[LU-18667] RHEL 10.0 support - Whamcloud Community JIRA

Details

Type: Improvement
Resolution: Unresolved
Priority: Minor
Fix Version/s: None
Affects Version/s: Lustre 2.17.0
Labels:
None

Severity:
3
Rank (Obsolete):
9223372036854775807

Description

Release Notes for Red Hat Enterprise Linux 10.0 Beta:
https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10-beta/html/10.0_beta_release_notes/index
Key differences between RHEL 9 and RHEL 10:
https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10-beta/html/considerations_in_adopting_rhel_10/index

Red Hat Enterprise Linux 10.0 Beta release kernel version: 6.12.0-41.el10

2025-01-14 Jan Stancek <jstancek@redhat.com> [6.12.0-41.el10]

    - netfilter: IDLETIMER: Fix for possible ABBA deadlock (Phil Sutter) [RHEL-70301]
    - tcp: Fix use-after-free of nreq in reqsk_timer_handler(). (Guillaume Nault) [RHEL-73194]
    - netfilter: nf_tables: do not defer rule destruction via call_rcu (Florian Westphal) [RHEL-68691]
    - sched/numa: fix memory leak due to the overwritten vma->numab_state (Phil Auld) [RHEL-67478]
    - netfilter: ipset: Fix for recursive locking warning (Phil Sutter) [RHEL-71827]
    - NFSD: Mark exports of NFS as unsupported (Benjamin Coddington) [RHEL-50656]
    - netdev-genl: Hold rcu_read_lock in napi_get (Paolo Abeni) [RHEL-73205]
    - net: avoid potential UAF in default_operstate() (Paolo Abeni) [RHEL-73205] {CVE-2024-56635}
    - net: defer final 'struct net' free in netns dismantle (Paolo Abeni) [RHEL-73205] {CVE-2024-56658}
    - net: restrict SO_REUSEPORT to inet sockets (Paolo Abeni) [RHEL-73205]
    - Revert "rtnetlink: add guard for RTNL" (Paolo Abeni) [RHEL-73205]
    - netlink: fix false positive warning in extack during dumps (Paolo Abeni) [RHEL-73205] {CVE-2024-53212}
    - tcp: check space before adding MPTCP SYN options (Paolo Abeni) [RHEL-73143]
    - net: fix memory leak in tcp_conn_request() (Paolo Abeni) [RHEL-73143]
    - Revert "udp: avoid calling sock_def_readable() if possible" (Paolo Abeni) [RHEL-73132]
    - netfilter: ipset: Hold module reference while requesting a module (Phil Sutter) [RHEL-69538]
    - redhat: make kernel-debug-uki-virt installable without kernel-debug-core (Vitaly Kuznetsov) [RHEL-72983]
    - KVM: arm64: Fix S1/S2 combination when FWB==1 and S2 has Device memory type (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Do not allow ID_AA64MMFR0_EL1.ASIDbits to be overridden (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: vgic-its: Add error handling in vgic_its_cache_translation (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: selftests: Add tests for MMIO external abort injection (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: selftests: Convert to kernel's ESR terminology (Shaoqin Huang) [RHEL-68039]
    - tools: arm64: Grab a copy of esr.h from kernel (Shaoqin Huang) [RHEL-68039]
    - KVM: selftests: Don't bother deleting memslots in KVM when freeing VMs (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: vgic-its: Add stronger type-checking to the ITS entry sizes (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: vgic: Kill VGIC_MAX_PRIVATE definition (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: vgic: Make vgic_get_irq() more robust (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: vgic-v3: Sanitise guest writes to GICR_INVLPIR (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Pass on SVE mapping failures (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Don't map 'kvm_vgic_global_state' at EL2 with pKVM (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Just advertise SEIS as 0 when emulating ICC_CTLR_EL1 (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Don't retire aborted MMIO instruction (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Get rid of userspace_irqchip_in_use (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Initialize trap register values in hyp in pKVM (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Initialize the hypervisor's VM state at EL2 (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Refactor kvm_vcpu_enable_ptrauth() for hyp use (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Move pkvm_vcpu_init_traps() to init_pkvm_hyp_vcpu() (Shaoqin Huang) [RHEL-68039]
    - KVM: arm64: Correctly access TCR2_EL1, PIR_EL1, PIRE0_EL1 with VHE (Shaoqin Huang) [RHEL-68039]

https://access.redhat.com/downloads/content/rhel---10/x86_64/20931/kernel/6.12.0-41.el10/x86_64/fd431d51/package-changelog

