From f7e065dccd48d3c8c7606363b6c7f93f2c90db5d Mon Sep 17 00:00:00 2001 From: Lucas Zampieri Date: Tue, 20 Aug 2024 12:56:10 +0000 Subject: [PATCH] kernel-5.14.0-501.el9 * Tue Aug 20 2024 Lucas Zampieri [5.14.0-501.el9] - x86/bhi: Avoid warning in #DB handler due to BHI mitigation (Waiman Long) [RHEL-53662 RHEL-53665] {CVE-2024-42240} - redhat: Fix the ownership of /lib/modules/ directory (Vitaly Kuznetsov) [RHEL-21034] - move ownership of /lib/modules// to kernel-core (Thorsten Leemhuis) [RHEL-21034] - KVM: guest_memfd: let kvm_gmem_populate() operate only on private gfns (Paolo Bonzini) [RHEL-32435] - KVM: extend kvm_range_has_memory_attributes() to check subset of attributes (Paolo Bonzini) [RHEL-32435] - KVM: cleanup and add shortcuts to kvm_range_has_memory_attributes() (Paolo Bonzini) [RHEL-32435] - KVM: guest_memfd: move check for already-populated page to common code (Paolo Bonzini) [RHEL-32435] - KVM: remove kvm_arch_gmem_prepare_needed() (Paolo Bonzini) [RHEL-32435] - KVM: guest_memfd: make kvm_gmem_prepare_folio() operate on a single struct kvm (Paolo Bonzini) [RHEL-32435] - KVM: guest_memfd: delay kvm_gmem_prepare_folio() until the memory is passed to the guest (Paolo Bonzini) [RHEL-32435] - KVM: guest_memfd: return locked folio from __kvm_gmem_get_pfn (Paolo Bonzini) [RHEL-32435] - KVM: rename CONFIG_HAVE_KVM_GMEM_* to CONFIG_HAVE_KVM_ARCH_GMEM_* (Paolo Bonzini) [RHEL-32435] - KVM: guest_memfd: do not go through struct page (Paolo Bonzini) [RHEL-32435] - KVM: guest_memfd: delay folio_mark_uptodate() until after successful preparation (Paolo Bonzini) [RHEL-32435] - KVM: guest_memfd: return folio from __kvm_gmem_get_pfn() (Paolo Bonzini) [RHEL-32435] - KVM: x86: Eliminate log spam from limited APIC timer periods (Paolo Bonzini) [RHEL-32435] - KVM: SVM: Use sev_es_host_save_area() helper when initializing tsc_aux (Paolo Bonzini) [RHEL-32435] - KVM: SVM: Force sev_es_host_save_area() to be inlined (for noinstr usage) (Paolo Bonzini) [RHEL-32435] - KVM: SVM: Consider NUMA affinity when allocating per-CPU save_area (Paolo Bonzini) [RHEL-32435] - KVM: SVM: not account memory allocation for per-CPU svm_data (Paolo Bonzini) [RHEL-32435] - KVM: SVM: remove useless input parameter in snp_safe_alloc_page (Paolo Bonzini) [RHEL-32435] - KVM: Validate hva in kvm_gpc_activate_hva() to fix __kvm_gpc_refresh() WARN (Paolo Bonzini) [RHEL-32435] - KVM: interrupt kvm_gmem_populate() on signals (Paolo Bonzini) [RHEL-32435] - KVM: Stop processing *all* memslots when "null" mmu_notifier handler is found (Paolo Bonzini) [RHEL-32435] - KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (Paolo Bonzini) [RHEL-32435] - KVM: selftests: x86: Prioritize getting max_gfn from GuestPhysBits (Paolo Bonzini) [RHEL-32435] - KVM: selftests: Fix shift of 32 bit unsigned int more than 32 bits (Paolo Bonzini) [RHEL-32435] - KVM: Discard zero mask with function kvm_dirty_ring_reset (Paolo Bonzini) [RHEL-32435] - virt: guest_memfd: fix reference leak on hwpoisoned page (Paolo Bonzini) [RHEL-32435] - kvm: do not account temporary allocations to kmem (Paolo Bonzini) [RHEL-32435] - KVM: x86: Always sync PIR to IRR prior to scanning I/O APIC routes (Paolo Bonzini) [RHEL-32435] - KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked (Paolo Bonzini) [RHEL-32435] - net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (Myron Stowe) [RHEL-51754] {CVE-2024-42110} - Disable NVGRACE_GPU_VFIO_PCI CONFIG for now (Donald Dutile) [RHEL-36542] - vfio/nvgrace-gpu: Convey kvm to map device memory region as noncached (Donald Dutile) [RHEL-36544] - vfio: Convey kvm that the vfio-pci device is wc safe (Donald Dutile) [RHEL-36543] - vfio/nvgrace-gpu: Add vfio pci variant module for grace hopper (Donald Dutile) [RHEL-36542] - x86/bugs: Extend VMware Retbleed workaround to Nehalem & earlier CPUs (Waiman Long) [RHEL-48649] - ata: libata-core: Add ATA_HORKAGE_NOLPM for Apacer AS340 (Ewan D. Milne) [RHEL-23829] - ata: libata-core: Add ATA_HORKAGE_NOLPM for AMD Radeon S3 SSD (Ewan D. Milne) [RHEL-23829] - ata: libata-core: Add ATA_HORKAGE_NOLPM for Crucial CT240BX500SSD1 (Ewan D. Milne) [RHEL-23829] - ata: ahci: Do not apply Intel PCS quirk on Intel Alder Lake (Ewan D. Milne) [RHEL-23829] - ata: libata-core: Allow command duration limits detection for ACS-4 drives (Ewan D. Milne) [RHEL-23829] - ata: ahci: Add mask_port_map module parameter (Ewan D. Milne) [RHEL-23829] - scsi: ata: libata-sata: Factor out NCQ Priority configuration helpers (Ewan D. Milne) [RHEL-23829] - ahci: asm1064: asm1166: don't limit reported ports (Ewan D. Milne) [RHEL-23829] - ahci: print the number of implemented ports (Ewan D. Milne) [RHEL-23829] - ahci: asm1064: correct count of reported ports (Ewan D. Milne) [RHEL-23829] - ahci: rename board_ahci_nomsi (Ewan D. Milne) [RHEL-23829] - ahci: drop unused