From c34d21edd0f8861c05651b15c328ca0994e71e7f Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: May 14 2019 17:23:07 +0000
Subject: import kernel-rt-4.18.0-80.1.2.rt9.145.el8_0


---

diff --git a/.gitignore b/.gitignore
index 75a3fd9..fcacbc3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/linux-4.18.0-80.rt9.138.el8.tar.xz
+SOURCES/linux-4.18.0-80.1.2.rt9.145.el8_0.tar.xz
diff --git a/.kernel-rt.metadata b/.kernel-rt.metadata
index dbfffd5..b674187 100644
--- a/.kernel-rt.metadata
+++ b/.kernel-rt.metadata
@@ -1 +1 @@
-e03fefa17e852aac3b079fb694812e1d32c70285 SOURCES/linux-4.18.0-80.rt9.138.el8.tar.xz
+e32ecab6583ba6198c826869521856d2eb0e3182 SOURCES/linux-4.18.0-80.1.2.rt9.145.el8_0.tar.xz
diff --git a/SOURCES/kernel-rt-aarch64-debug.config b/SOURCES/kernel-rt-aarch64-debug.config
index c6057ea..edc89eb 100644
--- a/SOURCES/kernel-rt-aarch64-debug.config
+++ b/SOURCES/kernel-rt-aarch64-debug.config
@@ -2988,6 +2988,7 @@ CONFIG_FS_DAX=y
 CONFIG_FTRACE=y
 CONFIG_FTRACE_MCOUNT_RECORD=y
 CONFIG_FTRACE_SYSCALLS=y
+CONFIG_FUJITSU_ERRATUM_010001=y
 CONFIG_FUNCTION_GRAPH_TRACER=y
 CONFIG_FUNCTION_TRACER=y
 CONFIG_FUSE_FS=m
diff --git a/SOURCES/kernel-rt-aarch64.config b/SOURCES/kernel-rt-aarch64.config
index 065ae14..4321757 100644
--- a/SOURCES/kernel-rt-aarch64.config
+++ b/SOURCES/kernel-rt-aarch64.config
@@ -3016,6 +3016,7 @@ CONFIG_FS_DAX=y
 CONFIG_FTRACE=y
 CONFIG_FTRACE_MCOUNT_RECORD=y
 CONFIG_FTRACE_SYSCALLS=y
+CONFIG_FUJITSU_ERRATUM_010001=y
 CONFIG_FUNCTION_GRAPH_TRACER=y
 CONFIG_FUNCTION_TRACER=y
 CONFIG_FUSE_FS=m
diff --git a/SOURCES/mod-extra-blacklist.sh b/SOURCES/mod-extra-blacklist.sh
new file mode 100755
index 0000000..c705a6c
--- /dev/null
+++ b/SOURCES/mod-extra-blacklist.sh
@@ -0,0 +1,58 @@
+#!/bin/bash
+
+list="$1"
+buildroot=${list%/*}
+
+blacklist()
+{
+	cat > "$buildroot/etc/modprobe.d/$1-blacklist.conf" <<-__EOF__
+	# This kernel module can be automatically loaded by non-root users. To
+	# enhance system security, the module is blacklisted by default to ensure
+	# system administrators make the module available for use as needed.
+	# See https://access.redhat.com/articles/3760101 for more details.
+	#
+	# Remove the blacklist by adding a comment # at the start of the line.
+	blacklist $1
+__EOF__
+}
+
+check_blacklist()
+{
+	if modinfo "$buildroot/$1" | grep -q '^alias:\s\+net-'; then
+		mod="${1##*/}"
+		mod="${mod%.ko*}"
+		echo "$mod has an alias that allows auto-loading. Blacklisting."
+		blacklist "$mod"
+	fi
+}
+
+foreachp()
+{
+	P=$(nproc)
+	bgcount=0
+	while read mod; do
+		$1 "$mod" &
+
+		bgcount=$((bgcount + 1))
+		if [ $bgcount -eq $P ]; then
+			wait -n
+			bgcount=$((bgcount - 1))
+		fi
+	done
+
+	wait
+}
+
+[ -d "$buildroot/etc/modprobe.d/" ] || mkdir -p "$buildroot/etc/modprobe.d/"
+
+if [ -s $list ]; then
+	cat $list | foreachp check_blacklist
+	if ls $buildroot/etc/modprobe.d/* >& /dev/null ; then
+		echo "%defattr(-,root,root)" >> $list
+		echo "%config(noreplace) /etc/modprobe.d/*-blacklist.conf" >> $list
+	fi
+else
+	# If modules-extra.list is empty the %files section will throw an
+	# error.  Add a dummy entry to workaround the problem.
+	echo "%defattr(-,root,root)" >> $list
+fi
diff --git a/SOURCES/mod-extra.sh b/SOURCES/mod-extra.sh
index d121bd0..fd555ba 100755
--- a/SOURCES/mod-extra.sh
+++ b/SOURCES/mod-extra.sh
@@ -1,17 +1,18 @@
 #! /bin/bash
 
