kernel security, bug fix, and enhancement update

[3.10.0-957.1.3.el7.OL7]

• Oracle Linux certificates (Alexey Petrenko)
• Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_
  key.x509)([email protected])
• Update x509.genkey [bug 24817676]
  [3.10.0-957.1.3.el7]
• [x86] Mark Intel Cascade Lake supported (Steve Best) [1650213 1639980]
  [3.10.0-957.1.2.el7]
• [net] rtnetlink: give a user socket to get_target_net() (Jiri Benc) [1639635 1630694] {CVE-2018-14646}
• [net] Add variants of capable for use on on sockets (Jiri Benc) [1639635 1630694] {CVE-2018-14646}
  [3.10.0-957.1.1.el7]
• [x86] boot: Fix kexec booting failure in the SEV bit detection code (Kairui Song) [1644990 1628828]
• [net] 8021q: create device with all possible features in wanted_features (Davide Caratti) [1644675 1640645]
• [mm] memcontrol: fix high scheduling latency source in mem_cgroup_reparent_charges (Andrea Arcangeli) [1644673 1632898]
• [kernel] cpuset: use trialcs->mems_allowed as a temp variable (Aristeu Rozanski) [1644236 1613248]
• [kernel] cpuset: fix a warning when clearing configured masks in old hierarchy (Aristeu Rozanski) [1644236 1613248]
• [kernel] cpuset: initialize effective masks when clone_children is enabled (Aristeu Rozanski) [1644236 1613248]
• [x86] efi: Only load initrd above 4g on second try (Lenny Szubowicz) [1643359 1608955]
• [x86] efi: Support initrd loaded above 4G (Lenny Szubowicz) [1643359 1608955]
• [x86] efi: Generalize handle_ramdisks() and rename to handle_cmdline_files() (Lenny Szubowicz) [1643359 1608955]
• [kernel] sched/fair: Fix throttle_list starvation with low CFS quota (Phil Auld) [1640675 1601153]
• [target] scsi: iscsi: Use bin2hex instead of a re-implementation (Maurizio Lombardi) [1634711 1627034] {CVE-2018-14633}
• [target] scsi: iscsi: Use hex2bin instead of a re-implementation (Maurizio Lombardi) [1634711 1627034] {CVE-2018-14633}