From 5bfa3a6f3cf735263d5bec42c63136061806154e Mon Sep 17 00:00:00 2001 From: "Herton R. Krzesinski" Date: Wed, 9 Aug 2023 16:47:19 +0000 Subject: [PATCH] kernel-5.14.0-353.el9 * Wed Aug 09 2023 Herton R. Krzesinski [5.14.0-353.el9] - libceph: fix potential hang in ceph_osdc_notify() (Ilya Dryomov) [2229303] - rbd: prevent busy loop when requesting exclusive lock (Ilya Dryomov) [2229303] - rbd: retrieve and check lock owner twice before blocklisting (Ilya Dryomov) [2229303] - rbd: harden get_lock_owner_info() a bit (Ilya Dryomov) [2229303] - rbd: make get_lock_owner_info() return a single locker or NULL (Ilya Dryomov) [2229303] - Description: Turn on Tegra234 Pinctrl Driver (Joel Slebodnick) [2222432] - pinctrl: tegra: avoid duplicate field initializers (Joel Slebodnick) [2222432] - pinctrl: tegra: Add Tegra234 pinmux driver (Joel Slebodnick) [2222432] - pinctrl: tegra: Consistently refer to SoC data (Joel Slebodnick) [2222432] - pinctrl: tegra: Duplicate pinmux functions table (Joel Slebodnick) [2222432] - KEYS: use kfree_sensitive with key (Vladis Dronov) [2223719] - virtio_transport: temporarily do not depend on ANY_LAYOUT support (Paolo Bonzini) [2227177] - i40e: Wait for pending VF reset in VF set callbacks (Ivan Vecera) [2215498] - i40e: Add helper for VF inited state check with timeout (Ivan Vecera) [2215498] - ipv6: fix locking issues with loops over idev->addr_list (Jiri Benc) [2226678] - tcp: Reduce chance of collisions in inet6_hashfn(). (Felix Maurer) [2176117] {CVE-2023-1206} - VMCI: Use threaded irqs instead of tasklets (Ani Sinha) [2217459] - ipv4: Fix potential uninit variable access bug in __ip_make_skb() (Guillaume Nault) [2221167] - tcp: restrict net.ipv4.tcp_app_win (Guillaume Nault) [2221167] - ping: Fix potentail NULL deref for /proc/net/icmp. (Guillaume Nault) [2221167] - raw: Fix NULL deref in raw_get_next(). (Guillaume Nault) [2221167] - icmp: guard against too small mtu (Guillaume Nault) [2221167] - raw: use net_hash_mix() in hash function (Guillaume Nault) [2221167] - netfilter: nf_tables: can't schedule in nft_chain_validate (Florian Westphal) [2219421] - netfilter: nf_tables: fix scheduling-while-atomic splat (Florian Westphal) [2219421] - netfilter: nf_tables: add rescheduling points during loop detection walks (Florian Westphal) [2219421] Resolves: rhbz#2176117, rhbz#2215498, rhbz#2217459, rhbz#2219421, rhbz#2221167, rhbz#2222432, rhbz#2223719, rhbz#2226678, rhbz#2227177, rhbz#2229303 Signed-off-by: Herton R. Krzesinski --- Makefile.rhelver | 2 +- kernel-aarch64-64k-debug-rhel.config | 1 + kernel-aarch64-64k-rhel.config | 1 + kernel-aarch64-debug-rhel.config | 1 + kernel-aarch64-rhel.config | 1 + kernel-aarch64-rt-debug-rhel.config | 1 + kernel-aarch64-rt-rhel.config | 1 + kernel.spec | 36 ++++++++++++++++++++++++---- sources | 6 ++--- 9 files changed, 42 insertions(+), 8 deletions(-) diff --git a/Makefile.rhelver b/Makefile.rhelver index 4df83e5..cf48f14 100644 --- a/Makefile.rhelver +++ b/Makefile.rhelver @@ -12,7 +12,7 @@ RHEL_MINOR = 3 # # Use this spot to avoid future merge conflicts. # Do not trim this comment. -RHEL_RELEASE = 352 +RHEL_RELEASE = 353 # # ZSTREAM diff --git a/kernel-aarch64-64k-debug-rhel.config b/kernel-aarch64-64k-debug-rhel.config index f2a32d0..815bc8b 100644 --- a/kernel-aarch64-64k-debug-rhel.config +++ b/kernel-aarch64-64k-debug-rhel.config @@ -4322,6 +4322,7 @@ CONFIG_PINCTRL_MAX77620=y # CONFIG_PINCTRL_SM8450 is not set # CONFIG_PINCTRL_STMFX is not set # CONFIG_PINCTRL_SX150X is not set +CONFIG_PINCTRL_TEGRA234=y CONFIG_PINCTRL=y # CONFIG_PING is not set # CONFIG_PKCS7_TEST_KEY is not set diff --git a/kernel-aarch64-64k-rhel.config b/kernel-aarch64-64k-rhel.config index 81e5163..2adeaf6 100644 --- a/kernel-aarch64-64k-rhel.config +++ b/kernel-aarch64-64k-rhel.config @@ -4300,6 +4300,7 @@ CONFIG_PINCTRL_MAX77620=y # CONFIG_PINCTRL_SM8450 is not set # CONFIG_PINCTRL_STMFX is not set # CONFIG_PINCTRL_SX150X is not set +CONFIG_PINCTRL_TEGRA234=y CONFIG_PINCTRL=y # CONFIG_PING is not set # CONFIG_PKCS7_TEST_KEY is not set diff --git a/kernel-aarch64-debug-rhel.config b/kernel-aarch64-debug-rhel.config index 155fb8f..6474633 100644 --- a/kernel-aarch64-debug-rhel.config +++ b/kernel-aarch64-debug-rhel.config @@ -4319,6 +4319,7 @@ CONFIG_PINCTRL_MAX77620=y # CONFIG_PINCTRL_SM8450 is not set # CONFIG_PINCTRL_STMFX is not set # CONFIG_PINCTRL_SX150X is not set +CONFIG_PINCTRL_TEGRA234=y CONFIG_PINCTRL=y # CONFIG_PING is not set # CONFIG_PKCS7_TEST_KEY is not set diff --git a/kernel-aarch64-rhel.config b/kernel-aarch64-rhel.config index 4577b9d..57f401b 100644 --- a/kernel-aarch64-rhel.config +++ b/kernel-aarch64-rhel.config @@ -4297,6 +4297,7 @@ CONFIG_PINCTRL_MAX77620=y # CONFIG_PINCTRL_SM8450 is not set # CONFIG_PINCTRL_STMFX is not set # CONFIG_PINCTRL_SX150X is not set +CONFIG_PINCTRL_TEGRA234=y CONFIG_PINCTRL=y # CONFIG_PING is not set # CONFIG_PKCS7_TEST_KEY is not set diff --git a/kernel-aarch64-rt-debug-rhel.config b/kernel-aarch64-rt-debug-rhel.config index 26e88e5..1c753a3 100644 --- a/kernel-aarch64-rt-debug-rhel.config +++ b/kernel-aarch64-rt-debug-rhel.config @@ -4399,6 +4399,7 @@ CONFIG_PINCTRL_MAX77620=y # CONFIG_PINCTRL_SM8450 is not set # CONFIG_PINCTRL_STMFX is not set # CONFIG_PINCTRL_SX150X is not set +CONFIG_PINCTRL_TEGRA234=y CONFIG_PINCTRL=y # CONFIG_PING is not set # CONFIG_PKCS7_TEST_KEY is not set diff --git a/kernel-aarch64-rt-rhel.config b/kernel-aarch64-rt-rhel.config index 9602fc5..147ddfc 100644 --- a/kernel-aarch64-rt-rhel.config +++ b/kernel-aarch64-rt-rhel.config @@ -4377,6 +4377,7 @@ CONFIG_PINCTRL_MAX77620=y # CONFIG_PINCTRL_SM8450 is not set # CONFIG_PINCTRL_STMFX is not set # CONFIG_PINCTRL_SX150X is not set +CONFIG_PINCTRL_TEGRA234=y CONFIG_PINCTRL=y # CONFIG_PING is not set # CONFIG_PKCS7_TEST_KEY is not set diff --git a/kernel.spec b/kernel.spec index a4bfe66..a8550b5 100755 --- a/kernel.spec +++ b/kernel.spec @@ -161,15 +161,15 @@ Summary: The Linux kernel # define buildid .local %define specversion 5.14.0 %define patchversion 5.14 -%define pkgrelease 352 +%define pkgrelease 353 %define kversion 5 -%define tarfile_release 5.14.0-352.el9 +%define tarfile_release 5.14.0-353.el9 # This is needed to do merge window version magic %define patchlevel 14 # This allows pkg_release to have configurable %%{?dist} tag -%define specrelease 352%{?buildid}%{?dist} +%define specrelease 353%{?buildid}%{?dist} # This defines the kabi tarball version -%define kabiversion 5.14.0-352.el9 +%define kabiversion 5.14.0-353.el9 # # End of genspec.sh variables @@ -3698,6 +3698,34 @@ fi # # %changelog +* Wed Aug 09 2023 Herton R. Krzesinski [5.14.0-353.el9] +- libceph: fix potential hang in ceph_osdc_notify() (Ilya Dryomov) [2229303] +- rbd: prevent busy loop