The Linux kernel
fb5e29ef17
* Mon Apr 11 2022 Patrick Talbert <ptalbert@redhat.com> [5.14.0-78.el9] - CI: Remove deprecated option (Veronika Kabatova) - scsi: iscsi: Fix nop handling during conn recovery (Chris Leech) [2069973] - scsi: iscsi: Merge suspend fields (Chris Leech) [2069973] - scsi: iscsi: Fix offload conn cleanup when iscsid restarts (Chris Leech) [2069973] - scsi: iscsi: Move iscsi_ep_disconnect (Chris Leech) [2069973] - NFS: Don't loop forever in nfs_do_recoalesce() (Steve Dickson) [2069274] - perf/x86/intel/uncore: Make uncore_discovery clean for 64 bit addresses (Michael Petlan) [2069686] - KVM: SVM: Allow AVIC support on system w/ physical APIC ID > 255 (Bandan Das) [2033070] - iommu/amd: Fix I/O page table memory leak (Jerry Snitselaar) [2053219] - iommu/amd: Recover from event log overflow (Jerry Snitselaar) [2053219] - redhat/configs: drop some config options for rhel 9. (David Airlie) [2067027] - arm64: proton-pack: Include unprivileged eBPF status in Spectre v2 mitigation reporting (Waiman Long) [2062288] {CVE-2022-23960} - arm64: Use the clearbhb instruction in mitigations (Waiman Long) [2062288] {CVE-2022-23960} - KVM: arm64: Allow SMCCC_ARCH_WORKAROUND_3 to be discovered and migrated (Waiman Long) [2062288] {CVE-2022-23960} - arm64: Mitigate spectre style branch history side channels (Waiman Long) [2062288] {CVE-2022-23960} - arm64: proton-pack: Report Spectre-BHB vulnerabilities as part of Spectre-v2 (Waiman Long) [2062288] {CVE-2022-23960} - arm64: Add percpu vectors for EL1 (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Add macro for reading symbol addresses from the trampoline (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Add vectors that have the bhb mitigation sequences (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Add non-kpti __bp_harden_el1_vectors for mitigations (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Allow the trampoline text to occupy multiple pages (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Make the kpti trampoline's kpti sequence optional (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Move trampoline macros out of ifdef'd section (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Don't assume tramp_vectors is the start of the vectors (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Allow tramp_alias to access symbols after the 4K boundary (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Move the trampoline data page before the text page (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Free up another register on kpti's tramp_exit path (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry: Make the trampoline cleanup optional (Waiman Long) [2062288] {CVE-2022-23960} - KVM: arm64: Allow indirect vectors to be used without SPECTRE_V3A (Waiman Long) [2062288] {CVE-2022-23960} - arm64: spectre: Rename spectre_v4_patch_fw_mitigation_conduit (Waiman Long) [2062288] {CVE-2022-23960} - arm64: entry.S: Add ventry overflow sanity checks (Waiman Long) [2062288] {CVE-2022-23960} - arm64: Add Cortex-A510 CPU part definition (Waiman Long) [2062288] {CVE-2022-23960} - arm64: Add Cortex-X2 CPU part definition (Waiman Long) [2062288] {CVE-2022-23960} - arm64: cpufeature: add HWCAP for FEAT_RPRES (Waiman Long) [2062288] {CVE-2022-23960} - arm64: add ID_AA64ISAR2_EL1 sys register (Waiman Long) [2062288] {CVE-2022-23960} - arm64: cpufeature: add HWCAP for FEAT_AFP (Waiman Long) [2062288] {CVE-2022-23960} - arm64: Add Neoverse-N2, Cortex-A710 CPU part definition (Waiman Long) [2062288] {CVE-2022-23960} - arm64: Add HWCAP for self-synchronising virtual counter (Waiman Long) [2062288] {CVE-2022-23960} - iommu/vt-d: Fix double list_add when enabling VMD in scalable mode (Jerry Snitselaar) [2061621] - redhat/configs: remove unnecessary GPIO options for aarch64 (Brian Masney) [2060951] - redhat/configs: remove viperboard related Kconfig options (Brian Masney) [2060951] - configs: enable CONFIG_RMI4_F3A (Benjamin Tissoires) [2067243] - block: release rq qos structures for queue without disk (Ming Lei) [2065610] - fuse: fix pipe buffer lifetime for direct_io (Miklos Szeredi) [2064862] {CVE-2022-1011} - crypto: hmac - disallow keys < 112 bits in FIPS mode (Herbert Xu) [2033512] - crypto: hmac - add fips_skip support (Herbert Xu) [2033512] - crypto: des - disallow des3 in FIPS mode (Herbert Xu) [2033512] - crypto: dh - limit key size to 2048 in FIPS mode (Herbert Xu) [2033512] - crypto: rsa - limit key size to 2048 in FIPS mode (Herbert Xu) [2033512] - watch_queue: Make comment about setting ->defunct more accurate (David Howells) [2063758] - watch_queue: Fix lack of barrier/sync/lock between post and read (David Howells) [2063758] - watch_queue: Free the alloc bitmap when the watch_queue is torn down (David Howells) [2063758] - watch_queue: Fix the alloc bitmap size to reflect notes allocated (David Howells) [2063758] - watch_queue: Use the bitmap API when applicable (David Howells) [2063758] - watch_queue: Fix to always request a pow-of-2 pipe ring size (David Howells) [2063758] - watch_queue: Fix to