"Jian Yu <yujian@whamcloud.com>" uploaded a new patch: https://review.whamcloud.com/c/fs/lustre-release/+/48938
Subject: LU-16221 kernel: new kernel [RHEL 9.1 5.14.0-160.el9]
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: c006a39467126c43ed089d3bd8e963999af27d2a

RHEL 9.1 client support depends on some patches in series https://review.whamcloud.com/48365.

With the above patch series applied on master branch, RHEL 9.1 client build passed on Jenkins. However, due to the compatibility issues introduced in patch https://review.whamcloud.com/48820, RHEL 7.9 build failed. I have a fix in patch set 2, which is pending review.

"Jian Yu <yujian@whamcloud.com>" uploaded a new patch: https://review.whamcloud.com/c/fs/lustre-release/+/49107
Subject: LU-16221 ldiskfs: rename BIO_MAX_PAGES to BIO_MAX_VECS
Project: fs/lustre-release
Branch: b2_15
Current Patch Set: 1
Commit: 609cc5006ef829b0b353e32285bb7011f3e3d727

"Jian Yu <yujian@whamcloud.com>" uploaded a new patch: https://review.whamcloud.com/c/fs/lustre-release/+/49124
Subject: LU-16221 kernel: new kernel [RHEL 9.1 5.14.0-160.el9]
Project: fs/lustre-release
Branch: b2_15
Current Patch Set: 1
Commit: 15e795d1a1f26932bb9151e61784aff2fe7516f5

An update for kernel is now available for Red Hat Enterprise Linux 9.1: 5.14.0-162.6.1.el9_1

Security Fix(es):

• off-path attacker may inject data or terminate victim's TCP session (CVE-2020-36516)
• use-after-free vulnerability in function sco_sock_sendmsg() (CVE-2021-3640)
• smb2_ioctl_query_info NULL pointer dereference (CVE-2022-0168)
• NULL pointer dereference in udf_expand_file_adinicbdue() during writeback (CVE-2022-0617)
• swiotlb information leak with DMA_FROM_DEVICE (CVE-2022-0854)
• uninitialized registers on stack in nft_do_chain can cause kernel pointer leakage to UM (CVE-2022-1016)
• race condition in snd_pcm_hw_free leading to use-after-free (CVE-2022-1048)
• use-after-free and memory errors in ext4 when mounting and operating on a corrupted image (CVE-2022-1184)
• concurrency use-after-free between drm_setmaster_ioctl and drm_mode_getresources (CVE-2022-1280)
• kernel info leak issue in pfkey_register (CVE-2022-1353)
• use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges (CVE-2022-1679)
• NULL pointer dereference in x86_emulate_insn may lead to DoS (CVE-2022-1852)
• fanotify misuses fd_install() which could lead to use-after-free (CVE-2022-1998)
• nf_tables cross-table potential use-after-free may lead to local privilege escalation (CVE-2022-2586)
• integer underflow leads to out-of-bounds write in reserve_sfa_size() (CVE-2022-2639)
• slab-out-of-bounds access in packet_recvmsg() (CVE-2022-20368)
• incomplete clean-up of multi-core shared buffers (aka SBDR) (CVE-2022-21123)
• incomplete clean-up of microarchitectural fill buffers (aka SBDS) (CVE-2022-21125)
• incomplete clean-up in specific special register write operations (aka DRPW) (CVE-2022-21166)
• possible to use the debugger to write zero into a location of choice (CVE-2022-21499)
• AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-23816, CVE-2022-29900)
• AMD: Branch Type Confusion (non-retbleed) (CVE-2022-23825)
• Intel: Post-barrier Return Stack Buffer Predictions (CVE-2022-26373)
• double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c (CVE-2022-28390)
• use after free in SUNRPC subsystem (CVE-2022-28893)
• use-after-free due to improper update of reference count in net/sched/cls_u32.c (CVE-2022-29581)
• Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-29901)
• DoS in nfqnl_mangle in net/netfilter/nfnetlink_queue.c (CVE-2022-36946)
• nf_tables disallow binding to already bound chain (CVE-2022-39190)
• nfs_atomic_open() returns uninitialized data instead of ENOTDIR (CVE-2022-24448)

https://access.redhat.com/errata/RHSA-2022:8267?sc_cid=701600000006NHXAA2

Dear Developers,

The patches won't apply cleanly to current  b2_15 at the time of writing this
Is is possible that RHEL9.1 support will be included in upcoming 2.15.2 release (at least for client?)

lflis

We're not planning to include RHEL 9.1 client support in Lustre 2.15.2 (RC1 of which is already in testing) because a large number of changes are needed and demand seemed to be low compared to the demand for the distributions already available (we enquired about this at the SC22 Lustre BOF). There is a patch series queued up - https://review.whamcloud.com/c/fs/lustre-release/+/49124 - which you could test out and I would expect us to have this landed to b2_15 early in the new year.

