From abea27b0ac3255ed18a2cae6dedfd5b61dc1eb86 Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Tue, 19 Mar 2024 21:50:06 +0100 Subject: [PATCH] kernel-4.18.0-547.el8 * Tue Mar 19 2024 Denys Vlasenko [4.18.0-547.el8] - x86/efistub: Avoid placing the kernel below LOAD_PHYSICAL_ADDR (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Give up if memory attribute protocol returns an error (Lenny Szubowicz) [RHEL-2505] - x86/boot: Increase section and file alignment to 4k/512 (Lenny Szubowicz) [RHEL-2505] - x86/boot: Split off PE/COFF .data section (Lenny Szubowicz) [RHEL-2505] - x86/boot: Drop PE/COFF .reloc section (Lenny Szubowicz) [RHEL-2505] - x86/boot: Construct PE/COFF .text section from assembler (Lenny Szubowicz) [RHEL-2505] - x86/boot: Derive file size from _edata symbol (Lenny Szubowicz) [RHEL-2505] - x86/boot/compressed: Remove, discard, or assert for unwanted sections (Lenny Szubowicz) [RHEL-2505] - x86/boot: Check that there are no run-time relocations (Lenny Szubowicz) [RHEL-2505] - x86/boot: Discard .discard.unreachable for arch/x86/boot/compressed/vmlinux (Lenny Szubowicz) [RHEL-2505] - x86/boot: Define setup size in linker script (Lenny Szubowicz) [RHEL-2505] - x86/boot: Set EFI handover offset directly in header asm (Lenny Szubowicz) [RHEL-2505] - x86/boot: Drop references to startup_64 (Lenny Szubowicz) [RHEL-2505] - x86/boot: Drop redundant code setting the root device (Lenny Szubowicz) [RHEL-2505] - x86/build: Declutter the build output (Lenny Szubowicz) [RHEL-2505] - x86/boot: Omit compression buffer from PE/COFF image memory footprint (Lenny Szubowicz) [RHEL-2505] - x86/boot: Mark global variables as static (Lenny Szubowicz) [RHEL-2505] - efi/x86: Remove extra headroom for setup block (Lenny Szubowicz) [RHEL-2505] - x86/boot: Remove the 'bugger off' message (Lenny Szubowicz) [RHEL-2505] - x86/efi: Drop alignment flags from PE section headers (Lenny Szubowicz) [RHEL-2505] - efi: Put Linux specific magic number in the DOS header (Lenny Szubowicz) [RHEL-2505] - efi/x86: Fix the missing KASLR_FLAG bit in boot_params->hdr.loadflags (Lenny Szubowicz) [RHEL-2505] - efi/x86: Avoid physical KASLR on older Dell systems (Lenny Szubowicz) [RHEL-2505] - x86/boot: efistub: Assign global boot_params variable (Lenny Szubowicz) [RHEL-2505] - x86/boot: Rename conflicting 'boot_params' pointer to 'boot_params_ptr' (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Avoid legacy decompressor when doing EFI boot (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Perform SNP feature test while running in the firmware (Lenny Szubowicz) [RHEL-2505] - x86/sev: Do not try to parse for the CC blob on non-AMD hardware (Lenny Szubowicz) [RHEL-2505] - efi/libstub: Add limit argument to efi_random_alloc() (Lenny Szubowicz) [RHEL-2505] - arm64: efi: Limit allocations to 48-bit addressable physical region (Lenny Szubowicz) [RHEL-2505] - efi: libstub: use EFI_LOADER_CODE region when moving the kernel in memory (Lenny Szubowicz) [RHEL-2505] - arm64: efi: kaslr: Fix occasional random alloc (and boot) failure (Lenny Szubowicz) [RHEL-2505] - efi/libstub/random: Increase random alloc granularity (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Factor out kernel decompression and relocation (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Move global symbol references to C code (Lenny Szubowicz) [RHEL-2505] - decompress: Use 8 byte alignment (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Prefer EFI memory attributes protocol over DXE services (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Perform 4/5 level paging switch from the stub (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Merge trampoline cleanup with switching code (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Pass pgtable address to trampoline directly (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Only call the trampoline when changing paging levels (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Call