From 02866e516c9604743019a107bdf3fbc0f2a27f0c Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Sun, 16 Jul 2023 17:08:45 +0200 Subject: [PATCH] kernel-4.18.0-503.el8 * Sun Jul 16 2023 Denys Vlasenko [4.18.0-503.el8] - s390/diag: fix display of diagnose call statistics (Tobias Huschle) [2187995] - rseq, ptrace: Add PTRACE_GET_RSEQ_CONFIGURATION request (Adrian Reber) [2218454] - locking/rwbase: Mitigate indefinite writer starvation (Eder Zulian) [2077282] - fbcon: Check font dimension limits (Ricardo Robaina) [2213493] {CVE-2023-3161} - libnvdimm: Notify disk drivers to revalidate region read-only (Jeff Moyer) [1999673] - nvdimm/region: always show the 'align' attribute (Jeff Moyer) [1999673] - nvdimm/region: Fix default alignment for small regions (Jeff Moyer) [1999673] - libnvdimm/region: Allow setting align attribute on regions without mappings (Jeff Moyer) [1999673] - KVM: SVM: Return the local "r" variable from svm_set_msr() (Emanuele Giuseppe Esposito) [2124598] - KVM: x86: Virtualize FLUSH_L1D and passthrough MSR_IA32_FLUSH_CMD (Emanuele Giuseppe Esposito) [2124598] - KVM: x86: Move MSR_IA32_PRED_CMD WRMSR emulation to common code (Emanuele Giuseppe Esposito) [2124598] - KVM: SVM: Passthrough MSR_IA32_PRED_CMD based purely on host+guest CPUID (Emanuele Giuseppe Esposito) [2124598] - KVM: VMX: Passthrough MSR_IA32_PRED_CMD based purely on host+guest CPUID (Emanuele Giuseppe Esposito) [2124598] - KVM: x86: Revert MSR_IA32_FLUSH_CMD.FLUSH_L1D enabling (Emanuele Giuseppe Esposito) [2124598] - kvm: x86: Advertise FLUSH_L1D to user space (Emanuele Giuseppe Esposito) [2124598] - kvm: svm: Add IA32_FLUSH_CMD guest support (Emanuele Giuseppe Esposito) [2124598] - kvm: vmx: Add IA32_FLUSH_CMD guest support (Emanuele Giuseppe Esposito) [2124598] - rtc: lib_test: add MODULE_LICENSE (Lenny Szubowicz) [2207975] - rtc: efi: Remove the repeated module alias (Lenny Szubowicz) [2207975] - efi/efivars: Set generic ops before loading SSDT (Lenny Szubowicz) [2207975] - efi: efibc: check for efivars write capability (Lenny Szubowicz) [2207975] - efi/efivars: Expose RT service availability via efivars abstraction (Lenny Szubowicz) [2207975] - integrity: Check properly whether EFI GetVariable() is available (Lenny Szubowicz) [2207975] - x86/ima: Use EFI GetVariable only when available (Lenny Szubowicz) [2207975] - efi: Use EFI ResetSystem only when available (Lenny Szubowicz) [2207975] - scsi: iscsi: Use EFI GetVariable only when available (Lenny Szubowicz) [2207975] - infiniband: hfi1: Use EFI GetVariable only when available (Lenny Szubowicz) [2207975] - efi: Register EFI rtc platform device only when available (Lenny Szubowicz) [2207975] - efi: Use more granular check for availability for variable services (Lenny Szubowicz) [2207975] - efi: mark all efi runtime services as unsupported on non-efi boot (Lenny Szubowicz) [2207975] - efi: Add support for EFI_RT_PROPERTIES table (Lenny Szubowicz) [2207975] - crypto: ccp - Add support for PCI device 0x156E (Vladis Dronov) [2180960] - crypto: ccp - Add support for PCI device 0x17E0 (Vladis Dronov) [2180960] - crypto: ccp - Validate that platform access mailbox registers are declared (Vladis Dronov) [2180960] - crypto: ccp - Use lower 8 bytes