The Linux kernel
40560a510e
* Fri Aug 05 2022 Patrick Talbert <ptalbert@redhat.com> [5.14.0-143.el9]
- sched, cpuset: Fix dl_cpu_busy() panic due to empty cs->cpus_allowed (Waiman Long) [2104946]
- intel_idle: Fix false positive RCU splats due to incorrect hardirqs state (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- tools headers cpufeatures: Sync with the kernel sources (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- um: Add missing apply_returns() (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- KVM: emulate: do not adjust size of fastop and setcc subroutines (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/kvm: fix FASTOP_SIZE when return thunks are enabled (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- efi/x86: use naked RET on mixed mode call wrapper (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Remove apostrophe typo (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Mark retbleed_strings static (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/static_call: Serialize __static_call_fixup() properly (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Disable RRSBA behavior (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/kexec: Disable RET on kexec (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/entry: Move PUSH_AND_CLEAR_REGS() back into error_entry (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Add Cannon lake to RETBleed affected CPU list (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- redhat/configs: Add new mitigation configs for RetBleed CVEs (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/retbleed: Add fine grained Kconfig knobs (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/cpu/amd: Enumerate BTC_NO (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/common: Stamp out the stepping madness (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- KVM: VMX: Prevent RSB underflow before vmenter (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Fill RSB on vmexit for IBRS (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- KVM: VMX: Fix IBRS handling after vmexit (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- KVM: VMX: Convert launched argument to flags (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- KVM: VMX: Flatten __vmx_vcpu_run() (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- objtool: Re-add UNWIND_HINT_{SAVE_RESTORE} (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Remove x86_spec_ctrl_mask (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Fix SPEC_CTRL write on SMT state change (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Fix firmware entry SPEC_CTRL handling (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/cpu/amd: Add Spectral Chicken (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Do IBPB fallback check only once (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Add retbleed=ibpb (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/xen: Add UNTRAIN_RET (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/xen: Rename SYS* entry points (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- objtool: Update Retpoline validation (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- intel_idle: Disable IBRS during long idle (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Report Intel retbleed vulnerability (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Optimize SPEC_CTRL MSR writes (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/entry: Add kernel IBRS implementation (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Enable STIBP for JMP2RET (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Add AMD retbleed= boot parameter (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bugs: Report AMD retbleed vulnerability (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- objtool: skip non-text sections when adding return-thunk sites (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86: Add magic AMD return-thunk (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- objtool: Treat .text.__x86.* as noinstr (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/entry: Avoid very early RET (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86: Use return-thunk in asm code (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/sev: Avoid using __x86_return_thunk (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/vsyscall_emu/64: Don't use RET in vsyscall emulation (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/kvm: Fix SETcc emulation for return thunks (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/bpf: Use alternative RET encoding (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/ftrace: Use alternative RET encoding (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86,static_call: Use alternative RET encoding (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86,objtool: Create .return_sites (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86: Undo return-thunk damage (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/retpoline: Use -mfunction-return (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/retpoline: Swizzle retpoline thunk (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/retpoline: Cleanup some #ifdefery (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/cpufeatures: Move RETPOLINE flags to word 11 (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/kvm/vmx: Make noinstr clean (Waiman Long) [2090231] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
