diff --git a/.gitignore b/.gitignore index 9ed736210..d3b0e1da6 100644 --- a/.gitignore +++ b/.gitignore @@ -1,6 +1,6 @@ -SOURCES/kernel-abi-stablelists-5.14.0-427.26.1.el9_4.tar.bz2 -SOURCES/kernel-kabi-dw-5.14.0-427.26.1.el9_4.tar.bz2 -SOURCES/linux-5.14.0-427.26.1.el9_4.tar.xz +SOURCES/kernel-abi-stablelists-5.14.0-427.28.1.el9_4.tar.bz2 +SOURCES/kernel-kabi-dw-5.14.0-427.28.1.el9_4.tar.bz2 +SOURCES/linux-5.14.0-427.28.1.el9_4.tar.xz SOURCES/nvidiagpuoot001.x509 SOURCES/rheldup3.x509 SOURCES/rhelima.x509 diff --git a/.kernel.metadata b/.kernel.metadata index e13a31308..ab1ee7f15 100644 --- a/.kernel.metadata +++ b/.kernel.metadata @@ -1,4 +1,4 @@ -5868e5bb4568dcdb6bdd26ec2fd39dee695e70ee SOURCES/kernel-abi-stablelists-5.14.0-427.26.1.el9_4.tar.bz2 -f6472b30897edf427e816e9ae8667dd2df1d8b19 SOURCES/kernel-kabi-dw-5.14.0-427.26.1.el9_4.tar.bz2 -a5f69b63040d9916e509120fe05b482e7495973d SOURCES/linux-5.14.0-427.26.1.el9_4.tar.xz +54ba02b74b5371523724848a36e8237b47ec3e24 SOURCES/kernel-abi-stablelists-5.14.0-427.28.1.el9_4.tar.bz2 +807a4b9e9b87d4493e814e6542152ec5b2485109 SOURCES/kernel-kabi-dw-5.14.0-427.28.1.el9_4.tar.bz2 +c1a64b9b71d2ceb6c734da788000220d6c32ea13 SOURCES/linux-5.14.0-427.28.1.el9_4.tar.xz 4fff8080e88afffc06d8ef5004db8d53bb21237f SOURCES/nvidiagpuoot001.x509 diff --git a/SOURCES/Makefile.rhelver b/SOURCES/Makefile.rhelver index fef414422..680cb4576 100644 --- a/SOURCES/Makefile.rhelver +++ b/SOURCES/Makefile.rhelver @@ -12,7 +12,7 @@ RHEL_MINOR = 4 # # Use this spot to avoid future merge conflicts. # Do not trim this comment. -RHEL_RELEASE = 427.26.1 +RHEL_RELEASE = 427.28.1 # # ZSTREAM diff --git a/SOURCES/kernel-x86_64-debug-rhel.config b/SOURCES/kernel-x86_64-debug-rhel.config index 03fa12f1c..01f5b7724 100644 --- a/SOURCES/kernel-x86_64-debug-rhel.config +++ b/SOURCES/kernel-x86_64-debug-rhel.config @@ -4421,6 +4421,7 @@ CONFIG_RANDOMIZE_MEMORY=y CONFIG_RANDOM_TRUST_CPU=y # CONFIG_RAPIDIO is not set # CONFIG_RAS_CEC is not set +CONFIG_RAS_FMPM=m CONFIG_RAS=y CONFIG_RATIONAL_KUNIT_TEST=m # CONFIG_RBTREE_TEST is not set diff --git a/SOURCES/kernel-x86_64-rhel.config b/SOURCES/kernel-x86_64-rhel.config index 2f991a9f4..05fef023a 100644 --- a/SOURCES/kernel-x86_64-rhel.config +++ b/SOURCES/kernel-x86_64-rhel.config @@ -4400,6 +4400,7 @@ CONFIG_RANDOMIZE_MEMORY=y CONFIG_RANDOM_TRUST_CPU=y # CONFIG_RAPIDIO is not set # CONFIG_RAS_CEC is not set +CONFIG_RAS_FMPM=m CONFIG_RAS=y CONFIG_RATIONAL_KUNIT_TEST=m # CONFIG_RBTREE_TEST is not set diff --git a/SOURCES/kernel-x86_64-rt-debug-rhel.config b/SOURCES/kernel-x86_64-rt-debug-rhel.config index dd48ff537..6ede5ca62 100644 --- a/SOURCES/kernel-x86_64-rt-debug-rhel.config +++ b/SOURCES/kernel-x86_64-rt-debug-rhel.config @@ -4507,6 +4507,7 @@ CONFIG_RANDOMIZE_MEMORY=y CONFIG_RANDOM_TRUST_CPU=y # CONFIG_RAPIDIO is not set # CONFIG_RAS_CEC is not set +CONFIG_RAS_FMPM=m CONFIG_RAS=y CONFIG_RATIONAL_KUNIT_TEST=m # CONFIG_RBTREE_TEST is not set diff --git a/SOURCES/kernel-x86_64-rt-rhel.config b/SOURCES/kernel-x86_64-rt-rhel.config index 0a285b2fa..903946c8e 100644 --- a/SOURCES/kernel-x86_64-rt-rhel.config +++ b/SOURCES/kernel-x86_64-rt-rhel.config @@ -4486,6 +4486,7 @@ CONFIG_RANDOMIZE_MEMORY=y CONFIG_RANDOM_TRUST_CPU=y # CONFIG_RAPIDIO is not set # CONFIG_RAS_CEC is not set +CONFIG_RAS_FMPM=m CONFIG_RAS=y CONFIG_RATIONAL_KUNIT_TEST=m # CONFIG_RBTREE_TEST is not set diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec index 7160d3f79..a8a3d94ef 100644 --- a/SPECS/kernel.spec +++ b/SPECS/kernel.spec @@ -165,15 +165,15 @@ Summary: The Linux kernel # define buildid .local %define specversion 5.14.0 %define patchversion 5.14 -%define pkgrelease 427.26.1 +%define pkgrelease 427.28.1 %define kversion 5 -%define tarfile_release 5.14.0-427.26.1.el9_4 +%define tarfile_release 5.14.0-427.28.1.el9_4 # This is needed