -n qrcode-%{version} -p1 # Remove shebang sed -i '1d' qrcode/console_scripts.py %build -%py3_build +%pyproject_wheel %install -%py3_install - -# Do not install tests -rm -r %{buildroot}%{python3_sitelib}/%{pkgname}/tests +%pyproject_install +%pyproject_save_files qrcode # # In previous iterations of the package, the qr script had been @@ -75,46 +69,90 @@ rm -r %{buildroot}%{python3_sitelib}/%{pkgname}/tests ln -s qr %{buildroot}%{_bindir}/qrcode %check -# in lieue of a real test suite -modules=$(find qrcode -name '*.py' \ - | grep -v __init__ \ - | sort \ - | sed -e 's|/|.|g' \ - | sed -e 's|.py$||g'); +%pytest -v - -for m in $modules; -do - %{__python3} -c "import $m" -done - -%files -n python3-%{pkgname} +%files -n python3-%{pkgname} -f %{pyproject_files} +%doc README.rst CHANGES.rst +%license LICENSE %{_bindir}/qr %{_bindir}/qrcode %{_mandir}/man1/qr.1* -%{python3_sitelib}/%{pkgname}/image/svg.py* -%{python3_sitelib}/%{pkgname}/image/pil.py* -%{python3_sitelib}/%{pkgname}/image/__pycache__/svg.* -%{python3_sitelib}/%{pkgname}/image/__pycache__/pil.* - -%files -n python3-%{pkgname}-core -%doc README.rst CHANGES.rst -%license LICENSE -%dir %{python3_sitelib}/%{pkgname}/ -%dir %{python3_sitelib}/%{pkgname}/image -%dir %{python3_sitelib}/%{pkgname}/image/__pycache__ -%{python3_sitelib}/%{pkgname}*.egg-info -%{python3_sitelib}/%{pkgname}/*.py* -%{python3_sitelib}/%{pkgname}/__pycache__ -%{python3_sitelib}/%{pkgname}/image/__init__.py* -%{python3_sitelib}/%{pkgname}/image/base.py* -%{python3_sitelib}/%{pkgname}/image/__pycache__/__init__.* -%{python3_sitelib}/%{pkgname}/image/__pycache__/base.* %changelog -* Tue Aug 31 2021 Pawel Winogrodzki - 6.1-6 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). -- Disabling optional dependency on "python-pillow". +* Thu Feb 20 2025 Akhila Guruju - 7.4.2-16 +- Initial Azure Linux import from Fedora 41 (license: MIT). +- License verified +- Added `BuildRequires: python3-pluggy python3-typing-extensions` to fix build. + +* Fri Jul 19 2024 Fedora Release Engineering - 7.4.2-15 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Sat Jun 08 2024 Python Maint - 7.4.2-14 +- Rebuilt for Python 3.13 + +* Thu Apr 25 2024 Yaakov Selkowitz - 7.4.2-13 +- Skip more sys.stdout mock tests + +* Tue Mar 26 2024 Sandro Mani - 7.4.2-12 +- Fix requires + +* Tue Mar 26 2024 Sandro Mani - 7.4.2-11 +- Requires: python-pypng (#2271500) + +* Fri Jan 26 2024 Fedora Release Engineering - 7.4.2-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Jan 22 2024 Fedora Release Engineering - 7.4.2-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Wed Aug 23 2023 Florence Blanc-Renaud - 7.4.2-8 +- migrated to SPDX license + +* Tue Jul 25 2023 Yaakov Selkowitz - 7.4.2-7 +- Make pypng requirement optional + +* Fri Jul 21 2023 Fedora Release Engineering - 7.4.2-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Fri Jun 16 2023 Python Maint - 7.4.2-5 +- Rebuilt for Python 3.12 + +* Tue May 23 2023 Yaakov Selkowitz - 7.4.2-4 +- Migrate from tox to pytest, avoid unwanted deps in RHEL builds + +* Fri May 12 2023 Sandro Mani - 7.4.2-3 +- Add patch to fix test failures with py3.12 + +* Mon May 01 2023 Sandro Mani - 7.4.2-2 +- Switch to pyproject macros + +* Mon May 01 2023 Sandro Mani - 7.4.2-1 +- Update to 7.4.2 + +* Tue Jan 04 2022 Michel Alexandre Salim - 7.3.1-3 +- Opt in to rpmautospec + +* Tue Jan 04 2022 Christian Heimes - 7.3.1-2 +- Remove python-imaging build requirements for RHEL (#1935839) +- Run unit tests during build + +* Thu Dec 09 2021 Sandro Mani - 7.3.1-1 +- Update to 7.3.1 + +* Fri Jul 23 2021 Fedora Release Engineering - 6.1-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Fri Jun 04 2021 Python Maint - 6.1-9 +- Rebuilt for Python 3.10 + +* Wed Jan 27 2021 Fedora Release Engineering - 6.1-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Wed Jul 29 2020 Fedora Release Engineering - 6.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue May 26 2020 Miro Hrončok - 6.1-6 +- Rebuilt for Python 3.9 * Thu Jan 30 2020 Fedora Release Engineering - 6.1-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild @@ -211,3 +249,4 @@ done * Sat Jun 2 2012 Michel Salim - 2.4.1-1 - Initial package + diff --git a/SPECS-EXTENDED/python-qrcode/qrcode-optional-pypng.patch b/SPECS-EXTENDED/python-qrcode/qrcode-optional-pypng.patch new file mode 100644 index 0000000000..cc7882a713 --- /dev/null +++ b/SPECS-EXTENDED/python-qrcode/qrcode-optional-pypng.patch @@ -0,0 +1,93 @@ +Backport of https://github.com/lincolnloop/python-qrcode/pull/338 + +diff --git a/qrcode/main.py b/qrcode/main.py +index 0ac91bb..53f2ab2 100644 +--- a/qrcode/main.py ++++ b/qrcode/main.py +@@ -16,7 +16,6 @@ from typing_extensions import Literal + + from qrcode import constants, exceptions, util + from qrcode.image.base import BaseImage +-from qrcode.image.pure import PyPNGImage + + ModulesType = List[List[Optional[bool]]] + # Cache modules generated just based on the QR Code version +@@ -360,7 +359,11 @@ class QRCode(Generic[GenericImage]): + from qrcode.image.pil import Image, PilImage + + # Use PIL by default if available, otherwise use PyPNG. +- image_factory = PilImage if Image else PyPNGImage ++ if Image is not None: ++ image_factory = PilImage ++ else: ++ from qrcode.image.pure import PyPNGImage ++ image_factory = PyPNGImage + + im = image_factory( + self.border, +diff --git a/qrcode/tests/test_qrcode.py b/qrcode/tests/test_qrcode.py +index 5c1ea35..24c36f8 100644 +--- a/qrcode/tests/test_qrcode.py ++++ b/qrcode/tests/test_qrcode.py +@@ -5,18 +5,21 @@ import warnings + from tempfile import mkdtemp + from unittest import mock + +-import png +- + import qrcode + import qrcode.util + from qrcode.compat.pil import Image as pil_Image + from qrcode.exceptions import DataOverflowError + from qrcode.image.base import BaseImage +-from qrcode.image.pure import PyPNGImage + from qrcode.image.styledpil import StyledPilImage + from qrcode.image.styles import colormasks, moduledrawers + from qrcode.util import MODE_8BIT_BYTE, MODE_ALPHA_NUM, MODE_NUMBER, QRData + ++try: ++ import png ++ from qrcode.image.pure import PyPNGImage ++except ImportError: ++ PyPNGImage = None ++ + UNICODE_TEXT = "\u03b1\u03b2\u03b3" + WHITE = (255, 255, 255) + BLACK = (0, 0, 0) +@@ -175,6 +178,7 @@ class QRCodeTests(unittest.TestCase): + self.assertTrue(MockFactory.new_image.called) + self.assertTrue(MockFactory.drawrect.called) + ++ @unittest.skipIf(not PyPNGImage, "Requires pypng") + def test_render_pypng(self): + qr = qrcode.QRCode() + qr.add_data(UNICODE_TEXT) +@@ -184,6 +188,7 @@ class QRCodeTests(unittest.TestCase): + print(img.width, img.box_size, img.border) + img.save(io.BytesIO()) + ++ @unittest.skipIf(not PyPNGImage, "Requires pypng") + def test_render_pypng_to_str(self): + qr = qrcode.QRCode() + qr.add_data(UNICODE_TEXT) +diff --git a/setup.cfg b/setup.cfg +index 3aff842..c17189b 100644 +--- a/setup.cfg ++++ b/setup.cfg +@@ -30,7 +30,6 @@ packages = find: + install_requires = + colorama;platform_system=="Windows" + typing_extensions +- pypng + python_requires = >= 3.7 + + [options.extras_require] +@@ -45,6 +44,8 @@ test = + pytest + pil = + pillow>=9.1.0 ++png = ++ pypng + all = + zest.releaser[recommended] + tox diff --git a/SPECS-EXTENDED/python-qrcode/qrcode_assert-has-calls.patch b/SPECS-EXTENDED/python-qrcode/qrcode_assert-has-calls.patch new file mode 100644 index 0000000000..d8efa19885 --- /dev/null +++ b/SPECS-EXTENDED/python-qrcode/qrcode_assert-has-calls.patch @@ -0,0 +1,9 @@ +diff -rupN --no-dereference qrcode-7.4.2/qrcode/tests/test_release.py qrcode-7.4.2-new/qrcode/tests/test_release.py +--- qrcode-7.4.2/qrcode/tests/test_release.py 2023-02-05 23:11:38.000000000 +0100 ++++ qrcode-7.4.2-new/qrcode/tests/test_release.py 2023-05-12 13:59:22.069372313 +0200 +@@ -37,4 +37,4 @@ class UpdateManpageTests(unittest.TestCa + .replace("version", "3.11") + .replace("date", datetime.datetime.now().strftime("%-d %b %Y")) + ) +- mock_file().write.has_calls([mock.call(line) for line in expected]) ++ mock_file().write.assert_has_calls([mock.call(line) for line in expected if line]) diff --git a/SPECS-EXTENDED/python-qrcode/qrcode_test.patch b/SPECS-EXTENDED/python-qrcode/qrcode_test.patch new file mode 100644 index 0000000000..760294146d --- /dev/null +++ b/SPECS-EXTENDED/python-qrcode/qrcode_test.patch @@ -0,0 +1,30 @@ +From: Bastian Germann +Date: Sat, 20 Apr 2024 08:05:29 +0000 +Subject: Skip tests with mock on stdout + +--- + qrcode/tests/test_script.py | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/qrcode/tests/test_script.py b/qrcode/tests/test_script.py +index 4ae4ccb..a747a24 100644 +--- a/qrcode/tests/test_script.py ++++ b/qrcode/tests/test_script.py +@@ -27,7 +27,7 @@ class ScriptTest(unittest.TestCase): + mock_print_ascii.assert_called_with(tty=True) + + @mock.patch("os.isatty", lambda *args: False) +- @mock.patch("sys.stdout") ++ @unittest.skip("cannot mock sys.stdout") + @unittest.skipIf(not Image, "Requires PIL") + def test_piped(self, mock_stdout): + main(["testtext"]) +@@ -59,7 +59,7 @@ class ScriptTest(unittest.TestCase): + def test_optimize(self, mock_print_ascii): + main("testtext --optimize 0".split()) + +- @mock.patch("sys.stdout") ++ @unittest.skip("cannot mock sys.stdout") + def test_factory(self, mock_stdout): + main("testtext --factory svg".split()) + diff --git a/SPECS-EXTENDED/python-rdflib/python-rdflib.signatures.json b/SPECS-EXTENDED/python-rdflib/python-rdflib.signatures.json index b73c06ce08..04d8263f99 100755 --- a/SPECS-EXTENDED/python-rdflib/python-rdflib.signatures.json +++ b/SPECS-EXTENDED/python-rdflib/python-rdflib.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "rdflib-6.2.0.tar.gz": "62dc3c86d1712db0f55785baf8047f63731fa59b2682be03219cb89262065942" + "python-rdflib-7.0.0.tar.gz": "9995eb8569428059b8c1affd26b25eac510d64f5043d9ce8c84e0d0036e995ae" } } diff --git a/SPECS-EXTENDED/python-rdflib/python-rdflib.spec b/SPECS-EXTENDED/python-rdflib/python-rdflib.spec index 321f5b7d17..7a20ce70d3 100755 --- a/SPECS-EXTENDED/python-rdflib/python-rdflib.spec +++ b/SPECS-EXTENDED/python-rdflib/python-rdflib.spec @@ -1,23 +1,43 @@ + %global srcname rdflib -Summary: Python library for working with RDF + +%bcond docs 0 +%bcond tests 0 +%if 0%{?fedora} +%bcond docs 1 +%bcond tests 1 +%endif + Name: python-%{srcname} -Version: 6.2.0 -Release: 2%{?dist} +Version: 7.0.0 +Release: 6%{?dist} +Summary: Python library for working with RDF License: BSD-3-Clause Vendor: Microsoft Corporation Distribution: Azure Linux URL: https://github.com/RDFLib/rdflib -Source0: https://github.com/RDFLib/%{srcname}/releases/download/%{version}/%{srcname}-%{version}.tar.gz -BuildRequires: python%{python3_pkgversion}-devel -BuildRequires: python%{python3_pkgversion}-setuptools -Requires: python3-importlib-metadata -Requires: python3-isodate -Requires: python3-pyparsing -Requires: python3-setuptools BuildArch: noarch -%if 0%{?with_check} -BuildRequires: python3-pip -BuildRequires: python3-pytest + +Source: %{pypi_source}#/%{name}-%{version}.tar.gz +Patch: %{srcname}-py3_13-fix-pickler.diff +# Backported from https://github.com/RDFLib/rdflib/pull/2817 +Patch: rdflib-7.0.0-pytest8.patch + +BuildRequires: python%{python3_pkgversion}-devel +BuildRequires: python3-pip +BuildRequires: python3-wheel +BuildRequires: python3-poetry + +%if %{with tests} +BuildRequires: python3dist(pytest) +%endif + +%if %{with docs} +BuildRequires: python3dist(myst-parser) +BuildRequires: python3dist(sphinx) +BuildRequires: python3dist(sphinx-autodoc-typehints) +BuildRequires: python3dist(sphinxcontrib-apidoc) +BuildRequires: python3dist(typing-extensions) %endif %description @@ -41,14 +61,25 @@ store implementations for in-memory, persistent on disk (Berkeley DB) and remote SPARQL endpoints, a SPARQL 1.1 implementation - supporting SPARQL 1.1 Queries and Update statements - and SPARQL function extension mechanisms. +%if %{with docs} +%package -n python%{python3_pkgversion}-%{srcname}-docs +Summary: Documentation for %{srcname} + +%description -n python%{python3_pkgversion}-%{srcname}-docs +Documentation for %{srcname}, a Python library for working with RDF. +%endif + %prep -%autosetup -n %{srcname}-%{version} +%autosetup -p1 -n %{srcname}-%{version} + +%generate_buildrequires +%pyproject_buildrequires %build -%py3_build +%pyproject_wheel %install -%py3_install +%pyproject_install # Various .py files within site-packages have a shebang line but aren't # flagged as executable. @@ -58,19 +89,14 @@ Queries and Update statements - and SPARQL function extension mechanisms. # __main__ parses URI as N-Triples: chmod +x %{buildroot}%{python3_sitelib}/rdflib/plugins/parsers/ntriples.py -# __main__ parses the file given on the command line: -chmod +x %{buildroot}%{python3_sitelib}/rdflib/plugins/parsers/notation3.py - # __main__ parses the file or URI given on the command line: chmod +x %{buildroot}%{python3_sitelib}/rdflib/tools/rdfpipe.py # __main__ runs a test (well, it's something) -chmod +x %{buildroot}%{python3_sitelib}/rdflib/extras/infixowl.py \ - %{buildroot}%{python3_sitelib}/rdflib/extras/external_graph_libs.py +chmod +x %{buildroot}%{python3_sitelib}/rdflib/extras/external_graph_libs.py # sed these headers out as they include no __main__ -for lib in %{buildroot}%{python3_sitelib}/rdflib/extras/describer.py \ - %{buildroot}%{python3_sitelib}/rdflib/plugins/parsers/pyRdfa/extras/httpheader.py; do +for lib in %{buildroot}%{python3_sitelib}/rdflib/extras/describer.py; do sed '1{\@^#!/usr/bin/env python@d}' $lib > $lib.new && touch -r $lib $lib.new && mv $lib.new $lib @@ -84,26 +110,78 @@ sed -i '1s=^#!/usr/bin/\(python\|env python\).*=#!%{__python3}=' \ %{buildroot}%{python3_sitelib}/rdflib/tools/rdfpipe.py \ %{buildroot}%{python3_sitelib}/rdflib/plugins/parsers/notation3.py +%if %{with docs} +# generate html docs +PYTHONPATH=%{buildroot}%{python3_sitelib} sphinx-build-3 -b html -d docs/_build/doctree docs docs/_build/html +# remove the sphinx-build-3 leftovers +rm -rf docs/_build/html/.{doctrees,buildinfo} +%endif + +%pyproject_save_files %{srcname} + +%if %{with tests} %check -%{python3} -m pip install atomicwrites attrs more-itertools pluggy pytest-cov html5lib -%pytest -v test +%pytest -k "not rdflib and not rdflib.extras.infixowl and not \ + test_example and not test_suite and not \ + test_infix_owl_example1 and not test_context and not \ + test_service and not test_simple_not_null and not \ + test_sparqleval and not test_parser" +%endif -%files -n python3-%{srcname} +%files -n python%{python3_pkgversion}-%{srcname} -f %{pyproject_files} %license LICENSE -%doc CHANGELOG.md README.md -%{python3_sitelib}/%{srcname} -%{python3_sitelib}/%{srcname}-%{version}-py%{python3_version}.egg-info +%doc README.md %{_bindir}/csv2rdf %{_bindir}/rdf2dot %{_bindir}/rdfgraphisomorphism %{_bindir}/rdfpipe %{_bindir}/rdfs2dot +%if %{with docs} +%files -n python%{python3_pkgversion}-%{srcname}-docs +%license LICENSE +%doc docs/_build/html +%endif + %changelog -* Wed Nov 23 2022 Sumedh Sharma - 6.2.0-2 -- Initial CBL-Mariner import from Fedora 37 (license: MIT) +* Wed Feb 26 2025 Akhila Guruju - 7.0.0-6 +- Initial Azure Linux import from Fedora 41 (license: MIT). - License verified +* Fri Jul 19 2024 Fedora Release Engineering - 7.0.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Tue Jul 02 2024 Nils Philippsen - 7.0.0-4 +- Fix testing with pytest 8 + +* Thu Jun 13 2024 Michel Lind - 7.0.0-3 +- Work around inability to override Pickler/Unpickler methods in Python + 3.13 + +* Sun Jun 09 2024 Python Maint - 7.0.0-2 +- Rebuilt for Python 3.13 + +* Sat May 25 2024 Robert-André Mauchin - 7.0.0-1 +- Update to 7.0.0 +- Use current Python macros +- Run tests +- Build docs + +* Fri Jan 26 2024 Fedora Release Engineering - 6.2.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Jan 22 2024 Fedora Release Engineering - 6.2.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jul 21 2023 Fedora Release Engineering - 6.2.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Tue Jun 13 2023 Python Maint - 6.2.0-3 +- Rebuilt for Python 3.12 + +* Fri Jan 20 2023 Fedora Release Engineering - 6.2.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + * Tue Aug 30 2022 Simone Caronni - 6.2.0-1 - Update to 6.2.0. - Update SPEC file. @@ -142,3 +220,5 @@ sed -i '1s=^#!/usr/bin/\(python\|env python\).*=#!%{__python3}=' \ * Thu Jan 30 2020 Fedora Release Engineering - 4.2.1-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +## END: Generated by rpmautospec diff --git a/SPECS-EXTENDED/python-rdflib/rdflib-7.0.0-pytest8.patch b/SPECS-EXTENDED/python-rdflib/rdflib-7.0.0-pytest8.patch new file mode 100644 index 0000000000..9a052f342d --- /dev/null +++ b/SPECS-EXTENDED/python-rdflib/rdflib-7.0.0-pytest8.patch @@ -0,0 +1,35 @@ +diff -up rdflib-7.0.0/test/test_misc/test_parse_file_guess_format.py.pytest8 rdflib-7.0.0/test/test_misc/test_parse_file_guess_format.py +--- rdflib-7.0.0/test/test_misc/test_parse_file_guess_format.py.pytest8 2023-06-01 21:15:21.520171900 +0200 ++++ rdflib-7.0.0/test/test_misc/test_parse_file_guess_format.py 2024-07-02 17:45:47.257339626 +0200 +@@ -61,7 +61,7 @@ class TestFileParserGuessFormat: + g.parse(os.path.join(TEST_DATA_DIR, "example-lots_of_graphs.n3")), Graph + ) + +- def test_warning(self) -> None: ++ def test_warning(self, caplog: pytest.LogCaptureFixture) -> None: + g = Graph() + graph_logger = logging.getLogger("rdflib") + +@@ -78,9 +78,16 @@ class TestFileParserGuessFormat: + ), + str(newpath), + ) +- with pytest.raises(ParserError, match=r"Could not guess RDF format"): +- with pytest.warns( +- UserWarning, +- match="does not look like a valid URI, trying to serialize this will break.", +- ) as logwarning: +- g.parse(str(newpath)) ++ with pytest.raises( ++ ParserError, match=r"Could not guess RDF format" ++ ), caplog.at_level("WARNING"): ++ g.parse(str(newpath)) ++ ++ assert any( ++ rec.levelno == logging.WARNING ++ and ( ++ "does not look like a valid URI, trying to serialize this will break." ++ in rec.message ++ ) ++ for rec in caplog.records ++ ) diff --git a/SPECS-EXTENDED/python-rdflib/rdflib-py3_13-fix-pickler.diff b/SPECS-EXTENDED/python-rdflib/rdflib-py3_13-fix-pickler.diff new file mode 100644 index 0000000000..d2fbf49289 --- /dev/null +++ b/SPECS-EXTENDED/python-rdflib/rdflib-py3_13-fix-pickler.diff @@ -0,0 +1,64 @@ +--- a/rdflib/store.py ++++ b/rdflib/store.py +@@ -113,27 +113,39 @@ class TripleRemovedEvent(Event): + """ + + ++class _Pickler(Pickler): ++ def __init__(self, file, node): ++ super(_Pickler, self).__init__(file) ++ self._node = node ++ ++ def persistent_id(self, key: Any) -> Optional[str]: ++ try: ++ return self._node._ids.get(key) ++ except TypeError: ++ return None ++ ++ ++class _Unpickler(Unpickler): ++ def __init__(self, file, node): ++ super(_Unpickler, self).__init__(file) ++ self._node = node ++ ++ def persistent_load(self, pid): ++ return self._node._get_object(pid) ++ ++ + class NodePickler: + def __init__(self) -> None: + self._objects: Dict[str, Any] = {} + self._ids: Dict[Any, str] = {} + self._get_object = self._objects.__getitem__ + +- def _get_ids(self, key: Any) -> Optional[str]: +- try: +- return self._ids.get(key) +- except TypeError: +- return None +- + def register(self, object: Any, id: str) -> None: + self._objects[id] = object + self._ids[object] = id + + def loads(self, s: bytes) -> "Node": +- up = Unpickler(BytesIO(s)) +- # NOTE on type error: https://github.com/python/mypy/issues/2427 +- # type error: Cannot assign to a method +- up.persistent_load = self._get_object # type: ignore[assignment] ++ up = _Unpickler(BytesIO(s), self) + try: + return up.load() + except KeyError as e: +@@ -143,10 +155,7 @@ class NodePickler: + self, obj: "Node", protocol: Optional[Any] = None, bin: Optional[Any] = None + ): + src = BytesIO() +- p = Pickler(src) +- # NOTE on type error: https://github.com/python/mypy/issues/2427 +- # type error: Cannot assign to a method +- p.persistent_id = self._get_ids # type: ignore[assignment] ++ p = _Pickler(src, self) + p.dump(obj) + return src.getvalue() + diff --git a/SPECS-EXTENDED/python-requests-file/python-requests-file.signatures.json b/SPECS-EXTENDED/python-requests-file/python-requests-file.signatures.json index 59936716bd..6a6473439a 100644 --- a/SPECS-EXTENDED/python-requests-file/python-requests-file.signatures.json +++ b/SPECS-EXTENDED/python-requests-file/python-requests-file.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "requests-file-1.4.3.tar.gz": "8f04aa6201bacda0567e7ac7f677f1499b0fc76b22140c54bc06edf1ba92e2fa" + "python-requests-file-2.0.0.tar.gz": "20c5931629c558fda566cacc10cfe2cd502433e628f568c34c80d96a0cc95972" } } diff --git a/SPECS-EXTENDED/python-requests-file/python-requests-file.spec b/SPECS-EXTENDED/python-requests-file/python-requests-file.spec index 809393e15b..1db71a3aad 100644 --- a/SPECS-EXTENDED/python-requests-file/python-requests-file.spec +++ b/SPECS-EXTENDED/python-requests-file/python-requests-file.spec @@ -1,65 +1,115 @@ -Vendor: Microsoft Corporation -Distribution: Azure Linux %global srcname requests-file Name: python-%{srcname} -Version: 1.4.3 -Release: 15%{?dist} +Version: 2.0.0 +Release: 5%{?dist} Summary: Transport adapter for using file:// URLs with python-requests -License: ASL 2.0 +License: Apache-2.0 +Vendor: Microsoft Corporation +Distribution: Azure Linux URL: https://github.com/dashea/requests-file -Source0: %pypi_source +Source0: %{pypi_source}#/%{name}-%{version}.tar.gz BuildArch: noarch +BuildRequires: python3-devel +BuildRequires: python3dist(pytest) +BuildRequires: python3-pip +BuildRequires: python3-wheel +BuildRequires: python3-setuptools_scm +BuildRequires: python3-requests -%description +%global _description %{expand: Requests-File is a transport adapter for use with the Requests Python -library to allow local file system access via file:// URLs. +library to allow local file system access via file:// URLs.} -This is the Python 2 version of the requests_file module +%description %_description %package -n python3-requests-file -Summary: Transport adapter for using file:// URLs with python3-requests -%{?python_provide:%python_provide python3-%{srcname}} - -BuildRequires: python3-devel -BuildRequires: python3-setuptools -BuildRequires: python3-requests -BuildRequires: python3-six +Summary: %{summary} -Requires: python3-requests -Requires: python3-six - -%description -n python3-requests-file -Requests-File is a transport adapter for use with the Requests Python -library to allow local file system access via file:// URLs. - -This is the Python 3 version of the requests_file module +%description -n python3-requests-file %_description %prep %autosetup -n %{srcname}-%{version} -rm -rf requests_file.egg-info + +%generate_buildrequires +%pyproject_buildrequires %build -%py3_build +%pyproject_wheel %install -%py3_install +%pyproject_install +%pyproject_save_files requests_file %check -%{__python3} setup.py test +%{pytest} -%files -n python3-requests-file +%files -n python3-requests-file -f %{pyproject_files} %license LICENSE %doc README.rst -%{python3_sitelib}/requests_file.py* -%{python3_sitelib}/__pycache__/requests_file.* -%{python3_sitelib}/requests_file*.egg-info* %changelog -* Fri Oct 15 2021 Pawel Winogrodzki - 1.4.3-15 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Thu Feb 27 2025 Akhila Guruju - 2.0.0-5 +- Initial Azure Linux import from Fedora 41 (license: MIT). +- License verified + +* Fri Jul 19 2024 Fedora Release Engineering - 2.0.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Fri Jun 07 2024 Python Maint - 2.0.0-3 +- Rebuilt for Python 3.13 + +* Fri Feb 02 2024 Yaakov Selkowitz - 2.0.0-2 +- Avoid tox dependency + +* Mon Jan 29 2024 David Shea - 2.0.0-1 +- Update to version 2.0.0 +- Apply current python packaging recommendations to the spec file + +* Fri Jan 26 2024 Fedora Release Engineering - 1.5.1-12 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Jan 22 2024 Fedora Release Engineering - 1.5.1-11 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jul 21 2023 Fedora Release Engineering - 1.5.1-10 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Tue Jun 13 2023 Python Maint - 1.5.1-9 +- Rebuilt for Python 3.12 + +* Fri Jan 20 2023 Fedora Release Engineering - 1.5.1-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Fri Jul 22 2022 Fedora Release Engineering - 1.5.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Mon Jun 13 2022 Python Maint - 1.5.1-6 +- Rebuilt for Python 3.11 + +* Fri Jan 21 2022 Fedora Release Engineering - 1.5.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Fri Jul 23 2021 Fedora Release Engineering - 1.5.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Thu Jun 03 2021 Python Maint - 1.5.1-3 +- Rebuilt for Python 3.10 + +* Wed Jan 27 2021 Fedora Release Engineering - 1.5.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Mon Dec 14 2020 David Shea - 1.5.1-1 +- Make Content-Length optional +- Fix python2 compatibility + +* Wed Jul 29 2020 Fedora Release Engineering - 1.4.3-16 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Sat May 23 2020 Miro Hrončok - 1.4.3-15 +- Rebuilt for Python 3.9 * Thu Jan 30 2020 Fedora Release Engineering - 1.4.3-14 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/SPECS-EXTENDED/python-requests-kerberos/python-requests-kerberos.signatures.json b/SPECS-EXTENDED/python-requests-kerberos/python-requests-kerberos.signatures.json index a9f03529e3..10edd8f171 100644 --- a/SPECS-EXTENDED/python-requests-kerberos/python-requests-kerberos.signatures.json +++ b/SPECS-EXTENDED/python-requests-kerberos/python-requests-kerberos.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "requests-kerberos-393e49c.tar.gz": "b3d5f18ffa867f6132dbced9cbf69f4fa6c9834be7b32b8c33d3426582ba5d95" + "requests-kerberos-0.14.0.tar.gz": "b7d4c9cfc3c3dd10c73466bd29f319a5b08c067414057136f44408a85bbb1102" } } diff --git a/SPECS-EXTENDED/python-requests-kerberos/python-requests-kerberos.spec b/SPECS-EXTENDED/python-requests-kerberos/python-requests-kerberos.spec index 749e54c17b..f2f93a20f4 100644 --- a/SPECS-EXTENDED/python-requests-kerberos/python-requests-kerberos.spec +++ b/SPECS-EXTENDED/python-requests-kerberos/python-requests-kerberos.spec @@ -1,74 +1,64 @@ Vendor: Microsoft Corporation Distribution: Azure Linux -%global upstream_name requests-kerberos -%global module_name requests_kerberos -%global commit0 393e49c698904c76ad9f56c6e4dbd2dbc55a7c42 -%global gittag0 v0.12.0 -%global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) - -Name: python-%{upstream_name} -Version: 0.12.0 -Release: 11%{?dist} +Name: python-requests-kerberos +Version: 0.14.0 +Release: 6%{?dist} Summary: A Kerberos authentication handler for python-requests -License: MIT +License: ISC URL: https://github.com/requests/requests-kerberos # Upstream considers Github not PyPI to be the authoritative source tarballs: # https://github.com/requests/requests-kerberos/pull/78 -Source0: https://github.com/requests/requests-kerberos/archive/%{commit0}.tar.gz#/%{upstream_name}-%{shortcommit0}.tar.gz -# Upstream has switched their requirement to the "pykerberos" fork, but for now -# we still have the original "kerberos" module in Fedora. -Patch1: 0001-switch-requirement-from-pykerberos-back-to-kerberos.patch +Source: %{url}/archive/v%{version}/requests-kerberos-%{version}.tar.gz BuildArch: noarch BuildRequires: python3-devel -BuildRequires: python3-setuptools -BuildRequires: python3-mock -%if 0%{?with_check} BuildRequires: python3-pip -%endif +BuildRequires: python3dist(wheel) +BuildRequires: python3dist(pytest) +BuildRequires: python3dist(pytest-mock) +BuildRequires: python3-requests +%global _description %{expand: +Requests is an HTTP library, written in Python, for human beings. This library +adds optional Kerberos/GSSAPI authentication support and supports mutual +authentication.} -%description -Requests is an HTTP library, written in Python, for human beings. This library -adds optional Kerberos/GSSAPI authentication support and supports mutual -authentication. +%description %_description -%package -n python3-%{upstream_name} +%package -n python3-requests-kerberos Summary: %{summary} -Requires: python3-requests >= 1.1 -Requires: python3-kerberos -Requires: python3-cryptography -# runtime requirements are needed for tests also -BuildRequires: python3-requests >= 1.1 -BuildRequires: python3-kerberos -BuildRequires: python3-cryptography -%{?python_provide:%python_provide python3-%{upstream_name}} - -%description -n python3-%{upstream_name} -Requests is an HTTP library, written in Python, for human beings. This library -adds optional Kerberos/GSSAPI authentication support and supports mutual -authentication. + + +%description -n python3-requests-kerberos %_description %prep -%setup -q -n %{upstream_name}-%{commit0} -%patch 1 -p1 +%autosetup -n requests-kerberos-%{version} +# avoid unnecessary coverage dependency +sed -i '/pytest-cov/d' requirements-test.txt + +%generate_buildrequires +%pyproject_buildrequires requirements-test.txt %build -%py3_build +%pyproject_wheel + +%install +%pyproject_install +%pyproject_save_files requests_kerberos + %check -pip3 install pytest -py.test tests/ +pip install pyspnego +%pytest -v tests -%install -%py3_install -%files -n python3-%{upstream_name} -%license LICENSE +%files -n python3-requests-kerberos -f %{pyproject_files} %doc README.rst AUTHORS HISTORY.rst -%{python3_sitelib}/%{module_name} -%{python3_sitelib}/%{module_name}*.egg-info %changelog +* Thu Feb 12 2025 Sumit Jena - 0.14.0-6 +- Initial Azure Linux import from Fedora 41 (license: MIT). +- License verified + * Thu Apr 28 2022 Muhammad Falak - 0.12.0-11 - Use `py.test` instead of `py.test-3` to enable ptest - License verified diff --git a/SPECS-EXTENDED/python-urwid/python-urwid.signatures.json b/SPECS-EXTENDED/python-urwid/python-urwid.signatures.json index 1d470f7cb5..663e349ce4 100644 --- a/SPECS-EXTENDED/python-urwid/python-urwid.signatures.json +++ b/SPECS-EXTENDED/python-urwid/python-urwid.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "urwid-2.1.2.tar.gz": "588bee9c1cb208d0906a9f73c613d2bd32c3ed3702012f51efe318a3f2127eae" + "python-urwid-2.6.14.tar.gz": "feeafc4fa9343fdfa1e9b01914064a4a9399ec746b814a550d44462e5ef85c72" } -} +} \ No newline at end of file diff --git a/SPECS-EXTENDED/python-urwid/python-urwid.spec b/SPECS-EXTENDED/python-urwid/python-urwid.spec index e41fb79e8e..9af557462a 100644 --- a/SPECS-EXTENDED/python-urwid/python-urwid.spec +++ b/SPECS-EXTENDED/python-urwid/python-urwid.spec @@ -2,16 +2,24 @@ Vendor: Microsoft Corporation Distribution: Azure Linux %bcond_without tests +%global debug_package %{nil} %global srcname urwid Name: python-%{srcname} -Version: 2.1.2 -Release: 2%{?dist} +Version: 2.6.14 +Release: 1%{?dist} Summary: Console user interface library -License: LGPLv2+ -URL: http://excess.org/urwid/ -Source0: %{pypi_source urwid} +License: LGPL-2.1-or-later AND MIT +URL: https://excess.org/urwid/ +Source0: https://pypi.org/packages/source/u/urwid/%{srcname}-%{version}.tar.gz#/%{name}-%{version}.tar.gz +BuildRequires: python3-pip +BuildRequires: python3-wheel +BuildRequires: python3-pytest +BuildRequires: python3-setuptools_scm +BuildRequires: python3-wcwidth +BuildRequires: python3-typing-extensions +BuildRequires: python3-curses %global _description\ Urwid is a Python library for making text console applications. It has\ @@ -26,40 +34,43 @@ control. %package -n python3-%{srcname} Summary: %summary %{?python_provide:%python_provide python3-urwid} -BuildRequires: gcc BuildRequires: python3-devel -BuildRequires: python3-setuptools -# needed by selftest suite for test.support -BuildRequires: python3-test +BuildRequires: python3-pytest %description -n python3-%{srcname} %_description +%generate_buildrequires +%pyproject_buildrequires + %prep -%setup -q -n %{srcname}-%{version} +%autosetup -n %{srcname}-%{version} +sed -i -e 's/--cov=urwid//' pyproject.toml find urwid -type f -name "*.py" -exec sed -i -e '/^#!\//, 1d' {} \; find urwid -type f -name "*.py" -exec chmod 644 {} \; %build -%py3_build - +%pyproject_wheel find examples -type f -exec chmod 0644 \{\} \; + %check %if %{with tests} -# tests are failing: https://github.com/urwid/urwid/issues/344 PYTHON=%{__python3} %{__python3} setup.py test || : %endif %install -%py3_install +%pyproject_install +%pyproject_save_files %{srcname} -%files -n python3-%{srcname} +%files -n python3-%{srcname} -f %{pyproject_files} %license COPYING %doc README.rst examples docs -%{python3_sitearch}/urwid/ -%{python3_sitearch}/urwid-%{version}*.egg-info/ %changelog +* Fri Mar 07 2024 Jyoti kanase - 2.6.14-1 +- Upgrade to 2.6.14 +- License verified. + * Fri Oct 15 2021 Pawel Winogrodzki - 2.1.2-2 - Initial CBL-Mariner import from Fedora 33 (license: MIT). diff --git a/SPECS-EXTENDED/python-voluptuous/python-voluptuous.signatures.json b/SPECS-EXTENDED/python-voluptuous/python-voluptuous.signatures.json index b0dc706477..6e0088d2fb 100644 --- a/SPECS-EXTENDED/python-voluptuous/python-voluptuous.signatures.json +++ b/SPECS-EXTENDED/python-voluptuous/python-voluptuous.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "voluptuous-0.11.7.tar.gz": "2abc341dbc740c5e2302c7f9b8e2e243194fb4772585b991931cb5b22e9bf456" + "python-voluptuous-0.15.2.tar.gz": "6ffcab32c4d3230b4d2af3a577c87e1908a714a11f6f95570456b1849b0279aa" } } diff --git a/SPECS-EXTENDED/python-voluptuous/python-voluptuous.spec b/SPECS-EXTENDED/python-voluptuous/python-voluptuous.spec index d643b84b6f..a033e55e4e 100644 --- a/SPECS-EXTENDED/python-voluptuous/python-voluptuous.spec +++ b/SPECS-EXTENDED/python-voluptuous/python-voluptuous.spec @@ -1,50 +1,132 @@ -Vendor: Microsoft Corporation -Distribution: Azure Linux - %global srcname voluptuous -Name: python-%{srcname} -Version: 0.11.7 -Release: 4%{?dist} -Summary: A Python data validation library -License: BSD -URL: http://github.com/alecthomas/voluptuous -Source0: %{pypi_source} +Name: python-%{srcname} +Version: 0.15.2 +Release: 2%{?dist} +Summary: Python data validation library +Vendor: Microsoft Corporation +Distribution: Azure Linux +License: BSD-3-Clause +URL: https://github.com/alecthomas/voluptuous +Source0: %{pypi_source}#/%{name}-%{version}.tar.gz BuildArch: noarch -BuildRequires: python3-devel -%description +%global _description %{expand: Voluptuous, despite the name, is a Python data validation library. It is -primarily intended for validating data coming into Python as JSON, YAML, etc. +primarily intended for validating data coming into Python as JSON, YAML, etc.} +%description %_description %package -n python3-%{srcname} -Summary: A Python data validation library -BuildRequires: python3-devel python3-setuptools -%{?python_provide:%python_provide python3-%{srcname}} +Summary: %{summary} +BuildRequires: python3-devel +BuildRequires: python3dist(wheel) +BuildRequires: python3-pip +BuildRequires: python3-setuptools +BuildRequires: python3-pytest -%description -n python3-%{srcname} -Voluptuous, despite the name, is a Python data validation library. It is -primarily intended for validating data coming into Python as JSON, YAML, etc. +%description -n python3-%{srcname} %_description %prep %autosetup -n %{srcname}-%{version} +%generate_buildrequires +%pyproject_buildrequires + %build -%py3_build +%pyproject_wheel %install -%py3_install +%pyproject_install -%files -n python3-%{srcname} +%pyproject_save_files voluptuous + +%check +%pytest + +%files -n python3-%{srcname} -f %{pyproject_files} %doc README.md %license COPYING -%{python3_sitelib}/* %changelog -* Fri Oct 15 2021 Pawel Winogrodzki - 0.11.7-4 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Wed Feb 12 2025 Archana Shettigar - 0.15.2-2 +- Initial Azure Linux import from Fedora 41 (license: MIT). +- License verified + +* Wed Aug 21 2024 Sergio Pascual - 0.15.2-1 +- New upstream source 0.15.2 + +* Fri Jul 19 2024 Fedora Release Engineering - 0.15.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Thu Jun 27 2024 Sergio Pascual - 0.15.0-1 +- New upstream source 0.15.0 + +* Fri Jun 07 2024 Python Maint - 0.14.2-2 +- Rebuilt for Python 3.13 + +* Mon Feb 05 2024 Sergio Pascual - 0.14.2-1 +- New upstream source 0.14.2 + +* Fri Jan 26 2024 Fedora Release Engineering - 0.14.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Jan 22 2024 Fedora Release Engineering - 0.14.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Nov 26 2023 Sergio Pascual - 0.14.1-1 +- New upstream source 0.14.1 +- Updated license to SPDX + +* Fri Jul 21 2023 Fedora Release Engineering - 0.13.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Tue Jun 13 2023 Python Maint - 0.13.1-5 +- Rebuilt for Python 3.12 + +* Fri Jan 20 2023 Fedora Release Engineering - 0.13.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Fri Jul 22 2022 Fedora Release Engineering - 0.13.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Mon Jun 13 2022 Python Maint - 0.13.1-2 +- Rebuilt for Python 3.11 + +* Thu Apr 07 2022 Fedora Release Monitoring - 0.13.1-1 +- Update to 0.13.1 (#2073109) + +* Fri Apr 01 2022 Fabian Affolter - 0.13.0-1 +- Update to latest upstream release 0.13.0 (closes rhbz#2070062) + +* Fri Jan 21 2022 Fedora Release Engineering - 0.12.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Wed Oct 06 2021 Sergio Pascual - 0.12.2-1 +- New upstream source (0.12.2) + +* Tue Jul 27 2021 Fedora Release Engineering - 0.12.1-4 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Fri Jun 04 2021 Python Maint - 0.12.1-3 +- Rebuilt for Python 3.10 + +* Wed Jan 27 2021 Fedora Release Engineering - 0.12.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Thu Dec 17 2020 Sergio Pascual - 0.12.1-1 +- New upstream source (0.12.1) + +* Wed Nov 04 2020 Sergio Pascual - 0.12.0-1 +- New upstream source (0.12.0) + +* Wed Jul 29 2020 Fedora Release Engineering - 0.11.7-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue May 26 2020 Miro Hrončok - 0.11.7-4 +- Rebuilt for Python 3.9 * Thu Jan 30 2020 Fedora Release Engineering - 0.11.7-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/SPECS-EXTENDED/python3-typed_ast/python3-typed_ast.signatures.json b/SPECS-EXTENDED/python3-typed_ast/python3-typed_ast.signatures.json index e095c2b6f3..2262a85472 100644 --- a/SPECS-EXTENDED/python3-typed_ast/python3-typed_ast.signatures.json +++ b/SPECS-EXTENDED/python3-typed_ast/python3-typed_ast.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "typed_ast-1.4.2.tar.gz": "be4b75ea880768489e30818267cf920027ed99014001ac428aedd0b31bbfc899" + "typed_ast-1.5.4.tar.gz": "1b2db37247c74594660aa9ad40014394fd765ed7fba90256f472329c06e742ab" } } diff --git a/SPECS-EXTENDED/python3-typed_ast/python3-typed_ast.spec b/SPECS-EXTENDED/python3-typed_ast/python3-typed_ast.spec index c6291bd8f2..82a17cc587 100644 --- a/SPECS-EXTENDED/python3-typed_ast/python3-typed_ast.spec +++ b/SPECS-EXTENDED/python3-typed_ast/python3-typed_ast.spec @@ -3,8 +3,8 @@ Distribution: Azure Linux %global modname typed_ast Name: python3-%{modname} -Version: 1.4.2 -Release: 2%{?dist} +Version: 1.5.4 +Release: 1%{?dist} Summary: A fork of the ast module with type annotations License: ASL 2.0 @@ -16,6 +16,7 @@ Source0: %{url}/archive/%{version}/%{modname}-%{version}.tar.gz BuildRequires: gcc BuildRequires: python3-devel BuildRequires: python3-setuptools +BuildRequires: python3-pytest %description %summary. This package is based on the ast modules from Python 2 and 3, @@ -32,6 +33,7 @@ as supported in Python 3.6. %py3_install %check +%py3_check_import typed_ast.ast3 typed_ast.ast27 typed_ast.conversions %{__python3} setup.py test %files @@ -41,6 +43,10 @@ as supported in Python 3.6. %{python3_sitearch}/%{modname}-*.egg-info %changelog +* Fri Mar 07 2025 Jyoti Kanase - 1.5.4-1 +- Upgrade to 1.5.4 +- License Verified + * Fri Oct 15 2021 Pawel Winogrodzki - 1.4.2-2 - Initial CBL-Mariner import from Fedora 33 (license: MIT). diff --git a/SPECS-EXTENDED/relaxngDatatype/relaxngDatatype.spec b/SPECS-EXTENDED/relaxngDatatype/relaxngDatatype.spec index ad990e0131..22c54d6486 100644 --- a/SPECS-EXTENDED/relaxngDatatype/relaxngDatatype.spec +++ b/SPECS-EXTENDED/relaxngDatatype/relaxngDatatype.spec @@ -20,7 +20,7 @@ Distribution: Azure Linux Name: relaxngDatatype Version: 2011.1 -Release: 5%{?dist} +Release: 6%{?dist} Summary: RELAX NG Datatype API License: BSD-3-Clause Group: Development/Languages/Java @@ -48,7 +48,7 @@ cp -p %{SOURCE1} . %build ant \ -Dbuild.sysclasspath=only \ - -Dant.build.javac.source=1.6 -Dant.build.javac.target=1.6 + -Dant.build.javac.source=1.8 -Dant.build.javac.target=1.8 %install install -Dpm 644 %{name}.jar \ @@ -64,6 +64,10 @@ install -pm 644 pom.xml %{buildroot}%{_mavenpomdir}/%{name}.pom %{_javadir}/*.jar %changelog +* Thu Feb 27 2025 Durga Jagadeesh Palli - 2011.1-6 +- Error fix +- License verified + * Thu Oct 14 2021 Pawel Winogrodzki - 2011.1-5 - Converting the 'Release' tag to the '[number].[distribution]' format. diff --git a/SPECS-EXTENDED/rhash/rhash.signatures.json b/SPECS-EXTENDED/rhash/rhash.signatures.json index 557417f963..650676cee5 100644 --- a/SPECS-EXTENDED/rhash/rhash.signatures.json +++ b/SPECS-EXTENDED/rhash/rhash.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "rhash-1.3.8.tar.gz": "be536a56acfefc87dbc8b1db30fc639020e41edf05518185ea98630e3df7c04c" + "rhash-1.4.4.tar.gz": "8e7d1a8ccac0143c8fe9b68ebac67d485df119ea17a613f4038cda52f84ef52a" } } diff --git a/SPECS-EXTENDED/rhash/rhash.spec b/SPECS-EXTENDED/rhash/rhash.spec index ed5c7598c4..fdba278543 100644 --- a/SPECS-EXTENDED/rhash/rhash.spec +++ b/SPECS-EXTENDED/rhash/rhash.spec @@ -1,14 +1,15 @@ -Vendor: Microsoft Corporation -Distribution: Azure Linux Name: rhash -Version: 1.3.8 -Release: 4%{?dist} +Version: 1.4.4 +Release: 3%{?dist} Summary: Great utility for computing hash sums -License: MIT +License: 0BSD +Vendor: Microsoft Corporation +Distribution: Azure Linux URL: https://github.com/rhash/RHash Source0: https://github.com/rhash/RHash/archive/v%{version}/%{name}-%{version}.tar.gz +BuildRequires: make BuildRequires: gcc %description @@ -55,40 +56,75 @@ developing applications that use lib%{name}. %setup -q -n RHash-%{version} sed -i -e '/^INSTALL_SHARED/s/644/755/' librhash/Makefile - %build INSTALL_INCDIR=%{_includedir} ./configure --sysconfdir=%{_sysconfdir} --exec-prefix=%{_prefix} --mandir=%{_mandir} --libdir=%{_libdir} -%make_build OPTFLAGS="%{optflags}" OPTLDFLAGS="-g %{?__global_ldflags}" build-shared - +%make_build OPTFLAGS="%{optflags}" OPTLDFLAGS="-g %{?__global_ldflags}" build %install %make_install make DESTDIR=%{buildroot} -C librhash install-so-link install-lib-headers - %check make test-shared - -%ldconfig_scriptlets - - %files %license COPYING %doc ChangeLog README.md %config(noreplace) %{_sysconfdir}/rhashrc %{_bindir}/* -%{_libdir}/*.so.* +%{_libdir}/*.so.1* %{_mandir}/man1/*.1* %files devel %{_includedir}/* %{_libdir}/*.so - %changelog -* Fri Oct 15 2021 Pawel Winogrodzki - 1.3.8-4 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Wed Dec 18 2024 Akhila Guruju - 1.4.4-3 +- Initial CBL-Mariner import from Fedora 41 (license: MIT). +- License verified + +* Fri Jul 19 2024 Fedora Release Engineering - 1.4.4-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Tue Apr 23 2024 Orion Poplawski - 1.4.4-1 +- Update to 1.4.4 + +* Fri Jan 26 2024 Fedora Release Engineering - 1.4.3-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Jan 22 2024 Fedora Release Engineering - 1.4.3-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jul 21 2023 Fedora Release Engineering - 1.4.3-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Fri Jan 20 2023 Fedora Release Engineering - 1.4.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Mon Sep 26 2022 Orion Poplawski - 1.4.3-1 +- Update to 1.4.3 + +* Sat Jul 23 2022 Fedora Release Engineering - 1.4.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Fri Jan 21 2022 Fedora Release Engineering - 1.4.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Thu Sep 16 2021 Orion Poplawski - 1.4.2-1 +- Update to 1.4.2 + +* Fri Jul 23 2021 Fedora Release Engineering - 1.4.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Wed Jan 27 2021 Fedora Release Engineering - 1.4.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Wed Jul 29 2020 Fedora Release Engineering - 1.4.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Thu Jul 16 2020 Orion Poplawski - 1.4.0-1 +- Update to 1.4.0 * Thu Jan 30 2020 Fedora Release Engineering - 1.3.8-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/SPECS-EXTENDED/udica/0001-Add-option-to-generate-custom-policy-for-a-confined-.patch b/SPECS-EXTENDED/udica/0001-Add-option-to-generate-custom-policy-for-a-confined-.patch new file mode 100644 index 0000000000..a0acf2af62 --- /dev/null +++ b/SPECS-EXTENDED/udica/0001-Add-option-to-generate-custom-policy-for-a-confined-.patch @@ -0,0 +1,4995 @@ +From 3cda61f9a576315e9889821faf495663ad8257ef Mon Sep 17 00:00:00 2001 +From: Vit Mojzis +Date: Wed, 29 Nov 2023 10:38:48 +0100 +Subject: [PATCH] Add option to generate custom policy for a confined user +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Udica can now generate cil policy for a confined user using a list of +macros. +The macros are based on policy templates created by Patrik Končitý: +https://github.com/Koncpa/confined-users-policy + +Signed-off-by: Vit Mojzis +--- + README.md | 50 + + setup.py | 1 + + udica/__main__.py | 342 +- + udica/confined_user.py | 134 + + udica/macros/confined_user_macros.cil | 4367 +++++++++++++++++++++++++ + 5 files changed, 4779 insertions(+), 115 deletions(-) + create mode 100644 udica/confined_user.py + create mode 100644 udica/macros/confined_user_macros.cil + +diff --git a/README.md b/README.md +index b37b885..37f68b1 100644 +--- a/README.md ++++ b/README.md +@@ -170,6 +170,56 @@ SELinux now allows binding to tcp/udp port *21*, but not to *80*: + Ncat: SHA-1 fingerprint: 6EEC 102E 6666 5F96 CC4F E5FA A1BE 4A5E 6C76 B6DC + Ncat: bind to :::80: Permission denied. QUITTING. + ++## Creating SELinux policy for confined user ++ ++Each Linux user on an SELinux-enabled system is mapped to an SELinux user. By default administrators can choose between the following SELinux users when confining a user account: root, staff_u, sysadm_u, user_u, xguest_u, guest_u (and unconfined_u which does not limit the user's actions). ++ ++To give administrators more options in confining users, *udica* now provides a way to generate a custom SELinux user (and corresponding roles and types) based on the specified parameters. The new user policy is assembled using a set of predefined policy macros based on use-cases (managing network, administrative tasks, etc.). ++ ++To generate a confined user, use the "confined_user" keyword followed by a list of options: ++ ++| Option | Use case | ++| ------------- | ------------- | ++| -a, --admin_commands | Use administrative commands (vipw, passwd, ...) | ++| -g, --graphical_login | Use graphical login environment | ++| -m, --mozilla_usage | Use mozilla firefox | ++| -n, --networking | Manage basic networking (ip, ifconfig, traceroute, tcpdump, ...) | ++| -d, --security_advanced | Manage SELinux settings (semanage, semodule, sepolicy, ...) | ++| -i, --security_basic | Use read-only security-related tools (seinfo, getsebool, sesearch, ...) | ++| -s, --sudo | Run commands as root using sudo | ++| -l, --user_login | Basic rules common to all users (tty, pty, ...) | ++| -c, --ssh_connect | Connect over SSH | ++| -b, --basic_commands | Use basic commands (date, ls, ps, man, systemctl -user, journalctl -user, passwd, ...) | ++ ++The new user also needs to be assigned an MLS/MCS level and range. These are set to `s0` and `s0:c0.c1023` respectively by default to work well in *targeted* policy mode. ++For more details see [Red Hat Multi-Level Security documentation](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html-single/using_selinux/index#using-multi-level-security-mls_using-selinux). ++ ++``` ++$ udica confined_user -abcdgilmns --level s0 --range "s0:c0" custom_user ++ ++Created custom_user.cil ++Run the following commands to apply the new policy: ++Install the new policy module ++# semodule -i custom_user.cil /usr/share/udica/macros/confined_user_macros.cil ++Create a default context file for the new user ++# sed -e ’s|user|custom_user|g’ /etc/selinux/targeted/contexts/users/user_u > /etc/selinux/targeted/contexts/users/custom_user_u ++Map the new selinux user to an existing user account ++# semanage login -a -s custom_user_u custom_user ++Fix labels in the user's home directory ++# restorecon -RvF /home/custom_user ++``` ++ ++As prompted by *udica*, the new user policy needs to be installed into the system along with the *confined_user_macros* file and a *default context* file needs to be created before the policy is ready to be used. ++ ++Last step is either assignment to an existing linux user (using `semanage login`), or specifying the new SELinux user when creating a new linux user account (no need to run `restorecon` for a new user home directory). ++``` ++useradd -Z custom_user_u ++``` ++ ++The created policy defines a new SELinux user `_u`, a corresponding role `_r` and a list of types (varies based on selected options) `_t, _sudo_t, _ssh_agent_t, ...` ++ ++See [Red Hat Confined User documentation](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/using_selinux/managing-confined-and-unconfined-users_using-selinux#doc-wrapper) for more details about confined users, their assignment, available roles and access they allow. ++ + ## SELinux labels vs. objects they represent + + Policies generated by *udica* work with **SELinux labels** as opposed to filesystem paths, port numbers etc. This means that allowing access to given path (e.g. path to a directory mounted to your container), port number, or any other resource may also allow access to other resources you didn't specify, since the same SELinux label can be assigned to multiple resources. +diff --git a/setup.py b/setup.py +index deb6457..d3f20f4 100644 +--- a/setup.py ++++ b/setup.py +@@ -37,6 +37,7 @@ setuptools.setup( + data_files=[ + ("/usr/share/licenses/udica", ["LICENSE"]), + ("/usr/share/udica/ansible", ["udica/ansible/deploy-module.yml"]), ++ ("/usr/share/udica/macros", ["udica/macros/confined_user_macros.cil"]), + ], + # scripts=["bin/udica"], + entry_points={"console_scripts": ["udica=udica.__main__:main"]}, +diff --git a/udica/__main__.py b/udica/__main__.py +index 43d2e43..1ba8515 100644 +--- a/udica/__main__.py ++++ b/udica/__main__.py +@@ -13,8 +13,9 @@ + # You should have received a copy of the GNU General Public License + # along with this program. If not, see . + +-import subprocess + import argparse ++import subprocess ++import sys + + # import udica + from udica.parse import parse_avc_file +@@ -25,116 +26,224 @@ from udica.policy import create_policy, load_policy, generate_playbook + + + def get_args(): +- parser = argparse.ArgumentParser( +- description="Script generates SELinux policy for running container." +- ) +- parser.add_argument("-V", "--version", action="version", version=version) +- parser.add_argument( +- type=str, help="Name for SELinux policy module", dest="ContainerName" +- ) +- parser.add_argument( +- "-i", +- "--container-id", +- type=str, +- help="Running container ID", +- dest="ContainerID", +- default=None, +- ) +- parser.add_argument( +- "-j", +- "--json", +- help='Load json from this file, use "-j -" for stdin', +- required=False, +- dest="JsonFile", +- default=None, +- ) +- parser.add_argument( +- "--full-network-access", +- help="Allow container full Network access ", +- required=False, +- dest="FullNetworkAccess", +- action="store_true", +- ) +- parser.add_argument( +- "--tty-access", +- help="Allow container to read and write the controlling terminal ", +- required=False, +- dest="TtyAccess", +- action="store_true", +- ) +- parser.add_argument( +- "--X-access", +- help="Allow container to communicate with Xserver ", +- required=False, +- dest="XAccess", +- action="store_true", +- ) +- parser.add_argument( +- "--virt-access", +- help="Allow container to communicate with libvirt ", +- required=False, +- dest="VirtAccess", +- action="store_true", +- ) +- parser.add_argument( +- "-s", +- "--stream-connect", +- help="Allow container to stream connect with given SELinux domain ", +- required=False, +- dest="StreamConnect", +- ) +- parser.add_argument( +- "-l", +- "--load-modules", +- help="Load templates and module created by this tool ", +- required=False, +- dest="LoadModules", +- action="store_true", +- ) +- parser.add_argument( +- "-c", +- "--caps", +- help='List of capabilities, e.g "-c AUDIT_WRITE,CHOWN,DAC_OVERRIDE,FOWNER,FSETID,KILL,MKNOD,NET_BIND_SERVICE,NET_RAW,SETFCAP,SETGID,SETPCAP,SETUID,SYS_CHROOT"', +- required=False, +- dest="Caps", +- default=None, +- ) +- parser.add_argument( +- "--devices", +- type=str, +- help='List of devices the container should have access to, e.g "--devices /dev/dri/card0,/dev/dri/renderD128"', +- dest="Devices", +- required=False, +- default=None, +- ) +- parser.add_argument( +- "-d", +- "--ansible", +- help="Generate ansible playbook to deploy SELinux policy for containers ", +- required=False, +- dest="Ansible", +- action="store_true", +- ) +- parser.add_argument( +- "-a", +- "--append-rules", +- type=str, +- help="Append more SELinux allow rules from file", +- dest="FileAVCS", +- required=False, +- default=None, +- ) +- parser.add_argument( +- "-e", +- "--container-engine", +- type=str, +- help="Specify which container engine is used for the inspected container (supports: {})".format( +- ", ".join(ENGINE_ALL) +- ), +- dest="ContainerEngine", +- required=False, +- default="-", +- ) ++ if "confined_user" in sys.argv: ++ # set up confined_user parser (do not show normal "udica" options) ++ parser = argparse.ArgumentParser( ++ description="SELinux confined user policy generator" ++ ) ++ parser.add_argument("confined_user") ++ parser.add_argument( ++ "-a", ++ "--admin_commands", ++ action="store_true", ++ default=False, ++ dest="admin_commands", ++ help="Use administrative commands (vipw, passwd, ...)", ++ ) ++ parser.add_argument( ++ "-g", ++ "--graphical_login", ++ action="store_true", ++ default=False, ++ dest="graphical_login", ++ help="Use graphical login environment", ++ ) ++ parser.add_argument( ++ "-m", ++ "--mozilla_usage", ++ action="store_true", ++ default=False, ++ dest="mozilla_usage", ++ help="Use mozilla firefox", ++ ) ++ parser.add_argument( ++ "-n", ++ "--networking", ++ action="store_true", ++ default=False, ++ dest="networking", ++ help="Manage basic networking (ip, ifconfig, traceroute, tcpdump, ...)", ++ ) ++ parser.add_argument( ++ "-d", ++ "--security_advanced", ++ action="store_true", ++ default=False, ++ dest="security_advanced", ++ help="Manage SELinux settings (semanage, semodule, sepolicy, ...)", ++ ) ++ parser.add_argument( ++ "-i", ++ "--security_basic", ++ action="store_true", ++ default=False, ++ dest="security_basic", ++ help="Use read-only security-related tools (seinfo, getsebool, sesearch, ...)", ++ ) ++ parser.add_argument( ++ "-s", ++ "--sudo", ++ action="store_true", ++ default=False, ++ dest="sudo", ++ help="Run commands as root using sudo", ++ ) ++ parser.add_argument( ++ "-l", ++ "--user_login", ++ action="store_true", ++ default=False, ++ dest="user_login", ++ help="Basic rules common to all users (tty, pty, ...)", ++ ) ++ parser.add_argument( ++ "-c", ++ "--ssh_connect", ++ action="store_true", ++ default=False, ++ dest="ssh_connect", ++ help="Connect over SSH", ++ ) ++ parser.add_argument( ++ "-b", ++ "--basic_commands", ++ action="store_true", ++ default=False, ++ dest="basic_commands", ++ help="Use basic commands (date, ls, ps, man, systemctl -user, journalctl -user, passwd, ...)", ++ ) ++ parser.add_argument( ++ "--level", ++ nargs="?", ++ default="s0", ++ dest="level", ++ help='MLS/MCS level, defaults to "s0"', ++ ) ++ parser.add_argument( ++ "--range", ++ nargs="?", ++ default="s0-s0:c0.c1023", ++ dest="range", ++ help='MLS/MCS range, defaults to "s0-s0:c0.c1023"', ++ ) ++ parser.add_argument("uname") ++ else: ++ # set up normal udica parser ++ parser = argparse.ArgumentParser( ++ description="Script generates SELinux policy for running container.", ++ prog="udica [confined_user]", ++ formatter_class=argparse.RawDescriptionHelpFormatter, ++ epilog="""Additional options: ++ confined_user Generate policy for a new confined user instead of a container policy""", ++ ) ++ parser.add_argument("-V", "--version", action="version", version=version) ++ parser.add_argument( ++ type=str, help="Name for SELinux policy module", dest="ContainerName" ++ ) ++ parser.add_argument( ++ "-i", ++ "--container-id", ++ type=str, ++ help="Running container ID", ++ dest="ContainerID", ++ default=None, ++ ) ++ parser.add_argument( ++ "-j", ++ "--json", ++ help='Load json from this file, use "-j -" for stdin', ++ required=False, ++ dest="JsonFile", ++ default=None, ++ ) ++ parser.add_argument( ++ "--full-network-access", ++ help="Allow container full Network access ", ++ required=False, ++ dest="FullNetworkAccess", ++ action="store_true", ++ ) ++ parser.add_argument( ++ "--tty-access", ++ help="Allow container to read and write the controlling terminal ", ++ required=False, ++ dest="TtyAccess", ++ action="store_true", ++ ) ++ parser.add_argument( ++ "--X-access", ++ help="Allow container to communicate with Xserver ", ++ required=False, ++ dest="XAccess", ++ action="store_true", ++ ) ++ parser.add_argument( ++ "--virt-access", ++ help="Allow container to communicate with libvirt ", ++ required=False, ++ dest="VirtAccess", ++ action="store_true", ++ ) ++ parser.add_argument( ++ "-s", ++ "--stream-connect", ++ help="Allow container to stream connect with given SELinux domain ", ++ required=False, ++ dest="StreamConnect", ++ ) ++ parser.add_argument( ++ "-l", ++ "--load-modules", ++ help="Load templates and module created by this tool ", ++ required=False, ++ dest="LoadModules", ++ action="store_true", ++ ) ++ parser.add_argument( ++ "-c", ++ "--caps", ++ help='List of capabilities, e.g "-c AUDIT_WRITE,CHOWN,DAC_OVERRIDE,FOWNER,FSETID,KILL,MKNOD,NET_BIND_SERVICE,NET_RAW,SETFCAP,SETGID,SETPCAP,SETUID,SYS_CHROOT"', ++ required=False, ++ dest="Caps", ++ default=None, ++ ) ++ parser.add_argument( ++ "--devices", ++ type=str, ++ help='List of devices the container should have access to, e.g "--devices /dev/dri/card0,/dev/dri/renderD128"', ++ dest="Devices", ++ required=False, ++ default=None, ++ ) ++ parser.add_argument( ++ "-d", ++ "--ansible", ++ help="Generate ansible playbook to deploy SELinux policy for containers ", ++ required=False, ++ dest="Ansible", ++ action="store_true", ++ ) ++ parser.add_argument( ++ "-a", ++ "--append-rules", ++ type=str, ++ help="Append more SELinux allow rules from file", ++ dest="FileAVCS", ++ required=False, ++ default=None, ++ ) ++ parser.add_argument( ++ "-e", ++ "--container-engine", ++ type=str, ++ help="Specify which container engine is used for the inspected container (supports: {})".format( ++ ", ".join(ENGINE_ALL) ++ ), ++ dest="ContainerEngine", ++ required=False, ++ default="-", ++ ) ++ + args = parser.parse_args() + return vars(args) + +@@ -142,6 +251,13 @@ def get_args(): + def main(): + opts = get_args() + ++ # generate confined user policy ++ if "confined_user" in opts.keys(): ++ from udica.confined_user import create_confined_user_policy ++ ++ create_confined_user_policy(opts) ++ return ++ + if opts["ContainerID"]: + container_inspect_raw = None + for backend in [ENGINE_PODMAN, ENGINE_DOCKER]: +@@ -167,8 +283,6 @@ def main(): + + if opts["JsonFile"]: + if opts["JsonFile"] == "-": +- import sys +- + container_inspect_raw = sys.stdin.read() + else: + import os.path +@@ -182,8 +296,6 @@ def main(): + + if (not opts["JsonFile"]) and (not opts["ContainerID"]): + try: +- import sys +- + container_inspect_raw = sys.stdin.read() + except Exception as e: + print("Couldn't parse inspect data from stdin:", e) +diff --git a/udica/confined_user.py b/udica/confined_user.py +new file mode 100644 +index 0000000..bd92378 +--- /dev/null ++++ b/udica/confined_user.py +@@ -0,0 +1,134 @@ ++# Copyright (C) 2023 Vit Mojzis, ++# ++# This program is free software; you can redistribute it and/or ++# modify it under the terms of the GNU General Public License as ++# published by the Free Software Foundation; either version 2 of ++# the License, or (at your option) any later version. ++# ++# This program is distributed in the hope that it will be useful, ++# but WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++# GNU General Public License for more details. ++# ++# You should have received a copy of the GNU General Public License ++# along with this program. If not, see . ++ ++MACRO_CALLS = { ++ "admin_commands": ( ++ "(call confinedom_admin_commands_macro ({}))", ++ ("_t", "_r", "_sudo_t"), ++ ), ++ "graphical_login": ( ++ "(call confinedom_graphical_login_macro ({}))", ++ ("_t", "_r", "_dbus_t"), ++ ), ++ "mozilla_usage": ("(call confinedom_mozilla_usage_macro ({}))", ("_t", "_r")), ++ "networking": ("(call confinedom_networking_macro ({}))", ("_t", "_r")), ++ "security_advanced": ( ++ "(call confinedom_security_advanced_macro ({}))", ++ ("_t", "_r", "_sudo_t", "_userhelper_t"), ++ ), ++ "security_basic": ("(call confinedom_security_basic_macro ({}))", ("_t", "_r")), ++ "sudo": ( ++ "(call confinedom_sudo_macro ({}))", ++ ("_t", "_r", "_sudo_t", "_sudo_tmp_t"), ++ ), ++ "user_login": ( ++ "(call confinedom_user_login_macro ({}))", ++ ("_t", "_r", "_gkeyringd_t", "_dbus_t", "_exec_content"), ++ ), ++ "ssh_connect": ( ++ "(call confined_ssh_connect_macro ({}))", ++ ("_t", "_r", "_ssh_agent_t"), ++ ), ++ "basic_commands": ("(call confined_use_basic_commands_macro ({}))", ("_t", "_r")), ++} ++ ++TYPE_DEFS = { ++ "_t": "(type {}_t)", ++ "_r": "(role {}_r)", ++ "_dbus_t": "(type {}_dbus_t)", ++ "_gkeyringd_t": "(type {}_gkeyringd_t)", ++ "_ssh_agent_t": "(type {}_ssh_agent_t)", ++ "_sudo_t": "(type {}_sudo_t)", ++ "_sudo_tmp_t": "(type {}_sudo_tmp_t)", ++ "_userhelper_t": "(type {}_userhelper_t)", ++ "_exec_content": "(boolean {}_exec_content true)", ++} ++ ++ ++def create_confined_user_policy(opts): ++ # MCS/MLS range handling - needs to be separated into up-to 4 parts ++ # s0-s15:c0.c1023 -> (userrange {uname}_u ((s0 ) (s15 (range c0 c1023)))) ++ # s0:c0 -> (userrange {uname}_u ((s0 ) (s0 (c0)))) ++ mls_range = opts["range"] ++ mcs_range = "" ++ # separate MCS portion ++ if ":" in opts["range"]: ++ # s0:c0.c1023 ++ (mls_range, mcs_range) = opts["range"].split(":") ++ if "-" in mls_range: ++ # s0-s15 ++ (range_l, range_h) = mls_range.split("-") ++ else: ++ # s0 ++ range_l = mls_range ++ range_h = range_l ++ if mcs_range != "": ++ if "." in mcs_range: ++ # s0:c0.c1023 -> (userrange {uname}_u ((s0 ) (s0 (range c0 c1023)))) ++ (mcs_range_l, mcs_range_h) = mcs_range.split(".") ++ mcs_range = "(range {} {})".format(mcs_range_l, mcs_range_h) ++ else: ++ # s0:c0 -> (userrange {uname}_u ((s0 ) (s0 (c0)))) ++ mcs_range = "({})".format(mcs_range) ++ ++ range = "({} ) ({} {})".format(range_l, range_h, mcs_range) ++ ++ defs = set() ++ ++ policy = """ ++(user {uname}_u) ++(userrole {uname}_u {uname}_r) ++(userlevel {uname}_u ({level})) ++(userrange {uname}_u ({range})) ++""".format( ++ uname=opts["uname"], level=opts["level"], range=range ++ ) ++ ++ # process arguments determining which macros are to be used ++ for arg, value in opts.items(): ++ if not value or arg not in MACRO_CALLS.keys(): ++ continue ++ for param in MACRO_CALLS[arg][1]: ++ defs.add(TYPE_DEFS[param].format(opts["uname"])) ++ policy += "\n" + ( ++ MACRO_CALLS[arg][0].format( ++ " ".join([opts["uname"] + s for s in MACRO_CALLS[arg][1]]) ++ ) ++ ) ++ # print("{}: {}".format(arg, value)) ++ ++ policy = "\n".join(sorted(defs)) + policy ++ ++ with open("{}.cil".format(opts["uname"]), "w") as f: ++ f.write(policy) ++ ++ print("Created {}.cil".format(opts["uname"])) ++ print("Run the following commands to apply the new policy:") ++ print("Install the new policy module") ++ print( ++ "# semodule -i {}.cil /usr/share/udica/macros/confined_user_macros.cil".format( ++ opts["uname"] ++ ) ++ ) ++ print("Create a default context file for the new user") ++ print( ++ "# sed -e ’s|user|{}|g’ /etc/selinux/targeted/contexts/users/user_u > /etc/selinux/targeted/contexts/users/{}_u".format( ++ opts["uname"], opts["uname"] ++ ) ++ ) ++ print("Map the new selinux user to an existing user account") ++ print("# semanage login -a -s {}_u {}".format(opts["uname"], opts["uname"])) ++ print("Fix labels in the user's home directory") ++ print("# restorecon -RvF /home/{}".format(opts["uname"])) +diff --git a/udica/macros/confined_user_macros.cil b/udica/macros/confined_user_macros.cil +new file mode 100644 +index 0000000..ddb5689 +--- /dev/null ++++ b/udica/macros/confined_user_macros.cil +@@ -0,0 +1,4367 @@ ++(typeattribute login_confinedom) ++ ++(optional confined_transition_userdomain_optional ++ (typeattributeset cil_gen_require init_t) ++ (typeattributeset cil_gen_require xdm_t) ++ (typeattributeset cil_gen_require login_confinedom) ++ (typeattributeset cil_gen_require xsession_exec_t) ++ (allow xdm_t xsession_exec_t (file (ioctl read getattr map execute open))) ++ (allow xdm_t login_confinedom (process (transition))) ++ (allow login_confinedom xdm_t (fd (use))) ++ (allow login_confinedom xdm_t (fifo_file (ioctl read write getattr lock append open))) ++ (allow login_confinedom xdm_t (process (sigchld))) ++) ++ ++(optional confined_xsession_spec_domtrans_conf_users_optional ++ (typeattributeset cil_gen_require init_t) ++ (typeattributeset cil_gen_require xdm_t) ++ (typeattributeset cil_gen_require login_confinedom) ++ (allow init_t login_confinedom (process (transition))) ++) ++ ++(macro confinedom_admin_commands_macro ((type utype) (role urole) (type sudo_type)) ++ (optional confinedom_admin_commands_optional_2 ++ (roleattributeset cil_gen_require urole) ++ (roleattributeset cil_gen_require iptables_roles) ++ (typeattributeset cil_gen_require utype) ++ (typeattributeset cil_gen_require sudo_type) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset cil_gen_require usbmon_device_t) ++ (typeattributeset cil_gen_require device_t) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset cil_gen_require selinux_config_t) ++ (typeattributeset cil_gen_require policy_config_t) ++ (typeattributeset cil_gen_require etc_t) ++ (typeattributeset cil_gen_require modules_object_t) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset cil_gen_require files_unconfined_type) ++ (typeattributeset cil_gen_require init_var_run_t) ++ (typeattributeset cil_gen_require init_var_lib_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require var_lib_t) ++ (typeattributeset cil_gen_require init_t) ++ (typeattributeset cil_gen_require iptables_t) ++ (typeattributeset cil_gen_require iptables_exec_t) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require proc_t) ++ (typeattributeset cil_gen_require proc_net_t) ++ (typeattributeset cil_gen_require auditd_t) ++ (typeattributeset cil_gen_require auditd_etc_t) ++ (typeattributeset cil_gen_require auditd_log_t) ++ (typeattributeset cil_gen_require auditd_var_run_t) ++ (typeattributeset cil_gen_require auditd_initrc_exec_t) ++ (typeattributeset cil_gen_require auditd_unit_file_t) ++ (typeattributeset cil_gen_require auditctl_t) ++ (typeattributeset cil_gen_require auditctl_exec_t) ++ (typeattributeset cil_gen_require initrc_t) ++ (typeattributeset cil_gen_require initrc_transition_domain) ++ (typeattributeset cil_gen_require filesystem_type) ++ (typeattributeset cil_gen_require can_system_change) ++ (typeattributeset cil_gen_require systemd_systemctl_exec_t) ++ (typeattributeset cil_gen_require cgroup_t) ++ (typeattributeset cil_gen_require tmpfs_t) ++ (typeattributeset cil_gen_require sysfs_t) ++ (typeattributeset cil_gen_require efivarfs_t) ++ (typeattributeset cil_gen_require systemd_unit_file_type) ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require systemd_logind_var_run_t) ++ (typeattributeset cil_gen_require systemd_passwd_agent_t) ++ (typeattributeset cil_gen_require systemd_passwd_agent_exec_t) ++ (typeattributeset cil_gen_require systemd_passwd_var_run_t) ++ (typeattributeset cil_gen_require syslogd_t) ++ (typeattributeset cil_gen_require klogd_t) ++ (typeattributeset cil_gen_require syslog_conf_t) ++ (typeattributeset cil_gen_require syslogd_tmp_t) ++ (typeattributeset cil_gen_require syslogd_var_lib_t) ++ (typeattributeset cil_gen_require syslogd_var_run_t) ++ (typeattributeset cil_gen_require klogd_var_run_t) ++ (typeattributeset cil_gen_require klogd_tmp_t) ++ (typeattributeset cil_gen_require var_log_t) ++ (typeattributeset cil_gen_require syslogd_initrc_exec_t) ++ (typeattributeset cil_gen_require logfile) ++ (typeattributeset cil_gen_require user_home_dir_t) ++ (typeattributeset cil_gen_require user_home_t) ++ (typeattributeset cil_gen_require user_home_type) ++ (typeattributeset cil_gen_require home_root_t) ++ (typeattributeset cil_gen_require passwd_t) ++ (typeattributeset cil_gen_require passwd_exec_t) ++ (roleattributeset cil_gen_require iptables_roles) ++ (roleattributeset iptables_roles (urole )) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole auditctl_t) ++ (typeattributeset cil_gen_require initrc_transition_domain) ++ (typeattributeset initrc_transition_domain (utype )) ++ (typeattributeset cil_gen_require files_unconfined_type) ++ (typeattributeset files_unconfined_type (utype )) ++ (typeattributeset cil_gen_require can_system_change) ++ (typeattributeset can_system_change (utype )) ++ (allow utype self (capability (net_raw))) ++ (allow utype self (netlink_generic_socket (ioctl read write create getattr setattr lock append bind connect getopt setopt shutdown))) ++ (allow utype self (netlink_netfilter_socket (ioctl read write create getattr setattr lock append bind connect getopt setopt shutdown))) ++ (allow utype self (netlink_rdma_socket (ioctl read write create getattr setattr lock append bind connect getopt setopt shutdown))) ++ (allow utype self (packet_socket (ioctl read write create getattr setattr lock append bind connect getopt setopt shutdown))) ++ (allow utype self (packet_socket (map))) ++ (allow sudo_type utype (unix_stream_socket (connectto))) ++ (allow sudo_type self (bluetooth_socket (ioctl read write create getattr setattr lock append bind connect getopt setopt shutdown))) ++ (allow sudo_type self (capability (net_raw))) ++ (allow sudo_type self (netlink_generic_socket (ioctl read write create getattr setattr lock append bind connect getopt setopt shutdown))) ++ (allow sudo_type self (netlink_netfilter_socket (ioctl read write create getattr setattr lock append bind connect getopt setopt shutdown))) ++ (allow sudo_type self (netlink_rdma_socket (ioctl read write create getattr setattr lock append bind connect getopt setopt shutdown))) ++ (allow sudo_type self (packet_socket (ioctl read write create getattr setattr lock append bind connect getopt setopt shutdown))) ++ (allow sudo_type self (packet_socket (map))) ++ (allow utype domain (process (getattr))) ++ (allow utype usbmon_device_t (chr_file (map))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype usbmon_device_t (chr_file (ioctl read getattr lock open))) ++ (allow sudo_type non_auth_file_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type non_auth_file_type (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow sudo_type non_auth_file_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type non_auth_file_type (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow sudo_type non_auth_file_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type non_auth_file_type (lnk_file (ioctl read write create getattr setattr lock append unlink link rename watch watch_reads))) ++ (allow sudo_type non_auth_file_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type non_auth_file_type (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow sudo_type non_auth_file_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type non_auth_file_type (sock_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow sudo_type etc_t (dir (getattr open search))) ++ (allow sudo_type selinux_config_t (dir (getattr open search))) ++ (allow sudo_type policy_config_t (dir (ioctl write getattr lock open add_name search))) ++ (allow sudo_type policy_config_t (file (create getattr open))) ++ (allow sudo_type policy_config_t (dir (getattr open search))) ++ (allow sudo_type policy_config_t (file (ioctl write getattr lock append open))) ++ (allow sudo_type modules_object_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type modules_object_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow sudo_type file_type (dir (ioctl read getattr lock open search))) ++ (allow sudo_type file_type (dir (getattr open search))) ++ (allow sudo_type file_type (lnk_file (read getattr))) ++ (allow sudo_type init_var_run_t (dir (ioctl read getattr lock open search))) ++ (allow sudo_type init_var_run_t (dir (ioctl write getattr lock open add_name search))) ++ (allow sudo_type init_var_run_t (dir (create getattr))) ++ (allow sudo_type var_t (dir (getattr open search))) ++ (allow sudo_type var_lib_t (dir (getattr open search))) ++ (allow sudo_type init_var_lib_t (dir (getattr open search))) ++ (allow sudo_type init_var_lib_t (file (ioctl read getattr map open))) ++ (allow sudo_type init_t (dir (getattr open search))) ++ (allow sudo_type init_t (file (ioctl read getattr lock open))) ++ (allow sudo_type init_t (lnk_file (read getattr))) ++ (allow sudo_type init_var_run_t (sock_file (write))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (lnk_file (read getattr))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype iptables_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype iptables_t (process (transition))) ++ (typetransition utype iptables_exec_t process iptables_t) ++ (allow iptables_t utype (fd (use))) ++ (allow iptables_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow iptables_t utype (process (sigchld))) ++ (allow utype iptables_exec_t (file (map))) ++ (allow sudo_type proc_t (dir (getattr open search))) ++ (allow sudo_type proc_net_t (dir (getattr open search))) ++ (allow sudo_type proc_net_t (file (ioctl read getattr lock open))) ++ (allow sudo_type proc_t (dir (getattr open search))) ++ (allow sudo_type proc_net_t (dir (getattr open search))) ++ (allow sudo_type proc_net_t (lnk_file (read getattr))) ++ (allow sudo_type proc_t (dir (getattr open search))) ++ (allow sudo_type proc_net_t (dir (ioctl read getattr lock open search))) ++ (allow utype auditd_t (process (sigchld sigkill sigstop signull signal))) ++ (allow utype auditd_t (dir (ioctl read getattr lock open search))) ++ (allow utype auditd_t (file (ioctl read getattr lock open))) ++ (allow utype auditd_t (lnk_file (read getattr))) ++ (allow utype auditd_t (process (getattr))) ++ (allow utype auditd_etc_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype auditd_etc_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype auditd_etc_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype auditd_etc_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype auditd_log_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype auditd_log_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype auditd_log_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype auditd_log_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype auditd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype auditd_var_run_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype auditd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype auditd_var_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype auditctl_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype auditctl_t (process (transition))) ++ (typetransition utype auditctl_exec_t process auditctl_t) ++ (allow auditctl_t utype (fd (use))) ++ (allow auditctl_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow auditctl_t utype (process (sigchld))) ++ (allow utype filesystem_type (dir (getattr open search))) ++ (allow utype auditd_initrc_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype initrc_t (process (transition))) ++ (typetransition utype auditd_initrc_exec_t process initrc_t) ++ (allow initrc_t utype (fd (use))) ++ (allow initrc_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow initrc_t utype (process (sigchld))) ++ (allow utype auditd_initrc_exec_t (file (ioctl))) ++ (allow utype etc_t (dir (getattr open search))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (lnk_file (read getattr))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype systemd_systemctl_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype cgroup_t (dir (getattr open search))) ++ (allow utype cgroup_t (dir (ioctl read getattr lock open search))) ++ (allow utype tmpfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype cgroup_t (dir (getattr open search))) ++ (allow utype cgroup_t (file (ioctl read getattr lock open))) ++ (allow utype cgroup_t (dir (getattr open search))) ++ (allow utype cgroup_t (lnk_file (read getattr))) ++ (allow utype tmpfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype efivarfs_t (dir (getattr open search))) ++ (allow utype efivarfs_t (file (ioctl read getattr lock open))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_lib_t (dir (getattr open search))) ++ (allow utype systemd_unit_file_type (dir (ioctl read getattr lock open search))) ++ (allow utype init_var_run_t (dir (ioctl read getattr lock open search))) ++ (allow utype init_t (dir (getattr open search))) ++ (allow utype init_t (file (ioctl read getattr lock open))) ++ (allow utype init_t (lnk_file (read getattr))) ++ (allow utype init_t (unix_stream_socket (sendto))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype init_var_run_t (dir (getattr open search))) ++ (allow utype init_var_run_t (sock_file (write getattr append open))) ++ (allow utype init_t (unix_stream_socket (connectto))) ++ (allow utype init_t (unix_stream_socket (getattr))) ++ (dontaudit utype self (process (setrlimit))) ++ (dontaudit utype self (capability (sys_resource))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (dir (ioctl read getattr lock open search))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (file (ioctl read getattr lock open))) ++ (allow utype systemd_passwd_agent_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype init_var_run_t (dir (getattr open search))) ++ (allow utype systemd_passwd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype systemd_passwd_var_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype systemd_passwd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype systemd_passwd_var_run_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype systemd_passwd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype systemd_passwd_var_run_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow systemd_passwd_agent_t utype (process (signull))) ++ (allow systemd_passwd_agent_t utype (unix_dgram_socket (sendto))) ++ (dontaudit utype self (capability (net_admin sys_ptrace))) ++ (allow utype auditd_unit_file_t (file (ioctl read getattr lock open))) ++ (allow utype auditd_unit_file_t (service (start stop status reload enable disable))) ++ (allow utype auditd_t (dir (ioctl read getattr lock open search))) ++ (allow utype auditd_t (file (ioctl read getattr lock open))) ++ (allow utype auditd_t (lnk_file (read getattr))) ++ (allow utype auditd_t (process (getattr))) ++ (allow utype auditd_unit_file_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype auditd_unit_file_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype auditd_unit_file_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype auditd_unit_file_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype auditd_unit_file_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype auditd_unit_file_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename watch watch_reads))) ++ (allow utype auditd_unit_file_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype auditd_unit_file_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype auditd_unit_file_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype auditd_unit_file_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype auditd_unit_file_t (dir (getattr open search))) ++ (allow utype auditd_unit_file_t (dir (getattr relabelfrom relabelto))) ++ (allow utype auditd_unit_file_t (dir (getattr open search))) ++ (allow utype auditd_unit_file_t (file (getattr relabelfrom relabelto))) ++ (allow utype auditd_unit_file_t (dir (getattr open search))) ++ (allow utype auditd_unit_file_t (lnk_file (getattr relabelfrom relabelto))) ++ (allow utype auditd_unit_file_t (dir (getattr open search))) ++ (allow utype auditd_unit_file_t (fifo_file (getattr relabelfrom relabelto))) ++ (allow utype auditd_unit_file_t (dir (getattr open search))) ++ (allow utype auditd_unit_file_t (sock_file (getattr relabelfrom relabelto))) ++ (allow utype auditd_unit_file_t (service (start stop status reload enable disable))) ++ (allow utype self (capability2 (syslog))) ++ (allow utype syslogd_t (process (sigchld sigkill sigstop signull signal))) ++ (allow utype klogd_t (process (sigchld sigkill sigstop signull signal))) ++ (allow utype syslogd_t (dir (ioctl read getattr lock open search))) ++ (allow utype syslogd_t (file (ioctl read getattr lock open))) ++ (allow utype syslogd_t (lnk_file (read getattr))) ++ (allow utype syslogd_t (process (getattr))) ++ (allow utype klogd_t (dir (ioctl read getattr lock open search))) ++ (allow utype klogd_t (file (ioctl read getattr lock open))) ++ (allow utype klogd_t (lnk_file (read getattr))) ++ (allow utype klogd_t (process (getattr))) ++ (allow utype klogd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype klogd_var_run_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype klogd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype klogd_var_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype klogd_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype klogd_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype klogd_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype klogd_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype syslogd_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype syslogd_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype syslogd_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype syslogd_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype syslog_conf_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype syslog_conf_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype syslog_conf_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype syslog_conf_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype etc_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (typetransition utype etc_t file syslog_conf_t) ++ (allow utype syslogd_var_lib_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype syslogd_var_lib_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype syslogd_var_lib_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype syslogd_var_lib_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype syslogd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype syslogd_var_run_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype syslogd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype syslogd_var_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype logfile (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype logfile (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype logfile (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype logfile (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype logfile (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype logfile (lnk_file (ioctl read write create getattr setattr lock append unlink link rename watch watch_reads))) ++ (allow utype logfile (file (map))) ++ (allow utype logfile (dir (getattr relabelfrom relabelto))) ++ (allow utype logfile (file (getattr relabelfrom relabelto))) ++ (allow utype filesystem_type (dir (getattr open search))) ++ (allow utype syslogd_initrc_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype initrc_t (process (transition))) ++ (typetransition utype syslogd_initrc_exec_t process initrc_t) ++ (allow initrc_t utype (fd (use))) ++ (allow initrc_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow initrc_t utype (process (sigchld))) ++ (allow utype syslogd_initrc_exec_t (file (ioctl))) ++ (allow utype etc_t (dir (getattr open search))) ++ (allow sudo_type home_root_t (dir (ioctl read getattr lock open search))) ++ (allow sudo_type home_root_t (lnk_file (read getattr))) ++ (allow sudo_type user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type user_home_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type user_home_type (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow sudo_type user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type user_home_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type user_home_type (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow sudo_type user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type user_home_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type user_home_type (lnk_file (ioctl read write create getattr setattr lock append unlink link rename watch watch_reads))) ++ (allow sudo_type user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type user_home_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type user_home_type (sock_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow sudo_type user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type user_home_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type user_home_type (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow sudo_type user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (typetransition sudo_type user_home_dir_t fifo_file user_home_t) ++ (typetransition sudo_type user_home_dir_t sock_file user_home_t) ++ (typetransition sudo_type user_home_dir_t lnk_file user_home_t) ++ (typetransition sudo_type user_home_dir_t dir user_home_t) ++ (typetransition sudo_type user_home_dir_t file user_home_t) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (lnk_file (read getattr))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type passwd_exec_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type passwd_t (process (transition))) ++ (typetransition sudo_type passwd_exec_t process passwd_t) ++ (allow passwd_t sudo_type (fd (use))) ++ (allow passwd_t sudo_type (fifo_file (ioctl read write getattr lock append))) ++ (allow passwd_t sudo_type (process (sigchld))) ++ (roletransition urole syslogd_initrc_exec_t process system_r) ++ (roletransition urole auditd_initrc_exec_t process system_r) ++ (roleallow urole system_r) ++ (roleallow urole system_r) ++ (booleanif (deny_ptrace) ++ (false ++ (allow utype auditd_t (process (ptrace))) ++ (allow utype klogd_t (process (ptrace))) ++ (allow utype syslogd_t (process (ptrace))) ++ ) ++ ) ++ (optional confinedom_admin_commands_optional_3 ++ (typeattributeset cil_gen_require tuned_t) ++ (allow utype tuned_t (dbus (send_msg))) ++ (allow tuned_t utype (dbus (send_msg))) ++ ) ++ (optional confinedom_admin_commands_optional_4 ++ (roleattributeset cil_gen_require wireshark_roles) ++ (typeattributeset cil_gen_require user_home_dir_t) ++ (typeattributeset cil_gen_require home_root_t) ++ (typeattributeset cil_gen_require wireshark_t) ++ (typeattributeset cil_gen_require wireshark_exec_t) ++ (typeattributeset cil_gen_require wireshark_home_t) ++ (typeattributeset cil_gen_require wireshark_tmp_t) ++ (typeattributeset cil_gen_require wireshark_tmpfs_t) ++ (roleattributeset cil_gen_require wireshark_roles) ++ (roleattributeset wireshark_roles (urole )) ++ (allow utype wireshark_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype wireshark_t (process (transition))) ++ (typetransition utype wireshark_exec_t process wireshark_t) ++ (allow wireshark_t utype (fd (use))) ++ (allow wireshark_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow wireshark_t utype (process (sigchld))) ++ (allow utype wireshark_t (process (sigchld sigkill sigstop signull signal ptrace))) ++ (allow utype wireshark_t (dir (ioctl read getattr lock open search))) ++ (allow utype wireshark_t (file (ioctl read getattr lock open))) ++ (allow utype wireshark_t (lnk_file (read getattr))) ++ (allow utype wireshark_t (process (getattr))) ++ (allow utype wireshark_home_t (dir (ioctl read write create getattr setattr lock relabelfrom relabelto unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype wireshark_tmp_t (dir (ioctl read write create getattr setattr lock relabelfrom relabelto unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype wireshark_tmpfs_t (dir (ioctl read write create getattr setattr lock relabelfrom relabelto unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype wireshark_home_t (file (ioctl read write create getattr setattr lock relabelfrom relabelto append unlink link rename open watch watch_reads))) ++ (allow utype wireshark_tmp_t (file (ioctl read write create getattr setattr lock relabelfrom relabelto append unlink link rename open watch watch_reads))) ++ (allow utype wireshark_tmpfs_t (file (ioctl read write create getattr setattr lock relabelfrom relabelto append unlink link rename open watch watch_reads))) ++ (allow utype wireshark_home_t (lnk_file (ioctl read write create getattr setattr lock relabelfrom relabelto append unlink link rename watch watch_reads))) ++ (allow utype wireshark_tmpfs_t (lnk_file (ioctl read write create getattr setattr lock relabelfrom relabelto append unlink link rename watch watch_reads))) ++ (allow utype wireshark_tmpfs_t (sock_file (ioctl read write create getattr setattr lock relabelfrom relabelto append unlink link rename open))) ++ (allow utype wireshark_tmpfs_t (fifo_file (ioctl read write create getattr setattr lock relabelfrom relabelto append unlink link rename open))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype wireshark_t (shm (getattr read write associate unix_read unix_write lock))) ++ (typetransition utype user_home_dir_t dir ".wireshark" wireshark_home_t) ++ ) ++ ) ++) ++ ++(macro confinedom_graphical_login_macro ((type utype) (role urole) (type dbusd_type)) ++ ++ (optional confinedom_graphical_login_optional_2 ++ (roleattributeset cil_gen_require urole) ++ (typeattributeset cil_gen_require utype) ++ (typeattributeset cil_gen_require user_tmpfs_t) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require usr_t) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset cil_gen_require port_type) ++ (typeattributeset cil_gen_require device_t) ++ (typeattributeset cil_gen_require sound_device_t) ++ (typeattributeset cil_gen_require event_device_t) ++ (typeattributeset cil_gen_require v4l_device_t) ++ (typeattributeset cil_gen_require wireless_device_t) ++ (typeattributeset cil_gen_require configfile) ++ (typeattributeset cil_gen_require etc_t) ++ (typeattributeset cil_gen_require home_root_t) ++ (typeattributeset cil_gen_require lib_t) ++ (typeattributeset cil_gen_require var_lib_t) ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require tmp_t) ++ (typeattributeset cil_gen_require init_t) ++ (typeattributeset cil_gen_require usbfs_t) ++ (typeattributeset cil_gen_require usb_device_t) ++ (typeattributeset cil_gen_require noxattrfs) ++ (typeattributeset cil_gen_require dosfs_t) ++ (typeattributeset cil_gen_require removable_device_t) ++ (typeattributeset cil_gen_require proc_t) ++ (typeattributeset cil_gen_require sysctl_t) ++ (typeattributeset cil_gen_require sysctl_dev_t) ++ (typeattributeset cil_gen_require fonts_t) ++ (typeattributeset cil_gen_require locale_t) ++ (typeattributeset cil_gen_require mount_t) ++ (typeattributeset cil_gen_require selinux_config_t) ++ (typeattributeset cil_gen_require default_context_t) ++ (typeattributeset cil_gen_require fuse_device_t) ++ (typeattributeset cil_gen_require user_tmp_t) ++ (typeattributeset cil_gen_require user_home_t) ++ (typeattributeset cil_gen_require user_home_dir_t) ++ (typeattributeset cil_gen_require user_home_type) ++ (typeattributeset cil_gen_require userdom_filetrans_type) ++ (typeattributeset cil_gen_require nfs_t) ++ (typeattributeset cil_gen_require autofs_t) ++ (typeattributeset cil_gen_require cifs_t) ++ (typeattributeset cil_gen_require xauth_t) ++ (typeattributeset cil_gen_require iceauth_t) ++ (typeattributeset cil_gen_require dridomain) ++ (typeattributeset cil_gen_require x_userdomain) ++ (typeattributeset cil_gen_require root_xdrawable_t) ++ (typeattributeset cil_gen_require xdm_t) ++ (typeattributeset cil_gen_require xserver_t) ++ (typeattributeset cil_gen_require xproperty_t) ++ (typeattributeset cil_gen_require user_xproperty_t) ++ (typeattributeset cil_gen_require xevent_t) ++ (typeattributeset cil_gen_require client_xevent_t) ++ (typeattributeset cil_gen_require input_xevent_t) ++ (typeattributeset cil_gen_require user_input_xevent_t) ++ (typeattributeset cil_gen_require x_domain) ++ (typeattributeset cil_gen_require input_xevent_type) ++ (typeattributeset cil_gen_require xdrawable_type) ++ (typeattributeset cil_gen_require xcolormap_type) ++ (typeattributeset cil_gen_require xdm_var_run_t) ++ (typeattributeset cil_gen_require tmpfs_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require userdomain) ++ (typeattributeset cil_gen_require xdm_log_t) ++ (typeattributeset cil_gen_require xdmhomewriter) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole user_home_dir_t) ++ (roletype urole user_home_type) ++ (roletype urole xauth_t) ++ (roletype urole iceauth_t) ++ (typeattributeset cil_gen_require xcolormap_type) ++ (typeattributeset xcolormap_type (utype )) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset file_type (bin_t usr_t )) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset non_security_file_type (bin_t usr_t )) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset exec_type (bin_t usr_t )) ++ (typeattributeset cil_gen_require xdmhomewriter) ++ (typeattributeset xdmhomewriter (utype )) ++ (typeattributeset cil_gen_require xdrawable_type) ++ (typeattributeset xdrawable_type (utype )) ++ (typeattributeset cil_gen_require userdom_filetrans_type) ++ (typeattributeset userdom_filetrans_type (utype )) ++ (typeattributeset cil_gen_require x_domain) ++ (typeattributeset x_domain (utype )) ++ (typeattributeset cil_gen_require x_userdomain) ++ (typeattributeset x_userdomain (utype )) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset entry_type (bin_t usr_t )) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset non_auth_file_type (bin_t usr_t )) ++ (typeattributeset cil_gen_require dridomain) ++ (typeattributeset dridomain (utype )) ++ (allow utype bin_t (file (entrypoint))) ++ (allow utype bin_t (file (ioctl read getattr lock map execute open))) ++ (allow utype usr_t (file (entrypoint))) ++ (allow utype usr_t (file (ioctl read getattr lock map execute open))) ++ (allow utype port_type (tcp_socket (name_connect))) ++ (allow utype utype (process (getattr setrlimit execmem))) ++ (allow utype utype (system (ipc_info syslog_read syslog_mod syslog_console module_request module_load halt reboot status start stop enable disable reload undefined))) ++ (allow utype utype (netlink_kobject_uevent_socket (read))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype sound_device_t (chr_file (ioctl write getattr lock append open))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype sound_device_t (chr_file (ioctl read getattr lock open))) ++ (allow utype sound_device_t (chr_file (map))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype event_device_t (chr_file (ioctl read write getattr lock append))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype v4l_device_t (chr_file (ioctl read getattr lock open))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype v4l_device_t (chr_file (ioctl write getattr lock append open))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype wireless_device_t (chr_file (ioctl read write getattr lock append open))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype device_t (dir (getattr watch))) ++ (allow utype configfile (dir (ioctl read getattr lock open search))) ++ (allow utype configfile (dir (getattr open search))) ++ (allow utype configfile (file (ioctl read getattr lock open))) ++ (allow utype configfile (dir (getattr open search))) ++ (allow utype configfile (lnk_file (read getattr))) ++ (allow utype etc_t (dir (getattr watch))) ++ (allow utype home_root_t (dir (getattr watch))) ++ (allow utype lib_t (dir (getattr watch))) ++ (allow utype usr_t (dir (getattr watch))) ++ (allow utype usr_t (file (getattr watch))) ++ (allow utype var_lib_t (dir (getattr open search))) ++ (allow utype var_lib_t (dir (getattr watch))) ++ (allow utype var_run_t (dir (getattr watch))) ++ (allow utype tmp_t (dir (getattr watch))) ++ (allow utype init_t (unix_stream_socket (ioctl read write getattr setattr lock append bind connect listen accept getopt setopt shutdown))) ++ (allow utype proc_t (dir (getattr open search))) ++ (allow utype sysctl_t (dir (getattr open search))) ++ (allow utype sysctl_dev_t (dir (getattr open search))) ++ (allow utype sysctl_dev_t (file (ioctl read getattr lock open))) ++ (allow utype proc_t (dir (getattr open search))) ++ (allow utype sysctl_t (dir (getattr open search))) ++ (allow utype sysctl_dev_t (dir (ioctl read getattr lock open search))) ++ (allow utype fonts_t (dir (getattr watch))) ++ (allow utype locale_t (dir (getattr open search))) ++ (allow utype locale_t (lnk_file (getattr watch))) ++ (allow utype mount_t (process (signal))) ++ (allow utype etc_t (dir (getattr open search))) ++ (allow utype selinux_config_t (dir (getattr open search))) ++ (allow utype default_context_t (dir (ioctl read getattr lock open search))) ++ (allow utype default_context_t (dir (getattr open search))) ++ (allow utype default_context_t (file (ioctl read getattr lock open))) ++ (allow utype fuse_device_t (chr_file (ioctl read write getattr lock append open))) ++ (allow utype user_tmp_t (file (execute))) ++ (typemember utype user_home_dir_t dir user_home_dir_t) ++ (allow utype user_home_t (dir (mounton))) ++ (allow utype user_home_t (file (entrypoint))) ++ (allow utype user_home_type (file (relabelfrom relabelto))) ++ (allow utype user_home_type (dir (relabelfrom relabelto))) ++ (allow utype user_home_type (lnk_file (relabelfrom relabelto))) ++ (allow utype user_home_type (chr_file (relabelfrom relabelto))) ++ (allow utype user_home_type (blk_file (relabelfrom relabelto))) ++ (allow utype user_home_type (sock_file (relabelfrom relabelto))) ++ (allow utype user_home_type (fifo_file (relabelfrom relabelto))) ++ (allow utype user_home_dir_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (lnk_file (ioctl read write create getattr setattr lock append unlink link rename watch watch_reads))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (sock_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype user_home_dir_t (dir (getattr open search))) ++ (allow utype user_home_type (dir (getattr open search))) ++ (allow utype user_home_type (dir (getattr relabelfrom relabelto))) ++ (allow utype user_home_dir_t (dir (getattr open search))) ++ (allow utype user_home_type (dir (getattr open search))) ++ (allow utype user_home_type (file (getattr relabelfrom relabelto))) ++ (allow utype user_home_dir_t (dir (getattr open search))) ++ (allow utype user_home_type (dir (getattr open search))) ++ (allow utype user_home_type (lnk_file (getattr relabelfrom relabelto))) ++ (allow utype user_home_dir_t (dir (getattr open search))) ++ (allow utype user_home_type (dir (getattr open search))) ++ (allow utype user_home_type (sock_file (getattr relabelfrom relabelto))) ++ (allow utype user_home_dir_t (dir (getattr open search))) ++ (allow utype user_home_type (dir (getattr open search))) ++ (allow utype user_home_type (fifo_file (getattr relabelfrom relabelto))) ++ (allow utype home_root_t (dir (ioctl read getattr lock open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write create getattr setattr lock relabelfrom relabelto unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype user_home_dir_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (typetransition utype root_xdrawable_t x_drawable utype) ++ (typetransition utype input_xevent_t x_event user_input_xevent_t) ++ (allow utype user_input_xevent_t (x_event (send))) ++ (allow utype user_input_xevent_t (x_synthetic_event (send))) ++ (allow utype user_input_xevent_t (x_event (receive))) ++ (allow utype user_input_xevent_t (x_synthetic_event (receive))) ++ (allow utype client_xevent_t (x_event (receive))) ++ (allow utype client_xevent_t (x_synthetic_event (receive))) ++ (allow utype xevent_t (x_event (send receive))) ++ (allow utype xevent_t (x_synthetic_event (send receive))) ++ (dontaudit utype input_xevent_type (x_event (send))) ++ (allow utype xdm_t (x_drawable (read add_child manage hide))) ++ (allow utype xdm_t (x_client (destroy))) ++ (allow utype root_xdrawable_t (x_drawable (write))) ++ (allow utype xserver_t (x_server (manage))) ++ (allow utype xserver_t (x_screen (saver_setattr saver_hide saver_show show_cursor hide_cursor))) ++ (allow utype xserver_t (x_pointer (get_property set_property manage))) ++ (allow utype xserver_t (x_keyboard (read manage freeze))) ++ (allow utype tmpfs_t (dir (getattr open search))) ++ (allow utype tmp_t (dir (getattr open search))) ++ (allow utype tmp_t (lnk_file (read getattr))) ++ (allow utype tmp_t (dir (getattr open search))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype xdm_var_run_t (dir (getattr open search))) ++ (allow utype xdm_var_run_t (sock_file (write getattr append open))) ++ (allow utype xdm_t (unix_stream_socket (connectto))) ++ (allow utype user_tmp_t (dir (getattr open search))) ++ (allow utype user_tmp_t (sock_file (write getattr append open))) ++ (allow utype userdomain (unix_stream_socket (connectto))) ++ (allow utype xdm_log_t (file (getattr append))) ++ (booleanif (use_samba_home_dirs) ++ (true ++ (allow utype cifs_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype cifs_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype cifs_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype cifs_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype cifs_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename watch watch_reads))) ++ (allow utype cifs_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype cifs_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype cifs_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype cifs_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype cifs_t (dir (mounton))) ++ (allow utype cifs_t (filesystem (mount))) ++ ) ++ ) ++ (booleanif (use_nfs_home_dirs) ++ (true ++ (allow utype nfs_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype nfs_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype nfs_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype nfs_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype nfs_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename watch watch_reads))) ++ (allow utype nfs_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype autofs_t (dir (getattr open search))) ++ (allow utype nfs_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype nfs_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype autofs_t (dir (getattr open search))) ++ (allow utype nfs_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype autofs_t (dir (getattr open search))) ++ (allow utype nfs_t (dir (mounton))) ++ (allow utype nfs_t (filesystem (mount))) ++ ) ++ ) ++ (booleanif (selinuxuser_rw_noexattrfile) ++ (true ++ (allow utype removable_device_t (blk_file (ioctl write getattr lock append open))) ++ (allow utype device_t (lnk_file (read getattr))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype device_t (dir (ioctl read getattr lock open search))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype removable_device_t (blk_file (ioctl read getattr lock open))) ++ (allow utype device_t (lnk_file (read getattr))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype device_t (dir (ioctl read getattr lock open search))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype dosfs_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype dosfs_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype dosfs_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype dosfs_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype noxattrfs (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype noxattrfs (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype noxattrfs (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype usb_device_t (chr_file (ioctl read write getattr lock append open))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype usbfs_t (lnk_file (read getattr))) ++ (allow utype usbfs_t (dir (getattr open search))) ++ (allow utype usbfs_t (file (ioctl read write getattr lock append open))) ++ (allow utype usbfs_t (dir (getattr open search))) ++ (allow utype usbfs_t (dir (ioctl read getattr lock open search))) ++ (allow utype usbfs_t (dir (getattr open search))) ++ ) ++ ) ++ (optional confinedom_graphical_login_optional_3 ++ (typeattributeset cil_gen_require var_lib_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require alsa_var_lib_t) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_lib_t (dir (getattr open search))) ++ (allow utype alsa_var_lib_t (dir (getattr open search))) ++ (allow utype alsa_var_lib_t (file (ioctl read getattr lock open))) ++ ) ++ (optional confinedom_graphical_login_optional_4 ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require fwupd_cache_t) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype fwupd_cache_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype fwupd_cache_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ ) ++ (optional confinedom_graphical_login_optional_5 ++ ;(type dbusd_type) ++ (roletype object_r dbusd_type) ++ (typeattributeset cil_gen_require utype) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require usr_t) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset cil_gen_require device_t) ++ (typeattributeset cil_gen_require var_lib_t) ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require system_dbusd_t) ++ (typeattributeset cil_gen_require session_dbusd_tmp_t) ++ (typeattributeset cil_gen_require dbusd_unconfined) ++ (typeattributeset cil_gen_require session_bus_type) ++ (typeattributeset cil_gen_require dbusd_exec_t) ++ (typeattributeset cil_gen_require dbusd_etc_t) ++ (typeattributeset cil_gen_require application_domain_type) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset cil_gen_require corenet_unlabeled_type) ++ (typeattributeset cil_gen_require application_exec_type) ++ (typeattributeset cil_gen_require ubac_constrained_type) ++ (typeattributeset cil_gen_require kernel_system_state_reader) ++ (typeattributeset cil_gen_require security_t) ++ (typeattributeset cil_gen_require sysfs_t) ++ (typeattributeset cil_gen_require userdom_home_manager_type) ++ (typeattributeset cil_gen_require shell_exec_t) ++ (typeattributeset cil_gen_require nsswitch_domain) ++ (typeattributeset cil_gen_require netlabel_peer_type) ++ (typeattributeset cil_gen_require syslog_client_type) ++ (typeattributeset cil_gen_require system_dbusd_var_run_t) ++ (typeattributeset cil_gen_require system_dbusd_var_lib_t) ++ (typeattributeset cil_gen_require urandom_device_t) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole dbusd_type) ++ (typeattributeset cil_gen_require netlabel_peer_type) ++ (typeattributeset netlabel_peer_type (dbusd_type )) ++ (typeattributeset cil_gen_require corenet_unlabeled_type) ++ (typeattributeset corenet_unlabeled_type (dbusd_type )) ++ (typeattributeset cil_gen_require syslog_client_type) ++ (typeattributeset syslog_client_type (dbusd_type )) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset file_type (dbusd_exec_t )) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset non_security_file_type (dbusd_exec_t )) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset exec_type (dbusd_exec_t )) ++ (typeattributeset cil_gen_require application_domain_type) ++ (typeattributeset application_domain_type (dbusd_type )) ++ (typeattributeset cil_gen_require userdom_home_manager_type) ++ (typeattributeset userdom_home_manager_type (dbusd_type )) ++ (typeattributeset cil_gen_require ubac_constrained_type) ++ (typeattributeset ubac_constrained_type (dbusd_type )) ++ (typeattributeset cil_gen_require kernel_system_state_reader) ++ (typeattributeset kernel_system_state_reader (dbusd_type )) ++ (typeattributeset cil_gen_require application_exec_type) ++ (typeattributeset application_exec_type (dbusd_exec_t )) ++ (typeattributeset cil_gen_require nsswitch_domain) ++ (typeattributeset nsswitch_domain (dbusd_type )) ++ (typeattributeset cil_gen_require session_bus_type) ++ (typeattributeset session_bus_type (dbusd_type )) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset entry_type (dbusd_exec_t )) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset non_auth_file_type (dbusd_exec_t )) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset domain (dbusd_type )) ++ (allow utype system_dbusd_t (dbus (acquire_svc))) ++ (allow utype session_dbusd_tmp_t (dir (ioctl write getattr lock open add_name search))) ++ (allow utype session_dbusd_tmp_t (sock_file (create getattr setattr open))) ++ (allow dbusd_type dbusd_exec_t (file (entrypoint))) ++ (allow dbusd_type dbusd_exec_t (file (ioctl read getattr lock map execute open))) ++ (allow dbusd_type security_t (lnk_file (read getattr))) ++ (allow dbusd_type sysfs_t (filesystem (getattr))) ++ (allow dbusd_type sysfs_t (dir (getattr open search))) ++ (allow dbusd_type sysfs_t (dir (getattr open search))) ++ (allow dbusd_type security_t (filesystem (getattr))) ++ (allow utype dbusd_type (unix_stream_socket (ioctl read write create getattr setattr lock append bind connect listen accept getopt setopt shutdown connectto))) ++ (allow dbusd_type utype (unix_stream_socket (read write getattr accept getopt))) ++ (allow dbusd_type utype (unix_dgram_socket (sendto))) ++ (allow utype dbusd_type (dbus (acquire_svc send_msg))) ++ (allow dbusd_unconfined dbusd_type (dbus (acquire_svc send_msg))) ++ (allow utype system_dbusd_t (dbus (acquire_svc send_msg))) ++ (allow utype dbusd_type (process (noatsecure siginh rlimitinh))) ++ (allow dbusd_type utype (dbus (send_msg))) ++ (allow utype dbusd_type (dbus (send_msg))) ++ (allow dbusd_type utype (system (start reload))) ++ (allow dbusd_type session_dbusd_tmp_t (service (start stop))) ++ (allow utype session_dbusd_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype session_dbusd_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow dbusd_type dbusd_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype dbusd_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype dbusd_type (process (transition))) ++ ;(typetransition utype dbusd_exec_t process dbusd_type) ++ (allow dbusd_type utype (fd (use))) ++ (allow dbusd_type utype (fifo_file (ioctl read write getattr lock append))) ++ (allow dbusd_type utype (process (sigchld))) ++ (allow utype dbusd_type (dir (ioctl read getattr lock open search))) ++ (allow utype dbusd_type (file (ioctl read getattr lock open))) ++ (allow utype dbusd_type (lnk_file (read getattr))) ++ (allow utype dbusd_type (process (getattr))) ++ (allow utype dbusd_type (process (sigchld sigkill sigstop signull signal))) ++ (allow dbusd_type bin_t (dir (getattr open search))) ++ (allow dbusd_type bin_t (lnk_file (read getattr))) ++ (allow dbusd_type bin_t (file (ioctl read getattr map execute open))) ++ (allow dbusd_type utype (process (transition))) ++ (allow dbusd_type usr_t (dir (getattr open search))) ++ (allow dbusd_type usr_t (lnk_file (read getattr))) ++ (allow dbusd_type usr_t (file (ioctl read getattr map execute open))) ++ (allow dbusd_type utype (process (transition))) ++ (typetransition dbusd_type bin_t process utype) ++ (typetransition dbusd_type usr_t process utype) ++ (allow dbusd_type bin_t (dir (getattr open search))) ++ (allow dbusd_type bin_t (dir (ioctl read getattr lock open search))) ++ (allow dbusd_type bin_t (dir (getattr open search))) ++ (allow dbusd_type bin_t (lnk_file (read getattr))) ++ (allow dbusd_type shell_exec_t (file (ioctl read getattr map execute open))) ++ (allow dbusd_type utype (process (transition))) ++ (typetransition dbusd_type shell_exec_t process utype) ++ (allow dbusd_type utype (process (sigkill))) ++ (allow utype dbusd_type (fd (use))) ++ (allow utype dbusd_type (fifo_file (ioctl read write getattr lock append open))) ++ (allow dbusd_type file_type (service (start stop status reload enable disable))) ++ (dontaudit dbusd_type self (capability (net_admin))) ++ (allow utype system_dbusd_t (dbus (send_msg))) ++ (allow utype self (dbus (send_msg))) ++ (allow system_dbusd_t utype (dbus (send_msg))) ++ (allow dbusd_unconfined utype (dbus (send_msg))) ++ (allow utype system_dbusd_var_lib_t (dir (getattr open search))) ++ (allow utype system_dbusd_var_lib_t (file (ioctl read getattr lock open))) ++ (allow utype system_dbusd_var_lib_t (dir (getattr open search))) ++ (allow utype system_dbusd_var_lib_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_lib_t (dir (getattr open search))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype urandom_device_t (chr_file (ioctl read getattr lock open))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype system_dbusd_var_run_t (dir (getattr open search))) ++ (allow utype system_dbusd_var_run_t (sock_file (write getattr append open))) ++ (allow utype system_dbusd_t (unix_stream_socket (connectto))) ++ (allow utype dbusd_etc_t (dir (ioctl read getattr lock open search))) ++ (allow utype dbusd_etc_t (file (ioctl read getattr lock open))) ++ (allow utype session_dbusd_tmp_t (dir (getattr open search))) ++ (allow utype session_dbusd_tmp_t (sock_file (write getattr append open))) ++ (allow utype utype (dbus (send_msg))) ++ (booleanif (deny_ptrace) ++ (false ++ (allow utype dbusd_type (process (ptrace))) ++ ) ++ ) ++ (optional confinedom_graphical_login_optional_6 ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset cil_gen_require mozilla_exec_t) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset file_type (mozilla_exec_t )) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset non_security_file_type (mozilla_exec_t )) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset exec_type (mozilla_exec_t )) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset entry_type (mozilla_exec_t )) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset non_auth_file_type (mozilla_exec_t )) ++ (allow utype mozilla_exec_t (file (entrypoint))) ++ (allow utype mozilla_exec_t (file (ioctl read getattr lock map execute open))) ++ (allow dbusd_type mozilla_exec_t (file (ioctl read getattr map execute open))) ++ (allow dbusd_type utype (process (transition))) ++ (typetransition dbusd_type mozilla_exec_t process utype) ++ (allow utype dbusd_type (fd (use))) ++ (allow utype dbusd_type (fifo_file (ioctl read write getattr lock append))) ++ (allow utype dbusd_type (process (sigchld))) ++ ) ++ (optional confinedom_graphical_login_optional_7 ++ (typeattributeset cil_gen_require systemd_unit_file_t) ++ (allow dbusd_type systemd_unit_file_t (service (start))) ++ ) ++ (optional confinedom_graphical_login_optional_8 ++ (typeattributeset cil_gen_require unconfined_service_t) ++ (allow utype unconfined_service_t (dbus (send_msg))) ++ (allow unconfined_service_t utype (dbus (send_msg))) ++ ) ++ (optional confinedom_graphical_login_optional_9 ++ (typeattributeset cil_gen_require accountsd_t) ++ (allow utype accountsd_t (dbus (send_msg))) ++ (allow accountsd_t utype (dbus (send_msg))) ++ ) ++ (optional confinedom_graphical_login_optional_10 ++ (typeattributeset cil_gen_require avahi_t) ++ (allow utype avahi_t (dbus (send_msg))) ++ (allow avahi_t utype (dbus (send_msg))) ++ ) ++ (optional confinedom_graphical_login_optional_11 ++ (typeattributeset cil_gen_require bluetooth_t) ++ (allow utype bluetooth_t (dbus (send_msg))) ++ (allow bluetooth_t utype (dbus (send_msg))) ++ ) ++ (optional confinedom_graphical_login_optional_12 ++ (typeattributeset cil_gen_require colord_t) ++ (allow utype colord_t (dbus (send_msg))) ++ (allow colord_t utype (dbus (send_msg))) ++ (allow colord_t utype (dir (ioctl read getattr lock open search))) ++ (allow colord_t utype (file (ioctl read getattr lock open))) ++ (allow colord_t utype (lnk_file (read getattr))) ++ (allow colord_t utype (process (getattr))) ++ ) ++ (optional confinedom_graphical_login_optional_13 ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require consolekit_t) ++ (typeattributeset cil_gen_require consolekit_log_t) ++ (typeattributeset cil_gen_require var_log_t) ++ (allow utype consolekit_t (dbus (send_msg))) ++ (allow consolekit_t utype (dbus (send_msg))) ++ (allow utype consolekit_log_t (dir (getattr open search))) ++ (allow utype consolekit_log_t (file (ioctl read getattr lock open))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_log_t (dir (getattr open search))) ++ ) ++ (optional confinedom_graphical_login_optional_14 ++ (typeattributeset cil_gen_require devicekit_t) ++ (typeattributeset cil_gen_require devicekit_power_t) ++ (typeattributeset cil_gen_require devicekit_disk_t) ++ (allow utype devicekit_t (dbus (send_msg))) ++ (allow devicekit_t utype (dbus (send_msg))) ++ (allow utype devicekit_power_t (dbus (send_msg))) ++ (allow devicekit_power_t utype (dbus (send_msg))) ++ (allow utype devicekit_disk_t (dbus (send_msg))) ++ (allow devicekit_disk_t utype (dbus (send_msg))) ++ ) ++ (optional confinedom_graphical_login_optional_15 ++ (typeattributeset cil_gen_require evolution_t) ++ (typeattributeset cil_gen_require evolution_alarm_t) ++ (allow utype evolution_t (dbus (send_msg))) ++ (allow evolution_t utype (dbus (send_msg))) ++ (allow utype evolution_alarm_t (dbus (send_msg))) ++ (allow evolution_alarm_t utype (dbus (send_msg))) ++ ) ++ (optional confinedom_graphical_login_optional_16 ++ (typeattributeset cil_gen_require firewalld_t) ++ (allow utype firewalld_t (dbus (send_msg))) ++ (allow firewalld_t utype (dbus (send_msg))) ++ ) ++ (optional confinedom_graphical_login_optional_17 ++ (typeattributeset cil_gen_require geoclue_t) ++ (allow utype geoclue_t (dbus (send_msg))) ++ (allow geoclue_t utype (dbus (send_msg))) ++ (allow geoclue_t utype (dir (ioctl read getattr lock open search))) ++ (allow geoclue_t utype (file (ioctl read getattr lock open))) ++ (allow geoclue_t utype (lnk_file (read getattr))) ++ (allow geoclue_t utype (process (getattr))) ++ ) ++ (optional confinedom_graphical_login_optional_18 ++ (typeattributeset cil_gen_require gconfdefaultsm_t) ++ (allow utype gconfdefaultsm_t (dbus (send_msg))) ++ (allow gconfdefaultsm_t utype (dbus (send_msg))) ++ ) ++ (optional confinedom_graphical_login_optional_19 ++ (typeattributeset cil_gen_require fprintd_t) ++ (allow utype fprintd_t (dbus (send_msg))) ++ (allow fprintd_t utype (dbus (send_msg))) ++ ) ++ (optional confinedom_graphical_login_optional_20 ++ (typeattributeset cil_gen_require fwupd_t) ++ (allow utype fwupd_t (dbus (send_msg))) ++ (allow fwupd_t utype (dbus (send_msg))) ++ ) ++ (optional confinedom_graphical_login_optional_21 ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require hwloc_dhwd_exec_t) ++ (typeattributeset cil_gen_require hwloc_var_run_t) ++ (allow utype hwloc_dhwd_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype hwloc_var_run_t (dir (getattr open search))) ++ (allow utype hwloc_var_run_t (file (ioctl read getattr lock open))) ++ ) ++ (optional confinedom_graphical_login_optional_22 ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require memcached_t) ++ (typeattributeset cil_gen_require memcached_var_run_t) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype memcached_var_run_t (dir (getattr open search))) ++ (allow utype memcached_var_run_t (sock_file (write getattr append open))) ++ (allow utype memcached_t (unix_stream_socket (connectto))) ++ ) ++ (optional confinedom_graphical_login_optional_23 ++ (typeattributeset cil_gen_require modemmanager_t) ++ (allow utype modemmanager_t (dbus (send_msg))) ++ (allow modemmanager_t utype (dbus (send_msg))) ++ ) ++ (optional confinedom_graphical_login_optional_24 ++ (typeattributeset cil_gen_require var_lib_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require NetworkManager_t) ++ (typeattributeset cil_gen_require NetworkManager_var_lib_t) ++ (allow utype NetworkManager_t (dbus (send_msg))) ++ (allow NetworkManager_t utype (dbus (send_msg))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_lib_t (dir (getattr open search))) ++ (allow utype NetworkManager_var_lib_t (dir (getattr open search))) ++ (allow utype NetworkManager_var_lib_t (dir (ioctl read getattr lock open search))) ++ (allow utype NetworkManager_var_lib_t (dir (getattr open search))) ++ (allow utype NetworkManager_var_lib_t (file (ioctl read getattr lock open))) ++ (allow utype NetworkManager_var_lib_t (file (map))) ++ ) ++ (optional confinedom_graphical_login_optional_25 ++ (typeattributeset cil_gen_require policykit_t) ++ (allow policykit_t utype (dir (ioctl read getattr lock open search))) ++ (allow policykit_t utype (file (ioctl read getattr lock open))) ++ (allow policykit_t utype (lnk_file (read getattr))) ++ (allow policykit_t utype (process (getattr))) ++ (allow utype policykit_t (dbus (send_msg))) ++ (allow policykit_t utype (dbus (send_msg))) ++ ) ++ (optional confinedom_graphical_login_optional_26 ++ (typeattributeset cil_gen_require rpm_t) ++ (allow utype rpm_t (dbus (send_msg))) ++ (allow rpm_t utype (dbus (send_msg))) ++ ) ++ (optional confinedom_graphical_login_optional_27 ++ (typeattributeset cil_gen_require vpnc_t) ++ (allow utype vpnc_t (dbus (send_msg))) ++ (allow vpnc_t utype (dbus (send_msg))) ++ ) ++ ) ++ (optional confinedom_graphical_login_optional_28 ++ (typeattributeset cil_gen_require var_lib_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require rpm_var_lib_t) ++ (typeattributeset cil_gen_require rpm_var_cache_t) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_lib_t (dir (getattr open search))) ++ (allow utype rpm_var_lib_t (dir (ioctl read getattr lock open search))) ++ (allow utype rpm_var_lib_t (dir (getattr open search))) ++ (allow utype rpm_var_lib_t (file (ioctl read getattr lock open))) ++ (allow utype rpm_var_lib_t (dir (getattr open search))) ++ (allow utype rpm_var_lib_t (lnk_file (read getattr))) ++ (allow utype rpm_var_lib_t (file (map))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype rpm_var_cache_t (dir (ioctl read getattr lock open search))) ++ (allow utype rpm_var_cache_t (dir (getattr open search))) ++ (allow utype rpm_var_cache_t (file (ioctl read getattr lock open))) ++ (allow utype rpm_var_cache_t (dir (getattr open search))) ++ (allow utype rpm_var_cache_t (lnk_file (read getattr))) ++ ) ++ (optional confinedom_graphical_login_optional_29 ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require systemd_logind_t) ++ (typeattributeset cil_gen_require systemd_timedated_t) ++ (typeattributeset cil_gen_require systemd_hostnamed_t) ++ (typeattributeset cil_gen_require systemd_localed_t) ++ (typeattributeset cil_gen_require systemd_unit_file_type) ++ (typeattributeset cil_gen_require init_script_file_type) ++ (typeattributeset cil_gen_require systemd_logind_var_run_t) ++ (typeattributeset cil_gen_require systemd_logind_sessions_t) ++ (typeattributeset cil_gen_require init_var_run_t) ++ (typeattributeset cil_gen_require systemd_machined_var_run_t) ++ (typeattributeset cil_gen_require systemd_logind_inhibit_var_run_t) ++ (allow utype systemd_logind_t (dbus (send_msg))) ++ (allow systemd_logind_t utype (dbus (send_msg))) ++ (allow systemd_logind_t utype (dir (ioctl read getattr lock open search))) ++ (allow systemd_logind_t utype (file (ioctl read getattr lock open))) ++ (allow systemd_logind_t utype (lnk_file (read getattr))) ++ (allow systemd_logind_t utype (process (getattr))) ++ (allow systemd_logind_t utype (process (signal))) ++ (allow utype systemd_logind_t (fd (use))) ++ (allow utype systemd_timedated_t (dbus (send_msg))) ++ (allow systemd_timedated_t utype (dbus (send_msg))) ++ (allow systemd_timedated_t utype (dir (ioctl read getattr lock open search))) ++ (allow systemd_timedated_t utype (file (ioctl read getattr lock open))) ++ (allow systemd_timedated_t utype (lnk_file (read getattr))) ++ (allow systemd_timedated_t utype (process (getattr))) ++ (allow utype systemd_hostnamed_t (dbus (send_msg))) ++ (allow systemd_hostnamed_t utype (dbus (send_msg))) ++ (allow systemd_hostnamed_t utype (dir (ioctl read getattr lock open search))) ++ (allow systemd_hostnamed_t utype (file (ioctl read getattr lock open))) ++ (allow systemd_hostnamed_t utype (lnk_file (read getattr))) ++ (allow systemd_hostnamed_t utype (process (getattr))) ++ (allow utype systemd_localed_t (dbus (send_msg))) ++ (allow systemd_localed_t utype (dbus (send_msg))) ++ (allow systemd_localed_t utype (dir (ioctl read getattr lock open search))) ++ (allow systemd_localed_t utype (file (ioctl read getattr lock open))) ++ (allow systemd_localed_t utype (lnk_file (read getattr))) ++ (allow systemd_localed_t utype (process (getattr))) ++ (allow utype systemd_unit_file_type (service (start stop status reload enable disable))) ++ (allow utype init_script_file_type (service (start stop status reload enable disable))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (dir (getattr watch))) ++ (allow utype init_var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_sessions_t (dir (getattr watch))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype systemd_machined_var_run_t (dir (getattr watch))) ++ (allow utype init_var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_sessions_t (dir (ioctl read getattr lock open search))) ++ (allow utype systemd_logind_sessions_t (dir (getattr open search))) ++ (allow utype systemd_logind_sessions_t (file (ioctl read getattr lock open))) ++ (allow utype systemd_logind_inhibit_var_run_t (fifo_file (write))) ++ ) ++ (optional confinedom_graphical_login_optional_30 ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require cupsd_t) ++ (typeattributeset cil_gen_require cupsd_var_run_t) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype cupsd_var_run_t (dir (getattr open search))) ++ (allow utype cupsd_var_run_t (sock_file (write getattr append open))) ++ (allow utype cupsd_t (unix_stream_socket (connectto))) ++ (allow utype cupsd_var_run_t (sock_file (read getattr open))) ++ ) ++ (optional confinedom_graphical_login_optional_31 ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require mount_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require fusermount_exec_t) ++ (typeattributeset cil_gen_require fsadm_t) ++ (typeattributeset cil_gen_require fsadm_exec_t) ++ (typeattributeset cil_gen_require mount_var_run_t) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole mount_t) ++ (roletype urole fsadm_t) ++ (allow utype fusermount_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype mount_t (process (transition))) ++ (typetransition utype fusermount_exec_t process mount_t) ++ (allow mount_t utype (fd (use))) ++ (allow mount_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow mount_t utype (process (sigchld))) ++ (allow mount_t utype (dir (ioctl read getattr lock open search))) ++ (allow mount_t utype (file (ioctl read getattr lock open))) ++ (allow mount_t utype (lnk_file (read getattr))) ++ (allow mount_t utype (process (getattr))) ++ (allow mount_t utype (unix_stream_socket (read write))) ++ (allow utype mount_t (fd (use))) ++ (allow mount_t bin_t (dir (getattr open search))) ++ (allow mount_t bin_t (lnk_file (read getattr))) ++ (allow mount_t bin_t (dir (getattr open search))) ++ (allow mount_t bin_t (dir (getattr open search))) ++ (allow mount_t fsadm_exec_t (file (ioctl read getattr map execute open))) ++ (allow mount_t fsadm_t (process (transition))) ++ (typetransition mount_t fsadm_exec_t process fsadm_t) ++ (allow fsadm_t mount_t (fd (use))) ++ (allow fsadm_t mount_t (fifo_file (ioctl read write getattr lock append))) ++ (allow fsadm_t mount_t (process (sigchld))) ++ (allow utype mount_var_run_t (dir (getattr open search))) ++ (allow utype mount_var_run_t (file (ioctl read getattr lock open))) ++ (allow utype mount_var_run_t (dir (getattr open search))) ++ (allow utype mount_var_run_t (dir (ioctl read getattr lock open search))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ ) ++ (optional confinedom_graphical_login_optional_32 ++ (typeattributeset cil_gen_require home_root_t) ++ (typeattributeset cil_gen_require tmp_t) ++ (typeattributeset cil_gen_require user_tmp_t) ++ (typeattributeset cil_gen_require user_home_dir_t) ++ (typeattributeset cil_gen_require tmpfs_t) ++ (typeattributeset cil_gen_require pulseaudio_tmpfsfile) ++ (typeattributeset cil_gen_require pulseaudio_t) ++ (typeattributeset cil_gen_require pulseaudio_exec_t) ++ (typeattributeset cil_gen_require pulseaudio_tmpfs_t) ++ (typeattributeset cil_gen_require user_tmp_type) ++ (typeattributeset cil_gen_require pulseaudio_home_t) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole user_tmp_t) ++ (roletype urole pulseaudio_t) ++ (allow utype pulseaudio_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype pulseaudio_t (process (transition))) ++ (typetransition utype pulseaudio_exec_t process pulseaudio_t) ++ (allow pulseaudio_t utype (fd (use))) ++ (allow pulseaudio_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow pulseaudio_t utype (process (sigchld))) ++ (allow utype pulseaudio_t (dir (ioctl read getattr lock open search))) ++ (allow utype pulseaudio_t (file (ioctl read getattr lock open))) ++ (allow utype pulseaudio_t (lnk_file (read getattr))) ++ (allow utype pulseaudio_t (process (getattr))) ++ (allow pulseaudio_t utype (process (signull signal))) ++ (allow utype pulseaudio_t (process (sigkill signull signal))) ++ (allow utype pulseaudio_t (process2 (nnp_transition))) ++ (allow pulseaudio_t utype (dir (ioctl read getattr lock open search))) ++ (allow pulseaudio_t utype (file (ioctl read getattr lock open))) ++ (allow pulseaudio_t utype (lnk_file (read getattr))) ++ (allow pulseaudio_t utype (process (getattr))) ++ (allow pulseaudio_t utype (unix_stream_socket (connectto))) ++ (allow utype pulseaudio_t (unix_stream_socket (connectto))) ++ (allow utype pulseaudio_tmpfsfile (dir (ioctl read write create getattr setattr lock relabelfrom relabelto unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype pulseaudio_tmpfs_t (dir (ioctl read write create getattr setattr lock relabelfrom relabelto unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype pulseaudio_tmpfsfile (file (ioctl read write create getattr setattr lock relabelfrom relabelto append unlink link rename open watch watch_reads))) ++ (allow utype pulseaudio_tmpfs_t (file (ioctl read write create getattr setattr lock relabelfrom relabelto append unlink link rename open watch watch_reads))) ++ (typemember pulseaudio_t tmp_t dir user_tmp_t) ++ (allow pulseaudio_t user_tmp_type (dir (mounton))) ++ (allow pulseaudio_t user_tmp_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow pulseaudio_t user_tmp_type (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow pulseaudio_t user_tmp_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow pulseaudio_t user_tmp_type (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow pulseaudio_t user_tmp_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow pulseaudio_t user_tmp_type (lnk_file (ioctl read write create getattr setattr lock append unlink link rename watch watch_reads))) ++ (allow pulseaudio_t user_tmp_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow pulseaudio_t user_tmp_type (sock_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow pulseaudio_t user_tmp_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow pulseaudio_t user_tmp_type (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow pulseaudio_t tmp_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (typetransition pulseaudio_t tmp_t fifo_file user_tmp_t) ++ (typetransition pulseaudio_t tmp_t sock_file user_tmp_t) ++ (typetransition pulseaudio_t tmp_t lnk_file user_tmp_t) ++ (typetransition pulseaudio_t tmp_t dir user_tmp_t) ++ (typetransition pulseaudio_t tmp_t file user_tmp_t) ++ (allow user_tmp_t tmpfs_t (filesystem (associate))) ++ (allow pulseaudio_t tmpfs_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (typetransition pulseaudio_t tmpfs_t fifo_file user_tmp_t) ++ (typetransition pulseaudio_t tmpfs_t sock_file user_tmp_t) ++ (typetransition pulseaudio_t tmpfs_t lnk_file user_tmp_t) ++ (typetransition pulseaudio_t tmpfs_t dir user_tmp_t) ++ (typetransition pulseaudio_t tmpfs_t file user_tmp_t) ++ (allow pulseaudio_t user_tmp_type (dir (getattr open search))) ++ (allow pulseaudio_t user_tmp_type (dir (getattr relabelfrom relabelto))) ++ (allow pulseaudio_t user_tmp_type (dir (getattr open search))) ++ (allow pulseaudio_t user_tmp_type (file (getattr relabelfrom relabelto))) ++ (allow pulseaudio_t user_tmp_type (dir (getattr open search))) ++ (allow pulseaudio_t user_tmp_type (lnk_file (getattr relabelfrom relabelto))) ++ (allow pulseaudio_t user_tmp_type (dir (getattr open search))) ++ (allow pulseaudio_t user_tmp_type (sock_file (getattr relabelfrom relabelto))) ++ (allow pulseaudio_t user_tmp_type (dir (getattr open search))) ++ (allow pulseaudio_t user_tmp_type (fifo_file (getattr relabelfrom relabelto))) ++ (allow pulseaudio_t user_tmp_type (file (map))) ++ (allow utype pulseaudio_t (dbus (send_msg))) ++ (allow pulseaudio_t utype (dbus (acquire_svc send_msg))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (typetransition utype user_home_dir_t file ".esd_auth" pulseaudio_home_t) ++ (typetransition utype user_home_dir_t file ".pulse-cookie" pulseaudio_home_t) ++ (typetransition utype user_home_dir_t dir ".pulse" pulseaudio_home_t) ++ (optional confinedom_graphical_login_optional_33 ++ (typeattributeset cil_gen_require home_root_t) ++ (typeattributeset cil_gen_require user_home_dir_t) ++ (typeattributeset cil_gen_require config_home_t) ++ (allow utype config_home_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_dir_t (dir (getattr open search))) ++ (allow utype user_home_dir_t (lnk_file (read getattr))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (typetransition utype config_home_t dir "pulse" pulseaudio_home_t) ++ ) ++ ) ++ (optional confinedom_graphical_login_optional_34 ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require var_log_t) ++ (typeattributeset cil_gen_require vdagent_log_t) ++ (typeattributeset cil_gen_require vdagent_var_run_t) ++ (typeattributeset cil_gen_require vdagent_t) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_log_t (dir (getattr open search))) ++ (allow utype vdagent_log_t (file (getattr))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype vdagent_var_run_t (dir (getattr open search))) ++ (allow utype vdagent_var_run_t (sock_file (write getattr append open))) ++ (allow utype vdagent_t (unix_stream_socket (connectto))) ++ ) ++ (optional confinedom_graphical_login_optional_35 ++ (typeattributeset cil_gen_require proc_t) ++ (typeattributeset cil_gen_require rtkit_daemon_t) ++ (allow rtkit_daemon_t utype (process (getsched setsched))) ++ (allow utype proc_t (dir (getattr open search))) ++ (allow utype proc_t (dir (getattr open search))) ++ (allow rtkit_daemon_t utype (dir (ioctl read getattr lock open search))) ++ (allow rtkit_daemon_t utype (file (ioctl read getattr lock open))) ++ (allow rtkit_daemon_t utype (lnk_file (read getattr))) ++ (allow rtkit_daemon_t utype (process (getattr))) ++ (optional confinedom_graphical_login_optional_36 ++ (typeattributeset cil_gen_require rtkit_daemon_t) ++ (allow utype rtkit_daemon_t (dbus (send_msg))) ++ (allow rtkit_daemon_t utype (dbus (send_msg))) ++ ) ++ ) ++ ) ++) ++ ++(macro confinedom_mozilla_usage_macro ((type utype) (role urole)) ++ (optional confinedom_mozilla_usage_optional ++ (roleattributeset cil_gen_require mozilla_roles) ++ (roleattributeset cil_gen_require urole) ++ (typeattributeset cil_gen_require mozilla_t) ++ (typeattributeset cil_gen_require mozilla_exec_t) ++ (typeattributeset cil_gen_require mozilla_home_t) ++ (typeattributeset cil_gen_require mozilla_tmpfs_t) ++ (typeattributeset cil_gen_require utype) ++ (optional confinedom_mozilla_usage_optional_3 ++ (roleattributeset cil_gen_require mozilla_plugin_roles) ++ (roleattributeset cil_gen_require mozilla_plugin_config_roles) ++ (typeattributeset cil_gen_require mozilla_t) ++ (typeattributeset cil_gen_require mozilla_home_t) ++ (typeattributeset cil_gen_require mozilla_plugin_t) ++ (typeattributeset cil_gen_require mozilla_plugin_exec_t) ++ (typeattributeset cil_gen_require mozilla_plugin_config_t) ++ (typeattributeset cil_gen_require mozilla_plugin_config_exec_t) ++ (typeattributeset cil_gen_require mozilla_plugin_rw_t) ++ (typeattributeset cil_gen_require lib_t) ++ (typeattributeset cil_gen_require user_home_dir_t) ++ (typeattributeset cil_gen_require home_root_t) ++ (roleattributeset cil_gen_require mozilla_plugin_config_roles) ++ (roleattributeset mozilla_plugin_config_roles (urole )) ++ (roleattributeset cil_gen_require mozilla_plugin_roles) ++ (roleattributeset mozilla_plugin_roles (urole )) ++ (allow utype mozilla_t (process (noatsecure siginh rlimitinh))) ++ (allow utype mozilla_t (dir (ioctl read getattr lock open search))) ++ (allow utype mozilla_t (file (ioctl read getattr lock open))) ++ (allow utype mozilla_t (lnk_file (read getattr))) ++ (allow utype mozilla_t (process (getattr))) ++ (allow utype mozilla_t (process (sigchld sigkill sigstop signull signal))) ++ (allow utype mozilla_t (fd (use))) ++ (allow utype mozilla_t (shm (getattr associate))) ++ (allow utype mozilla_t (shm (unix_read unix_write))) ++ (allow utype mozilla_t (unix_stream_socket (connectto))) ++ (allow utype mozilla_plugin_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype mozilla_plugin_t (process (transition))) ++ (typetransition utype mozilla_plugin_exec_t process mozilla_plugin_t) ++ (allow mozilla_plugin_t utype (fd (use))) ++ (allow mozilla_plugin_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow mozilla_plugin_t utype (process (sigchld))) ++ (allow utype mozilla_plugin_config_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype mozilla_plugin_config_t (process (transition))) ++ (typetransition utype mozilla_plugin_config_exec_t process mozilla_plugin_config_t) ++ (allow mozilla_plugin_config_t utype (fd (use))) ++ (allow mozilla_plugin_config_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow mozilla_plugin_config_t utype (process (sigchld))) ++ (allow mozilla_plugin_t utype (process (signull))) ++ (dontaudit mozilla_plugin_config_t utype (file (ioctl read getattr lock))) ++ (dontaudit mozilla_plugin_t utype (process (signal))) ++ (allow utype mozilla_plugin_t (unix_stream_socket (ioctl read write getattr setattr lock append bind connect getopt setopt shutdown connectto))) ++ (allow utype mozilla_plugin_t (fd (use))) ++ (allow mozilla_plugin_t utype (unix_stream_socket (ioctl read write getattr setattr lock append bind connect getopt setopt shutdown))) ++ (allow mozilla_plugin_t utype (unix_dgram_socket (ioctl read write getattr setattr lock append bind connect getopt setopt shutdown sendto))) ++ (allow mozilla_plugin_t utype (shm (destroy getattr read write associate unix_read unix_write lock))) ++ (allow mozilla_plugin_t utype (sem (create destroy getattr setattr read write associate unix_read unix_write))) ++ (allow utype mozilla_plugin_t (sem (getattr read write associate unix_read unix_write))) ++ (allow utype mozilla_plugin_t (shm (getattr read write associate unix_read unix_write lock))) ++ (allow utype mozilla_plugin_t (fifo_file (ioctl read write getattr lock append open))) ++ (allow utype mozilla_plugin_t (dir (ioctl read getattr lock open search))) ++ (allow utype mozilla_plugin_t (file (ioctl read getattr lock open))) ++ (allow utype mozilla_plugin_t (lnk_file (read getattr))) ++ (allow utype mozilla_plugin_t (process (getattr))) ++ (allow mozilla_plugin_t utype (dir (ioctl read getattr lock open search))) ++ (allow mozilla_plugin_t utype (file (ioctl read getattr lock open))) ++ (allow mozilla_plugin_t utype (lnk_file (read getattr))) ++ (allow mozilla_plugin_t utype (process (getattr))) ++ (allow utype mozilla_plugin_t (process (sigchld sigkill sigstop signull signal noatsecure))) ++ (allow utype mozilla_plugin_rw_t (dir (getattr open search))) ++ (allow utype mozilla_plugin_rw_t (dir (ioctl read getattr lock open search))) ++ (allow utype mozilla_plugin_rw_t (dir (getattr open search))) ++ (allow utype mozilla_plugin_rw_t (file (ioctl read getattr lock open))) ++ (allow utype mozilla_plugin_rw_t (dir (getattr open search))) ++ (allow utype mozilla_plugin_rw_t (lnk_file (read getattr))) ++ (allow utype mozilla_plugin_rw_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype mozilla_plugin_t (dbus (send_msg))) ++ (allow mozilla_plugin_t utype (dbus (send_msg))) ++ (allow mozilla_plugin_t utype (process (signull))) ++ (allow utype mozilla_t (dbus (send_msg))) ++ (allow mozilla_t utype (dbus (send_msg))) ++ (allow utype mozilla_plugin_rw_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (typetransition utype user_home_dir_t dir ".webex" mozilla_home_t) ++ (typetransition utype user_home_dir_t file "mozilla.pdf" mozilla_home_t) ++ (typetransition utype user_home_dir_t file ".gnashpluginrc" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".IBMERS" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".lyx" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".juniper_networks" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir "zimbrauserdata" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".ICAClient" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".spicec" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".quakelive" mozilla_home_t) ++ (typetransition utype user_home_dir_t file "abc" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".icedtea" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".icedteaplugin" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".gcjwebplugin" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".grl-podcasts" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".gnash" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".macromedia" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".adobe" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".phoenix" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".netscape" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".thunderbird" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".mozilla" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".java" mozilla_home_t) ++ (typetransition utype user_home_dir_t dir ".galeon" mozilla_home_t) ++ (typetransition utype mozilla_plugin_rw_t file "nswrapper_32_64.nppdf.so" lib_t) ++ (booleanif (deny_ptrace) ++ (false ++ (allow utype mozilla_plugin_t (process (ptrace))) ++ ) ++ ) ++ (optional confinedom_mozilla_usage_optional_4 ++ (roleattributeset cil_gen_require lpr_roles) ++ (typeattributeset cil_gen_require lpr_t) ++ (typeattributeset cil_gen_require lpr_exec_t) ++ (roleattributeset cil_gen_require lpr_roles) ++ (roleattributeset lpr_roles (urole )) ++ (allow mozilla_plugin_t lpr_exec_t (file (ioctl read getattr map execute open))) ++ (allow mozilla_plugin_t lpr_t (process (transition))) ++ (typetransition mozilla_plugin_t lpr_exec_t process lpr_t) ++ (allow lpr_t mozilla_plugin_t (fd (use))) ++ (allow lpr_t mozilla_plugin_t (fifo_file (ioctl read write getattr lock append))) ++ (allow lpr_t mozilla_plugin_t (process (sigchld))) ++ ) ++ (optional confinedom_mozilla_usage_optional_5 ++ (typeattributeset cil_gen_require user_home_dir_t) ++ (typeattributeset cil_gen_require home_root_t) ++ (typeattributeset cil_gen_require cache_home_t) ++ (allow utype cache_home_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_dir_t (dir (getattr open search))) ++ (allow utype user_home_dir_t (lnk_file (read getattr))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype cache_home_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_dir_t (dir (getattr open search))) ++ (allow utype user_home_dir_t (lnk_file (read getattr))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (typetransition utype cache_home_t dir "icedtea-web" mozilla_home_t) ++ (typetransition utype cache_home_t dir "mozilla" mozilla_home_t) ++ ) ++ ) ++ ) ++) ++ ++(macro confinedom_networking_macro ((type utype) (role urole)) ++ (optional confinedom_networking_optional_2 ++ (roleattributeset cil_gen_require urole) ++ (typeattributeset cil_gen_require utype) ++ (typeattributeset cil_gen_require ping_t) ++ (typeattributeset cil_gen_require ping_exec_t) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require traceroute_t) ++ (typeattributeset cil_gen_require traceroute_exec_t) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole ping_t) ++ (roletype urole traceroute_t) ++ (booleanif (selinuxuser_ping) ++ (true ++ (allow utype ping_t (process (sigkill signal))) ++ (allow ping_t utype (process (sigchld))) ++ (allow ping_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow ping_t utype (fd (use))) ++ (typetransition utype ping_exec_t process ping_t) ++ (allow utype ping_t (process (transition))) ++ (allow utype ping_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (lnk_file (read getattr))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype traceroute_t (process (sigkill signal))) ++ (allow traceroute_t utype (process (sigchld))) ++ (allow traceroute_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow traceroute_t utype (fd (use))) ++ (typetransition utype traceroute_exec_t process traceroute_t) ++ (allow utype traceroute_t (process (transition))) ++ (allow utype traceroute_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (lnk_file (read getattr))) ++ (allow utype bin_t (dir (getattr open search))) ++ ) ++ ) ++ ) ++) ++ ++(macro confinedom_security_advanced_macro ((type utype) (role urole) (type sudo_type) (type userhelper_type)) ++ (optional confinedom_security_advanced_optional_2 ++ (roleattributeset cil_gen_require urole) ++ (typeattributeset cil_gen_require utype) ++ (typeattributeset cil_gen_require sudo_type) ++ (typeattributeset cil_gen_require auditd_log_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require auditd_etc_t) ++ (typeattributeset cil_gen_require etc_t) ++ (typeattributeset cil_gen_require security_t) ++ (typeattributeset cil_gen_require can_setenforce) ++ (typeattributeset cil_gen_require sysfs_t) ++ (typeattributeset cil_gen_require secure_mode_policyload_t) ++ (typeattributeset cil_gen_require boolean_type) ++ (typeattributeset cil_gen_require can_setbool) ++ (typeattributeset cil_gen_require semanage_t) ++ (typeattributeset cil_gen_require selinux_config_t) ++ (typeattributeset cil_gen_require semanage_store_t) ++ (typeattributeset cil_gen_require selinux_login_config_t) ++ (typeattributeset cil_gen_require semanage_exec_t) ++ (typeattributeset cil_gen_require usr_t) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require setfiles_t) ++ (typeattributeset cil_gen_require setfiles_exec_t) ++ (typeattributeset cil_gen_require load_policy_t) ++ (typeattributeset cil_gen_require load_policy_exec_t) ++ (typeattributeset cil_gen_require newrole_t) ++ (typeattributeset cil_gen_require newrole_exec_t) ++ (typeattributeset cil_gen_require updpwd_t) ++ (typeattributeset cil_gen_require updpwd_exec_t) ++ (typeattributeset cil_gen_require shadow_t) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole semanage_t) ++ (roletype urole setfiles_t) ++ (roletype urole load_policy_t) ++ (roletype urole newrole_t) ++ (roletype urole updpwd_t) ++ (typeattributeset cil_gen_require can_setbool) ++ (typeattributeset can_setbool (utype )) ++ (typeattributeset cil_gen_require can_setenforce) ++ (typeattributeset can_setenforce (utype )) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype auditd_log_t (dir (getattr open search))) ++ (allow utype auditd_log_t (file (ioctl read getattr lock open))) ++ (allow utype auditd_log_t (dir (getattr open search))) ++ (allow utype auditd_log_t (lnk_file (read getattr))) ++ (allow utype auditd_log_t (dir (ioctl read getattr lock open search))) ++ (allow utype etc_t (dir (getattr open search))) ++ (allow utype auditd_etc_t (dir (getattr open search))) ++ (allow utype auditd_etc_t (file (ioctl read getattr lock open))) ++ (allow utype auditd_etc_t (dir (ioctl read getattr lock open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype security_t (dir (ioctl read getattr lock open search))) ++ (allow utype security_t (file (ioctl read write getattr lock append open))) ++ (allow utype sysfs_t (filesystem (getattr))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype security_t (lnk_file (read getattr))) ++ (allow utype security_t (dir (ioctl read getattr lock open search))) ++ (allow utype boolean_type (dir (ioctl read getattr lock open search))) ++ (allow utype boolean_type (file (ioctl read write getattr lock append open))) ++ (allow semanage_t utype (dir (ioctl read getattr lock open search))) ++ (allow semanage_t utype (file (ioctl read getattr lock open))) ++ (allow semanage_t utype (lnk_file (read getattr))) ++ (allow semanage_t utype (process (getattr))) ++ (allow utype semanage_t (dbus (send_msg))) ++ (allow semanage_t utype (dbus (send_msg))) ++ (allow utype etc_t (dir (getattr open search))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype selinux_config_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype semanage_store_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype semanage_store_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype semanage_store_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype semanage_store_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype semanage_store_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype semanage_store_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype semanage_store_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename watch watch_reads))) ++ (allow utype selinux_config_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype selinux_config_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype selinux_config_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype selinux_config_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype etc_t (dir (getattr open search))) ++ (allow utype selinux_config_t (dir (getattr open search))) ++ (allow utype selinux_login_config_t (dir (ioctl read getattr lock open search))) ++ (allow utype selinux_login_config_t (dir (getattr open search))) ++ (allow utype selinux_login_config_t (file (ioctl read getattr lock open))) ++ (allow utype selinux_login_config_t (dir (getattr open search))) ++ (allow utype selinux_login_config_t (lnk_file (read getattr))) ++ (allow sudo_type usr_t (dir (getattr open search))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (lnk_file (read getattr))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type semanage_exec_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type semanage_t (process (transition))) ++ (typetransition sudo_type semanage_exec_t process semanage_t) ++ (allow semanage_t sudo_type (fd (use))) ++ (allow semanage_t sudo_type (fifo_file (ioctl read write getattr lock append))) ++ (allow semanage_t sudo_type (process (sigchld))) ++ (allow semanage_t usr_t (dir (getattr open search))) ++ (allow semanage_t bin_t (dir (getattr open search))) ++ (allow semanage_t bin_t (lnk_file (read getattr))) ++ (allow semanage_t bin_t (dir (getattr open search))) ++ (allow semanage_t bin_t (dir (getattr open search))) ++ (allow semanage_t setfiles_exec_t (file (ioctl read getattr map execute open))) ++ (allow semanage_t setfiles_t (process (transition))) ++ (typetransition semanage_t setfiles_exec_t process setfiles_t) ++ (allow setfiles_t semanage_t (fd (use))) ++ (allow setfiles_t semanage_t (fifo_file (ioctl read write getattr lock append))) ++ (allow setfiles_t semanage_t (process (sigchld))) ++ (allow semanage_t bin_t (dir (getattr open search))) ++ (allow semanage_t bin_t (lnk_file (read getattr))) ++ (allow semanage_t bin_t (dir (getattr open search))) ++ (allow semanage_t bin_t (dir (getattr open search))) ++ (allow semanage_t load_policy_exec_t (file (ioctl read getattr map execute open))) ++ (allow semanage_t load_policy_t (process (transition))) ++ (typetransition semanage_t load_policy_exec_t process load_policy_t) ++ (allow load_policy_t semanage_t (fd (use))) ++ (allow load_policy_t semanage_t (fifo_file (ioctl read write getattr lock append))) ++ (allow load_policy_t semanage_t (process (sigchld))) ++ (allow utype usr_t (dir (getattr open search))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (lnk_file (read getattr))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype newrole_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype newrole_t (process (transition))) ++ (typetransition utype newrole_exec_t process newrole_t) ++ (allow newrole_t utype (fd (use))) ++ (allow newrole_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow newrole_t utype (process (sigchld))) ++ (allow newrole_t updpwd_exec_t (file (ioctl read getattr map execute open))) ++ (allow newrole_t updpwd_t (process (transition))) ++ (typetransition newrole_t updpwd_exec_t process updpwd_t) ++ (allow updpwd_t newrole_t (fd (use))) ++ (allow updpwd_t newrole_t (fifo_file (ioctl read write getattr lock append))) ++ (allow updpwd_t newrole_t (process (sigchld))) ++ (dontaudit newrole_t shadow_t (file (ioctl read getattr lock open))) ++ (allow sudo_type usr_t (dir (getattr open search))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (lnk_file (read getattr))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type setfiles_exec_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type setfiles_t (process (transition))) ++ (typetransition sudo_type setfiles_exec_t process setfiles_t) ++ (allow setfiles_t sudo_type (fd (use))) ++ (allow setfiles_t sudo_type (fifo_file (ioctl read write getattr lock append))) ++ (allow setfiles_t sudo_type (process (sigchld))) ++ (typetransition utype selinux_config_t dir "tmp" semanage_store_t) ++ (typetransition utype selinux_config_t dir "previous" semanage_store_t) ++ (typetransition utype selinux_config_t dir "active" semanage_store_t) ++ (typetransition utype selinux_config_t dir "modules" semanage_store_t) ++ (optional confinedom_security_advanced_optional_3 ++ (typeattributeset cil_gen_require usr_t) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require setfiles_t) ++ (typeattributeset cil_gen_require setfiles_exec_t) ++ (typeattributeset cil_gen_require namespace_init_t) ++ (typeattributeset cil_gen_require namespace_init_exec_t) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole setfiles_t) ++ (roletype urole namespace_init_t) ++ (allow newrole_t namespace_init_exec_t (file (ioctl read getattr map execute open))) ++ (allow newrole_t namespace_init_t (process (transition))) ++ (typetransition newrole_t namespace_init_exec_t process namespace_init_t) ++ (allow namespace_init_t newrole_t (fd (use))) ++ (allow namespace_init_t newrole_t (fifo_file (ioctl read write getattr lock append))) ++ (allow namespace_init_t newrole_t (process (sigchld))) ++ (allow namespace_init_t usr_t (dir (getattr open search))) ++ (allow namespace_init_t bin_t (dir (getattr open search))) ++ (allow namespace_init_t bin_t (lnk_file (read getattr))) ++ (allow namespace_init_t bin_t (dir (getattr open search))) ++ (allow namespace_init_t bin_t (dir (getattr open search))) ++ (allow namespace_init_t setfiles_exec_t (file (ioctl read getattr map execute open))) ++ (allow namespace_init_t setfiles_t (process (transition))) ++ (typetransition namespace_init_t setfiles_exec_t process setfiles_t) ++ (allow setfiles_t namespace_init_t (fd (use))) ++ (allow setfiles_t namespace_init_t (fifo_file (ioctl read write getattr lock append))) ++ (allow setfiles_t namespace_init_t (process (sigchld))) ++ ) ++ (optional confinedom_security_advanced_optional_4 ++ (roletype object_r userhelper_type) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require etc_t) ++ (typeattributeset cil_gen_require security_t) ++ (typeattributeset cil_gen_require sysfs_t) ++ (typeattributeset cil_gen_require selinux_config_t) ++ (typeattributeset cil_gen_require usr_t) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require updpwd_t) ++ (typeattributeset cil_gen_require updpwd_exec_t) ++ (typeattributeset cil_gen_require shadow_t) ++ (typeattributeset cil_gen_require userhelper_type) ++ (typeattributeset cil_gen_require userhelper_exec_t) ++ (typeattributeset cil_gen_require userhelper_conf_t) ++ (typeattributeset cil_gen_require application_domain_type) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset cil_gen_require corenet_unlabeled_type) ++ (typeattributeset cil_gen_require application_exec_type) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset cil_gen_require ubac_constrained_type) ++ (typeattributeset cil_gen_require can_change_process_role) ++ (typeattributeset cil_gen_require can_change_object_identity) ++ (typeattributeset cil_gen_require privfd) ++ (typeattributeset cil_gen_require can_change_process_identity) ++ (typeattributeset cil_gen_require sysctl_type) ++ (typeattributeset cil_gen_require proc_t) ++ (typeattributeset cil_gen_require proc_net_t) ++ (typeattributeset cil_gen_require debugfs_t) ++ (typeattributeset cil_gen_require kernel_system_state_reader) ++ (typeattributeset cil_gen_require shell_exec_t) ++ (typeattributeset cil_gen_require device_t) ++ (typeattributeset cil_gen_require urandom_device_t) ++ (typeattributeset cil_gen_require var_lib_t) ++ (typeattributeset cil_gen_require etc_runtime_t) ++ (typeattributeset cil_gen_require home_root_t) ++ (typeattributeset cil_gen_require autofs_t) ++ (typeattributeset cil_gen_require nfs_t) ++ (typeattributeset cil_gen_require devpts_t) ++ (typeattributeset cil_gen_require ttynode) ++ (typeattributeset cil_gen_require ptynode) ++ (typeattributeset cil_gen_require chkpwd_t) ++ (typeattributeset cil_gen_require chkpwd_exec_t) ++ (typeattributeset cil_gen_require auth_cache_t) ++ (typeattributeset cil_gen_require random_device_t) ++ (typeattributeset cil_gen_require nsswitch_domain) ++ (typeattributeset cil_gen_require netlabel_peer_type) ++ (typeattributeset cil_gen_require faillog_t) ++ (typeattributeset cil_gen_require var_log_t) ++ (typeattributeset cil_gen_require cert_t) ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require pam_var_run_t) ++ (typeattributeset cil_gen_require var_auth_t) ++ (typeattributeset cil_gen_require pam_var_console_t) ++ (typeattributeset cil_gen_require syslog_client_type) ++ (typeattributeset cil_gen_require init_t) ++ (typeattributeset cil_gen_require initrc_var_run_t) ++ (typeattributeset cil_gen_require default_context_t) ++ (typeattributeset cil_gen_require unpriv_userdomain) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole userhelper_type) ++ (typeattributeset cil_gen_require netlabel_peer_type) ++ (typeattributeset netlabel_peer_type (userhelper_type )) ++ (typeattributeset cil_gen_require can_change_process_identity) ++ (typeattributeset can_change_process_identity (userhelper_type )) ++ (typeattributeset cil_gen_require corenet_unlabeled_type) ++ (typeattributeset corenet_unlabeled_type (userhelper_type )) ++ (typeattributeset cil_gen_require privfd) ++ (typeattributeset privfd (userhelper_type )) ++ (typeattributeset cil_gen_require syslog_client_type) ++ (typeattributeset syslog_client_type (userhelper_type )) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset file_type (userhelper_exec_t )) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset non_security_file_type (userhelper_exec_t )) ++ (typeattributeset cil_gen_require can_change_object_identity) ++ (typeattributeset can_change_object_identity (userhelper_type )) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset exec_type (userhelper_exec_t )) ++ (typeattributeset cil_gen_require application_domain_type) ++ (typeattributeset application_domain_type (userhelper_type )) ++ (typeattributeset cil_gen_require ubac_constrained_type) ++ (typeattributeset ubac_constrained_type (userhelper_type )) ++ (typeattributeset cil_gen_require kernel_system_state_reader) ++ (typeattributeset kernel_system_state_reader (userhelper_type )) ++ (typeattributeset cil_gen_require can_change_process_role) ++ (typeattributeset can_change_process_role (userhelper_type )) ++ (typeattributeset cil_gen_require application_exec_type) ++ (typeattributeset application_exec_type (userhelper_exec_t )) ++ (typeattributeset cil_gen_require nsswitch_domain) ++ (typeattributeset nsswitch_domain (userhelper_type )) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset entry_type (userhelper_exec_t )) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset non_auth_file_type (userhelper_exec_t )) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset domain (userhelper_type )) ++ (typeattributeset cil_gen_require userhelper_type) ++ (allow userhelper_type userhelper_exec_t (file (entrypoint))) ++ (allow userhelper_type userhelper_exec_t (file (ioctl read getattr lock map execute open))) ++ (allow userhelper_type self (capability (chown dac_read_search setgid setuid net_bind_service sys_tty_config))) ++ (allow userhelper_type self (process (fork transition sigchld sigkill sigstop signull signal getsched setsched getsession getpgid setpgid getcap setcap share getattr noatsecure siginh rlimitinh dyntransition setkeycreate setsockcreate getrlimit))) ++ (allow userhelper_type self (process (setexec))) ++ (allow userhelper_type self (fd (use))) ++ (allow userhelper_type self (fifo_file (ioctl read write getattr lock append open))) ++ (allow userhelper_type self (shm (create destroy getattr setattr read write associate unix_read unix_write lock))) ++ (allow userhelper_type self (sem (create destroy getattr setattr read write associate unix_read unix_write))) ++ (allow userhelper_type self (msgq (create destroy getattr setattr read write associate unix_read unix_write enqueue))) ++ (allow userhelper_type self (msg (send receive))) ++ (allow userhelper_type self (unix_dgram_socket (ioctl read write create getattr setattr lock append bind connect getopt setopt shutdown))) ++ (allow userhelper_type self (unix_stream_socket (ioctl read write create getattr setattr lock append bind connect listen accept getopt setopt shutdown))) ++ (allow userhelper_type self (unix_dgram_socket (sendto))) ++ (allow userhelper_type self (unix_stream_socket (connectto))) ++ (allow userhelper_type self (sock_file (read getattr open))) ++ (allow utype userhelper_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype userhelper_type (process (transition))) ++ (typetransition utype userhelper_exec_t process userhelper_type) ++ (allow userhelper_type utype (fd (use))) ++ (allow userhelper_type utype (fifo_file (ioctl read write getattr lock append))) ++ (allow userhelper_type utype (process (sigchld))) ++ (allow userhelper_type userhelper_conf_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow userhelper_type userhelper_conf_t (dir (getattr open search))) ++ (allow userhelper_type userhelper_conf_t (file (ioctl read write getattr lock append open))) ++ (allow userhelper_type userhelper_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (dontaudit utype userhelper_type (process (signal))) ++ (allow userhelper_type sysctl_type (dir (getattr open search))) ++ (allow userhelper_type proc_t (dir (getattr open search))) ++ (allow userhelper_type proc_net_t (dir (getattr open search))) ++ (allow userhelper_type sysctl_type (file (ioctl read getattr lock open))) ++ (allow userhelper_type proc_t (dir (getattr open search))) ++ (allow userhelper_type proc_net_t (dir (getattr open search))) ++ (allow userhelper_type sysctl_type (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type debugfs_t (filesystem (getattr))) ++ (allow userhelper_type bin_t (dir (getattr open search))) ++ (allow userhelper_type bin_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type bin_t (dir (getattr open search))) ++ (allow userhelper_type bin_t (lnk_file (read getattr))) ++ (allow userhelper_type shell_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow userhelper_type shell_exec_t (file (map))) ++ (allow userhelper_type bin_t (dir (getattr open search))) ++ (allow userhelper_type bin_t (lnk_file (read getattr))) ++ (allow userhelper_type bin_t (file (ioctl read getattr map execute open))) ++ (allow userhelper_type utype (process (transition))) ++ (allow userhelper_type usr_t (dir (getattr open search))) ++ (allow userhelper_type usr_t (lnk_file (read getattr))) ++ (allow userhelper_type usr_t (file (ioctl read getattr map execute open))) ++ (allow userhelper_type utype (process (transition))) ++ (typetransition userhelper_type bin_t process utype) ++ (typetransition userhelper_type usr_t process utype) ++ (allow userhelper_type privfd (fd (use))) ++ (allow userhelper_type privfd (process (sigchld))) ++ (allow userhelper_type device_t (dir (getattr open search))) ++ (allow userhelper_type urandom_device_t (chr_file (ioctl read getattr lock open))) ++ (allow userhelper_type device_t (dir (getattr open search))) ++ (allow userhelper_type device_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type device_t (dir (getattr open search))) ++ (allow userhelper_type device_t (lnk_file (read getattr))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_lib_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type etc_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type etc_t (dir (getattr open search))) ++ (allow userhelper_type etc_t (file (ioctl read getattr lock open))) ++ (allow userhelper_type etc_t (dir (getattr open search))) ++ (allow userhelper_type etc_t (lnk_file (read getattr))) ++ (allow userhelper_type etc_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type etc_t (dir (getattr open search))) ++ (allow userhelper_type etc_runtime_t (file (ioctl read getattr lock open))) ++ (allow userhelper_type etc_t (dir (getattr open search))) ++ (allow userhelper_type etc_runtime_t (lnk_file (read getattr))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_t (file (ioctl read getattr lock open))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_t (lnk_file (read getattr))) ++ (allow userhelper_type home_root_t (dir (getattr open search))) ++ (allow userhelper_type home_root_t (lnk_file (read getattr))) ++ (allow userhelper_type autofs_t (dir (getattr open search))) ++ (allow userhelper_type autofs_t (dir (getattr open search))) ++ (allow userhelper_type nfs_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type nfs_t (dir (getattr open search))) ++ (allow userhelper_type nfs_t (file (ioctl read getattr lock open))) ++ (allow userhelper_type nfs_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type nfs_t (dir (getattr open search))) ++ (allow userhelper_type nfs_t (lnk_file (read getattr))) ++ (allow userhelper_type security_t (lnk_file (read getattr))) ++ (allow userhelper_type sysfs_t (filesystem (getattr))) ++ (allow userhelper_type sysfs_t (dir (getattr open search))) ++ (allow userhelper_type sysfs_t (dir (getattr open search))) ++ (allow userhelper_type security_t (filesystem (getattr))) ++ (allow userhelper_type sysfs_t (filesystem (getattr))) ++ (allow userhelper_type sysfs_t (dir (getattr open search))) ++ (allow userhelper_type sysfs_t (dir (getattr open search))) ++ (allow userhelper_type security_t (lnk_file (read getattr))) ++ (allow userhelper_type security_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type security_t (file (ioctl read write getattr lock append map open))) ++ (allow userhelper_type security_t (security (check_context))) ++ (allow userhelper_type sysfs_t (filesystem (getattr))) ++ (allow userhelper_type sysfs_t (dir (getattr open search))) ++ (allow userhelper_type sysfs_t (dir (getattr open search))) ++ (allow userhelper_type security_t (lnk_file (read getattr))) ++ (allow userhelper_type security_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type security_t (file (ioctl read write getattr lock append open))) ++ (allow userhelper_type security_t (security (compute_av))) ++ (allow userhelper_type sysfs_t (filesystem (getattr))) ++ (allow userhelper_type sysfs_t (dir (getattr open search))) ++ (allow userhelper_type sysfs_t (dir (getattr open search))) ++ (allow userhelper_type security_t (lnk_file (read getattr))) ++ (allow userhelper_type security_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type security_t (file (ioctl read write getattr lock append open))) ++ (allow userhelper_type security_t (security (compute_create))) ++ (allow userhelper_type sysfs_t (filesystem (getattr))) ++ (allow userhelper_type sysfs_t (dir (getattr open search))) ++ (allow userhelper_type sysfs_t (dir (getattr open search))) ++ (allow userhelper_type security_t (lnk_file (read getattr))) ++ (allow userhelper_type security_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type security_t (file (ioctl read write getattr lock append open))) ++ (allow userhelper_type security_t (security (compute_relabel))) ++ (allow userhelper_type sysfs_t (filesystem (getattr))) ++ (allow userhelper_type sysfs_t (dir (getattr open search))) ++ (allow userhelper_type sysfs_t (dir (getattr open search))) ++ (allow userhelper_type security_t (lnk_file (read getattr))) ++ (allow userhelper_type security_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type security_t (file (ioctl read write getattr lock append open))) ++ (allow userhelper_type security_t (security (compute_user))) ++ (allow userhelper_type device_t (dir (getattr open search))) ++ (allow userhelper_type device_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type device_t (dir (getattr open search))) ++ (allow userhelper_type device_t (lnk_file (read getattr))) ++ (allow userhelper_type devpts_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type device_t (dir (getattr open search))) ++ (allow userhelper_type device_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type device_t (dir (getattr open search))) ++ (allow userhelper_type device_t (lnk_file (read getattr))) ++ (allow userhelper_type ttynode (chr_file (getattr relabelfrom relabelto))) ++ (allow userhelper_type device_t (dir (getattr open search))) ++ (allow userhelper_type device_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type device_t (dir (getattr open search))) ++ (allow userhelper_type device_t (lnk_file (read getattr))) ++ (allow userhelper_type devpts_t (dir (getattr open search))) ++ (allow userhelper_type devpts_t (chr_file (getattr relabelfrom relabelto))) ++ (allow userhelper_type ptynode (chr_file (getattr relabelfrom relabelto))) ++ (allow userhelper_type device_t (dir (getattr open search))) ++ (allow userhelper_type device_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type device_t (dir (getattr open search))) ++ (allow userhelper_type device_t (lnk_file (read getattr))) ++ (allow userhelper_type ttynode (chr_file (ioctl read write getattr lock append open))) ++ (allow userhelper_type device_t (dir (getattr open search))) ++ (allow userhelper_type device_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type device_t (dir (getattr open search))) ++ (allow userhelper_type device_t (lnk_file (read getattr))) ++ (allow userhelper_type devpts_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type ptynode (chr_file (ioctl read write getattr lock append open))) ++ (allow userhelper_type auth_cache_t (dir (getattr open search))) ++ (allow userhelper_type bin_t (dir (getattr open search))) ++ (allow userhelper_type bin_t (lnk_file (read getattr))) ++ (allow userhelper_type bin_t (dir (getattr open search))) ++ (allow userhelper_type bin_t (dir (getattr open search))) ++ (allow userhelper_type chkpwd_exec_t (file (ioctl read getattr map execute open))) ++ (allow userhelper_type chkpwd_t (process (transition))) ++ (typetransition userhelper_type chkpwd_exec_t process chkpwd_t) ++ (allow chkpwd_t userhelper_type (fd (use))) ++ (allow chkpwd_t userhelper_type (fifo_file (ioctl read write getattr lock append))) ++ (allow chkpwd_t userhelper_type (process (sigchld))) ++ (allow userhelper_type chkpwd_exec_t (file (map))) ++ (dontaudit userhelper_type shadow_t (file (ioctl read getattr lock open))) ++ (allow userhelper_type device_t (dir (getattr open search))) ++ (allow userhelper_type random_device_t (chr_file (ioctl read getattr lock open))) ++ (allow userhelper_type device_t (dir (getattr open search))) ++ (allow userhelper_type urandom_device_t (chr_file (ioctl read getattr lock open))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_log_t (dir (getattr open search))) ++ (allow userhelper_type faillog_t (dir (getattr open search))) ++ (allow userhelper_type faillog_t (file (ioctl read write getattr lock append open))) ++ (allow userhelper_type self (capability (audit_write))) ++ (allow userhelper_type self (netlink_audit_socket (ioctl read write create getattr setattr lock append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay nlmsg_tty_audit))) ++ (allow userhelper_type cert_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type cert_t (dir (getattr open search))) ++ (allow userhelper_type cert_t (file (ioctl read getattr lock open))) ++ (allow userhelper_type cert_t (dir (getattr open search))) ++ (allow userhelper_type cert_t (lnk_file (read getattr))) ++ (allow userhelper_type updpwd_exec_t (file (ioctl read getattr map execute open))) ++ (allow userhelper_type updpwd_t (process (transition))) ++ (typetransition userhelper_type updpwd_exec_t process updpwd_t) ++ (allow updpwd_t userhelper_type (fd (use))) ++ (allow updpwd_t userhelper_type (fifo_file (ioctl read write getattr lock append))) ++ (allow updpwd_t userhelper_type (process (sigchld))) ++ (dontaudit userhelper_type shadow_t (file (ioctl read getattr lock open))) ++ (allow userhelper_type var_t (lnk_file (read getattr))) ++ (allow userhelper_type var_run_t (lnk_file (read getattr))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_run_t (dir (getattr open search))) ++ (allow userhelper_type pam_var_run_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow userhelper_type pam_var_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_auth_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow userhelper_type var_auth_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow userhelper_type var_auth_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow userhelper_type var_auth_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow userhelper_type var_auth_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow userhelper_type var_auth_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename watch watch_reads))) ++ (allow userhelper_type var_t (lnk_file (read getattr))) ++ (allow userhelper_type var_run_t (lnk_file (read getattr))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_run_t (dir (getattr open search))) ++ (allow userhelper_type pam_var_console_t (dir (getattr open search))) ++ (allow userhelper_type init_t (fd (use))) ++ (allow userhelper_type var_t (lnk_file (read getattr))) ++ (allow userhelper_type var_run_t (lnk_file (read getattr))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_run_t (dir (getattr open search))) ++ (allow userhelper_type initrc_var_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow userhelper_type etc_t (dir (getattr open search))) ++ (allow userhelper_type selinux_config_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type selinux_config_t (dir (getattr open search))) ++ (allow userhelper_type selinux_config_t (file (ioctl read getattr lock open))) ++ (allow userhelper_type selinux_config_t (dir (getattr open search))) ++ (allow userhelper_type selinux_config_t (lnk_file (read getattr))) ++ (allow userhelper_type etc_t (dir (getattr open search))) ++ (allow userhelper_type selinux_config_t (dir (getattr open search))) ++ (allow userhelper_type default_context_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type default_context_t (dir (getattr open search))) ++ (allow userhelper_type default_context_t (file (ioctl read getattr lock open))) ++ (allow userhelper_type bin_t (dir (getattr open search))) ++ (allow userhelper_type bin_t (lnk_file (read getattr))) ++ (allow userhelper_type bin_t (file (ioctl read getattr map execute open))) ++ (allow userhelper_type unpriv_userdomain (process (transition))) ++ (allow userhelper_type usr_t (dir (getattr open search))) ++ (allow userhelper_type usr_t (lnk_file (read getattr))) ++ (allow userhelper_type usr_t (file (ioctl read getattr map execute open))) ++ (allow userhelper_type unpriv_userdomain (process (transition))) ++ (allow unpriv_userdomain userhelper_type (fd (use))) ++ (allow unpriv_userdomain userhelper_type (fifo_file (ioctl read write getattr lock append open))) ++ (allow unpriv_userdomain userhelper_type (process (sigchld))) ++ (allow userhelper_type entry_type (file (ioctl read getattr map execute open))) ++ (allow userhelper_type unpriv_userdomain (process (transition))) ++ (allow unpriv_userdomain userhelper_type (fd (use))) ++ (allow unpriv_userdomain userhelper_type (fifo_file (ioctl read write getattr lock append open))) ++ (allow unpriv_userdomain userhelper_type (process (sigchld))) ++ (typetransition userhelper_type var_run_t file "utmp" initrc_var_run_t) ++ (typetransition userhelper_type var_run_t dir "sudo" pam_var_run_t) ++ (typetransition userhelper_type var_run_t dir "sepermit" pam_var_run_t) ++ (typetransition userhelper_type var_run_t dir "pam_timestamp" pam_var_run_t) ++ (typetransition userhelper_type var_run_t dir "pam_ssh" pam_var_run_t) ++ (typetransition userhelper_type var_run_t dir "pam_mount" pam_var_run_t) ++ (optional confinedom_security_advanced_optional_5 ++ (typeattributeset cil_gen_require etc_t) ++ (typeattributeset cil_gen_require krb5_keytab_t) ++ (allow userhelper_type etc_t (dir (getattr open search))) ++ (allow userhelper_type krb5_keytab_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type krb5_keytab_t (file (ioctl read getattr lock open))) ++ ) ++ (optional confinedom_security_advanced_optional_6 ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require pcscd_var_run_t) ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require pcscd_t) ++ (allow userhelper_type var_t (lnk_file (read getattr))) ++ (allow userhelper_type var_run_t (lnk_file (read getattr))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_run_t (dir (getattr open search))) ++ (allow userhelper_type pcscd_var_run_t (dir (getattr open search))) ++ (allow userhelper_type pcscd_var_run_t (file (ioctl read getattr lock open))) ++ (allow userhelper_type var_t (lnk_file (read getattr))) ++ (allow userhelper_type var_run_t (lnk_file (read getattr))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_run_t (dir (getattr open search))) ++ (allow userhelper_type pcscd_var_run_t (dir (getattr open search))) ++ (allow userhelper_type pcscd_var_run_t (sock_file (write getattr append open))) ++ (allow userhelper_type pcscd_t (unix_stream_socket (connectto))) ++ ) ++ (optional confinedom_security_advanced_optional_7 ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require etc_t) ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require samba_var_t) ++ (typeattributeset cil_gen_require winbind_t) ++ (typeattributeset cil_gen_require winbind_var_run_t) ++ (typeattributeset cil_gen_require smbd_var_run_t) ++ (typeattributeset cil_gen_require samba_etc_t) ++ (allow userhelper_type var_t (lnk_file (read getattr))) ++ (allow userhelper_type var_run_t (lnk_file (read getattr))) ++ (allow userhelper_type var_t (dir (getattr open search))) ++ (allow userhelper_type var_run_t (dir (getattr open search))) ++ (allow userhelper_type smbd_var_run_t (dir (getattr open search))) ++ (allow userhelper_type samba_var_t (dir (getattr open search))) ++ (allow userhelper_type winbind_var_run_t (dir (getattr open search))) ++ (allow userhelper_type winbind_var_run_t (sock_file (write getattr append open))) ++ (allow userhelper_type winbind_t (unix_stream_socket (connectto))) ++ (allow userhelper_type etc_t (dir (getattr open search))) ++ (allow userhelper_type samba_etc_t (dir (getattr open search))) ++ (allow userhelper_type samba_etc_t (dir (ioctl read getattr lock open search))) ++ (allow userhelper_type samba_etc_t (dir (getattr open search))) ++ (allow userhelper_type samba_etc_t (file (ioctl read getattr lock open))) ++ ) ++ (optional confinedom_security_advanced_optional_8 ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require rpm_t) ++ (typeattributeset cil_gen_require rpm_exec_t) ++ (typeattributeset cil_gen_require rpm_transition_domain) ++ (typeattributeset cil_gen_require debuginfo_exec_t) ++ (typeattributeset cil_gen_require rpm_transition_domain) ++ (typeattributeset rpm_transition_domain (userhelper_type )) ++ (allow userhelper_type bin_t (dir (getattr open search))) ++ (allow userhelper_type bin_t (lnk_file (read getattr))) ++ (allow userhelper_type bin_t (dir (getattr open search))) ++ (allow userhelper_type bin_t (dir (getattr open search))) ++ (allow userhelper_type rpm_exec_t (file (ioctl read getattr map execute open))) ++ (allow userhelper_type rpm_t (process (transition))) ++ (typetransition userhelper_type rpm_exec_t process rpm_t) ++ (allow rpm_t userhelper_type (fd (use))) ++ (allow rpm_t userhelper_type (fifo_file (ioctl read write getattr lock append))) ++ (allow rpm_t userhelper_type (process (sigchld))) ++ (allow userhelper_type bin_t (dir (getattr open search))) ++ (allow userhelper_type bin_t (lnk_file (read getattr))) ++ (allow userhelper_type bin_t (dir (getattr open search))) ++ (allow userhelper_type bin_t (dir (getattr open search))) ++ (allow userhelper_type debuginfo_exec_t (file (ioctl read getattr map execute open))) ++ (allow userhelper_type rpm_t (process (transition))) ++ (typetransition userhelper_type debuginfo_exec_t process rpm_t) ++ (allow rpm_t userhelper_type (fd (use))) ++ (allow rpm_t userhelper_type (fifo_file (ioctl read write getattr lock append))) ++ (allow rpm_t userhelper_type (process (sigchld))) ++ (allow userhelper_type debuginfo_exec_t (dir (getattr open search))) ++ (allow userhelper_type debuginfo_exec_t (lnk_file (read getattr))) ++ ) ++ (optional confinedom_security_advanced_optional_9 ++ (typeattributeset cil_gen_require usr_t) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset cil_gen_require sysadm_t) ++ (booleanif (secure_mode) ++ (false ++ (allow sysadm_t userhelper_type (process (sigchld))) ++ (allow sysadm_t userhelper_type (fifo_file (ioctl read write getattr lock append open))) ++ (allow sysadm_t userhelper_type (fd (use))) ++ (allow userhelper_type sysadm_t (process (transition))) ++ (allow userhelper_type entry_type (file (ioctl read getattr map execute open))) ++ (allow sysadm_t userhelper_type (process (sigchld))) ++ (allow sysadm_t userhelper_type (fifo_file (ioctl read write getattr lock append open))) ++ (allow sysadm_t userhelper_type (fd (use))) ++ (allow userhelper_type sysadm_t (process (transition))) ++ (allow userhelper_type usr_t (file (ioctl read getattr map execute open))) ++ (allow userhelper_type usr_t (lnk_file (read getattr))) ++ (allow userhelper_type usr_t (dir (getattr open search))) ++ (allow userhelper_type sysadm_t (process (transition))) ++ (allow userhelper_type bin_t (file (ioctl read getattr map execute open))) ++ (allow userhelper_type bin_t (lnk_file (read getattr))) ++ (allow userhelper_type bin_t (dir (getattr open search))) ++ ) ++ ) ++ ) ++ ) ++ ) ++) ++ ++(macro confinedom_security_basic_macro ((type utype) (role urole)) ++ (optional confinedom_security_basic_optional_2 ++ (typeattributeset cil_gen_require utype) ++ (typeattributeset cil_gen_require security_t) ++ (typeattributeset cil_gen_require can_load_policy) ++ (typeattributeset cil_gen_require sysfs_t) ++ (typeattributeset cil_gen_require can_load_policy) ++ (typeattributeset can_load_policy (utype )) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype security_t (dir (ioctl read getattr lock open search))) ++ (allow utype security_t (file (ioctl read write getattr lock append open))) ++ (allow utype security_t (lnk_file (read getattr))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype security_t (dir (ioctl read getattr lock open search))) ++ (allow utype security_t (file (ioctl read getattr lock open))) ++ (allow utype security_t (lnk_file (read getattr))) ++ (allow utype security_t (security (read_policy))) ++ ) ++) ++ ++(macro confinedom_sudo_macro ((type utype) (role urole) (type sudo_type) (type sudo_tmp_type)) ++ (optional confinedom_sudo_optional ++ ;(type sudo_type) ++ (roletype object_r sudo_type) ++ ;(type sudo_tmp_type) ++ (roletype object_r sudo_tmp_type) ++ (roleattributeset cil_gen_require urole) ++ (typeattributeset cil_gen_require utype) ++ (typeattributeset cil_gen_require sudo_type) ++ (typeattributeset cil_gen_require kernel_t) ++ (typeattributeset cil_gen_require sudo_exec_t) ++ (typeattributeset cil_gen_require sudo_db_t) ++ (typeattributeset cil_gen_require sudodomain) ++ (typeattributeset cil_gen_require application_domain_type) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset cil_gen_require corenet_unlabeled_type) ++ (typeattributeset cil_gen_require application_exec_type) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset cil_gen_require ubac_constrained_type) ++ (typeattributeset cil_gen_require privfd) ++ (typeattributeset cil_gen_require can_change_process_role) ++ (typeattributeset cil_gen_require userdom_home_manager_type) ++ (typeattributeset cil_gen_require tmpfile) ++ (typeattributeset cil_gen_require tmp_t) ++ (typeattributeset cil_gen_require polymember) ++ (typeattributeset cil_gen_require shell_exec_t) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require usr_t) ++ (typeattributeset cil_gen_require user_home_t) ++ (typeattributeset cil_gen_require user_tmp_t) ++ (typeattributeset cil_gen_require tmpfs_t) ++ (typeattributeset cil_gen_require kernel_system_state_reader) ++ (typeattributeset cil_gen_require security_t) ++ (typeattributeset cil_gen_require sysfs_t) ++ (typeattributeset cil_gen_require selinux_config_t) ++ (typeattributeset cil_gen_require etc_t) ++ (typeattributeset cil_gen_require chkpwd_t) ++ (typeattributeset cil_gen_require chkpwd_exec_t) ++ (typeattributeset cil_gen_require shadow_t) ++ (typeattributeset cil_gen_require auth_cache_t) ++ (typeattributeset cil_gen_require device_t) ++ (typeattributeset cil_gen_require random_device_t) ++ (typeattributeset cil_gen_require urandom_device_t) ++ (typeattributeset cil_gen_require nsswitch_domain) ++ (typeattributeset cil_gen_require netlabel_peer_type) ++ (typeattributeset cil_gen_require faillog_t) ++ (typeattributeset cil_gen_require var_log_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require cert_t) ++ (typeattributeset cil_gen_require updpwd_t) ++ (typeattributeset cil_gen_require updpwd_exec_t) ++ (typeattributeset cil_gen_require syslog_client_type) ++ (typeattributeset cil_gen_require syslogd_var_run_t) ++ (typeattributeset cil_gen_require devpts_t) ++ (typeattributeset cil_gen_require sshd_devpts_t) ++ (typeattributeset cil_gen_require systemd_unit_file_type) ++ (typeattributeset cil_gen_require init_script_file_type) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole sudo_type) ++ (roletype urole chkpwd_t) ++ (roletype urole updpwd_t) ++ (typeattributeset cil_gen_require netlabel_peer_type) ++ (typeattributeset netlabel_peer_type (sudo_type )) ++ (typeattributeset cil_gen_require corenet_unlabeled_type) ++ (typeattributeset corenet_unlabeled_type (sudo_type )) ++ (typeattributeset cil_gen_require privfd) ++ (typeattributeset privfd (sudo_type )) ++ (typeattributeset cil_gen_require syslog_client_type) ++ (typeattributeset syslog_client_type (sudo_type )) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset file_type (sudo_exec_t sudo_tmp_type )) ++ (typeattributeset cil_gen_require tmpfile) ++ (typeattributeset tmpfile (sudo_tmp_type )) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset non_security_file_type (sudo_exec_t sudo_tmp_type )) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset exec_type (sudo_exec_t )) ++ (typeattributeset cil_gen_require application_domain_type) ++ (typeattributeset application_domain_type (sudo_type )) ++ (typeattributeset cil_gen_require polymember) ++ (typeattributeset polymember (sudo_tmp_type )) ++ (typeattributeset cil_gen_require userdom_home_manager_type) ++ (typeattributeset userdom_home_manager_type (sudo_type )) ++ (typeattributeset cil_gen_require ubac_constrained_type) ++ (typeattributeset ubac_constrained_type (sudo_type )) ++ (typeattributeset cil_gen_require kernel_system_state_reader) ++ (typeattributeset kernel_system_state_reader (sudo_type )) ++ (typeattributeset cil_gen_require can_change_process_role) ++ (typeattributeset can_change_process_role (sudo_type )) ++ (typeattributeset cil_gen_require application_exec_type) ++ (typeattributeset application_exec_type (sudo_exec_t )) ++ (typeattributeset cil_gen_require nsswitch_domain) ++ (typeattributeset nsswitch_domain (sudo_type )) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset entry_type (sudo_exec_t )) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset non_auth_file_type (sudo_exec_t sudo_tmp_type )) ++ (typeattributeset cil_gen_require sudodomain) ++ (typeattributeset sudodomain (sudo_type )) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset domain (sudo_type )) ++ (allow sudo_type kernel_t (system (module_request))) ++ (allow sudo_type sudo_exec_t (file (entrypoint))) ++ (allow sudo_type sudo_exec_t (file (ioctl read getattr lock map execute open))) ++ (allow sudo_type sudo_tmp_type (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow sudo_type tmp_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (typetransition sudo_type tmp_t file sudo_tmp_type) ++ (allow sudo_type utype (dir (getattr open search))) ++ (allow sudo_type utype (file (ioctl read getattr lock open))) ++ (allow sudo_type utype (key (search))) ++ (allow sudo_type utype (unix_stream_socket (read write connectto))) ++ (allow utype sudo_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype sudo_type (process (transition))) ++ (typetransition utype sudo_exec_t process sudo_type) ++ (allow sudo_type utype (fd (use))) ++ (allow sudo_type utype (fifo_file (ioctl read write getattr lock append))) ++ (allow sudo_type utype (process (sigchld))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (dir (ioctl read getattr lock open search))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (lnk_file (read getattr))) ++ (allow sudo_type shell_exec_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type utype (process (transition))) ++ (typetransition sudo_type shell_exec_t process utype) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (lnk_file (read getattr))) ++ (allow sudo_type bin_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type utype (process (transition))) ++ (allow sudo_type usr_t (dir (getattr open search))) ++ (allow sudo_type usr_t (lnk_file (read getattr))) ++ (allow sudo_type usr_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type utype (process (transition))) ++ (typetransition sudo_type bin_t process utype) ++ (typetransition sudo_type usr_t process utype) ++ (allow sudo_type user_home_t (dir (getattr open search))) ++ (allow sudo_type user_home_t (lnk_file (read getattr))) ++ (allow sudo_type user_home_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type utype (process (transition))) ++ (typetransition sudo_type user_home_t process utype) ++ (allow sudo_type tmpfs_t (dir (getattr open search))) ++ (allow sudo_type tmp_t (dir (getattr open search))) ++ (allow sudo_type tmp_t (lnk_file (read getattr))) ++ (allow sudo_type tmp_t (dir (getattr open search))) ++ (allow sudo_type user_tmp_t (dir (getattr open search))) ++ (allow sudo_type user_tmp_t (lnk_file (read getattr))) ++ (allow sudo_type user_tmp_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type utype (process (transition))) ++ (typetransition sudo_type user_tmp_t process utype) ++ (allow utype sudo_exec_t (file (entrypoint))) ++ (allow utype sudo_exec_t (file (ioctl read getattr lock map execute open))) ++ (allow sudo_type sudo_exec_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type utype (process (transition))) ++ (typetransition sudo_type sudo_exec_t process utype) ++ (allow utype sudo_type (fd (use))) ++ (allow utype sudo_type (fifo_file (ioctl read write getattr lock append open))) ++ (allow utype sudo_type (process (sigchld sigkill sigstop signull signal))) ++ (allow sudo_type security_t (lnk_file (read getattr))) ++ (allow sudo_type sysfs_t (filesystem (getattr))) ++ (allow sudo_type sysfs_t (dir (getattr open search))) ++ (allow sudo_type sysfs_t (dir (getattr open search))) ++ (allow sudo_type security_t (filesystem (getattr))) ++ (allow sudo_type etc_t (dir (getattr open search))) ++ (allow sudo_type selinux_config_t (dir (ioctl read getattr lock open search))) ++ (allow sudo_type selinux_config_t (dir (getattr open search))) ++ (allow sudo_type selinux_config_t (file (ioctl read getattr lock open))) ++ (allow sudo_type selinux_config_t (dir (getattr open search))) ++ (allow sudo_type selinux_config_t (lnk_file (read getattr))) ++ (allow sudo_type auth_cache_t (dir (getattr open search))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (lnk_file (read getattr))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type chkpwd_exec_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type chkpwd_t (process (transition))) ++ (typetransition sudo_type chkpwd_exec_t process chkpwd_t) ++ (allow chkpwd_t sudo_type (fd (use))) ++ (allow chkpwd_t sudo_type (fifo_file (ioctl read write getattr lock append))) ++ (allow chkpwd_t sudo_type (process (sigchld))) ++ (allow sudo_type chkpwd_exec_t (file (map))) ++ (dontaudit sudo_type shadow_t (file (ioctl read getattr lock open))) ++ (allow sudo_type device_t (dir (getattr open search))) ++ (allow sudo_type random_device_t (chr_file (ioctl read getattr lock open))) ++ (allow sudo_type device_t (dir (getattr open search))) ++ (allow sudo_type urandom_device_t (chr_file (ioctl read getattr lock open))) ++ (allow sudo_type var_t (dir (getattr open search))) ++ (allow sudo_type var_log_t (dir (getattr open search))) ++ (allow sudo_type faillog_t (dir (getattr open search))) ++ (allow sudo_type faillog_t (file (ioctl read write getattr lock append open))) ++ (allow sudo_type self (capability (audit_write))) ++ (allow sudo_type self (netlink_audit_socket (ioctl read write create getattr setattr lock append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay nlmsg_tty_audit))) ++ (allow sudo_type cert_t (dir (ioctl read getattr lock open search))) ++ (allow sudo_type cert_t (dir (getattr open search))) ++ (allow sudo_type cert_t (file (ioctl read getattr lock open))) ++ (allow sudo_type cert_t (dir (getattr open search))) ++ (allow sudo_type cert_t (lnk_file (read getattr))) ++ (allow sudo_type updpwd_exec_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type updpwd_t (process (transition))) ++ (typetransition sudo_type updpwd_exec_t process updpwd_t) ++ (allow updpwd_t sudo_type (fd (use))) ++ (allow updpwd_t sudo_type (fifo_file (ioctl read write getattr lock append))) ++ (allow updpwd_t sudo_type (process (sigchld))) ++ (dontaudit sudo_type shadow_t (file (ioctl read getattr lock open))) ++ (allow sudo_type updpwd_exec_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type updpwd_t (process (transition))) ++ (typetransition sudo_type updpwd_exec_t process updpwd_t) ++ (allow updpwd_t sudo_type (fd (use))) ++ (allow updpwd_t sudo_type (fifo_file (ioctl read write getattr lock append))) ++ (allow updpwd_t sudo_type (process (sigchld))) ++ (dontaudit sudo_type shadow_t (file (ioctl read getattr lock open))) ++ (allow sudo_type syslogd_var_run_t (dir (getattr open search))) ++ (allow sudo_type syslogd_var_run_t (file (ioctl read getattr lock open map))) ++ (allow sudo_type syslogd_var_run_t (dir (getattr open search))) ++ (allow sudo_type syslogd_var_run_t (dir (ioctl read getattr lock open search))) ++ (allow sudo_type device_t (dir (getattr open search))) ++ (allow sudo_type device_t (dir (ioctl read getattr lock open search))) ++ (allow sudo_type device_t (dir (getattr open search))) ++ (allow sudo_type device_t (lnk_file (read getattr))) ++ (allow sudo_type devpts_t (dir (ioctl read getattr lock open search))) ++ (allow sudo_type devpts_t (chr_file (ioctl read write getattr lock append open))) ++ (allow sudo_type devpts_t (chr_file (setattr))) ++ (allow sudo_type sshd_devpts_t (chr_file (ioctl read write getattr lock append))) ++ (allow sudo_type systemd_unit_file_type (service (start stop status reload enable disable))) ++ (allow sudo_type init_script_file_type (service (start stop status reload enable disable))) ++ (optional confinedom_sudo_optional_3 ++ (typeattributeset cil_gen_require etc_t) ++ (typeattributeset cil_gen_require krb5_keytab_t) ++ (allow sudo_type etc_t (dir (getattr open search))) ++ (allow sudo_type krb5_keytab_t (dir (ioctl read getattr lock open search))) ++ (allow sudo_type krb5_keytab_t (file (ioctl read getattr lock open))) ++ ) ++ (optional confinedom_sudo_optional_4 ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require pcscd_var_run_t) ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require pcscd_t) ++ (allow sudo_type var_t (lnk_file (read getattr))) ++ (allow sudo_type var_run_t (lnk_file (read getattr))) ++ (allow sudo_type var_t (dir (getattr open search))) ++ (allow sudo_type var_run_t (dir (getattr open search))) ++ (allow sudo_type pcscd_var_run_t (dir (getattr open search))) ++ (allow sudo_type pcscd_var_run_t (file (ioctl read getattr lock open))) ++ (allow sudo_type var_t (lnk_file (read getattr))) ++ (allow sudo_type var_run_t (lnk_file (read getattr))) ++ (allow sudo_type var_t (dir (getattr open search))) ++ (allow sudo_type var_run_t (dir (getattr open search))) ++ (allow sudo_type pcscd_var_run_t (dir (getattr open search))) ++ (allow sudo_type pcscd_var_run_t (sock_file (write getattr append open))) ++ (allow sudo_type pcscd_t (unix_stream_socket (connectto))) ++ ) ++ (optional confinedom_sudo_optional_5 ++ (typeattributeset cil_gen_require etc_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require samba_var_t) ++ (typeattributeset cil_gen_require winbind_t) ++ (typeattributeset cil_gen_require winbind_var_run_t) ++ (typeattributeset cil_gen_require smbd_var_run_t) ++ (typeattributeset cil_gen_require samba_etc_t) ++ (allow sudo_type var_t (lnk_file (read getattr))) ++ (allow sudo_type var_run_t (lnk_file (read getattr))) ++ (allow sudo_type var_t (dir (getattr open search))) ++ (allow sudo_type var_run_t (dir (getattr open search))) ++ (allow sudo_type smbd_var_run_t (dir (getattr open search))) ++ (allow sudo_type samba_var_t (dir (getattr open search))) ++ (allow sudo_type winbind_var_run_t (dir (getattr open search))) ++ (allow sudo_type winbind_var_run_t (sock_file (write getattr append open))) ++ (allow sudo_type winbind_t (unix_stream_socket (connectto))) ++ (allow sudo_type etc_t (dir (getattr open search))) ++ (allow sudo_type samba_etc_t (dir (getattr open search))) ++ (allow sudo_type samba_etc_t (dir (ioctl read getattr lock open search))) ++ (allow sudo_type samba_etc_t (dir (getattr open search))) ++ (allow sudo_type samba_etc_t (file (ioctl read getattr lock open))) ++ ) ++ (optional confinedom_sudo_optional_6 ++ (typeattributeset cil_gen_require mta_user_agent) ++ (typeattributeset cil_gen_require user_mail_t) ++ (typeattributeset cil_gen_require sendmail_exec_t) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole mta_user_agent) ++ (roletype urole user_mail_t) ++ (allow sudo_type sendmail_exec_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type user_mail_t (process (transition))) ++ (typetransition sudo_type sendmail_exec_t process user_mail_t) ++ (allow user_mail_t sudo_type (fd (use))) ++ (allow user_mail_t sudo_type (fifo_file (ioctl read write getattr lock append))) ++ (allow user_mail_t sudo_type (process (sigchld))) ++ (allow sudo_type sendmail_exec_t (lnk_file (read getattr))) ++ (allow mta_user_agent sudo_type (fd (use))) ++ (allow mta_user_agent sudo_type (process (sigchld))) ++ (allow mta_user_agent sudo_type (fifo_file (ioctl read write getattr lock append))) ++ (allow sudo_type user_mail_t (process (signal))) ++ (optional confinedom_sudo_optional_7 ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require exim_t) ++ (typeattributeset cil_gen_require exim_exec_t) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole exim_t) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (lnk_file (read getattr))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type exim_exec_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type exim_t (process (transition))) ++ (typetransition sudo_type exim_exec_t process exim_t) ++ (allow exim_t sudo_type (fd (use))) ++ (allow exim_t sudo_type (fifo_file (ioctl read write getattr lock append))) ++ (allow exim_t sudo_type (process (sigchld))) ++ ) ++ (optional confinedom_sudo_optional_8 ++ (typeattributeset cil_gen_require mailman_mail_t) ++ (typeattributeset cil_gen_require mailman_mail_exec_t) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole mailman_mail_t) ++ (allow mta_user_agent mailman_mail_exec_t (file (ioctl read getattr map execute open))) ++ (allow mta_user_agent mailman_mail_t (process (transition))) ++ (typetransition mta_user_agent mailman_mail_exec_t process mailman_mail_t) ++ (allow mailman_mail_t mta_user_agent (fd (use))) ++ (allow mailman_mail_t mta_user_agent (fifo_file (ioctl read write getattr lock append))) ++ (allow mailman_mail_t mta_user_agent (process (sigchld))) ++ ) ++ ) ++ (optional confinedom_sudo_optional_9 ++ (roleattributeset cil_gen_require rpm_script_roles) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require rpm_t) ++ (typeattributeset cil_gen_require rpm_script_t) ++ (typeattributeset cil_gen_require rpm_exec_t) ++ (typeattributeset cil_gen_require rpm_transition_domain) ++ (typeattributeset cil_gen_require debuginfo_exec_t) ++ (typeattributeset cil_gen_require can_system_change) ++ (roleattributeset cil_gen_require rpm_script_roles) ++ (roleattributeset rpm_script_roles (urole )) ++ (typeattributeset cil_gen_require rpm_transition_domain) ++ (typeattributeset rpm_transition_domain (sudo_type )) ++ (typeattributeset cil_gen_require can_system_change) ++ (typeattributeset can_system_change (sudo_type )) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (lnk_file (read getattr))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type rpm_exec_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type rpm_t (process (transition))) ++ (typetransition sudo_type rpm_exec_t process rpm_t) ++ (allow rpm_t sudo_type (fd (use))) ++ (allow rpm_t sudo_type (fifo_file (ioctl read write getattr lock append))) ++ (allow rpm_t sudo_type (process (sigchld))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (lnk_file (read getattr))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type debuginfo_exec_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type rpm_t (process (transition))) ++ (typetransition sudo_type debuginfo_exec_t process rpm_t) ++ (allow rpm_t sudo_type (fd (use))) ++ (allow rpm_t sudo_type (fifo_file (ioctl read write getattr lock append))) ++ (allow rpm_t sudo_type (process (sigchld))) ++ (allow sudo_type debuginfo_exec_t (dir (getattr open search))) ++ (allow sudo_type debuginfo_exec_t (lnk_file (read getattr))) ++ (allow sudo_type rpm_script_t (process (transition))) ++ (allow sudo_type rpm_script_t (fd (use))) ++ (allow rpm_script_t sudo_type (fd (use))) ++ (allow rpm_script_t sudo_type (fifo_file (ioctl read write getattr lock append open))) ++ (allow rpm_script_t sudo_type (process (sigchld))) ++ ) ++ (optional confinedom_sudo_optional_10 ++ (typeattributeset cil_gen_require tmp_t) ++ (typeattributeset cil_gen_require tmpfs_t) ++ (typeattributeset cil_gen_require security_t) ++ (typeattributeset cil_gen_require sysfs_t) ++ (typeattributeset cil_gen_require selinux_config_t) ++ (typeattributeset cil_gen_require etc_t) ++ (typeattributeset cil_gen_require krb5_host_rcache_t) ++ (typeattributeset cil_gen_require can_change_object_identity) ++ (typeattributeset cil_gen_require default_context_t) ++ (typeattributeset cil_gen_require file_context_t) ++ (typeattributeset cil_gen_require krb5_conf_t) ++ (typeattributeset cil_gen_require krb5_home_t) ++ (typeattributeset cil_gen_require can_change_object_identity) ++ (typeattributeset can_change_object_identity (sudo_type )) ++ (allow sudo_type etc_t (dir (getattr open search))) ++ (allow sudo_type krb5_conf_t (file (ioctl read getattr lock open))) ++ (allow sudo_type krb5_home_t (file (ioctl read getattr lock open))) ++ (booleanif (kerberos_enabled) ++ (true ++ (allow sudo_type tmp_t (dir (getattr open search))) ++ (allow sudo_type tmp_t (lnk_file (read getattr))) ++ (allow sudo_type tmp_t (dir (getattr open search))) ++ (allow sudo_type tmpfs_t (dir (getattr open search))) ++ (allow sudo_type krb5_host_rcache_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow sudo_type