1
0
forked from rpms/kernel

import EuroLinux kernel-5.14.0-362.13.1.el9_3

This commit is contained in:
eabdullin 2023-12-21 09:19:03 +00:00
parent 0da6ed7a65
commit e64d00bc57
8 changed files with 151 additions and 17 deletions

6
.gitignore vendored
View File

@ -1,6 +1,6 @@
SOURCES/kernel-abi-stablelists-5.14.0-362.8.1.el9_3.tar.bz2 SOURCES/kernel-abi-stablelists-5.14.0-362.13.1.el9_3.tar.bz2
SOURCES/kernel-kabi-dw-5.14.0-362.8.1.el9_3.tar.bz2 SOURCES/kernel-kabi-dw-5.14.0-362.13.1.el9_3.tar.bz2
SOURCES/linux-5.14.0-362.8.1.el9_3.tar.xz SOURCES/linux-5.14.0-362.13.1.el9_3.tar.xz
SOURCES/rheldup3.x509 SOURCES/rheldup3.x509
SOURCES/rhelima.x509 SOURCES/rhelima.x509
SOURCES/rhelima_centos.x509 SOURCES/rhelima_centos.x509

View File

@ -1,6 +1,6 @@
1c2b1687409ff0eaeeaef0a550bfba1fdf5759d2 SOURCES/kernel-abi-stablelists-5.14.0-362.8.1.el9_3.tar.bz2 c4f5872f7005e90b19c5f9062b22b1f21827ef54 SOURCES/kernel-abi-stablelists-5.14.0-362.13.1.el9_3.tar.bz2
2d6ccc65ef328fc9872f1a420af331ab850fb1a6 SOURCES/kernel-kabi-dw-5.14.0-362.8.1.el9_3.tar.bz2 b1d3fe4cf0e3d6db2cb96fc8dc3ccf21cf29b12d SOURCES/kernel-kabi-dw-5.14.0-362.13.1.el9_3.tar.bz2
83760acdd6b3494c5ed8cb87745a443aeb17c13e SOURCES/linux-5.14.0-362.8.1.el9_3.tar.xz 471a92d317924954c13b85d2f4cb6fd598712ea3 SOURCES/linux-5.14.0-362.13.1.el9_3.tar.xz
95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509 95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509
99e571f9de4188f3b5fdf1f84ff73f6cc4bb6a0e SOURCES/rhelima.x509 99e571f9de4188f3b5fdf1f84ff73f6cc4bb6a0e SOURCES/rhelima.x509
61d5a223ff0c79189505abae77e0087c4b2d2b47 SOURCES/rhelima_centos.x509 61d5a223ff0c79189505abae77e0087c4b2d2b47 SOURCES/rhelima_centos.x509

View File

@ -12,7 +12,7 @@ RHEL_MINOR = 3
# #
# Use this spot to avoid future merge conflicts. # Use this spot to avoid future merge conflicts.
# Do not trim this comment. # Do not trim this comment.
RHEL_RELEASE = 362.8.1 RHEL_RELEASE = 362.13.1
# #
# ZSTREAM # ZSTREAM

View File

@ -796,6 +796,7 @@ CONFIG_CPU_LITTLE_ENDIAN=y
CONFIG_CPUMASK_KUNIT_TEST=m CONFIG_CPUMASK_KUNIT_TEST=m
CONFIG_CPUMASK_OFFSTACK=y CONFIG_CPUMASK_OFFSTACK=y
CONFIG_CPUSETS=y CONFIG_CPUSETS=y
CONFIG_CPU_SRSO=y
# CONFIG_CPU_THERMAL is not set # CONFIG_CPU_THERMAL is not set
CONFIG_CPU_UNRET_ENTRY=y CONFIG_CPU_UNRET_ENTRY=y
# CONFIG_CRAMFS is not set # CONFIG_CRAMFS is not set

