kernel-5.14.0-591.el9

* Tue Jun 03 2025 Jan Stancek <jstancek@redhat.com> [5.14.0-591.el9] - uki_addons: add 'fedora' SBAT suffix for UKI addons (Li Tian) [RHEL-93399] - Subject: net/smc: check return value of sock_recvmsg when draining clc data (Mete Durlu) [RHEL-73484] {CVE-2024-57791} - net/smc: check smcd_v2_ext_offset when receiving proposal msg (Mete Durlu) [RHEL-73484] {CVE-2024-57791} - net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (Mete Durlu) [RHEL-73484] {CVE-2024-57791} - net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (Mete Durlu) [RHEL-73484] {CVE-2024-57791} - net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll (Mete Durlu) [RHEL-73484] {CVE-2024-57791} - net/smc: protect link down work from execute after lgr freed (Mete Durlu) [RHEL-73484] {CVE-2024-57791} - net/smc: Introduce IPPROTO_SMC (Mete Durlu) [RHEL-73484] - net/smc: expose smc proto operations (Mete Durlu) [RHEL-73484] - net/smc: refactoring initialization of smc sock (Mete Durlu) [RHEL-73484] - net/smc: change SMCR_RMBE_SIZES from 5 to 15 (Mete Durlu) [RHEL-73484] - net/smc: set rmb's SG_MAX_SINGLE_ALLOC limitation only when CONFIG_ARCH_NO_SG_CHAIN is defined (Mete Durlu) [RHEL-73484] - net/smc: implement DMB-merged operations of loopback-ism (Mete Durlu) [RHEL-73484] - net/smc: adapt cursor update when sndbuf and peer DMB are merged (Mete Durlu) [RHEL-73484] - net/smc: add operations to merge sndbuf with peer DMB (Mete Durlu) [RHEL-73484] - net/smc: register loopback-ism into SMC-D device list (Mete Durlu) [RHEL-73484] - net/smc: ignore loopback-ism when dumping SMC-D devices (Mete Durlu) [RHEL-73484] - net/smc: mark optional smcd_ops and check for support when called (Mete Durlu) [RHEL-73484] - net/smc: implement DMB-related operations of loopback-ism (Mete Durlu) [RHEL-73484] - net/smc: implement ID-related operations of loopback-ism (Mete Durlu) [RHEL-73484] - redhat/configs: Add SMC_LO config option (Mete Durlu) [RHEL-73484] - net/smc: introduce loopback-ism for SMC intra-OS shortcut (Mete Durlu) [RHEL-73484] - net/smc: decouple ism_client from SMC-D DMB registration (Mete Durlu) [RHEL-73484] - net/smc: Avoid -Wflex-array-member-not-at-end warnings (Mete Durlu) [RHEL-73484] - net/smc: make smc_hash_sk/smc_unhash_sk static (Mete Durlu) [RHEL-73484] - net/smc: change the term virtual ISM to Emulated-ISM (Mete Durlu) [RHEL-73484] - net/smc: fix incorrect SMC-D link group matching logic (Mete Durlu) [RHEL-73484] - net/smc: fix invalid link access in dumping SMC-R connections (Mete Durlu) [RHEL-73484] - net/smc: manage system EID in SMC stack instead of ISM driver (Mete Durlu) [RHEL-73484] - net/smc: disable SEID on non-s390 archs where virtual ISM may be used (Mete Durlu) [RHEL-73484] - net/smc: support extended GID in SMC-D lgr netlink attribute (Mete Durlu) [RHEL-73484] - net/smc: compatible with 128-bits extended GID of virtual ISM device (Mete Durlu) [RHEL-73484] - net/smc: define a reserved CHID range for virtual ISM devices (Mete Durlu) [RHEL-73484] - net/smc: introduce virtual ISM device support feature (Mete Durlu) [RHEL-73484] - net/smc: support SMCv2.x supplemental features negotiation (Mete Durlu) [RHEL-73484] - net/smc: unify the structs of accept or confirm message for v1 and v2 (Mete Durlu) [RHEL-73484] - net/smc: introduce sub-functions for smc_clc_send_confirm_accept() (Mete Durlu) [RHEL-73484] - net/smc: rename some 'fce' to 'fce_v2x' for clarity (Mete Durlu) [RHEL-73484] - net/smc: fix missing byte order conversion in CLC handshake (Mete Durlu) [RHEL-73484] - net/smc: remove unneeded atomic operations in smc_tx_sndbuf_nonempty (Mete Durlu) [RHEL-73484] - net/smc: add sysctl for max conns per lgr for SMC-R v2.1 (Mete Durlu) [RHEL-73484] - net/smc: add sysctl for max links per lgr for SMC-R v2.1 (Mete Durlu) [RHEL-73484] - net/smc: put sk reference if close work was canceled (Mete Durlu) [RHEL-73484] - net/smc: allow cdc msg send rather than drop it with NULL sndbuf_desc (Mete Durlu) [RHEL-73484] - net/smc: fix dangling sock under state SMC_APPFINCLOSEWAIT (Mete Durlu) [RHEL-73484] - net/smc: return the right falback reason when prefix checks fail (Mete