Unbreakable Enterprise kernel-container security update


[4.14.35-2047.517.3.el7] - KVM: x86: use raw clock values consistently (Paolo Bonzini) [Orabug: 34575637] - KVM: x86: reorganize pvclock_gtod_data members (Paolo Bonzini) [Orabug: 34575637] - KVM: x86: switch KVMCLOCK base to monotonic raw clock (Marcelo Tosatti) [Orabug: 34575637] [4.14.35-2047.517.2.el7] - kernfs: Replace global kernfs_open_file_mutex with hashed mutexes. (Imran Khan) [Orabug: 34476942] - kernfs: Introduce interface to access global kernfs_open_file_mutex. (Imran Khan) [Orabug: 34476942] - kernfs: make ->attr.open RCU protected. (Imran Khan) [Orabug: 34476942] - kernfs: Rename kernfs_put_open_node to kernfs_unlink_open_file. (Imran Khan) [Orabug: 34476942] - kernfs: Remove reference counting for kernfs_open_node. (Imran Khan) [Orabug: 34476942] - scsi: target: Fix WRITE_SAME No Data Buffer crash (Mike Christie) [Orabug: 34419972] {CVE-2022-21546} - rds/rdma: destroy CQs during user initiated rds connection resets (Rohit Nair) [Orabug: 34414240] - rds: copy_from_user only once per rds_sendmsg system call (Hans Westgaard Ry) [Orabug: 34510858] {CVE-2022-21385} [4.14.35-2047.517.1.el7] - net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34480752] {CVE-2022-2588} - Restore 'module, async: async_synchronize_full() on module init iff async is used' (Mridula Shastry) [Orabug: 34469834] - net/rds: Replace #ifdef DEBUG with CONFIG_SLUB_DEBUG (Freddy Carrillo) [Orabug: 34405766] - ext4: Move to shared i_rwsem even without dioread_nolock mount opt (Ritesh Harjani) [Orabug: 34295843] - ext4: Start with shared i_rwsem in case of DIO instead of exclusive (Ritesh Harjani) [Orabug: 34295843] - ext4: further refactoring bufferio and dio helper (Junxiao Bi) [Orabug: 34295843] - ext4: refactor ext4_file_write_iter (Junxiao Bi) [Orabug: 34295843] - xen/manage: Use orderly_reboot() to reboot (Ross Lagerwall) [Orabug: 34211118] - xen/manage: revert 'xen/manage: enable C_A_D to force reboot' (Dongli Zhang) [Orabug: 34211118] - Linux 4.14.288 (Greg Kroah-Hartman) - dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate (Miaoqian Lin) - dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate (Miaoqian Lin) - dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly (Michael Walle) - ida: don't use BUG_ON() for debugging (Linus Torvalds) - i2c: cadence: Unregister the clk notifier in error path (Satish Nagireddy) - pinctrl: sunxi: a83t: Fix NAND function name for some pins (Samuel Holland) - xfs: remove incorrect ASSERT in xfs_rename (Eric Sandeen) - powerpc/powernv: delay rng platform device creation until later in boot (Jason A. Donenfeld) - video: of_display_timing.h: include errno.h (Hsin-Yi Wang) - fbcon: Disallow setting font bigger than screen size (Helge Deller) - iommu/vt-d: Fix PCI bus rescan device hot add (Yian Chen) - net: rose: fix UAF bug caused by rose_t0timer_expiry (Duoming Zhou) - usbnet: fix memory leak in error case (Oliver Neukum) - can: gs_usb: gs_usb_open/close(): fix memory leak (Rhett Aultman) - can: grcan: grcan_probe(): remove extra of_node_get() (Liang He) - mm/slub: add missing TID updates on slab deactivation (Jann Horn) - esp: limit skb_page_frag_refill use to a single page (Sabrina Dubroca) - Linux 4.14.287 (Greg Kroah-Hartman) - xen/gntdev: Avoid blocking in unmap_grant_pages() (Demi Marie Obenour) - net: usb: qmi_wwan: add Telit 0x1070 composition (Daniele Palmas) - net: usb: qmi_wwan: add Telit 0x1060 composition (Carlo Lobrano) - xen/arm: Fix race in RB-tree based P2M accounting (Oleksandr Tyshchenko) {CVE-2022-33744} - net: Rename and export copy_skb_header (Ilya Lesokhin) - ipv6/sit: fix ipip6_tunnel_get_prl return value (katrinzhou) - sit: use min (kernel test robot) - hwmon: (ibmaem) don't call platform_device_del() if platform_device_add() fails (Yang Yingliang) - NFC: nxp-nci: Don't issue a zero length i2c_master_read() (Michael Walle) - nfc: nfcmrvl: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) - net: bonding: fix use-after-free after 802.3ad slave unbind (Yevhen Orlov) - net: bonding: fix possible NULL deref in rlb code (Eric Dumazet) - netfilter: nft_dynset: restore set element counter when failing to update (Pablo Neira Ayuso) - caif_virtio: fix race between virtio_device_ready() and ndo_open() (Jason Wang) - net: ipv6: unexport __init-annotated seg6_hmac_net_init() (YueHaibing) - usbnet: fix memory allocation in helpers (Oliver Neukum) - RDMA/qedr: Fix reporting QP timeout attribute (Kamal Heib) - net: usb: ax88179_178a: Fix packet receiving (Jose Alonso) - net: rose: fix UAF bugs caused by timer handler (Duoming Zhou) - SUNRPC: Fix READ_PLUS crasher (Chuck Lever) - s390/archrandom: simplify back to earlier design and initialize earlier (Jason A. Donenfeld) - dm raid: fix KASAN warning in raid5_add_disks (Mikulas Patocka) - dm raid: fix accesses beyond end of raid member array (Heinz Mauelshagen) - nvdimm: Fix badblocks clear off-by-one error (Chris Ye) - Linux 4.14.286 (Greg Kroah-Hartman) - swiotlb: skip swiotlb_bounce when orig_addr is zero (Liu Shixin) - kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add] (Naveen N. Rao) - fdt: Update CRC check for rng-seed (Hsin-Yi Wang) - xen: unexport __init-annotated xen_xlate_map_ballooned_pages() (Masahiro Yamada) - drm: remove drm_fb_helper_modinit (Christoph Hellwig) - powerpc/pseries: wire up rng during setup_arch() (Jason A. Donenfeld) - modpost: fix section mismatch check for exported init/exit sections (Masahiro Yamada) - ARM: cns3xxx: Fix refcount leak in cns3xxx_init (Miaoqian Lin) - ARM: Fix refcount leak in axxia_boot_secondary (Miaoqian Lin) - ARM: exynos: Fix refcount leak in exynos_map_pmu (Miaoqian Lin) - ARM: dts: imx6qdl: correct PU regulator ramp delay (Lucas Stach) - powerpc/powernv: wire up rng during setup_arch (Jason A. Donenfeld) - powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address (Andrew Donnellan) - powerpc: Enable execve syscall exit tracepoint (Naveen N. Rao) - xtensa: Fix refcount leak bug in time.c (Liang He) - xtensa: xtfpga: Fix refcount leak bug in setup (Liang He) - iio: adc: axp288: Override TS pin bias current for some models (Hans de Goede) - iio: trigger: sysfs: fix use-after-free on remove (Vincent Whitchurch) - iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up() (Zheyu Ma) - iio: accel: mma8452: ignore the return value of reset operation (Haibo Chen) - iio:accel:bma180: rearrange iio trigger get and register (Dmitry Rokosov) - usb: chipidea: udc: check request status before setting device address (Xu Yang) - iio: adc: vf610: fix conversion mode sysfs node name (Baruch Siach) - igb: Make DMA faster when CPU is active on the PCIe link (Kai-Heng Feng) - MIPS: Remove repetitive increase irq_err_count (huhai) - x86/xen: Remove undefined behavior in setup_features() (Julien Grall) - bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers (Jay Vosburgh) - USB: serial: option: add Quectel RM500K module support (Macpaul Lin) - USB: serial: option: add Quectel EM05-G modem (Yonglin Tan) - USB: serial: option: add Telit LE910Cx 0x1250 composition (Carlo Lobrano) - random: quiet urandom warning ratelimit suppression message (Jason A. Donenfeld) - dm era: commit metadata in postsuspend after worker stops (Nikos Tsironis) - ata: libata: add qc->flags