github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-08-08 10:07:35 +00:00
Code Issues Projects Releases Wiki Activity
7,178 Commits 1 Branch 27 Tags 240 MiB
724c807b49
Commit Graph

7178 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Justin Cormack
25cfac5463
Default bind mounts to rshared not rprivate if not specified 
It is quite confusing that from the host or another container that
binds `/containers` you cannot see the bind mounts, you have to enter
the container namespace. I think `rshared` is a better default. You
can always be explicit and add `private` if you want a private bind mount.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2018-03-26 13:54:49 -07:00
Rolf Neugebauer
66c60d5cf9 Update YAMLs to the latest hashes 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
 2018-03-24 12:57:31 +00:00
Rolf Neugebauer
998eaa7dad pkg: Fix cgo CFLAGS for rngd 
Go commit https://github.com/golang/go/issues/23672 introduced a
whitelist ofr flags passed into gcc to prevent arbitrary code
execution (CVE-2018-6574). The x86 rngd code uses two CFLAGS
not on the whitelist. Add them to 'CGO_CFLAGS_ALLOW'.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
 2018-03-24 09:23:15 +00:00
Rolf Neugebauer
7459bd1546 pkg: Disable cadvisor for s390x 
I get a build error:

patching file build/build.sh
>> building assets
>> building binaries
>> building cadvisor
vendor/github.com/klauspost/crc32/crc32.go:157:10: undefined: updateCastagnoli
vendor/github.com/klauspost/crc32/crc32.go:159:10: undefined: updateIEEE
vendor/github.com/klauspost/crc32/crc32.go:182:48: undefined: updateIEEE
make: *** [Makefile:40: build] Error 2

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
 2018-03-23 21:00:37 +00:00
Rolf Neugebauer
68fb6d0951 pkg: Update kernel used for the firmware package 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
 2018-03-23 20:54:42 +00:00
Rolf Neugebauer
eb9e6cda93 pkg: Update to latest alpine base 
This should enable s390x support for all package

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
 2018-03-23 20:20:13 +00:00
Rolf Neugebauer
a841354388 build: Update to latest rtf 
This picks up the powershell support. Not terribly relevant here.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
 2018-03-23 20:16:59 +00:00
Rolf Neugebauer
0840aff18e cmd: Update moby/tool to latest 
This picks up the updated mkimage tools

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
 2018-03-23 20:15:32 +00:00
Rolf Neugebauer
1936a22de2
Merge pull request #2966 from rn/kernel-up 
Kernel update to 4.15.12/4.14.29/4.9.89/4.4.123 + Hyper-V SCSI fixes
 2018-03-23 10:51:08 +00:00
Rolf Neugebauer
0aab05d777 Update YAMLs to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
 2018-03-22 22:25:37 +00:00
Rolf Neugebauer
80f5f228e0 kernel: Cherry-pick two Hyper-V SCSI driver patche 
These fix some issues around hot-unplugging devices which may be the cause
of some LCOW issues we are seeing.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
 2018-03-22 20:00:20 +00:00
Rolf Neugebauer
208811355a kernel: Update to 4.15.12/4.14.29/4.9.89/4.4.123 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
 2018-03-22 19:55:57 +00:00
Ian Campbell
2dd0c9f63d
Merge pull request #2965 from rn/kern-up 
Kernel update to 4.15.11/4.14.28/4.9.88/4.4.122
 2018-03-20 15:00:21 +00:00
Rolf Neugebauer
e85da365aa Update YAMLs to the latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-20 13:48:48 +00:00
Rolf Neugebauer
45b613e668 kernel: Update to 4.15.11/4.14.28/4.9.88/4.4.122 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-20 12:05:27 +00:00
Justin Cormack
749585dd13
Merge pull request #208 from rn/up 
Update mkimage packages
 2018-03-19 21:23:35 -07:00
Rolf Neugebauer
efeb0ac185 Update mkimage packages 
They have been update in linuxkit/linuxkit in prep for
s390x support.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-16 09:53:35 +00:00
Rolf Neugebauer
9508c90eb1
Merge pull request #2963 from rn/kups 
Enable CEPH, Update CPU ucode, update kernels 4.15.10/4.14.27/4.14.24-rt
 2018-03-15 15:55:14 +00:00
Rolf Neugebauer
61a9d72c76 Update YAMLs to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-15 14:16:43 +00:00
Rolf Neugebauer
513e368880 kernel: Enable CEPH, DRBD, and RBD 
All enabled as modules

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-15 13:50:18 +00:00
Rolf Neugebauer
1ff6f2eea5 kernel: Update Intel CPU firmware to 20180312 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-15 13:50:18 +00:00
Rolf Neugebauer
627e982b79 kernel: Update rt kernel to 4.14.24 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-15 11:22:11 +00:00
Rolf Neugebauer
28f1ae2e77 kernel: Update to 4.15.10/4.14.27 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-15 11:22:11 +00:00
Rolf Neugebauer
9a5727f5e4 kernel: Update to latest alpine base image 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-15 11:22:11 +00:00
Rolf Neugebauer
bc35b3c1c9 scripts: Rename the script to rename the rt patches 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-15 11:22:10 +00:00
Rolf Neugebauer
0c8022c173
Merge pull request #2962 from functor/master 
A minor docs correction in 'Building and using custom kernels' section.
 2018-03-15 00:07:21 +00:00
functor
0eeda63943 The name of the file with additional kernel options must include 
the kernel series name. Otherwise the script in kernel/Dockerfile
will not apply it. So the example file name should be
`config-4.9.x-x86_64-foo` instead of `config-foo`.