Durlu) [RHEL-73484] - net/smc: fix smc clc failed issue when netdevice not in init_net (Mete Durlu) [RHEL-73484] - net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add (Mete Durlu) [RHEL-73484] - net/smc: bugfix for smcr v2 server connect success statistic (Mete Durlu) [RHEL-73484] - net/smc: Extend SMCR v2 linkgroup netlink attribute (Mete Durlu) [RHEL-73484] - net/smc: support max links per lgr negotiation in clc handshake (Mete Durlu) [RHEL-73484] - net/smc: support max connections per lgr negotiation (Mete Durlu) [RHEL-73484] - net/smc: support smc v2.x features validate (Mete Durlu) [RHEL-73484] - net/smc: add vendor unique experimental options area in clc handshake (Mete Durlu) [RHEL-73484] - net/smc: support smc release version negotiation in clc handshake (Mete Durlu) [RHEL-73484] - net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT (Mete Durlu) [RHEL-73484] - net/smc: Don't use RMBs not mapped to new link in SMCRv2 ADD LINK (Mete Durlu) [RHEL-73484] - net/smc: Scan from current RMB list when no position specified (Mete Durlu) [RHEL-73484] - net/smc: Reset connection when trying to use SMCRv2 fails. (Mete Durlu) [RHEL-73484] - smc: Fix use-after-free in tcp_write_timer_handler(). (Mete Durlu) [RHEL-73484] - smc: preserve const qualifier in smc_sk() (Mete Durlu) [RHEL-73484] - net/smc: Use percpu ref for wr tx reference (Mete Durlu) [RHEL-73484] - net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link() (Mete Durlu) [RHEL-73484] - vlan: enforce underlying device type (Guillaume Nault) [RHEL-87883] {CVE-2025-21920} - dm: fix copying after src array boundaries (Benjamin Marzinski) [RHEL-92761] - dm: add missing unlock on in dm_keyslot_evict() (Benjamin Marzinski) [RHEL-92761] - dm: always update the array size in realloc_argv on success (Benjamin Marzinski) [RHEL-92761] - dm-integrity: fix a warning on invalid table line (Benjamin Marzinski) [RHEL-92761] - dm-bufio: don't schedule in atomic context (Benjamin Marzinski) [RHEL-92761] - dm-ebs: fix prefetch-vs-suspend race (Benjamin Marzinski) [RHEL-92761] - dm-verity: fix prefetch-vs-suspend race (Benjamin Marzinski) [RHEL-92761] - dm-integrity: fix non-constant-time tag verification (Benjamin Marzinski) [RHEL-92761] - dm cache: support shrinking the origin device (Benjamin Marzinski) [RHEL-56106] - dm cache: prevent BUG_ON by blocking retries on failed device resumes (Benjamin Marzinski) [RHEL-56106] - dm: fix unconditional IO throttle caused by REQ_PREFLUSH (Benjamin Marzinski) [RHEL-92761] - dm-integrity: set ti->error on memory allocation failure (Benjamin Marzinski) [RHEL-92761] - NFSv4: Don't check for OPEN feature support in v4.1 (Scott Mayhew) [RHEL-83435] - MAINTAINERS: Update maintainers for crypto/marvell (Vladis Dronov) [RHEL-74335] - crypto: octeontx2 - suppress auth failure screaming due to negative tests (Vladis Dronov) [RHEL-74335] - crypto: octeontx2 - Remove unused otx2_cpt_print_uc_dbg_info (Vladis Dronov) [RHEL-74335] - crypto: drivers - Use str_enable_disable-like helpers [partial] (Vladis Dronov) [RHEL-74335] - crypto: marvell - replace deprecated PCI functions (Vladis Dronov) [RHEL-74335] - PCI: Make pcim_request_all_regions() a public function (Vladis Dronov) [RHEL-74335] - crypto: octeontx* - Select CRYPTO_AUTHENC [partial] (Vladis Dronov) [RHEL-74335] - crypto: octeontx2 - select CONFIG_NET_DEVLINK (Vladis Dronov) [RHEL-74335] - crypto: octeontx2 - Fix authenc setkey (Vladis Dronov) [RHEL-74335] - crypto: octeontx2 - Remove custom swap functions in favor of built-in sort swap (Vladis Dronov) [RHEL-74335] - crypto: octeontx2 - update CPT inbound inline IPsec mailbox (Vladis Dronov) [RHEL-74335] - selftests: net: fdb_notify: Add a test for FDB notifications (Ivan Vecera) [RHEL-78780] - selftests: net: lib: Add kill_process (Ivan Vecera) [RHEL-78780] - selftests: net: lib: Move checks from forwarding/lib.sh here (Ivan Vecera) [RHEL-78780] - selftests: net: lib: Move tests_run from forwarding/lib.sh here (Ivan Vecera) [RHEL-78780] - selftests: net: lib: Move logging from forwarding/lib.sh here (Ivan Vecera) [RHEL-78780] - selftests: net: include lib/sh/*.sh with lib.sh (Ivan Vecera) [RHEL-78780] - selftests: mptcp: include net_helper.sh file (Ivan Vecera) [RHEL-78780] - selftests: mptcp: include lib.sh file (Ivan Vecera) [RHEL-78780] - selftests: forwarding: lib: Allow passing PID to stop_traffic() (Ivan Vecera) [RHEL-78780] - selftests: forwarding: Add a fallback cleanup() (Ivan Vecera) [RHEL-78780] - selftests: net: lib: Introduce deferred commands (Ivan Vecera) [RHEL-78780] - selftests: forwarding: Convert log_test() to recognize RET values (Ivan Vecera) [RHEL-78780] - ndo_fdb_del: Add a parameter to report whether notification was sent (Izabela Bakollari) [RHEL-78780] - ndo_fdb_add: Add a parameter to report whether notification was sent (Izabela Bakollari) [RHEL-78780] - bonding: assign random address if device address is same as bond (Hangbin Liu) [RHEL-93062] - ice: Fix deinitializing VF in error path (Petr Oros) [RHEL-87626] {CVE-2025-21883} - ice: add E830 HW VF mailbox message limit support (Petr Oros) [RHEL-87626] - perf test stat_all_pmu.sh: Correctly check 'perf stat' result (Michael Petlan) [RHEL-81954] - perf test: Extra verbosity and hypervisor skip for tpebs test (Michael Petlan) [RHEL-81954] - perf test: Tag parallel failing shell tests with "(exclusive)" (Michael Petlan) [RHEL-81954] - perf test: Ignore security failures in all PMU test (Michael Petlan) [RHEL-81954] Resolves: RHEL-56106, RHEL-73484, RHEL-74335, RHEL-78780, RHEL-81954, RHEL-83435, RHEL-87626, RHEL-87883, RHEL-92761, RHEL-93062, RHEL-93399 Signed-off-by: Jan Stancek <jstancek@redhat.com>
2025-06-04 00:22:52 +02:00 · 2025-06-04 00:22:52 +02:00 · 4d89cdca16
commit 4d89cdca16
parent 9b5671a541
7 changed files with 238 additions and 8 deletions
--- a/Makefile.rhelver
+++ b/Makefile.rhelver
@ -12,7 +12,7 @@ RHEL_MINOR = 7
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 590
+RHEL_RELEASE = 591

 #
 # ZSTREAM
--- a/kernel-s390x-debug-rhel.config
+++ b/kernel-s390x-debug-rhel.config
@ -5104,6 +5104,7 @@ CONFIG_SLUB_KUNIT_TEST=m
 CONFIG_SLUB=y
 # CONFIG_SMARTJOYPLUS_FF is not set
 CONFIG_SMC_DIAG=m
+# CONFIG_SMC_LO is not set
 CONFIG_SMC=m
 # CONFIG_SM_FTL is not set
 CONFIG_SMP=y
--- a/kernel-s390x-rhel.config
+++ b/kernel-s390x-rhel.config
@ -5084,6 +5084,7 @@ CONFIG_SLUB_KUNIT_TEST=m
 CONFIG_SLUB=y
 # CONFIG_SMARTJOYPLUS_FF is not set
 CONFIG_SMC_DIAG=m
+# CONFIG_SMC_LO is not set
 CONFIG_SMC=m
 # CONFIG_SM_FTL is not set
 CONFIG_SMP=y
--- a/kernel-s390x-zfcpdump-rhel.config
+++ b/kernel-s390x-zfcpdump-rhel.config
@ -5104,6 +5104,7 @@ CONFIG_SLUB_KUNIT_TEST=m
 CONFIG_SLUB=y
 # CONFIG_SMARTJOYPLUS_FF is not set
 CONFIG_SMC_DIAG=m
+# CONFIG_SMC_LO is not set
 CONFIG_SMC=m
 # CONFIG_SM_FTL is not set
 CONFIG_SMP=y
--- a/kernel.changelog
+++ b/kernel.changelog
@ -1,3 +1,115 @@
+* Tue Jun 03 2025 Jan Stancek <jstancek@redhat.com> [5.14.0-591.el9]
+- uki_addons: add 'fedora' SBAT suffix for UKI addons (Li Tian) [RHEL-93399]
+- Subject: net/smc: check return value of sock_recvmsg when draining clc data (Mete Durlu) [RHEL-73484] {CVE-2024-57791}
+- net/smc: check smcd_v2_ext_offset when receiving proposal msg (Mete Durlu) [RHEL-73484] {CVE-2024-57791}
+- net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (Mete Durlu) [RHEL-73484] {CVE-2024-57791}
+- net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (Mete Durlu) [RHEL-73484] {CVE-2024-57791}
+- net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll (Mete Durlu) [RHEL-73484] {CVE-2024-57791}
+- net/smc: protect link down work from execute after lgr freed (Mete Durlu) [RHEL-73484] {CVE-2024-57791}
+- net/smc: Introduce IPPROTO_SMC (Mete Durlu) [RHEL-73484]
+- net/smc: expose smc proto operations (Mete Durlu) [RHEL-73484]
+- net/smc: refactoring initialization of smc sock (Mete Durlu) [RHEL-73484]
+- net/smc: change SMCR_RMBE_SIZES from 5 to 15 (Mete Durlu) [RHEL-73484]
+- net/smc: set rmb's SG_MAX_SINGLE_ALLOC limitation only when CONFIG_ARCH_NO_SG_CHAIN is defined (Mete Durlu) [RHEL-73484]
+- net/smc: implement DMB-merged operations of loopback-ism (Mete Durlu) [RHEL-73484]
+- net/smc: adapt cursor update when sndbuf and peer DMB are merged (Mete Durlu) [RHEL-73484]
+- net/smc: add operations to merge sndbuf with peer DMB (Mete Durlu) [RHEL-73484]
