[ol8_baseos_latest] kernel-4.18.0-147.5.1.el8_1.x86_64

Name:	kernel
Version:	4.18.0
Release:	147.5.1.el8_1
Architecture:	x86_64
Group:	System Environment/Kernel
Size:	0
License:	GPLv2 and Redistributable, no modification permitted
RPM:	kernel-4.18.0-147.5.1.el8_1.x86_64.rpm
Source RPM:	kernel-4.18.0-147.5.1.el8_1.src.rpm
Build Date:	Thu Feb 06 2020
Build Host:	jenkins-10-147-72-125-a0578cac-9828-442f-b1bc-86ad3a25368f.appad1iad.osdevelopmeniad.oraclevcn.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	The Linux kernel, based on version 4.18.0, heavily modified with backports
Description:	This is the package which provides the Linux kernel for Red Hat Enterprise Linux. It is based on upstream Linux at version 4.18.0 and maintains kABI compatibility of a set of approved symbols, however it is heavily modified with backports and fixes pulled from newer upstream Linux kernel releases. This means this is not a 4.18.0 kernel anymore: it includes several components which come from newer upstream linux versions, while maintaining a well tested and stable core. Some of the components/backports that may be pulled in are: changes like updates to the core kernel (eg.: scheduler, cgroups, memory management, security fixes and features), updates to block layer, supported filesystems, major driver updates for supported hardware in Red Hat Enterprise Linux, enhancements for enterprise customers, etc.

Changelog (Show File list) (Show related packages)

Wed Feb 05 2020 Tianyue Lan <tianyue.lan@oracle.com> [4.18.0-147.5.1.el8_1.OL8]

- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]

Tue Jan 14 2020 Herton R. Krzesinski <herton@redhat.com> [4.18.0-147.5.1.el8_1]

- [powerpc] powerpc/shared: Use static key to detect shared processor (Phil Auld) [1781114 1767529]
- [powerpc] powerpc/vcpu: Assume dedicated processors as non-preempt (Phil Auld) [1781114 1767529]

Mon Dec 16 2019 Herton R. Krzesinski <herton@redhat.com> [4.18.0-147.4.1.el8_1]

- [block] blk-mq: apply normal plugging for HDD (Ming Lei) [1782181 1759380]
- [block] blk-mq: honor IO scheduler for multiqueue devices (Ming Lei) [1782181 1759380]
- [block] blk-mq: simplify blk_mq_make_request() (Ming Lei) [1782181 1759380]
- [block] blk-mq: remove blk_mq_put_ctx() (Ming Lei) [1782181 1759380]
- [x86] kvm: vmx: use MSR_IA32_TSX_CTRL to hard-disable TSX on guest that lack it (Paolo Bonzini) [1781660 1779553] {CVE-2019-19338}
- [x86] kvm: vmx: implement MSR_IA32_TSX_CTRL disable RTM functionality (Paolo Bonzini) [1781660 1779553] {CVE-2019-19338}
- [x86] kvm: x86: implement MSR_IA32_TSX_CTRL effect on CPUID (Paolo Bonzini) [1781660 1779553] {CVE-2019-19338}
- [x86] kvm: x86: do not modify masked bits of shared MSRs (Paolo Bonzini) [1781660 1779553] {CVE-2019-19338}
- [x86] kvm: x86: fix presentation of TSX feature in ARCH_CAPABILITIES (Paolo Bonzini) [1781660 1779553] {CVE-2019-19338}
- [x86] kvm/x86: Export MDS_NO=0 to guests when TSX is enabled (Paolo Bonzini) [1781660 1779553] {CVE-2019-19338}
- [fs] cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs (Leif Sahlberg) [1778693 1765979]
- [fs] cifs: avoid using MID 0xFFFF (Leif Sahlberg) [1778693 1765979]
- [fs] cifs: Fix retry mid list corruption on reconnects (Leif Sahlberg) [1778693 1765979]
- [fs] smb3: fix unmount hang in open_shroot (Leif Sahlberg) [1781113 1757670]
- [fs] CIFS: fix deadlock in cached root handling (Leif Sahlberg) [1781113 1757670]
- [fs] Fix match_server check to allow for auto dialect negotiate (Leif Sahlberg) [1781113 1757670]
- [fs] SMB3: retry on STATUS_INSUFFICIENT_RESOURCES instead of failing write (Leif Sahlberg) [1781113 1757670]
- [fs] cifs: fix panic in smb2_reconnect (Leif Sahlberg) [1781113 1757670]
- [fs] cifs: fix strcat buffer overflow and reduce raciness in smb21_set_oplock_level() (Leif Sahlberg) [1781113 1757670]
- [fs] smb3: fix signing verification of large reads (Dave Wysochanski) [1781110 1753114]
- [scsi] scsi: lpfc: Fix port relogin failure due to GID_FT interaction (Dick Kennedy) [1781108 1733217]
- [fs] xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT (Bill O'Donnell) [1778692 1739607]
- [net] cfg80211: wext: avoid copying malformed SSIDs (Jarod Wilson) [1778633 1778634] {CVE-2019-17133}
- [block] blkcg: perpcu_ref init/exit should be done from blkg_alloc/free() (Ming Lei) [1777766 1741392]
- [fs] userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx (Alex Gladkov) [1777389 1749763] {CVE-2019-14898}
- [netdrv] mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings (Jarod Wilson) [1776618 1775484] {CVE-2019-14814 CVE-2019-14815 CVE-2019-14816}
- [netdrv] mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (Jarod Wilson) [1776209 1776210] {CVE-2019-14895}
- [netdrv] mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() (Jarod Wilson) [1776161 1776162] {CVE-2019-14901}
- [netdrv] rtlwifi: Fix potential overflow on P2P code (Jarod Wilson) [1775222 1775223] {CVE-2019-17666}
- [pci] hv: Avoid use of hv_pci_dev->pci_slot after freeing it (Mohammed Gamal) [1764635 1737569]

