kernel-5.14.0-398.el9
* Tue Dec 12 2023 Scott Weaver <scweaver@redhat.com> [5.14.0-398.el9] - arch/x86: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - kvm: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - mm: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - PM / devfreq: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - init: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - fs/quota: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - fs/notify: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - fs/btrfs: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - drivers/net: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - drivers/md: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - drivers/hwtracing/stm: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - drivers/dax: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - tomoyo: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - PM: sleep: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - drivers/clk: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - fs/dlm: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - drivers/opp: Remove "select SRCU" (Myron Stowe) [RHEL-18042] - net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() (Sabrina Dubroca) [RHEL-16719] {CVE-2023-6176} - nfp: fix use-after-free in area_cache_get() (Ricardo Robaina) [RHEL-6566] {CVE-2022-3545} - netfilter: nf_tables: split async and sync catchall in two functions (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: remove catchall element in GC sync path (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: expose opaque set element as struct nft_elem_priv (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: set backend .flush always succeeds (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nft_set_pipapo: no need to call pipapo_deactivate() from flush (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: work around newrule after chain binding (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: fix memleak when more than 255 elements expired (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: disable toggling dormant table state more than once (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: disallow element removal on anonymous sets (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: disallow rule removal from chain binding (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: defer gc run if previous batch is still pending (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: fix out of memory error handling (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: use correct lock to protect gc_list (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: GC transaction race with abort path (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: flush pending destroy work before netlink notifier (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nft_dynset: disallow object maps (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: GC transaction race with netns dismantle (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: don't fail inserts if duplicate has expired (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: deactivate catchall elements in next generation (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: fix kdoc warnings after gc rework (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: fix false-positive lockdep splat (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: remove busy mark and gc batch API (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nft_set_hash: mark set element as dead when deleting from packet path (Florian Westphal) [RHEL-1720 RHEL-1721] {CVE-2023-4244} - netfilter: nf_tables: adapt set backend to use GC transaction API (Florian Westphal) [RHEL-1720 RHEL-1721] {CVE-2023-4244} - netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR (Florian Westphal) [RHEL-1720 RHEL-1721] {CVE-2023-4244} - netfilter: nft_set_rbtree: fix overlap expiration walk (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: GC transaction API to avoid race with control plane (Florian Westphal) [RHEL-1720 RHEL-1721] {CVE-2023-4244} - netfilter: nf_tables: don't skip expired elements during walk (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: skip bound chain on rule flush (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: skip bound chain in netns release path (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: fix spurious set element insertion failure (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: report use refcount overflow (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: fix underflow in chain reference counter (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: disallow timeout for anonymous sets (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: disallow updates of anonymous sets (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: reject unbound chain set before commit phase (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: reject unbound anonymous set before commit phase (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: disallow element updates of bound anonymous sets (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: fix underflow in object reference counter (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: drop map element references from preparation phase (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: validate variable length element extension (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nft_set_pipapo: .walk does not deal with generations (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: relax set/map validation checks (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: integrate pipapo into commit protocol (Florian Westphal) [RHEL-1720 RHEL-1721] - netfilter: nf_tables: upfront validation of data via nft_data_init() (Florian Westphal) [RHEL-1720 RHEL-1721] - cgroup: add cgroup_favordynmods= command-line option (Waiman Long) [RHEL-16027] - cgroup/misc: Expose misc.current on cgroup v2 root (Waiman Long) [RHEL-16027] - cgroup: remove obsolete comment on cgroup_on_dfl() (Waiman Long) [RHEL-16027] - cgroup: remove unused task_cgroup_path() (Waiman Long) [RHEL-16027] - cgroup/cpuset: remove unneeded header files (Waiman Long) [RHEL-16027] - cgroup: make cgroup_is_threaded() and cgroup_is_thread_root() static (Waiman Long) [RHEL-16027] - rdmacg: fix kernel-doc warnings in rdmacg (Waiman Long) [RHEL-16027] - cgroup: Replace the css_set call with cgroup_get (Waiman Long) [RHEL-16027] - cgroup: remove unused macro for_each_e_css() (Waiman Long) [RHEL-16027] - cgroup: Update out-of-date comment in cgroup_migrate() (Waiman Long) [RHEL-16027] - cgroup: Replace all non-returning strlcpy with strscpy (Waiman Long) [RHEL-16027] - cgroup/cpuset: remove unneeded header files (Waiman Long) [RHEL-16027] - cgroup: Do not corrupt task iteration when rebinding subsystem (Waiman Long) [RHEL-16027] - cgroup: fix missing cpus_read_{lock,unlock}() in cgroup_transfer_tasks() (Waiman Long) [RHEL-16027] - cpuset: Clean up cpuset_node_allowed (Waiman Long) [RHEL-16027] - memcg: page_cgroup_ino() get memcg from the page's folio (Waiman Long) [RHEL-16027] - memcg v1: provide read access to memory.pressure_level (Waiman Long) [RHEL-16027] - mm, memcg: Prevent memory.soft_limit_in_bytes load/store tearing (Waiman Long) [RHEL-16027] - mm, memcg: Prevent memory.oom_control load/store tearing (Waiman Long) [RHEL-16027] - mm, memcg: Prevent memory.swappiness load/store tearing (Waiman Long) [RHEL-16027] - mm, memcg: Prevent memory.oom.group load/store tearing (Waiman Long) [RHEL-16027] - cgroup_get_from_fd(): switch to fdget_raw() (Waiman Long) [RHEL-16027] - mm: memcg: add folio_memcg_check() (Waiman Long) [RHEL-16027] - mm: memcg: fix NULL pointer in mem_cgroup_track_foreign_dirty_slowpath() (Waiman Long) [RHEL-16027] - kernfs: Fix spurious lockdep warning in kernfs_find_and_get_node_by_id() (Waiman Long) [RHEL-16027] - cgroup: Implement cgroup_file_show() (Waiman Long) [RHEL-16027] - kernfs: Implement kernfs_show() (Waiman Long) [RHEL-16027] - kernfs: Factor out kernfs_activate_one() (Waiman Long) [RHEL-16027] - kernfs: Add KERNFS_REMOVING flags (Waiman Long) [RHEL-16027] - kernfs: Improve kernfs_drain() and always call on removal (Waiman Long) [RHEL-16027] - kernfs: Skip kernfs_drain_open_files() more aggressively (Waiman Long) [RHEL-16027] - kernfs: Refactor kernfs_get_open_node() (Waiman Long) [RHEL-16027] - kernfs: Drop unnecessary "mutex" local variable initialization (Waiman Long) [RHEL-16027] - kernfs: Simply by replacing kernfs_deref_open_node() with of_on() (Waiman Long) [RHEL-16027] - Revert "kernfs: Change kernfs_notify_list to llist." (Waiman Long) [RHEL-16027] - kernfs: Replace global kernfs_open_file_mutex with hashed mutexes. (Waiman Long) [RHEL-16027] - kernfs: Introduce interface to access global kernfs_open_file_mutex. (Waiman Long) [RHEL-16027] - kernfs: Change kernfs_notify_list to llist. (Waiman Long) [RHEL-16027] - kernfs: make ->attr.open RCU protected. (Waiman Long) [RHEL-16027] - kernfs/file.c: remove redundant error return counter assignment (Waiman Long) [RHEL-16027] - cgroup: remove "no" prefixed mount options (Waiman Long) [RHEL-16027] - redhat/configs: Add CONFIG_CGROUP_FAVOR_DYNMODS=n (Waiman Long) [RHEL-16027] - cgroup: Make !percpu threadgroup_rwsem operations optional (Waiman Long) [RHEL-16027] - cgroup: Add "no" prefixed mount options (Waiman Long) [RHEL-16027] - kernfs: Rename kernfs_put_open_node to kernfs_unlink_open_file. (Waiman Long) [RHEL-16027] - kernfs: Remove reference counting for kernfs_open_node. (Waiman Long) [RHEL-16027] - cpuset: Fix kernel-doc (Waiman Long) [RHEL-16027] - rtnetlink: remove redundant checks for nlattr IFLA_BRIDGE_MODE (Michal Schmidt) [RHEL-18148] - rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length (Michal Schmidt) [RHEL-18148] - page_pool: split types and declarations from page_pool.h (Petr Oros) [RHEL-16983] - docs: net: page_pool: use kdoc to avoid duplicating the information (Petr Oros) [RHEL-16983] - docs: net: page_pool: document PP_FLAG_DMA_SYNC_DEV parameters (Petr Oros) [RHEL-16983] - ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() (Guillaume Nault) [RHEL-14287] - ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg (Guillaume Nault) [RHEL-14287] - tracing/timerlat: Add user-space interface (Chris White) [RHEL-14932] - tracing/osnoise: Skip running osnoise if all instances are off (Chris White) [RHEL-14932] - tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable (Chris White) [RHEL-14932] - ice: Fix VF Reset paths when interface in a failed over aggregate (Petr Oros) [RHEL-15698] - ice: Fix VF-VF direction matching in drop rule in switchdev (Petr Oros) [RHEL-15698] - ice: Fix VF-VF filter rules in switchdev mode (Petr Oros) [RHEL-15698] - ice: Fix SRIOV LAG disable on non-compliant aggregate (Petr Oros) [RHEL-15698] - ice: lag: in RCU, use atomic allocation (Petr Oros) [RHEL-15698] - ice: Fix safe mode when DDP is missing (Petr Oros) [RHEL-15698] - ice: reset first in crash dump kernels (Petr Oros) [RHEL-15698] - ice: fix over-shifted variable (Petr Oros) [RHEL-15698] - ice: block default rule setting on LAG interface (Petr Oros) [RHEL-15698] - ice: avoid executing commands on other ports when driving sync (Petr Oros) [RHEL-15698] - ice: fix receive buffer size miscalculation (Petr Oros) [RHEL-15698] - ice: split ice_aq_wait_for_event() func into two (Petr Oros) [RHEL-15698] - ice: embed &ice_rq_event_info event into struct ice_aq_task (Petr Oros) [RHEL-15698] - ice: ice_aq_check_events: fix off-by-one check when filling buffer (Petr Oros) [RHEL-15698] - ice: drop two params from ice_aq_alloc_free_res() (Petr Oros) [RHEL-15698] - ice: use list_for_each_entry() helper (Petr Oros) [RHEL-15698] - ice: Remove redundant VSI configuration in eswitch setup (Petr Oros) [RHEL-15698] - ice: move E810T functions to before device agnostic ones (Petr Oros) [RHEL-15698] - ice: refactor ice_vsi_is_vlan_pruning_ena (Petr Oros) [RHEL-15698] - ice: refactor ice_ptp_hw to make functions static (Petr Oros) [RHEL-15698] - ice: refactor ice_sched to make functions static (Petr Oros) [RHEL-15698] - ice: Utilize assign_bit() helper (Petr Oros) [RHEL-15698] - ice: refactor ice_vf_lib to make functions static (Petr Oros) [RHEL-15698] - ice: refactor ice_lib to make functions static (Petr Oros) [RHEL-15698] - ice: refactor ice_ddp to make functions static (Petr Oros) [RHEL-15698] - ice: remove unused methods (Petr Oros) [RHEL-15698] - ice: Block switchdev mode when ADQ is active and vice versa (Petr Oros) [RHEL-15698] - ice: clean up __ice_aq_get_set_rss_lut() (Petr Oros) [RHEL-15698] - ice: add FW load wait (Petr Oros) [RHEL-15698] - ice: Add get C827 PHY index function (Petr Oros) [RHEL-15698] - ice: Rename enum ice_pkt_flags values (Petr Oros) [RHEL-15698] - ice: Add direction metadata (Petr Oros) [RHEL-15698] - ice: Accept LAG netdevs in bridge offloads (Petr Oros) [RHEL-15698] - ice: Fix RDMA VSI removal during queue rebuild (Petr Oros) [RHEL-15698] - ice: update reset path for SRIOV LAG support (Petr Oros) [RHEL-15698] - ice: enforce no DCB config changing when in bond (Petr Oros) [RHEL-15698] - ice: enforce interface eligibility and add messaging for SRIOV LAG (Petr Oros) [RHEL-15698] - ice: support non-standard teardown of bond interface (Petr Oros) [RHEL-15698] - ice: Flesh out implementation of support for SRIOV on bonded interface (Petr Oros) [RHEL-15698] - ice: process events created by lag netdev event handler (Petr Oros) [RHEL-15698] - ice: implement lag netdev event handler (Petr Oros) [RHEL-15698] - ice: changes to the interface with the HW and FW for SRIOV_VF+LAG (Petr Oros) [RHEL-15698] - ice: Add driver support for firmware changes for LAG (Petr Oros) [RHEL-15698] - ice: Correctly initialize queue context values (Petr Oros) [RHEL-15698] - ice: Fix memory management in ice_ethtool_fdir.c (Petr Oros) [RHEL-15698] - ice: add tracepoints for the switchdev bridge (Petr Oros) [RHEL-15698] - ice: implement static version of ageing (Petr Oros) [RHEL-15698] - ice: implement bridge port vlan (Petr Oros) [RHEL-15698] - ice: Add VLAN FDB support in switchdev mode (Petr Oros) [RHEL-15698] - ice: Add guard rule when creating FDB in switchdev (Petr Oros) [RHEL-15698] - ice: Switchdev FDB events support (Petr Oros) [RHEL-15698] - ice: Implement basic eswitch bridge setup (Petr Oros) [RHEL-15698] - ice: Unset src prune on uplink VSI (Petr Oros) [RHEL-15698] - ice: Disable vlan pruning for uplink VSI (Petr Oros) [RHEL-15698] - ice: Prohibit rx mode change in switchdev mode (Petr Oros) [RHEL-15698] - ice: Skip adv rules removal upon switchdev release (Petr Oros) [RHEL-15698] - ice: xsk: Tx multi-buffer support (Petr Oros) [RHEL-15698] - ice: xsk: add RX multi-buffer support (Petr Oros) [RHEL-15698] - ice: remove unnecessary (void*) conversions (Petr Oros) [RHEL-15698] - ice: Remove managed memory usage in ice_get_fw_log_cfg() (Petr Oros) [RHEL-15698] - ice: remove null checks before devm_kfree() calls (Petr Oros) [RHEL-15698] - ice: clean up freeing SR-IOV VFs (Petr Oros) [RHEL-15698] - ice: allow hot-swapping XDP programs (Petr Oros) [RHEL-15698] - ice: remove unnecessary check for old MAC == new MAC (Petr Oros) [RHEL-15698] - ice: do not re-enable miscellaneous interrupt until thread_fn completes (Petr Oros) [RHEL-15698] - ice: trigger PFINT_OICR_TSYN_TX interrupt instead of polling (Petr Oros) [RHEL-15698] - ice: introduce ICE_TX_TSTAMP_WORK enumeration (Petr Oros) [RHEL-15698] - ice: use src VSI instead of src MAC in slow-path (Petr Oros) [RHEL-15698] - ice: allow matching on meta data (Petr Oros) [RHEL-15698] - ice: specify field names in ice_prot_ext init (Petr Oros) [RHEL-15698] - ice: remove redundant Rx field from rule info (Petr Oros) [RHEL-15698] - ice: define meta data to match in switch (Petr Oros) [RHEL-15698] - ice: update PHY type to ethtool link mode mapping (Petr Oros) [RHEL-15698] - ice: refactor PHY type to ethtool link mode (Petr Oros) [RHEL-15698] - ice: update ICE_PHY_TYPE_HIGH_MAX_INDEX (Petr Oros) [RHEL-15698] - ice: add dynamic interrupt allocation (Petr Oros) [RHEL-15698] - ice: track interrupt vectors with xarray (Petr Oros) [RHEL-15698] - ice: add individual interrupt allocation (Petr Oros) [RHEL-15698] - ice: remove redundant SRIOV code (Petr Oros) [RHEL-15698] - ice: refactor VF control VSI interrupt handling (Petr Oros) [RHEL-15698] - ice: use preferred MSIX allocation api (Petr Oros) [RHEL-15698] - ice: use pci_irq_vector helper function (Petr Oros) [RHEL-15698] - ice: move interrupt related code to separate file (Petr Oros) [RHEL-15698] - ice: call ice_is_malicious_vf() from ice_vc_process_vf_msg() (Petr Oros) [RHEL-15698] - ice: move ice_is_malicious_vf() to ice_virtchnl.c (Petr Oros) [RHEL-15698] - ice: print message if ice_mbx_vf_state_handler returns an error (Petr Oros) [RHEL-15698] - ice: pass mbxdata to ice_is_malicious_vf() (Petr Oros) [RHEL-15698] - ice: remove unnecessary &array[0] and just use array (Petr Oros) [RHEL-15698] - ice: always report VF overflowing mailbox even without PF VSI (Petr Oros) [RHEL-15698] - ice: declare ice_vc_process_vf_msg in ice_virtchnl.h (Petr Oros) [RHEL-15698] - ice: initialize mailbox snapshot earlier in PF init (Petr Oros) [RHEL-15698] - ice: merge ice_mbx_report_malvf with ice_mbx_vf_state_handler (Petr Oros) [RHEL-15698] - ice: remove ice_mbx_deinit_snapshot (Petr Oros) [RHEL-15698] - ice: move VF overflow message count into struct ice_mbx_vf_info (Petr Oros) [RHEL-15698] - ice: track malicious VFs in new ice_mbx_vf_info structure (Petr Oros) [RHEL-15698] - ice: convert ice_mbx_clear_malvf to void and use WARN (Petr Oros) [RHEL-15698] - ice: re-order ice_mbx_reset_snapshot function (Petr Oros) [RHEL-15698] - ice: Remove unnecessary aer.h include (Petr Oros) [RHEL-15698] - ice: update xdp_features with xdp multi-buff (Petr Oros) [RHEL-15698] - fs/smb/client: Reset password pointer to NULL (Scott Mayhew) [RHEL-11805 RHEL-11809] {CVE-2023-5345} - platform/x86/amd/hsmp: Fix iomem handling (David Arcari) [RHEL-16017] - platform/x86/amd/hsmp: improve the error log (David Arcari) [RHEL-16017] - platform/x86/amd/hsmp: add support for metrics tbl (David Arcari) [RHEL-16017] - platform/x86/amd/hsmp: create plat specific struct (David Arcari) [RHEL-16017] - x86/amd_nb: Use Family 19h Models 60h-7Fh Function 4 IDs (David Arcari) [RHEL-16017] - x86/amd_nb: Add AMD Family MI300 PCI IDs (David Arcari) [RHEL-16017] - x86/amd_nb: Add PCI IDs for AMD Family 1Ah-based models (David Arcari) [RHEL-16017] - x86/amd_nb: Re-sort and re-indent PCI defines (David Arcari) [RHEL-16017] - x86/amd_nb: Add MI200 PCI IDs (David Arcari) [RHEL-16017] - docs: move x86 documentation into Documentation/arch/ (David Arcari) [RHEL-16017] - platform/x86: amd: hsmp: Convert to platform remove callback returning void (David Arcari) [RHEL-16017] - platform/x86: use PLATFORM_DEVID_NONE instead of -1 (David Arcari) [RHEL-16017] - platform/x86: Move AMD platform drivers to separate directory (David Arcari) [RHEL-16017] Resolves: RHEL-11805, RHEL-11809, RHEL-14287, RHEL-14932, RHEL-15698, RHEL-16017, RHEL-16027, RHEL-16719, RHEL-16983, RHEL-1720, RHEL-1721, RHEL-18042, RHEL-18148, RHEL-6566 Signed-off-by: Scott Weaver <scweaver@redhat.com>
This commit is contained in:
