diff --git a/download b/download index 77b695d200622dc9df3f62c82fa8bb1853001434..d4d2e7800f67db024e8ff15a88c1077ff5e71c3d 100644 --- a/download +++ b/download @@ -1,3 +1,3 @@ -2c34fff9312fecdfa3d3388822f8645c kernel-abi-stablelists-4.18.0-477.tar.bz2 -096ade459e400e42c3fe4caa55033d3d kernel-kabi-dw-4.18.0-477.tar.bz2 -afab8e33b5ddf6298d6d1806bedfc4e6 linux-4.18.0-477.21.1.el8_8.tar.xz +34e7fef58de8395cb9a0d0a24a360449 kernel-abi-stablelists-4.18.0-477.tar.bz2 +1f91fd0fb81d4c7531deee29e42a147a kernel-kabi-dw-4.18.0-477.tar.bz2 +c26a924c6de8eb47c3dd7b31c905859f linux-4.18.0-477.27.1.el8_8.tar.xz diff --git a/kernel-x86_64-debug.config b/kernel-x86_64-debug.config index a30c257a5b8ff60c7a6949f9a36f0e6dd27e3e00..09dc447396c0d3912f584e7908adb0911a560b57 100644 --- a/kernel-x86_64-debug.config +++ b/kernel-x86_64-debug.config @@ -3493,6 +3493,7 @@ CONFIG_INTEL_TH_PTI=m CONFIG_INTEL_TH_STH=m CONFIG_INTEL_TURBO_MAX_3=y CONFIG_INTEL_TXT=y +CONFIG_INTEL_UNCORE_FREQ_CONTROL=m CONFIG_INTEL_VBTN=m CONFIG_INTEL_VSEC=m CONFIG_INTEL_WMI_THUNDERBOLT=m diff --git a/kernel-x86_64.config b/kernel-x86_64.config index 2fdad59fbf8c70ad9ae021e45ed208b1d5401a4c..36df5907f8e83f6a75047e5b5a18d8d32c9e3139 100644 --- a/kernel-x86_64.config +++ b/kernel-x86_64.config @@ -3507,6 +3507,7 @@ CONFIG_INTEL_TH_PTI=m CONFIG_INTEL_TH_STH=m CONFIG_INTEL_TURBO_MAX_3=y CONFIG_INTEL_TXT=y +CONFIG_INTEL_UNCORE_FREQ_CONTROL=m CONFIG_INTEL_VBTN=m CONFIG_INTEL_VSEC=m CONFIG_INTEL_WMI_THUNDERBOLT=m diff --git a/kernel.spec b/kernel.spec index 821ce6fb8ba2d6a6d59fe63b87522270703e0b06..573f9e6a449fb903eab28218b3ee1b04358d3775 100644 --- a/kernel.spec +++ b/kernel.spec @@ -39,10 +39,10 @@ # define buildid .local %define rpmversion 4.18.0 -%define pkgrelease 477.21.1.el8_8 +%define pkgrelease 477.27.1.el8_8 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 477.21.1%{anolis_release}%{?dist} +%define specrelease 477.27.1%{anolis_release}%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -2702,9 +2702,132 @@ fi # # %changelog -* Fri Aug 25 2023 Xiaoping Liu - 4.18.0-477.21.1.0.1 +* Wed Sep 20 2023 Xiaoping Liu - 4.18.0-477.27.1.0.1 - kernel:repair dwarves causes kernel compilation to fail +* Thu Aug 31 2023 Lucas Zampieri [4.18.0-477.27.1.el8_8] +- gfs2: Fix freeze consistency check in gfs2_trans_add_meta (Andreas Gruenbacher) [2231825 2095340] +- gfs2: gfs2_freeze_lock_shared cleanup (Andreas Gruenbacher) [2231825 2095340] +- gfs2: Replace sd_freeze_state with SDF_FROZEN flag (Andreas Gruenbacher) [2231825 2095340] +- gfs2: Rework freeze / thaw logic (Andreas Gruenbacher) [2231825 2095340] +- gfs2: Rename SDF_{FS_FROZEN => FREEZE_INITIATOR} (Andreas Gruenbacher) [2231825 2095340] +- gfs2: Reconfiguring frozen filesystem already rejected (Andreas Gruenbacher) [2231825 2095340] +- gfs2: Rename gfs2_freeze_lock{ => _shared } (Andreas Gruenbacher) [2231825 2095340] +- gfs2: Rename the {freeze,thaw}_super callbacks (Andreas Gruenbacher) [2231825 2095340] +- gfs2: Rename remaining "transaction" glock references (Andreas Gruenbacher) [2231825 2095340] +- gfs2: init system threads before freeze lock (Bob Peterson) [2231825 2095340] +- cifs: fix bogus cifs_mount error handling in RHEL8 (Jeffrey Layton) [2229128 2215018] +- cifs: missing null pointer check in cifs_mount (Jay Shin) [2229128 2215018] +- x86/cpu: Add CPU model numbers for Meteor Lake (Prarit Bhargava) [2230158 