[El-errata] ELSA-2020-5649 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update (aarch64)

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Apr 14 08:46:23 PDT 2020 

Oracle Linux Security Advisory ELSA-2020-5649

http://linux.oracle.com/errata/ELSA-2020-5649.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

aarch64:
kernel-uek-4.14.35-1902.301.1.el7uek.aarch64.rpm
kernel-uek-debug-4.14.35-1902.301.1.el7uek.aarch64.rpm
kernel-uek-debug-devel-4.14.35-1902.301.1.el7uek.aarch64.rpm
kernel-uek-devel-4.14.35-1902.301.1.el7uek.aarch64.rpm
kernel-uek-tools-4.14.35-1902.301.1.el7uek.aarch64.rpm
kernel-uek-tools-libs-4.14.35-1902.301.1.el7uek.aarch64.rpm
kernel-uek-tools-libs-devel-4.14.35-1902.301.1.el7uek.aarch64.rpm
perf-4.14.35-1902.301.1.el7uek.aarch64.rpm
python-perf-4.14.35-1902.301.1.el7uek.aarch64.rpm
kernel-uek-headers-4.14.35-1902.301.1.el7uek.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-4.14.35-1902.301.1.el7uek.src.rpm



Description of changes:

[4.14.35-1902.301.1.el7uek]
- vhost: Check docket sk_family instead of call getname (Eugenio Pérez)  [Orabug: 31085991]  {CVE-2020-10942}
- uek-rpm: config-mips64-embedded misc pruning (Eric Saint-Etienne)  [Orabug: 31079017]
- ubifs: Check for name being NULL while mounting (Richard Weinberger)  [Orabug: 29410897]
- team: avoid complex list operations in team_nl_cmd_options_set() (Cong Wang)  [Orabug: 30886420]
- Revert "oled: give panic handler chance to run before kexec" (Wengang Wang)  [Orabug: 31098796]
- Revert "oled: Limit panic routine change x86 only" (Wengang Wang)  [Orabug: 31098796]
- net/mlx5: Add pci AtomicOps request (Michael Guralnik)  [Orabug: 30750027]
- PCI: Add pci_enable_atomic_ops_to_root() (Jay Cornwall)  [Orabug: 30750027]
- locking/rwsem: Prevent decrement of reader count before increment (Waiman Long)  [Orabug: 31087349]
- net: core: another layer of lists, around PF_MEMALLOC skb handling (Sasha Levin)  [Orabug: 31087349]
- locking/rwsem: Fix (possible) missed wakeup (Xie Yongji)  [Orabug: 31087349]
- swiotlb: clean up reporting (Kees Cook)  [Orabug: 31085014]  {CVE-2018-5953}
- nfs: optimise readdir cache page invalidation (Dai Ngo)  [Orabug: 31015775]
- NFS: Directory page cache pages need to be locked when read (Trond Myklebust)  [Orabug: 31015775]
- ppp: remove the PPPIOCDETACH ioctl (Eric Biggers)  [Orabug: 31061772]
- batman-adv: Avoid WARN on net_device without parent in netns (Sven Eckelmann)  [Orabug: 30857690]
- net: qlogic: Fix memory leak in ql_alloc_large_buffers (Navid Emamdoost)  [Orabug: 31055325]  {CVE-2019-18806}
- net_sched: fix datalen for ematch (Cong Wang)  [Orabug: 30877993]
- net/xfrm: fix out-of-bounds packet access (Alexei Starovoitov)  [Orabug: 30885434]
- RDMA/nldev: Provide MR statistics (Erez Alfasi)  [Orabug: 30729404]
- RDMA/mlx5: Return ODP type per MR (Erez Alfasi)  [Orabug: 30729404]
- RDMA/nldev: Allow different fill function per resource (Erez Alfasi)  [Orabug: 30729404]
- IB/mlx5: Introduce ODP diagnostic counters (Erez Alfasi)  [Orabug: 30729404]
- RDMA/mlx5: Use odp instead of mr->umem in pagefault_mr (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA/mlx5: Use ib_umem_start instead of umem.address (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA/odp: Use kvcalloc for the dma_list and page_list (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA/odp: Check for overflow when computing the umem_odp end (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA/odp: Provide ib_umem_odp_release() to undo the allocs (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA/odp: Split creating a umem_odp from ib_umem_get (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA/odp: Make the three ways to create a umem_odp clear (Jason Gunthorpe)  [Orabug: 30729404]
- RMDA/odp: Consolidate umem_odp initialization (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA/odp: Make it clearer when a umem is an implicit ODP umem (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA/odp: Iterate over the whole rbtree directly (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA/odp: Use the common interval tree library instead of generic (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA/mlx5: Fix MR npages calculation for IB_ACCESS_HUGETLB (Jason Gunthorpe)  [Orabug: 30729404]
- IB/mlx5: Fix implicit MR release flow (Yishai Hadas)  [Orabug: 30729404]
- RDMA/netlink: Implement counter dumpit calback (Mark Zhang)  [Orabug: 30729404]
- RDMA/nldev: Allow counter auto mode configration through RDMA netlink (Mark Zhang)  [Orabug: 30729404]
- RDMA/odp: Fix missed unlock in non-blocking invalidate_start (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA: Report available cdevs through RDMA_NLDEV_CMD_GET_CHARDEV (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA: Add NLDEV_GET_CHARDEV to allow char dev discovery and autoload (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA: Convert put_page() to put_user_page*() (John Hubbard)  [Orabug: 30729404]
