summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Makefile.rhelver2
-rw-r--r--kernel-aarch64-debug-fedora.config5
-rw-r--r--kernel-aarch64-debug-rhel.config17
-rw-r--r--kernel-aarch64-fedora.config5
-rw-r--r--kernel-aarch64-rhel.config17
-rw-r--r--kernel-armv7hl-debug-fedora.config4
-rw-r--r--kernel-armv7hl-fedora.config4
-rw-r--r--kernel-armv7hl-lpae-debug-fedora.config4
-rw-r--r--kernel-armv7hl-lpae-fedora.config4
-rw-r--r--kernel-i686-debug-fedora.config8
-rw-r--r--kernel-i686-fedora.config8
-rw-r--r--kernel-ppc64le-debug-fedora.config6
-rw-r--r--kernel-ppc64le-debug-rhel.config20
-rw-r--r--kernel-ppc64le-fedora.config6
-rw-r--r--kernel-ppc64le-rhel.config20
-rw-r--r--kernel-s390x-debug-fedora.config6
-rw-r--r--kernel-s390x-debug-rhel.config18
-rw-r--r--kernel-s390x-fedora.config6
-rw-r--r--kernel-s390x-rhel.config18
-rw-r--r--kernel-s390x-zfcpdump-rhel.config18
-rw-r--r--kernel-x86_64-debug-fedora.config6
-rw-r--r--kernel-x86_64-debug-rhel.config15
-rw-r--r--kernel-x86_64-fedora.config6
-rw-r--r--kernel-x86_64-rhel.config15
-rwxr-xr-xkernel.spec20
-rw-r--r--patch-5.12.0-redhat.patch10
-rw-r--r--sources6
27 files changed, 144 insertions, 130 deletions
diff --git a/Makefile.rhelver b/Makefile.rhelver
index 8dfb22e9e..f7cbe41db 100644
--- a/Makefile.rhelver
+++ b/Makefile.rhelver
@@ -12,7 +12,7 @@ RHEL_MINOR = 99
#
# Use this spot to avoid future merge conflicts.
# Do not trim this comment.
-RHEL_RELEASE = 176
+RHEL_RELEASE = 178
#
# Early y+1 numbering
diff --git a/kernel-aarch64-debug-fedora.config b/kernel-aarch64-debug-fedora.config
index 5e555106b..8c98f47c8 100644
--- a/kernel-aarch64-debug-fedora.config
+++ b/kernel-aarch64-debug-fedora.config
@@ -3553,8 +3553,8 @@ CONFIG_LOOPBACK_TARGET=m
CONFIG_LP_CONSOLE=y
# CONFIG_LPC_SCH is not set
CONFIG_LSI_ET1011C_PHY=m
-CONFIG_LSM_MMAP_MIN_ADDR=65536
-CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
+CONFIG_LSM_MMAP_MIN_ADDR=65535
CONFIG_LTC1660=m
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -4762,6 +4762,7 @@ CONFIG_NUMA_BALANCING=y
CONFIG_NUMA=y
CONFIG_NVDIMM_DAX=y
CONFIG_NVDIMM_PFN=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
CONFIG_NVME_HWMON=y
# CONFIG_NVMEM_IMX_IIM is not set
diff --git a/kernel-aarch64-debug-rhel.config b/kernel-aarch64-debug-rhel.config
index e544d94f3..f3434c01d 100644
--- a/kernel-aarch64-debug-rhel.config
+++ b/kernel-aarch64-debug-rhel.config
@@ -533,7 +533,7 @@ CONFIG_BPF_EVENTS=y
CONFIG_BPF_JIT_ALWAYS_ON=y
CONFIG_BPF_JIT=y
# CONFIG_BPF_KPROBE_OVERRIDE is not set
-# CONFIG_BPF_LSM is not set
+CONFIG_BPF_LSM=y
# CONFIG_BPF_PRELOAD is not set
CONFIG_BPF_STREAM_PARSER=y
CONFIG_BPF_SYSCALL=y
@@ -1010,14 +1010,12 @@ CONFIG_CRYPTO_MANAGER=y
CONFIG_CRYPTO_MD4=m
CONFIG_CRYPTO_MD5=y
CONFIG_CRYPTO_MICHAEL_MIC=m
-CONFIG_CRYPTO_NHPOLY1305_AVX2=m
CONFIG_CRYPTO_NHPOLY1305_NEON=m
-CONFIG_CRYPTO_NHPOLY1305_SSE2=m
CONFIG_CRYPTO_OFB=m
CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
+CONFIG_CRYPTO_POLY1305_NEON=m
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
CONFIG_CRYPTO_RMD256=m
@@ -2821,6 +2819,10 @@ CONFIG_LLC=m
CONFIG_LOCALVERSION=""
# CONFIG_LOCALVERSION_AUTO is not set
CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set
+CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y
CONFIG_LOCKD_V4=y
CONFIG_LOCK_EVENT_COUNTS=y
# CONFIG_LOCK_STAT is not set
@@ -2841,8 +2843,8 @@ CONFIG_LOOPBACK_TARGET=m
# CONFIG_LP_CONSOLE is not set
# CONFIG_LPC_SCH is not set
CONFIG_LSI_ET1011C_PHY=m
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
CONFIG_LSM_MMAP_MIN_ADDR=65535
-CONFIG_LSM="yama,integrity,selinux"
# CONFIG_LTC1660 is not set
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -3845,6 +3847,7 @@ CONFIG_NUMA_BALANCING=y
CONFIG_NUMA=y
CONFIG_NVDIMM_DAX=y
CONFIG_NVDIMM_PFN=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
# CONFIG_NVME_HWMON is not set
# CONFIG_NVMEM_BCM_OCOTP is not set
@@ -4746,13 +4749,13 @@ CONFIG_SECTION_MISMATCH_WARN_ONLY=y
CONFIG_SECURITYFS=y
CONFIG_SECURITY_INFINIBAND=y
# CONFIG_SECURITY_LOADPIN is not set
-# CONFIG_SECURITY_LOCKDOWN_LSM is not set
+CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
+CONFIG_SECURITY_LOCKDOWN_LSM=y
CONFIG_SECURITY_NETWORK_XFRM=y
CONFIG_SECURITY_NETWORK=y
# CONFIG_SECURITY_PATH is not set
# CONFIG_SECURITY_SAFESETID is not set
CONFIG_SECURITY_SELINUX_AVC_STATS=y
-CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
CONFIG_SECURITY_SELINUX_BOOTPARAM=y
CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0
CONFIG_SECURITY_SELINUX_DEVELOP=y
diff --git a/kernel-aarch64-fedora.config b/kernel-aarch64-fedora.config
index 86ad13ece..3434a8c7b 100644
--- a/kernel-aarch64-fedora.config
+++ b/kernel-aarch64-fedora.config
@@ -3531,8 +3531,8 @@ CONFIG_LOOPBACK_TARGET=m
CONFIG_LP_CONSOLE=y
# CONFIG_LPC_SCH is not set
CONFIG_LSI_ET1011C_PHY=m
-CONFIG_LSM_MMAP_MIN_ADDR=65536
-CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
+CONFIG_LSM_MMAP_MIN_ADDR=65535
CONFIG_LTC1660=m
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -4739,6 +4739,7 @@ CONFIG_NUMA_BALANCING=y
