From 0633b7745b33b29d21dac5d4a6bb6526f3e1f633 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <dvlasenk@redhat.com>
Date: Fri, 15 Mar 2024 01:26:23 +0100
Subject: [PATCH] kernel-4.18.0-546.el8

* Fri Mar 15 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-546.el8]
- sched/membarrier: reduce the ability to hammer on sys_membarrier (Wander Lairson Costa) [RHEL-23430] {CVE-2024-26602}
- NFS: Set the stable writes flag when initialising the super block (Benjamin Coddington) [RHEL-25266]
- smb: client: fix OOB in receive_encrypted_standard() (Scott Mayhew) [RHEL-21685] {CVE-2024-0565}
- scsi: core: Move scsi_host_busy() out of host lock if it is for per-command (Ming Lei) [RHEL-23942]
- scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler (Ming Lei) [RHEL-23942]
- gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump (Andrew Price) [RHEL-26501] {CVE-2023-52448}
- smb: client: fix parsing of SMB3.1.1 POSIX create context (Paulo Alcantara) [RHEL-26241] {CVE-2023-52434}
- smb: client: fix potential OOBs in smb2_parse_contexts() (Paulo Alcantara) [RHEL-26241] {CVE-2023-52434}
- smb3: Replace smb2pdu 1-element arrays with flex-arrays (Jay Shin) [RHEL-22143]
- cifs: Replace remaining 1-element arrays (Jay Shin) [RHEL-22143]
- cifs: Convert struct fealist away from 1-element array (Jay Shin) [RHEL-22143]
- cifs: remove unneeded 2bytes of padding from smb2 tree connect (Jay Shin) [RHEL-22143]
- cifs: Replace zero-length arrays with flexible-array members (Jay Shin) [RHEL-22143]
- cifs: Replace a couple of one-element arrays with flexible-array members (Jay Shin) [RHEL-22143]
- cifs: fix FILE_BOTH_DIRECTORY_INFO definition (Jay Shin) [RHEL-22143]
- nfsd: use locks_inode_context helper (Jeffrey Layton) [RHEL-27441]
- nfs: use locks_inode_context helper (Jeffrey Layton) [RHEL-27441]
- lockd: use locks_inode_context helper (Jeffrey Layton) [RHEL-27441]
- cifs: use locks_inode_context helper (Jeffrey Layton) [RHEL-27441]
- ceph: use locks_inode_context helper (Jeffrey Layton) [RHEL-27441]
- filelock: add a new locks_inode_context accessor function (Jeffrey Layton) [RHEL-27441]
- dm-integrity, dm-verity: reduce stack usage for recheck (Benjamin Marzinski) [RHEL-27849]
- dm-crypt: recheck the integrity tag after a failure (Benjamin Marzinski) [RHEL-27849]
- dm-crypt: don't modify the data when using authenticated encryption (Benjamin Marzinski) [RHEL-27849]
- dm-verity: recheck the hash after a failure (Benjamin Marzinski) [RHEL-27849]
- dm-integrity: recheck the integrity tag after a failure (Benjamin Marzinski) [RHEL-27849]
Resolves: RHEL-21685, RHEL-22143, RHEL-23430, RHEL-23942, RHEL-25266, RHEL-26241, RHEL-26501, RHEL-27441, RHEL-27849

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
---
 kernel.spec | 34 +++++++++++++++++++++++++++++++---
 sources     |  6 +++---
 2 files changed, 34 insertions(+), 6 deletions(-)

diff --git a/kernel.spec b/kernel.spec
index 375a1279b..c81c7c5f9 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -12,7 +12,7 @@
 # change below to w4T.xzdio):
 %define _binary_payload w3T.xzdio
 
-%global distro_build 545
+%global distro_build 546
 
 # Sign the x86_64 kernel for secure boot authentication
 %ifarch x86_64 aarch64 s390x ppc64le
@@ -38,10 +38,10 @@
 # define buildid .local
 
 %define specversion 4.18.0
-%define pkgrelease 545.el8
+%define pkgrelease 546.el8
 
 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 545%{?dist}
+%define specrelease 546%{?dist}
 
