From 554f94ce07079d151be23aaeecded620746ca9e4 Mon Sep 17 00:00:00 2001
From: Scott Weaver <scweaver@redhat.com>
Date: Thu, 14 Dec 2023 13:27:44 -0500
Subject: [PATCH] kernel-5.14.0-399.el9

* Thu Dec 14 2023 Scott Weaver <scweaver@redhat.com> [5.14.0-399.el9]
- fbcon: set_con2fb_map needs to set con2fb_map! (Jocelyn Falempe) [RHEL-13899] {CVE-2023-38409}
- fbcon: Fix error paths in set_con2fb_map (Jocelyn Falempe) [RHEL-13899] {CVE-2023-38409}
- redhat: modify kernel .sbat URL to point to issues.redhat.com (Emanuele Giuseppe Esposito) [RHEL-16879]
- mm: Fix copy_from_user_nofault(). (Waiman Long) [RHEL-18440]
- igbvf: replace deprecated strncpy with strscpy (Corinna Vinschen) [RHEL-15689]
- igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80 (Corinna Vinschen) [RHEL-15689]
- ethernet: use eth_hw_addr_set() for dev->addr_len cases (Corinna Vinschen) [RHEL-15689]
- perf/x86/amd/uncore: Pass through error code for initialization failures, instead of -ENODEV (Michael Petlan) [RHEL-9995]
- perf/x86/amd/uncore: Fix uninitialized return value in amd_uncore_init() (Michael Petlan) [RHEL-9995]
- perf/x86/amd/uncore: Add memory controller support (Michael Petlan) [RHEL-9995]
- perf/x86/amd/uncore: Add group exclusivity (Michael Petlan) [RHEL-9995]
- perf/x86/amd/uncore: Use rdmsr if rdpmc is unavailable (Michael Petlan) [RHEL-9995]
- perf/x86/amd/uncore: Move discovery and registration (Michael Petlan) [RHEL-9995]
- perf/x86/amd/uncore: Refactor uncore management (Michael Petlan) [RHEL-9995]
- arm64: mm: Fix "rodata=on" when CONFIG_RODATA_FULL_DEFAULT_ENABLED=y (Eric Chanudet) [RHEL-18400]
- s390/pci: fix iommu bitmap allocation (Tobias Huschle) [RHEL-18201]
- padata: Fix refcnt handling in padata_free_shell() (Luis Claudio R. Goncalves) [RHEL-17617]
- net/smc: Fix pos miscalculation in statistics (Tobias Huschle) [RHEL-18204]
- vsock/virtio: fix "comparison of distinct pointer types lacks a cast" warning (Stefano Garzarella) [RHEL-17878]
- vsock/test: fix SEQPACKET message bounds test (Stefano Garzarella) [RHEL-17878]
- virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt() (Stefano Garzarella) [RHEL-17878]
- test/vsock: add dobule bind connect test (Stefano Garzarella) [RHEL-17878]
- test/vsock: refactor vsock_accept (Stefano Garzarella) [RHEL-17878]
- test/vsock fix: add missing check on socket creation (Stefano Garzarella) [RHEL-17878]
- vsock/virtio: remove socket from connected/bound list on shutdown (Stefano Garzarella) [RHEL-17878]
- vsock/virtio: initialize the_virtio_vsock before using VQs (Stefano Garzarella) [RHEL-17878]
- test/vsock: io_uring rx/tx tests (Stefano Garzarella) [RHEL-17878]
- test/vsock: MSG_ZEROCOPY support for vsock_perf (Stefano Garzarella) [RHEL-17878]
- test/vsock: MSG_ZEROCOPY flag tests (Stefano Garzarella) [RHEL-17878]
- vsock: enable setting SO_ZEROCOPY (Stefano Garzarella) [RHEL-17878]
- vsock/loopback: support MSG_ZEROCOPY for transport (Stefano Garzarella) [RHEL-17878]
- vsock/virtio: support MSG_ZEROCOPY for transport (Stefano Garzarella) [RHEL-17878]
- vhost/vsock: support MSG_ZEROCOPY for transport (Stefano Garzarella) [RHEL-17878]
- vsock: enable SOCK_SUPPORT_ZC bit (Stefano Garzarella) [RHEL-17878]
