kernel-5.14.0-479.el9

* Wed Jul 10 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-479.el9]
- REDHAT: Makefile, dont reset dist-git-tmp if set (Lucas Zampieri)
- Revert "REDHAT: Fix values in Makefile being redefined" (Lucas Zampieri)
- tools/power turbostat: Add local build_bug.h header for snapshot target (David Arcari) [RHEL-33321]
- tools/power turbostat: Fix unc freq columns not showing with '-q' or '-l' (David Arcari) [RHEL-33321]
- tools/power turbostat: option '-n' is ambiguous (David Arcari) [RHEL-33321 RHEL-36084]
- tools/power turbostat: version 2024.05.10 (David Arcari) [RHEL-33321]
- tools/power turbostat: Ignore pkg_cstate_limit when it is not available (David Arcari) [RHEL-33321]
- tools/power turbostat: Fix order of strings in pkg_cstate_limit_strings (David Arcari) [RHEL-33321]
- tools/power turbostat: Read Package-cstates via perf (David Arcari) [RHEL-33321]
- tools/power turbostat: Read Core-cstates via perf (David Arcari) [RHEL-33321]
- tools/power turbostat: Avoid possible memory corruption due to sparse topology IDs (David Arcari) [RHEL-33321]
- tools/power turbostat: Add columns for clustered uncore frequency (David Arcari) [RHEL-33321]
- tools/power turbostat: Enable non-privileged users to read sysfs counters (David Arcari) [RHEL-33321]
- tools/power turbostat: Replace _Static_assert with BUILD_BUG_ON (David Arcari) [RHEL-33321]
- tools/power turbostat: Add ARL-H support (David Arcari) [RHEL-33321]
- tools/power turbostat: Enhance ARL/LNL support (David Arcari) [RHEL-33321]
- tools/power turbostat: Survive sparse die_id (David Arcari) [RHEL-33321]
- tools/power turbostat: Remember global max_die_id (David Arcari) [RHEL-33321]
- tools/power turbostat: Harden probe_intel_uncore_frequency() (David Arcari) [RHEL-33321]
- tools/power turbostat: Add "snapshot:" Makefile target (David Arcari) [RHEL-33321]
- platform/x86:intel/pmc: Enable S0ix blocker show in Lunar Lake (Steve Best) [RHEL-46817]
- platform/x86:intel/pmc: Update LNL signal status map (Steve Best) [RHEL-46817]
- platform/x86:intel/pmc: Add support to show S0ix blocker counter (Steve Best) [RHEL-46817]
- platform/x86/intel/pmc: Fix PCH names in comments (Steve Best) [RHEL-46817]
- platform/x86/intel/pmc: Improve PKGC residency counters debug (Steve Best) [RHEL-46817]
- platform/x86/intel/pmc/arl: Put GNA device in D3 (Steve Best) [RHEL-46817]
- net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (Davide Caratti) [RHEL-45534]
- net/sched: taprio: extend minimum interval restriction to entire cycle too (Davide Caratti) [RHEL-44375 RHEL-45534] {CVE-2024-36244}
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (Davide Caratti) [RHEL-44375 RHEL-45534] {CVE-2024-36244}
- rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (Davide Caratti) [RHEL-39715] {CVE-2024-36017}
- xfs: process free extents to busy list in FIFO order (Pavel Reichl) [RHEL-7961]
- xfs: adjust the incore perag block_count when shrinking (Pavel Reichl) [RHEL-7961]
- xfs: abort fstrim if kernel is suspending (Pavel Reichl) [RHEL-7961]
- xfs: reduce AGF hold times during fstrim operations (Pavel Reichl) [RHEL-7961]
- xfs: move log discard work to xfs_discard.c (Pavel Reichl) [RHEL-7961]
- can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (Ken Cox) [RHEL-38415] {CVE-2021-47459}
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Steve Best) [RHEL-39354] {CVE-2024-36016}
- net/sched: initialize noop_qdisc owner (Davide Caratti) [RHEL-35058]
- net/sched: Fix mirred deadlock on device recursion (Davide Caratti) [RHEL-35058] {CVE-2024-27010}
- KVM: SEV-ES: Fix svm_get_msr()/svm_set_msr() for KVM_SEV_ES_INIT guests (Paolo Bonzini) [RHEL-16745]
- x86/e820: Add a new e820 table update helper (Paolo Bonzini) [RHEL-16745]
- x86/sev: Add callback to apply RMP table fixups for kexec (Paolo Bonzini) [RHEL-16745]
- x86/kexec: Do not update E820 kexec table for setup_data (Paolo Bonzini) [RHEL-16745]
- x86/e820: Don't reserve SETUP_RNG_SEED in e820 (Paolo Bonzini) [RHEL-16745]
- redhat: add new configs (Paolo Bonzini) [RHEL-16745]
- KVM: SNP: Fix LBR Virtualization for SNP guest (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Don't save mmu_invalidate_seq after checking private attr (Paolo Bonzini) [RHEL-16745]
- KVM: SEV-ES: Delegate LBR virtualization to the processor (Paolo Bonzini) [RHEL-16745]
- KVM: SEV-ES: Disallow SEV-ES guests when X86_FEATURE_LBRV is absent (Paolo Bonzini) [RHEL-16745]
- KVM: SEV-ES: Prevent MSR access post VMSA encryption (Paolo Bonzini) [RHEL-16745]
- KVM: SVM: Remove the need to trigger an UNBLOCK event on AP creation (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Don't WARN() if RMP lookup fails when invalidating gmem pages (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Automatically switch reclaimed pages to shared (Paolo Bonzini) [RHEL-16745]
- KVM: SVM: Add module parameter to enable SEV-SNP (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Avoid WBINVD for HVA-based MMU notifications for SNP (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Implement hook for determining max NPT mapping level (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Implement gmem hook for invalidating private pages (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Implement gmem hook for initializing private pages (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Support SEV-SNP AP Creation NAE event (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add support to handle RMP nested page faults (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add support to handle Page State Change VMGEXIT (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add support to handle MSR based Page State Change VMGEXIT (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add support to handle GHCB GPA register VMGEXIT (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add KVM_SEV_SNP_LAUNCH_UPDATE command (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add KVM_SEV_SNP_LAUNCH_START command (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add initial SEV-SNP support (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Select KVM_GENERIC_PRIVATE_MEM when CONFIG_KVM_AMD_SEV=y (Paolo Bonzini) [RHEL-16745]
- KVM: MMU: Disable fast path if KVM_EXIT_MEMORY_FAULT is needed (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Add hook for determining max NPT mapping level (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: Add hook for invalidating memory (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: Add interface for populating gmem pages with user data (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: extract __kvm_gmem_get_pfn() (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: Add hook for initializing memory (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: limit overzealous WARN (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: pass error up from filemap_grab_folio (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Advertise max mappable GPA in CPUID.0x80000008.GuestPhysBits (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Don't advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Split core of hypercall emulation to helper function (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Allow per-guest configuration of GHCB protocol version (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add GHCB handling for termination requests (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add GHCB handling for Hypervisor Feature Support requests (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add support to handle AP reset MSR protocol (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Sanity check that __kvm_faultin_pfn() doesn't create noslot pfns (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Initialize kvm_page_fault's pfn and hva to error values (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Set kvm_page_fault.hva to KVM_HVA_ERR_BAD for "no slot" faults (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Handle no-slot faults at the beginning of kvm_faultin_pfn() (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Move slot checks from __kvm_faultin_pfn() to kvm_faultin_pfn() (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Explicitly disallow private accesses to emulated MMIO (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Don't force emulation of L2 accesses to non-APIC internal slots (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Move private vs. shared check above slot validity checks (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: WARN and skip MMIO cache on private, reserved page faults (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: check for invalid async page faults involving private memory (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Use synthetic page fault error code to indicate private faults (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: WARN if upper 32 bits of legacy #PF error code are non-zero (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Pass full 64-bit error code when handling page faults (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Move synthetic PFERR_* sanity checks to SVM's #NPF handler (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Define more SEV+ page fault error bits/flags for #NPF (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Remove separate "bit" defines for page fault error code masks (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Exit to userspace with -EFAULT if private fault hits emulation (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Disable KVM_INTEL_PROVE_VE by default (Paolo Bonzini) [RHEL-16745]
