diff --git a/.gitignore b/.gitignore index dd7b6b2..44f1a19 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,5 @@ -SOURCES/kernel-abi-whitelists-1127.tar.bz2 -SOURCES/kernel-kabi-dw-1127.tar.bz2 -SOURCES/linux-3.10.0-1127.19.1.el7.tar.xz +SOURCES/kernel-abi-whitelists-1160.tar.bz2 +SOURCES/kernel-kabi-dw-1160.tar.bz2 +SOURCES/linux-3.10.0-1160.el7.tar.xz SOURCES/rheldup3.x509 SOURCES/rhelkpatch1.x509 -SOURCES/centos-kpatch.x509 -SOURCES/centos-ldup.x509 diff --git a/.kernel.metadata b/.kernel.metadata index f973577..f8f3d07 100644 --- a/.kernel.metadata +++ b/.kernel.metadata @@ -1,7 +1,5 @@ -4fc704567fc0b9abd6217e466773bbd48b255613 SOURCES/kernel-abi-whitelists-1127.tar.bz2 -7a3638864a005624c5a949922fbf8cfa389b094f SOURCES/kernel-kabi-dw-1127.tar.bz2 -53f546c77c118d7cb6055fb430d5643b85cb0088 SOURCES/linux-3.10.0-1127.19.1.el7.tar.xz +ba5599148e52ecd126ebcf873672e26d3288323e SOURCES/kernel-abi-whitelists-1160.tar.bz2 +5000b85c42ef87b6835dd8eef063e4623c2e0fa9 SOURCES/kernel-kabi-dw-1160.tar.bz2 +1e61d8af979566805cffa1e46c449ee3e2f2ac79 SOURCES/linux-3.10.0-1160.el7.tar.xz 95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509 d90885108d225a234a5a9d054fc80893a5bd54d0 SOURCES/rhelkpatch1.x509 -5a7d05a8298cf38d43689470e8e43230d8add0f9 SOURCES/centos-kpatch.x509 -c61172887746663d3bdd9acaa263cbfacf99e8b3 SOURCES/centos-ldup.x509 diff --git a/README.debrand b/README.debrand deleted file mode 100644 index 01c46d2..0000000 --- a/README.debrand +++ /dev/null @@ -1,2 +0,0 @@ -Warning: This package was configured for automatic debranding, but the changes -failed to apply. diff --git a/SOURCES/Makefile.common b/SOURCES/Makefile.common index 1a6e1f4..1ca9ee7 100644 --- a/SOURCES/Makefile.common +++ b/SOURCES/Makefile.common @@ -9,7 +9,7 @@ RPMVERSION:=3.10.0 # marker is git tag which we base off of for exporting patches MARKER:=v3.10 PREBUILD:= -BUILD:=1127.19.1 +BUILD:=1160 DIST:=.el7 SPECFILE:=kernel.spec RPM:=$(REDHAT)/rpm diff --git a/SOURCES/Module.kabi_ppc64 b/SOURCES/Module.kabi_ppc64 index 2f28ee5..c7eab18 100644 --- a/SOURCES/Module.kabi_ppc64 +++ b/SOURCES/Module.kabi_ppc64 @@ -84,6 +84,7 @@ 0xcd0529c7 _raw_spin_lock_irq vmlinux EXPORT_SYMBOL 0xf5222143 _raw_spin_lock_irqsave vmlinux EXPORT_SYMBOL 0x9d7ce8dd _raw_spin_trylock vmlinux EXPORT_SYMBOL +0x1b2150a9 _raw_spin_unlock vmlinux EXPORT_SYMBOL 0xe4fe8ca1 _raw_spin_unlock_bh vmlinux EXPORT_SYMBOL 0x5c37f319 _raw_spin_unlock_irqrestore vmlinux EXPORT_SYMBOL 0xac26b820 _raw_write_lock vmlinux EXPORT_SYMBOL @@ -92,6 +93,7 @@ 0xaa6e4df5 _raw_write_lock_irqsave vmlinux EXPORT_SYMBOL 0x99afe916 _raw_write_unlock_bh vmlinux EXPORT_SYMBOL 0xae545f06 _raw_write_unlock_irqrestore vmlinux EXPORT_SYMBOL +0xa3abc422 abort_exclusive_wait vmlinux EXPORT_SYMBOL 0x90e00558 add_disk vmlinux EXPORT_SYMBOL 0xbe2c0274 add_timer vmlinux EXPORT_SYMBOL 0x735d8503 add_wait_queue vmlinux EXPORT_SYMBOL @@ -106,6 +108,7 @@ 0x736b1ee9 arp_create vmlinux EXPORT_SYMBOL 0x9ebfae51 arp_send vmlinux EXPORT_SYMBOL 0xdea02b92 arp_xmit vmlinux EXPORT_SYMBOL +0xcc85fcb6 async_schedule vmlinux EXPORT_SYMBOL_GPL 0x836d61d0 atomic_notifier_chain_register vmlinux EXPORT_SYMBOL_GPL 0xb5aa10af atomic_notifier_chain_unregister vmlinux EXPORT_SYMBOL_GPL 0xc8b57c27 autoremove_wake_function vmlinux EXPORT_SYMBOL @@ -149,6 +152,7 @@ 0xadb55f7f blk_queue_bounce vmlinux EXPORT_SYMBOL 0xc19a0501 blk_queue_bounce_limit vmlinux EXPORT_SYMBOL 0x24e88152 blk_queue_dma_alignment vmlinux EXPORT_SYMBOL +0xc89fc98e blk_queue_end_tag vmlinux EXPORT_SYMBOL 0x4bf8f8e4 blk_queue_flush vmlinux EXPORT_SYMBOL_GPL 0x39b95d1e blk_queue_init_tags vmlinux EXPORT_SYMBOL 0x29a84f9d blk_queue_logical_block_size vmlinux EXPORT_SYMBOL diff --git a/SOURCES/Module.kabi_ppc64le b/SOURCES/Module.kabi_ppc64le index 06da280..c519e06 100644 --- a/SOURCES/Module.kabi_ppc64le +++ b/SOURCES/Module.kabi_ppc64le @@ -84,6 +84,7 @@ 0xcd0529c7 _raw_spin_lock_irq vmlinux EXPORT_SYMBOL 0xf5222143 _raw_spin_lock_irqsave vmlinux EXPORT_SYMBOL 0x9d7ce8dd _raw_spin_trylock vmlinux EXPORT_SYMBOL +0x1b2150a9 _raw_spin_unlock vmlinux EXPORT_SYMBOL 0xe4fe8ca1 _raw_spin_unlock_bh vmlinux EXPORT_SYMBOL 0x5c37f319 _raw_spin_unlock_irqrestore vmlinux EXPORT_SYMBOL 0xac26b820 _raw_write_lock vmlinux EXPORT_SYMBOL @@ -92,6 +93,7 @@ 0xaa6e4df5 _raw_write_lock_irqsave vmlinux EXPORT_SYMBOL 0x99afe916 _raw_write_unlock_bh vmlinux EXPORT_SYMBOL 0xae545f06 _raw_write_unlock_irqrestore vmlinux EXPORT_SYMBOL +0xa3abc422 abort_exclusive_wait vmlinux EXPORT_SYMBOL 0x48a12e3c add_disk vmlinux EXPORT_SYMBOL 0xbe2c0274 add_timer vmlinux EXPORT_SYMBOL 0x735d8503 add_wait_queue vmlinux EXPORT_SYMBOL @@ -106,6 +108,7 @@ 0xeefa4e35 arp_create vmlinux EXPORT_SYMBOL 0x2f6b9784 arp_send vmlinux EXPORT_SYMBOL 0x05207ed5 arp_xmit vmlinux EXPORT_SYMBOL +0xcc85fcb6 async_schedule vmlinux EXPORT_SYMBOL_GPL 0x836d61d0 atomic_notifier_chain_register vmlinux EXPORT_SYMBOL_GPL 0xb5aa10af atomic_notifier_chain_unregister vmlinux EXPORT_SYMBOL_GPL 0xc8b57c27 autoremove_wake_function vmlinux EXPORT_SYMBOL @@ -149,6 +152,7 @@ 0xe1fbc962 blk_queue_bounce vmlinux EXPORT_SYMBOL 0x71921ef4 blk_queue_bounce_limit vmlinux EXPORT_SYMBOL 0x94e09aa7 blk_queue_dma_alignment vmlinux EXPORT_SYMBOL +0x86910080 blk_queue_end_tag vmlinux EXPORT_SYMBOL 0x9f6d0e5e blk_queue_flush vmlinux EXPORT_SYMBOL_GPL 0xa1e2f0f5 blk_queue_init_tags vmlinux EXPORT_SYMBOL 0x635c8a13 blk_queue_logical_block_size vmlinux EXPORT_SYMBOL diff --git a/SOURCES/Module.kabi_s390x b/SOURCES/Module.kabi_s390x index ca0895a..9a4a5bf 100644 --- a/SOURCES/Module.kabi_s390x +++ b/SOURCES/Module.kabi_s390x @@ -73,6 +73,8 @@ 0x9b318b10 __wake_up vmlinux EXPORT_SYMBOL 0xa1c76e0a _cond_resched vmlinux EXPORT_SYMBOL 0x03aecf29 _dev_info vmlinux EXPORT_SYMBOL +0x29b500b2 _raw_spin_unlock vmlinux EXPORT_SYMBOL +0xd270d8c8 abort_exclusive_wait vmlinux EXPORT_SYMBOL 0x873bab48 add_disk vmlinux EXPORT_SYMBOL 0xbe2c0274 add_timer vmlinux EXPORT_SYMBOL 0x1288f9c2 add_wait_queue vmlinux EXPORT_SYMBOL @@ -86,6 +88,7 @@ 0xbea5477e arp_create vmlinux EXPORT_SYMBOL 0x09589111 arp_send vmlinux EXPORT_SYMBOL 0xa4858d16 arp_xmit vmlinux EXPORT_SYMBOL +0xcc85fcb6 async_schedule vmlinux EXPORT_SYMBOL_GPL 0xf9404829 atomic_notifier_chain_register vmlinux EXPORT_SYMBOL_GPL 0x1ce65480 atomic_notifier_chain_unregister vmlinux EXPORT_SYMBOL_GPL 0xc8b57c27 autoremove_wake_function vmlinux EXPORT_SYMBOL @@ -129,6 +132,7 @@ 0xeeead523 blk_queue_bounce vmlinux EXPORT_SYMBOL 0x3ab7d913 blk_queue_bounce_limit vmlinux EXPORT_SYMBOL 0x6e13c159 blk_queue_dma_alignment vmlinux EXPORT_SYMBOL +0x73a292bc blk_queue_end_tag vmlinux EXPORT_SYMBOL 0x14aaad79 blk_queue_flush vmlinux EXPORT_SYMBOL_GPL 0xa61cbaa4 blk_queue_init_tags vmlinux EXPORT_SYMBOL 0x719c0220 blk_queue_logical_block_size vmlinux EXPORT_SYMBOL diff --git a/SOURCES/Module.kabi_x86_64 b/SOURCES/Module.kabi_x86_64 index 1211eda..b194fd2 100644 --- a/SOURCES/Module.kabi_x86_64 +++ b/SOURCES/Module.kabi_x86_64 @@ -109,6 +109,7 @@ 0x05f837f0 _raw_write_lock_irqsave vmlinux EXPORT_SYMBOL 0x5bd6c1ee _raw_write_unlock_bh vmlinux EXPORT_SYMBOL 0xcf65df50 _raw_write_unlock_irqrestore vmlinux EXPORT_SYMBOL +0x78bb3e24 abort_exclusive_wait vmlinux EXPORT_SYMBOL 0x1a45cb6c acpi_disabled vmlinux EXPORT_SYMBOL 0x691001b5 acpi_evaluate_integer vmlinux EXPORT_SYMBOL 0x44a81d5f acpi_evaluate_object vmlinux EXPORT_SYMBOL @@ -130,6 +131,7 @@ 0xa2c1743d arp_create vmlinux EXPORT_SYMBOL 0xa43f92a3 arp_send vmlinux EXPORT_SYMBOL 0xc7d79ebf arp_xmit vmlinux EXPORT_SYMBOL +0xcc85fcb6 async_schedule vmlinux EXPORT_SYMBOL_GPL 0x500b6dd7 atomic_notifier_chain_register vmlinux EXPORT_SYMBOL_GPL 0x758a3812 atomic_notifier_chain_unregister vmlinux EXPORT_SYMBOL_GPL 0xc8b57c27 autoremove_wake_function vmlinux EXPORT_SYMBOL @@ -173,6 +175,7 @@ 0x4061b663 blk_queue_bounce vmlinux EXPORT_SYMBOL 0x7c56c563 blk_queue_bounce_limit vmlinux EXPORT_SYMBOL 0x0f130a5e blk_queue_dma_alignment vmlinux EXPORT_SYMBOL +0x95deb73f blk_queue_end_tag vmlinux EXPORT_SYMBOL 0x2a3e5d36 blk_queue_flush vmlinux EXPORT_SYMBOL_GPL 0x294f285c blk_queue_init_tags vmlinux EXPORT_SYMBOL 0x177c57ca blk_queue_logical_block_size vmlinux EXPORT_SYMBOL diff --git a/SOURCES/centos-ca-secureboot.der b/SOURCES/centos-ca-secureboot.der deleted file mode 100644 index 44a2563..0000000 Binary files a/SOURCES/centos-ca-secureboot.der and /dev/null differ diff --git a/SOURCES/centos-kpatch.x509 b/SOURCES/centos-kpatch.x509 deleted file mode 100644 index ca57a43..0000000 Binary files a/SOURCES/centos-kpatch.x509 and /dev/null differ diff --git a/SOURCES/centos-ldup.x509 b/SOURCES/centos-ldup.x509 deleted file mode 100644 index 9c65dd3..0000000 Binary files a/SOURCES/centos-ldup.x509 and /dev/null differ diff --git a/SOURCES/centossecureboot001.crt b/SOURCES/centossecureboot001.crt deleted file mode 100644 index c67b0f3..0000000 --- a/SOURCES/centossecureboot001.crt +++ /dev/null @@ -1,81 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - b6:16:15:71:72:fb:31:7e - Signature Algorithm: sha256WithRSAEncryption - Issuer: CN=CentOS Secure Boot (CA key 1)/emailAddress=security@centos.org - Validity - Not Before: Aug 1 11:47:30 2018 GMT - Not After : Dec 31 11:47:30 2037 GMT - Subject: CN=CentOS Secure Boot (key 1)/emailAddress=security@centos.org - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:c1:a3:6a:f4:2d:71:83:6c:21:ca:0c:b7:ac:fa: - 76:80:43:03:40:87:5d:de:e9:1e:df:ad:e7:2b:51: - cb:f8:31:0f:9a:db:ab:23:25:04:11:05:57:7d:f2: - 4b:8d:1e:b3:75:78:1d:b9:57:8b:18:0b:bb:7e:e3: - 24:0f:6a:40:5f:2b:4f:03:a5:85:94:d2:f9:08:a0: - bc:db:a5:ea:4f:7f:e8:7c:d1:a9:f8:f0:9c:25:18: - 00:14:c4:c4:35:7d:1d:4c:8a:8d:95:f8:ed:65:97: - a5:a4:da:7d:cb:f0:33:3b:b7:03:94:68:47:05:57: - 6c:96:91:ac:14:f2:e3:f6:6d:4a:18:cf:68:8a:35: - 6f:8e:26:99:7f:db:c9:83:54:c2:c3:bf:ad:45:a0: - aa:a0:86:5f:20:b1:86:1b:ae:b7:28:15:11:f9:65: - 53:5d:70:33:9b:a3:c7:b5:c8:11:ff:55:3b:e7:46: - f1:6c:6b:8c:bb:f2:9f:36:23:b1:2d:23:2f:8f:4f: - 6c:a8:cc:ae:f5:56:9e:22:6c:0e:9a:4a:b1:bd:b2: - 76:15:5c:05:85:b8:5e:dc:8c:a5:c3:e0:75:51:a4: - 94:9b:03:2e:7b:f8:d3:b9:dd:7f:88:ce:2e:2f:28: - 4c:b4:92:2f:e6:e0:67:0a:d0:ff:c5:d2:79:a6:ef: - 94:0f - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:FALSE - X509v3 Key Usage: - Digital Signature - X509v3 Subject Key Identifier: - F0:37:C6:EA:EC:36:D4:05:7A:52:6C:0E:C6:D5:A9:5B:32:4E:E1:29 - X509v3 Authority Key Identifier: - keyid:54:EC:81:85:89:3E:E9:1A:DB:08:F7:44:88:54:7E:8E:3F:74:3A:F3 - - Signature Algorithm: sha256WithRSAEncryption - 97:97:ba:a6:0b:5b:bb:84:39:2e:ef:8b:51:9a:89:bb:65:3c: - dc:15:d0:5a:88:c5:af:ce:93:f5:c1:74:98:15:59:a9:38:da: - 11:fd:46:d5:4f:23:7c:03:1f:ae:0c:70:93:94:a7:61:2f:4b: - 2f:5f:bb:cc:8a:d7:4a:24:66:73:85:b4:19:13:fc:6a:61:4a: - 28:1f:a2:38:f4:72:90:03:c4:3e:64:63:8b:fb:15:22:22:4e: - b9:43:d9:b4:3d:3a:60:c1:4d:3a:09:85:68:7a:bc:3b:f9:ef: - f3:f5:e9:c9:4f:80:8c:c6:e9:cb:ef:28:44:b0:5d:d4:9e:4f: - 0f:02:9a:65:aa:98:35:b4:6f:d2:80:e3:08:ef:12:d0:17:56: - a6:a1:42:1e:1d:ab:e5:33:c0:fd:88:0d:40:42:81:c8:27:30: - 17:07:57:3e:05:9d:aa:05:0e:5b:3a:79:b4:29:aa:7c:42:5a: - ad:43:59:fb:34:4d:dc:62:58:63:e4:fb:de:bb:fd:6c:4e:97: - 58:f4:b9:99:4a:71:fe:7f:16:50:55:25:46:39:96:9b:88:6c: - 75:19:33:9e:70:b3:04:82:fe:16:a8:8e:22:47:83:6d:16:77: - da:26:ad:31:d8:06:6d:c5:7e:46:4b:21:ab:ae:ec:2a:93:71: - da:7f:89:1d ------BEGIN CERTIFICATE----- -MIIDdTCCAl2gAwIBAgIJALYWFXFy+zF+MA0GCSqGSIb3DQEBCwUAMEwxJjAkBgNV -BAMMHUNlbnRPUyBTZWN1cmUgQm9vdCAoQ0Ega2V5IDEpMSIwIAYJKoZIhvcNAQkB -FhNzZWN1cml0eUBjZW50b3Mub3JnMB4XDTE4MDgwMTExNDczMFoXDTM3MTIzMTEx -NDczMFowSTEjMCEGA1UEAxMaQ2VudE9TIFNlY3VyZSBCb290IChrZXkgMSkxIjAg -BgkqhkiG9w0BCQEWE3NlY3VyaXR5QGNlbnRvcy5vcmcwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDBo2r0LXGDbCHKDLes+naAQwNAh13e6R7frecrUcv4 -MQ+a26sjJQQRBVd98kuNHrN1eB25V4sYC7t+4yQPakBfK08DpYWU0vkIoLzbpepP -f+h80an48JwlGAAUxMQ1fR1Mio2V+O1ll6Wk2n3L8DM7twOUaEcFV2yWkawU8uP2 -bUoYz2iKNW+OJpl/28mDVMLDv61FoKqghl8gsYYbrrcoFRH5ZVNdcDObo8e1yBH/ -VTvnRvFsa4y78p82I7EtIy+PT2yozK71Vp4ibA6aSrG9snYVXAWFuF7cjKXD4HVR -pJSbAy57+NO53X+Izi4vKEy0ki/m4GcK0P/F0nmm75QPAgMBAAGjXTBbMAwGA1Ud -EwEB/wQCMAAwCwYDVR0PBAQDAgeAMB0GA1UdDgQWBBTwN8bq7DbUBXpSbA7G1alb -Mk7hKTAfBgNVHSMEGDAWgBRU7IGFiT7pGtsI90SIVH6OP3Q68zANBgkqhkiG9w0B -AQsFAAOCAQEAl5e6pgtbu4Q5Lu+LUZqJu2U83BXQWojFr86T9cF0mBVZqTjaEf1G -1U8jfAMfrgxwk5SnYS9LL1+7zIrXSiRmc4W0GRP8amFKKB+iOPRykAPEPmRji/sV -IiJOuUPZtD06YMFNOgmFaHq8O/nv8/XpyU+AjMbpy+8oRLBd1J5PDwKaZaqYNbRv -0oDjCO8S0BdWpqFCHh2r5TPA/YgNQEKByCcwFwdXPgWdqgUOWzp5tCmqfEJarUNZ -+zRN3GJYY+T73rv9bE6XWPS5mUpx/n8WUFUlRjmWm4hsdRkznnCzBIL+FqiOIkeD -bRZ32iatMdgGbcV+Rkshq67sKpNx2n+JHQ== ------END CERTIFICATE----- diff --git a/SOURCES/centossecureboot201.crt b/SOURCES/centossecureboot201.crt deleted file mode 100644 index f9d9675..0000000 --- a/SOURCES/centossecureboot201.crt +++ /dev/null @@ -1,84 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - 93:c2:04:d8:bd:77:6b:11 - Signature Algorithm: sha256WithRSAEncryption - Issuer: CN=CentOS Secure Boot CA 2/emailAddress=security@centos.org - Validity - Not Before: Jun 9 10:04:20 2020 GMT - Not After : Jan 18 10:04:20 2038 GMT - Subject: CN=CentOS Secure Boot Signing 201/emailAddress=security@centos.org - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - Public-Key: (2048 bit) - Modulus: - 00:9e:ef:fe:76:1c:9f:9b:3e:f2:e4:c5:29:bd:19: - 32:01:59:f3:e6:99:fa:eb:b5:f8:94:0c:95:3a:65: - 5e:b1:72:d0:50:3e:70:64:8a:1a:d1:f6:4d:af:6d: - 57:ee:40:71:40:09:dd:30:0c:81:a1:8b:26:63:12: - 07:bf:e1:d1:45:9f:9b:09:a6:57:98:9e:ef:97:e9: - bd:68:38:ea:aa:63:92:2e:0d:2f:8e:fb:be:88:40: - 9b:59:e3:bc:b7:6f:e3:bb:6b:1e:6e:9e:ee:57:b8: - 28:c6:d5:d6:bf:47:a6:e9:38:a9:8f:08:73:98:49: - a8:58:d2:62:73:f1:1e:44:d4:88:3d:f9:aa:43:e2: - 72:2e:d7:43:3e:1d:b6:65:f6:d1:2e:ef:31:cb:9f: - 5e:e3:d4:ea:3c:23:9a:07:af:f9:4a:ee:43:9a:75: - 06:ed:9a:54:2c:ed:5b:ca:85:a5:10:16:cd:30:64: - ea:d5:27:7e:23:f6:fc:ec:69:a9:43:2f:78:73:6b: - 33:78:8b:f8:54:db:3f:ce:95:a4:5a:04:9a:15:49: - 98:cd:34:7c:c7:8c:a9:8a:32:82:ae:c0:d6:34:93: - e7:d2:54:82:45:ee:eb:54:9a:96:d4:da:4b:24:f8: - 09:56:d8:cd:7f:ec:7b:f3:bd:db:9b:8c:b6:18:87: - fa:07 - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:FALSE - X509v3 Key Usage: critical - Digital Signature - X509v3 Extended Key Usage: critical - Code Signing - X509v3 Subject Key Identifier: - 5D:4B:64:F2:FA:63:1E:5E:5F:DB:AA:DC:14:67:C6:6C:99:21:7A:22 - X509v3 Authority Key Identifier: - keyid:70:00:7F:99:20:9C:12:6B:E1:47:74:EA:EC:7B:6D:96:31:F3:4D:CA - - Signature Algorithm: sha256WithRSAEncryption - 39:4b:b5:cc:37:3f:cd:db:84:0f:63:7c:c4:e4:53:fb:5e:fd: - db:12:19:23:6f:0a:50:14:fd:4f:7c:f9:87:3d:f9:6d:5b:af: - 07:a5:94:34:1b:84:07:f4:f1:a0:de:cc:73:87:99:31:c3:93: - 66:c0:bc:f2:0f:b2:69:65:8e:da:b9:1a:8e:ae:38:56:f3:7c: - 5a:8d:29:0d:3d:ad:84:e7:86:31:a2:8e:2a:a8:f8:f8:f7:87: - 32:65:5d:81:47:53:b8:40:c5:1b:a7:46:1f:b0:60:a7:b4:97: - 89:51:26:3c:de:46:b9:14:d5:a0:7d:99:cc:a7:7e:ed:89:18: - 02:ce:e6:07:45:49:e2:04:7d:5b:03:65:ec:e6:c3:86:0d:82: - 31:24:45:51:ec:15:ad:31:83:a8:1c:6e:52:4d:b8:0f:5d:0b: - e4:7b:51:49:39:46:8a:0b:fd:0c:46:af:b4:19:65:0f:12:f1: - fc:ee:fd:6b:4f:df:9a:73:7c:e0:c8:3d:c3:d5:b5:ab:4a:86: - 36:97:e8:89:fb:af:f4:f1:c2:05:5d:17:fb:b6:df:a5:0e:45: - 89:db:89:99:93:ce:f0:4e:e9:9c:f4:4a:03:b0:6e:be:a2:69: - ab:b1:f3:3b:ed:c7:97:f4:0e:0a:53:27:5a:7e:70:9a:35:ea: - 7a:76:d1:bc ------BEGIN CERTIFICATE----- -MIIDjjCCAnagAwIBAgIJAJPCBNi9d2sRMA0GCSqGSIb3DQEBCwUAMEYxIDAeBgNV -BAMMF0NlbnRPUyBTZWN1cmUgQm9vdCBDQSAyMSIwIAYJKoZIhvcNAQkBFhNzZWN1 -cml0eUBjZW50b3Mub3JnMB4XDTIwMDYwOTEwMDQyMFoXDTM4MDExODEwMDQyMFow -TTEnMCUGA1UEAwweQ2VudE9TIFNlY3VyZSBCb290IFNpZ25pbmcgMjAxMSIwIAYJ -KoZIhvcNAQkBFhNzZWN1cml0eUBjZW50b3Mub3JnMIIBIjANBgkqhkiG9w0BAQEF -AAOCAQ8AMIIBCgKCAQEAnu/+dhyfmz7y5MUpvRkyAVnz5pn667X4lAyVOmVesXLQ -UD5wZIoa0fZNr21X7kBxQAndMAyBoYsmYxIHv+HRRZ+bCaZXmJ7vl+m9aDjqqmOS -Lg0vjvu+iECbWeO8t2/ju2sebp7uV7goxtXWv0em6TipjwhzmEmoWNJic/EeRNSI -PfmqQ+JyLtdDPh22ZfbRLu8xy59e49TqPCOaB6/5Su5DmnUG7ZpULO1byoWlEBbN -MGTq1Sd+I/b87GmpQy94c2szeIv4VNs/zpWkWgSaFUmYzTR8x4ypijKCrsDWNJPn -0lSCRe7rVJqW1NpLJPgJVtjNf+x7873bm4y2GIf6BwIDAQABo3gwdjAMBgNVHRMB -Af8EAjAAMA4GA1UdDwEB/wQEAwIHgDAWBgNVHSUBAf8EDDAKBggrBgEFBQcDAzAd -BgNVHQ4EFgQUXUtk8vpjHl5f26rcFGfGbJkheiIwHwYDVR0jBBgwFoAUcAB/mSCc -EmvhR3Tq7HttljHzTcowDQYJKoZIhvcNAQELBQADggEBADlLtcw3P83bhA9jfMTk -U/te/dsSGSNvClAU/U98+Yc9+W1brwellDQbhAf08aDezHOHmTHDk2bAvPIPsmll -jtq5Go6uOFbzfFqNKQ09rYTnhjGijiqo+Pj3hzJlXYFHU7hAxRunRh+wYKe0l4lR -JjzeRrkU1aB9mcynfu2JGALO5gdFSeIEfVsDZezmw4YNgjEkRVHsFa0xg6gcblJN -uA9dC+R7UUk5RooL/QxGr7QZZQ8S8fzu/WtP35pzfODIPcPVtatKhjaX6In7r/Tx -wgVdF/u236UORYnbiZmTzvBO6Zz0SgOwbr6iaaux8zvtx5f0DgpTJ1p+cJo16np2 -0bw= ------END CERTIFICATE----- diff --git a/SOURCES/centossecurebootca2.der b/SOURCES/centossecurebootca2.der deleted file mode 100644 index 42bdfcf..0000000 Binary files a/SOURCES/centossecurebootca2.der and /dev/null differ diff --git a/SOURCES/debrand-rh-i686-cpu.patch b/SOURCES/debrand-rh-i686-cpu.patch deleted file mode 100644 index 739855c..0000000 --- a/SOURCES/debrand-rh-i686-cpu.