- RDMA/umem: Move page_shift from ib_umem to ib_odp_umem (Jason Gunthorpe)  [Orabug: 30729404]
- mm: introduce put_user_page*(), placeholder versions (John Hubbard)  [Orabug: 30729404]
- RDMA/umem: Remove hugetlb flag (Shiraz Saleem)  [Orabug: 30729404]
- RDMA/bnxt_re: Use core helpers to get aligned DMA address (Shiraz Saleem)  [Orabug: 30729404]
- RDMA/i40iw: Use core helpers to get aligned DMA address within a supported page size (Shiraz Saleem)  [Orabug: 30729404]
- RDMA/verbs: Add a DMA iterator to return aligned contiguous memory blocks (Shiraz Saleem)  [Orabug: 30729404]
- RDMA/umem: Add API to find best driver supported page size in an MR (Shiraz Saleem)  [Orabug: 30729404]
- RDMA/umem: Handle page combining avoidance correctly in ib_umem_add_sg_table() (Shiraz Saleem)  [Orabug: 30729404]
- RDMA/core: Add a netlink command to change net namespace of rdma device (Parav Pandit)  [Orabug: 30729404]
- RDMA/umem: Use correct value for SG entries in sg_copy_to_buffer() (Shiraz Saleem)  [Orabug: 30729404]
- RDMA/nldev: Return device protocol (Leon Romanovsky)  [Orabug: 30729404]
- RDMA/umem: Combine contiguous PAGE_SIZE regions in SGEs (Shiraz Saleem)  [Orabug: 30729404]
- RDMA/core: Add interface to read device namespace sharing mode (Parav Pandit)  [Orabug: 30729404]
- IB/mlx5: Reset access mask when looping inside page fault handler (Moni Shoua)  [Orabug: 30729404]
- IB/core: Ensure an invalidate_range callback on ODP MR (Ira Weiny)  [Orabug: 30729404]
- RDMA/umem: Revert broken 'off by one' fix (John Hubbard)  [Orabug: 30729404]
- RDMA/umem: minor bug fix in error handling path (John Hubbard)  [Orabug: 30729404]
- RDMA/nldev: Provide parent IDs for PD, MR and QP objects (Leon Romanovsky)  [Orabug: 30729404]
- RDMA/nldev: Share with user-space object IDs (Leon Romanovsky)  [Orabug: 30729404]
- IB/uverbs: Add ib_ucontext to uverbs_attr_bundle sent from ioctl and cmd flows (Shamir Rabinovitch)  [Orabug: 30729404]
- RDMA/rdmavt: Adapt to handle non-uniform sizes on umem SGEs (Shiraz, Saleem)  [Orabug: 30729404]
- RDMA/rxe: Use for_each_sg_page iterator on umem SGL (Shiraz, Saleem)  [Orabug: 30729404]
- RDMA/ocrdma: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem)  [Orabug: 30729404]
- RDMA/qedr: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem)  [Orabug: 30729404]
- RDMA/cxgb3: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem)  [Orabug: 30729404]
- RDMA/cxgb4: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem)  [Orabug: 30729404]
- RDMA/i40iw: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem)  [Orabug: 30729404]
- RDMA/mthca: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem)  [Orabug: 30729404]
- RDMA/bnxt_re: Use for_each_sg_dma_page iterator on umem SGL (Shiraz, Saleem)  [Orabug: 30729404]
- lib/scatterlist: Provide a DMA page iterator (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA/nldev: Dynamically generate restrack dumpit callbacks (Leon Romanovsky)  [Orabug: 30729404]
- IB/{core,hw}: Have ib_umem_get extract the ib_ucontext from ib_udata (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA/uverbs: Use uverbs_attr_bundle to pass udata for ioctl() (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA/uverbs: Use uverbs_attr_bundle to pass udata for write_ex (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA/uverbs: Replace ib_uverbs_file with uverbs_attr_bundle for write (Jason Gunthorpe)  [Orabug: 30729404]
- RDMA/core: Refactor ib_register_device() function (Parav Pandit)  [Orabug: 30729404]
- RDMA/core: Fix unwinding flow in case of error to register device (Parav Pandit)  [Orabug: 30729404]
- RDMA/nldev: Allow IB device rename through RDMA netlink (Leon Romanovsky)  [Orabug: 30729404]
- RDMA: Fully setup the device name in ib_register_device (Jason Gunthorpe)  [Orabug: 30729404]
- mm: Introduce kvcalloc() (Kees Cook)  [Orabug: 30729404]
- RDMA/uapi: Fix uapi breakage (Doug Ledford)  [Orabug: 30729404]
- RDMA/nldev: helper functions to add driver attributes (Steve Wise)  [Orabug: 30729404]
- RDMA/nldev: add driver-specific resource tracking (Steve Wise)  [Orabug: 30729404]
- RDMA/nldev: Add explicit pad attribute (Steve Wise)  [Orabug: 30729404]
- RDMA/bnxt_re: Add support for MRs with Huge pages (Somnath Kotur)  [Orabug: 30729404]
- IB/{rdmavt, hfi1, qib}: Self determine driver name (Michael J. Ruhl)  [Orabug: 30729404]
- RDMA/vmw_pvrdma: Do not re-calculate npages (Yuval Shaia)  [Orabug: 30729404]
- iw_cxgb4: allocate wait object for each memory object (Steve Wise)  [Orabug: 30729404]
- IB/uverbs: clean up INIT_UDATA() macro usage (Arnd Bergmann)  [Orabug: 30729404]
- x86/init: Fix kasan gcc8+ type miss match error. (John Donnelly)  [Orabug: 31076337]

