The Linux kernel
4c8cc40e78
* Fri Jun 16 2023 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-498.el8]
- Revert "softirq: Let ksoftirqd do its job" (Oleg Nesterov) [2196767]
- perf: Fix check before add_event_to_groups() in perf_group_detach() (Michael Petlan) [2209645] {CVE-2023-2235}
- perf/core: Call LSM hook after copying perf_event_attr (Audra Mitchell) [2172142]
- kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case (Audra Mitchell) [2172142]
- cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset (Audra Mitchell) [2172142]
- cgroup: Fix race condition at rebind_subsystems() (Audra Mitchell) [2172142]
- tick/nohz: unexport __init-annotated tick_nohz_full_setup() (Audra Mitchell) [2172142]
- ipc/mqueue: use get_tree_nodev() in mqueue_get_tree() (Audra Mitchell) [2172142]
- genirq: Synchronize interrupt thread startup (Audra Mitchell) [2172142]
- genirq: Initialize request_mutex if CONFIG_SPARSE_IRQ=n (Audra Mitchell) [2172142]
- scftorture: Fix distribution of short handler delays (Audra Mitchell) [2172142]
- tick/nohz: Use WARN_ON_ONCE() to prevent console saturation (Audra Mitchell) [2172142]
- ipc/sem: do not sleep with a spin lock held (Audra Mitchell) [2172142]
- signal: In get_signal test for signal_group_exit every time through the loop (Audra Mitchell) [2172142]
- genirq: Move prio assignment into the newly created thread (Audra Mitchell) [2172142]
- sched,irq: Convert to sched_set_fifo() (Audra Mitchell) [2172142]
- cgroup/cpuset: Fix violation of cpuset locking rule (Audra Mitchell) [2172142]
- timers: Move clearing of base::timer_running under base:: Lock (Audra Mitchell) [2172142]
- cgroup1: fix leaked context root causing sporadic NULL deref in LTP (Audra Mitchell) [2172142]
- jump_label: Fix usage in module __init (Audra Mitchell) [2172142]
- padata: fix possible padata_works_lock deadlock (Audra Mitchell) [2172142]
- genirq/PM: Always unlock IRQ descriptor in rearm_wake_irq() (Audra Mitchell) [2172142]
- padata: upgrade smp_mb__after_atomic to smp_mb in padata_do_serial (Audra Mitchell) [2172142]
- cpu/speculation: Warn on unsupported mitigations= parameter (Audra Mitchell) [2172142]
- x86/speculation: Remove redundant arch_smt_update() invocation (Audra Mitchell) [2172142]
- cpu/hotplug: Non-SMP machines do not make use of booted_once (Audra Mitchell) [2172142]
- can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path (Jose Ignacio Tornos Martinez) [2156581] {CVE-2022-28388}
- kernfs: Improve kernfs_notify() poll notification latency (Ian Kent) [2195844]
- stmmac: fix changing mac address (Corinna Vinschen) [2177654]
- net/sched: cls_tcindex: downgrade to imperfect hash (Davide Caratti) [2192308] {CVE-2023-1829}
- Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition (Ricardo Robaina) [2185961] {CVE-2023-1989}
- net: qcom/emac: Fix use after free bug in emac_remove due to race condition (Ricardo Robaina) [2192673] {CVE-2023-2483}
- s390/crypto: improve retry logic in case of master key change (Tobias Huschle) [2212794]
- bpf: pull before calling skb_postpull_rcsum() (Felix Maurer) [2186521]
- bpf, sockmap: fix race in sock_map_free() (Felix Maurer) [2186521]