- vsock: check for MSG_ZEROCOPY support on send (Stefano Garzarella) [RHEL-17878]
- vsock: read from socket's error queue (Stefano Garzarella) [RHEL-17878]
- vsock: set EPOLLERR on non-empty error queue (Stefano Garzarella) [RHEL-17878]
- vsock/virtio: MSG_ZEROCOPY flag support (Stefano Garzarella) [RHEL-17878]
- vsock/virtio: non-linear skb handling for tap (Stefano Garzarella) [RHEL-17878]
- vsock/virtio: support to send non-linear skb (Stefano Garzarella) [RHEL-17878]
- vsock/virtio/vhost: read data from non-linear skb (Stefano Garzarella) [RHEL-17878]
- vsock/test: track bytes in sk_buff merging test for SOCK_SEQPACKET (Stefano Garzarella) [RHEL-17878]
- vsock/test: use send_buf() in vsock_test.c (Stefano Garzarella) [RHEL-17878]
- vsock/test: add send_buf() utility function (Stefano Garzarella) [RHEL-17878]
- vsock/test: use recv_buf() in vsock_test.c (Stefano Garzarella) [RHEL-17878]
- vsock/test: add recv_buf() utility function (Stefano Garzarella) [RHEL-17878]
- test/vsock: shutdowned socket test (Stefano Garzarella) [RHEL-17878]
- vsock: send SIGPIPE on write to shutdowned socket (Stefano Garzarella) [RHEL-17878]
- af_vsock: Remove unused declaration vsock_release_pending()/vsock_init_tap() (Stefano Garzarella) [RHEL-17878]
- test/vsock: remove vsock_perf executable on `make clean` (Stefano Garzarella) [RHEL-17878]
- vsock: Remove unused function declarations (Stefano Garzarella) [RHEL-17878]
- vsock/test: MSG_PEEK test for SOCK_SEQPACKET (Stefano Garzarella) [RHEL-17878]
- vsock/test: rework MSG_PEEK test for SOCK_STREAM (Stefano Garzarella) [RHEL-17878]
- virtio/vsock: support MSG_PEEK for SOCK_SEQPACKET (Stefano Garzarella) [RHEL-17878]
- virtio/vsock: rework MSG_PEEK for SOCK_STREAM (Stefano Garzarella) [RHEL-17878]
- vsock: support sockmap (Stefano Garzarella) [RHEL-17878]
- ata: libata-core: Do not register PM operations for SAS ports (Tomas Henzl) [RHEL-16981]
- ata: libata-scsi: Fix delayed scsi_rescan_device() execution (Tomas Henzl) [RHEL-16981]
- scsi: Do not rescan devices with a suspended queue (Tomas Henzl) [RHEL-16981]
- scsi: Do not attempt to rescan suspended devices (Tomas Henzl) [RHEL-16981]
- x86/speculation: Mark all Skylake CPUs as vulnerable to GDS (Waiman Long) [RHEL-3657]
- net/mlx5: Handle sync reset unload event (Mohammad Kabat) [RHEL-13508]
- net/mlx5: Fix error code in mlx5_is_reset_now_capable() (Mohammad Kabat) [RHEL-13508]
- net/mlx5: Check DTOR entry value is not zero (Mohammad Kabat) [RHEL-13508]
- net/mlx5: Expose timeout for sync reset unload stage (Mohammad Kabat) [RHEL-13508]
- net/mlx5: Ack on sync_reset_request only if PF can do reset_now (Mohammad Kabat) [RHEL-13508]
- xfrm: copy_to_user_state fetch offloaded SA packets/bytes statistics (Ivan Vecera) [RHEL-16982]
- xfrm: add new device offload acquire flag (Ivan Vecera) [RHEL-16982]
- net: thunderx: Fix the ACPI memory leak (Maurizio Lombardi) [RHEL-17592]
Resolves: RHEL-13508, RHEL-13899, RHEL-15689, RHEL-16879, RHEL-16981, RHEL-16982, RHEL-17592, RHEL-17617, RHEL-17878, RHEL-18201, RHEL-18204, RHEL-18400, RHEL-18440, RHEL-3657, RHEL-9995

Signed-off-by: Scott Weaver <scweaver@redhat.com>