CONFIG_NUMA=y
CONFIG_NVDIMM_DAX=y
CONFIG_NVDIMM_PFN=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
CONFIG_NVME_HWMON=y
# CONFIG_NVMEM_IMX_IIM is not set
diff --git a/kernel-aarch64-rhel.config b/kernel-aarch64-rhel.config
index 875be5731..3df3c161c 100644
--- a/kernel-aarch64-rhel.config
+++ b/kernel-aarch64-rhel.config
@@ -533,7 +533,7 @@ CONFIG_BPF_EVENTS=y
CONFIG_BPF_JIT_ALWAYS_ON=y
CONFIG_BPF_JIT=y
# CONFIG_BPF_KPROBE_OVERRIDE is not set
-# CONFIG_BPF_LSM is not set
+CONFIG_BPF_LSM=y
# CONFIG_BPF_PRELOAD is not set
CONFIG_BPF_STREAM_PARSER=y
CONFIG_BPF_SYSCALL=y
@@ -1010,14 +1010,12 @@ CONFIG_CRYPTO_MANAGER=y
CONFIG_CRYPTO_MD4=m
CONFIG_CRYPTO_MD5=y
CONFIG_CRYPTO_MICHAEL_MIC=m
-CONFIG_CRYPTO_NHPOLY1305_AVX2=m
CONFIG_CRYPTO_NHPOLY1305_NEON=m
-CONFIG_CRYPTO_NHPOLY1305_SSE2=m
CONFIG_CRYPTO_OFB=m
CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
+CONFIG_CRYPTO_POLY1305_NEON=m
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
CONFIG_CRYPTO_RMD256=m
@@ -2801,6 +2799,10 @@ CONFIG_LLC=m
CONFIG_LOCALVERSION=""
# CONFIG_LOCALVERSION_AUTO is not set
CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set
+CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y
CONFIG_LOCKD_V4=y
# CONFIG_LOCK_EVENT_COUNTS is not set
# CONFIG_LOCK_STAT is not set
@@ -2821,8 +2823,8 @@ CONFIG_LOOPBACK_TARGET=m
# CONFIG_LP_CONSOLE is not set
# CONFIG_LPC_SCH is not set
CONFIG_LSI_ET1011C_PHY=m
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
CONFIG_LSM_MMAP_MIN_ADDR=65535
-CONFIG_LSM="yama,integrity,selinux"
# CONFIG_LTC1660 is not set
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -3825,6 +3827,7 @@ CONFIG_NUMA_BALANCING=y
CONFIG_NUMA=y
CONFIG_NVDIMM_DAX=y
CONFIG_NVDIMM_PFN=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
# CONFIG_NVME_HWMON is not set
# CONFIG_NVMEM_BCM_OCOTP is not set
@@ -4725,13 +4728,13 @@ CONFIG_SECTION_MISMATCH_WARN_ONLY=y
CONFIG_SECURITYFS=y
CONFIG_SECURITY_INFINIBAND=y
# CONFIG_SECURITY_LOADPIN is not set
-# CONFIG_SECURITY_LOCKDOWN_LSM is not set
+CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
+CONFIG_SECURITY_LOCKDOWN_LSM=y
CONFIG_SECURITY_NETWORK_XFRM=y
CONFIG_SECURITY_NETWORK=y
# CONFIG_SECURITY_PATH is not set
# CONFIG_SECURITY_SAFESETID is not set
CONFIG_SECURITY_SELINUX_AVC_STATS=y
-CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
CONFIG_SECURITY_SELINUX_BOOTPARAM=y
CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0
CONFIG_SECURITY_SELINUX_DEVELOP=y
diff --git a/kernel-armv7hl-debug-fedora.config b/kernel-armv7hl-debug-fedora.config
index 14de6e846..dee8218ee 100644
--- a/kernel-armv7hl-debug-fedora.config
+++ b/kernel-armv7hl-debug-fedora.config
@@ -1385,7 +1385,6 @@ CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305_ARM=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
CONFIG_CRYPTO_RMD256=m
@@ -3599,8 +3598,8 @@ CONFIG_LOOPBACK_TARGET=m
CONFIG_LP_CONSOLE=y
# CONFIG_LPC_SCH is not set
CONFIG_LSI_ET1011C_PHY=m
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
CONFIG_LSM_MMAP_MIN_ADDR=32768
-CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"
CONFIG_LTC1660=m
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -4839,6 +4838,7 @@ CONFIG_NS83820=m
CONFIG_NULL_TTY=m
CONFIG_NVEC_PAZ00=y
CONFIG_NVEC_POWER=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
CONFIG_NVME_HWMON=y
CONFIG_NVMEM_IMX_IIM=m
diff --git a/kernel-armv7hl-fedora.config b/kernel-armv7hl-fedora.config
index 5c897e759..d876c9416 100644
--- a/kernel-armv7hl-fedora.config
+++ b/kernel-armv7hl-fedora.config
@@ -1385,7 +1385,6 @@ CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305_ARM=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
CONFIG_CRYPTO_RMD256=m
@@ -3578,8 +3577,8 @@ CONFIG_LOOPBACK_TARGET=m
CONFIG_LP_CONSOLE=y
# CONFIG_LPC_SCH is not set
CONFIG_LSI_ET1011C_PHY=m
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
CONFIG_LSM_MMAP_MIN_ADDR=32768
-CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"
CONFIG_LTC1660=m
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -4817,6 +4816,7 @@ CONFIG_NS83820=m
CONFIG_NULL_TTY=m
CONFIG_NVEC_PAZ00=y
CONFIG_NVEC_POWER=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
CONFIG_NVME_HWMON=y
CONFIG_NVMEM_IMX_IIM=m
diff --git a/kernel-armv7hl-lpae-debug-fedora.config b/kernel-armv7hl-lpae-debug-fedora.config
index 892b17292..a539eea4d 100644
--- a/kernel-armv7hl-lpae-debug-fedora.config
+++ b/kernel-armv7hl-lpae-debug-fedora.config
@@ -1355,7 +1355,6 @@ CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305_ARM=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
CONFIG_CRYPTO_RMD256=m
@@ -3525,8 +3524,8 @@ CONFIG_LOOPBACK_TARGET=m
CONFIG_LP_CONSOLE=y
# CONFIG_LPC_SCH is not set
CONFIG_LSI_ET1011C_PHY=m
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
CONFIG_LSM_MMAP_MIN_ADDR=32768
-CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"
CONFIG_LTC1660=m
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -4733,6 +4732,7 @@ CONFIG_NS83820=m
