同步操作将从 openEuler/syscare 强制同步,此操作会覆盖自 Fork 仓库以来所做的任何修改,且无法恢复!!!
确定后同步将在后台操作,完成时将刷新页面,请耐心等待。
SysCare is a system-level hot repair software that provides stand-alone and cluster-level security patches and system error hot fixes for the operating system. The host can repair system problems without restarting. Currently, only unified kernel mode/user mode hot patch technology is integrated. Users need to focus on their core business, and system repair issues are handled by SysCare. In the later stage, we plan to provide system hot upgrade technology based on different repaired components to further liberate operation and maintenance users and improve operation and maintenance efficiency.
You can use the system component source code and the corresponding patch issues to produce the RPM of the corresponding component patch (including patch files, dependency information, configuration information, etc.). The produced patch RPM can be uploaded to the corresponding patch warehouse, cluster system Demon regularly queries the patch warehouse and hot-fixes CVEs and software errors running in the system to ensure safe, stable and efficient operation of the system.
dnf update & dnf install syscare
Install compilation dependencies
$ kernel-version=$(uname -r)
$ dnf install -y kernel-source-$kernel-version kernel-debuginfo-$kernel-version kernel-devel-$kernel-version
$ dnf install -y elfutils-libelf-devel openssl-devel dwarves python3-devel rpm-build bison cmake make gcc g++
Compile and install
git clone https://gitee.com/openeuler/syscare.git
cd syscare
mkdir tmp
cd tmp
cmake -DCMAKE_INSTALL_PREFIX=/usr -DKERNEL_VERSION=$(uname -r) ..
make
make install
rpm -ivh syscare-*.rpm
$ syscare build \
--patch-name "HP001" \
--patch-description "CVE-2021-32675" \
--source ./redis-6.2.5-1.src.rpm \
--debuginfo ./redis-debuginfo-6.2.5-1.x86_64.rpm \
--output ./output \
--patch ./0001-Prevent-unauthenticated-client-from-easily-consuming.patch
$ syscare build \
--patch-name HP001 \
--source ./kernel-5.10.0-60.91.0.115.src.rpm \
--source ./testmod-1-1.src.rpm \
--debuginfo ./kernel-debuginfo-5.10.0-60.91.0.115.aarch64.rpm \
--output ./output \
--verbose \
--skip-cleanup \
--patch ./0001-test.patch
For detailed instructions on patch production, please see builder/README.md
$ sudo syscare apply redis-6.2.5-1/HP001
$ sudo syscare active redis-6.2.5-1/HP001
$ sudo syscarae deactive redis-6.2.5-1/HP001
$ sudo syscare remove redis-6.2.5-1/HP001
$ sudo syscare accept redis-6.2.5-1/HP001
$ syscare status redis-6.2.5-1/HP001
$ syscare info redis-6.2.5-1/HP001
$ syscare target redis-6.2.5-1/HP001
$ syscare list
$ syscare reboot
For detailed command line instructions, please see cli/README.md
-gdwarf
-ffunction-sections
-fdata-sections
parameters;STT_FUNC
or STT_OBJECT
. Exactly the same symbol modification: A file with the same name exists, and the local variable and function names are exactly the same. This is possible. inconsistent;-g3
compilation options, specific compilation optimization options, specific gcc plugin, etc. are not supported yet;__attribute__((ifunc("foo")))
is not supported yet;__thread int foo
;$ git clone https://gitee.com/openeuler/syscare.git
$ cd syscare & git branch -b Feature_XXXX
$ vim src/upatch/xxxx & git commit -m ""
$ git push origin
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。