From dc775dbb225514487c0c2a8dda0e380eb565061c Mon Sep 17 00:00:00 2001 From: Rado Vrbovsky Date: Thu, 23 Jan 2025 15:40:29 +0000 Subject: [PATCH] kernel-5.14.0-555.el9 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Thu Jan 23 2025 Rado Vrbovsky [5.14.0-555.el9] - net/sctp: Prevent autoclose integer overflow in sctp_association_init() (Xin Long) [RHEL-73625] - sctp: fix possible UAF in sctp_v6_available() (Xin Long) [RHEL-73625] {CVE-2024-53139} - tipc: fix NULL deref in cleanup_bearer() (Xin Long) [RHEL-72258] - tipc: Fix use-after-free of kernel socket in cleanup_bearer(). (Xin Long) [RHEL-72258] {CVE-2024-56642} - KVM: s390: add gen17 facilities to CPU model (Mete Durlu) [RHEL-50767] - KVM: s390: add msa11 to cpu model (Mete Durlu) [RHEL-50767] - KVM: s390: add concurrent-function facility to cpu model (Mete Durlu) [RHEL-50767] - s390/uv: Provide host-key hashes in sysfs (Mete Durlu) [RHEL-50752] - s390/uv: Refactor uv-sysfs creation (Mete Durlu) [RHEL-50752] - s390/uvdevice: Support longer secret lists (Mete Durlu) [RHEL-50754] - s390/uv: Retrieve UV secrets sysfs support (Mete Durlu) [RHEL-50754] - s390/uvdevice: Increase indent in IOCTL definitions (Mete Durlu) [RHEL-50754] - s390/uvdevice: Add Retrieve Secret IOCTL (Mete Durlu) [RHEL-50754] - s390/uv: Retrieve UV secrets support (Mete Durlu) [RHEL-50754] - s390/uv: Use a constant for more-data rc (Mete Durlu) [RHEL-50754] - s390: Remove protvirt and kvm config guards for uv code (Mete Durlu) [RHEL-50754] - geneve: do not assume mac header is set in geneve_xmit_skb() (Guillaume Nault) [RHEL-73420] - net/ipv6: release expired exception dst cached in socket (Guillaume Nault) [RHEL-72264] {CVE-2024-56644} - ipv6: Fix soft lockups in fib6_select_path under high next hop churn (Hangbin Liu) [RHEL-73281] - selftests: net: really check for bg process completion (Hangbin Liu) [RHEL-73281] - ipv6: release nexthop on device removal (Hangbin Liu) [RHEL-73281] - selftests: vrf_route_leaking: add local test (Hangbin Liu) [RHEL-73281] - ipv6: take care of scope when choosing the src addr (Hangbin Liu) [RHEL-73281] - ipv6: fix source address selection with route leak (Hangbin Liu) [RHEL-73281] - team: prevent adding a device which is already a team device lower (Hangbin Liu) [RHEL-73276] - team: Fix feature exposure when no ports are present (Hangbin Liu) [RHEL-73276] - team: Fix feature propagation of NETIF_F_GSO_ENCAP_ALL (Hangbin Liu) [RHEL-73276] - team: Fix initial vlan_feature set in __team_compute_features (Hangbin Liu) [RHEL-73276] - bonding: Fix feature propagation of NETIF_F_GSO_ENCAP_ALL (Hangbin Liu) [RHEL-73276] - bonding: Fix initial {vlan,mpls}_feature set in bond_compute_features (Hangbin Liu) [RHEL-73276] - net, team, bonding: Add netdev_base_features helper (Hangbin Liu) [RHEL-73276] - bonding: add ESP offload features when slaves support (Hangbin Liu) [RHEL-73276] - net: team: rename team to team_core for linking (Hangbin Liu) [RHEL-73276] - ptp: Add error handling for adjfine callback in ptp_clock_adjtime (CKI Backport Bot) [RHEL-73275] - ptp: Fix error message on failed pin verification (CKI Backport Bot) [RHEL-73275] - vp_vdpa: fix id_table array not null terminated error (Jon Maloy) [RHEL-69651] {CVE-2024-53110} - vdpa/mlx5: Fix invalid mr resource destroy (Jon Maloy) [RHEL-63223] {CVE-2024-47687} - net: sched: fix ordering of qlen adjustment (CKI Backport Bot) [RHEL-72377 RHEL-73151] {CVE-2024-53164} - net_sched: sch_fq: don't follow the fast path if Tx is behind now (CKI Backport Bot) [RHEL-73151] - net: sched: cls_u32: Fix u32's systematic failure to free IDR entries for hnodes. (CKI Backport Bot) [RHEL-73151] - net: tun: Fix use-after-free in tun_detach() (Jon Maloy) [RHEL-63736] {CVE-2022-49014} - i40e: add ability to reset VF for Tx and Rx MDD events (Michal Schmidt) [RHEL-54223] - xfs: ensure submit buffers on LSN boundaries in error handlers (Bill O'Donnell) [RHEL-68860] - xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (Bill O'Donnell) [RHEL-68860] - xfs: Fix the owner setting issue for rmap query in xfs fsmap (Bill O'Donnell) [RHEL-68860] - xfs: conditionally allow FS_XFLAG_REALTIME changes if S_DAX is set (Bill O'Donnell) [RHEL-68860] - xfs: attr forks require attr, not attr2 (Bill O'Donnell) [RHEL-68860] - xfs: convert comma to semicolon (Bill O'Donnell) [RHEL-68860] - xfs: honor init_xattrs in xfs_init_new_inode for !ATTR fs (Bill O'Donnell) [RHEL-68860] - xfs: allow unlinked symlinks and dirs with zero size (Bill O'Donnell) [RHEL-68860] - xfs: restrict when we try to align cow fork delalloc to cowextsz hints (Bill O'Donnell) [RHEL-68860] - xfs: fix unlink vs cluster buffer instantiation race (Bill O'Donnell) [RHEL-68860] - xfs: match lock mode in xfs_buffered_write_iomap_begin() (Bill O'Donnell) [RHEL-68860] - xfs: require XFS_SB_FEAT_INCOMPAT_LOG_XATTRS for attr log intent item recovery (Bill O'Donnell) [RHEL-68860] - xfs: shrink failure needs to hold AGI buffer (Bill O'Donnell) [RHEL-68860] - idpf: trigger SW interrupt when exiting wb_on_itr mode (Michal Schmidt) [RHEL-50916] - idpf: add support for SW triggered interrupts (Michal Schmidt) [RHEL-50916] - idpf: set completion tag for "empty" bufs associated with a packet (Michal Schmidt) [RHEL-50916] - idpf: deinit virtchnl transaction manager after vport and vectors (Michal Schmidt) [RHEL-50916] - idpf: use actual mbx receive payload length (Michal Schmidt) [RHEL-50916] - idpf: fix VF dynamic interrupt ctl register initialization (Michal Schmidt) [RHEL-50916] - idpf: enable WB_ON_ITR (Michal Schmidt) [RHEL-50916] - idpf: fix netdev Tx queue stop/wake (Michal Schmidt) [RHEL-50916] - idpf: refactor Tx completion routines (Michal Schmidt) [RHEL-50916] - idpf: convert to libeth Tx buffer completion (Michal Schmidt) [RHEL-50916] - idpf: remove redundant 'req_vec_chunks' NULL check (Michal Schmidt) [RHEL-50916] - idpf: fix UAFs when destroying the queues (Michal Schmidt) [RHEL-50916 RHEL-58452] {CVE-2024-44932} - idpf: use libeth Rx buffer management for payload buffer (Michal Schmidt) [RHEL-50916] - idpf: convert header split mode to libeth + napi_build_skb() (Michal Schmidt) [RHEL-50916] - idpf: remove legacy Page Pool Ethtool stats (Michal Schmidt) [RHEL-50916] - idpf: reuse libeth's definitions of parsed ptype structures (Michal Schmidt) [RHEL-50916] - idpf: fix memleak in vport interrupt configuration (Michal Schmidt) [RHEL-50916] - idpf: fix memory leaks and crashes while performing a soft reset (Michal Schmidt) [RHEL-50916 RHEL-57131] {CVE-2024-44964} - redhat/configs: set CONFIG_IDPF_SINGLEQ to disabled (Michal Schmidt) [RHEL-50916] - idpf: compile singleq code only under default-n CONFIG_IDPF_SINGLEQ (Michal Schmidt) [RHEL-50916] - idpf: merge singleq and splitq &net_device_ops (Michal Schmidt) [RHEL-50916] - idpf: Don't hard code napi_struct size (Michal Schmidt) [RHEL-50916] - idpf: strictly assert cachelines of queue and queue vector structures (Michal Schmidt) [RHEL-50916] - idpf: avoid bloating &idpf_q_vector with big %%NR_CPUS (Michal Schmidt) [RHEL-50916] - idpf: split &idpf_queue into 4 strictly-typed queue structures (Michal Schmidt) [RHEL-50916] - idpf: stop using macros for accessing queue descriptors (Michal Schmidt) [RHEL-50916] - idpf: don't enable NAPI and interrupts prior to allocating Rx buffers (Michal Schmidt) [RHEL-50916] - idpf: Interpret .set_channels() input differently (Michal Schmidt) [RHEL-50916] - idpf: sprinkle __counted_by{,_le}() in the virtchnl2 header (Michal Schmidt) [RHEL-50916] - idpf: make virtchnl2.h self-contained (Michal Schmidt) [RHEL-50916] - selftests/powerpc: Fix build with USERCFLAGS set (Mamatha Inamdar) [RHEL-74480] - selftests/powerpc: make sub-folders buildable on their own (Mamatha Inamdar) [RHEL-74480] - selftests/powerpc: Add flags.mk to support pmu buildable (Mamatha Inamdar) [RHEL-74480] - selftests/powerpc: Re-order *FLAGS to follow lib.mk (Mamatha Inamdar) [RHEL-74480] - zram: don't free statically defined names (Ming Lei) [RHEL-63884] {CVE-2024-50064} - zram: free secondary algorithms names (Ming Lei) [RHEL-63884] {CVE-2024-50064} - net: Fix icmp host relookup triggering ip_rt_bug (Hangbin Liu) [RHEL-72380] {CVE-2024-56647} - powerpc/mm/fault: Fix kfence page fault reporting (Mamatha Inamdar) [RHEL-74445] - NFSv4.0: Fix a use-after-free problem in the asynchronous open() (Benjamin Coddington) [RHEL-72352] {CVE-2024-53173} - sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (Benjamin Coddington) [RHEL-72398] {CVE-2024-56688} - smb: Initialize cfid->tcon before performing network ops (Paulo Alcantara) [RHEL-72459] {CVE-2024-56729} - arm64/sve: Discard stale CPU state when handling SVE traps (Mark Salter) [RHEL-71525] {CVE-2024-50275} - bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx (Sabrina Dubroca) [RHEL-68543] {CVE-2024-53091} - Bluetooth: hci_conn: Use disable_delayed_work_sync (CKI Backport Bot) [RHEL-72334] {CVE-2024-56591} - perf machine: Initialize machine->env to address a segfault (Michael Petlan) [RHEL-65416] - Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (CKI Backport Bot) [RHEL-72297] {CVE-2024-56590} - crypto: aes-gcm-p10 - Use the correct bit to test for P10 (Mamatha Inamdar) [RHEL-58802] - crypto: powerpc/p10-aes-gcm - Add dependency on CRYPTO_SIMDand re-enable CRYPTO_AES_GCM_P10 (Mamatha Inamdar) [RHEL-58802] - crypto: powerpc/p10-aes-gcm - Register modules as SIMD (Mamatha Inamdar) [RHEL-58802] - crypto: powerpc/p10-aes-gcm - Re-write AES/GCM stitched implementation (Mamatha Inamdar) [RHEL-58802] - crypto: powerpc/p10-aes-gcm - Disable CRYPTO_AES_GCM_P10 (Mamatha Inamdar) [RHEL-58802] - Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (CKI Backport Bot) [RHEL-72291] {CVE-2024-56604} - Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating (CKI Backport Bot) [RHEL-72255] {CVE-2024-56654} - zram: fix NULL pointer in comp_algorithm_show() (Ming Lei) [RHEL-72367] {CVE-2024-53222} - brd: defer automatic disk creation until module initialization succeeds (Ming Lei) [RHEL-72386] {CVE-2024-56693} - block, bfq: fix