kernel-5.14.0-154.el9

* Tue Aug 23 2022 Herton R. Krzesinski <herton@redhat.com> [5.14.0-154.el9]
- Revert "x86/sev: Expose sev_es_ghcb_hv_call() for use by HyperV" (John Allen) [2081424]
- virt: sev-guest: Pass the appropriate argument type to iounmap() (John Allen) [2081424]
- x86/boot: Fix the setup data types max limit (John Allen) [2081424]
- x86/compressed/64: Add identity mappings for setup_data entries (John Allen) [2081424]
- x86/Hyper-V: Add SEV negotiate protocol support in Isolation VM (John Allen) [2081424]
- x86/sev: Mark the code returning to user space as syscall gap (John Allen) [2081424]
- x86/sev: Annotate stack change in the #VC handler (John Allen) [2081424]
- x86/sev: Remove duplicated assignment to variable info (John Allen) [2081424]
- x86/sev: Fix address space sparse warning (John Allen) [2081424]
- x86/sev: Get the AP jump table address from secrets page (John Allen) [2081424]
- x86/sev: Add missing __init annotations to SEV init routines (John Allen) [2081424]
- virt: sevguest: Rename the sevguest dir and files to sev-guest (John Allen) [2081424]
- virt: sevguest: Change driver name to reflect generic SEV support (John Allen) [2081424]
- x86/boot: Put globals that are accessed early into the .data section (John Allen) [2081424]
- virt: sevguest: Fix bool function returning negative value (John Allen) [2081424]
- virt: sevguest: Fix return value check in alloc_shared_pages() (John Allen) [2081424]
- x86/sev: Unroll string mmio with CC_ATTR_GUEST_UNROLL_STRING_IO (John Allen) [2081424]
- x86/sev-es: Replace open-coded hlt-loop with sev_es_terminate() (John Allen) [2081424]
- virt: sevguest: Add documentation for SEV-SNP CPUID Enforcement (John Allen) [2081424]
- virt: sevguest: Add support to get extended report (John Allen) [2081424]
- virt: sevguest: Add support to derive key (John Allen) [2081424]
- redhat/configs: enable CONFIG_SEV_GUEST (John Allen) [2081424]
- virt: Add SEV-SNP guest driver (John Allen) [2081424]
- x86/sev: Register SEV-SNP guest request platform device (John Allen) [2081424]
- x86/sev: Provide support for SNP guest request NAEs (John Allen) [2081424]
- x86/sev: Add a sev= cmdline option (John Allen) [2081424]
- x86/sev: Use firmware-validated CPUID for SEV-SNP guests (John Allen) [2081424]
- x86/sev: Add SEV-SNP feature detection/setup (John Allen) [2081424]
- x86/compressed/64: Add identity mapping for Confidential Computing blob (John Allen) [2081424]
- x86/compressed: Export and rename add_identity_map() (John Allen) [2081424]
- x86/compressed: Use firmware-validated CPUID leaves for SEV-SNP guests (John Allen) [2081424]
- x86/compressed: Add SEV-SNP feature detection/setup (John Allen) [2081424]
- x86/boot: Add a pointer to Confidential Computing blob in bootparams (John Allen) [2081424]
- x86/compressed/64: Add support for SEV-SNP CPUID table in #VC handlers (John Allen) [2081424]
- x86/sev: Move MSR-based VMGEXITs for CPUID to helper (John Allen) [2081424]
- KVM: x86: Move lookup of indexed CPUID leafs to helper (John Allen) [2081424]
- x86/boot: Add Confidential Computing type to setup_data (John Allen) [2081424]
- x86/compressed/acpi: Move EFI kexec handling into common code (John Allen) [2081424]
- x86/compressed/acpi: Move EFI vendor table lookup to helper (John Allen) [2081424]
- x86/compressed/acpi: Move EFI config table lookup to helper (John Allen) [2081424]
- x86/compressed/acpi: Move EFI system table lookup to helper (John Allen) [2081424]
- x86/compressed/acpi: Move EFI detection to helper (John Allen) [2081424]
- x86/head/64: Re-enable stack protection (John Allen) [2081424]
- x86/sev: Use SEV-SNP AP creation to start secondary CPUs (John Allen) [2081424]
- x86/mm: Validate memory when changing the C-bit (John Allen) [2081424]
- x86/kernel: Validate ROM memory before accessing when SEV-SNP is active (John Allen) [2081424]
- x86/kernel: Mark the .bss..decrypted section as shared in the RMP table (John Allen) [2081424]
- x86/sev: Add helper for validating pages in early enc attribute changes (John Allen) [2081424]
- x86/sev: Register GHCB memory when SEV-SNP is active (John Allen) [2081424]
- x86/compressed: Register GHCB memory when SEV-SNP is active (John Allen) [2081424]
- x86/compressed: Add helper for validating pages in the decompression stage (John Allen) [2081424]
- x86/sev: Check the VMPL level (John Allen) [2081424]
- x86/sev: Add a helper for the PVALIDATE instruction (John Allen) [2081424]
- x86/sev: Check SEV-SNP features support (John Allen) [2081424]
- x86/sev: Save the negotiated GHCB version (John Allen) [2081424]
- x86/sev: Define the Linux-specific guest termination reasons (John Allen) [2081424]
- x86/mm: Extend cc_attr to include AMD SEV-SNP (John Allen) [2081424]
- x86/sev: Detect/setup SEV/SME features earlier in boot (John Allen) [2081424]
- x86/compressed/64: Detect/setup SEV/SME features earlier during boot (John Allen) [2081424]
- x86/boot: Use MSR read/write helpers instead of inline assembly (John Allen) [2081424]
- x86/boot: Introduce helpers for MSR reads/writes (John Allen) [2081424]
- KVM: SVM: Update the SEV-ES save area mapping (John Allen) [2081424]
- KVM: SVM: Create a separate mapping for the GHCB save area (John Allen) [2081424]
- KVM: SVM: Create a separate mapping for the SEV-ES save area (John Allen) [2081424]
- KVM: SVM: Define sev_features and vmpl field in the VMSA (John Allen) [2081424]
- x86/mm/cpa: Generalize __set_memory_enc_pgtable() (John Allen) [2081424]
- x86/coco: Add API to handle encryption mask (John Allen) [2081424]
- x86/cc: Move arch/x86/{kernel/cc_platform.c => coco/core.c} (John Allen) [2081424]
- x86/sev: Move common memory encryption code to mem_encrypt.c (John Allen) [2081424]
- x86/sev: Rename mem_encrypt.c to mem_encrypt_amd.c (John Allen) [2081424]
- x86/sev: Remove do_early_exception() forward declarations (John Allen) [2081424]
- x86/head64: Carve out the guest encryption postprocessing into a helper (John Allen) [2081424]
- x86/sev: Get rid of excessive use of defines (John Allen) [2081424]
- x86/sev: Shorten GHCB terminate macro names (John Allen) [2081424]
- x86/sev: Make the #VC exception stacks part of the default stacks storage (John Allen) [2081424]
- tools headers UAPI: Synch KVM's svm.h header with the kernel (John Allen) [2081424]
Resolves: rhbz#2081424

