kernel security, bug fix, and enhancement update

[4.18.0-240.22.1_3.OL8]

• Update Oracle Linux certificates (Kevin Lyons)
• Disable signing for aarch64 (Ilya Okomin)
• Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
• Update x509.genkey [Orabug: 24817676]
• Conflict with shim-ia32 and shim-x64 <= 15-11.0.5
  [4.18.0-240.22.1_3]
• futex: Handle faults correctly for PI futexes (Waiman Long) [1924633 1924635] {CVE-2021-3347}
• futex: Simplify fixup_pi_state_owner() (Waiman Long) [1924633 1924635] {CVE-2021-3347}
• futex: Use pi_state_update_owner() in put_pi_state() (Waiman Long) [1924633 1924635] {CVE-2021-3347}
• futex: Provide and use pi_state_update_owner() (Waiman Long) [1924633 1924635] {CVE-2021-3347}
• rtmutex: Remove unused argument from rt_mutex_proxy_unlock() (Waiman Long) [1924633 1924635] {CVE-2021-3347}
• futex: Replace pointless printk in fixup_owner() (Waiman Long) [1924633 1924635] {CVE-2021-3347}
• futex: Ensure the correct return value from futex_lock_pi() (Waiman Long) [1924633 1924635] {CVE-2021-3347}
• futex: Don’t enable IRQs unconditionally in put_pi_state() (Waiman Long) [1924633 1924635] {CVE-2021-3347}
• futex: Fix incorrect should_fail_futex() handling (Waiman Long) [1924633 1924635] {CVE-2021-3347}
• futex: Consistently use fshared as boolean (Waiman Long) [1924633 1924635] {CVE-2021-3347}
• futex: Remove needless goto’s (Waiman Long) [1924633 1924635] {CVE-2021-3347}
• futex: Remove put_futex_key() (Waiman Long) [1924633 1924635] {CVE-2021-3347}
• scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [1930832 1930833] {CVE-2021-27364}
• scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [1930855 1930856] {CVE-2021-27365}
• scsi: iscsi: Restrict sessions and handles to admin capabilities (Chris Leech) [1940423 1930809] {CVE-2021-27363}
  [4.18.0-240.21.1_3]
• KVM: x86: Allow guests to see MSR_IA32_TSX_CTRL even if tsx=off (Paolo Bonzini) [1939013 1912448]
• gfs2: Fix deadlock between gfs2_{create_inode, inode_lookup} and delete_work_func (Andreas Gruenbacher) [1937109 1903190]
• gfs2: Don’t call cancel_delayed_work_sync from within delete work function (Andreas Gruenbacher) [1937109 1903190]
• gfs2: Only access gl_delete for iopen glocks (Andreas Gruenbacher) [1937109 1903190]
• gfs2: Don’t sleep during glock hash walk (Andreas Gruenbacher) [1937109 1903190]
• [netdrv] net/mlx5e: Add missing set of destination vport flags in termtbl create (Alaa Hleihel) [1924689 1851700]
• [tools] tools arch x86: Sync asm/cpufeatures.h with the kernel sources (David Arcari) [1929740 1916478]
• [x86] x86/cpu/amd: Call init_amd_zn() om Family 19h processors too (David Arcari) [1929740 1916478]
  [4.18.0-240.20.1_3]
• fix regression in ‘epoll: Keep a reference on files added to the check list’ (Carlos Maiolino) [1920775 1920776] {CVE-2020-0466}
• do_epoll_ctl(): clean the failure exits up a bit (Carlos Maiolino) [1920775 1920776] {CVE-2020-0466}
• epoll: Keep a reference on files added to the check list (Carlos Maiolino) [1920775 1920776] {CVE-2020-0466}
• [kernel] sched/features: Distinguish between NORMAL and DEADLINE hrtick (Juri Lelli) [1930735 1912118]
• [kernel] sched/features: Fix hrtick reprogramming (Juri Lelli) [1930735 1912118]
• iommu/vt-d: Don’t dereference iommu_device if IOMMU_API is not built (Vitaly Kuznetsov) [1932199 1887216]
• iommu/vt-d: Gracefully handle DMAR units with no supported address widths (Vitaly Kuznetsov) [1932199 1887216]
• iommu/vt-d: Skip TE disabling on quirky gfx dedicated iommu (Vitaly Kuznetsov) [1932199 1887216]
• net/vmw_vsock: fix NULL pointer dereference (Jon Maloy) [1925599 1925600] {CVE-2021-26708}
• net/vmw_vsock: improve locking in vsock_connect_timeout() (Jon Maloy) [1925599 1925600] {CVE-2021-26708}
• vsock: fix locking in vsock_shutdown() (Jon Maloy) [1925599 1925600] {CVE-2021-26708}
• vsock: fix the race conditions in multi-transport support (Jon Maloy) [1925599 1925600] {CVE-2021-26708}
• [base] mm: don’t panic when links can’t be created in sysfs (Baoquan He) [1930168 1890171]
• mm: don’t rely on system state to detect hot-plug operations (Baoquan He) [1930168 1890171]
