kernel-5.14.0-97.el9
* Mon May 23 2022 Patrick Talbert <ptalbert@redhat.com> [5.14.0-97.el9] - tcp: drop the hash_32() part from the index calculation (Guillaume Nault) [2064868] {CVE-2022-1012} - tcp: increase source port perturb table to 2^16 (Guillaume Nault) [2064868] {CVE-2022-1012} - tcp: dynamically allocate the perturb table used by source ports (Guillaume Nault) [2064868] {CVE-2022-1012} - tcp: add small random increments to the source port (Guillaume Nault) [2064868] {CVE-2022-1012} - tcp: resalt the secret every 10 seconds (Guillaume Nault) [2064868] {CVE-2022-1012} - tcp: use different parts of the port_offset for index and offset (Guillaume Nault) [2064868] {CVE-2022-1012} - secure_seq: use the 64 bits of the siphash for port offset calculation (Guillaume Nault) [2064868] {CVE-2022-1012} - esp: limit skb_page_frag_refill use to a single page (Sabrina Dubroca) [2082951] {CVE-2022-27666} - esp: Fix possible buffer overflow in ESP transformation (Sabrina Dubroca) [2082951] {CVE-2022-27666} - cifs: truncate the inode and mapping when we simulate fcollapse (Ronnie Sahlberg) [1997367] - bpf: Fix renaming task_getsecid_subj->current_getsecid_subj. (Ondrej Mosnacek) [2083580] - selinux: use correct type for context length (Ondrej Mosnacek) [2083580] - selinux: drop return statement at end of void functions (Ondrej Mosnacek) [2083580] - selinux: parse contexts for mount options early (Ondrej Mosnacek) [2083580] - selinux: various sparse fixes (Ondrej Mosnacek) [2083580] - selinux: try to use preparsed sid before calling parse_sid() (Ondrej Mosnacek) [2083580] - selinux: Fix selinux_sb_mnt_opts_compat() (Ondrej Mosnacek) [2083580] - LSM: general protection fault in legacy_parse_param (Ondrej Mosnacek) [2083580] - selinux: fix a type cast problem in cred_init_security() (Ondrej Mosnacek) [2083580] - selinux: drop unused macro (Ondrej Mosnacek) [2083580] - selinux: simplify cred_init_security (Ondrej Mosnacek) [2083580] - selinux: do not discard const qualifier in cast (Ondrej Mosnacek) [2083580] - selinux: drop unused parameter of avtab_insert_node (Ondrej Mosnacek) [2083580] - selinux: drop cast to same type (Ondrej Mosnacek) [2083580] - selinux: enclose macro arguments in parenthesis (Ondrej Mosnacek) [2083580] - selinux: declare name parameter of hash_eval const (Ondrej Mosnacek) [2083580] - selinux: declare path parameters of _genfs_sid const (Ondrej Mosnacek) [2083580] - selinux: check return value of sel_make_avc_files (Ondrej Mosnacek) [2083580] - selinux: access superblock_security_struct in LSM blob way (Ondrej Mosnacek) [2083580] - selinux: fix misuse of mutex_is_locked() (Ondrej Mosnacek) [2050966 2083580] - selinux: minor tweaks to selinux_add_opt() (Ondrej Mosnacek) [2083580] - selinux: fix potential memleak in selinux_add_opt() (Ondrej Mosnacek) [2083580] - security,selinux: remove security_add_mnt_opt() (Ondrej Mosnacek) [2083580] - selinux: Use struct_size() helper in kmalloc() (Ondrej Mosnacek) [2083580] - lsm: security_task_getsecid_subj() -> security_current_getsecid_subj() (Ondrej Mosnacek) [2083580] - selinux: initialize proto variable in selinux_ip_postroute_compat() (Ondrej Mosnacek) [2083580] - selinux: fix sleeping function called from invalid context (Ondrej Mosnacek) [2083580] - selinux: fix a sock regression in selinux_ip_postroute_compat() (Ondrej Mosnacek) [2083580] - LSM: Avoid warnings about potentially unused hook variables (Ondrej Mosnacek) [2083580] - selinux: fix all of the W=1 build warnings (Ondrej Mosnacek) [2083580] - selinux: make better use of the nf_hook_state passed to the NF hooks (Ondrej Mosnacek) [2083580] - selinux: fix race condition when computing ocontext SIDs (Ondrej Mosnacek) [2083580] - selinux: remove unneeded ipv6 hook wrappers (Ondrej Mosnacek) [2083580] - security: remove unneeded subdir-$(CONFIG_...) (Ondrej Mosnacek) [2083580] - selinux: return early for possible NULL audit buffers (Ondrej Mosnacek) [2083580] - quota: make dquot_quota_sync return errors from ->sync_fs (Lukas Czerner) [2083053] - redhat: Enable VM kselftests (Nico Pache) [2081818] - selftests/vm: Makefile: s/TARGETS/VMTARGETS/g (Joel Savitz) [2081818] - redhat: Enable HMM test to be used by the kselftest test suite (Nico Pache) [2081818] - redhat: enable CONFIG_TEST_VMALLOC for vm selftests (Nico Pache) [2081818] - net: bridge: switchdev: check br_vlan_group() return value (Ivan Vecera) [2081601] - net: bridge: mst: Restrict info size queries to bridge ports (Ivan Vecera) [2081601] - net: bridge: mst: prevent NULL deref in br_mst_info_size() (Ivan Vecera) [2081601] - selftests: forwarding: Use same VRF for port and VLAN upper (Ivan Vecera) [2081601] - selftests: forwarding: Disable