linuxkit

mirror of https://github.com/linuxkit/linuxkit.git synced 2025-12-08 01:34:56 +00:00

Author	SHA1	Message	Date
Justin Cormack	4aa8cffb13	Update to Linux 4.8.14 Includes fix for CVE-2016-8655 Linux af_packet.c race condition. This gives a container escape with default container capabilities. This now has the slow network namespace patch backported, so this is removed. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-12-10 16:18:47 -08:00
Riyaz Faizullabhoy	a470b655d1	Set CONFIG_LEGACY_VSYSCALL to NONE and vsyscall=emulate Regenerated the kernel config from container, which bumped the kernel version and included some other fixes. Also bumps the check-config container to check for VSYSCALL_NATIVE Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>	2016-12-09 12:09:35 -08:00
Justin Cormack	15522201ea	Keep kernel headers from build Also upload some kernel artefacts to a private repo at mobylinux/kernel on Hub for scanning. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-12-08 17:32:59 -08:00
Riyaz Faizullabhoy	2e8a6143dd	Disable kexec from kernel_config, revert sysctl config because key is now unknown Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>	2016-12-07 11:43:10 -08:00
Justin Cormack	9352523bdb	Update to Linux 4.8.12 - security update Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-12-02 14:12:06 +00:00
Riyaz Faizullabhoy	8b7cdd41dc	Use digests instead of tags where possible Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>	2016-12-01 09:39:02 -08:00
Justin Cormack	12322d362c	Update to Linux 4.8.11 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-28 15:00:20 +00:00
Rolf Neugebauer	df67417538	kernel: update/fix patches for 4.8.10 In particular `8e0e003b50` seem to have remove the net/Kconfig changes Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2016-11-21 21:37:05 +00:00
Justin Cormack	994eeadb1c	Merge pull request #761 from ijc25/kernel-patch-whitespace Fixup kernel patch whitepace	2016-11-21 15:20:57 +00:00
Justin Cormack	a08e06bc44	Upgrade Linux to 4.8.10 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-21 15:03:48 +00:00
Ian Campbell	8e0e003b50	Fixup kernel patch whitepace Some of git's whitespace fixup option corrupts the patches by (at least) stripping trailing spaces (which are present for empty lines in context) and changing leading <space><tab> into just <tab>. `patch(1)` used by the build here seems to tolerate this, but `git am` and/or `git apply` do not. Fix this up by running git am and at each failure point (i.e. every patch) applying the relevant patch using `patch(1)` (which works because `git am` was unable to even partially apply the patches) before regenerating the whole lot with `git format-patch`. Signed-off-by: Ian Campbell <ian.campbell@docker.com>	2016-11-21 11:43:48 +00:00
Justin Cormack	b8dbdaaf8a	Update Linux to 4.8.9 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-19 22:37:22 +00:00
Justin Cormack	88eafcc239	update c build base image Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-18 23:32:47 +00:00
Rolf Neugebauer	a804ac8399	kernel: limit number of CPUs to 128 128 CPUs seems plenty for now and it allows for the debug kernels to boot on Hyper-V without modifications. It may also have the added benefit of reducing some data structures allocated per CPU (in particular for Debug kernels). Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2016-11-18 16:36:23 +00:00
Justin Cormack	444e01d703	Make oldconfig for 4.8.8 kernel Most new options disabled, a few picked. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-18 13:46:29 +00:00
Rolf Neugebauer	c782a2244e	kernel: update to 4.8.8 This removes all the patches which have been upstreamed since 4.4.x and only leaves patches for a minor fix to AF_VSOCK, the Hyper-V socket patch and a new patch for fixing delays on creating netns with tunnel interfaces. The latter has been accecpted into the upstream netdev branch and will likely appear in 4.9.0 and we can cherry pick from there then. Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2016-11-18 12:58:17 +00:00
Justin Cormack	9480827b98	Disable EFI framebuffer Azure only uses the Hyper-V framebuffer, so we should not need this. Simplify setup for graphics options we are not using. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-16 10:42:19 -05:00
Justin Cormack	b20125d3ab	Update to Linux 4.4.32 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-15 10:27:18 +00:00
Justin Cormack	fe3f584296	update Linux to 4.4.31 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-12 16:30:44 +00:00
Justin Cormack	21a04b3b54	Update kernel config - remove unused graphics options - move W^X test to debug kernel #685 - reboot on kernel panic fix #660 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-08 16:12:29 +00:00
