From 904ba4d2e1d70f32842bc8977e8ee86f8b7e9909 Mon Sep 17 00:00:00 2001 From: "Herton R. Krzesinski" Date: Wed, 26 Jan 2022 22:40:35 +0000 Subject: [PATCH] kernel-5.14.0-49.el9 * Wed Jan 26 2022 Herton R. Krzesinski [5.14.0-49.el9] - net: skb: use kfree_skb_reason() in __udp4_lib_rcv() (Antoine Tenart) [2041931] - net: skb: use kfree_skb_reason() in tcp_v4_rcv() (Antoine Tenart) [2041931] - net: skb: introduce kfree_skb_reason() (Antoine Tenart) [2041931] - net: add kerneldoc comment for sk_peer_lock (Guillaume Nault) [2037783] - af_unix: fix races in sk_peer_pid and sk_peer_cred accesses (Guillaume Nault) [2037783] {CVE-2021-4203} - netfilter: nat: force port remap to prevent shadowing well-known ports (Florian Westphal) [2006169] {CVE-2021-3773} - netfilter: conntrack: tag conntracks picked up in local out hook (Florian Westphal) [2006169] - selftests: nft_nat: switch port shadow test cases to socat (Florian Westphal) [2006169] - selftests: nft_nat: Simplify port shadow notrack test (Florian Westphal) [2006169] - selftests: nft_nat: Improve port shadow test stability (Florian Westphal) [2006169] - selftests: nft_nat: add udp hole punch test case (Florian Westphal) [2006169] - net: Remove redundant if statements (Petr Oros) [2037315] - netdevice: add the case if dev is NULL (Petr Oros) [2037315] - redhat: fix the exclusion of rhdocs changes entries in the changelog (Herton R. Krzesinski) - get_maintainer.conf: Update with new location of RHMAINTAINERS (Prarit Bhargava) - redhat: make pathspec exclusion compatible with old git versions (Herton R. Krzesinski) - redhat/scripts: Update merge-subtrees.sh with new subtree location (Prarit Bhargava) - tree: remove existing redhat/rhdocs subtree in 9.0 (Prarit Bhargava) - CI: Use realtime_check_baseline template (Veronika Kabatova) - powerpc/fadump: Fix inaccurate CPU state info in vmcore generated with panic (Gustavo Walbon) [2025518] - powerpc: handle kdump appropriately with crash_kexec_post_notifiers option (Gustavo Walbon) [2025518] - powerpc/pseries: use slab context cpumask allocation in CPU hotplug init (Waiman Long) [2019671] - powerpc/pseries: Fix build error when NUMA=n (Waiman Long) [2019671] - powerpc/smp: Use existing L2 cache_map cpumask to find L3 cache siblings (Diego Domingos) [2039639] - powerpc/cacheinfo: Remove the redundant get_shared_cpu_map() (Diego Domingos) [2039639] - powerpc/cacheinfo: Lookup cache by dt node and thread-group id (Diego Domingos) [2039639] - powerpc: select CPUMASK_OFFSTACK if NR_CPUS >= 8192 (Diego Domingos) [2039163] - powerpc: remove cpu_online_cores_map function (Diego Domingos) [2039163] - adding support for c9s automotive coverage build (bgrech) - CI: Use tagged containers (Veronika Kabatova) - xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate (Carlos Maiolino) [2034871] {CVE-2021-4155} - selftests/powerpc: skip tests for unavailable mitigations. (Diego Domingos) [2021389] - selftests/powerpc: Use date instead of EPOCHSECONDS in mitigation-patching.sh (Diego Domingos) [2021389] - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate (William Zhao) [2037810] - KVM: x86: Wait for IPIs to be delivered when handling Hyper-V TLB flush hypercall (Vitaly Kuznetsov) [2036570] - net: vlan: fix underflow for the real_dev refcnt (Balazs