kernel-rt-5.14.0-78.rt21.78.el9
* Mon Apr 11 2022 Fernando Pacheco <fpacheco@redhat.com> [5.14.0-78.rt21.78.el9] - [rt] build kernel-rt-5.14.0-78.rt21.78.el9 [2061574] - CI: Remove deprecated option (Veronika Kabatova) - scsi: iscsi: Fix nop handling during conn recovery (Chris Leech) [2069973] - scsi: iscsi: Merge suspend fields (Chris Leech) [2069973] - scsi: iscsi: Fix offload conn cleanup when iscsid restarts (Chris Leech) [2069973] - scsi: iscsi: Move iscsi_ep_disconnect (Chris Leech) [2069973] - NFS: Don't loop forever in nfs_do_recoalesce() (Steve Dickson) [2069274] - perf/x86/intel/uncore: Make uncore_discovery clean for 64 bit addresses (Michael Petlan) [2069686] - KVM: SVM: Allow AVIC support on system w/ physical APIC ID > 255 (Bandan Das) [2033070] - iommu/amd: Fix I/O page table memory leak (Jerry Snitselaar) [2053219] - iommu/amd: Recover from event log overflow (Jerry Snitselaar) [2053219] - redhat/configs: drop some config options for rhel 9. (David Airlie) [2067027] - arm64: proton-pack: Include unprivileged eBPF status in Spectre v2 mitigation reporting (Waiman Long) [2062288] {CVE-2022-23960} - arm64: Use the clearbhb instruction in mitigations (Waiman Long) [2062288] {CVE-2022-23960} - KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated (Waiman Long) [2062288] {CVE-2022-23960} - arm64: Mitigate spectre style branch history side channels (Waiman Long) [2062288] {CVE-2022-23960} - arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2 (Waiman Long) [2062288] {CVE-2022-23960} - arm64: Add percpu vectors for EL1 (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Add macro for reading symbol addresses from the trampoline (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Add vectors that have the bhb mitigation sequences (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Allow the trampoline text to occupy multiple pages (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Make the kpti trampoline's kpti sequence optional (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Move trampoline macros out of ifdef'd section (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Don't assume tramp_vectors is the start of the vectors (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Allow tramp_alias to access symbols after the 4K boundary (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Move the trampoline data page before the text page (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Free up another register on kpti's tramp_exit path (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Make the trampoline cleanup optional (Waiman Long) [2062288] {CVE-2022-23960} - KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A (Waiman Long) [2062288] {CVE-2022-23960} - arm64: spectre: Rename spectre_v4_patch_fw_mitigation_conduit (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry.S: Add ventry overflow sanity checks (Waiman Long) [2062288] {CVE-2022-23960} - arm64: Add Cortex-A510 CPU part definition (Waiman Long) [2062288] {CVE-2022-23960} - arm64: Add Cortex-X2 CPU part definition (Waiman Long) [2062288] {CVE-2022-23960} - arm64: cpufeature: add HWCAP for FEAT_RPRES (Waiman Long) [2062288] {CVE-2022-23960} - arm64: add ID_AA64ISAR2_EL1 sys register (Waiman Long) [2062288] {CVE-2022-23960} - arm64: cpufeature: add HWCAP for FEAT_AFP (Waiman Long) [2062288] {CVE-2022-23960} - arm64: Add Neoverse-N2, Cortex-A710 CPU part definition (Waiman Long) [2062288] {CVE-2022-23960} - arm64: Add HWCAP for self-synchronising virtual counter (Waiman Long) [2062288] {CVE-2022-23960} - iommu/vt-d: Fix double list_add when enabling VMD in scalable mode (Jerry Snitselaar) [2061621] - redhat/configs: remove unnecessary GPIO options for aarch64 (Brian Masney) [2060951] - redhat/configs: remove viperboard related Kconfig options (Brian Masney) [2060951] - configs: enable CONFIG_RMI4_F3A (Benjamin Tissoires) [2067243] - block: release rq qos structures for queue without disk (Ming Lei) [2065610] - fuse: fix pipe buffer lifetime for direct_io (Miklos