As part of the clang-freedom effort we are moving away from pre-processor macros to C conditionals to enable/disable features. We want to avoid doing so at the cost of performance (aka. only pay for what you use).

In v5.5, the verifier got the ability to track variables gotten from frozen rodata maps (const global variables) and regard them as constant values. This feeds into the dead code elimination logic, effectively allowing us to eliminate unwanted parts of the code at load time instead of compile time.

Currently, the minimum kernel version currently is v5.4 since Cilium v1.16. So we currently cannot yet use the above described features.

We therefor would like to suggest changing the minimum supported kernel version to v5.10 (the next kernel LTS) for Cilium v1.19 and above. Cilium v1.19 will release somewhere in Q1 of 2026 (Jan or Feb if the current cadence holds). v5.4 will become EOL Dec, 2025. So by the time Cilium v1.19 releases its a reasonable to request the next LTS as minimum kernel version.

The research done during the v5.4 upgrade process shows that most distros are already on v5.10 or newer. Ubuntu 20.04 LTS (focal) and RHEL 8.x lagging behind.

Ubuntu 20.04 LTS (focal) will reach EOL (End Of Standard Support) in May, 2025 according to https://ubuntu.com/about/release-cycle.

RHEL 8.x is technically on v4.18, but has so far received internal backports of BPF features that it still meets our minimum requirements. We have already confirmed that RHEL 8.6 and above have the specific features we are after for clang-freedom. So the RHEL exception should be able to stay as is.

So there should be no major obstacle here.