kernel-5.14.0-359.el9

* Tue Aug 22 2023 Jan Stancek <jstancek@redhat.com> [5.14.0-359.el9]
- vxlan: fix GRO with VXLAN-GPE (Jiri Benc) [2209627]
- vxlan: generalize vxlan_parse_gpe_hdr and remove unused args (Jiri Benc) [2209627]
- vxlan: calculate correct header length for GPE (Jiri Benc) [2209627]
- redhat/configs: turn on the framework for SPI NOR for ARM (Steve Best) [2223027]
- dm cache policy smq: ensure IO doesn't prevent cleaner policy progress (Benjamin Marzinski) [2159623]
- selftests: mptcp: join: fix 'implicit EP' test (Andrea Claudi) [2109139]
- selftests: mptcp: join: fix 'delete and re-add' test (Andrea Claudi) [2109139]
- net: tap_open(): set sk_uid from current_fsuid() (Laszlo Ersek) [2229506] {CVE-2023-4194}
- net: tun_chr_open(): set sk_uid from current_fsuid() (Laszlo Ersek) [2229506] {CVE-2023-4194}
- scsi: storvsc: Remove errant duplicate code (Cathy Avery) [2224931]
- scsi: storvsc: Limit max_sectors for virtual Fibre Channel devices (Cathy Avery) [2224931]
- net/mlx5: Register a unique thermal zone per device (Mohammad Kabat) [2210257]
- net/mlx5: Implement thermal zone (Mohammad Kabat) [2210257]
- redhat/configs: enable Tegra114 SPI controller (Mark Salter) [2232430]
- redhat: add IMA certificates (Coiby Xu) [1870705]
- locking: 9.3 KRTS JiraReadiness exercise (John B. Wyatt IV) [RHEL-981]
Resolves: rhbz#1870705, rhbz#2109139, rhbz#2159623, rhbz#2209627, rhbz#2210257, rhbz#2223027, rhbz#2224931, rhbz#2229506, rhbz#2232430, RHEL-981

Signed-off-by: Jan Stancek <jstancek@redhat.com>
This commit is contained in:
Jan Stancek 2023-08-22 09:59:15 +02:00
parent 03399c4bff
commit fbada29b4d
12 changed files with 92 additions and 27 deletions

View File

@ -12,7 +12,7 @@ RHEL_MINOR = 3
#
# Use this spot to avoid future merge conflicts.
# Do not trim this comment.
RHEL_RELEASE = 358
RHEL_RELEASE = 359
#
# ZSTREAM

View File

@ -3523,7 +3523,11 @@ CONFIG_MTD_RAW_NAND=m
# CONFIG_MTD_ROM is not set
# CONFIG_MTD_SLRAM is not set
# CONFIG_MTD_SPI_NAND is not set
# CONFIG_MTD_SPI_NOR is not set
CONFIG_MTD_SPI_NOR=m
# CONFIG_MTD_SPI_NOR_SWP_DISABLE is not set
CONFIG_MTD_SPI_NOR_SWP_DISABLE_ON_VOLATILE=y
# CONFIG_MTD_SPI_NOR_SWP_KEEP is not set
# CONFIG_MTD_SPI_NOR_USE_4K_SECTORS is not set
# CONFIG_MTD_SST25L is not set
# CONFIG_MTD_SWAP is not set
# CONFIG_MTD_TESTS is not set
@ -5890,12 +5894,13 @@ CONFIG_SPI_FSL_QUADSPI=m
# CONFIG_SPI_FSL_SPI is not set
# CONFIG_SPI_GPIO is not set
# CONFIG_SPI_HISI_KUNPENG is not set
# CONFIG_SPI_HISI_SFC is not set
# CONFIG_SPI_HISI_SFC_V3XX is not set
CONFIG_SPI_IMX=m
# CONFIG_SPI_LANTIQ_SSC is not set
# CONFIG_SPI_LOOPBACK_TEST is not set
CONFIG_SPI_MASTER=y
# CONFIG_SPI_MEM is not set
CONFIG_SPI_MEM=y
# CONFIG_SPI_MUX is not set
# CONFIG_SPI_MXIC is not set
CONFIG_SPI_NXP_FLEXSPI=m
@ -5909,7 +5914,7 @@ CONFIG_SPI_QUP=y
# CONFIG_SPI_SIFIVE is not set
# CONFIG_SPI_SLAVE is not set
# CONFIG_SPI_SPIDEV is not set
# CONFIG_SPI_TEGRA114 is not set
CONFIG_SPI_TEGRA114=m
# CONFIG_SPI_TEGRA20_SFLASH is not set
# CONFIG_SPI_TEGRA20_SLINK is not set
CONFIG_SPI_TEGRA210_QUAD=m

