From 4e28a298c71084641686c545a2feea803089a792 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Nov 21 2023 14:53:39 +0000 Subject: import kernel-rt-3.10.0-1160.105.1.rt56.1256.el7 --- diff --git a/.gitignore b/.gitignore index 4396a56..0e86eac 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ -SOURCES/kernel-rt-3.10.0-1160.102.1.rt56.1250.tar.xz +SOURCES/kernel-rt-3.10.0-1160.105.1.rt56.1256.tar.xz SOURCES/rheldup3.x509 SOURCES/rhelkpatch1.x509 diff --git a/.kernel-rt.metadata b/.kernel-rt.metadata index f1fdaae..ffa683d 100644 --- a/.kernel-rt.metadata +++ b/.kernel-rt.metadata @@ -1,3 +1,3 @@ -a0133f9b3504b5bb012c61509aeb1ca50186b7f8 SOURCES/kernel-rt-3.10.0-1160.102.1.rt56.1250.tar.xz +b91c0511e191b7ca93327852118410cf1dff70e1 SOURCES/kernel-rt-3.10.0-1160.105.1.rt56.1256.tar.xz 95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509 d90885108d225a234a5a9d054fc80893a5bd54d0 SOURCES/rhelkpatch1.x509 diff --git a/SOURCES/kernel-3.10.0-x86_64-rt-debug.config b/SOURCES/kernel-3.10.0-x86_64-rt-debug.config index ce9beff..0b38b34 100644 --- a/SOURCES/kernel-3.10.0-x86_64-rt-debug.config +++ b/SOURCES/kernel-3.10.0-x86_64-rt-debug.config @@ -397,6 +397,7 @@ CONFIG_SMP=y CONFIG_X86_X2APIC=y CONFIG_X86_MPPARSE=y CONFIG_RETPOLINE=y +# CONFIG_GDS_FORCE_MITIGATION is not set CONFIG_INTEL_RDT=y CONFIG_X86_EXTENDED_PLATFORM=y # CONFIG_X86_NUMACHIP is not set diff --git a/SOURCES/kernel-3.10.0-x86_64-rt-trace.config b/SOURCES/kernel-3.10.0-x86_64-rt-trace.config index 32339f2..e69f5f6 100644 --- a/SOURCES/kernel-3.10.0-x86_64-rt-trace.config +++ b/SOURCES/kernel-3.10.0-x86_64-rt-trace.config @@ -396,6 +396,7 @@ CONFIG_SMP=y CONFIG_X86_X2APIC=y CONFIG_X86_MPPARSE=y CONFIG_RETPOLINE=y +# CONFIG_GDS_FORCE_MITIGATION is not set CONFIG_INTEL_RDT=y CONFIG_X86_EXTENDED_PLATFORM=y # CONFIG_X86_NUMACHIP is not set diff --git a/SOURCES/kernel-3.10.0-x86_64-rt.config b/SOURCES/kernel-3.10.0-x86_64-rt.config index 8f6df6a..188a4a0 100644 --- a/SOURCES/kernel-3.10.0-x86_64-rt.config +++ b/SOURCES/kernel-3.10.0-x86_64-rt.config @@ -396,6 +396,7 @@ CONFIG_SMP=y CONFIG_X86_X2APIC=y CONFIG_X86_MPPARSE=y CONFIG_RETPOLINE=y +# CONFIG_GDS_FORCE_MITIGATION is not set CONFIG_INTEL_RDT=y CONFIG_X86_EXTENDED_PLATFORM=y # CONFIG_X86_NUMACHIP is not set diff --git a/SPECS/kernel-rt.spec b/SPECS/kernel-rt.spec index c4bec30..fb6fc9c 100644 --- a/SPECS/kernel-rt.spec +++ b/SPECS/kernel-rt.spec @@ -6,10 +6,10 @@ Summary: The Linux Realtime kernel %global dist .el7 # realtimeN -%global rtbuild 1250 +%global rtbuild 1256 # RHEL7 build number -%global rhel_build 1160.102.1 +%global rhel_build 1160.105.1 # The preempt RT patch level %global rttag rt56 @@ -1454,6 +1454,39 @@ fi %endif %changelog +* Mon Nov 06 2023 Crystal Wood [3.10.0-1160.105.1.rt56.1256.el7] +- [rt] Update source tree to match RHEL rhel-7.9.z tree [RHEL-12459] +- net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free (Davide Caratti) [2228703] {CVE-2023-4128} +- net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free (Davide Caratti) [2228703] {CVE-2023-4128} +- net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free (Davide Caratti) [2228703] {CVE-2023-4128} + +* Fri Oct 20 2023 Crystal Wood [3.10.0-1160.104.1.rt56.1255.el7] +- [rt] Update source tree to match RHEL rhel-7.9.z tree [RHEL-12459] +- CI: Remove unused kpet_tree_family (Nikolai Kondrashov) +- xen/x86: don't lose event interrupts (Vitaly Kuznetsov) [RHEL-1534] +- Documentation/x86: Fix backwards on/off logic about YMM support (Waiman Long) [2229893] {CVE-2022-40982} +- KVM: Add GDS_NO support to KVM (Waiman Long) [2229893] {CVE-2022-40982} +- x86/speculation: Add Kconfig option for GDS (Waiman Long) [2229893] {CVE-2022-40982} +- x86/speculation: Add force option to GDS mitigation (Waiman Long) [2229893] {CVE-2022-40982} +- x86/speculation: Add Gather Data Sampling mitigation (Waiman Long) [2229893] {CVE-2022-40982} +- Documentation/ABI: Mention retbleed vulnerability info file for sysfs (Waiman Long) [2229893] +- docs/kernel-parameters: Update descriptions for "mitigations=" param with retbleed (Waiman Long) [2229893] +- x86/speculation: Add missing srbds=off to the mitigations= help text (Waiman Long) [2229893] +- x86: Sync Intel family names & cpu_vuln_blacklist[] with upstream (Waiman Long) [2229893] +* Tue Oct 10 2023 Crystal Wood [3.10.0-1160.103.1.rt56.1254.el7] +- [rt] Update source tree to match RHEL rhel-7.9.z tree [RHEL-12459] +- net/sched: sch_qfq: account for stab overhead in qfq_enqueue (Davide Caratti) [2225555] {CVE-2023-3611} +- net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg (Davide Caratti) [2225555] +- net/sched: cls_fw: Fix improper refcount update leads to use-after-free (Davide Caratti) [2225639] {CVE-2023-3776} +- redhat: fix to be able to build with rpm 4.19.0 (Denys Vlasenko) + +* Tue Oct 10 2023 Crystal Wood [3.10.0-1160.103.1.rt56.1254.el7] +- [rt] Update source tree to match RHEL rhel-7.9.z tree [RHEL-12459] +- net/sched: sch_qfq: account for stab overhead in qfq_enqueue (Davide Caratti) [2225555] {CVE-2023-3611} +- net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg (Davide Caratti) [2225555] +- net/sched: cls_fw: Fix improper refcount update leads to use-after-free (Davide Caratti) [2225639] {CVE-2023-3776} +- redhat: fix to be able to build with rpm 4.19.0 (Denys Vlasenko) + * Mon Sep 25 2023 Crystal Wood [3.10.0-1160.102.1.rt56.1250.el7] - [rt] Update source tree to match RHEL rhel-7.9.z tree [2232239] - net/sched: cls_u32: Fix reference counter leak leading to overflow (Davide Caratti) [2225486] {CVE-2023-3609}