rpms/kernel
7
2
Fork 4
Code Issues Pull Requests Releases Activity
f19ece1e8f
kernel/kernel.changelog
Patrick Talbert f19ece1e8f kernel-5.14.0-568.el9 
* Thu Feb 13 2025 Patrick Talbert <ptalbert@redhat.com> [5.14.0-568.el9]
- smb: client: get rid of kstrdup() in get_ses_refpath() (Paulo Alcantara) [RHEL-78655]
- smb: client: fix noisy when tree connecting to DFS interlink targets (Paulo Alcantara) [RHEL-78655]
- smb: client: don't trust DFSREF_STORAGE_SERVER bit (Paulo Alcantara) [RHEL-78655]
- cifs: Fix parsing native symlinks directory/file type (Paulo Alcantara) [RHEL-78655]
- cifs: Add support for creating WSL-style symlinks (Paulo Alcantara) [RHEL-78655]
- smb3: add support for IAKerb (Paulo Alcantara) [RHEL-78655]
- oid_registry: Add OIDs for missing Spnego auth mechanisms to Macs (Paulo Alcantara) [RHEL-78655]
- cifs: Fix struct FILE_ALL_INFO (Paulo Alcantara) [RHEL-78655]
- cifs: Add support for creating NFS-style symlinks (Paulo Alcantara) [RHEL-78655]
- cifs: Add support for creating native Windows sockets (Paulo Alcantara) [RHEL-78655]
- cifs: Add mount option -o reparse=none (Paulo Alcantara) [RHEL-78655]
- cifs: Add mount option -o symlink= for choosing symlink create type (Paulo Alcantara) [RHEL-78655]
- cifs: Fix creating and resolving absolute NT-style symlinks (Paulo Alcantara) [RHEL-78655]
- cifs: Simplify reparse point check in cifs_query_path_info() function (Paulo Alcantara) [RHEL-78655]
- cifs: Remove symlink member from cifs_open_info_data union (Paulo Alcantara) [RHEL-78655]
- cifs: Update description about ACL permissions (Paulo Alcantara) [RHEL-78655]
- cifs: Rename struct reparse_posix_data to reparse_nfs_data_buffer and move to common/smb2pdu.h (Paulo Alcantara) [RHEL-78655]
- cifs: Remove struct reparse_posix_data from struct cifs_open_info_data (Paulo Alcantara) [RHEL-78655]
- cifs: Remove unicode parameter from parse_reparse_point() function (Paulo Alcantara) [RHEL-78655]
- cifs: Fix getting and setting SACLs over SMB1 (Paulo Alcantara) [RHEL-78655]
- cifs: Remove intermediate object of failed create SFU call (Paulo Alcantara) [RHEL-78655]
- cifs: Validate EAs for WSL reparse points (Paulo Alcantara) [RHEL-78655]
- cifs: Change translation of STATUS_PRIVILEGE_NOT_HELD to -EPERM (Paulo Alcantara) [RHEL-78655]
- cifs: Change translation of STATUS_NOT_A_REPARSE_POINT to -ENODATA (Paulo Alcantara) [RHEL-78655]
- smb: client: handle lack of EA support in smb2_query_path_info() (Paulo Alcantara) [RHEL-78655]
- smb: client: don't check for @leaf_fullpath in match_server() (Paulo Alcantara) [RHEL-78655]
- smb: client: get rid of TCP_Server_Info::refpath_lock (Paulo Alcantara) [RHEL-78655]
- cifs: Remove duplicate struct reparse_symlink_data and SYMLINK_FLAG_RELATIVE (Paulo Alcantara) [RHEL-78655]
- cifs: Do not attempt to call CIFSGetSrvInodeNumber() without CAP_INFOLEVEL_PASSTHRU (Paulo Alcantara) [RHEL-78655]
- cifs: Do not attempt to call CIFSSMBRenameOpenFile() without CAP_INFOLEVEL_PASSTHRU (Paulo Alcantara) [RHEL-78655]
- cifs: Remove declaration of dead CIFSSMBQuerySymLink function (Paulo Alcantara) [RHEL-78655]
- cifs: Fix printing Status code into dmesg (Paulo Alcantara) [RHEL-78655]
- cifs: Add missing NT_STATUS_* codes from nterr.h to nterr.c (Paulo Alcantara) [RHEL-78655]
- cifs: Fix endian types in struct rfc1002_session_packet (Paulo Alcantara) [RHEL-78655]
- cifs: Use cifs_autodisable_serverino() for disabling CIFS_MOUNT_SERVER_INUM in readdir.c (Paulo Alcantara) [RHEL-78655]
- smb3: add missing tracepoint for querying wsl EAs (Paulo Alcantara) [RHEL-78655]
- smb: client: fix order of arguments of tracepoints (Paulo Alcantara) [RHEL-78655]
- smb: client: correctly handle ErrorContextData as a flexible array (Paulo Alcantara) [RHEL-78655]
- smb: client: don't retry DFS targets on server shutdown (Paulo Alcantara) [RHEL-78655]
- smb: client: fix return value of parse_dfs_referrals() (Paulo Alcantara) [RHEL-78655]
- smb: client: optimize referral walk on failed link targets (Paulo Alcantara) [RHEL-78655]
- smb: client: provide dns_resolve_{unc,name} helpers (Paulo Alcantara) [RHEL-78655]
- smb: client: parse DNS domain name from domain= option (Paulo Alcantara) [RHEL-78655]
- smb: client: fix DFS mount against old servers with NTLMSSP (Paulo Alcantara) [RHEL-78655]
