In message: v5.2.x - stable updates comprising v5.2.23 on 15/11/2019 Paul Gortmaker wrote:
> Bruce, Yocto kernel folks: > > Here is the next 5.2.x stable update "extension" primarily created for > the Yocto project, continuing from the first v5.2.22 post-EOL release. > > This 5.2.22 release only contains about 22 mainline commits. Rather > than continue the audit of what went into 5.3.8 - I jumped ahead to > 5.3.11 in order to get the latest CVE embargo commits relating to > iTLB/tsx/TAA, as I assumed they would be of interest to people. > > Folks will find in /sys/devices/system/cpu/vulnerabilities - alongside > spectre and meltdown, new files itlb_multihit and tsx_async_abort, and > can look them up in the documentation for more details. > > I will circle back to 5.3.8+ content for the next v5.2.24 release I'll > be starting shortly. > > The CVE was significant to KVM, and as such, the commits had a fairly > high footprint in that subsystem. I used a code refactoring mainline > commit from between 5.2 and 5.3 in order to enable using the CVE related > KVM commits with as little alteration as possible. Also possibly worth > a mention, is that post-5.2 the main kvm_lock went from being a spinlock > to a mutex. Rather than risk any possible impact to -rt, I simply > retained it being a spin, and adjusted the CVE commits accordingly. > > I've put this 5.2.23 queue through the usual testing; build testing on > x86-64/32, ARM-64/32, PPC and MIPS, plus some static analysis and > finally some sanity runtime tests on x86-64. > > In addition, since there was a significant KVM footprint in the > changelog, I also built a defconfig with KVM and KVM_INTEL enabled, and > booted that same kernel as host and guest, on both kvm-intel enabled and > older non-kvm-intel enabled systems, and saw no obvious issues. Sounds good. Thanks for the extra testing! This is now merged and pushed. Bruce > > I did the signed tag just as per the previously released versions. > Please find a signed v5.2.23 tag using this key: > > http://pgp.mit.edu/pks/lookup?op=vindex&search=0xEBCE84042C07D1D6 > > in the repo in the kernel.org directory here: > > > https://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux-5.2.y.git/?h=linux-5.2.y > git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux-5.2.y.git > > for merge to standard/base in linux-yocto-5.2 and then out from there > into the other base and BSP branches. > > For those who are interested, the evolution of the commits is here: > > https://git.kernel.org/cgit/linux/kernel/git/paulg/longterm-queue-5.2.git/ > > This repo isn't needed for anything; it just exists for transparency and > so people can see the evolution of the raw commits that were originally > selected to create this 5.2.x release. > > Paul. -- _______________________________________________ linux-yocto mailing list [email protected] https://lists.yoctoproject.org/listinfo/linux-yocto