Signed-off-by: Herton R. Krzesinski <herton@redhat.com>
This commit is contained in:
Herton R. Krzesinski 2022-08-23 15:39:16 +00:00
parent 25a53df6a1
commit a1269d243a
5 changed files with 89 additions and 9 deletions

View File

@ -12,7 +12,7 @@ RHEL_MINOR = 1
#
# Use this spot to avoid future merge conflicts.
# Do not trim this comment.
RHEL_RELEASE = 153
RHEL_RELEASE = 154
#
# ZSTREAM

View File

@ -4848,6 +4848,7 @@ CONFIG_SERIO_LIBPS2=y
CONFIG_SERIO_RAW=m
CONFIG_SERIO_SERPORT=m
CONFIG_SERIO=y
CONFIG_SEV_GUEST=m
# CONFIG_SFC_FALCON is not set
CONFIG_SFC=m
CONFIG_SFC_MCDI_LOGGING=y

View File

@ -4827,6 +4827,7 @@ CONFIG_SERIO_LIBPS2=y
CONFIG_SERIO_RAW=m
CONFIG_SERIO_SERPORT=m
CONFIG_SERIO=y
CONFIG_SEV_GUEST=m
# CONFIG_SFC_FALCON is not set
CONFIG_SFC=m
CONFIG_SFC_MCDI_LOGGING=y

