From 40560a510e1a46d640018d329f88f06cc755d0bb Mon Sep 17 00:00:00 2001 From: Patrick Talbert Date: Fri, 5 Aug 2022 14:26:57 +0000 Subject: [PATCH] kernel-5.14.0-143.el9 * Fri Aug 05 2022 Patrick Talbert [5.14.0-143.el9] - sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed (Waiman Long) [2104946] - intel_idle: Fix false positive RCU splats due to incorrect hardirqs state (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - tools headers cpufeatures: Sync with the kernel sources (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - um: Add missing apply_returns() (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - KVM: emulate: do not adjust size of fastop and setcc subroutines (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/kvm: fix FASTOP_SIZE when return thunks are enabled (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - efi/x86: use naked RET on mixed mode call wrapper (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/bugs: Remove apostrophe typo (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/bugs: Mark retbleed_strings static (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/static_call: Serialize __static_call_fixup() properly (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/speculation: Disable RRSBA behavior (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/kexec: Disable RET on kexec (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/bugs: Add Cannon lake to RETBleed affected CPU list (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - redhat/configs: Add new mitigation configs for RetBleed CVEs (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/retbleed: Add fine grained Kconfig knobs (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/cpu/amd: Enumerate BTC_NO (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/common: Stamp out the stepping madness (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - KVM: VMX: Prevent RSB underflow before vmenter (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/speculation: Fill RSB on vmexit for IBRS (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - KVM: VMX: Fix IBRS handling after vmexit (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - KVM: VMX: Convert launched argument to flags (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - KVM: VMX: Flatten __vmx_vcpu_run() (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - objtool: Re-add UNWIND_HINT_{SAVE_RESTORE} (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/speculation: Remove x86_spec_ctrl_mask (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/speculation: Fix SPEC_CTRL write on SMT state change (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/speculation: Fix firmware entry SPEC_CTRL handling (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/cpu/amd: Add Spectral Chicken (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/bugs: Do IBPB fallback check only once (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/bugs: Add retbleed=ibpb (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/xen: Add UNTRAIN_RET (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/xen: Rename SYS* entry points (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - objtool: Update Retpoline validation (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - intel_idle: Disable IBRS during long idle (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/bugs: Report Intel retbleed vulnerability (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/bugs: Optimize SPEC_CTRL MSR writes (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/entry: Add kernel IBRS implementation (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/bugs: Enable STIBP for JMP2RET (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/bugs: Add AMD retbleed= boot parameter (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/bugs: Report AMD retbleed vulnerability (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - objtool: skip non-text sections when adding return-thunk sites (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86: Add magic AMD return-thunk (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - objtool: Treat .text.