- smb: client: parse av pair type 4 in CHALLENGE_MESSAGE (Paulo Alcantara) [RHEL-78655]
- smb: client: introduce av_for_each_entry() helper (Paulo Alcantara) [RHEL-78655]
- thermal/drivers/rcar_gen3: Update temperature approximation calculation (Radu Rendec) [RHEL-78506]
- thermal/drivers/rcar_gen3: Move Tj_T storage to shared private data (Radu Rendec) [RHEL-78506]
- pinctrl: renesas: rzn1: Fix possible null-ptr-deref in sh_pfc_map_resources() (Radu Rendec) [RHEL-78506]
- pinctrl: renesas: core: Fix possible null-ptr-deref in sh_pfc_map_resources() (Radu Rendec) [RHEL-78506]
- pinctrl: renesas: checker: Rework drive and bias pin iteration (Radu Rendec) [RHEL-78506]
- pinctrl: renesas: checker: Fix miscalculation of number of states (Radu Rendec) [RHEL-78506]
- i2c: rcar: fix NACK handling when being a target (Radu Rendec) [RHEL-78506]
- i2c: rcar: ensure Gen3+ reset does not disturb local targets (Radu Rendec) [RHEL-78506]
- i2c: rcar: clear NO_RXDMA flag after resetting (Radu Rendec) [RHEL-78506]
- i2c: rcar: bring hardware to known state when probing (Radu Rendec) [RHEL-78506]
- i2c: rcar: add FastMode+ support for Gen4 (Radu Rendec) [RHEL-78506]
- i2c: rcar: introduce Gen4 devices (Radu Rendec) [RHEL-78506]
- gpio: rcar: drop of_match_ptr for ID table (Radu Rendec) [RHEL-78506]
- clocksource/drivers/sh_tmu: Mark driver as non-removable (Radu Rendec) [RHEL-78506]
- clocksource/drivers/sh_cmt: Address race condition for clock events (Radu Rendec) [RHEL-78506]
- clocksource/drivers/sh_cmt: Mark driver as non-removable (Radu Rendec) [RHEL-78506]
- serial: sh-sci: Increment the runtime usage counter for the earlycon device (Jared Kangas) [RHEL-78246]
- serial: sh-sci: Clean sci_ports[0] after at earlycon exit (Jared Kangas) [RHEL-78246]
- serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is in use (Jared Kangas) [RHEL-78246]
- serial: sh-sci: Move runtime PM enable to sci_probe_single() (Jared Kangas) [RHEL-78246]
- serial: sh-sci: Drop __initdata macro for port_cfg (Jared Kangas) [RHEL-78246]
- serial: sh-sci: Use plain struct copy in early_console_setup() (Jared Kangas) [RHEL-78246]
- serial: sh-sci: simplify locking when re-issuing RXDMA fails (Jared Kangas) [RHEL-78246]
- serial: sh-sci: let timeout timer only run when DMA is scheduled (Jared Kangas) [RHEL-78246]
- serial: sh-sci: describe locking requirements for invalidating RXDMA (Jared Kangas) [RHEL-78246]
- serial: sh-sci: protect invalidating RXDMA on shutdown (Jared Kangas) [RHEL-78246]
- rxrpc: Don't need barrier for ->tx_bottom and ->acks_hard_ack (Marc Dionne) [RHEL-78217]
- rxrpc, afs: Fix peer hash locking vs RCU callback (Marc Dionne) [RHEL-78217]
- afs: Add more tracepoints to do with tracking validity (Marc Dionne) [RHEL-78217]
- netfs: Remove some extraneous directory invalidations (Marc Dionne) [RHEL-78217]
- afs: Fix the fallback handling for the YFS.RemoveFile2 RPC call (Marc Dionne) [RHEL-78217]
- afs: Add rootcell checks (Marc Dionne) [RHEL-78217]
- afs: Make /afs/.<cell> as well as /afs/<cell> mountpoints (Marc Dionne) [RHEL-78217]
- afs: Fix the maximum cell name length (Marc Dionne) [RHEL-78217] {CVE-2025-21646}
- afs: Fix cleanup of immediately failed async calls (Marc Dionne) [RHEL-78217]
- afs: Fix directory format encoding struct (Marc Dionne) [RHEL-78217]
- afs: Fix EEXIST error returned from afs_rmdir() to be ENOTEMPTY (Marc Dionne) [RHEL-78217]
- afs: Don't use mutex for I/O operation lock (Marc Dionne) [RHEL-78217]
- rxrpc: Use a large kvec[] in rxrpc_local rather than every rxrpc_txbuf (Marc Dionne) [RHEL-78217]
- rxrpc: Request an ACK on impending Tx stall (Marc Dionne) [RHEL-78217]
- rxrpc: Show stats counter for received reason-0 ACKs (Marc Dionne) [RHEL-78217]
- rxrpc: Don't set the MORE-PACKETS rxrpc wire header flag (Marc Dionne) [RHEL-78217]
- rxrpc: Clean up Tx header flags generation handling (Marc Dionne) [RHEL-78217]
- rxrpc: Fix handling of received connection abort (Marc Dionne) [RHEL-78217]
- rxrpc: Add a tracepoint for aborts being proposed (Marc Dionne) [RHEL-78217]
- afs: Fix missing subdir edit when renamed between parent dirs (Marc Dionne) [RHEL-78217]
- rxrpc: Fix uninitialised variable in rxrpc_send_data() (Marc Dionne) [RHEL-78217]