- KVM: VMX: Enumerate EPT Violation #VE support in /proc/cpuinfo (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Print SPTEs on unexpected #VE (Paolo Bonzini) [RHEL-16745]
- KVM: VMX: Dump VMCS on unexpected #VE (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Add sanity checks that KVM doesn't create EPT #VE SPTEs (Paolo Bonzini) [RHEL-16745]
- KVM: nVMX: Always handle #VEs in L0 (never forward #VEs from L2 to L1) (Paolo Bonzini) [RHEL-16745]
- KVM: nVMX: Initialize #VE info page for vmcs02 when proving #VE support (Paolo Bonzini) [RHEL-16745]
- KVM: VMX: Don't kill the VM on an unexpected #VE (Paolo Bonzini) [RHEL-16745]
- KVM: VMX: Introduce test mode related to EPT violation VE (Paolo Bonzini) [RHEL-16745]
- KVM, x86: add architectural support code for #VE (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Track shadow MMIO value on a per-VM basis (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Add Suppress VE bit to EPT shadow_mmio_mask/shadow_present_mask (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Use SHADOW_NONPRESENT_VALUE for atomic zap in TDP MMU (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Fix a largely theoretical race in kvm_mmu_track_write() (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Process atomically-zapped SPTEs after TLB flush (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Allow non-zero value for non-present SPTE and removed SPTE (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Replace hardcoded value 0 for the initial value for SPTE (Paolo Bonzini) [RHEL-16745]
- KVM: Allow page-sized MMU caches to be initialized with custom 64-bit values (Paolo Bonzini) [RHEL-16745]
- KVM: delete .change_pte MMU notifier callback (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Explicitly zero kvm_caps during vendor module load (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Fully re-initialize supported_vm_types on vendor module load (Paolo Bonzini) [RHEL-16745]
- selftests: kvm: add test for transferring FPU state into VMSA (Paolo Bonzini) [RHEL-16745]
- selftests: kvm: split "launch" phase of SEV VM creation (Paolo Bonzini) [RHEL-16745]
- selftests: kvm: switch to using KVM_X86_*_VM (Paolo Bonzini) [RHEL-16745]
- selftests: kvm: add tests for KVM_SEV_INIT2 (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: allow SEV-ES DebugSwap again (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: introduce KVM_SEV_INIT2 operation (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: sync FPU and AVX state at LAUNCH_UPDATE_VMSA time (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: define VM types for SEV and SEV-ES (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: introduce to_kvm_sev_info (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Add supported_vm_types to kvm_caps (Paolo Bonzini) [RHEL-16745]
- KVM: x86: add fields to struct kvm_arch for CoCo features (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: store VMSA features in kvm_sev_info (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: publish supported VMSA features (Paolo Bonzini) [RHEL-16745]
- KVM: introduce new vendor op for KVM_GET_DEVICE_ATTR (Paolo Bonzini) [RHEL-16745]
- KVM: x86: use u64_to_user_ptr() (Paolo Bonzini) [RHEL-16745]
- KVM: SVM: Compile sev.c if and only if CONFIG_KVM_AMD_SEV=y (Paolo Bonzini) [RHEL-16745]
- KVM: SVM: Invert handling of SEV and SEV_ES feature flags (Paolo Bonzini) [RHEL-16745]
- Documentation: kvm/sev: clarify usage of KVM_MEMORY_ENCRYPT_OP (Paolo Bonzini) [RHEL-16745]
- Documentation: kvm/sev: separate description of firmware (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Track SNP host status with cc_platform_*() (Paolo Bonzini) [RHEL-16745]
- x86/cc: Add cc_platform_set/_clear() helpers (Paolo Bonzini) [RHEL-16745]
- x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (Paolo Bonzini) [RHEL-16745]
- x86/tdx: Preserve shared bit on mprotect() (Paolo Bonzini) [RHEL-16745]
- x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Update the Zenbleed microcode revisions (Paolo Bonzini) [RHEL-16745]
- crypto: ccp - Avoid discarding errors in psp_send_platform_access_msg() (Paolo Bonzini) [RHEL-16745]
- crypto: ccp - State in dmesg that TSME is enabled (Paolo Bonzini) [RHEL-16745]
- x86/sev: Disable KMSAN for memory encryption TUs (Paolo Bonzini) [RHEL-16745]
- x86/sev: Dump SEV_STATUS (Paolo Bonzini) [RHEL-16745]
- crypto: ccp - Have it depend on AMD_IOMMU (Paolo Bonzini) [RHEL-16745]
- iommu/amd: Fix failure return from snp_lookup_rmpentry() (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Make snp_range_list static (Paolo Bonzini) [RHEL-16745]
- Documentation: virt: Fix up pre-formatted text block for SEV ioctls (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Add the SNP_SET_CONFIG command (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Add the SNP_COMMIT command (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Add the SNP_PLATFORM_STATUS command (Paolo Bonzini) [RHEL-16745]
- x86/cpufeatures: Enable/unmask SEV-SNP CPU feature (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Make AVIC backing, VMSA and VMCB memory allocation SNP safe (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Add panic notifier for SEV/SNP firmware shutdown on kdump (Paolo Bonzini) [RHEL-16745]
- iommu/amd: Clean up RMP entries for IOMMU pages during SNP shutdown (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Handle legacy SEV commands when SNP is enabled (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Handle non-volatile INIT_EX data when SNP is enabled (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Handle the legacy TMR allocation when SNP is enabled (Paolo Bonzini) [RHEL-16745]
- x86/sev: Introduce an SNP leaked pages list (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Provide an API to issue SEV and SNP commands (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Define the SEV-SNP commands (Paolo Bonzini) [RHEL-16745]
- crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked (Paolo Bonzini) [RHEL-16745]
- x86/sev: Adjust the directmap to avoid inadvertent RMP faults (Paolo Bonzini) [RHEL-16745]
- x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction (Paolo Bonzini) [RHEL-16745]
- x86/fault: Dump RMP table information when RMP page faults occur (Paolo Bonzini) [RHEL-16745]
- x86/traps: Define RMP violation #PF error code (Paolo Bonzini) [RHEL-16745]
- x86/fault: Add helper for dumping RMP entries (Paolo Bonzini) [RHEL-16745]
- x86/sev: Add RMP entry lookup helpers (Paolo Bonzini) [RHEL-16745]
- x86/sev: Add SEV-SNP host initialization support (Paolo Bonzini) [RHEL-16745]
- x86/mtrr: Don't print errors if MtrrFixDramModEn is set when SNP enabled (Paolo Bonzini) [RHEL-16745]
- iommu/amd: Don't rely on external callers to enable IOMMU SNP support (Paolo Bonzini) [RHEL-16745]
- x86/speculation: Do not enable Automatic IBRS if SEV-SNP is enabled (Paolo Bonzini) [RHEL-16745]
- x86/cpufeatures: Add SEV-SNP CPU feature (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Do the common init on future Zens too (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Add more models to X86_FEATURE_ZEN5 (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Add X86_FEATURE_ZEN5 (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Add X86_FEATURE_ZEN1 (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Drop now unused CPU erratum checking function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Get rid of amd_erratum_1485[] (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Get rid of amd_erratum_400[] (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Get rid of amd_erratum_383[] (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Get rid of amd_erratum_1054[] (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Move the DIV0 bug detection to the Zen1 init function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Move Zenbleed check to the Zen2 init function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Rename init_amd_zn() to init_amd_zen_common() (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Call the spectral chicken in the Zen2 init function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Move erratum 1076 fix into the Zen1 init function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Move the Zen3 BTC_NO detection to the Zen3 init function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Carve out the erratum 1386 fix (Paolo Bonzini) [RHEL-16745]
- x86/sev: Fix position dependent variable references in startup code (Paolo Bonzini) [RHEL-16745]
- x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (Paolo Bonzini) [RHEL-16745]
- x86/sme: Fix memory encryption setting if enabled by default and not overridden (Paolo Bonzini) [RHEL-16745]
Resolves: RHEL-16745, RHEL-33321, RHEL-35058, RHEL-36084, RHEL-38415, RHEL-39354, RHEL-39715, RHEL-44375, RHEL-45534, RHEL-46817, RHEL-7961