in ata_qc_complete_template tracepoint (Edward Wu) - random: schedule mix_interrupt_randomness() less often (Jason A. Donenfeld) - vt: drop old FONT ioctls (Jiri Slaby) - Linux 4.14.285 (Greg Kroah-Hartman) - tcp: drop the hash_32() part from the index calculation (Willy Tarreau) - tcp: increase source port perturb table to 2^16 (Willy Tarreau) - tcp: dynamically allocate the perturb table used by source ports (Willy Tarreau) - tcp: add small random increments to the source port (Willy Tarreau) - tcp: use different parts of the port_offset for index and offset (Willy Tarreau) - tcp: add some entropy in __inet_hash_connect() (Eric Dumazet) - xprtrdma: fix incorrect header size calculations (Colin Ian King) - usb: gadget: u_ether: fix regression in setting fixed MAC address (Marian Postevca) - s390/mm: use non-quiescing sske for KVM switch to keyed guest (Christian Borntraeger) - virtio-pci: Remove wrong address verification in vp_del_vqs() (Murilo Opsfelder Araujo) - ext4: add reserved GDT blocks check (Zhang Yi) - ext4: make variable 'count' signed (Ding Xiang) - ext4: fix bug_on ext4_mb_use_inode_pa (Baokun Li) - serial: 8250: Store to lsr_save_flags after lsr read (Ilpo Jarvinen) - usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe (Miaoqian Lin) - usb: dwc2: Fix memory leak in dwc2_hcd_init (Miaoqian Lin) - USB: serial: io_ti: add Agilent E5805A support (Robert Eckelmann) - USB: serial: option: add support for Cinterion MV31 with new baseline (Slark Xiao) - comedi: vmk80xx: fix expression for tx buffer size (Ian Abbott) - irqchip/gic/realview: Fix refcount leak in realview_gic_of_init (Miaoqian Lin) - certs/blacklist_hashes.c: fix const confusion in certs blacklist (Masahiro Yamada) - arm64: ftrace: fix branch range checks (Mark Rutland) - net: bgmac: Fix an erroneous kfree() in bgmac_remove() (Christophe JAILLET) - misc: atmel-ssc: Fix IRQ check in ssc_probe (Miaoqian Lin) - tty: goldfish: Fix free_irq() on remove (Vincent Whitchurch) - i40e: Fix call trace in setup_tx_descriptors (Aleksandr Loktionov) - pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE (Trond Myklebust) - random: credit cpu and bootloader seeds by default (Jason A. Donenfeld) - net: ethernet: mtk_eth_soc: fix misuse of mem alloc interface netdev[napi]_alloc_frag (Chen Lin) - ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg (Wang Yufen) - nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred (Xiaohui Zhang) - virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed (chengkaitao) - scsi: pmcraid: Fix missing resource cleanup in error case (Chengguang Xu) - scsi: ipr: Fix missing/incorrect resource cleanup in error case (Chengguang Xu) - scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology (James Smart) - scsi: vmw_pvscsi: Expand vcpuHint to 16 bits (Wentao Wang) - ASoC: wm8962: Fix suspend while playing music (Adam Ford) - ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() (Sergey Shtylyov) - ASoC: cs42l56: Correct typo in minimum level for SX volume controls (Charles Keepax) - ASoC: cs42l52: Correct TLV for Bypass Volume (Charles Keepax) - ASoC: cs53l30: Correct number of volume levels on SX controls (Charles Keepax) - ASoC: cs42l52: Fix TLV scales for mixer controls (Charles Keepax) - random: account for arch randomness in bits (Jason A. Donenfeld) - random: mark bootloader randomness code as __init (Jason A. Donenfeld) - random: avoid checking crng_ready() twice in random_init() (Jason A. Donenfeld) - crypto: drbg - make reseeding from get_random_bytes() synchronous (Nicolai Stange) - crypto: drbg - always try to free Jitter RNG instance (Stephan