- afs: Fix the setting of the server responding flag (Marc Dionne) [RHEL-64506 RHEL-78217] {CVE-2024-49999}
- afs: Remove unused struct and function prototype (Marc Dionne) [RHEL-78217]
- afs: Fix possible infinite loop with unresponsive servers (Marc Dionne) [RHEL-78217]
- rxrpc: Remove unused function declarations (Marc Dionne) [RHEL-78217]
- afs: drop usage of folio_file_pos (Marc Dionne) [RHEL-78217]
- afs: Convert comma to semicolon (Marc Dionne) [RHEL-78217]
- afs: Add __counted_by for struct afs_acl and use struct_size() (Marc Dionne) [RHEL-78217]
- afs: move afs_xattr_handlers to .rodata (Marc Dionne) [RHEL-78217]
- afs: Annotate struct afs_permits with __counted_by (Marc Dionne) [RHEL-78217]
- afs: convert to ctime accessor functions (Marc Dionne) [RHEL-78217]
- afs: Don't use folio->private to record partial modification (Marc Dionne) [RHEL-78217]
- afs: Remove whitespace before most ')' from the trace header (Marc Dionne) [RHEL-78217]
- firmware: psci: Fix return value from psci_system_suspend() (Jared Kangas) [RHEL-78060]
- libperf cpumap: Grow array of read CPUs in smaller increments (Michael Petlan) [RHEL-71187]
- libperf cpumap: Remove perf_cpu_map__read() (Michael Petlan) [RHEL-71187]
- libperf cpumap: Remove use of perf_cpu_map__read() (Michael Petlan) [RHEL-71187]
- perf pmu: Remove use of perf_cpu_map__read() (Michael Petlan) [RHEL-71187]
- libperf cpumap: Be tolerant of newline at the end of a cpumask (Michael Petlan) [RHEL-71187]
- libperf cpumap: Hide/reduce scope of MAX_NR_CPUS (Michael Petlan) [RHEL-71187]
- perf cpumap: Reduce transitive dependencies on libperf MAX_NR_CPUS (Michael Petlan) [RHEL-71187]
- perf: Increase MAX_NR_CPUS to 4096 (Michael Petlan) [RHEL-71187]
- smb: client: fix oops due to unset link speed (Paulo Alcantara) [RHEL-74147]
- dev: Acquire netdev_rename_lock before restoring dev->name in dev_change_name(). (Toke Høiland-Jørgensen) [RHEL-77329]
- Enable CONFIG_INTEL_MEI_PXP and CONFIG_DRM_I915_PXP on rhel (David Arcari) [RHEL-77170]
- redhat/configs: disable CONFIG_INTEL_MEI_VSC_HW (David Arcari) [RHEL-77170]
- mei: vsc: Fix typo "maintstepping" -> "mainstepping" (David Arcari) [RHEL-77170]
- mei: vsc: Improve error logging in vsc_identify_silicon() (David Arcari) [RHEL-77170]
- mei: vsc: Do not re-enable interrupt from vsc_tp_reset() (David Arcari) [RHEL-77170]
- mei: clean pending read with vtag on bus (David Arcari) [RHEL-77170]
- mei: use kvmalloc for read buffer (David Arcari) [RHEL-77170]
- mei: bus: Reorganize kerneldoc parameter names (David Arcari) [RHEL-77170]
- finally take no_llseek out [partial] (David Arcari) [RHEL-77170]
- mei: vsc: Fix spelling error (David Arcari) [RHEL-77170]
- mei: vsc: Enhance SPI transfer of IVSC ROM (David Arcari) [RHEL-77170]
- mei: vsc: Utilize the appropriate byte order swap function (David Arcari) [RHEL-77170]
- mei: vsc: Prevent timeout error with added delay post-firmware download (David Arcari) [RHEL-77170]
- mei: vsc: Enhance IVSC chipset stability during warm reboot (David Arcari) [RHEL-77170]
- mei: bus-fixup: set timeout for MKHI send operations (David Arcari) [RHEL-77170]
- mei: vsc: Fix wrong invocation of ACPI SID method (David Arcari) [RHEL-77170]
- mei: vsc: Don't stop/restart mei device during system suspend/resume (David Arcari) [RHEL-77170]
- mei: me: release irq in mei_me_pci_resume error path (David Arcari) [RHEL-77170]
- mei: demote client disconnect warning on suspend to debug (David Arcari) [RHEL-77170]
- mei: pxp: match against PCI_CLASS_DISPLAY_OTHER (David Arcari) [RHEL-77170]
- mei: bus: constify the struct mei_cl_bus_type usage (David Arcari) [RHEL-77170]
- mei: vsc: Unregister interrupt handler for system suspend (David Arcari) [RHEL-77170]
- Revert "mei: vsc: Call wake_up() in the threaded IRQ handler" (David Arcari) [RHEL-77170]
- mei: Avoid a bunch of -Wflex-array-member-not-at-end warnings (David Arcari) [RHEL-77170]
- mei: gsc_proxy: match component when GSC is on different bus (David Arcari) [RHEL-77170]
- mei: vsc: Convert to platform remove callback returning void (David Arcari) [RHEL-77170]
- mei: vsc: Assign pinfo fields in variable declaration (David Arcari) [RHEL-77170]
- mei: vsc: Don't use sleeping condition in wait_event_timeout() (David Arcari) [RHEL-77170]
