From 69ace5a551e2a30e9d7234f90b7292105826f6c3 Mon Sep 17 00:00:00 2001 From: Lucas Zampieri Date: Wed, 10 Jul 2024 18:31:06 +0000 Subject: [PATCH] kernel-5.14.0-479.el9 * Wed Jul 10 2024 Lucas Zampieri [5.14.0-479.el9] - REDHAT: Makefile, dont reset dist-git-tmp if set (Lucas Zampieri) - Revert "REDHAT: Fix values in Makefile being redefined" (Lucas Zampieri) - tools/power turbostat: Add local build_bug.h header for snapshot target (David Arcari) [RHEL-33321] - tools/power turbostat: Fix unc freq columns not showing with '-q' or '-l' (David Arcari) [RHEL-33321] - tools/power turbostat: option '-n' is ambiguous (David Arcari) [RHEL-33321 RHEL-36084] - tools/power turbostat: version 2024.05.10 (David Arcari) [RHEL-33321] - tools/power turbostat: Ignore pkg_cstate_limit when it is not available (David Arcari) [RHEL-33321] - tools/power turbostat: Fix order of strings in pkg_cstate_limit_strings (David Arcari) [RHEL-33321] - tools/power turbostat: Read Package-cstates via perf (David Arcari) [RHEL-33321] - tools/power turbostat: Read Core-cstates via perf (David Arcari) [RHEL-33321] - tools/power turbostat: Avoid possible memory corruption due to sparse topology IDs (David Arcari) [RHEL-33321] - tools/power turbostat: Add columns for clustered uncore frequency (David Arcari) [RHEL-33321] - tools/power turbostat: Enable non-privileged users to read sysfs counters (David Arcari) [RHEL-33321] - tools/power turbostat: Replace _Static_assert with BUILD_BUG_ON (David Arcari) [RHEL-33321] - tools/power turbostat: Add ARL-H support (David Arcari) [RHEL-33321] - tools/power turbostat: Enhance ARL/LNL support (David Arcari) [RHEL-33321] - tools/power turbostat: Survive sparse die_id (David Arcari) [RHEL-33321] - tools/power turbostat: Remember global max_die_id (David Arcari) [RHEL-33321] - tools/power turbostat: Harden probe_intel_uncore_frequency() (David Arcari) [RHEL-33321] - tools/power turbostat: Add "snapshot:" Makefile target (David Arcari) [RHEL-33321] - platform/x86:intel/pmc: Enable S0ix blocker show in Lunar Lake (Steve Best) [RHEL-46817] - platform/x86:intel/pmc: Update LNL signal status map (Steve Best) [RHEL-46817] - platform/x86:intel/pmc: Add support to show S0ix blocker counter (Steve Best) [RHEL-46817] - platform/x86/intel/pmc: Fix PCH names in comments (Steve Best) [RHEL-46817] - platform/x86/intel/pmc: Improve PKGC residency counters debug (Steve Best) [RHEL-46817] - platform/x86/intel/pmc/arl: Put GNA device in D3 (Steve Best) [RHEL-46817] - net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (Davide Caratti) [RHEL-45534] - net/sched: taprio: extend minimum interval restriction to entire cycle too (Davide Caratti) [RHEL-44375 RHEL-45534] {CVE-2024-36244} - net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (Davide Caratti) [RHEL-44375 RHEL-45534] {CVE-2024-36244} - rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (Davide Caratti) [RHEL-39715] {CVE-2024-36017} - xfs: process free extents to busy list in FIFO order (Pavel Reichl) [RHEL-7961] - xfs: adjust the incore perag block_count when shrinking (Pavel Reichl) [RHEL-7961] - xfs: abort fstrim if kernel is suspending (Pavel Reichl) [RHEL-7961] - xfs: reduce AGF hold times during fstrim operations (Pavel Reichl) [RHEL-7961] - xfs: move log discard work to xfs_discard.c (Pavel Reichl) [RHEL-7961] - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (Ken Cox) [RHEL-38415] {CVE-2021-47459} - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Steve Best) [RHEL-39354] {CVE-2024-36016} - net/sched: initialize noop_qdisc owner (Davide Caratti) [RHEL-35058] - net/sched: Fix mirred deadlock on device recursion (Davide Caratti) [RHEL-35058] {CVE-2024-27010} - KVM: SEV-ES: Fix svm_get_msr()/svm_set_msr() for KVM_SEV_ES_INIT guests (Paolo Bonzini) [RHEL-16745] - x86/e820: Add a new e820 table update helper (Paolo Bonzini) [RHEL-16745] - x86/sev: Add callback to apply RMP table fixups for kexec (Paolo Bonzini) [RHEL-16745] - x86/kexec: Do not update E820 kexec table for setup_data (Paolo Bonzini) [RHEL-16745] - x86/e820: Don't reserve SETUP_RNG_SEED in e820 (Paolo Bonzini) [RHEL-16745] - redhat: add new configs (Paolo Bonzini) [RHEL-16745] - KVM: SNP: Fix LBR Virtualization for SNP guest (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Don't save mmu_invalidate_seq after checking private attr (Paolo Bonzini) [RHEL-16745] - KVM: SEV-ES: Delegate LBR virtualization to the processor (Paolo Bonzini) [RHEL-16745] - KVM: SEV-ES: Disallow SEV-ES guests when X86_FEATURE_LBRV is absent (Paolo Bonzini) [RHEL-16745] - KVM: SEV-ES: Prevent MSR access post VMSA encryption (Paolo Bonzini) [RHEL-16745] - KVM: SVM: Remove the need to trigger an UNBLOCK event on AP creation (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Don't WARN() if RMP lookup fails when invalidating gmem pages (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Automatically switch reclaimed pages to shared (Paolo Bonzini) [RHEL-16745] - KVM: SVM: Add module parameter to enable SEV-SNP (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Avoid WBINVD for HVA-based MMU notifications for SNP (Paolo Bonzini) [RHEL-16745] - KVM: x86: Implement hook for determining max NPT mapping level (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Implement gmem hook for invalidating private pages (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Implement gmem hook for initializing private pages (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Support SEV-SNP AP Creation NAE event (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Add support to handle RMP nested page faults (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Add support to handle Page State Change VMGEXIT (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Add support to handle MSR based Page State Change VMGEXIT (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Add support to handle GHCB GPA register VMGEXIT (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Add KVM_SEV_SNP_LAUNCH_UPDATE command (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Add KVM_SEV_SNP_LAUNCH_START command (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Add initial SEV-SNP support (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Select KVM_GENERIC_PRIVATE_MEM when CONFIG_KVM_AMD_SEV=y (Paolo Bonzini) [RHEL-16745] - KVM: MMU: Disable fast path if KVM_EXIT_MEMORY_FAULT is needed (Paolo Bonzini) [RHEL-16745] - KVM: x86: Add hook for determining max NPT mapping level (Paolo Bonzini) [RHEL-16745] - KVM: guest_memfd: Add hook for invalidating memory (Paolo Bonzini) [RHEL-16745] - KVM: guest_memfd: Add interface for populating gmem pages with user data (Paolo Bonzini) [RHEL-16745] - KVM: guest_memfd: extract __kvm_gmem_get_pfn() (Paolo Bonzini) [RHEL-16745] - KVM: guest_memfd: Add hook for initializing memory (Paolo Bonzini) [RHEL-16745] - KVM: guest_memfd: limit overzealous WARN (Paolo Bonzini) [RHEL-16745] - KVM: guest_memfd: pass error up from filemap_grab_folio (Paolo Bonzini) [RHEL-16745] - KVM: x86: Advertise max mappable GPA in CPUID.0x80000008.GuestPhysBits (Paolo Bonzini) [RHEL-16745] - KVM: x86: Don't advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (Paolo Bonzini) [RHEL-16745] - KVM: x86: Split core of hypercall emulation to helper function (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Allow per-guest configuration of GHCB protocol version (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Add GHCB handling for termination requests (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Add GHCB handling