Muller) - crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed() (Nicolai Stange) - crypto: drbg - track whether DRBG was seeded with !rng_is_initialized() (Nicolai Stange) - crypto: drbg - prepare for more fine-grained tracking of seeding state (Nicolai Stange) - crypto: drbg - always seeded with SP800-90B compliant noise source (Stephan Muller) - crypto: drbg - add FIPS 140-2 CTRNG for noise source (Stephan Mueller) - Revert 'random: use static branch for crng_ready()' (Jason A. Donenfeld) - random: check for signals after page of pool writes (Jason A. Donenfeld) - random: wire up fops->splice_{read,write}_iter() (Jens Axboe) - random: convert to using fops->write_iter() (Jens Axboe) - random: move randomize_page() into mm where it belongs (Jason A. Donenfeld) - random: move initialization functions out of hot pages (Jason A. Donenfeld) - random: use proper jiffies comparison macro (Jason A. Donenfeld) - random: use symbolic constants for crng_init states (Jason A. Donenfeld) - siphash: use one source of truth for siphash permutations (Jason A. Donenfeld) - random: help compiler out with fast_mix() by using simpler arguments (Jason A. Donenfeld) - random: do not use input pool from hard IRQs (Saeed Mirzamohammadi) - random: order timer entropy functions below interrupt functions (Jason A. Donenfeld) - random: do not pretend to handle premature next security model (Jason A. Donenfeld) - random: do not use batches when !crng_ready() (Jason A. Donenfeld) - random: insist on random_get_entropy() existing in order to simplify (Jason A. Donenfeld) - xtensa: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) - sparc: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) - um: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) - x86/tsc: Use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) - nios2: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) - arm: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) - mips: use fallback for random_get_entropy() instead of just c0 random (Jason A. Donenfeld) - m68k: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) - timekeeping: Add raw clock fallback for random_get_entropy() (Jason A. Donenfeld) - powerpc: define get_cycles macro for arch-override (Jason A. Donenfeld) - alpha: define get_cycles macro for arch-override (Jason A. Donenfeld) - parisc: define get_cycles macro for arch-override (Jason A. Donenfeld) - s390: define get_cycles macro for arch-override (Jason A. Donenfeld) - ia64: define get_cycles macro for arch-override (Jason A. Donenfeld) - init: call time_init() before rand_initialize() (Jason A. Donenfeld) - random: fix sysctl documentation nits (Jason A. Donenfeld) - random: document crng_fast_key_erasure() destination possibility (Jason A. Donenfeld) - random: make random_get_entropy() return an unsigned long (Jason A. Donenfeld) - random: check for signals every PAGE_SIZE chunk of /dev/[u]random (Jason A. Donenfeld) - random: check for signal_pending() outside of need_resched() check (Jann Horn) - random: do not allow user to keep crng key around on stack (Jason A. Donenfeld) - random: do not split fast init input in add_hwgenerator_randomness() (Jan Varho) - random: mix build-time latent entropy into pool at init (Jason A. Donenfeld) - random: re-add removed comment about get_random_{u32,u64} reseeding (Jason A. Donenfeld) - random: treat bootloader trust toggle the same way as cpu trust toggle (Jason A. Donenfeld) - random: skip fast_init if hwrng provides large chunk of entropy (Jason A. Donenfeld) - random: check for signal and try earlier when generating entropy (Jason A. Donenfeld) - random: reseed more often immediately after