[rocky10_1] History Rebuild through kernel-6.12.0-124.55.1.el10_1 by PlaidCat · Pull Request #1180 · ctrliq/kernel-src-tree

PlaidCat · 2026-05-05T19:45:14Z

This is an automated kernel history rebuild using cron and internal tooling. It follows the same process used for previous history rebuilds:

Download all unprocessed src.rpm packages
For each src.rpm:
- Identify all commits in the changelog up to the last known tag (6.12.0-124)
- Replay commits in chronological order (oldest to newest in the changelog) using git cherry-pick
- Replace the code in the branch with the output of rpmbuild -bp for the corresponding src.rpm
- Tag the rebuild branch

JIRA Tickets

Parent: KERNEL-942
History Rebuild: KERNEL-943

Rebuild Splat Inspection

kernel-6.12.0-124.55.1.el10_1

$ cat ciq/ciq_backports/kernel-6.12.0-124.55.1.el10_1/rebuild.details.txt
Rebuild_History BUILDABLE
Rebuilding Kernel from rpm changelog with Fuzz Limit: 87.50%
Number of commits in upstream range v6.12~1..kernel-mainline: 122058
Number of commits in rpm: 19
Number of commits matched with upstream: 16 (84.21%)
Number of commits in upstream but not in rpm: 122042
Number of commits NOT found in upstream: 3 (15.79%)

Rebuilding Kernel on Branch rocky10_1_rebuild_kernel-6.12.0-124.55.1.el10_1 for kernel-6.12.0-124.55.1.el10_1
Clean Cherry Picks: 11 (68.75%)
Empty Cherry Picks: 5 (31.25%)
_______________________________

__EMPTY COMMITS__________________________
a664bf3d603dc3bdcf9ae47cc21e0daec706d7a5 crypto: algif_aead - Revert to operating out-of-place
31d00156e50ecad37f2cb6cbf04aaa9a260505ef crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl
e02494114ebf7c8b42777c6cd6982f113bfdbec7 crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption
1f48ad3b19a9dfc947868edda0bb8e48e5b5a8fa crypto: authencesn - Fix src offset when decrypting in-place
5aa58c3a572b3e3b6c786953339f7978b845cc52 crypto: algif_aead - snapshot IV for async AEAD requests

__CHANGES NOT IN UPSTREAM________________
Add partial riscv64 support for build root'
Provide basic VisionFive 2 support'
Patch MMU for riscv64'

BUILD

$ grep -E -B 5 -A 5 "\[TIMER\]|^Starting Build" $(ls -t kbuild* | head -n1)
/mnt/code/kernel-src-tree-build
Running make mrproper...
  CLEAN   scripts/basic
  CLEAN   scripts/kconfig
  CLEAN   include/config include/generated
[TIMER]{MRPROPER}: 10s
x86_64 architecture detected, copying config
'configs/kernel-x86_64-rhel.config' -> '.config'
Setting Local Version for build
CONFIG_LOCALVERSION="-rocky10_1_rebuild-1300dd84850c"
Making olddefconfig
--
  HOSTCC  scripts/kconfig/util.o
  HOSTLD  scripts/kconfig/conf
#
# configuration written to .config
#
Starting Build
  GEN     arch/x86/include/generated/asm/orc_hash.h
  UPD     include/generated/uapi/linux/version.h
  WRAP    arch/x86/include/generated/uapi/asm/bpf_perf_event.h
  WRAP    arch/x86/include/generated/uapi/asm/errno.h
  WRAP    arch/x86/include/generated/uapi/asm/fcntl.h
--
  LD [M]  net/qrtr/qrtr-mhi.ko
  LD [M]  virt/lib/irqbypass.ko
  BTF [M] net/qrtr/qrtr.ko
  BTF [M] net/qrtr/qrtr-mhi.ko
  BTF [M] virt/lib/irqbypass.ko
[TIMER]{BUILD}: 2073s
Making Modules
  SYMLINK /lib/modules/6.12.0-rocky10_1_rebuild-1300dd84850c+/build
  INSTALL /lib/modules/6.12.0-rocky10_1_rebuild-1300dd84850c+/modules.order
  INSTALL /lib/modules/6.12.0-rocky10_1_rebuild-1300dd84850c+/modules.builtin
  INSTALL /lib/modules/6.12.0-rocky10_1_rebuild-1300dd84850c+/modules.builtin.modinfo
--
  STRIP   /lib/modules/6.12.0-rocky10_1_rebuild-1300dd84850c+/kernel/virt/lib/irqbypass.ko
  SIGN    /lib/modules/6.12.0-rocky10_1_rebuild-1300dd84850c+/kernel/net/qrtr/qrtr-mhi.ko
  SIGN    /lib/modules/6.12.0-rocky10_1_rebuild-1300dd84850c+/kernel/net/qrtr/qrtr.ko
  SIGN    /lib/modules/6.12.0-rocky10_1_rebuild-1300dd84850c+/kernel/virt/lib/irqbypass.ko
  DEPMOD  /lib/modules/6.12.0-rocky10_1_rebuild-1300dd84850c+
[TIMER]{MODULES}: 13s
Making Install
  INSTALL /boot
[TIMER]{INSTALL}: 16s
Checking kABI
kABI check passed
Setting Default Kernel to /boot/vmlinuz-6.12.0-rocky10_1_rebuild-1300dd84850c+ and Index to 2
Hopefully Grub2.0 took everything ... rebooting after time metrices
[TIMER]{MRPROPER}: 10s
[TIMER]{BUILD}: 2073s
[TIMER]{MODULES}: 13s
[TIMER]{INSTALL}: 16s
[TIMER]{TOTAL} 2122s
Rebooting in 10 seconds