---
 Makefile.rhelver |  2 +-
 kernel.spec      | 85 ++++++++++++++++++++++++++++++++++++++++++++----
 sources          |  6 ++--
 3 files changed, 82 insertions(+), 11 deletions(-)

diff --git a/Makefile.rhelver b/Makefile.rhelver
index 298a389a9..e2b0744eb 100644
--- a/Makefile.rhelver
+++ b/Makefile.rhelver
@@ -12,7 +12,7 @@ RHEL_MINOR = 4
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 398
+RHEL_RELEASE = 399
 
 #
 # ZSTREAM
diff --git a/kernel.spec b/kernel.spec
index d1f13d08d..bcd4a348c 100755
--- a/kernel.spec
+++ b/kernel.spec
@@ -165,15 +165,15 @@ Summary: The Linux kernel
 # define buildid .local
 %define specversion 5.14.0
 %define patchversion 5.14
-%define pkgrelease 398
+%define pkgrelease 399
 %define kversion 5
-%define tarfile_release 5.14.0-398.el9
+%define tarfile_release 5.14.0-399.el9
 # This is needed to do merge window version magic
 %define patchlevel 14
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 398%{?buildid}%{?dist}
+%define specrelease 399%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 5.14.0-398.el9
+%define kabiversion 5.14.0-399.el9
 
 #
 # End of genspec.sh variables
@@ -2453,9 +2453,9 @@ BuildKernel() {
 %else
         SBATsuffix="rhel"
 %endif
-        echo "linux,1,Red Hat,linux,$KernelVer,https://bugzilla.redhat.com/" >> $KernelUnifiedImage.sbat
-        echo "linux.$SBATsuffix,1,Red Hat,linux,$KernelVer,https://bugzilla.redhat.com/" >> $KernelUnifiedImage.sbat
-        echo "kernel-uki-virt.$SBATsuffix,1,Red Hat,kernel-uki-virt,$KernelVer,https://bugzilla.redhat.com/" >> $KernelUnifiedImage.sbat
+        echo "linux,1,Red Hat,linux,$KernelVer,mailto:secalert@redhat.com" >> $KernelUnifiedImage.sbat
+        echo "linux.$SBATsuffix,1,Red Hat,linux,$KernelVer,mailto:secalert@redhat.com" >> $KernelUnifiedImage.sbat
+        echo "kernel-uki-virt.$SBATsuffix,1,Red Hat,kernel-uki-virt,$KernelVer,mailto:secalert@redhat.com" >> $KernelUnifiedImage.sbat
         # Remove the original .sbat section
         objcopy --remove-section .sbat $KernelUnifiedImage
         # Get the end of the last section
@@ -3745,6 +3745,77 @@ fi
 #
 #
 %changelog
+* Thu Dec 14 2023 Scott Weaver <scweaver@redhat.com> [5.14.0-399.el9]
+- fbcon: set_con2fb_map needs to set con2fb_map! (Jocelyn Falempe) [RHEL-13899] {CVE-2023-38409}
+- fbcon: Fix error paths in set_con2fb_map (Jocelyn Falempe) [RHEL-13899] {CVE-2023-38409}
+- redhat: modify kernel .sbat URL to point to issues.redhat.com (Emanuele Giuseppe Esposito) [RHEL-16879]
+- mm: Fix copy_from_user_nofault(). (Waiman Long) [RHEL-18440]
+- igbvf: replace deprecated strncpy with strscpy (Corinna Vinschen) [RHEL-15689]
+- igbvf: Change IGBVF_MIN to allow set rx/tx value between 64 and 80 (Corinna Vinschen) [RHEL-15689]
+- ethernet: use eth_hw_addr_set() for dev->addr_len cases (Corinna Vinschen) [RHEL-15689]
+- perf/x86/amd/uncore: Pass through error code for initialization failures, instead of -ENODEV (Michael Petlan) [RHEL-9995]
+- perf/x86/amd/uncore: Fix uninitialized return value in amd_uncore_init() (Michael Petlan) [RHEL-9995]
+- perf/x86/amd/uncore: Add memory controller support (Michael Petlan) [RHEL-9995]
