| commit | 78a538df4c1112bad6bee08509385af8d0ecc77a | [log] [tgz] |
|---|---|---|
| author | Lorenz Brun <lorenz@monogon.tech> | Tue Jul 25 21:39:04 2023 +0200 |
| committer | Lorenz Brun <lorenz@monogon.tech> | Wed Jul 26 12:39:17 2023 +0000 |
| tree | 7c0c3d44f2334a2305242f768322f36a175434a9 | |
| parent | 90613afdf11f7831fc0a673f2fe502c28ab93729 [diff] |
t/{linux,-firmware}: fix Zenbleed (CVE-2023-20593)
This fixes the Zenbleed vulnerability by including the latest fixed
microcode from linux-firmware. They don't do proper release management
but just tag a date approximately every month to keep distros happy.
Thus we need to use a master commit to get the fixes now.
Also update Linux to 5.15.122 to make sure that we know in case the
microcode fix somehow didn't get applied.
Change-Id: I5e26826e6df0f665e1a23efe8587dfb93edb2d94
Reviewed-on: https://review.monogon.dev/c/monogon/+/1974
Reviewed-by: Leopold Schabel <leo@monogon.tech>
Tested-by: Jenkins CI
This is the main repository containing the source code for the Monogon Platform.
This is pre-release software - take a look, and check back later!
Our build environment is self-contained and requires only minimal host dependencies:
/dev/kvm (if you want to run tests).Our docs assume that Bazelisk is available as bazel on your PATH.
Refer to SETUP.md for detailed instructions.
Build CLI and node image:
bazel build //metropolis/cli/dbg //:launch -c dbg
Launch an ephemeral test node:
bazel test //:launch -c dbg --test_output=streamed
Run a kubectl command while the test is running:
bazel-bin/metropolis/cli/dbg/dbg_/dbg kubectl describe node
Run full test suite:
bazel test -c dbg //...