Signed-off-by: Lucas Zampieri <lzampier@redhat.com>
This commit is contained in:
Lucas Zampieri 2024-07-10 18:31:06 +00:00
parent 83c0ae3a04
commit 69ace5a551
No known key found for this signature in database
GPG Key ID: 6DA90B962E68B074
8 changed files with 419 additions and 8 deletions

View File

@ -12,7 +12,7 @@ RHEL_MINOR = 5
#
# Use this spot to avoid future merge conflicts.
# Do not trim this comment.
RHEL_RELEASE = 478
RHEL_RELEASE = 479
#
# ZSTREAM

View File

@ -2818,6 +2818,7 @@ CONFIG_KVM_AMD_SEV=y
CONFIG_KVM_GUEST=y
CONFIG_KVM_HYPERV=y
CONFIG_KVM_INTEL=m
# CONFIG_KVM_INTEL_PROVE_VE is not set
CONFIG_KVM=m
CONFIG_KVM_MAX_NR_VCPUS=4096
CONFIG_KVM_PROVE_MMU=y

View File

@ -2798,6 +2798,7 @@ CONFIG_KVM_AMD_SEV=y
CONFIG_KVM_GUEST=y
CONFIG_KVM_HYPERV=y
CONFIG_KVM_INTEL=m
# CONFIG_KVM_INTEL_PROVE_VE is not set
CONFIG_KVM=m
CONFIG_KVM_MAX_NR_VCPUS=4096
# CONFIG_KVM_PROVE_MMU is not set

View File

@ -2874,6 +2874,7 @@ CONFIG_KVM_AMD_SEV=y
CONFIG_KVM_GUEST=y
CONFIG_KVM_HYPERV=y
CONFIG_KVM_INTEL=m
# CONFIG_KVM_INTEL_PROVE_VE is not set
CONFIG_KVM=m
CONFIG_KVM_MAX_NR_VCPUS=4096
CONFIG_KVM_PROVE_MMU=y

View File

@ -2854,6 +2854,7 @@ CONFIG_KVM_AMD_SEV=y
CONFIG_KVM_GUEST=y
CONFIG_KVM_HYPERV=y
CONFIG_KVM_INTEL=m
# CONFIG_KVM_INTEL_PROVE_VE is not set
CONFIG_KVM=m
CONFIG_KVM_MAX_NR_VCPUS=4096
# CONFIG_KVM_PROVE_MMU is not set