bfqq uaf in bfq_limit_depth() (Ming Lei) [RHEL-72358] {CVE-2024-53166} - s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (Mete Durlu) [RHEL-74381] - redhat: Add python3-docutils for selftests build dependency (Julio Faracco) [RHEL-74391] - mm/vmscan: wake up flushers conditionally to avoid cgroup OOM (Waiman Long) [RHEL-72577] - mm/mglru: Revert 'Revert "don't sync disk for each aging cycle"' (Waiman Long) [RHEL-72577] - SUNRPC: make sure cache entry active before cache_show (Olga Kornievskaia) [RHEL-72340] {CVE-2024-53174} - powerpc/pseries/iommu: Don't unset window if it was never set (Mamatha Inamdar) [RHEL-74049] - NFSD: Prevent a potential integer overflow (Olga Kornievskaia) [RHEL-72114] {CVE-2024-53146} - nfsd: make sure exp active before svc_export_show (Olga Kornievskaia) [RHEL-72249] {CVE-2024-56558} - tools/rtla: Use pkg-config in lib_setup of Makefile.config (Luis Claudio R. Goncalves) [RHEL-69738] - tracing: Remove extra space at the end of hwlat_detector/mode (Luis Claudio R. Goncalves) [RHEL-69738] - trace/hwlat: Do not wipe the contents of per-cpu thread data (Luis Claudio R. Goncalves) [RHEL-69738] - trace/hwlat: Do not start per-cpu thread if it is already running (Luis Claudio R. Goncalves) [RHEL-69738] - trace/hwlat: make use of the helper function kthread_run_on_cpu() (Luis Claudio R. Goncalves) [RHEL-69738] - tracing/hwlat: Make some internal symbols static (Luis Claudio R. Goncalves) [RHEL-69738] - tools/rtla: Improve exception handling in timerlat_load.py (Luis Claudio R. Goncalves) [RHEL-69738] - tools/rtla: Enhance argument parsing in timerlat_load.py (Luis Claudio R. Goncalves) [RHEL-69738] - tools/rtla: Improve code readability in timerlat_load.py (Luis Claudio R. Goncalves) [RHEL-69738] - rtla/timerlat: Do not set params->user_workload with -U (Luis Claudio R. Goncalves) [RHEL-69738] - tools/rtla: fix collision with glibc sched_attr/sched_set_attr (Luis Claudio R. Goncalves) [RHEL-69738] - tools/rtla: drop __NR_sched_getattr (Luis Claudio R. Goncalves) [RHEL-69738] - rtla: Fix consistency in getopt_long for timerlat_hist (Luis Claudio R. Goncalves) [RHEL-69738] - rtla: use the definition for stdout fd when calling isatty() (Luis Claudio R. Goncalves) [RHEL-69738] - rtla: Fix the help text in osnoise and timerlat top tools (Luis Claudio R. Goncalves) [RHEL-69738] - tools/rtla: Fix installation from out-of-tree build (Luis Claudio R. Goncalves) [RHEL-69738] - rtla/osnoise: Prevent NULL dereference in error handling (Luis Claudio R. Goncalves) [RHEL-69738] {CVE-2024-45002} - rtla/timerlat: Make user-space threads the default (Luis Claudio R. Goncalves) [RHEL-69738] - bpf, sockmap: Fix race between element replace and close() (Felix Maurer) [RHEL-68071 RHEL-72246] {CVE-2024-56664} - xsk: Free skb when TX metadata options are invalid (Felix Maurer) [RHEL-40153 RHEL-68071] - xsk: always clear DMA mapping information when unmapping the pool (Felix Maurer) [RHEL-68071] - bpf: fix OOB devmap writes when deleting elements (Felix Maurer) [RHEL-68071] - xsk: fix OOB map writes when deleting elements (Felix Maurer) [RHEL-68071 RHEL-72252] {CVE-2024-56614} - tcp_bpf: fix return value of tcp_bpf_sendmsg() (Felix Maurer) [RHEL-59445 RHEL-68071] {CVE-2024-46783} - bpf: Remove tst_run from lwt_seg6local_prog_ops. (Felix Maurer) [RHEL-59341 RHEL-68071] {CVE-2024-46754} - ice: implement low latency PHY timer updates (Petr Oros) [RHEL-25338] - ice: check low latency PHY timer update firmware capability (Petr Oros) [RHEL-25338] - ice: add lock to protect low latency interface (Petr Oros) [RHEL-25338] - ice: rename TS_LL_READ* macros to REG_LL_PROXY_H_* (Petr Oros) [RHEL-25338] - ice: use read_poll_timeout_atomic in ice_read_phy_tstamp_ll_e810 (Petr Oros) [RHEL-25338] - tpm_tis_spi: Add compatible string atmel,attpm20p (Štěpán Horáček) [RHEL-52747] - libstub,tpm: do not ignore failure case when reading final event log (Štěpán Horáček) [RHEL-52747] - tpm: fix unsigned/signed mismatch errors related to __calc_tpm2_event_size (Štěpán Horáček) [RHEL-52747] - tpm: do not ignore memblock_reserve return value (Štěpán Horáček) [RHEL-52747] - tpm: fix signed/unsigned bug when checking event logs (Štěpán Horáček) [RHEL-52747] - tpm: Lock TPM chip in tpm_pm_suspend() first (Štěpán Horáček) [RHEL-68209] {CVE-2024-53085} - tpm: Clean up TPM space after command failure (Štěpán Horáček) [RHEL-63357] {CVE-2024-49851} - efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (Štěpán Horáček) [RHEL-52747] - char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (Štěpán Horáček) [RHEL-52747] - tpm_tis_spi: add missing attpm20p SPI device ID entry (Štěpán Horáček) [RHEL-52747] - KEYS: trusted: Do not use WARN when encode fails (Štěpán Horáček) [RHEL-52747] - KEYS: trusted: tpm2: Use struct tpm_buf for sized buffers (Štěpán Horáček) [RHEL-52747] - tpm: Add tpm_buf_read_{u8,u16,u32} (Štěpán Horáček) [RHEL-52747] - tpm: TPM2B formatted buffers (Štěpán Horáček) [RHEL-52747] - tpm: Store the length of the tpm_buf data separately. (Štěpán Horáček) [RHEL-52747] - tpm: Update struct tpm_buf documentation comments (Štěpán Horáček) [RHEL-52747] - tpm: Move buffer handling from static inlines to real functions (Štěpán Horáček) [RHEL-52747] - tpm: Remove tpm_send() (Štěpán Horáček) [RHEL-52747] - tpm: Remove unused tpm_buf_tag() (Štěpán Horáček) [RHEL-52747] - tpm/eventlog: remove redundant assignment to variabel ret (Štěpán Horáček) [RHEL-52747] - smb: client: fix TCP timers deadlock after rmmod (Paulo Alcantara) [RHEL-73657] {CVE-2024-54680} - nvmet: Don't overflow subsysnqn (CKI Backport Bot) [RHEL-74081] {CVE-2024-53681} - PCI: Wait for Link before restoring Downstream Buses (Myron Stowe) [RHEL-71363] - PCI: Use an error code with PCIe failed link retraining (Myron Stowe) [RHEL-71363] - PCI: Correct error reporting with PCIe failed link retraining (Myron Stowe) [RHEL-71363] - PCI: Revert to the original speed after PCIe failed link retraining (Myron Stowe) [RHEL-71363] - PCI: Clear the LBMS bit after a link retrain (Myron Stowe) [RHEL-71363] - PCI: Wait for device readiness with Configuration RRS (Myron Stowe) [RHEL-71363] - s390/pci: Add pci_msg debug view to PCI report (Mete Durlu) [RHEL-50792] - s390/debug: Add a reverse mode for debug_dump() (Mete Durlu) [RHEL-50792] - s390/debug: Add debug_dump() to write debug view to a string buffer (Mete Durlu) [RHEL-50792] - s390/debug: Split private data alloc/free out of file operations (Mete Durlu) [RHEL-50792] - s390/debug: Simplify and document debug_next_entry() logic (Mete Durlu) [RHEL-50792] - s390/pci: Report PCI error recovery results via SCLP (Mete Durlu) [RHEL-50792] - s390/debug: Pass in and enforce output buffer size for format handlers (Mete Durlu) [RHEL-50792] - s390/sclp: Allow user-space to provide PCI reports for optical modules (Mete Durlu) [RHEL-71265] - Enable peer to peer DMA for ROCm (Mika Penttilä) [RHEL-9998] - pinmux: Use sequential access to access desc->pinmux data (David Arcari) [RHEL-73715] {CVE-2024-47141} - block: Prevent potential deadlocks in zone write plug error recovery (Ming Lei) [RHEL-71498] - dm: Fix dm-zoned-reclaim zone write pointer alignment (Ming Lei) [RHEL-71498] - block: Ignore REQ_NOWAIT for zone reset and zone finish operations (Ming Lei) [RHEL-71498] - block: Use a zone write plug BIO work for REQ_NOWAIT BIOs (Ming Lei) [RHEL-71498] - block: Prevent potential deadlock in blk_revalidate_disk_zones() (Ming Lei) [RHEL-71498] - block: Switch to using refcount_t for zone write plugs (Ming Lei) [RHEL-71498] - block: Add a public bdev_zone_is_seq() helper (Ming Lei) [RHEL-71498] - block: RCU protect disk->conv_zones_bitmap (Ming Lei) [RHEL-71498] - MAINTAINERS: Make Kristen Accardi the IAA crypto driver maintainer (Vladis Dronov) [RHEL-49539] - crypto: iaa - Remove potential infinite loop in check_completion() (Vladis Dronov) [RHEL-49539] - crypto: iaa - Fix potential use after free bug (Vladis Dronov) [RHEL-49539] - crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (Vladis Dronov) [RHEL-49539] - crypto: iaa - Use cpumask_weight() when rebalancing (Vladis Dronov) [RHEL-49539] - crypto: iaa - Fix some errors in IAA documentation (Vladis Dronov) [RHEL-49539] - crypto: iaa - Change iaa statistics to atomic64_t (Vladis Dronov) [RHEL-49539] - crypto: iaa - Add global_stats file and remove individual stat files (Vladis Dronov) [RHEL-49539] - crypto: iaa - Remove comp/decomp delay statistics (Vladis Dronov) [RHEL-49539] - crypto: iaa - fix decomp_bytes_in stats (Vladis Dronov) [RHEL-49539] - cppc_cpufreq: Remove HiSilicon CPPC workaround (Mark Langsdorf) [RHEL-65441] - cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (Mark Langsdorf) [RHEL-65441] - nbd: fix partial sending (Ming Lei) [RHEL-64338] - kernel.spec: perf: fix C++ demangle support (Michael Petlan) [RHEL-69463] - mptcp: fix TCP options overflow. (CKI Backport Bot) [RHEL-73516] - Bluetooth: btusb: add Foxconn 0xe0fc for Qualcomm WCN785x (CKI Backport Bot) [RHEL-70424] - netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level (CKI Backport Bot) [RHEL-73350] {CVE-2024-56783} - SUNRPC: timeout and cancel TLS handshake with -ETIMEDOUT (Benjamin Coddington) [RHEL-67304] - netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext (CKI Backport Bot) [RHEL-73708] - netfilter: nft_set_hash: skip duplicated elements pending gc run (CKI Backport Bot) [RHEL-73708] - netfilter: nft_inner: incorrect percpu area handling under softirq (CKI Backport Bot) [RHEL-73708] - netfilter: x_tables: fix LED ID check in led_tg_check() (CKI Backport Bot) [RHEL-73708] - netfilter: ipset: add missing range check in bitmap_ip_uadt (CKI Backport Bot) [RHEL-73708] - netfilter: nf_tables: must hold rcu read lock while iterating object type list (CKI Backport Bot) [RHEL-73708] - netfilter: nf_tables: must hold rcu read lock while iterating expression type list (CKI Backport Bot) [RHEL-73708] - netfilter: fib: check correct rtable in vrf setups (CKI Backport Bot) [RHEL-73708] - netfilter: allow ipv6 fragments to arrive on different devices (CKI Backport Bot) [RHEL-73708] - netfilter: ctnetlink: support CTA_FILTER for flush (CKI Backport Bot) [RHEL-73708] - netfilter: nfnetlink: convert kfree_skb to consume_skb (CKI Backport Bot) [RHEL-73708] - netfilter: conntrack: fix ct-state for ICMPv6 Multicast Router Discovery (CKI Backport Bot) [RHEL-73708] - netfilter: nf_tables: skip transaction if update object is not implemented (CKI Backport Bot) [RHEL-73708] - netfilter: ip6_tables: zero-initialize fragment offset (CKI Backport Bot) [RHEL-73708] - fadump: reserve param area if below boot_mem_top (Mamatha Inamdar) [RHEL-73120] - powerpc/fadump: allocate memory for additional parameters early (Mamatha Inamdar) [RHEL-73120] - Bluetooth: btusb: mediatek: change the conditions for ISO interface (Bastien Nocera) [RHEL-72839] - Bluetooth: btusb: mediatek: add intf release flow when usb disconnect (Bastien Nocera) [RHEL-72839] {CVE-2024-56757} - Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (Bastien Nocera) [RHEL-72839] - Bluetooth: btusb: mediatek: move Bluetooth power off command position (Bastien Nocera) [RHEL-72839] Resolves: RHEL-25338, RHEL-40153, RHEL-49539, RHEL-50752, RHEL-50754, RHEL-50767, RHEL-50792, RHEL-50916, RHEL-52747, RHEL-54223, RHEL-57131, RHEL-58452, RHEL-58802, RHEL-59341, RHEL-59445, RHEL-63223, RHEL-63357, RHEL-63736, RHEL-63884, RHEL-64338, RHEL-65416, RHEL-65441, RHEL-67304, RHEL-68071, RHEL-68209, RHEL-68543, RHEL-68860, RHEL-69463, RHEL-69651, RHEL-69738, RHEL-70424, RHEL-71265, RHEL-71363, RHEL-71498, RHEL-71525, RHEL-72114, RHEL-72246, RHEL-72249, RHEL-72252, RHEL-72255, RHEL-72258, RHEL-72264, RHEL-72291, RHEL-72297, RHEL-72334, RHEL-72340, RHEL-72352, RHEL-72358, RHEL-72367, RHEL-72377, RHEL-72380, RHEL-72386, RHEL-72398, RHEL-72459, RHEL-72577, RHEL-72839, RHEL-73120, RHEL-73151, RHEL-73275, RHEL-73276, RHEL-73281, RHEL-73350, RHEL-73420, RHEL-73516, RHEL-73625, RHEL-73657, RHEL-73708, RHEL-73715, RHEL-74049, RHEL-74081, RHEL-74381, RHEL-74391, RHEL-74445, RHEL-74480, RHEL-9998 Signed-off-by: Rado Vrbovsky --- Makefile.rhelver | 2 +- kernel-aarch64-64k-debug-rhel.config | 3 +- kernel-aarch64-64k-rhel.config | 3 +- kernel-aarch64-debug-rhel.config | 3 +- kernel-aarch64-rhel.config | 3 +- kernel-aarch64-rt-debug-rhel.config | 3 +- kernel-aarch64-rt-rhel.config | 3 +- kernel-ppc64le-debug-rhel.config | 3 +- kernel-ppc64le-rhel.config | 3 +- kernel-s390x-debug-rhel.config | 3 +- kernel-s390x-rhel.config | 3 +- kernel-s390x-zfcpdump-rhel.config | 3 +- kernel-x86_64-debug-rhel.config | 3 +- kernel-x86_64-rhel.config | 3 +- kernel-x86_64-rt-debug-rhel.config | 3 +- kernel-x86_64-rt-rhel.config | 3 +- kernel.changelog | 236 +++++++++++++++++++++++++ kernel.spec | 247 ++++++++++++++++++++++++++- sources | 6 +- 19 files changed, 511 insertions(+), 25 deletions(-) diff --git a/Makefile.rhelver b/Makefile.rhelver index 6357abc63..98184f969 100644 --- a/Makefile.rhelver +++ b/Makefile.rhelver @@ -12,7 +12,7 @@ RHEL_MINOR = 6 # # Use this spot to avoid future merge conflicts. # Do not trim this comment. -RHEL_RELEASE = 554 +RHEL_RELEASE = 555 # # ZSTREAM diff --git a/kernel-aarch64-64k-debug-rhel.config b/kernel-aarch64-64k-debug-rhel.config index 88acdcf26..22e2fe427 100644 --- a/kernel-aarch64-64k-debug-rhel.config +++ b/kernel-aarch64-64k-debug-rhel.config @@ -2274,7 +2274,7 @@ CONFIG_HOTPLUG_PCI=y # CONFIG_HPFS_FS is not set CONFIG_HP_ILO=m CONFIG_HP_WATCHDOG=m -# CONFIG_HSA_AMD_P2P is not set +CONFIG_HSA_AMD_P2P=y CONFIG_HSA_AMD_SVM=y CONFIG_HSA_AMD=y # CONFIG_HSI is not set @@ -2435,6 +2435,7 @@ CONFIG_ICPLUS_PHY=m # CONFIG_IDLE_INJECT is not set CONFIG_IDLE_PAGE_TRACKING=y CONFIG_IDPF=m +# CONFIG_IDPF_SINGLEQ is not set CONFIG_IEEE802154_6LOWPAN=m # CONFIG_IEEE802154_ADF7242 is not set # CONFIG_IEEE802154_AT86RF230 is not set diff --git a/kernel-aarch64-64k-rhel.config b/kernel-aarch64-64k-rhel.config index 30905bcba..4baa7bce7 100644 --- a/kernel-aarch64-64k-rhel.config +++ b/kernel-aarch64-64k-rhel.config @@ -2258,7 +2258,7 @@ CONFIG_HOTPLUG_PCI=y # CONFIG_HPFS_FS is not set CONFIG_HP_ILO=m CONFIG_HP_WATCHDOG=m -# CONFIG_HSA_AMD_P2P is not set +CONFIG_HSA_AMD_P2P=y CONFIG_HSA_AMD_SVM=y CONFIG_HSA_AMD=y # CONFIG_HSI is not set @@ -2419,6 +2419,7 @@ CONFIG_ICPLUS_PHY=m # CONFIG_IDLE_INJECT is not set CONFIG_IDLE_PAGE_TRACKING=y CONFIG_IDPF=m +# CONFIG_IDPF_SINGLEQ is not set CONFIG_IEEE802154_6LOWPAN=m # CONFIG_IEEE802154_ADF7242 is not set # CONFIG_IEEE802154_AT86RF230 is not set diff --git a/kernel-aarch64-debug-rhel.config b/kernel-aarch64-debug-rhel.config index 6b22ae982..9e1a83038 100644 --- a/kernel-aarch64-debug-rhel.config +++ b/kernel-aarch64-debug-rhel.config @@ -2272,7 +2272,7 @@ CONFIG_HOTPLUG_PCI=y # CONFIG_HPFS_FS is not set CONFIG_HP_ILO=m CONFIG_HP_WATCHDOG=m -# CONFIG_HSA_AMD_P2P is not set +CONFIG_HSA_AMD_P2P=y CONFIG_HSA_AMD_SVM=y CONFIG_HSA_AMD=y # CONFIG_HSI is not set @@ -2433,6 +2433,7 @@ CONFIG_ICPLUS_PHY=m # CONFIG_IDLE_INJECT is not set CONFIG_IDLE_PAGE_TRACKING=y CONFIG_IDPF=m +# CONFIG_IDPF_SINGLEQ is not set CONFIG_IEEE802154_6LOWPAN=m # CONFIG_IEEE802154_ADF7242 is not set # CONFIG_IEEE802154_AT86RF230 is not set diff --git a/kernel-aarch64-rhel.config b/kernel-aarch64-rhel.config index ecc15d787..ac57ab1d4 100644 --- a/kernel-aarch64-rhel.config +++ b/kernel-aarch64-rhel.config @@ -2256,7 +2256,7 @@ CONFIG_HOTPLUG_PCI=y # CONFIG_HPFS_FS is not set CONFIG_HP_ILO=m CONFIG_HP_WATCHDOG=m -# CONFIG_HSA_AMD_P2P is not set +CONFIG_HSA_AMD_P2P=y CONFIG_HSA_AMD_SVM=y CONFIG_HSA_AMD=y # CONFIG_HSI is not set @@ -2417,6 +2417,7 @@ CONFIG_ICPLUS_PHY=m # CONFIG_IDLE_INJECT is not set CONFIG_IDLE_PAGE_TRACKING=y CONFIG_IDPF=m +# CONFIG_IDPF_SINGLEQ is not set CONFIG_IEEE802154_6LOWPAN=m # CONFIG_IEEE802154_ADF7242 is not set # CONFIG_IEEE802154_AT86RF230 is not set diff --git a/kernel-aarch64-rt-debug-rhel.config b/kernel-aarch64-rt-debug-rhel.config index b4f1e5b85..7ab847653 100644 --- a/kernel-aarch64-rt-debug-rhel.config +++ b/kernel-aarch64-rt-debug-rhel.config @@ -2326,7 +2326,7 @@ CONFIG_HOTPLUG_PCI=y # CONFIG_HPFS_FS is not set CONFIG_HP_ILO=m CONFIG_HP_WATCHDOG=m -# CONFIG_HSA_AMD_P2P is not set +CONFIG_HSA_AMD_P2P=y CONFIG_HSA_AMD_SVM=y CONFIG_HSA_AMD=y # CONFIG_HSI is not set @@ -2487,6 +2487,7 @@ CONFIG_ICPLUS_PHY=m # CONFIG_IDLE_INJECT is not set CONFIG_IDLE_PAGE_TRACKING=y CONFIG_IDPF=m +# CONFIG_IDPF_SINGLEQ is not set CONFIG_IEEE802154_6LOWPAN=m # CONFIG_IEEE802154_ADF7242 is not set # CONFIG_IEEE802154_AT86RF230 is not set diff --git a/kernel-aarch64-rt-rhel.config b/kernel-aarch64-rt-rhel.config index b59f487a5..008de6f17 100644 --- a/kernel-aarch64-rt-rhel.config +++ b/kernel-aarch64-rt-rhel.config @@ -2310,7 +2310,7 @@ CONFIG_HOTPLUG_PCI=y # CONFIG_HPFS_FS is not set CONFIG_HP_ILO=m CONFIG_HP_WATCHDOG=m -# CONFIG_HSA_AMD_P2P is not set +CONFIG_HSA_AMD_P2P=y CONFIG_HSA_AMD_SVM=y CONFIG_HSA_AMD=y # CONFIG_HSI is not set @@ -2471,6 +2471,7 @@ CONFIG_ICPLUS_PHY=m # CONFIG_IDLE_INJECT is not set CONFIG_IDLE_PAGE_TRACKING=y CONFIG_IDPF=m +# CONFIG_IDPF_SINGLEQ is not set CONFIG_IEEE802154_6LOWPAN=m # CONFIG_IEEE802154_ADF7242 is not set # CONFIG_IEEE802154_AT86RF230 is not set diff --git a/kernel-ppc64le-debug-rhel.config b/kernel-ppc64le-debug-rhel.config index dd305c4ac..d827f71c5 100644 --- a/kernel-ppc64le-debug-rhel.config +++ b/kernel-ppc64le-debug-rhel.config @@ -2003,7 +2003,7 @@ CONFIG_HOTPLUG_PCI=y # CONFIG_HP206C is not set # CONFIG_HPFS_FS is not set # CONFIG_HP_ILO is not set -# CONFIG_HSA_AMD_P2P is not set +CONFIG_HSA_AMD_P2P=y CONFIG_HSA_AMD_SVM=y CONFIG_HSA_AMD=y # CONFIG_HSI is not set @@ -2156,6 +2156,7 @@ CONFIG_ICPLUS_PHY=m # CONFIG_IDLE_INJECT is not set CONFIG_IDLE_PAGE_TRACKING=y CONFIG_IDPF=m +# CONFIG_IDPF_SINGLEQ is not set CONFIG_IEEE802154_6LOWPAN=m # CONFIG_IEEE802154_ADF7242 is not set # CONFIG_IEEE802154_AT86RF230 is not set diff --git a/kernel-ppc64le-rhel.config b/kernel-ppc64le-rhel.config index b2bc0f621..e99ad59ad 100644 --- a/kernel-ppc64le-rhel.config +++ b/kernel-ppc64le-rhel.config @@ -1987,7 +1987,7 @@ CONFIG_HOTPLUG_PCI=y # CONFIG_HP206C is not set # CONFIG_HPFS_FS is not set # CONFIG_HP_ILO is not set -# CONFIG_HSA_AMD_P2P is not set +CONFIG_HSA_AMD_P2P=y CONFIG_HSA_AMD_SVM=y CONFIG_HSA_AMD=y # CONFIG_HSI is not set @@ -2140,6 +2140,7 @@ CONFIG_ICPLUS_PHY=m # CONFIG_IDLE_INJECT is not set CONFIG_IDLE_PAGE_TRACKING=y CONFIG_IDPF=m +# CONFIG_IDPF_SINGLEQ is not set CONFIG_IEEE802154_6LOWPAN=m # CONFIG_IEEE802154_ADF7242 is not set # CONFIG_IEEE802154_AT86RF230 is not set diff --git a/kernel-s390x-debug-rhel.config b/kernel-s390x-debug-rhel.config index 91a6c8f2c..2200b9160 100644 --- a/kernel-s390x-debug-rhel.config +++ b/kernel-s390x-debug-rhel.config @@ -2000,7 +2000,7 @@ CONFIG_HOTPLUG_PCI=y # CONFIG_HP206C is not set # CONFIG_HPFS_FS is not set # CONFIG_HP_ILO is not set -# CONFIG_HSA_AMD_P2P is not set +CONFIG_HSA_AMD_P2P=y CONFIG_HSA_AMD_SVM=y CONFIG_HSA_AMD=y # CONFIG_HSI is not set @@ -2142,6 +2142,7 @@ CONFIG_ICE_SWITCHDEV=y # CONFIG_IDLE_INJECT is not set CONFIG_IDLE_PAGE_TRACKING=y CONFIG_IDPF=m +# CONFIG_IDPF_SINGLEQ is not set CONFIG_IEEE802154_6LOWPAN=m # CONFIG_IEEE802154_ADF7242 is not set # CONFIG_IEEE802154_AT86RF230 is not set diff --git a/kernel-s390x-rhel.config b/kernel-s390x-rhel.config index 6d52d2c4d..97daada0c 100644 --- a/kernel-s390x-rhel.config +++ b/kernel-s390x-rhel.config @@ -1984,7 +1984,7 @@ CONFIG_HOTPLUG_PCI=y # CONFIG_HP206C is not set # CONFIG_HPFS_FS is not set # CONFIG_HP_ILO is not set -# CONFIG_HSA_AMD_P2P is not set +CONFIG_HSA_AMD_P2P=y CONFIG_HSA_AMD_SVM=y CONFIG_HSA_AMD=y # CONFIG_HSI is not set @@ -2126,6 +2126,7 @@ CONFIG_ICE_SWITCHDEV=y # CONFIG_IDLE_INJECT is not set CONFIG_IDLE_PAGE_TRACKING=y CONFIG_IDPF=m +# CONFIG_IDPF_SINGLEQ is not set CONFIG_IEEE802154_6LOWPAN=m # CONFIG_IEEE802154_ADF7242 is not set # CONFIG_IEEE802154_AT86RF230 is not set diff --git a/kernel-s390x-zfcpdump-rhel.config b/kernel-s390x-zfcpdump-rhel.config index 5738937dd..207b317f8 100644 --- a/kernel-s390x-zfcpdump-rhel.config +++ b/kernel-s390x-zfcpdump-rhel.config @@ -1993,7 +1993,7 @@ CONFIG_HOTPLUG_PCI=y # CONFIG_HP206C is not set # CONFIG_HPFS_FS is not set # CONFIG_HP_ILO is not set -# CONFIG_HSA_AMD_P2P is not set +CONFIG_HSA_AMD_P2P=y CONFIG_HSA_AMD_SVM=y CONFIG_HSA_AMD=y # CONFIG_HSI is not set @@ -2136,6 +2136,7 @@ CONFIG_ICE_SWITCHDEV=y # CONFIG_IDLE_INJECT is not set CONFIG_IDLE_PAGE_TRACKING=y CONFIG_IDPF=m +# CONFIG_IDPF_SINGLEQ is not set CONFIG_IEEE802154_6LOWPAN=m # CONFIG_IEEE802154_ADF7242 is not set # CONFIG_IEEE802154_AT86RF230 is not set diff --git a/kernel-x86_64-debug-rhel.config b/kernel-x86_64-debug-rhel.config index c3528871b..d117b8876 100644 --- a/kernel-x86_64-debug-rhel.config +++ b/kernel-x86_64-debug-rhel.config @@ -2139,7 +2139,7 @@ CONFIG_HP_ILO=m CONFIG_HP_WATCHDOG=m CONFIG_HPWDT_NMI_DECODING=y CONFIG_HP_WMI=m -# CONFIG_HSA_AMD_P2P is not set +CONFIG_HSA_AMD_P2P=y CONFIG_HSA_AMD_SVM=y CONFIG_HSA_AMD=y # CONFIG_HSI is not set @@ -2291,6 +2291,7 @@ CONFIG_IDEAPAD_LAPTOP=m CONFIG_IDLE_INJECT=y CONFIG_IDLE_PAGE_TRACKING=y CONFIG_IDPF=m +# CONFIG_IDPF_SINGLEQ is not set # CONFIG_IE6XX_WDT is not set CONFIG_IEEE802154_6LOWPAN=m # CONFIG_IEEE802154_ADF7242 is not set diff --git a/kernel-x86_64-rhel.config b/kernel-x86_64-rhel.config index b9b7772cf..9a5b62f53 100644 --- a/kernel-x86_64-rhel.config +++ b/kernel-x86_64-rhel.config @@ -2123,7 +2123,7 @@ CONFIG_HP_ILO=m CONFIG_HP_WATCHDOG=m CONFIG_HPWDT_NMI_DECODING=y CONFIG_HP_WMI=m -# CONFIG_HSA_AMD_P2P is not set +CONFIG_HSA_AMD_P2P=y CONFIG_HSA_AMD_SVM=y CONFIG_HSA_AMD=y # CONFIG_HSI is not set @@ -2275,6 +2275,7 @@ CONFIG_IDEAPAD_LAPTOP=m CONFIG_IDLE_INJECT=y CONFIG_IDLE_PAGE_TRACKING=y CONFIG_IDPF=m +# CONFIG_IDPF_SINGLEQ is not set # CONFIG_IE6XX_WDT is not set CONFIG_IEEE802154_6LOWPAN=m # CONFIG_IEEE802154_ADF7242 is not set diff --git a/kernel-x86_64-rt-debug-rhel.config b/kernel-x86_64-rt-debug-rhel.config index 819854b00..950c1bff4 100644 --- a/kernel-x86_64-rt-debug-rhel.config +++ b/kernel-x86_64-rt-debug-rhel.config @@ -2193,7 +2193,7 @@ CONFIG_HP_ILO=m CONFIG_HP_WATCHDOG=m CONFIG_HPWDT_NMI_DECODING=y CONFIG_HP_WMI=m -# CONFIG_HSA_AMD_P2P is not set +CONFIG_HSA_AMD_P2P=y CONFIG_HSA_AMD_SVM=y CONFIG_HSA_AMD=y # CONFIG_HSI is not set @@ -2345,6 +2345,7 @@ CONFIG_IDEAPAD_LAPTOP=m CONFIG_IDLE_INJECT=y CONFIG_IDLE_PAGE_TRACKING=y CONFIG_IDPF=m +# CONFIG_IDPF_SINGLEQ is not set # CONFIG_IE6XX_WDT is not set CONFIG_IEEE802154_6LOWPAN=m # CONFIG_IEEE802154_ADF7242 is not set diff --git a/kernel-x86_64-rt-rhel.config b/kernel-x86_64-rt-rhel.config index 997f39dce..e251daa37 100644 --- a/kernel-x86_64-rt-rhel.config +++ b/kernel-x86_64-rt-rhel.config @@ -2177,7 +2177,7 @@ CONFIG_HP_ILO=m CONFIG_HP_WATCHDOG=m CONFIG_HPWDT_NMI_DECODING=y CONFIG_HP_WMI=m -# CONFIG_HSA_AMD_P2P is not set +CONFIG_HSA_AMD_P2P=y CONFIG_HSA_AMD_SVM=y CONFIG_HSA_AMD=y # CONFIG_HSI is not set @@ -2329,6 +2329,7 @@ CONFIG_IDEAPAD_LAPTOP=m CONFIG_IDLE_INJECT=y CONFIG_IDLE_PAGE_TRACKING=y CONFIG_IDPF=m +# CONFIG_IDPF_SINGLEQ is not set # CONFIG_IE6XX_WDT is not set CONFIG_IEEE802154_6LOWPAN=m # CONFIG_IEEE802154_ADF7242 is not set diff --git a/kernel.changelog b/kernel.changelog index 7c8aaa416..a1ece8663 100644 --- a/kernel.changelog +++ b/kernel.changelog @@ -1,3 +1,239 @@ +* Thu Jan 23 2025 Rado Vrbovsky [5.14.0-555.el9] +- net/sctp: Prevent autoclose integer overflow in sctp_association_init() (Xin Long) [RHEL-73625] +- sctp: fix possible UAF in sctp_v6_available() (Xin Long) [RHEL-73625] {CVE-2024-53139} +- tipc: fix NULL deref in cleanup_bearer() (Xin Long) [RHEL-72258] +- tipc: Fix use-after-free of kernel socket in cleanup_bearer(). (Xin Long) [RHEL-72258] {CVE-2024-56642} +- KVM: s390: add gen17 facilities to CPU model (Mete Durlu) [RHEL-50767] +- KVM: s390: add msa11 to cpu model (Mete Durlu) [RHEL-50767] +- KVM: s390: add concurrent-function facility to cpu model (Mete Durlu) [RHEL-50767] +- s390/uv: Provide host-key hashes in sysfs (Mete Durlu) [RHEL-50752] +- s390/uv: Refactor uv-sysfs creation (Mete Durlu) [RHEL-50752] +- s390/uvdevice: Support longer secret lists (Mete Durlu) [RHEL-50754] +- s390/uv: Retrieve UV secrets sysfs support (Mete Durlu) [RHEL-50754] +- s390/uvdevice: Increase indent in IOCTL definitions (Mete Durlu) [RHEL-50754] +- s390/uvdevice: Add Retrieve Secret IOCTL (Mete Durlu) [RHEL-50754] +- s390/uv: Retrieve UV secrets support (Mete Durlu) [RHEL-50754] +- s390/uv: Use a constant for more-data rc (Mete Durlu) [RHEL-50754] +- s390: Remove protvirt and kvm config guards for uv code (Mete Durlu) [RHEL-50754] +- geneve: do not assume mac header is set in geneve_xmit_skb() (Guillaume Nault) [RHEL-73420] +- net/ipv6: release expired exception dst cached in socket (Guillaume Nault) [RHEL-72264] {CVE-2024-56644} +- ipv6: Fix soft lockups in fib6_select_path under high next hop churn (Hangbin Liu) [RHEL-73281] +- selftests: net: really check for bg process completion (Hangbin Liu) [RHEL-73281] +- ipv6: release nexthop on device removal (Hangbin Liu) [RHEL-73281] +- selftests: vrf_route_leaking: add local test (Hangbin Liu) [RHEL-73281] +- ipv6: take care of scope when choosing the src addr (Hangbin Liu) [RHEL-73281] +- ipv6: fix source address selection with route leak (Hangbin Liu) [RHEL-73281] +- team: prevent adding a device which is already a team device lower (Hangbin Liu) [RHEL-73276] +- team: Fix feature exposure when no ports are present (Hangbin Liu) [RHEL-73276] +- team: Fix feature propagation of NETIF_F_GSO_ENCAP_ALL (Hangbin Liu) [RHEL-73276] +- team: Fix initial vlan_feature set in __team_compute_features (Hangbin Liu) [RHEL-73276] +- bonding: Fix feature propagation of NETIF_F_GSO_ENCAP_ALL (Hangbin Liu) [RHEL-73276] +- bonding: Fix initial {vlan,mpls}_feature set in bond_compute_features (Hangbin Liu) [RHEL-73276] +- net, team, bonding: Add netdev_base_features helper (Hangbin Liu) [RHEL-73276] +- bonding: add ESP offload features when slaves support (Hangbin Liu) [RHEL-73276] +- net: team: rename team to team_core for linking (Hangbin Liu) [RHEL-73276] +- ptp: Add error handling for adjfine callback in ptp_clock_adjtime (CKI Backport Bot) [RHEL-73275] +- ptp: Fix error message on failed pin verification (CKI Backport Bot) [RHEL-73275] +- vp_vdpa: fix id_table array not null terminated error (Jon Maloy) [RHEL-69651] {CVE-2024-53110} +- vdpa/mlx5: Fix invalid mr resource destroy (Jon Maloy) [RHEL-63223] {CVE-2024-47687} +- net: sched: fix ordering of qlen adjustment (CKI Backport Bot) [RHEL-72377 RHEL-73151] {CVE-2024-53164} +- net_sched: sch_fq: don't follow the fast path if Tx is behind now (CKI Backport Bot) [RHEL-73151] +- net: sched: cls_u32: Fix u32's systematic failure to free IDR entries for hnodes. (CKI Backport Bot) [RHEL-73151] +- net: tun: Fix use-after-free in tun_detach() (Jon Maloy) [RHEL-63736] {CVE-2022-49014} +- i40e: add ability to reset VF for Tx and Rx MDD events (Michal Schmidt) [RHEL-54223] +- xfs: ensure submit buffers on LSN boundaries in error handlers (Bill O'Donnell) [RHEL-68860] +- xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (Bill O'Donnell) [RHEL-68860] +- xfs: Fix the owner setting issue for rmap query in xfs fsmap (Bill O'Donnell) [RHEL-68860] +- xfs: conditionally allow FS_XFLAG_REALTIME changes if S_DAX is set (Bill O'Donnell) [RHEL-68860] +- xfs: attr forks require attr, not attr2 (Bill O'Donnell) [RHEL-68860] +- xfs: convert comma to semicolon (Bill O'Donnell) [RHEL-68860] +- xfs: honor init_xattrs in xfs_init_new_inode for !ATTR fs (Bill O'Donnell) [RHEL-68860] +- xfs: allow unlinked symlinks and dirs with zero size (Bill O'Donnell) [RHEL-68860] +- xfs: restrict when we try to align cow fork delalloc to cowextsz hints (Bill O'Donnell) [RHEL-68860] +- xfs: fix unlink vs cluster buffer instantiation race (Bill O'Donnell) [RHEL-68860] +- xfs: match lock mode in xfs_buffered_write_iomap_begin() (Bill O'Donnell) [RHEL-68860] +- xfs: require XFS_SB_FEAT_INCOMPAT_LOG_XATTRS for attr log intent item recovery (Bill O'Donnell) [RHEL-68860] +- xfs: shrink failure needs to hold AGI buffer (Bill O'Donnell) [RHEL-68860] +- idpf: trigger SW interrupt when exiting wb_on_itr mode (Michal Schmidt) [RHEL-50916] +- idpf: add support for SW triggered interrupts (Michal Schmidt) [RHEL-50916] +- idpf: set completion tag for "empty" bufs associated with a packet (Michal Schmidt) [RHEL-50916] +- idpf: deinit virtchnl transaction manager after vport and vectors (Michal Schmidt) [RHEL-50916] +- idpf: use actual mbx receive payload length (Michal Schmidt) [RHEL-50916] +- idpf: fix VF dynamic interrupt ctl register initialization (Michal Schmidt) [RHEL-50916] +- idpf: enable WB_ON_ITR (Michal Schmidt) [RHEL-50916] +- idpf: fix netdev Tx queue stop/wake (Michal Schmidt) [RHEL-50916] +- idpf: refactor Tx completion routines (Michal Schmidt) [RHEL-50916] +- idpf: convert to libeth Tx buffer completion (Michal Schmidt) [RHEL-50916] +- idpf: remove redundant 'req_vec_chunks' NULL check (Michal Schmidt) [RHEL-50916] +- idpf: fix UAFs when destroying the queues (Michal Schmidt) [RHEL-50916 RHEL-58452] {CVE-2024-44932} +- idpf: use libeth Rx buffer management for payload buffer (Michal Schmidt) [RHEL-50916] +- idpf: convert header split mode to libeth + napi_build_skb() (Michal Schmidt) [RHEL-50916] +- idpf: remove legacy Page Pool Ethtool stats (Michal Schmidt) [RHEL-50916] +- idpf: reuse libeth's definitions of parsed ptype structures (Michal Schmidt) [RHEL-50916] +- idpf: fix memleak in vport interrupt configuration (Michal Schmidt) [RHEL-50916] +- idpf: fix memory leaks and crashes while performing a soft reset (Michal Schmidt) [RHEL-50916 RHEL-57131] {CVE-2024-44964} +- redhat/configs: set CONFIG_IDPF_SINGLEQ to disabled (Michal Schmidt) [RHEL-50916] +- idpf: compile singleq code only under default-n CONFIG_IDPF_SINGLEQ (Michal Schmidt) [RHEL-50916] +- idpf: merge singleq and splitq &net_device_ops (Michal Schmidt) [RHEL-50916] +- idpf: Don't hard code napi_struct size (Michal Schmidt) [RHEL-50916] +- idpf: strictly assert cachelines of queue and queue vector structures (Michal Schmidt) [RHEL-50916] +- idpf: avoid bloating &idpf_q_vector with big %%NR_CPUS (Michal Schmidt) [RHEL-50916] +- idpf: split &idpf_queue into 4 strictly-typed queue structures (Michal Schmidt) [RHEL-50916] +- idpf: stop using macros for accessing queue descriptors (Michal Schmidt) [RHEL-50916] +- idpf: don't enable NAPI and interrupts prior to allocating Rx buffers (Michal Schmidt) [RHEL-50916] +- idpf: Interpret .set_channels() input differently (Michal Schmidt) [RHEL-50916] +- idpf: sprinkle __counted_by{,_le}() in the virtchnl2 header (Michal Schmidt) [RHEL-50916] +- idpf: make virtchnl2.h self-contained (Michal Schmidt) [RHEL-50916] +- selftests/powerpc: Fix build with USERCFLAGS set (Mamatha Inamdar) [RHEL-74480] +- selftests/powerpc: make sub-folders buildable on their own (Mamatha Inamdar) [RHEL-74480] +- selftests/powerpc: Add flags.mk to support pmu buildable (Mamatha Inamdar) [RHEL-74480] +- selftests/powerpc: Re-order *FLAGS to follow lib.mk (Mamatha Inamdar) [RHEL-74480] +- zram: don't free statically defined names (Ming Lei) [RHEL-63884] {CVE-2024-50064} +- zram: free secondary algorithms names (Ming Lei) [RHEL-63884] {CVE-2024-50064} +- net: Fix icmp host relookup triggering ip_rt_bug (Hangbin Liu) [RHEL-72380] {CVE-2024-56647} +- powerpc/mm/fault: Fix kfence page fault reporting (Mamatha Inamdar) [RHEL-74445] +- NFSv4.0: Fix a use-after-free problem in the asynchronous open() (Benjamin Coddington) [RHEL-72352] {CVE-2024-53173} +- sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (Benjamin Coddington) [RHEL-72398] {CVE-2024-56688} +- smb: Initialize cfid->tcon before performing network ops (Paulo Alcantara) [RHEL-72459] {CVE-2024-56729} +- arm64/sve: Discard stale CPU state when handling SVE traps (Mark Salter) [RHEL-71525] {CVE-2024-50275} +- bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx (Sabrina Dubroca) [RHEL-68543] {CVE-2024-53091} +- Bluetooth: hci_conn: Use disable_delayed_work_sync (CKI Backport Bot) [RHEL-72334] {CVE-2024-56591} +- perf machine: Initialize machine->env to address a segfault (Michael Petlan) [RHEL-65416] +- Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (CKI Backport Bot) [RHEL-72297] {CVE-2024-56590} +- crypto: aes-gcm-p10 - Use the correct bit to test for P10 (Mamatha Inamdar) [RHEL-58802] +- crypto: powerpc/p10-aes-gcm - Add dependency on CRYPTO_SIMDand re-enable CRYPTO_AES_GCM_P10 (Mamatha Inamdar) [RHEL-58802] +- crypto: powerpc/p10-aes-gcm - Register modules as SIMD (Mamatha Inamdar) [RHEL-58802] +- crypto: powerpc/p10-aes-gcm - Re-write AES/GCM stitched implementation (Mamatha Inamdar) [RHEL-58802] +- crypto: powerpc/p10-aes-gcm - Disable CRYPTO_AES_GCM_P10 (Mamatha Inamdar) [RHEL-58802] +- Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (CKI Backport Bot) [RHEL-72291] {CVE-2024-56604} +- Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating (CKI Backport Bot) [RHEL-72255] {CVE-2024-56654} +- zram: fix NULL pointer in comp_algorithm_show() (Ming Lei) [RHEL-72367] {CVE-2024-53222} +- brd: defer automatic disk creation until module initialization succeeds (Ming Lei) [RHEL-72386] {CVE-2024-56693} +- block, bfq: fix bfqq uaf in bfq_limit_depth() (Ming Lei) [RHEL-72358] {CVE-2024-53166} +- s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (Mete Durlu) [RHEL-74381] +- redhat: Add python3-docutils for selftests build dependency (Julio Faracco) [RHEL-74391] +- mm/vmscan: wake up flushers conditionally to avoid cgroup OOM (Waiman Long) [RHEL-72577] +- mm/mglru: Revert 'Revert "don't sync disk for each aging cycle"' (Waiman Long) [RHEL-72577] +- SUNRPC: make sure cache entry active before cache_show (Olga Kornievskaia) [RHEL-72340] {CVE-2024-53174} +- powerpc/pseries/iommu: Don't unset window if it was never set (Mamatha Inamdar) [RHEL-74049] +- NFSD: Prevent a potential integer overflow (Olga Kornievskaia) [RHEL-72114] {CVE-2024-53146} +- nfsd: make sure exp active before svc_export_show (Olga Kornievskaia) [RHEL-72249] {CVE-2024-56558} +- tools/rtla: Use pkg-config in lib_setup of Makefile.config (Luis Claudio R. Goncalves) [RHEL-69738] +- tracing: Remove extra space at the end of hwlat_detector/mode (Luis Claudio R. Goncalves) [RHEL-69738] +- trace/hwlat: Do not wipe the contents of per-cpu thread data (Luis Claudio R. Goncalves) [RHEL-69738] +- trace/hwlat: Do not start per-cpu thread if it is already running (Luis Claudio R. Goncalves) [RHEL-69738] +- trace/hwlat: make use of the helper function kthread_run_on_cpu() (Luis Claudio R. Goncalves) [RHEL-69738] +- tracing/hwlat: Make some internal symbols static (Luis Claudio R. Goncalves) [RHEL-69738] +- tools/rtla: Improve exception handling in timerlat_load.py (Luis Claudio R. Goncalves) [RHEL-69738] +- tools/rtla: Enhance argument parsing in timerlat_load.py (Luis Claudio R. Goncalves) [RHEL-69738] +- tools/rtla: Improve code readability in timerlat_load.py (Luis Claudio R. Goncalves) [RHEL-69738] +- rtla/timerlat: Do not set params->user_workload with -U (Luis Claudio R. Goncalves) [RHEL-69738] +- tools/rtla: fix collision with glibc sched_attr/sched_set_attr (Luis Claudio R. Goncalves) [RHEL-69738] +- tools/rtla: drop __NR_sched_getattr (Luis Claudio R. Goncalves) [RHEL-69738] +- rtla: Fix consistency in getopt_long for timerlat_hist (Luis Claudio R. Goncalves) [RHEL-69738] +- rtla: use the definition for stdout fd when calling isatty() (Luis Claudio R. Goncalves) [RHEL-69738] +- rtla: Fix the help text in osnoise and timerlat top tools (Luis Claudio R. Goncalves) [RHEL-69738] +- tools/rtla: Fix installation from out-of-tree build (Luis Claudio R. Goncalves) [RHEL-69738] +- rtla/osnoise: Prevent NULL dereference in error handling (Luis Claudio R. Goncalves) [RHEL-69738] {CVE-2024-45002} +- rtla/timerlat: Make user-space threads the default (Luis Claudio R. Goncalves) [RHEL-69738] +- bpf, sockmap: Fix race between element replace and close() (Felix Maurer) [RHEL-68071 RHEL-72246] {CVE-2024-56664} +- xsk: Free skb when TX metadata options are invalid (Felix Maurer) [RHEL-40153 RHEL-68071] +- xsk: always clear DMA mapping information when unmapping the pool (Felix Maurer) [RHEL-68071] +- bpf: fix OOB devmap writes when deleting elements (Felix Maurer) [RHEL-68071] +- xsk: fix OOB map writes when deleting elements (Felix Maurer) [RHEL-68071 RHEL-72252] {CVE-2024-56614} +- tcp_bpf: fix return value of tcp_bpf_sendmsg() (Felix Maurer) [RHEL-59445 RHEL-68071] {CVE-2024-46783} +- bpf: Remove tst_run from lwt_seg6local_prog_ops. (Felix Maurer) [RHEL-59341 RHEL-68071] {CVE-2024-46754} +- ice: implement low latency PHY timer updates (Petr Oros) [RHEL-25338] +- ice: check low latency PHY timer update firmware capability (Petr Oros) [RHEL-25338] +- ice: add lock to protect low latency interface (Petr Oros) [RHEL-25338] +- ice: rename TS_LL_READ* macros to REG_LL_PROXY_H_* (Petr Oros) [RHEL-25338] +- ice: use read_poll_timeout_atomic in ice_read_phy_tstamp_ll_e810 (Petr Oros) [RHEL-25338] +- tpm_tis_spi: Add compatible string atmel,attpm20p (Štěpán Horáček) [RHEL-52747] +- libstub,tpm: do not ignore failure case when reading final event log (Štěpán Horáček) [RHEL-52747] +- tpm: fix unsigned/signed mismatch errors related to __calc_tpm2_event_size (Štěpán Horáček) [RHEL-52747] +- tpm: do not ignore memblock_reserve return value (Štěpán Horáček) [RHEL-52747] +- tpm: fix signed/unsigned bug when checking event logs (Štěpán Horáček) [RHEL-52747] +- tpm: Lock TPM chip in tpm_pm_suspend() first (Štěpán Horáček) [RHEL-68209] {CVE-2024-53085} +- tpm: Clean up TPM space after command failure (Štěpán Horáček) [RHEL-63357] {CVE-2024-49851} +- efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (Štěpán Horáček) [RHEL-52747] +- char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (Štěpán Horáček) [RHEL-52747] +- tpm_tis_spi: add missing attpm20p SPI device ID entry (Štěpán Horáček) [RHEL-52747] +- KEYS: trusted: Do not use WARN when encode fails (Štěpán Horáček) [RHEL-52747] +- KEYS: trusted: tpm2: Use struct tpm_buf for sized buffers (Štěpán Horáček) [RHEL-52747] +- tpm: Add tpm_buf_read_{u8,u16,u32} (Štěpán Horáček) [RHEL-52747] +- tpm: TPM2B formatted buffers (Štěpán Horáček) [RHEL-52747] +- tpm: Store the length of the tpm_buf data separately. (Štěpán Horáček) [RHEL-52747] +- tpm: Update struct tpm_buf documentation comments (Štěpán Horáček) [RHEL-52747] +- tpm: Move buffer handling from static inlines to real functions (Štěpán Horáček) [RHEL-52747] +- tpm: Remove tpm_send() (Štěpán Horáček) [RHEL-52747] +- tpm: Remove unused tpm_buf_tag() (Štěpán Horáček) [RHEL-52747] +- tpm/eventlog: remove redundant assignment to variabel ret (Štěpán Horáček) [RHEL-52747] +- smb: client: fix TCP timers deadlock after rmmod (Paulo Alcantara) [RHEL-73657] {CVE-2024-54680} +- nvmet: Don't overflow subsysnqn (CKI Backport Bot) [RHEL-74081] {CVE-2024-53681} +- PCI: Wait for Link before restoring Downstream Buses (Myron Stowe) [RHEL-71363] +- PCI: Use an error code with PCIe failed link retraining (Myron Stowe) [RHEL-71363] +- PCI: Correct error reporting with PCIe failed link retraining (Myron Stowe) [RHEL-71363] +- PCI: Revert to the original speed after PCIe failed link retraining (Myron Stowe) [RHEL-71363] +- PCI: Clear the LBMS bit after a link retrain (Myron Stowe) [RHEL-71363] +- PCI: Wait for device readiness with Configuration RRS (Myron Stowe) [RHEL-71363] +- s390/pci: Add pci_msg debug view to PCI report (Mete Durlu) [RHEL-50792] +- s390/debug: Add a reverse mode for debug_dump() (Mete Durlu) [RHEL-50792] +- s390/debug: Add debug_dump() to write debug view to a string buffer (Mete Durlu) [RHEL-50792] +- s390/debug: Split private data alloc/free out of file operations (Mete Durlu) [RHEL-50792] +- s390/debug: Simplify and document debug_next_entry() logic (Mete Durlu) [RHEL-50792] +- s390/pci: Report PCI error recovery results via SCLP (Mete Durlu) [RHEL-50792] +- s390/debug: Pass in and enforce output buffer size for format handlers (Mete Durlu) [RHEL-50792] +- s390/sclp: Allow user-space to provide PCI reports for optical modules (Mete Durlu) [RHEL-71265] +- Enable peer to