From e73ec15a01cab050b469e4174cd65d1e59f52984 Mon Sep 17 00:00:00 2001 From: "Justin M. Forbes" Date: Tue, 19 Sep 2023 06:55:12 -0500 Subject: [PATCH] kernel-6.5.4-300 * Tue Sep 19 2023 Justin M. Forbes [6.5.4-0] - Add F38 and F37 as release targets (Justin M. Forbes) - Add NFS bug fix for 6.5.4 (Justin M. Forbes) - selinux: fix handling of empty opts in selinux_fs_context_submount() (Ondrej Mosnacek) - Turn off appletalk for fedora (Justin M. Forbes) - Linux v6.5.4 Resolves: Signed-off-by: Justin M. Forbes --- Patchlist.changelog | 3 +++ kernel-ppc64le-debug-fedora.config | 2 +- kernel-ppc64le-fedora.config | 2 +- kernel-s390x-debug-fedora.config | 2 +- kernel-s390x-fedora.config | 2 +- kernel-x86_64-debug-fedora.config | 2 +- kernel-x86_64-fedora.config | 2 +- kernel.spec | 15 ++++++++++---- patch-6.5-redhat.patch | 32 ++++++++++++++++++++++++++++-- sources | 6 +++--- 10 files changed, 53 insertions(+), 15 deletions(-) diff --git a/Patchlist.changelog b/Patchlist.changelog index d2fb036bc..fbc7e733b 100644 --- a/Patchlist.changelog +++ b/Patchlist.changelog @@ -1,3 +1,6 @@ +"https://gitlab.com/cki-project/kernel-ark/-/commit"/60528063540aabceb7c4d79c7938d229ed5efc4f + 60528063540aabceb7c4d79c7938d229ed5efc4f selinux: fix handling of empty opts in selinux_fs_context_submount() + "https://gitlab.com/cki-project/kernel-ark/-/commit"/80c615ec2edb4aadded21fe924e2caa172d59577 80c615ec2edb4aadded21fe924e2caa172d59577 Revert "misc: rtsx: judge ASPM Mode to set PETXCFG Reg" diff --git a/kernel-ppc64le-debug-fedora.config b/kernel-ppc64le-debug-fedora.config index 9a8ea730a..c283ee984 100644 --- a/kernel-ppc64le-debug-fedora.config +++ b/kernel-ppc64le-debug-fedora.config @@ -1315,7 +1315,7 @@ CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 CONFIG_DEFAULT_SECURITY_SELINUX=y # CONFIG_DEFERRED_STRUCT_PAGE_INIT is not set CONFIG_DETECT_HUNG_TASK=y -CONFIG_DEV_APPLETALK=m +# CONFIG_DEV_APPLETALK is not set CONFIG_DEV_DAX_CXL=m CONFIG_DEV_DAX_HMEM=m CONFIG_DEV_DAX_KMEM=m diff --git a/kernel-ppc64le-fedora.config b/kernel-ppc64le-fedora.config index 9fa997364..f3dea012f 100644 --- a/kernel-ppc64le-fedora.config +++ b/kernel-ppc64le-fedora.config @@ -1305,7 +1305,7 @@ CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 CONFIG_DEFAULT_SECURITY_SELINUX=y # CONFIG_DEFERRED_STRUCT_PAGE_INIT is not set # CONFIG_DETECT_HUNG_TASK is not set -CONFIG_DEV_APPLETALK=m +# CONFIG_DEV_APPLETALK is not set CONFIG_DEV_DAX_CXL=m CONFIG_DEV_DAX_HMEM=m CONFIG_DEV_DAX_KMEM=m diff --git a/kernel-s390x-debug-fedora.config b/kernel-s390x-debug-fedora.config index d527caaf5..8d0166396 100644 --- a/kernel-s390x-debug-fedora.config +++ b/kernel-s390x-debug-fedora.config @@ -1323,7 +1323,7 @@ CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 CONFIG_DEFAULT_SECURITY_SELINUX=y # CONFIG_DEFERRED_STRUCT_PAGE_INIT is not set CONFIG_DETECT_HUNG_TASK=y -CONFIG_DEV_APPLETALK=m +# CONFIG_DEV_APPLETALK is not set CONFIG_DEV_DAX_CXL=m CONFIG_DEV_DAX_HMEM=m CONFIG_DEV_DAX_KMEM=m diff --git a/kernel-s390x-fedora.config b/kernel-s390x-fedora.config index e68fe3f8e..f94f19798 100644 --- a/kernel-s390x-fedora.config +++ b/kernel-s390x-fedora.config @@ -1313,7 +1313,7 @@ CONFIG_DEFAULT_MMAP_MIN_ADDR=4096 CONFIG_DEFAULT_SECURITY_SELINUX=y # CONFIG_DEFERRED_STRUCT_PAGE_INIT is not set # CONFIG_DETECT_HUNG_TASK is not set -CONFIG_DEV_APPLETALK=m +# CONFIG_DEV_APPLETALK is not set CONFIG_DEV_DAX_CXL=m CONFIG_DEV_DAX_HMEM=m CONFIG_DEV_DAX_KMEM=m diff --git a/kernel-x86_64-debug-fedora.config b/kernel-x86_64-debug-fedora.config index a739ef29d..17e52ea6f 100644 --- a/kernel-x86_64-debug-fedora.config +++ b/kernel-x86_64-debug-fedora.config @@ -1442,7 +1442,7 @@ CONFIG_DELL_WMI=m CONFIG_DELL_WMI_PRIVACY=y CONFIG_DELL_WMI_SYSMAN=m CONFIG_DETECT_HUNG_TASK=y -CONFIG_DEV_APPLETALK=m +# CONFIG_DEV_APPLETALK is not set CONFIG_DEV_DAX_CXL=m CONFIG_DEV_DAX_HMEM=m CONFIG_DEV_DAX_KMEM=m diff --git a/kernel-x86_64-fedora.config b/kernel-x86_64-fedora.config index 3b22fee8f..30f3d78f4 100644 --- a/kernel-x86_64-fedora.config +++ b/kernel-x86_64-fedora.config @@ -1432,7 +1432,7 @@ CONFIG_DELL_WMI=m CONFIG_DELL_WMI_PRIVACY=y CONFIG_DELL_WMI_SYSMAN=m # CONFIG_DETECT_HUNG_TASK is not set -CONFIG_DEV_APPLETALK=m +# CONFIG_DEV_APPLETALK is not set CONFIG_DEV_DAX_CXL=m CONFIG_DEV_DAX_HMEM=m CONFIG_DEV_DAX_KMEM=m diff --git a/kernel.spec b/kernel.spec index a3de841c7..a729836e3 100644 --- a/kernel.spec +++ b/kernel.spec @@ -160,18 +160,18 @@ Summary: The Linux kernel # the --with-release option overrides this setting.) %define debugbuildsenabled 1 # define buildid .local -%define specrpmversion 6.5.3 -%define specversion 6.5.3 +%define specrpmversion 6.5.4 +%define specversion 6.5.4 %define patchversion 6.5 %define pkgrelease 300 %define kversion 6 -%define tarfile_release 6.5.3 +%define tarfile_release 6.5.4 # This is needed to do merge window version magic %define patchlevel 5 # This allows pkg_release to have configurable %%{?dist} tag %define specrelease 300%{?buildid}%{?dist} # This defines the kabi tarball version -%define kabiversion 6.5.3 +%define kabiversion 6.5.4 # If this variable is set to 1, a bpf selftests build failure will cause a # fatal kernel package build error @@ -3702,6 +3702,13 @@ fi\ # # %changelog +* Tue Sep 19 2023 Justin M. Forbes [6.5.4-0] +- Add F38 and F37 as release targets (Justin M. Forbes) +- Add NFS bug fix for 6.5.4 (Justin M. Forbes) +- selinux: fix handling of empty opts in selinux_fs_context_submount() (Ondrej Mosnacek) +- Turn off appletalk for fedora (Justin M. Forbes) +- Linux v6.5.4 + * Wed Sep 13 2023 Justin M. Forbes [6.5.3-0] - Revert "misc: rtsx: judge ASPM Mode to set PETXCFG Reg" (Justin M. Forbes) - Config updates for 6.5.3 (Justin