[ol7_MODRHCK] kernel-abi-whitelists-3.10.0-957.12.2.0.1.el7.noarch

Name:	kernel-abi-whitelists
Version:	3.10.0
Release:	957.12.2.0.1.el7
Architecture:	noarch
Group:	System Environment/Kernel
Size:	299526
License:	GPLv2
RPM:	kernel-abi-whitelists-3.10.0-957.12.2.0.1.el7.noarch.rpm
Source RPM:	kernel-3.10.0-957.12.2.0.1.el7.src.rpm
Build Date:	Wed May 15 2019
Build Host:	x86-ol7-builder-02.us.oracle.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	The Red Hat Enterprise Linux kernel ABI symbol whitelists
Description:	The kABI package contains information pertaining to the Red Hat Enterprise Linux kernel ABI, including lists of kernel symbols that are needed by external Linux kernel modules, and a yum plugin to aid enforcement.

Changelog (Show File list) (Show related packages)

Tue May 14 2019 Natalya Naumova <natalya.naumova@oracle.com> [3.10.0-957.12.2.0.1.el7.OL7]

- [xen/balloon] Support xend-based toolstack (orabug 28663970)
- [x86/apic/x2apic] avoid allocate multiple irq vectors for a single interrupt on multiple
  cpu, otherwise irq vectors would be used up when there are only 2 cpu online per node.
  [orabug28691156]
- [bonding] avoid repeated display of same link status change. [orabug 28109857]
- [ipc] ipc/sem.c: bugfix for semctl(,,GETZCNT) (Manfred Spraul) [orabug 22552377]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [bug 24817676]

Fri Apr 19 2019 Jan Stancek <jstancek@redhat.com> [3.10.0-957.12.2.el7]

- [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Move arch_smt_update() call to after mitigation decisions (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [documentation] x86/speculation/mds: Add mds=full,nosmt cmdline option (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kernel] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spec_ctrl: Disable automatic enabling of STIBP with SMT on (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [base] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127}
- [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127}
- [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/msr-index: Cleanup bit defines (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127}
- [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127}
- [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127}
- [x86] x86/speculation: Rework SMT state change (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127}
- [kernel] sched/smt: Expose sched_smt_present static key (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127}
- [kernel] sched/smt: Make sched_smt_present track topology (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127}
- [x86] x86/speculation: Disable STIBP when enhanced IBRS is in use (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127}
- [x86] x86/speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spectre_v2: Make spectre_v2_mitigation mode available (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spec_ctrl: Add casting to fix compilation error (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127}
- [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127}
- [x86] x86/cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long) [1692597 1692598 1692599 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12130 CVE-2018-12127}

Wed Mar 20 2019 Jan Stancek <jstancek@redhat.com> [3.10.0-957.12.1.el7]

