kernel-6.5.4-300

* Tue Sep 19 2023 Justin M. Forbes <jforbes@fedoraproject.org> [6.5.4-0] - Add F38 and F37 as release targets (Justin M. Forbes) - Add NFS bug fix for 6.5.4 (Justin M. Forbes) - selinux: fix handling of empty opts in selinux_fs_context_submount() (Ondrej Mosnacek) - Turn off appletalk for fedora (Justin M. Forbes) - Linux v6.5.4 Resolves: Signed-off-by: Justin M. Forbes <jforbes@fedoraproject.org>
2023-09-19 06:55:12 -05:00 · 2023-09-19 06:55:12 -05:00 · e73ec15a01
parent 07eb7fc475
commit e73ec15a01
10 changed files with 53 additions and 15 deletions
--- a/Patchlist.changelog
+++ b/Patchlist.changelog
@ -1,3 +1,6 @@
+"https://gitlab.com/cki-project/kernel-ark/-/commit"/60528063540aabceb7c4d79c7938d229ed5efc4f
+ 60528063540aabceb7c4d79c7938d229ed5efc4f selinux: fix handling of empty opts in selinux_fs_context_submount()
+
 "https://gitlab.com/cki-project/kernel-ark/-/commit"/80c615ec2edb4aadded21fe924e2caa172d59577
 80c615ec2edb4aadded21fe924e2caa172d59577 Revert "misc: rtsx: judge ASPM Mode to set PETXCFG Reg"

--- a/kernel-ppc64le-debug-fedora.config
+++ b/kernel-ppc64le-debug-fedora.config
@ -1315,7 +1315,7 @@ CONFIG_DEFAULT_MMAP_MIN_ADDR=4096
 CONFIG_DEFAULT_SECURITY_SELINUX=y
 # CONFIG_DEFERRED_STRUCT_PAGE_INIT is not set
 CONFIG_DETECT_HUNG_TASK=y
-CONFIG_DEV_APPLETALK=m
+# CONFIG_DEV_APPLETALK is not set
 CONFIG_DEV_DAX_CXL=m
 CONFIG_DEV_DAX_HMEM=m
 CONFIG_DEV_DAX_KMEM=m
--- a/kernel-ppc64le-fedora.config
+++ b/kernel-ppc64le-fedora.config
@ -1305,7 +1305,7 @@ CONFIG_DEFAULT_MMAP_MIN_ADDR=4096
 CONFIG_DEFAULT_SECURITY_SELINUX=y
 # CONFIG_DEFERRED_STRUCT_PAGE_INIT is not set
 # CONFIG_DETECT_HUNG_TASK is not set
-CONFIG_DEV_APPLETALK=m
+# CONFIG_DEV_APPLETALK is not set
 CONFIG_DEV_DAX_CXL=m
 CONFIG_DEV_DAX_HMEM=m
 CONFIG_DEV_DAX_KMEM=m
--- a/kernel-s390x-debug-fedora.config
+++ b/kernel-s390x-debug-fedora.config
@ -1323,7 +1323,7 @@ CONFIG_DEFAULT_MMAP_MIN_ADDR=4096
 CONFIG_DEFAULT_SECURITY_SELINUX=y
 # CONFIG_DEFERRED_STRUCT_PAGE_INIT is not set
 CONFIG_DETECT_HUNG_TASK=y
-CONFIG_DEV_APPLETALK=m
+# CONFIG_DEV_APPLETALK is not set
 CONFIG_DEV_DAX_CXL=m
 CONFIG_DEV_DAX_HMEM=m
 CONFIG_DEV_DAX_KMEM=m
--- a/kernel-s390x-fedora.config
+++ b/kernel-s390x-fedora.config
@ -1313,7 +1313,7 @@ CONFIG_DEFAULT_MMAP_MIN_ADDR=4096
 CONFIG_DEFAULT_SECURITY_SELINUX=y
 # CONFIG_DEFERRED_STRUCT_PAGE_INIT is not set
 # CONFIG_DETECT_HUNG_TASK is not set
-CONFIG_DEV_APPLETALK=m
+# CONFIG_DEV_APPLETALK is not set
 CONFIG_DEV_DAX_CXL=m
 CONFIG_DEV_DAX_HMEM=m
 CONFIG_DEV_DAX_KMEM=m
--- a/kernel-x86_64-debug-fedora.config
+++ b/kernel-x86_64-debug-fedora.config
@ -1442,7 +1442,7 @@ CONFIG_DELL_WMI=m
 CONFIG_DELL_WMI_PRIVACY=y
 CONFIG_DELL_WMI_SYSMAN=m
 CONFIG_DETECT_HUNG_TASK=y
-CONFIG_DEV_APPLETALK=m
+# CONFIG_DEV_APPLETALK is not set
 CONFIG_DEV_DAX_CXL=m
 CONFIG_DEV_DAX_HMEM=m
 CONFIG_DEV_DAX_KMEM=m
--- a/kernel-x86_64-fedora.config
+++ b/kernel-x86_64-fedora.config
@ -1432,7 +1432,7 @@ CONFIG_DELL_WMI=m
 CONFIG_DELL_WMI_PRIVACY=y
 CONFIG_DELL_WMI_SYSMAN=m
 # CONFIG_DETECT_HUNG_TASK is not set
-CONFIG_DEV_APPLETALK=m
+# CONFIG_DEV_APPLETALK is not set
 CONFIG_DEV_DAX_CXL=m
 CONFIG_DEV_DAX_HMEM=m
 CONFIG_DEV_DAX_KMEM=m
--- a/kernel.spec
+++ b/kernel.spec
@ -160,18 +160,18 @@ Summary: The Linux kernel
 #  the --with-release option overrides this setting.)
 %define debugbuildsenabled 1
 # define buildid .local
-%define specrpmversion 6.5.3
-%define specversion 6.5.3
+%define specrpmversion 6.5.4
+%define specversion 6.5.4
 %define patchversion 6.5
 %define pkgrelease 300
 %define kversion 6
-%define tarfile_release 6.5.3
+%define tarfile_release 6.5.4
 # This is needed to do merge window version magic
 %define patchlevel 5
 # This allows pkg_release to have configurable %%{?dist} tag
 %define specrelease 300%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 6.5.3
+%define kabiversion 6.5.4

