[ol7_optional_latest] kernel-tools-libs-devel-3.10.0-1160.81.1.0.1.el7.x86_64

This package contains the development files for the tools/ directory from
the kernel source.

Changelog (Show File list) (Show related packages)

• Tue Dec 13 2022 Kevin Lyons <kevin.x.lyons@oracle.com> [3.10.0-1160.81.1.0.1.el7.OL7]

  - debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499}

• Tue Dec 13 2022 Kevin Lyons <kevin.x.lyons@oracle.com> [3.10.0-1160.81.1.el7.OL7]

  - Update Oracle Linux certificates (Ilya Okomin)
  - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
  - Update x509.genkey [Orabug: 24817676]
  - Conflict with shim-ia32 and shim-x64 <= 15-2.0.9.el7
  - Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)

• Thu Nov 24 2022 Rado Vrbovsky <rvrbovsk@redhat.com> [3.10.0-1160.81.1.el7]

  - [netdrv] bnxt: don't lock the tx queue from napi poll (Jamie Bainbridge) [2110869]
  - [netdrv] bnxt_en: reverse order of TX disable and carrier off (Jamie Bainbridge) [2110869]
  - [netdrv] qede: confirm skb is allocated before using (Jamie Bainbridge) [2131145]

• Sat Oct 08 2022 Rado Vrbovsky <rvrbovsk@redhat.com> [3.10.0-1160.80.1.el7]

  - scsi: lpfc: Fix FCP I/O flush functionality for TMF routines (Dick Kennedy) [1969988]
  - scsi: lpfc: Fix illegal memory access on Abort IOCBs (Dick Kennedy) [1969988]
  - NFS: Fix extra call to dput() in nfs_prime_dcache (Benjamin Coddington) [2117856]

• Thu Sep 22 2022 Rado Vrbovsky <rvrbovsk@redhat.com> [3.10.0-1160.79.1.el7]

  - x86/speculation: Add LFENCE to RSB fill sequence (Rafael Aquini) [2115073] {CVE-2022-26373}
  - x86/speculation: Protect against userspace-userspace spectreRSB (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/speculation: cope with spectre_v2=retpoline cmdline on retbleed-affected Intel CPUs (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - KVM: emulate: do not adjust size of fastop and setcc subroutines (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/kvm: fix FASTOP_SIZE when return thunks are enabled (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/speculation: Disable RRSBA behavior (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/kexec: Disable RET on kexec (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/bugs: Add Cannon lake to RETBleed affected CPU list (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/cpu/amd: Enumerate BTC_NO (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/common: Stamp out the stepping madness (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/cpu/amd: Add Spectral Chicken (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/bugs: Do IBPB fallback check only once (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/bugs: Add retbleed=ibpb (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/bugs: Report Intel retbleed vulnerability (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/bugs: Enable STIBP for JMP2RET (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/bugs: Add AMD retbleed= boot parameter (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/bugs: Report AMD retbleed vulnerability (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86: Add magic AMD return-thunk (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86: Use return-thunk in asm code (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/sev: Avoid using __x86_return_thunk (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/vsyscall_emu/64: Don't use RET in vsyscall emulation (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/kvm: Fix SETcc emulation for return thunks (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86,objtool: Create .return_sites (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86: Undo return-thunk damage (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/retpoline: Use -mfunction-return (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/cpufeatures: Move RETPOLINE flags to word 11 (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - objtool: Add ELF writing capability (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86: Prepare asm files for straight-line-speculation (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86: Prepare inline-asm for straight-line-speculation (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/kvm: Fix fastop function ELF metadata (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/kvm: Move kvm_fastop_exception to .fixup section (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/vdso: Fix vDSO build if a retpoline is emitted (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/cpufeatures: Combine word 11 and 12 into a new scattered features word (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/cpufeatures: Carve out CQM features retrieval (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/cpufeatures: Re-tabulate the X86_FEATURE definitions (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/cpufeature: Move processor tracing out of scattered features (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}
  - x86/alternatives: Cleanup DPRINTK macro (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}

• Thu Sep 15 2022 Rado Vrbovsky <rvrbovsk@redhat.com> [3.10.0-1160.78.1.el7]

  - net_sched: cls_route: remove from list when handle is 0 (Davide Caratti) [2121809] {CVE-2022-2588}

• Thu Sep 08 2022 Rado Vrbovsky <rvrbovsk@redhat.com> [3.10.0-1160.77.1.el7]

  - net/mlx5: Add Fast teardown support (Jay Shin) [2077711]
  - net/mlx5: Free IRQs in shutdown path (Jay Shin) [2077711]
  - net/mlx5: Change teardown with force mode failure message to warning (Jay Shin) [2077711]
  - net/mlx5: Cancel health poll before sending panic teardown command (Jay Shin) [2077711]
  - net/mlx5: Add fast unload support in shutdown flow (Jay Shin) [2077711]
  - net/mlx5: Expose command polling interface (Jay Shin) [2077711]
  - posix-timers: Remove remaining uses of tasklist_lock (Oleg Nesterov) [2115147]
  - posix-timers: Use sighand lock instead of tasklist_lock on timer deletion (Oleg Nesterov) [2115147]
  - posix-cpu-timers: remove tasklist_lock in posix_cpu_clock_get() (Oleg Nesterov) [2115147]

• Tue Jul 26 2022 Rado Vrbovsky <rvrbovsk@redhat.com> [3.10.0-1160.76.1.el7]

  - sfc: complete the next packet when we receive a timestamp (Íñigo Huguet) [1793280]

• Tue Jul 19 2022 Rado Vrbovsky <rvrbovsk@redhat.com> [3.10.0-1160.75.1.el7]

  - xfs: fix up non-directory creation in SGID directories (Andrey Albershteyn) [2089360]
  - x86/speculation/mmio: Print SMT warning (Rafael Aquini) [2090249] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
  - KVM: x86/speculation: Disable Fill buffer clear within guests (Rafael Aquini) [2090249] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
  - x86/speculation/mmio: Reuse SRBDS mitigation for SBDS (Rafael Aquini) [2090249] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
  - x86/speculation/srbds: Update SRBDS mitigation selection (Rafael Aquini) [2090249] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
  - x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data (Rafael Aquini) [2090249] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
  - cpu/speculation: Add prototype for cpu_show_srbds() (Rafael Aquini) [2090249] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
  - x86/speculation/mmio: Enable CPU Fill buffer clearing on idle (Rafael Aquini) [2090249] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
  - x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations (Rafael Aquini) [2090249] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
  - x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data (Rafael Aquini) [2090249] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
  - x86/speculation: Add a common function for MD_CLEAR mitigation update (Rafael Aquini) [2090249] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
  - x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug (Rafael Aquini) [2090249] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
  - Documentation: Add documentation for Processor MMIO Stale Data (Rafael Aquini) [2090249] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
  - [s390] s390/zcrypt: use kvmalloc instead of kmalloc for 256k alloc (Mete Durlu) [2072970]

• Wed Jul 13 2022 Rado Vrbovsky <rvrbovsk@redhat.com> [3.10.0-1160.74.1.el7]

  - tracing: Fix bad use of igrab in trace_uprobe.c (Oleg Nesterov) [2096884]