From: Mike Yuan Date: Tue, 7 Jan 2025 17:28:33 +0000 (+0100) Subject: Bump minimum kernel baseline to 5.4, recommended version to 5.7 X-Git-Tag: v258-rc1~1674 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=16ac586e5a77942bf1147bc9eae684d544ded88f;p=thirdparty%2Fsystemd.git Bump minimum kernel baseline to 5.4, recommended version to 5.7 As requested, a list of kernel version to feature mapping for kernels older than minimum baseline is also included, in order to ease potential backport work. --- diff --git a/README b/README index 547ccce1cdb..75072382d13 100644 --- a/README +++ b/README @@ -29,38 +29,43 @@ LICENSE: LGPL-2.1-or-later for all code, exceptions noted in LICENSES/README.md REQUIREMENTS: - Linux kernel ≥ 4.3 + Linux kernel ≥ 3.15 for timerfd_create() CLOCK_BOOTTIME support + ≥ 3.17 for memfd_create() and getrandom() + ≥ 4.3 for ambient capabilities ≥ 4.5 for pids controller in cgroup v2 ≥ 4.6 for cgroup namespaces ≥ 4.9 for RENAME_NOREPLACE support in vfat ≥ 4.10 for cgroup-bpf egress and ingress hooks - ≥ 4.11 for nsfs - # FIXME: drop compat glue and remove entries above before v258 + ≥ 4.11 for nsfs NS_GET_NSTYPE ≥ 4.15 for cgroup-bpf device hook and cpu controller in cgroup v2 ≥ 4.17 for cgroup-bpf socket address hooks and /sys/power/resume_offset ≥ 4.20 for PSI (used by systemd-oomd) ≥ 5.2 for cgroup freezer ≥ 5.3 for bounded loops in BPF program ≥ 5.4 for pidfd, new mount API, and signed Verity images - ≥ 5.6 for getrandom() GRND_INSECURE + + ⛔ Kernel versions below 5.4 ("minimum baseline") are not supported at all, + and are missing required functionality as listed above. + # FIXME: actually drop compat glue before v258 + + Linux kernel ≥ 5.6 for getrandom() GRND_INSECURE ≥ 5.7 for CLONE_INTO_CGROUP, BPF links and the BPF LSM hook - ≥ 5.8 for LOOP_CONFIGURE and STATX_ATTR_MOUNT_ROOT + + ⚠️ Kernel versions below 5.7 ("recommended baseline") have significant gaps + in functionality and are not recommended for use with this version + of systemd. Taint flag 'old-kernel' will be set. systemd will most likely + still function, but upstream support and testing are limited. + + Linux kernel ≥ 5.8 for LOOP_CONFIGURE and STATX_ATTR_MOUNT_ROOT ≥ 5.9 for close_range() + ≥ 5.14 for cgroup.kill ≥ 6.3 for MFD_EXEC/MFD_NOEXEC_SEAL and tmpfs noswap option ≥ 6.5 for name_to_handle_at() AT_HANDLE_FID, SO_PEERPIDFD/SO_PASSPIDFD, and MOVE_MOUNT_BENEATH ≥ 6.9 for pidfs - ⛔ Kernel versions below 4.11 ("minimum baseline") are not supported at - all, and are missing required functionality (e.g. CLOCK_BOOTTIME support - for timerfd_create(), getrandom(), ambient capabilities, memfd_create(), - or nsfs (NS_GET_NSTYPE)). - - ⚠️ Kernel versions below 5.4 ("recommended baseline") have significant - gaps in functionality and are not recommended for use with this version - of systemd (e.g. lack race-free process tracking by pidfd and new mount API - support). Taint flag 'old-kernel' will be set. systemd will most likely - still function, but upstream support and testing are limited. + ✅ systemd utilizes several new kernel APIs, but will fall back gracefully + when unavailable. Kernel Config Options: CONFIG_DEVTMPFS diff --git a/src/basic/constants.h b/src/basic/constants.h index 5aaf8f535c2..93e6efbdcae 100644 --- a/src/basic/constants.h +++ b/src/basic/constants.h @@ -85,4 +85,5 @@ /* Path where systemd-oomd listens for varlink connections from user managers to report changes in ManagedOOM settings. */ #define VARLINK_ADDR_PATH_MANAGED_OOM_USER "/run/systemd/oom/io.systemd.ManagedOOM" -#define KERNEL_BASELINE_VERSION "5.4" +/* Recommended baseline - see README for details */ +#define KERNEL_BASELINE_VERSION "5.7"