parent
164d6f7e7a
commit
3a193c34a4
@ -12,7 +12,7 @@ RHEL_MINOR = 4
|
|||||||
#
|
#
|
||||||
# Use this spot to avoid future merge conflicts.
|
# Use this spot to avoid future merge conflicts.
|
||||||
# Do not trim this comment.
|
# Do not trim this comment.
|
||||||
RHEL_RELEASE = 397
|
RHEL_RELEASE = 398
|
||||||
|
|
||||||
#
|
#
|
||||||
# ZSTREAM
|
# ZSTREAM
|
||||||
|
@ -776,6 +776,7 @@ CONFIG_CGROUP_BPF=y
|
|||||||
CONFIG_CGROUP_CPUACCT=y
|
CONFIG_CGROUP_CPUACCT=y
|
||||||
CONFIG_CGROUP_DEBUG=y
|
CONFIG_CGROUP_DEBUG=y
|
||||||
CONFIG_CGROUP_DEVICE=y
|
CONFIG_CGROUP_DEVICE=y
|
||||||
|
# CONFIG_CGROUP_FAVOR_DYNMODS is not set
|
||||||
CONFIG_CGROUP_FREEZER=y
|
CONFIG_CGROUP_FREEZER=y
|
||||||
CONFIG_CGROUP_HUGETLB=y
|
CONFIG_CGROUP_HUGETLB=y
|
||||||
CONFIG_CGROUP_MISC=y
|
CONFIG_CGROUP_MISC=y
|
||||||
|
@ -776,6 +776,7 @@ CONFIG_CGROUP_BPF=y
|
|||||||
CONFIG_CGROUP_CPUACCT=y
|
CONFIG_CGROUP_CPUACCT=y
|
||||||
# CONFIG_CGROUP_DEBUG is not set
|
# CONFIG_CGROUP_DEBUG is not set
|
||||||
CONFIG_CGROUP_DEVICE=y
|
CONFIG_CGROUP_DEVICE=y
|
||||||
|
# CONFIG_CGROUP_FAVOR_DYNMODS is not set
|
||||||
CONFIG_CGROUP_FREEZER=y
|
CONFIG_CGROUP_FREEZER=y
|
||||||
CONFIG_CGROUP_HUGETLB=y
|
CONFIG_CGROUP_HUGETLB=y
|
||||||
CONFIG_CGROUP_MISC=y
|
CONFIG_CGROUP_MISC=y
|
||||||
|
@ -773,6 +773,7 @@ CONFIG_CGROUP_BPF=y
|
|||||||
CONFIG_CGROUP_CPUACCT=y
|
CONFIG_CGROUP_CPUACCT=y
|
||||||
CONFIG_CGROUP_DEBUG=y
|
CONFIG_CGROUP_DEBUG=y
|
||||||
CONFIG_CGROUP_DEVICE=y
|
CONFIG_CGROUP_DEVICE=y
|
||||||
|
# CONFIG_CGROUP_FAVOR_DYNMODS is not set
|
||||||
CONFIG_CGROUP_FREEZER=y
|
CONFIG_CGROUP_FREEZER=y
|
||||||
CONFIG_CGROUP_HUGETLB=y
|
CONFIG_CGROUP_HUGETLB=y
|
||||||
CONFIG_CGROUP_MISC=y
|
CONFIG_CGROUP_MISC=y
|
||||||
|
@ -773,6 +773,7 @@ CONFIG_CGROUP_BPF=y
|
|||||||
CONFIG_CGROUP_CPUACCT=y
|
CONFIG_CGROUP_CPUACCT=y
|
||||||
# CONFIG_CGROUP_DEBUG is not set
|
# CONFIG_CGROUP_DEBUG is not set
|
||||||
CONFIG_CGROUP_DEVICE=y
|
CONFIG_CGROUP_DEVICE=y
|
||||||
|
# CONFIG_CGROUP_FAVOR_DYNMODS is not set
|
||||||
CONFIG_CGROUP_FREEZER=y
|
CONFIG_CGROUP_FREEZER=y
|
||||||
CONFIG_CGROUP_HUGETLB=y
|
CONFIG_CGROUP_HUGETLB=y
|
||||||
CONFIG_CGROUP_MISC=y
|
CONFIG_CGROUP_MISC=y
|
||||||
|
@ -785,6 +785,7 @@ CONFIG_CGROUP_BPF=y
|
|||||||
CONFIG_CGROUP_CPUACCT=y
|
CONFIG_CGROUP_CPUACCT=y
|
||||||
CONFIG_CGROUP_DEBUG=y
|
CONFIG_CGROUP_DEBUG=y
|
||||||
CONFIG_CGROUP_DEVICE=y
|
CONFIG_CGROUP_DEVICE=y
|
||||||
|
# CONFIG_CGROUP_FAVOR_DYNMODS is not set
|
||||||
CONFIG_CGROUP_FREEZER=y
|
CONFIG_CGROUP_FREEZER=y
|
||||||
CONFIG_CGROUP_HUGETLB=y
|
CONFIG_CGROUP_HUGETLB=y
|
||||||
CONFIG_CGROUP_MISC=y
|
CONFIG_CGROUP_MISC=y
|
||||||
|
@ -785,6 +785,7 @@ CONFIG_CGROUP_BPF=y
|
|||||||
CONFIG_CGROUP_CPUACCT=y
|
CONFIG_CGROUP_CPUACCT=y
|
||||||
# CONFIG_CGROUP_DEBUG is not set
|
# CONFIG_CGROUP_DEBUG is not set
|
||||||
CONFIG_CGROUP_DEVICE=y
|
CONFIG_CGROUP_DEVICE=y
|
||||||
|
# CONFIG_CGROUP_FAVOR_DYNMODS is not set
|
||||||
CONFIG_CGROUP_FREEZER=y
|
CONFIG_CGROUP_FREEZER=y
|
||||||
CONFIG_CGROUP_HUGETLB=y
|
CONFIG_CGROUP_HUGETLB=y
|
||||||
CONFIG_CGROUP_MISC=y
|
CONFIG_CGROUP_MISC=y
|
||||||
|
@ -620,6 +620,7 @@ CONFIG_CGROUP_BPF=y
|
|||||||
CONFIG_CGROUP_CPUACCT=y
|
CONFIG_CGROUP_CPUACCT=y
|
||||||
CONFIG_CGROUP_DEBUG=y
|
CONFIG_CGROUP_DEBUG=y
|
||||||
CONFIG_CGROUP_DEVICE=y
|
CONFIG_CGROUP_DEVICE=y
|
||||||
|
# CONFIG_CGROUP_FAVOR_DYNMODS is not set
|
||||||
CONFIG_CGROUP_FREEZER=y
|
CONFIG_CGROUP_FREEZER=y
|
||||||
CONFIG_CGROUP_HUGETLB=y
|
CONFIG_CGROUP_HUGETLB=y
|
||||||
CONFIG_CGROUP_MISC=y
|
CONFIG_CGROUP_MISC=y
|
||||||
|
@ -620,6 +620,7 @@ CONFIG_CGROUP_BPF=y
|
|||||||
CONFIG_CGROUP_CPUACCT=y
|
CONFIG_CGROUP_CPUACCT=y
|
||||||
# CONFIG_CGROUP_DEBUG is not set
|
# CONFIG_CGROUP_DEBUG is not set
|
||||||
CONFIG_CGROUP_DEVICE=y
|
CONFIG_CGROUP_DEVICE=y
|
||||||
|
# CONFIG_CGROUP_FAVOR_DYNMODS is not set
|
||||||
CONFIG_CGROUP_FREEZER=y
|
CONFIG_CGROUP_FREEZER=y
|
||||||
CONFIG_CGROUP_HUGETLB=y
|
CONFIG_CGROUP_HUGETLB=y
|
||||||
CONFIG_CGROUP_MISC=y
|
CONFIG_CGROUP_MISC=y
|
||||||
|
@ -621,6 +621,7 @@ CONFIG_CGROUP_BPF=y
|
|||||||
CONFIG_CGROUP_CPUACCT=y
|
CONFIG_CGROUP_CPUACCT=y
|
||||||
CONFIG_CGROUP_DEBUG=y
|
CONFIG_CGROUP_DEBUG=y
|
||||||
CONFIG_CGROUP_DEVICE=y
|
CONFIG_CGROUP_DEVICE=y
|
||||||
|
# CONFIG_CGROUP_FAVOR_DYNMODS is not set
|
||||||
CONFIG_CGROUP_FREEZER=y
|
CONFIG_CGROUP_FREEZER=y
|
||||||
CONFIG_CGROUP_HUGETLB=y
|
CONFIG_CGROUP_HUGETLB=y
|
||||||
CONFIG_CGROUP_MISC=y
|
CONFIG_CGROUP_MISC=y
|
||||||
|
@ -621,6 +621,7 @@ CONFIG_CGROUP_BPF=y
|
|||||||
CONFIG_CGROUP_CPUACCT=y
|
CONFIG_CGROUP_CPUACCT=y
|
||||||
# CONFIG_CGROUP_DEBUG is not set
|
# CONFIG_CGROUP_DEBUG is not set
|
||||||
CONFIG_CGROUP_DEVICE=y
|
CONFIG_CGROUP_DEVICE=y
|
||||||
|
# CONFIG_CGROUP_FAVOR_DYNMODS is not set
|
||||||
CONFIG_CGROUP_FREEZER=y
|
CONFIG_CGROUP_FREEZER=y
|
||||||
CONFIG_CGROUP_HUGETLB=y
|
CONFIG_CGROUP_HUGETLB=y
|
||||||
CONFIG_CGROUP_MISC=y
|
CONFIG_CGROUP_MISC=y
|
||||||
|
@ -626,6 +626,7 @@ CONFIG_CGROUP_BPF=y
|
|||||||
CONFIG_CGROUP_CPUACCT=y
|
CONFIG_CGROUP_CPUACCT=y
|
||||||
# CONFIG_CGROUP_DEBUG is not set
|
# CONFIG_CGROUP_DEBUG is not set
|
||||||
CONFIG_CGROUP_DEVICE=y
|
CONFIG_CGROUP_DEVICE=y
|
||||||
|
# CONFIG_CGROUP_FAVOR_DYNMODS is not set
|
||||||
CONFIG_CGROUP_FREEZER=y
|
CONFIG_CGROUP_FREEZER=y
|
||||||
CONFIG_CGROUP_HUGETLB=y
|
CONFIG_CGROUP_HUGETLB=y
|
||||||
CONFIG_CGROUP_MISC=y
|
CONFIG_CGROUP_MISC=y
|
||||||
|
@ -650,6 +650,7 @@ CONFIG_CGROUP_BPF=y
|
|||||||
CONFIG_CGROUP_CPUACCT=y
|
CONFIG_CGROUP_CPUACCT=y
|
||||||
CONFIG_CGROUP_DEBUG=y
|
CONFIG_CGROUP_DEBUG=y
|
||||||
CONFIG_CGROUP_DEVICE=y
|
CONFIG_CGROUP_DEVICE=y
|
||||||
|
# CONFIG_CGROUP_FAVOR_DYNMODS is not set
|
||||||
CONFIG_CGROUP_FREEZER=y
|
CONFIG_CGROUP_FREEZER=y
|
||||||
CONFIG_CGROUP_HUGETLB=y
|
CONFIG_CGROUP_HUGETLB=y
|
||||||
CONFIG_CGROUP_MISC=y
|
CONFIG_CGROUP_MISC=y
|
||||||
|
@ -650,6 +650,7 @@ CONFIG_CGROUP_BPF=y
|
|||||||
CONFIG_CGROUP_CPUACCT=y
|
CONFIG_CGROUP_CPUACCT=y
|
||||||
# CONFIG_CGROUP_DEBUG is not set
|
# CONFIG_CGROUP_DEBUG is not set
|
||||||
CONFIG_CGROUP_DEVICE=y
|
CONFIG_CGROUP_DEVICE=y
|
||||||
|
# CONFIG_CGROUP_FAVOR_DYNMODS is not set
|
||||||
CONFIG_CGROUP_FREEZER=y
|
CONFIG_CGROUP_FREEZER=y
|
||||||
CONFIG_CGROUP_HUGETLB=y
|
CONFIG_CGROUP_HUGETLB=y
|
||||||
CONFIG_CGROUP_MISC=y
|
CONFIG_CGROUP_MISC=y
|
||||||
|
@ -663,6 +663,7 @@ CONFIG_CGROUP_BPF=y
|
|||||||
CONFIG_CGROUP_CPUACCT=y
|
CONFIG_CGROUP_CPUACCT=y
|
||||||
CONFIG_CGROUP_DEBUG=y
|
CONFIG_CGROUP_DEBUG=y
|
||||||
CONFIG_CGROUP_DEVICE=y
|
CONFIG_CGROUP_DEVICE=y
|
||||||
|
# CONFIG_CGROUP_FAVOR_DYNMODS is not set
|
