From 10675f7e02757618bfcffc959fea2f86470810e0 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: May 14 2019 17:24:42 +0000 Subject: import kernel-rt-3.10.0-957.12.2.rt56.929.el7 --- diff --git a/.gitignore b/.gitignore index e19e4d4..bcbad50 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ -SOURCES/kernel-rt-3.10.0-957.12.1.rt56.927.tar.xz +SOURCES/kernel-rt-3.10.0-957.12.2.rt56.929.tar.xz SOURCES/rheldup3.x509 SOURCES/rhelkpatch1.x509 diff --git a/.kernel-rt.metadata b/.kernel-rt.metadata index 776f191..1727343 100644 --- a/.kernel-rt.metadata +++ b/.kernel-rt.metadata @@ -1,3 +1,3 @@ -82d4675f4fd8fb5add5271a1cc8a15c54b6c8726 SOURCES/kernel-rt-3.10.0-957.12.1.rt56.927.tar.xz +713d9a2d4e0d7c2a59a47266a4feab8699841bf6 SOURCES/kernel-rt-3.10.0-957.12.2.rt56.929.tar.xz 95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509 d90885108d225a234a5a9d054fc80893a5bd54d0 SOURCES/rhelkpatch1.x509 diff --git a/SPECS/kernel-rt.spec b/SPECS/kernel-rt.spec index 24dab88..fe210f1 100644 --- a/SPECS/kernel-rt.spec +++ b/SPECS/kernel-rt.spec @@ -7,10 +7,10 @@ Summary: The Linux Realtime kernel %global dist .el7 # realtimeN -%global rtbuild 927 +%global rtbuild 929 # RHEL7 build number -%global rhel_build 957.12.1 +%global rhel_build 957.12.2 # The preempt RT patch level %global rttag rt56 @@ -1428,14 +1428,129 @@ fi %endif %changelog +* Fri Apr 26 2019 Luis Claudio R. Goncalves [3.10.0-957.12.2.rt56.929.el7] +- [rt] Update source tree to match RHEL 7.6.z tree [1689417 1642619] +- [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [documentation] x86/speculation/mds: Add mds=full,nosmt cmdline option (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [kernel] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [x86] x86/spec_ctrl: Disable automatic enabling of STIBP with SMT on (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [base] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127} +- [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127} +- [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [x86] x86/msr-index: Cleanup bit defines (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127} +- [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127} +- [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127} +- [x86] x86/speculation: Rework SMT state change (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127} +- [kernel] sched/smt: Expose sched_smt_present static key (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127} +- [kernel] sched/smt: Make sched_smt_present track topology (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127} +- [x86] x86/speculation: Disable STIBP when enhanced IBRS is in use (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127} +- [x86] x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [x86] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [x86] x86/spectre_v2: Make spectre_v2_mitigation mode available (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [x86] x86/spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130} +- [x86] x86/spec_ctrl: Add casting to fix compilation error (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127} +- [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127} +- [x86] x86/cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127} + +* Mon Apr 15 2019 Luis Claudio R. Goncalves [3.10.0-957.12.1.rt56.928.el7] +- [rt] Update source tree to match RHEL 7.6.z tree [1689417 1642619] +- kvm/hyper-v: avoid spurious pending stimer on vCPU init (Vitaly Kuznetsov) +- KVM: x86: work around leak of uninitialized stack contents (Paolo Bonzini) {CVE-2019-7222} +- kvm: x86: ensure all MSRs can always be KVM_GET/SET_MSR'd (Vitaly Kuznetsov) [1647097 