From 18267e2505f05210f22279b5566c23efb3f43a3e Mon Sep 17 00:00:00 2001
From: Scott Weaver <scweaver@redhat.com>
Date: Mon, 19 Feb 2024 12:14:26 -0500
Subject: [PATCH] kernel-5.14.0-424.el9
* Mon Feb 19 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-424.el9]
- tunnels: fix out of bounds access when building IPv6 PMTU error (Antoine Tenart) [RHEL-21839]
- Revert "efi/arm64: libstub: avoid SetVirtualAddressMap() when possible" (Paolo Bonzini) [RHEL-23382]
- Revert "arm64: efi: Force the use of SetVirtualAddressMap() on Altra machines" (Paolo Bonzini) [RHEL-23382]
- Revert "arm64: efi: Force the use of SetVirtualAddressMap() on eMAG and Altra Max machines" (Paolo Bonzini) [RHEL-23382]
- Revert "arm64: efi: Use SMBIOS processor version to key off Ampere quirk" (Paolo Bonzini) [RHEL-23382]
- Revert "efi/libstub: smbios: Drop unused 'recsize' parameter" (Paolo Bonzini) [RHEL-23382]
- crypto: rsa - restrict plaintext/ciphertext values more (Vladis Dronov) [RHEL-24869]
- crypto: rsa - add a check for allocation failure (Vladis Dronov) [RHEL-24869]
- crypto: rsa - allow only odd e and restrict value in FIPS mode (Vladis Dronov) [RHEL-24869]
- dm-crypt, dm-verity: disable tasklets (Benjamin Marzinski) [RHEL-23572]
- dm verity: initialize fec io before freeing it (Benjamin Marzinski) [RHEL-23572]
- dm-verity: don't use blocking calls from tasklets (Benjamin Marzinski) [RHEL-23572]
- netfilter: nf_tables: bail out on mismatching dynset and set expressions (Florian Westphal) [RHEL-19016 RHEL-19017] {CVE-2023-6622}
- memory: tegra: Add Tegra234 clients for RCE and VI (Joel Slebodnick) [RHEL-16714]
- cpufreq: tegra194: remove redundant AND with cpu_online_mask (Joel Slebodnick) [RHEL-16714]
- cpufreq: tegra194: use refclk delta based loop instead of udelay (Joel Slebodnick) [RHEL-16714]
- cpufreq: tegra194: save CPU data to avoid repeated SMP calls (Joel Slebodnick) [RHEL-16714]
- i2c: tegra: Fix i2c-tegra DMA config option processing (Joel Slebodnick) [RHEL-16714]
- i2c: tegra: Fix failure during probe deferral cleanup (Joel Slebodnick) [RHEL-16714]
- firmware: tegra: bpmp: Add support for DRAM MRQ GSCs (Joel Slebodnick) [RHEL-16714]
- gpio: tegra186: Check PMC driver status before any request (Joel Slebodnick) [RHEL-16714]
- soc/tegra: fuse: Fix Tegra234 fuse size (Joel Slebodnick) [RHEL-16714]
- soc/tegra: pmc: Add AON SW Wake support for Tegra234 (Joel Slebodnick) [RHEL-16714]
- gpio: tegra186: Check GPIO pin permission before access. (Joel Slebodnick) [RHEL-16714]
- soc/tegra: fuse: Add support for Tegra264 (Joel Slebodnick) [RHEL-16714]
- soc/tegra: bpmp: Actually free memory on error path (Joel Slebodnick) [RHEL-16714]
- firmware: tegra: bpmp: Fix error paths in debugfs (Joel Slebodnick) [RHEL-16714]
- netfilter: nf_tables: check if catch-all set element is active in next generation (Florian Westphal) [RHEL-23505 RHEL-23511] {CVE-2024-1085}