- x86/entry: Fix register corruption in compat syscall (Waiman Long) [2090231]
- x86/entry: Remove skip_r11rcx (Waiman Long) [2090231]
- x86/entry: Use PUSH_AND_CLEAR_REGS for compat (Waiman Long) [2090231]
- x86/entry: Simplify entry_INT80_compat() (Waiman Long) [2090231]
- x86/entry: Don't call error_entry() for XENPV (Waiman Long) [2090231]
- x86/entry: Move CLD to the start of the idtentry macro (Waiman Long) [2090231]
- x86/entry: Move PUSH_AND_CLEAR_REGS out of error_entry() (Waiman Long) [2090231]
- x86/entry: Switch the stack after error_entry() returns (Waiman Long) [2090231]
- x86/traps: Use pt_regs directly in fixup_bad_iret() (Waiman Long) [2090231]
- x86/retpoline: Add ANNOTATE_NOENDBR for retpolines (Waiman Long) [2090231]
- x86/static_call: Add ANNOTATE_NOENDBR to static call trampoline (Waiman Long) [2090231]
- objtool: Fix SLS validation for kcov tail-call replacement (Waiman Long) [2090231]
- x86,static_call: Fix __static_call_return0 for i386 (Waiman Long) [2090231]
- crypto: x86/poly1305 - Fixup SLS (Waiman Long) [2090231]
- kvm/emulate: Fix SETcc emulation for ENDBR (Waiman Long) [2090231]
- x86/ibt: Annotate text references (Waiman Long) [2090231]
- x86/alternative: Simplify int3_selftest_ip (Waiman Long) [2090231]
- x86/ibt,kvm: Add ENDBR to fastops (Waiman Long) [2090231]
- x86/ibt,entry: Sprinkle ENDBR dust (Waiman Long) [2090231]
- x86/ibt,xen: Sprinkle the ENDBR (Waiman Long) [2090231]
- x86/entry: Cleanup PARAVIRT (Waiman Long) [2090231]
- x86/ibt: Add ANNOTATE_NOENDBR (Waiman Long) [2090231]
- redhat/configs: Disable CONFIG_X86_KERNEL_IBT (Waiman Long) [2090231]
- x86/ibt: Base IBT bits (Waiman Long) [2090231]
- objtool,efi: Update __efi64_thunk annotation (Waiman Long) [2090231]
- objtool: Fix truncated string warning (Waiman Long) [2090231]
- redhat/configs: Disable CONFIG_SLS (Waiman Long) [2090231]
- x86: Add straight-line-speculation mitigation (Waiman Long) [2090231]
- x86/alternative: Relax text_poke_bp() constraint (Waiman Long) [2090231]
- objtool: Add straight-line-speculation validation (Waiman Long) [2090231]
- x86: Prepare inline-asm for straight-line-speculation (Waiman Long) [2090231]
- x86: Prepare asm files for straight-line-speculation (Waiman Long) [2090231]
- x86/mce: Reduce number of machine checks taken during recovery (Waiman Long) [2090231]
- x86/lib/atomic64_386_32: Rename things (Waiman Long) [2090231]
- x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds (Waiman Long) [2090231]
- x86: Move RETPOLINE*_CFLAGS to arch Makefile (Waiman Long) [2090231]
- x86/xen: Add xenpv_restore_regs_and_return_to_usermode() (Waiman Long) [2090231]
- x86/entry: Use the correct fence macro after swapgs in kernel CR3 (Waiman Long) [2090231]
- x86/entry: Add a fence for kernel entry SWAPGS in paranoid_entry() (Waiman Long) [2090231]
- objtool: Fix pv_ops noinstr validation (Waiman Long) [2090231]
- static_call,x86: Robustify trampoline patching (Waiman Long) [2090231]
- x86/xen: switch initial pvops IRQ functions to dummy ones (Waiman Long) [2090231]
- bpf,x86: Respect X86_FEATURE_RETPOLINE* (Waiman Long) [2090231]
- x86/alternative: Add debug prints to apply_retpolines() (Waiman Long) [2090231]
- x86/alternative: Try inline spectre_v2=retpoline,amd (Waiman Long) [2090231]
- x86/alternative: Handle Jcc __x86_indirect_thunk_\reg (Waiman Long) [2090231]
- x86/alternative: Implement .retpoline_sites support (Waiman Long) [2090231]
- x86/retpoline: Create a retpoline thunk array (Waiman Long) [2090231]
- x86/retpoline: Move the retpoline thunk declarations to nospec-branch.h (Waiman Long) [2090231]
- x86/asm: Fixup odd GEN-for-each-reg.h usage (Waiman Long) [2090231]
- x86/asm: Fix register order (Waiman Long) [2090231]
- x86/retpoline: Remove unused replacement symbols (Waiman Long) [2090231]
- objtool,x86: Replace alternatives with .retpoline_sites (Waiman Long) [2090231]
- objtool: Shrink struct instruction (Waiman Long) [2090231]
- objtool: Explicitly avoid self modifying code in .altinstr_replacement (Waiman Long) [2090231]
- objtool: Classify symbols (Waiman Long) [2090231]