Szeredi) [2064862] {CVE-2022-1011} - crypto: hmac - disallow keys < 112 bits in FIPS mode (Herbert Xu) [2033512] - crypto: hmac - add fips_skip support (Herbert Xu) [2033512] - crypto: des - disallow des3 in FIPS mode (Herbert Xu) [2033512] - crypto: dh - limit key size to 2048 in FIPS mode (Herbert Xu) [2033512] - crypto: rsa - limit key size to 2048 in FIPS mode (Herbert Xu) [2033512] - watch_queue: Make comment about setting ->defunct more accurate (David Howells) [2063758] - watch_queue: Fix lack of barrier/sync/lock between post and read (David Howells) [2063758] - watch_queue: Free the alloc bitmap when the watch_queue is torn down (David Howells) [2063758] - watch_queue: Fix the alloc bitmap size to reflect notes allocated (David Howells) [2063758] - watch_queue: Use the bitmap API when applicable (David Howells) [2063758] - watch_queue: Fix to always request a pow-of-2 pipe ring size (David Howells) [2063758] - watch_queue: Fix to release page in ->release() (David Howells) [2063758] - watch_queue, pipe: Free watchqueue state after clearing pipe ring (David Howells) [2063758] - watch_queue: Fix filter limit check (David Howells) [2063758] {CVE-2022-0995} - s390/mm: check 2KB-fragment page on release (Rafael Aquini) [2069978] - s390/mm: better annotate 2KB pagetable fragments handling (Rafael Aquini) [2069978] - s390/mm: fix 2KB pgtable release race (Rafael Aquini) [2069978] - ima: fix deadlock when traversing "ima_default_rules". (Bruno Meneguele) [2063913] - IMA: prevent SETXATTR_CHECK policy rules with unavailable algorithms (Bruno Meneguele) [2063913] - IMA: introduce a new policy option func=SETXATTR_CHECK (Bruno Meneguele) [2063913] - IMA: add a policy option to restrict xattr hash algorithms on appraisal (Bruno Meneguele) [2063913] - IMA: add support to restrict the hash algorithms used for file appraisal (Bruno Meneguele) [2063913] - IMA: block writes of the security.ima xattr with unsupported algorithms (Bruno Meneguele) [2063913] - IMA: remove the dependency on CRYPTO_MD5 (Bruno Meneguele) [2063913] - perf symbols: Fix symbol size calculation condition (Michael Petlan) [2049222] - redhat/Makefile: Fix dist-dump-variables target (Prarit Bhargava) - redhat/configs/process_configs.sh: Avoid race with find (Prarit Bhargava) - redhat/configs/process_configs.sh: Remove CONTINUEONERROR (Prarit Bhargava) - redhat/configs/process_configs.sh: Fix race with tools generation (Prarit Bhargava) - redhat/Makefile: Silence dist-clean-configs output (Prarit Bhargava) - Print arch with process_configs errors (Prarit Bhargava) - Pass RHJOBS to process_configs for dist-configs-check as well (Prarit Bhargava) - redhat/configs/process_configs.sh: Fix issue with old error files (Prarit Bhargava) - redhat/configs/build_configs.sh: Parallelize execution (Prarit Bhargava) - redhat/configs/build_configs.sh: Provide better messages (Prarit Bhargava) - redhat/configs/build_configs.sh: Create unique output files (Prarit Bhargava) - redhat/configs/build_configs.sh: Add local variables (Prarit Bhargava) - redhat/configs/process_configs.sh: Parallelize execution (Prarit Bhargava) - redhat/configs/process_configs.sh: Provide better messages (Prarit Bhargava) - redhat/configs/process_configs.sh: Create unique output files (Prarit Bhargava) - redhat/configs/process_configs.sh: Add processing config function (Prarit Bhargava) - cifs: modefromsids must add an ACE for authenticated users (Ronnie Sahlberg) [1988278] Resolves: rhbz#2061574, rhbz#2069978, rhbz#2063913, rhbz#2049222, rhbz#1988278 Signed-off-by: Fernando Pacheco <fpacheco@redhat.com>
This commit is contained in:
parent
40ee36a838
commit
2687a0396a
@ -12,7 +12,7 @@ RHEL_MINOR = 1
|
||||
#
|
||||
# Use this spot to avoid future merge conflicts.
|
||||
# Do not trim this comment.
|
||||
RHEL_RELEASE = 77
|
||||
RHEL_RELEASE = 78
|
||||
|
||||
#
|
||||
# ZSTREAM
|
||||
@ -66,4 +66,4 @@ ifneq ("$(ZSTREAM)", "yes")
|
||||
endif
|
||||
endif
|
||||
|
||||
RTBUILD:=.77
|
||||
RTBUILD:=.78
|
||||
|
@ -1191,7 +1191,7 @@ CONFIG_DRM_FBDEV_EMULATION=y
|
||||
