diff --git a/.kernel.metadata b/.kernel.metadata index 15e2b70..95053a6 100644 --- a/.kernel.metadata +++ b/.kernel.metadata @@ -1,3 +1,3 @@ ba5599148e52ecd126ebcf873672e26d3288323e SOURCES/kernel-abi-whitelists-1160.tar.bz2 5000b85c42ef87b6835dd8eef063e4623c2e0fa9 SOURCES/kernel-kabi-dw-1160.tar.bz2 -806a15ce7a3ddc34c0590a7e5ece539964dc6709 SOURCES/linux-3.10.0-1160.25.1.el7.tar.xz +0428d9687917ed763b92bf073204efe0ee7723f2 SOURCES/linux-3.10.0-1160.31.1.el7.tar.xz diff --git a/SOURCES/Makefile.common b/SOURCES/Makefile.common index aeea916..ded6133 100644 --- a/SOURCES/Makefile.common +++ b/SOURCES/Makefile.common @@ -9,7 +9,7 @@ RPMVERSION:=3.10.0 # marker is git tag which we base off of for exporting patches MARKER:=v3.10 PREBUILD:= -BUILD:=1160.25.1 +BUILD:=1160.31.1 DIST:=.el7 SPECFILE:=kernel.spec RPM:=$(REDHAT)/rpm diff --git a/SPECS/kernel-plus.spec b/SPECS/kernel-plus.spec index bfc7536..012e5ee 100644 --- a/SPECS/kernel-plus.spec +++ b/SPECS/kernel-plus.spec @@ -20,10 +20,10 @@ Summary: The Linux kernel %global distro_build 1160 %define rpmversion 3.10.0 -%define pkgrelease 1160.25.1.el7 +%define pkgrelease 1160.31.1.el7 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 1160.25.1%{?dist} +%define specrelease 1160.31.1%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -593,9 +593,9 @@ Patch20236: centos-linux-3.10-cifs-fix-bug16824.patch #Patch20237: centos-linux-3.10-r8169-fix-network-stalls.patch #Patch20238: centos-linux-3.10-acpi-lock-acquisition-bug17118.patch ### wireguard -Patch20239: centos-linux-3.10-wireguard-1.0.20210424.patch +Patch20239: centos-linux-3.10-wireguard-1.0.20210606.patch ### -Patch20250: centos-linux-3.10-hyperv_fb-67e7cdb4829d-bug18117.patch +#Patch20250: centos-linux-3.10-hyperv_fb-67e7cdb4829d-bug18117.patch # empty final patch to facilitate testing of kernel patches @@ -1078,9 +1078,9 @@ ApplyOptionalPatch centos-linux-3.10-cifs-fix-bug16824.patch #ApplyOptionalPatch centos-linux-3.10-r8169-fix-network-stalls.patch #ApplyOptionalPatch centos-linux-3.10-acpi-lock-acquisition-bug17118.patch # wireguard -ApplyOptionalPatch centos-linux-3.10-wireguard-1.0.20210424.patch +ApplyOptionalPatch centos-linux-3.10-wireguard-1.0.20210606.patch ### -ApplyOptionalPatch centos-linux-3.10-hyperv_fb-67e7cdb4829d-bug18117.patch +#ApplyOptionalPatch centos-linux-3.10-hyperv_fb-67e7cdb4829d-bug18117.patch ### end of plus mod # End of CentOS Modification @@ -2106,7 +2106,7 @@ fi %kernel_variant_files %{with_kdump} kdump %changelog -* Tue Apr 27 2021 Akemi Yagi [3.10.0-1160.25.1.el7.centos.plus] +* Tue Jun 08 2021 Akemi Yagi [3.10.0-1160.31.1.el7.centos.plus] - Apply debranding changes - Roll in i686 mods addmissing.patch [puias] @@ -2166,7 +2166,54 @@ fi when the system microcode package is updated. [bug#17539] - wireguard added - UEFI disabled in 32-bit kernel -- Apply patch for hyperv_fb [bug#18117] + +* Wed May 26 2021 Augusto Caringi [3.10.0-1160.31.1.el7] +- mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() (Philipp Rudo) [1917840] +- scsi: qla2xxx: Fix the call trace for flush workqueue (Nilesh Javali) [1937945] +- futex: Handle faults correctly for PI futexes (Donghai Qiao) [1935108] {CVE-2021-3347} +- futex: Provide and use pi_state_update_owner() (Donghai Qiao) [1935108] {CVE-2021-3347} +- futex: Replace pointless printk in fixup_owner() (Donghai Qiao) [1935108] {CVE-2021-3347} +- futex: Ensure the correct return value from futex_lock_pi() (Donghai Qiao) [1935108] {CVE-2021-3347} +- scsi: qla2xxx: Remove WARN_ON_ONCE in qla2x00_status_cont_entry() (Nilesh Javali) [1933784] +- scsi: zfcp: add handling for FCP_RESID_OVER to the fcp ingress path (Philipp Rudo) [1917839] +- net: netfilter: Avoid deadlock when loading logger backend (Phil Sutter) [1858329] +- net: netfilter: Link nfnetlink into bzImage (Phil Sutter) [1858329] + +* Wed May 19 2021 Augusto Caringi [3.10.0-1160.30.1.el7] +- pf: Prohibit alu ops for pointer types not defining ptr_limit (Jiri Olsa) [1942689] {CVE-2020-27170} +- bpf: Add sanity check for upper ptr_limit (Jiri Olsa) [1942689] {CVE-2020-27170} +- bpf: Simplify alu_limit masking for pointer arithmetic (Jiri Olsa) [1942689] {CVE-2020-27170} +- bpf: Fix off-by-one for area size in creating mask to left (Jiri Olsa) [1942689] {CVE-2020-27170} +- netxen_nic: fix MSI/MSI-x interrupts (Tony Camuso) [1894274] +- block: fix use-after-free on cached last_lookup partition (Ming Lei) [1898596] +- mm: reduce struct page_cgroup overhead when page_owner is not enabled (Rafael Aquini) [1948451] +- vt: selection, close sel_buffer race (Chris von Recklinghausen) [1831034] {CVE-2020-8648} + +* Wed May 12 2021 Augusto Caringi [3.10.0-1160.29.1.el7] +- drm/i915: warn on guc enable about CVE (Dave Airlie) [1935277] {CVE-2020-12362} +- sched: prevent divide by zero error in scale_rt_power() (Phil Auld) [1910763] +- x86/efi: reset the correct tlb_state in efi_switch_mm() (Rafael Aquini) [1837531] +- x86/mm, sched/core: Turn off IRQs in switch_mm() (Rafael Aquini) [1837531] +- x86/mm, sched/core: Uninline switch_mm() (Rafael Aquini) [1837531] +- x86/mm: Build arch/x86/mm/tlb.c even on !SMP (Rafael Aquini) [1837531] +- hpsa: fix regression issue for old controllers (Joseph Szczypek) [1830268] +- scsi: hpsa: Correct dev cmds outstanding for retried cmds (Joseph Szczypek) [1830268] + +* Tue May 04 2021 Augusto Caringi [3.10.0-1160.28.1.el7] +- i40e: acquire VSI pointer only after VF is initialized (Stefan Assmann) [1886003] +- ACPICA: Store GPE register enable masks upfront (Al Stone) [1883174] +- netfilter: nf_tables: validate NFTA_SET_TABLE parameter (Phil Sutter) [1873171] +- sctp: change to hold/put transport for proto_unreach_timer (Xin Long) [1707184] + +* Wed Apr 28 2021 Augusto Caringi [3.10.0-1160.27.1.el7] +- video: hyperv: hyperv_fb: Obtain screen resolution from Hyper-V host (Mohammed Gamal) [1941841] +- Drivers: hv: vmbus: enable VMBus protocol version 5.0 (Mohammed Gamal) [1941841] +- redhat: Add git suffix to realtime_check merge_tree (Juri Lelli) + +* Tue Apr 20 2021 Augusto Caringi [3.10.0-1160.26.1.el7] +- selinux: fix deadlock in security_set_bools() (Ondrej Mosnacek) [1939091] +- md: fix md io stats accounting broken (Ming Lei) [1927106] +- redhat: Fix realtime_check for -private (Juri Lelli) * Tue Apr 13 2021 Augusto Caringi [3.10.0-1160.25.1.el7] - redhat: Enable CKI RT verification for kernel-private (Juri Lelli)