Signed-off-by: functor <meehow@gmail.com>
 2018-03-14 18:30:23 -04:00
Rolf Neugebauer
037d82caa1
Merge pull request #2959 from rn/tool-up 
Update tools for s390x
 2018-03-13 18:17:04 +00:00
Rolf Neugebauer
591c38aea3 build: Update go-compile package to the latest 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-13 16:29:21 +00:00
Rolf Neugebauer
a8d3ef2ca1 tools: Clarify the supported architectures 
Most of the tools packages are not usable on s390x so
explicitly list them.

Also removed arm64 from mkimage-gcp as GCP does not
support arm machines and fixed a  minor inconsistency
the way the architecture was specified in mkimage-raw-bios.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-13 16:27:30 +00:00
Rolf Neugebauer
61727d3b50 tools: Update to the latest alpine base image 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-13 14:39:57 +00:00
Rolf Neugebauer
6ac582b6d3 tools/alpine: Update to latest 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-13 11:56:29 +00:00
Justin Cormack
692067d58d
Merge pull request #2958 from rn/kern-up 
Enable IMA and multiple kernel updates
 2018-03-12 21:34:49 +00:00
Rolf Neugebauer
fa21e15e66 Update YAMLs to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
 2018-03-12 20:06:32 +00:00
Rolf Neugebauer
659f877da6 kernel: Update to 4.15.9/4.14.26/4.9.87/4.4.121 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-12 17:00:06 +00:00
Rolf Neugebauer
c573eee0ff kernel: Update kernels to 4.14.25/4.15.26 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-12 15:30:51 +00:00
Rolf Neugebauer
48251e8bcf kernel: Enable IMA for 4.14.x and 4.15.x 
Enable the Integrity Measurement Architecture (IMA) for 4.14.x
and 4.15.x kernels. This pretty much uses the defaults except we
also enable INTEGRITY_ASYMMETRIC_KEYS and IMA_READ_POLICY. The
latter may be useful for debugging.

For s390x we also needed to enable TPM support.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-12 15:26:23 +00:00
Justin Cormack
ed49ca3aa0
Merge pull request #207 from nogoegst/fix-dup-string-readme 
Reword the README to remove repeating statements
 2018-03-12 14:17:34 +00:00
Ivan Markin
47986c53e9 Reword the README to remove repeating statements 
Signed-off-by: Ivan Markin <sw@nogoegst.net>
 2018-03-11 20:28:52 +00:00
Justin Cormack
b218449d73
Merge pull request #2957 from kojustin/fix.typo 
Non-existent target check is marked phony
 2018-03-09 18:18:11 +00:00
Justin Ko
2eefd62710 Non-existent target check is marked phony 
The non-existent target "check" is marked phony.

Signed-off-by: Justin Ko <oknitsuj@gmail.com>
 2018-03-09 09:13:59 -08:00
Rolf Neugebauer
5e0b1b22c4
Merge pull request #2955 from rn/kern 
Tidy kernel build, tweak s390 config, and update kernels
 2018-03-09 15:48:07 +01:00
Rolf Neugebauer
9de11f95db Update YAML files to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-09 13:32:14 +00:00
Rolf Neugebauer
ae30674227 kernel: Update to 4.14.24/4.9.86/4.4.120 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-09 12:39:11 +00:00
Rolf Neugebauer
eee71f46e0 kernel: Adjust s390x kernel config 
- Disable all network device driver apart from Mellanox, which
  is the only support NIC on s390x
- Disable Fusion MPT
- Disable DAX/NVMEM/NVME
- Disable USB

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-09 12:39:11 +00:00
Rolf Neugebauer
35c6e782e3 kernel: Make it clearer which kernels are compiled per arch 
While this now has some duplication, it is clearer as to which
kernels are compiled for each architecture.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-09 11:35:58 +00:00
Rolf Neugebauer
018fb4e6f4
Merge pull request #2953 from deitch/package-docs 
Add CI info and dependency to packages doc
 2018-03-09 00:23:05 +01:00
Rolf Neugebauer
a6428c7dee
Merge pull request #2952 from kojustin/serve 
Subcommand serve should parse flags.
 2018-03-08 11:21:53 +01:00
Avi Deitcher
c9169cbc70 Add CI info and dependency to packages doc 
Signed-off-by: Avi Deitcher <avi@deitcher.net>
 2018-03-08 08:33:26 +02:00
Justin Ko
df660d35c7 Subcommand serve should parse flags. 
Signed-off-by: Justin Ko <justin.ko@oracle.com>
 2018-03-07 14:59:14 -08:00