+- perf/x86/amd/uncore: Add group exclusivity (Michael Petlan) [RHEL-9995]
+- perf/x86/amd/uncore: Use rdmsr if rdpmc is unavailable (Michael Petlan) [RHEL-9995]
+- perf/x86/amd/uncore: Move discovery and registration (Michael Petlan) [RHEL-9995]
+- perf/x86/amd/uncore: Refactor uncore management (Michael Petlan) [RHEL-9995]
+- arm64: mm: Fix "rodata=on" when CONFIG_RODATA_FULL_DEFAULT_ENABLED=y (Eric Chanudet) [RHEL-18400]
+- s390/pci: fix iommu bitmap allocation (Tobias Huschle) [RHEL-18201]
+- padata: Fix refcnt handling in padata_free_shell() (Luis Claudio R. Goncalves) [RHEL-17617]
+- net/smc: Fix pos miscalculation in statistics (Tobias Huschle) [RHEL-18204]
+- vsock/virtio: fix "comparison of distinct pointer types lacks a cast" warning (Stefano Garzarella) [RHEL-17878]
+- vsock/test: fix SEQPACKET message bounds test (Stefano Garzarella) [RHEL-17878]
+- virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt() (Stefano Garzarella) [RHEL-17878]
+- test/vsock: add dobule bind connect test (Stefano Garzarella) [RHEL-17878]
+- test/vsock: refactor vsock_accept (Stefano Garzarella) [RHEL-17878]
+- test/vsock fix: add missing check on socket creation (Stefano Garzarella) [RHEL-17878]
+- vsock/virtio: remove socket from connected/bound list on shutdown (Stefano Garzarella) [RHEL-17878]
+- vsock/virtio: initialize the_virtio_vsock before using VQs (Stefano Garzarella) [RHEL-17878]
+- test/vsock: io_uring rx/tx tests (Stefano Garzarella) [RHEL-17878]
+- test/vsock: MSG_ZEROCOPY support for vsock_perf (Stefano Garzarella) [RHEL-17878]
+- test/vsock: MSG_ZEROCOPY flag tests (Stefano Garzarella) [RHEL-17878]
+- vsock: enable setting SO_ZEROCOPY (Stefano Garzarella) [RHEL-17878]
+- vsock/loopback: support MSG_ZEROCOPY for transport (Stefano Garzarella) [RHEL-17878]
+- vsock/virtio: support MSG_ZEROCOPY for transport (Stefano Garzarella) [RHEL-17878]
+- vhost/vsock: support MSG_ZEROCOPY for transport (Stefano Garzarella) [RHEL-17878]
+- vsock: enable SOCK_SUPPORT_ZC bit (Stefano Garzarella) [RHEL-17878]
+- vsock: check for MSG_ZEROCOPY support on send (Stefano Garzarella) [RHEL-17878]
+- vsock: read from socket's error queue (Stefano Garzarella) [RHEL-17878]
+- vsock: set EPOLLERR on non-empty error queue (Stefano Garzarella) [RHEL-17878]
+- vsock/virtio: MSG_ZEROCOPY flag support (Stefano Garzarella) [RHEL-17878]
+- vsock/virtio: non-linear skb handling for tap (Stefano Garzarella) [RHEL-17878]
+- vsock/virtio: support to send non-linear skb (Stefano Garzarella) [RHEL-17878]
+- vsock/virtio/vhost: read data from non-linear skb (Stefano Garzarella) [RHEL-17878]
+- vsock/test: track bytes in sk_buff merging test for SOCK_SEQPACKET (Stefano Garzarella) [RHEL-17878]
+- vsock/test: use send_buf() in vsock_test.c (Stefano Garzarella) [RHEL-17878]
+- vsock/test: add send_buf() utility function (Stefano Garzarella) [RHEL-17878]
+- vsock/test: use recv_buf() in vsock_test.c (Stefano Garzarella) [RHEL-17878]
+- vsock/test: add recv_buf() utility function (Stefano Garzarella) [RHEL-17878]
+- test/vsock: shutdowned socket test (Stefano Garzarella) [RHEL-17878]
+- vsock: send SIGPIPE on write to shutdowned socket (Stefano Garzarella) [RHEL-17878]
