From 190eab06db07460402105f8c30717ddcd4141ee0 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Jan 04 2018 05:11:18 +0000 Subject: import kernel-rt-3.10.0-693.11.1.rt56.639.el7 --- diff --git a/.gitignore b/.gitignore index d45be18..3b77491 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ -SOURCES/kernel-rt-3.10.0-693.11.1.rt56.632.tar.xz +SOURCES/kernel-rt-3.10.0-693.11.1.rt56.639.tar.xz SOURCES/rheldup3.x509 SOURCES/rhelkpatch1.x509 diff --git a/.kernel-rt.metadata b/.kernel-rt.metadata index 4b93d8c..952099e 100644 --- a/.kernel-rt.metadata +++ b/.kernel-rt.metadata @@ -1,3 +1,3 @@ -f54bbdf8ce95650f755023d7f91a84f6aeb79d82 SOURCES/kernel-rt-3.10.0-693.11.1.rt56.632.tar.xz +8ff460ba3ed437217b334dd9c97d6a86bce8896c SOURCES/kernel-rt-3.10.0-693.11.1.rt56.639.tar.xz 95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509 d90885108d225a234a5a9d054fc80893a5bd54d0 SOURCES/rhelkpatch1.x509 diff --git a/SOURCES/kernel-3.10.0-x86_64-rt-debug.config b/SOURCES/kernel-3.10.0-x86_64-rt-debug.config index 38539d2..d8f9067 100644 --- a/SOURCES/kernel-3.10.0-x86_64-rt-debug.config +++ b/SOURCES/kernel-3.10.0-x86_64-rt-debug.config @@ -5660,6 +5660,7 @@ CONFIG_KEYS_DEBUG_PROC_KEYS=y CONFIG_SECURITY=y CONFIG_SECURITYFS=y CONFIG_SECURITY_NETWORK=y +CONFIG_KAISER=y CONFIG_SECURITY_NETWORK_XFRM=y CONFIG_SECURITY_PATH=y CONFIG_SECURITY_SECURELEVEL=y diff --git a/SOURCES/kernel-3.10.0-x86_64-rt-trace.config b/SOURCES/kernel-3.10.0-x86_64-rt-trace.config index 4ffcffd..2500c03 100644 --- a/SOURCES/kernel-3.10.0-x86_64-rt-trace.config +++ b/SOURCES/kernel-3.10.0-x86_64-rt-trace.config @@ -5634,6 +5634,7 @@ CONFIG_KEYS_DEBUG_PROC_KEYS=y CONFIG_SECURITY=y CONFIG_SECURITYFS=y CONFIG_SECURITY_NETWORK=y +CONFIG_KAISER=y CONFIG_SECURITY_NETWORK_XFRM=y CONFIG_SECURITY_PATH=y CONFIG_SECURITY_SECURELEVEL=y diff --git a/SOURCES/kernel-3.10.0-x86_64-rt.config b/SOURCES/kernel-3.10.0-x86_64-rt.config index 60a2c53..b810b00 100644 --- a/SOURCES/kernel-3.10.0-x86_64-rt.config +++ b/SOURCES/kernel-3.10.0-x86_64-rt.config @@ -5630,6 +5630,7 @@ CONFIG_KEYS_DEBUG_PROC_KEYS=y CONFIG_SECURITY=y CONFIG_SECURITYFS=y CONFIG_SECURITY_NETWORK=y +CONFIG_KAISER=y CONFIG_SECURITY_NETWORK_XFRM=y CONFIG_SECURITY_PATH=y CONFIG_SECURITY_SECURELEVEL=y diff --git a/SPECS/kernel-rt.spec b/SPECS/kernel-rt.spec index b397c67..2d26840 100644 --- a/SPECS/kernel-rt.spec +++ b/SPECS/kernel-rt.spec @@ -9,7 +9,7 @@ Summary: The Linux Realtime kernel %endif # realtimeN -%global rtbuild 632 +%global rtbuild 639 # RHEL7 build number %global rhel_build 693.11.1 @@ -1431,6 +1431,151 @@ fi %endif %changelog +* Thu Dec 28 2017 Clark Williams [3.10.0-693.11.1.rt56.639.el7] +- [rt] Update source tree to match RHEL 7.4 tree [1489084 1462329] +- x86/spec_ctrl: svm: spec_ctrl at vmexit needs per-cpu areas functional (Andrea Arcangeli) +- x86/mm/kaiser: init_tss is supposed to go in the PAGE_ALIGNED per-cpu section (Andrea Arcangeli) +- x86/spec_ctrl: Eliminate redundnat FEATURE Not Present messages (Waiman Long) +- x86/kaiser/mm: skip IBRS/CR3 restore when paranoid exception returns to userland (Andrea Arcangeli) +- x86/kaiser/mm: consider the init_mm.pgd a kaiser pgd (Andrea Arcangeli) +- x86/kaiser/mm: convert userland visible "kpti" name to "pti" (Andrea Arcangeli) +- Revert "x86/entry: Use retpoline for syscall's indirect calls" (Josh Poimboeuf) +- x86/spec_ctrl: set IBRS during resume from RAM if