View File

@ -1,3 +1,207 @@
* Wed Jul 10 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-479.el9]
- REDHAT: Makefile, dont reset dist-git-tmp if set (Lucas Zampieri)
- Revert "REDHAT: Fix values in Makefile being redefined" (Lucas Zampieri)
- tools/power turbostat: Add local build_bug.h header for snapshot target (David Arcari) [RHEL-33321]
- tools/power turbostat: Fix unc freq columns not showing with '-q' or '-l' (David Arcari) [RHEL-33321]
- tools/power turbostat: option '-n' is ambiguous (David Arcari) [RHEL-33321 RHEL-36084]
- tools/power turbostat: version 2024.05.10 (David Arcari) [RHEL-33321]
- tools/power turbostat: Ignore pkg_cstate_limit when it is not available (David Arcari) [RHEL-33321]
- tools/power turbostat: Fix order of strings in pkg_cstate_limit_strings (David Arcari) [RHEL-33321]
- tools/power turbostat: Read Package-cstates via perf (David Arcari) [RHEL-33321]
- tools/power turbostat: Read Core-cstates via perf (David Arcari) [RHEL-33321]
- tools/power turbostat: Avoid possible memory corruption due to sparse topology IDs (David Arcari) [RHEL-33321]
- tools/power turbostat: Add columns for clustered uncore frequency (David Arcari) [RHEL-33321]
- tools/power turbostat: Enable non-privileged users to read sysfs counters (David Arcari) [RHEL-33321]
- tools/power turbostat: Replace _Static_assert with BUILD_BUG_ON (David Arcari) [RHEL-33321]
- tools/power turbostat: Add ARL-H support (David Arcari) [RHEL-33321]
- tools/power turbostat: Enhance ARL/LNL support (David Arcari) [RHEL-33321]
- tools/power turbostat: Survive sparse die_id (David Arcari) [RHEL-33321]
- tools/power turbostat: Remember global max_die_id (David Arcari) [RHEL-33321]
- tools/power turbostat: Harden probe_intel_uncore_frequency() (David Arcari) [RHEL-33321]
- tools/power turbostat: Add "snapshot:" Makefile target (David Arcari) [RHEL-33321]
- platform/x86:intel/pmc: Enable S0ix blocker show in Lunar Lake (Steve Best) [RHEL-46817]
- platform/x86:intel/pmc: Update LNL signal status map (Steve Best) [RHEL-46817]
- platform/x86:intel/pmc: Add support to show S0ix blocker counter (Steve Best) [RHEL-46817]
- platform/x86/intel/pmc: Fix PCH names in comments (Steve Best) [RHEL-46817]
- platform/x86/intel/pmc: Improve PKGC residency counters debug (Steve Best) [RHEL-46817]
- platform/x86/intel/pmc/arl: Put GNA device in D3 (Steve Best) [RHEL-46817]
- net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (Davide Caratti) [RHEL-45534]
- net/sched: taprio: extend minimum interval restriction to entire cycle too (Davide Caratti) [RHEL-44375 RHEL-45534] {CVE-2024-36244}
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (Davide Caratti) [RHEL-44375 RHEL-45534] {CVE-2024-36244}
- rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (Davide Caratti) [RHEL-39715] {CVE-2024-36017}
- xfs: process free extents to busy list in FIFO order (Pavel Reichl) [RHEL-7961]
- xfs: adjust the incore perag block_count when shrinking (Pavel Reichl) [RHEL-7961]
- xfs: abort fstrim if kernel is suspending (Pavel Reichl) [RHEL-7961]
- xfs: reduce AGF hold times during fstrim operations (Pavel Reichl) [RHEL-7961]
- xfs: move log discard work to xfs_discard.c (Pavel Reichl) [RHEL-7961]
- can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (Ken Cox) [RHEL-38415] {CVE-2021-47459}
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Steve Best) [RHEL-39354] {CVE-2024-36016}
- net/sched: initialize noop_qdisc owner (Davide Caratti) [RHEL-35058]
- net/sched: Fix mirred deadlock on device recursion (Davide Caratti) [RHEL-35058] {CVE-2024-27010}
- KVM: SEV-ES: Fix svm_get_msr()/svm_set_msr() for KVM_SEV_ES_INIT guests (Paolo Bonzini) [RHEL-16745]
- x86/e820: Add a new e820 table update helper (Paolo Bonzini) [RHEL-16745]
- x86/sev: Add callback to apply RMP table fixups for kexec (Paolo Bonzini) [RHEL-16745]
- x86/kexec: Do not update E820 kexec table for setup_data (Paolo Bonzini) [RHEL-16745]
- x86/e820: Don't reserve SETUP_RNG_SEED in e820 (Paolo Bonzini) [RHEL-16745]
- redhat: add new configs (Paolo Bonzini) [RHEL-16745]
- KVM: SNP: Fix LBR Virtualization for SNP guest (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Don't save mmu_invalidate_seq after checking private attr (Paolo Bonzini) [RHEL-16745]
- KVM: SEV-ES: Delegate LBR virtualization to the processor (Paolo Bonzini) [RHEL-16745]
- KVM: SEV-ES: Disallow SEV-ES guests when X86_FEATURE_LBRV is absent (Paolo Bonzini) [RHEL-16745]
- KVM: SEV-ES: Prevent MSR access post VMSA encryption (Paolo Bonzini) [RHEL-16745]
- KVM: SVM: Remove the need to trigger an UNBLOCK event on AP creation (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Don't WARN() if RMP lookup fails when invalidating gmem pages (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Automatically switch reclaimed pages to shared (Paolo Bonzini) [RHEL-16745]
- KVM: SVM: Add module parameter to enable SEV-SNP (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Avoid WBINVD for HVA-based MMU notifications for SNP (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Implement hook for determining max NPT mapping level (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Implement gmem hook for invalidating private pages (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Implement gmem hook for initializing private pages (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Support SEV-SNP AP Creation NAE event (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add support to handle RMP nested page faults (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add support to handle Page State Change VMGEXIT (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add support to handle MSR based Page State Change VMGEXIT (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add support to handle GHCB GPA register VMGEXIT (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add KVM_SEV_SNP_LAUNCH_UPDATE command (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add KVM_SEV_SNP_LAUNCH_START command (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add initial SEV-SNP support (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Select KVM_GENERIC_PRIVATE_MEM when CONFIG_KVM_AMD_SEV=y (Paolo Bonzini) [RHEL-16745]
- KVM: MMU: Disable fast path if KVM_EXIT_MEMORY_FAULT is needed (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Add hook for determining max NPT mapping level (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: Add hook for invalidating memory (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: Add interface for populating gmem pages with user data (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: extract __kvm_gmem_get_pfn() (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: Add hook for initializing memory (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: limit overzealous WARN (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: pass error up from filemap_grab_folio (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Advertise max mappable GPA in CPUID.0x80000008.GuestPhysBits (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Don't advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Split core of hypercall emulation to helper function (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Allow per-guest configuration of GHCB protocol version (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add GHCB handling for termination requests (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add GHCB handling for Hypervisor Feature Support requests (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add support to handle AP reset MSR protocol (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Sanity check that __kvm_faultin_pfn() doesn't create noslot pfns (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Initialize kvm_page_fault's pfn and hva to error values (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Set kvm_page_fault.hva to KVM_HVA_ERR_BAD for "no slot" faults (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Handle no-slot faults at the beginning of kvm_faultin_pfn() (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Move slot checks from __kvm_faultin_pfn() to kvm_faultin_pfn() (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Explicitly disallow private accesses to emulated MMIO (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Don't force emulation of L2 accesses to non-APIC internal slots (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Move private vs. shared check above slot validity checks (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: WARN and skip MMIO cache on private, reserved page faults (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: check for invalid async page faults involving private memory (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Use synthetic page fault error code to indicate private faults (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: WARN if upper 32 bits of legacy #PF error code are non-zero (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Pass full 64-bit error code when handling page faults (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Move synthetic PFERR_* sanity checks to SVM's #NPF handler (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Define more SEV+ page fault error bits/flags for #NPF (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Remove separate "bit" defines for page fault error code masks (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Exit to userspace with -EFAULT if private fault hits emulation (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Disable KVM_INTEL_PROVE_VE by default (Paolo Bonzini) [RHEL-16745]