# CONFIG_NTB is not set
# CONFIG_NTFS_FS is not set
CONFIG_NULL_TTY=m
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
CONFIG_NVME_HWMON=y
CONFIG_NVMEM_IMX_IIM=m
diff --git a/kernel-armv7hl-lpae-fedora.config b/kernel-armv7hl-lpae-fedora.config
index 67f146985..4b2effd6e 100644
--- a/kernel-armv7hl-lpae-fedora.config
+++ b/kernel-armv7hl-lpae-fedora.config
@@ -1355,7 +1355,6 @@ CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305_ARM=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
CONFIG_CRYPTO_RMD256=m
@@ -3504,8 +3503,8 @@ CONFIG_LOOPBACK_TARGET=m
CONFIG_LP_CONSOLE=y
# CONFIG_LPC_SCH is not set
CONFIG_LSI_ET1011C_PHY=m
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
CONFIG_LSM_MMAP_MIN_ADDR=32768
-CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"
CONFIG_LTC1660=m
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -4711,6 +4710,7 @@ CONFIG_NS83820=m
# CONFIG_NTB is not set
# CONFIG_NTFS_FS is not set
CONFIG_NULL_TTY=m
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
CONFIG_NVME_HWMON=y
CONFIG_NVMEM_IMX_IIM=m
diff --git a/kernel-i686-debug-fedora.config b/kernel-i686-debug-fedora.config
index d7fdfb76a..877ad2689 100644
--- a/kernel-i686-debug-fedora.config
+++ b/kernel-i686-debug-fedora.config
@@ -1093,14 +1093,11 @@ CONFIG_CRYPTO_MANAGER=y
CONFIG_CRYPTO_MD4=m
CONFIG_CRYPTO_MD5=y
CONFIG_CRYPTO_MICHAEL_MIC=m
-CONFIG_CRYPTO_NHPOLY1305_AVX2=m
-CONFIG_CRYPTO_NHPOLY1305_SSE2=m
CONFIG_CRYPTO_NULL=y
CONFIG_CRYPTO_OFB=m
CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
CONFIG_CRYPTO_RMD256=m
@@ -3227,8 +3224,8 @@ CONFIG_LPC_ICH=m
CONFIG_LP_CONSOLE=y
CONFIG_LPC_SCH=m
CONFIG_LSI_ET1011C_PHY=m
-CONFIG_LSM_MMAP_MIN_ADDR=65536
-CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
+CONFIG_LSM_MMAP_MIN_ADDR=65535
CONFIG_LTC1660=m
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -4371,6 +4368,7 @@ CONFIG_NSC_GPIO=m
# CONFIG_NTFS_FS is not set
CONFIG_NULL_TTY=m
# CONFIG_NUMA is not set
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
CONFIG_NVME_HWMON=y
# CONFIG_NVMEM_REBOOT_MODE is not set
diff --git a/kernel-i686-fedora.config b/kernel-i686-fedora.config
index accadeb33..9ca6b6c06 100644
--- a/kernel-i686-fedora.config
+++ b/kernel-i686-fedora.config
@@ -1092,14 +1092,11 @@ CONFIG_CRYPTO_MANAGER=y
CONFIG_CRYPTO_MD4=m
CONFIG_CRYPTO_MD5=y
CONFIG_CRYPTO_MICHAEL_MIC=m
-CONFIG_CRYPTO_NHPOLY1305_AVX2=m
-CONFIG_CRYPTO_NHPOLY1305_SSE2=m
CONFIG_CRYPTO_NULL=y
CONFIG_CRYPTO_OFB=m
CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
CONFIG_CRYPTO_RMD256=m
@@ -3205,8 +3202,8 @@ CONFIG_LPC_ICH=m
CONFIG_LP_CONSOLE=y
CONFIG_LPC_SCH=m
CONFIG_LSI_ET1011C_PHY=m
-CONFIG_LSM_MMAP_MIN_ADDR=65536
-CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
+CONFIG_LSM_MMAP_MIN_ADDR=65535
CONFIG_LTC1660=m
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -4349,6 +4346,7 @@ CONFIG_NSC_GPIO=m
# CONFIG_NTFS_FS is not set
CONFIG_NULL_TTY=m
# CONFIG_NUMA is not set
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
CONFIG_NVME_HWMON=y
# CONFIG_NVMEM_REBOOT_MODE is not set
diff --git a/kernel-ppc64le-debug-fedora.config b/kernel-ppc64le-debug-fedora.config
index 45042c0bb..d3c648e2e 100644
--- a/kernel-ppc64le-debug-fedora.config
+++ b/kernel-ppc64le-debug-fedora.config
@@ -1038,7 +1038,6 @@ CONFIG_CRYPTO_OFB=m
CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
CONFIG_CRYPTO_RMD256=m
@@ -2984,8 +2983,8 @@ CONFIG_LPARCFG=y
CONFIG_LP_CONSOLE=y
# CONFIG_LPC_SCH is not set
CONFIG_LSI_ET1011C_PHY=m
-CONFIG_LSM_MMAP_MIN_ADDR=65536
-CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
+CONFIG_LSM_MMAP_MIN_ADDR=65535
CONFIG_LTC1660=m
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -4095,6 +4094,7 @@ CONFIG_NUMA_BALANCING=y
CONFIG_NUMA=y
CONFIG_NVDIMM_DAX=y
CONFIG_NVDIMM_PFN=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
CONFIG_NVME_HWMON=y
# CONFIG_NVMEM_REBOOT_MODE is not set
diff --git a/kernel-ppc64le-debug-rhel.config b/kernel-ppc64le-debug-rhel.config
index 2743dc425..c704ba9b0 100644
--- a/kernel-ppc64le-debug-rhel.config
+++ b/kernel-ppc64le-debug-rhel.config
@@ -424,7 +424,7 @@ CONFIG_BPF_EVENTS=y
CONFIG_BPF_JIT_ALWAYS_ON=y
CONFIG_BPF_JIT=y
# CONFIG_BPF_KPROBE_OVERRIDE is not set
-# CONFIG_BPF_LSM is not set
+CONFIG_BPF_LSM=y
# CONFIG_BPF_PRELOAD is not set
CONFIG_BPF_STREAM_PARSER=y
CONFIG_BPF_SYSCALL=y
@@ -795,8 +795,7 @@ CONFIG_CRYPTO_CBC=y
CONFIG_CRYPTO_CCM=m
# CONFIG_CRYPTO_CFB is not set
CONFIG_CRYPTO_CHACHA20=m
-CONFIG_CRYPTO_CHACHA20_NEON=m
-# CONFIG_CRYPTO_CHACHA20POLY1305 is not set
+CONFIG_CRYPTO_CHACHA20POLY1305=m
CONFIG_CRYPTO_CMAC=m
# CONFIG_CRYPTO_CRC32C_VPMSUM is not set
CONFIG_CRYPTO_CRC32C=y
@@ -871,14 +870,10 @@ CONFIG_CRYPTO_MD4=m
# CONFIG_CRYPTO_MD5_PPC is not set
CONFIG_CRYPTO_MD5=y
CONFIG_CRYPTO_MICHAEL_MIC=m
-CONFIG_CRYPTO_NHPOLY1305_AVX2=m
-CONFIG_CRYPTO_NHPOLY1305_NEON=m
-CONFIG_CRYPTO_NHPOLY1305_SSE2=m
CONFIG_CRYPTO_OFB=m
CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
CONFIG_CRYPTO_RMD256=m
@@ -2679,6 +2674,10 @@ CONFIG_LLC=m
CONFIG_LOCALVERSION=""