-Dir=$1
-List=$2
+Rpmdir=$1
+Dir=$Rpmdir/$2
+List=$3
 
 pushd $Dir
 rm -rf modnames
 find . -name "*.ko" -type f > modnames
 # Look through all of the modules, and throw any that have a dependency in
 # our list into the list as well.
-rm -rf dep.list dep2.list
+rm -rf dep.list
 rm -rf req.list req2.list
 touch dep.list req.list
-cp $2 .
+cp $List .
 
 for dep in `cat modnames`
 do
@@ -48,33 +49,12 @@ do
   # get the path for the module
   modpath=`grep /$mod modnames` ||:
   [ -z "$modpath" ]  && continue;
-  echo $modpath >> dep.list
+  echo /lib/modules/$(basename $Dir)/${modpath#"./"} >> dep.list
 done
 
-sort -u dep.list > dep2.list
-
-# now move the modules into the extra/ directory
-for mod in `cat dep2.list`
-do
-  newpath=`dirname $mod | sed -e 's/kernel\//extra\//'`
-  mkdir -p $newpath
-  mv $mod $newpath
-done
-
-popd
-
-# If we're signing modules, we can't leave the .mod files for the .ko files
-# we've moved in .tmp_versions/.  Remove them so the Kbuild 'modules_sign'
-# target doesn't try to sign a non-existent file.  This is kinda ugly, but
-# so is modules-extra.
-
-for mod in `cat ${Dir}/dep2.list`
-do
-  modfile=`basename $mod | sed -e 's/.ko/.mod/'`
-  rm .tmp_versions/$modfile
-done
-
-pushd $Dir
-rm modnames dep.list dep2.list req.list req2.list
+sort -u dep.list > $Rpmdir/modules-extra.list
+rm modnames dep.list req.list req2.list
 rm mod-extra.list mod-extra2.list mod-extra3.list
 popd
+
+sed -i "s|^\/||g" $Rpmdir/modules-extra.list
diff --git a/SPECS/kernel-rt.spec b/SPECS/kernel-rt.spec
index 51b4432..330bcb9 100644
--- a/SPECS/kernel-rt.spec
+++ b/SPECS/kernel-rt.spec
@@ -7,10 +7,10 @@ Summary: The Linux kernel
 # For internal testing builds during development, it should be 0.
 %global released_kernel 1
 
-%global distro_build 80
+%global distro_build 80.1.1
 
 # Sign the x86_64 kernel for secure boot authentication
-%ifarch x86_64
+%ifarch x86_64 aarch64
 %global signkernel 1
 %else
 %global signkernel 0
@@ -33,10 +33,10 @@ Summary: The Linux kernel
 # define buildid .local
 
 %define rpmversion 4.18.0
-%define pkgrelease 80.rt9.138.el8
+%define pkgrelease 80.1.2.rt9.145.el8_0
 
 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 80.rt9.138%{?dist}
+%define specrelease 80.1.2.rt9.145%{?dist}
 
 %define pkg_release %{specrelease}%{?buildid}
 
@@ -45,6 +45,7 @@ Summary: The Linux kernel
 # All should default to 1 (enabled) and be flipped to 0 (disabled)
 # by later arch-specific checks.
 
+%define _with_kabidupchk 1
 # The following build options are enabled by default.
 # Use either --without <opt> in your rpmbuild command or force values
 # to 0 in here to disable them.
@@ -53,6 +54,8 @@ Summary: The Linux kernel
 %define with_up        %{?_without_up:        0} %{?!_without_up:        1}
 # kernel-debug
 %define with_debug     %{?_without_debug:     0} %{?!_without_debug:     1}
+# kernel-doc
+%define with_doc       %{?_without_doc:       0} %{?!_without_doc:       1}
 # kernel-headers
 # realtime
 %define with_realtime %{?_without_realtime:   0} %{?!_without_realtime:  1}
@@ -124,7 +127,7 @@ Summary: The Linux kernel
 # The preempt RT patch level
 %global rttag .rt9
 # realtimeN
-%global rtbuild .138
+%global rtbuild .145
 %define with_headers 0
 %define with_cross_headers 0
 %define with_perf 0
@@ -178,6 +181,12 @@ Summary: The Linux kernel
 
