libkrun · tylerfanelli · May 12, 2026 · May 8, 2026
@@ -1,13 +1,13 @@
-KERNEL_VERSION = linux-6.12.76
+KERNEL_VERSION = linux-6.12.87
 KERNEL_REMOTE = https://cdn.kernel.org/pub/linux/kernel/v6.x/$(KERNEL_VERSION).tar.xz
 KERNEL_TARBALL = tarballs/$(KERNEL_VERSION).tar.xz
 KERNEL_SOURCES = $(KERNEL_VERSION)
 KERNEL_PATCHES = $(shell find patches/ -name "0*.patch" | sort)
 KERNEL_C_BUNDLE = kernel.c
 
 ABI_VERSION = 5
-FULL_VERSION = 5.3.0
-TIMESTAMP = "Tue Mar 10 13:28:56 CET 2026"
+FULL_VERSION = 5.4.0
+TIMESTAMP = "Fri May  8 14:25:15 CEST 2026"
 
 KERNEL_FLAGS = KBUILD_BUILD_TIMESTAMP=$(TIMESTAMP)
 KERNEL_FLAGS += KBUILD_BUILD_USER=root

@@ -1,4 +1,4 @@
-From 657f3ea1bfeb76ddc6bc4af9eb23dc77a1ff8a1a Mon Sep 17 00:00:00 2001
+From ff5dbd901b0688a006fafcba07449d4a116b7317 Mon Sep 17 00:00:00 2001
 From: Sergio Lopez <slp@sinrega.org>
 Date: Fri, 10 Sep 2021 13:05:01 +0200
 Subject: [PATCH 1/4] virtio: enable DMA API if memory is restricted
@@ -54,5 +54,5 @@ index c0276979675d..1d5b988e4452 100644
  	/*
  	 * In theory, it's possible to have a buggy QEMU-supposed
 -- 
-2.52.0
+2.54.0
 
@@ -1,4 +1,4 @@
-From 85875d63186b73e8b524204ee10385f979f49d48 Mon Sep 17 00:00:00 2001
+From dd2119161ec3510a5ca2946dcadd5043f19ff4ed Mon Sep 17 00:00:00 2001
 From: Sergio Lopez <slp@redhat.com>
 Date: Thu, 20 Oct 2022 10:23:16 +0200
 Subject: [PATCH 2/4] x86/sev: write AP reset vector
@@ -12,10 +12,10 @@ Signed-off-by: Sergio Lopez <slp@redhat.com>
  1 file changed, 24 insertions(+), 1 deletion(-)
 
 diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c
-index de1df0cb45da..7ed486a790fb 100644
+index 2be730765f83..aff0f627c3bd 100644
 --- a/arch/x86/coco/sev/core.c
 +++ b/arch/x86/coco/sev/core.c
-@@ -1266,6 +1266,29 @@ void __init snp_set_wakeup_secondary_cpu(void)
+@@ -1273,6 +1273,29 @@ void __init snp_set_wakeup_secondary_cpu(void)
  	apic_update_callback(wakeup_secondary_cpu, wakeup_cpu_via_vmgexit);
  }
 
@@ -45,7 +45,7 @@ index de1df0cb45da..7ed486a790fb 100644
  int __init sev_es_setup_ap_jump_table(struct real_mode_header *rmh)
  {
  	u16 startup_cs, startup_ip;
-@@ -1277,7 +1300,7 @@ int __init sev_es_setup_ap_jump_table(struct real_mode_header *rmh)
+@@ -1284,7 +1307,7 @@ int __init sev_es_setup_ap_jump_table(struct real_mode_header *rmh)
 
  	/* On UP guests there is no jump table so this is not a failure */
  	if (!jump_table_addr)
@@ -55,5 +55,5 @@ index de1df0cb45da..7ed486a790fb 100644
  	/* Check if AP Jump Table is page-aligned */
  	if (jump_table_addr & ~PAGE_MASK)
 -- 
-2.52.0
+2.54.0
 
@@ -1,4 +1,4 @@
-From 702d45def09ba1783735f654a6686c1aa1f601e9 Mon Sep 17 00:00:00 2001
+From 45bce0f81b5111fac6e6979a8709e8bd87661ef4 Mon Sep 17 00:00:00 2001
 From: Sergio Lopez <slp@redhat.com>
 Date: Wed, 3 Aug 2022 12:35:12 +0200
 Subject: [PATCH 3/4] Implement driver to retrieve secrets from cmdline
@@ -259,7 +259,7 @@ index ee1309473bc6..96c0f3c72395 100644
 