learning before link up (Ivan Vecera) [2081601] - net: bridge: mst: Add helper to query a port's MST state (Ivan Vecera) [2081601] - net: bridge: mst: Add helper to check if MST is enabled (Ivan Vecera) [2081601] - net: bridge: mst: Add helper to map an MSTI to a VID set (Ivan Vecera) [2081601] - net: bridge: mst: Notify switchdev drivers of MST state changes (Ivan Vecera) [2081601] - net: bridge: mst: Notify switchdev drivers of VLAN MSTI migrations (Ivan Vecera) [2081601] - net: bridge: mst: Notify switchdev drivers of MST mode changes (Ivan Vecera) [2081601] - net: bridge: mst: Support setting and reporting MST port states (Ivan Vecera) [2081601] - net: bridge: mst: Allow changing a VLAN's MSTI (Ivan Vecera) [2081601] - net: bridge: mst: Multiple Spanning Tree (MST) mode (Ivan Vecera) [2081601] - net: switchdev: remove lag_mod_cb from switchdev_handle_fdb_event_to_device (Ivan Vecera) [2081601] - selftests: forwarding: tests of locked port feature (Ivan Vecera) [2081601] - net: bridge: Add support for offloading of locked port flag (Ivan Vecera) [2081601] - net: bridge: Add support for bridge port in locked mode (Ivan Vecera) [2081601] - net: switchdev: avoid infinite recursion from LAG to bridge with port object handler (Ivan Vecera) [2081601] - bridge: switch br_net_exit to batch mode (Ivan Vecera) [2081601] - net: bridge: multicast: notify switchdev driver whenever MC processing gets disabled (Ivan Vecera) [2081601] - net: switchdev: introduce switchdev_handle_port_obj_{add,del} for foreign interfaces (Ivan Vecera) [2081601] - net: switchdev: rename switchdev_lower_dev_find to switchdev_lower_dev_find_rcu (Ivan Vecera) [2081601] - net: bridge: switchdev: replay all VLAN groups (Ivan Vecera) [2081601] - net: bridge: make nbp_switchdev_unsync_objs() follow reverse order of sync() (Ivan Vecera) [2081601] - net: bridge: switchdev: differentiate new VLANs from changed ones (Ivan Vecera) [2081601] - net: bridge: vlan: notify switchdev only when something changed (Ivan Vecera) [2081601] - net: bridge: vlan: make __vlan_add_flags react only to PVID and UNTAGGED (Ivan Vecera) [2081601] - net: bridge: vlan: don't notify to switchdev master VLANs without BRENTRY flag (Ivan Vecera) [2081601] - net: bridge: vlan: check early for lack of BRENTRY flag in br_vlan_add_existing (Ivan Vecera) [2081601] - net: bridge: vlan: check for errors from __vlan_del in __vlan_flush (Ivan Vecera) [2081601] - net/switchdev: use struct_size over open coded arithmetic (Ivan Vecera) [2081601] - net: bridge: vlan: fix memory leak in __allowed_ingress (Ivan Vecera) [2081601] - net: bridge: vlan: fix single net device option dumping (Ivan Vecera) [2081601] - net: bridge: Get SIOCGIFBR/SIOCSIFBR ioctl working in compat mode (Ivan Vecera) [2081601] - bridge: use __set_bit in __br_vlan_set_default_pvid (Ivan Vecera) [2081601] - net: bridge: Allow base 16 inputs in sysfs (Ivan Vecera) [2081601] - net/bridge: replace simple_strtoul to kstrtol (Ivan Vecera) [2081601] - net: bridge: Slightly optimize 'find_portno()' (Ivan Vecera) [2081601] - net: bridge: switchdev: fix shim definition for br_switchdev_mdb_notify (Ivan Vecera) [2081601] - net: bridge: switchdev: consistent function naming (Ivan Vecera) [2081601] - net: bridge: mdb: move all switchdev logic to br_switchdev.c (Ivan Vecera) [2081601] - net: bridge: split out the switchdev portion of br_mdb_notify (Ivan Vecera) [2081601] - net: bridge: move br_vlan_replay to br_switchdev.c (Ivan Vecera) [2081601] - net: bridge: provide shim definition for br_vlan_flags (Ivan Vecera) [2081601] - net: switchdev: merge switchdev_handle_fdb_{add,del}_to_device (Ivan Vecera) [2081601] - net: bridge: create a common function for populating switchdev FDB entries (Ivan Vecera) [2081601] - net: bridge: move br_fdb_replay inside br_switchdev.c (Ivan Vecera) [2081601] - net: bridge: reduce indentation level in fdb_create (Ivan Vecera) [2081601] - net: bridge: rename br_fdb_insert to br_fdb_add_local (Ivan Vecera) [2081601] - net: bridge: rename fdb_insert to fdb_add_local (Ivan Vecera) [2081601] - net: bridge: remove fdb_insert forward declaration (Ivan Vecera) [2081601] - net: bridge: remove fdb_notify forward declaration (Ivan Vecera) [2081601] - scsi: ses: Fix unsigned comparison with less than zero (Tomas Henzl) [2065658] - scsi: ses: Retry failed Send/Receive Diagnostic commands (Tomas Henzl) [2065658] - redhat/configs: enable GUP_TEST in debug kernel (Joel Savitz) [2079631] Resolves: rhbz#2064868, rhbz#2082951, rhbz#1997367, rhbz#2083580, rhbz#2050966, rhbz#2083053, rhbz#2081818, rhbz#2081601, rhbz#2065658, rhbz#2079631 Signed-off-by: Patrick Talbert <ptalbert@redhat.com>
This commit is contained in:
parent
a39685e063
commit
29dd6805c8
@ -12,7 +12,7 @@ RHEL_MINOR = 1
|
||||
#
|
||||
# Use this spot to avoid future merge conflicts.
|
||||
# Do not trim this comment.
|
||||
RHEL_RELEASE = 96
|
||||
RHEL_RELEASE = 97
|
||||
|
||||
#
|
||||
# ZSTREAM
|
||||
|
@ -1791,7 +1791,7 @@ CONFIG_GPIO_XLP=m
|
||||
# CONFIG_GREENASIA_FF is not set
|
||||
# CONFIG_GREYBUS is not set
|
||||
# CONFIG_GTP is not set
|
||||
# CONFIG_GUP_TEST is not set
|
||||
CONFIG_GUP_TEST=y
|
||||
CONFIG_GVE=m
|
||||
# CONFIG_HABANA_AI is not set
|
||||
# CONFIG_HAMRADIO is not set
|
||||
@ -5672,7 +5672,7 @@ CONFIG_TEST_FPU=m
|
||||
# CONFIG_TEST_FREE_PAGES is not set
|
||||
# CONFIG_TEST_HASH is not set
|
||||
# CONFIG_TEST_HEXDUMP is not set
|
||||
# CONFIG_TEST_HMM is not set
|
||||
CONFIG_TEST_HMM=m
|
||||
# CONFIG_TEST_IDA is not set
|
||||
# CONFIG_TEST_KMOD is not set
|
||||
CONFIG_TEST_KSTRTOX=y
|
||||
@ -5699,7 +5699,7 @@ CONFIG_TEST_STRING_HELPERS=m
|
||||
# CONFIG_TEST_UDELAY is not set
|
||||
# CONFIG_TEST_USER_COPY is not set
|
||||
# CONFIG_TEST_UUID is not set
|
||||
# CONFIG_TEST_VMALLOC is not set
|
||||
CONFIG_TEST_VMALLOC=m
|
||||
# CONFIG_TEST_XARRAY is not set
|
||||
# CONFIG_THERMAL_DEFAULT_GOV_FAIR_SHARE is not set
|
||||
CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE=y
|
||||
|
@ -5648,7 +5648,7 @@ CONFIG_TEST_BPF=m
|
||||
# CONFIG_TEST_FREE_PAGES is not set
|
||||
# CONFIG_TEST_HASH is not set
|
||||
# CONFIG_TEST_HEXDUMP is not set
|
||||
# CONFIG_TEST_HMM is not set
|
||||
CONFIG_TEST_HMM=m
|
||||
# CONFIG_TEST_IDA is not set
|
||||
# CONFIG_TEST_KMOD is not set
|
||||
CONFIG_TEST_KSTRTOX=y
|
||||
@ -5675,7 +5675,7 @@ CONFIG_TEST_LIST_SORT=m
|
||||
# CONFIG_TEST_UDELAY is not set
|
||||
# CONFIG_TEST_USER_COPY is not set
|
||||
# CONFIG_TEST_UUID is not set
|
||||
# CONFIG_TEST_VMALLOC is not set
|
||||
CONFIG_TEST_VMALLOC=m
|
||||
# CONFIG_TEST_XARRAY is not set
|
||||
# CONFIG_THERMAL_DEFAULT_GOV_FAIR_SHARE is not set
|
||||
CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE=y
|
||||
|
@ -1575,7 +1575,7 @@ CONFIG_GPIO_PCF857X=m
|
||||
# CONFIG_GREENASIA_FF is not set
|
||||
# CONFIG_GREYBUS is not set
|
||||
# CONFIG_GTP is not set
|
||||
# CONFIG_GUP_TEST is not set
|
||||
CONFIG_GUP_TEST=y
|
||||
CONFIG_GVE=m
|
||||
# CONFIG_HABANA_AI is not set
|
||||
# CONFIG_HAMRADIO is not set
|
||||
@ -5254,7 +5254,7 @@ CONFIG_TEST_FPU=m
|
||||
# CONFIG_TEST_FREE_PAGES is not set
|
||||
# CONFIG_TEST_HASH is not set
|
||||
# CONFIG_TEST_HEXDUMP is not set
|
||||
# CONFIG_TEST_HMM is not set
|
||||
CONFIG_TEST_HMM=m
|
||||
# CONFIG_TEST_IDA is not set
|
||||
# CONFIG_TEST_KMOD is not set
|
||||
CONFIG_TEST_KSTRTOX=y
|
||||
@ -5281,7 +5281,7 @@ CONFIG_TEST_STRING_HELPERS=m
|
||||
# CONFIG_TEST_UDELAY is not set
|
||||
# CONFIG_TEST_USER_COPY is not set
|
||||
# CONFIG_TEST_UUID is not set
|
||||
# CONFIG_TEST_VMALLOC is not set
|
||||
CONFIG_TEST_VMALLOC=m
|
||||
# CONFIG_TEST_XARRAY is not set
|
||||
# CONFIG_THERMAL_DEFAULT_GOV_FAIR_SHARE is not set
|
||||
CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE=y
|
||||
|
@ -5232,7 +5232,7 @@ CONFIG_TEST_BPF=m
|
||||
# CONFIG_TEST_FREE_PAGES is not set
|
||||
# CONFIG_TEST_HASH is not set
|
||||
# CONFIG_TEST_HEXDUMP is not set
|
||||
# CONFIG_TEST_HMM is not set
|
||||
CONFIG_TEST_HMM=m
|
||||
# CONFIG_TEST_IDA is not set
|