# CONFIG_DRM_FBDEV_LEAK_PHYS_SMEM is not set
|
||||
CONFIG_DRM_FBDEV_OVERALLOC=100
|
||||
CONFIG_DRM_GM12U320=m
|
||||
CONFIG_DRM_GMA500=m
|
||||
# CONFIG_DRM_GMA500 is not set
|
||||
CONFIG_DRM_GUD=m
|
||||
# CONFIG_DRM_HDLCD is not set
|
||||
# CONFIG_DRM_HISI_HIBMC is not set
|
||||
@ -1565,14 +1565,14 @@ CONFIG_FB_EFI=y
|
||||
# CONFIG_FB_MODE_HELPERS is not set
|
||||
# CONFIG_FB_N411 is not set
|
||||
# CONFIG_FB_NEOMAGIC is not set
|
||||
CONFIG_FB_NVIDIA_BACKLIGHT=y
|
||||
# CONFIG_FB_NVIDIA_BACKLIGHT is not set
|
||||
# CONFIG_FB_NVIDIA_DEBUG is not set
|
||||
# CONFIG_FB_NVIDIA_I2C is not set
|
||||
# CONFIG_FB_NVIDIA is not set
|
||||
# CONFIG_FB_OPENCORES is not set
|
||||
# CONFIG_FB_PM2 is not set
|
||||
# CONFIG_FB_PM3 is not set
|
||||
CONFIG_FB_RADEON_BACKLIGHT=y
|
||||
# CONFIG_FB_RADEON_BACKLIGHT is not set
|
||||
# CONFIG_FB_RADEON_DEBUG is not set
|
||||
# CONFIG_FB_RADEON_I2C is not set
|
||||
# CONFIG_FB_RADEON is not set
|
||||
@ -1755,7 +1755,7 @@ CONFIG_GPIO_MLXBF2=m
|
||||
# CONFIG_GPIO_SYSFS is not set
|
||||
# CONFIG_GPIO_THUNDERX is not set
|
||||
# CONFIG_GPIO_TPIC2810 is not set
|
||||
CONFIG_GPIO_VIPERBOARD=m
|
||||
# CONFIG_GPIO_VIPERBOARD is not set
|
||||
# CONFIG_GPIO_VX855 is not set
|
||||
# CONFIG_GPIO_WATCHDOG is not set
|
||||
# CONFIG_GPIO_WINBOND is not set
|
||||
@ -2063,7 +2063,7 @@ CONFIG_I2C_STUB=m
|
||||
CONFIG_I2C_TINY_USB=m
|
||||
CONFIG_I2C_VIA=m
|
||||
CONFIG_I2C_VIAPRO=m
|
||||
CONFIG_I2C_VIPERBOARD=m
|
||||
# CONFIG_I2C_VIPERBOARD is not set
|
||||
# CONFIG_I2C_XILINX is not set
|
||||
CONFIG_I2C=y
|
||||
# CONFIG_I3C is not set
|
||||
@ -3019,7 +3019,7 @@ CONFIG_MFD_SM501=m
|
||||
# CONFIG_MFD_TPS65912_SPI is not set
|
||||
# CONFIG_MFD_TPS80031 is not set
|
||||
# CONFIG_MFD_TQMX86 is not set
|
||||
CONFIG_MFD_VIPERBOARD=m
|
||||
# CONFIG_MFD_VIPERBOARD is not set
|
||||
CONFIG_MFD_VX855=m
|
||||
# CONFIG_MFD_WL1273_CORE is not set
|
||||
# CONFIG_MFD_WM831X_I2C is not set
|
||||
@ -4285,7 +4285,7 @@ CONFIG_RMI4_F11=y
|
||||
CONFIG_RMI4_F12=y
|
||||
CONFIG_RMI4_F30=y
|
||||
CONFIG_RMI4_F34=y
|
||||
# CONFIG_RMI4_F3A is not set
|
||||
CONFIG_RMI4_F3A=y
|
||||
# CONFIG_RMI4_F54 is not set
|
||||
CONFIG_RMI4_F55=y
|
||||
CONFIG_RMI4_I2C=m
|
||||
|
@ -1183,7 +1183,7 @@ CONFIG_DRM_FBDEV_EMULATION=y
|
||||
# CONFIG_DRM_FBDEV_LEAK_PHYS_SMEM is not set
|
||||
CONFIG_DRM_FBDEV_OVERALLOC=100
|
||||
CONFIG_DRM_GM12U320=m
|
||||
CONFIG_DRM_GMA500=m
|
||||
# CONFIG_DRM_GMA500 is not set
|
||||
CONFIG_DRM_GUD=m
|
||||
# CONFIG_DRM_HDLCD is not set
|
||||
# CONFIG_DRM_HISI_HIBMC is not set
|
||||
@ -1549,14 +1549,14 @@ CONFIG_FB_EFI=y
|
||||
# CONFIG_FB_MODE_HELPERS is not set
|
||||
# CONFIG_FB_N411 is not set
|
||||
# CONFIG_FB_NEOMAGIC is not set
|
||||
CONFIG_FB_NVIDIA_BACKLIGHT=y
|
||||
# CONFIG_FB_NVIDIA_BACKLIGHT is not set
|
||||
# CONFIG_FB_NVIDIA_DEBUG is not set
|
||||
# CONFIG_FB_NVIDIA_I2C is not set
|
||||
# CONFIG_FB_NVIDIA is not set
|
||||
# CONFIG_FB_OPENCORES is not set
|
||||
# CONFIG_FB_PM2 is not set
|
||||
# CONFIG_FB_PM3 is not set
|
||||
CONFIG_FB_RADEON_BACKLIGHT=y
|
||||
# CONFIG_FB_RADEON_BACKLIGHT is not set
|
||||
# CONFIG_FB_RADEON_DEBUG is not set
|
||||
# CONFIG_FB_RADEON_I2C is not set
|
||||
# CONFIG_FB_RADEON is not set
|
||||
@ -1739,7 +1739,7 @@ CONFIG_GPIO_MLXBF2=m
|
||||
# CONFIG_GPIO_SYSFS is not set
|
||||
# CONFIG_GPIO_THUNDERX is not set
|
||||
# CONFIG_GPIO_TPIC2810 is not set
|
||||
CONFIG_GPIO_VIPERBOARD=m
|
||||
# CONFIG_GPIO_VIPERBOARD is not set
|
||||
# CONFIG_GPIO_VX855 is not set
|
||||
# CONFIG_GPIO_WATCHDOG is not set
|
||||
# CONFIG_GPIO_WINBOND is not set
|
||||
@ -2047,7 +2047,7 @@ CONFIG_I2C_STUB=m
|
||||
CONFIG_I2C_TINY_USB=m
|
||||
CONFIG_I2C_VIA=m
|
||||
CONFIG_I2C_VIAPRO=m
|
||||
CONFIG_I2C_VIPERBOARD=m
|
||||
# CONFIG_I2C_VIPERBOARD is not set
|
||||
# CONFIG_I2C_XILINX is not set
|
||||
CONFIG_I2C=y
|
||||
# CONFIG_I3C is not set
|
||||
@ -2999,7 +2999,7 @@ CONFIG_MFD_SM501=m
|
||||
# CONFIG_MFD_TPS65912_SPI is not set
|
||||
# CONFIG_MFD_TPS80031 is not set
|
||||
# CONFIG_MFD_TQMX86 is not set
|