  /* used by init/main.c */
 diff --git a/init/main.c b/init/main.c
-index 821df1f05e9c..04f8f5a6389d 100644
+index dca88ac54c43..0336c3b27043 100644
 --- a/init/main.c
 +++ b/init/main.c
 @@ -149,6 +149,11 @@ static char *extra_command_line;
@@ -290,5 +290,5 @@ index 821df1f05e9c..04f8f5a6389d 100644
 
  /*
 -- 
-2.52.0
+2.54.0
 
@@ -1,4 +1,4 @@
-From 3b114c42aaf912e8da93252c5562f7635a8b2199 Mon Sep 17 00:00:00 2001
+From 126c045600e62f2e1bda8568cee52de30b6d0aff Mon Sep 17 00:00:00 2001
 From: Sergio Lopez <slp@redhat.com>
 Date: Wed, 5 Jun 2024 16:20:08 +0200
 Subject: [PATCH 4/4] x86/sev: Avoid using native_cpuid
@@ -61,5 +61,5 @@ index b922b9fea6b6..c0de732b0121 100644
  	/* Check the SEV MSR whether SEV or SME is enabled */
  	RIP_REL_REF(sev_status) = msr = __rdmsr(MSR_AMD64_SEV);
 -- 
-2.52.0
+2.54.0
 
@@ -1,7 +1,7 @@
-From 817f5791591a123e06fa85993aa24f2e4367c506 Mon Sep 17 00:00:00 2001
+From db20a79e5810bc9fc77655acde5c8e13e7942ba9 Mon Sep 17 00:00:00 2001
 From: Sergio Lopez <slp@redhat.com>
 Date: Thu, 2 Mar 2023 07:34:49 +0100
-Subject: [PATCH 01/26] krunfw: Don't panic when init dies
+Subject: [PATCH 01/32] krunfw: Don't panic when init dies
 
 In libkrun, the isolated process runs as PID 1. When it exits,
 trigger an orderly reboot instead of panic'ing.
@@ -59,5 +59,5 @@ index d6ee090eda94..f6947c5bd671 100644
  	machine_restart(cmd);
  }
 -- 
-2.52.0
+2.54.0
 
@@ -1,7 +1,7 @@
-From db750d64e3f36576b667b67e979ec800a1eec872 Mon Sep 17 00:00:00 2001
+From 2e7df3e03121c97e16bb72de31e8b5ba9908971a Mon Sep 17 00:00:00 2001
 From: Sergio Lopez <slp@redhat.com>
 Date: Mon, 16 May 2022 16:04:27 +0200
-Subject: [PATCH 02/26] krunfw: Ignore run_cmd on orderly reboot
+Subject: [PATCH 02/32] krunfw: Ignore run_cmd on orderly reboot
 
 We don't really support restarting the conventional way, so ignore
 "run_cmd" so we can fall back to an emergency sync and reboot.
@@ -28,5 +28,5 @@ index f6947c5bd671..5925d8fcfbfa 100644
  	if (ret) {
  		pr_warn("Failed to start orderly reboot: forcing the issue\n");
 -- 
-2.52.0
+2.54.0
 
@@ -1,7 +1,7 @@
-From 56ef3652b6666b91c1c66fa94aedac70a934bfb2 Mon Sep 17 00:00:00 2001
+From 8ca8db16da5001752ca7d782a60d9af85e7899b7 Mon Sep 17 00:00:00 2001
 From: Bobby Eshleman <bobby.eshleman () bytedance ! com>
 Date: Sat, 10 Jun 2023 00:58:28 +0000
-Subject: [PATCH 03/26] vsock/dgram: generalize recvmsg and drop
+Subject: [PATCH 03/32] vsock/dgram: generalize recvmsg and drop
  transport->dgram_dequeue
 
 This commit drops the transport->dgram_dequeue callback and makes
@@ -348,5 +348,5 @@ index 6e78927a598e..3d5e05d8950f 100644
  		.stream_dequeue           = virtio_transport_stream_dequeue,
  		.stream_enqueue           = virtio_transport_stream_enqueue,
 -- 
-2.52.0
+2.54.0
 
