From 1c411743ea6e66f5cc5b65167783e64f8fd35bed Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Tue, 25 Oct 2022 03:40:22 -0400 Subject: [PATCH] import kernel-rt-4.18.0-372.32.1.rt7.189.el8_6 --- .gitignore | 2 +- .kernel-rt.metadata | 2 +- SOURCES/kernel-rt-aarch64-debug.config | 2 +- SOURCES/kernel-rt-aarch64.config | 2 +- SPECS/kernel.spec | 266 ++++++++++++++++++++++++- 5 files changed, 266 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index 8e65354..1fd61b8 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ -SOURCES/linux-4.18.0-372.26.1.rt7.183.el8_6.tar.xz +SOURCES/linux-4.18.0-372.32.1.rt7.189.el8_6.tar.xz SOURCES/rheldup3.x509 SOURCES/rhelkpatch1.x509 diff --git a/.kernel-rt.metadata b/.kernel-rt.metadata index 061dfdc..0fb784a 100644 --- a/.kernel-rt.metadata +++ b/.kernel-rt.metadata @@ -1,3 +1,3 @@ -43e0bb54f0d870020a8b2e0a7938bd7287c81441 SOURCES/linux-4.18.0-372.26.1.rt7.183.el8_6.tar.xz +098afc179a6ac0165566947364cea72bd6734463 SOURCES/linux-4.18.0-372.32.1.rt7.189.el8_6.tar.xz 95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509 d90885108d225a234a5a9d054fc80893a5bd54d0 SOURCES/rhelkpatch1.x509 diff --git a/SOURCES/kernel-rt-aarch64-debug.config b/SOURCES/kernel-rt-aarch64-debug.config index 5eac463..0ae0f3c 100644 --- a/SOURCES/kernel-rt-aarch64-debug.config +++ b/SOURCES/kernel-rt-aarch64-debug.config @@ -714,7 +714,6 @@ # CONFIG_HP03 is not set # CONFIG_HP206C is not set # CONFIG_HPFS_FS is not set -# CONFIG_HP_ILO is not set # CONFIG_HSA_AMD is not set # CONFIG_HSI is not set # CONFIG_HSR is not set @@ -3417,6 +3416,7 @@ CONFIG_HOTPLUG_PCI=y CONFIG_HOTPLUG_PCI_ACPI=y CONFIG_HOTPLUG_PCI_ACPI_IBM=m CONFIG_HOTPLUG_PCI_PCIE=y +CONFIG_HP_ILO=m CONFIG_HUGETLBFS=y CONFIG_HVC_DRIVER=y CONFIG_HWLAT_TRACER=y diff --git a/SOURCES/kernel-rt-aarch64.config b/SOURCES/kernel-rt-aarch64.config index e40c720..c48c1c6 100644 --- a/SOURCES/kernel-rt-aarch64.config +++ b/SOURCES/kernel-rt-aarch64.config @@ -763,7 +763,6 @@ # CONFIG_HP03 is not set # CONFIG_HP206C is not set # CONFIG_HPFS_FS is not set -# CONFIG_HP_ILO is not set # CONFIG_HSA_AMD is not set # CONFIG_HSI is not set # CONFIG_HSR is not set @@ -3436,6 +3435,7 @@ CONFIG_HOTPLUG_PCI=y CONFIG_HOTPLUG_PCI_ACPI=y CONFIG_HOTPLUG_PCI_ACPI_IBM=m CONFIG_HOTPLUG_PCI_PCIE=y +CONFIG_HP_ILO=m CONFIG_HUGETLBFS=y CONFIG_HVC_DRIVER=y CONFIG_HWLAT_TRACER=y diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec index 86d1936..99c61cc 100644 --- a/SPECS/kernel.spec +++ b/SPECS/kernel.spec @@ -42,10 +42,10 @@ # define buildid .local %define rpmversion 4.18.0 -%define pkgrelease 372.26.1.rt7.183.el8_6 +%define pkgrelease 372.32.1.rt7.189.el8_6 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 372.26.1.rt7.183%{?dist} +%define specrelease 372.32.1.rt7.189%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -152,7 +152,7 @@ # The preempt RT patch level %global rttag .rt7 # realtimeN -%global rtbuild .183 +%global rtbuild .189 %define with_doc 0 %define with_headers 0 %define with_cross_headers 0 @@ -586,7 +586,7 @@ Provides: kernel-drm-nouveau = 16\ Provides: %{name}-uname-r = %{KVERREL}%{?variant}%{?1:+%{1}}\ Requires(pre): %{kernel_prereq}\ Requires(pre): %{initrd_prereq}\ -Requires(pre): linux-firmware >= 20200619-99.git3890db36\ +Requires(pre): linux-firmware >= 20220210-108.git6342082c\ Requires(preun): systemd >= 200\ Conflicts: xfsprogs < 4.3.0-1\ Conflicts: xorg-x11-drv-vmmouse < 13.0.99\ @@ -2655,6 +2655,264 @@ fi # # %changelog +* Fri Oct 07 2022 Chris White [4.18.0-372.32.1.rt7.189.el8_6] +- [rt] build kernel-rt-4.18.0-372.32.1.rt7.189.el8_6 [2125396] +- net: atlantic: remove aq_nic_deinit() when resume (Íñigo Huguet) [2131936 2130839] +- net: atlantic: remove deep parameter on suspend/resume functions (Íñigo Huguet) [2131936 2130839] +- configs: enable CONFIG_HP_ILO for aarch64 (Mark Salter) [2129923 2123508] +- drm/nouveau: recognise GA103 (Karol Herbst) [2127122 1923125] +- net: fix a memleak when uncloning an skb dst and its metadata (Hangbin Liu) [2131255 2068355] +- net: do not keep the dst cache when uncloning an skb dst and its metadata (Hangbin Liu) [2131255 2068355] +- intel_idle: Fix false positive RCU splats due to incorrect hardirqs state (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/spec_ctrl: Enable RHEL only ibrs_always & retpoline,ibrs_user spectre_v2 options (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- KVM: emulate: do not adjust size of fastop and setcc