kernel-5.12.14-0
* Wed Jun 30 2021 Justin M. Forbes <jforbes@fedoraproject.org> [5.12.14-0] - Add CONFIG_SYSTEM_REVOCATION_LIST backported config option for 5.12.14 (Justin M. Forbes) - can: bcm: delay release of struct bcm_op after synchronize_rcu (Thadeu Lima de Souza Cascardo) Resolves: rhbz# Signed-off-by: Justin M. Forbes <jforbes@fedoraproject.org>
This commit is contained in:
parent
4de13ae7a3
commit
2a5bce723c
|
@ -1,3 +1,6 @@
|
|||
https://gitlab.com/cki-project/kernel-ark/-/commit/59fec098b4b0eb9bc766f12c40b85f8fc42cbb1d
|
||||
59fec098b4b0eb9bc766f12c40b85f8fc42cbb1d can: bcm: delay release of struct bcm_op after synchronize_rcu
|
||||
|
||||
https://gitlab.com/cki-project/kernel-ark/-/commit/d6845a028944f7b9ee8fe7b5fe0239fa6c363c90
|
||||
d6845a028944f7b9ee8fe7b5fe0239fa6c363c90 Bluetooth: btqca: Don't modify firmware contents in-place
|
||||
|
||||
|
|
|
@ -7111,6 +7111,7 @@ CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
|||
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
|
||||
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -5589,6 +5589,7 @@ CONFIG_SYSTEM_BLACKLIST_HASH_LIST=""
|
|||
# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set
|
||||
# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -7086,6 +7086,7 @@ CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
|||
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
|
||||
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -5566,6 +5566,7 @@ CONFIG_SYSTEM_BLACKLIST_HASH_LIST=""
|
|||
# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set
|
||||
# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -7335,6 +7335,7 @@ CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
|||
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
|
||||
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -7311,6 +7311,7 @@ CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
|||
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
|
||||
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -7093,6 +7093,7 @@ CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
|||
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
|
||||
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -7069,6 +7069,7 @@ CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
|||
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
|
||||
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -6382,6 +6382,7 @@ CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
|||
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
|
||||
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -6358,6 +6358,7 @@ CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
|||
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
|
||||
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -5979,6 +5979,7 @@ CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
|||
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
|
||||
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -5395,6 +5395,7 @@ CONFIG_SYSTEM_BLACKLIST_HASH_LIST=""
|
|||
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
|
||||
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -5954,6 +5954,7 @@ CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
|||
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
|
||||
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -5376,6 +5376,7 @@ CONFIG_SYSTEM_BLACKLIST_HASH_LIST=""
|
|||
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
|
||||
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -5917,6 +5917,7 @@ CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
|||
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
|
||||
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -5335,6 +5335,7 @@ CONFIG_SYSTEM_BLACKLIST_HASH_LIST=""
|
|||
# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set
|
||||
# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -5892,6 +5892,7 @@ CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
|||
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
|
||||
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -5316,6 +5316,7 @@ CONFIG_SYSTEM_BLACKLIST_HASH_LIST=""
|
|||
# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set
|
||||
# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -5350,6 +5350,7 @@ CONFIG_SYSTEM_BLACKLIST_HASH_LIST=""
|
|||
# CONFIG_SYSTEM_BLACKLIST_KEYRING is not set
|
||||
# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -6436,6 +6436,7 @@ CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
|||
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
|
||||
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -5620,6 +5620,7 @@ CONFIG_SYSTEM_BLACKLIST_HASH_LIST=""
|
|||
CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
||||
# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -6412,6 +6412,7 @@ CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
|||
CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
|
||||
CONFIG_SYSTEM_EXTRA_CERTIFICATE=y
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
|
@ -5598,6 +5598,7 @@ CONFIG_SYSTEM_BLACKLIST_HASH_LIST=""
|
|||
CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
||||
# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set
|
||||
# CONFIG_SYSTEMPORT is not set
|
||||
# CONFIG_SYSTEM_REVOCATION_LIST is not set
|
||||
CONFIG_SYSTEM_TRUSTED_KEYRING=y
|
||||
CONFIG_SYSTEM_TRUSTED_KEYS=""
|
||||
# CONFIG_SYSV68_PARTITION is not set
|
||||
|
|
12
kernel.spec
12
kernel.spec
|
@ -106,7 +106,7 @@ Summary: The Linux kernel
|
|||
%define primary_target rhel
|
||||
%endif
|
||||
|
||||
%define rpmversion 5.12.13
|
||||
%define rpmversion 5.12.14
|
||||
%define stableversion 5.12
|
||||
%define pkgrelease 200
|
||||
|
||||
|
@ -623,7 +623,7 @@ BuildRequires: clang
|
|||
# exact git commit you can run
|
||||
#
|
||||
# xzcat -qq ${TARBALL} | git get-tar-commit-id
|
||||
Source0: linux-5.12.13.tar.xz
|
||||
Source0: linux-5.12.14.tar.xz
|
||||
|
||||
Source1: Makefile.rhelver
|
||||
|
||||
|
@ -1277,8 +1277,8 @@ ApplyOptionalPatch()
|
|||
fi
|
||||
}
|
||||
|
||||
%setup -q -n kernel-5.12.13 -c
|
||||
mv linux-5.12.13 linux-%{KVERREL}
|
||||
%setup -q -n kernel-5.12.14 -c
|
||||
mv linux-5.12.14 linux-%{KVERREL}
|
||||
|
||||
cd linux-%{KVERREL}
|
||||
cp -a %{SOURCE1} .