trampoline directly from C code (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Avoid the need for a stack in the 32-bit trampoline (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Use standard calling convention for trampoline (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Call trampoline as a normal function (Lenny Szubowicz) [RHEL-2505] - x86/boot/compressed/64: Remove .bss/.pgtable from bzImage (Lenny Szubowicz) [RHEL-2505] - x86/boot: Remove run-time relocations from .head.text code (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Assign paging related global variables earlier (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Store boot_params pointer in callee save register (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Clear BSS in EFI handover protocol entrypoint (Lenny Szubowicz) [RHEL-2505] - x86/head_64: Store boot_params pointer in callee save register (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Don't rely on upper 32 bits of GPRs being preserved (Lenny Szubowicz) [RHEL-2505] - x86/head/64: Switch to KERNEL_CS as soon as new GDT is installed (Lenny Szubowicz) [RHEL-2505] - efi/libstub: Add memory attribute protocol definitions (Lenny Szubowicz) [RHEL-2505] - efi/x86: libstub: remove unused variable (Lenny Szubowicz) [RHEL-2505] - x86/boot: Robustify calling startup_{32,64}() from the decompressor code (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Simplify and clean up handover entry code (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Branch straight to kernel entry point from C code (Lenny Szubowicz) [RHEL-2505] - efi/x86: Avoid using code32_start (Lenny Szubowicz) [RHEL-2505] - efi/libstub/x86: Use Exit() boot service to exit the stub on errors (Lenny Szubowicz) [RHEL-2505] - efi: x86: Wipe setup_data on pure EFI boot (Lenny Szubowicz) [RHEL-2505] - efi: x86: Fix config name for setting the NX-compatibility flag in the PE header (Lenny Szubowicz) [RHEL-2505] - efi: x86: Set the NX-compatibility flag in the PE header (Lenny Szubowicz) [RHEL-2505] - efi/x86: Add kernel preferred address to PE header (Lenny Szubowicz) [RHEL-2505] - efi/x86: Use symbolic constants in PE header instead of bare numbers (Lenny Szubowicz) [RHEL-2505] - efi/x86: Drop redundant .bss section (Lenny Szubowicz) [RHEL-2505] - efi/x86: add headroom to decompressor BSS to account for setup block (Lenny Szubowicz) [RHEL-2505] - x86/boot: Remove run-time relocations from head_{32,64}.S (Lenny Szubowicz) [RHEL-2505] - x86/boot/compressed: Fix debug_puthex() parameter type (Lenny Szubowicz) [RHEL-2505] - x86/boot/compressed/64: Use 32-bit (zero-extended) MOV for z_output_len (Lenny Szubowicz) [RHEL-2505] - x86/boot: Use unsigned comparison for addresses (Lenny Szubowicz) [RHEL-2505] - x86/boot: Micro-optimize GDT loading instructions (Lenny Szubowicz) [RHEL-2505] - x86/boot: GDT limit value should be size - 1 (Lenny Szubowicz) [RHEL-2505] - efi/x86: Remove GDT setup from efi_main (Lenny Szubowicz) [RHEL-2505] - x86/boot: Clear direction and interrupt flags in startup_64 (Lenny Szubowicz) [RHEL-2505] - efi/x86: Don't depend on firmware GDT layout (Lenny Szubowicz) [RHEL-2505] - x86/boot: Remove KEEP_SEGMENTS support (Lenny Szubowicz) [RHEL-2505] - x86/boot: Handle malformed SRAT tables during early ACPI parsing (Lenny Szubowicz) [RHEL-2505] - efi/libstub/x86: Use mandatory 16-byte stack alignment in mixed mode (Lenny Szubowicz) [RHEL-2505] - efi/libstub/x86: Avoid globals to store context during mixed mode calls (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Disable paging at mixed mode entry (Lenny Szubowicz) [RHEL-2505] - x86: efi/random: Invoke EFI_RNG_PROTOCOL to seed the UEFI RNG table (Lenny Szubowicz) [RHEL-2505] - x86/asm: Make some functions local (Lenny Szubowicz) [RHEL-2505] - x86/boot: Annotate data appropriately (Lenny Szubowicz) [RHEL-2505] - x86/boot: Annotate local functions (Lenny Szubowicz) [RHEL-2505] - x86/asm: Make more symbols