ibrs_enabled is 2 (Andrea Arcangeli) +- x86/kaiser/mm: __load_cr3 in resume from RAM after kernel gs has been restored (Andrea Arcangeli) +- x86/spec_ctrl: allow use_ibp_disable only if both SPEC_CTRL and IBPB_SUPPORT are missing (Andrea Arcangeli) +- x86/spec_ctrl: Documentation spec_ctrl.txt (Andrea Arcangeli) +- x86/spec_ctrl: remove irqs_disabled() check from intel_idle() (Andrea Arcangeli) +- x86/spec_ctrl: use enum when setting ibrs/ibpb_enabled (Josh Poimboeuf) +- x86/spec_ctrl: undo speculation barrier for ibrs_enabled and noibrs_cmdline (Andrea Arcangeli) +- x86/spec_ctrl: introduce ibpb_enabled = 2 for IBPB instead of IBRS (Andrea Arcangeli) +- x86/spec_ctrl: introduce SPEC_CTRL_PCP_ONLY_IBPB (Andrea Arcangeli) +- x86/spec_ctrl: cleanup s/flush/sync/ naming when sending IPIs (Andrea Arcangeli) +- x86/spec_ctrl: set IBRS during CPU init if in ibrs_enabled == 2 (Andrea Arcangeli) +- x86/spec_ctrl: use IBRS_ENABLED instead of 1 (Andrea Arcangeli) +- x86/spec_ctrl: allow the IBP disable feature to be toggled at runtime (Andrea Arcangeli) +- x86/spec_ctrl: always initialize save_reg in ENABLE_IBRS_SAVE_AND_CLOBBER (Andrea Arcangeli) +- x86/spec_ctrl: ibrs_enabled() is expected to return > 1 (Andrea Arcangeli) +- x86/spec_ctrl: issue a __spec_ctrl_ibpb if a credential check isn't possible (Andrea Arcangeli) +- ibpb: don't optimize spec_cntrl_ibpb on PREEMPT_RCU (Clark Williams) +- x86/spec_ctrl: clear registers after 32bit syscall stackframe is setup (Andrea Arcangeli) +- x86/spec_ctrl: reload spec_ctrl cpuid in all microcode load paths (Andrea Arcangeli) +- x86/kaiser/mm: fix pgd freeing in error path (Andrea Arcangeli) +- x86/mm/kaiser: disable global pages by default with KAISER (Dave Hansen) +- Revert "x86/mm/kaiser: Disable global pages by default with KAISER" (Josh Poimboeuf) +- x86/spec_ctrl: Prevent unwanted speculation without IBRS (Josh Poimboeuf) +- x86/entry: Remove trampoline check from paranoid entry path (Josh Poimboeuf) +- x86/entry: Fix paranoid_exit() trampoline clobber (Josh Poimboeuf) +- x86/entry: Simplify trampoline stack restore code (Waiman Long) +- x86/dumpstack: Remove raw stack dump (Scott Wood) +- x86/spec_ctrl: remove SPEC_CTRL_DEBUG code (Josh Poimboeuf) +- x86/spec_ctrl: add noibrs noibpb boot options (Andrea Arcangeli) +- x86/entry: Use retpoline for syscall's indirect calls (Tim Chen) +- x86/syscall: Clear unused extra registers on 32-bit compatible syscall entrance (Tim Chen) +- x86/spec_ctrl: cleanup unnecessary ptregscall_common function (Andrea Arcangeli) +- x86/spec_ctrl: CLEAR_EXTRA_REGS and extra regs save/restore (Josh Poimboeuf) +- x86/syscall: Clear unused extra registers on syscall entrance (Tim Chen) +- x86/spec_ctrl: rescan cpuid after a late microcode update (Andrea Arcangeli) +- x86/spec_ctrl: add debugfs ibrs_enabled ibpb_enabled (Andrea Arcangeli) +- x86/spec_ctrl: consolidate the spec control boot detection (Andrea Arcangeli) +- x86/KVM/spec_ctrl: allow IBRS to stay enabled in host userland (Andrea Arcangeli) +- x86/spec_ctrl: add debug aid to test the entry code without microcode (Andrea Arcangeli) +- x86/spec_ctrl: move stuff_RSB in spec_ctrl.h (Andrea Arcangeli) +- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (Tim Chen) +- x86/mm: Only set IBPB when the new thread cannot ptrace current thread (Tim Chen) +- x86/mm: Set IBPB upon context switch (Tim