[ol8_UEKR7] kernel-uek-debug-devel-5.15.0-0.30.20.1.el8uek.x86_64

Name:	kernel-uek-debug-devel
Version:	5.15.0
Release:	0.30.20.1.el8uek
Architecture:	x86_64
Group:	System Environment/Kernel
Size:	91165669
License:	GPLv2
RPM:	kernel-uek-debug-devel-5.15.0-0.30.20.1.el8uek.x86_64.rpm
Source RPM:	kernel-uek-5.15.0-0.30.20.1.el8uek.src.rpm
Build Date:	Sat Jul 16 2022
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	Development package for building kernel modules to match the kernel
Description:	This package provides kernel headers and makefiles sufficient to build modules against the kernel package.

Changelog (Show File list) (Show related packages)

Sat Jul 16 2022 Jack Vogel <jack.vogel@oracle.com> [5.15.0-0.30.20.1.el8uek]

- lockdown: Fix kexec lockdown bypass with ima policy (Eric Snowberg)  [Orabug: 34386636]  {CVE-2022-21505}

Sun Jul 10 2022 Jack Vogel <jack.vogel@oracle.com> [5.15.0-0.30.20.el8uek]

- floppy: use a statically allocated error counter (Willy Tarreau)  [Orabug: 34218638]  {CVE-2022-1652} 
- x86: Disable RET on kexec (Konrad Rzeszutek Wilk)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/bugs: do not enable IBPB-on-entry when IBPB is not supported (Thadeu Lima de Souza Cascardo)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- arm64: proton-pack: provide vulnerability file value for RETBleed (James Morse)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/cpu/amd: Enumerate BTC_NO (Andrew Cooper)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/common: Stamp out the stepping madness (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- KVM: VMX: Prevent RSB underflow before vmenter (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/speculation: Fill RSB on vmexit for IBRS (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- KVM: VMX: Fix IBRS handling after vmexit (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- KVM: VMX: Convert launched argument to flags (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- KVM: VMX: Flatten __vmx_vcpu_run() (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- objtool: Re-add UNWIND_HINT_{SAVE_RESTORE} (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/speculation: Remove x86_spec_ctrl_mask (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/speculation: Fix SPEC_CTRL write on SMT state change (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/speculation: Fix firmware entry SPEC_CTRL handling (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/cpu/amd: Add Spectral Chicken (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- objtool: Add entry UNRET validation (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/bugs: Do IBPB fallback check only once (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/bugs: Add retbleed=ibpb (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/xen: Rename SYS* entry points (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- objtool: Update Retpoline validation (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- intel_idle: Disable IBRS during long idle (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/bugs: Report Intel retbleed vulnerability (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS (Pawan Gupta)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/bugs: Optimize SPEC_CTRL MSR writes (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/entry: Add kernel IBRS implementation (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/bugs: Enable STIBP for JMP2RET (Kim Phillips)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/bugs: Add AMD retbleed= boot parameter (Alexandre Chartre)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/bugs: Report AMD retbleed vulnerability (Alexandre Chartre)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86: Add magic AMD return-thunk (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- objtool: Treat .text.__x86.* as noinstr (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86: Use return-thunk in asm code (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/sev: Avoid using __x86_return_thunk (Kim Phillips)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/vsyscall_emu/64: Don't use RET in vsyscall emulation (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/kvm: Fix SETcc emulation for return thunks (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/bpf: Use alternative RET encoding (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/ftrace: Use alternative RET encoding (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86,static_call: Use alternative RET encoding (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86,objtool: Create .return_sites (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86: Undo return-thunk damage (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/retpoline: Use -mfunction-return (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/retpoline: Swizzle retpoline thunk (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/retpoline: Cleanup some #ifdefery (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/cpufeatures: Move RETPOLINE flags to word 11 (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/kvm/vmx: Make noinstr clean (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/entry: Remove skip_r11rcx (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/entry: Fix register corruption in compat syscall (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/entry: Use PUSH_AND_CLEAR_REGS for compat (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/entry: Simplify entry_INT80_compat() (Linus Torvalds)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/mm: Simplify RESERVE_BRK() (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- crypto: x86/poly1305 - Fixup SLS (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86,static_call: Fix __static_call_return0 for i386 (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- kvm/emulate: Fix SETcc emulation function offsets with SLS (Borislav Petkov)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- objtool: Default ignore INT3 for unreachable (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/ibt,paravirt: Use text_gen_insn() for paravirt_patch() (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86: Add straight-line-speculation mitigation (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- objtool: Add straight-line-speculation validation (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86: Prepare inline-asm for straight-line-speculation (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86: Prepare asm files for straight-line-speculation (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/lib/atomic64_386_32: Rename things (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/alternative: Relax text_poke_bp() constraint (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- static_call,x86: Robustify trampoline patching (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816} 
- x86/xen: Move hypercall_page to top of the file (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-29901} {CVE-2022-23816}

Wed Jun 15 2022 Jack Vogel <jack.vogel@oracle.com> [5.15.0-0.30.19.el8uek]

- net/mlx4: Increase num_srq in low_mem_profile (Dave Kleikamp)  [Orabug: 34052160]

Thu Jun 09 2022 Jack Vogel <jack.vogel@oracle.com> [5.15.0-0.30.18.el8uek]

