diff --git a/SPECS-SIGNED/kernel-signed/kernel-signed.spec b/SPECS-SIGNED/kernel-signed/kernel-signed.spec index 6d666db4457..1308c7fabed 100644 --- a/SPECS-SIGNED/kernel-signed/kernel-signed.spec +++ b/SPECS-SIGNED/kernel-signed/kernel-signed.spec @@ -9,7 +9,7 @@ %define uname_r %{version}-%{release} Summary: Signed Linux Kernel for %{buildarch} systems Name: kernel-signed-%{buildarch} -Version: 5.10.188.1 +Version: 5.10.189.1 Release: 1%{?dist} License: GPLv2 Vendor: Microsoft Corporation @@ -147,6 +147,9 @@ ln -sf linux-%{uname_r}.cfg /boot/mariner.cfg %endif %changelog +* Wed Aug 09 2023 CBL-Mariner Servicing Account - 5.10.189.1-1 +- Auto-upgrade to 5.10.189.1 + * Mon Jul 31 2023 CBL-Mariner Servicing Account - 5.10.188.1-1 - Auto-upgrade to 5.10.188.1 diff --git a/SPECS/hyperv-daemons/hyperv-daemons.signatures.json b/SPECS/hyperv-daemons/hyperv-daemons.signatures.json index 3795eb8ec0f..055c9a6ccd2 100644 --- a/SPECS/hyperv-daemons/hyperv-daemons.signatures.json +++ b/SPECS/hyperv-daemons/hyperv-daemons.signatures.json @@ -7,6 +7,6 @@ "hypervkvpd.service": "25339871302f7a47e1aecfa9fc2586c78bc37edb98773752f0a5dec30f0ed3a1", "hypervvss.rules": "94cead44245ef6553ab79c0bbac8419e3ff4b241f01bcec66e6f508098cbedd1", "hypervvssd.service": "22270d9f0f23af4ea7905f19c1d5d5495e40c1f782cbb87a99f8aec5a011078d", - "kernel-5.10.188.1.tar.gz": "7254ade5bdc04d29b4e2138545c08e758bb9dc2d51846ce3a1d68e002e97f892" + "kernel-5.10.189.1.tar.gz": "f92b7a4211cf8ba1e36074f498c5fb96bfc2a1025e443023875e06e228c1a467" } } \ No newline at end of file diff --git a/SPECS/hyperv-daemons/hyperv-daemons.spec b/SPECS/hyperv-daemons/hyperv-daemons.spec index 7373ff8e5ec..aba8fd4bd23 100644 --- a/SPECS/hyperv-daemons/hyperv-daemons.spec +++ b/SPECS/hyperv-daemons/hyperv-daemons.spec @@ -8,7 +8,7 @@ %global udev_prefix 70 Summary: Hyper-V daemons suite Name: hyperv-daemons -Version: 5.10.188.1 +Version: 5.10.189.1 Release: 1%{?dist} License: GPLv2+ Vendor: Microsoft Corporation @@ -221,6 +221,9 @@ fi %{_sbindir}/lsvmbus %changelog +* Wed Aug 09 2023 CBL-Mariner Servicing Account - 5.10.189.1-1 +- Auto-upgrade to 5.10.189.1 + * Mon Jul 31 2023 CBL-Mariner Servicing Account - 5.10.188.1-1 - Auto-upgrade to 5.10.188.1 diff --git a/SPECS/kernel-headers/kernel-headers.signatures.json b/SPECS/kernel-headers/kernel-headers.signatures.json index e441155737a..8bee640ed6b 100644 --- a/SPECS/kernel-headers/kernel-headers.signatures.json +++ b/SPECS/kernel-headers/kernel-headers.signatures.json @@ -1,5 +1,5 @@ { "Signatures": { - "kernel-5.10.188.1.tar.gz": "7254ade5bdc04d29b4e2138545c08e758bb9dc2d51846ce3a1d68e002e97f892" + "kernel-5.10.189.1.tar.gz": "f92b7a4211cf8ba1e36074f498c5fb96bfc2a1025e443023875e06e228c1a467" } } \ No newline at end of file diff --git a/SPECS/kernel-headers/kernel-headers.spec b/SPECS/kernel-headers/kernel-headers.spec index 324f9b521d4..6fb8775886e 100644 --- a/SPECS/kernel-headers/kernel-headers.spec +++ b/SPECS/kernel-headers/kernel-headers.spec @@ -1,6 +1,6 @@ Summary: Linux API header files Name: kernel-headers -Version: 5.10.188.1 +Version: 5.10.189.1 Release: 1%{?dist} License: GPLv2 Vendor: Microsoft Corporation @@ -36,6 +36,9 @@ cp -rv usr/include/* /%{buildroot}%{_includedir} %{_includedir}/* %changelog +* Wed Aug 09 2023 CBL-Mariner Servicing Account - 5.10.189.1-1 +- Auto-upgrade to 5.10.189.1 + * Mon Jul 31 2023 CBL-Mariner Servicing Account - 5.10.188.1-1 - Auto-upgrade to 5.10.188.1 diff --git a/SPECS/kernel-hyperv/config b/SPECS/kernel-hyperv/config index 75d75fc79ce..9619f58f6b3 100644 --- a/SPECS/kernel-hyperv/config +++ b/SPECS/kernel-hyperv/config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86_64 5.10.188.1 Kernel Configuration +# Linux/x86_64 5.10.189.1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (GCC) 9.1.0" CONFIG_CC_IS_GCC=y @@ -444,6 +444,8 @@ CONFIG_RETHUNK=y CONFIG_CPU_UNRET_ENTRY=y CONFIG_CPU_IBPB_ENTRY=y CONFIG_CPU_IBRS_ENTRY=y +CONFIG_CPU_SRSO=y +# CONFIG_GDS_FORCE_MITIGATION is not set CONFIG_ARCH_HAS_ADD_PAGES=y CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y CONFIG_ARCH_ENABLE_SPLIT_PMD_PTLOCK=y @@ -655,6 +657,7 @@ CONFIG_GENERIC_SMP_IDLE_THREAD=y CONFIG_ARCH_HAS_FORTIFY_SOURCE=y CONFIG_ARCH_HAS_SET_MEMORY=y CONFIG_ARCH_HAS_SET_DIRECT_MAP=y +CONFIG_ARCH_HAS_CPU_FINALIZE_INIT=y CONFIG_HAVE_ARCH_THREAD_STRUCT_WHITELIST=y CONFIG_ARCH_WANTS_DYNAMIC_TASK_STRUCT=y CONFIG_HAVE_ASM_MODVERSIONS=y diff --git a/SPECS/kernel-hyperv/kernel-hyperv.signatures.json b/SPECS/kernel-hyperv/kernel-hyperv.signatures.json index ed05d9cc9de..ff12df95bf0 100644 --- a/SPECS/kernel-hyperv/kernel-hyperv.signatures.json +++ b/SPECS/kernel-hyperv/kernel-hyperv.signatures.json @@ -1,8 +1,8 @@ { "Signatures": { "cbl-mariner-ca-20211013.pem": "5ef124b0924cb1047c111a0ecff1ae11e6ad7cac8d1d9b40f98f99334121f0b0", - "config": "2ff778b1a7a9fe402b8bbc305014674bfff2451f8729439ed76d3839be02daea", + "config": "5c98cac36f4f5bdd1d039eaff6095492a15f083c2e747996833c62727a4b5605", "sha512hmac-openssl.sh": "02ab91329c4be09ee66d759e4d23ac875037c3b56e5a598e32fd1206da06a27f", - "kernel-5.10.188.1.tar.gz": "7254ade5bdc04d29b4e2138545c08e758bb9dc2d51846ce3a1d68e002e97f892" + "kernel-5.10.189.1.tar.gz": "f92b7a4211cf8ba1e36074f498c5fb96bfc2a1025e443023875e06e228c1a467" } } \ No newline at end of file diff --git a/SPECS/kernel-hyperv/kernel-hyperv.spec b/SPECS/kernel-hyperv/kernel-hyperv.spec index a4236d3dd5a..f290555e0c2 100644 --- a/SPECS/kernel-hyperv/kernel-hyperv.spec +++ b/SPECS/kernel-hyperv/kernel-hyperv.spec @@ -3,7 +3,7 @@ %define uname_r %{version}-%{release} Summary: Linux Kernel optimized for Hyper-V Name: kernel-hyperv -Version: 5.10.188.1 +Version: 5.10.189.1 Release: 1%{?dist} License: GPLv2 Vendor: Microsoft Corporation @@ -270,6 +270,9 @@ ln -sf linux-%{uname_r}.cfg /boot/mariner.cfg %{_libdir}/perf/include/bpf/* %changelog +* Wed Aug 09 2023 CBL-Mariner Servicing Account - 5.10.189.1-1 +- Auto-upgrade to 5.10.189.1 + * Mon Jul 31 2023 CBL-Mariner Servicing Account - 5.10.188.1-1 - Auto-upgrade to 5.10.188.1 diff --git a/SPECS/kernel/config b/SPECS/kernel/config index 729d4ec7659..a779d43445a 100644 --- a/SPECS/kernel/config +++ b/SPECS/kernel/config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86_64 5.10.188.1 Kernel Configuration +# Linux/x86_64 5.10.189.1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (GCC) 9.1.0" CONFIG_CC_IS_GCC=y @@ -491,6 +491,8 @@ CONFIG_RETHUNK=y CONFIG_CPU_UNRET_ENTRY=y CONFIG_CPU_IBPB_ENTRY=y CONFIG_CPU_IBRS_ENTRY=y +CONFIG_CPU_SRSO=y +# CONFIG_GDS_FORCE_MITIGATION is not set CONFIG_ARCH_HAS_ADD_PAGES=y CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y CONFIG_ARCH_ENABLE_MEMORY_HOTREMOVE=y @@ -753,6 +755,7 @@ CONFIG_GENERIC_SMP_IDLE_THREAD=y CONFIG_ARCH_HAS_FORTIFY_SOURCE=y CONFIG_ARCH_HAS_SET_MEMORY=y CONFIG_ARCH_HAS_SET_DIRECT_MAP=y +CONFIG_ARCH_HAS_CPU_FINALIZE_INIT=y CONFIG_HAVE_ARCH_THREAD_STRUCT_WHITELIST=y CONFIG_ARCH_WANTS_DYNAMIC_TASK_STRUCT=y CONFIG_HAVE_ASM_MODVERSIONS=y diff --git a/SPECS/kernel/config_aarch64 b/SPECS/kernel/config_aarch64 index 552387877d6..03124437ecf 100644 --- a/SPECS/kernel/config_aarch64 +++ b/SPECS/kernel/config_aarch64 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/arm64 5.10.188.1 Kernel Configuration +# Linux/arm64 5.10.189.1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (GCC) 9.1.0" CONFIG_CC_IS_GCC=y diff --git a/SPECS/kernel/kernel.signatures.json b/SPECS/kernel/kernel.signatures.json index deba6cb235a..c4898abc08d 100644 --- a/SPECS/kernel/kernel.signatures.json +++ b/SPECS/kernel/kernel.signatures.json @@ -1,9 +1,9 @@ { "Signatures": { "cbl-mariner-ca-20211013.pem": "5ef124b0924cb1047c111a0ecff1ae11e6ad7cac8d1d9b40f98f99334121f0b0", - "config": "123dd954327506cbcbaca0459d115ebe48d9003ed7bef0e12ce91442d55578f3", - "config_aarch64": "e3de774f5a2e8ea48d6db2b4615f44d9f089da8c8ece3cd9b0abcec6991bd4fa", + "config": "0d38db7e54eabee96f9508625df09627419b3be2d88e57fbeab68857c955a449", + "config_aarch64": "e23190e61aa667b2a0b1a43befc0217b93f17a767ef933ac46c788dea68be652", "sha512hmac-openssl.sh": "02ab91329c4be09ee66d759e4d23ac875037c3b56e5a598e32fd1206da06a27f", - "kernel-5.10.188.1.tar.gz": "7254ade5bdc04d29b4e2138545c08e758bb9dc2d51846ce3a1d68e002e97f892" + "kernel-5.10.189.1.tar.gz": "f92b7a4211cf8ba1e36074f498c5fb96bfc2a1025e443023875e06e228c1a467" } } \ No newline at end of file diff --git a/SPECS/kernel/kernel.spec b/SPECS/kernel/kernel.spec index 94bdc6caa86..92fc18a8414 100644 --- a/SPECS/kernel/kernel.spec +++ b/SPECS/kernel/kernel.spec @@ -3,7 +3,7 @@ %define uname_r %{version}-%{release} Summary: Linux Kernel Name: kernel -Version: 5.10.188.1 +Version: 5.10.189.1 Release: 1%{?dist} License: GPLv2 Vendor: Microsoft Corporation @@ -634,6 +634,9 @@ ln -sf linux-%{uname_r}.cfg /boot/mariner.cfg %{_sysconfdir}/bash_completion.d/bpftool %changelog +* Wed Aug 09 2023 CBL-Mariner Servicing Account - 5.10.189.1-1 +- Auto-upgrade to 5.10.189.1 + * Mon Jul 31 2023 CBL-Mariner Servicing Account - 5.10.188.1-1 - Auto-upgrade to 5.10.188.1 diff --git a/cgmanifest.json b/cgmanifest.json index f977a382ded..62d2d9e746f 100644 --- a/cgmanifest.json +++ b/cgmanifest.json @@ -2156,8 +2156,8 @@ "type": "other", "other": { "name": "hyperv-daemons", - "version": "5.10.188.1", - "downloadUrl": "https://github.com/microsoft/CBL-Mariner-Linux-Kernel/archive/rolling-lts/mariner/5.10.188.1.tar.gz" + "version": "5.10.189.1", + "downloadUrl": "https://github.com/microsoft/CBL-Mariner-Linux-Kernel/archive/rolling-lts/mariner/5.10.189.1.tar.gz" } } }, @@ -2476,8 +2476,8 @@ "type": "other", "other": { "name": "kernel", - "version": "5.10.188.1", - "downloadUrl": "https://github.com/microsoft/CBL-Mariner-Linux-Kernel/archive/rolling-lts/mariner/5.10.188.1.tar.gz" + "version": "5.10.189.1", + "downloadUrl": "https://github.com/microsoft/CBL-Mariner-Linux-Kernel/archive/rolling-lts/mariner/5.10.189.1.tar.gz" } } }, @@ -2486,8 +2486,8 @@ "type": "other", "other": { "name": "kernel-headers", - "version": "5.10.188.1", - "downloadUrl": "https://github.com/microsoft/CBL-Mariner-Linux-Kernel/archive/rolling-lts/mariner/5.10.188.1.tar.gz" + "version": "5.10.189.1", + "downloadUrl": "https://github.com/microsoft/CBL-Mariner-Linux-Kernel/archive/rolling-lts/mariner/5.10.189.1.tar.gz" } } }, @@ -2496,8 +2496,8 @@ "type": "other", "other": { "name": "kernel-hyperv", - "version": "5.10.188.1", - "downloadUrl": "https://github.com/microsoft/CBL-Mariner-Linux-Kernel/archive/rolling-lts/mariner/5.10.188.1.tar.gz" + "version": "5.10.189.1", + "downloadUrl": "https://github.com/microsoft/CBL-Mariner-Linux-Kernel/archive/rolling-lts/mariner/5.10.189.1.tar.gz" } } }, diff --git a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt index c379194461d..9d8e6d27b80 100644 --- a/toolkit/resources/manifests/package/pkggen_core_aarch64.txt +++ b/toolkit/resources/manifests/package/pkggen_core_aarch64.txt @@ -1,5 +1,5 @@ filesystem-1.1-7.cm1.aarch64.rpm -kernel-headers-5.10.188.1-1.cm1.noarch.rpm +kernel-headers-5.10.189.1-1.cm1.noarch.rpm glibc-2.28-24.cm1.aarch64.rpm glibc-devel-2.28-24.cm1.aarch64.rpm glibc-i18n-2.28-24.cm1.aarch64.rpm diff --git a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt index e9962a1b4de..95e0dbec01e 100644 --- a/toolkit/resources/manifests/package/pkggen_core_x86_64.txt +++ b/toolkit/resources/manifests/package/pkggen_core_x86_64.txt @@ -1,5 +1,5 @@ filesystem-1.1-7.cm1.x86_64.rpm -kernel-headers-5.10.188.1-1.cm1.noarch.rpm +kernel-headers-5.10.189.1-1.cm1.noarch.rpm glibc-2.28-24.cm1.x86_64.rpm glibc-devel-2.28-24.cm1.x86_64.rpm glibc-i18n-2.28-24.cm1.x86_64.rpm diff --git a/toolkit/resources/manifests/package/toolchain_aarch64.txt b/toolkit/resources/manifests/package/toolchain_aarch64.txt index 7fa20e09e6a..6f9e9512296 100644 --- a/toolkit/resources/manifests/package/toolchain_aarch64.txt +++ b/toolkit/resources/manifests/package/toolchain_aarch64.txt @@ -152,7 +152,7 @@ json-c-debuginfo-0.14-3.cm1.aarch64.rpm json-c-devel-0.14-3.cm1.aarch64.rpm kbd-2.0.4-7.cm1.aarch64.rpm kbd-debuginfo-2.0.4-7.cm1.aarch64.rpm -kernel-headers-5.10.188.1-1.cm1.noarch.rpm +kernel-headers-5.10.189.1-1.cm1.noarch.rpm kmod-25-4.cm1.aarch64.rpm kmod-debuginfo-25-4.cm1.aarch64.rpm kmod-devel-25-4.cm1.aarch64.rpm diff --git a/toolkit/resources/manifests/package/toolchain_x86_64.txt b/toolkit/resources/manifests/package/toolchain_x86_64.txt index 95a6b3d7cf7..2c46e18959e 100644 --- a/toolkit/resources/manifests/package/toolchain_x86_64.txt +++ b/toolkit/resources/manifests/package/toolchain_x86_64.txt @@ -152,7 +152,7 @@ json-c-debuginfo-0.14-3.cm1.x86_64.rpm json-c-devel-0.14-3.cm1.x86_64.rpm kbd-2.0.4-7.cm1.x86_64.rpm kbd-debuginfo-2.0.4-7.cm1.x86_64.rpm -kernel-headers-5.10.188.1-1.cm1.noarch.rpm +kernel-headers-5.10.189.1-1.cm1.noarch.rpm kmod-25-4.cm1.x86_64.rpm kmod-debuginfo-25-4.cm1.x86_64.rpm kmod-devel-25-4.cm1.x86_64.rpm diff --git a/toolkit/scripts/toolchain/container/Dockerfile b/toolkit/scripts/toolchain/container/Dockerfile index 21cd8843b7b..ec3c0a77b4d 100644 --- a/toolkit/scripts/toolchain/container/Dockerfile +++ b/toolkit/scripts/toolchain/container/Dockerfile @@ -69,7 +69,7 @@ COPY [ "./toolchain-sha256sums", \ WORKDIR $LFS/sources RUN wget -nv --no-clobber --timeout=30 --no-check-certificate --continue --input-file=$LFS/tools/toolchain-local-wget-list --directory-prefix=$LFS/sources; exit 0 RUN wget -nv --no-clobber --timeout=30 --continue --input-file=$LFS/tools/toolchain-remote-wget-list --directory-prefix=$LFS/sources; exit 0 -RUN wget -nv --no-clobber --timeout=30 --continue https://github.com/microsoft/CBL-Mariner-Linux-Kernel/archive/rolling-lts/mariner/5.10.188.1.tar.gz -O kernel-5.10.188.1.tar.gz --directory-prefix=$LFS/sources; exit 0 +RUN wget -nv --no-clobber --timeout=30 --continue https://github.com/microsoft/CBL-Mariner-Linux-Kernel/archive/rolling-lts/mariner/5.10.189.1.tar.gz -O kernel-5.10.189.1.tar.gz --directory-prefix=$LFS/sources; exit 0 USER root RUN /tools/toolchain-jdk8-wget.sh; exit 0 RUN sha256sum -c $LFS/tools/toolchain-sha256sums && \ diff --git a/toolkit/scripts/toolchain/container/toolchain-sha256sums b/toolkit/scripts/toolchain/container/toolchain-sha256sums index c0e2d6063b1..f8cf93ab736 100644 --- a/toolkit/scripts/toolchain/container/toolchain-sha256sums +++ b/toolkit/scripts/toolchain/container/toolchain-sha256sums @@ -59,7 +59,7 @@ b725c9b2e9793df7bf5d4d300390db11aa27bd98df9f33021d539be9bd603846 jdk8u212-b04-j 13ae78908151ad88ee3b375c72ca3f55a82b5265a3faba97f224f2a9b9d486fc jdk8u212-b04-nashorn.tar.bz2 6d28bdd752c056de98f6faf897b338d6ce8938810d72a69c2f5c1d81d628d44a jdk8u212-b04.tar.bz2 f882210b76376e3fa006b11dbd890e56ec0942bc56e65d1249ff4af86f90b857 kbproto-1.0.7.tar.bz2 -7254ade5bdc04d29b4e2138545c08e758bb9dc2d51846ce3a1d68e002e97f892 kernel-5.10.188.1.tar.gz +f92b7a4211cf8ba1e36074f498c5fb96bfc2a1025e443023875e06e228c1a467 kernel-5.10.189.1.tar.gz c676146577d989189940f1959d9e3980d28513d74eedfbc6b7f15ea45fe54ee2 libarchive-3.6.1.tar.gz b630b7c484271b3ba867680d6a14b10a86cfa67247a14631b14c06731d5a458b libcap-2.26.tar.xz c97da36d2e56a2d7b6e4f896241785acc95e97eb9557465fd66ba2a155a7b201 libdmx-1.1.3.tar.bz2 diff --git a/toolkit/scripts/toolchain/container/toolchain_build_in_chroot.sh b/toolkit/scripts/toolchain/container/toolchain_build_in_chroot.sh index b932c063366..de1e448baac 100755 --- a/toolkit/scripts/toolchain/container/toolchain_build_in_chroot.sh +++ b/toolkit/scripts/toolchain/container/toolchain_build_in_chroot.sh @@ -57,7 +57,7 @@ set -e # cd /sources -KERNEL_VERSION="5.10.188.1" +KERNEL_VERSION="5.10.189.1" echo Linux-${KERNEL_VERSION} API Headers tar xf kernel-${KERNEL_VERSION}.tar.gz pushd CBL-Mariner-Linux-Kernel-rolling-lts-mariner-${KERNEL_VERSION} diff --git a/toolkit/scripts/toolchain/container/toolchain_build_temp_tools.sh b/toolkit/scripts/toolchain/container/toolchain_build_temp_tools.sh index f692b7564cc..141a839de91 100755 --- a/toolkit/scripts/toolchain/container/toolchain_build_temp_tools.sh +++ b/toolkit/scripts/toolchain/container/toolchain_build_temp_tools.sh @@ -114,7 +114,7 @@ rm -rf gcc-9.1.0 touch $LFS/logs/temptoolchain/status_gcc_pass1_complete -KERNEL_VERSION="5.10.188.1" +KERNEL_VERSION="5.10.189.1" echo Linux-${KERNEL_VERSION} API Headers tar xf kernel-${KERNEL_VERSION}.tar.gz pushd CBL-Mariner-Linux-Kernel-rolling-lts-mariner-${KERNEL_VERSION}