krb5_host_rcache_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type tmp_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow sudo_type tmp_t (dir (getattr open search))) ++ (allow sudo_type tmp_t (lnk_file (read getattr))) ++ (allow sudo_type tmp_t (dir (getattr open search))) ++ (allow sudo_type tmpfs_t (dir (getattr open search))) ++ (allow sudo_type file_context_t (file (map))) ++ (allow sudo_type file_context_t (lnk_file (read getattr))) ++ (allow sudo_type file_context_t (dir (getattr open search))) ++ (allow sudo_type file_context_t (file (ioctl read getattr lock open))) ++ (allow sudo_type file_context_t (dir (getattr open search))) ++ (allow sudo_type file_context_t (dir (ioctl read getattr lock open search))) ++ (allow sudo_type file_context_t (dir (getattr open search))) ++ (allow sudo_type selinux_config_t (dir (getattr open search))) ++ (allow sudo_type default_context_t (dir (getattr open search))) ++ (allow sudo_type etc_t (dir (getattr open search))) ++ (allow sudo_type security_t (security (check_context))) ++ (allow sudo_type security_t (file (ioctl read write getattr lock append map open))) ++ (allow sudo_type security_t (dir (ioctl read getattr lock open search))) ++ (allow sudo_type security_t (lnk_file (read getattr))) ++ (allow sudo_type sysfs_t (dir (getattr open search))) ++ (allow sudo_type sysfs_t (dir (getattr open search))) ++ (allow sudo_type sysfs_t (filesystem (getattr))) ++ (allow sudo_type self (process (setfscreate))) ++ ) ++ ) ++ ) ++ (optional confinedom_sudo_optional_11 ++ (typeattributeset cil_gen_require systemd_systemctl_exec_t) ++ (allow sudo_type systemd_systemctl_exec_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type utype (process (transition))) ++ (typetransition sudo_type systemd_systemctl_exec_t process utype) ++ (allow utype systemd_systemctl_exec_t (file (entrypoint))) ++ ) ++ (optional confinedom_sudo_optional_12 ++ (typeattributeset cil_gen_require tmp_t) ++ (typeattributeset cil_gen_require user_tmp_t) ++ (typeattributeset cil_gen_require tmpfs_t) ++ (allow sudo_type user_tmp_t (sock_file (write getattr append open))) ++ (allow sudo_type tmpfs_t (dir (getattr open search))) ++ (allow sudo_type tmp_t (dir (getattr open search))) ++ (allow sudo_type tmp_t (lnk_file (read getattr))) ++ (allow sudo_type tmp_t (dir (getattr open search))) ++ (optional confinedom_sudo_optional_13 ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require passwd_t) ++ (typeattributeset cil_gen_require passwd_exec_t) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (lnk_file (read getattr))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type bin_t (dir (getattr open search))) ++ (allow sudo_type passwd_exec_t (file (ioctl read getattr map execute open))) ++ (allow sudo_type passwd_t (process (transition))) ++ (typetransition sudo_type passwd_exec_t process passwd_t) ++ (allow passwd_t sudo_type (fd (use))) ++ (allow passwd_t sudo_type (fifo_file (ioctl read write getattr lock append))) ++ (allow passwd_t sudo_type (process (sigchld))) ++ ) ++ ) ++ ) ++) ++ ++(macro confinedom_user_login_macro ((type utype) (role urole) (type gkeyringd_type) (type dbusd_type) (boolean exec_content_bool)) ++ (optional confinedom_user_login_optional_2 ++ (roletype object_r utype) ++ (typeattributeset cil_gen_require userdomain) ++ (typeattributeset cil_gen_require login_confinedom) ++ (typeattributeset cil_gen_require user_devpts_t) ++ (typeattributeset cil_gen_require user_tty_device_t) ++ (typeattributeset cil_gen_require shell_exec_t) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset cil_gen_require corenet_unlabeled_type) ++ (typeattributeset cil_gen_require process_user_target) ++ (typeattributeset cil_gen_require ubac_constrained_type) ++ (typeattributeset cil_gen_require userdom_filetrans_type) ++ (typeattributeset cil_gen_require user_tmp_t) ++ (typeattributeset cil_gen_require user_tmp_type) ++ (typeattributeset cil_gen_require tmp_t) ++ (typeattributeset cil_gen_require tmpfs_t) ++ (typeattributeset cil_gen_require user_home_dir_t) ++ (typeattributeset cil_gen_require user_home_t) ++ (typeattributeset cil_gen_require user_home_type) ++ (typeattributeset cil_gen_require home_root_t) ++ (typeattributeset cil_gen_require user_home_content_type) ++ (typeattributeset cil_gen_require polymember) ++ (typeattributeset cil_gen_require nfs_t) ++ (typeattributeset cil_gen_require cifs_t) ++ (typeattributeset cil_gen_require bsdpty_device_t) ++ (typeattributeset cil_gen_require devpts_t) ++ (typeattributeset cil_gen_require ptmx_t) ++ (typeattributeset cil_gen_require device_t) ++ (typeattributeset cil_gen_require ttynode) ++ (typeattributeset cil_gen_require ptynode) ++ (typeattributeset cil_gen_require console_device_t) ++ (typeattributeset cil_gen_require tty_device_t) ++ (typeattributeset cil_gen_require server_ptynode) ++ (typeattributeset cil_gen_require device_node) ++ (typeattributeset cil_gen_require virtio_device_t) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require base_ro_file_type) ++ (typeattributeset cil_gen_require application_exec_type) ++ (typeattributeset cil_gen_require chkpwd_t) ++ (typeattributeset cil_gen_require chkpwd_exec_t) ++ (typeattributeset cil_gen_require shadow_t) ++ (typeattributeset cil_gen_require updpwd_t) ++ (typeattributeset cil_gen_require updpwd_exec_t) ++ (typeattributeset cil_gen_require passwd_file_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require var_lib_t) ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require init_t) ++ (typeattributeset cil_gen_require nsswitch_domain) ++ (typeattributeset cil_gen_require netlabel_peer_type) ++ (typeattributeset cil_gen_require boot_t) ++ (typeattributeset cil_gen_require cgroup_t) ++ (typeattributeset cil_gen_require filesystem_type) ++ (typeattributeset cil_gen_require fs_t) ++ (typeattributeset cil_gen_require sysfs_t) ++ (typeattributeset cil_gen_require init_exec_t) ++ (typeattributeset cil_gen_require systemd_systemctl_exec_t) ++ (typeattributeset cil_gen_require efivarfs_t) ++ (typeattributeset cil_gen_require systemd_unit_file_type) ++ (typeattributeset cil_gen_require init_var_run_t) ++ (typeattributeset cil_gen_require systemd_logind_var_run_t) ++ (typeattributeset cil_gen_require systemd_passwd_agent_t) ++ (typeattributeset cil_gen_require systemd_passwd_agent_exec_t) ++ (typeattributeset cil_gen_require systemd_passwd_var_run_t) ++ (typeattributeset cil_gen_require kernel_t) ++ (typeattributeset cil_gen_require sysctl_type) ++ (typeattributeset cil_gen_require proc_t) ++ (typeattributeset cil_gen_require proc_net_t) ++ (typeattributeset cil_gen_require syslog_client_type) ++ (typeattributeset cil_gen_require locale_t) ++ (typeattributeset cil_gen_require mount_var_run_t) ++ (typeattributeset cil_gen_require sound_device_t) ++ (typeattributeset cil_gen_require security_t) ++ (typeattributeset cil_gen_require kernel_system_state_reader) ++ (typeattributeset cil_gen_require selinux_config_t) ++ (typeattributeset cil_gen_require etc_t) ++ (typeattributeset cil_gen_require default_context_t) ++ (typeattributeset cil_gen_require file_context_t) ++ (typeattributeset cil_gen_require fixed_disk_device_t) ++ (typeattributeset cil_gen_require systemd_hostnamed_t) ++ (typeattributeset cil_gen_require systemd_tmpfiles_exec_t) ++ (typeattributeset cil_gen_require udev_var_run_t) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole utype) ++ (roletype urole user_tmp_t) ++ (typeattributeset cil_gen_require netlabel_peer_type) ++ (typeattributeset netlabel_peer_type (utype )) ++ (typeattributeset cil_gen_require login_confinedom) ++ (typeattributeset login_confinedom (utype )) ++ (typeattributeset cil_gen_require corenet_unlabeled_type) ++ (typeattributeset corenet_unlabeled_type (utype )) ++ (typeattributeset cil_gen_require syslog_client_type) ++ (typeattributeset syslog_client_type (utype )) ++ (typeattributeset cil_gen_require device_node) ++ (typeattributeset device_node (user_devpts_t )) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset file_type (utype shell_exec_t )) ++ (typeattributeset cil_gen_require ptynode) ++ (typeattributeset ptynode (user_devpts_t )) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset non_security_file_type (utype shell_exec_t )) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset exec_type (shell_exec_t )) ++ (typeattributeset cil_gen_require user_home_content_type) ++ (typeattributeset user_home_content_type (utype )) ++ (typeattributeset cil_gen_require polymember) ++ (typeattributeset polymember (utype )) ++ (typeattributeset cil_gen_require ubac_constrained_type) ++ (typeattributeset ubac_constrained_type (utype )) ++ (typeattributeset cil_gen_require kernel_system_state_reader) ++ (typeattributeset kernel_system_state_reader (utype )) ++ (typeattributeset cil_gen_require userdom_filetrans_type) ++ (typeattributeset userdom_filetrans_type (utype )) ++ (typeattributeset cil_gen_require nsswitch_domain) ++ (typeattributeset nsswitch_domain (utype )) ++ (typeattributeset cil_gen_require user_home_type) ++ (typeattributeset user_home_type (utype )) ++ (typeattributeset cil_gen_require userdomain) ++ (typeattributeset userdomain (utype )) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset entry_type (shell_exec_t )) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset non_auth_file_type (utype shell_exec_t )) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset domain (utype )) ++ (typeattributeset cil_gen_require process_user_target) ++ (typeattributeset process_user_target (utype )) ++ (allow utype shell_exec_t (file (entrypoint))) ++ (allow utype shell_exec_t (file (ioctl read getattr lock map execute open))) ++ (allow utype user_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype user_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_tmp_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (typemember utype tmp_t dir user_tmp_t) ++ (allow utype user_tmp_type (dir (mounton))) ++ (allow utype user_tmp_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_tmp_type (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype user_tmp_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_tmp_type (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype user_tmp_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_tmp_type (lnk_file (ioctl read write create getattr setattr lock append unlink link rename watch watch_reads))) ++ (allow utype user_tmp_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_tmp_type (sock_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype user_tmp_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_tmp_type (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype tmp_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (typetransition utype tmp_t fifo_file user_tmp_t) ++ (typetransition utype tmp_t sock_file user_tmp_t) ++ (typetransition utype tmp_t lnk_file user_tmp_t) ++ (typetransition utype tmp_t dir user_tmp_t) ++ (typetransition utype tmp_t file user_tmp_t) ++ (allow user_tmp_t tmpfs_t (filesystem (associate))) ++ (allow utype tmpfs_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (typetransition utype tmpfs_t fifo_file user_tmp_t) ++ (typetransition utype tmpfs_t sock_file user_tmp_t) ++ (typetransition utype tmpfs_t lnk_file user_tmp_t) ++ (typetransition utype tmpfs_t dir user_tmp_t) ++ (typetransition utype tmpfs_t file user_tmp_t) ++ (allow utype user_tmp_type (dir (getattr open search))) ++ (allow utype user_tmp_type (dir (getattr relabelfrom relabelto))) ++ (allow utype user_tmp_type (dir (getattr open search))) ++ (allow utype user_tmp_type (file (getattr relabelfrom relabelto))) ++ (allow utype user_tmp_type (dir (getattr open search))) ++ (allow utype user_tmp_type (lnk_file (getattr relabelfrom relabelto))) ++ (allow utype user_tmp_type (dir (getattr open search))) ++ (allow utype user_tmp_type (sock_file (getattr relabelfrom relabelto))) ++ (allow utype user_tmp_type (dir (getattr open search))) ++ (allow utype user_tmp_type (fifo_file (getattr relabelfrom relabelto))) ++ (allow utype user_tmp_type (file (map))) ++ (allow utype home_root_t (dir (ioctl read getattr lock open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (lnk_file (ioctl read write create getattr setattr lock append unlink link rename watch watch_reads))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (sock_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_home_type (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype user_home_dir_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (typetransition utype user_home_dir_t fifo_file user_home_t) ++ (typetransition utype user_home_dir_t sock_file user_home_t) ++ (typetransition utype user_home_dir_t lnk_file user_home_t) ++ (typetransition utype user_home_dir_t dir user_home_t) ++ (typetransition utype user_home_dir_t file user_home_t) ++ (allow login_confinedom self (capability (mknod))) ++ (allow login_confinedom user_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow login_confinedom user_tmp_t (chr_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow login_confinedom tmpfs_t (dir (getattr open search))) ++ (allow login_confinedom tmp_t (dir (getattr open search))) ++ (allow login_confinedom tmp_t (lnk_file (read getattr))) ++ (allow login_confinedom tmp_t (dir (getattr open search))) ++ (allow utype user_tmp_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype user_tmp_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype tmpfs_t (dir (getattr open search))) ++ (allow utype tmp_t (dir (getattr open search))) ++ (allow utype tmp_t (lnk_file (read getattr))) ++ (allow utype tmp_t (dir (getattr open search))) ++ (allow utype user_home_t (filesystem (associate))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype device_t (dir (ioctl read getattr lock open search))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype device_t (lnk_file (read getattr))) ++ (allow utype ptmx_t (chr_file (ioctl read write getattr lock append open))) ++ (allow utype devpts_t (dir (ioctl read getattr lock open search))) ++ (allow utype devpts_t (filesystem (getattr))) ++ (dontaudit utype bsdpty_device_t (chr_file (read write getattr))) ++ (typetransition utype devpts_t chr_file user_devpts_t) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype device_t (dir (ioctl read getattr lock open search))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype device_t (lnk_file (read getattr))) ++ (allow utype devpts_t (dir (ioctl read getattr lock open search))) ++ (allow utype devpts_t (chr_file (ioctl read write getattr lock append open))) ++ (allow utype ttynode (chr_file (ioctl read write getattr lock append open))) ++ (allow utype ptynode (chr_file (ioctl read write getattr lock append open))) ++ (allow utype console_device_t (chr_file (ioctl read write getattr lock append open))) ++ (allow utype tty_device_t (chr_file (ioctl read write getattr lock append open))) ++ (allow user_devpts_t devpts_t (filesystem (associate))) ++ (allow utype user_devpts_t (chr_file (setattr))) ++ (typechange utype server_ptynode chr_file user_devpts_t) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype device_t (dir (ioctl read getattr lock open search))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype device_t (lnk_file (read getattr))) ++ (allow utype virtio_device_t (chr_file (ioctl read write getattr lock append open))) ++ (allow utype utype (capability (chown dac_read_search setgid setuid audit_write))) ++ (allow utype utype (dbus (acquire_svc))) ++ (allow utype utype (process (setsched setcap setfscreate setsockcreate))) ++ (allow utype utype (netlink_audit_socket (ioctl read write create getattr setattr lock append bind connect getopt setopt shutdown nlmsg_read nlmsg_write nlmsg_relay))) ++ (allow utype utype (netlink_kobject_uevent_socket (create getattr bind getopt setopt))) ++ (allow utype utype (unix_dgram_socket (ioctl create bind connect getopt setopt sendto))) ++ (allow utype utype (unix_stream_socket (connectto))) ++ (allow utype utype (context (contains))) ++ (dontaudit utype exec_type (file (execute execute_no_trans))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (lnk_file (read getattr))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (dir (ioctl read getattr lock open search))) ++ (allow utype bin_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype base_ro_file_type (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (dir (ioctl read getattr lock open search))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (lnk_file (read getattr))) ++ (allow utype shell_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype shell_exec_t (file (map))) ++ (allow utype application_exec_type (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (lnk_file (read getattr))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype chkpwd_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype chkpwd_t (process (transition))) ++ (typetransition utype chkpwd_exec_t process chkpwd_t) ++ (allow chkpwd_t utype (fd (use))) ++ (allow chkpwd_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow chkpwd_t utype (process (sigchld))) ++ (dontaudit utype shadow_t (file (read getattr))) ++ (allow utype updpwd_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype updpwd_t (process (transition))) ++ (typetransition utype updpwd_exec_t process updpwd_t) ++ (allow updpwd_t utype (fd (use))) ++ (allow updpwd_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow updpwd_t utype (process (sigchld))) ++ (dontaudit utype shadow_t (file (ioctl read getattr lock open))) ++ (allow utype passwd_file_t (file (ioctl read getattr lock open))) ++ (allow utype init_t (dbus (send_msg))) ++ (allow init_t utype (dbus (send_msg))) ++ (dontaudit utype boot_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (dontaudit utype boot_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype cgroup_t (filesystem (getattr))) ++ (allow utype filesystem_type (dir (getattr))) ++ (allow utype tmpfs_t (filesystem (getattr))) ++ (allow utype fs_t (filesystem (getattr))) ++ (allow utype cgroup_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype cgroup_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype tmpfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype cgroup_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype cgroup_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype cgroup_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype cgroup_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename watch watch_reads))) ++ (allow utype tmpfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype tmpfs_t (dir (getattr open search))) ++ (allow utype tmpfs_t (file (ioctl read getattr lock open))) ++ (allow utype filesystem_type (dir (getattr open search))) ++ (allow utype init_exec_t (file (entrypoint))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (lnk_file (read getattr))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype init_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype init_t (system (status))) ++ (allow utype init_t (service (status))) ++ (allow utype kernel_t (unix_dgram_socket (sendto))) ++ (allow utype sysctl_type (dir (getattr open search))) ++ (allow utype proc_t (dir (getattr open search))) ++ (allow utype proc_net_t (dir (getattr open search))) ++ (allow utype sysctl_type (file (ioctl read getattr lock open))) ++ (allow utype proc_t (dir (getattr open search))) ++ (allow utype proc_net_t (dir (getattr open search))) ++ (allow utype sysctl_type (dir (ioctl read getattr lock open search))) ++ (allow utype proc_t (dir (getattr open search))) ++ (allow utype proc_net_t (dir (getattr open search))) ++ (allow utype proc_net_t (file (ioctl read getattr lock open))) ++ (allow utype proc_t (dir (getattr open search))) ++ (allow utype proc_net_t (dir (getattr open search))) ++ (allow utype proc_net_t (lnk_file (read getattr))) ++ (allow utype proc_t (dir (getattr open search))) ++ (allow utype proc_net_t (dir (ioctl read getattr lock open search))) ++ (allow utype kernel_t (system (module_request))) ++ (allow utype kernel_t (unix_stream_socket (getattr connectto))) ++ (allow utype locale_t (dir (getattr open search))) ++ (allow utype locale_t (lnk_file (getattr watch))) ++ (allow utype mount_var_run_t (dir (getattr open search))) ++ (allow utype mount_var_run_t (file (ioctl read getattr lock open))) ++ (allow utype mount_var_run_t (dir (getattr open search))) ++ (allow utype mount_var_run_t (dir (ioctl read getattr lock open search watch watch_reads))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype mount_var_run_t (dir (getattr open search))) ++ (allow utype mount_var_run_t (dir (getattr watch))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype sound_device_t (chr_file (getattr))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (file (ioctl read getattr lock open))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (lnk_file (read getattr))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (ioctl read getattr lock open search))) ++ (allow utype proc_t (dir (getattr open search))) ++ (allow utype proc_t (dir (getattr open search))) ++ (allow utype domain (dir (ioctl read getattr lock open search))) ++ (allow utype domain (dir (getattr open search))) ++ (allow utype domain (file (ioctl read getattr lock open))) ++ (allow utype domain (dir (getattr open search))) ++ (allow utype domain (lnk_file (read getattr))) ++ (allow utype sysfs_t (filesystem (getattr))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype security_t (lnk_file (read getattr))) ++ (allow utype security_t (dir (ioctl read getattr lock open search))) ++ (allow utype security_t (file (ioctl read write getattr lock append open))) ++ (allow utype security_t (security (compute_av))) ++ (allow utype sysfs_t (filesystem (getattr))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype security_t (lnk_file (read getattr))) ++ (allow utype security_t (dir (ioctl read getattr lock open search))) ++ (allow utype security_t (file (ioctl read write getattr lock append open))) ++ (allow utype security_t (security (compute_create))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype security_t (lnk_file (read getattr))) ++ (allow utype sysfs_t (filesystem (getattr))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype security_t (filesystem (getattr))) ++ (allow utype security_t (dir (ioctl read getattr lock open search))) ++ (allow utype security_t (file (ioctl read getattr map open))) ++ (allow utype security_t (lnk_file (read getattr))) ++ (allow utype etc_t (dir (getattr open search))) ++ (allow utype selinux_config_t (dir (ioctl read getattr lock open search))) ++ (allow utype selinux_config_t (dir (getattr open search))) ++ (allow utype selinux_config_t (file (ioctl read getattr lock open))) ++ (allow utype selinux_config_t (dir (getattr open search))) ++ (allow utype selinux_config_t (lnk_file (read getattr))) ++ (allow utype etc_t (dir (getattr open search))) ++ (allow utype selinux_config_t (dir (getattr open search))) ++ (allow utype default_context_t (dir (getattr open search))) ++ (allow utype file_context_t (dir (getattr open search))) ++ (allow utype file_context_t (dir (ioctl read getattr lock open search))) ++ (allow utype file_context_t (dir (getattr open search))) ++ (allow utype file_context_t (file (ioctl read getattr lock open))) ++ (allow utype file_context_t (dir (getattr open search))) ++ (allow utype file_context_t (lnk_file (read getattr))) ++ (allow utype file_context_t (file (map))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype device_t (dir (ioctl read getattr lock open search))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype device_t (lnk_file (read getattr))) ++ (allow utype fixed_disk_device_t (blk_file (getattr))) ++ (allow utype systemd_hostnamed_t (dbus (send_msg))) ++ (allow systemd_hostnamed_t utype (dbus (send_msg))) ++ (allow systemd_hostnamed_t utype (dir (ioctl read getattr lock open search))) ++ (allow systemd_hostnamed_t utype (file (ioctl read getattr lock open))) ++ (allow systemd_hostnamed_t utype (lnk_file (read getattr))) ++ (allow systemd_hostnamed_t utype (process (getattr))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (lnk_file (read getattr))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype systemd_systemctl_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype cgroup_t (dir (getattr open search))) ++ (allow utype cgroup_t (dir (ioctl read getattr lock open search))) ++ (allow utype tmpfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype cgroup_t (dir (getattr open search))) ++ (allow utype cgroup_t (file (ioctl read getattr lock open))) ++ (allow utype cgroup_t (dir (getattr open search))) ++ (allow utype cgroup_t (lnk_file (read getattr))) ++ (allow utype tmpfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype efivarfs_t (dir (getattr open search))) ++ (allow utype efivarfs_t (file (ioctl read getattr lock open))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_lib_t (dir (getattr open search))) ++ (allow utype systemd_unit_file_type (dir (ioctl read getattr lock open search))) ++ (allow utype init_var_run_t (dir (ioctl read getattr lock open search))) ++ (allow utype init_t (dir (getattr open search))) ++ (allow utype init_t (file (ioctl read getattr lock open))) ++ (allow utype init_t (lnk_file (read getattr))) ++ (allow utype init_t (unix_stream_socket (sendto))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype init_var_run_t (dir (getattr open search))) ++ (allow utype init_var_run_t (sock_file (write getattr append open))) ++ (allow utype init_t (unix_stream_socket (connectto))) ++ (allow utype init_t (unix_stream_socket (getattr))) ++ (dontaudit utype self (process (setrlimit))) ++ (dontaudit utype self (capability (sys_resource))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (dir (ioctl read getattr lock open search))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (file (ioctl read getattr lock open))) ++ (allow utype systemd_passwd_agent_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype init_var_run_t (dir (getattr open search))) ++ (allow utype systemd_passwd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype systemd_passwd_var_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype systemd_passwd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype systemd_passwd_var_run_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype systemd_passwd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype systemd_passwd_var_run_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow systemd_passwd_agent_t utype (process (signull))) ++ (allow systemd_passwd_agent_t utype (unix_dgram_socket (sendto))) ++ (dontaudit utype self (capability (net_admin sys_ptrace))) ++ (allow utype systemd_tmpfiles_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype systemd_passwd_var_run_t (dir (getattr watch))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_lib_t (dir (getattr open search))) ++ (allow utype systemd_unit_file_type (file (ioctl read getattr lock open))) ++ (allow utype systemd_unit_file_type (lnk_file (read getattr))) ++ (allow utype systemd_unit_file_type (dir (ioctl read getattr lock open search))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype device_t (dir (ioctl read getattr lock open search))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype device_t (lnk_file (read getattr))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype udev_var_run_t (dir (ioctl read getattr lock open search))) ++ (allow utype udev_var_run_t (dir (getattr open search))) ++ (allow utype udev_var_run_t (file (ioctl read getattr lock open))) ++ (allow utype udev_var_run_t (dir (getattr open search))) ++ (allow utype udev_var_run_t (lnk_file (read getattr))) ++ (roleallow system_r urole) ++ (booleanif (deny_bluetooth) ++ (false ++ (allow utype self (bluetooth_socket (ioctl read write create getattr setattr lock append bind connect listen accept getopt setopt shutdown))) ++ ) ++ ) ++ (booleanif (and (exec_content_bool) (use_samba_home_dirs)) ++ (true ++ (allow utype cifs_t (file (ioctl read getattr map execute open execute_no_trans))) ++ (allow utype cifs_t (dir (getattr open search))) ++ (allow utype cifs_t (dir (ioctl read getattr lock open search))) ++ ) ++ ) ++ (booleanif (and (exec_content_bool) (use_nfs_home_dirs)) ++ (true ++ (allow utype nfs_t (file (ioctl read getattr map execute open execute_no_trans))) ++ (allow utype nfs_t (dir (getattr open search))) ++ (allow utype nfs_t (dir (ioctl read getattr lock open search))) ++ ) ++ ) ++ (booleanif (exec_content_bool) ++ (true ++ (allow utype user_home_type (file (ioctl read getattr map execute open execute_no_trans))) ++ (allow utype user_home_dir_t (dir (getattr open search))) ++ (allow utype user_home_type (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype tmp_t (dir (getattr open search))) ++ (allow utype tmp_t (lnk_file (read getattr))) ++ (allow utype tmp_t (dir (getattr open search))) ++ (allow utype tmpfs_t (dir (getattr open search))) ++ (allow utype user_tmp_t (file (ioctl read getattr map execute open execute_no_trans))) ++ (allow utype user_tmp_t (dir (getattr open search))) ++ (allow utype user_tmp_t (file (entrypoint))) ++ ) ++ ) ++ (optional confinedom_user_login_optional_3 ++ (typeattributeset cil_gen_require sssd_public_t) ++ (typeattributeset cil_gen_require sssd_var_lib_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require var_lib_t) ++ (typeattributeset cil_gen_require sssd_t) ++ (typeattributeset cil_gen_require var_run_t) ++ (allow utype sssd_var_lib_t (dir (getattr open search))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_lib_t (dir (getattr open search))) ++ (allow utype sssd_public_t (dir (getattr open search))) ++ (allow utype sssd_public_t (dir (ioctl read getattr lock open search))) ++ (allow utype sssd_public_t (dir (getattr open search))) ++ (allow utype sssd_public_t (file (ioctl read getattr lock open))) ++ (allow utype sssd_public_t (file (map))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype sssd_var_lib_t (dir (getattr open search))) ++ (allow utype sssd_var_lib_t (sock_file (write getattr append open))) ++ (allow utype sssd_t (unix_stream_socket (connectto))) ++ ) ++ (optional confinedom_user_login_optional_4 ++ (typeattributeset cil_gen_require tmpfs_t) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require var_lib_t) ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require init_t) ++ (typeattributeset cil_gen_require cgroup_t) ++ (typeattributeset cil_gen_require sysfs_t) ++ (typeattributeset cil_gen_require systemd_systemctl_exec_t) ++ (typeattributeset cil_gen_require efivarfs_t) ++ (typeattributeset cil_gen_require systemd_unit_file_type) ++ (typeattributeset cil_gen_require init_var_run_t) ++ (typeattributeset cil_gen_require systemd_logind_var_run_t) ++ (typeattributeset cil_gen_require systemd_passwd_agent_t) ++ (typeattributeset cil_gen_require systemd_passwd_agent_exec_t) ++ (typeattributeset cil_gen_require systemd_passwd_var_run_t) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (lnk_file (read getattr))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype systemd_systemctl_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype cgroup_t (dir (getattr open search))) ++ (allow utype cgroup_t (dir (ioctl read getattr lock open search))) ++ (allow utype tmpfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype cgroup_t (dir (getattr open search))) ++ (allow utype cgroup_t (file (ioctl read getattr lock open))) ++ (allow utype cgroup_t (dir (getattr open search))) ++ (allow utype cgroup_t (lnk_file (read getattr))) ++ (allow utype tmpfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype efivarfs_t (dir (getattr open search))) ++ (allow utype efivarfs_t (file (ioctl read getattr lock open))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_lib_t (dir (getattr open search))) ++ (allow utype systemd_unit_file_type (dir (ioctl read getattr lock open search))) ++ (allow utype init_var_run_t (dir (ioctl read getattr lock open search))) ++ (allow utype init_t (dir (getattr open search))) ++ (allow utype init_t (file (ioctl read getattr lock open))) ++ (allow utype init_t (lnk_file (read getattr))) ++ (allow utype init_t (unix_stream_socket (sendto))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype init_var_run_t (dir (getattr open search))) ++ (allow utype init_var_run_t (sock_file (write getattr append open))) ++ (allow utype init_t (unix_stream_socket (connectto))) ++ (allow utype init_t (unix_stream_socket (getattr))) ++ (dontaudit utype self (process (setrlimit))) ++ (dontaudit utype self (capability (sys_resource))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (dir (ioctl read getattr lock open search))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (file (ioctl read getattr lock open))) ++ (allow utype systemd_passwd_agent_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype init_var_run_t (dir (getattr open search))) ++ (allow utype systemd_passwd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype systemd_passwd_var_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype systemd_passwd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype systemd_passwd_var_run_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype systemd_passwd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype systemd_passwd_var_run_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow systemd_passwd_agent_t utype (process (signull))) ++ (allow systemd_passwd_agent_t utype (unix_dgram_socket (sendto))) ++ (dontaudit utype self (capability (net_admin sys_ptrace))) ++ (optional confinedom_user_login_optional_5 ++ (typeattributeset cil_gen_require bluetooth_t) ++ (allow utype bluetooth_t (dbus (send_msg))) ++ (allow bluetooth_t utype (dbus (send_msg))) ++ ) ++ (optional confinedom_user_login_optional_6 ++ (typeattributeset cil_gen_require shell_exec_t) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset cil_gen_require corenet_unlabeled_type) ++ (typeattributeset cil_gen_require ubac_constrained_type) ++ (typeattributeset cil_gen_require device_t) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require base_ro_file_type) ++ (typeattributeset cil_gen_require application_exec_type) ++ (typeattributeset cil_gen_require chkpwd_t) ++ (typeattributeset cil_gen_require chkpwd_exec_t) ++ (typeattributeset cil_gen_require shadow_t) ++ (typeattributeset cil_gen_require updpwd_t) ++ (typeattributeset cil_gen_require updpwd_exec_t) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require nsswitch_domain) ++ (typeattributeset cil_gen_require netlabel_peer_type) ++ (typeattributeset cil_gen_require syslog_client_type) ++ (typeattributeset cil_gen_require kernel_system_state_reader) ++ (typeattributeset cil_gen_require cronjob_t) ++ (typeattributeset cil_gen_require crontab_t) ++ (typeattributeset cil_gen_require crontab_exec_t) ++ (typeattributeset cil_gen_require user_cron_spool_t) ++ (typeattributeset cil_gen_require crond_t) ++ (typeattributeset cil_gen_require application_domain_type) ++ (typeattributeset cil_gen_require auth_cache_t) ++ (typeattributeset cil_gen_require random_device_t) ++ (typeattributeset cil_gen_require urandom_device_t) ++ (typeattributeset cil_gen_require faillog_t) ++ (typeattributeset cil_gen_require var_log_t) ++ (typeattributeset cil_gen_require cert_t) ++ (typeattributeset cil_gen_require userdom_home_reader_type) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole cronjob_t) ++ (roletype urole crontab_t) ++ (typeattributeset cil_gen_require netlabel_peer_type) ++ (typeattributeset netlabel_peer_type (utype )) ++ (typeattributeset cil_gen_require corenet_unlabeled_type) ++ (typeattributeset corenet_unlabeled_type (utype )) ++ (typeattributeset cil_gen_require syslog_client_type) ++ (typeattributeset syslog_client_type (utype )) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset file_type (crontab_exec_t )) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset non_security_file_type (crontab_exec_t )) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset exec_type (crontab_exec_t )) ++ (typeattributeset cil_gen_require application_domain_type) ++ (typeattributeset application_domain_type (utype )) ++ (typeattributeset cil_gen_require ubac_constrained_type) ++ (typeattributeset ubac_constrained_type (utype )) ++ (typeattributeset cil_gen_require kernel_system_state_reader) ++ (typeattributeset kernel_system_state_reader (utype )) ++ (typeattributeset cil_gen_require application_exec_type) ++ (typeattributeset application_exec_type (crontab_exec_t )) ++ (typeattributeset cil_gen_require nsswitch_domain) ++ (typeattributeset nsswitch_domain (utype )) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset entry_type (crontab_exec_t )) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset non_auth_file_type (crontab_exec_t )) ++ (typeattributeset cil_gen_require userdom_home_reader_type) ++ (typeattributeset userdom_home_reader_type (utype )) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset domain (utype )) ++ (allow utype crontab_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype crontab_t (process (transition))) ++ (typetransition utype crontab_exec_t process crontab_t) ++ (allow crontab_t utype (fd (use))) ++ (allow crontab_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow crontab_t utype (process (sigchld))) ++ (dontaudit crond_t utype (process (noatsecure siginh rlimitinh))) ++ (allow utype crond_t (process (sigchld))) ++ (allow utype user_cron_spool_t (file (ioctl read write getattr))) ++ (allow utype crontab_t (process (sigchld sigkill sigstop signull signal))) ++ (allow utype crontab_t (dir (ioctl read getattr lock open search))) ++ (allow utype crontab_t (file (ioctl read getattr lock open))) ++ (allow utype crontab_t (lnk_file (read getattr))) ++ (allow utype crontab_t (process (getattr))) ++ (allow utype crontab_exec_t (file (entrypoint))) ++ (allow utype crontab_exec_t (file (ioctl read getattr lock map execute open))) ++ (allow utype auth_cache_t (dir (getattr open search))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (lnk_file (read getattr))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype chkpwd_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype chkpwd_t (process (transition))) ++ (typetransition utype chkpwd_exec_t process chkpwd_t) ++ (allow chkpwd_t utype (fd (use))) ++ (allow chkpwd_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow chkpwd_t utype (process (sigchld))) ++ (allow utype chkpwd_exec_t (file (map))) ++ (dontaudit utype shadow_t (file (ioctl read getattr lock open))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype random_device_t (chr_file (ioctl read getattr lock open))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype urandom_device_t (chr_file (ioctl read getattr lock open))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_log_t (dir (getattr open search))) ++ (allow utype faillog_t (dir (getattr open search))) ++ (allow utype faillog_t (file (ioctl read write getattr lock append open))) ++ (allow utype self (capability (audit_write))) ++ (allow utype self (netlink_audit_socket (ioctl read write create getattr setattr lock append bind connect getopt setopt shutdown nlmsg_read nlmsg_relay nlmsg_tty_audit))) ++ (allow utype cert_t (dir (ioctl read getattr lock open search))) ++ (allow utype cert_t (dir (getattr open search))) ++ (allow utype cert_t (file (ioctl read getattr lock open))) ++ (allow utype cert_t (dir (getattr open search))) ++ (allow utype cert_t (lnk_file (read getattr))) ++ (allow utype updpwd_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype updpwd_t (process (transition))) ++ (typetransition utype updpwd_exec_t process updpwd_t) ++ (allow updpwd_t utype (fd (use))) ++ (allow updpwd_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow updpwd_t utype (process (sigchld))) ++ (dontaudit utype shadow_t (file (ioctl read getattr lock open))) ++ (allow crontab_t bin_t (dir (getattr open search))) ++ (allow crontab_t bin_t (lnk_file (read getattr))) ++ (allow crontab_t bin_t (dir (getattr open search))) ++ (allow crontab_t bin_t (dir (ioctl read getattr lock open search))) ++ (allow crontab_t bin_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow crontab_t base_ro_file_type (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow crontab_t bin_t (dir (getattr open search))) ++ (allow crontab_t bin_t (dir (ioctl read getattr lock open search))) ++ (allow crontab_t bin_t (dir (getattr open search))) ++ (allow crontab_t bin_t (lnk_file (read getattr))) ++ (allow crontab_t shell_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow crontab_t shell_exec_t (file (map))) ++ (booleanif (cron_userdomain_transition) ++ (true ++ (allow utype cronjob_t (process (getattr))) ++ (allow utype cronjob_t (lnk_file (read getattr))) ++ (allow utype cronjob_t (file (ioctl read getattr lock open))) ++ (allow utype cronjob_t (dir (ioctl read getattr lock open search))) ++ (allow utype cronjob_t (process (sigchld sigkill sigstop signull signal))) ++ (allow utype crond_t (fifo_file (ioctl read write getattr lock append open))) ++ (allow utype user_cron_spool_t (file (entrypoint))) ++ (allow crond_t utype (key (view read write search link setattr create))) ++ (allow crond_t utype (fd (use))) ++ (allow crond_t utype (process (transition))) ++ ) ++ (false ++ (dontaudit utype cronjob_t (process (sigchld sigkill sigstop signull signal))) ++ (dontaudit utype crond_t (fifo_file (ioctl read write getattr lock append open))) ++ (dontaudit utype user_cron_spool_t (file (entrypoint))) ++ (dontaudit crond_t utype (key (view read write search link setattr create))) ++ (dontaudit crond_t utype (fd (use))) ++ (dontaudit crond_t utype (process (transition))) ++ ) ++ ) ++ (booleanif (deny_ptrace) ++ (false ++ (allow utype crontab_t (process (ptrace))) ++ ) ++ ) ++ (optional confinedom_user_login_optional_7 ++ (typeattributeset cil_gen_require etc_t) ++ (typeattributeset cil_gen_require krb5_keytab_t) ++ (allow utype etc_t (dir (getattr open search))) ++ (allow utype krb5_keytab_t (dir (ioctl read getattr lock open search))) ++ (allow utype krb5_keytab_t (file (ioctl read getattr lock open))) ++ ) ++ (optional confinedom_user_login_optional_8 ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require pcscd_var_run_t) ++ (typeattributeset cil_gen_require pcscd_t) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype pcscd_var_run_t (dir (getattr open search))) ++ (allow utype pcscd_var_run_t (file (ioctl read getattr lock open))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype pcscd_var_run_t (dir (getattr open search))) ++ (allow utype pcscd_var_run_t (sock_file (write getattr append open))) ++ (allow utype pcscd_t (unix_stream_socket (connectto))) ++ ) ++ (optional confinedom_user_login_optional_9 ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require etc_t) ++ (typeattributeset cil_gen_require samba_var_t) ++ (typeattributeset cil_gen_require winbind_t) ++ (typeattributeset cil_gen_require winbind_var_run_t) ++ (typeattributeset cil_gen_require smbd_var_run_t) ++ (typeattributeset cil_gen_require samba_etc_t) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype smbd_var_run_t (dir (getattr open search))) ++ (allow utype samba_var_t (dir (getattr open search))) ++ (allow utype winbind_var_run_t (dir (getattr open search))) ++ (allow utype winbind_var_run_t (sock_file (write getattr append open))) ++ (allow utype winbind_t (unix_stream_socket (connectto))) ++ (allow utype etc_t (dir (getattr open search))) ++ (allow utype samba_etc_t (dir (getattr open search))) ++ (allow utype samba_etc_t (dir (ioctl read getattr lock open search))) ++ (allow utype samba_etc_t (dir (getattr open search))) ++ (allow utype samba_etc_t (file (ioctl read getattr lock open))) ++ ) ++ (optional confinedom_user_login_optional_10 ++ (typeattributeset cil_gen_require system_dbusd_t) ++ (allow cronjob_t utype (dbus (send_msg))) ++ ) ++ ) ++ (optional confinedom_user_login_optional_11 ++ ;(type dbusd_type) ++ (roletype object_r dbusd_type) ++ (typeattributeset cil_gen_require utype) ++ (typeattributeset cil_gen_require shell_exec_t) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset cil_gen_require corenet_unlabeled_type) ++ (typeattributeset cil_gen_require ubac_constrained_type) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require application_exec_type) ++ (typeattributeset cil_gen_require nsswitch_domain) ++ (typeattributeset cil_gen_require netlabel_peer_type) ++ (typeattributeset cil_gen_require sysfs_t) ++ (typeattributeset cil_gen_require syslog_client_type) ++ (typeattributeset cil_gen_require security_t) ++ (typeattributeset cil_gen_require kernel_system_state_reader) ++ (typeattributeset cil_gen_require application_domain_type) ++ (typeattributeset cil_gen_require system_dbusd_t) ++ (typeattributeset cil_gen_require session_dbusd_tmp_t) ++ (typeattributeset cil_gen_require dbusd_unconfined) ++ (typeattributeset cil_gen_require session_bus_type) ++ (typeattributeset cil_gen_require dbusd_exec_t) ++ (typeattributeset cil_gen_require dbusd_etc_t) ++ (typeattributeset cil_gen_require userdom_home_manager_type) ++ (typeattributeset cil_gen_require usr_t) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole dbusd_type) ++ (typeattributeset cil_gen_require netlabel_peer_type) ++ (typeattributeset netlabel_peer_type (dbusd_type )) ++ (typeattributeset cil_gen_require corenet_unlabeled_type) ++ (typeattributeset corenet_unlabeled_type (dbusd_type )) ++ (typeattributeset cil_gen_require syslog_client_type) ++ (typeattributeset syslog_client_type (dbusd_type )) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset file_type (dbusd_exec_t )) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset non_security_file_type (dbusd_exec_t )) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset exec_type (dbusd_exec_t )) ++ (typeattributeset cil_gen_require application_domain_type) ++ (typeattributeset application_domain_type (dbusd_type )) ++ (typeattributeset cil_gen_require userdom_home_manager_type) ++ (typeattributeset userdom_home_manager_type (dbusd_type )) ++ (typeattributeset cil_gen_require ubac_constrained_type) ++ (typeattributeset ubac_constrained_type (dbusd_type )) ++ (typeattributeset cil_gen_require kernel_system_state_reader) ++ (typeattributeset kernel_system_state_reader (dbusd_type )) ++ (typeattributeset cil_gen_require application_exec_type) ++ (typeattributeset application_exec_type (dbusd_exec_t )) ++ (typeattributeset cil_gen_require nsswitch_domain) ++ (typeattributeset nsswitch_domain (dbusd_type )) ++ (typeattributeset cil_gen_require session_bus_type) ++ (typeattributeset session_bus_type (dbusd_type )) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset entry_type (dbusd_exec_t )) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset non_auth_file_type (dbusd_exec_t )) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset domain (dbusd_type )) ++ (allow utype session_dbusd_tmp_t (dir (ioctl write getattr lock open add_name search))) ++ (allow utype session_dbusd_tmp_t (sock_file (create getattr setattr open))) ++ (allow utype system_dbusd_t (dbus (send_msg))) ++ (allow dbusd_type dbusd_exec_t (file (entrypoint))) ++ (allow dbusd_type dbusd_exec_t (file (ioctl read getattr lock map execute open))) ++ (allow dbusd_type security_t (lnk_file (read getattr))) ++ (allow dbusd_type sysfs_t (filesystem (getattr))) ++ (allow dbusd_type sysfs_t (dir (getattr open search))) ++ (allow dbusd_type sysfs_t (dir (getattr open search))) ++ (allow dbusd_type security_t (filesystem (getattr))) ++ (allow utype dbusd_type (unix_stream_socket (ioctl read write create getattr setattr lock append bind connect listen accept getopt setopt shutdown connectto))) ++ (allow dbusd_type utype (unix_stream_socket (read write getattr accept getopt))) ++ (allow dbusd_type utype (unix_dgram_socket (sendto))) ++ (allow utype dbusd_type (dbus (acquire_svc send_msg))) ++ (allow dbusd_unconfined dbusd_type (dbus (acquire_svc send_msg))) ++ (allow utype system_dbusd_t (dbus (acquire_svc send_msg))) ++ (allow utype dbusd_type (process (noatsecure siginh rlimitinh))) ++ (allow dbusd_type utype (dbus (send_msg))) ++ (allow utype dbusd_type (dbus (send_msg))) ++ (allow dbusd_type utype (system (start reload))) ++ (allow dbusd_type session_dbusd_tmp_t (service (start stop))) ++ (allow utype session_dbusd_tmp_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype session_dbusd_tmp_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow dbusd_type dbusd_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype dbusd_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype dbusd_type (process (transition))) ++ (typetransition utype dbusd_exec_t process dbusd_type) ++ (allow dbusd_type utype (fd (use))) ++ (allow dbusd_type utype (fifo_file (ioctl read write getattr lock append))) ++ (allow dbusd_type utype (process (sigchld))) ++ (allow utype dbusd_type (dir (ioctl read getattr lock open search))) ++ (allow utype dbusd_type (file (ioctl read getattr lock open))) ++ (allow utype dbusd_type (lnk_file (read getattr))) ++ (allow utype dbusd_type (process (getattr))) ++ (allow utype dbusd_type (process (sigchld sigkill sigstop signull signal))) ++ (allow dbusd_type bin_t (dir (getattr open search))) ++ (allow dbusd_type bin_t (lnk_file (read getattr))) ++ (allow dbusd_type bin_t (file (ioctl read getattr map execute open))) ++ (allow dbusd_type utype (process (transition))) ++ (allow dbusd_type usr_t (dir (getattr open search))) ++ (allow dbusd_type usr_t (lnk_file (read getattr))) ++ (allow dbusd_type usr_t (file (ioctl read getattr map execute open))) ++ (allow dbusd_type utype (process (transition))) ++ (typetransition dbusd_type bin_t process utype) ++ (typetransition dbusd_type usr_t process utype) ++ (allow dbusd_type bin_t (dir (getattr open search))) ++ (allow dbusd_type bin_t (dir (ioctl read getattr lock open search))) ++ (allow dbusd_type bin_t (dir (getattr open search))) ++ (allow dbusd_type bin_t (lnk_file (read getattr))) ++ (allow dbusd_type shell_exec_t (file (ioctl read getattr map execute open))) ++ (allow dbusd_type utype (process (transition))) ++ (typetransition dbusd_type shell_exec_t process utype) ++ (allow dbusd_type utype (process (sigkill))) ++ (allow utype dbusd_type (fd (use))) ++ (allow utype dbusd_type (fifo_file (ioctl read write getattr lock append open))) ++ (allow dbusd_type file_type (service (start stop status reload enable disable))) ++ (dontaudit dbusd_type self (capability (net_admin))) ++ (allow utype session_dbusd_tmp_t (dir (getattr open search))) ++ (allow utype session_dbusd_tmp_t (sock_file (write getattr append open))) ++ (booleanif (deny_ptrace) ++ (false ++ (allow utype dbusd_type (process (ptrace))) ++ ) ++ ) ++ (optional confinedom_user_login_optional_12 ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset cil_gen_require mozilla_exec_t) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset file_type (mozilla_exec_t )) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset non_security_file_type (mozilla_exec_t )) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset exec_type (mozilla_exec_t )) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset entry_type (mozilla_exec_t )) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset non_auth_file_type (mozilla_exec_t )) ++ (allow utype mozilla_exec_t (file (entrypoint))) ++ (allow utype mozilla_exec_t (file (ioctl read getattr lock map execute open))) ++ (allow dbusd_type mozilla_exec_t (file (ioctl read getattr map execute open))) ++ (allow dbusd_type utype (process (transition))) ++ (typetransition dbusd_type mozilla_exec_t process utype) ++ (allow utype dbusd_type (fd (use))) ++ (allow utype dbusd_type (fifo_file (ioctl read write getattr lock append))) ++ (allow utype dbusd_type (process (sigchld))) ++ ) ++ (optional confinedom_user_login_optional_13 ++ (typeattributeset cil_gen_require systemd_unit_file_t) ++ (allow dbusd_type systemd_unit_file_t (service (start))) ++ ) ++ ) ++ (optional confinedom_user_login_optional_14 ++ ;(type gkeyringd_type) ++ (roletype object_r gkeyringd_type) ++ (roleattributeset cil_gen_require gconfd_roles) ++ (typeattributeset cil_gen_require shell_exec_t) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset cil_gen_require corenet_unlabeled_type) ++ (typeattributeset cil_gen_require process_user_target) ++ (typeattributeset cil_gen_require ubac_constrained_type) ++ (typeattributeset cil_gen_require user_tmp_t) ++ (typeattributeset cil_gen_require tmp_t) ++ (typeattributeset cil_gen_require tmpfs_t) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require application_exec_type) ++ (typeattributeset cil_gen_require nsswitch_domain) ++ (typeattributeset cil_gen_require netlabel_peer_type) ++ (typeattributeset cil_gen_require syslog_client_type) ++ (typeattributeset cil_gen_require kernel_system_state_reader) ++ (typeattributeset cil_gen_require application_domain_type) ++ (typeattributeset cil_gen_require userdom_home_manager_type) ++ (typeattributeset cil_gen_require usr_t) ++ (typeattributeset cil_gen_require gnomedomain) ++ (typeattributeset cil_gen_require gkeyringd_domain) ++ (typeattributeset cil_gen_require gnome_home_type) ++ (typeattributeset cil_gen_require gkeyringd_exec_t) ++ (typeattributeset cil_gen_require gkeyringd_tmp_t) ++ (typeattributeset cil_gen_require gconfd_t) ++ (typeattributeset cil_gen_require gconfd_exec_t) ++ (typeattributeset cil_gen_require gconf_tmp_t) ++ (typeattributeset cil_gen_require cache_home_t) ++ (roleattributeset cil_gen_require urole) ++ (roletype urole gkeyringd_type) ++ (roleattributeset cil_gen_require gconfd_roles) ++ (roleattributeset gconfd_roles (urole )) ++ (typeattributeset cil_gen_require netlabel_peer_type) ++ (typeattributeset netlabel_peer_type (gkeyringd_type )) ++ (typeattributeset cil_gen_require corenet_unlabeled_type) ++ (typeattributeset corenet_unlabeled_type (gkeyringd_type )) ++ (typeattributeset cil_gen_require syslog_client_type) ++ (typeattributeset syslog_client_type (gkeyringd_type )) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset file_type (gkeyringd_exec_t )) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset non_security_file_type (gkeyringd_exec_t )) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset exec_type (gkeyringd_exec_t )) ++ (typeattributeset cil_gen_require application_domain_type) ++ (typeattributeset application_domain_type (gkeyringd_type )) ++ (typeattributeset cil_gen_require userdom_home_manager_type) ++ (typeattributeset userdom_home_manager_type (gkeyringd_type )) ++ (typeattributeset cil_gen_require ubac_constrained_type) ++ (typeattributeset ubac_constrained_type (gkeyringd_type )) ++ (typeattributeset cil_gen_require kernel_system_state_reader) ++ (typeattributeset kernel_system_state_reader (gkeyringd_type )) ++ (typeattributeset cil_gen_require gnomedomain) ++ (typeattributeset gnomedomain (gkeyringd_type )) ++ (typeattributeset cil_gen_require application_exec_type) ++ (typeattributeset application_exec_type (gkeyringd_exec_t )) ++ (typeattributeset cil_gen_require gkeyringd_domain) ++ (typeattributeset gkeyringd_domain (gkeyringd_type )) ++ (typeattributeset cil_gen_require nsswitch_domain) ++ (typeattributeset nsswitch_domain (gkeyringd_type )) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset entry_type (gkeyringd_exec_t )) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset non_auth_file_type (gkeyringd_exec_t )) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset domain (gkeyringd_type )) ++ (typeattributeset cil_gen_require process_user_target) ++ (typeattributeset process_user_target (gkeyringd_type )) ++ (allow gkeyringd_type gkeyringd_exec_t (file (entrypoint))) ++ (allow gkeyringd_type gkeyringd_exec_t (file (ioctl read getattr lock map execute open))) ++ (allow utype gconfd_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype gconfd_t (process (transition))) ++ (typetransition utype gconfd_exec_t process gconfd_t) ++ (allow gconfd_t utype (fd (use))) ++ (allow gconfd_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow gconfd_t utype (process (sigchld))) ++ (allow utype gconfd_t (process (sigchld sigkill sigstop signull signal))) ++ (allow utype gconfd_t (unix_stream_socket (connectto))) ++ (allow utype gconfd_t (dir (ioctl read getattr lock open search))) ++ (allow utype gconfd_t (file (ioctl read getattr lock open))) ++ (allow utype gconfd_t (lnk_file (read getattr))) ++ (allow utype gconfd_t (process (getattr))) ++ (allow gkeyringd_type utype (unix_stream_socket (ioctl read write create getattr setattr lock append bind connect listen accept getopt setopt shutdown connectto))) ++ (allow gkeyringd_type self (process (setsched))) ++ (allow utype gkeyringd_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype gkeyringd_type (process (transition))) ++ (typetransition utype gkeyringd_exec_t process gkeyringd_type) ++ (allow gkeyringd_type utype (fd (use))) ++ (allow gkeyringd_type utype (fifo_file (ioctl read write getattr lock append))) ++ (allow gkeyringd_type utype (process (sigchld))) ++ (allow utype gnome_home_type (dir (ioctl read write create getattr setattr lock relabelfrom relabelto unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype gkeyringd_tmp_t (dir (ioctl read write create getattr setattr lock relabelfrom relabelto unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype gconf_tmp_t (dir (ioctl read write create getattr setattr lock relabelfrom relabelto unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow utype gnome_home_type (file (ioctl read write create getattr setattr lock relabelfrom relabelto append unlink link rename open watch watch_reads))) ++ (allow utype gkeyringd_tmp_t (file (ioctl read write create getattr setattr lock relabelfrom relabelto append unlink link rename open watch watch_reads))) ++ (allow utype gconf_tmp_t (file (ioctl read write create getattr setattr lock relabelfrom relabelto append unlink link rename open watch watch_reads))) ++ (allow utype gkeyringd_tmp_t (sock_file (ioctl read write create getattr setattr lock relabelfrom relabelto append unlink link rename open))) ++ (allow utype gkeyringd_type (dir (ioctl read getattr lock open search))) ++ (allow utype gkeyringd_type (file (ioctl read getattr lock open))) ++ (allow utype gkeyringd_type (lnk_file (read getattr))) ++ (allow utype gkeyringd_type (process (getattr))) ++ (allow utype gkeyringd_type (process (sigchld sigkill sigstop signull signal))) ++ (dontaudit utype gkeyringd_exec_t (file (entrypoint))) ++ (allow gkeyringd_type utype (process (sigkill))) ++ (allow utype gkeyringd_type (fd (use))) ++ (allow utype gkeyringd_type (fifo_file (ioctl read write getattr lock append open))) ++ (allow utype gkeyringd_type (dbus (acquire_svc))) ++ (allow utype gkeyringd_tmp_t (dir (getattr open search))) ++ (allow utype gkeyringd_tmp_t (sock_file (write getattr append open))) ++ (allow utype gkeyringd_type (unix_stream_socket (connectto))) ++ (allow gkeyringd_type bin_t (dir (getattr open search))) ++ (allow gkeyringd_type bin_t (lnk_file (read getattr))) ++ (allow gkeyringd_type bin_t (file (ioctl read getattr map execute open))) ++ (allow gkeyringd_type utype (process (transition))) ++ (allow gkeyringd_type usr_t (dir (getattr open search))) ++ (allow gkeyringd_type usr_t (lnk_file (read getattr))) ++ (allow gkeyringd_type usr_t (file (ioctl read getattr map execute open))) ++ (allow gkeyringd_type utype (process (transition))) ++ (typetransition gkeyringd_type bin_t process utype) ++ (typetransition gkeyringd_type usr_t process utype) ++ (allow gkeyringd_type bin_t (dir (getattr open search))) ++ (allow gkeyringd_type bin_t (dir (ioctl read getattr lock open search))) ++ (allow gkeyringd_type bin_t (dir (getattr open search))) ++ (allow gkeyringd_type bin_t (lnk_file (read getattr))) ++ (allow gkeyringd_type shell_exec_t (file (ioctl read getattr map execute open))) ++ (allow gkeyringd_type utype (process (transition))) ++ (typetransition gkeyringd_type shell_exec_t process utype) ++ (allow utype gconf_tmp_t (dir (getattr open search))) ++ (allow utype tmpfs_t (dir (getattr open search))) ++ (allow utype tmp_t (dir (getattr open search))) ++ (allow utype tmp_t (lnk_file (read getattr))) ++ (allow utype tmp_t (dir (getattr open search))) ++ (allow utype user_tmp_t (dir (getattr open search))) ++ (allow utype gkeyringd_tmp_t (dir (getattr open search))) ++ (allow utype gkeyringd_tmp_t (sock_file (write getattr append open))) ++ (allow utype gkeyringd_domain (unix_stream_socket (connectto))) ++ (allow utype cache_home_t (dir (getattr open search))) ++ (allow utype cache_home_t (sock_file (write getattr append open))) ++ (allow utype gkeyringd_domain (unix_stream_socket (connectto))) ++ (allow gkeyringd_type utype (dir (ioctl read getattr lock open search))) ++ (allow gkeyringd_type utype (file (ioctl read getattr lock open))) ++ (allow gkeyringd_type utype (lnk_file (read getattr))) ++ (allow gkeyringd_type utype (process (getattr))) ++ (allow gkeyringd_type user_tmp_t (dir (ioctl read getattr lock open search))) ++ (allow gkeyringd_type user_tmp_t (sock_file (read write getattr append))) ++ (allow gkeyringd_type tmpfs_t (dir (getattr open search))) ++ (allow gkeyringd_type tmp_t (dir (getattr open search))) ++ (allow gkeyringd_type tmp_t (lnk_file (read getattr))) ++ (allow gkeyringd_type tmp_t (dir (getattr open search))) ++ (allow gkeyringd_type utype (dbus (acquire_svc send_msg))) ++ (allow utype gkeyringd_type (dbus (send_msg))) ++ (optional confinedom_user_login_optional_15 ++ (typeattributeset cil_gen_require user_home_dir_t) ++ (typeattributeset cil_gen_require home_root_t) ++ (typeattributeset cil_gen_require system_dbusd_t) ++ (typeattributeset cil_gen_require session_bus_type) ++ (typeattributeset cil_gen_require dbusd_type) ++ (typeattributeset cil_gen_require gnome_home_t) ++ (typeattributeset cil_gen_require data_home_t) ++ (typeattributeset cil_gen_require gconf_home_t) ++ (allow dbusd_type gkeyringd_exec_t (file (ioctl read getattr map execute open))) ++ (allow dbusd_type gkeyringd_type (process (transition))) ++ (typetransition dbusd_type gkeyringd_exec_t process gkeyringd_type) ++ (allow gkeyringd_type dbusd_type (fd (use))) ++ (allow gkeyringd_type dbusd_type (fifo_file (ioctl read write getattr lock append))) ++ (allow gkeyringd_type dbusd_type (process (sigchld))) ++ (allow gkeyringd_type session_bus_type (dbus (send_msg))) ++ (allow gkeyringd_type self (dbus (send_msg))) ++ (allow gkeyringd_type session_bus_type (unix_stream_socket (connectto))) ++ (allow session_bus_type gkeyringd_type (process (sigkill))) ++ (allow gkeyringd_type session_bus_type (dbus (acquire_svc))) ++ (allow gkeyringd_type system_dbusd_t (unix_stream_socket (connectto))) ++ (allow gkeyringd_type system_dbusd_t (dbus (send_msg))) ++ (allow gkeyringd_type user_home_dir_t (dir (getattr open search))) ++ (allow gkeyringd_type user_home_dir_t (lnk_file (read getattr))) ++ (allow gkeyringd_type home_root_t (dir (getattr open search))) ++ (allow gkeyringd_type home_root_t (lnk_file (read getattr))) ++ (allow gkeyringd_type gnome_home_t (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow gkeyringd_type data_home_t (dir (getattr open search))) ++ (allow gkeyringd_type gconf_home_t (dir (getattr open search))) ++ (allow gkeyringd_type data_home_t (file (ioctl read getattr lock open))) ++ (allow gkeyringd_type data_home_t (dir (getattr open search))) ++ (allow gkeyringd_type gconf_home_t (dir (getattr open search))) ++ (allow gkeyringd_type data_home_t (lnk_file (read getattr))) ++ (allow gkeyringd_type data_home_t (dir (getattr open search))) ++ (allow gkeyringd_type gconf_home_t (dir (getattr open search))) ++ (allow gkeyringd_type data_home_t (dir (ioctl read getattr lock open search))) ++ (optional confinedom_user_login_optional_16 ++ (typeattributeset cil_gen_require proc_t) ++ (typeattributeset cil_gen_require telepathy_mission_control_t) ++ (typeattributeset cil_gen_require telepathy_gabble_t) ++ (allow gkeyringd_type proc_t (dir (getattr open search))) ++ (allow gkeyringd_type proc_t (dir (getattr open search))) ++ (allow gkeyringd_type telepathy_mission_control_t (dir (ioctl read getattr lock open search))) ++ (allow gkeyringd_type telepathy_mission_control_t (file (ioctl read getattr lock open))) ++ (allow gkeyringd_type telepathy_mission_control_t (lnk_file (read getattr))) ++ (allow gkeyringd_type telepathy_mission_control_t (process (getattr))) ++ (allow telepathy_gabble_t gkeyringd_tmp_t (dir (getattr open search))) ++ (allow telepathy_gabble_t gkeyringd_tmp_t (sock_file (write getattr append open))) ++ (allow telepathy_gabble_t gkeyringd_type (unix_stream_socket (connectto))) ++ ) ++ (optional confinedom_user_login_optional_17 ++ (typeattributeset cil_gen_require systemd_logind_t) ++ (allow gkeyringd_type systemd_logind_t (dbus (send_msg))) ++ (allow systemd_logind_t gkeyringd_type (dbus (send_msg))) ++ (allow systemd_logind_t gkeyringd_type (dir (ioctl read getattr lock open search))) ++ (allow systemd_logind_t gkeyringd_type (file (ioctl read getattr lock open))) ++ (allow systemd_logind_t gkeyringd_type (lnk_file (read getattr))) ++ (allow systemd_logind_t gkeyringd_type (process (getattr))) ++ (allow systemd_logind_t gkeyringd_type (process (signal))) ++ (allow gkeyringd_type systemd_logind_t (fd (use))) ++ ) ++ ) ++ (optional confinedom_user_login_optional_18 ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require ssh_agent_exec_t) ++ (allow gkeyringd_type bin_t (dir (getattr open search))) ++ (allow gkeyringd_type bin_t (lnk_file (read getattr))) ++ (allow gkeyringd_type bin_t (dir (getattr open search))) ++ (allow gkeyringd_type bin_t (dir (getattr open search))) ++ (allow gkeyringd_type ssh_agent_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ ) ++ ) ++ (optional confinedom_user_login_optional_19 ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require var_lib_t) ++ (typeattributeset cil_gen_require locate_var_lib_t) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_lib_t (dir (getattr open search))) ++ (allow utype locate_var_lib_t (dir (getattr open search))) ++ (allow utype locate_var_lib_t (file (ioctl read getattr lock open))) ++ (allow utype locate_var_lib_t (dir (ioctl read getattr lock open search))) ++ ) ++ (optional confinedom_user_login_optional_20 ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require mail_spool_t) ++ (typeattributeset cil_gen_require var_spool_t) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_spool_t (dir (getattr open search))) ++ (allow utype mail_spool_t (dir (ioctl read getattr lock open search))) ++ (allow utype mail_spool_t (dir (getattr open search))) ++ (allow utype mail_spool_t (file (getattr))) ++ (allow utype mail_spool_t (dir (getattr open search))) ++ (allow utype mail_spool_t (lnk_file (read getattr))) ++ ) ++ ) ++ ) ++) ++ ++(macro confined_ssh_connect_macro ((type utype) (role urole) (type ssh_agent_type)) ++ (optional confined_ssh_connect_macro_optional ++ (typeattributeset cil_gen_require sshd_t) ++ (typeattributeset cil_gen_require ptmx_t) ++ (typeattributeset cil_gen_require device_t) ++ (typeattributeset cil_gen_require sshd_devpts_t) ++ (typeattributeset cil_gen_require ssh_server) ++ (typeattributeset cil_gen_require ssh_t) ++ (typeattributeset cil_gen_require ssh_exec_t) ++ (typeattributeset cil_gen_require ssh_tmpfs_t) ++ (typeattributeset cil_gen_require ssh_home_t) ++ (typeattributeset cil_gen_require ssh_agent_exec_t) ++ (typeattributeset cil_gen_require ssh_keysign_t) ++ (typeattributeset cil_gen_require ssh_agent_tmp_t) ++ (typeattributeset cil_gen_require cache_home_t) ++ (typeattributeset cil_gen_require application_domain_type) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset cil_gen_require corenet_unlabeled_type) ++ (typeattributeset cil_gen_require application_exec_type) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset cil_gen_require ubac_constrained_type) ++ (typeattributeset cil_gen_require privfd) ++ (typeattributeset cil_gen_require user_home_dir_t) ++ (typeattributeset cil_gen_require home_root_t) ++ (typeattributeset cil_gen_require user_tmp_type) ++ (typeattributeset cil_gen_require user_tmp_t) ++ (typeattributeset cil_gen_require tmp_t) ++ (typeattributeset cil_gen_require tmpfs_t) ++ (typeattributeset cil_gen_require kernel_system_state_reader) ++ (typeattributeset cil_gen_require shell_exec_t) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require usr_t) ++ (typeattributeset cil_gen_require nsswitch_domain) ++ (typeattributeset cil_gen_require netlabel_peer_type) ++ (typeattributeset cil_gen_require syslog_client_type) ++ (typeattributeset cil_gen_require tty_device_t) ++ (typeattributeset cil_gen_require user_home_t) ++ (typeattributeset cil_gen_require userdom_home_manager_type) ++ (typeattributeset cil_gen_require ssh_keygen_exec_t) ++ (roleattributeset cil_gen_require urole) ++ (roletype object_r ssh_agent_type) ++ (roletype urole ssh_t) ++ (roletype urole ssh_agent_type) ++ (roletype urole user_tmp_t) ++ (typeattributeset cil_gen_require netlabel_peer_type) ++ (typeattributeset netlabel_peer_type (ssh_agent_type )) ++ (typeattributeset cil_gen_require corenet_unlabeled_type) ++ (typeattributeset corenet_unlabeled_type (ssh_agent_type )) ++ (typeattributeset cil_gen_require privfd) ++ (typeattributeset privfd (ssh_agent_type )) ++ (typeattributeset cil_gen_require syslog_client_type) ++ (typeattributeset syslog_client_type (ssh_agent_type )) ++ (typeattributeset cil_gen_require file_type) ++ (typeattributeset file_type (ssh_agent_exec_t )) ++ (typeattributeset cil_gen_require non_security_file_type) ++ (typeattributeset non_security_file_type (ssh_agent_exec_t )) ++ (typeattributeset cil_gen_require exec_type) ++ (typeattributeset exec_type (ssh_agent_exec_t )) ++ (typeattributeset cil_gen_require application_domain_type) ++ (typeattributeset application_domain_type (ssh_agent_type )) ++ (typeattributeset cil_gen_require userdom_home_manager_type) ++ (typeattributeset userdom_home_manager_type (ssh_agent_type )) ++ (typeattributeset cil_gen_require ubac_constrained_type) ++ (typeattributeset ubac_constrained_type (ssh_agent_type )) ++ (typeattributeset cil_gen_require ssh_agent_type) ++ (typeattributeset cil_gen_require kernel_system_state_reader) ++ (typeattributeset kernel_system_state_reader (ssh_agent_type )) ++ (typeattributeset cil_gen_require application_exec_type) ++ (typeattributeset application_exec_type (ssh_agent_exec_t )) ++ (typeattributeset cil_gen_require nsswitch_domain) ++ (typeattributeset nsswitch_domain (ssh_agent_type )) ++ (typeattributeset cil_gen_require entry_type) ++ (typeattributeset entry_type (ssh_agent_exec_t )) ++ (typeattributeset cil_gen_require non_auth_file_type) ++ (typeattributeset non_auth_file_type (ssh_agent_exec_t )) ++ (typeattributeset cil_gen_require domain) ++ (typeattributeset domain (ssh_agent_type )) ++ (allow sshd_t utype (process (dyntransition))) ++ (allow utype sshd_t (process (sigchld))) ++ (allow sshd_t utype (process (sigkill sigstop signull signal getattr))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype device_t (dir (ioctl read getattr lock open search))) ++ (allow utype device_t (dir (getattr open search))) ++ (allow utype device_t (lnk_file (read getattr))) ++ (allow utype ptmx_t (chr_file (ioctl read write getattr lock append open))) ++ (allow utype sshd_devpts_t (chr_file (ioctl read write getattr lock append))) ++ (allow ssh_agent_type ssh_agent_exec_t (file (entrypoint))) ++ (allow ssh_agent_type ssh_agent_exec_t (file (ioctl read getattr lock map execute open))) ++ (allow utype ssh_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype ssh_t (process (transition))) ++ (typetransition utype ssh_exec_t process ssh_t) ++ (allow ssh_t utype (fd (use))) ++ (allow ssh_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow ssh_t utype (process (sigchld))) ++ (allow utype ssh_server (unix_stream_socket (ioctl read write getattr setattr lock append bind connect listen accept getopt setopt shutdown))) ++ (allow utype ssh_t (dir (ioctl read getattr lock open search))) ++ (allow utype ssh_t (file (ioctl read getattr lock open))) ++ (allow utype ssh_t (lnk_file (read getattr))) ++ (allow utype ssh_t (process (getattr))) ++ (allow utype ssh_t (process (sigchld sigkill sigstop signull signal))) ++ (allow ssh_t utype (unix_stream_socket (ioctl read write getattr setattr lock append bind connect getopt setopt shutdown))) ++ (allow ssh_t utype (unix_stream_socket (connectto))) ++ (allow ssh_t utype (key (view read write search link setattr create))) ++ (allow utype ssh_t (key (view read write search))) ++ (allow utype ssh_home_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype ssh_home_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype ssh_home_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype ssh_home_t (lnk_file (ioctl read write create getattr setattr lock append unlink link rename watch watch_reads))) ++ (allow utype ssh_home_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype ssh_home_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype user_home_dir_t (dir (getattr open search))) ++ (allow utype user_home_dir_t (lnk_file (read getattr))) ++ (allow utype home_root_t (dir (getattr open search))) ++ (allow utype home_root_t (lnk_file (read getattr))) ++ (typemember ssh_t tmp_t dir user_tmp_t) ++ (allow ssh_t user_tmp_type (dir (mounton))) ++ (allow ssh_t user_tmp_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow ssh_t user_tmp_type (dir (ioctl read write create getattr setattr lock unlink link rename open watch watch_reads add_name remove_name reparent search rmdir))) ++ (allow ssh_t user_tmp_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow ssh_t user_tmp_type (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow ssh_t user_tmp_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow ssh_t user_tmp_type (lnk_file (ioctl read write create getattr setattr lock append unlink link rename watch watch_reads))) ++ (allow ssh_t user_tmp_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow ssh_t user_tmp_type (sock_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow ssh_t user_tmp_type (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow ssh_t user_tmp_type (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow ssh_t tmp_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (typetransition ssh_t tmp_t fifo_file user_tmp_t) ++ (typetransition ssh_t tmp_t sock_file user_tmp_t) ++ (typetransition ssh_t tmp_t lnk_file user_tmp_t) ++ (typetransition ssh_t tmp_t dir user_tmp_t) ++ (typetransition ssh_t tmp_t file user_tmp_t) ++ (allow user_tmp_t tmpfs_t (filesystem (associate))) ++ (allow ssh_t tmpfs_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (typetransition ssh_t tmpfs_t fifo_file user_tmp_t) ++ (typetransition ssh_t tmpfs_t sock_file user_tmp_t) ++ (typetransition ssh_t tmpfs_t lnk_file user_tmp_t) ++ (typetransition ssh_t tmpfs_t dir user_tmp_t) ++ (typetransition ssh_t tmpfs_t file user_tmp_t) ++ (allow ssh_t user_tmp_type (dir (getattr open search))) ++ (allow ssh_t user_tmp_type (dir (getattr relabelfrom relabelto))) ++ (allow ssh_t user_tmp_type (dir (getattr open search))) ++ (allow ssh_t user_tmp_type (file (getattr relabelfrom relabelto))) ++ (allow ssh_t user_tmp_type (dir (getattr open search))) ++ (allow ssh_t user_tmp_type (lnk_file (getattr relabelfrom relabelto))) ++ (allow ssh_t user_tmp_type (dir (getattr open search))) ++ (allow ssh_t user_tmp_type (sock_file (getattr relabelfrom relabelto))) ++ (allow ssh_t user_tmp_type (dir (getattr open search))) ++ (allow ssh_t user_tmp_type (fifo_file (getattr relabelfrom relabelto))) ++ (allow ssh_t user_tmp_type (file (map))) ++ (allow ssh_agent_type utype (process (signull))) ++ (allow ssh_agent_type ssh_agent_type (process (signull))) ++ (allow ssh_agent_type self (unix_stream_socket (ioctl read write create getattr setattr lock append bind connect listen accept getopt setopt shutdown connectto))) ++ (allow utype ssh_agent_tmp_t (dir (getattr open search))) ++ (allow utype ssh_agent_tmp_t (sock_file (write getattr append open))) ++ (allow utype ssh_agent_type (unix_stream_socket (connectto))) ++ (allow utype cache_home_t (dir (getattr open search))) ++ (allow utype cache_home_t (sock_file (write getattr append open))) ++ (allow utype ssh_agent_type (unix_stream_socket (connectto))) ++ (allow utype ssh_agent_type (unix_stream_socket (ioctl read write create getattr setattr lock append bind connect listen accept getopt setopt shutdown))) ++ (allow utype ssh_agent_type (process (sigchld sigkill sigstop signull signal))) ++ (allow utype ssh_agent_type (dir (ioctl read getattr lock open search))) ++ (allow utype ssh_agent_type (file (ioctl read getattr lock open))) ++ (allow utype ssh_agent_type (lnk_file (read getattr))) ++ (allow utype ssh_agent_type (process (getattr))) ++ (allow ssh_agent_type ssh_agent_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype ssh_agent_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype ssh_agent_type (process (transition))) ++ (typetransition utype ssh_agent_exec_t process ssh_agent_type) ++ (allow ssh_agent_type utype (fd (use))) ++ (allow ssh_agent_type utype (fifo_file (ioctl read write getattr lock append))) ++ (allow ssh_agent_type utype (process (sigchld))) ++ (allow ssh_agent_type bin_t (dir (getattr open search))) ++ (allow ssh_agent_type bin_t (dir (ioctl read getattr lock open search))) ++ (allow ssh_agent_type bin_t (dir (getattr open search))) ++ (allow ssh_agent_type bin_t (lnk_file (read getattr))) ++ (allow ssh_agent_type shell_exec_t (file (ioctl read getattr map execute open))) ++ (allow ssh_agent_type utype (process (transition))) ++ (typetransition ssh_agent_type shell_exec_t process utype) ++ (allow ssh_agent_type bin_t (dir (getattr open search))) ++ (allow ssh_agent_type bin_t (lnk_file (read getattr))) ++ (allow ssh_agent_type bin_t (file (ioctl read getattr map execute open))) ++ (allow ssh_agent_type utype (process (transition))) ++ (allow ssh_agent_type usr_t (dir (getattr open search))) ++ (allow ssh_agent_type usr_t (lnk_file (read getattr))) ++ (allow ssh_agent_type usr_t (file (ioctl read getattr map execute open))) ++ (allow ssh_agent_type utype (process (transition))) ++ (typetransition ssh_agent_type bin_t process utype) ++ (typetransition ssh_agent_type usr_t process utype) ++ (allow ssh_agent_type device_t (dir (getattr open search))) ++ (allow ssh_agent_type device_t (dir (ioctl read getattr lock open search))) ++ (allow ssh_agent_type device_t (dir (getattr open search))) ++ (allow ssh_agent_type device_t (lnk_file (read getattr))) ++ (allow ssh_agent_type tty_device_t (chr_file (ioctl read write getattr lock append open))) ++ (allow ssh_agent_type user_home_t (file (ioctl read getattr map execute open))) ++ (allow ssh_agent_type utype (process (transition))) ++ (typetransition ssh_agent_type user_home_t process utype) ++ (allow ssh_agent_type user_home_dir_t (dir (getattr open search))) ++ (allow ssh_agent_type home_root_t (dir (getattr open search))) ++ (allow ssh_agent_type home_root_t (lnk_file (read getattr))) ++ (allow utype ssh_keygen_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ ) ++) ++ ++(macro confined_use_basic_commands_macro ((type utype) (role urole)) ++ (optional confined_use_basic_commands_optional_2 ++ (roleattributeset cil_gen_require urole) ++ (typeattributeset cil_gen_require init_var_lib_t) ++ (typeattributeset cil_gen_require utype) ++ (typeattributeset cil_gen_require login_confinedom) ++ (typeattributeset cil_gen_require var_t) ++ (typeattributeset cil_gen_require var_lib_t) ++ (typeattributeset cil_gen_require init_t) ++ (typeattributeset cil_gen_require var_log_t) ++ (typeattributeset cil_gen_require syslogd_var_run_t) ++ (typeattributeset cil_gen_require systemd_unit_file_type) ++ (typeattributeset cil_gen_require systemd_systemctl_exec_t) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require cgroup_t) ++ (typeattributeset cil_gen_require tmpfs_t) ++ (typeattributeset cil_gen_require sysfs_t) ++ (typeattributeset cil_gen_require efivarfs_t) ++ (typeattributeset cil_gen_require init_var_run_t) ++ (typeattributeset cil_gen_require var_run_t) ++ (typeattributeset cil_gen_require systemd_logind_var_run_t) ++ (typeattributeset cil_gen_require systemd_passwd_agent_t) ++ (typeattributeset cil_gen_require systemd_passwd_agent_exec_t) ++ (typeattributeset cil_gen_require systemd_passwd_var_run_t) ++ (allow utype utype (process (setpgid))) ++ (allow utype utype (system (status))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_lib_t (dir (getattr open search))) ++ (allow utype init_var_lib_t (dir (getattr open search))) ++ (allow utype init_var_lib_t (file (ioctl read getattr map open))) ++ (allow utype init_t (process (signal))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_log_t (dir (ioctl read getattr lock open search))) ++ (allow utype var_log_t (file (map))) ++ (allow utype var_log_t (dir (getattr open search))) ++ (allow utype var_log_t (file (ioctl read getattr lock open))) ++ (allow utype var_log_t (dir (getattr open search))) ++ (allow utype var_log_t (lnk_file (read getattr))) ++ (allow utype syslogd_var_run_t (dir (getattr open search))) ++ (allow utype syslogd_var_run_t (file (ioctl read getattr lock open map))) ++ (allow utype syslogd_var_run_t (dir (getattr open search))) ++ (allow utype syslogd_var_run_t (dir (ioctl read getattr lock open search))) ++ ;corecmd_bin_entry_type(utype) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (lnk_file (read getattr))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (file (entrypoint))) ++ (allow utype bin_t (file (ioctl read getattr lock map execute open))) ++ (allow utype usr_t (file (entrypoint))) ++ (allow utype usr_t (file (ioctl read getattr lock map execute open))) ++ (allow utype systemd_systemctl_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype cgroup_t (dir (getattr open search))) ++ (allow utype cgroup_t (dir (ioctl read getattr lock open search))) ++ (allow utype tmpfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype cgroup_t (dir (getattr open search))) ++ (allow utype cgroup_t (file (ioctl read getattr lock open))) ++ (allow utype cgroup_t (dir (getattr open search))) ++ (allow utype cgroup_t (lnk_file (read getattr))) ++ (allow utype tmpfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype sysfs_t (dir (getattr open search))) ++ (allow utype efivarfs_t (dir (getattr open search))) ++ (allow utype efivarfs_t (file (ioctl read getattr lock open))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_lib_t (dir (getattr open search))) ++ (allow utype systemd_unit_file_type (dir (ioctl read getattr lock open search))) ++ (allow utype init_var_run_t (dir (ioctl read getattr lock open search))) ++ (allow utype init_t (dir (getattr open search))) ++ (allow utype init_t (file (ioctl read getattr lock open))) ++ (allow utype init_t (lnk_file (read getattr))) ++ (allow utype init_t (unix_stream_socket (sendto))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype init_var_run_t (dir (getattr open search))) ++ (allow utype init_var_run_t (sock_file (write getattr append open))) ++ (allow utype init_t (unix_stream_socket (connectto))) ++ (allow utype init_t (unix_stream_socket (getattr))) ++ (dontaudit utype self (process (setrlimit))) ++ (dontaudit utype self (capability (sys_resource))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (dir (ioctl read getattr lock open search))) ++ (allow utype var_t (lnk_file (read getattr))) ++ (allow utype var_run_t (lnk_file (read getattr))) ++ (allow utype var_t (dir (getattr open search))) ++ (allow utype var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (dir (getattr open search))) ++ (allow utype systemd_logind_var_run_t (file (ioctl read getattr lock open))) ++ (allow utype systemd_passwd_agent_exec_t (file (ioctl read getattr lock map execute open execute_no_trans))) ++ (allow utype init_var_run_t (dir (getattr open search))) ++ (allow utype systemd_passwd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype systemd_passwd_var_run_t (file (ioctl read write create getattr setattr lock append unlink link rename open watch watch_reads))) ++ (allow utype systemd_passwd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype systemd_passwd_var_run_t (sock_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow utype systemd_passwd_var_run_t (dir (ioctl read write getattr lock open add_name remove_name search))) ++ (allow utype systemd_passwd_var_run_t (fifo_file (ioctl read write create getattr setattr lock append unlink link rename open))) ++ (allow systemd_passwd_agent_t utype (process (signull))) ++ (allow systemd_passwd_agent_t utype (unix_dgram_socket (sendto))) ++ (dontaudit utype self (capability (net_admin sys_ptrace))) ++ (allow utype systemd_unit_file_type (service (status))) ++ (optional confined_use_basic_commands_optional_3 ++ (typeattributeset cil_gen_require adjtime_t) ++ (typeattributeset cil_gen_require etc_t) ++ (allow utype etc_t (dir (ioctl read getattr lock open search))) ++ (allow utype adjtime_t (file (ioctl read getattr lock open))) ++ ) ++ (optional confined_use_basic_commands_optional_4 ++ (typeattributeset cil_gen_require mandb_cache_t) ++ (allow utype mandb_cache_t (file (map))) ++ ) ++ (optional confined_use_basic_commands_optional_5 ++ (roleattributeset cil_gen_require passwd_roles) ++ (typeattributeset cil_gen_require bin_t) ++ (typeattributeset cil_gen_require passwd_t) ++ (typeattributeset cil_gen_require passwd_exec_t) ++ (roleattributeset cil_gen_require passwd_roles) ++ (roleattributeset passwd_roles (urole )) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (lnk_file (read getattr))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype bin_t (dir (getattr open search))) ++ (allow utype passwd_exec_t (file (ioctl read getattr map execute open))) ++ (allow utype passwd_t (process (transition))) ++ (typetransition utype passwd_exec_t process passwd_t) ++ (allow passwd_t utype (fd (use))) ++ (allow passwd_t utype (fifo_file (ioctl read write getattr lock append))) ++ (allow passwd_t utype (process (sigchld))) ++ ) ++ ) ++) ++ ++;(call confinedom_admin_commands_macro (u_t u_r u_sudo_t)) ++;(call confinedom_graphical_login_macro (u_t u_r u_dbus_t)) ++;(call confinedom_mozilla_usage_macro (u_t u_r)) ++;(call confinedom_networking_macro (u_t u_r)) ++;(call confinedom_security_advanced_macro (u_t u_r u_sudo_t u_userhelper_t)) ++;(call confinedom_security_basic_macro (u_t u_r)) ++;(call confinedom_sudo_macro (u_t u_r u_sudo_t u_sudo_tmp_t)) ++;(call confinedom_user_login_macro (u_t u_r u_gkeyringd_t u_dbus_t u_exec_content)) ++;(call confined_ssh_connect_macro (u_t u_r u_ssh_agent_t)) ++;(call confined_use_basic_commands_macro (u_t u_r)) +-- +2.43.0 + diff --git a/SPECS-EXTENDED/udica/0002-Add-tests-covering-confined-user-policy-generation.patch b/SPECS-EXTENDED/udica/0002-Add-tests-covering-confined-user-policy-generation.patch new file mode 100644 index 0000000000..ef435f5d96 --- /dev/null +++ b/SPECS-EXTENDED/udica/0002-Add-tests-covering-confined-user-policy-generation.patch @@ -0,0 +1,170 @@ +From d444e67ead27266d57184ab8bc032c5528f7e26c Mon Sep 17 00:00:00 2001 +From: Vit Mojzis +Date: Wed, 20 Dec 2023 14:33:27 +0100 +Subject: [PATCH] Add tests covering confined user policy generation + +Signed-off-by: Vit Mojzis +--- + tests/test_confined_abcdgilmns.cil | 24 ++++++++++++++++++++ + tests/test_confined_cla.cil | 15 +++++++++++++ + tests/test_confined_lb.cil | 12 ++++++++++ + tests/test_confined_lsid.cil | 17 +++++++++++++++ + tests/test_main.py | 35 +++++++++++++++++++++++++----- + 5 files changed, 98 insertions(+), 5 deletions(-) + create mode 100644 tests/test_confined_abcdgilmns.cil + create mode 100644 tests/test_confined_cla.cil + create mode 100644 tests/test_confined_lb.cil + create mode 100644 tests/test_confined_lsid.cil + +diff --git a/tests/test_confined_abcdgilmns.cil b/tests/test_confined_abcdgilmns.cil +new file mode 100644 +index 0000000..5fd619f +--- /dev/null ++++ b/tests/test_confined_abcdgilmns.cil +@@ -0,0 +1,24 @@ ++(boolean my_container_exec_content true) ++(role my_container_r) ++(type my_container_dbus_t) ++(type my_container_gkeyringd_t) ++(type my_container_ssh_agent_t) ++(type my_container_sudo_t) ++(type my_container_sudo_tmp_t) ++(type my_container_t) ++(type my_container_userhelper_t) ++(user my_container_u) ++(userrole my_container_u my_container_r) ++(userlevel my_container_u (s0)) ++(userrange my_container_u ((s0 ) (s0 (c0)))) ++ ++(call confinedom_admin_commands_macro (my_container_t my_container_r my_container_sudo_t)) ++(call confinedom_graphical_login_macro (my_container_t my_container_r my_container_dbus_t)) ++(call confinedom_mozilla_usage_macro (my_container_t my_container_r)) ++(call confinedom_networking_macro (my_container_t my_container_r)) ++(call confinedom_security_advanced_macro (my_container_t my_container_r my_container_sudo_t my_container_userhelper_t)) ++(call confinedom_security_basic_macro (my_container_t my_container_r)) ++(call confinedom_sudo_macro (my_container_t my_container_r my_container_sudo_t my_container_sudo_tmp_t)) ++(call confinedom_user_login_macro (my_container_t my_container_r my_container_gkeyringd_t my_container_dbus_t my_container_exec_content)) ++(call confined_ssh_connect_macro (my_container_t my_container_r my_container_ssh_agent_t)) ++(call confined_use_basic_commands_macro (my_container_t my_container_r)) +\ No newline at end of file +diff --git a/tests/test_confined_cla.cil b/tests/test_confined_cla.cil +new file mode 100644 +index 0000000..a633aaa +--- /dev/null ++++ b/tests/test_confined_cla.cil +@@ -0,0 +1,15 @@ ++(boolean my_container_exec_content true) ++(role my_container_r) ++(type my_container_dbus_t) ++(type my_container_gkeyringd_t) ++(type my_container_ssh_agent_t) ++(type my_container_sudo_t) ++(type my_container_t) ++(user my_container_u) ++(userrole my_container_u my_container_r) ++(userlevel my_container_u (s0)) ++(userrange my_container_u ((s0 ) (s0 (c0)))) ++ ++(call confinedom_admin_commands_macro (my_container_t my_container_r my_container_sudo_t)) ++(call confinedom_user_login_macro (my_container_t my_container_r my_container_gkeyringd_t my_container_dbus_t my_container_exec_content)) ++(call confined_ssh_connect_macro (my_container_t my_container_r my_container_ssh_agent_t)) +\ No newline at end of file +diff --git a/tests/test_confined_lb.cil b/tests/test_confined_lb.cil +new file mode 100644 +index 0000000..3e3c997 +--- /dev/null ++++ b/tests/test_confined_lb.cil +@@ -0,0 +1,12 @@ ++(boolean my_container_exec_content true) ++(role my_container_r) ++(type my_container_dbus_t) ++(type my_container_gkeyringd_t) ++(type my_container_t) ++(user my_container_u) ++(userrole my_container_u my_container_r) ++(userlevel my_container_u (s0)) ++(userrange my_container_u ((s0 ) (s0 (c0)))) ++ ++(call confinedom_user_login_macro (my_container_t my_container_r my_container_gkeyringd_t my_container_dbus_t my_container_exec_content)) ++(call confined_use_basic_commands_macro (my_container_t my_container_r)) +\ No newline at end of file +diff --git a/tests/test_confined_lsid.cil b/tests/test_confined_lsid.cil +new file mode 100644 +index 0000000..8719420 +--- /dev/null ++++ b/tests/test_confined_lsid.cil +@@ -0,0 +1,17 @@ ++(boolean my_container_exec_content true) ++(role my_container_r) ++(type my_container_dbus_t) ++(type my_container_gkeyringd_t) ++(type my_container_sudo_t) ++(type my_container_sudo_tmp_t) ++(type my_container_t) ++(type my_container_userhelper_t) ++(user my_container_u) ++(userrole my_container_u my_container_r) ++(userlevel my_container_u (s0)) ++(userrange my_container_u ((s0 ) (s0 (c0)))) ++ ++(call confinedom_security_advanced_macro (my_container_t my_container_r my_container_sudo_t my_container_userhelper_t)) ++(call confinedom_security_basic_macro (my_container_t my_container_r)) ++(call confinedom_sudo_macro (my_container_t my_container_r my_container_sudo_t my_container_sudo_tmp_t)) ++(call confinedom_user_login_macro (my_container_t my_container_r my_container_gkeyringd_t my_container_dbus_t my_container_exec_content)) +\ No newline at end of file +diff --git a/tests/test_main.py b/tests/test_main.py +index fb6a9ab..0c73861 100644 +--- a/tests/test_main.py ++++ b/tests/test_main.py +@@ -369,7 +369,26 @@ class TestBase(unittest.TestCase): + self.assert_templates(output, ["base_container"]) + self.assert_policy(test_file("test_devices.podman.cil")) + +- def run_udica(self, args): ++ # Confined user tests ++ def test_confined_user(self): ++ """udica confined_user --level s0 --range s0:c0 my_container""" ++ for arg in ["cla", "lb", "lsid", "abcdgilmns"]: ++ output = self.run_udica( ++ [ ++ "udica", ++ "confined_user", ++ "-{}".format(arg), ++ "--level", ++ "s0", ++ "--range", ++ "s0:c0", ++ "my_container", ++ ], ++ True, ++ ) ++ self.assert_policy(test_file("test_confined_{}.cil".format(arg))) ++ ++ def run_udica(self, args, confined=False): + with patch("sys.argv", args): + with patch("sys.stderr.write") as mock_err, patch( + "sys.stdout.write" +@@ -383,10 +402,16 @@ class TestBase(unittest.TestCase): + udica.__main__.main() + mock_err.assert_not_called() + +- self.assertRegex(mock_out.output, "Policy my_container created") +- self.assertRegex( +- mock_out.output, "--security-opt label=type:my_container.process" +- ) ++ if confined: ++ self.assertRegex(mock_out.output, "semodule -i my_container.cil") ++ self.assertRegex( ++ mock_out.output, "semanage login -a -s my_container_u my_container" ++ ) ++ else: ++ self.assertRegex(mock_out.output, "Policy my_container created") ++ self.assertRegex( ++ mock_out.output, "--security-opt label=type:my_container.process" ++ ) + + return mock_out.output + +-- +2.43.0 + diff --git a/SPECS-EXTENDED/udica/0003-confined-make-l-non-optional.patch b/SPECS-EXTENDED/udica/0003-confined-make-l-non-optional.patch new file mode 100644 index 0000000000..938a20f3c6 --- /dev/null +++ b/SPECS-EXTENDED/udica/0003-confined-make-l-non-optional.patch @@ -0,0 +1,57 @@ +From f411c146986fabe7375724528b2d4ba8cf78b904 Mon Sep 17 00:00:00 2001 +From: Vit Mojzis +Date: Mon, 12 Feb 2024 19:38:14 +0100 +Subject: [PATCH] confined: make "-l" non optional + +The confinedom_user_login_macro is needed for all custom users. + +Also, allow the new user type to be accessed via remote login. + +Signed-off-by: Vit Mojzis +--- + udica/__main__.py | 2 +- + udica/macros/confined_user_macros.cil | 8 +++++++- + 2 files changed, 8 insertions(+), 2 deletions(-) + +diff --git a/udica/__main__.py b/udica/__main__.py +index 1ba8515..801499c 100644 +--- a/udica/__main__.py ++++ b/udica/__main__.py +@@ -92,7 +92,7 @@ def get_args(): + "-l", + "--user_login", + action="store_true", +- default=False, ++ default=True, + dest="user_login", + help="Basic rules common to all users (tty, pty, ...)", + ) +diff --git a/udica/macros/confined_user_macros.cil b/udica/macros/confined_user_macros.cil +index ddb5689..06c4c56 100644 +--- a/udica/macros/confined_user_macros.cil ++++ b/udica/macros/confined_user_macros.cil +@@ -2411,7 +2411,7 @@ + (typetransition utype sudo_exec_t process sudo_type) + (allow sudo_type utype (fd (use))) + (allow sudo_type utype (fifo_file (ioctl read write getattr lock append))) +- (allow sudo_type utype (process (sigchld))) ++ (allow sudo_type utype (process (getpgid sigchld))) + (allow sudo_type bin_t (dir (getattr open search))) + (allow sudo_type bin_t (dir (ioctl read getattr lock open search))) + (allow sudo_type bin_t (dir (getattr open search))) +@@ -4006,6 +4006,12 @@ + ) + ) + ) ++ ; Telnet login ++ (optional confinedom_user_login_optional_3 ++ (typeattributeset cil_gen_require remote_login_t) ++ (allow remote_login_t utype (process (signal transition))) ++ (allow utype self (bpf (prog_load))) ++ ) + ) + + (macro confined_ssh_connect_macro ((type utype) (role urole) (type ssh_agent_type)) +-- +2.43.0 + diff --git a/SPECS-EXTENDED/udica/0004-confined-allow-asynchronous-I-O-operations.patch b/SPECS-EXTENDED/udica/0004-confined-allow-asynchronous-I-O-operations.patch new file mode 100644 index 0000000000..00241b638a --- /dev/null +++ b/SPECS-EXTENDED/udica/0004-confined-allow-asynchronous-I-O-operations.patch @@ -0,0 +1,31 @@ +From 131d228c6a91eaaeccc1d000821beeccba69d134 Mon Sep 17 00:00:00 2001 +From: Vit Mojzis +Date: Mon, 4 Mar 2024 12:59:53 +0100 +Subject: [PATCH] confined: allow asynchronous I/O operations + +Signed-off-by: Vit Mojzis +--- + udica/macros/confined_user_macros.cil | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/udica/macros/confined_user_macros.cil b/udica/macros/confined_user_macros.cil +index 06c4c56..dcb5198 100644 +--- a/udica/macros/confined_user_macros.cil ++++ b/udica/macros/confined_user_macros.cil +@@ -4012,6 +4012,13 @@ + (allow remote_login_t utype (process (signal transition))) + (allow utype self (bpf (prog_load))) + ) ++ ; asynchronous I/O operations RHEL 10 ++ (optional confinedom_user_login_optional_4 ++ (typeattributeset cil_gen_require io_uring_t) ++ (allow utype self (io_uring (sqpoll))) ++ (allow utype io_uring_t (anon_inode (create))) ++ (allow utype io_uring_t (anon_inode (read write getattr map))) ++ ) + ) + + (macro confined_ssh_connect_macro ((type utype) (role urole) (type ssh_agent_type)) +-- +2.43.0 + diff --git a/SPECS-EXTENDED/udica/udica.signatures.json b/SPECS-EXTENDED/udica/udica.signatures.json index 997adc599b..7feda7f1ca 100644 --- a/SPECS-EXTENDED/udica/udica.signatures.json +++ b/SPECS-EXTENDED/udica/udica.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "udica-0.2.1.tar.gz": "6880e336873e9bcc97a6ea704fd2d7221e4187665d7fb0b657466274b7866862" + "udica-0.2.8.tar.gz": "f5453a3cdc8c7f82ad4155be9356339a579ac6cea21c10b64ca8cfe636854931" } } diff --git a/SPECS-EXTENDED/udica/udica.spec b/SPECS-EXTENDED/udica/udica.spec index 8a6098b46d..6106e81bc4 100644 --- a/SPECS-EXTENDED/udica/udica.spec +++ b/SPECS-EXTENDED/udica/udica.spec @@ -1,20 +1,26 @@ -Summary: A tool for generating SELinux security policies for containers -Name: udica -Version: 0.2.1 -Release: 3%{?dist} -Source0: https://github.com/containers/udica/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz -License: GPLv3+ -BuildArch: noarch +Summary: A tool for generating SELinux security policies for containers +Name: udica +Version: 0.2.8 +Release: 1%{?dist} +License: GPLv3+ +BuildArch: noarch Vendor: Microsoft Corporation Distribution: Azure Linux -URL: https://github.com/containers/udica - -BuildRequires: python3 python3-devel python3-setuptools -Requires: python3 python3-libsemanage python3-libselinux - - - - +URL: https://github.com/containers/udica +Source0: https://github.com/containers/udica/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz + +#git format-patch -N v0.2.8 -- . ':!.cirrus.yml' ':!.github' +Patch0001: 0001-Add-option-to-generate-custom-policy-for-a-confined-.patch +Patch0002: 0002-Add-tests-covering-confined-user-policy-generation.patch +Patch0003: 0003-confined-make-l-non-optional.patch +Patch0004: 0004-confined-allow-asynchronous-I-O-operations.patch + +BuildRequires: python3 +BuildRequires: python3-devel +BuildRequires: python3-setuptools +Requires: python3 +Requires: python3-libsemanage +Requires: python3-libselinux %description Tool for generating SELinux security profiles for containers based on @@ -24,21 +30,11 @@ inspection of container JSON file. %autosetup -p 1 %build - %{__python3} setup.py build - - - %install -install --directory %%{buildroot}%{_datadir}/udica/templates - - %{__python3} setup.py install --single-version-externally-managed --root=%{buildroot} - - - - +install --directory %{buildroot}%{_datadir}/udica/macros install --directory %{buildroot}%{_mandir}/man8 install -m 0644 udica/man/man8/udica.8 %{buildroot}%{_mandir}/man8/udica.8 @@ -47,21 +43,19 @@ install -m 0644 udica/man/man8/udica.8 %{buildroot}%{_mandir}/man8/udica.8 %{_bindir}/udica %dir %{_datadir}/udica %dir %{_datadir}/udica/ansible -%dir %{_datadir}/udica/templates +%dir %{_datadir}/udica/macros %{_datadir}/udica/ansible/* -%{_datadir}/udica/templates/* - - +%{_datadir}/udica/macros/* %license LICENSE %{python3_sitelib}/udica/ %{python3_sitelib}/udica-*.egg-info - - - - %changelog +* Thu Mar 06 2025 Jyoti Kanase - 0.2.8-1 +- Upgrade to 0.2.8 +- License verified + * Fri Oct 15 2021 Pawel Winogrodzki - 0.2.1-3 - Initial CBL-Mariner import from Fedora 32 (license: MIT). diff --git a/SPECS-EXTENDED/units/0100-units-2.22-no-network.patch b/SPECS-EXTENDED/units/0100-units-2.22-no-network.patch new file mode 100644 index 0000000000..6c85a81c88 --- /dev/null +++ b/SPECS-EXTENDED/units/0100-units-2.22-no-network.patch @@ -0,0 +1,26 @@ +From f18e95585de3d6f94c3b64af7bcc8793063223d3 Mon Sep 17 00:00:00 2001 +From: Kamil Dudka +Date: Wed, 8 Aug 2018 18:08:34 +0200 +Subject: [PATCH] Makefile.in: do not update currency.units from network + +Builds of packages are supposed to be reproducible. +--- + Makefile.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile.in b/Makefile.in +index 79baf1d..2b71aeb 100644 +--- a/Makefile.in ++++ b/Makefile.in +@@ -266,7 +266,7 @@ units.txt: units.1 + + doc: units.dvi units.info units.txt units.pdf UnitsMKS.pdf UnitsWin.pdf + +-check: all currency-update-check ++check: all + @echo Checking units + @./units -f $(srcdir)/definitions.units \ + '(((square(kiloinch)+2.84m2) /0.5) meters^2)^(1|4)' m \ +-- +2.37.2 + diff --git a/SPECS-EXTENDED/units/0101-fix-make-less-default-pager.patch b/SPECS-EXTENDED/units/0101-fix-make-less-default-pager.patch new file mode 100644 index 0000000000..574a06d1d9 --- /dev/null +++ b/SPECS-EXTENDED/units/0101-fix-make-less-default-pager.patch @@ -0,0 +1,26 @@ +From 413f9f5563ec85756ff1a35276e1c4833d15713e Mon Sep 17 00:00:00 2001 +From: Jan Macku +Date: Thu, 11 Apr 2024 16:10:28 +0200 +Subject: [PATCH] fix: make less default pager + +Resolves: #2268395 +--- + units.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/units.c b/units.c +index 469a82b..8b7dd78 100644 +--- a/units.c ++++ b/units.c +@@ -130,7 +130,7 @@ under the terms of the GNU General Public License." + #ifdef _WIN32 + # define DEFAULTPAGER "more" /* Default pager for Windows */ + #else +-# define DEFAULTPAGER "/usr/bin/pager" /* Default pager for Unix */ ++# define DEFAULTPAGER "/usr/bin/less" /* Default pager for Unix */ + #endif + #define DEFAULTLOCALE "en_US" /* Default locale */ + #define MAXINCLUDE 5 /* Max depth of include files */ +-- +2.44.0 + diff --git a/SPECS-EXTENDED/units/units.signatures.json b/SPECS-EXTENDED/units/units.signatures.json index 9d483688bc..66cfdb9e45 100644 --- a/SPECS-EXTENDED/units/units.signatures.json +++ b/SPECS-EXTENDED/units/units.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "units-2.19.tar.gz": "4262136bdfc152b63ff5a9b93a7d80ce18b5e8bebdcffddc932dda769e306556" + "units-2.23.tar.gz": "d957b451245925c9e614c4513397449630eaf92bd62b8495ba09bbe351a17370" } } diff --git a/SPECS-EXTENDED/units/units.spec b/SPECS-EXTENDED/units/units.spec index 2476c597c4..e669796178 100644 --- a/SPECS-EXTENDED/units/units.spec +++ b/SPECS-EXTENDED/units/units.spec @@ -2,20 +2,26 @@ Vendor: Microsoft Corporation Distribution: Azure Linux Summary: A utility for converting amounts from one unit to another Name: units -Version: 2.19 +Version: 2.23 Release: 4%{?dist} Source: https://ftp.gnu.org/gnu/units/%{name}-%{version}.tar.gz URL: https://www.gnu.org/software/units/units.html -License: GPLv3+ -BuildRequires: automake +License: GPL-3.0-or-later + +Requires: less + BuildRequires: bison BuildRequires: gcc +BuildRequires: make BuildRequires: ncurses-devel BuildRequires: python3-devel BuildRequires: readline-devel # do not update currency.units from network during build -Patch2: 0002-units-2.17-no-network.patch +Patch100: 0100-units-2.22-no-network.patch + +# make less a default pager to avoid error about missing /usr/bin/pager +Patch101: 0101-fix-make-less-default-pager.patch %description Units converts an amount from one unit to another, or tells you what @@ -26,19 +32,17 @@ well as conversions such as Fahrenheit to Celsius. %prep %autosetup -p1 -# make units_cur use Python 3 -sed -e 's|^AC_PATH_PROG(PYTHON, .*$|PYTHON=%{__python3}\nAC_SUBST(PYTHON)|' \ - -i configure.ac -autoreconf -fiv - %build %configure -make %{?_smp_mflags} +%make_build %install -make install DESTDIR=$RPM_BUILD_ROOT +%make_install -gzip $RPM_BUILD_ROOT%{_infodir}/units.info +# replace an absolute symlink by a relative symlink +ln -fsv ../../..%{_sharedstatedir}/units/currency.units %{buildroot}%{_datadir}/units + +gzip %{buildroot}%{_infodir}/units.info # provide a man page for units_cur as a symlink to units.1 ln -s units.1 %{buildroot}%{_mandir}/man1/units_cur.1 @@ -47,7 +51,7 @@ ln -s units.1 %{buildroot}%{_mandir}/man1/units_cur.1 make check %files -%doc ChangeLog COPYING NEWS README +%doc COPYING NEWS README %{_bindir}/units %{_bindir}/units_cur %{_datadir}/units @@ -56,8 +60,68 @@ make check %{_mandir}/man1/* %changelog -* Fri Oct 15 2021 Pawel Winogrodzki - 2.19-4 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Thu Jan 16 2025 Durga Jagadeesh Palli - 2.23-4 +- Initial Azure Linux import from Fedora 41 (license: MIT) +- License verified + +* Sat Jul 20 2024 Fedora Release Engineering - 2.23-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Thu Apr 11 2024 Jan Macku - 2.23-2 +- fix make less the default pager (#2268395) + +* Mon Feb 19 2024 Jan Macku - 2.23-1 +- new upstream release + +* Sat Jan 27 2024 Fedora Release Engineering - 2.22-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Thu Nov 30 2023 Florian Weimer - 2.22-7 +- C compatibility fix for the configure script (#2252276) + +* Sat Jul 22 2023 Fedora Release Engineering - 2.22-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Thu Apr 13 2023 Lukáš Zaoral - 2.22-5 +- migrate to SPDX license format + +* Sat Jan 21 2023 Fedora Release Engineering - 2.22-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Tue Sep 06 2022 Kamil Dudka - 2.22-3 +- remove a build system tweak related to Python 3 no longer needed + +* Tue Sep 06 2022 Kamil Dudka - 2.22-2 +- replace an absolute symlink by a relative symlink +- use %%make_build and %%make_install RPM macros + +* Tue Sep 06 2022 Kamil Dudka - 2.22-1 +- new upstream release + +* Sat Jul 23 2022 Fedora Release Engineering - 2.21-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Sat Jan 22 2022 Fedora Release Engineering - 2.21-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Fri Jul 23 2021 Fedora Release Engineering - 2.21-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Wed Jan 27 2021 Fedora Release Engineering - 2.21-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Mon Nov 16 2020 Kamil Dudka - 2.21-1 +- new upstream release + +* Thu Oct 01 2020 Kamil Dudka - 2.20-1 +- new upstream release + +* Sat Aug 01 2020 Fedora Release Engineering - 2.19-5 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Wed Jul 29 2020 Fedora Release Engineering - 2.19-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Fri Jan 31 2020 Fedora Release Engineering - 2.19-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/SPECS-EXTENDED/v4l-utils/0002-libv4lconvert-Fix-v4lconvert_yuv420_to_rgb-bgr24-not.patch b/SPECS-EXTENDED/v4l-utils/0002-libv4lconvert-Fix-v4lconvert_yuv420_to_rgb-bgr24-not.patch new file mode 100644 index 0000000000..da5963fef9 --- /dev/null +++ b/SPECS-EXTENDED/v4l-utils/0002-libv4lconvert-Fix-v4lconvert_yuv420_to_rgb-bgr24-not.patch @@ -0,0 +1,168 @@ +From c5e108f7ef4f8ba7761ddc7bad8dc88f6cae82cc Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Sun, 16 Oct 2022 11:58:58 +0200 +Subject: [PATCH v4l-utils 2/5] libv4lconvert: Fix + v4lconvert_yuv420_to_rgb/bgr24() not taking stride into account + +The atomisp driver can generate V4L2_PIX_FMT_YUV420 buffers where +stride != width. Where as v4lconvert_yuv420_to_rgb/bgr24() assumed that +stride == width is always true. + +Add a stride argument to v4lconvert_yuv420_to_rgb/bgr24() to fix this. + +Signed-off-by: Hans de Goede +--- + lib/libv4lconvert/libv4lconvert-priv.h | 4 ++-- + lib/libv4lconvert/libv4lconvert.c | 12 +++++------ + lib/libv4lconvert/rgbyuv.c | 30 ++++++++++++++++---------- + 3 files changed, 27 insertions(+), 19 deletions(-) + +diff --git a/lib/libv4lconvert/libv4lconvert-priv.h b/lib/libv4lconvert/libv4lconvert-priv.h +index 6b9128ce..495f726d 100644 +--- a/lib/libv4lconvert/libv4lconvert-priv.h ++++ b/lib/libv4lconvert/libv4lconvert-priv.h +@@ -118,10 +118,10 @@ void v4lconvert_rgb24_to_yuv420(const unsigned char *src, unsigned char *dest, + const struct v4l2_format *src_fmt, int bgr, int yvu, int bpp); + + void v4lconvert_yuv420_to_rgb24(const unsigned char *src, unsigned char *dst, +- int width, int height, int yvu); ++ int width, int height, int stride, int yvu); + + void v4lconvert_yuv420_to_bgr24(const unsigned char *src, unsigned char *dst, +- int width, int height, int yvu); ++ int width, int height, int stride, int yvu); + + void v4lconvert_yuyv_to_rgb24(const unsigned char *src, unsigned char *dst, + int width, int height, int stride); +diff --git a/lib/libv4lconvert/libv4lconvert.c b/lib/libv4lconvert/libv4lconvert.c +index e794ec00..e5d5ddde 100644 +--- a/lib/libv4lconvert/libv4lconvert.c ++++ b/lib/libv4lconvert/libv4lconvert.c +@@ -905,11 +905,11 @@ static int v4lconvert_convert_pixfmt(struct v4lconvert_data *data, + switch (dest_pix_fmt) { + case V4L2_PIX_FMT_RGB24: + v4lconvert_yuv420_to_rgb24(data->convert_pixfmt_buf, dest, width, +- height, yvu); ++ height, bytesperline, yvu); + break; + case V4L2_PIX_FMT_BGR24: + v4lconvert_yuv420_to_bgr24(data->convert_pixfmt_buf, dest, width, +- height, yvu); ++ height, bytesperline, yvu); + break; + } + break; +@@ -1398,11 +1398,11 @@ static int v4lconvert_convert_pixfmt(struct v4lconvert_data *data, + switch (dest_pix_fmt) { + case V4L2_PIX_FMT_RGB24: + v4lconvert_yuv420_to_rgb24(src, dest, width, +- height, 0); ++ height, bytesperline, 0); + break; + case V4L2_PIX_FMT_BGR24: + v4lconvert_yuv420_to_bgr24(src, dest, width, +- height, 0); ++ height, bytesperline, 0); + break; + case V4L2_PIX_FMT_YUV420: + memcpy(dest, src, width * height * 3 / 2); +@@ -1422,11 +1422,11 @@ static int v4lconvert_convert_pixfmt(struct v4lconvert_data *data, + switch (dest_pix_fmt) { + case V4L2_PIX_FMT_RGB24: + v4lconvert_yuv420_to_rgb24(src, dest, width, +- height, 1); ++ height, bytesperline, 1); + break; + case V4L2_PIX_FMT_BGR24: + v4lconvert_yuv420_to_bgr24(src, dest, width, +- height, 1); ++ height, bytesperline, 1); + break; + case V4L2_PIX_FMT_YUV420: + v4lconvert_swap_uv(src, dest, fmt); +diff --git a/lib/libv4lconvert/rgbyuv.c b/lib/libv4lconvert/rgbyuv.c +index b54b4577..1ca821ab 100644 +--- a/lib/libv4lconvert/rgbyuv.c ++++ b/lib/libv4lconvert/rgbyuv.c +@@ -93,7 +93,7 @@ void v4lconvert_rgb24_to_yuv420(const unsigned char *src, unsigned char *dest, + #define CLIP(color) (unsigned char)(((color) > 0xFF) ? 0xff : (((color) < 0) ? 0 : (color))) + + void v4lconvert_yuv420_to_bgr24(const unsigned char *src, unsigned char *dest, +- int width, int height, int yvu) ++ int width, int height, int stride, int yvu) + { + int i, j; + +@@ -101,11 +101,11 @@ void v4lconvert_yuv420_to_bgr24(const unsigned char *src, unsigned char *dest, + const unsigned char *usrc, *vsrc; + + if (yvu) { +- vsrc = src + width * height; +- usrc = vsrc + (width * height) / 4; ++ vsrc = src + stride * height; ++ usrc = vsrc + (stride * height) / 4; + } else { +- usrc = src + width * height; +- vsrc = usrc + (width * height) / 4; ++ usrc = src + stride * height; ++ vsrc = usrc + (stride * height) / 4; + } + + for (i = 0; i < height; i++) { +@@ -138,16 +138,20 @@ void v4lconvert_yuv420_to_bgr24(const unsigned char *src, unsigned char *dest, + usrc++; + vsrc++; + } ++ ysrc += stride - width; + /* Rewind u and v for next line */ + if (!(i & 1)) { + usrc -= width / 2; + vsrc -= width / 2; ++ } else { ++ usrc += (stride - width) / 2; ++ vsrc += (stride - width) / 2; + } + } + } + + void v4lconvert_yuv420_to_rgb24(const unsigned char *src, unsigned char *dest, +- int width, int height, int yvu) ++ int width, int height, int stride, int yvu) + { + int i, j; + +@@ -155,11 +159,11 @@ void v4lconvert_yuv420_to_rgb24(const unsigned char *src, unsigned char *dest, + const unsigned char *usrc, *vsrc; + + if (yvu) { +- vsrc = src + width * height; +- usrc = vsrc + (width * height) / 4; ++ vsrc = src + stride * height; ++ usrc = vsrc + (stride * height) / 4; + } else { +- usrc = src + width * height; +- vsrc = usrc + (width * height) / 4; ++ usrc = src + stride * height; ++ vsrc = usrc + (stride * height) / 4; + } + + for (i = 0; i < height; i++) { +@@ -192,10 +196,14 @@ void v4lconvert_yuv420_to_rgb24(const unsigned char *src, unsigned char *dest, + usrc++; + vsrc++; + } ++ ysrc += stride - width; + /* Rewind u and v for next line */ +- if (!(i&1)) { ++ if (!(i & 1)) { + usrc -= width / 2; + vsrc -= width / 2; ++ } else { ++ usrc += (stride - width) / 2; ++ vsrc += (stride - width) / 2; + } + } + } +-- +2.37.3 + diff --git a/SPECS-EXTENDED/v4l-utils/0003-libv4lconvert-Fix-v4lconvert_rgb565_to_rgb-bgr24-not.patch b/SPECS-EXTENDED/v4l-utils/0003-libv4lconvert-Fix-v4lconvert_rgb565_to_rgb-bgr24-not.patch new file mode 100644 index 0000000000..93c5c45fbc --- /dev/null +++ b/SPECS-EXTENDED/v4l-utils/0003-libv4lconvert-Fix-v4lconvert_rgb565_to_rgb-bgr24-not.patch @@ -0,0 +1,91 @@ +From e864210793795a50b88e77af5b7d29e6bad584e8 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Sun, 16 Oct 2022 15:40:02 +0200 +Subject: [PATCH v4l-utils 3/5] libv4lconvert: Fix + v4lconvert_rgb565_to_rgb/bgr24() not taking stride into account + +The atomisp driver can generate V4L2_PIX_FMT_RGB565 buffers where +stride != width. Where as v4lconvert_rgb565_to_rgb/bgr24() assumed that +stride == width is always true. + +Add a stride argument to v4lconvert_rgb565_to_rgb/bgr24() to fix this. + +Signed-off-by: Hans de Goede +--- + lib/libv4lconvert/libv4lconvert-priv.h | 4 ++-- + lib/libv4lconvert/libv4lconvert.c | 4 ++-- + lib/libv4lconvert/rgbyuv.c | 6 ++++-- + 3 files changed, 8 insertions(+), 6 deletions(-) + +diff --git a/lib/libv4lconvert/libv4lconvert-priv.h b/lib/libv4lconvert/libv4lconvert-priv.h +index 495f726d..f87a43a4 100644 +--- a/lib/libv4lconvert/libv4lconvert-priv.h ++++ b/lib/libv4lconvert/libv4lconvert-priv.h +@@ -178,10 +178,10 @@ int v4lconvert_y10b_to_yuv420(struct v4lconvert_data *data, + const unsigned char *src, unsigned char *dest, int width, int height); + + void v4lconvert_rgb565_to_rgb24(const unsigned char *src, unsigned char *dest, +- int width, int height); ++ int width, int height, int stride); + + void v4lconvert_rgb565_to_bgr24(const unsigned char *src, unsigned char *dest, +- int width, int height); ++ int width, int height, int stride); + + void v4lconvert_rgb565_to_yuv420(const unsigned char *src, unsigned char *dest, + const struct v4l2_format *src_fmt, int yvu); +diff --git a/lib/libv4lconvert/libv4lconvert.c b/lib/libv4lconvert/libv4lconvert.c +index e5d5ddde..77f9eca5 100644 +--- a/lib/libv4lconvert/libv4lconvert.c ++++ b/lib/libv4lconvert/libv4lconvert.c +@@ -1282,10 +1282,10 @@ static int v4lconvert_convert_pixfmt(struct v4lconvert_data *data, + } + switch (dest_pix_fmt) { + case V4L2_PIX_FMT_RGB24: +- v4lconvert_rgb565_to_rgb24(src, dest, width, height); ++ v4lconvert_rgb565_to_rgb24(src, dest, width, height, bytesperline); + break; + case V4L2_PIX_FMT_BGR24: +- v4lconvert_rgb565_to_bgr24(src, dest, width, height); ++ v4lconvert_rgb565_to_bgr24(src, dest, width, height, bytesperline); + break; + case V4L2_PIX_FMT_YUV420: + v4lconvert_rgb565_to_yuv420(src, dest, fmt, 0); +diff --git a/lib/libv4lconvert/rgbyuv.c b/lib/libv4lconvert/rgbyuv.c +index 1ca821ab..f9017016 100644 +--- a/lib/libv4lconvert/rgbyuv.c ++++ b/lib/libv4lconvert/rgbyuv.c +@@ -511,7 +511,7 @@ void v4lconvert_swap_uv(const unsigned char *src, unsigned char *dest, + } + + void v4lconvert_rgb565_to_rgb24(const unsigned char *src, unsigned char *dest, +- int width, int height) ++ int width, int height, int stride) + { + int j; + while (--height >= 0) { +@@ -525,11 +525,12 @@ void v4lconvert_rgb565_to_rgb24(const unsigned char *src, unsigned char *dest, + + src += 2; + } ++ src += stride - 2 * width; + } + } + + void v4lconvert_rgb565_to_bgr24(const unsigned char *src, unsigned char *dest, +- int width, int height) ++ int width, int height, int stride) + { + int j; + while (--height >= 0) { +@@ -543,6 +544,7 @@ void v4lconvert_rgb565_to_bgr24(const unsigned char *src, unsigned char *dest, + + src += 2; + } ++ src += stride - 2 * width; + } + } + +-- +2.37.3 + diff --git a/SPECS-EXTENDED/v4l-utils/0004-libv4lconvert-Fix-v4lconvert_nv12_-not-taking-stride.patch b/SPECS-EXTENDED/v4l-utils/0004-libv4lconvert-Fix-v4lconvert_nv12_-not-taking-stride.patch new file mode 100644 index 0000000000..1ed8f8036b --- /dev/null +++ b/SPECS-EXTENDED/v4l-utils/0004-libv4lconvert-Fix-v4lconvert_nv12_-not-taking-stride.patch @@ -0,0 +1,125 @@ +From 8cbe059875452301c61db309d3087fb496b7223d Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Sun, 16 Oct 2022 16:04:13 +0200 +Subject: [PATCH v4l-utils 4/5] libv4lconvert: Fix v4lconvert_nv12_*() not + taking stride into account + +The atomisp driver can generate V4L2_PIX_FMT_NV12 buffers where +stride != width. Where as v4lconvert_nv12_*() assumed that +stride == width is always true. + +Add a stride argument to v4lconvert_nv12_*() to fix this. + +Signed-off-by: Hans de Goede +--- + lib/libv4lconvert/libv4lconvert-priv.h | 4 ++-- + lib/libv4lconvert/libv4lconvert.c | 8 ++++---- + lib/libv4lconvert/rgbyuv.c | 18 +++++++++++++----- + 3 files changed, 19 insertions(+), 11 deletions(-) + +diff --git a/lib/libv4lconvert/libv4lconvert-priv.h b/lib/libv4lconvert/libv4lconvert-priv.h +index f87a43a4..f361f2a0 100644 +--- a/lib/libv4lconvert/libv4lconvert-priv.h ++++ b/lib/libv4lconvert/libv4lconvert-priv.h +@@ -287,10 +287,10 @@ void v4lconvert_hsv_to_rgb24(const unsigned char *src, unsigned char *dest, + int width, int height, int bgr, int Xin, unsigned char hsv_enc); + + void v4lconvert_nv12_to_rgb24(const unsigned char *src, unsigned char *dest, +- int width, int height, int bgr); ++ int width, int height, int stride, int bgr); + + void v4lconvert_nv12_to_yuv420(const unsigned char *src, unsigned char *dest, +- int width, int height, int yvu); ++ int width, int height, int stride, int yvu); + + void v4lconvert_rotate90(unsigned char *src, unsigned char *dest, + struct v4l2_format *fmt); +diff --git a/lib/libv4lconvert/libv4lconvert.c b/lib/libv4lconvert/libv4lconvert.c +index 77f9eca5..d0d38286 100644 +--- a/lib/libv4lconvert/libv4lconvert.c ++++ b/lib/libv4lconvert/libv4lconvert.c +@@ -937,16 +937,16 @@ static int v4lconvert_convert_pixfmt(struct v4lconvert_data *data, + case V4L2_PIX_FMT_NV12: + switch (dest_pix_fmt) { + case V4L2_PIX_FMT_RGB24: +- v4lconvert_nv12_to_rgb24(src, dest, width, height, 0); ++ v4lconvert_nv12_to_rgb24(src, dest, width, height, bytesperline, 0); + break; + case V4L2_PIX_FMT_BGR24: +- v4lconvert_nv12_to_rgb24(src, dest, width, height, 1); ++ v4lconvert_nv12_to_rgb24(src, dest, width, height, bytesperline, 1); + break; + case V4L2_PIX_FMT_YUV420: +- v4lconvert_nv12_to_yuv420(src, dest, width, height, 0); ++ v4lconvert_nv12_to_yuv420(src, dest, width, height, bytesperline, 0); + break; + case V4L2_PIX_FMT_YVU420: +- v4lconvert_nv12_to_yuv420(src, dest, width, height, 1); ++ v4lconvert_nv12_to_yuv420(src, dest, width, height, bytesperline, 1); + break; + } + break; +diff --git a/lib/libv4lconvert/rgbyuv.c b/lib/libv4lconvert/rgbyuv.c +index f9017016..e9fe6df9 100644 +--- a/lib/libv4lconvert/rgbyuv.c ++++ b/lib/libv4lconvert/rgbyuv.c +@@ -857,11 +857,11 @@ void v4lconvert_hsv_to_rgb24(const unsigned char *src, unsigned char *dest, + } + + void v4lconvert_nv12_to_rgb24(const unsigned char *src, unsigned char *dest, +- int width, int height, int bgr) ++ int width, int height, int stride, int bgr) + { + int i, j; + const unsigned char *ysrc = src; +- const unsigned char *uvsrc = src + width * height; ++ const unsigned char *uvsrc = src + stride * height; + + for (i = 0; i < height; i++) { + for (j = 0; j < width; j ++) { +@@ -879,18 +879,21 @@ void v4lconvert_nv12_to_rgb24(const unsigned char *src, unsigned char *dest, + uvsrc += 2; + } + ++ ysrc += stride - width; + /* Rewind u and v for next line */ + if (!(i&1)) + uvsrc -= width; ++ else ++ uvsrc += stride - width; + } + } + + void v4lconvert_nv12_to_yuv420(const unsigned char *src, unsigned char *dest, +- int width, int height, int yvu) ++ int width, int height, int stride, int yvu) + { + int i, j; + const unsigned char *ysrc = src; +- const unsigned char *uvsrc = src + width * height; ++ const unsigned char *uvsrc = src + stride * height; + unsigned char *ydst = dest; + unsigned char *udst, *vdst; + +@@ -902,7 +905,7 @@ void v4lconvert_nv12_to_yuv420(const unsigned char *src, unsigned char *dest, + vdst = udst + ((width / 2) * (height / 2)); + } + +- for (i = 0; i < height; i++) ++ for (i = 0; i < height; i++) { + for (j = 0; j < width; j++) { + *ydst++ = *ysrc++; + if (((i % 2) == 0) && ((j % 2) == 0)) { +@@ -910,4 +913,9 @@ void v4lconvert_nv12_to_yuv420(const unsigned char *src, unsigned char *dest, + *vdst++ = *uvsrc++; + } + } ++ ++ ysrc += stride - width; ++ if ((i % 2) == 0) ++ uvsrc += stride - width; ++ } + } +-- +2.37.3 + diff --git a/SPECS-EXTENDED/v4l-utils/0005-libv4lconvert-Fix-v4lconvert_nv16_to_yuyv-not-taking.patch b/SPECS-EXTENDED/v4l-utils/0005-libv4lconvert-Fix-v4lconvert_nv16_to_yuyv-not-taking.patch new file mode 100644 index 0000000000..ddad7bf936 --- /dev/null +++ b/SPECS-EXTENDED/v4l-utils/0005-libv4lconvert-Fix-v4lconvert_nv16_to_yuyv-not-taking.patch @@ -0,0 +1,97 @@ +From 2cfd6dc33d7f7743843e9ad65d31baef5508f636 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Sun, 16 Oct 2022 16:15:53 +0200 +Subject: [PATCH v4l-utils 5/5] libv4lconvert: Fix v4lconvert_nv16_to_yuyv() + not taking stride into account + +The atomisp driver can generate V4L2_PIX_FMT_NV16 buffers where +stride != width. Where as v4lconvert_nv16_to_yuyv() assumed that +stride == width is always true. + +Add a stride argument to v4lconvert_nv16_to_yuyv() to fix this. + +Signed-off-by: Hans de Goede +--- + lib/libv4lconvert/libv4lconvert-priv.h | 2 +- + lib/libv4lconvert/libv4lconvert.c | 8 ++++---- + lib/libv4lconvert/rgbyuv.c | 16 ++++++++++------ + 3 files changed, 15 insertions(+), 11 deletions(-) + +diff --git a/lib/libv4lconvert/libv4lconvert-priv.h b/lib/libv4lconvert/libv4lconvert-priv.h +index f361f2a0..00a03f9e 100644 +--- a/lib/libv4lconvert/libv4lconvert-priv.h ++++ b/lib/libv4lconvert/libv4lconvert-priv.h +@@ -133,7 +133,7 @@ void v4lconvert_yuyv_to_yuv420(const unsigned char *src, unsigned char *dst, + int width, int height, int stride, int yvu); + + void v4lconvert_nv16_to_yuyv(const unsigned char *src, unsigned char *dest, +- int width, int height); ++ int width, int height, int stride); + + void v4lconvert_yvyu_to_rgb24(const unsigned char *src, unsigned char *dst, + int width, int height, int stride); +diff --git a/lib/libv4lconvert/libv4lconvert.c b/lib/libv4lconvert/libv4lconvert.c +index d0d38286..b07bf3ba 100644 +--- a/lib/libv4lconvert/libv4lconvert.c ++++ b/lib/libv4lconvert/libv4lconvert.c +@@ -1445,10 +1445,10 @@ static int v4lconvert_convert_pixfmt(struct v4lconvert_data *data, + if (!tmpbuf) + return v4lconvert_oom_error(data); + +- v4lconvert_nv16_to_yuyv(src, tmpbuf, width, height); ++ v4lconvert_nv16_to_yuyv(src, tmpbuf, width, height, bytesperline); + src_pix_fmt = V4L2_PIX_FMT_YUYV; + src = tmpbuf; +- bytesperline = bytesperline * 2; ++ bytesperline = width * 2; + /* fall through */ + } + case V4L2_PIX_FMT_YUYV: +@@ -1482,10 +1482,10 @@ static int v4lconvert_convert_pixfmt(struct v4lconvert_data *data, + return v4lconvert_oom_error(data); + + /* Note NV61 is NV16 with U and V swapped so this becomes yvyu. */ +- v4lconvert_nv16_to_yuyv(src, tmpbuf, width, height); ++ v4lconvert_nv16_to_yuyv(src, tmpbuf, width, height, bytesperline); + src_pix_fmt = V4L2_PIX_FMT_YVYU; + src = tmpbuf; +- bytesperline = bytesperline * 2; ++ bytesperline = width * 2; + /* fall through */ + } + case V4L2_PIX_FMT_YVYU: +diff --git a/lib/libv4lconvert/rgbyuv.c b/lib/libv4lconvert/rgbyuv.c +index e9fe6df9..ce31a1ba 100644 +--- a/lib/libv4lconvert/rgbyuv.c ++++ b/lib/libv4lconvert/rgbyuv.c +@@ -304,17 +304,21 @@ void v4lconvert_yuyv_to_yuv420(const unsigned char *src, unsigned char *dest, + } + + void v4lconvert_nv16_to_yuyv(const unsigned char *src, unsigned char *dest, +- int width, int height) ++ int width, int height, int stride) + { + const unsigned char *y, *cbcr; +- int count = 0; ++ int i, j; + + y = src; +- cbcr = src + width*height; ++ cbcr = src + stride * height; + +- while (count++ < width*height) { +- *dest++ = *y++; +- *dest++ = *cbcr++; ++ for (i = 0; i < height; i++) { ++ for (j = 0; j < width; j++) { ++ *dest++ = *y++; ++ *dest++ = *cbcr++; ++ } ++ y += stride - width; ++ cbcr += stride - width; + } + } + +-- +2.37.3 + diff --git a/SPECS-EXTENDED/v4l-utils/v4l-utils.spec b/SPECS-EXTENDED/v4l-utils/v4l-utils.spec index 6106696680..55daf6c618 100644 --- a/SPECS-EXTENDED/v4l-utils/v4l-utils.spec +++ b/SPECS-EXTENDED/v4l-utils/v4l-utils.spec @@ -2,7 +2,7 @@ Vendor: Microsoft Corporation Distribution: Azure Linux Name: v4l-utils Version: 1.22.1 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Utilities for video4linux and DVB devices # libdvbv5, dvbv5 utils, ir-keytable and v4l2-sysfs-path are GPLv2 only License: GPLv2+ and GPLv2 @@ -10,6 +10,10 @@ URL: https://www.linuxtv.org/downloads/v4l-utils/ Source0: https://www.linuxtv.org/downloads/%{name}/%{name}-%{version}.tar.bz2 Patch0: 0001-utils-v4l2-TPG-Update-use-of-typeof.patch +Patch1: 0002-libv4lconvert-Fix-v4lconvert_yuv420_to_rgb-bgr24-not.patch +Patch2: 0003-libv4lconvert-Fix-v4lconvert_rgb565_to_rgb-bgr24-not.patch +Patch3: 0004-libv4lconvert-Fix-v4lconvert_nv12_-not-taking-stride.patch +Patch4: 0005-libv4lconvert-Fix-v4lconvert_nv16_to_yuyv-not-taking.patch BuildRequires: alsa-lib-devel BuildRequires: desktop-file-utils @@ -18,8 +22,9 @@ BuildRequires: gettext BuildRequires: kernel-headers BuildRequires: libjpeg-devel BuildRequires: make -BuildRequires: qt5-qtbase-devel +BuildRequires: qtbase-devel BuildRequires: systemd-devel +BuildRequires: systemd # BPF decoder dependencies %define with_bpf 1 @@ -48,16 +53,6 @@ Requires: libv4l%{?_isa} = %{version}-%{release} Utilities for v4l2 / DVB driver authors: decode_tm6000, v4l2-compliance and v4l2-dbg. - -%package -n qv4l2 -Summary: QT v4l2 test control and streaming test application -License: GPLv2+ -Requires: libv4l%{?_isa} = %{version}-%{release} - -%description -n qv4l2 -QT v4l2 test control and streaming test application. - - %package -n libv4l Summary: Collection of video4linux support libraries # Some of the decompression helpers are GPLv2, the rest is LGPLv2+ @@ -114,7 +109,7 @@ files for developing applications that use libdvbv5. %autosetup -p1 %build -export CXXFLAGS="$CXXFLAGS -std=c++14" +export CXXFLAGS="-std=c++14 $RPM_OPT_FLAGS" %configure --disable-static --enable-libdvbv5 --enable-doxygen-man # Don't use rpath! sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool @@ -130,7 +125,6 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/{v4l1compat.so,v4l2convert.so} mkdir -p $RPM_BUILD_ROOT%{_mandir}/man3/ cp -arv %{_builddir}/%{name}-%{version}/doxygen-doc/man/man3 $RPM_BUILD_ROOT%{_mandir}/ rm $RPM_BUILD_ROOT%{_mandir}/man3/_*3 -desktop-file-validate $RPM_BUILD_ROOT%{_datadir}/applications/qv4l2.desktop %find_lang %{name} %find_lang libdvbv5 @@ -166,13 +160,6 @@ desktop-file-validate $RPM_BUILD_ROOT%{_datadir}/applications/qv4l2.desktop %{_mandir}/man1/v4l2-compliance.1* %{_sbindir}/v4l2-dbg -%files -n qv4l2 -%doc README -%{_bindir}/qv4l2 -%{_datadir}/applications/qv4l2.desktop -%{_datadir}/icons/hicolor/*/apps/qv4l2.* -%{_mandir}/man1/qv4l2.1* - %files -n libv4l %doc ChangeLog README.libv4l TODO %license COPYING.libv4l COPYING @@ -198,6 +185,10 @@ desktop-file-validate $RPM_BUILD_ROOT%{_datadir}/applications/qv4l2.desktop %changelog +* Tue Mar 04 2025 Jyoti Kanase - 1.22.1-2 +- added patch to fix build +- License Verified + * Fri Mar 04 2022 Pawel Winogrodzki - 1.22.1-1 - Fixing building with GCC 11 using Fedora 36 spec (license: MIT) for guidance. - License verified. diff --git a/SPECS-EXTENDED/virt-p2v/libguestfs.keyring b/SPECS-EXTENDED/virt-p2v/libguestfs.keyring new file mode 100644 index 0000000000..bb3eb5537b Binary files /dev/null and b/SPECS-EXTENDED/virt-p2v/libguestfs.keyring differ diff --git a/SPECS-EXTENDED/virt-p2v/virt-p2v-1.42.4.tar.gz.sig b/SPECS-EXTENDED/virt-p2v/virt-p2v-1.42.4.tar.gz.sig new file mode 100644 index 0000000000..0e881c8618 --- /dev/null +++ b/SPECS-EXTENDED/virt-p2v/virt-p2v-1.42.4.tar.gz.sig @@ -0,0 +1,17 @@ +-----BEGIN PGP SIGNATURE----- + +iQJFBAABCAAvFiEE93dPsa0HSn6Mh2fqkXOPc+G3aKAFAmcp+1MRHHJpY2hAYW5u +ZXhpYS5vcmcACgkQkXOPc+G3aKDukBAAp8bca3qdFPIBqnxrCuFnZJYkrugTKbvV +5dakRj1dVNr1aX3DnvgBVhKmJyp2r0WpvvCkCBoZqiJsYI3Y9FvCRP36l47FB2zC +Vn0P3eItCfqiheuFuwU6f7uDcTpHHCcsV3RWPQBZd/HOdXghZCn7KbCj+yUQiVvI +nRhpJ5yNgybDsKV41p3uXEIIwOOy6O8gQCFgV1iLmmKS0yVSIy4udLqM5KE2KuKM +nPlc5FwHl1Ou/H7INtmQ8EGpiVemyBmgkAu8JE2BJHp7JUTruAUjaHs6zmnayCrx +ojfXcxSlBBLSrKwUBW4WzhkzRqbiPJ/NFwkyTnOVhMyu0maehnaZMr7LWL57kSb7 +NPNzIDL6zVaJO2CikgELSSn3jzzTntnRgHkLFgfqt54oPhp3RzT95uYqu+8sgx24 +VihQWEgM+kvfgqpIuYEzrExL2bA+xdqlc2ppIx0o7l1spi1Zvh9zgG5u+7Fhx9cs +5tuIk2oKwhr6YbRkkvViJt66MKlJA1aHGrqCT34yvuBG7O3u11aP1QruN30kU2aI +CJ6bDZwz6InQ2+mbxH+te6PgDcFLtXMhCFp8UcNNtvy/ddxfRniOLUzYSMC2uhpd +uTakFDG4q8rQtc6rwC6jewxEV2eNmyKKnEU1P5pmLrV/wUqwH/QGH7prm+Mpz+vX +2NKaPyyZS74= +=/YcD +-----END PGP SIGNATURE----- diff --git a/SPECS-EXTENDED/virt-p2v/virt-p2v.signatures.json b/SPECS-EXTENDED/virt-p2v/virt-p2v.signatures.json index d982d7c87b..b9f5ef5d84 100644 --- a/SPECS-EXTENDED/virt-p2v/virt-p2v.signatures.json +++ b/SPECS-EXTENDED/virt-p2v/virt-p2v.signatures.json @@ -1,5 +1,7 @@ { "Signatures": { - "virt-p2v-1.42.0.tar.gz": "b1164bde6658646f11e8ff0da36fe5acbedde3445cc8424110c08fc144564e20" + "libguestfs.keyring": "de74373a15bd572ad74f276ee063d2cefa915470863829c0dda6af488d6315d8", + "virt-p2v-1.42.4.tar.gz": "20ff7bec5ed630ae1928da026e6e6e471e8eb1869222762fd9ab4681975b98c5", + "virt-p2v-1.42.4.tar.gz.sig": "0c16c68cb98f14041087bbd8aa7d42ef40f81144d6877123099b30f5ca9cd776" } } diff --git a/SPECS-EXTENDED/virt-p2v/virt-p2v.spec b/SPECS-EXTENDED/virt-p2v/virt-p2v.spec index e91e58071a..603ecbd277 100644 --- a/SPECS-EXTENDED/virt-p2v/virt-p2v.spec +++ b/SPECS-EXTENDED/virt-p2v/virt-p2v.spec @@ -8,58 +8,46 @@ Distribution: Azure Linux Summary: Convert a physical machine to run on KVM Name: virt-p2v -Version: 1.42.0 -Release: 6%{?dist} -License: GPLv2+ and LGPLv2+ - -# virt-p2v works only on x86_64 at the moment. It requires porting -# to properly detect the hardware on other architectures, and furthermore -# virt-v2v requires porting too. -ExclusiveArch: x86_64 +Version: 1.42.4 +Release: 2%{?dist} +License: GPL-2.0-or-later AND LGPL-2.0-or-later # Source and patches. -URL: http://libguestfs.org/ -Source0: http://download.libguestfs.org/%{name}/%{name}-%{version}.tar.gz +URL: https://libguestfs.org/ +Source0: https://download.libguestfs.org/%{name}/%{name}-%{version}.tar.gz +Source1: https://download.libguestfs.org/%{name}/%{name}-%{version}.tar.gz.sig + +Source2: libguestfs.keyring # Basic build requirements. +BuildRequires: make BuildRequires: gcc BuildRequires: perl(Pod::Simple) BuildRequires: perl(Pod::Man) BuildRequires: perl(List::MoreUtils) BuildRequires: /usr/bin/pod2text BuildRequires: libxml2-devel -BuildRequires: pcre-devel -BuildRequires: bash-completion +BuildRequires: pcre2-devel +BuildRequires: bash-completion-devel BuildRequires: xz BuildRequires: gtk3-devel BuildRequires: dbus-devel BuildRequires: m4 +BuildRequires: gnupg2 # Test suite requirements. -BuildRequires: /usr/bin/qemu-nbd - -# https://fedoraproject.org/wiki/Packaging:No_Bundled_Libraries#Packages_granted_exceptions -Provides: bundled(gnulib) - +BuildRequires: nbdkit Requires: gawk Requires: gzip # virt-p2v-make-disk runs virt-builder: -Requires: libguestfs-tools-c +Requires: libguestfs # virt-p2v-make-kickstart runs strip: Requires: binutils -# Migrate from the old virt-p2v-maker: -Provides: virt-p2v-maker = %{version}-%{release} -Obsoletes: virt-p2v-maker < 1.41.5 - -# The bash completion for p2v were shipped with the others of libguestfs: -Obsoletes: libguestfs-bash-completion < 1.41.5 - - %description Virt-p2v converts (virtualizes) physical machines so they can be run as virtual machines under KVM. @@ -73,16 +61,15 @@ To convert virtual machines from other hypervisors, see virt-v2v. %prep -%setup -q -%autopatch -p1 +%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}' +%autosetup -p1 %build %configure \ - --with-extra="fedora=%{fedora},release=%{release}" \ - --disable-gnulib-tests + --with-extra="fedora=%{fedora},release=%{release}" -make V=1 %{?_smp_mflags} +%make_build %check @@ -94,16 +81,17 @@ fi %install -make DESTDIR=$RPM_BUILD_ROOT install +%make_install # Delete the development man pages. rm $RPM_BUILD_ROOT%{_mandir}/man1/p2v-building.1* rm $RPM_BUILD_ROOT%{_mandir}/man1/p2v-hacking.1* rm $RPM_BUILD_ROOT%{_mandir}/man1/p2v-release-notes.1* + %files %doc README -%license COPYING COPYING.LIB +%license COPYING %{_bindir}/virt-p2v-make-disk %{_bindir}/virt-p2v-make-kickstart %{_bindir}/virt-p2v-make-kiwi @@ -117,18 +105,63 @@ rm $RPM_BUILD_ROOT%{_mandir}/man1/p2v-release-notes.1* %changelog -* Tue Sep 26 2023 Pawel Winogrodzki - 1.42.0-6 -- Removing 'exit' calls from the '%%check' section. - -* Fri Jan 21 2022 Pawel Winogrodzki - 1.42.0-5 +* Fri Jan 31 2025 Archana Shettigar - 1.42.4-2 +- Initial Azure Linux import from Fedora 41 (license: MIT). +- Remove epoch - Removing in-spec verification of source tarballs. - License verified. +- Removing 'exit' calls from the '%%check' section. -* Thu Oct 28 2021 Muhammad Falak - 1.42.0-4 -- Remove epoch +* Tue Nov 05 2024 Richard W.M. Jones - 1:1.42.4-1 +- New upstream version 1.42.4 + +* Sat Jul 20 2024 Fedora Release Engineering - 1:1.42.3-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Mon Mar 25 2024 Richard W.M. Jones - 1:1.42.3-6 +- Use %%{bash_completions_dir} macro +- BR bash-completion-devel (new in Rawhide) + +* Sat Jan 27 2024 Fedora Release Engineering - 1:1.42.3-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sat Jul 22 2023 Fedora Release Engineering - 1:1.42.3-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Mon Jun 05 2023 Richard W.M. Jones - 1:1.42.3-3 +- Migrated to SPDX license + +* Sat Jan 21 2023 Fedora Release Engineering - 1:1.42.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Tue Oct 11 2022 Richard W.M. Jones - 1:1.42.3-1 +- New upstream release 1.42.3 + +* Wed Aug 03 2022 Richard W.M. Jones - 1:1.42.2-1 +- New upstream release 1.42.2 +- Uses PCRE2 instead of PCRE. +- Remove Obsolete/Provides etc used for upgrades from Fedora 31. +- libguestfs-tools-c was renamed to guestfs-tools in Fedora 34. + +* Sat Jul 23 2022 Fedora Release Engineering - 1:1.42.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Tue May 10 2022 Richard W.M. Jones - 1:1.42.1-1 +- New upstream release 1.42.1 +- gnulib removed upstream. +- Some specfile modernization. + +* Sat Jan 22 2022 Fedora Release Engineering - 1:1.42.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Fri Jul 23 2021 Fedora Release Engineering - 1:1.42.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Wed Jan 27 2021 Fedora Release Engineering - 1:1.42.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild -* Fri Oct 15 2021 Pawel Winogrodzki - 1:1.42.0-3 -- Initial CBL-Mariner import from Fedora 32 (license: MIT). +* Wed Jul 29 2020 Fedora Release Engineering - 1:1.42.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Fri Jan 31 2020 Fedora Release Engineering - 1:1.42.0-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild diff --git a/SPECS-EXTENDED/xorg-x11-drv-libinput/0001-Add-a-DPIScaleFactor-option-as-temporary-solution-to.patch b/SPECS-EXTENDED/xorg-x11-drv-libinput/0001-Add-a-DPIScaleFactor-option-as-temporary-solution-to.patch new file mode 100644 index 0000000000..dddd9da69f --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-drv-libinput/0001-Add-a-DPIScaleFactor-option-as-temporary-solution-to.patch @@ -0,0 +1,98 @@ +From 41d20d35c1587f3de35acf47f926c97a30680978 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer +Date: Thu, 18 May 2017 14:45:18 +1000 +Subject: [PATCH xf86-input-libinput] Add a DPIScaleFactor option as temporary + solution to the hidpi issue + +https://bugzilla.redhat.com/show_bug.cgi?id=1413306 +--- + man/libinput.man | 21 +++++++++++++++++++++ + src/xf86libinput.c | 26 ++++++++++++++++++++++++++ + 2 files changed, 47 insertions(+) + +diff --git a/man/libinput.man b/man/libinput.man +index ec0f439..bdbdb37 100644 +--- a/man/libinput.man ++++ b/man/libinput.man +@@ -386,6 +386,27 @@ This driver does not work with \fBOption \*qDevice\*q\fR set to an event + node in \fI/dev/input/by-id\fR and \fI/dev/input/by-path\fR. This can be + usually be worked by using \fBSection \*qInputClass\*q\fR with an + appropriate \fBMatch*\fR statement in the __xconfigfile__(__filemansuffix__). ++.PP ++This driver does not know about the display pixel density and submits motion ++events assuming an approximate display density of 96dpi. On high-dpi ++screens this results in a slower physical motion of the cursor (a one-pixel ++movement is a smaller physical movement on the screen). This can make ++interaction with the desktop difficult. ++.PP ++.TP 7 ++.BI "Option \*qDPIScaleFactor\*q float ++This is a ++.B temporary ++solution. The factor should be set to the approximate ratio of the host display ++compared to the default 96dpi. For example, a display with 200dpi should set ++a factor of 2.0. ++.PP ++If set, x/y motion will be unconditionally multiplied by this factor, ++resulting in faster movement of the cursor. Note that this may make some ++pixels unadressable and should be used with caution. ++.PP ++.B This option is a temporary solution. ++It may be removed in any future update of this driver. + + .SH AUTHORS + Peter Hutterer +diff --git a/src/xf86libinput.c b/src/xf86libinput.c +index 83ab75d..c1a1ce2 100644 +--- a/src/xf86libinput.c ++++ b/src/xf86libinput.c +@@ -194,6 +194,8 @@ struct xf86libinput { + struct scale_factor { + double x, y; + } area_scale_factor; ++ ++ double dpi_scale_factor; /* Fedora hack */ + }; + + enum event_handling { +@@ -1463,6 +1465,11 @@ xf86libinput_handle_motion(InputInfoPtr pInfo, struct libinput_event_pointer *ev + x = libinput_event_pointer_get_dx(event); + y = libinput_event_pointer_get_dy(event); + ++ if (driver_data->dpi_scale_factor > 0.0) { ++ x *= driver_data->dpi_scale_factor; ++ y *= driver_data->dpi_scale_factor; ++ } ++ + valuator_mask_zero(mask); + + #if HAVE_VMASK_UNACCEL +@@ -3421,6 +3428,25 @@ xf86libinput_pre_init(InputDriverPtr drv, + + xf86libinput_parse_options(pInfo, driver_data, device); + ++ /* XXX: ++ Fedora hack for bug https://bugzilla.redhat.com/show_bug.cgi?id=1413306 ++ This is temporary only, but at least makes it work for now. ++ */ ++ ++ if (xf86CheckRealOption(pInfo->options, "DPIScaleFactor", 0.0) != 0.0) { ++ xf86IDrvMsg(pInfo, X_WARNING, ++ "\n" ++ "******************** WARNING ********************\n" ++ "* DPIScaleFactor option is a temporary solution *\n" ++ "* and may cease to work without warning! *\n" ++ "******************** WARNING ********************\n"); ++ driver_data->dpi_scale_factor = xf86SetRealOption(pInfo->options, "DPIScaleFactor", 0.0); ++ if (driver_data->dpi_scale_factor < 0.0) { ++ xf86IDrvMsg(pInfo, X_ERROR, "Invalid DPIScaleFactor, ignoring value\n"); ++ driver_data->dpi_scale_factor = 0.0; ++ } ++ } ++ + /* Device is both keyboard and pointer. Drop the keyboard cap from + * this device, create a separate device instead */ + if (!is_subdevice && +-- +2.14.3 + diff --git a/SPECS-EXTENDED/xorg-x11-drv-libinput/71-libinput-overrides-wacom.conf b/SPECS-EXTENDED/xorg-x11-drv-libinput/71-libinput-overrides-wacom.conf new file mode 100644 index 0000000000..69b1afa98e --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-drv-libinput/71-libinput-overrides-wacom.conf @@ -0,0 +1,7 @@ +# Assign libinput back to touchpads on Wacom tablets +Section "InputClass" + Identifier "libinput overrides wacom touchpads" + MatchDriver "wacom" + MatchIsTouchpad "true" + Driver "libinput" +EndSection diff --git a/SPECS-EXTENDED/xorg-x11-drv-libinput/xorg-x11-drv-libinput.signatures.json b/SPECS-EXTENDED/xorg-x11-drv-libinput/xorg-x11-drv-libinput.signatures.json new file mode 100644 index 0000000000..f744aa2a13 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-drv-libinput/xorg-x11-drv-libinput.signatures.json @@ -0,0 +1,6 @@ +{ + "Signatures": { + "71-libinput-overrides-wacom.conf": "3bac43ac083a5033e9a240832be08bcbe740a6a35c1fb42140b6160379736fbf", + "xf86-input-libinput-0.30.0.tar.bz2": "f9c7f9fd41ae14061e0e9c3bd45fa170e5e21027a2bc5810034e1e748db996c0" + } +} diff --git a/SPECS-EXTENDED/xorg-x11-drv-libinput/xorg-x11-drv-libinput.spec b/SPECS-EXTENDED/xorg-x11-drv-libinput/xorg-x11-drv-libinput.spec new file mode 100644 index 0000000000..01b9be5264 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-drv-libinput/xorg-x11-drv-libinput.spec @@ -0,0 +1,321 @@ +%global tarball xf86-input-libinput +%global moduledir %(pkg-config xorg-server --variable=moduledir ) +%global driverdir %{moduledir}/input + +Summary: Xorg X11 libinput input driver +Name: xorg-x11-drv-libinput +Version: 0.30.0 +Release: 7%{?dist} +License: MIT +Vendor: Microsoft Corporation +Distribution: Azure Linux +URL: https://www.x.org +Source0: ftp://ftp.x.org/pub/individual/driver/%{tarball}-%{version}.tar.bz2 +Source1: 71-libinput-overrides-wacom.conf + +# Fedora-only hack for hidpi screens +# https://bugzilla.redhat.com/show_bug.cgi?id=1413306 +Patch01: 0001-Add-a-DPIScaleFactor-option-as-temporary-solution-to.patch + +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: libevdev-devel +BuildRequires: libinput-devel >= 0.6.0-3 +BuildRequires: libtool +BuildRequires: systemd-devel +BuildRequires: xorg-x11-server-devel >= 1.14.0 +BuildRequires: xorg-x11-util-macros + +Requires: Xorg +Requires: libinput >= 0.21.0 +Requires: xkeyboard-config + +Provides: xorg-x11-drv-synaptics = 1.9.0-3 +Obsoletes: xorg-x11-drv-synaptics < 1.9.0-3 + +%description +A generic input driver for the X.Org X11 X server based on libinput, +supporting all devices. + +%package devel +Summary: Xorg X11 libinput input driver development package. + +Requires: pkg-config + +%description devel +Xorg X11 libinput input driver development files. + +%prep +%autosetup -p1 -n %{tarball}-%{version} + +%build +autoreconf --force -v --install || exit 1 +%configure --disable-static --disable-silent-rules +make %{?_smp_mflags} + +%install +%make_install + +# We intentionally don't ship *.la files +find %{buildroot} -type f -name "*.la" -delete -print + +cp %{SOURCE1} %{buildroot}%{_datadir}/X11/xorg.conf.d/ + +%files +%license COPYING +%{driverdir}/libinput_drv.so +%{_datadir}/X11/xorg.conf.d/40-libinput.conf +%{_datadir}/X11/xorg.conf.d/71-libinput-overrides-wacom.conf +%{_mandir}/man4/libinput.4* + +%files devel +%license COPYING +%{_libdir}/pkgconfig/xorg-libinput.pc +%dir %{_includedir}/xorg/ +%{_includedir}/xorg/libinput-properties.h + +%changelog +* Thu Jul 18 2024 Hideyuki Nagase - 0.30.0-7 +- Moved to SPECS-EXTENDED. + +* Wed Sep 20 2023 Jon Slobodzian - 0.30.0-6 +- Recompile with stack-protection fixed gcc version (CVE-2023-4039) + +* Fri Apr 22 2022 Olivia Crain - 0.30.0-5 +- Remove explicit pkgconfig provides that are now automatically generated by RPM + +* Fri Jan 15 2021 Pawel Winogrodzki - 0.30.0-4 +- Initial CBL-Mariner import from Fedora 33 (license: MIT). +- License verified. +- Added explicit "Provides" for "pkgconfig(*)". +- Change BR 'libudev-devel' to 'systemd-devel', which is CBL-Mariner's equivalent. + +* Sat Aug 01 2020 Fedora Release Engineering - 0.30.0-3 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Wed Jul 29 2020 Fedora Release Engineering - 0.30.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Tue May 19 2020 Peter Hutterer 0.30.0-1 +- xf86-input-libinput 0.30.0 + +* Fri Jan 31 2020 Fedora Release Engineering - 0.29.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Mon Aug 12 2019 Peter Hutterer 0.29.0-1 +- xf86-input-libinput 0.29.0 + +* Sat Jul 27 2019 Fedora Release Engineering - 0.28.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Mon Feb 04 2019 Peter Hutterer 0.28.2-1 +- xf86-input-libinput 0.28.2 + +* Sun Feb 03 2019 Fedora Release Engineering - 0.28.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Mon Oct 15 2018 Peter Hutterer 0.28.1-1 +- xf86-input-libinput 0.28.1 + +* Sat Jul 14 2018 Fedora Release Engineering - 0.28.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Wed Jul 11 2018 Peter Hutterer 0.28.0-1 +- xf86-input-libinput 0.28.0 + +* Thu Apr 12 2018 Peter Hutterer 0.27.1-2 +- Build on s390x (#1565062) + +* Tue Apr 10 2018 Peter Hutterer 0.27.1-1 +- xorg-x11-drv-libinput 0.27.1 + +* Mon Apr 02 2018 Adam Jackson - 0.27.0-3 +- Rebuild for xserver 1.20 + +* Thu Mar 22 2018 Peter Hutterer 0.27.0-2 +- Fix left-handed property missing on all but the first pointer device + +* Tue Mar 20 2018 Peter Hutterer 0.27.0-1 +- xorg-x11-drv-libinput 0.27.0 + +* Fri Feb 09 2018 Fedora Release Engineering - 0.26.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Fri Sep 15 2017 Peter Hutterer 0.26.0-1 +- xorg-x11-drv-libinput 0.26.0 + +* Thu Aug 03 2017 Fedora Release Engineering - 0.25.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 0.25.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Thu May 18 2017 Peter Hutterer 0.25.1-2 +- Add a new option to provide a workaround for the slow pointer movement on + hidpi displays (#1413306) . + That's a fedora-only patch for now, no idea what the permanent upstream + solution will be here. + +* Fri May 05 2017 Peter Hutterer 0.25.1-1 +- xorg-x11-drv-libinput 0.25.1 + +* Thu Mar 09 2017 Peter Hutterer 0.25.0-1 +- libinput 0.25.0 + +* Thu Feb 09 2017 Peter Hutterer 0.24.0-1 +- libinput 0.24.0 + +* Wed Dec 21 2016 Peter Hutterer 0.23.0-2 +- Ignore LED updates for disabled devices, avoids a null-pointer dereference + when an AccessX timeout is set + +* Mon Dec 12 2016 Peter Hutterer 0.23.0-1 +- libnput 0.23.0 + +* Fri Nov 25 2016 Peter Hutterer 0.22.0-4 +- Override touchpads assigned the wacom driver with libinput again + (#1397477) + +* Fri Nov 18 2016 Peter Hutterer 0.22.0-3 +- Provide xorg-x11-drv-synaptics. The actual content is now provided by + xorg-x11-drv-synaptics-legacy (#1394836). For details, see + https://fedoraproject.org/wiki/Changes/RetireSynapticsDriver + +* Tue Nov 01 2016 Peter Hutterer 0.22.0-2 +- Match against tablets too + +* Wed Oct 19 2016 Peter Hutterer 0.22.0-1 +- xf86-input-libinput 0.22.0 + +* Tue Oct 18 2016 Peter Hutterer 0.20.0-1 +- xf86-input-libinput 0.20.0 + +* Thu Sep 29 2016 Hans de Goede 0.19.1-3.20160929 +- Fix crash when the first detected input device gets removed (rhbz#1381840) + +* Thu Sep 29 2016 Hans de Goede 0.19.1-2.20160929 +- Update to latest git master for use with xserver-1.19 +- Rebuild against xserver-1.19 + +* Wed Sep 14 2016 Peter Hutterer 0.19.1-1 +- xf86-input-libinput 0.19.1 + +* Tue Jul 19 2016 Peter Hutterer 0.19.0-2 +- Bump to make F24 update path happy + +* Thu Apr 28 2016 Peter Hutterer 0.19.0-1 +- xf86-input-libinput 0.19.0 + +* Fri Feb 26 2016 Peter Hutterer 0.17.0-1 +- xf86-input-libinput 0.17.0 + +* Fri Feb 05 2016 Fedora Release Engineering - 0.16.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Wed Dec 23 2015 Peter Hutterer 0.16.0-1 +- xf86-input-libinput 0.16.0 + +* Tue Oct 27 2015 Peter Hutterer 0.15.0-1 +- xf86-input-libinput 0.15.0 + +* Wed Sep 16 2015 Dave Airlie - 0.14.0-2 +- 1.18 ABI rebuild + +* Mon Aug 31 2015 Peter Hutterer 0.14.0-1 +- xf86-input-libinput 0.14.0 + +* Mon Aug 17 2015 Peter Hutterer 0.13.0-2 +- Add drag lock support (#1249309) + +* Tue Aug 11 2015 Peter Hutterer 0.13.0-1 +- xf86-input-libinput 0.13.0 + +* Wed Jul 29 2015 Dave Airlie 0.12.0-2 +- bump for X server ABI + +* Tue Jul 14 2015 Peter Hutterer 0.12.0-1 +- xf86-input-libinput 0.12.0 + +* Mon Jul 13 2015 Peter Hutterer 0.11.0-3 +- Restore unaccelerated valuator masks (#1208992) + +* Fri Jun 19 2015 Fedora Release Engineering - 0.11.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Mon Jun 15 2015 Peter Hutterer 0.11.0-1 +- xf86-input-libinput 0.11.0 +- support buttons higher than BTN_BACK (1230945) + +* Mon Jun 01 2015 Peter Hutterer 0.10.0-5 +- Fix missing scroll button property + +* Fri May 29 2015 Nils Philippsen 0.10.0-4 +- fix URL + +* Tue May 26 2015 Peter Hutterer 0.10.0-3 +- Use the new unnaccelerated valuator masks, fixes nonmoving mouse in SDL + (#1208992) + +* Fri May 22 2015 Peter Hutterer 0.10.0-2 +- Init mixed rel/abs devices as rel devices (#1223619) + +* Thu May 21 2015 Peter Hutterer 0.10.0-1 +- xf86-input-libinput 0.10.0 + +* Thu Apr 23 2015 Peter Hutterer 0.9.0-1 +- xf86-input-libinput 0.9.0 + +* Tue Mar 10 2015 Peter Hutterer - 0.8.0-2 +- Rebuild for libinput soname bump + +* Fri Mar 06 2015 Peter Hutterer 0.8.0-1 +- xf86-input-libinput 0.8.0 + +* Thu Mar 05 2015 Peter Hutterer 0.7.0-5 +- Fix two-finger scrolling speed (#1198467) + +* Thu Feb 26 2015 Peter Hutterer 0.7.0-4 +- Fix property setting patch, first version prevented re-enabling a device. + +* Wed Feb 25 2015 Peter Hutterer 0.7.0-3 +- Fix a crash when setting properties on a disabled device + +* Wed Feb 25 2015 Peter Hutterer 0.7.0-2 +- Fix stack smash on pointer init (#1195905) + +* Tue Feb 24 2015 Peter Hutterer 0.7.0-1 +- xorg-x11-drv-libinput 0.7.0 + +* Tue Jan 27 2015 Peter Hutterer 0.6.0-1 +- xorg-x11-drv-libinput 0.6.0 + +* Fri Jan 16 2015 Peter Hutterer 0.5.0-1 +- xorg-x11-drv-libinput 0.5.0 + +* Fri Dec 05 2014 Peter Hutterer 0.4.0-1 +- xorg-x11-drv-libinput 0.4.0 + +* Mon Nov 24 2014 Peter Hutterer 0.3.0-1 +- xorg-x11-drv-libinput 0.3.0 + +* Mon Nov 24 2014 Peter Hutterer 0.2.0-2 +- Add explicit (Build)Requires for libinput 0.6.0-3, we rely on new symbols + from the git snapshot + +* Mon Nov 24 2014 Peter Hutterer 0.2.0-1 +- Only match on specific device types, don't match on joysticks or tablets +- libinput 0.2.0 +- switch to new fdo host + +* Fri Sep 12 2014 Peter Hutterer - 0.1.2-3 +- Rebuild for libinput soname bump + +* Mon Aug 18 2014 Fedora Release Engineering - 0.1.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Thu Jul 24 2014 Peter Hutterer 0.1.2-1 +- Update to 0.1.2, dropping the pkgconfig files + +* Thu Jun 26 2014 Peter Hutterer 0.1.1-1 +- Initial release (#1113392) diff --git a/SPECS-EXTENDED/xorg-x11-server/0001-Fedora-hack-Make-the-suid-root-wrapper-always-start-.patch b/SPECS-EXTENDED/xorg-x11-server/0001-Fedora-hack-Make-the-suid-root-wrapper-always-start-.patch new file mode 100644 index 0000000000..9355ad2776 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0001-Fedora-hack-Make-the-suid-root-wrapper-always-start-.patch @@ -0,0 +1,41 @@ +From 38ae53c94a88c7bd5877c72a12582b60865e07ff Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Thu, 17 Apr 2014 15:50:44 +0200 +Subject: [PATCH] Fedora hack: Make the suid-root wrapper start the server with + root rights + +Do NOT upstream. + +Since most display managers are not ready yet to start Xorg in way which will +keep it working without root-rights, see: +https://fedoraproject.org/wiki/Changes/XorgWithoutRootRights + +Just keep starting X as root for now, but do it through the wrapper, by +overriding the needs_root_rights = -1 (auto) default and setting it to 1. + +We set a special environment variable when starting X in a way where root +rights are not needed (from gdm and startx) and keep the upstream +needs_root_rights = -1 (auto) default in that case. + +Signed-off-by: Hans de Goede +--- + hw/xfree86/xorg-wrapper.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/hw/xfree86/xorg-wrapper.c b/hw/xfree86/xorg-wrapper.c +index 4c37cfc..ae5d27f 100644 +--- a/hw/xfree86/xorg-wrapper.c ++++ b/hw/xfree86/xorg-wrapper.c +@@ -198,6 +198,9 @@ int main(int argc, char *argv[]) + int needs_root_rights = -1; + char *const empty_envp[1] = { NULL, }; + ++ if (getenv("XORG_RUN_AS_USER_OK") == NULL) ++ needs_root_rights = 1; ++ + progname = argv[0]; + + parse_config(&allowed, &needs_root_rights); +-- +2.4.3 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0001-autobind-GPUs-to-the-screen.patch b/SPECS-EXTENDED/xorg-x11-server/0001-autobind-GPUs-to-the-screen.patch new file mode 100644 index 0000000000..86b96a23e4 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0001-autobind-GPUs-to-the-screen.patch @@ -0,0 +1,293 @@ +From 471289fa1dc359555ceed6302f7d9605ab6be3ea Mon Sep 17 00:00:00 2001 +From: Dave Airlie +Date: Mon, 2 Apr 2018 16:49:02 -0400 +Subject: [PATCH] autobind GPUs to the screen + +This is a modified version of a patch we've been carry-ing in Fedora and +RHEL for years now. This patch automatically adds secondary GPUs to the +master as output sink / offload source making e.g. the use of +slave-outputs just work, with requiring the user to manually run +"xrandr --setprovideroutputsource" before he can hookup an external +monitor to his hybrid graphics laptop. + +There is one problem with this patch, which is why it was not upstreamed +before. What to do when a secondary GPU gets detected really is a policy +decission (e.g. one may want to autobind PCI GPUs but not USB ones) and +as such should be under control of the Desktop Environment. + +Unconditionally adding autobinding support to the xserver will result +in races between the DE dealing with the hotplug of a secondary GPU +and the server itself dealing with it. + +However we've waited for years for any Desktop Environments to actually +start doing some sort of autoconfiguration of secondary GPUs and there +is still not a single DE dealing with this, so I believe that it is +time to upstream this now. + +To avoid potential future problems if any DEs get support for doing +secondary GPU configuration themselves, the new autobind functionality +is made optional. Since no DEs currently support doing this themselves it +is enabled by default. When DEs grow support for doing this themselves +they can disable the servers autobinding through the servers cmdline or a +xorg.conf snippet. + +Signed-off-by: Dave Airlie +[hdegoede@redhat.com: Make configurable, fix with nvidia, submit upstream] +Signed-off-by: Hans de Goede +--- + hw/xfree86/common/xf86Config.c | 19 +++++++++++++++++++ + hw/xfree86/common/xf86Globals.c | 2 ++ + hw/xfree86/common/xf86Init.c | 20 ++++++++++++++++++++ + hw/xfree86/common/xf86Priv.h | 1 + + hw/xfree86/common/xf86Privstr.h | 1 + + hw/xfree86/common/xf86platformBus.c | 4 ++++ + hw/xfree86/man/Xorg.man | 7 +++++++ + hw/xfree86/man/xorg.conf.man | 6 ++++++ + randr/randrstr.h | 3 +++ + randr/rrprovider.c | 22 ++++++++++++++++++++++ + 10 files changed, 85 insertions(+) + +diff --git a/hw/xfree86/common/xf86Config.c b/hw/xfree86/common/xf86Config.c +index 2c1d335..d7d7c2e 100644 +--- a/hw/xfree86/common/xf86Config.c ++++ b/hw/xfree86/common/xf86Config.c +@@ -643,6 +643,7 @@ typedef enum { + FLAG_DRI2, + FLAG_USE_SIGIO, + FLAG_AUTO_ADD_GPU, ++ FLAG_AUTO_BIND_GPU, + FLAG_MAX_CLIENTS, + FLAG_IGLX, + FLAG_DEBUG, +@@ -699,6 +700,8 @@ static OptionInfoRec FlagOptions[] = { + {0}, FALSE}, + {FLAG_AUTO_ADD_GPU, "AutoAddGPU", OPTV_BOOLEAN, + {0}, FALSE}, ++ {FLAG_AUTO_BIND_GPU, "AutoBindGPU", OPTV_BOOLEAN, ++ {0}, FALSE}, + {FLAG_MAX_CLIENTS, "MaxClients", OPTV_INTEGER, + {0}, FALSE }, + {FLAG_IGLX, "IndirectGLX", OPTV_BOOLEAN, +@@ -779,6 +782,22 @@ configServerFlags(XF86ConfFlagsPtr flagsconf, XF86OptionPtr layoutopts) + } + xf86Msg(from, "%sutomatically adding GPU devices\n", + xf86Info.autoAddGPU ? "A" : "Not a"); ++ ++ if (xf86AutoBindGPUDisabled) { ++ xf86Info.autoBindGPU = FALSE; ++ from = X_CMDLINE; ++ } ++ else if (xf86IsOptionSet(FlagOptions, FLAG_AUTO_BIND_GPU)) { ++ xf86GetOptValBool(FlagOptions, FLAG_AUTO_BIND_GPU, ++ &xf86Info.autoBindGPU); ++ from = X_CONFIG; ++ } ++ else { ++ from = X_DEFAULT; ++ } ++ xf86Msg(from, "%sutomatically binding GPU devices\n", ++ xf86Info.autoBindGPU ? "A" : "Not a"); ++ + /* + * Set things up based on the config file information. Some of these + * settings may be overridden later when the command line options are +diff --git a/hw/xfree86/common/xf86Globals.c b/hw/xfree86/common/xf86Globals.c +index e890f05..7b27b4c 100644 +--- a/hw/xfree86/common/xf86Globals.c ++++ b/hw/xfree86/common/xf86Globals.c +@@ -131,6 +131,7 @@ xf86InfoRec xf86Info = { + #else + .autoAddGPU = FALSE, + #endif ++ .autoBindGPU = TRUE, + }; + + const char *xf86ConfigFile = NULL; +@@ -191,6 +192,7 @@ Bool xf86FlipPixels = FALSE; + Gamma xf86Gamma = { 0.0, 0.0, 0.0 }; + + Bool xf86AllowMouseOpenFail = FALSE; ++Bool xf86AutoBindGPUDisabled = FALSE; + + #ifdef XF86VIDMODE + Bool xf86VidModeDisabled = FALSE; +diff --git a/hw/xfree86/common/xf86Init.c b/hw/xfree86/common/xf86Init.c +index ea42ec9..ec255b6 100644 +--- a/hw/xfree86/common/xf86Init.c ++++ b/hw/xfree86/common/xf86Init.c +@@ -76,6 +76,7 @@ + #include "xf86DDC.h" + #include "xf86Xinput.h" + #include "xf86InPriv.h" ++#include "xf86Crtc.h" + #include "picturestr.h" + #include "randrstr.h" + #include "glxvndabi.h" +@@ -237,6 +238,19 @@ xf86PrivsElevated(void) + return PrivsElevated(); + } + ++static void ++xf86AutoConfigOutputDevices(void) ++{ ++ int i; ++ ++ if (!xf86Info.autoBindGPU) ++ return; ++ ++ for (i = 0; i < xf86NumGPUScreens; i++) ++ RRProviderAutoConfigGpuScreen(xf86ScrnToScreen(xf86GPUScreens[i]), ++ xf86ScrnToScreen(xf86Screens[0])); ++} ++ + static void + TrapSignals(void) + { +@@ -770,6 +784,8 @@ InitOutput(ScreenInfo * pScreenInfo, int argc, char **argv) + for (i = 0; i < xf86NumGPUScreens; i++) + AttachUnboundGPU(xf86Screens[0]->pScreen, xf86GPUScreens[i]->pScreen); + ++ xf86AutoConfigOutputDevices(); ++ + xf86VGAarbiterWrapFunctions(); + if (sigio_blocked) + input_unlock(); +@@ -1278,6 +1294,10 @@ ddxProcessArgument(int argc, char **argv, int i) + xf86Info.iglxFrom = X_CMDLINE; + return 0; + } ++ if (!strcmp(argv[i], "-noautoBindGPU")) { ++ xf86AutoBindGPUDisabled = TRUE; ++ return 1; ++ } + + /* OS-specific processing */ + return xf86ProcessArgument(argc, argv, i); +diff --git a/hw/xfree86/common/xf86Priv.h b/hw/xfree86/common/xf86Priv.h +index 4fe2b5f..6566622 100644 +--- a/hw/xfree86/common/xf86Priv.h ++++ b/hw/xfree86/common/xf86Priv.h +@@ -46,6 +46,7 @@ + extern _X_EXPORT const char *xf86ConfigFile; + extern _X_EXPORT const char *xf86ConfigDir; + extern _X_EXPORT Bool xf86AllowMouseOpenFail; ++extern _X_EXPORT Bool xf86AutoBindGPUDisabled; + + #ifdef XF86VIDMODE + extern _X_EXPORT Bool xf86VidModeDisabled; +diff --git a/hw/xfree86/common/xf86Privstr.h b/hw/xfree86/common/xf86Privstr.h +index 21c2e1f..6c71863 100644 +--- a/hw/xfree86/common/xf86Privstr.h ++++ b/hw/xfree86/common/xf86Privstr.h +@@ -98,6 +98,7 @@ typedef struct { + + Bool autoAddGPU; + const char *debug; ++ Bool autoBindGPU; + } xf86InfoRec, *xf86InfoPtr; + + /* ISC's cc can't handle ~ of UL constants, so explicitly type cast them. */ +diff --git a/hw/xfree86/common/xf86platformBus.c b/hw/xfree86/common/xf86platformBus.c +index cef47da..913a324 100644 +--- a/hw/xfree86/common/xf86platformBus.c ++++ b/hw/xfree86/common/xf86platformBus.c +@@ -49,6 +49,7 @@ + #include "Pci.h" + #include "xf86platformBus.h" + #include "xf86Config.h" ++#include "xf86Crtc.h" + + #include "randrstr.h" + int platformSlotClaimed; +@@ -665,6 +666,9 @@ xf86platformAddDevice(int index) + } + /* attach unbound to 0 protocol screen */ + AttachUnboundGPU(xf86Screens[0]->pScreen, xf86GPUScreens[i]->pScreen); ++ if (xf86Info.autoBindGPU) ++ RRProviderAutoConfigGpuScreen(xf86ScrnToScreen(xf86GPUScreens[i]), ++ xf86ScrnToScreen(xf86Screens[0])); + + RRResourcesChanged(xf86Screens[0]->pScreen); + RRTellChanged(xf86Screens[0]->pScreen); +diff --git a/hw/xfree86/man/Xorg.man b/hw/xfree86/man/Xorg.man +index 13a9dc3..745f986 100644 +--- a/hw/xfree86/man/Xorg.man ++++ b/hw/xfree86/man/Xorg.man +@@ -283,6 +283,13 @@ is a comma separated list of directories to search for + server modules. This option is only available when the server is run + as root (i.e, with real-uid 0). + .TP 8 ++.B \-noautoBindGPU ++Disable automatically setting secondary GPUs up as output sinks and offload ++sources. This is equivalent to setting the ++.B AutoBindGPU ++xorg.conf(__filemansuffix__) file option. To ++.B false. ++.TP 8 + .B \-nosilk + Disable Silken Mouse support. + .TP 8 +diff --git a/hw/xfree86/man/xorg.conf.man b/hw/xfree86/man/xorg.conf.man +index 9589262..8d51e06 100644 +--- a/hw/xfree86/man/xorg.conf.man ++++ b/hw/xfree86/man/xorg.conf.man +@@ -672,6 +672,12 @@ Enabled by default. + If this option is disabled, then no GPU devices will be added from the udev + backend. Enabled by default. (May need to be disabled to setup Xinerama). + .TP 7 ++.BI "Option \*qAutoBindGPU\*q \*q" boolean \*q ++If enabled then secondary GPUs will be automatically set up as output-sinks and ++offload-sources. Making e.g. laptop outputs connected only to the secondary ++GPU directly available for use without needing to run ++"xrandr --setprovideroutputsource". Enabled by default. ++.TP 7 + .BI "Option \*qLog\*q \*q" string \*q + This option controls whether the log is flushed and/or synced to disk after + each message. +diff --git a/randr/randrstr.h b/randr/randrstr.h +index f94174b..092d726 100644 +--- a/randr/randrstr.h ++++ b/randr/randrstr.h +@@ -1039,6 +1039,9 @@ RRProviderLookup(XID id, RRProviderPtr *provider_p); + extern _X_EXPORT void + RRDeliverProviderEvent(ClientPtr client, WindowPtr pWin, RRProviderPtr provider); + ++extern _X_EXPORT void ++RRProviderAutoConfigGpuScreen(ScreenPtr pScreen, ScreenPtr masterScreen); ++ + /* rrproviderproperty.c */ + + extern _X_EXPORT void +diff --git a/randr/rrprovider.c b/randr/rrprovider.c +index e4bc2bf..e04c18f 100644 +--- a/randr/rrprovider.c ++++ b/randr/rrprovider.c +@@ -485,3 +485,25 @@ RRDeliverProviderEvent(ClientPtr client, WindowPtr pWin, RRProviderPtr provider) + + WriteEventsToClient(client, 1, (xEvent *) &pe); + } ++ ++void ++RRProviderAutoConfigGpuScreen(ScreenPtr pScreen, ScreenPtr masterScreen) ++{ ++ rrScrPrivPtr pScrPriv = rrGetScrPriv(pScreen); ++ rrScrPrivPtr masterPriv = rrGetScrPriv(masterScreen); ++ RRProviderPtr provider = pScrPriv->provider; ++ RRProviderPtr master_provider = masterPriv->provider; ++ ++ if (!provider || !master_provider) ++ return; ++ ++ if ((provider->capabilities & RR_Capability_SinkOutput) && ++ (master_provider->capabilities & RR_Capability_SourceOutput)) { ++ pScrPriv->rrProviderSetOutputSource(pScreen, provider, master_provider); ++ RRInitPrimeSyncProps(pScreen); ++ } ++ ++ if ((provider->capabilities & RR_Capability_SourceOffload) && ++ (master_provider->capabilities & RR_Capability_SinkOffload)) ++ pScrPriv->rrProviderSetOffloadSink(pScreen, provider, master_provider); ++} +-- +2.16.2 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0001-dix-Add-GetCurrentClient-helper.patch b/SPECS-EXTENDED/xorg-x11-server/0001-dix-Add-GetCurrentClient-helper.patch new file mode 100644 index 0000000000..3da345ceed --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0001-dix-Add-GetCurrentClient-helper.patch @@ -0,0 +1,116 @@ +From a815e5f51f75684a53d8fa14b596e03b738cd281 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Thu, 29 Aug 2019 14:18:28 +0200 +Subject: [PATCH xserver 01/25] dix: Add GetCurrentClient helper +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Request-handlers as registered in the requestVector array, always get +passed the clientPtr for the client which sent the request. +But the implementation of many request-handlers typically consists of +a generic handler calling implementation specific callbacks and / or +various helpers often multiple levels deep and in many cases the clientPtr +does not get passed to the callbacks / helpers. + +This means that in some places where we would like to have access to the +current-client, we cannot easily access it and fixing this would require +a lot of work and often would involve ABI breakage. + +This commit adds a GetCurrentClient helper which can be used as a +shortcut to get access to the clienPtr for the currently being processed +request without needing a lot of refactoring and ABI breakage. + +Note using this new GetCurrentClient helper is only safe for code +which only runs from the main thread, this new variable MUST NOT be used +by code which runs from signal handlers or from the input-thread. + +The specific use-case which resulted in the creation of this patch is adding +support for emulation of randr / vidmode resolution changes to Xwayland. +This emulation will not actually change the monitor resolution instead it +will scale any window with a size which exactly matches the requested +resolution to fill the entire monitor. The main use-case for this is +games which are hard-coded to render at a specific resolution and have +sofar relied on randr / vidmode to change the monitor resolution when going +fullscreen. + +To make this emulation as robust as possible (e.g. avoid accidentally scaling +windows from other apps) we want to make the emulated resolution a per client +state. But e.g. the RRSetCrtc function does not take a client pointer; and is +a (used) part of the Xorg server ABI (note the problem is not just limited +to RRSetCrtc). + +Reviewed-by: Olivier Fourdan +Reviewed-by: Michel Dänzer +Signed-off-by: Hans de Goede +(cherry picked from commit 834a467af978ac7a24ed17b8c8e58b6cddb4faf9) +--- + dix/dispatch.c | 23 ++++++++++++++++++++++- + include/dix.h | 1 + + 2 files changed, 23 insertions(+), 1 deletion(-) + +diff --git a/dix/dispatch.c b/dix/dispatch.c +index a33bfaa9e..2b1cf1a74 100644 +--- a/dix/dispatch.c ++++ b/dix/dispatch.c +@@ -148,6 +148,7 @@ xConnSetupPrefix connSetupPrefix; + PaddingInfo PixmapWidthPaddingInfo[33]; + + static ClientPtr grabClient; ++static ClientPtr currentClient; /* Client for the request currently being dispatched */ + + #define GrabNone 0 + #define GrabActive 1 +@@ -176,6 +177,23 @@ volatile char isItTimeToYield; + #define SAME_SCREENS(a, b) (\ + (a.pScreen == b.pScreen)) + ++ClientPtr ++GetCurrentClient(void) ++{ ++ if (in_input_thread()) { ++ static Bool warned; ++ ++ if (!warned) { ++ ErrorF("[dix] Error GetCurrentClient called from input-thread\n"); ++ warned = TRUE; ++ } ++ ++ return NULL; ++ } ++ ++ return currentClient; ++} ++ + void + SetInputCheck(HWEventQueuePtr c0, HWEventQueuePtr c1) + { +@@ -474,9 +492,12 @@ Dispatch(void) + result = BadLength; + else { + result = XaceHookDispatch(client, client->majorOp); +- if (result == Success) ++ if (result == Success) { ++ currentClient = client; + result = + (*client->requestVector[client->majorOp]) (client); ++ currentClient = NULL; ++ } + } + if (!SmartScheduleSignalEnable) + SmartScheduleTime = GetTimeInMillis(); +diff --git a/include/dix.h b/include/dix.h +index b6e2bcfde..d65060cb6 100644 +--- a/include/dix.h ++++ b/include/dix.h +@@ -148,6 +148,7 @@ typedef struct _TimeStamp { + } TimeStamp; + + /* dispatch.c */ ++extern _X_EXPORT ClientPtr GetCurrentClient(void); + + extern _X_EXPORT void SetInputCheck(HWEventQueuePtr /*c0 */ , + HWEventQueuePtr /*c1 */ ); +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0001-hw-Rename-boolean-config-value-field-from-bool-to-bo.patch b/SPECS-EXTENDED/xorg-x11-server/0001-hw-Rename-boolean-config-value-field-from-bool-to-bo.patch new file mode 100644 index 0000000000..f88f6e057c --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0001-hw-Rename-boolean-config-value-field-from-bool-to-bo.patch @@ -0,0 +1,153 @@ +From 454b3a826edb5fc6d0fea3a9cfd1a5e8fc568747 Mon Sep 17 00:00:00 2001 +From: Adam Jackson +Date: Mon, 22 Jul 2019 13:51:06 -0400 +Subject: [PATCH xserver] hw: Rename boolean config value field from bool to + boolean + +"bool" conflicts with C++ (meh) and stdbool.h (ngh alright fine). This +is a driver-visible change and will likely break the build for mach64, +but it can be fixed by simply using xf86ReturnOptValBool like every +other driver. + +Signed-off-by: Adam Jackson +--- + hw/xfree86/common/xf86Opt.h | 2 +- + hw/xfree86/common/xf86Option.c | 10 +++++----- + hw/xwin/winconfig.c | 22 +++++++++++----------- + hw/xwin/winconfig.h | 2 +- + 4 files changed, 18 insertions(+), 18 deletions(-) + +diff --git a/hw/xfree86/common/xf86Opt.h b/hw/xfree86/common/xf86Opt.h +index 3be2a0fc7..3046fbd41 100644 +--- a/hw/xfree86/common/xf86Opt.h ++++ b/hw/xfree86/common/xf86Opt.h +@@ -41,7 +41,7 @@ typedef union { + unsigned long num; + const char *str; + double realnum; +- Bool bool; ++ Bool boolean; + OptFrequency freq; + } ValueUnion; + +diff --git a/hw/xfree86/common/xf86Option.c b/hw/xfree86/common/xf86Option.c +index 06973bca3..ca538cc57 100644 +--- a/hw/xfree86/common/xf86Option.c ++++ b/hw/xfree86/common/xf86Option.c +@@ -213,7 +213,7 @@ LookupBoolOption(XF86OptionPtr optlist, const char *name, int deflt, + o.name = name; + o.type = OPTV_BOOLEAN; + if (ParseOptionValue(-1, optlist, &o, markUsed)) +- deflt = o.value.bool; ++ deflt = o.value.boolean; + return deflt; + } + +@@ -474,7 +474,7 @@ xf86ShowUnusedOptions(int scrnIndex, XF86OptionPtr opt) + static Bool + GetBoolValue(OptionInfoPtr p, const char *s) + { +- return xf86getBoolValue(&p->value.bool, s); ++ return xf86getBoolValue(&p->value.boolean, s); + } + + static Bool +@@ -678,7 +678,7 @@ ParseOptionValue(int scrnIndex, XF86OptionPtr options, OptionInfoPtr p, + if (markUsed) + xf86MarkOptionUsedByName(options, newn); + if (GetBoolValue(&opt, s)) { +- p->value.bool = !opt.value.bool; ++ p->value.boolean = !opt.value.boolean; + p->found = TRUE; + } + else { +@@ -869,7 +869,7 @@ xf86GetOptValBool(const OptionInfoRec * table, int token, Bool *value) + + p = xf86TokenToOptinfo(table, token); + if (p && p->found) { +- *value = p->value.bool; ++ *value = p->value.boolean; + return TRUE; + } + else +@@ -883,7 +883,7 @@ xf86ReturnOptValBool(const OptionInfoRec * table, int token, Bool def) + + p = xf86TokenToOptinfo(table, token); + if (p && p->found) { +- return p->value.bool; ++ return p->value.boolean; + } + else + return def; +diff --git a/hw/xwin/winconfig.c b/hw/xwin/winconfig.c +index 31894d2fb..646d69006 100644 +--- a/hw/xwin/winconfig.c ++++ b/hw/xwin/winconfig.c +@@ -623,7 +623,7 @@ winSetBoolOption(void *optlist, const char *name, int deflt) + o.name = name; + o.type = OPTV_BOOLEAN; + if (ParseOptionValue(-1, optlist, &o)) +- deflt = o.value.bool; ++ deflt = o.value.boolean; + return deflt; + } + +@@ -918,7 +918,7 @@ ParseOptionValue(int scrnIndex, void *options, OptionInfoPtr p) + } + if ((s = winFindOptionValue(options, newn)) != NULL) { + if (GetBoolValue(&opt, s)) { +- p->value.bool = !opt.value.bool; ++ p->value.boolean = !opt.value.boolean; + p->found = TRUE; + } + else { +@@ -968,25 +968,25 @@ static Bool + GetBoolValue(OptionInfoPtr p, const char *s) + { + if (*s == 0) { +- p->value.bool = TRUE; ++ p->value.boolean = TRUE; + } + else { + if (winNameCompare(s, "1") == 0) +- p->value.bool = TRUE; ++ p->value.boolean = TRUE; + else if (winNameCompare(s, "on") == 0) +- p->value.bool = TRUE; ++ p->value.boolean = TRUE; + else if (winNameCompare(s, "true") == 0) +- p->value.bool = TRUE; ++ p->value.boolean = TRUE; + else if (winNameCompare(s, "yes") == 0) +- p->value.bool = TRUE; ++ p->value.boolean = TRUE; + else if (winNameCompare(s, "0") == 0) +- p->value.bool = FALSE; ++ p->value.boolean = FALSE; + else if (winNameCompare(s, "off") == 0) +- p->value.bool = FALSE; ++ p->value.boolean = FALSE; + else if (winNameCompare(s, "false") == 0) +- p->value.bool = FALSE; ++ p->value.boolean = FALSE; + else if (winNameCompare(s, "no") == 0) +- p->value.bool = FALSE; ++ p->value.boolean = FALSE; + } + return TRUE; + } +diff --git a/hw/xwin/winconfig.h b/hw/xwin/winconfig.h +index f079368c7..bd1f59650 100644 +--- a/hw/xwin/winconfig.h ++++ b/hw/xwin/winconfig.h +@@ -199,7 +199,7 @@ typedef union { + unsigned long num; + char *str; + double realnum; +- Bool bool; ++ Bool boolean; + OptFrequency freq; + } ValueUnion; + +-- +2.39.0 diff --git a/SPECS-EXTENDED/xorg-x11-server/0001-render-Fix-build-with-gcc-12.patch b/SPECS-EXTENDED/xorg-x11-server/0001-render-Fix-build-with-gcc-12.patch new file mode 100644 index 0000000000..974b784b0f --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0001-render-Fix-build-with-gcc-12.patch @@ -0,0 +1,89 @@ +From 53173fdab492f0f638f6616fcf01af0b9ea6338d Mon Sep 17 00:00:00 2001 +From: Olivier Fourdan +Date: Thu, 20 Jan 2022 10:20:38 +0100 +Subject: [PATCH xserver] render: Fix build with gcc 12 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The xserver fails to compile with the latest gcc 12: + + render/picture.c: In function ‘CreateSolidPicture’: + render/picture.c:874:26: error: array subscript ‘union _SourcePict[0]’ is partly outside array bounds of ‘unsigned char[16]’ [-Werror=array-bounds] + 874 | pPicture->pSourcePict->type = SourcePictTypeSolidFill; + | ^~ + render/picture.c:868:45: note: object of size 16 allocated by ‘malloc’ + 868 | pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictSolidFill)); + | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + render/picture.c: In function ‘CreateLinearGradientPicture’: + render/picture.c:906:26: error: array subscript ‘union _SourcePict[0]’ is partly outside array bounds of ‘unsigned char[32]’ [-Werror=array-bounds] + 906 | pPicture->pSourcePict->linear.type = SourcePictTypeLinear; + | ^~ + render/picture.c:899:45: note: object of size 32 allocated by ‘malloc’ + 899 | pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictLinearGradient)); + | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + render/picture.c: In function ‘CreateConicalGradientPicture’: + render/picture.c:989:26: error: array subscript ‘union _SourcePict[0]’ is partly outside array bounds of ‘unsigned char[32]’ [-Werror=array-bounds] + 989 | pPicture->pSourcePict->conical.type = SourcePictTypeConical; + | ^~ + render/picture.c:982:45: note: object of size 32 allocated by ‘malloc’ + 982 | pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictConicalGradient)); + | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + cc1: some warnings being treated as errors + ninja: build stopped: subcommand failed. + +This is because gcc 12 has become stricter and raises a warning now. + +Fix the warning/error by allocating enough memory to store the union +struct. + +Signed-off-by: Olivier Fourdan +Acked-by: Michel Dänzer +Closes: https://gitlab.freedesktop.org/xorg/xserver/-/issues/1256 +(cherry picked from commit c6b0dcb82d4db07a2f32c09a8c09c85a5f57248e) +--- + render/picture.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/render/picture.c b/render/picture.c +index afa0d258f..2be4b1954 100644 +--- a/render/picture.c ++++ b/render/picture.c +@@ -865,7 +865,7 @@ CreateSolidPicture(Picture pid, xRenderColor * color, int *error) + } + + pPicture->id = pid; +- pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictSolidFill)); ++ pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(SourcePict)); + if (!pPicture->pSourcePict) { + *error = BadAlloc; + free(pPicture); +@@ -896,7 +896,7 @@ CreateLinearGradientPicture(Picture pid, xPointFixed * p1, xPointFixed * p2, + } + + pPicture->id = pid; +- pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictLinearGradient)); ++ pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(SourcePict)); + if (!pPicture->pSourcePict) { + *error = BadAlloc; + free(pPicture); +@@ -936,7 +936,7 @@ CreateRadialGradientPicture(Picture pid, xPointFixed * inner, + } + + pPicture->id = pid; +- pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictRadialGradient)); ++ pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(SourcePict)); + if (!pPicture->pSourcePict) { + *error = BadAlloc; + free(pPicture); +@@ -979,7 +979,7 @@ CreateConicalGradientPicture(Picture pid, xPointFixed * center, xFixed angle, + } + + pPicture->id = pid; +- pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(PictConicalGradient)); ++ pPicture->pSourcePict = (SourcePictPtr) malloc(sizeof(SourcePict)); + if (!pPicture->pSourcePict) { + *error = BadAlloc; + free(pPicture); +-- +2.34.1 diff --git a/SPECS-EXTENDED/xorg-x11-server/0001-xf86-dri2-Use-va_gl-as-vdpau_driver-for-Intel-i965-G.patch b/SPECS-EXTENDED/xorg-x11-server/0001-xf86-dri2-Use-va_gl-as-vdpau_driver-for-Intel-i965-G.patch new file mode 100644 index 0000000000..cce03489be --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0001-xf86-dri2-Use-va_gl-as-vdpau_driver-for-Intel-i965-G.patch @@ -0,0 +1,152 @@ +From acf5a0100c98a040e5e07a79ecf4a83627da770e Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Thu, 23 Mar 2017 12:54:07 +0100 +Subject: [PATCH xserver] xf86: dri2: Use va_gl as vdpau_driver for Intel i965 + GPUs + +The modesetting driver (which now often is used with Intel GPUs), +relies on dri2_probe_driver_name() to get the dri and vdpau driver +names, before this commit it would always assign the same name to +the 2 names. But the vdpau driver for i965 GPUs should be va_gl +(i915 does not support vdpau at all). + +This commit modifies the used lookup table and dri2_probe_driver_name() +to set the vdpau_driver to va_gl for i965 GPUs, it leaves the 2 +names the same for all other GPUs. + +Note this commit adds a FIXME comment for a memory leak in +dri2_probe_driver_name(), that leak was already present and fixing +it falls outside of the scope of this commit. + +BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1413733 +Cc: kwizart@gmail.com +Signed-off-by: Hans de Goede +--- + hw/xfree86/dri2/dri2.c | 31 +++++++++++++-------- + hw/xfree86/dri2/pci_ids/pci_id_driver_map.h | 21 +++++++------- + 2 files changed, 31 insertions(+), 21 deletions(-) + +diff --git a/hw/xfree86/dri2/dri2.c b/hw/xfree86/dri2/dri2.c +index 6619e3aa7..1f8ad14bc 100644 +--- a/hw/xfree86/dri2/dri2.c ++++ b/hw/xfree86/dri2/dri2.c +@@ -1437,14 +1437,18 @@ get_prime_id(void) + + #include "pci_ids/pci_id_driver_map.h" + +-static char * +-dri2_probe_driver_name(ScreenPtr pScreen, DRI2InfoPtr info) ++static void ++dri2_probe_driver_name(ScreenPtr pScreen, DRI2InfoPtr info, ++ const char **dri_driver_ret, ++ const char **vdpau_driver_ret) + { + #ifdef WITH_LIBDRM + int i, j; +- char *driver = NULL; + drmDevicePtr dev; + ++ *dri_driver_ret = NULL; ++ *vdpau_driver_ret = NULL; ++ + /* For non-PCI devices and drmGetDevice fail, just assume that + * the 3D driver is named the same as the kernel driver. This is + * currently true for vc4 and msm (freedreno). +@@ -1456,12 +1460,14 @@ dri2_probe_driver_name(ScreenPtr pScreen, DRI2InfoPtr info) + xf86DrvMsg(pScreen->myNum, X_ERROR, + "[DRI2] Couldn't drmGetVersion() on non-PCI device, " + "no driver name found.\n"); +- return NULL; ++ return; + } + +- driver = strndup(version->name, version->name_len); ++ /* FIXME this gets leaked */ ++ *dri_driver_ret = strndup(version->name, version->name_len); ++ *vdpau_driver_ret = *dri_driver_ret; + drmFreeVersion(version); +- return driver; ++ return; + } + + for (i = 0; driver_map[i].driver; i++) { +@@ -1469,13 +1475,15 @@ dri2_probe_driver_name(ScreenPtr pScreen, DRI2InfoPtr info) + continue; + + if (driver_map[i].num_chips_ids == -1) { +- driver = strdup(driver_map[i].driver); ++ *dri_driver_ret = driver_map[i].driver; ++ *vdpau_driver_ret = driver_map[i].vdpau_driver; + goto out; + } + + for (j = 0; j < driver_map[i].num_chips_ids; j++) { + if (driver_map[i].chip_ids[j] == dev->deviceinfo.pci->device_id) { +- driver = strdup(driver_map[i].driver); ++ *dri_driver_ret = driver_map[i].driver; ++ *vdpau_driver_ret = driver_map[i].vdpau_driver; + goto out; + } + } +@@ -1487,9 +1495,9 @@ dri2_probe_driver_name(ScreenPtr pScreen, DRI2InfoPtr info) + dev->deviceinfo.pci->vendor_id, dev->deviceinfo.pci->device_id); + out: + drmFreeDevice(&dev); +- return driver; + #else +- return NULL; ++ *dri_driver_ret = NULL; ++ *vdpau_driver_ret = NULL; + #endif + } + +@@ -1610,7 +1618,8 @@ DRI2ScreenInit(ScreenPtr pScreen, DRI2InfoPtr info) + if (info->driverName) { + ds->driverNames[0] = info->driverName; + } else { +- ds->driverNames[0] = ds->driverNames[1] = dri2_probe_driver_name(pScreen, info); ++ dri2_probe_driver_name(pScreen, info, ++ &ds->driverNames[0], &ds->driverNames[1]); + if (!ds->driverNames[0]) + return FALSE; + } +diff --git a/hw/xfree86/dri2/pci_ids/pci_id_driver_map.h b/hw/xfree86/dri2/pci_ids/pci_id_driver_map.h +index da7ea1c1e..7036d1003 100644 +--- a/hw/xfree86/dri2/pci_ids/pci_id_driver_map.h ++++ b/hw/xfree86/dri2/pci_ids/pci_id_driver_map.h +@@ -66,21 +66,22 @@ static const int vmwgfx_chip_ids[] = { + static const struct { + int vendor_id; + const char *driver; ++ const char *vdpau_driver; + const int *chip_ids; + int num_chips_ids; + } driver_map[] = { +- { 0x8086, "i915", i915_chip_ids, ARRAY_SIZE(i915_chip_ids) }, +- { 0x8086, "i965", i965_chip_ids, ARRAY_SIZE(i965_chip_ids) }, ++ { 0x8086, "i915", "i915", i915_chip_ids, ARRAY_SIZE(i915_chip_ids) }, ++ { 0x8086, "i965", "va_gl", i965_chip_ids, ARRAY_SIZE(i965_chip_ids) }, + #ifndef DRIVER_MAP_GALLIUM_ONLY +- { 0x1002, "radeon", r100_chip_ids, ARRAY_SIZE(r100_chip_ids) }, +- { 0x1002, "r200", r200_chip_ids, ARRAY_SIZE(r200_chip_ids) }, ++ { 0x1002, "radeon", "radeon", r100_chip_ids, ARRAY_SIZE(r100_chip_ids) }, ++ { 0x1002, "r200", "r200", r200_chip_ids, ARRAY_SIZE(r200_chip_ids) }, + #endif +- { 0x1002, "r300", r300_chip_ids, ARRAY_SIZE(r300_chip_ids) }, +- { 0x1002, "r600", r600_chip_ids, ARRAY_SIZE(r600_chip_ids) }, +- { 0x1002, "radeonsi", radeonsi_chip_ids, ARRAY_SIZE(radeonsi_chip_ids) }, +- { 0x10de, "nouveau", NULL, -1 }, +- { 0x1af4, "virtio_gpu", virtio_gpu_chip_ids, ARRAY_SIZE(virtio_gpu_chip_ids) }, +- { 0x15ad, "vmwgfx", vmwgfx_chip_ids, ARRAY_SIZE(vmwgfx_chip_ids) }, ++ { 0x1002, "r300", "r300", r300_chip_ids, ARRAY_SIZE(r300_chip_ids) }, ++ { 0x1002, "r600","r600", r600_chip_ids, ARRAY_SIZE(r600_chip_ids) }, ++ { 0x1002, "radeonsi", "radeonsi", radeonsi_chip_ids, ARRAY_SIZE(radeonsi_chip_ids) }, ++ { 0x10de, "nouveau", "nouveau", NULL, -1 }, ++ { 0x1af4, "virtio_gpu", "virtio_gpu", virtio_gpu_chip_ids, ARRAY_SIZE(virtio_gpu_chip_ids) }, ++ { 0x15ad, "vmwgfx", "vmwgfx", vmwgfx_chip_ids, ARRAY_SIZE(vmwgfx_chip_ids) }, + { 0x0000, NULL, NULL, 0 }, + }; + +-- +2.19.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0001-xfree86-use-modesetting-driver-by-default-on-GeForce.patch b/SPECS-EXTENDED/xorg-x11-server/0001-xfree86-use-modesetting-driver-by-default-on-GeForce.patch new file mode 100644 index 0000000000..be8342911d --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0001-xfree86-use-modesetting-driver-by-default-on-GeForce.patch @@ -0,0 +1,52 @@ +From aa2f34d80ef3118eae0cce73b610c36cdcb978fe Mon Sep 17 00:00:00 2001 +From: Ben Skeggs +Date: Sat, 22 Apr 2017 02:26:28 +1000 +Subject: [PATCH xserver] xfree86: use modesetting driver by default on GeForce + 8 and newer + +Signed-off-by: Ben Skeggs +--- + hw/xfree86/common/xf86pciBus.c | 20 ++++++++++++++++++++ + 1 file changed, 20 insertions(+) + +diff --git a/hw/xfree86/common/xf86pciBus.c b/hw/xfree86/common/xf86pciBus.c +index 8158c2b62..78d1c947d 100644 +--- a/hw/xfree86/common/xf86pciBus.c ++++ b/hw/xfree86/common/xf86pciBus.c +@@ -37,6 +37,7 @@ + #include + #include + #include ++#include + #include "os.h" + #include "Pci.h" + #include "xf86.h" +@@ -1190,6 +1191,25 @@ xf86VideoPtrToDriverList(struct pci_device *dev, + int idx = 0; + + #if defined(__linux__) || defined(__NetBSD__) ++ char busid[32]; ++ int fd; ++ ++ snprintf(busid, sizeof(busid), "pci:%04x:%02x:%02x.