2156826] +- redhat/configs: enable CONFIG_INTEL_UNCORE_FREQ_CONTROL for x86_64 (David Arcari) [2230158 2156826] +- platform/x86/intel-uncore-freq: Return error on write frequency (David Arcari) [2230158 2156826] +- platform/x86: intel-uncore-freq: Add client processors (David Arcari) [2230158 2156826] +- platform/x86: intel-uncore-freq: add Emerald Rapids support (David Arcari) [2230158 2156826] +- platform/x86: intel-uncore-freq: Use sysfs_emit() to instead of scnprintf() (David Arcari) [2230158 2156826] +- platform/x86: intel-uncore-freq: Prevent driver loading in guests (David Arcari) [2230158 2156826] +- platform/x86: intel-uncore-freq: fix uncore_freq_common_init() error codes (David Arcari) [2230158 2156826] +- platform/x86/intel-uncore-freq: Split common and enumeration part (David Arcari) [2230158 2156826] +- platform/x86/intel/uncore-freq: Display uncore current frequency (David Arcari) [2230158 2156826] +- platform/x86/intel/uncore-freq: Use sysfs API to create attributes (David Arcari) [2230158 2156826] +- platform/x86/intel/uncore-freq: Move to uncore-frequency folder (David Arcari) [2230158 2156826] +- platform/x86: intel-uncore-frequency: use default_groups in kobj_type (David Arcari) [2230158 2156826] +- platform/x86: intel-uncore-frequency: Move to intel sub-directory (David Arcari) [2230158 2156826] +- platform/x86/intel-uncore-freq: Add Sapphire Rapids server support (David Arcari) [2230158 2156826] +- platform/x86/intel-uncore-freq: make uncore_root_kobj static (David Arcari) [2230158 2156826] +- platform/x86: Convert to new CPU match macros (David Arcari) [2230158 2156826] +- platform/x86/intel-uncore-freq: Add release callback (David Arcari) [2230158 2156826] +- platform/x86/intel-uncore-freq: Fix static checker issue and potential race condition (David Arcari) [2230158 2156826] +- MAINTAINERS: Update for the intel uncore frequency control (David Arcari) [2230158 2156826] +- platform/x86: Add support for Uncore frequency control (David Arcari) [2230158 2156826] +- scsi: storvsc: Remove errant duplicate code (Cathy Avery) [2233227 2211725] +- scsi: storvsc: Limit max_sectors for virtual Fibre Channel devices (Cathy Avery) [2233227 2211725] +- net/sched: cls_fw: Fix improper refcount update leads to use-after-free (Davide Caratti) [2225647 2225103] {CVE-2023-3776} +- iavf: remove active_cvlans and active_svlans bitmaps (Stefan Assmann) [2232399 2153349] +- iavf: refactor VLAN filter states (Stefan Assmann) [2232399 2153349] +- iavf: do not track VLAN 0 filters (Stefan Assmann) [2232399 2153349] +- iavf: fix non-tunneled IPv6 UDP packet type and hashing (Stefan Assmann) [2232399 2153349] +- iavf: fix inverted Rx hash condition leading to disabled hash (Stefan Assmann) [2232399 2153349] +- net/sched: move struct tc_mqprio_qopt_offload from pkt_cls.h to pkt_sched.h (Stefan Assmann) [2232399 2153349] +- iavf/iavf_main: actually log ->src mask when talking about it (Stefan Assmann) [2232399 2153349] +- iavf: Fix VF driver counting VLAN 0 filters (Stefan Assmann) [2232399 2153349] +- iavf: Change information about device removal in dmesg (Stefan Assmann) [2232399 2153349] +- iavf: Replace __FUNCTION__ with __func__ (Stefan Assmann) [2232399 2153349] +- net: Remove the obsolte u64_stats_fetch_*_irq() users (drivers). (Stefan Assmann) [2232399 2153349] +- netfilter: nf_tables: prevent OOB access in nft_byteorder_eval (Florian Westphal) [2221725 2221046] {CVE-2023-35001} + +* Thu Aug 24 2023 Lucas Zampieri [4.18.0-477.26.1.el8_8] +- scsi: storvsc: Fix handling of virtual Fibre Channel timeouts (Cathy Avery) [2230743 1986067] +- kernfs: Improve kernfs_notify() poll notification latency (Ian Kent) [2208540] +- crypto: rng - Fix lock imbalance in crypto_del_rng (Herbert Xu) [2232215] +- net: stmmac: propagate feature flags to vlan (Corinna Vinschen) [2219907 2174701] +- scsi: storvsc: Handle SRB status value 0x30 (Cathy Avery) [2231988 2218133] + +* Thu Aug 17 2023 Lucas Zampieri [4.18.0-477.25.1.el8_8] +- netfilter: nft_set_pipapo: fix improper element removal (Phil Sutter) [2227508 2225276] {CVE-2023-4004} +- perf/x86/rapl: Add support for Intel Emerald Rapids (Michael Petlan) [2230162 2165766] +- perf/x86/intel/cstate: Add Emerald Rapids (Michael Petlan) [2230152 2156802] +- perf/x86/intel: Add Emerald Rapids (Michael Petlan) [2230152 2156802] +- perf/x86/intel/uncore: Add Emerald Rapids (Michael Petlan) [2230152 2156802] +- perf/x86/msr: Add Emerald Rapids (Michael Petlan) [2230152 2156802] +- perf/x86/msr: Add Sapphire Rapids CPU support (Michael Petlan) [2230152 2156802] +- netfilter: xt_owner: Add supplementary groups option (Phil Sutter) [2229715 2136194] + +* Fri Aug 11 2023 Lucas Zampieri [4.18.0-477.24.1.el8_8] +- x86/cpu/amd: Add a Zenbleed fix (Waiman Long) [2226831 2226832] {CVE-2023-20593} +- x86/cpu/amd: Move the errata checking functionality up (Waiman Long) [2226831 2226832] {CVE-2023-20593} +- x86/amd: Cache debug register values in percpu variables (Waiman Long) [2226831 2226832] {CVE-2023-20593} +- x86/cpu: Restore AMD's DE_CFG MSR after resume (Waiman Long) [2226831 2226832] {CVE-2023-20593} +- x86/microcode/AMD: Track patch allocation size explicitly (David Arcari) [2226831 2226832] {CVE-2023-20593} +- x86/microcode: Print previous version of microcode after reload (David Arcari) [2226831 2226832] {CVE-2023-20593} +- x86/cpu: Load microcode during restore_processor_state() (David Arcari) [2226831 2226832] {CVE-2023-20593} +- x86/cpu: Include the header of init_ia32_feat_ctl()'s prototype (Chris von Recklinghausen) [2226831 2226832] {CVE-2023-20593} +- x86/pm: Fix false positive kmemleak report in msr_build_context() (Chris von Recklinghausen) [2226831 2226832] {CVE-2023-20593} +- x86/speculation: Restore speculation related MSRs during S3 resume (Chris von Recklinghausen) [2226831 2226832] {CVE-2023-20593} +- kbuild: remove leftover comment for filechk utility (Chris von Recklinghausen) [2226831 2226832] {CVE-2023-20593} +- x86/cpu: Reinitialize IA32_FEAT_CTL MSR on BSP during wakeup (Chris von Recklinghausen) [2226831 2226832] {CVE-2023-20593} +- x86/rdrand: Sanity-check RDRAND output (Chris von Recklinghausen) [2226831 2226832] {CVE-2023-20593} +- x86/CPU/AMD: Clear RDRAND CPUID bit on AMD family 15h/16h (Chris von Recklinghausen) [2226831 2226832] {CVE-2023-20593} +- firmware: refactor firmware/Makefile (Chris von Recklinghausen) [2226831 2226832] {CVE-2023-20593} +- kbuild: remove redundant 'set -e' from filechk_offsets (Chris von Recklinghausen) [2226831 2226832] {CVE-2023-20593} +- kbuild: do not redirect the first prerequisite for filechk (Chris von Recklinghausen) [2226831 2226832] {CVE-2023-20593} +- kbuild: move bin2c back to scripts/ from scripts/basic/ (Chris von Recklinghausen) [2226831 