- bpf, sock_map: Move cancel_work_sync() out of sock lock (Felix Maurer) [2186521]
- brcmfmac: Switch to appropriate helper to load EFI variable contents (Lenny Szubowicz) [2183047]
- iwlwifi: Switch to proper EFI variable store interface (Lenny Szubowicz) [2183047]
- efi: Store mask of supported runtime services in struct efi (Lenny Szubowicz) [2183047]
- NFS: Don't report errors from nfs_pageio_complete() more than once (Benjamin Coddington) [2213644]
- NFS: Do not report flush errors in nfs_write_end() (Benjamin Coddington) [2213644]
- NFS: Don't report ENOSPC write errors twice (Benjamin Coddington) [2213644]
- NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS (Benjamin Coddington) [2213644]
- NFS: Do not report EINTR/ERESTARTSYS as mapping errors (Benjamin Coddington) [2213644]
- net: openvswitch: release vport resources on failure (Antoine Tenart) [2190225]
- net: openvswitch: Add support to count upcall packets (Antoine Tenart) [2190225]
- net: openvswitch: fix race on port output (Antoine Tenart) [2190225]
- net: openvswitch: fix possible memory leak in ovs_meter_cmd_set() (Antoine Tenart) [2190225]
- net: openvswitch: fix flow memory leak in ovs_flow_cmd_new (Antoine Tenart) [2190225]
- openvswitch: Fix flow lookup to use unmasked key (Antoine Tenart) [2190225]
- openvswitch: switch from WARN to pr_warn (Antoine Tenart) [2190225]
- EDAC/i10nm: Add Intel Emerald Rapids server support (Aristeu Rozanski) [2165649]
- EDAC/skx_common: Delete duplicated and unreachable code (Aristeu Rozanski) [2165649]
- EDAC/skx_common: Enable EDAC support for the "near" memory (Aristeu Rozanski) [2165649]
- EDAC/i10nm: Print an extra register set of retry_rd_err_log (Aristeu Rozanski) [2165649]
- EDAC/i10nm: Retrieve and print retry_rd_err_log registers for HBM (Aristeu Rozanski) [2165649]
- EDAC/skx_common: Add ChipSelect ADXL component (Aristeu Rozanski) [2165649]
- EDAC/i10nm: Fix NVDIMM detection (Aristeu Rozanski) [2165649]
- EDAC/skx_common: Set the memory type correctly for HBM memory (Aristeu Rozanski) [2165649]
- EDAC/mc: Add new HBM2 memory type (Aristeu Rozanski) [2165649]
- EDAC: Replace EDAC_DIMM_PTR() macro with edac_get_dimm() function (Aristeu Rozanski) [2165649]
- tpm: disable hwrng for fTPM on some AMD designs (Štěpán Horáček) [2159583]
- tpm/eventlog: Don't abort tpm_read_log on faulty ACPI address (Štěpán Horáček) [2159583]
- tpm: Use managed allocation for bios event log (Štěpán Horáček) [2159583]
- efi: tpm: Avoid READ_ONCE() for accessing the event log (Štěpán Horáček) [2159583]
- tpm: Allow system suspend to continue when TPM suspend fails (Štěpán Horáček) [2159583]
- tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak (Štěpán Horáček) [2159583]
- tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak (Štěpán Horáček) [2159583]
- tpm: acpi: Call acpi_put_table() to fix memory leak (Štěpán Horáček) [2159583]
- tpm/tpm_crb: Fix error message in __crb_relinquish_locality() (Štěpán Horáček) [2159583]
- tpm: Avoid function type cast of put_device() (Štěpán Horáček) [2159583]
- char: tpm: Protect tpm_pm_suspend with locks (Štěpán Horáček) [2159583]
- efi/tpm: Pass correct address to memblock_reserve (Štěpán Horáček) [2159583]