HTH

Peter

An update for kernel is now available for Red Hat Enterprise Linux 9.1: 5.14.0-162.12.1.el9_1

Security Fix(es):

• kernel: watch queue race condition can lead to privilege escalation (CVE-2022-2959)
• kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964)
• kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139)
• kernel: nfsd buffer overflow by RPC message over TCP with garbage data (CVE-2022-43945)
• kernel: i2c: unbounded length leads to buffer overflow in ismt_access() (CVE-2022-3077)
• kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594)

Bug Fix(es):

• Intel 9.2: Important iavf bug fixes (BZ#2127884)
• vfio zero page mappings fail after 2M instances (BZ#2128514)
• nvme-tcp automatic reconnect fails intermittently during EMC powerstore NDU operation (BZ#2131359)
• ice: Driver Update to 5.19 (BZ#2132070)
• WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105 ex_handler_fprestore+0x3f/0x50 (BZ#2134588)
• drm: duplicated call of drm_privacy_screen_register_notifier() in drm_connector_register() (BZ#2134619)
• updating the appid field through sysfs is returning an -EINVAL error (BZ#2136914)
• DELL EMC: System is not booting into RT Kernel with perc12. (BZ#2139213)
• No signal showed in the VGA monitor when installing RHEL9 in the legacy bios mode (BZ#2140153)
• Practically limit "Dummy wait" workaround to old Intel systems (BZ#2142168)
• ppc64le: unexpected oom panic when there's enough memory left in zswap test (BZ#2143976)
• fatal error: error in backend: Branch target out of insn range (BZ#2144902)
• AMdCLIENT: The kernel command line parameter "nomodeset" not working properly (BZ#2145217)
• Azure: PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time (BZ#2150910)
• Azure z-stream: Sometimes newly deployed VMs are not getting accelerated network during provisioning (BZ#2151605)
• DELL 9.0 RT - On PE R760 system, call traces are observed dmesg when system is running stress (BZ#2154407)

Full details and references:
https://access.redhat.com/errata/RHSA-2023:0334?sc_cid=701600000006NHXAA2

Patch https://review.whamcloud.com/48938 for master branch and patch series https://review.whamcloud.com/49124 (30 patches) for b2_15 branch have been updated.
Testing is in progress.

On master branch, sanity tests passed on RHEL 9.1 client with RHEL 8.5 server:
https://testing.whamcloud.com/test_sessions/ba81d684-bfd1-4886-8abb-b8cec2853664

"Jian Yu <yujian@whamcloud.com>" uploaded a new patch: https://review.whamcloud.com/c/fs/lustre-release/+/49902
Subject: LU-16221 tests: full group testing on RHEL 9.1 client
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 5ebfd25a8197abd1c87d26b62a2ffcc832f893a6

"Jian Yu <yujian@whamcloud.com>" uploaded a new patch: https://review.whamcloud.com/c/fs/lustre-release/+/49921
Subject: LU-16221 kernel: RHEL 9.1 server support
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 2cc0f4519a70a9f64f529a5212aaaf679c2bc42d

"Oleg Drokin <green@whamcloud.com>" merged in patch https://review.whamcloud.com/c/fs/lustre-release/+/48938/
Subject: LU-16221 kernel: new kernel [RHEL 9.1 5.14.0-162.12.1.el9_1]
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: a05d02ea0e43bc656b0c25b8cd821323857e6cc2

"Jian Yu <yujian@whamcloud.com>" uploaded a new patch: https://review.whamcloud.com/c/fs/lustre-release/+/49964
Subject: LU-16221 tests: full group testing on RHEL 9.1 client
Project: fs/lustre-release
Branch: b2_15
Current Patch Set: 1
Commit: 2bd47d535d14362c8ec802079ed121eb176b14c9

