forked from rpms/kernel
Merge remote-tracking branch 'alma-origin/c9' into HEAD
This commit is contained in:
commit
8afe38421a
6
.gitignore
vendored
6
.gitignore
vendored
@ -1,5 +1,5 @@
|
||||
SOURCES/kernel-abi-stablelists-5.14.0-70.13.1.el9_0.tar.bz2
|
||||
SOURCES/kernel-kabi-dw-5.14.0-70.13.1.el9_0.tar.bz2
|
||||
SOURCES/linux-5.14.0-70.13.1.el9_0.tar.xz
|
||||
SOURCES/kernel-abi-stablelists-5.14.0-70.17.1.el9_0.tar.bz2
|
||||
SOURCES/kernel-kabi-dw-5.14.0-70.17.1.el9_0.tar.bz2
|
||||
SOURCES/linux-5.14.0-70.17.1.el9_0.tar.xz
|
||||
SOURCES/rheldup3.x509
|
||||
SOURCES/rhelkpatch1.x509
|
||||
|
@ -1,5 +1,5 @@
|
||||
c1197ace1d0f19538e93b665dc04950908d34880 SOURCES/kernel-abi-stablelists-5.14.0-70.13.1.el9_0.tar.bz2
|
||||
206afe247796a98d6b1f57f4bdabb2d57836e928 SOURCES/kernel-kabi-dw-5.14.0-70.13.1.el9_0.tar.bz2
|
||||
7101b2671a4efc2fd6049b207a717c0c4cf54580 SOURCES/linux-5.14.0-70.13.1.el9_0.tar.xz
|
||||
a99a235c21b77ecf630199ff7bed5e1e828937e5 SOURCES/kernel-abi-stablelists-5.14.0-70.17.1.el9_0.tar.bz2
|
||||
dac015c65e7c965a6af4fa8793a6eeecfd5fdb38 SOURCES/kernel-kabi-dw-5.14.0-70.17.1.el9_0.tar.bz2
|
||||
bd558333aae402f4cbc05d79f044ebff4377453b SOURCES/linux-5.14.0-70.17.1.el9_0.tar.xz
|
||||
95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509
|
||||
d90885108d225a234a5a9d054fc80893a5bd54d0 SOURCES/rhelkpatch1.x509
|
||||
|
@ -12,7 +12,7 @@ RHEL_MINOR = 0
|
||||
#
|
||||
# Use this spot to avoid future merge conflicts.
|
||||
# Do not trim this comment.
|
||||
RHEL_RELEASE = 70.13.1
|
||||
RHEL_RELEASE = 70.17.1
|
||||
|
||||
#
|
||||
# ZSTREAM
|
||||
|
@ -1014,7 +1014,7 @@ CONFIG_CRYPTO_USER_API_HASH=y
|
||||
# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set
|
||||
CONFIG_CRYPTO_USER_API_RNG=y
|
||||
CONFIG_CRYPTO_USER_API_SKCIPHER=y
|
||||
CONFIG_CRYPTO_USER=m
|
||||
CONFIG_CRYPTO_USER=y
|
||||
CONFIG_CRYPTO_VMAC=m
|
||||
CONFIG_CRYPTO_WP512=m
|
||||
CONFIG_CRYPTO_XCBC=m
|
||||
|
@ -1014,7 +1014,7 @@ CONFIG_CRYPTO_USER_API_HASH=y
|
||||
# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set
|
||||
CONFIG_CRYPTO_USER_API_RNG=y
|
||||
CONFIG_CRYPTO_USER_API_SKCIPHER=y
|
||||
CONFIG_CRYPTO_USER=m
|
||||
CONFIG_CRYPTO_USER=y
|
||||
CONFIG_CRYPTO_VMAC=m
|
||||
CONFIG_CRYPTO_WP512=m
|
||||
CONFIG_CRYPTO_XCBC=m
|
||||
|
@ -862,7 +862,7 @@ CONFIG_CRYPTO_USER_API_HASH=y
|
||||
# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set
|
||||
CONFIG_CRYPTO_USER_API_RNG=y
|
||||
CONFIG_CRYPTO_USER_API_SKCIPHER=y
|
||||
CONFIG_CRYPTO_USER=m
|
||||
CONFIG_CRYPTO_USER=y
|
||||
CONFIG_CRYPTO_VMAC=m
|
||||
CONFIG_CRYPTO_WP512=m
|
||||
CONFIG_CRYPTO_XCBC=m
|
||||
|
@ -862,7 +862,7 @@ CONFIG_CRYPTO_USER_API_HASH=y
|
||||
# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set
|
||||
CONFIG_CRYPTO_USER_API_RNG=y
|
||||
CONFIG_CRYPTO_USER_API_SKCIPHER=y
|
||||
CONFIG_CRYPTO_USER=m
|
||||
CONFIG_CRYPTO_USER=y
|
||||
CONFIG_CRYPTO_VMAC=m
|
||||
CONFIG_CRYPTO_WP512=m
|
||||
CONFIG_CRYPTO_XCBC=m
|
||||
|
@ -849,7 +849,7 @@ CONFIG_CRYPTO_SHA3_512_S390=m
|
||||
CONFIG_CRYPTO_SHA3=y
|
||||
CONFIG_CRYPTO_SHA512_ARM64_CE=m
|
||||
# CONFIG_CRYPTO_SHA512_ARM64 is not set
|
||||
CONFIG_CRYPTO_SHA512_S390=m
|
||||
CONFIG_CRYPTO_SHA512_S390=y
|
||||
CONFIG_CRYPTO_SHA512=y
|
||||
# CONFIG_CRYPTO_SM2 is not set
|
||||
# CONFIG_CRYPTO_SM3 is not set
|
||||
@ -864,7 +864,7 @@ CONFIG_CRYPTO_USER_API_HASH=y
|
||||
# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set
|
||||
CONFIG_CRYPTO_USER_API_RNG=y
|
||||
CONFIG_CRYPTO_USER_API_SKCIPHER=y
|
||||
CONFIG_CRYPTO_USER=m
|
||||
CONFIG_CRYPTO_USER=y
|
||||
CONFIG_CRYPTO_VMAC=m
|
||||
CONFIG_CRYPTO_WP512=m
|
||||
CONFIG_CRYPTO_XCBC=m
|
||||
|
@ -849,7 +849,7 @@ CONFIG_CRYPTO_SHA3_512_S390=m
|
||||
CONFIG_CRYPTO_SHA3=y
|
||||
CONFIG_CRYPTO_SHA512_ARM64_CE=m
|
||||
# CONFIG_CRYPTO_SHA512_ARM64 is not set
|
||||
CONFIG_CRYPTO_SHA512_S390=m
|
||||
CONFIG_CRYPTO_SHA512_S390=y
|
||||
CONFIG_CRYPTO_SHA512=y
|
||||
# CONFIG_CRYPTO_SM2 is not set
|
||||
# CONFIG_CRYPTO_SM3 is not set
|
||||
@ -864,7 +864,7 @@ CONFIG_CRYPTO_USER_API_HASH=y
|
||||
# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set
|
||||
CONFIG_CRYPTO_USER_API_RNG=y
|
||||
CONFIG_CRYPTO_USER_API_SKCIPHER=y
|
||||
CONFIG_CRYPTO_USER=m
|
||||
CONFIG_CRYPTO_USER=y
|
||||
CONFIG_CRYPTO_VMAC=m
|
||||
CONFIG_CRYPTO_WP512=m
|
||||
CONFIG_CRYPTO_XCBC=m
|
||||
|
@ -905,7 +905,7 @@ CONFIG_CRYPTO_SHA256=y
|
||||
CONFIG_CRYPTO_SHA3=y
|
||||
CONFIG_CRYPTO_SHA512_ARM64_CE=m
|
||||
# CONFIG_CRYPTO_SHA512_ARM64 is not set
|
||||
CONFIG_CRYPTO_SHA512_SSSE3=m
|
||||
CONFIG_CRYPTO_SHA512_SSSE3=y
|
||||
CONFIG_CRYPTO_SHA512=y
|
||||
# CONFIG_CRYPTO_SM2 is not set
|
||||
# CONFIG_CRYPTO_SM3 is not set
|
||||
@ -923,7 +923,7 @@ CONFIG_CRYPTO_USER_API_HASH=y
|
||||
# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set
|
||||
CONFIG_CRYPTO_USER_API_RNG=y
|
||||
CONFIG_CRYPTO_USER_API_SKCIPHER=y
|
||||
CONFIG_CRYPTO_USER=m
|
||||
CONFIG_CRYPTO_USER=y
|
||||
CONFIG_CRYPTO_VMAC=m
|
||||
CONFIG_CRYPTO_WP512=m
|
||||
CONFIG_CRYPTO_XCBC=m
|
||||
|
@ -905,7 +905,7 @@ CONFIG_CRYPTO_SHA256=y
|
||||
CONFIG_CRYPTO_SHA3=y
|
||||
CONFIG_CRYPTO_SHA512_ARM64_CE=m
|
||||
# CONFIG_CRYPTO_SHA512_ARM64 is not set
|
||||
CONFIG_CRYPTO_SHA512_SSSE3=m
|
||||
CONFIG_CRYPTO_SHA512_SSSE3=y
|
||||
CONFIG_CRYPTO_SHA512=y
|
||||
# CONFIG_CRYPTO_SM2 is not set
|
||||
# CONFIG_CRYPTO_SM3 is not set
|
||||
@ -923,7 +923,7 @@ CONFIG_CRYPTO_USER_API_HASH=y
|
||||
# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set
|
||||
CONFIG_CRYPTO_USER_API_RNG=y
|
||||
CONFIG_CRYPTO_USER_API_SKCIPHER=y
|
||||
CONFIG_CRYPTO_USER=m
|
||||
CONFIG_CRYPTO_USER=y
|
||||
CONFIG_CRYPTO_VMAC=m
|
||||
CONFIG_CRYPTO_WP512=m
|
||||
CONFIG_CRYPTO_XCBC=m
|
||||
|
@ -19,3 +19,8 @@ emptyrpm:
|
||||
- kernel-zfcpdump
|
||||
- kernel-zfcpdump-devel-matched
|
||||
- kernel-zfcpdump-modules
|
||||
|
||||
patches:
|
||||
ignore_list:
|
||||
- linux-kernel-test.patch
|
||||
- patch-5.14.0-redhat.patch
|
||||
|
@ -121,13 +121,13 @@ Summary: The Linux kernel
|
||||
%define kversion 5.14
|
||||
|
||||
%define rpmversion 5.14.0
|
||||
%define pkgrelease 70.13.1.el9_0
|
||||
%define pkgrelease 70.17.1.el9_0
|
||||
|
||||
# This is needed to do merge window version magic
|
||||
%define patchlevel 14
|
||||
|
||||
# allow pkg_release to have configurable %%{?dist} tag
|
||||
%define specrelease 70.13.1%{?buildid}%{?dist}
|
||||
%define specrelease 70.17.1%{?buildid}%{?dist}
|
||||
|
||||
%define pkg_release %{specrelease}
|
||||
|
||||
@ -677,7 +677,7 @@ BuildRequires: lld
|
||||
# exact git commit you can run
|
||||
#
|
||||
# xzcat -qq ${TARBALL} | git get-tar-commit-id
|
||||
Source0: linux-5.14.0-70.13.1.el9_0.tar.xz
|
||||
Source0: linux-5.14.0-70.17.1.el9_0.tar.xz
|
||||
|
||||
Source1: Makefile.rhelver
|
||||
|
||||
@ -1333,8 +1333,8 @@ ApplyOptionalPatch()
|
||||
fi
|
||||
}
|
||||
|
||||
%setup -q -n kernel-5.14.0-70.13.1.el9_0 -c
|
||||
mv linux-5.14.0-70.13.1.el9_0 linux-%{KVERREL}
|
||||
%setup -q -n kernel-5.14.0-70.17.1.el9_0 -c
|
||||
mv linux-5.14.0-70.17.1.el9_0 linux-%{KVERREL}
|
||||
|
||||
cd linux-%{KVERREL}
|
||||
cp -a %{SOURCE1} .