- char: move from strlcpy with unused retval to strscpy (Štěpán Horáček) [2159583]
- tpm: eventlog: Fix section mismatch for DEBUG_SECTION_MISMATCH (Štěpán Horáček) [2159583]
- tpm: Fix buffer access in tpm2_get_tpm_pt() (Štěpán Horáček) [2159583]
- tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe() (Štěpán Horáček) [2159583]
- tpm: use try_get_ops() in tpm-space.c (Štěpán Horáček) [2159583]
- tpm: Fix error handling in async work (Štěpán Horáček) [2159583]
- tpm: vtpm_proxy: Check length to avoid compiler warning (Štěpán Horáček) [2159583]
- tpm: fix NPE on probe for missing device (Štěpán Horáček) [2159583]
- tpm: fix potential NULL pointer access in tpm_del_char_device (Štěpán Horáček) [2159583]
- tpm_tis: Fix an error handling path in 'tpm_tis_core_init()' (Štěpán Horáček) [2159583]
- tpm: add request_locality before write TPM_INT_ENABLE (Štěpán Horáček) [2159583]
- tpm_tis_spi: Add missing SPI ID (Štěpán Horáček) [2159583]
- tpm: fix Atmel TPM crash caused by too frequent queries (Štěpán Horáček) [2159583]
- tpm: Check for integer overflow in tpm2_map_response_body() (Štěpán Horáček) [2159583]
- KEYS: trusted: Fix TPM reservation for seal/unseal (Štěpán Horáček) [2135881]
- KVM: x86: Add helpers to recalc physical vs. logical optimized APIC maps (John Allen) [2117761]
- KVM: x86: Allow APICv APIC ID inhibit to be cleared (John Allen) [2117761]
- KVM: x86: Track required APICv inhibits with variable, not callback (John Allen) [2117761]
- Revert "KVM: SVM: Do not throw warning when calling avic_vcpu_load on a running vcpu" (John Allen) [2117761]
- KVM: SVM: Handle multiple logical targets in AVIC kick fastpath (John Allen) [2117761]
- KVM: SVM: Require logical ID to be power-of-2 for AVIC entry (John Allen) [2117761]
- KVM: SVM: Update svm->ldr_reg cache even if LDR is "bad" (John Allen) [2117761]
- KVM: SVM: Always update local APIC on writes to logical dest register (John Allen) [2117761]
- KVM: SVM: Inhibit AVIC if vCPUs are aliased in logical mode (John Allen) [2117761]
- KVM: x86: Inhibit APICv/AVIC if the optimized physical map is disabled (John Allen) [2117761]
- KVM: x86: Honor architectural behavior for aliased 8-bit APIC IDs (John Allen) [2117761]
- Documentation: KVM: Add SPDX-License-Identifier tag (John Allen) [2117761]
- Documentation: KVM: add virtual CPU errata documentation (John Allen) [2117761]
- KVM: x86: Disable APIC logical map if vCPUs are aliased in logical mode (John Allen) [2117761]
- KVM: x86: Disable APIC logical map if logical ID covers multiple MDAs (John Allen) [2117761]
- KVM: x86: Skip redundant x2APIC logical mode optimized cluster setup (John Allen) [2117761]
- KVM: x86: Explicitly track all possibilities for APIC map's logical modes (John Allen) [2117761]
- KVM: x86: Explicitly skip optimized logical map setup if vCPU's LDR==0 (John Allen) [2117761]
- KVM: SVM: Add helper to perform final AVIC "kick" of single vCPU (John Allen) [2117761]
- KVM: SVM: Document that vCPU ID == APIC ID in AVIC kick fastpatch (John Allen) [2117761]
- Revert "KVM: SVM: Use target APIC ID to complete x2AVIC IRQs when possible" (John Allen) [2117761]