local (Lenny Szubowicz) [RHEL-2505] - x86/boot/compressed/64: Fix missing initialization in find_trampoline_placement() (Lenny Szubowicz) [RHEL-2505] - x86/boot/compressed/64: Fix boot on machines with broken E820 table (Lenny Szubowicz) [RHEL-2505] - x86, boot: Remove multiple copy of static function sanitize_boot_params() (Lenny Szubowicz) [RHEL-2505] - x86/boot/compressed/64: Remove unused variable (Lenny Szubowicz) [RHEL-2505] - x86/boot/compressed/64: Explain paging_prepare()'s return value (Lenny Szubowicz) [RHEL-2505] - x86/boot: Save several bytes in decompressor (Lenny Szubowicz) [RHEL-2505] - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (Audra Mitchell) [RHEL-20614] {CVE-2024-0841} - net/gve: update check for little-endianness in gve kconfig (Joshua Washington) [RHEL-29030] Resolves: RHEL-20614, RHEL-2505, RHEL-29030 Signed-off-by: Denys Vlasenko --- kernel.spec | 102 ++++++++++++++++++++++++++++++++++++++++++++++++++-- sources | 6 ++-- 2 files changed, 102 insertions(+), 6 deletions(-) diff --git a/kernel.spec b/kernel.spec index c81c7c5f9..2cf87f6b2 100644 --- a/kernel.spec +++ b/kernel.spec @@ -12,7 +12,7 @@ # change below to w4T.xzdio): %define _binary_payload w3T.xzdio -%global distro_build 546 +%global distro_build 547 # Sign the x86_64 kernel for secure boot authentication %ifarch x86_64 aarch64 s390x ppc64le @@ -38,10 +38,10 @@ # define buildid .local %define specversion 4.18.0 -%define pkgrelease 546.el8 +%define pkgrelease 547.el8 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 546%{?dist} +%define specrelease 547%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -2695,6 +2695,102 @@ fi # # %changelog +* Tue Mar 19 2024 Denys Vlasenko [4.18.0-547.el8] +- x86/efistub: Avoid placing the kernel below LOAD_PHYSICAL_ADDR (Lenny Szubowicz) [RHEL-2505] +- x86/efistub: Give up if memory attribute protocol returns an error (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Increase section and file alignment to 4k/512 (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Split off PE/COFF .data section (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Drop PE/COFF .reloc section (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Construct PE/COFF .text section from assembler (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Derive file size from _edata symbol (Lenny Szubowicz) [RHEL-2505] +- x86/boot/compressed: Remove, discard, or assert for unwanted sections (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Check that there are no run-time relocations (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Discard .discard.unreachable for arch/x86/boot/compressed/vmlinux (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Define setup size in linker script (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Set EFI handover offset directly in header asm (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Drop references to startup_64 (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Drop redundant code setting the root device (Lenny Szubowicz) [RHEL-2505] +- x86/build: Declutter the build output (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Omit compression buffer from PE/COFF image memory footprint (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Mark global variables as static (Lenny Szubowicz) [RHEL-2505] +- efi/x86: Remove extra headroom for setup block (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Remove the 'bugger off' message (Lenny Szubowicz) [RHEL-2505] +- x86/efi: Drop alignment flags from PE section headers (Lenny Szubowicz) [RHEL-2505] +- efi: Put Linux specific magic number in the DOS header (Lenny Szubowicz) [RHEL-2505] +- efi/x86: Fix the missing KASLR_FLAG bit in boot_params->hdr.loadflags (Lenny Szubowicz) [RHEL-2505] +- efi/x86: Avoid physical KASLR on older Dell systems (Lenny Szubowicz) [RHEL-2505] +- x86/boot: efistub: Assign global boot_params variable (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Rename