when requesting exclusive lock (Ilya Dryomov) [2229303] +- rbd: retrieve and check lock owner twice before blocklisting (Ilya Dryomov) [2229303] +- rbd: harden get_lock_owner_info() a bit (Ilya Dryomov) [2229303] +- rbd: make get_lock_owner_info() return a single locker or NULL (Ilya Dryomov) [2229303] +- Description: Turn on Tegra234 Pinctrl Driver (Joel Slebodnick) [2222432] +- pinctrl: tegra: avoid duplicate field initializers (Joel Slebodnick) [2222432] +- pinctrl: tegra: Add Tegra234 pinmux driver (Joel Slebodnick) [2222432] +- pinctrl: tegra: Consistently refer to SoC data (Joel Slebodnick) [2222432] +- pinctrl: tegra: Duplicate pinmux functions table (Joel Slebodnick) [2222432] +- KEYS: use kfree_sensitive with key (Vladis Dronov) [2223719] +- virtio_transport: temporarily do not depend on ANY_LAYOUT support (Paolo Bonzini) [2227177] +- i40e: Wait for pending VF reset in VF set callbacks (Ivan Vecera) [2215498] +- i40e: Add helper for VF inited state check with timeout (Ivan Vecera) [2215498] +- ipv6: fix locking issues with loops over idev->addr_list (Jiri Benc) [2226678] +- tcp: Reduce chance of collisions in inet6_hashfn(). (Felix Maurer) [2176117] {CVE-2023-1206} +- VMCI: Use threaded irqs instead of tasklets (Ani Sinha) [2217459] +- ipv4: Fix potential uninit variable access bug in __ip_make_skb() (Guillaume Nault) [2221167] +- tcp: restrict net.ipv4.tcp_app_win (Guillaume Nault) [2221167] +- ping: Fix potentail NULL deref for /proc/net/icmp. (Guillaume Nault) [2221167] +- raw: Fix NULL deref in raw_get_next(). (Guillaume Nault) [2221167] +- icmp: guard against too small mtu (Guillaume Nault) [2221167] +- raw: use net_hash_mix() in hash function (Guillaume Nault) [2221167] +- netfilter: nf_tables: can't schedule in nft_chain_validate (Florian Westphal) [2219421] +- netfilter: nf_tables: fix scheduling-while-atomic splat (Florian Westphal) [2219421] +- netfilter: nf_tables: add rescheduling points during loop detection walks (Florian Westphal) [2219421] + * Tue Aug 08 2023 Herton R. Krzesinski [5.14.0-352.el9] - vDPA/ifcvf: implement new accessors for vq_state (Laurent Vivier) [RHEL-806] - vDPA/ifcvf: detect and report max allowed vq size (Laurent Vivier) [RHEL-806] diff --git a/sources b/sources index 08207db..fcb04fc 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-5.14.0-352.el9.tar.xz) = 48f1977905afc75a182089257fad85fb9a4a4dd4d4d576dd07b82e0be297cb0fcef34b0e5390e09b35ca124eb415db239ac9f3c6fb001dbe2b614e73e63711cd -SHA512 (kernel-abi-stablelists-5.14.0-352.el9.tar.bz2) = ca7d10f952b0ecc6f4fc352794e0b5e1cc0e671485d74926beaec98f3eed4e62af3b1c230a2d78f3049e4e797e26f75e03b98b8faadbd7233154d6c62b5776f0 -SHA512 (kernel-kabi-dw-5.14.0-352.el9.tar.bz2) = 5345031e3fc9d6b60d1e7a8e95d6e9a8eaefcf55bbd140d83855f0e08c04f6bc1ba2088e607b16f33ff0f4d8bfc08cfadfe323799c51e1acc1225701645b81c9 +SHA512 (linux-5.14.0-353.el9.tar.xz) = 48fb6452bfccb2842e0c36369a7b260ef5a96102d8d21caa994d24cd42761dda9d3378a15dca77fa551949ac5ca0defb19f7118d5ab17bf6aff5d7286b844092 +SHA512 (kernel-abi-stablelists-5.14.0-353.el9.tar.bz2) = f2122014253a04cb20a490852a667e292d0c823ead4ac7bb5c65e5df949642aa81f8ba8c5fa0669601ededd9c6404e8ca02441878450675318b2aef1a348849e +SHA512 (kernel-kabi-dw-5.14.0-353.el9.tar.bz2) = fd6236b3089e93703472371fe676cda643d5f6d151e2d9310576cc57e3921355cbc5157834252dc317f013cffabefe66bfeefeb94649797fb9bf15795296d7be