KSelfTests

$ get_kselftest_diff.sh
kselftest.6.12.0-rocky10_1_rebuild-eb02697d9b04+.log
458
kselftest.6.12.0-rocky10_1_rebuild-3768b8688fcd+.log
459
kselftest.6.12.0-rocky10_1_rebuild-1c376210905c+.log
0
kselftest.6.12.0-rocky10_1_rebuild-1300dd84850c+.log
459
Before: kselftest.6.12.0-rocky10_1_rebuild-1c376210905c+.log
After: kselftest.6.12.0-rocky10_1_rebuild-1300dd84850c+.log
Diff:
+ok 100 selftests: net/forwarding: vxlan_bridge_1d_port_8472.sh # SKIP
+ok 101 selftests: net/forwarding: vxlan_bridge_1d.sh # SKIP
+ok 102 selftests: net/forwarding: vxlan_bridge_1q_ipv6.sh # SKIP
+ok 103 selftests: net/forwarding: vxlan_bridge_1q_port_8472_ipv6.sh # SKIP
+ok 104 selftests: net/forwarding: vxlan_bridge_1q_port_8472.sh # SKIP
+ok 105 selftests: net/forwarding: vxlan_bridge_1q.sh # SKIP
+ok 106 selftests: net/forwarding: vxlan_symmetric_ipv6.sh # SKIP
+ok 107 selftests: net/forwarding: vxlan_symmetric.sh # SKIP
+ok 10 selftests: kvm: dirty_log_page_splitting_test # SKIP
+ok 10 selftests: net/forwarding: bridge_sticky_fdb.sh # SKIP
+ok 10 selftests: net/packetdrill: tcp_eor_no-coalesce-retrans.pkt # SKIP
+ok 10 selftests: net/tcp_ao: seq-ext_ipv4
+ok 10 selftests: proc: proc-self-isnt-kthread
+ok 10 selftests: rseq: run_param_test.sh
+ok 11 selftests: cgroup: test_stress.sh # SKIP
+ok 11 selftests: damon: reclaim.sh # SKIP
+ok 11 selftests: kvm: feature_msrs_test
+ok 11 selftests: net/forwarding: bridge_vlan_aware.sh # SKIP
+ok 11 selftests: net/packetdrill: tcp_eor_no-coalesce-small.pkt # SKIP
+ok 11 selftests: net/tcp_ao: setsockopt-closed_ipv4
+ok 11 selftests: proc: proc-self-syscall
+ok 12 selftests: cgroup: test_cpuset_prs.sh # SKIP
+ok 12 selftests: damon: lru_sort.sh # SKIP
+ok 12 selftests: kvm: exit_on_emulation_failure_test
+ok 12 selftests: net/forwarding: bridge_vlan_mcast.sh # SKIP
+ok 12 selftests: net/packetdrill: tcp_eor_no-coalesce-subsequent.pkt # SKIP
+ok 12 selftests: net/tcp_ao: unsigned-md5_ipv4
+ok 12 selftests: proc: proc-self-wchan
+ok 13 selftests: cgroup: test_cpuset_v1_hp.sh # SKIP
+ok 13 selftests: damon: debugfs_empty_targets.sh # SKIP
+ok 13 selftests: kvm: fix_hypercall_test
+ok 13 selftests: net/forwarding: bridge_vlan_unaware.sh # SKIP
+ok 13 selftests: net/packetdrill: tcp_fast_recovery_prr-ss-10pkt-lost-1.pkt # SKIP
+ok 13 selftests: net/tcp_ao: bench-lookups_ipv6
+ok 13 selftests: proc: proc-subset-pid # SKIP
+ok 14 selftests: damon: debugfs_huge_count_read_write.sh # SKIP
+ok 14 selftests: kvm: hwcr_msr_test
+ok 14 selftests: net/forwarding: custom_multipath_hash.sh # SKIP
+ok 14 selftests: net/packetdrill: tcp_fast_recovery_prr-ss-30pkt-lost-1_4-11_16.pkt # SKIP
+ok 14 selftests: net/tcp_ao: connect_ipv6
+ok 14 selftests: proc: proc-tid0
+ok 15 selftests: damon: debugfs_duplicate_context_creation.sh # SKIP
+ok 15 selftests: kvm: hyperv_clock # SKIP
+ok 15 selftests: net/forwarding: dual_vxlan_bridge.sh # SKIP
+ok 15 selftests: net/packetdrill: tcp_fast_recovery_prr-ss-30pkt-lost1_4.pkt # SKIP
+ok 15 selftests: net/tcp_ao: connect-deny_ipv6
+ok 15 selftests: proc: proc-uptime-001
+ok 16 selftests: damon: debugfs_rm_non_contexts.sh # SKIP
+ok 16 selftests: kvm: hyperv_cpuid
+ok 16 selftests: net/forwarding: gre_custom_multipath_hash.sh # SKIP
+ok 16 selftests: net/packetdrill: tcp_fast_recovery_prr-ss-ack-below-snd_una-cubic.pkt # SKIP
+ok 16 selftests: net/tcp_ao: icmps-accept_ipv6
+ok 16 selftests: proc: proc-uptime-002
+ok 17 selftests: damon: debugfs_target_ids_read_before_terminate_race.sh
+ok 17 selftests: kvm: hyperv_evmcs
+ok 17 selftests: net/forwarding: gre_inner_v4_multipath.sh # SKIP
+ok 17 selftests: net/packetdrill: tcp_inq_client.pkt # SKIP
+ok 17 selftests: net/tcp_ao: icmps-discard_ipv6
+ok 18 selftests: damon: debugfs_target_ids_pid_leak.sh
+ok 18 selftests: kvm: hyperv_extended_hypercalls
+ok 18 selftests: net/forwarding: gre_inner_v6_multipath.sh # SKIP
+ok 18 selftests: net/packetdrill: tcp_inq_server.pkt # SKIP
+ok 18 selftests: net/tcp_ao: key-management_ipv6
+ok 18 selftests: proc: self
+ok 19 selftests: damon: sysfs_update_removed_scheme_dir.sh # SKIP
+ok 19 selftests: kvm: hyperv_features
+ok 19 selftests: net/forwarding: gre_multipath_nh_res.sh # SKIP
+ok 19 selftests: net/packetdrill: tcp_limited_transmit_limited-transmit-no-sack.pkt # SKIP
+ok 19 selftests: net/tcp_ao: restore_ipv6
+ok 19 selftests: proc: setns-dcache # SKIP
+ok 1 selftests: amd-pstate: run.sh # SKIP
+ok 1 selftests: breakpoints: step_after_suspend_test # SKIP
+ok 1 selftests: capabilities: test_execve
+ok 1 selftests: clone3: clone3
+ok 1 selftests: core: close_range_test
+ok 1 selftests: cpufreq: main.sh # SKIP
+ok 1 selftests: cpu-hotplug: cpu-on-off-test.sh # SKIP
+ok 1 selftests: damon: debugfs_attrs.sh # SKIP
+ok 1 selftests: drivers/dma-buf: udmabuf # SKIP
+ok 1 selftests: drivers/net: netcons_basic.sh # SKIP
+ok 1 selftests: drivers/net/team: dev_addr_lists.sh # SKIP
+ok 1 selftests: drivers/net/virtio_net: basic_features.sh # SKIP
+ok 1 selftests: drivers/platform/x86/intel/ifs: test_ifs.sh # SKIP
+ok 1 selftests: dt: test_unprobed_devices.sh # SKIP
+ok 1 selftests: efivarfs: efivarfs.sh # SKIP
+ok 1 selftests: filesystems: devpts_pts # SKIP
+ok 1 selftests: filesystems/epoll: epoll_wakeup_test
+ok 1 selftests: filesystems/fat: run_fat_tests.sh
+ok 1 selftests: firmware: fw_run_tests.sh # SKIP
+ok 1 selftests: fpu: test_fpu
+ok 1 selftests: futex: run.sh
+ok 1 selftests: gpio: gpio-mockup.sh # SKIP
+ok 1 selftests: intel_pstate: run.sh # SKIP
+ok 1 selftests: ipc: msgque # SKIP
+ok 1 selftests: ir: ir_loopback.sh # SKIP
+ok 1 selftests: kcmp: kcmp_test
+ok 1 selftests: kexec: test_kexec_load.sh # SKIP
+ok 1 selftests: kvm: demand_paging_test
+ok 1 selftests: lib: printf.sh # SKIP
+ok 1 selftests: livepatch: test-livepatch.sh # SKIP
+ok 1 selftests: lsm: lsm_get_self_attr_test
+ok 1 selftests: membarrier: membarrier_test_single_thread
+ok 1 selftests: memory-hotplug: mem-on-off-test.sh # SKIP
+ok 1 selftests: mincore: mincore_selftest
+ok 1 selftests: mm: run_vmtests.sh # SKIP
+ok 1 selftests: mount: run_unprivileged_remount.sh
+ok 1 selftests: mqueue: mq_open_tests # SKIP
+ok 1 selftests: net/af_unix: diag_uid
+ok 1 selftests: net/forwarding: bridge_fdb_learning_limit.sh # SKIP
+ok 1 selftests: net/packetdrill: tcp_blocking_blocking-accept.pkt # SKIP
+ok 1 selftests: net/rds: run.sh # SKIP
+ok 1 selftests: net/tcp_ao: bench-lookups_ipv4
+ok 1 selftests: nsfs: owner
+ok 1 selftests: pcie_bwctrl: set_pcie_cooling_state.sh # SKIP
+ok 1 selftests: perf_events: sigtrap_threads
+ok 1 selftests: pid_namespace: regression_enomem
+ok 1 selftests: power_supply: test_power_supply_properties.sh
+ok 1 selftests: prctl: disable-tsc-ctxt-sw-stress-test
+ok 1 selftests: proc: fd-001-lookup
+ok 1 selftests: ptrace: get_syscall_info
+ok 1 selftests: resctrl: resctrl_tests # SKIP
+ok 1 selftests: rseq: basic_test
+ok 1 selftests: rtc: rtctest # SKIP
+ok 1 selftests: rust: test_probe_samples.sh # SKIP
+ok 1 selftests: seccomp: seccomp_bpf
+ok 1 selftests: sigaltstack: sas
+ok 1 selftests: splice: default_file_splice_read.sh
+ok 1 selftests: static_keys: test_static_keys.sh # SKIP
+ok 1 selftests: sync: sync_test # SKIP
+ok 1 selftests: syscall_user_dispatch: sud_test
+ok 1 selftests: sysctl: sysctl.sh # SKIP
+ok 1 selftests: timens: timens # SKIP
+ok 1 selftests: tmpfs: bug-link-o-tmpfile # SKIP
+ok 1 selftests: tpm2: test_smoke.sh # SKIP
+ok 1 selftests: tty: tty_tstamp_update
+ok 1 selftests: uevent: uevent_filtering
+ok 1 selftests: vDSO: vdso_test_gettimeofday
+ok 1 selftests: x86/bugs: its_sysfs.py
+ok 1 selftests: zram: zram.sh # SKIP
+ok 20 selftests: kvm: hyperv_ipi
+ok 20 selftests: net/forwarding: gre_multipath_nh.sh # SKIP
+ok 20 selftests: net/packetdrill: tcp_limited_transmit_limited-transmit-sack.pkt # SKIP
+ok 20 selftests: net/tcp_ao: rst_ipv6
+ok 20 selftests: proc: setns-sysvipc # SKIP
+ok 21 selftests: kvm: hyperv_svm_test # SKIP
+ok 21 selftests: net/forwarding: gre_multipath.sh # SKIP
+ok 21 selftests: net/packetdrill: tcp_md5_md5-only-on-client-ack.pkt # SKIP
+ok 21 selftests: net/tcp_ao: self-connect_ipv6
+ok 21 selftests: proc: thread-self
+ok 22 selftests: kvm: hyperv_tlb_flush
+ok 22 selftests: net/forwarding: ip6_forward_instats_vrf.sh # SKIP
+ok 22 selftests: net/packetdrill: tcp_nagle_https_client.pkt # SKIP
+ok 22 selftests: net/tcp_ao: seq-ext_ipv6
+ok 23 selftests: kvm: kvm_clock_test # SKIP
+ok 23 selftests: net/forwarding: ip6gre_custom_multipath_hash.sh # SKIP
+ok 23 selftests: net/packetdrill: tcp_nagle_sendmsg_msg_more.pkt # SKIP
+ok 23 selftests: net/tcp_ao: setsockopt-closed_ipv6
+ok 24 selftests: kvm: kvm_pv_test
+ok 24 selftests: net/forwarding: ip6gre_flat_key.sh # SKIP
+ok 24 selftests: net/packetdrill: tcp_nagle_sockopt_cork_nodelay.pkt # SKIP
+ok 24 selftests: net/tcp_ao: unsigned-md5_ipv6
+ok 25 selftests: kvm: monitor_mwait_test
+ok 25 selftests: net/forwarding: ip6gre_flat_keys.sh # SKIP
+ok 25 selftests: net/packetdrill: tcp_sack_sack-route-refresh-ip-tos.pkt # SKIP
+ok 26 selftests: kvm: nested_emulation_test # SKIP
+ok 26 selftests: net/forwarding: ip6gre_flat.sh # SKIP
+ok 26 selftests: net/packetdrill: tcp_sack_sack-shift-sacked-2-6-8-3-9-nofack.pkt # SKIP
+ok 27 selftests: kvm: nested_exceptions_test
+ok 27 selftests: net/forwarding: ip6gre_hier_key.sh # SKIP
+ok 27 selftests: net/packetdrill: tcp_sack_sack-shift-sacked-7-3-4-8-9-fack.pkt # SKIP
+ok 28 selftests: kvm: platform_info_test
+ok 28 selftests: net/forwarding: ip6gre_hier_keys.sh # SKIP
+ok 28 selftests: net/packetdrill: tcp_sack_sack-shift-sacked-7-5-6-8-9-fack.pkt # SKIP
+ok 29 selftests: kvm: pmu_counters_test # SKIP
+ok 29 selftests: net/forwarding: ip6gre_hier.sh # SKIP
+ok 29 selftests: net/packetdrill: tcp_sendfile_sendfile-simple.pkt # SKIP
+ok 2 selftests: breakpoints: breakpoint_test
+ok 2 selftests: clone3: clone3_clear_sighand
+ok 2 selftests: damon: debugfs_schemes.sh # SKIP
+ok 2 selftests: drivers/net/bonding: bond-break-lacpdu-tx.sh # SKIP
+ok 2 selftests: filesystems/statmount: statmount_test_ns
+ok 2 selftests: gpio: gpio-sim.sh # SKIP
+ok 2 selftests: iommu: iommufd_fail_nth
+ok 2 selftests: kexec: test_kexec_file_load.sh # SKIP
+ok 2 selftests: kvm: dirty_log_test
+ok 2 selftests: lib: bitmap.sh # SKIP
+ok 2 selftests: livepatch: test-callbacks.sh # SKIP
+ok 2 selftests: lsm: lsm_list_modules_test
+ok 2 selftests: membarrier: membarrier_test_multi_thread
+ok 2 selftests: mount: run_nosymfollow.sh
+ok 2 selftests: mqueue: mq_perf_tests # SKIP
+ok 2 selftests: net/forwarding: bridge_igmp.sh # SKIP
+ok 2 selftests: net/packetdrill: tcp_blocking_blocking-connect.pkt # SKIP
+ok 2 selftests: net/tcp_ao: connect_ipv4
+ok 2 selftests: nsfs: pidns
+ok 2 selftests: prctl: disable-tsc-on-off-stress-test
+ok 2 selftests: proc: fd-002-posix-eq
+ok 2 selftests: pstore: pstore_post_reboot_tests # SKIP
+ok 2 selftests: ptrace: peeksiginfo
+ok 2 selftests: rseq: basic_percpu_ops_test
+ok 2 selftests: seccomp: seccomp_benchmark
+ok 2 selftests: syscall_user_dispatch: sud_benchmark
+ok 2 selftests: timens: timerfd # SKIP
+ok 2 selftests: timers: nanosleep
+ok 2 selftests: tpm2: test_space.sh # SKIP
+ok 2 selftests: vDSO: vdso_test_getcpu
+ok 30 selftests: kvm: pmu_event_filter_test # SKIP
+ok 30 selftests: net/forwarding: ip6gre_inner_v4_multipath.sh # SKIP
+ok 30 selftests: net/packetdrill: tcp_slow_start_slow-start-ack-per-1pkt.pkt # SKIP
+ok 31 selftests: kvm: private_mem_conversions_test
+ok 31 selftests: net/forwarding: ip6gre_inner_v6_multipath.sh # SKIP
+ok 31 selftests: net/packetdrill: tcp_slow_start_slow-start-ack-per-2pkt.pkt # SKIP
+ok 32 selftests: kvm: private_mem_kvm_exits_test
+ok 32 selftests: net/forwarding: ipip_flat_gre_key.sh # SKIP
+ok 32 selftests: net/packetdrill: tcp_slow_start_slow-start-ack-per-2pkt-send-5pkt.pkt # SKIP
+ok 33 selftests: kvm: set_boot_cpu_id
+ok 33 selftests: net/forwarding: ipip_flat_gre_keys.sh # SKIP
+ok 33 selftests: net/packetdrill: tcp_slow_start_slow-start-ack-per-2pkt-send-6pkt.pkt # SKIP
+ok 34 selftests: kvm: set_sregs_test
+ok 34 selftests: net/forwarding: ipip_flat_gre.sh # SKIP
+ok 34 selftests: net/packetdrill: tcp_slow_start_slow-start-ack-per-4pkt.pkt # SKIP
+ok 35 selftests: kvm: smaller_maxphyaddr_emulation_test # SKIP
+ok 35 selftests: net/forwarding: ipip_hier_gre_key.sh # SKIP
+ok 35 selftests: net/packetdrill: tcp_slow_start_slow-start-after-idle.pkt # SKIP
+ok 36 selftests: kvm: smm_test
+ok 36 selftests: net/forwarding: ipip_hier_gre_keys.sh # SKIP
+ok 36 selftests: net/packetdrill: tcp_slow_start_slow-start-after-win-update.pkt # SKIP
+ok 37 selftests: kvm: state_test
+ok 37 selftests: net/forwarding: ipip_hier_gre.sh # SKIP