Tue Nov 26 2019 Herton R. Krzesinski <herton@redhat.com> [4.18.0-147.3.1.el8_1]

- [x86] kvm: svm: taint module and print taint message iff nested is enabled (Bandan Das) [1776114 1775410]

Fri Nov 22 2019 Herton R. Krzesinski <herton@redhat.com> [4.18.0-147.2.1.el8_1]

- [sched] fair: Scale bandwidth quota and period without losing quota/period ratio precision (Phil Auld) [1773568 1706247]
- [sched] fair: Fix -Wunused-but-set-variable warnings (Phil Auld) [1773568 1706247]
- [sched] fair: Fix low cpu usage with high throttling by removing expiration of cpu-local slices (Phil Auld) [1773568 1706247]
- [powerpc] powerpc/pseries: Track LMB nid instead of using device tree (Steve Best) [1772110 1758742]
- [powerpc] powerpc/pseries/memory-hotplug: Only update DT once per memory DLPAR request (Steve Best) [1772110 1758742]
- [powerpc] powerpc/rtas: allow rescheduling while changing cpu states (Steve Best) [1772109 1758651]
- [powerpc] powerpc/pseries/mobility: use cond_resched when updating device tree (Steve Best) [1772109 1758651]
- [netdrv] i40e: Do not check VF state in i40e_ndo_get_vf_config (Stefan Assmann) [1770177 1752498]
- [fs] CIFS: Fix use after free of file info structures (Dave Wysochanski) [1767357 1757865]
- [fs] cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic (Dave Wysochanski) [1767357 1757865]
- [netdrv] net/ibmvnic: prevent more than one thread from running in reset (Steve Best) [1764830 1756943]
- [netdrv] net/ibmvnic: unlock rtnl_lock in reset so linkwatch_event can run (Steve Best) [1764830 1756943]
- [netdrv] ibmvnic: Warn unknown speed message only when carrier is present (Steve Best) [1764832 1749873]
- [netdrv] net/ibmvnic: Fix missing { in __ibmvnic_reset (Steve Best) [1764832 1749873]
- [netdrv] net/ibmvnic: free reset work of removed device from queue (Steve Best) [1764832 1749873]
- [netdrv] ibmvnic: Do not process reset during or after device removal (Steve Best) [1764832 1749873]
- [cpuidle] cpuidle: governor: Add new governors to cpuidle_governors again (Marcelo Tosatti) [1764831 1759282]
- [cpuidle] cpuidle-haltpoll: do not set an owner to allow modunload (Marcelo Tosatti) [1764831 1759282]
- [cpuidle] cpuidle-haltpoll: set haltpoll as preferred governor (Marcelo Tosatti) [1764831 1759282]
- [cpuidle] cpuidle: allow governor switch on cpuidle_register_driver() (Marcelo Tosatti) [1764831 1759282]
- [cpuidle] cpuidle: Add cpuidle.governor= command line parameter (Marcelo Tosatti) [1764831 1759282]
- [cpuidle] cpuidle-haltpoll: vcpu hotplug support (Marcelo Tosatti) [1764831 1759282]
- [cpuidle] cpuidle-haltpoll: disable host side polling when kvm virtualized (Marcelo Tosatti) [1764831 1759282]
- [cpuidle] cpuidle: add haltpoll governor (Marcelo Tosatti) [1764831 1759282]
- [cpuidle] cpuidle: header file stubs must be "static inline" (Marcelo Tosatti) [1764831 1759282]
- [cpuidle] governors: unify last_state_idx (Marcelo Tosatti) [1764831 1759282]
- [cpuidle] cpuidle: add poll_limit_ns to cpuidle_device structure (Marcelo Tosatti) [1764831 1759282]
- [cpuidle] cpuidle: poll_state: Fix default time limit (Marcelo Tosatti) [1764831 1759282]
- [cpuidle] cpuidle: poll_state: Disregard disable idle states (Marcelo Tosatti) [1764831 1759282]
- [cpuidle] cpuidle: poll_state: Revise loop termination condition (Marcelo Tosatti) [1764831 1759282]
- [cpuidle] cpuidle: menu: Fix wakeup statistics updates for polling state (Marcelo Tosatti) [1764831 1759282]
- [cpuidle] cpuidle-haltpoll: return -ENODEV on modinit failure (Marcelo Tosatti) [1764831 1759282]
- [cpuidle] add cpuidle-haltpoll driver (Marcelo Tosatti) [1764831 1759282]
- [x86] kvm: x86: add host poll control msrs (Vitaly Kuznetsov) [1764831 1749495]
- [s390] s390/setup: Fix kernel lock down for s390 (Philipp Rudo) [1764827 1748343]
- [powerpc] powerpc: Allow flush_(inval_)dcache_range to work across ranges >4GB (Steve Best) [1764826 1744062]
- [fs] mm/huge_memory: fix vmf_insert_pfn_{pmd, pud}() crash, handle unaligned addresses (Jeff Moyer) [1764825 1743159]
- [mm] mm/huge_memory.c: fix modifying of page protection by insert_pfn_pmd() (Jeff Moyer) [1764825 1743159]
- [pci] PCI: hv: Use bytes 4 and 5 from instance ID as the PCI domain numbers (Mohammed Gamal) [1764634 1671288]
- [pci] PCI: hv: Detect and fix Hyper-V PCI domain number collision (Mohammed Gamal) [1764634 1671288]