||||
# CONFIG_TEST_KMOD is not set
|
||||
CONFIG_TEST_KSTRTOX=y
|
||||
@ -5259,7 +5259,7 @@ CONFIG_TEST_LIVEPATCH=m
|
||||
# CONFIG_TEST_UDELAY is not set
|
||||
# CONFIG_TEST_USER_COPY is not set
|
||||
# CONFIG_TEST_UUID is not set
|
||||
# CONFIG_TEST_VMALLOC is not set
|
||||
CONFIG_TEST_VMALLOC=m
|
||||
# CONFIG_TEST_XARRAY is not set
|
||||
# CONFIG_THERMAL_DEFAULT_GOV_FAIR_SHARE is not set
|
||||
CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE=y
|
||||
|
@ -1574,7 +1574,7 @@ CONFIG_GPIO_MLXBF2=m
|
||||
# CONFIG_GREENASIA_FF is not set
|
||||
# CONFIG_GREYBUS is not set
|
||||
# CONFIG_GTP is not set
|
||||
# CONFIG_GUP_TEST is not set
|
||||
CONFIG_GUP_TEST=y
|
||||
CONFIG_GVE=m
|
||||
# CONFIG_HABANA_AI is not set
|
||||
# CONFIG_HAMRADIO is not set
|
||||
@ -5203,7 +5203,7 @@ CONFIG_TEST_FPU=m
|
||||
# CONFIG_TEST_FREE_PAGES is not set
|
||||
# CONFIG_TEST_HASH is not set
|
||||
# CONFIG_TEST_HEXDUMP is not set
|
||||
# CONFIG_TEST_HMM is not set
|
||||
CONFIG_TEST_HMM=m
|
||||
# CONFIG_TEST_IDA is not set
|
||||
# CONFIG_TEST_KMOD is not set
|
||||
CONFIG_TEST_KSTRTOX=y
|
||||
@ -5230,7 +5230,7 @@ CONFIG_TEST_STRING_HELPERS=m
|
||||
# CONFIG_TEST_UDELAY is not set
|
||||
# CONFIG_TEST_USER_COPY is not set
|
||||
# CONFIG_TEST_UUID is not set
|
||||
# CONFIG_TEST_VMALLOC is not set
|
||||
CONFIG_TEST_VMALLOC=m
|
||||
# CONFIG_TEST_XARRAY is not set
|
||||
# CONFIG_THERMAL_DEFAULT_GOV_FAIR_SHARE is not set
|
||||
# CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE is not set
|
||||
|
@ -5181,7 +5181,7 @@ CONFIG_TEST_BPF=m
|
||||
# CONFIG_TEST_FREE_PAGES is not set
|
||||
# CONFIG_TEST_HASH is not set
|
||||
# CONFIG_TEST_HEXDUMP is not set
|
||||
# CONFIG_TEST_HMM is not set
|
||||
CONFIG_TEST_HMM=m
|
||||
# CONFIG_TEST_IDA is not set
|
||||
# CONFIG_TEST_KMOD is not set
|
||||
CONFIG_TEST_KSTRTOX=y
|
||||
@ -5208,7 +5208,7 @@ CONFIG_TEST_LIST_SORT=m
|
||||
# CONFIG_TEST_UDELAY is not set
|
||||
# CONFIG_TEST_USER_COPY is not set
|
||||
# CONFIG_TEST_UUID is not set
|
||||
# CONFIG_TEST_VMALLOC is not set
|
||||
CONFIG_TEST_VMALLOC=m
|
||||
# CONFIG_TEST_XARRAY is not set
|
||||
# CONFIG_THERMAL_DEFAULT_GOV_FAIR_SHARE is not set
|
||||
# CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE is not set
|
||||
|
@ -5207,7 +5207,7 @@ CONFIG_TEST_BPF=m
|
||||
# CONFIG_TEST_FREE_PAGES is not set
|
||||
# CONFIG_TEST_HASH is not set
|
||||
# CONFIG_TEST_HEXDUMP is not set
|
||||
# CONFIG_TEST_HMM is not set
|
||||
CONFIG_TEST_HMM=m
|
||||
# CONFIG_TEST_IDA is not set
|
||||
# CONFIG_TEST_KMOD is not set
|
||||
CONFIG_TEST_KSTRTOX=y
|
||||
@ -5234,7 +5234,7 @@ CONFIG_TEST_LIST_SORT=m
|
||||
# CONFIG_TEST_UDELAY is not set
|
||||
# CONFIG_TEST_USER_COPY is not set
|
||||
# CONFIG_TEST_UUID is not set
|
||||
# CONFIG_TEST_VMALLOC is not set
|
||||
CONFIG_TEST_VMALLOC=m
|
||||
# CONFIG_TEST_XARRAY is not set
|
||||
# CONFIG_THERMAL_DEFAULT_GOV_FAIR_SHARE is not set
|
||||
# CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE is not set
|
||||
|
@ -1683,7 +1683,7 @@ CONFIG_GPIO_MLXBF2=m
|
||||
# CONFIG_GREENASIA_FF is not set
|
||||
# CONFIG_GREYBUS is not set
|
||||
# CONFIG_GTP is not set
|
||||
# CONFIG_GUP_TEST is not set
|
||||
CONFIG_GUP_TEST=y
|
||||
CONFIG_GVE=m
|
||||
# CONFIG_HABANA_AI is not set
|
||||
CONFIG_HALTPOLL_CPUIDLE=y
|
||||