- netfilter: nf_tables: reject QUEUE/DROP verdict parameters (Florian Westphal) [RHEL-23502 RHEL-23508] {CVE-2024-1086}
- RHEL: re-enable CONFIG_TCP_CONG_ILLINOIS (Davide Caratti) [RHEL-5736]
- KVM: selftests: Fix a semaphore imbalance in the dirty ring logging test (Eric Auger) [RHEL-16671 RHEL-24620]
- KVM: arm64: Add missing memory barriers when switching to pKVM's hyp pgd (Eric Auger) [RHEL-24620]
- KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache (Eric Auger) [RHEL-24620]
- KVM: arm64: vgic-v3: Reinterpret user ISPENDR writes as I{C,S}PENDR (Eric Auger) [RHEL-24620]
- KVM: arm64: vgic: Use common accessor for writes to ICPENDR (Eric Auger) [RHEL-24620]
- KVM: arm64: vgic: Use common accessor for writes to ISPENDR (Eric Auger) [RHEL-24620]
- KVM: arm64: vgic-v4: Restore pending state on host userspace write (Eric Auger) [RHEL-24620]
- KVM: arm64: Update and fix FGT register masks (Eric Auger) [RHEL-24620]
- IB: Use capital "OR" for multiple licenses in SPDX (Izabela Bakollari) [RHEL-10363]
- RDMA/rdmavt: Delete unnecessary NULL check (Izabela Bakollari) [RHEL-10363]
- IB/rdmavt: Fix target union member for rvt_post_one_wr() (Izabela Bakollari) [RHEL-10363]
- ice: add CGU info to devlink info callback (Petr Oros) [RHEL-22620]
- nvme: start keep-alive after admin queue setup (Maurizio Lombardi) [RHEL-25203]
- perf list: Fix JSON segfault by setting the used skip_duplicate_pmus callback (Michael Petlan) [RHEL-17626]
- libbpf: Use OPTS_SET() macro in bpf_xdp_query() (Viktor Malik) [RHEL-24445]
- ovl: remove privs in ovl_fallocate() (Miklos Szeredi) [RHEL-17368]
- ovl: remove privs in ovl_copyfile() (Miklos Szeredi) [RHEL-17368]
- nvme-host: fix the updating of the firmware version (Maurizio Lombardi) [RHEL-25086]
- devlink: Expose port function commands to control IPsec packet offloads (Petr Oros) [RHEL-24425]
- devlink: Expose port function commands to control IPsec crypto offloads (Petr Oros) [RHEL-24425]
Resolves: RHEL-10363, RHEL-16671, RHEL-16714, RHEL-17368, RHEL-17626, RHEL-19016, RHEL-21839, RHEL-22620, RHEL-23382, RHEL-23502, RHEL-23505, RHEL-23572, RHEL-24425, RHEL-24445, RHEL-24620, RHEL-24869, RHEL-25086, RHEL-25203, RHEL-5736, RHEL-19017, RHEL-23511, RHEL-23508
Signed-off-by: Scott Weaver <scweaver@redhat.com>
---
Makefile.rhelver | 2 +-
kernel-aarch64-64k-debug-rhel.config | 2 +-
kernel-aarch64-64k-rhel.config | 2 +-
kernel-aarch64-debug-rhel.config | 2 +-
kernel-aarch64-rhel.config | 2 +-
kernel-aarch64-rt-debug-rhel.config | 2 +-
kernel-aarch64-rt-rhel.config | 2 +-
kernel-ppc64le-debug-rhel.config | 2 +-
kernel-ppc64le-rhel.config | 2 +-
kernel-s390x-debug-rhel.config | 2 +-
kernel-s390x-rhel.config | 2 +-
kernel-s390x-zfcpdump-rhel.config | 2 +-
kernel-x86_64-debug-rhel.config | 2 +-
kernel-x86_64-rhel.config | 2 +-
kernel-x86_64-rt-debug-rhel.config | 2 +-
kernel-x86_64-rt-rhel.config | 2 +-
kernel.spec | 60 ++++++++++++++++++++++++++--
sources | 6 +--
18 files changed, 75 insertions(+), 23 deletions(-)