 # Overrides for generic default options
 
+# only package docs noarch
+%ifnarch noarch
+%define with_doc 0
+%define doc_build_fail true
+%endif
+
 # don't build noarch kernels or headers (duh)
 %ifarch noarch
 %define with_up 0
@@ -287,10 +296,13 @@ Requires: %{name}-modules-uname-r = %{KVERREL}%{?variant}
 #
 # List the packages used during the kernel build
 #
-BuildRequires: kmod, patch, bash, tar, git
+BuildRequires: kmod, patch, bash, sh-utils, tar, git
 BuildRequires: bzip2, xz, findutils, gzip, m4, perl-interpreter, perl-Carp, perl-devel, perl-generators, make, diffutils, gawk
 BuildRequires: gcc, binutils, redhat-rpm-config, hmaccalc, python3-devel
 BuildRequires: net-tools, hostname, bc, bison, flex, elfutils-devel
+%if %{with_doc}
+BuildRequires: xmlto, asciidoc, python3-sphinx
+%endif
 %if %{with_sparse}
 BuildRequires: sparse
 %endif
@@ -327,7 +339,6 @@ BuildConflicts: rpm < 4.13.0.1-19
 %undefine _unique_debug_srcs
 %undefine _debugsource_packages
 %undefine _debuginfo_subpackages
-%undefine _include_gdb_index
 %global _find_debuginfo_opts -r
 %global _missing_build_ids_terminate_build 1
 %global _no_recompute_build_ids 1
@@ -372,6 +383,7 @@ Source14: redhatsecureboot003.cer
 Source16: mod-extra.list
 Source17: mod-extra.sh
 Source18: mod-sign.sh
+Source19: mod-extra-blacklist.sh
 Source90: filter-x86_64.sh
 Source93: filter-aarch64.sh
 Source96: filter-ppc64le.sh
@@ -450,6 +462,19 @@ AutoReq: no\
 AutoProv: yes\
 %{nil}
 
+
+%package doc
+Summary: Various documentation bits found in the kernel source
+Group: Documentation
+%description doc
+This package contains documentation files from the kernel
+source. Various bits of information about the Linux kernel and the
+device drivers shipped with it are documented in these files.
+
+You'll want to install this package if you need a reference to the
+options that can be passed to Linux kernel modules at load time.
+
+
 %package headers
 Summary: Header files for the Linux kernel for use by glibc
 Group: Development/System
@@ -506,7 +531,7 @@ This package provides debug information for the perf package.
 # symlinks because of the trailing nonmatching alternation and
 # the leading .*, because of find-debuginfo.sh's buggy handling
 # of matching the pattern against the symlinks file.
-%{expand:%%global _find_debuginfo_opts %{?_find_debuginfo_opts} -p '.*%%{_bindir}/perf(\.debug)?|.*%%{_libexecdir}/perf-core/.*|.*%%{_libdir}/traceevent/plugins/.*|XXX' -o perf-debuginfo.list}
+%{expand:%%global _find_debuginfo_opts %{?_find_debuginfo_opts} -p '.*%%{_bindir}/perf(\.debug)?|.*%%{_libexecdir}/perf-core/.*|.*%%{_libdir}/traceevent/plugins/.*|.*%%{_libdir}/libperf-jvmti.so(\.debug)?|XXX' -o perf-debuginfo.list}
 
 %package -n python3-perf
 Summary: Python bindings for apps which will manipulate perf events
@@ -925,7 +950,8 @@ pathfix.py -i %{__python3} -p -n \
 	scripts/bloat-o-meter \
 	tools/perf/tests/attr.py \
 	tools/perf/scripts/python/stat-cpi.py \
-	tools/perf/scripts/python/sched-migration.py
+	tools/perf/scripts/python/sched-migration.py \
+	Documentation
 