Attachments

Activity

[LU-18667] RHEL 10.0 support

Gerrit Updater added a comment - 11/Jun/25 3:57 PM

"Jian Yu <yujian@whamcloud.com>" uploaded a new patch: https://review.whamcloud.com/c/fs/lustre-release/+/59708
Subject: LU-18667 kernel: new kernel [RHEL 10.0 6.12.0-55.16.1.el10_0]
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 8d1dceae6a998df09425d2ca72192e10859684ef

Gerrit Updater added a comment - 11/Jun/25 3:57 PM "Jian Yu <yujian@whamcloud.com>" uploaded a new patch: https://review.whamcloud.com/c/fs/lustre-release/+/59708 Subject: LU-18667 kernel: new kernel [RHEL 10.0 6.12.0-55.16.1.el10_0] Project: fs/lustre-release Branch: master Current Patch Set: 1 Commit: 8d1dceae6a998df09425d2ca72192e10859684ef

Jian Yu added a comment - 03/Jun/25 5:21 AM

An update for kernel is now available for Red Hat Enterprise Linux 10: 6.12.0-55.14.1.el10_0

Security Fix(es):
- kernel: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (CVE-2025-21919)
- kernel: cifs: Fix integer overflow while processing acregmax mount option (CVE-2025-21964)
- kernel: ext4: fix OOB read when checking dotdot dir (CVE-2025-37785)

https://access.redhat.com/errata/product/479/ver=/rhel---10/x86_64/RHSA-2025:8374

Jian Yu added a comment - 03/Jun/25 5:21 AM An update for kernel is now available for Red Hat Enterprise Linux 10: 6.12.0-55.14.1.el10_0 Security Fix(es): - kernel: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (CVE-2025-21919) - kernel: cifs: Fix integer overflow while processing acregmax mount option (CVE-2025-21964) - kernel: ext4: fix OOB read when checking dotdot dir (CVE-2025-37785) https://access.redhat.com/errata/product/479/ver=/rhel---10/x86_64/RHSA-2025:8374

Jian Yu added a comment - 19/May/25 3:32 PM

An update for kernel is now available for Red Hat Enterprise Linux 10: 6.12.0-55.12.1.el10_0

Security Fix(es):
- kernel: dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (CVE-2025-21966)
- kernel: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (CVE-2025-21993)

https://access.redhat.com/errata/product/479/ver=/rhel---10/x86_64/RHSA-2025:7956

Jian Yu added a comment - 19/May/25 3:32 PM An update for kernel is now available for Red Hat Enterprise Linux 10: 6.12.0-55.12.1.el10_0 Security Fix(es): - kernel: dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (CVE-2025-21966) - kernel: iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (CVE-2025-21993) https://access.redhat.com/errata/product/479/ver=/rhel---10/x86_64/RHSA-2025:7956

Jian Yu added a comment - 13/May/25 6:12 PM

An update for kernel is now available for Red Hat Enterprise Linux 10: 6.12.0-55.11.1.el10_0

Security Fix(es):
- kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (CVE-2025-21927)

https://access.redhat.com/errata/product/479/ver=/rhel---10/x86_64/RHSA-2025:7501

Jian Yu added a comment - 13/May/25 6:12 PM An update for kernel is now available for Red Hat Enterprise Linux 10: 6.12.0-55.11.1.el10_0 Security Fix(es): - kernel: nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (CVE-2025-21927) https://access.redhat.com/errata/product/479/ver=/rhel---10/x86_64/RHSA-2025:7501

Jian Yu added a comment - 13/May/25 3:54 PM

RHEL 10.0 is GA with kernel version 6.12.0-55.9.1.el10_0:
https://access.redhat.com/errata/RHBA-2025:6295

Jian Yu added a comment - 13/May/25 3:54 PM RHEL 10.0 is GA with kernel version 6.12.0-55.9.1.el10_0: https://access.redhat.com/errata/RHBA-2025:6295