Tue Nov 12 2019 Frantisek Hrbata <fhrbata@redhat.com> [4.18.0-147.1.1.el8_1]

- [arm64] arm64/sve: Fix wrong free for task->thread.sve_state (Andrew Jones) [1767358 1756450]
- [drm] drm/i915/cmdparser: Fix jump whitelist clearing (Dave Airlie) [1756871 1756873] {CVE-2019-0155}
- [drm] drm/i915: Lower RM timeout to avoid DSI hard hangs (Dave Airlie) [1766056 1756805] {CVE-2019-0154}
- [drm] drm/i915/gen8+: Add RC6 CTX corruption WA (Dave Airlie) [1766056 1756805] {CVE-2019-0154}
- [drm] drm/i915/cmdparser: Ignore Length operands during command matching (Dave Airlie) [1756871 1756873] {CVE-2019-0155}
- [drm] drm/i915/cmdparser: Add support for backward jumps (Dave Airlie) [1756871 1756873] {CVE-2019-0155}
- [drm] drm/i915/cmdparser: Use explicit goto for error paths (Dave Airlie) [1756871 1756873] {CVE-2019-0155}
- [drm] drm/i915: Add gen9 BCS cmdparsing (Dave Airlie) [1756871 1756873] {CVE-2019-0155}
- [drm] drm/i915: Allow parsing of unsized batches (Dave Airlie) [1756871 1756873] {CVE-2019-0155}
- [drm] drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (Dave Airlie) [1756871 1756873] {CVE-2019-0155}
- [drm] drm/i915: Add support for mandatory cmdparsing (Dave Airlie) [1756871 1756873] {CVE-2019-0155}
- [drm] drm/i915: Remove Master tables from cmdparser (Dave Airlie) [1756871 1756873] {CVE-2019-0155}
- [drm] drm/i915: Disable Secure Batches for gen6+ (Dave Airlie) [1756871 1756873] {CVE-2019-0155}
- [drm] drm/i915: Rename gen7 cmdparser tables (Dave Airlie) [1756871 1756873] {CVE-2019-0155}
- [x86] x86/tsx: Add config options to set tsx=on|off|auto (Josh Poimboeuf) [1766550 1766551] {CVE-2019-11135}
- [documentation] x86/speculation/taa: Add documentation for TSX Async Abort (Josh Poimboeuf) [1766550 1766551] {CVE-2019-11135}
- [x86] x86/tsx: Add "auto" option to the tsx= cmdline parameter (Josh Poimboeuf) [1766550 1766551] {CVE-2019-11135}
- [base] x86/speculation/taa: Add sysfs reporting for TSX Async Abort (Josh Poimboeuf) [1766550 1766551] {CVE-2019-11135}
- [x86] x86/speculation/taa: Add mitigation for TSX Async Abort (Josh Poimboeuf) [1766550 1766551] {CVE-2019-11135}
- [x86] x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default (Josh Poimboeuf) [1766550 1766551] {CVE-2019-11135}
- [x86] x86/cpu: Add a helper function x86_read_arch_cap_msr() (Josh Poimboeuf) [1766550 1766551] {CVE-2019-11135}
- [x86] x86/msr: Add the IA32_TSX_CTRL MSR (Josh Poimboeuf) [1766550 1766551] {CVE-2019-11135}
- [documentation] Documentation: Add ITLB_MULTIHIT documentation (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [kvm] kvm: x86: mmu: Recovery of shattered NX large pages (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [virt] kvm: Add helper function for creating VM worker threads (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [kvm] kvm: mmu: ITLB_MULTIHIT mitigation (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [kernel] cpu/speculation: Uninline and export CPU mitigations helpers (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [x86] x86/cpu: Add Tremont to the cpu vulnerability whitelist (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [x86] x86: Add ITLB_MULTIHIT bug infrastructure (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [kvm] KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [kvm] KVM: x86: add tracepoints around __direct_map and FNAME(fetch) (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [kvm] KVM: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [kvm] KVM: x86: remove now unneeded hugepage gfn adjustment (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [kvm] KVM: x86: make FNAME(fetch) and __direct_map more similar (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [kvm] kvm: mmu: Do not release the page inside mmu_set_spte() (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [kvm] kvm: Convert kvm_lock to a mutex (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [kvm] KVM: x86/mmu: Reintroduce fast invalidate/zap for flushing memslot (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [kvm] Revert "KVM: x86/mmu: Zap only the relevant pages when removing a memslot" (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [kvm] kvm: x86, powerpc: do not allow clearing largepages debugfs entry (Paolo Bonzini) [1698416 1690344] {CVE-2018-12207}
- [zstream] switch to zstream (Frantisek Hrbata)