peer DMA for ROCm (Mika Penttilä) [RHEL-9998] +- pinmux: Use sequential access to access desc->pinmux data (David Arcari) [RHEL-73715] {CVE-2024-47141} +- block: Prevent potential deadlocks in zone write plug error recovery (Ming Lei) [RHEL-71498] +- dm: Fix dm-zoned-reclaim zone write pointer alignment (Ming Lei) [RHEL-71498] +- block: Ignore REQ_NOWAIT for zone reset and zone finish operations (Ming Lei) [RHEL-71498] +- block: Use a zone write plug BIO work for REQ_NOWAIT BIOs (Ming Lei) [RHEL-71498] +- block: Prevent potential deadlock in blk_revalidate_disk_zones() (Ming Lei) [RHEL-71498] +- block: Switch to using refcount_t for zone write plugs (Ming Lei) [RHEL-71498] +- block: Add a public bdev_zone_is_seq() helper (Ming Lei) [RHEL-71498] +- block: RCU protect disk->conv_zones_bitmap (Ming Lei) [RHEL-71498] +- MAINTAINERS: Make Kristen Accardi the IAA crypto driver maintainer (Vladis Dronov) [RHEL-49539] +- crypto: iaa - Remove potential infinite loop in check_completion() (Vladis Dronov) [RHEL-49539] +- crypto: iaa - Fix potential use after free bug (Vladis Dronov) [RHEL-49539] +- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (Vladis Dronov) [RHEL-49539] +- crypto: iaa - Use cpumask_weight() when rebalancing (Vladis Dronov) [RHEL-49539] +- crypto: iaa - Fix some errors in IAA documentation (Vladis Dronov) [RHEL-49539] +- crypto: iaa - Change iaa statistics to atomic64_t (Vladis Dronov) [RHEL-49539] +- crypto: iaa - Add global_stats file and remove individual stat files (Vladis Dronov) [RHEL-49539] +- crypto: iaa - Remove comp/decomp delay statistics (Vladis Dronov) [RHEL-49539] +- crypto: iaa - fix decomp_bytes_in stats (Vladis Dronov) [RHEL-49539] +- cppc_cpufreq: Remove HiSilicon CPPC workaround (Mark Langsdorf) [RHEL-65441] +- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (Mark Langsdorf) [RHEL-65441] +- nbd: fix partial sending (Ming Lei) [RHEL-64338] +- kernel.spec: perf: fix C++ demangle support (Michael Petlan) [RHEL-69463] +- mptcp: fix TCP options overflow. (CKI Backport Bot) [RHEL-73516] +- Bluetooth: btusb: add Foxconn 0xe0fc for Qualcomm WCN785x (CKI Backport Bot) [RHEL-70424] +- netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level (CKI Backport Bot) [RHEL-73350] {CVE-2024-56783} +- SUNRPC: timeout and cancel TLS handshake with -ETIMEDOUT (Benjamin Coddington) [RHEL-67304] +- netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext (CKI Backport Bot) [RHEL-73708] +- netfilter: nft_set_hash: skip duplicated elements pending gc run (CKI Backport Bot) [RHEL-73708] +- netfilter: nft_inner: incorrect percpu area handling under softirq (CKI Backport Bot) [RHEL-73708] +- netfilter: x_tables: fix LED ID check in led_tg_check() (CKI Backport Bot) [RHEL-73708] +- netfilter: ipset: add missing range check in bitmap_ip_uadt (CKI Backport Bot) [RHEL-73708] +- netfilter: nf_tables: must hold rcu read lock while iterating object type list (CKI Backport Bot) [RHEL-73708] +- netfilter: nf_tables: must hold rcu read lock while iterating expression type list (CKI Backport Bot) [RHEL-73708] +- netfilter: fib: check correct rtable in vrf setups (CKI Backport Bot) [RHEL-73708] +- netfilter: allow ipv6 fragments to arrive on different devices (CKI Backport Bot) [RHEL-73708] +- netfilter: ctnetlink: support CTA_FILTER for flush (CKI Backport Bot) [RHEL-73708] +- netfilter: nfnetlink: convert kfree_skb to consume_skb (CKI Backport Bot) [RHEL-73708] +- netfilter: conntrack: fix ct-state for ICMPv6 Multicast Router Discovery (CKI Backport Bot) [RHEL-73708] +- netfilter: nf_tables: skip transaction if update object is not implemented (CKI Backport Bot) [RHEL-73708] +- netfilter: ip6_tables: zero-initialize fragment offset (CKI Backport Bot) [RHEL-73708] +- fadump: reserve param area if below boot_mem_top (Mamatha Inamdar) [RHEL-73120] +- powerpc/fadump: allocate memory for additional parameters early (Mamatha Inamdar) [RHEL-73120] +- Bluetooth: btusb: mediatek: change the conditions for ISO interface (Bastien Nocera) [RHEL-72839] +- Bluetooth: btusb: mediatek: add intf release flow when usb disconnect (Bastien Nocera) [RHEL-72839] {CVE-2024-56757} +- Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (Bastien Nocera) [RHEL-72839] +- Bluetooth: btusb: mediatek: move Bluetooth power off command position (Bastien Nocera) [RHEL-72839] +Resolves: RHEL-25338, RHEL-40153, RHEL-49539, RHEL-50752, RHEL-50754, RHEL-50767, RHEL-50792, RHEL-50916, RHEL-52747, RHEL-54223, RHEL-57131, RHEL-58452, RHEL-58802, RHEL-59341, RHEL-59445, RHEL-63223, RHEL-63357, RHEL-63736, RHEL-63884, RHEL-64338, RHEL-65416, RHEL-65441, RHEL-67304, RHEL-68071, RHEL-68209, RHEL-68543, RHEL-68860, RHEL-69463, RHEL-69651, RHEL-69738, RHEL-70424, RHEL-71265, RHEL-71363, RHEL-71498, RHEL-71525, RHEL-72114, RHEL-72246, RHEL-72249, RHEL-72252, RHEL-72255, RHEL-72258, RHEL-72264, RHEL-72291, RHEL-72297, RHEL-72334, RHEL-72340, RHEL-72352, RHEL-72358, RHEL-72367, RHEL-72377, RHEL-72380, RHEL-72386, RHEL-72398, RHEL-72459, RHEL-72577, RHEL-72839, RHEL-73120, RHEL-73151, RHEL-73275, RHEL-73276, RHEL-73281, RHEL-73350, RHEL-73420, RHEL-73516, RHEL-73625, RHEL-73657, RHEL-73708, RHEL-73715, RHEL-74049, RHEL-74081, RHEL-74381, RHEL-74391, RHEL-74445, RHEL-74480, RHEL-9998 + * Wed Jan 22 2025 Rado Vrbovsky [5.14.0-554.el9] - ALSA: configuration update for 9.6 (Jaroslav Kysela) [RHEL-60915] - pinctrl: cs42l43: use new pinctrl_gpio_direction_input and pinctrl_gpio_direction_output fcns (Jaroslav Kysela) [RHEL-60915] diff --git a/kernel.spec b/kernel.spec index 88e68cacd..53f5e3d61 100755 --- a/kernel.spec +++ b/kernel.spec @@ -165,15 +165,15 @@ Summary: The Linux kernel # define buildid .local %define specversion 5.14.0 %define patchversion 5.14 -%define pkgrelease 554 +%define pkgrelease 555 %define kversion 5 -%define tarfile_release 5.14.0-554.el9 +%define tarfile_release 5.14.0-555.el9 # This is needed to do merge window version magic %define patchlevel 14 # This allows pkg_release to have configurable %%{?dist} tag -%define specrelease 554%{?buildid}%{?dist} +%define specrelease 555%{?buildid}%{?dist} # This defines the kabi tarball version -%define kabiversion 5.14.0-554.el9 +%define kabiversion 5.14.0-555.el9 # # End of genspec.sh variables @@ -690,7 +690,7 @@ BuildRequires: libnl3-devel BuildRequires: openssl-devel %endif %if %{with_selftests} -BuildRequires: clang llvm fuse-devel zlib-devel binutils-devel +BuildRequires: clang llvm fuse-devel zlib-devel binutils-devel python3-docutils %ifarch x86_64 BuildRequires: lld %endif @@ -2651,7 +2651,7 @@ InitBuildVars %global perf_build_extra_opts CORESIGHT=1 %endif %global perf_make \ - %{__make} %{?make_opts} EXTRA_CFLAGS="${RPM_OPT_FLAGS}" LDFLAGS="%{__global_ldflags} -Wl,-E" %{?cross_opts} -C tools/perf V=1 NO_PERF_READ_VDSO32=1 NO_PERF_READ_VDSOX32=1 WERROR=0 NO_LIBUNWIND=1 HAVE_CPLUS_DEMANGLE=1 NO_GTK2=1 NO_STRLCPY=1 NO_BIONIC=1 LIBBPF_DYNAMIC=1 LIBTRACEEVENT_DYNAMIC=1 %{?perf_build_extra_opts} prefix=%{_prefix} PYTHON=%{__python3} + %{__make} %{?make_opts} EXTRA_CFLAGS="${RPM_OPT_FLAGS}" EXTRA_CXXFLAGS="${RPM_OPT_FLAGS}" LDFLAGS="%{__global_ldflags} -Wl,-E" %{?cross_opts} -C tools/perf V=1 NO_PERF_READ_VDSO32=1 NO_PERF_READ_VDSOX32=1 WERROR=0 NO_LIBUNWIND=1 NO_GTK2=1 NO_STRLCPY=1 NO_BIONIC=1 LIBBPF_DYNAMIC=1 LIBTRACEEVENT_DYNAMIC=1 %{?perf_build_extra_opts} prefix=%{_prefix} PYTHON=%{__python3} %if %{with_perf} # perf # make sure check-headers.sh is executable @@ -3729,6 +3729,241 @@ fi # # %changelog +* Thu Jan 23 2025 Rado Vrbovsky [5.14.0-555.el9] +- net/sctp: Prevent autoclose integer overflow in sctp_association_init() (Xin Long) [RHEL-73625] +- sctp: fix possible UAF in sctp_v6_available() (Xin Long) [RHEL-73625] {CVE-2024-53139} +- tipc: fix NULL deref in cleanup_bearer() (Xin Long) [RHEL-72258] +- tipc: Fix use-after-free of kernel socket in cleanup_bearer(). (Xin Long) [RHEL-72258] {CVE-2024-56642} +- KVM: s390: add gen17 facilities to CPU model (Mete Durlu) [RHEL-50767] +- KVM: s390: add msa11 to cpu model (Mete Durlu) [RHEL-50767] +- KVM: s390: add concurrent-function facility to cpu model (Mete Durlu) [RHEL-50767] +- s390/uv: Provide host-key hashes in sysfs (Mete Durlu) [RHEL-50752] +- s390/uv: Refactor uv-sysfs creation (Mete Durlu) [RHEL-50752] +- s390/uvdevice: Support longer secret lists (Mete Durlu) [RHEL-50754] +- s390/uv: Retrieve UV secrets sysfs support (Mete Durlu) [RHEL-50754] +- s390/uvdevice: Increase indent in IOCTL definitions (Mete Durlu) [RHEL-50754] +- s390/uvdevice: Add Retrieve Secret IOCTL (Mete Durlu) [RHEL-50754] +- s390/uv: Retrieve UV secrets support (Mete Durlu) [RHEL-50754] +- s390/uv: Use a constant for more-data rc (Mete Durlu) [RHEL-50754] +- s390: Remove protvirt and kvm config guards for uv code (Mete Durlu) [RHEL-50754] +- geneve: do not assume mac header is set in geneve_xmit_skb() (Guillaume Nault) [RHEL-73420] +- net/ipv6: release expired exception dst cached in socket (Guillaume Nault) [RHEL-72264] {CVE-2024-56644} +- ipv6: Fix soft lockups in fib6_select_path under high next hop churn (Hangbin Liu) [RHEL-73281] +- selftests: net: really check for bg process completion (Hangbin Liu) [RHEL-73281] +- ipv6: release nexthop on device removal (Hangbin Liu) [RHEL-73281] +- selftests: vrf_route_leaking: add local test (Hangbin Liu) [RHEL-73281] +- ipv6: take care of scope when choosing the src addr (Hangbin Liu) [RHEL-73281] +- ipv6: fix source address selection with route leak (Hangbin Liu) [RHEL-73281] +- team: prevent adding a device which is already a team device lower (Hangbin Liu) [RHEL-73276] +- team: Fix feature exposure when no ports are present (Hangbin Liu) [RHEL-73276] +- team: Fix feature propagation of NETIF_F_GSO_ENCAP_ALL (Hangbin Liu) [RHEL-73276] +- team: Fix initial vlan_feature set in __team_compute_features (Hangbin Liu) [RHEL-73276] +- bonding: Fix feature propagation of NETIF_F_GSO_ENCAP_ALL (Hangbin Liu) [RHEL-73276] +- bonding: Fix initial {vlan,mpls}_feature set in bond_compute_features (Hangbin Liu) [RHEL-73276] +- net, team, bonding: Add netdev_base_features