- mei: vsc: Call wake_up() in the threaded IRQ handler (David Arcari) [RHEL-77170]
- mei: me: remove unnecessary NULL pointer checks (David Arcari) [RHEL-77170]
- mei: txe: remove unnecessary NULL pointer checks (David Arcari) [RHEL-77170]
- mei: gsc: remove unnecessary NULL pointer checks (David Arcari) [RHEL-77170]
- mei: Add Meteor Lake support for IVSC device (David Arcari) [RHEL-77170]
- mei: pxp: add dependency on Xe driver (David Arcari) [RHEL-77170]
- mei: hdcp: add dependency on Xe driver (David Arcari) [RHEL-77170]
- mei: pxp: match without driver name (David Arcari) [RHEL-77170]
- mei: hdcp: match without driver name (David Arcari) [RHEL-77170]
- mei: gsc: add support for auxiliary device created by Xe driver (David Arcari) [RHEL-77170]
- mei: rework Kconfig dependencies (David Arcari) [RHEL-77170]
- mei: fix vsc dependency (David Arcari) [RHEL-77170]
- mei: vsc: Rework firmware image names (David Arcari) [RHEL-77170]
- mei: pxp: spdx should be at first line (David Arcari) [RHEL-77170]
- mei: Add MEI hardware support for IVSC device (David Arcari) [RHEL-77170]
- mei: Add transport driver for IVSC device (David Arcari) [RHEL-77170]
- misc: mei: client.c: fix problem of return '-EOVERFLOW' in mei_cl_write (David Arcari) [RHEL-77170]
- misc: mei: client.c: return negative error code in mei_cl_write (David Arcari) [RHEL-77170]
- mei: pxp: fix mei_pxp_send_message return value (David Arcari) [RHEL-77170]
- mei: me: emit error only if reset was unexpected (David Arcari) [RHEL-77170]
- misc: mei: main.c: fix kernel-doc warnings (David Arcari) [RHEL-77170]
- misc: mei: interrupt.c: fix kernel-doc warnings (David Arcari) [RHEL-77170]
- misc: mei: hw-me.c: fix kernel-doc warnings (David Arcari) [RHEL-77170]
- misc: mei: hbm.c: fix kernel-doc warnings (David Arcari) [RHEL-77170]
- misc: mei: dma-ring.c: fix kernel-doc warnings (David Arcari) [RHEL-77170]
- misc: mei: client.c: fix kernel-doc warnings (David Arcari) [RHEL-77170]
- misc: mei: hw.h: fix kernel-doc warnings (David Arcari) [RHEL-77170]
- mei: update mei-pxp's component interface with timeouts [partial] (David Arcari) [RHEL-77170]
- mei: pxp: re-enable client on errors (David Arcari) [RHEL-77170]
- mei: pxp: recover from recv fail under memory pressure (David Arcari) [RHEL-77170]
- mei: bus: add send and recv api with timeout (David Arcari) [RHEL-77170]
- mei: docs: fix spelling errors (David Arcari) [RHEL-77170]
- mei: docs: add missing entries to kdoc in struct mei_cfg_idx (David Arcari) [RHEL-77170]
- mei: docs: use correct structures name in kdoc (David Arcari) [RHEL-77170]
- mei: make mei_class a static const structure (David Arcari) [RHEL-77170]
- mei: gsc: add module description (David Arcari) [RHEL-77170]
- mei: pxp: Keep a const qualifier when calling mei_cldev_send() (David Arcari) [RHEL-77170]
- mei: obtain firmware version only on gsc. (David Arcari) [RHEL-77170]
- mei: bus: enable asynchronous suspend. (David Arcari) [RHEL-77170]
- mei: log firmware status on hw_start failure. (David Arcari) [RHEL-77170]
- drm/i915/hdcp: Move away from master naming to arbiter [partial] (David Arcari) [RHEL-77170]
- mei: bus-fixup: fix buffer type (David Arcari) [RHEL-77170]
- mei: bus: drop useless cldev null check (David Arcari) [RHEL-77170]
- virt: acrn: Mark the uuid field as unused (David Arcari) [RHEL-77170]
- mei: Move uuid.h to the MEI namespace (David Arcari) [RHEL-77170]
- drm/i915/hdcp: Refactor HDCP API structures [partial] (David Arcari) [RHEL-77170]
- uuid: remove licence boilerplate text from the header (David Arcari) [RHEL-77170]
- drm/i915/hdcp: Use generic names for HDCP helpers and structs [partial] (David Arcari) [RHEL-77170]
- mei: lower the log level for non-fatal failed messages (David Arcari) [RHEL-77170]
- mei: bus: disallow driver match while dismantling device (David Arcari) [RHEL-77170]
- mei: Move uuid_le_cmp() to its only user (David Arcari) [RHEL-77170]
- uuid: Decouple guid_t and uuid_le types and respective macros (David Arcari) [RHEL-77170]
- uuid: discourage people from using UAPI header in new code (David Arcari) [RHEL-77170]
- mei: mei-me: resume device in prepare (David Arcari) [RHEL-77170]
- mei: gsc: Remove redundant dev_err call (David Arcari) [RHEL-77170]