diff --git a/Makefile.rhelver b/Makefile.rhelver
index c518e18..00d7518 100644
--- a/Makefile.rhelver
+++ b/Makefile.rhelver
@@ -12,7 +12,7 @@ RHEL_MINOR = 4
#
# Use this spot to avoid future merge conflicts.
# Do not trim this comment.
-RHEL_RELEASE = 423
+RHEL_RELEASE = 424
#
# ZSTREAM
diff --git a/kernel-aarch64-64k-debug-rhel.config b/kernel-aarch64-64k-debug-rhel.config
index 06f1d31..542996d 100644
--- a/kernel-aarch64-64k-debug-rhel.config
+++ b/kernel-aarch64-64k-debug-rhel.config
@@ -6158,7 +6158,7 @@ CONFIG_TCP_CONG_DCTCP=m
# CONFIG_TCP_CONG_HSTCP is not set
CONFIG_TCP_CONG_HTCP=m
# CONFIG_TCP_CONG_HYBLA is not set
-# CONFIG_TCP_CONG_ILLINOIS is not set
+CONFIG_TCP_CONG_ILLINOIS=m
# CONFIG_TCP_CONG_LP is not set
CONFIG_TCP_CONG_NV=m
# CONFIG_TCP_CONG_SCALABLE is not set
diff --git a/kernel-aarch64-64k-rhel.config b/kernel-aarch64-64k-rhel.config
index eb61449..892ac2c 100644
--- a/kernel-aarch64-64k-rhel.config
+++ b/kernel-aarch64-64k-rhel.config
@@ -6134,7 +6134,7 @@ CONFIG_TCP_CONG_DCTCP=m
# CONFIG_TCP_CONG_HSTCP is not set
CONFIG_TCP_CONG_HTCP=m
# CONFIG_TCP_CONG_HYBLA is not set
-# CONFIG_TCP_CONG_ILLINOIS is not set
+CONFIG_TCP_CONG_ILLINOIS=m
# CONFIG_TCP_CONG_LP is not set
CONFIG_TCP_CONG_NV=m
# CONFIG_TCP_CONG_SCALABLE is not set
diff --git a/kernel-aarch64-debug-rhel.config b/kernel-aarch64-debug-rhel.config
index 41ee603..755b3d3 100644
--- a/kernel-aarch64-debug-rhel.config
+++ b/kernel-aarch64-debug-rhel.config
@@ -6155,7 +6155,7 @@ CONFIG_TCP_CONG_DCTCP=m
# CONFIG_TCP_CONG_HSTCP is not set
CONFIG_TCP_CONG_HTCP=m
# CONFIG_TCP_CONG_HYBLA is not set
-# CONFIG_TCP_CONG_ILLINOIS is not set
+CONFIG_TCP_CONG_ILLINOIS=m
# CONFIG_TCP_CONG_LP is not set
CONFIG_TCP_CONG_NV=m
# CONFIG_TCP_CONG_SCALABLE is not set
diff --git a/kernel-aarch64-rhel.config b/kernel-aarch64-rhel.config
index 58c392c..c33797c 100644
--- a/kernel-aarch64-rhel.config
+++ b/kernel-aarch64-rhel.config
@@ -6131,7 +6131,7 @@ CONFIG_TCP_CONG_DCTCP=m
# CONFIG_TCP_CONG_HSTCP is not set
CONFIG_TCP_CONG_HTCP=m
# CONFIG_TCP_CONG_HYBLA is not set
-# CONFIG_TCP_CONG_ILLINOIS is not set
+CONFIG_TCP_CONG_ILLINOIS=m
# CONFIG_TCP_CONG_LP is not set
CONFIG_TCP_CONG_NV=m
# CONFIG_TCP_CONG_SCALABLE is not set
diff --git a/kernel-aarch64-rt-debug-rhel.config b/kernel-aarch64-rt-debug-rhel.config
index 786a74a..7b8026c 100644
--- a/kernel-aarch64-rt-debug-rhel.config
+++ b/kernel-aarch64-rt-debug-rhel.config
@@ -6256,7 +6256,7 @@ CONFIG_TCP_CONG_DCTCP=m
# CONFIG_TCP_CONG_HSTCP is not set
CONFIG_TCP_CONG_HTCP=m
# CONFIG_TCP_CONG_HYBLA is not set
-# CONFIG_TCP_CONG_ILLINOIS is not set
+CONFIG_TCP_CONG_ILLINOIS=m
# CONFIG_TCP_CONG_LP is not set
CONFIG_TCP_CONG_NV=m
# CONFIG_TCP_CONG_SCALABLE is not set
diff --git a/kernel-aarch64-rt-rhel.config b/kernel-aarch64-rt-rhel.config
index aea8385..29bb165 100644
--- a/kernel-aarch64-rt-rhel.config
