[ol8_UEKR7] kernel-uek-container-debug-5.15.0-0.30.20.el8.x86_64

Name:	kernel-uek-container-debug
Version:	5.15.0
Release:	0.30.20.el8
Architecture:	x86_64
Group:	Default
Size:	4500965
License:	GPL-2.0
RPM:	kernel-uek-container-debug-5.15.0-0.30.20.el8.x86_64.rpm
Source RPM:	kernel-uek-container-5.15.0-0.30.20.el8.src.rpm
Build Date:	Sun Jul 10 2022
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	Debug components for the kata-linux-container package.
Description:	Debug components for the kata-linux-container package. This package includes the kernel config and the kernel map.

Changelog (Show File list) (Show related packages)

Sun Jul 10 2022 Jack Vogel <jack.vogel@oracle.com> - 5.15.0-0.30.20.el8

- floppy: use a statically allocated error counter (Willy Tarreau)  [Orabug: 34218638]  {CVE-2022-1652}
- x86: Disable RET on kexec (Konrad Rzeszutek Wilk)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/bugs: do not enable IBPB-on-entry when IBPB is not supported (Thadeu Lima de Souza Cascardo)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- arm64: proton-pack: provide vulnerability file value for RETBleed (James Morse)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/cpu/amd: Enumerate BTC_NO (Andrew Cooper)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/common: Stamp out the stepping madness (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- KVM: VMX: Prevent RSB underflow before vmenter (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/speculation: Fill RSB on vmexit for IBRS (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- KVM: VMX: Fix IBRS handling after vmexit (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- KVM: VMX: Convert launched argument to flags (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- KVM: VMX: Flatten __vmx_vcpu_run() (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- objtool: Re-add UNWIND_HINT_{SAVE_RESTORE} (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/speculation: Remove x86_spec_ctrl_mask (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/speculation: Fix SPEC_CTRL write on SMT state change (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/speculation: Fix firmware entry SPEC_CTRL handling (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/cpu/amd: Add Spectral Chicken (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- objtool: Add entry UNRET validation (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/bugs: Do IBPB fallback check only once (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/bugs: Add retbleed=ibpb (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/xen: Rename SYS* entry points (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- objtool: Update Retpoline validation (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- intel_idle: Disable IBRS during long idle (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/bugs: Report Intel retbleed vulnerability (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS (Pawan Gupta)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/bugs: Optimize SPEC_CTRL MSR writes (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/entry: Add kernel IBRS implementation (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/bugs: Enable STIBP for JMP2RET (Kim Phillips)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/bugs: Add AMD retbleed= boot parameter (Alexandre Chartre)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/bugs: Report AMD retbleed vulnerability (Alexandre Chartre)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86: Add magic AMD return-thunk (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- objtool: Treat .text.__x86.* as noinstr (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86: Use return-thunk in asm code (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/sev: Avoid using __x86_return_thunk (Kim Phillips)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/vsyscall_emu/64: Don't use RET in vsyscall emulation (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/kvm: Fix SETcc emulation for return thunks (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/bpf: Use alternative RET encoding (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/ftrace: Use alternative RET encoding (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86,static_call: Use alternative RET encoding (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86,objtool: Create .return_sites (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86: Undo return-thunk damage (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/retpoline: Use -mfunction-return (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/retpoline: Swizzle retpoline thunk (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/retpoline: Cleanup some #ifdefery (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/cpufeatures: Move RETPOLINE flags to word 11 (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/kvm/vmx: Make noinstr clean (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/entry: Remove skip_r11rcx (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/entry: Fix register corruption in compat syscall (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/entry: Use PUSH_AND_CLEAR_REGS for compat (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/entry: Simplify entry_INT80_compat() (Linus Torvalds)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/mm: Simplify RESERVE_BRK() (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- crypto: x86/poly1305 - Fixup SLS (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86,static_call: Fix __static_call_return0 for i386 (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- kvm/emulate: Fix SETcc emulation function offsets with SLS (Borislav Petkov)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- objtool: Default ignore INT3 for unreachable (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/ibt,paravirt: Use text_gen_insn() for paravirt_patch() (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86: Add straight-line-speculation mitigation (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- objtool: Add straight-line-speculation validation (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86: Prepare inline-asm for straight-line-speculation (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86: Prepare asm files for straight-line-speculation (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/lib/atomic64_386_32: Rename things (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/alternative: Relax text_poke_bp() constraint (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- static_call,x86: Robustify trampoline patching (Peter Zijlstra)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}
- x86/xen: Move hypercall_page to top of the file (Josh Poimboeuf)  [Orabug: 34335631]  {CVE-2022-23816} {CVE-2022-29901}

Wed Jun 15 2022 Jack Vogel <jack.vogel@oracle.com> - 5.15.0-0.30.19.el8

- net/mlx4: Increase num_srq in low_mem_profile (Dave Kleikamp)  [Orabug:
  34052160]