- Revert "ocfs2: mount shared volume without ha stack" (Junxiao Bi)  [Orabug: 33701900]  
- KVM: x86/speculation: Disable Fill buffer clear within guests (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166} 
- x86/speculation/mmio: Reuse SRBDS mitigation for SBDS (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166} 
- x86/speculation/srbds: Update SRBDS mitigation selection (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166} 
- x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166} 
- x86/speculation/mmio: Enable CPU Fill buffer clearing on idle (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166} 
- x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166} 
- x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166} 
- x86/speculation: Add a common function for MD_CLEAR mitigation update (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166} 
- x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166} 
- Documentation: Add documentation for Processor MMIO Stale Data (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21127} {CVE-2022-21125} {CVE-2022-21166}

Wed Jun 01 2022 Jack Vogel <jack.vogel@oracle.com> [5.15.0-0.30.17.el8uek]

- uek-rpm: New shim versions and secureboot certs (Jack Vogel)  [Orabug: 34219956]

Wed Jun 01 2022 Jack Vogel <jack.vogel@oracle.com> [5.15.0-0.30.16.el8uek]

- perf: Correct the label position in perf_event_open (Jack Vogel)  [Orabug: 34172708]

Tue May 31 2022 Jack Vogel <jack.vogel@oracle.com> [5.15.0-0.30.15.el8uek]

- sched: Fix non-CONFIG_SCHED_CORE build (Boris Ostrovsky)  [Orabug: 34228424]

Mon May 30 2022 Jack Vogel <jack.vogel@oracle.com> [5.15.0-0.30.14.el8uek]

- lockdown: also lock down previous kgdb use (Daniel Thompson)  [Orabug: 34152698]  {CVE-2022-21499} 
- io_uring: fix race between timeout flush and removal (Jens Axboe)  [Orabug: 34115159]  {CVE-2022-29582} 
- kvm/x86: Inherit userspace's core scheduling cookie (Boris Ostrovsky)  [Orabug: 34195867]  
- vhost: Inherit userspace's core scheduling cookie (Boris Ostrovsky)  [Orabug: 34195867]  
- sched: Add interface for copying core scheduling cookie between two tasks (Boris Ostrovsky)  [Orabug: 34195867]  
- KVM: x86: avoid calling x86 emulator without a decoded instruction (Sean Christopherson)  [Orabug: 34205798]  {CVE-2022-1852} {CVE-2022-1852} 
- uek-rpm: Added squashfs module to core rpm for kdump (Vijayendra Suman)  [Orabug: 34206290]  
- uek-rpm: Enable CONFIG_SQUASHFS_ZSTD to support zstd compression (Harshit Mogalapalli)  [Orabug: 34209438]

Sun May 22 2022 Jack Vogel <jack.vogel@oracle.com> [5.15.0-0.30.13.el8uek]

- perf: Fix sys_perf_event_open() race against self (Peter Zijlstra)  [Orabug: 34172708]  {CVE-2022-1729} 
- uek-rpm: Enable dependencies needed by CONFIG_SND_SOC_INTEL_HDA_DSP_COMMON (Brian Maly)  [Orabug: 33711352]

Sat May 14 2022 Jack Vogel <jack.vogel@oracle.com> [5.15.0-0.30.12.el8uek]

- docs: kdump: Update the crashkernel description for arm64 (Zhen Lei)  [Orabug: 34052160]  
- of: fdt: Add memory for devices by DT property "linux,usable-memory-range" (Chen Zhou)  [Orabug: 34052160]  
- arm64: kdump: Reimplement crashkernel=X (Chen Zhou)  [Orabug: 34052160]  
- arm64: Use insert_resource() to simplify code (Zhen Lei)  [Orabug: 34052160]  
- kdump: return -ENOENT if required cmdline option does not exist (Zhen Lei)  [Orabug: 34052160]  
- Revert "x86: kdump: replace the hard-coded alignment with macro CRASH_ALIGN" (Dave Kleikamp)  [Orabug: 34052160]  
- Revert "x86: kdump: make the lower bound of crash kernel reservation consistent" (Dave Kleikamp)  [Orabug: 34052160]  
- Revert "x86: kdump: use macro CRASH_ADDR_LOW_MAX in functions reserve_crashkernel()" (Dave Kleikamp)  [Orabug: 34052160]  
- Revert "x86: kdump: move xen_pv_domain() check and insert_resource() to setup_arch()" (Dave Kleikamp)  [Orabug: 34052160]  
- Revert "x86: kdump: move reserve_crashkernel[_low]() into crash_core.c" (Dave Kleikamp)  [Orabug: 34052160]  
- Revert "x86/elf: Move vmcore_elf_check_arch_cross to arch/x86/include/asm/elf.h" (Dave Kleikamp)  [Orabug: 34052160]  
- Revert "arm64: kdump: introduce some macroes for crash kernel reservation" (Dave Kleikamp)  [Orabug: 34052160]  
- Revert "arm64: kdump: reimplement crashkernel=X" (Dave Kleikamp)  [Orabug: 34052160]  
- Revert "x86, arm64: Add ARCH_WANT_RESERVE_CRASH_KERNEL config" (Dave Kleikamp)  [Orabug: 34052160]  
- Revert "kdump: update Documentation about crashkernel" (Dave Kleikamp)  [Orabug: 34052160]  
- uek-rpm: Add modules required to pass selinux-testsuites to core rpm (Somasundaram Krishnasamy)  [Orabug: 34129238]  
- uek-rpm: configs: enable 9P_FS for x86_64 (Todd Vierling)  [Orabug: 34146029]  
- uek-rpm: Add modules to allow podman tests to run on core kernel. (Somasundaram Krishnasamy)  [Orabug: 34123777]