booting (Jason A. Donenfeld) - random: make consistent usage of crng_ready() (Jason A. Donenfeld) - random: use SipHash as interrupt entropy accumulator (Jason A. Donenfeld) - random: replace custom notifier chain with standard one (Jason A. Donenfeld) - random: don't let 644 read-only sysctls be written to (Jason A. Donenfeld) - random: give sysctl_random_min_urandom_seed a more sensible value (Jason A. Donenfeld) - random: do crng pre-init loading in worker rather than irq (Jason A. Donenfeld) - random: unify cycles_t and jiffies usage and types (Jason A. Donenfeld) - random: cleanup UUID handling (Jason A. Donenfeld) - random: only wake up writers after zap if threshold was passed (Jason A. Donenfeld) - random: round-robin registers as ulong, not u32 (Jason A. Donenfeld) - random: pull add_hwgenerator_randomness() declaration into random.h (Jason A. Donenfeld) - random: check for crng_init == 0 in add_device_randomness() (Jason A. Donenfeld) - random: unify early init crng load accounting (Jason A. Donenfeld) - random: do not take pool spinlock at boot (Jason A. Donenfeld) - random: defer fast pool mixing to worker (Jason A. Donenfeld) - random: rewrite header introductory comment (Jason A. Donenfeld) - random: group sysctl functions (Jason A. Donenfeld) - random: group userspace read/write functions (Jason A. Donenfeld) - random: group entropy collection functions (Jason A. Donenfeld) - random: group entropy extraction functions (Jason A. Donenfeld) - random: remove useless header comment (Jason A. Donenfeld) - random: introduce drain_entropy() helper to declutter crng_reseed() (Jason A. Donenfeld) - random: deobfuscate irq u32/u64 contributions (Jason A. Donenfeld) - random: add proper SPDX header (Jason A. Donenfeld) - random: remove unused tracepoints (Jason A. Donenfeld) - random: remove ifdef'd out interrupt bench (Jason A. Donenfeld) - random: tie batched entropy generation to base_crng generation (Jason A. Donenfeld) - random: zero buffer after reading entropy from userspace (Jason A. Donenfeld) - random: remove outdated INT_MAX >> 6 check in urandom_read() (Jason A. Donenfeld) - random: use hash function for crng_slow_load() (Jason A. Donenfeld) - random: absorb fast pool into input pool after fast load (Jason A. Donenfeld) - random: do not xor RDRAND when writing into /dev/random (Jason A. Donenfeld) - random: ensure early RDSEED goes through mixer on init (Jason A. Donenfeld) - random: inline leaves of rand_initialize() (Jason A. Donenfeld) - random: use RDSEED instead of RDRAND in entropy extraction (Jason A. Donenfeld) - random: fix locking in crng_fast_load() (Dominik Brodowski) - random: remove batched entropy locking (Jason A. Donenfeld) - random: remove use_input_pool parameter from crng_reseed() (Eric Biggers) - random: make credit_entropy_bits() always safe (Jason A. Donenfeld) - random: always wake up entropy writers after extraction (Jason A. Donenfeld) - random: use linear min-entropy accumulation crediting (Jason A. Donenfeld) - random: simplify entropy debiting (Jason A. Donenfeld) - random: use computational hash for entropy extraction (Jason A. Donenfeld) - random: only call crng_finalize_init() for primary_crng (Dominik Brodowski) - random: access primary_pool directly rather than through pointer (Dominik Brodowski) - random: continually use hwgenerator randomness (Dominik Brodowski) - random: simplify arithmetic function flow in account() (Jason A. Donenfeld) - random: access input_pool_data directly rather than through pointer (Jason A. Donenfeld) - random: cleanup fractional entropy shift constants (Jason A. Donenfeld) - random: prepend remaining pool