+- net/smc: register loopback-ism into SMC-D device list (Mete Durlu) [RHEL-73484]
+- net/smc: ignore loopback-ism when dumping SMC-D devices (Mete Durlu) [RHEL-73484]
+- net/smc: mark optional smcd_ops and check for support when called (Mete Durlu) [RHEL-73484]
+- net/smc: implement DMB-related operations of loopback-ism (Mete Durlu) [RHEL-73484]
+- net/smc: implement ID-related operations of loopback-ism (Mete Durlu) [RHEL-73484]
+- redhat/configs: Add SMC_LO config option (Mete Durlu) [RHEL-73484]
+- net/smc: introduce loopback-ism for SMC intra-OS shortcut (Mete Durlu) [RHEL-73484]
+- net/smc: decouple ism_client from SMC-D DMB registration (Mete Durlu) [RHEL-73484]
+- net/smc: Avoid -Wflex-array-member-not-at-end warnings (Mete Durlu) [RHEL-73484]
+- net/smc: make smc_hash_sk/smc_unhash_sk static (Mete Durlu) [RHEL-73484]
+- net/smc: change the term virtual ISM to Emulated-ISM (Mete Durlu) [RHEL-73484]
+- net/smc: fix incorrect SMC-D link group matching logic (Mete Durlu) [RHEL-73484]
+- net/smc: fix invalid link access in dumping SMC-R connections (Mete Durlu) [RHEL-73484]
+- net/smc: manage system EID in SMC stack instead of ISM driver (Mete Durlu) [RHEL-73484]
+- net/smc: disable SEID on non-s390 archs where virtual ISM may be used (Mete Durlu) [RHEL-73484]
+- net/smc: support extended GID in SMC-D lgr netlink attribute (Mete Durlu) [RHEL-73484]
+- net/smc: compatible with 128-bits extended GID of virtual ISM device (Mete Durlu) [RHEL-73484]
+- net/smc: define a reserved CHID range for virtual ISM devices (Mete Durlu) [RHEL-73484]
+- net/smc: introduce virtual ISM device support feature (Mete Durlu) [RHEL-73484]
+- net/smc: support SMCv2.x supplemental features negotiation (Mete Durlu) [RHEL-73484]
+- net/smc: unify the structs of accept or confirm message for v1 and v2 (Mete Durlu) [RHEL-73484]
+- net/smc: introduce sub-functions for smc_clc_send_confirm_accept() (Mete Durlu) [RHEL-73484]
+- net/smc: rename some 'fce' to 'fce_v2x' for clarity (Mete Durlu) [RHEL-73484]
+- net/smc: fix missing byte order conversion in CLC handshake (Mete Durlu) [RHEL-73484]
+- net/smc: remove unneeded atomic operations in smc_tx_sndbuf_nonempty (Mete Durlu) [RHEL-73484]
+- net/smc: add sysctl for max conns per lgr for SMC-R v2.1 (Mete Durlu) [RHEL-73484]
+- net/smc: add sysctl for max links per lgr for SMC-R v2.1 (Mete Durlu) [RHEL-73484]
+- net/smc: put sk reference if close work was canceled (Mete Durlu) [RHEL-73484]
+- net/smc: allow cdc msg send rather than drop it with NULL sndbuf_desc (Mete Durlu) [RHEL-73484]
+- net/smc: fix dangling sock under state SMC_APPFINCLOSEWAIT (Mete Durlu) [RHEL-73484]
+- net/smc: return the right falback reason when prefix checks fail (Mete Durlu) [RHEL-73484]
+- net/smc: fix smc clc failed issue when netdevice not in init_net (Mete Durlu) [RHEL-73484]
+- net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add (Mete Durlu) [RHEL-73484]
+- net/smc: bugfix for smcr v2 server connect success statistic (Mete Durlu) [RHEL-73484]
+- net/smc: Extend SMCR v2 linkgroup netlink attribute (Mete Durlu) [RHEL-73484]
+- net/smc: support max links per lgr negotiation in clc handshake (Mete Durlu) [RHEL-73484]
+- net/smc: support max connections per lgr negotiation (Mete Durlu) [RHEL-73484]
+- net/smc: support smc v2.x features validate (Mete Durlu) [RHEL-73484]
+- net/smc: add vendor unique experimental options area in clc handshake (Mete Durlu) [RHEL-73484]
+- net/smc: support smc release version negotiation in clc handshake (Mete Durlu) [RHEL-73484]
+- net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT (Mete Durlu) [RHEL-73484]
+- net/smc: Don't use RMBs not mapped to new link in SMCRv2 ADD LINK (Mete Durlu) [RHEL-73484]
+- net/smc: Scan from current RMB list when no position specified (Mete Durlu) [RHEL-73484]
+- net/smc: Reset connection when trying to use SMCRv2 fails. (Mete Durlu) [RHEL-73484]
+- smc: Fix use-after-free in tcp_write_timer_handler(). (Mete Durlu) [RHEL-73484]
+- smc: preserve const qualifier in smc_sk() (Mete Durlu) [RHEL-73484]
+- net/smc: Use percpu ref for wr tx reference (Mete Durlu) [RHEL-73484]
