Commit Graph

209 Commits

Author SHA1 Message Date
Rolf Neugebauer
677bf96dff kernel: Fix warning about empty continuation
Without this change, recent Docker build produce this warning:
[WARNING]: Empty continuation line found in:
    RUN apk add     xz     xz-dev     zlib-dev &&     if [ $(uname -m) == x86_64 ]; then         apk add libunwind-dev;
    fi
[WARNING]: Empty continuation lines will become errors in a future release.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-24 11:06:28 +01:00
Rolf Neugebauer
cc67c08667 kernel: Add kernel config and build support for 4.12 kernels
- The x86_64 kernel config was derived from our 4.11 config
  and then adjusted with the recent changes
- The arm64 kernel config was derived from the 4.9 config

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-23 14:33:25 +01:00
Rolf Neugebauer
6fc9a32c15 kernel: Add patches for the 4.12 kernel
The VMBus/Hyper-V socket patches were partly taken from the now
defunct 4.11 tree and partly form the WIP 4.12 tree at:
https://github.com/dcui/linux/commits/decui/msft-4.12.y

From the 4.11 tree:
- 0001-tools-build-Add-test-for-sched_getcpu.patch
  Does not apply, may not be needed anymore to compile perf
- 0002-vmbus-vmbus_open-reset-onchannel_callback-on-error.patch
  From https://github.com/dcui/linux/commits/decui/msft-4.12.y
- 0003-vmbus-add-the-matching-tasklet_enable-in-vmbus_close.patch
  Already upstream: 5116f5e2e05cf("vmbus: re-enable channel tasklet")
- 0004-vmbus-remove-goto-error_clean_msglist-in-vmbus_open
  From https://github.com/dcui/linux/commits/decui/msft-4.12.y
- 0005-vmbus-dynamically-enqueue-dequeue-a-channel-on-vmbus.patch
  From the 4.11 patches
- 0006-hv_sock-implements-Hyper-V-transport-for-Virtual-Soc.patch
  From https://github.com/dcui/linux/commits/decui/msft-4.12.y
- 0007-VMCI-only-try-to-load-on-VMware-hypervisor.patch
  From https://github.com/dcui/linux/commits/decui/msft-4.12.y
- 0008-hv_sock-add-the-support-of-auto-loading.patch
  From https://github.com/dcui/linux/commits/decui/msft-4.12.y
- 0009-tools-hv_sock-2-simple-test-cases.patch
  Dropped, this was just test code
- 0010-vmbus-introduce-in-place-packet-iterator.patch
  Already upstream: f3dd3f4797652("vmbus: introduce in-place packet iterator")
- 0011-hvsock-fix-a-race-in-hvs_stream_dequeue.patch
  From https://github.com/dcui/linux/commits/decui/msft-4.12.y
- 0012-hvsock-fix-vsock_dequeue-enqueue_accept-race.patch
  From https://github.com/dcui/linux/commits/decui/msft-4.12.y
- 0013-Drivers-hv-vmbus-Fix-rescind-handling.patch
  From the 4.11 patches
- 0014-vmbus-fix-hv_percpu_channel_deq-enq-race.patch
  From the 4.11 patches
- 0015-vmbus-add-vmbus-onoffer-onoffer_rescind-sync.patch
  From the 4.11 patches
- 0016-hv-sock-a-temporary-workaround-for-the-pending_send_.patch
  DROPPED. Does not apply at all anymore. Was a hack anyway
- 0017-vmbus-fix-the-missed-signaling-in-hv_signal_on_read.patch
  Applied manually from the 4.11 patches
- 0018-hv-sock-avoid-double-FINs-if-shutdown-is-called.patch
  From https://github.com/dcui/linux/commits/decui/msft-4.12.y
- 0019-Added-vsock-transport-support-to-9pfs.patch
  From the 4.11 patches
- 0020-NVDIMM-reducded-ND_MIN_NAMESPACE_SIZE-from-4MB-to-4K.patch
  From the 4.11 patches

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-23 14:33:25 +01:00
Rolf Neugebauer
0f5825fc32 kernel: Improve kconfig Docker file
Be a bit more verbose and error on error.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-23 14:33:25 +01:00
Rolf Neugebauer
aec0d5a702 kernel: Disable VHOST_VSOCK on 4.4 kernels
The host side VSOCK implementation introduced with
0009-VSOCK-Introduce-vhost_vsock.ko.patch
does not compile due to vhost_vq_init_access not being defined.