+++ b/kernel-aarch64-rt-rhel.config
@@ -6232,7 +6232,7 @@ CONFIG_TCP_CONG_DCTCP=m
# CONFIG_TCP_CONG_HSTCP is not set
CONFIG_TCP_CONG_HTCP=m
# CONFIG_TCP_CONG_HYBLA is not set
-# CONFIG_TCP_CONG_ILLINOIS is not set
+CONFIG_TCP_CONG_ILLINOIS=m
# CONFIG_TCP_CONG_LP is not set
CONFIG_TCP_CONG_NV=m
# CONFIG_TCP_CONG_SCALABLE is not set
diff --git a/kernel-ppc64le-debug-rhel.config b/kernel-ppc64le-debug-rhel.config
index e4680ea..532be97 100644
--- a/kernel-ppc64le-debug-rhel.config
+++ b/kernel-ppc64le-debug-rhel.config
@@ -5645,7 +5645,7 @@ CONFIG_TCP_CONG_DCTCP=m
# CONFIG_TCP_CONG_HSTCP is not set
CONFIG_TCP_CONG_HTCP=m
# CONFIG_TCP_CONG_HYBLA is not set
-# CONFIG_TCP_CONG_ILLINOIS is not set
+CONFIG_TCP_CONG_ILLINOIS=m
# CONFIG_TCP_CONG_LP is not set
CONFIG_TCP_CONG_NV=m
# CONFIG_TCP_CONG_SCALABLE is not set
diff --git a/kernel-ppc64le-rhel.config b/kernel-ppc64le-rhel.config
index 63daf91..3324be5 100644
--- a/kernel-ppc64le-rhel.config
+++ b/kernel-ppc64le-rhel.config
@@ -5623,7 +5623,7 @@ CONFIG_TCP_CONG_DCTCP=m
# CONFIG_TCP_CONG_HSTCP is not set
CONFIG_TCP_CONG_HTCP=m
# CONFIG_TCP_CONG_HYBLA is not set
-# CONFIG_TCP_CONG_ILLINOIS is not set
+CONFIG_TCP_CONG_ILLINOIS=m
# CONFIG_TCP_CONG_LP is not set
CONFIG_TCP_CONG_NV=m
# CONFIG_TCP_CONG_SCALABLE is not set
diff --git a/kernel-s390x-debug-rhel.config b/kernel-s390x-debug-rhel.config
index dadb444..e261614 100644
--- a/kernel-s390x-debug-rhel.config
+++ b/kernel-s390x-debug-rhel.config
@@ -5619,7 +5619,7 @@ CONFIG_TCP_CONG_DCTCP=m
# CONFIG_TCP_CONG_HSTCP is not set
CONFIG_TCP_CONG_HTCP=m
# CONFIG_TCP_CONG_HYBLA is not set
-# CONFIG_TCP_CONG_ILLINOIS is not set
+CONFIG_TCP_CONG_ILLINOIS=m
# CONFIG_TCP_CONG_LP is not set
CONFIG_TCP_CONG_NV=m
# CONFIG_TCP_CONG_SCALABLE is not set
diff --git a/kernel-s390x-rhel.config b/kernel-s390x-rhel.config
index 5140ebd..d4b9bc9 100644
--- a/kernel-s390x-rhel.config
+++ b/kernel-s390x-rhel.config
@@ -5597,7 +5597,7 @@ CONFIG_TCP_CONG_DCTCP=m
# CONFIG_TCP_CONG_HSTCP is not set
CONFIG_TCP_CONG_HTCP=m
# CONFIG_TCP_CONG_HYBLA is not set
-# CONFIG_TCP_CONG_ILLINOIS is not set
+CONFIG_TCP_CONG_ILLINOIS=m
# CONFIG_TCP_CONG_LP is not set
CONFIG_TCP_CONG_NV=m
# CONFIG_TCP_CONG_SCALABLE is not set
diff --git a/kernel-s390x-zfcpdump-rhel.config b/kernel-s390x-zfcpdump-rhel.config
index 0b4e69d..a309bdf 100644
--- a/kernel-s390x-zfcpdump-rhel.config
+++ b/kernel-s390x-zfcpdump-rhel.config
@@ -5623,7 +5623,7 @@ CONFIG_TCP_CONG_DCTCP=m
# CONFIG_TCP_CONG_HSTCP is not set
CONFIG_TCP_CONG_HTCP=m
# CONFIG_TCP_CONG_HYBLA is not set
-# CONFIG_TCP_CONG_ILLINOIS is not set
+CONFIG_TCP_CONG_ILLINOIS=m
# CONFIG_TCP_CONG_LP is not set
CONFIG_TCP_CONG_NV=m
# CONFIG_TCP_CONG_SCALABLE is not set
diff --git a/kernel-x86_64-debug-rhel.config b/kernel-x86_64-debug-rhel.config
index 5d77408..d460da0 100644
--- a/kernel-x86_64-debug-rhel.config
+++ b/kernel-x86_64-debug-rhel.config