@ -5441,7 +5441,7 @@ CONFIG_TEST_FPU=m
|
||||
# CONFIG_TEST_FREE_PAGES is not set
|
||||
# CONFIG_TEST_HASH is not set
|
||||
# CONFIG_TEST_HEXDUMP is not set
|
||||
# CONFIG_TEST_HMM is not set
|
||||
CONFIG_TEST_HMM=m
|
||||
# CONFIG_TEST_IDA is not set
|
||||
# CONFIG_TEST_KMOD is not set
|
||||
CONFIG_TEST_KSTRTOX=y
|
||||
@ -5468,7 +5468,7 @@ CONFIG_TEST_STRING_HELPERS=m
|
||||
# CONFIG_TEST_UDELAY is not set
|
||||
# CONFIG_TEST_USER_COPY is not set
|
||||
# CONFIG_TEST_UUID is not set
|
||||
# CONFIG_TEST_VMALLOC is not set
|
||||
CONFIG_TEST_VMALLOC=m
|
||||
# CONFIG_TEST_XARRAY is not set
|
||||
# CONFIG_THERMAL_DEFAULT_GOV_FAIR_SHARE is not set
|
||||
CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE=y
|
||||
|
@ -5418,7 +5418,7 @@ CONFIG_TEST_BPF=m
|
||||
# CONFIG_TEST_FREE_PAGES is not set
|
||||
# CONFIG_TEST_HASH is not set
|
||||
# CONFIG_TEST_HEXDUMP is not set
|
||||
# CONFIG_TEST_HMM is not set
|
||||
CONFIG_TEST_HMM=m
|
||||
# CONFIG_TEST_IDA is not set
|
||||
# CONFIG_TEST_KMOD is not set
|
||||
CONFIG_TEST_KSTRTOX=y
|
||||
@ -5445,7 +5445,7 @@ CONFIG_TEST_LIVEPATCH=m
|
||||
# CONFIG_TEST_UDELAY is not set
|
||||
# CONFIG_TEST_USER_COPY is not set
|
||||
# CONFIG_TEST_UUID is not set
|
||||
# CONFIG_TEST_VMALLOC is not set
|
||||
CONFIG_TEST_VMALLOC=m
|
||||
# CONFIG_TEST_XARRAY is not set
|
||||
# CONFIG_THERMAL_DEFAULT_GOV_FAIR_SHARE is not set
|
||||
CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE=y
|
||||
|
126
kernel.spec
126
kernel.spec
@ -121,13 +121,13 @@ Summary: The Linux kernel
|
||||
%define kversion 5.14
|
||||
|
||||
%define rpmversion 5.14.0
|
||||
%define pkgrelease 96.el9
|
||||
%define pkgrelease 97.el9
|
||||
|
||||
# This is needed to do merge window version magic
|
||||
%define patchlevel 14
|
||||
|
||||
# allow pkg_release to have configurable %%{?dist} tag
|
||||
%define specrelease 96%{?buildid}%{?dist}
|
||||
%define specrelease 97%{?buildid}%{?dist}
|
||||
|
||||
%define pkg_release %{specrelease}
|
||||
|
||||
@ -676,7 +676,7 @@ BuildRequires: lld
|
||||
# exact git commit you can run
|
||||
#
|
||||
# xzcat -qq ${TARBALL} | git get-tar-commit-id
|
||||
Source0: linux-5.14.0-96.el9.tar.xz
|
||||
Source0: linux-5.14.0-97.el9.tar.xz
|
||||
|
||||
Source1: Makefile.rhelver
|
||||
|
||||
@ -1346,8 +1346,8 @@ ApplyOptionalPatch()
|
||||
fi
|
||||
}
|
||||
|
||||
%setup -q -n kernel-5.14.0-96.el9 -c
|
||||
mv linux-5.14.0-96.el9 linux-%{KVERREL}
|
||||
%setup -q -n kernel-5.14.0-97.el9 -c
|
||||
mv linux-5.14.0-97.el9 linux-%{KVERREL}
|
||||
|
||||
cd linux-%{KVERREL}
|
||||
cp -a %{SOURCE1} .
|
||||
@ -2248,7 +2248,7 @@ export BPFTOOL=$(pwd)/tools/bpf/bpftool/bpftool
|
||||
pushd tools/testing/selftests
|
||||
# We need to install here because we need to call make with ARCH set which
|
||||
# doesn't seem possible to do in the install section.
|
||||
%{make} %{?_smp_mflags} ARCH=$Arch V=1 TARGETS="bpf livepatch net net/forwarding net/mptcp netfilter tc-testing memfd" SKIP_TARGETS="" FORCE_TARGETS=1 INSTALL_PATH=%{buildroot}%{_libexecdir}/kselftests VMLINUX_H="${RPM_VMLINUX_H}" install
|
||||
%{make} %{?_smp_mflags} ARCH=$Arch V=1 TARGETS="bpf livepatch vm net net/forwarding net/mptcp netfilter tc-testing memfd" SKIP_TARGETS="" FORCE_TARGETS=1 INSTALL_PATH=%{buildroot}%{_libexecdir}/kselftests VMLINUX_H="${RPM_VMLINUX_H}" install