- KVM: SVM: Replace "avic_mode" enum with "x2avic_enabled" boolean (John Allen) [2117761]
- KVM: x86: Inhibit APIC memslot if x2APIC and AVIC are enabled (John Allen) [2117761]
- KVM: x86: Handle APICv updates for APIC "mode" changes via request (John Allen) [2117761]
- KVM: x86: Don't inhibit APICv/AVIC if xAPIC ID mismatch is due to 32-bit ID (John Allen) [2117761]
- KVM: x86: Don't inhibit APICv/AVIC on xAPIC ID "change" if APIC is disabled (John Allen) [2117761]
- KVM: SVM: Process ICR on AVIC IPI delivery failure due to invalid target (John Allen) [2117761]
- KVM: SVM: Flush the "current" TLB when activating AVIC (John Allen) [2117761]
- KVM: x86: Purge "highest ISR" cache when updating APICv state (John Allen) [2117761]
- KVM: x86: Blindly get current x2APIC reg value on "nodecode write" traps (John Allen) [2117761]
- KVM: x86: Bug the VM if an accelerated x2APIC trap occurs on a "bad" reg (John Allen) [2117761]
- KVM: x86: Do not block APIC write for non ICR registers (John Allen) [2117761]
- KVM: x86: Add support for vICR APIC-write VM-Exits in x2APIC mode (John Allen) [2117761]
- KVM: x86: fix APICv/x2AVIC disabled when vm reboot by itself (John Allen) [2117761]
- KVM: SEV: fix misplaced closing parenthesis (John Allen) [2117761]
- KVM: SVM: Do not virtualize MSR accesses for APIC LVTT register (John Allen) [2117761]
- KVM: SVM: Fix x2APIC MSRs interception (John Allen) [2117761]
- KVM: x86: nSVM: optimize svm_set_x2apic_msr_interception (John Allen) [2117761]
- KVM: SVM: Add AVIC doorbell tracepoint (John Allen) [2117761]
- KVM: SVM: Use target APIC ID to complete x2AVIC IRQs when possible (John Allen) [2117761]
- KVM: x86: Warning APICv inconsistency only when vcpu APIC mode is valid (John Allen) [2117761]
- KVM: x86: Move APIC access page helper to common x86 code (John Allen) [2117761]
- KVM: SVM: Introduce hybrid-AVIC mode (John Allen) [2117761]
- KVM: SVM: Do not throw warning when calling avic_vcpu_load on a running vcpu (John Allen) [2117761]
- KVM: SVM: Modify AVIC GATag to support max number of 512 vCPUs (John Allen) [2117761]
- KVM: SVM: Fix a benign off-by-one bug in AVIC physical table mask (John Allen) [2117761]
- KVM: SVM: Ignore writes to Remote Read Data on AVIC write traps (John Allen) [2117761]
- KVM: SVM: Introduce logic to (de)activate x2AVIC mode (John Allen) [2117761]
- KVM: x86: nSVM: always intercept x2apic msrs (John Allen) [2117761]
- KVM: SVM: Don't put/load AVIC when setting virtual APIC mode (John Allen) [2117761]
- KVM: SVM: Refresh AVIC configuration when changing APIC mode (John Allen) [2117761]
- KVM: x86: Deactivate APICv on vCPU with APIC disabled (John Allen) [2117761]
- KVM: SVM: Adding support for configuring x2APIC MSRs interception (John Allen) [2117761]
- KVM: SVM: Do not support updating APIC ID when in x2APIC mode (John Allen) [2117761]
- KVM: SVM: Compute dest based on sender's x2APIC status for AVIC kick (John Allen) [2117761]
- KVM: SVM: Update avic_kick_target_vcpus to support 32-bit APIC ID (John Allen) [2117761]
- KVM: SVM: Update max number of vCPUs supported for x2AVIC mode (John Allen) [2117761]
- KVM: svm/avic: Drop "struct kvm_x86_ops" for avic_hardware_setup() (John Allen) [2117761]