subroutines (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/kvm: fix FASTOP_SIZE when return thunks are enabled (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- efi/x86: use naked RET on mixed mode call wrapper (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/bugs: Remove apostrophe typo (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/bugs: Mark retbleed_strings static (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/speculation: Disable RRSBA behavior (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/kexec: Disable RET on kexec (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/bugs: Add Cannon lake to RETBleed affected CPU list (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- redhat/configs: Add new mitigation configs for RetBleed CVEs (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/retbleed: Add fine grained Kconfig knobs (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/cpu/amd: Enumerate BTC_NO (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/common: Stamp out the stepping madness (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- KVM: VMX: Prevent RSB underflow before vmenter (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/speculation: Fill RSB on vmexit for IBRS (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- KVM: VMX: Fix IBRS handling after vmexit (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- KVM: VMX: Convert launched argument to flags (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- KVM: VMX: Flatten __vmx_vcpu_run() (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/speculation: Remove x86_spec_ctrl_mask (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/speculation: Fix SPEC_CTRL write on SMT state change (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/speculation: Fix firmware entry SPEC_CTRL handling (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/cpu/amd: Add Spectral Chicken (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/bugs: Do IBPB fallback check only once (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/bugs: Add retbleed=ibpb (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- objtool: Update Retpoline validation (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- intel_idle: Disable IBRS during long idle (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/bugs: Report Intel retbleed vulnerability (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/bugs: Optimize SPEC_CTRL MSR writes (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/entry: Add kernel IBRS implementation (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/bugs: Enable STIBP for JMP2RET (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/bugs: Add AMD retbleed= boot parameter (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/bugs: Report AMD retbleed vulnerability (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86: Add magic AMD return-thunk (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86: Use return-thunk in asm code (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/sev: Avoid using __x86_return_thunk (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/vsyscall_emu/64: Don't use RET in vsyscall emulation (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/kvm: Fix SETcc emulation for return thunks (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/bpf: Use alternative RET encoding (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/ftrace: Use alternative RET encoding (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86,objtool: Create .return_sites (Josh Poimboeuf) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86: Undo return-thunk damage (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/retpoline: Use -mfunction-return (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/retpoline: Swizzle retpoline thunk (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/retpoline: Cleanup some #ifdefery (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/cpufeatures: Move RETPOLINE flags to word 11 (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/kvm/vmx: Make noinstr clean (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- arch/x86/boot/compressed: Add -D__DISABLE_EXPORTS to kbuild flags (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86: (Ab)use __DISABLE_EXPORTS to disable RETHUNK in real mode (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/entry: Remove skip_r11rcx (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- cpuidle,intel_idle: Fix CPUIDLE_FLAG_IRQ_ENABLE (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/speculation/srbds: Do not try to turn mitigation off when not supported (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/ibt,paravirt: Use text_gen_insn() for paravirt_patch() (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/text-patching: Make text_gen_insn() play nice with ANNOTATE_NOENDBR (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/module: Fix the paravirt vs alternative order (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86: Add straight-line-speculation mitigation (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86: Prepare inline-asm for straight-line-speculation (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86: Prepare asm files for straight-line-speculation (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86: Move RETPOLINE*_CFLAGS to arch Makefile (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/entry: Add a fence for kernel entry SWAPGS in paranoid_entry() (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- Makefile: remove stale cc-option checks (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- tools headers: Remove broken definition of __LITTLE_ENDIAN (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy' (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86: Add insn_decode_kernel() (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- tools/insn: Restore the relative include paths for cross building (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/alternative: Use insn_decode() (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/insn: Add an insn_decode() API (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/insn: Rename insn_decode() to insn_decode_from_regs() (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/paravirt: Add new features for paravirt patching (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/alternative: Support not-feature (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/alternative: Merge include files (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- objtool: Fix error handling for STD/CLD warnings (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/alternatives: Teach text_poke_bp() to emulate RET (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/ftrace: Have ftrace trampolines turn read-only at the end of system boot up (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/speculation: Change FILL_RETURN_BUFFER to work with objtool (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- objtool: Add support for intra-function calls (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- objtool: Rework allocating stack_ops on decode (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- objtool: Better handle IRET (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- objtool: Support multiple stack_op per instruction (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- objtool: Make BP scratch register warning more robust (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/kexec: Make relocate_kernel_64.S objtool clean (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- objtool: Introduce validate_return() (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- Makefile: disallow data races on gcc-10 as well (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- objtool: Improve call destination function detection (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/alternatives: Implement a better poke_int3_handler() completion scheme (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- lib/: fix Kconfig indentation (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/alternatives: Use INT3_INSN_SIZE (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/kprobes: Fix ordering while text-patching (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/kprobes: Convert to text-patching.h (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/alternative: Shrink text_poke_loc (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/alternative: Remove text_poke_loc::len (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/ftrace: Use text_gen_insn() (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/alternative: Add text_opcode_size() (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/ftrace: Use