- [kernel] locking/rwsem: Fix (possible) missed wakeup (Waiman Long) [1690323 1547078]
- [kernel] futex: Fix (possible) missed wakeup (Waiman Long) [1690323 1547078]
- [kernel] futex: Use smp_store_release() in mark_wake_futex() (Waiman Long) [1690323 1547078]
- [kernel] sched/wake_q: Fix wakeup ordering for wake_q (Waiman Long) [1690323 1547078]
- [kernel] sched/wake_q: Document wake_q_add() (Waiman Long) [1690323 1547078]
- [scsi] mpt3sas: As per MPI-spec, use combined reply queue for SAS3.5 controllers when HBA supports more than 16 MSI-x vectors (Tomas Henzl) [1689379 1649288]
- [x86] cpu: avoid crash in get_cpu_cache_id() (David Arcari) [1689120 1626279]
- [net] igmp: Allow user-space configuration of igmp unsolicited report interval (Hangbin Liu) [1686771 1663941]
- [net] igmp: Don't flush routing cache when force_igmp_version is modified (Hangbin Liu) [1686771 1663941]
- [net] igmp: fix incorrect unsolicit report count after link down and up (Hangbin Liu) [1688225 1623359]
- [net] igmp: fix incorrect unsolicit report count when join group (Hangbin Liu) [1688225 1623359]
- [net] igmp: make function __ip_mc_inc_group() static (Hangbin Liu) [1688225 1623359]
- [net] igmp: Reduce Unsolicited report interval to 1s when using IGMPv3 (Hangbin Liu) [1688225 1623359]
- [netdrv] cxgb4: Mask out interrupts that are not enabled (Arjun Vynipadath) [1687487 1678729]
- [acpi] apci / watchdog: enable acpi_watchdog_uses_rtc (David Arcari) [1683078 1663637]
- [watchdog] simplify getting .drvdata (David Arcari) [1683079 1666393]
- [acpi] acpi / watchdog: Prefer iTCO_wdt always when WDAT table uses RTC SRAM (David Arcari) [1683079 1666393]
- [acpi] acpi / watchdog: Prefer iTCO_wdt on Lenovo Z50-70 (David Arcari) [1683079 1666393]
- [acpi] acpi / watchdog: properly initialize resources (David Arcari) [1683079 1666393]
- [acpi] acpi / watchdog: Fix init failure with overlapping register regions (David Arcari) [1683079 1666393]
- [acpi] acpi / watchdog: Print out error number when device creation fails (David Arcari) [1683079 1666393]
- [net] netfilter: nat: limit port clash resolution attempts (Florian Westphal) [1683093 1654777]
- [net] netfilter: nat: remove l4 protocol port rovers (Florian Westphal) [1683093 1654777]
- [net] netfilter: nat: cope with negative port range (Florian Westphal) [1683093 1654777]
- [x86] mm/fault: Allow stack access below rsp (Waiman Long) [1678221 1651416]
- [nvme] nvme-rdma: fix possible double free of controller async event buffer (David Milburn) [1678214 1659532]
- [nvme] nvme-rdma: fix possible free of a non-allocated async event buffer (David Milburn) [1678214 1659532]
- [nvme] nvme-rdma: stop admin queue before freeing it (David Milburn) [1678214 1659532]
- [nvme] rdma: fix double freeing of async event data (David Milburn) [1678216 1655786]
- [md] fix memleak for mempool (Nigel Croxon) [1678215 1599780]
- [md] Memory leak when flush bio size is zero (Nigel Croxon) [1678215 1599780]
- [md] fix lock contention for flush bios (Nigel Croxon) [1678215 1599780]
- [net] ipv6: rate-limit probes for neighbourless routes (Sabrina Dubroca) [1677179 1637821]
- [net] ipv6: Re-arrange code in rt6_probe() (Sabrina Dubroca) [1677179 1637821]
- [netdrv] cxgb4: update supported DCB version (Arjun Vynipadath) [1673821 1668570]
- [netdrv] cxgb4: when disabling dcb set txq dcb priority to 0 (Arjun Vynipadath) [1673821 1668570]
- [kvm] kvm: fix kvm_ioctl_create_device() reference counting (Paolo Bonzini) [1671922 1671923] {CVE-2019-6974}
- [kvm] KVM: nVMX: unconditionally cancel preemption timer in free_nested (Paolo Bonzini) [1671905 1671906] {CVE-2019-7221}
- [mm] page-writeback.c: fix range_cyclic writeback vs writepages deadlock (Brian Foster) [1673281 1591574]
- [fs] rbd: avoid corruption on partially completed bios (Ilya Dryomov) [1672514 1613493]

Sat Mar 09 2019 Jan Stancek <jstancek@redhat.com> [3.10.0-957.11.1.el7]

- [net] netfilter: nf_nat: skip nat clash resolution for same-origin entries (Florian Westphal) [1686766 1648965]
- [net] netfilter: nf_conntrack: resolve clash for matching conntracks (Florian Westphal) [1686766 1648965]
- [net] netfilter: conntrack: skip clash resolution if nat is in place (Florian Westphal) [1686766 1648965]
- [net] netfilter: conntrack: introduce clash resolution on insertion race (Florian Westphal) [1686766 1648965]
- [net] netfilter: conntrack: fix race between confirmation and flush (Florian Westphal) [1686766 1648965]
- [net] netfilter: conntrack: introduce nf_ct_acct_update() (Florian Westphal) [1686766 1648965]
- [netdrv] hv_netvsc: Fix a network regression after ifdown/ifup (Mohammed Gamal) [1679997 1661632]

Thu Feb 07 2019 Jan Stancek <jstancek@redhat.com> [3.10.0-957.10.1.el7]