%d", ++ dev->domain, dev->bus, dev->dev, dev->func); ++ ++ /* 'modesetting' is preferred for GeForce 8 and newer GPUs */ ++ fd = drmOpenWithType("nouveau", busid, DRM_NODE_RENDER); ++ if (fd >= 0) { ++ uint64_t args[] = { 11 /* NOUVEAU_GETPARAM_CHIPSET_ID */, 0 }; ++ int ret = drmCommandWriteRead(fd, 0 /* DRM_NOUVEAU_GETPARAM */, ++ &args, sizeof(args)); ++ drmClose(fd); ++ if (ret == 0) { ++ if (args[1] == 0x050 || args[1] >= 0x80) ++ break; ++ } ++ } ++ + driverList[idx++] = "nouveau"; + #endif + driverList[idx++] = "nv"; +-- +2.12.2 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0002-xwayland-Add-wp_viewport-wayland-extension-support.patch b/SPECS-EXTENDED/xorg-x11-server/0002-xwayland-Add-wp_viewport-wayland-extension-support.patch new file mode 100644 index 0000000000..e4518a0500 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0002-xwayland-Add-wp_viewport-wayland-extension-support.patch @@ -0,0 +1,119 @@ +From 0a3046286e69b171c319ff419c94cf62929246bf Mon Sep 17 00:00:00 2001 +From: Robert Mader +Date: Mon, 22 Jan 2018 22:02:32 +0100 +Subject: [PATCH xserver 02/25] xwayland: Add wp_viewport wayland extension + support +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This commit adds support for the wayland wp_viewport extension, note +nothing uses this yet. + +This is a preparation patch for adding support for fake mode-changes through +xrandr for apps which want to change the resolution when going fullscreen. + +[hdegoede@redhat.com: Split the code for the extension out into its own patch] + +Reviewed-by: Olivier Fourdan +Acked-by: Michel Dänzer +Signed-off-by: Hans de Goede +(cherry picked from commit 47bba4625339592d08b375bcd8e51029c0000850) +--- + hw/xwayland/Makefile.am | 9 ++++++++- + hw/xwayland/meson.build | 3 +++ + hw/xwayland/xwayland.c | 3 +++ + hw/xwayland/xwayland.h | 2 ++ + 4 files changed, 16 insertions(+), 1 deletion(-) + +diff --git a/hw/xwayland/Makefile.am b/hw/xwayland/Makefile.am +index bc1cb8506..49aae3d8b 100644 +--- a/hw/xwayland/Makefile.am ++++ b/hw/xwayland/Makefile.am +@@ -71,7 +71,9 @@ Xwayland_built_sources += \ + xdg-output-unstable-v1-protocol.c \ + xdg-output-unstable-v1-client-protocol.h \ + linux-dmabuf-unstable-v1-client-protocol.h \ +- linux-dmabuf-unstable-v1-protocol.c ++ linux-dmabuf-unstable-v1-protocol.c \ ++ viewporter-client-protocol.h \ ++ viewporter-protocol.c + + if XWAYLAND_EGLSTREAM + Xwayland_built_sources += \ +@@ -120,6 +122,11 @@ linux-dmabuf-unstable-v1-protocol.c : $(WAYLAND_PROTOCOLS_DATADIR)/unstable/linu + linux-dmabuf-unstable-v1-client-protocol.h : $(WAYLAND_PROTOCOLS_DATADIR)/unstable/linux-dmabuf/linux-dmabuf-unstable-v1.xml + $(AM_V_GEN)$(WAYLAND_SCANNER) client-header < $< > $@ + ++viewporter-protocol.c: $(WAYLAND_PROTOCOLS_DATADIR)/stable/viewporter/viewporter.xml ++ $(AM_V_GEN)$(WAYLAND_SCANNER) @SCANNER_ARG@ < $< > $@ ++viewporter-client-protocol.h: $(WAYLAND_PROTOCOLS_DATADIR)/stable/viewporter/viewporter.xml ++ $(AM_V_GEN)$(WAYLAND_SCANNER) client-header < $< > $@ ++ + wayland-eglstream-client-protocol.h : $(WAYLAND_EGLSTREAM_DATADIR)/wayland-eglstream.xml + $(AM_V_GEN)$(WAYLAND_SCANNER) client-header < $< > $@ + wayland-eglstream-controller-client-protocol.h : $(WAYLAND_EGLSTREAM_DATADIR)/wayland-eglstream-controller.xml +diff --git a/hw/xwayland/meson.build b/hw/xwayland/meson.build +index 36bf2133a..4a8d171bb 100644 +--- a/hw/xwayland/meson.build ++++ b/hw/xwayland/meson.build +@@ -21,6 +21,7 @@ tablet_xml = join_paths(protodir, 'unstable', 'tablet', 'tablet-unstable-v2.xml' + kbgrab_xml = join_paths(protodir, 'unstable', 'xwayland-keyboard-grab', 'xwayland-keyboard-grab-unstable-v1.xml') + xdg_output_xml = join_paths(protodir, 'unstable', 'xdg-output', 'xdg-output-unstable-v1.xml') + dmabuf_xml = join_paths(protodir, 'unstable', 'linux-dmabuf', 'linux-dmabuf-unstable-v1.xml') ++viewporter_xml = join_paths(protodir, 'stable', 'viewporter', 'viewporter.xml') + + client_header = generator(scanner, + output : '@BASENAME@-client-protocol.h', +@@ -43,12 +44,14 @@ srcs += client_header.process(tablet_xml) + srcs += client_header.process(kbgrab_xml) + srcs += client_header.process(xdg_output_xml) + srcs += client_header.process(dmabuf_xml) ++srcs += client_header.process(viewporter_xml) + srcs += code.process(relative_xml) + srcs += code.process(pointer_xml) + srcs += code.process(tablet_xml) + srcs += code.process(kbgrab_xml) + srcs += code.process(xdg_output_xml) + srcs += code.process(dmabuf_xml) ++srcs += code.process(viewporter_xml) + + xwayland_glamor = [] + eglstream_srcs = [] +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index b353167c3..a70c1002f 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -912,6 +912,9 @@ registry_global(void *data, struct wl_registry *registry, uint32_t id, + wl_registry_bind(registry, id, &zxdg_output_manager_v1_interface, 1); + xwl_screen_init_xdg_output(xwl_screen); + } ++ else if (strcmp(interface, "wp_viewporter") == 0) { ++ xwl_screen->viewporter = wl_registry_bind(registry, id, &wp_viewporter_interface, 1); ++ } + #ifdef XWL_HAS_GLAMOR + else if (xwl_screen->glamor) { + xwl_glamor_init_wl_registry(xwl_screen, registry, id, interface, +diff --git a/hw/xwayland/xwayland.h b/hw/xwayland/xwayland.h +index b9495b313..91ae21eeb 100644 +--- a/hw/xwayland/xwayland.h ++++ b/hw/xwayland/xwayland.h +@@ -48,6 +48,7 @@ + #include "xwayland-keyboard-grab-unstable-v1-client-protocol.h" + #include "xdg-output-unstable-v1-client-protocol.h" + #include "linux-dmabuf-unstable-v1-client-protocol.h" ++#include "viewporter-client-protocol.h" + + struct xwl_format { + uint32_t format; +@@ -151,6 +152,7 @@ struct xwl_screen { + struct zwp_pointer_constraints_v1 *pointer_constraints; + struct zwp_xwayland_keyboard_grab_manager_v1 *wp_grab; + struct zxdg_output_manager_v1 *xdg_output_manager; ++ struct wp_viewporter *viewporter; + uint32_t serial; + + #define XWL_FORMAT_ARGB8888 (1 << 0) +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0003-xwayland-Use-buffer_damage-instead-of-surface-damage.patch b/SPECS-EXTENDED/xorg-x11-server/0003-xwayland-Use-buffer_damage-instead-of-surface-damage.patch new file mode 100644 index 0000000000..062741542b --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0003-xwayland-Use-buffer_damage-instead-of-surface-damage.patch @@ -0,0 +1,160 @@ +From 30859f64d1718d1476648dcddbb3d81c2f932828 Mon Sep 17 00:00:00 2001 +From: Robert Mader +Date: Tue, 2 Jul 2019 12:03:12 +0200 +Subject: [PATCH xserver 03/25] xwayland: Use buffer_damage instead of surface + damage if available +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +When a viewport is set, damage will only work properly when using +wl_surface_damage_buffer instead of wl_surface_damage. + +When no viewport is set, there should be no difference between +surface and buffer damage. + +This is a preparation patch for using viewport to add support for fake +mode-changes through xrandr for apps which want to change the resolution +when going fullscreen. + +Changes by Hans de Goede : +-Split the damage changes out into their own patch +-Add xwl_surface_damage helper +-Also use buffer_damage / the new helper for the present and cursor code + +Reviewed-by: Olivier Fourdan +Acked-by: Michel Dänzer +Signed-off-by: Hans de Goede +(cherry picked from commit 7c6f17790d3aedb164481264b0f05a8a14103731) +--- + hw/xwayland/xwayland-cursor.c | 12 ++++++------ + hw/xwayland/xwayland-present.c | 10 +++++----- + hw/xwayland/xwayland.c | 29 +++++++++++++++++++++++------ + hw/xwayland/xwayland.h | 3 +++ + 4 files changed, 37 insertions(+), 17 deletions(-) + +diff --git a/hw/xwayland/xwayland-cursor.c b/hw/xwayland/xwayland-cursor.c +index 66720bcc0..cbc715061 100644 +--- a/hw/xwayland/xwayland-cursor.c ++++ b/hw/xwayland/xwayland-cursor.c +@@ -165,9 +165,9 @@ xwl_seat_set_cursor(struct xwl_seat *xwl_seat) + xwl_seat->x_cursor->bits->yhot); + wl_surface_attach(xwl_cursor->surface, + xwl_shm_pixmap_get_wl_buffer(pixmap), 0, 0); +- wl_surface_damage(xwl_cursor->surface, 0, 0, +- xwl_seat->x_cursor->bits->width, +- xwl_seat->x_cursor->bits->height); ++ xwl_surface_damage(xwl_seat->xwl_screen, xwl_cursor->surface, 0, 0, ++ xwl_seat->x_cursor->bits->width, ++ xwl_seat->x_cursor->bits->height); + + xwl_cursor->frame_cb = wl_surface_frame(xwl_cursor->surface); + wl_callback_add_listener(xwl_cursor->frame_cb, &frame_listener, xwl_cursor); +@@ -217,9 +217,9 @@ xwl_tablet_tool_set_cursor(struct xwl_tablet_tool *xwl_tablet_tool) + xwl_seat->x_cursor->bits->yhot); + wl_surface_attach(xwl_cursor->surface, + xwl_shm_pixmap_get_wl_buffer(pixmap), 0, 0); +- wl_surface_damage(xwl_cursor->surface, 0, 0, +- xwl_seat->x_cursor->bits->width, +- xwl_seat->x_cursor->bits->height); ++ xwl_surface_damage(xwl_seat->xwl_screen, xwl_cursor->surface, 0, 0, ++ xwl_seat->x_cursor->bits->width, ++ xwl_seat->x_cursor->bits->height); + + xwl_cursor->frame_cb = wl_surface_frame(xwl_cursor->surface); + wl_callback_add_listener(xwl_cursor->frame_cb, &frame_listener, xwl_cursor); +diff --git a/hw/xwayland/xwayland-present.c b/hw/xwayland/xwayland-present.c +index d177abdd8..f4027f91e 100644 +--- a/hw/xwayland/xwayland-present.c ++++ b/hw/xwayland/xwayland-present.c +@@ -505,11 +505,11 @@ xwl_present_flip(WindowPtr present_window, + /* Realign timer */ + xwl_present_reset_timer(xwl_present_window); + +- wl_surface_damage(xwl_window->surface, +- damage_box->x1 - present_window->drawable.x, +- damage_box->y1 - present_window->drawable.y, +- damage_box->x2 - damage_box->x1, +- damage_box->y2 - damage_box->y1); ++ xwl_surface_damage(xwl_window->xwl_screen, xwl_window->surface, ++ damage_box->x1 - present_window->drawable.x, ++ damage_box->y1 - present_window->drawable.y, ++ damage_box->x2 - damage_box->x1, ++ damage_box->y2 - damage_box->y1); + + wl_surface_commit(xwl_window->surface); + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index a70c1002f..811257b00 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -792,6 +792,16 @@ xwl_destroy_window(WindowPtr window) + return ret; + } + ++void xwl_surface_damage(struct xwl_screen *xwl_screen, ++ struct wl_surface *surface, ++ int32_t x, int32_t y, int32_t width, int32_t height) ++{ ++ if (wl_surface_get_version(surface) >= WL_SURFACE_DAMAGE_BUFFER_SINCE_VERSION) ++ wl_surface_damage_buffer(surface, x, y, width, height); ++ else ++ wl_surface_damage(surface, x, y, width, height); ++} ++ + static void + xwl_window_post_damage(struct xwl_window *xwl_window) + { +@@ -828,13 +838,15 @@ xwl_window_post_damage(struct xwl_window *xwl_window) + */ + if (RegionNumRects(region) > 256) { + box = RegionExtents(region); +- wl_surface_damage(xwl_window->surface, box->x1, box->y1, +- box->x2 - box->x1, box->y2 - box->y1); ++ xwl_surface_damage(xwl_screen, xwl_window->surface, box->x1, box->y1, ++ box->x2 - box->x1, box->y2 - box->y1); + } else { + box = RegionRects(region); +- for (i = 0; i < RegionNumRects(region); i++, box++) +- wl_surface_damage(xwl_window->surface, box->x1, box->y1, +- box->x2 - box->x1, box->y2 - box->y1); ++ for (i = 0; i < RegionNumRects(region); i++, box++) { ++ xwl_surface_damage(xwl_screen, xwl_window->surface, ++ box->x1, box->y1, ++ box->x2 - box->x1, box->y2 - box->y1); ++ } + } + + xwl_window_create_frame_callback(xwl_window); +@@ -893,8 +905,13 @@ registry_global(void *data, struct wl_registry *registry, uint32_t id, + struct xwl_screen *xwl_screen = data; + + if (strcmp(interface, "wl_compositor") == 0) { ++ uint32_t request_version = 1; ++ ++ if (version >= WL_SURFACE_DAMAGE_BUFFER_SINCE_VERSION) ++ request_version = WL_SURFACE_DAMAGE_BUFFER_SINCE_VERSION; ++ + xwl_screen->compositor = +- wl_registry_bind(registry, id, &wl_compositor_interface, 1); ++ wl_registry_bind(registry, id, &wl_compositor_interface, request_version); + } + else if (strcmp(interface, "wl_shm") == 0) { + xwl_screen->shm = wl_registry_bind(registry, id, &wl_shm_interface, 1); +diff --git a/hw/xwayland/xwayland.h b/hw/xwayland/xwayland.h +index 91ae21eeb..1244d2e91 100644 +--- a/hw/xwayland/xwayland.h ++++ b/hw/xwayland/xwayland.h +@@ -382,6 +382,9 @@ struct xwl_output { + void xwl_window_create_frame_callback(struct xwl_window *xwl_window); + + void xwl_sync_events (struct xwl_screen *xwl_screen); ++void xwl_surface_damage(struct xwl_screen *xwl_screen, ++ struct wl_surface *surface, ++ int32_t x, int32_t y, int32_t width, int32_t height); + + void xwl_screen_roundtrip (struct xwl_screen *xwl_screen); + +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0004-xwayland-Add-fake-output-modes-to-xrandr-output-mode.patch b/SPECS-EXTENDED/xorg-x11-server/0004-xwayland-Add-fake-output-modes-to-xrandr-output-mode.patch new file mode 100644 index 0000000000..45d52a9589 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0004-xwayland-Add-fake-output-modes-to-xrandr-output-mode.patch @@ -0,0 +1,207 @@ +From 32987e08e7f1e79ee50ce032cc6c1b6d28e6a50d Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Wed, 26 Jun 2019 16:46:54 +0200 +Subject: [PATCH xserver 04/25] xwayland: Add fake output modes to xrandr + output mode lists +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This is a preparation patch for adding support for apps which want to +change the resolution when they go fullscreen because they are hardcoded +to render at a specific resolution, e.g. 640x480. + +Follow up patches will fake the mode-switch these apps want by using +WPviewport to scale there pixmap to cover the entire output. + +Reviewed-by: Olivier Fourdan +Acked-by: Michel Dänzer +Signed-off-by: Hans de Goede +(cherry picked from commit 0d656d796071fb637e4969ea800855fe5d1c9728) +--- + hw/xwayland/xwayland-output.c | 112 ++++++++++++++++++++++++++++++++-- + hw/xwayland/xwayland.c | 17 ++++++ + hw/xwayland/xwayland.h | 1 + + 3 files changed, 124 insertions(+), 6 deletions(-) + +diff --git a/hw/xwayland/xwayland-output.c b/hw/xwayland/xwayland-output.c +index ae646c663..4036ba681 100644 +--- a/hw/xwayland/xwayland-output.c ++++ b/hw/xwayland/xwayland-output.c +@@ -208,14 +208,110 @@ update_screen_size(struct xwl_output *xwl_output, int width, int height) + update_desktop_dimensions(); + } + ++/* From hw/xfree86/common/xf86DefModeSet.c with some obscure modes dropped */ ++const int32_t xwl_output_fake_modes[][2] = { ++ /* 4:3 (1.33) */ ++ { 2048, 1536 }, ++ { 1920, 1440 }, ++ { 1600, 1200 }, ++ { 1440, 1080 }, ++ { 1400, 1050 }, ++ { 1280, 1024 }, /* 5:4 (1.25) */ ++ { 1280, 960 }, ++ { 1152, 864 }, ++ { 1024, 768 }, ++ { 800, 600 }, ++ { 640, 480 }, ++ { 320, 240 }, ++ /* 16:10 (1.6) */ ++ { 2560, 1600 }, ++ { 1920, 1200 }, ++ { 1680, 1050 }, ++ { 1440, 900 }, ++ { 1280, 800 }, ++ { 720, 480 }, /* 3:2 (1.5) */ ++ { 640, 400 }, ++ { 320, 200 }, ++ /* 16:9 (1.77) */ ++ { 5120, 2880 }, ++ { 4096, 2304 }, ++ { 3840, 2160 }, ++ { 3200, 1800 }, ++ { 2880, 1620 }, ++ { 2560, 1440 }, ++ { 2048, 1152 }, ++ { 1920, 1080 }, ++ { 1600, 900 }, ++ { 1368, 768 }, ++ { 1280, 720 }, ++ { 1024, 576 }, ++ { 864, 486 }, ++ { 720, 400 }, ++ { 640, 350 }, ++}; ++ ++/* Build an array with RRModes the first mode is the actual output mode, the ++ * rest are fake modes from the xwl_output_fake_modes list. We do this for apps ++ * which want to change resolution when they go fullscreen. ++ * When an app requests a mode-change, we fake it using WPviewport. ++ */ ++static RRModePtr * ++output_get_rr_modes(struct xwl_output *xwl_output, ++ int32_t width, int32_t height, ++ int *count) ++{ ++ struct xwl_screen *xwl_screen = xwl_output->xwl_screen; ++ RRModePtr *rr_modes; ++ int i; ++ ++ rr_modes = xallocarray(ARRAY_SIZE(xwl_output_fake_modes) + 1, sizeof(RRModePtr)); ++ if (!rr_modes) ++ goto err; ++ ++ /* Add actual output mode */ ++ rr_modes[0] = xwayland_cvt(width, height, xwl_output->refresh / 1000.0, 0, 0); ++ if (!rr_modes[0]) ++ goto err; ++ ++ *count = 1; ++ ++ if (!xwl_screen_has_resolution_change_emulation(xwl_screen)) ++ return rr_modes; ++ ++ /* Add fake modes */ ++ for (i = 0; i < ARRAY_SIZE(xwl_output_fake_modes); i++) { ++ /* Skip actual output mode, already added */ ++ if (xwl_output_fake_modes[i][0] == width && ++ xwl_output_fake_modes[i][1] == height) ++ continue; ++ ++ /* Skip modes which are too big, avoid downscaling */ ++ if (xwl_output_fake_modes[i][0] > width || ++ xwl_output_fake_modes[i][1] > height) ++ continue; ++ ++ rr_modes[*count] = xwayland_cvt(xwl_output_fake_modes[i][0], ++ xwl_output_fake_modes[i][1], ++ xwl_output->refresh / 1000.0, 0, 0); ++ if (!rr_modes[*count]) ++ goto err; ++ ++ (*count)++; ++ } ++ ++ return rr_modes; ++err: ++ FatalError("Failed to allocate memory for list of RR modes"); ++} ++ + static void + apply_output_change(struct xwl_output *xwl_output) + { + struct xwl_screen *xwl_screen = xwl_output->xwl_screen; + struct xwl_output *it; +- int mode_width, mode_height; ++ int mode_width, mode_height, count; + int width = 0, height = 0, has_this_output = 0; +- RRModePtr randr_mode; ++ RRModePtr *randr_modes; + Bool need_rotate; + + /* Clear out the "done" received flags */ +@@ -234,12 +330,16 @@ apply_output_change(struct xwl_output *xwl_output) + mode_height = xwl_output->width; + } + +- randr_mode = xwayland_cvt(mode_width, mode_height, +- xwl_output->refresh / 1000.0, 0, 0); +- RROutputSetModes(xwl_output->randr_output, &randr_mode, 1, 1); +- RRCrtcNotify(xwl_output->randr_crtc, randr_mode, ++ /* Build a fresh modes array using the current refresh rate */ ++ randr_modes = output_get_rr_modes(xwl_output, mode_width, mode_height, &count); ++ RROutputSetModes(xwl_output->randr_output, randr_modes, count, 1); ++ RRCrtcNotify(xwl_output->randr_crtc, randr_modes[0], + xwl_output->x, xwl_output->y, + xwl_output->rotation, NULL, 1, &xwl_output->randr_output); ++ /* RROutputSetModes takes ownership of the passed in modes, so we only ++ * have to free the pointer array. ++ */ ++ free(randr_modes); + + xorg_list_for_each_entry(it, &xwl_screen->output_list, link) { + /* output done event is sent even when some property +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index 811257b00..e84515f94 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -154,6 +154,23 @@ xwl_screen_get(ScreenPtr screen) + return dixLookupPrivate(&screen->devPrivates, &xwl_screen_private_key); + } + ++static Bool ++xwl_screen_has_viewport_support(struct xwl_screen *xwl_screen) ++{ ++ return wl_compositor_get_version(xwl_screen->compositor) >= ++ WL_SURFACE_DAMAGE_BUFFER_SINCE_VERSION && ++ xwl_screen->viewporter != NULL; ++} ++ ++Bool ++xwl_screen_has_resolution_change_emulation(struct xwl_screen *xwl_screen) ++{ ++ /* Resolution change emulation is only supported in rootless mode and ++ * it requires viewport support. ++ */ ++ return xwl_screen->rootless && xwl_screen_has_viewport_support(xwl_screen); ++} ++ + static void + xwl_window_set_allow_commits(struct xwl_window *xwl_window, Bool allow, + const char *debug_msg) +diff --git a/hw/xwayland/xwayland.h b/hw/xwayland/xwayland.h +index 1244d2e91..200e18a8d 100644 +--- a/hw/xwayland/xwayland.h ++++ b/hw/xwayland/xwayland.h +@@ -391,6 +391,7 @@ void xwl_screen_roundtrip (struct xwl_screen *xwl_screen); + Bool xwl_screen_init_cursor(struct xwl_screen *xwl_screen); + + struct xwl_screen *xwl_screen_get(ScreenPtr screen); ++Bool xwl_screen_has_resolution_change_emulation(struct xwl_screen *xwl_screen); + + void xwl_tablet_tool_set_cursor(struct xwl_tablet_tool *tool); + void xwl_seat_set_cursor(struct xwl_seat *xwl_seat); +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0005-xwayland-Use-RandR-1.2-interface-rev-2.patch b/SPECS-EXTENDED/xorg-x11-server/0005-xwayland-Use-RandR-1.2-interface-rev-2.patch new file mode 100644 index 0000000000..7493da6def --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0005-xwayland-Use-RandR-1.2-interface-rev-2.patch @@ -0,0 +1,139 @@ +From 09dcf01f5ea8d1f828a58e54edd608e6918d0b59 Mon Sep 17 00:00:00 2001 +From: Robert Mader +Date: Mon, 22 Jan 2018 17:57:38 +0100 +Subject: [PATCH xserver 05/25] xwayland: Use RandR 1.2 interface (rev 2) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This adds the RandR 1.2 interface to xwayland and allows modes +advertised by the compositor to be set in an undistructive manner. + +With this patch, applications that try to set the resolution will usually +succeed and work while other apps using the same xwayland +instance are not affected at all. + +The RandR 1.2 interface will be needed to implement fake-mode-setting and +already makes applications work much cleaner and predictive when a mode +was set. + +[hdegoede@redhat.com: Make crtc_set only succeed if the mode matches + the desktop resolution] + +Reviewed-by: Olivier Fourdan +Acked-by: Michel Dänzer +Signed-off-by: Hans de Goede +(cherry picked from commit e89872f51aa834fa9d94a4ca4822f03b0341ab4f) +--- + hw/xwayland/xwayland-output.c | 81 +++++++++++++++++++++++++++++++++++ + 1 file changed, 81 insertions(+) + +diff --git a/hw/xwayland/xwayland-output.c b/hw/xwayland/xwayland-output.c +index 4036ba681..633ebb89e 100644 +--- a/hw/xwayland/xwayland-output.c ++++ b/hw/xwayland/xwayland-output.c +@@ -524,12 +524,80 @@ xwl_randr_get_info(ScreenPtr pScreen, Rotation * rotations) + return TRUE; + } + ++#ifdef RANDR_10_INTERFACE + static Bool + xwl_randr_set_config(ScreenPtr pScreen, + Rotation rotation, int rate, RRScreenSizePtr pSize) + { + return FALSE; + } ++#endif ++ ++#if RANDR_12_INTERFACE ++static Bool ++xwl_randr_screen_set_size(ScreenPtr pScreen, ++ CARD16 width, ++ CARD16 height, ++ CARD32 mmWidth, CARD32 mmHeight) ++{ ++ return TRUE; ++} ++ ++static Bool ++xwl_randr_crtc_set(ScreenPtr pScreen, ++ RRCrtcPtr crtc, ++ RRModePtr mode, ++ int x, ++ int y, ++ Rotation rotation, ++ int numOutputs, RROutputPtr * outputs) ++{ ++ struct xwl_output *xwl_output = crtc->devPrivate; ++ ++ if (!mode || (mode->mode.width == xwl_output->width && ++ mode->mode.height == xwl_output->height)) { ++ RRCrtcChanged(crtc, TRUE); ++ return TRUE; ++ } ++ ++ return FALSE; ++} ++ ++static Bool ++xwl_randr_crtc_set_gamma(ScreenPtr pScreen, RRCrtcPtr crtc) ++{ ++ return TRUE; ++} ++ ++static Bool ++xwl_randr_crtc_get_gamma(ScreenPtr pScreen, RRCrtcPtr crtc) ++{ ++ return TRUE; ++} ++ ++static Bool ++xwl_randr_output_set_property(ScreenPtr pScreen, ++ RROutputPtr output, ++ Atom property, ++ RRPropertyValuePtr value) ++{ ++ return TRUE; ++} ++ ++static Bool ++xwl_output_validate_mode(ScreenPtr pScreen, ++ RROutputPtr output, ++ RRModePtr mode) ++{ ++ return TRUE; ++} ++ ++static void ++xwl_randr_mode_destroy(ScreenPtr pScreen, RRModePtr mode) ++{ ++ return; ++} ++#endif + + Bool + xwl_screen_init_output(struct xwl_screen *xwl_screen) +@@ -543,7 +611,20 @@ xwl_screen_init_output(struct xwl_screen *xwl_screen) + + rp = rrGetScrPriv(xwl_screen->screen); + rp->rrGetInfo = xwl_randr_get_info; ++ ++#if RANDR_10_INTERFACE + rp->rrSetConfig = xwl_randr_set_config; ++#endif ++ ++#if RANDR_12_INTERFACE ++ rp->rrScreenSetSize = xwl_randr_screen_set_size; ++ rp->rrCrtcSet = xwl_randr_crtc_set; ++ rp->rrCrtcSetGamma = xwl_randr_crtc_set_gamma; ++ rp->rrCrtcGetGamma = xwl_randr_crtc_get_gamma; ++ rp->rrOutputSetProperty = xwl_randr_output_set_property; ++ rp->rrOutputValidateMode = xwl_output_validate_mode; ++ rp->rrModeDestroy = xwl_randr_mode_destroy; ++#endif + + return TRUE; + } +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0006-xwayland-Add-per-client-private-data.patch b/SPECS-EXTENDED/xorg-x11-server/0006-xwayland-Add-per-client-private-data.patch new file mode 100644 index 0000000000..5d64bd8082 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0006-xwayland-Add-per-client-private-data.patch @@ -0,0 +1,80 @@ +From ca0616ca4ca1badff2674fa5db8f290935b81e7f Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Thu, 29 Aug 2019 22:45:12 +0200 +Subject: [PATCH xserver 06/25] xwayland: Add per client private data +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Add per client private data, which for now is empty. + +This is a preparation patch for adding randr/vidmode resolution +change emulation. + +Reviewed-by: Olivier Fourdan +Acked-by: Michel Dänzer +Signed-off-by: Hans de Goede +(cherry picked from commit 905cb8b9e27add5f49a45fe167a0005bf05218bc) +--- + hw/xwayland/xwayland.c | 14 ++++++++++++++ + hw/xwayland/xwayland.h | 5 +++++ + 2 files changed, 19 insertions(+) + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index e84515f94..f422cfc29 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -137,11 +137,18 @@ ddxProcessArgument(int argc, char *argv[], int i) + return 0; + } + ++static DevPrivateKeyRec xwl_client_private_key; + static DevPrivateKeyRec xwl_window_private_key; + static DevPrivateKeyRec xwl_screen_private_key; + static DevPrivateKeyRec xwl_pixmap_private_key; + static DevPrivateKeyRec xwl_damage_private_key; + ++struct xwl_client * ++xwl_client_get(ClientPtr client) ++{ ++ return dixLookupPrivate(&client->devPrivates, &xwl_client_private_key); ++} ++ + static struct xwl_window * + xwl_window_get(WindowPtr window) + { +@@ -1145,6 +1152,13 @@ xwl_screen_init(ScreenPtr pScreen, int argc, char **argv) + return FALSE; + if (!dixRegisterPrivateKey(&xwl_damage_private_key, PRIVATE_WINDOW, 0)) + return FALSE; ++ /* There are no easy to use new / delete client hooks, we could use a ++ * ClientStateCallback, but it is easier to let the dix code manage the ++ * memory for us. This will zero fill the initial xwl_client data. ++ */ ++ if (!dixRegisterPrivateKey(&xwl_client_private_key, PRIVATE_CLIENT, ++ sizeof(struct xwl_client))) ++ return FALSE; + + dixSetPrivate(&pScreen->devPrivates, &xwl_screen_private_key, xwl_screen); + xwl_screen->screen = pScreen; +diff --git a/hw/xwayland/xwayland.h b/hw/xwayland/xwayland.h +index 200e18a8d..19626d394 100644 +--- a/hw/xwayland/xwayland.h ++++ b/hw/xwayland/xwayland.h +@@ -379,8 +379,13 @@ struct xwl_output { + Bool xdg_output_done; + }; + ++struct xwl_client { ++}; ++ + void xwl_window_create_frame_callback(struct xwl_window *xwl_window); + ++struct xwl_client *xwl_client_get(ClientPtr client); ++ + void xwl_sync_events (struct xwl_screen *xwl_screen); + void xwl_surface_damage(struct xwl_screen *xwl_screen, + struct wl_surface *surface, +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0007-xwayland-Add-support-for-storing-per-client-per-outp.patch b/SPECS-EXTENDED/xorg-x11-server/0007-xwayland-Add-support-for-storing-per-client-per-outp.patch new file mode 100644 index 0000000000..6673754e83 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0007-xwayland-Add-support-for-storing-per-client-per-outp.patch @@ -0,0 +1,149 @@ +From 4bc5480d2e63cceecdc18b4bfda4fb4624f8fb43 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Thu, 29 Aug 2019 23:04:36 +0200 +Subject: [PATCH xserver 07/25] xwayland: Add support for storing per client + per output emulated resolution +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Add support for storing per output randr/vidmode emulated resolution +into the per client data. + +Since we do not have a free/delete callback for the client this uses +a simple static array. The entries are tied to a specific output by the +server_output_id, with a server_output_id of 0 indicating a free slot +(0 is the "None" Wayland object id). + +Note that even if we were to store this in a linked list, we would still +need the server_output_id as this is *per client* *per output*. + +This is a preparation patch for adding randr/vidmode resolution +change emulation. + +Reviewed-by: Olivier Fourdan +Acked-by: Michel Dänzer +Signed-off-by: Hans de Goede +(cherry picked from commit aca0a588eb40a5e6669094a2ab7f71ca0ba06b16) +--- + hw/xwayland/xwayland-output.c | 67 +++++++++++++++++++++++++++++++++++ + hw/xwayland/xwayland.h | 17 +++++++++ + 2 files changed, 84 insertions(+) + +diff --git a/hw/xwayland/xwayland-output.c b/hw/xwayland/xwayland-output.c +index 633ebb89e..64794dee7 100644 +--- a/hw/xwayland/xwayland-output.c ++++ b/hw/xwayland/xwayland-output.c +@@ -208,6 +208,73 @@ update_screen_size(struct xwl_output *xwl_output, int width, int height) + update_desktop_dimensions(); + } + ++struct xwl_emulated_mode * ++xwl_output_get_emulated_mode_for_client(struct xwl_output *xwl_output, ++ ClientPtr client) ++{ ++ struct xwl_client *xwl_client = xwl_client_get(client); ++ int i; ++ ++ if (!xwl_output) ++ return NULL; ++ ++ for (i = 0; i < XWL_CLIENT_MAX_EMULATED_MODES; i++) { ++ if (xwl_client->emulated_modes[i].server_output_id == ++ xwl_output->server_output_id) ++ return &xwl_client->emulated_modes[i]; ++ } ++ ++ return NULL; ++} ++ ++static void ++xwl_output_add_emulated_mode_for_client(struct xwl_output *xwl_output, ++ ClientPtr client, ++ RRModePtr mode, ++ Bool from_vidmode) ++{ ++ struct xwl_client *xwl_client = xwl_client_get(client); ++ struct xwl_emulated_mode *emulated_mode; ++ int i; ++ ++ emulated_mode = xwl_output_get_emulated_mode_for_client(xwl_output, client); ++ if (!emulated_mode) { ++ /* Find a free spot in the emulated modes array */ ++ for (i = 0; i < XWL_CLIENT_MAX_EMULATED_MODES; i++) { ++ if (xwl_client->emulated_modes[i].server_output_id == 0) { ++ emulated_mode = &xwl_client->emulated_modes[i]; ++ break; ++ } ++ } ++ } ++ if (!emulated_mode) { ++ static Bool warned; ++ ++ if (!warned) { ++ ErrorF("Ran out of space for emulated-modes, not adding mode"); ++ warned = TRUE; ++ } ++ ++ return; ++ } ++ ++ emulated_mode->server_output_id = xwl_output->server_output_id; ++ emulated_mode->width = mode->mode.width; ++ emulated_mode->height = mode->mode.height; ++ emulated_mode->from_vidmode = from_vidmode; ++} ++ ++static void ++xwl_output_remove_emulated_mode_for_client(struct xwl_output *xwl_output, ++ ClientPtr client) ++{ ++ struct xwl_emulated_mode *emulated_mode; ++ ++ emulated_mode = xwl_output_get_emulated_mode_for_client(xwl_output, client); ++ if (emulated_mode) ++ memset(emulated_mode, 0, sizeof(*emulated_mode)); ++} ++ + /* From hw/xfree86/common/xf86DefModeSet.c with some obscure modes dropped */ + const int32_t xwl_output_fake_modes[][2] = { + /* 4:3 (1.33) */ +diff --git a/hw/xwayland/xwayland.h b/hw/xwayland/xwayland.h +index 19626d394..c886d77e9 100644 +--- a/hw/xwayland/xwayland.h ++++ b/hw/xwayland/xwayland.h +@@ -379,7 +379,21 @@ struct xwl_output { + Bool xdg_output_done; + }; + ++/* Per client per output emulated randr/vidmode resolution info. */ ++struct xwl_emulated_mode { ++ uint32_t server_output_id; ++ int32_t width; ++ int32_t height; ++ Bool from_vidmode; ++}; ++ ++/* Apps which use randr/vidmode to change the mode when going fullscreen, ++ * usually change the mode of only a single monitor, so this should be plenty. ++ */ ++#define XWL_CLIENT_MAX_EMULATED_MODES 16 ++ + struct xwl_client { ++ struct xwl_emulated_mode emulated_modes[XWL_CLIENT_MAX_EMULATED_MODES]; + }; + + void xwl_window_create_frame_callback(struct xwl_window *xwl_window); +@@ -427,6 +441,9 @@ void xwl_output_destroy(struct xwl_output *xwl_output); + + void xwl_output_remove(struct xwl_output *xwl_output); + ++struct xwl_emulated_mode *xwl_output_get_emulated_mode_for_client( ++ struct xwl_output *xwl_output, ClientPtr client); ++ + RRModePtr xwayland_cvt(int HDisplay, int VDisplay, + float VRefresh, Bool Reduced, Bool Interlaced); + +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0008-xwayland-Add-support-for-randr-resolution-change-emu.patch b/SPECS-EXTENDED/xorg-x11-server/0008-xwayland-Add-support-for-randr-resolution-change-emu.patch new file mode 100644 index 0000000000..75a287743a --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0008-xwayland-Add-support-for-randr-resolution-change-emu.patch @@ -0,0 +1,462 @@ +From 2f2a6b8556bd104740d76126640abcfe4705047c Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Tue, 2 Jul 2019 11:55:26 +0200 +Subject: [PATCH xserver 08/25] xwayland: Add support for randr-resolution + change emulation using viewport +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Add support for per client randr-resolution change emulation using viewport, +for apps which want to change the resolution when going fullscreen. + +Partly based on earlier work on this by Robert Mader + +Note SDL2 and SFML do not restore randr resolution when going from +fullscreen -> windowed, I believe this is caused by us still reporting the +desktop resolution when they query the resolution. This is not a problem +because when windowed the toplevel window size includes the window-decorations +so it never matches the emulated resolution. + +One exception would be the window being resizable in Windowed mode and the +user resizing the window so that including decorations it matches the +emulated resolution *and* the window being at pos 0x0. But this is an +extreme corner case. Still I will submit patches upstream to SDL2 +and SFML to always restore the desktop resolution under Xwayland, +disabling resolution emulation all together when going windowed. + +Reviewed-by: Olivier Fourdan +Acked-by: Michel Dänzer +Signed-off-by: Hans de Goede +(cherry picked from commit d99b9ff0f237d15e7eb507484493c73b393d5dba) +--- + hw/xwayland/xwayland-input.c | 5 + + hw/xwayland/xwayland-output.c | 63 ++++++++++- + hw/xwayland/xwayland.c | 199 ++++++++++++++++++++++++++++++++++ + hw/xwayland/xwayland.h | 15 +++ + 4 files changed, 276 insertions(+), 6 deletions(-) + +diff --git a/hw/xwayland/xwayland-input.c b/hw/xwayland/xwayland-input.c +index a05d178ff..7d75a8f54 100644 +--- a/hw/xwayland/xwayland-input.c ++++ b/hw/xwayland/xwayland-input.c +@@ -488,6 +488,11 @@ dispatch_pointer_motion_event(struct xwl_seat *xwl_seat) + int dx = xwl_seat->focus_window->window->drawable.x; + int dy = xwl_seat->focus_window->window->drawable.y; + ++ if (xwl_window_has_viewport_enabled(xwl_seat->focus_window)) { ++ sx *= xwl_seat->focus_window->scale_x; ++ sy *= xwl_seat->focus_window->scale_y; ++ } ++ + x = dx + sx; + y = dy + sy; + } else { +diff --git a/hw/xwayland/xwayland-output.c b/hw/xwayland/xwayland-output.c +index 64794dee7..e09d00108 100644 +--- a/hw/xwayland/xwayland-output.c ++++ b/hw/xwayland/xwayland-output.c +@@ -371,6 +371,42 @@ err: + FatalError("Failed to allocate memory for list of RR modes"); + } + ++RRModePtr ++xwl_output_find_mode(struct xwl_output *xwl_output, ++ int32_t width, int32_t height) ++{ ++ RROutputPtr output = xwl_output->randr_output; ++ int i; ++ ++ /* width & height -1 means we want the actual output mode, which is idx 0 */ ++ if (width == -1 && height == -1 && output->modes) ++ return output->modes[0]; ++ ++ for (i = 0; i < output->numModes; i++) { ++ if (output->modes[i]->mode.width == width && output->modes[i]->mode.height == height) ++ return output->modes[i]; ++ } ++ ++ ErrorF("XWAYLAND: mode %dx%d is not available\n", width, height); ++ return NULL; ++} ++ ++void ++xwl_output_set_emulated_mode(struct xwl_output *xwl_output, ClientPtr client, ++ RRModePtr mode, Bool from_vidmode) ++{ ++ DebugF("XWAYLAND: xwl_output_set_emulated_mode from %s: %dx%d\n", ++ from_vidmode ? "vidmode" : "randr", ++ mode->mode.width, mode->mode.height); ++ ++ if (mode->mode.width == xwl_output->width && mode->mode.height == xwl_output->height) ++ xwl_output_remove_emulated_mode_for_client(xwl_output, client); ++ else ++ xwl_output_add_emulated_mode_for_client(xwl_output, client, mode, from_vidmode); ++ ++ xwl_screen_check_resolution_change_emulation(xwl_output->xwl_screen); ++} ++ + static void + apply_output_change(struct xwl_output *xwl_output) + { +@@ -613,21 +649,36 @@ xwl_randr_screen_set_size(ScreenPtr pScreen, + static Bool + xwl_randr_crtc_set(ScreenPtr pScreen, + RRCrtcPtr crtc, +- RRModePtr mode, ++ RRModePtr new_mode, + int x, + int y, + Rotation rotation, + int numOutputs, RROutputPtr * outputs) + { + struct xwl_output *xwl_output = crtc->devPrivate; ++ RRModePtr mode; + +- if (!mode || (mode->mode.width == xwl_output->width && +- mode->mode.height == xwl_output->height)) { +- RRCrtcChanged(crtc, TRUE); +- return TRUE; ++ if (new_mode) { ++ mode = xwl_output_find_mode(xwl_output, ++ new_mode->mode.width, ++ new_mode->mode.height); ++ } else { ++ mode = xwl_output_find_mode(xwl_output, -1, -1); + } ++ if (!mode) ++ return FALSE; + +- return FALSE; ++ xwl_output_set_emulated_mode(xwl_output, GetCurrentClient(), mode, FALSE); ++ ++ /* A real randr implementation would call: ++ * RRCrtcNotify(xwl_output->randr_crtc, mode, xwl_output->x, xwl_output->y, ++ * xwl_output->rotation, NULL, 1, &xwl_output->randr_output); ++ * here to update the mode reported to clients querying the randr settings ++ * but that influences *all* clients and we do randr mode change emulation ++ * on a per client basis. So we just return success here. ++ */ ++ ++ return TRUE; + } + + static Bool +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index f422cfc29..87870a5f1 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -178,6 +178,23 @@ xwl_screen_has_resolution_change_emulation(struct xwl_screen *xwl_screen) + return xwl_screen->rootless && xwl_screen_has_viewport_support(xwl_screen); + } + ++/* Return the output @ 0x0, falling back to the first output in the list */ ++struct xwl_output * ++xwl_screen_get_first_output(struct xwl_screen *xwl_screen) ++{ ++ struct xwl_output *xwl_output; ++ ++ xorg_list_for_each_entry(xwl_output, &xwl_screen->output_list, link) { ++ if (xwl_output->x == 0 && xwl_output->y == 0) ++ return xwl_output; ++ } ++ ++ if (xorg_list_is_empty(&xwl_screen->output_list)) ++ return NULL; ++ ++ return xorg_list_first_entry(&xwl_screen->output_list, struct xwl_output, link); ++} ++ + static void + xwl_window_set_allow_commits(struct xwl_window *xwl_window, Bool allow, + const char *debug_msg) +@@ -501,6 +518,150 @@ xwl_pixmap_get(PixmapPtr pixmap) + return dixLookupPrivate(&pixmap->devPrivates, &xwl_pixmap_private_key); + } + ++Bool ++xwl_window_has_viewport_enabled(struct xwl_window *xwl_window) ++{ ++ return (xwl_window->viewport != NULL); ++} ++ ++static void ++xwl_window_disable_viewport(struct xwl_window *xwl_window) ++{ ++ assert (xwl_window->viewport); ++ ++ DebugF("XWAYLAND: disabling viewport\n"); ++ wp_viewport_destroy(xwl_window->viewport); ++ xwl_window->viewport = NULL; ++} ++ ++static void ++xwl_window_enable_viewport(struct xwl_window *xwl_window, ++ struct xwl_output *xwl_output, ++ struct xwl_emulated_mode *emulated_mode) ++{ ++ /* If necessary disable old viewport to apply new settings */ ++ if (xwl_window_has_viewport_enabled(xwl_window)) ++ xwl_window_disable_viewport(xwl_window); ++ ++ DebugF("XWAYLAND: enabling viewport %dx%d -> %dx%d\n", ++ emulated_mode->width, emulated_mode->height, ++ xwl_output->width, xwl_output->height); ++ ++ xwl_window->viewport = ++ wp_viewporter_get_viewport(xwl_window->xwl_screen->viewporter, ++ xwl_window->surface); ++ ++ wp_viewport_set_source(xwl_window->viewport, ++ wl_fixed_from_int(0), ++ wl_fixed_from_int(0), ++ wl_fixed_from_int(emulated_mode->width), ++ wl_fixed_from_int(emulated_mode->height)); ++ wp_viewport_set_destination(xwl_window->viewport, ++ xwl_output->width, ++ xwl_output->height); ++ ++ xwl_window->scale_x = (float)emulated_mode->width / xwl_output->width; ++ xwl_window->scale_y = (float)emulated_mode->height / xwl_output->height; ++} ++ ++static Bool ++xwl_screen_client_is_window_manager(struct xwl_screen *xwl_screen, ++ ClientPtr client) ++{ ++ WindowPtr root = xwl_screen->screen->root; ++ OtherClients *others; ++ ++ for (others = wOtherClients(root); others; others = others->next) { ++ if (SameClient(others, client)) { ++ if (others->mask & (SubstructureRedirectMask | ResizeRedirectMask)) ++ return TRUE; ++ } ++ } ++ ++ return FALSE; ++} ++ ++static ClientPtr ++xwl_window_get_owner(struct xwl_window *xwl_window) ++{ ++ WindowPtr window = xwl_window->window; ++ ClientPtr client = wClient(window); ++ ++ /* If the toplevel window is owned by the window-manager, then the ++ * actual client toplevel window has been reparented to a window-manager ++ * decoration window. In that case return the client of the ++ * first *and only* child of the toplevel (decoration) window. ++ */ ++ if (xwl_screen_client_is_window_manager(xwl_window->xwl_screen, client)) { ++ if (window->firstChild && window->firstChild == window->lastChild) ++ return wClient(window->firstChild); ++ else ++ return NULL; /* Should never happen, skip resolution emulation */ ++ } ++ ++ return client; ++} ++ ++static Bool ++xwl_window_should_enable_viewport(struct xwl_window *xwl_window, ++ struct xwl_output **xwl_output_ret, ++ struct xwl_emulated_mode **emulated_mode_ret) ++{ ++ struct xwl_screen *xwl_screen = xwl_window->xwl_screen; ++ struct xwl_emulated_mode *emulated_mode; ++ struct xwl_output *xwl_output; ++ ClientPtr owner; ++ ++ if (!xwl_screen_has_resolution_change_emulation(xwl_screen)) ++ return FALSE; ++ ++ owner = xwl_window_get_owner(xwl_window); ++ if (!owner) ++ return FALSE; ++ ++ /* 1. Test if the window matches the emulated mode on one of the outputs ++ * This path gets hit by most games / libs (e.g. SDL, SFML, OGRE) ++ */ ++ xorg_list_for_each_entry(xwl_output, &xwl_screen->output_list, link) { ++ emulated_mode = xwl_output_get_emulated_mode_for_client(xwl_output, owner); ++ if (!emulated_mode) ++ continue; ++ ++ if (xwl_window->x == xwl_output->x && ++ xwl_window->y == xwl_output->y && ++ xwl_window->width == emulated_mode->width && ++ xwl_window->height == emulated_mode->height) { ++ ++ *emulated_mode_ret = emulated_mode; ++ *xwl_output_ret = xwl_output; ++ return TRUE; ++ } ++ } ++ ++ return FALSE; ++} ++ ++static void ++xwl_window_check_resolution_change_emulation(struct xwl_window *xwl_window) ++{ ++ struct xwl_emulated_mode *emulated_mode; ++ struct xwl_output *xwl_output; ++ ++ if (xwl_window_should_enable_viewport(xwl_window, &xwl_output, &emulated_mode)) ++ xwl_window_enable_viewport(xwl_window, xwl_output, emulated_mode); ++ else if (xwl_window_has_viewport_enabled(xwl_window)) ++ xwl_window_disable_viewport(xwl_window); ++} ++ ++void ++xwl_screen_check_resolution_change_emulation(struct xwl_screen *xwl_screen) ++{ ++ struct xwl_window *xwl_window; ++ ++ xorg_list_for_each_entry(xwl_window, &xwl_screen->window_list, link_window) ++ xwl_window_check_resolution_change_emulation(xwl_window); ++} ++ + static void + xwl_window_init_allow_commits(struct xwl_window *xwl_window) + { +@@ -571,6 +732,8 @@ ensure_surface_for_window(WindowPtr window) + + xwl_window->xwl_screen = xwl_screen; + xwl_window->window = window; ++ xwl_window->width = window->drawable.width; ++ xwl_window->height = window->drawable.height; + xwl_window->surface = wl_compositor_create_surface(xwl_screen->compositor); + if (xwl_window->surface == NULL) { + ErrorF("wl_display_create_surface failed\n"); +@@ -612,6 +775,7 @@ ensure_surface_for_window(WindowPtr window) + + dixSetPrivate(&window->devPrivates, &xwl_window_private_key, xwl_window); + xorg_list_init(&xwl_window->link_damage); ++ xorg_list_add(&xwl_window->link_window, &xwl_screen->window_list); + + #ifdef GLAMOR_HAS_GBM + xorg_list_init(&xwl_window->frame_callback_list); +@@ -705,8 +869,12 @@ xwl_unrealize_window(WindowPtr window) + if (!xwl_window) + return ret; + ++ if (xwl_window_has_viewport_enabled(xwl_window)) ++ xwl_window_disable_viewport(xwl_window); ++ + wl_surface_destroy(xwl_window->surface); + xorg_list_del(&xwl_window->link_damage); ++ xorg_list_del(&xwl_window->link_window); + unregister_damage(window); + + if (xwl_window->frame_callback) +@@ -756,6 +924,33 @@ xwl_set_window_pixmap(WindowPtr window, + ensure_surface_for_window(window); + } + ++static void ++xwl_resize_window(WindowPtr window, ++ int x, int y, ++ unsigned int width, unsigned int height, ++ WindowPtr sib) ++{ ++ ScreenPtr screen = window->drawable.pScreen; ++ struct xwl_screen *xwl_screen; ++ struct xwl_window *xwl_window; ++ ++ xwl_screen = xwl_screen_get(screen); ++ xwl_window = xwl_window_get(window); ++ ++ screen->ResizeWindow = xwl_screen->ResizeWindow; ++ (*screen->ResizeWindow) (window, x, y, width, height, sib); ++ xwl_screen->ResizeWindow = screen->ResizeWindow; ++ screen->ResizeWindow = xwl_resize_window; ++ ++ if (xwl_window) { ++ xwl_window->x = x; ++ xwl_window->y = y; ++ xwl_window->width = width; ++ xwl_window->height = height; ++ xwl_window_check_resolution_change_emulation(xwl_window); ++ } ++} ++ + static void + frame_callback(void *data, + struct wl_callback *callback, +@@ -1233,6 +1428,7 @@ xwl_screen_init(ScreenPtr pScreen, int argc, char **argv) + xorg_list_init(&xwl_screen->output_list); + xorg_list_init(&xwl_screen->seat_list); + xorg_list_init(&xwl_screen->damage_window_list); ++ xorg_list_init(&xwl_screen->window_list); + xwl_screen->depth = 24; + + if (!monitorResolution) +@@ -1332,6 +1528,9 @@ xwl_screen_init(ScreenPtr pScreen, int argc, char **argv) + xwl_screen->CloseScreen = pScreen->CloseScreen; + pScreen->CloseScreen = xwl_close_screen; + ++ xwl_screen->ResizeWindow = pScreen->ResizeWindow; ++ pScreen->ResizeWindow = xwl_resize_window; ++ + if (xwl_screen->rootless) { + xwl_screen->SetWindowPixmap = pScreen->SetWindowPixmap; + pScreen->SetWindowPixmap = xwl_set_window_pixmap; +diff --git a/hw/xwayland/xwayland.h b/hw/xwayland/xwayland.h +index c886d77e9..36c4c4c8b 100644 +--- a/hw/xwayland/xwayland.h ++++ b/hw/xwayland/xwayland.h +@@ -135,10 +135,12 @@ struct xwl_screen { + DestroyWindowProcPtr DestroyWindow; + XYToWindowProcPtr XYToWindow; + SetWindowPixmapProcPtr SetWindowPixmap; ++ ResizeWindowProcPtr ResizeWindow; + + struct xorg_list output_list; + struct xorg_list seat_list; + struct xorg_list damage_window_list; ++ struct xorg_list window_list; + + int wayland_fd; + struct wl_display *display; +@@ -179,9 +181,13 @@ struct xwl_screen { + struct xwl_window { + struct xwl_screen *xwl_screen; + struct wl_surface *surface; ++ struct wp_viewport *viewport; ++ int32_t x, y, width, height; ++ float scale_x, scale_y; + struct wl_shell_surface *shell_surface; + WindowPtr window; + struct xorg_list link_damage; ++ struct xorg_list link_window; + struct wl_callback *frame_callback; + Bool allow_commits; + #ifdef GLAMOR_HAS_GBM +@@ -411,6 +417,9 @@ Bool xwl_screen_init_cursor(struct xwl_screen *xwl_screen); + + struct xwl_screen *xwl_screen_get(ScreenPtr screen); + Bool xwl_screen_has_resolution_change_emulation(struct xwl_screen *xwl_screen); ++struct xwl_output *xwl_screen_get_first_output(struct xwl_screen *xwl_screen); ++void xwl_screen_check_resolution_change_emulation(struct xwl_screen *xwl_screen); ++Bool xwl_window_has_viewport_enabled(struct xwl_window *xwl_window); + + void xwl_tablet_tool_set_cursor(struct xwl_tablet_tool *tool); + void xwl_seat_set_cursor(struct xwl_seat *xwl_seat); +@@ -444,6 +453,12 @@ void xwl_output_remove(struct xwl_output *xwl_output); + struct xwl_emulated_mode *xwl_output_get_emulated_mode_for_client( + struct xwl_output *xwl_output, ClientPtr client); + ++RRModePtr xwl_output_find_mode(struct xwl_output *xwl_output, ++ int32_t width, int32_t height); ++void xwl_output_set_emulated_mode(struct xwl_output *xwl_output, ++ ClientPtr client, RRModePtr mode, ++ Bool from_vidmode); ++ + RRModePtr xwayland_cvt(int HDisplay, int VDisplay, + float VRefresh, Bool Reduced, Bool Interlaced); + +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0009-xwayland-Add-xwlRRModeToDisplayMode-helper-function.patch b/SPECS-EXTENDED/xorg-x11-server/0009-xwayland-Add-xwlRRModeToDisplayMode-helper-function.patch new file mode 100644 index 0000000000..1d2996063b --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0009-xwayland-Add-xwlRRModeToDisplayMode-helper-function.patch @@ -0,0 +1,101 @@ +From aedd71a61ac2d78c347180e7d87e5918b795609e Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Mon, 8 Jul 2019 14:00:27 +0200 +Subject: [PATCH xserver 09/25] xwayland: Add xwlRRModeToDisplayMode() helper + function +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This is a preparation patch for adding emulated mode/resolution change +support to Xwayland's XF86 vidmode extension emulation, using the +Wayland viewport extension. + +Reviewed-by: Olivier Fourdan +Acked-by: Michel Dänzer +Signed-off-by: Hans de Goede +(cherry picked from commit 43c80078126f6f33c6ab7d3cf4668733bde03366) +--- + hw/xwayland/xwayland-vidmode.c | 51 +++++++++++++++++++--------------- + 1 file changed, 28 insertions(+), 23 deletions(-) + +diff --git a/hw/xwayland/xwayland-vidmode.c b/hw/xwayland/xwayland-vidmode.c +index d25d1aca1..428af716d 100644 +--- a/hw/xwayland/xwayland-vidmode.c ++++ b/hw/xwayland/xwayland-vidmode.c +@@ -78,13 +78,37 @@ mode_refresh(const xRRModeInfo *mode_info) + return rate; + } + ++static void ++xwlRRModeToDisplayMode(RRModePtr rrmode, DisplayModePtr mode) ++{ ++ const xRRModeInfo *mode_info = &rrmode->mode; ++ ++ mode->next = mode; ++ mode->prev = mode; ++ mode->name = ""; ++ mode->VScan = 1; ++ mode->Private = NULL; ++ mode->HDisplay = mode_info->width; ++ mode->HSyncStart = mode_info->hSyncStart; ++ mode->HSyncEnd = mode_info->hSyncEnd; ++ mode->HTotal = mode_info->hTotal; ++ mode->HSkew = mode_info->hSkew; ++ mode->VDisplay = mode_info->height; ++ mode->VSyncStart = mode_info->vSyncStart; ++ mode->VSyncEnd = mode_info->vSyncEnd; ++ mode->VTotal = mode_info->vTotal; ++ mode->Flags = mode_info->modeFlags; ++ mode->Clock = mode_info->dotClock / 1000.0; ++ mode->VRefresh = mode_refresh(mode_info); /* Or RRVerticalRefresh() */ ++ mode->HSync = mode_hsync(mode_info); ++} ++ + static Bool + xwlVidModeGetCurrentModeline(ScreenPtr pScreen, DisplayModePtr *mode, int *dotClock) + { + DisplayModePtr pMod; + RROutputPtr output; + RRCrtcPtr crtc; +- xRRModeInfo rrmode; + + pMod = dixLookupPrivate(&pScreen->devPrivates, xwlVidModePrivateKey); + if (pMod == NULL) +@@ -98,30 +122,11 @@ xwlVidModeGetCurrentModeline(ScreenPtr pScreen, DisplayModePtr *mode, int *dotCl + if (crtc == NULL) + return FALSE; + +- rrmode = crtc->mode->mode; +- +- pMod->next = pMod; +- pMod->prev = pMod; +- pMod->name = ""; +- pMod->VScan = 1; +- pMod->Private = NULL; +- pMod->HDisplay = rrmode.width; +- pMod->HSyncStart = rrmode.hSyncStart; +- pMod->HSyncEnd = rrmode.hSyncEnd; +- pMod->HTotal = rrmode.hTotal; +- pMod->HSkew = rrmode.hSkew; +- pMod->VDisplay = rrmode.height; +- pMod->VSyncStart = rrmode.vSyncStart; +- pMod->VSyncEnd = rrmode.vSyncEnd; +- pMod->VTotal = rrmode.vTotal; +- pMod->Flags = rrmode.modeFlags; +- pMod->Clock = rrmode.dotClock / 1000.0; +- pMod->VRefresh = mode_refresh(&rrmode); /* Or RRVerticalRefresh() */ +- pMod->HSync = mode_hsync(&rrmode); +- *mode = pMod; ++ xwlRRModeToDisplayMode(crtc->mode, pMod); + ++ *mode = pMod; + if (dotClock != NULL) +- *dotClock = rrmode.dotClock / 1000.0; ++ *dotClock = pMod->Clock; + + return TRUE; + } +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0010-xwayland-Add-xwlVidModeGetCurrentRRMode-helper-to-th.patch b/SPECS-EXTENDED/xorg-x11-server/0010-xwayland-Add-xwlVidModeGetCurrentRRMode-helper-to-th.patch new file mode 100644 index 0000000000..ea1f6c4b3e --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0010-xwayland-Add-xwlVidModeGetCurrentRRMode-helper-to-th.patch @@ -0,0 +1,193 @@ +From 719c1d2ef99784043883787d04afc0437f3a9b8f Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Mon, 8 Jul 2019 18:35:27 +0200 +Subject: [PATCH xserver 10/25] xwayland: Add xwlVidModeGetCurrentRRMode helper + to the vidmode code +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +crtc->mode reflects the mode set through the xrandr extension, once we +add support for also changing the mode through the vidmode extension this +will no longer correctly reflect the emulated resolution. + +Add a new xwlVidModeGetCurrentRRMode helper which determines the mode by +looking at the emulated_mode instead. + +Likewise add a xwlVidModeGetRRMode helper and use that in +xwlVidModeCheckModeForMonitor/xwlVidModeCheckModeForDriver to allow any +mode listed in the randr_output's mode list. + +This is a preparation patch for adding emulated mode/resolution change +support to Xwayland's XF86 vidmode extension emulation. + +Reviewed-by: Olivier Fourdan +Acked-by: Michel Dänzer +Signed-off-by: Hans de Goede +(cherry picked from commit bcad1b813a04b9f3ff225f57a4baad09bd6315b9) +--- + hw/xwayland/xwayland-vidmode.c | 90 +++++++++++++++++++++------------- + 1 file changed, 56 insertions(+), 34 deletions(-) + +diff --git a/hw/xwayland/xwayland-vidmode.c b/hw/xwayland/xwayland-vidmode.c +index 428af716d..7cf982fcc 100644 +--- a/hw/xwayland/xwayland-vidmode.c ++++ b/hw/xwayland/xwayland-vidmode.c +@@ -103,26 +103,56 @@ xwlRRModeToDisplayMode(RRModePtr rrmode, DisplayModePtr mode) + mode->HSync = mode_hsync(mode_info); + } + ++static RRModePtr ++xwlVidModeGetRRMode(ScreenPtr pScreen, int32_t width, int32_t height) ++{ ++ RROutputPtr output = RRFirstOutput(pScreen); ++ ++ if (output == NULL) ++ return NULL; ++ ++ return xwl_output_find_mode(output->devPrivate, width, height); ++} ++ ++static RRModePtr ++xwlVidModeGetCurrentRRMode(ScreenPtr pScreen) ++{ ++ struct xwl_emulated_mode *emulated_mode; ++ struct xwl_output *xwl_output; ++ RROutputPtr output; ++ ++ output = RRFirstOutput(pScreen); ++ if (output == NULL) ++ return NULL; ++ ++ xwl_output = output->devPrivate; ++ emulated_mode = ++ xwl_output_get_emulated_mode_for_client(xwl_output, GetCurrentClient()); ++ ++ if (emulated_mode) { ++ return xwl_output_find_mode(xwl_output, ++ emulated_mode->width, ++ emulated_mode->height); ++ } else { ++ return xwl_output_find_mode(xwl_output, -1, -1); ++ } ++} ++ + static Bool + xwlVidModeGetCurrentModeline(ScreenPtr pScreen, DisplayModePtr *mode, int *dotClock) + { + DisplayModePtr pMod; +- RROutputPtr output; +- RRCrtcPtr crtc; ++ RRModePtr rrmode; + + pMod = dixLookupPrivate(&pScreen->devPrivates, xwlVidModePrivateKey); + if (pMod == NULL) + return FALSE; + +- output = RRFirstOutput(pScreen); +- if (output == NULL) +- return FALSE; +- +- crtc = output->crtc; +- if (crtc == NULL) ++ rrmode = xwlVidModeGetCurrentRRMode(pScreen); ++ if (rrmode == NULL) + return FALSE; + +- xwlRRModeToDisplayMode(crtc->mode, pMod); ++ xwlRRModeToDisplayMode(rrmode, pMod); + + *mode = pMod; + if (dotClock != NULL) +@@ -135,9 +165,10 @@ static vidMonitorValue + xwlVidModeGetMonitorValue(ScreenPtr pScreen, int valtyp, int indx) + { + vidMonitorValue ret = { NULL, }; +- DisplayModePtr pMod; ++ RRModePtr rrmode; + +- if (!xwlVidModeGetCurrentModeline(pScreen, &pMod, NULL)) ++ rrmode = xwlVidModeGetCurrentRRMode(pScreen); ++ if (rrmode == NULL) + return ret; + + switch (valtyp) { +@@ -155,11 +186,11 @@ xwlVidModeGetMonitorValue(ScreenPtr pScreen, int valtyp, int indx) + break; + case VIDMODE_MON_HSYNC_LO: + case VIDMODE_MON_HSYNC_HI: +- ret.f = 100.0 * pMod->HSync; ++ ret.f = mode_hsync(&rrmode->mode) * 100.0; + break; + case VIDMODE_MON_VREFRESH_LO: + case VIDMODE_MON_VREFRESH_HI: +- ret.f = 100.0 * pMod->VRefresh; ++ ret.f = mode_refresh(&rrmode->mode) * 100.0; + break; + } + return ret; +@@ -168,13 +199,13 @@ xwlVidModeGetMonitorValue(ScreenPtr pScreen, int valtyp, int indx) + static int + xwlVidModeGetDotClock(ScreenPtr pScreen, int Clock) + { +- DisplayModePtr pMod; ++ RRModePtr rrmode; + +- if (!xwlVidModeGetCurrentModeline(pScreen, &pMod, NULL)) ++ rrmode = xwlVidModeGetCurrentRRMode(pScreen); ++ if (rrmode == NULL) + return 0; + +- return pMod->Clock; +- ++ return rrmode->mode.dotClock / 1000.0; + } + + static int +@@ -272,14 +303,15 @@ xwlVidModeLockZoom(ScreenPtr pScreen, Bool lock) + static ModeStatus + xwlVidModeCheckModeForMonitor(ScreenPtr pScreen, DisplayModePtr mode) + { +- DisplayModePtr pMod; ++ RRModePtr rrmode; + +- /* This should not happen */ +- if (!xwlVidModeGetCurrentModeline(pScreen, &pMod, NULL)) ++ rrmode = xwlVidModeGetRRMode(pScreen, mode->HDisplay, mode->VDisplay); ++ if (rrmode == NULL) + return MODE_ERROR; + + /* Only support mode with the same HSync/VRefresh as we advertise */ +- if (mode->HSync == pMod->HSync && mode->VRefresh == pMod->VRefresh) ++ if (mode->HSync == mode_hsync(&rrmode->mode) && ++ mode->VRefresh == mode_refresh(&rrmode->mode)) + return MODE_OK; + + /* All the rest is unsupported - If we want to succeed, return MODE_OK instead */ +@@ -289,20 +321,10 @@ xwlVidModeCheckModeForMonitor(ScreenPtr pScreen, DisplayModePtr mode) + static ModeStatus + xwlVidModeCheckModeForDriver(ScreenPtr pScreen, DisplayModePtr mode) + { +- DisplayModePtr pMod; +- +- /* This should not happen */ +- if (!xwlVidModeGetCurrentModeline(pScreen, &pMod, NULL)) +- return MODE_ERROR; +- +- if (mode->HTotal != pMod->HTotal) +- return MODE_BAD_HVALUE; ++ RRModePtr rrmode; + +- if (mode->VTotal != pMod->VTotal) +- return MODE_BAD_VVALUE; +- +- /* Unsupported for now, but pretend it works */ +- return MODE_OK; ++ rrmode = xwlVidModeGetRRMode(pScreen, mode->HDisplay, mode->VDisplay); ++ return rrmode ? MODE_OK : MODE_ERROR; + } + + static void +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0011-xwayland-Add-vidmode-mode-changing-emulation-support.patch b/SPECS-EXTENDED/xorg-x11-server/0011-xwayland-Add-vidmode-mode-changing-emulation-support.patch new file mode 100644 index 0000000000..f3df892773 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0011-xwayland-Add-vidmode-mode-changing-emulation-support.patch @@ -0,0 +1,236 @@ +From 98e6cadf2ba8490c303cdc94106baf3f31006299 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Tue, 9 Jul 2019 09:31:13 +0200 +Subject: [PATCH xserver 11/25] xwayland: Add vidmode mode changing emulation + support +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Add support for fake mode changes using viewport, for apps which want to +change the resolution when going fullscreen. + +Reviewed-by: Olivier Fourdan +Acked-by: Michel Dänzer +Signed-off-by: Hans de Goede +(cherry picked from commit 38de6260816674b5430144cc38a8a27d93d1bf19) +--- + hw/xwayland/xwayland-vidmode.c | 130 ++++++++++++++++++++++----------- + 1 file changed, 86 insertions(+), 44 deletions(-) + +diff --git a/hw/xwayland/xwayland-vidmode.c b/hw/xwayland/xwayland-vidmode.c +index 7cf982fcc..99a4d2c92 100644 +--- a/hw/xwayland/xwayland-vidmode.c ++++ b/hw/xwayland/xwayland-vidmode.c +@@ -106,26 +106,25 @@ xwlRRModeToDisplayMode(RRModePtr rrmode, DisplayModePtr mode) + static RRModePtr + xwlVidModeGetRRMode(ScreenPtr pScreen, int32_t width, int32_t height) + { +- RROutputPtr output = RRFirstOutput(pScreen); ++ struct xwl_screen *xwl_screen = xwl_screen_get(pScreen); ++ struct xwl_output *xwl_output = xwl_screen_get_first_output(xwl_screen); + +- if (output == NULL) ++ if (!xwl_output) + return NULL; + +- return xwl_output_find_mode(output->devPrivate, width, height); ++ return xwl_output_find_mode(xwl_output, width, height); + } + + static RRModePtr + xwlVidModeGetCurrentRRMode(ScreenPtr pScreen) + { ++ struct xwl_screen *xwl_screen = xwl_screen_get(pScreen); ++ struct xwl_output *xwl_output = xwl_screen_get_first_output(xwl_screen); + struct xwl_emulated_mode *emulated_mode; +- struct xwl_output *xwl_output; +- RROutputPtr output; + +- output = RRFirstOutput(pScreen); +- if (output == NULL) ++ if (!xwl_output) + return NULL; + +- xwl_output = output->devPrivate; + emulated_mode = + xwl_output_get_emulated_mode_for_client(xwl_output, GetCurrentClient()); + +@@ -199,39 +198,79 @@ xwlVidModeGetMonitorValue(ScreenPtr pScreen, int valtyp, int indx) + static int + xwlVidModeGetDotClock(ScreenPtr pScreen, int Clock) + { +- RRModePtr rrmode; +- +- rrmode = xwlVidModeGetCurrentRRMode(pScreen); +- if (rrmode == NULL) +- return 0; +- +- return rrmode->mode.dotClock / 1000.0; ++ return Clock; + } + + static int + xwlVidModeGetNumOfClocks(ScreenPtr pScreen, Bool *progClock) + { +- return 1; ++ /* We emulate a programmable clock, rather then a fixed set of clocks */ ++ *progClock = TRUE; ++ return 0; + } + + static Bool + xwlVidModeGetClocks(ScreenPtr pScreen, int *Clocks) + { +- *Clocks = xwlVidModeGetDotClock(pScreen, 0); +- +- return TRUE; ++ return FALSE; /* Programmable clock, no clock list */ + } + ++/* GetFirstModeline and GetNextModeline are used from Xext/vidmode.c like this: ++ * if (pVidMode->GetFirstModeline(pScreen, &mode, &dotClock)) { ++ * do { ++ * ... ++ * if (...) ++ * break; ++ * } while (pVidMode->GetNextModeline(pScreen, &mode, &dotClock)); ++ * } ++ * IOW our caller basically always loops over all the modes. There never is a ++ * return to the mainloop between GetFirstModeline and NextModeline calls where ++ * other parts of the server may change our state so we do not need to worry ++ * about xwl_output->randr_output->modes changing underneath us. ++ * Thus we can simply implement these two callbacks by storing the enumeration ++ * index in pVidMode->Next. ++ */ ++ + static Bool + xwlVidModeGetNextModeline(ScreenPtr pScreen, DisplayModePtr *mode, int *dotClock) + { +- return FALSE; ++ struct xwl_screen *xwl_screen = xwl_screen_get(pScreen); ++ struct xwl_output *xwl_output = xwl_screen_get_first_output(xwl_screen); ++ VidModePtr pVidMode; ++ DisplayModePtr pMod; ++ intptr_t index; ++ ++ pMod = dixLookupPrivate(&pScreen->devPrivates, xwlVidModePrivateKey); ++ pVidMode = VidModeGetPtr(pScreen); ++ if (xwl_output == NULL || pMod == NULL || pVidMode == NULL) ++ return FALSE; ++ ++ index = (intptr_t)pVidMode->Next; ++ if (index >= xwl_output->randr_output->numModes) ++ return FALSE; ++ xwlRRModeToDisplayMode(xwl_output->randr_output->modes[index], pMod); ++ index++; ++ pVidMode->Next = (void *)index; ++ ++ *mode = pMod; ++ if (dotClock != NULL) ++ *dotClock = pMod->Clock; ++ ++ return TRUE; + } + + static Bool + xwlVidModeGetFirstModeline(ScreenPtr pScreen, DisplayModePtr *mode, int *dotClock) + { +- return xwlVidModeGetCurrentModeline(pScreen, mode, dotClock); ++ VidModePtr pVidMode; ++ intptr_t index = 0; ++ ++ pVidMode = VidModeGetPtr(pScreen); ++ if (pVidMode == NULL) ++ return FALSE; ++ ++ pVidMode->Next = (void *)index; /* 0 */ ++ return xwlVidModeGetNextModeline(pScreen, mode, dotClock); + } + + static Bool +@@ -251,37 +290,27 @@ xwlVidModeZoomViewport(ScreenPtr pScreen, int zoom) + static Bool + xwlVidModeSetViewPort(ScreenPtr pScreen, int x, int y) + { +- RROutputPtr output; +- RRCrtcPtr crtc; ++ struct xwl_screen *xwl_screen = xwl_screen_get(pScreen); ++ struct xwl_output *xwl_output = xwl_screen_get_first_output(xwl_screen); + +- output = RRFirstOutput(pScreen); +- if (output == NULL) +- return FALSE; +- +- crtc = output->crtc; +- if (crtc == NULL) ++ if (!xwl_output) + return FALSE; + + /* Support only default viewport */ +- return (x == crtc->x && y == crtc->y); ++ return (x == xwl_output->x && y == xwl_output->y); + } + + static Bool + xwlVidModeGetViewPort(ScreenPtr pScreen, int *x, int *y) + { +- RROutputPtr output; +- RRCrtcPtr crtc; ++ struct xwl_screen *xwl_screen = xwl_screen_get(pScreen); ++ struct xwl_output *xwl_output = xwl_screen_get_first_output(xwl_screen); + +- output = RRFirstOutput(pScreen); +- if (output == NULL) ++ if (!xwl_output) + return FALSE; + +- crtc = output->crtc; +- if (crtc == NULL) +- return FALSE; +- +- *x = crtc->x; +- *y = crtc->y; ++ *x = xwl_output->x; ++ *y = xwl_output->y; + + return TRUE; + } +@@ -289,8 +318,19 @@ xwlVidModeGetViewPort(ScreenPtr pScreen, int *x, int *y) + static Bool + xwlVidModeSwitchMode(ScreenPtr pScreen, DisplayModePtr mode) + { +- /* Unsupported for now */ +- return FALSE; ++ struct xwl_screen *xwl_screen = xwl_screen_get(pScreen); ++ struct xwl_output *xwl_output = xwl_screen_get_first_output(xwl_screen); ++ RRModePtr rrmode; ++ ++ if (!xwl_output) ++ return FALSE; ++ ++ rrmode = xwl_output_find_mode(xwl_output, mode->HDisplay, mode->VDisplay); ++ if (rrmode == NULL) ++ return FALSE; ++ ++ xwl_output_set_emulated_mode(xwl_output, GetCurrentClient(), rrmode, TRUE); ++ return TRUE; + } + + static Bool +@@ -344,8 +384,10 @@ xwlVidModeAddModeline(ScreenPtr pScreen, DisplayModePtr mode) + static int + xwlVidModeGetNumOfModes(ScreenPtr pScreen) + { +- /* We have only one mode */ +- return 1; ++ struct xwl_screen *xwl_screen = xwl_screen_get(pScreen); ++ struct xwl_output *xwl_output = xwl_screen_get_first_output(xwl_screen); ++ ++ return xwl_output ? xwl_output->randr_output->numModes : 0; + } + + static Bool +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0012-xwayland-xwl_window_should_enable_viewport-Add-extra.patch b/SPECS-EXTENDED/xorg-x11-server/0012-xwayland-xwl_window_should_enable_viewport-Add-extra.patch new file mode 100644 index 0000000000..8b8ca1c9b2 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0012-xwayland-xwl_window_should_enable_viewport-Add-extra.patch @@ -0,0 +1,57 @@ +From 3d359d03573dee270b72f0cea1ea9061c2c886c3 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Mon, 26 Aug 2019 12:26:34 +0200 +Subject: [PATCH xserver 12/25] xwayland: xwl_window_should_enable_viewport: + Add extra test +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Games based on the allegro gaming library or on ClanLib-1.0 do not size +their window to match the fullscreen resolution, instead they use a +window covering the entire screen, drawing only the fullscreen resolution +part of it. + +This commit adds a check for these games, so that we correctly apply a +viewport to them making fullscreen work properly for these games under +Xwayland. + +Reviewed-by: Olivier Fourdan +Acked-by: Michel Dänzer +Signed-off-by: Hans de Goede +(cherry picked from commit 0c305dbff8a44f3fa3d6aefd372a967029a7a527) +--- + hw/xwayland/xwayland.c | 17 +++++++++++++++++ + 1 file changed, 17 insertions(+) + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index 87870a5f1..9175396f7 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -638,6 +638,23 @@ xwl_window_should_enable_viewport(struct xwl_window *xwl_window, + } + } + ++ /* 2. Test if the window uses override-redirect + vidmode ++ * and matches (fully covers) the entire screen. ++ * This path gets hit by: allegro4, ClanLib-1.0. ++ */ ++ xwl_output = xwl_screen_get_first_output(xwl_screen); ++ emulated_mode = xwl_output_get_emulated_mode_for_client(xwl_output, owner); ++ if (xwl_output && xwl_window->window->overrideRedirect && ++ emulated_mode && emulated_mode->from_vidmode && ++ xwl_window->x == 0 && xwl_window->y == 0 && ++ xwl_window->width == xwl_screen->width && ++ xwl_window->height == xwl_screen->height) { ++ ++ *emulated_mode_ret = emulated_mode; ++ *xwl_output_ret = xwl_output; ++ return TRUE; ++ } ++ + return FALSE; + } + +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0013-xwayland-Set-_XWAYLAND_RANDR_EMU_MONITOR_RECTS-prope.patch b/SPECS-EXTENDED/xorg-x11-server/0013-xwayland-Set-_XWAYLAND_RANDR_EMU_MONITOR_RECTS-prope.patch new file mode 100644 index 0000000000..7aef593024 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0013-xwayland-Set-_XWAYLAND_RANDR_EMU_MONITOR_RECTS-prope.patch @@ -0,0 +1,205 @@ +From 48bc25613f91b69d9ee68e8211f8bf22317aa40a Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Mon, 2 Sep 2019 17:32:45 +0200 +Subject: [PATCH xserver 13/25] xwayland: Set _XWAYLAND_RANDR_EMU_MONITOR_RECTS + property for resolution emulation +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Apps using randr to change the resolution when going fullscreen, in +combination with _NET_WM_STATE_FULLSCREEN to tell the window-manager (WM) +to make their window fullscreen, expect the WM to give the fullscreen window +the size of the emulated resolution as would happen when run under Xorg (*). + +We need the WM to emulate this behavior for these apps to work correctly, +with Xwaylands resolution change emulation. For the WM to emulate this, +it needs to know about the emulated resolution for the Windows owning +client for each monitor. + +This commit adds a _XWAYLAND_RANDR_EMU_MONITOR_RECTS property, which +contains 4 Cardinals (32 bit integers) per monitor with resolution +emulation info. Window-managers can use this to get the emulated +resolution for the client and size the window correctly. + +*) Since under Xorg the resolution will actually be changed and after that +going fullscreen through NET_WM_STATE_FULLSCREEN will size the window to +be equal to the new resolution. + +Reviewed-by: Olivier Fourdan +Acked-by: Michel Dänzer +Signed-off-by: Hans de Goede +(cherry picked from commit 5315f988d9f175e4850f4259f691a68d95ce7ac2) +--- + hw/xwayland/xwayland-output.c | 77 +++++++++++++++++++++++++++++++++++ + hw/xwayland/xwayland.c | 23 +++++++++++ + hw/xwayland/xwayland.h | 3 ++ + 3 files changed, 103 insertions(+) + +diff --git a/hw/xwayland/xwayland-output.c b/hw/xwayland/xwayland-output.c +index e09d00108..0d6b9ac9f 100644 +--- a/hw/xwayland/xwayland-output.c ++++ b/hw/xwayland/xwayland-output.c +@@ -29,6 +29,7 @@ + + #include "xwayland.h" + #include ++#include + + #define ALL_ROTATIONS (RR_Rotate_0 | \ + RR_Rotate_90 | \ +@@ -391,6 +392,80 @@ xwl_output_find_mode(struct xwl_output *xwl_output, + return NULL; + } + ++struct xwl_output_randr_emu_prop { ++ Atom atom; ++ uint32_t rects[XWL_CLIENT_MAX_EMULATED_MODES][4]; ++ int rect_count; ++}; ++ ++static void ++xwl_output_randr_emu_prop(struct xwl_screen *xwl_screen, ClientPtr client, ++ struct xwl_output_randr_emu_prop *prop) ++{ ++ static const char atom_name[] = "_XWAYLAND_RANDR_EMU_MONITOR_RECTS"; ++ struct xwl_emulated_mode *emulated_mode; ++ struct xwl_output *xwl_output; ++ int index = 0; ++ ++ prop->atom = MakeAtom(atom_name, strlen(atom_name), TRUE); ++ ++ xorg_list_for_each_entry(xwl_output, &xwl_screen->output_list, link) { ++ emulated_mode = xwl_output_get_emulated_mode_for_client(xwl_output, client); ++ if (!emulated_mode) ++ continue; ++ ++ prop->rects[index][0] = xwl_output->x; ++ prop->rects[index][1] = xwl_output->y; ++ prop->rects[index][2] = emulated_mode->width; ++ prop->rects[index][3] = emulated_mode->height; ++ index++; ++ } ++ ++ prop->rect_count = index; ++} ++ ++static void ++xwl_output_set_randr_emu_prop(WindowPtr window, ++ struct xwl_output_randr_emu_prop *prop) ++{ ++ if (!xwl_window_is_toplevel(window)) ++ return; ++ ++ if (prop->rect_count) { ++ dixChangeWindowProperty(serverClient, window, prop->atom, ++ XA_CARDINAL, 32, PropModeReplace, ++ prop->rect_count * 4, prop->rects, TRUE); ++ } else { ++ DeleteProperty(serverClient, window, prop->atom); ++ } ++} ++ ++static void ++xwl_output_set_randr_emu_prop_callback(void *resource, XID id, void *user_data) ++{ ++ xwl_output_set_randr_emu_prop(resource, user_data); ++} ++ ++static void ++xwl_output_set_randr_emu_props(struct xwl_screen *xwl_screen, ClientPtr client) ++{ ++ struct xwl_output_randr_emu_prop prop = {}; ++ ++ xwl_output_randr_emu_prop(xwl_screen, client, &prop); ++ FindClientResourcesByType(client, RT_WINDOW, ++ xwl_output_set_randr_emu_prop_callback, &prop); ++} ++ ++void ++xwl_output_set_window_randr_emu_props(struct xwl_screen *xwl_screen, ++ WindowPtr window) ++{ ++ struct xwl_output_randr_emu_prop prop = {}; ++ ++ xwl_output_randr_emu_prop(xwl_screen, wClient(window), &prop); ++ xwl_output_set_randr_emu_prop(window, &prop); ++} ++ + void + xwl_output_set_emulated_mode(struct xwl_output *xwl_output, ClientPtr client, + RRModePtr mode, Bool from_vidmode) +@@ -405,6 +480,8 @@ xwl_output_set_emulated_mode(struct xwl_output *xwl_output, ClientPtr client, + xwl_output_add_emulated_mode_for_client(xwl_output, client, mode, from_vidmode); + + xwl_screen_check_resolution_change_emulation(xwl_output->xwl_screen); ++ ++ xwl_output_set_randr_emu_props(xwl_output->xwl_screen, client); + } + + static void +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index 9175396f7..32442d88e 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -679,6 +679,27 @@ xwl_screen_check_resolution_change_emulation(struct xwl_screen *xwl_screen) + xwl_window_check_resolution_change_emulation(xwl_window); + } + ++/* This checks if the passed in Window is a toplevel client window, note this ++ * returns false for window-manager decoration windows and returns true for ++ * the actual client top-level window even if it has been reparented to ++ * a window-manager decoration window. ++ */ ++Bool ++xwl_window_is_toplevel(WindowPtr window) ++{ ++ struct xwl_screen *xwl_screen = xwl_screen_get(window->drawable.pScreen); ++ ++ if (xwl_screen_client_is_window_manager(xwl_screen, wClient(window))) ++ return FALSE; ++ ++ /* CSD and override-redirect toplevel windows */ ++ if (window_get_damage(window)) ++ return TRUE; ++ ++ /* Normal toplevel client windows, reparented to decoration window */ ++ return (window->parent && window_get_damage(window->parent)); ++} ++ + static void + xwl_window_init_allow_commits(struct xwl_window *xwl_window) + { +@@ -844,6 +865,8 @@ xwl_realize_window(WindowPtr window) + return FALSE; + } + ++ xwl_output_set_window_randr_emu_props(xwl_screen, window); ++ + return ensure_surface_for_window(window); + } + +diff --git a/hw/xwayland/xwayland.h b/hw/xwayland/xwayland.h +index 36c4c4c8b..1317ae5bb 100644 +--- a/hw/xwayland/xwayland.h ++++ b/hw/xwayland/xwayland.h +@@ -420,6 +420,7 @@ Bool xwl_screen_has_resolution_change_emulation(struct xwl_screen *xwl_screen); + struct xwl_output *xwl_screen_get_first_output(struct xwl_screen *xwl_screen); + void xwl_screen_check_resolution_change_emulation(struct xwl_screen *xwl_screen); + Bool xwl_window_has_viewport_enabled(struct xwl_window *xwl_window); ++Bool xwl_window_is_toplevel(WindowPtr window); + + void xwl_tablet_tool_set_cursor(struct xwl_tablet_tool *tool); + void xwl_seat_set_cursor(struct xwl_seat *xwl_seat); +@@ -458,6 +459,8 @@ RRModePtr xwl_output_find_mode(struct xwl_output *xwl_output, + void xwl_output_set_emulated_mode(struct xwl_output *xwl_output, + ClientPtr client, RRModePtr mode, + Bool from_vidmode); ++void xwl_output_set_window_randr_emu_props(struct xwl_screen *xwl_screen, ++ WindowPtr window); + + RRModePtr xwayland_cvt(int HDisplay, int VDisplay, + float VRefresh, Bool Reduced, Bool Interlaced); +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0014-xwayland-Cache-client-id-for-the-window-manager-clie.patch b/SPECS-EXTENDED/xorg-x11-server/0014-xwayland-Cache-client-id-for-the-window-manager-clie.patch new file mode 100644 index 0000000000..55f14d63e8 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0014-xwayland-Cache-client-id-for-the-window-manager-clie.patch @@ -0,0 +1,137 @@ +From 12a0f852e3276cb5c60e44b8b0d6ddd97975fd42 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Mon, 27 Jan 2020 11:08:00 +0100 +Subject: [PATCH xserver 14/25] xwayland: Cache client-id for the + window-manager client + +Instead of iterating over all clients which are listening for events on the +root window and checking if the client we are dealing with is the one +listening for SubstructureRedirectMask | ResizeRedirectMask events and thus +is the window-manager, cache the client-id of the window-manager in +xwl_screen and use that when checking if a client is the window-manager. + +Note that we cache and compare the client-id rather then the ClienPtr, +this saves reading the ClientPtr from the global clients array when doing +the comparison. + +Suggested-by: Olivier Fourdan +Acked-by: Olivier Fourdan +Signed-off-by: Hans de Goede +(cherry picked from commit ded89300c1dd541f59fe6e93c5c69d7fe7088244) +--- + hw/xwayland/xwayland.c | 48 ++++++++++++++++++++++++++++-------------- + hw/xwayland/xwayland.h | 2 ++ + 2 files changed, 34 insertions(+), 16 deletions(-) + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index 32442d88e..f99cdf81f 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -565,20 +565,11 @@ xwl_window_enable_viewport(struct xwl_window *xwl_window, + } + + static Bool +-xwl_screen_client_is_window_manager(struct xwl_screen *xwl_screen, +- ClientPtr client) ++window_is_wm_window(WindowPtr window) + { +- WindowPtr root = xwl_screen->screen->root; +- OtherClients *others; +- +- for (others = wOtherClients(root); others; others = others->next) { +- if (SameClient(others, client)) { +- if (others->mask & (SubstructureRedirectMask | ResizeRedirectMask)) +- return TRUE; +- } +- } ++ struct xwl_screen *xwl_screen = xwl_screen_get(window->drawable.pScreen); + +- return FALSE; ++ return CLIENT_ID(window->drawable.id) == xwl_screen->wm_client_id; + } + + static ClientPtr +@@ -592,7 +583,7 @@ xwl_window_get_owner(struct xwl_window *xwl_window) + * decoration window. In that case return the client of the + * first *and only* child of the toplevel (decoration) window. + */ +- if (xwl_screen_client_is_window_manager(xwl_window->xwl_screen, client)) { ++ if (window_is_wm_window(window)) { + if (window->firstChild && window->firstChild == window->lastChild) + return wClient(window->firstChild); + else +@@ -687,9 +678,7 @@ xwl_screen_check_resolution_change_emulation(struct xwl_screen *xwl_screen) + Bool + xwl_window_is_toplevel(WindowPtr window) + { +- struct xwl_screen *xwl_screen = xwl_screen_get(window->drawable.pScreen); +- +- if (xwl_screen_client_is_window_manager(xwl_screen, wClient(window))) ++ if (window_is_wm_window(window)) + return FALSE; + + /* CSD and override-redirect toplevel windows */ +@@ -964,6 +953,30 @@ xwl_set_window_pixmap(WindowPtr window, + ensure_surface_for_window(window); + } + ++static Bool ++xwl_change_window_attributes(WindowPtr window, unsigned long mask) ++{ ++ ScreenPtr screen = window->drawable.pScreen; ++ struct xwl_screen *xwl_screen = xwl_screen_get(screen); ++ OtherClients *others; ++ Bool ret; ++ ++ screen->ChangeWindowAttributes = xwl_screen->ChangeWindowAttributes; ++ ret = (*screen->ChangeWindowAttributes) (window, mask); ++ xwl_screen->ChangeWindowAttributes = screen->ChangeWindowAttributes; ++ screen->ChangeWindowAttributes = xwl_change_window_attributes; ++ ++ if (window != screen->root || !(mask & CWEventMask)) ++ return ret; ++ ++ for (others = wOtherClients(window); others; others = others->next) { ++ if (others->mask & (SubstructureRedirectMask | ResizeRedirectMask)) ++ xwl_screen->wm_client_id = CLIENT_ID(others->resource); ++ } ++ ++ return ret; ++} ++ + static void + xwl_resize_window(WindowPtr window, + int x, int y, +@@ -1568,6 +1581,9 @@ xwl_screen_init(ScreenPtr pScreen, int argc, char **argv) + xwl_screen->CloseScreen = pScreen->CloseScreen; + pScreen->CloseScreen = xwl_close_screen; + ++ xwl_screen->ChangeWindowAttributes = pScreen->ChangeWindowAttributes; ++ pScreen->ChangeWindowAttributes = xwl_change_window_attributes; ++ + xwl_screen->ResizeWindow = pScreen->ResizeWindow; + pScreen->ResizeWindow = xwl_resize_window; + +diff --git a/hw/xwayland/xwayland.h b/hw/xwayland/xwayland.h +index 1317ae5bb..f5ffadfcc 100644 +--- a/hw/xwayland/xwayland.h ++++ b/hw/xwayland/xwayland.h +@@ -118,6 +118,7 @@ struct xwl_screen { + int height; + int depth; + ScreenPtr screen; ++ int wm_client_id; + int expecting_event; + enum RootClipMode root_clip_mode; + +@@ -135,6 +136,7 @@ struct xwl_screen { + DestroyWindowProcPtr DestroyWindow; + XYToWindowProcPtr XYToWindow; + SetWindowPixmapProcPtr SetWindowPixmap; ++ ChangeWindowAttributesProcPtr ChangeWindowAttributes; + ResizeWindowProcPtr ResizeWindow; + + struct xorg_list output_list; +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0015-xwayland-Reuse-viewport-instead-of-recreating.patch b/SPECS-EXTENDED/xorg-x11-server/0015-xwayland-Reuse-viewport-instead-of-recreating.patch new file mode 100644 index 0000000000..c11d0c0ab2 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0015-xwayland-Reuse-viewport-instead-of-recreating.patch @@ -0,0 +1,50 @@ +From 5448ffeb9b06d20e821174c04d2280933e3ca993 Mon Sep 17 00:00:00 2001 +From: Roman Gilg +Date: Fri, 3 Jan 2020 17:12:14 +0100 +Subject: [PATCH xserver 15/25] xwayland: Reuse viewport instead of recreating + +When a viewport is already created we can reuse this object instead of +destroying it and getting a new one for updating the source rectangle and +destination size. + +Signed-off-by: Roman Gilg +Reviewed-by: Hans de Goede +Acked-by: Olivier Fourdan +Signed-off-by: Hans de Goede +(cherry picked from commit 948e02872feb641a176b3af82b6ef1201c97bb16) +--- + hw/xwayland/xwayland.c | 18 +++++++----------- + 1 file changed, 7 insertions(+), 11 deletions(-) + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index f99cdf81f..8de3dd36b 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -539,17 +539,13 @@ xwl_window_enable_viewport(struct xwl_window *xwl_window, + struct xwl_output *xwl_output, + struct xwl_emulated_mode *emulated_mode) + { +- /* If necessary disable old viewport to apply new settings */ +- if (xwl_window_has_viewport_enabled(xwl_window)) +- xwl_window_disable_viewport(xwl_window); +- +- DebugF("XWAYLAND: enabling viewport %dx%d -> %dx%d\n", +- emulated_mode->width, emulated_mode->height, +- xwl_output->width, xwl_output->height); +- +- xwl_window->viewport = +- wp_viewporter_get_viewport(xwl_window->xwl_screen->viewporter, +- xwl_window->surface); ++ if (!xwl_window_has_viewport_enabled(xwl_window)) { ++ DebugF("XWAYLAND: enabling viewport %dx%d -> %dx%d\n", ++ emulated_mode->width, emulated_mode->height, ++ xwl_output->width, xwl_output->height); ++ xwl_window->viewport = wp_viewporter_get_viewport(xwl_window->xwl_screen->viewporter, ++ xwl_window->surface); ++ } + + wp_viewport_set_source(xwl_window->viewport, + wl_fixed_from_int(0), +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0016-xwayland-Recurse-on-finding-the-none-wm-owner.patch b/SPECS-EXTENDED/xorg-x11-server/0016-xwayland-Recurse-on-finding-the-none-wm-owner.patch new file mode 100644 index 0000000000..af33a867b9 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0016-xwayland-Recurse-on-finding-the-none-wm-owner.patch @@ -0,0 +1,81 @@ +From 2896f732af4c74f124d767808a24005342d8f125 Mon Sep 17 00:00:00 2001 +From: Roman Gilg +Date: Fri, 3 Jan 2020 17:27:28 +0100 +Subject: [PATCH xserver 16/25] xwayland: Recurse on finding the none-wm owner + +An X11 window manager might add a chain of parent windows when reparenting to a +decoration window. + +That is for example the case for KWin, which reparents client windows to one +decoration and another wrapper parent window. + +Account for that by a recursion into the tree. For now assume as before that +all X11 window managers reparent with one child only for these parent windows. + +Changes by Hans de Goede: +- Move the xwl_window_is_toplevel() from a later patch in this series here + as it really belongs together with these changes +- Drop no longer necessary xwl_window argument from window_get_none_wm_owner + parameters + +Signed-off-by: Roman Gilg +Reviewed-by: Hans de Goede +Acked-by: Olivier Fourdan +Signed-off-by: Hans de Goede +(cherry picked from commit a69f7fbb54efc8ffad320c8afd23cb41fc9edc27) +--- + hw/xwayland/xwayland.c | 17 ++++++++--------- + 1 file changed, 8 insertions(+), 9 deletions(-) + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index 8de3dd36b..c38c4180b 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -569,19 +569,18 @@ window_is_wm_window(WindowPtr window) + } + + static ClientPtr +-xwl_window_get_owner(struct xwl_window *xwl_window) ++window_get_none_wm_owner(WindowPtr window) + { +- WindowPtr window = xwl_window->window; + ClientPtr client = wClient(window); + + /* If the toplevel window is owned by the window-manager, then the +- * actual client toplevel window has been reparented to a window-manager +- * decoration window. In that case return the client of the +- * first *and only* child of the toplevel (decoration) window. ++ * actual client toplevel window has been reparented to some window-manager ++ * decoration/wrapper windows. In that case recurse by checking the client ++ * of the first *and only* child of the decoration/wrapper window. + */ + if (window_is_wm_window(window)) { + if (window->firstChild && window->firstChild == window->lastChild) +- return wClient(window->firstChild); ++ return window_get_none_wm_owner(window->firstChild); + else + return NULL; /* Should never happen, skip resolution emulation */ + } +@@ -602,7 +601,7 @@ xwl_window_should_enable_viewport(struct xwl_window *xwl_window, + if (!xwl_screen_has_resolution_change_emulation(xwl_screen)) + return FALSE; + +- owner = xwl_window_get_owner(xwl_window); ++ owner = window_get_none_wm_owner(xwl_window->window); + if (!owner) + return FALSE; + +@@ -681,8 +680,8 @@ xwl_window_is_toplevel(WindowPtr window) + if (window_get_damage(window)) + return TRUE; + +- /* Normal toplevel client windows, reparented to decoration window */ +- return (window->parent && window_get_damage(window->parent)); ++ /* Normal toplevel client windows, reparented to a window-manager window */ ++ return window->parent && window_is_wm_window(window->parent); + } + + static void +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0017-xwayland-Make-window_get_none_wm_owner-return-a-Wind.patch b/SPECS-EXTENDED/xorg-x11-server/0017-xwayland-Make-window_get_none_wm_owner-return-a-Wind.patch new file mode 100644 index 0000000000..58a9c4d997 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0017-xwayland-Make-window_get_none_wm_owner-return-a-Wind.patch @@ -0,0 +1,82 @@ +From dd83985179b4a3c2613c96922eafeea40e21b7d2 Mon Sep 17 00:00:00 2001 +From: Roman Gilg +Date: Wed, 15 Jan 2020 10:07:58 +0100 +Subject: [PATCH xserver 17/25] xwayland: Make window_get_none_wm_owner return + a Window instead of a Client + +Make window_get_none_wm_owner return the first non-wm-window instead of the +owner (client) of the first non-wm-window and rename it to +window_get_client_toplevel to match its new behavior. + +This is a preparation patch for switching to using the drawable coordinates +in xwl_window_should_enable_viewport() + +Changes by Hans de Goede: +- Split this change out into a separate patch for easier reviewing +- Rename window_get_none_wm_owner to window_get_client_toplevel to match + its new behavior + +Signed-off-by: Roman Gilg +Acked-by: Olivier Fourdan +Signed-off-by: Hans de Goede +(cherry picked from commit 060f10062eb1761515b762b46cba56c7a53db72c) +--- + hw/xwayland/xwayland.c | 17 ++++++++++------- + 1 file changed, 10 insertions(+), 7 deletions(-) + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index c38c4180b..b3b80beae 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -568,10 +568,10 @@ window_is_wm_window(WindowPtr window) + return CLIENT_ID(window->drawable.id) == xwl_screen->wm_client_id; + } + +-static ClientPtr +-window_get_none_wm_owner(WindowPtr window) ++static WindowPtr ++window_get_client_toplevel(WindowPtr window) + { +- ClientPtr client = wClient(window); ++ assert(window); + + /* If the toplevel window is owned by the window-manager, then the + * actual client toplevel window has been reparented to some window-manager +@@ -580,12 +580,12 @@ window_get_none_wm_owner(WindowPtr window) + */ + if (window_is_wm_window(window)) { + if (window->firstChild && window->firstChild == window->lastChild) +- return window_get_none_wm_owner(window->firstChild); ++ return window_get_client_toplevel(window->firstChild); + else + return NULL; /* Should never happen, skip resolution emulation */ + } + +- return client; ++ return window; + } + + static Bool +@@ -597,14 +597,17 @@ xwl_window_should_enable_viewport(struct xwl_window *xwl_window, + struct xwl_emulated_mode *emulated_mode; + struct xwl_output *xwl_output; + ClientPtr owner; ++ WindowPtr window; + + if (!xwl_screen_has_resolution_change_emulation(xwl_screen)) + return FALSE; + +- owner = window_get_none_wm_owner(xwl_window->window); +- if (!owner) ++ window = window_get_client_toplevel(xwl_window->window); ++ if (!window) + return FALSE; + ++ owner = wClient(window); ++ + /* 1. Test if the window matches the emulated mode on one of the outputs + * This path gets hit by most games / libs (e.g. SDL, SFML, OGRE) + */ +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0018-xwayland-Check-emulation-on-client-toplevel-resize.patch b/SPECS-EXTENDED/xorg-x11-server/0018-xwayland-Check-emulation-on-client-toplevel-resize.patch new file mode 100644 index 0000000000..ea8a8756c9 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0018-xwayland-Check-emulation-on-client-toplevel-resize.patch @@ -0,0 +1,121 @@ +From be8c65e84dc4bee97bd0115a89c037fb47053d4c Mon Sep 17 00:00:00 2001 +From: Roman Gilg +Date: Fri, 3 Jan 2020 17:55:28 +0100 +Subject: [PATCH xserver 18/25] xwayland: Check emulation on client toplevel + resize + +When a reparented window is resized directly check the emulation instead of +doing this only when the window manager parent window is resized, what might +never happen. + +For that to work we need to make sure that we compare the current size of the +client toplevel when looking for an emulated mode. + +Changes by Hans de Goede: +- Remove xwl_window x, y, width and height members as those are no longer used. +- Add check for xwl_window_from_window() returning NULL. + +Signed-off-by: Roman Gilg +Acked-by: Olivier Fourdan +Signed-off-by: Hans de Goede +(cherry picked from commit 6d98f840da6dfcf2a69e03a1b3fa0bf602ba1f27) +--- + hw/xwayland/xwayland.c | 27 +++++++++++---------------- + hw/xwayland/xwayland.h | 1 - + 2 files changed, 11 insertions(+), 17 deletions(-) + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index b3b80beae..b2e46336c 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -598,6 +598,7 @@ xwl_window_should_enable_viewport(struct xwl_window *xwl_window, + struct xwl_output *xwl_output; + ClientPtr owner; + WindowPtr window; ++ DrawablePtr drawable; + + if (!xwl_screen_has_resolution_change_emulation(xwl_screen)) + return FALSE; +@@ -607,6 +608,7 @@ xwl_window_should_enable_viewport(struct xwl_window *xwl_window, + return FALSE; + + owner = wClient(window); ++ drawable = &window->drawable; + + /* 1. Test if the window matches the emulated mode on one of the outputs + * This path gets hit by most games / libs (e.g. SDL, SFML, OGRE) +@@ -616,10 +618,10 @@ xwl_window_should_enable_viewport(struct xwl_window *xwl_window, + if (!emulated_mode) + continue; + +- if (xwl_window->x == xwl_output->x && +- xwl_window->y == xwl_output->y && +- xwl_window->width == emulated_mode->width && +- xwl_window->height == emulated_mode->height) { ++ if (drawable->x == xwl_output->x && ++ drawable->y == xwl_output->y && ++ drawable->width == emulated_mode->width && ++ drawable->height == emulated_mode->height) { + + *emulated_mode_ret = emulated_mode; + *xwl_output_ret = xwl_output; +@@ -635,9 +637,9 @@ xwl_window_should_enable_viewport(struct xwl_window *xwl_window, + emulated_mode = xwl_output_get_emulated_mode_for_client(xwl_output, owner); + if (xwl_output && xwl_window->window->overrideRedirect && + emulated_mode && emulated_mode->from_vidmode && +- xwl_window->x == 0 && xwl_window->y == 0 && +- xwl_window->width == xwl_screen->width && +- xwl_window->height == xwl_screen->height) { ++ drawable->x == 0 && drawable->y == 0 && ++ drawable->width == xwl_screen->width && ++ drawable->height == xwl_screen->height) { + + *emulated_mode_ret = emulated_mode; + *xwl_output_ret = xwl_output; +@@ -757,8 +759,6 @@ ensure_surface_for_window(WindowPtr window) + + xwl_window->xwl_screen = xwl_screen; + xwl_window->window = window; +- xwl_window->width = window->drawable.width; +- xwl_window->height = window->drawable.height; + xwl_window->surface = wl_compositor_create_surface(xwl_screen->compositor); + if (xwl_window->surface == NULL) { + ErrorF("wl_display_create_surface failed\n"); +@@ -986,20 +986,15 @@ xwl_resize_window(WindowPtr window, + struct xwl_window *xwl_window; + + xwl_screen = xwl_screen_get(screen); +- xwl_window = xwl_window_get(window); ++ xwl_window = xwl_window_from_window(window); + + screen->ResizeWindow = xwl_screen->ResizeWindow; + (*screen->ResizeWindow) (window, x, y, width, height, sib); + xwl_screen->ResizeWindow = screen->ResizeWindow; + screen->ResizeWindow = xwl_resize_window; + +- if (xwl_window) { +- xwl_window->x = x; +- xwl_window->y = y; +- xwl_window->width = width; +- xwl_window->height = height; ++ if (xwl_window && xwl_window_is_toplevel(window)) + xwl_window_check_resolution_change_emulation(xwl_window); +- } + } + + static void +diff --git a/hw/xwayland/xwayland.h b/hw/xwayland/xwayland.h +index f5ffadfcc..0d0baac9b 100644 +--- a/hw/xwayland/xwayland.h ++++ b/hw/xwayland/xwayland.h +@@ -184,7 +184,6 @@ struct xwl_window { + struct xwl_screen *xwl_screen; + struct wl_surface *surface; + struct wp_viewport *viewport; +- int32_t x, y, width, height; + float scale_x, scale_y; + struct wl_shell_surface *shell_surface; + WindowPtr window; +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0019-xwayland-Also-check-resolution-change-emulation-when.patch b/SPECS-EXTENDED/xorg-x11-server/0019-xwayland-Also-check-resolution-change-emulation-when.patch new file mode 100644 index 0000000000..a9c5e721c8 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0019-xwayland-Also-check-resolution-change-emulation-when.patch @@ -0,0 +1,45 @@ +From 555e00dbf71d7c5b792bacd789cdde9c42203ff1 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Wed, 15 Jan 2020 14:36:45 +0100 +Subject: [PATCH xserver 19/25] xwayland: Also check + resolution-change-emulation when the xwl_window itself moves + +The recent change to use the top-level non-window-manager Window drawable +coordinates from xwl_window_check_resolution_change_emulation() in +combination with only calling it on a resize when the top-level window +is moved breaks things with mutter/gnome-shell. + +When fullscreening a X11 window, mutter moves its window-decoration Window +wrapping the top-level Window to the monitor's origin coordinates (e.g. 0x0) +last. This updates the top-level's drawable coordinates, but as the +actual MoveWindow is called on the wrapper Window and not on the toplevel +we do not call xwl_window_check_resolution_change_emulation() and we never +enable the viewport. + +This commit fixes this by also calling +xwl_window_check_resolution_change_emulation() if the Window being moved +is an xwl_window itself. + +Acked-by: Olivier Fourdan +Signed-off-by: Hans de Goede +(cherry picked from commit 4fc107460a349a1a46f0e5251e6fd2a31f4c0428) +--- + hw/xwayland/xwayland.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index b2e46336c..e07dabcfa 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -993,7 +993,7 @@ xwl_resize_window(WindowPtr window, + xwl_screen->ResizeWindow = screen->ResizeWindow; + screen->ResizeWindow = xwl_resize_window; + +- if (xwl_window && xwl_window_is_toplevel(window)) ++ if (xwl_window && (xwl_window_get(window) || xwl_window_is_toplevel(window))) + xwl_window_check_resolution_change_emulation(xwl_window); + } + +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0020-xwayland-Also-hook-screen-s-MoveWindow-method.patch b/SPECS-EXTENDED/xorg-x11-server/0020-xwayland-Also-hook-screen-s-MoveWindow-method.patch new file mode 100644 index 0000000000..4d66a7a473 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0020-xwayland-Also-hook-screen-s-MoveWindow-method.patch @@ -0,0 +1,83 @@ +From 46ccf740dc5e81d84b2e8c19f6211eaf1d8d06de Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Thu, 9 Jan 2020 11:00:36 +0100 +Subject: [PATCH xserver 20/25] xwayland: Also hook screen's MoveWindow method + +Not only hook the ResizeWindow method of the screen (which really is +MoveAndResize) but also hook the MoveWindow method for checking if we +need to setup a viewport for resolution change emulation. + +Our resolution change emulation check if the windows origin matches +the monitors origin and the windows origin can also be changed by just +a move without being resized. + +Also checking on a move becomes esp. important when we move to checking +on changes to the top-level non-window-manager client (X11)Window instead +of on changes to the xwl_window later on in this patch series. + +Acked-by: Olivier Fourdan +Signed-off-by: Hans de Goede +(cherry picked from commit 10df0437a2b142e61c4d84ffffa9592ac6846ef1) +--- + hw/xwayland/xwayland.c | 25 +++++++++++++++++++++++++ + hw/xwayland/xwayland.h | 1 + + 2 files changed, 26 insertions(+) + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index e07dabcfa..4f19f3710 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -997,6 +997,28 @@ xwl_resize_window(WindowPtr window, + xwl_window_check_resolution_change_emulation(xwl_window); + } + ++static void ++xwl_move_window(WindowPtr window, ++ int x, int y, ++ WindowPtr next_sib, ++ VTKind kind) ++{ ++ ScreenPtr screen = window->drawable.pScreen; ++ struct xwl_screen *xwl_screen; ++ struct xwl_window *xwl_window; ++ ++ xwl_screen = xwl_screen_get(screen); ++ xwl_window = xwl_window_from_window(window); ++ ++ screen->MoveWindow = xwl_screen->MoveWindow; ++ (*screen->MoveWindow) (window, x, y, next_sib, kind); ++ xwl_screen->MoveWindow = screen->MoveWindow; ++ screen->MoveWindow = xwl_move_window; ++ ++ if (xwl_window && (xwl_window_get(window) || xwl_window_is_toplevel(window))) ++ xwl_window_check_resolution_change_emulation(xwl_window); ++} ++ + static void + frame_callback(void *data, + struct wl_callback *callback, +@@ -1580,6 +1602,9 @@ xwl_screen_init(ScreenPtr pScreen, int argc, char **argv) + xwl_screen->ResizeWindow = pScreen->ResizeWindow; + pScreen->ResizeWindow = xwl_resize_window; + ++ xwl_screen->MoveWindow = pScreen->MoveWindow; ++ pScreen->MoveWindow = xwl_move_window; ++ + if (xwl_screen->rootless) { + xwl_screen->SetWindowPixmap = pScreen->SetWindowPixmap; + pScreen->SetWindowPixmap = xwl_set_window_pixmap; +diff --git a/hw/xwayland/xwayland.h b/hw/xwayland/xwayland.h +index 0d0baac9b..451c08e23 100644 +--- a/hw/xwayland/xwayland.h ++++ b/hw/xwayland/xwayland.h +@@ -138,6 +138,7 @@ struct xwl_screen { + SetWindowPixmapProcPtr SetWindowPixmap; + ChangeWindowAttributesProcPtr ChangeWindowAttributes; + ResizeWindowProcPtr ResizeWindow; ++ MoveWindowProcPtr MoveWindow; + + struct xorg_list output_list; + struct xorg_list seat_list; +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0021-xwayland-Fix-emulated-modes-not-being-removed-when-s.patch b/SPECS-EXTENDED/xorg-x11-server/0021-xwayland-Fix-emulated-modes-not-being-removed-when-s.patch new file mode 100644 index 0000000000..b5f3daca11 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0021-xwayland-Fix-emulated-modes-not-being-removed-when-s.patch @@ -0,0 +1,63 @@ +From d64f12d119e4abe3ef337741bf7b38f8de2f9da9 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Mon, 7 Oct 2019 14:27:49 +0200 +Subject: [PATCH xserver 21/25] xwayland: Fix emulated modes not being removed + when screen rotation is used + +The code building the mode-list does the following to deal with screen +rotation: + + if (need_rotate || xwl_output->rotation & (RR_Rotate_0 | RR_Rotate_180)) { + mode_width = xwl_output->width; + mode_height = xwl_output->height; + } else { + mode_width = xwl_output->height; + mode_height = xwl_output->width; + } + +This means we need to do something similar in xwl_output_set_emulated_mode() +to determine if the mode being set is the actual (not-emulated) output mode +and we this should remove any emulated modes set by the client. + +All callers of xwl_output_set_emulated_mode always pass a mode pointer +to a member of xwl_output->randr_output->modes, so we do not need to +duplicate this code, instead we can simply check that the passed in mode +is modes[0] which always is the actual output mode. + +Acked-by: Olivier Fourdan +Signed-off-by: Hans de Goede +(cherry picked from commit 88342353de45e64f408c38bb10cd1506ba0f159a) +--- + hw/xwayland/xwayland-output.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/hw/xwayland/xwayland-output.c b/hw/xwayland/xwayland-output.c +index 0d6b9ac9f..4bc9cd6b8 100644 +--- a/hw/xwayland/xwayland-output.c ++++ b/hw/xwayland/xwayland-output.c +@@ -272,8 +272,11 @@ xwl_output_remove_emulated_mode_for_client(struct xwl_output *xwl_output, + struct xwl_emulated_mode *emulated_mode; + + emulated_mode = xwl_output_get_emulated_mode_for_client(xwl_output, client); +- if (emulated_mode) ++ if (emulated_mode) { ++ DebugF("XWAYLAND: xwl_output_remove_emulated_mode: %dx%d\n", ++ emulated_mode->width, emulated_mode->height); + memset(emulated_mode, 0, sizeof(*emulated_mode)); ++ } + } + + /* From hw/xfree86/common/xf86DefModeSet.c with some obscure modes dropped */ +@@ -474,7 +477,8 @@ xwl_output_set_emulated_mode(struct xwl_output *xwl_output, ClientPtr client, + from_vidmode ? "vidmode" : "randr", + mode->mode.width, mode->mode.height); + +- if (mode->mode.width == xwl_output->width && mode->mode.height == xwl_output->height) ++ /* modes[0] is the actual (not-emulated) output mode */ ++ if (mode == xwl_output->randr_output->modes[0]) + xwl_output_remove_emulated_mode_for_client(xwl_output, client); + else + xwl_output_add_emulated_mode_for_client(xwl_output, client, mode, from_vidmode); +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0022-xwayland-Call-xwl_window_check_resolution_change_emu.patch b/SPECS-EXTENDED/xorg-x11-server/0022-xwayland-Call-xwl_window_check_resolution_change_emu.patch new file mode 100644 index 0000000000..4f4c7f8f12 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0022-xwayland-Call-xwl_window_check_resolution_change_emu.patch @@ -0,0 +1,48 @@ +From 677fd1ade4547008b0d67eec460770e002595c3c Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Mon, 4 Nov 2019 11:46:49 +0100 +Subject: [PATCH xserver 22/25] xwayland: Call + xwl_window_check_resolution_change_emulation() on newly created O-R windows + +Some clients, which use vidmode to change the resolution when going fullscreen, +create an override-redirect window and never trigger the screen->ResizeWindow +callback we rely on to do the xwl_window_check_resolution_change_emulation(). + +This causes us to not apply a viewport to them, causing the fullscreen window +to not fill the entire monitor. + +This commit adds a call to xwl_window_check_resolution_change_emulation() +at the end of ensure_surface_for_window() to fix this. Note that +ensure_surface_for_window() exits early without creating an xwl_window +for new windows which will not be backed by a wayland surface and which +thus will not have an xwl_window. + +This fixes ClanLib-0.6.x and alleggl-4.4.x using apps not properly +fullscreening. + +Acked-by: Olivier Fourdan +Signed-off-by: Hans de Goede +(cherry picked from commit 4cfc2677f5c82ca5db0919de549b9b077f1ba113) +--- + hw/xwayland/xwayland.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index 4f19f3710..5bb7a68e9 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -808,6 +808,11 @@ ensure_surface_for_window(WindowPtr window) + + xwl_window_init_allow_commits(xwl_window); + ++ if (!window_is_wm_window(window)) { ++ /* CSD or O-R toplevel window, check viewport on creation */ ++ xwl_window_check_resolution_change_emulation(xwl_window); ++ } ++ + return TRUE; + + err_surf: +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0023-xwayland-Fix-setting-of-_XWAYLAND_RANDR_EMU_MONITOR_.patch b/SPECS-EXTENDED/xorg-x11-server/0023-xwayland-Fix-setting-of-_XWAYLAND_RANDR_EMU_MONITOR_.patch new file mode 100644 index 0000000000..4e15f4f313 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0023-xwayland-Fix-setting-of-_XWAYLAND_RANDR_EMU_MONITOR_.patch @@ -0,0 +1,76 @@ +From 049333a0ecf8574a0612bf27850f9682f0f70533 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Mon, 4 Nov 2019 14:32:29 +0100 +Subject: [PATCH xserver 23/25] xwayland: Fix setting of + _XWAYLAND_RANDR_EMU_MONITOR_RECTS prop on new windows + +For window-manager managed windows, xwl_realize_window is only called for +the window-manager's decoration window and not for the actual client window +on which we should set the _XWAYLAND_RANDR_EMU_MONITOR_RECTS prop. + +Usualy this is not a problem since we walk all client windows to update +the property when the resolution is changed through a randr call. + +But for apps which first do the randr change and only then create their +window this does not work, and our xwl_output_set_window_randr_emu_props +call in xwl_realize_window is a no-op as that is only called for the wm +decoration window and not for the actual client's window. + +This commit fixes this by making ensure_surface_for_window() call +xwl_output_set_window_randr_emu_props on the first and only child of +window-manager managed windows. + +Note this also removes the non-functional xwl_output_set_window_randr_emu_props +call from xwl_realize_window, which was intended to do this, but does not +work. + +This fixes apps using the ogre3d library always running at the +monitors native resolution. + +Acked-by: Olivier Fourdan +Signed-off-by: Hans de Goede +(cherry picked from commit 148f428dfccf606b932a00d5a00af06e8dca8a7e) +--- + hw/xwayland/xwayland.c | 12 +++++++++--- + 1 file changed, 9 insertions(+), 3 deletions(-) + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index 5bb7a68e9..1600c00cd 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -738,6 +738,7 @@ ensure_surface_for_window(WindowPtr window) + struct xwl_screen *xwl_screen; + struct xwl_window *xwl_window; + struct wl_region *region; ++ WindowPtr toplevel; + + if (xwl_window_from_window(window)) + return TRUE; +@@ -808,7 +809,14 @@ ensure_surface_for_window(WindowPtr window) + + xwl_window_init_allow_commits(xwl_window); + +- if (!window_is_wm_window(window)) { ++ /* When a new window-manager window is realized, then the randr emulation ++ * props may have not been set on the managed client window yet. ++ */ ++ if (window_is_wm_window(window)) { ++ toplevel = window_get_client_toplevel(window); ++ if (toplevel) ++ xwl_output_set_window_randr_emu_props(xwl_screen, toplevel); ++ } else { + /* CSD or O-R toplevel window, check viewport on creation */ + xwl_window_check_resolution_change_emulation(xwl_window); + } +@@ -857,8 +865,6 @@ xwl_realize_window(WindowPtr window) + return FALSE; + } + +- xwl_output_set_window_randr_emu_props(xwl_screen, window); +- + return ensure_surface_for_window(window); + } + +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0024-xwayland-Remove-unnecessary-xwl_window_is_toplevel-c.patch b/SPECS-EXTENDED/xorg-x11-server/0024-xwayland-Remove-unnecessary-xwl_window_is_toplevel-c.patch new file mode 100644 index 0000000000..ec778db550 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0024-xwayland-Remove-unnecessary-xwl_window_is_toplevel-c.patch @@ -0,0 +1,49 @@ +From f1d77ed7ac9ee9bc2f0cf60b0e4604bae092ebd0 Mon Sep 17 00:00:00 2001 +From: Hans de Goede +Date: Mon, 4 Nov 2019 15:01:18 +0100 +Subject: [PATCH xserver 24/25] xwayland: Remove unnecessary + xwl_window_is_toplevel() check from xwl_output_set_window_randr_emu_props() + +Since the recent fix to call xwl_output_set_window_randr_emu_props() from +ensure_surface_for_window(), it is now only called on a toplevel window, +so the is-toplevel check is not necessary for the +xwl_output_set_window_randr_emu_props() case. + +This commit moves the check to xwl_output_set_randr_emu_prop_callback() +so that we only do it when we are walking over all Windows of a client +to update the property on a change of the emulated resolution. + +Acked-by: Olivier Fourdan +Signed-off-by: Hans de Goede +(cherry picked from commit d4faab8708779df265239b203ed5f020bff681bf) +--- + hw/xwayland/xwayland-output.c | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/hw/xwayland/xwayland-output.c b/hw/xwayland/xwayland-output.c +index 4bc9cd6b8..9d3372c8e 100644 +--- a/hw/xwayland/xwayland-output.c ++++ b/hw/xwayland/xwayland-output.c +@@ -431,9 +431,6 @@ static void + xwl_output_set_randr_emu_prop(WindowPtr window, + struct xwl_output_randr_emu_prop *prop) + { +- if (!xwl_window_is_toplevel(window)) +- return; +- + if (prop->rect_count) { + dixChangeWindowProperty(serverClient, window, prop->atom, + XA_CARDINAL, 32, PropModeReplace, +@@ -446,7 +443,8 @@ xwl_output_set_randr_emu_prop(WindowPtr window, + static void + xwl_output_set_randr_emu_prop_callback(void *resource, XID id, void *user_data) + { +- xwl_output_set_randr_emu_prop(resource, user_data); ++ if (xwl_window_is_toplevel(resource)) ++ xwl_output_set_randr_emu_prop(resource, user_data); + } + + static void +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/0025-xwayland-Make-window_get_client_toplevel-non-recursi.patch b/SPECS-EXTENDED/xorg-x11-server/0025-xwayland-Make-window_get_client_toplevel-non-recursi.patch new file mode 100644 index 0000000000..4bf96dc2a9 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/0025-xwayland-Make-window_get_client_toplevel-non-recursi.patch @@ -0,0 +1,37 @@ +From b5c62ae463101712a2ed91e976b28af5d1e73064 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Michel=20D=C3=A4nzer?= +Date: Fri, 6 Nov 2020 10:14:19 +0100 +Subject: [PATCH xserver 25/25] xwayland: Make window_get_client_toplevel + non-recursive + +Noticed while reading the code. + +Reviewed-by: Olivier Fourdan +(cherry picked from commit df3aa4922fd7e256169e541188b724f67ca948e1) +--- + hw/xwayland/xwayland.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/hw/xwayland/xwayland.c b/hw/xwayland/xwayland.c +index 1600c00cd..a5756ea14 100644 +--- a/hw/xwayland/xwayland.c ++++ b/hw/xwayland/xwayland.c +@@ -578,11 +578,11 @@ window_get_client_toplevel(WindowPtr window) + * decoration/wrapper windows. In that case recurse by checking the client + * of the first *and only* child of the decoration/wrapper window. + */ +- if (window_is_wm_window(window)) { +- if (window->firstChild && window->firstChild == window->lastChild) +- return window_get_client_toplevel(window->firstChild); +- else ++ while (window_is_wm_window(window)) { ++ if (!window->firstChild || window->firstChild != window->lastChild) + return NULL; /* Should never happen, skip resolution emulation */ ++ ++ window = window->firstChild; + } + + return window; +-- +2.28.0 + diff --git a/SPECS-EXTENDED/xorg-x11-server/06_use-intel-only-on-pre-gen4.diff b/SPECS-EXTENDED/xorg-x11-server/06_use-intel-only-on-pre-gen4.diff new file mode 100644 index 0000000000..4994492f6d --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/06_use-intel-only-on-pre-gen4.diff @@ -0,0 +1,30 @@ +Description: Use intel ddx only on pre-gen4 hw, newer ones will fall back to modesetting +Author: Timo Aaltonen + +--- a/hw/xfree86/common/xf86pciBus.c ++++ b/hw/xfree86/common/xf86pciBus.c +@@ -1173,7 +1173,23 @@ xf86VideoPtrToDriverList(struct pci_devi + case 0x0bef: + /* Use fbdev/vesa driver on Oaktrail, Medfield, CDV */ + break; +- default: ++ /* Default to intel only on pre-gen4 chips */ ++ case 0x3577: ++ case 0x2562: ++ case 0x3582: ++ case 0x358e: ++ case 0x2572: ++ case 0x2582: ++ case 0x258a: ++ case 0x2592: ++ case 0x2772: ++ case 0x27a2: ++ case 0x27ae: ++ case 0x29b2: ++ case 0x29c2: ++ case 0x29d2: ++ case 0xa001: ++ case 0xa011: + driverList[0] = "intel"; + break; + } diff --git a/SPECS-EXTENDED/xorg-x11-server/10-quirks.conf b/SPECS-EXTENDED/xorg-x11-server/10-quirks.conf new file mode 100644 index 0000000000..47907d82de --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/10-quirks.conf @@ -0,0 +1,38 @@ +# Collection of quirks and blacklist/whitelists for specific devices. + + +# Accelerometer device, posts data through ABS_X/ABS_Y, making X unusable +# http://bugs.freedesktop.org/show_bug.cgi?id=22442 +Section "InputClass" + Identifier "ThinkPad HDAPS accelerometer blacklist" + MatchProduct "ThinkPad HDAPS accelerometer data" + Option "Ignore" "on" +EndSection + +# https://bugzilla.redhat.com/show_bug.cgi?id=523914 +# Mouse does not move in PV Xen guest +# Explicitly tell evdev to not ignore the absolute axes. +Section "InputClass" + Identifier "Xen Virtual Pointer axis blacklist" + MatchProduct "Xen Virtual Pointer" + Option "IgnoreAbsoluteAxes" "off" + Option "IgnoreRelativeAxes" "off" +EndSection + +# https://bugs.freedesktop.org/show_bug.cgi?id=55867 +# Bug 55867 - Doesn't know how to tag XI_TRACKBALL +Section "InputClass" + Identifier "Tag trackballs as XI_TRACKBALL" + MatchProduct "trackball" + MatchDriver "evdev" + Option "TypeName" "TRACKBALL" +EndSection + +# https://bugs.freedesktop.org/show_bug.cgi?id=62831 +# Bug 62831 - Mionix Naos 5000 mouse detected incorrectly +Section "InputClass" + Identifier "Tag Mionix Naos 5000 mouse XI_MOUSE" + MatchProduct "La-VIEW Technology Naos 5000 Mouse" + MatchDriver "evdev" + Option "TypeName" "MOUSE" +EndSection diff --git a/SPECS-EXTENDED/xorg-x11-server/CVE-2023-1594.patch b/SPECS-EXTENDED/xorg-x11-server/CVE-2023-1594.patch new file mode 100644 index 0000000000..0d859d6c15 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/CVE-2023-1594.patch @@ -0,0 +1,42 @@ +From 26ef545b3502f61ca722a7a3373507e88ef64110 Mon Sep 17 00:00:00 2001 +From: Olivier Fourdan +Date: Mon, 13 Mar 2023 11:08:47 +0100 +Subject: [PATCH] composite: Fix use-after-free of the COW + +ZDI-CAN-19866/CVE-2023-1393 + +If a client explicitly destroys the compositor overlay window (aka COW), +we would leave a dangling pointer to that window in the CompScreen +structure, which will trigger a use-after-free later. + +Make sure to clear the CompScreen pointer to the COW when the latter gets +destroyed explicitly by the client. + +This vulnerability was discovered by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative + +Signed-off-by: Olivier Fourdan +Reviewed-by: Adam Jackson +--- + composite/compwindow.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/composite/compwindow.c b/composite/compwindow.c +index 4e2494b86b..b30da589e9 100644 +--- a/composite/compwindow.c ++++ b/composite/compwindow.c +@@ -620,6 +620,11 @@ compDestroyWindow(WindowPtr pWin) + ret = (*pScreen->DestroyWindow) (pWin); + cs->DestroyWindow = pScreen->DestroyWindow; + pScreen->DestroyWindow = compDestroyWindow; ++ ++ /* Did we just destroy the overlay window? */ ++ if (pWin == cs->pOverlayWin) ++ cs->pOverlayWin = NULL; ++ + /* compCheckTree (pWin->drawable.pScreen); can't check -- tree isn't good*/ + return ret; + } +-- +GitLab + diff --git a/SPECS-EXTENDED/xorg-x11-server/driver-abi-rebuild.sh b/SPECS-EXTENDED/xorg-x11-server/driver-abi-rebuild.sh new file mode 100755 index 0000000000..693297b966 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/driver-abi-rebuild.sh @@ -0,0 +1,54 @@ +#!/bin/sh +# +# Trivial script to rebuild drivers for ABI changes in the server +# Run me after a new xserver has hit the buildroot + +builddir="abi-rebuild" + +if [ -e "$builddir" ]; then + echo "Path '$builddir' exists. Move out of the way first" + exit 1 +fi + +mkdir -p $builddir +pushd $builddir + +if git config --get remote.origin.url | grep -q redhat.com ; then + pkg=rhpkg +else + pkg=fedpkg +fi + +# figure out the branch we're on +branch=$(git branch | awk '/^\*/ { print $2 }' | grep -v '^master$') +if [ $branch ]; then + branch="-b $branch" +fi + +$pkg co $branch xorg-x11-drivers +pushd xorg-x11-drivers +driverlist=$(grep ^Requires *.spec | awk '{ print $2 }') +popd + +# Things not in -drivers for whatever reason... +extradrivers="xorg-x11-drv-ivtv" + +rm -rf xorg-x11-drivers +echo $driverlist $extradrivers | xargs -n1 $pkg co $branch + +for i in xorg-x11-drv-*/ ; do + [ -e $i/dead.package ] && continue + pushd $i + rpmdev-bumpspec -c "- 1.15 ABI rebuild" *.spec + $pkg commit -c -p && $pkg build --nowait + #$pkg mockbuild + #$pkg srpm + #mockchain -r fedora-20-x86_64 -l $OLDPWD + #mockchain -r rhel-7.0-candidate-x86_64 -l $OLDPWD + + popd +done + +popd + + diff --git a/SPECS-EXTENDED/xorg-x11-server/gitignore b/SPECS-EXTENDED/xorg-x11-server/gitignore new file mode 100644 index 0000000000..524cfc63b0 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/gitignore @@ -0,0 +1,306 @@ +Makefile +Makefile.in +.deps +.libs +.msg +*.lo +*.la +*.a +*.o +*~ +.*sw? +*.pbxuser +*.mode1v3 +obj* +build* +local +aclocal.m4 +autom4te.cache +compile +config.guess +config.log +config.status +config.sub +configure +configure.lineno +depcomp +install-sh +libtool +ltmain.sh +missing +TAGS +tags +ylwrap +xorg-server.pc +stamp-h? +do-not-use-config.h +do-not-use-config.h.in +afb/afbbltC.c +afb/afbbltCI.c +afb/afbbltG.c +afb/afbbltO.c +afb/afbbltX.c +afb/afbseg.c +afb/afbtileC.c +afb/afbtileG.c +cfb/cfb8lineCO.c +cfb/cfb8lineCP.c +cfb/cfb8lineG.c +cfb/cfb8lineX.c +cfb/cfb8segC.c +cfb/cfb8segCS.c +cfb/cfb8segX.c +cfb/cfb8setG.c +cfb/cfbbltC.c +cfb/cfbbltG.c +cfb/cfbbltO.c +cfb/cfbbltX.c +cfb/cfbfillarcC.c +cfb/cfbfillarcG.c +cfb/cfbglrop8.c +cfb/cfbply1rctC.c +cfb/cfbply1rctG.c +cfb/cfbseg.c +cfb/cfbsolidC.c +cfb/cfbsolidG.c +cfb/cfbsolidX.c +cfb/cfbtile32C.c +cfb/cfbtile32G.c +cfb/cfbtileoddC.c +cfb/cfbtileoddG.c +cfb/cfbzerarcC.c +cfb/cfbzerarcG.c +cfb/cfbzerarcX.c +cfb32/cfb8lineCO.c +cfb32/cfb8lineCP.c +cfb32/cfb8lineG.c +cfb32/cfb8lineX.c +cfb32/cfb8segC.c +cfb32/cfb8segCS.c +cfb32/cfb8segX.c +cfb32/cfb8setG.c +cfb32/cfbbltC.c +cfb32/cfbbltG.c +cfb32/cfbbltO.c +cfb32/cfbbltX.c +cfb32/cfbfillarcC.c +cfb32/cfbfillarcG.c +cfb32/cfbply1rctC.c +cfb32/cfbply1rctG.c +cfb32/cfbseg.c +cfb32/cfbsolidC.c +cfb32/cfbsolidG.c +cfb32/cfbsolidX.c +cfb32/cfbtile32C.c +cfb32/cfbtile32G.c +cfb32/cfbtileoddC.c +cfb32/cfbtileoddG.c +cfb32/cfbzerarcC.c +cfb32/cfbzerarcG.c +cfb32/cfbzerarcX.c +doc/Xserver.1x +doc/Xserver.man +hw/dmx/Xdmx +hw/dmx/Xdmx.1x +hw/dmx/config/dmxtodmx +hw/dmx/config/dmxtodmx.1x +hw/dmx/config/parser.c +hw/dmx/config/parser.h +hw/dmx/config/scanner.c +hw/dmx/config/vdltodmx +hw/dmx/config/vdltodmx.1x +hw/dmx/config/xdmxconfig +hw/dmx/config/xdmxconfig.1x +hw/dmx/examples/dmxaddinput +hw/dmx/examples/dmxaddscreen +hw/dmx/examples/dmxreconfig +hw/dmx/examples/dmxresize +hw/dmx/examples/dmxrminput +hw/dmx/examples/dmxrmscreen +hw/dmx/examples/dmxwininfo +hw/dmx/examples/ev +hw/dmx/examples/evi +hw/dmx/examples/res +hw/dmx/examples/xbell +hw/dmx/examples/xdmx +hw/dmx/examples/xinput +hw/dmx/examples/xled +hw/dmx/examples/xtest +hw/kdrive/ati/Xati +hw/kdrive/chips/Xchips +hw/kdrive/ephyr/Xephyr +hw/kdrive/epson/Xepson +hw/kdrive/fake/Xfake +hw/kdrive/fbdev/Xfbdev +hw/kdrive/i810/Xi810 +hw/kdrive/mach64/Xmach64 +hw/kdrive/mga/Xmga +hw/kdrive/neomagic/Xneomagic +hw/kdrive/nvidia/Xnvidia +hw/kdrive/pm2/Xpm2 +hw/kdrive/r128/Xr128 +hw/kdrive/sdl/Xsdl +hw/kdrive/sis300/Xsis +hw/kdrive/smi/Xsmi +hw/kdrive/vesa/Xvesa +hw/kdrive/via/Xvia +hw/vfb/Xvfb +hw/vfb/Xvfb.1x +hw/vfb/Xvfb.man +hw/xfree86/Xorg +hw/xfree86/common/xf86Build.h +hw/xfree86/common/xf86DefModeSet.c +hw/xfree86/doc/man/Xorg.1x +hw/xfree86/doc/man/Xorg.man +hw/xfree86/doc/man/xorg.conf.5x +hw/xfree86/doc/man/xorg.conf.man +hw/xfree86/exa/exa.4 +hw/xfree86/exa/exa.4x +hw/xfree86/exa/exa.man +hw/xfree86/fbdevhw/fbdevhw.4x +hw/xfree86/fbdevhw/fbdevhw.man +hw/xfree86/getconfig/cfg.man +hw/xfree86/getconfig/getconfig.1x +hw/xfree86/getconfig/getconfig.5x +hw/xfree86/getconfig/getconfig.man +hw/xfree86/os-support/xorgos.c +hw/xfree86/osandcommon.c +hw/xfree86/ramdac/xf86BitOrder.c +hw/xfree86/scanpci/xf86PciData.c +hw/xfree86/scanpci/xf86PciIds.h +hw/xfree86/utils/cvt/cvt +hw/xfree86/utils/cvt/cvt.man +hw/xfree86/utils/gtf/gtf +hw/xfree86/utils/gtf/gtf.1x +hw/xfree86/utils/gtf/gtf.man +hw/xfree86/utils/ioport/inb +hw/xfree86/utils/ioport/inl +hw/xfree86/utils/ioport/inw +hw/xfree86/utils/ioport/ioport +hw/xfree86/utils/ioport/outb +hw/xfree86/utils/ioport/outl +hw/xfree86/utils/ioport/outw +hw/xfree86/utils/pcitweak/pcitweak +hw/xfree86/utils/pcitweak/pcitweak.1x +hw/xfree86/utils/pcitweak/pcitweak.man +hw/xfree86/utils/scanpci/scanpci +hw/xfree86/utils/scanpci/scanpci.1x +hw/xfree86/utils/scanpci/scanpci.man +hw/xfree86/utils/xorgcfg/XOrgCfg +hw/xfree86/utils/xorgcfg/xorgcfg +hw/xfree86/utils/xorgcfg/xorgcfg.1x +hw/xfree86/utils/xorgcfg/xorgcfg.man +hw/xfree86/utils/xorgconfig/xorgconfig +hw/xfree86/utils/xorgconfig/xorgconfig.1x +hw/xfree86/utils/xorgconfig/xorgconfig.man +hw/xfree86/xaa/l-xaaBitmap.c +hw/xfree86/xaa/l-xaaStipple.c +hw/xfree86/xaa/l-xaaTEGlyph.c +hw/xfree86/xaa/l3-xaaBitmap.c +hw/xfree86/xaa/l3-xaaStipple.c +hw/xfree86/xaa/lf-xaaBitmap.c +hw/xfree86/xaa/lf-xaaStipple.c +hw/xfree86/xaa/lf-xaaTEGlyph.c +hw/xfree86/xaa/lf3-xaaBitmap.c +hw/xfree86/xaa/lf3-xaaStipple.c +hw/xfree86/xaa/m-xaaBitmap.c +hw/xfree86/xaa/m-xaaStipple.c +hw/xfree86/xaa/m-xaaTEGlyph.c +hw/xfree86/xaa/m3-xaaBitmap.c +hw/xfree86/xaa/m3-xaaStipple.c +hw/xfree86/xaa/mf-xaaBitmap.c +hw/xfree86/xaa/mf-xaaStipple.c +hw/xfree86/xaa/mf-xaaTEGlyph.c +hw/xfree86/xaa/mf3-xaaBitmap.c +hw/xfree86/xaa/mf3-xaaStipple.c +hw/xfree86/xaa/s-xaaDashLine.c +hw/xfree86/xaa/s-xaaLine.c +hw/xfree86/xf1bpp/maskbits.c +hw/xfree86/xf1bpp/mfbbitblt.c +hw/xfree86/xf1bpp/mfbbltC.c +hw/xfree86/xf1bpp/mfbbltCI.c +hw/xfree86/xf1bpp/mfbbltG.c +hw/xfree86/xf1bpp/mfbbltO.c +hw/xfree86/xf1bpp/mfbbltX.c +hw/xfree86/xf1bpp/mfbbres.c +hw/xfree86/xf1bpp/mfbbresd.c +hw/xfree86/xf1bpp/mfbclip.c +hw/xfree86/xf1bpp/mfbcmap.c +hw/xfree86/xf1bpp/mfbfillarc.c +hw/xfree86/xf1bpp/mfbfillrct.c +hw/xfree86/xf1bpp/mfbfillsp.c +hw/xfree86/xf1bpp/mfbfont.c +hw/xfree86/xf1bpp/mfbgc.c +hw/xfree86/xf1bpp/mfbgetsp.c +hw/xfree86/xf1bpp/mfbigbblak.c +hw/xfree86/xf1bpp/mfbigbwht.c +hw/xfree86/xf1bpp/mfbhrzvert.c +hw/xfree86/xf1bpp/mfbimage.c +hw/xfree86/xf1bpp/mfbline.c +hw/xfree86/xf1bpp/mfbmisc.c +hw/xfree86/xf1bpp/mfbpablack.c +hw/xfree86/xf1bpp/mfbpainv.c +hw/xfree86/xf1bpp/mfbpawhite.c +hw/xfree86/xf1bpp/mfbpgbblak.c +hw/xfree86/xf1bpp/mfbpgbinv.c +hw/xfree86/xf1bpp/mfbpgbwht.c +hw/xfree86/xf1bpp/mfbpixmap.c +hw/xfree86/xf1bpp/mfbplyblack.c +hw/xfree86/xf1bpp/mfbplyinv.c +hw/xfree86/xf1bpp/mfbplywhite.c +hw/xfree86/xf1bpp/mfbpntwin.c +hw/xfree86/xf1bpp/mfbpolypnt.c +hw/xfree86/xf1bpp/mfbpushpxl.c +hw/xfree86/xf1bpp/mfbscrclse.c +hw/xfree86/xf1bpp/mfbscrinit.c +hw/xfree86/xf1bpp/mfbseg.c +hw/xfree86/xf1bpp/mfbsetsp.c +hw/xfree86/xf1bpp/mfbteblack.c +hw/xfree86/xf1bpp/mfbtewhite.c +hw/xfree86/xf1bpp/mfbtileC.c +hw/xfree86/xf1bpp/mfbtileG.c +hw/xfree86/xf1bpp/mfbwindow.c +hw/xfree86/xf1bpp/mfbzerarc.c +hw/xfree86/xf4bpp/mfbseg.c +hw/xfree86/xf8_32bpp/cfbgc32.c +hw/xfree86/xf8_32bpp/cfbgc8.c +hw/xfree86/xorg.c +hw/xfree86/xorg.conf.example +hw/xfree86/xorg.conf.example.pre +hw/xnest/Xnest +hw/xnest/Xnest.1x +hw/xnest/Xnest.man +hw/xprint/Xprt +hw/xprint/config/C/print/Xprinters.ghostscript +hw/xprint/doc/Xprt.1x +hw/xprint/doc/Xprt.man +hw/xprint/dpmsstubs-wrapper.c +hw/xprint/miinitext-wrapper.c +include/dix-config.h +include/kdrive-config.h +include/xgl-config.h +include/xkb-config.h +include/xorg-config.h +include/xorg-server.h +include/xwin-config.h +mfb/mfbbltC.c +mfb/mfbbltCI.c +mfb/mfbbltG.c +mfb/mfbbltO.c +mfb/mfbbltX.c +mfb/mfbigbblak.c +mfb/mfbigbwht.c +mfb/mfbpablack.c +mfb/mfbpainv.c +mfb/mfbpawhite.c +mfb/mfbpgbblak.c +mfb/mfbpgbinv.c +mfb/mfbpgbwht.c +mfb/mfbplyblack.c +mfb/mfbplyinv.c +mfb/mfbplywhite.c +mfb/mfbseg.c +mfb/mfbteblack.c +mfb/mfbtewhite.c +mfb/mfbtileC.c +mfb/mfbtileG.c diff --git a/SPECS-EXTENDED/xorg-x11-server/xorg-x11-server.signatures.json b/SPECS-EXTENDED/xorg-x11-server/xorg-x11-server.signatures.json new file mode 100644 index 0000000000..867fd34d69 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/xorg-x11-server.signatures.json @@ -0,0 +1,12 @@ +{ + "Signatures": { + "10-quirks.conf": "7378f5d9f3f64871388009290fcb044835113b436a54cfc1510eedb4ada945de", + "driver-abi-rebuild.sh": "ba275bd4a3aea64eb62055006ff5ba9becfb1a78b23304f05da5dd0ae96acdd2", + "gitignore": "19f512b1e7e1e02376ce8952547fa9e1f6c3778d91242e71fe1a212595c4851f", + "xorg-server-1.20.10.tar.bz2": "977420c082450dc808de301ef56af4856d653eea71519a973c3490a780cb7c99", + "xserver-sdk-abi-requires.git": "733c2649992522f99870ecda49ddf97d42cc7fbefc66050b4727adc84d8a71f4", + "xserver-sdk-abi-requires.release": "f74314bb99d620e5c1adf2bcf76bcce9a8340d555fc2da23fd586cd07dc00246", + "xserver.pamd": "fd24e23ab6da064a1c600eb7e174cf268336b4976a607242164bb81e0aa633f9", + "xvfb-run.sh": "2198b9e635bb4e52bf986e678a702ec74f781b5b10c5713e1eeaa16cc9af078c" + } +} diff --git a/SPECS-EXTENDED/xorg-x11-server/xorg-x11-server.spec b/SPECS-EXTENDED/xorg-x11-server/xorg-x11-server.spec new file mode 100644 index 0000000000..272996428a --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/xorg-x11-server.spec @@ -0,0 +1,663 @@ +# X.org requires lazy relocations to work. +%undefine _hardened_build +%undefine _strict_symbol_defs_build + +%global stable_abi 1 + +%if %{stable_abi} +# Released ABI versions. Have to keep these manually in sync with the source. +%global ansic_major 0 +%global ansic_minor 4 +%global videodrv_major 24 +%global videodrv_minor 1 +%global xinput_major 24 +%global xinput_minor 1 +%global extension_major 10 +%global extension_minor 0 +%endif + +%global pkgname xorg-server + +Summary: X.Org X11 X server +Name: xorg-x11-server +Version: 1.20.10 +Release: 6%{?dist} +License: MIT +Vendor: Microsoft Corporation +Distribution: Azure Linux +URL: https://www.x.org +Source0: https://www.x.org/pub/individual/xserver/%{pkgname}-%{version}.tar.bz2 +Source1: gitignore +Source4: 10-quirks.conf +Source10: xserver.pamd +# The xvfb-run script is used by other packages to enable ptests on display-less machines. +Source20: http://svn.exactcode.de/t2/trunk/package/xorg/xorg-server/xvfb-run.sh +# For requires generation in drivers +Source30: xserver-sdk-abi-requires.release +Source31: xserver-sdk-abi-requires.git +# Maintainer convenience script +Source40: driver-abi-rebuild.sh + +# From Debian use intel ddx driver only for gen4 and older chipsets +Patch1: 06_use-intel-only-on-pre-gen4.diff +# Default to xf86-video-modesetting on GeForce 8 and newer +Patch2: 0001-xfree86-use-modesetting-driver-by-default-on-GeForce.patch +# Default to va_gl on intel i965 as we use the modesetting drv there +# va_gl should probably just be the default everywhere ? +Patch3: 0001-xf86-dri2-Use-va_gl-as-vdpau_driver-for-Intel-i965-G.patch +# Submitted upstream, but not going anywhere +Patch5: 0001-autobind-GPUs-to-the-screen.patch +# Because the display-managers are not ready yet, do not upstream +Patch6: 0001-Fedora-hack-Make-the-suid-root-wrapper-always-start-.patch +# Backports from current stable "server-1.20-branch": +# + +# Backports from "master" upstream: +Patch7: CVE-2023-1594.patch +Patch101: 0001-render-Fix-build-with-gcc-12.patch +Patch104: 0001-hw-Rename-boolean-config-value-field-from-bool-to-bo.patch + +# Backported Xwayland randr resolution change emulation support +Patch501: 0001-dix-Add-GetCurrentClient-helper.patch +Patch502: 0002-xwayland-Add-wp_viewport-wayland-extension-support.patch +Patch503: 0003-xwayland-Use-buffer_damage-instead-of-surface-damage.patch +Patch504: 0004-xwayland-Add-fake-output-modes-to-xrandr-output-mode.patch +Patch505: 0005-xwayland-Use-RandR-1.2-interface-rev-2.patch +Patch506: 0006-xwayland-Add-per-client-private-data.patch +Patch507: 0007-xwayland-Add-support-for-storing-per-client-per-outp.patch +Patch508: 0008-xwayland-Add-support-for-randr-resolution-change-emu.patch +Patch509: 0009-xwayland-Add-xwlRRModeToDisplayMode-helper-function.patch +Patch510: 0010-xwayland-Add-xwlVidModeGetCurrentRRMode-helper-to-th.patch +Patch511: 0011-xwayland-Add-vidmode-mode-changing-emulation-support.patch +Patch512: 0012-xwayland-xwl_window_should_enable_viewport-Add-extra.patch +Patch513: 0013-xwayland-Set-_XWAYLAND_RANDR_EMU_MONITOR_RECTS-prope.patch +Patch514: 0014-xwayland-Cache-client-id-for-the-window-manager-clie.patch +Patch515: 0015-xwayland-Reuse-viewport-instead-of-recreating.patch +Patch516: 0016-xwayland-Recurse-on-finding-the-none-wm-owner.patch +Patch517: 0017-xwayland-Make-window_get_none_wm_owner-return-a-Wind.patch +Patch518: 0018-xwayland-Check-emulation-on-client-toplevel-resize.patch +Patch519: 0019-xwayland-Also-check-resolution-change-emulation-when.patch +Patch520: 0020-xwayland-Also-hook-screen-s-MoveWindow-method.patch +Patch521: 0021-xwayland-Fix-emulated-modes-not-being-removed-when-s.patch +Patch522: 0022-xwayland-Call-xwl_window_check_resolution_change_emu.patch +Patch523: 0023-xwayland-Fix-setting-of-_XWAYLAND_RANDR_EMU_MONITOR_.patch +Patch524: 0024-xwayland-Remove-unnecessary-xwl_window_is_toplevel-c.patch +Patch525: 0025-xwayland-Make-window_get_client_toplevel-non-recursi.patch + +BuildRequires: audit-devel +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: bison +BuildRequires: dbus-devel +BuildRequires: flex +BuildRequires: flex-devel +BuildRequires: git +BuildRequires: kernel-headers +BuildRequires: libX11-devel +BuildRequires: libXau-devel +BuildRequires: libXdmcp-devel +BuildRequires: libXext-devel +BuildRequires: libXfont2-devel +BuildRequires: libdrm-devel >= 2.4.0 +BuildRequires: libepoxy-devel +BuildRequires: libfontenc-devel +BuildRequires: libpciaccess-devel >= 0.13.1 +BuildRequires: libselinux-devel >= 2.0.86-1 +BuildRequires: libtool +BuildRequires: libxkbfile-devel +BuildRequires: make +BuildRequires: mesa-libEGL-devel +BuildRequires: mesa-libGL-devel >= 9.2 +BuildRequires: mesa-libgbm-devel +BuildRequires: openssl-devel +BuildRequires: pixman-devel >= 0.30.0 +BuildRequires: pkg-config +BuildRequires: systemd-devel +BuildRequires: systemtap-sdt-devel +BuildRequires: wayland-devel +BuildRequires: wayland-protocols-devel +BuildRequires: xorg-x11-font-utils >= 7.2-11 +BuildRequires: xorg-x11-proto-devel >= 7.7-10 +BuildRequires: xorg-x11-util-macros >= 1.17 +BuildRequires: xorg-x11-xtrans-devel >= 1.3.2 +BuildRequires: pkgconfig(epoxy) +BuildRequires: pkgconfig(wayland-client) >= 1.3.0 +BuildRequires: pkgconfig(xshmfence) >= 1.1 + +%description +X.Org X11 X server + +%package common +Summary: Xorg server common files + +Requires: pixman >= 0.30.0 +Requires: xkbcomp +Requires: xkeyboard-config + +%description common +Common files shared among all X servers. + +%package Xorg +Summary: Xorg X server + +Requires: libEGL +Requires: systemd +Requires: xorg-x11-drv-libinput +Requires: xorg-x11-server-common >= %{version}-%{release} + +Provides: Xorg = %{version}-%{release} +Provides: Xserver = %{version}-%{release} +# HdG: This should be moved to the wrapper package once the wrapper gets +# its own sub-package: +Provides: xorg-x11-server-wrapper = %{version}-%{release} +Obsoletes: xorg-x11-glamor < %{version}-%{release} +Provides: xorg-x11-glamor = %{version}-%{release} +Obsoletes: xorg-x11-drv-modesetting < %{version}-%{release} +Provides: xorg-x11-drv-modesetting = %{version}-%{release} +# Dropped from F25 +Obsoletes: xorg-x11-drv-vmmouse < 13.1.0-4 +%if %{stable_abi} +Provides: xserver-abi(ansic-%{ansic_major}) = %{ansic_minor} +Provides: xserver-abi(videodrv-%{videodrv_major}) = %{videodrv_minor} +Provides: xserver-abi(xinput-%{xinput_major}) = %{xinput_minor} +Provides: xserver-abi(extension-%{extension_major}) = %{extension_minor} +%endif + +%description Xorg +X.org X11 is an open source implementation of the X Window System. It +provides the basic low level functionality which full fledged +graphical user interfaces (GUIs) such as GNOME and KDE are designed +upon. + +%package Xnest +Summary: A nested server + +Requires: xorg-x11-server-common >= %{version}-%{release} + +Provides: Xnest = %{version}-%{release} + +%description Xnest +Xnest is an X server which has been implemented as an ordinary +X application. It runs in a window just like other X applications, +but it is an X server itself in which you can run other software. It +is a very useful tool for developers who wish to test their +applications without running them on their real X server. + +%package Xvfb +Summary: A X Windows System virtual framebuffer X server +# The "xvfb-run.sh" script is GPLv2, rest is MIT. +License: GPLv2 AND MIT + +Requires: xorg-x11-server-common >= %{version}-%{release} +# Required for "xvfb-run.sh". +Requires: xorg-x11-xauth + +Provides: Xvfb = %{version}-%{release} + +%description Xvfb +Xvfb (X Virtual Frame Buffer) is an X server that is able to run on +machines with no display hardware and no physical input devices. +Xvfb simulates a dumb framebuffer using virtual memory. Xvfb does +not open any devices, but behaves otherwise as an X display. Xvfb +is normally used for testing servers. + +%package Xwayland +Summary: Wayland X Server + +Requires: libEGL +Requires: xorg-x11-server-common >= %{version}-%{release} + +%description Xwayland +Xwayland is an X server for running X clients under Wayland. + +%package devel +Summary: SDK for X server driver module development + +Requires: libXfont2-devel +Requires: libpciaccess-devel +Requires: pixman-devel +Requires: pkg-config +Requires: xorg-x11-proto-devel +Requires: xorg-x11-util-macros + +Provides: xorg-x11-server-static = %{version}-%{release} +Obsoletes: xorg-x11-glamor-devel < %{version}-%{release} +Provides: xorg-x11-glamor-devel = %{version}-%{release} + +%description devel +The SDK package provides the developmental files which are necessary for +developing X server driver modules, and for compiling driver modules +outside of the standard X11 source code tree. Developers writing video +drivers, input drivers, or other X modules should install this package. + +%prep +%autosetup -N -n %{pkgname}-%{version} +rm -rf .git +cp %{SOURCE1} .gitignore +# ick +%global __scm git +%{expand:%__scm_setup_git -q} +%autopatch + +%if 0%{?stable_abi} +# Check the ABI in the source against what we expect. +getmajor() { + grep -i ^#define.ABI.$1_VERSION hw/xfree86/common/xf86Module.h | + tr '(),' ' ' | awk '{ print $4 }' +} + +getminor() { + grep -i ^#define.ABI.$1_VERSION hw/xfree86/common/xf86Module.h | + tr '(),' ' ' | awk '{ print $5 }' +} + +test `getmajor ansic` == %{ansic_major} +test `getminor ansic` == %{ansic_minor} +test `getmajor videodrv` == %{videodrv_major} +test `getminor videodrv` == %{videodrv_minor} +test `getmajor xinput` == %{xinput_major} +test `getminor xinput` == %{xinput_minor} +test `getmajor extension` == %{extension_major} +test `getminor extension` == %{extension_minor} + +%endif + +%build + +%global default_font_path "catalogue:%{_sysconfdir}/X11/fontpath.d,built-ins" + +autoreconf -f -v --install || exit 1 + +%configure \ + --disable-static \ + --disable-systemd-logind \ + --disable-unit-tests \ + --enable-glamor \ + --enable-install-setuid \ + --enable-libunwind=no \ + --enable-suid-wrapper \ + --enable-xnest \ + --enable-xvfb \ + --enable-xwayland \ + --with-builderstring="Build ID: %{name} %{version}-%{release}" \ + --with-default-font-path=%{default_font_path} \ + --with-module-dir=%{_libdir}/xorg/modules \ + --with-pic \ + --with-os-name="$(hostname -s) $(uname -r)" \ + --with-vendor-name="%{vendor}" \ + --with-xkb-output=%{_localstatedir}/lib/xkb \ + --without-dtrace \ + ${CONFIGURE} + +make V=1 %{?_smp_mflags} + + +%install +%make_install + +mkdir -p %{buildroot}%{_libdir}/xorg/modules/{drivers,input} + +mkdir -p %{buildroot}%{_sysconfdir}/pam.d +install -m 644 %{SOURCE10} %{buildroot}%{_sysconfdir}/pam.d/xserver + +mkdir -p %{buildroot}%{_datadir}/X11/xorg.conf.d +install -m 644 %{SOURCE4} %{buildroot}%{_datadir}/X11/xorg.conf.d + +install -m 0755 %{SOURCE20} $RPM_BUILD_ROOT%{_bindir}/xvfb-run + +# Make sure the (empty) /etc/X11/xorg.conf.d is there, system-setup-keyboard +# relies on it more or less. +mkdir -p %{buildroot}%{_sysconfdir}/X11/xorg.conf.d + +install -m 755 %{SOURCE30} %{buildroot}%{_bindir}/xserver-sdk-abi-requires + +# Remove unwanted files/dirs +{ +find %{buildroot} -type f -name "*.la" -delete -print +} + + +%files common +%license COPYING +%{_mandir}/man1/Xserver.1* +%{_libdir}/xorg/protocol.txt +%dir %{_localstatedir}/lib/xkb +%{_localstatedir}/lib/xkb/README.compiled + +%files Xorg +%config %attr(0644,root,root) %{_sysconfdir}/pam.d/xserver +%{_bindir}/X +%{_bindir}/Xorg +%{_libexecdir}/Xorg +%attr(4755, root, root) %{_libexecdir}/Xorg.wrap +%{_bindir}/cvt +%{_bindir}/gtf +%dir %{_libdir}/xorg +%dir %{_libdir}/xorg/modules +%dir %{_libdir}/xorg/modules/drivers +%{_libdir}/xorg/modules/drivers/modesetting_drv.so +%dir %{_libdir}/xorg/modules/extensions +%{_libdir}/xorg/modules/extensions/libglx.so +%dir %{_libdir}/xorg/modules/input +%{_libdir}/xorg/modules/libfbdevhw.so +%{_libdir}/xorg/modules/libexa.so +%{_libdir}/xorg/modules/libfb.so +%{_libdir}/xorg/modules/libglamoregl.so +%{_libdir}/xorg/modules/libshadow.so +%{_libdir}/xorg/modules/libshadowfb.so +%{_libdir}/xorg/modules/libvgahw.so +%{_libdir}/xorg/modules/libwfb.so +%ifarch %{arm} %{ix86} aarch64 x86_64 +%{_libdir}/xorg/modules/libint10.so +%{_libdir}/xorg/modules/libvbe.so +%endif +%{_mandir}/man1/gtf.1* +%{_mandir}/man1/Xorg.1* +%{_mandir}/man1/Xorg.wrap.1* +%{_mandir}/man1/cvt.1* +%{_mandir}/man4/fbdevhw.4* +%{_mandir}/man4/exa.4* +%{_mandir}/man4/modesetting.4* +%{_mandir}/man5/Xwrapper.config.5* +%{_mandir}/man5/xorg.conf.5* +%{_mandir}/man5/xorg.conf.d.5* +%dir %{_sysconfdir}/X11/xorg.conf.d +%dir %{_datadir}/X11/xorg.conf.d +%{_datadir}/X11/xorg.conf.d/10-quirks.conf + +%files Xnest +%{_bindir}/Xnest +%{_mandir}/man1/Xnest.1* + +%files Xvfb +%{_bindir}/Xvfb +%{_bindir}/xvfb-run +%{_mandir}/man1/Xvfb.1* + +%files Xwayland +%{_bindir}/Xwayland + +%files devel +%license COPYING +%{_bindir}/xserver-sdk-abi-requires +%{_libdir}/pkgconfig/xorg-server.pc +%dir %{_includedir}/xorg +%{_includedir}/xorg/*.h +%{_datadir}/aclocal/xorg-server.m4 + +%changelog +* Thu Jul 18 2024 Hideyuki Nagase - 1.20.10-6 +- Moved to SPECS-EXTENDED. + +* Mon Apr 01 2024 Riken Maharjan - 1.20.10-5 +- Add patch 0001-render-Fix-build-with-gcc-12.patch from Fedora 41 (License: MIT) +- Add patch 0001-hw-Rename-boolean-config-value-field-from-bool-to-bo.patch from Fedora 41 (License: MIT) + +* Fri Aug 11 2023 Sean Dougherty - 1.20.10-4 +- Add patch for CVE-2023-1594 + +* Fri Nov 05 2021 Muhammad Falak - 0.13.0.7-4 +- Remove epoch from xorg-x11-font-utils + +* Tue Jan 05 2021 Pawel Winogrodzki - 1.20.10-2 +- Initial CBL-Mariner import from Fedora 33 (license: MIT). +- License verified. +- Changed BuildRequires for "audit-libs-devel" to "audit-devel". +- Made 'libint10.so' and 'libvbe.so' be packaged for ARM architectures as well. +- Removed dependency on "libunwind". +- Removed following subpackages: source, Xdmx, Xephyr. +- Removed using the set of "redhat-hardened-*" compiler and linker specs. +- Replacing 'Requires' on 'system-setup-keyboard' with 'systemd'. + +* Wed Dec 2 2020 Olivier Fourdan - 1.20.10-1 +- xserver 1.20.10 (CVE-2020-14360, CVE-2020-25712) + +* Thu Nov 5 10:35:09 AEST 2020 Peter Hutterer - 1.20.9-3 +- Add BuildRequires for make + +* Wed Nov 04 2020 Peter Hutterer 1.20.9-2 +- Drop BuildRequires to git-core only + +* Thu Oct 8 2020 Olivier Fourdan - 1.20.9-1 +- xserver 1.20.9 + all current fixes from upstream + +* Wed Aug 12 2020 Adam Jackson - 1.20.8-4 +- Enable XC-SECURITY + +* Fri Jul 31 2020 Adam Jackson - 1.20.8-3 +- Fix information disclosure bug in pixmap allocation (CVE-2020-14347) + +* Wed Jul 29 2020 Fedora Release Engineering - 1.20.8-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Mar 30 2020 Olivier Fourdan - 1.20.8-1 +- xserver 1.20.8 +- Backport latest Xwayland randr resolution change emulation support + patches. + +* Wed Mar 18 2020 Olivier Fourdan - 1.20.7-2 +- Fix a crash on closing a window using Present found upstream: + https://gitlab.freedesktop.org/xorg/xserver/issues/1000 + +* Fri Mar 13 2020 Olivier Fourdan - 1.20.7-1 +- xserver 1.20.7 +- backport from stable "xserver-1.20-branch" up to commit ad7364d8d + (for mutter fullscreen unredirect on Wayland) +- Update videodrv minor ABI as 1.20.7 changed the minor ABI version + (backward compatible, API addition in glamor) +- Rebase Xwayland randr resolution change emulation support patches + +* Fri Jan 31 2020 Fedora Release Engineering - 1.20.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Mon Nov 25 2019 Olivier Fourdan - 1.20.6-1 +- xserver 1.20.6 + +* Mon Nov 4 2019 Hans de Goede - 1.20.5-9 +- Fix building with new libglvnd-1.2.0 (E)GL headers and pkgconfig files + +* Mon Nov 4 2019 Hans de Goede - 1.20.5-8 +- Backport Xwayland randr resolution change emulation support + +* Thu Aug 29 2019 Olivier Fourdan 1.20.5-7 +- Pick latest fixes from xserver stable branch upstream (rhbz#1729925) + +* Sat Jul 27 2019 Fedora Release Engineering - 1.20.5-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Mon Jul 8 2019 Olivier Fourdan 1.20.5-5 +- Do not include on ARM with glibc to avoid compilation failure. +- Do not force vbe and int10 sdk headers as this enables int10 which does + not build on ARM without + +* Mon Jul 8 2019 Olivier Fourdan 1.20.5-4 +- Fix regression causing screen tearing with upstream xserver 1.20.5 + (rhbz#1726419) + +* Fri Jun 28 2019 Olivier Fourdan 1.20.5-3 +- Remove atomic downstream patches causing regressions (#1714981, #1723715) +- Xwayland crashes (#1708119, #1691745) +- Cursor issue with tablet on Xwayland +- Xorg/modesetting issue with flipping pixmaps with Present (#1645553) + +* Thu Jun 06 2019 Peter Hutterer 1.20.5-2 +- Return AlreadyGrabbed for keycodes > 255 (#1697804) + +* Thu May 30 2019 Adam Jackson - 1.20.5-1 +- xserver 1.20.5 + +* Tue Apr 23 2019 Adam Jackson - 1.20.4-4 +- Fix some non-atomic modesetting calls to be atomic + +* Wed Mar 27 2019 Peter Hutterer 1.20.4-3 +- Fix a Qt scrolling bug, don't reset the valuator on slave switch + +* Thu Mar 21 2019 Adam Jackson - 1.20.4-2 +- Backport an Xwayland crash fix in the Present code + +* Tue Feb 26 2019 Adam Jackson - 1.20.4-1 +- xserver 1.20.4 + +* Sun Feb 03 2019 Fedora Release Engineering - 1.20.3-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Fri Jan 11 2019 Olivier Fourdan - 1.20.3-3 +- More Xwayland/Present fixes from upstream (rhbz#1609181, rhbz#1661748) + +* Thu Dec 06 2018 Olivier Fourdan - 1.20.3-2 +- Xwayland/Present fixes from master upstream + +* Thu Nov 01 2018 Adam Jackson - 1.20.3-1 +- xserver 1.20.3 + +* Mon Oct 15 2018 Adam Jackson - 1.20.2-1 +- xserver 1.20.2 + +* Thu Oct 4 2018 Hans de Goede - 1.20.1-4 +- Rebase patch to use va_gl as vdpau driver on i965 GPUs, re-fix rhbz#1413733 + +* Thu Sep 13 2018 Dave Airlie - 1.20.1-3 +- Build with PIE enabled (this doesn't enable bind now) + +* Mon Sep 10 2018 Olivier Fourdan - 1.20.1-2 +- Include patches from upstream to fix Xwayland crashes + +* Thu Aug 09 2018 Adam Jackson - 1.20.1-1 +- xserver 1.20.1 + +* Sat Jul 14 2018 Fedora Release Engineering - 1.20.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Tue Jun 12 2018 Adam Jackson - 1.20.0-4 +- Xorg and Xwayland Requires: libEGL + +* Fri Jun 01 2018 Adam Williamson - 1.20.0-3 +- Backport fixes for RHBZ#1579067 + +* Wed May 16 2018 Adam Jackson - 1.20.0-2 +- Xorg Requires: xorg-x11-drv-libinput + +* Thu May 10 2018 Adam Jackson - 1.20.0-1 +- xserver 1.20 + +* Wed Apr 25 2018 Adam Jackson - 1.19.99.905-2 +- Fix xvfb-run's default depth to be 24 + +* Tue Apr 24 2018 Adam Jackson - 1.19.99.905-1 +- xserver 1.20 RC5 + +* Thu Apr 12 2018 Olivier Fourdan - 1.19.99.904-2 +- Re-fix "use type instead of which in xvfb-run (rhbz#1443357)" which + was overridden inadvertently + +* Tue Apr 10 2018 Adam Jackson - 1.19.99.904-1 +- xserver 1.20 RC4 + +* Mon Apr 02 2018 Adam Jackson - 1.19.99.903-1 +- xserver 1.20 RC3 + +* Tue Feb 13 2018 Olivier Fourdan 1.19.6-5 +- xwayland: avoid race condition on new keymap +- xwayland: Keep separate variables for pointer and tablet foci (rhbz#1519961) +- xvfb-run now support command line option “--auto-display” + +* Fri Feb 09 2018 Fedora Release Engineering - 1.19.6-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Tue Jan 30 2018 Olivier Fourdan 1.19.6-3 +- Avoid generating a core file when the Wayland compositor is gone. + +* Thu Jan 11 2018 Peter Hutterer 1.19.6-2 +- Fix handling of devices with ID_INPUT=null + +* Wed Dec 20 2017 Adam Jackson - 1.19.6-1 +- xserver 1.19.6 + +* Thu Oct 12 2017 Adam Jackson - 1.19.5-1 +- xserver 1.19.5 + +* Thu Oct 05 2017 Olivier Fourdan - 1.19.4-1 +- xserver-1.19.4 +- Backport tablet support for Xwayland + +* Fri Sep 08 2017 Troy Dawson - 1.19.3-9 +- Cleanup spec file conditionals + +* Thu Aug 03 2017 Fedora Release Engineering - 1.19.3-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 1.19.3-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Sun Jul 2 2017 Ville Skyttä - 1.19.3-6 +- Use type instead of which in xvfb-run (rhbz#1443357) + +* Thu May 04 2017 Orion Poplawski - 1.19.3-5 +- Enable full build for s390/x + +* Mon Apr 24 2017 Ben Skeggs - 1.19.3-4 +- Default to xf86-video-modesetting on GeForce 8 and newer + +* Fri Apr 07 2017 Adam Jackson - 1.19.3-3 +- Inoculate against a versioning bug with libdrm 2.4.78 + +* Thu Mar 23 2017 Hans de Goede - 1.19.3-2 +- Use va_gl as vdpau driver on i965 GPUs (rhbz#1413733) + +* Wed Mar 15 2017 Adam Jackson - 1.19.3-1 +- xserver 1.19.3 + +* Thu Mar 02 2017 Adam Jackson - 1.19.2-1 +- xserver 1.19.2 + +* Sat Feb 11 2017 Fedora Release Engineering - 1.19.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Wed Feb 01 2017 Peter Hutterer 1.19.1-3 +- Fix a few input thread lock issues causing intel crashes (#1384486) + +* Mon Jan 16 2017 Adam Jackson - 1.19.1-2 +- Limit the intel driver only on F26 and up + +* Wed Jan 11 2017 Adam Jackson - 1.19.1-1 +- xserver 1.19.1 + +* Tue Jan 10 2017 Hans de Goede - 1.19.0-4 +- Follow Debian and only default to the intel ddx on gen4 or older intel GPUs + +* Tue Dec 20 2016 Hans de Goede - 1.19.0-3 +- Add one more patch for better integration with the nvidia binary driver + +* Thu Dec 15 2016 Hans de Goede - 1.19.0-2 +- Add some patches for better integration with the nvidia binary driver +- Add a patch from upstream fixing a crash (rhbz#1389886) + +* Wed Nov 23 2016 Olivier Fourdan 1.19.0-1 +- xserver 1.19.0 +- Fix use after free of cursors in Xwayland (rhbz#1385258) +- Fix an issue where some monitors would show only black, or + partially black when secondary GPU outputs are used + +* Tue Nov 15 2016 Peter Hutterer 1.19.0-0.8.rc2 +- Update device barriers for new master devices (#1384432) + +* Thu Nov 3 2016 Hans de Goede - 1.19.0-0.7.rc2 +- Update to 1.19.0-rc2 +- Fix (hopefully) various crashes in FlushAllOutput() (rhbz#1382444) +- Fix Xwayland crashing in glamor on non glamor capable hw (rhbz#1390018) + +* Tue Nov 1 2016 Ben Crocker - 1.19.0-0.6.20161028 +- Fix Config record allocation during startup: if xorg.conf.d directory +- was absent, a segfault resulted. + +* Mon Oct 31 2016 Adam Jackson - 1.19.0-0.5.20161026 +- Use %%autopatch instead of doing our own custom git-am trick + +* Fri Oct 28 2016 Hans de Goede - 1.19.0-0.4.20161026 +- Add missing Requires: libXfont2-devel to -devel sub-package (rhbz#1389711) + +* Wed Oct 26 2016 Hans de Goede - 1.19.0-0.3.20161026 +- Sync with upstream git, bringing in a bunch if bug-fixes +- Add some extra fixes which are pending upstream +- This also adds PointerWarping emulation to Xwayland, which should improve + compatiblity with many games diff --git a/SPECS-EXTENDED/xorg-x11-server/xserver-sdk-abi-requires.git b/SPECS-EXTENDED/xorg-x11-server/xserver-sdk-abi-requires.git new file mode 100755 index 0000000000..c033061bb8 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/xserver-sdk-abi-requires.git @@ -0,0 +1,14 @@ +#!/bin/sh +# +# The X server provides capabilities of the form: +# +# Provides: xserver-abi(ansic-0) = 4 +# +# for an ABI version of 0.4. The major number is encoded into the name so +# that major number changes force upgrades. If we didn't, then +# +# Requires: xserver-abi(ansic) >= 0.4 +# +# would also match 1.0, which is wrong since major numbers mean an ABI break. + +echo "xserver-abi($1-@MAJOR@) >= @MINOR@" diff --git a/SPECS-EXTENDED/xorg-x11-server/xserver-sdk-abi-requires.release b/SPECS-EXTENDED/xorg-x11-server/xserver-sdk-abi-requires.release new file mode 100755 index 0000000000..30d77bf1bb --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/xserver-sdk-abi-requires.release @@ -0,0 +1,19 @@ +#!/bin/sh +# +# The X server provides capabilities of the form: +# +# Provides: xserver-abi(ansic-0) = 4 +# +# for an ABI version of 0.4. The major number is encoded into the name so +# that major number changes force upgrades. If we didn't, then +# +# Requires: xserver-abi(ansic) >= 0.4 +# +# would also match 1.0, which is wrong since major numbers mean an ABI break. + +ver=$(pkg-config --variable abi_$1 xorg-server) + +major=$(echo $ver | cut -f 1 -d .) +minor=$(echo $ver | cut -f 2 -d .) + +echo "xserver-abi($1-$major) >= $minor" diff --git a/SPECS-EXTENDED/xorg-x11-server/xserver.pamd b/SPECS-EXTENDED/xorg-x11-server/xserver.pamd new file mode 100644 index 0000000000..bf799304b6 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/xserver.pamd @@ -0,0 +1,5 @@ +#%PAM-1.0 +auth sufficient pam_rootok.so +auth required pam_console.so +account required pam_permit.so +session optional pam_keyinit.so force revoke diff --git a/SPECS-EXTENDED/xorg-x11-server/xvfb-run.sh b/SPECS-EXTENDED/xorg-x11-server/xvfb-run.sh new file mode 100644 index 0000000000..9d088c1c28 --- /dev/null +++ b/SPECS-EXTENDED/xorg-x11-server/xvfb-run.sh @@ -0,0 +1,200 @@ +#!/bin/sh +# --- T2-COPYRIGHT-NOTE-BEGIN --- +# This copyright note is auto-generated by ./scripts/Create-CopyPatch. +# +# T2 SDE: package/.../xorg-server/xvfb-run.sh +# Copyright (C) 2005 The T2 SDE Project +# Copyright (C) XXXX - 2005 Debian +# +# More information can be found in the files COPYING and README. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. A copy of the +# GNU General Public License can be found in the file COPYING. +# --- T2-COPYRIGHT-NOTE-END --- + +# $Id$ +# from: http://necrotic.deadbeast.net/xsf/XFree86/trunk/debian/local/xvfb-run + +# This script starts an instance of Xvfb, the "fake" X server, runs a command +# with that server available, and kills the X server when done. The return +# value of the command becomes the return value of this script. +# +# If anyone is using this to build a Debian package, make sure the package +# Build-Depends on xvfb, xbase-clients, and xfonts-base. + +set -e + +PROGNAME=xvfb-run +SERVERNUM=99 +AUTHFILE= +ERRORFILE=/dev/null +STARTWAIT=3 +XVFBARGS="-screen 0 640x480x24" +LISTENTCP="-nolisten tcp" +XAUTHPROTO=. + +# Query the terminal to establish a default number of columns to use for +# displaying messages to the user. This is used only as a fallback in the event +# the COLUMNS variable is not set. ($COLUMNS can react to SIGWINCH while the +# script is running, and this cannot, only being calculated once.) +DEFCOLUMNS=$(stty size 2>/dev/null | awk '{print $2}') || true +if ! expr "$DEFCOLUMNS" : "[[:digit:]]\+$" >/dev/null 2>&1; then + DEFCOLUMNS=80 +fi + +# Display a message, wrapping lines at the terminal width. +message () { + echo "$PROGNAME: $*" | fmt -t -w ${COLUMNS:-$DEFCOLUMNS} +} + +# Display an error message. +error () { + message "error: $*" >&2 +} + +# Display a usage message. +usage () { + if [ -n "$*" ]; then + message "usage error: $*" + fi + cat <&2 + exit 2 +fi + +if ! type xauth >/dev/null; then + error "xauth command not found" + exit 3 +fi + +# Set up the temp dir for the pid and X authorization file +XVFB_RUN_TMPDIR="$(mktemp --directory --tmpdir $PROGNAME.XXXXXX)" +# If the user did not specify an X authorization file to use, set up a temporary +# directory to house one. +if [ -z "$AUTHFILE" ]; then + AUTHFILE=$(mktemp -p "$XVFB_RUN_TMPDIR" Xauthority.XXXXXX) +fi + +# Start Xvfb. +MCOOKIE=$(mcookie) + +if [ -z "$AUTO_DISPLAY" ]; then + # Old style using a pre-computed SERVERNUM + XAUTHORITY=$AUTHFILE Xvfb ":$SERVERNUM" $XVFBARGS $LISTENTCP >>"$ERRORFILE" \ + 2>&1 & + XVFBPID=$! +else + # New style using Xvfb to provide a free display + PIDFILE=$(mktemp -p "$XVFB_RUN_TMPDIR" pid.XXXXXX) + SERVERNUM=$(XAUTHORITY=$AUTHFILE Xvfb -displayfd 1 $XVFBARGS $LISTENTCP \ + 2>"$ERRORFILE" & echo $! > $PIDFILE) + XVFBPID=$(cat $PIDFILE) +fi +sleep "$STARTWAIT" + +XAUTHORITY=$AUTHFILE xauth source - << EOF >>"$ERRORFILE" 2>&1 +add :$SERVERNUM $XAUTHPROTO $MCOOKIE +EOF + +# Start the command and save its exit status. +set +e +DISPLAY=:$SERVERNUM XAUTHORITY=$AUTHFILE "$@" 2>&1 +RETVAL=$? +set -e + +# Kill Xvfb now that the command has exited. +kill $XVFBPID + +# Clean up. +XAUTHORITY=$AUTHFILE xauth remove ":$SERVERNUM" >"$ERRORFILE" 2>&1 +if [ -n "$XVFB_RUN_TMPDIR" ]; then + if ! rm -r "$XVFB_RUN_TMPDIR"; then + error "problem while cleaning up temporary directory" + exit 5 + fi +fi + +# Return the executed command's exit status. +exit $RETVAL + +# vim:set ai et sts=4 sw=4 tw=80: diff --git a/SPECS-SIGNED/edk2-hvloader-signed/edk2-hvloader-signed.spec b/SPECS-SIGNED/edk2-hvloader-signed/edk2-hvloader-signed.spec index ca9c04c506..949e24c7d7 100644 --- a/SPECS-SIGNED/edk2-hvloader-signed/edk2-hvloader-signed.spec +++ b/SPECS-SIGNED/edk2-hvloader-signed/edk2-hvloader-signed.spec @@ -11,7 +11,7 @@ Summary: Signed HvLoader.efi for %{buildarch} systems Name: edk2-hvloader-signed-%{buildarch} Version: %{GITDATE}git%{GITCOMMIT} -Release: 4%{?dist} +Release: 5%{?dist} License: MIT Vendor: Microsoft Corporation Distribution: Azure Linux @@ -74,6 +74,9 @@ popd /boot/efi/HvLoader.efi %changelog +* Wed Mar 26 2025 Tobias Brick - 20240524git3e722403cd16-5 +- Bump release for consistency with edk2 spec. + * Fri Jan 24 2025 Cameron Baird - 20240524git3e722403cd16-4 - Original version for Azure Linux. - License verified diff --git a/SPECS-SIGNED/fwctl-signed/fwctl-signed.spec b/SPECS-SIGNED/fwctl-signed/fwctl-signed.spec new file mode 100644 index 0000000000..0d8d3543e9 --- /dev/null +++ b/SPECS-SIGNED/fwctl-signed/fwctl-signed.spec @@ -0,0 +1,154 @@ +# +# Copyright (c) 2024 Nvidia Inc. All rights reserved. +# +# This software is available to you under a choice of one of two +# licenses. You may choose to be licensed under the terms of the GNU +# General Public License (GPL) Version 2, available from the file +# COPYING in the main directory of this source tree, or the +# OpenIB.org BSD license below: +# +# Redistribution and use in source and binary forms, with or +# without modification, are permitted provided that the following +# conditions are met: +# +# - Redistributions of source code must retain the above +# copyright notice, this list of conditions and the following +# disclaimer. +# +# - Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials +# provided with the distribution. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS +# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN +# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +# SOFTWARE. +# + +%global debug_package %{nil} +# The default %%__os_install_post macro ends up stripping the signatures off of the kernel module. +%define __os_install_post %{__os_install_post_leave_signatures} %{nil} + +%global target_kernel_version_full %(/bin/rpm -q --queryformat '%{RPMTAG_VERSION}-%{RPMTAG_RELEASE}' $(/bin/rpm -q --whatprovides kernel-headers)) +%global target_azurelinux_build_kernel_version %(/bin/rpm -q --queryformat '%{RPMTAG_VERSION}' $(/bin/rpm -q --whatprovides kernel-headers)) +%global target_kernel_release %(/bin/rpm -q --queryformat '%{RPMTAG_RELEASE}' $(/bin/rpm -q --whatprovides kernel-headers) | /bin/cut -d . -f 1) + +%global KVERSION %{target_kernel_version_full} + +%{!?_name: %define _name fwctl} + +Summary: %{_name} Driver +Name: %{_name} +Version: 24.10 +Release: 13%{?dist} +License: GPLv2 +Url: http://nvidia.com +Group: System Environment/Base + +# +# To populate these sources: +# 1. Build the unsigned packages as normal +# 2. Sign the desired binary +# 3. Place the unsigned package and signed binary in this spec's folder +# 4. Build this spec + +Source0: %{name}-%{version}-%{release}.%{_arch}.rpm +Source1: fwctl.ko +Source2: mlx5_fwctl.ko + +Vendor: Microsoft Corporation +Distribution: Azure Linux +ExclusiveArch: x86_64 + +Requires: mlnx-ofa_kernel = %{version} +Requires: mlnx-ofa_kernel-modules = %{version} +Requires: kernel = %{target_kernel_version_full} +Requires: kmod + +%description +fwctl signed kernel modules + +%prep + +%build +mkdir rpm_contents +pushd rpm_contents + +# This spec's whole purpose is to inject the signed modules +rpm2cpio %{SOURCE0} | cpio -idmv + +cp -rf %{SOURCE1} ./lib/modules/%{KVERSION}/updates/fwctl/fwctl.ko +cp -rf %{SOURCE2} ./lib/modules/%{KVERSION}/updates/fwctl/mlx5/mlx5_fwctl.ko + +popd + +%install +pushd rpm_contents + +# Don't use * wildcard. It does not copy over hidden files in the root folder... +cp -rp ./. %{buildroot}/ + +popd + +%post +if [ $1 -ge 1 ]; then # 1 : This package is being installed or reinstalled + /sbin/depmod %{KVERSION} +fi # 1 : closed +# END of post + +%postun +/sbin/depmod %{KVERSION} + +%files +%defattr(-,root,root,-) +%license %{_datadir}/licenses/%{name}/copyright +/lib/modules/%{KVERSION}/updates/ +%config(noreplace) %{_sysconfdir}/depmod.d/zz02-%{name}-*.conf + + +%changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 24.10-13 +- Bump release to rebuild for new kernel release + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 24.10-12 +- Bump release to rebuild for new kernel release + +* Mon Mar 10 2025 Chris Co - 24.10-11 +- Bump release to rebuild for new kernel release + +* Wed Mar 05 2025 Rachel Menge - 24.10-10 +- Bump release to rebuild for new kernel release + +* Tue Mar 04 2025 Rachel Menge - 24.10-9 +- Bump release to rebuild for new kernel release + +* Wed Feb 19 2025 Chris Co - 24.10-8 +- Bump release to rebuild for new kernel release + +* Tue Feb 11 2025 Rachel Menge - 24.10-7 +- Bump release to rebuild for new kernel release + +* Wed Feb 05 2025 Tobias Brick - 24.10-6 +- Bump release to rebuild for new kernel release + +* Tue Feb 04 2025 Alberto David Perez Guevara - 24.10-5 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-4 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-3 +- Bump release to match kernel + +* Thu Jan 30 2025 Rachel Menge - 24.10-2 +- Bump release to match kernel + +* Sat Jan 18 2025 Binu Jose Philip - 24.10-1 +- Creating signed spec +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified diff --git a/SPECS-SIGNED/iser-signed/iser-signed.spec b/SPECS-SIGNED/iser-signed/iser-signed.spec new file mode 100644 index 0000000000..502ad5a285 --- /dev/null +++ b/SPECS-SIGNED/iser-signed/iser-signed.spec @@ -0,0 +1,145 @@ +# +# Copyright (c) 2014 Mellanox Technologies. All rights reserved. +# +# This Software is licensed under one of the following licenses: +# +# 1) under the terms of the "Common Public License 1.0" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/cpl.php. +# +# 2) under the terms of the "The BSD License" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/bsd-license.php. +# +# 3) under the terms of the "GNU General Public License (GPL) Version 2" a +# copy of which is available from the Open Source Initiative, see +# http://www.opensource.org/licenses/gpl-license.php. +# +# Licensee has the right to choose one of the above licenses. +# +# Redistributions of source code must retain the above copyright +# notice and one of the license notices. +# +# Redistributions in binary form must reproduce both the above copyright +# notice, one of the license notices in the documentation +# and/or other materials provided with the distribution. +# +# + +%global debug_package %{nil} +# The default %%__os_install_post macro ends up stripping the signatures off of the kernel module. +%define __os_install_post %{__os_install_post_leave_signatures} %{nil} + +%global target_kernel_version_full %(/bin/rpm -q --queryformat '%{RPMTAG_VERSION}-%{RPMTAG_RELEASE}' $(/bin/rpm -q --whatprovides kernel-headers)) +%global target_azurelinux_build_kernel_version %(/bin/rpm -q --queryformat '%{RPMTAG_VERSION}' $(/bin/rpm -q --whatprovides kernel-headers)) +%global target_kernel_release %(/bin/rpm -q --queryformat '%{RPMTAG_RELEASE}' $(/bin/rpm -q --whatprovides kernel-headers) | /bin/cut -d . -f 1) + +%global KVERSION %{target_kernel_version_full} + +%{!?_name: %define _name iser} + +Summary: %{_name} Driver +Name: %{_name} +Version: 24.10 +Release: 13%{?dist} +License: GPLv2 +Url: http://www.mellanox.com +Group: System Environment/Base + +# +# To populate these sources: +# 1. Build the unsigned packages as normal +# 2. Sign the desired binary +# 3. Place the unsigned package and signed binary in this spec's folder +# 4. Build this spec + +Source0: %{name}-%{version}-%{release}.%{_arch}.rpm +Source1: ib_iser.ko + +Vendor: Microsoft Corporation +Distribution: Azure Linux +ExclusiveArch: x86_64 + +Requires: mlnx-ofa_kernel = %{version} +Requires: mlnx-ofa_kernel-modules = %{version} +Requires: kernel = %{target_kernel_version_full} +Requires: kmod + +%description +iser signed kernel modules + +%prep + +%build +mkdir rpm_contents +pushd rpm_contents + +rpm2cpio %{SOURCE0} | cpio -idmv +cp -rf %{SOURCE1} ./lib/modules/%{KVERSION}/updates/iser/ib_iser.ko +popd + +%install +pushd rpm_contents + +# Don't use * wildcard. It does not copy over hidden files in the root folder... +cp -rp ./. %{buildroot}/ + +popd + + +%post +if [ $1 -ge 1 ]; then # 1 : This package is being installed or reinstalled + /sbin/depmod %{KVERSION} +fi # 1 : closed +# END of post + +%postun +/sbin/depmod %{KVERSION} + +%files +%defattr(-,root,root,-) +%license %{_datadir}/licenses/%{name}/copyright +/lib/modules/%{KVERSION}/updates/ +%config(noreplace) %{_sysconfdir}/depmod.d/zz02-%{name}-*.conf + +%changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 24.10-13 +- Bump release to rebuild for new kernel release + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 24.10-12 +- Bump release to rebuild for new kernel release + +* Mon Mar 10 2025 Chris Co - 24.10-11 +- Bump release to rebuild for new kernel release + +* Wed Mar 05 2025 Rachel Menge - 24.10-10 +- Bump release to rebuild for new kernel release + +* Tue Mar 04 2025 Rachel Menge - 24.10-9 +- Bump release to rebuild for new kernel release + +* Wed Feb 19 2025 Chris Co - 24.10-8 +- Bump release to rebuild for new kernel release + +* Tue Feb 11 2025 Rachel Menge - 24.10-7 +- Bump release to rebuild for new kernel release + +* Wed Feb 05 2025 Tobias Brick - 24.10-6 +- Bump release to rebuild for new kernel release + +* Tue Feb 04 2025 Alberto David Perez Guevara - 24.10-5 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-4 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-3 +- Bump release to match kernel + +* Thu Jan 30 2025 Rachel Menge - 24.10-2 +- Bump release to match kernel + +* Sat Jan 18 2025 Binu Jose Philip - 24.10-1 +- Creating signed spec +- License verified +- Initial Azure Linux import from NVIDIA (license: GPLv2) diff --git a/SPECS-SIGNED/isert-signed/isert-signed.spec b/SPECS-SIGNED/isert-signed/isert-signed.spec new file mode 100644 index 0000000000..a920948eaf --- /dev/null +++ b/SPECS-SIGNED/isert-signed/isert-signed.spec @@ -0,0 +1,144 @@ +# +# Copyright (c) 2014 Mellanox Technologies. All rights reserved. +# +# This Software is licensed under one of the following licenses: +# +# 1) under the terms of the "Common Public License 1.0" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/cpl.php. +# +# 2) under the terms of the "The BSD License" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/bsd-license.php. +# +# 3) under the terms of the "GNU General Public License (GPL) Version 2" a +# copy of which is available from the Open Source Initiative, see +# http://www.opensource.org/licenses/gpl-license.php. +# +# Licensee has the right to choose one of the above licenses. +# +# Redistributions of source code must retain the above copyright +# notice and one of the license notices. +# +# Redistributions in binary form must reproduce both the above copyright +# notice, one of the license notices in the documentation +# and/or other materials provided with the distribution. +# +# + +%global debug_package %{nil} +# The default %%__os_install_post macro ends up stripping the signatures off of the kernel module. +%define __os_install_post %{__os_install_post_leave_signatures} %{nil} + +%global target_kernel_version_full %(/bin/rpm -q --queryformat '%{RPMTAG_VERSION}-%{RPMTAG_RELEASE}' $(/bin/rpm -q --whatprovides kernel-headers)) +%global target_azurelinux_build_kernel_version %(/bin/rpm -q --queryformat '%{RPMTAG_VERSION}' $(/bin/rpm -q --whatprovides kernel-headers)) +%global target_kernel_release %(/bin/rpm -q --queryformat '%{RPMTAG_RELEASE}' $(/bin/rpm -q --whatprovides kernel-headers) | /bin/cut -d . -f 1) + +%global KVERSION %{target_kernel_version_full} + +%{!?_name: %define _name isert} + +Summary: %{_name} Driver +Name: %{_name} +Version: 24.10 +Release: 13%{?dist} +License: GPLv2 +Url: http://www.mellanox.com +Group: System Environment/Base + +# +# To populate these sources: +# 1. Build the unsigned packages as normal +# 2. Sign the desired binary +# 3. Place the unsigned package and signed binary in this spec's folder +# 4. Build this spec + +Source0: %{name}-%{version}-%{release}.%{_arch}.rpm +Source1: ib_isert.ko + +Vendor: Microsoft Corporation +Distribution: Azure Linux +ExclusiveArch: x86_64 + +Requires: mlnx-ofa_kernel = %{version} +Requires: mlnx-ofa_kernel-modules = %{version} +Requires: kernel = %{target_kernel_version_full} +Requires: kmod + +%description +isert signed kernel modules + +%prep + +%build +mkdir rpm_contents +pushd rpm_contents + +rpm2cpio %{SOURCE0} | cpio -idmv +cp -rf %{SOURCE1} ./lib/modules/%{KVERSION}/updates/isert/ib_isert.ko +popd + +%install +pushd rpm_contents + +# Don't use * wildcard. It does not copy over hidden files in the root folder... +cp -rp ./. %{buildroot}/ + +popd + +%post +if [ $1 -ge 1 ]; then # 1 : This package is being installed or reinstalled + /sbin/depmod %{KVERSION} +fi # 1 : closed +# END of post + +%postun +/sbin/depmod %{KVERSION} + +%files +%defattr(-,root,root,-) +%license %{_datadir}/licenses/%{name}/copyright +/lib/modules/%{KVERSION}/updates/ +%config(noreplace) %{_sysconfdir}/depmod.d/zz02-%{name}-*.conf + +%changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 24.10-13 +- Bump release to rebuild for new kernel release + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 24.10-12 +- Bump release to rebuild for new kernel release + +* Mon Mar 10 2025 Chris Co - 24.10-11 +- Bump release to rebuild for new kernel release + +* Wed Mar 05 2025 Rachel Menge - 24.10-10 +- Bump release to rebuild for new kernel release + +* Tue Mar 04 2025 Rachel Menge - 24.10-9 +- Bump release to rebuild for new kernel release + +* Wed Feb 19 2025 Chris Co - 24.10-8 +- Bump release to rebuild for new kernel release + +* Tue Feb 11 2025 Rachel Menge - 24.10-7 +- Bump release to rebuild for new kernel release + +* Wed Feb 05 2025 Tobias Brick - 24.10-6 +- Bump release to rebuild for new kernel release + +* Tue Feb 04 2025 Alberto David Perez Guevara - 24.10-5 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-4 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-3 +- Bump release to match kernel + +* Thu Jan 30 2025 Rachel Menge - 24.10-2 +- Bump release to match kernel + +* Sat Jan 18 2025 Binu Jose Philip - 24.10-1 +- Creating signed spec +- License verified +- Initial Azure Linux import from NVIDIA (license: GPLv2) diff --git a/SPECS-SIGNED/kernel-64k-signed/kernel-64k-signed.spec b/SPECS-SIGNED/kernel-64k-signed/kernel-64k-signed.spec index e214d2fb6d..b5f55f78d8 100644 --- a/SPECS-SIGNED/kernel-64k-signed/kernel-64k-signed.spec +++ b/SPECS-SIGNED/kernel-64k-signed/kernel-64k-signed.spec @@ -6,8 +6,8 @@ %define uname_r %{version}-%{release} Summary: Signed Linux Kernel for %{buildarch} systems Name: kernel-64k-signed-%{buildarch} -Version: 6.6.78.1 -Release: 3%{?dist} +Version: 6.6.82.1 +Release: 1%{?dist} License: GPLv2 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -105,6 +105,12 @@ echo "initrd of kernel %{uname_r} removed" >&2 %exclude /module_info.ld %changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 6.6.82.1-1 +- Auto-upgrade to 6.6.82.1 + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 6.6.79.1-1 +- Auto-upgrade to 6.6.79.1 + * Mon Mar 10 2025 Chris Co - 6.6.78.1-3 - Bump release to match kernel diff --git a/SPECS-SIGNED/kernel-signed/kernel-signed.spec b/SPECS-SIGNED/kernel-signed/kernel-signed.spec index e997a206ad..540edeee2d 100644 --- a/SPECS-SIGNED/kernel-signed/kernel-signed.spec +++ b/SPECS-SIGNED/kernel-signed/kernel-signed.spec @@ -9,8 +9,8 @@ %define uname_r %{version}-%{release} Summary: Signed Linux Kernel for %{buildarch} systems Name: kernel-signed-%{buildarch} -Version: 6.6.78.1 -Release: 3%{?dist} +Version: 6.6.82.1 +Release: 1%{?dist} License: GPLv2 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -145,6 +145,12 @@ echo "initrd of kernel %{uname_r} removed" >&2 %exclude /module_info.ld %changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 6.6.82.1-1 +- Auto-upgrade to 6.6.82.1 + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 6.6.79.1-1 +- Auto-upgrade to 6.6.79.1 + * Mon Mar 10 2025 Chris Co - 6.6.78.1-3 - Bump release to match kernel diff --git a/SPECS-SIGNED/kernel-uki-signed/kernel-uki-signed.spec b/SPECS-SIGNED/kernel-uki-signed/kernel-uki-signed.spec index 00ff2e3fef..1132633fab 100644 --- a/SPECS-SIGNED/kernel-uki-signed/kernel-uki-signed.spec +++ b/SPECS-SIGNED/kernel-uki-signed/kernel-uki-signed.spec @@ -5,8 +5,8 @@ %define kernelver %{version}-%{release} Summary: Signed Unified Kernel Image for %{buildarch} systems Name: kernel-uki-signed-%{buildarch} -Version: 6.6.78.1 -Release: 3%{?dist} +Version: 6.6.82.1 +Release: 1%{?dist} License: GPLv2 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -68,6 +68,12 @@ popd /boot/efi/EFI/Linux/vmlinuz-uki-%{kernelver}.efi %changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 6.6.82.1-1 +- Auto-upgrade to 6.6.82.1 + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 6.6.79.1-1 +- Auto-upgrade to 6.6.79.1 + * Mon Mar 10 2025 Chris Co - 6.6.78.1-3 - Bump release to match kernel diff --git a/SPECS-SIGNED/knem-modules-signed/knem-modules-signed.spec b/SPECS-SIGNED/knem-modules-signed/knem-modules-signed.spec new file mode 100644 index 0000000000..5e07e4880d --- /dev/null +++ b/SPECS-SIGNED/knem-modules-signed/knem-modules-signed.spec @@ -0,0 +1,145 @@ +# Copyright © INRIA 2009-2010 +# Brice Goglin +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# 3. The name of the author may not be used to endorse or promote products +# derived from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +%global debug_package %{nil} +# The default %%__os_install_post macro ends up stripping the signatures off of the kernel module. +%define __os_install_post %{__os_install_post_leave_signatures} %{nil} + +%global target_kernel_version_full %(/bin/rpm -q --queryformat '%{RPMTAG_VERSION}-%{RPMTAG_RELEASE}' $(/bin/rpm -q --whatprovides kernel-headers)) +%global target_azurelinux_build_kernel_version %(/bin/rpm -q --queryformat '%{RPMTAG_VERSION}' $(/bin/rpm -q --whatprovides kernel-headers)) +%global target_kernel_release %(/bin/rpm -q --queryformat '%{RPMTAG_RELEASE}' $(/bin/rpm -q --whatprovides kernel-headers) | /bin/cut -d . -f 1) + +%global KVERSION %{target_kernel_version_full} + +# set package name +%{!?_name: %global _name knem} +%global non_kmp_pname %{_name}-modules + +# knem-modules is a sub-package in SPECS/knem. We are making that into a +# main package for signing. + +Summary: KNEM: High-Performance Intra-Node MPI Communication +Name: %{_name}-modules +Version: 1.1.4.90mlnx3 +Release: 13%{?dist} +Provides: knem-mlnx = %{version}-%{release} +Obsoletes: knem-mlnx < %{version}-%{release} +License: BSD and GPLv2 +Group: System Environment/Libraries +Vendor: Microsoft Corporation +Distribution: Azure Linux +ExclusiveArch: x86_64 + +# +# To populate these sources: +# 1. Build the unsigned packages as normal +# 2. Sign the desired binary +# 3. Place the unsigned package and signed binary in this spec's folder +# 4. Build this spec + +Source0: %{name}-%{version}-%{release}.%{_arch}.rpm +Source1: knem.ko +BuildRoot: /var/tmp/%{name}-%{version}-build + +Requires: kernel = %{target_kernel_version_full} +Requires: kmod + +%description +KNEM is a Linux kernel module enabling high-performance intra-node MPI communication for large messages. KNEM offers support for asynchronous and vectorial data transfers as well as offloading memory copies on to Intel I/OAT hardware. +See http://knem.gitlabpages.inria.fr for details. + +%prep + +%build +mkdir rpm_contents +pushd rpm_contents + +# This spec's whole purpose is to inject the signed modules +rpm2cpio %{SOURCE0} | cpio -idmv +cp -rf %{SOURCE1} ./lib/modules/%{KVERSION}/extra/knem/knem.ko +popd + +%install +pushd rpm_contents + +# Don't use * wildcard. It does not copy over hidden files in the root folder... +cp -rp ./. %{buildroot}/ + +popd + + +%post +depmod %{KVERSION} -a + +%postun +if [ $1 = 0 ]; then # 1 : Erase, not upgrade + depmod %{KVERSION} -a +fi + +%files +%{_datadir}/licenses +/lib/modules/ + +%changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 1.1.4.90mlnx3-13 +- Bump release to rebuild for new kernel release + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 1.1.4.90mlnx3-12 +- Bump release to rebuild for new kernel release + +* Mon Mar 10 2025 Chris Co - 1.1.4.90mlnx3-11 +- Bump release to rebuild for new kernel release + +* Wed Mar 05 2025 Rachel Menge - 1.1.4.90mlnx3-10 +- Bump release to rebuild for new kernel release + +* Tue Mar 04 2025 Rachel Menge - 1.1.4.90mlnx3-9 +- Bump release to rebuild for new kernel release + +* Wed Feb 19 2025 Chris Co - 1.1.4.90mlnx3-8 +- Bump release to rebuild for new kernel release + +* Tue Feb 11 2025 Rachel Menge - 1.1.4.90mlnx3-7 +- Bump release to rebuild for new kernel release + +* Wed Feb 05 2025 Tobias Brick - 1.1.4.90mlnx3-6 +- Bump release to rebuild for new kernel release + +* Tue Feb 04 2025 Alberto David Perez Guevara - 1.1.4.90mlnx3-5 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 1.1.4.90mlnx3-4 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 1.1.4.90mlnx3-3 +- Bump release to match kernel + +* Thu Jan 30 2025 Rachel Menge - 1.1.4.90mlnx3-2 +- Bump release to match kernel + +* Sat Jan 18 2025 Binu Jose Philip - 1.1.4.90mlnx3-1 +- Creating signed spec +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified diff --git a/SPECS-SIGNED/mlnx-nfsrdma-signed/mlnx-nfsrdma-signed.spec b/SPECS-SIGNED/mlnx-nfsrdma-signed/mlnx-nfsrdma-signed.spec index 3cfd866834..a66603597f 100644 --- a/SPECS-SIGNED/mlnx-nfsrdma-signed/mlnx-nfsrdma-signed.spec +++ b/SPECS-SIGNED/mlnx-nfsrdma-signed/mlnx-nfsrdma-signed.spec @@ -43,7 +43,7 @@ Summary: %{_name} Driver Name: %{_name} Version: 24.10 -Release: 11%{?dist} +Release: 13%{?dist} License: GPLv2 Url: http://www.mellanox.com Group: System Environment/Base @@ -111,6 +111,12 @@ fi %config(noreplace) %{_sysconfdir}/depmod.d/zz02-%{name}-*.conf %changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 24.10-13 +- Bump release to rebuild for new kernel release + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 24.10-12 +- Bump release to rebuild for new kernel release + * Mon Mar 10 2025 Chris Co - 24.10-11 - Bump release to rebuild for new kernel release diff --git a/SPECS-SIGNED/srp-signed/srp-signed.spec b/SPECS-SIGNED/srp-signed/srp-signed.spec new file mode 100644 index 0000000000..2168451c26 --- /dev/null +++ b/SPECS-SIGNED/srp-signed/srp-signed.spec @@ -0,0 +1,141 @@ +# +# Copyright (c) 2014 Mellanox Technologies. All rights reserved. +# +# This Software is licensed under one of the following licenses: +# +# 1) under the terms of the "Common Public License 1.0" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/cpl.php. +# +# 2) under the terms of the "The BSD License" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/bsd-license.php. +# +# 3) under the terms of the "GNU General Public License (GPL) Version 2" a +# copy of which is available from the Open Source Initiative, see +# http://www.opensource.org/licenses/gpl-license.php. +# +# Licensee has the right to choose one of the above licenses. +# +# Redistributions of source code must retain the above copyright +# notice and one of the license notices. +# +# Redistributions in binary form must reproduce both the above copyright +# notice, one of the license notices in the documentation +# and/or other materials provided with the distribution. +# +# + +%global debug_package %{nil} +# The default %%__os_install_post macro ends up stripping the signatures off of the kernel module. +%define __os_install_post %{__os_install_post_leave_signatures} %{nil} + +%if 0%{azl} +%global target_kernel_version_full %(/bin/rpm -q --queryformat '%{VERSION}-%{RELEASE}' kernel-headers) +%else +%global target_kernel_version_full f.a.k.e +%endif + +%global KVERSION %{target_kernel_version_full} + +Summary: srp driver +Name: srp +Version: 24.10 +Release: 13%{?dist} +License: GPLv2 +Url: http://www.mellanox.com +Group: System Environment/Base + +# +# To populate these sources: +# 1. Build the unsigned packages as normal +# 2. Sign the desired binary +# 3. Place the unsigned package and signed binary in this spec's folder +# 4. Build this spec + +Source0: %{name}-%{version}-%{release}.%{_arch}.rpm +Source1: ib_srp.ko +Source2: scsi_transport_srp.ko + +Vendor: Microsoft Corporation +Distribution: Azure Linux +ExclusiveArch: x86_64 + +Requires: mlnx-ofa_kernel = %{version} +Requires: mlnx-ofa_kernel-modules = %{version} +Requires: kernel = %{target_kernel_version_full} +Requires: kmod + +%description +srp kernel modules + +%prep + +%build +mkdir rpm_contents +pushd rpm_contents + +# This spec's whole purpose is to inject the signed modules +rpm2cpio %{SOURCE0} | cpio -idmv + +cp -rf %{SOURCE1} ./lib/modules/%{KVERSION}/updates/srp/ib_srp.ko +cp -rf %{SOURCE2} ./lib/modules/%{KVERSION}/updates/srp/scsi/scsi_transport_srp.ko + +popd + +%install +pushd rpm_contents + +# Don't use * wildcard. It does not copy over hidden files in the root folder... +cp -rp ./. %{buildroot}/ + +popd + +%files +%defattr(-,root,root,-) +/lib/modules/%{KVERSION}/updates/srp/ib_srp.ko +/lib/modules/%{KVERSION}/updates/srp/scsi/scsi_transport_srp.ko +%config(noreplace) %{_sysconfdir}/depmod.d/zz02-%{name}-*.conf +%license %{_datadir}/licenses/%{name}/copyright + +%changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 24.10-13 +- Bump release to rebuild for new kernel release + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 24.10-12 +- Bump release to rebuild for new kernel release + +* Mon Mar 10 2025 Chris Co - 24.10-11 +- Bump release to rebuild for new kernel release + +* Wed Mar 05 2025 Rachel Menge - 24.10-10 +- Bump release to rebuild for new kernel release + +* Tue Mar 04 2025 Rachel Menge - 24.10-9 +- Bump release to rebuild for new kernel release + +* Wed Feb 19 2025 Chris Co - 24.10-8 +- Bump release to rebuild for new kernel release + +* Tue Feb 11 2025 Rachel Menge - 24.10-7 +- Bump release to rebuild for new kernel release + +* Wed Feb 05 2025 Tobias Brick - 24.10-6 +- Bump release to rebuild for new kernel release + +* Tue Feb 04 2025 Alberto David Perez Guevara - 24.10-5 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-4 +- Bump release to rebuild for new kernel release + +* Thu Jan 30 2025 Rachel Menge - 24.10-3 +- Bump release to match kernel + +* Thu Jan 30 2025 Rachel Menge - 24.10-2 +- Bump release to match kernel + +* Sat Jan 18 2025 Binu Jose Philip - 24.10-1 +- Creating signed spec +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified diff --git a/SPECS-SIGNED/xpmem-modules-signed/xpmem-modules-signed.spec b/SPECS-SIGNED/xpmem-modules-signed/xpmem-modules-signed.spec new file mode 100644 index 0000000000..2a23387ee7 --- /dev/null +++ b/SPECS-SIGNED/xpmem-modules-signed/xpmem-modules-signed.spec @@ -0,0 +1,118 @@ +%{!?KMP: %global KMP 0} + +%global debug_package %{nil} +# The default %%__os_install_post macro ends up stripping the signatures off of the kernel module. +%define __os_install_post %{__os_install_post_leave_signatures} %{nil} + +%global target_kernel_version_full %(/bin/rpm -q --queryformat '%{RPMTAG_VERSION}-%{RPMTAG_RELEASE}' $(/bin/rpm -q --whatprovides kernel-headers)) +%global target_azurelinux_build_kernel_version %(/bin/rpm -q --queryformat '%{RPMTAG_VERSION}' $(/bin/rpm -q --whatprovides kernel-headers)) +%global target_kernel_release %(/bin/rpm -q --queryformat '%{RPMTAG_RELEASE}' $(/bin/rpm -q --whatprovides kernel-headers) | /bin/cut -d . -f 1) + +%global KVERSION %{target_kernel_version_full} + +# xpmem-modules is a sub-package in SPECS/xpmem. +# We are making that into a main package for signing. + +Summary: Cross-partition memory +Name: xpmem-modules +Version: 2.7.4 +Release: 13%{?dist} +License: GPLv2 and LGPLv2.1 +Group: System Environment/Libraries +Vendor: Microsoft Corporation +Distribution: Azure Linux +BuildRequires: automake autoconf +URL: https://github.com/openucx/xpmem +ExclusiveArch: x86_64 + +# +# To populate these sources: +# 1. Build the unsigned packages as normal +# 2. Sign the desired binary +# 3. Place the unsigned package and signed binary in this spec's folder +# 4. Build this spec + +Source0: %{name}-%{version}-%{release}.%{_arch}.rpm +Source1: xpmem.ko + +Requires: mlnx-ofa_kernel +Requires: mlnx-ofa_kernel-modules +Requires: kernel = %{target_kernel_version_full} +Requires: kmod + +%description +XPMEM is a Linux kernel module that enables a process to map the +memory of another process into its virtual address space. Source code +can be obtained by cloning the Git repository, original Mercurial +repository or by downloading a tarball from the link above. + +This package includes the kernel module. + +%prep + +%build + +mkdir rpm_contents +pushd rpm_contents + +# This spec's whole purpose is to inject the signed modules +rpm2cpio %{SOURCE0} | cpio -idmv + +cp -rf %{SOURCE1} ./lib/modules/%{KVERSION}/updates/xpmem.ko + +popd + +%install +pushd rpm_contents + +# Don't use * wildcard. It does not copy over hidden files in the root folder... +cp -rp ./. %{buildroot}/ + +popd + +%files +/lib/modules/%{KVERSION}/updates/xpmem.ko +%{_datadir}/licenses + + +%changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 2.7.4-13 +- Bump release to rebuild for new kernel release + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 2.7.4-12 +- Bump release to rebuild for new kernel release + +* Mon Mar 10 2025 Chris Co - 2.7.4-11 +- Bump release to rebuild for new kernel release + +* Wed Mar 05 2025 Rachel Menge - 2.7.4-10 +- Bump release to rebuild for new kernel release + +* Tue Mar 04 2025 Rachel Menge - 2.7.4-9 +- Bump release to rebuild for new kernel release + +* Wed Feb 19 2025 Chris Co - 2.7.4-8 +- Bump release to rebuild for new kernel release + +* Tue Feb 11 2025 Rachel Menge - 2.7.4-7 +- Bump release to rebuild for new kernel release + +* Wed Feb 05 2025 Tobias Brick - 2.7.4-6 +- Bump release to rebuild for new kernel release + +* Tue Feb 04 2025 Alberto David Perez Guevara - 2.7.4-5 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 2.7.4-4 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 2.7.4-3 +- Bump release to match kernel + +* Thu Jan 30 2025 Rachel Menge - 2.7.4-2 +- Bump release to match kernel + +* Sat Jan 18 2025 Binu Jose Philip - 2.7.4-1 +- Creating signed spec +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified diff --git a/SPECS/application-gateway-kubernetes-ingress/CVE-2025-30204.patch b/SPECS/application-gateway-kubernetes-ingress/CVE-2025-30204.patch new file mode 100644 index 0000000000..6eb7de916b --- /dev/null +++ b/SPECS/application-gateway-kubernetes-ingress/CVE-2025-30204.patch @@ -0,0 +1,134 @@ +From 84c7f3d0b9dccb4a20d0ad4de10896d40344ba26 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Fri, 28 Mar 2025 20:43:26 +0000 +Subject: [PATCH] CVE-2025-30204 +Upstream Patch Reference : +v4 : https://github.com/golang-jwt/jwt/commit/2f0e9add62078527821828c76865661aa7718a84 +v5 : https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3 +--- + github.com/golang-jwt/jwt/v4/parser.go | 36 +++++++++++++++++++++++--- + github.com/golang-jwt/jwt/v5/parser.go | 36 +++++++++++++++++++++++--- + 2 files changed, 66 insertions(+), 6 deletions(-) + +diff --git a/vendor/github.com/golang-jwt/jwt/v4/parser.go b/vendor/github.com/golang-jwt/jwt/v4/parser.go +index c0a6f69..8e7e67c 100644 +--- a/vendor/github.com/golang-jwt/jwt/v4/parser.go ++++ b/vendor/github.com/golang-jwt/jwt/v4/parser.go +@@ -7,6 +7,8 @@ import ( + "strings" + ) + ++const tokenDelimiter = "." ++ + type Parser struct { + // If populated, only these methods will be considered valid. + // +@@ -123,9 +125,10 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf + // It's only ever useful in cases where you know the signature is valid (because it has + // been checked previously in the stack) and you want to extract values from it. + func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { +- parts = strings.Split(tokenString, ".") +- if len(parts) != 3 { +- return nil, parts, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) ++ var ok bool ++ parts, ok = splitToken(tokenString) ++ if !ok { ++ return nil, nil, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) + } + + token = &Token{Raw: tokenString} +@@ -175,3 +178,30 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke + + return token, parts, nil + } ++ ++// splitToken splits a token string into three parts: header, claims, and signature. It will only ++// return true if the token contains exactly two delimiters and three parts. In all other cases, it ++// will return nil parts and false. ++func splitToken(token string) ([]string, bool) { ++ parts := make([]string, 3) ++ header, remain, ok := strings.Cut(token, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[0] = header ++ claims, remain, ok := strings.Cut(remain, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[1] = claims ++ // One more cut to ensure the signature is the last part of the token and there are no more ++ // delimiters. This avoids an issue where malicious input could contain additional delimiters ++ // causing unecessary overhead parsing tokens. ++ signature, _, unexpected := strings.Cut(remain, tokenDelimiter) ++ if unexpected { ++ return nil, false ++ } ++ parts[2] = signature ++ ++ return parts, true ++} +diff --git a/vendor/github.com/golang-jwt/jwt/v5/parser.go b/vendor/github.com/golang-jwt/jwt/v5/parser.go +index ecf99af..054c7eb 100644 +--- a/vendor/github.com/golang-jwt/jwt/v5/parser.go ++++ b/vendor/github.com/golang-jwt/jwt/v5/parser.go +@@ -8,6 +8,8 @@ import ( + "strings" + ) + ++const tokenDelimiter = "." ++ + type Parser struct { + // If populated, only these methods will be considered valid. + validMethods []string +@@ -136,9 +138,10 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf + // It's only ever useful in cases where you know the signature is valid (since it has already + // been or will be checked elsewhere in the stack) and you want to extract values from it. + func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { +- parts = strings.Split(tokenString, ".") +- if len(parts) != 3 { +- return nil, parts, newError("token contains an invalid number of segments", ErrTokenMalformed) ++ var ok bool ++ parts, ok = splitToken(tokenString) ++ if !ok { ++ return nil, nil, newError("token contains an invalid number of segments", ErrTokenMalformed) + } + + token = &Token{Raw: tokenString} +@@ -196,6 +199,33 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke + return token, parts, nil + } + ++// splitToken splits a token string into three parts: header, claims, and signature. It will only ++// return true if the token contains exactly two delimiters and three parts. In all other cases, it ++// will return nil parts and false. ++func splitToken(token string) ([]string, bool) { ++ parts := make([]string, 3) ++ header, remain, ok := strings.Cut(token, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[0] = header ++ claims, remain, ok := strings.Cut(remain, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[1] = claims ++ // One more cut to ensure the signature is the last part of the token and there are no more ++ // delimiters. This avoids an issue where malicious input could contain additional delimiters ++ // causing unecessary overhead parsing tokens. ++ signature, _, unexpected := strings.Cut(remain, tokenDelimiter) ++ if unexpected { ++ return nil, false ++ } ++ parts[2] = signature ++ ++ return parts, true ++} ++ + // DecodeSegment decodes a JWT specific base64url encoding. This function will + // take into account whether the [Parser] is configured with additional options, + // such as [WithStrictDecoding] or [WithPaddingAllowed]. +-- +2.45.2 + diff --git a/SPECS/application-gateway-kubernetes-ingress/application-gateway-kubernetes-ingress.spec b/SPECS/application-gateway-kubernetes-ingress/application-gateway-kubernetes-ingress.spec index 43ed3277d7..3cbc5c0b11 100644 --- a/SPECS/application-gateway-kubernetes-ingress/application-gateway-kubernetes-ingress.spec +++ b/SPECS/application-gateway-kubernetes-ingress/application-gateway-kubernetes-ingress.spec @@ -2,7 +2,7 @@ Summary: Application Gateway Ingress Controller Name: application-gateway-kubernetes-ingress Version: 1.7.7 -Release: 2%{?dist} +Release: 3%{?dist} License: MIT Vendor: Microsoft Corporation Distribution: Azure Linux @@ -13,6 +13,7 @@ Source0: https://github.com/Azure/application-gateway-kubernetes-ingress/ # NOTE: govendor-v1 format is for inplace CVE updates so that we do not have to overwrite in the blob-store. # After fixing any possible CVE for the vendored source, we must bump v1 -> v2 Source1: %{name}-%{version}-govendor-v1.tar.gz +Patch0: CVE-2025-30204.patch BuildRequires: golang >= 1.23 @@ -25,6 +26,7 @@ to act as the ingress for an AKS cluster. rm -rf vendor tar -xf %{SOURCE1} --no-same-owner +%autopatch -p1 %build export VERSION=%{version} @@ -43,9 +45,16 @@ cp appgw-ingress %{buildroot}%{_bindir}/ %{_bindir}/appgw-ingress %changelog +* Fri Apr 28 2025 Ranjan Dutta - 1.7.7-3 +- merge from Azure Linux 3.0.20250423. +- Patch CVE-2025-30204 + * Fri Mar 21 2025 Anuj Mittal - 1.7.7-2 - Bump release to rebuild +* Sat Mar 29 2025 Kanishk Bansal - 1.7.7-2 +- Patch CVE-2025-30204 + * Tue Feb 04 2025 Gary Swalling - 1.7.7-1 - Upgrade to v1.7.7 with golang.org/x/net v0.33.0 for CVE-2023-39325, CVE-2023-44487, - CVE-2023-45288, CVE-2024-51744, CVE-2024-35255, CVE-2023-3978 diff --git a/SPECS/azcopy/CVE-2025-30204.patch b/SPECS/azcopy/CVE-2025-30204.patch new file mode 100644 index 0000000000..6eb7de916b --- /dev/null +++ b/SPECS/azcopy/CVE-2025-30204.patch @@ -0,0 +1,134 @@ +From 84c7f3d0b9dccb4a20d0ad4de10896d40344ba26 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Fri, 28 Mar 2025 20:43:26 +0000 +Subject: [PATCH] CVE-2025-30204 +Upstream Patch Reference : +v4 : https://github.com/golang-jwt/jwt/commit/2f0e9add62078527821828c76865661aa7718a84 +v5 : https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3 +--- + github.com/golang-jwt/jwt/v4/parser.go | 36 +++++++++++++++++++++++--- + github.com/golang-jwt/jwt/v5/parser.go | 36 +++++++++++++++++++++++--- + 2 files changed, 66 insertions(+), 6 deletions(-) + +diff --git a/vendor/github.com/golang-jwt/jwt/v4/parser.go b/vendor/github.com/golang-jwt/jwt/v4/parser.go +index c0a6f69..8e7e67c 100644 +--- a/vendor/github.com/golang-jwt/jwt/v4/parser.go ++++ b/vendor/github.com/golang-jwt/jwt/v4/parser.go +@@ -7,6 +7,8 @@ import ( + "strings" + ) + ++const tokenDelimiter = "." ++ + type Parser struct { + // If populated, only these methods will be considered valid. + // +@@ -123,9 +125,10 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf + // It's only ever useful in cases where you know the signature is valid (because it has + // been checked previously in the stack) and you want to extract values from it. + func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { +- parts = strings.Split(tokenString, ".") +- if len(parts) != 3 { +- return nil, parts, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) ++ var ok bool ++ parts, ok = splitToken(tokenString) ++ if !ok { ++ return nil, nil, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) + } + + token = &Token{Raw: tokenString} +@@ -175,3 +178,30 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke + + return token, parts, nil + } ++ ++// splitToken splits a token string into three parts: header, claims, and signature. It will only ++// return true if the token contains exactly two delimiters and three parts. In all other cases, it ++// will return nil parts and false. ++func splitToken(token string) ([]string, bool) { ++ parts := make([]string, 3) ++ header, remain, ok := strings.Cut(token, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[0] = header ++ claims, remain, ok := strings.Cut(remain, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[1] = claims ++ // One more cut to ensure the signature is the last part of the token and there are no more ++ // delimiters. This avoids an issue where malicious input could contain additional delimiters ++ // causing unecessary overhead parsing tokens. ++ signature, _, unexpected := strings.Cut(remain, tokenDelimiter) ++ if unexpected { ++ return nil, false ++ } ++ parts[2] = signature ++ ++ return parts, true ++} +diff --git a/vendor/github.com/golang-jwt/jwt/v5/parser.go b/vendor/github.com/golang-jwt/jwt/v5/parser.go +index ecf99af..054c7eb 100644 +--- a/vendor/github.com/golang-jwt/jwt/v5/parser.go ++++ b/vendor/github.com/golang-jwt/jwt/v5/parser.go +@@ -8,6 +8,8 @@ import ( + "strings" + ) + ++const tokenDelimiter = "." ++ + type Parser struct { + // If populated, only these methods will be considered valid. + validMethods []string +@@ -136,9 +138,10 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf + // It's only ever useful in cases where you know the signature is valid (since it has already + // been or will be checked elsewhere in the stack) and you want to extract values from it. + func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { +- parts = strings.Split(tokenString, ".") +- if len(parts) != 3 { +- return nil, parts, newError("token contains an invalid number of segments", ErrTokenMalformed) ++ var ok bool ++ parts, ok = splitToken(tokenString) ++ if !ok { ++ return nil, nil, newError("token contains an invalid number of segments", ErrTokenMalformed) + } + + token = &Token{Raw: tokenString} +@@ -196,6 +199,33 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke + return token, parts, nil + } + ++// splitToken splits a token string into three parts: header, claims, and signature. It will only ++// return true if the token contains exactly two delimiters and three parts. In all other cases, it ++// will return nil parts and false. ++func splitToken(token string) ([]string, bool) { ++ parts := make([]string, 3) ++ header, remain, ok := strings.Cut(token, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[0] = header ++ claims, remain, ok := strings.Cut(remain, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[1] = claims ++ // One more cut to ensure the signature is the last part of the token and there are no more ++ // delimiters. This avoids an issue where malicious input could contain additional delimiters ++ // causing unecessary overhead parsing tokens. ++ signature, _, unexpected := strings.Cut(remain, tokenDelimiter) ++ if unexpected { ++ return nil, false ++ } ++ parts[2] = signature ++ ++ return parts, true ++} ++ + // DecodeSegment decodes a JWT specific base64url encoding. This function will + // take into account whether the [Parser] is configured with additional options, + // such as [WithStrictDecoding] or [WithPaddingAllowed]. +-- +2.45.2 + diff --git a/SPECS/azcopy/azcopy.spec b/SPECS/azcopy/azcopy.spec index ffb42d9a1f..addf655632 100644 --- a/SPECS/azcopy/azcopy.spec +++ b/SPECS/azcopy/azcopy.spec @@ -1,7 +1,7 @@ Summary: The new Azure Storage data transfer utility - AzCopy v10 Name: azcopy Version: 10.25.1 -Release: 3%{?dist} +Release: 4%{?dist} License: MIT Vendor: Microsoft Corporation Distribution: Azure Linux @@ -28,6 +28,7 @@ Source0: https://github.com/Azure/azure-storage-azcopy/archive/refs/tags/ # - For the value of "--mtime" use the date "2021-04-26 00:00Z" to simplify future updates. Source1: azure-storage-%{name}-%{version}-vendor.tar.gz Patch0: CVE-2025-22868.patch +Patch1: CVE-2025-30204.patch BuildRequires: golang >= 1.17.9 BuildRequires: git @@ -64,8 +65,15 @@ go test -mod=vendor %{_bindir}/azcopy %changelog +* Fri Apr 28 2025 Ranjan Dutta - 10.25.1-4 +- merge from Azure Linux 3.0.20250423. +- Patch CVE-2025-30204 + * Fri Mar 21 2025 Anuj Mittal - 10.25.1-3 -- Bump Release to rebuild +- Bump release to rebuild + +* Fri Mar 28 2025 Kanishk Bansal - 10.25.1-3 +- Patch CVE-2025-30204 * Tue Mar 04 2025 Kanishk Bansal - 10.25.1-2 - Fix CVE-2025-22868 with an upstream patch diff --git a/SPECS/bash-completion/bash-completion.spec b/SPECS/bash-completion/bash-completion.spec index e75390ec92..c6b663638c 100644 --- a/SPECS/bash-completion/bash-completion.spec +++ b/SPECS/bash-completion/bash-completion.spec @@ -1,6 +1,6 @@ Name: bash-completion Version: 2.11 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Programmable completion for bash Group: Applications/Shells Vendor: Microsoft Corporation @@ -51,6 +51,9 @@ rm -f %{buildroot}%{_datadir}/bash-completion/completions/nmcli rm -f %{buildroot}%{_datadir}/bash-completion/completions/\ {cal,chsh,dmesg,eject,hexdump,ionice,hwclock,ionice,look,mount,renice,rtcwake,su,umount} +# does not work anymore with new versions of influx and provided by influx-cli-bash-completion +rm -f %{buildroot}%{_datadir}/bash-completion/completions/influx + %files %defattr(-,root,root) %license COPYING @@ -60,7 +63,7 @@ rm -f %{buildroot}%{_datadir}/bash-completion/completions/\ %dir %{_datadir}/bash-completion/helpers %{_datadir}/bash-completion/helpers/perl %{_datadir}/bash-completion/helpers/python -%doc AUTHORS COPYING +%doc AUTHORS %files devel %defattr(-,root,root) @@ -69,13 +72,17 @@ rm -f %{buildroot}%{_datadir}/bash-completion/completions/\ %{_datadir}/pkgconfig/bash-completion.pc %changelog +* Wed Mar 12 2025 Mykhailo Bykhovtsev - 2.11-2 +- Remove influx bash completion file as it no longer works and is provided by influx-cli-bash-completion package. +- Removed duplicated license file + * Mon Jan 10 2022 Nicolas Guibourge - 2.11-1 - Upgrade to 2.11. * Thu Dec 16 2021 Pawel Winogrodzki - 2.7-5 - Removing the explicit %%clean stage. -* Wed Oct 27 2021 Muhammad Falak - 2.7-4 +* Wed Oct 27 2021 Muhammad Falak - 2.7-4 - Remove epoch * Mon Mar 08 2021 Thomas Crain - 2.7-3 diff --git a/SPECS/binutils/CVE-2025-1744.patch b/SPECS/binutils/CVE-2025-1744.patch new file mode 100644 index 0000000000..7fe828b5e6 --- /dev/null +++ b/SPECS/binutils/CVE-2025-1744.patch @@ -0,0 +1,28 @@ +From 4f089501e761cecf2d702f3fe9a42fd2c2c3fe32 Mon Sep 17 00:00:00 2001 +From: kavyasree +Date: Tue, 11 Mar 2025 14:15:39 +0530 +Subject: [PATCH] Patch for CVE-2025-1744 +Reference: https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d +--- + zlib/inflate.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/zlib/inflate.c b/zlib/inflate.c +index 7be8c636..754f5540 100644 +--- a/zlib/inflate.c ++++ b/zlib/inflate.c +@@ -764,8 +764,9 @@ int flush; + if (copy > have) copy = have; + if (copy) { + if (state->head != Z_NULL && +- state->head->extra != Z_NULL) { +- len = state->head->extra_len - state->length; ++ state->head->extra != Z_NULL && ++ (len = state->head->extra_len - state->length) < ++ state->head->extra_max) { + zmemcpy(state->head->extra + len, next, + len + copy > state->head->extra_max ? + state->head->extra_max - len : copy); +-- +2.34.1 + diff --git a/SPECS/binutils/binutils.spec b/SPECS/binutils/binutils.spec index 3e823cdb04..1cad5bfe52 100644 --- a/SPECS/binutils/binutils.spec +++ b/SPECS/binutils/binutils.spec @@ -21,7 +21,7 @@ Summary: Contains a linker, an assembler, and other tools Name: binutils Version: 2.41 -Release: 4%{?dist} +Release: 5%{?dist} License: GPLv2+ Vendor: Microsoft Corporation Distribution: Azure Linux @@ -37,6 +37,7 @@ Patch3: CVE-2025-1178.patch Patch4: CVE-2025-1181.patch Patch5: CVE-2025-1182.patch Patch6: CVE-2025-0840.patch +Patch7: CVE-2025-1744.patch Provides: bundled(libiberty) # Moving macro before the "SourceX" tags breaks PR checks parsing the specs. @@ -326,6 +327,9 @@ find %{buildroot} -type f -name "*.la" -delete -print %do_files aarch64-linux-gnu %{build_aarch64} %changelog +* Tue Mar 11 2025 Kavya Sree Kaitepalli - 2.41-5 +- Fix CVE-2025-1744 + * Sun Feb 23 2025 Sudipta Pandit - 2.41-4 - Fix CVE-2025-0840 by backporting upstream patch diff --git a/SPECS/calamares/arrow.svg b/SPECS/calamares/arrow.svg new file mode 100644 index 0000000000..d54a4fed6f --- /dev/null +++ b/SPECS/calamares/arrow.svg @@ -0,0 +1,3 @@ + + + \ No newline at end of file diff --git a/SPECS/calamares/branding.desc b/SPECS/calamares/branding.desc index b8a0f0ae51..d395d937fc 100644 --- a/SPECS/calamares/branding.desc +++ b/SPECS/calamares/branding.desc @@ -15,8 +15,7 @@ strings: welcomeExpandingLogo: false images: -# productLogo: "emt-logo.png" -# productIcon: "emt-logo.png" + productLogo: "product.svg" productWelcome: "emt-welcome.png" # The slideshow is displayed during execution steps (e.g. when the @@ -24,8 +23,7 @@ images: slideshow: "show.qml" style: - sidebarBackground: "#292F34" - sidebarText: "#FFFFFF" - sidebarTextSelect: "#292F34" - sidebarTextHighlight: "#00A4EF" - + SidebarBackground: "#F7F7F8" + SidebarText: "#2B2C30" + SidebarBackgroundCurrent: "#5400C0" + SidebarTextCurrent: "#FFFFFF" \ No newline at end of file diff --git a/SPECS/calamares/calamares.signatures.json b/SPECS/calamares/calamares.signatures.json index 0896e09e68..807496e550 100644 --- a/SPECS/calamares/calamares.signatures.json +++ b/SPECS/calamares/calamares.signatures.json @@ -1,7 +1,7 @@ { "Signatures": { - "emt-welcome.png": "b1b74705e6d677b5099126e061b264942d8457a3335af608ea2588486ab9df2b", - "branding.desc": "f25e4f3d0061283b4a9c023db44458cd48f26330023429e4f36e867d50149baa", + "emt-welcome.png": "2784750b96c9bdaf5e5ac5b8c10b42c5ae3d79c3b1f1fbb2e014ee9875f18913", + "branding.desc": "aaa4338b2122d1de4478f5b6a8344735bb32776f01921e484eb0fee5ca28951a", "calamares-3.3.1.tar.gz": "c5a6dd7d2fb7dc5d8a863f37f6f64782b88f79e341f7bf8504eb98dc31f714ef", "calamares-auto_de.ts": "4a24d817979a83c3f08c163b05f5a4f34a992c1f798a12f3a6b50cde75a852d8", "calamares-auto_fr.ts": "a65dd534637607533cd725aee3151f10f56b7f606b41fbd3ceeae13d61d8a98f", @@ -12,6 +12,9 @@ "calamares-welcome-3.0.2.tar.gz": "031ec9dfbf7f6c11c89fe06ac8d9c33c9a0ea0e62b6832bf17e1499d24826440", "settings.conf": "7bb9ae6634ce40013400163435fc62166a8d0fe0849c9dd0b729662971a06f51", "show.qml": "f1a75a7ee5f06dece6bbed103ef7e3a9886fb574f8a060e5a690bc28435d39fc", - "stylesheet.qss": "9707878d63c9591fd83096d1650ada773bf5e85797fd3fbfc19555ef39ffa30a" + "stylesheet.qss": "da47025a9b33a740ca907806d32ccc575e8eabbe418ce89dfe646146338be9c9", + "arrow.svg": "dae6c503f0cc74340019c9db4a99844a895b1fa6161f01c331aaace2f5f70c55", + "product.svg": "57641471917d622979ad40d96c42ca9181f527691fd9b79b2b61ef1c61bee5c7", + "wait.png": "f260894113702d5f0737de5efc97e6f046231a64599ff0e01ad15bbc01ee00cd" } } diff --git a/SPECS/calamares/calamares.spec b/SPECS/calamares/calamares.spec index d902eea74e..c006f40e33 100644 --- a/SPECS/calamares/calamares.spec +++ b/SPECS/calamares/calamares.spec @@ -7,7 +7,7 @@ Summary: Installer from a live CD/DVD/USB to disk # https://github.com/calamares/calamares/issues/1051 Name: calamares Version: 3.3.1 -Release: 10%{?dist} +Release: 11%{?dist} License: GPLv3+ Vendor: Intel Corporation Distribution: Edge Microvisor Toolkit @@ -41,6 +41,9 @@ Source42: calamares-auto_de.ts Source43: calamares-auto_it.ts Source52: emt-welcome.png #Source53: emt-eula +Source54: arrow.svg +Source55: product.svg +Source56: wait.png # adjust some default settings (default shipped .conf files) Patch0: Azure-Linux-Calamares-Conf-Patch-3.3.1.patch #Patch3: round-to-full-disk-size.patch @@ -54,6 +57,7 @@ Patch4: serialize-read-access.patch Patch6: modules-set-OS-to-EdgeMicrovisorToolkit.patch Patch7: reword-welcome-screen.patch Patch8: change-completion-from-second-to-minute.patch +Patch9: ui_redesign.patch # Compilation tools BuildRequires: cmake BuildRequires: extra-cmake-modules @@ -142,6 +146,7 @@ done # Apply custom license config #mv %{SOURCE20} src/modules/license/license.conf +mv %{SOURCE56} data/images/wait.png %patch -P 0 -p1 #%patch3 -p1 @@ -150,6 +155,7 @@ done %patch -P 6 -p1 %patch -P 7 -p1 %patch -P 8 -p1 +%patch -P 9 -p1 %build %cmake_kf \ @@ -174,6 +180,8 @@ install -p -m 644 %{SOURCE22} %{buildroot}%{_datadir}/calamares/branding/EdgeMic install -p -m 644 %{SOURCE23} %{buildroot}%{_datadir}/calamares/branding/EdgeMicrovisorToolkit/branding.desc install -p -m 644 %{SOURCE25} %{buildroot}%{_datadir}/calamares/branding/EdgeMicrovisorToolkit/stylesheet.qss install -p -m 644 %{SOURCE52} %{buildroot}%{_datadir}/calamares/branding/EdgeMicrovisorToolkit/emt-welcome.png +install -p -m 644 %{SOURCE54} %{buildroot}%{_datadir}/calamares/branding/EdgeMicrovisorToolkit/arrow.svg +install -p -m 644 %{SOURCE55} %{buildroot}%{_datadir}/calamares/branding/EdgeMicrovisorToolkit/product.svg mkdir -p %{buildroot}%{_sysconfdir}/calamares @@ -194,6 +202,8 @@ install -p -m 644 %{SOURCE21} %{buildroot}%{_sysconfdir}/calamares/settings.conf %{_bindir}/calamares %{_datadir}/applications/calamares.desktop %{_datadir}/calamares/branding/EdgeMicrovisorToolkit/emt-welcome.png +%{_datadir}/calamares/branding/EdgeMicrovisorToolkit/arrow.svg +%{_datadir}/calamares/branding/EdgeMicrovisorToolkit/product.svg %{_datadir}/calamares/branding/EdgeMicrovisorToolkit/branding.desc %{_datadir}/calamares/branding/EdgeMicrovisorToolkit/lang/ %{_datadir}/calamares/branding/EdgeMicrovisorToolkit/show.qml @@ -223,19 +233,22 @@ install -p -m 644 %{SOURCE21} %{buildroot}%{_sysconfdir}/calamares/settings.conf %{_libdir}/libcalamaresui.so %changelog +* Wed April 25 2025 Samuel Taripin - 3.3.1-11 +- UI redesign. + * Wed Mar 26 2025 Samuel Taripin - 3.3.1-10 - change completion time format from seconds to minutes. -* Thu Mar 13 2024 Lee Chee Yang - 3.3.1-9 +* Thu Mar 13 2025 Lee Chee Yang - 3.3.1-9 - remove logo, update welcome picture and text. -* Wed Mar 12 2024 Lee Chee Yang - 3.3.1-8 +* Wed Mar 12 2025 Lee Chee Yang - 3.3.1-8 - update welcome image -* Tue Mar 4 2024 Lee Chee Yang - 3.3.1-7 +* Tue Mar 4 2025 Lee Chee Yang - 3.3.1-7 - remove EULA and custom license for ISO installer. -* Thu Feb 13 2024 Lee Chee Yang - 3.3.1-6 +* Thu Feb 13 2025 Lee Chee Yang - 3.3.1-6 - Update installer to match Edge Microvisor Toolkit. * Wed Mar 20 2024 Sam Meluch - 3.3.1-5 diff --git a/SPECS/calamares/emt-welcome.png b/SPECS/calamares/emt-welcome.png index 35128483db..a85414c8b9 100644 Binary files a/SPECS/calamares/emt-welcome.png and b/SPECS/calamares/emt-welcome.png differ diff --git a/SPECS/calamares/product.svg b/SPECS/calamares/product.svg new file mode 100644 index 0000000000..c57f861039 --- /dev/null +++ b/SPECS/calamares/product.svg @@ -0,0 +1,5 @@ + + + + + \ No newline at end of file diff --git a/SPECS/calamares/stylesheet.qss b/SPECS/calamares/stylesheet.qss index caa926e3f7..19ce5ed001 100644 --- a/SPECS/calamares/stylesheet.qss +++ b/SPECS/calamares/stylesheet.qss @@ -1,6 +1,131 @@ +QWidget { + font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Helvetica, Arial, sans-serif; + font-size: 14px; + background-color: #FFFFFF; + text-align: left; + +} + +QString { + font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Helvetica, Arial, sans-serif; + font-size: 14px; + background-color: #2B2C30; + text-align: left; +} + +QLineEdit { + border: 0.5px solid #2B2C30; + border-radius: 0px; + padding: 2px 24px 2px 6px; + background-color: white; + font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Helvetica, Arial, sans-serif; + font-size: 14px; +} + +QComboBox { + border: 0.5px solid #2B2C30; + border-radius: 0px; + padding: 2px 24px 2px 6px; + background-color: white; + font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Helvetica, Arial, sans-serif; + font-size: 14px; +} + +QComboBox:editable { + background: white; +} + +QComboBox:!editable, QComboBox::drop-down:editable { + background: white; +} + +QComboBox:!editable:on, QComboBox::drop-down:editable:on { + background: #FFFFFF; +} + +QComboBox:on { + padding-top: 3px; + padding-left: 6px; +} + +QComboBox::drop-down { + subcontrol-origin: padding; + subcontrol-position: top right; + width: 24px; + border: none; + background: white; +} + +QComboBox::down-arrow { + image: url(/etc/calamares/branding/EdgeMicrovisorToolkit/arrow.svg); + width: 24px; + height: 24px; + margin-right: 6px; +} + +QComboBox::down-arrow:on { + top: 0px; + left: 0px; +} + +QComboBox QAbstractItemView { + selection-color: #2B2C30; + background: #FFFFFF; + outline: 0; +} + +QProgressBar { + border: none; + text-align: center; + background-color: #E7E7EB; + qproperty-textVisible: false; +} + +QProgressBar::chunk { + background-color: #09857C; +} + +QListView { + font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Helvetica, Arial, sans-serif; + font-size: 14px; + background-color: #F1F1F3; + text-align: left; +} + QMessageBox, QDialog { - background-color: ghostwhite; + background-color: #FFFFFF; /* white background */ + border-width: 3px; + border-style: outset; + border-color: #5e5f61; /* Light gray border */ + border-radius: 0px; /* Rounded corners */ + padding: 10px; /* Add some padding for spacing */ +} + +QPushButton { + background-color: #FFFFFF; /* White background for buttons */ border-width: 1px; border-style: solid; - border-color: black; + border-color: #008080; /* Teal border color */ + border-radius: 0px; /* Slightly rounded corners */ + padding: 5px 10px; /* Padding for buttons */ + color: #008080; /* Teal text color */ + font-weight: bold; +} + +QPushButton:hover { + background-color: #008080; /* Teal background on hover */ + color: #FFFFFF; /* White text on hover */ +} + +QPushButton:disabled { + background-color: #E7E7EB; + border-color: #E7E7EB; + color: #B2B3B9; +} + +QLabel { + font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Helvetica, Arial, sans-serif; + font-size: 14px; + background-color: #FFFFFF; + text-align: left; } \ No newline at end of file diff --git a/SPECS/calamares/ui_redesign.patch b/SPECS/calamares/ui_redesign.patch new file mode 100644 index 0000000000..de0c020747 --- /dev/null +++ b/SPECS/calamares/ui_redesign.patch @@ -0,0 +1,4026 @@ +From dd0246b3916d996e37f7140364c76a3ee68dc995 Mon Sep 17 00:00:00 2001 +From: Samuel Taripin +Date: Thu, 24 Apr 2025 10:16:52 +0800 +Subject: [PATCH] new ui design + +--- + data/images/help.svg | 160 +------ + data/images/partition-alongside.svg | 430 +----------------- + data/images/partition-disk.svg | 297 +----------- + data/images/partition-erase-auto.svg | 371 +-------------- + data/images/partition-manual.svg | 354 +------------- + data/images/partition-partition.svg | 348 +------------- + data/images/partition-replace-os.svg | 426 ++--------------- + data/images/release.svg | 102 +---- + data/images/state-error.svg | 23 +- + data/images/state-ok.svg | 22 +- + data/images/state-warning.svg | 23 +- + src/calamares/CalamaresWindow.cpp | 30 +- + .../progresstree/ProgressTreeDelegate.cpp | 44 +- + src/libcalamaresui/ViewManager.cpp | 18 +- + src/libcalamaresui/libcalamaresui.qrc | 1 + + .../viewpages/ExecutionViewStep.cpp | 21 +- + src/libcalamaresui/viewpages/Slideshow.cpp | 12 +- + src/libcalamaresui/widgets/ErrorDialog.cpp | 36 ++ + src/modules/finished/FinishedPage.cpp | 48 +- + src/modules/finished/FinishedPage.ui | 31 +- + src/modules/partition/core/ColorUtils.cpp | 31 +- + src/modules/partition/gui/ChoicePage.cpp | 26 +- + src/modules/partition/gui/ChoicePage.ui | 36 +- + .../partition/gui/DeviceInfoWidget.cpp | 27 +- + src/modules/partition/gui/EncryptWidget.cpp | 16 +- + src/modules/partition/gui/EncryptWidget.ui | 24 +- + .../partition/gui/PartitionBarsView.cpp | 11 +- + .../partition/gui/PartitionLabelsView.cpp | 10 +- + src/modules/partition/gui/PartitionPage.cpp | 13 + + src/modules/partition/gui/PartitionPage.ui | 68 ++- + .../partition/gui/PartitionSplitterWidget.cpp | 8 +- + src/modules/users/UsersPage.cpp | 15 +- + src/modules/users/page_usersetup.ui | 42 +- + src/modules/welcome/Config.cpp | 2 +- + src/modules/welcome/WelcomePage.cpp | 65 ++- + src/modules/welcome/WelcomePage.h | 2 +- + src/modules/welcome/WelcomePage.ui | 35 -- + .../welcome/checker/ResultsListWidget.cpp | 40 +- + .../welcome/checker/ResultsListWidget.h | 2 + + 39 files changed, 636 insertions(+), 2634 deletions(-) + +diff --git a/data/images/help.svg b/data/images/help.svg +index 122dccd..803004c 100644 +--- a/data/images/help.svg ++++ b/data/images/help.svg +@@ -1,157 +1,5 @@ +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- image/svg+xml +- +- +- +- +- +- +- +- +- +- ++ ++ ++ ++ + +diff --git a/data/images/partition-alongside.svg b/data/images/partition-alongside.svg +index fbfae4f..8722053 100644 +--- a/data/images/partition-alongside.svg ++++ b/data/images/partition-alongside.svg +@@ -1,407 +1,25 @@ +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- image/svg+xml +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ + +diff --git a/data/images/partition-disk.svg b/data/images/partition-disk.svg +index 9d193cb..abcac37 100644 +--- a/data/images/partition-disk.svg ++++ b/data/images/partition-disk.svg +@@ -1,289 +1,10 @@ +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- image/svg+xml +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- ++ ++ ++ ++ ++ ++ ++ ++ ++ + +diff --git a/data/images/partition-erase-auto.svg b/data/images/partition-erase-auto.svg +index c331a9a..c097f68 100644 +--- a/data/images/partition-erase-auto.svg ++++ b/data/images/partition-erase-auto.svg +@@ -1,360 +1,13 @@ +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- image/svg+xml +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ + +diff --git a/data/images/partition-manual.svg b/data/images/partition-manual.svg +index dd9ec33..95c6538 100644 +--- a/data/images/partition-manual.svg ++++ b/data/images/partition-manual.svg +@@ -1,333 +1,23 @@ +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- image/svg+xml +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ + +diff --git a/data/images/partition-partition.svg b/data/images/partition-partition.svg +index 37ff967..4dfc3f9 100644 +--- a/data/images/partition-partition.svg ++++ b/data/images/partition-partition.svg +@@ -1,324 +1,26 @@ +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- image/svg+xml +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ + +diff --git a/data/images/partition-replace-os.svg b/data/images/partition-replace-os.svg +index c507a67..940c5ea 100644 +--- a/data/images/partition-replace-os.svg ++++ b/data/images/partition-replace-os.svg +@@ -1,401 +1,27 @@ +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- image/svg+xml +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ + +diff --git a/data/images/release.svg b/data/images/release.svg +index 54f2602..fbe71fb 100644 +--- a/data/images/release.svg ++++ b/data/images/release.svg +@@ -1,99 +1,3 @@ +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- +- image/svg+xml +- +- +- +- +- +- +- +- +- ++ ++ ++ +\ No newline at end of file +diff --git a/data/images/state-error.svg b/data/images/state-error.svg +index c198b42..5ebabbc 100644 +--- a/data/images/state-error.svg ++++ b/data/images/state-error.svg +@@ -1,18 +1,5 @@ +- +- +- +- +- +- +- ++ ++ ++ ++ ++ +\ No newline at end of file +diff --git a/data/images/state-ok.svg b/data/images/state-ok.svg +index b1d2ad1..dcb47ee 100644 +--- a/data/images/state-ok.svg ++++ b/data/images/state-ok.svg +@@ -1,18 +1,4 @@ +- +- +- +- +- +- +- ++ ++ ++ ++ +\ No newline at end of file +diff --git a/data/images/state-warning.svg b/data/images/state-warning.svg +index f4f4cf4..add7c32 100644 +--- a/data/images/state-warning.svg ++++ b/data/images/state-warning.svg +@@ -1,18 +1,5 @@ +- +- +- +- +- +- +- ++ ++ ++ ++ ++ +\ No newline at end of file +diff --git a/src/calamares/CalamaresWindow.cpp b/src/calamares/CalamaresWindow.cpp +index 671deb1..e46c430 100644 +--- a/src/calamares/CalamaresWindow.cpp ++++ b/src/calamares/CalamaresWindow.cpp +@@ -40,6 +40,7 @@ + #include + #endif + #include ++#include + + static QSize + desktopSize( QWidget* w ) +@@ -132,8 +133,33 @@ getWidgetSidebar( Calamares::DebugWindowManager* debug, + logoLabel->setPalette( plt ); + } + logoLabel->setAlignment( Qt::AlignCenter ); +- logoLabel->setFixedSize( 80, 80 ); +- logoLabel->setPixmap( branding->image( Calamares::Branding::ProductLogo, logoLabel->size() ) ); ++ ++ // Get current size ++ QSize currentSize = logoLabel->size(); ++ // Calculate new size ++ int percentage = 70; ++ int newWidth = currentSize.width() + (currentSize.width() * percentage / 100); ++ int newHeight = currentSize.height() + (currentSize.height() * percentage / 100); ++ // Resize the label ++ logoLabel->resize(newWidth, newHeight); ++ logoLabel->setContentsMargins( 13, 8, 8, 8 ); ++ ++ // logoLabel->setPixmap( branding->image( Calamares::Branding::ProductLogo, logoLabel->size() ) ); ++ ++ // make grey back ground ++ QSize logoSize = logoLabel->size(); ++ QPixmap original = branding->image(Calamares::Branding::ProductLogo, logoSize); ++ // Create a new pixmap with desired background ++ QPixmap withBackground(logoSize); ++ withBackground.fill(QColor("#F1F1F3")); ++ // Use QPainter to draw original image on top ++ QPainter p(&withBackground); ++ p.drawPixmap(0, 0, original); ++ p.end(); ++ // Set it to the label ++ logoLabel->setPixmap(withBackground); ++ logoLabel->setStyleSheet("background-color: #F1F1F3;"); ++ + logoLayout->addWidget( logoLabel ); + logoLayout->addStretch(); + +diff --git a/src/calamares/progresstree/ProgressTreeDelegate.cpp b/src/calamares/progresstree/ProgressTreeDelegate.cpp +index df513f2..9d8f667 100644 +--- a/src/calamares/progresstree/ProgressTreeDelegate.cpp ++++ b/src/calamares/progresstree/ProgressTreeDelegate.cpp +@@ -28,7 +28,7 @@ item_fontsize() + static void + paintViewStep( QPainter* painter, const QStyleOptionViewItem& option, const QModelIndex& index ) + { +- QRect textRect = option.rect.adjusted( item_margin, item_margin, -item_margin, -item_margin ); ++ QRect textRect = option.rect.adjusted( item_margin + 5, item_margin, -item_margin, -item_margin ); + QFont font = qApp->font(); + font.setPointSize( item_fontsize() ); + font.setBold( false ); +@@ -64,7 +64,7 @@ paintViewStep( QPainter* painter, const QStyleOptionViewItem& option, const QMod + + QRectF boundingBox; + painter->drawText( +- textRect, Qt::AlignHCenter | Qt::AlignVCenter | Qt::TextSingleLine, index.data().toString(), &boundingBox ); ++ textRect, Qt::AlignLeft | Qt::AlignVCenter | Qt::TextSingleLine, index.data().toString(), &boundingBox ); + + // The extra check here is to avoid the changing-font-size if we're not going to use + // it in the next iteration of the loop anyway. +@@ -75,6 +75,46 @@ paintViewStep( QPainter* painter, const QStyleOptionViewItem& option, const QMod + } + else + { ++ //draw border ++ int currentIndex = index.data(Calamares::ViewManager::ProgressTreeItemCurrentIndex).toInt(); ++ int row = index.row(); ++ QModelIndex parentIndex = index.parent(); ++ int rowCount = index.model()->rowCount(parentIndex); ++ bool isFirst = (row == 0); ++ bool isLast = (row == rowCount - 1); ++ QRect boxrect = option.rect; ++ ++ if ( isFirst || isLast ) ++ { ++ // Draw shadow line (slightly lower, lighter color) ++ QPen topshadowPen(QColor(0, 0, 0, 50)); ++ // Draw main line ++ QPen topborderPen(Qt::lightGray); ++ // Draw shadow line (slightly lower, lighter color) ++ QPen botshadowPen(QColor(0, 0, 0, 100)); ++ // Draw main line ++ QPen botborderPen(Qt::gray); ++ ++ if (isFirst) ++ { ++ painter->setPen(topshadowPen); ++ painter->drawLine(boxrect.topLeft() + QPoint(0, -1), boxrect.topRight() + QPoint(0, -1)); ++ painter->setPen(topborderPen); ++ painter->drawLine(boxrect.topLeft(), boxrect.topRight()); ++ } ++ else if (isLast) ++ { ++ painter->setPen(botborderPen); ++ painter->drawLine(boxrect.bottomLeft(), boxrect.bottomRight()); ++ painter->setPen(botshadowPen); ++ painter->drawLine(boxrect.bottomLeft() + QPoint(0, 1), boxrect.bottomRight() + QPoint(0, 1)); ++ } ++ } ++ ++ QPen allright(Qt::lightGray); ++ painter->setPen(allright); ++ painter->drawLine(boxrect.topRight(), boxrect.bottomRight()); ++ + break; // It fits + } + } while ( shrinkSteps <= maximumShrink ); +diff --git a/src/libcalamaresui/ViewManager.cpp b/src/libcalamaresui/ViewManager.cpp +index 10c1955..84d074c 100644 +--- a/src/libcalamaresui/ViewManager.cpp ++++ b/src/libcalamaresui/ViewManager.cpp +@@ -290,6 +290,7 @@ questionBox( QWidget* parent, + #if QT_VERSION >= QT_VERSION_CHECK( 6, 0, 0 ) + QMessageBox mb( QMessageBox::Question, title, question, QMessageBox::StandardButton::NoButton, parent ); + const auto* const okButton = mb.addButton( button0, QMessageBox::AcceptRole ); ++ mb.setIcon(QMessageBox::NoIcon); + mb.addButton( button1, QMessageBox::RejectRole ); + mb.exec(); + if ( mb.clickedButton() == okButton ) +@@ -332,12 +333,12 @@ ViewManager::next() + QString title + = settings->isSetupMode() ? tr( "Continue with Setup?", "@title" ) : tr( "Continue with Installation?", "@title" ); + QString question = settings->isSetupMode() +- ? tr( "The %1 setup program is about to make changes to your " +- "disk in order to set up %2.
You will not be able " +- "to undo these changes.", "%1 is short product name, %2 is short product name with version" ) +- : tr( "The %1 installer is about to make changes to your " +- "disk in order to install %2.
You will not be able " +- "to undo these changes.", "%1 is short product name, %2 is short product name with version" ); ++ ? tr( "You are going to install %1. " ++ "The selected disc partitioning will be applied. " ++ "Make sure that no data will be lost in the process.", "%1 is short product name") ++ : tr( "You are going to install %1. " ++ "The selected disc partitioning will be applied. " ++ "Make sure that no data will be lost in the process.", "%1 is short product name"); + QString confirm = settings->isSetupMode() ? tr( "&Set Up Now", "@button" ) : tr( "&Install Now", "@button" ); + + const auto* branding = Calamares::Branding::instance(); +@@ -511,11 +512,12 @@ ViewManager::confirmCancelInstallation() + + // Otherwise, confirm cancel/quit. + QString title = settings->isSetupMode() ? tr( "Cancel Setup?", "@title" ) : tr( "Cancel Installation?", "@title" ); +- QString question = settings->isSetupMode() ? tr( "Do you really want to cancel the current setup process?\n" ++ QString question = settings->isSetupMode() ? tr( "Are you sure you want to cancel the installation?\n" + "The setup program will quit and all changes will be lost." ) +- : tr( "Do you really want to cancel the current install process?\n" ++ : tr( "Are you sure you want to cancel the installation?\n" + "The installer will quit and all changes will be lost." ); + QMessageBox mb( QMessageBox::Question, title, question, QMessageBox::Yes | QMessageBox::No, m_widget ); ++ mb.setIcon(QMessageBox::NoIcon); + mb.setDefaultButton( QMessageBox::No ); + Calamares::fixButtonLabels( &mb ); + int response = mb.exec(); +diff --git a/src/libcalamaresui/libcalamaresui.qrc b/src/libcalamaresui/libcalamaresui.qrc +index 62a7df2..74322ee 100644 +--- a/src/libcalamaresui/libcalamaresui.qrc ++++ b/src/libcalamaresui/libcalamaresui.qrc +@@ -24,5 +24,6 @@ + ../../data/images/state-ok.svg + ../../data/images/state-warning.svg + ../../data/images/state-error.svg ++ ../../data/images/wait.png + + +diff --git a/src/libcalamaresui/viewpages/ExecutionViewStep.cpp b/src/libcalamaresui/viewpages/ExecutionViewStep.cpp +index cce87eb..0c641e2 100644 +--- a/src/libcalamaresui/viewpages/ExecutionViewStep.cpp ++++ b/src/libcalamaresui/viewpages/ExecutionViewStep.cpp +@@ -84,18 +84,37 @@ ExecutionViewStep::ExecutionViewStep( QObject* parent ) + + m_progressBar->setMaximum( 10000 ); + ++ m_progressBar->setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Fixed); ++ m_progressBar->setFixedHeight(10); ++ ++ m_tab_widget->setStyleSheet( ++ "QTabWidget::pane {" ++ " border: none;" // Remove the border from the tab widget pane ++ "}" ++ ); ++ + m_tab_widget->addTab( m_slideshow->widget(), "Slideshow" ); + m_tab_widget->addTab( m_log_widget, "Log" ); + m_tab_widget->tabBar()->hide(); ++ m_tab_widget->setContentsMargins( 14, 4, 4, 4 ); + + layout->addWidget( m_tab_widget ); + Calamares::unmarginLayout( layout ); ++ ++ layout->addSpacing( Calamares::defaultFontHeight() / 2 ); ++ ++ QLabel* progressLabel = new QLabel("Installation Progress"); ++ progressLabel->setContentsMargins( 14, 4, 4, 4 ); ++ layout->addWidget(progressLabel); ++ + layout->addLayout( bottomLayout ); + +- bottomLayout->addSpacing( Calamares::defaultFontHeight() / 2 ); ++ // bottomLayout->addSpacing( Calamares::defaultFontHeight() / 2 ); + bottomLayout->addLayout( barLayout ); + bottomLayout->addWidget( m_label ); + ++ bottomLayout->setContentsMargins( 14, 4, 4, 4 ); ++ + QToolBar* toolBar = new QToolBar; + const auto logButtonIcon = QIcon::fromTheme( "utilities-terminal" ); + auto toggleLogAction = toolBar->addAction( +diff --git a/src/libcalamaresui/viewpages/Slideshow.cpp b/src/libcalamaresui/viewpages/Slideshow.cpp +index 66a1afa..629136f 100644 +--- a/src/libcalamaresui/viewpages/Slideshow.cpp ++++ b/src/libcalamaresui/viewpages/Slideshow.cpp +@@ -209,6 +209,16 @@ SlideshowPictures::SlideshowPictures( QWidget* parent ) + { + m_label->setObjectName( "image" ); + ++ // Set the stylesheet to remove all borders except the bottom ++ m_label->setStyleSheet( ++ "QLabel#image {" ++ " border-top: none;" ++ " border-left: none;" ++ " border-right: none;" ++ " border-bottom: 1px solid gray;" // You can change the color and width as needed ++ "}" ++ ); ++ + m_label->setSizePolicy( QSizePolicy::Expanding, QSizePolicy::Expanding ); + m_label->setAlignment( Qt::AlignCenter ); + m_timer->setInterval( std::chrono::milliseconds( 2000 ) ); +@@ -237,7 +247,7 @@ SlideshowPictures::changeSlideShowState( Calamares::Slideshow::Action a ) + m_imageIndex = -1; + if ( m_images.count() < 1 ) + { +- m_label->setPixmap( QPixmap( ":/data/images/squid.svg" ) ); ++ m_label->setPixmap( QPixmap( ":/data/images/wait.png" ) ); + } + else + { +diff --git a/src/libcalamaresui/widgets/ErrorDialog.cpp b/src/libcalamaresui/widgets/ErrorDialog.cpp +index 8c682f9..20f0623 100644 +--- a/src/libcalamaresui/widgets/ErrorDialog.cpp ++++ b/src/libcalamaresui/widgets/ErrorDialog.cpp +@@ -25,6 +25,42 @@ ErrorDialog::ErrorDialog( QWidget* parent ) + ui->iconLabel->setPixmap( QIcon::fromTheme( "dialog-error" ).pixmap( 64 ) ); + ui->detailsWidget->hide(); + ui->offerWebPasteLabel->hide(); ++ ++ // Apply custom QSS style ++ QString style = R"( ++ QMessageBox, QDialog { ++ background-color: #FFFFFF; ++ border-width: 2px; ++ border-style: outset; ++ border-color: #5e5f61; ++ border-radius: 0px; ++ padding: 10px; ++ } ++ ++ QPushButton { ++ background-color: #FFFFFF; ++ border-width: 1px; ++ border-style: solid; ++ border-color: #008080; ++ border-radius: 0px; ++ padding: 5px 10px; ++ color: #008080; ++ font-weight: bold; ++ } ++ ++ QPushButton:hover { ++ background-color: #008080; ++ color: #FFFFFF; ++ } ++ ++ QPushButton:disabled { ++ background-color: #E7E7EB; ++ border-color: #E7E7EB; ++ color: #B2B3B9; ++ } ++ )"; ++ ++ this->setStyleSheet(style); + } + + ErrorDialog::~ErrorDialog() +diff --git a/src/modules/finished/FinishedPage.cpp b/src/modules/finished/FinishedPage.cpp +index 26b7747..144d67e 100644 +--- a/src/modules/finished/FinishedPage.cpp ++++ b/src/modules/finished/FinishedPage.cpp +@@ -30,21 +30,21 @@ FinishedPage::updateInstallationTime() + QString currentText; + + gs = Calamares::JobQueue::instance()->globalStorage(); +- int installDuration = gs->value("installDuration").toInt(); +- int minutes = installDuration / 60; +- int seconds = installDuration % 60; +- +- if (seconds == 0) +- { +- installDurationString = QString("%1 minutes").arg(minutes); +- } +- else +- { +- installDurationString = QString("%1 minutes and %2 seconds").arg(minutes).arg(seconds); +- } ++ int installDuration = gs->value("installDuration").toInt(); ++ int minutes = installDuration / 60; ++ int seconds = installDuration % 60; ++ ++ if (seconds == 0) ++ { ++ installDurationString = QString("%1 minutes").arg(minutes); ++ } ++ else ++ { ++ installDurationString = QString("%1 minutes and %2 seconds").arg(minutes).arg(seconds); ++ } + + currentText = ui->mainText->text(); +- ui->mainText->setText( tr( "%1

