From 367d89457ec9276a1de9ef347a55f6d85d6f5d71 Mon Sep 17 00:00:00 2001
From: "Herton R. Krzesinski" <herton@redhat.com>
Date: Tue, 7 Feb 2023 00:17:44 +0000
Subject: [PATCH] kernel-5.14.0-261.el9

* Tue Feb 07 2023 Herton R. Krzesinski <herton@redhat.com> [5.14.0-261.el9]
- act_mirred: use the backlog for nested calls to mirred ingress (Davide Caratti) [2150278] {CVE-2022-4269}
- net/sched: act_mirred: better wording on protection against excessive stack growth (Davide Caratti) [2150278]
- net: openvswitch: release vport resources on failure (Antoine Tenart) [2163678]
- net: openvswitch: Add support to count upcall packets (Antoine Tenart) [2163678]
- openvswitch: Fix flow lookup to use unmasked key (Antoine Tenart) [2163374]
- openvswitch: return NF_DROP when fails to add nat ext in ovs_ct_nat (Antoine Tenart) [2163374]
- openvswitch: return NF_ACCEPT when OVS_CT_NAT is not set in info nat (Antoine Tenart) [2163374]
- openvswitch: delete the unncessary skb_pull_rcsum call in ovs_ct_nat_execute (Antoine Tenart) [2163374]
- openvswitch: Use kmalloc_size_roundup() to match ksize() usage (Antoine Tenart) [2163374]
- openvswitch: switch from WARN to pr_warn (Antoine Tenart) [2163374]
- bnxt: make sure we return pages to the pool (Ken Cox) [2112187]
- bnxt_en: fix memory leak in bnxt_nvm_test() (Ken Cox) [2112187]
- net: ethernet: move from strlcpy with unused retval to strscpy (Ken Cox) [2112187]
- bnxt_en: fix LRO/GRO_HW features in ndo_fix_features callback (Ken Cox) [2112187]
- bnxt_en: fix NQ resource accounting during vf creation on 57500 chips (Ken Cox) [2112187]
- bnxt_en: set missing reload flag in devlink features (Ken Cox) [2112187]
- bnxt_en: Use PAGE_SIZE to init buffer when multi buffer XDP is not in use (Ken Cox) [2112187]
- bnxt_en: Remove duplicated include bnxt_devlink.c (Ken Cox) [2112187]
- bnxt_en: implement callbacks for devlink selftests (Ken Cox) [2112187]
- bnxt_en: Fix and simplify XDP transmit path (Ken Cox) [2112187]
- bnxt: Use the bitmap API to allocate bitmaps (Ken Cox) [2112187]
- bnxt: Fix typo in comments (Ken Cox) [2112187]
- ethernet: Remove vf rate limit check for drivers (Ken Cox) [2112187]
- bnxt: XDP multibuffer enablement (Ken Cox) [2112187]
- bnxt: support transmit and free of aggregation buffers (Ken Cox) [2112187]
- bnxt: adding bnxt_xdp_build_skb to build skb from multibuffer xdp_buff (Ken Cox) [2112187]
- bnxt: set xdp_buff pfmemalloc flag if needed (Ken Cox) [2112187]
- bnxt: adding bnxt_rx_agg_pages_xdp for aggregated xdp (Ken Cox) [2112187]
- bnxt_en: extract coredump command line from current task (Ken Cox) [2112187]
- bnxt_en: Add compression flags information in coredump segment header (Ken Cox) [2112187]
- bnxt_en: Use struct_group_attr() for memcpy() region (Ken Cox) [2112187]
- dm cache: free background tracker's queued work in btracker_destroy (Benjamin Marzinski) [2163655]
- dm thin: Use last transaction's pmd->root when commit failed (Benjamin Marzinski) [2162536]
- dm thin: resume even if in FAIL mode (Benjamin Marzinski) [2162536]
- dm cache: set needs_check flag after aborting metadata (Benjamin Marzinski) [2162536]
- dm cache: Fix ABBA deadlock between shrink_slab and dm_cache_metadata_abort (Benjamin Marzinski) [2162536]
- dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata (Benjamin Marzinski) [2162536]
- dm integrity: Fix UAF in dm_integrity_dtr() (Benjamin Marzinski) [2162536]
- dm cache: Fix UAF in destroy() (Benjamin Marzinski) [2162536]
- dm clone: Fix UAF in clone_dtr() (Benjamin Marzinski) [2162536]
- dm thin: Fix UAF in run_timer_softirq() (Benjamin Marzinski) [2162536]
- dm integrity: clear the journal on suspend (Benjamin Marzinski) [2162536]
- dm integrity: flush the journal on suspend (Benjamin Marzinski) [2162536]
- dm bufio: Fix missing decrement of no_sleep_enabled if dm_bufio_client_create failed (Benjamin Marzinski) [2162536]
- dm ioctl: fix misbehavior if list_versions races with module loading (Benjamin Marzinski) [2162536]
Resolves: rhbz#2150278, rhbz#2163678, rhbz#2163374, rhbz#2112187, rhbz#2163655, rhbz#2162536