to communicate with doorbell command register (Vladis Dronov) [2180960] - crypto: ccp - Return doorbell status code as an argument (Vladis Dronov) [2180960] - crypto: ccp - Bump up doorbell debug message to error (Vladis Dronov) [2180960] - crypto: ccp - Drop extra doorbell checks (Vladis Dronov) [2180960] - crypto: ccp - Don't initialize CCP for PSP 0x1649 (Vladis Dronov) [2180960] - crypto: ccp - Clear PSP interrupt status register before calling handler (Vladis Dronov) [2180960] - crypto: ccp - Add support for ringing a platform doorbell (Vladis Dronov) [2180960] - crypto: ccp - Enable platform access interface on client PSP parts (Vladis Dronov) [2180960] - crypto: ccp - Add support for an interface for platform features (Vladis Dronov) [2180960] - crypto: ccp - Move some PSP mailbox bit definitions into common header (Vladis Dronov) [2180960] - crypto: ccp - Add a header for multiple drivers to use `__psp_pa` (Vladis Dronov) [2180960] - crypto: ccp - Drop TEE support for IRQ handler (Vladis Dronov) [2180960] - crypto: ccp: Get rid of __sev_platform_init_locked()'s local function pointer (Vladis Dronov) [2180960] - crypto: ccp - Name -1 return value as SEV_RET_NO_FW_CALL (Vladis Dronov) [2180960] - crypto: ccp - Flush the SEV-ES TMR memory before giving it to firmware (Vladis Dronov) [2180960] - crypto: ccp - Add a firmware definition for EPYC gen 4 processors (Vladis Dronov) [2180960] - crypto: ccp - Provide MMIO register naming for documenation (Vladis Dronov) [2180960] - redhat/configs: enable CONFIG_INTEL_UNCORE_FREQ_CONTROL for x86_64 (David Arcari) [2156826] - platform/x86/intel-uncore-freq: Return error on write frequency (David Arcari) [2156826] - platform/x86: intel-uncore-freq: Add client processors (David Arcari) [2156826] - platform/x86: intel-uncore-freq: add Emerald Rapids support (David Arcari) [2156826] - platform/x86: intel-uncore-freq: Use sysfs_emit() to instead of scnprintf() (David Arcari) [2156826] - platform/x86: intel-uncore-freq: Prevent driver loading in guests (David Arcari) [2156826] - platform/x86: intel-uncore-freq: fix uncore_freq_common_init() error codes (David Arcari) [2156826] - platform/x86/intel-uncore-freq: Split common and enumeration part (David Arcari) [2156826] - platform/x86/intel/uncore-freq: Display uncore current frequency (David Arcari) [2156826] - platform/x86/intel/uncore-freq: Use sysfs API to create attributes (David Arcari) [2156826] - platform/x86/intel/uncore-freq: Move to uncore-frequency folder (David Arcari) [2156826] - platform/x86: intel-uncore-frequency: use default_groups in kobj_type (David Arcari) [2156826] - platform/x86: intel-uncore-frequency: Move to intel sub-directory (David Arcari) [2156826] - platform/x86/intel-uncore-freq: Add Sapphire Rapids server support (David Arcari) [2156826] - platform/x86/intel-uncore-freq: make uncore_root_kobj static (David Arcari) [2156826] - platform/x86: Convert to new CPU match macros (David Arcari) [2156826] - platform/x86/intel-uncore-freq: Add release callback (David Arcari) [2156826] - platform/x86/intel-uncore-freq: Fix static checker issue and potential race condition (David Arcari) [2156826] - MAINTAINERS: Update for the intel uncore frequency control (David