+ok 37 selftests: net/packetdrill: tcp_slow_start_slow-start-app-limited-9-packets-out.pkt # SKIP
+ok 38 selftests: kvm: vmx_preemption_timer_test
+ok 38 selftests: net/forwarding: lib_sh_test.sh # SKIP
+ok 38 selftests: net/packetdrill: tcp_slow_start_slow-start-app-limited.pkt # SKIP
+ok 39 selftests: kvm: svm_vmcall_test # SKIP
+ok 39 selftests: net/forwarding: local_termination.sh # SKIP
+ok 39 selftests: net/packetdrill: tcp_slow_start_slow-start-fq-ack-per-2pkt.pkt # SKIP
+ok 3 selftests: cgroup: test_cpuset # SKIP
+ok 3 selftests: clone3: clone3_set_tid
+ok 3 selftests: damon: debugfs_target_ids.sh # SKIP
+ok 3 selftests: drivers/net/bonding: bond-lladdr-target.sh # SKIP
+ok 3 selftests: kvm: guest_print_test
+ok 3 selftests: lib: prime_numbers.sh # SKIP
+ok 3 selftests: livepatch: test-shadow-vars.sh # SKIP
+ok 3 selftests: lsm: lsm_set_self_attr_test
+ok 3 selftests: net/af_unix: scm_pidfd
+ok 3 selftests: net/forwarding: bridge_locked_port.sh # SKIP
+ok 3 selftests: net/mptcp: mptcp_join.sh # SKIP
+ok 3 selftests: net/packetdrill: tcp_blocking_blocking-read.pkt # SKIP
+ok 3 selftests: net/tcp_ao: connect-deny_ipv4
+ok 3 selftests: perf_events: watermark_signal
+ok 3 selftests: prctl: disable-tsc-test
+ok 3 selftests: rseq: basic_percpu_ops_mm_cid_test
+ok 3 selftests: timens: timer # SKIP
+ok 3 selftests: timers: nsleep-lat
+ok 3 selftests: tpm2: test_async.sh # SKIP
+ok 3 selftests: vDSO: vdso_test_abi
+ok 40 selftests: kvm: svm_int_ctl_test # SKIP
+ok 40 selftests: net/forwarding: min_max_mtu.sh # SKIP
+ok 40 selftests: net/packetdrill: tcp_splice_tcp_splice_loop_test.pkt # SKIP
+ok 41 selftests: kvm: svm_nested_shutdown_test # SKIP
+ok 41 selftests: net/forwarding: mirror_gre_bound.sh # SKIP
+ok 41 selftests: net/packetdrill: tcp_syscall_bad_arg_fastopen-invalid-buf-ptr.pkt # SKIP
+ok 42 selftests: kvm: svm_nested_soft_inject_test # SKIP
+ok 42 selftests: net/forwarding: mirror_gre_bridge_1d.sh # SKIP
+ok 42 selftests: net/packetdrill: tcp_syscall_bad_arg_sendmsg-empty-iov.pkt # SKIP
+ok 43 selftests: kvm: tsc_scaling_sync
+ok 43 selftests: net/forwarding: mirror_gre_bridge_1d_vlan.sh # SKIP
+ok 43 selftests: net/packetdrill: tcp_syscall_bad_arg_syscall-invalid-buf-ptr.pkt # SKIP
+ok 44 selftests: kvm: sync_regs_test
+ok 44 selftests: net/forwarding: mirror_gre_bridge_1q_lag.sh # SKIP
+ok 44 selftests: net/packetdrill: tcp_tcp_info_tcp-info-last_data_recv.pkt # SKIP
+ok 45 selftests: kvm: ucna_injection_test
+ok 45 selftests: net/forwarding: mirror_gre_bridge_1q.sh # SKIP
+ok 45 selftests: net/packetdrill: tcp_tcp_info_tcp-info-rwnd-limited.pkt # SKIP
+ok 46 selftests: kvm: userspace_io_test
+ok 46 selftests: net/forwarding: mirror_gre_changes.sh # SKIP
+ok 46 selftests: net/packetdrill: tcp_tcp_info_tcp-info-sndbuf-limited.pkt # SKIP
+ok 47 selftests: kvm: userspace_msr_exit_test
+ok 47 selftests: net/forwarding: mirror_gre_flower.sh # SKIP
+ok 47 selftests: net/packetdrill: tcp_timestamping_client-only-last-byte.pkt # SKIP
+ok 48 selftests: kvm: vmx_apic_access_test
+ok 48 selftests: net/forwarding: mirror_gre_lag_lacp.sh # SKIP
+ok 48 selftests: net/packetdrill: tcp_timestamping_partial.pkt # SKIP
+ok 49 selftests: kvm: vmx_close_while_nested_test
+ok 49 selftests: net/forwarding: mirror_gre_neigh.sh # SKIP
+ok 49 selftests: net/packetdrill: tcp_timestamping_server.pkt # SKIP
+ok 4 selftests: clone3: clone3_cap_checkpoint_restore
+ok 4 selftests: damon: sysfs.sh # SKIP
+ok 4 selftests: drivers/net/bonding: dev_addr_lists.sh # SKIP
+ok 4 selftests: kvm: kvm_binary_stats_test
+ok 4 selftests: lib: scanf.sh # SKIP
+ok 4 selftests: livepatch: test-state.sh # SKIP
+ok 4 selftests: net/forwarding: bridge_mdb.sh # SKIP
+ok 4 selftests: net/packetdrill: tcp_blocking_blocking-write.pkt # SKIP
+ok 4 selftests: net/tcp_ao: icmps-accept_ipv4
+ok 4 selftests: proc: proc-2-is-kthread
+ok 4 selftests: ptrace: get_set_sud
+ok 4 selftests: rseq: param_test
+ok 4 selftests: timens: clock_nanosleep # SKIP
+ok 4 selftests: timers: set-timer-lat
+ok 4 selftests: vDSO: vdso_test_clock_getres
+ok 50 selftests: kvm: vmx_dirty_log_test
+ok 50 selftests: net/forwarding: mirror_gre_nh.sh # SKIP
+ok 50 selftests: net/packetdrill: tcp_ts_recent_fin_tsval.pkt # SKIP
+ok 51 selftests: kvm: vmx_exception_with_invalid_guest_state # SKIP
+ok 51 selftests: net/forwarding: mirror_gre.sh # SKIP
+ok 51 selftests: net/packetdrill: tcp_ts_recent_invalid_ack.pkt # SKIP
+ok 52 selftests: kvm: vmx_msrs_test
+ok 52 selftests: net/forwarding: mirror_gre_vlan_bridge_1q.sh # SKIP
+ok 52 selftests: net/packetdrill: tcp_ts_recent_reset_tsval.pkt # SKIP
+ok 53 selftests: kvm: vmx_invalid_nested_guest_state
+ok 53 selftests: net/forwarding: mirror_gre_vlan.sh # SKIP
+ok 53 selftests: net/packetdrill: tcp_user_timeout_user_timeout.pkt # SKIP
+ok 54 selftests: kvm: vmx_set_nested_state_test
+ok 54 selftests: net/forwarding: mirror_vlan.sh # SKIP
+ok 54 selftests: net/packetdrill: tcp_user_timeout_user-timeout-probe.pkt # SKIP
+ok 55 selftests: kvm: vmx_tsc_adjust_test
+ok 55 selftests: net/forwarding: no_forwarding.sh # SKIP
+ok 55 selftests: net/packetdrill: tcp_validate_validate-established-no-flags.pkt # SKIP
+ok 56 selftests: kvm: vmx_nested_tsc_scaling_test # SKIP
+ok 56 selftests: net/forwarding: pedit_dsfield.sh # SKIP
+ok 56 selftests: net/packetdrill: tcp_zerocopy_basic.pkt # SKIP
+ok 57 selftests: kvm: apic_bus_clock_test
+ok 57 selftests: net/forwarding: pedit_ip.sh # SKIP
+ok 57 selftests: net/packetdrill: tcp_zerocopy_batch.pkt # SKIP
+ok 58 selftests: kvm: xapic_ipi_test
+ok 58 selftests: net/forwarding: pedit_l4port.sh # SKIP
+ok 58 selftests: net/packetdrill: tcp_zerocopy_client.pkt # SKIP
+ok 59 selftests: kvm: xapic_state_test
+ok 59 selftests: net/forwarding: q_in_vni_ipv6.sh # SKIP
+ok 59 selftests: net/packetdrill: tcp_zerocopy_closed.pkt # SKIP
+ok 5 selftests: cgroup: test_hugetlb_memcg # SKIP
+ok 5 selftests: drivers/net/bonding: mode-1-recovery-updelay.sh # SKIP
+ok 5 selftests: kvm: kvm_create_max_vcpus
+ok 5 selftests: livepatch: test-ftrace.sh # SKIP
+ok 5 selftests: net/forwarding: bridge_mdb_host.sh # SKIP
+ok 5 selftests: net/packetdrill: tcp_close_close-local-close-then-remote-fin.pkt # SKIP
+ok 5 selftests: net/tcp_ao: icmps-discard_ipv4
+ok 5 selftests: prctl: set-process-name
+ok 5 selftests: proc: proc-loadavg-001 # SKIP
+ok 5 selftests: rseq: param_test_benchmark
+ok 5 selftests: timens: procfs # SKIP
+ok 5 selftests: timers: mqueue-lat
+ok 5 selftests: vDSO: vdso_standalone_test_x86
+ok 60 selftests: kvm: xcr0_cpuid_test
+ok 60 selftests: net/forwarding: q_in_vni.sh # SKIP
+ok 60 selftests: net/packetdrill: tcp_zerocopy_epoll_edge.pkt # SKIP
+ok 61 selftests: kvm: xss_msr_test
+ok 61 selftests: net/forwarding: router_bridge.sh # SKIP
+ok 61 selftests: net/packetdrill: tcp_zerocopy_epoll_exclusive.pkt # SKIP
+ok 62 selftests: kvm: debug_regs
+ok 62 selftests: net/forwarding: router_bridge_1d.sh # SKIP
+ok 62 selftests: net/packetdrill: tcp_zerocopy_epoll_oneshot.pkt # SKIP
+ok 63 selftests: kvm: tsc_msrs_test
+ok 63 selftests: net/forwarding: router_bridge_1d_lag.sh # SKIP
+ok 63 selftests: net/packetdrill: tcp_zerocopy_fastopen-client.pkt # SKIP
+ok 64 selftests: kvm: vmx_pmu_caps_test # SKIP
+ok 64 selftests: net/forwarding: router_bridge_lag.sh # SKIP
+ok 64 selftests: net/packetdrill: tcp_zerocopy_fastopen-server.pkt # SKIP
+ok 65 selftests: kvm: xen_shinfo_test # SKIP
+ok 65 selftests: net/forwarding: router_bridge_vlan.sh # SKIP
+ok 65 selftests: net/packetdrill: tcp_zerocopy_maxfrags.pkt # SKIP
+ok 66 selftests: kvm: xen_vmcall_test # SKIP
+ok 66 selftests: net/forwarding: router_bridge_vlan_upper.sh # SKIP
+ok 66 selftests: net/packetdrill: tcp_zerocopy_small.pkt # SKIP
+ok 67 selftests: kvm: sev_init2_tests # SKIP
+ok 67 selftests: net/forwarding: router_bridge_pvid_vlan_upper.sh # SKIP
+ok 68 selftests: kvm: sev_migrate_tests # SKIP
+ok 68 selftests: net/forwarding: router_bridge_vlan_upper_pvid.sh # SKIP
+ok 69 selftests: kvm: sev_smoke_test # SKIP
+ok 69 selftests: net/forwarding: router_broadcast.sh # SKIP
+ok 6 selftests: drivers/net/bonding: mode-2-recovery-updelay.sh # SKIP
+ok 6 selftests: kvm: kvm_page_table_test
+ok 6 selftests: livepatch: test-sysfs.sh # SKIP
+ok 6 selftests: net/forwarding: bridge_mdb_max.sh # SKIP
+ok 6 selftests: net/mptcp: mptcp_sockopt.sh # SKIP
+ok 6 selftests: net/packetdrill: tcp_close_close-on-syn-sent.pkt # SKIP
+ok 6 selftests: net/tcp_ao: key-management_ipv4
+ok 6 selftests: proc: proc-empty-vm
+ok 6 selftests: rseq: param_test_compare_twice
+ok 6 selftests: timens: exec # SKIP
+ok 6 selftests: timers: inconsistency-check
+ok 6 selftests: vDSO: vdso_test_correctness
+ok 70 selftests: kvm: amx_test # SKIP
+ok 70 selftests: net/forwarding: router_mpath_nh_res.sh # SKIP
+ok 71 selftests: kvm: max_vcpuid_cap_test
+ok 71 selftests: net/forwarding: router_mpath_nh.sh # SKIP
+ok 72 selftests: kvm: triple_fault_event_test
+ok 72 selftests: net/forwarding: router_mpath_seed.sh # SKIP
+ok 73 selftests: kvm: recalc_apic_map_test
+ok 73 selftests: net/forwarding: router_multicast.sh # SKIP
+ok 74 selftests: kvm: access_tracking_perf_test # SKIP
+ok 74 selftests: net/forwarding: router_multipath.sh # SKIP
+ok 75 selftests: kvm: coalesced_io_test
+ok 75 selftests: net/forwarding: router_nh.sh # SKIP
+ok 76 selftests: kvm: dirty_log_perf_test
+ok 76 selftests: net/forwarding: router.sh # SKIP
+ok 77 selftests: kvm: guest_memfd_test
+ok 77 selftests: net/forwarding: router_vid_1.sh # SKIP
+ok 78 selftests: kvm: hardware_disable_test
+ok 78 selftests: net/forwarding: sch_ets.sh # SKIP
+ok 79 selftests: kvm: memslot_modification_stress_test
+ok 79 selftests: net/forwarding: sch_red.sh # SKIP
+ok 7 selftests: drivers/net/bonding: bond_options.sh # SKIP
+ok 7 selftests: kvm: set_memory_region_test
+ok 7 selftests: livepatch: test-syscall.sh # SKIP
+ok 7 selftests: net/forwarding: bridge_mdb_port_down.sh # SKIP
+ok 7 selftests: net/packetdrill: tcp_close_close-remote-fin-then-close.pkt # SKIP
+ok 7 selftests: net/tcp_ao: restore_ipv4
+ok 7 selftests: proc: proc-pid-vm # SKIP
+ok 7 selftests: rseq: param_test_mm_cid
+ok 7 selftests: timens: futex # SKIP
+ok 7 selftests: timers: raw_skew
+ok 7 selftests: vDSO: vdso_test_getrandom
+ok 80 selftests: kvm: memslot_perf_test
+ok 80 selftests: net/forwarding: sch_tbf_ets.sh # SKIP
+ok 81 selftests: net/forwarding: sch_tbf_prio.sh # SKIP
+ok 82 selftests: kvm: rseq_test
+ok 82 selftests: net/forwarding: sch_tbf_root.sh # SKIP
+ok 83 selftests: kvm: steal_time
+ok 83 selftests: net/forwarding: skbedit_priority.sh # SKIP
+ok 84 selftests: kvm: system_counter_offset_test
+ok 84 selftests: net/forwarding: tc_actions.sh # SKIP
+ok 85 selftests: kvm: pre_fault_memory_test
+ok 85 selftests: net/forwarding: tc_chains.sh # SKIP
+ok 86 selftests: kvm: nx_huge_pages_test.sh
+ok 86 selftests: net/forwarding: tc_flower_router.sh # SKIP
+ok 87 selftests: net/forwarding: tc_flower.sh # SKIP
+ok 88 selftests: net/forwarding: tc_flower_l2_miss.sh # SKIP
+ok 89 selftests: net/forwarding: tc_flower_cfm.sh # SKIP
+ok 8 selftests: drivers/net/bonding: bond-eth-type-change.sh # SKIP
+ok 8 selftests: kvm: cpuid_test
+ok 8 selftests: livepatch: test-kprobe.sh # SKIP
+ok 8 selftests: net/forwarding: bridge_mld.sh # SKIP
+ok 8 selftests: net/packetdrill: tcp_ecn_ecn-uses-ect0.pkt # SKIP
+ok 8 selftests: net/tcp_ao: rst_ipv4
+ok 8 selftests: proc: proc-self-map-files-001
+ok 8 selftests: rseq: param_test_mm_cid_benchmark
+ok 8 selftests: timens: vfork_exec # SKIP
+ok 8 selftests: timers: threadtest
+ok 8 selftests: vDSO: vdso_test_chacha
+ok 90 selftests: net/forwarding: tc_flower_port_range.sh # SKIP
+ok 91 selftests: net/forwarding: tc_mpls_l2vpn.sh # SKIP
+ok 92 selftests: net/forwarding: tc_police.sh # SKIP
+ok 93 selftests: net/forwarding: tc_shblocks.sh # SKIP
+ok 94 selftests: net/forwarding: tc_tunnel_key.sh # SKIP
+ok 95 selftests: net/forwarding: tc_vlan_modify.sh # SKIP
+ok 96 selftests: net/forwarding: vxlan_asymmetric_ipv6.sh # SKIP
+ok 97 selftests: net/forwarding: vxlan_asymmetric.sh # SKIP
+ok 98 selftests: net/forwarding: vxlan_bridge_1d_ipv6.sh # SKIP
+ok 99 selftests: net/forwarding: vxlan_bridge_1d_port_8472_ipv6.sh # SKIP
+ok 9 selftests: drivers/net/bonding: bond_macvlan_ipvlan.sh # SKIP
+ok 9 selftests: kvm: cr4_cpuid_sync_test
+ok 9 selftests: net/forwarding: bridge_port_isolation.sh # SKIP
+ok 9 selftests: net/packetdrill: tcp_eor_no-coalesce-large.pkt # SKIP
+ok 9 selftests: net/tcp_ao: self-connect_ipv4
+ok 9 selftests: proc: proc-self-map-files-002
+ok 9 selftests: rseq: param_test_mm_cid_compare_twice
+ok 9 selftests: timers: rtcpie # SKIP

