From 43f50666482812dd316367fd97ff781f4ef096be Mon Sep 17 00:00:00 2001 From: Richard Kelly Date: Fri, 20 Dec 2024 00:51:46 +0000 Subject: [PATCH 1/2] kernel-5.10: update to 5.10.230 Rebase to Amazon Linux upstream version 5.10.230-223.885.amzn2. Signed-off-by: Richard Kelly --- packages/kernel-5.10/Cargo.toml | 4 ++-- packages/kernel-5.10/kernel-5.10.spec | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/packages/kernel-5.10/Cargo.toml b/packages/kernel-5.10/Cargo.toml index 9cca3978..df3ca7fe 100644 --- a/packages/kernel-5.10/Cargo.toml +++ b/packages/kernel-5.10/Cargo.toml @@ -13,8 +13,8 @@ path = "../packages.rs" [[package.metadata.build-package.external-files]] # Use latest-kernel-srpm-url.sh to get this. -url = "https://cdn.amazonlinux.com/blobstore/0af5f80d00a3d5a867d4959d74751bc7d24b1bcb0ab8a5de558ae301ae0fa52e/kernel-5.10.228-219.884.amzn2.src.rpm" -sha512 = "124c6d662c48dc4cb8caf035e9ee44c9c47bc5e19141c319b94abc441dce4e2afa24e30b9c0196665aa267b6ef85004153b3f5cddfe9191c2c8927ddb4175fbd" +url = "https://cdn.amazonlinux.com/blobstore/0882910cd8b755b83ca76915856c240798bb0c0eefa651896eb34015b6577bea/kernel-5.10.230-223.885.amzn2.src.rpm" +sha512 = "f03f0b2aafaadc592dd571829fb5a0b0c36739e92afad6c134061ebf4b68df8ed89b369f553927fb72d08a4ed35d0b7f4a72951be3df894865ecb0908378bc0b" force-upstream = true [[package.metadata.build-package.external-files]] diff --git a/packages/kernel-5.10/kernel-5.10.spec b/packages/kernel-5.10/kernel-5.10.spec index ed9b3f02..f9b4c1b5 100644 --- a/packages/kernel-5.10/kernel-5.10.spec +++ b/packages/kernel-5.10/kernel-5.10.spec @@ -1,13 +1,13 @@ %global debug_package %{nil} Name: %{_cross_os}kernel-5.10 -Version: 5.10.228 +Version: 5.10.230 Release: 1%{?dist} Summary: The Linux kernel License: GPL-2.0 WITH Linux-syscall-note URL: https://www.kernel.org/ # Use latest-kernel-srpm-url.sh to get this. -Source0: https://cdn.amazonlinux.com/blobstore/0af5f80d00a3d5a867d4959d74751bc7d24b1bcb0ab8a5de558ae301ae0fa52e/kernel-5.10.228-219.884.amzn2.src.rpm +Source0: https://cdn.amazonlinux.com/blobstore/0882910cd8b755b83ca76915856c240798bb0c0eefa651896eb34015b6577bea/kernel-5.10.230-223.885.amzn2.src.rpm Source1: gpgkey-99E617FE5DB527C0D8BD5F8E11CF1F95C87F5B1A.asc # Use latest-neuron-srpm-url.sh to get this. Source2: https://yum.repos.neuron.amazonaws.com/aws-neuronx-dkms-2.18.12.0.noarch.rpm From 3033a30181fd74d5bfc1c6f26c8dc188b71250ce Mon Sep 17 00:00:00 2001 From: Richard Kelly Date: Fri, 20 Dec 2024 00:51:24 +0000 Subject: [PATCH 2/2] kernel-5.15: update to 5.15.173 Rebase to Amazon Linux upstream version 5.15.173-118.169.amzn2. Remove netfilter typo patch as AL's latest 5.15 kernel includes it in the tree https://github.com/amazonlinux/linux/commit/90baa455aa7e099152898cfa5eb3928d6152da12 Signed-off-by: Richard Kelly --- ...s-fix-typo-causing-some-targets-not-.patch | 79 ------------------- packages/kernel-5.15/Cargo.toml | 4 +- packages/kernel-5.15/kernel-5.15.spec | 7 +- 3 files changed, 4 insertions(+), 86 deletions(-) delete mode 100644 packages/kernel-5.15/1100-netfilter-xtables-fix-typo-causing-some-targets-not-.patch diff --git a/packages/kernel-5.15/1100-netfilter-xtables-fix-typo-causing-some-targets-not-.patch b/packages/kernel-5.15/1100-netfilter-xtables-fix-typo-causing-some-targets-not-.patch deleted file mode 100644 index 273bd93d..00000000 --- a/packages/kernel-5.15/1100-netfilter-xtables-fix-typo-causing-some-targets-not-.patch +++ /dev/null @@ -1,79 +0,0 @@ -From 02d6d4a741619b0bc8f29705d0f59aac596a9bf6 Mon Sep 17 00:00:00 2001 -From: Greg Kroah-Hartman -Date: Mon, 28 Oct 2024 07:25:38 +0100 -Subject: [PATCH 49/79] netfilter: xtables: fix typo causing some targets not - to load on IPv6 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -5.15-stable review patch. If anyone has any objections, please let me know. - ------------------- - -From: Pablo Neira Ayuso - -[ Upstream commit 306ed1728e8438caed30332e1ab46b28c25fe3d8 ] - -- There is no NFPROTO_IPV6 family for mark and NFLOG. -- TRACE is also missing module autoload with NFPROTO_IPV6. - -This results in ip6tables failing to restore a ruleset. This issue has been -reported by several users providing incomplete patches. - -Very similar to Ilya Katsnelson's patch including a missing chunk in the -TRACE extension. - -Fixes: 0bfcb7b71e73 ("netfilter: xtables: avoid NFPROTO_UNSPEC where needed") -Reported-by: Ignat Korchagin -Reported-by: Ilya Katsnelson -Reported-by: Krzysztof Olędzki -Signed-off-by: Pablo Neira Ayuso -Signed-off-by: Sasha Levin ---- - net/netfilter/xt_NFLOG.c | 2 +- - net/netfilter/xt_TRACE.c | 1 + - net/netfilter/xt_mark.c | 2 +- - 3 files changed, 3 insertions(+), 2 deletions(-) - -diff --git a/net/netfilter/xt_NFLOG.c b/net/netfilter/xt_NFLOG.c -index d80abd6cc..6dcf4bc7e 100644 ---- a/net/netfilter/xt_NFLOG.c -+++ b/net/netfilter/xt_NFLOG.c -@@ -79,7 +79,7 @@ static struct xt_target nflog_tg_reg[] __read_mostly = { - { - .name = "NFLOG", - .revision = 0, -- .family = NFPROTO_IPV4, -+ .family = NFPROTO_IPV6, - .checkentry = nflog_tg_check, - .destroy = nflog_tg_destroy, - .target = nflog_tg, -diff --git a/net/netfilter/xt_TRACE.c b/net/netfilter/xt_TRACE.c -index f3fa4f113..a642ff09f 100644 ---- a/net/netfilter/xt_TRACE.c -+++ b/net/netfilter/xt_TRACE.c -@@ -49,6 +49,7 @@ static struct xt_target trace_tg_reg[] __read_mostly = { - .target = trace_tg, - .checkentry = trace_tg_check, - .destroy = trace_tg_destroy, -+ .me = THIS_MODULE, - }, - #endif - }; -diff --git a/net/netfilter/xt_mark.c b/net/netfilter/xt_mark.c -index f76fe04fc..65b965ca4 100644 ---- a/net/netfilter/xt_mark.c -+++ b/net/netfilter/xt_mark.c -@@ -62,7 +62,7 @@ static struct xt_target mark_tg_reg[] __read_mostly = { - { - .name = "MARK", - .revision = 2, -- .family = NFPROTO_IPV4, -+ .family = NFPROTO_IPV6, - .target = mark_tg, - .targetsize = sizeof(struct xt_mark_tginfo2), - .me = THIS_MODULE, --- -2.45.0 - diff --git a/packages/kernel-5.15/Cargo.toml b/packages/kernel-5.15/Cargo.toml index 3a217744..09437705 100644 --- a/packages/kernel-5.15/Cargo.toml +++ b/packages/kernel-5.15/Cargo.toml @@ -13,8 +13,8 @@ path = "../packages.rs" [[package.metadata.build-package.external-files]] # Use latest-kernel-srpm-url.sh to get this. -url = "https://cdn.amazonlinux.com/blobstore/9cea3dae03703f3c4c78fcb1302eeee5fe4c07ebf53d783cf3aaf7e4f30a6d39/kernel-5.15.168-114.166.amzn2.src.rpm" -sha512 = "5b0b0e2640bb04d4868b8820781029d8148c7939802c1b4edcf580533848afe70f7c6372e6e2306dfc017d2b32120a446ada15b105f7b2fe766b9382f83937d3" +url = "https://cdn.amazonlinux.com/blobstore/35e2e2432267615ca5cbe519eb781747524fdbb903d8c4dd0e231d38561a21be/kernel-5.15.173-118.169.amzn2.src.rpm" +sha512 = "7f67e93f2c9232da790b24ab406988c97bf56b0967df9784d9472799c14393eba87965b5388b164314e3032d4d7c9236fd68ff7c511bd267cff791db3416febf" force-upstream = true [[package.metadata.build-package.external-files]] diff --git a/packages/kernel-5.15/kernel-5.15.spec b/packages/kernel-5.15/kernel-5.15.spec index 18490a6c..41660da8 100644 --- a/packages/kernel-5.15/kernel-5.15.spec +++ b/packages/kernel-5.15/kernel-5.15.spec @@ -1,13 +1,13 @@ %global debug_package %{nil} Name: %{_cross_os}kernel-5.15 -Version: 5.15.168 +Version: 5.15.173 Release: 1%{?dist} Summary: The Linux kernel License: GPL-2.0 WITH Linux-syscall-note URL: https://www.kernel.org/ # Use latest-kernel-srpm-url.sh to get this. -Source0: https://cdn.amazonlinux.com/blobstore/9cea3dae03703f3c4c78fcb1302eeee5fe4c07ebf53d783cf3aaf7e4f30a6d39/kernel-5.15.168-114.166.amzn2.src.rpm +Source0: https://cdn.amazonlinux.com/blobstore/35e2e2432267615ca5cbe519eb781747524fdbb903d8c4dd0e231d38561a21be/kernel-5.15.173-118.169.amzn2.src.rpm Source1: gpgkey-99E617FE5DB527C0D8BD5F8E11CF1F95C87F5B1A.asc # Use latest-neuron-srpm-url.sh to get this. Source2: https://yum.repos.neuron.amazonaws.com/aws-neuronx-dkms-2.18.12.0.noarch.rpm @@ -27,9 +27,6 @@ Patch1003: 1003-initramfs-unlink-INITRAMFS_FORCE-from-CMDLINE_-EXTEN.patch # Increase default of sysctl net.unix.max_dgram_qlen to 512. Patch1004: 1004-af_unix-increase-default-max_dgram_qlen-to-512.patch -# Fix typo that breaks IPv6 via ip6tables commands -Patch1100: 1100-netfilter-xtables-fix-typo-causing-some-targets-not-.patch - BuildRequires: bc BuildRequires: elfutils-devel BuildRequires: hostname