|
||||
@ -2204,6 +2204,14 @@ popd
|
||||
# in the source tree. We installed them previously to $RPM_BUILD_ROOT/usr
|
||||
# but there's no way to tell the Makefile to take them from there.
|
||||
%{make} %{?_smp_mflags} headers_install
|
||||
|
||||
# If we re building only tools without kernel, we need to generate config
|
||||
# headers and prepare tree for modules building. The modules_prepare target
|
||||
# will cover both.
|
||||
if [ ! -f include/generated/autoconf.h ]; then
|
||||
%{make} %{?_smp_mflags} modules_prepare
|
||||
fi
|
||||
|
||||
%{make} %{?_smp_mflags} ARCH=$Arch V=1 M=samples/bpf/
|
||||
|
||||
# Prevent bpf selftests to build bpftool repeatedly:
|
||||
@ -2933,6 +2941,45 @@ fi
|
||||
#
|
||||
#
|
||||
%changelog
|
||||
* Tue Jun 14 2022 Herton R. Krzesinski <herton@redhat.com> [5.14.0-70.17.1.el9_0]
|
||||
- netfilter: nf_tables: disallow non-stateful expression in sets earlier (Phil Sutter) [2092994 2092995] {CVE-2022-1966}
|
||||
- thunderx nic: mark device as unmaintained (Íñigo Huguet) [2092638 2060285]
|
||||
- pseries/eeh: Fix the kdump kernel crash during eeh_pseries_init (Steve Best) [2092255 2067770]
|
||||
- perf: Fix sys_perf_event_open() race against self (Michael Petlan) [2087963 2087964] {CVE-2022-1729}
|
||||
- spec: Fix separate tools build (Jiri Olsa) [2090852 2054579]
|
||||
- mm: lru_cache_disable: replace work queue synchronization with synchronize_rcu (Marcelo Tosatti) [2086963 2033500]
|
||||
|
||||
* Wed Jun 08 2022 Herton R. Krzesinski <herton@redhat.com> [5.14.0-70.16.1.el9_0]
|
||||
- dm integrity: fix memory corruption when tag_size is less than digest size (Benjamin Marzinski) [2082187 2081778]
|
||||
|
||||
* Wed Jun 01 2022 Herton R. Krzesinski <herton@redhat.com> [5.14.0-70.15.1.el9_0]
|
||||
- CI: Use zstream builder image (Veronika Kabatova)
|
||||
- tcp: drop the hash_32() part from the index calculation (Guillaume Nault) [2087128 2064868] {CVE-2022-1012}
|
||||
- tcp: increase source port perturb table to 2^16 (Guillaume Nault) [2087128 2064868] {CVE-2022-1012}
|
||||
- tcp: dynamically allocate the perturb table used by source ports (Guillaume Nault) [2087128 2064868] {CVE-2022-1012}
|
||||
- tcp: add small random increments to the source port (Guillaume Nault) [2087128 2064868] {CVE-2022-1012}
|
||||
- tcp: resalt the secret every 10 seconds (Guillaume Nault) [2087128 2064868] {CVE-2022-1012}
|
||||
- tcp: use different parts of the port_offset for index and offset (Guillaume Nault) [2087128 2064868] {CVE-2022-1012}
|
||||
- secure_seq: use the 64 bits of the siphash for port offset calculation (Guillaume Nault) [2087128 2064868] {CVE-2022-1012}
|
||||
- Revert "netfilter: conntrack: tag conntracks picked up in local out hook" (Florian Westphal) [2085480 2061850]
|
||||
- Revert "netfilter: nat: force port remap to prevent shadowing well-known ports" (Florian Westphal) [2085480 2061850]
|
||||
- redhat/koji/Makefile: Decouple koji Makefile from Makefile.common (Andrea Claudi)
|
||||
- redhat: fix make {distg-brew,distg-koji} (Andrea Claudi)
|
||||
- esp: limit skb_page_frag_refill use to a single page (Sabrina Dubroca) [2082950 2082951] {CVE-2022-27666}
|
||||
- esp: Fix possible buffer overflow in ESP transformation (Sabrina Dubroca) [2082950 2082951] {CVE-2022-27666}
|
||||
- sctp: use the correct skb for security_sctp_assoc_request (Ondrej Mosnacek) [2084044 2078856]
|
||||
- security: implement sctp_assoc_established hook in selinux (Ondrej Mosnacek) [2084044 2078856]
|
||||
- security: add sctp_assoc_established hook (Ondrej Mosnacek) [2084044 2078856]
|
||||
- security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce (Ondrej Mosnacek) [2084044 2078856]
|
||||
- security: pass asoc to sctp_assoc_request and sctp_sk_clone (Ondrej Mosnacek) [2084044 2078856]
|
||||
|
||||
* Wed May 11 2022 Herton R. Krzesinski <herton@redhat.com> [5.14.0-70.14.1.el9_0]
|
||||
- PCI: hv: Propagate coherence from VMbus device to PCI device (Vitaly Kuznetsov) [2074830 2068432]
|
||||
- Drivers: hv: vmbus: Propagate VMbus coherence to each VMbus device (Vitaly Kuznetsov) [2074830 2068432]
|
||||
- redhat: rpminspect: disable 'patches' check for known empty patch files (Herton R. Krzesinski)
|
||||
- redhat/configs: make SHA512_arch algos and CRYPTO_USER built-ins (Vladis Dronov) [2072643 2070624]
|
||||
- CI: Drop baseline runs (Veronika Kabatova)
|
||||
|
||||
* Thu Apr 14 2022 Herton R. Krzesinski <herton@redhat.com> [5.14.0-70.13.1.el9_0]
|
||||
- redhat: disable uncommon media device infrastructure (Jarod Wilson) [2074598]
|
||||
- netfilter: nf_tables: unregister flowtable hooks on netns exit (Florian Westphal) [2056869]
|
||||
|
Loading…
Reference in New Issue
Block a user