- mei: fix repeated words in comments (David Arcari) [RHEL-77170]
- misc: move from strlcpy with unused retval to strscpy [partial] (David Arcari) [RHEL-77170]
- sunrpc: simplify one-level sysctl registration for xs_tunables_table (Benjamin Coddington) [RHEL-73723]
- sunrpc: simplify one-level sysctl registration for xr_tunables_table (Benjamin Coddington) [RHEL-73723]
- sunrpc: move sunrpc_table and proc routines above (Benjamin Coddington) [RHEL-73723]
- SUNRPC: Silence compiler complaints about tautological comparisons (Benjamin Coddington) [RHEL-73723]
- SUNRPC: Revert e0a912e8ddba (Benjamin Coddington) [RHEL-73723]
- SUNRPC: Remove unused declarations (Benjamin Coddington) [RHEL-73723]
- sunrpc: Remove unused extern declarations (Benjamin Coddington) [RHEL-73723]
- SUNRPC: change svc_xprt::xpt_flags bits to enum (Benjamin Coddington) [RHEL-73723]
- SUNRPC: Remove unused declaration rpc_modcount() (Benjamin Coddington) [RHEL-73723]
- lockd: define nlm_port_min,max with CONFIG_SYSCTL (Benjamin Coddington) [RHEL-73723]
- nfs/blocklayout: Limit repeat device registration on failure (Benjamin Coddington) [RHEL-73723]
- nfs/blocklayout: Don't attempt unregister for invalid block device (Benjamin Coddington) [RHEL-73723]
- sunrpc: fix one UAF issue caused by sunrpc kernel tcp socket (Benjamin Coddington) [RHEL-73723]
- nfsd: fix refcount leak when file is unhashed after being found (Benjamin Coddington) [RHEL-73723]
- net: initialize net->notrefcnt_tracker earlier (Benjamin Coddington) [RHEL-73723]
- mptcp: fix tracking issue in mptcp_subflow_create_socket() (Benjamin Coddington) [RHEL-73723]
- net: add a refcount tracker for kernel sockets (Benjamin Coddington) [RHEL-73723]
- NFSD: Fix nfsd4_shutdown_copy() (Benjamin Coddington) [RHEL-73723]
- svcrdma: fix miss destroy percpu_counter in svc_rdma_proc_init() (Benjamin Coddington) [RHEL-73723]
- nfsd: Revert "nfsd: release svc_expkey/svc_export with rcu_work" (Benjamin Coddington) [RHEL-73723]
- nfsd: release svc_expkey/svc_export with rcu_work (Benjamin Coddington) [RHEL-73723]
- NFSD: Cap the number of bytes copied by nfs4_reset_recoverydir() (Benjamin Coddington) [RHEL-73723]
- nfsd: restore callback functionality for NFSv4.0 (Benjamin Coddington) [RHEL-73723]
- NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (Benjamin Coddington) [RHEL-73723]
- NFSD: Remove a never-true comparison (Benjamin Coddington) [RHEL-73723]
- Revert "nfs: don't reuse partially completed requests in nfs_lock_and_join_requests" (Benjamin Coddington) [RHEL-73723]
- nfsd: drop inode parameter from nfsd4_change_attribute() (Benjamin Coddington) [RHEL-73723]
- svcrdma: Address an integer overflow (Benjamin Coddington) [RHEL-73723]
- nfs: avoid i_lock contention in nfs_clear_invalid_mapping (Benjamin Coddington) [RHEL-73723]
- nfs: Fix KMSAN warning in decode_getfattr_attrs() (Benjamin Coddington) [RHEL-73723]
- NFSv3: only use NFS timeout for MOUNT when protocols are compatible (Benjamin Coddington) [RHEL-73723]
- sunrpc: handle -ENOTCONN in xs_tcp_setup_socket() (Benjamin Coddington) [RHEL-73723]
- SUNRPC: Fix integer overflow in decode_rc_list() (Benjamin Coddington) [RHEL-73723]
- SUNRPC: clnt.c: Remove misleading comment (Benjamin Coddington) [RHEL-73723]
- nfs: fix memory leak in error path of nfs4_do_reclaim (Benjamin Coddington) [RHEL-73723]
- nfsd: nfsd_destroy_serv() must call svc_destroy() even if nfsd_startup_net() failed (Benjamin Coddington) [RHEL-73723]
- NFSD: Mark filecache "down" if init fails (Benjamin Coddington) [RHEL-73723]
- nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (Benjamin Coddington) [RHEL-73723]
- NFSD: Fix NFSv4's PUTPUBFH operation (Benjamin Coddington) [RHEL-73723]
- nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire (Benjamin Coddington) [RHEL-73723]
- Revert "net/tls: fix tls_sk_proto_close executed repeatedly" (Benjamin Coddington) [RHEL-73723]
- net/tls: fix tls_sk_proto_close executed repeatedly (Benjamin Coddington) [RHEL-73723]
- hugetlb: prioritize surplus allocation from current node (Aristeu Rozanski) [RHEL-68966]
- net: tun: call napi_schedule_prep() to ensure we own a napi (Jared Kangas) [RHEL-76236]
- net: tun: Fix memory leaks of napi_get_frags (Jared Kangas) [RHEL-76236]