||||
CONFIG_MFD_VIPERBOARD=m
|
||||
# CONFIG_MFD_VIPERBOARD is not set
|
||||
CONFIG_MFD_VX855=m
|
||||
# CONFIG_MFD_WL1273_CORE is not set
|
||||
# CONFIG_MFD_WM831X_I2C is not set
|
||||
@ -4264,7 +4264,7 @@ CONFIG_RMI4_F11=y
|
||||
CONFIG_RMI4_F12=y
|
||||
CONFIG_RMI4_F30=y
|
||||
CONFIG_RMI4_F34=y
|
||||
# CONFIG_RMI4_F3A is not set
|
||||
CONFIG_RMI4_F3A=y
|
||||
# CONFIG_RMI4_F54 is not set
|
||||
CONFIG_RMI4_F55=y
|
||||
CONFIG_RMI4_I2C=m
|
||||
|
103
kernel.spec
103
kernel.spec
@ -121,13 +121,13 @@ Summary: The Linux kernel
|
||||
%define kversion 5.14
|
||||
|
||||
%define rpmversion 5.14.0
|
||||
%define pkgrelease 77.rt21.77.el9
|
||||
%define pkgrelease 78.rt21.78.el9
|
||||
|
||||
# This is needed to do merge window version magic
|
||||
%define patchlevel 14
|
||||
|
||||
# allow pkg_release to have configurable %%{?dist} tag
|
||||
%define specrelease 77.rt21.77%{?buildid}%{?dist}
|
||||
%define specrelease 78.rt21.78%{?buildid}%{?dist}
|
||||
|
||||
%define pkg_release %{specrelease}
|
||||
|
||||
@ -704,7 +704,7 @@ BuildRequires: lld
|
||||
# exact git commit you can run
|
||||
#
|
||||
# xzcat -qq ${TARBALL} | git get-tar-commit-id
|
||||
Source0: linux-5.14.0-77.rt21.77.el9.tar.xz
|
||||
Source0: linux-5.14.0-78.rt21.78.el9.tar.xz
|
||||
|
||||
Source1: Makefile.rhelver
|
||||
|
||||
@ -1417,8 +1417,8 @@ ApplyOptionalPatch()
|
||||
fi
|
||||
}
|
||||
|
||||
%setup -q -n kernel-5.14.0-77.rt21.77.el9 -c
|
||||
mv linux-5.14.0-77.rt21.77.el9 linux-%{KVERREL}
|
||||
%setup -q -n kernel-5.14.0-78.rt21.78.el9 -c
|
||||
mv linux-5.14.0-78.rt21.78.el9 linux-%{KVERREL}
|
||||
|
||||
cd linux-%{KVERREL}
|
||||
cp -a %{SOURCE1} .
|
||||
@ -3095,8 +3095,97 @@ fi
|
||||
#
|
||||
#
|
||||
%changelog
|
||||
* Fri Apr 08 2022 Juri Lelli <juri.lelli@redhat.com> [5.14.0-77.rt21.77.el9]
|
||||
- [rt] build kernel-rt-5.14.0-77.rt21.77.el9 [2061574]
|
||||
* Mon Apr 11 2022 Fernando Pacheco <fpacheco@redhat.com> [5.14.0-78.rt21.78.el9]
|
||||
- [rt] build kernel-rt-5.14.0-78.rt21.78.el9 [2061574]
|
||||
|
||||
* Mon Apr 11 2022 Fernando Pacheco <fpacheco@redhat.com> [5.14.0-78.rt21.78.el9]
|
||||
- [rt] build kernel-rt-5.14.0-78.rt21.78.el9 [2061574]
|
||||
- CI: Remove deprecated option (Veronika Kabatova)
|
||||
- scsi: iscsi: Fix nop handling during conn recovery (Chris Leech) [2069973]
|
||||
- scsi: iscsi: Merge suspend fields (Chris Leech) [2069973]
|
||||
- scsi: iscsi: Fix offload conn cleanup when iscsid restarts (Chris Leech) [2069973]
|
||||
- scsi: iscsi: Move iscsi_ep_disconnect (Chris Leech) [2069973]
|
||||
- NFS: Don't loop forever in nfs_do_recoalesce() (Steve Dickson) [2069274]
|
||||
- perf/x86/intel/uncore: Make uncore_discovery clean for 64 bit addresses (Michael Petlan) [2069686]
|
||||
- KVM: SVM: Allow AVIC support on system w/ physical APIC ID > 255 (Bandan Das) [2033070]
|
||||
- iommu/amd: Fix I/O page table memory leak (Jerry Snitselaar) [2053219]
|
||||
- iommu/amd: Recover from event log overflow (Jerry Snitselaar) [2053219]
|
||||
- redhat/configs: drop some config options for rhel 9. (David Airlie) [2067027]
|
||||
- arm64: proton-pack: Include unprivileged eBPF status in Spectre v2 mitigation reporting (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: Use the clearbhb instruction in mitigations (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: Mitigate spectre style branch history side channels (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2 (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: Add percpu vectors for EL1 (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: entry: Add macro for reading symbol addresses from the trampoline (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: entry: Add vectors that have the bhb mitigation sequences (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: entry: Allow the trampoline text to occupy multiple pages (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: entry: Make the kpti trampoline's kpti sequence optional (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: entry: Move trampoline macros out of ifdef'd section (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: entry: Don't assume tramp_vectors is the start of the vectors (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: entry: Allow tramp_alias to access symbols after the 4K boundary (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: entry: Move the trampoline data page before the text page (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: entry: Free up another register on kpti's tramp_exit path (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: entry: Make the trampoline cleanup optional (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: spectre: Rename spectre_v4_patch_fw_mitigation_conduit (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: entry.S: Add ventry overflow sanity checks (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: Add Cortex-A510 CPU part definition (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: Add Cortex-X2 CPU part definition (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: cpufeature: add HWCAP for FEAT_RPRES (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: add ID_AA64ISAR2_EL1 sys register (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: cpufeature: add HWCAP for FEAT_AFP (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: Add Neoverse-N2, Cortex-A710 CPU part definition (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- arm64: Add HWCAP for self-synchronising virtual counter (Waiman Long) [2062288] {CVE-2022-23960}
|
||||
- iommu/vt-d: Fix double list_add when enabling VMD in scalable mode (Jerry Snitselaar) [2061621]
|
||||
- redhat/configs: remove unnecessary GPIO options for aarch64 (Brian Masney) [2060951]
|
||||
- redhat/configs: remove viperboard related Kconfig options (Brian Masney) [2060951]
|
||||
- configs: enable CONFIG_RMI4_F3A (Benjamin Tissoires) [2067243]
|
||||
- block: release rq qos structures for queue without disk (Ming Lei) [2065610]
|
||||
- fuse: fix pipe buffer lifetime for direct_io (Miklos Szeredi) [2064862] {CVE-2022-1011}
|
||||
- crypto: hmac - disallow keys < 112 bits in FIPS mode (Herbert Xu) [2033512]
|
||||
- crypto: hmac - add fips_skip support (Herbert Xu) [2033512]
|
||||
- crypto: des - disallow des3 in FIPS mode (Herbert Xu) [2033512]
|
||||
- crypto: dh - limit key size to 2048 in FIPS mode (Herbert Xu) [2033512]
|
||||
- crypto: rsa - limit key size to 2048 in FIPS mode (Herbert Xu) [2033512]
|
||||
- watch_queue: Make comment about setting ->defunct more accurate (David Howells) [2063758]
|
||||
- watch_queue: Fix lack of barrier/sync/lock between post and read (David Howells) [2063758]
|
||||
- watch_queue: Free the alloc bitmap when the watch_queue is torn down (David Howells) [2063758]
|
||||
- watch_queue: Fix the alloc bitmap size to reflect notes allocated (David Howells) [2063758]
|
||||
- watch_queue: Use the bitmap API when applicable (David Howells) [2063758]
|
||||
- watch_queue: Fix to always request a pow-of-2 pipe ring size (David Howells) [2063758]
|
||||
- watch_queue: Fix to release page in ->release() (David Howells) [2063758]
|
||||
- watch_queue, pipe: Free watchqueue state after clearing pipe ring (David Howells) [2063758]
|
||||
- watch_queue: Fix filter limit check (David Howells) [2063758] {CVE-2022-0995}
|
||||
- s390/mm: check 2KB-fragment page on release (Rafael Aquini) [2069978]
|
||||
- s390/mm: better annotate 2KB pagetable fragments handling (Rafael Aquini) [2069978]
|
||||
- s390/mm: fix 2KB pgtable release race (Rafael Aquini) [2069978]
|
||||
- ima: fix deadlock when traversing "ima_default_rules". (Bruno Meneguele) [2063913]
|
||||
- IMA: prevent SETXATTR_CHECK policy rules with unavailable algorithms (Bruno Meneguele) [2063913]
|
||||
- IMA: introduce a new policy option func=SETXATTR_CHECK (Bruno Meneguele) [2063913]
|
||||
- IMA: add a policy option to restrict xattr hash algorithms on appraisal (Bruno Meneguele) [2063913]
|
||||
- IMA: add support to restrict the hash algorithms used for file appraisal (Bruno Meneguele) [2063913]
