From 7bbbc6c980cf2266c27c4073d7c73ffcab1ab22f Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: May 21 2018 22:09:28 +0000
Subject: import kernel-rt-3.10.0-862.3.2.rt56.808.el7


---

diff --git a/.gitignore b/.gitignore
index 63009d9..53c3544 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,3 @@
-SOURCES/kernel-rt-3.10.0-862.2.3.rt56.806.tar.xz
+SOURCES/kernel-rt-3.10.0-862.3.2.rt56.808.tar.xz
 SOURCES/rheldup3.x509
 SOURCES/rhelkpatch1.x509
diff --git a/.kernel-rt.metadata b/.kernel-rt.metadata
index f5196b9..000bc02 100644
--- a/.kernel-rt.metadata
+++ b/.kernel-rt.metadata
@@ -1,3 +1,3 @@
-3ee3e2b1e29d16f8e947daa0f22948bfaf83f65f SOURCES/kernel-rt-3.10.0-862.2.3.rt56.806.tar.xz
+b7af0b9697fc3f5095f36c19db00c907080fa8fb SOURCES/kernel-rt-3.10.0-862.3.2.rt56.808.tar.xz
 95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509
 d90885108d225a234a5a9d054fc80893a5bd54d0 SOURCES/rhelkpatch1.x509
diff --git a/SPECS/kernel-rt.spec b/SPECS/kernel-rt.spec
index dfeb1b0..3de5c86 100644
--- a/SPECS/kernel-rt.spec
+++ b/SPECS/kernel-rt.spec
@@ -7,10 +7,10 @@ Summary: The Linux Realtime kernel
 %global dist .el7
 
 # realtimeN
-%global rtbuild 806
+%global rtbuild 808
 
 # RHEL7 build number
-%global rhel_build 862.2.3
+%global rhel_build 862.3.2
 
 # The preempt RT patch level
 %global rttag rt56
@@ -88,6 +88,9 @@ Summary: The Linux Realtime kernel
 
 %global KVERREL %{rpmversion}-%{pkg_release}.%{_target_cpu}
 
+# SEED to recalculate the build-id hashes
+%global _find_debuginfo_opts --unique-debug-suffix %{pkg_release}
+
 # The kernel tarball/base version
 %global kversion %{rpmversion}
 
@@ -447,7 +450,7 @@ Provides: %{name}%{?1:-%{1}}-kvm-debuginfo = %{version}-%{release}\
 AutoReqProv: no\
 %description -n %{name}%{?1:-%{1}}-kvm-debuginfo\
 This package provides debug information for package %{name}%{?1:-%{1}}.\
-This is required to use SystemTap with %{name}%{?1:%{1}}-%{KVERREL}.\
+This is required to use SystemTap with %{name}%{?1:-%{1}}-%{KVERREL}.\
 %{expand:%%global debuginfo_args %{?debuginfo_args} -p '/.*/%%{KVERREL}%{?1:\.%{1}}/.*|/.*%%{KVERREL}%{?1:\.%{1}}(\.debug)?' -o debuginfo%{?1}-kvm.list}\
 %{nil}
 
@@ -464,7 +467,7 @@ Provides: %{name}%{?1:-%{1}}-debuginfo-%{_target_cpu} = %{version}-%{release}\
 AutoReqProv: no\
 %description -n %{name}%{?1:-%{1}}-debuginfo\
 This package provides debug information for package %{name}%{?1:-%{1}}.\
-This is required to use SystemTap with %{name}%{?1:%{1}}-%{KVERREL}.\
+This is required to use SystemTap with %{name}%{?1:-%{1}}-%{KVERREL}.\
 %{expand:%%global debuginfo_args %{?debuginfo_args} -p '/.*/%%{KVERREL}%{?1:\.%{1}}/.*|/.*%%{KVERREL}%{?1:\.%{1}}(\.debug)?' -o debuginfo%{?1}.list}\
 %{nil}
 
@@ -682,16 +685,6 @@ BuildKernel() {
     Flavour=$3
     InstallName=${4:-vmlinuz}
 
-    # Replace the macro in these files with $Flavor to avoid debuginfo
-    # hash collision in the different variants. That was bz1209952
-    for AAA in scripts/asn1_compiler.c scripts/genksyms/genksyms.c \
-               scripts/kallsyms.c scripts/mod/mk_elfconfig.c scripts/mod/modpost.c \
-               scripts/recordmcount.c scripts/selinux/genheaders/genheaders.c \
-               scripts/selinux/mdp/mdp.c scripts/sortextable.c tools/objtool/objtool.c
-    do
-        sed -i "s/%%%%KVR%%%%/$Flavour/g" $AAA
-    done
-
     # Pick the right config file for the kernel we're building
     suffix=
     if [ "$Flavour" != "" ]
@@ -955,19 +948,27 @@ cd linux-%{kversion}.%{_target_cpu}
 # those changes at the %build section of the specfile.
 