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/arch/x86/boot/main.c 2014-06-04 10:05:04.000000000 -0700 -+++ b/arch/x86/boot/main.c 2014-07-09 12:54:40.000000000 -0700 -@@ -146,7 +146,7 @@ void main(void) - - /* Make sure we have all the proper CPU support */ - if (validate_cpu()) { -- puts("This processor is unsupported in RHEL7.\n"); -+ puts("This processor is unsupported in CentOS 7.\n"); - die(); - } - diff --git a/SOURCES/debrand-rh_taint.patch b/SOURCES/debrand-rh_taint.patch deleted file mode 100644 index 8ef4557..0000000 --- a/SOURCES/debrand-rh_taint.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 69c0d42cfa26515196896dea086857c2caccb6eb Mon Sep 17 00:00:00 2001 -From: Jim Perrin -Date: Thu, 19 Jun 2014 10:05:12 -0500 -Subject: [PATCH] branding patch for rh_taint - ---- - kernel/rh_taint.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/kernel/rh_taint.c b/kernel/rh_taint.c -index 59a74b0..0708e15 100644 ---- a/kernel/rh_taint.c -+++ b/kernel/rh_taint.c -@@ -8,7 +8,7 @@ - void mark_hardware_unsupported(const char *msg) - { - /* Print one single message */ -- pr_crit("Warning: %s - this hardware has not undergone testing by Red Hat and might not be certified. Please consult https://hardware.redhat.com for certified hardware.\n", msg); -+ pr_crit("Warning: %s - this hardware has not undergone upstream testing. Please consult http://wiki.centos.org/FAQ for more information\n", msg); - } - EXPORT_SYMBOL(mark_hardware_unsupported); - --- -1.8.3.1 - diff --git a/SOURCES/debrand-single-cpu.patch b/SOURCES/debrand-single-cpu.patch deleted file mode 100644 index afd0e0c..0000000 --- a/SOURCES/debrand-single-cpu.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -uNrp linux-3.10.0-957.27.2.el7.x86_64.orig/arch/x86/kernel/setup.c linux-3.10.0-957.27.2.el7.x86_64/arch/x86/kernel/setup.c ---- linux-3.10.0-957.27.2.el7.x86_64.orig/arch/x86/kernel/setup.c 2019-07-09 16:13:02.000000000 +0000 -+++ linux-3.10.0-957.27.2.el7.x86_64/arch/x86/kernel/setup.c 2019-07-29 17:32:40.018405430 +0000 -@@ -963,7 +963,7 @@ static void rh_check_supported(void) - if (((boot_cpu_data.x86_max_cores * smp_num_siblings) == 1) && - !guest && !is_kdump_kernel()) { - pr_crit("Detected single cpu native boot.\n"); -- pr_crit("Important: In Red Hat Enterprise Linux 7, single threaded, single CPU 64-bit physical systems are unsupported by Red Hat. Please contact your Red Hat support representative for a list of certified and supported systems."); -+ pr_crit("Important: In CentOS Linux 7, single threaded, single CPU 64-bit physical systems are unsupported."); - } - - /* The RHEL7 kernel does not support this hardware. The kernel will diff --git a/SOURCES/kernel-3.10.0-ppc64-debug.config b/SOURCES/kernel-3.10.0-ppc64-debug.config index 50880bf..8490917 100644 --- a/SOURCES/kernel-3.10.0-ppc64-debug.config +++ b/SOURCES/kernel-3.10.0-ppc64-debug.config @@ -5282,6 +5282,7 @@ CONFIG_MAGIC_SYSRQ=y CONFIG_STRIP_ASM_SYMS=y # CONFIG_READABLE_ASM is not set # CONFIG_UNUSED_SYMBOLS is not set +CONFIG_PAGE_OWNER=y CONFIG_DEBUG_FS=y CONFIG_HEADERS_CHECK=y CONFIG_DEBUG_SECTION_MISMATCH=y diff --git a/SOURCES/kernel-3.10.0-ppc64.config b/SOURCES/kernel-3.10.0-ppc64.config index f9a73cb..b5cb141 100644 --- a/SOURCES/kernel-3.10.0-ppc64.config +++ b/SOURCES/kernel-3.10.0-ppc64.config @@ -5282,6 +5282,7 @@ CONFIG_MAGIC_SYSRQ=y CONFIG_STRIP_ASM_SYMS=y # CONFIG_READABLE_ASM is not set # CONFIG_UNUSED_SYMBOLS is not set +CONFIG_PAGE_OWNER=y CONFIG_DEBUG_FS=y CONFIG_HEADERS_CHECK=y CONFIG_DEBUG_SECTION_MISMATCH=y @@ -5352,7 +5353,7 @@ CONFIG_RCU_CPU_STALL_TIMEOUT=60 # CONFIG_NOTIFIER_ERROR_INJECTION is not set # CONFIG_FAULT_INJECTION is not set # CONFIG_LATENCYTOP is not set -# CONFIG_PAGE_EXTENSION is not set +CONFIG_PAGE_EXTENSION=y # CONFIG_DEBUG_PAGEALLOC is not set CONFIG_NOP_TRACER=y CONFIG_HAVE_FUNCTION_TRACER=y diff --git a/SOURCES/kernel-3.10.0-ppc64le-debug.config b/SOURCES/kernel-3.10.0-ppc64le-debug.config index c974c7d..dad6b46 100644 --- a/SOURCES/kernel-3.10.0-ppc64le-debug.config +++ b/SOURCES/kernel-3.10.0-ppc64le-debug.config @@ -5281,6 +5281,7 @@ CONFIG_MAGIC_SYSRQ=y CONFIG_STRIP_ASM_SYMS=y # CONFIG_READABLE_ASM is not set # CONFIG_UNUSED_SYMBOLS is not set +CONFIG_PAGE_OWNER=y CONFIG_DEBUG_FS=y CONFIG_HEADERS_CHECK=y CONFIG_DEBUG_SECTION_MISMATCH=y diff --git a/SOURCES/kernel-3.10.0-ppc64le.config b/SOURCES/kernel-3.10.0-ppc64le.config index eb79023..0bef760 100644 --- a/SOURCES/kernel-3.10.0-ppc64le.config +++ b/SOURCES/kernel-3.10.0-ppc64le.config @@ -5281,6 +5281,7 @@ CONFIG_MAGIC_SYSRQ=y CONFIG_STRIP_ASM_SYMS=y # CONFIG_READABLE_ASM is not set # CONFIG_UNUSED_SYMBOLS is not set +CONFIG_PAGE_OWNER=y CONFIG_DEBUG_FS=y CONFIG_HEADERS_CHECK=y CONFIG_DEBUG_SECTION_MISMATCH=y @@ -5351,7 +5352,7 @@ CONFIG_RCU_CPU_STALL_TIMEOUT=60 # CONFIG_NOTIFIER_ERROR_INJECTION is not set # CONFIG_FAULT_INJECTION is not set # CONFIG_LATENCYTOP is not set -# CONFIG_PAGE_EXTENSION is not set +CONFIG_PAGE_EXTENSION=y # CONFIG_DEBUG_PAGEALLOC is not set CONFIG_NOP_TRACER=y CONFIG_HAVE_FUNCTION_TRACER=y diff --git a/SOURCES/kernel-3.10.0-s390x-debug.config b/SOURCES/kernel-3.10.0-s390x-debug.config index b9901f3..0bc3ea3 100644 --- a/SOURCES/kernel-3.10.0-s390x-debug.config +++ b/SOURCES/kernel-3.10.0-s390x-debug.config @@ -2414,6 +2414,7 @@ CONFIG_MAGIC_SYSRQ=y CONFIG_STRIP_ASM_SYMS=y # CONFIG_READABLE_ASM is not set # CONFIG_UNUSED_SYMBOLS is not set +# CONFIG_PAGE_OWNER is not set CONFIG_DEBUG_FS=y CONFIG_HEADERS_CHECK=y CONFIG_DEBUG_SECTION_MISMATCH=y diff --git a/SOURCES/kernel-3.10.0-s390x-kdump.config b/SOURCES/kernel-3.10.0-s390x-kdump.config index e606c2b..bdc5500 100644 --- a/SOURCES/kernel-3.10.0-s390x-kdump.config +++ b/SOURCES/kernel-3.10.0-s390x-kdump.config @@ -1070,6 +1070,7 @@ CONFIG_FRAME_WARN=1024 CONFIG_STRIP_ASM_SYMS=y # CONFIG_READABLE_ASM is not set # CONFIG_UNUSED_SYMBOLS is not set +# CONFIG_PAGE_OWNER is not set CONFIG_DEBUG_FS=y CONFIG_HEADERS_CHECK=y CONFIG_DEBUG_SECTION_MISMATCH=y diff --git a/SOURCES/kernel-3.10.0-s390x.config b/SOURCES/kernel-3.10.0-s390x.config index 1c9e42c..b75b462 100644 --- a/SOURCES/kernel-3.10.0-s390x.config +++ b/SOURCES/kernel-3.10.0-s390x.config @@ -2440,6 +2440,7 @@ CONFIG_MAGIC_SYSRQ=y CONFIG_STRIP_ASM_SYMS=y # CONFIG_READABLE_ASM is not set # CONFIG_UNUSED_SYMBOLS is not set +# CONFIG_PAGE_OWNER is not set CONFIG_DEBUG_FS=y CONFIG_HEADERS_CHECK=y CONFIG_DEBUG_SECTION_MISMATCH=y diff --git a/SOURCES/kernel-3.10.0-x86_64-debug.config b/SOURCES/kernel-3.10.0-x86_64-debug.config index b9c07cb..371dbc0 100644 --- a/SOURCES/kernel-3.10.0-x86_64-debug.config +++ b/SOURCES/kernel-3.10.0-x86_64-debug.config @@ -5088,6 +5088,7 @@ CONFIG_EDAC_I5100=m CONFIG_EDAC_I7300=m CONFIG_EDAC_SBRIDGE=m CONFIG_EDAC_SKX=m +CONFIG_EDAC_I10NM=m CONFIG_EDAC_PND2=m CONFIG_RTC_LIB=y CONFIG_RTC_CLASS=y @@ -6000,6 +6001,7 @@ CONFIG_MAGIC_SYSRQ=y CONFIG_STRIP_ASM_SYMS=y # CONFIG_READABLE_ASM is not set # CONFIG_UNUSED_SYMBOLS is not set +CONFIG_PAGE_OWNER=y CONFIG_DEBUG_FS=y CONFIG_HEADERS_CHECK=y CONFIG_STACK_VALIDATION=y diff --git a/SOURCES/kernel-3.10.0-x86_64.config b/SOURCES/kernel-3.10.0-x86_64.config index e618c75..71c4afe 100644 --- a/SOURCES/kernel-3.10.0-x86_64.config +++ b/SOURCES/kernel-3.10.0-x86_64.config @@ -5089,6 +5089,7 @@ CONFIG_EDAC_I5100=m CONFIG_EDAC_I7300=m CONFIG_EDAC_SBRIDGE=m CONFIG_EDAC_SKX=m +CONFIG_EDAC_I10NM=m CONFIG_EDAC_PND2=m CONFIG_RTC_LIB=y CONFIG_RTC_CLASS=y @@ -5999,6 +6000,7 @@ CONFIG_MAGIC_SYSRQ=y CONFIG_STRIP_ASM_SYMS=y # CONFIG_READABLE_ASM is not set # CONFIG_UNUSED_SYMBOLS is not set +CONFIG_PAGE_OWNER=y CONFIG_DEBUG_FS=y CONFIG_HEADERS_CHECK=y CONFIG_STACK_VALIDATION=y @@ -6078,7 +6080,7 @@ CONFIG_RCU_CPU_STALL_TIMEOUT=60 # CONFIG_LATENCYTOP is not set CONFIG_ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS=y # CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is not set -# CONFIG_PAGE_EXTENSION is not set +CONFIG_PAGE_EXTENSION=y # CONFIG_DEBUG_PAGEALLOC is not set CONFIG_USER_STACKTRACE_SUPPORT=y CONFIG_NOP_TRACER=y diff --git a/SOURCES/x509.genkey b/SOURCES/x509.genkey index d98f8fe..b1bbe38 100644 --- a/SOURCES/x509.genkey +++ b/SOURCES/x509.genkey @@ -5,9 +5,9 @@ prompt = no x509_extensions = myexts [ req_distinguished_name ] -O = CentOS -CN = CentOS Linux kernel signing key -emailAddress = security@centos.org +O = Red Hat +CN = Red Hat Enterprise Linux kernel signing key +emailAddress = secalert@redhat.com [ myexts ] basicConstraints=critical,CA:FALSE diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec index 196fc8f..b3ff8d2 100644 --- a/SPECS/kernel.spec +++ b/SPECS/kernel.spec @@ -3,21 +3,25 @@ Summary: The Linux kernel -%define dist .el7 - # % define buildid .local +# If there's no unversioned python, select version explicitly, +# so it's possible to at least do rh-srpm. +%if 0%{?fedora} >= 29 || 0%{?rhel} >= 8 +%global __python /usr/bin/python3 +%endif + # For a kernel released for public testing, released_kernel should be 1. # For internal testing builds during development, it should be 0. %global released_kernel 1 -%global distro_build 1127 +%global distro_build 1160 %define rpmversion 3.10.0 -%define pkgrelease 1127.19.1.el7 +%define pkgrelease 1160.el7 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 1127.19.1%{?dist} +%define specrelease 1160%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -29,7 +33,6 @@ Summary: The Linux kernel # All should default to 1 (enabled) and be flipped to 0 (disabled) # by later arch-specific checks. -%define _with_kabidupchk 1 # The following build options are enabled by default. # Use either --without in your rpmbuild command or force values # to 0 in here to disable them. @@ -94,7 +97,7 @@ Summary: The Linux kernel # See also 'make debug' and 'make release'. RHEL only ever does 1. %define debugbuildsenabled 1 -%define with_gcov %{?_with_gcov: 1} %{?!_with_gcov: 0} +%define with_gcov %{?_with_gcov:1}%{?!_with_gcov:0} # turn off debug kernel and kabichk for gcov builds %if %{with_gcov} @@ -396,22 +399,22 @@ Source10: sign-modules Source11: x509.genkey Source12: extra_certificates %if %{?released_kernel} -Source13: centos-ca-secureboot.der -Source14: centossecureboot001.crt -Source15: centossecurebootca2.der -Source16: centossecureboot201.crt -%define pesign_name_0 centossecureboot001 -%define pesign_name_1 centossecureboot201 +Source13: redhatsecurebootca3.cer +Source14: redhatsecureboot301.cer +Source15: redhatsecurebootca5.cer +Source16: redhatsecureboot501.cer +%define pesign_name_0 redhatsecureboot301 +%define pesign_name_1 redhatsecureboot501 %else -Source13: centos-ca-secureboot.der -Source14: centossecureboot001.crt -Source15: centossecurebootca2.der -Source16: centossecureboot201.crt -%define pesign_name_0 centossecureboot001 -%define pesign_name_1 centossecureboot201 +Source13: redhatsecurebootca2.cer +Source14: redhatsecureboot003.cer +Source15: redhatsecurebootca4.cer +Source16: redhatsecureboot401.cer +%define pesign_name_0 redhatsecureboot003 +%define pesign_name_1 redhatsecureboot401 %endif -Source17: centos-ldup.x509 -Source18: centos-kpatch.x509 +Source17: rheldup3.x509 +Source18: rhelkpatch1.x509 Source19: check-kabi @@ -455,9 +458,6 @@ Source9999: lastcommit.stat # empty final patch to facilitate testing of kernel patches Patch999999: linux-kernel-test.patch -Patch1000: debrand-single-cpu.patch -Patch1001: debrand-rh_taint.patch -Patch1002: debrand-rh-i686-cpu.patch BuildRoot: %{_tmppath}/kernel-%{KVRA}-root @@ -641,11 +641,11 @@ kernel-gcov includes the gcov graph and source files for gcov coverage collectio %endif %package -n kernel-abi-whitelists -Summary: The CentOS Linux kernel ABI symbol whitelists +Summary: The Red Hat Enterprise Linux kernel ABI symbol whitelists Group: System Environment/Kernel AutoReqProv: no %description -n kernel-abi-whitelists -The kABI package contains information pertaining to the CentOS +The kABI package contains information pertaining to the Red Hat Enterprise Linux kernel ABI, including lists of kernel symbols that are needed by external Linux kernel modules, and a yum plugin to aid enforcement. @@ -655,8 +655,8 @@ Summary: The baseline dataset for kABI verification using DWARF data Group: System Environment/Kernel AutoReqProv: no %description kabidw-base -The kabidw-base package contains data describing the current ABI of the CentOS -Linux kernel, suitable for the kabi-dw tool. +The kabidw-base package contains data describing the current ABI of the Red Hat +Enterprise Linux kernel, suitable for the kabi-dw tool. %endif # @@ -798,9 +798,6 @@ cd linux-%{KVRA} cp $RPM_SOURCE_DIR/kernel-%{version}-*.config . ApplyOptionalPatch linux-kernel-test.patch -ApplyOptionalPatch debrand-single-cpu.patch -ApplyOptionalPatch debrand-rh_taint.patch -ApplyOptionalPatch debrand-rh-i686-cpu.patch # Any further pre-build tree manipulations happen here. @@ -1266,6 +1263,10 @@ make %{?cross_opts} %{?