for Hypervisor Feature Support requests (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Add support to handle AP reset MSR protocol (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Sanity check that __kvm_faultin_pfn() doesn't create noslot pfns (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Initialize kvm_page_fault's pfn and hva to error values (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Set kvm_page_fault.hva to KVM_HVA_ERR_BAD for "no slot" faults (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Handle no-slot faults at the beginning of kvm_faultin_pfn() (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Move slot checks from __kvm_faultin_pfn() to kvm_faultin_pfn() (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Explicitly disallow private accesses to emulated MMIO (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Don't force emulation of L2 accesses to non-APIC internal slots (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Move private vs. shared check above slot validity checks (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: WARN and skip MMIO cache on private, reserved page faults (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: check for invalid async page faults involving private memory (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Use synthetic page fault error code to indicate private faults (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: WARN if upper 32 bits of legacy #PF error code are non-zero (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Pass full 64-bit error code when handling page faults (Paolo Bonzini) [RHEL-16745] - KVM: x86: Move synthetic PFERR_* sanity checks to SVM's #NPF handler (Paolo Bonzini) [RHEL-16745] - KVM: x86: Define more SEV+ page fault error bits/flags for #NPF (Paolo Bonzini) [RHEL-16745] - KVM: x86: Remove separate "bit" defines for page fault error code masks (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Exit to userspace with -EFAULT if private fault hits emulation (Paolo Bonzini) [RHEL-16745] - KVM: x86: Disable KVM_INTEL_PROVE_VE by default (Paolo Bonzini) [RHEL-16745] - KVM: VMX: Enumerate EPT Violation #VE support in /proc/cpuinfo (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Print SPTEs on unexpected #VE (Paolo Bonzini) [RHEL-16745] - KVM: VMX: Dump VMCS on unexpected #VE (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Add sanity checks that KVM doesn't create EPT #VE SPTEs (Paolo Bonzini) [RHEL-16745] - KVM: nVMX: Always handle #VEs in L0 (never forward #VEs from L2 to L1) (Paolo Bonzini) [RHEL-16745] - KVM: nVMX: Initialize #VE info page for vmcs02 when proving #VE support (Paolo Bonzini) [RHEL-16745] - KVM: VMX: Don't kill the VM on an unexpected #VE (Paolo Bonzini) [RHEL-16745] - KVM: VMX: Introduce test mode related to EPT violation VE (Paolo Bonzini) [RHEL-16745] - KVM, x86: add architectural support code for #VE (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Track shadow MMIO value on a per-VM basis (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Add Suppress VE bit to EPT shadow_mmio_mask/shadow_present_mask (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Use SHADOW_NONPRESENT_VALUE for atomic zap in TDP MMU (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Fix a largely theoretical race in kvm_mmu_track_write() (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Process atomically-zapped SPTEs after TLB flush (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Allow non-zero value for non-present SPTE and removed SPTE (Paolo Bonzini) [RHEL-16745] - KVM: x86/mmu: Replace hardcoded value 0 for the initial value for SPTE (Paolo Bonzini) [RHEL-16745] - KVM: Allow page-sized MMU caches to be initialized with custom 64-bit values (Paolo Bonzini) [RHEL-16745] - KVM: delete .change_pte MMU notifier callback (Paolo Bonzini) [RHEL-16745] - KVM: x86: Explicitly zero kvm_caps during vendor module load (Paolo Bonzini) [RHEL-16745] - KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (Paolo Bonzini) [RHEL-16745] - KVM: x86: Fully re-initialize supported_vm_types on vendor module load (Paolo Bonzini) [RHEL-16745] - selftests: kvm: add test for transferring FPU state into VMSA (Paolo Bonzini) [RHEL-16745] - selftests: kvm: split "launch" phase of SEV VM creation (Paolo Bonzini) [RHEL-16745] - selftests: kvm: switch to using KVM_X86_*_VM (Paolo Bonzini) [RHEL-16745] - selftests: kvm: add tests for KVM_SEV_INIT2 (Paolo Bonzini) [RHEL-16745] - KVM: SEV: allow SEV-ES DebugSwap again (Paolo Bonzini) [RHEL-16745] - KVM: SEV: introduce KVM_SEV_INIT2 operation (Paolo Bonzini) [RHEL-16745] - KVM: SEV: sync FPU and AVX state at LAUNCH_UPDATE_VMSA time (Paolo Bonzini) [RHEL-16745] - KVM: SEV: define VM types for SEV and SEV-ES (Paolo Bonzini) [RHEL-16745] - KVM: SEV: introduce to_kvm_sev_info (Paolo Bonzini) [RHEL-16745] - KVM: x86: Add supported_vm_types to kvm_caps (Paolo Bonzini) [RHEL-16745] - KVM: x86: add fields to struct kvm_arch for CoCo features (Paolo Bonzini) [RHEL-16745] - KVM: SEV: store VMSA features in kvm_sev_info (Paolo Bonzini) [RHEL-16745] - KVM: SEV: publish supported VMSA features (Paolo Bonzini) [RHEL-16745] - KVM: introduce new vendor op for KVM_GET_DEVICE_ATTR (Paolo Bonzini) [RHEL-16745] - KVM: x86: use u64_to_user_ptr() (Paolo Bonzini) [RHEL-16745] - KVM: SVM: Compile sev.c if and only if CONFIG_KVM_AMD_SEV=y (Paolo Bonzini) [RHEL-16745] - KVM: SVM: Invert handling of SEV and SEV_ES feature flags (Paolo Bonzini) [RHEL-16745] - Documentation: kvm/sev: clarify usage of KVM_MEMORY_ENCRYPT_OP (Paolo Bonzini) [RHEL-16745] - Documentation: kvm/sev: separate description of firmware (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Track SNP host status with cc_platform_*() (Paolo Bonzini) [RHEL-16745] - x86/cc: Add cc_platform_set/_clear() helpers (Paolo Bonzini) [RHEL-16745] - x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (Paolo Bonzini) [RHEL-16745] - x86/tdx: Preserve shared bit on mprotect() (Paolo Bonzini) [RHEL-16745] - x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Update the Zenbleed microcode revisions (Paolo Bonzini) [RHEL-16745] - crypto: ccp - Avoid discarding errors in psp_send_platform_access_msg() (Paolo Bonzini) [RHEL-16745] - crypto: ccp - State in dmesg that TSME is enabled (Paolo Bonzini) [RHEL-16745] - x86/sev: Disable KMSAN for memory encryption TUs (Paolo Bonzini) [RHEL-16745] - x86/sev: Dump SEV_STATUS (Paolo Bonzini) [RHEL-16745] - crypto: ccp - Have it depend on AMD_IOMMU (Paolo Bonzini) [RHEL-16745] - iommu/amd: Fix failure return from snp_lookup_rmpentry() (Paolo Bonzini) [RHEL-16745] - crypto: ccp: Make snp_range_list static (Paolo Bonzini) [RHEL-16745] - Documentation: virt: Fix up pre-formatted text block for SEV ioctls (Paolo Bonzini) [RHEL-16745] - crypto: ccp: Add the SNP_SET_CONFIG command (Paolo Bonzini) [RHEL-16745] - crypto: ccp: Add the SNP_COMMIT command (Paolo Bonzini) [RHEL-16745] - crypto: ccp: Add the SNP_PLATFORM_STATUS command (Paolo Bonzini) [RHEL-16745] - x86/cpufeatures: Enable/unmask SEV-SNP CPU feature (Paolo Bonzini) [RHEL-16745] - KVM: SEV: Make AVIC backing, VMSA and VMCB memory allocation SNP safe (Paolo Bonzini) [RHEL-16745] - crypto: ccp: Add panic notifier for SEV/SNP firmware shutdown on kdump (Paolo Bonzini) [RHEL-16745] - iommu/amd: Clean up RMP entries for IOMMU pages during SNP shutdown (Paolo Bonzini) [RHEL-16745] - crypto: ccp: Handle legacy SEV commands when SNP is enabled (Paolo Bonzini) [RHEL-16745] - crypto: ccp: Handle non-volatile INIT_EX data