 # If this variable is set to 1, a bpf selftests build failure will cause a
 # fatal kernel package build error
@ -3702,6 +3702,13 @@ fi\
 #
 #
 %changelog
+* Tue Sep 19 2023 Justin M. Forbes <jforbes@fedoraproject.org> [6.5.4-0]
+- Add F38 and F37 as release targets (Justin M. Forbes)
+- Add NFS bug fix for 6.5.4 (Justin M. Forbes)
+- selinux: fix handling of empty opts in selinux_fs_context_submount() (Ondrej Mosnacek)
+- Turn off appletalk for fedora (Justin M. Forbes)
+- Linux v6.5.4
+
 * Wed Sep 13 2023 Justin M. Forbes <jforbes@fedoraproject.org> [6.5.3-0]
 - Revert "misc: rtsx: judge ASPM Mode to set PETXCFG Reg" (Justin M. Forbes)
 - Config updates for 6.5.3 (Justin M. Forbes)
--- a/patch-6.5-redhat.patch
+++ b/patch-6.5-redhat.patch
@ -39,10 +39,11 @@
 security/lockdown/Kconfig                          |  13 +++
 security/lockdown/lockdown.c                       |   1 +
 security/security.c                                |  12 ++
- 41 files changed, 572 insertions(+), 190 deletions(-)
+ security/selinux/hooks.c                           |  10 +-
+ 42 files changed, 580 insertions(+), 192 deletions(-)

 diff --git a/Makefile b/Makefile
-index 901cdfa5e7d3..8ca0b56a75cc 100644
+index beddccac3283..b7f8a65852ca 100644
 --- a/Makefile
 +++ b/Makefile
@@ -22,6 +22,18 @@ $(if $(filter __%, $(MAKECMDGOALS)), \
@ -1572,3 +1573,30 @@ index 549104a447e3..73670798f075 100644
 #ifdef CONFIG_PERF_EVENTS
 /**
  * security_perf_event_open() - Check if a perf event open is allowed
+diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
+index afd663744041..5c16fe737a27 100644
+--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
+@@ -2748,14 +2748,20 @@ static int selinux_umount(struct vfsmount *mnt, int flags)
+ static int selinux_fs_context_submount(struct fs_context *fc,
+ 				   struct super_block *reference)
+ {
+-	const struct superblock_security_struct *sbsec;
+	const struct superblock_security_struct *sbsec = selinux_superblock(reference);
+ 	struct selinux_mnt_opts *opts;
+ 
+	/*
+	 * Ensure that fc->security remains NULL when no options are set
+	 * as expected by selinux_set_mnt_opts().
+	 */
+	if (!(sbsec->flags & (FSCONTEXT_MNT|CONTEXT_MNT|DEFCONTEXT_MNT)))
+		return 0;
+
+ 	opts = kzalloc(sizeof(*opts), GFP_KERNEL);
+ 	if (!opts)
+ 		return -ENOMEM;
+ 
+-	sbsec = selinux_superblock(reference);
+ 	if (sbsec->flags & FSCONTEXT_MNT)
+ 		opts->fscontext_sid = sbsec->sid;
+ 	if (sbsec->flags & CONTEXT_MNT)
--- a/6
+++ b/6
@ -1,3 +1,3 @@
-SHA512 (linux-6.5.3.tar.xz) = aa38c189954b3721c08a25e9cd077b4e1d5eb4d51baa3438f3ff7d18c76b28a99a68213a81c4fdf9a3343f0b108e42256fa8307df3fed7b943e938ed6348ac8b
-SHA512 (kernel-abi-stablelists-6.5.3.tar.bz2) = ec90c164dd2b0793f5e6310c7d585ccae1a0868f11f52ce33678f980af6777d8af2dbd7578966800ee505e6788b59b41bbb2fdf90c5ba073f3740ec28ddb254d
-SHA512 (kernel-kabi-dw-6.5.3.tar.bz2) = 58a0d9aea64f12a138b1d15dc7ad9345588705bb63477714d58db42cbba834d90782687b8e28275feb87e79c6c9f7a2dc10c9c13236cad99fba7f64cfe86e64f
+SHA512 (linux-6.5.4.tar.xz) = 2fc0ff554d2a713ddca070a880e9143ceefaaea4261ce54b237ef8861c83c0e8b2d7e1628c54fb763809c68e4dde9c8d21638dab3619974baa7cf24f8a7d76cb
+SHA512 (kernel-abi-stablelists-6.5.4.tar.bz2) = addf6cefd1c7330ce013570fd9687d3d33e167b4834c32b748fbbcf111792343875b19252bb40e534d01102225176fc442519312110f06b28e809170434cb7ce
+SHA512 (kernel-kabi-dw-6.5.4.tar.bz2) = 9cfc3cfa779336ba19f04b0a0e51cb0abfd4dd49a8b2bf911d50810477d633b35b375903fac449ef703239ce792133de59438ac2e5a6bf5bf0a6061ceac0043b