+- net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link() (Mete Durlu) [RHEL-73484]
+- vlan: enforce underlying device type (Guillaume Nault) [RHEL-87883] {CVE-2025-21920}
+- dm: fix copying after src array boundaries (Benjamin Marzinski) [RHEL-92761]
+- dm: add missing unlock on in dm_keyslot_evict() (Benjamin Marzinski) [RHEL-92761]
+- dm: always update the array size in realloc_argv on success (Benjamin Marzinski) [RHEL-92761]
+- dm-integrity: fix a warning on invalid table line (Benjamin Marzinski) [RHEL-92761]
+- dm-bufio: don't schedule in atomic context (Benjamin Marzinski) [RHEL-92761]
+- dm-ebs: fix prefetch-vs-suspend race (Benjamin Marzinski) [RHEL-92761]
+- dm-verity: fix prefetch-vs-suspend race (Benjamin Marzinski) [RHEL-92761]
+- dm-integrity: fix non-constant-time tag verification (Benjamin Marzinski) [RHEL-92761]
+- dm cache: support shrinking the origin device (Benjamin Marzinski) [RHEL-56106]
+- dm cache: prevent BUG_ON by blocking retries on failed device resumes (Benjamin Marzinski) [RHEL-56106]
+- dm: fix unconditional IO throttle caused by REQ_PREFLUSH (Benjamin Marzinski) [RHEL-92761]
+- dm-integrity: set ti->error on memory allocation failure (Benjamin Marzinski) [RHEL-92761]
+- NFSv4: Don't check for OPEN feature support in v4.1 (Scott Mayhew) [RHEL-83435]
+- MAINTAINERS: Update maintainers for crypto/marvell (Vladis Dronov) [RHEL-74335]
+- crypto: octeontx2 - suppress auth failure screaming due to negative tests (Vladis Dronov) [RHEL-74335]
+- crypto: octeontx2 - Remove unused otx2_cpt_print_uc_dbg_info (Vladis Dronov) [RHEL-74335]
+- crypto: drivers - Use str_enable_disable-like helpers [partial] (Vladis Dronov) [RHEL-74335]
+- crypto: marvell - replace deprecated PCI functions (Vladis Dronov) [RHEL-74335]
+- PCI: Make pcim_request_all_regions() a public function (Vladis Dronov) [RHEL-74335]
+- crypto: octeontx* - Select CRYPTO_AUTHENC [partial] (Vladis Dronov) [RHEL-74335]
+- crypto: octeontx2 - select CONFIG_NET_DEVLINK (Vladis Dronov) [RHEL-74335]
+- crypto: octeontx2 - Fix authenc setkey (Vladis Dronov) [RHEL-74335]
+- crypto: octeontx2 - Remove custom swap functions in favor of built-in sort swap (Vladis Dronov) [RHEL-74335]
+- crypto: octeontx2 - update CPT inbound inline IPsec mailbox (Vladis Dronov) [RHEL-74335]
+- selftests: net: fdb_notify: Add a test for FDB notifications (Ivan Vecera) [RHEL-78780]
+- selftests: net: lib: Add kill_process (Ivan Vecera) [RHEL-78780]
+- selftests: net: lib: Move checks from forwarding/lib.sh here (Ivan Vecera) [RHEL-78780]
+- selftests: net: lib: Move tests_run from forwarding/lib.sh here (Ivan Vecera) [RHEL-78780]
+- selftests: net: lib: Move logging from forwarding/lib.sh here (Ivan Vecera) [RHEL-78780]
+- selftests: net: include lib/sh/*.sh with lib.sh (Ivan Vecera) [RHEL-78780]
+- selftests: mptcp: include net_helper.sh file (Ivan Vecera) [RHEL-78780]
+- selftests: mptcp: include lib.sh file (Ivan Vecera) [RHEL-78780]
+- selftests: forwarding: lib: Allow passing PID to stop_traffic() (Ivan Vecera) [RHEL-78780]
+- selftests: forwarding: Add a fallback cleanup() (Ivan Vecera) [RHEL-78780]
+- selftests: net: lib: Introduce deferred commands (Ivan Vecera) [RHEL-78780]
+- selftests: forwarding: Convert log_test() to recognize RET values (Ivan Vecera) [RHEL-78780]
+- ndo_fdb_del: Add a parameter to report whether notification was sent (Izabela Bakollari) [RHEL-78780]
+- ndo_fdb_add: Add a parameter to report whether notification was sent (Izabela Bakollari) [RHEL-78780]
+- bonding: assign random address if device address is same as bond (Hangbin Liu) [RHEL-93062]
+- ice: Fix deinitializing VF in error path (Petr Oros) [RHEL-87626] {CVE-2025-21883}
+- ice: add E830 HW VF mailbox message limit support (Petr Oros) [RHEL-87626]
+- perf test stat_all_pmu.sh: Correctly check 'perf stat' result (Michael Petlan) [RHEL-81954]
+- perf test: Extra verbosity and hypervisor skip for tpebs test (Michael Petlan) [RHEL-81954]
+- perf test: Tag parallel failing shell tests with "(exclusive)" (Michael Petlan) [RHEL-81954]
+- perf test: Ignore security failures in all PMU test (Michael Petlan) [RHEL-81954]