- KVM: SVM: Detect X2APIC virtualization (x2AVIC) support (John Allen) [2117761]
- KVM: x86: lapic: Rename [GET/SET]_APIC_DEST_FIELD to [GET/SET]_XAPIC_DEST_FIELD (John Allen) [2117761]
- x86/cpufeatures: Introduce x2AVIC CPUID bit (John Allen) [2117761]
- KVM: x86: SVM: fix nested PAUSE filtering when L0 intercepts PAUSE (John Allen) [2117761]
- KVM: x86: nSVM: support PAUSE filtering when L0 doesn't intercept PAUSE (John Allen) [2117761]
- KVM: x86: SVM: drop preempt-safe wrappers for avic_vcpu_load/put (John Allen) [2117761]
- KVM: x86: disable preemption around the call to kvm_arch_vcpu_{un|}blocking (John Allen) [2117761]
- KVM: x86: disable preemption while updating apicv inhibition (John Allen) [2117761]
- KVM: SVM: Fix x2APIC Logical ID calculation for avic_kick_target_vcpus_fast (John Allen) [2117761]
- KVM: x86: SVM: fix avic_kick_target_vcpus_fast (John Allen) [2117761]
- KVM: SVM: Use target APIC ID to complete AVIC IRQs when possible (John Allen) [2117761]
- KVM: x86: SVM: remove avic's broken code that updated APIC ID (John Allen) [2117761]
- KVM: x86: inhibit APICv/AVIC on changes to APIC ID or APIC base (John Allen) [2117761]
- KVM: x86: document AVIC/APICv inhibit reasons (John Allen) [2117761]
- KVM: x86: SVM: allow AVIC to co-exist with a nested guest running (John Allen) [2117761]
- KVM: x86: allow per cpu apicv inhibit reasons (John Allen) [2117761]
- KVM: x86: SVM: allow to force AVIC to be enabled (John Allen) [2117761]
Resolves: rhbz#2117761, rhbz#2135881, rhbz#2156581, rhbz#2159583, rhbz#2165649, rhbz#2172142, rhbz#2177654, rhbz#2183047, rhbz#2185961, rhbz#2186521, rhbz#2190225, rhbz#2192308, rhbz#2192673, rhbz#2195844, rhbz#2196767, rhbz#2209645, rhbz#2212794, rhbz#2213644
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
|
||
|---|---|---|
| .gitignore | ||
| centossecureboot201.cer | ||
| centossecurebootca2.cer | ||
| check-kabi | ||
| cpupower.config | ||
| cpupower.service | ||
| filter-aarch64.sh | ||
| filter-modules.sh | ||
| filter-ppc64le.sh | ||
| filter-s390x.sh | ||
| filter-x86_64.sh | ||
| gating.yaml | ||
| generate_all_configs.sh | ||
| generate_bls_conf.sh | ||
| kernel-aarch64-debug.config | ||
| kernel-aarch64.config | ||
| kernel-ppc64le-debug.config | ||
| kernel-ppc64le.config | ||
| kernel-s390x-debug.config | ||
| kernel-s390x-zfcpdump.config | ||
| kernel-s390x.config | ||
| kernel-x86_64-debug.config | ||
| kernel-x86_64.config | ||
| kernel.spec | ||
| kvm_stat.logrotate | ||
| linux-kernel-test.patch | ||
| mod-blacklist.sh | ||
| mod-extra.list | ||
| mod-internal.list | ||
| mod-sign.sh | ||
| Module.kabi_aarch64 | ||
| Module.kabi_dup_aarch64 | ||
| Module.kabi_dup_ppc64le | ||
| Module.kabi_dup_s390x | ||
| Module.kabi_dup_x86_64 | ||
| Module.kabi_ppc64le | ||
| Module.kabi_s390x | ||
| Module.kabi_x86_64 | ||
| parallel_xz.sh | ||
| process_configs.sh | ||
| redhatsecureboot302.cer | ||
| redhatsecureboot303.cer | ||
| redhatsecureboot501.cer | ||
| redhatsecurebootca3.cer | ||
| redhatsecurebootca7.cer | ||
| rheldup3.x509 | ||
| rhelkpatch1.x509 | ||
| rpminspect.yaml | ||
| sources | ||
| x509.genkey | ||