penguin/monok8s
SHA256
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Upgrade ASK kernel base to Linux 6.18.30

Browse Source 
Move the custom ASK/NXP kernel build from lf-6.18.2-1.0.0 toward
the upstream stable 6.18.y baseline, currently 6.18.30.

This pulls in upstream stable fixes, including the BPF verifier fix needed
by Cilium. The previous 6.18.2-based kernel triggered:

  verifier bug: REG INVARIANTS VIOLATION (false_reg1)
  reg_bounds_sanity_check()
  bpf_prog_load()
  cilium-agent

The issue is no longer reproduced on 6.18.30 after fresh boot:
Cilium 1.19.2 reports healthy, BPF datapath is active, all controllers are
healthy, cluster health is reachable, and dmesg no longer shows the verifier
warning.

Refresh affected ASK upstream patch splits:
- add bridge br_input patch
- refresh xfrm policy/state patches
- update package/kernel build inputs for 6.18.30
This commit is contained in:
斟酌 鵬兄
2026-05-16 03:38:21 +08:00
parent 3324412142
commit a2e5c2aa7a
7 changed files with 75 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files
patches/ask/upstream/kernel/0136-net__xfrm__xfrm_policy.c.patch
+6 -6
View File
@@ -1,5 +1,5 @@
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index 62486f8..3cbe4f8 100644
index 29c94ee..f9c222f 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -48,6 +48,11 @@
@@ -86,7 +86,7 @@ index 62486f8..3cbe4f8 100644
ok:
xfrm_pols_put(pols, drop_pols);
if (dst->xfrm &&
@@ -3853,6 +3909,34 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb,
@@ -3859,6 +3915,34 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb,
goto reject;
}
@@ -118,10 +118,10 @@ index 62486f8..3cbe4f8 100644
+#endif
+#endif
+
out:
xfrm_pols_put(pols, npols);
sp->verified_cnt = k;
@@ -4328,6 +4412,14 @@ static int __net_init xfrm_net_init(struct net *net)
@@ -4339,6 +4423,14 @@ static int __net_init xfrm_net_init(struct net *net)
if (rv < 0)
goto out_sysctl;
@@ -136,7 +136,7 @@ index 62486f8..3cbe4f8 100644
rv = xfrm_nat_keepalive_net_init(net);
if (rv < 0)
goto out_nat_keepalive;
@@ -4335,6 +4427,12 @@ static int __net_init xfrm_net_init(struct net *net)
@@ -4346,6 +4438,12 @@ static int __net_init xfrm_net_init(struct net *net)
return 0;
out_nat_keepalive:
@@ -149,7 +149,7 @@ index 62486f8..3cbe4f8 100644
xfrm_sysctl_fini(net);
out_sysctl:
xfrm_policy_fini(net);
@@ -4349,6 +4447,11 @@ out_statistics:
@@ -4360,6 +4458,11 @@ out_statistics:
static void __net_exit xfrm_net_exit(struct net *net)
{
xfrm_nat_keepalive_net_fini(net);