Unbreakable Enterprise kernel-container security update

[5.4.17-2036.103.3.el7]

• Revert ‘rds: Deregister all FRWR mr with free_mr’ (aru kolappan) [Orabug:
  32426610]
  [5.4.17-2036.103.2.el7]
• A/A Bonding: Fix a one-byte-off kmalloc (Hakon Bugge) [Orabug: 32380824]
• netfilter: add and use nf_hook_slow_list() (Florian Westphal) [Orabug: 32372530] {CVE-2021-20177}
• net/rds: Fix gfp_t parameter (Hans Westgaard Ry) [Orabug: 32372158]
• uek-rpm: Report removed symbols also during kabi check (Somasundaram Krishnasamy) [Orabug: 32380061]
• A/A Bonding: Introduce selective interface name inclusion (Hakon Bugge) [Orabug: 32350974]
• uek-rpm: add nfs_ssc to nano_modules (Calum Mackay) [Orabug: 32346419]
• target: fix XCOPY NAA identifier lookup (David Disseldorp) [Orabug: 32248035] {CVE-2020-28374}
  [5.4.17-2036.103.1.el7]
• mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (Zhang Xiaohui) [Orabug: 32349203] {CVE-2020-36158}
• x86/process: Mark cpu inactive before offlining (Mridula Shastry) [Orabug: 32234812]
• add license checking to kABI checker (Dan Duval) [Orabug: 32355206]
  [5.4.17-2036.103.0.el7]
• lockd: don’t use interval-based rebinding over TCP (Calum Mackay) [Orabug: 32337715]
• tools: update header files in the tools directory (Thomas Tai) [Orabug: 32321484]
• perf: Fix a kABI breakage in perf_event.h (Thomas Tai) [Orabug: 32321484]
• perf/x86: Fix n_metric for cancelled txn (Peter Zijlstra) [Orabug: 32321484]
• perf/x86: Fix n_pair for cancelled txn (Peter Zijlstra) [Orabug: 32321484]
• perf/x86/intel: Check perf metrics feature for each CPU (Kan Liang) [Orabug: 32321484]
• perf/x86/intel: Support per-thread RDPMC TopDown metrics (Kan Liang) [Orabug: 32321484]
• perf/x86/intel: Support TopDown metrics on Ice Lake (Kan Liang) [Orabug: 32321484]
• perf/x86: Use event_base_rdpmc for the RDPMC userspace support (Kan Liang) [Orabug: 32321484]
• perf/x86: Add a macro for RDPMC offset of fixed counters (Kan Liang) [Orabug: 32321484]
• perf/x86/intel: Generic support for hardware TopDown metrics (Kan Liang) [Orabug: 32321484]
• perf/core: Add a new PERF_EV_CAP_SIBLING event capability (Kan Liang) [Orabug: 32321484]
• perf/core: Unify {pinned,flexible}_sched_in() (Peter Zijlstra) [Orabug: 32321484]
• perf/x86/intel: Use switch in intel_pmu_disable/enable_event (Kan Liang) [Orabug: 32321484]
• perf/x86: Keep LBR records unchanged in host context for guest usage (Like Xu) [Orabug: 32321484]
• perf/x86/intel: Fix the name of perf METRICS (Kan Liang) [Orabug: 32321484]
• perf/x86/intel: Move BTS index to 47 (Kan Liang) [Orabug: 32321484]
• perf/x86/intel: Introduce the fourth fixed counter (Kan Liang) [Orabug: 32321484]
• perf/x86/intel: Name the global status bit in NMI handler (Kan Liang) [Orabug: 32321484]
• perf/x86: Add constraint to create guest LBR event without hw counter (Like Xu) [Orabug: 32321484]
• perf/x86/lbr: Add interface to get LBR information (Like Xu) [Orabug: 32321484]
• perf/x86/core: Refactor hw->idx checks and cleanup (Like Xu) [Orabug: 32321484]
• perf/x86/intel: Avoid unnecessary PEBS_ENABLE MSR access in PMI (Kan Liang) [Orabug: 32321484]
• perf/x86: Provide stubs of KVM helpers for non-Intel CPUs (Sean Christopherson) [Orabug: 32321484]