# CONFIG_LOCALVERSION_AUTO is not set
CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set
+CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y
CONFIG_LOCKD_V4=y
CONFIG_LOCK_EVENT_COUNTS=y
CONFIG_LOCK_STAT=y
@@ -2700,8 +2699,8 @@ CONFIG_LPARCFG=y
# CONFIG_LP_CONSOLE is not set
# CONFIG_LPC_SCH is not set
CONFIG_LSI_ET1011C_PHY=m
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
CONFIG_LSM_MMAP_MIN_ADDR=65535
-CONFIG_LSM="yama,integrity,selinux"
# CONFIG_LTC1660 is not set
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -3686,6 +3685,7 @@ CONFIG_NUMA_BALANCING=y
CONFIG_NUMA=y
CONFIG_NVDIMM_DAX=y
CONFIG_NVDIMM_PFN=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
# CONFIG_NVME_HWMON is not set
# CONFIG_NVMEM_REBOOT_MODE is not set
@@ -4573,13 +4573,13 @@ CONFIG_SECTION_MISMATCH_WARN_ONLY=y
CONFIG_SECURITYFS=y
CONFIG_SECURITY_INFINIBAND=y
# CONFIG_SECURITY_LOADPIN is not set
-# CONFIG_SECURITY_LOCKDOWN_LSM is not set
+CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
+CONFIG_SECURITY_LOCKDOWN_LSM=y
CONFIG_SECURITY_NETWORK_XFRM=y
CONFIG_SECURITY_NETWORK=y
# CONFIG_SECURITY_PATH is not set
# CONFIG_SECURITY_SAFESETID is not set
CONFIG_SECURITY_SELINUX_AVC_STATS=y
-CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
CONFIG_SECURITY_SELINUX_BOOTPARAM=y
CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0
CONFIG_SECURITY_SELINUX_DEVELOP=y
diff --git a/kernel-ppc64le-fedora.config b/kernel-ppc64le-fedora.config
index ce13755e9..34d67e16e 100644
--- a/kernel-ppc64le-fedora.config
+++ b/kernel-ppc64le-fedora.config
@@ -1037,7 +1037,6 @@ CONFIG_CRYPTO_OFB=m
CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
CONFIG_CRYPTO_RMD256=m
@@ -2962,8 +2961,8 @@ CONFIG_LPARCFG=y
CONFIG_LP_CONSOLE=y
# CONFIG_LPC_SCH is not set
CONFIG_LSI_ET1011C_PHY=m
-CONFIG_LSM_MMAP_MIN_ADDR=65536
-CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
+CONFIG_LSM_MMAP_MIN_ADDR=65535
CONFIG_LTC1660=m
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -4072,6 +4071,7 @@ CONFIG_NUMA_BALANCING=y
CONFIG_NUMA=y
CONFIG_NVDIMM_DAX=y
CONFIG_NVDIMM_PFN=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
CONFIG_NVME_HWMON=y
# CONFIG_NVMEM_REBOOT_MODE is not set
diff --git a/kernel-ppc64le-rhel.config b/kernel-ppc64le-rhel.config
index 989d129ac..4d0ea7a26 100644
--- a/kernel-ppc64le-rhel.config
+++ b/kernel-ppc64le-rhel.config
@@ -424,7 +424,7 @@ CONFIG_BPF_EVENTS=y
CONFIG_BPF_JIT_ALWAYS_ON=y
CONFIG_BPF_JIT=y
# CONFIG_BPF_KPROBE_OVERRIDE is not set
-# CONFIG_BPF_LSM is not set
+CONFIG_BPF_LSM=y
# CONFIG_BPF_PRELOAD is not set
CONFIG_BPF_STREAM_PARSER=y
CONFIG_BPF_SYSCALL=y
@@ -795,8 +795,7 @@ CONFIG_CRYPTO_CBC=y
CONFIG_CRYPTO_CCM=m
# CONFIG_CRYPTO_CFB is not set
CONFIG_CRYPTO_CHACHA20=m
-CONFIG_CRYPTO_CHACHA20_NEON=m
-# CONFIG_CRYPTO_CHACHA20POLY1305 is not set
+CONFIG_CRYPTO_CHACHA20POLY1305=m
CONFIG_CRYPTO_CMAC=m
# CONFIG_CRYPTO_CRC32C_VPMSUM is not set
CONFIG_CRYPTO_CRC32C=y
@@ -871,14 +870,10 @@ CONFIG_CRYPTO_MD4=m
# CONFIG_CRYPTO_MD5_PPC is not set
CONFIG_CRYPTO_MD5=y
CONFIG_CRYPTO_MICHAEL_MIC=m
-CONFIG_CRYPTO_NHPOLY1305_AVX2=m
-CONFIG_CRYPTO_NHPOLY1305_NEON=m
-CONFIG_CRYPTO_NHPOLY1305_SSE2=m
CONFIG_CRYPTO_OFB=m
CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
CONFIG_CRYPTO_RMD256=m
@@ -2662,6 +2657,10 @@ CONFIG_LLC=m
CONFIG_LOCALVERSION=""
# CONFIG_LOCALVERSION_AUTO is not set
CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set
+CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y
CONFIG_LOCKD_V4=y
# CONFIG_LOCK_EVENT_COUNTS is not set
# CONFIG_LOCK_STAT is not set
@@ -2683,8 +2682,8 @@ CONFIG_LPARCFG=y
# CONFIG_LP_CONSOLE is not set
# CONFIG_LPC_SCH is not set
CONFIG_LSI_ET1011C_PHY=m
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
CONFIG_LSM_MMAP_MIN_ADDR=65535
-CONFIG_LSM="yama,integrity,selinux"
# CONFIG_LTC1660 is not set
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -3669,6 +3668,7 @@ CONFIG_NUMA_BALANCING=y
CONFIG_NUMA=y
CONFIG_NVDIMM_DAX=y
CONFIG_NVDIMM_PFN=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
# CONFIG_NVME_HWMON is not set
# CONFIG_NVMEM_REBOOT_MODE is not set
@@ -4556,13 +4556,13 @@ CONFIG_SECTION_MISMATCH_WARN_ONLY=y
CONFIG_SECURITYFS=y
CONFIG_SECURITY_INFINIBAND=y
# CONFIG_SECURITY_LOADPIN is not set
-# CONFIG_SECURITY_LOCKDOWN_LSM is not set
+CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
+CONFIG_SECURITY_LOCKDOWN_LSM=y
CONFIG_SECURITY_NETWORK_XFRM=y
CONFIG_SECURITY_NETWORK=y
# CONFIG_SECURITY_PATH is not set
# CONFIG_SECURITY_SAFESETID is not set
CONFIG_SECURITY_SELINUX_AVC_STATS=y
-CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
CONFIG_SECURITY_SELINUX_BOOTPARAM=y
CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0
CONFIG_SECURITY_SELINUX_DEVELOP=y
diff --git a/kernel-s390x-debug-fedora.config b/kernel-s390x-debug-fedora.config
index 427a3ab72..682aeca53 100644
--- a/kernel-s390x-debug-fedora.config
+++ b/kernel-s390x-debug-fedora.config
@@ -1040,7 +1040,6 @@ CONFIG_CRYPTO_PAES_S390=m
CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
CONFIG_CRYPTO_RMD256=m