when SNP is enabled (Paolo Bonzini) [RHEL-16745] - crypto: ccp: Handle the legacy TMR allocation when SNP is enabled (Paolo Bonzini) [RHEL-16745] - x86/sev: Introduce an SNP leaked pages list (Paolo Bonzini) [RHEL-16745] - crypto: ccp: Provide an API to issue SEV and SNP commands (Paolo Bonzini) [RHEL-16745] - crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP (Paolo Bonzini) [RHEL-16745] - crypto: ccp: Define the SEV-SNP commands (Paolo Bonzini) [RHEL-16745] - crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked (Paolo Bonzini) [RHEL-16745] - x86/sev: Adjust the directmap to avoid inadvertent RMP faults (Paolo Bonzini) [RHEL-16745] - x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction (Paolo Bonzini) [RHEL-16745] - x86/fault: Dump RMP table information when RMP page faults occur (Paolo Bonzini) [RHEL-16745] - x86/traps: Define RMP violation #PF error code (Paolo Bonzini) [RHEL-16745] - x86/fault: Add helper for dumping RMP entries (Paolo Bonzini) [RHEL-16745] - x86/sev: Add RMP entry lookup helpers (Paolo Bonzini) [RHEL-16745] - x86/sev: Add SEV-SNP host initialization support (Paolo Bonzini) [RHEL-16745] - x86/mtrr: Don't print errors if MtrrFixDramModEn is set when SNP enabled (Paolo Bonzini) [RHEL-16745] - iommu/amd: Don't rely on external callers to enable IOMMU SNP support (Paolo Bonzini) [RHEL-16745] - x86/speculation: Do not enable Automatic IBRS if SEV-SNP is enabled (Paolo Bonzini) [RHEL-16745] - x86/cpufeatures: Add SEV-SNP CPU feature (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Do the common init on future Zens too (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Add more models to X86_FEATURE_ZEN5 (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Add X86_FEATURE_ZEN5 (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Add X86_FEATURE_ZEN1 (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Drop now unused CPU erratum checking function (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Get rid of amd_erratum_1485[] (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Get rid of amd_erratum_400[] (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Get rid of amd_erratum_383[] (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Get rid of amd_erratum_1054[] (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Move the DIV0 bug detection to the Zen1 init function (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Move Zenbleed check to the Zen2 init function (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Rename init_amd_zn() to init_amd_zen_common() (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Call the spectral chicken in the Zen2 init function (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Move erratum 1076 fix into the Zen1 init function (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Move the Zen3 BTC_NO detection to the Zen3 init function (Paolo Bonzini) [RHEL-16745] - x86/CPU/AMD: Carve out the erratum 1386 fix (Paolo Bonzini) [RHEL-16745] - x86/sev: Fix position dependent variable references in startup code (Paolo Bonzini) [RHEL-16745] - x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (Paolo Bonzini) [RHEL-16745] - x86/sme: Fix memory encryption setting if enabled by default and not overridden (Paolo Bonzini) [RHEL-16745] Resolves: RHEL-16745, RHEL-33321, RHEL-35058, RHEL-36084, RHEL-38415, RHEL-39354, RHEL-39715, RHEL-44375, RHEL-45534, RHEL-46817, RHEL-7961 Signed-off-by: Lucas Zampieri --- Makefile.rhelver | 2 +- kernel-x86_64-debug-rhel.config | 1 + kernel-x86_64-rhel.config | 1 + kernel-x86_64-rt-debug-rhel.config | 1 + kernel-x86_64-rt-rhel.config | 1 + kernel.changelog | 204 ++++++++++++++++++++++++++++ kernel.spec | 211 ++++++++++++++++++++++++++++- sources | 6 +- 8 files changed, 419 insertions(+), 8 deletions(-) diff --git a/Makefile.rhelver b/Makefile.rhelver index 8702f9924..b0454f745 100644 --- a/Makefile.rhelver +++ b/Makefile.rhelver @@ -12,7 +12,7 @@ RHEL_MINOR = 5 # # Use this spot to avoid future merge conflicts. # Do not trim this comment. -RHEL_RELEASE = 478 +RHEL_RELEASE = 479 # # ZSTREAM diff --git a/kernel-x86_64-debug-rhel.config b/kernel-x86_64-debug-rhel.config index 644139f45..9f76b5a5c 100644 --- a/kernel-x86_64-debug-rhel.config +++ b/kernel-x86_64-debug-rhel.config @@ -2818,6 +2818,7 @@ CONFIG_KVM_AMD_SEV=y CONFIG_KVM_GUEST=y CONFIG_KVM_HYPERV=y CONFIG_KVM_INTEL=m +# CONFIG_KVM_INTEL_PROVE_VE is not set CONFIG_KVM=m CONFIG_KVM_MAX_NR_VCPUS=4096 CONFIG_KVM_PROVE_MMU=y diff --git a/kernel-x86_64-rhel.config b/kernel-x86_64-rhel.config index bb80a2f3f..63fb0a42d 100644 --- a/kernel-x86_64-rhel.config +++ b/kernel-x86_64-rhel.config @@ -2798,6 +2798,7 @@ CONFIG_KVM_AMD_SEV=y CONFIG_KVM_GUEST=y CONFIG_KVM_HYPERV=y CONFIG_KVM_INTEL=m +# CONFIG_KVM_INTEL_PROVE_VE is not set CONFIG_KVM=m CONFIG_KVM_MAX_NR_VCPUS=4096 # CONFIG_KVM_PROVE_MMU is not set diff --git a/kernel-x86_64-rt-debug-rhel.config b/kernel-x86_64-rt-debug-rhel.config index 3e842caf1..daaa2de1c 100644 --- a/kernel-x86_64-rt-debug-rhel.config +++ b/kernel-x86_64-rt-debug-rhel.config @@ -2874,6 +2874,7 @@ CONFIG_KVM_AMD_SEV=y CONFIG_KVM_GUEST=y CONFIG_KVM_HYPERV=y CONFIG_KVM_INTEL=m +# CONFIG_KVM_INTEL_PROVE_VE is not set CONFIG_KVM=m CONFIG_KVM_MAX_NR_VCPUS=4096 CONFIG_KVM_PROVE_MMU=y diff --git a/kernel-x86_64-rt-rhel.config b/kernel-x86_64-rt-rhel.config index 09d517c9a..eab4f9443 100644 --- a/kernel-x86_64-rt-rhel.config +++ b/kernel-x86_64-rt-rhel.config @@ -2854,6 +2854,7 @@ CONFIG_KVM_AMD_SEV=y CONFIG_KVM_GUEST=y CONFIG_KVM_HYPERV=y CONFIG_KVM_INTEL=m +# CONFIG_KVM_INTEL_PROVE_VE is not set CONFIG_KVM=m CONFIG_KVM_MAX_NR_VCPUS=4096 # CONFIG_KVM_PROVE_MMU is not set diff --git a/kernel.changelog b/kernel.changelog index 6b37a87e8..dcb211c42 100644 --- a/kernel.changelog +++ b/kernel.changelog @@ -1,3 +1,207 @@ +* Wed Jul 10 2024 Lucas Zampieri [5.14.0-479.el9] +- REDHAT: Makefile, dont reset dist-git-tmp if set (Lucas Zampieri) +- Revert "REDHAT: Fix values in Makefile being redefined" (Lucas Zampieri) +- tools/power turbostat: Add local build_bug.h header for snapshot target (David Arcari) [RHEL-33321] +- tools/power turbostat: Fix unc freq columns not showing with '-q' or '-l' (David Arcari) [RHEL-33321] +- tools/power turbostat: option '-n' is ambiguous (David Arcari) [RHEL-33321 RHEL-36084] +- tools/power turbostat: version 2024.05.10 (David Arcari) [RHEL-33321] +- tools/power turbostat: Ignore pkg_cstate_limit when it is not available (David Arcari) [RHEL-33321] +- tools/power turbostat: Fix order of strings in pkg_cstate_limit_strings (David Arcari) [RHEL-33321] +- tools/power turbostat: Read Package-cstates via perf (David Arcari) [RHEL-33321] +- tools/power turbostat: Read Core-cstates via perf (David Arcari) [RHEL-33321] +- tools/power turbostat: Avoid possible memory corruption due to sparse topology IDs (David Arcari) [RHEL-33321] +- tools/power turbostat: Add columns for clustered uncore frequency (David Arcari) [RHEL-33321] +- tools/power turbostat: Enable non-privileged users to read sysfs counters (David Arcari) [RHEL-33321] +- tools/power turbostat: Replace _Static_assert with BUILD_BUG_ON (David Arcari) [RHEL-33321] +- tools/power turbostat: Add ARL-H support (David Arcari) [RHEL-33321] +- tools/power turbostat: Enhance ARL/LNL support (David Arcari) [RHEL-33321] +- tools/power turbostat: Survive sparse die_id (David Arcari) [RHEL-33321] +- tools/power turbostat: Remember global max_die_id (David Arcari) [RHEL-33321] +- tools/power turbostat: Harden probe_intel_uncore_frequency() (David Arcari) [RHEL-33321] +- tools/power