StarlingX

  1. Bug #2038710
  2. Comment #2

Comment 2 for bug 2038710

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to kernel (master)

Reviewed: https://review.opendev.org/c/starlingx/kernel/+/899024
Committed: https://opendev.org/starlingx/kernel/commit/88eaffd00c2b4cc1e866ea2ead446d648e04296b
Submitter: "Zuul (22348)"
Branch: master

commit 88eaffd00c2b4cc1e866ea2ead446d648e04296b
Author: Peng Zhang <email address hidden>
Date: Wed Nov 1 11:03:09 2023 +0000

    Update kernel to v5.10.198

    This commit updates kernel to v5.10.198 to fix following CVE issues:
    1.CVE-2023-4244: https://nvd.nist.gov/vuln/detail/CVE-2023-4244
    2.CVE-2023-31085: https://nvd.nist.gov/vuln/detail/CVE-2023-31085
    3.CVE-2023-45871: https://nvd.nist.gov/vuln/detail/CVE-2023-45871
    4.CVE-2023-5197: https://nvd.nist.gov/vuln/detail/CVE-2023-5197
    5.CVE-2023-39194: https://nvd.nist.gov/vuln/detail/CVE-2023-39194
    6.CVE-2023-39192: https://nvd.nist.gov/vuln/detail/CVE-2023-39192
    7.CVE-2023-39193: https://nvd.nist.gov/vuln/detail/CVE-2023-39193
    8.CVE-2023-42756: https://nvd.nist.gov/vuln/detail/CVE-2023-42756
    9.CVE-2023-42754: https://nvd.nist.gov/vuln/detail/CVE-2023-42754
    10.CVE-2023-39189: https://nvd.nist.gov/vuln/detail/CVE-2023-39189
    11.CVE-2023-31084: https://nvd.nist.gov/vuln/detail/CVE-2023-31084
    12.CVE-2023-3389: https://nvd.nist.gov/vuln/detail/CVE-2023-3389
    13.CVE-2022-45884: https://nvd.nist.gov/vuln/detail/CVE-2022-45884
    14.CVE-2023-42755: https://nvd.nist.gov/vuln/detail/CVE-2023-42755
    15.CVE-2023-42752: https://nvd.nist.gov/vuln/detail/CVE-2023-42752
    16.CVE-2023-4622: https://nvd.nist.gov/vuln/detail/CVE-2023-4622
    17.CVE-2023-37453: https://nvd.nist.gov/vuln/detail/CVE-2023-37453
    18.CVE-2023-42753: https://nvd.nist.gov/vuln/detail/CVE-2023-42753
    19.CVE-2023-4623: https://nvd.nist.gov/vuln/detail/CVE-2023-4623
    20.CVE-2023-4921: https://nvd.nist.gov/vuln/detail/CVE-2023-4921

    One of our source patches requires refresh against the new kernel
    source.It was deleted for content has been contained in the new
    kernel:
      0072-kernel-fork-beware-of-__put_task_struct-calling-cont.patch.

    Under PREEMPT_RT, when kernel is upgraded to v5.10.198,
    raw_write_seqcount_t_begin function is still used by qdisc_run_begin
    function in include/net/sch_generic.h. While
    raw_write_seqcount_t_begin function is replaced by
    do_raw_write_seqcount_begin in include/linux/seqlock.h whose commit
    is a8dd21118b0f.
     Commit ID Title
    a8dd21118b0f seqlock: Prefix internal seqcount_t-only macros with
                  a "do_"
    To fix implicit declaration of function raw_write_seqcount_t_begin,
    replace it with do_raw_write_seqcount_begin in the following patch:
     0083-net-replace-raw_write_seqcount_t_begin-by-do_raw_wri.patch

    Verification:
    - Build kernel and out of tree modules success for rt and std.
    - Build iso success for rt and std.
    - Install success onto a AIO-DX lab with rt kernel.
    - Boot up successfully in the lab.
    - The sanity testing was done by our test team and no regression
      defect was found.
    - The cyclictest benchmark was also run on the starlingx lab, the
      result is "samples: 259200000 avg: 1610 max: 4658 99.9999th
      percentile: 2403 overflows: 0", It is not big difference with
      5.10.192 for avg and percentile.

    Closes-Bug: 2038710

    Change-Id: I7ed77309e83d4edd39623452c9348488f8db1523
    Signed-off-by: Peng Zhang <email address hidden>