RHEL 10.0 support

2025-01-14 Jan Stancek <jstancek@redhat.com> [6.12.0-41.el10]

    - netfilter: IDLETIMER: Fix for possible ABBA deadlock (Phil Sutter) [RHEL-70301]
    - tcp: Fix use-after-free of nreq in reqsk_timer_handler(). (Guillaume Nault) [RHEL-73194]
    - netfilter: nf_tables: do not defer rule destruction via call_rcu (Florian Westphal) [RHEL-68691]
    - sched/numa: fix memory leak due to the overwritten vma->numab_state (Phil Auld) [RHEL-67478]
    - netfilter: ipset: Fix for recursive locking warning (Phil Sutter) [RHEL-71827]
    - NFSD: Mark exports of NFS as unsupported (Benjamin Coddington) [RHEL-50656]
    - netdev-genl: Hold rcu_read_lock in napi_get (Paolo Abeni) [RHEL-73205]
    - net: avoid potential UAF in default_operstate() (Paolo Abeni) [RHEL-73205] {CVE-2024-56635}
    - net: defer final 'struct net' free in netns dismantle (Paolo Abeni) [RHEL-73205] {CVE-2024-56658}
    - net: restrict SO_REUSEPORT to inet sockets (Paolo Abeni) [RHEL-73205]
    - Revert "rtnetlink: add guard for RTNL" (Paolo Abeni) [RHEL-73205]
    - netlink: fix false positive warning in extack during dumps (Paolo Abeni) [RHEL-73205] {CVE-2024-53212}
    - tcp: check space before adding MPTCP SYN options (Paolo Abeni) [RHEL-73143]
    - net: fix memory leak in tcp_conn_request() (Paolo Abeni) [RHEL-73143]
    - Revert "udp: avoid calling sock_def_readable() if possible" (Paolo Abeni) [RHEL-73132]
    - netfilter: ipset: Hold module reference while requesting a module (Phil Sutter) [RHEL-69538]
    - redhat: make kernel-debug-uki-virt installable without kernel-debug-core (Vitaly Kuznetsov) [RHEL-72983]
    - KVM: arm64: Fix S1/S2 combination when FWB==1 and S2 has Device memory type (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Do not allow ID_AA64MMFR0_EL1.ASIDbits to be overridden (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: vgic-its: Add error handling in vgic_its_cache_translation (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: selftests: Add tests for MMIO external abort injection (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: selftests: Convert to kernel's ESR terminology (Shaoqin Huang) [RHEL-68039]
    - tools: arm64: Grab a copy of esr.h from kernel (Shaoqin Huang) [RHEL-68039]
    - KVM: selftests: Don't bother deleting memslots in KVM when freeing VMs (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: vgic-its: Add stronger type-checking to the ITS entry sizes (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: vgic: Kill VGIC_MAX_PRIVATE definition (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: vgic: Make vgic_get_irq() more robust (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Pass on SVE mapping failures (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Don't map 'kvm_vgic_global_state' at EL2 with pKVM (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Just advertise SEIS as 0 when emulating ICC_CTLR_EL1 (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Don't retire aborted MMIO instruction (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Get rid of userspace_irqchip_in_use (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Initialize trap register values in hyp in pKVM (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Initialize the hypervisor's VM state at EL2 (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Refactor kvm_vcpu_enable_ptrauth() for hyp use (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Move pkvm_vcpu_init_traps() to init_pkvm_hyp_vcpu() (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Correctly access TCR2_EL1, PIR_EL1, PIRE0_EL1 with VHE (Shaoqin Huang) [RHEL-68039]