Uprev kernel to fix CVE-2024-41007
- Also add back intel pstate patch, for b/354788532
```
(prodadmin@gmec-bjc201)-(7)-(09:56pm)-(~)-$ ls /sys/devices/system/cpu/cpufreq/
policy0 policy106 policy114 policy122 policy16 policy24 policy32 policy40 policy49 policy57 policy65 policy73 policy81 policy9 policy98
policy1 policy107 policy115 policy123 policy17 policy25 policy33 policy41 policy5 policy58 policy66 policy74 policy82 policy90 policy99
policy10 policy108 policy116 policy124 policy18 policy26 policy34 policy42 policy50 policy59 policy67 policy75 policy83 policy91
policy100 policy109 policy117 policy125 policy19 policy27 policy35 policy43 policy51 policy6 policy68 policy76 policy84 policy92
policy101 policy11 policy118 policy126 policy2 policy28 policy36 policy44 policy52 policy60 policy69 policy77 policy85 policy93
policy102 policy110 policy119 policy127 policy20 policy29 policy37 policy45 policy53 policy61 policy7 policy78 policy86 policy94
policy103 policy111 policy12 policy13 policy21 policy3 policy38 policy46 policy54 policy62 policy70 policy79 policy87 policy95
policy104 policy112 policy120 policy14 policy22 policy30 policy39 policy47 policy55 policy63 policy71 policy8 policy88 policy96
policy105 policy113 policy121 policy15 policy23 policy31 policy4 policy48 policy56 policy64 policy72 policy80 policy89 policy97
```
BUG=b/354432897,b/354788532
TEST=Built the image, pushed to a sapphire rapids system. see above
RELEASE_NOTE=None
Change-Id: Ia669af40aaa12a710aea3a719c32b9883a6e624b
Reviewed-on: https://cos-review.googlesource.com/c/cos/overlays/board-overlays/+/77080
Reviewed-by: Alan Berryhill <berryhill@google.com>
Reviewed-by: Trevor Schroeder <trevors@google.com>
Tested-by: Cusky Presubmit Bot <presubmit@cos-infra-prod.iam.gserviceaccount.com>
diff --git a/project-edgeos/sys-kernel/lakitu-kernel-5_15/files/dm_verity_dev_wait.patch b/project-edgeos/sys-kernel/lakitu-kernel-5_15/files/0001-FEATURE-PATCH-dm-verity-dev-wait.patch
similarity index 100%
rename from project-edgeos/sys-kernel/lakitu-kernel-5_15/files/dm_verity_dev_wait.patch
rename to project-edgeos/sys-kernel/lakitu-kernel-5_15/files/0001-FEATURE-PATCH-dm-verity-dev-wait.patch
diff --git a/project-edgeos/sys-kernel/lakitu-kernel-5_15/files/0002-FEATURE-PATCH-cpufreq-intel-pstate-add-sapphire-rapids-support-in-no-hwp-mode.patch b/project-edgeos/sys-kernel/lakitu-kernel-5_15/files/0002-FEATURE-PATCH-cpufreq-intel-pstate-add-sapphire-rapids-support-in-no-hwp-mode.patch
new file mode 100644
index 0000000..ad3d7cb
--- /dev/null
+++ b/project-edgeos/sys-kernel/lakitu-kernel-5_15/files/0002-FEATURE-PATCH-cpufreq-intel-pstate-add-sapphire-rapids-support-in-no-hwp-mode.patch
@@ -0,0 +1,38 @@
+From df51f287b5de3b9d4fd39593eafd1f8298d711c7 Mon Sep 17 00:00:00 2001
+From: Giovanni Gherdovich <ggherdovich@suse.cz>
+Date: Mon, 21 Nov 2022 16:35:40 +0100
+Subject: cpufreq: intel_pstate: Add Sapphire Rapids support in no-HWP mode
+
+Users may disable HWP in firmware, in which case intel_pstate wouldn't load
+unless the CPU model is explicitly supported.