Chen) +- x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup (Tim Chen) +- x86/idle: Disable IBRS entering idle and enable it on wakeup (Tim Chen) +- x86/spec_ctrl: implement spec ctrl C methods (Andrea Arcangeli) +- x86/spec_ctrl: save IBRS MSR value in save_paranoid for NMI (Andrea Arcangeli) +- x86/enter: Use IBRS on syscall and interrupts (Tim Chen) +- x86/spec_ctrl: swap rdx with rsi for nmi nesting detection (Andrea Arcangeli) +- x86/spec_ctrl: spec_ctrl_pcp and kaiser_enabled_pcp in same cachline (Andrea Arcangeli) +- x86/spec_ctrl: use per-cpu knob instead of ALTERNATIVES for ibpb and ibrs (Andrea Arcangeli) +- x86/enter: MACROS to set/clear IBRS and set IBPB (Tim Chen) +- KVM: x86: add SPEC_CTRL to MSR and CPUID lists (Paolo Bonzini) +- kvm: svm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Paolo Bonzini) +- x86/svm: Set IBPB when running a different VCPU (Paolo Bonzini) +- kvm: vmx: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Paolo Bonzini) +- kvm: vmx: Set IBPB when running a different VCPU (Tim Chen) +- KVM: x86: clear registers on VM exit (Tom Lendacky) +- x86/kvm: Pad RSB on VM transition (Tim Chen) +- x86/cpu/AMD: Control indirect branch predictor when SPEC_CTRL not available (Tom Lendacky) +- x86/feature: Report presence of IBPB and IBRS control (Tim Chen) +- x86/feature: Enable the x86 feature to control Speculation (Tim Chen) +- objtool: Don't print 'call dest' warnings for ignored functions (Josh Poimboeuf) +- locking/barriers: prevent speculative execution based on Coverity scan results (Josh Poimboeuf) +- udf: prevent speculative execution (Elena Reshetova) +- fs: prevent speculative execution (Elena Reshetova) +- userns: prevent speculative execution (Elena Reshetova) +- qla2xxx: prevent speculative execution (Elena Reshetova) +- p54: prevent speculative execution (Elena Reshetova) +- carl9170: prevent speculative execution (Elena Reshetova) +- uvcvideo: prevent speculative execution (Elena Reshetova) +- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Tom Lendacky) +- x86/cpu/AMD: Make the LFENCE instruction serialized (Tom Lendacky) +- locking/barriers: introduce new memory barrier gmb() (Elena Reshetova) +- x86/mm/kaiser: Replace kaiser with kpti to sync with upstream (Waiman Long) +- x86/mm/kaiser: add "kaiser" and "nokaiser" boot options (Waiman Long) +- x86/mm/kaiser: map the trace idt tables in userland shadow pgd (Andrea Arcangeli) +- x86/mm/kaiser: fix RESTORE_CR3 crash in kaiser_stop_machine (Andrea Arcangeli) +- x86/mm/kaiser: use stop_machine for enable/disable knob (Andrea Arcangeli) +- x86/mm/kaiser: use atomic ops to poison/unpoison user pagetables (Andrea Arcangeli) +- x86/mm/kaiser: use invpcid to flush the two kaiser PCID AISD (Andrea Arcangeli) +- x86/mm/kaiser: use two PCID ASIDs optimize the TLB during enter/exit kernel (Andrea Arcangeli) +- x86/mm/kaiser: stop patching flush_tlb_single (Andrea Arcangeli) +- x86/mm/kaiser: use PCID feature to make user and kernel switches faster (Dave Hansen) +- x86/mm: If INVPCID is available, use it to flush global mappings (Andy Lutomirski) +- x86/mm/64: Fix reboot interaction with CR4.PCIDE (Andy Lutomirski) +- x86/mm/64: Initialize CR4.PCIDE early (Andy Lutomirski) +- x86/mm: Add a 'noinvpcid' boot option to turn off INVPCID (Andy Lutomirski) +- x86/mm: Add the 'nopcid' boot option to turn off PCID (Andy Lutomirski) +- x86/mm/kaiser: validate trampoline stack (Andrea