VHOST support (including VHOST_VSOCK) was enabled with
86deeaff ("kernel: Bring 4.4 x86_64 kernel config more in line
with 4.9") but not compile tested. Having VHOST support in
itself is fine, it's just the VHOST_VSOCK portion which is not
avail.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-23 14:33:25 +01:00
Rolf Neugebauer
20cc4b3ddf kernel: Don't check kernel config for debug kernels
The kernel config for debug kernels is created by concatenating
config files, so we can't use diff to check it.

This fixes a regression introduced by:
9362de0a ("kernel: Verify kernel config")

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-23 14:33:25 +01:00
Rolf Neugebauer
119cc56fcf kernel: Align arm64 4.4 kernel config with 4.9
Note, vhost vsock is disabled on arm64 because it failed to compile.
'vhost_vq_init_access' was not defined, but with a quick check
I could not find where it was supposed to be defined.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-21 20:43:30 +01:00
Rolf Neugebauer
86deeaff90 kernel: Bring 4.4 x86_64 kernel config more in line with 4.9
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-21 20:43:30 +01:00
Rolf Neugebauer
ba2e6a5bb8 kernel: Add a Dockerfile to make it easier to configure kernels
The new Dockerfile.kconfig can be used, via the 'kconfig' make target
to build a 'linuxkit/kconfig' images. This images contains the patched
source and default kernel configs for all supported kernels.

It's useful to updating the kernel config files.

While at it, also update the alpine base.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-21 20:43:30 +01:00
Rolf Neugebauer
ffcf5db6ee kernel: Use local kernel source if available
The kernel build currently downloads the source tar ball every
time, which is a little tedious when experimenting with kernel
configs or when compiling the kernel multiple times.

This commit adds a new 'fetch' make target which downloads the
kernel sources into ./sources. Then in the Dockerfile we add
the directory and only download the source if it is not present.

The tarballs signature is till checked on each build.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-20 11:41:59 +01:00
Rolf Neugebauer
9362de0adb kernel: Verify kernel config
Since we supply a full .config file we can check that after
make defconfig/oldconfig it hasn't changed. This should catch
cases where a config option has changed between releases.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-20 11:05:35 +01:00
Rolf Neugebauer
72ed2b3a06 kernel: Rename kernel_config-4.x.x to kernel_config-4.x.x-x86_64
Consistently arch suffixes for kernel config.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-20 10:46:28 +01:00
Rolf Neugebauer
5898bc9f0d kernel: Update to 4.9.44/4.4.83
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-18 18:08:32 +01:00
Rolf Neugebauer
516b11d262 kernel: Set DEFAULT_MMAP_MIN_ADDR to 65536/32768
This is a recommended security measure to protect the low portion
of virtual memory. On x86_64 the recommended value is 65536 while
for arm it shouldn't be higher than 32768.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-18 15:18:38 +01:00
Rolf Neugebauer
edf74c249a kernel: Enable CONFIG_ENABLE_MUST_CHECK
This is a compile time option enabling __must_check annotations
for return values.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-18 15:18:38 +01:00
Rolf Neugebauer
3e5ba03cdc kernel: Enable Ethernet Team driver support
While at it also disable an un-used NIC vendor (Netronome).