Installation took %2.

").arg(currentText, installDurationString) ); ++ ui->mainText->setText( tr( "%1

Installation took %2.").arg(currentText, installDurationString) ); + } + + FinishedPage::FinishedPage( Config* config, QWidget* parent ) +@@ -94,11 +94,21 @@ FinishedPage::retranslate() + const auto* branding = Calamares::Branding::instance(); + + ui->retranslateUi( this ); ++ ++ ui->mainText->setAlignment(Qt::AlignLeft); ++ ++ ui->mainText->setContentsMargins( 14, 4, 4, 4 ); ++ ui->headText->setContentsMargins( 14, 4, 4, 4 ); ++ ++ ui->headText->setStyleSheet(QString("font-size: 24pt;")); ++ + if ( !m_failure.has_value() ) + { ++ ui->headText->setText(tr( "Installation Complete") ); ++ + if ( Calamares::Settings::instance()->isSetupMode() ) + { +- ui->mainText->setText( tr( "

All done.


" ++ ui->mainText->setText( tr( "
" + "%1 has been set up on your computer.
" + "You may now start using your new system.", "@info" ) + .arg( branding->versionedName() ) ); +@@ -110,9 +120,9 @@ FinishedPage::retranslate() + } + else + { +- ui->mainText->setText( tr( "

All done.


" ++ ui->mainText->setText( tr( "
" + "%1 has been installed on your computer.
" +- "You may now restart into your new system, or continue ", "@info" ) ++ "You may now restart into your new system.", "@info" ) + .arg( branding->versionedName() ) ); + ui->restartCheckBox->setToolTip( tr( "" + "

When this box is checked, your system will " +@@ -125,9 +135,11 @@ FinishedPage::retranslate() + { + const QString message = m_failure.value(); + ++ ui->headText->setText(tr( "Setup Failed") ); ++ + if ( Calamares::Settings::instance()->isSetupMode() ) + { +- ui->mainText->setText( tr( "

Setup Failed


" ++ ui->mainText->setText( tr( "
" + "%1 has not been set up on your computer.
" + "The error message was: %2.", "@info, %1 is product name with version" ) + .arg( branding->versionedName() ) +@@ -135,7 +147,7 @@ FinishedPage::retranslate() + } + else + { +- ui->mainText->setText( tr( "

Installation Failed


" ++ ui->mainText->setText( tr( "
" + "%1 has not been installed on your computer.
" + "The error message was: %2.", "@info, %1 is product name with version" ) + .arg( branding->versionedName() ) +diff --git a/src/modules/finished/FinishedPage.ui b/src/modules/finished/FinishedPage.ui +index f4d36bf..5758074 100644 +--- a/src/modules/finished/FinishedPage.ui ++++ b/src/modules/finished/FinishedPage.ui +@@ -35,17 +35,17 @@ SPDX-License-Identifier: GPL-3.0-or-later + + + +- +- +- Qt::Vertical ++ ++ ++ ++ 3 ++ 0 ++ + +- +- +- 20 +- 50 +- ++ ++ <Calamares finished head text> + +- ++ + + + +@@ -60,6 +60,19 @@ SPDX-License-Identifier: GPL-3.0-or-later + + + ++ ++ ++ ++ Qt::Vertical ++ ++ ++ ++ 20 ++ 50 ++ ++ ++ ++ + + + +diff --git a/src/modules/partition/core/ColorUtils.cpp b/src/modules/partition/core/ColorUtils.cpp +index 6dc17be..28d1ee3 100644 +--- a/src/modules/partition/core/ColorUtils.cpp ++++ b/src/modules/partition/core/ColorUtils.cpp +@@ -32,21 +32,32 @@ static const int NUM_PARTITION_COLORS = 5; + static const int NUM_NEW_PARTITION_COLORS = 4; + //Let's try to use the Breeze palette + static const QColor PARTITION_COLORS[ NUM_PARTITION_COLORS ] = { +- "#2980b9", //Dark Plasma Blue +- "#27ae60", //Dark Icon Green +- "#c9ce3b", //Dirty Yellow +- "#3daee9", //Plasma Blue +- "#9b59b6", //Purple ++ //"#2980b9", //Dark Plasma Blue ++ //"#27ae60", //Dark Icon Green ++ //"#c9ce3b", //Dirty Yellow ++ //"#3daee9", //Plasma Blue ++ //"#9b59b6", //Purple ++ ++ "#00FFFF", // Aqua ++ "#7FFFD4", // Aquamarine ++ "#5F9EA0", // Cadet Blue ++ "#4682B4", // Steel Blue ++ "#008080", // Teal + }; + static const QColor NEW_PARTITION_COLORS[ NUM_NEW_PARTITION_COLORS ] = { +- "#c0392b", //Dark Icon Red +- "#f39c1f", //Dark Icon Yellow +- "#f1b7bc", //Light Salmon +- "#fed999", //Light Orange ++ //"#c0392b", //Dark Icon Red ++ //"#f39c1f", //Dark Icon Yellow ++ //"#f1b7bc", //Light Salmon ++ //"#fed999", //Light Orange ++ ++ "#20B2AA", // Light Sea Green ++ "#40E0D0", // Turquoise ++ "#AFEEEE", // Pale Turquoise ++ "#B0E0E6", // Powder Blue + }; + static QColor FREE_SPACE_COLOR = "#777777"; + static QColor EXTENDED_COLOR = "#aaaaaa"; +-static QColor UNKNOWN_DISKLABEL_COLOR = "#4d4151"; ++static QColor UNKNOWN_DISKLABEL_COLOR = "#82879B"; + + static QMap< QString, QColor > s_partitionColorsCache; + +diff --git a/src/modules/partition/gui/ChoicePage.cpp b/src/modules/partition/gui/ChoicePage.cpp +index 0a4adf3..3174d2e 100644 +--- a/src/modules/partition/gui/ChoicePage.cpp ++++ b/src/modules/partition/gui/ChoicePage.cpp +@@ -99,6 +99,10 @@ ChoicePage::ChoicePage( Config* config, QWidget* parent ) + m_mainLayout->setStretchFactor( m_rightLayout, 1 ); + m_drivesLabel->setBuddy( m_drivesCombo ); + ++ m_drivesLayout->setContentsMargins( 14, 4, 4, 4 ); ++ m_rightLayout->setContentsMargins( 14, 4, 4, 4 ); ++ m_itemsLayout->setContentsMargins( 14, 4, 4, 4 ); ++ + m_drivesLayout->addWidget( m_drivesCombo ); + + m_deviceInfoWidget = new DeviceInfoWidget; +@@ -112,7 +116,11 @@ ChoicePage::ChoicePage( Config* config, QWidget* parent ) + // Drive selector + preview + CALAMARES_RETRANSLATE_SLOT( &ChoicePage::retranslate ); + +- titleText->setAlignment( Qt::AlignCenter ); ++ titleText->setAlignment( Qt::AlignLeft ); ++ int currentFontSize = titleText->font().pointSize(); ++ titleText->setStyleSheet(QString("font-size: %1pt;").arg(currentFontSize * 2)); ++ titleText->setContentsMargins( 14, 4, 4, 4 ); ++ + m_previewBeforeFrame->setSizePolicy( QSizePolicy::Preferred, QSizePolicy::Expanding ); + m_previewAfterFrame->setSizePolicy( QSizePolicy::Preferred, QSizePolicy::Expanding ); + m_previewAfterLabel->hide(); +@@ -1276,13 +1284,13 @@ ChoicePage::setupActions() + + CALAMARES_RETRANSLATE( + cDebug() << "Setting texts for 0 osprober entries"; +- m_messageLabel->setText( tr( "Choose partitioning method.
" +- "Changes can be reviewed before they are applied" ) ); + +- m_eraseButton->setText( tr( "Erase disk
" +- "This will install Edge Microvisor Toolkit on the currently selected " +- "storage device deleting all data " +- "currently present on the selected storage device." ) ); ++ m_messageLabel->setStyleSheet(QString("font-size: 16pt;")); ++ m_messageLabel->setText( tr( "Choose partitioning method") ); ++ m_messageLabelCont->setText( tr( "Changes will not apply immediately, you may review them before launching the installation.
" ) ); ++ ++ m_eraseButton->setText( tr( "Automatic Partition
" ++ "Create required partitions automatically. All data currently existing on the device will be deleted." ) ); + ); + m_grp->setExclusive( false ); + m_grp->setExclusive( true ); +@@ -1481,8 +1489,8 @@ ChoicePage::updateChoiceButtonsTr() + { + if ( m_somethingElseButton ) + { +- m_somethingElseButton->setText( tr( "Manual partitioning
" +- "Create or resize partitions manually." ) ); ++ m_somethingElseButton->setText( tr( "Manual Partitioning
" ++ "Create and set up partitions manually." ) ); + } + } + +diff --git a/src/modules/partition/gui/ChoicePage.ui b/src/modules/partition/gui/ChoicePage.ui +index 5e60112..e20be70 100644 +--- a/src/modules/partition/gui/ChoicePage.ui ++++ b/src/modules/partition/gui/ChoicePage.ui +@@ -20,14 +20,14 @@ SPDX-License-Identifier: GPL-3.0-or-later + + + 0 +- ++ + + + +- <br><h1>Partition Configuration<br></h1><br> ++ <br/>Partition Configuration<br/> + + +- ++ + + + +@@ -45,14 +45,28 @@ SPDX-License-Identifier: GPL-3.0-or-later + + + +- +- +- +- +- +- <m_messageLabel> +- +- ++ ++ ++ ++ ++ ++ ++ ++ <m_messageLabel> ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ <m_messageLabelCont> ++ ++ ++ ++ + + + +diff --git a/src/modules/partition/gui/DeviceInfoWidget.cpp b/src/modules/partition/gui/DeviceInfoWidget.cpp +index f57ed91..8f70679 100644 +--- a/src/modules/partition/gui/DeviceInfoWidget.cpp ++++ b/src/modules/partition/gui/DeviceInfoWidget.cpp +@@ -86,9 +86,14 @@ DeviceInfoWidget::retranslateUi() + break; + case PartitionTable::gpt: + // TypeString is ok +- toolTipString += tr( "

This is the recommended partition table type for modern " +- "systems which start from an EFI boot " +- "environment." ); ++ if (toolTipString.isEmpty()) { ++ // The string is empty ++ toolTipString += tr( "GPT is the recommended partition table type " ++ "for modern systems using an EFI boot environment."); ++ } else { ++ toolTipString += tr( "

GPT is the recommended partition table type " ++ "for modern systems using an EFI boot environment."); ++ } + break; + case PartitionTable::loop: + typeString = "loop"; +@@ -144,12 +149,12 @@ DeviceInfoWidget::retranslateUi() + m_ptLabel->setText( typeString ); + m_ptLabel->setToolTip( toolTipString ); + +- m_ptIcon->setToolTip( tr( "The type of partition table on the " +- "selected storage device.

" +- "The only way to change the partition table type is to " +- "erase and recreate the partition table from scratch, " +- "which destroys all data on the storage device.
" +- "This installer will keep the current partition table " +- "unless you explicitly choose otherwise.
" +- "If unsure, on modern systems GPT is preferred." ) ); ++ m_ptIcon->setToolTip( tr( "The type of this device’s partition table." ++ "
" ++ "This installer will keep the current partition table, " ++ "unless you explicitly choose otherwise. " ++ "On modern systems, GPT is the recommended type.

" ++ "Changing the partition table type requires " ++ "recreating it from scratch and deleting all " ++ "the data currently existing on the device.
") ); + } +diff --git a/src/modules/partition/gui/EncryptWidget.cpp b/src/modules/partition/gui/EncryptWidget.cpp +index 560e97f..0d4698d 100644 +--- a/src/modules/partition/gui/EncryptWidget.cpp ++++ b/src/modules/partition/gui/EncryptWidget.cpp +@@ -50,6 +50,12 @@ EncryptWidget::EncryptWidget( QWidget* parent ) + m_ui->m_passphraseLineEdit->hide(); + m_ui->m_confirmLineEdit->hide(); + m_ui->m_iconLabel->hide(); ++ ++ QFont italicFont; ++ italicFont.setItalic(true); ++ m_ui->m_confirmLineEdit->setFont(italicFont); ++ m_ui->m_passphraseLineEdit->setFont(italicFont); ++ + // TODO: this deserves better rendering, an icon or something, but that will + // depend on having a non-bogus implementation of systemSupportsEncryptionAcceptably + if ( systemSupportsEncryptionAcceptably() ) +@@ -153,7 +159,15 @@ EncryptWidget::updateState( const bool notify ) + if ( p1.isEmpty() && p2.isEmpty() ) + { + applyPixmap( m_ui->m_iconLabel, Calamares::StatusWarning ); +- m_ui->m_iconLabel->setToolTip( tr( "Please enter the same passphrase in both boxes.", "@tooltip" ) ); ++ m_ui->m_iconLabel->setToolTip( tr( "Please enter the same password in both boxes.
" ++ "Password must contain:
" ++ "- at least two lower-case letters
" ++ "- at least two upper-case letters
" ++ "- at least two numbers
" ++ "- at least two special characters
" ++ "Password cannot be:
" ++ "- based on a word listed in the dictionary of insecure character sequences
" ++ "- a palindrome", "@tooltip" ) ); + } + else if ( m_filesystem == FileSystem::Zfs && p1.length() < ZFS_MIN_LENGTH ) + { +diff --git a/src/modules/partition/gui/EncryptWidget.ui b/src/modules/partition/gui/EncryptWidget.ui +index 24d63b5..77ace4f 100644 +--- a/src/modules/partition/gui/EncryptWidget.ui ++++ b/src/modules/partition/gui/EncryptWidget.ui +@@ -56,7 +56,7 @@ SPDX-License-Identifier: GPL-3.0-or-later + QLineEdit::Password + + +- Passphrase ++ Password + + + +@@ -66,7 +66,17 @@ SPDX-License-Identifier: GPL-3.0-or-later + QLineEdit::Password + + +- Confirm passphrase ++ Confirm Password ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ Qt::AlignLeft + + + +@@ -83,16 +93,6 @@ SPDX-License-Identifier: GPL-3.0-or-later + + + +- +- +- +- +- +- +- Qt::AlignCenter +- +- +- + + + +diff --git a/src/modules/partition/gui/PartitionBarsView.cpp b/src/modules/partition/gui/PartitionBarsView.cpp +index ef748d2..b94822e 100644 +--- a/src/modules/partition/gui/PartitionBarsView.cpp ++++ b/src/modules/partition/gui/PartitionBarsView.cpp +@@ -131,7 +131,8 @@ PartitionBarsView::drawSection( QPainter* painter, const QRect& rect_, int x, in + + painter->setPen( borderColor ); + +- painter->drawRoundedRect( rect, radius, radius ); ++ // painter->drawRoundedRect( rect, radius, radius ); ++ painter->drawRect(rect); + + // Draw shade + if ( !isFreeSpace ) +@@ -147,8 +148,9 @@ PartitionBarsView::drawSection( QPainter* painter, const QRect& rect_, int x, in + + painter->setPen( Qt::NoPen ); + +- painter->setBrush( gradient ); +- painter->drawRoundedRect( rect, radius, radius ); ++ // painter->setBrush( gradient ); ++ // painter->drawRoundedRect( rect, radius, radius ); ++ painter->drawRect(rect); + + if ( selectionMode() != QAbstractItemView::NoSelection && index.isValid() && selectionModel() + && !selectionModel()->selectedIndexes().isEmpty() && selectionModel()->selectedIndexes().first() == index ) +@@ -175,7 +177,8 @@ PartitionBarsView::drawSection( QPainter* painter, const QRect& rect_, int x, in + + selectionRect.adjust( SELECTION_MARGIN, SELECTION_MARGIN, -SELECTION_MARGIN, -SELECTION_MARGIN ); + +- painter->drawRoundedRect( selectionRect, radius - 1, radius - 1 ); ++ // painter->drawRoundedRect( selectionRect, radius - 1, radius - 1 ); ++ painter->drawRect(selectionRect); + } + + painter->translate( -0.5, -0.5 ); +diff --git a/src/modules/partition/gui/PartitionLabelsView.cpp b/src/modules/partition/gui/PartitionLabelsView.cpp +index e338da2..3f2ae3a 100644 +--- a/src/modules/partition/gui/PartitionLabelsView.cpp ++++ b/src/modules/partition/gui/PartitionLabelsView.cpp +@@ -100,7 +100,8 @@ drawPartitionSquare( QPainter* painter, const QRect& rect, const QBrush& brush ) + painter->setRenderHint( QPainter::Antialiasing, true ); + painter->setPen( QPalette().shadow().color() ); + painter->translate( .5, .5 ); +- painter->drawRoundedRect( rect.adjusted( 0, 0, -1, -1 ), CORNER_RADIUS, CORNER_RADIUS ); ++ // painter->drawRoundedRect( rect.adjusted( 0, 0, -1, -1 ), CORNER_RADIUS, CORNER_RADIUS ); ++ painter->drawRect(rect.adjusted( 0, 0, -1, -1 )); + painter->translate( -.5, -.5 ); + } + +@@ -114,7 +115,8 @@ drawSelectionSquare( QPainter* painter, const QRect& rect, const QBrush& brush ) + highlightColor.setAlpha( 120 ); + painter->setBrush( highlightColor ); + painter->translate( .5, .5 ); +- painter->drawRoundedRect( rect.adjusted( 0, 0, -1, -1 ), CORNER_RADIUS, CORNER_RADIUS ); ++ // painter->drawRoundedRect( rect.adjusted( 0, 0, -1, -1 ), CORNER_RADIUS, CORNER_RADIUS ); ++ painter->drawRect(rect.adjusted( 0, 0, -1, -1 )); + painter->translate( -.5, -.5 ); + painter->restore(); + } +@@ -271,8 +273,8 @@ PartitionLabelsView::drawLabels( QPainter* painter, const QRect& rect, const QMo + QRect hoverRect = labelRect.adjusted( 0, 0, -1, -1 ); + painter->setBrush( QPalette().window().color().lighter( 102 ) ); + painter->setPen( Qt::NoPen ); +- painter->drawRoundedRect( hoverRect, CORNER_RADIUS, CORNER_RADIUS ); +- ++ // painter->drawRoundedRect( hoverRect, CORNER_RADIUS, CORNER_RADIUS ); ++ painter->drawRect(hoverRect); + painter->translate( -0.5, -0.5 ); + painter->restore(); + } +diff --git a/src/modules/partition/gui/PartitionPage.cpp b/src/modules/partition/gui/PartitionPage.cpp +index f0baf4b..131ca4b 100644 +--- a/src/modules/partition/gui/PartitionPage.cpp ++++ b/src/modules/partition/gui/PartitionPage.cpp +@@ -35,6 +35,7 @@ + #include "GlobalStorage.h" + #include "JobQueue.h" + #include "partition/PartitionQuery.h" ++#include "utils/Gui.h" + #include "utils/Logger.h" + #include "utils/Retranslator.h" + #include "widgets/TranslationFix.h" +@@ -65,6 +66,18 @@ PartitionPage::PartitionPage( PartitionCoreModule* core, QWidget* parent ) + m_isEfi = PartUtils::isEfiSystem(); + + m_ui->setupUi( this ); ++ ++ m_ui->titleText->setAlignment( Qt::AlignLeft ); ++ int currentFontSize = m_ui->titleText->font().pointSize(); ++ m_ui->titleText->setStyleSheet(QString("font-size: %1pt;").arg(currentFontSize * 2)); ++ m_ui->titleText->setContentsMargins( 14, 4, 4, 4 ); ++ ++ m_ui->horizontalLayout_2->setContentsMargins( 14, 3, 4, 4 ); ++ m_ui->horizontalLayout->setContentsMargins( 14, 4, 4, 4 ); ++ m_ui->verticalLayout_1->setContentsMargins( 14, 4, 4, 4 ); ++ ++ m_ui->horizontalLayout_2->insertSpacing( 1, Calamares::defaultFontHeight() / 2 ); ++ + m_ui->partitionLabelsView->setVisible( + Calamares::JobQueue::instance()->globalStorage()->value( "alwaysShowPartitionLabels" ).toBool() ); + m_ui->deviceComboBox->setModel( m_core->deviceModel() ); +diff --git a/src/modules/partition/gui/PartitionPage.ui b/src/modules/partition/gui/PartitionPage.ui +index b02eb41..4b45a9e 100644 +--- a/src/modules/partition/gui/PartitionPage.ui ++++ b/src/modules/partition/gui/PartitionPage.ui +@@ -18,26 +18,10 @@ SPDX-License-Identifier: GPL-3.0-or-later + Form + + +- +- +- +- Qt::Vertical +- +- +- QSizePolicy::Fixed +- +- +- +- 100 +- 50 +- +- +- +- + + + +- <h1>Partition Configuration</h1> ++ <br/>Partition Configuration<br/> + + + +@@ -82,29 +66,33 @@ SPDX-License-Identifier: GPL-3.0-or-later + + + +- +- +- +- +- +- +- +- +- QAbstractItemView::NoEditTriggers +- +- +- false +- +- +- true +- +- +- false +- +- +- false +- +- ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ QAbstractItemView::NoEditTriggers ++ ++ ++ false ++ ++ ++ true ++ ++ ++ false ++ ++ ++ false ++ ++ ++ ++ + + + +diff --git a/src/modules/partition/gui/PartitionSplitterWidget.cpp b/src/modules/partition/gui/PartitionSplitterWidget.cpp +index 9fef8e3..f2240ff 100644 +--- a/src/modules/partition/gui/PartitionSplitterWidget.cpp ++++ b/src/modules/partition/gui/PartitionSplitterWidget.cpp +@@ -471,7 +471,8 @@ PartitionSplitterWidget::drawSection( QPainter* painter, + const QColor borderColor = color.darker(); + painter->setPen( borderColor ); + painter->setBrush( color ); +- painter->drawRoundedRect( rect, radius, radius ); ++ // painter->drawRoundedRect( rect, radius, radius ); ++ painter->drawRect(rect); + + // Draw shade + if ( !isFreeSpace ) +@@ -486,8 +487,9 @@ PartitionSplitterWidget::drawSection( QPainter* painter, + gradient.setColorAt( 1, QColor::fromRgbF( c, c, c, 0 ) ); + + painter->setPen( Qt::NoPen ); +- painter->setBrush( gradient ); +- painter->drawRoundedRect( rect, radius, radius ); ++ // painter->setBrush( gradient ); ++ // painter->drawRoundedRect( rect, radius, radius ); ++ painter->drawRect(rect); + + painter->translate( -0.5, -0.5 ); + } +diff --git a/src/modules/users/UsersPage.cpp b/src/modules/users/UsersPage.cpp +index f53a750..fac61da 100644 +--- a/src/modules/users/UsersPage.cpp ++++ b/src/modules/users/UsersPage.cpp +@@ -107,6 +107,19 @@ UsersPage::UsersPage( Config* config, QWidget* parent ) + { + ui->setupUi( this ); + ++ // increase 3x font ++ int currentFontSize = ui->labelTitle->font().pointSize(); ++ ui->labelTitle->setStyleSheet(QString("font-size: %1pt;").arg(currentFontSize * 2)); ++ ui->labelBottomText->setStyleSheet(QString("font-size: 14pt;")); ++ ++ // margins ++ ui->labelTitle->setContentsMargins( 14, 4, 4, 4 ); ++ ui->hostnamePrompt->setContentsMargins( 14, 4, 4, 4 ); ++ ui->usernamePrompt->setContentsMargins( 14, 4, 4, 4 ); ++ ui->passwordPrompt->setContentsMargins( 14, 4, 4, 4 ); ++ ui->passwordRepeatPrompt->setContentsMargins( 14, 4, 4, 4 ); ++ ui->labelBottomText->setContentsMargins( 14, 4, 4, 4 ); ++ + // Connect signals and slots + ui->textBoxUserPassword->setText( config->userPassword() ); + connect( ui->textBoxUserPassword, &QLineEdit::textChanged, config, &Config::setUserPassword ); +@@ -116,7 +129,7 @@ UsersPage::UsersPage( Config* config, QWidget* parent ) + connect( config, &Config::userPasswordSecondaryChanged, ui->textBoxUserVerifiedPassword, &QLineEdit::setText ); + connect( config, &Config::userPasswordStatusChanged, this, &UsersPage::reportUserPasswordStatus ); + +- const QString DefaultHostnamePrefix = "edgemicrovisortoolkit"; ++ const QString DefaultHostnamePrefix = "edgemicrovisortoolkit"; + ui->textBoxHostname->setText( randomHostname(DefaultHostnamePrefix) ); + config->setHostName( ui->textBoxHostname->text() ); + connect( ui->textBoxHostname, &QLineEdit::textEdited, config, &Config::setHostName ); +diff --git a/src/modules/users/page_usersetup.ui b/src/modules/users/page_usersetup.ui +index a23d877..458c359 100644 +--- a/src/modules/users/page_usersetup.ui ++++ b/src/modules/users/page_usersetup.ui +@@ -18,10 +18,10 @@ SPDX-License-Identifier: GPL-3.0-or-later + Form + + +- ++ + + +- <br><h1>System Configuration</h1> ++ <br>System Configuration + + + false +@@ -39,20 +39,26 @@ SPDX-License-Identifier: GPL-3.0-or-later + + + 20 +- 50 ++ 30 + + + + + +- +- +- Enter computer hostname and create user account. ++ ++ ++ Qt::Vertical + +- +- false ++ ++ QSizePolicy::Fixed + +- ++ ++ ++ 20 ++ 20 ++ ++ ++ + + + +@@ -403,9 +409,21 @@ SPDX-License-Identifier: GPL-3.0-or-later + + font-weight: normal + +- +- <small>Enter the same password twice. Password needs to contain at least two of: lowercase letters, uppercase letters, numbers and special characters. It cannot be based on a dictionary word, and cannot be a palindrome.</small> +- ++ ++ <small> ++Hostname must contain at least two characters (only letters, numbers, underscore, and hyphen are allowed).<br><br> ++User Name must start with a lower-case letter or an underscore.<br><br> ++Password must contain:<br> ++ • at least two lower-case letters<br> ++ • at least two upper-case letters<br> ++ • at least two numbers<br> ++ • at least two special characters<br><br> ++Password cannot be:<br> ++ • based on a word listed in the dictionary of insecure character sequences<br> ++ • a palindrome ++</small> ++ ++ + + true + +diff --git a/src/modules/welcome/Config.cpp b/src/modules/welcome/Config.cpp +index 736e509..fa79ffa 100644 +--- a/src/modules/welcome/Config.cpp ++++ b/src/modules/welcome/Config.cpp +@@ -77,7 +77,7 @@ Config::retranslate() + } + else + { +- m_warningMessage = tr( "Follow step-by-step instructions to set up your system quickly." ) ++ m_warningMessage = tr( "You are just a few steps away from using your new system." ) + .arg( branding ? branding->productName() : QString() ); + } + +diff --git a/src/modules/welcome/WelcomePage.cpp b/src/modules/welcome/WelcomePage.cpp +index d794373..19c7fca 100644 +--- a/src/modules/welcome/WelcomePage.cpp ++++ b/src/modules/welcome/WelcomePage.cpp +@@ -29,6 +29,7 @@ + #include "utils/Logger.h" + #include "utils/NamedEnum.h" + #include "utils/Retranslator.h" ++#include "checker/ResultsListWidget.h" + + #include + #include +@@ -58,17 +59,8 @@ WelcomePage::WelcomePage( Config* config, QWidget* parent ) + const int defaultFontHeight = Calamares::defaultFontHeight(); + ui->setupUi( this ); + +- // Azure Linux main text setup +- ui->mainText->setAlignment( Qt::AlignCenter ); +- ui->mainText->setWordWrap( true ); +- ui->mainText->setOpenExternalLinks( true ); +- +- QString message = tr( "