• partitions/efi: Enable no warning option for the GPT warnings related to alternative header (Saeed Mirzamohammadi) [Orabug: 32302136]
• Revert ‘cpu/hotplug: avoid race between cpuset_hotplug_workfn and later hotplug’ (Daniel Jordan) [Orabug: 32295229]
• cpuset: fix race between hotplug work and later CPU offline (Daniel Jordan) [Orabug: 32295229]
• uek-rpm: aarch64: update PMU configs for Altra (Dave Kleikamp) [Orabug: 32290034]
• driver/perf: Add PMU driver for the ARM DMC-620 memory controller (Tuan Phan) [Orabug: 32290034]
• perf: arm-cmn: Fix conversion specifiers for node type (Will Deacon) [Orabug: 32290034]
• perf: arm-cmn: Fix unsigned comparison to less than zero (Will Deacon) [Orabug: 32290034]
• perf: Add Arm CMN-600 PMU driver (Robin Murphy) [Orabug: 32290034]
• perf: Add Arm CMN-600 DT binding (Robin Murphy) [Orabug: 32290034]
• perf: arm_dsu: Support DSU ACPI devices (Tuan Phan) [Orabug: 32290034]
• arm64: acpi: Make apei_claim_sea() synchronise with APEI’s irq work (James Morse) [Orabug: 32290034]
• ACPI: APEI: Kick the memory_failure() queue for synchronous errors (James Morse) [Orabug: 32290034]
• iommu/arm-smmu-v3: Don’t reserve implementation defined register space (Jean-Philippe Brucker) [Orabug: 32290034]
• Revert ‘BACKPORT: perf: Add Arm CMN-600 DT binding’ (Dave Kleikamp) [Orabug: 32290034]
• Revert ‘BACKPORT: WIP: perf: Add Arm CMN-600 PMU driver’ (Dave Kleikamp) [Orabug: 32290034]
• Revert ‘BACKPORT: WIP: perf/arm-cmn: Add ACPI support’ (Dave Kleikamp) [Orabug: 32290034]
• Revert ‘perf: Add ARM DMC-620 PMU driver.’ (Dave Kleikamp) [Orabug: 32290034]
• Revert ‘BACKPORT: ACPI / APEI: Kick the memory_failure() queue for synchronous errors’ (Dave Kleikamp) [Orabug: 32290034]
• Revert ‘BACKPORT: arm64: acpi: Make apei_claim_sea() synchronise with APEI’s irq work’ (Dave Kleikamp) [Orabug: 32290034]
• Revert ‘Perf: arm-cmn: Allow irq to be shared.’ (Dave Kleikamp) [Orabug: 32290034]
• Revert ‘perf: arm_cmn: improve and make it work on 2P.’ (Dave Kleikamp) [Orabug: 32290034]
• Revert ‘perf: arm_dsu: Allow IRQ to be shared among devices.’ (Dave Kleikamp) [Orabug: 32290034]
• Revert ‘perf: arm_dsu: Support ACPI mode.’ (Dave Kleikamp) [Orabug: 32290034]
• Revert ‘perf: arm_dmc620: Update ACPI ID.’ (Dave Kleikamp) [Orabug: 32290034]
• Revert ‘perf: avoid breaking KABI by reusing enum’ (Dave Kleikamp) [Orabug: 32290034]
• Revert ‘perf/smmuv3: Allow sharing MMIO registers with the SMMU driver’ (Dave Kleikamp) [Orabug: 32290034]
• tty: Fix ->session locking (Jann Horn) [Orabug: 32266677] {CVE-2020-29660}
• tty: Fix ->pgrp locking in tiocspgrp() (Jann Horn) [Orabug: 32266677] {CVE-2020-29660}
• xen-blkback: set ring->xenblkd to NULL after kthread_stop() (Pawel Wieczorkiewicz) [Orabug: 32260252] {CVE-2020-29569}
• xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
• xen/xenbus: Count pending messages for each watch (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
• xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
• xen/xenbus: Add ‘will_handle’ callback support in xenbus_watch_path() (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
• xen/xenbus: Allow watches discard events before queueing (SeongJae Park) [Orabug: 32253409] {CVE-2020-29568}
• KVM: x86: clflushopt should be treated as a no-op by emulation (David Edmondson) [Orabug: 32251910]