2226832] {CVE-2023-20593} +- libceph: harden msgr2.1 frame segment length checks (Ilya Dryomov) [2227073 2222256] +- iavf: fix reset task race with iavf_remove() (Petr Oros) [2228161 2223604] +- iavf: fix a deadlock caused by rtnl and driver's lock circular dependencies (Petr Oros) [2228161 2223604] +- Revert "iavf: Do not restart Tx queues after reset task failure" (Petr Oros) [2228161 2223604] +- Revert "iavf: Detach device during reset task" (Petr Oros) [2228161 2223604] +- iavf: Wait for reset in callbacks which trigger it (Petr Oros) [2228161 2223604] +- iavf: use internal state to free traffic IRQs (Petr Oros) [2228161 2223604] +- iavf: Fix out-of-bounds when setting channels on remove (Petr Oros) [2228161 2223604] +- iavf: Fix use-after-free in free_netdev (Petr Oros) [2228161 2223604] +- iavf: make functions static where possible (Petr Oros) [2228161 2223604] +- iavf: fix err handling for MAC replace (Petr Oros) [2228161 2223604] +- iavf: remove some unused functions and pointless wrappers (Petr Oros) [2228161 2223604] +- iavf: remove mask from iavf_irq_enable_queues() (Petr Oros) [2228161 2223604] +- iavf: send VLAN offloading caps once after VFR (Petr Oros) [2228161 2223604] +- i40e: Wait for pending VF reset in VF set callbacks (Ivan Vecera) [2228163 2203921] +- i40e: Add helper for VF inited state check with timeout (Ivan Vecera) [2228163 2203921] +- ACPI: sleep: Avoid breaking S3 wakeup due to might_sleep() (Mark Langsdorf) [2218025 2215625] +- locking/semaphore: Add might_sleep() to down_*() family (Mark Langsdorf) [2218025 2215625] +- ipvlan:Fix out-of-bounds caused by unclear skb->cb (Davide Caratti) [2219660 2218676] {CVE-2023-3090} +- netfilter: nf_tables: unbind non-anonymous set if rule construction fails (Phil Sutter) [2216165 2214963] {CVE-2023-3390} +- netfilter: nf_tables: add NFT_TRANS_PREPARE_ERROR to deal with bound set/chain (Phil Sutter) [2216165 2214963] {CVE-2023-3390} +- netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE (Phil Sutter) [2216165 2214963] {CVE-2023-3390} + +* Fri Aug 04 2023 Lucas Zampieri [4.18.0-477.23.1.el8_8] +- ice: avoid bonding causing auxiliary plug/unplug under RTNL lock (Petr Oros) [2224515 2153356] +- ceph: fix use-after-free bug for inodes when flushing capsnaps (Xiubo Li) [2218271 2209299] + +* Thu Jul 27 2023 Lucas Zampieri [4.18.0-477.22.1.el8_8] +- mm: avoid unnecessary page fault retires on shared memory types (Nico Pache) [2221100 2213877] +- mm: remove redundant check about FAULT_FLAG_ALLOW_RETRY bit (Nico Pache) [2221100 2213877] +- mm: Allow the [page|pfn]_mkwrite callbacks to drop the mmap_sem (Nico Pache) [2221100 2213877] +- bluetooth: Perform careful capability checks in hci_sock_ioctl() (Ricardo Robaina) [2196352 2196353] {CVE-2023-2002} +- mm/memcg: Fix mem_cgroup_id_get_online() underflow problem (Waiman Long) [2221010] +- net/sched: flower: fix possible OOB write in fl_set_geneve_opt() (Davide Caratti) [2216989 2214027] {CVE-2023-35788} +- netfilter: conntrack: gre: don't set assured flag for clash entries (Florian Westphal) [2223542] +- netfilter: conntrack: allow insertion clash of gre protocol (Florian Westphal) [2223542] + * Thu Jul 20 2023 Lucas Zampieri [4.18.0-477.21.1.el8_8] - ipmi: msghandler: kABI implementation was wrong (Tony Camuso) [2213189 2182345] - ipmi: ipmb: Fix the MODULE_PARM_DESC associated to 'retry_time_ms' (Tony Camuso) [2211667 2174220]