_smp_mflags} -C tools/power/cpupower CPUFREQ_BENCH=false pushd tools make tmon popd +# build VM tools +pushd tools/vm/ +make slabinfo page_owner_sort +popd %endif %if %{with_bpftool} @@ -1446,6 +1447,11 @@ pushd tools/thermal/tmon make INSTALL_ROOT=%{buildroot} install popd %endif +# install VM tools +pushd tools/vm/ +install -m755 slabinfo %{buildroot}%{_bindir}/slabinfo +install -m755 page_owner_sort %{buildroot}%{_bindir}/page_owner_sort +popd %endif %if %{with_bpftool} @@ -1680,6 +1686,8 @@ fi %if %{with_tools} %files -n kernel-tools -f cpupower.lang %defattr(-,root,root) +%{_bindir}/slabinfo +%{_bindir}/page_owner_sort %ifarch %{cpupowerarchs} %{_bindir}/cpupower %ifarch x86_64 @@ -1788,191 +1796,851 @@ fi %kernel_variant_files %{with_kdump} kdump %changelog -* Tue Aug 11 2020 Augusto Caringi [3.10.0-1127.19.1.el7] -- [mm] memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event (Waiman Long) [1867441 1842715] -- [mm] memcg: only free spare array when readers are done (Waiman Long) [1867441 1842715] -- [kernel] modsign: Import certificates from optional MokListRT (Lenny Szubowicz) [1866971 1862840] -- [crypto] crypto/pefile: Support multiple signatures in verify_pefile_signature (Lenny Szubowicz) [1866971 1862840] -- [crypto] crypto/pefile: Tolerate other pefile signatures after first (Lenny Szubowicz) [1866971 1862840] - -* Mon Jul 13 2020 Augusto Caringi [3.10.0-1127.18.1.el7] -- [fs] locks: allow filesystems to request that ->setlease be called without i_lock (Jeff Layton) [1838602 1830606] -- [fs] locks: move fasync setup into generic_add_lease (Jeff Layton) [1838602 1830606] - -* Tue Jul 07 2020 Augusto Caringi [3.10.0-1127.17.1.el7] -- [vfio] vfio/pci: Fix SR-IOV VF handling with MMIO blocking (Alex Williamson) [1852245 1820632] -- [fs] aio: fix inconsistent ring state (Jeff Moyer) [1850055 1845326] -- [wireless] mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() (Jarod Wilson) [1844069 1844070] {CVE-2020-12654} -- [wireless] mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() (Jarod Wilson) [1844025 1844026] {CVE-2020-12653} -- [x86] mm: Fix mremap not considering huge pmd devmap (Rafael Aquini) [1843436 1843437] {CVE-2020-10757} -- [mm] mm, dax: check for pmd_none() after split_huge_pmd() (Rafael Aquini) [1843436 1843437] {CVE-2020-10757} -- [mm] mm: mremap: streamline move_page_tables()'s move_huge_pmd() corner case (Rafael Aquini) [1843436 1843437] {CVE-2020-10757} -- [mm] mm: mremap: validate input before taking lock (Rafael Aquini) [1843436 1843437] {CVE-2020-10757} - -* Tue Jun 30 2020 Augusto Caringi [3.10.0-1127.16.1.el7] -- [kernel] sched/fair: Scale bandwidth quota and period without losing quota/period ratio precision (Artem Savkov) [1850500 1752067] -- [block] virtio-blk: improve virtqueue error to BLK_STS (Philipp Rudo) [1842994 1818001] -- [block] virtio-blk: fix hw_queue stopped on arbitrary error (Philipp Rudo) [1842994 1818001] - -* Fri Jun 19 2020 Augusto Caringi [3.10.0-1127.15.1.el7] -- [fs] ext4: fix setting of referenced bit in ext4_es_lookup_extent() (Lukas Czerner) [1847343 1663720] -- [fs] ext4: introduce aging to extent status tree (Lukas Czerner) [1847343 1663720] -- [fs] ext4: cleanup flag definitions for extent status tree (Lukas Czerner) [1847343 1663720] -- [fs] ext4: limit number of scanned extents in status tree shrinker (Lukas Czerner) [1847343 1663720] -- [fs] ext4: move handling of list of shrinkable inodes into extent status code (Lukas Czerner) [1847343 1663720] -- [fs] ext4: change LRU to round-robin in extent status tree shrinker (Lukas Czerner) [1847343 1663720] -- [net] netfilter: nat: never update the UDP checksum when it's 0 (Guillaume Nault) [1847333 1834278] -- [char] ipmi_si: Only schedule continuously in the thread in maintenance mode (Alexey Klimov) [1841825 1837127] -- [scsi] scsi: ibmvfc: Fix NULL return compiler warning (Steve Best) [1830889 1810643] -- [scsi] scsi: ibmvfc: Avoid loss of all paths during SVC node reboot (Steve Best) [1830889 1810643] -- [hid] HID: hiddev: do cleanup in failure of opening a device (Torez Smith) [1803448 1814257] {CVE-2019-19527} -- [hid] HID: hiddev: avoid opening a disconnected device (Torez Smith) [1803448 1814257] {CVE-2019-19527} - -* Tue Jun 16 2020 Augusto Caringi [3.10.0-1127.14.1.el7] -- [fs] NFS: Fix a race between mmap() and O_DIRECT (Benjamin Coddington) [1845520 1813803] -- [fs] NFS: Remove a redundant call to unmap_mapping_range() (Benjamin Coddington) [1845520 1813803] -- [fs] NFS: Remove redundant waits for O_DIRECT in fsync() and write_begin() (Benjamin Coddington) [1845520 1813803] -- [fs] NFS: Cleanup nfs_direct_complete() (Benjamin Coddington) [1845520 1813803] -- [fs] NFS: Do not serialise O_DIRECT reads and writes (Benjamin Coddington) [1845520 1813803] -- [fs] NFS: Move buffered I/O locking into nfs_file_write() (Benjamin Coddington) [1845520 1813803] -- [fs] bdi: make inode_to_bdi() inline (Benjamin Coddington) [1845520 1813803] -- [fs] NFS: Remove racy size manipulations in O_DIRECT (Benjamin Coddington) [1845520 1813803] -- [fs] NFS: Don't hold the inode lock across fsync() (Benjamin Coddington) [1845520 1813803] -- [fs] nfs: remove nfs_inode_dio_wait (Benjamin Coddington) [1845520 1813803] -- [fs] nfs: remove nfs4_file_fsync (Benjamin Coddington) [1845520 1813803] -- [fs] NFS: Kill NFS_INO_NFS_INO_FLUSHING: it is a performance killer (Benjamin Coddington) [1845520 1813803] -- [infiniband] RDMA/bnxt_re: Fix chip number validation Broadcom's Gen P5 series (Jonathan Toppins) [1834190 1823679] - -* Fri Jun 12 2020 Augusto Caringi [3.10.0-1127.13.1.el7] -- [x86] x86/speculation: Support old struct x86_cpu_id & x86_match_cpu() kABI (Waiman Long) [1827187 1827188] {CVE-2020-0543} -- [documentation] x86/speculation: Add Ivy Bridge to affected list (Waiman Long) [1827187 1827188] {CVE-2020-0543} -- [documentation] x86/speculation: Add SRBDS vulnerability and mitigation documentation (Waiman Long) [1827187 1827188] {CVE-2020-0543} -- [x86] x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Waiman Long) [1827187 1827188] {CVE-2020-0543} -- [x86] x86/cpu: Add 'table' argument to cpu_matches() (Waiman Long) [1827187 1827188] {CVE-2020-0543} -- [x86] x86/cpu: Add a steppings field to struct x86_cpu_id (Waiman Long) [1827187 1827188] {CVE-2020-0543} -- [x86] x86/cpu/bugs: Convert to new matching macros (Waiman Long) [1827187 1827188] {CVE-2020-0543} -- [x86] x86/cpu: Add consistent CPU match macros (Waiman Long) [1827187 1827188] {CVE-2020-0543} -- [cpufreq] x86/devicetable: Move x86 specific macro out of generic code (Waiman Long) [1827187 1827188] {CVE-2020-0543} -- [x86] x86/cpufeature: Fix various quality problems in the header (Waiman Long) [1827187 1827188] {CVE-2020-0543} - -* Tue Jun 09 2020 Augusto Caringi [3.10.0-1127.12.1.el7] -- [x86] x86/speculation: Prevent deadlock on ssb_state::lock (Waiman Long) [1841121 1836322] -- [vfio] vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (Alex Williamson) [1837297 1820632] {CVE-2020-12888} -- [vfio] vfio-pci: Fault mmaps to enable vma tracking (Alex Williamson) [1837297 1820632] {CVE-2020-12888} -- [vfio] vfio/type1: Support faulting PFNMAP vmas (Alex Williamson) [1837297 1820632] {CVE-2020-12888} -- [vfio] vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() (Alex Williamson) [1837297 1820632] {CVE-2020-12888} -- [vfio] vfio/pci: call irq_bypass_unregister_producer() before freeing irq (Alex Williamson) [1837297 1820632] {CVE-2020-12888} -- [vfio] vfio_pci: Enable memory accesses before calling pci_map_rom (Alex Williamson) [1837297 1820632] {CVE-2020-12888} - -* Tue Jun 02 2020 Augusto Caringi [3.10.0-1127.11.1.el7] -- [fs] cachefiles: Fix race between read_waiter and read_copier involving op->to_do (Dave Wysochanski) [1839757 1829662] - -* Tue May 26 2020 Augusto Caringi [3.10.0-1127.10.1.el7] -- [fs] revert "[fs] xfs: catch bad stripe alignment configurations" (Carlos Maiolino) [1839697 1836292] -- [netdrv] hv_netvsc: Fix error handling in netvsc_set_features() (Mohammed Gamal) [1838600 1821814] -- [netdrv] hv_netvsc: Sync offloading features to VF NIC (Mohammed Gamal) [1838600 1821814] -- [netdrv] hv_netvsc: Fix IP header checksum for coalesced packets (Mohammed Gamal) [1838600 1821814] -- [netdrv] hv_netvsc: Fix rndis_per_packet_info internal field initialization (Mohammed Gamal) [1838600 1821814] -- [netdrv] hv_netvsc: Add handler for LRO setting change (Mohammed Gamal) [1838600 1821814] -- [netdrv] hv_netvsc: Add support for LRO/RSC in the vSwitch (Mohammed Gamal) [1838600 1821814] -- [netdrv] hv_netvsc: Add handlers for ethtool get/set msg level (Mohammed Gamal) [1838600 1821814] -- [netdrv] hv_netvsc: Fix the variable sizes in ipsecv2 and rsc offload (Mohammed Gamal) [1838600 1821814] -- [lib] kobject: don't use WARN for registration failures (Ewan Milne) [1836890 1756495] -- [lib] lib/kobject: Join string literals back (Ewan Milne) [1836890 1756495] -- [scsi] Fix abort timeouts in CQ Full conditions (Dick Kennedy) [1835675 1802654] - -* Fri May 15 2020 Augusto Caringi [3.10.0-1127.9.1.el7] -- [net] netlabel: cope with NULL catmap (Paolo Abeni) [1827239 1827240] {CVE-2020-10711} -- [scsi] scsi: qla2xxx: Fix a NULL pointer dereference in an error path (Nilesh Javali) [1832221 1808129] -- [scsi] scsi: qla2xxx: Use common routine to free fcport struct (Nilesh Javali) [1832221 1808129] -- [block] blk-mq: fix hang caused by freeze/unfreeze sequence (Ming Lei) [1824546 1821718] - -* Fri Apr 24 2020 Augusto Caringi [3.10.0-1127.8.1.el7] -- [scsi] scsi: qla2xxx: initialize fc4_type_priority (Nilesh Javali) [1827274 1808129] - -* Mon Apr 20 2020 Augusto Caringi [3.10.0-1127.7.1.el7] -- [net] sched: flower: insert new filter to idr after setting its mask (Davide Caratti) [1824548 1785141] -- [netdrv] r8169: fix network stalls due to missing bit TXCFG_AUTO_FIFO (Corinna Vinschen) [1822548 1787263] -- [net] net_sched: remove a bogus warning in hfsc (Davide Caratti) [1821262 1781323] -- [net] tcp: make tcp_space() aware of socket backlog (Guillaume Nault) [1817499 1790840] -- [scsi] iscsi: Avoid potential deadlock in iscsi_if_rx func (Oleksandr Natalenko) [1817497 1715986] -- [scsi] scsi: avoid repetitive logging of device offline messages (Nilesh Javali) [1815596 1798042] -- [scsi] qla2xxx: Fix I/Os being passed down when FC device is being deleted (Nilesh Javali) [1815596 1798042] -- [scsi] scsi: qla2xxx: Fix unbound sleep in fcport delete path (Nilesh Javali) [1815596 1798042] -- [scsi] scsi: qla2xxx: Fix hang in fcport delete path (Nilesh Javali) [1815596 1798042] -- [scsi] scsi: qla2xxx: Fix stuck session in GNL (Nilesh Javali) [1815596 1798042] -- [scsi] scsi: qla2xxx: Correct fcport flags handling (Nilesh Javali) [1815596 1798042] -- [scsi] scsi: qla2xxx: Remove defer flag to indicate immeadiate port loss (Nilesh Javali) [1815596 1798042] -- [scsi] scsi: megaraid_sas: fixup MSIx interrupt setup during resume (Tomas Henzl) [1813249 1807077] -- [md] dm mpath: call clear_request_fn_mpio() in multipath_release_clone() (Mike Snitzer) [1812937 1806400] -- [scsi] scsi: implement .cleanup_rq callback (Mike Snitzer) [1812937 1806400] -- [md] blk-mq: add callback of .cleanup_rq (Mike Snitzer) [1812937 1806400] -- [md] dm rq: fix checking of dm_dispatch_clone_request's return value (Ming Lei) [1814537 1805401] - -* Tue Apr 14 2020 Augusto Caringi [3.10.0-1127.6.1.el7] -- [x86] x86/debug: Extend the lower bound of crash kernel low reservations (Pingfan Liu) [1817502 1811511] - -* Fri Apr 03 2020 Augusto Caringi [3.10.0-1127.5.1.el7] -- [netdrv] hv/netvsc: Fix NULL dereference at single queue mode fallback (Mohammed Gamal) [1817935 1806488] -- [netdrv] hv/netvsc: fix handling of fallback to single queue mode (Mohammed Gamal) [1817935 1806488] -- [netdrv] hv_netvsc: Fix unwanted rx_table reset (Mohammed Gamal) [1817935 1806488] -- [netdrv] hv_netvsc: Fix tx_table init in rndis_set_subchannel() (Mohammed Gamal) [1817935 1806488] -- [netdrv] hv_netvsc: fix typos in code comments (Mohammed Gamal) [1817935 1806488] -- [netdrv] hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() (Mohammed Gamal) [1817935 1806488] -- [netdrv] hv_netvsc: Fix hash key value reset after other ops (Mohammed Gamal) [1817935 1806488] -- [netdrv] hv_netvsc: Refactor assignments of struct netvsc_device_info (Mohammed Gamal) [1817935 1806488] -- [netdrv] hv_netvsc: split sub-channel setup into async and sync (Mohammed Gamal) [1817935 1806488] -- [netdrv] hv_netvsc: Fix send_table offset in case of a host bug (Mohammed Gamal) [1817935 1806488] -- [netdrv] hv_netvsc: Add NetVSP v6 and v6.1 into version negotiation (Mohammed Gamal) [1817935 1806488] -- [netdrv] hv_netvsc: Fix offset usage in netvsc_send_table() (Mohammed Gamal) [1817935 1806488] -- [netdrv] hv_netvsc: simplify receive side calling arguments (Mohammed Gamal) [1817935 1806488] - -* Mon Mar 30 2020 Augusto Caringi [3.10.0-1127.4.1.el7] -- [x86] kvm: x86: do not reset microcode version on INIT or RESET (Paolo Bonzini) [1814003 1801852] -- [x86] kvm: x86: list MSR_IA32_UCODE_REV as an emulated MSR (Paolo Bonzini) [1814003 1801852] -- [x86] kvm: x86: Allow userspace to define the microcode version (Paolo Bonzini) [1814003 1801852] - -* Mon Mar 23 2020 Augusto Caringi [3.10.0-1127.3.1.el7] -- [md] md/raid6: Set R5_ReadError when there is read failure on parity disk (Xiao Ni) [1810062 1804569] -- [kernel] blktrace: fix dereference after null check (Ming Lei) [1806367 1798318] {CVE-2019-19768} -- [kernel] blktrace: Protect q->blk_trace with RCU (Ming Lei) [1806367 1798318] {CVE-2019-19768} -- [kernel] blktrace: fix trace mutex deadlock (Ming Lei) [1806367 1798318] {CVE-2019-19768} -- [kernel] blktrace: fix unlocked registration of tracepoints (Ming Lei) [1806367 1798318] {CVE-2019-19768} -- [kernel] blktrace: fix unlocked access to init/start-stop/teardown (Ming Lei) [1806367 1798318] {CVE-2019-19768} - -* Fri Mar 13 2020 Augusto Caringi [3.10.0-1127.2.1.el7] -- [kernel] tick-sched: Update nohz load even if tick already stopped (Scott Wood) [1808030 1694877] - -* Tue Mar 10 2020 Augusto Caringi [3.10.0-1127.1.1.el7] -- [net] openvswitch: support asymmetric conntrack (Aaron Conole) [1806447 1757759] -- [kernel] audit: CONFIG_CHANGE don't log internal bookkeeping as an event (Richard Guy Briggs) [1806430 1777239] -- [kernel] tracing: Fix possible double free on failure of allocating trace buffer (Jerome Marchand) [1803010 1803011] {CVE-2017-18595} -- [kernel] tracing: Fix crash when it fails to alloc ring buffer (Jerome Marchand) [1803010 1803011] {CVE-2017-18595} -- [base] of: to support binding numa node to specified device in devicetree (Jeff Moyer) [1801699 1791883] -- [ptp] ptp: free ptp device pin descriptors properly (Vladis Dronov) [1798396 1774657] -- [ptp] ptp: fix the race between the release of ptp_clock and cdev (Vladis Dronov) [1798396 1774657] -- [ptp] ptp: Fix pass zero to ERR_PTR() in ptp_clock_register (Vladis Dronov) [1798396 1774657] -- [ptp] ptp: create "pins" together with the rest of attributes (Vladis Dronov) [1798396 1774657] -- [ptp] ptp: use is_visible method to hide unused attributes (Vladis Dronov) [1798396 1774657] -- [ptp] ptp: use kcalloc when allocating arrays (Vladis Dronov) [1798396 1774657] -- [ptp] ptp: do not explicitly set drvdata in ptp_clock_register() (Vladis Dronov) [1798396 1774657] -- [ptp] drivers/ptp: Fix kernel memory disclosure (Vladis Dronov) [1798396 1774657] -- [ptp] ptp: Fix resource leak in case of error (Vladis Dronov) [1798396 1774657] -- [netdrv] ptp: drivers: set the number of programmable pins (Vladis Dronov) [1798396 1774657] -- [ptp] ptp: expose the programmable pins via sysfs (Vladis Dronov) [1798396 1774657] -- [documentation] ptp: add the pin GET/SETFUNC ioctls to the testptp program (Vladis Dronov) [1798396 1774657] -- [documentation] ptp: Allow selecting trigger/event index in testptp (Vladis Dronov) [1798396 1774657] -- [documentation] ptp: add the PTP_SYS_OFFSET ioctl to the testptp program (Vladis Dronov) [1798396 1774657] -- [netdrv] ixgbevf: Use cached link state instead of re-reading the value for ethtool (Ken Cox) [1796799 1794812] -- [kernel] sched: Fix schedule_tail() to disable preemption (Phil Auld) [1796262 1771094] - -* Tue Feb 18 2020 Jan Stancek [3.10.0-1127.el7] +* Tue