+- af_vsock: Remove unused declaration vsock_release_pending()/vsock_init_tap() (Stefano Garzarella) [RHEL-17878]
+- test/vsock: remove vsock_perf executable on `make clean` (Stefano Garzarella) [RHEL-17878]
+- vsock: Remove unused function declarations (Stefano Garzarella) [RHEL-17878]
+- vsock/test: MSG_PEEK test for SOCK_SEQPACKET (Stefano Garzarella) [RHEL-17878]
+- vsock/test: rework MSG_PEEK test for SOCK_STREAM (Stefano Garzarella) [RHEL-17878]
+- virtio/vsock: support MSG_PEEK for SOCK_SEQPACKET (Stefano Garzarella) [RHEL-17878]
+- virtio/vsock: rework MSG_PEEK for SOCK_STREAM (Stefano Garzarella) [RHEL-17878]
+- vsock: support sockmap (Stefano Garzarella) [RHEL-17878]
+- ata: libata-core: Do not register PM operations for SAS ports (Tomas Henzl) [RHEL-16981]
+- ata: libata-scsi: Fix delayed scsi_rescan_device() execution (Tomas Henzl) [RHEL-16981]
+- scsi: Do not rescan devices with a suspended queue (Tomas Henzl) [RHEL-16981]
+- scsi: Do not attempt to rescan suspended devices (Tomas Henzl) [RHEL-16981]
+- x86/speculation: Mark all Skylake CPUs as vulnerable to GDS (Waiman Long) [RHEL-3657]
+- net/mlx5: Handle sync reset unload event (Mohammad Kabat) [RHEL-13508]
+- net/mlx5: Fix error code in mlx5_is_reset_now_capable() (Mohammad Kabat) [RHEL-13508]
+- net/mlx5: Check DTOR entry value is not zero (Mohammad Kabat) [RHEL-13508]
+- net/mlx5: Expose timeout for sync reset unload stage (Mohammad Kabat) [RHEL-13508]
+- net/mlx5: Ack on sync_reset_request only if PF can do reset_now (Mohammad Kabat) [RHEL-13508]
+- xfrm: copy_to_user_state fetch offloaded SA packets/bytes statistics (Ivan Vecera) [RHEL-16982]
+- xfrm: add new device offload acquire flag (Ivan Vecera) [RHEL-16982]
+- net: thunderx: Fix the ACPI memory leak (Maurizio Lombardi) [RHEL-17592]
+
 * Tue Dec 12 2023 Scott Weaver <scweaver@redhat.com> [5.14.0-398.el9]
 - arch/x86: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
 - kvm: Remove "select SRCU" (Myron Stowe) [RHEL-18042]
diff --git a/sources b/sources
index aa597bd16..74f9451de 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (linux-5.14.0-398.el9.tar.xz) = 4ad1804cc0178b6d9a0b5a89940ab7ec97d112903ab48adb32d1de8e133b7dbc625a04fea64c47684baf06ef156c5f283d8c4e1c70d8afc6afff73546a2bb0de
-SHA512 (kernel-abi-stablelists-5.14.0-398.el9.tar.bz2) = 60a4342bd4773f5f60e43a83fdd8136f433167efd5771e2d348d1b3f69b8c9dfd16750297772391f22f1dc6e76fd98af25e24546ea95a2f176a9292baf105fc6
-SHA512 (kernel-kabi-dw-5.14.0-398.el9.tar.bz2) = 27b9c91c86b7e9585b931a57de23366d8857cc8c94ffb10b22373cc45bc15009ea1e5314e1587eb9afbc6c3ac23ddbbe038af2b997b2e146fdfd737c4b55d76e
+SHA512 (linux-5.14.0-399.el9.tar.xz) = b1dac6365be6020ff6363ffe254487918402925f0a0b71052d619a9038d9fd4433a8ade6ff800f59ab9e4e989a6c3486ba34971292c0649a33eb6fa4cf695bec
+SHA512 (kernel-abi-stablelists-5.14.0-399.el9.tar.bz2) = 02abbf8f1e7be05e1fa4dd86e06c72400875e608183fe97d1e4cda922c9e55dfc0cab3a21eca14881391b4abbc09b53bab62296a974d64420d91b4e1ce6887a9
+SHA512 (kernel-kabi-dw-5.14.0-399.el9.tar.bz2) = 13f1256fe15d266cc95122c60cf160ab91a12efef8e835ebec430e6625fb7628ea223d195eb4c68d8ae6e616e591a53ea4fc27f94d7cd51b5366ec200ccb25c0