Arcangeli) +- x86/entry: Move SYSENTER_stack to the beginning of struct tss_struct (Andy Lutomirski) +- x86/mm/kaiser: isolate the user mapped per cpu areas (Andrea Arcangeli) +- x86/mm/kaiser: enable kaiser in build (Andrea Arcangeli) +- x86/mm/kaiser: selective boot time defaults (Andrea Arcangeli) +- x86/mm/kaiser: handle call to xen_pv_domain() on PREEMPT_RT (Clark Williams) +- x86/mm/kaiser/xen: Dynamically disable KAISER when running under Xen PV (Dave Hansen) +- x86/mm/kaiser: add Kconfig (Dave Hansen) +- x86/mm/kaiser: avoid false positives during non-kaiser pgd updates (Andrea Arcangeli) +- x86/mm/kaiser: Respect disabled CPU features (Thomas Gleixner) +- x86/mm/kaiser: trampoline stack comments (Josh Poimboeuf) +- x86/mm/kaiser: stack trampoline (Andrea Arcangeli) +- x86/mm/kaiser: remove paravirt clock warning (Andrea Arcangeli) +- x86/mm/kaiser: re-enable vsyscalls (Andrea Arcangeli) +- x86/mm/kaiser: allow to build KAISER with KASRL (Andrea Arcangeli) +- x86/mm/kaiser: allow KAISER to be enabled/disabled at runtime (Dave Hansen) +- x86/mm/kaiser: un-poison PGDs at runtime (Dave Hansen) +- x86/mm/kaiser: add a function to check for KAISER being enabled (Dave Hansen) +- x86/mm/kaiser: add debugfs file to turn KAISER on/off at runtime (Dave Hansen) +- x86/mm/kaiser: disable native VSYSCALL (Dave Hansen) +- x86/mm/kaiser: map virtually-addressed performance monitoring buffers (Hugh Dickins) +- x86/mm/kaiser: map debug IDT tables (Dave Hansen) +- x86/mm/kaiser: add kprobes text section (Andrea Arcangeli) +- x86/mm/kaiser: map trace interrupt entry (Dave Hansen) +- x86/mm/kaiser: map entry stack per-cpu areas (Andrea Arcangeli) +- x86/mm/kaiser: map dynamically-allocated LDTs (Dave Hansen) +- x86/mm/kaiser: make sure static PGDs are 8k in size (Dave Hansen) +- x86/mm/kaiser: allow NX poison to be set in p4d/pgd (Dave Hansen) +- x86/mm/kaiser: unmap kernel from userspace page tables (core patch) (Dave Hansen) +- x86/mm/kaiser: mark per-cpu data structures required for entry/exit (Dave Hansen) +- x86/mm/kaiser: introduce user-mapped per-cpu areas (Dave Hansen) +- x86/mm/kaiser: add cr3 switches to entry code (Andrea Arcangeli) +- x86/mm/kaiser: remove scratch registers (Andrea Arcangeli) +- x86/mm/kaiser: prepare assembly for entry/exit CR3 switching (Dave Hansen) +- x86/mm/kaiser: Disable global pages by default with KAISER (Dave Hansen) +- x86/mm: Document X86_CR4_PGE toggling behavior (Dave Hansen) +- x86/mm/tlb: Make CR4-based TLB flushes more robust (Dave Hansen) +- x86/mm: Do not set _PAGE_USER for init_mm page tables (Dave Hansen) +- x86: increase robusteness of bad_iret fixup handler (Andrea Arcangeli) +- perf/x86/intel/uncore: Fix memory leaks on allocation failures (Colin Ian King) +- userfaultfd: hugetlbfs: prevent UFFDIO_COPY to fill beyond the end of i_size (Andrea Arcangeli) +- userfaultfd: non-cooperative: fix fork use after free (Andrea Arcangeli) +- userfaultfd: hugetlbfs: remove superfluous page unlock in VM_SHARED case (Andrea Arcangeli) +- mm: fix bad rss-counter if remap_file_pages raced migration (Hugh Dickins) +- redhat: reduce build xz compression to speed it up (Andrea Arcangeli) +- gcc: fix build with 6.4.0 PIE default (Andrea Arcangeli) + * Thu Nov 09 2017 Clark Williams [3.10.0-693.11.1.rt56.632.el7] - [rt] Update source tree to match RHEL 7.4 tree [1489084 1462329] - rt: fix timer softirq merge (Clark Williams)