Signed-off-by: Herton R. Krzesinski <herton@redhat.com>
---
 Makefile.rhelver |  2 +-
 kernel.spec      | 55 ++++++++++++++++++++++++++++++++++++++++++++----
 sources          |  6 +++---
 3 files changed, 55 insertions(+), 8 deletions(-)

diff --git a/Makefile.rhelver b/Makefile.rhelver
index 91655b438..876094a49 100644
--- a/Makefile.rhelver
+++ b/Makefile.rhelver
@@ -12,7 +12,7 @@ RHEL_MINOR = 2
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 260
+RHEL_RELEASE = 261
 
 #
 # ZSTREAM
diff --git a/kernel.spec b/kernel.spec
index c2cd0d27d..8d0b4fd7e 100755
--- a/kernel.spec
+++ b/kernel.spec
@@ -119,15 +119,15 @@ Summary: The Linux kernel
 # define buildid .local
 %define specversion 5.14.0
 %define patchversion 5.14
-%define pkgrelease 260
+%define pkgrelease 261
 %define kversion 5
-%define tarfile_release 5.14.0-260.el9
+%define tarfile_release 5.14.0-261.el9
 # This is needed to do merge window version magic
 %define patchlevel 14
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 260%{?buildid}%{?dist}
+%define specrelease 261%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 5.14.0-260.el9
+%define kabiversion 5.14.0-261.el9
 