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-18 15:18:38 +01:00
Rolf Neugebauer
ec7c2fe82d kernel: Align arm64 kernel config more with x86
The resulting kernel boots fine on qemu and on Cavium Thunder,
though the latter still has some issues.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-18 15:18:38 +01:00
Rolf Neugebauer
72c2c7f85b kernel: Set LOCALVERSION to "-linuxkit" on arm64 as well
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-14 11:01:22 +01:00
Rolf Neugebauer
1882939623 kernel: Update to 4.9.43/4.4.82
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-14 10:58:54 +01:00
Rolf Neugebauer
3889f198e5 kernel: Update to 4.9.42/4.4.81
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-14 10:45:56 +01:00
Jason A. Donenfeld
f74477def2 wireguard: version bump
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-08-10 23:17:22 +02:00
Dennis Chen
7f313870a9 arm64: kernel 4.4.x bringup enablement
Enable DEVPTS_MULTIPLE_INSTANCES in kernel configuration file
to avoid the devpts mounting hang issue during bootup when
running LinuxKit.

Signed-off-by: Dennis Chen <dennis.chen@arm.com>
2017-08-09 02:56:36 +00:00
Rolf Neugebauer
4f5582edf2 kernel: Update to 4.9.41/4.4.80
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-08 17:46:21 +01:00
Alex Johnson
97b91cf5f2 Installed the MEGARAID_SAS driver as a kernel module to support the RAID controller in Packet.net type 2 servers
Fixes #1245

Signed-off-by: Alex Johnson <hello@alex-johnson.net>
2017-08-07 13:09:02 -07:00
Rolf Neugebauer
a1892cd8f1 kernel: Convert kernel build to a multi-arch image
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-08-03 17:36:22 +01:00
Rolf Neugebauer
0714aa7380 kernel: Remove 4.11.x
It has been EOLed today and won't receive any further updates.

The images are still on hub so can be continued to be used
for the time being.

4.12 support is coming soon.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-28 20:14:01 +01:00
Rolf Neugebauer
57659aa5dd kernel: Update to 4.9.40/4.4.79
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-28 19:25:55 +01:00
Dave Freitag
9152d065b6 Add NFS Debug Modules
- Adding NFS debug modules to kernel_config.debug
- Also updating some dead links in the kernels.md doc file

Signed-off-by: Dave Freitag <dcfreita@us.ibm.com>
2017-07-28 10:48:10 -05:00
Jason A. Donenfeld
5b875bd1d4 wireguard: version bump
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-07-26 04:01:29 +02:00
Rolf Neugebauer
4e4594cb2e kernel: Update to 4.11.12/4.9.39/4.4.78
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-24 10:53:45 +01:00
Jason A. Donenfeld
e24cc5c77f wireguard: add into default kernel
This integrates the WireGuard module directly into the kernel build
system.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2017-07-20 16:51:18 +02:00
Rolf Neugebauer
90d1866bdc Merge pull request #2234 from deitch/kernel-tpm-modules
[WIP] Add TPM module builder options to kernel
2017-07-18 09:59:47 +01:00
Avi Deitcher
19ce7e18a2 Add TPM module builder options to kernel
Signed-off-by: Avi Deitcher <avi@deitcher.net>
2017-07-18 11:01:40 +03:00
Rolf Neugebauer
e1bc6e4c55 kernel: Update to 4.11.11/4.9.38/4.4.77
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-17 11:02:12 +01:00
Rolf Neugebauer
759e5a8a51 kernel: Update to 4.11.10/4.9.37
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-17 10:54:49 +01:00
Rolf Neugebauer
98615f43e7 kernel: Add 4.11 kernel config options for LCOW
This is a semi-educated guess of which kernel config options
may be needed to run LCOW based on the config file posted here:
2e5c2fac44/kernelconfig/4.11/kconfig_for_4_11

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-12 18:16:42 +01:00
Rolf Neugebauer
ed18d81191 kernel: Enable more hardware drivers and KVM
- Enables module for some common 10/40G NICs
  from Broadcom, Intel, and Mellanox
- Enable KVM and related modules