|
||||
- IMA: block writes of the security.ima xattr with unsupported algorithms (Bruno Meneguele) [2063913]
|
||||
- IMA: remove the dependency on CRYPTO_MD5 (Bruno Meneguele) [2063913]
|
||||
- perf symbols: Fix symbol size calculation condition (Michael Petlan) [2049222]
|
||||
- redhat/Makefile: Fix dist-dump-variables target (Prarit Bhargava)
|
||||
- redhat/configs/process_configs.sh: Avoid race with find (Prarit Bhargava)
|
||||
- redhat/configs/process_configs.sh: Remove CONTINUEONERROR (Prarit Bhargava)
|
||||
- redhat/configs/process_configs.sh: Fix race with tools generation (Prarit Bhargava)
|
||||
- redhat/Makefile: Silence dist-clean-configs output (Prarit Bhargava)
|
||||
- Print arch with process_configs errors (Prarit Bhargava)
|
||||
- Pass RHJOBS to process_configs for dist-configs-check as well (Prarit Bhargava)
|
||||
- redhat/configs/process_configs.sh: Fix issue with old error files (Prarit Bhargava)
|
||||
- redhat/configs/build_configs.sh: Parallelize execution (Prarit Bhargava)
|
||||
- redhat/configs/build_configs.sh: Provide better messages (Prarit Bhargava)
|
||||
- redhat/configs/build_configs.sh: Create unique output files (Prarit Bhargava)
|
||||
- redhat/configs/build_configs.sh: Add local variables (Prarit Bhargava)
|
||||
- redhat/configs/process_configs.sh: Parallelize execution (Prarit Bhargava)
|
||||
- redhat/configs/process_configs.sh: Provide better messages (Prarit Bhargava)
|
||||
- redhat/configs/process_configs.sh: Create unique output files (Prarit Bhargava)
|
||||
- redhat/configs/process_configs.sh: Add processing config function (Prarit Bhargava)
|
||||
- cifs: modefromsids must add an ACE for authenticated users (Ronnie Sahlberg) [1988278]
|
||||
|
||||
* Fri Apr 08 2022 Juri Lelli <juri.lelli@redhat.com> [5.14.0-77.rt21.77.el9]
|
||||
- [rt] build kernel-rt-5.14.0-77.rt21.77.el9 [2061574]
|
||||
|
@ -60,6 +60,9 @@ switch_to_toplevel()
|
||||
|
||||
checkoptions()
|
||||
{
|
||||
count=$3
|
||||
variant=$4
|
||||
|
||||
/usr/bin/awk '
|
||||
|
||||
/is not set/ {
|
||||
@ -82,14 +85,14 @@ checkoptions()
|
||||
print "Found "a[1]"="a[2]" after generation, had " a[1]"="configs[a[1]]" in Source tree";
|
||||
}
|
||||
}
|
||||
' "$1" "$2" > .mismatches
|
||||
' "$1" "$2" > .mismatches${count}
|
||||
|
||||
checkoptions_error=false
|
||||
if test -s .mismatches
|
||||
if test -s .mismatches${count}
|
||||
then
|
||||
while read -r LINE
|
||||
do
|
||||
if find ./ -name "$(echo "$LINE" | awk -F "=" ' { print $1 } ' | awk ' { print $2 }')" -print0 | xargs -0 grep ^ | grep -q "process_configs_known_broken"; then
|
||||
if find "${REDHAT}"/configs -name "$(echo "$LINE" | awk -F "=" ' { print $1 } ' | awk ' { print $2 }')" -print0 | xargs -0 grep ^ | grep -q "process_configs_known_broken"; then
|
||||
# This is a known broken config.
|
||||
# See script help warning.
|
||||
checkoptions_error=false
|
||||
@ -97,14 +100,13 @@ checkoptions()
|
||||
checkoptions_error=true
|
||||
break
|
||||
fi
|
||||
done < .mismatches
|
||||
done < .mismatches${count}
|
||||
|
||||
! $checkoptions_error && return
|
||||
|
||||
echo "Error: Mismatches found in configuration files"
|
||||
cat .mismatches
|
||||
RETURNCODE=1
|
||||
[ "$CONTINUEONERROR" ] || exit 1
|
||||
sed -i "1s/^/Error: Mismatches found in configuration files for ${arch} ${variant}\n/" .mismatches${count}
|
||||
else
|
||||
rm -f .mismatches${count}
|
||||
fi
|
||||
}
|
||||
|
||||
@ -218,75 +220,119 @@ function commit_new_configs()
|
||||
git commit -m "[redhat] AUTOMATIC: New configs"
|
||||
}
|
||||
|
||||
function process_config()
|
||||
{
|
||||
local cfg
|
||||
local arch
|
||||
local cfgtmp
|
||||
local cfgorig
|
||||
local count
|
||||
local variant
|
||||
|
||||
cfg=$1
|
||||
count=$2
|
||||
|
||||
arch=$(head -1 "$cfg" | cut -b 3-)
|
||||
|
||||
if [ "$arch" = "EMPTY" ]
|
||||
then
|
||||
# This arch is intentionally left blank
|
||||
return
|
||||
fi
|
||||
|
||||
variant=$(basename "$cfg" | cut -d"-" -f3- | cut -d"." -f1)
|
||||
|
||||
cfgtmp="${cfg}.tmp"
|
||||
