diff --git a/.kernel.metadata b/.kernel.metadata index 95053a6..d69b592 100644 --- a/.kernel.metadata +++ b/.kernel.metadata @@ -1,3 +1,3 @@ ba5599148e52ecd126ebcf873672e26d3288323e SOURCES/kernel-abi-whitelists-1160.tar.bz2 5000b85c42ef87b6835dd8eef063e4623c2e0fa9 SOURCES/kernel-kabi-dw-1160.tar.bz2 -0428d9687917ed763b92bf073204efe0ee7723f2 SOURCES/linux-3.10.0-1160.31.1.el7.tar.xz +db35c91c88c30e91710776de97f84a469aebab3a SOURCES/linux-3.10.0-1160.36.2.el7.tar.xz diff --git a/SOURCES/Makefile.common b/SOURCES/Makefile.common index ded6133..5cf099f 100644 --- a/SOURCES/Makefile.common +++ b/SOURCES/Makefile.common @@ -9,7 +9,7 @@ RPMVERSION:=3.10.0 # marker is git tag which we base off of for exporting patches MARKER:=v3.10 PREBUILD:= -BUILD:=1160.31.1 +BUILD:=1160.36.2 DIST:=.el7 SPECFILE:=kernel.spec RPM:=$(REDHAT)/rpm diff --git a/SPECS/kernel-plus.spec b/SPECS/kernel-plus.spec index 012e5ee..5de4b2e 100644 --- a/SPECS/kernel-plus.spec +++ b/SPECS/kernel-plus.spec @@ -20,10 +20,10 @@ Summary: The Linux kernel %global distro_build 1160 %define rpmversion 3.10.0 -%define pkgrelease 1160.31.1.el7 +%define pkgrelease 1160.36.2.el7 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 1160.31.1%{?dist} +%define specrelease 1160.36.2%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -1404,6 +1404,15 @@ BuildKernel() { fi cp -a include $RPM_BUILD_ROOT/lib/modules/$KernelVer/build/include + # Files for 'make scripts' to succeed with kernel-devel. + mkdir -p $RPM_BUILD_ROOT/lib/modules/$KernelVer/build/security/selinux/include + cp -a --parents security/selinux/include/classmap.h $RPM_BUILD_ROOT/lib/modules/$KernelVer/build + cp -a --parents security/selinux/include/initial_sid_to_string.h $RPM_BUILD_ROOT/lib/modules/$KernelVer/build + mkdir -p $RPM_BUILD_ROOT/lib/modules/$KernelVer/build/tools/include/tools + cp -a --parents tools/include/tools/be_byteshift.h $RPM_BUILD_ROOT/lib/modules/$KernelVer/build + cp -a --parents tools/include/tools/le_byteshift.h $RPM_BUILD_ROOT/lib/modules/$KernelVer/build + + # copy objtool for kernel-devel (needed for building external modules) if grep -q CONFIG_STACK_VALIDATION=y .config; then mkdir -p $RPM_BUILD_ROOT/lib/modules/$KernelVer/build/tools/objtool @@ -2106,7 +2115,7 @@ fi %kernel_variant_files %{with_kdump} kdump %changelog -* Tue Jun 08 2021 Akemi Yagi [3.10.0-1160.31.1.el7.centos.plus] +* Tue Jul 20 2021 Akemi Yagi [3.10.0-1160.36.2.el7.centos.plus] - Apply debranding changes - Roll in i686 mods addmissing.patch [puias] @@ -2167,6 +2176,54 @@ fi - wireguard added - UEFI disabled in 32-bit kernel +* Wed Jul 07 2021 Augusto Caringi [3.10.0-1160.36.1.el7] +- cipso,calipso: resolve a number of problems with the DOI refcounts (Antoine Tenart) [1967720] +- net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() (Alaa Hleihel) [1962406] +- sched/debug: Fix cgroup_path[] serialization (Waiman Long) [1912221] +- sched/debug: Reset watchdog on all CPUs while processing sysrq-t (Waiman Long) [1912221] +- vt: vt_ioctl: fix use-after-free in vt_in_use() (Vladis Dronov) [1872778] +- vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console (Vladis