 # only deal with configs if we are going to build for the arch
 %ifnarch %nobuildarches
@@ -1059,12 +1085,22 @@ BuildKernel() {
     fi
     %if %{signkernel}
     # Sign the image if we're using EFI
-    %pesign -s -i $KernelImage -o vmlinuz.signed -a %{SOURCE13} -c %{SOURCE14} -n %{pesign_name}
+    # aarch64 kernels are gziped EFI images
+    KernelExtension=${KernelImage##*.}
+    if [ "$KernelExtension" == "gz" ]; then
+        SignImage=${KernelImage%.*}
+    else
+        SignImage=$KernelImage
+    fi
+    %pesign -s -i $SignImage -o vmlinuz.signed -a %{SOURCE13} -c %{SOURCE14} -n %{pesign_name}
     if [ ! -s vmlinuz.signed ]; then
         echo "pesigning failed"
         exit 1
     fi
-    mv vmlinuz.signed $KernelImage
+    mv vmlinuz.signed $SignImage
+    if [ "$KernelExtension" == "gz" ]; then
+        gzip -f9 $SignImage
+    fi
     %endif
     $CopyKernel $KernelImage \
                 $RPM_BUILD_ROOT/%{image_install_path}/$InstallName-$KernelVer
@@ -1114,7 +1150,6 @@ BuildKernel() {
     mkdir -p $RPM_BUILD_ROOT/lib/modules/$KernelVer/build
     (cd $RPM_BUILD_ROOT/lib/modules/$KernelVer ; ln -s build source)
     # dirs for additional modules per module-init-tools, kbuild/modules.txt
-    mkdir -p $RPM_BUILD_ROOT/lib/modules/$KernelVer/extra
     mkdir -p $RPM_BUILD_ROOT/lib/modules/$KernelVer/updates
     mkdir -p $RPM_BUILD_ROOT/lib/modules/$KernelVer/weak-updates
     # first copy everything
@@ -1321,9 +1356,6 @@ BuildKernel() {
         rm -f modules.{alias*,builtin.bin,dep*,*map,symbols*,devname,softdep}
     popd
 
-    # Call the modules-extra script to move things around
-    %{SOURCE17} $RPM_BUILD_ROOT/lib/modules/$KernelVer %{SOURCE16}
-
     #
     # Generate the kernel-core and kernel-modules files lists
     #
@@ -1335,8 +1367,23 @@ BuildKernel() {
     mkdir restore
     cp -r lib/modules/$KernelVer/* restore/.
 
-    # don't include anything going into k-m-e in the file lists
-    rm -rf lib/modules/$KernelVer/extra
+    # Call the modules-extra script to move things around.  Note cleanup below.
+    %{SOURCE17} $RPM_BUILD_ROOT /lib/modules/$KernelVer %{SOURCE16}
+    # Blacklist net autoloadable modules in modules-extra
+    %{SOURCE19} $RPM_BUILD_ROOT/modules-extra.list
+    cat $RPM_BUILD_ROOT/modules-extra.list | xargs rm -f
+
+    # If we're signing modules, we can't leave the .mod files for the .ko files
+    # we've moved in .tmp_versions/.  Remove them so the Kbuild 'modules_sign'
+    # target doesn't try to sign a non-existent file.  This is kinda ugly, but
+    # so is modules-extra.
+    popd
+    for mod in `cat $RPM_BUILD_ROOT/modules-extra.list`
+	do
+	  modfile=`basename $mod | sed -e 's/.ko/.mod/'`
+	  [ -f "$modfile" ] && rm .tmp_versions/$modfile
+	done
+    pushd $RPM_BUILD_ROOT
 
     if [ $DoModules -eq 1 ]; then
 	# Find all the module files and filter them out into the core and
@@ -1360,6 +1407,8 @@ BuildKernel() {
 	# Ensure important files/directories exist to let the packaging succeed
 	echo '%%defattr(-,-,-)' > modules.list
 	echo '%%defattr(-,-,-)' > k-d.list
+	# This overwrites anything created by %{SOURCE19}
+	echo '%%defattr(-,-,-)' > modules-extra.list
 	mkdir -p lib/modules/$KernelVer/kernel
 	# Add files usually created by make modules, needed to prevent errors
 	# thrown by depmod during package installation
@@ -1387,11 +1436,14 @@ BuildKernel() {
     sed -e 's/^lib*/\/lib/' %{?zipsed} $RPM_BUILD_ROOT/k-d.list > ../%{name}${Flavour:+-${Flavour}}-modules.list
     sed -e 's/^lib*/%dir \/lib/' %{?zipsed} $RPM_BUILD_ROOT/module-dirs.list > ../%{name}${Flavour:+-${Flavour}}-core.list
     sed -e 's/^lib*/\/lib/' %{?zipsed} $RPM_BUILD_ROOT/modules.list >> ../%{name}${Flavour:+-${Flavour}}-core.list
+    sed -e 's/^lib*/\/lib/' %{?zipsed} $RPM_BUILD_ROOT/modules-extra.list >> ../%{name}${Flavour:+-${Flavour}}-modules-extra.list
 