Nemeth) [2030036] - net: vlan: fix a UAF in vlan_dev_real_dev() (Balazs Nemeth) [2030036] Resolves: rhbz#2006169, rhbz#2019671, rhbz#2021389, rhbz#2025518, rhbz#2030036, rhbz#2034871, rhbz#2036570, rhbz#2037315, rhbz#2037783, rhbz#2037810, rhbz#2039163, rhbz#2039639, rhbz#2041931 Signed-off-by: Herton R. Krzesinski --- Makefile.rhelver | 2 +- kernel.spec | 51 ++++++++++++++++++++++++++++++++++++++++++------ sources | 6 +++--- 3 files changed, 49 insertions(+), 10 deletions(-) diff --git a/Makefile.rhelver b/Makefile.rhelver index 36fa86988..349f56d09 100644 --- a/Makefile.rhelver +++ b/Makefile.rhelver @@ -12,7 +12,7 @@ RHEL_MINOR = 0 # # Use this spot to avoid future merge conflicts. # Do not trim this comment. -RHEL_RELEASE = 48 +RHEL_RELEASE = 49 # # Early y+1 numbering diff --git a/kernel.spec b/kernel.spec index 4885cd624..bc6c4e0a8 100755 --- a/kernel.spec +++ b/kernel.spec @@ -85,7 +85,7 @@ Summary: The Linux kernel # the --with-release option overrides this setting.) %define debugbuildsenabled 1 -%global distro_build 48 +%global distro_build 49 %if 0%{?fedora} %define secure_boot_arch x86_64 @@ -129,13 +129,13 @@ Summary: The Linux kernel %define kversion 5.14 %define rpmversion 5.14.0 -%define pkgrelease 48.el9 +%define pkgrelease 49.el9 # This is needed to do merge window version magic %define patchlevel 14 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 48%{?buildid}%{?dist} +%define specrelease 49%{?buildid}%{?dist} %define pkg_release %{specrelease} @@ -680,7 +680,7 @@ BuildRequires: lld # exact git commit you can run # # xzcat -qq ${TARBALL} | git get-tar-commit-id -Source0: linux-5.14.0-48.el9.tar.xz +Source0: linux-5.14.0-49.el9.tar.xz Source1: Makefile.rhelver @@ -1364,8 +1364,8 @@ ApplyOptionalPatch() fi } -%setup -q -n kernel-5.14.0-48.el9 -c -mv linux-5.14.0-48.el9 linux-%{KVERREL} +%setup -q -n kernel-5.14.0-49.el9 -c +mv linux-5.14.0-49.el9 linux-%{KVERREL} cd linux-%{KVERREL} cp -a %{SOURCE1} . @@ -2957,6 +2957,45 @@ fi # # %changelog +* Wed Jan 26 2022 Herton R. Krzesinski [5.14.0-49.el9] +- net: skb: use kfree_skb_reason() in __udp4_lib_rcv() (Antoine Tenart) [2041931] +- net: skb: use kfree_skb_reason() in tcp_v4_rcv() (Antoine Tenart) [2041931] +- net: skb: introduce kfree_skb_reason() (Antoine Tenart) [2041931] +- net: add kerneldoc comment for sk_peer_lock (Guillaume Nault) [2037783] +- af_unix: fix races in sk_peer_pid and sk_peer_cred accesses (Guillaume Nault) [2037783] {CVE-2021-4203} +- netfilter: nat: force port remap to prevent shadowing well-known ports (Florian Westphal) [2006169] {CVE-2021-3773} +- netfilter: conntrack: tag conntracks picked up in local out hook (Florian Westphal) [2006169] +- selftests: nft_nat: switch port shadow test cases to socat (Florian Westphal) [2006169] +- selftests: nft_nat: Simplify port shadow notrack test (Florian Westphal) [2006169] +- selftests: nft_nat: Improve port shadow test stability (Florian Westphal) [2006169] +- selftests: nft_nat: add udp hole punch test case (Florian Westphal) [2006169] +- net: Remove redundant if statements (Petr Oros) [2037315] +- netdevice: add the case if dev is NULL (Petr Oros) [2037315] +- redhat: fix the exclusion of rhdocs changes entries in the changelog (Herton R. Krzesinski) +- get_maintainer.conf: Update