Justin Cormack	5256e9e4e7	Keep vmlinux in build media for kernel debugging Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-07 14:45:37 +00:00
Justin Cormack	a77b91a022	update Linux to 4.4.30 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-01 20:50:12 +00:00
Justin Cormack	c758ca67ce	make curl fail on 404 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-11-01 13:58:02 +00:00
Justin Cormack	8966111b63	Merge pull request #657 from justincormack/kernelup Linux 4.4.29	2016-10-31 13:41:41 +00:00
Justin Cormack	ecc511b0a2	Linux 4.4.29 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-31 13:12:43 +00:00
Justin Cormack	81cf1eeed4	Add audit to kernel config Currently just has syscall audit as no LSM. See #52 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-28 18:12:51 +01:00
Justin Cormack	08fd4f9f19	upgrade Linux to 2.4.28 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-28 14:09:20 +01:00
Justin Cormack	80849b4ac3	Add Memory Resource Controller Kernel Memory accounting cgroup support Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-28 11:06:07 +01:00
Justin Cormack	14a1821e25	Additional requested kernel features - PPP https://github.com/docker/for-mac/issues/851 - NBD for infinit - extra virtualisation options Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-26 17:00:24 +01:00
Justin Cormack	4370b52ff9	Add mutiple pts support I think this may have got mangled in the kernel upgrade/downgrade. diff file is still messy due to version changes. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-26 15:08:14 +01:00
Justin Cormack	019b5eb727	Update to Linux 4.4.27 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-24 17:20:50 +01:00
Justin Cormack	e2b37e4de4	Revert "kernel: update to 4.8.2" This reverts commit `0808e359df`. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-24 17:20:02 +01:00
Justin Cormack	2921420010	Revert "Update Linux kernel to 4.8.3" This reverts commit `2f985f8306`. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-24 17:19:30 +01:00
Justin Cormack	95fafa07a9	Revert "Linux 4.8.4" This reverts commit `2db93ebbc7`. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-24 17:19:12 +01:00
Justin Cormack	d00dc31be0	Add more trace functions to kernel config Also disable Hyper-V memory ballooning, enable some mroe security options. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-24 12:43:41 +01:00
Justin Cormack	2db93ebbc7	Linux 4.8.4 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-22 17:05:20 +01:00
Justin Cormack	2f985f8306	Update Linux kernel to 4.8.3 Fix Dirty COW. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-21 09:35:09 +01:00
Justin Cormack	29196a5872	update C build base images for Musl update Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-20 13:23:12 +01:00
Rolf Neugebauer	0808e359df	kernel: update to 4.8.2 Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2016-10-18 16:23:33 +01:00
Justin Cormack	4caffb567d	update to Linux 4.4.25 Signed-off-by: Justin Cormack <justin@specialbusservice.com>	2016-10-16 22:19:37 +01:00
Rolf Neugebauer	c5ff18ff94	doc: add a note on building debug kernels Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2016-10-11 18:16:06 +01:00
Justin Cormack	36cb26b9d1	Merge pull request #603 from justincormack/minus-j set -j on kernel build again	2016-10-11 17:27:17 +01:00
Justin Cormack	214f8f6440	set -j on kernel build again Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-11 16:27:55 +01:00
Justin Cormack	2587974a7d	Merge pull request #601 from justincormack/ipsec Add more network and crypto modules including enough for ipsec	2016-10-11 16:26:04 +01:00
Justin Cormack	47124e8282	do not remove build containers Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-11 16:12:40 +01:00
Justin Cormack	ee611252c9	Add more network and crypto modules including enough for ipsec CRYPTO_ECHAINIV took the longest to find, which is needed. Fix #598 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-11 16:04:05 +01:00
Justin Cormack	20250e5f41	Update Linux to 4.4.24 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-08 13:48:29 +02:00
Justin Cormack	457e44dbcc	update kernel to 4.4.23 Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-01 21:03:47 +01:00
Justin Cormack	4e2f887f40	add ncurses to C build for menuconfig Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-10-01 18:26:38 +01:00
Justin Cormack	652d5eddf3	Use build container id rather than tagging builds This means that multiple builds will not conflict, so we can remove the lock from the CI. Also quieter when no errors. Some still left to do, only done the ones used in build and CI initially. Some of the others will be cleaned up anyway later. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2016-09-29 20:21:17 +01:00

1 2 3 4

170 Commits