Get Started with %1

" ); +- ui->mainText->setText( message.arg( Branding::instance()->versionedName() ) ); +- +- // insert system-check widget below welcome text +- const int welcome_text_idx = ui->verticalLayout->indexOf( ui->mainText ); +- ui->verticalLayout->insertWidget( welcome_text_idx + 1, m_checkingWidget ); ++ // create counter for placement ++ int welcome_text_idx = 0; + + // insert optional logo banner image above welcome text + QString bannerPath = Branding::instance()->imagePath( Branding::ProductBanner ); +@@ -85,11 +77,18 @@ WelcomePage::WelcomePage( Config* config, QWidget* parent ) + ui->aboveTextSpacer->changeSize( 20, defaultFontHeight ); // Shrink it down + ui->aboveTextSpacer->invalidate(); + ui->verticalLayout->insertSpacing( welcome_text_idx, defaultFontHeight ); ++ welcome_text_idx++; + ui->verticalLayout->insertWidget( welcome_text_idx, bannerLabel ); ++ welcome_text_idx++; + } + } + +- initSkus(); ++ // insert main widget after banner ++ ui->verticalLayout->insertWidget( welcome_text_idx, m_checkingWidget ); ++ welcome_text_idx++; ++ ++ // insert sku last ++ initSkus(welcome_text_idx); + + connect( Calamares::ModuleManager::instance(), + &Calamares::ModuleManager::requirementsComplete, +@@ -112,13 +111,13 @@ WelcomePage::init() + } + + void +-WelcomePage::initSkus() ++WelcomePage::initSkus(int index) + { + // Fill the list of skus + ui->skuWidget->clear(); + ui->skuWidget->setInsertPolicy( QComboBox::InsertAlphabetically ); + +- const QString skuDir = "/etc/calamares/edgemicrovisortoolkit-skus/"; ++ const QString skuDir = "/etc/calamares/edgemicrovisortoolkit-skus/"; + QDirIterator it(skuDir, QStringList() << "*.json", QDir::Files); + while (it.hasNext()) + { +@@ -131,6 +130,33 @@ WelcomePage::initSkus() + } + } + ui->skuWidget->setCurrentIndex(0); ++ ++ // Disable skuWidget if it only has 1 item ++ if (ui->skuWidget->count() == 1) ++ { ++ ui->skuWidget->setDisabled(true); ++ } ++ else ++ { ++ ui->skuWidget->setDisabled(false); // Optionally enable it if more than 1 item ++ } ++ ++ // Align skuLabel and skuWidget to the left ++ QHBoxLayout* skuLayout = new QHBoxLayout; ++ skuLayout->setAlignment(Qt::AlignLeft); // Align contents to the left ++ skuLayout->addWidget(ui->skuLabel); ++ skuLayout->addWidget(ui->skuWidget); ++ ++ skuLayout->setContentsMargins( 14, Calamares::defaultFontHeight() * 3 / 4, 4, 4 ); ++ skuLayout->setStretch(0, 0); // No stretch for the label ++ skuLayout->setStretch(1, 1); // Stretch the combo box to the right ++ ++ // insert the layout after previous ++ ui->verticalLayout->insertLayout( index, skuLayout ); ++ ++ QSpacerItem* spacer = new QSpacerItem(20, 40, QSizePolicy::Minimum, QSizePolicy::Expanding); ++ skuLayout->addItem(spacer); ++ + } + + void +@@ -235,7 +261,16 @@ WelcomePage::retranslate() + { + const QString message = m_conf->genericWelcomeMessage(); + +- ui->mainText->setText( message.arg( Calamares::Branding::instance()->versionedName() ) ); ++ // Access mainText from ResultsListWidget and update its text ++ if (auto resultsWidget = qobject_cast(m_checkingWidget)) ++ { ++ QLabel* mainText = resultsWidget->getMainText(); ++ if (mainText) ++ { ++ mainText->setText(message.arg(Calamares::Branding::instance()->versionedName())); ++ } ++ } ++ + ui->retranslateUi( this ); + ui->supportButton->setText( tr( "%1 Support", "@action" ).arg( Calamares::Branding::instance()->shortProductName() ) ); + } +diff --git a/src/modules/welcome/WelcomePage.h b/src/modules/welcome/WelcomePage.h +index a899b22..d904ea0 100644 +--- a/src/modules/welcome/WelcomePage.h ++++ b/src/modules/welcome/WelcomePage.h +@@ -55,7 +55,7 @@ public slots: + void retranslate(); + + protected: +- void initSkus(); ++ void initSkus(int index); + void focusInEvent( QFocusEvent* e ) override; //choose the child widget to focus + + private: +diff --git a/src/modules/welcome/WelcomePage.ui b/src/modules/welcome/WelcomePage.ui +index c5b9e49..0796646 100644 +--- a/src/modules/welcome/WelcomePage.ui ++++ b/src/modules/welcome/WelcomePage.ui +@@ -36,43 +36,8 @@ SPDX-License-Identifier: GPL-3.0-or-later + + + +- +- +- +- +- 3 +- 0 +- +- +- +- <Calamares welcome text> +- +- +- Qt::AlignCenter +- +- +- true +- +- +- + + +- +- +- +- Qt::Horizontal +- +- +- QSizePolicy::Maximum +- +- +- +- 40 +- 20 +- +- +- +- + + + +diff --git a/src/modules/welcome/checker/ResultsListWidget.cpp b/src/modules/welcome/checker/ResultsListWidget.cpp +index 3f70c61..7c86a19 100644 +--- a/src/modules/welcome/checker/ResultsListWidget.cpp ++++ b/src/modules/welcome/checker/ResultsListWidget.cpp +@@ -31,15 +31,33 @@ ResultsListWidget::ResultsListWidget( Config* config, QWidget* parent ) + : QWidget( parent ) + , m_config( config ) + { ++ using Branding = Calamares::Branding; + setSizePolicy( QSizePolicy::Expanding, QSizePolicy::Expanding ); + + auto mainLayout = new QVBoxLayout; + setLayout( mainLayout ); + + QHBoxLayout* explanationLayout = new QHBoxLayout; ++ ++ // Create the new QLabel item ++ QLabel* mainText = new QLabel( this ); ++ mainText->setOpenExternalLinks( true ); ++ mainText->setSizePolicy( QSizePolicy::Expanding, QSizePolicy::Expanding ); ++ QString message = tr("Get Started with %1"); ++ mainText->setText( message.arg( Branding::instance()->versionedName() ) ); ++ mainText->setAlignment( Qt::AlignLeft ); ++ mainText->setWordWrap( true ); ++ mainText->setObjectName( "mainText" ); ++ int currentFontSize = mainText->font().pointSize(); ++ mainText->setStyleSheet(QString("font-size: %1pt;").arg(currentFontSize * 2)); ++ ++ // Add the new item above m_explanation ++ mainLayout->addWidget( mainText ); ++ + m_explanation = new QLabel( m_config->warningMessage() ); + m_explanation->setWordWrap( true ); +- m_explanation->setSizePolicy( QSizePolicy::Expanding, QSizePolicy::Preferred ); ++ m_explanation->setAlignment( Qt::AlignLeft ); ++ m_explanation->setSizePolicy( QSizePolicy::Expanding, QSizePolicy::Expanding ); + m_explanation->setOpenExternalLinks( false ); + m_explanation->setObjectName( "resultsExplanation" ); + explanationLayout->addWidget( m_explanation ); +@@ -48,6 +66,7 @@ ResultsListWidget::ResultsListWidget( Config* config, QWidget* parent ) + m_countdown->start(); + explanationLayout->addWidget( m_countdown ); + ++ explanationLayout->setContentsMargins( 4, Calamares::defaultFontHeight() * 3 / 4, 4, 4 ); + mainLayout->addLayout( explanationLayout ); + mainLayout->addSpacing( Calamares::defaultFontHeight() / 2 ); + +@@ -60,12 +79,19 @@ ResultsListWidget::ResultsListWidget( Config* config, QWidget* parent ) + m_centralWidget = listview; + m_centralLayout = mainLayout; + ++ listview->setContentsMargins( 4, Calamares::defaultFontHeight() * 3 / 4, 4, 4 ); + mainLayout->addWidget( listview ); + mainLayout->addStretch(); + + connect( config, &Config::warningMessageChanged, m_explanation, &QLabel::setText ); + } + ++QLabel* ++ResultsListWidget::getMainText() const ++{ ++ return findChild("mainText"); ++} ++ + void + ResultsListWidget::requirementsComplete() + { +@@ -108,14 +134,16 @@ ResultsListWidget::requirementsComplete() + imageLabel->setPixmap( theImage ); + } + +- imageLabel->setContentsMargins( 4, Calamares::defaultFontHeight() * 3 / 4, 4, 4 ); +- imageLabel->setAlignment( Qt::AlignCenter ); +- imageLabel->setSizePolicy( QSizePolicy::Expanding, QSizePolicy::Expanding ); ++ imageLabel->setContentsMargins( 4, Calamares::defaultFontHeight() * 3 / 4, 4, 14 ); ++ imageLabel->setAlignment( Qt::AlignLeft ); ++ imageLabel->setSizePolicy(QSizePolicy::Expanding, QSizePolicy::Expanding); + imageLabel->setObjectName( "welcomeLogo" ); + // This specifically isn't assigned to m_centralWidget +- m_centralLayout->addWidget( imageLabel ); ++ // Add imageLabel to the top ++ m_centralLayout->insertWidget( 0, imageLabel ); ++ m_centralLayout->addStretch(); + } + } +- m_explanation->setAlignment( Qt::AlignCenter ); ++ m_explanation->setAlignment( Qt::AlignLeft ); + } + } +diff --git a/src/modules/welcome/checker/ResultsListWidget.h b/src/modules/welcome/checker/ResultsListWidget.h +index 1f2f630..d602744 100644 +--- a/src/modules/welcome/checker/ResultsListWidget.h ++++ b/src/modules/welcome/checker/ResultsListWidget.h +@@ -29,6 +29,8 @@ public: + /// @brief The model of requirements has finished a round of checking + void requirementsComplete(); + ++ QLabel* getMainText() const; ++ + private: + Config* m_config = nullptr; + +-- +2.43.0 + diff --git a/SPECS/calamares/wait.png b/SPECS/calamares/wait.png new file mode 100644 index 0000000000..488da0b05d Binary files /dev/null and b/SPECS/calamares/wait.png differ diff --git a/SPECS/ceph/CVE-2025-1744.patch b/SPECS/ceph/CVE-2025-1744.patch new file mode 100644 index 0000000000..6464d8da75 --- /dev/null +++ b/SPECS/ceph/CVE-2025-1744.patch @@ -0,0 +1,46 @@ +From b72bc56777fc7b4f63aabbf23217d082846397b7 Mon Sep 17 00:00:00 2001 +From: kavyasree +Date: Tue, 11 Mar 2025 12:26:11 +0530 +Subject: [PATCH] Patch for CVE-2025-1744 + +Reference: https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d +--- + src/boost/libs/beast/test/extern/zlib-1.2.11/inflate.c | 5 +++-- + .../tools/boost_install/test/iostreams/zlib-1.2.11/inflate.c | 5 +++-- + 2 files changed, 6 insertions(+), 4 deletions(-) + +diff --git a/src/boost/libs/beast/test/extern/zlib-1.2.11/inflate.c b/src/boost/libs/beast/test/extern/zlib-1.2.11/inflate.c +index ac333e8c2..a32c9bdba 100644 +--- a/src/boost/libs/beast/test/extern/zlib-1.2.11/inflate.c ++++ b/src/boost/libs/beast/test/extern/zlib-1.2.11/inflate.c +@@ -759,8 +759,9 @@ int flush; + if (copy > have) copy = have; + if (copy) { + if (state->head != Z_NULL && +- state->head->extra != Z_NULL) { +- len = state->head->extra_len - state->length; ++ state->head->extra != Z_NULL && ++ (len = state->head->extra_len - state->length) < ++ state->head->extra_max) { + zmemcpy(state->head->extra + len, next, + len + copy > state->head->extra_max ? + state->head->extra_max - len : copy); +diff --git a/src/boost/tools/boost_install/test/iostreams/zlib-1.2.11/inflate.c b/src/boost/tools/boost_install/test/iostreams/zlib-1.2.11/inflate.c +index ac333e8c2..91b2e6445 100644 +--- a/src/boost/tools/boost_install/test/iostreams/zlib-1.2.11/inflate.c ++++ b/src/boost/tools/boost_install/test/iostreams/zlib-1.2.11/inflate.c +@@ -759,8 +759,9 @@ int flush; + if (copy > have) copy = have; + if (copy) { + if (state->head != Z_NULL && +- state->head->extra != Z_NULL) { +- len = state->head->extra_len - state->length; ++ state->head->extra != Z_NULL && ++ (len = state->head->extra_len - state->length) < ++ state->head->extra_max) { + zmemcpy(state->head->extra + len, next, + len + copy > state->head->extra_max ? + state->head->extra_max - len : copy); +-- +2.34.1 + diff --git a/SPECS/ceph/ceph.spec b/SPECS/ceph/ceph.spec index 039280cf7f..26934b138c 100644 --- a/SPECS/ceph/ceph.spec +++ b/SPECS/ceph/ceph.spec @@ -5,7 +5,7 @@ Summary: User space components of the Ceph file system Name: ceph Version: 18.2.2 -Release: 5%{?dist} +Release: 6%{?dist} License: LGPLv2 and LGPLv3 and CC-BY-SA and GPLv2 and Boost and BSD and MIT and Public Domain and GPLv3 and ASL-2.0 URL: https://ceph.io/ Vendor: Microsoft Corporation @@ -25,6 +25,7 @@ Patch10: CVE-2020-10722.patch Patch11: CVE-2024-25629.patch Patch12: CVE-2021-24032.patch Patch13: CVE-2020-10724.patch +Patch14: CVE-2025-1744.patch # # Copyright (C) 2004-2019 The Ceph Project Developers. See COPYING file # at the top-level directory of this distribution and at @@ -2013,6 +2014,9 @@ exit 0 %config %{_sysconfdir}/prometheus/ceph/ceph_default_alerts.yml %changelog +* Tue 11 Mar 2025 Kavya Sree Kaitepalli - 18.2.2-6 +- Patch CVE-2025-1744 + * Wed Feb 05 2025 Kevin Lockwood - 18.2.2-5 - Fix for CVE-2012-2677 - Fix for CVE-2020-10723 diff --git a/SPECS/cert-manager/CVE-2025-30204.patch b/SPECS/cert-manager/CVE-2025-30204.patch new file mode 100644 index 0000000000..cc389d54b3 --- /dev/null +++ b/SPECS/cert-manager/CVE-2025-30204.patch @@ -0,0 +1,71 @@ +From 20e897717946a5bb7750e795c245012bddcfa312 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Fri, 28 Mar 2025 21:29:08 +0000 +Subject: [PATCH] CVE-2025-30204 + +Upstream Patch Reference : v4: https://github.com/golang-jwt/jwt/commit/2f0e9add62078527821828c76865661aa7718a84 +--- + github.com/golang-jwt/jwt/v4/parser.go | 36 +++++++++++++++++++++++--- + 1 file changed, 33 insertions(+), 3 deletions(-) + +diff --git a/cmd/controller/vendor/github.com/golang-jwt/jwt/v4/parser.go b/cmd/controller/vendor/github.com/golang-jwt/jwt/v4/parser.go +index 2f61a69..9484f28 100644 +--- a/cmd/controller/vendor/github.com/golang-jwt/jwt/v4/parser.go ++++ b/cmd/controller/vendor/github.com/golang-jwt/jwt/v4/parser.go +@@ -7,6 +7,8 @@ import ( + "strings" + ) + ++const tokenDelimiter = "." ++ + type Parser struct { + // If populated, only these methods will be considered valid. + // +@@ -116,9 +118,10 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf + // It's only ever useful in cases where you know the signature is valid (because it has + // been checked previously in the stack) and you want to extract values from it. + func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { +- parts = strings.Split(tokenString, ".") +- if len(parts) != 3 { +- return nil, parts, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) ++ var ok bool ++ parts, ok = splitToken(tokenString) ++ if !ok { ++ return nil, nil, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) + } + + token = &Token{Raw: tokenString} +@@ -168,3 +171,30 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke + + return token, parts, nil + } ++ ++// splitToken splits a token string into three parts: header, claims, and signature. It will only ++// return true if the token contains exactly two delimiters and three parts. In all other cases, it ++// will return nil parts and false. ++func splitToken(token string) ([]string, bool) { ++ parts := make([]string, 3) ++ header, remain, ok := strings.Cut(token, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[0] = header ++ claims, remain, ok := strings.Cut(remain, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[1] = claims ++ // One more cut to ensure the signature is the last part of the token and there are no more ++ // delimiters. This avoids an issue where malicious input could contain additional delimiters ++ // causing unecessary overhead parsing tokens. ++ signature, _, unexpected := strings.Cut(remain, tokenDelimiter) ++ if unexpected { ++ return nil, false ++ } ++ parts[2] = signature ++ ++ return parts, true ++} +-- +2.45.2 + diff --git a/SPECS/cert-manager/cert-manager.spec b/SPECS/cert-manager/cert-manager.spec index 42f9361848..243f7f8fc8 100644 --- a/SPECS/cert-manager/cert-manager.spec +++ b/SPECS/cert-manager/cert-manager.spec @@ -1,7 +1,7 @@ Summary: Automatically provision and manage TLS certificates in Kubernetes Name: cert-manager Version: 1.12.15 -Release: 3%{?dist} +Release: 4%{?dist} License: ASL 2.0 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -17,6 +17,7 @@ Patch0: CVE-2024-45338.patch Patch1: CVE-2025-27144.patch Patch2: CVE-2025-22868.patch Patch3: CVE-2025-22869.patch +Patch4: CVE-2025-30204.patch BuildRequires: golang Requires: %{name}-acmesolver Requires: %{name}-cainjector @@ -107,6 +108,10 @@ install -D -m0755 bin/webhook %{buildroot}%{_bindir}/ %{_bindir}/webhook %changelog +* Fri Apr 28 2025 Ranjan Dutta - 1.12.15-4 +- merge from Azure Linux 3.0.20250423. +- Patch CVE-2025-30204 + * Fri Mar 21 2025 Anuj Mittal - 1.12.15-3 - Bump Release to rebuild diff --git a/SPECS/cifs-utils/cifs-utils.signatures.json b/SPECS/cifs-utils/cifs-utils.signatures.json index 78ee10badf..154c99a76c 100644 --- a/SPECS/cifs-utils/cifs-utils.signatures.json +++ b/SPECS/cifs-utils/cifs-utils.signatures.json @@ -1,5 +1,5 @@ { - "Signatures": { - "cifs-utils-7.0.tar.bz2": "0defaab85bd3ea46ffc45ab41fb0d0ad54d05ae2cfaa7e503de86d4f12bc8161" - } + "Signatures": { + "cifs-utils-7.3.tar.bz2": "c4e1eb5f4ad880d96e16d95a1cdbc7ec978ab51c5b6d8a20ae09dac638f36dd5" + } } diff --git a/SPECS/cifs-utils/cifs-utils.spec b/SPECS/cifs-utils/cifs-utils.spec index a1fa0aa599..1d95ece804 100644 --- a/SPECS/cifs-utils/cifs-utils.spec +++ b/SPECS/cifs-utils/cifs-utils.spec @@ -1,7 +1,7 @@ Summary: cifs client utils Name: cifs-utils -Version: 7.0 -Release: 2%{?dist} +Version: 7.3 +Release: 1%{?dist} License: GPLv3 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -12,6 +12,7 @@ BuildRequires: keyutils-devel BuildRequires: libcap-ng-devel BuildRequires: libtalloc-devel BuildRequires: pam-devel +BuildRequires: krb5-devel Requires: libcap-ng %description @@ -43,15 +44,19 @@ Provides header files needed for Cifs-Utils development. %build autoreconf -fiv -# Disabling 'cifsupcall' to not introduce a dependency on 'krb5'. %configure \ --prefix=%{_prefix} \ - ROOTSBINDIR=%{_sbindir} \ - --disable-cifsupcall + ROOTSBINDIR=%{_sbindir} %make_build %install -%make_install +#%make_install +rm -rf %{buildroot} +make install DESTDIR=%{buildroot} +mkdir -p %{buildroot}%{_sysconfdir}/%{name} +mkdir -p %{buildroot}%{_sysconfdir}/request-key.d +install -m 644 contrib/request-key.d/cifs.idmap.conf %{buildroot}%{_sysconfdir}/request-key.d +install -m 644 contrib/request-key.d/cifs.spnego.conf %{buildroot}%{_sysconfdir}/request-key.d %check make %{?_smp_mflags} check @@ -64,6 +69,9 @@ make %{?_smp_mflags} check %{_bindir}/smbinfo %{_sbindir}/mount.cifs %{_sbindir}/mount.smb3 +%{_sbindir}/cifs.upcall +%config(noreplace) %{_sysconfdir}/request-key.d/cifs.idmap.conf +%config(noreplace) %{_sysconfdir}/request-key.d/cifs.spnego.conf %files -n pam_cifscreds %{_libdir}/security/pam_cifscreds.so @@ -73,6 +81,9 @@ make %{?_smp_mflags} check %{_includedir}/cifsidmap.h %changelog +* Wed Mar 26 2025 CBL-Mariner Servicing Account - 7.3-1 +- Auto-upgrade to 7.3 - Bugfix: 56213770, 56248605 + * Fri Feb 07 2025 Pawel Winogrodzki - 7.0-2 - Explicitly disable 'cifs-upcall'. diff --git a/SPECS/cmake/CVE-2023-35945.patch b/SPECS/cmake/CVE-2023-35945.patch new file mode 100644 index 0000000000..d8f5977c81 --- /dev/null +++ b/SPECS/cmake/CVE-2023-35945.patch @@ -0,0 +1,86 @@ +From c9fb4415b76e6cf388c3c7105481b90b1a4c8c29 Mon Sep 17 00:00:00 2001 +From: Tatsuhiro Tsujikawa +Date: Fri, 14 Jul 2023 20:52:03 +0900 +Subject: [PATCH] Fix memory leak + +This commit fixes memory leak that happens when PUSH_PROMISE or +HEADERS frame cannot be sent, and nghttp2_on_stream_close_callback +fails with a fatal error. For example, if GOAWAY frame has been +received, a HEADERS frame that opens new stream cannot be sent. + +This issue has already been made public via CVE-2023-35945 [1] issued +by envoyproxy/envoy project. During embargo period, the patch to fix +this bug was accidentally submitted to nghttp2/nghttp2 repository [2]. +And they decided to disclose CVE early. I was notified just 1.5 hours +before disclosure. I had no time to respond. + +PoC described in [1] is quite simple, but I think it is not enough to +trigger this bug. While it is true that receiving GOAWAY prevents a +client from opening new stream, and nghttp2 enters error handling +branch, in order to cause the memory leak, +nghttp2_session_close_stream function must return a fatal error. +nghttp2 defines 2 fatal error codes: + +- NGHTTP2_ERR_NOMEM +- NGHTTP2_ERR_CALLBACK_FAILURE + +NGHTTP2_ERR_NOMEM, as its name suggests, indicates out of memory. It +is unlikely that a process gets short of memory with this simple PoC +scenario unless application does something memory heavy processing. + +NGHTTP2_ERR_CALLBACK_FAILURE is returned from application defined +callback function (nghttp2_on_stream_close_callback, in this case), +which indicates something fatal happened inside a callback, and a +connection must be closed immediately without any further action. As +nghttp2_on_stream_close_error_callback documentation says, any error +code other than 0 or NGHTTP2_ERR_CALLBACK_FAILURE is treated as fatal +error code. More specifically, it is treated as if +NGHTTP2_ERR_CALLBACK_FAILURE is returned. I guess that envoy returns +NGHTTP2_ERR_CALLBACK_FAILURE or other error code which is translated +into NGHTTP2_ERR_CALLBACK_FAILURE. + +[1] https://github.com/envoyproxy/envoy/security/advisories/GHSA-jfxv-29pc-x22r +[2] https://github.com/nghttp2/nghttp2/pull/1929 +--- + lib/nghttp2_session.c | 10 +++++----- + tests/nghttp2_session_test.c | 34 ++++++++++++++++++++++++++++++++++ + 2 files changed, 39 insertions(+), 5 deletions(-) + +diff --git a/Utilities/cmnghttp2/lib/nghttp2_session.c b/lib/nghttp2_session.c +index 9df3d6f3..45392f1a 100644 +--- a/Utilities/cmnghttp2/lib/nghttp2_session.c ++++ b/Utilities/cmnghttp2/lib/nghttp2_session.c +@@ -2930,6 +2930,7 @@ static ssize_t nghttp2_session_mem_send_internal(nghttp2_session *session, + if (rv < 0) { + int32_t opened_stream_id = 0; + uint32_t error_code = NGHTTP2_INTERNAL_ERROR; ++ int rv2 = 0; + + DEBUGF("send: frame preparation failed with %s\n", + nghttp2_strerror(rv)); +@@ -2972,19 +2973,18 @@ static ssize_t nghttp2_session_mem_send_internal(nghttp2_session *session, + } + if (opened_stream_id) { + /* careful not to override rv */ +- int rv2; + rv2 = nghttp2_session_close_stream(session, opened_stream_id, + error_code); +- +- if (nghttp2_is_fatal(rv2)) { +- return rv2; +- } + } + + nghttp2_outbound_item_free(item, mem); + nghttp2_mem_free(mem, item); + active_outbound_item_reset(aob, mem); + ++ if (nghttp2_is_fatal(rv2)) { ++ return rv2; ++ } ++ + if (rv == NGHTTP2_ERR_HEADER_COMP) { + /* If header compression error occurred, should terminiate + connection. */ +-- +2.17.1 diff --git a/SPECS/cmake/CVE-2023-44487.patch b/SPECS/cmake/CVE-2023-44487.patch new file mode 100644 index 0000000000..02be40e58d --- /dev/null +++ b/SPECS/cmake/CVE-2023-44487.patch @@ -0,0 +1,510 @@ +From 72b4af6143681f528f1d237b21a9a7aee1738832 Mon Sep 17 00:00:00 2001 +From: Tatsuhiro Tsujikawa +Date: Sun, 1 Oct 2023 00:05:01 +0900 +Subject: [PATCH] Rework session management + +Adjust patch to apply to Azure Linux 3.0. + - Remove test files (not present in AzL3 package source) + - Adjust diffs to account for drift and other CVE patches + +--- + Utilities/cmnghttp2/CMakeLists.txt | 2 + + Utilities/cmnghttp2/cmakeconfig.h.in | 9 +++ + Utilities/cmnghttp2/lib/includes/nghttp2/nghttp2.h | 17 ++++++ + Utilities/cmnghttp2/lib/nghttp2_option.c | 7 +++ + Utilities/cmnghttp2/lib/nghttp2_option.h | 6 ++ + Utilities/cmnghttp2/lib/nghttp2_ratelim.c | 75 ++++++++++++++++++++++++ + Utilities/cmnghttp2/lib/nghttp2_ratelim.h | 57 ++++++++++++++++++ + Utilities/cmnghttp2/lib/nghttp2_session.c | 34 ++++++++++- + Utilities/cmnghttp2/lib/nghttp2_session.h | 12 +++- + Utilities/cmnghttp2/lib/nghttp2_time.c | 62 ++++++++++++++++++++ + Utilities/cmnghttp2/lib/nghttp2_time.h | 38 ++++++++++++ + 11 files changed, 317 insertions(+), 2 deletions(-) + create mode 100644 Utilities/cmnghttp2/lib/nghttp2_ratelim.c + create mode 100644 Utilities/cmnghttp2/lib/nghttp2_ratelim.h + create mode 100644 Utilities/cmnghttp2/lib/nghttp2_time.c + create mode 100644 Utilities/cmnghttp2/lib/nghttp2_time.h + +diff --git a/Utilities/cmnghttp2/CMakeLists.txt b/Utilities/cmnghttp2/CMakeLists.txt +index 6d0c76ff..f55defc2 100644 +--- a/Utilities/cmnghttp2/CMakeLists.txt ++++ b/Utilities/cmnghttp2/CMakeLists.txt +@@ -34,10 +34,12 @@ add_library(cmnghttp2 STATIC + lib/nghttp2_pq.c + lib/nghttp2_priority_spec.c + lib/nghttp2_queue.c ++ lib/nghttp2_ratelim.c + lib/nghttp2_rcbuf.c + lib/nghttp2_session.c + lib/nghttp2_stream.c + lib/nghttp2_submit.c ++ lib/nghttp2_time.c + lib/nghttp2_version.c + ) + +diff --git a/Utilities/cmnghttp2/cmakeconfig.h.in b/Utilities/cmnghttp2/cmakeconfig.h.in +index 8b14df2f..85134251 100644 +--- a/Utilities/cmnghttp2/cmakeconfig.h.in ++++ b/Utilities/cmnghttp2/cmakeconfig.h.in +@@ -13,3 +13,12 @@ + + /* Define to 1 if you have the header file. */ + #cmakedefine HAVE_NETINET_IN_H 1 ++ ++/* Define to 1 if you have the `clock_gettime` function. */ ++#cmakedefine HAVE_CLOCK_GETTIME 1 ++ ++/* Define to 1 if you have the `GetTickCount64` function. */ ++#cmakedefine HAVE_GETTICKCOUNT64 1 ++ ++/* Define to 1 if you have the header file. */ ++#cmakedefine HAVE_SYSINFOAPI_H 1 +diff --git a/Utilities/cmnghttp2/lib/includes/nghttp2/nghttp2.h b/Utilities/cmnghttp2/lib/includes/nghttp2/nghttp2.h +index 1486bd0f..4d3339b5 100644 +--- a/Utilities/cmnghttp2/lib/includes/nghttp2/nghttp2.h ++++ b/Utilities/cmnghttp2/lib/includes/nghttp2/nghttp2.h +@@ -2761,6 +2761,23 @@ NGHTTP2_EXTERN void + nghttp2_option_set_no_rfc9113_leading_and_trailing_ws_validation( + nghttp2_option *option, int val); + ++/** ++ * @function ++ * ++ * This function sets the rate limit for the incoming stream reset ++ * (RST_STREAM frame). It is server use only. It is a token-bucket ++ * based rate limiter. |burst| specifies the number of tokens that is ++ * initially available. The maximum number of tokens is capped to ++ * this value. |rate| specifies the number of tokens that are ++ * regenerated per second. An incoming RST_STREAM consumes one token. ++ * If there is no token available, GOAWAY is sent to tear down the ++ * connection. |burst| and |rate| default to 1000 and 33 ++ * respectively. ++ */ ++NGHTTP2_EXTERN void ++nghttp2_option_set_stream_reset_rate_limit(nghttp2_option *option, ++ uint64_t burst, uint64_t rate); ++ + /** + * @function + * +diff --git a/Utilities/cmnghttp2/lib/nghttp2_option.c b/Utilities/cmnghttp2/lib/nghttp2_option.c +index dba2308b..1889feb9 100644 +--- a/Utilities/cmnghttp2/lib/nghttp2_option.c ++++ b/Utilities/cmnghttp2/lib/nghttp2_option.c +@@ -144,6 +144,13 @@ void nghttp2_option_set_no_rfc9113_leading_and_trailing_ws_validation( + option->no_rfc9113_leading_and_trailing_ws_validation = val; + } + ++void nghttp2_option_set_stream_reset_rate_limit(nghttp2_option *option, ++ uint64_t burst, uint64_t rate) { ++ option->opt_set_mask |= NGHTTP2_OPT_STREAM_RESET_RATE_LIMIT; ++ option->stream_reset_burst = burst; ++ option->stream_reset_rate = rate; ++} ++ + void nghttp2_option_set_max_continuations(nghttp2_option *option, size_t val) { + option->opt_set_mask |= NGHTTP2_OPT_MAX_CONTINUATIONS; + option->max_continuations = val; +diff --git a/Utilities/cmnghttp2/lib/nghttp2_option.h b/Utilities/cmnghttp2/lib/nghttp2_option.h +index aca08530..6f79b2aa 100644 +--- a/Utilities/cmnghttp2/lib/nghttp2_option.h ++++ b/Utilities/cmnghttp2/lib/nghttp2_option.h +@@ -71,12 +71,18 @@ typedef enum { + NGHTTP2_OPT_SERVER_FALLBACK_RFC7540_PRIORITIES = 1 << 13, + NGHTTP2_OPT_NO_RFC9113_LEADING_AND_TRAILING_WS_VALIDATION = 1 << 14, + NGHTTP2_OPT_MAX_CONTINUATIONS = 1 << 16, ++ NGHTTP2_OPT_STREAM_RESET_RATE_LIMIT = 1 << 15, + } nghttp2_option_flag; + + /** + * Struct to store option values for nghttp2_session. + */ + struct nghttp2_option { ++ /** ++ * NGHTTP2_OPT_STREAM_RESET_RATE_LIMIT ++ */ ++ uint64_t stream_reset_burst; ++ uint64_t stream_reset_rate; + /** + * NGHTTP2_OPT_MAX_SEND_HEADER_BLOCK_LENGTH + */ +diff --git a/Utilities/cmnghttp2/lib/nghttp2_ratelim.c b/Utilities/cmnghttp2/lib/nghttp2_ratelim.c +new file mode 100644 +index 00000000..7011655b +--- /dev/null ++++ b/Utilities/cmnghttp2/lib/nghttp2_ratelim.c +@@ -0,0 +1,75 @@ ++/* ++ * nghttp2 - HTTP/2 C Library ++ * ++ * Copyright (c) 2023 nghttp2 contributors ++ * ++ * Permission is hereby granted, free of charge, to any person obtaining ++ * a copy of this software and associated documentation files (the ++ * "Software"), to deal in the Software without restriction, including ++ * without limitation the rights to use, copy, modify, merge, publish, ++ * distribute, sublicense, and/or sell copies of the Software, and to ++ * permit persons to whom the Software is furnished to do so, subject to ++ * the following conditions: ++ * ++ * The above copyright notice and this permission notice shall be ++ * included in all copies or substantial portions of the Software. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, ++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF ++ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE ++ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION ++ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION ++ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ++ */ ++#include "nghttp2_ratelim.h" ++#include "nghttp2_helper.h" ++ ++void nghttp2_ratelim_init(nghttp2_ratelim *rl, uint64_t burst, uint64_t rate) { ++ rl->val = rl->burst = burst; ++ rl->rate = rate; ++ rl->tstamp = 0; ++} ++ ++void nghttp2_ratelim_update(nghttp2_ratelim *rl, uint64_t tstamp) { ++ uint64_t d, gain; ++ ++ if (tstamp == rl->tstamp) { ++ return; ++ } ++ ++ if (tstamp > rl->tstamp) { ++ d = tstamp - rl->tstamp; ++ } else { ++ d = 1; ++ } ++ ++ rl->tstamp = tstamp; ++ ++ if (UINT64_MAX / d < rl->rate) { ++ rl->val = rl->burst; ++ ++ return; ++ } ++ ++ gain = rl->rate * d; ++ ++ if (UINT64_MAX - gain < rl->val) { ++ rl->val = rl->burst; ++ ++ return; ++ } ++ ++ rl->val += gain; ++ rl->val = nghttp2_min(rl->val, rl->burst); ++} ++ ++int nghttp2_ratelim_drain(nghttp2_ratelim *rl, uint64_t n) { ++ if (rl->val < n) { ++ return -1; ++ } ++ ++ rl->val -= n; ++ ++ return 0; ++} +diff --git a/Utilities/cmnghttp2/lib/nghttp2_ratelim.h b/Utilities/cmnghttp2/lib/nghttp2_ratelim.h +new file mode 100644 +index 00000000..866ed3f0 +--- /dev/null ++++ b/Utilities/cmnghttp2/lib/nghttp2_ratelim.h +@@ -0,0 +1,57 @@ ++/* ++ * nghttp2 - HTTP/2 C Library ++ * ++ * Copyright (c) 2023 nghttp2 contributors ++ * ++ * Permission is hereby granted, free of charge, to any person obtaining ++ * a copy of this software and associated documentation files (the ++ * "Software"), to deal in the Software without restriction, including ++ * without limitation the rights to use, copy, modify, merge, publish, ++ * distribute, sublicense, and/or sell copies of the Software, and to ++ * permit persons to whom the Software is furnished to do so, subject to ++ * the following conditions: ++ * ++ * The above copyright notice and this permission notice shall be ++ * included in all copies or substantial portions of the Software. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, ++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF ++ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE ++ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION ++ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION ++ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ++ */ ++#ifndef NGHTTP2_RATELIM_H ++#define NGHTTP2_RATELIM_H ++ ++#ifdef HAVE_CONFIG_H ++# include ++#endif /* HAVE_CONFIG_H */ ++ ++#include ++ ++typedef struct nghttp2_ratelim { ++ /* burst is the maximum value of val. */ ++ uint64_t burst; ++ /* rate is the amount of value that is regenerated per 1 tstamp. */ ++ uint64_t rate; ++ /* val is the amount of value available to drain. */ ++ uint64_t val; ++ /* tstamp is the last timestamp in second resolution that is known ++ to this object. */ ++ uint64_t tstamp; ++} nghttp2_ratelim; ++ ++/* nghttp2_ratelim_init initializes |rl| with the given parameters. */ ++void nghttp2_ratelim_init(nghttp2_ratelim *rl, uint64_t burst, uint64_t rate); ++ ++/* nghttp2_ratelim_update updates rl->val with the current |tstamp| ++ given in second resolution. */ ++void nghttp2_ratelim_update(nghttp2_ratelim *rl, uint64_t tstamp); ++ ++/* nghttp2_ratelim_drain drains |n| from rl->val. It returns 0 if it ++ succeeds, or -1. */ ++int nghttp2_ratelim_drain(nghttp2_ratelim *rl, uint64_t n); ++ ++#endif /* NGHTTP2_RATELIM_H */ +diff --git a/Utilities/cmnghttp2/lib/nghttp2_session.c b/Utilities/cmnghttp2/lib/nghttp2_session.c +index b178d5b0..92425b15 100644 +--- a/Utilities/cmnghttp2/lib/nghttp2_session.c ++++ b/Utilities/cmnghttp2/lib/nghttp2_session.c +@@ -37,6 +37,7 @@ + #include "nghttp2_http.h" + #include "nghttp2_pq.h" + #include "nghttp2_extpri.h" ++#include "nghttp2_time.h" + #include "nghttp2_debug.h" + + /* +@@ -475,6 +476,10 @@ static int session_new(nghttp2_session **session_ptr, + (*session_ptr)->pending_enable_push = 1; + (*session_ptr)->pending_no_rfc7540_priorities = UINT8_MAX; + ++ nghttp2_ratelim_init(&(*session_ptr)->stream_reset_ratelim, ++ NGHTTP2_DEFAULT_STREAM_RESET_BURST, ++ NGHTTP2_DEFAULT_STREAM_RESET_RATE); ++ + if (server) { + (*session_ptr)->server = 1; + } +@@ -575,6 +580,12 @@ static int session_new(nghttp2_session **session_ptr, + NGHTTP2_OPTMASK_NO_RFC9113_LEADING_AND_TRAILING_WS_VALIDATION; + } + ++ if (option->opt_set_mask & NGHTTP2_OPT_STREAM_RESET_RATE_LIMIT) { ++ nghttp2_ratelim_init(&(*session_ptr)->stream_reset_ratelim, ++ option->stream_reset_burst, ++ option->stream_reset_rate); ++ } ++ + if (option->opt_set_mask & NGHTTP2_OPT_MAX_CONTINUATIONS) { + (*session_ptr)->max_continuations = option->max_continuations; + } +@@ -4537,6 +4548,23 @@ static int session_process_priority_frame(nghttp2_session *session) { + return nghttp2_session_on_priority_received(session, frame); + } + ++static int session_update_stream_reset_ratelim(nghttp2_session *session) { ++ if (!session->server || (session->goaway_flags & NGHTTP2_GOAWAY_SUBMITTED)) { ++ return 0; ++ } ++ ++ nghttp2_ratelim_update(&session->stream_reset_ratelim, ++ nghttp2_time_now_sec()); ++ ++ if (nghttp2_ratelim_drain(&session->stream_reset_ratelim, 1) == 0) { ++ return 0; ++ } ++ ++ return nghttp2_session_add_goaway(session, session->last_recv_stream_id, ++ NGHTTP2_INTERNAL_ERROR, NULL, 0, ++ NGHTTP2_GOAWAY_AUX_NONE); ++} ++ + int nghttp2_session_on_rst_stream_received(nghttp2_session *session, + nghttp2_frame *frame) { + int rv; +@@ -4566,7 +4594,8 @@ int nghttp2_session_on_rst_stream_received(nghttp2_session *session, + if (nghttp2_is_fatal(rv)) { + return rv; + } +- return 0; ++ ++ return session_update_stream_reset_ratelim(session); + } + + static int session_process_rst_stream_frame(nghttp2_session *session) { +@@ -7534,6 +7563,9 @@ int nghttp2_session_add_goaway(nghttp2_session *session, int32_t last_stream_id, + nghttp2_mem_free(mem, item); + return rv; + } ++ ++ session->goaway_flags |= NGHTTP2_GOAWAY_SUBMITTED; ++ + return 0; + } + +diff --git a/Utilities/cmnghttp2/lib/nghttp2_session.h b/Utilities/cmnghttp2/lib/nghttp2_session.h +index dfdbd9ba..ef8f7b27 100644 +--- a/Utilities/cmnghttp2/lib/nghttp2_session.h ++++ b/Utilities/cmnghttp2/lib/nghttp2_session.h +@@ -39,6 +39,7 @@ + #include "nghttp2_buf.h" + #include "nghttp2_callbacks.h" + #include "nghttp2_mem.h" ++#include "nghttp2_ratelim.h" + + /* The global variable for tests where we want to disable strict + preface handling. */ +@@ -105,6 +106,10 @@ typedef struct { + /* The default value of maximum number of concurrent streams. */ + #define NGHTTP2_DEFAULT_MAX_CONCURRENT_STREAMS 0xffffffffu + ++/* The default values for stream reset rate limiter. */ ++#define NGHTTP2_DEFAULT_STREAM_RESET_BURST 1000 ++#define NGHTTP2_DEFAULT_STREAM_RESET_RATE 33 ++ + /* The default max number of CONTINUATION frames following an incoming + HEADER frame. */ + #define NGHTTP2_DEFAULT_MAX_CONTINUATIONS 8 +@@ -182,7 +187,9 @@ typedef enum { + /* Flag means GOAWAY was sent */ + NGHTTP2_GOAWAY_SENT = 0x4, + /* Flag means GOAWAY was received */ +- NGHTTP2_GOAWAY_RECV = 0x8 ++ NGHTTP2_GOAWAY_RECV = 0x8, ++ /* Flag means GOAWAY has been submitted at least once */ ++ NGHTTP2_GOAWAY_SUBMITTED = 0x10 + } nghttp2_goaway_flag; + + /* nghttp2_inflight_settings stores the SETTINGS entries which local +@@ -239,6 +246,9 @@ struct nghttp2_session { + /* Queue of In-flight SETTINGS values. SETTINGS bearing ACK is not + considered as in-flight. */ + nghttp2_inflight_settings *inflight_settings_head; ++ /* Stream reset rate limiter. If receiving excessive amount of ++ stream resets, GOAWAY will be sent. */ ++ nghttp2_ratelim stream_reset_ratelim; + /* Sequential number across all streams to process streams in + FIFO. */ + uint64_t stream_seq; +diff --git a/Utilities/cmnghttp2/lib/nghttp2_time.c b/Utilities/cmnghttp2/lib/nghttp2_time.c +new file mode 100644 +index 00000000..2a5f1a6f +--- /dev/null ++++ b/Utilities/cmnghttp2/lib/nghttp2_time.c +@@ -0,0 +1,62 @@ ++/* ++ * nghttp2 - HTTP/2 C Library ++ * ++ * Copyright (c) 2023 nghttp2 contributors ++ * ++ * Permission is hereby granted, free of charge, to any person obtaining ++ * a copy of this software and associated documentation files (the ++ * "Software"), to deal in the Software without restriction, including ++ * without limitation the rights to use, copy, modify, merge, publish, ++ * distribute, sublicense, and/or sell copies of the Software, and to ++ * permit persons to whom the Software is furnished to do so, subject to ++ * the following conditions: ++ * ++ * The above copyright notice and this permission notice shall be ++ * included in all copies or substantial portions of the Software. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, ++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF ++ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE ++ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION ++ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION ++ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ++ */ ++#include "nghttp2_time.h" ++ ++#ifdef HAVE_TIME_H ++# include ++#endif /* HAVE_TIME_H */ ++ ++#ifdef HAVE_SYSINFOAPI_H ++# include ++#endif /* HAVE_SYSINFOAPI_H */ ++ ++#ifndef HAVE_GETTICKCOUNT64 ++static uint64_t time_now_sec(void) { ++ time_t t = time(NULL); ++ ++ if (t == -1) { ++ return 0; ++ } ++ ++ return (uint64_t)t; ++} ++#endif /* HAVE_GETTICKCOUNT64 */ ++ ++#ifdef HAVE_CLOCK_GETTIME ++uint64_t nghttp2_time_now_sec(void) { ++ struct timespec tp; ++ int rv = clock_gettime(CLOCK_MONOTONIC, &tp); ++ ++ if (rv == -1) { ++ return time_now_sec(); ++ } ++ ++ return (uint64_t)tp.tv_sec; ++} ++#elif defined(HAVE_GETTICKCOUNT64) ++uint64_t nghttp2_time_now_sec(void) { return GetTickCount64() / 1000; } ++#else /* !HAVE_CLOCK_GETTIME && !HAVE_GETTICKCOUNT64 */ ++uint64_t nghttp2_time_now_sec(void) { return time_now_sec(); } ++#endif /* !HAVE_CLOCK_GETTIME && !HAVE_GETTICKCOUNT64 */ +diff --git a/Utilities/cmnghttp2/lib/nghttp2_time.h b/Utilities/cmnghttp2/lib/nghttp2_time.h +new file mode 100644 +index 00000000..03c0bbe9 +--- /dev/null ++++ b/Utilities/cmnghttp2/lib/nghttp2_time.h +@@ -0,0 +1,38 @@ ++/* ++ * nghttp2 - HTTP/2 C Library ++ * ++ * Copyright (c) 2023 nghttp2 contributors ++ * ++ * Permission is hereby granted, free of charge, to any person obtaining ++ * a copy of this software and associated documentation files (the ++ * "Software"), to deal in the Software without restriction, including ++ * without limitation the rights to use, copy, modify, merge, publish, ++ * distribute, sublicense, and/or sell copies of the Software, and to ++ * permit persons to whom the Software is furnished to do so, subject to ++ * the following conditions: ++ * ++ * The above copyright notice and this permission notice shall be ++ * included in all copies or substantial portions of the Software. ++ * ++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, ++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF ++ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND ++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE ++ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION ++ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION ++ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ++ */ ++#ifndef NGHTTP2_TIME_H ++#define NGHTTP2_TIME_H ++ ++#ifdef HAVE_CONFIG_H ++# include ++#endif /* HAVE_CONFIG_H */ ++ ++#include ++ ++/* nghttp2_time_now_sec returns seconds from implementation-specific ++ timepoint. If it is unable to get seconds, it returns 0. */ ++uint64_t nghttp2_time_now_sec(void); ++ ++#endif /* NGHTTP2_TIME_H */ diff --git a/SPECS/cmake/cmake.spec b/SPECS/cmake/cmake.spec index 6ba7956593..781e636543 100644 --- a/SPECS/cmake/cmake.spec +++ b/SPECS/cmake/cmake.spec @@ -2,7 +2,7 @@ Summary: Cmake Name: cmake Version: 3.30.3 -Release: 4%{?dist} +Release: 5%{?dist} License: BSD AND LGPLv2+ Vendor: Microsoft Corporation Distribution: Azure Linux @@ -17,6 +17,14 @@ Patch3: CVE-2024-8096.patch Patch4: CVE-2024-11053.patch Patch5: CVE-2024-7264.patch Patch6: CVE-2024-9681.patch +Patch7: CVE-2023-44487.patch +# When upgrading cmake, verify by hand that this patch is actually contained +# within the cmnghttp2 source. The autoupgrader mistakenly removes it. Upstream +# nghttp2 patched this with v1.55.1 and newer. As of cmake v3.30.3, cmake has +# nghttp2 v1.52.0 plus some upstream patches. nghttp2 version can be found in +# Utilities/cmnghttp2/lib/includes/nghttp2/nghttp2ver.h. Manual inspection is +# required to determine what upstream patches are included. +Patch8: CVE-2023-35945.patch BuildRequires: bzip2 BuildRequires: bzip2-devel BuildRequires: curl @@ -96,7 +104,10 @@ bin/ctest --force-new-ctest-process --rerun-failed --output-on-failure %{_libdir}/rpm/macros.d/macros.cmake %changelog -* Tue Jan 22 2025 Jyoti Kanase - 3.30.3-4 +* Thu Mar 06 2025 corvus-callidus <108946721+corvus-callidus@users.noreply.github.com> - 3.30.3-5 +- Patch vendored nghttp2 to fix CVE-2023-44487 and CVE-2023-35945 + +* Wed Jan 22 2025 Jyoti Kanase - 3.30.3-4 - Fix CVE-2024-7264 and CVE-2024-9681 * Wed Jan 15 2025 Henry Beberman - 3.30.3-3 diff --git a/SPECS/conda/conda.signatures.json b/SPECS/conda/conda.signatures.json index 191933e088..ce7da5fc05 100644 --- a/SPECS/conda/conda.signatures.json +++ b/SPECS/conda/conda.signatures.json @@ -1,6 +1,6 @@ { - "Signatures": { - "conda-24.1.2.tar.gz": "6bc4f1f72a0edddefa10e0667d6ab2eb2f1956919a59508bf3bf6c001bf7a6e8", - "conda": "9e89219d7fc4c26931a4309be8f989a03bc708d4466fcdb812f755715b946848" - } + "Signatures": { + "conda": "9e89219d7fc4c26931a4309be8f989a03bc708d4466fcdb812f755715b946848", + "conda-24.3.0.tar.gz": "92211ae60037bceb452e3f03183be29dcecc62c7826661cff6eaeb41cb216208" + } } diff --git a/SPECS/conda/conda.spec b/SPECS/conda/conda.spec index 2fcaf4a000..2277d381e6 100644 --- a/SPECS/conda/conda.spec +++ b/SPECS/conda/conda.spec @@ -1,7 +1,7 @@ Summary: Cross-platform, Python-agnostic binary package manager Name: conda -Version: 24.1.2 -Release: 2%{?dist} +Version: 24.3.0 +Release: 1%{?dist} License: BSD-3-Clause AND Apache-2.0 # The conda code is BSD-3-Clause # adapters/ftp.py is Apache-2.0 @@ -32,6 +32,13 @@ BuildRequires: python3-pip BuildRequires: python3-pluggy %if 0%{?with_check} BuildRequires: python3-pytest +BuildRequires: python3-archspec +BuildRequires: python3-boltons +BuildRequires: python3-conda-libmamba-solver +BuildRequires: python3-conda-package-streaming +BuildRequires: python3-jsonpatch +BuildRequires: python3-menuinst +BuildRequires: python3-platformdirs %endif BuildRequires: python3-setuptools BuildRequires: python3-setuptools_scm @@ -89,12 +96,19 @@ BuildRequires: %py3_reqs # For tests BuildRequires: python3 %if 0%{?with_check} -BuildRequires: python%{python3_pkgversion}-jsonpatch BuildRequires: python%{python3_pkgversion}-pytest-mock BuildRequires: python%{python3_pkgversion}-responses %endif Requires: %py3_reqs +Requires: python3-archspec +Requires: python3-boltons +Requires: python3-conda-libmamba-solver +Requires: python3-conda-package-streaming +Requires: python3-jsonpatch +Requires: python3-menuinst +Requires: python3-platformdirs + # Some versions in conda/_vendor/vendor.txt Provides: bundled(python%{python3_pkgversion}-appdirs) = 1.2.0 Provides: bundled(python%{python3_pkgversion}-auxlib) = 0.0.43 @@ -185,7 +199,7 @@ install -m 0644 -Dt %{buildroot}%{bash_completionsdir}/ %SOURCE1 %check %if 0%{?with_check} -pip3 install archspec iniconfig flask pytest-xprocess zstandard conda-package-streaming flaky pytest-timeout +pip3 install iniconfig flask pytest-xprocess flaky pytest-timeout export PATH=%{buildroot}%{_bindir}:$PATH PYTHONPATH=%{buildroot}%{python3_sitelib} conda info @@ -398,6 +412,12 @@ PYTHONPATH=%{buildroot}%{python3_sitelib} conda info --deselect=tests/gateways/disk/test_permissions.py::test_make_writable \ --deselect=tests/gateways/disk/test_permissions.py::test_recursive_make_writable \ --deselect=tests/gateways/disk/test_permissions.py::test_make_executable \ + --deselect=tests/test_install.py::test_install_mkdir \ + --deselect=tests/test_install.py::test_conda_pip_interop_dependency_satisfied_by_pip \ + --deselect=tests/test_install.py::test_install_freezes_env_by_default \ + --deselect=tests/core/test_solve.py::test_archspec_call[libmamba] \ + --deselect=tests/test_install.py::test_install_from_extracted_package \ + --deselect=tests/plugins/test_subcommands.py::test_help \ conda tests %endif @@ -424,6 +444,10 @@ PYTHONPATH=%{buildroot}%{python3_sitelib} conda info %{_datadir}/conda/condarc.d/ %changelog +* Wed Feb 26 2025 Riken Maharjan - 24.3.0-1 +- Auto-upgrade to 24.3.0 - fixes subprocess_call when stdin is bytes +- Add missing runtime dependencies archspec, boltons, menuinst, and conda-package-streaming + * Fri Jun 14 2024 Sam Meluch - 24.1.2-2 - Add pytest and pip install archspec to fix package tests diff --git a/SPECS/containerd/CVE-2025-27144.patch b/SPECS/containerd/CVE-2025-27144.patch new file mode 100644 index 0000000000..6015ed48ca --- /dev/null +++ b/SPECS/containerd/CVE-2025-27144.patch @@ -0,0 +1,50 @@ +From fa324fa38481f9d2da9109cb5983326f62ff7507 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Fri, 28 Feb 2025 07:45:53 +0000 +Subject: [PATCH] CVE-2025-27144 +Upstream Ref: https://github.com/go-jose/go-jose/commit/c9ed84d8f0cfadcfad817150158caca6fcbc518b + +--- + vendor/gopkg.in/square/go-jose.v2/jwe.go | 5 +++-- + vendor/gopkg.in/square/go-jose.v2/jws.go | 5 +++-- + 2 files changed, 6 insertions(+), 4 deletions(-) + +diff --git a/vendor/gopkg.in/square/go-jose.v2/jwe.go b/vendor/gopkg.in/square/go-jose.v2/jwe.go +index b5a6dcd..cd1de9e 100644 +--- a/vendor/gopkg.in/square/go-jose.v2/jwe.go ++++ b/vendor/gopkg.in/square/go-jose.v2/jwe.go +@@ -201,10 +201,11 @@ func (parsed *rawJSONWebEncryption) sanitized() (*JSONWebEncryption, error) { + + // parseEncryptedCompact parses a message in compact format. + func parseEncryptedCompact(input string) (*JSONWebEncryption, error) { +- parts := strings.Split(input, ".") +- if len(parts) != 5 { ++ // Five parts is four separators ++ if strings.Count(input, ".") != 4 { + return nil, fmt.Errorf("square/go-jose: compact JWE format must have five parts") + } ++ parts := strings.SplitN(input, ".", 5) + + rawProtected, err := base64.RawURLEncoding.DecodeString(parts[0]) + if err != nil { +diff --git a/vendor/gopkg.in/square/go-jose.v2/jws.go b/vendor/gopkg.in/square/go-jose.v2/jws.go +index 7e261f9..a8d55fb 100644 +--- a/vendor/gopkg.in/square/go-jose.v2/jws.go ++++ b/vendor/gopkg.in/square/go-jose.v2/jws.go +@@ -275,10 +275,11 @@ func (parsed *rawJSONWebSignature) sanitized() (*JSONWebSignature, error) { + + // parseSignedCompact parses a message in compact format. + func parseSignedCompact(input string, payload []byte) (*JSONWebSignature, error) { +- parts := strings.Split(input, ".") +- if len(parts) != 3 { ++ // Three parts is two separators ++ if strings.Count(input, ".") != 2 { + return nil, fmt.Errorf("square/go-jose: compact JWS format must have three parts") + } ++ parts := strings.SplitN(input, ".", 3) + + if parts[1] != "" && payload != nil { + return nil, fmt.Errorf("square/go-jose: payload is not detached") +-- +2.45.2 + diff --git a/SPECS/containerd/containerd.spec b/SPECS/containerd/containerd.spec index 5cf27b353a..21e98765df 100644 --- a/SPECS/containerd/containerd.spec +++ b/SPECS/containerd/containerd.spec @@ -4,7 +4,7 @@ Summary: Industry-standard container runtime Name: containerd Version: 1.7.13 -Release: 7%{?dist} +Release: 8%{?dist} License: ASL 2.0 Group: Tools/Container URL: https://www.containerd.io @@ -21,6 +21,7 @@ Patch3: CVE-2023-47108.patch Patch4: CVE-2024-24786.patch Patch5: CVE-2024-28180.patch Patch6: CVE-2023-45288.patch +Patch7: CVE-2025-27144.patch %{?systemd_requires} @@ -90,8 +91,15 @@ fi %dir /opt/containerd/lib %changelog +* Fri Apr 28 2025 Ranjan Dutta - 1.7.13-8 +- merge from Azure Linux 3.0.20250423. +- Fix CVE-2025-27144 + * Fri Mar 21 2025 Anuj Mittal - 1.7.13-7 -- Bump Release to rebuild +- Bump release to rebuild + +* Fri Mar 21 2025 Dallas Delaney - 1.7.13-7 +- Fix CVE-2025-27144 * Fri Feb 14 2025 Kanishk Bansal - 1.7.13-6 - Fix CVE-2024-28180, CVE-2023-45288 diff --git a/SPECS/containerd2/CVE-2025-27144.patch b/SPECS/containerd2/CVE-2025-27144.patch new file mode 100644 index 0000000000..734158a6a8 --- /dev/null +++ b/SPECS/containerd2/CVE-2025-27144.patch @@ -0,0 +1,49 @@ +From fa324fa38481f9d2da9109cb5983326f62ff7507 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Fri, 28 Feb 2025 07:45:53 +0000 +Subject: [PATCH] CVE-2025-27144 +Upstream Ref: https://github.com/go-jose/go-jose/commit/c9ed84d8f0cfadcfad817150158caca6fcbc518b + +--- + vendor/github.com/go-jose/go-jose/v4/jwe.go | 5 +++-- + vendor/github.com/go-jose/go-jose/v4/jws.go | 5 +++-- + 2 files changed, 6 insertions(+), 4 deletions(-) + +diff --git a/vendor/github.com/go-jose/go-jose/v4/jwe.go b/vendor/github.com/go-jose/go-jose/v4/jwe.go +index 89f03ee..9f1322d 100644 +--- a/vendor/github.com/go-jose/go-jose/v4/jwe.go ++++ b/vendor/github.com/go-jose/go-jose/v4/jwe.go +@@ -288,10 +288,11 @@ func ParseEncryptedCompact( + keyAlgorithms []KeyAlgorithm, + contentEncryption []ContentEncryption, + ) (*JSONWebEncryption, error) { +- parts := strings.Split(input, ".") +- if len(parts) != 5 { ++ // Five parts is four separators ++ if strings.Count(input, ".") != 4 { + return nil, fmt.Errorf("go-jose/go-jose: compact JWE format must have five parts") + } ++ parts := strings.SplitN(input, ".", 5) + + rawProtected, err := base64.RawURLEncoding.DecodeString(parts[0]) + if err != nil { +diff --git a/vendor/github.com/go-jose/go-jose/v4/jws.go b/vendor/github.com/go-jose/go-jose/v4/jws.go +index 3a91230..d09d8ba 100644 +--- a/vendor/github.com/go-jose/go-jose/v4/jws.go ++++ b/vendor/github.com/go-jose/go-jose/v4/jws.go +@@ -327,10 +327,11 @@ func parseSignedCompact( + payload []byte, + signatureAlgorithms []SignatureAlgorithm, + ) (*JSONWebSignature, error) { +- parts := strings.Split(input, ".") +- if len(parts) != 3 { ++ // Three parts is two separators ++ if strings.Count(input, ".") != 2 { + return nil, fmt.Errorf("go-jose/go-jose: compact JWS format must have three parts") + } ++ parts := strings.SplitN(input, ".", 3) + + if parts[1] != "" && payload != nil { + return nil, fmt.Errorf("go-jose/go-jose: payload is not detached") +-- +2.34.1 diff --git a/SPECS/containerd2/containerd2.spec b/SPECS/containerd2/containerd2.spec index 745b447f74..21b9106da6 100644 --- a/SPECS/containerd2/containerd2.spec +++ b/SPECS/containerd2/containerd2.spec @@ -5,7 +5,7 @@ Summary: Industry-standard container runtime Name: %{upstream_name}2 Version: 2.0.0 -Release: 5%{?dist} +Release: 6%{?dist} License: ASL 2.0 Group: Tools/Container URL: https://www.containerd.io @@ -18,6 +18,7 @@ Source2: containerd.toml # Added patch to support tardev-snapshotter for Kata CC Patch0: CVE-2024-45338.patch Patch1: add-tardev-support.patch +Patch2: CVE-2025-27144.patch %{?systemd_requires} BuildRequires: golang @@ -27,6 +28,14 @@ BuildRequires: systemd-rpm-macros Requires: runc >= 1.2.2 +# This package replaces the old name of containerd +Provides: containerd = %{version}-%{release} +Obsoletes: containerd < %{version}-%{release} + +# This package replaces the old name of moby-containerd +Provides: moby-containerd = %{version}-%{release} +Obsoletes: moby-containerd < %{version}-%{release} + %description containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux @@ -81,6 +90,11 @@ fi %dir /opt/containerd/lib %changelog +* Fri Apr 28 2025 Ranjan Dutta - 2.0.0-6 +- merge from Azure Linux 3.0.20250423. +- Fix CVE-2025-27144 +- Add "Provides/Obsoletes:" to shift all installs of containerd and moby-containerd to containerd2 + * Fri Mar 21 2025 Anuj Mittal - 2.0.0-5 - Bump Release to rebuild diff --git a/SPECS/coredns/CVE-2025-29786.patch b/SPECS/coredns/CVE-2025-29786.patch new file mode 100644 index 0000000000..43afca11fd --- /dev/null +++ b/SPECS/coredns/CVE-2025-29786.patch @@ -0,0 +1,635 @@ +From 387fc2ebedb3b5f54f9494c95506e6163f6f7af5 Mon Sep 17 00:00:00 2001 +From: Kshitiz Godara +Date: Mon, 24 Mar 2025 13:30:36 +0000 +Subject: [PATCH] Fix for CVE-2025-29786 + +Upstream source reference: +https://github.com/expr-lang/expr/pull/762 + +Signed-off-by: Kshitiz Godara +--- + .../github.com/expr-lang/expr/conf/config.go | 52 ++-- + .../expr-lang/expr/parser/parser.go | 228 +++++++++++++----- + vendor/github.com/expr-lang/expr/vm/utils.go | 3 - + vendor/github.com/expr-lang/expr/vm/vm.go | 23 +- + 4 files changed, 213 insertions(+), 93 deletions(-) + +diff --git a/vendor/github.com/expr-lang/expr/conf/config.go b/vendor/github.com/expr-lang/expr/conf/config.go +index 01a407a..2312984 100644 +--- a/vendor/github.com/expr-lang/expr/conf/config.go ++++ b/vendor/github.com/expr-lang/expr/conf/config.go +@@ -9,34 +9,46 @@ import ( + "github.com/expr-lang/expr/vm/runtime" + ) + ++const ( ++ // DefaultMemoryBudget represents an upper limit of memory usage ++ DefaultMemoryBudget uint = 1e6 ++ ++ // DefaultMaxNodes represents an upper limit of AST nodes ++ DefaultMaxNodes uint = 10000 ++) ++ + type FunctionsTable map[string]*builtin.Function + + type Config struct { +- Env any +- Types TypesTable +- MapEnv bool +- DefaultType reflect.Type +- Expect reflect.Kind +- ExpectAny bool +- Optimize bool +- Strict bool +- Profile bool +- ConstFns map[string]reflect.Value +- Visitors []ast.Visitor +- Functions FunctionsTable +- Builtins FunctionsTable +- Disabled map[string]bool // disabled builtins ++ Env any ++ Types TypesTable ++ MapEnv bool ++ DefaultType reflect.Type ++ Expect reflect.Kind ++ ExpectAny bool ++ Optimize bool ++ Strict bool ++ Profile bool ++ MaxNodes uint ++ MemoryBudget uint ++ ConstFns map[string]reflect.Value ++ Visitors []ast.Visitor ++ Functions FunctionsTable ++ Builtins FunctionsTable ++ Disabled map[string]bool // disabled builtins + } + + // CreateNew creates new config with default values. + func CreateNew() *Config { + c := &Config{ +- Optimize: true, +- Types: make(TypesTable), +- ConstFns: make(map[string]reflect.Value), +- Functions: make(map[string]*builtin.Function), +- Builtins: make(map[string]*builtin.Function), +- Disabled: make(map[string]bool), ++ Optimize: true, ++ Types: make(TypesTable), ++ MaxNodes: DefaultMaxNodes, ++ MemoryBudget: DefaultMemoryBudget, ++ ConstFns: make(map[string]reflect.Value), ++ Functions: make(map[string]*builtin.Function), ++ Builtins: make(map[string]*builtin.Function), ++ Disabled: make(map[string]bool), + } + for _, f := range builtin.Builtins { + c.Builtins[f.Name] = f +diff --git a/vendor/github.com/expr-lang/expr/parser/parser.go b/vendor/github.com/expr-lang/expr/parser/parser.go +index 6d96561..a75557c 100644 +--- a/vendor/github.com/expr-lang/expr/parser/parser.go ++++ b/vendor/github.com/expr-lang/expr/parser/parser.go +@@ -45,12 +45,47 @@ var predicates = map[string]struct { + } + + type parser struct { +- tokens []Token +- current Token +- pos int +- err *file.Error +- depth int // closure call depth +- config *conf.Config ++ tokens []Token ++ current Token ++ pos int ++ err *file.Error ++ depth int // closure call depth ++ config *conf.Config ++ nodeCount uint // tracks number of AST nodes created ++} ++ ++// checkNodeLimit verifies that adding a new node won't exceed configured limits ++func (p *parser) checkNodeLimit() error { ++ p.nodeCount++ ++ if p.config.MaxNodes > 0 && p.nodeCount > p.config.MaxNodes { ++ p.error("compilation failed: expression exceeds maximum allowed nodes") ++ return nil ++ } ++ return nil ++} ++ ++// createNode handles creation of regular nodes ++func (p *parser) createNode(n Node, loc file.Location) Node { ++ if err := p.checkNodeLimit(); err != nil { ++ return nil ++ } ++ if n == nil || p.err != nil { ++ return nil ++ } ++ n.SetLocation(loc) ++ return n ++} ++ ++// createMemberNode handles creation of member nodes ++func (p *parser) createMemberNode(n *MemberNode, loc file.Location) *MemberNode { ++ if err := p.checkNodeLimit(); err != nil { ++ return nil ++ } ++ if n == nil || p.err != nil { ++ return nil ++ } ++ n.SetLocation(loc) ++ return n + } + + type Tree struct { +@@ -127,6 +162,10 @@ func (p *parser) expect(kind Kind, values ...string) { + // parse functions + + func (p *parser) parseExpression(precedence int) Node { ++ if p.err != nil { ++ return nil ++ } ++ + if precedence == 0 && p.current.Is(Operator, "let") { + return p.parseVariableDeclaration() + } +@@ -185,19 +224,23 @@ func (p *parser) parseExpression(precedence int) Node { + nodeRight = p.parseExpression(op.Precedence) + } + +- nodeLeft = &BinaryNode{ ++ nodeLeft = p.createNode(&BinaryNode{ + Operator: opToken.Value, + Left: nodeLeft, + Right: nodeRight, ++ }, opToken.Location) ++ if nodeLeft == nil { ++ return nil + } +- nodeLeft.SetLocation(opToken.Location) + + if negate { +- nodeLeft = &UnaryNode{ ++ nodeLeft = p.createNode(&UnaryNode{ + Operator: "not", + Node: nodeLeft, ++ }, notToken.Location) ++ if nodeLeft == nil { ++ return nil + } +- nodeLeft.SetLocation(notToken.Location) + } + + goto next +@@ -224,13 +267,11 @@ func (p *parser) parseVariableDeclaration() Node { + value := p.parseExpression(0) + p.expect(Operator, ";") + node := p.parseExpression(0) +- let := &VariableDeclaratorNode{ ++ return p.createNode(&VariableDeclaratorNode{ + Name: variableName.Value, + Value: value, + Expr: node, +- } +- let.SetLocation(variableName.Location) +- return let ++ }, variableName.Location) + } + + func (p *parser) parseConditional(node Node) Node { +@@ -248,10 +289,13 @@ func (p *parser) parseConditional(node Node) Node { + expr2 = p.parseExpression(0) + } + +- node = &ConditionalNode{ ++ node = p.createNode(&ConditionalNode{ + Cond: node, + Exp1: expr1, + Exp2: expr2, ++ }, p.current.Location) ++ if node == nil { ++ return nil + } + } + return node +@@ -264,11 +308,13 @@ func (p *parser) parsePrimary() Node { + if op, ok := operator.Unary[token.Value]; ok { + p.next() + expr := p.parseExpression(op.Precedence) +- node := &UnaryNode{ ++ node := p.createNode(&UnaryNode{ + Operator: token.Value, + Node: expr, ++ }, token.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(token.Location) + return p.parsePostfixExpression(node) + } + } +@@ -290,8 +336,10 @@ func (p *parser) parsePrimary() Node { + p.next() + } + } +- node := &PointerNode{Name: name} +- node.SetLocation(token.Location) ++ node := p.createNode(&PointerNode{Name: name}, token.Location) ++ if node == nil { ++ return nil ++ } + return p.parsePostfixExpression(node) + } + } else { +@@ -320,23 +368,31 @@ func (p *parser) parseSecondary() Node { + p.next() + switch token.Value { + case "true": +- node := &BoolNode{Value: true} +- node.SetLocation(token.Location) ++ node = p.createNode(&BoolNode{Value: true}, token.Location) ++ if node == nil { ++ return nil ++ } + return node + case "false": +- node := &BoolNode{Value: false} +- node.SetLocation(token.Location) ++ node = p.createNode(&BoolNode{Value: false}, token.Location) ++ if node == nil { ++ return nil ++ } + return node + case "nil": +- node := &NilNode{} +- node.SetLocation(token.Location) ++ node = p.createNode(&NilNode{}, token.Location) ++ if node == nil { ++ return nil ++ } + return node + default: + if p.current.Is(Bracket, "(") { + node = p.parseCall(token, []Node{}, true) + } else { +- node = &IdentifierNode{Value: token.Value} +- node.SetLocation(token.Location) ++ node = p.createNode(&IdentifierNode{Value: token.Value}, token.Location) ++ if node == nil { ++ return nil ++ } + } + } + +@@ -383,8 +439,10 @@ func (p *parser) parseSecondary() Node { + return node + case String: + p.next() +- node = &StringNode{Value: token.Value} +- node.SetLocation(token.Location) ++ node = p.createNode(&StringNode{Value: token.Value}, token.Location) ++ if node == nil { ++ return nil ++ } + + default: + if token.Is(Bracket, "[") { +@@ -404,7 +462,7 @@ func (p *parser) toIntegerNode(number int64) Node { + p.error("integer literal is too large") + return nil + } +- return &IntegerNode{Value: int(number)} ++ return p.createNode(&IntegerNode{Value: int(number)}, p.current.Location) + } + + func (p *parser) toFloatNode(number float64) Node { +@@ -412,7 +470,7 @@ func (p *parser) toFloatNode(number float64) Node { + p.error("float literal is too large") + return nil + } +- return &FloatNode{Value: number} ++ return p.createNode(&FloatNode{Value: number}, p.current.Location) + } + + func (p *parser) parseCall(token Token, arguments []Node, checkOverrides bool) Node { +@@ -454,25 +512,34 @@ func (p *parser) parseCall(token Token, arguments []Node, checkOverrides bool) N + + p.expect(Bracket, ")") + +- node = &BuiltinNode{ ++ node = p.createNode(&BuiltinNode{ + Name: token.Value, + Arguments: arguments, ++ }, token.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(token.Location) + } else if _, ok := builtin.Index[token.Value]; ok && !p.config.Disabled[token.Value] && !isOverridden { +- node = &BuiltinNode{ ++ node = p.createNode(&BuiltinNode{ + Name: token.Value, + Arguments: p.parseArguments(arguments), ++ }, token.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(token.Location) ++ + } else { +- callee := &IdentifierNode{Value: token.Value} +- callee.SetLocation(token.Location) +- node = &CallNode{ ++ callee := p.createNode(&IdentifierNode{Value: token.Value}, token.Location) ++ if callee == nil { ++ return nil ++ } ++ node = p.createNode(&CallNode{ + Callee: callee, + Arguments: p.parseArguments(arguments), ++ }, token.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(token.Location) + } + return node + } +@@ -534,8 +601,10 @@ func (p *parser) parseArrayExpression(token Token) Node { + end: + p.expect(Bracket, "]") + +- node := &ArrayNode{Nodes: nodes} +- node.SetLocation(token.Location) ++ node := p.createNode(&ArrayNode{Nodes: nodes}, token.Location) ++ if node == nil { ++ return nil ++ } + return node + } + +@@ -561,8 +630,10 @@ func (p *parser) parseMapExpression(token Token) Node { + // * identifier, which is equivalent to a string + // * expression, which must be enclosed in parentheses -- (1 + 2) + if p.current.Is(Number) || p.current.Is(String) || p.current.Is(Identifier) { +- key = &StringNode{Value: p.current.Value} +- key.SetLocation(token.Location) ++ key = p.createNode(&StringNode{Value: p.current.Value}, p.current.Location) ++ if key == nil { ++ return nil ++ } + p.next() + } else if p.current.Is(Bracket, "(") { + key = p.parseExpression(0) +@@ -573,16 +644,20 @@ func (p *parser) parseMapExpression(token Token) Node { + p.expect(Operator, ":") + + node := p.parseExpression(0) +- pair := &PairNode{Key: key, Value: node} +- pair.SetLocation(token.Location) ++ pair := p.createNode(&PairNode{Key: key, Value: node}, token.Location) ++ if pair == nil { ++ return nil ++ } + nodes = append(nodes, pair) + } + + end: + p.expect(Bracket, "}") + +- node := &MapNode{Pairs: nodes} +- node.SetLocation(token.Location) ++ node := p.createNode(&MapNode{Pairs: nodes}, token.Location) ++ if node == nil { ++ return nil ++ } + return node + } + +@@ -607,8 +682,10 @@ func (p *parser) parsePostfixExpression(node Node) Node { + p.error("expected name") + } + +- property := &StringNode{Value: propertyToken.Value} +- property.SetLocation(propertyToken.Location) ++ property := p.createNode(&StringNode{Value: propertyToken.Value}, propertyToken.Location) ++ if property == nil { ++ return nil ++ } + + chainNode, isChain := node.(*ChainNode) + optional := postfixToken.Value == "?." +@@ -617,26 +694,33 @@ func (p *parser) parsePostfixExpression(node Node) Node { + node = chainNode.Node + } + +- memberNode := &MemberNode{ ++ memberNode := p.createMemberNode(&MemberNode{ + Node: node, + Property: property, + Optional: optional, ++ }, propertyToken.Location) ++ if memberNode == nil { ++ return nil + } +- memberNode.SetLocation(propertyToken.Location) + + if p.current.Is(Bracket, "(") { + memberNode.Method = true +- node = &CallNode{ ++ node = p.createNode(&CallNode{ + Callee: memberNode, + Arguments: p.parseArguments([]Node{}), ++ }, propertyToken.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(propertyToken.Location) + } else { + node = memberNode + } + + if isChain || optional { +- node = &ChainNode{Node: node} ++ node = p.createNode(&ChainNode{Node: node}, propertyToken.Location) ++ if node == nil { ++ return nil ++ } + } + + } else if postfixToken.Value == "[" { +@@ -650,11 +734,13 @@ func (p *parser) parsePostfixExpression(node Node) Node { + to = p.parseExpression(0) + } + +- node = &SliceNode{ ++ node = p.createNode(&SliceNode{ + Node: node, + To: to, ++ }, postfixToken.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(postfixToken.Location) + p.expect(Bracket, "]") + + } else { +@@ -668,25 +754,32 @@ func (p *parser) parsePostfixExpression(node Node) Node { + to = p.parseExpression(0) + } + +- node = &SliceNode{ ++ node = p.createNode(&SliceNode{ + Node: node, + From: from, + To: to, ++ }, postfixToken.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(postfixToken.Location) + p.expect(Bracket, "]") + + } else { + // Slice operator [:] was not found, + // it should be just an index node. +- node = &MemberNode{ ++ node = p.createNode(&MemberNode{ + Node: node, + Property: from, + Optional: optional, ++ }, postfixToken.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(postfixToken.Location) + if optional { +- node = &ChainNode{Node: node} ++ node = p.createNode(&ChainNode{Node: node}, postfixToken.Location) ++ if node == nil { ++ return nil ++ } + } + p.expect(Bracket, "]") + } +@@ -698,26 +791,29 @@ func (p *parser) parsePostfixExpression(node Node) Node { + } + return node + } +- + func (p *parser) parseComparison(left Node, token Token, precedence int) Node { + var rootNode Node + for { + comparator := p.parseExpression(precedence + 1) +- cmpNode := &BinaryNode{ ++ cmpNode := p.createNode(&BinaryNode{ + Operator: token.Value, + Left: left, + Right: comparator, ++ }, token.Location) ++ if cmpNode == nil { ++ return nil + } +- cmpNode.SetLocation(token.Location) + if rootNode == nil { + rootNode = cmpNode + } else { +- rootNode = &BinaryNode{ ++ rootNode = p.createNode(&BinaryNode{ + Operator: "&&", + Left: rootNode, + Right: cmpNode, ++ }, token.Location) ++ if rootNode == nil { ++ return nil + } +- rootNode.SetLocation(token.Location) + } + + left = comparator +diff --git a/vendor/github.com/expr-lang/expr/vm/utils.go b/vendor/github.com/expr-lang/expr/vm/utils.go +index fc2f5e7..1100513 100644 +--- a/vendor/github.com/expr-lang/expr/vm/utils.go ++++ b/vendor/github.com/expr-lang/expr/vm/utils.go +@@ -11,9 +11,6 @@ type ( + ) + + var ( +- // MemoryBudget represents an upper limit of memory usage. +- MemoryBudget uint = 1e6 +- + errorType = reflect.TypeOf((*error)(nil)).Elem() + ) + +diff --git a/vendor/github.com/expr-lang/expr/vm/vm.go b/vendor/github.com/expr-lang/expr/vm/vm.go +index 7e933ce..b497990 100644 +--- a/vendor/github.com/expr-lang/expr/vm/vm.go ++++ b/vendor/github.com/expr-lang/expr/vm/vm.go +@@ -11,6 +11,7 @@ import ( + "time" + + "github.com/expr-lang/expr/builtin" ++ "github.com/expr-lang/expr/conf" + "github.com/expr-lang/expr/file" + "github.com/expr-lang/expr/internal/deref" + "github.com/expr-lang/expr/vm/runtime" +@@ -20,11 +21,23 @@ func Run(program *Program, env any) (any, error) { + if program == nil { + return nil, fmt.Errorf("program is nil") + } +- + vm := VM{} + return vm.Run(program, env) + } + ++func RunWithConfig(program *Program, env any, config *conf.Config) (any, error) { ++ if program == nil { ++ return nil, fmt.Errorf("program is nil") ++ } ++ if config == nil { ++ return nil, fmt.Errorf("config is nil") ++ } ++ vm := VM{ ++ MemoryBudget: config.MemoryBudget, ++ } ++ return vm.Run(program, env) ++} ++ + func Debug() *VM { + vm := &VM{ + debug: true, +@@ -38,9 +51,9 @@ type VM struct { + Stack []any + Scopes []*Scope + Variables []any ++ MemoryBudget uint + ip int + memory uint +- memoryBudget uint + debug bool + step chan struct{} + curr chan int +@@ -76,7 +89,9 @@ func (vm *VM) Run(program *Program, env any) (_ any, err error) { + vm.Variables = make([]any, program.variables) + } + +- vm.memoryBudget = MemoryBudget ++ if vm.MemoryBudget == 0 { ++ vm.MemoryBudget = conf.DefaultMemoryBudget ++ } + vm.memory = 0 + vm.ip = 0 + +@@ -580,7 +595,7 @@ func (vm *VM) pop() any { + + func (vm *VM) memGrow(size uint) { + vm.memory += size +- if vm.memory >= vm.memoryBudget { ++ if vm.memory >= vm.MemoryBudget { + panic("memory budget exceeded") + } + } +-- +2.48.1.431.g5a526e5e18 + diff --git a/SPECS/coredns/CVE-2025-30204.patch b/SPECS/coredns/CVE-2025-30204.patch new file mode 100644 index 0000000000..b4bfb7aefa --- /dev/null +++ b/SPECS/coredns/CVE-2025-30204.patch @@ -0,0 +1,72 @@ +From 5dc62bf02f675d71ba521c6ae2a502474a0f351b Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Fri, 28 Mar 2025 21:58:44 +0000 +Subject: [PATCH] CVE-2025-30204 + +Upstream Patch Reference : v4: https://github.com/golang-jwt/jwt/commit/2f0e9add62078527821828c76865661aa7718a84 + +--- + vendor/github.com/golang-jwt/jwt/v4/parser.go | 36 +++++++++++++++++++++++--- + 1 file changed, 33 insertions(+), 3 deletions(-) + +diff --git a/vendor/github.com/golang-jwt/jwt/v4/parser.go b/vendor/github.com/golang-jwt/jwt/v4/parser.go +index c0a6f69..8e7e67c 100644 +--- a/vendor/github.com/golang-jwt/jwt/v4/parser.go ++++ b/vendor/github.com/golang-jwt/jwt/v4/parser.go +@@ -7,6 +7,8 @@ import ( + "strings" + ) + ++const tokenDelimiter = "." ++ + type Parser struct { + // If populated, only these methods will be considered valid. + // +@@ -123,9 +125,10 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf + // It's only ever useful in cases where you know the signature is valid (because it has + // been checked previously in the stack) and you want to extract values from it. + func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { +- parts = strings.Split(tokenString, ".") +- if len(parts) != 3 { +- return nil, parts, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) ++ var ok bool ++ parts, ok = splitToken(tokenString) ++ if !ok { ++ return nil, nil, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) + } + + token = &Token{Raw: tokenString} +@@ -175,3 +178,30 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke + + return token, parts, nil + } ++ ++// splitToken splits a token string into three parts: header, claims, and signature. It will only ++// return true if the token contains exactly two delimiters and three parts. In all other cases, it ++// will return nil parts and false. ++func splitToken(token string) ([]string, bool) { ++ parts := make([]string, 3) ++ header, remain, ok := strings.Cut(token, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[0] = header ++ claims, remain, ok := strings.Cut(remain, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[1] = claims ++ // One more cut to ensure the signature is the last part of the token and there are no more ++ // delimiters. This avoids an issue where malicious input could contain additional delimiters ++ // causing unecessary overhead parsing tokens. ++ signature, _, unexpected := strings.Cut(remain, tokenDelimiter) ++ if unexpected { ++ return nil, false ++ } ++ parts[2] = signature ++ ++ return parts, true ++} +-- +2.45.2 + diff --git a/SPECS/coredns/coredns.spec b/SPECS/coredns/coredns.spec index e2201f3072..3fa2016ff9 100644 --- a/SPECS/coredns/coredns.spec +++ b/SPECS/coredns/coredns.spec @@ -6,7 +6,7 @@ Summary: Fast and flexible DNS server Name: coredns Version: 1.11.4 -Release: 4%{?dist} +Release: 5%{?dist} License: Apache License 2.0 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -37,6 +37,8 @@ Patch0: CVE-2025-22868.patch # Patch to fix the package test suite due to external akamai update # https://github.com/coredns/coredns/commit/d8ecde1080e7cbbeb98257ba4e03a271f16b4cd9 Patch1: coredns-example-net-test.patch +Patch2: CVE-2025-29786.patch +Patch3: CVE-2025-30204.patch BuildRequires: golang >= 1.23 @@ -81,6 +83,11 @@ go install github.com/fatih/faillint@latest && \ %{_bindir}/%{name} %changelog +* Fri Apr 28 2025 Ranjan Dutta - 1.11.4-5 +- merge from Azure Linux 3.0.20250423. +- Patch CVE-2025-30204 +- Fix CVE-2025-29786 with an upstream patch + * Fri Mar 21 2025 Anuj Mittal - 1.11.4-4 - Bump Release to rebuild diff --git a/SPECS/dcos-cli/CVE-2025-27144.patch b/SPECS/dcos-cli/CVE-2025-27144.patch new file mode 100644 index 0000000000..6015ed48ca --- /dev/null +++ b/SPECS/dcos-cli/CVE-2025-27144.patch @@ -0,0 +1,50 @@ +From fa324fa38481f9d2da9109cb5983326f62ff7507 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Fri, 28 Feb 2025 07:45:53 +0000 +Subject: [PATCH] CVE-2025-27144 +Upstream Ref: https://github.com/go-jose/go-jose/commit/c9ed84d8f0cfadcfad817150158caca6fcbc518b + +--- + vendor/gopkg.in/square/go-jose.v2/jwe.go | 5 +++-- + vendor/gopkg.in/square/go-jose.v2/jws.go | 5 +++-- + 2 files changed, 6 insertions(+), 4 deletions(-) + +diff --git a/vendor/gopkg.in/square/go-jose.v2/jwe.go b/vendor/gopkg.in/square/go-jose.v2/jwe.go +index b5a6dcd..cd1de9e 100644 +--- a/vendor/gopkg.in/square/go-jose.v2/jwe.go ++++ b/vendor/gopkg.in/square/go-jose.v2/jwe.go +@@ -201,10 +201,11 @@ func (parsed *rawJSONWebEncryption) sanitized() (*JSONWebEncryption, error) { + + // parseEncryptedCompact parses a message in compact format. + func parseEncryptedCompact(input string) (*JSONWebEncryption, error) { +- parts := strings.Split(input, ".") +- if len(parts) != 5 { ++ // Five parts is four separators ++ if strings.Count(input, ".") != 4 { + return nil, fmt.Errorf("square/go-jose: compact JWE format must have five parts") + } ++ parts := strings.SplitN(input, ".", 5) + + rawProtected, err := base64.RawURLEncoding.DecodeString(parts[0]) + if err != nil { +diff --git a/vendor/gopkg.in/square/go-jose.v2/jws.go b/vendor/gopkg.in/square/go-jose.v2/jws.go +index 7e261f9..a8d55fb 100644 +--- a/vendor/gopkg.in/square/go-jose.v2/jws.go ++++ b/vendor/gopkg.in/square/go-jose.v2/jws.go +@@ -275,10 +275,11 @@ func (parsed *rawJSONWebSignature) sanitized() (*JSONWebSignature, error) { + + // parseSignedCompact parses a message in compact format. + func parseSignedCompact(input string, payload []byte) (*JSONWebSignature, error) { +- parts := strings.Split(input, ".") +- if len(parts) != 3 { ++ // Three parts is two separators ++ if strings.Count(input, ".") != 2 { + return nil, fmt.Errorf("square/go-jose: compact JWS format must have three parts") + } ++ parts := strings.SplitN(input, ".", 3) + + if parts[1] != "" && payload != nil { + return nil, fmt.Errorf("square/go-jose: payload is not detached") +-- +2.45.2 + diff --git a/SPECS/dcos-cli/dcos-cli.spec b/SPECS/dcos-cli/dcos-cli.spec index 343e7cfda8..e978ff6b90 100644 --- a/SPECS/dcos-cli/dcos-cli.spec +++ b/SPECS/dcos-cli/dcos-cli.spec @@ -1,7 +1,7 @@ Summary: The command line for DC/OS Name: dcos-cli Version: 1.2.0 -Release: 17%{?dist} +Release: 18%{?dist} License: Apache-2.0 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -10,6 +10,7 @@ URL: https://github.com/dcos/dcos-cli Source0: https://github.com/dcos/dcos-cli/archive/refs/tags/%{version}.tar.gz#/%{name}-%{version}.tar.gz Patch0: CVE-2020-26160.patch Patch1: CVE-2024-28180.patch +Patch2: CVE-2025-27144.patch BuildRequires: golang >= 1.17.1 BuildRequires: git %global debug_package %{nil} @@ -46,8 +47,9 @@ go test -mod=vendor %{_bindir}/dcos %changelog -* Fri Mar 21 2025 Anuj Mittal - 1.2.0-17 -- Bump Release to rebuild +* Fri Apr 28 2025 Ranjan Dutta - 1.2.0-17 +- merge from Azure Linux 3.0.20250423. +- Fix CVE-2025-27144 with an upstream patch * Tue Oct 01 2024 Henry Li - 1.2.0-16 - Add patch to resolve CVE-2024-28180 diff --git a/SPECS/dracut/dracut.spec b/SPECS/dracut/dracut.spec index 032fada5a9..b260e678f6 100644 --- a/SPECS/dracut/dracut.spec +++ b/SPECS/dracut/dracut.spec @@ -4,7 +4,7 @@ Summary: dracut to create initramfs Name: dracut Version: 102 -Release: 11%{?dist} +Release: 12%{?dist} # The entire source code is GPLv2+ # except install/* which is LGPLv2+ License: GPLv2+ AND LGPLv2+ @@ -56,6 +56,16 @@ Patch: 0014-fix-systemd-pcrphase-in-hostonly-mode-do-not-try-to-include Patch: 0015-fix-systemd-pcrphase-make-tpm2-tss-an-optional-dependency.patch Patch: 0016-Handle-SELinux-configuration-for-overlayfs-folders.patch Patch: avoid-mktemp-collisions-with-find-not-path.patch +# fix-dracut-systemd-include-systemd-cryptsetup.patch has been introduced +# by the Azure Linux team to ensure that the systemd-cryptsetup module is included +# in the initramfs when needed. +# In dracut 102, systemd-cryptsetup was split from the crypt module and is no longer +# included by default, causing encrypted volumes in crypttab to be skipped in initrd. +# This patch modifies dracut-systemd to explicitly include systemd-cryptsetup. +# The patch can be removed if Dracut is upgraded to 104+. +# - References: https://github.com/dracut-ng/dracut-ng/pull/262 +# https://github.com/dracut-ng/dracut-ng/commit/e0e5424a7b5e387ccb70e47ffea5a59716bf7b76 +Patch: fix-dracut-systemd-include-systemd-cryptsetup.patch BuildRequires: bash BuildRequires: kmod-devel @@ -327,6 +337,10 @@ ln -srv %{buildroot}%{_bindir}/%{name} %{buildroot}%{_sbindir}/%{name} %dir %{_sharedstatedir}/%{name}/overlay %changelog +* Thu Apr 28 2025 Ranjan Dutta - 102-12 +- merge from Azure Linux tag 3.0.20250423-3.0 +- Add fix for systemd-cryptsetup module to be included in initramfs when needed + * Tue Mar 18 2025 Ranjan Dutta - 102-11 - Bump version for merge AZL tag: 3.0.20250311-3.0 - Update overlayfs selinux handling with the full path of chcon diff --git a/SPECS/dracut/fix-dracut-systemd-include-systemd-cryptsetup.patch b/SPECS/dracut/fix-dracut-systemd-include-systemd-cryptsetup.patch new file mode 100644 index 0000000000..4dfdd60eb4 --- /dev/null +++ b/SPECS/dracut/fix-dracut-systemd-include-systemd-cryptsetup.patch @@ -0,0 +1,33 @@ +From e0e5424a7b5e387ccb70e47ffea5a59716bf7b76 Mon Sep 17 00:00:00 2001 +From: Jo Zzsi +Date: Wed, 28 Aug 2024 23:06:08 -0400 +Subject: [PATCH] fix(dracut-systemd): include systemd-cryptsetup module when + needed + +--- + modules.d/98dracut-systemd/module-setup.sh | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/modules.d/98dracut-systemd/module-setup.sh b/modules.d/98dracut-systemd/module-setup.sh +index 0ea26d425..6b8f42ae3 100755 +--- a/modules.d/98dracut-systemd/module-setup.sh ++++ b/modules.d/98dracut-systemd/module-setup.sh +@@ -12,7 +12,17 @@ check() { + + # called by dracut + depends() { +- echo "systemd-initrd systemd-ask-password" ++ local deps ++ deps="systemd-initrd systemd-ask-password" ++ ++ # when systemd and crypt are both included ++ # systemd-cryptsetup is mandatory dependency ++ # see https://github.com/dracut-ng/dracut-ng/issues/563 ++ if dracut_module_included "crypt"; then ++ deps+=" systemd-cryptsetup" ++ fi ++ ++ echo "$deps" + return 0 + } + diff --git a/SPECS/edk2/CVE-2022-3996.patch b/SPECS/edk2/CVE-2022-3996.patch index 988b387f92..46339f9195 100644 --- a/SPECS/edk2/CVE-2022-3996.patch +++ b/SPECS/edk2/CVE-2022-3996.patch @@ -16,13 +16,13 @@ Reviewed-by: Tomas Mraz (cherry picked from commit 4d0340a6d2f327700a059f0b8f954d6160f8eef5) --- - crypto/x509/pcy_map.c | 4 ---- + CryptoPkg/Library/OpensslLib/openssl/crypto/x509/pcy_map.c | 4 ---- 1 file changed, 4 deletions(-) -diff --git a/crypto/x509/pcy_map.c b/crypto/x509/pcy_map.c +diff --git a/CryptoPkg/Library/OpensslLib/openssl/crypto/x509/pcy_map.c b/CryptoPkg/Library/OpensslLib/openssl/crypto/x509/pcy_map.c index 05406c6493fce..60dfd1e3203b0 100644 ---- a/crypto/x509/pcy_map.c -+++ b/crypto/x509/pcy_map.c +--- a/CryptoPkg/Library/OpensslLib/openssl/crypto/x509/pcy_map.c ++++ b/CryptoPkg/Library/OpensslLib/openssl/crypto/x509/pcy_map.c @@ -73,10 +73,6 @@ int ossl_policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps) ret = 1; @@ -33,4 +33,4 @@ index 05406c6493fce..60dfd1e3203b0 100644 - } sk_POLICY_MAPPING_pop_free(maps, POLICY_MAPPING_free); return ret; - \ No newline at end of file + diff --git a/SPECS/edk2/CVE-2024-6119.patch b/SPECS/edk2/CVE-2024-6119.patch index 144f3874ea..e821f23434 100644 --- a/SPECS/edk2/CVE-2024-6119.patch +++ b/SPECS/edk2/CVE-2024-6119.patch @@ -21,20 +21,20 @@ Reviewed-by: Richard Levitte Reviewed-by: Tomas Mraz (cherry picked from commit 0890cd13d40fbc98f655f3974f466769caa83680) --- - crypto/x509/v3_utl.c | 78 +++++++++++++------ - test/recipes/25-test_eai_data.t | 12 ++- - test/recipes/25-test_eai_data/kdc-cert.pem | 21 +++++ - .../25-test_eai_data/kdc-root-cert.pem | 16 ++++ - test/recipes/25-test_eai_data/kdc.sh | 41 ++++++++++ + CryptoPkg/Library/OpensslLib/openssl/crypto/x509/v3_utl.c | 78 +++++++++++++------ + CryptoPkg/Library/OpensslLib/openssl/test/recipes/25-test_eai_data.t | 12 ++- + CryptoPkg/Library/OpensslLib/openssl/test/recipes/25-test_eai_data/kdc-cert.pem | 21 +++++ + .../25-test_eai_data/kdc-root-cert.pem | 16 ++++ + CryptoPkg/Library/OpensslLib/openssl/test/recipes/25-test_eai_data/kdc.sh | 41 ++++++++++ 5 files changed, 142 insertions(+), 26 deletions(-) create mode 100644 test/recipes/25-test_eai_data/kdc-cert.pem create mode 100644 test/recipes/25-test_eai_data/kdc-root-cert.pem create mode 100755 test/recipes/25-test_eai_data/kdc.sh -diff --git a/crypto/x509/v3_utl.c b/crypto/x509/v3_utl.c +diff --git a/CryptoPkg/Library/OpensslLib/openssl/crypto/x509/v3_utl.c b/CryptoPkg/Library/OpensslLib/openssl/crypto/x509/v3_utl.c index 1a18174995196..a09414c972fa8 100644 ---- a/crypto/x509/v3_utl.c -+++ b/crypto/x509/v3_utl.c +--- a/CryptoPkg/Library/OpensslLib/openssl/crypto/x509/v3_utl.c ++++ b/CryptoPkg/Library/OpensslLib/openssl/crypto/x509/v3_utl.c @@ -916,36 +916,64 @@ static int do_x509_check(X509 *x, const char *chk, size_t chklen, ASN1_STRING *cstr; @@ -125,10 +125,10 @@ index 1a18174995196..a09414c972fa8 100644 /* Positive on success, negative on error! */ if ((rv = do_check_string(cstr, alt_type, equal, flags, chk, chklen, peername)) != 0) -diff --git a/test/recipes/25-test_eai_data.t b/test/recipes/25-test_eai_data.t +diff --git a/CryptoPkg/Library/OpensslLib/openssl/test/recipes/25-test_eai_data.t b/CryptoPkg/Library/OpensslLib/openssl/test/recipes/25-test_eai_data.t index 522982ddfb802..e18735d89aadf 100644 ---- a/test/recipes/25-test_eai_data.t -+++ b/test/recipes/25-test_eai_data.t +--- a/CryptoPkg/Library/OpensslLib/openssl/test/recipes/25-test_eai_data.t ++++ b/CryptoPkg/Library/OpensslLib/openssl/test/recipes/25-test_eai_data.t @@ -21,16 +21,18 @@ setup("test_eai_data"); #./util/wrap.pl apps/openssl verify -nameopt utf8 -no_check_time -CAfile test/recipes/25-test_eai_data/utf8_chain.pem test/recipes/25-test_eai_data/ascii_leaf.pem #./util/wrap.pl apps/openssl verify -nameopt utf8 -no_check_time -CAfile test/recipes/25-test_eai_data/ascii_chain.pem test/recipes/25-test_eai_data/utf8_leaf.pem @@ -168,11 +168,11 @@ index 522982ddfb802..e18735d89aadf 100644 #Check that we get the expected failure return code with({ exit_checker => sub { return shift == 2; } }, sub { -diff --git a/test/recipes/25-test_eai_data/kdc-cert.pem b/test/recipes/25-test_eai_data/kdc-cert.pem +diff --git a/CryptoPkg/Library/OpensslLib/openssl/test/recipes/25-test_eai_data/kdc-cert.pem b/CryptoPkg/Library/OpensslLib/openssl/test/recipes/25-test_eai_data/kdc-cert.pem new file mode 100644 index 0000000000000..e8a2c6f55d459 --- /dev/null -+++ b/test/recipes/25-test_eai_data/kdc-cert.pem ++++ b/CryptoPkg/Library/OpensslLib/openssl/test/recipes/25-test_eai_data/kdc-cert.pem @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDbDCCAlSgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARSb290 @@ -195,11 +195,11 @@ index 0000000000000..e8a2c6f55d459 +0fTCOBEMjIETDsrA70OxAMu4V16nrWZdJdvzblS2qrt97Omkj+2kiPAJFB76RpwI +oDQ9fKfUOAmUFth2/R/eGA== +-----END CERTIFICATE----- -diff --git a/test/recipes/25-test_eai_data/kdc-root-cert.pem b/test/recipes/25-test_eai_data/kdc-root-cert.pem +diff --git a/CryptoPkg/Library/OpensslLib/openssl/test/recipes/25-test_eai_data/kdc-root-cert.pem b/CryptoPkg/Library/OpensslLib/openssl/test/recipes/25-test_eai_data/kdc-root-cert.pem new file mode 100644 index 0000000000000..a74c96bf31469 --- /dev/null -+++ b/test/recipes/25-test_eai_data/kdc-root-cert.pem ++++ b/CryptoPkg/Library/OpensslLib/openssl/test/recipes/25-test_eai_data/kdc-root-cert.pem @@ -0,0 +1,16 @@ +-----BEGIN CERTIFICATE----- +MIICnDCCAYQCCQCBswYcrlZSHjANBgkqhkiG9w0BAQsFADAPMQ0wCwYDVQQDDARS @@ -217,11 +217,11 @@ index 0000000000000..a74c96bf31469 +7rFGM5AOevb4U8ddop8A3D/kX0wcCAIBF6jCNk3uEJ57jVcagL04kPnVfdRiedTS +vfq1DRNcD29d1H/9u0fHdSn1/+8Ep3X+afQ3C6//5NvOEaXcIGO4QSwkprQydfv8 +-----END CERTIFICATE----- -diff --git a/test/recipes/25-test_eai_data/kdc.sh b/test/recipes/25-test_eai_data/kdc.sh +diff --git a/CryptoPkg/Library/OpensslLib/openssl/test/recipes/25-test_eai_data/kdc.sh b/CryptoPkg/Library/OpensslLib/openssl/test/recipes/25-test_eai_data/kdc.sh new file mode 100755 index 0000000000000..7a8dbc719fb71 --- /dev/null -+++ b/test/recipes/25-test_eai_data/kdc.sh ++++ b/CryptoPkg/Library/OpensslLib/openssl/test/recipes/25-test_eai_data/kdc.sh @@ -0,0 +1,41 @@ +#! /usr/bin/env bash + diff --git a/SPECS/edk2/edk2.spec b/SPECS/edk2/edk2.spec index 0fb80eadbb..2c8498fb1a 100644 --- a/SPECS/edk2/edk2.spec +++ b/SPECS/edk2/edk2.spec @@ -55,7 +55,7 @@ ExclusiveArch: x86_64 Name: edk2 Version: %{GITDATE}git%{GITCOMMIT} -Release: 4%{?dist} +Release: 5%{?dist} Summary: UEFI firmware for 64-bit virtual machines License: Apache-2.0 AND (BSD-2-Clause OR GPL-2.0-or-later) AND BSD-2-Clause-Patent AND BSD-3-Clause AND BSD-4-Clause AND ISC AND MIT AND LicenseRef-Fedora-Public-Domain URL: http://www.tianocore.org @@ -129,8 +129,11 @@ Patch0017: 0017-silence-.-has-a-LOAD-segment-with-RWX-permissions-wa.patch %endif Patch0018: 0018-NetworkPkg-TcpDxe-Fixed-system-stuck-on-PXE-boot-flo.patch Patch0019: 0019-NetworkPkg-DxeNetLib-adjust-PseudoRandom-error-loggi.patch + +# Patches for the vendored OpenSSL are in the range from 1000 to 1999 (inclusive). Patch1000: CVE-2022-3996.patch Patch1001: CVE-2024-6119.patch +Patch1002: vendored-openssl-1.1.1-Only-free-the-read-buffers-if-we-re-not-using-them.patch # python3-devel and libuuid-devel are required for building tools. # python3-devel is also needed for varstore template generation and @@ -338,11 +341,17 @@ git config am.keepcr true # -M Apply patches up to 999 %autopatch -M 999 +# Unpack the vendored OpenSSL tarball. This tarball has a '.git' directory +# which will confuse the git repo we unpack it into, so exclude that. +# Then add it to the git index so that we can use autopatch, which +# uses git am since we set it up that way initially. +# Only apply patches between 1000 and 1999 (inclusive). +tar -C CryptoPkg/Library/OpensslLib -a -f %{SOURCE2} -x --exclude '.git' +git add . +git commit -m 'add vendored openssl' +%autopatch -p1 -m 1000 -M 1999 + cp -a -- %{SOURCE1} . -tar -C CryptoPkg/Library/OpensslLib -a -f %{SOURCE2} -x -# Need to patch CVE-2022-3996 in the bundled openssl -(cd CryptoPkg/Library/OpensslLib/openssl && patch -p1 ) < %{PATCH1000} -(cd CryptoPkg/Library/OpensslLib/openssl && patch -p1 ) < %{PATCH1001} # extract softfloat into place tar -xf %{SOURCE3} --strip-components=1 --directory ArmPkg/Library/ArmSoftFloatLib/berkeley-softfloat-3/ @@ -786,6 +795,9 @@ done /boot/efi/HvLoader.efi %changelog +* Tue Mar 25 2025 Tobias Brick - 20240524git3e722403cd16-5 +- Patch vendored openssl to only free read buffers if not in use. + * Wed Sep 25 2024 Cameron Baird - 20240524git3e722403cd16-4 - Package license for edk2-hvloader diff --git a/SPECS/edk2/vendored-openssl-1.1.1-Only-free-the-read-buffers-if-we-re-not-using-them.patch b/SPECS/edk2/vendored-openssl-1.1.1-Only-free-the-read-buffers-if-we-re-not-using-them.patch new file mode 100644 index 0000000000..d64fc4ffc7 --- /dev/null +++ b/SPECS/edk2/vendored-openssl-1.1.1-Only-free-the-read-buffers-if-we-re-not-using-them.patch @@ -0,0 +1,67 @@ +From f7a045f3143fc6da2ee66bf52d8df04829590dd4 Mon Sep 17 00:00:00 2001 +From: Watson Ladd +Date: Wed, 24 Apr 2024 11:26:56 +0100 +Subject: [PATCH] Only free the read buffers if we're not using them + +If we're part way through processing a record, or the application has +not released all the records then we should not free our buffer because +they are still needed. + +Reviewed-by: Tomas Mraz +Reviewed-by: Neil Horman +Reviewed-by: Matt Caswell +--- + CryptoPkg/Library/OpensslLib/openssl/ssl/record/rec_layer_s3.c | 9 +++++++++ + CryptoPkg/Library/OpensslLib/openssl/ssl/record/record.h | 1 + + CryptoPkg/Library/OpensslLib/openssl/ssl/ssl_lib.c | 3 +++ + 3 files changed, 13 insertions(+) + +diff --git a/CryptoPkg/Library/OpensslLib/openssl/ssl/record/rec_layer_s3.c b/CryptoPkg/Library/OpensslLib/openssl/ssl/record/rec_layer_s3.c +index 1db1712a0..525c3abf4 100644 +--- a/CryptoPkg/Library/OpensslLib/openssl/ssl/record/rec_layer_s3.c ++++ b/CryptoPkg/Library/OpensslLib/openssl/ssl/record/rec_layer_s3.c +@@ -81,6 +81,15 @@ int RECORD_LAYER_read_pending(const RECORD_LAYER *rl) + return SSL3_BUFFER_get_left(&rl->rbuf) != 0; + } + ++int RECORD_LAYER_data_present(const RECORD_LAYER *rl) ++{ ++ if (rl->rstate == SSL_ST_READ_BODY) ++ return 1; ++ if (RECORD_LAYER_processed_read_pending(rl)) ++ return 1; ++ return 0; ++} ++ + /* Checks if we have decrypted unread record data pending */ + int RECORD_LAYER_processed_read_pending(const RECORD_LAYER *rl) + { +diff --git a/CryptoPkg/Library/OpensslLib/openssl/ssl/record/record.h b/CryptoPkg/Library/OpensslLib/openssl/ssl/record/record.h +index af56206e0..513ab3988 100644 +--- a/CryptoPkg/Library/OpensslLib/openssl/ssl/record/record.h ++++ b/CryptoPkg/Library/OpensslLib/openssl/ssl/record/record.h +@@ -197,6 +197,7 @@ void RECORD_LAYER_release(RECORD_LAYER *rl); + int RECORD_LAYER_read_pending(const RECORD_LAYER *rl); + int RECORD_LAYER_processed_read_pending(const RECORD_LAYER *rl); + int RECORD_LAYER_write_pending(const RECORD_LAYER *rl); ++int RECORD_LAYER_data_present(const RECORD_LAYER *rl); + void RECORD_LAYER_reset_read_sequence(RECORD_LAYER *rl); + void RECORD_LAYER_reset_write_sequence(RECORD_LAYER *rl); + int RECORD_LAYER_is_sslv2_record(RECORD_LAYER *rl); +diff --git a/CryptoPkg/Library/OpensslLib/openssl/ssl/ssl_lib.c b/CryptoPkg/Library/OpensslLib/openssl/ssl/ssl_lib.c +index c01ad8291..356d65cb6 100644 +--- a/CryptoPkg/Library/OpensslLib/openssl/ssl/ssl_lib.c ++++ b/CryptoPkg/Library/OpensslLib/openssl/ssl/ssl_lib.c +@@ -5248,6 +5248,9 @@ int SSL_free_buffers(SSL *ssl) + if (RECORD_LAYER_read_pending(rl) || RECORD_LAYER_write_pending(rl)) + return 0; + ++ if (RECORD_LAYER_data_present(rl)) ++ return 0; ++ + RECORD_LAYER_release(rl); + return 1; + } +-- +2.33.8 + diff --git a/SPECS/emacs/CVE-2024-53920.patch b/SPECS/emacs/CVE-2024-53920.patch new file mode 100644 index 0000000000..887b380dda --- /dev/null +++ b/SPECS/emacs/CVE-2024-53920.patch @@ -0,0 +1,137 @@ +diff --git a/lisp/files.el b/lisp/files.el +index 5536af0..5e0d44d 100644 +--- a/lisp/files.el ++++ b/lisp/files.el +@@ -702,6 +702,54 @@ buffer contents as untrusted. + + This variable might be subject to change without notice.") + (put 'untrusted-content 'permanent-local t) ++(defcustom trusted-files nil ++ "List of files and directories whose content we trust. ++Be extra careful here since trusting means that Emacs might execute the ++code contained within those files and directories without an explicit ++request by the user. ++One important case when this might happen is when `flymake-mode' is ++enabled (for example, when it is added to a mode hook). ++Each element of the list should be a string: ++- If it ends in \"/\", it is considered as a directory name and means that ++ Emacs should trust all the files whose name has this directory as a prefix. ++- else it is considered as a file name. ++Use abbreviated file names. For example, an entry \"~/mycode\" means ++that Emacs will trust all the files in your directory \"mycode\". ++This variable can also be set to `:all', in which case Emacs will trust ++all files, which opens a gaping security hole." ++ :type '(choice (repeat :tag "List" file) ++ (const :tag "Trust everything (DANGEROUS!)" :all)) ++ :version "30.1") ++(put 'trusted-files 'risky-local-variable t) ++ ++(defun trusted-content-p () ++ "Return non-nil if we trust the contents of the current buffer. ++Here, \"trust\" means that we are willing to run code found inside of it. ++See also `trusted-files'." ++ ;; We compare with `buffer-file-truename' i.s.o `buffer-file-name' ++ ;; to try and avoid marking as trusted a file that's merely accessed ++ ;; via a symlink that happens to be inside a trusted dir. ++ (and (not untrusted-content) ++ buffer-file-truename ++ (with-demoted-errors "trusted-content-p: %S" ++ (let ((exists (file-exists-p buffer-file-truename))) ++ (or ++ (eq trusted-files :all) ++ ;; We can't avoid trusting the user's init file. ++ (if (and exists user-init-file) ++ (file-equal-p buffer-file-truename user-init-file) ++ (equal buffer-file-truename user-init-file)) ++ (let ((file (abbreviate-file-name buffer-file-truename)) ++ (trusted nil)) ++ (dolist (tf trusted-files) ++ (when (or (if exists (file-equal-p tf file) (equal tf file)) ++ ;; We don't use `file-in-directory-p' here, because ++ ;; we want to err on the conservative side: "guilty ++ ;; until proven innocent". ++ (and (string-suffix-p "/" tf) ++ (string-prefix-p tf file))) ++ (setq trusted t))) ++ trusted)))))) + + ;; This is an odd variable IMO. + ;; You might wonder why it is needed, when we could just do: +diff --git a/lisp/progmodes/elisp-mode.el b/lisp/progmodes/elisp-mode.el +index 7436fe7..230992f 100644 +--- a/lisp/progmodes/elisp-mode.el ++++ b/lisp/progmodes/elisp-mode.el +@@ -430,6 +430,34 @@ be used instead. + + (defvar warning-minimum-log-level) + ++(defvar elisp--macroexpand-untrusted-warning t) ++ ++(defun elisp--safe-macroexpand-all (sexp) ++ (if (not (trusted-content-p)) ++ ;; FIXME: We should try and do better here, either using a notion ++ ;; of "safe" macros, or with `bwrap', or ... ++ (progn ++ (when elisp--macroexpand-untrusted-warning ++ (setq-local elisp--macroexpand-untrusted-warning nil) ;Don't spam! ++ (message "Completion of local vars is disabled in %s (untrusted content)" ++ (buffer-name))) ++ sexp) ++ (let ((macroexpand-advice ++ (lambda (expander form &rest args) ++ (condition-case err ++ (apply expander form args) ++ (error ++ (message "Ignoring macroexpansion error: %S" err) form))))) ++ (unwind-protect ++ ;; Silence any macro expansion errors when ++ ;; attempting completion at point (bug#58148). ++ (let ((inhibit-message t) ++ (macroexp-inhibit-compiler-macros t) ++ (warning-minimum-log-level :emergency)) ++ (advice-add 'macroexpand-1 :around macroexpand-advice) ++ (macroexpand-all sexp elisp--local-macroenv)) ++ (advice-remove 'macroexpand-1 macroexpand-advice))))) ++ + (defun elisp--local-variables () + "Return a list of locally let-bound variables at point." + (save-excursion +@@ -445,22 +473,7 @@ be used instead. + (car (read-from-string + (concat txt "elisp--witness--lisp" closer))) + ((invalid-read-syntax end-of-file) nil))) +- (macroexpand-advice (lambda (expander form &rest args) +- (condition-case nil +- (apply expander form args) +- (error form)))) +- (sexp +- (unwind-protect +- ;; Silence any macro expansion errors when +- ;; attempting completion at point (bug#58148). +- (let ((inhibit-message t) +- (warning-minimum-log-level :emergency)) +- (advice-add 'macroexpand :around macroexpand-advice) +- (condition-case nil +- (macroexpand-all sexp) +- (error sexp))) +- (advice-remove 'macroexpand macroexpand-advice))) +- (vars (elisp--local-variables-1 nil sexp))) ++ (vars (elisp--local-variables-1 nil (elisp--safe-macroexpand-all sexp)))) + (delq nil + (mapcar (lambda (var) + (and (symbolp var) +@@ -2164,6 +2177,14 @@ directory of the buffer being compiled, and nothing else.") + "A Flymake backend for elisp byte compilation. + Spawn an Emacs process that byte-compiles a file representing the + current buffer state and calls REPORT-FN when done." ++ (unless (trusted-content-p) ++ ;; FIXME: Use `bwrap' and friends to compile untrusted content. ++ ;; FIXME: We emit a message *and* signal an error, because by default ++ ;; Flymake doesn't display the warning it puts into "*flmake log*". ++ (message "Disabling elisp-flymake-byte-compile in %s (untrusted content)" ++ (buffer-name)) ++ (error "Disabling elisp-flymake-byte-compile in %s (untrusted content)" ++ (buffer-name))) + (when elisp-flymake--byte-compile-process + (when (process-live-p elisp-flymake--byte-compile-process) + (kill-process elisp-flymake--byte-compile-process))) diff --git a/SPECS/emacs/emacs.spec b/SPECS/emacs/emacs.spec index 12e1dc1bbd..5970ba1e62 100644 --- a/SPECS/emacs/emacs.spec +++ b/SPECS/emacs/emacs.spec @@ -1,7 +1,7 @@ Summary: GNU Emacs text editor Name: emacs Version: 29.4 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv3+ AND CC0-1.0 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -11,6 +11,7 @@ Source0: https://ftp.gnu.org/gnu/%{name}/%{name}-%{version}.tar.xz Source1: site-start.el Source2: default.el Patch0: CVE-2025-1244.patch +Patch1: CVE-2024-53920.patch BuildRequires: gcc BuildRequires: glibc-devel BuildRequires: gnutls-devel @@ -129,6 +130,9 @@ rm -f *-filelist {common,el}-*-files %dir %{_datadir}/emacs/site-lisp/site-start.d %changelog +* Mon Mar 17 2025 Henry Li - 29.4-3 +- Add patch to resolve CVE-2024-53920 + * Sun Feb 16 2025 Kanishk Bansal - 29.4-2 - Apply upstream patch to fix CVE-2025-1244 diff --git a/SPECS/erofs-utils/0001-erofs-utils-mkfs-fragment-gracefully-exit-if-tempora.patch b/SPECS/erofs-utils/0001-erofs-utils-mkfs-fragment-gracefully-exit-if-tempora.patch new file mode 100644 index 0000000000..82cefe9b1d --- /dev/null +++ b/SPECS/erofs-utils/0001-erofs-utils-mkfs-fragment-gracefully-exit-if-tempora.patch @@ -0,0 +1,84 @@ +From bc8ec19a4ed741c9b457387dcba2b647e819b16d Mon Sep 17 00:00:00 2001 +From: Gao Xiang +Date: Wed, 12 Feb 2025 20:36:33 +0800 +Subject: [PATCH 1/7] erofs-utils: mkfs: fragment: gracefully exit if temporary + storage is low + +Currently, EROFS keeps all fragments into a temporary file for later +packed inode compression. However, this could trigger an unexpected +segfault if temporary storage runs low. + +Print a proper error message and gracefully exit. + +Closes: https://github.com/erofs/erofs-utils/issues/13 +Link: https://lore.kernel.org/r/20250212123633.40004-1-hsiangkao@linux.alibaba.com +Signed-off-by: Gao Xiang +--- + include/erofs/internal.h | 3 ++- + lib/fragments.c | 4 ++++ + lib/inode.c | 8 +++----- + 3 files changed, 9 insertions(+), 6 deletions(-) + +diff --git a/include/erofs/internal.h b/include/erofs/internal.h +index 5f5bc10..2f71557 100644 +--- a/include/erofs/internal.h ++++ b/include/erofs/internal.h +@@ -256,7 +256,6 @@ struct erofs_inode { + unsigned int eof_tailrawsize; + + union { +- void *compressmeta; + void *chunkindexes; + struct { + uint16_t z_advise; +@@ -274,6 +273,8 @@ struct erofs_inode { + #define z_idata_size idata_size + }; + }; ++ void *compressmeta; ++ + #ifdef WITH_ANDROID + uint64_t capabilities; + #endif +diff --git a/lib/fragments.c b/lib/fragments.c +index 32ac6f5..9633a2b 100644 +--- a/lib/fragments.c ++++ b/lib/fragments.c +@@ -266,6 +266,10 @@ int z_erofs_pack_file_from_fd(struct erofs_inode *inode, int fd, u32 tofcrc) + else + rc = 0; + out: ++ if (rc) ++ erofs_err("Failed to record %llu-byte fragment data @ %llu for nid %llu: %d", ++ inode->fragment_size | 0ULL, ++ inode->fragmentoff | 0ULL, inode->nid | 0ULL, rc); + if (memblock) + munmap(memblock, inode->i_size); + return rc; +diff --git a/lib/inode.c b/lib/inode.c +index 7f97030..743e915 100644 +--- a/lib/inode.c ++++ b/lib/inode.c +@@ -141,16 +141,14 @@ unsigned int erofs_iput(struct erofs_inode *inode) + free(d); + + free(inode->compressmeta); +- if (inode->eof_tailraw) +- free(inode->eof_tailraw); ++ free(inode->eof_tailraw); + list_del(&inode->i_hash); +- if (inode->i_srcpath) +- free(inode->i_srcpath); ++ free(inode->i_srcpath); + + if (inode->datasource == EROFS_INODE_DATA_SOURCE_DISKBUF) { + erofs_diskbuf_close(inode->i_diskbuf); + free(inode->i_diskbuf); +- } else if (inode->i_link) { ++ } else { + free(inode->i_link); + } + free(inode); +-- +2.48.1 + diff --git a/SPECS/erofs-utils/0002-erofs-utils-mkfs-reduce-default-dict-size-for-LZMA.patch b/SPECS/erofs-utils/0002-erofs-utils-mkfs-reduce-default-dict-size-for-LZMA.patch new file mode 100644 index 0000000000..5f1e71d305 --- /dev/null +++ b/SPECS/erofs-utils/0002-erofs-utils-mkfs-reduce-default-dict-size-for-LZMA.patch @@ -0,0 +1,47 @@ +From d180c898bd0842eaeb54ca0073e6f444bdae8c40 Mon Sep 17 00:00:00 2001 +From: Gao Xiang +Date: Thu, 13 Feb 2025 03:15:45 +0800 +Subject: [PATCH 2/7] erofs-utils: mkfs: reduce default dict size for LZMA + +Change the default dictionary size to 4 times the pcluster size. +This will halve the LZMA internal dictionary size to a maximum of +4MiB per LZMA worker (one worker per CPU in the kernel implementation +unless the module parameter `lzma_streams=` is given.) + +It has a very slight impact on the final image sizes, yet users can +always use `-zlzma,dictsize=` to specify a custom value. + + _________________________________________________________________________ + |______ Testset _____|_______ Vanilla _________|_________ After __________| Command Line + | CoreOS | 741978112 (708 MiB) | 742293504 (708 MiB) | -zlzma,6 -Eall-fragments,fragdedupe=inode -C8192 + | | 687501312 (656 MiB) | 687652864 (656 MiB) | -zlzma,6 -Eall-fragments,fragdedupe=inode -C131072 + |____________________|__ 658485248 (628 MiB) __|__ 658698240 (629 MiB) __| -zlzma,6 -Eall-fragments,fragdedupe=inode -C1048576 + | Fedora KIWI | 2974957568 (2838 MiB) | 2977394688 (2840 MiB) | -zlzma,6 -Eall-fragments,fragdedupe=inode -C8192 + | | 2684272640 (2560 MiB) | 2686750720 (2563 MiB) | -zlzma,6 -Eall-fragments,fragdedupe=inode -C131072 + |____________________|_ 2550800384 (2433 MiB) _|_ 2553278464 (2435 MiB) __| -zlzma,6 -Eall-fragments,fragdedupe=inode -C1048576 + | AOSP system | 432562176 (413 MiB) | 432738304 (413 MiB) | -zlzma,6 -Eall-fragments,fragdedupe=inode -C8192 + | partition | 393277440 (376 MiB) | 393351168 (376 MiB) | -zlzma,6 -Eall-fragments,fragdedupe=inode -C131072 + |____________________|__ 379260928 (362 MiB) __|__ 379285504 (362 MiB) __| -zlzma,6 -Eall-fragments,fragdedupe=inode -C1048576 + +Link: https://lore.kernel.org/r/20250212191545.580768-1-hsiangkao@linux.alibaba.com +Signed-off-by: Gao Xiang +--- + lib/compressor_liblzma.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/compressor_liblzma.c b/lib/compressor_liblzma.c +index d609a28..c4ba585 100644 +--- a/lib/compressor_liblzma.c ++++ b/lib/compressor_liblzma.c +@@ -75,7 +75,7 @@ static int erofs_compressor_liblzma_setdictsize(struct erofs_compress *c, + dict_size = erofs_compressor_lzma.default_dictsize; + } else { + dict_size = min_t(u32, Z_EROFS_LZMA_MAX_DICT_SIZE, +- cfg.c_mkfs_pclustersize_max << 3); ++ cfg.c_mkfs_pclustersize_max << 2); + if (dict_size < 32768) + dict_size = 32768; + } +-- +2.48.1 + diff --git a/SPECS/erofs-utils/0003-erofs-utils-mkfs-add-missing-errno-0-before-strto-u-.patch b/SPECS/erofs-utils/0003-erofs-utils-mkfs-add-missing-errno-0-before-strto-u-.patch new file mode 100644 index 0000000000..242636dbf9 --- /dev/null +++ b/SPECS/erofs-utils/0003-erofs-utils-mkfs-add-missing-errno-0-before-strto-u-.patch @@ -0,0 +1,57 @@ +From 5e05ee09a3bc7331549d8e141dac0ccaf30feda5 Mon Sep 17 00:00:00 2001 +From: Gao Xiang +Date: Fri, 14 Feb 2025 14:24:05 +0800 +Subject: [PATCH 3/7] erofs-utils: mkfs: add missing `errno = 0` before + strto[u]l + +strtoull(3) says: + +``` +Since strtoul() can legitimately return 0 or ULONG_MAX (ULLONG_MAX for +strtoull()) on both success and failure, the calling program should set +errno to 0 before the call, and then determine if an error occurred by +checking whether errno has a nonzero value after the call. +``` + +Otherwise, `--workers=` could exit with `invalid worker number`. + +Fixes: 7894301e1a80 ("erofs-utils: mkfs: add `--workers=#` parameter") +Fixes: 0132cb5ea7d0 ("erofs-utils: mkfs: add `--zfeature-bits` option") +Fixes: 7550a30c332c ("erofs-utils: enable incremental builds") +Signed-off-by: Gao Xiang +Link: https://lore.kernel.org/r/20250214062407.3281416-1-hsiangkao@linux.alibaba.com +--- + mkfs/main.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/mkfs/main.c b/mkfs/main.c +index 53d330b..b2396d0 100644 +--- a/mkfs/main.c ++++ b/mkfs/main.c +@@ -814,6 +814,7 @@ static int mkfs_parse_options_cfg(int argc, char *argv[]) + case 520: { + unsigned int processors; + ++ errno = 0; + cfg.c_mt_workers = strtoul(optarg, &endptr, 0); + if (errno || *endptr != '\0') { + erofs_err("invalid worker number %s", optarg); +@@ -828,6 +829,7 @@ static int mkfs_parse_options_cfg(int argc, char *argv[]) + } + #endif + case 521: ++ errno = 0; + i = strtol(optarg, &endptr, 0); + if (errno || *endptr != '\0') { + erofs_err("invalid zfeature bits %s", optarg); +@@ -844,6 +846,7 @@ static int mkfs_parse_options_cfg(int argc, char *argv[]) + } else if (!strcmp(optarg, "rvsp")) { + dataimport_mode = EROFS_MKFS_DATA_IMPORT_RVSP; + } else { ++ errno = 0; + dataimport_mode = strtol(optarg, &endptr, 0); + if (errno || *endptr != '\0') { + erofs_err("invalid --%s=%s", +-- +2.48.1 + diff --git a/SPECS/erofs-utils/0004-erofs-utils-lib-get-rid-of-tmpfile.patch b/SPECS/erofs-utils/0004-erofs-utils-lib-get-rid-of-tmpfile.patch new file mode 100644 index 0000000000..dd8ee5fc2c --- /dev/null +++ b/SPECS/erofs-utils/0004-erofs-utils-lib-get-rid-of-tmpfile.patch @@ -0,0 +1,505 @@ +From b6b741d8daafc933ada19c3c5143357f87fb0e53 Mon Sep 17 00:00:00 2001 +From: Gao Xiang +Date: Fri, 14 Feb 2025 14:24:06 +0800 +Subject: [PATCH 4/7] erofs-utils: lib: get rid of tmpfile() + +Currently, `tmpfile()` is problematic: + + - It uses `FILE *` instead of `fd`; + - It may not leverage `$TMPDIR`, see `__gen_tempfd()`: + https://sourceware.org/git?p=glibc.git;a=blob;f=stdio-common/tmpfile.c;hb=glibc-2.41 + +Switch to `erofs_tmpfile()` throughout the codebase. + +Signed-off-by: Gao Xiang +Link: https://lore.kernel.org/r/20250214062407.3281416-2-hsiangkao@linux.alibaba.com +--- + configure.ac | 1 - + include/erofs/fragments.h | 2 +- + include/erofs/io.h | 2 + + lib/blobchunk.c | 44 +++++++++--------- + lib/fragments.c | 94 +++++++++++++++++++-------------------- + lib/io.c | 22 +++++++++ + lib/liberofs_private.h | 2 + + lib/xattr.c | 23 ++++++---- + 8 files changed, 108 insertions(+), 82 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 0a069c5..10aa0bd 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -268,7 +268,6 @@ AC_CHECK_FUNCS(m4_flatten([ + strrchr + strtoull + sysconf +- tmpfile64 + utimensat])) + + # Detect maximum block size if necessary +diff --git a/include/erofs/fragments.h b/include/erofs/fragments.h +index 14a1b4a..ccfdd9b 100644 +--- a/include/erofs/fragments.h ++++ b/include/erofs/fragments.h +@@ -22,7 +22,7 @@ int z_erofs_pack_file_from_fd(struct erofs_inode *inode, int fd, u32 tofcrc); + int z_erofs_pack_fragments(struct erofs_inode *inode, void *data, + unsigned int len, u32 tofcrc); + int erofs_flush_packed_inode(struct erofs_sb_info *sbi); +-FILE *erofs_packedfile(struct erofs_sb_info *sbi); ++int erofs_packedfile(struct erofs_sb_info *sbi); + + int erofs_packedfile_init(struct erofs_sb_info *sbi, bool fragments_mkfs); + void erofs_packedfile_exit(struct erofs_sb_info *sbi); +diff --git a/include/erofs/io.h b/include/erofs/io.h +index d9b33d2..3179ea1 100644 +--- a/include/erofs/io.h ++++ b/include/erofs/io.h +@@ -49,6 +49,8 @@ struct erofs_vfile { + }; + }; + ++ssize_t __erofs_io_write(int fd, const void *buf, size_t len); ++ + int erofs_io_fstat(struct erofs_vfile *vf, struct stat *buf); + ssize_t erofs_io_pwrite(struct erofs_vfile *vf, const void *buf, u64 pos, size_t len); + int erofs_io_fsync(struct erofs_vfile *vf); +diff --git a/lib/blobchunk.c b/lib/blobchunk.c +index 119dd82..abbcba4 100644 +--- a/lib/blobchunk.c ++++ b/lib/blobchunk.c +@@ -9,6 +9,7 @@ + #include "erofs/blobchunk.h" + #include "erofs/block_list.h" + #include "erofs/cache.h" ++#include "liberofs_private.h" + #include "sha256.h" + #include + +@@ -27,7 +28,7 @@ struct erofs_blobchunk { + }; + + static struct hashmap blob_hashmap; +-static FILE *blobfile; ++static int blobfile = -1; + static erofs_blk_t remapped_base; + static erofs_off_t datablob_size; + static bool multidev; +@@ -86,7 +87,7 @@ static struct erofs_blobchunk *erofs_blob_getchunk(struct erofs_sb_info *sbi, + + chunk->chunksize = chunksize; + memcpy(chunk->sha256, sha256, sizeof(sha256)); +- blkpos = ftell(blobfile); ++ blkpos = lseek(blobfile, 0, SEEK_CUR); + DBG_BUGON(erofs_blkoff(sbi, blkpos)); + + if (sbi->extra_devices) +@@ -97,18 +98,22 @@ static struct erofs_blobchunk *erofs_blob_getchunk(struct erofs_sb_info *sbi, + + erofs_dbg("Writing chunk (%llu bytes) to %u", chunksize | 0ULL, + chunk->blkaddr); +- ret = fwrite(buf, chunksize, 1, blobfile); +- if (ret == 1) { ++ ret = __erofs_io_write(blobfile, buf, chunksize); ++ if (ret == chunksize) { + padding = erofs_blkoff(sbi, chunksize); + if (padding) { + padding = erofs_blksiz(sbi) - padding; +- ret = fwrite(zeroed, padding, 1, blobfile); ++ ret = __erofs_io_write(blobfile, zeroed, padding); ++ if (ret > 0 && ret != padding) ++ ret = -EIO; + } ++ } else if (ret >= 0) { ++ ret = -EIO; + } + +- if (ret < 1) { ++ if (ret < 0) { + free(chunk); +- return ERR_PTR(-ENOSPC); ++ return ERR_PTR(ret); + } + + hashmap_entry_init(&chunk->ent, hash); +@@ -488,9 +493,8 @@ int erofs_mkfs_dump_blobs(struct erofs_sb_info *sbi) + ssize_t length, ret; + u64 pos_in, pos_out; + +- if (blobfile) { +- fflush(blobfile); +- length = ftell(blobfile); ++ if (blobfile >= 0) { ++ length = lseek(blobfile, 0, SEEK_CUR); + if (length < 0) + return -errno; + +@@ -534,11 +538,11 @@ int erofs_mkfs_dump_blobs(struct erofs_sb_info *sbi) + pos_out = erofs_btell(bh, false); + remapped_base = erofs_blknr(sbi, pos_out); + pos_out += sbi->bdev.offset; +- if (blobfile) { ++ if (blobfile >= 0) { + pos_in = 0; + do { + length = min_t(erofs_off_t, datablob_size, SSIZE_MAX); +- ret = erofs_copy_file_range(fileno(blobfile), &pos_in, ++ ret = erofs_copy_file_range(blobfile, &pos_in, + sbi->bdev.fd, &pos_out, length); + } while (ret > 0 && (datablob_size -= ret)); + +@@ -565,8 +569,8 @@ void erofs_blob_exit(void) + struct hashmap_entry *e; + struct erofs_blobchunk *bc, *n; + +- if (blobfile) +- fclose(blobfile); ++ if (blobfile >= 0) ++ close(blobfile); + + /* Disable hashmap shrink, effectively disabling rehash. + * This way we can iterate over entire hashmap efficiently +@@ -620,18 +624,14 @@ static int erofs_insert_zerochunk(erofs_off_t chunksize) + int erofs_blob_init(const char *blobfile_path, erofs_off_t chunksize) + { + if (!blobfile_path) { +-#ifdef HAVE_TMPFILE64 +- blobfile = tmpfile64(); +-#else +- blobfile = tmpfile(); +-#endif ++ blobfile = erofs_tmpfile(); + multidev = false; + } else { +- blobfile = fopen(blobfile_path, "wb"); ++ blobfile = open(blobfile_path, O_WRONLY | O_BINARY); + multidev = true; + } +- if (!blobfile) +- return -EACCES; ++ if (blobfile < 0) ++ return -errno; + + hashmap_init(&blob_hashmap, erofs_blob_hashmap_cmp, 0); + return erofs_insert_zerochunk(chunksize); +diff --git a/lib/fragments.c b/lib/fragments.c +index 9633a2b..a4311b1 100644 +--- a/lib/fragments.c ++++ b/lib/fragments.c +@@ -3,9 +3,6 @@ + * Copyright (C), 2022, Coolpad Group Limited. + * Created by Yue Hu + */ +-#ifndef _LARGEFILE_SOURCE +-#define _LARGEFILE_SOURCE +-#endif + #ifndef _LARGEFILE64_SOURCE + #define _LARGEFILE64_SOURCE + #endif +@@ -25,6 +22,7 @@ + #include "erofs/internal.h" + #include "erofs/fragments.h" + #include "erofs/bitops.h" ++#include "liberofs_private.h" + + struct erofs_fragment_dedupe_item { + struct list_head list; +@@ -41,7 +39,7 @@ struct erofs_fragment_dedupe_item { + + struct erofs_packed_inode { + struct list_head *hash; +- FILE *file; ++ int fd; + unsigned long *uptodate; + #if EROFS_MT_ENABLED + pthread_mutex_t mutex; +@@ -108,8 +106,7 @@ static int z_erofs_fragments_dedupe_find(struct erofs_inode *inode, int fd, + + sz = min_t(u64, pos, sizeof(buf[0])); + sz = min_t(u64, sz, inode->i_size - i); +- if (pread(fileno(epi->file), buf[0], sz, +- pos - sz) != sz) ++ if (pread(epi->fd, buf[0], sz, pos - sz) != sz) + break; + if (pread(fd, buf[1], sz, + inode->i_size - i - sz) != sz) +@@ -208,14 +205,10 @@ void z_erofs_fragments_commit(struct erofs_inode *inode) + int z_erofs_pack_file_from_fd(struct erofs_inode *inode, int fd, u32 tofcrc) + { + struct erofs_packed_inode *epi = inode->sbi->packedinode; +-#ifdef HAVE_FTELLO64 +- off64_t offset = ftello64(epi->file); +-#else +- off_t offset = ftello(epi->file); +-#endif ++ s64 offset, rc; + char *memblock; +- int rc; + ++ offset = lseek(epi->fd, 0, SEEK_CUR); + if (offset < 0) + return -errno; + +@@ -234,14 +227,19 @@ int z_erofs_pack_file_from_fd(struct erofs_inode *inode, int fd, u32 tofcrc) + + rc = read(fd, buf, sz); + if (rc != sz) { +- if (rc < 0) +- rc = -errno; +- else +- rc = -EAGAIN; +- goto out; ++ if (rc <= 0) { ++ if (!rc) ++ rc = -EIO; ++ else ++ rc = -errno; ++ goto out; ++ } ++ sz = rc; + } +- if (fwrite(buf, sz, 1, epi->file) != 1) { +- rc = -EIO; ++ rc = __erofs_io_write(epi->fd, buf, sz); ++ if (rc != sz) { ++ if (rc >= 0) ++ rc = -EIO; + goto out; + } + remaining -= sz; +@@ -251,9 +249,13 @@ int z_erofs_pack_file_from_fd(struct erofs_inode *inode, int fd, u32 tofcrc) + rc = -errno; + goto out; + } +- } else if (fwrite(memblock, inode->fragment_size, 1, epi->file) != 1) { +- rc = -EIO; +- goto out; ++ } else { ++ rc = __erofs_io_write(epi->fd, memblock, inode->fragment_size); ++ if (rc != inode->fragment_size) { ++ if (rc >= 0) ++ rc = -EIO; ++ goto out; ++ } + } + + erofs_dbg("Recording %llu fragment data at %llu", +@@ -279,11 +281,7 @@ int z_erofs_pack_fragments(struct erofs_inode *inode, void *data, + unsigned int len, u32 tofcrc) + { + struct erofs_packed_inode *epi = inode->sbi->packedinode; +-#ifdef HAVE_FTELLO64 +- off64_t offset = ftello64(epi->file); +-#else +- off_t offset = ftello(epi->file); +-#endif ++ s64 offset = lseek(epi->fd, 0, SEEK_CUR); + int ret; + + if (offset < 0) +@@ -292,8 +290,12 @@ int z_erofs_pack_fragments(struct erofs_inode *inode, void *data, + inode->fragmentoff = (erofs_off_t)offset; + inode->fragment_size = len; + +- if (fwrite(data, len, 1, epi->file) != 1) ++ ret = write(epi->fd, data, len); ++ if (ret != len) { ++ if (ret < 0) ++ return -errno; + return -EIO; ++ } + + erofs_dbg("Recording %llu fragment data at %llu", + inode->fragment_size | 0ULL, inode->fragmentoff | 0ULL); +@@ -313,19 +315,18 @@ int erofs_flush_packed_inode(struct erofs_sb_info *sbi) + if (!epi || !erofs_sb_has_fragments(sbi)) + return -EINVAL; + +- fflush(epi->file); +- if (!ftello(epi->file)) ++ if (lseek(epi->fd, 0, SEEK_CUR) <= 0) + return 0; +- inode = erofs_mkfs_build_special_from_fd(sbi, fileno(epi->file), ++ inode = erofs_mkfs_build_special_from_fd(sbi, epi->fd, + EROFS_PACKED_INODE); + sbi->packed_nid = erofs_lookupnid(inode); + erofs_iput(inode); + return 0; + } + +-FILE *erofs_packedfile(struct erofs_sb_info *sbi) ++int erofs_packedfile(struct erofs_sb_info *sbi) + { +- return sbi->packedinode->file; ++ return sbi->packedinode->fd; + } + + void erofs_packedfile_exit(struct erofs_sb_info *sbi) +@@ -347,8 +348,8 @@ void erofs_packedfile_exit(struct erofs_sb_info *sbi) + free(epi->hash); + } + +- if (epi->file) +- fclose(epi->file); ++ if (epi->fd >= 0) ++ close(epi->fd); + free(epi); + sbi->packedinode = NULL; + } +@@ -376,14 +377,9 @@ int erofs_packedfile_init(struct erofs_sb_info *sbi, bool fragments_mkfs) + init_list_head(&epi->hash[i]); + } + +- epi->file = +-#ifdef HAVE_TMPFILE64 +- tmpfile64(); +-#else +- tmpfile(); +-#endif +- if (!epi->file) { +- err = -errno; ++ epi->fd = erofs_tmpfile(); ++ if (epi->fd < 0) { ++ err = epi->fd; + goto err_out; + } + +@@ -392,6 +388,7 @@ int erofs_packedfile_init(struct erofs_sb_info *sbi, bool fragments_mkfs) + .sbi = sbi, + .nid = sbi->packed_nid, + }; ++ s64 offset; + + err = erofs_read_inode_from_disk(&ei); + if (err) { +@@ -400,8 +397,8 @@ int erofs_packedfile_init(struct erofs_sb_info *sbi, bool fragments_mkfs) + goto err_out; + } + +- err = fseek(epi->file, ei.i_size, SEEK_SET); +- if (err) { ++ offset = lseek(epi->fd, ei.i_size, SEEK_SET); ++ if (offset < 0) { + err = -errno; + goto err_out; + } +@@ -472,13 +469,12 @@ static void *erofs_packedfile_preload(struct erofs_inode *pi, + if (err) + goto err_out; + +- fflush(epi->file); +- err = pwrite(fileno(epi->file), buffer, map->m_llen, map->m_la); ++ err = pwrite(epi->fd, buffer, map->m_llen, map->m_la); + if (err < 0) { + err = -errno; + if (err == -ENOSPC) { + memset(epi->uptodate, 0, epi->uptodate_size); +- (void)!ftruncate(fileno(epi->file), 0); ++ (void)!ftruncate(epi->fd, 0); + } + goto err_out; + } +@@ -557,7 +553,7 @@ int erofs_packedfile_read(struct erofs_sb_info *sbi, + if (!uptodate) + continue; + +- err = pread(fileno(epi->file), buf, len, pos); ++ err = pread(epi->fd, buf, len, pos); + if (err < 0) + break; + if (err == len) { +diff --git a/lib/io.c b/lib/io.c +index dacf8dc..b6eb22a 100644 +--- a/lib/io.c ++++ b/lib/io.c +@@ -26,6 +26,28 @@ + #define EROFS_MODNAME "erofs_io" + #include "erofs/print.h" + ++ssize_t __erofs_io_write(int fd, const void *buf, size_t len) ++{ ++ ssize_t ret, written = 0; ++ ++ do { ++ ret = write(fd, buf, len); ++ if (ret <= 0) { ++ if (!ret) ++ break; ++ if (errno != EINTR) { ++ erofs_err("failed to write: %s", strerror(errno)); ++ return -errno; ++ } ++ ret = 0; ++ } ++ buf += ret; ++ written += ret; ++ } while (written < len); ++ ++ return written; ++} ++ + int erofs_io_fstat(struct erofs_vfile *vf, struct stat *buf) + { + if (__erofs_unlikely(cfg.c_dry_run)) { +diff --git a/lib/liberofs_private.h b/lib/liberofs_private.h +index 0eeca3c..ebd9e70 100644 +--- a/lib/liberofs_private.h ++++ b/lib/liberofs_private.h +@@ -23,3 +23,5 @@ static inline void *memrchr(const void *s, int c, size_t n) + return NULL; + } + #endif ++ ++int erofs_tmpfile(void); +diff --git a/lib/xattr.c b/lib/xattr.c +index 0860472..2f6ebab 100644 +--- a/lib/xattr.c ++++ b/lib/xattr.c +@@ -811,21 +811,22 @@ static int comp_shared_xattr_item(const void *a, const void *b) + + int erofs_xattr_flush_name_prefixes(struct erofs_sb_info *sbi) + { +- FILE *f = erofs_packedfile(sbi); ++ int fd = erofs_packedfile(sbi); + struct ea_type_node *tnode; +- off_t offset; ++ s64 offset; ++ int err; + + if (!ea_prefix_count) + return 0; +- offset = ftello(f); ++ offset = lseek(fd, 0, SEEK_CUR); + if (offset < 0) + return -errno; +- if (offset > UINT32_MAX) +- return -EOVERFLOW; +- + offset = round_up(offset, 4); +- if (fseek(f, offset, SEEK_SET)) ++ if ((offset >> 2) > UINT32_MAX) ++ return -EOVERFLOW; ++ if (lseek(fd, offset, SEEK_SET) < 0) + return -errno; ++ + sbi->xattr_prefix_start = (u32)offset >> 2; + sbi->xattr_prefix_count = ea_prefix_count; + +@@ -846,10 +847,14 @@ int erofs_xattr_flush_name_prefixes(struct erofs_sb_info *sbi) + infix_len); + len = sizeof(struct erofs_xattr_long_prefix) + infix_len; + u.s.size = cpu_to_le16(len); +- if (fwrite(&u.s, sizeof(__le16) + len, 1, f) != 1) ++ err = __erofs_io_write(fd, &u.s, sizeof(__le16) + len); ++ if (err != sizeof(__le16) + len) { ++ if (err < 0) ++ return -errno; + return -EIO; ++ } + offset = round_up(offset + sizeof(__le16) + len, 4); +- if (fseek(f, offset, SEEK_SET)) ++ if (lseek(fd, offset, SEEK_SET) < 0) + return -errno; + } + erofs_sb_set_fragments(sbi); +-- +2.48.1 + diff --git a/SPECS/erofs-utils/0005-erofs-utils-mkfs-add-per-segment-reaper-for-multi-th.patch b/SPECS/erofs-utils/0005-erofs-utils-mkfs-add-per-segment-reaper-for-multi-th.patch new file mode 100644 index 0000000000..35f5ea37c1 --- /dev/null +++ b/SPECS/erofs-utils/0005-erofs-utils-mkfs-add-per-segment-reaper-for-multi-th.patch @@ -0,0 +1,131 @@ +From 5115db2f754563674a8f5baf4107beccbd0baed9 Mon Sep 17 00:00:00 2001 +From: Gao Xiang +Date: Sat, 15 Feb 2025 00:36:20 +0800 +Subject: [PATCH 5/7] erofs-utils: mkfs: add per-segment reaper for + multi-threaded compression + +Replace the old per-inode reaper to avoid unnecessary memory overhead. +It also speeds up the multithreaded compression a bit. + +Signed-off-by: Gao Xiang +Link: https://lore.kernel.org/r/20250214163621.4109215-1-hsiangkao@linux.alibaba.com +--- + lib/compress.c | 31 ++++++++++++++----------------- + 1 file changed, 14 insertions(+), 17 deletions(-) + +diff --git a/lib/compress.c b/lib/compress.c +index 1f2807b..a4fe5dc 100644 +--- a/lib/compress.c ++++ b/lib/compress.c +@@ -52,23 +52,21 @@ struct z_erofs_compress_ictx { /* inode context */ + u8 *metacur; + struct list_head extents; + u16 clusterofs; +- + int seg_num; + + #if EROFS_MT_ENABLED + pthread_mutex_t mutex; + pthread_cond_t cond; +- int nfini; + + struct erofs_compress_work *mtworks; + #endif + }; + + struct z_erofs_compress_sctx { /* segment context */ ++ struct list_head extents; + struct z_erofs_compress_ictx *ictx; + + u8 *queue; +- struct list_head extents; + struct z_erofs_extent_item *pivot; + + struct erofs_compress *chandle; +@@ -98,6 +96,7 @@ struct erofs_compress_work { + /* Note: struct erofs_work must be the first member */ + struct erofs_work work; + struct z_erofs_compress_sctx ctx; ++ pthread_cond_t cond; + struct erofs_compress_work *next; + + unsigned int alg_id; +@@ -1307,12 +1306,10 @@ void z_erofs_mt_workfn(struct erofs_work *work, void *tlsp) + EROFS_NULL_ADDR); + + out: +- cwork->errcode = ret; ++ DBG_BUGON(ret > 0); + pthread_mutex_lock(&ictx->mutex); +- if (++ictx->nfini >= ictx->seg_num) { +- DBG_BUGON(ictx->nfini > ictx->seg_num); +- pthread_cond_signal(&ictx->cond); +- } ++ cwork->errcode = ret; ++ pthread_cond_signal(&cwork->cond); + pthread_mutex_unlock(&ictx->mutex); + } + +@@ -1346,6 +1343,7 @@ int z_erofs_merge_segment(struct z_erofs_compress_ictx *ictx, + } + } + free(sctx->membuf); ++ sctx->membuf = NULL; + return ret; + } + +@@ -1358,7 +1356,6 @@ int z_erofs_mt_compress(struct z_erofs_compress_ictx *ictx) + int i; + + ictx->seg_num = nsegs; +- ictx->nfini = 0; + pthread_mutex_init(&ictx->mutex, NULL); + pthread_cond_init(&ictx->cond, NULL); + +@@ -1374,6 +1371,7 @@ int z_erofs_mt_compress(struct z_erofs_compress_ictx *ictx) + cur = calloc(1, sizeof(*cur)); + if (!cur) + return -ENOMEM; ++ pthread_cond_init(&cur->cond, NULL); + } + *last = cur; + last = &cur->next; +@@ -1396,6 +1394,7 @@ int z_erofs_mt_compress(struct z_erofs_compress_ictx *ictx) + cur->alg_name = ccfg->handle.alg->name; + cur->comp_level = ccfg->handle.compression_level; + cur->dict_size = ccfg->handle.dict_size; ++ cur->errcode = 1; /* mark as "in progress" */ + + cur->work.fn = z_erofs_mt_workfn; + erofs_queue_work(&z_erofs_mt_ctrl.wq, &cur->work); +@@ -1412,11 +1411,6 @@ int erofs_mt_write_compressed_file(struct z_erofs_compress_ictx *ictx) + erofs_blk_t blkaddr, compressed_blocks = 0; + int ret; + +- pthread_mutex_lock(&ictx->mutex); +- while (ictx->nfini < ictx->seg_num) +- pthread_cond_wait(&ictx->cond, &ictx->mutex); +- pthread_mutex_unlock(&ictx->mutex); +- + bh = erofs_balloc(sbi->bmgr, DATA, 0, 0, 0); + if (IS_ERR(bh)) { + ret = PTR_ERR(bh); +@@ -1431,9 +1425,12 @@ int erofs_mt_write_compressed_file(struct z_erofs_compress_ictx *ictx) + cur = head; + head = cur->next; + +- if (cur->errcode) { +- ret = cur->errcode; +- } else { ++ pthread_mutex_lock(&ictx->mutex); ++ while ((ret = cur->errcode) > 0) ++ pthread_cond_wait(&cur->cond, &ictx->mutex); ++ pthread_mutex_unlock(&ictx->mutex); ++ ++ if (!ret) { + int ret2; + + cur->ctx.blkaddr = blkaddr; +-- +2.48.1 + diff --git a/SPECS/erofs-utils/0006-erofs-utils-avoid-overly-large-temporary-buffers-for.patch b/SPECS/erofs-utils/0006-erofs-utils-avoid-overly-large-temporary-buffers-for.patch new file mode 100644 index 0000000000..30b98d2390 --- /dev/null +++ b/SPECS/erofs-utils/0006-erofs-utils-avoid-overly-large-temporary-buffers-for.patch @@ -0,0 +1,58 @@ +From a26cd36a5e87095aa3396a9cb65e74c6242ef825 Mon Sep 17 00:00:00 2001 +From: Gao Xiang +Date: Sat, 15 Feb 2025 00:36:21 +0800 +Subject: [PATCH 6/7] erofs-utils: avoid overly large temporary buffers for + compressed data + +... and use `EROFS_MAX_BLOCK_SIZE * 2` to avoid potential issues +with buggy compressors. + +Signed-off-by: Gao Xiang +Link: https://lore.kernel.org/r/20250214163621.4109215-2-hsiangkao@linux.alibaba.com +--- + lib/compress.c | 8 +++++--- + 1 file changed, 5 insertions(+), 3 deletions(-) + +diff --git a/lib/compress.c b/lib/compress.c +index a4fe5dc..0b48c06 100644 +--- a/lib/compress.c ++++ b/lib/compress.c +@@ -26,6 +26,8 @@ + #include "erofs/workqueue.h" + #endif + ++#define Z_EROFS_DESTBUF_SZ (Z_EROFS_PCLUSTER_MAX_SIZE + EROFS_MAX_BLOCK_SIZE * 2) ++ + /* compressing configuration specified by users */ + struct erofs_compress_cfg { + struct erofs_compress handle; +@@ -554,7 +556,7 @@ static bool z_erofs_fixup_deduped_fragment(struct z_erofs_compress_sctx *ctx) + static int __z_erofs_compress_one(struct z_erofs_compress_sctx *ctx, + struct z_erofs_inmem_extent *e) + { +- static char g_dstbuf[EROFS_CONFIG_COMPR_MAX_SZ + EROFS_MAX_BLOCK_SIZE]; ++ static char g_dstbuf[Z_EROFS_DESTBUF_SZ]; + char *dstbuf = ctx->destbuf ?: g_dstbuf; + struct z_erofs_compress_ictx *ictx = ctx->ictx; + struct erofs_inode *inode = ictx->inode; +@@ -1218,8 +1220,7 @@ void *z_erofs_mt_wq_tls_alloc(struct erofs_workqueue *wq, void *ptr) + if (!tls->queue) + goto err_free_priv; + +- tls->destbuf = calloc(1, EROFS_CONFIG_COMPR_MAX_SZ + +- EROFS_MAX_BLOCK_SIZE); ++ tls->destbuf = calloc(1, Z_EROFS_DESTBUF_SZ); + if (!tls->destbuf) + goto err_free_queue; + +@@ -1291,6 +1292,7 @@ void z_erofs_mt_workfn(struct erofs_work *work, void *tlsp) + goto out; + + sctx->pclustersize = z_erofs_get_max_pclustersize(inode); ++ DBG_BUGON(sctx->pclustersize > Z_EROFS_PCLUSTER_MAX_SIZE); + sctx->queue = tls->queue; + sctx->destbuf = tls->destbuf; + sctx->chandle = &tls->ccfg[cwork->alg_id].handle; +-- +2.48.1 + diff --git a/SPECS/erofs-utils/0007-erofs-utils-lib-shorten-EROFS_FRAGMENT_INMEM_SZ_MAX.patch b/SPECS/erofs-utils/0007-erofs-utils-lib-shorten-EROFS_FRAGMENT_INMEM_SZ_MAX.patch new file mode 100644 index 0000000000..2f2a2308b3 --- /dev/null +++ b/SPECS/erofs-utils/0007-erofs-utils-lib-shorten-EROFS_FRAGMENT_INMEM_SZ_MAX.patch @@ -0,0 +1,30 @@ +From 3051162fefef9af9f274266a2ad9d5d612d50ccc Mon Sep 17 00:00:00 2001 +From: Gao Xiang +Date: Fri, 14 Feb 2025 14:24:07 +0800 +Subject: [PATCH 7/7] erofs-utils: lib: shorten EROFS_FRAGMENT_INMEM_SZ_MAX + +EROFS_CONFIG_COMPR_MAX_SZ (currently 4MiB) is too large and could +cause OOM kills on small setups. + +Signed-off-by: Gao Xiang +Link: https://lore.kernel.org/r/20250214062407.3281416-3-hsiangkao@linux.alibaba.com +--- + lib/fragments.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/fragments.c b/lib/fragments.c +index a4311b1..e22b773 100644 +--- a/lib/fragments.c ++++ b/lib/fragments.c +@@ -31,7 +31,7 @@ struct erofs_fragment_dedupe_item { + u8 data[]; + }; + +-#define EROFS_FRAGMENT_INMEM_SZ_MAX EROFS_CONFIG_COMPR_MAX_SZ ++#define EROFS_FRAGMENT_INMEM_SZ_MAX (256 * 1024) + #define EROFS_TOF_HASHLEN 16 + + #define FRAGMENT_HASHSIZE 65536 +-- +2.48.1 + diff --git a/SPECS/erofs-utils/erofs-utils.signatures.json b/SPECS/erofs-utils/erofs-utils.signatures.json new file mode 100644 index 0000000000..77ae19fce6 --- /dev/null +++ b/SPECS/erofs-utils/erofs-utils.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "erofs-utils-1.8.5.tar.gz": "cd8611270e9c86fe062f647103ca6ada9ed710e4430fdd5960d514777919200d" + } +} diff --git a/SPECS/erofs-utils/erofs-utils.spec b/SPECS/erofs-utils/erofs-utils.spec new file mode 100644 index 0000000000..9fac5c7fdd --- /dev/null +++ b/SPECS/erofs-utils/erofs-utils.spec @@ -0,0 +1,218 @@ +%bcond deflate 0 # libdeflate only in SPECS-EXTENDED +%bcond fuse 1 +%bcond lz4 1 +%bcond lzma 1 +%bcond qpl 0 # No QPL support in AZL currently +%bcond selinux 1 +%bcond uuid 1 +%bcond xxhash 1 +%bcond zlib 1 +%bcond zstd 1 + +Name: erofs-utils +Version: 1.8.5 +Release: 3%{?dist} + +Summary: Utilities for working with EROFS +License: GPL-2.0-only AND GPL-2.0-or-later AND (GPL-2.0-only OR Apache-2.0) AND (GPL-2.0-or-later OR Apache-2.0) AND (GPL-2.0-only OR BSD-2-Clause) AND (GPL-2.0-or-later OR BSD-2-Clause) AND Unlicense +Vendor: Microsoft Corporation +Distribution: Azure Linux +URL: https://erofs.docs.kernel.org/ + +Source: https://git.kernel.org/pub/scm/linux/kernel/git/xiang/erofs-utils.git/snapshot/%{name}-%{version}.tar.gz +# Backports from upstream dev branch +Patch0001: 0001-erofs-utils-mkfs-fragment-gracefully-exit-if-tempora.patch +Patch0002: 0002-erofs-utils-mkfs-reduce-default-dict-size-for-LZMA.patch +Patch0003: 0003-erofs-utils-mkfs-add-missing-errno-0-before-strto-u-.patch +Patch0004: 0004-erofs-utils-lib-get-rid-of-tmpfile.patch +Patch0005: 0005-erofs-utils-mkfs-add-per-segment-reaper-for-multi-th.patch +Patch0006: 0006-erofs-utils-avoid-overly-large-temporary-buffers-for.patch +Patch0007: 0007-erofs-utils-lib-shorten-EROFS_FRAGMENT_INMEM_SZ_MAX.patch + +BuildRequires: %[ "%{toolchain}" == "clang" ? "clang compiler-rt" : "gcc" ] +BuildRequires: libtool +BuildRequires: make +%{?with_deflate:BuildRequires: pkgconfig(libdeflate)} +%{?with_fuse:BuildRequires: pkgconfig(fuse3) >= 3.2} +%{?with_lz4:BuildRequires: pkgconfig(liblz4) >= 1.9.3} +%{?with_lzma:BuildRequires: pkgconfig(liblzma) >= 5.4} +%{?with_qpl:BuildRequires: pkgconfig(qpl) >= 1.5.0} +%{?with_selinux:BuildRequires: pkgconfig(libselinux)} +%{?with_uuid:BuildRequires: pkgconfig(uuid)} +%{?with_xxhash:BuildRequires: pkgconfig(libxxhash)} +%{?with_zlib:BuildRequires: pkgconfig(zlib)} +%{?with_zstd:BuildRequires: pkgconfig(libzstd) >= 1.4.0} + +%description +EROFS stands for Enhanced Read-Only File System. It aims to be a general +read-only file system solution for various use cases instead of just focusing +on saving storage space without considering runtime performance. + +This package includes tools to create, check, and extract EROFS images. + +%if %{with fuse} +%package -n erofs-fuse +Summary: FUSE support for mounting EROFS images +Requires: fuse3 + +%description -n erofs-fuse +EROFS stands for Enhanced Read-Only File System. It aims to be a general +read-only file system solution for various use cases instead of just focusing +on saving storage space without considering runtime performance. + +This package includes erofsfuse to mount EROFS images. +%endif + + +%prep +%autosetup -p1 + +%build +autoreconf -fi +%configure \ + --enable-multithreading \ + --%{?with_deflate:with}%{!?with_deflate:without}-libdeflate \ + --%{?with_fuse:enable}%{!?with_fuse:disable}-fuse \ + --%{?with_lz4:enable}%{!?with_lz4:disable}-lz4 \ + --%{?with_lzma:enable}%{!?with_lzma:disable}-lzma \ + --%{?with_qpl:with}%{!?with_qpl:without}-qpl \ + --%{?with_selinux:with}%{!?with_selinux:without}-selinux \ + --%{?with_uuid:with}%{!?with_uuid:without}-uuid \ + --%{?with_xxhash:with}%{!?with_xxhash:without}-xxhash \ + --%{?with_zlib:with}%{!?with_zlib:without}-zlib \ + --%{?with_zstd:with}%{!?with_zstd:without}-libzstd +%make_build + +%install +%make_install + + +%files +%{_bindir}/dump.erofs +%{_bindir}/fsck.erofs +%{_bindir}/mkfs.erofs +%{_mandir}/man1/dump.erofs.1* +%{_mandir}/man1/fsck.erofs.1* +%{_mandir}/man1/mkfs.erofs.1* +%doc AUTHORS ChangeLog README docs/PERFORMANCE.md docs/compress-hints.example +%license LICENSES/Apache-2.0 LICENSES/GPL-2.0 + +%if %{with fuse} +%files -n erofs-fuse +%{_bindir}/erofsfuse +%{_mandir}/man1/erofsfuse.1* +%doc AUTHORS ChangeLog README +%license LICENSES/Apache-2.0 LICENSES/GPL-2.0 +%endif + + +%changelog +* Fri Mar 14 2025 Henry Beberman - 1.8.5-3 +- Initial Azure Linux import from Fedora 42 (license: MIT) +- License Verified + +* Sun Feb 16 2025 Neal Gompa - 1.8.5-2 +- Backport fixes to handle low memory environments + +* Mon Feb 10 2025 David Michael - 1.8.5-1 +- Update to the 1.8.5 release. + +* Thu Jan 16 2025 Fedora Release Engineering - 1.8.4-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Fri Jan 03 2025 Neal Gompa - 1.8.4-2 +- Backport support for -Efragdedupe=inode mkfs option + +* Thu Jan 02 2025 Neal Gompa - 1.8.4-1 +- Update to the 1.8.4 release. + +* Sat Dec 14 2024 David Michael - 1.8.3-1 +- Update to the 1.8.3 release. + +* Sat Oct 12 2024 David Michael - 1.8.2-2 +- Backport a fix for multithreaded -Eall-fragments crashes. + +* Tue Sep 24 2024 David Michael - 1.8.2-1 +- Update to the 1.8.2 release. + +* Fri Aug 09 2024 David Michael - 1.8.1-1 +- Update to the 1.8.1 release. + +* Thu Aug 08 2024 David Michael - 1.8-1 +- Update to the 1.8 release. + +* Wed Jul 17 2024 Fedora Release Engineering - 1.7.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Wed Jan 24 2024 Fedora Release Engineering - 1.7.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jan 19 2024 Fedora Release Engineering - 1.7.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Oct 20 2023 David Michael - 1.7.1-1 +- Update to the 1.7.1 release. + +* Thu Sep 21 2023 David Michael - 1.7-1 +- Update to the 1.7 release. + +* Tue Aug 29 2023 David Michael - 1.6-3 +- Backport patches for CVE-2023-33551 and CVE-2023-33552. +- Change conditional build feature defaults for supporting EPEL 9. + +* Wed Jul 19 2023 Fedora Release Engineering - 1.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Sat Mar 11 2023 David Michael - 1.6-1 +- Update to the 1.6 release. + +* Wed Jan 25 2023 David Michael - 1.5-4 +- Enable MicroLZMA support. +- Switch the License tag to SPDX, and ship matching noneffective license files. + +* Thu Jan 19 2023 Fedora Release Engineering - 1.5-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Thu Jul 21 2022 Fedora Release Engineering - 1.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Mon Jun 13 2022 David Michael - 1.5-1 +- Update to the 1.5 release. + +* Thu Jan 20 2022 Fedora Release Engineering - 1.4-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Thu Nov 25 2021 David Michael - 1.4-2 +- Backport the patch to install a man page for fsck. +- Backport the patch to fix dump output. + +* Sun Nov 21 2021 David Michael - 1.4-1 +- Update to the 1.4 release. + +* Wed Jul 21 2021 Fedora Release Engineering - 1.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Mon May 31 2021 David Michael - 1.3-1 +- Update to the 1.3 release. + +* Tue Jan 26 2021 Fedora Release Engineering - 1.2.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Sat Jan 09 2021 David Michael - 1.2.1-1 +- Update to the 1.2.1 release. + +* Thu Dec 10 2020 David Michael - 1.2-1 +- Update to the 1.2 release. +- Split FUSE support into an independent subpackage. + +* Mon Jul 27 2020 Fedora Release Engineering - 1.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Mon Apr 13 2020 David Michael - 1.1-1 +- Update to the 1.1 release. + +* Tue Jan 28 2020 Fedora Release Engineering - 1.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Mon Nov 25 2019 David Michael - 1.0-1 +- Initial package. diff --git a/SPECS/flannel/CVE-2025-30204.patch b/SPECS/flannel/CVE-2025-30204.patch new file mode 100644 index 0000000000..89385764c2 --- /dev/null +++ b/SPECS/flannel/CVE-2025-30204.patch @@ -0,0 +1,71 @@ +From 20e897717946a5bb7750e795c245012bddcfa312 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Fri, 28 Mar 2025 21:29:08 +0000 +Subject: [PATCH] CVE-2025-30204 + +Upstream Patch Reference : v4: https://github.com/golang-jwt/jwt/commit/2f0e9add62078527821828c76865661aa7718a84 +--- + vendor/github.com/golang-jwt/jwt/v4/parser.go | 36 +++++++++++++++++++++++--- + 1 file changed, 33 insertions(+), 3 deletions(-) + +diff --git a/vendor/github.com/golang-jwt/jwt/v4/parser.go b/vendor/github.com/golang-jwt/jwt/v4/parser.go +index 2f61a69..9484f28 100644 +--- a/vendor/github.com/golang-jwt/jwt/v4/parser.go ++++ b/vendor/github.com/golang-jwt/jwt/v4/parser.go +@@ -7,6 +7,8 @@ import ( + "strings" + ) + ++const tokenDelimiter = "." ++ + type Parser struct { + // If populated, only these methods will be considered valid. + // +@@ -116,9 +118,10 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf + // It's only ever useful in cases where you know the signature is valid (because it has + // been checked previously in the stack) and you want to extract values from it. + func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { +- parts = strings.Split(tokenString, ".") +- if len(parts) != 3 { +- return nil, parts, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) ++ var ok bool ++ parts, ok = splitToken(tokenString) ++ if !ok { ++ return nil, nil, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) + } + + token = &Token{Raw: tokenString} +@@ -168,3 +171,30 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke + + return token, parts, nil + } ++ ++// splitToken splits a token string into three parts: header, claims, and signature. It will only ++// return true if the token contains exactly two delimiters and three parts. In all other cases, it ++// will return nil parts and false. ++func splitToken(token string) ([]string, bool) { ++ parts := make([]string, 3) ++ header, remain, ok := strings.Cut(token, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[0] = header ++ claims, remain, ok := strings.Cut(remain, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[1] = claims ++ // One more cut to ensure the signature is the last part of the token and there are no more ++ // delimiters. This avoids an issue where malicious input could contain additional delimiters ++ // causing unecessary overhead parsing tokens. ++ signature, _, unexpected := strings.Cut(remain, tokenDelimiter) ++ if unexpected { ++ return nil, false ++ } ++ parts[2] = signature ++ ++ return parts, true ++} +-- +2.45.2 + diff --git a/SPECS/flannel/flannel.spec b/SPECS/flannel/flannel.spec index 1a607b9bd6..aff4e72400 100644 --- a/SPECS/flannel/flannel.spec +++ b/SPECS/flannel/flannel.spec @@ -3,7 +3,7 @@ Summary: Simple and easy way to configure a layer 3 network fabric designed for Kubernetes Name: flannel Version: 0.24.2 -Release: 12%{?dist} +Release: 13%{?dist} License: ASL 2.0 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -14,6 +14,7 @@ Source1: %{name}-%{version}-vendor.tar.gz Patch0: CVE-2024-24786.patch Patch1: CVE-2023-44487.patch Patch2: CVE-2023-45288.patch +Patch3: CVE-2025-30204.patch BuildRequires: gcc BuildRequires: glibc-devel BuildRequires: glibc-static >= 2.38-9%{?dist} @@ -50,6 +51,10 @@ install -p -m 755 -t %{buildroot}%{_bindir} ./dist/flanneld %{_bindir}/flanneld %changelog +* Fri Apr 28 2025 Ranjan Dutta - 0.24.2-13 +- merge from Azure Linux tag 3.0.20250423-3.0 +- Patch CVE-2025-30204 + * Fri Mar 21 2025 Anuj Mittal - 0.24.2-12 - Bump Release to rebuild diff --git a/SPECS/future/future-fix_tests.patch b/SPECS/future/future-fix_tests.patch new file mode 100644 index 0000000000..59422c9c49 --- /dev/null +++ b/SPECS/future/future-fix_tests.patch @@ -0,0 +1,192 @@ +From c341d5497788923cc6ea0bd1358279f2147aa167 Mon Sep 17 00:00:00 2001 +From: Alexander Shadchin +Date: Sun, 15 Nov 2020 13:01:39 +0300 +Subject: [PATCH 1/7] Add support Python 3.9 + +--- + src/future/backports/xmlrpc/client.py | 7 ++++--- + src/future/moves/_dummy_thread.py | 5 ++++- + src/future/standard_library/__init__.py | 2 +- + 3 files changed, 9 insertions(+), 5 deletions(-) + +diff --git a/src/future/backports/xmlrpc/client.py b/src/future/backports/xmlrpc/client.py +index b78e5bad..0bcd90c9 100644 +--- a/src/future/backports/xmlrpc/client.py ++++ b/src/future/backports/xmlrpc/client.py +@@ -134,10 +134,11 @@ + from future.builtins import bytes, dict, int, range, str + + import base64 +-# Py2.7 compatibility hack +-base64.encodebytes = base64.encodestring +-base64.decodebytes = base64.decodestring + import sys ++if sys.version_info < (3, 9): ++ # Py2.7 compatibility hack ++ base64.encodebytes = base64.encodestring ++ base64.decodebytes = base64.decodestring + import time + from datetime import datetime + from future.backports.http import client as http_client +diff --git a/src/future/moves/_dummy_thread.py b/src/future/moves/_dummy_thread.py +index 688d249b..e5dca348 100644 +--- a/src/future/moves/_dummy_thread.py ++++ b/src/future/moves/_dummy_thread.py +@@ -2,7 +2,10 @@ + from future.utils import PY3 + + if PY3: +- from _dummy_thread import * ++ try: ++ from _dummy_thread import * ++ except ImportError: ++ from _thread import * + else: + __future_module__ = True + from dummy_thread import * +diff --git a/src/future/standard_library/__init__.py b/src/future/standard_library/__init__.py +index cff02f95..41c4f36d 100644 +--- a/src/future/standard_library/__init__.py ++++ b/src/future/standard_library/__init__.py +@@ -125,7 +125,7 @@ + # 'Tkinter': 'tkinter', + '_winreg': 'winreg', + 'thread': '_thread', +- 'dummy_thread': '_dummy_thread', ++ 'dummy_thread': '_dummy_thread' if sys.version_info < (3, 9) else '_thread', + # 'anydbm': 'dbm', # causes infinite import loop + # 'whichdb': 'dbm', # causes infinite import loop + # anydbm and whichdb are handled by fix_imports2 +From 90e3e4d7146324bd88a5453ba17a43412174f013 Mon Sep 17 00:00:00 2001 +From: Alexander Shadchin +Date: Sun, 15 Nov 2020 13:09:44 +0300 +Subject: [PATCH 3/7] Fix tests + +--- + tests/test_future/test_standard_library.py | 3 ++- + tests/test_future/test_urllib_toplevel.py | 5 +++-- + 2 files changed, 5 insertions(+), 3 deletions(-) + +diff --git a/tests/test_future/test_standard_library.py b/tests/test_future/test_standard_library.py +index 3ac5d2d7..820bf47a 100644 +--- a/tests/test_future/test_standard_library.py ++++ b/tests/test_future/test_standard_library.py +@@ -422,7 +422,8 @@ def test_urllib_imports_install_hooks(self): + + def test_underscore_prefixed_modules(self): + import _thread +- import _dummy_thread ++ if sys.version_info < (3, 9): ++ import _dummy_thread + import _markupbase + self.assertTrue(True) + +diff --git a/tests/test_future/test_urllib_toplevel.py b/tests/test_future/test_urllib_toplevel.py +index 11e77201..68bc4c96 100644 +--- a/tests/test_future/test_urllib_toplevel.py ++++ b/tests/test_future/test_urllib_toplevel.py +@@ -781,8 +781,9 @@ def test_unquoting(self): + "%s" % result) + self.assertRaises((TypeError, AttributeError), urllib_parse.unquote, None) + self.assertRaises((TypeError, AttributeError), urllib_parse.unquote, ()) +- with support.check_warnings(('', BytesWarning), quiet=True): +- self.assertRaises((TypeError, AttributeError), urllib_parse.unquote, bytes(b'')) ++ if sys.version_info < (3, 9): ++ with support.check_warnings(('', BytesWarning), quiet=True): ++ self.assertRaises((TypeError, AttributeError), urllib_parse.unquote, bytes(b'')) + + def test_unquoting_badpercent(self): + # Test unquoting on bad percent-escapes +From 32641e1e8f22e326f8cb77dbcd8b2172ece797e2 Mon Sep 17 00:00:00 2001 +From: Alexander Shadchin +Date: Sun, 15 Nov 2020 13:30:06 +0300 +Subject: [PATCH 5/7] Fix test_pow for Python 3.8+ + +--- + tests/test_future/test_builtins.py | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/tests/test_future/test_builtins.py b/tests/test_future/test_builtins.py +index 3921a608..f5dbec64 100644 +--- a/tests/test_future/test_builtins.py ++++ b/tests/test_future/test_builtins.py +@@ -1304,7 +1304,8 @@ def test_pow(self): + self.assertAlmostEqual(pow(-1, 1/3), 0.5 + 0.8660254037844386j) + + # Raises TypeError in Python < v3.5, ValueError in v3.5: +- self.assertRaises((TypeError, ValueError), pow, -1, -2, 3) ++ if sys.version_info < (3, 8): ++ self.assertRaises((TypeError, ValueError), pow, -1, -2, 3) + self.assertRaises(ValueError, pow, 1, 2, 0) + + self.assertRaises(TypeError, pow) + +From e7a2f76afa12ac4201c25dac9f93197016a19a7c Mon Sep 17 00:00:00 2001 +From: Alexander Shadchin +Date: Sun, 15 Nov 2020 13:53:28 +0300 +Subject: [PATCH 6/7] Fix test_ftp for Python 3.8+ + +--- + tests/test_future/test_urllib2.py | 9 ++++----- + 1 file changed, 4 insertions(+), 5 deletions(-) + +diff --git a/tests/test_future/test_urllib2.py b/tests/test_future/test_urllib2.py +index 2d69dad1..bd8e75c5 100644 +--- a/tests/test_future/test_urllib2.py ++++ b/tests/test_future/test_urllib2.py +@@ -691,10 +691,6 @@ def connect_ftp(self, user, passwd, host, port, dirs, + h = NullFTPHandler(data) + h.parent = MockOpener() + +- # MIME guessing works in Python 3.8! +- guessed_mime = None +- if sys.hexversion >= 0x03080000: +- guessed_mime = "image/gif" + for url, host, port, user, passwd, type_, dirs, filename, mimetype in [ + ("ftp://localhost/foo/bar/baz.html", + "localhost", ftplib.FTP_PORT, "", "", "I", +@@ -713,7 +709,10 @@ def connect_ftp(self, user, passwd, host, port, dirs, + ["foo", "bar"], "", None), + ("ftp://localhost/baz.gif;type=a", + "localhost", ftplib.FTP_PORT, "", "", "A", +- [], "baz.gif", guessed_mime), ++ [], "baz.gif", None), ++ ("ftp://localhost/baz.gif", ++ "localhost", ftplib.FTP_PORT, "", "", "I", ++ [], "baz.gif", "image/gif"), + ]: + req = Request(url) + req.timeout = None + +From 21ae5c76eb49edfff73d5a2319bf42ab0378da48 Mon Sep 17 00:00:00 2001 +From: Alexander Shadchin +Date: Fri, 11 Jun 2021 22:03:18 +0300 +Subject: [PATCH 7/7] Fix tests + +--- + tests/test_future/test_urllib_toplevel.py | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/tests/test_future/test_urllib_toplevel.py b/tests/test_future/test_urllib_toplevel.py +index 68bc4c96..923b2e8a 100644 +--- a/tests/test_future/test_urllib_toplevel.py ++++ b/tests/test_future/test_urllib_toplevel.py +@@ -120,7 +120,7 @@ def setUp(self): + finally: + f.close() + self.pathname = support.TESTFN +- self.returned_obj = urlopen("file:%s" % self.pathname) ++ self.returned_obj = urlopen("file:%s" % urllib_parse.quote(self.pathname)) + + def tearDown(self): + """Shut down the open object""" +@@ -167,7 +167,7 @@ def test_info(self): + self.assertIsInstance(self.returned_obj.info(), email_message.Message) + + def test_geturl(self): +- self.assertEqual(self.returned_obj.geturl(), self.pathname) ++ self.assertEqual(self.returned_obj.geturl(), urllib_parse.quote(self.pathname)) + + def test_getcode(self): + self.assertIsNone(self.returned_obj.getcode()) + diff --git a/SPECS/future/future-python311.patch b/SPECS/future/future-python311.patch new file mode 100644 index 0000000000..97becad415 --- /dev/null +++ b/SPECS/future/future-python311.patch @@ -0,0 +1,31 @@ +--- a/tests/test_future/test_utils.orig.py 2019-10-31 01:56:12.000000000 +0100 ++++ b/tests/test_future/test_utils.py 2021-12-04 11:26:23.050523816 +0100 +@@ -150,7 +150,7 @@ + self.assertRaises(Timeout, raise_, Timeout()) + + if PY3: +- self.assertRaisesRegexp( ++ self.assertRaisesRegex( + TypeError, "class must derive from BaseException", + raise_, int) + +@@ -343,6 +343,8 @@ + File "/opt/python-future/tests/test_future/test_utils.py", line 328, in test_single_exception_stacktrace + raise CustomException('ERROR') + ''' ++ if sys.version_info >= (3, 11): ++ expected += ' ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n' + if PY2: + expected += 'CustomException: ERROR\n' + else: +--- a/tests/test_future/test_urllib_toplevel.orig.py 2021-12-04 12:16:44.475424000 +0100 ++++ b/tests/test_future/test_urllib_toplevel.py 2021-12-04 12:37:15.282519570 +0100 +@@ -1198,7 +1198,7 @@ + + class Utility_Tests(unittest.TestCase): + """Testcase to test the various utility functions in the urllib.""" +- ++ @unittest.skipIf(sys.version_info >= (3, 11), "urllib.parse.splitpasswd() was removed from Python 3.11+") + def test_splitpasswd(self): + """Some of password examples are not sensible, but it is added to + confirming to RFC2617 and addressing issue4675. diff --git a/SPECS/future/future-python312.patch b/SPECS/future/future-python312.patch new file mode 100644 index 0000000000..e2633d6484 --- /dev/null +++ b/SPECS/future/future-python312.patch @@ -0,0 +1,70 @@ +From a6135542dffb6b1b8254d6daac779d119d4fc08c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Hrn=C4=8Diar?= +Date: Wed, 17 May 2023 14:03:26 +0200 +Subject: [PATCH 1/2] Adjust tests to the repr changes in CPython + +--- + tests/test_future/test_backports.py | 16 ++++++++++++---- + 1 file changed, 12 insertions(+), 4 deletions(-) + +diff --git a/tests/test_future/test_backports.py b/tests/test_future/test_backports.py +index 63b1afea..5d46b115 100644 +--- a/tests/test_future/test_backports.py ++++ b/tests/test_future/test_backports.py +@@ -599,8 +599,12 @@ def test_yaml_linkage(self): + + def test_repr(self): + od = OrderedDict([('c', 1), ('b', 2), ('a', 3), ('d', 4), ('e', 5), ('f', 6)]) +- self.assertEqual(repr(od), +- "OrderedDict([('c', 1), ('b', 2), ('a', 3), ('d', 4), ('e', 5), ('f', 6)])") ++ if sys.version_info[0] == 3 and sys.version_info[1] >= 12: ++ self.assertEqual(repr(od), ++ "OrderedDict({'c': 1, 'b': 2, 'a': 3, 'd': 4, 'e': 5, 'f': 6})") ++ else: ++ self.assertEqual(repr(od), ++ "OrderedDict([('c', 1), ('b', 2), ('a', 3), ('d', 4), ('e', 5), ('f', 6)])") + self.assertEqual(eval(repr(od)), od) + self.assertEqual(repr(OrderedDict()), "OrderedDict()") + +@@ -608,8 +612,12 @@ def test_repr_recursive(self): + # See issue #9826 + od = OrderedDict.fromkeys('abc') + od['x'] = od +- self.assertEqual(repr(od), +- "OrderedDict([('a', None), ('b', None), ('c', None), ('x', ...)])") ++ if sys.version_info[0] == 3 and sys.version_info[1] >= 12: ++ self.assertEqual(repr(od), ++ "OrderedDict({'a': None, 'b': None, 'c': None, 'x': ...})") ++ else: ++ self.assertEqual(repr(od), ++ "OrderedDict([('a', None), ('b', None), ('c', None), ('x', ...)])") + + def test_setdefault(self): + pairs = [('c', 1), ('b', 2), ('a', 3), ('d', 4), ('e', 5), ('f', 6)] + +From d7dc44e88b77fea57b9001421428cd7d95abb3bf Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Hrn=C4=8Diar?= +Date: Wed, 17 May 2023 14:42:09 +0200 +Subject: [PATCH 2/2] Adjust test to the change in CPython, parser now raises + SyntaxError instead of ValueError when source code contains null bytes + +--- + tests/test_future/test_builtins.py | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/tests/test_future/test_builtins.py b/tests/test_future/test_builtins.py +index 3921a608..d41d1254 100644 +--- a/tests/test_future/test_builtins.py ++++ b/tests/test_future/test_builtins.py +@@ -523,8 +523,8 @@ def test_compile(self): + self.assertRaises(TypeError, compile) + self.assertRaises(ValueError, compile, 'print(42)\n', '', 'badmode') + self.assertRaises(ValueError, compile, 'print(42)\n', '', 'single', 0xff) +- # Raises TypeError in Python < v3.5, ValueError in v3.5: +- self.assertRaises((TypeError, ValueError), compile, chr(0), 'f', 'exec') ++ # Raises TypeError in Python < v3.5, ValueError in v3.5, SyntaxError in >= 3.12: ++ self.assertRaises((TypeError, ValueError, SyntaxError), compile, chr(0), 'f', 'exec') + self.assertRaises(TypeError, compile, 'pass', '?', 'exec', + mode='eval', source='0', filename='tmp') + compile('print("\xe5")\n', '', 'exec') + diff --git a/SPECS/fwctl/fwctl.signatures.json b/SPECS/fwctl/fwctl.signatures.json new file mode 100644 index 0000000000..e5d4ed40f3 --- /dev/null +++ b/SPECS/fwctl/fwctl.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "fwctl-24.10.tgz": "ec00a549851d9c506a8e2aed365db2506e3d8bb31dad970da82f8f665191deec" + } +} \ No newline at end of file diff --git a/SPECS/fwctl/fwctl.spec b/SPECS/fwctl/fwctl.spec new file mode 100644 index 0000000000..6e1a21e912 --- /dev/null +++ b/SPECS/fwctl/fwctl.spec @@ -0,0 +1,293 @@ +# +# Copyright (c) 2024 Nvidia Inc. All rights reserved. +# +# This software is available to you under a choice of one of two +# licenses. You may choose to be licensed under the terms of the GNU +# General Public License (GPL) Version 2, available from the file +# COPYING in the main directory of this source tree, or the +# OpenIB.org BSD license below: +# +# Redistribution and use in source and binary forms, with or +# without modification, are permitted provided that the following +# conditions are met: +# +# - Redistributions of source code must retain the above +# copyright notice, this list of conditions and the following +# disclaimer. +# +# - Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials +# provided with the distribution. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS +# BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN +# ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN +# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +# SOFTWARE. +# + +%global last-known-kernel 6.6.82.1-1 + +%{!?_name: %define _name fwctl} +%{!?_version: %define _version 24.10} +%{!?_release: %define _release OFED.24.10.0.6.7.1} + +%if 0%{emt} +%global target_kernel_version_full %(/bin/rpm -q --queryformat '%{VERSION}-%{RELEASE}' kernel-headers) +%else +%global target_kernel_version_full f.a.k.e +%endif + +%global KVERSION %{target_kernel_version_full} +%global K_SRC /lib/modules/%{target_kernel_version_full}/build + +# KMP is disabled by default +%{!?KMP: %global KMP 0} + +# take kernel version or default to uname -r +%{!?KVERSION: %global KVERSION %{target_kernel_version_full}} +%global kernel_version %{KVERSION} +%global krelver %(echo -n %{KVERSION} | sed -e 's/-/_/g') +# take path to kernel sources if provided, otherwise look in default location (for non KMP rpms). +%{!?K_SRC: %global K_SRC /lib/modules/%{KVERSION}/build} + +# define release version +%{!?src_release: %global src_release %{_release}_%{krelver}} +%if "%{KMP}" != "1" +%global _release1 %{src_release} +%else +%global _release1 %{_release} +%endif +%global _kmp_rel %{_release1}%{?_kmp_build_num}%{?_dist} + +Summary: %{_name} Driver +Name: fwctl +Version: 24.10 +Release: 13%{?dist} +License: GPLv2 +Url: http://nvidia.com +Group: System Environment/Base +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/24.10-0.7.0.0/SRPMS/fwctl-24.10.tgz#/%{_name}-%{_version}.tgz +BuildRoot: /var/tmp/%{name}-%{version}-build +Vendor: Microsoft Corporation +Distribution: Azure Linux +ExclusiveArch: x86_64 + +BuildRequires: gcc +BuildRequires: make +BuildRequires: kernel-devel = %{target_kernel_version_full} +BuildRequires: kernel-headers = %{target_kernel_version_full} +BuildRequires: binutils +BuildRequires: systemd +BuildRequires: kmod +BuildRequires: mlnx-ofa_kernel-devel = %{_version} +BuildRequires: mlnx-ofa_kernel-source = %{_version} + +Requires: mlnx-ofa_kernel = %{_version} +Requires: mlnx-ofa_kernel-modules = %{_version} +Requires: kernel = %{target_kernel_version_full} +Requires: kmod + +%description +%{name} kernel modules + +# build KMP rpms? +%if "%{KMP}" == "1" +%global kernel_release() $(make -s -C %{1} kernelrelease M=$PWD) +BuildRequires: %kernel_module_package_buildreqs +%(mkdir -p %{buildroot}) +%(echo '%defattr (-,root,root)' > %{buildroot}/file_list) +%(echo '/lib/modules/%2-%1' >> %{buildroot}/file_list) +%(echo '%config(noreplace) %{_sysconfdir}/depmod.d/zz02-%{name}-*-%1.conf' >> %{buildroot}/file_list) +%{kernel_module_package -f %{buildroot}/file_list -x xen -r %{_kmp_rel} } +%else +%global kernel_source() %{K_SRC} +%global kernel_release() %{KVERSION} +%global flavors_to_build default +%endif + +# +# setup module sign scripts if paths to the keys are given +# +%global WITH_MOD_SIGN %(if ( test -f "$MODULE_SIGN_PRIV_KEY" && test -f "$MODULE_SIGN_PUB_KEY" ); \ + then \ + echo -n '1'; \ + else \ + echo -n '0'; fi) + +%if "%{WITH_MOD_SIGN}" == "1" +# call module sign script +%global __modsign_install_post \ + %{_builddir}/%{name}-%{version}/source/tools/sign-modules %{buildroot}/lib/modules/ %{kernel_source default} || exit 1 \ +%{nil} + +%global __debug_package 1 +%global buildsubdir %{name}-%{version} +# Disgusting hack alert! We need to ensure we sign modules *after* all +# invocations of strip occur, which is in __debug_install_post if +# find-debuginfo.sh runs, and __os_install_post if not. +# +%global __spec_install_post \ + %{?__debug_package:%{__debug_install_post}} \ + %{__arch_install_post} \ + %{__os_install_post} \ + %{__modsign_install_post} \ +%{nil} + +%endif # end of setup module sign scripts +# + +%if "%{_vendor}" == "suse" +%debug_package +%endif + +%if 0%{?anolis} == 8 +%global __find_requires %{nil} +%endif + +# set modules dir +%if "%{_vendor}" == "redhat" || ("%{_vendor}" == "openEuler") +%if 0%{?fedora} +%global install_mod_dir updates/%{name} +%else +%global install_mod_dir extra/%{name} +%endif +%endif + +%if "%{_vendor}" == "suse" +%global install_mod_dir updates/%{name} +%endif + +%{!?install_mod_dir: %global install_mod_dir updates/%{name}} + +%prep +%setup +set -- * +mkdir source +mv "$@" source/ +mkdir obj + +%build +export EXTRA_CFLAGS='-DVERSION=\"%version\"' +export INSTALL_MOD_DIR=%{install_mod_dir} +export CONF_OPTIONS="%{configure_options}" +for flavor in %{flavors_to_build}; do + export K_BUILD=%{kernel_source $flavor} + export KVER=%{kernel_release $K_BUILD} + export LIB_MOD_DIR=/lib/modules/$KVER/$INSTALL_MOD_DIR + rm -rf obj/$flavor + cp -r source obj/$flavor + cd $PWD/obj/$flavor + make + cd - +done + +%install +export INSTALL_MOD_PATH=%{buildroot} +export INSTALL_MOD_DIR=%{install_mod_dir} +export PREFIX=%{_prefix} +for flavor in %flavors_to_build; do + export K_BUILD=%{kernel_source $flavor} + export KVER=%{kernel_release $K_BUILD} + cd $PWD/obj/$flavor + make install KERNELRELEASE=$KVER + # Cleanup unnecessary kernel-generated module dependency files. + find $INSTALL_MOD_PATH/lib/modules -iname 'modules.*' -exec rm {} \; + cd - +done + +# Set the module(s) to be executable, so that they will be stripped when packaged. +find %{buildroot} \( -type f -name '*.ko' -o -name '*ko.gz' \) -exec %{__chmod} u+x \{\} \; + +%{__install} -d %{buildroot}%{_sysconfdir}/depmod.d/ +for module in `find %{buildroot}/ -name '*.ko' -o -name '*.ko.gz' | sort` +do +ko_name=${module##*/} +mod_name=${ko_name/.ko*/} +mod_path=${module/*\/%{name}} +mod_path=${mod_path/\/${ko_name}} +%if "%{_vendor}" == "suse" + for flavor in %{flavors_to_build}; do + if [[ $module =~ $flavor ]] || [ "X%{KMP}" != "X1" ];then + echo "override ${mod_name} * updates/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}-$flavor.conf + fi + done +%else + %if 0%{?fedora} + echo "override ${mod_name} * updates/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}.conf + %else + %if "%{_vendor}" == "redhat" || ("%{_vendor}" == "openEuler") + echo "override ${mod_name} * weak-updates/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}.conf + %endif + echo "override ${mod_name} * extra/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}.conf + %endif +%endif +done + + +%clean +rm -rf %{buildroot} + +%post +if [ $1 -ge 1 ]; then # 1 : This package is being installed or reinstalled + /sbin/depmod %{KVERSION} +fi # 1 : closed +# END of post + +%postun +/sbin/depmod %{KVERSION} + +%if "%{KMP}" != "1" +%files +%defattr(-,root,root,-) +%license source/debian/copyright +/lib/modules/%{KVERSION}/%{install_mod_dir}/ +%config(noreplace) %{_sysconfdir}/depmod.d/zz02-%{name}-*.conf +%endif + +%changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 24.10-13 +- Bump release to rebuild for new kernel release + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 24.10-12 +- Bump release to rebuild for new kernel release + +* Mon Mar 10 2025 Chris Co - 24.10-11 +- Bump release to rebuild for new kernel release + +* Wed Mar 05 2025 Rachel Menge - 24.10-10 +- Bump release to rebuild for new kernel release + +* Tue Mar 04 2025 Rachel Menge - 24.10-9 +- Bump release to rebuild for new kernel release + +* Wed Feb 19 2025 Chris Co - 24.10-8 +- Bump release to rebuild for new kernel release + +* Tue Feb 11 2025 Rachel Menge - 24.10-7 +- Bump release to rebuild for new kernel release + +* Wed Feb 05 2025 Tobias Brick - 24.10-6 +- Bump release to rebuild for new kernel release + +* Tue Feb 04 2025 Alberto David Perez Guevara - 24.10-5 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-4 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-3 +- Bump release to match kernel + +* Thu Jan 30 2025 Rachel Menge - 24.10-2 +- Bump release to match kernel + +* Tue Dec 17 2024 Binu Jose Philip - 24.10-1 +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified +* Mon Jul 29 2024 +- Initial packaging diff --git a/SPECS/gdb/gdb.spec b/SPECS/gdb/gdb.spec index fdd72a9362..39ee863e32 100644 --- a/SPECS/gdb/gdb.spec +++ b/SPECS/gdb/gdb.spec @@ -1,7 +1,7 @@ Summary: C debugger Name: gdb Version: 13.2 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Vendor: Microsoft Corporation Distribution: Azure Linux @@ -47,7 +47,8 @@ another program was doing at the moment it crashed. --with-system-zlib \ --disable-sim \ --with-python=%{python3} \ - --enable-unit-tests + --enable-unit-tests \ + --enable-targets=all %make_build %install @@ -103,6 +104,9 @@ make check TESTS='gdb.base/default.exp' %{_mandir}/*/* %changelog +* Mon Feb 03 2025 Andrew Phelps - 13.2-4 +- Enable cross-debugging on all supported targets + * Wed Oct 09 2024 Mitch Zhu - 13.2-3 - Fix CVE-2023-39128, CVE-2023-39129, CVE-2023-39130 diff --git a/SPECS/glib/glib.signatures.json b/SPECS/glib/glib.signatures.json index 59e35183ef..945fbeab42 100644 --- a/SPECS/glib/glib.signatures.json +++ b/SPECS/glib/glib.signatures.json @@ -1,5 +1,5 @@ { - "Signatures": { - "glib-2.78.1.tar.xz": "915bc3d0f8507d650ead3832e2f8fb670fce59aac4d7754a7dab6f1e6fed78b2" - } + "Signatures": { + "glib-2.78.6.tar.xz": "244854654dd82c7ebcb2f8e246156d2a05eb9cd1ad07ed7a779659b4602c9fae" + } } diff --git a/SPECS/glib/glib.spec b/SPECS/glib/glib.spec index 216644035e..0b6c64ddbc 100644 --- a/SPECS/glib/glib.spec +++ b/SPECS/glib/glib.spec @@ -1,8 +1,8 @@ %define majorver %(echo %{version} | cut -d. -f1-2) Summary: Low-level libraries useful for providing data structure handling for C. Name: glib -Version: 2.78.1 -Release: 5%{?dist} +Version: 2.78.6 +Release: 1%{?dist} License: LGPLv2+ Vendor: Microsoft Corporation Distribution: Azure Linux @@ -122,6 +122,9 @@ touch %{buildroot}%{_libdir}/gio/modules/giomodule.cache %doc %{_datadir}/gtk-doc/html/* %changelog +* Wed Mar 05 2025 CBL-Mariner Servicing Account - 2.78.6-1 +- Auto-upgrade to 2.78.6 - for CVE-2024-34397 + * Thu Nov 14 2024 Sharath Srikanth Chellappa - 2.78.1-5 - Patch CVE-2024-52533 diff --git a/SPECS/heimdal/CVE-2022-45142.patch b/SPECS/heimdal/CVE-2022-45142.patch new file mode 100644 index 0000000000..d8e5b54003 --- /dev/null +++ b/SPECS/heimdal/CVE-2022-45142.patch @@ -0,0 +1,36 @@ +From 7a6ba45e89d339b37c4f47538768451fa58410aa Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Wed, 26 Mar 2025 17:04:23 +0000 +Subject: [PATCH] CVE-2022-45142 + +Upstream Reference [Mailing List]: https://www.openwall.com/lists/oss-security/2023/02/08/1 + +--- + lib/gssapi/krb5/arcfour.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/lib/gssapi/krb5/arcfour.c b/lib/gssapi/krb5/arcfour.c +index aa03cbe..c6c15eb 100644 +--- a/lib/gssapi/krb5/arcfour.c ++++ b/lib/gssapi/krb5/arcfour.c +@@ -365,7 +365,7 @@ _gssapi_verify_mic_arcfour(OM_uint32 * minor_status, + return GSS_S_FAILURE; + } + +- cmp = (ct_memcmp(cksum_data, p + 8, 8) == 0); ++ cmp = (ct_memcmp(cksum_data, p + 8, 8) != 0); + if (cmp) { + *minor_status = 0; + return GSS_S_BAD_MIC; +@@ -730,7 +730,7 @@ OM_uint32 _gssapi_unwrap_arcfour(OM_uint32 *minor_status, + return GSS_S_FAILURE; + } + +- cmp = (ct_memcmp(cksum_data, p0 + 16, 8) == 0); /* SGN_CKSUM */ ++ cmp = (ct_memcmp(cksum_data, p0 + 16, 8) != 0); /* SGN_CKSUM */ + if (cmp) { + _gsskrb5_release_buffer(minor_status, output_message_buffer); + *minor_status = 0; +-- +2.45.2 + diff --git a/SPECS/heimdal/heimdal.spec b/SPECS/heimdal/heimdal.spec index bb16d781f2..722ae7ad31 100644 --- a/SPECS/heimdal/heimdal.spec +++ b/SPECS/heimdal/heimdal.spec @@ -12,7 +12,7 @@ Summary: A Kerberos 5 implementation without export restrictions Name: heimdal Version: 7.8.0 -Release: 2%{?dist} +Release: 3%{?dist} License: BSD AND MIT Vendor: Microsoft Corporation Distribution: Azure Linux @@ -44,6 +44,7 @@ Patch5: 0001-lib-krb5-krb5_pac_parse-mem-leak-if-pac_header_size-.patch Patch6: 0002-kdc-Check-generate_pac-return-code.patch Patch7: 0003-kdc-avoid-re-encoding-KDC-REQ-BODY.patch Patch8: fixautoconf.patch +Patch9: CVE-2022-45142.patch BuildRequires: bison #libcom_err-devel is in #BuildRequires: libcom_err-devel @@ -486,6 +487,9 @@ fi %{_sysconfdir}/profile.d/%{name}.csh %changelog +* Wed Mar 26 2025 Kanishk-Bansal - 7.8.0-3 +- Patch CVE-2022-45142 + * Wed Apr 17 2024 Andrew Phelps - 7.8.0-2 - Add patch to fix build with autoconf 2.72 diff --git a/SPECS/hyperv-daemons/hyperv-daemons.signatures.json b/SPECS/hyperv-daemons/hyperv-daemons.signatures.json index 337605618d..08975691d6 100644 --- a/SPECS/hyperv-daemons/hyperv-daemons.signatures.json +++ b/SPECS/hyperv-daemons/hyperv-daemons.signatures.json @@ -7,6 +7,6 @@ "hypervkvpd.service": "c1bb207cf9f388f8f3cf5b649abbf8cfe4c4fcf74538612946e68f350d1f265f", "hypervvss.rules": "94cead44245ef6553ab79c0bbac8419e3ff4b241f01bcec66e6f508098cbedd1", "hypervvssd.service": "22270d9f0f23af4ea7905f19c1d5d5495e40c1f782cbb87a99f8aec5a011078d", - "kernel-6.6.78.1.tar.gz": "58884625aa9b25ab9c533251cad1a6281898170bba19b7986b985982f8aa77ed" + "kernel-6.6.82.1.tar.gz": "66da12e2ca4d65d4a51e23423c60a03fb57910a91684e36643430c616e6d732a" } } diff --git a/SPECS/hyperv-daemons/hyperv-daemons.spec b/SPECS/hyperv-daemons/hyperv-daemons.spec index a1c793813f..72b568569a 100644 --- a/SPECS/hyperv-daemons/hyperv-daemons.spec +++ b/SPECS/hyperv-daemons/hyperv-daemons.spec @@ -10,7 +10,7 @@ Summary: Hyper-V daemons suite Name: hyperv-daemons -Version: 6.6.78.1 +Version: 6.6.82.1 Release: 1%{?dist} License: GPLv2+ Vendor: Microsoft Corporation @@ -221,6 +221,12 @@ fi %{_sbindir}/lsvmbus %changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 6.6.82.1-1 +- Auto-upgrade to 6.6.82.1 + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 6.6.79.1-1 +- Auto-upgrade to 6.6.79.1 + * Mon Mar 03 2025 CBL-Mariner Servicing Account - 6.6.78.1-1 - Auto-upgrade to 6.6.78.1 diff --git a/SPECS/ibarr/ibarr.signatures.json b/SPECS/ibarr/ibarr.signatures.json new file mode 100644 index 0000000000..741df92c21 --- /dev/null +++ b/SPECS/ibarr/ibarr.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "ibarr-0.1.3.tar.gz": "db24745abfd49af9ed2b3f1990b9b00e0bd51258c282caa6fa3cf420f90b8b25" + } +} \ No newline at end of file diff --git a/SPECS/ibarr/ibarr.spec b/SPECS/ibarr/ibarr.spec new file mode 100644 index 0000000000..2a4a5a481b --- /dev/null +++ b/SPECS/ibarr/ibarr.spec @@ -0,0 +1,60 @@ +Name: ibarr +Version: 0.1.3 +Release: 2%{?dist} +Summary: Nvidia address and route userspace resolution services for Infiniband +Vendor: Microsoft Corporation +Distribution: Azure Linux +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/24.10-0.7.0.0/SRPMS/ibarr-0.1.3.tar.gz#/%{name}-%{version}.tar.gz +Group: Applications/System +License: (GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause +ExclusiveArch: x86_64 + +BuildRequires: cmake +BuildRequires: gcc +BuildRequires: libnl3-devel +BuildRequires: rdma-core-devel + +# The SLES cmake macros do more than the RHEL ones, and have an extra +# cmake_install with a 'cd build' inside. +%if %{undefined cmake_install} +%global cmake_install %make_install +%endif +%if %{undefined cmake_build} + %if %{defined make_jobs} + # SLES12 + %global cmake_build %make_jobs + %else + # RHEL < 9, Fedora < ?? + %global cmake_build %make_build + %endif +%endif + +%description +a userspace application that interacts over NetLink with the Linux RDMA +subsystem and provides 2 services: ip2gid (address resolution) and gid2lid +(PathRecord resolution). + +%prep +%setup -q + +%build +%cmake +%cmake_build + +%install +%cmake_install + +%clean +rm -rf $RPM_BUILD_ROOT + +%files +%doc README.md +%license COPYING.BSD_MIT +%{_bindir}/ibarr +# FIXME: should be in the standard directory, under _prefix. +/lib/systemd/system/%{name}.service + +%changelog +* Tue Dec 17 2024 Binu Jose Philip +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified diff --git a/SPECS/ibsim/ibsim.signatures.json b/SPECS/ibsim/ibsim.signatures.json new file mode 100644 index 0000000000..bd36bdca1e --- /dev/null +++ b/SPECS/ibsim/ibsim.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "ibsim-0.12.tar.gz": "f137872bf1ec1ca56c9f301ddef237a5f9c4111d6b83b4be853b58c054e454a3" + } +} \ No newline at end of file diff --git a/SPECS/ibsim/ibsim.spec b/SPECS/ibsim/ibsim.spec new file mode 100644 index 0000000000..041a89f2dc --- /dev/null +++ b/SPECS/ibsim/ibsim.spec @@ -0,0 +1,53 @@ + +%define RELEASE 2 +%define rel %{?CUSTOM_RELEASE}%{!?CUSTOM_RELEASE:%RELEASE} + +Summary: InfiniBand fabric simulator for management +Name: ibsim +Version: 0.12 +Release: 1%{?dist} +License: GPLv2 or BSD +Group: System Environment/Libraries +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/24.10-0.7.0.0/SRPMS/ibsim-0.12.tar.gz#/ibsim-%{version}.tar.gz +Url: https://github.com/linux-rdma/ibsim +Vendor: Microsoft Corporation +Distribution: Azure Linux +ExclusiveArch: x86_64 + +BuildRequires: libibmad-devel +BuildRequires: libibumad-devel +BuildRequires: gcc + +%description +ibsim provides simulation of infiniband fabric for using with +OFA OpenSM, diagnostic and management tools. + +%prep +%setup -q + +%build +export CFLAGS="${CFLAGS:-${RPM_OPT_FLAGS}}" +export LDFLAGS="${LDFLAGS:-${RPM_OPT_FLAGS}}" +make prefix=%_prefix libpath=%_libdir binpath=%_bindir %{?_smp_mflags} + +%install +export CFLAGS="${CFLAGS:-${RPM_OPT_FLAGS}}" +export LDFLAGS="${LDFLAGS:-${RPM_OPT_FLAGS}}" +make DESTDIR=${RPM_BUILD_ROOT} prefix=%_prefix libpath=%_libdir binpath=%_bindir install + +%clean +rm -rf $RPM_BUILD_ROOT + +%files +%defattr(-,root,root) +%{_libdir}/umad2sim/libumad2sim*.so* +%{_bindir}/ibsim +%{_bindir}/ibsim-run +%doc README TODO net-examples scripts +%license COPYING + +%changelog +* Tue Dec 17 2024 Binu Jose Philip +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified diff --git a/SPECS/ig/CVE-2025-27144.patch b/SPECS/ig/CVE-2025-27144.patch new file mode 100644 index 0000000000..3afcb40bff --- /dev/null +++ b/SPECS/ig/CVE-2025-27144.patch @@ -0,0 +1,51 @@ +From 2bc5b8e5cd3b02064b046513ca7e0b6b773f6762 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Thu, 13 Mar 2025 19:28:52 +0000 +Subject: [PATCH] CVE-2025-27144 + +Upstream Reference: https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22 + +--- + github.com/go-jose/go-jose/v4/jwe.go | 5 +++-- + github.com/go-jose/go-jose/v4/jws.go | 5 +++-- + 2 files changed, 6 insertions(+), 4 deletions(-) + +diff --git a/vendor/github.com/go-jose/go-jose/v4/jwe.go b/vendor/github.com/go-jose/go-jose/v4/jwe.go +index 89f03ee..9f1322d 100644 +--- a/vendor/github.com/go-jose/go-jose/v4/jwe.go ++++ b/vendor/github.com/go-jose/go-jose/v4/jwe.go +@@ -288,10 +288,11 @@ func ParseEncryptedCompact( + keyAlgorithms []KeyAlgorithm, + contentEncryption []ContentEncryption, + ) (*JSONWebEncryption, error) { +- parts := strings.Split(input, ".") +- if len(parts) != 5 { ++ // Five parts is four separators ++ if strings.Count(input, ".") != 4 { + return nil, fmt.Errorf("go-jose/go-jose: compact JWE format must have five parts") + } ++ parts := strings.SplitN(input, ".", 5) + + rawProtected, err := base64.RawURLEncoding.DecodeString(parts[0]) + if err != nil { +diff --git a/vendor/github.com/go-jose/go-jose/v4/jws.go b/vendor/github.com/go-jose/go-jose/v4/jws.go +index 3a91230..d09d8ba 100644 +--- a/vendor/github.com/go-jose/go-jose/v4/jws.go ++++ b/vendor/github.com/go-jose/go-jose/v4/jws.go +@@ -327,10 +327,11 @@ func parseSignedCompact( + payload []byte, + signatureAlgorithms []SignatureAlgorithm, + ) (*JSONWebSignature, error) { +- parts := strings.Split(input, ".") +- if len(parts) != 3 { ++ // Three parts is two separators ++ if strings.Count(input, ".") != 2 { + return nil, fmt.Errorf("go-jose/go-jose: compact JWS format must have three parts") + } ++ parts := strings.SplitN(input, ".", 3) + + if parts[1] != "" && payload != nil { + return nil, fmt.Errorf("go-jose/go-jose: payload is not detached") +-- +2.45.2 + diff --git a/SPECS/ig/CVE-2025-29786.patch b/SPECS/ig/CVE-2025-29786.patch new file mode 100644 index 0000000000..43afca11fd --- /dev/null +++ b/SPECS/ig/CVE-2025-29786.patch @@ -0,0 +1,635 @@ +From 387fc2ebedb3b5f54f9494c95506e6163f6f7af5 Mon Sep 17 00:00:00 2001 +From: Kshitiz Godara +Date: Mon, 24 Mar 2025 13:30:36 +0000 +Subject: [PATCH] Fix for CVE-2025-29786 + +Upstream source reference: +https://github.com/expr-lang/expr/pull/762 + +Signed-off-by: Kshitiz Godara +--- + .../github.com/expr-lang/expr/conf/config.go | 52 ++-- + .../expr-lang/expr/parser/parser.go | 228 +++++++++++++----- + vendor/github.com/expr-lang/expr/vm/utils.go | 3 - + vendor/github.com/expr-lang/expr/vm/vm.go | 23 +- + 4 files changed, 213 insertions(+), 93 deletions(-) + +diff --git a/vendor/github.com/expr-lang/expr/conf/config.go b/vendor/github.com/expr-lang/expr/conf/config.go +index 01a407a..2312984 100644 +--- a/vendor/github.com/expr-lang/expr/conf/config.go ++++ b/vendor/github.com/expr-lang/expr/conf/config.go +@@ -9,34 +9,46 @@ import ( + "github.com/expr-lang/expr/vm/runtime" + ) + ++const ( ++ // DefaultMemoryBudget represents an upper limit of memory usage ++ DefaultMemoryBudget uint = 1e6 ++ ++ // DefaultMaxNodes represents an upper limit of AST nodes ++ DefaultMaxNodes uint = 10000 ++) ++ + type FunctionsTable map[string]*builtin.Function + + type Config struct { +- Env any +- Types TypesTable +- MapEnv bool +- DefaultType reflect.Type +- Expect reflect.Kind +- ExpectAny bool +- Optimize bool +- Strict bool +- Profile bool +- ConstFns map[string]reflect.Value +- Visitors []ast.Visitor +- Functions FunctionsTable +- Builtins FunctionsTable +- Disabled map[string]bool // disabled builtins ++ Env any ++ Types TypesTable ++ MapEnv bool ++ DefaultType reflect.Type ++ Expect reflect.Kind ++ ExpectAny bool ++ Optimize bool ++ Strict bool ++ Profile bool ++ MaxNodes uint ++ MemoryBudget uint ++ ConstFns map[string]reflect.Value ++ Visitors []ast.Visitor ++ Functions FunctionsTable ++ Builtins FunctionsTable ++ Disabled map[string]bool // disabled builtins + } + + // CreateNew creates new config with default values. + func CreateNew() *Config { + c := &Config{ +- Optimize: true, +- Types: make(TypesTable), +- ConstFns: make(map[string]reflect.Value), +- Functions: make(map[string]*builtin.Function), +- Builtins: make(map[string]*builtin.Function), +- Disabled: make(map[string]bool), ++ Optimize: true, ++ Types: make(TypesTable), ++ MaxNodes: DefaultMaxNodes, ++ MemoryBudget: DefaultMemoryBudget, ++ ConstFns: make(map[string]reflect.Value), ++ Functions: make(map[string]*builtin.Function), ++ Builtins: make(map[string]*builtin.Function), ++ Disabled: make(map[string]bool), + } + for _, f := range builtin.Builtins { + c.Builtins[f.Name] = f +diff --git a/vendor/github.com/expr-lang/expr/parser/parser.go b/vendor/github.com/expr-lang/expr/parser/parser.go +index 6d96561..a75557c 100644 +--- a/vendor/github.com/expr-lang/expr/parser/parser.go ++++ b/vendor/github.com/expr-lang/expr/parser/parser.go +@@ -45,12 +45,47 @@ var predicates = map[string]struct { + } + + type parser struct { +- tokens []Token +- current Token +- pos int +- err *file.Error +- depth int // closure call depth +- config *conf.Config ++ tokens []Token ++ current Token ++ pos int ++ err *file.Error ++ depth int // closure call depth ++ config *conf.Config ++ nodeCount uint // tracks number of AST nodes created ++} ++ ++// checkNodeLimit verifies that adding a new node won't exceed configured limits ++func (p *parser) checkNodeLimit() error { ++ p.nodeCount++ ++ if p.config.MaxNodes > 0 && p.nodeCount > p.config.MaxNodes { ++ p.error("compilation failed: expression exceeds maximum allowed nodes") ++ return nil ++ } ++ return nil ++} ++ ++// createNode handles creation of regular nodes ++func (p *parser) createNode(n Node, loc file.Location) Node { ++ if err := p.checkNodeLimit(); err != nil { ++ return nil ++ } ++ if n == nil || p.err != nil { ++ return nil ++ } ++ n.SetLocation(loc) ++ return n ++} ++ ++// createMemberNode handles creation of member nodes ++func (p *parser) createMemberNode(n *MemberNode, loc file.Location) *MemberNode { ++ if err := p.checkNodeLimit(); err != nil { ++ return nil ++ } ++ if n == nil || p.err != nil { ++ return nil ++ } ++ n.SetLocation(loc) ++ return n + } + + type Tree struct { +@@ -127,6 +162,10 @@ func (p *parser) expect(kind Kind, values ...string) { + // parse functions + + func (p *parser) parseExpression(precedence int) Node { ++ if p.err != nil { ++ return nil ++ } ++ + if precedence == 0 && p.current.Is(Operator, "let") { + return p.parseVariableDeclaration() + } +@@ -185,19 +224,23 @@ func (p *parser) parseExpression(precedence int) Node { + nodeRight = p.parseExpression(op.Precedence) + } + +- nodeLeft = &BinaryNode{ ++ nodeLeft = p.createNode(&BinaryNode{ + Operator: opToken.Value, + Left: nodeLeft, + Right: nodeRight, ++ }, opToken.Location) ++ if nodeLeft == nil { ++ return nil + } +- nodeLeft.SetLocation(opToken.Location) + + if negate { +- nodeLeft = &UnaryNode{ ++ nodeLeft = p.createNode(&UnaryNode{ + Operator: "not", + Node: nodeLeft, ++ }, notToken.Location) ++ if nodeLeft == nil { ++ return nil + } +- nodeLeft.SetLocation(notToken.Location) + } + + goto next +@@ -224,13 +267,11 @@ func (p *parser) parseVariableDeclaration() Node { + value := p.parseExpression(0) + p.expect(Operator, ";") + node := p.parseExpression(0) +- let := &VariableDeclaratorNode{ ++ return p.createNode(&VariableDeclaratorNode{ + Name: variableName.Value, + Value: value, + Expr: node, +- } +- let.SetLocation(variableName.Location) +- return let ++ }, variableName.Location) + } + + func (p *parser) parseConditional(node Node) Node { +@@ -248,10 +289,13 @@ func (p *parser) parseConditional(node Node) Node { + expr2 = p.parseExpression(0) + } + +- node = &ConditionalNode{ ++ node = p.createNode(&ConditionalNode{ + Cond: node, + Exp1: expr1, + Exp2: expr2, ++ }, p.current.Location) ++ if node == nil { ++ return nil + } + } + return node +@@ -264,11 +308,13 @@ func (p *parser) parsePrimary() Node { + if op, ok := operator.Unary[token.Value]; ok { + p.next() + expr := p.parseExpression(op.Precedence) +- node := &UnaryNode{ ++ node := p.createNode(&UnaryNode{ + Operator: token.Value, + Node: expr, ++ }, token.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(token.Location) + return p.parsePostfixExpression(node) + } + } +@@ -290,8 +336,10 @@ func (p *parser) parsePrimary() Node { + p.next() + } + } +- node := &PointerNode{Name: name} +- node.SetLocation(token.Location) ++ node := p.createNode(&PointerNode{Name: name}, token.Location) ++ if node == nil { ++ return nil ++ } + return p.parsePostfixExpression(node) + } + } else { +@@ -320,23 +368,31 @@ func (p *parser) parseSecondary() Node { + p.next() + switch token.Value { + case "true": +- node := &BoolNode{Value: true} +- node.SetLocation(token.Location) ++ node = p.createNode(&BoolNode{Value: true}, token.Location) ++ if node == nil { ++ return nil ++ } + return node + case "false": +- node := &BoolNode{Value: false} +- node.SetLocation(token.Location) ++ node = p.createNode(&BoolNode{Value: false}, token.Location) ++ if node == nil { ++ return nil ++ } + return node + case "nil": +- node := &NilNode{} +- node.SetLocation(token.Location) ++ node = p.createNode(&NilNode{}, token.Location) ++ if node == nil { ++ return nil ++ } + return node + default: + if p.current.Is(Bracket, "(") { + node = p.parseCall(token, []Node{}, true) + } else { +- node = &IdentifierNode{Value: token.Value} +- node.SetLocation(token.Location) ++ node = p.createNode(&IdentifierNode{Value: token.Value}, token.Location) ++ if node == nil { ++ return nil ++ } + } + } + +@@ -383,8 +439,10 @@ func (p *parser) parseSecondary() Node { + return node + case String: + p.next() +- node = &StringNode{Value: token.Value} +- node.SetLocation(token.Location) ++ node = p.createNode(&StringNode{Value: token.Value}, token.Location) ++ if node == nil { ++ return nil ++ } + + default: + if token.Is(Bracket, "[") { +@@ -404,7 +462,7 @@ func (p *parser) toIntegerNode(number int64) Node { + p.error("integer literal is too large") + return nil + } +- return &IntegerNode{Value: int(number)} ++ return p.createNode(&IntegerNode{Value: int(number)}, p.current.Location) + } + + func (p *parser) toFloatNode(number float64) Node { +@@ -412,7 +470,7 @@ func (p *parser) toFloatNode(number float64) Node { + p.error("float literal is too large") + return nil + } +- return &FloatNode{Value: number} ++ return p.createNode(&FloatNode{Value: number}, p.current.Location) + } + + func (p *parser) parseCall(token Token, arguments []Node, checkOverrides bool) Node { +@@ -454,25 +512,34 @@ func (p *parser) parseCall(token Token, arguments []Node, checkOverrides bool) N + + p.expect(Bracket, ")") + +- node = &BuiltinNode{ ++ node = p.createNode(&BuiltinNode{ + Name: token.Value, + Arguments: arguments, ++ }, token.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(token.Location) + } else if _, ok := builtin.Index[token.Value]; ok && !p.config.Disabled[token.Value] && !isOverridden { +- node = &BuiltinNode{ ++ node = p.createNode(&BuiltinNode{ + Name: token.Value, + Arguments: p.parseArguments(arguments), ++ }, token.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(token.Location) ++ + } else { +- callee := &IdentifierNode{Value: token.Value} +- callee.SetLocation(token.Location) +- node = &CallNode{ ++ callee := p.createNode(&IdentifierNode{Value: token.Value}, token.Location) ++ if callee == nil { ++ return nil ++ } ++ node = p.createNode(&CallNode{ + Callee: callee, + Arguments: p.parseArguments(arguments), ++ }, token.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(token.Location) + } + return node + } +@@ -534,8 +601,10 @@ func (p *parser) parseArrayExpression(token Token) Node { + end: + p.expect(Bracket, "]") + +- node := &ArrayNode{Nodes: nodes} +- node.SetLocation(token.Location) ++ node := p.createNode(&ArrayNode{Nodes: nodes}, token.Location) ++ if node == nil { ++ return nil ++ } + return node + } + +@@ -561,8 +630,10 @@ func (p *parser) parseMapExpression(token Token) Node { + // * identifier, which is equivalent to a string + // * expression, which must be enclosed in parentheses -- (1 + 2) + if p.current.Is(Number) || p.current.Is(String) || p.current.Is(Identifier) { +- key = &StringNode{Value: p.current.Value} +- key.SetLocation(token.Location) ++ key = p.createNode(&StringNode{Value: p.current.Value}, p.current.Location) ++ if key == nil { ++ return nil ++ } + p.next() + } else if p.current.Is(Bracket, "(") { + key = p.parseExpression(0) +@@ -573,16 +644,20 @@ func (p *parser) parseMapExpression(token Token) Node { + p.expect(Operator, ":") + + node := p.parseExpression(0) +- pair := &PairNode{Key: key, Value: node} +- pair.SetLocation(token.Location) ++ pair := p.createNode(&PairNode{Key: key, Value: node}, token.Location) ++ if pair == nil { ++ return nil ++ } + nodes = append(nodes, pair) + } + + end: + p.expect(Bracket, "}") + +- node := &MapNode{Pairs: nodes} +- node.SetLocation(token.Location) ++ node := p.createNode(&MapNode{Pairs: nodes}, token.Location) ++ if node == nil { ++ return nil ++ } + return node + } + +@@ -607,8 +682,10 @@ func (p *parser) parsePostfixExpression(node Node) Node { + p.error("expected name") + } + +- property := &StringNode{Value: propertyToken.Value} +- property.SetLocation(propertyToken.Location) ++ property := p.createNode(&StringNode{Value: propertyToken.Value}, propertyToken.Location) ++ if property == nil { ++ return nil ++ } + + chainNode, isChain := node.(*ChainNode) + optional := postfixToken.Value == "?." +@@ -617,26 +694,33 @@ func (p *parser) parsePostfixExpression(node Node) Node { + node = chainNode.Node + } + +- memberNode := &MemberNode{ ++ memberNode := p.createMemberNode(&MemberNode{ + Node: node, + Property: property, + Optional: optional, ++ }, propertyToken.Location) ++ if memberNode == nil { ++ return nil + } +- memberNode.SetLocation(propertyToken.Location) + + if p.current.Is(Bracket, "(") { + memberNode.Method = true +- node = &CallNode{ ++ node = p.createNode(&CallNode{ + Callee: memberNode, + Arguments: p.parseArguments([]Node{}), ++ }, propertyToken.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(propertyToken.Location) + } else { + node = memberNode + } + + if isChain || optional { +- node = &ChainNode{Node: node} ++ node = p.createNode(&ChainNode{Node: node}, propertyToken.Location) ++ if node == nil { ++ return nil ++ } + } + + } else if postfixToken.Value == "[" { +@@ -650,11 +734,13 @@ func (p *parser) parsePostfixExpression(node Node) Node { + to = p.parseExpression(0) + } + +- node = &SliceNode{ ++ node = p.createNode(&SliceNode{ + Node: node, + To: to, ++ }, postfixToken.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(postfixToken.Location) + p.expect(Bracket, "]") + + } else { +@@ -668,25 +754,32 @@ func (p *parser) parsePostfixExpression(node Node) Node { + to = p.parseExpression(0) + } + +- node = &SliceNode{ ++ node = p.createNode(&SliceNode{ + Node: node, + From: from, + To: to, ++ }, postfixToken.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(postfixToken.Location) + p.expect(Bracket, "]") + + } else { + // Slice operator [:] was not found, + // it should be just an index node. +- node = &MemberNode{ ++ node = p.createNode(&MemberNode{ + Node: node, + Property: from, + Optional: optional, ++ }, postfixToken.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(postfixToken.Location) + if optional { +- node = &ChainNode{Node: node} ++ node = p.createNode(&ChainNode{Node: node}, postfixToken.Location) ++ if node == nil { ++ return nil ++ } + } + p.expect(Bracket, "]") + } +@@ -698,26 +791,29 @@ func (p *parser) parsePostfixExpression(node Node) Node { + } + return node + } +- + func (p *parser) parseComparison(left Node, token Token, precedence int) Node { + var rootNode Node + for { + comparator := p.parseExpression(precedence + 1) +- cmpNode := &BinaryNode{ ++ cmpNode := p.createNode(&BinaryNode{ + Operator: token.Value, + Left: left, + Right: comparator, ++ }, token.Location) ++ if cmpNode == nil { ++ return nil + } +- cmpNode.SetLocation(token.Location) + if rootNode == nil { + rootNode = cmpNode + } else { +- rootNode = &BinaryNode{ ++ rootNode = p.createNode(&BinaryNode{ + Operator: "&&", + Left: rootNode, + Right: cmpNode, ++ }, token.Location) ++ if rootNode == nil { ++ return nil + } +- rootNode.SetLocation(token.Location) + } + + left = comparator +diff --git a/vendor/github.com/expr-lang/expr/vm/utils.go b/vendor/github.com/expr-lang/expr/vm/utils.go +index fc2f5e7..1100513 100644 +--- a/vendor/github.com/expr-lang/expr/vm/utils.go ++++ b/vendor/github.com/expr-lang/expr/vm/utils.go +@@ -11,9 +11,6 @@ type ( + ) + + var ( +- // MemoryBudget represents an upper limit of memory usage. +- MemoryBudget uint = 1e6 +- + errorType = reflect.TypeOf((*error)(nil)).Elem() + ) + +diff --git a/vendor/github.com/expr-lang/expr/vm/vm.go b/vendor/github.com/expr-lang/expr/vm/vm.go +index 7e933ce..b497990 100644 +--- a/vendor/github.com/expr-lang/expr/vm/vm.go ++++ b/vendor/github.com/expr-lang/expr/vm/vm.go +@@ -11,6 +11,7 @@ import ( + "time" + + "github.com/expr-lang/expr/builtin" ++ "github.com/expr-lang/expr/conf" + "github.com/expr-lang/expr/file" + "github.com/expr-lang/expr/internal/deref" + "github.com/expr-lang/expr/vm/runtime" +@@ -20,11 +21,23 @@ func Run(program *Program, env any) (any, error) { + if program == nil { + return nil, fmt.Errorf("program is nil") + } +- + vm := VM{} + return vm.Run(program, env) + } + ++func RunWithConfig(program *Program, env any, config *conf.Config) (any, error) { ++ if program == nil { ++ return nil, fmt.Errorf("program is nil") ++ } ++ if config == nil { ++ return nil, fmt.Errorf("config is nil") ++ } ++ vm := VM{ ++ MemoryBudget: config.MemoryBudget, ++ } ++ return vm.Run(program, env) ++} ++ + func Debug() *VM { + vm := &VM{ + debug: true, +@@ -38,9 +51,9 @@ type VM struct { + Stack []any + Scopes []*Scope + Variables []any ++ MemoryBudget uint + ip int + memory uint +- memoryBudget uint + debug bool + step chan struct{} + curr chan int +@@ -76,7 +89,9 @@ func (vm *VM) Run(program *Program, env any) (_ any, err error) { + vm.Variables = make([]any, program.variables) + } + +- vm.memoryBudget = MemoryBudget ++ if vm.MemoryBudget == 0 { ++ vm.MemoryBudget = conf.DefaultMemoryBudget ++ } + vm.memory = 0 + vm.ip = 0 + +@@ -580,7 +595,7 @@ func (vm *VM) pop() any { + + func (vm *VM) memGrow(size uint) { + vm.memory += size +- if vm.memory >= vm.memoryBudget { ++ if vm.memory >= vm.MemoryBudget { + panic("memory budget exceeded") + } + } +-- +2.48.1.431.g5a526e5e18 + diff --git a/SPECS/ig/ig.spec b/SPECS/ig/ig.spec index ddec959b55..aaea113be9 100644 --- a/SPECS/ig/ig.spec +++ b/SPECS/ig/ig.spec @@ -1,7 +1,7 @@ Summary: The eBPF tool and systems inspection framework for Kubernetes, containers and Linux hosts. Name: ig Version: 0.37.0 -Release: 2%{?dist} +Release: 3%{?dist} License: Apache 2.0 and GPL 2.0 for eBPF code Vendor: Microsoft Corporation Distribution: Azure Linux @@ -9,6 +9,8 @@ Group: Tools/Container URL: https://github.com/inspektor-gadget/inspektor-gadget Source0: https://github.com/inspektor-gadget/inspektor-gadget/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz Source1: %{name}-%{version}-govendor-v1.tar.gz +Patch0: CVE-2025-27144.patch +Patch1: CVE-2025-29786.patch BuildRequires: golang >= 1.23 @@ -65,6 +67,11 @@ fi %{_bindir}/ig %changelog +* Fri Apr 28 2025 Ranjan Dutta - 0.37.0-3 +- merge from Azure Linux tag 3.0.20250423-3.0 +- Fix CVE-2025-29786 with an upstream patch +- Add patch for CVE-2025-27144 + * Fri Mar 21 2025 Anuj Mittal - 0.37.0-2 - Bump Release to rebuild diff --git a/SPECS/influx-cli/influx-cli.spec b/SPECS/influx-cli/influx-cli.spec index 10bb6ef247..ed61601f91 100644 --- a/SPECS/influx-cli/influx-cli.spec +++ b/SPECS/influx-cli/influx-cli.spec @@ -18,7 +18,7 @@ Summary: CLI for managing resources in InfluxDB Name: influx-cli Version: 2.7.5 -Release: 2%{?dist} +Release: 3%{?dist} License: MIT Vendor: Microsoft Corporation Distribution: Azure Linux @@ -46,6 +46,17 @@ BuildRequires: systemd-rpm-macros %description CLI for managing resources in InfluxDB v2. +%package bash-completion +Summary: Bash Completion for %{name} +Group: Productivity/Databases/Servers +Requires: bash-completion +Supplements: (%{name} and bash-completion) +BuildArch: noarch + +%description bash-completion +The official bash completion script for influx. It includes support +for every argument that can currently be passed to influx. + %package zsh-completion Summary: ZSH Completion for %{name} Group: Productivity/Databases/Servers @@ -69,6 +80,9 @@ go build -mod vendor -ldflags="-X main.version=%{version}" -o bin/influx ./cmd/i mkdir -p %{buildroot}%{_bindir} install -D -m 0755 bin/influx %{buildroot}%{_bindir}/ +mkdir -p %{buildroot}/%{_datadir}/bash-completion/completions +bin/influx completion bash > %{buildroot}/%{_datadir}/bash-completion/completions/influx + mkdir -p %{buildroot}/%{_datadir}/zsh/site-functions bin/influx completion zsh > %{buildroot}/%{_datadir}/zsh/site-functions/_influx @@ -77,10 +91,17 @@ bin/influx completion zsh > %{buildroot}/%{_datadir}/zsh/site-functions/_influx %doc README.md CHANGELOG.md %{_bindir}/influx +%files bash-completion +%{_datadir}/bash-completion + %files zsh-completion %{_datadir}/zsh %changelog +* Fri Apr 28 2025 Ranjan Dutta - 2.7.5-3 +- merge from Azure Linux tag 3.0.20250423-3.0 +- Add back bash-completion subpackage for influx-cli + * Fri Mar 21 2025 Anuj Mittal - 2.7.5-2 - Bump Release to rebuild @@ -108,7 +129,7 @@ bin/influx completion zsh > %{buildroot}/%{_datadir}/zsh/site-functions/_influx * Thu Jun 15 2023 CBL-Mariner Servicing Account - 2.6.1-9 - Bump release to rebuild with go 1.19.10 -* Thu May 25 2023 Mykhailo Bykhovtsev - 2.6.1-8 +* Thu May 25 2023 Mykhailo Bykhovtsev - 2.6.1-8 - Removed bash-completion subpackage since the script produced is included in original bash-completion. * Wed Apr 05 2023 CBL-Mariner Servicing Account - 2.6.1-7 diff --git a/SPECS/iser/iser.signatures.json b/SPECS/iser/iser.signatures.json new file mode 100644 index 0000000000..7091fd70f6 --- /dev/null +++ b/SPECS/iser/iser.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "iser-24.10.tgz": "d9c1344146697664a32d47e933b1ab26d4ba1899ea5936c2b6216316a1d974a5" + } +} \ No newline at end of file diff --git a/SPECS/iser/iser.spec b/SPECS/iser/iser.spec new file mode 100644 index 0000000000..8189e85cf5 --- /dev/null +++ b/SPECS/iser/iser.spec @@ -0,0 +1,290 @@ +# +# Copyright (c) 2014 Mellanox Technologies. All rights reserved. +# +# This Software is licensed under one of the following licenses: +# +# 1) under the terms of the "Common Public License 1.0" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/cpl.php. +# +# 2) under the terms of the "The BSD License" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/bsd-license.php. +# +# 3) under the terms of the "GNU General Public License (GPL) Version 2" a +# copy of which is available from the Open Source Initiative, see +# http://www.opensource.org/licenses/gpl-license.php. +# +# Licensee has the right to choose one of the above licenses. +# +# Redistributions of source code must retain the above copyright +# notice and one of the license notices. +# +# Redistributions in binary form must reproduce both the above copyright +# notice, one of the license notices in the documentation +# and/or other materials provided with the distribution. +# +# + +%global last-known-kernel 6.6.82.1-1 + +%if 0%{emt} +%global target_kernel_version_full %(/bin/rpm -q --queryformat '%{VERSION}-%{RELEASE}' kernel-headers) +%else +%global target_kernel_version_full f.a.k.e +%endif + +%global KVERSION %{target_kernel_version_full} +%global K_SRC /lib/modules/%{target_kernel_version_full}/build + +%{!?_name: %define _name iser} +%{!?_version: %define _version 24.10} +%{!?_release: %define _release OFED.24.10.0.6.7.1} + +# KMP is disabled by default +%{!?KMP: %global KMP 0} + +# take kernel version or default to uname -r +# %{!?KVERSION: %global KVERSION %(uname -r)} +%{!?KVERSION: %global KVERSION %{target_kernel_version_full}} +%global kernel_version %{KVERSION} +%global krelver %(echo -n %{KVERSION} | sed -e 's/-/_/g') +# take path to kernel sources if provided, otherwise look in default location (for non KMP rpms). +# %{!?K_SRC: %global K_SRC /lib/modules/%{KVERSION}/build} + +# define release version +%{!?src_release: %global src_release %{_release}_%{krelver}} +%if "%{KMP}" != "1" +%global _release1 %{src_release} +%else +%global _release1 %{_release} +%endif +%global _kmp_rel %{_release1}%{?_kmp_build_num}%{?_dist} + +Summary: %{_name} Driver +Name: iser +Version: 24.10 +Release: 13%{?dist} +License: GPLv2 +Url: http://www.mellanox.com +Group: System Environment/Base +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/24.10-0.7.0.0/SRPMS/iser-24.10.tgz#/iser-%{_version}.tgz +BuildRoot: /var/tmp/%{name}-%{version}-build +Vendor: Microsoft Corporation +Distribution: Azure Linux +ExclusiveArch: x86_64 + +BuildRequires: gcc +BuildRequires: make +BuildRequires: kernel-devel = %{target_kernel_version_full} +BuildRequires: kernel-headers = %{target_kernel_version_full} +BuildRequires: binutils +BuildRequires: systemd +BuildRequires: kmod +BuildRequires: mlnx-ofa_kernel-devel = %{_version} +BuildRequires: mlnx-ofa_kernel-source = %{_version} + +Requires: mlnx-ofa_kernel = %{_version} +Requires: mlnx-ofa_kernel-modules = %{_version} +Requires: kernel = %{target_kernel_version_full} +Requires: kmod + +%description +%{name} kernel modules + +# build KMP rpms? +%if "%{KMP}" == "1" +%global kernel_release() $(make -s -C %{1} kernelrelease M=$PWD) +BuildRequires: %kernel_module_package_buildreqs +%(mkdir -p %{buildroot}) +%(echo '%defattr (-,root,root)' > %{buildroot}/file_list) +%(echo '/lib/modules/%2-%1' >> %{buildroot}/file_list) +%(echo '%config(noreplace) %{_sysconfdir}/depmod.d/zz02-%{name}-*-%1.conf' >> %{buildroot}/file_list) +%{kernel_module_package -f %{buildroot}/file_list -x xen -r %{_kmp_rel} } +%else +%global kernel_source() %{K_SRC} +%global kernel_release() %{KVERSION} +%global flavors_to_build default +%endif + +# +# setup module sign scripts if paths to the keys are given +# +%global WITH_MOD_SIGN %(if ( test -f "$MODULE_SIGN_PRIV_KEY" && test -f "$MODULE_SIGN_PUB_KEY" ); \ + then \ + echo -n '1'; \ + else \ + echo -n '0'; fi) + +%if "%{WITH_MOD_SIGN}" == "1" +# call module sign script +%global __modsign_install_post \ + %{_builddir}/%{name}-%{version}/source/tools/sign-modules %{buildroot}/lib/modules/ %{kernel_source default} || exit 1 \ +%{nil} + +%global __debug_package 1 +%global buildsubdir %{name}-%{version} +# Disgusting hack alert! We need to ensure we sign modules *after* all +# invocations of strip occur, which is in __debug_install_post if +# find-debuginfo.sh runs, and __os_install_post if not. +# +%global __spec_install_post \ + %{?__debug_package:%{__debug_install_post}} \ + %{__arch_install_post} \ + %{__os_install_post} \ + %{__modsign_install_post} \ +%{nil} + +%endif # end of setup module sign scripts +# + +%if "%{_vendor}" == "suse" +%debug_package +%endif + +%if 0%{?anolis} == 8 +%global __find_requires %{nil} +%endif + +# set modules dir +%if "%{_vendor}" == "redhat" || ("%{_vendor}" == "openEuler") +%if 0%{?fedora} +%global install_mod_dir updates/%{name} +%else +%global install_mod_dir extra/%{name} +%endif +%endif + +%if "%{_vendor}" == "suse" +%global install_mod_dir updates/%{name} +%endif + +%{!?install_mod_dir: %global install_mod_dir updates/%{name}} + +%prep +%setup +set -- * +mkdir source +mv "$@" source/ +mkdir obj + +%build +export EXTRA_CFLAGS='-DVERSION=\"%version\"' +export INSTALL_MOD_DIR=%{install_mod_dir} +export CONF_OPTIONS="%{configure_options}" +for flavor in %{flavors_to_build}; do + export K_BUILD=%{kernel_source $flavor} + export KVER=%{kernel_release $K_BUILD} + export LIB_MOD_DIR=/lib/modules/$KVER/$INSTALL_MOD_DIR + rm -rf obj/$flavor + cp -r source obj/$flavor + cd $PWD/obj/$flavor + make + cd - +done + +%install +export INSTALL_MOD_PATH=%{buildroot} +export INSTALL_MOD_DIR=%{install_mod_dir} +export PREFIX=%{_prefix} +for flavor in %flavors_to_build; do + export K_BUILD=%{kernel_source $flavor} + export KVER=%{kernel_release $K_BUILD} + cd $PWD/obj/$flavor + make install KERNELRELEASE=$KVER + # Cleanup unnecessary kernel-generated module dependency files. + find $INSTALL_MOD_PATH/lib/modules -iname 'modules.*' -exec rm {} \; + cd - +done + +# Set the module(s) to be executable, so that they will be stripped when packaged. +find %{buildroot} \( -type f -name '*.ko' -o -name '*ko.gz' \) -exec %{__chmod} u+x \{\} \; + +%{__install} -d %{buildroot}%{_sysconfdir}/depmod.d/ +for module in `find %{buildroot}/ -name '*.ko' -o -name '*.ko.gz' | sort` +do +ko_name=${module##*/} +mod_name=${ko_name/.ko*/} +mod_path=${module/*\/%{name}} +mod_path=${mod_path/\/${ko_name}} +%if "%{_vendor}" == "suse" + for flavor in %{flavors_to_build}; do + if [[ $module =~ $flavor ]] || [ "X%{KMP}" != "X1" ];then + echo "override ${mod_name} * updates/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}-$flavor.conf + fi + done +%else + %if 0%{?fedora} + echo "override ${mod_name} * updates/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}.conf + %else + %if "%{_vendor}" == "redhat" || ("%{_vendor}" == "openEuler") + echo "override ${mod_name} * weak-updates/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}.conf + %endif + echo "override ${mod_name} * extra/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}.conf + %endif +%endif +done + + +%clean +rm -rf %{buildroot} + +%post +if [ $1 -ge 1 ]; then # 1 : This package is being installed or reinstalled + /sbin/depmod %{KVERSION} +fi # 1 : closed +# END of post + +%postun +/sbin/depmod %{KVERSION} + +%if "%{KMP}" != "1" +%files +%defattr(-,root,root,-) +%license source/debian/copyright +/lib/modules/%{KVERSION}/%{install_mod_dir}/ +%config(noreplace) %{_sysconfdir}/depmod.d/zz02-%{name}-*.conf +%endif + +%changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 24.10-13 +- Bump release to rebuild for new kernel release + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 24.10-12 +- Bump release to rebuild for new kernel release + +* Mon Mar 10 2025 Chris Co - 24.10-11 +- Bump release to rebuild for new kernel release + +* Wed Mar 05 2025 Rachel Menge - 24.10-10 +- Bump release to rebuild for new kernel release + +* Tue Mar 04 2025 Rachel Menge - 24.10-9 +- Bump release to rebuild for new kernel release + +* Wed Feb 19 2025 Chris Co - 24.10-8 +- Bump release to rebuild for new kernel release + +* Tue Feb 11 2025 Rachel Menge - 24.10-7 +- Bump release to rebuild for new kernel release + +* Wed Feb 05 2025 Tobias Brick - 24.10-6 +- Bump release to rebuild for new kernel release + +* Tue Feb 04 2025 Alberto David Perez Guevara - 24.10-5 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-4 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-3 +- Bump release to match kernel + +* Thu Jan 30 2025 Rachel Menge - 24.10-2 +- Bump release to match kernel + +* Tue Dec 17 2024 Binu Jose Philip - 24.10-1 +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified +* Thu Feb 20 2014 Alaa Hleihel +- Initial packaging diff --git a/SPECS/isert/isert.signatures.json b/SPECS/isert/isert.signatures.json new file mode 100644 index 0000000000..616d6a2865 --- /dev/null +++ b/SPECS/isert/isert.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "isert-24.10.tgz": "ee91338b063800563b7a1cc1adfb29ff8913b17b0bc941a24995211f3268d33a" + } +} \ No newline at end of file diff --git a/SPECS/isert/isert.spec b/SPECS/isert/isert.spec new file mode 100644 index 0000000000..2ad80f374c --- /dev/null +++ b/SPECS/isert/isert.spec @@ -0,0 +1,290 @@ +# +# Copyright (c) 2014 Mellanox Technologies. All rights reserved. +# +# This Software is licensed under one of the following licenses: +# +# 1) under the terms of the "Common Public License 1.0" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/cpl.php. +# +# 2) under the terms of the "The BSD License" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/bsd-license.php. +# +# 3) under the terms of the "GNU General Public License (GPL) Version 2" a +# copy of which is available from the Open Source Initiative, see +# http://www.opensource.org/licenses/gpl-license.php. +# +# Licensee has the right to choose one of the above licenses. +# +# Redistributions of source code must retain the above copyright +# notice and one of the license notices. +# +# Redistributions in binary form must reproduce both the above copyright +# notice, one of the license notices in the documentation +# and/or other materials provided with the distribution. +# +# + +%global last-known-kernel 6.6.82.1-1 + +%if 0%{emt} +%global target_kernel_version_full %(/bin/rpm -q --queryformat '%{VERSION}-%{RELEASE}' kernel-headers) +%else +%global target_kernel_version_full f.a.k.e +%endif + +%global KVERSION %{target_kernel_version_full} +%global K_SRC /lib/modules/%{target_kernel_version_full}/build + +%{!?_name: %define _name isert} +%{!?_version: %define _version 24.10} +%{!?_release: %define _release OFED.24.10.0.6.7.1} + +# KMP is disabled by default +%{!?KMP: %global KMP 0} + +# take kernel version or default to uname -r +# %{!?KVERSION: %global KVERSION %(uname -r)} +%{!?KVERSION: %global KVERSION %{target_kernel_version_full}} +%global kernel_version %{KVERSION} +%global krelver %(echo -n %{KVERSION} | sed -e 's/-/_/g') +# take path to kernel sources if provided, otherwise look in default location (for non KMP rpms). +# %{!?K_SRC: %global K_SRC /lib/modules/%{KVERSION}/build} + +# define release version +%{!?src_release: %global src_release %{_release}_%{krelver}} +%if "%{KMP}" != "1" +%global _release1 %{src_release} +%else +%global _release1 %{_release} +%endif +%global _kmp_rel %{_release1}%{?_kmp_build_num}%{?_dist} + +Summary: %{_name} Driver +Name: isert +Version: 24.10 +Release: 13%{?dist} +License: GPLv2 +Url: http://www.mellanox.com +Group: System Environment/Base +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/24.10-0.7.0.0/SRPMS/isert-24.10.tgz#/isert-%{_version}.tgz +BuildRoot: /var/tmp/%{name}-%{version}-build +Vendor: Microsoft Corporation +Distribution: Azure Linux +ExclusiveArch: x86_64 + +BuildRequires: gcc +BuildRequires: make +BuildRequires: kernel-devel = %{target_kernel_version_full} +BuildRequires: kernel-headers = %{target_kernel_version_full} +BuildRequires: binutils +BuildRequires: systemd +BuildRequires: kmod +BuildRequires: mlnx-ofa_kernel-devel = %{_version} +BuildRequires: mlnx-ofa_kernel-source = %{_version} + +Requires: mlnx-ofa_kernel = %{_version} +Requires: mlnx-ofa_kernel-modules = %{_version} +Requires: kernel = %{target_kernel_version_full} +Requires: kmod + +%description +%{name} kernel modules + +# build KMP rpms? +%if "%{KMP}" == "1" +%global kernel_release() $(make -s -C %{1} kernelrelease M=$PWD) +BuildRequires: %kernel_module_package_buildreqs +%(mkdir -p %{buildroot}) +%(echo '%defattr (-,root,root)' > %{buildroot}/file_list) +%(echo '/lib/modules/%2-%1' >> %{buildroot}/file_list) +%(echo '%config(noreplace) %{_sysconfdir}/depmod.d/zz02-%{name}-*-%1.conf' >> %{buildroot}/file_list) +%{kernel_module_package -f %{buildroot}/file_list -x xen -r %{_kmp_rel} } +%else +%global kernel_source() %{K_SRC} +%global kernel_release() %{KVERSION} +%global flavors_to_build default +%endif + +# +# setup module sign scripts if paths to the keys are given +# +%global WITH_MOD_SIGN %(if ( test -f "$MODULE_SIGN_PRIV_KEY" && test -f "$MODULE_SIGN_PUB_KEY" ); \ + then \ + echo -n '1'; \ + else \ + echo -n '0'; fi) + +%if "%{WITH_MOD_SIGN}" == "1" +# call module sign script +%global __modsign_install_post \ + %{_builddir}/%{name}-%{version}/source/tools/sign-modules %{buildroot}/lib/modules/ %{kernel_source default} || exit 1 \ +%{nil} + +%global __debug_package 1 +%global buildsubdir %{name}-%{version} +# Disgusting hack alert! We need to ensure we sign modules *after* all +# invocations of strip occur, which is in __debug_install_post if +# find-debuginfo.sh runs, and __os_install_post if not. +# +%global __spec_install_post \ + %{?__debug_package:%{__debug_install_post}} \ + %{__arch_install_post} \ + %{__os_install_post} \ + %{__modsign_install_post} \ +%{nil} + +%endif # end of setup module sign scripts +# + +%if "%{_vendor}" == "suse" +%debug_package +%endif + +%if 0%{?anolis} == 8 +%global __find_requires %{nil} +%endif + +# set modules dir +%if "%{_vendor}" == "redhat" || ("%{_vendor}" == "openEuler") +%if 0%{?fedora} +%global install_mod_dir updates/%{name} +%else +%global install_mod_dir extra/%{name} +%endif +%endif + +%if "%{_vendor}" == "suse" +%global install_mod_dir updates/%{name} +%endif + +%{!?install_mod_dir: %global install_mod_dir updates/%{name}} + +%prep +%setup +set -- * +mkdir source +mv "$@" source/ +mkdir obj + +%build +export EXTRA_CFLAGS='-DVERSION=\"%version\"' +export INSTALL_MOD_DIR=%{install_mod_dir} +export CONF_OPTIONS="%{configure_options}" +for flavor in %{flavors_to_build}; do + export K_BUILD=%{kernel_source $flavor} + export KVER=%{kernel_release $K_BUILD} + export LIB_MOD_DIR=/lib/modules/$KVER/$INSTALL_MOD_DIR + rm -rf obj/$flavor + cp -r source obj/$flavor + cd $PWD/obj/$flavor + make + cd - +done + +%install +export INSTALL_MOD_PATH=%{buildroot} +export INSTALL_MOD_DIR=%{install_mod_dir} +export PREFIX=%{_prefix} +for flavor in %flavors_to_build; do + export K_BUILD=%{kernel_source $flavor} + export KVER=%{kernel_release $K_BUILD} + cd $PWD/obj/$flavor + make install KERNELRELEASE=$KVER + # Cleanup unnecessary kernel-generated module dependency files. + find $INSTALL_MOD_PATH/lib/modules -iname 'modules.*' -exec rm {} \; + cd - +done + +# Set the module(s) to be executable, so that they will be stripped when packaged. +find %{buildroot} \( -type f -name '*.ko' -o -name '*ko.gz' \) -exec %{__chmod} u+x \{\} \; + +%{__install} -d %{buildroot}%{_sysconfdir}/depmod.d/ +for module in `find %{buildroot}/ -name '*.ko' -o -name '*.ko.gz' | sort` +do +ko_name=${module##*/} +mod_name=${ko_name/.ko*/} +mod_path=${module/*\/%{name}} +mod_path=${mod_path/\/${ko_name}} +%if "%{_vendor}" == "suse" + for flavor in %{flavors_to_build}; do + if [[ $module =~ $flavor ]] || [ "X%{KMP}" != "X1" ];then + echo "override ${mod_name} * updates/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}-$flavor.conf + fi + done +%else + %if 0%{?fedora} + echo "override ${mod_name} * updates/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}.conf + %else + %if "%{_vendor}" == "redhat" || ("%{_vendor}" == "openEuler") + echo "override ${mod_name} * weak-updates/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}.conf + %endif + echo "override ${mod_name} * extra/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}.conf + %endif +%endif +done + + +%clean +rm -rf %{buildroot} + +%post +if [ $1 -ge 1 ]; then # 1 : This package is being installed or reinstalled + /sbin/depmod %{KVERSION} +fi # 1 : closed +# END of post + +%postun +/sbin/depmod %{KVERSION} + +%if "%{KMP}" != "1" +%files +%defattr(-,root,root,-) +%license source/debian/copyright +/lib/modules/%{KVERSION}/%{install_mod_dir}/ +%config(noreplace) %{_sysconfdir}/depmod.d/zz02-%{name}-*.conf +%endif + +%changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 24.10-13 +- Bump release to rebuild for new kernel release + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 24.10-12 +- Bump release to rebuild for new kernel release + +* Mon Mar 10 2025 Chris Co - 24.10-11 +- Bump release to rebuild for new kernel release + +* Wed Mar 05 2025 Rachel Menge - 24.10-10 +- Bump release to rebuild for new kernel release + +* Tue Mar 04 2025 Rachel Menge - 24.10-9 +- Bump release to rebuild for new kernel release + +* Wed Feb 19 2025 Chris Co - 24.10-8 +- Bump release to rebuild for new kernel release + +* Tue Feb 11 2025 Rachel Menge - 24.10-7 +- Bump release to rebuild for new kernel release + +* Wed Feb 05 2025 Tobias Brick - 24.10-6 +- Bump release to rebuild for new kernel release + +* Tue Feb 04 2025 Alberto David Perez Guevara - 24.10-5 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-4 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-3 +- Bump release to match kernel + +* Thu Jan 30 2025 Rachel Menge - 24.10-2 +- Bump release to match kernel + +* Tue Dec 17 2024 Binu Jose Philip - 24.10-1 +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified +* Thu Feb 20 2014 Alaa Hleihel +- Initial packaging diff --git a/SPECS/jq/CVE-2024-53427.patch b/SPECS/jq/CVE-2024-53427.patch new file mode 100644 index 0000000000..18bf464d53 --- /dev/null +++ b/SPECS/jq/CVE-2024-53427.patch @@ -0,0 +1,75 @@ +From 1e18e567de7b23797679817ba02a1f67995fe386 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Wed, 5 Mar 2025 08:19:33 +0000 +Subject: [PATCH] CVE-2024-53427 +Upstream Reference: https://github.com/jqlang/jq/commit/a09a4dfd55e6c24d04b35062ccfe4509748b1dd3 +--- + src/jv.c | 9 +++++++++ + tests/jq.test | 13 ++++++++++--- + tests/shtest | 5 ----- + 3 files changed, 19 insertions(+), 8 deletions(-) + +diff --git a/src/jv.c b/src/jv.c +index e23d8ec..34573b8 100644 +--- a/src/jv.c ++++ b/src/jv.c +@@ -589,6 +589,15 @@ static jv jvp_literal_number_new(const char * literal) { + jv_mem_free(n); + return JV_INVALID; + } ++ if (decNumberIsNaN(&n->num_decimal)) { ++ // Reject NaN with payload. ++ if (n->num_decimal.digits > 1 || *n->num_decimal.lsu != 0) { ++ jv_mem_free(n); ++ return JV_INVALID; ++ } ++ jv_mem_free(n); ++ return jv_number(NAN); ++ } + + jv r = {JVP_FLAGS_NUMBER_LITERAL, 0, 0, JV_NUMBER_SIZE_INIT, {&n->refcnt}}; + return r; +diff --git a/tests/jq.test b/tests/jq.test +index 7036df2..7011cf9 100644 +--- a/tests/jq.test ++++ b/tests/jq.test +@@ -1938,10 +1938,17 @@ tojson | fromjson + {"a":nan} + {"a":null} + +-# also "nan with payload" #2985 +-fromjson | isnan +-"nan1234" ++# NaN with payload is not parsed ++.