View File

@ -3502,7 +3502,11 @@ CONFIG_MTD_RAW_NAND=m
# CONFIG_MTD_ROM is not set
# CONFIG_MTD_SLRAM is not set
# CONFIG_MTD_SPI_NAND is not set
# CONFIG_MTD_SPI_NOR is not set
CONFIG_MTD_SPI_NOR=m
# CONFIG_MTD_SPI_NOR_SWP_DISABLE is not set
CONFIG_MTD_SPI_NOR_SWP_DISABLE_ON_VOLATILE=y
# CONFIG_MTD_SPI_NOR_SWP_KEEP is not set
# CONFIG_MTD_SPI_NOR_USE_4K_SECTORS is not set
# CONFIG_MTD_SST25L is not set
# CONFIG_MTD_SWAP is not set
# CONFIG_MTD_TESTS is not set
@ -5866,12 +5870,13 @@ CONFIG_SPI_FSL_QUADSPI=m
# CONFIG_SPI_FSL_SPI is not set
# CONFIG_SPI_GPIO is not set
# CONFIG_SPI_HISI_KUNPENG is not set
# CONFIG_SPI_HISI_SFC is not set
# CONFIG_SPI_HISI_SFC_V3XX is not set
CONFIG_SPI_IMX=m
# CONFIG_SPI_LANTIQ_SSC is not set
# CONFIG_SPI_LOOPBACK_TEST is not set
CONFIG_SPI_MASTER=y
# CONFIG_SPI_MEM is not set
CONFIG_SPI_MEM=y
# CONFIG_SPI_MUX is not set
# CONFIG_SPI_MXIC is not set
CONFIG_SPI_NXP_FLEXSPI=m
@ -5885,7 +5890,7 @@ CONFIG_SPI_QUP=y
# CONFIG_SPI_SIFIVE is not set
# CONFIG_SPI_SLAVE is not set
# CONFIG_SPI_SPIDEV is not set
# CONFIG_SPI_TEGRA114 is not set
CONFIG_SPI_TEGRA114=m
# CONFIG_SPI_TEGRA20_SFLASH is not set
# CONFIG_SPI_TEGRA20_SLINK is not set
CONFIG_SPI_TEGRA210_QUAD=m

View File

@ -3520,7 +3520,11 @@ CONFIG_MTD_RAW_NAND=m
# CONFIG_MTD_ROM is not set
# CONFIG_MTD_SLRAM is not set
# CONFIG_MTD_SPI_NAND is not set
# CONFIG_MTD_SPI_NOR is not set
CONFIG_MTD_SPI_NOR=m
# CONFIG_MTD_SPI_NOR_SWP_DISABLE is not set
CONFIG_MTD_SPI_NOR_SWP_DISABLE_ON_VOLATILE=y
# CONFIG_MTD_SPI_NOR_SWP_KEEP is not set
# CONFIG_MTD_SPI_NOR_USE_4K_SECTORS is not set
# CONFIG_MTD_SST25L is not set
# CONFIG_MTD_SWAP is not set
# CONFIG_MTD_TESTS is not set
@ -5887,12 +5891,13 @@ CONFIG_SPI_FSL_QUADSPI=m
# CONFIG_SPI_FSL_SPI is not set
# CONFIG_SPI_GPIO is not set
# CONFIG_SPI_HISI_KUNPENG is not set
# CONFIG_SPI_HISI_SFC is not set
# CONFIG_SPI_HISI_SFC_V3XX is not set
CONFIG_SPI_IMX=m
# CONFIG_SPI_LANTIQ_SSC is not set
# CONFIG_SPI_LOOPBACK_TEST is not set
CONFIG_SPI_MASTER=y
# CONFIG_SPI_MEM is not set
CONFIG_SPI_MEM=y
# CONFIG_SPI_MUX is not set
# CONFIG_SPI_MXIC is not set
CONFIG_SPI_NXP_FLEXSPI=m
@ -5906,7 +5911,7 @@ CONFIG_SPI_QUP=y
# CONFIG_SPI_SIFIVE is not set
# CONFIG_SPI_SLAVE is not set
# CONFIG_SPI_SPIDEV is not set
# CONFIG_SPI_TEGRA114 is not set
CONFIG_SPI_TEGRA114=m
# CONFIG_SPI_TEGRA20_SFLASH is not set
# CONFIG_SPI_TEGRA20_SLINK is not set
CONFIG_SPI_TEGRA210_QUAD=m