+Resolves: RHEL-56106, RHEL-73484, RHEL-74335, RHEL-78780, RHEL-81954, RHEL-83435, RHEL-87626, RHEL-87883, RHEL-92761, RHEL-93062, RHEL-93399
+
 * Fri May 30 2025 Jan Stancek <jstancek@redhat.com> [5.14.0-590.el9]
 - cifs: Fix integer overflow while processing acdirmax mount option (Paulo Alcantara) [RHEL-87940] {CVE-2025-21963}
 - perf test: Update event_groups test to use instructions (Michael Petlan) [RHEL-80165]
--- a/kernel.spec
+++ b/kernel.spec
@ -165,15 +165,15 @@ Summary: The Linux kernel
 # define buildid .local
 %define specversion 5.14.0
 %define patchversion 5.14
-%define pkgrelease 590
+%define pkgrelease 591
 %define kversion 5
-%define tarfile_release 5.14.0-590.el9
+%define tarfile_release 5.14.0-591.el9
 # This is needed to do merge window version magic
 %define patchlevel 14
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 590%{?buildid}%{?dist}
+%define specrelease 591%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 5.14.0-590.el9
+%define kabiversion 5.14.0-591.el9

 #
 # End of genspec.sh variables
@ -2372,8 +2372,12 @@ BuildKernel() {
        # RHEL/CentOS specific .SBAT entries
 %if 0%{?centos}
        SBATsuffix="centos"
+%else
+%if 0%{?fedora}
+        SBATsuffix="fedora"
 %else
        SBATsuffix="rhel"
+%endif
 %endif
        SBAT=$(cat <<- EOF
 	linux,1,Red Hat,linux,$KernelVer,mailto:secalert@redhat.com
@ -3672,6 +3676,117 @@ fi
 #
 #
 %changelog
+* Tue Jun 03 2025 Jan Stancek <jstancek@redhat.com> [5.14.0-591.el9]
+- uki_addons: add 'fedora' SBAT suffix for UKI addons (Li Tian) [RHEL-93399]
+- Subject: net/smc: check return value of sock_recvmsg when draining clc data (Mete Durlu) [RHEL-73484] {CVE-2024-57791}
+- net/smc: check smcd_v2_ext_offset when receiving proposal msg (Mete Durlu) [RHEL-73484] {CVE-2024-57791}
+- net/smc: check v2_ext_offset/eid_cnt/ism_gid_cnt when receiving proposal msg (Mete Durlu) [RHEL-73484] {CVE-2024-57791}
+- net/smc: check iparea_offset and ipv6_prefixes_cnt when receiving proposal msg (Mete Durlu) [RHEL-73484] {CVE-2024-57791}
+- net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll (Mete Durlu) [RHEL-73484] {CVE-2024-57791}
+- net/smc: protect link down work from execute after lgr freed (Mete Durlu) [RHEL-73484] {CVE-2024-57791}
+- net/smc: Introduce IPPROTO_SMC (Mete Durlu) [RHEL-73484]
+- net/smc: expose smc proto operations (Mete Durlu) [RHEL-73484]
+- net/smc: refactoring initialization of smc sock (Mete Durlu) [RHEL-73484]
+- net/smc: change SMCR_RMBE_SIZES from 5 to 15 (Mete Durlu) [RHEL-73484]
+- net/smc: set rmb's SG_MAX_SINGLE_ALLOC limitation only when CONFIG_ARCH_NO_SG_CHAIN is defined (Mete Durlu) [RHEL-73484]
+- net/smc: implement DMB-merged operations of loopback-ism (Mete Durlu) [RHEL-73484]
+- net/smc: adapt cursor update when sndbuf and peer DMB are merged (Mete Durlu) [RHEL-73484]
+- net/smc: add operations to merge sndbuf with peer DMB (Mete Durlu) [RHEL-73484]
+- net/smc: register loopback-ism into SMC-D device list (Mete Durlu) [RHEL-73484]
+- net/smc: ignore loopback-ism when dumping SMC-D devices (Mete Durlu) [RHEL-73484]
+- net/smc: mark optional smcd_ops and check for support when called (Mete Durlu) [RHEL-73484]
+- net/smc: implement DMB-related operations of loopback-ism (Mete Durlu) [RHEL-73484]
+- net/smc: implement ID-related operations of loopback-ism (Mete Durlu) [RHEL-73484]
+- redhat/configs: Add SMC_LO config option (Mete Durlu) [RHEL-73484]
+- net/smc: introduce loopback-ism for SMC intra-OS shortcut (Mete Durlu) [RHEL-73484]
+- net/smc: decouple ism_client from SMC-D DMB registration (Mete Durlu) [RHEL-73484]
+- net/smc: Avoid -Wflex-array-member-not-at-end warnings (Mete Durlu) [RHEL-73484]
+- net/smc: make smc_hash_sk/smc_unhash_sk static (Mete Durlu) [RHEL-73484]
+- net/smc: change the term virtual ISM to Emulated-ISM (Mete Durlu) [RHEL-73484]
+- net/smc: fix incorrect SMC-D link group matching logic (Mete Durlu) [RHEL-73484]
+- net/smc: fix invalid link access in dumping SMC-R connections (Mete Durlu) [RHEL-73484]
+- net/smc: manage system EID in SMC stack instead of ISM driver (Mete Durlu) [RHEL-73484]
+- net/smc: disable SEID on non-s390 archs where virtual ISM may be used (Mete Durlu) [RHEL-73484]