text_poke() (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/ftrace: Use vmalloc special flag (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/ftrace: Explicitly include vmalloc.h for set_vm_flush_reset_perms() (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/alternatives: Add and use text_gen_insn() helper (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/alternatives, jump_label: Provide better text_poke() batching interface (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/asm: Annotate relocate_kernel_{32,64}.c (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86: kprobes: Prohibit probing on instruction which has emulate prefix (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86: Correct misc typos (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/speculation/mds: Apply more accurate check on hypervisor platform (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- objtool: Convert insn type to enum (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- objtool: Track original function across branches (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- objtool: Rename elf_open() to prevent conflict with libelf from elftoolchain (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/ftrace: Make enable parameter bool where applicable (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/CPU/AMD: Don't force the CPB cap when running under a hypervisor (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- objtool: Fix function fallthrough detection (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/paravirt: Detect over-sized patching bugs in paravirt_patch_call() (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/cpu/amd: Exclude 32bit only assembler from 64bit build (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/asm: Mark all top level asm statements as .text (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/cpu/bugs: Use __initconst for 'const' init data (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- objtool: Add Direction Flag validation (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- objtool: Rewrite add_ignores() (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/nospec, objtool: Introduce ANNOTATE_IGNORE_ALTERNATIVE (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/ftrace: Fix warning and considate ftrace_jmp_replace() and ftrace_call_replace() (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- kbuild: Disable extra debugging info in .s output (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/CPU/AMD: Set the CPB bit unconditionally on F17h (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/alternatives: Print containing function (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/ftrace: Do not call function graph from dynamic trampolines (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- ftrace: Create new ftrace_internal.h header (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- kprobes/x86: Fix instruction patching corruption when copying more than one RIP-relative instruction (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- tracing/Makefile: Fix handling redefinition of CC_FLAGS_FTRACE (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/paravirt: Remove unused paravirt bits (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/paravirt: Remove clobbers parameter from paravirt patch functions (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/paravirt: Make paravirt_patch_call() and paravirt_patch_jmp() static (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/l1tf: Fix build error seen if CONFIG_KVM_INTEL is disabled (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- ftrace: Remove unused pointer ftrace_swapper_pid (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- x86/spec_ctrl: Temporarily remove RHEL specific IBRS code (Waiman Long) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- intel_idle: enable interrupts before C1 on Xeons (Steve Best) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- KVM: nVMX: Query current VMCS when determining if MSR bitmaps are in use (Vitaly Kuznetsov) [2103170 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825} +- atlantic: Fix issue in the pm resume flow. (Igor Russkikh) [2127845 2002395] +- atlantic: Fix driver resume flow. (Igor Russkikh) [2127845 2002395] +- net: atlantic: always deep reset on pm op, fixing up my null deref regression (Foggy Liu) [2124966 2039680] +- net: atlantic: invert deep par in pm functions, preventing null derefs (Foggy Liu) [2124966 2039680] + +* Fri Sep 30 2022 Augusto Caringi [4.18.0-372.31.1.rt7.188.el8_6] +- [rt] build kernel-rt-4.18.0-372.31.1.rt7.188.el8_6 [2125396] +- ice: Allow operation with reduced device MSI-X (Petr Oros) [2126482 2102844] +- redhat: kernel depends on new linux-firmware (John Meneghini) [2120613 2044843] +- scsi: qedi: Use QEDI_MODE_NORMAL for error handling (John Meneghini) [2119847 2101760] +- qede: Reduce verbosity of ptp tx timestamp (John Meneghini) [2125477 2080655] +- qede: confirm skb is allocated before using (John Meneghini) [2120611 2040267] +- qed: fix ethtool register dump (John Meneghini) [2120611 2040267] +- scsi: qedf: Stop using the SCSI pointer (John Meneghini) [2120613 2044843] +- scsi: qedf: Change context reset messages to ratelimited (John Meneghini) [2120613 2044843] +- scsi: qedf: Fix refcount issue when LOGO is received during TMF (John Meneghini) [2120613 2044843] +- scsi: qedf: Add stag_work to all the vports (John Meneghini) [2120613 2044843] +- scsi: qedf: Fix potential dereference of NULL pointer (John Meneghini) [2120613 2044843] +- scsi: qedi: Remove redundant flush_workqueue() calls (John Meneghini) [2120612 2044837] +- scsi: qedi: Fix SYSFS_FLAG_FW_SEL_BOOT formatting (John Meneghini) [2120612 2044837] +- qed: remove unnecessary memset in qed_init_fw_funcs (John Meneghini) [2120611 2040267] +- qed: return status of qed_iov_get_link (John Meneghini) [2120611 2040267] +- net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() (John Meneghini) [2120611 2040267] +- qed: validate and restrict untrusted VFs vlan promisc mode (John Meneghini) [2120611 2040267] +- qed: display VF trust config (John Meneghini) [2120611 2040267] +- qed: prevent a fw assert during device shutdown (John Meneghini) [2120611 2040267] +- qed: use msleep() in qed_mcp_cmd() and add qed_mcp_cmd_nosleep() for udelay. (John Meneghini) [2120611 2040267] +- qed: Use dma_set_mask_and_coherent() and simplify code (John Meneghini) [2120611 2040267] +- qed*: esl priv flag support through ethtool (John Meneghini) [2120611 2040267] +- qed*: enhance tx timeout debug info (John Meneghini) [2120611 2040267] +- qede: validate non LSO skb length (John Meneghini) [2120611 2040267] +- qed: Enhance rammod debug prints to provide pretty details (John Meneghini) [2120611 2040267] +- net: qed: fix the array may be out of bound (John Meneghini) [2120611 2040267] +- qed: Use the bitmap API to simplify some functions (John Meneghini) [2120611 2040267] +- RDMA/qed: Use helper function to set GUIDs (John Meneghini) [2120611 2040267] +- net: qed_dev: fix check of true !rc expression (John Meneghini) [2120611 2040267] +- net: qed_ptp: fix check of true !rc expression (John Meneghini) [2120611 2040267] +- RDMA/qedr: Remove unsupported qedr_resize_cq callback (John Meneghini) [2120611 2040267] +- qed: Change the TCP common variable - "iscsi_ooo" (John Meneghini) [2120611 2040267] +- qed: Optimize the ll2 ooo flow (John Meneghini) [2120611 2040267] +- net: qed_debug: fix check of false (grc_param < 0) expression (John Meneghini) [2120611 2040267] +- qed: Fix missing error code in qed_slowpath_start() (John Meneghini) [2120611 2040267] +- qed: Fix compilation for CONFIG_QED_SRIOV undefined scenario (John Meneghini) [2120611 2040267] +- qed: Initialize debug string array (John Meneghini) [2120611 2040267] +- qed: Fix spelling mistake "ctx_bsaed" -> "ctx_based" (John Meneghini) [2120611 2040267] +- qed: fix ll2 establishment during load of RDMA driver (John Meneghini) [2120611 2040267] +- qed: Update the TCP active termination 2 MSL timer ("TIME_WAIT") (John Meneghini) [2120611 2040267] +- qed: Update TCP silly-window-syndrome timeout for iwarp, scsi (John Meneghini) [2120611 2040267] +- qed: Update debug related changes (John Meneghini) [2120611 2040267] +- qed: Add '_GTT' suffix to the IRO RAM macros (John Meneghini) [2120611 2040267] +- qed: Update FW init functions to support FW 8.59.1.0 (John Meneghini) [2120611 2040267] +- qed: Use enum as per FW 8.59.1.0 in qed_iro_hsi.h (John Meneghini) [2120611 2040267] +- qed: Update qed_hsi.h for fw 8.59.1.0 (John Meneghini) [2120611 2040267] +- qed: Update qed_mfw_hsi.h for FW ver 8.59.1.0 (John Meneghini) [2120611 2040267] +- qed: Update common_hsi for FW ver 8.59.1.0 (John Meneghini) [2120611 2040267] +- qed: Split huge qed_hsi.h header file (John Meneghini) [2120611 