to do merge window version magic %define patchlevel 14 # This allows pkg_release to have configurable %%{?dist} tag -%define specrelease 427.26.1%{?buildid}%{?dist} +%define specrelease 427.28.1%{?buildid}%{?dist} # This defines the kabi tarball version -%define kabiversion 5.14.0-427.26.1.el9_4 +%define kabiversion 5.14.0-427.28.1.el9_4 # # End of genspec.sh variables @@ -3736,6 +3736,76 @@ fi # # %changelog +* Fri Jul 19 2024 Scott Weaver [5.14.0-427.28.1.el9_4] +- mlxbf_gige: call request_irq() after NAPI initialized (Kamal Heib) [RHEL-43012 RHEL-37179] {CVE-2024-35907} +- mlxbf_gige: stop PHY during open() error paths (Kamal Heib) [RHEL-43012 RHEL-37179] {CVE-2024-35907} +- mlxbf_gige: stop interface during shutdown (Kamal Heib) [RHEL-41708 RHEL-37244] {CVE-2024-35885} +- net: amd-xgbe: Fix skb data length underflow (Ken Cox) [RHEL-43796 RHEL-43794] {CVE-2022-48743} +- nfp: flower: handle acti_netdevs allocation failure (Ken Cox) [RHEL-42852 RHEL-35158] {CVE-2024-27046} +- block: add check that partition length needs to be aligned with block size (Ming Lei) [RHEL-45501 RHEL-26616] {CVE-2023-52458} +- nfsd: hold a lighter-weight client reference over CB_RECALL_ANY (Benjamin Coddington) [RHEL-45517 RHEL-31513] +- NFSD: CREATE_SESSION must never cache NFS4ERR_DELAY replies (Benjamin Coddington) [RHEL-45517 RHEL-31513] +- NFSD: Document the phases of CREATE_SESSION (Benjamin Coddington) [RHEL-45517 RHEL-31513] +- NFSD: Fix the NFSv4.1 CREATE_SESSION operation (Benjamin Coddington) [RHEL-45517 RHEL-31513] +- icmp: prevent possible NULL dereferences from icmp_build_probe() (Antoine Tenart) [RHEL-42974 RHEL-37002] {CVE-2024-35857} +- NFSv4.1: fix handling NFS4ERR_DELAY when testing for session trunking (Scott Mayhew) [RHEL-45360 RHEL-24133] +- RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (Aristeu Rozanski) [RHEL-46335 RHEL-38634] +- RAS/AMD/ATL: Fix MI300 bank hash (Aristeu Rozanski) [RHEL-46335 RHEL-38634] +- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (Hangbin Liu) [RHEL-42689 RHEL-33271] {CVE-2024-26852} +- epoll: be better about file lifetimes (Pavel Reichl) [RHEL-44091 RHEL-44083] {CVE-2024-38580} +- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (Dick Kennedy) [RHEL-40659 RHEL-40665 RHEL-24508 RHEL-39793] {CVE-2024-36924} +- scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (Dick Kennedy) [RHEL-40659 RHEL-40669 RHEL-24508 RHEL-39887] {CVE-2024-36952} +- bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel (Viktor Malik) [RHEL-42640 RHEL-31726] {CVE-2024-26737} +- can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (Ken Cox) [RHEL-41489 RHEL-38415] {CVE-2021-47459} +- wifi: ath11k: restore country code during resume (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349] +- wifi: ath11k: refactor setting country code logic (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349] +- bus: mhi: host: Add mhi_power_down_keep_dev() API to support system suspend/hibernation (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349] +- net: qrtr: support suspend/hibernation (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349] +- wifi: ath11k: support hibernation (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349] +- wifi: ath11k: thermal: don't try to register multiple times (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349] +- wifi: ath11k: fix warning on DMA ring capabilities event (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349] +- wifi: ath11k: do not dump SRNG statistics during resume (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349] +- wifi: ath11k: remove MHI LOOPBACK channels (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349] +- wifi: ath11k: rearrange IRQ enable/disable in reset path (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349] + +* Mon Jul 15 2024 Scott