+- net/smc: support extended GID in SMC-D lgr netlink attribute (Mete Durlu) [RHEL-73484]
+- net/smc: compatible with 128-bits extended GID of virtual ISM device (Mete Durlu) [RHEL-73484]
+- net/smc: define a reserved CHID range for virtual ISM devices (Mete Durlu) [RHEL-73484]
+- net/smc: introduce virtual ISM device support feature (Mete Durlu) [RHEL-73484]
+- net/smc: support SMCv2.x supplemental features negotiation (Mete Durlu) [RHEL-73484]
+- net/smc: unify the structs of accept or confirm message for v1 and v2 (Mete Durlu) [RHEL-73484]
+- net/smc: introduce sub-functions for smc_clc_send_confirm_accept() (Mete Durlu) [RHEL-73484]
+- net/smc: rename some 'fce' to 'fce_v2x' for clarity (Mete Durlu) [RHEL-73484]
+- net/smc: fix missing byte order conversion in CLC handshake (Mete Durlu) [RHEL-73484]
+- net/smc: remove unneeded atomic operations in smc_tx_sndbuf_nonempty (Mete Durlu) [RHEL-73484]
+- net/smc: add sysctl for max conns per lgr for SMC-R v2.1 (Mete Durlu) [RHEL-73484]
+- net/smc: add sysctl for max links per lgr for SMC-R v2.1 (Mete Durlu) [RHEL-73484]
+- net/smc: put sk reference if close work was canceled (Mete Durlu) [RHEL-73484]
+- net/smc: allow cdc msg send rather than drop it with NULL sndbuf_desc (Mete Durlu) [RHEL-73484]
+- net/smc: fix dangling sock under state SMC_APPFINCLOSEWAIT (Mete Durlu) [RHEL-73484]
+- net/smc: return the right falback reason when prefix checks fail (Mete Durlu) [RHEL-73484]
+- net/smc: fix smc clc failed issue when netdevice not in init_net (Mete Durlu) [RHEL-73484]
+- net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add (Mete Durlu) [RHEL-73484]
+- net/smc: bugfix for smcr v2 server connect success statistic (Mete Durlu) [RHEL-73484]
+- net/smc: Extend SMCR v2 linkgroup netlink attribute (Mete Durlu) [RHEL-73484]
+- net/smc: support max links per lgr negotiation in clc handshake (Mete Durlu) [RHEL-73484]
+- net/smc: support max connections per lgr negotiation (Mete Durlu) [RHEL-73484]
+- net/smc: support smc v2.x features validate (Mete Durlu) [RHEL-73484]
+- net/smc: add vendor unique experimental options area in clc handshake (Mete Durlu) [RHEL-73484]
+- net/smc: support smc release version negotiation in clc handshake (Mete Durlu) [RHEL-73484]
+- net/smc: Avoid to access invalid RMBs' MRs in SMCRv1 ADD LINK CONT (Mete Durlu) [RHEL-73484]
+- net/smc: Don't use RMBs not mapped to new link in SMCRv2 ADD LINK (Mete Durlu) [RHEL-73484]
+- net/smc: Scan from current RMB list when no position specified (Mete Durlu) [RHEL-73484]
+- net/smc: Reset connection when trying to use SMCRv2 fails. (Mete Durlu) [RHEL-73484]
+- smc: Fix use-after-free in tcp_write_timer_handler(). (Mete Durlu) [RHEL-73484]
+- smc: preserve const qualifier in smc_sk() (Mete Durlu) [RHEL-73484]
+- net/smc: Use percpu ref for wr tx reference (Mete Durlu) [RHEL-73484]
+- net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link() (Mete Durlu) [RHEL-73484]
+- vlan: enforce underlying device type (Guillaume Nault) [RHEL-87883] {CVE-2025-21920}
+- dm: fix copying after src array boundaries (Benjamin Marzinski) [RHEL-92761]
+- dm: add missing unlock on in dm_keyslot_evict() (Benjamin Marzinski) [RHEL-92761]
+- dm: always update the array size in realloc_argv on success (Benjamin Marzinski) [RHEL-92761]
+- dm-integrity: fix a warning on invalid table line (Benjamin Marzinski) [RHEL-92761]
+- dm-bufio: don't schedule in atomic context (Benjamin Marzinski) [RHEL-92761]
+- dm-ebs: fix prefetch-vs-suspend race (Benjamin Marzinski) [RHEL-92761]
+- dm-verity: fix prefetch-vs-suspend race (Benjamin Marzinski) [RHEL-92761]
+- dm-integrity: fix non-constant-time tag verification (Benjamin Marzinski) [RHEL-92761]
+- dm cache: support shrinking the origin device (Benjamin Marzinski) [RHEL-56106]
+- dm cache: prevent BUG_ON by blocking retries on failed device resumes (Benjamin Marzinski) [RHEL-56106]
+- dm: fix unconditional IO throttle caused by REQ_PREFLUSH (Benjamin Marzinski) [RHEL-92761]
+- dm-integrity: set ti->error on memory allocation failure (Benjamin Marzinski) [RHEL-92761]
+- NFSv4: Don't check for OPEN feature support in v4.1 (Scott Mayhew) [RHEL-83435]
+- MAINTAINERS: Update maintainers for crypto/marvell (Vladis Dronov) [RHEL-74335]