__x86.* as noinstr (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/entry: Avoid very early RET (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86: Use return-thunk in asm code (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/sev: Avoid using __x86_return_thunk (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/vsyscall_emu/64: Don't use RET in vsyscall emulation (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/kvm: Fix SETcc emulation for return thunks (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/bpf: Use alternative RET encoding (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/ftrace: Use alternative RET encoding (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86,static_call: Use alternative RET encoding (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86,objtool: Create .return_sites (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86: Undo return-thunk damage (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/retpoline: Use -mfunction-return (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/retpoline: Swizzle retpoline thunk (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/retpoline: Cleanup some #ifdefery (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/cpufeatures: Move RETPOLINE flags to word 11 (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/kvm/vmx: Make noinstr clean (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} - x86/entry: Fix register corruption in compat syscall (Waiman Long) [2090231] - x86/entry: Remove skip_r11rcx (Waiman Long) [2090231] - x86/entry: Use PUSH_AND_CLEAR_REGS for compat (Waiman Long) [2090231] - x86/entry: Simplify entry_INT80_compat() (Waiman Long) [2090231] - x86/entry: Don't call error_entry() for XENPV (Waiman Long) [2090231] - x86/entry: Move CLD to the start of the idtentry macro (Waiman Long) [2090231] - x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry() (Waiman Long) [2090231] - x86/entry: Switch the stack after error_entry() returns (Waiman Long) [2090231] - x86/traps: Use pt_regs directly in fixup_bad_iret() (Waiman Long) [2090231] - x86/retpoline: Add ANNOTATE_NOENDBR for retpolines (Waiman Long) [2090231] - x86/static_call: Add ANNOTATE_NOENDBR to static call trampoline (Waiman Long) [2090231] - objtool: Fix SLS validation for kcov tail-call replacement (Waiman Long) [2090231] - x86,static_call: Fix __static_call_return0 for i386 (Waiman Long) [2090231] - crypto: x86/poly1305 - Fixup SLS (Waiman Long) [2090231] - kvm/emulate: Fix SETcc emulation for ENDBR (Waiman Long) [2090231] - x86/ibt: Annotate text references (Waiman Long) [2090231] - x86/alternative: Simplify int3_selftest_ip (Waiman Long) [2090231] - x86/ibt,kvm: Add ENDBR to fastops (Waiman Long) [2090231] - x86/ibt,entry: Sprinkle ENDBR dust (Waiman Long) [2090231] - x86/ibt,xen: Sprinkle the ENDBR (Waiman Long) [2090231] - x86/entry: Cleanup PARAVIRT (Waiman Long) [2090231] - x86/ibt: Add ANNOTATE_NOENDBR (Waiman Long) [2090231] - redhat/configs: Disable CONFIG_X86_KERNEL_IBT (Waiman Long) [2090231] - x86/ibt: Base IBT bits (Waiman Long) [2090231] - objtool,efi: Update __efi64_thunk annotation (Waiman Long) [2090231] - objtool: Fix truncated string warning (Waiman Long) [2090231] - redhat/configs: Disable CONFIG_SLS (Waiman Long) [2090231] - x86: Add straight-line-speculation mitigation (Waiman Long) [2090231] - x86/alternative: Relax text_poke_bp() constraint (Waiman Long) [2090231] - objtool: Add straight-line-speculation validation (Waiman Long) [2090231] - x86: Prepare inline-asm for straight-line-speculation (Waiman Long) [2090231] - x86: Prepare asm files for straight-line-speculation (Waiman Long) [2090231] - x86/mce: Reduce number of machine checks taken during recovery (Waiman Long) [2090231] - x86/lib/atomic64_386_32: Rename things (Waiman Long) [2090231] - x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds (Waiman Long) [2090231] - x86: Move RETPOLINE*_CFLAGS to arch Makefile (Waiman Long) [2090231] - x86/xen: Add xenpv_restore_regs_and_return_to_usermode() (Waiman Long) [2090231] - x86/entry: Use the correct fence macro after swapgs in kernel CR3 (Waiman Long) [2090231] - x86/entry: Add a fence for kernel entry SWAPGS in paranoid_entry() (Waiman Long) [2090231] - objtool: Fix pv_ops noinstr validation (Waiman Long) [2090231] - static_call,x86: Robustify trampoline patching (Waiman Long) [2090231] - x86/xen: switch initial pvops IRQ functions to dummy ones (Waiman Long) [2090231] - bpf,x86: Respect X86_FEATURE_RETPOLINE* (Waiman Long) [2090231] - x86/alternative: Add debug prints to apply_retpolines() (Waiman Long) [2090231] - x86/alternative: Try inline spectre_v2=retpoline,amd (Waiman Long) [2090231] - x86/alternative: Handle Jcc __x86_indirect_thunk_\reg (Waiman Long) [2090231] - x86/alternative: Implement .retpoline_sites support (Waiman Long) [2090231] - x86/retpoline: Create a retpoline thunk array (Waiman Long) [2090231] - x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h (Waiman Long) [2090231] - x86/asm: Fixup odd GEN-for-each-reg.h usage (Waiman Long) [2090231] - x86/asm: Fix register order (Waiman Long) [2090231] - x86/retpoline: Remove unused replacement symbols (Waiman Long) [2090231] - objtool,x86: Replace alternatives with .retpoline_sites (Waiman Long) [2090231] - objtool: Shrink struct instruction (Waiman Long) [2090231] - objtool: Explicitly avoid self modifying code in .altinstr_replacement (Waiman Long) [2090231] - objtool: Classify symbols (Waiman Long) [2090231] - objtool: Remove reloc symbol type checks in get_alt_entry() (Waiman Long) [2090231] - objtool: print out the symbol type when complaining about it (Waiman Long) [2090231] - objtool: Teach get_alt_entry() about more relocation types (Waiman Long) [2090231] - kbuild: reuse $(cmd_objtool) for cmd_cc_lto_link_modules (Waiman Long) [2090231] - kbuild: detect objtool update without using .SECONDEXPANSION (Waiman Long) [2090231] - kbuild: factor out OBJECT_FILES_NON_STANDARD check into a macro (Waiman Long) [2090231] - kbuild: store the objtool command in *.cmd files (Waiman Long) [2090231] - kbuild: rename __objtool_obj and reuse it for cmd_cc_lto_link_modules (Waiman Long) [2090231] - kbuild: move objtool_args back to scripts/Makefile.build (Waiman Long) [2090231] - x86/mce: Drop copyin special case for #MC (Waiman Long) [2090231] - objtool: Support pv_opsindirect calls for noinstr (Waiman Long) [2090231] - x86/xen: Rework the xen_{cpu,irq,mmu}_opsarrays (Waiman Long) [2090231] - objtool: Handle __sanitize_cov*() tail calls (Waiman Long) [2090231] - objtool: Introduce CFI hash (Waiman Long) [2090231] - kbuild: clean up objtool_args slightly (Waiman Long) [2090231] - kbuild: remove stale *.symversions (Waiman Long) [2090231] - kbuild: remove unused quiet_cmd_update_lto_symversions (Waiman Long) [2090231] - kbuild: Fix TRIM_UNUSED_KSYMS with LTO_CLANG (Waiman Long) [2090231] - Makefile: remove stale cc-option checks (Waiman Long) [2090231] - x86/build: Remove stale cc-option checks (Waiman