- virtio-net: fix overflow inside virtnet_rq_alloc (Jon Maloy) [RHEL-73638] {CVE-2024-57843}
- RDMA/uverbs: Prevent integer overflow issue (CKI Backport Bot) [RHEL-74224] {CVE-2024-57890}
- EDAC/igen6: Add Intel Arrow Lake-U/H SoCs support (Joel Savitz) [RHEL-33317 RHEL-52289]
- EDAC/bluefield: Fix potential integer overflow (Aristeu Rozanski) [RHEL-72108] {CVE-2024-53161}
- virtio/vsock: Improve MSG_ZEROCOPY error handling (Jon Maloy) [RHEL-69661] {CVE-2024-53117}
- vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (Jon Maloy) [RHEL-68028] {CVE-2024-50264}
- powerpc/boot: Fix incorrect version calculation issue in ld_version (Waiman Long) [RHEL-68367]
- powerpc: suppress some linker warnings in recent linker versions (Waiman Long) [RHEL-68367]
- Makefile: link with -z noexecstack --no-warn-rwx-segments (Waiman Long) [RHEL-68367]
- fs: Fix file_set_fowner LSM hook inconsistencies (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Add layout1.refer_mount_root (Ryan Sullivan) [RHEL-8810]
- fs/ioctl: Add a comment to keep the logic in sync with LSM policies (Ryan Sullivan) [RHEL-8810]
- landlock: Document IOCTL support (Ryan Sullivan) [RHEL-8810]
- samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL_DEV (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Exhaustive test for the IOCTL allow-list (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Check IOCTL restrictions for named UNIX domain sockets (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Test IOCTLs on named pipes (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH) (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Test IOCTL with memfds (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Test IOCTL support (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Add cred_transfer test (Ryan Sullivan) [RHEL-8810]
- landlock: Don't lose track of restrictions on cred_transfer (Ryan Sullivan) [RHEL-8810]
- Enable CONFIG_SECURITY_LANDLOCK for RHEL (Ryan Sullivan) [RHEL-8810]
- selftests/harness: Handle TEST_F()'s explicit exit codes (Ryan Sullivan) [RHEL-8810]
- selftests/harness: Fix tests timeout and race condition (Ryan Sullivan) [RHEL-8810]
- selftests/harness: Fix vfork() side effects (Ryan Sullivan) [RHEL-8810]
- selinux: Fix error priority for bind with AF_UNSPEC on PF_INET6 socket (Ryan Sullivan) [RHEL-8810]
- samples/landlock: Fix port parsing in sandboxer (Ryan Sullivan) [RHEL-8810]
- landlock: Fix d_parent walk (Ryan Sullivan) [RHEL-8810]
- hostfs: fix dev_t handling (Ryan Sullivan) [RHEL-8810]
- selftests/harness: Fix fixture teardown (Ryan Sullivan) [RHEL-8810]
- selftests/harness: Fix interleaved scheduling leading to race conditions (Ryan Sullivan) [RHEL-8810]
- selftests/harness: Prevent infinite loop due to Assert in FIXTURE_TEARDOWN (Ryan Sullivan) [RHEL-8810]
- selftests/harness: Share _metadata between forked processes (Ryan Sullivan) [RHEL-8810]
- landlock: Add IOCTL access right for character and block devices (Ryan Sullivan) [RHEL-8810]
- samples/landlock: Fix incorrect free in populate_ruleset_net (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Do not allocate memory in fixture data (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Fix FS tests when run on a private mount point (Ryan Sullivan) [RHEL-8810]
- fs: Return ENOTTY directly if FS_IOC_GETUUID or FS_IOC_GETFSSYSFSPATH fail (Ryan Sullivan) [RHEL-8810]
- samples/landlock: Don't error out if a file path cannot be opened (Ryan Sullivan) [RHEL-8810]
- landlock: Use f_cred in security_file_open() hook (Ryan Sullivan) [RHEL-8810]
- landlock: Rename "ptrace" files to "task" (Ryan Sullivan) [RHEL-8810]
- landlock: Simplify current_check_access_socket() (Ryan Sullivan) [RHEL-8810]
- landlock: Warn once if a Landlock action is requested while disabled (Ryan Sullivan) [RHEL-8810]
- landlock: Extend documentation for kernel support (Ryan Sullivan) [RHEL-8810]
- landlock: Add support for KUnit tests (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Clean up error logs related to capabilities (Ryan Sullivan) [RHEL-8810]
- selftests/harness: Fix TEST_F()'s vfork handling (Ryan Sullivan) [RHEL-8810]
- selftests: kselftest_harness: use exit code to store skip (Ryan Sullivan) [RHEL-8810]
- selftests: kselftest_harness: save full exit code in metadata (Jakub Kicinski) [RHEL-8810]