jira KERNEL-943 cve CVE-2026-31402 Rebuild_History Non-Buildable kernel-6.12.0-124.55.1.el10_1 commit-author Jeff Layton <jlayton@kernel.org> commit 5133b61 The NFSv4.0 replay cache uses a fixed 112-byte inline buffer (rp_ibuf[NFSD4_REPLAY_ISIZE]) to store encoded operation responses. This size was calculated based on OPEN responses and does not account for LOCK denied responses, which include the conflicting lock owner as a variable-length field up to 1024 bytes (NFS4_OPAQUE_LIMIT). When a LOCK operation is denied due to a conflict with an existing lock that has a large owner, nfsd4_encode_operation() copies the full encoded response into the undersized replay buffer via read_bytes_from_xdr_buf() with no bounds check. This results in a slab-out-of-bounds write of up to 944 bytes past the end of the buffer, corrupting adjacent heap memory. This can be triggered remotely by an unauthenticated attacker with two cooperating NFSv4.0 clients: one sets a lock with a large owner string, then the other requests a conflicting lock to provoke the denial. We could fix this by increasing NFSD4_REPLAY_ISIZE to allow for a full opaque, but that would increase the size of every stateowner, when most lockowners are not that large. Instead, fix this by checking the encoded response length against NFSD4_REPLAY_ISIZE before copying into the replay buffer. If the response is too large, set rp_buflen to 0 to skip caching the replay payload. The status is still cached, and the client already received the correct response on the original request. Fixes: 1da177e ("Linux-2.6.12-rc2") Cc: stable@kernel.org Reported-by: Nicholas Carlini <npc@anthropic.com> Tested-by: Nicholas Carlini <npc@anthropic.com> Signed-off-by: Jeff Layton <jlayton@kernel.org> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> (cherry picked from commit 5133b61) Signed-off-by: Jonathan Maple <jmaple@ciq.com>