Dronov) [1872778] +- vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines (Vladis Dronov) [1872778] +- vt: selection, introduce vc_is_sel (Vladis Dronov) [1872778] +- redhat: genspec: generate changelog entries since last release (Augusto Caringi) + +* Tue Jun 29 2021 Augusto Caringi [3.10.0-1160.35.1.el7] +- CI: Merge configuration (Veronika Kabatova) +- [pci/aer] Work around use-after-free in pcie_do_fatal_recovery() (Al Stone) [1933663] +- [pci/aer] do not invoke error recovery with non-fatal errors (Al Stone) [1933663] + +* Tue Jun 22 2021 Augusto Caringi [3.10.0-1160.34.1.el7] +- futex: remove lockdep_assert_held() in pi_state_update_owner() (Donghai Qiao) [1965495] +- video: hyperv_fb: Add ratelimit on error message (Mohammed Gamal) [1957803] +- Drivers: hv: vmbus: Increase wait time for VMbus unload (Mohammed Gamal) [1957803] +- Drivers: hv: vmbus: Initialize unload_event statically (Mohammed Gamal) [1957803] +- blk-mq: always allow reserved allocation in hctx_may_queue (Ming Lei) [1926825] +- s390/pci: fix out of bounds access during irq setup (Philipp Rudo) [1917943] +- s390/pci: improve irq number check for msix (Philipp Rudo) [1917943] + +* Thu Jun 17 2021 Augusto Caringi [3.10.0-1160.33.1.el7] +- CI: Disable result checking for realtime check (Veronika Kabatova) +- CI: Explicitly disable result checking for private CI (Veronika Kabatova) +- CI: Rename variable (Veronika Kabatova) +- mm: memcontrol: switch to rcu protection in drain_all_stock() (Waiman Long) [1957719] +- sctp: Don't add the shutdown timer if its already been added (Xin Long) [1953052] +- media: xirlink_cit: add missing descriptor sanity checks (Mark Langsdorf) [1826877] {CVE-2020-11668} + +* Wed Jun 09 2021 Augusto Caringi [3.10.0-1160.32.1.el7] +- Bluetooth: verify AMP hci_chan before amp_destroy (Gopal Tiwari) [1962532] {CVE-2021-33034} +- net: ipv4: route: Fix sending IGMP messages with link address (Hangbin Liu) [1958339] +- hv_netvsc: remove ndo_poll_controller (Mohammed Gamal) [1953075] +- Fix double free in nvme_trans_log_temperature (Gopal Tiwari) [1946793] +- rcu: Call touch_nmi_watchdog() while printing stall warnings (Artem Savkov) [1924688] +- sched/fair: Use RCU accessors consistently for ->numa_group (Rafael Aquini) [1915635] {CVE-2019-20934} +- sched/fair: Don't free p->numa_faults with concurrent readers (Rafael Aquini) [1915635] {CVE-2019-20934} +- sched/numa: Simplify task_numa_compare() (Rafael Aquini) [1915635] {CVE-2019-20934} +- sched/numa: Fix task_numa_free() lockdep splat (Rafael Aquini) [1915635] {CVE-2019-20934} +- sched/numa: Move task_numa_free() to __put_task_struct() (Rafael Aquini) [1915635] {CVE-2019-20934} +- [s390] s390/dasd: fix diag 0x250 inline assembly (Philipp Rudo) [1910395] +- vsock/vmci: log once the failed queue pair allocation (Stefano Garzarella) [1892237] +- VMCI: Stop log spew when qp allocation isn't possible (Stefano Garzarella) [1892237] + * Wed May 26 2021 Augusto Caringi [3.10.0-1160.31.1.el7] - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() (Philipp Rudo) [1917840] - scsi: qla2xxx: Fix the call trace for flush workqueue (Nilesh Javali) [1937945]