[] | try (fromjson | isnan) catch . ++["NaN","-NaN","NaN1","NaN10","NaN100","NaN1000","NaN10000","NaN100000"] ++true + true ++"Invalid numeric literal at EOF at line 1, column 4 (while parsing 'NaN1')" ++"Invalid numeric literal at EOF at line 1, column 5 (while parsing 'NaN10')" ++"Invalid numeric literal at EOF at line 1, column 6 (while parsing 'NaN100')" ++"Invalid numeric literal at EOF at line 1, column 7 (while parsing 'NaN1000')" ++"Invalid numeric literal at EOF at line 1, column 8 (while parsing 'NaN10000')" ++"Invalid numeric literal at EOF at line 1, column 9 (while parsing 'NaN100000')" + + + # calling input/0, or debug/0 in a test doesn't crash jq +diff --git a/tests/shtest b/tests/shtest +index 14aafbf..a471889 100755 +--- a/tests/shtest ++++ b/tests/shtest +@@ -594,11 +594,6 @@ if ! x=$($JQ -n "1 # foo$cr + 2") || [ "$x" != 1 ]; then + exit 1 + fi + +-# CVE-2023-50268: No stack overflow comparing a nan with a large payload +-$VALGRIND $Q $JQ '1 != .' <<\EOF >/dev/null +-Nan4000 +-EOF +- + # Allow passing the inline jq script before -- #2919 + if ! r=$($JQ --args -rn -- '$ARGS.positional[0]' bar) || [ "$r" != bar ]; then + echo "passing the inline script after -- didn't work" +-- +2.45.2 + diff --git a/SPECS/jq/jq.spec b/SPECS/jq/jq.spec index 346617611a..fecbe587ea 100644 --- a/SPECS/jq/jq.spec +++ b/SPECS/jq/jq.spec @@ -1,12 +1,13 @@ Summary: jq is a lightweight and flexible command-line JSON processor. Name: jq Version: 1.7.1 -Release: 1%{?dist} +Release: 2%{?dist} Group: Applications/System Vendor: Microsoft Corporation License: MIT URL: https://jqlang.github.io/jq/ Source0: https://github.com/jqlang/jq/releases/download/%{name}-%{version}/%{name}-%{version}.tar.gz +Patch0: CVE-2024-53427.patch Distribution: Azure Linux BuildRequires: bison BuildRequires: chrpath @@ -29,7 +30,7 @@ Requires: %{name} = %{version}-%{release} Development files for jq %prep -%autosetup +%autosetup -p1 %build %configure \ @@ -59,6 +60,9 @@ make check %{_includedir}/* %changelog +* Wed Mar 05 2025 Kanishk Bansal - 1.7.1-2 +- Patch CVE-2024-53427 + * Fri Feb 02 2024 Thien Trung Vuong - 1.7.1-1 - Upgrade to version 1.7.1 diff --git a/SPECS/kata-containers-cc/kata-containers-cc.signatures.json b/SPECS/kata-containers-cc/kata-containers-cc.signatures.json index 1716ef53ed..1db12fc050 100644 --- a/SPECS/kata-containers-cc/kata-containers-cc.signatures.json +++ b/SPECS/kata-containers-cc/kata-containers-cc.signatures.json @@ -1,6 +1,6 @@ { "Signatures": { - "kata-containers-3.2.0.azl4-cargo.tar.gz": "2a242deedddbd01b50b56d9f6d02ffd3f40cb2e91221fda4f4b4791d98404f96", - "kata-containers-3.2.0.azl4.tar.gz": "397749898ae5963b9d88092e1bd3aacfb2d9bdeb35373be079879fc92f7ffd71" + "kata-containers-3.2.0.azl5-cargo.tar.gz": "ff7e783ecf7e5abe0f0ca66eebd24558e73755fe79ba87b0c0b30df81eb3c210", + "kata-containers-3.2.0.azl5.tar.gz": "f08b09507b8218e271e39c18ba6c6f4cdacc6b135dd8624f231d4d1823472993" } -} \ No newline at end of file +} diff --git a/SPECS/kata-containers-cc/kata-containers-cc.spec b/SPECS/kata-containers-cc/kata-containers-cc.spec index d5cd1434d1..5b8e874138 100644 --- a/SPECS/kata-containers-cc/kata-containers-cc.spec +++ b/SPECS/kata-containers-cc/kata-containers-cc.spec @@ -2,8 +2,8 @@ %define sourceName kata-containers Name: kata-containers-cc -Version: 3.2.0.azl4 -Release: 2%{?dist} +Version: 3.2.0.azl5 +Release: 1%{?dist} Summary: Kata Confidential Containers package developed for Confidential Containers on AKS License: ASL 2.0 URL: https://github.com/microsoft/kata-containers @@ -150,6 +150,10 @@ fi %{tools_pkg}/tools/osbuilder/node-builder/azure-linux/agent-install/usr/lib/systemd/system/kata-agent.service %changelog +* Fri Apr 28 2025 Ranjan Dutta - 3.2.0.azl5-1 +- merge from Azure Linux tag 3.0.20250423-3.0 +- Auto-upgrade to 3.2.0.azl5 + * Fri Mar 21 2025 Anuj Mittal - 3.2.0.azl4-2 - Bump Release to rebuild diff --git a/SPECS/kata-containers/kata-containers.signatures.json b/SPECS/kata-containers/kata-containers.signatures.json index 1716ef53ed..1db12fc050 100644 --- a/SPECS/kata-containers/kata-containers.signatures.json +++ b/SPECS/kata-containers/kata-containers.signatures.json @@ -1,6 +1,6 @@ { "Signatures": { - "kata-containers-3.2.0.azl4-cargo.tar.gz": "2a242deedddbd01b50b56d9f6d02ffd3f40cb2e91221fda4f4b4791d98404f96", - "kata-containers-3.2.0.azl4.tar.gz": "397749898ae5963b9d88092e1bd3aacfb2d9bdeb35373be079879fc92f7ffd71" + "kata-containers-3.2.0.azl5-cargo.tar.gz": "ff7e783ecf7e5abe0f0ca66eebd24558e73755fe79ba87b0c0b30df81eb3c210", + "kata-containers-3.2.0.azl5.tar.gz": "f08b09507b8218e271e39c18ba6c6f4cdacc6b135dd8624f231d4d1823472993" } -} \ No newline at end of file +} diff --git a/SPECS/kata-containers/kata-containers.spec b/SPECS/kata-containers/kata-containers.spec index d7dcf87d1d..bc31fb3af2 100644 --- a/SPECS/kata-containers/kata-containers.spec +++ b/SPECS/kata-containers/kata-containers.spec @@ -1,8 +1,8 @@ %global debug_package %{nil} Name: kata-containers -Version: 3.2.0.azl4 -Release: 2%{?dist} +Version: 3.2.0.azl5 +Release: 1%{?dist} Summary: Kata Containers package developed for Pod Sandboxing on AKS License: ASL 2.0 URL: https://github.com/microsoft/kata-containers @@ -112,6 +112,10 @@ popd %{tools_pkg}/tools/osbuilder/node-builder/azure-linux/agent-install/usr/lib/systemd/system/kata-agent.service %changelog +* Fri Apr 28 2025 Ranjan Dutta - 3.2.0.azl5-1 +- merge from Azure Linux tag 3.0.20250423-3.0 +- Auto-upgrade to 3.2.0.azl5 + * Fri Mar 21 2025 Anuj Mittal - 3.2.0.azl4-2 - Bump Release to rebuild diff --git a/SPECS/keda/CVE-2025-29786.patch b/SPECS/keda/CVE-2025-29786.patch new file mode 100644 index 0000000000..43afca11fd --- /dev/null +++ b/SPECS/keda/CVE-2025-29786.patch @@ -0,0 +1,635 @@ +From 387fc2ebedb3b5f54f9494c95506e6163f6f7af5 Mon Sep 17 00:00:00 2001 +From: Kshitiz Godara +Date: Mon, 24 Mar 2025 13:30:36 +0000 +Subject: [PATCH] Fix for CVE-2025-29786 + +Upstream source reference: +https://github.com/expr-lang/expr/pull/762 + +Signed-off-by: Kshitiz Godara +--- + .../github.com/expr-lang/expr/conf/config.go | 52 ++-- + .../expr-lang/expr/parser/parser.go | 228 +++++++++++++----- + vendor/github.com/expr-lang/expr/vm/utils.go | 3 - + vendor/github.com/expr-lang/expr/vm/vm.go | 23 +- + 4 files changed, 213 insertions(+), 93 deletions(-) + +diff --git a/vendor/github.com/expr-lang/expr/conf/config.go b/vendor/github.com/expr-lang/expr/conf/config.go +index 01a407a..2312984 100644 +--- a/vendor/github.com/expr-lang/expr/conf/config.go ++++ b/vendor/github.com/expr-lang/expr/conf/config.go +@@ -9,34 +9,46 @@ import ( + "github.com/expr-lang/expr/vm/runtime" + ) + ++const ( ++ // DefaultMemoryBudget represents an upper limit of memory usage ++ DefaultMemoryBudget uint = 1e6 ++ ++ // DefaultMaxNodes represents an upper limit of AST nodes ++ DefaultMaxNodes uint = 10000 ++) ++ + type FunctionsTable map[string]*builtin.Function + + type Config struct { +- Env any +- Types TypesTable +- MapEnv bool +- DefaultType reflect.Type +- Expect reflect.Kind +- ExpectAny bool +- Optimize bool +- Strict bool +- Profile bool +- ConstFns map[string]reflect.Value +- Visitors []ast.Visitor +- Functions FunctionsTable +- Builtins FunctionsTable +- Disabled map[string]bool // disabled builtins ++ Env any ++ Types TypesTable ++ MapEnv bool ++ DefaultType reflect.Type ++ Expect reflect.Kind ++ ExpectAny bool ++ Optimize bool ++ Strict bool ++ Profile bool ++ MaxNodes uint ++ MemoryBudget uint ++ ConstFns map[string]reflect.Value ++ Visitors []ast.Visitor ++ Functions FunctionsTable ++ Builtins FunctionsTable ++ Disabled map[string]bool // disabled builtins + } + + // CreateNew creates new config with default values. + func CreateNew() *Config { + c := &Config{ +- Optimize: true, +- Types: make(TypesTable), +- ConstFns: make(map[string]reflect.Value), +- Functions: make(map[string]*builtin.Function), +- Builtins: make(map[string]*builtin.Function), +- Disabled: make(map[string]bool), ++ Optimize: true, ++ Types: make(TypesTable), ++ MaxNodes: DefaultMaxNodes, ++ MemoryBudget: DefaultMemoryBudget, ++ ConstFns: make(map[string]reflect.Value), ++ Functions: make(map[string]*builtin.Function), ++ Builtins: make(map[string]*builtin.Function), ++ Disabled: make(map[string]bool), + } + for _, f := range builtin.Builtins { + c.Builtins[f.Name] = f +diff --git a/vendor/github.com/expr-lang/expr/parser/parser.go b/vendor/github.com/expr-lang/expr/parser/parser.go +index 6d96561..a75557c 100644 +--- a/vendor/github.com/expr-lang/expr/parser/parser.go ++++ b/vendor/github.com/expr-lang/expr/parser/parser.go +@@ -45,12 +45,47 @@ var predicates = map[string]struct { + } + + type parser struct { +- tokens []Token +- current Token +- pos int +- err *file.Error +- depth int // closure call depth +- config *conf.Config ++ tokens []Token ++ current Token ++ pos int ++ err *file.Error ++ depth int // closure call depth ++ config *conf.Config ++ nodeCount uint // tracks number of AST nodes created ++} ++ ++// checkNodeLimit verifies that adding a new node won't exceed configured limits ++func (p *parser) checkNodeLimit() error { ++ p.nodeCount++ ++ if p.config.MaxNodes > 0 && p.nodeCount > p.config.MaxNodes { ++ p.error("compilation failed: expression exceeds maximum allowed nodes") ++ return nil ++ } ++ return nil ++} ++ ++// createNode handles creation of regular nodes ++func (p *parser) createNode(n Node, loc file.Location) Node { ++ if err := p.checkNodeLimit(); err != nil { ++ return nil ++ } ++ if n == nil || p.err != nil { ++ return nil ++ } ++ n.SetLocation(loc) ++ return n ++} ++ ++// createMemberNode handles creation of member nodes ++func (p *parser) createMemberNode(n *MemberNode, loc file.Location) *MemberNode { ++ if err := p.checkNodeLimit(); err != nil { ++ return nil ++ } ++ if n == nil || p.err != nil { ++ return nil ++ } ++ n.SetLocation(loc) ++ return n + } + + type Tree struct { +@@ -127,6 +162,10 @@ func (p *parser) expect(kind Kind, values ...string) { + // parse functions + + func (p *parser) parseExpression(precedence int) Node { ++ if p.err != nil { ++ return nil ++ } ++ + if precedence == 0 && p.current.Is(Operator, "let") { + return p.parseVariableDeclaration() + } +@@ -185,19 +224,23 @@ func (p *parser) parseExpression(precedence int) Node { + nodeRight = p.parseExpression(op.Precedence) + } + +- nodeLeft = &BinaryNode{ ++ nodeLeft = p.createNode(&BinaryNode{ + Operator: opToken.Value, + Left: nodeLeft, + Right: nodeRight, ++ }, opToken.Location) ++ if nodeLeft == nil { ++ return nil + } +- nodeLeft.SetLocation(opToken.Location) + + if negate { +- nodeLeft = &UnaryNode{ ++ nodeLeft = p.createNode(&UnaryNode{ + Operator: "not", + Node: nodeLeft, ++ }, notToken.Location) ++ if nodeLeft == nil { ++ return nil + } +- nodeLeft.SetLocation(notToken.Location) + } + + goto next +@@ -224,13 +267,11 @@ func (p *parser) parseVariableDeclaration() Node { + value := p.parseExpression(0) + p.expect(Operator, ";") + node := p.parseExpression(0) +- let := &VariableDeclaratorNode{ ++ return p.createNode(&VariableDeclaratorNode{ + Name: variableName.Value, + Value: value, + Expr: node, +- } +- let.SetLocation(variableName.Location) +- return let ++ }, variableName.Location) + } + + func (p *parser) parseConditional(node Node) Node { +@@ -248,10 +289,13 @@ func (p *parser) parseConditional(node Node) Node { + expr2 = p.parseExpression(0) + } + +- node = &ConditionalNode{ ++ node = p.createNode(&ConditionalNode{ + Cond: node, + Exp1: expr1, + Exp2: expr2, ++ }, p.current.Location) ++ if node == nil { ++ return nil + } + } + return node +@@ -264,11 +308,13 @@ func (p *parser) parsePrimary() Node { + if op, ok := operator.Unary[token.Value]; ok { + p.next() + expr := p.parseExpression(op.Precedence) +- node := &UnaryNode{ ++ node := p.createNode(&UnaryNode{ + Operator: token.Value, + Node: expr, ++ }, token.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(token.Location) + return p.parsePostfixExpression(node) + } + } +@@ -290,8 +336,10 @@ func (p *parser) parsePrimary() Node { + p.next() + } + } +- node := &PointerNode{Name: name} +- node.SetLocation(token.Location) ++ node := p.createNode(&PointerNode{Name: name}, token.Location) ++ if node == nil { ++ return nil ++ } + return p.parsePostfixExpression(node) + } + } else { +@@ -320,23 +368,31 @@ func (p *parser) parseSecondary() Node { + p.next() + switch token.Value { + case "true": +- node := &BoolNode{Value: true} +- node.SetLocation(token.Location) ++ node = p.createNode(&BoolNode{Value: true}, token.Location) ++ if node == nil { ++ return nil ++ } + return node + case "false": +- node := &BoolNode{Value: false} +- node.SetLocation(token.Location) ++ node = p.createNode(&BoolNode{Value: false}, token.Location) ++ if node == nil { ++ return nil ++ } + return node + case "nil": +- node := &NilNode{} +- node.SetLocation(token.Location) ++ node = p.createNode(&NilNode{}, token.Location) ++ if node == nil { ++ return nil ++ } + return node + default: + if p.current.Is(Bracket, "(") { + node = p.parseCall(token, []Node{}, true) + } else { +- node = &IdentifierNode{Value: token.Value} +- node.SetLocation(token.Location) ++ node = p.createNode(&IdentifierNode{Value: token.Value}, token.Location) ++ if node == nil { ++ return nil ++ } + } + } + +@@ -383,8 +439,10 @@ func (p *parser) parseSecondary() Node { + return node + case String: + p.next() +- node = &StringNode{Value: token.Value} +- node.SetLocation(token.Location) ++ node = p.createNode(&StringNode{Value: token.Value}, token.Location) ++ if node == nil { ++ return nil ++ } + + default: + if token.Is(Bracket, "[") { +@@ -404,7 +462,7 @@ func (p *parser) toIntegerNode(number int64) Node { + p.error("integer literal is too large") + return nil + } +- return &IntegerNode{Value: int(number)} ++ return p.createNode(&IntegerNode{Value: int(number)}, p.current.Location) + } + + func (p *parser) toFloatNode(number float64) Node { +@@ -412,7 +470,7 @@ func (p *parser) toFloatNode(number float64) Node { + p.error("float literal is too large") + return nil + } +- return &FloatNode{Value: number} ++ return p.createNode(&FloatNode{Value: number}, p.current.Location) + } + + func (p *parser) parseCall(token Token, arguments []Node, checkOverrides bool) Node { +@@ -454,25 +512,34 @@ func (p *parser) parseCall(token Token, arguments []Node, checkOverrides bool) N + + p.expect(Bracket, ")") + +- node = &BuiltinNode{ ++ node = p.createNode(&BuiltinNode{ + Name: token.Value, + Arguments: arguments, ++ }, token.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(token.Location) + } else if _, ok := builtin.Index[token.Value]; ok && !p.config.Disabled[token.Value] && !isOverridden { +- node = &BuiltinNode{ ++ node = p.createNode(&BuiltinNode{ + Name: token.Value, + Arguments: p.parseArguments(arguments), ++ }, token.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(token.Location) ++ + } else { +- callee := &IdentifierNode{Value: token.Value} +- callee.SetLocation(token.Location) +- node = &CallNode{ ++ callee := p.createNode(&IdentifierNode{Value: token.Value}, token.Location) ++ if callee == nil { ++ return nil ++ } ++ node = p.createNode(&CallNode{ + Callee: callee, + Arguments: p.parseArguments(arguments), ++ }, token.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(token.Location) + } + return node + } +@@ -534,8 +601,10 @@ func (p *parser) parseArrayExpression(token Token) Node { + end: + p.expect(Bracket, "]") + +- node := &ArrayNode{Nodes: nodes} +- node.SetLocation(token.Location) ++ node := p.createNode(&ArrayNode{Nodes: nodes}, token.Location) ++ if node == nil { ++ return nil ++ } + return node + } + +@@ -561,8 +630,10 @@ func (p *parser) parseMapExpression(token Token) Node { + // * identifier, which is equivalent to a string + // * expression, which must be enclosed in parentheses -- (1 + 2) + if p.current.Is(Number) || p.current.Is(String) || p.current.Is(Identifier) { +- key = &StringNode{Value: p.current.Value} +- key.SetLocation(token.Location) ++ key = p.createNode(&StringNode{Value: p.current.Value}, p.current.Location) ++ if key == nil { ++ return nil ++ } + p.next() + } else if p.current.Is(Bracket, "(") { + key = p.parseExpression(0) +@@ -573,16 +644,20 @@ func (p *parser) parseMapExpression(token Token) Node { + p.expect(Operator, ":") + + node := p.parseExpression(0) +- pair := &PairNode{Key: key, Value: node} +- pair.SetLocation(token.Location) ++ pair := p.createNode(&PairNode{Key: key, Value: node}, token.Location) ++ if pair == nil { ++ return nil ++ } + nodes = append(nodes, pair) + } + + end: + p.expect(Bracket, "}") + +- node := &MapNode{Pairs: nodes} +- node.SetLocation(token.Location) ++ node := p.createNode(&MapNode{Pairs: nodes}, token.Location) ++ if node == nil { ++ return nil ++ } + return node + } + +@@ -607,8 +682,10 @@ func (p *parser) parsePostfixExpression(node Node) Node { + p.error("expected name") + } + +- property := &StringNode{Value: propertyToken.Value} +- property.SetLocation(propertyToken.Location) ++ property := p.createNode(&StringNode{Value: propertyToken.Value}, propertyToken.Location) ++ if property == nil { ++ return nil ++ } + + chainNode, isChain := node.(*ChainNode) + optional := postfixToken.Value == "?." +@@ -617,26 +694,33 @@ func (p *parser) parsePostfixExpression(node Node) Node { + node = chainNode.Node + } + +- memberNode := &MemberNode{ ++ memberNode := p.createMemberNode(&MemberNode{ + Node: node, + Property: property, + Optional: optional, ++ }, propertyToken.Location) ++ if memberNode == nil { ++ return nil + } +- memberNode.SetLocation(propertyToken.Location) + + if p.current.Is(Bracket, "(") { + memberNode.Method = true +- node = &CallNode{ ++ node = p.createNode(&CallNode{ + Callee: memberNode, + Arguments: p.parseArguments([]Node{}), ++ }, propertyToken.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(propertyToken.Location) + } else { + node = memberNode + } + + if isChain || optional { +- node = &ChainNode{Node: node} ++ node = p.createNode(&ChainNode{Node: node}, propertyToken.Location) ++ if node == nil { ++ return nil ++ } + } + + } else if postfixToken.Value == "[" { +@@ -650,11 +734,13 @@ func (p *parser) parsePostfixExpression(node Node) Node { + to = p.parseExpression(0) + } + +- node = &SliceNode{ ++ node = p.createNode(&SliceNode{ + Node: node, + To: to, ++ }, postfixToken.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(postfixToken.Location) + p.expect(Bracket, "]") + + } else { +@@ -668,25 +754,32 @@ func (p *parser) parsePostfixExpression(node Node) Node { + to = p.parseExpression(0) + } + +- node = &SliceNode{ ++ node = p.createNode(&SliceNode{ + Node: node, + From: from, + To: to, ++ }, postfixToken.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(postfixToken.Location) + p.expect(Bracket, "]") + + } else { + // Slice operator [:] was not found, + // it should be just an index node. +- node = &MemberNode{ ++ node = p.createNode(&MemberNode{ + Node: node, + Property: from, + Optional: optional, ++ }, postfixToken.Location) ++ if node == nil { ++ return nil + } +- node.SetLocation(postfixToken.Location) + if optional { +- node = &ChainNode{Node: node} ++ node = p.createNode(&ChainNode{Node: node}, postfixToken.Location) ++ if node == nil { ++ return nil ++ } + } + p.expect(Bracket, "]") + } +@@ -698,26 +791,29 @@ func (p *parser) parsePostfixExpression(node Node) Node { + } + return node + } +- + func (p *parser) parseComparison(left Node, token Token, precedence int) Node { + var rootNode Node + for { + comparator := p.parseExpression(precedence + 1) +- cmpNode := &BinaryNode{ ++ cmpNode := p.createNode(&BinaryNode{ + Operator: token.Value, + Left: left, + Right: comparator, ++ }, token.Location) ++ if cmpNode == nil { ++ return nil + } +- cmpNode.SetLocation(token.Location) + if rootNode == nil { + rootNode = cmpNode + } else { +- rootNode = &BinaryNode{ ++ rootNode = p.createNode(&BinaryNode{ + Operator: "&&", + Left: rootNode, + Right: cmpNode, ++ }, token.Location) ++ if rootNode == nil { ++ return nil + } +- rootNode.SetLocation(token.Location) + } + + left = comparator +diff --git a/vendor/github.com/expr-lang/expr/vm/utils.go b/vendor/github.com/expr-lang/expr/vm/utils.go +index fc2f5e7..1100513 100644 +--- a/vendor/github.com/expr-lang/expr/vm/utils.go ++++ b/vendor/github.com/expr-lang/expr/vm/utils.go +@@ -11,9 +11,6 @@ type ( + ) + + var ( +- // MemoryBudget represents an upper limit of memory usage. +- MemoryBudget uint = 1e6 +- + errorType = reflect.TypeOf((*error)(nil)).Elem() + ) + +diff --git a/vendor/github.com/expr-lang/expr/vm/vm.go b/vendor/github.com/expr-lang/expr/vm/vm.go +index 7e933ce..b497990 100644 +--- a/vendor/github.com/expr-lang/expr/vm/vm.go ++++ b/vendor/github.com/expr-lang/expr/vm/vm.go +@@ -11,6 +11,7 @@ import ( + "time" + + "github.com/expr-lang/expr/builtin" ++ "github.com/expr-lang/expr/conf" + "github.com/expr-lang/expr/file" + "github.com/expr-lang/expr/internal/deref" + "github.com/expr-lang/expr/vm/runtime" +@@ -20,11 +21,23 @@ func Run(program *Program, env any) (any, error) { + if program == nil { + return nil, fmt.Errorf("program is nil") + } +- + vm := VM{} + return vm.Run(program, env) + } + ++func RunWithConfig(program *Program, env any, config *conf.Config) (any, error) { ++ if program == nil { ++ return nil, fmt.Errorf("program is nil") ++ } ++ if config == nil { ++ return nil, fmt.Errorf("config is nil") ++ } ++ vm := VM{ ++ MemoryBudget: config.MemoryBudget, ++ } ++ return vm.Run(program, env) ++} ++ + func Debug() *VM { + vm := &VM{ + debug: true, +@@ -38,9 +51,9 @@ type VM struct { + Stack []any + Scopes []*Scope + Variables []any ++ MemoryBudget uint + ip int + memory uint +- memoryBudget uint + debug bool + step chan struct{} + curr chan int +@@ -76,7 +89,9 @@ func (vm *VM) Run(program *Program, env any) (_ any, err error) { + vm.Variables = make([]any, program.variables) + } + +- vm.memoryBudget = MemoryBudget ++ if vm.MemoryBudget == 0 { ++ vm.MemoryBudget = conf.DefaultMemoryBudget ++ } + vm.memory = 0 + vm.ip = 0 + +@@ -580,7 +595,7 @@ func (vm *VM) pop() any { + + func (vm *VM) memGrow(size uint) { + vm.memory += size +- if vm.memory >= vm.memoryBudget { ++ if vm.memory >= vm.MemoryBudget { + panic("memory budget exceeded") + } + } +-- +2.48.1.431.g5a526e5e18 + diff --git a/SPECS/keda/CVE-2025-29923.patch b/SPECS/keda/CVE-2025-29923.patch new file mode 100644 index 0000000000..cab811e2a7 --- /dev/null +++ b/SPECS/keda/CVE-2025-29923.patch @@ -0,0 +1,268 @@ +From ccc8a29fedd586a983efa3852c35175f042e5f7a Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Sun, 30 Mar 2025 16:50:18 +0000 +Subject: [PATCH] CVE-2025-29923 + +Upstream Patch Reference : https://github.com/redis/go-redis/commit/d236865b0cfa1b752ea4b7da666b1fdcd0acebb6 +--- + .../github.com/redis/go-redis/v9/options.go | 11 +++++++- + .../redis/go-redis/v9/osscluster.go | 18 ++++++++++-- + vendor/github.com/redis/go-redis/v9/redis.go | 8 ++++-- + vendor/github.com/redis/go-redis/v9/ring.go | 19 +++++++++++-- + .../github.com/redis/go-redis/v9/sentinel.go | 28 ++++++++++++++++--- + .../github.com/redis/go-redis/v9/universal.go | 24 +++++++++++++--- + 6 files changed, 92 insertions(+), 16 deletions(-) + +diff --git a/vendor/github.com/redis/go-redis/v9/options.go b/vendor/github.com/redis/go-redis/v9/options.go +index dff52ae8..3e889aed 100644 +--- a/vendor/github.com/redis/go-redis/v9/options.go ++++ b/vendor/github.com/redis/go-redis/v9/options.go +@@ -142,9 +142,18 @@ type Options struct { + // Enables read only queries on slave/follower nodes. + readOnly bool + +- // Disable set-lib on connect. Default is false. ++ // DisableIndentity - Disable set-lib on connect. ++ // ++ // default: false ++ // ++ // Deprecated: Use DisableIdentity instead. + DisableIndentity bool + ++ // DisableIdentity is used to disable CLIENT SETINFO command on connect. ++ // ++ // default: false ++ DisableIdentity bool ++ + // Add suffix to client name. Default is empty. + IdentitySuffix string + } +diff --git a/vendor/github.com/redis/go-redis/v9/osscluster.go b/vendor/github.com/redis/go-redis/v9/osscluster.go +index 17f98d9d..c67244c8 100644 +--- a/vendor/github.com/redis/go-redis/v9/osscluster.go ++++ b/vendor/github.com/redis/go-redis/v9/osscluster.go +@@ -85,8 +85,19 @@ type ClusterOptions struct { + ConnMaxIdleTime time.Duration + ConnMaxLifetime time.Duration + +- TLSConfig *tls.Config +- DisableIndentity bool // Disable set-lib on connect. Default is false. ++ TLSConfig *tls.Config ++ ++ // DisableIndentity - Disable set-lib on connect. ++ // ++ // default: false ++ // ++ // Deprecated: Use DisableIdentity instead. ++ DisableIndentity bool ++ ++ // DisableIdentity is used to disable CLIENT SETINFO command on connect. ++ // ++ // default: false ++ DisableIdentity bool + + IdentitySuffix string // Add suffix to client name. Default is empty. + } +@@ -294,7 +305,8 @@ func (opt *ClusterOptions) clientOptions() *Options { + MaxActiveConns: opt.MaxActiveConns, + ConnMaxIdleTime: opt.ConnMaxIdleTime, + ConnMaxLifetime: opt.ConnMaxLifetime, +- DisableIndentity: opt.DisableIndentity, ++ DisableIdentity: opt.DisableIdentity, ++ DisableIndentity: opt.DisableIdentity, + IdentitySuffix: opt.IdentitySuffix, + TLSConfig: opt.TLSConfig, + // If ClusterSlots is populated, then we probably have an artificial +diff --git a/vendor/github.com/redis/go-redis/v9/redis.go b/vendor/github.com/redis/go-redis/v9/redis.go +index d25a0d31..46b955bb 100644 +--- a/vendor/github.com/redis/go-redis/v9/redis.go ++++ b/vendor/github.com/redis/go-redis/v9/redis.go +@@ -340,7 +340,7 @@ func (c *baseClient) initConn(ctx context.Context, cn *pool.Conn) error { + return err + } + +- if !c.opt.DisableIndentity { ++ if !c.opt.DisableIdentity && !c.opt.DisableIndentity { + libName := "" + libVer := Version() + if c.opt.IdentitySuffix != "" { +@@ -349,7 +349,11 @@ func (c *baseClient) initConn(ctx context.Context, cn *pool.Conn) error { + p := conn.Pipeline() + p.ClientSetInfo(ctx, WithLibraryName(libName)) + p.ClientSetInfo(ctx, WithLibraryVersion(libVer)) +- _, _ = p.Exec(ctx) ++ // Handle network errors (e.g. timeouts) in CLIENT SETINFO to avoid ++ // out of order responses later on. ++ if _, err = p.Exec(ctx); err != nil && !isRedisError(err) { ++ return err ++ } + } + + if c.opt.OnConnect != nil { +diff --git a/vendor/github.com/redis/go-redis/v9/ring.go b/vendor/github.com/redis/go-redis/v9/ring.go +index 4ae00542..a8a00cd0 100644 +--- a/vendor/github.com/redis/go-redis/v9/ring.go ++++ b/vendor/github.com/redis/go-redis/v9/ring.go +@@ -98,8 +98,20 @@ type RingOptions struct { + TLSConfig *tls.Config + Limiter Limiter + ++ // DisableIndentity - Disable set-lib on connect. ++ // ++ // default: false ++ // ++ // Deprecated: Use DisableIdentity instead. ++ + DisableIndentity bool +- IdentitySuffix string ++ ++ // DisableIdentity is used to disable CLIENT SETINFO command on connect. ++ // ++ // default: false ++ DisableIdentity bool ++ IdentitySuffix string ++ UnstableResp3 bool + } + + func (opt *RingOptions) init() { +@@ -166,8 +178,11 @@ func (opt *RingOptions) clientOptions() *Options { + TLSConfig: opt.TLSConfig, + Limiter: opt.Limiter, + ++ DisableIdentity: opt.DisableIdentity, ++ + DisableIndentity: opt.DisableIndentity, +- IdentitySuffix: opt.IdentitySuffix, ++ IdentitySuffix: opt.IdentitySuffix, ++ UnstableResp3: opt.UnstableResp3, + } + } + +diff --git a/vendor/github.com/redis/go-redis/v9/sentinel.go b/vendor/github.com/redis/go-redis/v9/sentinel.go +index 188f8849..2988e300 100644 +--- a/vendor/github.com/redis/go-redis/v9/sentinel.go ++++ b/vendor/github.com/redis/go-redis/v9/sentinel.go +@@ -80,8 +80,20 @@ type FailoverOptions struct { + + TLSConfig *tls.Config + ++ // DisableIndentity - Disable set-lib on connect. ++ // ++ // default: false ++ // ++ // Deprecated: Use DisableIdentity instead. + DisableIndentity bool +- IdentitySuffix string ++ ++ // DisableIdentity is used to disable CLIENT SETINFO command on connect. ++ // ++ // default: false ++ DisableIdentity bool ++ ++ IdentitySuffix string ++ UnstableResp3 bool + } + + func (opt *FailoverOptions) clientOptions() *Options { +@@ -117,8 +129,12 @@ func (opt *FailoverOptions) clientOptions() *Options { + + TLSConfig: opt.TLSConfig, + ++ DisableIdentity: opt.DisableIdentity, ++ + DisableIndentity: opt.DisableIndentity, +- IdentitySuffix: opt.IdentitySuffix, ++ ++ IdentitySuffix: opt.IdentitySuffix, ++ UnstableResp3: opt.UnstableResp3, + } + } + +@@ -153,9 +169,11 @@ func (opt *FailoverOptions) sentinelOptions(addr string) *Options { + ConnMaxLifetime: opt.ConnMaxLifetime, + + TLSConfig: opt.TLSConfig, ++ DisableIdentity: opt.DisableIdentity, + + DisableIndentity: opt.DisableIndentity, +- IdentitySuffix: opt.IdentitySuffix, ++ IdentitySuffix: opt.IdentitySuffix, ++ UnstableResp3: opt.UnstableResp3, + } + } + +@@ -194,8 +212,10 @@ func (opt *FailoverOptions) clusterOptions() *ClusterOptions { + + TLSConfig: opt.TLSConfig, + ++ DisableIdentity: opt.DisableIdentity, ++ + DisableIndentity: opt.DisableIndentity, +- IdentitySuffix: opt.IdentitySuffix, ++ IdentitySuffix: opt.IdentitySuffix, + } + } + +diff --git a/vendor/github.com/redis/go-redis/v9/universal.go b/vendor/github.com/redis/go-redis/v9/universal.go +index 275bef3d..1ec64269 100644 +--- a/vendor/github.com/redis/go-redis/v9/universal.go ++++ b/vendor/github.com/redis/go-redis/v9/universal.go +@@ -61,14 +61,25 @@ type UniversalOptions struct { + RouteByLatency bool + RouteRandomly bool + +- // The sentinel master name. +- // Only failover clients. ++ // MasterName is the sentinel master name. ++ // Only for failover clients. + + MasterName string + ++ // DisableIndentity - Disable set-lib on connect. ++ // ++ // default: false ++ // ++ // Deprecated: Use DisableIdentity instead. + DisableIndentity bool +- IdentitySuffix string +-} ++ ++ // DisableIdentity is used to disable CLIENT SETINFO command on connect. ++ // ++ // default: false ++ DisableIdentity bool ++ ++ IdentitySuffix string ++ UnstableResp3 bool} + + // Cluster returns cluster options created from the universal options. + func (o *UniversalOptions) Cluster() *ClusterOptions { +@@ -112,6 +123,7 @@ func (o *UniversalOptions) Cluster() *ClusterOptions { + + TLSConfig: o.TLSConfig, + ++ DisableIdentity: o.DisableIdentity, + DisableIndentity: o.DisableIndentity, + IdentitySuffix: o.IdentitySuffix, + } +@@ -158,6 +170,9 @@ func (o *UniversalOptions) Failover() *FailoverOptions { + + TLSConfig: o.TLSConfig, + ++ ReplicaOnly: o.ReadOnly, ++ ++ DisableIdentity: o.DisableIdentity, + DisableIndentity: o.DisableIndentity, + IdentitySuffix: o.IdentitySuffix, + } +@@ -201,6 +216,7 @@ func (o *UniversalOptions) Simple() *Options { + + TLSConfig: o.TLSConfig, + ++ DisableIdentity: o.DisableIdentity, + DisableIndentity: o.DisableIndentity, + IdentitySuffix: o.IdentitySuffix, + } +-- +2.45.2 + diff --git a/SPECS/keda/CVE-2025-30204.patch b/SPECS/keda/CVE-2025-30204.patch new file mode 100644 index 0000000000..6eb7de916b --- /dev/null +++ b/SPECS/keda/CVE-2025-30204.patch @@ -0,0 +1,134 @@ +From 84c7f3d0b9dccb4a20d0ad4de10896d40344ba26 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Fri, 28 Mar 2025 20:43:26 +0000 +Subject: [PATCH] CVE-2025-30204 +Upstream Patch Reference : +v4 : https://github.com/golang-jwt/jwt/commit/2f0e9add62078527821828c76865661aa7718a84 +v5 : https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3 +--- + github.com/golang-jwt/jwt/v4/parser.go | 36 +++++++++++++++++++++++--- + github.com/golang-jwt/jwt/v5/parser.go | 36 +++++++++++++++++++++++--- + 2 files changed, 66 insertions(+), 6 deletions(-) + +diff --git a/vendor/github.com/golang-jwt/jwt/v4/parser.go b/vendor/github.com/golang-jwt/jwt/v4/parser.go +index c0a6f69..8e7e67c 100644 +--- a/vendor/github.com/golang-jwt/jwt/v4/parser.go ++++ b/vendor/github.com/golang-jwt/jwt/v4/parser.go +@@ -7,6 +7,8 @@ import ( + "strings" + ) + ++const tokenDelimiter = "." ++ + type Parser struct { + // If populated, only these methods will be considered valid. + // +@@ -123,9 +125,10 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf + // It's only ever useful in cases where you know the signature is valid (because it has + // been checked previously in the stack) and you want to extract values from it. + func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { +- parts = strings.Split(tokenString, ".") +- if len(parts) != 3 { +- return nil, parts, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) ++ var ok bool ++ parts, ok = splitToken(tokenString) ++ if !ok { ++ return nil, nil, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) + } + + token = &Token{Raw: tokenString} +@@ -175,3 +178,30 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke + + return token, parts, nil + } ++ ++// splitToken splits a token string into three parts: header, claims, and signature. It will only ++// return true if the token contains exactly two delimiters and three parts. In all other cases, it ++// will return nil parts and false. ++func splitToken(token string) ([]string, bool) { ++ parts := make([]string, 3) ++ header, remain, ok := strings.Cut(token, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[0] = header ++ claims, remain, ok := strings.Cut(remain, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[1] = claims ++ // One more cut to ensure the signature is the last part of the token and there are no more ++ // delimiters. This avoids an issue where malicious input could contain additional delimiters ++ // causing unecessary overhead parsing tokens. ++ signature, _, unexpected := strings.Cut(remain, tokenDelimiter) ++ if unexpected { ++ return nil, false ++ } ++ parts[2] = signature ++ ++ return parts, true ++} +diff --git a/vendor/github.com/golang-jwt/jwt/v5/parser.go b/vendor/github.com/golang-jwt/jwt/v5/parser.go +index ecf99af..054c7eb 100644 +--- a/vendor/github.com/golang-jwt/jwt/v5/parser.go ++++ b/vendor/github.com/golang-jwt/jwt/v5/parser.go +@@ -8,6 +8,8 @@ import ( + "strings" + ) + ++const tokenDelimiter = "." ++ + type Parser struct { + // If populated, only these methods will be considered valid. + validMethods []string +@@ -136,9 +138,10 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf + // It's only ever useful in cases where you know the signature is valid (since it has already + // been or will be checked elsewhere in the stack) and you want to extract values from it. + func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { +- parts = strings.Split(tokenString, ".") +- if len(parts) != 3 { +- return nil, parts, newError("token contains an invalid number of segments", ErrTokenMalformed) ++ var ok bool ++ parts, ok = splitToken(tokenString) ++ if !ok { ++ return nil, nil, newError("token contains an invalid number of segments", ErrTokenMalformed) + } + + token = &Token{Raw: tokenString} +@@ -196,6 +199,33 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke + return token, parts, nil + } + ++// splitToken splits a token string into three parts: header, claims, and signature. It will only ++// return true if the token contains exactly two delimiters and three parts. In all other cases, it ++// will return nil parts and false. ++func splitToken(token string) ([]string, bool) { ++ parts := make([]string, 3) ++ header, remain, ok := strings.Cut(token, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[0] = header ++ claims, remain, ok := strings.Cut(remain, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[1] = claims ++ // One more cut to ensure the signature is the last part of the token and there are no more ++ // delimiters. This avoids an issue where malicious input could contain additional delimiters ++ // causing unecessary overhead parsing tokens. ++ signature, _, unexpected := strings.Cut(remain, tokenDelimiter) ++ if unexpected { ++ return nil, false ++ } ++ parts[2] = signature ++ ++ return parts, true ++} ++ + // DecodeSegment decodes a JWT specific base64url encoding. This function will + // take into account whether the [Parser] is configured with additional options, + // such as [WithStrictDecoding] or [WithPaddingAllowed]. +-- +2.45.2 + diff --git a/SPECS/keda/keda.spec b/SPECS/keda/keda.spec index 9ff86dc7c5..6748556486 100644 --- a/SPECS/keda/keda.spec +++ b/SPECS/keda/keda.spec @@ -1,7 +1,7 @@ Summary: Kubernetes-based Event Driven Autoscaling Name: keda Version: 2.14.1 -Release: 4%{?dist} +Release: 5%{?dist} License: ASL 2.0 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -26,6 +26,9 @@ Patch0: CVE-2024-6104.patch Patch1: CVE-2024-45338.patch Patch2: CVE-2025-27144.patch Patch3: CVE-2025-22868.patch +Patch4: CVE-2025-29786.patch +Patch5: CVE-2025-30204.patch +Patch6: CVE-2025-29923.patch BuildRequires: golang >= 1.15 %description @@ -63,6 +66,11 @@ cp ./bin/keda-admission-webhooks %{buildroot}%{_bindir} %{_bindir}/%{name}-admission-webhooks %changelog +* Fri Apr 28 2025 Ranjan Dutta - 2.14.1-5 +- merge from Azure Linux tag 3.0.20250423-3.0 +- Patch CVE-2025-30204, CVE-2025-29923 +- Fix CVE-2025-29786 with an upstream patch + * Fri Mar 21 2025 Anuj Mittal - 2.14.1-4 - Bump Release to rebuild diff --git a/SPECS/keras/CVE-2025-1550.patch b/SPECS/keras/CVE-2025-1550.patch new file mode 100644 index 0000000000..360bd95b0f --- /dev/null +++ b/SPECS/keras/CVE-2025-1550.patch @@ -0,0 +1,74 @@ +From d66480736192e94b7bdfb1d31533c44b73a1ca05 Mon Sep 17 00:00:00 2001 +From: Fabien Hertschuh <1091026+hertschuh@users.noreply.github.com> +Date: Sun, 12 Jan 2025 14:22:24 -0800 +Subject: [PATCH] Add checks to deserialization. + +In particular for functional models. +--- + keras-3.3.3/keras/src/models/functional.py | 6 ++++++ + keras-3.3.3/keras/src/saving/serialization_lib.py | 28 ++++++++++++--------------- + 2 files changed, 18 insertions(+), 16 deletions(-) + +diff --git keras-3.3.3/keras/src/models/functional.py keras-3.3.3/keras/src/models/functional.py +index e01052bc57ec..f2ff70396fbf 100644 +--- keras-3.3.3/keras/src/models/functional.py ++++ keras-3.3.3/keras/src/models/functional.py +@@ -19,6 +19,7 @@ + from keras.src.ops.function import make_node_key + from keras.src.ops.node import KerasHistory + from keras.src.ops.node import Node ++from keras.src.ops.operation import Operation + from keras.src.saving import serialization_lib + from keras.src.utils import tracking + +@@ -523,6 +524,11 @@ def process_layer(layer_data): + layer = serialization_lib.deserialize_keras_object( + layer_data, custom_objects=custom_objects + ) ++ if not isinstance(layer, Operation): ++ raise ValueError( ++ "Unexpected object from deserialization, expected a layer or " ++ f"operation, got a {type(layer)}" ++ ) + created_layers[layer_name] = layer + + # Gather layer inputs. +diff --git keras-3.3.3/keras/src/saving/serialization_lib.py keras-3.3.3/keras/src/saving/serialization_lib.py +index cf8eb327fb40..535478b62bb6 100644 +--- keras-3.3.3/keras/src/saving/serialization_lib.py ++++ keras-3.3.3/keras/src/saving/serialization_lib.py +@@ -783,22 +783,18 @@ def _retrieve_class_or_fn( + + # Otherwise, attempt to retrieve the class object given the `module` + # and `class_name`. Import the module, find the class. +- try: +- mod = importlib.import_module(module) +- except ModuleNotFoundError: +- raise TypeError( +- f"Could not deserialize {obj_type} '{name}' because " +- f"its parent module {module} cannot be imported. " +- f"Full object config: {full_config}" +- ) +- obj = vars(mod).get(name, None) +- +- # Special case for keras.metrics.metrics +- if obj is None and registered_name is not None: +- obj = vars(mod).get(registered_name, None) +- +- if obj is not None: +- return obj ++ if module == "keras.src" or module.startswith("keras.src."): ++ try: ++ mod = importlib.import_module(module) ++ obj = vars(mod).get(name, None) ++ if obj is not None: ++ return obj ++ except ModuleNotFoundError: ++ raise TypeError( ++ f"Could not deserialize {obj_type} '{name}' because " ++ f"its parent module {module} cannot be imported. " ++ f"Full object config: {full_config}" ++ ) + + raise TypeError( + f"Could not locate {obj_type} '{name}'. " diff --git a/SPECS/keras/keras.spec b/SPECS/keras/keras.spec index 869ec78266..5a304c56ab 100644 --- a/SPECS/keras/keras.spec +++ b/SPECS/keras/keras.spec @@ -3,7 +3,7 @@ Summary: Keras is a high-level neural networks API. Name: keras Version: 3.3.3 -Release: 1%{?dist} +Release: 2%{?dist} License: ASL 2.0 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -12,6 +12,7 @@ URL: https://keras.io/ Source0: https://github.com/keras-team/keras/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz #Removes circular dependency between keras and tensorflow. Plus Enables Wheel installation. Patch00: 0001-Add-Keras-3.3.3.patch +Patch01: CVE-2025-1550.patch BuildRequires: git BuildRequires: libstdc++-devel BuildRequires: pyproject-rpm-macros @@ -69,6 +70,9 @@ python3 pip_build.py --install %changelog +* Wed Mar 12 2025 Bhagyashri Pathak - 3.3.3-2 +- Patch for CVE-2025-1550 + * Mon Jun 24 2024 Riken Maharjan - 3.3.3-1 - Update keras to 3.3.3 to fix GC issue. diff --git a/SPECS/kernel-64k/config_aarch64 b/SPECS/kernel-64k/config_aarch64 index 3fe029e28c..964517ebd9 100644 --- a/SPECS/kernel-64k/config_aarch64 +++ b/SPECS/kernel-64k/config_aarch64 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/arm64 6.6.78.1 Kernel Configuration +# Linux/arm64 6.6.82.1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (GCC) 13.2.0" CONFIG_CC_IS_GCC=y @@ -3022,6 +3022,7 @@ CONFIG_DM_FLAKEY=m CONFIG_DM_VERITY=m CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG=y CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_SECONDARY_KEYRING=y +CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG_PLATFORM_KEYRING=y CONFIG_DM_VERITY_FEC=y # CONFIG_DM_SWITCH is not set # CONFIG_DM_LOG_WRITES is not set diff --git a/SPECS/kernel-64k/kernel-64k.signatures.json b/SPECS/kernel-64k/kernel-64k.signatures.json index 9466f4e556..637dca0671 100644 --- a/SPECS/kernel-64k/kernel-64k.signatures.json +++ b/SPECS/kernel-64k/kernel-64k.signatures.json @@ -1,10 +1,10 @@ { "Signatures": { "azurelinux-ca-20230216.pem": "d545401163c75878319f01470455e6bc18a5968e39dd964323225e3fe308849b", - "config_aarch64": "d33fd2d20e0f53c61cc790f854430d2e9bd0cc0bd47bd41d4541eccd670e62d6", + "config_aarch64": "3ca4ca7fedb5f686de995c022ccee10d7f0c65ea5fd21422767aa879c11e56f7", "cpupower": "d7518767bf2b1110d146a49c7d42e76b803f45eb8bd14d931aa6d0d346fae985", "cpupower.service": "b057fe9e5d0e8c36f485818286b80e3eba8ff66ff44797940e99b1fd5361bb98", "sha512hmac-openssl.sh": "02ab91329c4be09ee66d759e4d23ac875037c3b56e5a598e32fd1206da06a27f", - "kernel-6.6.78.1.tar.gz": "58884625aa9b25ab9c533251cad1a6281898170bba19b7986b985982f8aa77ed" + "kernel-6.6.82.1.tar.gz": "66da12e2ca4d65d4a51e23423c60a03fb57910a91684e36643430c616e6d732a" } } diff --git a/SPECS/kernel-64k/kernel-64k.spec b/SPECS/kernel-64k/kernel-64k.spec index 69afc95c1e..e46c654b9a 100644 --- a/SPECS/kernel-64k/kernel-64k.spec +++ b/SPECS/kernel-64k/kernel-64k.spec @@ -24,8 +24,8 @@ Summary: Linux Kernel Name: kernel-64k -Version: 6.6.78.1 -Release: 3%{?dist} +Version: 6.6.82.1 +Release: 1%{?dist} License: GPLv2 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -39,8 +39,7 @@ Source4: cpupower Source5: cpupower.service Patch0: 0001-add-mstflint-kernel-%{mstflintver}.patch Patch1: 0002-Increase-EFI_MMAP_NR_SLACK_SLOTS-for-GB200.patch -Patch2: jent-init-fix.patch -Patch3: Revert-serial-8250-Adjust-the-timeout-for-FIFO-mode.patch +Patch2: Revert-serial-8250-Adjust-the-timeout-for-FIFO-mode.patch ExclusiveArch: aarch64 BuildRequires: audit-devel BuildRequires: bash @@ -373,6 +372,13 @@ echo "initrd of kernel %{uname_r} removed" >&2 %{_sysconfdir}/bash_completion.d/bpftool %changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 6.6.82.1-1 +- Auto-upgrade to 6.6.82.1 + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 6.6.79.1-1 +- Auto-upgrade to 6.6.79.1 +- Remove jitterentropy patch as it is included in the source + * Mon Mar 10 2025 Chris Co - 6.6.78.1-3 - Add patch to revert UART change that breaks IPMI SEL panic message diff --git a/SPECS/kernel-headers/kernel-headers.signatures.json b/SPECS/kernel-headers/kernel-headers.signatures.json index f7f69c136d..b649ee746e 100644 --- a/SPECS/kernel-headers/kernel-headers.signatures.json +++ b/SPECS/kernel-headers/kernel-headers.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "lts-v6.12.20-edge-250324T192946Z.tar.gz": "6aa265c2e640ffc060ac0e4fb0dd3363913053a7e306be2e269b5432045d7255" + "lts-v6.12.23-emt-250415T094615Z.tar.gz": "752b4275dcc3d0a457802f57f5462fe1e0837730f3752292016beeacbf631021" } } diff --git a/SPECS/kernel-headers/kernel-headers.spec b/SPECS/kernel-headers/kernel-headers.spec index 5339b6cb29..07f1ba1d71 100644 --- a/SPECS/kernel-headers/kernel-headers.spec +++ b/SPECS/kernel-headers/kernel-headers.spec @@ -13,14 +13,14 @@ Summary: Linux API header files Name: kernel-headers -Version: 6.12.20 +Version: 6.12.23 Release: 1%{?dist} License: GPLv2 Vendor: Intel Corporation Distribution: Edge Microvisor Toolkit Group: System Environment/Kernel URL: https://github.com/intel/linux-intel-lts -Source0: https://github.com/intel/linux-intel-lts/archive/refs/tags/lts-v6.12.20-edge-250324T192946Z.tar.gz +Source0: https://github.com/intel/linux-intel-lts/archive/refs/tags/lts-v6.12.23-emt-250415T094615Z.tar.gz # Historical name shipped by other distros Provides: glibc-kernheaders = %{version}-%{release} BuildArch: noarch @@ -41,7 +41,7 @@ cross-glibc package. %endif %prep -%setup -q -n lts-v6.12.20-edge-250324T192946Z +%setup -q -n lts-v6.12.23-emt-250415T094615Z %build make mrproper @@ -76,6 +76,9 @@ done %endif %changelog +* Mon Apr 21 2025 Ren Jiaojiao - 6.12.23-1 +- Update kernel to 6.12.23 + * Thu Mar 27 2025 Ren Jiaojiao - 6.12.20-1 - Update kernel to 6.12.20 diff --git a/SPECS/kernel/kernel-uki.spec b/SPECS/kernel/kernel-uki.spec index b15810a06b..4d2eee2a25 100644 --- a/SPECS/kernel/kernel-uki.spec +++ b/SPECS/kernel/kernel-uki.spec @@ -12,7 +12,7 @@ Summary: Unified Kernel Image Name: kernel-uki -Version: 6.12.20 +Version: 6.12.23 Release: 1%{?dist} License: GPLv2 Vendor: Intel Corporation @@ -70,6 +70,9 @@ cp %{buildroot}/boot/vmlinuz-uki-%{kernelver}.efi %{buildroot}/boot/efi/EFI/Linu /boot/efi/EFI/Linux/vmlinuz-uki-%{kernelver}.efi %changelog +* Mon Apr 21 2025 Ren Jiaojiao - 6.12.23-1 +- Update kernel to 6.12.23 + * Thu Mar 27 2025 Ren Jiaojiao - 6.12.20-1 - Update kernel to 6.12.20 diff --git a/SPECS/kernel/kernel.signatures.json b/SPECS/kernel/kernel.signatures.json index 0a6b30c6bc..e1df11467c 100644 --- a/SPECS/kernel/kernel.signatures.json +++ b/SPECS/kernel/kernel.signatures.json @@ -5,6 +5,6 @@ "cpupower": "d7518767bf2b1110d146a49c7d42e76b803f45eb8bd14d931aa6d0d346fae985", "cpupower.service": "b057fe9e5d0e8c36f485818286b80e3eba8ff66ff44797940e99b1fd5361bb98", "sha512hmac-openssl.sh": "02ab91329c4be09ee66d759e4d23ac875037c3b56e5a598e32fd1206da06a27f", - "lts-v6.12.20-edge-250324T192946Z.tar.gz": "6aa265c2e640ffc060ac0e4fb0dd3363913053a7e306be2e269b5432045d7255" + "lts-v6.12.23-emt-250415T094615Z.tar.gz": "752b4275dcc3d0a457802f57f5462fe1e0837730f3752292016beeacbf631021" } } diff --git a/SPECS/kernel/kernel.spec b/SPECS/kernel/kernel.spec index 22b54b5fbd..7e57108f1a 100644 --- a/SPECS/kernel/kernel.spec +++ b/SPECS/kernel/kernel.spec @@ -1,13 +1,13 @@ Summary: Linux Kernel Name: kernel -Version: 6.12.20 +Version: 6.12.23 Release: 1%{?dist} License: GPLv2 Vendor: Intel Corporation Distribution: Edge Microvisor Toolkit Group: System Environment/Kernel URL: https://github.com/intel/linux-intel-lts -Source0: https://github.com/intel/linux-intel-lts/archive/refs/tags/lts-v6.12.20-edge-250324T192946Z.tar.gz +Source0: https://github.com/intel/linux-intel-lts/archive/refs/tags/lts-v6.12.23-emt-250415T094615Z.tar.gz Source1: config Source3: sha512hmac-openssl.sh Source4: emt-ca-20211013.pem @@ -18,6 +18,8 @@ Patch0: CVE-2025-21751.patch Patch1: CVE-2025-21709.patch Patch2: CVE-2025-21807.patch Patch3: CVE-2025-21817.patch +Patch4: CVE-2025-21884.patch +Patch5: CVE-2025-21884-1.patch %global security_hardening none @@ -166,7 +168,7 @@ This package contains the bpftool, which allows inspection and simple manipulation of eBPF programs and maps. %prep -%autosetup -p1 -n lts-v6.12.20-edge-250324T192946Z +%autosetup -p1 -n lts-v6.12.23-emt-250415T094615Z # %patch 0 -p1 make mrproper @@ -412,6 +414,9 @@ echo "initrd of kernel %{uname_r} removed" >&2 %{_sysconfdir}/bash_completion.d/bpftool %changelog +* Mon Apr 21 2025 Ren Jiaojiao - 6.12.23-1 +- Update kernel to 6.12.23 + * Thu Mar 27 2025 Ren Jiaojiao - 6.12.20-1 - Update kernel to 6.12.20 diff --git a/SPECS/knem/knem.signatures.json b/SPECS/knem/knem.signatures.json new file mode 100644 index 0000000000..d2d2c1af0c --- /dev/null +++ b/SPECS/knem/knem.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "knem-1.1.4.90mlnx3.tar.gz": "69e917448e76f402890d5e43065ab1afe5b222a678fa0c3f7b61bacde294f053" + } +} \ No newline at end of file diff --git a/SPECS/knem/knem.spec b/SPECS/knem/knem.spec new file mode 100644 index 0000000000..065a9be7be --- /dev/null +++ b/SPECS/knem/knem.spec @@ -0,0 +1,327 @@ +# Copyright © INRIA 2009-2010 +# Brice Goglin +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# 3. The name of the author may not be used to endorse or promote products +# derived from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# KMP is disabled by default +%{!?KMP: %global KMP 0} + +%global last-known-kernel 6.6.82.1-1 + +%if 0%{emt} +%global target_kernel_version_full %(/bin/rpm -q --queryformat '%{VERSION}-%{RELEASE}' kernel-headers) +%else +%global target_kernel_version_full f.a.k.e +%endif + +%global KVERSION %{target_kernel_version_full} +%global K_SRC /lib/modules/%{target_kernel_version_full}/build + +%{!?_release: %global _release OFED.23.10.0.2.1.1} +# %{!?KVERSION: %global KVERSION %(uname -r)} +%global kernel_version %{KVERSION} +%global krelver %(echo -n %{KVERSION} | sed -e 's/-/_/g') +%{!?K_SRC: %global K_SRC /lib/modules/%{KVERSION}/build} +%global _kmp_rel %{_release}%{?_kmp_build_num}%{?_dist} +%global IS_RHEL_VENDOR "%{_vendor}" == "redhat" || ("%{_vendor}" == "bclinux") || ("%{_vendor}" == "openEuler") +%global KMOD_PREAMBLE "%{_vendor}" != "openEuler" + +# set package name +%{!?_name: %global _name knem} +%global non_kmp_pname %{_name}-modules + +Summary: KNEM: High-Performance Intra-Node MPI Communication +Name: knem +Version: 1.1.4.90mlnx3 +Release: 13%{?dist} +Provides: knem-mlnx = %{version}-%{release} +Obsoletes: knem-mlnx < %{version}-%{release} +License: BSD and GPLv2 +Group: System Environment/Libraries +Vendor: Microsoft Corporation +Distribution: Azure Linux +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/24.10-0.7.0.0/SRPMS/knem-1.1.4.90mlnx3.tar.gz#/knem-%{version}.tar.gz +BuildRoot: /var/tmp/%{name}-%{version}-build +ExclusiveArch: x86_64 + +BuildRequires: gcc +BuildRequires: make +BuildRequires: kernel-devel = %{target_kernel_version_full} +BuildRequires: kernel-headers = %{target_kernel_version_full} +BuildRequires: binutils +BuildRequires: systemd +BuildRequires: kmod + +Requires: kernel = %{target_kernel_version_full} +Requires: kmod + + +%description +KNEM is a Linux kernel module enabling high-performance intra-node MPI communication for large messages. KNEM offers support for asynchronous and vectorial data transfers as well as offloading memory copies on to Intel I/OAT hardware. +See http://knem.gitlabpages.inria.fr for details. + +%global debug_package %{nil} + +# build KMP rpms? +%if "%{KMP}" == "1" +%global kernel_release() $(make -C %{1} M=$PWD kernelrelease | grep -v make) +BuildRequires: %kernel_module_package_buildreqs +# prep file list for kmp rpm +%(cat > %{_builddir}/kmp.files << EOF +%defattr(644,root,root,755) +/lib/modules/%2-%1 +%if %{IS_RHEL_VENDOR} +%config(noreplace) %{_sysconfdir}/depmod.d/%{_name}.conf +%endif +EOF) +%(cat > %{_builddir}/preamble << EOF +Obsoletes: kmod-knem-mlnx < %{version}-%{release} +Obsoletes: knem-mlnx-kmp-default < %{version}-%{release} +Obsoletes: knem-mlnx-kmp-trace < %{version}-%{release} +Obsoletes: knem-mlnx-kmp-xen < %{version}-%{release} +Obsoletes: knem-mlnx-kmp-trace < %{version}-%{release} +Obsoletes: knem-mlnx-kmp-ppc64 < %{version}-%{release} +Obsoletes: knem-mlnx-kmp-ppc < %{version}-%{release} +Obsoletes: knem-mlnx-kmp-smp < %{version}-%{release} +Obsoletes: knem-mlnx-kmp-pae < %{version}-%{release} +EOF) +%if %KMOD_PREAMBLE +%kernel_module_package -f %{_builddir}/kmp.files -r %{_kmp_rel} -p %{_builddir}/preamble +%else +%kernel_module_package -f %{_builddir}/kmp.files -r %{_kmp_rel} +%endif +%else # not KMP +%global kernel_source() %{K_SRC} +%global kernel_release() %{KVERSION} +%global flavors_to_build default + +%package -n %{non_kmp_pname} +Release: 13%{?dist} +Summary: KNEM: High-Performance Intra-Node MPI Communication +Group: System Environment/Libraries +%description -n %{non_kmp_pname} +KNEM is a Linux kernel module enabling high-performance intra-node MPI communication for large messages. KNEM offers support for asynchronous and vectorial data transfers as well as loading memory copies on to Intel I/OAT hardware. +See http://runtime.bordeaux.inria.fr/knem/ for details. +%endif #end if "%{KMP}" == "1" + +# +# setup module sign scripts if paths to the keys are given +# +%global WITH_MOD_SIGN %(if ( test -f "$MODULE_SIGN_PRIV_KEY" && test -f "$MODULE_SIGN_PUB_KEY" ); \ + then \ + echo -n '1'; \ + else \ + echo -n '0'; fi) + +%if "%{WITH_MOD_SIGN}" == "1" +# call module sign script +%global __modsign_install_post \ + $RPM_BUILD_DIR/knem-%{version}/source/tools/sign-modules $RPM_BUILD_ROOT/lib/modules/ %{kernel_source default} || exit 1 \ +%{nil} + +# Disgusting hack alert! We need to ensure we sign modules *after* all +# invocations of strip occur, which is in __debug_install_post if +# find-debuginfo.sh runs, and __os_install_post if not. +# +%global __spec_install_post \ + %{?__debug_package:%{__debug_install_post}} \ + %{__arch_install_post} \ + %{__os_install_post} \ + %{__modsign_install_post} \ +%{nil} + +%endif # end of setup module sign scripts +# + +%if "%{_vendor}" == "suse" +%global install_mod_dir updates +%endif + + +%global install_mod_dir extra/%{_name} +%global __find_requires %{nil} + +%prep +%setup -n knem-%{version} +set -- * +mkdir source +mv "$@" source/ +mkdir obj + +%build +rm -rf $RPM_BUILD_ROOT +export INSTALL_MOD_DIR=%install_mod_dir +for flavor in %flavors_to_build; do + export KSRC=%{kernel_source $flavor} + export KVERSION=%{kernel_release $KSRC} + export LIB_MOD_DIR=/lib/modules/$KVERSION/$INSTALL_MOD_DIR + export MODULE_DESTDIR=/lib/modules/$KVERSION/$INSTALL_MOD_DIR + rm -rf obj/$flavor + cp -a source obj/$flavor + cd $PWD/obj/$flavor + find . -type f -exec touch -t 200012201010 '{}' \; || true + ./configure --prefix=/opt/knem-%{version} --with-linux-release=$KVERSION --with-linux=/lib/modules/$KVERSION/source --with-linux-build=$KSRC --libdir=/opt/knem-%{version}/lib + make + cd - +done + +%install +export INSTALL_MOD_PATH=$RPM_BUILD_ROOT +export INSTALL_MOD_DIR=%install_mod_dir +export KPNAME=%{_name} +mkdir -p $RPM_BUILD_ROOT/etc/udev/rules.d +install -d $RPM_BUILD_ROOT/usr/lib64/pkgconfig +for flavor in %flavors_to_build; do + cd $PWD/obj/$flavor + export KSRC=%{kernel_source $flavor} + export KVERSION=%{kernel_release $KSRC} + make DESTDIR=$RPM_BUILD_ROOT install KERNELRELEASE=$KVERSION + export MODULE_DESTDIR=/lib/modules/$KVERSION/$INSTALL_MOD_DIR + mkdir -p $RPM_BUILD_ROOT/lib/modules/$KVERSION/$INSTALL_MOD_DIR + MODULE_DESTDIR=/lib/modules/$KVERSION/$INSTALL_MOD_DIR DESTDIR=$RPM_BUILD_ROOT KVERSION=$KVERSION $RPM_BUILD_ROOT/opt/knem-%{version}/sbin/knem_local_install + cp knem.pc $RPM_BUILD_ROOT/usr/lib64/pkgconfig + cd - +done + +/bin/rm -rf %{buildroot}/opt/knem-%{version}/lib/modules || true + +%if %{IS_RHEL_VENDOR} +# Set the module(s) to be executable, so that they will be stripped when packaged. +find %{buildroot} \( -type f -name '*.ko' -o -name '*ko.gz' \) -exec %{__chmod} u+x \{\} \; + +%if ! 0%{?fedora} +%{__install} -d $RPM_BUILD_ROOT%{_sysconfdir}/depmod.d/ +echo "override knem * weak-updates/%{_name}" >> $RPM_BUILD_ROOT%{_sysconfdir}/depmod.d/%{_name}.conf +echo "override knem * extra/%{_name}" >> $RPM_BUILD_ROOT%{_sysconfdir}/depmod.d/%{_name}.conf +%endif +%else +find %{buildroot} \( -type f -name '*.ko' -o -name '*ko.gz' \) -exec %{__strip} -p --strip-debug --discard-locals -R .comment -R .note \{\} \; +%endif + +%clean +rm -rf $RPM_BUILD_ROOT + +%post +getent group rdma >/dev/null 2>&1 || groupadd -r rdma +touch /etc/udev/rules.d/10-knem.rules +# load knem +/sbin/modprobe -r knem > /dev/null 2>&1 +/sbin/modprobe knem > /dev/null 2>&1 + +# automatically load knem onboot +if [ -d /etc/sysconfig/modules ]; then + # RH + echo "/sbin/modprobe knem > /dev/null 2>&1" > /etc/sysconfig/modules/knem.modules + chmod +x /etc/sysconfig/modules/knem.modules +elif [ -e /etc/sysconfig/kernel ]; then + # SLES + if ! (grep -w knem /etc/sysconfig/kernel); then + sed -i -r -e 's/^(MODULES_LOADED_ON_BOOT=)"(.*)"/\1"\2 knem"/' /etc/sysconfig/kernel + fi +fi + +%preun +# unload knem +/sbin/modprobe -r knem > /dev/null 2>&1 +# RH +/bin/rm -f /etc/sysconfig/modules/knem.modules +# SLES +if (grep -qw knem /etc/sysconfig/kernel 2>/dev/null); then + sed -i -e 's/ knem//g' /etc/sysconfig/kernel 2>/dev/null +fi + +%if "%{KMP}" != "1" +%post -n %{non_kmp_pname} +depmod %{KVERSION} -a + +%postun -n %{non_kmp_pname} +if [ $1 = 0 ]; then # 1 : Erase, not upgrade + depmod %{KVERSION} -a +fi +%endif # end KMP=1 + +%files +%defattr(-, root, root) +%license source/COPYING source/COPYING.BSD-3 source/COPYING.GPL-2 +/opt/knem-%{version} +/usr/lib64/pkgconfig/knem.pc + +%config(noreplace) +/etc/udev/rules.d/10-knem.rules + + +%if "%{KMP}" != "1" +%files -n %{non_kmp_pname} +%license source/COPYING source/COPYING.BSD-3 source/COPYING.GPL-2 +/lib/modules/%{KVERSION}/%{install_mod_dir}/ +%if %{IS_RHEL_VENDOR} +%if ! 0%{?fedora} +%config(noreplace) %{_sysconfdir}/depmod.d/%{_name}.conf +%endif +%endif +%endif + +%changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 1.1.4.90mlnx3-13 +- Bump release to rebuild for new kernel release + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 1.1.4.90mlnx3-12 +- Bump release to rebuild for new kernel release + +* Mon Mar 10 2025 Chris Co - 1.1.4.90mlnx3-11 +- Bump release to rebuild for new kernel release + +* Wed Mar 05 2025 Rachel Menge - 1.1.4.90mlnx3-10 +- Bump release to rebuild for new kernel release + +* Tue Mar 04 2025 Rachel Menge - 1.1.4.90mlnx3-9 +- Bump release to rebuild for new kernel release + +* Wed Feb 19 2025 Chris Co - 1.1.4.90mlnx3-8 +- Bump release to rebuild for new kernel release + +* Tue Feb 11 2025 Rachel Menge - 1.1.4.90mlnx3-7 +- Bump release to rebuild for new kernel release + +* Wed Feb 05 2025 Tobias Brick - 1.1.4.90mlnx3-6 +- Bump release to rebuild for new kernel release + +* Tue Feb 04 2025 Alberto David Perez Guevara - 1.1.4.90mlnx3-5 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 1.1.4.90mlnx3-4 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 1.1.4.90mlnx3-3 +- Bump release to match kernel + +* Thu Jan 30 2025 Rachel Menge - 1.1.4.90mlnx3-2 +- Bump release to match kernel + +* Tue Dec 17 2024 Binu Jose Philip - 1.1.4.90mlnx3-1 +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified +* Mon Mar 17 2014 Alaa Hleihel +- Use one spec for KMP and non-KMP OS's. +* Thu Apr 18 2013 Alaa Hleihel +- Added KMP support diff --git a/SPECS/kubernetes/CVE-2025-30204.patch b/SPECS/kubernetes/CVE-2025-30204.patch new file mode 100644 index 0000000000..b4bfb7aefa --- /dev/null +++ b/SPECS/kubernetes/CVE-2025-30204.patch @@ -0,0 +1,72 @@ +From 5dc62bf02f675d71ba521c6ae2a502474a0f351b Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Fri, 28 Mar 2025 21:58:44 +0000 +Subject: [PATCH] CVE-2025-30204 + +Upstream Patch Reference : v4: https://github.com/golang-jwt/jwt/commit/2f0e9add62078527821828c76865661aa7718a84 + +--- + vendor/github.com/golang-jwt/jwt/v4/parser.go | 36 +++++++++++++++++++++++--- + 1 file changed, 33 insertions(+), 3 deletions(-) + +diff --git a/vendor/github.com/golang-jwt/jwt/v4/parser.go b/vendor/github.com/golang-jwt/jwt/v4/parser.go +index c0a6f69..8e7e67c 100644 +--- a/vendor/github.com/golang-jwt/jwt/v4/parser.go ++++ b/vendor/github.com/golang-jwt/jwt/v4/parser.go +@@ -7,6 +7,8 @@ import ( + "strings" + ) + ++const tokenDelimiter = "." ++ + type Parser struct { + // If populated, only these methods will be considered valid. + // +@@ -123,9 +125,10 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf + // It's only ever useful in cases where you know the signature is valid (because it has + // been checked previously in the stack) and you want to extract values from it. + func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { +- parts = strings.Split(tokenString, ".") +- if len(parts) != 3 { +- return nil, parts, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) ++ var ok bool ++ parts, ok = splitToken(tokenString) ++ if !ok { ++ return nil, nil, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) + } + + token = &Token{Raw: tokenString} +@@ -175,3 +178,30 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke + + return token, parts, nil + } ++ ++// splitToken splits a token string into three parts: header, claims, and signature. It will only ++// return true if the token contains exactly two delimiters and three parts. In all other cases, it ++// will return nil parts and false. ++func splitToken(token string) ([]string, bool) { ++ parts := make([]string, 3) ++ header, remain, ok := strings.Cut(token, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[0] = header ++ claims, remain, ok := strings.Cut(remain, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[1] = claims ++ // One more cut to ensure the signature is the last part of the token and there are no more ++ // delimiters. This avoids an issue where malicious input could contain additional delimiters ++ // causing unecessary overhead parsing tokens. ++ signature, _, unexpected := strings.Cut(remain, tokenDelimiter) ++ if unexpected { ++ return nil, false ++ } ++ parts[2] = signature ++ ++ return parts, true ++} +-- +2.45.2 + diff --git a/SPECS/kubernetes/kubernetes.spec b/SPECS/kubernetes/kubernetes.spec index 7ecfb556e4..15f750692e 100644 --- a/SPECS/kubernetes/kubernetes.spec +++ b/SPECS/kubernetes/kubernetes.spec @@ -10,7 +10,7 @@ Summary: Microsoft Kubernetes Name: kubernetes Version: 1.30.10 -Release: 4%{?dist} +Release: 5%{?dist} License: ASL 2.0 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -23,6 +23,7 @@ Patch1: CVE-2024-45338.patch Patch2: CVE-2025-27144.patch Patch3: CVE-2025-22868.patch Patch4: CVE-2025-22869.patch +Patch5: CVE-2025-30204.patch BuildRequires: flex-devel BuildRequires: glibc-static >= 2.38-9%{?dist} BuildRequires: golang @@ -95,8 +96,7 @@ Summary: Kubernetes pause Pause component for Microsoft Kubernetes %{version}. %prep -%setup -q -c -n %{name} -%autopatch -p1 +%autosetup -p1 -c -n %{name} %build # set version information @@ -275,6 +275,10 @@ fi %{_exec_prefix}/local/bin/pause %changelog +* Fri Apr 28 2025 Ranjan Dutta - 1.30.10-5 +- merge from Azure Linux tag 3.0.20250423-3.0 +- Patch CVE-2025-30204 + * Fri Mar 21 2025 Anuj Mittal - 1.30.10-4 - Bump Release to rebuild diff --git a/SPECS/libarchive/CVE-2025-1632.patch b/SPECS/libarchive/CVE-2025-1632.patch new file mode 100644 index 0000000000..341f7f0a74 --- /dev/null +++ b/SPECS/libarchive/CVE-2025-1632.patch @@ -0,0 +1,59 @@ +From 0a35ab97fae6fb9acecab46b570c14e3be1646e7 Mon Sep 17 00:00:00 2001 +From: Peter Kaestle +Date: Wed, 5 Mar 2025 15:34:44 +0100 +Subject: [PATCH] unzip/bsdunzip.c: fix NULL ptr dereference issue inside + list() + +Fix CVE-2025-1632 by detecting NULL return of archive_entry_pathname() +and replacing it by "INVALID PATH" string. + +Error poc: https://github.com/Ekkosun/pocs/blob/main/bsdunzip-poc + +Upstream Reference : https://github.com/libarchive/libarchive/pull/2532 + +Signed-off-by: Peter Kaestle +--- + unzip/bsdunzip.c | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +diff --git a/unzip/bsdunzip.c b/unzip/bsdunzip.c +index 7c8cafc3e..4a9028b79 100644 +--- a/unzip/bsdunzip.c ++++ b/unzip/bsdunzip.c +@@ -876,6 +876,7 @@ list(struct archive *a, struct archive_entry *e) + char buf[20]; + time_t mtime; + struct tm *tm; ++ const char *pathname; + + mtime = archive_entry_mtime(e); + tm = localtime(&mtime); +@@ -884,22 +885,25 @@ list(struct archive *a, struct archive_entry *e) + else + strftime(buf, sizeof(buf), "%m-%d-%g %R", tm); + ++ pathname = archive_entry_pathname(e); ++ if (!pathname) ++ pathname = ""; + if (!zipinfo_mode) { + if (v_opt == 1) { + printf(" %8ju %s %s\n", + (uintmax_t)archive_entry_size(e), +- buf, archive_entry_pathname(e)); ++ buf, pathname); + } else if (v_opt == 2) { + printf("%8ju Stored %7ju 0%% %s %08x %s\n", + (uintmax_t)archive_entry_size(e), + (uintmax_t)archive_entry_size(e), + buf, + 0U, +- archive_entry_pathname(e)); ++ pathname); + } + } else { + if (Z1_opt) +- printf("%s\n",archive_entry_pathname(e)); ++ printf("%s\n", pathname); + } + ac(archive_read_data_skip(a)); + } diff --git a/SPECS/libarchive/CVE-2025-25724.patch b/SPECS/libarchive/CVE-2025-25724.patch new file mode 100644 index 0000000000..95465ec0ca --- /dev/null +++ b/SPECS/libarchive/CVE-2025-25724.patch @@ -0,0 +1,36 @@ +From 6636f89f5fe08a20de3b2d034712c781d3a67985 Mon Sep 17 00:00:00 2001 +From: Peter Kaestle +Date: Wed, 5 Mar 2025 15:01:14 +0100 +Subject: [PATCH] tar/util.c: fix NULL pointer dereference issue on strftime + +Fix CVE-2025-25724 by detecting NULL return of localtime_r(&tim, &tmbuf), +which could happen in case tim is incredible big. + +In case this error is triggered, put an "INVALID DATE" string into the +outbuf. + +Error poc: https://github.com/Ekkosun/pocs/blob/main/bsdtarbug + +Upstream Reference : https://github.com/libarchive/libarchive/pull/2532 + +Signed-off-by: Peter Kaestle +--- + tar/util.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/tar/util.c b/tar/util.c +index 3b099cb5f..f3cbdf0bb 100644 +--- a/tar/util.c ++++ b/tar/util.c +@@ -749,7 +749,10 @@ list_item_verbose(struct bsdtar *bsdtar, FILE *out, struct archive_entry *entry) + #else + ltime = localtime(&tim); + #endif +- strftime(tmp, sizeof(tmp), fmt, ltime); ++ if (ltime) ++ strftime(tmp, sizeof(tmp), fmt, ltime); ++ else ++ sprintf(tmp, "-- -- ----"); + fprintf(out, " %s ", tmp); + safe_fprintf(out, "%s", archive_entry_pathname(entry)); + diff --git a/SPECS/libarchive/libarchive.spec b/SPECS/libarchive/libarchive.spec index 99ce351dcf..d5af3e69fb 100644 --- a/SPECS/libarchive/libarchive.spec +++ b/SPECS/libarchive/libarchive.spec @@ -1,13 +1,15 @@ Summary: Multi-format archive and compression library Name: libarchive Version: 3.7.7 -Release: 1%{?dist} +Release: 2%{?dist} # Certain files have individual licenses. For more details see contents of "COPYING". License: BSD AND Public Domain AND (ASL 2.0 OR CC0 1.0 OR OpenSSL) Vendor: Microsoft Corporation Distribution: Azure Linux URL: https://www.libarchive.org/ Source0: https://github.com/libarchive/libarchive/releases/download/v%{version}/%{name}-%{version}.tar.gz +Patch0: CVE-2025-1632.patch +Patch1: CVE-2025-25724.patch Provides: bsdtar = %{version}-%{release} BuildRequires: xz-libs @@ -60,6 +62,9 @@ make %{?_smp_mflags} check %{_libdir}/pkgconfig/*.pc %changelog +* Tue Mar 11 2025 Kanishk Bansal - 3.7.7-2 +- Patch CVE-2025-1632, CVE-2025-25724 + * Tue Oct 15 2024 Nan Liu - 3.7.7-1 - Upgrade to 3.7.7 - Fix CVE-2024-48957, CVE-2024-48958, CVE-2024-20696 - Remove unused patches diff --git a/SPECS/libdwarf/libdwarf.signatures.json b/SPECS/libdwarf/libdwarf.signatures.json index 9f0ef88da6..7546b0e114 100644 --- a/SPECS/libdwarf/libdwarf.signatures.json +++ b/SPECS/libdwarf/libdwarf.signatures.json @@ -1,5 +1,5 @@ { - "Signatures": { - "libdwarf-0.9.0.tar.xz": "d3cad80a337276a7581bb90ebcddbd743484a99a959157c066dd30f7535db59b" - } + "Signatures": { + "libdwarf-0.9.2.tar.xz": "22b66d06831a76f6a062126cdcad3fcc58540b89a1acb23c99f8861f50999ec3" + } } diff --git a/SPECS/libdwarf/libdwarf.spec b/SPECS/libdwarf/libdwarf.spec index a1fb5bde2e..129e8857b1 100644 --- a/SPECS/libdwarf/libdwarf.spec +++ b/SPECS/libdwarf/libdwarf.spec @@ -1,5 +1,5 @@ Name: libdwarf -Version: 0.9.0 +Version: 0.9.2 Release: 1%{?dist} Summary: Library to access the DWARF Debugging file format @@ -89,6 +89,9 @@ TZ=:America/Los_Angeles %__make check %changelog +* Fri Mar 28 2025 CBL-Mariner Servicing Account - 0.9.2-1 +- Auto-upgrade to 0.9.2 - for CVE-2024-2002 + * Tue Jan 02 2024 Sindhu Karri - 0.9.0-1 - Upgraded to 0.9.0 - License verified diff --git a/SPECS/libdwarf/libdwarf_skip_test.patch b/SPECS/libdwarf/libdwarf_skip_test.patch index c515171330..e871e4e628 100644 --- a/SPECS/libdwarf/libdwarf_skip_test.patch +++ b/SPECS/libdwarf/libdwarf_skip_test.patch @@ -1,12 +1,21 @@ +From 891b29b1a5a6df0b733641a7fc4b985482e506df Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Fri, 28 Mar 2025 16:11:19 +0000 +Subject: [PATCH] libdwarf_skip_test + +--- + test/Makefile.am | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + diff --git a/test/Makefile.am b/test/Makefile.am -index 2a2827e..b7c3ed7 100644 +index 437fa2b..65697b5 100644 --- a/test/Makefile.am +++ b/test/Makefile.am @@ -272,7 +272,7 @@ if HAVE_DWARFEXAMPLE TESTS += test_debuglink-a.sh test_debuglink-b.sh endif endif --TESTS += test_dwarfdumpLinux.sh test_dwarfdumpPE.sh test_dwarfdumpMacos.sh +-TESTS += test_dwarfdumpLinux.sh test_dwarfdumpPE.sh test_dwarfdumpMacos.sh +TESTS += test_dwarfdumpLinux.sh if HAVE_DWARFEXAMPLE TESTS += test_jitreaderdiff.sh @@ -22,3 +31,6 @@ index 2a2827e..b7c3ed7 100644 test_dwarfdump.py \ test_dwarf_leb.c \ test_dwarf_tied.c \ +-- +2.45.2 + diff --git a/SPECS/libreswan/libreswan.signatures.json b/SPECS/libreswan/libreswan.signatures.json index e5db025067..ea01f13018 100644 --- a/SPECS/libreswan/libreswan.signatures.json +++ b/SPECS/libreswan/libreswan.signatures.json @@ -1,6 +1,6 @@ { "Signatures": { - "libreswan-4.7.tar.gz": "ddd6337b3900063d870301c3d9f61f56107c765850fb00a163d360359ff3fc44", + "libreswan-4.15.tar.gz": "82bebab53d47c1e229a8fe99a939c49c1651de1f7b8c9159ec1c552cc9c3bc64", "ikev1_dsa.fax.bz2": "030c7ac59422c2c36ed332efca925b18dd842da138619daab65c15663c687086", "ikev1_psk.fax.bz2": "4698f0d8e653e20f279dd54aa1a270aadcc3e99da9e3a91852af12a644cc3531", "ikev2.fax.bz2": "36f356538cdcab6a1712425ad386f32834f0dc333acbc4cc642db0f910be1d21" diff --git a/SPECS/libreswan/libreswan.spec b/SPECS/libreswan/libreswan.spec index 4edf209dfa..8d9c2c966d 100644 --- a/SPECS/libreswan/libreswan.spec +++ b/SPECS/libreswan/libreswan.spec @@ -11,6 +11,7 @@ INITSYSTEM=systemd \\\ PYTHON_BINARY=%{__python3} \\\ SHELL_BINARY=%{_bindir}/sh \\\ + DEFAULT_DNSSEC_ROOTKEY_FILE="/var/lib/unbound/root.key" \\\ USE_DNSSEC=true \\\ USE_LABELED_IPSEC=true \\\ USE_LDAP=true \\\ @@ -25,8 +26,8 @@ Summary: Internet Key Exchange (IKEv1 and IKEv2) implementation for IPsec Name: libreswan -Version: 4.7 -Release: 7%{?dist} +Version: 4.15 +Release: 1%{?dist} License: GPLv2+ Vendor: Microsoft Corporation Distribution: Azure Linux @@ -36,10 +37,6 @@ Source0: https://github.com/libreswan/libreswan/archive/refs/tags/v%{vers Source3: https://download.libreswan.org/cavs/ikev1_dsa.fax.bz2 Source4: https://download.libreswan.org/cavs/ikev1_psk.fax.bz2 Source5: https://download.libreswan.org/cavs/ikev2.fax.bz2 -Patch0: CVE-2023-38710.patch -Patch1: CVE-2023-38711.patch -Patch2: CVE-2023-38712.patch -Patch3: capng_apply.patch BuildRequires: audit-libs-devel BuildRequires: bison @@ -177,7 +174,7 @@ certutil -N -d sql:$tmpdir --empty-password %files %license CREDITS COPYING LICENSE -%doc CHANGES README* +%doc CHANGES README* %doc docs/*.* docs/examples %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/ipsec.conf %attr(0600,root,root) %config(noreplace) %{_sysconfdir}/ipsec.secrets @@ -197,6 +194,10 @@ certutil -N -d sql:$tmpdir --empty-password %doc %{_mandir}/*/* %changelog +* Sat Mar 29 2025 Kanishk Bansal - 4.15-1 +- Upgrade to 4.15 to fix CVE-2024-3652, CVE-2024-2357, CVE-2023-30570 +- Remove previously applied patches + * Wed Apr 17 2024 Andrew Phelps - 4.7-7 - Add capng_apply.patch to fix build break diff --git a/SPECS/libssh/libssh.signatures.json b/SPECS/libssh/libssh.signatures.json index ab25cffb40..2d15f6effc 100644 --- a/SPECS/libssh/libssh.signatures.json +++ b/SPECS/libssh/libssh.signatures.json @@ -1,9 +1,9 @@ { - "Signatures": { - "libssh-0.10.5.tar.xz": "b60e2ff7f367b9eee2b5634d3a63303ddfede0e6a18dfca88c44a8770e7e4234", - "libssh-0.10.5.tar.xz.asc": "cc5427ac9480b30f87f7c3c2dca1830c1e7fe3c18503da2c07d4110150916c66", - "libssh.keyring": "3861ac6763ff3edf0bbbb05fe890962a5dbcd99b2e00fae16687fd480c7fab0f", - "libssh_client.config": "332db0f675f29a2f1295486489cd5b2d0fb9ead138674e8c890b2e69daa50035", - "libssh_server.config": "b779ac90d463057293a5474b014f3fc6e4fc342f2a96b068eb2cc40d6112b9c7" - } -} + "Signatures": { + "libssh-0.10.6.tar.xz.asc": "140420406d7796548b0beaf736e73864c32291787cf2bd3983fdbc41741494ae", + "libssh.keyring": "3861ac6763ff3edf0bbbb05fe890962a5dbcd99b2e00fae16687fd480c7fab0f", + "libssh_client.config": "332db0f675f29a2f1295486489cd5b2d0fb9ead138674e8c890b2e69daa50035", + "libssh_server.config": "b779ac90d463057293a5474b014f3fc6e4fc342f2a96b068eb2cc40d6112b9c7", + "libssh-0.10.6.tar.xz": "1861d498f5b6f1741b6abc73e608478491edcf9c9d4b6630eef6e74596de9dc1" + } +} \ No newline at end of file diff --git a/SPECS/libssh/libssh.spec b/SPECS/libssh/libssh.spec index 6916226b62..238cea54e0 100644 --- a/SPECS/libssh/libssh.spec +++ b/SPECS/libssh/libssh.spec @@ -1,8 +1,8 @@ Vendor: Microsoft Corporation Distribution: Azure Linux Name: libssh -Version: 0.10.5 -Release: 2%{?dist} +Version: 0.10.6 +Release: 1%{?dist} Summary: A library implementing the SSH protocol License: LGPLv2+ URL: http://www.libssh.org @@ -144,6 +144,9 @@ popd %attr(0644,root,root) %config(noreplace) %{_sysconfdir}/libssh/libssh_server.config %changelog +* Tue Feb 25 2025 CBL-Mariner Servicing Account - 0.10.6-1 +- Auto-upgrade to 0.10.6 - for CVE-2023-6004, CVE-2023-6918 & CVE-2023-48795 [Medium] + * Fri May 26 2023 Vince Perri - 0.10.5-2 - License verified. - Switched to out-of-source build. diff --git a/SPECS/libxslt/libxslt.signatures.json b/SPECS/libxslt/libxslt.signatures.json index 24b963d927..fbdcfabb64 100644 --- a/SPECS/libxslt/libxslt.signatures.json +++ b/SPECS/libxslt/libxslt.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "libxslt-1.1.39.tar.xz": "2a20ad621148339b0759c4d4e96719362dee64c9a096dbba625ba053846349f0" + "libxslt-1.1.43.tar.xz": "5a3d6b383ca5afc235b171118e90f5ff6aa27e9fea3303065231a6d403f0183a" } } diff --git a/SPECS/libxslt/libxslt.spec b/SPECS/libxslt/libxslt.spec index 0f9d094b2d..12a787bd66 100644 --- a/SPECS/libxslt/libxslt.spec +++ b/SPECS/libxslt/libxslt.spec @@ -1,7 +1,7 @@ %define majminorver %(echo %{version} | cut -d. -f 1,2) Summary: Libxslt is the XSLT C library developed for the GNOME project. XSLT is a an XML language to define transformation for XML. Name: libxslt -Version: 1.1.39 +Version: 1.1.43 Release: 1%{?dist} License: MIT Vendor: Microsoft Corporation @@ -55,10 +55,10 @@ make %{?_smp_mflags} check %files %defattr(-,root,root) -%license COPYING +%license Copyright +%doc AUTHORS NEWS README.md FEATURES %{_libdir}/*.so.* %{_libdir}/*.sh -%{_libdir}/libxslt-plugins %{_bindir}/* %{_mandir}/man1/* @@ -71,12 +71,14 @@ make %{?_smp_mflags} check %{_includedir}/* %{_docdir}/* %{_datadir}/gtk-doc/* -%{_datadir}/aclocal/* %{_mandir}/man3/* %changelog +* Tue Mar 18 2025 Sindhu Karri - 1.1.43-1 +- Upgrade to version 1.1.43 to fix CVE-2024-55549 and CVE-2025-24855 + * Tue Nov 28 2023 Andrew Phelps - 1.1.39-1 - Upgrade to version 1.1.39 diff --git a/SPECS/local-path-provisioner/CVE-2020-8565.patch b/SPECS/local-path-provisioner/CVE-2020-8565.patch new file mode 100644 index 0000000000..a78ccd25b7 --- /dev/null +++ b/SPECS/local-path-provisioner/CVE-2020-8565.patch @@ -0,0 +1,26 @@ +From 0e2a9c6cdbf88b5f4ec393d9e8794866bd2e7f17 Mon Sep 17 00:00:00 2001 +From: archana25-ms +Date: Wed, 12 Feb 2025 09:32:34 +0000 +Subject: [PATCH] Address CVE-2020-8565 + +Source link: https://github.com/kubernetes/kubernetes/pull/95316 + +--- + vendor/k8s.io/client-go/transport/round_trippers.go | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/vendor/k8s.io/client-go/transport/round_trippers.go b/vendor/k8s.io/client-go/transport/round_trippers.go +index a05208d..f4cfadb 100644 +--- a/vendor/k8s.io/client-go/transport/round_trippers.go ++++ b/vendor/k8s.io/client-go/transport/round_trippers.go +@@ -340,6 +340,7 @@ func (r *requestInfo) toCurl() string { + headers := "" + for key, values := range r.RequestHeaders { + for _, value := range values { ++ value = maskValue(key, value) + headers += fmt.Sprintf(` -H %q`, fmt.Sprintf("%s: %s", key, value)) + } + } +-- +2.45.2 + diff --git a/SPECS/local-path-provisioner/local-path-provisioner.spec b/SPECS/local-path-provisioner/local-path-provisioner.spec index a0fe56a8f3..b90bd8dda6 100644 --- a/SPECS/local-path-provisioner/local-path-provisioner.spec +++ b/SPECS/local-path-provisioner/local-path-provisioner.spec @@ -1,7 +1,7 @@ Summary: Provides a way for the Kubernetes users to utilize the local storage in each node Name: local-path-provisioner Version: 0.0.24 -Release: 5%{?dist} +Release: 6%{?dist} License: ASL 2.0 URL: https://github.com/rancher/local-path-provisioner Group: Applications/Text @@ -12,6 +12,7 @@ Source0: https://github.com/rancher/%{name}/archive/refs/tags/v%{version} Patch0: CVE-2023-45288.patch Patch1: CVE-2023-39325.patch Patch2: CVE-2023-44487.patch +Patch3: CVE-2020-8565.patch BuildRequires: golang %description @@ -32,12 +33,17 @@ install local-path-provisioner %{buildroot}%{_bindir}/local-path-provisioner %{_bindir}/local-path-provisioner %changelog +* Fri Apr 28 2025 Ranjan Dutta - 0.0.24-6 +- merge from Azure Linux tag 3.0.20250423-3.0 +- Address CVE-2020-8565 + * Fri Mar 21 2025 Anuj Mittal - 0.0.24-5 - Bump Release to rebuild * Tue Mar 04 2025 corvus-callidus <108946721+corvus-callidus@users.noreply.github.com> - 0.0.24-4 * Address CVE-2023-44487 + * Fri Feb 14 2025 Kanishk Bansal - 0.0.24-3 - Address CVE-2023-45288, CVE-2023-39325 diff --git a/SPECS/mariadb/mariadb.signatures.json b/SPECS/mariadb/mariadb.signatures.json index 89c1435a10..b4fa24c0e2 100644 --- a/SPECS/mariadb/mariadb.signatures.json +++ b/SPECS/mariadb/mariadb.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "mariadb-10.11.10.tar.gz": "82905406675c7fa909ac9afda4c0a78a98523d44a0257afe00d19130119ca422" + "mariadb-10.11.11.tar.gz": "14cc0d9d9a7a330231d9ed91ac28f29b502d2f1e7021d81c940280db52bac812" } } diff --git a/SPECS/mariadb/mariadb.spec b/SPECS/mariadb/mariadb.spec index d68078399d..5fb98b71e1 100644 --- a/SPECS/mariadb/mariadb.spec +++ b/SPECS/mariadb/mariadb.spec @@ -1,6 +1,6 @@ Summary: Database servers made by the original developers of MySQL. Name: mariadb -Version: 10.11.10 +Version: 10.11.11 Release: 1%{?dist} License: GPLv2 WITH exceptions AND LGPLv2 AND BSD Vendor: Microsoft Corporation @@ -469,6 +469,9 @@ fi %{_datadir}/mysql/hindi/errmsg.sys %changelog +* Thu Mar 27 2025 CBL-Mariner Servicing Account - 10.11.11-1 +- Auto-upgrade to 10.11.11 - for CVE-2025-21490 + * Tue Nov 05 2024 CBL-Mariner Servicing Account - 10.11.10-1 - Auto-upgrade to 10.11.10 - to address CVE-2024-21096 diff --git a/SPECS/mlnx-ethtool/mlnx-ethtool.signatures.json b/SPECS/mlnx-ethtool/mlnx-ethtool.signatures.json new file mode 100644 index 0000000000..eda2cb8014 --- /dev/null +++ b/SPECS/mlnx-ethtool/mlnx-ethtool.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "mlnx-ethtool-6.9.tar.gz": "927834fe390dda259484cebfa033c962eadcc293422817aa442847ce167b919a" + } +} \ No newline at end of file diff --git a/SPECS/mlnx-ethtool/mlnx-ethtool.spec b/SPECS/mlnx-ethtool/mlnx-ethtool.spec new file mode 100644 index 0000000000..d65e26b5cd --- /dev/null +++ b/SPECS/mlnx-ethtool/mlnx-ethtool.spec @@ -0,0 +1,46 @@ +Name: mlnx-ethtool +Version: 6.9 +Release: 2%{?dist} +Group: Utilities +Summary: Settings tool for Ethernet and other network devices +License: GPLv2 +Vendor: Microsoft Corporation +Distribution: Azure Linux +URL: https://ftp.kernel.org/pub/software/network/ethtool/ +Buildroot: /var/tmp/%{name}-%{version}-build +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/24.10-0.7.0.0/SRPMS/mlnx-ethtool-6.9.tar.gz#/%{name}-%{version}.tar.gz +ExclusiveArch: x86_64 + +BuildRequires: libmnl-devel + +%description +This utility allows querying and changing settings such as speed, +port, auto-negotiation, PCI locations and checksum offload on many +network devices, especially Ethernet devices. + +%prep +%setup -q + + +%build +CFLAGS="${RPM_OPT_FLAGS}" ./configure --prefix=%{_prefix} --mandir=%{_mandir} +make + + +%install +make install DESTDIR=${RPM_BUILD_ROOT} + + +%files +%defattr(-,root,root) +%{_sbindir}/ethtool +%{_mandir}/man8/ethtool.8* +%{_datadir}/bash-completion/completions/ethtool +%doc AUTHORS NEWS README +%license COPYING + + +%changelog +* Tue Dec 17 2024 Binu Jose Philip +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified diff --git a/SPECS/mlnx-iproute2/mlnx-iproute2.signatures.json b/SPECS/mlnx-iproute2/mlnx-iproute2.signatures.json new file mode 100644 index 0000000000..7a3487a660 --- /dev/null +++ b/SPECS/mlnx-iproute2/mlnx-iproute2.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "mlnx-iproute2-6.10.0.tar.gz": "f8333badc404ccd6e79eb29d2761a4f53db122eb86ac4193c65fdb10d6f916f1" + } +} \ No newline at end of file diff --git a/SPECS/mlnx-iproute2/mlnx-iproute2.spec b/SPECS/mlnx-iproute2/mlnx-iproute2.spec new file mode 100644 index 0000000000..a205128e61 --- /dev/null +++ b/SPECS/mlnx-iproute2/mlnx-iproute2.spec @@ -0,0 +1,116 @@ +# This is a version of iproute2.spec sent to upstream with mlnx customization. + +# On e.g. Mariner, __make is set to {_bindir}/make which gets broken when +# you modify _prefix that modifies _bindir. Use 'global' to save this with +# the original value. This works with a simple macro such as __make but +# should probably not ne used with more complex ones: +%global __make %{__make} + +%global _prefix /opt/mellanox/iproute2 +%global _exec_prefix %{_prefix} +%global package_name mlnx-iproute2 +%global package_version 6.10.0 +%global configs_under_prefix 1 +%global netns_package_name netns-mlnx + +# Specify mandatory rpmbuild parameter package_version, like: +# rpmbuild -d'package_version 5.1.0' +# +# Other optional parameters are: package_name, netns_package_name +# and configs_under_prefix. + +%global debug_package %{nil} + +%{!?package_name: %global package_name iproute2} +%{!?netns_package_name: %global netns_package_name netns} + +%if 0%{?configs_under_prefix:1} + %global config_dir %{_prefix}%{_sysconfdir} + %global netns_config_dir %{config_dir}/netns +%else + %global config_dir %{_sysconfdir}/mlnx-iproute2 + %global netns_config_dir %{_sysconfdir}/%{netns_package_name} +%endif + +Summary: Advanced IP routing and network device configuration tools +Name: mlnx-iproute2 +Version: 6.10.0 +Release: 2%{?dist} +License: GPLv2 +Group: Networking/Admin +Vendor: Microsoft Corporation +Distribution: Azure Linux +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/24.10-0.7.0.0/SRPMS/mlnx-iproute2-6.10.0.tar.gz#/%{name}-%{version}.tar.gz +URL: http://www.linuxfoundation.org/collaborate/workgroups/networking/iproute2 +ExclusiveArch: x86_64 + +BuildRequires: bison +BuildRequires: flex +BuildRoot: /var/tmp/%{name}-%{version}-build + +%description +The iproute package contains networking utilities (like ip and tc) +designed to use the advanced networking capabilities of the Linux kernel. + +%package -n libnetlink-devel +Summary: Library for the netlink interface +Group: Development/Libraries + +%description -n libnetlink-devel +This library provides an interface for kernel-user netlink interface. + +# The dependency on libdb-5.3 comes from arpd. This tool is not really +# used in our package. In some platforms libdb-5.3 is not available by +# default even though we include the devel package on the build system. +# But users don't really need arpd from this package. +%global __requires_exclude_from sbin/arpd + +%prep +%setup -q + +%build +./configure +%{__make} \ + CC="%{__cc}" \ + PREFIX="%{_prefix}" \ + LIBDIR="%{_libdir}" \ + SBINDIR="%{_sbindir}" \ + CONF_ETC_DIR="%{config_dir}/etc" \ + CONF_USR_DIR="%{config_dir}/usr" \ + NETNS_RUN_DIR="%{_var}/run/%{netns_package_name}" \ + NETNS_ETC_DIR="%{netns_config_dir}" \ + +%install +rm -rf $RPM_BUILD_ROOT +install -d $RPM_BUILD_ROOT{%{_includedir},%{_libdir},%{_sbindir}} + +%{__make} install \ + DESTDIR=$RPM_BUILD_ROOT \ + PREFIX="%{_prefix}" \ + LIBDIR="%{_libdir}" \ + SBINDIR="%{_sbindir}" \ + CONF_ETC_DIR="%{config_dir}/etc" \ + CONF_USR_DIR="%{config_dir}/usr" \ + NETNS_RUN_DIR="%{_var}/run/%{netns_package_name}" \ + NETNS_ETC_DIR="%{netns_config_subdir}" \ + +install -m 644 lib/libnetlink.a $RPM_BUILD_ROOT%{_libdir} +install -m 644 include/libnetlink.h $RPM_BUILD_ROOT%{_includedir} + +%clean +rm -rf $RPM_BUILD_ROOT + +%files +%defattr(-,root,root,-) +%license COPYING +%doc README README.devel +%config(noreplace) %verify(not md5 mtime size) %{config_dir}/* +%{_prefix}/include/* +%{_prefix}/share/* +%{_libdir}/* +%{_sbindir}/* + +%changelog +* Tue Dec 17 2024 Binu Jose Philip +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified diff --git a/SPECS/mlnx-nfsrdma/mlnx-nfsrdma.signatures.json b/SPECS/mlnx-nfsrdma/mlnx-nfsrdma.signatures.json new file mode 100644 index 0000000000..c4fe2cb95e --- /dev/null +++ b/SPECS/mlnx-nfsrdma/mlnx-nfsrdma.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "mlnx-nfsrdma-24.10.tgz": "d2e66a9b6d6e40e621728ea25fa10b4b9ccd5ea3952fdaf2546e9420687a648c" + } +} \ No newline at end of file diff --git a/SPECS/mlnx-nfsrdma/mlnx-nfsrdma.spec b/SPECS/mlnx-nfsrdma/mlnx-nfsrdma.spec new file mode 100644 index 0000000000..b6ac7da709 --- /dev/null +++ b/SPECS/mlnx-nfsrdma/mlnx-nfsrdma.spec @@ -0,0 +1,291 @@ +# +# Copyright (c) 2016 Mellanox Technologies. All rights reserved. +# +# This Software is licensed under one of the following licenses: +# +# 1) under the terms of the "Common Public License 1.0" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/cpl.php. +# +# 2) under the terms of the "The BSD License" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/bsd-license.php. +# +# 3) under the terms of the "GNU General Public License (GPL) Version 2" a +# copy of which is available from the Open Source Initiative, see +# http://www.opensource.org/licenses/gpl-license.php. +# +# Licensee has the right to choose one of the above licenses. +# +# Redistributions of source code must retain the above copyright +# notice and one of the license notices. +# +# Redistributions in binary form must reproduce both the above copyright +# notice, one of the license notices in the documentation +# and/or other materials provided with the distribution. +# +# + +%global last-known-kernel 6.6.82.1-1 + +%if 0%{emt} +%global target_kernel_version_full %(/bin/rpm -q --queryformat '%{VERSION}-%{RELEASE}' kernel-headers) +%else +%global target_kernel_version_full f.a.k.e +%endif + + +%global KVERSION %{target_kernel_version_full} +%global K_SRC /lib/modules/%{target_kernel_version_full}/build + +%{!?_name: %define _name mlnx-nfsrdma} +%{!?_version: %define _version 24.10} +%{!?_release: %define _release OFED.24.10.0.6.7.1} + +# KMP is disabled by default +%{!?KMP: %global KMP 0} + +# take kernel version or default to uname -r +# %{!?KVERSION: %global KVERSION %(uname -r)} +%{!?KVERSION: %global KVERSION %{target_kernel_version_full}} +%global kernel_version %{KVERSION} +%global krelver %(echo -n %{KVERSION} | sed -e 's/-/_/g') +# take path to kernel sources if provided, otherwise look in default location (for non KMP rpms). +%{!?K_SRC: %global K_SRC /lib/modules/%{KVERSION}/build} + +# define release version +%{!?src_release: %global src_release %{_release}_%{krelver}} +%if "%{KMP}" != "1" +%global _release1 %{src_release} +%else +%global _release1 %{_release} +%endif +%global _kmp_rel %{_release1}%{?_kmp_build_num}%{?_dist} + +Summary: %{_name} Driver +Name: mlnx-nfsrdma +Version: 24.10 +Release: 13%{?dist} +License: GPLv2 +Url: http://www.mellanox.com +Group: System Environment/Base +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/24.10-0.7.0.0/SRPMS/mlnx-nfsrdma-24.10.tgz#/%{_name}-%{_version}.tgz +BuildRoot: /var/tmp/%{name}-%{version}-build +Vendor: Microsoft Corporation +Distribution: Azure Linux +ExclusiveArch: x86_64 + +BuildRequires: gcc +BuildRequires: make +BuildRequires: kernel-devel = %{target_kernel_version_full} +BuildRequires: kernel-headers = %{target_kernel_version_full} +BuildRequires: binutils +BuildRequires: systemd +BuildRequires: kmod +BuildRequires: mlnx-ofa_kernel-devel = %{_version} +BuildRequires: mlnx-ofa_kernel-source = %{_version} + +Requires: mlnx-ofa_kernel = %{_version} +Requires: mlnx-ofa_kernel-modules = %{_version} +Requires: kernel = %{target_kernel_version_full} +Requires: kmod + +%description +%{name} kernel modules + +# build KMP rpms? +%if "%{KMP}" == "1" +%global kernel_release() $(make -s -C %{1} kernelrelease M=$PWD) +BuildRequires: %kernel_module_package_buildreqs +%(mkdir -p %{buildroot}) +%(echo '%defattr (-,root,root)' > %{buildroot}/file_list) +%(echo '/lib/modules/%2-%1' >> %{buildroot}/file_list) +%(echo '%config(noreplace) %{_sysconfdir}/depmod.d/zz02-%{name}-*-%1.conf' >> %{buildroot}/file_list) +%{kernel_module_package -f %{buildroot}/file_list -r %{_kmp_rel} } +%else +%global kernel_source() %{K_SRC} +%global kernel_release() %{KVERSION} +%global flavors_to_build default +%endif + +# +# setup module sign scripts if paths to the keys are given +# +%global WITH_MOD_SIGN %(if ( test -f "$MODULE_SIGN_PRIV_KEY" && test -f "$MODULE_SIGN_PUB_KEY" ); \ + then \ + echo -n '1'; \ + else \ + echo -n '0'; fi) + +%if "%{WITH_MOD_SIGN}" == "1" +# call module sign script +%global __modsign_install_post \ + %{_builddir}/%{name}-%{version}/source/tools/sign-modules %{buildroot}/lib/modules/ %{kernel_source default} || exit 1 \ +%{nil} + +%global __debug_package 1 +%global buildsubdir %{name}-%{version} +# Disgusting hack alert! We need to ensure we sign modules *after* all +# invocations of strip occur, which is in __debug_install_post if +# find-debuginfo.sh runs, and __os_install_post if not. +# +%global __spec_install_post \ + %{?__debug_package:%{__debug_install_post}} \ + %{__arch_install_post} \ + %{__os_install_post} \ + %{__modsign_install_post} \ +%{nil} + +%endif # end of setup module sign scripts +# + +%if "%{_vendor}" == "suse" +%debug_package +%endif + +%if 0%{?anolis} == 8 +%global __find_requires %{nil} +%endif + +# set modules dir +%if "%{_vendor}" == "redhat" || ("%{_vendor}" == "openEuler") +%if 0%{?fedora} +%global install_mod_dir updates/%{name} +%else +%global install_mod_dir extra/%{name} +%endif +%endif + +%if "%{_vendor}" == "suse" +%global install_mod_dir updates/%{name} +%endif + +%{!?install_mod_dir: %global install_mod_dir updates/%{name}} + +%prep +%setup +set -- * +mkdir source +mv "$@" source/ +mkdir obj + +%build +export EXTRA_CFLAGS='-DVERSION=\"%version\"' +export INSTALL_MOD_DIR=%{install_mod_dir} +export CONF_OPTIONS="%{configure_options}" +for flavor in %{flavors_to_build}; do + export K_BUILD=%{kernel_source $flavor} + export KVER=%{kernel_release $K_BUILD} + export LIB_MOD_DIR=/lib/modules/$KVER/$INSTALL_MOD_DIR + rm -rf obj/$flavor + cp -r source obj/$flavor + cd $PWD/obj/$flavor + make + cd - +done + +%install +export INSTALL_MOD_PATH=%{buildroot} +export INSTALL_MOD_DIR=%{install_mod_dir} +export PREFIX=%{_prefix} +for flavor in %flavors_to_build; do + export K_BUILD=%{kernel_source $flavor} + export KVER=%{kernel_release $K_BUILD} + cd $PWD/obj/$flavor + make install KERNELRELEASE=$KVER + # Cleanup unnecessary kernel-generated module dependency files. + find $INSTALL_MOD_PATH/lib/modules -iname 'modules.*' -exec rm {} \; + cd - +done + +# Set the module(s) to be executable, so that they will be stripped when packaged. +find %{buildroot} \( -type f -name '*.ko' -o -name '*ko.gz' \) -exec %{__chmod} u+x \{\} \; + +%{__install} -d %{buildroot}%{_sysconfdir}/depmod.d/ +for module in `find %{buildroot}/ -name '*.ko' -o -name '*.ko.gz' | sort` +do +ko_name=${module##*/} +mod_name=${ko_name/.ko*/} +mod_path=${module/*\/%{name}} +mod_path=${mod_path/\/${ko_name}} +%if "%{_vendor}" == "suse" + for flavor in %{flavors_to_build}; do + if [[ $module =~ $flavor ]] || [ "X%{KMP}" != "X1" ];then + echo "override ${mod_name} * updates/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}-$flavor.conf + fi + done +%else + %if 0%{?fedora} + echo "override ${mod_name} * updates/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}.conf + %else + %if "%{_vendor}" == "redhat" || ("%{_vendor}" == "openEuler") + echo "override ${mod_name} * weak-updates/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}.conf + %endif + echo "override ${mod_name} * extra/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}.conf + %endif +%endif +done + + +%clean +rm -rf %{buildroot} + +%post +if [ $1 -ge 1 ]; then # This package is being installed or reinstalled + /sbin/depmod %{KVERSION} +fi +# END of post + +%postun +/sbin/depmod %{KVERSION} + +%if "%{KMP}" != "1" +%files +%defattr(-,root,root,-) +%license source/debian/copyright +/lib/modules/%{KVERSION}/%{install_mod_dir}/ +%config(noreplace) %{_sysconfdir}/depmod.d/zz02-%{name}-*.conf +%endif + +%changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 24.10-13 +- Bump release to rebuild for new kernel release + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 24.10-12 +- Bump release to rebuild for new kernel release + +* Mon Mar 10 2025 Chris Co - 24.10-11 +- Bump release to rebuild for new kernel release + +* Wed Mar 05 2025 Rachel Menge - 24.10-10 +- Bump release to rebuild for new kernel release + +* Tue Mar 04 2025 Rachel Menge - 24.10-9 +- Bump release to rebuild for new kernel release + +* Wed Feb 19 2025 Chris Co - 24.10-8 +- Bump release to rebuild for new kernel release + +* Tue Feb 11 2025 Rachel Menge - 24.10-7 +- Bump release to rebuild for new kernel release + +* Wed Feb 05 2025 Tobias Brick - 24.10-6 +- Bump release to rebuild for new kernel release + +* Tue Feb 04 2025 Alberto David Perez Guevara - 24.10-5 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-4 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-3 +- Bump release to match kernel + +* Thu Jan 30 2025 Rachel Menge - 24.10-2 +- Bump release to match kernel + +* Tue Dec 17 2024 Binu Jose Philip - 24.10-1 +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified +* Mon Aug 15 2016 Alaa Hleihel +- Initial packaging diff --git a/SPECS/mlx-bootctl/mlx-bootctl.signatures.json b/SPECS/mlx-bootctl/mlx-bootctl.signatures.json new file mode 100644 index 0000000000..a73bf5aea7 --- /dev/null +++ b/SPECS/mlx-bootctl/mlx-bootctl.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "mlx-bootctl-1.5.tar.gz": "a8d54835308361727ce73e73d7db81307acb8bd7672c5e7bf778dfc7cfddd2d9" + } +} diff --git a/SPECS/mlx-bootctl/mlx-bootctl.spec b/SPECS/mlx-bootctl/mlx-bootctl.spec new file mode 100644 index 0000000000..24a490ee13 --- /dev/null +++ b/SPECS/mlx-bootctl/mlx-bootctl.spec @@ -0,0 +1,136 @@ +# +# Copyright (c) 2017 Mellanox Technologies. All rights reserved. +# +# This Software is licensed under one of the following licenses: +# +# 1) under the terms of the "Common Public License 1.0" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/cpl.php. +# +# 2) under the terms of the "The BSD License" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/bsd-license.php. +# +# 3) under the terms of the "GNU General Public License (GPL) Version 2" a +# copy of which is available from the Open Source Initiative, see +# http://www.opensource.org/licenses/gpl-license.php. +# +# Licensee has the right to choose one of the above licenses. +# +# Redistributions of source code must retain the above copyright +# notice and one of the license notices. +# +# Redistributions in binary form must reproduce both the above copyright +# notice, one of the license notices in the documentation +# and/or other materials provided with the distribution. +# +# + +%global extended_release 0.g99bc4ab +%global BF_VERSION 3.9.0 + +# take kernel version or default to uname -r +%global KVERSION %(/bin/rpm -q --queryformat '%{RPMTAG_VERSION}-%{RPMTAG_RELEASE}' $(/bin/rpm -q --whatprovides kernel-headers)) +%global K_SRC %{_libdir}/modules/%{KVERSION}/build +%global moddestdir %{buildroot}%{_libdir}/modules/%{KVERSION}/kernel/ + +Summary: mlx-bootctl Driver +Name: mlx-bootctl +# Update extended_release with version updates +Version: 1.5 +Release: 1%{?dist} +License: GPLv2 or BSD or CPL +Vendor: Microsoft Corporation +Distribution: Azure Linux +Group: System Environment/Base +URL: https://www.mellanox.com/ +Source: https://linux.mellanox.com/public/repo/bluefield/%{BF_VERSION}/extras/SOURCES/%{name}-%{version}.tar.gz +BuildRequires: kernel-devel +BuildRequires: kmod + +%description +%{name} kernel modules release %extended_release + +%global kernel_source() %{K_SRC} +%global kernel_release() %{KVERSION} +%global flavors_to_build default + +# set modules dir +%{!?install_mod_dir: %global install_mod_dir extra/%{name}} + +%prep +%autosetup -p1 +set -- * +mkdir source +mv "$@" source/ +cp source/debian/copyright COPYRIGHT +mkdir obj + +%build +export EXTRA_CFLAGS='-DVERSION=\"%version\"' +export INSTALL_MOD_DIR=%{install_mod_dir} +export CONF_OPTIONS="%{configure_options}" +for flavor in %{flavors_to_build}; do + export K_BUILD=%{kernel_source $flavor} + export KVER=%{kernel_release $K_BUILD} + export LIB_MOD_DIR=/lib/modules/$KVER/$INSTALL_MOD_DIR + rm -rf obj/$flavor + cp -r source obj/$flavor + cd $PWD/obj/$flavor + make -C $K_BUILD M=$PWD + cd - +done + +%install +export INSTALL_MOD_PATH=%{buildroot} +export INSTALL_MOD_DIR=%{install_mod_dir} +export PREFIX=%{_prefix} +for flavor in %flavors_to_build; do + export K_BUILD=%{kernel_source $flavor} + export KVER=%{kernel_release $K_BUILD} + cd $PWD/obj/$flavor + make -C $K_BUILD M=$PWD INSTALL_MOD_PATH=${INSTALL_MOD_PATH} INSTALL_MOD_DIR=${INSTALL_MOD_DIR} modules_install + + # Cleanup unnecessary kernel-generated module dependency files. + find $INSTALL_MOD_PATH/lib/modules -iname 'modules.*' -exec rm {} \; + cd - +done + +# Set the module(s) to be executable, so that they will be stripped when packaged. +find %{buildroot} \( -type f -name '*.ko' -o -name '*ko.gz' \) -exec %{__chmod} u+x \{\} \; + +%{__install} -d %{buildroot}%{_sysconfdir}/depmod.d/ +for module in `find %{buildroot}/ -name '*.ko' -o -name '*.ko.gz'` +do +ko_name=${module##*/} +mod_name=${ko_name/.ko*/} +mod_path=${module/*\/%{name}} +mod_path=${mod_path/\/${ko_name}} +echo "override ${mod_name} * extra/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}.conf +done +/sbin/depmod -a %{KVERSION} + +%post +if [ $1 -ge 1 ]; then # 1 : This package is being installed or reinstalled + /sbin/depmod %{KVERSION} +fi # 1 : closed +# END of post + +%postun +/sbin/depmod %{KVERSION} + +%files +%defattr(-,root,root,-) +%license COPYRIGHT +/lib/modules/%{KVERSION}/ +%{_sysconfdir}/depmod.d/zz02-%{name}.conf + +%changelog +* Fri Jul 22 2022 Rachel Menge - 1.5-1 +- Initial CBL-Mariner import from NVIDIA (license: GPLv2). +- Lint spec to conform to Mariner +- Remove unused module signing +- License verified + +* Fri Sep 1 2017 Vladimir Sokolovsky +- Initial packaging diff --git a/SPECS/mlx-steering-dump/mlx-steering-dump.signatures.json b/SPECS/mlx-steering-dump/mlx-steering-dump.signatures.json new file mode 100644 index 0000000000..831b41489a --- /dev/null +++ b/SPECS/mlx-steering-dump/mlx-steering-dump.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "mlx-steering-dump-1.0.0.tar.gz": "d0c5aa459fc248246d07a439a5ce0fa297c05be98654981d718ab74196d0334c" + } +} \ No newline at end of file diff --git a/SPECS/mlx-steering-dump/mlx-steering-dump.spec b/SPECS/mlx-steering-dump/mlx-steering-dump.spec new file mode 100644 index 0000000000..d5d0c26666 --- /dev/null +++ b/SPECS/mlx-steering-dump/mlx-steering-dump.spec @@ -0,0 +1,80 @@ +# +# Copyright (c) 2017 Mellanox Technologies. All rights reserved. +# +# This Software is licensed under one of the following licenses: +# +# 1) under the terms of the "Common Public License 1.0" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/cpl.php. +# +# 2) under the terms of the "The BSD License" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/bsd-license.php. +# +# 3) under the terms of the "GNU General Public License (GPL) Version 2" a +# copy of which is available from the Open Source Initiative, see +# http://www.opensource.org/licenses/gpl-license.php. +# +# Licensee has the right to choose one of the above licenses. +# +# Redistributions of source code must retain the above copyright +# notice and one of the license notices. +# +# Redistributions in binary form must reproduce both the above copyright +# notice, one of the license notices in the documentation +# and/or other materials provided with the distribution. +# +# + +Summary: Mellanox steering dump parser +Name: mlx-steering-dump +Version: 1.0.0 +Release: 1%{?dist} +License: GPLv2 +Url: https://github.com/Mellanox/mlx_steering_dump +Group: Applications/System +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/24.10-0.7.0.0/SRPMS/mlx-steering-dump-1.0.0.tar.gz#/%{name}-%{version}.tar.gz +BuildRoot: /var/tmp/%{name}-%{version}-build +Vendor: Microsoft Corporation +Distribution: Azure Linux +ExclusiveArch: x86_64 +Requires: python3 + +%description +This is Mellanox SW steering parser and triggering for dump files in CSV format. +The supported dump files are those generated by ConnectX5 and ConnectX6DX. + +%prep +%setup -q %{name}-%{version} + +%install +install -d %{buildroot}/usr/share/mlx-steering-dump/sws/src/parsers +install -d %{buildroot}/usr/share/mlx-steering-dump/hws/src +install -d %{buildroot}/usr/bin/ + +install -m 755 sws/mlx_steering_dump_parser.py %{buildroot}/usr/share/mlx-steering-dump/sws +install -m 644 sws/src/*.py %{buildroot}/usr/share/mlx-steering-dump/sws/src/ +install -m 644 sws/src/parsers/*.py %{buildroot}/usr/share/mlx-steering-dump/sws/src/parsers/ +install -m 755 sws/mlx_steering_dump %{buildroot}/usr/bin/ + +install -m 755 hws/mlx_hw_steering_parser.py %{buildroot}/usr/share/mlx-steering-dump/hws +install -m 644 hws/src/*.py %{buildroot}/usr/share/mlx-steering-dump/hws/src/ +install -m 755 hws/mlx_hw_steering_dump %{buildroot}/usr/bin/ + +%clean + +%preun + + +%files +%license debian/copyright +/usr/share/mlx-steering-dump/* +/usr/bin/mlx_steering_dump +/usr/bin/mlx_hw_steering_dump + +%changelog +* Tue Dec 17 2024 Binu Jose Philip +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified +* Wed Oct 6 2021 Mohammad Kabat +- Add rpm support diff --git a/SPECS/moby-containerd-cc/CVE-2023-39325.patch b/SPECS/moby-containerd-cc/CVE-2023-39325.patch new file mode 100644 index 0000000000..d311a2499c --- /dev/null +++ b/SPECS/moby-containerd-cc/CVE-2023-39325.patch @@ -0,0 +1,152 @@ +From 84b30b3380727ea94e05c438ab695ea24e38fb0c Mon Sep 17 00:00:00 2001 +From: Damien Neil +Date: Fri, 6 Oct 2023 09:51:19 -0700 +Subject: [PATCH] http2: limit maximum handler goroutines to + MaxConcurrentStreams + +When the peer opens a new stream while we have MaxConcurrentStreams +handler goroutines running, defer starting a handler until one +of the existing handlers exits. + +Fixes golang/go#63417 +Fixes CVE-2023-39325 + +Change-Id: If0531e177b125700f3e24c5ebd24b1023098fa6d +Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2045854 +TryBot-Result: Security TryBots +Reviewed-by: Ian Cottrell +Reviewed-by: Tatiana Bradley +Run-TryBot: Damien Neil +Reviewed-on: https://go-review.googlesource.com/c/net/+/534215 +Reviewed-by: Michael Pratt +Reviewed-by: Dmitri Shuralyov +LUCI-TryBot-Result: Go LUCI +Auto-Submit: Dmitri Shuralyov +Reviewed-by: Damien Neil + +Modified to apply to vendored code by: Daniel McIlvaney + - Adjusted paths + - Removed reference to server_test.go +--- + .../vendor/golang.org/x/net/http2/server.go | 66 ++++++++++++++++++- + 1 file changed, 64 insertions(+), 2 deletions(-) + +diff --git a/vendor/golang.org/x/net/http2/server.go b/vendor/golang.org/x/net/http2/server.go +index 8cb14f3..6000140 100644 +--- a/vendor/golang.org/x/net/http2/server.go ++++ b/vendor/golang.org/x/net/http2/server.go +@@ -581,9 +581,11 @@ type serverConn struct { + advMaxStreams uint32 // our SETTINGS_MAX_CONCURRENT_STREAMS advertised the client + curClientStreams uint32 // number of open streams initiated by the client + curPushedStreams uint32 // number of open streams initiated by server push ++ curHandlers uint32 // number of running handler goroutines + maxClientStreamID uint32 // max ever seen from client (odd), or 0 if there have been no client requests + maxPushPromiseID uint32 // ID of the last push promise (even), or 0 if there have been no pushes + streams map[uint32]*stream ++ unstartedHandlers []unstartedHandler + initialStreamSendWindowSize int32 + maxFrameSize int32 + peerMaxHeaderListSize uint32 // zero means unknown (default) +@@ -981,6 +983,8 @@ func (sc *serverConn) serve() { + return + case gracefulShutdownMsg: + sc.startGracefulShutdownInternal() ++ case handlerDoneMsg: ++ sc.handlerDone() + default: + panic("unknown timer") + } +@@ -1028,6 +1032,7 @@ var ( + idleTimerMsg = new(serverMessage) + shutdownTimerMsg = new(serverMessage) + gracefulShutdownMsg = new(serverMessage) ++ handlerDoneMsg = new(serverMessage) + ) + + func (sc *serverConn) onSettingsTimer() { sc.sendServeMsg(settingsTimerMsg) } +@@ -2022,8 +2027,7 @@ func (sc *serverConn) processHeaders(f *MetaHeadersFrame) error { + } + } + +- go sc.runHandler(rw, req, handler) +- return nil ++ return sc.scheduleHandler(id, rw, req, handler) + } + + func (sc *serverConn) upgradeRequest(req *http.Request) { +@@ -2043,6 +2047,10 @@ func (sc *serverConn) upgradeRequest(req *http.Request) { + sc.conn.SetReadDeadline(time.Time{}) + } + ++ // This is the first request on the connection, ++ // so start the handler directly rather than going ++ // through scheduleHandler. ++ sc.curHandlers++ + go sc.runHandler(rw, req, sc.handler.ServeHTTP) + } + +@@ -2283,8 +2291,62 @@ func (sc *serverConn) newResponseWriter(st *stream, req *http.Request) *response + return &responseWriter{rws: rws} + } + ++type unstartedHandler struct { ++ streamID uint32 ++ rw *responseWriter ++ req *http.Request ++ handler func(http.ResponseWriter, *http.Request) ++} ++ ++// scheduleHandler starts a handler goroutine, ++// or schedules one to start as soon as an existing handler finishes. ++func (sc *serverConn) scheduleHandler(streamID uint32, rw *responseWriter, req *http.Request, handler func(http.ResponseWriter, *http.Request)) error { ++ sc.serveG.check() ++ maxHandlers := sc.advMaxStreams ++ if sc.curHandlers < maxHandlers { ++ sc.curHandlers++ ++ go sc.runHandler(rw, req, handler) ++ return nil ++ } ++ if len(sc.unstartedHandlers) > int(4*sc.advMaxStreams) { ++ return sc.countError("too_many_early_resets", ConnectionError(ErrCodeEnhanceYourCalm)) ++ } ++ sc.unstartedHandlers = append(sc.unstartedHandlers, unstartedHandler{ ++ streamID: streamID, ++ rw: rw, ++ req: req, ++ handler: handler, ++ }) ++ return nil ++} ++ ++func (sc *serverConn) handlerDone() { ++ sc.serveG.check() ++ sc.curHandlers-- ++ i := 0 ++ maxHandlers := sc.advMaxStreams ++ for ; i < len(sc.unstartedHandlers); i++ { ++ u := sc.unstartedHandlers[i] ++ if sc.streams[u.streamID] == nil { ++ // This stream was reset before its goroutine had a chance to start. ++ continue ++ } ++ if sc.curHandlers >= maxHandlers { ++ break ++ } ++ sc.curHandlers++ ++ go sc.runHandler(u.rw, u.req, u.handler) ++ sc.unstartedHandlers[i] = unstartedHandler{} // don't retain references ++ } ++ sc.unstartedHandlers = sc.unstartedHandlers[i:] ++ if len(sc.unstartedHandlers) == 0 { ++ sc.unstartedHandlers = nil ++ } ++} ++ + // Run on its own goroutine. + func (sc *serverConn) runHandler(rw *responseWriter, req *http.Request, handler func(http.ResponseWriter, *http.Request)) { ++ defer sc.sendServeMsg(handlerDoneMsg) + didPanic := true + defer func() { + rw.rws.stream.cancelCtx() +-- +2.33.8 diff --git a/SPECS/moby-containerd-cc/CVE-2023-44487.patch b/SPECS/moby-containerd-cc/CVE-2023-44487.patch index d311a2499c..d7700e5a87 100644 --- a/SPECS/moby-containerd-cc/CVE-2023-44487.patch +++ b/SPECS/moby-containerd-cc/CVE-2023-44487.patch @@ -1,152 +1,477 @@ -From 84b30b3380727ea94e05c438ab695ea24e38fb0c Mon Sep 17 00:00:00 2001 -From: Damien Neil -Date: Fri, 6 Oct 2023 09:51:19 -0700 -Subject: [PATCH] http2: limit maximum handler goroutines to - MaxConcurrentStreams - -When the peer opens a new stream while we have MaxConcurrentStreams -handler goroutines running, defer starting a handler until one -of the existing handlers exits. - -Fixes golang/go#63417 -Fixes CVE-2023-39325 - -Change-Id: If0531e177b125700f3e24c5ebd24b1023098fa6d -Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2045854 -TryBot-Result: Security TryBots -Reviewed-by: Ian Cottrell -Reviewed-by: Tatiana Bradley -Run-TryBot: Damien Neil -Reviewed-on: https://go-review.googlesource.com/c/net/+/534215 -Reviewed-by: Michael Pratt -Reviewed-by: Dmitri Shuralyov -LUCI-TryBot-Result: Go LUCI -Auto-Submit: Dmitri Shuralyov -Reviewed-by: Damien Neil - -Modified to apply to vendored code by: Daniel McIlvaney - - Adjusted paths - - Removed reference to server_test.go +From a0fd4b065528566eec54fe207aa5e3131babc378 Mon Sep 17 00:00:00 2001 +From: Monis Khan +Date: Sat, 7 Oct 2023 21:50:37 -0400 +Subject: [PATCH] Prevent rapid reset http2 DOS on API server + +This change fully addresses CVE-2023-44487 and CVE-2023-39325 for +the API server when the client is unauthenticated. + +The changes to util/runtime are required because otherwise a large +number of requests can get blocked on the time.Sleep calls. + +For unauthenticated clients (either via 401 or the anonymous user), +we simply no longer allow such clients to hold open http2 +connections. They can use http2, but with the performance of http1 +(with keep-alive disabled). + +Since this change has the potential to cause issues, the +UnauthenticatedHTTP2DOSMitigation feature gate can be disabled to +remove this protection (it is enabled by default). For example, +when the API server is fronted by an L7 load balancer that is set up +to mitigate http2 attacks, unauthenticated clients could force +disable connection reuse between the load balancer and the API +server (many incoming connections could share the same backend +connection). An API server that is on a private network may opt to +disable this protection to prevent performance regressions for +unauthenticated clients. + +For all other clients, we rely on the golang.org/x/net fix in +https://github.com/golang/net/commit/b225e7ca6dde1ef5a5ae5ce922861bda011cfabd +That change is not sufficient to adequately protect against a +motivated client - future changes to Kube and/or golang.org/x/net +will be explored to address this gap. + +The Kube API server now uses a max stream of 100 instead of 250 +(this matches the Go http2 client default). This lowers the abuse +limit from 1000 to 400. + +Signed-off-by: Monis Khan + +Kubernetes-commit: 800a8eaba7f25bd223fefe6e7613e39a5d7f1eeb --- - .../vendor/golang.org/x/net/http2/server.go | 66 ++++++++++++++++++- - 1 file changed, 64 insertions(+), 2 deletions(-) - -diff --git a/vendor/golang.org/x/net/http2/server.go b/vendor/golang.org/x/net/http2/server.go -index 8cb14f3..6000140 100644 ---- a/vendor/golang.org/x/net/http2/server.go -+++ b/vendor/golang.org/x/net/http2/server.go -@@ -581,9 +581,11 @@ type serverConn struct { - advMaxStreams uint32 // our SETTINGS_MAX_CONCURRENT_STREAMS advertised the client - curClientStreams uint32 // number of open streams initiated by the client - curPushedStreams uint32 // number of open streams initiated by server push -+ curHandlers uint32 // number of running handler goroutines - maxClientStreamID uint32 // max ever seen from client (odd), or 0 if there have been no client requests - maxPushPromiseID uint32 // ID of the last push promise (even), or 0 if there have been no pushes - streams map[uint32]*stream -+ unstartedHandlers []unstartedHandler - initialStreamSendWindowSize int32 - maxFrameSize int32 - peerMaxHeaderListSize uint32 // zero means unknown (default) -@@ -981,6 +983,8 @@ func (sc *serverConn) serve() { - return - case gracefulShutdownMsg: - sc.startGracefulShutdownInternal() -+ case handlerDoneMsg: -+ sc.handlerDone() - default: - panic("unknown timer") - } -@@ -1028,6 +1032,7 @@ var ( - idleTimerMsg = new(serverMessage) - shutdownTimerMsg = new(serverMessage) - gracefulShutdownMsg = new(serverMessage) -+ handlerDoneMsg = new(serverMessage) - ) - - func (sc *serverConn) onSettingsTimer() { sc.sendServeMsg(settingsTimerMsg) } -@@ -2022,8 +2027,7 @@ func (sc *serverConn) processHeaders(f *MetaHeadersFrame) error { - } - } + vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go | 15 +++++++++------ + 1 files changed, 9 insertions(+), 6 deletions(-) -- go sc.runHandler(rw, req, handler) -- return nil -+ return sc.scheduleHandler(id, rw, req, handler) +diff --git a/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go b/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go +index d738725ca..3674914f7 100644 +--- a/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go ++++ b/vendor/k8s.io/apimachinery/pkg/util/runtime/runtime.go +@@ -126,14 +126,17 @@ type rudimentaryErrorBackoff struct { + // OnError will block if it is called more often than the embedded period time. + // This will prevent overly tight hot error loops. + func (r *rudimentaryErrorBackoff) OnError(error) { ++ now := time.Now() // start the timer before acquiring the lock + r.lastErrorTimeLock.Lock() +- defer r.lastErrorTimeLock.Unlock() +- d := time.Since(r.lastErrorTime) +- if d < r.minPeriod { +- // If the time moves backwards for any reason, do nothing +- time.Sleep(r.minPeriod - d) +- } ++ d := now.Sub(r.lastErrorTime) + r.lastErrorTime = time.Now() ++ r.lastErrorTimeLock.Unlock() ++ ++ // Do not sleep with the lock held because that causes all callers of HandleError to block. ++ // We only want the current goroutine to block. ++ // A negative or zero duration causes time.Sleep to return immediately. ++ // If the time moves backwards for any reason, do nothing. ++ time.Sleep(r.minPeriod - d) } + + // GetCaller returns the caller of the function that calls it. - func (sc *serverConn) upgradeRequest(req *http.Request) { -@@ -2043,6 +2047,10 @@ func (sc *serverConn) upgradeRequest(req *http.Request) { - sc.conn.SetReadDeadline(time.Time{}) - } +From 445b7139064deb9502a249f896c52d317fda74ea Mon Sep 17 00:00:00 2001 +From: Monis Khan +Date: Sat, 7 Oct 2023 21:50:37 -0400 +Subject: [PATCH] Prevent rapid reset http2 DOS on API server -+ // This is the first request on the connection, -+ // so start the handler directly rather than going -+ // through scheduleHandler. -+ sc.curHandlers++ - go sc.runHandler(rw, req, sc.handler.ServeHTTP) - } +This change fully addresses CVE-2023-44487 and CVE-2023-39325 for +the API server when the client is unauthenticated. + +The changes to util/runtime are required because otherwise a large +number of requests can get blocked on the time.Sleep calls. + +For unauthenticated clients (either via 401 or the anonymous user), +we simply no longer allow such clients to hold open http2 +connections. They can use http2, but with the performance of http1 +(with keep-alive disabled). + +Since this change has the potential to cause issues, the +UnauthenticatedHTTP2DOSMitigation feature gate can be disabled to +remove this protection (it is enabled by default). For example, +when the API server is fronted by an L7 load balancer that is set up +to mitigate http2 attacks, unauthenticated clients could force +disable connection reuse between the load balancer and the API +server (many incoming connections could share the same backend +connection). An API server that is on a private network may opt to +disable this protection to prevent performance regressions for +unauthenticated clients. + +For all other clients, we rely on the golang.org/x/net fix in +https://github.com/golang/net/commit/b225e7ca6dde1ef5a5ae5ce922861bda011cfabd +That change is not sufficient to adequately protect against a +motivated client - future changes to Kube and/or golang.org/x/net +will be explored to address this gap. -@@ -2283,8 +2291,62 @@ func (sc *serverConn) newResponseWriter(st *stream, req *http.Request) *response - return &responseWriter{rws: rws} +The Kube API server now uses a max stream of 100 instead of 250 +(this matches the Go http2 client default). This lowers the abuse +limit from 1000 to 400. + +Signed-off-by: Monis Khan + +Kubernetes-commit: 800a8eaba7f25bd223fefe6e7613e39a5d7f1eeb + +Modified by: corvus-callidus <108946721+corvus-callidus@users.noreply.github.com +- Adjusted to apply to AzL3 package in preparation for patch needed to fix grpc for + CVE-2023-44487 +- Removed references to files not packaged with AzL3 source + +--- + + vendor/k8s.io/apiserver/pkg/features/kube_features.go | 20 ++ + 1 files changed, 20 insertions(+) + +diff --git a/vendor/k8s.io/apiserver/pkg/features/kube_features.go b/vendor/k8s.io/apiserver/pkg/features/kube_features.go +index 68b13d720..5468c2539 100644 +--- a/vendor/k8s.io/apiserver/pkg/features/kube_features.go ++++ b/vendor/k8s.io/apiserver/pkg/features/kube_features.go +@@ -184,6 +184,24 @@ const ( + // Enables server-side field validation. + ServerSideFieldValidation featuregate.Feature = "ServerSideFieldValidation" + ++ // owner: @enj ++ // beta: v1.29 ++ // ++ // Enables http2 DOS mitigations for unauthenticated clients. ++ // ++ // Some known reasons to disable these mitigations: ++ // ++ // An API server that is fronted by an L7 load balancer that is set up ++ // to mitigate http2 attacks may opt to disable this protection to prevent ++ // unauthenticated clients from disabling connection reuse between the load ++ // balancer and the API server (many incoming connections could share the ++ // same backend connection). ++ // ++ // An API server that is on a private network may opt to disable this ++ // protection to prevent performance regressions for unauthenticated ++ // clients. ++ UnauthenticatedHTTP2DOSMitigation featuregate.Feature = "UnauthenticatedHTTP2DOSMitigation" ++ + // owner: @caesarxuchao @roycaihw + // alpha: v1.20 + // +@@ -305,5 +323,7 @@ var defaultKubernetesFeatureGates = map[featuregate.Feature]featuregate.FeatureS + + StorageVersionHash: {Default: true, PreRelease: featuregate.Beta}, + ++ UnauthenticatedHTTP2DOSMitigation: {Default: true, PreRelease: featuregate.Beta}, ++ + WatchBookmark: {Default: true, PreRelease: featuregate.GA, LockToDefault: true}, } -+type unstartedHandler struct { -+ streamID uint32 -+ rw *responseWriter -+ req *http.Request -+ handler func(http.ResponseWriter, *http.Request) + + + +From 6eabd7e1834e47b20f55cbe9d473fc607c693358 Mon Sep 17 00:00:00 2001 +From: Alexey Ivanov +Date: Tue, 11 Apr 2023 11:34:42 -0700 +Subject: [PATCH] server: use least-requests loadbalancer for workers (#6004) + +Modified by: corvus-callidus <108946721+corvus-callidus@users.noreply.github.com +- Adjusted to apply to AzL3 package in preparation for patch needed to fix grpc for + CVE-2023-44487 + +--- + vendor/google.golang.org/grpc/server.go | 52 ++++++++++++++++++++++------------------------------ + 1 file changed, 22 insertions(+), 30 deletions(-) + +diff --git a/vendor/google.golang.org/grpc/server.go b/vendor/google.golang.org/grpc/server.go +index 087b9ad7c1f6..76d152a69c8f 100644 +--- a/vendor/google.golang.org/grpc/server.go ++++ b/vendor/google.golang.org/grpc/server.go +@@ -43,7 +43,6 @@ import ( + "google.golang.org/grpc/internal" + "google.golang.org/grpc/internal/binarylog" + "google.golang.org/grpc/internal/channelz" +- "google.golang.org/grpc/internal/grpcrand" + "google.golang.org/grpc/internal/grpcsync" + "google.golang.org/grpc/internal/transport" + "google.golang.org/grpc/keepalive" +@@ -146,7 +145,7 @@ type Server struct { + channelzID *channelz.Identifier + czData *channelzData + +- serverWorkerChannels []chan *serverWorkerData ++ serverWorkerChannel chan *serverWorkerData + } + + type serverOptions struct { +@@ -561,40 +560,38 @@ func NumStreamWorkers(numServerWorkers uint32) ServerOption { + const serverWorkerResetThreshold = 1 << 16 + + // serverWorkers blocks on a *transport.Stream channel forever and waits for +-// data to be fed by serveStreams. This allows different requests to be ++// data to be fed by serveStreams. This allows multiple requests to be + // processed by the same goroutine, removing the need for expensive stack + // re-allocations (see the runtime.morestack problem [1]). + // + // [1] https://github.com/golang/go/issues/18138 +-func (s *Server) serverWorker(ch chan *serverWorkerData) { +- // To make sure all server workers don't reset at the same time, choose a +- // random number of iterations before resetting. +- threshold := serverWorkerResetThreshold + grpcrand.Intn(serverWorkerResetThreshold) +- for completed := 0; completed < threshold; completed++ { +- data, ok := <-ch ++func (s *Server) serverWorker() { ++ for completed := 0; completed < serverWorkerResetThreshold; completed++ { ++ data, ok := <-s.serverWorkerChannel + if !ok { + return + } +- s.handleStream(data.st, data.stream, s.traceInfo(data.st, data.stream)) +- data.wg.Done() ++ s.handleSingleStream(data) + } +- go s.serverWorker(ch) ++ go s.serverWorker() + } + +-// initServerWorkers creates worker goroutines and channels to process incoming ++func (s *Server) handleSingleStream(data *serverWorkerData) { ++ defer data.wg.Done() ++ s.handleStream(data.st, data.stream, s.traceInfo(data.st, data.stream)) +} + -+// scheduleHandler starts a handler goroutine, -+// or schedules one to start as soon as an existing handler finishes. -+func (sc *serverConn) scheduleHandler(streamID uint32, rw *responseWriter, req *http.Request, handler func(http.ResponseWriter, *http.Request)) error { -+ sc.serveG.check() -+ maxHandlers := sc.advMaxStreams -+ if sc.curHandlers < maxHandlers { -+ sc.curHandlers++ -+ go sc.runHandler(rw, req, handler) -+ return nil -+ } -+ if len(sc.unstartedHandlers) > int(4*sc.advMaxStreams) { -+ return sc.countError("too_many_early_resets", ConnectionError(ErrCodeEnhanceYourCalm)) ++// initServerWorkers creates worker goroutines and a channel to process incoming + // connections to reduce the time spent overall on runtime.morestack. + func (s *Server) initServerWorkers() { +- s.serverWorkerChannels = make([]chan *serverWorkerData, s.opts.numServerWorkers) ++ s.serverWorkerChannel = make(chan *serverWorkerData) + for i := uint32(0); i < s.opts.numServerWorkers; i++ { +- s.serverWorkerChannels[i] = make(chan *serverWorkerData) +- go s.serverWorker(s.serverWorkerChannels[i]) ++ go s.serverWorker() + } + } + + func (s *Server) stopServerWorkers() { +- for i := uint32(0); i < s.opts.numServerWorkers; i++ { +- close(s.serverWorkerChannels[i]) +- } ++ close(s.serverWorkerChannel) + } + + // NewServer creates a gRPC server which has no service registered and has not +@@ -946,26 +943,21 @@ func (s *Server) serveStreams(st transport.ServerTransport) { + defer st.Close(errors.New("finished serving streams for the server transport")) + var wg sync.WaitGroup + +- var roundRobinCounter uint32 + st.HandleStreams(func(stream *transport.Stream) { + wg.Add(1) + if s.opts.numServerWorkers > 0 { + data := &serverWorkerData{st: st, wg: &wg, stream: stream} + select { +- case s.serverWorkerChannels[atomic.AddUint32(&roundRobinCounter, 1)%s.opts.numServerWorkers] <- data: ++ case s.serverWorkerChannel <- data: ++ return + default: + // If all stream workers are busy, fallback to the default code path. +- go func() { +- s.handleStream(st, stream, s.traceInfo(st, stream)) +- wg.Done() +- }() + } +- } else { +- go func() { +- defer wg.Done() +- s.handleStream(st, stream, s.traceInfo(st, stream)) +- }() + } ++ go func() { ++ defer wg.Done() ++ s.handleStream(st, stream, s.traceInfo(st, stream)) ++ }() + }, func(ctx context.Context, method string) context.Context { + if !EnableTracing { + return ctx + + +From f2180b4d5403d2210b30b93098eb7da31c05c721 Mon Sep 17 00:00:00 2001 +From: Doug Fawley +Date: Tue, 10 Oct 2023 10:51:45 -0700 +Subject: [PATCH] server: prohibit more than MaxConcurrentStreams handlers from + running at once (#6703) + +Modified by: corvus-callidus <108946721+corvus-callidus@users.noreply.github.com +- Adjusted to apply to AzL3 package source +- This is the grpc fix for CVE-2023-44487 + +--- + vendor/google.golang.org/grpc/internal/transport/http2_server.go | 11 +-- + vendor/google.golang.org/grpc/server.go | 71 ++++++++++++------ + 5 files changed, 210 insertions(+), 45 deletions(-) + create mode 100644 server_ext_test.go + +diff --git a/vendor/google.golang.org/grpc/internal/transport/http2_server.go b/vendor/google.golang.org/grpc/internal/transport/http2_server.go +index 57475d27977f..6fa1eb41992a 100644 +--- a/vendor/google.golang.org/grpc/internal/transport/http2_server.go ++++ b/vendor/google.golang.org/grpc/internal/transport/http2_server.go +@@ -171,15 +171,10 @@ func NewServerTransport(conn net.Conn, config *ServerConfig) (_ ServerTransport, + ID: http2.SettingMaxFrameSize, + Val: http2MaxFrameLen, + }} +- // TODO(zhaoq): Have a better way to signal "no limit" because 0 is +- // permitted in the HTTP2 spec. +- maxStreams := config.MaxStreams +- if maxStreams == 0 { +- maxStreams = math.MaxUint32 +- } else { ++ if config.MaxStreams != math.MaxUint32 { + isettings = append(isettings, http2.Setting{ + ID: http2.SettingMaxConcurrentStreams, +- Val: maxStreams, ++ Val: config.MaxStreams, + }) + } + dynamicWindow := true +@@ -258,7 +253,7 @@ func NewServerTransport(conn net.Conn, config *ServerConfig) (_ ServerTransport, + framer: framer, + readerDone: make(chan struct{}), + writerDone: make(chan struct{}), +- maxStreams: maxStreams, ++ maxStreams: config.MaxStreams, + inTapHandle: config.InTapHandle, + fc: &trInFlow{limit: uint32(icwz)}, + state: reachable, +diff --git a/vendor/google.golang.org/grpc/server.go b/vendor/google.golang.org/grpc/server.go +index a7b5532dac2d..8f60d421437d 100644 +--- a/vendor/google.golang.org/grpc/server.go ++++ b/vendor/google.golang.org/grpc/server.go +@@ -115,12 +115,6 @@ type serviceInfo struct { + mdata interface{} + } + +-type serverWorkerData struct { +- st transport.ServerTransport +- wg *sync.WaitGroup +- stream *transport.Stream +-} +- + // Server is a gRPC server to serve RPC requests. + type Server struct { + opts serverOptions +@@ -145,7 +139,7 @@ type Server struct { + channelzID *channelz.Identifier + czData *channelzData + +- serverWorkerChannel chan *serverWorkerData ++ serverWorkerChannel chan func() + } + + type serverOptions struct { +@@ -179,6 +173,7 @@ type serverOptions struct { + } + + var defaultServerOptions = serverOptions{ ++ maxConcurrentStreams: math.MaxUint32, + maxReceiveMessageSize: defaultServerMaxReceiveMessageSize, + maxSendMessageSize: defaultServerMaxSendMessageSize, + connectionTimeout: 120 * time.Second, +@@ -404,6 +399,9 @@ func MaxSendMsgSize(m int) ServerOption { + // MaxConcurrentStreams returns a ServerOption that will apply a limit on the number + // of concurrent streams to each ServerTransport. + func MaxConcurrentStreams(n uint32) ServerOption { ++ if n == 0 { ++ n = math.MaxUint32 + } -+ sc.unstartedHandlers = append(sc.unstartedHandlers, unstartedHandler{ -+ streamID: streamID, -+ rw: rw, -+ req: req, -+ handler: handler, -+ }) -+ return nil -+} + return newFuncServerOption(func(o *serverOptions) { + o.maxConcurrentStreams = n + }) +@@ -564,24 +562,19 @@ const serverWorkerResetThreshold = 1 << 16 + // [1] https://github.com/golang/go/issues/18138 + func (s *Server) serverWorker() { + for completed := 0; completed < serverWorkerResetThreshold; completed++ { +- data, ok := <-s.serverWorkerChannel ++ f, ok := <-s.serverWorkerChannel + if !ok { + return + } +- s.handleSingleStream(data) ++ f() + } + go s.serverWorker() + } + +-func (s *Server) handleSingleStream(data *serverWorkerData) { +- defer data.wg.Done() +- s.handleStream(data.st, data.stream, s.traceInfo(data.st, data.stream)) +-} +- + // initServerWorkers creates worker goroutines and a channel to process incoming + // connections to reduce the time spent overall on runtime.morestack. + func (s *Server) initServerWorkers() { +- s.serverWorkerChannel = make(chan *serverWorkerData) ++ s.serverWorkerChannel = make(chan func()) + for i := uint32(0); i < s.opts.numServerWorkers; i++ { + go s.serverWorker() + } +@@ -982,21 +975,26 @@ func (s *Server) serveStreams(st transport.ServerTransport) { + defer st.Close(errors.New("finished serving streams for the server transport")) + var wg sync.WaitGroup + ++ streamQuota := newHandlerQuota(s.opts.maxConcurrentStreams) + st.HandleStreams(func(stream *transport.Stream) { + wg.Add(1) + -+func (sc *serverConn) handlerDone() { -+ sc.serveG.check() -+ sc.curHandlers-- -+ i := 0 -+ maxHandlers := sc.advMaxStreams -+ for ; i < len(sc.unstartedHandlers); i++ { -+ u := sc.unstartedHandlers[i] -+ if sc.streams[u.streamID] == nil { -+ // This stream was reset before its goroutine had a chance to start. -+ continue ++ streamQuota.acquire() ++ f := func() { ++ defer streamQuota.release() ++ defer wg.Done() ++ s.handleStream(st, stream, s.traceInfo(st, stream)) + } -+ if sc.curHandlers >= maxHandlers { -+ break -+ } -+ sc.curHandlers++ -+ go sc.runHandler(u.rw, u.req, u.handler) -+ sc.unstartedHandlers[i] = unstartedHandler{} // don't retain references ++ + if s.opts.numServerWorkers > 0 { +- data := &serverWorkerData{st: st, wg: &wg, stream: stream} + select { +- case s.serverWorkerChannel <- data: ++ case s.serverWorkerChannel <- f: + return + default: + // If all stream workers are busy, fallback to the default code path. + } + } +- go func() { +- defer wg.Done() +- s.handleStream(st, stream, s.traceInfo(st, stream)) +- }() ++ go f() + }, func(ctx context.Context, method string) context.Context { + if !EnableTracing { + return ctx +@@ -1959,3 +1957,34 @@ func (c *channelzServer) ChannelzMetric() *channelz.ServerInternalMetric { + func (c *channelzServer) ChannelzMetric() *channelz.ServerInternalMetric { + return c.s.channelzMetric() + } ++ ++// atomicSemaphore implements a blocking, counting semaphore. acquire should be ++// called synchronously; release may be called asynchronously. ++type atomicSemaphore struct { ++ n atomic.Int64 ++ wait chan struct{} ++} ++ ++func (q *atomicSemaphore) acquire() { ++ if q.n.Add(-1) < 0 { ++ // We ran out of quota. Block until a release happens. ++ <-q.wait + } -+ sc.unstartedHandlers = sc.unstartedHandlers[i:] -+ if len(sc.unstartedHandlers) == 0 { -+ sc.unstartedHandlers = nil ++} ++ ++func (q *atomicSemaphore) release() { ++ // N.B. the "<= 0" check below should allow for this to work with multiple ++ // concurrent calls to acquire, but also note that with synchronous calls to ++ // acquire, as our system does, n will never be less than -1. There are ++ // fairness issues (queuing) to consider if this was to be generalized. ++ if q.n.Add(1) <= 0 { ++ // An acquire was waiting on us. Unblock it. ++ q.wait <- struct{}{} + } +} + - // Run on its own goroutine. - func (sc *serverConn) runHandler(rw *responseWriter, req *http.Request, handler func(http.ResponseWriter, *http.Request)) { -+ defer sc.sendServeMsg(handlerDoneMsg) - didPanic := true - defer func() { - rw.rws.stream.cancelCtx() --- -2.33.8 ++func newHandlerQuota(n uint32) *atomicSemaphore { ++ a := &atomicSemaphore{wait: make(chan struct{}, 1)} ++ a.n.Store(int64(n)) ++ return a ++} diff --git a/SPECS/moby-containerd-cc/moby-containerd-cc.spec b/SPECS/moby-containerd-cc/moby-containerd-cc.spec index e311967e07..11a06778ff 100644 --- a/SPECS/moby-containerd-cc/moby-containerd-cc.spec +++ b/SPECS/moby-containerd-cc/moby-containerd-cc.spec @@ -6,7 +6,7 @@ Summary: Industry-standard container runtime for confidential containers Name: moby-%{upstream_name} Version: 1.7.7 -Release: 7%{?dist} +Release: 8%{?dist} License: ASL 2.0 Group: Tools/Container URL: https://www.containerd.io @@ -17,11 +17,12 @@ Source0: https://github.com/microsoft/confidential-containers-containerd/archiv Source1: containerd.service Source2: containerd.toml Patch0: CVE-2023-47108.patch -Patch1: CVE-2023-44487.patch +Patch1: CVE-2023-39325.patch Patch2: fix_cc_tests_for_golang1.21.patch Patch3: CVE-2024-24786.patch Patch4: CVE-2024-28180.patch Patch5: CVE-2023-45288.patch +Patch7: CVE-2023-44487.patch %{?systemd_requires} @@ -79,6 +80,12 @@ fi %config(noreplace) %{_sysconfdir}/containerd/config.toml %changelog +* Fri Apr 28 2025 Ranjan Dutta - 1.7.7-8 +- merge from Azure Linux tag 3.0.20250423-3.0 +- Rename patch file that addresses CVE-2023-39325 +- Address CVE-2023-44487 +- Fix rpmbuild warnings for changelog dates + * Fri Mar 21 2025 Anuj Mittal - 1.7.7-7 - Bump Release to rebuild @@ -112,10 +119,10 @@ fi * Wed Dec 20 2023 Manuel Huber - 1.7.2-3 - Set oom_score_adj of containerd to -999 -* Wed Nov 23 2023 Bala - 1.7.2-2 +* Wed Nov 22 2023 Bala - 1.7.2-2 - Fix CVE-2023-47108 by backporting the fix made for otel-grpc-0.40.0 -* Fri Nov 08 2023 Saul Paredes - 1.7.2-1 +* Fri Nov 10 2023 Saul Paredes - 1.7.2-1 - Always add TargetLayerDigestLabel label to snapshots * Mon Oct 16 2023 CBL-Mariner Servicing Account - 1.7.1-6 diff --git a/SPECS/moby-engine/CVE-2025-22868.patch b/SPECS/moby-engine/CVE-2025-22868.patch new file mode 100644 index 0000000000..c4f136f3ca --- /dev/null +++ b/SPECS/moby-engine/CVE-2025-22868.patch @@ -0,0 +1,38 @@ +From 681b4d8edca1bcfea5bce685d77ea7b82ed3e7b3 Mon Sep 17 00:00:00 2001 +From: Neal Patel +Date: Thu, 30 Jan 2025 14:10:09 -0500 +Subject: [PATCH] jws: split token into fixed number of parts + +Thanks to 'jub0bs' for reporting this issue. + +Fixes #71490 +Fixes CVE-2025-22868 + +Change-Id: I2552731f46d4907f29aafe7863c558387b6bd6e2 +Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/652155 +Auto-Submit: Gopher Robot +Reviewed-by: Damien Neil +Reviewed-by: Roland Shoemaker +LUCI-TryBot-Result: Go LUCI +--- + vendor/golang.org/x/oauth2/jws/jws.go | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/vendor/golang.org/x/oauth2/jws/jws.go b/vendor/golang.org/x/oauth2/jws/jws.go +index 95015648b..6f03a49d3 100644 +--- a/vendor/golang.org/x/oauth2/jws/jws.go ++++ b/vendor/golang.org/x/oauth2/jws/jws.go +@@ -165,11 +165,11 @@ func Encode(header *Header, c *ClaimSet, key *rsa.PrivateKey) (string, error) { + // Verify tests whether the provided JWT token's signature was produced by the private key + // associated with the supplied public key. + func Verify(token string, key *rsa.PublicKey) error { +- parts := strings.Split(token, ".") +- if len(parts) != 3 { ++ if strings.Count(token, ".") != 2 { + return errors.New("jws: invalid token received, token must have 3 parts") + } + ++ parts := strings.SplitN(token, ".", 3) + signedContent := parts[0] + "." + parts[1] + signatureString, err := base64.RawURLEncoding.DecodeString(parts[2]) + if err != nil { diff --git a/SPECS/moby-engine/CVE-2025-22869.patch b/SPECS/moby-engine/CVE-2025-22869.patch new file mode 100644 index 0000000000..c0415fddb0 --- /dev/null +++ b/SPECS/moby-engine/CVE-2025-22869.patch @@ -0,0 +1,140 @@ +From 041b89a18f81265899e42e6801f830c101a96120 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Sun, 2 Mar 2025 13:46:00 +0000 +Subject: [PATCH] CVE-2025-22869 + +Upstream Reference : https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22 + +ssh: limit the size of the internal packet queue while waiting for KEX + +In the SSH protocol, clients and servers execute the key exchange to +generate one-time session keys used for encryption and authentication. +The key exchange is performed initially after the connection is +established and then periodically after a configurable amount of data. +While a key exchange is in progress, we add the received packets to an +internal queue until we receive SSH_MSG_KEXINIT from the other side. +This can result in high memory usage if the other party is slow to +respond to the SSH_MSG_KEXINIT packet, or memory exhaustion if a +malicious client never responds to an SSH_MSG_KEXINIT packet during a +large file transfer. +We now limit the internal queue to 64 packets: this means 2MB with the +typical 32KB packet size. +When the internal queue is full we block further writes until the +pending key exchange is completed or there is a read or write error. + +Thanks to Yuichi Watanabe for reporting this issue. + +Change-Id: I1ce2214cc16e08b838d4bc346c74c72addafaeec +Reviewed-on: https://go-review.googlesource.com/c/crypto/+/652135 +Reviewed-by: Neal Patel +Auto-Submit: Gopher Robot +Reviewed-by: Roland Shoemaker +LUCI-TryBot-Result: Go LUCI + +--- + vendor/golang.org/x/crypto/ssh/handshake.go | 47 ++++++++++++++++----- + 1 file changed, 37 insertions(+), 10 deletions(-) + +diff --git a/vendor/golang.org/x/crypto/ssh/handshake.go b/vendor/golang.org/x/crypto/ssh/handshake.go +index 70a7369..e14eb6c 100644 +--- a/vendor/golang.org/x/crypto/ssh/handshake.go ++++ b/vendor/golang.org/x/crypto/ssh/handshake.go +@@ -24,6 +24,11 @@ const debugHandshake = false + // quickly. + const chanSize = 16 + ++// maxPendingPackets sets the maximum number of packets to queue while waiting ++// for KEX to complete. This limits the total pending data to maxPendingPackets ++// * maxPacket bytes, which is ~16.8MB. ++const maxPendingPackets = 64 ++ + // keyingTransport is a packet based transport that supports key + // changes. It need not be thread-safe. It should pass through + // msgNewKeys in both directions. +@@ -58,11 +63,19 @@ type handshakeTransport struct { + incoming chan []byte + readError error + +- mu sync.Mutex +- writeError error +- sentInitPacket []byte +- sentInitMsg *kexInitMsg +- pendingPackets [][]byte // Used when a key exchange is in progress. ++ mu sync.Mutex ++ // Condition for the above mutex. It is used to notify a completed key ++ // exchange or a write failure. Writes can wait for this condition while a ++ // key exchange is in progress. ++ writeCond *sync.Cond ++ writeError error ++ sentInitPacket []byte ++ sentInitMsg *kexInitMsg ++ // Used to queue writes when a key exchange is in progress. The length is ++ // limited by pendingPacketsSize. Once full, writes will block until the key ++ // exchange is completed or an error occurs. If not empty, it is emptied ++ // all at once when the key exchange is completed in kexLoop. ++ pendingPackets [][]byte + writePacketsLeft uint32 + writeBytesLeft int64 + +@@ -114,6 +127,7 @@ func newHandshakeTransport(conn keyingTransport, config *Config, clientVersion, + + config: config, + } ++ t.writeCond = sync.NewCond(&t.mu) + t.resetReadThresholds() + t.resetWriteThresholds() + +@@ -236,6 +250,7 @@ func (t *handshakeTransport) recordWriteError(err error) { + defer t.mu.Unlock() + if t.writeError == nil && err != nil { + t.writeError = err ++ t.writeCond.Broadcast() + } + } + +@@ -339,6 +354,8 @@ write: + } + } + t.pendingPackets = t.pendingPackets[:0] ++ // Unblock writePacket if waiting for KEX. ++ t.writeCond.Broadcast() + t.mu.Unlock() + } + +@@ -526,11 +543,20 @@ func (t *handshakeTransport) writePacket(p []byte) error { + } + + if t.sentInitMsg != nil { +- // Copy the packet so the writer can reuse the buffer. +- cp := make([]byte, len(p)) +- copy(cp, p) +- t.pendingPackets = append(t.pendingPackets, cp) +- return nil ++ if len(t.pendingPackets) < maxPendingPackets { ++ // Copy the packet so the writer can reuse the buffer. ++ cp := make([]byte, len(p)) ++ copy(cp, p) ++ t.pendingPackets = append(t.pendingPackets, cp) ++ return nil ++ } ++ for t.sentInitMsg != nil { ++ // Block and wait for KEX to complete or an error. ++ t.writeCond.Wait() ++ if t.writeError != nil { ++ return t.writeError ++ } ++ } + } + + if t.writeBytesLeft > 0 { +@@ -547,6 +573,7 @@ func (t *handshakeTransport) writePacket(p []byte) error { + + if err := t.pushPacket(p); err != nil { + t.writeError = err ++ t.writeCond.Broadcast() + } + + return nil +-- +2.45.2 + diff --git a/SPECS/moby-engine/moby-engine.spec b/SPECS/moby-engine/moby-engine.spec index c644c33e0b..7f3b782ea7 100644 --- a/SPECS/moby-engine/moby-engine.spec +++ b/SPECS/moby-engine/moby-engine.spec @@ -3,7 +3,7 @@ Summary: The open-source application container engine Name: moby-engine Version: 25.0.3 -Release: 11%{?dist} +Release: 12%{?dist} License: ASL 2.0 Group: Tools/Container URL: https://mobyproject.org @@ -24,6 +24,8 @@ Patch6: CVE-2024-36620.patch Patch7: CVE-2024-36623.patch Patch8: CVE-2024-45337.patch Patch9: CVE-2023-45288.patch +Patch10: CVE-2025-22868.patch +Patch11: CVE-2025-22869.patch %{?systemd_requires} @@ -119,6 +121,10 @@ fi %{_unitdir}/* %changelog +* Fri Apr 28 2025 Ranjan Dutta - 25.0.3-12 +- merge from Azure Linux tag 3.0.20250423-3.0 +- Patch CVE-2025-22868 & CVE-2025-22869 + * Fri Mar 21 2025 Anuj Mittal - 25.0.3-11 - Bump Release to rebuild diff --git a/SPECS/multiperf/multiperf.signatures.json b/SPECS/multiperf/multiperf.signatures.json new file mode 100644 index 0000000000..29bc7c149f --- /dev/null +++ b/SPECS/multiperf/multiperf.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "multiperf-3.0.tar.gz": "b9c43501a200c20ee5af7614da324372cd9f1fbd2fc3d7dfd775a9164bf3a68e" + } +} \ No newline at end of file diff --git a/SPECS/multiperf/multiperf.spec b/SPECS/multiperf/multiperf.spec new file mode 100644 index 0000000000..a589ef6089 --- /dev/null +++ b/SPECS/multiperf/multiperf.spec @@ -0,0 +1,44 @@ +Name: multiperf +Summary: IB Performance tests +Version: 3.0 +Release: 1%{?dist} +License: BSD 3-Clause, GPL v2 or later +Vendor: Microsoft Corporation +Distribution: Azure Linux +Group: Productivity/Networking/Diagnostic +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/24.10-0.7.0.0/SRPMS/multiperf-3.0.tar.gz#/%{name}-%{version}.tar.gz +Url: "" +BuildRoot: /var/tmp/%{name}-%{version}-build +ExclusiveArch: x86_64 + +BuildRequires: libibverbs-devel + +%description +gen3 uverbs microbenchmarks + +%prep +%setup -q + +%build +%configure +%{__make} + +%install +rm -rf $RPM_BUILD_ROOT +make DESTDIR=%{buildroot} install + +%clean +rm -rf ${RPM_BUILD_ROOT} + +%files +%defattr(-, root, root) +%doc README +%license COPYING +%_bindir/* + +%changelog +* Tue Dec 17 2024 Binu Jose Philip +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified +* Sun Feb 08 2015 - gilr@mellanox.com +- Initial Package, Version 3.0 diff --git a/SPECS/ofed-docs/ofed-docs.signatures.json b/SPECS/ofed-docs/ofed-docs.signatures.json new file mode 100644 index 0000000000..b3f36eb967 --- /dev/null +++ b/SPECS/ofed-docs/ofed-docs.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "ofed-docs-24.10.tar.gz": "ca307e3ef7407d9f4386fe021dd3f130d114f793884e60493ae129fdc83f7478" + } +} diff --git a/SPECS/ofed-docs/ofed-docs.spec b/SPECS/ofed-docs/ofed-docs.spec new file mode 100644 index 0000000000..15de25c335 --- /dev/null +++ b/SPECS/ofed-docs/ofed-docs.spec @@ -0,0 +1,75 @@ +# +# Copyright (c) 2012 Mellanox Technologies. All rights reserved. +# +# This Software is licensed under one of the following licenses: +# +# 1) under the terms of the "Common Public License 1.0" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/cpl.php. +# +# 2) under the terms of the "The BSD License" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/bsd-license.php. +# +# 3) under the terms of the "GNU General Public License (GPL) Version 2" a +# copy of which is available from the Open Source Initiative, see +# http://www.opensource.org/licenses/gpl-license.php. +# +# Licensee has the right to choose one of the above licenses. +# +# Redistributions of source code must retain the above copyright +# notice and one of the license notices. +# +# Redistributions in binary form must reproduce both the above copyright +# notice, one of the license notices in the documentation +# and/or other materials provided with the distribution. +# +# +# $Id: ofed-docs.spec 7948 2006-06-13 12:42:34Z vlad $ +# + +%global MLNX_OFED_VERSION 24.10-0.7.0.0 +Summary: OFED docs +Name: ofed-docs +Version: 24.10 +Release: 1%{?dist} +License: GPLv2 +Vendor: Microsoft Corporation +Distribution: Azure Linux +URL: https://www.openfabrics.org +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/%{MLNX_OFED_VERSION}/SRPMS/%{name}-%{version}.tar.gz +Group: Documentation/Man + +BuildRoot: %{?build_root:%{build_root}}%{!?build_root:/var/tmp/%{name}-%{version}-root} + +%description +OpenFabrics documentation + +%prep +%setup -q -n %{name}-%{version} + +%install +mkdir -p $RPM_BUILD_ROOT%{_defaultdocdir}/%{name}-%{version} +cp -a * $RPM_BUILD_ROOT%{_defaultdocdir}/%{name}-%{version} + +%clean +rm -rf $RPM_BUILD_ROOT + +%files +%license LICENSE +%defattr(-,root,root) +%{_defaultdocdir}/%{name}-%{version} + +%changelog +* Wed Jan 08 2025 Alberto David Perez Guevara 24.10-1 +- Initial Azure Linux import from NVIDIA (license: GPLv2). +- License verified. + +* Sun Mar 25 2007 Vladimir Sokolovsky +- Changed prefix + +* Thu Jul 27 2006 Vladimir Sokolovsky +- Changed version to 1.1 + +* Tue Jun 06 2006 Vladimir Sokolovsky +- Initial packaging diff --git a/SPECS/openssl/Keep-the-provided-peer-EVP_PKEY-in-the-EVP_PKEY_CTX-too.patch b/SPECS/openssl/Keep-the-provided-peer-EVP_PKEY-in-the-EVP_PKEY_CTX-too.patch new file mode 100644 index 0000000000..f03cf8e637 --- /dev/null +++ b/SPECS/openssl/Keep-the-provided-peer-EVP_PKEY-in-the-EVP_PKEY_CTX-too.patch @@ -0,0 +1,34 @@ +From 782912cccc70f8c3fed4e49db2f479d97af0bdf9 Mon Sep 17 00:00:00 2001 +From: Tomas Mraz +Date: Tue, 4 Mar 2025 18:43:18 +0100 +Subject: [PATCH] Keep the provided peer EVP_PKEY in the EVP_PKEY_CTX too + +Reviewed-by: Tim Hudson +Reviewed-by: Dmitry Belyavskiy +Reviewed-by: Matt Caswell +(Merged from https://github.com/openssl/openssl/pull/26976) + +(cherry picked from commit 2656922febfc36f6b44cff1c363917685633b4c5) +--- + crypto/evp/exchange.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c +index d9eed1cea5be2..70c2f441b9d7a 100644 +--- a/crypto/evp/exchange.c ++++ b/crypto/evp/exchange.c +@@ -431,7 +431,13 @@ int EVP_PKEY_derive_set_peer_ex(EVP_PKEY_CTX *ctx, EVP_PKEY *peer, + */ + if (provkey == NULL) + goto legacy; +- return ctx->op.kex.exchange->set_peer(ctx->op.kex.algctx, provkey); ++ ret = ctx->op.kex.exchange->set_peer(ctx->op.kex.algctx, provkey); ++ if (ret <= 0) ++ return ret; ++ EVP_PKEY_free(ctx->peerkey); ++ ctx->peerkey = peer; ++ EVP_PKEY_up_ref(peer); ++ return 1; + + legacy: + #ifdef FIPS_MODULE diff --git a/SPECS/openssl/openssl.spec b/SPECS/openssl/openssl.spec index 31c948fde7..b10944aeb3 100644 --- a/SPECS/openssl/openssl.spec +++ b/SPECS/openssl/openssl.spec @@ -9,7 +9,7 @@ Summary: Utilities from the general purpose cryptography library with TLS implementation Name: openssl Version: 3.3.3 -Release: 1%{?dist} +Release: 2%{?dist} Vendor: Microsoft Corporation Distribution: Azure Linux Source: https://github.com/openssl/openssl/releases/download/openssl-%{version}/openssl-%{version}.tar.gz @@ -62,6 +62,14 @@ Patch52: 0052-Allow-SHA1-in-seclevel-1-if-rh-allow-sha1-signatures.patch # # See notes in the patch for details, but this patch will not be needed if # # the openssl issue https://github.com/openssl/openssl/issues/7048 is ever implemented and released. Patch80: 0001-Replacing-deprecated-functions-with-NULL-or-highest.patch +# Fix crashes in openssl speed with providers that don't refcount keys. +# Upstream: https://github.com/openssl/openssl/pull/26976 has been merged into 3.3, so if we +# upgrade to 3.3.4 when it comes out, we can remove this patch. +Patch81: Keep-the-provided-peer-EVP_PKEY-in-the-EVP_PKEY_CTX-too.patch +# The Symcrypt provider, which is our default, doesn't support some of the +# algorithms that are used in the speed tests. This patch skips those tests. +# If SymCrypt adds support, we should change and eventually remove this patch. +Patch82: prevent-unsupported-calls-into-symcrypt-in-speed.patch License: Apache-2.0 URL: http://www.openssl.org/ @@ -357,6 +365,9 @@ install -m644 %{SOURCE9} \ %ldconfig_scriptlets libs %changelog +* Mon Mar 17 2025 Tobias Brick - 3.3.3-2 +- Patch to fix segfaults and errors in openssl speed. + * Wed Feb 26 2025 Tobias Brick - 3.3.3-1 - Auto-upgrade to 3.3.3 - none - Initially run through autoupgrader (CBL-Mariner Servicing Account ) diff --git a/SPECS/openssl/prevent-unsupported-calls-into-symcrypt-in-speed.patch b/SPECS/openssl/prevent-unsupported-calls-into-symcrypt-in-speed.patch new file mode 100644 index 0000000000..50e8b437fb --- /dev/null +++ b/SPECS/openssl/prevent-unsupported-calls-into-symcrypt-in-speed.patch @@ -0,0 +1,163 @@ +From 4576a24fbe145ea200b9f9eb7e1854c61932e8b6 Mon Sep 17 00:00:00 2001 +From: Tobias Brick +Date: Tue, 25 Feb 2025 21:52:41 +0000 +Subject: [PATCH] prevent unsupported calls into symcrypt in speed + +--- + apps/speed.c | 46 ++++++++++++++++++++++++++++++++++++++++++++-- + 1 file changed, 44 insertions(+), 2 deletions(-) + +diff --git a/apps/speed.c b/apps/speed.c +index 8c3342e..b4e966d 100644 +--- a/apps/speed.c ++++ b/apps/speed.c +@@ -27,6 +27,9 @@ + /* We need to use some deprecated APIs */ + #define OPENSSL_SUPPRESS_DEPRECATED + ++/* AZL3-Specific: Only run tests that work with the SymCrypt provider. */ ++#define AZL3_SYMCRYPT_PROVIDER ++ + #include + #include + #include +@@ -383,15 +386,24 @@ static double rsa_results[RSA_NUM][4]; /* 4 ops: sign, verify, encrypt, decrypt + + #ifndef OPENSSL_NO_DH + enum ff_params_t { +- R_FFDH_2048, R_FFDH_3072, R_FFDH_4096, R_FFDH_6144, R_FFDH_8192, FFDH_NUM ++ R_FFDH_2048, ++ R_FFDH_3072, ++ R_FFDH_4096, ++#ifndef AZL3_SYMCRYPT_PROVIDER ++ R_FFDH_6144, ++ R_FFDH_8192, ++#endif /* AZL3_SYMCRYPT_PROVIDER */ ++ FFDH_NUM, + }; + + static const OPT_PAIR ffdh_choices[FFDH_NUM] = { + {"ffdh2048", R_FFDH_2048}, + {"ffdh3072", R_FFDH_3072}, + {"ffdh4096", R_FFDH_4096}, ++#ifndef AZL3_SYMCRYPT_PROVIDER + {"ffdh6144", R_FFDH_6144}, + {"ffdh8192", R_FFDH_8192}, ++#endif /* AZL3_SYMCRYPT_PROVIDER */ + }; + + static double ffdh_results[FFDH_NUM][1]; /* 1 op: derivation */ +@@ -403,8 +415,11 @@ enum ec_curves_t { + R_EC_K163, R_EC_K233, R_EC_K283, R_EC_K409, R_EC_K571, + R_EC_B163, R_EC_B233, R_EC_B283, R_EC_B409, R_EC_B571, + #endif ++#ifndef AZL3_SYMCRYPT_PROVIDER + R_EC_BRP256R1, R_EC_BRP256T1, R_EC_BRP384R1, R_EC_BRP384T1, +- R_EC_BRP512R1, R_EC_BRP512T1, ECDSA_NUM ++ R_EC_BRP512R1, R_EC_BRP512T1, ++#endif /* AZL3_SYMCRYPT_PROVIDER */ ++ ECDSA_NUM + }; + /* list of ecdsa curves */ + static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = { +@@ -424,12 +439,14 @@ static const OPT_PAIR ecdsa_choices[ECDSA_NUM] = { + {"ecdsab409", R_EC_B409}, + {"ecdsab571", R_EC_B571}, + #endif ++#ifndef AZL3_SYMCRYPT_PROVIDER + {"ecdsabrp256r1", R_EC_BRP256R1}, + {"ecdsabrp256t1", R_EC_BRP256T1}, + {"ecdsabrp384r1", R_EC_BRP384R1}, + {"ecdsabrp384t1", R_EC_BRP384T1}, + {"ecdsabrp512r1", R_EC_BRP512R1}, + {"ecdsabrp512t1", R_EC_BRP512T1} ++#endif /* AZL3_SYMCRYPT_PROVIDER */ + }; + enum { + #ifndef OPENSSL_NO_ECX +@@ -456,12 +473,14 @@ static const OPT_PAIR ecdh_choices[EC_NUM] = { + {"ecdhb409", R_EC_B409}, + {"ecdhb571", R_EC_B571}, + #endif ++#ifndef AZL3_SYMCRYPT_PROVIDER + {"ecdhbrp256r1", R_EC_BRP256R1}, + {"ecdhbrp256t1", R_EC_BRP256T1}, + {"ecdhbrp384r1", R_EC_BRP384R1}, + {"ecdhbrp384t1", R_EC_BRP384T1}, + {"ecdhbrp512r1", R_EC_BRP512R1}, + {"ecdhbrp512t1", R_EC_BRP512T1}, ++#endif /* AZL3_SYMCRYPT_PROVIDER */ + #ifndef OPENSSL_NO_ECX + {"ecdhx25519", R_EC_X25519}, + {"ecdhx448", R_EC_X448} +@@ -1806,8 +1825,10 @@ int speed_main(int argc, char **argv) + {"ffdh2048", NID_ffdhe2048, 2048}, + {"ffdh3072", NID_ffdhe3072, 3072}, + {"ffdh4096", NID_ffdhe4096, 4096}, ++#ifndef AZL3_SYMCRYPT_PROVIDER + {"ffdh6144", NID_ffdhe6144, 6144}, + {"ffdh8192", NID_ffdhe8192, 8192} ++#endif /* AZL3_SYMCRYPT_PROVIDER */ + }; + uint8_t ffdh_doit[FFDH_NUM] = { 0 }; + +@@ -1839,12 +1860,14 @@ int speed_main(int argc, char **argv) + {"nistb409", NID_sect409r1, 409}, + {"nistb571", NID_sect571r1, 571}, + #endif ++#ifndef AZL3_SYMCRYPT_PROVIDER + {"brainpoolP256r1", NID_brainpoolP256r1, 256}, + {"brainpoolP256t1", NID_brainpoolP256t1, 256}, + {"brainpoolP384r1", NID_brainpoolP384r1, 384}, + {"brainpoolP384t1", NID_brainpoolP384t1, 384}, + {"brainpoolP512r1", NID_brainpoolP512r1, 512}, + {"brainpoolP512t1", NID_brainpoolP512t1, 512}, ++#endif /* AZL3_SYMCRYPT_PROVIDER */ + #ifndef OPENSSL_NO_ECX + /* Other and ECDH only ones */ + {"X25519", NID_X25519, 253}, +@@ -1885,8 +1908,13 @@ int speed_main(int argc, char **argv) + OPENSSL_assert(ec_curves[EC_NUM - 1].nid == NID_X448); + OPENSSL_assert(strcmp(ecdh_choices[EC_NUM - 1].name, "ecdhx448") == 0); + ++#ifdef AZL3_SYMCRYPT_PROVIDER ++ OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_secp521r1); ++ OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsap521") == 0); ++#else + OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_brainpoolP512t1); + OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsabrp512t1") == 0); ++#endif /* AZL3_SYMCRYPT_PROVIDER */ + #endif /* OPENSSL_NO_ECX */ + + #ifndef OPENSSL_NO_SM2 +@@ -2066,6 +2094,13 @@ int speed_main(int argc, char **argv) + goto end; + } + for (i = 0; i < OSSL_NELEM(rsa_choices); i++) { ++#ifdef AZL3_SYMCRYPT_PROVIDER ++ /* SymCrypt only supports 1024 and above */ ++ if (strcmp(rsa_choices[i].name, "rsa512") == 0) { ++ continue; ++ } ++#endif /* AZL3_SYMCRYPT_PROVIDER */ ++ + kems_doit[kems_algs_len] = 1; + kems_algname[kems_algs_len++] = OPENSSL_strdup(rsa_choices[i].name); + } +@@ -2111,6 +2146,13 @@ int speed_main(int argc, char **argv) + goto end; + } + for (i = 0; i < OSSL_NELEM(rsa_choices); i++) { ++#ifdef AZL3_SYMCRYPT_PROVIDER ++ /* SymCrypt only supports 1024 and above */ ++ if (strcmp(rsa_choices[i].name, "rsa512") == 0) { ++ continue; ++ } ++#endif /* AZL3_SYMCRYPT_PROVIDER */ ++ + sigs_doit[sigs_algs_len] = 1; + sigs_algname[sigs_algs_len++] = OPENSSL_strdup(rsa_choices[i].name); + } +-- +2.45.3 + diff --git a/SPECS/packer/CVE-2025-30204.patch b/SPECS/packer/CVE-2025-30204.patch new file mode 100644 index 0000000000..b72c6e6ae2 --- /dev/null +++ b/SPECS/packer/CVE-2025-30204.patch @@ -0,0 +1,72 @@ +From 3b49efd441bf131dd895fd75dcf669a493b95638 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Sat, 29 Mar 2025 17:54:57 +0000 +Subject: [PATCH] CVE-2025-30204 + +Upstream Patch Reference : v4: https://github.com/golang-jwt/jwt/commit/2f0e9add62078527821828c76865661aa7718a84 + +--- + vendor/github.com/golang-jwt/jwt/v4/parser.go | 36 +++++++++++++++++++++++--- + 1 file changed, 33 insertions(+), 3 deletions(-) + +diff --git a/vendor/github.com/golang-jwt/jwt/v4/parser.go b/vendor/github.com/golang-jwt/jwt/v4/parser.go +index 2f61a69..9484f28 100644 +--- a/vendor/github.com/golang-jwt/jwt/v4/parser.go ++++ b/vendor/github.com/golang-jwt/jwt/v4/parser.go +@@ -7,6 +7,8 @@ import ( + "strings" + ) + ++const tokenDelimiter = "." ++ + type Parser struct { + // If populated, only these methods will be considered valid. + // +@@ -116,9 +118,10 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf + // It's only ever useful in cases where you know the signature is valid (because it has + // been checked previously in the stack) and you want to extract values from it. + func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { +- parts = strings.Split(tokenString, ".") +- if len(parts) != 3 { +- return nil, parts, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) ++ var ok bool ++ parts, ok = splitToken(tokenString) ++ if !ok { ++ return nil, nil, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) + } + + token = &Token{Raw: tokenString} +@@ -168,3 +171,30 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke + + return token, parts, nil + } ++ ++// splitToken splits a token string into three parts: header, claims, and signature. It will only ++// return true if the token contains exactly two delimiters and three parts. In all other cases, it ++// will return nil parts and false. ++func splitToken(token string) ([]string, bool) { ++ parts := make([]string, 3) ++ header, remain, ok := strings.Cut(token, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[0] = header ++ claims, remain, ok := strings.Cut(remain, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[1] = claims ++ // One more cut to ensure the signature is the last part of the token and there are no more ++ // delimiters. This avoids an issue where malicious input could contain additional delimiters ++ // causing unecessary overhead parsing tokens. ++ signature, _, unexpected := strings.Cut(remain, tokenDelimiter) ++ if unexpected { ++ return nil, false ++ } ++ parts[2] = signature ++ ++ return parts, true ++} +-- +2.45.2 + diff --git a/SPECS/packer/packer.spec b/SPECS/packer/packer.spec index 08896dcff2..d8481fa663 100644 --- a/SPECS/packer/packer.spec +++ b/SPECS/packer/packer.spec @@ -4,7 +4,7 @@ Summary: Tool for creating identical machine images for multiple platforms from a single source configuration. Name: packer Version: 1.9.5 -Release: 7%{?dist} +Release: 8%{?dist} License: MPLv2.0 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -39,6 +39,7 @@ Patch4: CVE-2024-28180.patch Patch5: CVE-2025-27144.patch Patch6: CVE-2025-22869.patch Patch7: CVE-2025-22868.patch +Patch8: CVE-2025-30204.patch BuildRequires: golang >= 1.21 BuildRequires: kernel-headers BuildRequires: glibc-devel @@ -72,10 +73,12 @@ go test -mod=vendor %{_bindir}/packer %changelog +* Fri Apr 28 2025 Ranjan Dutta - 1.9.5-8 +- merge from Azure Linux tag 3.0.20250423-3.0 + * Fri Mar 21 2025 Anuj Mittal - 1.9.5-7 - Bump Release to rebuild - * Fri Feb 28 2025 Kanishk Bansal - 1.9.5-6 - Fix CVE-2024-28180, CVE-2025-27144, CVE-2025-22869, CVE-2025-22868 with an upstream patch diff --git a/SPECS/perftest/perftest.signatures.json b/SPECS/perftest/perftest.signatures.json new file mode 100644 index 0000000000..30096a6446 --- /dev/null +++ b/SPECS/perftest/perftest.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "perftest-24.10.0.tar.gz": "e81308122e667361ddaac9efb5af7fbfdf177df92bc19587291a8ea78322f239" + } +} diff --git a/SPECS/perftest/perftest.spec b/SPECS/perftest/perftest.spec new file mode 100644 index 0000000000..be339ec9c8 --- /dev/null +++ b/SPECS/perftest/perftest.spec @@ -0,0 +1,91 @@ +%global extended_release 0.65.g9093bae +%global MLNX_OFED_VERSION 24.10-0.7.0.0 +Summary: IB Performance tests +Name: perftest +# Update extended_release with version updates +Version: 24.10.0 +Release: 1%{?dist} +License: BSD or GPLv2 +Vendor: Microsoft Corporation +Distribution: Azure Linux +Group: Productivity/Networking/Diagnostic +URL: https://www.openfabrics.org +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/%{MLNX_OFED_VERSION}/SRPMS/%{name}-%{version}-%{extended_release}.tar.gz#/%{name}-%{version}.tar.gz +BuildRequires: libibumad-devel +BuildRequires: libibverbs-devel +BuildRequires: librdmacm-devel +BuildRequires: pciutils-devel + +%description +gen3 uverbs microbenchmarks release: %extended_release + +%prep +%autosetup -p1 + +%build +%configure +%{__make} +chmod -x runme + +%install +%make_install + +%files +%defattr(-, root, root) +%doc README runme +%license COPYING +%_bindir/* +%_mandir/man1/*.1* + +%changelog +* Wed Jan 08 2025 Alberto David Perez Guevara - 24.10.0-1 +- Upgrade version to 24.10.0 + +* Wed Apr 03 2024 Juan Camposeco - 24.01.0-1 +- Upgrade version to 24.01.0 + +* Wed Sep 20 2023 Jon Slobodzian - 4.5-2 +- Recompile with stack-protection fixed gcc version (CVE-2023-4039) + +* Thu Jun 23 2022 Rachel Menge - 4.5-1 +- Initial CBL-Mariner import from NVIDIA (license: GPLv2) +- License verified + +* Wed Jan 09 2013 - idos@mellanox.com +- Use autotools for building package. + +* Sun Dec 30 2012 - idos@mellanox.com +- Added raw_ethernet_bw to install script. + +* Sun Oct 21 2012 - idos@mellanox.com +- Removed write_bw_postlist (feature contained in all BW tests) + +* Sat Oct 20 2012 - idos@mellanox.com +- Version 2.0 is underway + +* Mon May 14 2012 - idos@mellanox.com +- Removed (deprecated) rdma_bw and rdma_lat tests + +* Thu Feb 02 2012 - idos@mellanox.com +- Updated to 1.4.0 version (no compability with older version). + +* Thu Feb 02 2012 - idos@mellanox.com +- Merge perftest code for Linux & Windows + +* Sun Jan 01 2012 - idos@mellanox.com +- Added atomic benchmarks + +* Sat Apr 18 2009 - hal.rosenstock@gmail.com +- Change executable names for rdma_lat and rdma_bw + +* Mon Jul 09 2007 - hvogel@suse.de +- Use correct version + +* Wed Jul 04 2007 - hvogel@suse.de +- Add GPL COPYING file [#289509] + +* Mon Jul 02 2007 - hvogel@suse.de +- Update to the OFED 1.2 version + +* Fri Jun 22 2007 - hvogel@suse.de +- Initial Package, Version 1.1 diff --git a/SPECS/php/php.signatures.json b/SPECS/php/php.signatures.json index 1d5fd0b6db..9564d45aae 100644 --- a/SPECS/php/php.signatures.json +++ b/SPECS/php/php.signatures.json @@ -1,19 +1,19 @@ { - "Signatures": { - "10-opcache.ini": "6065beb2ace54d6cb5a8cde751330ea358bd23692073c6e3d2c57f7c97bec869", - "20-ffi.ini": "f5e968fdd3eca54f3dab2399e243931cf16cd9da034f0364800aefab222271c0", - "macros.php": "917104496e8239e1ed1d4812871be772a5fa8b38cf80c4c59ec3e0c36d48310e", - "nginx-fpm.conf": "5a222ab2c3fc0145cb67a1c5125471bbf097de304e77c9858e7077a3b4fcad59", - "nginx-php.conf": "b3b3f744c4c122302fcb11f39cac78d01cef15ee6f8bd67e98b3438efcf8dc95", - "opcache-default.blacklist": "4eef0875e1a0c6a75b8a2bafd4ddc029b83be74dd336a6a99214b0c32808cb38", - "php-8.3.14.tar.xz": "58b4cb9019bf70c0cbcdb814c7df79b9065059d14cf7dbf48d971f8e56ae9be7", - "php-fpm-www.conf": "1cacdd4962c01a0a968933c38db503023940ad9105f021bdab85d6cdc46dcbb8", - "php-fpm.conf": "bb261d53b9b42bb163a7637bb373ffa18a20dddf27a3efe6cb5ed1b1cf5981a9", - "php-fpm.logrotate": "7d8279bebb9ffabc596a2699150e93d4ce4513245890b9b786d337288b19fa79", - "php-fpm.service": "574f50dec5a0edd60e60e44e7cc2d03575bc728bdc0b0cab021ce3c55abc0117", - "php-fpm.wants": "846297e91ba02bd0e29b6635eeddcca01a7ad4faf5a8f27113543804331d0328", - "php.conf": "e2388be032eccf7c0197d597ba72259a095bf8434438a184e6a640edb4b59de2", - "php.ini": "8fd5a4d891c19320c07010fbbbac982c886b422bc8d062acaeae49d70c136fc8", - "php.modconf": "dc7303ea584452d2f742d002a648abe74905025aabf240259c7e8bd01746d278" - } -} \ No newline at end of file + "Signatures": { + "10-opcache.ini": "6065beb2ace54d6cb5a8cde751330ea358bd23692073c6e3d2c57f7c97bec869", + "20-ffi.ini": "f5e968fdd3eca54f3dab2399e243931cf16cd9da034f0364800aefab222271c0", + "macros.php": "917104496e8239e1ed1d4812871be772a5fa8b38cf80c4c59ec3e0c36d48310e", + "nginx-fpm.conf": "5a222ab2c3fc0145cb67a1c5125471bbf097de304e77c9858e7077a3b4fcad59", + "nginx-php.conf": "b3b3f744c4c122302fcb11f39cac78d01cef15ee6f8bd67e98b3438efcf8dc95", + "opcache-default.blacklist": "4eef0875e1a0c6a75b8a2bafd4ddc029b83be74dd336a6a99214b0c32808cb38", + "php-fpm-www.conf": "1cacdd4962c01a0a968933c38db503023940ad9105f021bdab85d6cdc46dcbb8", + "php-fpm.conf": "bb261d53b9b42bb163a7637bb373ffa18a20dddf27a3efe6cb5ed1b1cf5981a9", + "php-fpm.logrotate": "7d8279bebb9ffabc596a2699150e93d4ce4513245890b9b786d337288b19fa79", + "php-fpm.service": "574f50dec5a0edd60e60e44e7cc2d03575bc728bdc0b0cab021ce3c55abc0117", + "php-fpm.wants": "846297e91ba02bd0e29b6635eeddcca01a7ad4faf5a8f27113543804331d0328", + "php.conf": "e2388be032eccf7c0197d597ba72259a095bf8434438a184e6a640edb4b59de2", + "php.ini": "8fd5a4d891c19320c07010fbbbac982c886b422bc8d062acaeae49d70c136fc8", + "php.modconf": "dc7303ea584452d2f742d002a648abe74905025aabf240259c7e8bd01746d278", + "php-8.3.19.tar.xz": "976e4077dd25bec96b5dfe8938052d243bbd838f95368a204896eff12756545f" + } +} diff --git a/SPECS/php/php.spec b/SPECS/php/php.spec index 1b106f2f3f..8a4c6b64a8 100644 --- a/SPECS/php/php.spec +++ b/SPECS/php/php.spec @@ -32,7 +32,7 @@ %global with_qdbm 0 Summary: PHP scripting language for creating dynamic web sites Name: php -Version: 8.3.14 +Version: 8.3.19 Release: 1%{?dist} # All files licensed under PHP version 3.01, except # Zend is licensed under Zend @@ -1514,6 +1514,9 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || : %dir %{_datadir}/php/preload %changelog +* Sun Mar 30 2025 CBL-Mariner Servicing Account - 8.3.19-1 +- Auto-upgrade to 8.3.19 - for CVE-2025-1217 CVE-2025-1219, CVE-2025-1736, CVE-2025-1861 + * Wed Dec 04 2024 Kavya Sree Kaitepalli - 8.3.14-1 - Upgrade to 8.3.14 to fix CVE-2024-8932, CVE-2024-11234, CVE-2024-11233, CVE-2024-11236 - Update patch for phpinfo diff --git a/SPECS/prometheus/0001-Fix-exit-condition-of-TestQuerierIndexQueriesRace.patch b/SPECS/prometheus/0001-Fix-exit-condition-of-TestQuerierIndexQueriesRace.patch new file mode 100644 index 0000000000..ff60e55e2b --- /dev/null +++ b/SPECS/prometheus/0001-Fix-exit-condition-of-TestQuerierIndexQueriesRace.patch @@ -0,0 +1,30 @@ +From 41bc1097c65a402355dc2b0b9402811a78389b63 Mon Sep 17 00:00:00 2001 +From: Dimitar Dimitrov +Date: Wed, 20 Sep 2023 17:41:33 +0200 +Subject: [PATCH] Fix exit condition of TestQuerierIndexQueriesRace + +The test was introduced in # but was changed during the code review and not reran with the faulty code since then. + +Closes # + +Signed-off-by: Dimitar Dimitrov +--- + tsdb/querier_test.go | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tsdb/querier_test.go b/tsdb/querier_test.go +index 8cfd5d141..2c5ff7477 100644 +--- a/tsdb/querier_test.go ++++ b/tsdb/querier_test.go +@@ -2248,7 +2248,7 @@ func TestQuerierIndexQueriesRace(t *testing.T) { + func appendSeries(t *testing.T, ctx context.Context, wg *sync.WaitGroup, h *Head) { + defer wg.Done() + +- for i := 0; ctx.Err() != nil; i++ { ++ for i := 0; ctx.Err() == nil; i++ { + app := h.Appender(context.Background()) + _, err := app.Append(0, labels.FromStrings(labels.MetricName, "metric", "n", strconv.Itoa(i), "m", "0"), 0, 0) + require.NoError(t, err) +-- +2.33.8 + diff --git a/SPECS/prometheus/0002-Improve-sensitivity-of-TestQuerierIndexQueriesRace.patch b/SPECS/prometheus/0002-Improve-sensitivity-of-TestQuerierIndexQueriesRace.patch new file mode 100644 index 0000000000..14be60ee22 --- /dev/null +++ b/SPECS/prometheus/0002-Improve-sensitivity-of-TestQuerierIndexQueriesRace.patch @@ -0,0 +1,47 @@ +From 0e66dc19b9f93c247dd938f8099626573df0e998 Mon Sep 17 00:00:00 2001 +From: Dimitar Dimitrov +Date: Thu, 21 Sep 2023 12:30:08 +0200 +Subject: [PATCH] Improve sensitivity of TestQuerierIndexQueriesRace + +Currently, the two goroutines race against each other and it's possible that the main test goroutine finishes way earlier than appendSeries has had a chance to run at all. + +I tested this change by breaking the code that X fixed and running the race test 100 times. Without the additional time.Sleep the test failed 11 times. With the sleep it failed 65 out of the 100 runs. Which is still not ideal, but it's a step forward. + +Signed-off-by: Dimitar Dimitrov +--- + tsdb/querier_test.go | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/tsdb/querier_test.go b/tsdb/querier_test.go +index 2c5ff7477..4938443c2 100644 +--- a/tsdb/querier_test.go ++++ b/tsdb/querier_test.go +@@ -2221,6 +2221,7 @@ func TestQuerierIndexQueriesRace(t *testing.T) { + for _, c := range testCases { + c := c + t.Run(fmt.Sprintf("%v", c.matchers), func(t *testing.T) { ++ t.Parallel() + db := openTestDB(t, DefaultOptions(), nil) + h := db.Head() + t.Cleanup(func() { +@@ -2240,6 +2241,9 @@ func TestQuerierIndexQueriesRace(t *testing.T) { + values, _, err := q.LabelValues("n", c.matchers...) + require.NoError(t, err) + require.Emptyf(t, values, `label values for label "n" should be empty`) ++ ++ // Sleep to give the appends some change to run. ++ time.Sleep(time.Millisecond) + } + }) + } +@@ -2256,6 +2260,7 @@ func appendSeries(t *testing.T, ctx context.Context, wg *sync.WaitGroup, h *Head + require.NoError(t, err) + + // Throttle down the appends to keep the test somewhat nimble. ++ // Otherwise, we end up appending thousands or millions of samples. + time.Sleep(time.Millisecond) + } + } +-- +2.33.8 + diff --git a/SPECS/prometheus/CVE-2025-22868.patch b/SPECS/prometheus/CVE-2025-22868.patch new file mode 100644 index 0000000000..5a7a211469 --- /dev/null +++ b/SPECS/prometheus/CVE-2025-22868.patch @@ -0,0 +1,38 @@ +From 681b4d8edca1bcfea5bce685d77ea7b82ed3e7b3 Mon Sep 17 00:00:00 2001 +From: Neal Patel +Date: Thu, 30 Jan 2025 14:10:09 -0500 +Subject: [PATCH] jws: split token into fixed number of parts + +Thanks to 'jub0bs' for reporting this issue. + +Fixes #71490 +Fixes CVE-2025-22868 + +Change-Id: I2552731f46d4907f29aafe7863c558387b6bd6e2 +Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/652155 +Auto-Submit: Gopher Robot +Reviewed-by: Damien Neil +Reviewed-by: Roland Shoemaker +LUCI-TryBot-Result: Go LUCI +--- + vendor/golang.org/x/oauth2/jws/jws.go | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/vendor/golang.org/x/oauth2/jws/jws.go b/vendor/golang.org/x/oauth2/jws/jws.go +index 95015648b..6f03a49d3 100644 +--- a/vendor/golang.org/x/oauth2/jws/jws.go ++++ b/vendor/golang.org/x/oauth2/jws/jws.go +@@ -165,11 +165,11 @@ func Encode(header *Header, c *ClaimSet, key *rsa.PrivateKey) (string, error) { + // Verify tests whether the provided JWT token's signature was produced by the private key + // associated with the supplied public key. + func Verify(token string, key *rsa.PublicKey) error { +- parts := strings.Split(token, ".") +- if len(parts) != 3 { ++ if strings.Count(token, ".") != 2 { + return errors.New("jws: invalid token received, token must have 3 parts") + } + ++ parts := strings.SplitN(token, ".", 3) + signedContent := parts[0] + "." + parts[1] + signatureString, err := base64.RawURLEncoding.DecodeString(parts[2]) + if err != nil { diff --git a/SPECS/prometheus/CVE-2025-30204.patch b/SPECS/prometheus/CVE-2025-30204.patch new file mode 100644 index 0000000000..b4bfb7aefa --- /dev/null +++ b/SPECS/prometheus/CVE-2025-30204.patch @@ -0,0 +1,72 @@ +From 5dc62bf02f675d71ba521c6ae2a502474a0f351b Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Fri, 28 Mar 2025 21:58:44 +0000 +Subject: [PATCH] CVE-2025-30204 + +Upstream Patch Reference : v4: https://github.com/golang-jwt/jwt/commit/2f0e9add62078527821828c76865661aa7718a84 + +--- + vendor/github.com/golang-jwt/jwt/v4/parser.go | 36 +++++++++++++++++++++++--- + 1 file changed, 33 insertions(+), 3 deletions(-) + +diff --git a/vendor/github.com/golang-jwt/jwt/v4/parser.go b/vendor/github.com/golang-jwt/jwt/v4/parser.go +index c0a6f69..8e7e67c 100644 +--- a/vendor/github.com/golang-jwt/jwt/v4/parser.go ++++ b/vendor/github.com/golang-jwt/jwt/v4/parser.go +@@ -7,6 +7,8 @@ import ( + "strings" + ) + ++const tokenDelimiter = "." ++ + type Parser struct { + // If populated, only these methods will be considered valid. + // +@@ -123,9 +125,10 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf + // It's only ever useful in cases where you know the signature is valid (because it has + // been checked previously in the stack) and you want to extract values from it. + func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { +- parts = strings.Split(tokenString, ".") +- if len(parts) != 3 { +- return nil, parts, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) ++ var ok bool ++ parts, ok = splitToken(tokenString) ++ if !ok { ++ return nil, nil, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) + } + + token = &Token{Raw: tokenString} +@@ -175,3 +178,30 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke + + return token, parts, nil + } ++ ++// splitToken splits a token string into three parts: header, claims, and signature. It will only ++// return true if the token contains exactly two delimiters and three parts. In all other cases, it ++// will return nil parts and false. ++func splitToken(token string) ([]string, bool) { ++ parts := make([]string, 3) ++ header, remain, ok := strings.Cut(token, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[0] = header ++ claims, remain, ok := strings.Cut(remain, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[1] = claims ++ // One more cut to ensure the signature is the last part of the token and there are no more ++ // delimiters. This avoids an issue where malicious input could contain additional delimiters ++ // causing unecessary overhead parsing tokens. ++ signature, _, unexpected := strings.Cut(remain, tokenDelimiter) ++ if unexpected { ++ return nil, false ++ } ++ parts[2] = signature ++ ++ return parts, true ++} +-- +2.45.2 + diff --git a/SPECS/prometheus/prometheus.spec b/SPECS/prometheus/prometheus.spec index 435b98de32..97d36ed465 100644 --- a/SPECS/prometheus/prometheus.spec +++ b/SPECS/prometheus/prometheus.spec @@ -4,7 +4,7 @@ Summary: Prometheus monitoring system and time series database Name: prometheus Version: 2.45.4 -Release: 8%{?dist} +Release: 9%{?dist} License: Apache-2.0 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -22,6 +22,11 @@ Patch1: CVE-2023-45288.patch Patch2: CVE-2024-6104.patch Patch3: CVE-2024-24786.patch Patch4: CVE-2023-44487.patch +Patch5: CVE-2025-22868.patch +Patch6: CVE-2025-30204.patch +Patch7: 0001-Fix-exit-condition-of-TestQuerierIndexQueriesRace.patch +Patch8: 0002-Improve-sensitivity-of-TestQuerierIndexQueriesRace.patch + BuildRequires: golang BuildRequires: nodejs BuildRequires: nodejs-npm @@ -138,10 +143,13 @@ fi %doc README.md RELEASE.md documentation %changelog +* Fri Apr 28 2025 Ranjan Dutta - 2.45.4-9 +- merge from Azure Linux tag 3.0.20250423-3.0 + * Fri Mar 21 2025 Anuj Mittal - 2.45.4-8 - Bump Release to rebuild -* Tue Mar 04 2024 corvus-callidus <108946721+corvus-callidus@users.noreply.github.com> - 2.45.4-7 +* Tue Mar 04 2025 corvus-callidus <108946721+corvus-callidus@users.noreply.github.com> - 2.45.4-7 - Fix CVE-2023-44487 * Mon Nov 25 2024 Bala - 2.45.4-6 diff --git a/SPECS/python-archspec/python-archspec.signatures.json b/SPECS/python-archspec/python-archspec.signatures.json new file mode 100644 index 0000000000..88ea2b2978 --- /dev/null +++ b/SPECS/python-archspec/python-archspec.signatures.json @@ -0,0 +1,6 @@ +{ + "Signatures": { + "archspec-0.2.5.tar.gz": "5bec8dfc5366ff299071200466dc9572d56db4e43abca3c66bdd62bc2b731a2a" + } +} + \ No newline at end of file diff --git a/SPECS/python-archspec/python-archspec.spec b/SPECS/python-archspec/python-archspec.spec new file mode 100644 index 0000000000..071c2df2f1 --- /dev/null +++ b/SPECS/python-archspec/python-archspec.spec @@ -0,0 +1,89 @@ +%global srcname archspec +%global _description %{expand: +Archspec aims at providing a standard set of human-understandable labels for +various aspects of a system architecture like CPU, network fabrics, etc. and +APIs to detect, query and compare them. +This project grew out of Spack and is currently under active development. At +present it supports APIs to detect and model compatibility relationships among +different CPU microarchitectures.} +Summary: A library to query system architecture +Name: python-%{srcname} +Version: 0.2.5 +Release: 3%{?dist} +License: Apache-2.0 OR MIT +Vendor: Microsoft Corporation +Distribution: Azure Linux +URL: https://github.com/archspec/archspec +Source: %{pypi_source} +BuildRequires: python3-devel +BuildRequires: python3-jsonschema +BuildRequires: python3-pip +BuildRequires: python3-poetry +# For tests +BuildRequires: python3-pytest +BuildArch: noarch + +%description %{_description} + +%package -n python3-%{srcname} +Summary: %{summary} + +%description -n python3-%{srcname} %{_description} + +%prep +%autosetup -p1 -n %{srcname}-%{version} +rm -rf archspec/json/.git* + + +%build +%pyproject_wheel + + +%install +%pyproject_install +%pyproject_save_files %{srcname} + + +%check +%pytest -v + + +%files -n python3-%{srcname} -f %{pyproject_files} +%doc README.* +%{_bindir}/archspec +%license LICENSE-APACHE + +%changelog +* Tue Apr 01 2025 Riken Maharjan - 0.2.5-3 +- Initial Azure Linux import from Fedora 42 (license: MIT) +- License Verified + +* Sat Jan 18 2025 Fedora Release Engineering - 0.2.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Wed Oct 16 2024 Orion Poplawski - 0.2.5-1 +- Update to 0.2.5 + +* Fri Jul 19 2024 Fedora Release Engineering - 0.2.4-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Sat Jun 08 2024 Python Maint - 0.2.4-2 +- Rebuilt for Python 3.13 + +* Tue May 07 2024 Orion Poplawski - 0.2.4-1 +- Update to 0.2.4 + +* Wed Mar 20 2024 Orion Poplawski - 0.2.3-2 +- Run tests + +* Tue Mar 19 2024 Orion Poplawski - 0.2.3-1 +- Update to 0.2.3 + +* Fri Jan 26 2024 Fedora Release Engineering - 0.2.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 0.2.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sat Dec 02 2023 Orion Poplawski - 0.2.2-1 +- Initial Fedora package diff --git a/SPECS/python-boltons/python-boltons.signatures.json b/SPECS/python-boltons/python-boltons.signatures.json new file mode 100644 index 0000000000..7831275637 --- /dev/null +++ b/SPECS/python-boltons/python-boltons.signatures.json @@ -0,0 +1,6 @@ +{ + "Signatures": { + "boltons-25.0.0.tar.gz": "e110fbdc30b7b9868cb604e3f71d4722dd8f4dcb4a5ddd06028ba8f1ab0b5ace" + } + } + \ No newline at end of file diff --git a/SPECS/python-boltons/python-boltons.spec b/SPECS/python-boltons/python-boltons.spec new file mode 100644 index 0000000000..b84adcc781 --- /dev/null +++ b/SPECS/python-boltons/python-boltons.spec @@ -0,0 +1,94 @@ +%global pypi_name boltons +Summary: Functionality that should be in the standard library +Name: python-boltons +Version: 25.0.0 +Release: 2%{?dist} +License: BSD-3-Clause +URL: https://github.com/mahmoud/boltons +Vendor: Microsoft Corporation +Distribution: Azure Linux +Source0: %{pypi_source} +BuildArch: noarch +BuildRequires: python3-devel +BuildRequires: python3-pytest +BuildRequires: make +BuildRequires: python3-sphinx +BuildRequires: python3-pip +BuildRequires: python3-flit-core +%global _description %{expand: +Boltons is a set of over 230 BSD-licensed, pure-Python utilities in the same +spirit as — and yet conspicuously missing from — the standard library, +including: + + * Atomic file saving, bolted on with fileutils + * A highly-optimized OrderedMultiDict, in dictutils + * Two types of PriorityQueue, in queueutils + * Chunked and windowed iteration, in iterutils + * Recursive data structure iteration and merging, with iterutils.remap + * Exponential backoff functionality, including jitter, through + iterutils.backoff + * A full-featured TracebackInfo type, for representing stack traces, in + tbutils} + +%description %_description + +%package -n python3-boltons +Summary: %{summary} + +%description -n python3-boltons %_description + + +%prep +%autosetup -p1 -n boltons-%{version} + +%build +%pyproject_wheel +export READTHEDOCS=True +make -C docs man + +%install +%pyproject_install +mkdir -p %{buildroot}%{_mandir}/man1 +install -m644 docs/_build/man/boltons.1 %{buildroot}%{_mandir}/man1/ +%pyproject_save_files boltons + +%check +%pytest -v + + +%files -n python3-boltons -f %{pyproject_files} +%doc CHANGELOG.md README.md TODO.rst +%{_mandir}/man1/boltons.1* + + +%changelog +* Wed Feb 26 2025 Riken Maharjan - 25.0.0-2 +- Initial Azure Linux import from Fedora 40 (license: MIT) +- License Verified + +* Mon Feb 03 2025 Orion Poplawski - 25.0.0-1 +- Update to 25.0.0 + +* Sat Jan 18 2025 Fedora Release Engineering - 24.0.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Fri Jul 19 2024 Fedora Release Engineering - 24.0.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Fri Jun 07 2024 Python Maint - 24.0.0-2 +- Rebuilt for Python 3.13 + +* Sat Apr 06 2024 Orion Poplawski - 24.0.0-1 +- Update to 24.0.0 + +* Fri Jan 26 2024 Fedora Release Engineering - 23.1.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sun Jan 21 2024 Fedora Release Engineering - 23.1.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Wed Nov 29 2023 Orion Poplawski - 23.1.1-2 +- Build man page + +* Tue Nov 28 2023 Orion Poplawski - 23.1.1-1 +- Initial Fedora package \ No newline at end of file diff --git a/SPECS/python-conda-libmamba-solver/python-conda-libmamba-solver.signatures.json b/SPECS/python-conda-libmamba-solver/python-conda-libmamba-solver.signatures.json new file mode 100644 index 0000000000..51dae6b0a3 --- /dev/null +++ b/SPECS/python-conda-libmamba-solver/python-conda-libmamba-solver.signatures.json @@ -0,0 +1,6 @@ +{ + "Signatures": { + "conda-libmamba-solver-24.9.0.tar.gz": "77a78524719290468665c091cf073f2b97440bfea25c373105a997654063fdbe" + } + } + \ No newline at end of file diff --git a/SPECS/python-conda-libmamba-solver/python-conda-libmamba-solver.spec b/SPECS/python-conda-libmamba-solver/python-conda-libmamba-solver.spec new file mode 100644 index 0000000000..99b0f60a10 --- /dev/null +++ b/SPECS/python-conda-libmamba-solver/python-conda-libmamba-solver.spec @@ -0,0 +1,82 @@ +%global srcname conda-libmamba-solver +%global _description %{expand: +conda-libmamba-solver is a new solver for the conda package manager which +uses the solver from the mamba project behind the scenes, while carefully +implementing conda's functionality and expected behaviors on top. The +library used by mamba to do the heavy-lifting is called libsolv.} +Summary: The libmamba based solver for conda +Name: python-%{srcname} +Version: 24.9.0 +Release: 3%{?dist} +License: BSD-3-Clause +Vendor: Microsoft Corporation +Distribution: Azure Linux +URL: https://github.com/conda/conda-libmamba-solver +Source: %{url}/archive/%{version}/%{srcname}-%{version}.tar.gz +BuildRequires: python3-devel +BuildRequires: python3-hatch-vcs +BuildRequires: python3-hatchling +BuildRequires: python3-pathspec +BuildRequires: python3-pip +BuildRequires: python3-pluggy +BuildRequires: python3-setuptools +BuildRequires: python3-setuptools_scm +BuildRequires: python3-trove-classifiers +BuildArch: noarch + +%description %{_description} + +%package -n python3-%{srcname} +Summary: %{summary} + +%description -n python3-%{srcname} %{_description} + +%prep +%autosetup -p1 -n %{srcname}-%{version} +sed -i -e '/tool.hatch.version/afallback-version = "%{version}"' pyproject.toml +sed -i -e '/doctest/d' -e '/reruns/d' pyproject.toml + + + +%build +%pyproject_wheel + + +%install +%pyproject_install +%pyproject_save_files conda_libmamba_solver + + +%files -n python3-%{srcname} -f %{pyproject_files} +%doc README.* +%license %{python3_sitelib}/conda_libmamba_solver-%{version}.dist-info/licenses/LICENSE +%license %{python3_sitelib}/conda_libmamba_solver-%{version}.dist-info/licenses/AUTHORS.md + +%changelog +* Tue Apr 01 2025 Riken Maharjan - 24.9.0-3 +- Initial Azure Linux import from Fedora 42 (license: MIT) +- License Verified + +* Sat Jan 18 2025 Fedora Release Engineering - 24.9.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Fri Oct 18 2024 Orion Poplawski - 24.9.0-1 +- Update to 24.9.0 + +* Fri Jul 19 2024 Fedora Release Engineering - 23.11.1-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Fri Jun 07 2024 Python Maint - 23.11.1-5 +- Bootstrap for Python 3.13 + +* Fri Jan 26 2024 Fedora Release Engineering - 23.11.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Jan 22 2024 Fedora Release Engineering - 23.11.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Wed Dec 20 2023 Karolina Surma - 23.11.1-2 +- Conditionalize test run to avoid circular dependency on conda + +* Sat Dec 02 2023 Orion Poplawski - 23.11.1-1 +- Initial Fedora package diff --git a/SPECS/python-conda-package-streaming/python-conda-package-streaming.signatures.json b/SPECS/python-conda-package-streaming/python-conda-package-streaming.signatures.json new file mode 100644 index 0000000000..dd76125995 --- /dev/null +++ b/SPECS/python-conda-package-streaming/python-conda-package-streaming.signatures.json @@ -0,0 +1,6 @@ +{ + "Signatures": { + "conda-package-streaming-0.11.0.tar.gz": "407ec0bd3f65fccc3ac8e02f7ba3bb31c95ceca10ebdcfe66120bf56db28e59b" + } + } + \ No newline at end of file diff --git a/SPECS/python-conda-package-streaming/python-conda-package-streaming.spec b/SPECS/python-conda-package-streaming/python-conda-package-streaming.spec new file mode 100644 index 0000000000..b49393b2f0 --- /dev/null +++ b/SPECS/python-conda-package-streaming/python-conda-package-streaming.spec @@ -0,0 +1,122 @@ +%global srcname conda-package-streaming +%global pkgname conda_package_streaming +%global common_description %{expand:Download conda metadata from packages without transferring entire file. Get +metadata from local .tar.bz2 packages without reading entire files. +Uses enhanced pip lazy_wheel to fetch a file out of .conda with no more than +3 range requests, but usually 2. +Uses tar = tarfile.open(fileobj=...) to stream remote .tar.bz2. Closes the +HTTP request once desired files have been seen.} +# We have a circular dep on conda for tests + +Summary: Extract metadata from remote conda packages without downloading whole file +Name: python-%{srcname} +Version: 0.11.0 +Release: 3%{?dist} +License: BSD-3-Clause +Vendor: Microsoft Corporation +Distribution: Azure Linux +URL: https://github.com/conda/conda-package-streaming +Source0: https://github.com/conda/%{srcname}/archive/v%{version}/%{srcname}-%{version}.tar.gz +BuildArch: noarch +%if 0%{?with_check} +BuildRequires: python3-archspec +BuildRequires: python3-zstandard +BuildRequires: python3-pytest +BuildRequires: python3-pytest-mock +%endif + +%description +%{common_description} + +%package -n python3-%{srcname} +Summary: %{summary} +BuildRequires: python3-devel +BuildRequires: python3-flit-core +BuildRequires: python3-pip +Requires: python3-requests +Requires: python3-zstandard + + +%description -n python3-%{srcname} +%{common_description} + +%prep +%autosetup -n %{srcname}-%{version} +# do not run coverage in pytest, drop unneeded and unpackaged boto3-stubs dev dep +sed -i -e '/cov/d' -e '/boto3-stubs/d' pyproject.toml requirements.txt + +%build +%pyproject_wheel + +%install +%pyproject_install +%pyproject_save_files %{pkgname} + +%check +pip3 install pytest-cov==6.1.0 boto3==1.37.24 boto3-stubs[essential]==1.37.24 bottle==0.13.2 +%pytest -v tests/test_degraded.py + + +%files -n python3-%{srcname} -f %{pyproject_files} +%doc README.md +%license LICENSE + +%changelog +* Tue Apr 01 2025 Riken Maharjan - 0.11.0-3 +- Initial Azure Linux import from Fedora 42 (license: MIT) +- License Verified + +* Sat Jan 18 2025 Fedora Release Engineering - 0.11.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Fri Oct 18 2024 Orion Poplawski - 0.11.0-1 +- Update to 0.11.0 + +* Fri Jul 19 2024 Fedora Release Engineering - 0.10.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Fri Jun 28 2024 Orion Poplawski - 0.10.0-3 +- Drop bootstrap + +* Sun Jun 16 2024 Python Maint - 0.10.0-3 +- Bootstrap for Python 3.13 + +* Fri Jun 14 2024 Orion Poplawski - 0.10.0-2 +- Bootstrap build with Python 3.13 + +* Thu Jun 06 2024 Orion Poplawski - 0.10.0-1 +- Update to 0.10.0 + +* Fri Jan 26 2024 Fedora Release Engineering - 0.9.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Jan 22 2024 Fedora Release Engineering - 0.9.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Sat Aug 26 2023 Orion Poplawski - 0.9.0-1 +- Update to 0.9.0 + +* Fri Jul 21 2023 Fedora Release Engineering - 0.7.0-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Thu Jul 20 2023 Python Maint - 0.7.0-6 +- Rebuilt for Python 3.12 + +* Tue Jul 04 2023 Python Maint - 0.7.0-5 +- Bootstrap for Python 3.12 + +* Fri Jan 20 2023 Fedora Release Engineering - 0.7.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Thu Dec 08 2022 Orion Poplawski - 0.7.0-3 +- Use test extras for build requires +- Add bootstrap conditional + +* Wed Dec 07 2022 Orion Poplawski - 0.7.0-2 +- Use macro for description +- Use %%pytest macro +- Fix license +- Add comments about deselected tests + +* Sat Dec 03 2022 Orion Poplawski - 0.7.0-1 +- Initial Fedora package diff --git a/SPECS/python-jinja2/CVE-2025-27516.patch b/SPECS/python-jinja2/CVE-2025-27516.patch new file mode 100644 index 0000000000..4f658a0c20 --- /dev/null +++ b/SPECS/python-jinja2/CVE-2025-27516.patch @@ -0,0 +1,72 @@ +From b289cbd6a87485ecf81bb959f11f177c71a2e041 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Fri, 7 Mar 2025 14:03:44 +0000 +Subject: [PATCH] CVE-2025-27516 + +Upstream Reference : https://github.com/pallets/jinja/commit/90457bbf33b8662926ae65cdde4c4c32e756e403 +--- + src/jinja2/filters.py | 37 ++++++++++++++++--------------------- + 1 file changed, 16 insertions(+), 21 deletions(-) + +diff --git a/src/jinja2/filters.py b/src/jinja2/filters.py +index ed07c4c..706d899 100644 +--- a/src/jinja2/filters.py ++++ b/src/jinja2/filters.py +@@ -5,6 +5,7 @@ import re + import typing + import typing as t + from collections import abc ++from inspect import getattr_static + from itertools import chain + from itertools import groupby + +@@ -1373,31 +1374,25 @@ def do_reverse(value: t.Union[str, t.Iterable[V]]) -> t.Union[str, t.Iterable[V] + def do_attr( + environment: "Environment", obj: t.Any, name: str + ) -> t.Union[Undefined, t.Any]: +- """Get an attribute of an object. ``foo|attr("bar")`` works like +- ``foo.bar`` just that always an attribute is returned and items are not +- looked up. ++ """Get an attribute of an object. ``foo|attr("bar")`` works like ++ ``foo.bar``, but returns undefined instead of falling back to ``foo["bar"]`` ++ if the attribute doesn't exist. + + See :ref:`Notes on subscriptions ` for more details. + """ ++ # Environment.getattr will fall back to obj[name] if obj.name doesn't exist. ++ # But we want to call env.getattr to get behavior such as sandboxing. ++ # Determine if the attr exists first, so we know the fallback won't trigger. + try: +- name = str(name) +- except UnicodeError: +- pass +- else: +- try: +- value = getattr(obj, name) +- except AttributeError: +- pass +- else: +- if environment.sandboxed: +- environment = t.cast("SandboxedEnvironment", environment) +- +- if not environment.is_safe_attribute(obj, name, value): +- return environment.unsafe_undefined(obj, name) +- +- return value +- +- return environment.undefined(obj=obj, name=name) ++ # This avoids executing properties/descriptors, but misses __getattr__ ++ # and __getattribute__ dynamic attrs. ++ getattr_static(obj, name) ++ except AttributeError: ++ # This finds dynamic attrs, and we know it's not a descriptor at this point. ++ if not hasattr(obj, name): ++ return environment.undefined(obj=obj, name=name) ++ ++ return environment.getattr(obj, name) + + + @typing.overload +-- +2.45.2 + diff --git a/SPECS/python-jinja2/python-jinja2-testing-deps.patch b/SPECS/python-jinja2/python-jinja2-testing-deps.patch new file mode 100644 index 0000000000..47077f593b --- /dev/null +++ b/SPECS/python-jinja2/python-jinja2-testing-deps.patch @@ -0,0 +1,69 @@ +From 26b3a167236e300f05780c4b675ec6e2dba04e24 Mon Sep 17 00:00:00 2001 +From: Sam Meluch +Date: Mon, 10 Mar 2025 15:28:30 -0700 +Subject: [PATCH] fix mariner test deps + +--- + requirements/tests.txt | 12 +++++------- + tests/test_loader.py | 6 ++++-- + 2 files changed, 9 insertions(+), 11 deletions(-) + +diff --git a/requirements/tests.txt b/requirements/tests.txt +index 4cd3fe99..31c9bb06 100644 +--- a/requirements/tests.txt ++++ b/requirements/tests.txt +@@ -7,17 +7,15 @@ + # + attrs==21.4.0 + # via pytest +-iniconfig==1.1.1 ++exceptiongroup==1.1.1 + # via pytest +-packaging==21.3 ++iniconfig==1.1.1 + # via pytest +-pluggy==1.0.0 ++packaging==23.2 + # via pytest +-py==1.11.0 ++pluggy==1.5.0 + # via pytest +-pyparsing==3.0.8 +- # via packaging +-pytest==7.1.2 ++pytest==7.4.0 + # via -r requirements/tests.in + tomli==2.0.1 + # via pytest + +diff --git a/tests/test_loader.py b/tests/test_loader.py +index 04c921d24..77d686ef5 100644 +--- a/tests/test_loader.py ++++ b/tests/test_loader.py +@@ -183,6 +183,7 @@ def test_filename_normpath(self): + + class TestModuleLoader: + archive = None ++ mod_env = None + + def compile_down(self, prefix_loader, zip="deflated"): + log = [] +@@ -196,13 +197,14 @@ def compile_down(self, prefix_loader, zip="deflated"): + self.mod_env = Environment(loader=loaders.ModuleLoader(self.archive)) + return "".join(log) + +- def teardown(self): +- if hasattr(self, "mod_env"): ++ def teardown_method(self): ++ if self.archive is not None: + if os.path.isfile(self.archive): + os.remove(self.archive) + else: + shutil.rmtree(self.archive) + self.archive = None ++ self.mod_env = None + + def test_log(self, prefix_loader): + log = self.compile_down(prefix_loader) +-- +2.34.1 \ No newline at end of file diff --git a/SPECS/python-jinja2/python-jinja2.spec b/SPECS/python-jinja2/python-jinja2.spec index c26b369a55..a2ddfbb02e 100644 --- a/SPECS/python-jinja2/python-jinja2.spec +++ b/SPECS/python-jinja2/python-jinja2.spec @@ -1,7 +1,7 @@ Summary: A fast and easy to use template engine written in pure Python Name: python-jinja2 Version: 3.1.2 -Release: 2%{?dist} +Release: 3%{?dist} License: BSD Vendor: Microsoft Corporation Distribution: Azure Linux @@ -12,6 +12,8 @@ Patch0: CVE-2024-22195.patch Patch1: CVE-2024-34064.patch Patch2: CVE-2024-56201.patch Patch3: CVE-2024-56326.patch +Patch4: CVE-2025-27516.patch +Patch5: python-jinja2-testing-deps.patch BuildArch: noarch %description @@ -25,6 +27,7 @@ BuildRequires: python3-setuptools BuildRequires: python3-xml %if 0%{?with_check} BuildRequires: python3-pip +BuildRequires: python3-pytest %endif Requires: python3 Requires: python3-markupsafe @@ -47,8 +50,8 @@ sed -i 's/\r$//' LICENSE.rst # Fix wrong EOL encoding %py3_install %check -pip3 install tox -tox -e py%{python3_version_nodots} +pip3 install tox packaging==23.2 +tox -v -e py%{python3_version_nodots} -- %files -n python3-jinja2 %defattr(-,root,root) @@ -57,6 +60,9 @@ tox -e py%{python3_version_nodots} %{python3_sitelib}/Jinja2-%{version}-py%{python3_version}.egg-info %changelog +* Fri Mar 07 2025 Kanishk Bansal - 3.1.2-3 +- Address CVE-2025-27516 with an upstream patch and fix the ptest + * Thu Jan 2 2025 Kanishk Bansal - 3.1.2-2 - Address CVE-2024-22195, CVE-2024-34064, CVE-2024-56201, CVE-2024-56326 with an upstream patch. diff --git a/SPECS/python-menuinst/python-menuinst.signatures.json b/SPECS/python-menuinst/python-menuinst.signatures.json new file mode 100644 index 0000000000..2117f7523f --- /dev/null +++ b/SPECS/python-menuinst/python-menuinst.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "menuinst-2.2.0.tar.gz": "c225bacefa9ee216e678d929d375e34f10856d87c1aba70a57c3d7974fda0cb7" + } + } \ No newline at end of file diff --git a/SPECS/python-menuinst/python-menuinst.spec b/SPECS/python-menuinst/python-menuinst.spec new file mode 100644 index 0000000000..c7781ff097 --- /dev/null +++ b/SPECS/python-menuinst/python-menuinst.spec @@ -0,0 +1,93 @@ +%global srcname menuinst +%global _description %{expand: +This package provides cross platform menu item installation for conda packages. +If a conda package ships a menuinst JSON document under $PREFIX/Menu, conda +will invoke menuinst to process the JSON file and install the menu items in +your operating system. The menu items are removed when the package is +uninstalled. +The following formats are supported: + Windows: .lnk files in the Start menu. Optionally, also in the Desktop and + Quick Launch. + macOS: .app bundles in the Applications folder. + Linux: .desktop files as defined in the XDG standard.} +Summary: Cross platform menu item installation +Name: python-%{srcname} +Version: 2.2.0 +Release: 8%{?dist} +License: BSD-3-Clause +Vendor: Microsoft Corporation +Distribution: Azure Linux +URL: https://github.com/conda/menuinst +Source: %{url}/archive/%{version}/%{srcname}-%{version}.tar.gz +BuildRequires: python3-devel +BuildRequires: python3-pip +BuildRequires: python3-pytest +BuildRequires: python3-setuptools +BuildRequires: python3-setuptools_scm +BuildRequires: python3-wheel +BuildArch: noarch + +%description %{_description} + +%package -n python3-%{srcname} +Summary: %{summary} + +%description -n python3-%{srcname} %{_description} + +%prep +%autosetup -p1 -n %{srcname}-%{version} +# apipkg is only needed on Windows +rm -r menuinst/_vendor +# remove Windows only components not needed and with some different licenses +rm -r menuinst/_legacy/win32.py menuinst/platforms/win* +export SETUPTOOLS_SCM_PRETEND_VERSION=%{version} +# Ensure pretend_version is set to true in pyproject.toml + + + +%build +export SETUPTOOLS_SCM_PRETEND_VERSION=%{version} +%pyproject_wheel + + +%install +export SETUPTOOLS_SCM_PRETEND_VERSION=%{version} +%pyproject_install +%pyproject_save_files %{srcname} + + +%check +# Upstream does not support pydantic 2.X +# https://github.com/conda/menuinst/issues/166 +%pytest || : + + +%files -n python3-%{srcname} -f %{pyproject_files} +%doc README.* +%license LICENSE.txt + +%changelog +* Tue Apr 01 2025 Riken Maharjan - 2.2.0-8 +- Initial Azure Linux import from Fedora 42 (license: MIT) +- License Verified + +* Sat Jan 18 2025 Fedora Release Engineering - 2.2.0-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Sat Jan 18 2025 Fedora Release Engineering - 2.0.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Fri Jul 19 2024 Fedora Release Engineering - 2.0.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Sat Jun 29 2024 Python Maint - 2.0.0-4 +- Rebuilt for Python 3.13 + +* Fri Jan 26 2024 Fedora Release Engineering - 2.0.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Jan 22 2024 Fedora Release Engineering - 2.0.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Tue Dec 05 2023 Orion Poplawski - 2.0.0-1 +- Initial import diff --git a/SPECS/python-twisted/CVE-2023-46137.patch b/SPECS/python-twisted/CVE-2023-46137.patch new file mode 100644 index 0000000000..1fd60c21d2 --- /dev/null +++ b/SPECS/python-twisted/CVE-2023-46137.patch @@ -0,0 +1,69 @@ +From 0996d783f844e08fd5713ca34192e87d1fec3b77 Mon Sep 17 00:00:00 2001 +From: jykanase +Date: Mon, 3 Feb 2025 09:29:32 +0000 +Subject: [PATCH] CVE-2023-46137 + +Source Link: https://github.com/twisted/twisted/pull/11979 +--- + src/twisted/web/http.py | 32 +++++++++++++++++++++++++++----- + 1 file changed, 27 insertions(+), 5 deletions(-) + +diff --git a/src/twisted/web/http.py b/src/twisted/web/http.py +index b80a55a..23f8817 100644 +--- a/src/twisted/web/http.py ++++ b/src/twisted/web/http.py +@@ -2443,14 +2443,38 @@ class HTTPChannel(basic.LineReceiver, policies.TimeoutMixin): + + self._handlingRequest = True + ++ # We go into raw mode here even though we will be receiving lines next ++ # in the protocol; however, this data will be buffered and then passed ++ # back to line mode in the setLineMode call in requestDone. ++ self.setRawMode() ++ + req = self.requests[-1] + req.requestReceived(command, path, version) + +- def dataReceived(self, data): ++ def rawDataReceived(self, data: bytes) -> None: + """ +- Data was received from the network. Process it. ++ This is called when this HTTP/1.1 parser is in raw mode rather than ++ line mode. ++ ++ It may be in raw mode for one of two reasons: ++ ++ 1. All the headers of a request have been received and this ++ L{HTTPChannel} is currently receiving its body. ++ ++ 2. The full content of a request has been received and is currently ++ being processed asynchronously, and this L{HTTPChannel} is ++ buffering the data of all subsequent requests to be parsed ++ later. ++ ++ In the second state, the data will be played back later. ++ ++ @note: This isn't really a public API, and should be invoked only by ++ L{LineReceiver}'s line parsing logic. If you wish to drive an ++ L{HTTPChannel} from a custom data source, call C{dataReceived} on ++ it directly. ++ ++ @see: L{LineReceive.rawDataReceived} + """ +- # If we're currently handling a request, buffer this data. + if self._handlingRequest: + self._dataBuffer.append(data) + if ( +@@ -2462,9 +2486,7 @@ class HTTPChannel(basic.LineReceiver, policies.TimeoutMixin): + # ready. See docstring for _optimisticEagerReadSize above. + self._networkProducer.pauseProducing() + return +- return basic.LineReceiver.dataReceived(self, data) + +- def rawDataReceived(self, data): + self.resetTimeout() + + try: +-- +2.45.2 + diff --git a/SPECS/python-twisted/python-twisted.spec b/SPECS/python-twisted/python-twisted.spec index 8d5b3b6540..fc1dccd51f 100644 --- a/SPECS/python-twisted/python-twisted.spec +++ b/SPECS/python-twisted/python-twisted.spec @@ -2,7 +2,7 @@ Summary: An asynchronous networking framework written in Python Name: python-twisted Version: 22.10.0 -Release: 3%{?dist} +Release: 4%{?dist} License: MIT Vendor: Microsoft Corporation Distribution: Azure Linux @@ -15,7 +15,7 @@ Patch0: disable_multicast_test.patch Patch1: CVE-2024-41671.patch # Patch2 is required for both CVE-2024-41671 and CVE-2024-41810 Patch2: CVE-2024-41810.patch - +Patch3: CVE-2023-46137.patch BuildRequires: python3-devel BuildRequires: python3-incremental BuildRequires: python3-pyOpenSSL @@ -101,6 +101,9 @@ LANG=en_US.UTF-8 sudo -u test /home/test/.local/bin/tox -e nocov-posix-alldeps %{_bindir}/cftp3 %changelog +* Mon Feb 03 2025 Jyoti Kanase - 22.10.0-4 +- Fix CVE-2023-46137 + * Thu Aug 01 2024 Sindhu Karri - 22.10.0-3 - Fix CVE-2024-41671 and CVE-2024-41810 with patches diff --git a/SPECS/python-zstandard/python-zstandard.signatures.json b/SPECS/python-zstandard/python-zstandard.signatures.json new file mode 100644 index 0000000000..2343a7abbd --- /dev/null +++ b/SPECS/python-zstandard/python-zstandard.signatures.json @@ -0,0 +1,6 @@ +{ + "Signatures": { + "zstandard-0.23.0.tar.gz": "b2d8c62d08e7255f68f7a740bae85b3c9b8e5466baa9cbf7f57f1cde0ac6bc09" + } + } + \ No newline at end of file diff --git a/SPECS/python-zstandard/python-zstandard.spec b/SPECS/python-zstandard/python-zstandard.spec new file mode 100644 index 0000000000..9c56eedcef --- /dev/null +++ b/SPECS/python-zstandard/python-zstandard.spec @@ -0,0 +1,152 @@ +%global pypi_name zstandard +%global desc This project provides Python bindings for interfacing with the Zstandard compression library. A C extension and CFFI interface are provided. +Summary: Zstandard bindings for Python +Name: python-%{pypi_name} +Version: 0.23.0 +Release: 3%{?dist} +License: (BSD-3-Clause OR GPL-2.0-only) AND MIT +Vendor: Microsoft Corporation +Distribution: Azure Linux +URL: https://github.com/indygreg/python-zstandard +Source0: %{pypi_source} +# relax dependencies so that auto BR generation works + +%description +%{desc} + +%package -n python3-%{pypi_name} +Summary: %{summary} +BuildRequires: gcc +BuildRequires: libzstd-devel +BuildRequires: python3-devel +BuildRequires: python3-pip +BuildRequires: python3-wheel +Requires: python3-cffi +# https://github.com/indygreg/python-zstandard/issues/48 +Provides: bundled(zstd) = 1.5.6 +%if %{with check} +BuildRequires: python3dist(pytest) +BuildRequires: python3dist(pytest-xdist) +%endif + +%description -n python3-%{pypi_name} +%{desc} + +%pyproject_extras_subpkg -n python3-%{pypi_name} cffi + +%prep +%autosetup -n %{pypi_name}-%{version} +rm -r %{pypi_name}.egg-info + +%build +%pyproject_wheel + +%install +%pyproject_install +%pyproject_save_files %{pypi_name} + +%check +%pyproject_check_import +%if %{with check} +mv zstandard{,.src} +export ZSTD_SLOW_TESTS=1 +%pytest -v\ + --numprocesses=auto +mv zstandard{.src,} +%endif + +%files -n python3-%{pypi_name} -f %{pyproject_files} +%license LICENSE zstd/COPYING +%doc README.rst + +%changelog +* Tue Apr 01 2025 Riken Maharjan - 0.23.0-3 +- Initial Azure Linux import from Fedora 42 (license: MIT) +- License Verified + +* Sat Jan 18 2025 Fedora Release Engineering - 0.23.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Thu Oct 03 2024 Dominik Mierzejewski - 0.23.0-1 +- update to 0.23.0 (resolves rhbz#2298052) +- switch to modern python packaging guidelines + and automatic BuildRequires generation + +* Fri Jul 19 2024 Fedora Release Engineering - 0.22.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Fri Jun 07 2024 Python Maint - 0.22.0-4 +- Rebuilt for Python 3.13 + +* Fri Jan 26 2024 Fedora Release Engineering - 0.22.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Mon Jan 22 2024 Fedora Release Engineering - 0.22.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Wed Nov 22 2023 Dominik Mierzejewski - 0.22.0-1 +- update to 0.22.0 (resolves rhbz#2247527) +- fix build with Python 3.13 (resolves rhbz#2245876) + +* Fri Jul 21 2023 Fedora Release Engineering - 0.21.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Thu Jun 15 2023 Python Maint - 0.21.0-2 +- Rebuilt for Python 3.12 + +* Wed May 24 2023 Dominik Mierzejewski - 0.21.0-1 +- update to 0.21.0 (#2172363) +- bump bundled zstd version + +* Fri Jan 20 2023 Fedora Release Engineering - 0.19.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Wed Nov 02 2022 Dominik Mierzejewski 0.19.0-1 +- update to 0.19.0 (#2138646) + +* Wed Oct 05 2022 Dominik Mierzejewski 0.18.0-1 +- update to 0.18.0 (#2099853) + +* Fri Jul 22 2022 Fedora Release Engineering - 0.17.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Tue Jun 14 2022 Python Maint - 0.17.0-2 +- Rebuilt for Python 3.11 + +* Tue Feb 15 2022 Dominik Mierzejewski 0.17.0-1 +- update to 0.17.0 (#2042593) +- drop obsolete patch + +* Fri Jan 21 2022 Fedora Release Engineering - 0.16.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Mon Oct 18 2021 Dominik Mierzejewski 0.16.0-1 +- update to 0.16.0 (#2014873) +- drop obsolete patch +- improve patch for inconsistent `closed` attribute issue + +* Tue Jul 27 2021 Fedora Release Engineering - 0.15.2-3 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Fri Jun 04 2021 Python Maint - 0.15.2-2 +- Rebuilt for Python 3.10 + +* Mon Mar 01 2021 Dominik Mierzejewski 0.15.2-1 +- update to 0.15.2 (#1933476) +- fix tests on s390x + +* Wed Feb 03 2021 Dominik Mierzejewski 0.15.1-1 +- update to 0.15.1 (#1924620) +- work around weird test failure +- fix tests on i686 and s390x + +* Wed Jan 27 2021 Fedora Release Engineering - 0.13.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Wed Jul 29 2020 Fedora Release Engineering - 0.13.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Fri May 29 2020 Dominik Mierzejewski 0.13.0-1 +- initial build +- skip some tests on s390x (https://github.com/indygreg/python-zstandard/issues/105) diff --git a/SPECS/pytorch/CVE-2021-22569.patch b/SPECS/pytorch/CVE-2021-22569.patch new file mode 100644 index 0000000000..21e2069f9f --- /dev/null +++ b/SPECS/pytorch/CVE-2021-22569.patch @@ -0,0 +1,944 @@ +From 6c642eee84bbd211dc0d84ed74da007755a4b57e Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Mon, 31 Mar 2025 13:45:38 +0000 +Subject: [PATCH] CVE-2021-22569 + +Upstream Patch Reference: https://github.com/protocolbuffers/protobuf/pull/9371/commits/5ea2bdf6d7483d64a6b02fcf00ee51fbfb80e847 +--- + .../com/google/protobuf/UnknownFieldSet.java | 427 +++++++++--------- + 1 file changed, 215 insertions(+), 212 deletions(-) + +diff --git a/third_party/protobuf/java/core/src/main/java/com/google/protobuf/UnknownFieldSet.java b/third_party/protobuf/java/core/src/main/java/com/google/protobuf/UnknownFieldSet.java +index ba2f9df0..5c482d62 100644 +--- a/third_party/protobuf/java/core/src/main/java/com/google/protobuf/UnknownFieldSet.java ++++ b/third_party/protobuf/java/core/src/main/java/com/google/protobuf/UnknownFieldSet.java +@@ -43,13 +43,13 @@ import java.util.Map; + import java.util.TreeMap; + + /** +- * {@code UnknownFieldSet} is used to keep track of fields which were seen when parsing a protocol ++ * {@code UnknownFieldSet} keeps track of fields which were seen when parsing a protocol + * message but whose field numbers or types are unrecognized. This most frequently occurs when new + * fields are added to a message type and then messages containing those fields are read by old + * software that was compiled before the new types were added. + * + *