cfgorig="${cfg}.orig"
|
||||
cat "$cfg" > "$cfgorig"
|
||||
|
||||
echo "Processing $cfg ... "
|
||||
|
||||
make ${MAKEOPTS} ARCH="$arch" CROSS_COMPILE=$(get_cross_compile $arch) KCONFIG_CONFIG="$cfgorig" listnewconfig >& .listnewconfig${count}
|
||||
grep -E 'CONFIG_' .listnewconfig${count} > .newoptions${count}
|
||||
if test -n "$NEWOPTIONS" && test -s .newoptions${count}
|
||||
then
|
||||
echo "Found unset config items in ${arch} ${variant}, please set them to an appropriate value" >> .errors${count}
|
||||
cat .newoptions${count} >> .errors${count}
|
||||
rm .newoptions${count}
|
||||
RETURNCODE=1
|
||||
fi
|
||||
rm .newoptions${count}
|
||||
|
||||
grep -E 'config.*warning' .listnewconfig${count} > .warnings${count}
|
||||
if test -n "$CHECKWARNINGS" && test -s .warnings${count}
|
||||
then
|
||||
echo "Found misconfigured config items in ${arch} ${variant}, please set them to an appropriate value" >> .errors${count}
|
||||
cat .warnings${count} >> .errors${count}
|
||||
rm .warnings${count}
|
||||
fi
|
||||
rm .warnings${count}
|
||||
|
||||
rm .listnewconfig${count}
|
||||
|
||||
make ${MAKEOPTS} ARCH="$arch" CROSS_COMPILE=$(get_cross_compile $arch) KCONFIG_CONFIG="$cfgorig" olddefconfig > /dev/null || exit 1
|
||||
echo "# $arch" > "$cfgtmp"
|
||||
cat "$cfgorig" >> "$cfgtmp"
|
||||
if test -n "$CHECKOPTIONS"
|
||||
then
|
||||
checkoptions "$cfg" "$cfgtmp" "$count" "$variant"
|
||||
fi
|
||||
# if test run, don't overwrite original
|
||||
if test -n "$TESTRUN"
|
||||
then
|
||||
rm -f "$cfgtmp"
|
||||
else
|
||||
mv "$cfgtmp" "$cfg"
|
||||
fi
|
||||
rm -f "$cfgorig"
|
||||
echo "Processing $cfg complete"
|
||||
}
|
||||
|
||||
function process_configs()
|
||||
{
|
||||
# assume we are in $source_tree/configs, need to get to top level
|
||||
pushd "$(switch_to_toplevel)" &>/dev/null
|
||||
|
||||
# The next line is throwaway code for transition to parallel
|
||||
# processing. Leaving this line in place is harmless, but it can be
|
||||
# removed the next time anyone updates this function.
|
||||
[ -f .mismatches ] && rm -f .mismatches
|
||||
|
||||
count=0
|
||||
for cfg in "$SCRIPT_DIR/${PACKAGE_NAME}${KVERREL}${SUBARCH}"*.config
|
||||
do
|
||||
arch=$(head -1 "$cfg" | cut -b 3-)
|
||||
cfgtmp="${cfg}.tmp"
|
||||
cfgorig="${cfg}.orig"
|
||||
cat "$cfg" > "$cfgorig"
|
||||
|
||||
if [ "$arch" = "EMPTY" ]
|
||||
then
|
||||
# This arch is intentionally left blank
|
||||
continue
|
||||
if [ "$count" -eq 0 ]; then
|
||||
# do the first one by itself so that tools are built
|
||||
process_config "$cfg" "$count"
|
||||
fi
|
||||
echo -n "Processing $cfg ... "
|
||||
|
||||
make ${MAKEOPTS} ARCH="$arch" CROSS_COMPILE=$(get_cross_compile $arch) KCONFIG_CONFIG="$cfgorig" listnewconfig >& .listnewconfig
|
||||
grep -E 'CONFIG_' .listnewconfig > .newoptions
|
||||
if test -n "$NEWOPTIONS" && test -s .newoptions
|
||||
then
|
||||
echo "Found unset config items, please set them to an appropriate value"
|
||||
cat .newoptions
|
||||
rm .newoptions
|
||||
RETURNCODE=1
|
||||
[ "$CONTINUEONERROR" ] || exit 1
|
||||
fi
|
||||
rm .newoptions
|
||||
|
||||
grep -E 'config.*warning' .listnewconfig > .warnings
|
||||
if test -n "$CHECKWARNINGS" && test -s .warnings
|
||||
then
|
||||
echo "Found misconfigured config items, please set them to an appropriate value"
|
||||
cat .warnings
|
||||
rm .warnings
|
||||
RETURNCODE=1
|
||||
[ "$CONTINUEONERROR" ] || exit 1
|
||||
fi
|
||||
rm .warnings
|
||||
|
||||
rm .listnewconfig
|
||||
|
||||
make ${MAKEOPTS} ARCH="$arch" CROSS_COMPILE=$(get_cross_compile $arch) KCONFIG_CONFIG="$cfgorig" olddefconfig > /dev/null || exit 1
|
||||
echo "# $arch" > "$cfgtmp"
|
||||
cat "$cfgorig" >> "$cfgtmp"
|
||||
if test -n "$CHECKOPTIONS"
|
||||
then
|
||||
checkoptions "$cfg" "$cfgtmp"
|
||||
fi
|
||||
# if test run, don't overwrite original
|
||||
if test -n "$TESTRUN"
|
||||
then
|
||||
rm -f "$cfgtmp"
|
||||
else
|
||||
mv "$cfgtmp" "$cfg"
|
||||
fi
|
||||
rm -f "$cfgorig"
|
||||
echo "done"
|
||||
process_config "$cfg" "$count" &
|
||||
waitpids[${count}]=$!