Thu Sep 26 2019 Herton R. Krzesinski <herton@redhat.com> [4.18.0-147.el8]

- [x86] perf/x86/intel: Fix spurious NMI on fixed counter (Michael Petlan) [1755110]
- [x86] perf/x86/intel: Fix race in intel_pmu_disable_event() (Michael Petlan) [1755110]
- [netdrv] drivers: tap.c: fix wrong backport causing WARN_ON_ONCE(1) in skb_flow_dissect() (Davide Caratti) [1750711]
- [virt] KVM: coalesced_mmio: add bounds checking (Bandan Das) [1746804] {CVE-2019-14821}

Tue Sep 24 2019 Herton R. Krzesinski <herton@redhat.com> [4.18.0-146.el8]

- [fs] gfs2: clear buf_in_tr when ending a transaction in sweep_bh_for_rgrps (Robert S Peterson) [1750939]
- [s390] kvm: s390: kvm_s390_vm_start_migration: check dirty_bitmap before using it as target for memset() (Thomas Huth) [1753260]
- [fs] cifs: fix credits leak for SMB1 oplock breaks (Leif Sahlberg) [1752243]

Wed Sep 18 2019 Herton R. Krzesinski <herton@redhat.com> [4.18.0-145.el8]

- [iommu] iommu/amd: Add support for X2APIC IOMMU interrupts (Suravee Suthikulpanit) [1734842]
- [vhost] vhost: make sure log_num < in_num (Eugenio Perez) [1750882] {CVE-2019-14835}

Thu Sep 12 2019 Herton R. Krzesinski <herton@redhat.com> [4.18.0-144.el8]

- [md] Revert "[md] dm: eliminate 'split_discard_bios' flag from DM target interface" (Mike Snitzer) [1749929]
- [md] Revert "[md] dm: make sure to obey max_io_len_target_boundary" (Mike Snitzer) [1749929]
- [pci] PCI: Restore Resizable BAR size bits correctly for 1MB BARs (Myron Stowe) [1717760]
- [net] netfilter: nft_fib_netdev: Terminate rule eval if protocol=IPv6 and ipv6 module is disabled (Phil Sutter) [1743945]
- [net] netfilter: bridge: Drops IPv6 packets if IPv6 module is not loaded (Phil Sutter) [1743945]
- [drm] drm/qxl: get vga ioports (Gerd Hoffmann) [1728936]
- [drm] drm/i915: Call dma_set_max_seg_size() in i915_driver_hw_probe() (Lyude Paul) [1724363]