From 8d349075154175caba3719643566d606f6e8ba0f Mon Sep 17 00:00:00 2001 From: Lishan Liu Date: Fri, 2 Jan 2026 08:42:32 +0000 Subject: [PATCH] Update kernel to 6.12.61 Update kernel to 6.12.61 Signed-off-by: Lishan Liu --- .../kernel-headers.signatures.json | 2 +- SPECS/kernel-headers/kernel-headers.spec | 9 +- ...no-force-probe-needed-for-mtl-platform.drm | 29 +++ SPECS/kernel-rt/CVE-2025-40215.patch | 191 +++++++++++++++ SPECS/kernel-rt/kernel-rt.signatures.json | 2 +- SPECS/kernel-rt/kernel-rt.spec | 230 ++++++++++++------ SPECS/kernel-rt/series | 9 +- ...no-force-probe-needed-for-mtl-platform.drm | 29 +++ SPECS/kernel/CVE-2025-40215.patch | 191 +++++++++++++++ SPECS/kernel/kernel-uki.spec | 5 +- SPECS/kernel/kernel.signatures.json | 2 +- SPECS/kernel/kernel.spec | 230 ++++++++++++------ SPECS/kernel/series | 9 +- .../nvidia-data-center-driver.spec | 5 +- cgmanifest.json | 12 +- .../manifests/package/pkggen_core_x86_64.txt | 2 +- .../manifests/package/toolchain_x86_64.txt | 4 +- .../scripts/toolchain/container/Dockerfile | 2 +- .../toolchain/container/toolchain-sha256sums | 2 +- .../container/toolchain_build_temp_tools.sh | 4 +- 20 files changed, 782 insertions(+), 187 deletions(-) create mode 100644 SPECS/kernel-rt/0001-drm-i915-no-force-probe-needed-for-mtl-platform.drm create mode 100644 SPECS/kernel-rt/CVE-2025-40215.patch create mode 100644 SPECS/kernel/0001-drm-i915-no-force-probe-needed-for-mtl-platform.drm create mode 100644 SPECS/kernel/CVE-2025-40215.patch diff --git a/SPECS/kernel-headers/kernel-headers.signatures.json b/SPECS/kernel-headers/kernel-headers.signatures.json index f0cfcd27e5..7412256530 100644 --- a/SPECS/kernel-headers/kernel-headers.signatures.json +++ b/SPECS/kernel-headers/kernel-headers.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "linux-6.12.59.tar.gz": "93dfe627d321f016291054449a8e4bf9051de19687fbf1a6f584a2b79f8f5d2c" + "linux-6.12.61.tar.gz": "7fb34abab0902a47ce1d47de58442e69e0e79d17f565b41fcb11249ea5b23801" } } diff --git a/SPECS/kernel-headers/kernel-headers.spec b/SPECS/kernel-headers/kernel-headers.spec index 5f2eded90c..03e178dd51 100644 --- a/SPECS/kernel-headers/kernel-headers.spec +++ b/SPECS/kernel-headers/kernel-headers.spec @@ -13,14 +13,14 @@ Summary: Linux API header files Name: kernel-headers -Version: 6.12.59 +Version: 6.12.61 Release: 1%{?dist} License: GPLv2 Vendor: Intel Corporation Distribution: Edge Microvisor Toolkit Group: System Environment/Kernel URL: https://www.kernel.org/pub/linux/kernel -Source0: https://www.kernel.org/pub/linux/kernel/v6.x/linux-6.12.59.tar.gz +Source0: https://www.kernel.org/pub/linux/kernel/v6.x/linux-6.12.61.tar.gz # Historical name shipped by other distros Provides: glibc-kernheaders = %{version}-%{release} BuildArch: noarch @@ -41,7 +41,7 @@ cross-glibc package. %endif %prep -%setup -q -n linux-6.12.59 +%setup -q -n linux-6.12.61 %build make mrproper @@ -76,6 +76,9 @@ done %endif %changelog +* Fri Jan 2 2026 Lishan Liu - 6.12.61-1 +- Update kernel to 6.12.61-1 + * Thu Dec 11 2025 Lishan Liu - 6.12.59-1 - Update kernel to 6.12.59 diff --git a/SPECS/kernel-rt/0001-drm-i915-no-force-probe-needed-for-mtl-platform.drm b/SPECS/kernel-rt/0001-drm-i915-no-force-probe-needed-for-mtl-platform.drm new file mode 100644 index 0000000000..aadc884402 --- /dev/null +++ b/SPECS/kernel-rt/0001-drm-i915-no-force-probe-needed-for-mtl-platform.drm @@ -0,0 +1,29 @@ +From f18bd93ea20bf2a8b7360b245db7a9119a2e54ac Mon Sep 17 00:00:00 2001 +From: Junxiao Chang +Date: Sat, 6 Dec 2025 17:11:22 +0800 +Subject: [PATCH] drm/i915: no force probe needed for mtl platform + +mtl has been supported in 6.12 kernel. No need to add require force +probe flag. + +Fixes: 9fd5e45e3167 ("Revert "drm/i915: move platform_engine_mask and memory_regions to device info"") +Signed-off-by: Junxiao Chang +--- + drivers/gpu/drm/i915/i915_pci.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/drivers/gpu/drm/i915/i915_pci.c b/drivers/gpu/drm/i915/i915_pci.c +index 8aff711aa887b..9eb8216389251 100644 +--- a/drivers/gpu/drm/i915/i915_pci.c ++++ b/drivers/gpu/drm/i915/i915_pci.c +@@ -795,7 +795,6 @@ static const struct intel_device_info mtl_info = { + .has_pxp = 1, + .__runtime.memory_regions = BIT(INTEL_REGION_SMEM) | BIT(INTEL_REGION_STOLEN_LMEM), + .__runtime.platform_engine_mask = BIT(RCS0) | BIT(BCS0) | BIT(CCS0), +- .require_force_probe = 1, + MTL_CACHELEVEL, + }; + +-- +2.43.0 + diff --git a/SPECS/kernel-rt/CVE-2025-40215.patch b/SPECS/kernel-rt/CVE-2025-40215.patch new file mode 100644 index 0000000000..644a85a3e8 --- /dev/null +++ b/SPECS/kernel-rt/CVE-2025-40215.patch @@ -0,0 +1,191 @@ +From 39992c2053e7eff318860d12ae26b2a57385a772 Mon Sep 17 00:00:00 2001 +From: Sabrina Dubroca +Date: Fri, 4 Jul 2025 16:54:33 +0200 +Subject: [PATCH] xfrm: delete x->tunnel as we delete x + +The ipcomp fallback tunnels currently get deleted (from the various +lists and hashtables) as the last user state that needed that fallback +is destroyed (not deleted). If a reference to that user state still +exists, the fallback state will remain on the hashtables/lists, +triggering the WARN in xfrm_state_fini. Because of those remaining +references, the fix in commit f75a2804da39 ("xfrm: destroy xfrm_state +synchronously on net exit path") is not complete. + +We recently fixed one such situation in TCP due to defered freeing of +skbs (commit 9b6412e6979f ("tcp: drop secpath at the same time as we +currently drop dst")). This can also happen due to IP reassembly: skbs +with a secpath remain on the reassembly queue until netns +destruction. If we can't guarantee that the queues are flushed by the +time xfrm_state_fini runs, there may still be references to a (user) +xfrm_state, preventing the timely deletion of the corresponding +fallback state. + +Instead of chasing each instance of skbs holding a secpath one by one, +this patch fixes the issue directly within xfrm, by deleting the +fallback state as soon as the last user state depending on it has been +deleted. Destruction will still happen when the final reference is +dropped. + +A separate lockdep class for the fallback state is required since +we're going to lock x->tunnel while x is locked. + +Fixes: 9d4139c76905 ("netns xfrm: per-netns xfrm_state_all list") +Signed-off-by: Sabrina Dubroca +Signed-off-by: Steffen Klassert +--- + include/net/xfrm.h | 1 - + net/ipv4/ipcomp.c | 2 ++ + net/ipv6/ipcomp6.c | 2 ++ + net/ipv6/xfrm6_tunnel.c | 2 +- + net/xfrm/xfrm_ipcomp.c | 1 - + net/xfrm/xfrm_state.c | 19 ++++++++----------- + 6 files changed, 13 insertions(+), 14 deletions(-) + +diff --git a/include/net/xfrm.h b/include/net/xfrm.h +index caaff61601a0..d51204041bf7 100644 +--- a/include/net/xfrm.h ++++ b/include/net/xfrm.h +@@ -424,7 +424,6 @@ int xfrm_input_register_afinfo(const struct xfrm_input_afinfo *afinfo); + int xfrm_input_unregister_afinfo(const struct xfrm_input_afinfo *afinfo); + + void xfrm_flush_gc(void); +-void xfrm_state_delete_tunnel(struct xfrm_state *x); + + struct xfrm_type { + struct module *owner; +diff --git a/net/ipv4/ipcomp.c b/net/ipv4/ipcomp.c +index 5a4fb2539b08..9a45aed508d1 100644 +--- a/net/ipv4/ipcomp.c ++++ b/net/ipv4/ipcomp.c +@@ -54,6 +54,7 @@ static int ipcomp4_err(struct sk_buff *skb, u32 info) + } + + /* We always hold one tunnel user reference to indicate a tunnel */ ++static struct lock_class_key xfrm_state_lock_key; + static struct xfrm_state *ipcomp_tunnel_create(struct xfrm_state *x) + { + struct net *net = xs_net(x); +@@ -62,6 +63,7 @@ static struct xfrm_state *ipcomp_tunnel_create(struct xfrm_state *x) + t = xfrm_state_alloc(net); + if (!t) + goto out; ++ lockdep_set_class(&t->lock, &xfrm_state_lock_key); + + t->id.proto = IPPROTO_IPIP; + t->id.spi = x->props.saddr.a4; +diff --git a/net/ipv6/ipcomp6.c b/net/ipv6/ipcomp6.c +index 72d4858dec18..8607569de34f 100644 +--- a/net/ipv6/ipcomp6.c ++++ b/net/ipv6/ipcomp6.c +@@ -71,6 +71,7 @@ static int ipcomp6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, + return 0; + } + ++static struct lock_class_key xfrm_state_lock_key; + static struct xfrm_state *ipcomp6_tunnel_create(struct xfrm_state *x) + { + struct net *net = xs_net(x); +@@ -79,6 +80,7 @@ static struct xfrm_state *ipcomp6_tunnel_create(struct xfrm_state *x) + t = xfrm_state_alloc(net); + if (!t) + goto out; ++ lockdep_set_class(&t->lock, &xfrm_state_lock_key); + + t->id.proto = IPPROTO_IPV6; + t->id.spi = xfrm6_tunnel_alloc_spi(net, (xfrm_address_t *)&x->props.saddr); +diff --git a/net/ipv6/xfrm6_tunnel.c b/net/ipv6/xfrm6_tunnel.c +index bf140ef781c1..7fd8bc08e6eb 100644 +--- a/net/ipv6/xfrm6_tunnel.c ++++ b/net/ipv6/xfrm6_tunnel.c +@@ -334,8 +334,8 @@ static void __net_exit xfrm6_tunnel_net_exit(struct net *net) + struct xfrm6_tunnel_net *xfrm6_tn = xfrm6_tunnel_pernet(net); + unsigned int i; + +- xfrm_flush_gc(); + xfrm_state_flush(net, 0, false, true); ++ xfrm_flush_gc(); + + for (i = 0; i < XFRM6_TUNNEL_SPI_BYADDR_HSIZE; i++) + WARN_ON_ONCE(!hlist_empty(&xfrm6_tn->spi_byaddr[i])); +diff --git a/net/xfrm/xfrm_ipcomp.c b/net/xfrm/xfrm_ipcomp.c +index 9c0fa0e1786a..f2e70e918f11 100644 +--- a/net/xfrm/xfrm_ipcomp.c ++++ b/net/xfrm/xfrm_ipcomp.c +@@ -315,7 +315,6 @@ void ipcomp_destroy(struct xfrm_state *x) + struct ipcomp_data *ipcd = x->data; + if (!ipcd) + return; +- xfrm_state_delete_tunnel(x); + mutex_lock(&ipcomp_resource_mutex); + ipcomp_free_data(ipcd); + mutex_unlock(&ipcomp_resource_mutex); +diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c +index f8cb033f102e..e4500d481e26 100644 +--- a/net/xfrm/xfrm_state.c ++++ b/net/xfrm/xfrm_state.c +@@ -748,6 +748,7 @@ void __xfrm_state_destroy(struct xfrm_state *x, bool sync) + } + EXPORT_SYMBOL(__xfrm_state_destroy); + ++static void xfrm_state_delete_tunnel(struct xfrm_state *x); + int __xfrm_state_delete(struct xfrm_state *x) + { + struct net *net = xs_net(x); +@@ -775,6 +776,8 @@ int __xfrm_state_delete(struct xfrm_state *x) + + xfrm_dev_state_delete(x); + ++ xfrm_state_delete_tunnel(x); ++ + /* All xfrm_state objects are created by xfrm_state_alloc. + * The xfrm_state_alloc call gives a reference, and that + * is what we are dropping here. +@@ -878,10 +881,7 @@ int xfrm_state_flush(struct net *net, u8 proto, bool task_valid, bool sync) + err = xfrm_state_delete(x); + xfrm_audit_state_delete(x, err ? 0 : 1, + task_valid); +- if (sync) +- xfrm_state_put_sync(x); +- else +- xfrm_state_put(x); ++ xfrm_state_put(x); + if (!err) + cnt++; + +@@ -3008,20 +3008,17 @@ void xfrm_flush_gc(void) + } + EXPORT_SYMBOL(xfrm_flush_gc); + +-/* Temporarily located here until net/xfrm/xfrm_tunnel.c is created */ +-void xfrm_state_delete_tunnel(struct xfrm_state *x) ++static void xfrm_state_delete_tunnel(struct xfrm_state *x) + { + if (x->tunnel) { + struct xfrm_state *t = x->tunnel; + +- if (atomic_read(&t->tunnel_users) == 2) ++ if (atomic_dec_return(&t->tunnel_users) == 1) + xfrm_state_delete(t); +- atomic_dec(&t->tunnel_users); +- xfrm_state_put_sync(t); ++ xfrm_state_put(t); + x->tunnel = NULL; + } + } +-EXPORT_SYMBOL(xfrm_state_delete_tunnel); + + u32 xfrm_state_mtu(struct xfrm_state *x, int mtu) + { +@@ -3221,8 +3218,8 @@ void xfrm_state_fini(struct net *net) + unsigned int sz; + + flush_work(&net->xfrm.state_hash_work); +- flush_work(&xfrm_state_gc_work); + xfrm_state_flush(net, 0, false, true); ++ flush_work(&xfrm_state_gc_work); + + WARN_ON(!list_empty(&net->xfrm.state_all)); + +-- +2.43.0 + diff --git a/SPECS/kernel-rt/kernel-rt.signatures.json b/SPECS/kernel-rt/kernel-rt.signatures.json index 325a8574d2..47db860996 100644 --- a/SPECS/kernel-rt/kernel-rt.signatures.json +++ b/SPECS/kernel-rt/kernel-rt.signatures.json @@ -5,6 +5,6 @@ "cpupower": "d7518767bf2b1110d146a49c7d42e76b803f45eb8bd14d931aa6d0d346fae985", "cpupower.service": "b057fe9e5d0e8c36f485818286b80e3eba8ff66ff44797940e99b1fd5361bb98", "sha512hmac-openssl.sh": "02ab91329c4be09ee66d759e4d23ac875037c3b56e5a598e32fd1206da06a27f", - "linux-6.12.59.tar.gz": "93dfe627d321f016291054449a8e4bf9051de19687fbf1a6f584a2b79f8f5d2c" + "linux-6.12.61.tar.gz": "7fb34abab0902a47ce1d47de58442e69e0e79d17f565b41fcb11249ea5b23801" } } diff --git a/SPECS/kernel-rt/kernel-rt.spec b/SPECS/kernel-rt/kernel-rt.spec index 1dab43eee3..e92b70dd89 100644 --- a/SPECS/kernel-rt/kernel-rt.spec +++ b/SPECS/kernel-rt/kernel-rt.spec @@ -1,13 +1,13 @@ Summary: Preempt RT Linux Kernel Name: kernel-rt -Version: 6.12.59 +Version: 6.12.61 Release: 1%{?dist} License: GPLv2 Vendor: Intel Corporation Distribution: Edge Microvisor Toolkit Group: System Environment/Kernel URL: https://www.kernel.org/pub/linux/kernel -Source0: https://www.kernel.org/pub/linux/kernel/v6.x/linux-6.12.59.tar.gz +Source0: https://www.kernel.org/pub/linux/kernel/v6.x/linux-6.12.61.tar.gz Source1: config Source3: sha512hmac-openssl.sh Source4: emt-ca-20211013.pem @@ -16,7 +16,8 @@ Source6: cpupower.service # Intel not-upstreamed kernel features -# d5dc97879a97 Linux 6.12.59 +# Series file for v6.12.61 linux kernel +# dcbeffaf66d03 Linux 6.12.61 #sriov Patch0: 0001-drm-i915-mtl-Add-C10-table-for-HDMI-Clock-25175.sriov Patch1: 0002-drm-i915-mtl-Copy-c10-phy-pll-sw-state-from-master-t.sriov @@ -412,146 +413,210 @@ Patch380: 0016-drm-i915-gt-Refactor-CCS-mode-handling-and-improve-app.drm Patch381: 0017-drm-i915-no-waiting-for-page-flip-in-vpp-case.drm Patch382: 0001-Remove-unneeded-files.patch Patch383: 0001-i915-gt-Upgrade-GuC-70.44.1-70.49.4.drm +Patch384: 0001-drm-i915-no-force-probe-needed-for-mtl-platform.drm #rapl -Patch384: 0001-powercap-intel_rapl-Add-support-for-Bartlett-Lake-pl.rapl +Patch385: 0001-powercap-intel_rapl-Add-support-for-Bartlett-Lake-pl.rapl #misc -Patch385: 0001-Add-security.md-file.misc +Patch386: 0001-Add-security.md-file.misc #iommu -Patch386: 0001-driver-core-add-a-faux-bus-for-use-when-a-simple-dev.iommu -Patch387: 0002-iommu-io-pgtable-arm-dynamically-allocate-selftest-d.iommu +Patch387: 0001-driver-core-add-a-faux-bus-for-use-when-a-simple-dev.iommu +Patch388: 0002-iommu-io-pgtable-arm-dynamically-allocate-selftest-d.iommu #emt-drm -Patch388: 0075-drm-xe-gsc-mei-interrupt-top-half-should-be-in-irq-d.patch +Patch389: 0075-drm-xe-gsc-mei-interrupt-top-half-should-be-in-irq-d.patch #CVE-2025-21709 -Patch389: CVE-2025-21709.patch +Patch390: CVE-2025-21709.patch + #CVE-2025-21817 -Patch390: CVE-2025-21817.patch +Patch391: CVE-2025-21817.patch + #CVE-2025-22104 -Patch391: CVE-2025-22104.patch +Patch392: CVE-2025-22104.patch + #CVE-2025-22108 -Patch392: CVE-2025-22108.patch +Patch393: CVE-2025-22108.patch + #CVE-2025-22111 -Patch393: CVE-2025-22111.patch +Patch394: CVE-2025-22111.patch + #CVE-2025-22116 -Patch394: CVE-2025-22116.patch +Patch395: CVE-2025-22116.patch + #CVE-2025-22117 -Patch395: CVE-2025-22117.patch +Patch396: CVE-2025-22117.patch + #CVE-2025-23131 -Patch396: CVE-2025-23131.patch +Patch397: CVE-2025-23131.patch + #CVE-2025-37746 -Patch397: CVE-2025-37746.patch -Patch398: CVE-2025-37746-1.patch +Patch398: CVE-2025-37746.patch +Patch399: CVE-2025-37746-1.patch + #CVE-2025-37906 -Patch399: CVE-2025-37906.patch +Patch400: CVE-2025-37906.patch + #CVE-2025-38041 -Patch400: CVE-2025-38041.patch -Patch401: CVE-2025-38041-1.patch -Patch402: CVE-2025-38041-2.patch +Patch401: CVE-2025-38041.patch +Patch402: CVE-2025-38041-1.patch +Patch403: CVE-2025-38041-2.patch + #CVE-2025-38029 -Patch403: CVE-2025-38029.patch +Patch404: CVE-2025-38029.patch + #CVE-2025-38311 -Patch404: CVE-2025-38311.patch +Patch405: CVE-2025-38311.patch + #CVE-2025-38248 -Patch405: CVE-2025-38248.patch +Patch406: CVE-2025-38248.patch + #CVE-2025-38234 -Patch406: CVE-2025-38234.patch +Patch407: CVE-2025-38234.patch + #CVE-2025-38207 -Patch407: CVE-2025-38207.patch +Patch408: CVE-2025-38207.patch + #CVE-2025-38137 -Patch408: CVE-2025-38137.patch +Patch409: CVE-2025-38137.patch + #CVE-2025-40325 -Patch409: CVE-2025-40325.patch +Patch410: CVE-2025-40325.patch + #CVE-2025-38284 -Patch410: CVE-2025-38284.patch -Patch411: CVE-2025-38284-1.patch -Patch412: CVE-2025-38284-2.patch +Patch411: CVE-2025-38284.patch +Patch412: CVE-2025-38284-1.patch +Patch413: CVE-2025-38284-2.patch + #CVE-2025-38199 -Patch413: CVE-2025-38199.patch +Patch414: CVE-2025-38199.patch + #CVE-2025-38140 -Patch414: CVE-2025-38140.patch +Patch415: CVE-2025-38140.patch + #CVE-2025-38132 -Patch415: CVE-2025-38132.patch -Patch416: CVE-2025-38132-1.patch +Patch416: CVE-2025-38132.patch +Patch417: CVE-2025-38132-1.patch + #CVE-2025-37743 -Patch417: CVE-2025-37743.patch +Patch418: CVE-2025-37743.patch + #CVE-2025-23132 -Patch418: CVE-2025-23132.patch +Patch419: CVE-2025-23132.patch + #CVE-2025-22127 -Patch419: CVE-2025-22127.patch +Patch420: CVE-2025-22127.patch + #CVE-2025-22109 -Patch420: CVE-2025-22109.patch +Patch421: CVE-2025-22109.patch + #CVE-2025-21752 -Patch421: CVE-2025-21752.patch -Patch422: CVE-2025-21752-1.patch +Patch422: CVE-2025-21752.patch +Patch423: CVE-2025-21752-1.patch + #CVE-2024-58095 -Patch423: CVE-2024-58095.patch +Patch424: CVE-2024-58095.patch + #CVE-2024-58094 -Patch424: CVE-2024-58094.patch +Patch425: CVE-2024-58094.patch + #CVE-2024-52560 -Patch425: CVE-2024-52560.patch -Patch426: CVE-2024-52560-1.patch +Patch426: CVE-2024-52560.patch +Patch427: CVE-2024-52560-1.patch + #CVE-2025-38621 -Patch427: CVE-2025-38621.patch +Patch428: CVE-2025-38621.patch + #CVE-2025-38627 -Patch428: CVE-2025-38627.patch +Patch429: CVE-2025-38627.patch + #CVE-2025-39789 -Patch429: CVE-2025-39789.patch +Patch430: CVE-2025-39789.patch + #CVE-2025-39764 -Patch430: CVE-2025-39764.patch +Patch431: CVE-2025-39764.patch + #CVE-2025-39745 -Patch431: CVE-2025-39745.patch +Patch432: CVE-2025-39745.patch + #CVE-2025-39677 -Patch432: CVE-2025-39677.patch +Patch433: CVE-2025-39677.patch + #CVE-2025-39933 -Patch433: CVE-2025-39933.patch +Patch434: CVE-2025-39933.patch + #CVE-2025-39833 -Patch434: CVE-2025-39833.patch +Patch435: CVE-2025-39833.patch + #CVE-2025-39925 -Patch435: CVE-2025-39925.patch +Patch436: CVE-2025-39925.patch + #CVE-2025-39905 -Patch436: CVE-2025-39905.patch +Patch437: CVE-2025-39905.patch + #CVE-2025-39859 -Patch437: CVE-2025-39859.patch +Patch438: CVE-2025-39859.patch + #CVE-2025-39910 -Patch438: CVE-2025-39910.patch +Patch439: CVE-2025-39910.patch + #CVE-2025-40098 -Patch439: CVE-2025-40098.patch +Patch440: CVE-2025-40098.patch + #CVE-2025-40075 -Patch440: CVE-2025-40075.patch -Patch441: CVE-2025-40075-1.patch +Patch441: CVE-2025-40075.patch +Patch442: CVE-2025-40075-1.patch + #CVE-2025-40074 -Patch442: CVE-2025-40074.patch +Patch443: CVE-2025-40074.patch + #CVE-2025-40064 -Patch443: CVE-2025-40064.patch +Patch444: CVE-2025-40064.patch + #CVE-2025-40086 -Patch444: CVE-2025-40086.patch -Patch445: CVE-2025-40086-1.patch +Patch445: CVE-2025-40086.patch +Patch446: CVE-2025-40086-1.patch + #CVE-2025-40168 -Patch446: CVE-2025-40168.patch +Patch447: CVE-2025-40168.patch + #CVE-2025-40170 -Patch447: CVE-2025-40170.patch +Patch448: CVE-2025-40170.patch + #CVE-2025-40164 -Patch448: CVE-2025-40164.patch +Patch449: CVE-2025-40164.patch + #CVE-2025-40158 -Patch449: CVE-2025-40158.patch +Patch450: CVE-2025-40158.patch + #CVE-2025-40149 -Patch450: CVE-2025-40149.patch +Patch451: CVE-2025-40149.patch + #CVE-2025-40147 -Patch451: CVE-2025-40147.patch +Patch452: CVE-2025-40147.patch + #CVE-2025-40139 -Patch452: CVE-2025-40139.patch +Patch453: CVE-2025-40139.patch + #CVE-2025-40136 -Patch453: CVE-2025-40136.patch +Patch454: CVE-2025-40136.patch + #CVE-2025-40135 -Patch454: CVE-2025-40135.patch +Patch455: CVE-2025-40135.patch + #CVE-2025-40130 -Patch455: CVE-2025-40130.patch +Patch456: CVE-2025-40130.patch + #CVE-2025-38656 -Patch456: CVE-2025-38656.patch -Patch457: CVE-2025-38656-2.patch +Patch457: CVE-2025-38656.patch +Patch458: CVE-2025-38656-2.patch + #CVE-2025-38591 -Patch458: CVE-2025-38591.patch +Patch459: CVE-2025-38591.patch + #CVE-2025-38584 -Patch459: CVE-2025-38584.patch +Patch460: CVE-2025-38584.patch + +#CVE-2025-40215 +Patch461: CVE-2025-40215.patch + # CVE Patches %global security_hardening none @@ -700,8 +765,8 @@ manipulation of eBPF programs and maps. %prep %define _default_patch_flags -p1 --fuzz=3 --force -%setup -q -n linux-6.12.59 -%autosetup -p1 -n linux-6.12.59 +%setup -q -n linux-6.12.61 +%autosetup -p1 -n linux-6.12.61 # %patch 0 -p1 make mrproper @@ -973,6 +1038,9 @@ ln -sf linux-%{uname_r}.cfg /boot/mariner.cfg %{_sysconfdir}/bash_completion.d/bpftool %changelog +* Fri Jan 2 2026 Lishan Liu - 6.12.61-1 +- Update kernel to 6.12.61 + * Thu Dec 11 2025 Lishan Liu - 6.12.59-1 - Update kernel to 6.12.59 diff --git a/SPECS/kernel-rt/series b/SPECS/kernel-rt/series index c7ca87714b..b4fa2ccddc 100644 --- a/SPECS/kernel-rt/series +++ b/SPECS/kernel-rt/series @@ -1,5 +1,5 @@ -# Series file for v6.12.59 linux kernel -# d5dc97879a97 Linux 6.12.59 +# Series file for v6.12.61 linux kernel +# dcbeffaf66d03 Linux 6.12.61 #sriov 0001-drm-i915-mtl-Add-C10-table-for-HDMI-Clock-25175.sriov 0002-drm-i915-mtl-Copy-c10-phy-pll-sw-state-from-master-t.sriov @@ -395,6 +395,7 @@ 0017-drm-i915-no-waiting-for-page-flip-in-vpp-case.drm 0001-Remove-unneeded-files.patch 0001-i915-gt-Upgrade-GuC-70.44.1-70.49.4.drm +0001-drm-i915-no-force-probe-needed-for-mtl-platform.drm #rapl 0001-powercap-intel_rapl-Add-support-for-Bartlett-Lake-pl.rapl #misc @@ -594,3 +595,7 @@ CVE-2025-38591.patch #CVE-2025-38584 CVE-2025-38584.patch + +#CVE-2025-40215 +CVE-2025-40215.patch + diff --git a/SPECS/kernel/0001-drm-i915-no-force-probe-needed-for-mtl-platform.drm b/SPECS/kernel/0001-drm-i915-no-force-probe-needed-for-mtl-platform.drm new file mode 100644 index 0000000000..aadc884402 --- /dev/null +++ b/SPECS/kernel/0001-drm-i915-no-force-probe-needed-for-mtl-platform.drm @@ -0,0 +1,29 @@ +From f18bd93ea20bf2a8b7360b245db7a9119a2e54ac Mon Sep 17 00:00:00 2001 +From: Junxiao Chang +Date: Sat, 6 Dec 2025 17:11:22 +0800 +Subject: [PATCH] drm/i915: no force probe needed for mtl platform + +mtl has been supported in 6.12 kernel. No need to add require force +probe flag. + +Fixes: 9fd5e45e3167 ("Revert "drm/i915: move platform_engine_mask and memory_regions to device info"") +Signed-off-by: Junxiao Chang +--- + drivers/gpu/drm/i915/i915_pci.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/drivers/gpu/drm/i915/i915_pci.c b/drivers/gpu/drm/i915/i915_pci.c +index 8aff711aa887b..9eb8216389251 100644 +--- a/drivers/gpu/drm/i915/i915_pci.c ++++ b/drivers/gpu/drm/i915/i915_pci.c +@@ -795,7 +795,6 @@ static const struct intel_device_info mtl_info = { + .has_pxp = 1, + .__runtime.memory_regions = BIT(INTEL_REGION_SMEM) | BIT(INTEL_REGION_STOLEN_LMEM), + .