…red blocks jira KERNEL-943 cve CVE-2026-23270 Rebuild_History Non-Buildable kernel-6.12.0-124.55.1.el10_1 commit-author Victor Nogueira <victor@mojatatu.com> commit 11cb63b As Paolo said earlier [1]: "Since the blamed commit below, classify can return TC_ACT_CONSUMED while the current skb being held by the defragmentation engine. As reported by GangMin Kim, if such packet is that may cause a UaF when the defrag engine later on tries to tuch again such packet." act_ct was never meant to be used in the egress path, however some users are attaching it to egress today [2]. Attempting to reach a middle ground, we noticed that, while most qdiscs are not handling TC_ACT_CONSUMED, clsact/ingress qdiscs are. With that in mind, we address the issue by only allowing act_ct to bind to clsact/ingress qdiscs and shared blocks. That way it's still possible to attach act_ct to egress (albeit only with clsact). [1] https://lore.kernel.org/netdev/674b8cbfc385c6f37fb29a1de08d8fe5c2b0fbee.1771321118.git.pabeni@redhat.com/ [2] https://lore.kernel.org/netdev/cc6bfb4a-4a2b-42d8-b9ce-7ef6644fb22b@ovn.org/ Reported-by: GangMin Kim <km.kim1503@gmail.com> Fixes: 3f14b37 ("net/sched: act_ct: fix skb leak and crash on ooo frags") CC: stable@vger.kernel.org Signed-off-by: Victor Nogueira <victor@mojatatu.com> Acked-by: Jamal Hadi Salim <jhs@mojatatu.com> Link: https://patch.msgid.link/20260225134349.1287037-1-victor@mojatatu.com Signed-off-by: Jakub Kicinski <kuba@kernel.org> (cherry picked from commit 11cb63b) Signed-off-by: Jonathan Maple <jmaple@ciq.com>

