Thanks for working on this Greg I just have a few comments/questions. On 1/12/18, 8:38 AM, "ovs-dev-boun...@openvswitch.org on behalf of Greg Rose" <ovs-dev-boun...@openvswitch.org on behalf of gvrose8...@gmail.com> wrote:
A bug in RHEL 7.2 has been found in which a customer who installed a RHEL 7.2 openvswitch kernel module rpm with a slightly different minor build number than the running kernel found that the kernel modules were installed to the wrong directory. After the installation the new openvswitch kernel modules were installed to: /lib/modules/3.10.0-327.22.2.el7.x86_64/extra/openvswitch But the running kernel was 3.10.0-327.el7.x86_64 and after the installation was complete the kernel modules in the installed directory were not linked to the "weak-updates" directory in the running kernel. So a critical bug was encountered in which the in-tree openvswitch kernel module was loaded instead of the one the customer explicitly installed with the rpm. [Darrell] Is it necessary to say “critical” here ? This patch replicates ./extra/openvswitch directory with kernel modules, if for the currently running kernel there is neither a ./extra/openvswitch nor ./weak-update/openvswitch directory. Signed-off-by: Greg Rose <gvrose8...@gmail.com> --- V2 - Incorporate feedback from V1 --- rhel/openvswitch.spec.in | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/rhel/openvswitch.spec.in b/rhel/openvswitch.spec.in index e510d35..b5b5122 100644 --- a/rhel/openvswitch.spec.in +++ b/rhel/openvswitch.spec.in @@ -169,6 +169,32 @@ fi /sbin/chkconfig --add openvswitch /sbin/chkconfig openvswitch on +# In some cases a kernel module rpm will have a different minor build +# version than the currently running kernel. In this case the kernel +# modules will be installed but not to the kernel modules directory +# of the currently running kernel. Check and copy modules if +# necessary. +# This is a bug that has only been found to occur on RHEL 7.2. +if [[ ! -d /lib/modules/$(uname -r)/extra/openvswitch && \ + ! -d /lib/modules/$(uname -r)/weak-updates/openvswitch ]]; then [Darrell] This implies that if extra/openvswitch or weak-updates/openvswitch already exists, we won’t have a problem. I guess it is less likely, but I am not sure definitively. What do you think ? Why does this happen only on RHEL 7.2 ? Or was it only observed so far on 7.2 and there is some other common denominator ? + found="false" + for i in `ls -t /lib/modules` + do + if [ -d /lib/modules/$i/extra/openvswitch ]; then + mkdir -p /lib/modules/$(uname -r)/extra + cp -r --preserve "/lib/modules/$i/extra/openvswitch" \ + /lib/modules/$(uname -r)/extra + found="true" [Darrell] I have seen a symbolic link used in some similar cases. + break + fi + done + if [ "$found" != "true" ]; then + echo "Error in openvswitch kernel modules installation" + else + /usr/sbin/depmod -a + fi +fi + %post selinux-policy /usr/sbin/semodule -i %{_datadir}/selinux/packages/%{name}/openvswitch-custom.pp &> /dev/null || : -- 1.8.3.1 _______________________________________________ dev mailing list d...@openvswitch.org https://urldefense.proofpoint.com/v2/url?u=https-3A__mail.openvswitch.org_mailman_listinfo_ovs-2Ddev&d=DwICAg&c=uilaK90D4TOVoH58JNXRgQ&r=BVhFA09CGX7JQ5Ih-uZnsw&m=6fJmIsIJeh610bYPTqJ81HEAabcWsimFnNMA901QScs&s=hmxDEn-HhsJNI4kS0xgSV1nBnPCX-n9Z8chesGnW6sg&e= _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev