import kernel-rt-5.14.0-70.17.1.rt21.89.el9_0

This commit is contained in:
CentOS Sources 2022-06-28 04:30:21 -04:00 committed by root
parent 9c9f2d43b1
commit 05095fa817
7 changed files with 79 additions and 14 deletions

2
.gitignore vendored
View File

@ -1,3 +1,3 @@
SOURCES/linux-5.14.0-70.13.1.rt21.83.el9_0.tar.xz SOURCES/linux-5.14.0-70.17.1.rt21.89.el9_0.tar.xz
SOURCES/rheldup3.x509 SOURCES/rheldup3.x509
SOURCES/rhelkpatch1.x509 SOURCES/rhelkpatch1.x509

View File

@ -1,3 +1,3 @@
4f3edf73139d54a77d67e5a6879026ab127513d8 SOURCES/linux-5.14.0-70.13.1.rt21.83.el9_0.tar.xz f12b3867244766e37484929648856e9535572a0c SOURCES/linux-5.14.0-70.17.1.rt21.89.el9_0.tar.xz
95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509 95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509
d90885108d225a234a5a9d054fc80893a5bd54d0 SOURCES/rhelkpatch1.x509 d90885108d225a234a5a9d054fc80893a5bd54d0 SOURCES/rhelkpatch1.x509

View File

@ -12,7 +12,7 @@ RHEL_MINOR = 0
# #
# Use this spot to avoid future merge conflicts. # Use this spot to avoid future merge conflicts.
# Do not trim this comment. # Do not trim this comment.
RHEL_RELEASE = 70.13.1 RHEL_RELEASE = 70.17.1
# #
# ZSTREAM # ZSTREAM
@ -66,4 +66,4 @@ ifneq ("$(ZSTREAM)", "yes")
endif endif
endif endif
RTBUILD:=.83 RTBUILD:=.89

View File

@ -923,7 +923,7 @@ CONFIG_CRYPTO_SHA256=y
CONFIG_CRYPTO_SHA3=y CONFIG_CRYPTO_SHA3=y
CONFIG_CRYPTO_SHA512_ARM64_CE=m CONFIG_CRYPTO_SHA512_ARM64_CE=m
# CONFIG_CRYPTO_SHA512_ARM64 is not set # CONFIG_CRYPTO_SHA512_ARM64 is not set
CONFIG_CRYPTO_SHA512_SSSE3=m CONFIG_CRYPTO_SHA512_SSSE3=y
CONFIG_CRYPTO_SHA512=y CONFIG_CRYPTO_SHA512=y
# CONFIG_CRYPTO_SM2 is not set # CONFIG_CRYPTO_SM2 is not set
# CONFIG_CRYPTO_SM3 is not set # CONFIG_CRYPTO_SM3 is not set
@ -941,7 +941,7 @@ CONFIG_CRYPTO_USER_API_HASH=y
# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set # CONFIG_CRYPTO_USER_API_RNG_CAVP is not set
CONFIG_CRYPTO_USER_API_RNG=y CONFIG_CRYPTO_USER_API_RNG=y
CONFIG_CRYPTO_USER_API_SKCIPHER=y CONFIG_CRYPTO_USER_API_SKCIPHER=y
CONFIG_CRYPTO_USER=m CONFIG_CRYPTO_USER=y
CONFIG_CRYPTO_VMAC=m CONFIG_CRYPTO_VMAC=m
CONFIG_CRYPTO_WP512=m CONFIG_CRYPTO_WP512=m
CONFIG_CRYPTO_XCBC=m CONFIG_CRYPTO_XCBC=m

View File

@ -923,7 +923,7 @@ CONFIG_CRYPTO_SHA256=y
CONFIG_CRYPTO_SHA3=y CONFIG_CRYPTO_SHA3=y
CONFIG_CRYPTO_SHA512_ARM64_CE=m CONFIG_CRYPTO_SHA512_ARM64_CE=m
# CONFIG_CRYPTO_SHA512_ARM64 is not set # CONFIG_CRYPTO_SHA512_ARM64 is not set
CONFIG_CRYPTO_SHA512_SSSE3=m CONFIG_CRYPTO_SHA512_SSSE3=y
CONFIG_CRYPTO_SHA512=y CONFIG_CRYPTO_SHA512=y
# CONFIG_CRYPTO_SM2 is not set # CONFIG_CRYPTO_SM2 is not set
# CONFIG_CRYPTO_SM3 is not set # CONFIG_CRYPTO_SM3 is not set
@ -941,7 +941,7 @@ CONFIG_CRYPTO_USER_API_HASH=y
# CONFIG_CRYPTO_USER_API_RNG_CAVP is not set # CONFIG_CRYPTO_USER_API_RNG_CAVP is not set
CONFIG_CRYPTO_USER_API_RNG=y CONFIG_CRYPTO_USER_API_RNG=y
CONFIG_CRYPTO_USER_API_SKCIPHER=y CONFIG_CRYPTO_USER_API_SKCIPHER=y
CONFIG_CRYPTO_USER=m CONFIG_CRYPTO_USER=y
CONFIG_CRYPTO_VMAC=m CONFIG_CRYPTO_VMAC=m
CONFIG_CRYPTO_WP512=m CONFIG_CRYPTO_WP512=m
CONFIG_CRYPTO_XCBC=m CONFIG_CRYPTO_XCBC=m

View File

@ -19,6 +19,12 @@ emptyrpm:
- kernel-zfcpdump - kernel-zfcpdump
- kernel-zfcpdump-devel-matched - kernel-zfcpdump-devel-matched
- kernel-zfcpdump-modules - kernel-zfcpdump-modules
specname: specname:
match: prefix match: prefix
primary: filename primary: filename
patches:
ignore_list:
- linux-kernel-test.patch
- patch-5.14.0-redhat.patch

View File

@ -121,13 +121,13 @@ Summary: The Linux kernel
%define kversion 5.14 %define kversion 5.14
%define rpmversion 5.14.0 %define rpmversion 5.14.0
%define pkgrelease 70.13.1.rt21.83.el9_0 %define pkgrelease 70.17.1.rt21.89.el9_0
# This is needed to do merge window version magic # This is needed to do merge window version magic
%define patchlevel 14 %define patchlevel 14
# allow pkg_release to have configurable %%{?dist} tag # allow pkg_release to have configurable %%{?dist} tag
%define specrelease 70.13.1.rt21.83%{?buildid}%{?dist} %define specrelease 70.17.1.rt21.89%{?buildid}%{?dist}
%define pkg_release %{specrelease} %define pkg_release %{specrelease}
@ -705,7 +705,7 @@ BuildRequires: lld
# exact git commit you can run # exact git commit you can run
# #
# xzcat -qq ${TARBALL} | git get-tar-commit-id # xzcat -qq ${TARBALL} | git get-tar-commit-id
Source0: linux-5.14.0-70.13.1.rt21.83.el9_0.tar.xz Source0: linux-5.14.0-70.17.1.rt21.89.el9_0.tar.xz
Source1: Makefile.rhelver Source1: Makefile.rhelver
@ -1416,8 +1416,8 @@ ApplyOptionalPatch()
fi fi
} }
%setup -q -n kernel-5.14.0-70.13.1.rt21.83.el9_0 -c %setup -q -n kernel-5.14.0-70.17.1.rt21.89.el9_0 -c
mv linux-5.14.0-70.13.1.rt21.83.el9_0 linux-%{KVERREL} mv linux-5.14.0-70.17.1.rt21.89.el9_0 linux-%{KVERREL}
cd linux-%{KVERREL} cd linux-%{KVERREL}
cp -a %{SOURCE1} . cp -a %{SOURCE1} .
@ -2313,6 +2313,14 @@ popd
# in the source tree. We installed them previously to $RPM_BUILD_ROOT/usr # in the source tree. We installed them previously to $RPM_BUILD_ROOT/usr
# but there's no way to tell the Makefile to take them from there. # but there's no way to tell the Makefile to take them from there.
%{make} %{?_smp_mflags} headers_install %{make} %{?_smp_mflags} headers_install
# If we re building only tools without kernel, we need to generate config
# headers and prepare tree for modules building. The modules_prepare target
# will cover both.
if [ ! -f include/generated/autoconf.h ]; then
%{make} %{?_smp_mflags} modules_prepare
fi
%{make} %{?_smp_mflags} ARCH=$Arch V=1 M=samples/bpf/ %{make} %{?_smp_mflags} ARCH=$Arch V=1 M=samples/bpf/
# Prevent bpf selftests to build bpftool repeatedly: # Prevent bpf selftests to build bpftool repeatedly:
@ -3074,7 +3082,58 @@ fi
# #
# #
%changelog %changelog
* Thu Apr 14 2022 Luis Claudio R. Goncalves <lgoncalv@redhat.com> [5.14.0-70.13.1.rt21.83.el9_0] * Tue Jun 14 2022 Luis Claudio R. Goncalves <lgoncalv@redhat.com> [5.14.0-70.17.1.rt21.89.el9_0]
- [rt] build kernel-rt-5.14.0-70.17.1.rt21.89.el9_0 [2089492]
- netfilter: nf_tables: disallow non-stateful expression in sets earlier (Phil Sutter) [2092992] {CVE-2022-1966}
- thunderx nic: mark device as unmaintained (Íñigo Huguet) [2092638]
- pseries/eeh: Fix the kdump kernel crash during eeh_pseries_init (Steve Best) [2092255]
- perf: Fix sys_perf_event_open() race against self (Michael Petlan) [2087965] {CVE-2022-1729}
- spec: Fix separate tools build (Jiri Olsa) [2090852]
- mm: lru_cache_disable: replace work queue synchronization with synchronize_rcu (Marcelo Tosatti) [2086963]
* Wed Jun 08 2022 Luis Claudio R. Goncalves <lgoncalv@redhat.com> [5.14.0-70.16.1.rt21.88.el9_0]
- [rt] build kernel-rt-5.14.0-70.16.1.rt21.88.el9_0 [2089492]
- dm integrity: fix memory corruption when tag_size is less than digest size (Benjamin Marzinski) [2082187]
* Mon Jun 06 2022 Luis Claudio R. Goncalves <lgoncalv@redhat.com> [5.14.0-70.15.1.rt21.87.el9_0]
- [rt] build kernel-rt-5.14.0-70.15.1.rt21.87.el9_0 [2089492]
- [redhat-rt] ensure scratch builds use the z-stream build target (Luis Claudio R. Goncalves)
* Wed Jun 01 2022 Luis Claudio R. Goncalves <lgoncalv@redhat.com> [5.14.0-70.15.1.rt21.85.el9_0]
- [rt] build kernel-rt-5.14.0-70.15.1.rt21.85.el9_0 [2089492]
- CI: Use zstream builder image (Veronika Kabatova)
- tcp: drop the hash_32() part from the index calculation (Guillaume Nault) [2087129 2064870] {CVE-2022-1012}
- tcp: increase source port perturb table to 2^16 (Guillaume Nault) [2087129 2064870] {CVE-2022-1012}
- tcp: dynamically allocate the perturb table used by source ports (Guillaume Nault) [2087129 2064870] {CVE-2022-1012}
- tcp: add small random increments to the source port (Guillaume Nault) [2087129 2064870] {CVE-2022-1012}
- tcp: resalt the secret every 10 seconds (Guillaume Nault) [2087129 2064870] {CVE-2022-1012}
- tcp: use different parts of the port_offset for index and offset (Guillaume Nault) [2087129 2064870] {CVE-2022-1012}
- secure_seq: use the 64 bits of the siphash for port offset calculation (Guillaume Nault) [2087129 2064870] {CVE-2022-1012}
- Revert "netfilter: conntrack: tag conntracks picked up in local out hook" (Florian Westphal) [2085480 2061850]
- Revert "netfilter: nat: force port remap to prevent shadowing well-known ports" (Florian Westphal) [2085480 2061850]
- redhat/koji/Makefile: Decouple koji Makefile from Makefile.common (Andrea Claudi)
- redhat: fix make {distg-brew,distg-koji} (Andrea Claudi)
- esp: limit skb_page_frag_refill use to a single page (Sabrina Dubroca) [2082952 2082953] {CVE-2022-27666}
- esp: Fix possible buffer overflow in ESP transformation (Sabrina Dubroca) [2082952 2082953] {CVE-2022-27666}
- sctp: use the correct skb for security_sctp_assoc_request (Ondrej Mosnacek) [2084044 2078856]
- security: implement sctp_assoc_established hook in selinux (Ondrej Mosnacek) [2084044 2078856]
- security: add sctp_assoc_established hook (Ondrej Mosnacek) [2084044 2078856]
- security: call security_sctp_assoc_request in sctp_sf_do_5_1D_ce (Ondrej Mosnacek) [2084044 2078856]
- security: pass asoc to sctp_assoc_request and sctp_sk_clone (Ondrej Mosnacek) [2084044 2078856]
* Thu May 26 2022 Juri Lelli <juri.lelli@redhat.com> [5.14.0-70.14.1.rt21.85.el9_0]
- [rt] build kernel-rt-5.14.0-70.14.1.rt21.85.el9_0 [2089492]
- [redhat-rt] Update RTBZ for Batch1 (Juri Lelli)
* Thu May 12 2022 Luis Claudio R. Goncalves <lgoncalv@redhat.com> [5.14.0-70.14.1.rt21.84.el9_0]
- [rt] build kernel-rt-5.14.0-70.14.1.rt21.84.el9_0 [2002474]
- PCI: hv: Propagate coherence from VMbus device to PCI device (Vitaly Kuznetsov) [2074830]
- Drivers: hv: vmbus: Propagate VMbus coherence to each VMbus device (Vitaly Kuznetsov) [2074830]
- redhat: rpminspect: disable 'patches' check for known empty patch files (Herton R. Krzesinski)
- redhat/configs: make SHA512_arch algos and CRYPTO_USER built-ins (Vladis Dronov) [2072643]
- CI: Drop baseline runs (Veronika Kabatova)
* Thu Apr 14 2022 Luis Claudio R. Goncalves <lgoncalv@redhat.com> [5.14.0-70.13.1.rt21.82.el9_0]
- [rt] build kernel-rt-5.14.0-70.13.1.rt21.82.el9_0 [2002474] - [rt] build kernel-rt-5.14.0-70.13.1.rt21.82.el9_0 [2002474]
- redhat: disable uncommon media device infrastructure (Jarod Wilson) [2074598] - redhat: disable uncommon media device infrastructure (Jarod Wilson) [2074598]
- netfilter: nf_tables: unregister flowtable hooks on netns exit (Florian Westphal) [2056869] - netfilter: nf_tables: unregister flowtable hooks on netns exit (Florian Westphal) [2056869]