constants with POOL_ (Jason A. Donenfeld) - random: de-duplicate INPUT_POOL constants (Jason A. Donenfeld) - random: remove unused OUTPUT_POOL constants (Jason A. Donenfeld) - random: rather than entropy_store abstraction, use global (Jason A. Donenfeld) - random: try to actively add entropy rather than passively wait for it (Linus Torvalds) - random: remove unused extract_entropy() reserved argument (Jason A. Donenfeld) - random: remove incomplete last_data logic (Jason A. Donenfeld) - random: cleanup integer types (Jason A. Donenfeld) - crypto: chacha20 - Fix chacha20_block() keystream alignment (again) (Eric Biggers) - random: cleanup poolinfo abstraction (Jason A. Donenfeld) - random: fix typo in comments (Schspa Shi) - random: don't reset crng_init_cnt on urandom_read() (Jann Horn) - random: avoid superfluous call to RDRAND in CRNG extraction (Jason A. Donenfeld) - random: early initialization of ChaCha constants (Dominik Brodowski) - random: initialize ChaCha20 constants with correct endianness (Eric Biggers) - random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs (Jason A. Donenfeld) - random: harmonize 'crng init done' messages (Dominik Brodowski) - random: mix bootloader randomness into pool (Jason A. Donenfeld) - random: do not re-init if crng_reseed completes before primary init (Jason A. Donenfeld) - random: do not sign extend bytes for rotation when mixing (Jason A. Donenfeld) - random: use BLAKE2s instead of SHA1 in extraction (Jason A. Donenfeld) - random: remove unused irq_flags argument from add_interrupt_randomness() (Saeed Mirzamohammadi) - random: document add_hwgenerator_randomness() with other input functions (Mark Brown) - crypto: blake2s - adjust include guard naming (Eric Biggers) - crypto: blake2s - include instead of (Eric Biggers) - MAINTAINERS: co-maintain random.c (Jason A. Donenfeld) - random: remove dead code left over from blocking pool (Eric Biggers) - random: avoid arch_get_random_seed_long() when collecting IRQ randomness (Ard Biesheuvel) - random: add arch_get_random_*long_early() (Mark Rutland) - powerpc: Use bool in archrandom.h (Richard Henderson) - linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check (Richard Henderson) - linux/random.h: Use false with bool (Richard Henderson) - linux/random.h: Remove arch_has_random, arch_has_random_seed (Richard Henderson) - s390: Remove arch_has_random, arch_has_random_seed (Richard Henderson) - powerpc: Remove arch_has_random, arch_has_random_seed (Richard Henderson) - x86: Remove arch_has_random, arch_has_random_seed (Richard Henderson) - random: avoid warnings for !CONFIG_NUMA builds (Mark Rutland) - random: split primary/secondary crng init paths (Mark Rutland) - random: remove some dead code of poolinfo (Yangtao Li) - random: fix typo in add_timer_randomness() (Yangtao Li) - random: Add and use pr_fmt() (Yangtao Li) - random: convert to ENTROPY_BITS for better code readability (Yangtao Li) - random: remove unnecessary unlikely() (Yangtao Li) - random: remove kernel.random.read_wakeup_threshold (Andy Lutomirski) - random: delete code to pull data into pools (Andy Lutomirski) - random: remove the blocking pool (Andy Lutomirski) - random: fix crash on multiple early calls to add_bootloader_randomness() (Dominik Brodowski) - char/random: silence a lockdep splat with printk() (Sergey Senozhatsky) - random: make /dev/random be almost like /dev/urandom (Andy Lutomirski) - random: ignore GRND_RANDOM in getentropy(2) (Andy Lutomirski) - random: add GRND_INSECURE to return best-effort non-cryptographic bytes (Andy Lutomirski) - random: Add a urandom_read_nowait() for random APIs that don't warn (Andy