1631439] +- kvm: x86: #GP when guest attempts to write MCi_STATUS register w/o 0 (Vitaly Kuznetsov) [1647097 1631439] +- kvm/hyper-v: inject #GP only when invalid SINTx vector is unmasked (Vitaly Kuznetsov) [1647097 1631439] +- kvm/hyper-v: remove stale entries from vec_bitmap/auto_eoi_bitmap on vector change (Vitaly Kuznetsov) [1647097 1631439] +- kvm: x86: hyperv: avoid livelock in oneshot SynIC timers (Vitaly Kuznetsov) [1647097 1631439] +- kvm: x86: hyperv: add KVM_CAP_HYPERV_SYNIC2 (Vitaly Kuznetsov) [1647097 1631439] +- kvm: Add kvm_vcpu_get_idx to get vcpu index in kvm->vcpus (Vitaly Kuznetsov) [1647097 1631439] +- kvm: x86: fix NULL deref in vcpu_scan_ioapic (Vitaly Kuznetsov) [1647097 1631439] +- kvm: x86: use delivery to self in hyperv synic (Vitaly Kuznetsov) [1647097 1631439] +- kvm: x86: hyperv: make function static to avoid compiling warning (Vitaly Kuznetsov) [1647097 1631439] +- kvm: hyper-v: do not do hypercall userspace exits if SynIC is disabled (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Hyper-V VMBus hypercall userspace exit (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Reject Hyper-V hypercall continuation (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Hyper-V SynIC timers tracepoints (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Hyper-V SynIC tracepoints (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Update SynIC timers on guest entry only (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Skip SynIC vector check for QEMU side (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Hyper-V fix SynIC timer disabling condition (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Reorg stimer_expiration() to better control timer restart (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Hyper-V unify stimer_start() and stimer_restart() (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Drop stimer_stop() function (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Hyper-V timers fix incorrect logical operation (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Remove Hyper-V SynIC timer stopping (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Hyper-V SynIC timers (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Hyper-V SynIC message slot pending clearing at SINT ack (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Added Hyper-V vcpu_to_hv_vcpu()/hv_vcpu_to_vcpu() helpers (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Rearrange func's declarations inside Hyper-V header (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Hyper-V kvm exit (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: Hyper-V synthetic interrupt controller (Vitaly Kuznetsov) [1647097 1631439] +- kvm/x86: split ioapic-handled and EOI exit bitmaps (Vitaly Kuznetsov) [1647097 1631439] +- kvm/irqchip: kvm_arch_irq_routing_update renaming split (Vitaly Kuznetsov) [1647097 1631439] +- [kernel] locking/rwsem: Fix (possible) missed wakeup (Waiman Long) [1690323 1547078] +- [kernel] futex: Fix (possible) missed wakeup (Waiman Long) [1690323 1547078] +- [kernel] futex: Use smp_store_release() in mark_wake_futex() (Waiman Long) [1690323 1547078] +- [kernel] sched/wake_q: Fix wakeup ordering for wake_q (Waiman Long) [1690323 1547078] +- [kernel] sched/wake_q: Document wake_q_add() (Waiman Long) [1690323 1547078] +- [scsi] mpt3sas: As per MPI-spec, use combined reply queue for SAS3.5 controllers when HBA supports more than 16 MSI-x vectors (Tomas Henzl) [1689379 1649288] +- [x86] cpu: avoid crash in get_cpu_cache_id() (David Arcari) [1689120 1626279] +- [net] igmp: Allow user-space configuration of igmp unsolicited report interval (Hangbin Liu) [1686771 1663941] +- [net] igmp: Don't flush routing cache when