+- crypto: octeontx2 - suppress auth failure screaming due to negative tests (Vladis Dronov) [RHEL-74335]
+- crypto: octeontx2 - Remove unused otx2_cpt_print_uc_dbg_info (Vladis Dronov) [RHEL-74335]
+- crypto: drivers - Use str_enable_disable-like helpers [partial] (Vladis Dronov) [RHEL-74335]
+- crypto: marvell - replace deprecated PCI functions (Vladis Dronov) [RHEL-74335]
+- PCI: Make pcim_request_all_regions() a public function (Vladis Dronov) [RHEL-74335]
+- crypto: octeontx* - Select CRYPTO_AUTHENC [partial] (Vladis Dronov) [RHEL-74335]
+- crypto: octeontx2 - select CONFIG_NET_DEVLINK (Vladis Dronov) [RHEL-74335]
+- crypto: octeontx2 - Fix authenc setkey (Vladis Dronov) [RHEL-74335]
+- crypto: octeontx2 - Remove custom swap functions in favor of built-in sort swap (Vladis Dronov) [RHEL-74335]
+- crypto: octeontx2 - update CPT inbound inline IPsec mailbox (Vladis Dronov) [RHEL-74335]
+- selftests: net: fdb_notify: Add a test for FDB notifications (Ivan Vecera) [RHEL-78780]
+- selftests: net: lib: Add kill_process (Ivan Vecera) [RHEL-78780]
+- selftests: net: lib: Move checks from forwarding/lib.sh here (Ivan Vecera) [RHEL-78780]
+- selftests: net: lib: Move tests_run from forwarding/lib.sh here (Ivan Vecera) [RHEL-78780]
+- selftests: net: lib: Move logging from forwarding/lib.sh here (Ivan Vecera) [RHEL-78780]
+- selftests: net: include lib/sh/*.sh with lib.sh (Ivan Vecera) [RHEL-78780]
+- selftests: mptcp: include net_helper.sh file (Ivan Vecera) [RHEL-78780]
+- selftests: mptcp: include lib.sh file (Ivan Vecera) [RHEL-78780]
+- selftests: forwarding: lib: Allow passing PID to stop_traffic() (Ivan Vecera) [RHEL-78780]
+- selftests: forwarding: Add a fallback cleanup() (Ivan Vecera) [RHEL-78780]
+- selftests: net: lib: Introduce deferred commands (Ivan Vecera) [RHEL-78780]
+- selftests: forwarding: Convert log_test() to recognize RET values (Ivan Vecera) [RHEL-78780]
+- ndo_fdb_del: Add a parameter to report whether notification was sent (Izabela Bakollari) [RHEL-78780]
+- ndo_fdb_add: Add a parameter to report whether notification was sent (Izabela Bakollari) [RHEL-78780]
+- bonding: assign random address if device address is same as bond (Hangbin Liu) [RHEL-93062]
+- ice: Fix deinitializing VF in error path (Petr Oros) [RHEL-87626] {CVE-2025-21883}
+- ice: add E830 HW VF mailbox message limit support (Petr Oros) [RHEL-87626]
+- perf test stat_all_pmu.sh: Correctly check 'perf stat' result (Michael Petlan) [RHEL-81954]
+- perf test: Extra verbosity and hypervisor skip for tpebs test (Michael Petlan) [RHEL-81954]
+- perf test: Tag parallel failing shell tests with "(exclusive)" (Michael Petlan) [RHEL-81954]
+- perf test: Ignore security failures in all PMU test (Michael Petlan) [RHEL-81954]
+
 * Fri May 30 2025 Jan Stancek <jstancek@redhat.com> [5.14.0-590.el9]
 - cifs: Fix integer overflow while processing acdirmax mount option (Paulo Alcantara) [RHEL-87940] {CVE-2025-21963}
 - perf test: Update event_groups test to use instructions (Michael Petlan) [RHEL-80165]
--- a/6
+++ b/6
@ -1,3 +1,3 @@
-SHA512 (linux-5.14.0-590.el9.tar.xz) = 8ee379b2e8007f16ab56b35792dfba930ded66e8fb33fefd42cf1109efd7b965574fb0ab5d82fec70555cd75948f3834c89834a4bf4967646c2ab5b7c7c6fd0e
-SHA512 (kernel-abi-stablelists-5.14.0-590.el9.tar.bz2) = 7465d6e4cc972373f495178362645d7bb1406bce6ad8654df0b6da997bb6e30e179f8231f4dd42da2b16bb88e0dcb85a20d43bf6a9f13557c456a304b69ed76e
-SHA512 (kernel-kabi-dw-5.14.0-590.el9.tar.bz2) = 10872f0b03102f641619e760cf33c7d836ca145bbd2a6929af3011d05cf1583aed9418311a1f2d30655c6f8ddc34127b26a3d7fb4ec1b9512831cd7347412549
+SHA512 (linux-5.14.0-591.el9.tar.xz) = fd0966a7d12307c28337437fff0ab3261a3fca5254f88acf3586082eb0b2e8256f24b721c62412097e7a7f8e6948f87d03ea35b369e0cf34a4cbdf3a55649d22
+SHA512 (kernel-abi-stablelists-5.14.0-591.el9.tar.bz2) = 344fbb06b21a94b7e1babaa41a9dc93c9f12100d3c721ffce3da26ff6a9b4ef7bce8909fa180d3804d8fd22ab7f2ca94bc87297571866fc462728f06719da301
+SHA512 (kernel-kabi-dw-5.14.0-591.el9.tar.bz2) = 10872f0b03102f641619e760cf33c7d836ca145bbd2a6929af3011d05cf1583aed9418311a1f2d30655c6f8ddc34127b26a3d7fb4ec1b9512831cd7347412549