@@ -1,7 +1,7 @@
-From 385e0bdc508313f07f59bbe26cf91ed6d97eaf39 Mon Sep 17 00:00:00 2001
+From 0530d4f1e7c9112d492330d74bab3426ef4f5cf6 Mon Sep 17 00:00:00 2001
 From: Bobby Eshleman <bobby.eshleman () bytedance ! com>
 Date: Sat, 10 Jun 2023 00:58:29 +0000
-Subject: [PATCH 04/26] vsock: refactor transport lookup code
+Subject: [PATCH 04/32] vsock: refactor transport lookup code
 
 Introduce new reusable function vsock_connectible_lookup_transport()
 that performs the transport lookup logic.
@@ -57,5 +57,5 @@ index fccb4761b8af..4a8f62e7520d 100644
  	default:
  		ret = -ESOCKTNOSUPPORT;
 -- 
-2.52.0
+2.54.0
 
@@ -1,7 +1,7 @@
-From 774a9ccd77a3adb0f736f3f2323bde3d0b06b210 Mon Sep 17 00:00:00 2001
+From 365643863f3166d827024d4b6067222a6453d015 Mon Sep 17 00:00:00 2001
 From: Bobby Eshleman <bobby.eshleman () bytedance ! com>
 Date: Sat, 10 Jun 2023 00:58:30 +0000
-Subject: [PATCH 05/26] vsock: support multi-transport datagrams
+Subject: [PATCH 05/32] vsock: support multi-transport datagrams
 
 This patch adds support for multi-transport datagrams.
 
@@ -304,5 +304,5 @@ index 3d5e05d8950f..9e9e124f8d2b 100644
  		.dgram_allow              = virtio_transport_dgram_allow,
  		.dgram_get_cid		  = virtio_transport_dgram_get_cid,
 -- 
-2.52.0
+2.54.0
 
@@ -1,7 +1,7 @@
-From 4038db5595d575390c8a0d283ae647bf9d3e96c9 Mon Sep 17 00:00:00 2001
+From cc6d6e946fdfd0e5aa2e1a9a1c6f4ecc199c2181 Mon Sep 17 00:00:00 2001
 From: Bobby Eshleman <bobby.eshleman () bytedance ! com>
 Date: Sat, 10 Jun 2023 00:58:31 +0000
-Subject: [PATCH 06/26] vsock: make vsock bind reusable
+Subject: [PATCH 06/32] vsock: make vsock bind reusable
 
 This commit makes the bind table management functions in vsock usable
 for different bind tables. For use by datagrams in a future patch.
@@ -102,5 +102,5 @@ index c15d9a6f8b89..30517b362fcc 100644
  			      struct sockaddr_vm *addr)
  {
 -- 
-2.52.0
+2.54.0
 
@@ -1,7 +1,7 @@
-From 881d7e95e6f0e8dae002a32a2a88d7c08b083b54 Mon Sep 17 00:00:00 2001
+From 33ddfd0056365235338e46e289657fc1c1355bc2 Mon Sep 17 00:00:00 2001
 From: Bobby Eshleman <bobby.eshleman () bytedance ! com>
 Date: Sat, 10 Jun 2023 00:58:32 +0000
-Subject: [PATCH 07/26] virtio/vsock: add VIRTIO_VSOCK_F_DGRAM feature bit
+Subject: [PATCH 07/32] virtio/vsock: add VIRTIO_VSOCK_F_DGRAM feature bit
 
 This commit adds a feature bit for virtio vsock to support datagrams.
 
@@ -24,5 +24,5 @@ index 64738838bee5..9c25f267bbc0 100644
  struct virtio_vsock_config {
  	__le64 guest_cid;
 -- 
-2.52.0
+2.54.0
 
@@ -1,7 +1,7 @@
-From 518275adea4e66da9b19bff00439b127926692e6 Mon Sep 17 00:00:00 2001
+From 2883434bdf71f2441c1d34788fb138c010533254 Mon Sep 17 00:00:00 2001
 From: Bobby Eshleman <bobby.eshleman () bytedance ! com>
 Date: Sat, 10 Jun 2023 00:58:33 +0000
-Subject: [PATCH 08/26] virtio/vsock: support dgrams
+Subject: [PATCH 08/32] virtio/vsock: support dgrams
 
 This commit adds support for datagrams over virtio/vsock.
 