Every {@link Message} contains an {@code UnknownFieldSet} (and every {@link Message.Builder} +- * contains an {@link Builder}). ++ * contains a {@link Builder}). + * + *

Most users will never need to use this class. + * +@@ -57,9 +57,13 @@ import java.util.TreeMap; + */ + public final class UnknownFieldSet implements MessageLite { + +- private UnknownFieldSet() { +- fields = null; +- fieldsDescending = null; ++ private final TreeMap fields; ++ ++ /** ++ * Construct an {@code UnknownFieldSet} around the given map. ++ */ ++ UnknownFieldSet(TreeMap fields) { ++ this.fields = fields; + } + + /** Create a new {@link Builder}. */ +@@ -68,7 +72,7 @@ public final class UnknownFieldSet implements MessageLite { + } + + /** Create a new {@link Builder} and initialize it to be a copy of {@code copyFrom}. */ +- public static Builder newBuilder(final UnknownFieldSet copyFrom) { ++ public static Builder newBuilder(UnknownFieldSet copyFrom) { + return newBuilder().mergeFrom(copyFrom); + } + +@@ -83,25 +87,11 @@ public final class UnknownFieldSet implements MessageLite { + } + + private static final UnknownFieldSet defaultInstance = +- new UnknownFieldSet( +- Collections.emptyMap(), Collections.emptyMap()); +- +- /** +- * Construct an {@code UnknownFieldSet} around the given map. The map is expected to be immutable. +- */ +- UnknownFieldSet(final Map fields, final Map fieldsDescending) { +- this.fields = fields; +- this.fieldsDescending = fieldsDescending; +- } +- +- private final Map fields; +- +- /** A copy of {@link #fields} who's iterator order is reversed. */ +- private final Map fieldsDescending; ++ new UnknownFieldSet(new TreeMap()); + + + @Override +- public boolean equals(final Object other) { ++ public boolean equals(Object other) { + if (this == other) { + return true; + } +@@ -110,29 +100,33 @@ public final class UnknownFieldSet implements MessageLite { + + @Override + public int hashCode() { ++ if (fields.isEmpty()) { // avoid allocation of iterator. ++ // This optimization may not be helpful but it is needed for the allocation tests to pass. ++ return 0; ++ } + return fields.hashCode(); + } + + /** Get a map of fields in the set by number. */ + public Map asMap() { +- return fields; ++ return (Map) fields.clone(); + } + + /** Check if the given field number is present in the set. */ +- public boolean hasField(final int number) { ++ public boolean hasField(int number) { + return fields.containsKey(number); + } + + /** Get a field by number. Returns an empty field if not present. Never returns {@code null}. */ +- public Field getField(final int number) { +- final Field result = fields.get(number); ++ public Field getField(int number) { ++ Field result = fields.get(number); + return (result == null) ? Field.getDefaultInstance() : result; + } + + /** Serializes the set and writes it to {@code output}. */ + @Override +- public void writeTo(final CodedOutputStream output) throws IOException { +- for (final Map.Entry entry : fields.entrySet()) { ++ public void writeTo(CodedOutputStream output) throws IOException { ++ for (Map.Entry entry : fields.entrySet()) { + Field field = entry.getValue(); + field.writeTo(entry.getKey(), output); + } +@@ -154,10 +148,10 @@ public final class UnknownFieldSet implements MessageLite { + @Override + public ByteString toByteString() { + try { +- final ByteString.CodedBuilder out = ByteString.newCodedBuilder(getSerializedSize()); ++ ByteString.CodedBuilder out = ByteString.newCodedBuilder(getSerializedSize()); + writeTo(out.getCodedOutput()); + return out.build(); +- } catch (final IOException e) { ++ } catch (IOException e) { + throw new RuntimeException( + "Serializing to a ByteString threw an IOException (should never happen).", e); + } +@@ -170,12 +164,12 @@ public final class UnknownFieldSet implements MessageLite { + @Override + public byte[] toByteArray() { + try { +- final byte[] result = new byte[getSerializedSize()]; +- final CodedOutputStream output = CodedOutputStream.newInstance(result); ++ byte[] result = new byte[getSerializedSize()]; ++ CodedOutputStream output = CodedOutputStream.newInstance(result); + writeTo(output); + output.checkNoSpaceLeft(); + return result; +- } catch (final IOException e) { ++ } catch (IOException e) { + throw new RuntimeException( + "Serializing to a byte array threw an IOException (should never happen).", e); + } +@@ -186,16 +180,16 @@ public final class UnknownFieldSet implements MessageLite { + * {@link #writeTo(CodedOutputStream)}. + */ + @Override +- public void writeTo(final OutputStream output) throws IOException { +- final CodedOutputStream codedOutput = CodedOutputStream.newInstance(output); ++ public void writeTo(OutputStream output) throws IOException { ++ CodedOutputStream codedOutput = CodedOutputStream.newInstance(output); + writeTo(codedOutput); + codedOutput.flush(); + } + + @Override + public void writeDelimitedTo(OutputStream output) throws IOException { +- final CodedOutputStream codedOutput = CodedOutputStream.newInstance(output); +- codedOutput.writeRawVarint32(getSerializedSize()); ++ CodedOutputStream codedOutput = CodedOutputStream.newInstance(output); ++ codedOutput.writeUInt32NoTag(getSerializedSize()); + writeTo(codedOutput); + codedOutput.flush(); + } +@@ -204,15 +198,17 @@ public final class UnknownFieldSet implements MessageLite { + @Override + public int getSerializedSize() { + int result = 0; +- for (final Map.Entry entry : fields.entrySet()) { +- result += entry.getValue().getSerializedSize(entry.getKey()); ++ if (!fields.isEmpty()) { ++ for (Map.Entry entry : fields.entrySet()) { ++ result += entry.getValue().getSerializedSize(entry.getKey()); ++ } + } + return result; + } + + /** Serializes the set and writes it to {@code output} using {@code MessageSet} wire format. */ +- public void writeAsMessageSetTo(final CodedOutputStream output) throws IOException { +- for (final Map.Entry entry : fields.entrySet()) { ++ public void writeAsMessageSetTo(CodedOutputStream output) throws IOException { ++ for (Map.Entry entry : fields.entrySet()) { + entry.getValue().writeAsMessageSetExtensionTo(entry.getKey(), output); + } + } +@@ -221,7 +217,7 @@ public final class UnknownFieldSet implements MessageLite { + void writeTo(Writer writer) throws IOException { + if (writer.fieldOrder() == Writer.FieldOrder.DESCENDING) { + // Write fields in descending order. +- for (Map.Entry entry : fieldsDescending.entrySet()) { ++ for (Map.Entry entry : fields.descendingMap().entrySet()) { + entry.getValue().writeTo(entry.getKey(), writer); + } + } else { +@@ -233,15 +229,15 @@ public final class UnknownFieldSet implements MessageLite { + } + + /** Serializes the set and writes it to {@code writer} using {@code MessageSet} wire format. */ +- void writeAsMessageSetTo(final Writer writer) throws IOException { ++ void writeAsMessageSetTo(Writer writer) throws IOException { + if (writer.fieldOrder() == Writer.FieldOrder.DESCENDING) { + // Write fields in descending order. +- for (final Map.Entry entry : fieldsDescending.entrySet()) { ++ for (Map.Entry entry : fields.descendingMap().entrySet()) { + entry.getValue().writeAsMessageSetExtensionTo(entry.getKey(), writer); + } + } else { + // Write fields in ascending order. +- for (final Map.Entry entry : fields.entrySet()) { ++ for (Map.Entry entry : fields.entrySet()) { + entry.getValue().writeAsMessageSetExtensionTo(entry.getKey(), writer); + } + } +@@ -250,7 +246,7 @@ public final class UnknownFieldSet implements MessageLite { + /** Get the number of bytes required to encode this set using {@code MessageSet} wire format. */ + public int getSerializedSizeAsMessageSet() { + int result = 0; +- for (final Map.Entry entry : fields.entrySet()) { ++ for (Map.Entry entry : fields.entrySet()) { + result += entry.getValue().getSerializedSizeAsMessageSetExtension(entry.getKey()); + } + return result; +@@ -264,23 +260,23 @@ public final class UnknownFieldSet implements MessageLite { + } + + /** Parse an {@code UnknownFieldSet} from the given input stream. */ +- public static UnknownFieldSet parseFrom(final CodedInputStream input) throws IOException { ++ public static UnknownFieldSet parseFrom(CodedInputStream input) throws IOException { + return newBuilder().mergeFrom(input).build(); + } + + /** Parse {@code data} as an {@code UnknownFieldSet} and return it. */ +- public static UnknownFieldSet parseFrom(final ByteString data) ++ public static UnknownFieldSet parseFrom(ByteString data) + throws InvalidProtocolBufferException { + return newBuilder().mergeFrom(data).build(); + } + + /** Parse {@code data} as an {@code UnknownFieldSet} and return it. */ +- public static UnknownFieldSet parseFrom(final byte[] data) throws InvalidProtocolBufferException { ++ public static UnknownFieldSet parseFrom(byte[] data) throws InvalidProtocolBufferException { + return newBuilder().mergeFrom(data).build(); + } + + /** Parse an {@code UnknownFieldSet} from {@code input} and return it. */ +- public static UnknownFieldSet parseFrom(final InputStream input) throws IOException { ++ public static UnknownFieldSet parseFrom(InputStream input) throws IOException { + return newBuilder().mergeFrom(input).build(); + } + +@@ -309,64 +305,43 @@ public final class UnknownFieldSet implements MessageLite { + // This constructor should never be called directly (except from 'create'). + private Builder() {} + +- private Map fields; +- +- // Optimization: We keep around a builder for the last field that was +- // modified so that we can efficiently add to it multiple times in a +- // row (important when parsing an unknown repeated field). +- private int lastFieldNumber; +- private Field.Builder lastField; ++ private TreeMap fieldBuilders = new TreeMap<>(); + + private static Builder create() { +- Builder builder = new Builder(); +- builder.reinitialize(); +- return builder; ++ return new Builder(); + } + + /** + * Get a field builder for the given field number which includes any values that already exist. + */ +- private Field.Builder getFieldBuilder(final int number) { +- if (lastField != null) { +- if (number == lastFieldNumber) { +- return lastField; +- } +- // Note: addField() will reset lastField and lastFieldNumber. +- addField(lastFieldNumber, lastField.build()); +- } ++ private Field.Builder getFieldBuilder(int number) { + if (number == 0) { + return null; + } else { +- final Field existing = fields.get(number); +- lastFieldNumber = number; +- lastField = Field.newBuilder(); +- if (existing != null) { +- lastField.mergeFrom(existing); ++ Field.Builder builder = fieldBuilders.get(number); ++ if (builder == null) { ++ builder = Field.newBuilder(); ++ fieldBuilders.put(number, builder); + } +- return lastField; ++ return builder; + } + } + + /** + * Build the {@link UnknownFieldSet} and return it. +- * +- *

Once {@code build()} has been called, the {@code Builder} will no longer be usable. +- * Calling any method after {@code build()} will result in undefined behavior and can cause a +- * {@code NullPointerException} to be thrown. + */ + @Override + public UnknownFieldSet build() { +- getFieldBuilder(0); // Force lastField to be built. +- final UnknownFieldSet result; +- if (fields.isEmpty()) { ++ UnknownFieldSet result; ++ if (fieldBuilders.isEmpty()) { + result = getDefaultInstance(); + } else { +- Map descendingFields = null; +- descendingFields = +- Collections.unmodifiableMap(((TreeMap) fields).descendingMap()); +- result = new UnknownFieldSet(Collections.unmodifiableMap(fields), descendingFields); ++ TreeMap fields = new TreeMap<>(); ++ for (Map.Entry entry : fieldBuilders.entrySet()) { ++ fields.put(entry.getKey(), entry.getValue().build()); ++ } ++ result = new UnknownFieldSet(fields); + } +- fields = null; + return result; + } + +@@ -378,11 +353,13 @@ public final class UnknownFieldSet implements MessageLite { + + @Override + public Builder clone() { +- getFieldBuilder(0); // Force lastField to be built. +- Map descendingFields = null; +- descendingFields = +- Collections.unmodifiableMap(((TreeMap) fields).descendingMap()); +- return UnknownFieldSet.newBuilder().mergeFrom(new UnknownFieldSet(fields, descendingFields)); ++ Builder clone = UnknownFieldSet.newBuilder(); ++ for (Map.Entry entry : fieldBuilders.entrySet()) { ++ Integer key = entry.getKey(); ++ Field.Builder value = entry.getValue(); ++ clone.fieldBuilders.put(key, value.clone()); ++ } ++ return clone; + } + + @Override +@@ -390,31 +367,24 @@ public final class UnknownFieldSet implements MessageLite { + return UnknownFieldSet.getDefaultInstance(); + } + +- private void reinitialize() { +- fields = Collections.emptyMap(); +- lastFieldNumber = 0; +- lastField = null; +- } +- + /** Reset the builder to an empty set. */ + @Override + public Builder clear() { +- reinitialize(); ++ fieldBuilders = new TreeMap<>(); + return this; + } + +- /** Clear fields from the set with a given field number. */ +- public Builder clearField(final int number) { +- if (number == 0) { +- throw new IllegalArgumentException("Zero is not a valid field number."); +- } +- if (lastField != null && lastFieldNumber == number) { +- // Discard this. +- lastField = null; +- lastFieldNumber = 0; ++ /** ++ * Clear fields from the set with a given field number. ++ * ++ * @throws IllegalArgumentException if number is not positive ++ */ ++ public Builder clearField(int number) { ++ if (number <= 0) { ++ throw new IllegalArgumentException(number + " is not a valid field number."); + } +- if (fields.containsKey(number)) { +- fields.remove(number); ++ if (fieldBuilders.containsKey(number)) { ++ fieldBuilders.remove(number); + } + return this; + } +@@ -423,9 +393,9 @@ public final class UnknownFieldSet implements MessageLite { + * Merge the fields from {@code other} into this set. If a field number exists in both sets, + * {@code other}'s values for that field will be appended to the values in this set. + */ +- public Builder mergeFrom(final UnknownFieldSet other) { ++ public Builder mergeFrom(UnknownFieldSet other) { + if (other != getDefaultInstance()) { +- for (final Map.Entry entry : other.fields.entrySet()) { ++ for (Map.Entry entry : other.fields.entrySet()) { + mergeField(entry.getKey(), entry.getValue()); + } + } +@@ -435,10 +405,12 @@ public final class UnknownFieldSet implements MessageLite { + /** + * Add a field to the {@code UnknownFieldSet}. If a field with the same number already exists, + * the two are merged. ++ * ++ * @throws IllegalArgumentException if number is not positive + */ +- public Builder mergeField(final int number, final Field field) { +- if (number == 0) { +- throw new IllegalArgumentException("Zero is not a valid field number."); ++ public Builder mergeField(int number, final Field field) { ++ if (number <= 0) { ++ throw new IllegalArgumentException(number + " is not a valid field number."); + } + if (hasField(number)) { + getFieldBuilder(number).mergeFrom(field); +@@ -454,10 +426,12 @@ public final class UnknownFieldSet implements MessageLite { + /** + * Convenience method for merging a new field containing a single varint value. This is used in + * particular when an unknown enum value is encountered. ++ * ++ * @throws IllegalArgumentException if number is not positive + */ +- public Builder mergeVarintField(final int number, final int value) { +- if (number == 0) { +- throw new IllegalArgumentException("Zero is not a valid field number."); ++ public Builder mergeVarintField(int number, int value) { ++ if (number <= 0) { ++ throw new IllegalArgumentException(number + " is not a valid field number."); + } + getFieldBuilder(number).addVarint(value); + return this; +@@ -467,40 +441,33 @@ public final class UnknownFieldSet implements MessageLite { + * Convenience method for merging a length-delimited field. + * + *

For use by generated code only. ++ * ++ * @throws IllegalArgumentException if number is not positive + */ +- public Builder mergeLengthDelimitedField(final int number, final ByteString value) { +- if (number == 0) { +- throw new IllegalArgumentException("Zero is not a valid field number."); ++ public Builder mergeLengthDelimitedField(int number, ByteString value) { ++ if (number <= 0) { ++ throw new IllegalArgumentException(number + " is not a valid field number."); + } + getFieldBuilder(number).addLengthDelimited(value); + return this; + } + + /** Check if the given field number is present in the set. */ +- public boolean hasField(final int number) { +- if (number == 0) { +- throw new IllegalArgumentException("Zero is not a valid field number."); +- } +- return number == lastFieldNumber || fields.containsKey(number); ++ public boolean hasField(int number) { ++ return fieldBuilders.containsKey(number); + } + + /** + * Add a field to the {@code UnknownFieldSet}. If a field with the same number already exists, + * it is removed. ++ * ++ * @throws IllegalArgumentException if number is not positive + */ +- public Builder addField(final int number, final Field field) { +- if (number == 0) { +- throw new IllegalArgumentException("Zero is not a valid field number."); +- } +- if (lastField != null && lastFieldNumber == number) { +- // Discard this. +- lastField = null; +- lastFieldNumber = 0; ++ public Builder addField(int number, Field field) { ++ if (number <= 0) { ++ throw new IllegalArgumentException(number + " is not a valid field number."); + } +- if (fields.isEmpty()) { +- fields = new TreeMap(); +- } +- fields.put(number, field); ++ fieldBuilders.put(number, Field.newBuilder(field)); + return this; + } + +@@ -509,15 +476,18 @@ public final class UnknownFieldSet implements MessageLite { + * changes may or may not be reflected in this map. + */ + public Map asMap() { +- getFieldBuilder(0); // Force lastField to be built. ++ TreeMap fields = new TreeMap<>(); ++ for (Map.Entry entry : fieldBuilders.entrySet()) { ++ fields.put(entry.getKey(), entry.getValue().build()); ++ } + return Collections.unmodifiableMap(fields); + } + + /** Parse an entire message from {@code input} and merge its fields into this set. */ + @Override +- public Builder mergeFrom(final CodedInputStream input) throws IOException { ++ public Builder mergeFrom(CodedInputStream input) throws IOException { + while (true) { +- final int tag = input.readTag(); ++ int tag = input.readTag(); + if (tag == 0 || !mergeFieldFrom(tag, input)) { + break; + } +@@ -531,8 +501,8 @@ public final class UnknownFieldSet implements MessageLite { + * @param tag The field's tag number, which was already parsed. + * @return {@code false} if the tag is an end group tag. + */ +- public boolean mergeFieldFrom(final int tag, final CodedInputStream input) throws IOException { +- final int number = WireFormat.getTagFieldNumber(tag); ++ public boolean mergeFieldFrom(int tag, CodedInputStream input) throws IOException { ++ int number = WireFormat.getTagFieldNumber(tag); + switch (WireFormat.getTagWireType(tag)) { + case WireFormat.WIRETYPE_VARINT: + getFieldBuilder(number).addVarint(input.readInt64()); +@@ -544,7 +514,7 @@ public final class UnknownFieldSet implements MessageLite { + getFieldBuilder(number).addLengthDelimited(input.readBytes()); + return true; + case WireFormat.WIRETYPE_START_GROUP: +- final Builder subBuilder = newBuilder(); ++ Builder subBuilder = newBuilder(); + input.readGroup(number, subBuilder, ExtensionRegistry.getEmptyRegistry()); + getFieldBuilder(number).addGroup(subBuilder.build()); + return true; +@@ -563,15 +533,15 @@ public final class UnknownFieldSet implements MessageLite { + * is just a small wrapper around {@link #mergeFrom(CodedInputStream)}. + */ + @Override +- public Builder mergeFrom(final ByteString data) throws InvalidProtocolBufferException { ++ public Builder mergeFrom(ByteString data) throws InvalidProtocolBufferException { + try { +- final CodedInputStream input = data.newCodedInput(); ++ CodedInputStream input = data.newCodedInput(); + mergeFrom(input); + input.checkLastTagWas(0); + return this; +- } catch (final InvalidProtocolBufferException e) { ++ } catch (InvalidProtocolBufferException e) { + throw e; +- } catch (final IOException e) { ++ } catch (IOException e) { + throw new RuntimeException( + "Reading from a ByteString threw an IOException (should never happen).", e); + } +@@ -582,15 +552,15 @@ public final class UnknownFieldSet implements MessageLite { + * is just a small wrapper around {@link #mergeFrom(CodedInputStream)}. + */ + @Override +- public Builder mergeFrom(final byte[] data) throws InvalidProtocolBufferException { ++ public Builder mergeFrom(byte[] data) throws InvalidProtocolBufferException { + try { +- final CodedInputStream input = CodedInputStream.newInstance(data); ++ CodedInputStream input = CodedInputStream.newInstance(data); + mergeFrom(input); + input.checkLastTagWas(0); + return this; +- } catch (final InvalidProtocolBufferException e) { ++ } catch (InvalidProtocolBufferException e) { + throw e; +- } catch (final IOException e) { ++ } catch (IOException e) { + throw new RuntimeException( + "Reading from a byte array threw an IOException (should never happen).", e); + } +@@ -601,8 +571,8 @@ public final class UnknownFieldSet implements MessageLite { + * This is just a small wrapper around {@link #mergeFrom(CodedInputStream)}. + */ + @Override +- public Builder mergeFrom(final InputStream input) throws IOException { +- final CodedInputStream codedInput = CodedInputStream.newInstance(input); ++ public Builder mergeFrom(InputStream input) throws IOException { ++ CodedInputStream codedInput = CodedInputStream.newInstance(input); + mergeFrom(codedInput); + codedInput.checkLastTagWas(0); + return this; +@@ -610,12 +580,12 @@ public final class UnknownFieldSet implements MessageLite { + + @Override + public boolean mergeDelimitedFrom(InputStream input) throws IOException { +- final int firstByte = input.read(); ++ int firstByte = input.read(); + if (firstByte == -1) { + return false; + } +- final int size = CodedInputStream.readRawVarint32(firstByte, input); +- final InputStream limitedInput = new LimitedInputStream(input, size); ++ int size = CodedInputStream.readRawVarint32(firstByte, input); ++ InputStream limitedInput = new LimitedInputStream(input, size); + mergeFrom(limitedInput); + return true; + } +@@ -644,7 +614,7 @@ public final class UnknownFieldSet implements MessageLite { + @Override + public Builder mergeFrom(byte[] data, int off, int len) throws InvalidProtocolBufferException { + try { +- final CodedInputStream input = CodedInputStream.newInstance(data, off, len); ++ CodedInputStream input = CodedInputStream.newInstance(data, off, len); + mergeFrom(input); + input.checkLastTagWas(0); + return this; +@@ -718,7 +688,7 @@ public final class UnknownFieldSet implements MessageLite { + } + + /** Construct a new {@link Builder} and initialize it to a copy of {@code copyFrom}. */ +- public static Builder newBuilder(final Field copyFrom) { ++ public static Builder newBuilder(Field copyFrom) { + return newBuilder().mergeFrom(copyFrom); + } + +@@ -758,7 +728,7 @@ public final class UnknownFieldSet implements MessageLite { + } + + @Override +- public boolean equals(final Object other) { ++ public boolean equals(Object other) { + if (this == other) { + return true; + } +@@ -785,7 +755,7 @@ public final class UnknownFieldSet implements MessageLite { + public ByteString toByteString(int fieldNumber) { + try { + // TODO(lukes): consider caching serialized size in a volatile long +- final ByteString.CodedBuilder out = ++ ByteString.CodedBuilder out = + ByteString.newCodedBuilder(getSerializedSize(fieldNumber)); + writeTo(fieldNumber, out.getCodedOutput()); + return out.build(); +@@ -796,40 +766,40 @@ public final class UnknownFieldSet implements MessageLite { + } + + /** Serializes the field, including field number, and writes it to {@code output}. */ +- public void writeTo(final int fieldNumber, final CodedOutputStream output) throws IOException { +- for (final long value : varint) { ++ public void writeTo(int fieldNumber, CodedOutputStream output) throws IOException { ++ for (long value : varint) { + output.writeUInt64(fieldNumber, value); + } +- for (final int value : fixed32) { ++ for (int value : fixed32) { + output.writeFixed32(fieldNumber, value); + } +- for (final long value : fixed64) { ++ for (long value : fixed64) { + output.writeFixed64(fieldNumber, value); + } +- for (final ByteString value : lengthDelimited) { ++ for (ByteString value : lengthDelimited) { + output.writeBytes(fieldNumber, value); + } +- for (final UnknownFieldSet value : group) { ++ for (UnknownFieldSet value : group) { + output.writeGroup(fieldNumber, value); + } + } + + /** Get the number of bytes required to encode this field, including field number. */ +- public int getSerializedSize(final int fieldNumber) { ++ public int getSerializedSize(int fieldNumber) { + int result = 0; +- for (final long value : varint) { ++ for (long value : varint) { + result += CodedOutputStream.computeUInt64Size(fieldNumber, value); + } +- for (final int value : fixed32) { ++ for (int value : fixed32) { + result += CodedOutputStream.computeFixed32Size(fieldNumber, value); + } +- for (final long value : fixed64) { ++ for (long value : fixed64) { + result += CodedOutputStream.computeFixed64Size(fieldNumber, value); + } +- for (final ByteString value : lengthDelimited) { ++ for (ByteString value : lengthDelimited) { + result += CodedOutputStream.computeBytesSize(fieldNumber, value); + } +- for (final UnknownFieldSet value : group) { ++ for (UnknownFieldSet value : group) { + result += CodedOutputStream.computeGroupSize(fieldNumber, value); + } + return result; +@@ -839,15 +809,15 @@ public final class UnknownFieldSet implements MessageLite { + * Serializes the field, including field number, and writes it to {@code output}, using {@code + * MessageSet} wire format. + */ +- public void writeAsMessageSetExtensionTo(final int fieldNumber, final CodedOutputStream output) ++ public void writeAsMessageSetExtensionTo(int fieldNumber, CodedOutputStream output) + throws IOException { +- for (final ByteString value : lengthDelimited) { ++ for (ByteString value : lengthDelimited) { + output.writeRawMessageSetExtension(fieldNumber, value); + } + } + + /** Serializes the field, including field number, and writes it to {@code writer}. */ +- void writeTo(final int fieldNumber, final Writer writer) throws IOException { ++ void writeTo(int fieldNumber, Writer writer) throws IOException { + writer.writeInt64List(fieldNumber, varint, false); + writer.writeFixed32List(fieldNumber, fixed32, false); + writer.writeFixed64List(fieldNumber, fixed64, false); +@@ -872,7 +842,7 @@ public final class UnknownFieldSet implements MessageLite { + * Serializes the field, including field number, and writes it to {@code writer}, using {@code + * MessageSet} wire format. + */ +- private void writeAsMessageSetExtensionTo(final int fieldNumber, final Writer writer) ++ private void writeAsMessageSetExtensionTo(int fieldNumber, Writer writer) + throws IOException { + if (writer.fieldOrder() == Writer.FieldOrder.DESCENDING) { + // Write in descending field order. +@@ -882,7 +852,7 @@ public final class UnknownFieldSet implements MessageLite { + } + } else { + // Write in ascending field order. +- for (final ByteString value : lengthDelimited) { ++ for (ByteString value : lengthDelimited) { + writer.writeMessageSetItem(fieldNumber, value); + } + } +@@ -892,9 +862,9 @@ public final class UnknownFieldSet implements MessageLite { + * Get the number of bytes required to encode this field, including field number, using {@code + * MessageSet} wire format. + */ +- public int getSerializedSizeAsMessageSetExtension(final int fieldNumber) { ++ public int getSerializedSizeAsMessageSetExtension(int fieldNumber) { + int result = 0; +- for (final ByteString value : lengthDelimited) { ++ for (ByteString value : lengthDelimited) { + result += CodedOutputStream.computeRawMessageSetExtensionSize(fieldNumber, value); + } + return result; +@@ -912,52 +882,85 @@ public final class UnknownFieldSet implements MessageLite { + *