Long) [2090231] - xen: assume XENFEAT_mmu_pt_update_preserve_ad being set for pv guests (Waiman Long) [2090231] - dmaengine: idxd: Fixup upstream merge conflict resolution (Jerry Snitselaar) [2100482] - dmaengine: idxd: skip clearing device context when device is read-only (Jerry Snitselaar) [2100482] - dmaengine: idxd: add RO check for wq max_transfer_size write (Jerry Snitselaar) [2100482] - dmaengine: idxd: add RO check for wq max_batch_size write (Jerry Snitselaar) [2100482] - dmaengine: idxd: fix device cleanup on disable (Jerry Snitselaar) [2100482] - Revert "dmaengine: idxd: Separate user and kernel pasid enabling" (Jerry Snitselaar) [2100482] Resolves: rhbz#2104946, rhbz#2090231, rhbz#2100482 Signed-off-by: Patrick Talbert --- Makefile.rhelver | 2 +- kernel-x86_64-debug-rhel.config | 7 ++ kernel-x86_64-rhel.config | 7 ++ kernel.spec | 163 +++++++++++++++++++++++++++++++- sources | 6 +- 5 files changed, 176 insertions(+), 9 deletions(-) diff --git a/Makefile.rhelver b/Makefile.rhelver index 1be7e51f8..4d54a79a4 100644 --- a/Makefile.rhelver +++ b/Makefile.rhelver @@ -12,7 +12,7 @@ RHEL_MINOR = 1 # # Use this spot to avoid future merge conflicts. # Do not trim this comment. -RHEL_RELEASE = 142 +RHEL_RELEASE = 143 # # ZSTREAM diff --git a/kernel-x86_64-debug-rhel.config b/kernel-x86_64-debug-rhel.config index c7359a0c3..a737deffd 100644 --- a/kernel-x86_64-debug-rhel.config +++ b/kernel-x86_64-debug-rhel.config @@ -757,6 +757,8 @@ CONFIG_CPU_FREQ_GOV_USERSPACE=y CONFIG_CPU_FREQ_STAT=y CONFIG_CPU_FREQ=y # CONFIG_CPU_HOTPLUG_STATE_CONTROL is not set +CONFIG_CPU_IBPB_ENTRY=y +CONFIG_CPU_IBRS_ENTRY=y CONFIG_CPU_IDLE_GOV_HALTPOLL=y # CONFIG_CPU_IDLE_GOV_LADDER is not set CONFIG_CPU_IDLE_GOV_MENU=y @@ -767,6 +769,7 @@ CONFIG_CPU_LITTLE_ENDIAN=y CONFIG_CPUMASK_OFFSTACK=y CONFIG_CPUSETS=y # CONFIG_CPU_THERMAL is not set +CONFIG_CPU_UNRET_ENTRY=y # CONFIG_CRAMFS is not set # CONFIG_CRAMFS_MTD is not set CONFIG_CRASH_DUMP=y @@ -4199,6 +4202,7 @@ CONFIG_RESET_CONTROLLER=y # CONFIG_RESET_QCOM_PDC is not set # CONFIG_RESET_TI_SYSCON is not set CONFIG_RESOURCE_KUNIT_TEST=m +CONFIG_RETHUNK=y CONFIG_RETPOLINE=y # CONFIG_RFD77402 is not set # CONFIG_RFD_FTL is not set @@ -4869,6 +4873,7 @@ CONFIG_SLIP_COMPRESSED=y CONFIG_SLIP=m # CONFIG_SLIP_MODE_SLIP6 is not set CONFIG_SLIP_SMART=y +# CONFIG_SLS is not set CONFIG_SLUB_CPU_PARTIAL=y # CONFIG_SLUB_DEBUG_ON is not set CONFIG_SLUB_DEBUG=y @@ -5333,6 +5338,7 @@ CONFIG_SP5100_TCO=m CONFIG_SPARSE_IRQ=y CONFIG_SPARSEMEM_MANUAL=y CONFIG_SPARSEMEM_VMEMMAP=y +CONFIG_SPECULATION_MITIGATIONS=y # CONFIG_SPI_ALTERA is not set CONFIG_SPI_AMD=y # CONFIG_SPI_AXI_SPI_ENGINE is not set @@ -6352,6 +6358,7 @@ CONFIG_X86_INTEL_PSTATE=y CONFIG_X86_INTEL_TSX_MODE_OFF=y # CONFIG_X86_INTEL_TSX_MODE_ON is not set CONFIG_X86_IOPL_IOPERM=y +# CONFIG_X86_KERNEL_IBT is not set CONFIG_X86_MCE_AMD=y CONFIG_X86_MCE_INJECT=m CONFIG_X86_MCE_INTEL=y diff --git a/kernel-x86_64-rhel.config b/kernel-x86_64-rhel.config index ec6aead8a..f4c7f4999 100644 --- a/kernel-x86_64-rhel.config +++ b/kernel-x86_64-rhel.config @@ -757,6 +757,8 @@ CONFIG_CPU_FREQ_GOV_USERSPACE=y CONFIG_CPU_FREQ_STAT=y CONFIG_CPU_FREQ=y # CONFIG_CPU_HOTPLUG_STATE_CONTROL is not set +CONFIG_CPU_IBPB_ENTRY=y +CONFIG_CPU_IBRS_ENTRY=y CONFIG_CPU_IDLE_GOV_HALTPOLL=y # CONFIG_CPU_IDLE_GOV_LADDER is not set CONFIG_CPU_IDLE_GOV_MENU=y @@ -767,6 +769,7 @@ CONFIG_CPU_LITTLE_ENDIAN=y CONFIG_CPUMASK_OFFSTACK=y CONFIG_CPUSETS=y # CONFIG_CPU_THERMAL is not set +CONFIG_CPU_UNRET_ENTRY=y # CONFIG_CRAMFS is not set # CONFIG_CRAMFS_MTD is not set CONFIG_CRASH_DUMP=y @@ -4178,6 +4181,7 @@ CONFIG_RESET_CONTROLLER=y # CONFIG_RESET_QCOM_PDC is not set # CONFIG_RESET_TI_SYSCON is not set CONFIG_RESOURCE_KUNIT_TEST=m +CONFIG_RETHUNK=y