||||||
CONFIG_CGROUP_FREEZER=y
|
CONFIG_CGROUP_FREEZER=y
|
||||||
CONFIG_CGROUP_HUGETLB=y
|
CONFIG_CGROUP_HUGETLB=y
|
||||||
CONFIG_CGROUP_MISC=y
|
CONFIG_CGROUP_MISC=y
|
||||||
|
@ -663,6 +663,7 @@ CONFIG_CGROUP_BPF=y
|
|||||||
CONFIG_CGROUP_CPUACCT=y
|
CONFIG_CGROUP_CPUACCT=y
|
||||||
# CONFIG_CGROUP_DEBUG is not set
|
# CONFIG_CGROUP_DEBUG is not set
|
||||||
CONFIG_CGROUP_DEVICE=y
|
CONFIG_CGROUP_DEVICE=y
|
||||||
|
# CONFIG_CGROUP_FAVOR_DYNMODS is not set
|
||||||
CONFIG_CGROUP_FREEZER=y
|
CONFIG_CGROUP_FREEZER=y
|
||||||
CONFIG_CGROUP_HUGETLB=y
|
CONFIG_CGROUP_HUGETLB=y
|
||||||
CONFIG_CGROUP_MISC=y
|
CONFIG_CGROUP_MISC=y
|
||||||
|
251
kernel.spec
251
kernel.spec
@ -165,15 +165,15 @@ Summary: The Linux kernel
|
|||||||
# define buildid .local
|
# define buildid .local
|
||||||
%define specversion 5.14.0
|
%define specversion 5.14.0
|
||||||
%define patchversion 5.14
|
%define patchversion 5.14
|
||||||
%define pkgrelease 397
|
%define pkgrelease 398
|
||||||
%define kversion 5
|
%define kversion 5
|
||||||
%define tarfile_release 5.14.0-397.el9
|
%define tarfile_release 5.14.0-398.el9
|
||||||
# This is needed to do merge window version magic
|
# This is needed to do merge window version magic
|
||||||
%define patchlevel 14
|
%define patchlevel 14
|
||||||
# This allows pkg_release to have configurable %%{?dist} tag
|
# This allows pkg_release to have configurable %%{?dist} tag
|
||||||
%define specrelease 397%{?buildid}%{?dist}
|
%define specrelease 398%{?buildid}%{?dist}
|
||||||
# This defines the kabi tarball version
|
# This defines the kabi tarball version
|
||||||
%define kabiversion 5.14.0-397.el9
|
%define kabiversion 5.14.0-398.el9
|
||||||
|
|
||||||
#
|
#
|
||||||
# End of genspec.sh variables
|
# End of genspec.sh variables
|
||||||
@ -3745,6 +3745,249 @@ fi
|
|||||||
#
|
#
|
||||||
#
|
#
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Dec 12 2023 Scott Weaver <scweaver@redhat.com> [5.14.0-398.el9]
|
||||||
|
- arch/x86: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- kvm: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- mm: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- PM / devfreq: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- init: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- fs/quota: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- fs/notify: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- fs/btrfs: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- drivers/net: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- drivers/md: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- drivers/hwtracing/stm: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- drivers/dax: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- tomoyo: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- PM: sleep: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- drivers/clk: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- fs/dlm: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- drivers/opp: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
|
||||||
|
- net/tls: do not free tls_rec on async operation in bpf_exec_tx_verdict() (Sabrina Dubroca) [RHEL-16719] {CVE-2023-6176}
|
||||||
|
- nfp: fix use-after-free in area_cache_get() (Ricardo Robaina) [RHEL-6566] {CVE-2022-3545}
|
||||||
|
- netfilter: nf_tables: split async and sync catchall in two functions (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: remove catchall element in GC sync path (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: expose opaque set element as struct nft_elem_priv (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: set backend .flush always succeeds (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nft_set_pipapo: no need to call pipapo_deactivate() from flush (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: work around newrule after chain binding (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: nft_set_rbtree: fix spurious insertion failure (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: fix memleak when more than 255 elements expired (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: disable toggling dormant table state more than once (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: disallow element removal on anonymous sets (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: disallow rule removal from chain binding (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: defer gc run if previous batch is still pending (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: fix out of memory error handling (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: use correct lock to protect gc_list (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: GC transaction race with abort path (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: flush pending destroy work before netlink notifier (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nft_dynset: disallow object maps (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: GC transaction race with netns dismantle (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: fix GC transaction races with netns and netlink event exit path (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: don't fail inserts if duplicate has expired (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: deactivate catchall elements in next generation (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: fix kdoc warnings after gc rework (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: fix false-positive lockdep splat (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: remove busy mark and gc batch API (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nft_set_hash: mark set element as dead when deleting from packet path (Florian Westphal) [RHEL-1720 RHEL-1721] {CVE-2023-4244}
|
||||||
|
- netfilter: nf_tables: adapt set backend to use GC transaction API (Florian Westphal) [RHEL-1720 RHEL-1721] {CVE-2023-4244}
|
||||||
|
- netfilter: nf_tables: skip immediate deactivate in _PREPARE_ERROR (Florian Westphal) [RHEL-1720 RHEL-1721] {CVE-2023-4244}
|
||||||
|
- netfilter: nft_set_rbtree: fix overlap expiration walk (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: GC transaction API to avoid race with control plane (Florian Westphal) [RHEL-1720 RHEL-1721] {CVE-2023-4244}
|
||||||
|