@@ -656,5 +656,5 @@ index 9e9e124f8d2b..b3066c854bb9 100644
  {
  	return true;
 -- 
-2.52.0
+2.54.0
 
@@ -1,7 +1,7 @@
-From 338b7e34b57dfb82129ec2b022735c3e3f71ef59 Mon Sep 17 00:00:00 2001
+From 2afce693dedb3bc54648665488d346bbc17ab73a Mon Sep 17 00:00:00 2001
 From: Sergio Lopez <slp@redhat.com>
 Date: Thu, 19 May 2022 22:38:26 +0200
-Subject: [PATCH 09/26] Transparent Socket Impersonation implementation
+Subject: [PATCH 09/32] Transparent Socket Impersonation implementation
 
 Transparent Socket Impersonation (AF_TSI) is an address family that
 provides sockets presenting two simultaneous personalities, one of
@@ -1856,5 +1856,5 @@ index 7229c9bf6c27..f08d24321603 100644
  #error New address family defined, please update secclass_map.
  #endif
 -- 
-2.52.0
+2.54.0
 
@@ -1,7 +1,7 @@
-From 936b1f01fece38e5c2c2038c9fdd50214fb08ec9 Mon Sep 17 00:00:00 2001
+From 11f6bba30167239d54f27fccbeb3ddb319fb360f Mon Sep 17 00:00:00 2001
 From: Sergio Lopez <slp@redhat.com>
 Date: Thu, 19 May 2022 22:42:01 +0200
-Subject: [PATCH 10/26] tsi: allow hijacking sockets (tsi_hijack)
+Subject: [PATCH 10/32] tsi: allow hijacking sockets (tsi_hijack)
 
 Add a kernel command line option (tsi_hijack) enabling users to
 request the kernel to hijack AF_INET(SOCK_STREAM || SOCK_DGRAM)
@@ -81,5 +81,5 @@ index e266f968405b..a8940e3e98a5 100644
  	int err;
 
 -- 
-2.52.0
+2.54.0
 
@@ -1,7 +1,7 @@
-From 84ed5b2bc46d5022f246c55aa06922551f83cda3 Mon Sep 17 00:00:00 2001
+From 995eef6ce4407bc20831b242c77ee011d84fea4d Mon Sep 17 00:00:00 2001
 From: Asahi Lina <lina@asahilina.net>
 Date: Wed, 25 Sep 2024 16:35:34 +0200
-Subject: [PATCH 11/26] arm64: cpufeature: Unify SCOPE_LOCAL_CPU early & late
+Subject: [PATCH 11/32] arm64: cpufeature: Unify SCOPE_LOCAL_CPU early & late
  behavior
 
 SCOPE_LOCAL_CPU is mostly used for CPU errata. The early feature logic
@@ -81,5 +81,5 @@ index 5e68d65e675e..06ee74cc3dd9 100644
 
  		if (caps->desc && !caps->cpus)
 -- 
-2.52.0
+2.54.0
 
@@ -1,7 +1,7 @@
-From 313af1b4bd78ce8673610442a39a1311b8bd3b1d Mon Sep 17 00:00:00 2001
+From 582250ebe10df99415a233af1f40384004594d3b Mon Sep 17 00:00:00 2001
 From: Hector Martin <marcan@marcan.st>
 Date: Thu, 11 Apr 2024 09:51:20 +0900
-Subject: [PATCH 12/26] prctl: Introduce PR_{SET,GET}_MEM_MODEL
+Subject: [PATCH 12/32] prctl: Introduce PR_{SET,GET}_MEM_MODEL
 
 On some architectures, it is possible to query and/or change the CPU
 memory model. This allows userspace to switch to a stricter memory model
@@ -119,5 +119,5 @@ index 35990f0796bc..3cb05c88a4b7 100644
  		error = -EINVAL;
  		break;
 -- 
-2.52.0
+2.54.0
 
@@ -1,7 +1,7 @@
-From 0d269370cdb6cb89f683528f6b28e08a5c9da7cf Mon Sep 17 00:00:00 2001
+From 16bd1b5e032b16031d54e0215d475cf3cc0d0dcc Mon Sep 17 00:00:00 2001
 From: Hector Martin <marcan@marcan.st>
 Date: Thu, 11 Apr 2024 09:51:21 +0900
-Subject: [PATCH 13/26] arm64: Implement PR_{GET,SET}_MEM_MODEL for always-TSO
+Subject: [PATCH 13/32] arm64: Implement PR_{GET,SET}_MEM_MODEL for always-TSO
  CPUs
 