|
||||
|
||||
# 'make install' for bpf is broken and upstream refuses to fix it.
|
||||
# Install the needed files manually.
|
||||
@ -2528,6 +2528,12 @@ find . -type f -executable -exec install -m755 {} %{buildroot}%{_libexecdir}/ksa
|
||||
find . -type f ! -executable -exec install -m644 {} %{buildroot}%{_libexecdir}/ksamples/pktgen/{} \;
|
||||
popd
|
||||
popd
|
||||
# install vm selftests
|
||||
pushd tools/testing/selftests/vm
|
||||
find -type d -exec install -d %{buildroot}%{_libexecdir}/kselftests/vm/{} \;
|
||||
find -type f -executable -exec install -D -m755 {} %{buildroot}%{_libexecdir}/kselftests/vm/{} \;
|
||||
find -type f ! -executable -exec install -D -m644 {} %{buildroot}%{_libexecdir}/kselftests/vm/{} \;
|
||||
popd
|
||||
# install drivers/net/mlxsw selftests
|
||||
pushd tools/testing/selftests/drivers/net/mlxsw
|
||||
find -type d -exec install -d %{buildroot}%{_libexecdir}/kselftests/drivers/net/mlxsw/{} \;
|
||||
@ -2973,6 +2979,114 @@ fi
|
||||
#
|
||||
#
|
||||
%changelog
|
||||
* Mon May 23 2022 Patrick Talbert <ptalbert@redhat.com> [5.14.0-97.el9]
|
||||
- tcp: drop the hash_32() part from the index calculation (Guillaume Nault) [2064868] {CVE-2022-1012}
|
||||
- tcp: increase source port perturb table to 2^16 (Guillaume Nault) [2064868] {CVE-2022-1012}
|
||||
- tcp: dynamically allocate the perturb table used by source ports (Guillaume Nault) [2064868] {CVE-2022-1012}
|
||||
- tcp: add small random increments to the source port (Guillaume Nault) [2064868] {CVE-2022-1012}
|
||||
- tcp: resalt the secret every 10 seconds (Guillaume Nault) [2064868] {CVE-2022-1012}
|
||||
- tcp: use different parts of the port_offset for index and offset (Guillaume Nault) [2064868] {CVE-2022-1012}
|
||||
- secure_seq: use the 64 bits of the siphash for port offset calculation (Guillaume Nault) [2064868] {CVE-2022-1012}
|
||||
- esp: limit skb_page_frag_refill use to a single page (Sabrina Dubroca) [2082951] {CVE-2022-27666}
|
||||
- esp: Fix possible buffer overflow in ESP transformation (Sabrina Dubroca) [2082951] {CVE-2022-27666}
|
||||
- cifs: truncate the inode and mapping when we simulate fcollapse (Ronnie Sahlberg) [1997367]
|
||||
- bpf: Fix renaming task_getsecid_subj->current_getsecid_subj. (Ondrej Mosnacek) [2083580]
|
||||
- selinux: use correct type for context length (Ondrej Mosnacek) [2083580]
|
||||
- selinux: drop return statement at end of void functions (Ondrej Mosnacek) [2083580]
|
||||
- selinux: parse contexts for mount options early (Ondrej Mosnacek) [2083580]
|
||||
- selinux: various sparse fixes (Ondrej Mosnacek) [2083580]
|
||||
- selinux: try to use preparsed sid before calling parse_sid() (Ondrej Mosnacek) [2083580]
|
||||
- selinux: Fix selinux_sb_mnt_opts_compat() (Ondrej Mosnacek) [2083580]
|
||||
- LSM: general protection fault in legacy_parse_param (Ondrej Mosnacek) [2083580]
|
||||
- selinux: fix a type cast problem in cred_init_security() (Ondrej Mosnacek) [2083580]
|
||||
- selinux: drop unused macro (Ondrej Mosnacek) [2083580]
|
||||
- selinux: simplify cred_init_security (Ondrej Mosnacek) [2083580]
|
||||
- selinux: do not discard const qualifier in cast (Ondrej Mosnacek) [2083580]
|
||||
- selinux: drop unused parameter of avtab_insert_node (Ondrej Mosnacek) [2083580]
|
||||
- selinux: drop cast to same type (Ondrej Mosnacek) [2083580]
|
||||
- selinux: enclose macro arguments in parenthesis (Ondrej Mosnacek) [2083580]
|
||||
- selinux: declare name parameter of hash_eval const (Ondrej Mosnacek) [2083580]
|
||||
- selinux: declare path parameters of _genfs_sid const (Ondrej Mosnacek) [2083580]
|
||||
- selinux: check return value of sel_make_avc_files (Ondrej Mosnacek) [2083580]
|
||||
- selinux: access superblock_security_struct in LSM blob way (Ondrej Mosnacek) [2083580]
|
||||
- selinux: fix misuse of mutex_is_locked() (Ondrej Mosnacek) [2050966 2083580]
|
||||
- selinux: minor tweaks to selinux_add_opt() (Ondrej Mosnacek) [2083580]
|
||||
- selinux: fix potential memleak in selinux_add_opt() (Ondrej Mosnacek) [2083580]
|
||||
- security,selinux: remove security_add_mnt_opt() (Ondrej Mosnacek) [2083580]
|
||||