+
+See also the following past commits:
+
+commit d8de7a44e11f ("cpufreq: intel_pstate: Add Skylake servers support")
+commit 706c5328851d ("cpufreq: intel_pstate: Add Cometlake support in
+no-HWP mode")
+commit fbdc21e9b038 ("cpufreq: intel_pstate: Add Icelake servers support in
+no-HWP mode")
+commit 71bb5c82aaae ("cpufreq: intel_pstate: Add Tigerlake support in
+no-HWP mode")
+
+Signed-off-by: Giovanni Gherdovich <ggherdovich@suse.cz>
+Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
+---
+ drivers/cpufreq/intel_pstate.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/drivers/cpufreq/intel_pstate.c b/drivers/cpufreq/intel_pstate.c
+index ad9be31753b64c..fd73d6d2b80848 100644
+--- a/drivers/cpufreq/intel_pstate.c
++++ b/drivers/cpufreq/intel_pstate.c
+@@ -2379,6 +2379,7 @@ static const struct x86_cpu_id intel_pstate_cpu_ids[] = {
+ X86_MATCH(COMETLAKE, core_funcs),
+ X86_MATCH(ICELAKE_X, core_funcs),
+ X86_MATCH(TIGERLAKE, core_funcs),
++ X86_MATCH(SAPPHIRERAPIDS_X, core_funcs),
+ {}
+ };
+ MODULE_DEVICE_TABLE(x86cpu, intel_pstate_cpu_ids);
+--
+cgit 1.2.3-korg
diff --git a/project-edgeos/sys-kernel/lakitu-kernel-5_15/lakitu-kernel-5_15-5.15.161-r1.ebuild b/project-edgeos/sys-kernel/lakitu-kernel-5_15/lakitu-kernel-5_15-5.15.161-r1.ebuild
deleted file mode 120000
index 8566575..0000000
--- a/project-edgeos/sys-kernel/lakitu-kernel-5_15/lakitu-kernel-5_15-5.15.161-r1.ebuild
+++ /dev/null
@@ -1 +0,0 @@
-lakitu-kernel-5_15-5.15.161.ebuild
\ No newline at end of file
diff --git a/project-edgeos/sys-kernel/lakitu-kernel-5_15/lakitu-kernel-5_15-5.15.163-r2.ebuild b/project-edgeos/sys-kernel/lakitu-kernel-5_15/lakitu-kernel-5_15-5.15.163-r2.ebuild
new file mode 120000
index 0000000..3291391
--- /dev/null
+++ b/project-edgeos/sys-kernel/lakitu-kernel-5_15/lakitu-kernel-5_15-5.15.163-r2.ebuild
@@ -0,0 +1 @@
+lakitu-kernel-5_15-5.15.163.ebuild
\ No newline at end of file
diff --git a/project-edgeos/sys-kernel/lakitu-kernel-5_15/lakitu-kernel-5_15-5.15.161.ebuild b/project-edgeos/sys-kernel/lakitu-kernel-5_15/lakitu-kernel-5_15-5.15.163.ebuild
similarity index 91%
rename from project-edgeos/sys-kernel/lakitu-kernel-5_15/lakitu-kernel-5_15-5.15.161.ebuild
rename to project-edgeos/sys-kernel/lakitu-kernel-5_15/lakitu-kernel-5_15-5.15.163.ebuild
index 5c55676..998ec2c 100644
--- a/project-edgeos/sys-kernel/lakitu-kernel-5_15/lakitu-kernel-5_15-5.15.161.ebuild
+++ b/project-edgeos/sys-kernel/lakitu-kernel-5_15/lakitu-kernel-5_15-5.15.163.ebuild
@@ -14,6 +14,10 @@
EAPI=7
+# IMPORTANT: When updating the kernel, do not delete patches named with
+# FEATURE-PATCH in them without verifying that the functionality the patch adds
+# is still present (tested and confirmed)
+
# https://cos.googlesource.com/third_party/kernel/+/refs/heads/main-R105-cos-5.15
# https://cos-review.git.corp.google.com/c/third_party/kernel/+/74315
CROS_WORKON_COMMIT="1edb19e8e583706736344f51952ba2a4c4c01397"