- selftests/harness: Merge TEST_F_FORK() into TEST_F() (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Redefine TEST_F() as TEST_F_FORK() (Ryan Sullivan) [RHEL-8810]
- fs: add FS_IOC_GETFSSYSFSPATH (Ryan Sullivan) [RHEL-8810]
- fs: super_set_uuid() (Ryan Sullivan) [RHEL-8810]
- kernfs: attach uuid for every kernfs and report it in fsid (Ryan Sullivan) [RHEL-8810]
- fs: FS_IOC_GETUUID (Ryan Sullivan) [RHEL-8810]
- landlock: Fix asymmetric private inodes referring (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Fix fs_test build with old libc (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Fix net_test build with old libc (Ryan Sullivan) [RHEL-8810]
- landlock: Optimize the number of calls to get_access_mask slightly (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Rename "permitted" to "allowed" in ftruncate tests (Ryan Sullivan) [RHEL-8810]
- landlock: Remove remaining "inline" modifiers in .c files [v6.6] (Ryan Sullivan) [RHEL-8810]
- landlock: Remove remaining "inline" modifiers in .c files [v6.1] (Ryan Sullivan) [RHEL-8810]
- landlock: Remove remaining "inline" modifiers in .c files [v5.15] (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Add tests to check unhandled rule's access rights (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Add tests to check unknown rule's access rights (Ryan Sullivan) [RHEL-8810]
- lsm: new security_file_ioctl_compat() hook (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Fix capability for net_test (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Add tests for FS topology changes with network rules (Ryan Sullivan) [RHEL-8810]
- landlock: Document network support (Ryan Sullivan) [RHEL-8810]
- samples/landlock: Support TCP restrictions (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Add network tests (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Share enforce_ruleset() helper (Ryan Sullivan) [RHEL-8810]
- landlock: Support network rules with TCP bind and connect (Ryan Sullivan) [RHEL-8810]
- hostfs: Fix ephemeral inodes (Ryan Sullivan) [RHEL-8810]
- landlock: Refactor landlock_add_rule() syscall (Ryan Sullivan) [RHEL-8810]
- landlock: Refactor layer helpers (Ryan Sullivan) [RHEL-8810]
- landlock: Move and rename layer helpers (Ryan Sullivan) [RHEL-8810]
- landlock: Refactor merge/inherit_ruleset helpers (Ryan Sullivan) [RHEL-8810]
- landlock: Refactor landlock_find_rule/insert_rule helpers (Ryan Sullivan) [RHEL-8810]
- landlock: Allow FS topology changes for domains without such rule type (Ryan Sullivan) [RHEL-8810]
- landlock: Make ruleset's access masks more generic (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Fix a resource leak (Ryan Sullivan) [RHEL-8810]
- landlock: Annotate struct landlock_rule with __counted_by (Ryan Sullivan) [RHEL-8810]
- security: Create file_truncate hook from path_truncate hook (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Add hostfs tests (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Add tests for pseudo filesystems (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Make mounts configurable (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Add supports_filesystem() helper (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Don't create useless file layouts (Ryan Sullivan) [RHEL-8810]
- landlock: Clarify documentation for the LANDLOCK_ACCESS_FS_REFER right (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Test ptrace as much as possible with Yama (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Skip overlayfs tests when not supported (Ryan Sullivan) [RHEL-8810]
- landlock: Explain file descriptor access rights (Ryan Sullivan) [RHEL-8810]
- samples/landlock: Document best-effort approach for LANDLOCK_ACCESS_FS_REFER (Ryan Sullivan) [RHEL-8810]
- landlock: Document Landlock's file truncation support (Ryan Sullivan) [RHEL-8810]
- samples/landlock: Extend sample tool to support LANDLOCK_ACCESS_FS_TRUNCATE (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Test ftruncate on FDs created by memfd_create(2) (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Test FD passing from restricted to unrestricted processes (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Locally define __maybe_unused (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Test open() and ftruncate() in multiple scenarios (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Test file truncation support (Ryan Sullivan) [RHEL-8810]
