[AUTOPATCHER-kernel] Kernel upgrade to version 6.6.64.2 - branch 3.0-dev #11803
Conversation
microsoft-github-policy-service
bot
added
Packaging
Tools
Automatic PR
3.0-dev
| @@ -507,7 +507,6 @@ CONFIG_PHYSICAL_ALIGN=0x1000000 | |||
| CONFIG_DYNAMIC_MEMORY_LAYOUT=y | |||
| CONFIG_RANDOMIZE_MEMORY=y | |||
| CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING=0xa | |||
| # CONFIG_ADDRESS_MASKING is not set | |||
There was a problem hiding this comment.
Result of: microsoft/CBL-Mariner-Linux-Kernel@60a5ba5
| @@ -527,7 +527,6 @@ CONFIG_ARM64_EPAN=y | |||
| # end of ARMv8.7 architectural features | |||
|
|
|||
| CONFIG_ARM64_SVE=y | |||
| CONFIG_ARM64_SME=y | |||
There was a problem hiding this comment.
Result of microsoft/CBL-Mariner-Linux-Kernel@22aaaa7
ARM Scalable Matrix Extension (SME) is being dubbed "BROKEN" for now due to many issues including the corruption of the FPSIMD/SVE/SME state of arbitrary tasks.
More on ARM SME can be read at
KConfig
linux kernel upstream documentation
ARM blog
| @@ -7366,6 +7365,8 @@ CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT=y | |||
| CONFIG_SECURITY_LANDLOCK=y | |||
| CONFIG_SECURITY_IPE=y | |||
| CONFIG_IPE_BOOT_POLICY="" | |||
| CONFIG_IPE_POLICY_SIG_SECONDARY_KEYRING=y | |||
| CONFIG_IPE_POLICY_SIG_PLATFORM_KEYRING=y | |||
There was a problem hiding this comment.
Both SECONDARY and PLATFORM keyring changes a result of microsoft/CBL-Mariner-Linux-Kernel@f87bb12#diff-1f7bd1d89ce31840a8be21b3700fda99d047643f5a1c614c6dbb00ec86bf9341R12
[Commit aafd2ae5]: ipe: allow secondary and platform keyrings to install/update policies
| @@ -7374,7 +7375,6 @@ CONFIG_IPE_PROP_DM_VERITY=y | |||
| CONFIG_IPE_PROP_DM_VERITY_SIGNATURE=y | |||
| CONFIG_IPE_PROP_FS_VERITY=y | |||
| CONFIG_IPE_PROP_FS_VERITY_BUILTIN_SIG=y | |||
| CONFIG_IPE_PROP_INTENDED_PATHNAME=y | |||
There was a problem hiding this comment.
"IPE_PROP_INTENDED_PATHNAME" is no longer included in the AzL kernel ipe source to better align with upstream offerings. Commit was removed in feature branch: microsoft/CBL-Mariner-Linux-Kernel@f87bb12#diff-1f7bd1d89ce31840a8be21b3700fda99d047643f5a1c614c6dbb00ec86bf9341R12
for reference, commit which contained this feature was [d356a4ff68] ipe: add intended_pathname property
| @@ -8777,10 +8776,8 @@ CONFIG_COMMON_CLK_MT8192=y | |||
| # CONFIG_COMMON_CLK_MT8192_VENCSYS is not set | |||
| CONFIG_COMMON_CLK_MT8195=y | |||
| CONFIG_COMMON_CLK_MT8195_APUSYS=y | |||
| CONFIG_COMMON_CLK_MT8195_AUDSYS=y | |||
There was a problem hiding this comment.
result of microsoft/CBL-Mariner-Linux-Kernel@3d02397
This config does nothing in the source
| CONFIG_COMMON_CLK_MT8195_IMP_IIC_WRAP=y | ||
| CONFIG_COMMON_CLK_MT8195_MFGCFG=y | ||
| CONFIG_COMMON_CLK_MT8195_MSDC=y |
There was a problem hiding this comment.
result of microsoft/CBL-Mariner-Linux-Kernel@3d02397
This config does nothing in the source
|
Closing to rerun with #11409 (review) |
[AUTOPATCHER-kernel] Kernel upgrade to version 6.6.64.2 - branch 3.0-dev
Upgrade pipeline run -> https://dev.azure.com/mariner-org/mariner/_build/results?buildId=706543&view=results
buddy build -> https://dev.azure.com/mariner-org/mariner/_build/results?buildId=706547&view=results