2040267] +- qed: Remove e4_ and _e4 from FW HSI (John Meneghini) [2120611 2040267] +- qed: Fix kernel-doc warnings (John Meneghini) [2120611 2040267] +- qed: Don't ignore devlink allocation failures (John Meneghini) [2120611 2040267] +- qed: Improve the stack space of filter_config() (John Meneghini) [2120611 2040267] +- RDMA/qedr: Move variables reset to qedr_set_common_qp_params() (John Meneghini) [2120611 2040267] +- RDMA/qedr: Fix reporting max_{send/recv}_wr attrs (John Meneghini) [2119122 2051524] + +* Wed Sep 28 2022 Augusto Caringi [4.18.0-372.30.1.rt7.187.el8_6] +- [rt] build kernel-rt-4.18.0-372.30.1.rt7.187.el8_6 [2125396] +- af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register (Xin Long) [2107615 2075182] {CVE-2022-1353} +- SUNRPC: avoid race between mod_timer() and del_timer_sync() (Benjamin Coddington) [2126184 2104507] +- powerpc/fadump: print start of preserved area (Diego Domingos) [2107488 2075092] +- powerpc/fadump: align destination address to pagesize (Diego Domingos) [2107488 2075092] +- powerpc/fadump: fix PT_LOAD segment for boot memory area (Diego Domingos) [2107488 2075092] +- drm/amdgpu: vi: disable ASPM on Intel Alder Lake based systems (Michel Dänzer) [2091065 2066918] +- drm/amd: Use amdgpu_device_should_use_aspm on navi umd pstate switching (Michel Dänzer) [2091065 2066918] +- drm/amd: Refactor `amdgpu_aspm` to be evaluated per device (Michel Dänzer) [2091065 2066918] +- drm/amd: Check if ASPM is enabled from PCIe subsystem (Michel Dänzer) [2091065 2066918] + +* Wed Sep 21 2022 Luis Claudio R. Goncalves [4.18.0-372.29.1.rt7.186.el8_6] +- [rt] build kernel-rt-4.18.0-372.29.1.rt7.186.el8_6 [2125396] +- mm/memcg: Fix using __this_cpu_add() in preemptible context (Prasad Pandit) [2122600] +- block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern (Ewan D. Milne) [2107624 2049196] {CVE-2022-0494} +- cpufreq: Specify default governor on command line (Prarit Bhargava) [2109996 2083766] +- cpufreq: Fix locking issues with governors (Prarit Bhargava) [2109996 2083766] +- cpufreq: Register governors at core_initcall (Prarit Bhargava) [2109996 2083766] +- net_sched: cls_route: remove from list when handle is 0 (Felix Maurer) [2121812 2116326] {CVE-2022-2588} + +* Thu Sep 08 2022 Chris White [4.18.0-372.28.1.rt7.185.el8_6] +- [rt] build kernel-rt-4.18.0-372.28.1.rt7.185.el8_6 [2125396] +- powerpc/smp: Update cpu_core_map on all PowerPc systems (Diego Domingos) [2112820 2064104] +- iavf: Fix reset error handling (Petr Oros) [2120225 2119759] +- iavf: Fix NULL pointer dereference in iavf_get_link_ksettings (Petr Oros) [2120225 2119759] +- iavf: Fix adminq error handling (Petr Oros) [2120225 2119759] +- iavf: Fix missing state logs (Petr Oros) [2120225 2119759] +- scsi: mpt3sas: Stop fw fault watchdog work item during system shutdown (Tomas Henzl) [2111140 2106413] +- s390/qeth: cache link_info for ethtool (Michal Schmidt) [2120197 2117098] +- nvme: fix RCU hole that allowed for endless looping in multipath round robin (Gopal Tiwari) [2106017 2078806] +- nvme: also mark passthrough-only namespaces ready in nvme_update_ns_info (Gopal Tiwari) [2106017 2078806] +- nvme: fix use after free when disconnecting a reconnecting ctrl (Gopal Tiwari) [2106017 2078806] +- nvme: only call synchronize_srcu when clearing current path (Gopal Tiwari) [2106017 2078806] +- nvme-multipath: revalidate paths during rescan (Gopal Tiwari) [2106017 2078806] +- scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg() (Dick Kennedy) [2112103 2034425] + +* Thu Sep 08 2022 Chris White [4.18.0-372.27.1.rt7.184.el8_6] +- [rt] build kernel-rt-4.18.0-372.27.1.rt7.184.el8_6 [2111112] +- [s390] s390/pci: add s390_iommu_aperture kernel parameter (Claudio Imbrenda) [2081324 2039181] +- ipv6: take care of disable_policy when restoring routes (Andrea Claudi) [2109971 2103894] +- net: openvswitch: fix parsing of nw_proto for IPv6 fragments (Eelco Chaudron) [2106703 2101537] +- scsi: ch: Make it possible to open a ch device multiple times again (Ewan D. Milne) [2115965 2108649] +- scsi: smartpqi: Fix DMA direction for RAID requests (Don Brace) [2112354 2101548] +- iommu/vt-d: Calculate mask for non-aligned flushes (Jerry Snitselaar) [2111692 2072179] + * Sun Aug 28 2022 Chris White [4.18.0-372.26.1.rt7.183.el8_6] - [rt] build kernel-rt-4.18.0-372.26.1.rt7.183.el8_6 [2111112] - drm/amd/display: Ignore First MST Sideband Message Return Error (Mika Penttilä) [2109826 2089853]