 %define pkg_release %{specrelease}%{?buildid}
 
@@ -2695,6 +2695,34 @@ fi
 #
 #
 %changelog
+* Fri Mar 15 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-546.el8]
+- sched/membarrier: reduce the ability to hammer on sys_membarrier (Wander Lairson Costa) [RHEL-23430] {CVE-2024-26602}
+- NFS: Set the stable writes flag when initialising the super block (Benjamin Coddington) [RHEL-25266]
+- smb: client: fix OOB in receive_encrypted_standard() (Scott Mayhew) [RHEL-21685] {CVE-2024-0565}
+- scsi: core: Move scsi_host_busy() out of host lock if it is for per-command (Ming Lei) [RHEL-23942]
+- scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler (Ming Lei) [RHEL-23942]
+- gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump (Andrew Price) [RHEL-26501] {CVE-2023-52448}
+- smb: client: fix parsing of SMB3.1.1 POSIX create context (Paulo Alcantara) [RHEL-26241] {CVE-2023-52434}
+- smb: client: fix potential OOBs in smb2_parse_contexts() (Paulo Alcantara) [RHEL-26241] {CVE-2023-52434}
+- smb3: Replace smb2pdu 1-element arrays with flex-arrays (Jay Shin) [RHEL-22143]
+- cifs: Replace remaining 1-element arrays (Jay Shin) [RHEL-22143]
+- cifs: Convert struct fealist away from 1-element array (Jay Shin) [RHEL-22143]
+- cifs: remove unneeded 2bytes of padding from smb2 tree connect (Jay Shin) [RHEL-22143]
+- cifs: Replace zero-length arrays with flexible-array members (Jay Shin) [RHEL-22143]
+- cifs: Replace a couple of one-element arrays with flexible-array members (Jay Shin) [RHEL-22143]
+- cifs: fix FILE_BOTH_DIRECTORY_INFO definition (Jay Shin) [RHEL-22143]
+- nfsd: use locks_inode_context helper (Jeffrey Layton) [RHEL-27441]
+- nfs: use locks_inode_context helper (Jeffrey Layton) [RHEL-27441]
+- lockd: use locks_inode_context helper (Jeffrey Layton) [RHEL-27441]
+- cifs: use locks_inode_context helper (Jeffrey Layton) [RHEL-27441]
+- ceph: use locks_inode_context helper (Jeffrey Layton) [RHEL-27441]
+- filelock: add a new locks_inode_context accessor function (Jeffrey Layton) [RHEL-27441]
+- dm-integrity, dm-verity: reduce stack usage for recheck (Benjamin Marzinski) [RHEL-27849]
+- dm-crypt: recheck the integrity tag after a failure (Benjamin Marzinski) [RHEL-27849]
+- dm-crypt: don't modify the data when using authenticated encryption (Benjamin Marzinski) [RHEL-27849]
+- dm-verity: recheck the hash after a failure (Benjamin Marzinski) [RHEL-27849]
+- dm-integrity: recheck the integrity tag after a failure (Benjamin Marzinski) [RHEL-27849]
+
 * Wed Mar 13 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-545.el8]
 - tracing/timerlat: Move hrtimer_init to timerlat_fd open() (John Kacur) [RHEL-26667]
 - tracing/perf: Fix double put of trace event when init fails (Michael Petlan) [RHEL-19537]
diff --git a/sources b/sources
index 1b398042e..a57cd066e 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (linux-4.18.0-545.el8.tar.xz) = 98e9fcbfd2b44698480abfa7c4b10ca36587d2d87821e3f10d4e92020a13187d5eee20f98cd3c87f8544bea37657120fb49ed7833149df11a1c777adda29f5a2
-SHA512 (kernel-abi-stablelists-4.18.0-545.tar.bz2) = d0401146ab922cbedd382466bd2cf76c3f79ccad40da52fce3f221ddbc2ee60b9feb77cae736052c6a42f01a8cbcd0e8e24649e6db6b9f388c5144444a539dc2
-SHA512 (kernel-kabi-dw-4.18.0-545.tar.bz2) = 8a671ed3c9b7f4b25fd4e594b62bc4a26474cb705d3ed22ca376618b3c7962fc72ace1ffd02c9c3a192d9d2c449d38228809542d7f16ebad16f8127020eb2faf
+SHA512 (linux-4.18.0-546.el8.tar.xz) = daf23207d7c56eccb76042c60556cf652be4bec03ead6431013c9005f294cb1b35a7f2771919bf37bfe5c9f7653dbe3d94a6620522c249addb52484f9ddd2d9b
+SHA512 (kernel-abi-stablelists-4.18.0-546.tar.bz2) = e0a6354579eb9f9da870ce2b42da531f1d40531afd8c9ebc12b38ab254de9aee417cf31fc0afe0f489f01552a9192ed59e0ddfe90b4c15d6c442d2493c7e161f
+SHA512 (kernel-kabi-dw-4.18.0-546.tar.bz2) = 8a671ed3c9b7f4b25fd4e594b62bc4a26474cb705d3ed22ca376618b3c7962fc72ace1ffd02c9c3a192d9d2c449d38228809542d7f16ebad16f8127020eb2faf