     # Cleanup
     rm -f $RPM_BUILD_ROOT/k-d.list
     rm -f $RPM_BUILD_ROOT/modules.list
     rm -f $RPM_BUILD_ROOT/module-dirs.list
+    # Cleanup file created by %{SOURCE17}
+    rm -f $RPM_BUILD_ROOT/modules-extra.list
 
 %if %{signmodules}
     if [ $DoModules -eq 1 ]; then
@@ -1511,6 +1563,15 @@ pushd tools/testing/selftests
 popd
 %endif
 
+%if %{with_doc}
+# Make the HTML pages.
+make htmldocs || %{doc_build_fail}
+
+# sometimes non-world-readable files sneak into the kernel source tree
+chmod -R a=rX Documentation
+find Documentation -type d | xargs chmod u+w
+%endif
+
 # In the modsign case, we do 3 things.  1) We check the "flavour" and hard
 # code the value in the following invocations.  This is somewhat sub-optimal
 # but we're doing this inside of an RPM macro and it isn't as easy as it
@@ -1574,6 +1635,15 @@ popd
 
 cd linux-%{KVERREL}
 
+%if %{with_doc}
+docdir=$RPM_BUILD_ROOT%{_datadir}/doc/kernel-doc-%{rpmversion}
+
+# copy the source over
+mkdir -p $docdir
+tar -h -f - --exclude=man --exclude='.*' -c Documentation | tar xf - -C $docdir
+
+%endif # with_doc
+
 # We have to do the headers install before the tools install because the
 # kernel headers_install will remove any header files in /usr/include that
 # it doesn't install itself.
@@ -1907,6 +1977,15 @@ fi
 %endif
 %endif
 
+# only some architecture builds need kernel-doc
+%if %{with_doc}
+%files doc
+%defattr(-,root,root)
+%{_datadir}/doc/kernel-doc-%{rpmversion}/Documentation/*
+%dir %{_datadir}/doc/kernel-doc-%{rpmversion}/Documentation
+%dir %{_datadir}/doc/kernel-doc-%{rpmversion}
+%endif
+
 %if %{with_perf}
 %files -n perf
 %defattr(-,root,root)
@@ -1935,9 +2014,8 @@ fi
 %endif # with_perf
 