[4.14.35-1902.301.0.el7uek]
- kernel: cpu.c: fix return in void function cpu_smt_disable (Mihai Carabas)  [Orabug: 31049316]
- media: usb: fix memory leak in af9005_identify_state (Navid Emamdoost)  [Orabug: 31029908]  {CVE-2019-18809}
- nvme: fix possible deadlock when nvme_update_formats fails (Sagi Grimberg)  [Orabug: 31002557]
- alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP (Thadeu Lima de Souza Cascardo)  [Orabug: 30995760]
- uek-rpm: Make sure perf builds against libnuma and add run-time dependency (Dave Kleikamp)  [Orabug: 30896468]
- perf/x86/intel: Add Icelake support (Thomas Tai)  [Orabug: 30872256]
- x86/CPU: Add Icelake model number (Rajneesh Bhardwaj)  [Orabug: 30872256]
- perf/x86/intel/ds: Handle PEBS overflow for fixed counters (Kan Liang)  [Orabug: 30872256]
- perf/x86/intel: Introduce PMU flag for Extended PEBS (Kan Liang)  [Orabug: 30872256]
- tty: Don't hold ldisc lock in tty_reopen() if ldisc present (Dmitry Safonov)  [Orabug: 30591419]
- tty: Simplify tty->count math in tty_reopen() (Dmitry Safonov)  [Orabug: 30591419]
- tty: Hold tty_ldisc_lock() during tty_reopen() (Dmitry Safonov)  [Orabug: 30591419]
- tty/ldsem: Wake up readers after timed out down_write() (Dmitry Safonov)  [Orabug: 30591419]
- tty: Drop tty->count on tty_reopen() failure (Dmitry Safonov)  [Orabug: 30591419]
- rds: transport module should be auto loaded when transport is set (Rao Shoaib)  [Orabug: 30328633]
- net: erspan: fix use-after-free (William Tu)  [Orabug: 29784424]
- batman-adv: Force mac header to start of data on xmit (Sven Eckelmann)  [Orabug: 29784399]
- sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero (Cong Wang)  [Orabug: 30886600]
- ptr_ring: wrap back ->producer in __ptr_ring_swap_queue() (Cong Wang)  [Orabug: 30884437]
- add extra symbols from UEK5R3 to the kABI whitelist (Dan Duval)  [Orabug: 30295161]
- iommu: Force iommu shutdown on panic (John Donnelly)  [Orabug: 31043947]
- iommu/amd: Only free resources once on init error (Kevin Mitchell)  [Orabug: 31043947]
- iommu/amd: Move gart fallback to amd_iommu_init (Kevin Mitchell)  [Orabug: 31043947]
- iommu/amd: Make iommu_disable safer (Kevin Mitchell)  [Orabug: 31043947]
- iommu/vt-d: Turn off translations at shutdown (Deepa Dinamani)  [Orabug: 31043947]

More information about the El-errata mailing list