Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / 1e963fe8bdf4eb368b66717bafd640c7f17528d6^! / .
commit1e963fe8bdf4eb368b66717bafd640c7f17528d6[log] [tgz]
authorLorenz Brun <lorenz@monogon.tech>Wed Aug 09 18:24:02 2023 +0200
committerLorenz Brun <lorenz@monogon.tech>Wed Aug 09 21:01:36 2023 +0000
treee6f40f9ee469f824bd3f9bfceae3c6074f95990b
parent6eb3fb31f0d1385e96652b6bee043bd9c5f6a577 [diff]
t/linux: update to 5.15.125

This kernel contains additional handling and workarounds for Gather Data
Sampling aka Downfall (CVE-2022-40982) on Intel CPUs,
Inception (CVE-2023-20569) and Phantom (CVE-2022-23825) on AMD CPUs.

Performant workarounds for these issues also requires updated microcode
for both CPU vendors. Microcode for Intel has already been updated,
AMD's is not merged in linux-firmware yet.

Change-Id: I441c8c7b39a8eec0c42d1aac0375d0d15ec1703d
Reviewed-on: https://review.monogon.dev/c/monogon/+/2048
Reviewed-by: Leopold Schabel <leo@monogon.tech>
Tested-by: Jenkins CI

diff --git a/WORKSPACE b/WORKSPACE
index 265044a..2116738 100644
--- a/WORKSPACE
+++ b/WORKSPACE

@@ -133,7 +133,7 @@
 
 linux_external(
     name = "linux",
-    version = "5.15.122",
+    version = "5.15.125",
 )
 
 load("//third_party/linux-firmware:external.bzl", "linux_firmware_external")

diff --git a/third_party/linux/external.bzl b/third_party/linux/external.bzl
index ad4ec4c..ac66a3e 100644
--- a/third_party/linux/external.bzl
+++ b/third_party/linux/external.bzl

@@ -25,6 +25,7 @@
         "5.15.32": "1463cdfa223088610dd65d3eadeffa44ec49746091b8ae8ddac6f3070d17df86",
         "5.15.104": "71c532ce09992e470f3259ffeb38d2b5bba990c243a559e4726a57412bd36b54",
         "5.15.122": "38755801cd1ce229a8c0a0536d29aa37acea8a8aa13fa438e19fbf9d6293342d",
+        "5.15.125": "150f3846b76cd23a6135f49cef71372bade5a06e851cb4f8558df8b862d8fec7",
     }
     http_archive(
         name = name,