helper (Hangbin Liu) [RHEL-73276] +- bonding: add ESP offload features when slaves support (Hangbin Liu) [RHEL-73276] +- net: team: rename team to team_core for linking (Hangbin Liu) [RHEL-73276] +- ptp: Add error handling for adjfine callback in ptp_clock_adjtime (CKI Backport Bot) [RHEL-73275] +- ptp: Fix error message on failed pin verification (CKI Backport Bot) [RHEL-73275] +- vp_vdpa: fix id_table array not null terminated error (Jon Maloy) [RHEL-69651] {CVE-2024-53110} +- vdpa/mlx5: Fix invalid mr resource destroy (Jon Maloy) [RHEL-63223] {CVE-2024-47687} +- net: sched: fix ordering of qlen adjustment (CKI Backport Bot) [RHEL-72377 RHEL-73151] {CVE-2024-53164} +- net_sched: sch_fq: don't follow the fast path if Tx is behind now (CKI Backport Bot) [RHEL-73151] +- net: sched: cls_u32: Fix u32's systematic failure to free IDR entries for hnodes. (CKI Backport Bot) [RHEL-73151] +- net: tun: Fix use-after-free in tun_detach() (Jon Maloy) [RHEL-63736] {CVE-2022-49014} +- i40e: add ability to reset VF for Tx and Rx MDD events (Michal Schmidt) [RHEL-54223] +- xfs: ensure submit buffers on LSN boundaries in error handlers (Bill O'Donnell) [RHEL-68860] +- xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (Bill O'Donnell) [RHEL-68860] +- xfs: Fix the owner setting issue for rmap query in xfs fsmap (Bill O'Donnell) [RHEL-68860] +- xfs: conditionally allow FS_XFLAG_REALTIME changes if S_DAX is set (Bill O'Donnell) [RHEL-68860] +- xfs: attr forks require attr, not attr2 (Bill O'Donnell) [RHEL-68860] +- xfs: convert comma to semicolon (Bill O'Donnell) [RHEL-68860] +- xfs: honor init_xattrs in xfs_init_new_inode for !ATTR fs (Bill O'Donnell) [RHEL-68860] +- xfs: allow unlinked symlinks and dirs with zero size (Bill O'Donnell) [RHEL-68860] +- xfs: restrict when we try to align cow fork delalloc to cowextsz hints (Bill O'Donnell) [RHEL-68860] +- xfs: fix unlink vs cluster buffer instantiation race (Bill O'Donnell) [RHEL-68860] +- xfs: match lock mode in xfs_buffered_write_iomap_begin() (Bill O'Donnell) [RHEL-68860] +- xfs: require XFS_SB_FEAT_INCOMPAT_LOG_XATTRS for attr log intent item recovery (Bill O'Donnell) [RHEL-68860] +- xfs: shrink failure needs to hold AGI buffer (Bill O'Donnell) [RHEL-68860] +- idpf: trigger SW interrupt when exiting wb_on_itr mode (Michal Schmidt) [RHEL-50916] +- idpf: add support for SW triggered interrupts (Michal Schmidt) [RHEL-50916] +- idpf: set completion tag for "empty" bufs associated with a packet (Michal Schmidt) [RHEL-50916] +- idpf: deinit virtchnl transaction manager after vport and vectors (Michal Schmidt) [RHEL-50916] +- idpf: use actual mbx receive payload length (Michal Schmidt) [RHEL-50916] +- idpf: fix VF dynamic interrupt ctl register initialization (Michal Schmidt) [RHEL-50916] +- idpf: enable WB_ON_ITR (Michal Schmidt) [RHEL-50916] +- idpf: fix netdev Tx queue stop/wake (Michal Schmidt) [RHEL-50916] +- idpf: refactor Tx completion routines (Michal Schmidt) [RHEL-50916] +- idpf: convert to libeth Tx buffer completion (Michal Schmidt) [RHEL-50916] +- idpf: remove redundant 'req_vec_chunks' NULL check (Michal Schmidt) [RHEL-50916] +- idpf: fix UAFs when destroying the queues (Michal Schmidt) [RHEL-50916 RHEL-58452] {CVE-2024-44932} +- idpf: use libeth Rx buffer management for payload buffer (Michal Schmidt) [RHEL-50916] +- idpf: convert header split mode to libeth + napi_build_skb() (Michal Schmidt) [RHEL-50916] +- idpf: remove legacy Page Pool Ethtool stats (Michal Schmidt) [RHEL-50916] +- idpf: reuse libeth's definitions of parsed ptype structures (Michal Schmidt) [RHEL-50916] +- idpf: fix memleak in vport interrupt configuration (Michal Schmidt) [RHEL-50916] +- idpf: fix memory leaks and crashes while performing a soft reset (Michal Schmidt) [RHEL-50916 RHEL-57131] {CVE-2024-44964} +- redhat/configs: set CONFIG_IDPF_SINGLEQ to disabled (Michal Schmidt) [RHEL-50916] +- idpf: compile singleq code only under default-n CONFIG_IDPF_SINGLEQ (Michal Schmidt) [RHEL-50916] +- idpf: merge singleq and splitq &net_device_ops (Michal Schmidt) [RHEL-50916] +- idpf: Don't hard code napi_struct size (Michal Schmidt) [RHEL-50916] +- idpf: strictly assert cachelines of queue and queue vector structures (Michal Schmidt) [RHEL-50916] +- idpf: avoid bloating &idpf_q_vector with big %%NR_CPUS (Michal Schmidt) [RHEL-50916] +- idpf: split &idpf_queue into 4 strictly-typed queue structures (Michal Schmidt) [RHEL-50916] +- idpf: stop using macros for accessing queue descriptors (Michal Schmidt) [RHEL-50916] +- idpf: don't enable NAPI and interrupts prior to allocating Rx buffers (Michal Schmidt) [RHEL-50916] +- idpf: Interpret .set_channels() input differently (Michal Schmidt) [RHEL-50916] +- idpf: sprinkle __counted_by{,_le}() in the virtchnl2 header (Michal Schmidt) [RHEL-50916] +- idpf: make virtchnl2.h self-contained (Michal Schmidt) [RHEL-50916] +- selftests/powerpc: Fix build with USERCFLAGS set (Mamatha Inamdar) [RHEL-74480] +- selftests/powerpc: make sub-folders buildable on their own (Mamatha Inamdar) [RHEL-74480] +- selftests/powerpc: Add flags.mk to support pmu buildable (Mamatha Inamdar) [RHEL-74480] +- selftests/powerpc: Re-order *FLAGS to follow lib.mk (Mamatha Inamdar) [RHEL-74480] +- zram: don't free statically defined names (Ming Lei) [RHEL-63884] {CVE-2024-50064} +- zram: free secondary algorithms names (Ming Lei) [RHEL-63884] {CVE-2024-50064} +- net: Fix icmp host relookup triggering ip_rt_bug (Hangbin Liu) [RHEL-72380] {CVE-2024-56647} +- powerpc/mm/fault: Fix kfence page fault reporting (Mamatha Inamdar) [RHEL-74445] +- NFSv4.0: Fix a use-after-free problem in the asynchronous open() (Benjamin Coddington) [RHEL-72352] {CVE-2024-53173} +- sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (Benjamin Coddington) [RHEL-72398] {CVE-2024-56688} +- smb: Initialize cfid->tcon before performing network ops (Paulo Alcantara) [RHEL-72459] {CVE-2024-56729} +- arm64/sve: Discard stale CPU state when handling SVE traps (Mark Salter) [RHEL-71525] {CVE-2024-50275} +- bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx (Sabrina Dubroca) [RHEL-68543] {CVE-2024-53091} +- Bluetooth: hci_conn: Use disable_delayed_work_sync (CKI Backport Bot) [RHEL-72334] {CVE-2024-56591} +- perf machine: Initialize machine->env to address a segfault (Michael Petlan) [RHEL-65416] +- Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet (CKI Backport Bot) [RHEL-72297] {CVE-2024-56590} +- crypto: aes-gcm-p10 - Use the correct bit to test for P10 (Mamatha Inamdar) [RHEL-58802] +- crypto: powerpc/p10-aes-gcm - Add dependency on CRYPTO_SIMDand re-enable CRYPTO_AES_GCM_P10 (Mamatha Inamdar) [RHEL-58802] +- crypto: powerpc/p10-aes-gcm - Register modules as SIMD (Mamatha Inamdar) [RHEL-58802] +- crypto: powerpc/p10-aes-gcm - Re-write AES/GCM stitched implementation (Mamatha Inamdar) [RHEL-58802] +- crypto: powerpc/p10-aes-gcm - Disable CRYPTO_AES_GCM_P10 (Mamatha Inamdar) [RHEL-58802] +- Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (CKI Backport Bot) [RHEL-72291] {CVE-2024-56604} +- Bluetooth: hci_event: Fix using rcu_read_(un)lock while iterating (CKI Backport Bot) [RHEL-72255] {CVE-2024-56654} +- zram: fix NULL pointer in comp_algorithm_show() (Ming Lei) [RHEL-72367] {CVE-2024-53222} +- brd: defer automatic disk creation until module initialization succeeds (Ming Lei) [RHEL-72386] {CVE-2024-56693} +- block, bfq: fix bfqq uaf in bfq_limit_depth() (Ming Lei) [RHEL-72358] {CVE-2024-53166} +- s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (Mete Durlu) [RHEL-74381] +- redhat: Add python3-docutils for selftests build dependency (Julio Faracco) [RHEL-74391] +- mm/vmscan: wake up flushers conditionally to avoid cgroup OOM (Waiman Long) [RHEL-72577] +- mm/mglru: Revert 'Revert "don't sync disk for each aging cycle"' (Waiman Long) [RHEL-72577] +- SUNRPC: make sure cache entry active before cache_show (Olga Kornievskaia) [RHEL-72340] {CVE-2024-53174} +- powerpc/pseries/iommu: Don't unset window if it was never set (Mamatha Inamdar) [RHEL-74049] +- NFSD: Prevent a potential integer overflow (Olga Kornievskaia) [RHEL-72114] {CVE-2024-53146} +- nfsd: make sure exp active before svc_export_show (Olga Kornievskaia) [RHEL-72249] {CVE-2024-56558} +- tools/rtla: Use pkg-config in lib_setup of Makefile.config (Luis Claudio R. Goncalves) [RHEL-69738] +- tracing: Remove extra space at the end of hwlat_detector/mode (Luis Claudio R. Goncalves) [RHEL-69738] +- trace/hwlat: Do not wipe the contents of per-cpu thread data (Luis Claudio R. Goncalves) [RHEL-69738] +- trace/hwlat: Do not start per-cpu thread if it is already running (Luis Claudio R. Goncalves) [RHEL-69738] +- trace/hwlat: make use of the helper function kthread_run_on_cpu() (Luis Claudio R. Goncalves) [RHEL-69738] +- tracing/hwlat: Make some internal symbols static (Luis Claudio R. Goncalves) [RHEL-69738] +- tools/rtla: Improve exception handling in timerlat_load.py (Luis Claudio R. Goncalves) [RHEL-69738] +- tools/rtla: Enhance argument parsing in timerlat_load.py (Luis Claudio R. Goncalves) [RHEL-69738] +- tools/rtla: Improve code readability in timerlat_load.py (Luis Claudio R. Goncalves) [RHEL-69738] +- rtla/timerlat: Do not set params->user_workload with -U (Luis Claudio R. Goncalves) [RHEL-69738] +- tools/rtla: fix collision with glibc sched_attr/sched_set_attr (Luis Claudio R. Goncalves) [RHEL-69738] +- tools/rtla: drop __NR_sched_getattr (Luis Claudio R. Goncalves) [RHEL-69738] +- rtla: Fix consistency in getopt_long for timerlat_hist (Luis Claudio R. Goncalves) [RHEL-69738] +- rtla: use the definition for stdout fd when calling isatty() (Luis Claudio R. Goncalves) [RHEL-69738] +- rtla: Fix the help text in osnoise and timerlat top tools (Luis Claudio R. Goncalves) [RHEL-69738] +- tools/rtla: Fix installation from out-of-tree build (Luis Claudio R. Goncalves) [RHEL-69738] +- rtla/osnoise: Prevent NULL dereference in error handling (Luis Claudio R. Goncalves) [RHEL-69738] {CVE-2024-45002} +- rtla/timerlat: Make user-space threads the default (Luis Claudio R. Goncalves) [RHEL-69738] +- bpf, sockmap: Fix race between element replace and close() (Felix Maurer) [RHEL-68071 RHEL-72246] {CVE-2024-56664} +- xsk: Free skb when TX metadata options are invalid (Felix Maurer) [RHEL-40153 RHEL-68071] +- xsk: always clear DMA mapping information when unmapping the pool (Felix Maurer) [RHEL-68071] +- bpf: fix OOB devmap writes when deleting elements (Felix Maurer) [RHEL-68071] +- xsk: fix OOB map writes when deleting elements (Felix Maurer) [RHEL-68071 RHEL-72252] {CVE-2024-56614} +- tcp_bpf: fix return value of tcp_bpf_sendmsg() (Felix Maurer) [RHEL-59445 RHEL-68071] {CVE-2024-46783} +- bpf: Remove tst_run from lwt_seg6local_prog_ops. (Felix Maurer) [RHEL-59341 RHEL-68071] {CVE-2024-46754} +- ice: implement low latency PHY timer updates (Petr Oros) [RHEL-25338] +- ice: check low latency PHY timer update firmware capability (Petr Oros) [RHEL-25338] +- ice: add lock to protect low latency interface (Petr Oros) [RHEL-25338] +- ice: rename TS_LL_READ* macros to REG_LL_PROXY_H_* (Petr Oros) [RHEL-25338] +- ice: use read_poll_timeout_atomic in ice_read_phy_tstamp_ll_e810 (Petr Oros) [RHEL-25338] +- tpm_tis_spi: Add compatible string atmel,attpm20p (Štěpán Horáček) [RHEL-52747] +- libstub,tpm: do not ignore failure case when reading final event log (Štěpán Horáček) [RHEL-52747] +- tpm: fix unsigned/signed mismatch errors related to __calc_tpm2_event_size (Štěpán Horáček) [RHEL-52747] +- tpm: do not ignore memblock_reserve return value (Štěpán Horáček) [RHEL-52747] +- tpm: fix signed/unsigned bug when checking event logs (Štěpán Horáček) [RHEL-52747] +- tpm: Lock TPM chip in tpm_pm_suspend() first (Štěpán Horáček) [RHEL-68209] {CVE-2024-53085} +- tpm: Clean up TPM space after command failure (Štěpán Horáček) [RHEL-63357] {CVE-2024-49851} +- efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (Štěpán Horáček) [RHEL-52747] +- char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (Štěpán Horáček) [RHEL-52747] +- tpm_tis_spi: add missing attpm20p SPI device ID entry (Štěpán Horáček) [RHEL-52747] +- KEYS: trusted: Do not use WARN when encode fails (Štěpán Horáček) [RHEL-52747] +- KEYS: trusted: tpm2: Use struct tpm_buf for sized buffers (Štěpán Horáček) [RHEL-52747] +- tpm: Add tpm_buf_read_{u8,u16,u32} (Štěpán Horáček) [RHEL-52747] +- tpm: TPM2B formatted buffers (Štěpán Horáček) [RHEL-52747] +- tpm: Store the length of the tpm_buf data separately. (Štěpán Horáček) [RHEL-52747] +- tpm: Update struct tpm_buf documentation comments (Štěpán Horáček) [RHEL-52747] +- tpm: Move buffer handling from static inlines to real functions (Štěpán Horáček) [RHEL-52747] +- tpm: Remove tpm_send() (Štěpán Horáček) [RHEL-52747] +- tpm: Remove unused tpm_buf_tag() (Štěpán Horáček) [RHEL-52747] +- tpm/eventlog: remove redundant assignment to variabel ret (Štěpán Horáček) [RHEL-52747] +- smb: client: fix TCP timers deadlock after rmmod (Paulo Alcantara) [RHEL-73657] {CVE-2024-54680} +- nvmet: Don't overflow subsysnqn (CKI Backport Bot) [RHEL-74081] {CVE-2024-53681} +- PCI: Wait for Link before restoring Downstream Buses (Myron Stowe) [RHEL-71363] +- PCI: Use an error code with PCIe failed link retraining (Myron Stowe) [RHEL-71363] +- PCI: Correct error reporting with PCIe failed link retraining (Myron Stowe) [RHEL-71363] +- PCI: Revert to the original speed after PCIe failed link retraining (Myron Stowe) [RHEL-71363] +- PCI: Clear the LBMS bit after a link retrain (Myron Stowe) [RHEL-71363] +- PCI: Wait for device readiness with Configuration RRS (Myron Stowe) [RHEL-71363] +- s390/pci: Add pci_msg debug view to PCI report (Mete Durlu) [RHEL-50792] +- s390/debug: Add a reverse mode for debug_dump() (Mete Durlu) [RHEL-50792] +- s390/debug: Add debug_dump() to write debug view to a string buffer (Mete Durlu) [RHEL-50792] +- s390/debug: Split private data alloc/free out of file operations (Mete Durlu) [RHEL-50792] +- s390/debug: Simplify and document debug_next_entry() logic (Mete Durlu) [RHEL-50792] +- s390/pci: Report PCI error recovery results via SCLP (Mete Durlu) [RHEL-50792] +- s390/debug: Pass in and enforce output buffer size for format handlers (Mete Durlu) [RHEL-50792] +- s390/sclp: Allow user-space to provide PCI reports for optical modules (Mete Durlu) [RHEL-71265] +- Enable peer to peer DMA for ROCm (Mika Penttilä) [RHEL-9998] +- pinmux: Use sequential access to access desc->pinmux data (David Arcari) [RHEL-73715] {CVE-2024-47141} +- block: Prevent potential deadlocks in zone write plug error recovery (Ming Lei) [RHEL-71498] +- dm: Fix dm-zoned-reclaim zone write pointer alignment (Ming Lei) [RHEL-71498] +- block: Ignore REQ_NOWAIT for zone reset and zone finish operations (Ming Lei) [RHEL-71498] +- block: Use a zone write plug BIO work for REQ_NOWAIT BIOs (Ming Lei) [RHEL-71498] +- block: Prevent potential deadlock in blk_revalidate_disk_zones() (Ming Lei) [RHEL-71498] +- block: Switch to using refcount_t for zone write plugs (Ming Lei) [RHEL-71498] +- block: Add a public bdev_zone_is_seq() helper (Ming Lei) [RHEL-71498] +- block: RCU protect disk->conv_zones_bitmap (Ming Lei) [RHEL-71498] +- MAINTAINERS: Make Kristen Accardi the IAA crypto driver maintainer (Vladis Dronov) [RHEL-49539] +- crypto: iaa - Remove potential infinite loop in check_completion() (Vladis Dronov) [RHEL-49539] +- crypto: iaa - Fix potential use after free bug (Vladis Dronov) [RHEL-49539] +- crypto: iaa - Use kmemdup() instead of kzalloc() and memcpy() (Vladis Dronov) [RHEL-49539] +- crypto: iaa - Use cpumask_weight() when rebalancing (Vladis Dronov) [RHEL-49539] +- crypto: iaa - Fix some errors in IAA documentation (Vladis Dronov) [RHEL-49539] +- crypto: iaa - Change iaa statistics to atomic64_t (Vladis Dronov) [RHEL-49539] +- crypto: iaa - Add global_stats file and remove individual stat files (Vladis Dronov) [RHEL-49539] +- crypto: iaa - Remove comp/decomp delay statistics (Vladis Dronov) [RHEL-49539] +- crypto: iaa - fix decomp_bytes_in stats (Vladis Dronov) [RHEL-49539] +- cppc_cpufreq: Remove HiSilicon CPPC workaround (Mark Langsdorf) [RHEL-65441] +- cppc_cpufreq: Use desired perf if feedback ctrs are 0 or unchanged (Mark Langsdorf) [RHEL-65441] +- nbd: fix partial sending (Ming Lei) [RHEL-64338] +- kernel.spec: perf: fix C++ demangle support (Michael Petlan) [RHEL-69463] +- mptcp: fix TCP options overflow. (CKI Backport Bot) [RHEL-73516] +- Bluetooth: btusb: add Foxconn 0xe0fc for Qualcomm WCN785x (CKI Backport Bot) [RHEL-70424] +- netfilter: nft_socket: remove WARN_ON_ONCE on maximum cgroup level (CKI Backport Bot) [RHEL-73350] {CVE-2024-56783} +- SUNRPC: timeout and cancel TLS handshake with -ETIMEDOUT (Benjamin Coddington) [RHEL-67304] +- netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext (CKI Backport Bot) [RHEL-73708] +- netfilter: nft_set_hash: skip duplicated elements pending gc run (CKI Backport Bot) [RHEL-73708] +- netfilter: nft_inner: incorrect percpu area handling under softirq (CKI Backport Bot) [RHEL-73708] +- netfilter: x_tables: fix LED ID check in led_tg_check() (CKI Backport Bot) [RHEL-73708] +- netfilter: ipset: add missing range check in bitmap_ip_uadt (CKI Backport Bot) [RHEL-73708] +- netfilter: nf_tables: must hold rcu read lock while iterating object type list (CKI Backport Bot) [RHEL-73708] +- netfilter: nf_tables: must hold rcu read lock while iterating expression type list (CKI Backport Bot) [RHEL-73708] +- netfilter: fib: check correct rtable in vrf setups (CKI Backport Bot) [RHEL-73708] +- netfilter: allow ipv6 fragments to arrive on different devices (CKI Backport Bot) [RHEL-73708] +- netfilter: ctnetlink: support CTA_FILTER for flush (CKI Backport Bot) [RHEL-73708] +- netfilter: nfnetlink: convert kfree_skb to consume_skb (CKI Backport Bot) [RHEL-73708] +- netfilter: conntrack: fix ct-state for ICMPv6 Multicast Router Discovery (CKI Backport Bot) [RHEL-73708] +- netfilter: nf_tables: skip transaction if update object is not implemented (CKI Backport Bot) [RHEL-73708] +- netfilter: ip6_tables: zero-initialize fragment offset (CKI Backport Bot) [RHEL-73708] +- fadump: reserve param area if below boot_mem_top (Mamatha Inamdar) [RHEL-73120] +- powerpc/fadump: allocate memory for additional parameters early (Mamatha Inamdar) [RHEL-73120] +- Bluetooth: btusb: mediatek: change the conditions for ISO interface (Bastien Nocera) [RHEL-72839] +- Bluetooth: btusb: mediatek: add intf release flow when usb disconnect (Bastien Nocera) [RHEL-72839] {CVE-2024-56757} +- Bluetooth: btusb: mediatek: add callback function in btusb_disconnect (Bastien Nocera) [RHEL-72839] +- Bluetooth: btusb: mediatek: move Bluetooth power off command position (Bastien Nocera) [RHEL-72839] + * Wed Jan 22 2025 Rado Vrbovsky [5.14.0-554.el9] - ALSA: configuration update for 9.6 (Jaroslav Kysela) [RHEL-60915] - pinctrl: cs42l43: use new pinctrl_gpio_direction_input and pinctrl_gpio_direction_output fcns (Jaroslav Kysela) [RHEL-60915] diff --git a/sources b/sources index 0299fffc8..babc9a3a4 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-5.14.0-554.el9.tar.xz) = 7a2d7d056eb2be03db5faa3af6350a81bb5c0bdbcc4091092bc207d936e192bb2da60574d636efe01697cecbbf2ddc432f5276c2d93342ce643974ebfa7d316e -SHA512 (kernel-abi-stablelists-5.14.0-554.el9.tar.bz2) = a7d200e3a49b3dc879ee6079a8c8de3c511ee1d160d992d96b597fcb991dd09bb7d5691f67cc700c740d2d9a52f1ccaa61ff38bb251beecf7b68b253c4107d53 -SHA512 (kernel-kabi-dw-5.14.0-554.el9.tar.bz2) = 3d08f838767b27b87724fed347ce3be63fce15e5eded0576121c474d14db4a6d07895b350c635e343d5522ac237dfd982d1f39b8480c4129f4eb79f6a64115cb +SHA512 (linux-5.14.0-555.el9.tar.xz) = b71620266dde4d17414f2cf1ceebfc4222c3d4bb9208b2f58545f1f72028ce62d948776b65aa0d2f9d9569eef3d94321f5e6962efd459ddd2774e0f4f8baddcf +SHA512 (kernel-abi-stablelists-5.14.0-555.el9.tar.bz2) = 9c988149cd76d3c2314949ad3f97a2f91d6d5433f1d4ef8f37bb6305b3d911aed777f1993c06f1d67c0690ee1f5a422ff8143e172d261a11ffb3edc4b3967a49 +SHA512 (kernel-kabi-dw-5.14.0-555.el9.tar.bz2) = 3d08f838767b27b87724fed347ce3be63fce15e5eded0576121c474d14db4a6d07895b350c635e343d5522ac237dfd982d1f39b8480c4129f4eb79f6a64115cb