On 8/6/20 11:58 AM, Stefan Puiu wrote:

Hi,

We have a CentOS 7 -based (more accurately, CentOS 7 atomic host-based) distro that we build and run on specialized hardware. For the kernel, we pick the CentOS 7 kernel, apply two patches (and a different configuration) and build it. We're mostly following CentOS 7.8 at the moment, and using the 3.10.0-1127.13.1 kernel.

A few days ago, I noticed kernel-3.10.0-1127.18.2.el7 was out (and it's labeled as a security update - https://lists.centos.org/pipermail/centos-announce/2020-July/035780.html), so I decided to build it. Our kernel build process involves downloading the src.rpm, patching the spec and then calling rpmbuild. For this latest kernel, our spec patch (which adds our 2 patches) failed to apply - as far as I can tell, the hunks where patches are listed, like this one:

== @@ -449,6 +449,8 @@ Patch1000: debrand-single-cpu.patch Patch1001: debrand-rh_taint.patch Patch1002: debrand-rh-i686-cpu.patch +Patch88881: kernel_ixia.patch +Patch88882: at24.patch

BuildRoot: %{_tmppath}/kernel-%{KVRA}-root

I checked the new spec file, and the debrand patches are missing. Looking at https://git.centos.org/rpms/kernel/commits/c7 (let me know if that's the right place), I see there's a debranding change (https://git.centos.org/rpms/kernel/c/548139faa91edfe29fc84695da827230de3c5d4...), but it simply added a README saying debranding failed.

Do I need to wait for a new change fixing this? I see older kernels have a "debranding" commit and then a "Manual CentOS Debranding" commit, is something like that required now as well?

Thanks in advance, Stefan. _______________________________________________

We will better debrand the next kernel .. we were eliminating items to get better builds from the shim / kernel error issues over the weekend and did not get the debranding completely in that kernel, but it worked, so we released it.

The next kernel will be more normal and with less urgency .. it should have all the patches.