conflicting 'boot_params' pointer to 'boot_params_ptr' (Lenny Szubowicz) [RHEL-2505] +- x86/efistub: Avoid legacy decompressor when doing EFI boot (Lenny Szubowicz) [RHEL-2505] +- x86/efistub: Perform SNP feature test while running in the firmware (Lenny Szubowicz) [RHEL-2505] +- x86/sev: Do not try to parse for the CC blob on non-AMD hardware (Lenny Szubowicz) [RHEL-2505] +- efi/libstub: Add limit argument to efi_random_alloc() (Lenny Szubowicz) [RHEL-2505] +- arm64: efi: Limit allocations to 48-bit addressable physical region (Lenny Szubowicz) [RHEL-2505] +- efi: libstub: use EFI_LOADER_CODE region when moving the kernel in memory (Lenny Szubowicz) [RHEL-2505] +- arm64: efi: kaslr: Fix occasional random alloc (and boot) failure (Lenny Szubowicz) [RHEL-2505] +- efi/libstub/random: Increase random alloc granularity (Lenny Szubowicz) [RHEL-2505] +- x86/decompressor: Factor out kernel decompression and relocation (Lenny Szubowicz) [RHEL-2505] +- x86/decompressor: Move global symbol references to C code (Lenny Szubowicz) [RHEL-2505] +- decompress: Use 8 byte alignment (Lenny Szubowicz) [RHEL-2505] +- x86/efistub: Prefer EFI memory attributes protocol over DXE services (Lenny Szubowicz) [RHEL-2505] +- x86/efistub: Perform 4/5 level paging switch from the stub (Lenny Szubowicz) [RHEL-2505] +- x86/decompressor: Merge trampoline cleanup with switching code (Lenny Szubowicz) [RHEL-2505] +- x86/decompressor: Pass pgtable address to trampoline directly (Lenny Szubowicz) [RHEL-2505] +- x86/decompressor: Only call the trampoline when changing paging levels (Lenny Szubowicz) [RHEL-2505] +- x86/decompressor: Call trampoline directly from C code (Lenny Szubowicz) [RHEL-2505] +- x86/decompressor: Avoid the need for a stack in the 32-bit trampoline (Lenny Szubowicz) [RHEL-2505] +- x86/decompressor: Use standard calling convention for trampoline (Lenny Szubowicz) [RHEL-2505] +- x86/decompressor: Call trampoline as a normal function (Lenny Szubowicz) [RHEL-2505] +- x86/boot/compressed/64: Remove .bss/.pgtable from bzImage (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Remove run-time relocations from .head.text code (Lenny Szubowicz) [RHEL-2505] +- x86/decompressor: Assign paging related global variables earlier (Lenny Szubowicz) [RHEL-2505] +- x86/decompressor: Store boot_params pointer in callee save register (Lenny Szubowicz) [RHEL-2505] +- x86/efistub: Clear BSS in EFI handover protocol entrypoint (Lenny Szubowicz) [RHEL-2505] +- x86/head_64: Store boot_params pointer in callee save register (Lenny Szubowicz) [RHEL-2505] +- x86/decompressor: Don't rely on upper 32 bits of GPRs being preserved (Lenny Szubowicz) [RHEL-2505] +- x86/head/64: Switch to KERNEL_CS as soon as new GDT is installed (Lenny Szubowicz) [RHEL-2505] +- efi/libstub: Add memory attribute protocol definitions (Lenny Szubowicz) [RHEL-2505] +- efi/x86: libstub: remove unused variable (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Robustify calling startup_{32,64}() from the decompressor code (Lenny Szubowicz) [RHEL-2505] +- x86/efistub: Simplify and clean up handover entry code (Lenny Szubowicz) [RHEL-2505] +- x86/efistub: Branch straight to kernel entry point from C code (Lenny Szubowicz) [RHEL-2505] +- efi/x86: Avoid using code32_start (Lenny Szubowicz) [RHEL-2505] +- efi/libstub/x86: Use Exit() boot service to exit the stub on errors (Lenny Szubowicz) [RHEL-2505] +- efi: x86: Wipe setup_data on pure EFI boot (Lenny Szubowicz) [RHEL-2505] +- efi: x86: Fix config name for setting the NX-compatibility flag in the PE header (Lenny Szubowicz) [RHEL-2505] +- efi: x86: Set the NX-compatibility flag in the PE header (Lenny Szubowicz) [RHEL-2505] +- efi/x86: Add kernel preferred address to PE header (Lenny Szubowicz) [RHEL-2505] +- efi/x86: Use symbolic constants in PE header instead of bare numbers (Lenny Szubowicz) [RHEL-2505] +- efi/x86: Drop redundant .bss section (Lenny Szubowicz) [RHEL-2505] +- efi/x86: add headroom