Fix CVE-2016-5195 Dirty COW

[packages/centos6/kernel.git] / kernel.spec

diff --git a/kernel.spec b/kernel.spec
index 9b8aaeb517c0ad6b4d2a01cb85ef92b4d1e0d00f..db483ca61aa359abdff15a24aeb4f83ca203b2d1 100644 (file)
--- a/kernel.spec
+++ b/kernel.spec
@@ -16,6 +16,7 @@ Summary: The Linux kernel
 # by setting the define to ".local" or ".bz123456"
 #
 # % define buildid .local
+%define buildid .mos1
 
 %define distro_build 431.20.3
 %define signmodules 1
@@ -279,6 +280,8 @@ Summary: The Linux kernel
 %define all_arch_configs kernel-%{version}-i?86*.config
 %define image_install_path boot
 %define kernel_image arch/x86/boot/bzImage
+%define with_perf 1
+%define with_firmware 1
 %endif
 
 %ifarch x86_64
@@ -286,6 +289,8 @@ Summary: The Linux kernel
 %define all_arch_configs kernel-%{version}-x86_64*.config
 %define image_install_path boot
 %define kernel_image arch/x86/boot/bzImage
+%define with_perf 1
+%define with_firmware 1
 %endif
 
 %ifarch ppc64
@@ -610,6 +615,9 @@ Source84: config-s390x-generic-rhel
 Source85: config-powerpc64-debug-rhel
 Source86: config-s390x-debug-rhel
 
+# LP: https://bugs.launchpad.net/mos/+bug/1636528
+Patch1: cve-2016-2016-5195.patch
+
 # empty final patch file to facilitate testing of kernel patches
 Patch999999: linux-kernel-test.patch
 
@@ -932,6 +940,8 @@ cp %{SOURCE15} %{SOURCE1} %{SOURCE16} %{SOURCE17} %{SOURCE18} .
 # Dynamically generate kernel .config files from config-* files
 make -f %{SOURCE20} VERSION=%{version} configs
 
+ApplyPatch cve-2016-2016-5195.patch
+
 ApplyOptionalPatch linux-kernel-test.patch
 
 # Any further pre-build tree manipulations happen here.
@@ -1735,6 +1745,9 @@ fi
 %endif
 
 %changelog
+* Mon Nov 14 2016 Anton Chevychalov <achevychalov@mirantis.com> [2.6.32-431.20.3.mos1.el6.centos]
+- [mm] Backport fix for CVE-2015-5195
+
 * Thu Jun 19 2014 Johnny Hughes <johnny@centos.org> [2.6.32-431.20.3.el6.centos]
 - Roll in CentOS Branding