-
Notifications
You must be signed in to change notification settings - Fork 510
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update kernels to 5.10.135 and 5.15.59 #2465
Update kernels to 5.10.135 and 5.15.59 #2465
Conversation
Rebase to Amazon Linux upstream version based on 5.10.135. Apply two config changes in the process: * Stop building the qlge NIC driver. The hardware has been EOL'd more than 8 years ago, and the driver has known quality problems which is the reason it lives in the staging tree. The Amazon Linux kernel based on 5.15.59 dropped it and I don't see a good reason to retain it for Bottlerocket either, so drop it from the 5.10 builds, too. * Continue not building the sch_cake qdisc. CAKE is targeted for residential links, and building devices such as routers in particular. It is unlikely to be useful for Bottlerocket for the time being. Since upstream builds it as a module now, sch_cake needs to be explicitly disabled. Signed-off-by: Markus Boehme <[email protected]>
Rebase to Amazon Linux upstream version based on 5.15.59. Apply a config change in the process: * Continue not building the sch_cake qdisc. CAKE is targeted for residential links, and building devices such as routers in particular. It is unlikely to be useful for Bottlerocket for the time being. Since upstream builds it as a module now, sch_cake needs to be explicitly disabled. Signed-off-by: Markus Boehme <[email protected]>
I forgot to to upload the new SRPMs to the look-aside cache, hence the build failures. Odd that some succeeded anyway. |
Interesting that all the nvidia variants succeeded while all the others did not. |
Good call-out! The NVIDIA variants are built with |
I assume the answer is "no" given the source, but wanted to double check - neither stable kernel update includes a backport of this nvme commit? |
@bcressey: No, we're good. The commit in question was not backported from when it was introduced in 5.19. |
Issue number: n/a
Description of changes: This rebases the Bottlerocket kernels in preparation for the 1.10 release. The new kernels are based on 5.10.135 and 5.15.59, respectively.
Note that this picks up the mitigations against retbleed, an attack targeting previous Spectre mitigations. The configuration for these mitigations matches upstream defaults.
Testing done:
Report from
tools/diff-kernel-config
:You can find the full report in this Gist.
The newly added options for x86 builds are related to the retbleed mitigations. The upstream community used this as an opportunity to also restructure the configuration of various hardware vulnerability mitigations, which can be seen in the full report.
The changed option in some kernel builds relates to the Amazon Linux kernel dropping the
qlge
NIC driver, and me deciding to follow suit for the Bottlerocket kernels. The driver has known deficiencies which is the reason it lives in the staging tree of the kernel. Given that its hardware has been EOL'd more than 8 years ago, there is likely to be little interest in the driver in its current form, let alone in fixing its quality problems.Terms of contribution:
By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.