- landlock: Support file truncation (Ryan Sullivan) [RHEL-8810]
- landlock: Document init_layer_masks() helper (Ryan Sullivan) [RHEL-8810]
- landlock: Refactor check_access_path_dual() into is_access_to_paths_allowed() (Ryan Sullivan) [RHEL-8810]
- landlock: Fix documentation style (Ryan Sullivan) [RHEL-8810]
- landlock: Slightly improve documentation and fix spelling (Ryan Sullivan) [RHEL-8810]
- samples/landlock: Print hints about ABI versions (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Fix out-of-tree builds (Ryan Sullivan) [RHEL-8810]
- landlock: Fix file reparenting without explicit LANDLOCK_ACCESS_FS_REFER (Ryan Sullivan) [RHEL-8810]
- landlock: Explain how to support Landlock (Ryan Sullivan) [RHEL-8810]
- landlock: Add design choices documentation for filesystem access rights (Ryan Sullivan) [RHEL-8810]
- landlock: Document good practices about filesystem policies (Ryan Sullivan) [RHEL-8810]
- landlock: Document LANDLOCK_ACCESS_FS_REFER and ABI versioning (Ryan Sullivan) [RHEL-8810]
- samples/landlock: Add support for file reparenting (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Add 11 new test suites dedicated to file reparenting (Ryan Sullivan) [RHEL-8810]
- landlock: Add support for file reparenting with LANDLOCK_ACCESS_FS_REFER (Ryan Sullivan) [RHEL-8810]
- landlock: Move filesystem helpers and add a new one (Ryan Sullivan) [RHEL-8810]
- landlock: Fix same-layer rule unions (Ryan Sullivan) [RHEL-8810]
- landlock: Create find_rule() from unmask_layers() (Ryan Sullivan) [RHEL-8810]
- landlock: Reduce the maximum number of layers to 16 (Ryan Sullivan) [RHEL-8810]
- landlock: Define access_mask_t to enforce a consistent access mask size (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Test landlock_create_ruleset(2) argument check ordering (Ryan Sullivan) [RHEL-8810]
- landlock: Change landlock_restrict_self(2) check ordering (Ryan Sullivan) [RHEL-8810]
- landlock: Change landlock_add_rule(2) argument check ordering (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Add tests for O_PATH (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Fully test file rename with "remove" access (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Extend access right tests to directories (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Add tests for unknown access rights (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Extend tests for minimal valid attribute size (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Make tests build with old libc (Ryan Sullivan) [RHEL-8810]
- landlock: Fix landlock_add_rule(2) documentation (Ryan Sullivan) [RHEL-8810]
- samples/landlock: Format with clang-format (Ryan Sullivan) [RHEL-8810]
- samples/landlock: Add clang-format exceptions (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Format with clang-format (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Normalize array assignment (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: Add clang-format exceptions (Ryan Sullivan) [RHEL-8810]
- landlock: Add clang-format exceptions (Ryan Sullivan) [RHEL-8810]
- fs: fix an infinite loop in iomap_fiemap (Ryan Sullivan) [RHEL-8810]
- landlock: Use square brackets around "landlock-ruleset" (Ryan Sullivan) [RHEL-8810]
- samples/landlock: Fix path_list memory leak (Ryan Sullivan) [RHEL-8810]
- fs/ioctl: remove unnecessary __user annotation (Ryan Sullivan) [RHEL-8810]
- selftests/landlock: remove ARRAY_SIZE define from common.h (Ryan Sullivan) [RHEL-8810]
- fs: forbid invalid project ID (Ryan Sullivan) [RHEL-8810]
- fs: remove generic_block_fiemap (Ryan Sullivan) [RHEL-8810]
Resolves: RHEL-33317, RHEL-52289, RHEL-64506, RHEL-68028, RHEL-68367, RHEL-68966, RHEL-69661, RHEL-71187, RHEL-72108, RHEL-73638, RHEL-73723, RHEL-74147, RHEL-74224, RHEL-76236, RHEL-77170, RHEL-77329, RHEL-78060, RHEL-78217, RHEL-78246, RHEL-78506, RHEL-78655, RHEL-8810

Signed-off-by: Patrick Talbert <ptalbert@redhat.com>
2025-02-13 02:36:10 -05:00

10 MiB
Raw Blame History

The file is too large to be shown. View Raw