Lutomirski) - random: Don't wake crng_init_wait when crng_init == 1 (Andy Lutomirski) - lib/crypto: sha1: re-roll loops to reduce code size (Jason A. Donenfeld) - lib/crypto: blake2s: move hmac construction into wireguard (Jason A. Donenfeld) - crypto: blake2s - generic C library implementation and selftest (Jason A. Donenfeld) - crypto: Deduplicate le32_to_cpu_array() and cpu_to_le32_array() (Andy Shevchenko) - Revert 'hwrng: core - Freeze khwrng thread during suspend' (Herbert Xu) - char/random: Add a newline at the end of the file (Borislav Petkov) - random: Use wait_event_freezable() in add_hwgenerator_randomness() (Stephen Boyd) - fdt: add support for rng-seed (Hsin-Yi Wang) - random: Support freezable kthreads in add_hwgenerator_randomness() (Stephen Boyd) - random: fix soft lockup when trying to read from an uninitialized blocking pool (Theodore Ts'o) - latent_entropy: avoid build error when plugin cflags are not set (Vasily Gorbik) - random: document get_random_int() family (George Spelvin) - random: move rand_initialize() earlier (Kees Cook) - random: only read from /dev/random after its pool has received 128 bits (Theodore Ts'o) - drivers/char/random.c: make primary_crng static (Rasmus Villemoes) - drivers/char/random.c: remove unused stuct poolinfo::poolbits (Rasmus Villemoes) - drivers/char/random.c: constify poolinfo_table (Rasmus Villemoes) - random: make CPU trust a boot parameter (Kees Cook) - random: Make crng state queryable (Jason A. Donenfeld) - random: remove preempt disabled region (Ingo Molnar) - random: add a config option to trust the CPU's hwrng (Theodore Ts'o) - random: Return nbytes filled from hw RNG (Tobin C. Harding) - random: Fix whitespace pre random-bytes work (Tobin C. Harding) - drivers/char/random.c: remove unused dont_count_entropy (Rasmus Villemoes) - random: optimize add_interrupt_randomness (Andi Kleen) - random: always fill buffer in get_random_bytes_wait (Jason A. Donenfeld) - crypto: chacha20 - Fix keystream alignment for chacha20_block() (Eric Biggers) - 9p: missing chunk of 'fs/9p: Don't update file type when updating file attributes' (Al Viro) [4.14.35-2047.517.0.el7] - mpt3sas: Fix panic observed while accessing the hw ctx queue (Gulam Mohamed) [Orabug: 34446738] - driver: marvell: mmc: Add new bus modes overrides from DT (Wojciech Bartczak) [Orabug: 34440004] - octeontx2: mmc: Adds mechanism to modify all MMC bus modes timings (Wojciech Bartczak) [Orabug: 34440004] - rds/rdma: correctly assign the dest qp num in rds ib connection (Rohit Nair) [Orabug: 34429478] - Revert 'uek-rpm: Enable config CONFIG_SCSI_MQ_DEFAULT' (Gulam Mohamed) [Orabug: 34419153] - net/rds : Adding support to print SCQ and RCQ completion vectors in rds-info. (Anand Khoje) [Orabug: 34398210] - IB/mlx5: Disable BME for unbound devices too (Hakon Bugge) [Orabug: 34395378] - net/mlx5: Rearm the FW tracer after each tracer event (Feras Daoud) [Orabug: 34387281] - net/mlx5: FW tracer, Add debug prints (Saeed Mahameed) [Orabug: 34387281] - perf script: Fix crash because of missing evsel->priv (Ravi Bangoria) [Orabug: 34382257] - net/rds: Fix a NULL dereference in rds_tcp_accept_one() (Harshit Mogalapalli) [Orabug: 34371946] - ocfs2: kill EBUSY from dlmfs_evict_inode (Junxiao Bi) [Orabug: 34364338] - ocfs2: dlmfs: don't clear USER_LOCK_ATTACHED when destroying lock (Junxiao Bi) [Orabug: 34364338] - rds: ib: Qualify RNR Retry Timer check with firmware version (Freddy Carrillo) [Orabug: 33665743]

Affected Package

OS OS Version Package Name Package Version
oracle linux 7 kernel-uek-container 4.14.35-2047.517.3.el7
oracle linux 7 kernel-uek-container 4.14.35-2047.517.3.el7