NOTE: Some of the 4.13.x VMBus patches did not apply cleanly and they
were dropped for now. This may break LCOW and other Windows support.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
- Enable ARCH_BCM2835
- Enable USB_NET_SMSC95XX.
- Compile in MII and USB_USBNET. These are needed
by the onboard network driver
- Enable the DWC2 USB controller.
- Enabled MMC, MMC_SDHCI, MMC_BCM2835 for SD card access
- Enable various BCM2835 platform devices: HW_RANDOM_BCM2835,
I2C_BCM2835, PINCTRL_BCM2835, DMA_BCM2835,BCM2835_MBOX,
WM_BCM2835, ...
- Enable SERIAL_8250 and friends.
- Enable FB_SIMPLE to get console output
The above configuration gives a minimal working system
with serial console access (via the GPIO pins), networking
and SD storage. The smsc95xx network driver does not
seem to get autoloaded. This is likely a mdev issue.
We specifically do not configure any WLAN,
sound or graphics drivers as they would pull in
too many other cruft into the kernel. To enable
these we consider adding a -rpi3 config similar
to the -dbg config to provide additional kernel
config options.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Simple version bump. Changes:
* noise: handshake constants can be read-only after init
* noise: no need to take the RCU lock if we're not dereferencing
* send: improve dead packet control flow
* receive: improve control flow
* socket: eliminate dead code
* device: our use of queues means this check is worthless
* device: no need to take lock for integer comparison
* blake2s: modernize API and have faster _final
* compat: support READ_ONCE
* compat: just make ro_after_init read_mostly
Assorted cleanups to the module, including nice things like marking our
precomputations as const.
* Makefile: even prettier output
* Makefile: do not clean before cloc
* selftest: better test index for rate limiter
* netns: disable accept_dad for all interfaces
Fixes in our testing and build infrastructure. Now works on the 4.14 rc
series.
* qemu: add build-only target
* qemu: work on ubuntu toolchain
* qemu: add more debugging options to main makefile
* qemu: simplify shutdown
* qemu: open /dev/console if we're started early
* qemu: phase out bitbanging
* qemu: always create directory before untarring
* qemu: newer packages
* qemu: put hvc directive into configuration
This is the beginning of working out a cross building test suite, so we do
several tricks to be less platform independent.
* tools: encoding: be more paranoid
* tools: retry resolution except when fatal
* tools: don't insist on having a private key
* tools: add pass example to wg-quick man page
* tools: style
* tools: newline after warning
* tools: account for padding being in zero attribute
Several important tools fixes, one of which suppresses a needless warning.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
'make firmware_install' adds the firmware blobs creating
during the build to '/lib/firmware' in the result tarball.
This should be installed along with the kernel modules.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
By running:
./scripts/update-component-sha.sh --image linuxkit/alpine ad35b6ddbc70faa07e59a9d7dee7707c08122e8d
Signed-off-by: Ian Campbell <ijc@docker.com>
This is a useful read only filesystem for images that is efficient and
small as it supports compression.
For many use cases, when you are writing to media, it makes more sense than
using an initramfs as it does not require RAM, and it is more suitable for
disk media than ISO.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This new feature was disabled by default, enable it as it seems
sensible to have. From the documentation:
Detect overflows of buffers in common string and memory functions
where the compiler can determine and validate the buffer sizes.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
The patches from 4.12 applied cleanly, except for 81304747d9
("Drivers: hv: vmbus: Fix rescind handling"), which was already
in upstream so has been dropped from the patch series.
The kernel config is from 4.12 run through defconfig/oldconfig to
pick up any new defaults.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Notie, the instructions added in: https://github.com/Microsoft/opengcs/pull/147
add a commit to revert another patch in this series. Instead of applying
c15d7f606f8 ("Revert "vmbus: destroy a hv_sock device only after the RESCIND_OFFER
is received"") we simply drop the orginal commit e37da6e7a52ea6 ("vmbus: destroy a
hv_sock device only after the RESCIND_OFFER is received") from our list.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
These drivers are for HPE SCSI cards and enabling them subsequently
enabled RAID_ATTRS and CHECK_SIGNATURE.
Only enabled for 4.9 and 4.12 kernels.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Depmod in the zfs makefiles will never run as `/boot/` and relevant map files dont exist in our build environments.
Included style suggestions by @rn
Signed-off-by: Matt Johnson <matjohn2@cisco.com>
These are the recommended patches for 4.12 for Hyper-V sockets
and LCOW. Based on: https://github.com/Microsoft/opengcs/pull/138
This also includes a cherry-pick from upstream which fixes the
ext4/nvdimm/pax failures we have seen since 4.11.2.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
This enables per task (IO) accounting which is useful
for monitoring IO activity and the like.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
This adds building the zfs-kmod package to the kernel build.
The zfs-kmod packages contains the matching ZFS kernel modules
for a given kernel in /lib/modules/$(uname -r)/extra.
The zfs-kmod package also contains the standard kernel modules
and depmod is run over them so that modprobe works
The zfs-kmod package is not build by default due to unclarity
about licenses. Users will have to build it themselves.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Note this is not the latest ZFS version but the version matched
by the current alpine zfs utilities.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Note, on x86_64 for 4.12.9 a new kernel option,
HARDLOCKUP_CHECK_TIMESTAMP was added which defaults to enabled. It enables
a low pass filter to compensate for perf based hard lockup detection.
Added this option to the x86_64 4.12.x kernel confog file.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
Due to https://github.com/moby/moby/issues/34199 we can't supply
the FROM image via --build-arg and use DOCKER_CONTENT_TRUST=1 for build.
So we pull the image with DCT and then explicitly build it without.
This regression was introduced with 8b84baf2 ("kernel: Allow disabling content trust")
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
For some use cases, we may want to add additional kernel
configuration options (e.g. when adding AUFS). This commit
enables it by:
- renaming DEBUG to EXTRA
- append kernel_config${EXTRA} to the kernel config
- allowing passing in an EXTRA argument to the make file
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
specifying NOTRUST=1 on the make command line disables
content trust just like with packages.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