These are targeted to support more bare metal
configuration with LinuxKit.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-12 18:16:42 +01:00
Rolf Neugebauer
11e06d3d63 kernel: Update 4.11.x patches
Incorporate the update for the Hyper-V socket patches from
https://github.com/dcui/linux/commits/decui/hv_sock/v4.11/20170511-debug-0628-with-signed-off-by-of-dexuan-fixed
as well as the additional pLCOW requires patches from
2e5c2fac44

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-12 18:16:41 +01:00
Rolf Neugebauer
c1e48c37ac Merge pull request #2190 from arm64b/kernel-Makefile-config
ARM64: Add kernel config file for aarch64
2017-07-12 18:12:51 +01:00
Dennis Chen
fb8eb41623 ARM64: Add kernel config file for aarch64
Add the kernel configuration file of arm64.

Signed-off-by: Dennis Chen <dennis.chen@arm.com>
2017-07-12 09:10:17 +00:00
Justin Cormack
4b3fc038b7 Merge pull request #2188 from justincormack/never-metadata-i-didnt-like
Add labels for repo and commit to packages
2017-07-11 18:22:15 +01:00
Justin Cormack
ed38adbc90 Add labels for repo and commit to packages
- use image spec metadata https://github.com/opencontainers/image-spec/blob/master/annotations.md
- omit commit if dirty

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
2017-07-11 14:33:59 +01:00
Dennis Chen
e0a8a1d4df ARM64: Adapt the kernel Dockerfile to multiarch support
The original kernel Dockerfile hardcodes the amd64 as the
only arch supported, this patch removes this kind of hardcode
and make the Dockerfile is ready to support both amd64 and
arm64 by using the runtime arch type.

Signed-off-by: Dennis Chen <dennis.chen@arm.com>
2017-07-11 12:39:27 +00:00
Rolf Neugebauer
aa9b718d8a kernel: Update to 4.11.9/4.9.36/4.4.76
Added a new patch to the 4.11 and 4.9 kernels based on a patch
submitted to stable: https://patchwork.kernel.org/patch/9829039/

This patch fixes a off-by-one error in the VMBus code.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-07 18:41:33 +01:00
Ian Campbell
fe918f8a31 pkg: Run git update-index --refresh before git diff-index.
Otherwise files which have an updated timestamp but no actual changes are
marked as changes because `git diff-index` only uses the `lstat` result and not
the actual file contents. Running `git update-index --refresh` updates the
cache.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-07-03 10:27:31 +01:00
Ian Campbell
c9b5cbf89b kernel: Calculate HASH and DIRTY in the same way as pkg/package.mk
The definition of `$(TAG)` differs from pkg/package.mk and is only the
HASH+DIRTY since the full tag is defined by the kernel macro and varies for
each kernel.

Also `show-tag` is `show-tags` here due to the multiple builds. Individual
`show-tag_FOO` rules are provided similar to the `build_FOO` rules.

Signed-off-by: Ian Campbell <ian.campbell@docker.com>
2017-07-03 10:27:31 +01:00
Rolf Neugebauer
699a864302 pkg: Update to new Alpine base
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-07-01 18:11:45 +01:00
Rolf Neugebauer
8cee2cd68b kernel: Update to 4.11.8/4.9.35/4.4.75
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-06-30 18:23:29 +01:00
Rolf Neugebauer
40ea10065c kernel: Tweak kernel build
- Combine 'sign' and 'push' targets like it is done for
  package builds.
- Append '-dirty' to the tag if the repository is dirty.
- Don't push to hub if the repository is dirty.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-06-27 17:43:57 +01:00
Rolf Neugebauer
c12eafeeb2 kernel: Update to 4.11.7/4.9.34/4.4.74
In particular this contains 1be7107fbe18eed3e319 ("mm: larger stack
guard gap, between vmas") which is a fix for CVE-2017-1000364.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
2017-06-27 10:39:23 +01:00