New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
linux: 4.14.8 -> 4.14.9 #33049
linux: 4.14.8 -> 4.14.9 #33049
Conversation
Successfully rebuild it on aarch64, device boots fine. |
@@ -243,7 +243,7 @@ stdenv.mkDerivation ((drvAttrs config stdenv.platform (kernelPatches ++ nativeKe | |||
|
|||
nativeBuildInputs = [ perl bc nettools openssl gmp libmpc mpfr ] | |||
++ optional (stdenv.platform.kernelTarget == "uImage") ubootTools | |||
++ optional (stdenv.lib.versionAtLeast version "4.15") libelf | |||
++ optional (stdenv.lib.versionAtLeast version "4.14") libelf |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why do you change this?
Due to changes in the way stacktraces are produced on x86_64.
From the changelog on stable@vger.kernel.org:
```
Josh Poimboeuf (12):
objtool: Don't report end of section error after an empty unwind hint
x86/head: Remove confusing comment
x86/head: Remove unused 'bad_address' code
x86/head: Fix head ELF function annotations
x86/boot: Annotate verify_cpu() as a callable function
x86/xen: Fix xen head ELF annotations
x86/xen: Add unwind hint annotations
x86/head: Add unwind hint annotations
x86/unwind: Rename unwinder config options to 'CONFIG_UNWINDER_*'
x86/unwind: Make CONFIG_UNWINDER_ORC=y the default in kconfig for 64-bit
x86/asm: Don't use the confusing '.ifeq' directive
x86/unwinder: Handle stack overflows more gracefully
```
Those changes seem to be backports from the 4.15 development. I can
dig deeper if you need more details.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/cc @NeQuissimus
Besides fixes for the recent BPF issues there is also a patch included that fixes booting on aarch64 (e.g. RPi3) ;-)
(Reversed spurious addition of |
BTW, this fixes CVE-2017-16996. |
(cherry picked from commit 68bcfb3) Fixes CVE-2017-16996.
This broke I'm inclined to revert this until the next minor release. |
4.14.10 is already in review phase. Deadline to report regression (since .9) is today 16:45 UTC. Best practice should be to test all the out-of-tree (potentially lacking behind) kernel modules before bumping the release? I would strictly advice against reverting this as it also fixes some security issues and reverting those fixes would send a pretty neat message. Anyway: In which way did they break? Do you have some output? Those should be fixed if possible. It most likely is due to back ports from 4.15. |
I think most of the build breakage just needs to be solved in nixpkgs by e.g. #33166 |
Motivation for this change
Besides fixes for the recent BPF issues there is also a patch included
that fixes booting on aarch64 (e.g. RPi3) ;-)
Things done
build-use-sandbox
innix.conf
on non-NixOS)nix-shell -p nox --run "nox-review wip"
./result/bin/
)