- netfilter: nf_tables: don't skip expired elements during walk (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: skip bound chain on rule flush (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: skip bound chain in netns release path (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: fix spurious set element insertion failure (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: report use refcount overflow (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: fix underflow in chain reference counter (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: disallow timeout for anonymous sets (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: disallow updates of anonymous sets (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: reject unbound chain set before commit phase (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: reject unbound anonymous set before commit phase (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: disallow element updates of bound anonymous sets (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: fix underflow in object reference counter (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: drop map element references from preparation phase (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: validate variable length element extension (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nft_set_pipapo: .walk does not deal with generations (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: relax set/map validation checks (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: integrate pipapo into commit protocol (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- netfilter: nf_tables: upfront validation of data via nft_data_init() (Florian Westphal) [RHEL-1720 RHEL-1721]
|
||||||
|
- cgroup: add cgroup_favordynmods= command-line option (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup/misc: Expose misc.current on cgroup v2 root (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup: remove obsolete comment on cgroup_on_dfl() (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup: remove unused task_cgroup_path() (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup/cpuset: remove unneeded header files (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup: make cgroup_is_threaded() and cgroup_is_thread_root() static (Waiman Long) [RHEL-16027]
|
||||||
|
- rdmacg: fix kernel-doc warnings in rdmacg (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup: Replace the css_set call with cgroup_get (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup: remove unused macro for_each_e_css() (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup: Update out-of-date comment in cgroup_migrate() (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup: Replace all non-returning strlcpy with strscpy (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup/cpuset: remove unneeded header files (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup: Do not corrupt task iteration when rebinding subsystem (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup: fix missing cpus_read_{lock,unlock}() in cgroup_transfer_tasks() (Waiman Long) [RHEL-16027]
|
||||||
|
- cpuset: Clean up cpuset_node_allowed (Waiman Long) [RHEL-16027]
|
||||||
|
- memcg: page_cgroup_ino() get memcg from the page's folio (Waiman Long) [RHEL-16027]
|
||||||
|
- memcg v1: provide read access to memory.pressure_level (Waiman Long) [RHEL-16027]
|
||||||
|
- mm, memcg: Prevent memory.soft_limit_in_bytes load/store tearing (Waiman Long) [RHEL-16027]
|
||||||
|
- mm, memcg: Prevent memory.oom_control load/store tearing (Waiman Long) [RHEL-16027]
|
||||||
|
- mm, memcg: Prevent memory.swappiness load/store tearing (Waiman Long) [RHEL-16027]
|
||||||
|
- mm, memcg: Prevent memory.oom.group load/store tearing (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup_get_from_fd(): switch to fdget_raw() (Waiman Long) [RHEL-16027]
|
||||||
|
- mm: memcg: add folio_memcg_check() (Waiman Long) [RHEL-16027]
|
||||||
|
- mm: memcg: fix NULL pointer in mem_cgroup_track_foreign_dirty_slowpath() (Waiman Long) [RHEL-16027]
|
||||||
|
- kernfs: Fix spurious lockdep warning in kernfs_find_and_get_node_by_id() (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup: Implement cgroup_file_show() (Waiman Long) [RHEL-16027]
|
||||||
|
- kernfs: Implement kernfs_show() (Waiman Long) [RHEL-16027]
|
||||||
|
- kernfs: Factor out kernfs_activate_one() (Waiman Long) [RHEL-16027]
|
||||||
|
- kernfs: Add KERNFS_REMOVING flags (Waiman Long) [RHEL-16027]
|
||||||
|
- kernfs: Improve kernfs_drain() and always call on removal (Waiman Long) [RHEL-16027]
|
||||||
|
- kernfs: Skip kernfs_drain_open_files() more aggressively (Waiman Long) [RHEL-16027]
|
||||||
|
- kernfs: Refactor kernfs_get_open_node() (Waiman Long) [RHEL-16027]
|
||||||
|
- kernfs: Drop unnecessary "mutex" local variable initialization (Waiman Long) [RHEL-16027]
|
||||||
|
- kernfs: Simply by replacing kernfs_deref_open_node() with of_on() (Waiman Long) [RHEL-16027]
|
||||||
|
- Revert "kernfs: Change kernfs_notify_list to llist." (Waiman Long) [RHEL-16027]
|
||||||
|
- kernfs: Replace global kernfs_open_file_mutex with hashed mutexes. (Waiman Long) [RHEL-16027]
|
||||||
|
- kernfs: Introduce interface to access global kernfs_open_file_mutex. (Waiman Long) [RHEL-16027]
|
||||||
|
- kernfs: Change kernfs_notify_list to llist. (Waiman Long) [RHEL-16027]
|
||||||
|
- kernfs: make ->attr.open RCU protected. (Waiman Long) [RHEL-16027]
|
||||||
|
- kernfs/file.c: remove redundant error return counter assignment (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup: remove "no" prefixed mount options (Waiman Long) [RHEL-16027]
|
||||||
|
- redhat/configs: Add CONFIG_CGROUP_FAVOR_DYNMODS=n (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup: Make !percpu threadgroup_rwsem operations optional (Waiman Long) [RHEL-16027]
|
||||||
|
- cgroup: Add "no" prefixed mount options (Waiman Long) [RHEL-16027]
|
||||||
|
- kernfs: Rename kernfs_put_open_node to kernfs_unlink_open_file. (Waiman Long) [RHEL-16027]
|
||||||
|
- kernfs: Remove reference counting for kernfs_open_node. (Waiman Long) [RHEL-16027]
|
||||||
|
- cpuset: Fix kernel-doc (Waiman Long) [RHEL-16027]
|
||||||
|
- rtnetlink: remove redundant checks for nlattr IFLA_BRIDGE_MODE (Michal Schmidt) [RHEL-18148]
|
||||||
|
- rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length (Michal Schmidt) [RHEL-18148]
|
||||||
|
- page_pool: split types and declarations from page_pool.h (Petr Oros) [RHEL-16983]
|
||||||
|
- docs: net: page_pool: use kdoc to avoid duplicating the information (Petr Oros) [RHEL-16983]
|
||||||
|
- docs: net: page_pool: document PP_FLAG_DMA_SYNC_DEV parameters (Petr Oros) [RHEL-16983]
|
||||||
|
- ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() (Guillaume Nault) [RHEL-14287]
|
||||||
|
- ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg (Guillaume Nault) [RHEL-14287]
|
||||||
|
- tracing/timerlat: Add user-space interface (Chris White) [RHEL-14932]
|
||||||
|
- tracing/osnoise: Skip running osnoise if all instances are off (Chris White) [RHEL-14932]
|
||||||
|
- tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable (Chris White) [RHEL-14932]
|
||||||
|
- ice: Fix VF Reset paths when interface in a failed over aggregate (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Fix VF-VF direction matching in drop rule in switchdev (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Fix VF-VF filter rules in switchdev mode (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Fix SRIOV LAG disable on non-compliant aggregate (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: lag: in RCU, use atomic allocation (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Fix safe mode when DDP is missing (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: reset first in crash dump kernels (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: fix over-shifted variable (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: block default rule setting on LAG interface (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: avoid executing commands on other ports when driving sync (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: fix receive buffer size miscalculation (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: split ice_aq_wait_for_event() func into two (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: embed &ice_rq_event_info event into struct ice_aq_task (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: ice_aq_check_events: fix off-by-one check when filling buffer (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: drop two params from ice_aq_alloc_free_res() (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: use list_for_each_entry() helper (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Remove redundant VSI configuration in eswitch setup (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: move E810T functions to before device agnostic ones (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: refactor ice_vsi_is_vlan_pruning_ena (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: refactor ice_ptp_hw to make functions static (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: refactor ice_sched to make functions static (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Utilize assign_bit() helper (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: refactor ice_vf_lib to make functions static (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: refactor ice_lib to make functions static (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: refactor ice_ddp to make functions static (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: remove unused methods (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Block switchdev mode when ADQ is active and vice versa (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: clean up __ice_aq_get_set_rss_lut() (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: add FW load wait (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Add get C827 PHY index function (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Rename enum ice_pkt_flags values (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Add direction metadata (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Accept LAG netdevs in bridge offloads (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Fix RDMA VSI removal during queue rebuild (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: update reset path for SRIOV LAG support (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: enforce no DCB config changing when in bond (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: enforce interface eligibility and add messaging for SRIOV LAG (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: support non-standard teardown of bond interface (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Flesh out implementation of support for SRIOV on bonded interface (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: process events created by lag netdev event handler (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: implement lag netdev event handler (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: changes to the interface with the HW and FW for SRIOV_VF+LAG (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Add driver support for firmware changes for LAG (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Correctly initialize queue context values (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Fix memory management in ice_ethtool_fdir.c (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: add tracepoints for the switchdev bridge (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: implement static version of ageing (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: implement bridge port vlan (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Add VLAN FDB support in switchdev mode (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Add guard rule when creating FDB in switchdev (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Switchdev FDB events support (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Implement basic eswitch bridge setup (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Unset src prune on uplink VSI (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Disable vlan pruning for uplink VSI (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Prohibit rx mode change in switchdev mode (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Skip adv rules removal upon switchdev release (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: xsk: Tx multi-buffer support (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: xsk: add RX multi-buffer support (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: remove unnecessary (void*) conversions (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Remove managed memory usage in ice_get_fw_log_cfg() (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: remove null checks before devm_kfree() calls (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: clean up freeing SR-IOV VFs (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: allow hot-swapping XDP programs (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: remove unnecessary