jira KERNEL-943 cve CVE-2026-31419 Rebuild_History Non-Buildable kernel-6.12.0-124.55.1.el10_1 commit-author Xiang Mei <xmei5@asu.edu> commit 2884bf7 bond_xmit_broadcast() reuses the original skb for the last slave (determined by bond_is_last_slave()) and clones it for others. Concurrent slave enslave/release can mutate the slave list during RCU-protected iteration, changing which slave is "last" mid-loop. This causes the original skb to be double-consumed (double-freed). Replace the racy bond_is_last_slave() check with a simple index comparison (i + 1 == slaves_count) against the pre-snapshot slave count taken via READ_ONCE() before the loop. This preserves the zero-copy optimization for the last slave while making the "last" determination stable against concurrent list mutations. The UAF can trigger the following crash: ================================================================== BUG: KASAN: slab-use-after-free in skb_clone Read of size 8 at addr ffff888100ef8d40 by task exploit/147 CPU: 1 UID: 0 PID: 147 Comm: exploit Not tainted 7.0.0-rc3+ #4 PREEMPTLAZY Call Trace: <TASK> dump_stack_lvl (lib/dump_stack.c:123) print_report (mm/kasan/report.c:379 mm/kasan/report.c:482) kasan_report (mm/kasan/report.c:597) skb_clone (include/linux/skbuff.h:1724 include/linux/skbuff.h:1792 include/linux/skbuff.h:3396 net/core/skbuff.c:2108) bond_xmit_broadcast (drivers/net/bonding/bond_main.c:5334) bond_start_xmit (drivers/net/bonding/bond_main.c:5567 drivers/net/bonding/bond_main.c:5593) dev_hard_start_xmit (include/linux/netdevice.h:5325 include/linux/netdevice.h:5334 net/core/dev.c:3871 net/core/dev.c:3887) __dev_queue_xmit (include/linux/netdevice.h:3601 net/core/dev.c:4838) ip6_finish_output2 (include/net/neighbour.h:540 include/net/neighbour.h:554 net/ipv6/ip6_output.c:136) ip6_finish_output (net/ipv6/ip6_output.c:208 net/ipv6/ip6_output.c:219) ip6_output (net/ipv6/ip6_output.c:250) ip6_send_skb (net/ipv6/ip6_output.c:1985) udp_v6_send_skb (net/ipv6/udp.c:1442) udpv6_sendmsg (net/ipv6/udp.c:1733) __sys_sendto (net/socket.c:730 net/socket.c:742 net/socket.c:2206) __x64_sys_sendto (net/socket.c:2209) do_syscall_64 (arch/x86/entry/syscall_64.c:63 arch/x86/entry/syscall_64.c:94) entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130) </TASK> Allocated by task 147: Freed by task 147: The buggy address belongs to the object at ffff888100ef8c80 which belongs to the cache skbuff_head_cache of size 224 The buggy address is located 192 bytes inside of freed 224-byte region [ffff888100ef8c80, ffff888100ef8d60) Memory state around the buggy address: ffff888100ef8c00: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc ffff888100ef8c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb >ffff888100ef8d00: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc ^ ffff888100ef8d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb ffff888100ef8e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ================================================================== Fixes: 4e5bd03 ("net: bonding: fix bond_xmit_broadcast return value error bug") Reported-by: Weiming Shi <bestswngs@gmail.com> Signed-off-by: Xiang Mei <xmei5@asu.edu> Link: https://patch.msgid.link/20260326075553.3960562-1-xmei5@asu.edu Signed-off-by: Paolo Abeni <pabeni@redhat.com> (cherry picked from commit 2884bf7) Signed-off-by: Jonathan Maple <jmaple@ciq.com>