- selinux: Use struct_size() helper in kmalloc() (Ondrej Mosnacek) [2083580]
|
||||
- lsm: security_task_getsecid_subj() -> security_current_getsecid_subj() (Ondrej Mosnacek) [2083580]
|
||||
- selinux: initialize proto variable in selinux_ip_postroute_compat() (Ondrej Mosnacek) [2083580]
|
||||
- selinux: fix sleeping function called from invalid context (Ondrej Mosnacek) [2083580]
|
||||
- selinux: fix a sock regression in selinux_ip_postroute_compat() (Ondrej Mosnacek) [2083580]
|
||||
- LSM: Avoid warnings about potentially unused hook variables (Ondrej Mosnacek) [2083580]
|
||||
- selinux: fix all of the W=1 build warnings (Ondrej Mosnacek) [2083580]
|
||||
- selinux: make better use of the nf_hook_state passed to the NF hooks (Ondrej Mosnacek) [2083580]
|
||||
- selinux: fix race condition when computing ocontext SIDs (Ondrej Mosnacek) [2083580]
|
||||
- selinux: remove unneeded ipv6 hook wrappers (Ondrej Mosnacek) [2083580]
|
||||
- security: remove unneeded subdir-$(CONFIG_...) (Ondrej Mosnacek) [2083580]
|
||||
- selinux: return early for possible NULL audit buffers (Ondrej Mosnacek) [2083580]
|
||||
- quota: make dquot_quota_sync return errors from ->sync_fs (Lukas Czerner) [2083053]
|
||||
- redhat: Enable VM kselftests (Nico Pache) [2081818]
|
||||
- selftests/vm: Makefile: s/TARGETS/VMTARGETS/g (Joel Savitz) [2081818]
|
||||
- redhat: Enable HMM test to be used by the kselftest test suite (Nico Pache) [2081818]
|
||||
- redhat: enable CONFIG_TEST_VMALLOC for vm selftests (Nico Pache) [2081818]
|
||||
- net: bridge: switchdev: check br_vlan_group() return value (Ivan Vecera) [2081601]
|
||||
- net: bridge: mst: Restrict info size queries to bridge ports (Ivan Vecera) [2081601]
|
||||
- net: bridge: mst: prevent NULL deref in br_mst_info_size() (Ivan Vecera) [2081601]
|
||||
- selftests: forwarding: Use same VRF for port and VLAN upper (Ivan Vecera) [2081601]
|
||||
- selftests: forwarding: Disable learning before link up (Ivan Vecera) [2081601]
|
||||
- net: bridge: mst: Add helper to query a port's MST state (Ivan Vecera) [2081601]
|
||||
- net: bridge: mst: Add helper to check if MST is enabled (Ivan Vecera) [2081601]
|
||||
- net: bridge: mst: Add helper to map an MSTI to a VID set (Ivan Vecera) [2081601]
|
||||
- net: bridge: mst: Notify switchdev drivers of MST state changes (Ivan Vecera) [2081601]
|
||||
- net: bridge: mst: Notify switchdev drivers of VLAN MSTI migrations (Ivan Vecera) [2081601]
|
||||
- net: bridge: mst: Notify switchdev drivers of MST mode changes (Ivan Vecera) [2081601]
|
||||
- net: bridge: mst: Support setting and reporting MST port states (Ivan Vecera) [2081601]
|
||||
- net: bridge: mst: Allow changing a VLAN's MSTI (Ivan Vecera) [2081601]
|
||||
- net: bridge: mst: Multiple Spanning Tree (MST) mode (Ivan Vecera) [2081601]
|
||||
- net: switchdev: remove lag_mod_cb from switchdev_handle_fdb_event_to_device (Ivan Vecera) [2081601]
|
||||
- selftests: forwarding: tests of locked port feature (Ivan Vecera) [2081601]
|
||||
- net: bridge: Add support for offloading of locked port flag (Ivan Vecera) [2081601]
|
||||
- net: bridge: Add support for bridge port in locked mode (Ivan Vecera) [2081601]
|
||||
- net: switchdev: avoid infinite recursion from LAG to bridge with port object handler (Ivan Vecera) [2081601]
|
||||
- bridge: switch br_net_exit to batch mode (Ivan Vecera) [2081601]
|
||||
- net: bridge: multicast: notify switchdev driver whenever MC processing gets disabled (Ivan Vecera) [2081601]
|
||||
- net: switchdev: introduce switchdev_handle_port_obj_{add,del} for foreign interfaces (Ivan Vecera) [2081601]
|
||||
- net: switchdev: rename switchdev_lower_dev_find to switchdev_lower_dev_find_rcu (Ivan Vecera) [2081601]
|
||||
- net: bridge: switchdev: replay all VLAN groups (Ivan Vecera) [2081601]
|
||||
- net: bridge: make nbp_switchdev_unsync_objs() follow reverse order of sync() (Ivan Vecera) [2081601]
|
||||
- net: bridge: switchdev: differentiate new VLANs from changed ones (Ivan Vecera) [2081601]
|
||||
- net: bridge: vlan: notify switchdev only when something changed (Ivan Vecera) [2081601]
|
||||
- net: bridge: vlan: make __vlan_add_flags react only to PVID and UNTAGGED (Ivan Vecera) [2081601]