Weaver [5.14.0-427.27.1.el9_4] +- drm/ast: Fix soft lockup (CKI Backport Bot) [RHEL-45716] +- dm: call the resume method on internal suspend (Benjamin Marzinski) [RHEL-41838 RHEL-33217] {CVE-2024-26880} +- KVM: arm64: Do not re-initialize the KVM lock (Sebastian Ott) [RHEL-37528 RHEL-36279] +- KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (Sebastian Ott) [RHEL-37528 RHEL-36279] +- KVM: arm64: Fix host-programmed guest events in nVHE (Sebastian Ott) [RHEL-37528 RHEL-36279] +- KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (Sebastian Ott) [RHEL-37528 RHEL-36279] +- KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (Sebastian Ott) [RHEL-37528 RHEL-36279] +- KVM: arm64: Fix double-free following kvm_pgtable_stage2_free_unlinked() (Sebastian Ott) [RHEL-37528 RHEL-36279] +- octeontx2-af: Use separate handlers for interrupts (Kamal Heib) [RHEL-42846 RHEL-35170] {CVE-2024-27030} +- Squashfs: check the inode number is not the invalid value of zero (Abhi Das) [RHEL-42811 RHEL-35098] {CVE-2024-26982} +- net: fix sk_memory_allocated_{add|sub} vs softirqs (Paolo Abeni) [RHEL-36773 RHEL-34070] +- tcp: sk_forced_mem_schedule() optimization (Paolo Abeni) [RHEL-36773 RHEL-34070] +- net: make SK_MEMORY_PCPU_RESERV tunable (Paolo Abeni) [RHEL-36773 RHEL-34070] +- ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (Pavel Reichl) [RHEL-42655 RHEL-31690] {CVE-2024-26773} +- scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (John Meneghini) [RHEL-42528 RHEL-38200] {CVE-2023-52809} +- KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing (Maxim Levitsky) [RHEL-43388] +- s390/cpum_cf: make crypto counters upward compatible across machine types (Tobias Huschle) [RHEL-40398 RHEL-36047] +- RAS: enable CONFIG_RAS_FMPM (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- RAS/AMD/FMPM: Safely handle saved records of various sizes (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- Merge tag 'edac_updates_for_v6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/ras/ras (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- RAS/AMD/FMPM: Fix off by one when unwinding on error (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- RAS/AMD/FMPM: Add debugfs interface to print record entries (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- RAS/AMD/FMPM: Save SPA values (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- RAS: Export helper to get ras_debugfs_dir (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- RAS/AMD/ATL: Fix bit overflow in denorm_addr_df4_np2() (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- RAS: Introduce a FRU memory poison manager (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- x86/cpu/amd: Provide a separate accessor for Node ID (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- RAS/AMD/ATL: Add MI300 row retirement support (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- Documentation: Move RAS section to admin-guide (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- RAS/AMD/ATL: Add MI300 DRAM to normalized address translation support (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- RAS/AMD/ATL: Fix array overflow in get_logical_coh_st_fabric_id_mi300() (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- RAS/AMD/ATL: Add MI300 support (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- Documentation: RAS: Add index and address translation section (Aristeu Rozanski) [RHEL-36212 RHEL-17008] +- cpu/SMT: Make SMT control more robust against enumeration failures (Aristeu Rozanski) [RHEL-36212 RHEL-17008] + * Fri Jul 05 2024 Scott Weaver [5.14.0-427.26.1.el9_4] - net: ena: Fix incorrect descriptor free behavior (Kamal Heib) [RHEL-39217 RHEL-37430] {CVE-2024-35958} - tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (Guillaume Nault) [RHEL-41749 RHEL-39837] {CVE-2024-36904}