@@ -2957,8 +2956,8 @@ CONFIG_LOOPBACK_TARGET=m
CONFIG_LP_CONSOLE=y
# CONFIG_LPC_SCH is not set
CONFIG_LSI_ET1011C_PHY=m
-CONFIG_LSM_MMAP_MIN_ADDR=65536
-CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
+CONFIG_LSM_MMAP_MIN_ADDR=65535
CONFIG_LTC1660=m
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -4065,6 +4064,7 @@ CONFIG_NULL_TTY=m
CONFIG_NUMA_BALANCING=y
CONFIG_NUMA_EMU=y
CONFIG_NUMA=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
CONFIG_NVME_HWMON=y
# CONFIG_NVMEM_REBOOT_MODE is not set
diff --git a/kernel-s390x-debug-rhel.config b/kernel-s390x-debug-rhel.config
index 44108c554..9da3c6b59 100644
--- a/kernel-s390x-debug-rhel.config
+++ b/kernel-s390x-debug-rhel.config
@@ -424,7 +424,7 @@ CONFIG_BPF_EVENTS=y
CONFIG_BPF_JIT_ALWAYS_ON=y
CONFIG_BPF_JIT=y
# CONFIG_BPF_KPROBE_OVERRIDE is not set
-# CONFIG_BPF_LSM is not set
+CONFIG_BPF_LSM=y
# CONFIG_BPF_PRELOAD is not set
CONFIG_BPF_STREAM_PARSER=y
CONFIG_BPF_SYSCALL=y
@@ -796,7 +796,6 @@ CONFIG_CRYPTO_CBC=y
CONFIG_CRYPTO_CCM=m
# CONFIG_CRYPTO_CFB is not set
CONFIG_CRYPTO_CHACHA20=m
-CONFIG_CRYPTO_CHACHA20_NEON=m
CONFIG_CRYPTO_CHACHA20POLY1305=m
CONFIG_CRYPTO_CMAC=m
# CONFIG_CRYPTO_CRC32C_VPMSUM is not set
@@ -868,15 +867,11 @@ CONFIG_CRYPTO_MANAGER=y
CONFIG_CRYPTO_MD4=m
CONFIG_CRYPTO_MD5=y
CONFIG_CRYPTO_MICHAEL_MIC=m
-CONFIG_CRYPTO_NHPOLY1305_AVX2=m
-CONFIG_CRYPTO_NHPOLY1305_NEON=m
-CONFIG_CRYPTO_NHPOLY1305_SSE2=m
CONFIG_CRYPTO_OFB=m
CONFIG_CRYPTO_PAES_S390=m
CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
CONFIG_CRYPTO_RMD256=m
@@ -2650,6 +2645,10 @@ CONFIG_LLC=m
CONFIG_LOCALVERSION=""
# CONFIG_LOCALVERSION_AUTO is not set
CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set
+CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y
CONFIG_LOCKD_V4=y
CONFIG_LOCK_EVENT_COUNTS=y
CONFIG_LOCK_STAT=y
@@ -2670,8 +2669,8 @@ CONFIG_LOOPBACK_TARGET=m
# CONFIG_LP_CONSOLE is not set
# CONFIG_LPC_SCH is not set
# CONFIG_LSI_ET1011C_PHY is not set
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
CONFIG_LSM_MMAP_MIN_ADDR=65535
-CONFIG_LSM="yama,integrity,selinux"
# CONFIG_LTC1660 is not set
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -3662,6 +3661,7 @@ CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y
CONFIG_NUMA=y
CONFIG_NVDIMM_DAX=y
CONFIG_NVDIMM_PFN=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
# CONFIG_NVME_HWMON is not set
# CONFIG_NVMEM_REBOOT_MODE is not set
@@ -4521,13 +4521,13 @@ CONFIG_SECTION_MISMATCH_WARN_ONLY=y
CONFIG_SECURITYFS=y
CONFIG_SECURITY_INFINIBAND=y
# CONFIG_SECURITY_LOADPIN is not set
-# CONFIG_SECURITY_LOCKDOWN_LSM is not set
+CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
+CONFIG_SECURITY_LOCKDOWN_LSM=y
CONFIG_SECURITY_NETWORK_XFRM=y
CONFIG_SECURITY_NETWORK=y
# CONFIG_SECURITY_PATH is not set
# CONFIG_SECURITY_SAFESETID is not set
CONFIG_SECURITY_SELINUX_AVC_STATS=y
-CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
CONFIG_SECURITY_SELINUX_BOOTPARAM=y
CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0
CONFIG_SECURITY_SELINUX_DEVELOP=y
diff --git a/kernel-s390x-fedora.config b/kernel-s390x-fedora.config
index 2151fa4bf..89f70d957 100644
--- a/kernel-s390x-fedora.config
+++ b/kernel-s390x-fedora.config
@@ -1039,7 +1039,6 @@ CONFIG_CRYPTO_PAES_S390=m
CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
CONFIG_CRYPTO_RMD256=m
@@ -2935,8 +2934,8 @@ CONFIG_LOOPBACK_TARGET=m
CONFIG_LP_CONSOLE=y
# CONFIG_LPC_SCH is not set
CONFIG_LSI_ET1011C_PHY=m
-CONFIG_LSM_MMAP_MIN_ADDR=65536
-CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
+CONFIG_LSM_MMAP_MIN_ADDR=65535
CONFIG_LTC1660=m
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -4042,6 +4041,7 @@ CONFIG_NULL_TTY=m
CONFIG_NUMA_BALANCING=y
CONFIG_NUMA_EMU=y
CONFIG_NUMA=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
CONFIG_NVME_HWMON=y
# CONFIG_NVMEM_REBOOT_MODE is not set
diff --git a/kernel-s390x-rhel.config b/kernel-s390x-rhel.config
index 46046561a..089ed7ec0 100644
--- a/kernel-s390x-rhel.config
+++ b/kernel-s390x-rhel.config
@@ -424,7 +424,7 @@ CONFIG_BPF_EVENTS=y
CONFIG_BPF_JIT_ALWAYS_ON=y
CONFIG_BPF_JIT=y
# CONFIG_BPF_KPROBE_OVERRIDE is not set
-# CONFIG_BPF_LSM is not set
+CONFIG_BPF_LSM=y
# CONFIG_BPF_PRELOAD is not set
CONFIG_BPF_STREAM_PARSER=y
CONFIG_BPF_SYSCALL=y
@@ -796,7 +796,6 @@ CONFIG_CRYPTO_CBC=y
CONFIG_CRYPTO_CCM=m
# CONFIG_CRYPTO_CFB is not set
CONFIG_CRYPTO_CHACHA20=m
-CONFIG_CRYPTO_CHACHA20_NEON=m
CONFIG_CRYPTO_CHACHA20POLY1305=m
CONFIG_CRYPTO_CMAC=m
# CONFIG_CRYPTO_CRC32C_VPMSUM is not set
@@ -868,15 +867,11 @@ CONFIG_CRYPTO_MANAGER=y
CONFIG_CRYPTO_MD4=m
CONFIG_CRYPTO_MD5=y
CONFIG_CRYPTO_MICHAEL_MIC=m
-CONFIG_CRYPTO_NHPOLY1305_AVX2=m
-CONFIG_CRYPTO_NHPOLY1305_NEON=m
-CONFIG_CRYPTO_NHPOLY1305_SSE2=m
CONFIG_CRYPTO_OFB=m
CONFIG_CRYPTO_PAES_S390=m
CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
CONFIG_CRYPTO_RMD256=m
@@ -2633,6 +2628,10 @@ CONFIG_LLC=m
CONFIG_LOCALVERSION=""
# CONFIG_LOCALVERSION_AUTO is not set
CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set
+CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y
CONFIG_LOCKD_V4=y
# CONFIG_LOCK_EVENT_COUNTS is not set
# CONFIG_LOCK_STAT is not set
@@ -2653,8 +2652,8 @@ CONFIG_LOOPBACK_TARGET=m
# CONFIG_LP_CONSOLE is not set
# CONFIG_LPC_SCH is not set
# CONFIG_LSI_ET1011C_PHY is not set
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
CONFIG_LSM_MMAP_MIN_ADDR=65535
-CONFIG_LSM="yama,integrity,selinux"
# CONFIG_LTC1660 is not set
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -3645,6 +3644,7 @@ CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y
CONFIG_NUMA=y
CONFIG_NVDIMM_DAX=y
CONFIG_NVDIMM_PFN=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
# CONFIG_NVME_HWMON is not set
# CONFIG_NVMEM_REBOOT_MODE is not set
@@ -4504,13 +4504,13 @@ CONFIG_SECTION_MISMATCH_WARN_ONLY=y
CONFIG_SECURITYFS=y
CONFIG_SECURITY_INFINIBAND=y
# CONFIG_SECURITY_LOADPIN is not set
-# CONFIG_SECURITY_LOCKDOWN_LSM is not set
+CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
+CONFIG_SECURITY_LOCKDOWN_LSM=y
CONFIG_SECURITY_NETWORK_XFRM=y
CONFIG_SECURITY_NETWORK=y
# CONFIG_SECURITY_PATH is not set
# CONFIG_SECURITY_SAFESETID is not set
CONFIG_SECURITY_SELINUX_AVC_STATS=y
-CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
CONFIG_SECURITY_SELINUX_BOOTPARAM=y
CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0
CONFIG_SECURITY_SELINUX_DEVELOP=y
diff --git a/kernel-s390x-zfcpdump-rhel.config b/kernel-s390x-zfcpdump-rhel.config
index 2053638e9..ba7b3637d 100644
--- a/kernel-s390x-zfcpdump-rhel.config
+++ b/kernel-s390x-zfcpdump-rhel.config
@@ -428,7 +428,7 @@ CONFIG_BPF_EVENTS=y
CONFIG_BPF_JIT_ALWAYS_ON=y
CONFIG_BPF_JIT=y
# CONFIG_BPF_KPROBE_OVERRIDE is not set
-# CONFIG_BPF_LSM is not set
+CONFIG_BPF_LSM=y
# CONFIG_BPF_PRELOAD is not set
CONFIG_BPF_STREAM_PARSER=y
# CONFIG_BPF_SYSCALL is not set
@@ -800,7 +800,6 @@ CONFIG_CRYPTO_CAST6=y
CONFIG_CRYPTO_CBC=y
# CONFIG_CRYPTO_CCM is not set
# CONFIG_CRYPTO_CFB is not set
-CONFIG_CRYPTO_CHACHA20_NEON=m
CONFIG_CRYPTO_CHACHA20POLY1305=y
CONFIG_CRYPTO_CHACHA20=y
CONFIG_CRYPTO_CMAC=y
@@ -873,14 +872,10 @@ CONFIG_CRYPTO_MANAGER=y
CONFIG_CRYPTO_MD4=y
# CONFIG_CRYPTO_MD5 is not set
CONFIG_CRYPTO_MICHAEL_MIC=y
-CONFIG_CRYPTO_NHPOLY1305_AVX2=m
-CONFIG_CRYPTO_NHPOLY1305_NEON=m
-CONFIG_CRYPTO_NHPOLY1305_SSE2=m
CONFIG_CRYPTO_OFB=y
CONFIG_CRYPTO_PAES_S390=m
CONFIG_CRYPTO_PCBC=y
CONFIG_CRYPTO_PCRYPT=y
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_POLY1305=y
CONFIG_CRYPTO_RMD128=y
CONFIG_CRYPTO_RMD160=y
@@ -2653,6 +2648,10 @@ CONFIG_LOCALVERSION=""
CONFIG_LOCALVERSION_AUTO=y
# CONFIG_LOCKDEP is not set
CONFIG_LOCKD=m
+# CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set
+CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y
CONFIG_LOCKD_V4=y
# CONFIG_LOCK_EVENT_COUNTS is not set
# CONFIG_LOCK_STAT is not set
@@ -2673,8 +2672,8 @@ CONFIG_LOOPBACK_TARGET=y
# CONFIG_LP_CONSOLE is not set
# CONFIG_LPC_SCH is not set
# CONFIG_LSI_ET1011C_PHY is not set
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
CONFIG_LSM_MMAP_MIN_ADDR=65535
-CONFIG_LSM="yama,integrity,selinux"
# CONFIG_LTC1660 is not set
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -3668,6 +3667,7 @@ CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y
# CONFIG_NUMA is not set
CONFIG_NVDIMM_DAX=y
CONFIG_NVDIMM_PFN=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
# CONFIG_NVME_FC is not set
# CONFIG_NVME_HWMON is not set
# CONFIG_NVMEM_REBOOT_MODE is not set
@@ -4533,13 +4533,13 @@ CONFIG_SECURITYFS=y
CONFIG_SECURITY_INFINIBAND=y
# CONFIG_SECURITY is not set
# CONFIG_SECURITY_LOADPIN is not set
-# CONFIG_SECURITY_LOCKDOWN_LSM is not set
+CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
+CONFIG_SECURITY_LOCKDOWN_LSM=y
CONFIG_SECURITY_NETWORK_XFRM=y
CONFIG_SECURITY_NETWORK=y
# CONFIG_SECURITY_PATH is not set
# CONFIG_SECURITY_SAFESETID is not set
CONFIG_SECURITY_SELINUX_AVC_STATS=y
-CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
CONFIG_SECURITY_SELINUX_BOOTPARAM=y
CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0
CONFIG_SECURITY_SELINUX_DEVELOP=y
diff --git a/kernel-x86_64-debug-fedora.config b/kernel-x86_64-debug-fedora.config
index 51203e963..c01c33d85 100644
--- a/kernel-x86_64-debug-fedora.config
+++ b/kernel-x86_64-debug-fedora.config
@@ -1127,7 +1127,6 @@ CONFIG_CRYPTO_OFB=m
CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_POLY1305_X86_64=m
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
@@ -3277,8 +3276,8 @@ CONFIG_LPC_ICH=m
CONFIG_LP_CONSOLE=y
CONFIG_LPC_SCH=m
CONFIG_LSI_ET1011C_PHY=m
-CONFIG_LSM_MMAP_MIN_ADDR=65536
-CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
+CONFIG_LSM_MMAP_MIN_ADDR=65535
CONFIG_LTC1660=m
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -4421,6 +4420,7 @@ CONFIG_NUMA_BALANCING=y
CONFIG_NUMA=y
CONFIG_NVDIMM_DAX=y
CONFIG_NVDIMM_PFN=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
CONFIG_NVME_HWMON=y
# CONFIG_NVMEM_REBOOT_MODE is not set
diff --git a/kernel-x86_64-debug-rhel.config b/kernel-x86_64-debug-rhel.config
index 46428270e..af542ecce 100644
