From 5f0799c04b79a625dbe7924e7f053f02ab6d313b Mon Sep 17 00:00:00 2001 From: Marcin Krol Date: Thu, 25 Apr 2024 23:53:00 +0200 Subject: [PATCH] - updated to 5.15.156 --- kernel-x86.config | 27 ++++++++++++++++----------- kernel-x86_64.config | 27 +++++++++++++++++---------- kernel.spec | 4 ++-- 3 files changed, 35 insertions(+), 23 deletions(-) diff --git a/kernel-x86.config b/kernel-x86.config index 1afaa1a..fba4f08 100644 --- a/kernel-x86.config +++ b/kernel-x86.config @@ -1,18 +1,17 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 5.15.153-5.15 Kernel Configuration +# Linux/x86 5.15.156 Kernel Configuration # -CONFIG_CC_VERSION_TEXT="gcc (TLD-Linux) 11.2.0 20220221 (release)" +CONFIG_CC_VERSION_TEXT="gcc (TLD-Linux) 13.2.0 20240401 (release)" CONFIG_CC_IS_GCC=y -CONFIG_GCC_VERSION=110200 +CONFIG_GCC_VERSION=130200 CONFIG_CLANG_VERSION=0 CONFIG_AS_IS_GNU=y -CONFIG_AS_VERSION=23400 +CONFIG_AS_VERSION=24200 CONFIG_LD_IS_BFD=y -CONFIG_LD_VERSION=23400 +CONFIG_LD_VERSION=24200 CONFIG_LLD_VERSION=0 CONFIG_CC_CAN_LINK=y -CONFIG_CC_CAN_LINK_STATIC=y CONFIG_CC_HAS_ASM_GOTO=y CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y CONFIG_CC_HAS_ASM_GOTO_TIED_OUTPUT=y @@ -490,6 +489,8 @@ CONFIG_PAGE_TABLE_ISOLATION=y CONFIG_RETPOLINE=y CONFIG_RETHUNK=y # CONFIG_GDS_FORCE_MITIGATION is not set +CONFIG_MITIGATION_RFDS=y +CONFIG_MITIGATION_SPECTRE_BHI=y CONFIG_ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE=y CONFIG_USE_PERCPU_NUMA_NODE_ID=y @@ -818,6 +819,8 @@ CONFIG_GCC_PLUGINS=y # CONFIG_GCC_PLUGIN_LATENT_ENTROPY is not set CONFIG_GCC_PLUGIN_RANDSTRUCT=y CONFIG_GCC_PLUGIN_RANDSTRUCT_PERFORMANCE=y +CONFIG_FUNCTION_ALIGNMENT_4B=y +CONFIG_FUNCTION_ALIGNMENT=4 # end of General architecture-dependent options CONFIG_RT_MUTEXES=y @@ -10028,8 +10031,7 @@ CONFIG_NFS_FSCACHE=y CONFIG_NFS_USE_LEGACY_DNS=y CONFIG_NFS_DISABLE_UDP_SUPPORT=y CONFIG_NFSD=m -CONFIG_NFSD_V2_ACL=y -CONFIG_NFSD_V3=y +# CONFIG_NFSD_V2 is not set CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_NFSD_PNFS=y @@ -10205,16 +10207,19 @@ CONFIG_LSM="lockdown,yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,appar # # Kernel hardening options # -CONFIG_GCC_PLUGIN_STRUCTLEAK=y # # Memory initialization # +CONFIG_CC_HAS_AUTO_VAR_INIT_PATTERN=y +CONFIG_CC_HAS_AUTO_VAR_INIT_ZERO_BARE=y +CONFIG_CC_HAS_AUTO_VAR_INIT_ZERO=y # CONFIG_INIT_STACK_NONE is not set # CONFIG_GCC_PLUGIN_STRUCTLEAK_USER is not set # CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF is not set -CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y -# CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE is not set +# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL is not set +# CONFIG_INIT_STACK_ALL_PATTERN is not set +CONFIG_INIT_STACK_ALL_ZERO=y CONFIG_GCC_PLUGIN_STACKLEAK=y CONFIG_STACKLEAK_TRACK_MIN_SIZE=100 CONFIG_STACKLEAK_METRICS=y diff --git a/kernel-x86_64.config b/kernel-x86_64.config index 48b301e..4a02fdb 100644 --- a/kernel-x86_64.config +++ b/kernel-x86_64.config @@ -1,15 +1,15 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 5.15.153-5.15 Kernel Configuration +# Linux/x86 5.15.156 Kernel Configuration # -CONFIG_CC_VERSION_TEXT="gcc (TLD-Linux) 11.2.0 20220221 (release)" +CONFIG_CC_VERSION_TEXT="gcc (TLD-Linux) 13.2.0 20240401 (release)" CONFIG_CC_IS_GCC=y -CONFIG_GCC_VERSION=110200 +CONFIG_GCC_VERSION=130200 CONFIG_CLANG_VERSION=0 CONFIG_AS_IS_GNU=y -CONFIG_AS_VERSION=23400 +CONFIG_AS_VERSION=24200 CONFIG_LD_IS_BFD=y -CONFIG_LD_VERSION=23400 +CONFIG_LD_VERSION=24200 CONFIG_LLD_VERSION=0 CONFIG_CC_CAN_LINK=y CONFIG_CC_CAN_LINK_STATIC=y @@ -506,6 +506,8 @@ CONFIG_CPU_IBRS_ENTRY=y CONFIG_CPU_SRSO=y CONFIG_SLS=y # CONFIG_GDS_FORCE_MITIGATION is not set +CONFIG_MITIGATION_RFDS=y +CONFIG_MITIGATION_SPECTRE_BHI=y CONFIG_ARCH_HAS_ADD_PAGES=y CONFIG_ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE=y CONFIG_USE_PERCPU_NUMA_NODE_ID=y @@ -836,6 +838,9 @@ CONFIG_GCC_PLUGINS=y # CONFIG_GCC_PLUGIN_LATENT_ENTROPY is not set CONFIG_GCC_PLUGIN_RANDSTRUCT=y CONFIG_GCC_PLUGIN_RANDSTRUCT_PERFORMANCE=y +CONFIG_FUNCTION_ALIGNMENT_4B=y +CONFIG_FUNCTION_ALIGNMENT_16B=y +CONFIG_FUNCTION_ALIGNMENT=16 # end of General architecture-dependent options CONFIG_RT_MUTEXES=y @@ -10001,8 +10006,7 @@ CONFIG_NFS_FSCACHE=y CONFIG_NFS_USE_LEGACY_DNS=y CONFIG_NFS_DISABLE_UDP_SUPPORT=y CONFIG_NFSD=m -CONFIG_NFSD_V2_ACL=y -CONFIG_NFSD_V3=y +# CONFIG_NFSD_V2 is not set CONFIG_NFSD_V3_ACL=y CONFIG_NFSD_V4=y CONFIG_NFSD_PNFS=y @@ -10178,16 +10182,19 @@ CONFIG_LSM="lockdown,yama,loadpin,safesetid,integrity,selinux,smack,tomoyo,appar # # Kernel hardening options # -CONFIG_GCC_PLUGIN_STRUCTLEAK=y # # Memory initialization # +CONFIG_CC_HAS_AUTO_VAR_INIT_PATTERN=y +CONFIG_CC_HAS_AUTO_VAR_INIT_ZERO_BARE=y +CONFIG_CC_HAS_AUTO_VAR_INIT_ZERO=y # CONFIG_INIT_STACK_NONE is not set # CONFIG_GCC_PLUGIN_STRUCTLEAK_USER is not set # CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF is not set -CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y -# CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE is not set +# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL is not set +# CONFIG_INIT_STACK_ALL_PATTERN is not set +CONFIG_INIT_STACK_ALL_ZERO=y CONFIG_GCC_PLUGIN_STACKLEAK=y CONFIG_STACKLEAK_TRACK_MIN_SIZE=100 CONFIG_STACKLEAK_METRICS=y diff --git a/kernel.spec b/kernel.spec index c8409c5..b1b1898 100644 --- a/kernel.spec +++ b/kernel.spec @@ -4,7 +4,7 @@ %bcond_with verbose # verbose build (V=1) %define basever 5.15 -%define postver 153 +%define postver 156 %define rel 1 %define __alt_kernel %{nil} @@ -36,7 +36,7 @@ Source0: http://www.kernel.org/pub/linux/kernel/v5.x/linux-%{basever}.tar.xz # Source0-md5: 071d49ff4e020d58c04f9f3f76d3b594 %if "%{postver}" != "0" Source1: http://www.kernel.org/pub/linux/kernel/v5.x/patch-%{version}.xz -# Source1-md5: 476b156815103c9eb936a03c130d3874 +# Source1-md5: 6696d57997e8bc781491fce830378656 %endif Source2: kernel-module-build.pl -- 2.45.1