check for old MAC == new MAC (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: do not re-enable miscellaneous interrupt until thread_fn completes (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: trigger PFINT_OICR_TSYN_TX interrupt instead of polling (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: introduce ICE_TX_TSTAMP_WORK enumeration (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: use src VSI instead of src MAC in slow-path (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: allow matching on meta data (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: specify field names in ice_prot_ext init (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: remove redundant Rx field from rule info (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: define meta data to match in switch (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: update PHY type to ethtool link mode mapping (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: refactor PHY type to ethtool link mode (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: update ICE_PHY_TYPE_HIGH_MAX_INDEX (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: add dynamic interrupt allocation (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: track interrupt vectors with xarray (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: add individual interrupt allocation (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: remove redundant SRIOV code (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: refactor VF control VSI interrupt handling (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: use preferred MSIX allocation api (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: use pci_irq_vector helper function (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: move interrupt related code to separate file (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: call ice_is_malicious_vf() from ice_vc_process_vf_msg() (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: move ice_is_malicious_vf() to ice_virtchnl.c (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: print message if ice_mbx_vf_state_handler returns an error (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: pass mbxdata to ice_is_malicious_vf() (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: remove unnecessary &array[0] and just use array (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: always report VF overflowing mailbox even without PF VSI (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: declare ice_vc_process_vf_msg in ice_virtchnl.h (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: initialize mailbox snapshot earlier in PF init (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: merge ice_mbx_report_malvf with ice_mbx_vf_state_handler (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: remove ice_mbx_deinit_snapshot (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: move VF overflow message count into struct ice_mbx_vf_info (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: track malicious VFs in new ice_mbx_vf_info structure (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: convert ice_mbx_clear_malvf to void and use WARN (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: re-order ice_mbx_reset_snapshot function (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: Remove unnecessary aer.h include (Petr Oros) [RHEL-15698]
|
||||||
|
- ice: update xdp_features with xdp multi-buff (Petr Oros) [RHEL-15698]
|
||||||
|
- fs/smb/client: Reset password pointer to NULL (Scott Mayhew) [RHEL-11805 RHEL-11809] {CVE-2023-5345}
|
||||||
|
- platform/x86/amd/hsmp: Fix iomem handling (David Arcari) [RHEL-16017]
|
||||||
|
- platform/x86/amd/hsmp: improve the error log (David Arcari) [RHEL-16017]
|
||||||
|
- platform/x86/amd/hsmp: add support for metrics tbl (David Arcari) [RHEL-16017]
|
||||||
|
- platform/x86/amd/hsmp: create plat specific struct (David Arcari) [RHEL-16017]
|
||||||
|
- x86/amd_nb: Use Family 19h Models 60h-7Fh Function 4 IDs (David Arcari) [RHEL-16017]
|
||||||
|
- x86/amd_nb: Add AMD Family MI300 PCI IDs (David Arcari) [RHEL-16017]
|
||||||
|
- x86/amd_nb: Add PCI IDs for AMD Family 1Ah-based models (David Arcari) [RHEL-16017]
|
||||||
|
- x86/amd_nb: Re-sort and re-indent PCI defines (David Arcari) [RHEL-16017]
|
||||||
|
- x86/amd_nb: Add MI200 PCI IDs (David Arcari) [RHEL-16017]
|
||||||
|
- docs: move x86 documentation into Documentation/arch/ (David Arcari) [RHEL-16017]
|
||||||
|
- platform/x86: amd: hsmp: Convert to platform remove callback returning void (David Arcari) [RHEL-16017]
|
||||||
|
- platform/x86: use PLATFORM_DEVID_NONE instead of -1 (David Arcari) [RHEL-16017]
|
||||||
|
- platform/x86: Move AMD platform drivers to separate directory (David Arcari) [RHEL-16017]
|
||||||
|
|
||||||
* Fri Dec 08 2023 Scott Weaver <scweaver@redhat.com> [5.14.0-397.el9]
|
* Fri Dec 08 2023 Scott Weaver <scweaver@redhat.com> [5.14.0-397.el9]
|
||||||
- SUNRPC/TLS: Lock the lower_xprt during the tls handshake (Jeffrey Layton) [RHEL-7936]
|
- SUNRPC/TLS: Lock the lower_xprt during the tls handshake (Jeffrey Layton) [RHEL-7936]
|
||||||
- Revert "SUNRPC dont update timeout value on connection reset" (Jeffrey Layton) [RHEL-7936]
|
- Revert "SUNRPC dont update timeout value on connection reset" (Jeffrey Layton) [RHEL-7936]
|
||||||
|
6
sources
6
sources
@ -1,3 +1,3 @@
|
|||||||
SHA512 (linux-5.14.0-397.el9.tar.xz) = 469f19bd8ff7a46aa579996b69db68857ad8af57dff26bab305369530d5b68722b8f1d43dec88e39b2ec0291a18d4dbfa828091303aa2ddb832783dbc363b251
|
SHA512 (linux-5.14.0-398.el9.tar.xz) = 4ad1804cc0178b6d9a0b5a89940ab7ec97d112903ab48adb32d1de8e133b7dbc625a04fea64c47684baf06ef156c5f283d8c4e1c70d8afc6afff73546a2bb0de
|
||||||
SHA512 (kernel-abi-stablelists-5.14.0-397.el9.tar.bz2) = c17b39a883a5b910c54342b70362e5fae52977f3758e8197aae627e1855ede82e980349c367291c73c0d2d27d7fa66b69341c147c5edc929c2a0dc284526969f
|
SHA512 (kernel-abi-stablelists-5.14.0-398.el9.tar.bz2) = 60a4342bd4773f5f60e43a83fdd8136f433167efd5771e2d348d1b3f69b8c9dfd16750297772391f22f1dc6e76fd98af25e24546ea95a2f176a9292baf105fc6
|
||||||
SHA512 (kernel-kabi-dw-5.14.0-397.el9.tar.bz2) = d83c4114aa0b40d12f9f7b02b744415a48fe4e94c81d13f13c6bc30cdd3d1cf2bdeeb0190182da53c9fd6bd8990a852d7f944744da3227804442048f39b715b2
|
SHA512 (kernel-kabi-dw-5.14.0-398.el9.tar.bz2) = 27b9c91c86b7e9585b931a57de23366d8857cc8c94ffb10b22373cc45bc15009ea1e5314e1587eb9afbc6c3ac23ddbbe038af2b997b2e146fdfd737c4b55d76e
|
||||||
|
Loading…
Reference in New Issue
Block a user