Aug 18 2020 Jan Stancek [3.10.0-1160.el7] +- [kernel] modsign: Add nomokvarconfig kernel parameter (Lenny Szubowicz) [1867857] +- [firmware] modsign: Add support for loading certs from the EFI MOK config table (Lenny Szubowicz) [1867857] +- [kernel] modsign: Move import of MokListRT certs to separate routine (Lenny Szubowicz) [1867857] +- [kernel] modsign: Avoid spurious error message after last MokListRTn (Lenny Szubowicz) [1867857] + +* Thu Aug 06 2020 Jan Stancek [3.10.0-1159.el7] +- [kernel] modsign: Import certificates from optional MokListRT (Lenny Szubowicz) [1862840] +- [crypto] crypto/pefile: Support multiple signatures in verify_pefile_signature (Lenny Szubowicz) [1862840] +- [crypto] crypto/pefile: Tolerate other pefile signatures after first (Lenny Szubowicz) [1862840] + +* Thu Jul 16 2020 Jan Stancek [3.10.0-1158.el7] +- [redhat] switch secureboot kernel image signing to release keys (Jan Stancek) [] + +* Wed Jul 15 2020 Jan Stancek [3.10.0-1157.el7] +- [fs] signal: Don't send signals to tasks that don't exist (Vladis Dronov) [1856166] + +* Fri Jul 10 2020 Jan Stancek [3.10.0-1156.el7] +- [fs] gfs2: Fix regression due to unwanted gfs2_qa_put (Robert S Peterson) [1798713] +- [include] signal: Unfairly acquire tasklist_lock in send_sigio() if irq disabled (Waiman Long) [1838799] +- [fs] signal: Don't take tasklist_lock if PID type is PIDTYPE_PID (Waiman Long) [1838799] +- [vfio] vfio/pci: Fix SR-IOV VF handling with MMIO blocking (Alex Williamson) [1820632] {CVE-2020-12888} + +* Thu Jul 09 2020 Jan Stancek [3.10.0-1155.el7] +- [x86] Revert "x86: respect memory size limiting via mem= parameter" (Joel Savitz) [1851576] +- [mm] Revert "mm/memory_hotplug.c: only respect mem= parameter during boot stage" (Joel Savitz) [1851576] +- [fs] nfsd: only WARN once on unmapped errors ("J. Bruce Fields") [1850430] +- [powerpc] pci/of: Fix OF flags parsing for 64bit BARs (Greg Kurz) [1840114] +- [fs] cifs: fix NULL dereference in match_prepath (Leif Sahlberg) [1759852] + +* Thu Jul 02 2020 Jan Stancek [3.10.0-1154.el7] +- [fs] gfs2: move privileged user check to gfs2_quota_lock_check (Robert S Peterson) [1798713] +- [fs] gfs2: Fix problems regarding gfs2_qa_get and _put (Robert S Peterson) [1798713] +- [fs] gfs2: don't call quota_unhold if quotas are not locked (Robert S Peterson) [1798713] +- [fs] gfs2: Remove unnecessary gfs2_qa_{get, put} pairs (Robert S Peterson) [1798713] +- [fs] gfs2: Split gfs2_rsqa_delete into gfs2_rs_delete and gfs2_qa_put (Robert S Peterson) [1798713] +- [fs] gfs2: Change inode qa_data to allow multiple users (Robert S Peterson) [1798713] +- [fs] gfs2: eliminate gfs2_rsqa_alloc in favor of gfs2_qa_alloc (Robert S Peterson) [1798713] +- [fs] gfs2: Switch to list_{first,last}_entry (Robert S Peterson) [1798713] +- [fs] gfs2: Clean up inode initialization and teardown (Robert S Peterson) [1798713] +- [fs] gfs2: Minor gfs2_alloc_inode cleanup (Robert S Peterson) [1798713] +- [fs] gfs2: Fix busy-on-umount in gfs2_atomic_open() (Andrew Price) [1812558] + +* Sat Jun 27 2020 Jan Stancek [3.10.0-1153.el7] +- [x86] mm: Fix mremap not considering huge pmd devmap (Rafael Aquini) [1843437] {CVE-2020-10757} +- [mm] mm, dax: check for pmd_none() after split_huge_pmd() (Rafael Aquini) [1843437] {CVE-2020-10757} +- [mm] mm: mremap: streamline move_page_tables()'s move_huge_pmd() corner case (Rafael Aquini) [1843437] {CVE-2020-10757} +- [mm] mm: mremap: validate input before taking lock (Rafael Aquini) [1843437] {CVE-2020-10757} +- [wireless] mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() (Jarod Wilson) [1844070] {CVE-2020-12654} +- [wireless] mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() (Jarod Wilson) [1844026] {CVE-2020-12653} +- [net] netfilter: nf_conntrack_h323: lost .data_len definition for Q.931/ipv6 (Florian Westphal) [1845428] + +* Fri Jun 19 2020 Jan Stancek [3.10.0-1152.el7] +- [nvmem] nvmem: properly handle returned value nvmem_reg_read (Vladis Dronov) [1844409] +- [mailbox] PCC: fix dereference of ERR_PTR (Vladis Dronov) [1844409] +- [kernel] futex: Unlock hb->lock in futex_wait_requeue_pi() error path (Vladis Dronov) [1844409] +- [fs] aio: fix inconsistent ring state (Jeff Moyer) [1845326] +- [vfio] vfio/mdev: make create attribute static (Vladis Dronov) [1837549] +- [vfio] treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 (Vladis Dronov) [1837549] +- [vfio] vfio/mdev: Synchronize device create/remove with parent removal (Vladis Dronov) [1837549] +- [vfio] vfio/mdev: Avoid creating sysfs remove file on stale device removal (Vladis Dronov) [1837549] +- [vfio] vfio/mdev: Improve the create/remove sequence (Vladis Dronov) [1837549] +- [vfio] treewide: Add SPDX license identifier - Makefile/Kconfig (Vladis Dronov) [1837549] +- [vfio] vfio/mdev: Avoid inline get and put parent helpers (Vladis Dronov) [1837549] +- [vfio] vfio/mdev: Fix aborting mdev child device removal if one fails (Vladis Dronov) [1837549] +- [vfio] vfio/mdev: Follow correct remove sequence (Vladis Dronov) [1837549] +- [vfio] vfio/mdev: Avoid masking error code to EBUSY (Vladis Dronov) [1837549] +- [include] vfio/mdev: Drop redundant extern for exported symbols (Vladis Dronov) [1837549] +- [vfio] vfio/mdev: Removed unused kref (Vladis Dronov) [1837549] +- [vfio] vfio/mdev: Avoid release parent reference during error path (Vladis Dronov) [1837549] +- [vfio] vfio/mdev: Add iommu related member in mdev_device (Vladis Dronov) [1837549] +- [vfio] vfio/mdev: add static modifier to add_mdev_supported_type (Vladis Dronov) [1837549] +- [vfio] vfio: mdev: make a couple of functions and structure vfio_mdev_driver static (Vladis Dronov) [1837549] +- [char] tpm/tpm_tis: Free IRQ if probing fails (David Arcari) [1774698] +- [kernel] audit: fix a memleak caused by auditing load module (Richard Guy Briggs) [1843370] +- [kernel] audit: fix potential null dereference 'context->module.name' (Richard Guy Briggs) [1843370] +- [nvme] nvme: limit number of IO queues on Dell/Samsung config (David Milburn) [1837617] + +* Thu Jun 18 2020 Jan Stancek [3.10.0-1151.el7] +- [netdrv] qede: Fix multicast mac configuration (Michal Schmidt) [1740064] +- [scsi] sd_dif: avoid incorrect ref_tag errors on 4K devices larger than 2TB (Ewan Milne) [1833528] +- [hid] HID: hiddev: do cleanup in failure of opening a device (Torez Smith) [1814257] {CVE-2019-19527} +- [hid] HID: hiddev: avoid opening a disconnected device (Torez Smith) [1814257] {CVE-2019-19527} +- [x86] x86: make mul_u64_u64_div_u64() "static inline" (Oleg Nesterov) [1845864] +- [mm] mm: page_isolation: fix potential warning from user (Rafael Aquini) [1845620] +- [s390] s390/mm: correct return value of pmd_pfn (Claudio Imbrenda) [1841106] +- [fs] fs/proc/vmcore.c:mmap_vmcore: skip non-ram pages reported by hypervisors (Lianbo Jiang) [1790799] +- [kernel] kernel/sysctl.c: ignore out-of-range taint bits introduced via kernel.tainted (Rafael Aquini) [1845356] +- [documentation] kernel: add panic_on_taint (Rafael Aquini) [1845356] +- [fs] ext4: Remove unwanted ext4_bread() from ext4_quota_write() (Lukas Czerner) [1845379] +- [scsi] scsi: sg: add sg_remove_request in sg_write ("Ewan D. Milne") [1840699] {CVE-2020-12770} +- [fs] fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (Donghai Qiao) [1832062] {CVE-2020-10732} + +* Sun Jun 14 2020 Jan Stancek [3.10.0-1150.el7] +- [netdrv] net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget (Alaa Hleihel) [1845020] +- [mm] memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event (Waiman Long) [1842715] +- [mm] memcg: only free spare array when readers are done (Waiman Long) [1842715] +- [powerpc] powerpc/crashkernel: Take "mem=" option into account (Pingfan Liu) [1751555] +- [infiniband] IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode (Kamal Heib) [1597952] +- [security] selinux: properly handle multiple messages in selinux_netlink_send() (Ondrej Mosnacek) [1839650] {CVE-2020-10751} +- [netdrv] net: ena: Add PCI shutdown handler to allow safe kexec (Bhupesh Sharma) [1841578] +- [x86] x86/speculation: Support old struct x86_cpu_id & x86_match_cpu() kABI (Waiman Long) [1827188] {CVE-2020-0543} +- [documentation] x86/speculation: Add Ivy Bridge to affected list (Waiman Long) [1827188] {CVE-2020-0543} +- [documentation] x86/speculation: Add SRBDS vulnerability and mitigation documentation (Waiman Long) [1827188] {CVE-2020-0543} +- [x86] x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Waiman Long) [1827188] {CVE-2020-0543} +- [x86] x86/cpu: Add 'table' argument to cpu_matches() (Waiman Long) [1827188] {CVE-2020-0543} +- [x86] x86/cpu: Add a steppings field to struct x86_cpu_id (Waiman Long) [1827188] {CVE-2020-0543} +- [x86] x86/cpu/bugs: Convert to new matching macros (Waiman Long) [1827188] {CVE-2020-0543} +- [x86] x86/cpu: Add consistent CPU match macros (Waiman Long) [1827188] {CVE-2020-0543} +- [cpufreq] x86/devicetable: Move x86 specific macro out of generic code (Waiman Long) [1827188] {CVE-2020-0543} +- [x86] x86/cpufeature: Fix various quality problems in the header (Waiman Long) [1827188] {CVE-2020-0543} + +* Thu Jun 04 2020 Jan Stancek [3.10.0-1149.el7] +- [mm] mm/memory_hotplug.c: only respect mem= parameter during boot stage (Joel Savitz) [1838795] +- [netdrv] qed: Reduce the severity of ptp debug message (Manish Chopra) [1703770] +- [kernel] pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes (Jay Shin) [1836620] +- [fs] gfs2: remove BUG_ON() from gfs2_log_alloc_bio() (Abhijith Das) [1828454] +- [fs] gfs2: Even more gfs2_find_jhead fixes (Abhijith Das) [1828454] +- [fs] quota: fix return value in dqget() (Eric Sandeen) [1842761] +- [fs] proc_sysctl.c: fix potential page fault while unregistering sysctl table (Carlos Maiolino) [1843368] +- [fs] ext4: fix error handling in ext4_ext_shift_extents (Lukas Czerner) [1843366] +- [vhost] vhost: Check docket sk_family instead of call getname (Vladis Dronov) [1823302] {CVE-2020-10942} +- [input] hyperv-keyboard - add module description (Mohammed Gamal) [1842689] +- [hv] hv: Add a module description line to the hv_vmbus driver (Mohammed Gamal) [1842689] +- [hid] hyperv: Add a module description line (Mohammed Gamal) [1842689] +- [x86] sched/cputime: Improve cputime_adjust() (Oleg Nesterov) [1511040] +- [acpi] ACPI: APEI: call into AER handling regardless of severity (Al Stone) [1737246] +- [acpi] ACPI: APEI: handle PCIe AER errors in separate function (Al Stone) [1737246] +- [acpi] ras: acpi/apei: cper: add support for generic data v3 structure (Al Stone) [1737246] +- [acpi] ACPICA: ACPI 6.1: Updates for the HEST ACPI table (Al Stone) [1737246] +- [acpi] ACPI / APEI: Switch to use new generic UUID API (Al Stone) [1737246] +- [x86] x86/efi-bgrt: Quirk for BGRT when memory encryption active (Lenny Szubowicz) [1723477] +- [scsi] scsi: megaraid_sas: Update driver version to 07.714.04.00-rc1 (Tomas Henzl) [1840550] +- [scsi] scsi: megaraid_sas: TM command refire leads to controller firmware crash (Tomas Henzl) [1840550] +- [scsi] scsi: megaraid_sas: Replace undefined MFI_BIG_ENDIAN macro with __BIG_ENDIAN_BITFIELD macro (Tomas Henzl) [1840550] +- [scsi] scsi: megaraid_sas: Limit device queue depth to controller queue depth (Tomas Henzl) [1840550] +- [vfio] vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (Alex Williamson) [1820632] {CVE-2020-12888} +- [vfio] vfio-pci: Fault mmaps to enable vma tracking (Alex Williamson) [1820632] {CVE-2020-12888} +- [vfio] vfio/type1: Support faulting PFNMAP vmas (Alex Williamson) [1820632] {CVE-2020-12888} +- [vfio] vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() (Alex Williamson) [1820632] {CVE-2020-12888} +- [vfio] vfio/pci: call irq_bypass_unregister_producer() before freeing irq (Alex Williamson) [1820632] {CVE-2020-12888} +- [vfio] vfio_pci: Enable memory accesses before calling pci_map_rom (Alex Williamson) [1820632] {CVE-2020-12888} +- [fs] signal: Extend exec_id to 64bits (Chris von Recklinghausen) [1834650] {CVE-2020-12826} + +* Wed Jun 03 2020 Jan Stancek [3.10.0-1148.el7] +- [x86] hyper-v: Report crash data in die() when panic_on_oops is set (Mohammed Gamal) [1828450] +- [hv] x86/hyper-v: Report crash register data when sysctl_record_panic_msg is not set (Mohammed Gamal) [1828450] +- [x86] hyper-v: Report crash register data or kmsg before running crash kernel (Mohammed Gamal) [1828450] +- [hv] x86/hyper-v: Trigger crash enlightenment only once during system crash (Mohammed Gamal) [1828450] +- [hv] x86/hyper-v: Free hv_panic_page when fail to register kmsg dump (Mohammed Gamal) [1828450] +- [hv] x86/hyper-v: Unload vmbus channel in hv panic callback (Mohammed Gamal) [1828450] +- [hv] vmbus: Fix the issue with freeing up hv_ctl_table_hdr (Mohammed Gamal) [1828450] +- [hv] vmus: Fix the check for return value from kmsg get dump buffer (Mohammed Gamal) [1828450] +- [hv] Send one page worth of kmsg dump over Hyper-V during panic (Mohammed Gamal) [1828450] +- [x86] kvm: x86: Allow suppressing prints on RDMSR/WRMSR of unhandled MSRs (Vitaly Kuznetsov) [1837412] +- [fs] ext4: Fix race when checking i_size on direct i/o read (Lukas Czerner) [1506437] +- [fs] copy_file_range should return ENOSYS not EOPNOTSUPP ("J. Bruce Fields") [1783554] +- [fs] NFSv4.1 fix incorrect return value in copy_file_range ("J. Bruce Fields") [1783554] +- [x86] Remove the unsupported check for Intel IceLake (Steve Best) [1841237] +- [md] md/raid1: release pending accounting for an I/O only after write-behind is also finished (Nigel Croxon) [1792520] +- [net] gre: fix uninit-value in __iptunnel_pull_header (Guillaume Nault) [1840321] +- [net] inet: protect against too small mtu values. (Guillaume Nault) [1840321] +- [net] Fix one possible memleak in ip_setup_cork (Guillaume Nault) [1840321] +- [net] fix a potential recursive NETDEV_FEAT_CHANGE (Guillaume Nault) [1839130] +- [net] fix null de-reference of device refcount (Guillaume Nault) [1839130] +- [net] sch_choke: avoid potential panic in choke_reset() (Davide Caratti) [1839118] +- [net] net_sched: fix datalen for ematch (Davide Caratti) [1839118] +- [net] netem: fix error path for corrupted GSO frames (Davide Caratti) [1839118] +- [net] avoid potential infinite loop in tc_ctl_action() (Davide Caratti) [1839118] +- [net] net_sched: let qdisc_put() accept NULL pointer (Davide Caratti) [1839118] +- [net] ipv4: really enforce backoff for redirects (Paolo Abeni) [1832332] +- [net] ipv4: avoid mixed n_redirects and rate_tokens usage (Paolo Abeni) [1832332] +- [net] ipv4: use a dedicated counter for icmp_v4 redirect packets (Paolo Abeni) [1832332] +- [net] ipset: Update byte and packet counters regardless of whether they match (Phil Sutter) [1801366] +- [net] xfrm: skip rt6i_idev update in xfrm6_dst_ifdown if loopback_idev is gone (Sabrina Dubroca) [1390049] + +* Sun May 31 2020 Jan Stancek [3.10.0-1147.el7] +- [nvme] nvme: fix the parameter order for nvme_get_log in nvme_get_fw_slot_info (Gopal Tiwari) [1839991] +- [fs] pipe: actually allow root to exceed the pipe buffer limits (Jan Stancek) [1839629] +- [scsi] Revert "scsi: mpt3sas: Don't change the DMA coherent mask after allocations" (Tomas Henzl) [1839128] +- [scsi] Revert "scsi: mpt3sas: Rename function name is_MSB_are_same" (Tomas Henzl) [1839128] +- [scsi] Revert "scsi: mpt3sas: Separate out RDPQ allocation to new function" (Tomas Henzl) [1839128] +- [scsi] Revert "scsi: mpt3sas: Handle RDPQ DMA allocation in same 4G region" (Tomas Henzl) [1839128] +- [netdrv] net/mlx5e: Avoid duplicating rule destinations (Alaa Hleihel) [1727593] +- [netdrv] net/mlx5e: Extend encap entry with reference counter (Alaa Hleihel) [1727593] +- [netdrv] net/mlx5e: Fix free peer_flow when refcount is 0 (Alaa Hleihel) [1727593] +- [netdrv] net/mlx5e: Extend tc flow struct with reference counter (Alaa Hleihel) [1727593] +- [netdrv] net/mlx5e: Don't make internal use of errno to denote missing neigh (Alaa Hleihel) [1727593] +- [netdrv] net/mlx5e: Fix freeing flow with kfree() and not kvfree() (Alaa Hleihel) [1727593] +- [drm] drm/nouveau/gr/gp107, gp108: implement workaround for HW hanging during init (Karol Herbst) [1834360 1834356 1833485] +- [drm] drm/nouveau: workaround runpm fail by disabling PCI power management on certain intel bridges (Karol Herbst) [1834360 1834356 1833485] + +* Thu May 28 2020 Jan Stancek [3.10.0-1146.el7] +- [net] revert "rtnetlink: validate IFLA_MTU attribute in rtnl_create_link()" (Jiri Benc) [1839608] +- [net] ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface (Davide Caratti) [1838936] +- [net] ipv6: Handle missing host route in __ipv6_ifa_notify (Davide Caratti) [1838936] +- [net] ipv6: drop incoming packets having a v4mapped source address (Davide Caratti) [1838936] +- [net] l2tp: fix infoleak in l2tp_ip6_recvmsg() (Andrea Claudi) [1837546] +- [net] vti6: Fix memory leak of skb if input policy check fails (Patrick Talbert) [1836160] +- [net] tcp: prevent bogus FRTO undos with non-SACK flows (Guillaume Nault) [1694860] +- [scsi] scsi: smartpqi: fix controller lockup observed during force reboot (Don Brace) [1775369] +- [fs] ext4: fix setting of referenced bit in ext4_es_lookup_extent() (Lukas Czerner) [1663720] +- [fs] ext4: introduce aging to extent status tree (Lukas Czerner) [1663720] +- [fs] ext4: cleanup flag definitions for extent status tree (Lukas Czerner) [1663720] +- [fs] ext4: limit number of scanned extents in status tree shrinker (Lukas Czerner) [1663720] +- [fs] ext4: move handling of list of shrinkable inodes into extent status code (Lukas Czerner) [1663720] +- [fs] ext4: change LRU to round-robin in extent status tree shrinker (Lukas Czerner) [1663720] +- [fs] ext4, jbd2: ensure panic when aborting with zero errno (Lukas Czerner) [1834783] +- [fs] jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record (Lukas Czerner) [1834783] +- [fs] jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal (Lukas Czerner) [1834783] +- [fs] ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (Lukas Czerner) [1834783] +- [fs] ext4: fix missing return values checks in ext4_cross_rename (Lukas Czerner) [1836819] +- [fs] ext4: Fix POSIX ACL leak in ext4_xattr_set_acl (Lukas Czerner) [1543020] +- [vfio] vfio-pci: Mask cap zero (Alex Williamson) [1838717] +- [x86] Mark Intel Cooper Lake (CPX) supported (Steve Best) [1773681] +- [fs] fs/bio-integrity: don't enable integrity for data-less bio (Ming Lei) [1835943] +- [char] ipmi_si: Only schedule continuously in the thread in maintenance mode (Alexey Klimov) [1837127] +- [kernel] wait/ptrace: assume __WALL if the child is traced (Oleg Nesterov) [1497808] +- [mm] mm, hugetlb, soft_offline: save compound page order before page migration (Artem Savkov) [1751589] +- [fs] fs/hugetlbfs/inode.c: fix hwpoison reserve accounting (Artem Savkov) [1751589] +- [fs] mm: hwpoison: dissolve in-use hugepage in unrecoverable memory error (Artem Savkov) [1751589] +- [mm] mm: soft-offline: dissolve free hugepage if soft-offlined (Artem Savkov) [1751589] +- [mm] mm: hugetlb: soft-offline: dissolve source hugepage after successful migration (Artem Savkov) [1751589] +- [mm] mm: hwpoison: change PageHWPoison behavior on hugetlb pages (Artem Savkov) [1751589] +- [mm] mm: hugetlb: prevent reuse of hwpoisoned free hugepages (Artem Savkov) [1751589] +- [netdrv] net/mlx5: Tidy up and fix reverse christmas ordring (Alaa Hleihel) [1831134] +- [netdrv] net/mlx5: Expose port speed when possible (Alaa Hleihel) [1831134] +- [include] net/mlx5: Expose link speed directly (Alaa Hleihel) [1831134] +- [usb] USB: core: Fix races in character device registration and deregistraion (Torez Smith) [1785065] {CVE-2019-19537} +- [usb] usb: cdc-acm: make sure a refcount is taken early enough (Torez Smith) [1802548] {CVE-2019-19530} +- [usb] USB: adutux: fix use-after-free on disconnect (Torez Smith) [1798822] {CVE-2019-19523} +- [media] media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap (Torez Smith) [1795597] {CVE-2019-15217} + +* Mon May 25 2020 Jan Stancek [3.10.0-1145.el7] +- [scsi] scsi: qla2xxx: Do not log message when reading port speed via sysfs (Ewan Milne) [1837543] +- [mm] mm: dmapool: add/remove sysfs file outside of the pool lock lock (Waiman Long) [1836837] +- [mm] Fix unbalanced mutex in dma_pool_create() (Waiman Long) [1836837] +- [mm] mm/dmapool.c: remove redundant NULL check for dev in dma_pool_create() (Waiman Long) [1836837] +- [x86] x86/speculation: Prevent deadlock on ssb_state::lock (Waiman Long) [1836322] +- [netdrv] can, slip: Protect tty->disc_data in write_wakeup and close with RCU (John Linville) [1805590] +- [netdrv] slcan: Port write_wakeup deadlock fix from slip (John Linville) [1805590] +- [fs] ext4: fix support for inode sizes > 1024 bytes (Lukas Czerner) [1817634] {CVE-2019-19767} +- [fs] ext4: add more paranoia checking in ext4_expand_extra_isize handling (Lukas Czerner) [1817634] {CVE-2019-19767} +- [fs] ext4: forbid i_extra_isize not divisible by 4 (Lukas Czerner) [1817634] {CVE-2019-19767} +- [fs] ext4: validate the debug_want_extra_isize mount option at parse time (Lukas Czerner) [1817634] {CVE-2019-19767} +- [fs] cachefiles: Fix race between read_waiter and read_copier involving op->to_do (Dave Wysochanski) [1829662] +- [fs] jbd2: Fix possible overflow in jbd2_log_space_left() (Lukas Czerner) [1626092] +- [media] media: v4l: event: Add subscription to list before calling "add" operation (Jarod Wilson) [1828802] {CVE-2019-9458} +- [media] media: v4l: event: Prevent freeing event subscriptions while accessed (Jarod Wilson) [1828802] {CVE-2019-9458} +- [fs] block: Prevent hung_check firing during long sync IO (Ming Lei) [1724345] + +* Thu May 21 2020 Jan Stancek [3.10.0-1144.el7] +- [crypto] crypto: user - fix memory leak in crypto_report (Vladis Dronov) [1825132] {CVE-2019-18808 CVE-2019-19062} +- [crypto] crypto: ccp - Release all allocated memory if sha type is invalid (Vladis Dronov) [1825132] {CVE-2019-18808} +- [net] xfrm: policy: Fix doulbe free in xfrm_policy_timer (Xin Long) [1836813] +- [net] xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire (Xin Long) [1836813] +- [net] xfrm: fix uctx len check in verify_sec_ctx_len (Xin Long) [1836813] +- [net] rtnetlink: validate IFLA_MTU attribute in rtnl_create_link() (Jiri Benc) [1835352] +- [net] rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices (Jiri Benc) [1835352] +- [net] netlink: fix uninit-value in netlink_sendmsg (Jiri Benc) [1835352] +- [net] netlink: make sure nladdr has correct size in netlink_connect() (Jiri Benc) [1835352] +- [net] rtnetlink: fix info leak in RTM_GETSTATS call (Jiri Benc) [1835352] +- [net] rtnetlink: release net refcnt on error in do_setlink() (Jiri Benc) [1835352] +- [net] bridge: deny dev_set_mac_address() when unregistering (Hangbin Liu) [1834203] +- [net] bridge/mdb: remove wrong use of NLM_F_MULTI (Hangbin Liu) [1834203] +- [net] udp: disable inner UDP checksum offloads in IPsec case (Sabrina Dubroca) [1826244] +- [net] sctp: Fix SHUTDOWN CTSN Ack in the peer restart case (Xin Long) [1833869] +- [net] sctp: Fix bundling of SHUTDOWN with COOKIE-ACK (Xin Long) [1833869] +- [net] sctp: fix possibly using a bad saddr with a given dst (Xin Long) [1833869] +- [net] sctp: fix refcount bug in sctp_wfree (Xin Long) [1833869] +- [net] sctp: move the format error check out of __sctp_sf_do_9_1_abort (Xin Long) [1833869] +- [net] sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY (Xin Long) [1833869] +- [net] sctp: fully initialize v4 addr in some functions (Xin Long) [1833869] +- [net] sctp: simplify addr copy (Xin Long) [1833869] +- [net] sctp: cache netns in sctp_ep_common (Xin Long) [1833869] +- [net] sctp: destroy bucket if failed to bind addr (Xin Long) [1833869] +- [net] sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()' (Xin Long) [1833869] +- [net] netfilter: nat: never update the UDP checksum when it's 0 (Guillaume Nault) [1834278] +- [net] esp4: add length check for UDP encapsulation (Sabrina Dubroca) [1825155] +- [net] sit: fix memory leak in sit_init_net() (Andrea Claudi) [1830011] {CVE-2019-16994} +- [net] sched: cbs: fix NULL dereference in case cbs_init() fails (Davide Caratti) [1830245] +- [net] netfilter: nf_tables: use-after-free in dynamic operations (Phil Sutter) [1819087] +- [net] tcp: tcp_v4_err() should be more careful (Marcelo Leitner) [1749964] +- [net] tcp: remove BUG_ON from tcp_v4_err (Marcelo Leitner) [1749964] +- [net] tcp: clear icsk_backoff in tcp_write_queue_purge() (Marcelo Leitner) [1749964] +- [net] psample: fix skb_over_panic (Sabrina Dubroca) [1823251] +- [net] sched: ensure opts_len <= IP_TUNNEL_OPTS_MAX in act_tunnel_key (Patrick Talbert) [1823691] +- [netdrv] fjes: Handle workqueue allocation failure (Masayoshi Mizuma) [1830563] {CVE-2019-16231} + +* Tue May 19 2020 Jan Stancek [3.10.0-1143.el7] +- [mm] mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (Rafael Aquini) [1834434] {CVE-2020-11565} +- [fs] fs: avoid softlockups in s_inodes iterators (Jay Shin) [1760145] +- [scsi] scsi: core: Add DID_ALLOC_FAILURE and DID_MEDIUM_ERROR to hostbyte_table (Maurizio Lombardi) [1832019] +- [fs] locks: allow filesystems to request that ->setlease be called without i_lock (Jeff Layton) [1830606] +- [fs] locks: move fasync setup into generic_add_lease (Jeff Layton) [1830606] +- [fs] revert "[fs] xfs: catch bad stripe alignment configurations" (Carlos Maiolino) [1836292] +- [scsi] scsi: scsi_debug: num_tgts must be >= 0 (Ewan Milne) [1834998] +- [scsi] scsi: scsi_debug: Avoid PI being disabled when TPGS is enabled (Ewan Milne) [1834998] +- [scsi] scsi: scsi_debug: Fix memory leak if LBP enabled and module is unloaded (Ewan Milne) [1834998] +- [scsi] scsi_debug: check for bigger value first (Ewan Milne) [1834998] +- [scsi] scsi_debug: vfree is null safe so drop the check (Ewan Milne) [1834998] +- [scsi] scsi_debug: error message should say scsi_host_alloc not scsi_register (Ewan Milne) [1834998] +- [fs] xfs: Fix tail rounding in xfs_alloc_file_space() (Bill O'Donnell) [1833223] +- [fs] ceph: don't drop message if it contains more data than expected (Jeff Layton) [1828340] +- [fs] ceph: don't error out on larger-than-expected session messages (Jeff Layton) [1828340] +- [acpi] ACPI: disable BERT by default, add parameter to enable it (Aristeu Rozanski) [1525298] +- [acpi] ACPI: APEI: Fix possible out-of-bounds access to BERT region (Aristeu Rozanski) [1525298] +- [acpi] ACPI / sysfs: Extend ACPI sysfs to provide access to boot error region (Aristeu Rozanski) [1525298] +- [acpi] ACPI: APEI: Fix BERT resources conflict with ACPI NVS area (Aristeu Rozanski) [1525298] +- [acpi] ACPI / APEI: Add Boot Error Record Table (BERT) support (Aristeu Rozanski) [1525298] +- [acpi] ACPICA: Restore error table definitions to reduce code differences between Linux and ACPICA upstream (Aristeu Rozanski) [1525298] + +* Sat May 16 2020 Jan Stancek [3.10.0-1142.el7] +- [fs] gfs2: Another gfs2_walk_metadata fix (Andreas Grunbacher) [1822230] +- [fs] ext4: prevent ext4_quota_write() from failing due to ENOSPC (Lukas Czerner) [1068952] +- [fs] ext4: do not zeroout extents beyond i_disksize (Lukas Czerner) [1834320] +- [fs] pnfs: Ensure we layoutcommit before revalidating attributes (Benjamin Coddington) [1827647] +- [fs] nfs: flush data when locking a file to ensure cache coherence for mmap (Scott Mayhew) [1813811] +- [fs] call fsnotify_sb_delete after evict_inodes (Jay Shin) [1760145] +- [fs] inode: don't softlockup when evicting inodes (Jay Shin) [1760145] +- [fs] drop_caches.c: avoid softlockups in drop_pagecache_sb() (Jay Shin) [1760145] +- [fs] gfs2: More gfs2_find_jhead fixes (Abhijith Das) [1828454] +- [fs] gfs2: Another gfs2_find_jhead fix (Abhijith Das) [1828454] +- [fs] nfs: fix mount/umount race in nlmclnt (Jay Shin) [1771205] +- [fs] nlm_shutdown_hosts_net() cleanup (Jay Shin) [1771205] +- [scsi] scsi: megaraid: Use true, false for bool variables (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid: make two symbols static in megaraid_sas_base.c (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid: make some symbols static in megaraid_sas_fusion.c (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid: make some symbols static in megaraid_sas_fp.c (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: Use scnprintf() for avoiding potential buffer overflow (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: silence a warning (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: fix indentation issue (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: Limit the number of retries for the IOCTLs causing firmware fault (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: Re-Define enum DCMD_RETURN_STATUS (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: Do not set HBA Operational if FW is not in operational state (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: Do not kill HBA if JBOD Seqence map or RAID map is disabled (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: Do not kill host bus adapter, if adapter is already dead (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: Update optimal queue depth for SAS and NVMe devices (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: Reset adapter if FW is not in READY state after device resume (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: Make poll_aen_lock static (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: Fix a compilation warning (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: Make a bunch of functions static (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: Make some functions static (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: remove unused variables 'debugBlk', 'fusion' (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: Unique names for MSI-X vectors (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: fix panic on loading firmware crashdump (Tomas Henzl) [1827037] +- [scsi] scsi: megaraid_sas: fix spelling mistake "megarid_sas" -> "megaraid_sas" (Tomas Henzl) [1827037] +- [scsi] scsi: mpt3sas: Disable DIF when prot_mask set to zero (Tomas Henzl) [1832868] +- [scsi] scsi: mpt3sas: Handle RDPQ DMA allocation in same 4G region (Tomas Henzl) [1832868] +- [scsi] scsi: mpt3sas: Separate out RDPQ allocation to new function (Tomas Henzl) [1832868] +- [scsi] scsi: mpt3sas: Rename function name is_MSB_are_same (Tomas Henzl) [1832868] +- [scsi] scsi: mpt3sas: Don't change the DMA coherent mask after allocations (Tomas Henzl) [1832868] +- [scsi] scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug (Tomas Henzl) [1832868] +- [scsi] scsi: mpt3sas: Fix double free in attach error handling (Tomas Henzl) [1832868] +- [scsi] scsi: mpt3sas: Use Component img header to get Package ver (Tomas Henzl) [1832868] +- [scsi] scsi: mpt3sas: Fix module parameter max_msix_vectors (Tomas Henzl) [1832868] +- [scsi] scsi: mpt3sas: Reject NVMe Encap cmnds to unsupported HBA (Tomas Henzl) [1832868] +- [netdrv] hv_netvsc: Fix error handling in netvsc_set_features() (Mohammed Gamal) [1821814] +- [netdrv] hv_netvsc: Sync offloading features to VF NIC (Mohammed Gamal) [1821814] +- [netdrv] hv_netvsc: Fix IP header checksum for coalesced packets (Mohammed Gamal) [1821814] +- [netdrv] hv_netvsc: Fix rndis_per_packet_info internal field initialization (Mohammed Gamal) [1821814] +- [netdrv] hv_netvsc: Add handler for LRO setting change (Mohammed Gamal) [1821814] +- [netdrv] hv_netvsc: Add support for LRO/RSC in the vSwitch (Mohammed Gamal) [1821814] +- [netdrv] hv_netvsc: Add handlers for ethtool get/set msg level (Mohammed Gamal) [1821814] +- [netdrv] hv_netvsc: Fix the variable sizes in ipsecv2 and rsc offload (Mohammed Gamal) [1821814] +- [fs] fix mntput/mntput race (Miklos Szeredi) [1828320] +- [wireless] rtlwifi: prevent memory leak in rtl_usb_probe (Jarod Wilson) [1829847] {CVE-2019-19063} +- [wireless] iwlwifi: dbg_ini: fix memory leak in alloc_sgtable (Jarod Wilson) [1829375] {CVE-2019-19058} +- [net] nl80211: fix memory leak in nl80211_get_ftm_responder_stats (Jarod Wilson) [1829289] {CVE-2019-19055} +- [wireless] iwlwifi: pcie: fix memory leaks in iwl_pcie_ctxt_info_gen3_init (Jarod Wilson) [1829393] {CVE-2019-19059} + +* Tue May 12 2020 Jan Stancek [3.10.0-1141.el7] +- [kernel] sched/fair: Scale bandwidth quota and period without losing quota/period ratio precision (Artem Savkov) [1752067] +- [edac] EDAC: skx_common: downgrade message importance on missing PCI device (Aristeu Rozanski) [1832683] +- [s390] s390/qdio: consider ERROR buffers for inbound-full condition (Philipp Rudo) [1831791] +- [s390] s390/ftrace: fix potential crashes when switching tracers (Philipp Rudo) [1813124] +- [netdrv] ibmvnic: Skip fatal error reset after passive init (Steve Best) [1830992] +- [scsi] smartpqi: bump driver version (Don Brace) [1822762] +- [scsi] scsi: smartpqi: add bay identifier (Don Brace) [1822762] +- [scsi] scsi: smartpqi: add module param to hide vsep (Don Brace) [1822762] +- [scsi] scsi: bnx2fc: Update the driver version to 2.12.13 (Nilesh Javali) [1709542] +- [scsi] scsi: bnx2fc: fix boolreturn.cocci warnings (Nilesh Javali) [1709542] +- [scsi] scsi: bnx2fc: Fix SCSI command completion after cleanup is posted (Nilesh Javali) [1709542] +- [scsi] scsi: bnx2fc: Process the RQE with CQE in interrupt context (Nilesh Javali) [1709542] +- [scsi] scsi: qla2xxx: Fix a recently introduced kernel warning (Nilesh Javali) [1828875] +- [scsi] Fix abort timeouts in CQ Full conditions (Dick Kennedy) [1802654] +- [input] Input: add safety guards to input_set_keycode() (Chris von Recklinghausen) [1828222] {CVE-2019-20636} +- [scsi] scsi: libsas: delete sas port if expander discover failed (Tomas Henzl) [1829965] {CVE-2019-15807} +- [net] netlabel: cope with NULL catmap (Paolo Abeni) [1827240] {CVE-2020-10711} + +* Thu May 07 2020 Jan Stancek [3.10.0-1140.el7] +- [netdrv] mlx5: Remove unsupported tag for ConnectX-6 Dx device (Alaa Hleihel) [1829777] +- [fs] xfs: clear PF_MEMALLOC before exiting xfsaild thread (Brian Foster) [1827910] +- [fs] gfs2: fix O_EXCL|O_CREAT handling on cold dcache (Andrew Price) [1812558] +- [fs] nfs: Correct an nfs page array calculation error (Jay Shin) [1824270] +- [infiniband] RDMA/bnxt_re: Fix stat push into dma buffer on gen p5 devices (Jonathan Toppins) [1828475 1824438] +- [netdrv] bnxt_en: Fix allocation of zero statistics block size regression (Jonathan Toppins) [1824438] +- [netdrv] bnxt_en: Allocate the larger per-ring statistics block for 57500 chips (Jonathan Toppins) [1824438] +- [netdrv] bnxt_en: Expand bnxt_tpa_info struct to support 57500 chips (Jonathan Toppins) [1824438] +- [netdrv] bnxt_en: Refactor TPA logic (Jonathan Toppins) [1824438] +- [netdrv] bnxt_en: Add TPA structure definitions for BCM57500 chips (Jonathan Toppins) [1824438] +- [netdrv] bnxt_en: Update firmware interface spec. to 1.10.0.89 (Jonathan Toppins) [1824438] +- [netdrv] bnxt_en: Update firmware interface to 1.10.0.69 (Jonathan Toppins) [1824438] +- [netdrv] bnxt_en: Update firmware interface spec. to 1.10.0.47 (Jonathan Toppins) [1824438] +- [netdrv] bnxt_en: Refactor ethtool ring statistics logic (Jonathan Toppins) [1824438] +- [block] blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (Ming Lei) [1825431] +- [scsi] scsi: fnic: do not queue commands during fwreset (Govindarajulu Varadarajan) [1794150] +- [scsi] scsi: fnic: fix invalid stack access (Govindarajulu Varadarajan) [1794150] +- [scsi] scsi: fnic: fix use after free (Govindarajulu Varadarajan) [1794150] +- [netdrv] enic: prevent waking up stopped tx queues over watchdog reset (Govindarajulu Varadarajan) [1794148] +- [fs] ceph: use ceph_evict_inode to cleanup inode's resource (Jeff Layton) [1784016] +- [fs] ceph: fix use-after-free in __ceph_remove_cap() (Jeff Layton) [1784016] +- [fs] ceph: hold i_ceph_lock when removing caps for freeing inode (Jeff Layton) [1784016] +- [input] Input: ff-memless - kill timer in destroy() (Chris von Recklinghausen) [1815021] {CVE-2019-19524} +- [scsi] scsi: qla2xxx: fix a potential NULL pointer dereference ("Ewan D. Milne") [1829246] {CVE-2019-16233} + +* Tue May 05 2020 Jan Stancek [3.10.0-1139.el7] +- [fs] nfsd: Fix races between nfsd4_cb_release() and nfsd4_shutdown_callback() ("J. Bruce Fields") [1448750] +- [fs] nfsd: minor 4.1 callback cleanup ("J. Bruce Fields") [1448750] +- [fs] nfsd: Don't release the callback slot unless it was actually held (Benjamin Coddington) [1448750] +- [lib] kobject: don't use WARN for registration failures (Ewan Milne) [1756495] +- [lib] lib/kobject: Join string literals back (Ewan Milne) [1756495] +- [scsi] scsi: ibmvfc: Don't send implicit logouts prior to NPIV login (Steve Best) [1828726] +- [fs] nfs: Serialize O_DIRECT reads and writes (Benjamin Coddington) [1826571] +- [mm] mm/page_owner: convert page_owner_inited to static key (Rafael Aquini) [1781726] +- [mm] mm/page_owner: set correct gfp_mask on page_owner (Rafael Aquini) [1781726] +- [mm] mm/page_owner: fix possible access violation (Rafael Aquini) [1781726] +- [mm] mm/page_owner: use late_initcall to hook in enabling (Rafael Aquini) [1781726] +- [mm] mm/page_owner: remove unnecessary stack_trace field (Rafael Aquini) [1781726] +- [mm] mm/page_owner: correct owner information for early allocated pages (Rafael Aquini) [1781726] +- [mm] mm/page_owner: keep track of page owners (Rafael Aquini) [1781726] +- [documentation] Documentation: add new page_owner document (Rafael Aquini) [1781726] +- [kernel] stacktrace: introduce snprint_stack_trace for buffer output (Rafael Aquini) [1781726] + +* Thu Apr 30 2020 Jan Stancek [3.10.0-1138.el7] +- [infiniband] RDMA/bnxt_re: Fix chip number validation Broadcom's Gen P5 series (Jonathan Toppins) [1823679] +- [scsi] scsi: qla2xxx: Silence fwdump template message (Ewan Milne) [1783191] +- [scsi] scsi: hpsa: Update driver version (Joseph Szczypek) [1808403] +- [scsi] scsi: hpsa: correct race condition in offload enabled (Joseph Szczypek) [1808403] +- [netdrv] bonding: fix active-backup transition after link failure (Jarod Wilson) [1712235] +- [netdrv] bonding: fix state transition issue in link monitoring (Jarod Wilson) [1712235] +- [netdrv] bonding: fix potential NULL deref in bond_update_slave_arr (Jarod Wilson) [1712235] +- [netdrv] bonding: Force slave speed check after link state recovery for 802.3ad (Jarod Wilson) [1712235] +- [i2c] i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA (Vladis Dronov) [1822641] {CVE-2017-18551} +- [acpi] ACPI / EC: Ensure lock is acquired before accessing ec struct (Al Stone) [1811132] +- [x86] x86/mce: Do not log spurious corrected mce errors (Prarit Bhargava) [1797205] +- [wireless] mwifiex: Fix mem leak in mwifiex_tm_cmd (Jarod Wilson) [1804971] {CVE-2019-20095} +- [kernel] kernel/module.c: wakeup processes in module_wq on module unload (Prarit Bhargava) [1771939] +- [acpi] ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c (Prarit Bhargava) [1790782] + +* Mon Apr 27 2020 Jan Stancek [3.10.0-1137.el7] +- [tty] tty/hvc: Use IRQF_SHARED for OPAL hvc consoles (Gustavo Duarte) [1600213] +- [mm] mm/swap_slots.c: fix race conditions in swap_slots cache init (Rafael Aquini) +- [block] loop: set PF_MEMALLOC_NOIO for the worker thread (Ming Lei) [1825950] +- [tty] serial: 8250: drop the printk from serial8250_interrupt() (Prarit Bhargava) [1825049] +- [net] net: linkwatch: add check for netdevice being present to linkwatch_do_dev (Alaa Hleihel) [1595302] + +* Fri Apr 17 2020 Jan Stancek [3.10.0-1136.el7] +- [fs] sunrpc: expiry_time should be seconds not timeval (Benjamin Coddington) [1794055] +- [nvdimm] Revert "driver boilerplate changes to properly manage device_rh" (Christoph von Recklinghausen) [1823750] +- [base] call device_rh_free in device_release before driver/class/type release is called (Christoph von Recklinghausen) [1822888] +- [md] md:md-faulty kernel panic is caused by QUEUE_FLAG_NO_SG_MERGE (Nigel Croxon) [1822462] +- [firmware] efi: cper: print AER info of PCIe fatal error (Vladis Dronov) [1820646] +- [scsi] qla2xxx: Update driver version to 10.01.00.22.07.9-k (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: Fix message indicating vectors used by driver (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: Move free of fcport out of interrupt context (Nilesh Javali) [1808129] +- [scsi] qla2xxx: delete all sessions before unregister local nvme port (Nilesh Javali) [1808129] +- [scsi] qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: Fix a NULL pointer dereference in an error path (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: Fix mtcp dump collection failure (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: Fix RIDA Format-2 (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: Fix stuck login session using prli_pend_timer (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: Add a shadow variable to hold disc_state history of fcport (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: Use common routine to free fcport struct (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: Fix update_fcport for current_topology (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: Fix fabric scan hang (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: Complain if sp->done() is not called from the completion path (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: Change discovery state before PLOGI (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: Initialize free_work before flushing it (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: Retry fabric Scan on IOCB queue full (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: initialize fc4_type_priority (Nilesh Javali) [1808129] +- [scsi] scsi: qla2xxx: Fix a dma_pool_free() call (Nilesh Javali) [1808129] +- [security] selinux: ensure we cleanup the internal AVC counters on error in avc_insert() (Artem Savkov) [1808675] +- [acpi] ACPICA: Mark acpi_ut_create_internal_object_dbg() memory allocations as non-leaks (Artem Savkov) [1808675] +- [x86] x86/microcode/AMD: Free unneeded patch before exit from update_cache() (Artem Savkov) [1808675] +- [mm] memcg: ensure mem_cgroup_idr is updated in a coordinated manner (Aaron Tomlin) [1822405] +- [mm] mm/page_alloc: increase default min_free_kbytes bound (Joel Savitz) [1704326] +- [scsi] scsi: lpfc: Fix unexpected error messages during RSCN handling (Dick Kennedy) [1743667] +- [scsi] scsi: lpfc: Fix discovery failures when target device connectivity bounces (Dick Kennedy) [1743667] +- [scsi] scsi: lpfc: Fix devices that don't return after devloss followed by rediscovery (Dick Kennedy) [1743667] +- [scsi] scsi: lpfc: Fix port relogin failure due to GID_FT interaction (Dick Kennedy) [1743667] +- [video] vgacon: Fix a UAF in vgacon_invert_region (Vladis Dronov) [1818730] {CVE-2020-8647 CVE-2020-8649} +- [x86] uprobes/x86: Fix detection of 32-bit user mode (Oleg Nesterov) [1804959] +- [powerpc] module: Handle R_PPC64_ENTRY relocations (Yauheni Kaliuta) [1657540] +- [scripts] recordmcount.pl: support data in text section on powerpc (Yauheni Kaliuta) [1657540] +- [powerpc] boot: Request no dynamic linker for boot wrapper (Yauheni Kaliuta) [1657540] + +* Wed Apr 15 2020 Jan Stancek [3.10.0-1135.el7] +- [fs] fscache: Fix race in fscache_op_complete() due to split atomic_sub & read (Dave Wysochanski) [1683490] +- [fs] fscache: Pass the correct cancelled indications to fscache_op_complete() (Dave Wysochanski) [1683490] +- [char] tpm: ibmvtpm: Wait for buffer to be set before proceeding (Jerry Snitselaar) [1815536] +- [fs] NFS: Fix a race between mmap() and O_DIRECT (Benjamin Coddington) [1813803] +- [fs] NFS: Remove a redundant call to unmap_mapping_range() (Benjamin Coddington) [1813803] +- [fs] NFS: Remove redundant waits for O_DIRECT in fsync() and write_begin() (Benjamin Coddington) [1813803] +- [fs] NFS: Cleanup nfs_direct_complete() (Benjamin Coddington) [1813803] +- [fs] NFS: Do not serialise O_DIRECT reads and writes (Benjamin Coddington) [1813803] +- [fs] NFS: Move buffered I/O locking into nfs_file_write() (Benjamin Coddington) [1813803] +- [fs] bdi: make inode_to_bdi() inline (Benjamin Coddington) [1813803] +- [fs] NFS: Remove racy size manipulations in O_DIRECT (Benjamin Coddington) [1813803] +- [fs] NFS: Don't hold the inode lock across fsync() (Benjamin Coddington) [1813803] +- [fs] nfs: remove nfs_inode_dio_wait (Benjamin Coddington) [1813803] +- [fs] nfs: remove nfs4_file_fsync (Benjamin Coddington) [1813803] +- [fs] NFS: Kill NFS_INO_NFS_INO_FLUSHING: it is a performance killer (Benjamin Coddington) [1813803] +- [fs] filesystem-dax: Fix dax_layout_busy_page() livelock (Carlos Maiolino) [1817866] +- [block] blk-mq: fix hang caused by freeze/unfreeze sequence (Ming Lei) [1821718] +- [fs] ceph: don't NULL terminate virtual xattrs (Jeff Layton) [1717454] +- [fs] ceph: return -ERANGE if virtual xattr value didn't fit in buffer (Jeff Layton) [1717454] +- [fs] ceph: make getxattr_cb return ssize_t (Jeff Layton) [1717454] +- [fs] ceph: use bit flags to define vxattr attributes (Jeff Layton) [1717454] +- [tty] tty: Prevent ldisc drivers from re-using stale tty fields (Vladis Dronov) [1820031] +- [powerpc] powerpc64/kexec: Hard disable ftrace before switching to the new kernel (Jerome Marchand) [1731578] +- [powerpc] powerpc64/ftrace: Delay enabling ftrace on secondary cpus (Jerome Marchand) [1731578] +- [powerpc] powerpc64/ftrace: Add helpers to hard disable ftrace (Jerome Marchand) [1731578] +- [powerpc] powerpc64/ftrace: Rearrange #ifdef sections in ftrace.h (Jerome Marchand) [1731578] +- [powerpc] powerpc64/ftrace: Add a field in paca to disable ftrace in unsafe code paths (Jerome Marchand) [1731578] +- [powerpc] powerpc/ftrace: Pass the correct stack pointer for DYNAMIC_FTRACE_WITH_REGS (Jerome Marchand) [1731578] +- [isdn] mISDN: enforce CAP_NET_RAW for raw sockets (Andrea Claudi) [1779474] {CVE-2019-17055} +- [virtio] virtio-balloon: fix managed page counts when migrating pages between zones (David Hildenbrand) [1780330] + +* Thu Apr 09 2020 Jan Stancek [3.10.0-1134.el7] +- [net] netfilter: nf_log: fix uninit read in nf_log_proc_dostring (Phil Sutter) [1770232] +- [net] netfilter: nf_log: fix error on write NONE to logger choice sysctl (Phil Sutter) [1770232] +- [net] ethtool: convert large order kmalloc allocations to vzalloc (Davide Caratti) [1786448] +- [net] l2tp: Allow duplicate session creation with UDP (Guillaume Nault) [1808928] +- [net] sched: flower: insert new filter to idr after setting its mask (Davide Caratti) [1785141] +- [net] ipv6: remove printk (Hangbin Liu) [1779533] +- [net] netfilter: ctnetlink: netns exit must wait for callbacks (Florian Westphal) [1766816] +- [net] raw: do not report ICMP redirects to user space (Hangbin Liu) [1758386] + +* Fri Apr 03 2020 Jan Stancek [3.10.0-1133.el7] +- [powerpc] powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property() (Steve Best) [1806629] {CVE-2019-12614} +- [s390] s390/pci: Recover handle in clp_set_pci_fn() (Philipp Rudo) [1816662] +- [fs] xfs: fix attr leaf header freemap.size underflow (Bill O'Donnell) [1808671] +- [block] floppy: check FDC index for errors before assigning it (Ming Lei) [1815403] {CVE-2020-9383} +- [block] virtio-blk: improve virtqueue error to BLK_STS (Philipp Rudo) [1818001] +- [block] virtio-blk: fix hw_queue stopped on arbitrary error (Philipp Rudo) [1818001] +- [s390] dasd: fix endless loop after read unit address configuration (Philipp Rudo) [1816661] +- [fs] CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks (Leif Sahlberg) [1504193] +- [fs] cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs (Leif Sahlberg) [1504193] +- [char] ipmi: Fix memory leak in __ipmi_bmc_register (Tony Camuso) [1812836] {CVE-2019-19046} +- [net] ipvs: Remove noisy debug print from ip_vs_del_service (Alexey Klimov) [1769816] + +* Fri Mar 27 2020 Jan Stancek [3.10.0-1132.el7] +- [tools] tools/power turbostat: Support Ice Lake server (Steve Best) [1776508] +- [nvme] nvme-fc: ensure association_id is cleared regardless of a Disconnect LS (Ewan Milne) [1816752] +- [nvme] nvme-fc: clarify error messages (Ewan Milne) [1816752] +- [nvme] nvme-fc: fix module unloads while lports still pending (Ewan Milne) [1816752] +- [scsi] scsi: sd: Clear sdkp->protection_type if disk is reformatted without PI (Ewan Milne) [1816307] +- [scsi] scsi: core: Fix a compiler warning triggered by the SCSI logging code (Ewan Milne) [1816307] +- [scsi] scsi: tracing: Fix handling of TRANSFER LENGTH == 0 for READ(6) and WRITE(6) (Ewan Milne) [1816307] +- [scsi] scsi: core: scsi_trace: Use get_unaligned_be*() (Ewan Milne) [1816307] +- [scsi] scsi: core: try to get module before removing device (Ewan Milne) [1816307] +- [scsi] scsi: scsi_dh_alua: handle RTPG sense code correctly during state transitions (Ewan Milne) [1816307] +- [scsi] scsi: device_handler: remove VLAs (Ewan Milne) [1816307] +- [scsi] scsi: scsi_dh: Document alua_rtpg_queue() arguments (Ewan Milne) [1816307] +- [scsi] scsi: scsi_dh_alua: skip RTPG for devices only supporting active/optimized (Ewan Milne) [1816307] +- [scsi] scsi: scsi_dh_emc: return success in clariion_std_inquiry() (Ewan Milne) [1816307] +- [target] scsi: target: iscsi: rename some variables to avoid confusion (Maurizio Lombardi) [1806966] +- [target] scsi: target: iscsi: tie the challenge length to the hash digest size (Maurizio Lombardi) [1806966] +- [target] scsi: target: iscsi: CHAP: add support for SHA1, SHA256 and SHA3-256 (Maurizio Lombardi) [1806966] +- [target] scsi: target: compare full CHAP_A Algorithm strings (Maurizio Lombardi) [1806966] +- [base] device_release() can call device_rh_free() too (Christoph von Recklinghausen) [1793248] +- [nvdimm] driver boilerplate changes to properly manage device_rh (Christoph von Recklinghausen) [1793248] +- [base] Add an interface for certain drivers who manage their own struct device's to disassociate their device_rh's (Christoph von Recklinghausen) [1793248] +- [base] kfree(dev->device_rh) in device_create_release() (Christoph von Recklinghausen) [1793248] +- [base] kfree and zero device_rh in device_release() (Christoph von Recklinghausen) [1793248] +- [input] Revert "Fix device_rh memory leak" (Christoph von Recklinghausen) [1793248] +- [scsi] Revert "Fix device_rh leak in scsi_alloc_target()" (Christoph von Recklinghausen) [1793248] +- [scsi] Revert "Fix memory leaks in scsi_alloc_sdev()" (Christoph von Recklinghausen) [1793248] +- [nvdimm] libnvdimm/security: Consolidate 'security' operations (Jeff Moyer) [1735364] +- [nvdimm] libnvdimm/security: Tighten scope of nvdimm->busy vs security operations (Jeff Moyer) [1735364] +- [nvdimm] libnvdimm/security: Introduce a 'frozen' attribute (Jeff Moyer) [1735364] +- [acpi] libnvdimm/security, acpi/nfit: unify zero-key for all security commands (Jeff Moyer) [1735364] +- [nvdimm] libnvdimm/security: provide fix for secure-erase to use zero-key (Jeff Moyer) [1735364] +- [block] block: fix checking return value of blk_mq_init_queue (Maxim Levitsky) [1795777] +- [bluetooth] Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto() (Aristeu Rozanski) [1808803] {CVE-2019-15917} + +* Wed Mar 25 2020 Jan Stancek [3.10.0-1131.el7] +- [x86] kvm: x86: clear stale x86_emulate_ctxt->intercept value (Jon Maloy) [1806818] {CVE-2020-2732} +- [x86] kvm: vmx: check descriptor table exits on instruction emulation (Jon Maloy) [1806818] {CVE-2020-2732} +- [x86] kvm: nvmx: Check IO instruction VM-exit conditions (Jon Maloy) [1806818] {CVE-2020-2732} +- [x86] kvm: nvmx: Refactor IO bitmap checks into helper function (Jon Maloy) [1806818] {CVE-2020-2732} +- [x86] kvm: nvmx: Don't emulate instructions in guest mode (Jon Maloy) [1806818] {CVE-2020-2732} +- [x86] kvm: x86: Fix kvm_bitmap_or_dest_vcpus() to use irq shorthand (Nitesh Narayan Lal) [1772082] +- [x86] kvm: x86: Initializing all kvm_lapic_irq fields in ioapic_write_indirect (Nitesh Narayan Lal) [1772082] +- [virt] kvm: x86: remove set but not used variable 'called' (Nitesh Narayan Lal) [1772082] +- [x86] kvm: x86: Zero the IOAPIC scan request dest vCPUs bitmap (Nitesh Narayan Lal) [1772082] +- [x86] kvm: x86: deliver KVM IOAPIC scan request to target vCPUs (Nitesh Narayan Lal) [1772082] +- [kernel] kvm: remember position in kvm->vcpus array (Nitesh Narayan Lal) [1772082] +- [x86] kvm: x86: Drop KVM_APIC_SHORT_MASK and KVM_APIC_DEST_MASK (Nitesh Narayan Lal) [1772082] +- [virt] kvm: introduce kvm_make_vcpus_request_mask() API (Nitesh Narayan Lal) [1772082] +- [virt] kvm: avoid unused variable warning for UP builds (Nitesh Narayan Lal) [1772082] +- [kernel] smp, cpumask: Use non-atomic cpumask_{set, clear}_cpu() (Nitesh Narayan Lal) [1772082] +- [fs] nfs: change sign of nfs_fh length ("J. Bruce Fields") [1813326] +- [netdrv] ibmvnic: Do not process device remove during device reset (Steve Best) [1813903] +- [x86] x86/debug: Extend the lower bound of crash kernel low reservations (Pingfan Liu) [1811511] +- [net] tcp: make tcp_space() aware of socket backlog (Guillaume Nault) [1790840] +- [net] ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup (Sabrina Dubroca) [1774447] {CVE-2020-1749} +- [net] ipv6: add net argument to ip6_dst_lookup_flow (Sabrina Dubroca) [1774447] {CVE-2020-1749} +- [net] ipv6: constify ip6_dst_lookup_{flow|tail}() sock arguments (Sabrina Dubroca) [1774447] {CVE-2020-1749} +- [net] macvlan: return correct error value (Matteo Croce) [1654878] +- [net] ieee802154: enforce CAP_NET_RAW for raw sockets (Andrea Claudi) [1779494] {CVE-2019-17053} +- [net] ipv4: fix fnhe usage by non-cached routes (Hangbin Liu) [1788435] +- [net] route: do not cache fib route info on local routes with oif (Hangbin Liu) [1788435] +- [net] ip6_tunnel: fix potential NULL pointer dereference (Hangbin Liu) [1767045] +- [net] net_sched: remove a bogus warning in hfsc (Davide Caratti) [1781323] +- [netdrv] net/mlx5e: allow TSO on VXLAN over VLAN topologies (Davide Caratti) [1780646] + +* Thu Mar 19 2020 Jan Stancek [3.10.0-1130.el7] +- [scsi] scsi: avoid repetitive logging of device offline messages (Nilesh Javali) [1798042] +- [scsi] qla2xxx: Fix I/Os being passed down when FC device is being deleted (Nilesh Javali) [1798042] +- [scsi] scsi: qla2xxx: Fix unbound sleep in fcport delete path (Nilesh Javali) [1798042] +- [scsi] scsi: qla2xxx: Fix hang in fcport delete path (Nilesh Javali) [1798042] +- [scsi] scsi: qla2xxx: Fix stuck session in GNL (Nilesh Javali) [1798042] +- [scsi] scsi: qla2xxx: Correct fcport flags handling (Nilesh Javali) [1798042] +- [scsi] scsi: qla2xxx: Remove defer flag to indicate immeadiate port loss (Nilesh Javali) [1798042] +- [scsi] iscsi: Avoid potential deadlock in iscsi_if_rx func (Oleksandr Natalenko) [1715986] +- [netdrv] hv/netvsc: Fix NULL dereference at single queue mode fallback (Mohammed Gamal) [1806488] +- [netdrv] hv/netvsc: fix handling of fallback to single queue mode (Mohammed Gamal) [1806488] +- [netdrv] hv_netvsc: Fix unwanted rx_table reset (Mohammed Gamal) [1806488] +- [netdrv] hv_netvsc: Fix tx_table init in rndis_set_subchannel() (Mohammed Gamal) [1806488] +- [netdrv] hv_netvsc: fix typos in code comments (Mohammed Gamal) [1806488] +- [netdrv] hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() (Mohammed Gamal) [1806488] +- [netdrv] hv_netvsc: Fix hash key value reset after other ops (Mohammed Gamal) [1806488] +- [netdrv] hv_netvsc: Refactor assignments of struct netvsc_device_info (Mohammed Gamal) [1806488] +- [netdrv] hv_netvsc: split sub-channel setup into async and sync (Mohammed Gamal) [1806488] +- [netdrv] hv_netvsc: Fix send_table offset in case of a host bug (Mohammed Gamal) [1806488] +- [netdrv] hv_netvsc: Add NetVSP v6 and v6.1 into version negotiation (Mohammed Gamal) [1806488] +- [netdrv] hv_netvsc: Fix offset usage in netvsc_send_table() (Mohammed Gamal) [1806488] +- [netdrv] hv_netvsc: simplify receive side calling arguments (Mohammed Gamal) [1806488] +- [scsi] scsi: ibmvfc: Fix NULL return compiler warning (Steve Best) [1810643] +- [scsi] scsi: ibmvfc: Avoid loss of all paths during SVC node reboot (Steve Best) [1810643] +- [s390] s390/vdso: add vdso support for coarse clocks (Philipp Rudo) [1791822] +- [s390] s390/vdso: remove NULL pointer check from clock_gettime (Philipp Rudo) [1791822] +- [s390] scsi: zfcp: fix rport unblock if deleted SCSI devices on Scsi_Host (Philipp Rudo) [1804807] + +* Mon Mar 16 2020 Jan Stancek [3.10.0-1129.el7] +- [tools] perf header: Use last modification time for timestamp (Michael Petlan) [1789947] +- [tools] perf header: Fix up argument to ctime() (Michael Petlan) [1789947] +- [hid] HID: multitouch: Add pointstick support for ALPS Touchpad (Benjamin Tissoires) [1672425] +- [kernel] blktrace: fix dereference after null check (Ming Lei) [1798318] {CVE-2019-19768} +- [kernel] blktrace: Protect q->blk_trace with RCU (Ming Lei) [1798318] {CVE-2019-19768} +- [kernel] blktrace: fix trace mutex deadlock (Ming Lei) [1798318] {CVE-2019-19768} +- [kernel] blktrace: fix unlocked registration of tracepoints (Ming Lei) [1798318] {CVE-2019-19768} +- [kernel] blktrace: fix unlocked access to init/start-stop/teardown (Ming Lei) [1798318] {CVE-2019-19768} +- [kernel] tracing: Handle NULL formats in hold_module_trace_bprintk_format() (Oleksandr Natalenko) [1811565] +- [kernel] tracing: Fix trace_printk() to print when not using bprintk() (Oleksandr Natalenko) [1811565] +- [sound] ALSA: timer: Fix incorrectly assigned timer instance (Jaroslav Kysela) [1798457] {CVE-2019-19807} +- [x86] kvm: OOB memory write via kvm_dev_ioctl_get_cpuid (CVE-2019-19332) (Philippe Mathieu-Daud) [1783455] {CVE-2019-19332} +- [x86] kvm: x86: do not reset microcode version on INIT or RESET (Paolo Bonzini) [1801852] +- [x86] kvm: x86: list MSR_IA32_UCODE_REV as an emulated MSR (Paolo Bonzini) [1801852] +- [x86] kvm: x86: Allow userspace to define the microcode version (Paolo Bonzini) [1801852] + +* Wed Mar 11 2020 Jan Stancek [3.10.0-1128.el7] +- [fs] ceph: only use d_name directly when parent is locked (Jeff Layton) [1699402] +- [fs] ext4: work around deleting a file with i_nlink == 0 safely (Carlos Maiolino) [1801046] +- [fs] xfs: attach dquots and reserve quota blocks during unwritten conversion (Carlos Maiolino) [1786005] +- [fs] Revert "xfs: attach dquots and reserve quota blocks during unwritten conversion" (Carlos Maiolino) [1786005] +- [md] dm mpath: call clear_request_fn_mpio() in multipath_release_clone() (Mike Snitzer) [1806400] +- [scsi] scsi: implement .cleanup_rq callback (Mike Snitzer) [1806400] +- [md] blk-mq: add callback of .cleanup_rq (Mike Snitzer) [1806400] +- [target] target: call init_timer_on_stack() to initialize login_timer (Maurizio Lombardi) [1810037] +- [scsi] scsi: megaraid_sas: fixup MSIx interrupt setup during resume (Tomas Henzl) [1807077] +- [tools] selftests/livepatch: Test interaction with ftrace_enabled (Yannick Cote) [1806653] +- [tools] selftests/livepatch: Make dynamic debug setup and restore generic (Yannick Cote) [1806653] +- [kernel] ftrace: Introduce PERMANENT ftrace_ops flag (Yannick Cote) [1806653] +- [tools] selftests/livepatch: push and pop dynamic debug config (Yannick Cote) [1806653] + +* Thu Mar 05 2020 Jan Stancek [3.10.0-1127.5.el7] +- [scsi] scsi: libsas: fix a race condition when smp task timeout (Tomas Henzl) [1798263] {CVE-2018-20836} +- [netdrv] can: peak_usb: fix slab info leak (Guillaume Nault) [1787484] {CVE-2019-19534} +- [fs] xfs: also remove cached ACLs when removing the underlying attr (Carlos Maiolino) [1808676] +- [fs] direct-io: allow direct writes to empty inodes (Eric Sandeen) [1785657] +- [x86] x86/spec_ctrl: Make IBPB = IBRS || retpoline (Waiman Long) [1808114] +- [infiniband] IB/mlx5: Do reverse sequence during device removal (Alaa Hleihel) [1808786] +- [kernel] kprobes: Allow kprobes coexist with livepatch (Yannick Cote) [1764262] +- [kernel] kprobes: Replace p with other pointer types (Yannick Cote) [1764262] +- [scsi] qla2xxx: initialize the check_stop_free pointer (Maurizio Lombardi) [1805682] + +* Fri Feb 28 2020 Jan Stancek [3.10.0-1127.4.el7] +- [fs] gfs2: fix gfs2_find_jhead that returns uninitialized jhead with seq 0 (Abhijith Das) [1794508] +- [fs] xfs: fix inode fork extent count overflow (Brian Foster) [1751015] +- [fs] xfs: simplify xfs_idata_realloc (Brian Foster) [1751015] +- [fs] xfs: remove if_real_bytes (Brian Foster) [1751015] +- [s390] s390/diag: add tracepoint for diagnose calls (Philipp Rudo) [1805195] +- [s390] s390/diag: add a statistic for diagnose calls (Philipp Rudo) [1805195] +- [md] md/raid6: Set R5_ReadError when there is read failure on parity disk (Xiao Ni) [1804569] +- [md] dm rq: fix checking of dm_dispatch_clone_request's return value (Ming Lei) [1805401] +- [s390] scsi: zfcp: fix scsi_eh host reset with port_forced ERP for non-NPIV FCP devices (Philipp Rudo) [1804806] +- [s390] scsi: zfcp: fix to prevent port_remove with pure auto scan LUNs (only sdevs) (Philipp Rudo) [1804803] +- [s390] scsi: zfcp: fix missing zfcp_port reference put on -EBUSY from port_remove (Philipp Rudo) [1804805] +- [s390] scsi: zfcp: fix request object use-after-free in send path causing wrong traces (Philipp Rudo) [1804802] +- [virt] kvm: fix overflow of zero page refcount with ksm running (Paolo Bonzini) [1790534] + +* Tue Feb 25 2020 Jan Stancek [3.10.0-1127.3.el7] +- [virtio] virtio_ring: fix return code on DMA mapping fails (Philipp Rudo) [1804276] +- [mm] swiotlb: make panic on mapping failures optional (Philipp Rudo) [1804276] +- [virtio] virtio_ring: fix unmap of indirect