View File

@ -3499,7 +3499,11 @@ CONFIG_MTD_RAW_NAND=m
# CONFIG_MTD_ROM is not set
# CONFIG_MTD_SLRAM is not set
# CONFIG_MTD_SPI_NAND is not set
# CONFIG_MTD_SPI_NOR is not set
CONFIG_MTD_SPI_NOR=m
# CONFIG_MTD_SPI_NOR_SWP_DISABLE is not set
CONFIG_MTD_SPI_NOR_SWP_DISABLE_ON_VOLATILE=y
# CONFIG_MTD_SPI_NOR_SWP_KEEP is not set
# CONFIG_MTD_SPI_NOR_USE_4K_SECTORS is not set
# CONFIG_MTD_SST25L is not set
# CONFIG_MTD_SWAP is not set
# CONFIG_MTD_TESTS is not set
@ -5863,12 +5867,13 @@ CONFIG_SPI_FSL_QUADSPI=m
# CONFIG_SPI_FSL_SPI is not set
# CONFIG_SPI_GPIO is not set
# CONFIG_SPI_HISI_KUNPENG is not set
# CONFIG_SPI_HISI_SFC is not set
# CONFIG_SPI_HISI_SFC_V3XX is not set
CONFIG_SPI_IMX=m
# CONFIG_SPI_LANTIQ_SSC is not set
# CONFIG_SPI_LOOPBACK_TEST is not set
CONFIG_SPI_MASTER=y
# CONFIG_SPI_MEM is not set
CONFIG_SPI_MEM=y
# CONFIG_SPI_MUX is not set
# CONFIG_SPI_MXIC is not set
CONFIG_SPI_NXP_FLEXSPI=m
@ -5882,7 +5887,7 @@ CONFIG_SPI_QUP=y
# CONFIG_SPI_SIFIVE is not set
# CONFIG_SPI_SLAVE is not set
# CONFIG_SPI_SPIDEV is not set
# CONFIG_SPI_TEGRA114 is not set
CONFIG_SPI_TEGRA114=m
# CONFIG_SPI_TEGRA20_SFLASH is not set
# CONFIG_SPI_TEGRA20_SLINK is not set
CONFIG_SPI_TEGRA210_QUAD=m

View File

@ -3591,7 +3591,11 @@ CONFIG_MTD_RAW_NAND=m
# CONFIG_MTD_ROM is not set
# CONFIG_MTD_SLRAM is not set
# CONFIG_MTD_SPI_NAND is not set
# CONFIG_MTD_SPI_NOR is not set
CONFIG_MTD_SPI_NOR=m
# CONFIG_MTD_SPI_NOR_SWP_DISABLE is not set
CONFIG_MTD_SPI_NOR_SWP_DISABLE_ON_VOLATILE=y
# CONFIG_MTD_SPI_NOR_SWP_KEEP is not set
# CONFIG_MTD_SPI_NOR_USE_4K_SECTORS is not set
# CONFIG_MTD_SST25L is not set
# CONFIG_MTD_SWAP is not set
# CONFIG_MTD_TESTS is not set
@ -5985,12 +5989,13 @@ CONFIG_SPI_FSL_QUADSPI=m
# CONFIG_SPI_FSL_SPI is not set
# CONFIG_SPI_GPIO is not set
# CONFIG_SPI_HISI_KUNPENG is not set
# CONFIG_SPI_HISI_SFC is not set
# CONFIG_SPI_HISI_SFC_V3XX is not set
CONFIG_SPI_IMX=m
# CONFIG_SPI_LANTIQ_SSC is not set
# CONFIG_SPI_LOOPBACK_TEST is not set
CONFIG_SPI_MASTER=y
# CONFIG_SPI_MEM is not set
CONFIG_SPI_MEM=y
# CONFIG_SPI_MUX is not set
# CONFIG_SPI_MXIC is not set
CONFIG_SPI_NXP_FLEXSPI=m
@ -6004,7 +6009,7 @@ CONFIG_SPI_QUP=y
# CONFIG_SPI_SIFIVE is not set
# CONFIG_SPI_SLAVE is not set
# CONFIG_SPI_SPIDEV is not set
# CONFIG_SPI_TEGRA114 is not set
CONFIG_SPI_TEGRA114=m
# CONFIG_SPI_TEGRA20_SFLASH is not set
# CONFIG_SPI_TEGRA20_SLINK is not set
CONFIG_SPI_TEGRA210_QUAD=m