turbostat: Add "snapshot:" Makefile target (David Arcari) [RHEL-33321] +- platform/x86:intel/pmc: Enable S0ix blocker show in Lunar Lake (Steve Best) [RHEL-46817] +- platform/x86:intel/pmc: Update LNL signal status map (Steve Best) [RHEL-46817] +- platform/x86:intel/pmc: Add support to show S0ix blocker counter (Steve Best) [RHEL-46817] +- platform/x86/intel/pmc: Fix PCH names in comments (Steve Best) [RHEL-46817] +- platform/x86/intel/pmc: Improve PKGC residency counters debug (Steve Best) [RHEL-46817] +- platform/x86/intel/pmc/arl: Put GNA device in D3 (Steve Best) [RHEL-46817] +- net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (Davide Caratti) [RHEL-45534] +- net/sched: taprio: extend minimum interval restriction to entire cycle too (Davide Caratti) [RHEL-44375 RHEL-45534] {CVE-2024-36244} +- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (Davide Caratti) [RHEL-44375 RHEL-45534] {CVE-2024-36244} +- rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (Davide Caratti) [RHEL-39715] {CVE-2024-36017} +- xfs: process free extents to busy list in FIFO order (Pavel Reichl) [RHEL-7961] +- xfs: adjust the incore perag block_count when shrinking (Pavel Reichl) [RHEL-7961] +- xfs: abort fstrim if kernel is suspending (Pavel Reichl) [RHEL-7961] +- xfs: reduce AGF hold times during fstrim operations (Pavel Reichl) [RHEL-7961] +- xfs: move log discard work to xfs_discard.c (Pavel Reichl) [RHEL-7961] +- can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (Ken Cox) [RHEL-38415] {CVE-2021-47459} +- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Steve Best) [RHEL-39354] {CVE-2024-36016} +- net/sched: initialize noop_qdisc owner (Davide Caratti) [RHEL-35058] +- net/sched: Fix mirred deadlock on device recursion (Davide Caratti) [RHEL-35058] {CVE-2024-27010} +- KVM: SEV-ES: Fix svm_get_msr()/svm_set_msr() for KVM_SEV_ES_INIT guests (Paolo Bonzini) [RHEL-16745] +- x86/e820: Add a new e820 table update helper (Paolo Bonzini) [RHEL-16745] +- x86/sev: Add callback to apply RMP table fixups for kexec (Paolo Bonzini) [RHEL-16745] +- x86/kexec: Do not update E820 kexec table for setup_data (Paolo Bonzini) [RHEL-16745] +- x86/e820: Don't reserve SETUP_RNG_SEED in e820 (Paolo Bonzini) [RHEL-16745] +- redhat: add new configs (Paolo Bonzini) [RHEL-16745] +- KVM: SNP: Fix LBR Virtualization for SNP guest (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Don't save mmu_invalidate_seq after checking private attr (Paolo Bonzini) [RHEL-16745] +- KVM: SEV-ES: Delegate LBR virtualization to the processor (Paolo Bonzini) [RHEL-16745] +- KVM: SEV-ES: Disallow SEV-ES guests when X86_FEATURE_LBRV is absent (Paolo Bonzini) [RHEL-16745] +- KVM: SEV-ES: Prevent MSR access post VMSA encryption (Paolo Bonzini) [RHEL-16745] +- KVM: SVM: Remove the need to trigger an UNBLOCK event on AP creation (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Don't WARN() if RMP lookup fails when invalidating gmem pages (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Automatically switch reclaimed pages to shared (Paolo Bonzini) [RHEL-16745] +- KVM: SVM: Add module parameter to enable SEV-SNP (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Avoid WBINVD for HVA-based MMU notifications for SNP (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Implement hook for determining max NPT mapping level (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Implement gmem hook for invalidating private pages (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Implement gmem hook for initializing private pages (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Support SEV-SNP AP Creation NAE event (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add support to handle RMP nested page faults (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add support to handle Page State Change VMGEXIT (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add support to handle MSR based Page State Change VMGEXIT (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add support to handle GHCB GPA register VMGEXIT (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add KVM_SEV_SNP_LAUNCH_UPDATE command (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add KVM_SEV_SNP_LAUNCH_START command (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add initial SEV-SNP support (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Select KVM_GENERIC_PRIVATE_MEM when CONFIG_KVM_AMD_SEV=y (Paolo Bonzini) [RHEL-16745] +- KVM: MMU: Disable fast path if KVM_EXIT_MEMORY_FAULT is needed (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Add hook for determining max NPT mapping level (Paolo Bonzini) [RHEL-16745] +- KVM: guest_memfd: Add hook for invalidating memory (Paolo Bonzini) [RHEL-16745] +- KVM: guest_memfd: Add interface for populating gmem pages with user data (Paolo Bonzini) [RHEL-16745] +- KVM: guest_memfd: extract __kvm_gmem_get_pfn() (Paolo Bonzini) [RHEL-16745] +- KVM: guest_memfd: Add hook for initializing memory (Paolo Bonzini) [RHEL-16745] +- KVM: guest_memfd: limit overzealous WARN (Paolo Bonzini) [RHEL-16745] +- KVM: guest_memfd: pass error up from filemap_grab_folio (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Advertise max mappable GPA in CPUID.0x80000008.GuestPhysBits (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Don't advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Split core of hypercall emulation to helper function (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Allow per-guest configuration of GHCB protocol version (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add GHCB handling for termination requests (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add GHCB handling for Hypervisor Feature Support requests (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add support to handle AP reset MSR protocol (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Sanity check that __kvm_faultin_pfn() doesn't create noslot pfns (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Initialize kvm_page_fault's pfn and hva to error values (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Set kvm_page_fault.hva to KVM_HVA_ERR_BAD for "no slot" faults (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Handle no-slot faults at the beginning of kvm_faultin_pfn() (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Move slot checks from __kvm_faultin_pfn() to kvm_faultin_pfn() (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Explicitly disallow private accesses to emulated MMIO (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Don't force emulation of L2 accesses to non-APIC internal slots (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Move private vs. shared check above slot validity checks (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: WARN and skip MMIO cache on private, reserved page faults (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: check for invalid async page faults involving private memory (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Use synthetic page fault error code to indicate private faults (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: WARN if upper 32 bits of legacy #PF error code are non-zero (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Pass full 64-bit error code when handling page faults (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Move synthetic PFERR_* sanity checks to SVM's #NPF handler (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Define more SEV+ page fault error bits/flags for #NPF (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Remove separate "bit" defines for page fault error code masks (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Exit to userspace with -EFAULT if private fault hits emulation (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Disable KVM_INTEL_PROVE_VE by default (Paolo Bonzini) [RHEL-16745] +- KVM: VMX: Enumerate EPT Violation #VE support in /proc/cpuinfo (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Print SPTEs on unexpected #VE (Paolo Bonzini) [RHEL-16745] +- KVM: VMX: Dump VMCS on unexpected #VE (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Add sanity checks that KVM doesn't create EPT #VE SPTEs (Paolo Bonzini) [RHEL-16745] +- KVM: nVMX: Always handle #VEs in L0 (never forward #VEs from L2 to L1) (Paolo Bonzini) [RHEL-16745] +- KVM: nVMX: Initialize #VE info page for vmcs02 when proving #VE support (Paolo Bonzini) [RHEL-16745] +- KVM: VMX: Don't kill the VM on an unexpected #VE (Paolo Bonzini) [RHEL-16745] +- KVM: VMX: Introduce test mode related to EPT violation VE (Paolo Bonzini) [RHEL-16745] +- KVM, x86: add architectural support code for #VE (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Track shadow MMIO value on a per-VM basis (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Add Suppress VE bit to EPT shadow_mmio_mask/shadow_present_mask (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Use SHADOW_NONPRESENT_VALUE for atomic zap in TDP MMU (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Fix a largely theoretical race in kvm_mmu_track_write() (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Process atomically-zapped SPTEs after TLB flush (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Allow non-zero value for non-present SPTE and removed SPTE (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Replace hardcoded value 0 for the initial value for SPTE (Paolo Bonzini) [RHEL-16745] +- KVM: Allow page-sized MMU caches to be initialized with custom 64-bit values (Paolo Bonzini) [RHEL-16745] +- KVM: delete .change_pte MMU notifier callback (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Explicitly zero kvm_caps during vendor module load (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Fully re-initialize supported_vm_types on vendor module load (Paolo Bonzini) [RHEL-16745] +- selftests: kvm: add test for transferring FPU state into VMSA (Paolo Bonzini) [RHEL-16745] +- selftests: kvm: split "launch" phase of SEV VM creation (Paolo Bonzini) [RHEL-16745] +- selftests: kvm: switch to using KVM_X86_*_VM (Paolo Bonzini) [RHEL-16745] +- selftests: kvm: add tests for KVM_SEV_INIT2 (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: allow SEV-ES DebugSwap again (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: introduce KVM_SEV_INIT2 operation (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: sync FPU and AVX state at LAUNCH_UPDATE_VMSA time (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: define VM types for SEV and SEV-ES (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: introduce to_kvm_sev_info (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Add supported_vm_types to kvm_caps (Paolo Bonzini) [RHEL-16745] +- KVM: x86: add fields to struct kvm_arch for CoCo features (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: store VMSA features in kvm_sev_info (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: publish supported VMSA features (Paolo Bonzini) [RHEL-16745] +- KVM: introduce new vendor op for KVM_GET_DEVICE_ATTR (Paolo Bonzini) [RHEL-16745] +- KVM: x86: use u64_to_user_ptr() (Paolo Bonzini) [RHEL-16745] +- KVM: SVM: Compile sev.c if and only if CONFIG_KVM_AMD_SEV=y (Paolo Bonzini) [RHEL-16745] +- KVM: SVM: Invert handling of SEV and SEV_ES feature flags (Paolo Bonzini) [RHEL-16745] +- Documentation: kvm/sev: clarify usage of KVM_MEMORY_ENCRYPT_OP (Paolo Bonzini) [RHEL-16745] +- Documentation: kvm/sev: separate description of firmware (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Track SNP host status with cc_platform_*() (Paolo Bonzini) [RHEL-16745] +- x86/cc: Add cc_platform_set/_clear() helpers (Paolo Bonzini) [RHEL-16745] +- x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (Paolo Bonzini) [RHEL-16745] +- x86/tdx: Preserve shared bit on mprotect() (Paolo Bonzini) [RHEL-16745] +- x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Update the Zenbleed microcode revisions (Paolo Bonzini) [RHEL-16745] +- crypto: ccp - Avoid discarding errors in psp_send_platform_access_msg() (Paolo Bonzini) [RHEL-16745] +- crypto: ccp - State in dmesg that TSME is enabled (Paolo Bonzini) [RHEL-16745] +- x86/sev: Disable KMSAN for memory encryption TUs (Paolo Bonzini) [RHEL-16745] +- x86/sev: Dump SEV_STATUS (Paolo Bonzini) [RHEL-16745] +- crypto: ccp - Have it depend on AMD_IOMMU (Paolo Bonzini) [RHEL-16745] +- iommu/amd: Fix failure return from snp_lookup_rmpentry() (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Make snp_range_list static (Paolo Bonzini) [RHEL-16745] +- Documentation: virt: Fix up pre-formatted text block for SEV ioctls (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Add the SNP_SET_CONFIG command (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Add the SNP_COMMIT command (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Add the SNP_PLATFORM_STATUS command (Paolo Bonzini) [RHEL-16745] +- x86/cpufeatures: Enable/unmask SEV-SNP CPU feature (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Make AVIC backing, VMSA and VMCB memory allocation SNP safe (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Add panic notifier for SEV/SNP firmware shutdown on kdump (Paolo Bonzini) [RHEL-16745] +- iommu/amd: Clean up RMP entries for IOMMU pages during SNP shutdown (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Handle legacy SEV commands when SNP is enabled (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Handle non-volatile INIT_EX data when SNP is enabled (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Handle the legacy TMR allocation when SNP is enabled (Paolo Bonzini) [RHEL-16745] +- x86/sev: Introduce an SNP leaked pages list (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Provide an API to issue SEV and SNP commands (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Define the SEV-SNP commands (Paolo Bonzini) [RHEL-16745] +- crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked (Paolo Bonzini) [RHEL-16745] +- x86/sev: Adjust the directmap to avoid inadvertent RMP faults (Paolo Bonzini) [RHEL-16745] +- x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction (Paolo Bonzini) [RHEL-16745] +- x86/fault: Dump RMP table information when RMP page faults occur (Paolo Bonzini) [RHEL-16745] +- x86/traps: Define RMP violation #PF error code (Paolo Bonzini) [RHEL-16745] +- x86/fault: Add helper for dumping RMP entries (Paolo Bonzini) [RHEL-16745] +- x86/sev: Add RMP entry lookup helpers (Paolo Bonzini) [RHEL-16745] +- x86/sev: Add SEV-SNP host initialization support (Paolo Bonzini) [RHEL-16745] +- x86/mtrr: Don't print errors if MtrrFixDramModEn is set when SNP enabled (Paolo Bonzini) [RHEL-16745] +- iommu/amd: Don't rely on external callers to enable IOMMU SNP support (Paolo Bonzini) [RHEL-16745] +- x86/speculation: Do not enable Automatic IBRS if SEV-SNP is enabled (Paolo Bonzini) [RHEL-16745] +- x86/cpufeatures: Add SEV-SNP CPU feature (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Do the common init on future Zens too (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Add more models to