board_ahci_noncq (Ewan D. Milne) [RHEL-23829] - ahci: clean up ahci_broken_devslp quirk (Ewan D. Milne) [RHEL-23829] - ahci: rename board_ahci_nosntf (Ewan D. Milne) [RHEL-23829] - ahci: clean up intel_pcs_quirk (Ewan D. Milne) [RHEL-23829] - ata: ahci: Drop low power policy board type (Ewan D. Milne) [RHEL-23829] - ata: ahci: do not enable LPM on external ports (Ewan D. Milne) [RHEL-23829] - ata: ahci: drop hpriv param from ahci_update_initial_lpm_policy() (Ewan D. Milne) [RHEL-23829] - ata: ahci: a hotplug capable port is an external port (Ewan D. Milne) [RHEL-23829] - ata: ahci: move marking of external port earlier (Ewan D. Milne) [RHEL-23829] - ahci: Extend ASM1061 43-bit DMA address quirk to other ASM106x parts (Ewan D. Milne) [RHEL-23829] - ahci: add 43-bit DMA address quirk for ASMedia ASM1061 controllers (Ewan D. Milne) [RHEL-23829] - ahci: asm1166: correct count of reported ports (Ewan D. Milne) [RHEL-23829] - ata: libata-sata: improve sysfs description for ATA_LPM_UNKNOWN (Ewan D. Milne) [RHEL-23829] - scsi: sd: Fix system start for ATA devices (Ewan D. Milne) [RHEL-23829] - scsi: Change SCSI device boolean fields to single bit flags (Ewan D. Milne) [RHEL-23829] - scsi: sd: Introduce manage_shutdown device flag (Ewan D. Milne) [RHEL-23829] - ata: libata-eh: Spinup disk on resume after revalidation (Ewan D. Milne) [RHEL-23829] - ata: xgene: Use of_device_get_match_data() (Ewan D. Milne) [RHEL-23829] - scsi: Remove scsi device no_start_on_resume flag (Ewan D. Milne) [RHEL-23829] - scsi: sd: Do not issue commands to suspended disks on shutdown (Ewan D. Milne) [RHEL-23829] - ata: libata: Annotate struct ata_cpr_log with __counted_by (Ewan D. Milne) [RHEL-23829] - ata: libata-scsi: Disable scsi device manage_system_start_stop (Ewan D. Milne) [RHEL-23829] - scsi: sd: Differentiate system and runtime start/stop management (Ewan D. Milne) [RHEL-23829] - ata: libata-scsi: link ata port and scsi device (Ewan D. Milne) [RHEL-23829] - ata: libata-core: Fix port and device removal (Ewan D. Milne) [RHEL-23829] - ata: libata-sata: increase PMP SRST timeout to 10s (Ewan D. Milne) [RHEL-23829] - scsi: core: ata: Do no try to probe for CDL on old drives (Ewan D. Milne) [RHEL-23829] - ata: libata-core: fetch sense data for successful commands iff CDL enabled (Ewan D. Milne) [RHEL-23829] - ata: ahci_xgene: fix parameter types of xgene_ahci_poll_reg_val() (Ewan D. Milne) [RHEL-23829] - ata: libata: fix parameter type of ata_deadline() (Ewan D. Milne) [RHEL-23829] - ata,scsi: do not issue START STOP UNIT on resume (Ewan D. Milne) [RHEL-23829] - ata: libata-core: fix when to fetch sense data for successful commands (Ewan D. Milne) [RHEL-23829] - scsi: ata: libata-scsi: Fix ata_msense_control kdoc comment (Ewan D. Milne) [RHEL-23829] - scsi: ata: libata: Handle completion of CDL commands using policy 0xD (Ewan D. Milne) [RHEL-23829] - scsi: ata: libata: Set read/write commands CDL index (Ewan D. Milne) [RHEL-23829] - scsi: ata: libata: Add ATA feature control sub-page translation (Ewan D. Milne) [RHEL-23829] - scsi: ata: libata-scsi: Add support for CDL pages mode sense (Ewan D. Milne) [RHEL-23829] - scsi: ata: libata-scsi: Handle CDL bits in ata_scsiop_maint_in() (Ewan D. Milne) [RHEL-23829] - scsi: ata: libata: Detect support for command duration limits (Ewan D. Milne) [RHEL-23829] - scsi: ata: libata: Change ata_eh_request_sense() to not set CHECK_CONDITION (Ewan D. Milne) [RHEL-23829] - ata: Use of_property_present() for testing DT property presence (Ewan D. Milne) [RHEL-23829] - ata: ahci: Rename CONFIG_SATA_LPM_POLICY configuration item back (Ewan D. Milne) [RHEL-23829] - ata: ahci: Rename CONFIG_SATA_LPM_MOBILE_POLICY configuration item (Ewan D. Milne) [RHEL-23829] - virt: efi_secret: Convert to platform remove callback returning void (Lenny Szubowicz) [RHEL-30322] - efi/libstub: Add get_event_log() support for CC platforms (Lenny Szubowicz) [RHEL-30322] - efi/libstub: Measure into CC protocol if TCG2 protocol is absent (Lenny Szubowicz) [RHEL-30322] - efi/libstub: Add Confidential Computing (CC) measurement typedefs (Lenny Szubowicz) [RHEL-30322] - efi/tpm: Use symbolic GUID name from spec for final events table (Lenny Szubowicz) [RHEL-30322] - efi/libstub: Use TPM event typedefs from the TCG PC Client spec (Lenny Szubowicz) [RHEL-30322] Resolves: RHEL-21034, RHEL-23829, RHEL-30322, RHEL-32435, RHEL-36542, RHEL-36543, RHEL-36544, RHEL-48649, RHEL-51754, RHEL-53662, RHEL-53665 Signed-off-by: Lucas Zampieri --- Makefile.rhelver | 2 +- kernel-aarch64-64k-debug-rhel.config | 1 + kernel-aarch64-64k-rhel.config | 1 + kernel-aarch64-debug-rhel.config | 1 + kernel-aarch64-rhel.config | 1 + kernel-aarch64-rt-debug-rhel.config | 1 + kernel-aarch64-rt-rhel.config | 1 + kernel-ppc64le-debug-rhel.config | 1 + kernel-ppc64le-rhel.config | 1 + kernel-s390x-debug-rhel.config | 1 + kernel-s390x-rhel.config | 1 + kernel-s390x-zfcpdump-rhel.config | 1 + kernel-x86_64-debug-rhel.config | 1 + kernel-x86_64-rhel.config | 1 + kernel-x86_64-rt-debug-rhel.config | 1 + kernel-x86_64-rt-rhel.config | 1 + kernel.changelog | 101 ++++++++++++++++++++++++ kernel.spec | 112 ++++++++++++++++++++++++++- sources | 6 +- 19 files changed, 228 insertions(+), 8 deletions(-) diff --git a/Makefile.rhelver b/Makefile.rhelver index fe3a44354..2db5e9ac8 100644 --- a/Makefile.rhelver +++ b/Makefile.rhelver @@ -12,7 +12,7 @@ RHEL_MINOR = 5 # # Use this spot to avoid future merge conflicts. # Do not trim this comment. -RHEL_RELEASE = 500 +RHEL_RELEASE = 501 # # ZSTREAM diff --git a/kernel-aarch64-64k-debug-rhel.config b/kernel-aarch64-64k-debug-rhel.config index db10d3e2c..b0b2837f8 100644 --- a/kernel-aarch64-64k-debug-rhel.config +++ b/kernel-aarch64-64k-debug-rhel.config @@ -4170,6 +4170,7 @@ CONFIG_NUMA=y CONFIG_NVDIMM_DAX=y CONFIG_NVDIMM_PFN=y # CONFIG_NVDIMM_SECURITY_TEST is not set +# CONFIG_NVGRACE_GPU_VFIO_PCI is not set # CONFIG_NVHE_EL2_DEBUG is not set CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y CONFIG_NVME_AUTH=m diff --git a/kernel-aarch64-64k-rhel.config b/kernel-aarch64-64k-rhel.config index 7a1556a81..202a4f4a3 100644 --- a/kernel-aarch64-64k-rhel.config +++ b/kernel-aarch64-64k-rhel.config @@ -4149,6 +4149,7 @@ CONFIG_NUMA=y CONFIG_NVDIMM_DAX=y CONFIG_NVDIMM_PFN=y # CONFIG_NVDIMM_SECURITY_TEST is not set +# CONFIG_NVGRACE_GPU_VFIO_PCI is not set # CONFIG_NVHE_EL2_DEBUG is not set CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y CONFIG_NVME_AUTH=m diff --git a/kernel-aarch64-debug-rhel.config b/kernel-aarch64-debug-rhel.config index 63cb4e65a..df687dbd7 100644 --- a/kernel-aarch64-debug-rhel.config +++ b/kernel-aarch64-debug-rhel.config @@ -4167,6 +4167,7 @@ CONFIG_NUMA=y CONFIG_NVDIMM_DAX=y CONFIG_NVDIMM_PFN=y # CONFIG_NVDIMM_SECURITY_TEST is not set +# CONFIG_NVGRACE_GPU_VFIO_PCI is not set # CONFIG_NVHE_EL2_DEBUG is not set CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y CONFIG_NVME_AUTH=m diff --git a/kernel-aarch64-rhel.config b/kernel-aarch64-rhel.config index 047b9ec2d..82722be84 100644 --- a/kernel-aarch64-rhel.config +++ b/kernel-aarch64-rhel.config @@ -4146,6 +4146,7 @@ CONFIG_NUMA=y CONFIG_NVDIMM_DAX=y CONFIG_NVDIMM_PFN=y # CONFIG_NVDIMM_SECURITY_TEST is not set +# CONFIG_NVGRACE_GPU_VFIO_PCI is not set # CONFIG_NVHE_EL2_DEBUG is not set CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y CONFIG_NVME_AUTH=m diff --git a/kernel-aarch64-rt-debug-rhel.config b/kernel-aarch64-rt-debug-rhel.config index 890013a0a..d9552b791 100644 --- a/kernel-aarch64-rt-debug-rhel.config +++ b/kernel-aarch64-rt-debug-rhel.config @@ -4238,6 +4238,7 @@ CONFIG_NUMA=y CONFIG_NVDIMM_DAX=y CONFIG_NVDIMM_PFN=y # CONFIG_NVDIMM_SECURITY_TEST is not set +# CONFIG_NVGRACE_GPU_VFIO_PCI is not set # CONFIG_NVHE_EL2_DEBUG is not set CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y CONFIG_NVME_AUTH=m diff --git a/kernel-aarch64-rt-rhel.config b/kernel-aarch64-rt-rhel.config index fd0e2a623..a5ea75f63 100644 --- a/kernel-aarch64-rt-rhel.config +++ b/kernel-aarch64-rt-rhel.config @@ -4217,6 +4217,7 @@ CONFIG_NUMA=y CONFIG_NVDIMM_DAX=y CONFIG_NVDIMM_PFN=y # CONFIG_NVDIMM_SECURITY_TEST is not set +# CONFIG_NVGRACE_GPU_VFIO_PCI is not set # CONFIG_NVHE_EL2_DEBUG is not set CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y CONFIG_NVME_AUTH=m diff --git a/kernel-ppc64le-debug-rhel.config b/kernel-ppc64le-debug-rhel.config index fafbb0cf2..b2719d7a6 100644 --- a/kernel-ppc64le-debug-rhel.config +++ b/kernel-ppc64le-debug-rhel.config @@ -3814,6 +3814,7 @@ CONFIG_NUMA=y CONFIG_NVDIMM_DAX=y CONFIG_NVDIMM_PFN=y # CONFIG_NVDIMM_SECURITY_TEST is not set +# CONFIG_NVGRACE_GPU_VFIO_PCI is not set CONFIG_NVME_AUTH=m CONFIG_NVME_FC=m CONFIG_NVME_HOST_AUTH=y diff --git a/kernel-ppc64le-rhel.config b/kernel-ppc64le-rhel.config index 75e03b82d..0c3b101d2 100644 --- a/kernel-ppc64le-rhel.config +++ b/kernel-ppc64le-rhel.config @@ -3794,6 +3794,7 @@ CONFIG_NUMA=y CONFIG_NVDIMM_DAX=y CONFIG_NVDIMM_PFN=y # CONFIG_NVDIMM_SECURITY_TEST is not set +# CONFIG_NVGRACE_GPU_VFIO_PCI is not set CONFIG_NVME_AUTH=m CONFIG_NVME_FC=m CONFIG_NVME_HOST_AUTH=y diff --git a/kernel-s390x-debug-rhel.config b/kernel-s390x-debug-rhel.config index 0c5ea12b8..ab2717e81 100644 --- a/kernel-s390x-debug-rhel.config +++ b/kernel-s390x-debug-rhel.config @@ -3800,6 +3800,7 @@ CONFIG_NUMA=y CONFIG_NVDIMM_DAX=y CONFIG_NVDIMM_PFN=y # CONFIG_NVDIMM_SECURITY_TEST is not set +# CONFIG_NVGRACE_GPU_VFIO_PCI is not set CONFIG_NVME_AUTH=m CONFIG_NVME_FC=m CONFIG_NVME_HOST_AUTH=y diff --git a/kernel-s390x-rhel.config b/kernel-s390x-rhel.config index c2a84b29c..cece3d1c9 100644 --- a/kernel-s390x-rhel.config +++ b/kernel-s390x-rhel.config @@ -3780,6 +3780,7 @@ CONFIG_NUMA=y CONFIG_NVDIMM_DAX=y CONFIG_NVDIMM_PFN=y # CONFIG_NVDIMM_SECURITY_TEST is not set +# CONFIG_NVGRACE_GPU_VFIO_PCI is not set CONFIG_NVME_AUTH=m CONFIG_NVME_FC=m CONFIG_NVME_HOST_AUTH=y diff --git a/kernel-s390x-zfcpdump-rhel.config b/kernel-s390x-zfcpdump-rhel.config index 5ba74e4f4..8ae6c8f04 100644 --- a/kernel-s390x-zfcpdump-rhel.config +++ b/kernel-s390x-zfcpdump-rhel.config @@ -3794,6 +3794,7 @@ CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y CONFIG_NVDIMM_DAX=y CONFIG_NVDIMM_PFN=y # CONFIG_NVDIMM_SECURITY_TEST is not set +# CONFIG_NVGRACE_GPU_VFIO_PCI is not set CONFIG_NVME_AUTH=m # CONFIG_NVME_FC is not set CONFIG_NVME_HOST_AUTH=y diff --git a/kernel-x86_64-debug-rhel.config b/kernel-x86_64-debug-rhel.config index a5ce061b1..5cdc6048e 100644 --- a/kernel-x86_64-debug-rhel.config +++ b/kernel-x86_64-debug-rhel.config @@ -4011,6 +4011,7 @@ CONFIG_NUMA=y CONFIG_NVDIMM_DAX=y CONFIG_NVDIMM_PFN=y # CONFIG_NVDIMM_SECURITY_TEST is not set +# CONFIG_NVGRACE_GPU_VFIO_PCI is not set CONFIG_NVIDIA_WMI_EC_BACKLIGHT=m CONFIG_NVME_AUTH=m CONFIG_NVME_FC=m diff --git a/kernel-x86_64-rhel.config b/kernel-x86_64-rhel.config index 093b5a2d4..d4f2a7fb8 100644 --- a/kernel-x86_64-rhel.config +++ b/kernel-x86_64-rhel.config @@ -3991,6 +3991,7 @@ CONFIG_NUMA=y CONFIG_NVDIMM_DAX=y CONFIG_NVDIMM_PFN=y # CONFIG_NVDIMM_SECURITY_TEST is not set +# CONFIG_NVGRACE_GPU_VFIO_PCI is not set CONFIG_NVIDIA_WMI_EC_BACKLIGHT=m CONFIG_NVME_AUTH=m CONFIG_NVME_FC=m diff --git a/kernel-x86_64-rt-debug-rhel.config b/kernel-x86_64-rt-debug-rhel.config index d7aade64b..a9d56d24a 100644 --- a/kernel-x86_64-rt-debug-rhel.config +++ b/kernel-x86_64-rt-debug-rhel.config @@ -4080,6 +4080,7 @@ CONFIG_NUMA=y CONFIG_NVDIMM_DAX=y CONFIG_NVDIMM_PFN=y # CONFIG_NVDIMM_SECURITY_TEST is not set +# CONFIG_NVGRACE_GPU_VFIO_PCI is not set CONFIG_NVIDIA_WMI_EC_BACKLIGHT=m CONFIG_NVME_AUTH=m CONFIG_NVME_FC=m diff --git a/kernel-x86_64-rt-rhel.config b/kernel-x86_64-rt-rhel.config index 0da0149ab..266766328 100644 --- a/kernel-x86_64-rt-rhel.config +++ b/kernel-x86_64-rt-rhel.config @@ -4060,6 +4060,7 @@ CONFIG_NUMA=y CONFIG_NVDIMM_DAX=y CONFIG_NVDIMM_PFN=y # CONFIG_NVDIMM_SECURITY_TEST is not set +# CONFIG_NVGRACE_GPU_VFIO_PCI is not set CONFIG_NVIDIA_WMI_EC_BACKLIGHT=m CONFIG_NVME_AUTH=m CONFIG_NVME_FC=m diff --git a/kernel.changelog b/kernel.changelog index 0f3a00d22..8a718439b 100644 --- a/kernel.changelog +++ b/kernel.changelog @@ -1,3 +1,104 @@ +* Tue Aug 20 2024 Lucas Zampieri [5.14.0-501.el9] +- x86/bhi: Avoid warning in #DB handler due to BHI mitigation (Waiman Long) [RHEL-53662 RHEL-53665] {CVE-2024-42240} +- redhat: Fix the ownership of /lib/modules/ directory (Vitaly Kuznetsov) [RHEL-21034] +- move ownership of /lib/modules// to kernel-core (Thorsten Leemhuis) [RHEL-21034] +- KVM: guest_memfd: let kvm_gmem_populate() operate only on private gfns (Paolo Bonzini) [RHEL-32435] +- KVM: extend kvm_range_has_memory_attributes() to check subset of attributes (Paolo Bonzini) [RHEL-32435] +- KVM: cleanup and add shortcuts to kvm_range_has_memory_attributes() (Paolo Bonzini) [RHEL-32435] +- KVM: guest_memfd: move check for already-populated page to common code (Paolo Bonzini) [RHEL-32435] +- KVM: remove kvm_arch_gmem_prepare_needed() (Paolo Bonzini) [RHEL-32435] +- KVM: guest_memfd: make kvm_gmem_prepare_folio() operate on a single struct kvm (Paolo Bonzini) [RHEL-32435] +- KVM: guest_memfd: delay kvm_gmem_prepare_folio() until the memory is passed to the guest (Paolo Bonzini) [RHEL-32435] +- KVM: guest_memfd: return locked folio from __kvm_gmem_get_pfn (Paolo Bonzini) [RHEL-32435] +- KVM: rename CONFIG_HAVE_KVM_GMEM_* to CONFIG_HAVE_KVM_ARCH_GMEM_* (Paolo Bonzini) [RHEL-32435] +- KVM: guest_memfd: do not go through struct page (Paolo Bonzini) [RHEL-32435] +- KVM: guest_memfd: delay folio_mark_uptodate() until after successful preparation (Paolo Bonzini) [RHEL-32435] +- KVM: guest_memfd: return folio from __kvm_gmem_get_pfn() (Paolo Bonzini) [RHEL-32435] +- KVM: x86: Eliminate log spam from limited APIC timer periods (Paolo Bonzini) [RHEL-32435] +- KVM: SVM: Use sev_es_host_save_area() helper when initializing tsc_aux (Paolo Bonzini) [RHEL-32435] +- KVM: SVM: Force sev_es_host_save_area() to be inlined (for noinstr usage) (Paolo Bonzini) [RHEL-32435] +- KVM: SVM: Consider NUMA affinity when allocating per-CPU save_area (Paolo Bonzini) [RHEL-32435] +- KVM: SVM: not account memory allocation for per-CPU svm_data (Paolo Bonzini) [RHEL-32435] +- KVM: SVM: remove useless input parameter in snp_safe_alloc_page (Paolo Bonzini) [RHEL-32435] +- KVM: Validate hva in kvm_gpc_activate_hva() to fix __kvm_gpc_refresh() WARN (Paolo Bonzini) [RHEL-32435] +- KVM: interrupt kvm_gmem_populate() on signals (Paolo Bonzini) [RHEL-32435] +- KVM: Stop processing *all* memslots when "null" mmu_notifier handler is found (Paolo Bonzini) [RHEL-32435] +- KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (Paolo Bonzini) [RHEL-32435] +- KVM: selftests: x86: Prioritize getting max_gfn from GuestPhysBits (Paolo Bonzini) [RHEL-32435] +- KVM: selftests: Fix shift of 32 bit unsigned int more than 32 bits (Paolo Bonzini) [RHEL-32435] +- KVM: Discard zero mask with function kvm_dirty_ring_reset (Paolo Bonzini) [RHEL-32435] +- virt: guest_memfd: fix reference leak on hwpoisoned page (Paolo Bonzini) [RHEL-32435] +- kvm: do not account temporary allocations to kmem (Paolo Bonzini) [RHEL-32435] +- KVM: x86: Always sync PIR to IRR prior to scanning I/O APIC routes (Paolo Bonzini) [RHEL-32435] +- KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked (Paolo Bonzini) [RHEL-32435] +- net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (Myron Stowe) [RHEL-51754] {CVE-2024-42110} +- Disable NVGRACE_GPU_VFIO_PCI CONFIG for now (Donald Dutile) [RHEL-36542] +- vfio/nvgrace-gpu: Convey kvm to map device memory region as noncached (Donald Dutile) [RHEL-36544] +- vfio: Convey kvm that the vfio-pci device is wc safe (Donald Dutile) [RHEL-36543] +- vfio/nvgrace-gpu: Add vfio pci variant module for grace hopper (Donald Dutile) [RHEL-36542] +- x86/bugs: Extend VMware Retbleed workaround to Nehalem & earlier CPUs (Waiman Long) [RHEL-48649] +- ata: libata-core: Add ATA_HORKAGE_NOLPM for Apacer AS340 (Ewan D. Milne) [RHEL-23829] +- ata: libata-core: Add ATA_HORKAGE_NOLPM for AMD Radeon S3 SSD (Ewan D. Milne) [RHEL-23829] +- ata: libata-core: Add ATA_HORKAGE_NOLPM for Crucial CT240BX500SSD1 (Ewan D. Milne) [RHEL-23829] +- ata: ahci: Do not apply Intel PCS quirk on Intel Alder Lake (Ewan D. Milne) [RHEL-23829] +- ata: libata-core: Allow command duration limits detection for ACS-4 drives (Ewan D. Milne) [RHEL-23829] +- ata: ahci: Add mask_port_map module parameter (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata-sata: Factor out NCQ Priority configuration helpers (Ewan D. Milne) [RHEL-23829] +- ahci: asm1064: asm1166: don't limit reported ports (Ewan D. Milne) [RHEL-23829] +- ahci: print the number of implemented ports (Ewan D. Milne) [RHEL-23829] +- ahci: asm1064: correct count of reported ports (Ewan D. Milne) [RHEL-23829] +- ahci: rename board_ahci_nomsi (Ewan D. Milne) [RHEL-23829] +- ahci: drop unused board_ahci_noncq (Ewan D. Milne) [RHEL-23829] +- ahci: clean up ahci_broken_devslp quirk (Ewan D. Milne) [RHEL-23829] +- ahci: rename board_ahci_nosntf (Ewan D. Milne) [RHEL-23829] +- ahci: clean up intel_pcs_quirk (Ewan D. Milne) [RHEL-23829] +- ata: ahci: Drop low power policy board type (Ewan D. Milne) [RHEL-23829] +- ata: ahci: do not enable LPM on external ports (Ewan D. Milne) [RHEL-23829] +- ata: ahci: drop hpriv param from ahci_update_initial_lpm_policy() (Ewan D. Milne) [RHEL-23829] +- ata: ahci: a hotplug capable port is an external port (Ewan D. Milne) [RHEL-23829] +- ata: ahci: move marking of external port earlier (Ewan D. Milne) [RHEL-23829] +- ahci: Extend ASM1061 43-bit DMA address quirk to other ASM106x parts (Ewan D. Milne) [RHEL-23829] +- ahci: add 43-bit DMA address quirk for ASMedia ASM1061 controllers (Ewan D. Milne) [RHEL-23829] +- ahci: asm1166: correct count of reported ports (Ewan D. Milne) [RHEL-23829] +- ata: libata-sata: improve sysfs description for ATA_LPM_UNKNOWN (Ewan D. Milne) [RHEL-23829] +- scsi: sd: Fix system start for ATA devices (Ewan D. Milne) [RHEL-23829] +- scsi: Change SCSI device boolean fields to single bit flags (Ewan D. Milne) [RHEL-23829] +- scsi: sd: Introduce manage_shutdown device flag (Ewan D. Milne) [RHEL-23829] +- ata: libata-eh: Spinup disk on resume after revalidation (Ewan D. Milne) [RHEL-23829] +- ata: xgene: Use of_device_get_match_data() (Ewan D. Milne) [RHEL-23829] +- scsi: Remove scsi device no_start_on_resume flag (Ewan D. Milne) [RHEL-23829] +- scsi: sd: Do not issue commands to suspended disks on shutdown (Ewan D. Milne) [RHEL-23829] +- ata: libata: Annotate struct ata_cpr_log with __counted_by (Ewan D. Milne) [RHEL-23829] +- ata: libata-scsi: Disable scsi device manage_system_start_stop (Ewan D. Milne) [RHEL-23829] +- scsi: sd: Differentiate system and runtime start/stop management (Ewan D. Milne) [RHEL-23829] +- ata: libata-scsi: link ata port and scsi device (Ewan D. Milne) [RHEL-23829] +- ata: libata-core: Fix port and device removal (Ewan D. Milne) [RHEL-23829] +- ata: libata-sata: increase PMP SRST timeout to 10s (Ewan D. Milne) [RHEL-23829] +- scsi: core: ata: Do no try to probe for CDL on old drives (Ewan D. Milne) [RHEL-23829] +- ata: libata-core: fetch sense data for successful commands iff CDL enabled (Ewan D. Milne) [RHEL-23829] +- ata: ahci_xgene: fix parameter types of xgene_ahci_poll_reg_val() (Ewan D. Milne) [RHEL-23829] +- ata: libata: fix parameter type of ata_deadline() (Ewan D. Milne) [RHEL-23829] +- ata,scsi: do not issue START STOP UNIT on resume (Ewan D. Milne) [RHEL-23829] +- ata: libata-core: fix when to fetch sense data for successful commands (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata-scsi: Fix ata_msense_control kdoc comment (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata: Handle completion of CDL commands using policy 0xD (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata: Set read/write commands CDL index (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata: Add ATA feature control sub-page translation (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata-scsi: Add support for CDL pages mode sense (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata-scsi: Handle CDL bits in ata_scsiop_maint_in() (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata: Detect support for command duration limits (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata: Change ata_eh_request_sense() to not set CHECK_CONDITION (Ewan D. Milne) [RHEL-23829] +- ata: Use of_property_present() for testing DT property presence (Ewan D. Milne) [RHEL-23829] +- ata: ahci: Rename CONFIG_SATA_LPM_POLICY configuration item back (Ewan D. Milne) [RHEL-23829] +- ata: ahci: Rename CONFIG_SATA_LPM_MOBILE_POLICY configuration item (Ewan D. Milne) [RHEL-23829] +- virt: efi_secret: Convert to platform remove callback returning void (Lenny Szubowicz) [RHEL-30322] +- efi/libstub: Add get_event_log() support for CC platforms (Lenny Szubowicz) [RHEL-30322] +- efi/libstub: Measure into CC protocol if TCG2 protocol is absent (Lenny Szubowicz) [RHEL-30322] +- efi/libstub: Add Confidential Computing (CC) measurement typedefs (Lenny Szubowicz) [RHEL-30322] +- efi/tpm: Use symbolic GUID name from spec for final events table (Lenny Szubowicz) [RHEL-30322] +- efi/libstub: Use TPM event typedefs from the TCG PC Client spec (Lenny Szubowicz) [RHEL-30322] +Resolves: RHEL-21034, RHEL-23829, RHEL-30322, RHEL-32435, RHEL-36542, RHEL-36543, RHEL-36544, RHEL-48649, RHEL-51754, RHEL-53662, RHEL-53665 + * Mon Aug 19 2024 Lucas Zampieri [5.14.0-500.el9] - mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines (Chris von Recklinghausen) [RHEL-54027] {CVE-2024-42258} - rtla/osnoise: set the default threshold to 1us (Luis Claudio R. Goncalves) [RHEL-50869] diff --git a/kernel.spec b/kernel.spec index fbfc6afc9..be5ab4311 100755 --- a/kernel.spec +++ b/kernel.spec @@ -165,15 +165,15 @@ Summary: The Linux kernel # define buildid .local %define specversion 5.14.0 %define patchversion 5.14 -%define pkgrelease 500 +%define pkgrelease 501 %define kversion 5 -%define tarfile_release 5.14.0-500.el9 +%define tarfile_release 5.14.0-501.el9 # This is needed to do merge window version magic %define patchlevel 14 # This allows pkg_release to have configurable %%{?dist} tag -%define specrelease 500%{?buildid}%{?dist} +%define specrelease 501%{?buildid}%{?dist} # This defines the kabi tarball version -%define kabiversion 5.14.0-500.el9 +%define kabiversion 5.14.0-501.el9 # # End of genspec.sh variables @@ -3653,6 +3653,8 @@ fi %endif\ %attr(0600, root, root) /lib/modules/%{KVERREL}%{?3:+%{3}}/System.map\ %ghost %attr(0600, root, root) /boot/System.map-%{KVERREL}%{?3:+%{3}}\ +%dir /lib/modules\ +%dir /lib/modules/%{KVERREL}%{?3:+%{3}}\ /lib/modules/%{KVERREL}%{?3:+%{3}}/symvers.gz\ /lib/modules/%{KVERREL}%{?3:+%{3}}/config\ /lib/modules/%{KVERREL}%{?3:+%{3}}/modules.builtin*\ @@ -3712,6 +3714,8 @@ fi %if %{efiuki}\ %if "%{3}" != "rt" && "%{3}" != "rt-debug"\ %{expand:%%files %{?3:%{3}-}uki-virt}\ +%dir /lib/modules\ +%dir /lib/modules/%{KVERREL}%{?3:+%{3}}\ %attr(0600, root, root) /lib/modules/%{KVERREL}%{?3:+%{3}}/System.map\ /lib/modules/%{KVERREL}%{?3:+%{3}}/symvers.gz\ /lib/modules/%{KVERREL}%{?3:+%{3}}/config\ @@ -3782,6 +3786,106 @@ fi # # %changelog +* Tue Aug 20 2024 Lucas Zampieri [5.14.0-501.el9] +- x86/bhi: Avoid warning in #DB handler due to BHI mitigation (Waiman Long) [RHEL-53662 RHEL-53665] {CVE-2024-42240} +- redhat: Fix the ownership of /lib/modules/ directory (Vitaly Kuznetsov) [RHEL-21034] +- move ownership of /lib/modules// to kernel-core (Thorsten Leemhuis) [RHEL-21034] +- KVM: guest_memfd: let kvm_gmem_populate() operate only on private gfns (Paolo Bonzini) [RHEL-32435] +- KVM: extend kvm_range_has_memory_attributes() to check subset of attributes (Paolo Bonzini) [RHEL-32435] +- KVM: cleanup and add shortcuts to kvm_range_has_memory_attributes() (Paolo Bonzini) [RHEL-32435] +- KVM: guest_memfd: move check for already-populated page to common code (Paolo Bonzini) [RHEL-32435] +- KVM: remove kvm_arch_gmem_prepare_needed() (Paolo Bonzini) [RHEL-32435] +- KVM: guest_memfd: make kvm_gmem_prepare_folio() operate on a single struct kvm (Paolo