--- a/kernel-x86_64-debug-rhel.config
+++ b/kernel-x86_64-debug-rhel.config
@@ -451,7 +451,7 @@ CONFIG_BPF_EVENTS=y
CONFIG_BPF_JIT_ALWAYS_ON=y
CONFIG_BPF_JIT=y
# CONFIG_BPF_KPROBE_OVERRIDE is not set
-# CONFIG_BPF_LSM is not set
+CONFIG_BPF_LSM=y
# CONFIG_BPF_PRELOAD is not set
CONFIG_BPF_STREAM_PARSER=y
CONFIG_BPF_SYSCALL=y
@@ -828,7 +828,6 @@ CONFIG_CRYPTO_CBC=y
CONFIG_CRYPTO_CCM=m
# CONFIG_CRYPTO_CFB is not set
CONFIG_CRYPTO_CHACHA20=m
-CONFIG_CRYPTO_CHACHA20_NEON=m
CONFIG_CRYPTO_CHACHA20POLY1305=m
CONFIG_CRYPTO_CHACHA20_X86_64=m
CONFIG_CRYPTO_CMAC=m
@@ -916,13 +915,11 @@ CONFIG_CRYPTO_MD4=m
CONFIG_CRYPTO_MD5=y
CONFIG_CRYPTO_MICHAEL_MIC=m
CONFIG_CRYPTO_NHPOLY1305_AVX2=m
-CONFIG_CRYPTO_NHPOLY1305_NEON=m
CONFIG_CRYPTO_NHPOLY1305_SSE2=m
CONFIG_CRYPTO_OFB=m
CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_POLY1305_X86_64=m
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
@@ -2844,6 +2841,9 @@ CONFIG_LOCALVERSION=""
# CONFIG_LOCALVERSION_AUTO is not set
CONFIG_LOCKD=m
CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT=y
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set
+CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y
CONFIG_LOCKD_V4=y
CONFIG_LOCK_EVENT_COUNTS=y
CONFIG_LOCK_STAT=y
@@ -2864,8 +2864,8 @@ CONFIG_LPC_ICH=m
# CONFIG_LP_CONSOLE is not set
CONFIG_LPC_SCH=m
CONFIG_LSI_ET1011C_PHY=m
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
CONFIG_LSM_MMAP_MIN_ADDR=65535
-CONFIG_LSM="yama,integrity,selinux"
# CONFIG_LTC1660 is not set
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -3863,6 +3863,7 @@ CONFIG_NUMA_EMU=y
CONFIG_NUMA=y
CONFIG_NVDIMM_DAX=y
CONFIG_NVDIMM_PFN=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
# CONFIG_NVME_HWMON is not set
# CONFIG_NVMEM_REBOOT_MODE is not set
@@ -4726,13 +4727,13 @@ CONFIG_SECTION_MISMATCH_WARN_ONLY=y
CONFIG_SECURITYFS=y
CONFIG_SECURITY_INFINIBAND=y
# CONFIG_SECURITY_LOADPIN is not set
-# CONFIG_SECURITY_LOCKDOWN_LSM is not set
+CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
+CONFIG_SECURITY_LOCKDOWN_LSM=y
CONFIG_SECURITY_NETWORK_XFRM=y
CONFIG_SECURITY_NETWORK=y
# CONFIG_SECURITY_PATH is not set
# CONFIG_SECURITY_SAFESETID is not set
CONFIG_SECURITY_SELINUX_AVC_STATS=y
-CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
CONFIG_SECURITY_SELINUX_BOOTPARAM=y
CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0
CONFIG_SECURITY_SELINUX_DEVELOP=y
diff --git a/kernel-x86_64-fedora.config b/kernel-x86_64-fedora.config
index 9449da23e..bf25392d0 100644
--- a/kernel-x86_64-fedora.config
+++ b/kernel-x86_64-fedora.config
@@ -1126,7 +1126,6 @@ CONFIG_CRYPTO_OFB=m
CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_POLY1305_X86_64=m
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
@@ -3255,8 +3254,8 @@ CONFIG_LPC_ICH=m
CONFIG_LP_CONSOLE=y
CONFIG_LPC_SCH=m
CONFIG_LSI_ET1011C_PHY=m
-CONFIG_LSM_MMAP_MIN_ADDR=65536
-CONFIG_LSM="yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,apparmor"
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
+CONFIG_LSM_MMAP_MIN_ADDR=65535
CONFIG_LTC1660=m
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -4399,6 +4398,7 @@ CONFIG_NUMA_BALANCING=y
CONFIG_NUMA=y
CONFIG_NVDIMM_DAX=y
CONFIG_NVDIMM_PFN=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
CONFIG_NVME_HWMON=y
# CONFIG_NVMEM_REBOOT_MODE is not set
diff --git a/kernel-x86_64-rhel.config b/kernel-x86_64-rhel.config
index 574bcbf4e..59d31424f 100644
--- a/kernel-x86_64-rhel.config
+++ b/kernel-x86_64-rhel.config
@@ -451,7 +451,7 @@ CONFIG_BPF_EVENTS=y
CONFIG_BPF_JIT_ALWAYS_ON=y
CONFIG_BPF_JIT=y
# CONFIG_BPF_KPROBE_OVERRIDE is not set
-# CONFIG_BPF_LSM is not set
+CONFIG_BPF_LSM=y
# CONFIG_BPF_PRELOAD is not set
CONFIG_BPF_STREAM_PARSER=y
CONFIG_BPF_SYSCALL=y
@@ -828,7 +828,6 @@ CONFIG_CRYPTO_CBC=y
CONFIG_CRYPTO_CCM=m
# CONFIG_CRYPTO_CFB is not set
CONFIG_CRYPTO_CHACHA20=m
-CONFIG_CRYPTO_CHACHA20_NEON=m
CONFIG_CRYPTO_CHACHA20POLY1305=m
CONFIG_CRYPTO_CHACHA20_X86_64=m
CONFIG_CRYPTO_CMAC=m
@@ -916,13 +915,11 @@ CONFIG_CRYPTO_MD4=m
CONFIG_CRYPTO_MD5=y
CONFIG_CRYPTO_MICHAEL_MIC=m
CONFIG_CRYPTO_NHPOLY1305_AVX2=m
-CONFIG_CRYPTO_NHPOLY1305_NEON=m
CONFIG_CRYPTO_NHPOLY1305_SSE2=m
CONFIG_CRYPTO_OFB=m
CONFIG_CRYPTO_PCBC=m
CONFIG_CRYPTO_PCRYPT=m
CONFIG_CRYPTO_POLY1305=m
-# CONFIG_CRYPTO_POLY1305_NEON is not set
CONFIG_CRYPTO_POLY1305_X86_64=m
CONFIG_CRYPTO_RMD128=m
CONFIG_CRYPTO_RMD160=m
@@ -2825,6 +2822,9 @@ CONFIG_LOCALVERSION=""
# CONFIG_LOCALVERSION_AUTO is not set
CONFIG_LOCKD=m
CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT=y
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set
+# CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set
+CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y
CONFIG_LOCKD_V4=y
# CONFIG_LOCK_EVENT_COUNTS is not set
# CONFIG_LOCK_STAT is not set
@@ -2845,8 +2845,8 @@ CONFIG_LPC_ICH=m
# CONFIG_LP_CONSOLE is not set
CONFIG_LPC_SCH=m
CONFIG_LSI_ET1011C_PHY=m
+CONFIG_LSM="lockdown,yama,integrity,selinux,bpf"
CONFIG_LSM_MMAP_MIN_ADDR=65535
-CONFIG_LSM="yama,integrity,selinux"