CONFIG_RETPOLINE=y # CONFIG_RFD77402 is not set # CONFIG_RFD_FTL is not set @@ -4848,6 +4852,7 @@ CONFIG_SLIP_COMPRESSED=y CONFIG_SLIP=m # CONFIG_SLIP_MODE_SLIP6 is not set CONFIG_SLIP_SMART=y +# CONFIG_SLS is not set CONFIG_SLUB_CPU_PARTIAL=y # CONFIG_SLUB_DEBUG_ON is not set CONFIG_SLUB_DEBUG=y @@ -5310,6 +5315,7 @@ CONFIG_SP5100_TCO=m CONFIG_SPARSE_IRQ=y CONFIG_SPARSEMEM_MANUAL=y CONFIG_SPARSEMEM_VMEMMAP=y +CONFIG_SPECULATION_MITIGATIONS=y # CONFIG_SPI_ALTERA is not set CONFIG_SPI_AMD=y # CONFIG_SPI_AXI_SPI_ENGINE is not set @@ -6329,6 +6335,7 @@ CONFIG_X86_INTEL_PSTATE=y CONFIG_X86_INTEL_TSX_MODE_OFF=y # CONFIG_X86_INTEL_TSX_MODE_ON is not set CONFIG_X86_IOPL_IOPERM=y +# CONFIG_X86_KERNEL_IBT is not set CONFIG_X86_MCE_AMD=y CONFIG_X86_MCE_INJECT=m CONFIG_X86_MCE_INTEL=y diff --git a/kernel.spec b/kernel.spec index c6c6df8a6..2f39c1277 100755 --- a/kernel.spec +++ b/kernel.spec @@ -121,13 +121,13 @@ Summary: The Linux kernel %define kversion 5.14 %define rpmversion 5.14.0 -%define pkgrelease 142.el9 +%define pkgrelease 143.el9 # This is needed to do merge window version magic %define patchlevel 14 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 142%{?buildid}%{?dist} +%define specrelease 143%{?buildid}%{?dist} %define pkg_release %{specrelease} @@ -679,7 +679,7 @@ BuildRequires: lld # exact git commit you can run # # xzcat -qq ${TARBALL} | git get-tar-commit-id -Source0: linux-5.14.0-142.el9.tar.xz +Source0: linux-5.14.0-143.el9.tar.xz Source1: Makefile.rhelver @@ -1351,8 +1351,8 @@ ApplyOptionalPatch() fi } -%setup -q -n kernel-5.14.0-142.el9 -c -mv linux-5.14.0-142.el9 linux-%{KVERREL} +%setup -q -n kernel-5.14.0-143.el9 -c +mv linux-5.14.0-143.el9 linux-%{KVERREL} cd linux-%{KVERREL} cp -a %{SOURCE1} . @@ -3018,6 +3018,159 @@ fi # # %changelog +* Fri Aug 05 2022 Patrick Talbert [5.14.0-143.el9] +- sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed (Waiman Long) [2104946] +- intel_idle: Fix false positive RCU splats due to incorrect hardirqs state (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- tools headers cpufeatures: Sync with the kernel sources (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- um: Add missing apply_returns() (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- KVM: emulate: do not adjust size of fastop and setcc subroutines (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/kvm: fix FASTOP_SIZE when return thunks are enabled (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- efi/x86: use naked RET on mixed mode call wrapper (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/bugs: Remove apostrophe typo (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/bugs: Mark retbleed_strings static (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/static_call: Serialize __static_call_fixup() properly (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/speculation: Disable RRSBA behavior (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/kexec: Disable RET on kexec (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/bugs: Add Cannon lake to RETBleed affected CPU list (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- redhat/configs: Add new mitigation configs for RetBleed CVEs (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/retbleed: Add fine grained Kconfig knobs (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/cpu/amd: Enumerate BTC_NO (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/common: Stamp out the stepping madness (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- KVM: VMX: Prevent RSB underflow before vmenter (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/speculation: Fill RSB on vmexit for IBRS (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- KVM: VMX: Fix IBRS handling after vmexit (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- KVM: VMX: Convert launched argument to flags (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- KVM: VMX: Flatten __vmx_vcpu_run() (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- objtool: Re-add UNWIND_HINT_{SAVE_RESTORE} (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/speculation: Remove x86_spec_ctrl_mask (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/speculation: Fix SPEC_CTRL write on SMT state change (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/speculation: Fix firmware entry SPEC_CTRL handling (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/cpu/amd: Add Spectral Chicken (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/bugs: Do IBPB fallback check only once (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/bugs: Add retbleed=ibpb (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/xen: Add UNTRAIN_RET (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/xen: Rename SYS* entry points (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- objtool: Update Retpoline validation (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- intel_idle: Disable IBRS during long idle (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/bugs: Report Intel retbleed vulnerability (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/bugs: Optimize SPEC_CTRL MSR writes (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/entry: Add kernel IBRS implementation (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/bugs: Enable STIBP for JMP2RET (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/bugs: Add AMD retbleed= boot parameter (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/bugs: Report AMD retbleed vulnerability (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- objtool: skip non-text sections when adding return-thunk sites (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86: Add magic AMD return-thunk (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- objtool: Treat .text.__x86.* as noinstr (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/entry: Avoid very early RET (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86: Use return-thunk in asm code (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/sev: Avoid using __x86_return_thunk (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/vsyscall_emu/64: Don't use RET in vsyscall emulation (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/kvm: Fix SETcc emulation for return thunks (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/bpf: Use alternative RET encoding (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/ftrace: Use alternative RET encoding (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86,static_call: Use alternative RET encoding (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86,objtool: Create .return_sites (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86: Undo return-thunk damage (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/retpoline: Use -mfunction-return (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/retpoline: Swizzle retpoline thunk (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/retpoline: Cleanup some #ifdefery (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/cpufeatures: Move RETPOLINE flags to word 11 (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/kvm/vmx: Make noinstr clean (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901} +- x86/entry: Fix register corruption in compat syscall (Waiman Long) [2090231] +- x86/entry: Remove skip_r11rcx (Waiman Long) [2090231] +- x86/entry: Use PUSH_AND_CLEAR_REGS for compat (Waiman Long) [2090231] +- x86/entry: Simplify entry_INT80_compat() (Waiman Long) [2090231] +- x86/entry: Don't call error_entry() for XENPV (Waiman Long) [2090231] +- x86/entry: Move CLD to the start of the idtentry macro (Waiman Long) [2090231] +- x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry() (Waiman Long) [2090231] +- x86/entry: Switch the stack after error_entry() returns (Waiman Long) [2090231] +- x86/traps: Use pt_regs directly in fixup_bad_iret() (Waiman Long) [2090231] +- x86/retpoline: Add ANNOTATE_NOENDBR for retpolines (Waiman Long) [2090231] +- x86/static_call: Add ANNOTATE_NOENDBR to static call trampoline (Waiman Long) [2090231] +- objtool: Fix SLS validation for kcov tail-call replacement (Waiman Long) [2090231] +- x86,static_call: Fix __static_call_return0 for i386 (Waiman Long) [2090231] +- crypto: x86/poly1305 - Fixup SLS (Waiman Long) [2090231] +- kvm/emulate: Fix SETcc emulation for ENDBR (Waiman Long) [2090231] +- x86/ibt: Annotate text references (Waiman Long) [2090231] +- x86/alternative: Simplify int3_selftest_ip (Waiman Long) [2090231] +- x86/ibt,kvm: Add ENDBR to fastops (Waiman Long) [2090231] +- x86/ibt,entry: Sprinkle ENDBR dust (Waiman Long) [2090231] +- x86/ibt,xen: Sprinkle the ENDBR (Waiman Long) [2090231] +- x86/entry: Cleanup PARAVIRT (Waiman Long) [2090231] +- x86/ibt: Add ANNOTATE_NOENDBR (Waiman Long) [2090231] +- redhat/configs: Disable CONFIG_X86_KERNEL_IBT (Waiman Long) [2090231] +- x86/ibt: Base IBT bits (Waiman Long) [2090231] +- objtool,efi: Update __efi64_thunk annotation (Waiman Long) [2090231] +- objtool: Fix truncated string warning (Waiman Long) [2090231] +- redhat/configs: Disable CONFIG_SLS (Waiman Long) [2090231] +- x86: Add straight-line-speculation mitigation (Waiman Long) [2090231] +- x86/alternative: Relax text_poke_bp() constraint (Waiman Long) [2090231] +- objtool: Add straight-line-speculation validation (Waiman Long) [2090231] +- x86: Prepare inline-asm for straight-line-speculation (Waiman Long) [2090231] +- x86: Prepare asm files for straight-line-speculation (Waiman Long) [2090231] +- x86/mce: Reduce number of machine checks taken during recovery (Waiman Long) [2090231] +- x86/lib/atomic64_386_32: Rename things (Waiman Long) [2090231] +- x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds (Waiman Long) [2090231] +- x86: Move RETPOLINE*_CFLAGS to arch Makefile (Waiman Long) [2090231] +- x86/xen: Add xenpv_restore_regs_and_return_to_usermode() (Waiman Long) [2090231] +- x86/entry: Use the correct fence macro after swapgs in kernel CR3 (Waiman Long) [2090231] +- x86/entry: Add a fence for kernel entry SWAPGS in paranoid_entry() (Waiman Long) [2090231] +- objtool: Fix pv_ops noinstr validation (Waiman Long) [2090231] +- static_call,x86: Robustify trampoline patching (Waiman Long) [2090231] +- x86/xen: switch initial pvops IRQ functions to dummy ones (Waiman Long) [2090231] +- bpf,x86: Respect X86_FEATURE_RETPOLINE* (Waiman Long) [2090231] +- x86/alternative: Add debug prints to apply_retpolines() (Waiman Long) [2090231] +- x86/alternative: Try inline spectre_v2=retpoline,amd (Waiman Long) [2090231] +- x86/alternative: Handle Jcc __x86_indirect_thunk_\reg (Waiman Long) [2090231] +- x86/alternative: Implement .retpoline_sites support (Waiman Long) [2090231] +- x86/retpoline: Create a retpoline thunk array (Waiman Long) [2090231] +- x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h (Waiman Long) [2090231] +- x86/asm: Fixup odd GEN-for-each-reg.h usage (Waiman Long) [2090231] +- x86/asm: Fix register order (Waiman Long) [2090231] +- x86/retpoline: Remove unused replacement symbols (Waiman Long) [2090231] +- objtool,x86: Replace alternatives with .retpoline_sites (Waiman Long) [2090231] +- objtool: Shrink struct instruction (Waiman Long) [2090231] +- objtool: Explicitly avoid self modifying code in .altinstr_replacement (Waiman Long) [2090231] +- objtool: Classify symbols (Waiman Long) [2090231] +- objtool: Remove reloc symbol type checks in get_alt_entry() (Waiman Long) [2090231] +- objtool: print out the symbol type when complaining about it (Waiman Long) [2090231] +- objtool: Teach get_alt_entry() about more relocation types (Waiman Long) [2090231] +- kbuild: reuse $(cmd_objtool) for cmd_cc_lto_link_modules (Waiman Long) [2090231] +- kbuild: detect objtool update without using .SECONDEXPANSION (Waiman Long) [2090231] +- kbuild: factor out OBJECT_FILES_NON_STANDARD check into a macro (Waiman Long) [2090231] +- kbuild: store the objtool command in *.cmd files (Waiman Long) [2090231] +- kbuild: rename __objtool_obj and reuse it for cmd_cc_lto_link_modules (Waiman Long) [2090231] +- kbuild: move objtool_args back to scripts/Makefile.build (Waiman Long) [2090231] +- x86/mce: Drop copyin special case for #MC (Waiman Long) [2090231] +- objtool: Support pv_opsindirect calls for noinstr (Waiman Long) [2090231] +- x86/xen: Rework the xen_{cpu,irq,mmu}_opsarrays (Waiman Long) [2090231] +- objtool: Handle __sanitize_cov*() tail calls (Waiman Long) [2090231] +- objtool: Introduce CFI hash (Waiman Long) [2090231] +- kbuild: clean up objtool_args slightly (Waiman Long) [2090231] +- kbuild: remove stale *.symversions (Waiman Long) [2090231] +- kbuild: remove unused quiet_cmd_update_lto_symversions (Waiman Long) [2090231] +- kbuild: Fix TRIM_UNUSED_KSYMS with LTO_CLANG (Waiman Long) [2090231] +- Makefile: remove stale cc-option checks (Waiman Long) [2090231] +- x86/build: Remove stale cc-option checks (Waiman Long) [2090231] +- xen: assume XENFEAT_mmu_pt_update_preserve_ad being set for pv guests (Waiman Long) [2090231] +- dmaengine: idxd: Fixup upstream merge conflict resolution (Jerry Snitselaar) [2100482] +- dmaengine: idxd: skip clearing device context when device is read-only (Jerry Snitselaar) [2100482] +- dmaengine: idxd: add RO check for wq max_transfer_size write (Jerry Snitselaar) [2100482] +- dmaengine: idxd: add RO check for wq max_batch_size write (Jerry Snitselaar) [2100482] +- dmaengine: idxd: fix device cleanup on disable (Jerry Snitselaar) [2100482] +- Revert "dmaengine: idxd: Separate user and kernel pasid enabling" (Jerry Snitselaar) [2100482] + * Thu Aug 04 2022 Patrick Talbert [5.14.0-142.el9] - sit: do not call ipip6_dev_free() from sit_init_net() (Hangbin Liu) [2089080] - net: ping6: Fix memleak in ipv6_renew_options(). (Ivan Vecera) [2112338] diff --git a/sources b/sources index 3c1355361..1d3bf5edc 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-5.14.0-142.el9.tar.xz) = b69e34fe3aad0843bc532a2dc388ac8f8cc8fe10c3ae47749bbafd873edfe43f47b33fc9f29300250b53b050c910f0f698548be0a88a042ab506a54eb49dd17a -SHA512 (kernel-abi-stablelists-5.14.0-142.el9.tar.bz2) = f9833ed3729c4ee3fb94be7e287d2ee6906ba6ab7400d330ec5585106f873225379265eaaf9817be651c5eb3d22876849eeb04f473845b4bb932e87f3a2a79a5 -SHA512 (kernel-kabi-dw-5.14.0-142.el9.tar.bz2) = b07e3d6617cc434bf03eb165691b8b64418260e0a97bf3da3959aa03d142ff345c94b4a0f0856246d2b2c6a6a713fd6495e9f2cb73244cf4cfc5a4b7525e7674 +SHA512 (linux-5.14.0-143.el9.tar.xz) = f2ec32412c80e509e8192ccc866e4b9ece43a948609f854700ae3b4d57fcc6e4aac39e2656d28dede0da90ab21ccebd9b4f94480bde2ecfdb61caaaeb8c7c559 +SHA512 (kernel-abi-stablelists-5.14.0-143.el9.tar.bz2) = 0e7685ff0db53a448b3d85cbea8e8e6113577c4df8cdddb7dd6b4591a56fb6c1d39a22b9f2f7d56af6c500108a32195bbd088f66794a1f775113969f06ad34de +SHA512 (kernel-kabi-dw-5.14.0-143.el9.tar.bz2) = b07e3d6617cc434bf03eb165691b8b64418260e0a97bf3da3959aa03d142ff345c94b4a0f0856246d2b2c6a6a713fd6495e9f2cb73244cf4cfc5a4b7525e7674