• mm: replace memmap_context by meminit_context (Baoquan He) [1930168 1890171]
• [tools] kvm: nvmx: check for invalid hdr.vmx.flags (Paolo Bonzini) [1923281 1904128]
• [x86] kvm: nvmx: check for required but missing VMCS12 in KVM_SET_NESTED_STATE (Paolo Bonzini) [1923281 1904128]
• [tools] selftests: kvm: do not set guest mode flag (Paolo Bonzini) [1923281 1904128]
• [x86] kvm: x86: fix CPUID entries returned by KVM_GET_CPUID2 ioctl (Paolo Bonzini) [1923281 1904128]
• [x86] kvm: svm: Fix offset computation bug in __sev_dbg_decrypt() (Paolo Bonzini) [1923281 1904128]
• [x86] kvm: nvmx: Sync unsync’d vmcs02 state to vmcs12 on migration (Paolo Bonzini) [1923281 1904128]
• [x86] kvm: x86: get smi pending status correctly (Paolo Bonzini) [1923281 1904128]
• [x86] kvm: x86/pmu: Fix HW_REF_CPU_CYCLES event pseudo-encoding in intel_arch_events[] (Paolo Bonzini) [1923281 1904128]
• [x86] kvm: x86/pmu: Fix UBSAN shift-out-of-bounds warning in intel_pmu_refresh() (Paolo Bonzini) [1923281 1904128]
• [x86] kvm: x86: Add more protection against undefined behavior in rsvd_bits() (Paolo Bonzini) [1923281 1904128]
• [documentation] kvm: Forbid the use of tagged userspace addresses for memslots (Paolo Bonzini) [1923281 1904128]
• [x86] kvm: x86: allow KVM_REQ_GET_NESTED_STATE_PAGES outside guest mode for VMX (Paolo Bonzini) [1923281 1904128]
• [x86] kvm: nsvm: cancel KVM_REQ_GET_NESTED_STATE_PAGES on nested vmexit (Paolo Bonzini) [1923281 1904128]
• [x86] kvm: nsvm: mark vmcb as dirty when forcingly leaving the guest mode (Paolo Bonzini) [1923281 1904128]
• [x86] kvm: nsvm: correctly restore nested_run_pending on migration (Paolo Bonzini) [1923281 1904128]
• [x86] kvm: x86: fix shift out of bounds reported by UBSAN (Paolo Bonzini) [1923281 1904128]
• [x86] kvm: x86: reinstate vendor-agnostic check on SPEC_CTRL cpuid bits (Paolo Bonzini) [1923281 1904128]
• [target] scsi: target: Fix XCOPY NAA identifier lookup (Maurizio Lombardi) [1900462 1900463] {CVE-2020-28374}
• scsi: qla2xxx: Fix mailbox Ch erroneous error (Nilesh Javali) [1924222 1894578]
• [net] fix iteration for sctp transport seq_files (Xin Long) [1927521 1916824]
• [scsi] scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported (Dick Kennedy) [1927921 1887549]
• [mm] mm, oom: remove oom_lock from oom_reaper (Waiman Long) [1929738 1873759]
  [4.18.0-240.19.1_3]
• audit: trigger accompanying records when no rules present (Richard Guy Briggs) [1907520 1896480]
• revert: 1320a4052ea1 (‘audit: trigger accompanying records when no rules present’) (Richard Guy Briggs) [1907520 1896480]
• audit: issue CWD record to accompany LSM_AUDIT_DATA_* records (Richard Guy Briggs) [1907520 1896480]
• audit: remove unused !CONFIG_AUDITSYSCALL __audit_inode* stubs (Richard Guy Briggs) [1907520 1896480]
• redhat: use tags from git notes for zstream to generate changelog (Frantisek Hrbata)
  [4.18.0-240.18.1_3]
• [scsi] scsi: fnic: Do not call ‘scsi_done()’ for unhandled commands (Govindarajulu Varadarajan) [1925186 1870397]
• [target] scsi: target: iscsi: Fix cmd abort fabric stop race (Maurizio Lombardi) [1918354 1908215]
• [target] scsi: target: Modify core_tmr_abort_task() (Maurizio Lombardi) [1918363 1880395]
• [s390] s390/crypto: add arch_get_random_long() support (Vladis Dronov) [1915816 1904274]
  [4.18.0-240.17.1_3]
• [mm] mm/slub: fix panic in slab_alloc_node() (Oleksandr Natalenko) [1925511 1921056]
• [s390] s390/early: improve machine detection (Claudio Imbrenda) [1925508 1896307]
• [infiniband] RDMA/umem: Prevent small pages from being returned by ib_umem_find_best_pgsz() (Kamal Heib) [1924691 1903992]
  [4.18.0-240.16.1_3]
• [netdrv] net/mlx5e: Fix using wrong stats_grps in mlx5e_update_ndo_stats() (Alaa Hleihel) [1921060 1870593]
• [net] tcp: Fix potential use-after-free due to double kfree() (Florian Westphal) [1915529 1915164]
• [net] tcp: fix race condition when creating child sockets from syncookies (Florian Westphal) [1915529 1915164]
• [x86] kvm: ioapic: break infinite recursion on lazy EOI (Vitaly Kuznetsov) [1906438 1882793]