- KVM: VMX: Enumerate EPT Violation #VE support in /proc/cpuinfo (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Print SPTEs on unexpected #VE (Paolo Bonzini) [RHEL-16745]
- KVM: VMX: Dump VMCS on unexpected #VE (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Add sanity checks that KVM doesn't create EPT #VE SPTEs (Paolo Bonzini) [RHEL-16745]
- KVM: nVMX: Always handle #VEs in L0 (never forward #VEs from L2 to L1) (Paolo Bonzini) [RHEL-16745]
- KVM: nVMX: Initialize #VE info page for vmcs02 when proving #VE support (Paolo Bonzini) [RHEL-16745]
- KVM: VMX: Don't kill the VM on an unexpected #VE (Paolo Bonzini) [RHEL-16745]
- KVM: VMX: Introduce test mode related to EPT violation VE (Paolo Bonzini) [RHEL-16745]
- KVM, x86: add architectural support code for #VE (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Track shadow MMIO value on a per-VM basis (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Add Suppress VE bit to EPT shadow_mmio_mask/shadow_present_mask (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Use SHADOW_NONPRESENT_VALUE for atomic zap in TDP MMU (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Fix a largely theoretical race in kvm_mmu_track_write() (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Process atomically-zapped SPTEs after TLB flush (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Allow non-zero value for non-present SPTE and removed SPTE (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Replace hardcoded value 0 for the initial value for SPTE (Paolo Bonzini) [RHEL-16745]
- KVM: Allow page-sized MMU caches to be initialized with custom 64-bit values (Paolo Bonzini) [RHEL-16745]
- KVM: delete .change_pte MMU notifier callback (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Explicitly zero kvm_caps during vendor module load (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Fully re-initialize supported_vm_types on vendor module load (Paolo Bonzini) [RHEL-16745]
- selftests: kvm: add test for transferring FPU state into VMSA (Paolo Bonzini) [RHEL-16745]
- selftests: kvm: split "launch" phase of SEV VM creation (Paolo Bonzini) [RHEL-16745]
- selftests: kvm: switch to using KVM_X86_*_VM (Paolo Bonzini) [RHEL-16745]
- selftests: kvm: add tests for KVM_SEV_INIT2 (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: allow SEV-ES DebugSwap again (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: introduce KVM_SEV_INIT2 operation (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: sync FPU and AVX state at LAUNCH_UPDATE_VMSA time (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: define VM types for SEV and SEV-ES (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: introduce to_kvm_sev_info (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Add supported_vm_types to kvm_caps (Paolo Bonzini) [RHEL-16745]
- KVM: x86: add fields to struct kvm_arch for CoCo features (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: store VMSA features in kvm_sev_info (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: publish supported VMSA features (Paolo Bonzini) [RHEL-16745]
- KVM: introduce new vendor op for KVM_GET_DEVICE_ATTR (Paolo Bonzini) [RHEL-16745]
- KVM: x86: use u64_to_user_ptr() (Paolo Bonzini) [RHEL-16745]
- KVM: SVM: Compile sev.c if and only if CONFIG_KVM_AMD_SEV=y (Paolo Bonzini) [RHEL-16745]
- KVM: SVM: Invert handling of SEV and SEV_ES feature flags (Paolo Bonzini) [RHEL-16745]
- Documentation: kvm/sev: clarify usage of KVM_MEMORY_ENCRYPT_OP (Paolo Bonzini) [RHEL-16745]
- Documentation: kvm/sev: separate description of firmware (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Track SNP host status with cc_platform_*() (Paolo Bonzini) [RHEL-16745]
- x86/cc: Add cc_platform_set/_clear() helpers (Paolo Bonzini) [RHEL-16745]
- x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (Paolo Bonzini) [RHEL-16745]
- x86/tdx: Preserve shared bit on mprotect() (Paolo Bonzini) [RHEL-16745]
- x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Update the Zenbleed microcode revisions (Paolo Bonzini) [RHEL-16745]
- crypto: ccp - Avoid discarding errors in psp_send_platform_access_msg() (Paolo Bonzini) [RHEL-16745]
- crypto: ccp - State in dmesg that TSME is enabled (Paolo Bonzini) [RHEL-16745]
- x86/sev: Disable KMSAN for memory encryption TUs (Paolo Bonzini) [RHEL-16745]
- x86/sev: Dump SEV_STATUS (Paolo Bonzini) [RHEL-16745]
- crypto: ccp - Have it depend on AMD_IOMMU (Paolo Bonzini) [RHEL-16745]
- iommu/amd: Fix failure return from snp_lookup_rmpentry() (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Make snp_range_list static (Paolo Bonzini) [RHEL-16745]
- Documentation: virt: Fix up pre-formatted text block for SEV ioctls (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Add the SNP_SET_CONFIG command (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Add the SNP_COMMIT command (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Add the SNP_PLATFORM_STATUS command (Paolo Bonzini) [RHEL-16745]
- x86/cpufeatures: Enable/unmask SEV-SNP CPU feature (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Make AVIC backing, VMSA and VMCB memory allocation SNP safe (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Add panic notifier for SEV/SNP firmware shutdown on kdump (Paolo Bonzini) [RHEL-16745]
- iommu/amd: Clean up RMP entries for IOMMU pages during SNP shutdown (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Handle legacy SEV commands when SNP is enabled (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Handle non-volatile INIT_EX data when SNP is enabled (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Handle the legacy TMR allocation when SNP is enabled (Paolo Bonzini) [RHEL-16745]
- x86/sev: Introduce an SNP leaked pages list (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Provide an API to issue SEV and SNP commands (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Define the SEV-SNP commands (Paolo Bonzini) [RHEL-16745]
- crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked (Paolo Bonzini) [RHEL-16745]
- x86/sev: Adjust the directmap to avoid inadvertent RMP faults (Paolo Bonzini) [RHEL-16745]
- x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction (Paolo Bonzini) [RHEL-16745]
- x86/fault: Dump RMP table information when RMP page faults occur (Paolo Bonzini) [RHEL-16745]
- x86/traps: Define RMP violation #PF error code (Paolo Bonzini) [RHEL-16745]
- x86/fault: Add helper for dumping RMP entries (Paolo Bonzini) [RHEL-16745]
- x86/sev: Add RMP entry lookup helpers (Paolo Bonzini) [RHEL-16745]
- x86/sev: Add SEV-SNP host initialization support (Paolo Bonzini) [RHEL-16745]
- x86/mtrr: Don't print errors if MtrrFixDramModEn is set when SNP enabled (Paolo Bonzini) [RHEL-16745]
- iommu/amd: Don't rely on external callers to enable IOMMU SNP support (Paolo Bonzini) [RHEL-16745]
- x86/speculation: Do not enable Automatic IBRS if SEV-SNP is enabled (Paolo Bonzini) [RHEL-16745]
- x86/cpufeatures: Add SEV-SNP CPU feature (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Do the common init on future Zens too (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Add more models to X86_FEATURE_ZEN5 (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Add X86_FEATURE_ZEN5 (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Add X86_FEATURE_ZEN1 (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Drop now unused CPU erratum checking function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Get rid of amd_erratum_1485[] (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Get rid of amd_erratum_400[] (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Get rid of amd_erratum_383[] (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Get rid of amd_erratum_1054[] (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Move the DIV0 bug detection to the Zen1 init function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Move Zenbleed check to the Zen2 init function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Rename init_amd_zn() to init_amd_zen_common() (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Call the spectral chicken in the Zen2 init function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Move erratum 1076 fix into the Zen1 init function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Move the Zen3 BTC_NO detection to the Zen3 init function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Carve out the erratum 1386 fix (Paolo Bonzini) [RHEL-16745]
- x86/sev: Fix position dependent variable references in startup code (Paolo Bonzini) [RHEL-16745]
- x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (Paolo Bonzini) [RHEL-16745]
- x86/sme: Fix memory encryption setting if enabled by default and not overridden (Paolo Bonzini) [RHEL-16745]
Resolves: RHEL-16745, RHEL-33321, RHEL-35058, RHEL-36084, RHEL-38415, RHEL-39354, RHEL-39715, RHEL-44375, RHEL-45534, RHEL-46817, RHEL-7961
* Tue Jul 09 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-478.el9]
- netfilter: conntrack: switch connlabels to atomic_t (Xin Long) [RHEL-28816]
- sched: act_ct: add netns into the key of tcf_ct_flow_table (Xin Long) [RHEL-28816]