release page in ->release() (David Howells) [2063758] - watch_queue, pipe: Free watchqueue state after clearing pipe ring (David Howells) [2063758] - watch_queue: Fix filter limit check (David Howells) [2063758] {CVE-2022-0995} - s390/mm: check 2KB-fragment page on release (Rafael Aquini) [2069978] - s390/mm: better annotate 2KB pagetable fragments handling (Rafael Aquini) [2069978] - s390/mm: fix 2KB pgtable release race (Rafael Aquini) [2069978] - ima: fix deadlock when traversing "ima_default_rules". (Bruno Meneguele) [2063913] - IMA: prevent SETXATTR_CHECK policy rules with unavailable algorithms (Bruno Meneguele) [2063913] - IMA: introduce a new policy option func=SETXATTR_CHECK (Bruno Meneguele) [2063913] - IMA: add a policy option to restrict xattr hash algorithms on appraisal (Bruno Meneguele) [2063913] - IMA: add support to restrict the hash algorithms used for file appraisal (Bruno Meneguele) [2063913] - IMA: block writes of the security.ima xattr with unsupported algorithms (Bruno Meneguele) [2063913] - IMA: remove the dependency on CRYPTO_MD5 (Bruno Meneguele) [2063913] - perf symbols: Fix symbol size calculation condition (Michael Petlan) [2049222] - redhat/Makefile: Fix dist-dump-variables target (Prarit Bhargava) - redhat/configs/process_configs.sh: Avoid race with find (Prarit Bhargava) - redhat/configs/process_configs.sh: Remove CONTINUEONERROR (Prarit Bhargava) - redhat/configs/process_configs.sh: Fix race with tools generation (Prarit Bhargava) - redhat/Makefile: Silence dist-clean-configs output (Prarit Bhargava) - Print arch with process_configs errors (Prarit Bhargava) - Pass RHJOBS to process_configs for dist-configs-check as well (Prarit Bhargava) - redhat/configs/process_configs.sh: Fix issue with old error files (Prarit Bhargava) - redhat/configs/build_configs.sh: Parallelize execution (Prarit Bhargava) - redhat/configs/build_configs.sh: Provide better messages (Prarit Bhargava) - redhat/configs/build_configs.sh: Create unique output files (Prarit Bhargava) - redhat/configs/build_configs.sh: Add local variables (Prarit Bhargava) - redhat/configs/process_configs.sh: Parallelize execution (Prarit Bhargava) - redhat/configs/process_configs.sh: Provide better messages (Prarit Bhargava) - redhat/configs/process_configs.sh: Create unique output files (Prarit Bhargava) - redhat/configs/process_configs.sh: Add processing config function (Prarit Bhargava) - cifs: modefromsids must add an ACE for authenticated users (Ronnie Sahlberg) [1988278] Resolves: rhbz#1988278, rhbz#2049222, rhbz#2063913, rhbz#2069978 Signed-off-by: Patrick Talbert <ptalbert@redhat.com> |
||
---|---|---|
.gitignore | ||
check-kabi | ||
cpupower.config | ||
cpupower.service | ||
filter-aarch64.sh.rhel | ||
filter-armv7hl.sh.rhel | ||
filter-i686.sh.rhel | ||
filter-modules.sh.rhel | ||
filter-ppc64le.sh.rhel | ||
filter-s390x.sh.rhel | ||
filter-x86_64.sh.rhel | ||
gating.yaml | ||
generate_all_configs.sh | ||
kernel-aarch64-debug-rhel.config | ||
kernel-aarch64-rhel.config | ||
kernel-local | ||
kernel-ppc64le-debug-rhel.config | ||
kernel-ppc64le-rhel.config | ||
kernel-s390x-debug-rhel.config | ||
kernel-s390x-rhel.config | ||
kernel-s390x-zfcpdump-rhel.config | ||
kernel-x86_64-debug-rhel.config | ||
kernel-x86_64-rhel.config | ||
kernel.spec | ||
kvm_stat.logrotate | ||
linux-kernel-test.patch | ||
Makefile.rhelver | ||
merge.pl | ||
mod-denylist.sh | ||
mod-extra.list.rhel | ||
mod-internal.list | ||
mod-sign.sh | ||
Module.kabi_aarch64 | ||
Module.kabi_dup_aarch64 | ||
Module.kabi_dup_ppc64le | ||
Module.kabi_dup_s390x | ||
Module.kabi_dup_x86_64 | ||
Module.kabi_ppc64le | ||
Module.kabi_s390x | ||
Module.kabi_x86_64 | ||
parallel_xz.sh | ||
partial-kgcov-snip.config | ||
patch-5.14.0-redhat.patch | ||
process_configs.sh | ||
README.rst | ||
rheldup3.x509 | ||
rhelkpatch1.x509 | ||
rpminspect.yaml | ||
sources | ||
update_scripts.sh | ||
x509.genkey.centos | ||
x509.genkey.rhel |
=================== The Kernel dist-git =================== The kernel is maintained in a `source tree`_ rather than directly in dist-git. The specfile is maintained as a `template`_ in the source tree along with a set of build scripts to generate configurations, (S)RPMs, and to populate the dist-git repository. The `documentation`_ for the source tree covers how to contribute and maintain the tree. If you're looking for the downstream patch set it's available in the source tree with "git log master..ark-patches" or `online`_. Each release in dist-git is tagged in the source repository so you can easily check out the source tree for a build. The tags are in the format name-version-release, but note release doesn't contain the dist tag since the source can be built in different build roots (Fedora, CentOS, etc.) .. _source tree: https://gitlab.com/cki-project/kernel-ark.git .. _template: https://gitlab.com/cki-project/kernel-ark/-/blob/os-build/redhat/kernel.spec.template .. _documentation: https://gitlab.com/cki-project/kernel-ark/-/wikis/home .. _online: https://gitlab.com/cki-project/kernel-ark/-/commits/ark-patches