Arcari) [2156826] - platform/x86: Add support for Uncore frequency control (David Arcari) [2156826] Resolves: rhbz#1999673, rhbz#2077282, rhbz#2124598, rhbz#2156826, rhbz#2180960, rhbz#2187995, rhbz#2207975, rhbz#2213493, rhbz#2218454 Signed-off-by: Denys Vlasenko --- kernel-x86_64-debug.config | 1 + kernel-x86_64.config | 1 + kernel.spec | 79 ++++++++++++++++++++++++++++++++++++-- sources | 6 +-- 4 files changed, 81 insertions(+), 6 deletions(-) diff --git a/kernel-x86_64-debug.config b/kernel-x86_64-debug.config index f8ea201a7..9efee6515 100644 --- a/kernel-x86_64-debug.config +++ b/kernel-x86_64-debug.config @@ -3515,6 +3515,7 @@ CONFIG_INTEL_TH_PTI=m CONFIG_INTEL_TH_STH=m CONFIG_INTEL_TURBO_MAX_3=y CONFIG_INTEL_TXT=y +CONFIG_INTEL_UNCORE_FREQ_CONTROL=m CONFIG_INTEL_VBTN=m CONFIG_INTEL_VSEC=m CONFIG_INTEL_WMI_THUNDERBOLT=m diff --git a/kernel-x86_64.config b/kernel-x86_64.config index 00db8f469..521a11652 100644 --- a/kernel-x86_64.config +++ b/kernel-x86_64.config @@ -3529,6 +3529,7 @@ CONFIG_INTEL_TH_PTI=m CONFIG_INTEL_TH_STH=m CONFIG_INTEL_TURBO_MAX_3=y CONFIG_INTEL_TXT=y +CONFIG_INTEL_UNCORE_FREQ_CONTROL=m CONFIG_INTEL_VBTN=m CONFIG_INTEL_VSEC=m CONFIG_INTEL_WMI_THUNDERBOLT=m diff --git a/kernel.spec b/kernel.spec index ed3972e85..1523686f4 100644 --- a/kernel.spec +++ b/kernel.spec @@ -12,7 +12,7 @@ # change below to w4T.xzdio): %define _binary_payload w3T.xzdio -%global distro_build 502 +%global distro_build 503 # Sign the x86_64 kernel for secure boot authentication %ifarch x86_64 aarch64 s390x ppc64le @@ -38,10 +38,10 @@ # define buildid .local %define rpmversion 4.18.0 -%define pkgrelease 502.el8 +%define pkgrelease 503.el8 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 502%{?dist} +%define specrelease 503%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -2695,6 +2695,79 @@ fi # # %changelog +* Sun Jul 16 2023 Denys Vlasenko [4.18.0-503.el8] +- s390/diag: fix display of diagnose call statistics (Tobias Huschle) [2187995] +- rseq, ptrace: Add PTRACE_GET_RSEQ_CONFIGURATION request (Adrian Reber) [2218454] +- locking/rwbase: Mitigate indefinite writer starvation (Eder Zulian) [2077282] +- fbcon: Check font dimension limits (Ricardo Robaina) [2213493] {CVE-2023-3161} +- libnvdimm: Notify disk drivers to revalidate region read-only (Jeff Moyer) [1999673] +- nvdimm/region: always show the 'align' attribute (Jeff Moyer) [1999673] +- nvdimm/region: Fix default alignment for small regions (Jeff Moyer) [1999673] +- libnvdimm/region: Allow setting align attribute on regions without mappings (Jeff Moyer) [1999673] +- KVM: SVM: Return the local "r" variable from svm_set_msr() (Emanuele Giuseppe Esposito) [2124598] +- KVM: x86: Virtualize FLUSH_L1D and passthrough MSR_IA32_FLUSH_CMD (Emanuele Giuseppe Esposito) [2124598] +- KVM: x86: Move MSR_IA32_PRED_CMD WRMSR emulation to common code (Emanuele Giuseppe Esposito) [2124598] +- KVM: SVM: Passthrough MSR_IA32_PRED_CMD based purely on host+guest CPUID (Emanuele Giuseppe Esposito) [2124598] +- KVM: VMX: Passthrough MSR_IA32_PRED_CMD based purely on host+guest CPUID (Emanuele Giuseppe Esposito) [2124598] +- KVM: x86: Revert MSR_IA32_FLUSH_CMD.FLUSH_L1D enabling (Emanuele Giuseppe Esposito) [2124598] +- kvm: x86: Advertise FLUSH_L1D to user space (Emanuele Giuseppe Esposito) [2124598] +- kvm: svm: Add IA32_FLUSH_CMD guest support (Emanuele Giuseppe Esposito) [2124598] +- kvm: vmx: Add IA32_FLUSH_CMD guest support (Emanuele Giuseppe Esposito) [2124598] +- rtc: lib_test: add MODULE_LICENSE (Lenny Szubowicz) [2207975] +- rtc: efi: Remove the repeated module alias (Lenny Szubowicz) [2207975] +- efi/efivars: Set generic ops before loading SSDT (Lenny Szubowicz) [2207975] +- efi: efibc: check for efivars write capability (Lenny Szubowicz) [2207975] +- efi/efivars: Expose RT service availability via efivars abstraction (Lenny Szubowicz) [2207975] +- integrity: Check properly whether EFI GetVariable() is available (Lenny Szubowicz) [2207975] +- x86/ima: Use EFI GetVariable only when available (Lenny Szubowicz) [2207975] +- efi: Use EFI ResetSystem only when available (Lenny Szubowicz) [2207975] +- scsi: iscsi: Use EFI GetVariable only when available (Lenny Szubowicz) [2207975] +- infiniband: hfi1: Use EFI GetVariable only when available (Lenny Szubowicz) [2207975] +- efi: Register EFI rtc platform device only when available (Lenny Szubowicz) [2207975] +- efi: Use more granular check for availability for variable services (Lenny Szubowicz) [2207975] +- efi: mark all efi runtime services as unsupported on non-efi boot (Lenny Szubowicz) [2207975] +- efi: Add support for EFI_RT_PROPERTIES table (Lenny Szubowicz) [2207975] +- crypto: ccp - Add support for PCI device 0x156E (Vladis Dronov) [2180960] +- crypto: ccp - Add support for PCI device 0x17E0 (Vladis Dronov) [2180960] +- crypto: ccp - Validate that platform access mailbox registers are declared (Vladis Dronov) [2180960] +- crypto: ccp - Use lower 8 bytes to communicate with doorbell command register (Vladis Dronov) [2180960] +- crypto: ccp - Return doorbell status code as an argument (Vladis Dronov) [2180960] +- crypto: ccp - Bump up doorbell debug message to error (Vladis Dronov) [2180960] +- crypto: ccp - Drop extra doorbell checks (Vladis Dronov) [2180960] +- crypto: ccp - Don't initialize CCP for PSP 0x1649 (Vladis Dronov) [2180960] +- crypto: ccp - Clear PSP interrupt status register before calling handler (Vladis Dronov) [2180960] +- crypto: ccp - Add support for ringing a platform doorbell (Vladis Dronov) [2180960] +- crypto: ccp - Enable platform access interface on client PSP parts (Vladis Dronov) [2180960] +- crypto: ccp - Add support for an interface for platform features (Vladis Dronov) [2180960] +- crypto: ccp - Move some PSP mailbox bit definitions into common header (Vladis Dronov) [2180960] +- crypto: ccp - Add a header for multiple drivers to use `__psp_pa` (Vladis Dronov) [2180960] +- crypto: ccp - Drop TEE support for IRQ handler (Vladis Dronov) [2180960] +- crypto: ccp: Get rid of __sev_platform_init_locked()'s local function pointer (Vladis Dronov) [2180960] +- crypto: ccp - Name -1 return value as SEV_RET_NO_FW_CALL (Vladis Dronov) [2180960] +- crypto: ccp - Flush the SEV-ES TMR memory before giving it to firmware (Vladis Dronov) [2180960] +- crypto: ccp - Add a firmware definition for EPYC gen 4 processors (Vladis Dronov) [2180960] +- crypto: ccp - Provide MMIO register naming for documenation (Vladis