On master branch, sanity tests passed on RHEL 9.1 client with RHEL 9.1 server (ldiskfs):
https://testing.whamcloud.com/test_sessions/5196c3f6-fb85-4701-a086-b42d4f41671b
 

An update for kernel is now available for Red Hat Enterprise Linux 9.1: 5.14.0-162.18.1.el9_1

Security Fix(es):

• kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)
• kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)
• kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service attack (CVE-2022-4379)
• kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan (CVE-2023-0179)
• kernel: an out-of-bounds vulnerability in i2c-ismt driver (CVE-2022-2873)

Bug Fix(es):

• RHEL 9.0: LTP Test failure and crash at fork14 on Sapphire Rapids Platinum 8280+ (BZ#2133083)
• RHEL 9.1 Extending NMI watchdog's timer during LPM (BZ#2140085)
• AMDSERVER 9.1: amdpstate driver incorrectly designed to load as default for Genoa (BZ#2151274)
• qla2xxx NVMe-FC: WARNING: CPU: 0 PID: 124072 at drivers/scsi/qla2xxx/qla_init.c:70 qla2xxx_rel_done_warning+0x25/0x30 [qla2xxx] (BZ#2152178)
• Regression: Kernel panic on Lenovo T480 with AH40 USB-C docking station (BZ#2153277)
• Scheduler Update (rhel9.2) (BZ#2153792)
• RHEL9.1, Nx_Gzip: nr_total_credits is not decremented when processing units are reduced by dlpar in shared mode. (FW1030 / DLPAR) (BZ#2154305)
• MSFT, MANA, NET Patch RHEL-9: Fix race on per-CQ variable napi_iperf panic fix (BZ#2155145)
• Azure vPCI RHEL-9 add the support of multi-MSI (BZ#2155459)
• Azure RHEL-9: VM Deployment Failures Patch Request (BZ#2155930)
• The 'date' command shows wrong time in nested KVM s390x guest (BZ#2158815)
• RHEL-9.2: Update NVMe driver to sync with upstream v6.0 (BZ#2161344)
• CEE cephfs: RHEL9 cephfs client crashing with RIP: 0010:netfs_rreq_unlock+0xef/0x380 [netfs] (BZ#2161418)
• block layer: update with upstream v6.0 (BZ#2162535)

https://access.redhat.com/errata/RHSA-2023:0951?sc_cid=701600000006NHXAA2

"Jian Yu <yujian@whamcloud.com>" uploaded a new patch: https://review.whamcloud.com/c/fs/lustre-release/+/50177
Subject: LU-16221 kernel: update RHEL 9.1 [5.14.0-162.18.1.el9_1]
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: ae128e3a29f10fc9bdb5711c1c27e2edaa35a82b

"Oleg Drokin <green@whamcloud.com>" merged in patch https://review.whamcloud.com/c/fs/lustre-release/+/49124/
Subject: LU-16221 kernel: new kernel [RHEL 9.1 5.14.0-162.18.1.el9_1]
Project: fs/lustre-release
Branch: b2_15
Current Patch Set:
Commit: ada51f930d4c81e2bb22088e8702e3edd6ac4be4

"Oleg Drokin <green@whamcloud.com>" merged in patch https://review.whamcloud.com/c/fs/lustre-release/+/50177/
Subject: LU-16221 kernel: update RHEL 9.1 [5.14.0-162.18.1.el9_1]
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: 0366422cfd1e972978d2617d174240656cf07f77

"Oleg Drokin <green@whamcloud.com>" merged in patch https://review.whamcloud.com/c/fs/lustre-release/+/49921/
Subject: LU-16221 kernel: RHEL 9.1 server support
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: d7e20133c35ecd03314636a748d32b1c8814b189

Landed for 2.16 and 2.15.3

"Minh Diep <mdiep@whamcloud.com>" uploaded a new patch: https://review.whamcloud.com/c/fs/lustre-release/+/50865
Subject: LU-16221 build: modify kmodtool for rhel9
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: c461c0a580bc39096c354ed86b07457e25e4dc91

"Oleg Drokin <green@whamcloud.com>" merged in patch https://review.whamcloud.com/c/fs/lustre-release/+/50865/
Subject: LU-16221 build: modify kmodtool for rhel9
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: c2e5181fe1faec6f375ea7512f60edd802e33946