View File

@ -796,6 +796,7 @@ CONFIG_CPU_LITTLE_ENDIAN=y
CONFIG_CPUMASK_KUNIT_TEST=m CONFIG_CPUMASK_KUNIT_TEST=m
CONFIG_CPUMASK_OFFSTACK=y CONFIG_CPUMASK_OFFSTACK=y
CONFIG_CPUSETS=y CONFIG_CPUSETS=y
CONFIG_CPU_SRSO=y
# CONFIG_CPU_THERMAL is not set # CONFIG_CPU_THERMAL is not set
CONFIG_CPU_UNRET_ENTRY=y CONFIG_CPU_UNRET_ENTRY=y
# CONFIG_CRAMFS is not set # CONFIG_CRAMFS is not set

View File

@ -811,6 +811,7 @@ CONFIG_CPU_LITTLE_ENDIAN=y
CONFIG_CPUMASK_KUNIT_TEST=m CONFIG_CPUMASK_KUNIT_TEST=m
CONFIG_CPUMASK_OFFSTACK=y CONFIG_CPUMASK_OFFSTACK=y
CONFIG_CPUSETS=y CONFIG_CPUSETS=y
CONFIG_CPU_SRSO=y
# CONFIG_CPU_THERMAL is not set # CONFIG_CPU_THERMAL is not set
CONFIG_CPU_UNRET_ENTRY=y CONFIG_CPU_UNRET_ENTRY=y
# CONFIG_CRAMFS is not set # CONFIG_CRAMFS is not set

View File

@ -811,6 +811,7 @@ CONFIG_CPU_LITTLE_ENDIAN=y
CONFIG_CPUMASK_KUNIT_TEST=m CONFIG_CPUMASK_KUNIT_TEST=m
CONFIG_CPUMASK_OFFSTACK=y CONFIG_CPUMASK_OFFSTACK=y
CONFIG_CPUSETS=y CONFIG_CPUSETS=y
CONFIG_CPU_SRSO=y
# CONFIG_CPU_THERMAL is not set # CONFIG_CPU_THERMAL is not set
CONFIG_CPU_UNRET_ENTRY=y CONFIG_CPU_UNRET_ENTRY=y
# CONFIG_CRAMFS is not set # CONFIG_CRAMFS is not set