 Some ARM64 implementations are known to always use the TSO memory model.
@@ -27,10 +27,10 @@ Reviewed-by: Neal Gompa <neal@gompa.dev>
  create mode 100644 arch/arm64/kernel/cpufeature_impdef.c
 
 diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
-index 0e2902f38e70..8d77fef0ae68 100644
+index f487c5e21e2f..8f97145095e0 100644
 --- a/arch/arm64/Kconfig
 +++ b/arch/arm64/Kconfig
-@@ -2263,6 +2263,15 @@ config ARM64_DEBUG_PRIORITY_MASKING
+@@ -2264,6 +2264,15 @@ config ARM64_DEBUG_PRIORITY_MASKING
  	  If unsure, say N
  endif # ARM64_PSEUDO_NMI
 
@@ -230,5 +230,5 @@ index eedb5acc21ed..bca63481e0cf 100644
  HAS_VIRT_HOST_EXTN
  HAS_WFXT
 -- 
-2.52.0
+2.54.0
 
@@ -1,7 +1,7 @@
-From 2cd2b566c238c1c120cc17a1c20bcfa17a8b69b8 Mon Sep 17 00:00:00 2001
+From adf176e37a3d9f6a6b75b7dd27fcaa72d27d1e40 Mon Sep 17 00:00:00 2001
 From: Hector Martin <marcan@marcan.st>
 Date: Thu, 11 Apr 2024 09:51:22 +0900
-Subject: [PATCH 14/26] arm64: Introduce scaffolding to add ACTLR_EL1 to thread
+Subject: [PATCH 14/32] arm64: Introduce scaffolding to add ACTLR_EL1 to thread
  state
 
 Some CPUs expose IMPDEF features in ACTLR_EL1 that can be meaningfully
@@ -24,10 +24,10 @@ Reviewed-by: Neal Gompa <neal@gompa.dev>
  5 files changed, 44 insertions(+)
 
 diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
-index 8d77fef0ae68..cf75e6b64ffa 100644
+index 8f97145095e0..8d587e0b21ef 100644
 --- a/arch/arm64/Kconfig
 +++ b/arch/arm64/Kconfig
-@@ -429,6 +429,9 @@ config KASAN_SHADOW_OFFSET
+@@ -430,6 +430,9 @@ config KASAN_SHADOW_OFFSET
  config UNWIND_TABLES
  	bool
 
@@ -137,5 +137,5 @@ index 8185979f0f11..4fcaaf9c7d2b 100644
  	if (boot_args[1] || boot_args[2] || boot_args[3]) {
  		pr_err("WARNING: x1-x3 nonzero in violation of boot protocol:\n"
 -- 
-2.52.0
+2.54.0
 
@@ -1,7 +1,7 @@
-From 0ff74dd6e1a08b75f7c45d3b792dc7a47e18fe97 Mon Sep 17 00:00:00 2001
+From 30860087dc858a4fba76ecb6bc7de1025a6774b4 Mon Sep 17 00:00:00 2001
 From: Hector Martin <marcan@marcan.st>
 Date: Thu, 11 Apr 2024 09:51:23 +0900
-Subject: [PATCH 15/26] arm64: Implement Apple IMPDEF TSO memory model control
+Subject: [PATCH 15/32] arm64: Implement Apple IMPDEF TSO memory model control
 
 Apple CPUs may implement the TSO memory model as an optional
 configurable mode. This allows x86 emulators to simplify their
@@ -27,10 +27,10 @@ Reviewed-by: Neal Gompa <neal@gompa.dev>
  create mode 100644 arch/arm64/include/asm/apple_cpufeature.h
 
 diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
-index cf75e6b64ffa..4331bbad4e68 100644
+index 8d587e0b21ef..befa467fd555 100644
 --- a/arch/arm64/Kconfig
 +++ b/arch/arm64/Kconfig
-@@ -2268,6 +2268,8 @@ endif # ARM64_PSEUDO_NMI
+@@ -2269,6 +2269,8 @@ endif # ARM64_PSEUDO_NMI
 
  config ARM64_MEMORY_MODEL_CONTROL
  	bool "Runtime memory model control"
@@ -208,5 +208,5 @@ index bca63481e0cf..8b809992a9ee 100644
  HAS_VA52
  HAS_VIRT_HOST_EXTN
 -- 
-2.52.0
+2.54.0