|
||||
((count++))
|
||||
while [ "$(jobs | grep Running | wc -l)" -ge $RHJOBS ]; do :; done
|
||||
done
|
||||
for pid in ${waitpids[*]}; do
|
||||
wait ${pid}
|
||||
done
|
||||
|
||||
rm "$SCRIPT_DIR"/*.config*.old
|
||||
|
||||
if ls .errors* 1> /dev/null 2>&1; then
|
||||
RETURNCODE=1
|
||||
cat .errors*
|
||||
rm .errors* -f
|
||||
fi
|
||||
if ls .mismatches* 1> /dev/null 2>&1; then
|
||||
RETURNCODE=1
|
||||
cat .mismatches*
|
||||
rm .mismatches* -f
|
||||
fi
|
||||
|
||||
popd > /dev/null
|
||||
|
||||
echo "Processed config files are in $SCRIPT_DIR"
|
||||
[ $RETURNCODE -eq 0 ] && echo "Processed config files are in $SCRIPT_DIR"
|
||||
}
|
||||
|
||||
CHECKOPTIONS=""
|
||||
CONTINUEONERROR=""
|
||||
NEWOPTIONS=""
|
||||
TESTRUN=""
|
||||
CHECKWARNINGS=""
|
||||
@ -301,7 +347,6 @@ do
|
||||
case $key in
|
||||
-a)
|
||||
CHECKOPTIONS="x"
|
||||
CONTINUEONERROR="x"
|
||||
NEWOPTIONS="x"
|
||||
CHECKWARNINGS="x"
|
||||
;;
|
||||
@ -311,9 +356,6 @@ do
|
||||
-h)
|
||||
usage
|
||||
;;
|
||||
-i)
|
||||
CONTINUEONERROR="x"
|
||||
;;
|
||||
-n)
|
||||
NEWOPTIONS="x"
|
||||
;;
|
||||
@ -343,6 +385,7 @@ PACKAGE_NAME="${1:-kernel-rt}" # defines the package name used
|
||||
KVERREL="$(test -n "$2" && echo "-$2" || echo "")"
|
||||
SUBARCH="$(test -n "$3" && echo "-$3" || echo "")"
|
||||
FLAVOR="$(test -n "$4" && echo "-$4" || echo "-common")"
|
||||
RHJOBS="$(test -n "$5" && echo "$5" || nproc --all)"
|
||||
SCRIPT=$(readlink -f "$0")
|
||||
SCRIPT_DIR=$(dirname "$SCRIPT")
|
||||
|
||||
|
6
sources
6
sources
@ -1,4 +1,4 @@
|
||||
SHA512 (kernel-abi-whitelists-5.13.0-1.tar.bz2) = ceba454e1f590c1e4ef4115a75463ae3ac2c2aa7ec85fa14a2669d666c421483a38225ee19d7d72b4ac7032375741408b23543e43588538c80161ec0cf57051c
|
||||
SHA512 (linux-5.14.0-77.rt21.77.el9.tar.xz) = 09acb7d59788f40870b522302302ded62e0714eea6dbed99d28c69537909a9547f42bdf439f52c596d251d357895aed649eb6f3296ef5d424ef8b2aca9fb10b4
|
||||
SHA512 (kernel-abi-stablelists-5.14.0-77.rt21.77.el9.tar.bz2) = fb6b7dd353c2ffd728c32542d12ee65c24221791099942259a020e9d2fcf1f043c27a27aa0279a4a9a2f6114258b1d9cd3fa6009db1dd8396b44800bdd2e9766
|
||||
SHA512 (kernel-kabi-dw-5.14.0-77.rt21.77.el9.tar.bz2) = c901529aff636abbc2aa5f289ec098a2a29c8507aa81ee649d1104592b8abad9f495db0e947dc36a84e043708a47373de35156b40b252281ef747f06e19ed914
|
||||
SHA512 (linux-5.14.0-78.rt21.78.el9.tar.xz) = 0847477361a0b4a3666b57f957724fe5e67ecd2e29d0eef09e44e0e0114869fddda4fab5214002ecf73c81f9ef80a1df8c6bede8b91dfeff3c150a91d7488c68
|
||||
SHA512 (kernel-abi-stablelists-5.14.0-78.rt21.78.el9.tar.bz2) = 59182c8e2c3e5182afbbad053b683e60e111b7be538950f76c92aa2597877dc1922d0382448aa9f058b4160849504eb9a458aa7819d950cfe099ef7c4607fab5
|
||||
SHA512 (kernel-kabi-dw-5.14.0-78.rt21.78.el9.tar.bz2) = f48c87da1305f27edb6978f09d3ddef1604f6f064094a9b8ab9c39a5f9451c9155419f680227af536db9172609e6c6f8ba7629f707088e64eeb01a43bbf4670e
|
||||
|
Loading…
Reference in New Issue
Block a user