Merge pull request #10468 from fidencio/topic/early-tests-on-next-lts-kernel

versions: Move kernel to the latest 6.12 release (the current LTS)
2025-08-12 05:12:37 +00:00 · 2025-01-07 18:02:04 +01:00 · 2025-01-07 18:02:04 +01:00 · f4a39e8c40
commit f4a39e8c40
parent bd56891f84 9aea7456fb
14 changed files with 25 additions and 13 deletions
--- a/tests/integration/kubernetes/k8s-empty-dirs.bats
+++ b/tests/integration/kubernetes/k8s-empty-dirs.bats
@ -45,6 +45,8 @@ setup() {
 }
@test "Empty dir volume when FSGroup is specified with non-root container" {
 	skip "See: https://github.com/kata-containers/kata-containers/issues/10706"
 	# This is a reproducer of k8s e2e "[sig-storage] EmptyDir volumes when FSGroup is specified [LinuxOnly] [NodeFeature:FSGroup] new files should be created with FSGroup ownership when container is non-root" test
 	pod_file="${pod_config_dir}/pod-empty-dir-fsgroup.yaml"
 	agnhost_name="${container_images_agnhost_name}"
--- a/tests/integration/kubernetes/runtimeclass_workloads/pod-oom.yaml
+++ b/tests/integration/kubernetes/runtimeclass_workloads/pod-oom.yaml
@ -16,7 +16,7 @@ spec:
      imagePullPolicy: IfNotPresent
      name: oom-test
      command: ["/bin/sh"]
-      args: ["-c", "sleep 2; stress --vm 2 --vm-bytes 400M --timeout 30s"]
+      args: ["-c", "sleep 2; stress --vm 2 --vm-bytes 500M --timeout 30s"]
      resources:
        limits:
          memory: 500Mi
--- a/tools/packaging/kernel/configs/fragments/arm64/base.conf
+++ b/tools/packaging/kernel/configs/fragments/arm64/base.conf
@ -42,9 +42,6 @@ CONFIG_ARM64_RAS_EXTN=y
 #
 # ARMv8.5 architectural features
 #
 CONFIG_ARCH_RANDOM=y
 CONFIG_RANDOM_TRUST_CPU=y
 CONFIG_NO_HZ_FULL=y
 CONFIG_GENERIC_MSI_IRQ_DOMAIN=y
 CONFIG_RANDOMIZE_BASE=y
--- a/tools/packaging/kernel/configs/fragments/common/cgroup.conf
+++ b/tools/packaging/kernel/configs/fragments/common/cgroup.conf
@ -2,6 +2,7 @@
 # also used/looked for by systemd rootfs.
 CONFIG_CGROUPS=y
 CONFIG_MEMCG=y
 CONFIG_MEMCG_V1=y
 CONFIG_BLK_CGROUP=y
 CONFIG_CGROUP_WRITEBACK=y
 CONFIG_CGROUP_SCHED=y
@ -10,6 +11,7 @@ CONFIG_CFS_BANDWIDTH=y
 CONFIG_CGROUP_PIDS=y
 CONFIG_CGROUP_FREEZER=y
 CONFIG_CPUSETS=y
 CONFIG_CPUSETS_V1=y
 CONFIG_CGROUP_DEVICE=y
 CONFIG_CGROUP_CPUACCT=y
 CONFIG_CGROUP_HUGETLB=y
--- a/tools/packaging/kernel/configs/fragments/s390/base.conf
+++ b/tools/packaging/kernel/configs/fragments/s390/base.conf
@ -7,8 +7,6 @@ CONFIG_S390_UV_UAPI=y
 CONFIG_CCW=y
 # Select default KVM options from arch/s390/kvm/Kconfig
 CONFIG_VIRTUALIZATION=y
 CONFIG_HAVE_KVM=y
 CONFIG_KVM=y
 CONFIG_MODULES=y
 CONFIG_MODULE_SIG=y
--- a/tools/packaging/kernel/configs/fragments/s390/secure-execution.conf
+++ b/tools/packaging/kernel/configs/fragments/s390/secure-execution.conf
@ -1,3 +0,0 @@
 # IBM Secure Execution (Protected Virtualization in kernel)
 CONFIG_PROTECTED_VIRTUALIZATION_GUEST=y
--- a/tools/packaging/kernel/configs/fragments/s390/vfio-ap.conf
+++ b/tools/packaging/kernel/configs/fragments/s390/vfio-ap.conf
@ -1,5 +1,7 @@