Thu Jun 09 2022 Jack Vogel <jack.vogel@oracle.com> - 5.15.0-0.30.18.el8

- Revert "ocfs2: mount shared volume without ha stack" (Junxiao Bi)  [Orabug: 33701900] 
- KVM: x86/speculation: Disable Fill buffer clear within guests (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/mmio: Reuse SRBDS mitigation for SBDS (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/srbds: Update SRBDS mitigation selection (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/mmio: Enable CPU Fill buffer clearing on idle (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation: Add a common function for MD_CLEAR mitigation update (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}
- Documentation: Add documentation for Processor MMIO Stale Data (Pawan Gupta)  [Orabug: 34202258]  {CVE-2022-21123} {CVE-2022-21125} {CVE-2022-21127} {CVE-2022-21166}

Wed Jun 01 2022 Jack Vogel <jack.vogel@oracle.com> - 5.15.0-0.30.17.el8

- uek-rpm: New shim versions and secureboot certs (Jack Vogel)  [Orabug:
  34219956]

Wed Jun 01 2022 Jack Vogel <jack.vogel@oracle.com> - 5.15.0-0.30.16.el8

- perf: Correct the label position in perf_event_open (Jack Vogel)  [Orabug: 34172708] 
- sched: Fix non-CONFIG_SCHED_CORE build (Boris Ostrovsky)  [Orabug: 34228424] 
- lockdown: also lock down previous kgdb use (Daniel Thompson)  [Orabug: 34152698]  {CVE-2022-21499}
- io_uring: fix race between timeout flush and removal (Jens Axboe)  [Orabug: 34115159]  {CVE-2022-29582}
- kvm/x86: Inherit userspace's core scheduling cookie (Boris Ostrovsky)  [Orabug: 34195867] 
- vhost: Inherit userspace's core scheduling cookie (Boris Ostrovsky)  [Orabug: 34195867] 
- sched: Add interface for copying core scheduling cookie between two tasks (Boris Ostrovsky)  [Orabug: 34195867] 
- KVM: x86: avoid calling x86 emulator without a decoded instruction (Sean Christopherson)  [Orabug: 34205798]  {CVE-2022-1852}
- uek-rpm: Added squashfs module to core rpm for kdump (Vijayendra Suman)  [Orabug: 34206290] 
- uek-rpm: Enable CONFIG_SQUASHFS_ZSTD to support zstd compression (Harshit Mogalapalli)  [Orabug: 34209438] 
- perf: Fix sys_perf_event_open() race against self (Peter Zijlstra)  [Orabug: 34172708]  {CVE-2022-1729}
- uek-rpm: Enable dependencies needed by CONFIG_SND_SOC_INTEL_HDA_DSP_COMMON (Brian Maly)  [Orabug: 33711352]

Sat May 14 2022 Jack Vogel <jack.vogel@oracle.com> - 5.15.0-0.30.12.el8

- docs: kdump: Update the crashkernel description for arm64 (Zhen Lei)  [Orabug: 34052160] 
- of: fdt: Add memory for devices by DT property "linux,usable-memory-range" (Chen Zhou)  [Orabug: 34052160] 
- arm64: kdump: Reimplement crashkernel=X (Chen Zhou)  [Orabug: 34052160] 
- arm64: Use insert_resource() to simplify code (Zhen Lei)  [Orabug: 34052160] 
- kdump: return -ENOENT if required cmdline option does not exist (Zhen Lei)  [Orabug: 34052160] 
- Revert "x86: kdump: replace the hard-coded alignment with macro CRASH_ALIGN" (Dave Kleikamp)  [Orabug: 34052160] 
- Revert "x86: kdump: make the lower bound of crash kernel reservation consistent" (Dave Kleikamp)  [Orabug: 34052160] 
- Revert "x86: kdump: use macro CRASH_ADDR_LOW_MAX in functions reserve_crashkernel()" (Dave Kleikamp)  [Orabug: 34052160] 
- Revert "x86: kdump: move xen_pv_domain() check and insert_resource() to setup_arch()" (Dave Kleikamp)  [Orabug: 34052160] 
- Revert "x86: kdump: move reserve_crashkernel[_low]() into crash_core.c" (Dave Kleikamp)  [Orabug: 34052160] 
- Revert "x86/elf: Move vmcore_elf_check_arch_cross to arch/x86/include/asm/elf.h" (Dave Kleikamp)  [Orabug: 34052160] 
- Revert "arm64: kdump: introduce some macroes for crash kernel reservation" (Dave Kleikamp)  [Orabug: 34052160] 
- Revert "arm64: kdump: reimplement crashkernel=X" (Dave Kleikamp)  [Orabug: 34052160] 
- Revert "x86, arm64: Add ARCH_WANT_RESERVE_CRASH_KERNEL config" (Dave Kleikamp)  [Orabug: 34052160] 
- Revert "kdump: update Documentation about crashkernel" (Dave Kleikamp)  [Orabug: 34052160] 
- uek-rpm: Add modules required to pass selinux-testsuites to core rpm (Somasundaram Krishnasamy)  [Orabug: 34129238] 
- uek-rpm: configs: enable 9P_FS for x86_64 (Todd Vierling)  [Orabug: 34146029] 
- uek-rpm: Add modules to allow podman tests to run on core kernel. (Somasundaram Krishnasamy)  [Orabug: 34123777]