|
||||
- net: bridge: vlan: don't notify to switchdev master VLANs without BRENTRY flag (Ivan Vecera) [2081601]
|
||||
- net: bridge: vlan: check early for lack of BRENTRY flag in br_vlan_add_existing (Ivan Vecera) [2081601]
|
||||
- net: bridge: vlan: check for errors from __vlan_del in __vlan_flush (Ivan Vecera) [2081601]
|
||||
- net/switchdev: use struct_size over open coded arithmetic (Ivan Vecera) [2081601]
|
||||
- net: bridge: vlan: fix memory leak in __allowed_ingress (Ivan Vecera) [2081601]
|
||||
- net: bridge: vlan: fix single net device option dumping (Ivan Vecera) [2081601]
|
||||
- net: bridge: Get SIOCGIFBR/SIOCSIFBR ioctl working in compat mode (Ivan Vecera) [2081601]
|
||||
- bridge: use __set_bit in __br_vlan_set_default_pvid (Ivan Vecera) [2081601]
|
||||
- net: bridge: Allow base 16 inputs in sysfs (Ivan Vecera) [2081601]
|
||||
- net/bridge: replace simple_strtoul to kstrtol (Ivan Vecera) [2081601]
|
||||
- net: bridge: Slightly optimize 'find_portno()' (Ivan Vecera) [2081601]
|
||||
- net: bridge: switchdev: fix shim definition for br_switchdev_mdb_notify (Ivan Vecera) [2081601]
|
||||
- net: bridge: switchdev: consistent function naming (Ivan Vecera) [2081601]
|
||||
- net: bridge: mdb: move all switchdev logic to br_switchdev.c (Ivan Vecera) [2081601]
|
||||
- net: bridge: split out the switchdev portion of br_mdb_notify (Ivan Vecera) [2081601]
|
||||
- net: bridge: move br_vlan_replay to br_switchdev.c (Ivan Vecera) [2081601]
|
||||
- net: bridge: provide shim definition for br_vlan_flags (Ivan Vecera) [2081601]
|
||||
- net: switchdev: merge switchdev_handle_fdb_{add,del}_to_device (Ivan Vecera) [2081601]
|
||||
- net: bridge: create a common function for populating switchdev FDB entries (Ivan Vecera) [2081601]
|
||||
- net: bridge: move br_fdb_replay inside br_switchdev.c (Ivan Vecera) [2081601]
|
||||
- net: bridge: reduce indentation level in fdb_create (Ivan Vecera) [2081601]
|
||||
- net: bridge: rename br_fdb_insert to br_fdb_add_local (Ivan Vecera) [2081601]
|
||||
- net: bridge: rename fdb_insert to fdb_add_local (Ivan Vecera) [2081601]
|
||||
- net: bridge: remove fdb_insert forward declaration (Ivan Vecera) [2081601]
|
||||
- net: bridge: remove fdb_notify forward declaration (Ivan Vecera) [2081601]
|
||||
- scsi: ses: Fix unsigned comparison with less than zero (Tomas Henzl) [2065658]
|
||||
- scsi: ses: Retry failed Send/Receive Diagnostic commands (Tomas Henzl) [2065658]
|
||||
- redhat/configs: enable GUP_TEST in debug kernel (Joel Savitz) [2079631]
|
||||
|
||||
* Thu May 19 2022 Patrick Talbert <ptalbert@redhat.com> [5.14.0-96.el9]
|
||||
- Revert "redhat: disable CONFIG_USB_CHIPIDEA" (Patrick Talbert)
|
||||
- soc/tegra: Add devm_tegra_core_dev_init_opp_table_common() (Patrick Talbert) [2086164]
|
||||
|
@ -44,3 +44,5 @@ test_klp_state3
|
||||
torture
|
||||
refscale
|
||||
rcuscale
|
||||
test_vmalloc
|
||||
test_hmm
|
||||
|
6
sources
6
sources
@ -1,3 +1,3 @@
|
||||
SHA512 (linux-5.14.0-96.el9.tar.xz) = 44fe9657d5f3a320896b82d7be0e98f692fcb649fb1a327eb205f9e69563f187ece9a3b21b273f88d8793b7857e308ed142f0fa1cf3100b4c3ed3d97f3420345
|
||||
SHA512 (kernel-abi-stablelists-5.14.0-96.el9.tar.bz2) = 02aeb2266e92c03b742b9dcbc265e747e4902b1f94b670b87c25cf51d390806ef973dc65d095d3a807375b8521d48ecaa9102dda0fc0f14aac74e0b0123ab2e7
|
||||
SHA512 (kernel-kabi-dw-5.14.0-96.el9.tar.bz2) = b07e3d6617cc434bf03eb165691b8b64418260e0a97bf3da3959aa03d142ff345c94b4a0f0856246d2b2c6a6a713fd6495e9f2cb73244cf4cfc5a4b7525e7674
|
||||
SHA512 (linux-5.14.0-97.el9.tar.xz) = b01be7b13a36abbdb725712dcaa46ce2a52dc6ff5b2997b6f610f9df6c02b723a95520b2f3b1664f97de470302bed71c5a8db1e49a706053c61519280446054f
|
||||
SHA512 (kernel-abi-stablelists-5.14.0-97.el9.tar.bz2) = 33babb13abd06cac854969b2014fbd6599e15338ce18681543c5c6883a225bf5b693012192855867053648b221e05bf32969c9ceec2e335d367bdb968bb36b7b
|
||||
SHA512 (kernel-kabi-dw-5.14.0-97.el9.tar.bz2) = b07e3d6617cc434bf03eb165691b8b64418260e0a97bf3da3959aa03d142ff345c94b4a0f0856246d2b2c6a6a713fd6495e9f2cb73244cf4cfc5a4b7525e7674
|
||||
|
Loading…
Reference in New Issue
Block a user