View File

@ -121,13 +121,13 @@ Summary: The Linux kernel
%define kversion 5.14
%define rpmversion 5.14.0
%define pkgrelease 153.el9
%define pkgrelease 154.el9
# This is needed to do merge window version magic
%define patchlevel 14
# allow pkg_release to have configurable %%{?dist} tag
%define specrelease 153%{?buildid}%{?dist}
%define specrelease 154%{?buildid}%{?dist}
%define pkg_release %{specrelease}
@ -679,7 +679,7 @@ BuildRequires: lld
# exact git commit you can run
#
# xzcat -qq ${TARBALL} | git get-tar-commit-id
Source0: linux-5.14.0-153.el9.tar.xz
Source0: linux-5.14.0-154.el9.tar.xz
Source1: Makefile.rhelver
@ -1351,8 +1351,8 @@ ApplyOptionalPatch()
fi
}
%setup -q -n kernel-5.14.0-153.el9 -c
mv linux-5.14.0-153.el9 linux-%{KVERREL}
%setup -q -n kernel-5.14.0-154.el9 -c
mv linux-5.14.0-154.el9 linux-%{KVERREL}
cd linux-%{KVERREL}
cp -a %{SOURCE1} .
@ -3018,6 +3018,84 @@ fi
#
#
%changelog
* Tue Aug 23 2022 Herton R. Krzesinski <herton@redhat.com> [5.14.0-154.el9]
- Revert "x86/sev: Expose sev_es_ghcb_hv_call() for use by HyperV" (John Allen) [2081424]
- virt: sev-guest: Pass the appropriate argument type to iounmap() (John Allen) [2081424]
- x86/boot: Fix the setup data types max limit (John Allen) [2081424]
- x86/compressed/64: Add identity mappings for setup_data entries (John Allen) [2081424]
- x86/Hyper-V: Add SEV negotiate protocol support in Isolation VM (John Allen) [2081424]
- x86/sev: Mark the code returning to user space as syscall gap (John Allen) [2081424]
- x86/sev: Annotate stack change in the #VC handler (John Allen) [2081424]
- x86/sev: Remove duplicated assignment to variable info (John Allen) [2081424]
- x86/sev: Fix address space sparse warning (John Allen) [2081424]
- x86/sev: Get the AP jump table address from secrets page (John Allen) [2081424]
- x86/sev: Add missing __init annotations to SEV init routines (John Allen) [2081424]
- virt: sevguest: Rename the sevguest dir and files to sev-guest (John Allen) [2081424]
- virt: sevguest: Change driver name to reflect generic SEV support (John Allen) [2081424]
- x86/boot: Put globals that are accessed early into the .data section (John Allen) [2081424]
- virt: sevguest: Fix bool function returning negative value (John Allen) [2081424]
- virt: sevguest: Fix return value check in alloc_shared_pages() (John Allen) [2081424]
- x86/sev: Unroll string mmio with CC_ATTR_GUEST_UNROLL_STRING_IO (John Allen) [2081424]
- x86/sev-es: Replace open-coded hlt-loop with sev_es_terminate() (John Allen) [2081424]
- virt: sevguest: Add documentation for SEV-SNP CPUID Enforcement (John Allen) [2081424]
- virt: sevguest: Add support to get extended report (John Allen) [2081424]
- virt: sevguest: Add support to derive key (John Allen) [2081424]
- redhat/configs: enable CONFIG_SEV_GUEST (John Allen) [2081424]
- virt: Add SEV-SNP guest driver (John Allen) [2081424]
- x86/sev: Register SEV-SNP guest request platform device (John Allen) [2081424]
- x86/sev: Provide support for SNP guest request NAEs (John Allen) [2081424]
- x86/sev: Add a sev= cmdline option (John Allen) [2081424]
- x86/sev: Use firmware-validated CPUID for SEV-SNP guests (John Allen) [2081424]
- x86/sev: Add SEV-SNP feature detection/setup (John Allen) [2081424]
- x86/compressed/64: Add identity mapping for Confidential Computing blob (John Allen) [2081424]
- x86/compressed: Export and rename add_identity_map() (John Allen) [2081424]
- x86/compressed: Use firmware-validated CPUID leaves for SEV-SNP guests (John Allen) [2081424]
- x86/compressed: Add SEV-SNP feature detection/setup (John Allen) [2081424]
- x86/boot: Add a pointer to Confidential Computing blob in bootparams (John Allen) [2081424]
- x86/compressed/64: Add support for SEV-SNP CPUID table in #VC handlers (John Allen) [2081424]
- x86/sev: Move MSR-based VMGEXITs for CPUID to helper (John Allen) [2081424]
- KVM: x86: Move lookup of indexed CPUID leafs to helper (John Allen) [2081424]
- x86/boot: Add Confidential Computing type to setup_data (John Allen) [2081424]
- x86/compressed/acpi: Move EFI kexec handling into common code (John Allen) [2081424]
- x86/compressed/acpi: Move EFI vendor table lookup to helper (John Allen) [2081424]
- x86/compressed/acpi: Move EFI config table lookup to helper (John Allen) [2081424]
- x86/compressed/acpi: Move EFI system table lookup to helper (John Allen) [2081424]
- x86/compressed/acpi: Move EFI detection to helper (John Allen) [2081424]
- x86/head/64: Re-enable stack protection (John Allen) [2081424]
- x86/sev: Use SEV-SNP AP creation to start secondary CPUs (John Allen) [2081424]
- x86/mm: Validate memory when changing the C-bit (John Allen) [2081424]
- x86/kernel: Validate ROM memory before accessing when SEV-SNP is active (John Allen) [2081424]
- x86/kernel: Mark the .bss..decrypted section as shared in the RMP table (John Allen) [2081424]
- x86/sev: Add helper for validating pages in early enc attribute changes (John Allen) [2081424]
- x86/sev: Register GHCB memory when SEV-SNP is active (John Allen) [2081424]
- x86/compressed: Register GHCB memory when SEV-SNP is active (John Allen) [2081424]
- x86/compressed: Add helper for validating pages in the decompression stage (John Allen) [2081424]
- x86/sev: Check the VMPL level (John Allen) [2081424]
- x86/sev: Add a helper for the PVALIDATE instruction (John Allen) [2081424]
- x86/sev: Check SEV-SNP features support (John Allen) [2081424]
- x86/sev: Save the negotiated GHCB version (John Allen) [2081424]
- x86/sev: Define the Linux-specific guest termination reasons (John Allen) [2081424]
- x86/mm: Extend cc_attr to include AMD SEV-SNP (John Allen) [2081424]
- x86/sev: Detect/setup SEV/SME features earlier in boot (John Allen) [2081424]
- x86/compressed/64: Detect/setup SEV/SME features earlier during boot (John Allen) [2081424]
- x86/boot: Use MSR read/write helpers instead of inline assembly (John Allen) [2081424]
- x86/boot: Introduce helpers for MSR reads/writes (John Allen) [2081424]
- KVM: SVM: Update the SEV-ES save area mapping (John Allen) [2081424]
- KVM: SVM: Create a separate mapping for the GHCB save area (John Allen) [2081424]
- KVM: SVM: Create a separate mapping for the SEV-ES save area (John Allen) [2081424]
- KVM: SVM: Define sev_features and vmpl field in the VMSA (John Allen) [2081424]
- x86/mm/cpa: Generalize __set_memory_enc_pgtable() (John Allen) [2081424]
- x86/coco: Add API to handle encryption mask (John Allen) [2081424]
- x86/cc: Move arch/x86/{kernel/cc_platform.c => coco/core.c} (John Allen) [2081424]
- x86/sev: Move common memory encryption code to mem_encrypt.c (John Allen) [2081424]
- x86/sev: Rename mem_encrypt.c to mem_encrypt_amd.c (John Allen) [2081424]
- x86/sev: Remove do_early_exception() forward declarations (John Allen) [2081424]
- x86/head64: Carve out the guest encryption postprocessing into a helper (John Allen) [2081424]
- x86/sev: Get rid of excessive use of defines (John Allen) [2081424]
- x86/sev: Shorten GHCB terminate macro names (John Allen) [2081424]
- x86/sev: Make the #VC exception stacks part of the default stacks storage (John Allen) [2081424]
- tools headers UAPI: Synch KVM's svm.h header with the kernel (John Allen) [2081424]
* Tue Aug 23 2022 Herton R. Krzesinski <herton@redhat.com> [5.14.0-153.el9]
- selftests: netfilter: add test case for nf trace infrastructure (Florian Westphal) [2112751]
- netfilter: nf_tables: fix crash when nf_trace is enabled (Florian Westphal) [2112751]

