From 0d9d8d63ead2856578a4104bd52e5e6899d1e895 Mon Sep 17 00:00:00 2001
From: Ryan Savino <ryan.savino@amd.com>
Date: Wed, 10 Aug 2022 13:31:41 -0500
Subject: [PATCH] kernel: upgrade guest kernel support to 5.19.2

kernel: Upgrade guest kernel support to 5.19.2

Let's update to the latest 5.19.x released kernel.

CONFIG modifications necessary:
fragments/common/dax.conf - CONFIG_DEV_PAGEMAP_OPS no longer configurable:
https://www.kernelconfig.io/CONFIG_DEV_PAGEMAP_OPS?q=CONFIG_DEV_PAGEMAP_OPS&kernelversion=5.19.2
fragments/common/dax.conf - CONFIG_ND_BLK no longer supported:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f8669f1d6a86a6b17104ceca9340ded280307ac1
fragments/x86_64/base.conf - CONFIG_SPECULATION_MITIGATIONS is a dependency for CONFIG_RETPOLINE:
https://www.kernelconfig.io/config_retpoline?q=&kernelversion=5.19.2
fragments/s390/network.conf - removed from kernel since 5.9.9:
https://www.kernelconfig.io/CONFIG_PACK_STACK?q=CONFIG_PACK_STACK&kernelversion=5.19.2

Updated vmlinux path in build-kernel.sh for arch s390

Fixes #4860

Signed-Off-By: Ryan Savino <ryan.savino@amd.com>
---
 snap/snapcraft.yaml                                        | 2 +-
 tools/packaging/kernel/build-kernel.sh                     | 2 +-
 tools/packaging/kernel/configs/fragments/common/dax.conf   | 2 --
 tools/packaging/kernel/configs/fragments/s390/network.conf | 2 --
 tools/packaging/kernel/configs/fragments/x86_64/base.conf  | 1 +
 tools/packaging/kernel/patches/5.19.x/no_patches.txt       | 0
 versions.yaml                                              | 2 +-
 7 files changed, 4 insertions(+), 7 deletions(-)
 delete mode 100644 tools/packaging/kernel/configs/fragments/s390/network.conf
 create mode 100644 tools/packaging/kernel/patches/5.19.x/no_patches.txt

diff --git a/snap/snapcraft.yaml b/snap/snapcraft.yaml
index b46275508..b6ac1338d 100644
--- a/snap/snapcraft.yaml
+++ b/snap/snapcraft.yaml
@@ -206,7 +206,7 @@ parts:
 
       # Install raw kernel
       vmlinux_path="vmlinux"
-      [ "${arch}" = "s390x" ] && vmlinux_path="arch/s390/boot/compressed/vmlinux"
+      [ "${arch}" = "s390x" ] && vmlinux_path="arch/s390/boot/vmlinux"
       vmlinux_name="vmlinux-${kernel_suffix}"
       cp "${vmlinux_path}" "${kata_kernel_dir}/${vmlinux_name}"
       ln -sf "${vmlinux_name}" "${kata_kernel_dir}/vmlinux.container"
diff --git a/tools/packaging/kernel/build-kernel.sh b/tools/packaging/kernel/build-kernel.sh
index 837dfd67a..81865250d 100755
--- a/tools/packaging/kernel/build-kernel.sh
+++ b/tools/packaging/kernel/build-kernel.sh
@@ -456,7 +456,7 @@ install_kata() {
 	if [ "${arch_target}" = "arm64" ]; then
 		install --mode 0644 -D "arch/${arch_target}/boot/Image" "${install_path}/${vmlinux}"
 	elif [ "${arch_target}" = "s390" ]; then
-		install --mode 0644 -D "arch/${arch_target}/boot/compressed/vmlinux" "${install_path}/${vmlinux}"
+		install --mode 0644 -D "arch/${arch_target}/boot/vmlinux" "${install_path}/${vmlinux}"
 	else
 		install --mode 0644 -D "vmlinux" "${install_path}/${vmlinux}"
 	fi
diff --git a/tools/packaging/kernel/configs/fragments/common/dax.conf b/tools/packaging/kernel/configs/fragments/common/dax.conf
index 6c48de444..ff747ae17 100644
--- a/tools/packaging/kernel/configs/fragments/common/dax.conf
+++ b/tools/packaging/kernel/configs/fragments/common/dax.conf
@@ -12,7 +12,6 @@ CONFIG_SPARSEMEM_VMEMMAP=y
 # Without these the pmem_should_map_pages() call in the kernel fails with new
 # Related to the ARCH_HAS_HMM set in the arch files.
 CONFIG_ZONE_DEVICE=y
-CONFIG_DEV_PAGEMAP_OPS=y
 
 CONFIG_ND_PFN=y
 CONFIG_NVDIMM_PFN=y
@@ -23,7 +22,6 @@ CONFIG_BLK_DEV=y
 CONFIG_BLK_DEV_PMEM=y
 CONFIG_BLK_DEV_RAM=y
 CONFIG_LIBNVDIMM=y
-CONFIG_ND_BLK=y
 CONFIG_BTT=y
 # FIXME: Should check if this is really needed
 # https://github.com/kata-containers/packaging/issues/483
diff --git a/tools/packaging/kernel/configs/fragments/s390/network.conf b/tools/packaging/kernel/configs/fragments/s390/network.conf
deleted file mode 100644
index f3f159705..000000000
--- a/tools/packaging/kernel/configs/fragments/s390/network.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-# Options needed by HAVE_EBPF_JIT
-CONFIG_PACK_STACK=y
diff --git a/tools/packaging/kernel/configs/fragments/x86_64/base.conf b/tools/packaging/kernel/configs/fragments/x86_64/base.conf
index 3734b51bd..b26a78831 100644
--- a/tools/packaging/kernel/configs/fragments/x86_64/base.conf
+++ b/tools/packaging/kernel/configs/fragments/x86_64/base.conf
@@ -15,6 +15,7 @@ CONFIG_NR_CPUS=240
 
 # For security
 CONFIG_LEGACY_VSYSCALL_NONE=y
+CONFIG_SPECULATION_MITIGATIONS=y
 CONFIG_RETPOLINE=y
 
 # Boot directly into the uncompressed kernel
diff --git a/tools/packaging/kernel/patches/5.19.x/no_patches.txt b/tools/packaging/kernel/patches/5.19.x/no_patches.txt
new file mode 100644
index 000000000..e69de29bb
diff --git a/versions.yaml b/versions.yaml
index eb6753293..53bd0ae54 100644
--- a/versions.yaml
+++ b/versions.yaml
@@ -153,7 +153,7 @@ assets:
   kernel:
     description: "Linux kernel optimised for virtual machines"
     url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/"
-    version: "v5.15.48"
+    version: "v5.19.2"
     tdx:
       description: "Linux kernel that supports TDX"
       url: "https://github.com/intel/linux-kernel-dcp/archive/refs/tags"