View File

@ -165,15 +165,15 @@ Summary: The Linux kernel
# define buildid .local
%define specversion 5.14.0
%define patchversion 5.14
%define pkgrelease 478
%define pkgrelease 479
%define kversion 5
%define tarfile_release 5.14.0-478.el9
%define tarfile_release 5.14.0-479.el9
# This is needed to do merge window version magic
%define patchlevel 14
# This allows pkg_release to have configurable %%{?dist} tag
%define specrelease 478%{?buildid}%{?dist}
%define specrelease 479%{?buildid}%{?dist}
# This defines the kabi tarball version
%define kabiversion 5.14.0-478.el9
%define kabiversion 5.14.0-479.el9
#
# End of genspec.sh variables
@ -3747,6 +3747,209 @@ fi
#
#
%changelog
* Wed Jul 10 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-479.el9]
- REDHAT: Makefile, dont reset dist-git-tmp if set (Lucas Zampieri)
- Revert "REDHAT: Fix values in Makefile being redefined" (Lucas Zampieri)
- tools/power turbostat: Add local build_bug.h header for snapshot target (David Arcari) [RHEL-33321]
- tools/power turbostat: Fix unc freq columns not showing with '-q' or '-l' (David Arcari) [RHEL-33321]
- tools/power turbostat: option '-n' is ambiguous (David Arcari) [RHEL-33321 RHEL-36084]
- tools/power turbostat: version 2024.05.10 (David Arcari) [RHEL-33321]
- tools/power turbostat: Ignore pkg_cstate_limit when it is not available (David Arcari) [RHEL-33321]
- tools/power turbostat: Fix order of strings in pkg_cstate_limit_strings (David Arcari) [RHEL-33321]
- tools/power turbostat: Read Package-cstates via perf (David Arcari) [RHEL-33321]
- tools/power turbostat: Read Core-cstates via perf (David Arcari) [RHEL-33321]
- tools/power turbostat: Avoid possible memory corruption due to sparse topology IDs (David Arcari) [RHEL-33321]
- tools/power turbostat: Add columns for clustered uncore frequency (David Arcari) [RHEL-33321]
- tools/power turbostat: Enable non-privileged users to read sysfs counters (David Arcari) [RHEL-33321]
- tools/power turbostat: Replace _Static_assert with BUILD_BUG_ON (David Arcari) [RHEL-33321]
- tools/power turbostat: Add ARL-H support (David Arcari) [RHEL-33321]
- tools/power turbostat: Enhance ARL/LNL support (David Arcari) [RHEL-33321]
- tools/power turbostat: Survive sparse die_id (David Arcari) [RHEL-33321]
- tools/power turbostat: Remember global max_die_id (David Arcari) [RHEL-33321]
- tools/power turbostat: Harden probe_intel_uncore_frequency() (David Arcari) [RHEL-33321]
- tools/power turbostat: Add "snapshot:" Makefile target (David Arcari) [RHEL-33321]
- platform/x86:intel/pmc: Enable S0ix blocker show in Lunar Lake (Steve Best) [RHEL-46817]
- platform/x86:intel/pmc: Update LNL signal status map (Steve Best) [RHEL-46817]
- platform/x86:intel/pmc: Add support to show S0ix blocker counter (Steve Best) [RHEL-46817]
- platform/x86/intel/pmc: Fix PCH names in comments (Steve Best) [RHEL-46817]
- platform/x86/intel/pmc: Improve PKGC residency counters debug (Steve Best) [RHEL-46817]
- platform/x86/intel/pmc/arl: Put GNA device in D3 (Steve Best) [RHEL-46817]
- net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (Davide Caratti) [RHEL-45534]
- net/sched: taprio: extend minimum interval restriction to entire cycle too (Davide Caratti) [RHEL-44375 RHEL-45534] {CVE-2024-36244}
- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (Davide Caratti) [RHEL-44375 RHEL-45534] {CVE-2024-36244}
- rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (Davide Caratti) [RHEL-39715] {CVE-2024-36017}
- xfs: process free extents to busy list in FIFO order (Pavel Reichl) [RHEL-7961]
- xfs: adjust the incore perag block_count when shrinking (Pavel Reichl) [RHEL-7961]
- xfs: abort fstrim if kernel is suspending (Pavel Reichl) [RHEL-7961]
- xfs: reduce AGF hold times during fstrim operations (Pavel Reichl) [RHEL-7961]
- xfs: move log discard work to xfs_discard.c (Pavel Reichl) [RHEL-7961]
- can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (Ken Cox) [RHEL-38415] {CVE-2021-47459}
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Steve Best) [RHEL-39354] {CVE-2024-36016}
- net/sched: initialize noop_qdisc owner (Davide Caratti) [RHEL-35058]
- net/sched: Fix mirred deadlock on device recursion (Davide Caratti) [RHEL-35058] {CVE-2024-27010}
- KVM: SEV-ES: Fix svm_get_msr()/svm_set_msr() for KVM_SEV_ES_INIT guests (Paolo Bonzini) [RHEL-16745]
- x86/e820: Add a new e820 table update helper (Paolo Bonzini) [RHEL-16745]
- x86/sev: Add callback to apply RMP table fixups for kexec (Paolo Bonzini) [RHEL-16745]
- x86/kexec: Do not update E820 kexec table for setup_data (Paolo Bonzini) [RHEL-16745]
- x86/e820: Don't reserve SETUP_RNG_SEED in e820 (Paolo Bonzini) [RHEL-16745]
- redhat: add new configs (Paolo Bonzini) [RHEL-16745]
- KVM: SNP: Fix LBR Virtualization for SNP guest (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Don't save mmu_invalidate_seq after checking private attr (Paolo Bonzini) [RHEL-16745]
- KVM: SEV-ES: Delegate LBR virtualization to the processor (Paolo Bonzini) [RHEL-16745]
- KVM: SEV-ES: Disallow SEV-ES guests when X86_FEATURE_LBRV is absent (Paolo Bonzini) [RHEL-16745]
- KVM: SEV-ES: Prevent MSR access post VMSA encryption (Paolo Bonzini) [RHEL-16745]
- KVM: SVM: Remove the need to trigger an UNBLOCK event on AP creation (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Don't WARN() if RMP lookup fails when invalidating gmem pages (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Automatically switch reclaimed pages to shared (Paolo Bonzini) [RHEL-16745]
- KVM: SVM: Add module parameter to enable SEV-SNP (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Avoid WBINVD for HVA-based MMU notifications for SNP (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Implement hook for determining max NPT mapping level (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Implement gmem hook for invalidating private pages (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Implement gmem hook for initializing private pages (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Support SEV-SNP AP Creation NAE event (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add support to handle RMP nested page faults (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add support to handle Page State Change VMGEXIT (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add support to handle MSR based Page State Change VMGEXIT (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add support to handle GHCB GPA register VMGEXIT (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add KVM_SEV_SNP_LAUNCH_FINISH command (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add KVM_SEV_SNP_LAUNCH_UPDATE command (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add KVM_SEV_SNP_LAUNCH_START command (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add initial SEV-SNP support (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Select KVM_GENERIC_PRIVATE_MEM when CONFIG_KVM_AMD_SEV=y (Paolo Bonzini) [RHEL-16745]
- KVM: MMU: Disable fast path if KVM_EXIT_MEMORY_FAULT is needed (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Add hook for determining max NPT mapping level (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: Add hook for invalidating memory (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: Add interface for populating gmem pages with user data (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: extract __kvm_gmem_get_pfn() (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: Add hook for initializing memory (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: limit overzealous WARN (Paolo Bonzini) [RHEL-16745]
- KVM: guest_memfd: pass error up from filemap_grab_folio (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Advertise max mappable GPA in CPUID.0x80000008.GuestPhysBits (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Don't advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Split core of hypercall emulation to helper function (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Allow per-guest configuration of GHCB protocol version (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add GHCB handling for termination requests (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add GHCB handling for Hypervisor Feature Support requests (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Add support to handle AP reset MSR protocol (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Sanity check that __kvm_faultin_pfn() doesn't create noslot pfns (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Initialize kvm_page_fault's pfn and hva to error values (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Set kvm_page_fault.hva to KVM_HVA_ERR_BAD for "no slot" faults (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Handle no-slot faults at the beginning of kvm_faultin_pfn() (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Move slot checks from __kvm_faultin_pfn() to kvm_faultin_pfn() (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Explicitly disallow private accesses to emulated MMIO (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Don't force emulation of L2 accesses to non-APIC internal slots (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Move private vs. shared check above slot validity checks (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: WARN and skip MMIO cache on private, reserved page faults (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: check for invalid async page faults involving private memory (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Use synthetic page fault error code to indicate private faults (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: WARN if upper 32 bits of legacy #PF error code are non-zero (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Pass full 64-bit error code when handling page faults (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Move synthetic PFERR_* sanity checks to SVM's #NPF handler (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Define more SEV+ page fault error bits/flags for #NPF (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Remove separate "bit" defines for page fault error code masks (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Exit to userspace with -EFAULT if private fault hits emulation (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Disable KVM_INTEL_PROVE_VE by default (Paolo Bonzini) [RHEL-16745]