__runtime.platform_engine_mask = BIT(RCS0) | BIT(BCS0) | BIT(CCS0), +- .require_force_probe = 1, + MTL_CACHELEVEL, + }; + +-- +2.43.0 + diff --git a/SPECS/kernel/CVE-2025-40215.patch b/SPECS/kernel/CVE-2025-40215.patch new file mode 100644 index 0000000000..644a85a3e8 --- /dev/null +++ b/SPECS/kernel/CVE-2025-40215.patch @@ -0,0 +1,191 @@ +From 39992c2053e7eff318860d12ae26b2a57385a772 Mon Sep 17 00:00:00 2001 +From: Sabrina Dubroca +Date: Fri, 4 Jul 2025 16:54:33 +0200 +Subject: [PATCH] xfrm: delete x->tunnel as we delete x + +The ipcomp fallback tunnels currently get deleted (from the various +lists and hashtables) as the last user state that needed that fallback +is destroyed (not deleted). If a reference to that user state still +exists, the fallback state will remain on the hashtables/lists, +triggering the WARN in xfrm_state_fini. Because of those remaining +references, the fix in commit f75a2804da39 ("xfrm: destroy xfrm_state +synchronously on net exit path") is not complete. + +We recently fixed one such situation in TCP due to defered freeing of +skbs (commit 9b6412e6979f ("tcp: drop secpath at the same time as we +currently drop dst")). This can also happen due to IP reassembly: skbs +with a secpath remain on the reassembly queue until netns +destruction. If we can't guarantee that the queues are flushed by the +time xfrm_state_fini runs, there may still be references to a (user) +xfrm_state, preventing the timely deletion of the corresponding +fallback state. + +Instead of chasing each instance of skbs holding a secpath one by one, +this patch fixes the issue directly within xfrm, by deleting the +fallback state as soon as the last user state depending on it has been +deleted. Destruction will still happen when the final reference is +dropped. + +A separate lockdep class for the fallback state is required since +we're going to lock x->tunnel while x is locked. + +Fixes: 9d4139c76905 ("netns xfrm: per-netns xfrm_state_all list") +Signed-off-by: Sabrina Dubroca +Signed-off-by: Steffen Klassert +--- + include/net/xfrm.h | 1 - + net/ipv4/ipcomp.c | 2 ++ + net/ipv6/ipcomp6.c | 2 ++ + net/ipv6/xfrm6_tunnel.c | 2 +- + net/xfrm/xfrm_ipcomp.c | 1 - + net/xfrm/xfrm_state.c | 19 ++++++++----------- + 6 files changed, 13 insertions(+), 14 deletions(-) + +diff --git a/include/net/xfrm.h b/include/net/xfrm.h +index caaff61601a0..d51204041bf7 100644 +--- a/include/net/xfrm.h ++++ b/include/net/xfrm.h +@@ -424,7 +424,6 @@ int xfrm_input_register_afinfo(const struct xfrm_input_afinfo *afinfo); + int xfrm_input_unregister_afinfo(const struct xfrm_input_afinfo *afinfo); + + void xfrm_flush_gc(void); +-void xfrm_state_delete_tunnel(struct xfrm_state *x); + + struct xfrm_type { + struct module *owner; +diff --git a/net/ipv4/ipcomp.c b/net/ipv4/ipcomp.c +index 5a4fb2539b08..9a45aed508d1 100644 +--- a/net/ipv4/ipcomp.c ++++ b/net/ipv4/ipcomp.c +@@ -54,6 +54,7 @@ static int ipcomp4_err(struct sk_buff *skb, u32 info) + } + + /* We always hold one tunnel user reference to indicate a tunnel */ ++static struct lock_class_key xfrm_state_lock_key; + static struct xfrm_state *ipcomp_tunnel_create(struct xfrm_state *x) + { + struct net *net = xs_net(x); +@@ -62,6 +63,7 @@ static struct xfrm_state *ipcomp_tunnel_create(struct xfrm_state *x) + t = xfrm_state_alloc(net); + if (!t) + goto out; ++ lockdep_set_class(&t->lock, &xfrm_state_lock_key); + + t->id.proto = IPPROTO_IPIP; + t->id.spi = x->props.saddr.a4; +diff --git a/net/ipv6/ipcomp6.c b/net/ipv6/ipcomp6.c +index 72d4858dec18..8607569de34f 100644 +--- a/net/ipv6/ipcomp6.c ++++ b/net/ipv6/ipcomp6.c +@@ -71,6 +71,7 @@ static int ipcomp6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, + return 0; + } + ++static struct lock_class_key xfrm_state_lock_key; + static struct xfrm_state *ipcomp6_tunnel_create(struct xfrm_state *x) + { + struct net *net = xs_net(x); +@@ -79,6 +80,7 @@ static struct xfrm_state *ipcomp6_tunnel_create(struct xfrm_state *x) + t = xfrm_state_alloc(net); + if (!t) + goto out; ++ lockdep_set_class(&t->lock, &xfrm_state_lock_key); + + t->id.proto = IPPROTO_IPV6; + t->id.spi = xfrm6_tunnel_alloc_spi(net, (xfrm_address_t *)&x->props.saddr); +diff --git a/net/ipv6/xfrm6_tunnel.c b/net/ipv6/xfrm6_tunnel.c +index bf140ef781c1..7fd8bc08e6eb 100644 +--- a/net/ipv6/xfrm6_tunnel.c ++++ b/net/ipv6/xfrm6_tunnel.c +@@ -334,8 +334,8 @@ static void __net_exit xfrm6_tunnel_net_exit(struct net *net) + struct xfrm6_tunnel_net *xfrm6_tn = xfrm6_tunnel_pernet(net); + unsigned int i; + +- xfrm_flush_gc(); + xfrm_state_flush(net, 0, false, true); ++ xfrm_flush_gc(); + + for (i = 0; i < XFRM6_TUNNEL_SPI_BYADDR_HSIZE; i++) + WARN_ON_ONCE(!hlist_empty(&xfrm6_tn->spi_byaddr[i])); +diff --git a/net/xfrm/xfrm_ipcomp.c b/net/xfrm/xfrm_ipcomp.c +index 9c0fa0e1786a..f2e70e918f11 100644 +--- a/net/xfrm/xfrm_ipcomp.c ++++ b/net/xfrm/xfrm_ipcomp.c +@@ -315,7 +315,6 @@ void ipcomp_destroy(struct xfrm_state *x) + struct ipcomp_data *ipcd = x->data; + if (!ipcd) + return; +- xfrm_state_delete_tunnel(x); + mutex_lock(&ipcomp_resource_mutex); + ipcomp_free_data(ipcd); + mutex_unlock(&ipcomp_resource_mutex); +diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c +index f8cb033f102e..e4500d481e26 100644 +--- a/net/xfrm/xfrm_state.c ++++ b/net/xfrm/xfrm_state.c +@@ -748,6 +748,7 @@ void __xfrm_state_destroy(struct xfrm_state *x, bool sync) + } + EXPORT_SYMBOL(__xfrm_state_destroy); + ++static void xfrm_state_delete_tunnel(struct xfrm_state *x); + int __xfrm_state_delete(struct xfrm_state *x) + { + struct net *net = xs_net(x); +@@ -775,6 +776,8 @@ int __xfrm_state_delete(struct xfrm_state *x) + + xfrm_dev_state_delete(x); + ++ xfrm_state_delete_tunnel(x); ++ + /* All xfrm_state objects are created by xfrm_state_alloc. + * The xfrm_state_alloc call gives a reference, and that + * is what we are dropping here. +@@ -878,10 +881,7 @@ int xfrm_state_flush(struct net *net, u8 proto, bool task_valid, bool sync) + err = xfrm_state_delete(x); + xfrm_audit_state_delete(x, err ? 