X86_FEATURE_ZEN5 (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Add X86_FEATURE_ZEN5 (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Add X86_FEATURE_ZEN1 (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Drop now unused CPU erratum checking function (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Get rid of amd_erratum_1485[] (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Get rid of amd_erratum_400[] (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Get rid of amd_erratum_383[] (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Get rid of amd_erratum_1054[] (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Move the DIV0 bug detection to the Zen1 init function (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Move Zenbleed check to the Zen2 init function (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Rename init_amd_zn() to init_amd_zen_common() (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Call the spectral chicken in the Zen2 init function (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Move erratum 1076 fix into the Zen1 init function (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Move the Zen3 BTC_NO detection to the Zen3 init function (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Carve out the erratum 1386 fix (Paolo Bonzini) [RHEL-16745] +- x86/sev: Fix position dependent variable references in startup code (Paolo Bonzini) [RHEL-16745] +- x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (Paolo Bonzini) [RHEL-16745] +- x86/sme: Fix memory encryption setting if enabled by default and not overridden (Paolo Bonzini) [RHEL-16745] +Resolves: RHEL-16745, RHEL-33321, RHEL-35058, RHEL-36084, RHEL-38415, RHEL-39354, RHEL-39715, RHEL-44375, RHEL-45534, RHEL-46817, RHEL-7961 + * Tue Jul 09 2024 Lucas Zampieri [5.14.0-478.el9] - netfilter: conntrack: switch connlabels to atomic_t (Xin Long) [RHEL-28816] - sched: act_ct: add netns into the key of tcf_ct_flow_table (Xin Long) [RHEL-28816] diff --git a/kernel.spec b/kernel.spec index f0bf89846..04e290809 100755 --- a/kernel.spec +++ b/kernel.spec @@ -165,15 +165,15 @@ Summary: The Linux kernel # define buildid .local %define specversion 5.14.0 %define patchversion 5.14 -%define pkgrelease 478 +%define pkgrelease 479 %define kversion 5 -%define tarfile_release 5.14.0-478.el9 +%define tarfile_release 5.14.0-479.el9 # This is needed to do merge window version magic %define patchlevel 14 # This allows pkg_release to have configurable %%{?dist} tag -%define specrelease 478%{?buildid}%{?dist} +%define specrelease 479%{?buildid}%{?dist} # This defines the kabi tarball version -%define kabiversion 5.14.0-478.el9 +%define kabiversion 5.14.0-479.el9 # # End of genspec.sh variables @@ -3747,6 +3747,209 @@ fi # # %changelog +* Wed Jul 10 2024 Lucas Zampieri [5.14.0-479.el9] +- REDHAT: Makefile, dont reset dist-git-tmp if set (Lucas Zampieri) +- Revert "REDHAT: Fix values in Makefile being redefined" (Lucas Zampieri) +- tools/power turbostat: Add local build_bug.h header for snapshot target (David Arcari) [RHEL-33321] +- tools/power turbostat: Fix unc freq columns not showing with '-q' or '-l' (David Arcari) [RHEL-33321] +- tools/power turbostat: option '-n' is ambiguous (David Arcari) [RHEL-33321 RHEL-36084] +- tools/power turbostat: version 2024.05.10 (David Arcari) [RHEL-33321] +- tools/power turbostat: Ignore pkg_cstate_limit when it is not available (David Arcari) [RHEL-33321] +- tools/power turbostat: Fix order of strings in pkg_cstate_limit_strings (David Arcari) [RHEL-33321] +- tools/power turbostat: Read Package-cstates via perf (David Arcari) [RHEL-33321] +- tools/power turbostat: Read Core-cstates via perf (David Arcari) [RHEL-33321] +- tools/power turbostat: Avoid possible memory corruption due to sparse topology IDs (David Arcari) [RHEL-33321] +- tools/power turbostat: Add columns for clustered uncore frequency (David Arcari) [RHEL-33321] +- tools/power turbostat: Enable non-privileged users to read sysfs counters (David Arcari) [RHEL-33321] +- tools/power turbostat: Replace _Static_assert with BUILD_BUG_ON (David Arcari) [RHEL-33321] +- tools/power turbostat: Add ARL-H support (David Arcari) [RHEL-33321] +- tools/power turbostat: Enhance ARL/LNL support (David Arcari) [RHEL-33321] +- tools/power turbostat: Survive sparse die_id (David Arcari) [RHEL-33321] +- tools/power turbostat: Remember global max_die_id (David Arcari) [RHEL-33321] +- tools/power turbostat: Harden probe_intel_uncore_frequency() (David Arcari) [RHEL-33321] +- tools/power turbostat: Add "snapshot:" Makefile target (David Arcari) [RHEL-33321] +- platform/x86:intel/pmc: Enable S0ix blocker show in Lunar Lake (Steve Best) [RHEL-46817] +- platform/x86:intel/pmc: Update LNL signal status map (Steve Best) [RHEL-46817] +- platform/x86:intel/pmc: Add support to show S0ix blocker counter (Steve Best) [RHEL-46817] +- platform/x86/intel/pmc: Fix PCH names in comments (Steve Best) [RHEL-46817] +- platform/x86/intel/pmc: Improve PKGC residency counters debug (Steve Best) [RHEL-46817] +- platform/x86/intel/pmc/arl: Put GNA device in D3 (Steve Best) [RHEL-46817] +- net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (Davide Caratti) [RHEL-45534] +- net/sched: taprio: extend minimum interval restriction to entire cycle too (Davide Caratti) [RHEL-44375 RHEL-45534] {CVE-2024-36244} +- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (Davide Caratti) [RHEL-44375 RHEL-45534] {CVE-2024-36244} +- rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (Davide Caratti) [RHEL-39715] {CVE-2024-36017} +- xfs: process free extents to busy list in FIFO order (Pavel Reichl) [RHEL-7961] +- xfs: adjust the incore perag block_count when shrinking (Pavel Reichl) [RHEL-7961] +- xfs: abort fstrim if kernel is suspending (Pavel Reichl) [RHEL-7961] +- xfs: reduce AGF hold times during fstrim operations (Pavel Reichl) [RHEL-7961] +- xfs: move log discard work to xfs_discard.c (Pavel Reichl) [RHEL-7961] +- can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (Ken Cox) [RHEL-38415] {CVE-2021-47459} +- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Steve Best) [RHEL-39354] {CVE-2024-36016} +- net/sched: initialize noop_qdisc owner (Davide Caratti) [RHEL-35058] +- net/sched: Fix mirred deadlock on device recursion (Davide Caratti) [RHEL-35058] {CVE-2024-27010} +- KVM: SEV-ES: Fix svm_get_msr()/svm_set_msr() for KVM_SEV_ES_INIT guests (Paolo Bonzini) [RHEL-16745] +- x86/e820: Add a new e820 table update helper (Paolo Bonzini) [RHEL-16745] +- x86/sev: Add callback to apply RMP table fixups for kexec (Paolo Bonzini) [RHEL-16745] +- x86/kexec: Do not update E820 kexec table for setup_data (Paolo Bonzini) [RHEL-16745] +- x86/e820: Don't reserve SETUP_RNG_SEED in e820 (Paolo Bonzini) [RHEL-16745] +- redhat: add new configs (Paolo Bonzini) [RHEL-16745] +- KVM: SNP: Fix LBR Virtualization for SNP guest (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Don't save mmu_invalidate_seq after checking private attr (Paolo Bonzini) [RHEL-16745] +- KVM: SEV-ES: Delegate LBR virtualization to the processor (Paolo Bonzini) [RHEL-16745] +- KVM: SEV-ES: Disallow SEV-ES guests when X86_FEATURE_LBRV is absent (Paolo Bonzini) [RHEL-16745] +- KVM: SEV-ES: Prevent MSR access post VMSA encryption (Paolo Bonzini) [RHEL-16745] +- KVM: SVM: Remove the need to trigger an UNBLOCK event on AP creation (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Don't WARN() if RMP lookup fails when invalidating gmem pages (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Automatically