jira KERNEL-943 Rebuild_History Non-Buildable kernel-6.12.0-124.55.1.el10_1 commit-author Mario Limonciello <mario.limonciello@amd.com> commit 4bfeea6 Wake on connect is useful for being able to wake up a suspended laptop without opening the lid by plugging into a dock. Add the default policy to the USB4 router when wakeup is enabled for the router. Behavior for individual ports can be controlled by port wakeup settings. Cc: Opal Voravootivat <puthik@google.com> Cc: Raul Rangel <rrangel@chromium.org> Cc: Utkarsh Patel <utkarsh.h.patel@intel.com> Cc: Richard Gong <richard.gong@amd.com> Cc: Sanath S <sanath.s@amd.com> Link: https://lore.kernel.org/linux-usb/20250410042723.GU3152277@black.fi.intel.com/T/#m0249e8c0e1c77ec92a44a3d6c8b4a8e5a9b7114e Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com> (cherry picked from commit 4bfeea6) Signed-off-by: Jonathan Maple <jmaple@ciq.com>

jira KERNEL-943 Rebuild_History Non-Buildable kernel-6.12.0-124.55.1.el10_1 commit-author Mario Limonciello <mario.limonciello@amd.com> commit 1a760d1 commit a5cfc9d ("thunderbolt: Add wake on connect/disconnect on USB4 ports") introduced a sysfs file to control wake up policy for a given USB4 port that defaulted to disabled. However when testing commit 4bfeea6 ("thunderbolt: Use wake on connect and disconnect over suspend") I found that it was working even without making changes to the power/wakeup file (which defaults to disabled). This is because of a logic error doing a bitwise or of the wake-on-connect flag with device_may_wakeup() which should have been a logical AND. Adjust the logic so that policy is only applied when wakeup is actually enabled. Fixes: a5cfc9d ("thunderbolt: Add wake on connect/disconnect on USB4 ports") Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com> (cherry picked from commit 1a760d1) Signed-off-by: Jonathan Maple <jmaple@ciq.com>

jira KERNEL-943 Rebuild_History Non-Buildable kernel-6.12.0-124.55.1.el10_1 commit-author Mario Limonciello <mario.limonciello@amd.com> commit 58d71d4 commit 1a760d1 ("thunderbolt: Fix a logic error in wake on connect") fixated on the USB4 port sysfs wakeup file not working properly to control policy, but it had an unintended side effect that the sysfs file controls policy both at runtime and at suspend time. The sysfs file is supposed to only control behavior while system is suspended. Pass whether programming a port for runtime into usb4_switch_set_wake() and if runtime then ignore the value in the sysfs file. Cc: stable@vger.kernel.org Reported-by: Alexander Kovacs <Alexander.Kovacs@amd.com> Tested-by: Alexander Kovacs <Alexander.Kovacs@amd.com> Fixes: 1a760d1 ("thunderbolt: Fix a logic error in wake on connect") Signed-off-by: Mario Limonciello <mario.limonciello@amd.com> Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com> (cherry picked from commit 58d71d4) Signed-off-by: Jonathan Maple <jmaple@ciq.com>

jira KERNEL-943 Rebuild_History Non-Buildable kernel-6.12.0-124.55.1.el10_1 commit-author Norbert Szetei <norbert@doyensec.com> commit 62397b4 The AF_ALG interface fails to unmark the end of a Scatter/Gather List (SGL) when chaining a new af_alg_tsgl structure. If a sendmsg() fills an SGL exactly to MAX_SGL_ENTS, the last entry is marked as the end. A subsequent sendmsg() allocates a new SGL and chains it, but fails to clear the end marker on the previous SGL's last data entry. This causes the crypto scatterwalk to hit a premature end, returning NULL on sg_next() and leading to a kernel panic during dereference. Fix this by explicitly unmarking the end of the previous SGL when performing sg_chain() in af_alg_alloc_tsgl(). Fixes: 8ff5909 ("crypto: algif_skcipher - User-space interface for skcipher operations") Signed-off-by: Norbert Szetei <norbert@doyensec.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 62397b4) Signed-off-by: Jonathan Maple <jmaple@ciq.com>

jira KERNEL-943 cve CVE-2026-31431 Rebuild_History Non-Buildable kernel-6.12.0-124.55.1.el10_1 commit-author Herbert Xu <herbert@gondor.apana.org.au> commit a664bf3 Empty-Commit: Cherry-Pick Conflicts during history rebuild. Will be included in final tarball splat. Ref for failed cherry-pick at: ciq/ciq_backports/kernel-6.12.0-124.55.1.el10_1/a664bf3d.failed This mostly reverts commit 72548b0 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly. Fixes: 72548b0 ("crypto: algif_aead - copy AAD from src to dst") Reported-by: Taeyang Lee <0wn@theori.io> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit a664bf3) Signed-off-by: Jonathan Maple <jmaple@ciq.com> # Conflicts: # crypto/algif_aead.c

jira KERNEL-943 cve CVE-2026-31677 Rebuild_History Non-Buildable kernel-6.12.0-124.55.1.el10_1 commit-author Douya Le <ldy3087146292@gmail.com> commit 8eceab1 Make af_alg_get_rsgl() limit each RX scatterlist extraction to the remaining receive buffer budget. af_alg_get_rsgl() currently uses af_alg_readable() only as a gate before extracting data into the RX scatterlist. Limit each extraction to the remaining af_alg_rcvbuf(sk) budget so that receive-side accounting matches the amount of data attached to the request. If skcipher cannot obtain enough RX space for at least one chunk while more data remains to be processed, reject the recvmsg call instead of rounding the request length down to zero. Fixes: e870456 ("crypto: algif_skcipher - overhaul memory management") Reported-by: Yifan Wu <yifanwucs@gmail.com> Reported-by: Juefei Pu <tomapufckgml@gmail.com> Co-developed-by: Yuan Tan <yuantan098@gmail.com> Signed-off-by: Yuan Tan <yuantan098@gmail.com> Suggested-by: Xin Liu <bird@lzu.edu.cn> Signed-off-by: Douya Le <ldy3087146292@gmail.com> Signed-off-by: Ren Wei <n05ec@lzu.edu.cn> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 8eceab1) Signed-off-by: Jonathan Maple <jmaple@ciq.com>

jira KERNEL-943 Rebuild_History Non-Buildable kernel-6.12.0-124.55.1.el10_1 commit-author Herbert Xu <herbert@gondor.apana.org.au> commit 31d0015 Empty-Commit: Cherry-Pick Conflicts during history rebuild. Will be included in final tarball splat. Ref for failed cherry-pick at: ciq/ciq_backports/kernel-6.12.0-124.55.1.el10_1/31d00156.failed When page reassignment was added to af_alg_pull_tsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the reassignment so that this does not happen. Also update the comment which still refers to the obsolete offset argument. Reported-by: syzbot+d23888375c2737c17ba5@syzkaller.appspotmail.com Fixes: e870456 ("crypto: algif_skcipher - overhaul memory management") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 31d0015) Signed-off-by: Jonathan Maple <jmaple@ciq.com> # Conflicts: # crypto/af_alg.c

…SN spec jira KERNEL-943 cve CVE-2026-23060 Rebuild_History Non-Buildable kernel-6.12.0-124.55.1.el10_1 commit-author Taeyang Lee <0wn@theori.io> commit 2397e92 authencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than the minimum expected length, crypto_authenc_esn_decrypt() can advance past the end of the destination scatterlist and trigger a NULL pointer dereference in scatterwalk_map_and_copy(), leading to a kernel panic (DoS). Add a minimum AAD length check to fail fast on invalid inputs. Fixes: 104880a ("crypto: authencesn - Convert to new AEAD interface") Reported-By: Taeyang Lee <0wn@theori.io> Signed-off-by: Taeyang Lee <0wn@theori.io> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 2397e92) Signed-off-by: Jonathan Maple <jmaple@ciq.com>