Use {@link Field#newBuilder()} to construct a {@code Builder}. + */ + public static final class Builder { +- // This constructor should never be called directly (except from 'create'). +- private Builder() {} ++ // This constructor should only be called directly from 'create' and 'clone'. ++ private Builder() { ++ result = new Field(); ++ } + + private static Builder create() { + Builder builder = new Builder(); +- builder.result = new Field(); + return builder; + } + + private Field result; + ++ @Override ++ public Builder clone() { ++ Field copy = new Field(); ++ if (result.varint == null) { ++ copy.varint = null; ++ } else { ++ copy.varint = new ArrayList<>(result.varint); ++ } ++ if (result.fixed32 == null) { ++ copy.fixed32 = null; ++ } else { ++ copy.fixed32 = new ArrayList<>(result.fixed32); ++ } ++ if (result.fixed64 == null) { ++ copy.fixed64 = null; ++ } else { ++ copy.fixed64 = new ArrayList<>(result.fixed64); ++ } ++ if (result.lengthDelimited == null) { ++ copy.lengthDelimited = null; ++ } else { ++ copy.lengthDelimited = new ArrayList<>(result.lengthDelimited); ++ } ++ if (result.group == null) { ++ copy.group = null; ++ } else { ++ copy.group = new ArrayList<>(result.group); ++ } ++ ++ Builder clone = new Builder(); ++ clone.result = copy; ++ return clone; ++ } ++ + /** +- * Build the field. After {@code build()} has been called, the {@code Builder} is no longer +- * usable. Calling any other method will result in undefined behavior and can cause a {@code +- * NullPointerException} to be thrown. ++ * Build the field. + */ + public Field build() { ++ Field built = new Field(); + if (result.varint == null) { +- result.varint = Collections.emptyList(); ++ built.varint = Collections.emptyList(); + } else { +- result.varint = Collections.unmodifiableList(result.varint); ++ built.varint = Collections.unmodifiableList(new ArrayList<>(result.varint)); + } + if (result.fixed32 == null) { +- result.fixed32 = Collections.emptyList(); ++ built.fixed32 = Collections.emptyList(); + } else { +- result.fixed32 = Collections.unmodifiableList(result.fixed32); ++ built.fixed32 = Collections.unmodifiableList(new ArrayList<>(result.fixed32)); + } + if (result.fixed64 == null) { +- result.fixed64 = Collections.emptyList(); ++ built.fixed64 = Collections.emptyList(); + } else { +- result.fixed64 = Collections.unmodifiableList(result.fixed64); ++ built.fixed64 = Collections.unmodifiableList(new ArrayList<>(result.fixed64)); + } + if (result.lengthDelimited == null) { +- result.lengthDelimited = Collections.emptyList(); ++ built.lengthDelimited = Collections.emptyList(); + } else { +- result.lengthDelimited = Collections.unmodifiableList(result.lengthDelimited); ++ built.lengthDelimited = Collections.unmodifiableList( ++ new ArrayList<>(result.lengthDelimited)); + } + if (result.group == null) { +- result.group = Collections.emptyList(); ++ built.group = Collections.emptyList(); + } else { +- result.group = Collections.unmodifiableList(result.group); ++ built.group = Collections.unmodifiableList(new ArrayList<>(result.group)); + } + +- final Field returnMe = result; +- result = null; +- return returnMe; ++ return built; + } + + /** Discard the field's contents. */ +@@ -970,7 +973,7 @@ public final class UnknownFieldSet implements MessageLite { + * Merge the values in {@code other} into this field. For each list of values, {@code other}'s + * values are append to the ones in this field. + */ +- public Builder mergeFrom(final Field other) { ++ public Builder mergeFrom(Field other) { + if (!other.varint.isEmpty()) { + if (result.varint == null) { + result.varint = new ArrayList(); +@@ -985,19 +988,19 @@ public final class UnknownFieldSet implements MessageLite { + } + if (!other.fixed64.isEmpty()) { + if (result.fixed64 == null) { +- result.fixed64 = new ArrayList(); ++ result.fixed64 = new ArrayList<>(); + } + result.fixed64.addAll(other.fixed64); + } + if (!other.lengthDelimited.isEmpty()) { + if (result.lengthDelimited == null) { +- result.lengthDelimited = new ArrayList(); ++ result.lengthDelimited = new ArrayList<>(); + } + result.lengthDelimited.addAll(other.lengthDelimited); + } + if (!other.group.isEmpty()) { + if (result.group == null) { +- result.group = new ArrayList(); ++ result.group = new ArrayList<>(); + } + result.group.addAll(other.group); + } +@@ -1005,45 +1008,45 @@ public final class UnknownFieldSet implements MessageLite { + } + + /** Add a varint value. */ +- public Builder addVarint(final long value) { ++ public Builder addVarint(long value) { + if (result.varint == null) { +- result.varint = new ArrayList(); ++ result.varint = new ArrayList<>(); + } + result.varint.add(value); + return this; + } + + /** Add a fixed32 value. */ +- public Builder addFixed32(final int value) { ++ public Builder addFixed32(int value) { + if (result.fixed32 == null) { +- result.fixed32 = new ArrayList(); ++ result.fixed32 = new ArrayList<>(); + } + result.fixed32.add(value); + return this; + } + + /** Add a fixed64 value. */ +- public Builder addFixed64(final long value) { ++ public Builder addFixed64(long value) { + if (result.fixed64 == null) { +- result.fixed64 = new ArrayList(); ++ result.fixed64 = new ArrayList<>(); + } + result.fixed64.add(value); + return this; + } + + /** Add a length-delimited value. */ +- public Builder addLengthDelimited(final ByteString value) { ++ public Builder addLengthDelimited(ByteString value) { + if (result.lengthDelimited == null) { +- result.lengthDelimited = new ArrayList(); ++ result.lengthDelimited = new ArrayList<>(); + } + result.lengthDelimited.add(value); + return this; + } + + /** Add an embedded group. */ +- public Builder addGroup(final UnknownFieldSet value) { ++ public Builder addGroup(UnknownFieldSet value) { + if (result.group == null) { +- result.group = new ArrayList(); ++ result.group = new ArrayList<>(); + } + result.group.add(value); + return this; +-- +2.45.2 + diff --git a/SPECS/pytorch/CVE-2024-7776.patch b/SPECS/pytorch/CVE-2024-7776.patch new file mode 100644 index 0000000000..4cb2c6d95c --- /dev/null +++ b/SPECS/pytorch/CVE-2024-7776.patch @@ -0,0 +1,196 @@ +From 231327b630f979cba3365ca7fed92f0d7f9cde27 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Mon, 31 Mar 2025 12:12:42 +0000 +Subject: [PATCH] CVE-2024-7776 + +Upstream Patch Reference : https://github.com/onnx/onnx/commit/1b70f9b673259360b6a2339c4bd97db9ea6e552f + +--- + .../onnx/onnx/backend/test/runner/__init__.py | 4 +- + third_party/onnx/onnx/hub.py | 55 +++------------- + third_party/onnx/onnx/utils.py | 62 +++++++++++++++++++ + 3 files changed, 71 insertions(+), 50 deletions(-) + +diff --git a/third_party/onnx/onnx/backend/test/runner/__init__.py b/third_party/onnx/onnx/backend/test/runner/__init__.py +index 4d9dce0b..5bab19c1 100644 +--- a/third_party/onnx/onnx/backend/test/runner/__init__.py ++++ b/third_party/onnx/onnx/backend/test/runner/__init__.py +@@ -10,7 +10,6 @@ import os + import re + import shutil + import sys +-import tarfile + import tempfile + import time + import unittest +@@ -221,8 +220,7 @@ class Runner: + ) + urlretrieve(model_test.url, download_file.name) + print("Done") +- with tarfile.open(download_file.name) as t: +- t.extractall(models_dir) ++ onnx.utils._extract_model_safe(download_file.name, models_dir) + except Exception as e: + print(f"Failed to prepare data for model {model_test.model_name}: {e}") + raise +diff --git a/third_party/onnx/onnx/hub.py b/third_party/onnx/onnx/hub.py +index dc888742..8c04515d 100644 +--- a/third_party/onnx/onnx/hub.py ++++ b/third_party/onnx/onnx/hub.py +@@ -9,7 +9,6 @@ import hashlib + import json + import os + import sys +-import tarfile + from io import BytesIO + from os.path import join + from typing import IO, Any, Dict, List, Optional, Set, Tuple, cast +@@ -271,35 +270,6 @@ def load( + return onnx.load(cast(IO[bytes], BytesIO(model_bytes))) + + +-def _tar_members_filter(tar: tarfile.TarFile, base: str) -> list[tarfile.TarInfo]: +- """Check that the content of ``tar`` will be extracted safely +- +- Args: +- tar: The tarball file +- base: The directory where the tarball will be extracted +- +- Returns: +- list of tarball members +- """ +- result = [] +- for member in tar: +- member_path = os.path.join(base, member.name) +- abs_base = os.path.abspath(base) +- abs_member = os.path.abspath(member_path) +- if not abs_member.startswith(abs_base): +- raise RuntimeError( +- f"The tarball member {member_path} in downloading model contains " +- f"directory traversal sequence which may contain harmful payload." +- ) +- elif member.issym() or member.islnk(): +- raise RuntimeError( +- f"The tarball member {member_path} in downloading model contains " +- f"symbolic links which may contain harmful payload." +- ) +- result.append(member) +- return result +- +- + def download_model_with_test_data( + model: str, + repo: str = "onnx/models:main", +@@ -367,23 +337,14 @@ def download_model_with_test_data( + "download the model from the model hub." + ) + +- with tarfile.open(local_model_with_data_path) as model_with_data_zipped: +- # FIXME: Avoid index manipulation with magic numbers +- local_model_with_data_dir_path = local_model_with_data_path[ +- 0 : len(local_model_with_data_path) - 7 +- ] +- # Mitigate tarball directory traversal risks +- if hasattr(tarfile, "data_filter"): +- model_with_data_zipped.extractall( +- path=local_model_with_data_dir_path, filter="data" +- ) +- else: +- model_with_data_zipped.extractall( +- path=local_model_with_data_dir_path, +- members=_tar_members_filter( +- model_with_data_zipped, local_model_with_data_dir_path +- ), +- ) ++ # FIXME: Avoid index manipulation with magic numbers, ++ # remove ".tar.gz" ++ local_model_with_data_dir_path = local_model_with_data_path[ ++ 0 : len(local_model_with_data_path) - 7 ++ ] ++ onnx.utils._extract_model_safe( ++ local_model_with_data_path, local_model_with_data_dir_path ++ ) + model_with_data_path = ( + local_model_with_data_dir_path + + "/" +diff --git a/third_party/onnx/onnx/utils.py b/third_party/onnx/onnx/utils.py +index 28624f63..ae6828d5 100644 +--- a/third_party/onnx/onnx/utils.py ++++ b/third_party/onnx/onnx/utils.py +@@ -4,6 +4,7 @@ + from __future__ import annotations + + import os ++import tarfile + + import onnx.checker + import onnx.helper +@@ -212,3 +213,64 @@ def extract_model( + onnx.save(extracted, output_path) + if check_model: + onnx.checker.check_model(output_path) ++ ++def _tar_members_filter( ++ tar: tarfile.TarFile, base: str | os.PathLike ++) -> list[tarfile.TarInfo]: ++ """Check that the content of ``tar`` will be extracted safely ++ ++ Args: ++ tar: The tarball file ++ base: The directory where the tarball will be extracted ++ ++ Returns: ++ list of tarball members ++ """ ++ result = [] ++ for member in tar: ++ member_path = os.path.join(base, member.name) ++ abs_base = os.path.abspath(base) ++ abs_member = os.path.abspath(member_path) ++ if not abs_member.startswith(abs_base): ++ raise RuntimeError( ++ f"The tarball member {member_path} in downloading model contains " ++ f"directory traversal sequence which may contain harmful payload." ++ ) ++ elif member.issym() or member.islnk(): ++ raise RuntimeError( ++ f"The tarball member {member_path} in downloading model contains " ++ f"symbolic links which may contain harmful payload." ++ ) ++ result.append(member) ++ return result ++ ++ ++def _extract_model_safe( ++ model_tar_path: str | os.PathLike, local_model_with_data_dir_path: str | os.PathLike ++) -> None: ++ """Safely extracts a tar file to a specified directory. ++ ++ This function ensures that the extraction process mitigates against ++ directory traversal vulnerabilities by validating or sanitizing paths ++ within the tar file. It also provides compatibility for different versions ++ of the tarfile module by checking for the availability of certain attributes ++ or methods before invoking them. ++ ++ Args: ++ model_tar_path: The path to the tar file to be extracted. ++ local_model_with_data_dir_path: The directory path where the tar file ++ contents will be extracted to. ++ """ ++ with tarfile.open(model_tar_path) as model_with_data_zipped: ++ # Mitigate tarball directory traversal risks ++ if hasattr(tarfile, "data_filter"): ++ model_with_data_zipped.extractall( ++ path=local_model_with_data_dir_path, filter="data" ++ ) ++ else: ++ model_with_data_zipped.extractall( ++ path=local_model_with_data_dir_path, ++ members=_tar_members_filter( ++ model_with_data_zipped, local_model_with_data_dir_path ++ ), ++ ) +\ No newline at end of file +-- +2.45.2 + diff --git a/SPECS/pytorch/pytorch.spec b/SPECS/pytorch/pytorch.spec index 085c70054d..a4418d8d25 100644 --- a/SPECS/pytorch/pytorch.spec +++ b/SPECS/pytorch/pytorch.spec @@ -2,7 +2,7 @@ Summary: Tensors and Dynamic neural networks in Python with strong GPU acceleration. Name: pytorch Version: 2.2.2 -Release: 4%{?dist} +Release: 5%{?dist} License: BSD-3-Clause Vendor: Microsoft Corporation Distribution: Azure Linux @@ -27,6 +27,8 @@ Patch2: CVE-2022-1941.patch Patch3: CVE-2024-5187.patch Patch4: CVE-2024-27319.patch Patch5: CVE-2021-22918.patch +Patch6: CVE-2024-7776.patch +Patch7: CVE-2021-22569.patch %description PyTorch is a Python package that provides two high-level features: @@ -88,6 +90,9 @@ cp -arf docs %{buildroot}/%{_pkgdocdir} %{_docdir}/* %changelog +* Mon Mar 31 2025 Kanishk Bansal - 2.2.2-5 +- Patch CVE-2021-22569, CVE-2024-7776 + * Mon Jan 20 2025 Archana Choudhary - 2.2.2-4 - patch for CVE-2024-27319, CVE-2021-22918 diff --git a/SPECS/qtbase/CVE-2025-30348.patch b/SPECS/qtbase/CVE-2025-30348.patch new file mode 100644 index 0000000000..8761b13eef --- /dev/null +++ b/SPECS/qtbase/CVE-2025-30348.patch @@ -0,0 +1,114 @@ +From 5e8236ec5747f3ad038db3b9996e9c73d72fe668 Mon Sep 17 00:00:00 2001 +From: jykanase +Date: Wed, 26 Mar 2025 07:01:54 +0000 +Subject: [PATCH] CVE-2025-30348 + +Source Link: https://github.com/qt/qtbase/commit/2ce08e3671b8d18b0284447e5908ce15e6e8f80f#diff-3d82d7c5074d1c9c1b8293c5d904f5c17e1797cc9f8369854c602e9fbc3ff13cL3621-R3596 +--- + src/xml/dom/qdom.cpp | 88 ++++++++++++++++++++++++-------------------- + 1 file changed, 49 insertions(+), 39 deletions(-) + +diff --git a/src/xml/dom/qdom.cpp b/src/xml/dom/qdom.cpp +index 721981fd..29145f67 100644 +--- a/src/xml/dom/qdom.cpp ++++ b/src/xml/dom/qdom.cpp +@@ -3612,47 +3612,57 @@ static QString encodeText(const QString &str, + const bool performAVN = false, + const bool encodeEOLs = false) + { +- QString retval(str); +- int len = retval.size(); +- int i = 0; +- +- while (i < len) { +- const QChar ati(retval.at(i)); +- +- if (ati == u'<') { +- retval.replace(i, 1, "<"_L1); +- len += 3; +- i += 4; +- } else if (encodeQuotes && (ati == u'"')) { +- retval.replace(i, 1, """_L1); +- len += 5; +- i += 6; +- } else if (ati == u'&') { +- retval.replace(i, 1, "&"_L1); +- len += 4; +- i += 5; +- } else if (ati == u'>' && i >= 2 && retval[i - 1] == u']' && retval[i - 2] == u']') { +- retval.replace(i, 1, ">"_L1); +- len += 3; +- i += 4; +- } else if (performAVN && +- (ati == QChar(0xA) || +- ati == QChar(0xD) || +- ati == QChar(0x9))) { +- const QString replacement(u"&#x"_s + QString::number(ati.unicode(), 16) + u';'); +- retval.replace(i, 1, replacement); +- i += replacement.size(); +- len += replacement.size() - 1; +- } else if (encodeEOLs && ati == QChar(0xD)) { +- retval.replace(i, 1, " "_L1); // Replace a single 0xD with a ref for 0xD +- len += 4; +- i += 5; +- } else { +- ++i; ++ QString retval; ++ qsizetype start = 0; ++ auto appendToOutput = [&](qsizetype cur, const auto &replacement) ++ { ++ if (start < cur) { ++ retval.reserve(str.size() + replacement.size()); ++ retval.append(QStringView(str).first(cur).sliced(start)); ++ } ++ // Skip over str[cur], replaced by replacement ++ start = cur + 1; ++ retval.append(replacement); ++ }; ++ ++ const qsizetype len = str.size(); ++ for (qsizetype cur = 0; cur < len; ++cur) { ++ switch (str[cur].unicode()) { ++ case u'<': ++ appendToOutput(cur, "<"_L1); ++ break; ++ case u'"': ++ if (encodeQuotes) ++ appendToOutput(cur, """_L1); ++ break; ++ case u'&': ++ appendToOutput(cur, "&"_L1); ++ break; ++ case u'>': ++ if (cur >= 2 && str[cur - 1] == u']' && str[cur - 2] == u']') ++ appendToOutput(cur, ">"_L1); ++ break; ++ case u'\r': ++ if (performAVN || encodeEOLs) ++ appendToOutput(cur, " "_L1); // \r == 0x0d ++ break; ++ case u'\n': ++ if (performAVN) ++ appendToOutput(cur, " "_L1); // \n == 0x0a ++ break; ++ case u'\t': ++ if (performAVN) ++ appendToOutput(cur, " "_L1); // \t == 0x09 ++ break; ++ default: ++ break; + } + } +- +- return retval; ++ if (start > 0) { ++ retval.append(QStringView(str).first(len).sliced(start)); ++ return retval; ++ } ++ return str; + } + + void QDomAttrPrivate::save(QTextStream& s, int, int) const +-- +2.45.2 + diff --git a/SPECS/qtbase/qtbase.spec b/SPECS/qtbase/qtbase.spec index ba1084c63c..74456dd16e 100644 --- a/SPECS/qtbase/qtbase.spec +++ b/SPECS/qtbase/qtbase.spec @@ -35,7 +35,7 @@ Name: qtbase Summary: Qt6 - QtBase components Version: 6.6.3 -Release: 2%{?dist} +Release: 3%{?dist} # See LICENSE.GPL3-EXCEPT.txt, for exception details License: GFDL AND LGPLv3 AND GPLv2 AND GPLv3 with exceptions AND QT License Agreement 4.0 Vendor: Microsoft Corporation @@ -97,6 +97,7 @@ Patch61: qtbase-cxxflag.patch # fix for new mariadb Patch65: qtbase-mysql.patch +Patch66: CVE-2025-30348.patch # Do not check any files in %%{_qt_plugindir}/platformthemes/ for requires. # Those themes are there for platform integration. If the required libraries are @@ -701,6 +702,9 @@ fi %{_qt_plugindir}/platformthemes/libqxdgdesktopportal.so %changelog +* Wed Mar 26 2025 Jyoti Kanase - 6.6.3-3 +- Fix CVE-2025-30348 + * Thu Jan 16 2025 Lanze Liu - 6.6.3-2 - Added a patch for addressing CVE-2024-56732 diff --git a/SPECS/readline/readline-8.2-patch-1.patch b/SPECS/readline/readline-8.2-patch-1.patch new file mode 100644 index 0000000000..8b8ff58dc6 --- /dev/null +++ b/SPECS/readline/readline-8.2-patch-1.patch @@ -0,0 +1,44 @@ +From 7274faabe97ce53d6b464272d7e6ab6c1392837b Mon Sep 17 00:00:00 2001 +From: Chet Ramey +Date: Wed, 5 Oct 2022 10:41:16 -0400 +Subject: Readline-8.2 patch 1: fix crash when readline is started with an + invalid locale specification + +--- + ._.gitignore | Bin 4096 -> 0 bytes + nls.c | 4 ++++ + patchlevel | 2 +- + 3 files changed, 5 insertions(+), 1 deletion(-) + delete mode 100644 ._.gitignore + +diff --git a/._.gitignore b/._.gitignore +deleted file mode 100644 +index aa90ec6..0000000 +Binary files a/._.gitignore and /dev/null differ +diff --git a/nls.c b/nls.c +index 5c6a13b..8c027d6 100644 +--- a/nls.c ++++ b/nls.c +@@ -141,6 +141,10 @@ _rl_init_locale (void) + if (lspec == 0) + lspec = ""; + ret = setlocale (LC_CTYPE, lspec); /* ok, since it does not change locale */ ++ if (ret == 0 || *ret == 0) ++ ret = setlocale (LC_CTYPE, (char *)NULL); ++ if (ret == 0 || *ret == 0) ++ ret = RL_DEFAULT_LOCALE; + #else + ret = (lspec == 0 || *lspec == 0) ? RL_DEFAULT_LOCALE : lspec; + #endif +diff --git a/patchlevel b/patchlevel +index d8c9df7..fdf4740 100644 +--- a/patchlevel ++++ b/patchlevel +@@ -1,3 +1,3 @@ + # Do not edit -- exists only for use by patch + +-0 ++1 +-- +cgit v1.1 + diff --git a/SPECS/readline/readline.spec b/SPECS/readline/readline.spec index 63e81f8bfd..733dd58be7 100644 --- a/SPECS/readline/readline.spec +++ b/SPECS/readline/readline.spec @@ -1,7 +1,7 @@ Summary: Command-line editing and history capabilities Name: readline Version: 8.2 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv3+ Vendor: Microsoft Corporation Distribution: Azure Linux @@ -11,6 +11,8 @@ Source0: https://ftp.gnu.org/gnu/readline/%{name}-%{version}.tar.gz BuildRequires: ncurses-devel Requires: ncurses-libs +Patch: readline-8.2-patch-1.patch + %description The Readline package is a set of libraries that offers command-line editing and history capabilities. @@ -23,7 +25,7 @@ Requires: %{name} = %{version} It contains the libraries and header files to create applications %prep -%setup -q +%autosetup -p1 sed -i '/MV.*old/d' Makefile.in sed -i '/{OLDSUFF}/c:' support/shlib-install @@ -109,6 +111,9 @@ make %{?_smp_mflags} check %{_libdir}/pkgconfig/history.pc %changelog +* Tue Mar 11 2025 Thien Trung Vuong - 8.2-2 +- Add patch to fix readline crash when initialized with an invalid locale specification + * Mon Oct 16 2023 CBL-Mariner Servicing Account - 8.2-1 - Auto-upgrade to 8.2 - Azure Linux 3.0 - package upgrades diff --git a/SPECS/rshim/rshim.signatures.json b/SPECS/rshim/rshim.signatures.json new file mode 100644 index 0000000000..89bdfe8312 --- /dev/null +++ b/SPECS/rshim/rshim.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "rshim-2.1.5.tar.gz": "a7776c66696dd7d1ff2983cfa536673f987394083f9e4c8434fb95f5bea15e8b" + } +} \ No newline at end of file diff --git a/SPECS/rshim/rshim.spec b/SPECS/rshim/rshim.spec new file mode 100644 index 0000000000..a954745b57 --- /dev/null +++ b/SPECS/rshim/rshim.spec @@ -0,0 +1,415 @@ +# SPDX-License-Identifier: GPL-2.0-only +# Copyright (C) 2019 Mellanox Technologies. All Rights Reserved. +# + +Name: rshim +Version: 2.1.5 +Release: 1%{?dist} +Summary: User-space driver for Mellanox BlueField SoC +License: GPLv2 +Vendor: Microsoft Corporation +Distribution: Azure Linux +URL: https://github.com/mellanox/rshim-user-space +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/24.10-0.7.0.0/SRPMS/rshim-2.1.5.tar.gz#/%{name}-%{version}.tar.gz +ExclusiveArch: x86_64 +BuildRequires: gcc, autoconf, automake, pkgconfig, make +BuildRequires: pkgconfig(libpci), pkgconfig(libusb-1.0) fuse3-devel fuse3-libs + +%global with_systemd %(if (test -d "%{_unitdir}" > /dev/null); then echo -n '1'; else echo -n '0'; fi) +%global debug_package %{nil} + +%description +This is the user-space driver to access the BlueField SoC via the rshim +interface. It provides ways to push boot stream, debug the target or login +via the virtual console or network interface. + +%prep +rm -fr %{name}-%{version} +mkdir %{name}-%{version} +tar -axf %{SOURCE0} -C %{name}-%{version} --strip-components 1 +%setup -q -D -T + +%build +./bootstrap.sh +%configure +%if %{?make_build:1}%{!?make_build:0} +%make_build +%else +make +%endif + +%install +%undefine _missing_build_ids_terminate_build +%makeinstall -C src INSTALL_DIR="%{buildroot}%{_sbindir}" +%if "%{with_systemd}" == "1" + %{__install} -d %{buildroot}%{_unitdir} + %{__install} -m 0644 rshim.service %{buildroot}%{_unitdir} +%endif +%{__install} -d %{buildroot}%{_mandir}/man8 +%{__install} -m 0644 man/rshim.8 %{buildroot}%{_mandir}/man8 +%{__install} -m 0644 man/bfb-install.8 %{buildroot}%{_mandir}/man8 +%{__install} -m 0644 man/bf-reg.8 %{buildroot}%{_mandir}/man8 +%{__install} -d %{buildroot}%{_sysconfdir} +%{__install} -m 0644 etc/rshim.conf %{buildroot}%{_sysconfdir} +%{__install} -m 0755 scripts/bfb-install %{buildroot}%{_sbindir} +%{__install} -m 0755 scripts/bf-reg %{buildroot}%{_sbindir} + +%pre +%if "%{with_systemd}" == "1" + if systemctl is-active --quiet rshim ; then + systemctl stop rshim + fi +%endif + +%post +%if "%{with_systemd}" == "1" + echo "Installation complete. To enable and start the rshim service, run:" + echo " systemctl daemon-reload" + echo " systemctl enable rshim" + echo " systemctl start rshim" +%endif + +%preun +if [ "$1" = "0" ]; then +%if "%{with_systemd}" == "1" + if systemctl is-active --quiet rshim ; then + systemctl stop rshim + fi +%else + killall -9 rshim +%endif +fi + +%files +%{!?_licensedir:%global license %%doc} +%license LICENSE +%defattr(-,root,root,-) +%doc README.md +%config(noreplace) %{_sysconfdir}/rshim.conf +%if "%{with_systemd}" == "1" + %{_unitdir}/rshim.service +%endif +%{_sbindir}/rshim +%{_sbindir}/bfb-install +%{_sbindir}/bf-reg +%{_mandir}/man8/rshim.8.gz +%{_mandir}/man8/bfb-install.8.gz +%{_mandir}/man8/bf-reg.8.gz + +%changelog +* Tue Dec 17 2024 Binu Jose Philip +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified + +* Mon Oct 14 2024 Penghe Geng - 2.1.5 +- Revert "Abort rshim rpm installation if no cuse.ko found" + +* Thu Oct 10 2024 Penghe Geng - 2.1.4 +- Make rshim run in single instance +- Abort rshim rpm installation if no cuse.ko found +- Increase default boot timeout to 300s +- bfb-install: Fix premature bfb-install exit when rebooting BMC + +* Tue Sep 10 2024 Penghe Geng - 2.1.3 +- Reduce the access_check() wait time + +* Fri Aug 30 2024 Liming Sun - 2.1.2 +- Improve access_check() to reduce likelihood of race condition +- Revert the 2-second delay + +* Thu Aug 15 2024 Liming Sun - 2.1.1 +- Add support for command mode +- Fix some coding style issues +- Cleanup rshim debug/syslog messages + +* Thu Aug 08 2024 Liming Sun - 2.0.41 +- Add a small delay to access the boot file +- Fix a valgrind warning + +* Mon Aug 05 2024 Penghe Geng - 2.0.40 +- Fix rshim deb package for DOCA build on Ubuntu + +* Fri Aug 02 2024 Penghe Geng - 2.0.39 +- Fix rshim masking issue on Ubuntu +- bfb-install: Fix NIC_MODE installation for BlueField-2 +- pcie: Add VFIO support for BlueField-3 + +* Fri Jul 26 2024 Penghe Geng - 2.0.38 +- Make sending the initial force command a one-time event +- bfb-install: adjust the log file to be per rshim + +* Tue Jul 16 2024 Penghe Geng - 2.0.37 +- add missing --force in help menu + +* Mon Jul 15 2024 Penghe Geng - 2.0.36 +- Allow /dev/rshim devfs creation only with --force option enabled +- bfb-install: fix for NIC mode +- bfb-install: Exit with error if running remote bfb-install without + password-less root SSH +- Fix compiling issue for FreeBSD + +* Fri Jul 05 2024 Penghe Geng - 2.0.35 +- Add ownership transfer feature (primarily via "FORCE_CMD") +- bfb-install: enhancement for NIC mode + +* Tue Jun 11 2024 Liming Sun - 2.0.34 +- bfb-install: Enable CLEAR_ON_READ +- bfb-install: add cleanup code for runtime update + +* Thu Jun 06 2024 Liming Sun - 2.0.33 +- misc: add 'CLEAR_ON_READ' command +- bfb-install: add runtime image support + +* Tue Jun 04 2024 Liming Sun - 2.0.32 +- bf3/pcie_lf: Fix the 4B access via MSN GW + +* Fri May 17 2024 Liming Sun - 2.0.31 +- bf3/pcie_lf: support register read/write via /dev/rshim0/rshim +- Only poll/check locked mode for PCIe backend +- Remove workaround support for BF2 A0 chip + +* Mon May 13 2024 Liming Sun - 2.0.30 +- pcie: Adjust default reset delay to 3 seconds +- Avoid polling blocked status during reset +- Disable installation of rshim on host by default + +* Tue Apr 30 2024 Liming Sun - 2.0.29 +- Some robust fixes for rshim over USB +- Lower log level for register read errors as it's normal during reset + +* Thu Apr 25 2024 Penghe Geng - 2.0.28 +- Secure NIC Mode: Prevent running simultaneously on both bmc and host + +* Fri Apr 12 2024 Penghe Geng - 2.0.27 +- bfb-install: Fix incorrect IP address resolution for multi-hop routing + +* Fri Apr 12 2024 Liming Sun - 2.0.26 +- rshim_pcie: set PCIE bit in scratchpad6 +- Revert semantics of --reverse-nc + +* Fri Apr 05 2024 Liming Sun - 2.0.25 +- Avoid a race of rshim ownership during bfb push + +* Thu Apr 04 2024 Liming Sun - 2.0.24 +- DROP_MODE: sync-up the Rx FIFO when clearing DROP_MODE + +* Tue Apr 02 2024 Liming Sun - 2.0.23 +- Add some robust fixes for the DROP_MODE + +* Fri Mar 22 2024 Penghe Geng - 2.0.22 +- bfb-install: add support for remote rshim update; add speed optimizations + +* Tue Mar 19 2024 Penghe Geng - 2.0.21 +- rshim_pci: output Secure NIC mode status in misc file + +* Fri Feb 16 2024 Liming Sun - 2.0.20 +- rshim_pci: adjust delay time for nic_fw reset +- bfb-install: Exit on "Linux up" + +* Wed Jan 10 2024 Liming Sun - 2.0.19 +- Fix incorrect console message drop +- Allow runtime debug code for DK cards + +* Thu Dec 14 2023 Liming Sun - 2.0.18 +- Clear scratchpad1 register when setting drop_mode + +* Wed Nov 22 2023 Liming Sun - 2.0.17 +- bfb-install: Fix duplicate output + +* Thu Nov 16 2023 Liming Sun - 2.0.16 +- Remove fuse build dependency + +* Tue Nov 14 2023 Liming Sun - 2.0.15 +- Add BFB completion condition for enhanced NIC mode + +* Fri Nov 10 2023 Liming Sun - 2.0.14 +- Fix 9f19cfb4a75687ae + +* Wed Nov 08 2023 Liming Sun - 2.0.13 +- Several robust fixes +- Add fuse3 support + +* Mon Oct 23 2023 Liming Sun - 2.0.12 +- BF3: Add UPTIME display in seconds + +* Tue Sep 26 2023 Liming Sun - 2.0.11 +- Remove version 0 support for NIC FW_RESET +- bfb-install: Return failure code + +* Mon Sep 18 2023 Liming Sun - 2.0.10 +- Fix interrupt handling for NIC FW_RESET + +* Sat Jun 17 2023 Liming Sun - 2.0.9 +- rshim/usb/bf3: fix timeout logic + +* Tue May 16 2023 Liming Sun - 2.0.8 +- Fix the fall-back logic of direct-mapping + +* Thu Mar 30 2023 Liming Sun - 2.0.7 +- Avoid opening /dev/uio multiple times +- Update common files to dual-license +- Adjust rshim reset delay + +* Sun Nov 20 2022 Liming Sun - 2.0.6-19 +- BF3: Support 4B access for PCIe + +* Tue Oct 25 2022 Liming Sun - 2.0.6-18 +- pcie: fix initialization issue when setting DROP_MODE in rshim.conf + +* Thu Oct 20 2022 Liming Sun - 2.0.6-17 +- pcie: Avoid using cached pci_dev +- rshim_fuse: display misc file even when rshim is not accessible + +* Thu Oct 06 2022 Liming Sun - 2.0.6-16 +- pcie: Support mixed vfio and direct mapping mode + +* Thu Sep 29 2022 Liming Sun - 2.0.6-15 +- Add dependency of libfuse2 for .deb +- rshim-pcie: add a new bad-access code +- Fix a potential NULL pointer access during USB disconnect +- Adjust default boot timeout to 150s + +* Tue Aug 16 2022 Liming Sun - 2.0.6-14 +- Avoid potential race when stopping the rshim process +- Add configuration option to enable/disable PCIe VFIO/UIO +- Fix warnings for compiling on 32-bit BMC +- Mustang rshim usb supports for 4B and 8B transactions + +* Sun Jul 17 2022 Liming Sun - 2.0.6-13 +- BF3: Support 32-bit CR-space access via USB +- Avoid kernel-modules-extra dependency on ctyunos + +* Thu Jun 16 2022 Liming Sun - 2.0.6-12 +- Optimize the rshim_work_fd +- Detect new USB/rshim hot plugin + +* Mon May 16 2022 Liming Sun - 2.0.6-11 +- Avoid kernel crash when unbind rshim from uio + +* Mon May 02 2022 Liming Sun - 2.0.6-10 +- Fix several compiling issues for FreeBSD + +* Thu Apr 28 2022 Liming Sun - 2.0.6-9 +- Use per-device memory-map mode + +* Mon Apr 18 2022 Liming Sun - 2.0.6-8 +- Add interrupt polling for direct mmap() mode +- Fix several coverity warnings + +* Thu Apr 07 2022 Liming Sun - 2.0.6-7 +- Keep intr_fd during rshim_pcie disable/enable +- Mustang: Add support for rshim over pcie and pcie_lf + +* Wed Mar 30 2022 Liming Sun - 2.0.6-6 +- Clear scratchpad1 to 0 before PCI resources are unmapped +- Fallback to UIO if VFIO failed + +* Fri Mar 18 2022 Liming Sun - 2.0.6-5 +- PCIe: Add UIO and IRQ support +- PCIe: Remove 32-bit support + +* Mon Feb 28 2022 Liming Sun - 2.0.6-4 +- VFIO support +- Fix potential race in rshim_work_signal + +* Mon Nov 29 2021 Liming Sun - 2.0.6-3 +- Adjust the defaul value of usb_reset_delay to 5 +- Add a delay after USB probe +- Make the reset delay configurable + +* Wed Nov 03 2021 Liming Sun - 2.0.6-2 +- bfb-install: Handle new indications for installation completion +- Clean up some un-needed register definition +- Fix MTU of the tmfifo_net0 interface on FreeBSD +- Several fixes to prevent hypervisor crash +- Refine some BF-2 Rev0 workaround condition + +* Wed May 12 2021 Liming Sun - 2.0.6-1 +- Disable the background timer if no rshim devices +- Setting default path for rshim config file + +* Wed Mar 10 2021 Liming Sun - 2.0.5-10 +- PCIe hotplug support +- Reduce CPU utilization when there is no rshim device + +* Wed Jan 27 2021 Liming Sun - 2.0.5-9 +- Fix potential tmfifo data loss +- Add workaround checking for Bluefield-2 REV-0 +- Fix network traffic stop issue when Tx buffer full + +* Fri Dec 11 2020 Liming Sun - 2.0.5-8 +- Don't allow any register access when DROP_MODE is set +- Avoid potential race in rshim_fifo_read + +* Wed Dec 09 2020 Liming Sun - 2.0.5-7 +- Fix potential dead-lock when calling rshim_access_check +- Ignore rshim access checking when global drop mode is enabled +- Fix some secure boot related issue + +* Wed Dec 02 2020 Liming Sun - 2.0.5-6 +- Add some default configuration in rshim.conf +- Change the debug level of Rshim byte access widget timeout +- Add bfb-install script + +* Thu Oct 29 2020 Liming Sun - 2.0.5-5 +- Check rshim accessibility when re-enabling it +- Enable console output during boot stream pushing +- Add some delay for the pcie_lf probe +- Auto-start rshim service after installation + +* Fri Sep 25 2020 Liming Sun - 2.0.5-4 +- Some robust fixes for USB rshim +- Fix a typo in pcie mmap + +* Mon Aug 17 2020 Liming Sun - 2.0.5-3 +- Fix several coverity warnings +- Add workaround to boot Viper rev A0 in LiveFish mode +- Display/configure OPN string for BlueField-2 + +* Fri Jul 24 2020 Liming Sun - 2.0.5-2 +- Add configuration file support +- misc: Display device version / revision ID +- Add service file for FreeBSD + +* Tue Jun 16 2020 Liming Sun - 2.0.5-1 +- Improve response time to ctrl+c for boot stream +- Fix a rpmbuild issue when make_build is not defined +- Add DROP_MODE configuration in misc file +- Avoid reading the fifo if still booting +- Fix configure issue for FreeBSD 12.1-RELEASE +- Add domain id to the DEV_NAME in the misc file +- Fix the debian copyright format +- Enhance rshim_pcie_enable function + +* Tue Apr 21 2020 Liming Sun - 2.0.4-1 +- Update .spec file according to review comments +- Fix the 'KillMode' in rshim.service +- Support process termination by SIGTERM +- Fix some compiling warnings and configure issue for FreeBSD +- Fix a read()/write() issue in rshim_pcie.c caused by optimization + +* Tue Apr 14 2020 Liming Sun - 2.0.3-1 +- Enable pci device during probing +- Map the pci resource0 file instead of /dev/mem +- Add copyright header in bootstrap.sh +- Add 'Requires' tag check in the rpm .spec for kernel-modules-extra +- Fix the 'rshim --version' output + +* Thu Apr 09 2020 Liming Sun - 2.0.2-1 +- Remove unnecessary dependency in .spec and use make_build +- Add package build for debian/ubuntu +- Fix some format in the man page +- Add check for syslog headers + +* Mon Mar 23 2020 Liming Sun - 2.0.1-1 +- Rename bfrshim to rshim +- Remove rshim.spec since it's auto-generated from rshim.spec.in +- Fix some warnings reported by coverity +- Add file rhel/rshim.spec.in for fedora +- Move rshim to sbin and move man page to man8 + +* Fri Mar 13 2020 Liming Sun - 2.0-1 +- Update the spec file according to fedora packaging-guidelines + +* Mon Dec 16 2019 Liming Sun +- Initial packaging diff --git a/SPECS/rsyslog/issue5158.patch b/SPECS/rsyslog/issue5158.patch new file mode 100644 index 0000000000..20e6791b0e --- /dev/null +++ b/SPECS/rsyslog/issue5158.patch @@ -0,0 +1,185 @@ +From d336dc3fb9788a247d512eee81ad8b49b2614100 Mon Sep 17 00:00:00 2001 +From: Rainer Gerhards +Date: Tue, 26 Sep 2023 14:38:44 +0200 +Subject: [PATCH] fix startup issue on modern systemd systems + +When we startup AND are told to auto-background ourselfs, we must +close all unneeded file descriptors. Not doing this has some +security implications. Traditionally, we do this by iterating +over all possible file descriptor values. This is fairly compatible, +because we need no OS-specific method. However, modern systemd configs +tend to not limit the number of fds, so there are potentially 2^30(*) +fds to close. While this is OKish, it takes some time and makes +systemd think that rsyslog did not properly start up. + +We have now solved this by using the /proc filesystem to obtain our +currently open fds. This works for Linux, as well as Cygwin, NetBSD, +FreeBDS and MacOS. Where not available,and close_range() is available +on the (build) platform, we try to use it. If that fails as well, we +fall back to the traditional method. In our opionion, this fallback +is unproblematic, as on these platforms there is no systemd and in +almost all cases a decent number of fds to close. + +Very special thanks go out to Brennan Kinney, who clearly described +the issue to us on github and also provided ample ways to solve it. +What we did is just implement what we think is the best fit from +rsyslog's PoV. + +(*) Some details below on the number of potentially to close fds. + This is directly from a github posting from Brennan Kinney. +Just to clarify, by default since systemd v240 (2018Q4), that +should be `1024:524288` limit. As in the soft limit is the expected +`1024`. + +The problem is other software shipping misconfiguration in systemd +services that overrides this to something silly like +`LimitNOFILE=infinity`. +- Which will map to the sysctl `fs.nr_open` (_a value systemd + v240 also raises from `2^20` to 2^30`, some distro like Debian are + known to opt-out via patch for the `fs.nr_open` change_). +- With the biggest issue there being that the soft limit was also + set to `infinity` instead of their software requesting to raise + the soft limit to a higher value that the hard limit permits. + `infinity` isn't at all sane though. +- The known source of this misconfiguration is container software such + as Docker and `containerd` (_which would often sync with the + systemd `.service` config from the Docker daemon `dockerd.service`_). + +closes https://github.com/rsyslog/rsyslog/issues/5158 +--- + configure.ac | 4 +-- + tools/rsyslogd.c | 68 +++++++++++++++++++++++++++++++++++++++++++----- + 2 files changed, 63 insertions(+), 9 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 484b74ca7..036a40d5d 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -200,7 +200,7 @@ AC_CHECK_HEADERS([malloc.h],[],[],[ + #endif + ] + ]) +-AC_CHECK_HEADERS([fcntl.h locale.h netdb.h netinet/in.h paths.h stddef.h stdlib.h string.h sys/file.h sys/ioctl.h sys/param.h sys/socket.h sys/time.h sys/stat.h unistd.h utmp.h utmpx.h sys/epoll.h sys/prctl.h sys/select.h getopt.h]) ++AC_CHECK_HEADERS([fcntl.h locale.h netdb.h netinet/in.h paths.h stddef.h stdlib.h string.h sys/file.h sys/ioctl.h sys/param.h sys/socket.h sys/time.h sys/stat.h unistd.h utmp.h utmpx.h sys/epoll.h sys/prctl.h sys/select.h getopt.h linux/close_range.h]) + + # Checks for typedefs, structures, and compiler characteristics. + AC_C_CONST +@@ -233,7 +233,7 @@ AC_TYPE_SIGNAL + AC_FUNC_STAT + AC_FUNC_STRERROR_R + AC_FUNC_VPRINTF +-AC_CHECK_FUNCS([flock recvmmsg basename alarm clock_gettime gethostbyname gethostname gettimeofday localtime_r memset mkdir regcomp select setsid socket strcasecmp strchr strdup strerror strndup strnlen strrchr strstr strtol strtoul uname ttyname_r getline malloc_trim prctl epoll_create epoll_create1 fdatasync syscall lseek64 asprintf]) ++AC_CHECK_FUNCS([flock recvmmsg basename alarm clock_gettime gethostbyname gethostname gettimeofday localtime_r memset mkdir regcomp select setsid socket strcasecmp strchr strdup strerror strndup strnlen strrchr strstr strtol strtoul uname ttyname_r getline malloc_trim prctl epoll_create epoll_create1 fdatasync syscall lseek64 asprintf close_range]) + AC_CHECK_FUNC([setns], [AC_DEFINE([HAVE_SETNS], [1], [Define if setns exists.])]) + AC_CHECK_TYPES([off64_t]) + +diff --git a/tools/rsyslogd.c b/tools/rsyslogd.c +index 08bd5fd89..fa37f7a3a 100644 +--- a/tools/rsyslogd.c ++++ b/tools/rsyslogd.c +@@ -3,7 +3,7 @@ + * because it was either written from scratch by me (rgerhards) or + * contributors who agreed to ASL 2.0. + * +- * Copyright 2004-2022 Rainer Gerhards and Adiscon ++ * Copyright 2004-2023 Rainer Gerhards and Adiscon + * + * This file is part of rsyslog. + * +@@ -27,6 +27,7 @@ + #include + #include + #include ++#include + #include + #include + #ifdef ENABLE_LIBLOGGING_STDLOG +@@ -40,6 +41,9 @@ + #ifdef ENABLE_LIBCAPNG + #include + #endif ++#if defined(HAVE_LINUX_CLOSE_RANGE_H) ++# include ++#endif + + #include "rsyslog.h" + #include "wti.h" +@@ -368,6 +372,36 @@ finalize_it: + RETiRet; + } + ++ ++ ++/* note: this function is specific to OS'es which provide ++ * the ability to read open file descriptors via /proc. ++ * returns 0 - success, something else otherwise ++ */ ++static int ++close_unneeded_open_files(const char *const procdir, ++ const int beginClose, const int parentPipeFD) ++{ ++ DIR *dir; ++ struct dirent *entry; ++ ++ dir = opendir(procdir); ++ if (dir == NULL) { ++ dbgprintf("closes unneeded files: opendir failed for %s\n", procdir); ++ return 1; ++ } ++ ++ while ((entry = readdir(dir)) != NULL) { ++ const int fd = atoi(entry->d_name); ++ if(fd >= beginClose && (((fd != dbgGetDbglogFd()) && (fd != parentPipeFD)))) { ++ close(fd); ++ } ++ } ++ ++ closedir(dir); ++ return 0; ++} ++ + /* prepares the background processes (if auto-backbrounding) for + * operation. + */ +@@ -413,12 +447,32 @@ prepareBackground(const int parentPipeFD) + } + #endif + +- /* close unnecessary open files */ +- const int endClose = getdtablesize(); +- close(0); +- for(int i = beginClose ; i <= endClose ; ++i) { +- if((i != dbgGetDbglogFd()) && (i != parentPipeFD)) { +- aix_close_it(i); /* AIXPORT */ ++ /* close unnecessary open files - first try to use /proc file system, ++ * if that is not possible iterate through all potentially open file ++ * descriptors. This can be lenghty, but in practice /proc should work ++ * for almost all current systems, and the fallback is primarily for ++ * Solaris and AIX, where we do expect a decent max numbers of fds. ++ */ ++ close(0); /* always close stdin, we do not need it */ ++ ++ /* try Linux, Cygwin, NetBSD */ ++ if(close_unneeded_open_files("/proc/self/fd", beginClose, parentPipeFD) != 0) { ++ /* try MacOS, FreeBSD */ ++ if(close_unneeded_open_files("/proc/fd", beginClose, parentPipeFD) != 0) { ++ /* did not work out, so let's close everything... */ ++ const int endClose = getdtablesize(); ++# if defined(HAVE_CLOSE_RANGE) ++ if(close_range(beginClose, endClose, 0) != 0) { ++ dbgprintf("errno %d after close_range(), fallback to loop\n", errno); ++# endif ++ for(int i = beginClose ; i <= endClose ; ++i) { ++ if((i != dbgGetDbglogFd()) && (i != parentPipeFD)) { ++ aix_close_it(i); /* AIXPORT */ ++ } ++ } ++# if defined(HAVE_CLOSE_RANGE) ++ } ++# endif + } + } + seedRandomNumberForChild(); +-- +2.33.8 + diff --git a/SPECS/rsyslog/rsyslog.spec b/SPECS/rsyslog/rsyslog.spec index 55f00fb9fe..b74197331d 100644 --- a/SPECS/rsyslog/rsyslog.spec +++ b/SPECS/rsyslog/rsyslog.spec @@ -3,7 +3,7 @@ Summary: Rocket-fast system for log processing Name: rsyslog Version: 8.2308.0 -Release: 4%{?dist} +Release: 5%{?dist} License: GPLv3+ AND ASL 2.0 Vendor: Intel Corporation Distribution: Edge Microvisor Toolkit @@ -17,6 +17,7 @@ Source3: rsyslog.conf Source4: https://www.rsyslog.com/files/download/rsyslog/%{name}-doc-%{base_version}.0.tar.gz Source5: rsyslog.logrotate Source6: 00rsyslog.conf +Patch0: issue5158.patch BuildRequires: autogen BuildRequires: curl-devel BuildRequires: gnutls-devel @@ -81,6 +82,7 @@ BuildRequires: net-snmp-devel %prep # Unpack the code source tarball %setup -q +%patch 0 -p1 # Unpack the documentation tarball in the folder created above %setup -q -a 4 -T -D # Remove documentation sources @@ -210,6 +212,10 @@ fi %{_libdir}/rsyslog/omsnmp.so %changelog +* Thu Apr 28 2025 Ranjan Dutta - 8.2308.0-5 +- merge from Azure Linux tag 3.0.20250423-3.0 +- Add patch to fix upstream issue #5158 + * Thu Sep 19 2024 Naveen Saini - 8.2308.0-4 - Rename log files required to rancher setup diff --git a/SPECS/selinux-policy/0036-fstools-Add-additional-perms-for-cloud-utils-growpar.patch b/SPECS/selinux-policy/0036-fstools-Add-additional-perms-for-cloud-utils-growpar.patch index 35ca17598f..7619c27d02 100644 --- a/SPECS/selinux-policy/0036-fstools-Add-additional-perms-for-cloud-utils-growpar.patch +++ b/SPECS/selinux-policy/0036-fstools-Add-additional-perms-for-cloud-utils-growpar.patch @@ -1,4 +1,4 @@ -From b9d020a7a6ec6a9f63f53c461c84ac88ea32c1d5 Mon Sep 17 00:00:00 2001 +From 35bea40b88739358a0f8e5a104e7cb1180e20f8b Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Tue, 6 Aug 2024 11:35:33 -0400 Subject: [PATCH 36/37] fstools: Add additional perms for cloud-utils-growpart. @@ -7,10 +7,11 @@ Missed in previous growpart patch due to testing errors. Signed-off-by: Chris PeBenito --- - policy/modules/admin/cloudinit.if | 38 +++++++++++++++++++++++++++++++ - policy/modules/system/fstools.fc | 2 ++ - policy/modules/system/fstools.te | 14 ++++++++++-- - 3 files changed, 52 insertions(+), 2 deletions(-) + policy/modules/admin/cloudinit.if | 38 +++++++++++++++++++++++++++++ + policy/modules/kernel/filesystem.if | 20 +++++++++++++++ + policy/modules/system/fstools.fc | 2 ++ + policy/modules/system/fstools.te | 16 ++++++++++-- + 4 files changed, 74 insertions(+), 2 deletions(-) diff --git a/policy/modules/admin/cloudinit.if b/policy/modules/admin/cloudinit.if index 6d427e771..25e94729e 100644 @@ -65,6 +66,37 @@ index 6d427e771..25e94729e 100644 + files_search_tmp($1) + manage_files_pattern($1, cloud_init_tmp_t, cloud_init_tmp_t) +') +diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if +index 2f5412c30..f6ba45dd2 100644 +--- a/policy/modules/kernel/filesystem.if ++++ b/policy/modules/kernel/filesystem.if +@@ -5552,6 +5552,26 @@ interface(`fs_getattr_tmpfs',` + allow $1 tmpfs_t:filesystem getattr; + ') + ++######################################## ++##

++## Do not audit attempts to get the attributes of a tmpfs ++## filesystem. ++## ++## ++## ++## Domain to not audit. ++## ++## ++## ++# ++interface(`fs_dontaudit_getattr_tmpfs',` ++ gen_require(` ++ type tmpfs_t; ++ ') ++ ++ dontaudit $1 tmpfs_t:filesystem getattr; ++') ++ + ######################################## + ## + ## Allow the type to associate to tmpfs filesystems. diff --git a/policy/modules/system/fstools.fc b/policy/modules/system/fstools.fc index 63423802d..0fa9fb5c0 100644 --- a/policy/modules/system/fstools.fc @@ -86,10 +118,10 @@ index 63423802d..0fa9fb5c0 100644 /usr/sbin/install-mbr -- gen_context(system_u:object_r:fsadm_exec_t,s0) /usr/sbin/jfs_.* -- gen_context(system_u:object_r:fsadm_exec_t,s0) diff --git a/policy/modules/system/fstools.te b/policy/modules/system/fstools.te -index d5e090c28..18a42890c 100644 +index d5e090c28..49fc02b2c 100644 --- a/policy/modules/system/fstools.te +++ b/policy/modules/system/fstools.te -@@ -201,8 +201,18 @@ optional_policy(` +@@ -201,8 +201,20 @@ optional_policy(` ') optional_policy(` @@ -98,6 +130,8 @@ index d5e090c28..18a42890c 100644 + cloudinit_manage_tmp_files(fsadm_t) + cloudinit_manage_tmp_dirs(fsadm_t) + ++ fs_dontaudit_getattr_tmpfs(fsadm_t) ++ + optional_policy(` + # cloud-utils-growpart + lvm_domtrans(fsadm_t) @@ -111,5 +145,5 @@ index d5e090c28..18a42890c 100644 optional_policy(` -- -2.46.0 +2.48.1 diff --git a/SPECS/selinux-policy/selinux-policy.spec b/SPECS/selinux-policy/selinux-policy.spec index 83c499ffb4..b4fcc6a601 100644 --- a/SPECS/selinux-policy/selinux-policy.spec +++ b/SPECS/selinux-policy/selinux-policy.spec @@ -9,7 +9,7 @@ Summary: SELinux policy Name: selinux-policy Version: %{refpolicy_major}.%{refpolicy_minor} -Release: 17%{?dist} +Release: 18%{?dist} License: GPLv2 Vendor: Intel Corporation Distribution: Edge Microvisor Toolkit @@ -73,6 +73,8 @@ Patch51: 0049-Fix-tpm2_abrmd-selinux-permission-denied.patch Patch52: 0050-Fix-fsadm-selinux-permission-denied.patch Patch53: 0051-Fix-ntpd-selinux-permission-denied.patch Patch54: 0038-enable-liveos-iso-flow.patch + +Patch55: 0036-fstools-Add-additional-perms-for-cloud-utils-growpar.patch BuildRequires: bzip2 BuildRequires: checkpolicy >= %{CHECKPOLICYVER} BuildRequires: m4 @@ -344,6 +346,10 @@ exit 0 selinuxenabled && semodule -nB exit 0 %changelog +* Thu Apr 28 2025 Ranjan Dutta - 2.20240226-18 +- Bump up the version on merge frm AZL tag 3.0.20250423-3.0 +- Add tmpfs fix for cloud-utils-growpart. + * Fri Mar 07 2025 Ranjan Dutta - 2.20240226-17 - Bump up the version on merge frm AZL tag 3.0.20250206-3.0 - Enable SELinux for LiveOS ISO. diff --git a/SPECS/skopeo/CVE-2025-27144.patch b/SPECS/skopeo/CVE-2025-27144.patch new file mode 100644 index 0000000000..5b897aacac --- /dev/null +++ b/SPECS/skopeo/CVE-2025-27144.patch @@ -0,0 +1,88 @@ +From 4da065cd7a4f7263e96bc7028f674c7730177035 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Fri, 28 Feb 2025 19:31:53 +0000 +Subject: [PATCH] CVE-2025-27144 +Upstream Reference: https://github.com/go-jose/go-jose/commit/5253038e3b5f64a2200b5b6c72107bf9823f4358 + +--- + vendor/github.com/go-jose/go-jose/v3/jwe.go | 5 +++-- + vendor/github.com/go-jose/go-jose/v3/jws.go | 5 +++-- + vendor/gopkg.in/go-jose/go-jose.v2/jwe.go | 5 +++-- + vendor/gopkg.in/go-jose/go-jose.v2/jws.go | 5 +++-- + 4 files changed, 12 insertions(+), 8 deletions(-) + +diff --git a/vendor/github.com/go-jose/go-jose/v3/jwe.go b/vendor/github.com/go-jose/go-jose/v3/jwe.go +index 4267ac7..1ba4ae0 100644 +--- a/vendor/github.com/go-jose/go-jose/v3/jwe.go ++++ b/vendor/github.com/go-jose/go-jose/v3/jwe.go +@@ -202,10 +202,11 @@ func (parsed *rawJSONWebEncryption) sanitized() (*JSONWebEncryption, error) { + + // parseEncryptedCompact parses a message in compact format. + func parseEncryptedCompact(input string) (*JSONWebEncryption, error) { +- parts := strings.Split(input, ".") +- if len(parts) != 5 { ++ // Five parts is four separators ++ if strings.Count(input, ".") != 4 { + return nil, fmt.Errorf("go-jose/go-jose: compact JWE format must have five parts") + } ++ parts := strings.SplitN(input, ".", 5) + + rawProtected, err := base64URLDecode(parts[0]) + if err != nil { +diff --git a/vendor/github.com/go-jose/go-jose/v3/jws.go b/vendor/github.com/go-jose/go-jose/v3/jws.go +index e37007d..401fc18 100644 +--- a/vendor/github.com/go-jose/go-jose/v3/jws.go ++++ b/vendor/github.com/go-jose/go-jose/v3/jws.go +@@ -275,10 +275,11 @@ func (parsed *rawJSONWebSignature) sanitized() (*JSONWebSignature, error) { + + // parseSignedCompact parses a message in compact format. + func parseSignedCompact(input string, payload []byte) (*JSONWebSignature, error) { +- parts := strings.Split(input, ".") +- if len(parts) != 3 { ++ // Three parts is two separators ++ if strings.Count(input, ".") != 2 { + return nil, fmt.Errorf("go-jose/go-jose: compact JWS format must have three parts") + } ++ parts := strings.SplitN(input, ".", 3) + + if parts[1] != "" && payload != nil { + return nil, fmt.Errorf("go-jose/go-jose: payload is not detached") +diff --git a/vendor/gopkg.in/go-jose/go-jose.v2/jwe.go b/vendor/gopkg.in/go-jose/go-jose.v2/jwe.go +index a8966ab..faebb8d 100644 +--- a/vendor/gopkg.in/go-jose/go-jose.v2/jwe.go ++++ b/vendor/gopkg.in/go-jose/go-jose.v2/jwe.go +@@ -201,10 +201,11 @@ func (parsed *rawJSONWebEncryption) sanitized() (*JSONWebEncryption, error) { + + // parseEncryptedCompact parses a message in compact format. + func parseEncryptedCompact(input string) (*JSONWebEncryption, error) { +- parts := strings.Split(input, ".") +- if len(parts) != 5 { ++ // Five parts is four separators ++ if strings.Count(input, ".") != 4 { + return nil, fmt.Errorf("go-jose/go-jose: compact JWE format must have five parts") + } ++ parts := strings.SplitN(input, ".", 5) + + rawProtected, err := base64.RawURLEncoding.DecodeString(parts[0]) + if err != nil { +diff --git a/vendor/gopkg.in/go-jose/go-jose.v2/jws.go b/vendor/gopkg.in/go-jose/go-jose.v2/jws.go +index 1a24fa4..717f04a 100644 +--- a/vendor/gopkg.in/go-jose/go-jose.v2/jws.go ++++ b/vendor/gopkg.in/go-jose/go-jose.v2/jws.go +@@ -275,10 +275,11 @@ func (parsed *rawJSONWebSignature) sanitized() (*JSONWebSignature, error) { + + // parseSignedCompact parses a message in compact format. + func parseSignedCompact(input string, payload []byte) (*JSONWebSignature, error) { +- parts := strings.Split(input, ".") +- if len(parts) != 3 { ++ // Three parts is two separators ++ if strings.Count(input, ".") != 2 { + return nil, fmt.Errorf("go-jose/go-jose: compact JWS format must have three parts") + } ++ parts := strings.SplitN(input, ".", 3) + + if parts[1] != "" && payload != nil { + return nil, fmt.Errorf("go-jose/go-jose: payload is not detached") +-- +2.45.2 + diff --git a/SPECS/skopeo/skopeo.spec b/SPECS/skopeo/skopeo.spec index 9ae57c6b3c..8553a35b4c 100644 --- a/SPECS/skopeo/skopeo.spec +++ b/SPECS/skopeo/skopeo.spec @@ -1,7 +1,7 @@ Summary: Inspect container images and repositories on registries Name: skopeo Version: 1.14.4 -Release: 4%{?dist} +Release: 5%{?dist} License: Apache-2.0 Vendor: Microsoft Corporation Distribution: Azure Linux @@ -12,6 +12,7 @@ Patch0: CVE-2022-2879.patch Patch1: CVE-2024-6104.patch Patch2: CVE-2023-45288.patch Patch3: CVE-2024-9676.patch +Patch4: CVE-2025-27144.patch %global debug_package %{nil} %define our_gopath %{_topdir}/.gopath @@ -51,6 +52,9 @@ make test-unit-local %{_mandir}/man1/%%{name}* %changelog +* Fri Apr 28 2025 Ranjan Dutta - 1.14.4-5 +- merge from Azure Linux tag 3.0.20250423-3.0 + * Fri Mar 21 2025 Anuj Mittal - 1.14.4-4 - Bump Release to rebuild diff --git a/SPECS/sockperf/sockperf.signatures.json b/SPECS/sockperf/sockperf.signatures.json new file mode 100644 index 0000000000..ed3db5a58c --- /dev/null +++ b/SPECS/sockperf/sockperf.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "sockperf-3.10.tar.gz": "9e16b8e7774d62c03b51c6161fd4950c9b81080fa11c09d180a2630a533f31af" + } +} \ No newline at end of file diff --git a/SPECS/sockperf/sockperf.spec b/SPECS/sockperf/sockperf.spec new file mode 100644 index 0000000000..39c25b61ca --- /dev/null +++ b/SPECS/sockperf/sockperf.spec @@ -0,0 +1,88 @@ +%global version 3.10 +%global git_ref 5ebd327da983225321818c0355db922515e026bd +%global release 0.git5ebd327da983.2410068 +%global full_ver %{version}-%{release} + +Name: sockperf +Version: %{version} +Release: 1%{?dist} +Summary: Network benchmarking utility for testing latency and throughput +Group: Applications/Internet +License: BSD +Vendor: Microsoft Corporation +Distribution: Azure Linux +URL: https://github.com/mellanox/%{name} +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/24.10-0.7.0.0/SRPMS/sockperf-3.10.tar.gz#/%{name}-%{version}.tar.gz +ExclusiveArch: x86_64 + +BuildRequires: doxygen + +# can't use _pkgdocdir neither _docdir since it is not the same even where it is defined +%global _my_pkgdocdir /usr/share/doc/%{name} + + +%description +sockperf is a network benchmarking utility over socket API that was designed +for testing performance (latency and throughput) of high-performance systems +(it is also good for testing performance of regular networking systems as +well). It covers most of the socket API calls and options. + +Specifically, in addition to the standard throughput tests, sockperf, does the +following: + +* Measure latency of each discrete packet at sub-nanosecond resolution (using + TSC register that counts CPU ticks with very low overhead). + +* Does the above for both ping-pong mode and for latency under load mode. This + means that we measure latency of single packets even under load of millions + Packets Per Second (without waiting for reply of packet before sending + subsequent packet on time) + +* Enable spike analysis by providing histogram, with various percentiles of the + packets' latencies (for example: median, min, max, 99% percentile, and more), + (this is in addition to average and standard deviation). Also, sockperf + provides full log with all packet's tx/rx times that can be further analyzed + with external tools, such as MS-Excel or matplotlib - All this without + affecting the benchmark itself. + +* Support MANY optional settings for good coverage of socket API and network + configurations, while still keeping very low overhead in the fast path to + allow cleanest results. + +%prep +#%setup -q -n %{name}-%{git_ref} +%setup -q -n %{name}-%{version} + + +%build + +# Upstream wants and defaults to "-O3 --param inline-unit-growth=200". +# The Fedora optflags would override the former, so let's put it back. +# Avner wrote: +# > I reached that in the past after fine tuning the performance of sockperf. +# > We used sockperf for measuring latency of extremely fast networks. +# > Sometimes at sub microsecond resolution. This parameter helps us keeping +# > the entire fast path of the application as "one big function" with no +# > calls to other functions because it helps the compiler to respect all our +# > "inline" directive for other functions that we call (while still keeping +# > the "one big function" at a reasonable size for good performance at run +# > time). +export CXXFLAGS='%{optflags} -O3' +%configure --enable-doc +# --enable-tool --enable-test +make %{?_smp_mflags} + +%install +make install DESTDIR="%{?buildroot}" + +%files +%defattr(-,root,root,-) +%license copying +%{_bindir}/%{name} +%{_mandir}/man3/%{name}.3.* +%{_my_pkgdocdir} + +%changelog +* Tue Dec 17 2024 Binu Jose Philip +- Initial Azure Linux import from NVIDIA (license: BSD). +- License verified diff --git a/SPECS/srp/srp.signatures.json b/SPECS/srp/srp.signatures.json new file mode 100644 index 0000000000..226e0a5845 --- /dev/null +++ b/SPECS/srp/srp.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "srp-24.10.tgz": "bc4897a8317fe2204109cffe935ae64aeb7dd5f09df3ac9a0317ddfb6ed71286" + } +} diff --git a/SPECS/srp/srp.spec b/SPECS/srp/srp.spec new file mode 100644 index 0000000000..00d556d85d --- /dev/null +++ b/SPECS/srp/srp.spec @@ -0,0 +1,297 @@ +# +# Copyright (c) 2014 Mellanox Technologies. All rights reserved. +# +# This Software is licensed under one of the following licenses: +# +# 1) under the terms of the "Common Public License 1.0" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/cpl.php. +# +# 2) under the terms of the "The BSD License" a copy of which is +# available from the Open Source Initiative, see +# http://www.opensource.org/licenses/bsd-license.php. +# +# 3) under the terms of the "GNU General Public License (GPL) Version 2" a +# copy of which is available from the Open Source Initiative, see +# http://www.opensource.org/licenses/gpl-license.php. +# +# Licensee has the right to choose one of the above licenses. +# +# Redistributions of source code must retain the above copyright +# notice and one of the license notices. +# +# Redistributions in binary form must reproduce both the above copyright +# notice, one of the license notices in the documentation +# and/or other materials provided with the distribution. +# +# + +%global last-known-kernel 6.6.82.1-1 + +%if 0%{emt} +%global target_kernel_version_full %(/bin/rpm -q --queryformat '%{VERSION}-%{RELEASE}' kernel-headers) +%else +%global target_kernel_version_full f.a.k.e +%endif + +%global KVERSION %{target_kernel_version_full} +%global K_SRC /lib/modules/%{target_kernel_version_full}/build + +%{!?_name: %define _name srp} +%{!?_version: %define _version 24.10} +%{!?_release: %define _release OFED.24.10.0.6.7.1} + +# KMP is disabled by default +%{!?KMP: %global KMP 0} + +# take kernel version or default to uname -r +# %{!?KVERSION: %global KVERSION %(uname -r)} +%{!?KVERSION: %global KVERSION %{target_kernel_version_full}} +%global kernel_version %{KVERSION} +%global krelver %(echo -n %{KVERSION} | sed -e 's/-/_/g') +# take path to kernel sources if provided, otherwise look in default location (for non KMP rpms). +%{!?K_SRC: %global K_SRC /lib/modules/%{KVERSION}/build} + +# define release version +%{!?src_release: %global src_release %{_release}_%{krelver}} +%if "%{KMP}" != "1" +%global _release1 %{src_release} +%else +%global _release1 %{_release} +%endif +%global _kmp_rel %{_release1}%{?_kmp_build_num}%{?_dist} + +Summary: srp driver +Name: srp +Version: 24.10 +Release: 13%{?dist} +License: GPLv2 +Url: http://www.mellanox.com +Group: System Environment/Base +Source: https://linux.mellanox.com/public/repo/mlnx_ofed/24.10-0.7.0.0/SRPMS/srp-24.10.tgz#/%{name}-%{version}.tgz +BuildRoot: /var/tmp/%{name}-%{version}-build +Vendor: Microsoft Corporation +Distribution: Azure Linux +ExclusiveArch: x86_64 + +BuildRequires: gcc +BuildRequires: make +BuildRequires: kernel-devel = %{target_kernel_version_full} +BuildRequires: kernel-headers = %{target_kernel_version_full} +BuildRequires: binutils +BuildRequires: systemd +BuildRequires: kmod +BuildRequires: libconfig-devel +BuildRequires: mlnx-ofa_kernel-devel = %{_version} +BuildRequires: mlnx-ofa_kernel-source = %{_version} + +Requires: mlnx-ofa_kernel = %{_version} +Requires: mlnx-ofa_kernel-modules = %{_version} +Requires: kernel = %{target_kernel_version_full} +Requires: kmod + +%description +%{name} kernel modules + +# build KMP rpms? +%if "%{KMP}" == "1" +%global kernel_release() $(make -s -C %{1} kernelrelease M=$PWD) +BuildRequires: %kernel_module_package_buildreqs +%(mkdir -p %{buildroot}) +%(echo '%defattr (-,root,root)' > %{buildroot}/file_list) +%(echo '/lib/modules/%2-%1' >> %{buildroot}/file_list) +%(echo '%config(noreplace) %{_sysconfdir}/depmod.d/zz02-%{name}-*-%1.conf' >> %{buildroot}/file_list) +%{kernel_module_package -f %{buildroot}/file_list -x xen -r %{_kmp_rel} } +%else +%global kernel_source() %{K_SRC} +%global kernel_release() %{KVERSION} +%global flavors_to_build default +%endif + +# +# setup module sign scripts if paths to the keys are given +# +%global WITH_MOD_SIGN %(if ( test -f "$MODULE_SIGN_PRIV_KEY" && test -f "$MODULE_SIGN_PUB_KEY" ); \ + then \ + echo -n '1'; \ + else \ + echo -n '0'; fi) + +%if "%{WITH_MOD_SIGN}" == "1" +# call module sign script +%global __modsign_install_post \ + %{_builddir}/%{name}-%{version}/source/tools/sign-modules %{buildroot}/lib/modules/ %{kernel_source default} || exit 1 \ +%{nil} + +%global __debug_package 1 +%global buildsubdir %{name}-%{version} +# Disgusting hack alert! We need to ensure we sign modules *after* all +# invocations of strip occur, which is in __debug_install_post if +# find-debuginfo.sh runs, and __os_install_post if not. +# +%global __spec_install_post \ + %{?__debug_package:%{__debug_install_post}} \ + %{__arch_install_post} \ + %{__os_install_post} \ + %{__modsign_install_post} \ +%{nil} + +%endif # end of setup module sign scripts +# + +%if "%{_vendor}" == "suse" +%debug_package +%endif + +%if 0%{?anolis} == 8 +%global __find_requires %{nil} +%endif + +# set modules dir +%if "%{_vendor}" == "redhat" || ("%{_vendor}" == "openEuler") +%if 0%{?fedora} +%global install_mod_dir updates/%{name} +%else +%global install_mod_dir extra/%{name} +%endif +%endif + +%if "%{_vendor}" == "suse" +%global install_mod_dir updates/%{name} +%endif + +%{!?install_mod_dir: %global install_mod_dir updates/%{name}} + +%prep +%setup +set -- * +mkdir source +mv "$@" source/ +mkdir obj + +%build +export EXTRA_CFLAGS='-DVERSION=\"%version\"' +export INSTALL_MOD_DIR=%{install_mod_dir} +export CONF_OPTIONS="%{configure_options}" +for flavor in %{flavors_to_build}; do + export K_BUILD=%{kernel_source $flavor} + export KVER=%{kernel_release $K_BUILD} + export LIB_MOD_DIR=/lib/modules/$KVER/$INSTALL_MOD_DIR + rm -rf obj/$flavor + cp -r source obj/$flavor + cd $PWD/obj/$flavor + make + cd - +done + +%install +export INSTALL_MOD_PATH=%{buildroot} +export INSTALL_MOD_DIR=%{install_mod_dir} +export PREFIX=%{_prefix} +for flavor in %flavors_to_build; do + export K_BUILD=%{kernel_source $flavor} + export KVER=%{kernel_release $K_BUILD} + cd $PWD/obj/$flavor + make install KERNELRELEASE=$KVER + # Cleanup unnecessary kernel-generated module dependency files. + find $INSTALL_MOD_PATH/lib/modules -iname 'modules.*' -exec rm {} \; + cd - +done + +# Set the module(s) to be executable, so that they will be stripped when packaged. +find %{buildroot} \( -type f -name '*.ko' -o -name '*ko.gz' \) -exec %{__chmod} u+x \{\} \; + +%{__install} -d %{buildroot}%{_sysconfdir}/depmod.d/ +for module in `find %{buildroot}/ -name '*.ko' -o -name '*.ko.gz' | sort` +do +ko_name=${module##*/} +mod_name=${ko_name/.ko*/} +mod_path=${module/*\/%{name}} +mod_path=${mod_path/\/${ko_name}} +%if "%{_vendor}" == "suse" + for flavor in %{flavors_to_build}; do + if [[ $module =~ $flavor ]] || [ "X%{KMP}" != "X1" ];then + echo "override ${mod_name} * updates/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}-$flavor.conf + fi + done +%else + %if 0%{?fedora} + echo "override ${mod_name} * updates/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}.conf + %else + %if "%{_vendor}" == "redhat" || ("%{_vendor}" == "openEuler") + echo "override ${mod_name} * weak-updates/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}.conf + %endif + echo "override ${mod_name} * extra/%{name}${mod_path}" >> %{buildroot}%{_sysconfdir}/depmod.d/zz02-%{name}-${mod_name}.conf + %endif +%endif +done + + +%clean +rm -rf %{buildroot} + +%post +if [ $1 -ge 1 ]; then # 1 : This package is being installed or reinstalled + /sbin/depmod %{KVERSION} +fi # 1 : closed +# add SRP_LOAD=no to openib.conf +if [ -f "/etc/infiniband/openib.conf" ] && ! (grep -q SRP_LOAD /etc/infiniband/openib.conf > /dev/null 2>&1) ; then + echo "# Load SRP module" >> /etc/infiniband/openib.conf + echo "SRP_LOAD=no" >> /etc/infiniband/openib.conf +fi +# END of post + +%postun +/sbin/depmod %{KVERSION} + +%if "%{KMP}" != "1" +%files +%defattr(-,root,root,-) +%license source/debian/copyright +/lib/modules/%{KVERSION}/%{install_mod_dir}/ +%config(noreplace) %{_sysconfdir}/depmod.d/zz02-%{name}-*.conf +%endif + +%changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 24.10-13 +- Bump release to rebuild for new kernel release + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 24.10-12 +- Bump release to rebuild for new kernel release + +* Mon Mar 10 2025 Chris Co - 24.10-11 +- Bump release to rebuild for new kernel release + +* Wed Mar 05 2025 Rachel Menge - 24.10-10 +- Bump release to rebuild for new kernel release + +* Tue Mar 04 2025 Rachel Menge - 24.10-9 +- Bump release to rebuild for new kernel release + +* Wed Feb 19 2025 Chris Co - 24.10-8 +- Bump release to rebuild for new kernel release + +* Tue Feb 11 2025 Rachel Menge - 24.10-7 +- Bump release to rebuild for new kernel release + +* Wed Feb 05 2025 Tobias Brick - 24.10-6 +- Bump release to rebuild for new kernel release + +* Tue Feb 04 2025 Alberto David Perez Guevara - 24.10-5 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-4 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 24.10-3 +- Bump release to match kernel + +* Thu Jan 30 2025 Rachel Menge - 24.10-2 +- Bump release to match kernel + +* Thu Jan 9 2025 Binu Jose Philip - 24.10-1 +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified + +* Thu Feb 20 2014 Alaa Hleihel +- Initial packaging diff --git a/SPECS/supermin/supermin-azurelinux.patch b/SPECS/supermin/supermin-azurelinux.patch new file mode 100644 index 0000000000..8699ecf93a --- /dev/null +++ b/SPECS/supermin/supermin-azurelinux.patch @@ -0,0 +1,117 @@ +From 5f7c77a7412194dbbe3f0dc846f2a608130eb5b7 Mon Sep 17 00:00:00 2001 +From: Thomas Crain +Date: Wed, 19 Jan 2022 21:36:29 -0800 +Subject: [PATCH] Add Microsoft Azure Linux support to supermin +--- + src/ph_rpm.ml | 18 +++++++++++++++++- + tests/test-harder.sh | 33 +++++++++++++++++++++++++++++++++ + 2 files changed, 50 insertions(+), 1 deletion(-) + +diff --git a/src/ph_rpm.ml b/src/ph_rpm.ml +index 5061d32..389f445 100644 +--- a/src/ph_rpm.ml ++++ b/src/ph_rpm.ml +@@ -67,6 +67,12 @@ let ibm_powerkvm_detect () = + (stat "/etc/ibm_powerkvm-release").st_kind = S_REG + with Unix_error _ -> false + ++let azurelinux_detect () = ++ Config.rpm <> "no" && Config.rpm2cpio <> "no" && rpm_is_available () && ++ Config.dnf <> "no" && ++ Os_release.get_id () = "azurelinux" || ++ try (stat "/etc/azurelinux-release").st_kind = S_REG with Unix_error _ -> false ++ + let settings = ref no_settings + let rpm_major, rpm_minor, rpm_arch = ref 0, ref 0, ref "" + let zypper_major, zypper_minor, zypper_patch = ref 0, ref 0, ref 0 +@@ -462,6 +468,10 @@ and mageia_download_all_packages pkgs dir = + + rpm_unpack tdir dir + ++and azurelinux_download_all_packages pkgs dir = ++ let tdir = !settings.tmpdir // string_random8 () in ++ download_all_packages_with_dnf pkgs dir tdir ++ + and download_all_packages_with_urpmi pkgs dir tdir = + let rpms = List.map rpm_package_name (PackageSet.elements pkgs) in + +@@ -576,4 +586,10 @@ let () = + ph_detect = openmandriva_detect; + ph_download_package = PHDownloadAllPackages openmandriva_download_all_packages; + } in +- register_package_handler "openmandriva" "rpm" openmandriva ++ register_package_handler "openmandriva" "rpm" openmandriva; ++ let azurelinux = { ++ fedora with ++ ph_detect = azurelinux_detect; ++ ph_download_package = PHDownloadAllPackages azurelinux_download_all_packages; ++ } in ++ register_package_handler "azurelinux" "rpm" azurelinux +diff --git a/tests/test-harder.sh b/tests/test-harder.sh +index aceef21..a9ff641 100755 +--- a/tests/test-harder.sh ++++ b/tests/test-harder.sh +@@ -32,6 +32,7 @@ if [ -f /etc/os-release ]; then + opensuse*|sled|sles) distro=suse ;; + ubuntu) distro=debian ;; + openmandriva) distro=openmandriva ;; ++ azurelinux) distro=azurelinux ;; + esac + elif [ -f /etc/arch-release ]; then + distro=arch +@@ -45,6 +46,8 @@ elif [ -f /etc/SuSE-release ]; then + distro=suse + elif [ -f /etc/ibm_powerkvm-release ]; then + distro=ibm-powerkvm ++elif [ -f /etc/azurelinux-release ]; then ++ distro=azurelinux + else + exit 77 + fi +@@ -67,6 +70,9 @@ case $distro in + # installed. (See commit fb40baade8e3441b73ce6fd10a32fbbfe49cc4da) + pkgs="augeas hivex rpm" + ;; ++ azurelinux) ++ pkgs="augeas hivex tar" ++ ;; + redhat) + # Choose tar because it has an epoch > 0 and is commonly + # installed. (See commit fb40baade8e3441b73ce6fd10a32fbbfe49cc4da) +@@ -157,6 +163,33 @@ case $distro in + exit 1 + fi + ;; ++ azurelinux) ++ if [ ! -x $d2/usr/bin/augtool ]; then ++ echo "$0: $distro: augtool binary not installed in chroot" ++ ls -lR $d2 ++ exit 1 ++ fi ++ if [ "$(find $d2/usr/lib* -name libaugeas.so.0 | wc -l)" -lt 1 ]; then ++ echo "$0: $distro: augeas library not installed in chroot" ++ ls -lR $d2 ++ exit 1 ++ fi ++ if [ ! -x $d2/usr/bin/hivexget ]; then ++ echo "$0: $distro: hivexget binary not installed in chroot" ++ ls -lR $d2 ++ exit 1 ++ fi ++ if [ "$(find $d2/usr/lib* -name libhivex.so.0 | wc -l)" -lt 1 ]; then ++ echo "$0: $distro: hivex library not installed in chroot" ++ ls -lR $d2 ++ exit 1 ++ fi ++ if [ ! -x $d2/bin/tar ]; then ++ echo "$0: $distro: tar binary not installed in chroot" ++ ls -lR $d2 ++ exit 1 ++ fi ++ ;; + openmandriva) + if [ ! -x $d2/usr/bin/augtool ]; then + echo "$0: $distro: augtool binary not installed in chroot" +-- +2.34.1 + diff --git a/SPECS/systemd/20-yama-ptrace.conf b/SPECS/systemd/20-yama-ptrace.conf new file mode 100644 index 0000000000..4fbaf97ca6 --- /dev/null +++ b/SPECS/systemd/20-yama-ptrace.conf @@ -0,0 +1,42 @@ +# The ptrace system call is used for interprocess services, +# communication and introspection (like synchronisation, signaling, +# debugging, tracing and profiling) of processes. +# +# Usage of ptrace is restricted by normal user permissions. Normal +# unprivileged processes cannot use ptrace on processes that they +# cannot send signals to or processes that are running set-uid or +# set-gid. Nevertheless, processes running under the same uid will +# usually be able to ptrace one another. +# +# Fedora enables the Yama security mechanism which restricts ptrace +# even further. Sysctl setting kernel.yama.ptrace_scope can have one +# of the following values: +# +# 0 - Normal ptrace security permissions. +# 1 - Restricted ptrace. Only child processes plus normal permissions. +# 2 - Admin-only attach. Only executables with CAP_SYS_PTRACE. +# 3 - No attach. No process may call ptrace at all. Irrevocable. +# +# For more information see Documentation/security/Yama.txt in the +# kernel sources. +# +# The default is 1., which allows tracing of child processes, but +# forbids tracing of arbitrary processes. This allows programs like +# gdb or strace to work when the most common way of having the +# debugger start the debuggee is used: +# gdb /path/to/program ... +# Attaching to already running programs is NOT allowed: +# gdb -p ... +# This default setting is suitable for the common case, because it +# reduces the risk that one hacked process can be used to attack other +# processes. (For example, a hacked firefox process in a user session +# will not be able to ptrace the keyring process and extract passwords +# stored only in memory.) +# +# Developers and administrators might want to disable those protections +# to be able to attach debuggers to existing processes. Use +# sysctl kernel.yama.ptrace_scope=0 +# for change the setting temporarily, or copy this file to +# /etc/sysctl.d/20-yama-ptrace.conf to set it for future boots. + +kernel.yama.ptrace_scope = 0 diff --git a/SPECS/telegraf/CVE-2024-51744.patch b/SPECS/telegraf/CVE-2024-51744.patch new file mode 100644 index 0000000000..ed322a07cf --- /dev/null +++ b/SPECS/telegraf/CVE-2024-51744.patch @@ -0,0 +1,93 @@ +From d579cfcd4359e79a390ac4d166a0affdf3e263d4 Mon Sep 17 00:00:00 2001 +From: Sreenivasulu Malavathula +Date: Wed, 26 Mar 2025 15:37:27 -0500 +Subject: [PATCH] Addressing CVE-2024-51744 +Upstream Patch Reference: https://github.com/golang-jwt/jwt/commit/7b1c1c00a171c6c79bbdb40e4ce7d197060c1c2c + +--- + vendor/github.com/golang-jwt/jwt/v4/parser.go | 41 +++++++++---------- + 1 file changed, 20 insertions(+), 21 deletions(-) + +diff --git a/vendor/github.com/golang-jwt/jwt/v4/parser.go b/vendor/github.com/golang-jwt/jwt/v4/parser.go +index c0a6f692..9dd36e5a 100644 +--- a/vendor/github.com/golang-jwt/jwt/v4/parser.go ++++ b/vendor/github.com/golang-jwt/jwt/v4/parser.go +@@ -36,19 +36,21 @@ func NewParser(options ...ParserOption) *Parser { + return p + } + +-// Parse parses, validates, verifies the signature and returns the parsed token. +-// keyFunc will receive the parsed token and should return the key for validating. ++// Parse parses, validates, verifies the signature and returns the parsed token. keyFunc will ++// receive the parsed token and should return the key for validating. + func (p *Parser) Parse(tokenString string, keyFunc Keyfunc) (*Token, error) { + return p.ParseWithClaims(tokenString, MapClaims{}, keyFunc) + } + +-// ParseWithClaims parses, validates, and verifies like Parse, but supplies a default object implementing the Claims +-// interface. This provides default values which can be overridden and allows a caller to use their own type, rather +-// than the default MapClaims implementation of Claims. ++// ParseWithClaims parses, validates, and verifies like Parse, but supplies a default object ++// implementing the Claims interface. This provides default values which can be overridden and ++// allows a caller to use their own type, rather than the default MapClaims implementation of ++// Claims. + // +-// Note: If you provide a custom claim implementation that embeds one of the standard claims (such as RegisteredClaims), +-// make sure that a) you either embed a non-pointer version of the claims or b) if you are using a pointer, allocate the +-// proper memory for it before passing in the overall claims, otherwise you might run into a panic. ++// Note: If you provide a custom claim implementation that embeds one of the standard claims (such ++// as RegisteredClaims), make sure that a) you either embed a non-pointer version of the claims or ++// b) if you are using a pointer, allocate the proper memory for it before passing in the overall ++// claims, otherwise you might run into a panic. + func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyfunc) (*Token, error) { + token, parts, err := p.ParseUnverified(tokenString, claims) + if err != nil { +@@ -85,12 +87,17 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf + return token, &ValidationError{Inner: err, Errors: ValidationErrorUnverifiable} + } + ++ // Perform validation ++ token.Signature = parts[2] ++ if err := token.Method.Verify(strings.Join(parts[0:2], "."), token.Signature, key); err != nil { ++ return token, &ValidationError{Inner: err, Errors: ValidationErrorSignatureInvalid} ++ } ++ + vErr := &ValidationError{} + + // Validate Claims + if !p.SkipClaimsValidation { + if err := token.Claims.Valid(); err != nil { +- + // If the Claims Valid returned an error, check if it is a validation error, + // If it was another error type, create a ValidationError with a generic ClaimsInvalid flag set + if e, ok := err.(*ValidationError); !ok { +@@ -98,22 +105,14 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf + } else { + vErr = e + } ++ return token, vErr + } + } + +- // Perform validation +- token.Signature = parts[2] +- if err = token.Method.Verify(strings.Join(parts[0:2], "."), token.Signature, key); err != nil { +- vErr.Inner = err +- vErr.Errors |= ValidationErrorSignatureInvalid +- } +- +- if vErr.valid() { +- token.Valid = true +- return token, nil +- } ++ // No errors so far, token is valid. ++ token.Valid = true + +- return token, vErr ++ return token, nil + } + + // ParseUnverified parses the token but doesn't validate the signature. +-- +2.45.2 + diff --git a/SPECS/telegraf/CVE-2025-22868.patch b/SPECS/telegraf/CVE-2025-22868.patch new file mode 100644 index 0000000000..c4f136f3ca --- /dev/null +++ b/SPECS/telegraf/CVE-2025-22868.patch @@ -0,0 +1,38 @@ +From 681b4d8edca1bcfea5bce685d77ea7b82ed3e7b3 Mon Sep 17 00:00:00 2001 +From: Neal Patel +Date: Thu, 30 Jan 2025 14:10:09 -0500 +Subject: [PATCH] jws: split token into fixed number of parts + +Thanks to 'jub0bs' for reporting this issue. + +Fixes #71490 +Fixes CVE-2025-22868 + +Change-Id: I2552731f46d4907f29aafe7863c558387b6bd6e2 +Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/652155 +Auto-Submit: Gopher Robot +Reviewed-by: Damien Neil +Reviewed-by: Roland Shoemaker +LUCI-TryBot-Result: Go LUCI +--- + vendor/golang.org/x/oauth2/jws/jws.go | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/vendor/golang.org/x/oauth2/jws/jws.go b/vendor/golang.org/x/oauth2/jws/jws.go +index 95015648b..6f03a49d3 100644 +--- a/vendor/golang.org/x/oauth2/jws/jws.go ++++ b/vendor/golang.org/x/oauth2/jws/jws.go +@@ -165,11 +165,11 @@ func Encode(header *Header, c *ClaimSet, key *rsa.PrivateKey) (string, error) { + // Verify tests whether the provided JWT token's signature was produced by the private key + // associated with the supplied public key. + func Verify(token string, key *rsa.PublicKey) error { +- parts := strings.Split(token, ".") +- if len(parts) != 3 { ++ if strings.Count(token, ".") != 2 { + return errors.New("jws: invalid token received, token must have 3 parts") + } + ++ parts := strings.SplitN(token, ".", 3) + signedContent := parts[0] + "." + parts[1] + signatureString, err := base64.RawURLEncoding.DecodeString(parts[2]) + if err != nil { diff --git a/SPECS/telegraf/CVE-2025-22869.patch b/SPECS/telegraf/CVE-2025-22869.patch new file mode 100644 index 0000000000..c0415fddb0 --- /dev/null +++ b/SPECS/telegraf/CVE-2025-22869.patch @@ -0,0 +1,140 @@ +From 041b89a18f81265899e42e6801f830c101a96120 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Sun, 2 Mar 2025 13:46:00 +0000 +Subject: [PATCH] CVE-2025-22869 + +Upstream Reference : https://github.com/golang/crypto/commit/7292932d45d55c7199324ab0027cc86e8198aa22 + +ssh: limit the size of the internal packet queue while waiting for KEX + +In the SSH protocol, clients and servers execute the key exchange to +generate one-time session keys used for encryption and authentication. +The key exchange is performed initially after the connection is +established and then periodically after a configurable amount of data. +While a key exchange is in progress, we add the received packets to an +internal queue until we receive SSH_MSG_KEXINIT from the other side. +This can result in high memory usage if the other party is slow to +respond to the SSH_MSG_KEXINIT packet, or memory exhaustion if a +malicious client never responds to an SSH_MSG_KEXINIT packet during a +large file transfer. +We now limit the internal queue to 64 packets: this means 2MB with the +typical 32KB packet size. +When the internal queue is full we block further writes until the +pending key exchange is completed or there is a read or write error. + +Thanks to Yuichi Watanabe for reporting this issue. + +Change-Id: I1ce2214cc16e08b838d4bc346c74c72addafaeec +Reviewed-on: https://go-review.googlesource.com/c/crypto/+/652135 +Reviewed-by: Neal Patel +Auto-Submit: Gopher Robot +Reviewed-by: Roland Shoemaker +LUCI-TryBot-Result: Go LUCI + +--- + vendor/golang.org/x/crypto/ssh/handshake.go | 47 ++++++++++++++++----- + 1 file changed, 37 insertions(+), 10 deletions(-) + +diff --git a/vendor/golang.org/x/crypto/ssh/handshake.go b/vendor/golang.org/x/crypto/ssh/handshake.go +index 70a7369..e14eb6c 100644 +--- a/vendor/golang.org/x/crypto/ssh/handshake.go ++++ b/vendor/golang.org/x/crypto/ssh/handshake.go +@@ -24,6 +24,11 @@ const debugHandshake = false + // quickly. + const chanSize = 16 + ++// maxPendingPackets sets the maximum number of packets to queue while waiting ++// for KEX to complete. This limits the total pending data to maxPendingPackets ++// * maxPacket bytes, which is ~16.8MB. ++const maxPendingPackets = 64 ++ + // keyingTransport is a packet based transport that supports key + // changes. It need not be thread-safe. It should pass through + // msgNewKeys in both directions. +@@ -58,11 +63,19 @@ type handshakeTransport struct { + incoming chan []byte + readError error + +- mu sync.Mutex +- writeError error +- sentInitPacket []byte +- sentInitMsg *kexInitMsg +- pendingPackets [][]byte // Used when a key exchange is in progress. ++ mu sync.Mutex ++ // Condition for the above mutex. It is used to notify a completed key ++ // exchange or a write failure. Writes can wait for this condition while a ++ // key exchange is in progress. ++ writeCond *sync.Cond ++ writeError error ++ sentInitPacket []byte ++ sentInitMsg *kexInitMsg ++ // Used to queue writes when a key exchange is in progress. The length is ++ // limited by pendingPacketsSize. Once full, writes will block until the key ++ // exchange is completed or an error occurs. If not empty, it is emptied ++ // all at once when the key exchange is completed in kexLoop. ++ pendingPackets [][]byte + writePacketsLeft uint32 + writeBytesLeft int64 + +@@ -114,6 +127,7 @@ func newHandshakeTransport(conn keyingTransport, config *Config, clientVersion, + + config: config, + } ++ t.writeCond = sync.NewCond(&t.mu) + t.resetReadThresholds() + t.resetWriteThresholds() + +@@ -236,6 +250,7 @@ func (t *handshakeTransport) recordWriteError(err error) { + defer t.mu.Unlock() + if t.writeError == nil && err != nil { + t.writeError = err ++ t.writeCond.Broadcast() + } + } + +@@ -339,6 +354,8 @@ write: + } + } + t.pendingPackets = t.pendingPackets[:0] ++ // Unblock writePacket if waiting for KEX. ++ t.writeCond.Broadcast() + t.mu.Unlock() + } + +@@ -526,11 +543,20 @@ func (t *handshakeTransport) writePacket(p []byte) error { + } + + if t.sentInitMsg != nil { +- // Copy the packet so the writer can reuse the buffer. +- cp := make([]byte, len(p)) +- copy(cp, p) +- t.pendingPackets = append(t.pendingPackets, cp) +- return nil ++ if len(t.pendingPackets) < maxPendingPackets { ++ // Copy the packet so the writer can reuse the buffer. ++ cp := make([]byte, len(p)) ++ copy(cp, p) ++ t.pendingPackets = append(t.pendingPackets, cp) ++ return nil ++ } ++ for t.sentInitMsg != nil { ++ // Block and wait for KEX to complete or an error. ++ t.writeCond.Wait() ++ if t.writeError != nil { ++ return t.writeError ++ } ++ } + } + + if t.writeBytesLeft > 0 { +@@ -547,6 +573,7 @@ func (t *handshakeTransport) writePacket(p []byte) error { + + if err := t.pushPacket(p); err != nil { + t.writeError = err ++ t.writeCond.Broadcast() + } + + return nil +-- +2.45.2 + diff --git a/SPECS/telegraf/CVE-2025-22870.patch b/SPECS/telegraf/CVE-2025-22870.patch new file mode 100644 index 0000000000..0e4678bd0e --- /dev/null +++ b/SPECS/telegraf/CVE-2025-22870.patch @@ -0,0 +1,48 @@ +From 02f7d1db9057c5a70b3267d2b5288f98035c5a64 Mon Sep 17 00:00:00 2001 +From: Sreenivasulu Malavathula +Date: Wed, 26 Mar 2025 15:29:29 -0500 +Subject: [PATCH] Addressing CVE-2025-22870 +Upstream Patch Reference: https://github.com/golang/go/commit/25177ecde0922c50753c043579d17828b7ee88e7 + +--- + vendor/golang.org/x/net/http/httpproxy/proxy.go | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/vendor/golang.org/x/net/http/httpproxy/proxy.go b/vendor/golang.org/x/net/http/httpproxy/proxy.go +index 6404aaf1..d89c257a 100644 +--- a/vendor/golang.org/x/net/http/httpproxy/proxy.go ++++ b/vendor/golang.org/x/net/http/httpproxy/proxy.go +@@ -14,6 +14,7 @@ import ( + "errors" + "fmt" + "net" ++ "net/netip" + "net/url" + "os" + "strings" +@@ -177,8 +178,10 @@ func (cfg *config) useProxy(addr string) bool { + if host == "localhost" { + return false + } +- ip := net.ParseIP(host) +- if ip != nil { ++ nip, err := netip.ParseAddr(host) ++ var ip net.IP ++ if err == nil { ++ ip = net.IP(nip.AsSlice()) + if ip.IsLoopback() { + return false + } +@@ -360,6 +363,9 @@ type domainMatch struct { + } + + func (m domainMatch) match(host, port string, ip net.IP) bool { ++ if ip != nil { ++ return false ++ } + if strings.HasSuffix(host, m.host) || (m.matchHost && host == m.host[1:]) { + return m.port == "" || m.port == port + } +-- +2.45.2 + diff --git a/SPECS/telegraf/CVE-2025-30204.patch b/SPECS/telegraf/CVE-2025-30204.patch new file mode 100644 index 0000000000..6eb7de916b --- /dev/null +++ b/SPECS/telegraf/CVE-2025-30204.patch @@ -0,0 +1,134 @@ +From 84c7f3d0b9dccb4a20d0ad4de10896d40344ba26 Mon Sep 17 00:00:00 2001 +From: Kanishk-Bansal +Date: Fri, 28 Mar 2025 20:43:26 +0000 +Subject: [PATCH] CVE-2025-30204 +Upstream Patch Reference : +v4 : https://github.com/golang-jwt/jwt/commit/2f0e9add62078527821828c76865661aa7718a84 +v5 : https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3 +--- + github.com/golang-jwt/jwt/v4/parser.go | 36 +++++++++++++++++++++++--- + github.com/golang-jwt/jwt/v5/parser.go | 36 +++++++++++++++++++++++--- + 2 files changed, 66 insertions(+), 6 deletions(-) + +diff --git a/vendor/github.com/golang-jwt/jwt/v4/parser.go b/vendor/github.com/golang-jwt/jwt/v4/parser.go +index c0a6f69..8e7e67c 100644 +--- a/vendor/github.com/golang-jwt/jwt/v4/parser.go ++++ b/vendor/github.com/golang-jwt/jwt/v4/parser.go +@@ -7,6 +7,8 @@ import ( + "strings" + ) + ++const tokenDelimiter = "." ++ + type Parser struct { + // If populated, only these methods will be considered valid. + // +@@ -123,9 +125,10 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf + // It's only ever useful in cases where you know the signature is valid (because it has + // been checked previously in the stack) and you want to extract values from it. + func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { +- parts = strings.Split(tokenString, ".") +- if len(parts) != 3 { +- return nil, parts, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) ++ var ok bool ++ parts, ok = splitToken(tokenString) ++ if !ok { ++ return nil, nil, NewValidationError("token contains an invalid number of segments", ValidationErrorMalformed) + } + + token = &Token{Raw: tokenString} +@@ -175,3 +178,30 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke + + return token, parts, nil + } ++ ++// splitToken splits a token string into three parts: header, claims, and signature. It will only ++// return true if the token contains exactly two delimiters and three parts. In all other cases, it ++// will return nil parts and false. ++func splitToken(token string) ([]string, bool) { ++ parts := make([]string, 3) ++ header, remain, ok := strings.Cut(token, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[0] = header ++ claims, remain, ok := strings.Cut(remain, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[1] = claims ++ // One more cut to ensure the signature is the last part of the token and there are no more ++ // delimiters. This avoids an issue where malicious input could contain additional delimiters ++ // causing unecessary overhead parsing tokens. ++ signature, _, unexpected := strings.Cut(remain, tokenDelimiter) ++ if unexpected { ++ return nil, false ++ } ++ parts[2] = signature ++ ++ return parts, true ++} +diff --git a/vendor/github.com/golang-jwt/jwt/v5/parser.go b/vendor/github.com/golang-jwt/jwt/v5/parser.go +index ecf99af..054c7eb 100644 +--- a/vendor/github.com/golang-jwt/jwt/v5/parser.go ++++ b/vendor/github.com/golang-jwt/jwt/v5/parser.go +@@ -8,6 +8,8 @@ import ( + "strings" + ) + ++const tokenDelimiter = "." ++ + type Parser struct { + // If populated, only these methods will be considered valid. + validMethods []string +@@ -136,9 +138,10 @@ func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyf + // It's only ever useful in cases where you know the signature is valid (since it has already + // been or will be checked elsewhere in the stack) and you want to extract values from it. + func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Token, parts []string, err error) { +- parts = strings.Split(tokenString, ".") +- if len(parts) != 3 { +- return nil, parts, newError("token contains an invalid number of segments", ErrTokenMalformed) ++ var ok bool ++ parts, ok = splitToken(tokenString) ++ if !ok { ++ return nil, nil, newError("token contains an invalid number of segments", ErrTokenMalformed) + } + + token = &Token{Raw: tokenString} +@@ -196,6 +199,33 @@ func (p *Parser) ParseUnverified(tokenString string, claims Claims) (token *Toke + return token, parts, nil + } + ++// splitToken splits a token string into three parts: header, claims, and signature. It will only ++// return true if the token contains exactly two delimiters and three parts. In all other cases, it ++// will return nil parts and false. ++func splitToken(token string) ([]string, bool) { ++ parts := make([]string, 3) ++ header, remain, ok := strings.Cut(token, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[0] = header ++ claims, remain, ok := strings.Cut(remain, tokenDelimiter) ++ if !ok { ++ return nil, false ++ } ++ parts[1] = claims ++ // One more cut to ensure the signature is the last part of the token and there are no more ++ // delimiters. This avoids an issue where malicious input could contain additional delimiters ++ // causing unecessary overhead parsing tokens. ++ signature, _, unexpected := strings.Cut(remain, tokenDelimiter) ++ if unexpected { ++ return nil, false ++ } ++ parts[2] = signature ++ ++ return parts, true ++} ++ + // DecodeSegment decodes a JWT specific base64url encoding. This function will + // take into account whether the [Parser] is configured with additional options, + // such as [WithStrictDecoding] or [WithPaddingAllowed]. +-- +2.45.2 + diff --git a/SPECS/telegraf/telegraf.spec b/SPECS/telegraf/telegraf.spec index 44a87941b7..7379b01782 100644 --- a/SPECS/telegraf/telegraf.spec +++ b/SPECS/telegraf/telegraf.spec @@ -1,7 +1,7 @@ Summary: agent for collecting, processing, aggregating, and writing metrics. Name: telegraf Version: 1.31.0 -Release: 20%{?dist} +Release: 21%{?dist} License: MIT Vendor: Intel Corporation Distribution: Edge Microvisor Toolkit @@ -15,6 +15,11 @@ Source3: telegraf.fc Patch0: CVE-2024-37298.patch Patch1: CVE-2024-45337.patch Patch2: CVE-2024-45338.patch +Patch3: CVE-2025-22868.patch +Patch4: CVE-2025-22869.patch +Patch5: CVE-2025-22870.patch +Patch6: CVE-2024-51744.patch +Patch7: CVE-2025-30204.patch BuildRequires: golang BuildRequires: systemd-devel Requires: logrotate @@ -122,6 +127,12 @@ fi %selinux_modules_uninstall -s %{selinuxtype} %{modulename} %changelog +* Thu Apr 28 2025 Ranjan Dutta - 1.31.0-21 +- merge from Azure Linux tag 3.0.20250423-3.0 +- Patch CVE-2025-30204 +- Fix CVE-2025-22870, CVE-2024-51744 with an upstream patch +- Patch CVE-2025-22868, CVE-2025-22869 + * Fri Mar 21 2025 Anuj Mittal - 1.31.0-20 - Bump Release to rebuild diff --git a/SPECS/tzdata/tzdata.signatures.json b/SPECS/tzdata/tzdata.signatures.json index e51cc8e086..b420424bae 100644 --- a/SPECS/tzdata/tzdata.signatures.json +++ b/SPECS/tzdata/tzdata.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "tzdata2024a.tar.gz": "0d0434459acbd2059a7a8da1f3304a84a86591f6ed69c6248fffa502b6edffe3" + "tzdata2025a.tar.gz": "4d5fcbc72c7c450ebfe0b659bd0f1c02fbf52fd7f517a9ea13fe71c21eb5f0d0" } -} \ No newline at end of file +} diff --git a/SPECS/tzdata/tzdata.spec b/SPECS/tzdata/tzdata.spec index c9850489d5..6b30ea768e 100644 --- a/SPECS/tzdata/tzdata.spec +++ b/SPECS/tzdata/tzdata.spec @@ -1,6 +1,6 @@ Summary: Time zone data Name: tzdata -Version: 2024a +Version: 2025a Release: 1%{?dist} License: Public Domain Vendor: Microsoft Corporation @@ -45,6 +45,9 @@ ln -svf %{_datarootdir}/zoneinfo/UTC %{buildroot}%{_sysconfdir}/localtime %{_datadir}/* %changelog +* Sat Jan 18 2025 CBL-Mariner Servicing Account - 2025a-1 +- Auto-upgrade to 2025a - upgrade to version 2025a + * Fri Feb 23 2024 CBL-Mariner Servicing Account - 2024a-1 - Auto-upgrade to 2024a - Azure Linux 3.0 Upgrades diff --git a/SPECS/vim/vim.signatures.json b/SPECS/vim/vim.signatures.json index 10422af576..b4386cf852 100644 --- a/SPECS/vim/vim.signatures.json +++ b/SPECS/vim/vim.signatures.json @@ -1,6 +1,6 @@ { "Signatures": { "macros.vim": "98d2e285e93e339defc13ef1dc4fa76f24e3fca6282e4196a3dae45de778eab8", - "vim-9.1.1164.tar.gz": "101526fa580d015edc5b5fb059d8b396cd8b05c29b0ec9ceb2a8763083293979" + "vim-9.1.1198.tar.gz": "ce85c04b1b1dc1258635d4887d84681aa6b637b0ca15364898d9b27e2a747057" } } diff --git a/SPECS/vim/vim.spec b/SPECS/vim/vim.spec index ae025a2f8f..98a1d984d1 100644 --- a/SPECS/vim/vim.spec +++ b/SPECS/vim/vim.spec @@ -1,7 +1,7 @@ %define debug_package %{nil} Summary: Text editor Name: vim -Version: 9.1.1164 +Version: 9.1.1198 Release: 1%{?dist} License: Vim Vendor: Microsoft Corporation @@ -221,6 +221,9 @@ fi %{_rpmconfigdir}/macros.d/macros.vim %changelog +* Mon Mar 17 2025 CBL-Mariner Servicing Account - 9.1.1198-1 +- Auto-upgrade to 9.1.1198 - for CVE-2025-29768 + * Wed Mar 05 2025 CBL-Mariner Servicing Account - 9.1.1164-1 - Auto-upgrade to 9.1.1164 - for CVE-2025-27423 - Remove previously applied patches diff --git a/SPECS/vitess/CVE-2025-22868.patch b/SPECS/vitess/CVE-2025-22868.patch new file mode 100644 index 0000000000..c4f136f3ca --- /dev/null +++ b/SPECS/vitess/CVE-2025-22868.patch @@ -0,0 +1,38 @@ +From 681b4d8edca1bcfea5bce685d77ea7b82ed3e7b3 Mon Sep 17 00:00:00 2001 +From: Neal Patel +Date: Thu, 30 Jan 2025 14:10:09 -0500 +Subject: [PATCH] jws: split token into fixed number of parts + +Thanks to 'jub0bs' for reporting this issue. + +Fixes #71490 +Fixes CVE-2025-22868 + +Change-Id: I2552731f46d4907f29aafe7863c558387b6bd6e2 +Reviewed-on: https://go-review.googlesource.com/c/oauth2/+/652155 +Auto-Submit: Gopher Robot +Reviewed-by: Damien Neil +Reviewed-by: Roland Shoemaker +LUCI-TryBot-Result: Go LUCI +--- + vendor/golang.org/x/oauth2/jws/jws.go | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/vendor/golang.org/x/oauth2/jws/jws.go b/vendor/golang.org/x/oauth2/jws/jws.go +index 95015648b..6f03a49d3 100644 +--- a/vendor/golang.org/x/oauth2/jws/jws.go ++++ b/vendor/golang.org/x/oauth2/jws/jws.go +@@ -165,11 +165,11 @@ func Encode(header *Header, c *ClaimSet, key *rsa.PrivateKey) (string, error) { + // Verify tests whether the provided JWT token's signature was produced by the private key + // associated with the supplied public key. + func Verify(token string, key *rsa.PublicKey) error { +- parts := strings.Split(token, ".") +- if len(parts) != 3 { ++ if strings.Count(token, ".") != 2 { + return errors.New("jws: invalid token received, token must have 3 parts") + } + ++ parts := strings.SplitN(token, ".", 3) + signedContent := parts[0] + "." + parts[1] + signatureString, err := base64.RawURLEncoding.DecodeString(parts[2]) + if err != nil { diff --git a/SPECS/vitess/vitess.spec b/SPECS/vitess/vitess.spec index 2b12a21a7f..55094c9203 100644 --- a/SPECS/vitess/vitess.spec +++ b/SPECS/vitess/vitess.spec @@ -3,7 +3,7 @@ Name: vitess Version: 19.0.4 -Release: 5%{?dist} +Release: 6%{?dist} Summary: Database clustering system for horizontal scaling of MySQL # Upstream license specification: MIT and Apache-2.0 License: MIT and ASL 2.0 @@ -27,7 +27,8 @@ Source0: %{name}-%{version}.tar.gz # Source1: %{name}-%{version}-vendor.tar.gz Patch0: CVE-2017-14623.patch -Patch1: CVE-2024-45339.patch +Patch1: CVE-2024-45339.patch +Patch2: CVE-2025-22868.patch BuildRequires: golang < 1.23 %description @@ -105,6 +106,10 @@ go check -t go/cmd \ %{_bindir}/* %changelog +* Fri Apr 28 2025 Ranjan Dutta -19.0.4-6 +- merge from Azure Linux tag 3.0.20250423-3.0 +- Fix CVE-2025-22868 with an upstream patch + * Fri Mar 21 2025 Anuj Mittal - 19.0.4-5 - Bump Release to rebuild diff --git a/SPECS/wget/wget.spec b/SPECS/wget/wget.spec index 5c50317c4c..4b4a5eb401 100644 --- a/SPECS/wget/wget.spec +++ b/SPECS/wget/wget.spec @@ -3,7 +3,7 @@ Summary: An advanced file and recursive website downloader Name: wget Version: 2.1.0 -Release: 5%{?dist} +Release: 6%{?dist} License: GPL-3.0-or-later AND LGPL-3.0-or-later AND GFDL-1.3-or-later URL: https://gitlab.com/gnuwget/wget2 Group: System Environment/NetworkingPrograms @@ -56,6 +56,10 @@ BuildRequires: tar BuildRequires: texinfo %if 0%{?with_check} BuildRequires: perl +# wget test fails to find libwget.so.2, this BuildRequires fixes the issue +# Due to azl using hydrated builds for testing, the circular dependency is OK +# for testing +BuildRequires: %{name}-libs%{?_isa} = %{version}-%{release} %endif Provides: webclient @@ -137,6 +141,8 @@ echo ".so man1/%{name}.1" > %{buildroot}%{_mandir}/man1/wget.1 %{_fixperms} %{buildroot}/* +%check +%make_build check %files -f %{name}2.lang %defattr(-,root,root) @@ -157,6 +163,9 @@ echo ".so man1/%{name}.1" > %{buildroot}%{_mandir}/man1/wget.1 %{_mandir}/man3/libwget*.3* %changelog +* Mon Feb 24 2025 Sam Meluch - 2.1.0-6 +- Add %check section from Fedora upstream. + * Mon Sep 23 2024 Tobias Brick - 2.1.0-5 - Align fix for SSL read and write error check with upstream. diff --git a/SPECS/xpmem-lib/xpmem-lib.signatures.json b/SPECS/xpmem-lib/xpmem-lib.signatures.json new file mode 100644 index 0000000000..c2fe3accad --- /dev/null +++ b/SPECS/xpmem-lib/xpmem-lib.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "xpmem-lib-2.7.tar.gz": "0f3666d0e0a32be87cf625bc56b18bf3384b0068d3914e16c3e8808311319281" + } +} \ No newline at end of file diff --git a/SPECS/xpmem-lib/xpmem-lib.spec b/SPECS/xpmem-lib/xpmem-lib.spec new file mode 100644 index 0000000000..ab962c9e8b --- /dev/null +++ b/SPECS/xpmem-lib/xpmem-lib.spec @@ -0,0 +1,88 @@ +#define buildforkernels newest +#define buildforkernels current +#define buildforkernels akmod + +Summary: XPMEM: Cross-partition memory +Name: xpmem-lib +Version: 2.7 +Release: 1%{?dist} +License: GPLv2 +Group: System Environment/Libraries +Vendor: Microsoft Corporation +Distribution: Azure Linux +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/24.10-0.7.0.0/SRPMS/xpmem-lib-2.7.tar.gz#/%{name}-%{version}.tar.gz +ExclusiveArch: x86_64 + +BuildRequires: automake +BuildRequires: autoconf +BuildRequires: libtool +BuildRequires: pkg-config + +%{!?make_build: %global make_build %{__make} %{?_smp_mflags} %{?mflags} V=1} +%{!?run_ldconfig: %global run_ldconfig %{?ldconfig}} + +%description +XPMEM is a Linux kernel module that enables a process to map the +memory of another process into its virtual address space. Source code +can be obtained by cloning the Git repository, original Mercurial +repository or by downloading a tarball from the link above. + +%package -n libxpmem +Summary: XPMEM: user-space library + +%description -n libxpmem +XPMEM is a Linux kernel module that enables a process to map the +memory of another process into its virtual address space. Source code +can be obtained by cloning the Git repository, original Mercurial +repository or by downloading a tarball from the link above. + +This package contains the user-space library needed to interface with XPMEM. + +%package -n libxpmem-devel +Summary: XPMEM: user-space library headers +Group: System Environment/Libraries +Requires: libxpmem%{?_isa} = %{version}-%{release} + +%description -n libxpmem-devel +XPMEM is a Linux kernel module that enables a process to map the +memory of another process into its virtual address space. Source code +can be obtained by cloning the Git repository, original Mercurial +repository or by downloading a tarball from the link above. + +This package contains the development headers for the user-space library +needed to interface with XPMEM. + +%prep +%setup + +%build +%configure --disable-kernel-module +%make_build + +%install +%make_install +rm -rf ${RPM_BUILD_ROOT}/etc # /etc/.version , udev rules + +%post -n libxpmem +%if 0%{?fedora} || 0%{?rhel} > 7 +# https://fedoraproject.org/wiki/Changes/Removing_ldconfig_scriptlets +%else +%{run_ldconfig} +%endif + +%files -n libxpmem +%doc README AUTHORS +%license COPYING COPYING.LESSER +%{_libdir}/libxpmem.so.* + +%files -n libxpmem-devel +%{_includedir}/xpmem.h +%{_libdir}/libxpmem.a +%{_libdir}/libxpmem.la +%{_libdir}/libxpmem.so +%{_libdir}/pkgconfig/cray-xpmem.pc + +%changelog +* Tue Dec 17 2024 Binu Jose Philip +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified diff --git a/SPECS/xpmem/xpmem.signatures.json b/SPECS/xpmem/xpmem.signatures.json new file mode 100644 index 0000000000..06aa62d82f --- /dev/null +++ b/SPECS/xpmem/xpmem.signatures.json @@ -0,0 +1,5 @@ +{ + "Signatures": { + "xpmem-2.7.4.tar.gz": "499fcb6d9206e433c14250d91599636ae753eb6172bb8aea30ca0a4a2e351128" + } +} \ No newline at end of file diff --git a/SPECS/xpmem/xpmem.spec b/SPECS/xpmem/xpmem.spec new file mode 100644 index 0000000000..228ef4fbc7 --- /dev/null +++ b/SPECS/xpmem/xpmem.spec @@ -0,0 +1,288 @@ +%{!?KMP: %global KMP 0} + +%global last-known-kernel 6.6.82.1-1 + +%if 0%{emt} +%global target_kernel_version_full %(/bin/rpm -q --queryformat '%{VERSION}-%{RELEASE}' kernel-headers) +%else +%global target_kernel_version_full f.a.k.e +%endif + +%global KVERSION %{target_kernel_version_full} +%global K_SRC /lib/modules/%{target_kernel_version_full}/build + +# %{!?KVERSION: %global KVERSION %(uname -r)} +%{!?KVERSION: %global KVERSION %{target_kernel_version_full}} +%global kernel_version %{KVERSION} +%global krelver %(echo -n %{KVERSION} | sed -e 's/-/_/g') +%{!?K_SRC: %global K_SRC /lib/modules/%{KVERSION}/build} +# A separate variable _release is required because of the odd way the +# script append_number_to_package_release.sh works: +%global _release 1.2410068 + +%bcond_with kernel_only + +%if %{with kernel_only} +%undefine _debugsource_packages +%global debug_package %{nil} +%global make_kernel_only SUBDIRS=kernel +%else +%global make_kernel_only %{nil} +%endif + +%define need_firmware_dir 0%{?euleros} > 0 + +%if "%_vendor" == "openEuler" +%global __find_requires %{nil} +%endif + +Summary: Cross-partition memory +Name: xpmem +Version: 2.7.4 +Release: 13%{?dist} +License: GPLv2 and LGPLv2.1 +Group: System Environment/Libraries +Vendor: Microsoft Corporation +Distribution: Azure Linux +BuildRequires: automake autoconf +URL: https://github.com/openucx/xpmem +Source0: https://linux.mellanox.com/public/repo/mlnx_ofed/24.10-0.7.0.0/SRPMS/xpmem-2.7.4.tar.gz#/%{name}-%{version}.tar.gz +ExclusiveArch: x86_64 + +# name gets a different value in subpackages +%global _name %{name} +%global _kmp_rel %{release}%{?_kmp_build_num}%{?_dist} +# Required for e.g. SLES12: +%if %{undefined make_build} +%global make_build %{__make} %{?_smp_mflags} +%endif + +# Ugly workaround until anolis kmod package stops requiring +# 'kernel(' dependencies its kernel package does not provide. +# This uses the __find_provides from /usr/lib/rpm/redhat/macros +# rather than the one from /usr/lib/rpm/macros.d/macros.kmp +%if 0%{?anolis} > 0 +%{?filter_setup} +%endif + +BuildRequires: gcc +BuildRequires: make +BuildRequires: kernel-devel = %{target_kernel_version_full} +BuildRequires: kernel-headers = %{target_kernel_version_full} +BuildRequires: binutils +BuildRequires: systemd +BuildRequires: kmod +BuildRequires: mlnx-ofa_kernel-devel +BuildRequires: mlnx-ofa_kernel-source + +Requires: mlnx-ofa_kernel +Requires: mlnx-ofa_kernel-modules +Requires: kernel = %{target_kernel_version_full} +Requires: kmod + + +%description +XPMEM is a Linux kernel module that enables a process to map the +memory of another process into its virtual address space. Source code +can be obtained by cloning the Git repository, original Mercurial +repository or by downloading a tarball from the link above. + +This package includes helper tools for the kernel module. + +%if ! %{with kernel_only} +%package -n libxpmem +Summary: XPMEM: Userspace library +%description -n libxpmem +XPMEM is a Linux kernel module that enables a process to map the +memory of another process into its virtual address space. Source code +can be obtained by cloning the Git repository, original Mercurial +repository or by downloading a tarball from the link above. + + +%package -n libxpmem-devel +Summary: XPMEM: userspace library development headers +%description -n libxpmem-devel +XPMEM is a Linux kernel module that enables a process to map the +memory of another process into its virtual address space. Source code +can be obtained by cloning the Git repository, original Mercurial +repository or by downloading a tarball from the link above. + +This package includes development headers. +%endif + +# build KMP rpms? +%if "%{KMP}" == "1" +%global kernel_release() $(make -C %{1} M=$PWD kernelrelease | grep -v make) +BuildRequires: %kernel_module_package_buildreqs +%(cat > %{_builddir}/preamble << EOF +EOF) +%{kernel_module_package -r %{_kmp_rel} -p %{_builddir}/preamble} +%else # not KMP +%global kernel_source() %{K_SRC} +%global kernel_release() %{KVERSION} +%global flavors_to_build default + +%package modules +# %{nil}: to avoid having the script that build OFED-internal +# munge the release version here as well: +Release: 13%{?dist} +Summary: XPMEM: kernel modules +Group: System Environment/Libraries +%description modules +XPMEM is a Linux kernel module that enables a process to map the +memory of another process into its virtual address space. Source code +can be obtained by cloning the Git repository, original Mercurial +repository or by downloading a tarball from the link above. + +This package includes the kernel module (non KMP version). +%endif #end if "%{KMP}" == "1" + +# +# setup module sign scripts if paths to the keys are given +# +%global WITH_MOD_SIGN %(if ( test -f "$MODULE_SIGN_PRIV_KEY" && test -f "$MODULE_SIGN_PUB_KEY" ); \ + then \ + echo -n '1'; \ + else \ + echo -n '0'; fi) + +%if "%{WITH_MOD_SIGN}" == "1" +# call module sign script +%global __modsign_install_post \ + $RPM_BUILD_DIR/xpmem-%{version}/tools/sign-modules $RPM_BUILD_ROOT/lib/modules/ %{kernel_source default} || exit 1 \ +%{nil} + +# Disgusting hack alert! We need to ensure we sign modules *after* all +# invocations of strip occur, which is in __debug_install_post if +# find-debuginfo.sh runs, and __os_install_post if not. +# +%define __spec_install_post \ + %{?__debug_package:%{__debug_install_post}} \ + %{__arch_install_post} \ + %{__os_install_post} \ + %{__modsign_install_post} \ +%{nil} + +%endif # end of setup module sign scripts +# + +%if 0%{?rhel} > 0 || 0%{?euleros} >= 2 +%global install_mod_dir extra/%{_name} +%endif + +%{!?install_mod_dir: %global install_mod_dir updates} + +%global moduledir /lib/modules/%{KVERSION}/%{install_mod_dir} + +%prep +%setup -q + +%build +env= +if [ "$CROSS_COMPILE" != '' ]; then + env="$env CC=${CROSS_COMPILE}gcc" +fi +./autogen.sh +%{configure} \ + --with-module-prefix= \ + --with-kerneldir=%{K_SRC} \ + $env \ + # +%{make_build} %{make_kernel_only} + +%install +%{make_install} moduledir=%{moduledir} %{make_kernel_only} +rm -rf $RPM_BUILD_ROOT/%{_libdir}/libxpmem.la +rm -rf $RPM_BUILD_ROOT/etc/init.d/xpmem +mkdir -p $RPM_BUILD_ROOT%{_prefix}/lib/modules-load.d +echo "xpmem" >$RPM_BUILD_ROOT%{_prefix}/lib/modules-load.d/xpmem.conf +%if %{with kernel_only} +rm -f $RPM_BUILD_ROOT/usr/lib*/pkgconfig/cray-xpmem.pc +%endif +%if %{need_firmware_dir} +mkdir -p $RPM_BUILD_ROOT/lib/firmware +%endif + +%clean +rm -rf $RPM_BUILD_ROOT + +%if ! %{with kernel_only} +%post -n libxpmem -p /sbin/ldconfig +%postun -n libxpmem -p /sbin/ldconfig +%endif + +%postun +if [ "$1" = 0 ]; then + if lsmod | grep -qw xpmem; then + # If the module fails to unload, give an error, + # but don't fail uninstall. User should handle this + # Maybe the module is in use + rmmod xpmem || : + fi +fi + +%files +/lib/udev/rules.d/*-xpmem.rules +%{_prefix}/lib/modules-load.d/xpmem.conf +%doc README AUTHORS +%license COPYING COPYING.LESSER + +%if ! %{with kernel_only} +%files -n libxpmem +%{_libdir}/libxpmem.so.* +%license COPYING COPYING.LESSER + +%files -n libxpmem-devel +%{_prefix}/include/xpmem.h +%{_libdir}/libxpmem.a +%{_libdir}/libxpmem.so +%{_libdir}/pkgconfig/cray-xpmem.pc +%license COPYING COPYING.LESSER +%endif + +%if "%{KMP}" != "1" +%files modules +%{moduledir}/xpmem.ko +%license COPYING COPYING.LESSER +%endif + +%changelog +* Fri Mar 14 2025 CBL-Mariner Servicing Account - 2.7.4-13 +- Bump release to rebuild for new kernel release + +* Tue Mar 11 2025 CBL-Mariner Servicing Account - 2.7.4-12 +- Bump release to rebuild for new kernel release + +* Mon Mar 10 2025 Chris Co - 2.7.4-11 +- Bump release to rebuild for new kernel release + +* Wed Mar 05 2025 Rachel Menge - 2.7.4-10 +- Bump release to rebuild for new kernel release + +* Tue Mar 04 2025 Rachel Menge - 2.7.4-9 +- Bump release to rebuild for new kernel release + +* Wed Feb 19 2025 Chris Co - 2.7.4-8 +- Bump release to rebuild for new kernel release + +* Tue Feb 11 2025 Rachel Menge - 2.7.4-7 +- Bump release to rebuild for new kernel release + +* Wed Feb 05 2025 Tobias Brick - 2.7.4-6 +- Bump release to rebuild for new kernel release + +* Tue Feb 04 2025 Alberto David Perez Guevara - 2.7.4-5 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 2.7.4-4 +- Bump release to rebuild for new kernel release + +* Fri Jan 31 2025 Alberto David Perez Guevara - 2.7.4-3 +- Bump release to match kernel + +* Thu Jan 30 2025 Rachel Menge - 2.7.4-2 +- Bump release to match kernel + +* Tue Dec 17 2024 Binu Jose Philip - 2.7.4-1 +- Initial Azure Linux import from NVIDIA (license: GPLv2) +- License verified diff --git a/cgmanifest.json b/cgmanifest.json index 75929583b3..59658bcc25 100644 --- a/cgmanifest.json +++ b/cgmanifest.json @@ -8361,8 +8361,8 @@ "type": "other", "other": { "name": "kernel", - "version": "6.12.20", - "downloadUrl": "https://github.com/intel/linux-intel-lts/archive/refs/tags/lts-v6.12.20-edge-250324T192946Z.tar.gz" + "version": "6.12.23", + "downloadUrl": "https://github.com/intel/linux-intel-lts/archive/refs/tags/lts-v6.12.23-emt-250415T094615Z.tar.gz" } } }, @@ -8381,8 +8381,8 @@ "type": "other", "other": { "name": "kernel-headers", - "version": "6.12.20", - "downloadUrl": "https://github.com/intel/linux-intel-lts/archive/refs/tags/lts-v6.12.20-edge-250324T192946Z.tar.gz" + "version": "6.12.23", + "downloadUrl": "https://github.com/intel/linux-intel-lts/archive/refs/tags/lts-v6.12.23-emt-250415T094615Z.tar.gz" } } }, @@ -8401,8 +8401,8 @@ "type": "other", "other": { "name": "kernel-rt", - "version": "6.12.20", - "downloadUrl": "https://github.com/intel/linux-intel-lts/archive/refs/tags/lts-v6.12.20-edge-250324T192946Z.tar.gz" + "version": "6.12.23", + "downloadUrl": "https://github.com/intel/linux-intel-lts/archive/refs/tags/lts-v6.12.23-emt-250415T094615Z.tar.gz" } } }, diff --git a/toolkit/Makefile b/toolkit/Makefile index 4dbe19c76a..4b1ddbce27 100644 --- a/toolkit/Makefile +++ b/toolkit/Makefile @@ -153,15 +153,15 @@ SRPM_URL_LIST ?= https://files-rs.edgeorchestration.intel.com/files-edge-or ##help:var:VALIDATE_TOOLCHAIN_GPG={y,n}=Enable or disable GPG validation of the toolchain RPMs. If enabled toolchain RPMs will be validated against the GPG keys in the TOOLCHAIN_GPG_VALIDATION_KEYS variable. On by default when using upstream toolchain RPMs. # Based on REBUILD_TOOLCHAIN and DAILY_BUILD_ID. If REBUILD_TOOLCHAIN is set to 'y' or DAILY_BUILD_ID is set to any non-empty value, then GPG validation is disabled by default. -#ifeq ($(REBUILD_TOOLCHAIN),y) +ifeq ($(REBUILD_TOOLCHAIN),y) VALIDATE_TOOLCHAIN_GPG ?= n -#else -#ifneq ($(DAILY_BUILD_ID),) -#VALIDATE_TOOLCHAIN_GPG ?= n -#else -#VALIDATE_TOOLCHAIN_GPG ?= y -#endif -#endif +else +ifneq ($(DAILY_BUILD_ID),) +VALIDATE_TOOLCHAIN_GPG ?= n +else +VALIDATE_TOOLCHAIN_GPG ?= y +endif +endif TOOLCHAIN_GPG_VALIDATION_KEYS ?= $(wildcard $(PROJECT_ROOT)/SPECS/edge-repos/INTEL-*-GPG-KEY) $(wildcard $(toolkit_root)/repos/INTEL-*-GPG-KEY) diff --git a/toolkit/docs/amd/amd.md b/toolkit/docs/amd/amd.md new file mode 100644 index 0000000000..e1c4c923cb --- /dev/null +++ b/toolkit/docs/amd/amd.md @@ -0,0 +1,19 @@ +# AMD Repository Configuration + +## Overview +The following documentation describes how to access Azure Linux packages from the AMD RPM repository at [packages.microsoft.com](https://packages.microsoft.com/azurelinux/3.0/prod/amd/) + +## Instructions +The following instructions register the amd package store with the package manager and install the amdgpu package. +```ls +sudo tdnf install -y azurelinux-repos-amd +sudo tdnf install -y amdgpu +``` + +## Notes +1. Packages earlier than March 2025 (amdgpu-6.10.5.60302_2109964-1_6.6.78.1.3.azl3.x86_64.rpm) require an additional step `sudo modprobe amdgpu` or reboot to load the kernel modules. +1. Installing for an older kernel may require a specific driver version, for example: + - `uname -a` reports `6.6.64.2-9.azl3` is running + - `tdnf list amdgpu` lists the available driver versions + - amdgpu-6.8.5.60202_2078359-6_6.6.64.2.9.azl3.x86_64.rpm is the package for this kernel + - `sudo tdnf install amdgpu-6.8.5.60202_2078359` installs it diff --git a/toolkit/imageconfigs/core-efi-aarch64.json b/toolkit/imageconfigs/core-efi-aarch64.json index 8172d72588..0ee4a886fd 100644 --- a/toolkit/imageconfigs/core-efi-aarch64.json +++ b/toolkit/imageconfigs/core-efi-aarch64.json @@ -47,7 +47,8 @@ "PackageLists": [ "packagelists/hyperv-packages.json", "packagelists/core-packages-image-aarch64.json", - "packagelists/cloud-init-packages.json" + "packagelists/cloud-init-packages.json", + "packagelists/virt-guest-packages.json" ], "KernelOptions": { "default": "kernel" diff --git a/toolkit/resources/manifests/package/license_file_exceptions.json b/toolkit/resources/manifests/package/license_file_exceptions.json index fbd22cf930..579698214e 100644 --- a/toolkit/resources/manifests/package/license_file_exceptions.json +++ b/toolkit/resources/manifests/package/license_file_exceptions.json @@ -30,6 +30,14 @@ "IgnoredFilesRegexList": [ "^/usr/share/doc/tar-[0-9\\.]+/tar\\.html/GNU-Free-Documentation-License\\.html$" ] + }, + { + "_comment1": "OpenSSL has multiple structs, constants and procedures that have the word 'NOTICE' in them, like 'NOTICEREF_free'.", + "_comment2": "These man pages are for those items, not actual license notices.", + "PackageName": "openssl-devel", + "IgnoredFilesRegexList": [ + "^/usr/share/man/man3/.*NOTICE.*\\.3ossl\\.gz$" + ] } ], "GlobalExceptionsRegexList": [ diff --git a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt index 893d4f0596..08880d40cc 100644 --- a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt +++ b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt @@ -13,8 +13,8 @@ zlib-devel-1.3.1-1.azl3.aarch64.rpm file-5.45-1.azl3.aarch64.rpm file-devel-5.45-1.azl3.aarch64.rpm file-libs-5.45-1.azl3.aarch64.rpm -binutils-2.41-4.azl3.aarch64.rpm -binutils-devel-2.41-4.azl3.aarch64.rpm +binutils-2.41-5.azl3.aarch64.rpm +binutils-devel-2.41-5.azl3.aarch64.rpm gmp-6.3.0-1.azl3.aarch64.rpm gmp-devel-6.3.0-1.azl3.aarch64.rpm mpfr-4.2.1-1.azl3.aarch64.rpm @@ -39,8 +39,8 @@ ncurses-compat-6.4-2.azl3.aarch64.rpm ncurses-devel-6.4-2.azl3.aarch64.rpm ncurses-libs-6.4-2.azl3.aarch64.rpm ncurses-term-6.4-2.azl3.aarch64.rpm -readline-8.2-1.azl3.aarch64.rpm -readline-devel-8.2-1.azl3.aarch64.rpm +readline-8.2-2.azl3.aarch64.rpm +readline-devel-8.2-2.azl3.aarch64.rpm libattr-2.5.2-1.azl3.aarch64.rpm attr-2.5.2-1.azl3.aarch64.rpm libacl-2.3.1-2.azl3.aarch64.rpm @@ -170,16 +170,16 @@ gtk-doc-1.33.2-1.azl3.noarch.rpm autoconf-2.72-2.azl3.noarch.rpm automake-1.16.5-2.azl3.noarch.rpm ocaml-srpm-macros-9-4.azl3.noarch.rpm -openssl-3.3.3-1.azl3.aarch64.rpm -openssl-devel-3.3.3-1.azl3.aarch64.rpm -openssl-libs-3.3.3-1.azl3.aarch64.rpm -openssl-perl-3.3.3-1.azl3.aarch64.rpm -openssl-static-3.3.3-1.azl3.aarch64.rpm +openssl-3.3.3-2.azl3.aarch64.rpm +openssl-devel-3.3.3-2.azl3.aarch64.rpm +openssl-libs-3.3.3-2.azl3.aarch64.rpm +openssl-perl-3.3.3-2.azl3.aarch64.rpm +openssl-static-3.3.3-2.azl3.aarch64.rpm libcap-2.69-3.azl3.aarch64.rpm libcap-devel-2.69-3.azl3.aarch64.rpm debugedit-5.0-2.azl3.aarch64.rpm -libarchive-3.7.7-1.azl3.aarch64.rpm -libarchive-devel-3.7.7-1.azl3.aarch64.rpm +libarchive-3.7.7-2.azl3.aarch64.rpm +libarchive-devel-3.7.7-2.azl3.aarch64.rpm rpm-4.18.2-1.azl3.aarch64.rpm rpm-build-4.18.2-1.azl3.aarch64.rpm rpm-build-libs-4.18.2-1.azl3.aarch64.rpm @@ -208,7 +208,7 @@ libxml2-devel-2.11.5-4.azl3.aarch64.rpm docbook-dtd-xml-4.5-11.azl3.noarch.rpm docbook-style-xsl-1.79.1-14.azl3.noarch.rpm libsepol-3.6-1.azl3.aarch64.rpm -glib-2.78.1-5.azl3.aarch64.rpm +glib-2.78.6-1.azl3.aarch64.rpm libltdl-2.4.7-1.azl3.aarch64.rpm libltdl-devel-2.4.7-1.azl3.aarch64.rpm lua-5.4.6-1.azl3.aarch64.rpm @@ -225,14 +225,14 @@ libgpg-error-1.47-1.azl3.aarch64.rpm libgcrypt-1.10.2-1.azl3.aarch64.rpm libksba-1.6.4-1.azl3.aarch64.rpm libksba-devel-1.6.4-1.azl3.aarch64.rpm -libxslt-1.1.39-1.azl3.aarch64.rpm +libxslt-1.1.43-1.azl3.aarch64.rpm npth-1.6-4.azl3.aarch64.rpm pinentry-1.2.1-1.azl3.aarch64.rpm gnupg2-2.4.4-2.azl3.aarch64.rpm gnupg2-lang-2.4.4-2.azl3.aarch64.rpm gpgme-1.23.2-2.azl3.aarch64.rpm -azurelinux-repos-shared-3.0-4.azl3.noarch.rpm -azurelinux-repos-3.0-4.azl3.noarch.rpm +azurelinux-repos-shared-3.0-5.azl3.noarch.rpm +azurelinux-repos-3.0-5.azl3.noarch.rpm libffi-3.4.4-1.azl3.aarch64.rpm libffi-devel-3.4.4-1.azl3.aarch64.rpm libtasn1-4.19.0-2.azl3.aarch64.rpm diff --git a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt index 1fe3972a08..b98032d558 100644 --- a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt +++ b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt @@ -1,5 +1,5 @@ filesystem-1.1-21.emt3.x86_64.rpm -kernel-headers-6.12.20-1.emt3.noarch.rpm +kernel-headers-6.12.23-1.emt3.noarch.rpm glibc-2.38-9.emt3.x86_64.rpm glibc-devel-2.38-9.emt3.x86_64.rpm glibc-i18n-2.38-9.emt3.x86_64.rpm @@ -13,8 +13,8 @@ zlib-devel-1.3.1-1.emt3.x86_64.rpm file-5.45-1.emt3.x86_64.rpm file-devel-5.45-1.emt3.x86_64.rpm file-libs-5.45-1.emt3.x86_64.rpm -binutils-2.41-4.emt3.x86_64.rpm -binutils-devel-2.41-4.emt3.x86_64.rpm +binutils-2.41-5.emt3.x86_64.rpm +binutils-devel-2.41-5.emt3.x86_64.rpm gmp-6.3.0-1.emt3.x86_64.rpm gmp-devel-6.3.0-1.emt3.x86_64.rpm mpfr-4.2.1-1.emt3.x86_64.rpm @@ -39,8 +39,8 @@ ncurses-compat-6.4-2.emt3.x86_64.rpm ncurses-devel-6.4-2.emt3.x86_64.rpm ncurses-libs-6.4-2.emt3.x86_64.rpm ncurses-term-6.4-2.emt3.x86_64.rpm -readline-8.2-1.emt3.x86_64.rpm -readline-devel-8.2-1.emt3.x86_64.rpm +readline-8.2-2.emt3.x86_64.rpm +readline-devel-8.2-2.emt3.x86_64.rpm libattr-2.5.2-1.emt3.x86_64.rpm attr-2.5.2-1.emt3.x86_64.rpm libacl-2.3.1-2.emt3.x86_64.rpm @@ -170,16 +170,16 @@ gtk-doc-1.33.2-1.emt3.noarch.rpm autoconf-2.72-2.emt3.noarch.rpm automake-1.16.5-2.emt3.noarch.rpm ocaml-srpm-macros-9-4.emt3.noarch.rpm -openssl-3.3.3-1.emt3.x86_64.rpm -openssl-devel-3.3.3-1.emt3.x86_64.rpm -openssl-libs-3.3.3-1.emt3.x86_64.rpm -openssl-perl-3.3.3-1.emt3.x86_64.rpm -openssl-static-3.3.3-1.emt3.x86_64.rpm +openssl-3.3.3-2.emt3.x86_64.rpm +openssl-devel-3.3.3-2.emt3.x86_64.rpm +openssl-libs-3.3.3-2.emt3.x86_64.rpm +openssl-perl-3.3.3-2.emt3.x86_64.rpm +openssl-static-3.3.3-2.emt3.x86_64.rpm libcap-2.69-3.emt3.x86_64.rpm libcap-devel-2.69-3.emt3.x86_64.rpm debugedit-5.0-2.emt3.x86_64.rpm -libarchive-3.7.7-1.emt3.x86_64.rpm -libarchive-devel-3.7.7-1.emt3.x86_64.rpm +libarchive-3.7.7-2.emt3.x86_64.rpm +libarchive-devel-3.7.7-2.emt3.x86_64.rpm rpm-4.18.2-1.emt3.x86_64.rpm rpm-build-4.18.2-1.emt3.x86_64.rpm rpm-build-libs-4.18.2-1.emt3.x86_64.rpm @@ -208,7 +208,7 @@ libxml2-devel-2.11.5-4.emt3.x86_64.rpm docbook-dtd-xml-4.5-11.emt3.noarch.rpm docbook-style-xsl-1.79.1-14.emt3.noarch.rpm libsepol-3.6-1.emt3.x86_64.rpm -glib-2.78.1-5.emt3.x86_64.rpm +glib-2.78.6-1.emt3.x86_64.rpm libltdl-2.4.7-1.emt3.x86_64.rpm libltdl-devel-2.4.7-1.emt3.x86_64.rpm lua-5.4.6-1.emt3.x86_64.rpm @@ -225,7 +225,7 @@ libgpg-error-1.47-1.emt3.x86_64.rpm libgcrypt-1.10.2-1.emt3.x86_64.rpm libksba-1.6.4-1.emt3.x86_64.rpm libksba-devel-1.6.4-1.emt3.x86_64.rpm -libxslt-1.1.39-1.emt3.x86_64.rpm +libxslt-1.1.43-1.emt3.x86_64.rpm npth-1.6-4.emt3.x86_64.rpm pinentry-1.2.1-1.emt3.x86_64.rpm gnupg2-2.4.4-2.emt3.x86_64.rpm diff --git a/toolkit/resources/manifests/package/toolchain_aarch64.txt b/toolkit/resources/manifests/package/toolchain_aarch64.txt index f5eaf40513..c6a78855f5 100644 --- a/toolkit/resources/manifests/package/toolchain_aarch64.txt +++ b/toolkit/resources/manifests/package/toolchain_aarch64.txt @@ -10,27 +10,27 @@ audit-libs-3.1.2-1.azl3.aarch64.rpm autoconf-2.72-2.azl3.noarch.rpm automake-1.16.5-2.azl3.noarch.rpm azurelinux-check-macros-3.0-7.azl3.noarch.rpm -azurelinux-repos-3.0-4.azl3.noarch.rpm -azurelinux-repos-debug-3.0-4.azl3.noarch.rpm -azurelinux-repos-debug-preview-3.0-4.azl3.noarch.rpm -azurelinux-repos-extended-3.0-4.azl3.noarch.rpm -azurelinux-repos-extended-debug-3.0-4.azl3.noarch.rpm -azurelinux-repos-extended-debug-preview-3.0-4.azl3.noarch.rpm -azurelinux-repos-extended-preview-3.0-4.azl3.noarch.rpm -azurelinux-repos-ms-non-oss-3.0-4.azl3.noarch.rpm -azurelinux-repos-ms-non-oss-preview-3.0-4.azl3.noarch.rpm -azurelinux-repos-ms-oss-3.0-4.azl3.noarch.rpm -azurelinux-repos-ms-oss-preview-3.0-4.azl3.noarch.rpm -azurelinux-repos-preview-3.0-4.azl3.noarch.rpm -azurelinux-repos-shared-3.0-4.azl3.noarch.rpm +azurelinux-repos-3.0-5.azl3.noarch.rpm +azurelinux-repos-debug-3.0-5.azl3.noarch.rpm +azurelinux-repos-debug-preview-3.0-5.azl3.noarch.rpm +azurelinux-repos-extended-3.0-5.azl3.noarch.rpm +azurelinux-repos-extended-debug-3.0-5.azl3.noarch.rpm +azurelinux-repos-extended-debug-preview-3.0-5.azl3.noarch.rpm +azurelinux-repos-extended-preview-3.0-5.azl3.noarch.rpm +azurelinux-repos-ms-non-oss-3.0-5.azl3.noarch.rpm +azurelinux-repos-ms-non-oss-preview-3.0-5.azl3.noarch.rpm +azurelinux-repos-ms-oss-3.0-5.azl3.noarch.rpm +azurelinux-repos-ms-oss-preview-3.0-5.azl3.noarch.rpm +azurelinux-repos-preview-3.0-5.azl3.noarch.rpm +azurelinux-repos-shared-3.0-5.azl3.noarch.rpm azurelinux-rpm-macros-3.0-7.azl3.noarch.rpm bash-5.2.15-3.azl3.aarch64.rpm bash-debuginfo-5.2.15-3.azl3.aarch64.rpm bash-devel-5.2.15-3.azl3.aarch64.rpm bash-lang-5.2.15-3.azl3.aarch64.rpm -binutils-2.41-4.azl3.aarch64.rpm -binutils-debuginfo-2.41-4.azl3.aarch64.rpm -binutils-devel-2.41-4.azl3.aarch64.rpm +binutils-2.41-5.azl3.aarch64.rpm +binutils-debuginfo-2.41-5.azl3.aarch64.rpm +binutils-devel-2.41-5.azl3.aarch64.rpm bison-3.8.2-1.azl3.aarch64.rpm bison-debuginfo-3.8.2-1.azl3.aarch64.rpm bzip2-1.0.8-1.azl3.aarch64.rpm @@ -49,8 +49,8 @@ check-debuginfo-0.15.2-1.azl3.aarch64.rpm chkconfig-1.25-1.azl3.aarch64.rpm chkconfig-debuginfo-1.25-1.azl3.aarch64.rpm chkconfig-lang-1.25-1.azl3.aarch64.rpm -cmake-3.30.3-4.azl3.aarch64.rpm -cmake-debuginfo-3.30.3-4.azl3.aarch64.rpm +cmake-3.30.3-5.azl3.aarch64.rpm +cmake-debuginfo-3.30.3-5.azl3.aarch64.rpm coreutils-9.4-6.azl3.aarch64.rpm coreutils-debuginfo-9.4-6.azl3.aarch64.rpm coreutils-lang-9.4-6.azl3.aarch64.rpm @@ -120,11 +120,11 @@ gdbm-lang-1.23-1.azl3.aarch64.rpm gettext-0.22-1.azl3.aarch64.rpm gettext-debuginfo-0.22-1.azl3.aarch64.rpm gfortran-13.2.0-7.azl3.aarch64.rpm -glib-2.78.1-5.azl3.aarch64.rpm -glib-debuginfo-2.78.1-5.azl3.aarch64.rpm -glib-devel-2.78.1-5.azl3.aarch64.rpm -glib-doc-2.78.1-5.azl3.noarch.rpm -glib-schemas-2.78.1-5.azl3.aarch64.rpm +glib-2.78.6-1.azl3.aarch64.rpm +glib-debuginfo-2.78.6-1.azl3.aarch64.rpm +glib-devel-2.78.6-1.azl3.aarch64.rpm +glib-doc-2.78.6-1.azl3.noarch.rpm +glib-schemas-2.78.6-1.azl3.aarch64.rpm glibc-2.38-9.azl3.aarch64.rpm glibc-debuginfo-2.38-9.azl3.aarch64.rpm glibc-devel-2.38-9.azl3.aarch64.rpm @@ -166,9 +166,9 @@ krb5-devel-1.21.3-2.azl3.aarch64.rpm krb5-lang-1.21.3-2.azl3.aarch64.rpm libacl-2.3.1-2.azl3.aarch64.rpm libacl-devel-2.3.1-2.azl3.aarch64.rpm -libarchive-3.7.7-1.azl3.aarch64.rpm -libarchive-debuginfo-3.7.7-1.azl3.aarch64.rpm -libarchive-devel-3.7.7-1.azl3.aarch64.rpm +libarchive-3.7.7-2.azl3.aarch64.rpm +libarchive-debuginfo-3.7.7-2.azl3.aarch64.rpm +libarchive-devel-3.7.7-2.azl3.aarch64.rpm libassuan-2.5.6-1.azl3.aarch64.rpm libassuan-debuginfo-2.5.6-1.azl3.aarch64.rpm libassuan-devel-2.5.6-1.azl3.aarch64.rpm @@ -243,9 +243,9 @@ libxcrypt-devel-4.4.36-2.azl3.aarch64.rpm libxml2-2.11.5-4.azl3.aarch64.rpm libxml2-debuginfo-2.11.5-4.azl3.aarch64.rpm libxml2-devel-2.11.5-4.azl3.aarch64.rpm -libxslt-1.1.39-1.azl3.aarch64.rpm -libxslt-debuginfo-1.1.39-1.azl3.aarch64.rpm -libxslt-devel-1.1.39-1.azl3.aarch64.rpm +libxslt-1.1.43-1.azl3.aarch64.rpm +libxslt-debuginfo-1.1.43-1.azl3.aarch64.rpm +libxslt-devel-1.1.43-1.azl3.aarch64.rpm lua-5.4.6-1.azl3.aarch64.rpm lua-debuginfo-5.4.6-1.azl3.aarch64.rpm lua-devel-5.4.6-1.azl3.aarch64.rpm @@ -285,12 +285,12 @@ npth-debuginfo-1.6-4.azl3.aarch64.rpm npth-devel-1.6-4.azl3.aarch64.rpm ntsysv-1.25-1.azl3.aarch64.rpm ocaml-srpm-macros-9-4.azl3.noarch.rpm -openssl-3.3.3-1.azl3.aarch64.rpm -openssl-debuginfo-3.3.3-1.azl3.aarch64.rpm -openssl-devel-3.3.3-1.azl3.aarch64.rpm -openssl-libs-3.3.3-1.azl3.aarch64.rpm -openssl-perl-3.3.3-1.azl3.aarch64.rpm -openssl-static-3.3.3-1.azl3.aarch64.rpm +openssl-3.3.3-2.azl3.aarch64.rpm +openssl-debuginfo-3.3.3-2.azl3.aarch64.rpm +openssl-devel-3.3.3-2.azl3.aarch64.rpm +openssl-libs-3.3.3-2.azl3.aarch64.rpm +openssl-perl-3.3.3-2.azl3.aarch64.rpm +openssl-static-3.3.3-2.azl3.aarch64.rpm p11-kit-0.25.0-1.azl3.aarch64.rpm p11-kit-debuginfo-0.25.0-1.azl3.aarch64.rpm p11-kit-devel-0.25.0-1.azl3.aarch64.rpm @@ -538,7 +538,7 @@ python3-debuginfo-3.12.9-1.azl3.aarch64.rpm python3-devel-3.12.9-1.azl3.aarch64.rpm python3-flit-core-3.9.0-1.azl3.noarch.rpm python3-gpg-1.23.2-2.azl3.aarch64.rpm -python3-jinja2-3.1.2-2.azl3.noarch.rpm +python3-jinja2-3.1.2-3.azl3.noarch.rpm python3-libcap-ng-0.8.4-1.azl3.aarch64.rpm python3-libs-3.12.9-1.azl3.aarch64.rpm python3-libxml2-2.11.5-4.azl3.aarch64.rpm @@ -555,9 +555,9 @@ python3-setuptools-69.0.3-4.azl3.noarch.rpm python3-test-3.12.9-1.azl3.aarch64.rpm python3-tools-3.12.9-1.azl3.aarch64.rpm python3-wheel-0.43.0-1.azl3.noarch.rpm -readline-8.2-1.azl3.aarch64.rpm -readline-debuginfo-8.2-1.azl3.aarch64.rpm -readline-devel-8.2-1.azl3.aarch64.rpm +readline-8.2-2.azl3.aarch64.rpm +readline-debuginfo-8.2-2.azl3.aarch64.rpm +readline-devel-8.2-2.azl3.aarch64.rpm rpm-4.18.2-1.azl3.aarch64.rpm rpm-build-4.18.2-1.azl3.aarch64.rpm rpm-build-libs-4.18.2-1.azl3.aarch64.rpm diff --git a/toolkit/resources/manifests/package/toolchain_x86_64.txt b/toolkit/resources/manifests/package/toolchain_x86_64.txt index 94f06649e6..09dc8b4659 100644 --- a/toolkit/resources/manifests/package/toolchain_x86_64.txt +++ b/toolkit/resources/manifests/package/toolchain_x86_64.txt @@ -17,10 +17,10 @@ bash-5.2.15-3.emt3.x86_64.rpm bash-debuginfo-5.2.15-3.emt3.x86_64.rpm bash-devel-5.2.15-3.emt3.x86_64.rpm bash-lang-5.2.15-3.emt3.x86_64.rpm -binutils-2.41-4.emt3.x86_64.rpm -binutils-aarch64-linux-gnu-2.41-4.emt3.x86_64.rpm -binutils-debuginfo-2.41-4.emt3.x86_64.rpm -binutils-devel-2.41-4.emt3.x86_64.rpm +binutils-2.41-5.emt3.x86_64.rpm +binutils-aarch64-linux-gnu-2.41-5.emt3.x86_64.rpm +binutils-debuginfo-2.41-5.emt3.x86_64.rpm +binutils-devel-2.41-5.emt3.x86_64.rpm bison-3.8.2-1.emt3.x86_64.rpm bison-debuginfo-3.8.2-1.emt3.x86_64.rpm bzip2-1.0.8-1.emt3.x86_64.rpm @@ -39,8 +39,8 @@ check-debuginfo-0.15.2-1.emt3.x86_64.rpm chkconfig-1.25-1.emt3.x86_64.rpm chkconfig-debuginfo-1.25-1.emt3.x86_64.rpm chkconfig-lang-1.25-1.emt3.x86_64.rpm -cmake-3.30.3-4.emt3.x86_64.rpm -cmake-debuginfo-3.30.3-4.emt3.x86_64.rpm +cmake-3.30.3-5.emt3.x86_64.rpm +cmake-debuginfo-3.30.3-5.emt3.x86_64.rpm coreutils-9.4-6.emt3.x86_64.rpm coreutils-debuginfo-9.4-6.emt3.x86_64.rpm coreutils-lang-9.4-6.emt3.x86_64.rpm @@ -55,7 +55,7 @@ cracklib-lang-2.9.11-1.emt3.x86_64.rpm createrepo_c-1.0.3-1.emt3.x86_64.rpm createrepo_c-debuginfo-1.0.3-1.emt3.x86_64.rpm createrepo_c-devel-1.0.3-1.emt3.x86_64.rpm -cross-binutils-common-2.41-4.emt3.noarch.rpm +cross-binutils-common-2.41-5.emt3.noarch.rpm cross-gcc-common-13.2.0-7.emt3.noarch.rpm curl-8.11.1-3.emt3.x86_64.rpm curl-debuginfo-8.11.1-3.emt3.x86_64.rpm @@ -114,11 +114,11 @@ gdbm-lang-1.23-1.emt3.x86_64.rpm gettext-0.22-1.emt3.x86_64.rpm gettext-debuginfo-0.22-1.emt3.x86_64.rpm gfortran-13.2.0-7.emt3.x86_64.rpm -glib-2.78.1-5.emt3.x86_64.rpm -glib-debuginfo-2.78.1-5.emt3.x86_64.rpm -glib-devel-2.78.1-5.emt3.x86_64.rpm -glib-doc-2.78.1-5.emt3.noarch.rpm -glib-schemas-2.78.1-5.emt3.x86_64.rpm +glib-2.78.6-1.emt3.x86_64.rpm +glib-debuginfo-2.78.6-1.emt3.x86_64.rpm +glib-devel-2.78.6-1.emt3.x86_64.rpm +glib-doc-2.78.6-1.emt3.noarch.rpm +glib-schemas-2.78.6-1.emt3.x86_64.rpm glibc-2.38-9.emt3.x86_64.rpm glibc-debuginfo-2.38-9.emt3.x86_64.rpm glibc-devel-2.38-9.emt3.x86_64.rpm @@ -150,8 +150,8 @@ intltool-0.51.0-7.emt3.noarch.rpm itstool-2.0.7-1.emt3.noarch.rpm kbd-2.2.0-2.emt3.x86_64.rpm kbd-debuginfo-2.2.0-2.emt3.x86_64.rpm -kernel-cross-headers-6.12.20-1.emt3.noarch.rpm -kernel-headers-6.12.20-1.emt3.noarch.rpm +kernel-cross-headers-6.12.23-1.emt3.noarch.rpm +kernel-headers-6.12.23-1.emt3.noarch.rpm kmod-30-1.emt3.x86_64.rpm kmod-debuginfo-30-1.emt3.x86_64.rpm kmod-devel-30-1.emt3.x86_64.rpm @@ -161,9 +161,9 @@ krb5-devel-1.21.3-2.emt3.x86_64.rpm krb5-lang-1.21.3-2.emt3.x86_64.rpm libacl-2.3.1-2.emt3.x86_64.rpm libacl-devel-2.3.1-2.emt3.x86_64.rpm -libarchive-3.7.7-1.emt3.x86_64.rpm -libarchive-debuginfo-3.7.7-1.emt3.x86_64.rpm -libarchive-devel-3.7.7-1.emt3.x86_64.rpm +libarchive-3.7.7-2.emt3.x86_64.rpm +libarchive-debuginfo-3.7.7-2.emt3.x86_64.rpm +libarchive-devel-3.7.7-2.emt3.x86_64.rpm libassuan-2.5.6-1.emt3.x86_64.rpm libassuan-debuginfo-2.5.6-1.emt3.x86_64.rpm libassuan-devel-2.5.6-1.emt3.x86_64.rpm @@ -238,9 +238,9 @@ libxml2-devel-2.11.5-4.emt3.x86_64.rpm libxcrypt-4.4.36-2.emt3.x86_64.rpm libxcrypt-debuginfo-4.4.36-2.emt3.x86_64.rpm libxcrypt-devel-4.4.36-2.emt3.x86_64.rpm -libxslt-1.1.39-1.emt3.x86_64.rpm -libxslt-debuginfo-1.1.39-1.emt3.x86_64.rpm -libxslt-devel-1.1.39-1.emt3.x86_64.rpm +libxslt-1.1.43-1.emt3.x86_64.rpm +libxslt-debuginfo-1.1.43-1.emt3.x86_64.rpm +libxslt-devel-1.1.43-1.emt3.x86_64.rpm lua-5.4.6-1.emt3.x86_64.rpm lua-debuginfo-5.4.6-1.emt3.x86_64.rpm lua-devel-5.4.6-1.emt3.x86_64.rpm @@ -280,12 +280,12 @@ npth-debuginfo-1.6-4.emt3.x86_64.rpm npth-devel-1.6-4.emt3.x86_64.rpm ntsysv-1.25-1.emt3.x86_64.rpm ocaml-srpm-macros-9-4.emt3.noarch.rpm -openssl-3.3.3-1.emt3.x86_64.rpm -openssl-debuginfo-3.3.3-1.emt3.x86_64.rpm -openssl-devel-3.3.3-1.emt3.x86_64.rpm -openssl-libs-3.3.3-1.emt3.x86_64.rpm -openssl-perl-3.3.3-1.emt3.x86_64.rpm -openssl-static-3.3.3-1.emt3.x86_64.rpm +openssl-3.3.3-2.emt3.x86_64.rpm +openssl-debuginfo-3.3.3-2.emt3.x86_64.rpm +openssl-devel-3.3.3-2.emt3.x86_64.rpm +openssl-libs-3.3.3-2.emt3.x86_64.rpm +openssl-perl-3.3.3-2.emt3.x86_64.rpm +openssl-static-3.3.3-2.emt3.x86_64.rpm p11-kit-0.25.0-1.emt3.x86_64.rpm p11-kit-debuginfo-0.25.0-1.emt3.x86_64.rpm p11-kit-devel-0.25.0-1.emt3.x86_64.rpm @@ -533,7 +533,7 @@ python3-debuginfo-3.12.9-1.emt3.x86_64.rpm python3-devel-3.12.9-1.emt3.x86_64.rpm python3-flit-core-3.9.0-1.emt3.noarch.rpm python3-gpg-1.23.2-2.emt3.x86_64.rpm -python3-jinja2-3.1.2-2.emt3.noarch.rpm +python3-jinja2-3.1.2-3.emt3.noarch.rpm python3-libcap-ng-0.8.4-1.emt3.x86_64.rpm python3-libs-3.12.9-1.emt3.x86_64.rpm python3-libxml2-2.11.5-4.emt3.x86_64.rpm @@ -550,9 +550,9 @@ python3-setuptools-69.0.3-4.emt3.noarch.rpm python3-test-3.12.9-1.emt3.x86_64.rpm python3-tools-3.12.9-1.emt3.x86_64.rpm python3-wheel-0.43.0-1.emt3.noarch.rpm -readline-8.2-1.emt3.x86_64.rpm -readline-debuginfo-8.2-1.emt3.x86_64.rpm -readline-devel-8.2-1.emt3.x86_64.rpm +readline-8.2-2.emt3.x86_64.rpm +readline-debuginfo-8.2-2.emt3.x86_64.rpm +readline-devel-8.2-2.emt3.x86_64.rpm rpm-4.18.2-1.emt3.x86_64.rpm rpm-build-4.18.2-1.emt3.x86_64.rpm rpm-build-libs-4.18.2-1.emt3.x86_64.rpm diff --git a/toolkit/scripts/check_entangled_specs.py b/toolkit/scripts/check_entangled_specs.py index b738060a44..1114ce4e51 100755 --- a/toolkit/scripts/check_entangled_specs.py +++ b/toolkit/scripts/check_entangled_specs.py @@ -11,6 +11,10 @@ from pyrpm.spec import replace_macros, Spec +# Control output verbosity, keeping this module global since we do not +# have a containing top-level scope +verbose=False + version_release_matching_groups = [ frozenset([ "SPECS-SIGNED/kernel-signed/kernel-signed.spec", @@ -147,101 +151,59 @@ ]) ] -def check_spec_tags(base_path: str, tags: List[str], groups: List[FrozenSet]) -> Set[FrozenSet]: - """Returns spec sets which violate matching rules for given tags. """ - err_groups = set() - for group in groups: - variants = defaultdict(set) - - for spec_filename in group: - parsed_spec = Spec.from_file(path.join(base_path, spec_filename)) - for tag in tags: - tag_value = get_tag_value(parsed_spec, tag) - variants[tag].add(tag_value) - - for tag in tags: - if len(variants[tag]) > 1: err_groups.add(group) - return err_groups - - -def check_oot_kmodules(base_path: str, tag: str, groups: List[FrozenSet]) -> Set[FrozenSet]: - """Returns OOT kernel modules which violate matching with kernel-headers version. """ - err_groups = set() - - kernel_headers_spec = Spec.from_file(path.join(base_path, "SPECS/kernel-headers/kernel-headers.spec")) - kernel_headers_version = get_tag_value(kernel_headers_spec, 'version') +def print_verbose(message: str): + "Print 'message' to stdout if global variable 'verbose' is true." + if verbose: + print(message) +def check_spec_tags(base_path: str, tags: dict, groups: List[FrozenSet]) -> bool: + """Check if spec set violates matching rules for any of given tags. Return True/False accordingly.""" + has_error = False for group in groups: + print_verbose(f"Processing group: {group}") + spec_tag_map = {tag: {} for tag in tags} for spec_filename in group: parsed_spec = Spec.from_file(path.join(base_path, spec_filename)) - tag_value = get_tag_value(parsed_spec, tag) - if tag_value != kernel_headers_version: - err_groups.add(spec_filename) - return err_groups - -def check_mstflintver_match_groups(base_path: str) -> Set[FrozenSet]: - return check_spec_tags(base_path, ['mstflintver'], mstflintver_matching_groups) - -def check_sdkver_match_groups(base_path: str) -> Set[FrozenSet]: - return check_spec_tags(base_path, ['sdkver'], sdkver_matching_groups) - -def check_version_release_match_groups(base_path: str) -> Set[FrozenSet]: - return check_spec_tags(base_path, ['epoch', 'version', 'release'], version_release_matching_groups) - -def check_version_match_groups(base_path: str) -> Set[FrozenSet]: - return check_spec_tags(base_path, ['epoch', 'version'], version_matching_groups) + print_verbose(f"\t{spec_filename}") -def check_oot_kmodule_matching_groups(base_path: str) -> Set[FrozenSet]: - return check_oot_kmodules(base_path, 'last-known-kernel', oot_kmodule_matching_groups) + for tag, tag_current in tags.items(): + tag_value = get_tag_value(parsed_spec, tag) + spec_tag_map[tag][spec_filename] = tag_value + tag_want = f" (want: {tag_current})" if tag_current else "" + print_verbose(f"\t\ttag({tag}) value: {tag_value}{tag_want}") + + for tag, specs_values in spec_tag_map.items(): + # Skip to next tag if tag value is unique and it matches "tag_expected_value" if set + value_list = list(specs_values.values()) + tag_expected = tags[tag] + if len(set(value_list)) > 1 or (tag_expected and value_list[0] != tag_expected): + has_error = True + print(f'Mismatch in expected value of "{tag}":{tag_expected or ""}') + for spec_name, value in specs_values.items(): + print(f"\t{value:30} => {spec_name}") + + return has_error def check_matches(base_path: str): - version_match_errors = check_version_match_groups(base_path) - version_release_match_errors = check_version_release_match_groups(base_path) - sdkver_match_errors = check_sdkver_match_groups(base_path) - mstflintver_match_errors = check_mstflintver_match_groups(base_path) - oot_kmodule_match_errors = check_oot_kmodule_matching_groups(base_path) - - printer = pprint.PrettyPrinter() - - if len(version_match_errors) or \ - len(version_release_match_errors) or \ - len(sdkver_match_errors) or \ - len(mstflintver_match_errors) or \ - len(oot_kmodule_match_errors): - print('The current repository state violates a spec entanglement rule!') - - if len(version_match_errors): - print( - '\nPlease update the following sets of specs to have the same "Epoch" and "Version" tags:') - for e in version_match_errors: - printer.pprint(e) - - if len(version_release_match_errors): - print( - '\nPlease update the following sets of specs to have the same "Epoch", "Version", and "Release" tags:') - for e in version_release_match_errors: - printer.pprint(e) - - if len(sdkver_match_errors): - print( - '\nPlease update the following sets of specs to have the same "sdkver" global variables:') - for e in sdkver_match_errors: - printer.pprint(e) - - if len(mstflintver_match_errors): - print( - '\nPlease update the following sets of specs to have the same "mstflintver" global variables:') - for e in mstflintver_match_errors: - printer.pprint(e) - - if len(oot_kmodule_match_errors): - print( - '\nPlease update the following sets of specs to match the "last-known-kernel" global variable with kernel-headers "version":') - for e in oot_kmodule_match_errors: - printer.pprint(e) - + kernel_headers_spec = Spec.from_file(path.join(base_path, "SPECS/kernel-headers/kernel-headers.spec")) + kernel_headers_version = get_tag_value(kernel_headers_spec, 'version') + kernel_headers_release = get_tag_value(kernel_headers_spec, 'release') + kernel_version_release = f"{kernel_headers_version}-{kernel_headers_release}" + + groups_to_check = [({'mstflintver':{}}, mstflintver_matching_groups), + ({'sdkver':{}}, sdkver_matching_groups), + ({'epoch':{}, 'version':{}, 'release':{}}, version_release_matching_groups), + ({'epoch':{}, 'version':{}}, version_matching_groups), + ({'last-known-kernel' : kernel_version_release}, oot_kmodule_matching_groups)] + + check_result = [] + for check_args in groups_to_check: + print_verbose(f'Calling check_spec_tags with "{check_args}"') + check_result.append(check_spec_tags(base_path, *check_args)) + if any(check_result): + print('The current repository state violates one or more spec entanglement rule!') sys.exit(1) - + print('Repository state is consistent with spec entanglement rules.') def get_tag_value(spec: "Spec", tag: str) -> str: value = getattr(spec, tag) @@ -249,10 +211,15 @@ def get_tag_value(spec: "Spec", tag: str) -> str: value = replace_macros(value, spec) return value +def main(): + global verbose -if __name__ == '__main__': parser = argparse.ArgumentParser() - parser.add_argument( - 'repo_root', help='path to the root of the Azure Linux repository') + parser.add_argument('repo_root', help='path to the root of the Azure Linux repository') + parser.add_argument ("--verbose", action="store_true", help='Print details about each action') args = parser.parse_args() + verbose = args.verbose check_matches(args.repo_root) + +if __name__ == '__main__': + main() diff --git a/toolkit/scripts/tests/test_check_entangled_specs.py b/toolkit/scripts/tests/test_check_entangled_specs.py new file mode 100644 index 0000000000..a1feb922bd --- /dev/null +++ b/toolkit/scripts/tests/test_check_entangled_specs.py @@ -0,0 +1,94 @@ +#!/usr/bin/env python3 +# Copyright (c) Microsoft Corporation. +# Licensed under the MIT License. + +import unittest +from unittest.mock import patch, MagicMock +import check_entangled_specs + +# Enable verbose output to make debugging easier +check_entangled_specs.verbose = True + +class TestCheckSpecTags(unittest.TestCase): + + @patch('check_entangled_specs.Spec.from_file') + @patch('check_entangled_specs.get_tag_value') + def test_check_spec_tags_no_errors(self, mock_get_tag_value, mock_from_file): + mock_get_tag_value.side_effect = ["v1", "r1", "v1", "r1", + "v1.1", "r1.1", "v1.1", "r1.1"] + mock_from_file.return_value = MagicMock() + + base_path = "/fake/path" + tags = {"version":{}, "release":{}} + groups = [frozenset(["spec1.spec", "spec2.spec"]), + frozenset(["spec3.spec", "spec4.spec"])] + + result = check_entangled_specs.check_spec_tags(base_path, tags, groups) + self.assertFalse(result) + + @patch('check_entangled_specs.Spec.from_file') + @patch('check_entangled_specs.get_tag_value') + def test_check_spec_tags_with_errors(self, mock_get_tag_value, mock_from_file): + mock_get_tag_value.side_effect = ["v2", "r2", "v2.1", "r2.1"] + mock_from_file.return_value = MagicMock() + + base_path = "/fake/path" + tags = {"version":"", "release":""} + groups = [frozenset(["spec5.spec", "spec6.spec"])] + + result = check_entangled_specs.check_spec_tags(base_path, tags, groups) + self.assertTrue(result) + + @patch('check_entangled_specs.Spec.from_file') + @patch('check_entangled_specs.get_tag_value') + def test_check_spec_tags_with_expected_value(self, mock_get_tag_value, mock_from_file): + mock_get_tag_value.side_effect = ["v3","v3"] + mock_from_file.return_value = MagicMock() + + base_path = "/fake/path" + tags = {"version":"v3"} + groups = [frozenset(["spec7.spec", "spec8.spec"])] + + result = check_entangled_specs.check_spec_tags(base_path, tags, groups) + self.assertFalse(result) + + @patch('check_entangled_specs.Spec.from_file') + @patch('check_entangled_specs.get_tag_value') + def test_check_spec_tags_with_mismatched_expected_value(self, mock_get_tag_value, mock_from_file): + mock_get_tag_value.side_effect = ["v4","v4"] + mock_from_file.return_value = MagicMock() + + base_path = "/fake/path" + tags = {"version":"v5"} + groups = [frozenset(["spec1.spec", "spec2.spec"])] + + result = check_entangled_specs.check_spec_tags(base_path, tags, groups) + self.assertTrue(result) + +class TestCheckMatches(unittest.TestCase): + @patch('check_entangled_specs.Spec.from_file') + @patch('check_entangled_specs.get_tag_value') + @patch('check_entangled_specs.check_spec_tags') + @patch('sys.exit') + def test_check_matches_no_errors(self, mock_exit, mock_check_spec_tags, mock_get_tag_value, mock_from_file): + mock_get_tag_value.side_effect = ["1.0", "1"] + mock_from_file.return_value = MagicMock() + mock_check_spec_tags.side_effect = [ False, False, False, False, False ] + base_path = "/fake/path" + check_entangled_specs.check_matches(base_path) + mock_exit.assert_not_called() + + @patch('check_entangled_specs.Spec.from_file') + @patch('check_entangled_specs.get_tag_value') + @patch('check_entangled_specs.check_spec_tags') + @patch('sys.exit') + def test_check_matches_with_errors(self, mock_exit, mock_check_spec_tags, mock_get_tag_value, mock_from_file): + mock_get_tag_value.side_effect = ["1.0", "1"] + mock_from_file.return_value = MagicMock() + mock_check_spec_tags.side_effect = [False, False, True, False, False] + base_path = "/fake/path" + check_entangled_specs.check_matches(base_path) + mock_exit.assert_called_once_with(1) + +if __name__ == '__main__': + unittest.main() diff --git a/toolkit/scripts/toolchain.mk b/toolkit/scripts/toolchain.mk index e5f364e625..5ac559fadb 100644 --- a/toolkit/scripts/toolchain.mk +++ b/toolkit/scripts/toolchain.mk @@ -191,6 +191,7 @@ $(toolchain_rpms_rehydrated): $(TOOLCHAIN_MANIFEST) $(go-downloader) $(SCRIPTS_D --log-base "$$log_file" \ --hydrate \ --url-list "$(PACKAGE_URL_LIST)" \ + --allowable-gpg-keys "$(TOOLCHAIN_GPG_VALIDATION_KEYS)" \ $(if $(TLS_CERT),--certificate $(TLS_CERT)) \ $(if $(TLS_KEY),--private-key $(TLS_KEY)) || { \ echo "Could not find toolchain package in package repo to rehydrate with: $(notdir $@)." >> "$$log_file" && \ diff --git a/toolkit/scripts/toolchain/build_official_toolchain_rpms.sh b/toolkit/scripts/toolchain/build_official_toolchain_rpms.sh index ed871b641e..e4bec39b18 100755 --- a/toolkit/scripts/toolchain/build_official_toolchain_rpms.sh +++ b/toolkit/scripts/toolchain/build_official_toolchain_rpms.sh @@ -353,7 +353,7 @@ case $(uname -m) in x86_64) MSOPENJDK_EXPECTED_HASH="08d46b64dc0202ad54be937bb5eab7d4c6a6f7f355a40afbeb295cb591dba126" ;; aarch64) MSOPENJDK_EXPECTED_HASH="0532d42d5c010152c09e88971f9aecd84af54f935973bbf0f1eba2c1c6839726" ;; esac -wget -nv --server-response --no-clobber --timeout=30 $MSOPENJDK_URL --directory-prefix=$CHROOT_RPMS_DIR_ARCH +wget -nv --server-response --no-clobber --timeout=30 --tries=3 --waitretry=10 --retry-connrefused $MSOPENJDK_URL --directory-prefix=$CHROOT_RPMS_DIR_ARCH MSOPENJDK_ACTUAL_HASH=$(sha256sum "$CHROOT_RPMS_DIR_ARCH/$MSOPENJDK_FILENAME" | awk '{print $1}') if [[ "$MSOPENJDK_EXPECTED_HASH" != "$MSOPENJDK_ACTUAL_HASH" ]]; then echo "Error, incorrect msopenjdk hash: '$MSOPENJDK_ACTUAL_HASH'. Expected hash: '$MSOPENJDK_EXPECTED_HASH'" diff --git a/toolkit/scripts/toolchain/container/Dockerfile b/toolkit/scripts/toolchain/container/Dockerfile index 2cfc2438c7..79554d2f25 100644 --- a/toolkit/scripts/toolchain/container/Dockerfile +++ b/toolkit/scripts/toolchain/container/Dockerfile @@ -63,7 +63,7 @@ RUN wget -nv --no-clobber --timeout=30 --continue --input-file=$LFS/tools/toolch # Disable downloading from remote sources by default. The 'toolchain-local-wget-list' generated for the above line will download from $(SOURCE_URL) # The 'toolchain-remote-wget-list' is still available and can be used as an alternate to $(SOURCE_URL) if desired. #RUN wget -nv --no-clobber --timeout=30 --continue --input-file=$LFS/tools/toolchain-remote-wget-list --directory-prefix=$LFS/sources; exit 0 -RUN wget -nv --no-clobber --timeout=30 --continue https://github.com/intel/linux-intel-lts/archive/refs/tags/lts-v6.12.20-edge-250324T192946Z.tar.gz -O lts-v6.12.20-edge-250324T192946Z.tar.gz --directory-prefix=$LFS/sources; exit 0 +RUN wget -nv --no-clobber --timeout=30 --continue https://github.com/intel/linux-intel-lts/archive/refs/tags/lts-v6.12.23-emt-250415T094615Z.tar.gz -O lts-v6.12.23-emt-250415T094615Z.tar.gz --directory-prefix=$LFS/sources; exit 0 USER root RUN mkdir -pv $LFS/{etc,var} $LFS/usr/{bin,lib,sbin} && \ diff --git a/toolkit/scripts/toolchain/container/toolchain-sha256sums b/toolkit/scripts/toolchain/container/toolchain-sha256sums index cc0bae6b61..187b00ad89 100644 --- a/toolkit/scripts/toolchain/container/toolchain-sha256sums +++ b/toolkit/scripts/toolchain/container/toolchain-sha256sums @@ -28,7 +28,7 @@ a3c2b80201b89e68616f4ad30bc66aee4927c3ce50e33929ca819d5c43538898 gmp-6.3.0.tar. 1db2aedde89d0dea42b16d9528f894c8d15dae4e190b59aecc78f5a951276eab grep-3.11.tar.xz 6b9757f592b7518b4902eb6af7e54570bdccba37a871fddb2d30ae3863511c13 groff-1.23.0.tar.gz 7454eb6935db17c6655576c2e1b0fabefd38b4d0936e0f87f48cd062ce91a057 gzip-1.13.tar.xz -6aa265c2e640ffc060ac0e4fb0dd3363913053a7e306be2e269b5432045d7255 lts-v6.12.20-edge-250324T192946Z.tar.gz +752b4275dcc3d0a457802f57f5462fe1e0837730f3752292016beeacbf631021 lts-v6.12.23-emt-250415T094615Z.tar.gz 5d24e40819768f74daf846b99837fc53a3a9dcdf3ce1c2003fe0596db850f0f0 libarchive-3.7.1.tar.gz f311f8f3dad84699d0566d1d6f7ec943a9298b28f714cae3c931dfd57492d7eb libcap-2.69.tar.xz b8b45194989022a79ec1317f64a2a75b1551b2a55bea06f67704cb2a2e4690b0 libpipeline-1.5.7.tar.gz diff --git a/toolkit/scripts/toolchain/container/toolchain_build_temp_tools.sh b/toolkit/scripts/toolchain/container/toolchain_build_temp_tools.sh index 0ee1880c89..1c6ee41c10 100755 --- a/toolkit/scripts/toolchain/container/toolchain_build_temp_tools.sh +++ b/toolkit/scripts/toolchain/container/toolchain_build_temp_tools.sh @@ -86,10 +86,10 @@ rm -rf gcc-13.2.0 touch $LFS/logs/temptoolchain/status_gcc_pass1_complete -KERNEL_VERSION="6.12.20" +KERNEL_VERSION="6.12.23" echo Linux-${KERNEL_VERSION} API Headers -tar xf lts-v6.12.20-edge-250324T192946Z.tar.gz -pushd lts-v${KERNEL_VERSION}-edge-250324T192946Z +tar xf lts-v6.12.23-emt-250415T094615Z.tar.gz +pushd lts-v${KERNEL_VERSION}-emt-250415T094615Z make mrproper make headers find usr/include -type f ! -name '*.h' -delete diff --git a/toolkit/scripts/toolchain/download_toolchain_rpm.sh b/toolkit/scripts/toolchain/download_toolchain_rpm.sh index 71381e3b77..92de52431f 100755 --- a/toolkit/scripts/toolchain/download_toolchain_rpm.sh +++ b/toolkit/scripts/toolchain/download_toolchain_rpm.sh @@ -28,6 +28,7 @@ function usage() { echo "-k|--private-key: Optional path to a private key file to use for the download" echo "-e|--enforce-signatures: Optional flag to enforce RPM signatures" echo "-g|--allowable-gpg-keys: Optional space separated list of GPG keys to allow for signature validation" + echo "--skip-hash-check: Optional flag to skip RPM hash validation" } # Default values @@ -41,6 +42,7 @@ cert="" key="" enforce_signatures=false allowable_gpg_keys="" +skip_hash_check=false while (( "$#")); do case "$1" in @@ -84,6 +86,10 @@ while (( "$#")); do allowable_gpg_keys=$2 shift 2 ;; + --skip-hash-check) + skip_hash_check=true + shift + ;; -h|--help) usage exit 0 @@ -178,14 +184,10 @@ function download() { return 1 } +# Validate the signatures of the downloaded RPM against the provided GPG keys function validate_signatures() { echo "Validating toolchain RPM: $rpm_name" | tee -a "$log_file" - for key in $allowable_gpg_keys; do - echo "Adding key ($key) to empty workdir at ($work_dir)" >> "$log_file" - rpmkeys --root "$work_dir" --import "$key" >> "$log_file" - done - if ! rpmkeys --root "$work_dir" --checksig --verbose "$dst_file" -D "%_pkgverify_level signature" >> "$log_file"; then echo "Failed to validate toolchain package $rpm_name signature, aborting." | tee -a "$log_file" return 1 @@ -193,10 +195,34 @@ function validate_signatures() { return 0 } -mkdir -p "$(dirname "$log_file")" +# Validate the integrity of the downloaded RPM using its digests +function validate_hash() { + echo "Checking hash of toolchain RPM: $rpm_name" | tee -a "$log_file" + + if ! rpm --root "$work_dir" --checksig --verbose "$dst_file" -D "%_pkgverify_level digest" >> "$log_file"; then + echo "Failed to validate toolchain package $rpm_name hashes, aborting." | tee -a "$log_file" + return 1 + fi + return 0 +} + +function import_rpm_keys() { + echo "Allowing GPG keys" >> "$log_file" + for key in $allowable_gpg_keys; do + echo "Adding key ($key) to empty workdir at ($work_dir)" >> "$log_file" + rpmkeys --root "$work_dir" --import "$key" >> "$log_file" + done +} + +mkdir -pv "$(dirname "$log_file")" download +import_rpm_keys + if $enforce_signatures; then validate_signatures +elif ! $skip_hash_check; then + # validate_hash is a subset of validate_signatures, no need to run both + validate_hash fi diff --git a/toolkit/tools/grapher/grapher.go b/toolkit/tools/grapher/grapher.go index de5eede8dc..9737b7fe0d 100644 --- a/toolkit/tools/grapher/grapher.go +++ b/toolkit/tools/grapher/grapher.go @@ -12,6 +12,7 @@ import ( "github.com/microsoft/azurelinux/toolkit/tools/internal/packagerepo/repocloner/rpmrepocloner" "github.com/microsoft/azurelinux/toolkit/tools/internal/pkggraph" "github.com/microsoft/azurelinux/toolkit/tools/internal/pkgjson" + "github.com/microsoft/azurelinux/toolkit/tools/internal/sliceutils" "github.com/microsoft/azurelinux/toolkit/tools/internal/timestamp" "github.com/microsoft/azurelinux/toolkit/tools/pkg/profile" @@ -23,14 +24,13 @@ var ( input = exe.InputFlag(app, "Input json listing all local SRPMs") output = exe.OutputFlag(app, "Output file to export the graph to") - logFlags = exe.SetupLogFlags(app) - profFlags = exe.SetupProfileFlags(app) - strictGoals = app.Flag("strict-goals", "Don't allow missing goal packages").Bool() - strictUnresolved = app.Flag("strict-unresolved", "Don't allow missing unresolved packages").Bool() - timestampFile = app.Flag("timestamp-file", "File that stores timestamps for this program.").String() - usePMCtoResolveCycles = app.Flag("usePMCtoresolvecycles", "Cycles will be resolved by downloading rpm packages from PMC if locally unavailable").Bool() - tlsClientCert = app.Flag("tls-cert", "TLS client certificate to use when downloading files.").String() - tlsClientKey = app.Flag("tls-key", "TLS client key to use when downloading files.").String() + logFlags = exe.SetupLogFlags(app) + profFlags = exe.SetupProfileFlags(app) + strictGoals = app.Flag("strict-goals", "Don't allow missing goal packages").Bool() + strictUnresolved = app.Flag("strict-unresolved", "Don't allow missing unresolved packages").Bool() + timestampFile = app.Flag("timestamp-file", "File that stores timestamps for this program.").String() + tlsClientCert = app.Flag("tls-cert", "TLS client certificate to use when downloading files.").String() + tlsClientKey = app.Flag("tls-key", "TLS client key to use when downloading files.").String() resolveCyclesFromUpstream = app.Flag("resolve-cycles-from-upstream", "Let grapher resolve cycles by marking rpms available in repo as remote").Bool() outDir = exe.OutputDirFlag(app, "Directory to download packages into.") @@ -43,8 +43,6 @@ var ( disableDefaultRepos = app.Flag("disable-default-repos", "Disable pulling packages from PMC repos").Bool() ignoreVersionToResolveSelfDep = app.Flag("ignore-version-to-resolve-selfdep", "Ignore package version while downloading package from upstream when resolving cycle").Bool() repoSnapshotTime = app.Flag("repo-snapshot-time", "Optional: Repo time limit for tdnf virtual snapshot").String() - - depGraph = pkggraph.NewPkgGraph() ) func main() { @@ -113,7 +111,7 @@ func main() { } // addUnresolvedPackage adds an unresolved node to the graph representing the -// packged described in the PackgetVer structure. Returns an error if the node +// package described in the PackageVer structure. Returns an error if the node // could not be created. func addUnresolvedPackage(g *pkggraph.PkgGraph, pkgVer *pkgjson.PackageVer) (newRunNode *pkggraph.PkgNode, err error) { logger.Log.Debugf("Adding unresolved %s", pkgVer) @@ -122,7 +120,9 @@ func addUnresolvedPackage(g *pkggraph.PkgGraph, pkgVer *pkgjson.PackageVer) (new return } - nodes, err := g.FindBestPkgNode(pkgVer) + // Double check that the package is not already in the graph. A previous check should have already found the node + // and no call to addUnresolvedPackage() should have been made. + nodes, err := g.FindExactPkgNodeFromPkg(pkgVer) if err != nil { return } @@ -205,6 +205,36 @@ func addNodesForPackage(g *pkggraph.PkgGraph, pkg *pkgjson.Package) (foundDuplic return } +// findOrAddExactRemoteDependency ensures that a remote node is available in the graph for every unresolved dependency. +// 1. Check if the exact dependency is already in the graph. If it is, reuse it. +// 2. If it is not, create a new unresolved node for the dependency. +// It is important that we only match on the exact dependency name and version. If we don't, we may end up with +// unpredictable behavior in the scheduler. If two different remote dependencies are added to two different build +// nodes of a single SRPM, then the scheduler may queue that node twice. +func findOrAddExactRemoteDependency(g *pkggraph.PkgGraph, dependency *pkgjson.PackageVer) (selectedRemoteNode *pkggraph.PkgNode, err error) { + existingRemoteNode, err := g.FindExactPkgNodeFromPkg(dependency) + if err != nil { + err = fmt.Errorf("failed to check lookup list for exact remote %+v:\n%w", dependency, err) + return nil, err + } + + if existingRemoteNode == nil { + // No exact match, add a new one. + selectedRemoteNode, err = addUnresolvedPackage(g, dependency) + if err != nil { + err = fmt.Errorf("failed to add a remote node (%s):\n%w", dependency.Name, err) + return nil, err + } + logger.Log.Debugf("Added new node: '%s' for dependency %+v", selectedRemoteNode.FriendlyName(), dependency) + } else { + // This exact dependency is already in the graph, so reuse it. + selectedRemoteNode = existingRemoteNode.RunNode + logger.Log.Debugf("Found existing exact remote node: '%s' for dependency %+v", selectedRemoteNode.FriendlyName(), dependency) + } + + return selectedRemoteNode, nil +} + // addSingleDependency will add an edge between packageNode and the "Run" node for the // dependency described in the PackageVer structure. Returns an error if the // addition failed. @@ -217,15 +247,17 @@ func addSingleDependency(g *pkggraph.PkgGraph, packageNode *pkggraph.PkgNode, de return err } - if nodes == nil { - dependentNode, err = addUnresolvedPackage(g, dependency) + // If we can't find the dependency in the graph, or it is a remote dependency, we need to do a bit of extra validation. + if nodes == nil || nodes.RunNode.Type != pkggraph.TypeLocalRun { + dependentNode, err = findOrAddExactRemoteDependency(g, dependency) if err != nil { - err = fmt.Errorf("failed to add a package (%s):\n%w", dependency.Name, err) + err = fmt.Errorf("failed to handle remote dependency from %+v to %+v:\n%w", packageNode.VersionedPkg, dependency, err) return err } } else { // All dependencies are assumed to be "Run" dependencies dependentNode = nodes.RunNode + logger.Log.Debugf("Found existing node: '%s' for dependency %+v", dependentNode.FriendlyName(), dependency) } if packageNode == dependentNode { @@ -335,10 +367,14 @@ func populateGraph(graph *pkggraph.PkgGraph, repo *pkgjson.PackageRepo) (err err timestamp.StopEvent(nil) // add package nodes timestamp.StartEvent("add dependencies", nil) + // Sort the map to ensure the order is deterministic + packageList := sliceutils.MapToSlice(uniquePackages) + pkgjson.SortPackageList(packageList) + // Rescan and add all the dependencies logger.Log.Infof("Adding all dependencies from (%s)", *input) dependenciesAdded := 0 - for uniquePkg := range uniquePackages { + for _, uniquePkg := range packageList { num, err := addPkgDependencies(graph, uniquePkg) if err != nil { err = fmt.Errorf("failed to add dependency %+v:\n%w", uniquePkg, err) diff --git a/toolkit/tools/grapher/grapher_test.go b/toolkit/tools/grapher/grapher_test.go new file mode 100644 index 0000000000..182709731b --- /dev/null +++ b/toolkit/tools/grapher/grapher_test.go @@ -0,0 +1,147 @@ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT License. + +package main + +import ( + "os" + "testing" + + "github.com/microsoft/azurelinux/toolkit/tools/internal/logger" + "github.com/microsoft/azurelinux/toolkit/tools/internal/pkggraph" + "github.com/microsoft/azurelinux/toolkit/tools/internal/pkgjson" + "github.com/sirupsen/logrus" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestMain(m *testing.M) { + logger.InitStderrLog() + logger.Log.SetLevel(logrus.FatalLevel) + os.Exit(m.Run()) +} + +// Make a "local" package of the given name. Each package with the same pkgName will share the same +// requires, srpmpath, etc. The subPkgName is used to differentiate multiple run-nodes for each +// package. The buildRequires should be common across all packages with the same pkgName. +func makePackage(pkgName, subPkgName string, buildRequires []*pkgjson.PackageVer) *pkgjson.Package { + // Create a package with the given name and version + pkg := &pkgjson.Package{ + Provides: &pkgjson.PackageVer{ + Name: subPkgName, + Version: "1.0", + }, + SrpmPath: pkgName + ".src.rpm", + RpmPath: pkgName + ".rpm", + SourceDir: pkgName + "-src", + SpecPath: pkgName + ".spec", + Architecture: "x86_64", + IsToolchain: false, + RunTests: true, + BuildRequires: buildRequires, + } + + return pkg +} + +// A very simple test case to validate that the test framework is working +func TestValidateFramework(t *testing.T) { + testRepo := &pkgjson.PackageRepo{ + Repo: []*pkgjson.Package{ + makePackage("pkg1", "pkg1-a", nil), + makePackage("pkg1", "pkg1-b", nil), + }, + } + depGraph := pkggraph.NewPkgGraph() + err := populateGraph(depGraph, testRepo) + require.NoError(t, err) + + // Validate that the graph is not empty + require.Equal(t, 2, len(depGraph.AllRunNodes())) + require.Equal(t, 2, len(depGraph.AllBuildNodes())) +} + +// Load a specially crafted repo containing several sub-packages of a single SRPM, and two malicious +// packages that try to pollute the available remote dependencies. The test will check if the various build +// nodes of the sub-package SRPM are all using the same set of dependencies. The other packages will add +// new remote nodes to the graph since they may not be satisfied by the already existing nodes. Once +// this happens, the sub-package build nodes may start using the "better" dependencies, which is not what we want. +func TestScenarioMultiRemoteProvides(t *testing.T) { + anyVerBr := []*pkgjson.PackageVer{ + { + Name: "build-req", + Version: "", + Condition: "", + SVersion: "", + SCondition: "", + }, + } + lowVerBr := []*pkgjson.PackageVer{ + { + Name: "build-req", + Version: "1.0", + Condition: "<", + SVersion: "", + SCondition: "", + }, + } + highVerBr := []*pkgjson.PackageVer{ + { + Name: "build-req", + Version: "2.0", + Condition: ">", + SVersion: "", + SCondition: "", + }, + } + + // Define the test repo + testRepo := pkgjson.PackageRepo{ + Repo: []*pkgjson.Package{ + makePackage("pkg1", "pkg1-a", anyVerBr), + makePackage("other-pkg-1", "other-pkg-1", lowVerBr), + makePackage("pkg1", "pkg1-b", anyVerBr), + makePackage("other-pkg-2", "other-pkg-2", highVerBr), + makePackage("pkg1", "pkg1-c", anyVerBr), + }, + } + + // The graph library is non-deterministic (likely due to the use of maps), so to accurately catch the + // counter example we need to run the test multiple times. Experimentally, the test fails after about + // 10 runs (p=0.1), so with 1000 runs the probability of false negatives is 0.9^1000 ~= 1.7E-46 (ie very + // small). + const numRuns = 1000 + for i := 0; i < numRuns; i++ { + // Create the dependency graph + depGraph := pkggraph.NewPkgGraph() + err := populateGraph(depGraph, &testRepo) + require.NoError(t, err) + + // Check our invariants + actualDepsUsed := make(map[pkgjson.PackageVer]bool) + buildNodes := depGraph.AllBuildNodes() + for _, buildNode := range buildNodes { + + // Only care about the pkg1 build nodes + if buildNode.SrpmPath != "pkg1.src.rpm" { + continue + } + + dependencies := depGraph.From(buildNode.ID()) + + for dependencies.Next() { + dep := dependencies.Node().(*pkggraph.PkgNode) + // Add to the set + actualDepsUsed[*dep.VersionedPkg] = true + } + } + // Now check the map, if there is more than one entry something is wrong + if len(actualDepsUsed) > 1 { + t.Error("Build deps:") + for dep := range actualDepsUsed { + t.Logf("\t%s", dep) + } + assert.FailNowf(t, "Multiple dependencies used in a single build node", "Failed after %d runs", i+1) + } + } +} diff --git a/toolkit/tools/internal/pkgjson/pkgjson.go b/toolkit/tools/internal/pkgjson/pkgjson.go index 759bfd7ef8..e73e8eaa51 100644 --- a/toolkit/tools/internal/pkgjson/pkgjson.go +++ b/toolkit/tools/internal/pkgjson/pkgjson.go @@ -6,6 +6,7 @@ package pkgjson import ( "fmt" "regexp" + "sort" "strings" "github.com/microsoft/azurelinux/toolkit/tools/internal/jsonutils" @@ -73,11 +74,49 @@ type Package struct { RunTests bool `json:"RunTests"` // Should we run tests for this package. } +func packageLess(a, b PackageVer) bool { + if a.Name == b.Name { + v1 := versioncompare.New(a.Version) + v2 := versioncompare.New(b.Version) + return v1.Compare(v2) < 0 + } + + return a.Name < b.Name +} + +// SortPackageList ensures the package list is sorted in a deterministic way. It will primarily sort by name, then +// version. It will also sort the package lists (requires, buildRequires, testRequires) of each package. +func SortPackageList(packages []*Package) { + sort.Slice(packages, func(i, j int) bool { + return packageLess(*packages[i].Provides, *packages[j].Provides) + }) + + // For each package, also sort the lists of its dependencies + for _, pkg := range packages { + sort.Slice(pkg.Requires, func(i, j int) bool { + return packageLess(*pkg.Requires[i], *pkg.Requires[j]) + }) + sort.Slice(pkg.BuildRequires, func(i, j int) bool { + return packageLess(*pkg.BuildRequires[i], *pkg.BuildRequires[j]) + }) + sort.Slice(pkg.TestRequires, func(i, j int) bool { + return packageLess(*pkg.TestRequires[i], *pkg.TestRequires[j]) + }) + } +} + // ParsePackageJSON reads a package list json file func (pkg *PackageRepo) ParsePackageJSON(path string) (err error) { logger.Log.Infof("Opening %s", path) - return jsonutils.ReadJSONFile(path, &pkg) + if err = jsonutils.ReadJSONFile(path, &pkg); err != nil { + return err + } + + // Ensure deterministic ordering of the package list + SortPackageList(pkg.Repo) + + return nil } // IsImplicitPackage returns true if a PackageVer represents an implicit provide. diff --git a/toolkit/tools/internal/pkgjson/pkgjson_test.go b/toolkit/tools/internal/pkgjson/pkgjson_test.go index 737d663560..35d41b9021 100644 --- a/toolkit/tools/internal/pkgjson/pkgjson_test.go +++ b/toolkit/tools/internal/pkgjson/pkgjson_test.go @@ -887,3 +887,91 @@ func TestShouldFailToConvertPackageListEntryWithWhitespacesInVersion(t *testing. assert.Error(t, err) } + +func TestSortPackageListByName(t *testing.T) { + repo := []*Package{ + { + Provides: &PackageVer{Name: "pkgB", Version: "1.0.0"}, + }, + { + Provides: &PackageVer{Name: "pkgA", Version: "1.0.0"}, + }, + } + + SortPackageList(repo) + assert.Equal(t, "pkgA", repo[0].Provides.Name) + assert.Equal(t, "pkgB", repo[1].Provides.Name) +} + +func TestSortPackageListByVersion(t *testing.T) { + repo := []*Package{ + { + Provides: &PackageVer{Name: "pkgA", Version: "2.0.0"}, + }, + { + Provides: &PackageVer{Name: "pkgA", Version: "1.0.0"}, + }, + } + + SortPackageList(repo) + // Compare versions since name is same + assert.Equal(t, "1.0.0", repo[0].Provides.Version) + assert.Equal(t, "2.0.0", repo[1].Provides.Version) +} + +func TestRecursiveSortPackageList(t *testing.T) { + repo := []*Package{ + { + Provides: &PackageVer{Name: "pkgB", Version: "1.0.0"}, + Requires: []*PackageVer{ + {Name: "pkgC", Version: "1.0.0"}, + {Name: "pkgA", Version: "1.0.0"}, + }, + BuildRequires: []*PackageVer{ + {Name: "pkgD", Version: "1.0.0"}, + {Name: "pkgB", Version: "1.0.0"}, + }, + TestRequires: []*PackageVer{ + {Name: "pkgF", Version: "1.0.0"}, + {Name: "pkgE", Version: "1.0.0"}, + }, + }, + { + Provides: &PackageVer{Name: "pkgA", Version: "1.0.0"}, + Requires: []*PackageVer{ + {Name: "pkgB", Version: "1.0.0"}, + {Name: "pkgC", Version: "1.0.0"}, + }, + BuildRequires: []*PackageVer{ + {Name: "pkgA", Version: "1.0.0"}, + {Name: "pkgC", Version: "1.0.0"}, + }, + TestRequires: []*PackageVer{ + {Name: "pkgD", Version: "1.0.0"}, + {Name: "pkgB", Version: "1.0.0"}, + }, + }, + } + + SortPackageList(repo) + + // Check the order of the main repo + assert.Equal(t, "pkgA", repo[0].Provides.Name) + assert.Equal(t, "pkgB", repo[1].Provides.Name) + + // Check the order of the Requires list + assert.Equal(t, "pkgB", repo[0].Requires[0].Name) + assert.Equal(t, "pkgC", repo[0].Requires[1].Name) + + // Check the order of the BuildRequires list + assert.Equal(t, "pkgA", repo[0].BuildRequires[0].Name) + assert.Equal(t, "pkgC", repo[0].BuildRequires[1].Name) + + // Check the order of the TestRequires list + assert.Equal(t, "pkgB", repo[0].TestRequires[0].Name) + assert.Equal(t, "pkgD", repo[0].TestRequires[1].Name) + + // Spot check 2nd package + assert.Equal(t, "pkgA", repo[1].Requires[0].Name) + assert.Equal(t, "pkgC", repo[1].Requires[1].Name) +}