0 : 1, + task_valid); +- if (sync) +- xfrm_state_put_sync(x); +- else +- xfrm_state_put(x); ++ xfrm_state_put(x); + if (!err) + cnt++; + +@@ -3008,20 +3008,17 @@ void xfrm_flush_gc(void) + } + EXPORT_SYMBOL(xfrm_flush_gc); + +-/* Temporarily located here until net/xfrm/xfrm_tunnel.c is created */ +-void xfrm_state_delete_tunnel(struct xfrm_state *x) ++static void xfrm_state_delete_tunnel(struct xfrm_state *x) + { + if (x->tunnel) { + struct xfrm_state *t = x->tunnel; + +- if (atomic_read(&t->tunnel_users) == 2) ++ if (atomic_dec_return(&t->tunnel_users) == 1) + xfrm_state_delete(t); +- atomic_dec(&t->tunnel_users); +- xfrm_state_put_sync(t); ++ xfrm_state_put(t); + x->tunnel = NULL; + } + } +-EXPORT_SYMBOL(xfrm_state_delete_tunnel); + + u32 xfrm_state_mtu(struct xfrm_state *x, int mtu) + { +@@ -3221,8 +3218,8 @@ void xfrm_state_fini(struct net *net) + unsigned int sz; + + flush_work(&net->xfrm.state_hash_work); +- flush_work(&xfrm_state_gc_work); + xfrm_state_flush(net, 0, false, true); ++ flush_work(&xfrm_state_gc_work); + + WARN_ON(!list_empty(&net->xfrm.state_all)); + +-- +2.43.0 + diff --git a/SPECS/kernel/kernel-uki.spec b/SPECS/kernel/kernel-uki.spec index 9b486331e9..b905971446 100644 --- a/SPECS/kernel/kernel-uki.spec +++ b/SPECS/kernel/kernel-uki.spec @@ -12,7 +12,7 @@ Summary: Unified Kernel Image Name: kernel-uki -Version: 6.12.59 +Version: 6.12.61 Release: 1%{?dist} License: GPLv2 Vendor: Intel Corporation @@ -70,6 +70,9 @@ cp %{buildroot}/boot/vmlinuz-uki-%{kernelver}.efi %{buildroot}/boot/efi/EFI/Linu /boot/efi/EFI/Linux/vmlinuz-uki-%{kernelver}.efi %changelog +* Fri Jan 2 2026 Lishan Liu - 6.12.61-1 +- Update kernel to 6.12.61 + * Thu Dec 11 2025 Lishan Liu - 6.12.59-1 - Update kernel to 6.12.59 diff --git a/SPECS/kernel/kernel.signatures.json b/SPECS/kernel/kernel.signatures.json index 33dbecab57..47a6b25e82 100644 --- a/SPECS/kernel/kernel.signatures.json +++ b/SPECS/kernel/kernel.signatures.json @@ -5,6 +5,6 @@ "cpupower": "d7518767bf2b1110d146a49c7d42e76b803f45eb8bd14d931aa6d0d346fae985", "cpupower.service": "b057fe9e5d0e8c36f485818286b80e3eba8ff66ff44797940e99b1fd5361bb98", "sha512hmac-openssl.sh": "02ab91329c4be09ee66d759e4d23ac875037c3b56e5a598e32fd1206da06a27f", - "linux-6.12.59.tar.gz": "93dfe627d321f016291054449a8e4bf9051de19687fbf1a6f584a2b79f8f5d2c" + "linux-6.12.61.tar.gz": "7fb34abab0902a47ce1d47de58442e69e0e79d17f565b41fcb11249ea5b23801" } } diff --git a/SPECS/kernel/kernel.spec b/SPECS/kernel/kernel.spec index 2d1622666c..6119072980 100644 --- a/SPECS/kernel/kernel.spec +++ b/SPECS/kernel/kernel.spec @@ -1,13 +1,13 @@ Summary: Linux Kernel Name: kernel -Version: 6.12.59 +Version: 6.12.61 Release: 1%{?dist} License: GPLv2 Vendor: Intel Corporation Distribution: Edge Microvisor Toolkit Group: System Environment/Kernel URL: https://www.kernel.org/pub/linux/kernel -Source0: https://www.kernel.org/pub/linux/kernel/v6.x/linux-6.12.59.tar.gz +Source0: https://www.kernel.org/pub/linux/kernel/v6.x/linux-6.12.61.tar.gz Source1: config Source3: sha512hmac-openssl.sh Source4: emt-ca-20211013.pem @@ -16,7 +16,8 @@ Source6: cpupower.service # Intel not-upstreamed kernel features -# d5dc97879a97 Linux 6.12.59 +# Series file for v6.12.61 linux kernel +# dcbeffaf66d03 Linux 6.12.61 #sriov Patch0: 0001-drm-i915-mtl-Add-C10-table-for-HDMI-Clock-25175.sriov Patch1: 0002-drm-i915-mtl-Copy-c10-phy-pll-sw-state-from-master-t.sriov @@ -412,146 +413,210 @@ Patch380: 0016-drm-i915-gt-Refactor-CCS-mode-handling-and-improve-app.drm Patch381: 0017-drm-i915-no-waiting-for-page-flip-in-vpp-case.drm Patch382: 0001-Remove-unneeded-files.patch Patch383: 0001-i915-gt-Upgrade-GuC-70.44.1-70.49.4.drm +Patch384: 0001-drm-i915-no-force-probe-needed-for-mtl-platform.drm #rapl -Patch384: 0001-powercap-intel_rapl-Add-support-for-Bartlett-Lake-pl.rapl +Patch385: 0001-powercap-intel_rapl-Add-support-for-Bartlett-Lake-pl.rapl #misc -Patch385: 0001-Add-security.md-file.misc +Patch386: 0001-Add-security.md-file.misc #iommu -Patch386: 0001-driver-core-add-a-faux-bus-for-use-when-a-simple-dev.iommu -Patch387: 0002-iommu-io-pgtable-arm-dynamically-allocate-selftest-d.iommu +Patch387: 0001-driver-core-add-a-faux-bus-for-use-when-a-simple-dev.iommu +Patch388: 0002-iommu-io-pgtable-arm-dynamically-allocate-selftest-d.iommu #emt-drm -Patch388: 0075-drm-xe-gsc-mei-interrupt-top-half-should-be-in-irq-d.patch +Patch389: 0075-drm-xe-gsc-mei-interrupt-top-half-should-be-in-irq-d.patch #CVE-2025-21709 -Patch389: CVE-2025-21709.patch +Patch390: CVE-2025-21709.patch + #CVE-2025-21817 -Patch390: CVE-2025-21817.patch +Patch391: CVE-2025-21817.patch + #CVE-2025-22104 -Patch391: CVE-2025-22104.patch +Patch392: CVE-2025-22104.patch + #CVE-2025-22108 -Patch392: CVE-2025-22108.patch +Patch393: CVE-2025-22108.patch + #CVE-2025-22111 -Patch393: CVE-2025-22111.patch +Patch394: CVE-2025-22111.patch + #CVE-2025-22116 -Patch394: CVE-2025-22116.patch +Patch395: CVE-2025-22116.patch + #CVE-2025-22117 -Patch395: CVE-2025-22117.patch +Patch396: CVE-2025-22117.patch + #CVE-2025-23131 -Patch396: CVE-2025-23131.patch +Patch397: CVE-2025-23131.patch + #CVE-2025-37746 -Patch397: CVE-2025-37746.patch -Patch398: CVE-2025-37746-1.patch +Patch398: CVE-2025-37746.patch +Patch399: CVE-2025-37746-1.patch + #CVE-2025-37906 -Patch399: CVE-2025-37906.patch +Patch400: CVE-2025-37906.patch + #CVE-2025-38041 -Patch400: CVE-2025-38041.patch -Patch401: CVE-2025-38041-1.patch -Patch402: CVE-2025-38041-2.patch +Patch401: CVE-2025-38041.patch +Patch402: CVE-2025-38041-1.patch +Patch403: CVE-2025-38041-2.patch + #CVE-2025-38029 -Patch403: CVE-2025-38029.patch +Patch404: CVE-2025-38029.patch + #CVE-2025-38311 -Patch404: CVE-2025-38311.patch +Patch405: CVE-2025-38311.patch + #CVE-2025-38248 -Patch405: CVE-2025-38248.patch +Patch406: CVE-2025-38248.patch + #CVE-2025-38234 -Patch406: CVE-2025-38234.patch +Patch407: CVE-2025-38234.patch + #CVE-2025-38207 -Patch407: CVE-2025-38207.patch +Patch408: CVE-2025-38207.patch + #CVE-2025-38137 -Patch408: CVE-2025-38137.patch +Patch409: CVE-2025-38137.patch + #CVE-2025-40325 -Patch409: CVE-2025-40325.patch +Patch410: CVE-2025-40325.patch + #CVE-2025-38284 -Patch410: CVE-2025-38284.patch -Patch411: CVE-2025-38284-1.patch -Patch412: CVE-2025-38284-2.patch +Patch411: CVE-2025-38284.patch +Patch412: CVE-2025-38284-1.patch +Patch413: CVE-2025-38284-2.patch + #CVE-2025-38199 -Patch413: CVE-2025-38199.patch +Patch414: CVE-2025-38199.patch + #CVE-2025-38140 -Patch414: CVE-2025-38140.patch +Patch415: CVE-2025-38140.patch + #CVE-2025-38132 -Patch415: CVE-2025-38132.patch -Patch416: CVE-2025-38132-1.patch +Patch416: CVE-2025-38132.patch +Patch417: CVE-2025-38132-1.patch + #CVE-2025-37743 -Patch417: CVE-2025-37743.patch +Patch418: CVE-2025-37743.patch + #CVE-2025-23132 -Patch418: CVE-2025-23132.patch +Patch419: CVE-2025-23132.patch + #CVE-2025-22127 -Patch419: CVE-2025-22127.patch +Patch420: CVE-2025-22127.patch + #CVE-2025-22109 -Patch420: CVE-2025-22109.patch +Patch421: CVE-2025-22109.patch + #CVE-2025-21752 -Patch421: CVE-2025-21752.patch -Patch422: CVE-2025-21752-1.patch +Patch422: CVE-2025-21752.patch +Patch423: CVE-2025-21752-1.patch + #CVE-2024-58095 -Patch423: CVE-2024-58095.patch +Patch424: CVE-2024-58095.patch + #CVE-2024-58094 -Patch424: CVE-2024-58094.patch +Patch425: CVE-2024-58094.patch + #CVE-2024-52560 -Patch425: CVE-2024-52560.patch -Patch426: CVE-2024-52560-1.patch +Patch426: CVE-2024-52560.patch +Patch427: CVE-2024-52560-1.patch + #CVE-2025-38621 -Patch427: CVE-2025-38621.patch +Patch428: CVE-2025-38621.patch + #CVE-2025-38627 -Patch428: CVE-2025-38627.patch +Patch429: CVE-2025-38627.patch + #CVE-2025-39789 -Patch429: CVE-2025-39789.patch +Patch430: CVE-2025-39789.patch + #CVE-2025-39764 -Patch430: CVE-2025-39764.patch +Patch431: CVE-2025-39764.patch + #CVE-2025-39745 -Patch431: CVE-2025-39745.patch +Patch432: CVE-2025-39745.patch + #CVE-2025-39677 -Patch432: CVE-2025-39677.patch +Patch433: CVE-2025-39677.patch + #CVE-2025-39933 -Patch433: CVE-2025-39933.patch +Patch434: CVE-2025-39933.patch + #CVE-2025-39833 -Patch434: CVE-2025-39833.patch +Patch435: CVE-2025-39833.patch + #CVE-2025-39925 -Patch435: CVE-2025-39925.patch +Patch436: CVE-2025-39925.patch + #CVE-2025-39905 -Patch436: CVE-2025-39905.patch +Patch437: CVE-2025-39905.patch + #CVE-2025-39859 -Patch437: CVE-2025-39859.patch +Patch438: CVE-2025-39859.patch + #CVE-2025-39910 -Patch438: CVE-2025-39910.patch +Patch439: CVE-2025-39910.patch + #CVE-2025-40098 -Patch439: CVE-2025-40098.patch +Patch440: CVE-2025-40098.patch + #CVE-2025-40075 -Patch440: CVE-2025-40075.patch -Patch441: CVE-2025-40075-1.patch +Patch441: CVE-2025-40075.patch +Patch442: CVE-2025-40075-1.patch + #CVE-2025-40074 -Patch442: CVE-2025-40074.patch +Patch443: CVE-2025-40074.patch + #CVE-2025-40064 -Patch443: CVE-2025-40064.patch +Patch444: CVE-2025-40064.patch + #CVE-2025-40086 -Patch444: CVE-2025-40086.patch -Patch445: CVE-2025-40086-1.patch +Patch445: CVE-2025-40086.patch +Patch446: CVE-2025-40086-1.patch + #CVE-2025-40168 -Patch446: CVE-2025-40168.patch +Patch447: CVE-2025-40168.patch + #CVE-2025-40170 -Patch447: CVE-2025-40170.patch +Patch448: CVE-2025-40170.patch + #CVE-2025-40164 -Patch448: CVE-2025-40164.patch +Patch449: CVE-2025-40164.patch + #CVE-2025-40158 -Patch449: CVE-2025-40158.patch +Patch450: CVE-2025-40158.patch + #CVE-2025-40149 -Patch450: CVE-2025-40149.patch +Patch451: CVE-2025-40149.patch + #CVE-2025-40147 -Patch451: CVE-2025-40147.patch +Patch452: CVE-2025-40147.patch + #CVE-2025-40139 -Patch452: CVE-2025-40139.patch +Patch453: CVE-2025-40139.patch + #CVE-2025-40136 -Patch453: CVE-2025-40136.patch +Patch454: CVE-2025-40136.patch + #CVE-2025-40135 -Patch454: CVE-2025-40135.patch +Patch455: CVE-2025-40135.patch + #CVE-2025-40130 -Patch455: CVE-2025-40130.patch +Patch456: CVE-2025-40130.patch + #CVE-2025-38656 -Patch456: CVE-2025-38656.patch -Patch457: CVE-2025-38656-2.patch +Patch457: CVE-2025-38656.patch +Patch458: CVE-2025-38656-2.patch + #CVE-2025-38591 -Patch458: CVE-2025-38591.patch +Patch459: CVE-2025-38591.patch + #CVE-2025-38584 -Patch459: CVE-2025-38584.patch +Patch460: CVE-2025-38584.patch + +#CVE-2025-40215 +Patch461: CVE-2025-40215.patch + # CVE Patches %global security_hardening none @@ -701,8 +766,8 @@ manipulation of eBPF programs and maps. %prep %define _default_patch_flags -p1 --fuzz=3 --force -%setup -q -n linux-6.12.59 -%autosetup -p1 -n linux-6.12.59 +%setup -q -n linux-6.12.61 +%autosetup -p1 -n linux-6.12.61 # %patch 0 -p1 make mrproper @@ -948,6 +1013,9 @@ echo "initrd of kernel %{uname_r} removed" >&2 %{_sysconfdir}/bash_completion.d/bpftool %changelog +* Fri Jan 2 2026 Lishan Liu - 6.12.61-1 +- Update kernel to 6.12.61 + * Thu Dec 11 2025 Lishan Liu - 6.12.59-1 - Update kernel to 6.12.59 diff --git a/SPECS/kernel/series b/SPECS/kernel/series index c7ca87714b..b4fa2ccddc 100644 --- a/SPECS/kernel/series +++ b/SPECS/kernel/series @@ -1,5 +1,5 @@ -# Series file for v6.12.59 linux kernel -# d5dc97879a97 Linux 6.12.59 +# Series file for v6.12.61 linux kernel +# dcbeffaf66d03 Linux 6.12.61 #sriov 0001-drm-i915-mtl-Add-C10-table-for-HDMI-Clock-25175.sriov 0002-drm-i915-mtl-Copy-c10-phy-pll-sw-state-from-master-t.sriov @@ -395,6 +395,7 @@ 0017-drm-i915-no-waiting-for-page-flip-in-vpp-case.drm 0001-Remove-unneeded-files.patch 0001-i915-gt-Upgrade-GuC-70.44.1-70.49.4.drm +0001-drm-i915-no-force-probe-needed-for-mtl-platform.drm #rapl 0001-powercap-intel_rapl-Add-support-for-Bartlett-Lake-pl.rapl #misc @@ -594,3 +595,7 @@ CVE-2025-38591.patch #CVE-2025-38584 CVE-2025-38584.patch + +#CVE-2025-40215 +CVE-2025-40215.patch + diff --git a/SPECS/nvidia-data-center-driver/nvidia-data-center-driver.spec b/SPECS/nvidia-data-center-driver/nvidia-data-center-driver.spec index 975cf0668d..2a704c415b 100644 --- a/SPECS/nvidia-data-center-driver/nvidia-data-center-driver.spec +++ b/SPECS/nvidia-data-center-driver/nvidia-data-center-driver.spec @@ -10,7 +10,7 @@ Summary: nvidia gpu driver kernel module for data center devices Name: nvidia-data-center-driver Version: 570.133.20 -Release: 13%{?dist} +Release: 14%{?dist} License: Public Domain Source0: https://us.download.nvidia.com/tesla/%{version}/NVIDIA-Linux-x86_64-%{version}.run Vendor: Intel Corporation @@ -51,6 +51,9 @@ make INSTALL_MOD_PATH=%{buildroot} modules_install /sbin/depmod -a %changelog +* Fri Jan 2 2026 Lishan Liu - 570.133.20-14 +- Bump release to rebuild + * Thu Dec 11 2025 Lishan Liu - 570.133.20-13 - Bump release to rebuild diff --git a/cgmanifest.json b/cgmanifest.json index 01badaffdd..bcbc7cc257 100644 --- a/cgmanifest.json +++ b/cgmanifest.json @@ -8471,8 +8471,8 @@ "type": "other", "other": { "name": "kernel", - "version": "6.12.59", - "downloadUrl": "https://www.kernel.org/pub/linux/kernel/v6.x/linux-6.12.59.tar.gz" + "version": "6.12.61", + "downloadUrl": "https://www.kernel.org/pub/linux/kernel/v6.x/linux-6.12.61.tar.gz" } } }, @@ -8501,8 +8501,8 @@ "type": "other", "other": { "name": "kernel-headers", - "version": "6.12.59", - "downloadUrl": "https://www.kernel.org/pub/linux/kernel/v6.x/linux-6.12.59.tar.gz" + "version": "6.12.61", + "downloadUrl": "https://www.kernel.org/pub/linux/kernel/v6.x/linux-6.12.61.tar.gz" } } }, @@ -8541,8 +8541,8 @@ "type": "other", "other": { "name": "kernel-rt", - "version": "6.12.59", - "downloadUrl": "https://www.kernel.org/pub/linux/kernel/v6.x/linux-6.12.59.tar.gz" + "version": "6.12.61", + "downloadUrl": "https://www.kernel.org/pub/linux/kernel/v6.x/linux-6.12.61.tar.gz" } } }, diff --git a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt index d213519610..855a0897b4 100644 --- a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt +++ b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt @@ -1,5 +1,5 @@ filesystem-1.1-21.emt3.x86_64.rpm -kernel-headers-6.12.59-1.emt3.noarch.rpm +kernel-headers-6.12.61-1.emt3.noarch.rpm glibc-2.38-12.emt3.x86_64.rpm glibc-devel-2.38-12.emt3.x86_64.rpm glibc-i18n-2.38-12.emt3.x86_64.rpm diff --git a/toolkit/resources/manifests/package/toolchain_x86_64.txt b/toolkit/resources/manifests/package/toolchain_x86_64.txt index 798dfef099..b49428ba92 100644 --- a/toolkit/resources/manifests/package/toolchain_x86_64.txt +++ b/toolkit/resources/manifests/package/toolchain_x86_64.txt @@ -150,8 +150,8 @@ intltool-0.51.0-7.emt3.noarch.rpm itstool-2.0.7-1.emt3.noarch.rpm kbd-2.2.0-2.emt3.x86_64.rpm kbd-debuginfo-2.2.0-2.emt3.x86_64.rpm -kernel-cross-headers-6.12.59-1.emt3.noarch.rpm -kernel-headers-6.12.59-1.emt3.noarch.rpm +kernel-cross-headers-6.12.61-1.emt3.noarch.rpm +kernel-headers-6.12.61-1.emt3.noarch.rpm kmod-30-1.emt3.x86_64.rpm kmod-debuginfo-30-1.emt3.x86_64.rpm kmod-devel-30-1.emt3.x86_64.rpm diff --git a/toolkit/scripts/toolchain/container/Dockerfile b/toolkit/scripts/toolchain/container/Dockerfile index ae8be7e443..bd82c6769c 100644 --- a/toolkit/scripts/toolchain/container/Dockerfile +++ b/toolkit/scripts/toolchain/container/Dockerfile @@ -63,7 +63,7 @@ RUN wget -nv --no-clobber --timeout=30 --continue --input-file=$LFS/tools/toolch # Disable downloading from remote sources by default. The 'toolchain-local-wget-list' generated for the above line will download from $(SOURCE_URL) # The 'toolchain-remote-wget-list' is still available and can be used as an alternate to $(SOURCE_URL) if desired. #RUN wget -nv --no-clobber --timeout=30 --continue --input-file=$LFS/tools/toolchain-remote-wget-list --directory-prefix=$LFS/sources; exit 0 -RUN wget -nv --no-clobber --timeout=30 --continue https://github.com/intel/linux-intel-lts/archive/refs/tags/lts-v6.12.59-emt-251202T195146Z -O lts-v6.12.59-emt-251202T195146Z --directory-prefix=$LFS/sources; exit 0 +RUN wget -nv --no-clobber --timeout=30 --continue https://github.com/intel/linux-intel-lts/archive/refs/tags/lts-v6.12.61-emt-251211T124904Z -O lts-v6.12.61-emt-251211T124904Z --directory-prefix=$LFS/sources; exit 0 USER root RUN mkdir -pv $LFS/{etc,var} $LFS/usr/{bin,lib,sbin} && \ diff --git a/toolkit/scripts/toolchain/container/toolchain-sha256sums b/toolkit/scripts/toolchain/container/toolchain-sha256sums index 746bf7de6f..50826ebfb1 100644 --- a/toolkit/scripts/toolchain/container/toolchain-sha256sums +++ b/toolkit/scripts/toolchain/container/toolchain-sha256sums @@ -28,7 +28,7 @@ a3c2b80201b89e68616f4ad30bc66aee4927c3ce50e33929ca819d5c43538898 gmp-6.3.0.tar. 1db2aedde89d0dea42b16d9528f894c8d15dae4e190b59aecc78f5a951276eab grep-3.11.tar.xz 6b9757f592b7518b4902eb6af7e54570bdccba37a871fddb2d30ae3863511c13 groff-1.23.0.tar.gz 7454eb6935db17c6655576c2e1b0fabefd38b4d0936e0f87f48cd062ce91a057 gzip-1.13.tar.xz -93dfe627d321f016291054449a8e4bf9051de19687fbf1a6f584a2b79f8f5d2c linux-6.12.59.tar.gz +7fb34abab0902a47ce1d47de58442e69e0e79d17f565b41fcb11249ea5b23801 linux-6.12.61.tar.gz 5d24e40819768f74daf846b99837fc53a3a9dcdf3ce1c2003fe0596db850f0f0 libarchive-3.7.1.tar.gz f311f8f3dad84699d0566d1d6f7ec943a9298b28f714cae3c931dfd57492d7eb libcap-2.69.tar.xz b8b45194989022a79ec1317f64a2a75b1551b2a55bea06f67704cb2a2e4690b0 libpipeline-1.5.7.tar.gz diff --git a/toolkit/scripts/toolchain/container/toolchain_build_temp_tools.sh b/toolkit/scripts/toolchain/container/toolchain_build_temp_tools.sh index 33c5183c9e..a8f7955c4d 100755 --- a/toolkit/scripts/toolchain/container/toolchain_build_temp_tools.sh +++ b/toolkit/scripts/toolchain/container/toolchain_build_temp_tools.sh @@ -86,9 +86,9 @@ rm -rf gcc-13.2.0 touch $LFS/logs/temptoolchain/status_gcc_pass1_complete -KERNEL_VERSION="6.12.59" +KERNEL_VERSION="6.12.61" echo Linux-${KERNEL_VERSION} API Headers -tar xf linux-6.12.59.tar.gz +tar xf linux-6.12.61.tar.gz pushd linux-${KERNEL_VERSION} make mrproper make headers