descriptors (Philipp Rudo) [1804276] +- [virtio] virtio_ring: fix num_free handling in error case (Philipp Rudo) [1804276] +- [mm] s390/mm: fix dynamic pagetable upgrade for hugetlbfs (Philipp Rudo) [1804173] +- [s390] s390/qeth: fix potential deadlock on workqueue flush (Philipp Rudo) [1804156] +- [include] mm, slab: make sure that KMALLOC_MAX_SIZE will fit into MAX_ORDER (Rafael Aquini) [1804092] +- [include] mm: slb: fix misleading comments (Rafael Aquini) [1804092] +- [include] slob: Rework #ifdeffery in slab.h (Rafael Aquini) [1804092] +- [kernel] tracing: Fix possible double free on failure of allocating trace buffer (Jerome Marchand) [1803011] {CVE-2017-18595} +- [kernel] tracing: Fix crash when it fails to alloc ring buffer (Jerome Marchand) [1803011] {CVE-2017-18595} +- [mm] x86/mm: In the PTE swapout page reclaim case clear the accessed bit instead of flushing the TLB (Rafael Aquini) [1799224] + +* Fri Feb 21 2020 Jan Stancek [3.10.0-1127.2.el7] +- [mm] mm: thp: use down_read_trylock() in khugepaged to avoid long block (Rafael Aquini) [1261799] +- [mm] mm: oom: avoid attempting to kill init sharing same memory (Rafael Aquini) [1261799] +- [mm] mm: oom: fix the wrong task->mm == mm checks in oom_kill_process() (Rafael Aquini) [1261799] +- [mm] mm: oom: cleanup the "kill sharing same memory" loop (Rafael Aquini) [1261799] +- [mm] mm: oom: fix potentially killing unrelated process (Rafael Aquini) [1261799] +- [mm] mm: oom: reverse the order of setting TIF_MEMDIE and sending SIGKILL (Rafael Aquini) [1261799] +- [mm] mm: oom: make sure that TIF_MEMDIE is set under task_lock (Rafael Aquini) [1261799] +- [mm] mm: oom: don't count on mm-less current process (Rafael Aquini) [1261799] +- [mm] mm: oom: kill the insufficient and no longer needed PT_TRACE_EXIT check (Rafael Aquini) [1261799] +- [mm] mm: oom: don't assume that a coredumping thread will exit soon (Rafael Aquini) [1261799] +- [netdrv] r8169: fix network stalls due to missing bit TXCFG_AUTO_FIFO (Corinna Vinschen) [1787263] +- [kernel] audit: CONFIG_CHANGE don't log internal bookkeeping as an event (Richard Guy Briggs) [1777239] +- [mm] writeback: use |1 instead of +1 to protect against div by zero (Christoph von Recklinghausen) [1801628] +- [mm] Revert "mm: always flush VMA ranges affected by zap_page_range" (Christoph von Recklinghausen) [1801628] +- [x86] x86/platform/uv: Account for UV Hubless in is_uvX_hub Ops (Frank Ramsay) [1789128] +- [x86] x86/platform/uv: Check EFI Boot to set reboot type (Frank Ramsay) [1789128] +- [x86] x86/platform/uv: Decode UVsystab Info (Frank Ramsay) [1789128] +- [x86] x86/platform/uv: Add UV Hubbed/Hubless Proc FS Files (Frank Ramsay) [1789128] +- [x86] x86/platform/uv: Setup UV functions for Hubless UV (Frank Ramsay) [1789128] +- [x86] x86/platform/uv: Add return code to UV BIOS Init function (Frank Ramsay) [1789128] +- [x86] x86/platform/uv: Return UV Hubless System Type (Frank Ramsay) [1789128] +- [x86] x86/platform/uv: Save OEM_ID from ACPI MADT probe (Frank Ramsay) [1789128] +- [net] openvswitch: support asymmetric conntrack (Aaron Conole) [1757759] + +* Wed Feb 19 2020 Jan Stancek [3.10.0-1127.1.el7] +- [scsi] scsi: fcoe: fix off by one in eth2fc_speed() (Chris Leech) [1665951] +- [scsi] scsi: fcoe: provide translation table between Ethernet and FC port speeds (Chris Leech) [1665951] +- [scsi] fcoe: use defines from ethtool for 20Gbit and 40Gbit speeds (Chris Leech) [1665951] +- [scsi] smartpqi: bump version (Don Brace) [1795408] +- [scsi] scsi: smartpqi: fix problem with unique ID for physical device (Don Brace) [1795408] +- [scsi] scsi: smartpqi: properly set both the DMA mask and the coherent DMA mask (Don Brace) [1795408] +- [drm] drm/nouveau/kms/gv100-: avoid sending a core update until the first modeset (Ben Skeggs) [1769905] +- [drm] drm/nouveau/kms/gv100-: move window ownership setup into modesetting path (Ben Skeggs) [1769905] +- [drm] drm/nouveau/disp/gv100-: halt NV_PDISP_FE_RM_INTR_STAT_CTRL_DISP_ERROR storms (Ben Skeggs) [1769905] +- [drm] drm/nouveau/sec2/gp102: add missing MODULE_FIRMWAREs (Ben Skeggs) [1629576] +- [drm] drm/nouveau/secboot/gp10: support newer FW to fix SEC2 failures on some boards (Ben Skeggs) [1629576] +- [drm] drm/nouveau/secboot: enable loading of versioned LS PMU/SEC2 ACR msgqueue FW (Ben Skeggs) [1629576] +- [drm] drm/nouveau/secboot: split out FW version-specific LS function pointers (Ben Skeggs) [1629576] +- [drm] drm/nouveau/secboot: pass max supported FW version to LS load funcs (Ben Skeggs) [1629576] +- [drm] drm/nouveau/core: support versioned firmware loading (Ben Skeggs) [1629576] +- [drm] drm/nouveau/core: pass subdev into nvkm_firmware_get, rather than device (Ben Skeggs) [1629576] +- [drm] drm/nouveau/secboot/gp102-: remove WAR for SEC2 RTOS start bug (Ben Skeggs) [1629576] +- [drm] drm/nouveau/flcn/gp102-: improve implementation of bind_context() on SEC2/GSP (Ben Skeggs) [1629576] +- [infiniband] IB/core: Do not notify GID change event of an unregistered device (Kamal Heib) [1707036] +- [infiniband] IB/core: Let IB core distribute cache update events (Kamal Heib) [1707036] +- [scsi] lpfc: Fix stack trace when running the debug kernel (Dick Kennedy) [1793410] +- [mm] mm, sparse: do not swamp log with huge vmemmap allocation failures (Artem Savkov) [1515625] +- [netdrv] nfp: flower: fix stats id allocation (Pablo Cascon) [1786498] +- [netdrv] virtio-net: switch to use XPS to choose txq (Lu Lu) [1769479] +- [vhost] vhost_net: validate sock before trying to put its fd (Vladis Dronov) [1767060] +- [vhost] vhost_net: stop device during reset owner (Vladis Dronov) [1767060] +- [vhost] vhost: don't open-code sockfd_put() (Vladis Dronov) [1767060] +- [netdrv] bnx2x: Prevent ptp_task to be rescheduled indefinitely (Manish Chopra) [1720384] +- [netdrv] bnx2x: Check if transceiver implements DDM before access (Manish Chopra) [1720384] +- [netdrv] bnx2x: Add support for detection of P2P event packets (Manish Chopra) [1720384] +- [netdrv] bnx2x: Replace magic numbers with macro definitions (Manish Chopra) [1720384] - [fs] flexfiles: Don't tie up all the rpciod threads in resends (Benjamin Coddington) [1778963] -* Mon Feb 03 2020 Jan Stancek [3.10.0-1126.el7] +* Wed Feb 12 2020 Jan Stancek [3.10.0-1126.2.el7] +- [kernel] sched: print_rq(): Don't use tasklist_lock (Phil Auld) [1797429] +- [kernel] sched: s/do_each_thread/for_each_process_thread/ in debug.c (Phil Auld) [1797429] +- [kernel] sched/rt: Optimize checking group RT scheduler constraints (Phil Auld) [1726700] +- [iommu] iommu/iova: Fix tracking of recently failed iova address (Jerry Snitselaar) [1759072] +- [iommu] iommu/iova: Optimise attempts to allocate iova from 32bit address range (Jerry Snitselaar) [1759072] +- [mm] memcg: Use a more cacheline efficient ways to sum percpu stats (Waiman Long) [1796920] +- [mm] memcg: Add preemption point in accumulate_memcg_tree() (Waiman Long) [1796920] +- [mm] memcg: reduce memcg tree traversals for stats collection (Waiman Long) [1796920] +- [fs] vfs: show_vfsstat: do not ignore errors from show_devname method (Ian Kent) [1751787] +- [fs] vfs: make mounts and mountstats honor root dir like mountinfo does (Ian Kent) [1751787] +- [fs] xfs: bulkstat should copy lastip whenever userspace supplies one (Carlos Maiolino) [1786007] +- [fs] xfs: attach dquots and reserve quota blocks during unwritten conversion (Carlos Maiolino) [1786005] +- [fs] cifs: Fix NULL pointer dereference of devname (Leif Sahlberg) [1722592] +- [x86] hyper-v: make hyperv_init() __init (Vitaly Kuznetsov) [1782192] + +* Wed Feb 05 2020 Jan Stancek [3.10.0-1126.1.el7] +- [kernel] tick-sched: Update nohz load even if tick already stopped (Scott Wood) [1694877] +- [powerpc] powerpc/pseries: safely roll back failed DLPAR cpu add (Desnes Augusto Nunes do Rosario) [1772210] +- [powerpc] powerpc/pseries: address checkpatch warnings in dlpar_offline_cpu (Desnes Augusto Nunes do Rosario) [1772210] +- [fs] fs/proc/proc_sysctl.c: Fix a NULL pointer dereference (Vladis Dronov) [1795522] {CVE-2019-20054} +- [fs] fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links (Vladis Dronov) [1795522] {CVE-2019-20054} +- [tools] cpupower: mperf_monitor: Update cpupower to use the RDPRU instruction (Janakarajan Natarajan) [1791014] +- [tools] cpupower: mperf_monitor: Introduce per_cpu_schedule flag (Janakarajan Natarajan) [1791014] +- [tools] cpupower: Move needs_root variable into a sub-struct (Janakarajan Natarajan) [1791014] +- [fs] xfs: properly serialise fallocate against AIO+DIO (Carlos Maiolino) [1786004] +- [fs] xfs: flush removing page cache in xfs_reflink_remap_prep (Carlos Maiolino) [1786004] +- [edac] EDAC, skx, i10nm: Fix source ID register offset (Aristeu Rozanski) [1514705] +- [edac] EDAC, i10nm: Check ECC enabling status per channel (Aristeu Rozanski) [1514705] +- [edac] EDAC, i10nm: Add Intel additional Ice-Lake support (Aristeu Rozanski) [1514705] +- [edac] EDAC, skx, i10nm: Make skx_common.c a pure library (Aristeu Rozanski) [1514705] +- [edac] EDAC, skx_common: Add code to recognise new compound error code (Aristeu Rozanski) [1514705] +- [edac] EDAC, i10nm: Fix randconfig builds (Aristeu Rozanski) [1514705] +- [edac] EDAC, i10nm: Add a driver for Intel 10nm server processors (Aristeu Rozanski) [1514705] +- [edac] EDAC, skx_edac: Delete duplicated code (Aristeu Rozanski) [1514705] +- [edac] EDAC, skx_common: Separate common code out from skx_edac (Aristeu Rozanski) [1514705] +- [edac] EDAC, skx: Move debugfs node under EDACs hierarchy (Aristeu Rozanski) [1514705] +- [edac] EDAC, skx: Prepend hex formatting with 0x (Aristeu Rozanski) [1514705] +- [edac] EDAC, skx: Fix function calling order in skx_exit() (Aristeu Rozanski) [1514705] +- [edac] EDAC, skx_edac: Fix logical channel intermediate decoding (Aristeu Rozanski) [1514705] +- [edac] EDAC, {i7core, sb, skx}_edac: Fix uncorrected error counting (Aristeu Rozanski) [1514705] +- [edac] EDAC: Correct DIMM capacity unit symbol (Aristeu Rozanski) [1514705] +- [x86] x86/mce: Add notifier_block forward declaration (Aristeu Rozanski) [1514705] +- [edac] EDAC: Handle return value of kasprintf() (Aristeu Rozanski) [1514705] +- [edac] EDAC, i5100: Convert to debugfs wrappers (Aristeu Rozanski) [1514705] +- [edac] EDAC: Add debugfs wrappers (Aristeu Rozanski) [1514705] +- [edac] EDAC: Carve out debugfs functionality (Aristeu Rozanski) [1514705] +- [x86] x86/reboot: Always use NMI fallback when shutdown via reboot vector IPI fails (Grzegorz Halat) [1594848] - [scsi] scsi: qla2xxx: Fix unbound NVME response length (Himanshu Madhani) [1788669] -* Wed Jan 29 2020 Jan Stancek [3.10.0-1125.el7] +* Thu Jan 30 2020 Jan Stancek [3.10.0-1125.1.el7] +- [netdrv] ixgbevf: Use cached link state instead of re-reading the value for ethtool (Ken Cox) [1794812] +- [ptp] ptp: free ptp device pin descriptors properly (Vladis Dronov) [1774657] +- [ptp] ptp: fix the race between the release of ptp_clock and cdev (Vladis Dronov) [1774657] +- [ptp] ptp: Fix pass zero to ERR_PTR() in ptp_clock_register (Vladis Dronov) [1774657] +- [ptp] ptp: create "pins" together with the rest of attributes (Vladis Dronov) [1774657] +- [ptp] ptp: use is_visible method to hide unused attributes (Vladis Dronov) [1774657] +- [ptp] ptp: use kcalloc when allocating arrays (Vladis Dronov) [1774657] +- [ptp] ptp: do not explicitly set drvdata in ptp_clock_register() (Vladis Dronov) [1774657] +- [ptp] drivers/ptp: Fix kernel memory disclosure (Vladis Dronov) [1774657] +- [ptp] ptp: Fix resource leak in case of error (Vladis Dronov) [1774657] +- [netdrv] ptp: drivers: set the number of programmable pins (Vladis Dronov) [1774657] +- [ptp] ptp: expose the programmable pins via sysfs (Vladis Dronov) [1774657] +- [documentation] ptp: add the pin GET/SETFUNC ioctls to the testptp program (Vladis Dronov) [1774657] +- [documentation] ptp: Allow selecting trigger/event index in testptp (Vladis Dronov) [1774657] +- [documentation] ptp: add the PTP_SYS_OFFSET ioctl to the testptp program (Vladis Dronov) [1774657] - [fs] mark struct file that had write access grabbed by open() (Miklos Szeredi) [1679829] - [fs] fold __get_file_write_access() into its only caller (Miklos Szeredi) [1679829] - [powerpc] get rid of DEBUG_WRITECOUNT (Miklos Szeredi) [1679829] @@ -1984,13 +2652,37 @@ fi - [scsi] Fix driver intialization failure for sli4 non nvme (Dick Kennedy) [1783899] - [netdrv] hv_netvsc: fix race that may miss tx queue wakeup (Mohammed Gamal) [1781322] -* Thu Jan 23 2020 Jan Stancek [3.10.0-1124.el7] +* Mon Jan 27 2020 Jan Stancek [3.10.0-1124.1.el7] +- [netdrv] net/ibmvnic: Fix typo in retry check (Steve Best) [1780300] +- [netdrv] ibmvnic: Serialize device queries (Steve Best) [1780300] +- [netdrv] ibmvnic: Bound waits for device queries (Steve Best) [1780300] +- [netdrv] ibmvnic: Terminate waiting device threads after loss of service (Steve Best) [1780300] +- [netdrv] ibmvnic: Fix completion structure initialization (Steve Best) [1780300] +- [netdrv] net/ibmvnic: Ignore H_FUNCTION return from H_EOI to tolerate XIVE (Steve Best) [1780300] +- [powerpc] powerpc/pseries/mobility: use cond_resched when updating device tree (Desnes Augusto Nunes do Rosario) [1759209] +- [powerpc] powerpc/rtas: allow rescheduling while changing cpu states (Desnes Augusto Nunes do Rosario) [1759209] +- [base] of: to support binding numa node to specified device in devicetree (Jeff Moyer) [1791883] - [s390] s390: wire up sys_renameat2 (Miklos Szeredi) [1773504] - [net] ipvs: do not use random local source address for tunnels (Xin Long) [1786676] - [misc] mei: me: add cannon point device ids for 4th device (Jerry Snitselaar) [1745139] - [misc] mei: me: add cannon point device ids (Jerry Snitselaar) [1745139] - [netdrv] bnxt_en: Support all variants of the 5750X chip family (Jonathan Toppins) [1789345] +* Wed Jan 22 2020 Jan Stancek [3.10.0-1123.1.el7] +- [kernel] tick: broadcast-hrtimer: Fix a race in bc_set_next (Vladis Dronov) [1785680] +- [mm] mremap: remove LATENCY_LIMIT from mremap to reduce the number of TLB shootdowns (Rafael Aquini) [1781325] +- [x86] x86/CPU: mask X86_CR4_PCIDE from trampoline_cr4_features in clear_in_cr4() too (Vitaly Kuznetsov) [1785626] +- [scsi] scsi: ibmvfc: fix WARN_ON during event pool release (Desnes Augusto Nunes do Rosario) [1635959] +- [dma] dma-mapping: relax warning for per-device areas (Desnes Augusto Nunes do Rosario) [1635959] +- [kernel] sched: Fix schedule_tail() to disable preemption (Phil Auld) [1771094] +- [virtio] scsi: virtio: Reduce BUG if total_sg > virtqueue size to WARN (Lu Lu) [1625065] +- [netdrv] vmxnet3: turn off lro when rxcsum is disabled (Neil Horman) [1775367] +- [x86] x86: respect memory size limiting via mem= parameter (Joel Savitz) [1750253] +- [x86] sched/topology: Improve load balancing on AMD EPYC systems (Phil Auld) [1505941] +- [kernel] sched/topology: Fix off by one bug (Phil Auld) [1505941] +- [s390] s390/idle: fix cpu idle time calculation (Philipp Rudo) [1777505] +- [vhost] vhost: Fix incorrect allocation size for vq indirect iovec (Eugenio Perez) [1749726] + * Tue Jan 14 2020 Jan Stancek [3.10.0-1123.el7] - [mm] mm: prevent get_user_pages() from overflowing page refcount (Aristeu Rozanski) [1705005] {CVE-2019-11487} - [mm] mm/hugetlb.c: __get_user_pages ignores certain follow_hugetlb_page errors (Aristeu Rozanski) [1705005] {CVE-2019-11487}