 %if %{builddebug}
+# SEED to recalculate the build-id hashes
+%global _find_debuginfo_opts --unique-debug-suffix %{pkg_release}-debug
 BuildKernel %make_target %kernel_image debug
 %endif
 
 %if %{buildtrace}
+# SEED to recalculate the build-id hashes
+%global _find_debuginfo_opts --unique-debug-suffix %{pkg_release}-trace
 BuildKernel %make_target %kernel_image trace
 %endif
 
 %if %{buildvanilla}
+# SEED to recalculate the build-id hashes
+%global _find_debuginfo_opts --unique-debug-suffix %{pkg_release}-vanilla
 BuildKernel %make_target %kernel_image vanilla
 %endif
 
 # maybe %if %{buildrt}
 %if %{buildrt}
+# SEED to recalculate the build-id hashes
+%global _find_debuginfo_opts --unique-debug-suffix %{pkg_release}-rt
 BuildKernel %make_target %kernel_image
 %endif
 
@@ -1182,15 +1183,27 @@ fi\
 %{expand:%%posttrans %{?1}}\
 %{expand:\
 NEWKERNARGS=""\
-(/sbin/grubby --info=`/sbin/grubby --default-kernel`) 2>/dev/null | grep -q crashkernel\
+(%{_sbindir}/grubby --info=`%{_sbindir}/grubby --default-kernel`) 2>/dev/null | grep -q crashkernel\
 if [ $? -ne 0 ]\
 then\
 	NEWKERNARGS="--kernel-args=\"crashkernel=auto\""\
 fi\
 NKPARGS="--mkinitrd --depmod --update --dracut"\
-/sbin/new-kernel-pkg --package kernel-rt $NKPARGS %{KVERREL}%{?1:.%{1}} $NEWKERNARGS || exit $?\
+%{_sbindir}/new-kernel-pkg --package kernel-rt $NKPARGS %{KVERREL}%{?1:.%{1}} $NEWKERNARGS\
+rc=$?\
+if [ $rc != 0 ]; then\
+    %{_sbindir}/new-kernel-pkg --remove %{KVERREL}%{?1:.%{1}}\
+    ERROR_MSG="ERROR: installing kernel-rt-%{KVERREL}%{?1:.%{1}}: no space left for creating initramfs. Clean up /boot partition and re-run '%{_sbindir}/new-kernel-pkg --package kernel-rt $NKPARGS %{KVERREL}%{?1:.%{1}} $NEWKERNARGS'"\
+    if [ -e /usr/bin/logger ]; then\
+        /usr/bin/logger -p syslog.warn "\$ERROR_MSG"\
+    elif [ -e /usr/bin/cat ]; then\
+        /usr/bin/cat "\$ERROR_MSG" > /dev/kmsg\
+    fi\
+    echo "\$ERROR_MSG"\
+    exit $rc\
+fi\
+%{_sbindir}/new-kernel-pkg --package kernel-rt --rpmposttrans %{KVERREL}%{?1:.%{1}} || exit $?\
 }\
-/sbin/new-kernel-pkg --package kernel-rt --rpmposttrans %{KVERREL}%{?1:.%{1}} || exit $?\
 %{nil}
 
 #
@@ -1398,6 +1411,40 @@ fi
 %endif
 
 %changelog
+* Thu May 17 2018 Luis Claudio R. Goncalves <lgoncalv@redhat.com> [3.10.0-862.3.2.rt56.808.el7]
+- [rt] Update source tree to match RHEL 7.5 tree [1549768 1462329]
+- [x86] spec_ctrl: Fix late microcode problem with AMD (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [x86] entry: Add missing "$" in IBRS macros (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [x86] spec_ctrl: Clean up entry code & remove unused APIs (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [x86] spec_ctrl: Mask off SPEC_CTRL MSR bits that are managed by kernel (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [x86] spec_ctrl: add support for SSBD to RHEL IBRS entry/exit macros (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [fs] proc: Use CamelCase for SSBD (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [x86] bugs: Rename _RDS to _SSBD (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [kernel] seccomp: Enable speculation flaw mitigations (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [fs] proc: Provide details on speculation flaw mitigations (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [x86] nospec: Allow getting/setting on non-current task (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [x86] speculation: Add prctl for Speculative Store Bypass mitigation (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [x86] process: Allow runtime control of Speculative Store Bypass (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [uapi] prctl: Add speculation control prctls (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [x86] kvm/vmx: Expose SPEC_CTRL Bit(2) to the guest (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [x86] bugs/amd: Add support to disable RDS on Fam[15, 16, 17]h if requested (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [x86] spec_ctrl: Sync up RDS setting with IBRS code (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [x86] bugs: Provide boot parameters for the spec_store_bypass_disable mitigation (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [x86] bugs: Expose /sys/../spec_store_bypass (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [x86] bugs: Read SPEC_CTRL MSR during boot and re-use (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [x86] spec_ctrl: Use separate PCP variables for IBRS entry and exit (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+- [x86] cpufeatures: Make CPU bugs sticky (Waiman Long) [1566904 1566905] {CVE-2018-3639}
+
+* Thu May 10 2018 Luis Claudio R. Goncalves <lgoncalv@redhat.com> [3.10.0-862.3.1.rt56.807.el7]
+- [rt] Update source tree to match RHEL 7.5 tree [1549768 1462329]
+- avoid debuginfo hash collisions using unique build-id hash seeds ("Luis Claudio R. Goncalves")
+- revert the "avoid debuginfo hash collisions" changes ("Luis Claudio R. Goncalves")
+- spec: properly clean up bootloader menuentry in case new-kernel-pkg fails to create the initramfs file ("Luis Claudio R. Goncalves")
+- [x86] kpti/kexec: fix wrong page address in clear_page (Dave Young) [1573173 1571162]
+- [x86] kvm: fix icebp instruction handling (Paolo Bonzini) [1566849 1566845] {CVE-2018-1087}
+- [x86] entry/64: Don't use IST entry for #BP stack (Paolo Bonzini) [1567084 1567083] {CVE-2018-8897}
+- [kernel] perf/hwbp: Simplify the perf-hwbp code, fix documentation (Eugene Syromiatnikov) [1569878 1569874] {CVE-2018-1000199}
+
 * Mon Apr 30 2018 Clark Williams <williams@redhat.com> [3.10.0-862.2.3.rt56.806.el7]
 - [rt] Update source tree to match RHEL 7.5 tree [1549768 1462329]
 - [x86] kvm: fix icebp instruction handling (Paolo Bonzini) [1566849 1566845] {CVE-2018-1087}