- objtool: Remove reloc symbol type checks in get_alt_entry() (Waiman Long) [2090231]
- objtool: print out the symbol type when complaining about it (Waiman Long) [2090231]
- objtool: Teach get_alt_entry() about more relocation types (Waiman Long) [2090231]
- kbuild: reuse $(cmd_objtool) for cmd_cc_lto_link_modules (Waiman Long) [2090231]
- kbuild: detect objtool update without using .SECONDEXPANSION (Waiman Long) [2090231]
- kbuild: factor out OBJECT_FILES_NON_STANDARD check into a macro (Waiman Long) [2090231]
- kbuild: store the objtool command in *.cmd files (Waiman Long) [2090231]
- kbuild: rename __objtool_obj and reuse it for cmd_cc_lto_link_modules (Waiman Long) [2090231]
- kbuild: move objtool_args back to scripts/Makefile.build (Waiman Long) [2090231]
- x86/mce: Drop copyin special case for #MC (Waiman Long) [2090231]
- objtool: Support pv_opsindirect calls for noinstr (Waiman Long) [2090231]
- x86/xen: Rework the xen_{cpu,irq,mmu}_opsarrays (Waiman Long) [2090231]
- objtool: Handle __sanitize_cov*() tail calls (Waiman Long) [2090231]
- objtool: Introduce CFI hash (Waiman Long) [2090231]
- kbuild: clean up objtool_args slightly (Waiman Long) [2090231]
- kbuild: remove stale *.symversions (Waiman Long) [2090231]
- kbuild: remove unused quiet_cmd_update_lto_symversions (Waiman Long) [2090231]
- kbuild: Fix TRIM_UNUSED_KSYMS with LTO_CLANG (Waiman Long) [2090231]
- Makefile: remove stale cc-option checks (Waiman Long) [2090231]
- x86/build: Remove stale cc-option checks (Waiman Long) [2090231]
- xen: assume XENFEAT_mmu_pt_update_preserve_ad being set for pv guests (Waiman Long) [2090231]
- dmaengine: idxd: Fixup upstream merge conflict resolution (Jerry Snitselaar) [2100482]
- dmaengine: idxd: skip clearing device context when device is read-only (Jerry Snitselaar) [2100482]
- dmaengine: idxd: add RO check for wq max_transfer_size write (Jerry Snitselaar) [2100482]
- dmaengine: idxd: add RO check for wq max_batch_size write (Jerry Snitselaar) [2100482]
- dmaengine: idxd: fix device cleanup on disable (Jerry Snitselaar) [2100482]
- Revert "dmaengine: idxd: Separate user and kernel pasid enabling" (Jerry Snitselaar) [2100482]
Resolves: rhbz#2104946, rhbz#2090231, rhbz#2100482
Signed-off-by: Patrick Talbert <ptalbert@redhat.com>
|
||
|---|---|---|
| .gitignore | ||
| check-kabi | ||
| cpupower.config | ||
| cpupower.service | ||
| filter-aarch64.sh.rhel | ||
| filter-armv7hl.sh.rhel | ||
| filter-i686.sh.rhel | ||
| filter-modules.sh.rhel | ||
| filter-ppc64le.sh.rhel | ||
| filter-s390x.sh.rhel | ||
| filter-x86_64.sh.rhel | ||
| gating.yaml | ||
| generate_all_configs.sh | ||
| kernel-aarch64-debug-rhel.config | ||
| kernel-aarch64-rhel.config | ||
| kernel-local | ||
| kernel-ppc64le-debug-rhel.config | ||
| kernel-ppc64le-rhel.config | ||
| kernel-s390x-debug-rhel.config | ||
| kernel-s390x-rhel.config | ||
| kernel-s390x-zfcpdump-rhel.config | ||
| kernel-x86_64-debug-rhel.config | ||
| kernel-x86_64-rhel.config | ||
| kernel.spec | ||
| kvm_stat.logrotate | ||
| linux-kernel-test.patch | ||
| Makefile.rhelver | ||
| merge.pl | ||
| mod-denylist.sh | ||
| mod-extra.list.rhel | ||
| mod-internal.list | ||
| mod-sign.sh | ||
| Module.kabi_aarch64 | ||
| Module.kabi_dup_aarch64 | ||
| Module.kabi_dup_ppc64le | ||
| Module.kabi_dup_s390x | ||
| Module.kabi_dup_x86_64 | ||
| Module.kabi_ppc64le | ||
| Module.kabi_s390x | ||
| Module.kabi_x86_64 | ||
| parallel_xz.sh | ||
| partial-kgcov-snip.config | ||
| patch-5.14.0-redhat.patch | ||
| process_configs.sh | ||
| README.rst | ||
| rheldup3.x509 | ||
| rhelkpatch1.x509 | ||
| rpminspect.yaml | ||
| sources | ||
| update_scripts.sh | ||
| x509.genkey.centos | ||
| x509.genkey.rhel | ||
=================== The Kernel dist-git =================== The kernel is maintained in a `source tree`_ rather than directly in dist-git. The specfile is maintained as a `template`_ in the source tree along with a set of build scripts to generate configurations, (S)RPMs, and to populate the dist-git repository. The `documentation`_ for the source tree covers how to contribute and maintain the tree. If you're looking for the downstream patch set it's available in the source tree with "git log master..ark-patches" or `online`_. Each release in dist-git is tagged in the source repository so you can easily check out the source tree for a build. The tags are in the format name-version-release, but note release doesn't contain the dist tag since the source can be built in different build roots (Fedora, CentOS, etc.) .. _source tree: https://gitlab.com/cki-project/kernel-ark.git .. _template: https://gitlab.com/cki-project/kernel-ark/-/blob/os-build/redhat/kernel.spec.template .. _documentation: https://gitlab.com/cki-project/kernel-ark/-/wikis/home .. _online: https://gitlab.com/cki-project/kernel-ark/-/commits/ark-patches