- KVM: VMX: Enumerate EPT Violation #VE support in /proc/cpuinfo (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Print SPTEs on unexpected #VE (Paolo Bonzini) [RHEL-16745]
- KVM: VMX: Dump VMCS on unexpected #VE (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Add sanity checks that KVM doesn't create EPT #VE SPTEs (Paolo Bonzini) [RHEL-16745]
- KVM: nVMX: Always handle #VEs in L0 (never forward #VEs from L2 to L1) (Paolo Bonzini) [RHEL-16745]
- KVM: nVMX: Initialize #VE info page for vmcs02 when proving #VE support (Paolo Bonzini) [RHEL-16745]
- KVM: VMX: Don't kill the VM on an unexpected #VE (Paolo Bonzini) [RHEL-16745]
- KVM: VMX: Introduce test mode related to EPT violation VE (Paolo Bonzini) [RHEL-16745]
- KVM, x86: add architectural support code for #VE (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Track shadow MMIO value on a per-VM basis (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Add Suppress VE bit to EPT shadow_mmio_mask/shadow_present_mask (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Use SHADOW_NONPRESENT_VALUE for atomic zap in TDP MMU (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Fix a largely theoretical race in kvm_mmu_track_write() (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Process atomically-zapped SPTEs after TLB flush (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Allow non-zero value for non-present SPTE and removed SPTE (Paolo Bonzini) [RHEL-16745]
- KVM: x86/mmu: Replace hardcoded value 0 for the initial value for SPTE (Paolo Bonzini) [RHEL-16745]
- KVM: Allow page-sized MMU caches to be initialized with custom 64-bit values (Paolo Bonzini) [RHEL-16745]
- KVM: delete .change_pte MMU notifier callback (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Explicitly zero kvm_caps during vendor module load (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Fully re-initialize supported_vm_types on vendor module load (Paolo Bonzini) [RHEL-16745]
- selftests: kvm: add test for transferring FPU state into VMSA (Paolo Bonzini) [RHEL-16745]
- selftests: kvm: split "launch" phase of SEV VM creation (Paolo Bonzini) [RHEL-16745]
- selftests: kvm: switch to using KVM_X86_*_VM (Paolo Bonzini) [RHEL-16745]
- selftests: kvm: add tests for KVM_SEV_INIT2 (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: allow SEV-ES DebugSwap again (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: introduce KVM_SEV_INIT2 operation (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: sync FPU and AVX state at LAUNCH_UPDATE_VMSA time (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: define VM types for SEV and SEV-ES (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: introduce to_kvm_sev_info (Paolo Bonzini) [RHEL-16745]
- KVM: x86: Add supported_vm_types to kvm_caps (Paolo Bonzini) [RHEL-16745]
- KVM: x86: add fields to struct kvm_arch for CoCo features (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: store VMSA features in kvm_sev_info (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: publish supported VMSA features (Paolo Bonzini) [RHEL-16745]
- KVM: introduce new vendor op for KVM_GET_DEVICE_ATTR (Paolo Bonzini) [RHEL-16745]
- KVM: x86: use u64_to_user_ptr() (Paolo Bonzini) [RHEL-16745]
- KVM: SVM: Compile sev.c if and only if CONFIG_KVM_AMD_SEV=y (Paolo Bonzini) [RHEL-16745]
- KVM: SVM: Invert handling of SEV and SEV_ES feature flags (Paolo Bonzini) [RHEL-16745]
- Documentation: kvm/sev: clarify usage of KVM_MEMORY_ENCRYPT_OP (Paolo Bonzini) [RHEL-16745]
- Documentation: kvm/sev: separate description of firmware (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Track SNP host status with cc_platform_*() (Paolo Bonzini) [RHEL-16745]
- x86/cc: Add cc_platform_set/_clear() helpers (Paolo Bonzini) [RHEL-16745]
- x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (Paolo Bonzini) [RHEL-16745]
- x86/tdx: Preserve shared bit on mprotect() (Paolo Bonzini) [RHEL-16745]
- x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Update the Zenbleed microcode revisions (Paolo Bonzini) [RHEL-16745]
- crypto: ccp - Avoid discarding errors in psp_send_platform_access_msg() (Paolo Bonzini) [RHEL-16745]
- crypto: ccp - State in dmesg that TSME is enabled (Paolo Bonzini) [RHEL-16745]
- x86/sev: Disable KMSAN for memory encryption TUs (Paolo Bonzini) [RHEL-16745]
- x86/sev: Dump SEV_STATUS (Paolo Bonzini) [RHEL-16745]
- crypto: ccp - Have it depend on AMD_IOMMU (Paolo Bonzini) [RHEL-16745]
- iommu/amd: Fix failure return from snp_lookup_rmpentry() (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Make snp_range_list static (Paolo Bonzini) [RHEL-16745]
- Documentation: virt: Fix up pre-formatted text block for SEV ioctls (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Add the SNP_SET_CONFIG command (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Add the SNP_COMMIT command (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Add the SNP_PLATFORM_STATUS command (Paolo Bonzini) [RHEL-16745]
- x86/cpufeatures: Enable/unmask SEV-SNP CPU feature (Paolo Bonzini) [RHEL-16745]
- KVM: SEV: Make AVIC backing, VMSA and VMCB memory allocation SNP safe (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Add panic notifier for SEV/SNP firmware shutdown on kdump (Paolo Bonzini) [RHEL-16745]
- iommu/amd: Clean up RMP entries for IOMMU pages during SNP shutdown (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Handle legacy SEV commands when SNP is enabled (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Handle non-volatile INIT_EX data when SNP is enabled (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Handle the legacy TMR allocation when SNP is enabled (Paolo Bonzini) [RHEL-16745]
- x86/sev: Introduce an SNP leaked pages list (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Provide an API to issue SEV and SNP commands (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Add support to initialize the AMD-SP for SEV-SNP (Paolo Bonzini) [RHEL-16745]
- crypto: ccp: Define the SEV-SNP commands (Paolo Bonzini) [RHEL-16745]
- crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked (Paolo Bonzini) [RHEL-16745]
- x86/sev: Adjust the directmap to avoid inadvertent RMP faults (Paolo Bonzini) [RHEL-16745]
- x86/sev: Add helper functions for RMPUPDATE and PSMASH instruction (Paolo Bonzini) [RHEL-16745]
- x86/fault: Dump RMP table information when RMP page faults occur (Paolo Bonzini) [RHEL-16745]
- x86/traps: Define RMP violation #PF error code (Paolo Bonzini) [RHEL-16745]
- x86/fault: Add helper for dumping RMP entries (Paolo Bonzini) [RHEL-16745]
- x86/sev: Add RMP entry lookup helpers (Paolo Bonzini) [RHEL-16745]
- x86/sev: Add SEV-SNP host initialization support (Paolo Bonzini) [RHEL-16745]
- x86/mtrr: Don't print errors if MtrrFixDramModEn is set when SNP enabled (Paolo Bonzini) [RHEL-16745]
- iommu/amd: Don't rely on external callers to enable IOMMU SNP support (Paolo Bonzini) [RHEL-16745]
- x86/speculation: Do not enable Automatic IBRS if SEV-SNP is enabled (Paolo Bonzini) [RHEL-16745]
- x86/cpufeatures: Add SEV-SNP CPU feature (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Do the common init on future Zens too (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Add more models to X86_FEATURE_ZEN5 (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Add X86_FEATURE_ZEN5 (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Add X86_FEATURE_ZEN1 (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Drop now unused CPU erratum checking function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Get rid of amd_erratum_1485[] (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Get rid of amd_erratum_400[] (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Get rid of amd_erratum_383[] (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Get rid of amd_erratum_1054[] (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Move the DIV0 bug detection to the Zen1 init function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Move Zenbleed check to the Zen2 init function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Rename init_amd_zn() to init_amd_zen_common() (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Call the spectral chicken in the Zen2 init function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Move erratum 1076 fix into the Zen1 init function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Move the Zen3 BTC_NO detection to the Zen3 init function (Paolo Bonzini) [RHEL-16745]
- x86/CPU/AMD: Carve out the erratum 1386 fix (Paolo Bonzini) [RHEL-16745]
- x86/sev: Fix position dependent variable references in startup code (Paolo Bonzini) [RHEL-16745]
- x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (Paolo Bonzini) [RHEL-16745]
- x86/sme: Fix memory encryption setting if enabled by default and not overridden (Paolo Bonzini) [RHEL-16745]
* Tue Jul 09 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-478.el9]
- netfilter: conntrack: switch connlabels to atomic_t (Xin Long) [RHEL-28816]
- sched: act_ct: add netns into the key of tcf_ct_flow_table (Xin Long) [RHEL-28816]