Jian Yu added a comment - 29/Mar/25 2:02 AM

2025-03-17 Jan Stancek <jstancek@redhat.com> [6.12.0-55.7.1.el10_0]
    - Enable Intel VPU driver for RHEL (Fabien Dupont) [RHEL-38582]
    - arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (Radu Rendec) [RHEL-80226]
    - smb: client: fix chmod(2) regression with ATTR_READONLY (Jay Shin) [RHEL-82677 RHEL-80534]
    - kabi: enable check-kabi (Čestmír Kalina) [RHEL-79881]
    - kabi: add symbol zap_vma_ptes to stablelist (Čestmír Kalina) [RHEL-79881] 
<~snip~>

Jian Yu added a comment - 29/Mar/25 2:02 AM 2025-03-17 Jan Stancek <jstancek@redhat.com> [6.12.0-55.7.1.el10_0] - Enable Intel VPU driver for RHEL (Fabien Dupont) [RHEL-38582] - arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (Radu Rendec) [RHEL-80226] - smb: client: fix chmod(2) regression with ATTR_READONLY (Jay Shin) [RHEL-82677 RHEL-80534] - kabi: enable check-kabi (Čestmír Kalina) [RHEL-79881] - kabi: add symbol zap_vma_ptes to stablelist (Čestmír Kalina) [RHEL-79881] <~snip~>

Jian Yu added a comment - 07/Mar/25 6:47 PM

2025-02-27 Jan Stancek <jstancek@redhat.com> [6.12.0-55.1.1.el10_0]
    - redhat: adjust rhel branch name (Jan Stancek)
    - redhat: set defaults for RHEL 10.0 (Jan Stancek)
    - Revert "x86/kvm: Override default caching mode for SEV-SNP and TDX" (Vitaly Kuznetsov) [RHEL-76109]

Jian Yu added a comment - 07/Mar/25 6:47 PM 2025-02-27 Jan Stancek <jstancek@redhat.com> [6.12.0-55.1.1.el10_0] - redhat: adjust rhel branch name (Jan Stancek) - redhat: set defaults for RHEL 10.0 (Jan Stancek) - Revert "x86/kvm: Override default caching mode for SEV-SNP and TDX" (Vitaly Kuznetsov) [RHEL-76109]

Jian Yu added a comment - 25/Feb/25 8:11 AM

2025-02-16 Jan Stancek <jstancek@redhat.com> [6.12.0-55.el10]
    - ovl: support encoding fid from inode with no alias (Miklos Szeredi) [RHEL-77301] {CVE-2025-21654}
    - ovl: pass realinode to ovl_encode_real_fh() instead of realdentry (Miklos Szeredi) [RHEL-77301] {CVE-2025-21654}
    - pmdomain: imx8mp-blk-ctrl: add missing loop break condition (CKI Backport Bot) [RHEL-77240] {CVE-2025-21668}
    - io_uring/rsrc: require cloned buffers to share accounting contexts (Jeff Moyer) [RHEL-78677] {CVE-2025-21686}
    - vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (CKI Backport Bot) [RHEL-77214] {CVE-2025-21666}
    - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (CKI Backport Bot) [RHEL-78685] {CVE-2025-21689}
    - lazy tlb: fix hotplug exit race with MMU_LAZY_TLB_SHOOTDOWN (Herton R. Krzesinski) [RHEL-58817]

Jian Yu added a comment - 25/Feb/25 8:11 AM 2025-02-16 Jan Stancek <jstancek@redhat.com> [6.12.0-55.el10] - ovl: support encoding fid from inode with no alias (Miklos Szeredi) [RHEL-77301] {CVE-2025-21654} - ovl: pass realinode to ovl_encode_real_fh() instead of realdentry (Miklos Szeredi) [RHEL-77301] {CVE-2025-21654} - pmdomain: imx8mp-blk-ctrl: add missing loop break condition (CKI Backport Bot) [RHEL-77240] {CVE-2025-21668} - io_uring/rsrc: require cloned buffers to share accounting contexts (Jeff Moyer) [RHEL-78677] {CVE-2025-21686} - vsock: prevent null-ptr-deref in vsock_*[has_data|has_space] (CKI Backport Bot) [RHEL-77214] {CVE-2025-21666} - USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (CKI Backport Bot) [RHEL-78685] {CVE-2025-21689} - lazy tlb: fix hotplug exit race with MMU_LAZY_TLB_SHOOTDOWN (Herton R. Krzesinski) [RHEL-58817]

People

Assignee:: Jian Yu

Reporter:: Jian Yu

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 22/Jan/25 8:50 PM

Updated:: 12/Jun/25 11:57 AM