View File

@ -3570,7 +3570,11 @@ CONFIG_MTD_RAW_NAND=m
# CONFIG_MTD_ROM is not set
# CONFIG_MTD_SLRAM is not set
# CONFIG_MTD_SPI_NAND is not set
# CONFIG_MTD_SPI_NOR is not set
CONFIG_MTD_SPI_NOR=m
# CONFIG_MTD_SPI_NOR_SWP_DISABLE is not set
CONFIG_MTD_SPI_NOR_SWP_DISABLE_ON_VOLATILE=y
# CONFIG_MTD_SPI_NOR_SWP_KEEP is not set
# CONFIG_MTD_SPI_NOR_USE_4K_SECTORS is not set
# CONFIG_MTD_SST25L is not set
# CONFIG_MTD_SWAP is not set
# CONFIG_MTD_TESTS is not set
@ -5961,12 +5965,13 @@ CONFIG_SPI_FSL_QUADSPI=m
# CONFIG_SPI_FSL_SPI is not set
# CONFIG_SPI_GPIO is not set
# CONFIG_SPI_HISI_KUNPENG is not set
# CONFIG_SPI_HISI_SFC is not set
# CONFIG_SPI_HISI_SFC_V3XX is not set
CONFIG_SPI_IMX=m
# CONFIG_SPI_LANTIQ_SSC is not set
# CONFIG_SPI_LOOPBACK_TEST is not set
CONFIG_SPI_MASTER=y
# CONFIG_SPI_MEM is not set
CONFIG_SPI_MEM=y
# CONFIG_SPI_MUX is not set
# CONFIG_SPI_MXIC is not set
CONFIG_SPI_NXP_FLEXSPI=m
@ -5980,7 +5985,7 @@ CONFIG_SPI_QUP=y
# CONFIG_SPI_SIFIVE is not set
# CONFIG_SPI_SLAVE is not set
# CONFIG_SPI_SPIDEV is not set
# CONFIG_SPI_TEGRA114 is not set
CONFIG_SPI_TEGRA114=m
# CONFIG_SPI_TEGRA20_SFLASH is not set
# CONFIG_SPI_TEGRA20_SLINK is not set
CONFIG_SPI_TEGRA210_QUAD=m