View File

@ -1,3 +1,3 @@
SHA512 (linux-5.14.0-478.el9.tar.xz) = 9de8e409352536d1850a0fe9255e43e0b84f2edb119efe2900057c4031cf7657463305d0a3aae54c3be4c9d24c7548b657a9267b01f14957f85d26509011c005
SHA512 (kernel-abi-stablelists-5.14.0-478.el9.tar.bz2) = 3fd4bafee9611aa41f3804ee5526a67937531082240c7358a608c748e1699b0ae1042f691076c1b307caf2562b14c630340bf0f396d1abe9457904f600717286
SHA512 (kernel-kabi-dw-5.14.0-478.el9.tar.bz2) = f457713ced0439861c4afb630f3f9a9c70ca92a9a9b5df963dfd843ba7f63d96eee6a43a998be8a328b19178d806c465f2f129104b17fc848c84c4cd22492963
SHA512 (linux-5.14.0-479.el9.tar.xz) = afae72ad766a47dbcf6dccdb37e74657f8765ae1b47dd13e6a304d7acd400b463f67be5b0a9d1452535ed71fd512692a2bd00635db5c1006f6edb55fd985a1b6
SHA512 (kernel-abi-stablelists-5.14.0-479.el9.tar.bz2) = 2c55fc110297a3cbd33cedcf3058a0300013c4fa77c2a5af991e369cba9a3bec689fb697945845b140542f9fb3d8fb07443895efd0a5879846ac944c5391ab04
SHA512 (kernel-kabi-dw-5.14.0-479.el9.tar.bz2) = f457713ced0439861c4afb630f3f9a9c70ca92a9a9b5df963dfd843ba7f63d96eee6a43a998be8a328b19178d806c465f2f129104b17fc848c84c4cd22492963