@@ -5891,7 +5891,7 @@ CONFIG_TCP_CONG_DCTCP=m
# CONFIG_TCP_CONG_HSTCP is not set
CONFIG_TCP_CONG_HTCP=m
# CONFIG_TCP_CONG_HYBLA is not set
-# CONFIG_TCP_CONG_ILLINOIS is not set
+CONFIG_TCP_CONG_ILLINOIS=m
# CONFIG_TCP_CONG_LP is not set
CONFIG_TCP_CONG_NV=m
# CONFIG_TCP_CONG_SCALABLE is not set
diff --git a/kernel-x86_64-rhel.config b/kernel-x86_64-rhel.config
index 0f1ce3b..618ec1a 100644
--- a/kernel-x86_64-rhel.config
+++ b/kernel-x86_64-rhel.config
@@ -5868,7 +5868,7 @@ CONFIG_TCP_CONG_DCTCP=m
# CONFIG_TCP_CONG_HSTCP is not set
CONFIG_TCP_CONG_HTCP=m
# CONFIG_TCP_CONG_HYBLA is not set
-# CONFIG_TCP_CONG_ILLINOIS is not set
+CONFIG_TCP_CONG_ILLINOIS=m
# CONFIG_TCP_CONG_LP is not set
CONFIG_TCP_CONG_NV=m
# CONFIG_TCP_CONG_SCALABLE is not set
diff --git a/kernel-x86_64-rt-debug-rhel.config b/kernel-x86_64-rt-debug-rhel.config
index 743517f..c6afa45 100644
--- a/kernel-x86_64-rt-debug-rhel.config
+++ b/kernel-x86_64-rt-debug-rhel.config
@@ -5990,7 +5990,7 @@ CONFIG_TCP_CONG_DCTCP=m
# CONFIG_TCP_CONG_HSTCP is not set
CONFIG_TCP_CONG_HTCP=m
# CONFIG_TCP_CONG_HYBLA is not set
-# CONFIG_TCP_CONG_ILLINOIS is not set
+CONFIG_TCP_CONG_ILLINOIS=m
# CONFIG_TCP_CONG_LP is not set
CONFIG_TCP_CONG_NV=m
# CONFIG_TCP_CONG_SCALABLE is not set
diff --git a/kernel-x86_64-rt-rhel.config b/kernel-x86_64-rt-rhel.config
index 7d8e481..11045bb 100644
--- a/kernel-x86_64-rt-rhel.config
+++ b/kernel-x86_64-rt-rhel.config
@@ -5967,7 +5967,7 @@ CONFIG_TCP_CONG_DCTCP=m
# CONFIG_TCP_CONG_HSTCP is not set
CONFIG_TCP_CONG_HTCP=m
# CONFIG_TCP_CONG_HYBLA is not set
-# CONFIG_TCP_CONG_ILLINOIS is not set
+CONFIG_TCP_CONG_ILLINOIS=m
# CONFIG_TCP_CONG_LP is not set
CONFIG_TCP_CONG_NV=m
# CONFIG_TCP_CONG_SCALABLE is not set
diff --git a/kernel.spec b/kernel.spec
index ca0dcd1..ce65f8a 100755
--- a/kernel.spec
+++ b/kernel.spec
@@ -165,15 +165,15 @@ Summary: The Linux kernel
# define buildid .local
%define specversion 5.14.0
%define patchversion 5.14
-%define pkgrelease 423
+%define pkgrelease 424
%define kversion 5
-%define tarfile_release 5.14.0-423.el9
+%define tarfile_release 5.14.0-424.el9
# This is needed to do merge window version magic
%define patchlevel 14
# This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 423%{?buildid}%{?dist}
+%define specrelease 424%{?buildid}%{?dist}
# This defines the kabi tarball version
-%define kabiversion 5.14.0-423.el9
+%define kabiversion 5.14.0-424.el9
#
# End of genspec.sh variables
@@ -3729,6 +3729,58 @@ fi
#
#
%changelog
+* Mon Feb 19 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-424.el9]
+- tunnels: fix out of bounds access when building IPv6 PMTU error (Antoine Tenart) [RHEL-21839]
+- Revert "efi/arm64: libstub: avoid SetVirtualAddressMap() when possible" (Paolo Bonzini) [RHEL-23382]
+- Revert "arm64: efi: Force the use of SetVirtualAddressMap() on Altra machines" (Paolo Bonzini) [RHEL-23382]