M. Forbes) diff --git a/patch-6.5-redhat.patch b/patch-6.5-redhat.patch index f46674d36..0c230ea04 100644 --- a/patch-6.5-redhat.patch +++ b/patch-6.5-redhat.patch @@ -39,10 +39,11 @@ security/lockdown/Kconfig | 13 +++ security/lockdown/lockdown.c | 1 + security/security.c | 12 ++ - 41 files changed, 572 insertions(+), 190 deletions(-) + security/selinux/hooks.c | 10 +- + 42 files changed, 580 insertions(+), 192 deletions(-) diff --git a/Makefile b/Makefile -index 901cdfa5e7d3..8ca0b56a75cc 100644 +index beddccac3283..b7f8a65852ca 100644 --- a/Makefile +++ b/Makefile @@ -22,6 +22,18 @@ $(if $(filter __%, $(MAKECMDGOALS)), \ @@ -1572,3 +1573,30 @@ index 549104a447e3..73670798f075 100644 #ifdef CONFIG_PERF_EVENTS /** * security_perf_event_open() - Check if a perf event open is allowed +diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c +index afd663744041..5c16fe737a27 100644 +--- a/security/selinux/hooks.c ++++ b/security/selinux/hooks.c +@@ -2748,14 +2748,20 @@ static int selinux_umount(struct vfsmount *mnt, int flags) + static int selinux_fs_context_submount(struct fs_context *fc, + struct super_block *reference) + { +- const struct superblock_security_struct *sbsec; ++ const struct superblock_security_struct *sbsec = selinux_superblock(reference); + struct selinux_mnt_opts *opts; + ++ /* ++ * Ensure that fc->security remains NULL when no options are set ++ * as expected by selinux_set_mnt_opts(). ++ */ ++ if (!(sbsec->flags & (FSCONTEXT_MNT|CONTEXT_MNT|DEFCONTEXT_MNT))) ++ return 0; ++ + opts = kzalloc(sizeof(*opts), GFP_KERNEL); + if (!opts) + return -ENOMEM; + +- sbsec = selinux_superblock(reference); + if (sbsec->flags & FSCONTEXT_MNT) + opts->fscontext_sid = sbsec->sid; + if (sbsec->flags & CONTEXT_MNT) diff --git a/sources b/sources index a5292cfed..abff666fe 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-6.5.3.tar.xz) = aa38c189954b3721c08a25e9cd077b4e1d5eb4d51baa3438f3ff7d18c76b28a99a68213a81c4fdf9a3343f0b108e42256fa8307df3fed7b943e938ed6348ac8b -SHA512 (kernel-abi-stablelists-6.5.3.tar.bz2) = ec90c164dd2b0793f5e6310c7d585ccae1a0868f11f52ce33678f980af6777d8af2dbd7578966800ee505e6788b59b41bbb2fdf90c5ba073f3740ec28ddb254d -SHA512 (kernel-kabi-dw-6.5.3.tar.bz2) = 58a0d9aea64f12a138b1d15dc7ad9345588705bb63477714d58db42cbba834d90782687b8e28275feb87e79c6c9f7a2dc10c9c13236cad99fba7f64cfe86e64f +SHA512 (linux-6.5.4.tar.xz) = 2fc0ff554d2a713ddca070a880e9143ceefaaea4261ce54b237ef8861c83c0e8b2d7e1628c54fb763809c68e4dde9c8d21638dab3619974baa7cf24f8a7d76cb +SHA512 (kernel-abi-stablelists-6.5.4.tar.bz2) = addf6cefd1c7330ce013570fd9687d3d33e167b4834c32b748fbbcf111792343875b19252bb40e534d01102225176fc442519312110f06b28e809170434cb7ce +SHA512 (kernel-kabi-dw-6.5.4.tar.bz2) = 9cfc3cfa779336ba19f04b0a0e51cb0abfd4dd49a8b2bf911d50810477d633b35b375903fac449ef703239ce792133de59438ac2e5a6bf5bf0a6061ceac0043b