 #
 # End of genspec.sh variables
@@ -3116,6 +3116,53 @@ fi
 #
 #
 %changelog
+* Tue Feb 07 2023 Herton R. Krzesinski <herton@redhat.com> [5.14.0-261.el9]
+- act_mirred: use the backlog for nested calls to mirred ingress (Davide Caratti) [2150278] {CVE-2022-4269}
+- net/sched: act_mirred: better wording on protection against excessive stack growth (Davide Caratti) [2150278]
+- net: openvswitch: release vport resources on failure (Antoine Tenart) [2163678]
+- net: openvswitch: Add support to count upcall packets (Antoine Tenart) [2163678]
+- openvswitch: Fix flow lookup to use unmasked key (Antoine Tenart) [2163374]
+- openvswitch: return NF_DROP when fails to add nat ext in ovs_ct_nat (Antoine Tenart) [2163374]
+- openvswitch: return NF_ACCEPT when OVS_CT_NAT is not set in info nat (Antoine Tenart) [2163374]
+- openvswitch: delete the unncessary skb_pull_rcsum call in ovs_ct_nat_execute (Antoine Tenart) [2163374]
+- openvswitch: Use kmalloc_size_roundup() to match ksize() usage (Antoine Tenart) [2163374]
+- openvswitch: switch from WARN to pr_warn (Antoine Tenart) [2163374]
+- bnxt: make sure we return pages to the pool (Ken Cox) [2112187]
+- bnxt_en: fix memory leak in bnxt_nvm_test() (Ken Cox) [2112187]
+- net: ethernet: move from strlcpy with unused retval to strscpy (Ken Cox) [2112187]
+- bnxt_en: fix LRO/GRO_HW features in ndo_fix_features callback (Ken Cox) [2112187]
+- bnxt_en: fix NQ resource accounting during vf creation on 57500 chips (Ken Cox) [2112187]
+- bnxt_en: set missing reload flag in devlink features (Ken Cox) [2112187]
+- bnxt_en: Use PAGE_SIZE to init buffer when multi buffer XDP is not in use (Ken Cox) [2112187]
+- bnxt_en: Remove duplicated include bnxt_devlink.c (Ken Cox) [2112187]
+- bnxt_en: implement callbacks for devlink selftests (Ken Cox) [2112187]
+- bnxt_en: Fix and simplify XDP transmit path (Ken Cox) [2112187]
+- bnxt: Use the bitmap API to allocate bitmaps (Ken Cox) [2112187]
+- bnxt: Fix typo in comments (Ken Cox) [2112187]
+- ethernet: Remove vf rate limit check for drivers (Ken Cox) [2112187]
+- bnxt: XDP multibuffer enablement (Ken Cox) [2112187]
+- bnxt: support transmit and free of aggregation buffers (Ken Cox) [2112187]
+- bnxt: adding bnxt_xdp_build_skb to build skb from multibuffer xdp_buff (Ken Cox) [2112187]
+- bnxt: set xdp_buff pfmemalloc flag if needed (Ken Cox) [2112187]
+- bnxt: adding bnxt_rx_agg_pages_xdp for aggregated xdp (Ken Cox) [2112187]
+- bnxt_en: extract coredump command line from current task (Ken Cox) [2112187]
+- bnxt_en: Add compression flags information in coredump segment header (Ken Cox) [2112187]
+- bnxt_en: Use struct_group_attr() for memcpy() region (Ken Cox) [2112187]
+- dm cache: free background tracker's queued work in btracker_destroy (Benjamin Marzinski) [2163655]
+- dm thin: Use last transaction's pmd->root when commit failed (Benjamin Marzinski) [2162536]
+- dm thin: resume even if in FAIL mode (Benjamin Marzinski) [2162536]
+- dm cache: set needs_check flag after aborting metadata (Benjamin Marzinski) [2162536]
+- dm cache: Fix ABBA deadlock between shrink_slab and dm_cache_metadata_abort (Benjamin Marzinski) [2162536]
+- dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata (Benjamin Marzinski) [2162536]
+- dm integrity: Fix UAF in dm_integrity_dtr() (Benjamin Marzinski) [2162536]
+- dm cache: Fix UAF in destroy() (Benjamin Marzinski) [2162536]
+- dm clone: Fix UAF in clone_dtr() (Benjamin Marzinski) [2162536]
+- dm thin: Fix UAF in run_timer_softirq() (Benjamin Marzinski) [2162536]
+- dm integrity: clear the journal on suspend (Benjamin Marzinski) [2162536]
+- dm integrity: flush the journal on suspend (Benjamin Marzinski) [2162536]
+- dm bufio: Fix missing decrement of no_sleep_enabled if dm_bufio_client_create failed (Benjamin Marzinski) [2162536]
+- dm ioctl: fix misbehavior if list_versions races with module loading (Benjamin Marzinski) [2162536]
+
 * Mon Feb 06 2023 Herton R. Krzesinski <herton@redhat.com> [5.14.0-260.el9]
 - platform/x86/amd: Fix refcount leak in amd_pmc_probe (David Arcari) [2104173]
 - platform/x86/amd: pmc: Add a workaround for an s0i3 issue on Cezanne (David Arcari) [2104173]
diff --git a/sources b/sources
index 3836e1c7a..85673883d 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (linux-5.14.0-260.el9.tar.xz) = de215e5443b73bfe5f2e58d6e7316d6d044108230f7149e0fde711ff82a458edda49604d589d7d9c0d62aa1ff4883cda400e8f249c43d3258cd2f89a2f7f14eb
-SHA512 (kernel-abi-stablelists-5.14.0-260.el9.tar.bz2) = 7d812c82cbba81765a9ff294045a39dfaa88e308d27ded94687617044a367486079723f76c34db08d52a893f8101d47d145eb955d0b0508a0c9effc840b37807
-SHA512 (kernel-kabi-dw-5.14.0-260.el9.tar.bz2) = dfd13f113847a54ac407bdacfcfa3f0a44f92cb451546f0dfd0262d67b93a2117adc23a91722b02154d74c7c4653a00874dbcf78ab8a8d0f3daa8e3cf1c9c1d5
+SHA512 (linux-5.14.0-261.el9.tar.xz) = a94a23f8359fe83d11c40960484228aa988d1cb30b3fa3bd192e0440074bc4faba015df7d87020c1b9a890c5f991b93b4e9c82d7c57e0476e50bde2ff8ce387e
+SHA512 (kernel-abi-stablelists-5.14.0-261.el9.tar.bz2) = e9656e2a688731a7beeca328c3f1ad2d38c82ea827b9b3a2e5733ca3000d761841333ba872c5ed63422f5e7bf1a0fd74ec174911211472814d3e018a71ab34fd
+SHA512 (kernel-kabi-dw-5.14.0-261.el9.tar.bz2) = 0c86145a994f11478e3ea7a772b43067217afa4624f24fca0102286381e47e2afe174043db1767068c5b6cfd81efb8ad6018deb7c810346aae1480c48189899a