with new location of RHMAINTAINERS (Prarit Bhargava) +- redhat: make pathspec exclusion compatible with old git versions (Herton R. Krzesinski) +- redhat/scripts: Update merge-subtrees.sh with new subtree location (Prarit Bhargava) +- tree: remove existing redhat/rhdocs subtree in 9.0 (Prarit Bhargava) +- CI: Use realtime_check_baseline template (Veronika Kabatova) +- powerpc/fadump: Fix inaccurate CPU state info in vmcore generated with panic (Gustavo Walbon) [2025518] +- powerpc: handle kdump appropriately with crash_kexec_post_notifiers option (Gustavo Walbon) [2025518] +- powerpc/pseries: use slab context cpumask allocation in CPU hotplug init (Waiman Long) [2019671] +- powerpc/pseries: Fix build error when NUMA=n (Waiman Long) [2019671] +- powerpc/smp: Use existing L2 cache_map cpumask to find L3 cache siblings (Diego Domingos) [2039639] +- powerpc/cacheinfo: Remove the redundant get_shared_cpu_map() (Diego Domingos) [2039639] +- powerpc/cacheinfo: Lookup cache by dt node and thread-group id (Diego Domingos) [2039639] +- powerpc: select CPUMASK_OFFSTACK if NR_CPUS >= 8192 (Diego Domingos) [2039163] +- powerpc: remove cpu_online_cores_map function (Diego Domingos) [2039163] +- adding support for c9s automotive coverage build (bgrech) +- CI: Use tagged containers (Veronika Kabatova) +- xfs: map unwritten blocks in XFS_IOC_{ALLOC,FREE}SP just like fallocate (Carlos Maiolino) [2034871] {CVE-2021-4155} +- selftests/powerpc: skip tests for unavailable mitigations. (Diego Domingos) [2021389] +- selftests/powerpc: Use date instead of EPOCHSECONDS in mitigation-patching.sh (Diego Domingos) [2021389] +- ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate (William Zhao) [2037810] +- KVM: x86: Wait for IPIs to be delivered when handling Hyper-V TLB flush hypercall (Vitaly Kuznetsov) [2036570] +- net: vlan: fix underflow for the real_dev refcnt (Balazs Nemeth) [2030036] +- net: vlan: fix a UAF in vlan_dev_real_dev() (Balazs Nemeth) [2030036] + * Mon Jan 24 2022 Herton R. Krzesinski [5.14.0-48.el9] - net: mana: Add RX fencing (Mohammed Gamal) [2030357] - net: mana: Add XDP support (Mohammed Gamal) [2030357] diff --git a/sources b/sources index fbfc02a7d..5e8fff238 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-5.14.0-48.el9.tar.xz) = 5a204e6e0ea7d66aea3d6d27a136ea42884c8d4394a71ca2e9c161da6fe0cdef2fdb8e9fe7c97bdc9d2435beb47e35baba135ca6e8c5f51037cd80da229a49e7 -SHA512 (kernel-abi-stablelists-5.14.0-48.tar.bz2) = 5efeec02e8fe8b16f73a9f4aec67ced72d06d351d4bacdea7c4539018d4ec15b978586b6aa26a65927975640eaab0cca46e2a920df57cc6a3797e6d5f3b853ec -SHA512 (kernel-kabi-dw-5.14.0-48.tar.bz2) = 08617c2a604ac48cbf3afe2e8e2d6570be24fc8d8776bcf621053bea6260380c08f349f8c7ec07ee8806baed1b28e9caa09b808b7b24ce9a80ed153e8968562f +SHA512 (linux-5.14.0-49.el9.tar.xz) = 229f2fe525688d0962a0534653bdda483048d805630c9c9f7184fbb7b98cee8663d74130987a184bebdce0d125ad02fef5c90d9e55958664140234bf04015bfb +SHA512 (kernel-abi-stablelists-5.14.0-49.tar.bz2) = fcc943b92adf92d10c04e20ef74ec7324a6618e57f9a2065d644c89c0a56486fba8402f2ed149c577e895b6c10841dfb220471cf331281f45bcadabbe061a804 +SHA512 (kernel-kabi-dw-5.14.0-49.tar.bz2) = 4c99afa366f4d25d5dcd534f9d17f61f72d26fbd4c59e2f018e42a1bcd77d599ca9a2a8ac3b094b7ce2fe6abc6ac4eafcd08f1a5422decc8b9f1a51d2548bd7d