+- Revert "arm64: efi: Force the use of SetVirtualAddressMap() on eMAG and Altra Max machines" (Paolo Bonzini) [RHEL-23382]
+- Revert "arm64: efi: Use SMBIOS processor version to key off Ampere quirk" (Paolo Bonzini) [RHEL-23382]
+- Revert "efi/libstub: smbios: Drop unused 'recsize' parameter" (Paolo Bonzini) [RHEL-23382]
+- crypto: rsa - restrict plaintext/ciphertext values more (Vladis Dronov) [RHEL-24869]
+- crypto: rsa - add a check for allocation failure (Vladis Dronov) [RHEL-24869]
+- crypto: rsa - allow only odd e and restrict value in FIPS mode (Vladis Dronov) [RHEL-24869]
+- dm-crypt, dm-verity: disable tasklets (Benjamin Marzinski) [RHEL-23572]
+- dm verity: initialize fec io before freeing it (Benjamin Marzinski) [RHEL-23572]
+- dm-verity: don't use blocking calls from tasklets (Benjamin Marzinski) [RHEL-23572]
+- netfilter: nf_tables: bail out on mismatching dynset and set expressions (Florian Westphal) [RHEL-19016 RHEL-19017] {CVE-2023-6622}
+- memory: tegra: Add Tegra234 clients for RCE and VI (Joel Slebodnick) [RHEL-16714]
+- cpufreq: tegra194: remove redundant AND with cpu_online_mask (Joel Slebodnick) [RHEL-16714]
+- cpufreq: tegra194: use refclk delta based loop instead of udelay (Joel Slebodnick) [RHEL-16714]
+- cpufreq: tegra194: save CPU data to avoid repeated SMP calls (Joel Slebodnick) [RHEL-16714]
+- i2c: tegra: Fix i2c-tegra DMA config option processing (Joel Slebodnick) [RHEL-16714]
+- i2c: tegra: Fix failure during probe deferral cleanup (Joel Slebodnick) [RHEL-16714]
+- firmware: tegra: bpmp: Add support for DRAM MRQ GSCs (Joel Slebodnick) [RHEL-16714]
+- gpio: tegra186: Check PMC driver status before any request (Joel Slebodnick) [RHEL-16714]
+- soc/tegra: fuse: Fix Tegra234 fuse size (Joel Slebodnick) [RHEL-16714]
+- soc/tegra: pmc: Add AON SW Wake support for Tegra234 (Joel Slebodnick) [RHEL-16714]
+- gpio: tegra186: Check GPIO pin permission before access. (Joel Slebodnick) [RHEL-16714]
+- soc/tegra: fuse: Add support for Tegra264 (Joel Slebodnick) [RHEL-16714]
+- soc/tegra: bpmp: Actually free memory on error path (Joel Slebodnick) [RHEL-16714]
+- firmware: tegra: bpmp: Fix error paths in debugfs (Joel Slebodnick) [RHEL-16714]
+- netfilter: nf_tables: check if catch-all set element is active in next generation (Florian Westphal) [RHEL-23505 RHEL-23511] {CVE-2024-1085}
+- netfilter: nf_tables: reject QUEUE/DROP verdict parameters (Florian Westphal) [RHEL-23502 RHEL-23508] {CVE-2024-1086}
+- RHEL: re-enable CONFIG_TCP_CONG_ILLINOIS (Davide Caratti) [RHEL-5736]
+- KVM: selftests: Fix a semaphore imbalance in the dirty ring logging test (Eric Auger) [RHEL-16671 RHEL-24620]
+- KVM: arm64: Add missing memory barriers when switching to pKVM's hyp pgd (Eric Auger) [RHEL-24620]
+- KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache (Eric Auger) [RHEL-24620]