View File

@ -161,15 +161,15 @@ Summary: The Linux kernel
# define buildid .local
%define specversion 5.14.0
%define patchversion 5.14
%define pkgrelease 358
%define pkgrelease 359
%define kversion 5
%define tarfile_release 5.14.0-358.el9
%define tarfile_release 5.14.0-359.el9
# This is needed to do merge window version magic
%define patchlevel 14
# This allows pkg_release to have configurable %%{?dist} tag
%define specrelease 358%{?buildid}%{?dist}
%define specrelease 359%{?buildid}%{?dist}
# This defines the kabi tarball version
%define kabiversion 5.14.0-358.el9
%define kabiversion 5.14.0-359.el9
#
# End of genspec.sh variables
@ -904,6 +904,17 @@ Source86: mod-kvm.list
Source100: rheldup3.x509
Source101: rhelkpatch1.x509
Source102: rhelimaca1.x509
Source103: rhelima.x509
Source104: rhelima_centos.x509
%if 0%{?centos}
%define ima_signing_cert %{SOURCE104}
%else
%define ima_signing_cert %{SOURCE103}
%endif
%define ima_cert_name ima.cer
Source150: dracut-virt.conf
# Remove this when https://bugzilla.redhat.com/show_bug.cgi?id=2225009 gets resolved
@ -1763,7 +1774,8 @@ done
%if %{signkernel}%{signmodules}
openssl x509 -inform der -in %{SOURCE100} -out rheldup3.pem
openssl x509 -inform der -in %{SOURCE101} -out rhelkpatch1.pem
cat rheldup3.pem rhelkpatch1.pem > ../certs/rhel.pem
openssl x509 -inform der -in %{SOURCE102} -out rhelimaca1.pem
cat rheldup3.pem rhelkpatch1.pem rhelimaca1.pem > ../certs/rhel.pem
%if %{signkernel}
%ifarch s390x ppc64le
openssl x509 -inform der -in %{secureboot_ca_0} -out secureboot.pem
@ -2575,6 +2587,11 @@ BuildKernel() {
%endif
%endif
%if 0%{?rhel}
# Red Hat IMA code-signing cert, which is used to authenticate package files
install -m 0644 %{ima_signing_cert} $RPM_BUILD_ROOT%{_datadir}/doc/kernel-keys/$KernelVer/%{ima_cert_name}
%endif
%if %{signmodules}
if [ $DoModules -eq 1 ]; then
# Save the signing keys so we can sign the modules in __modsign_install_post
@ -3738,6 +3755,24 @@ fi
#
#
%changelog
* Tue Aug 22 2023 Jan Stancek <jstancek@redhat.com> [5.14.0-359.el9]
- vxlan: fix GRO with VXLAN-GPE (Jiri Benc) [2209627]
- vxlan: generalize vxlan_parse_gpe_hdr and remove unused args (Jiri Benc) [2209627]
- vxlan: calculate correct header length for GPE (Jiri Benc) [2209627]
- redhat/configs: turn on the framework for SPI NOR for ARM (Steve Best) [2223027]
- dm cache policy smq: ensure IO doesn't prevent cleaner policy progress (Benjamin Marzinski) [2159623]
- selftests: mptcp: join: fix 'implicit EP' test (Andrea Claudi) [2109139]
- selftests: mptcp: join: fix 'delete and re-add' test (Andrea Claudi) [2109139]
- net: tap_open(): set sk_uid from current_fsuid() (Laszlo Ersek) [2229506] {CVE-2023-4194}
- net: tun_chr_open(): set sk_uid from current_fsuid() (Laszlo Ersek) [2229506] {CVE-2023-4194}
- scsi: storvsc: Remove errant duplicate code (Cathy Avery) [2224931]
- scsi: storvsc: Limit max_sectors for virtual Fibre Channel devices (Cathy Avery) [2224931]
- net/mlx5: Register a unique thermal zone per device (Mohammad Kabat) [2210257]
- net/mlx5: Implement thermal zone (Mohammad Kabat) [2210257]
- redhat/configs: enable Tegra114 SPI controller (Mark Salter) [2232430]
- redhat: add IMA certificates (Coiby Xu) [1870705]
- locking: 9.3 KRTS JiraReadiness exercise (John B. Wyatt IV) [RHEL-981]
* Fri Aug 18 2023 Jan Stancek <jstancek@redhat.com> [5.14.0-358.el9]
- KVM: SEV: remove ghcb variable declarations (Vitaly Kuznetsov) [2213808]
- KVM: SEV: only access GHCB fields once (Vitaly Kuznetsov) [2213808] {CVE-2023-4155}

BIN
rhelima.x509 Normal file

Binary file not shown.

BIN
rhelima_centos.x509 Normal file

Binary file not shown.

BIN
rhelimaca1.x509 Normal file

Binary file not shown.

View File

@ -1,3 +1,3 @@
SHA512 (linux-5.14.0-358.el9.tar.xz) = bc0321ed801b4c354c337641819a32cbb2a60127a4af73844865ed6a45a20193420c40016fc40618204da3e62df2f9bb03c299d7a3b5cbeeca5eb98769f7b250
SHA512 (kernel-abi-stablelists-5.14.0-358.el9.tar.bz2) = 2a3584f7985c62012a6b89ebeb6709789b777e6f861810d01d4a0f9a0781505a67f6ff0b032ebbd0cec52bc1d68e6f41095bd74ffe4c0acf788cf09f3d221fc1
SHA512 (kernel-kabi-dw-5.14.0-358.el9.tar.bz2) = 119e820407c58c1868a04aa69c969a881bd672f0f7111a8b382a7369bc89e57667faab180be0b4932dbfbfeb25267787c56fb155dba1ccb244922a7a130d187b
SHA512 (linux-5.14.0-359.el9.tar.xz) = 6890482d0e5d19e497a2ede527ee1ffd4bb71b58ccfbb6347ca942a7acbcade5668ed0f36b46a307ead9b95604b46e8ff7bde5927190134221982fd765e30f1b
SHA512 (kernel-abi-stablelists-5.14.0-359.el9.tar.bz2) = 7415edacadada7ffaae1744a8de4b5b647a334037011b1e533fee63e1d691883f6e9d9b62505bde761570cbfa27943817b961cb038d43eda6ca327f179d18cf4
SHA512 (kernel-kabi-dw-5.14.0-359.el9.tar.bz2) = 119e820407c58c1868a04aa69c969a881bd672f0f7111a8b382a7369bc89e57667faab180be0b4932dbfbfeb25267787c56fb155dba1ccb244922a7a130d187b