 %if %{with_tools}
-%files -n kernel-tools
-%defattr(-,root,root)
 %ifarch %{cpupowerarchs}
+%defattr(-,root,root)
 %files -n %{name}-tools -f cpupower.lang
 %{_bindir}/cpupower
 %ifarch x86_64
@@ -1953,6 +2031,9 @@ fi
 %{_bindir}/turbostat
 %{_mandir}/man8/turbostat*
 %endif
+%else # !cpupowerarchs
+%files -n kernel-tools
+%defattr(-,root,root)
 %endif # cpupowerarchs
 %{_bindir}/tmon
 %{_bindir}/iio_event_monitor
@@ -2077,9 +2158,7 @@ fi
 %defattr(-,root,root)\
 %defverify(not mtime)\
 /usr/src/kernels/%{KVERREL}%{?3:+%{3}}\
-%{expand:%%files %{?3:%{3}-}modules-extra}\
-%defattr(-,root,root)\
-/lib/modules/%{KVERREL}%{?3:+%{3}}/extra\
+%{expand:%%files -f %{name}-%{?3:%{3}-}modules-extra.list %{?3:%{3}-}modules-extra}\
 %if %{with_debuginfo}\
 %ifnarch noarch\
 %{expand:%%files -f debuginfo%{?3}.list %{?3:%{3}-}debuginfo}\
@@ -2122,6 +2201,69 @@ fi
 #
 #
 %changelog
+* Thu May 09 2019 Clark Williams <williams@redhat.com> [4.18.0-80.1.2.rt9.145.el8_0]
+- [rt] kernel-rt-4.18.0-80.1.2.rt9.144.el8_0 (Clark Williams)
+- [rhel-rt] fix incorrect build number (Clark Williams)
+- [rt] kernel-rt-4.18.0-80.1.2.rt9.144.el8_0 (Clark Williams)
+- [rt] kernel-rt-4.18.0-80.1.2.rt9.143.el8_0 (Clark Williams)
+- [rt] kernel-rt-4.18.0-80.1.2.rt9.142.el8_0.test (Clark Williams)
+- [rt] kernel-rt-4.18.0-80.1.2.rt9.141.el8_0.test (Clark Williams)
+- [netdrv] qed: Fix qed_mcp_halt|resume() (Manish Chopra) [1704184 1697310]
+- [cpufreq] cpufreq: intel_pstate: Also use CPPC nominal_perf for base_frequency (Prarit Bhargava) [1706739 1696131]
+- [acpi] ACPI / CPPC: Fix guaranteed performance handling (Prarit Bhargava) [1706739 1696131]
+- [arm64] arm64: Add workaround for Fujitsu A64FX erratum 010001 (Mark Langsdorf) [1700902 1666951]
+- [s390] vfio_ap: link the vfio_ap devices to the vfio_ap bus subsystem (Cornelia Huck) [1700290 1686044]
+- [netdrv] net/mlx4_en: Force CHECKSUM_NONE for short ethernet frames (Alaa Hleihel) [1700289 1651509]
+- [netdrv] net/mlx5e: Force CHECKSUM_UNNECESSARY for short ethernet frames (Alaa Hleihel) [1700289 1651509]
+- [pci] PCI: pciehp: Fix re-enabling the slot marked for safe removal (Myron Stowe) [1700288 1695922]
+
+* Wed May 08 2019 Clark Williams <williams@redhat.com> [4.18.0-80.1.2.rt9.144.el8_0]
+- [rt] kernel-rt-4.18.0-80.1.2.rt9.143.el8_0 (Clark Williams)
+- [rt] kernel-rt-4.18.0-80.1.2.rt9.142.el8_0.test (Clark Williams)
+
+* Wed May 08 2019 Clark Williams <williams@redhat.com> [4.18.0-80.1.2.rt9.142.el8_0.test]
+- [rt] kernel-rt-4.18.0-80.1.2.rt9.141.el8_0.test (Clark Williams)
+
+* Thu May 02 2019 Clark Williams <williams@redhat.com> [4.18.0-80.1.2.rt9.141.el8_0]
+- [rt] kernel-rt-4.18.0-80.1.2.rt9.140.el8_0 (Clark Williams)
+
+* Thu May 02 2019 Clark Williams <williams@redhat.com> [4.18.0-80.1.2.rt9.140.el8_0]
+- [rt] kernel-rt-4.18.0-80.1.2.rt9.139.el8_0 (Clark Williams)
+- [arm64] arm64/speculation: Support 'mitigations=' cmdline option (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [s390] s390/speculation: Support 'mitigations=' cmdline option (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [powerpc] powerpc/speculation: Support 'mitigations=' cmdline option (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [powerpc] powerpc/64: Disable the speculation barrier from the command line (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation/mds: Add 'mitigations=' support for MDS (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation: Support 'mitigations=' cmdline option (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [kernel] cpu/speculation: Add 'mitigations=' cmdline option (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation/mds: Fix comment (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation/mds: Add SMT warning message (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation/mds: Add mds=full, nosmt cmdline option (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [documentation] Documentation: Add MDS vulnerability documentation (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [documentation] Documentation: Move L1TF to separate directory (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation/mds: Add mitigation mode VMWERV (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation/mds: Add sysfs reporting for MDS (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation/mds: Add mitigation control for MDS (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation: Consolidate CPU whitelists (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/msr-index: Cleanup bit defines (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/speculation: Cast ~SPEC_CTRL_STIBP atomic value to int (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [x86] x86/cpu: Sanitize FAM6_ATOM naming (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [include] locking/atomics, asm-generic: Move some macros from <linux/bitops.h> to a new <linux/bits.h> file (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+- [tools] tools include: Adopt linux/bits.h (Josh Poimboeuf) [1698809 1698896 1699001 1690338 1690360 1690351] {CVE-2018-12130 CVE-2018-12127 CVE-2018-12126}
+
+* Wed May 01 2019 Clark Williams <williams@redhat.com> [4.18.0-80.1.1.rt9.139.el8_0]
+- [rt] kernel-rt-4.18.0-80.1.1.rt9.138.el8_0 (Clark Williams)
+- [zstream] switch to zstream (Frantisek Hrbata)
+
 * Fri Mar 15 2019 Clark Williams <williams@redhat.com> [4.18.0-80.rt9.138.el8]
 - [rt] kernel-rt-4.18.0-80.rt9.137.el8 (Clark Williams) [1503308]