- [fs] revert "[fs] nfs: Don't write back further requests if there is a pending write error" (Benjamin Coddington) [1672510 1656674]
- [fs] cifs: connect to servername instead of IP for IPC$ share (Leif Sahlberg) [1672448 1647844]
- [acpi] nfit: Fix command-supported detection (Charles Rose) [1671743 1665811]
- [acpi] nfit: Block function zero DSMs (Charles Rose) [1671743 1665811]
- [x86] efi-bgrt: Replace early_memremap() with memremap() (Lenny Szubowicz) [1671745 1481667]
- [x86] efi-bgrt: Replace ioremap() with early_memremap() (Lenny Szubowicz) [1671745 1481667]
- [scsi] libiscsi: Allow sd_shutdown on bad transport (Chris Leech) [1670680 1630979]
- [block] blk-mq: punt failed direct issue to dispatch list (Ming Lei) [1670511 1656654]
- [block] blk-mq: fix corruption with direct issue (Ming Lei) [1670511 1656654]
- [powerpc] rtas: Fix a potential race between CPU-Offline & Migration (Steve Best) [1669044 1650249]
- [powerpc] pseries: Disable CPU hotplug across migrations (Steve Best) [1669044 1650249]
- [md] Add split counter for raid1 write request in the right place (Xiao Ni) [1668208 1659951]
- [lib] string_helpers.c: fix infinite loop in string_get_size() (Ewan Milne) [1667989 1660565]
- [kernel] stop_machine: Atomically queue and wake stopper threads (Phil Auld) [1667328 1557061]
- [kernel] stop_machine: Disable preemption after queueing stopper threads (Phil Auld) [1667328 1557061]
- [kernel] stop_machine: Disable preemption when waking two stopper threads (Phil Auld) [1667328 1557061]
- [kernel] stop_machine, sched: Fix migrate_swap() vs. active_balance() deadlock (Phil Auld) [1667328 1557061]
- [kernel] stop_machine: Make cpu_stop_queue_work() and stop_one_cpu_nowait() return bool (Phil Auld) [1667328 1557061]
- [fs] proc: restrict kernel stack dumps to root (Joe Lawrence) [1642401 1638194] {CVE-2018-17972}
- [fs] proc: use "unsigned int" for /proc/*/stack (Joe Lawrence) [1642401 1638194] {CVE-2018-17972}
- [fs] libceph: fall back to sendmsg for slab pages (Ilya Dryomov) [1665814 1647460]
- [scsi] csiostor: remove flush_scheduled_work() (Arjun Vynipadath) [1665370 1660882]
- [pci] shpchp: Separate existence of SHPC and permission to use it (Myron Stowe) [1663241 1633873]
- [pci] shpchp: Manage SHPC unconditionally on non-ACPI systems (Myron Stowe) [1663241 1633873]
- [pci] shpchp: Fix AMD POGO identification (Myron Stowe) [1663241 1633873]
- [mm] memcontrol: factor out reclaim iterator loading and updating (Aristeu Rozanski) [1663114 1595932]
- [net] xfrm: policy: init locks early (Herbert Xu) [1660887 1641866]
- [kernel] mm: clear __GFP_FS when PF_MEMALLOC_NOIO is set (Rafael Aquini) [1660392 1657714]
- [nvme] flush namespace scanning work just before removing namespaces (Ewan Milne) [1659937 1622487]
- [fs] fuse: don't need GETATTR after every READ (Miklos Szeredi) [1657921 1648781]
- [fs] fuse: don't invalidate attrs when not using atime (Miklos Szeredi) [1657921 1648781]
- [net] Set sk_prot_creator when cloning sockets to the right proto (Andrea Claudi) [1657351 1657352] {CVE-2018-9568}
- [kernel] bpf: 32-bit RSH verification must truncate input before the ALU op (Jiri Olsa) [1641387 1641388] {CVE-2018-18445}

Sat Jan 26 2019 Jan Stancek <jstancek@redhat.com> [3.10.0-957.9.1.el7]

- [input] psmouse: fix button reporting for basic protocols (Benjamin Tissoires) [1662848 1658669]
- [input] psmouse: add support for 2nd wheel on A4Tech Dual-Scroll wheel mice (Benjamin Tissoires) [1662848 1658669]

Wed Jan 09 2019 Jan Stancek <jstancek@redhat.com> [3.10.0-957.8.1.el7]

- [tty] add rwsem to close race between copy_from_read_buf calls and reset_buffer_flags (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Fix stall at n_tty_receive_char_special() (Christoph von Recklinghausen) [1660815 1649343]
- [tty] audit: Fix audit source (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Fix auditing support for cannonical mode (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Fix 4096-byte canonical reads (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Remove read_cnt (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Don't wrap input buffer indices at buffer size (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Get read_cnt through accessor (Christoph von Recklinghausen) [1660815 1649343]
- [tty] Deprecate ldisc .chars_in_buffer() method (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Split n_tty_chars_in_buffer() for reader-only interface (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Line copy to user buffer in canonical mode (Christoph von Recklinghausen) [1660815 1649343]
- [tty] n_tty: Factor canonical mode copy from n_tty_read() (Christoph von Recklinghausen) [1660815 1649343]
- [tty] Make ldisc input flow control concurrency-friendly (Christoph von Recklinghausen) [1660815 1649343]
- [tty] Simplify tty buffer/ldisc interface with helper function (Christoph von Recklinghausen) [1660815 1649343]

Tue Jan 08 2019 Jan Stancek <jstancek@redhat.com> [3.10.0-957.7.1.el7]

- [scsi] lpfc: do not set queue->page_count to 0 if pc_sli4_params.wqpcnt is invalid (Ewan Milne) [1664067 1657981]
- [scsi] qla2xxx: Delete session for nport id change (Himanshu Madhani) [1663508 1628301]

Tue Dec 25 2018 Jan Stancek <jstancek@redhat.com> [3.10.0-957.6.1.el7]

- [nvme] nvme-pci: move nvme_kill_queues to nvme_remove_dead_ctrl (David Milburn) [1661947 1632440]

Wed Dec 19 2018 Jan Stancek <jstancek@redhat.com> [3.10.0-957.5.1.el7]

- [fs] revert "[fs] sunrpc: Ensure we always close the socket after a connection shuts down" (Dave Wysochanski) [1660784 1657399]