|
||||
|
@ -2792,6 +2792,10 @@ fi
|
|||
#
|
||||
#
|
||||
%changelog
|
||||
* Wed Jun 30 2021 Justin M. Forbes <jforbes@fedoraproject.org> [5.12.14-0]
|
||||
- Add CONFIG_SYSTEM_REVOCATION_LIST backported config option for 5.12.14 (Justin M. Forbes)
|
||||
- can: bcm: delay release of struct bcm_op after synchronize_rcu (Thadeu Lima de Souza Cascardo)
|
||||
|
||||
* Wed Jun 16 2021 Justin M. Forbes <jforbes@fedoraproject.org> [5.12.11-0]
|
||||
- Bluetooth: btqca: Don't modify firmware contents in-place (Connor Abbott)
|
||||
|
||||
|
|
|
@ -36,12 +36,13 @@
|
|||
include/linux/security.h | 5 +
|
||||
kernel/crash_core.c | 28 ++++-
|
||||
kernel/module_signing.c | 9 +-
|
||||
net/can/bcm.c | 6 +
|
||||
security/integrity/platform_certs/load_uefi.c | 6 +-
|
||||
security/lockdown/Kconfig | 13 +++
|
||||
security/lockdown/lockdown.c | 1 +
|
||||
security/security.c | 6 +
|
||||
security/selinux/hooks.c | 3 +-
|
||||
43 files changed, 641 insertions(+), 185 deletions(-)
|
||||
44 files changed, 647 insertions(+), 185 deletions(-)
|
||||
|
||||
diff --git a/Documentation/admin-guide/kdump/kdump.rst b/Documentation/admin-guide/kdump/kdump.rst
|
||||
index 75a9dd98e76e..3ff3291551f9 100644
|
||||
|
@ -66,7 +67,7 @@ index 75a9dd98e76e..3ff3291551f9 100644
|
|||
|
||||
Boot into System Kernel
|
||||
diff --git a/Makefile b/Makefile
|
||||
index d2fe36db78ae..0fb6443bd3a7 100644
|
||||
index 433f164f9ee0..56a62bea0db1 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -495,6 +495,7 @@ KBUILD_AFLAGS := -D__ASSEMBLY__ -fno-PIE
|
||||
|
@ -1537,8 +1538,32 @@ index 8723ae70ea1f..fb2d773498c2 100644
|
|||
+ }
|
||||
+ return ret;
|
||||
}
|
||||
diff --git a/net/can/bcm.c b/net/can/bcm.c
|
||||
index f3e4d9528fa3..c67916020e63 100644
|
||||
--- a/net/can/bcm.c
|
||||
+++ b/net/can/bcm.c
|
||||
@@ -785,6 +785,7 @@ static int bcm_delete_rx_op(struct list_head *ops, struct bcm_msg_head *mh,
|
||||
bcm_rx_handler, op);
|
||||
|
||||
list_del(&op->list);
|
||||
+ synchronize_rcu();
|
||||
bcm_remove_op(op);
|
||||
return 1; /* done */
|
||||
}
|
||||
@@ -1533,6 +1534,11 @@ static int bcm_release(struct socket *sock)
|
||||
REGMASK(op->can_id),
|
||||
bcm_rx_handler, op);
|
||||
|
||||
+ }
|
||||
+
|
||||
+ synchronize_rcu();
|
||||
+
|
||||
+ list_for_each_entry_safe(op, next, &bo->rx_ops, list) {
|
||||
bcm_remove_op(op);
|
||||
}
|
||||
|
||||
diff --git a/security/integrity/platform_certs/load_uefi.c b/security/integrity/platform_certs/load_uefi.c
|
||||
index ee4b4c666854..eff9ff593405 100644
|
||||
index f290f78c3f30..d3e7ae04f5be 100644
|
||||
--- a/security/integrity/platform_certs/load_uefi.c
|
||||
+++ b/security/integrity/platform_certs/load_uefi.c
|
||||
@@ -46,7 +46,8 @@ static __init void *get_cert_list(efi_char16_t *name, efi_guid_t *guid,
|
||||
|
|
6
sources
6
sources
|
@ -1,3 +1,3 @@
|
|||
SHA512 (linux-5.12.13.tar.xz) = 3ef6475eefadd9e929750517f74129ecdcfb266c8e855ec0a4988260d699fea4c779201cc00335a3d52a855a7d69ab2791c735e9d4c1c4574b71ce077b9f6828
|
||||
SHA512 (kernel-abi-whitelists-5.12.13-200.tar.bz2) = 9c4430cff40e7a07c8aa31a3cb022400a57319e6270cd0ea374185544ebe99a874ae60c5e6485a267a02f8fdff573749b4c24d78d977e494edbe069049ec5b43
|
||||
SHA512 (kernel-kabi-dw-5.12.13-200.tar.bz2) = f6d3a3143201ba025be24c4c6cb28497b4f55eba987373183766eac3d783b8732489cf42d6bed523593ca637b1f8d836941cf185eca78b8f73da436298ff7044
|
||||
SHA512 (linux-5.12.14.tar.xz) = c5c5e8c11c4ad5bc72a476665b62afd65175ee631ec7af9a002e097ac2dd01a1c485d5f58cb85be4b236bbf02570852fa321000f71f1f2b18ec75866af7792da
|
||||
SHA512 (kernel-abi-whitelists-5.12.14-200.tar.bz2) = 72df9273ef959394b301774caa56c94156b466bc1770400ddddcf06b0a3ff72a049af26184fb74aba560d8d92da22eb1cd24bb48d3db773e5b80ec0cbd6858eb
|
||||
SHA512 (kernel-kabi-dw-5.12.14-200.tar.bz2) = 4770204e7c20b43f6fa3b611580b6eb83897b0a6e8e65997eb68c2e128981e2a9329635e9798cf5c28bd6fed8f6afd31def86bfc6fdcf20cfa281c7e2b5c7cdf
|
||||
|
|
Loading…
Reference in New Issue