force_igmp_version is modified (Hangbin Liu) [1686771 1663941] +- [net] igmp: fix incorrect unsolicit report count after link down and up (Hangbin Liu) [1688225 1623359] +- [net] igmp: fix incorrect unsolicit report count when join group (Hangbin Liu) [1688225 1623359] +- [net] igmp: make function __ip_mc_inc_group() static (Hangbin Liu) [1688225 1623359] +- [net] igmp: Reduce Unsolicited report interval to 1s when using IGMPv3 (Hangbin Liu) [1688225 1623359] +- [netdrv] cxgb4: Mask out interrupts that are not enabled (Arjun Vynipadath) [1687487 1678729] +- [acpi] apci / watchdog: enable acpi_watchdog_uses_rtc (David Arcari) [1683078 1663637] +- [watchdog] simplify getting .drvdata (David Arcari) [1683079 1666393] +- [acpi] acpi / watchdog: Prefer iTCO_wdt always when WDAT table uses RTC SRAM (David Arcari) [1683079 1666393] +- [acpi] acpi / watchdog: Prefer iTCO_wdt on Lenovo Z50-70 (David Arcari) [1683079 1666393] +- [acpi] acpi / watchdog: properly initialize resources (David Arcari) [1683079 1666393] +- [acpi] acpi / watchdog: Fix init failure with overlapping register regions (David Arcari) [1683079 1666393] +- [acpi] acpi / watchdog: Print out error number when device creation fails (David Arcari) [1683079 1666393] +- [net] netfilter: nat: limit port clash resolution attempts (Florian Westphal) [1683093 1654777] +- [net] netfilter: nat: remove l4 protocol port rovers (Florian Westphal) [1683093 1654777] +- [net] netfilter: nat: cope with negative port range (Florian Westphal) [1683093 1654777] +- [x86] mm/fault: Allow stack access below rsp (Waiman Long) [1678221 1651416] +- [nvme] nvme-rdma: fix possible double free of controller async event buffer (David Milburn) [1678214 1659532] +- [nvme] nvme-rdma: fix possible free of a non-allocated async event buffer (David Milburn) [1678214 1659532] +- [nvme] nvme-rdma: stop admin queue before freeing it (David Milburn) [1678214 1659532] +- [nvme] rdma: fix double freeing of async event data (David Milburn) [1678216 1655786] +- [md] fix memleak for mempool (Nigel Croxon) [1678215 1599780] +- [md] Memory leak when flush bio size is zero (Nigel Croxon) [1678215 1599780] +- [md] fix lock contention for flush bios (Nigel Croxon) [1678215 1599780] +- [net] ipv6: rate-limit probes for neighbourless routes (Sabrina Dubroca) [1677179 1637821] +- [net] ipv6: Re-arrange code in rt6_probe() (Sabrina Dubroca) [1677179 1637821] +- [netdrv] cxgb4: update supported DCB version (Arjun Vynipadath) [1673821 1668570] +- [netdrv] cxgb4: when disabling dcb set txq dcb priority to 0 (Arjun Vynipadath) [1673821 1668570] +- [kvm] kvm: fix kvm_ioctl_create_device() reference counting (Paolo Bonzini) [1671922 1671923] {CVE-2019-6974} +- [kvm] KVM: nVMX: unconditionally cancel preemption timer in free_nested (Paolo Bonzini) [1671905 1671906] {CVE-2019-7221} +- [mm] page-writeback.c: fix range_cyclic writeback vs writepages deadlock (Brian Foster) [1673281 1591574] +- [fs] rbd: avoid corruption on partially completed bios (Ilya Dryomov) [1672514 1613493] + * Fri Apr 05 2019 Luis Claudio R. Goncalves [3.10.0-957.12.1.rt56.927.el7] - build: remove stale files from the -devel packages (v3) [1689417 1642619] * Tue Apr 02 2019 Luis Claudio R. Goncalves [3.10.0-957.12.1.rt56.926.el7] - [rt] Update source tree to match RHEL 7.6.z tree [1689417 1642619] +- build: remove stale files from the -devel packages (v2) * Tue Apr 02 2019 Luis Claudio R. Goncalves [3.10.0-957.12.1.rt56.925.el7] - [rt] Update source tree to match RHEL 7.6.z tree [1689417 1642619] +- build: clean up stale files in the -devel package * Wed Mar 20 2019 Luis Claudio R. Goncalves [3.10.0-957.12.1.rt56.924.el7] - [rt] Update source tree to match RHEL 7.6.z tree [1689417 1642619]