Dronov) [2180960] +- redhat/configs: enable CONFIG_INTEL_UNCORE_FREQ_CONTROL for x86_64 (David Arcari) [2156826] +- platform/x86/intel-uncore-freq: Return error on write frequency (David Arcari) [2156826] +- platform/x86: intel-uncore-freq: Add client processors (David Arcari) [2156826] +- platform/x86: intel-uncore-freq: add Emerald Rapids support (David Arcari) [2156826] +- platform/x86: intel-uncore-freq: Use sysfs_emit() to instead of scnprintf() (David Arcari) [2156826] +- platform/x86: intel-uncore-freq: Prevent driver loading in guests (David Arcari) [2156826] +- platform/x86: intel-uncore-freq: fix uncore_freq_common_init() error codes (David Arcari) [2156826] +- platform/x86/intel-uncore-freq: Split common and enumeration part (David Arcari) [2156826] +- platform/x86/intel/uncore-freq: Display uncore current frequency (David Arcari) [2156826] +- platform/x86/intel/uncore-freq: Use sysfs API to create attributes (David Arcari) [2156826] +- platform/x86/intel/uncore-freq: Move to uncore-frequency folder (David Arcari) [2156826] +- platform/x86: intel-uncore-frequency: use default_groups in kobj_type (David Arcari) [2156826] +- platform/x86: intel-uncore-frequency: Move to intel sub-directory (David Arcari) [2156826] +- platform/x86/intel-uncore-freq: Add Sapphire Rapids server support (David Arcari) [2156826] +- platform/x86/intel-uncore-freq: make uncore_root_kobj static (David Arcari) [2156826] +- platform/x86: Convert to new CPU match macros (David Arcari) [2156826] +- platform/x86/intel-uncore-freq: Add release callback (David Arcari) [2156826] +- platform/x86/intel-uncore-freq: Fix static checker issue and potential race condition (David Arcari) [2156826] +- MAINTAINERS: Update for the intel uncore frequency control (David Arcari) [2156826] +- platform/x86: Add support for Uncore frequency control (David Arcari) [2156826] + * Tue Jul 11 2023 Denys Vlasenko [4.18.0-502.el8] - ceph: fix use-after-free bug for inodes when flushing capsnaps (Xiubo Li) [2209299] - net/tls: tls_is_tx_ready() checked list_entry (Sabrina Dubroca) [2212176] {CVE-2023-1075} diff --git a/sources b/sources index ea85cb567..a362a20a8 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-4.18.0-502.el8.tar.xz) = f563492e15bb910ba38738ffcacb4f89eca435c788d3adfe766fbea54fa1703bd788ca9ef0dfa716718be96d720ee1afa2864a13a3613f01800b74b5dd8a0d8d -SHA512 (kernel-abi-stablelists-4.18.0-502.tar.bz2) = 22006eb3debf0be5a8190569ab0551adfb0d680702973bf4c01c18ac79d2f9eab2be05ca2c5640cf739cbe07026b44b970857c14558fabec9d19640d528e61c3 -SHA512 (kernel-kabi-dw-4.18.0-502.tar.bz2) = f7bbf94096acc33486535d9eece268c543c6a05d93ee262d64dc22b220f1cb3ff49b4cf091a5c748811c4229fdf674be4c816174575161b0ca5e457726595b32 +SHA512 (linux-4.18.0-503.el8.tar.xz) = 4c692c56277fb01206692c7531d54f88cd2f570a8ba965b28fc7709e1e9a844fe61f33e903e5918b58db68e0a9006d9f35dfcf4449c6fed37bc1ca960b05734a +SHA512 (kernel-abi-stablelists-4.18.0-503.tar.bz2) = 268236c84ecf4e851a5c8b334f60d5e46d93715ce7e51a29648bb1d392ea2df49cabfd0eddf90198c432284ec73f41cd7b570015a0e921c2393682049bca2803 +SHA512 (kernel-kabi-dw-4.18.0-503.tar.bz2) = f7bbf94096acc33486535d9eece268c543c6a05d93ee262d64dc22b220f1cb3ff49b4cf091a5c748811c4229fdf674be4c816174575161b0ca5e457726595b32