Tue May 10 2022 Jack Vogel <jack.vogel@oracle.com> - 5.15.0-0.30.11.el8

- uek: kabi: Update kABI files and enable the kABI checker (Saeed Mirzamohammadi)  [Orabug: 34044324] 
- Revert "rds/ib: recover rds connection from stuck tx path" (Nagappan Ramasamy Palaniappan)  [Orabug: 34115603] 
- Revert "rds/ib: reap tx completions during connection shutdown" (Nagappan Ramasamy Palaniappan)  [Orabug: 34115603] 
- Revert "rds/ib: handle posted ACK during connection shutdown" (Nagappan Ramasamy Palaniappan)  [Orabug: 34115603]

Sun May 08 2022 Jack Vogel <jack.vogel@oracle.com> - 5.15.0-0.30.10.el8

- xfs, iomap: limit individual ioend chain lengths in writeback (Dave Chinner)  [Orabug: 34085022] 
- xfs: only bother with sync_filesystem during readonly remount (Darrick J. Wong)  [Orabug: 34085022] 
- vfs: make sync_filesystem return errors from ->sync_fs (Darrick J. Wong)  [Orabug: 34085022] 
- xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP* (Darrick J. Wong)  [Orabug: 34085022] 
- xfs: flush inodegc workqueue tasks before cancel (Brian Foster)  [Orabug: 34085022] 
- xfs: prevent UAF in xfs_log_item_in_current_chkpt (Darrick J. Wong)  [Orabug: 34085022] 
- xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list() (Dan Carpenter)  [Orabug: 34085022] 
- xfs: check sb_meta_uuid for dabuf buffer recovery (Dave Chinner)  [Orabug: 34085022] 
- xfs: only run COW extent recovery when there are no live extents (Darrick J. Wong)  [Orabug: 34085022] 
- x86/platform/uv: Log gap hole end size (Mike Travis)  [Orabug: 34100359] 
- x86/platform/uv: Update TSC sync state for UV5 (Mike Travis)  [Orabug: 34100359] 
- x86/platform/uv: Update NMI Handler for UV5 (Mike Travis)  [Orabug: 34100359] 
- perf/x86/intel/uncore: Fix the build on !CONFIG_PHYS_ADDR_T_64BIT (Ingo Molnar)  [Orabug: 34100359] 
- perf/x86/intel/uncore: Make uncore_discovery clean for 64 bit addresses (Steve Wahl)  [Orabug: 34100359] 
- net/rds: Delayed DR_SOCK_CANCEL (Gerd Rausch)  [Orabug: 34105317] 
- uek-rpm: Move needed modules to core rpm (Somasundaram Krishnasamy)  [Orabug: 34124573] [Orabug: 34130428] [Orabug: 34130346] 
- af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register (Haimin Zhang)  [Orabug: 34135342]  {CVE-2022-1353}

Sat Apr 30 2022 Jack Vogel <jack.vogel@oracle.com> - 5.15.0-0.30.9.el8

- uek-rpm: Enable CONFIG_KFENCE (Joe Jin)  [Orabug: 34125090] 
- rds: ib: INFO: trying to register non-static key during rmmod (Freddy Carrillo)  [Orabug: 34106050] 
- uek-rpm: Move few modules to core rpm (Somasundaram Krishnasamy)  [Orabug: 34087568] 
- bpf: Emit bpf_timer in vmlinux BTF (Yonghong Song)  [Orabug: 34085523] 
- selftests/bpf: Define SYS_NANOSLEEP_KPROBE_NAME for aarch64 (Ilya Leoshkevich)  [Orabug: 34085523] 
- KVM: avoid NULL pointer dereference in kvm_dirty_ring_push (Paolo Bonzini)  [Orabug: 34048938]  {CVE-2022-1263}

Tue Apr 26 2022 Jack Vogel <jack.vogel@oracle.com> - 5.15.0-0.30.8.el8

- Revert "locking/rwsem: Make handoff bit handling more consistent" (John Donnelly)  [Orabug: 34087272] 
- Revert "locking/rwsem: Always try to wake waiters in out_nolock path" (John Donnelly)  [Orabug: 34087272] 
- x86, ctf: fix CTF suppression in the vDSO (Nick Alcock)  [Orabug: 34090171]