Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

New package: linux5.11-5.11.1. #29056

Merged
merged 1 commit into from
Feb 26, 2021
Merged

New package: linux5.11-5.11.1. #29056

merged 1 commit into from
Feb 26, 2021

Conversation

ericonr
Copy link
Member

@ericonr ericonr commented Feb 25, 2021
edited
Loading

Switch to using 5.11 tarball + minor version patch. Allows the tarball
to be shared across updates.

TODO:

  • poison patch <-- mm/page_poison.c has changed a lot, no idea if this is still necessary. @q66
  • ppcle patch <-- ppcle-broken-vdso.patch and ppcle-ll-compat-sys.patch appear to not be upstream, but didn't apply cleanly. I assume they are still necessary?

General

Have the results of the proposed changes been tested?

  • I use the packages affected by the proposed changes on a regular basis and confirm this PR works for me
  • I generally don't use the affected packages but briefly tested this PR

Does it build and run successfully?

(Please choose at least one native build and, if supported, at least one cross build. More are better.)

  • I built this PR locally for my native architecture, (x86_64)
  • I built this PR locally for these architectures (if supported. mark crossbuilds):
    • aarch64-musl
    • armv7l
    • armv6l-musl

[ci skip]

@eli-schwartz
Copy link

Switch to using 5.11 tarball + minor version patch. Allows the tarball
to be shared across updates.

\o/ happy to see it worked for you.

Are you going to update the older release series to do the same too?

@toluschr
Copy link
Contributor

What about enabling intel sgx?

@ericonr
Copy link
Member Author

ericonr commented Feb 25, 2021

Do you know what the config flag is ? I wasn't prompted for it, so it might be hidden behind something else.

@toluschr
Copy link
Contributor

@ericonr

It's CONFIG_*_SGX

@ericonr
Copy link
Member Author

ericonr commented Feb 25, 2021

@toluschr it's easy enough to enable, do you feel it's necessary?

@toluschr
Copy link
Contributor

toluschr commented Feb 25, 2021
edited
Loading

@toluschr it's easy enough to enable, do you feel it's necessary?

AFAIK, some fingerprint readers might not work correctly without it. However, that knowledge is based off a BIOS message and a non-working fingerprint reader.

I don't really care about the fingerprint reader, just wanted to test the hardware. Other people might though.

@ericonr
Copy link
Member Author

ericonr commented Feb 26, 2021

The whole thing looks rather sketchy, so I'm pending towards leaving it disabled, but at the same time it seems most distros are enabling it.

FWIW, I think you'd need to have drivers using SGX first for it to make a difference, which is not happening yet.

@ericonr ericonr force-pushed the linux5.11 branch 5 times, most recently from 80d64f4 to fc3da37 Compare February 26, 2021 04:39
@ericonr
New package: linux5.11-5.11.1.
17d8aa6 
Switch to using 5.11 tarball + minor version patch. Allows the tarball
to be shared across updates.

Remove the DocBook makefile stuff. It's been carried over since kernel
4.13 (was introduced in ef67cec),
probably to allow building DKMS modules which depended on it. DKMS
modules which build cleanly on 5.11 will definitely have been updated to
not depend on that Makefile, so remove it.

We are not enabling SGX for Intel due to it being mostly useless for now
and looking generally sketchy. There's also no literature we could find
supporting it not affecting overall system security, but literature
pointing out the opposite definitely does:

- https://arxiv.org/pdf/1702.08719.pdf "Using SGX to Conceal Cache Attacks"

memory poisoning patch necessary for ppc hasn't been rebased yet, so
remove those targets from archs.
@ericonr ericonr merged commit e719fb5 into void-linux:master Feb 26, 2021
@ericonr ericonr deleted the linux5.11 branch February 26, 2021 04:45
@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 27, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ericonr @eli-schwartz @toluschr