switch reclaimed pages to shared (Paolo Bonzini) [RHEL-16745] +- KVM: SVM: Add module parameter to enable SEV-SNP (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Avoid WBINVD for HVA-based MMU notifications for SNP (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Implement hook for determining max NPT mapping level (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Implement gmem hook for invalidating private pages (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Implement gmem hook for initializing private pages (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Support SEV-SNP AP Creation NAE event (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add support to handle RMP nested page faults (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add support to handle Page State Change VMGEXIT (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add support to handle MSR based Page State Change VMGEXIT (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add support to handle GHCB GPA register VMGEXIT (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add KVM_SEV_SNP_LAUNCH_UPDATE command (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add KVM_SEV_SNP_LAUNCH_START command (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add initial SEV-SNP support (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Select KVM_GENERIC_PRIVATE_MEM when CONFIG_KVM_AMD_SEV=y (Paolo Bonzini) [RHEL-16745] +- KVM: MMU: Disable fast path if KVM_EXIT_MEMORY_FAULT is needed (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Add hook for determining max NPT mapping level (Paolo Bonzini) [RHEL-16745] +- KVM: guest_memfd: Add hook for invalidating memory (Paolo Bonzini) [RHEL-16745] +- KVM: guest_memfd: Add interface for populating gmem pages with user data (Paolo Bonzini) [RHEL-16745] +- KVM: guest_memfd: extract __kvm_gmem_get_pfn() (Paolo Bonzini) [RHEL-16745] +- KVM: guest_memfd: Add hook for initializing memory (Paolo Bonzini) [RHEL-16745] +- KVM: guest_memfd: limit overzealous WARN (Paolo Bonzini) [RHEL-16745] +- KVM: guest_memfd: pass error up from filemap_grab_folio (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Advertise max mappable GPA in CPUID.0x80000008.GuestPhysBits (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Don't advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Split core of hypercall emulation to helper function (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Allow per-guest configuration of GHCB protocol version (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add GHCB handling for termination requests (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add GHCB handling for Hypervisor Feature Support requests (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Add support to handle AP reset MSR protocol (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Sanity check that __kvm_faultin_pfn() doesn't create noslot pfns (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Initialize kvm_page_fault's pfn and hva to error values (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Set kvm_page_fault.hva to KVM_HVA_ERR_BAD for "no slot" faults (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Handle no-slot faults at the beginning of kvm_faultin_pfn() (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Move slot checks from __kvm_faultin_pfn() to kvm_faultin_pfn() (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Explicitly disallow private accesses to emulated MMIO (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Don't force emulation of L2 accesses to non-APIC internal slots (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Move private vs. shared check above slot validity checks (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: WARN and skip MMIO cache on private, reserved page faults (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: check for invalid async page faults involving private memory (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Use synthetic page fault error code to indicate private faults (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: WARN if upper 32 bits of legacy #PF error code are non-zero (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Pass full 64-bit error code when handling page faults (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Move synthetic PFERR_* sanity checks to SVM's #NPF handler (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Define more SEV+ page fault error bits/flags for #NPF (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Remove separate "bit" defines for page fault error code masks (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Exit to userspace with -EFAULT if private fault hits emulation (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Disable KVM_INTEL_PROVE_VE by default (Paolo Bonzini) [RHEL-16745] +- KVM: VMX: Enumerate EPT Violation #VE support in /proc/cpuinfo (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Print SPTEs on unexpected #VE (Paolo Bonzini) [RHEL-16745] +- KVM: VMX: Dump VMCS on unexpected #VE (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Add sanity checks that KVM doesn't create EPT #VE SPTEs (Paolo Bonzini) [RHEL-16745] +- KVM: nVMX: Always handle #VEs in L0 (never forward #VEs from L2 to L1) (Paolo Bonzini) [RHEL-16745] +- KVM: nVMX: Initialize #VE info page for vmcs02 when proving #VE support (Paolo Bonzini) [RHEL-16745] +- KVM: VMX: Don't kill the VM on an unexpected #VE (Paolo Bonzini) [RHEL-16745] +- KVM: VMX: Introduce test mode related to EPT violation VE (Paolo Bonzini) [RHEL-16745] +- KVM, x86: add architectural support code for #VE (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Track shadow MMIO value on a per-VM basis (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Add Suppress VE bit to EPT shadow_mmio_mask/shadow_present_mask (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Use SHADOW_NONPRESENT_VALUE for atomic zap in TDP MMU (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Fix a largely theoretical race in kvm_mmu_track_write() (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Process atomically-zapped SPTEs after TLB flush (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Allow non-zero value for non-present SPTE and removed SPTE (Paolo Bonzini) [RHEL-16745] +- KVM: x86/mmu: Replace hardcoded value 0 for the initial value for SPTE (Paolo Bonzini) [RHEL-16745] +- KVM: Allow page-sized MMU caches to be initialized with custom 64-bit values (Paolo Bonzini) [RHEL-16745] +- KVM: delete .change_pte MMU notifier callback (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Explicitly zero kvm_caps during vendor module load (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Fully re-initialize supported_vm_types on vendor module load (Paolo Bonzini) [RHEL-16745] +- selftests: kvm: add test for transferring FPU state into VMSA (Paolo Bonzini) [RHEL-16745] +- selftests: kvm: split "launch" phase of SEV VM creation (Paolo Bonzini) [RHEL-16745] +- selftests: kvm: switch to using KVM_X86_*_VM (Paolo Bonzini) [RHEL-16745] +- selftests: kvm: add tests for KVM_SEV_INIT2 (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: allow SEV-ES DebugSwap again (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: introduce KVM_SEV_INIT2 operation (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: sync FPU and AVX state at LAUNCH_UPDATE_VMSA time (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: define VM types for SEV and SEV-ES (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: introduce to_kvm_sev_info (Paolo Bonzini) [RHEL-16745] +- KVM: x86: Add supported_vm_types to kvm_caps (Paolo Bonzini) [RHEL-16745] +- KVM: x86: add fields to struct kvm_arch for CoCo features (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: store VMSA features in kvm_sev_info (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: publish supported VMSA features (Paolo Bonzini) [RHEL-16745] +- KVM: introduce new vendor op for KVM_GET_DEVICE_ATTR (Paolo Bonzini) [RHEL-16745] +- KVM: x86: use u64_to_user_ptr() (Paolo Bonzini) [RHEL-16745] +- KVM: SVM: Compile sev.c if and only if CONFIG_KVM_AMD_SEV=y (Paolo Bonzini) [RHEL-16745] +- KVM: SVM: Invert handling of SEV and SEV_ES feature flags (Paolo Bonzini) [RHEL-16745] +- Documentation: kvm/sev: clarify usage of KVM_MEMORY_ENCRYPT_OP (Paolo Bonzini) [RHEL-16745] +- Documentation: kvm/sev: separate description of firmware (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Track SNP host status with cc_platform_*() (Paolo Bonzini) [RHEL-16745] +- x86/cc: Add cc_platform_set/_clear() helpers (Paolo Bonzini) [RHEL-16745] +- x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (Paolo Bonzini) [RHEL-16745] +- x86/tdx: Preserve shared bit on mprotect() (Paolo Bonzini) [RHEL-16745] +- x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Update the Zenbleed microcode revisions (Paolo Bonzini) [RHEL-16745] +- crypto: ccp - Avoid discarding errors in psp_send_platform_access_msg() (Paolo Bonzini) [RHEL-16745] +- crypto: ccp - State in dmesg that TSME is enabled (Paolo Bonzini) [RHEL-16745] +- x86/sev: Disable KMSAN for memory encryption TUs (Paolo Bonzini) [RHEL-16745] +- x86/sev: Dump SEV_STATUS (Paolo Bonzini) [RHEL-16745] +- crypto: ccp - Have it depend on AMD_IOMMU (Paolo Bonzini) [RHEL-16745] +- iommu/amd: Fix failure return from snp_lookup_rmpentry() (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Make snp_range_list static (Paolo Bonzini) [RHEL-16745] +- Documentation: virt: Fix up pre-formatted text block for SEV ioctls (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Add the SNP_SET_CONFIG command (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Add the SNP_COMMIT command (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Add the SNP_PLATFORM_STATUS command (Paolo Bonzini) [RHEL-16745] +- x86/cpufeatures: Enable/unmask SEV-SNP CPU feature (Paolo Bonzini) [RHEL-16745] +- KVM: SEV: Make AVIC backing, VMSA and VMCB memory allocation SNP safe (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Add panic notifier for SEV/SNP firmware shutdown on kdump (Paolo Bonzini) [RHEL-16745] +- iommu/amd: Clean up RMP entries for IOMMU pages during SNP shutdown (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Handle legacy SEV commands when SNP is enabled (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Handle non-volatile INIT_EX data when SNP is enabled (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Handle the legacy TMR allocation when SNP is enabled (Paolo Bonzini) [RHEL-16745] +- x86/sev: Introduce an SNP leaked pages list (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Provide an API to issue SEV and SNP commands (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP (Paolo Bonzini) [RHEL-16745] +- crypto: ccp: Define the SEV-SNP commands (Paolo Bonzini) [RHEL-16745] +- crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked (Paolo Bonzini) [RHEL-16745] +- x86/sev: Adjust the directmap to avoid inadvertent RMP faults (Paolo Bonzini) [RHEL-16745] +- x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction (Paolo Bonzini) [RHEL-16745] +- x86/fault: Dump RMP table information when RMP page faults occur (Paolo Bonzini) [RHEL-16745] +- x86/traps: Define RMP violation #PF error code (Paolo Bonzini) [RHEL-16745] +- x86/fault: Add helper for dumping RMP entries (Paolo Bonzini) [RHEL-16745] +- x86/sev: Add RMP entry lookup helpers (Paolo Bonzini) [RHEL-16745] +- x86/sev: Add SEV-SNP host initialization support (Paolo Bonzini) [RHEL-16745] +- x86/mtrr: Don't print errors if MtrrFixDramModEn is set when SNP enabled (Paolo Bonzini) [RHEL-16745] +- iommu/amd: Don't rely on external callers to enable IOMMU SNP support (Paolo Bonzini) [RHEL-16745] +- x86/speculation: Do not enable Automatic IBRS if SEV-SNP is enabled (Paolo Bonzini) [RHEL-16745] +- x86/cpufeatures: Add SEV-SNP CPU feature (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Do the common init on future Zens too (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Add more models to X86_FEATURE_ZEN5 (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Add X86_FEATURE_ZEN5 (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Add X86_FEATURE_ZEN1 (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Drop now unused CPU erratum checking function (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Get rid of amd_erratum_1485[] (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Get rid of amd_erratum_400[] (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Get rid of amd_erratum_383[] (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Get rid of amd_erratum_1054[] (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Move the DIV0 bug detection to the Zen1 init function (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Move Zenbleed check to the Zen2 init function (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Rename init_amd_zn() to init_amd_zen_common() (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Call the spectral chicken in the Zen2 init function (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Move erratum 1076 fix into the Zen1 init function (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Move the Zen3 BTC_NO detection to the Zen3 init function (Paolo Bonzini) [RHEL-16745] +- x86/CPU/AMD: Carve out the erratum 1386 fix (Paolo Bonzini) [RHEL-16745] +- x86/sev: Fix position dependent variable references in startup code (Paolo Bonzini) [RHEL-16745] +- x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (Paolo Bonzini) [RHEL-16745] +- x86/sme: Fix memory encryption setting if enabled by default and not overridden (Paolo Bonzini) [RHEL-16745] + * Tue Jul 09 2024 Lucas Zampieri [5.14.0-478.el9] - netfilter: conntrack: switch connlabels to atomic_t (Xin Long) [RHEL-28816] - sched: act_ct: add netns into the key of tcf_ct_flow_table (Xin Long) [RHEL-28816] diff --git a/sources b/sources index 2894ff609..5a8402849 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-5.14.0-478.el9.tar.xz) = 9de8e409352536d1850a0fe9255e43e0b84f2edb119efe2900057c4031cf7657463305d0a3aae54c3be4c9d24c7548b657a9267b01f14957f85d26509011c005 -SHA512 (kernel-abi-stablelists-5.14.0-478.el9.tar.bz2) = 3fd4bafee9611aa41f3804ee5526a67937531082240c7358a608c748e1699b0ae1042f691076c1b307caf2562b14c630340bf0f396d1abe9457904f600717286 -SHA512 (kernel-kabi-dw-5.14.0-478.el9.tar.bz2) = f457713ced0439861c4afb630f3f9a9c70ca92a9a9b5df963dfd843ba7f63d96eee6a43a998be8a328b19178d806c465f2f129104b17fc848c84c4cd22492963 +SHA512 (linux-5.14.0-479.el9.tar.xz) = afae72ad766a47dbcf6dccdb37e74657f8765ae1b47dd13e6a304d7acd400b463f67be5b0a9d1452535ed71fd512692a2bd00635db5c1006f6edb55fd985a1b6 +SHA512 (kernel-abi-stablelists-5.14.0-479.el9.tar.bz2) = 2c55fc110297a3cbd33cedcf3058a0300013c4fa77c2a5af991e369cba9a3bec689fb697945845b140542f9fb3d8fb07443895efd0a5879846ac944c5391ab04 +SHA512 (kernel-kabi-dw-5.14.0-479.el9.tar.bz2) = f457713ced0439861c4afb630f3f9a9c70ca92a9a9b5df963dfd843ba7f63d96eee6a43a998be8a328b19178d806c465f2f129104b17fc848c84c4cd22492963