to decompressor BSS to account for setup block (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Remove run-time relocations from head_{32,64}.S (Lenny Szubowicz) [RHEL-2505] +- x86/boot/compressed: Fix debug_puthex() parameter type (Lenny Szubowicz) [RHEL-2505] +- x86/boot/compressed/64: Use 32-bit (zero-extended) MOV for z_output_len (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Use unsigned comparison for addresses (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Micro-optimize GDT loading instructions (Lenny Szubowicz) [RHEL-2505] +- x86/boot: GDT limit value should be size - 1 (Lenny Szubowicz) [RHEL-2505] +- efi/x86: Remove GDT setup from efi_main (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Clear direction and interrupt flags in startup_64 (Lenny Szubowicz) [RHEL-2505] +- efi/x86: Don't depend on firmware GDT layout (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Remove KEEP_SEGMENTS support (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Handle malformed SRAT tables during early ACPI parsing (Lenny Szubowicz) [RHEL-2505] +- efi/libstub/x86: Use mandatory 16-byte stack alignment in mixed mode (Lenny Szubowicz) [RHEL-2505] +- efi/libstub/x86: Avoid globals to store context during mixed mode calls (Lenny Szubowicz) [RHEL-2505] +- x86/efistub: Disable paging at mixed mode entry (Lenny Szubowicz) [RHEL-2505] +- x86: efi/random: Invoke EFI_RNG_PROTOCOL to seed the UEFI RNG table (Lenny Szubowicz) [RHEL-2505] +- x86/asm: Make some functions local (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Annotate data appropriately (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Annotate local functions (Lenny Szubowicz) [RHEL-2505] +- x86/asm: Make more symbols local (Lenny Szubowicz) [RHEL-2505] +- x86/boot/compressed/64: Fix missing initialization in find_trampoline_placement() (Lenny Szubowicz) [RHEL-2505] +- x86/boot/compressed/64: Fix boot on machines with broken E820 table (Lenny Szubowicz) [RHEL-2505] +- x86, boot: Remove multiple copy of static function sanitize_boot_params() (Lenny Szubowicz) [RHEL-2505] +- x86/boot/compressed/64: Remove unused variable (Lenny Szubowicz) [RHEL-2505] +- x86/boot/compressed/64: Explain paging_prepare()'s return value (Lenny Szubowicz) [RHEL-2505] +- x86/boot: Save several bytes in decompressor (Lenny Szubowicz) [RHEL-2505] +- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (Audra Mitchell) [RHEL-20614] {CVE-2024-0841} +- net/gve: update check for little-endianness in gve kconfig (Joshua Washington) [RHEL-29030] + * Fri Mar 15 2024 Denys Vlasenko [4.18.0-546.el8] - sched/membarrier: reduce the ability to hammer on sys_membarrier (Wander Lairson Costa) [RHEL-23430] {CVE-2024-26602} - NFS: Set the stable writes flag when initialising the super block (Benjamin Coddington) [RHEL-25266] diff --git a/sources b/sources index a57cd066e..efef87823 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-4.18.0-546.el8.tar.xz) = daf23207d7c56eccb76042c60556cf652be4bec03ead6431013c9005f294cb1b35a7f2771919bf37bfe5c9f7653dbe3d94a6620522c249addb52484f9ddd2d9b -SHA512 (kernel-abi-stablelists-4.18.0-546.tar.bz2) = e0a6354579eb9f9da870ce2b42da531f1d40531afd8c9ebc12b38ab254de9aee417cf31fc0afe0f489f01552a9192ed59e0ddfe90b4c15d6c442d2493c7e161f -SHA512 (kernel-kabi-dw-4.18.0-546.tar.bz2) = 8a671ed3c9b7f4b25fd4e594b62bc4a26474cb705d3ed22ca376618b3c7962fc72ace1ffd02c9c3a192d9d2c449d38228809542d7f16ebad16f8127020eb2faf +SHA512 (linux-4.18.0-547.el8.tar.xz) = b9e8779740c7468d4f0d8e4cfbf5292f9ac187757cda3598a8428578c85db7d30b9b62bb94bcfa96a8e603348e7345640c0dece6f1d36eb1c06cc018bf801d8b +SHA512 (kernel-abi-stablelists-4.18.0-547.tar.bz2) = 09f0ab984feb34d46b75849bf52c8b8a9e6f21c0424998acc37db3038c9cfed499142949dacca4cc58f7b29289bcac310574ac6a03572cd2afea4af9b32be622 +SHA512 (kernel-kabi-dw-4.18.0-547.tar.bz2) = 8a671ed3c9b7f4b25fd4e594b62bc4a26474cb705d3ed22ca376618b3c7962fc72ace1ffd02c9c3a192d9d2c449d38228809542d7f16ebad16f8127020eb2faf