+- KVM: arm64: vgic-v3: Reinterpret user ISPENDR writes as I{C,S}PENDR (Eric Auger) [RHEL-24620]
+- KVM: arm64: vgic: Use common accessor for writes to ICPENDR (Eric Auger) [RHEL-24620]
+- KVM: arm64: vgic: Use common accessor for writes to ISPENDR (Eric Auger) [RHEL-24620]
+- KVM: arm64: vgic-v4: Restore pending state on host userspace write (Eric Auger) [RHEL-24620]
+- KVM: arm64: Update and fix FGT register masks (Eric Auger) [RHEL-24620]
+- IB: Use capital "OR" for multiple licenses in SPDX (Izabela Bakollari) [RHEL-10363]
+- RDMA/rdmavt: Delete unnecessary NULL check (Izabela Bakollari) [RHEL-10363]
+- IB/rdmavt: Fix target union member for rvt_post_one_wr() (Izabela Bakollari) [RHEL-10363]
+- ice: add CGU info to devlink info callback (Petr Oros) [RHEL-22620]
+- nvme: start keep-alive after admin queue setup (Maurizio Lombardi) [RHEL-25203]
+- perf list: Fix JSON segfault by setting the used skip_duplicate_pmus callback (Michael Petlan) [RHEL-17626]
+- libbpf: Use OPTS_SET() macro in bpf_xdp_query() (Viktor Malik) [RHEL-24445]
+- ovl: remove privs in ovl_fallocate() (Miklos Szeredi) [RHEL-17368]
+- ovl: remove privs in ovl_copyfile() (Miklos Szeredi) [RHEL-17368]
+- nvme-host: fix the updating of the firmware version (Maurizio Lombardi) [RHEL-25086]
+- devlink: Expose port function commands to control IPsec packet offloads (Petr Oros) [RHEL-24425]
+- devlink: Expose port function commands to control IPsec crypto offloads (Petr Oros) [RHEL-24425]
+
* Fri Feb 16 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-423.el9]
- Bluetooth: Add support for Gale Peak (8087:0036) (Jose Ignacio Tornos Martinez) [RHEL-24999]
- Bluetooth: btintel: Add support for Gale Peak (Jose Ignacio Tornos Martinez) [RHEL-24999]
diff --git a/sources b/sources
index 004601a..b5483c6 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (linux-5.14.0-423.el9.tar.xz) = 029e9471f279ecefcb839d357053b27b19163d7374965a64e5e6985f2b0de8b2ee0d15f6f1c6302bdcde34cc4a1d11928224cd161fbf7121cde02d7d5e6cda38
-SHA512 (kernel-abi-stablelists-5.14.0-423.el9.tar.bz2) = 77d341dab02b7143de53964a235cb033f43d049e6b96dee99bd21711a261ca4dfbec299b2911d18eb552234a11ffc2c07957e6d6fc85d19dd186aa81e9f6b8e7
-SHA512 (kernel-kabi-dw-5.14.0-423.el9.tar.bz2) = d4dd283f3d135e35af71789b6bcc88cab3e287718a9be9796b1e313f840e6d4944095c15fb8c91e0e9f78d449ec1630c4f3425a4ca9544e80b31297515fc1572
+SHA512 (linux-5.14.0-424.el9.tar.xz) = 737a1f4ec96616d0582c5f570ba1d156e98d6155d06e79adab14b3308988423cc2fdc08cfd7f6963dcafe09fd1c1d2ba4114003ead8bd740d74438d29f2e5021
+SHA512 (kernel-abi-stablelists-5.14.0-424.el9.tar.bz2) = 933e09d7b100c52ad01acedd866f40cc7f629e7f3a41e5d29bd826f1d5f351ccdca1cba2a1465c672b7bcd14833b98a3c8299634d4f41a35fc3b773ba54b655d
+SHA512 (kernel-kabi-dw-5.14.0-424.el9.tar.bz2) = 0639baf66f6d0c6b580a64098f29f21b818625ebccd99a5c5af5caef693b2728ed0dfbab7859dc5f941a3ac9ef40070eb218b700c98f7569045d44b7771e10b9