View File

@ -1,3 +1,3 @@
SHA512 (linux-5.14.0-153.el9.tar.xz) = bf7ea912d750902d4fe3abbfe117f12d167e290e2c4e582be8edda6fb3a991a2c8424e119c1a2cc2285e2878bde85631fd96c0d52ec29ea4c70e3f23b9a5cfc0
SHA512 (kernel-abi-stablelists-5.14.0-153.el9.tar.bz2) = 42a4626c09dadf1e572f3955afba0e19913deea6a5c4204e75191c69b179a0ffea8c825aa52960f39abe13681d8633af4757f48b924a1b3902950323ee876301
SHA512 (kernel-kabi-dw-5.14.0-153.el9.tar.bz2) = d17de1badc8a73b1620baf27ed7eb6ef24961974d40f09f944c586251b93dede3569e9c9b70ec05c8e714b05289f6b1c27618c73ef5f7e94db30f12ef987a339
SHA512 (linux-5.14.0-154.el9.tar.xz) = 6e61f5fa250196df162e8ccf5d60347b0c71f96ea051eccdad36d510b1c00b8a555da546a37dc6845ba1971d92f076fc0db1ebdab5f89f0527db443c50a455ca
SHA512 (kernel-abi-stablelists-5.14.0-154.el9.tar.bz2) = e944eca08b8e1fee3122aa14df5559e49ee9910700fafa829303b21dcc3f279264d7c8224aef9fc4b98d42c0ec4a153b543638a382f18198074ba8daa57f2d3e
SHA512 (kernel-kabi-dw-5.14.0-154.el9.tar.bz2) = 9ab07294b81e0fa4977f7f66f975108274716ea2ce13cd51bfd77a879fabd4f696e51bb2593abd2a029d05ae609123f94ac2a73f2b268e164ac2100d19df69c0