ELSA-2020-5473

Описание

[4.18.0-240.8.1_3.OL8]

• Oracle Linux certificates (Kevin Lyons)
• Disable signing for aarch64 (Ilya Okomin)
• Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
• Update x509.genkey [Orabug: 24817676]
• Conflict with shim-ia32 and shim-x64 <= 15-2.0.3.el7

[4.18.0-240.8.1_3]

• [s390] s390/dasd: Fix zero write for FBA devices (Ming Lei) [1896787 1881760]
• [s390] mm/gup: fix gup_fast with dynamic page table folding (Philipp Rudo) [1896351 1883266]
• [netdrv] ibmveth: Identify ingress large send packets (Gustavo Duarte) [1896299 1887038]
• [netdrv] ibmveth: Switch order of ibmveth_helper calls (Gustavo Duarte) [1896299 1887038]

[4.18.0-240.7.1_3]

• [fs] writeback: Drop I_DIRTY_TIME_EXPIRE (Waiman Long) [1901547 1860031]
• [fs] writeback: Fix sync livelock due to b_dirty_time processing (Waiman Long) [1901547 1860031]
• [fs] writeback: Avoid skipping inode writeback (Waiman Long) [1901547 1860031]
• [fs] writeback: Protect inode->i_io_list with inode->i_lock (Waiman Long) [1901547 1860031]
• [fs] fs: Introduce DCACHE_DONTCACHE (Waiman Long) [1901547 1860031]
• [fs] fs: Lift XFS_IDONTCACHE to the VFS layer (Waiman Long) [1901547 1860031]
• [fs] dcache: sort the freeing-without-RCU-delay mess for good (Waiman Long) [1901547 1860031]
• [net] ip_tunnel_core: Fix build for archs without _HAVE_ARCH_IPV6_CSUM (Aaron Conole) [1885766 1849736]
• [tools] selftests: pmtu.sh: Add tests for UDP tunnels handled by Open vSwitch (Aaron Conole) [1885766 1849736]
• [tools] selftests: pmtu.sh: Add tests for bridged UDP tunnels (Aaron Conole) [1885766 1849736]
• [net] geneve: Support for PMTU discovery on directly bridged links (Aaron Conole) [1885766 1849736]
• [net] vxlan: Support for PMTU discovery on directly bridged links (Aaron Conole) [1885766 1849736]
• [net] tunnels: PMTU discovery support for directly bridged IP packets (Aaron Conole) [1885766 1849736]
• [net] ipv4: route: Ignore output interface in FIB lookup for PMTU route (Aaron Conole) [1885766 1849736]
• [netdrv] geneve: add transport ports in route lookup for geneve (Mark Gray) [1891818 1884481] {CVE-2020-25645}
• [kernel] PM: hibernate: Batch hibernate and resume IO requests (Lenny Szubowicz) [1894629 1868096]
• [md] dm: fix comment in __dm_suspend() (Mike Snitzer) [1890233 1881531]
• [md] dm: fold dm_process_bio() into dm_make_request() (Mike Snitzer) [1890233 1881531]
• [md] dm: fix missing imposition of queue_limits from dm_wq_work() thread (Mike Snitzer) [1890233 1881531]
• [md] dm: optimize max_io_len() by inlining max_io_len_target_boundary() (Mike Snitzer) [1890233 1881531]
• [md] dm: push md->immutable_target optimization down to __process_bio() (Mike Snitzer) [1890233 1881531]
• [md] dm: change max_io_len() to use blk_max_size_offset() (Mike Snitzer) [1890233 1881531]
• [md] dm table: stack 'chunk_sectors' limit to account for target-specific splitting (Mike Snitzer) [1890233 1881531]
• [block] block: allow 'chunk_sectors' to be non-power-of-2 (Mike Snitzer) [1890233 1881531]
• [block] block: use lcm_not_zero() when stacking chunk_sectors (Mike Snitzer) [1890233 1881531]
• [md] dm: fix bio splitting and its bio completion order for regular IO (Mike Snitzer) [1890233 1881531]

[4.18.0-240.6.1_3]

• [arm64] paravirt: Initialize steal time when cpu is online (Andrew Jones) [1898758 1879137]
• [kvm] Revert 'x86/kvm: Move context tracking where it belongs' (Nitesh Narayan Lal) [1897716 1890284]
• [pci] hv: Fix hibernation in case interrupts are not re-created (Mohammed Gamal) [1896435 1846838]
• [hv] hv: vmbus: hibernation: do not hang forever in vmbus_bus_resume() (Mohammed Gamal) [1896434 1876519]
• [netdrv] hv_netvsc: Cache the current data path to avoid duplicate call and message (Mohammed Gamal) [1896433 1876527]
• [netdrv] hv_netvsc: Switch the data path at the right time during hibernation (Mohammed Gamal) [1896433 1876527]
• [netdrv] hv_netvsc: Fix hibernation for mlx5 VF driver (Mohammed Gamal) [1896433 1876527]
• [tools] selftests/powerpc: Make alignment handler test P9N DD2.1 vector CI load workaround (Gustavo Duarte) [1897278 1887442]
• [powerpc] powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation (Gustavo Duarte) [1897278 1887442]

[4.18.0-240.5.1_3]

• [crypto] crypto: testmgr - mark cts(cbc(aes)) as FIPS allowed (Vladis Dronov) [1886189 1855161]

[4.18.0-240.4.1_3]

• [kernel] sched/features: Fix !CONFIG_JUMP_LABEL case (Daniel Bristot de Oliveira) [1894073 1885850]

[4.18.0-240.3.1_3]

• [iommu] iommu/amd: Fix the overwritten field in IVMD header (Baoquan He) [1888113 1869148]
• [fs] xfs: trim IO to found COW extent limit (Eric Sandeen) [1886895 1882549]
• [char] random32: update the net random state on interrupt and activity (Donghai Qiao) [1888233 1867569] {CVE-2020-16166}
• [net] openvswitch: fixes crash if nf_conncount_init() fails (Eelco Chaudron) [1879935 1876445]

[4.18.0-240.2.1_3]

• [tools] selftests: rtnetlink: Test bridge enslavement with different parent IDs (Jonathan Toppins) [1886017 1860479]
• [tools] selftests: rtnetlink: correct the final return value for the test (Jonathan Toppins) [1886017 1860479]
• [net] Fix bridge enslavement failure (Jonathan Toppins) [1886017 1860479]
• [net] netfilter: conntrack: proc: rename stat column (Florian Westphal) [1882094 1875681]
• [net] netfilter: conntrack: add clash resolution stat counter (Florian Westphal) [1882094 1875681]
• [net] netfilter: conntrack: remove ignore stats (Florian Westphal) [1882094 1875681]
• [net] netfilter: conntrack: do not increment two error counters at same time (Florian Westphal) [1882094 1875681]
• [net] netfilter: conntrack: do not auto-delete clash entries on reply (Florian Westphal) [1882094 1875681]
• [kernel] time/tick-broadcast: Fix tick_broadcast_offline() lockdep complaint (Alexey Klimov) [1880080 1877380]