…e decryption jira KERNEL-943 cve CVE-2026-31431 Rebuild_History Non-Buildable kernel-6.12.0-124.55.1.el10_1 commit-author Herbert Xu <herbert@gondor.apana.org.au> commit e024941 Empty-Commit: Cherry-Pick Conflicts during history rebuild. Will be included in final tarball splat. Ref for failed cherry-pick at: ciq/ciq_backports/kernel-6.12.0-124.55.1.el10_1/e0249411.failed When decrypting data that is not in-place (src != dst), there is no need to save the high-order sequence bits in dst as it could simply be re-copied from the source. However, the data to be hashed need to be rearranged accordingly. Reported-by: Taeyang Lee <0wn@theori.io> Fixes: 104880a ("crypto: authencesn - Convert to new AEAD interface") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Thanks, Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit e024941) Signed-off-by: Jonathan Maple <jmaple@ciq.com> # Conflicts: # crypto/authencesn.c

jira KERNEL-943 Rebuild_History Non-Buildable kernel-6.12.0-124.55.1.el10_1 commit-author Herbert Xu <herbert@gondor.apana.org.au> commit 1f48ad3 Empty-Commit: Cherry-Pick Conflicts during history rebuild. Will be included in final tarball splat. Ref for failed cherry-pick at: ciq/ciq_backports/kernel-6.12.0-124.55.1.el10_1/1f48ad3b.failed The src SG list offset wasn't set properly when decrypting in-place, fix it. Reported-by: Wolfgang Walter <linux@stwm.de> Fixes: e024941 ("crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 1f48ad3) Signed-off-by: Jonathan Maple <jmaple@ciq.com> # Conflicts: # crypto/authencesn.c

jira KERNEL-943 Rebuild_History Non-Buildable kernel-6.12.0-124.55.1.el10_1 commit-author Yucheng Lu <kanolyc@gmail.com> commit 5db6ef9 authencesn requires either a zero authsize or an authsize of at least 4 bytes because the ESN encrypt/decrypt paths always move 4 bytes of high-order sequence number data at the end of the authenticated data. While crypto_authenc_esn_setauthsize() already rejects explicit non-zero authsizes in the range 1..3, crypto_authenc_esn_create() still copied auth->digestsize into inst->alg.maxauthsize without validating it. The AEAD core then initialized the tfm's default authsize from that value. As a result, selecting an ahash with digest size 1..3, such as cbcmac(cipher_null), exposed authencesn instances whose default authsize was invalid even though setauthsize() would have rejected the same value. AF_ALG could then trigger the ESN tail handling with a too-short tag and hit an out-of-bounds access. Reject authencesn instances whose ahash digest size is in the invalid non-zero range 1..3 so that no tfm can inherit an unsupported default authsize. Fixes: f15f05b ("crypto: ccm - switch to separate cbcmac driver") Cc: stable@kernel.org Reported-by: Yifan Wu <yifanwucs@gmail.com> Reported-by: Juefei Pu <tomapufckgml@gmail.com> Co-developed-by: Yuan Tan <yuantan098@gmail.com> Signed-off-by: Yuan Tan <yuantan098@gmail.com> Suggested-by: Xin Liu <bird@lzu.edu.cn> Tested-by: Yuhang Zheng <z1652074432@gmail.com> Reviewed-by: Eric Biggers <ebiggers@kernel.org> Signed-off-by: Yucheng Lu <kanolyc@gmail.com> Signed-off-by: Ren Wei <n05ec@lzu.edu.cn> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 5db6ef9) Signed-off-by: Jonathan Maple <jmaple@ciq.com>

jira KERNEL-943 Rebuild_History Non-Buildable kernel-6.12.0-124.55.1.el10_1 commit-author Herbert Xu <herbert@gondor.apana.org.au> commit 3d14bd4 The check for the minimum receive buffer size did not take the tag size into account during decryption. Fix this by adding the required extra length. Reported-by: syzbot+aa11561819dc42ebbc7c@syzkaller.appspotmail.com Reported-by: Daniel Pouzzner <douzzer@mega.nu> Fixes: d887c52 ("crypto: algif_aead - overhaul memory management") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 3d14bd4) Signed-off-by: Jonathan Maple <jmaple@ciq.com>

jira KERNEL-943 Rebuild_History Non-Buildable kernel-6.12.0-124.55.1.el10_1 commit-author Douya Le <ldy3087146292@gmail.com> commit 5aa58c3 Empty-Commit: Cherry-Pick Conflicts during history rebuild. Will be included in final tarball splat. Ref for failed cherry-pick at: ciq/ciq_backports/kernel-6.12.0-124.55.1.el10_1/5aa58c3a.failed AF_ALG AEAD AIO requests currently use the socket-wide IV buffer during request processing. For async requests, later socket activity can update that shared state before the original request has fully completed, which can lead to inconsistent IV handling. Snapshot the IV into per-request storage when preparing the AEAD request, so in-flight operations no longer depend on mutable socket state. Fixes: d887c52 ("crypto: algif_aead - overhaul memory management") Cc: stable@kernel.org Reported-by: Yuan Tan <yuantan098@gmail.com> Reported-by: Yifan Wu <yifanwucs@gmail.com> Reported-by: Juefei Pu <tomapufckgml@gmail.com> Reported-by: Xin Liu <bird@lzu.edu.cn> Co-developed-by: Luxing Yin <tr0jan@lzu.edu.cn> Signed-off-by: Luxing Yin <tr0jan@lzu.edu.cn> Tested-by: Yucheng Lu <kanolyc@gmail.com> Signed-off-by: Douya Le <ldy3087146292@gmail.com> Signed-off-by: Ren Wei <n05ec@lzu.edu.cn> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> (cherry picked from commit 5aa58c3) Signed-off-by: Jonathan Maple <jmaple@ciq.com> # Conflicts: # crypto/algif_aead.c

Rebuild_History BUILDABLE Rebuilding Kernel from rpm changelog with Fuzz Limit: 87.50% Number of commits in upstream range v6.12~1..kernel-mainline: 122058 Number of commits in rpm: 19 Number of commits matched with upstream: 16 (84.21%) Number of commits in upstream but not in rpm: 122042 Number of commits NOT found in upstream: 3 (15.79%) Rebuilding Kernel on Branch rocky10_1_rebuild_kernel-6.12.0-124.55.1.el10_1 for kernel-6.12.0-124.55.1.el10_1 Clean Cherry Picks: 11 (68.75%) Empty Cherry Picks: 5 (31.25%) _______________________________ Full Details Located here: ciq/ciq_backports/kernel-6.12.0-124.55.1.el10_1/rebuild.details.txt Includes: * git commit header above * Empty Commits with upstream SHA * RPM ChangeLog Entries that could not be matched Individual Empty Commit failures contained in the same containing directory. The git message for empty commits will have the path for the failed commit. File names are the first 8 characters of the upstream SHA

bmastbergen

🥌

PlaidCat added 17 commits May 5, 2026 14:35

PlaidCat self-assigned this May 5, 2026

PlaidCat requested review from a team May 5, 2026 19:45

bmastbergen approved these changes May 5, 2026

View reviewed changes

PlaidCat requested a review from a team May 5, 2026 20:11

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[rocky10_1] History Rebuild through kernel-6.12.0-124.55.1.el10_1#1180

[rocky10_1] History Rebuild through kernel-6.12.0-124.55.1.el10_1#1180
PlaidCat wants to merge 17 commits intorocky10_1from
rocky10_1_rebuild

PlaidCat commented May 5, 2026 •

edited by atlassian Bot

Loading

Uh oh!

bmastbergen left a comment

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

2 participants

Conversation

PlaidCat commented May 5, 2026 • edited by atlassian Bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

JIRA Tickets

Rebuild Splat Inspection

kernel-6.12.0-124.55.1.el10_1

BUILD

KSelfTests

Uh oh!

bmastbergen left a comment

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

2 participants

PlaidCat commented May 5, 2026 •

edited by atlassian Bot

Loading