# CONFIG_LTC1660 is not set
# CONFIG_LTC2471 is not set
# CONFIG_LTC2485 is not set
@@ -3844,6 +3844,7 @@ CONFIG_NUMA_EMU=y
CONFIG_NUMA=y
CONFIG_NVDIMM_DAX=y
CONFIG_NVDIMM_PFN=y
+CONFIG_NVIDIA_CARMEL_CNP_ERRATUM=y
CONFIG_NVME_FC=m
# CONFIG_NVME_HWMON is not set
# CONFIG_NVMEM_REBOOT_MODE is not set
@@ -4706,13 +4707,13 @@ CONFIG_SECTION_MISMATCH_WARN_ONLY=y
CONFIG_SECURITYFS=y
CONFIG_SECURITY_INFINIBAND=y
# CONFIG_SECURITY_LOADPIN is not set
-# CONFIG_SECURITY_LOCKDOWN_LSM is not set
+CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
+CONFIG_SECURITY_LOCKDOWN_LSM=y
CONFIG_SECURITY_NETWORK_XFRM=y
CONFIG_SECURITY_NETWORK=y
# CONFIG_SECURITY_PATH is not set
# CONFIG_SECURITY_SAFESETID is not set
CONFIG_SECURITY_SELINUX_AVC_STATS=y
-CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
CONFIG_SECURITY_SELINUX_BOOTPARAM=y
CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0
CONFIG_SECURITY_SELINUX_DEVELOP=y
diff --git a/kernel.spec b/kernel.spec
index b4746c54c..39a5df14c 100755
--- a/kernel.spec
+++ b/kernel.spec
@@ -70,7 +70,7 @@ Summary: The Linux kernel
# For a stable, released kernel, released_kernel should be 1.
%global released_kernel 0
-%global distro_build 0.rc4.20210324git7acac4b3196c.176
+%global distro_build 0.rc4.20210326gitdb24726bfefa.178
%if 0%{?fedora}
%define secure_boot_arch x86_64
@@ -113,13 +113,13 @@ Summary: The Linux kernel
%endif
%define rpmversion 5.12.0
-%define pkgrelease 0.rc4.20210324git7acac4b3196c.176
+%define pkgrelease 0.rc4.20210326gitdb24726bfefa.178
# This is needed to do merge window version magic
%define patchlevel 12
# allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 0.rc4.20210324git7acac4b3196c.176%{?buildid}%{?dist}
+%define specrelease 0.rc4.20210326gitdb24726bfefa.178%{?buildid}%{?dist}
%define pkg_release %{specrelease}
@@ -626,7 +626,7 @@ BuildRequires: clang
# exact git commit you can run
#
# xzcat -qq ${TARBALL} | git get-tar-commit-id
-Source0: linux-20210324git7acac4b3196c.tar.xz
+Source0: linux-20210326gitdb24726bfefa.tar.xz
Source1: Makefile.rhelver
@@ -1281,8 +1281,8 @@ ApplyOptionalPatch()
fi
}
-%setup -q -n kernel-20210324git7acac4b3196c -c
-mv linux-20210324git7acac4b3196c linux-%{KVERREL}
+%setup -q -n kernel-20210326gitdb24726bfefa -c
+mv linux-20210326gitdb24726bfefa linux-%{KVERREL}
cd linux-%{KVERREL}
# cp -a %{SOURCE1} .
@@ -2797,6 +2797,14 @@ fi
#
#
%changelog
+* Fri Mar 26 2021 Fedora Kernel Team <kernel-team@fedoraproject.org> [5.12.0-0.rc4.20210326gitdb24726bfefa.178]
+- New configs in fs/pstore (CKI@GitLab)
+
+* Thu Mar 25 2021 Fedora Kernel Team <kernel-team@fedoraproject.org> [5.12.0-0.rc4.20210325gite138138003eb.177]
+- New configs in arch/powerpc (Fedora Kernel Team)
+- configs: enable BPF LSM on Fedora and ARK (Ondrej Mosnacek)
+- configs: clean up LSM configs (Ondrej Mosnacek)
+
* Wed Mar 24 2021 Fedora Kernel Team <kernel-team@fedoraproject.org> [5.12.0-0.rc4.20210324git7acac4b3196c.176]
- New configs in drivers/platform (CKI@GitLab)
- New configs in drivers/firmware (CKI@GitLab)
diff --git a/patch-5.12.0-redhat.patch b/patch-5.12.0-redhat.patch
index d865f886d..58c257861 100644
--- a/patch-5.12.0-redhat.patch
+++ b/patch-5.12.0-redhat.patch
@@ -192,10 +192,10 @@ index 5da96f5df48f..a35494d5910d 100644
The VM uses one page of physical memory for each page table.
For systems with a lot of processes, this can use a lot of
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
-index 5656e7aacd69..fb23ebe99efe 100644
+index e4e1b6550115..800dd64437a8 100644
--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
-@@ -899,7 +899,7 @@ endchoice
+@@ -909,7 +909,7 @@ endchoice
config ARM64_FORCE_52BIT
bool "Force 52-bit virtual addresses for userspace"
@@ -204,7 +204,7 @@ index 5656e7aacd69..fb23ebe99efe 100644
help
For systems with 52-bit userspace VAs enabled, the kernel will attempt
to maintain compatibility with older software by providing 48-bit VAs
-@@ -1156,6 +1156,7 @@ config XEN
+@@ -1166,6 +1166,7 @@ config XEN
config FORCE_MAX_ZONEORDER
int
default "14" if ARM64_64K_PAGES
@@ -2112,7 +2112,7 @@ index 320f1f3941b7..e3632573c1ed 100644
obj-$(CONFIG_MODULES) += kmod.o
obj-$(CONFIG_MULTIUSER) += groups.o
diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
-index c859bc46d06c..1c6e78fa2b6d 100644
+index 250503482cda..dde01992df7e 100644
--- a/kernel/bpf/syscall.c
+++ b/kernel/bpf/syscall.c
@@ -24,6 +24,7 @@
@@ -2150,7 +2150,7 @@ index c859bc46d06c..1c6e78fa2b6d 100644
static const struct bpf_map_ops * const bpf_map_types[] = {
#define BPF_PROG_TYPE(_id, _name, prog_ctx_type, kern_ctx_type)
-@@ -4346,11 +4365,17 @@ static int bpf_prog_bind_map(union bpf_attr *attr)
+@@ -4351,11 +4370,17 @@ static int bpf_prog_bind_map(union bpf_attr *attr)
SYSCALL_DEFINE3(bpf, int, cmd, union bpf_attr __user *, uattr, unsigned int, size)
{
union bpf_attr attr;
diff --git a/sources b/sources
index 9ff69f0aa..77236347f 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (linux-20210324git7acac4b3196c.tar.xz) = e569e8ed9287b4b70dd9b0a21075bf73f9710ef9de30fa58d82a79ade0f117fe003b11f40bd8579a11e6e7a80db132e65db89e0e57e4c3cee649175feaccc828
-SHA512 (kernel-abi-whitelists-5.12.0-0.rc4.20210324git7acac4b3196c.176.tar.bz2) = d05475da5df631a7e2d122b00ba3fb6e9e690d3d6feb2b9e64907f7b34bdc6d21a0b778240959b9d30d0097f7befcf088417241e8b766f75c7da9242a7736eeb
-SHA512 (kernel-kabi-dw-5.12.0-0.rc4.20210324git7acac4b3196c.176.tar.bz2) = 614a82ee5481afd7ee621963fa15e587b5e60de00d963dcc86ef2efd0007f402442d6e4b17a353b56860badeb7727d6a2ccb559d28c3f54c7bcfff1fcaf86178
+SHA512 (linux-20210326gitdb24726bfefa.tar.xz) = 2960a01421c3c1c8096bd6f3fcc51537069171ac8c7ca50728b1eb67a2caa5509c081adb308cc961da3e1607a243ee2a7d3710c8846e6055d25242b986f3bd0f
+SHA512 (kernel-abi-whitelists-5.12.0-0.rc4.20210326gitdb24726bfefa.178.tar.bz2) = 4ff7e866086b51abe29a976471777a122633263061e32a357f9ff1bd37ae82a0980231141c1460bbcb83f3dfe442152ace4bff9d78b136c76e456f4d8d56a10f
+SHA512 (kernel-kabi-dw-5.12.0-0.rc4.20210326gitdb24726bfefa.178.tar.bz2) = 3f3087dbc37c9214beea8bf1a55b3b681305a25e9215cfb301189752a890765d6b2878eb7cc9a0d1bc65c0074b92a50ad722599c01d48e5652e5917f1c4d3a68