Bonzini) [RHEL-32435] +- KVM: guest_memfd: delay kvm_gmem_prepare_folio() until the memory is passed to the guest (Paolo Bonzini) [RHEL-32435] +- KVM: guest_memfd: return locked folio from __kvm_gmem_get_pfn (Paolo Bonzini) [RHEL-32435] +- KVM: rename CONFIG_HAVE_KVM_GMEM_* to CONFIG_HAVE_KVM_ARCH_GMEM_* (Paolo Bonzini) [RHEL-32435] +- KVM: guest_memfd: do not go through struct page (Paolo Bonzini) [RHEL-32435] +- KVM: guest_memfd: delay folio_mark_uptodate() until after successful preparation (Paolo Bonzini) [RHEL-32435] +- KVM: guest_memfd: return folio from __kvm_gmem_get_pfn() (Paolo Bonzini) [RHEL-32435] +- KVM: x86: Eliminate log spam from limited APIC timer periods (Paolo Bonzini) [RHEL-32435] +- KVM: SVM: Use sev_es_host_save_area() helper when initializing tsc_aux (Paolo Bonzini) [RHEL-32435] +- KVM: SVM: Force sev_es_host_save_area() to be inlined (for noinstr usage) (Paolo Bonzini) [RHEL-32435] +- KVM: SVM: Consider NUMA affinity when allocating per-CPU save_area (Paolo Bonzini) [RHEL-32435] +- KVM: SVM: not account memory allocation for per-CPU svm_data (Paolo Bonzini) [RHEL-32435] +- KVM: SVM: remove useless input parameter in snp_safe_alloc_page (Paolo Bonzini) [RHEL-32435] +- KVM: Validate hva in kvm_gpc_activate_hva() to fix __kvm_gpc_refresh() WARN (Paolo Bonzini) [RHEL-32435] +- KVM: interrupt kvm_gmem_populate() on signals (Paolo Bonzini) [RHEL-32435] +- KVM: Stop processing *all* memslots when "null" mmu_notifier handler is found (Paolo Bonzini) [RHEL-32435] +- KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (Paolo Bonzini) [RHEL-32435] +- KVM: selftests: x86: Prioritize getting max_gfn from GuestPhysBits (Paolo Bonzini) [RHEL-32435] +- KVM: selftests: Fix shift of 32 bit unsigned int more than 32 bits (Paolo Bonzini) [RHEL-32435] +- KVM: Discard zero mask with function kvm_dirty_ring_reset (Paolo Bonzini) [RHEL-32435] +- virt: guest_memfd: fix reference leak on hwpoisoned page (Paolo Bonzini) [RHEL-32435] +- kvm: do not account temporary allocations to kmem (Paolo Bonzini) [RHEL-32435] +- KVM: x86: Always sync PIR to IRR prior to scanning I/O APIC routes (Paolo Bonzini) [RHEL-32435] +- KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked (Paolo Bonzini) [RHEL-32435] +- net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (Myron Stowe) [RHEL-51754] {CVE-2024-42110} +- Disable NVGRACE_GPU_VFIO_PCI CONFIG for now (Donald Dutile) [RHEL-36542] +- vfio/nvgrace-gpu: Convey kvm to map device memory region as noncached (Donald Dutile) [RHEL-36544] +- vfio: Convey kvm that the vfio-pci device is wc safe (Donald Dutile) [RHEL-36543] +- vfio/nvgrace-gpu: Add vfio pci variant module for grace hopper (Donald Dutile) [RHEL-36542] +- x86/bugs: Extend VMware Retbleed workaround to Nehalem & earlier CPUs (Waiman Long) [RHEL-48649] +- ata: libata-core: Add ATA_HORKAGE_NOLPM for Apacer AS340 (Ewan D. Milne) [RHEL-23829] +- ata: libata-core: Add ATA_HORKAGE_NOLPM for AMD Radeon S3 SSD (Ewan D. Milne) [RHEL-23829] +- ata: libata-core: Add ATA_HORKAGE_NOLPM for Crucial CT240BX500SSD1 (Ewan D. Milne) [RHEL-23829] +- ata: ahci: Do not apply Intel PCS quirk on Intel Alder Lake (Ewan D. Milne) [RHEL-23829] +- ata: libata-core: Allow command duration limits detection for ACS-4 drives (Ewan D. Milne) [RHEL-23829] +- ata: ahci: Add mask_port_map module parameter (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata-sata: Factor out NCQ Priority configuration helpers (Ewan D. Milne) [RHEL-23829] +- ahci: asm1064: asm1166: don't limit reported ports (Ewan D. Milne) [RHEL-23829] +- ahci: print the number of implemented ports (Ewan D. Milne) [RHEL-23829] +- ahci: asm1064: correct count of reported ports (Ewan D. Milne) [RHEL-23829] +- ahci: rename board_ahci_nomsi (Ewan D. Milne) [RHEL-23829] +- ahci: drop unused board_ahci_noncq (Ewan D. Milne) [RHEL-23829] +- ahci: clean up ahci_broken_devslp quirk (Ewan D. Milne) [RHEL-23829] +- ahci: rename board_ahci_nosntf (Ewan D. Milne) [RHEL-23829] +- ahci: clean up intel_pcs_quirk (Ewan D. Milne) [RHEL-23829] +- ata: ahci: Drop low power policy board type (Ewan D. Milne) [RHEL-23829] +- ata: ahci: do not enable LPM on external ports (Ewan D. Milne) [RHEL-23829] +- ata: ahci: drop hpriv param from ahci_update_initial_lpm_policy() (Ewan D. Milne) [RHEL-23829] +- ata: ahci: a hotplug capable port is an external port (Ewan D. Milne) [RHEL-23829] +- ata: ahci: move marking of external port earlier (Ewan D. Milne) [RHEL-23829] +- ahci: Extend ASM1061 43-bit DMA address quirk to other ASM106x parts (Ewan D. Milne) [RHEL-23829] +- ahci: add 43-bit DMA address quirk for ASMedia ASM1061 controllers (Ewan D. Milne) [RHEL-23829] +- ahci: asm1166: correct count of reported ports (Ewan D. Milne) [RHEL-23829] +- ata: libata-sata: improve sysfs description for ATA_LPM_UNKNOWN (Ewan D. Milne) [RHEL-23829] +- scsi: sd: Fix system start for ATA devices (Ewan D. Milne) [RHEL-23829] +- scsi: Change SCSI device boolean fields to single bit flags (Ewan D. Milne) [RHEL-23829] +- scsi: sd: Introduce manage_shutdown device flag (Ewan D. Milne) [RHEL-23829] +- ata: libata-eh: Spinup disk on resume after revalidation (Ewan D. Milne) [RHEL-23829] +- ata: xgene: Use of_device_get_match_data() (Ewan D. Milne) [RHEL-23829] +- scsi: Remove scsi device no_start_on_resume flag (Ewan D. Milne) [RHEL-23829] +- scsi: sd: Do not issue commands to suspended disks on shutdown (Ewan D. Milne) [RHEL-23829] +- ata: libata: Annotate struct ata_cpr_log with __counted_by (Ewan D. Milne) [RHEL-23829] +- ata: libata-scsi: Disable scsi device manage_system_start_stop (Ewan D. Milne) [RHEL-23829] +- scsi: sd: Differentiate system and runtime start/stop management (Ewan D. Milne) [RHEL-23829] +- ata: libata-scsi: link ata port and scsi device (Ewan D. Milne) [RHEL-23829] +- ata: libata-core: Fix port and device removal (Ewan D. Milne) [RHEL-23829] +- ata: libata-sata: increase PMP SRST timeout to 10s (Ewan D. Milne) [RHEL-23829] +- scsi: core: ata: Do no try to probe for CDL on old drives (Ewan D. Milne) [RHEL-23829] +- ata: libata-core: fetch sense data for successful commands iff CDL enabled (Ewan D. Milne) [RHEL-23829] +- ata: ahci_xgene: fix parameter types of xgene_ahci_poll_reg_val() (Ewan D. Milne) [RHEL-23829] +- ata: libata: fix parameter type of ata_deadline() (Ewan D. Milne) [RHEL-23829] +- ata,scsi: do not issue START STOP UNIT on resume (Ewan D. Milne) [RHEL-23829] +- ata: libata-core: fix when to fetch sense data for successful commands (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata-scsi: Fix ata_msense_control kdoc comment (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata: Handle completion of CDL commands using policy 0xD (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata: Set read/write commands CDL index (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata: Add ATA feature control sub-page translation (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata-scsi: Add support for CDL pages mode sense (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata-scsi: Handle CDL bits in ata_scsiop_maint_in() (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata: Detect support for command duration limits (Ewan D. Milne) [RHEL-23829] +- scsi: ata: libata: Change ata_eh_request_sense() to not set CHECK_CONDITION (Ewan D. Milne) [RHEL-23829] +- ata: Use of_property_present() for testing DT property presence (Ewan D. Milne) [RHEL-23829] +- ata: ahci: Rename CONFIG_SATA_LPM_POLICY configuration item back (Ewan D. Milne) [RHEL-23829] +- ata: ahci: Rename CONFIG_SATA_LPM_MOBILE_POLICY configuration item (Ewan D. Milne) [RHEL-23829] +- virt: efi_secret: Convert to platform remove callback returning void (Lenny Szubowicz) [RHEL-30322] +- efi/libstub: Add get_event_log() support for CC platforms (Lenny Szubowicz) [RHEL-30322] +- efi/libstub: Measure into CC protocol if TCG2 protocol is absent (Lenny Szubowicz) [RHEL-30322] +- efi/libstub: Add Confidential Computing (CC) measurement typedefs (Lenny Szubowicz) [RHEL-30322] +- efi/tpm: Use symbolic GUID name from spec for final events table (Lenny Szubowicz) [RHEL-30322] +- efi/libstub: Use TPM event typedefs from the TCG PC Client spec (Lenny Szubowicz) [RHEL-30322] + * Mon Aug 19 2024 Lucas Zampieri [5.14.0-500.el9] - mm: huge_memory: use !CONFIG_64BIT to relax huge page alignment on 32 bit machines (Chris von Recklinghausen) [RHEL-54027] {CVE-2024-42258} - rtla/osnoise: set the default threshold to 1us (Luis Claudio R. Goncalves) [RHEL-50869] diff --git a/sources b/sources index 8606bced9..2c8e41578 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-5.14.0-500.el9.tar.xz) = 92fd757d03ec7db0026c7550982ac3a107a1ce2b346b82fbff769811940ba005eeeba1e782142cdc0445642e17537594d43c006a7e077876bc6400b7df681dea -SHA512 (kernel-abi-stablelists-5.14.0-500.el9.tar.bz2) = 6e77afc63ceee00fc691ad59ba3d24f740a3b53972fa5f4567ec68abb659e960641d626ca49f1c7f45c8b23f5809af4ab553f011c302eea4be5b7a2ef503848e -SHA512 (kernel-kabi-dw-5.14.0-500.el9.tar.bz2) = 3bdd16b2d6afe5acbe34cc61d43308580797bb0ca86a4b3114da5c6a3415851cba5ab454afd96745e242ae9d8666ad026f8ad89fb0ca0537c31076adabf94ba3 +SHA512 (linux-5.14.0-501.el9.tar.xz) = 16d83a3480b8a1ccbb5557156c3417876c64a8f56d398419e5ff6378245d3791904ea0e9784e594d00c3ab1e0c6907cd8004effa33254f7962358b2cfa51cfb3 +SHA512 (kernel-abi-stablelists-5.14.0-501.el9.tar.bz2) = eae3669884b1000fab1a67f4cab1ad6cd8000180c13c59644bbc114d8a6505d99d9dc636bff098f66222a96c7040060f61faeedc81f1f1e4e5df011dc439349e +SHA512 (kernel-kabi-dw-5.14.0-501.el9.tar.bz2) = 72f376e2f65f423d2a3bd50af92d85d65a6c48081b31515b8f2a03fda8ed7315451b10430d234d8939dff24e86241faab9c56f00e5c4ae13e8b21c8c8ff5ccc2