View File

@ -161,15 +161,15 @@ Summary: The Linux kernel
# define buildid .local # define buildid .local
%define specversion 5.14.0 %define specversion 5.14.0
%define patchversion 5.14 %define patchversion 5.14
%define pkgrelease 362.8.1 %define pkgrelease 362.13.1
%define kversion 5 %define kversion 5
%define tarfile_release 5.14.0-362.8.1.el9_3 %define tarfile_release 5.14.0-362.13.1.el9_3
# This is needed to do merge window version magic # This is needed to do merge window version magic
%define patchlevel 14 %define patchlevel 14
# This allows pkg_release to have configurable %%{?dist} tag # This allows pkg_release to have configurable %%{?dist} tag
%define specrelease 362.8.1%{?buildid}%{?dist} %define specrelease 362.13.1%{?buildid}%{?dist}
# This defines the kabi tarball version # This defines the kabi tarball version
%define kabiversion 5.14.0-362.8.1.el9_3 %define kabiversion 5.14.0-362.13.1.el9_3
# #
# End of genspec.sh variables # End of genspec.sh variables
@ -622,6 +622,15 @@ Summary: The Linux kernel
%define kernel_prereq coreutils, systemd >= 203-2, /usr/bin/kernel-install %define kernel_prereq coreutils, systemd >= 203-2, /usr/bin/kernel-install
%define initrd_prereq dracut >= 027 %define initrd_prereq dracut >= 027
# EuroLinux override
# Normaly this should be done in rpmmacros, but because the packages must be rebuildable with beast
# we have to change this here
%define with_doc 1
%global signkernel 0
%global signmodules 0
# End of EuroLinux override
Name: kernel Name: kernel
License: GPLv2 and Redistributable, no modification permitted License: GPLv2 and Redistributable, no modification permitted
@ -1245,11 +1254,11 @@ Summary: gcov graph and source files for coverage data collection.\
%{nil} %{nil}
%package -n kernel-abi-stablelists %package -n kernel-abi-stablelists
Summary: The Red Hat Enterprise Linux kernel ABI symbol stablelists Summary: The EuroLinux kernel ABI symbol stablelists
AutoReqProv: no AutoReqProv: no
%description -n kernel-abi-stablelists %description -n kernel-abi-stablelists
The kABI package contains information pertaining to the Red Hat Enterprise The kABI package contains information pertaining to the EuroLinux
Linux kernel ABI, including lists of kernel symbols that are needed by kernel ABI, including lists of kernel symbols that are needed by
external Linux kernel modules, and a yum plugin to aid enforcement. external Linux kernel modules, and a yum plugin to aid enforcement.
%if %{with_kabidw_base} %if %{with_kabidw_base}
@ -1258,8 +1267,8 @@ Summary: The baseline dataset for kABI verification using DWARF data
Group: System Environment/Kernel Group: System Environment/Kernel
AutoReqProv: no AutoReqProv: no
%description kernel-kabidw-base-internal %description kernel-kabidw-base-internal
The package contains data describing the current ABI of the Red Hat Enterprise The package contains data describing the current ABI of the EuroLinux
Linux kernel, suitable for the kabi-dw tool. kernel, suitable for the kabi-dw tool.
%endif %endif
# #
@ -1790,7 +1799,7 @@ done
# Adjust FIPS module name for RHEL # Adjust FIPS module name for RHEL
%if 0%{?rhel} %if 0%{?rhel}
for i in *.config; do for i in *.config; do
sed -i 's/CONFIG_CRYPTO_FIPS_NAME=.*/CONFIG_CRYPTO_FIPS_NAME="Red Hat Enterprise Linux %{rhel} - Kernel Cryptographic API"/' $i sed -i 's/CONFIG_CRYPTO_FIPS_NAME=.*/CONFIG_CRYPTO_FIPS_NAME="EuroLinux %{rhel} - Kernel Cryptographic API"/' $i
done done
%endif %endif
@ -3754,6 +3763,127 @@ fi
# #
# #
%changelog %changelog
* Tue Dec 19 2023 EuroLinux Autopatch <devel@euro-linux.com>
* Fri Nov 24 2023 Jan Stancek <jstancek@redhat.com> [5.14.0-362.13.1.el9_3]
- cifs: Fix UAF in cifs_demultiplex_thread() (Scott Mayhew) [RHEL-15169 RHEL-15173 RHEL-15170 RHEL-15174] {CVE-2023-1192}
- iommu: Optimise PCI SAC address trick (Jerry Snitselaar) [RHEL-15381 RHEL-11705]
- igb: set max size RX buffer when store bad packet is enabled (Wander Lairson Costa) [RHEL-15191 RHEL-15202 RHEL-15192 RHEL-15203] {CVE-2023-45871}
- bio-integrity: create multi-page bvecs in bio_integrity_add_page() (Ming Lei) [RHEL-15107 RHEL-13714]
- bio-integrity: cleanup adding integrity pages to bip's bvec. (Ming Lei) [RHEL-15107 RHEL-13714]
- bio-integrity: update the payload size in bio_integrity_add_page() (Ming Lei) [RHEL-15107 RHEL-13714]
- block: make bvec_try_merge_hw_page() non-static (Ming Lei) [RHEL-15107 RHEL-13714]
- block: don't pass a bio to bio_try_merge_hw_seg (Ming Lei) [RHEL-15107 RHEL-13714]
- block: move the bi_size update out of __bio_try_merge_page (Ming Lei) [RHEL-15107 RHEL-13714]
- block: downgrade a bio_full call in bio_add_page (Ming Lei) [RHEL-15107 RHEL-13714]
- block: move the bi_size overflow check in __bio_try_merge_page (Ming Lei) [RHEL-15107 RHEL-13714]
- block: move the bi_vcnt check out of __bio_try_merge_page (Ming Lei) [RHEL-15107 RHEL-13714]
- block: move the BIO_CLONED checks out of __bio_try_merge_page (Ming Lei) [RHEL-15107 RHEL-13714]
- block: use SECTOR_SHIFT bio_add_hw_page (Ming Lei) [RHEL-15107 RHEL-13714]
- block: tidy up the bio full checks in bio_add_hw_page (Ming Lei) [RHEL-15107 RHEL-13714]
- block: kmsan: skip bio block merging logic for KMSAN (Ming Lei) [RHEL-15107 RHEL-13714]
- redhat: change builder image to rhel-9.3 (Michael Hofmann)
- x86/retpoline: Document some thunk handling aspects (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- objtool: Fix return thunk patching in retpolines (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Remove unnecessary semicolon (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/nospec: Refactor UNTRAIN_RET[_*] (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Disentangle rethunk-dependent options (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Move retbleed IBPB check into existing 'has_microcode' code block (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/bugs: Remove default case for fully switched enums (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Remove 'pred_cmd' label (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Unexport untraining functions (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Improve i-cache locality for alias mitigation (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Fix unret validation dependencies (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Fix vulnerability reporting for missing microcode (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Print mitigation for retbleed IBPB case (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Print actual mitigation if requested mitigation isn't possible (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Fix SBPB enablement for (possible) future fixed HW (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86,static_call: Fix static-call vs return-thunk (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/alternatives: Remove faulty optimization (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Fix SBPB enablement for spec_rstack_overflow=off (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Don't probe microcode in a guest (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Set CPUID feature bits independently of bug or mitigation status (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Fix srso_show_state() side effect (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/cpu: Fix amd_check_microcode() declaration (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Correct the mitigation status when SMT is disabled (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/static_call: Fix __static_call_fixup() (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- objtool/x86: Fixup frame-pointer vs rethunk (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Explain the untraining sequences a bit more (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/cpu/kvm: Provide UNTRAIN_RET_VM (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/cpu: Cleanup the untrain mess (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/cpu: Rename srso_(.*)_alias to srso_alias_\1 (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/cpu: Rename original retbleed methods (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/cpu: Clean up SRSO return thunk mess (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/alternative: Make custom return thunk unconditional (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- objtool/x86: Fix SRSO mess (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk() (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/cpu: Fix __x86_return_thunk symbol type (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/retpoline,kprobes: Skip optprobe check for indirect jumps with retpolines and IBT (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Disable the mitigation on unaffected configurations (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/CPU/AMD: Fix the DIV(0) initial fix attempt (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/retpoline: Don't clobber RFLAGS during srso_safe_ret() (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- driver core: cpu: Fix the fallback cpu_show_gds() name (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86: Move gds_ucode_mitigated() declaration to header (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/speculation: Add cpu_show_gds() prototype (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- driver core: cpu: Make cpu_show_not_affected() static (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Fix build breakage with the LLVM linker (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- Documentation/srso: Document IBPB aspect and fix formatting (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- driver core: cpu: Unify redundant silly stubs (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- Documentation/hw-vuln: Unify filename specification in index (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/CPU/AMD: Do not leak quotient data after a division by 0 (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Tie SBPB bit setting to microcode patch detection (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Add a forgotten NOENDBR annotation (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Fix return thunks in generated code (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Add IBPB on VMEXIT (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Add IBPB (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Add SRSO_NO support (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Add IBPB_BRTYPE support (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- redhat/configs/x86: Enable CONFIG_CPU_SRSO (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/srso: Add a Speculative RAS Overflow mitigation (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/retbleed: Add __x86_return_thunk alignment checks (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/retbleed: Fix return thunk alignment (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/alternative: Optimize returns patching (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86,objtool: Separate unret validation from unwind hints (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- objtool: Add objtool_types.h (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- objtool: Union instruction::{call_dest,jump_table} (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- x86/kprobes: Fix optprobe optimization check with CONFIG_RETHUNK (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- objtool: Fix SEGFAULT (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- vmlinux.lds.h: add BOUNDED_SECTION* macros (Waiman Long) [RHEL-13879 RHEL-13880 RHEL-14114 RHEL-8594] {CVE-2023-20569}
- ice: Don't tx before switchdev is fully configured (Michal Schmidt) [RHEL-15799 2241234]
- wifi: rtw89: Fix loading of compressed firmware (Jose Ignacio Tornos Martinez) [RHEL-14353 RHEL-13881]
- x86/sev: Make enc_dec_hypercall() accept a size instead of npages (Vitaly Kuznetsov) [RHEL-5757 RHEL-3904]
* Thu Nov 16 2023 Jan Stancek <jstancek@redhat.com> [5.14.0-362.12.1.el9_3]
- fs/smb/client: Reset password pointer to NULL (Scott Mayhew) [RHEL-11804 RHEL-11808 RHEL-11805 RHEL-11809] {CVE-2023-5345}
* Thu Nov 09 2023 Herton R. Krzesinski <herton@redhat.com> [5.14.0-362.11.1.el9_3]
- mm, mremap: fix mremap() expanding for vma's with vm_ops->close() (Donald Dutile) [RHEL-15277 RHEL-9198]
- qed: fix LL2 RX buffer allocation (Chris Leech) [RHEL-14496 RHEL-8466]
- fs/buffer.c: disable per-CPU buffer_head cache for isolated CPUs (Marcelo Tosatti) [RHEL-12101 2158709]
* Thu Nov 02 2023 Jan Stancek <jstancek@redhat.com> [5.14.0-362.10.1.el9_3]
- perf/x86/amd: Do not WARN() on every IRQ (Michael Petlan) [RHEL-14363 RHEL-12341]
- keys: Fix linking a duplicate key to a keyring's assoc_array (Jay Shin) [RHEL-14058 RHEL-9908]
- vdpa/mlx5: Correct default number of queues when MQ is on (Laurent Vivier) [RHEL-12419 RHEL-7015]
- redhat: fix bug/zjira sort in the changelog (Herton R. Krzesinski)
- ice: always add legacy 32byte RXDID in supported_rxdids (Michal Schmidt) [RHEL-10381 RHEL-10357]
* Thu Oct 26 2023 Jan Stancek <jstancek@redhat.com> [5.14.0-362.9.1.el9_3]
- iavf: schedule a request immediately after add/delete vlan (Petr Oros) [RHEL-9460]
- iavf: add iavf_schedule_aq_request() helper (Petr Oros) [RHEL-9460]
- cgroup: always put cset in cgroup_css_set_put_fork (Jay Shin) [RHEL-14053]
- cgroup: bpf: use cgroup_lock()/cgroup_unlock() wrappers (Jay Shin) [RHEL-14053]
- CI: Remove -rt suffix from kpet_tree_name values (Nikolai Kondrashov)
- rbd: take header_rwsem in rbd_dev_refresh() only when updating (Ilya Dryomov) [RHEL-12359]
- rbd: decouple parent info read-in from updating rbd_dev (Ilya Dryomov) [RHEL-12359]
- rbd: decouple header read-in from updating rbd_dev->header (Ilya Dryomov) [RHEL-12359]
- rbd: move rbd_dev_refresh() definition (Ilya Dryomov) [RHEL-12359]
- CI: Remove unused kpet_tree_family (Nikolai Kondrashov)
* Tue Oct 03 2023 Jan Stancek <jstancek@redhat.com> [5.14.0-362.8.1.el9_3] * Tue Oct 03 2023 Jan Stancek <jstancek@redhat.com> [5.14.0-362.8.1.el9_3]
- Revert "cnic: don't pass bogus GFP_ flags to dma_alloc_coherent" (Chris Leech) [RHEL-2542] - Revert "cnic: don't pass bogus GFP_ flags to dma_alloc_coherent" (Chris Leech) [RHEL-2542]
- Revert "dma-mapping: reject __GFP_COMP in dma_alloc_attrs" (Chris Leech) [RHEL-2542] - Revert "dma-mapping: reject __GFP_COMP in dma_alloc_attrs" (Chris Leech) [RHEL-2542]