 # see https://www.kernel.org/doc/html/latest/s390/vfio-ap.html for more information
 # Support for Adjunct Processors (ap)
 CONFIG_AP=y
 # VFIO support for AP devices
 CONFIG_VFIO_AP=y
 CONFIG_VFIO_IOMMU_TYPE1=y
--- a/tools/packaging/kernel/configs/fragments/whitelist.conf
+++ b/tools/packaging/kernel/configs/fragments/whitelist.conf
@ -1,12 +1,14 @@
 # configuration options which may dropped in newer kernels
 # without generating an error in fragment merging
 CONFIG_ARCH_RANDOM
 CONFIG_RANDOM_TRUST_CPU
 CONFIG_ARM64_CRYPTO
 CONFIG_AUTOFS4_FS
 CONFIG_GENERIC_MSI_IRQ_DOMAIN
 CONFIG_IP_NF_TARGET_CLUSTERIP
 CONFIG_PCI_MSI_IRQ_DOMAIN
 CONFIG_CLK_LGM_CGU
 CONFIG_MEMCG_SWAP
 CONFIG_NET_SCH_CBQ
 CONFIG_NF_NAT_IPV4
 CONFIG_NF_NAT_NEEDED
@ -29,3 +31,12 @@ CONFIG_VIRTIO_IOMMU
 CONFIG_CRYPTO_ECDSA
 CONFIG_TN3270_TTY
 CONFIG_S390_AP_IOMMU
 CONFIG_CPU_MITIGATIONS
 CONFIG_RETPOLINE
 CONFIG_MITIGATION_RETPOLINE
 CONFIG_PAGE_TABLE_ISOLATION
 CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
 CONFIG_VFIO_AP
 CONFIG_VFIO_MDEV
 CONFIG_CPUSETS_V1
 CONFIG_MEMCG_V1
--- a/tools/packaging/kernel/configs/fragments/x86_64/acpi.conf
+++ b/tools/packaging/kernel/configs/fragments/x86_64/acpi.conf
@ -6,7 +6,7 @@ CONFIG_X86_MPPARSE=y
 CONFIG_ACPI_CPU_FREQ_PSS=y
 CONFIG_ACPI_HOTPLUG_IOAPIC=y
-CONFIG_ACPI_LEGACY_TABLES_LOOKUP
+CONFIG_ACPI_LEGACY_TABLES_LOOKUP=y
 CONFIG_ACPI_LPIT=y
 CONFIG_ARCH_MIGHT_HAVE_ACPI_PDC=y
 CONFIG_ACPI_PROCESSOR_CSTATE=y
--- a/tools/packaging/kernel/configs/fragments/x86_64/base.conf
+++ b/tools/packaging/kernel/configs/fragments/x86_64/base.conf
@ -14,9 +14,11 @@ CONFIG_PARAVIRT=y
 CONFIG_NR_CPUS=240
 # For security
 CONFIG_CPU_MITIGATIONS=y
 CONFIG_LEGACY_VSYSCALL_NONE=y
 CONFIG_SPECULATION_MITIGATIONS=y
 CONFIG_RETPOLINE=y
 CONFIG_MITIGATION_RETPOLINE=y
 # Boot directly into the uncompressed kernel
 # Reduce memory footprint
--- a/tools/packaging/kernel/configs/fragments/x86_64/mmu.conf
+++ b/tools/packaging/kernel/configs/fragments/x86_64/mmu.conf
@ -2,3 +2,4 @@
 # Remove the kernel mapping from the user space - security improvement.
 CONFIG_PAGE_TABLE_ISOLATION=y
 CONFIG_MITIGATION_PAGE_TABLE_ISOLATION=y
--- a/tools/packaging/kernel/kata_config_version
+++ b/tools/packaging/kernel/kata_config_version
@ -1 +1 @@
-141
+142
--- a/tools/packaging/kernel/patches/6.12.x/no_patches.txt
+++ b/tools/packaging/kernel/patches/6.12.x/no_patches.txt
--- a/versions.yaml
+++ b/versions.yaml
@ -194,11 +194,11 @@ assets:
  kernel:
    description: "Linux kernel optimised for virtual machines"
    url: "https://cdn.kernel.org/pub/linux/kernel/v6.x/"
-    version: "v6.1.62"
+    version: "v6.12.8"
    confidential:
      description: "Linux kernel with x86_64 TEEs (SEV, SNP, and TDX) support"
      url: "https://cdn.kernel.org/pub/linux/kernel/v6.x/"
-      version: "v6.7"
+      version: "v6.12.8"
  kernel-arm-experimental:
    description: "Linux kernel with cpu/mem hotplug support on arm64"
		`@ -1,3 +0,0 @@`
			`# IBM Secure Execution (Protected Virtualization in kernel)`

			`CONFIG_PROTECTED_VIRTUALIZATION_GUEST=y`