github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-19 09:16:29 +00:00
Code Issues Projects Releases Wiki Activity
5,609 Commits 1 Branch 27 Tags 240 MiB
acfca26038
Commit Graph

5609 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rolf Neugebauer
acfca26038 kernel: Update to 4.15.2/4.14.18 
These kernels have significant changes/addition for Spectre
mitigation as well as the usual other set of fixes.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-08 11:50:17 +00:00
Rolf Neugebauer
d0d7738efa kernel: Tighten patching of the kernel 
- Disable any fuzzing. Patches should apply cleanly
- Assume unified diffs

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-08 11:50:17 +00:00
Rolf Neugebauer
95f1fdd262
Merge pull request #2907 from justincormack/authorsup 
Update Authors
 2018-02-07 14:06:11 +00:00
Rolf Neugebauer
42f4106168
Merge pull request #2905 from rn/kup 
Update kernels to 4.15.1/14.14.17/4.9.80/4.4.115
 2018-02-07 13:09:19 +00:00
Justin Cormack
ff000dde07 Update Authors 
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2018-02-07 11:51:46 +00:00
Rolf Neugebauer
3b4d7c1f4f
Merge pull request #2904 from ijc/containerd-1.0.2-rc.1 
Bump to Containerd v1.0.2-rc.1
 2018-02-07 11:39:26 +00:00
Ian Campbell
72de57138b Bump yml to pickup containerd v1.0.2-rc.1 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2018-02-07 10:13:52 +00:00
Ian Campbell
3157ff9976 Bump packages to new alpine w/ containerd v1.0.2-rc.1 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2018-02-07 09:50:19 +00:00
Ian Campbell
39722f0982 alpine: Bump to containerd v1.0.2-rc.1 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2018-02-07 09:49:23 +00:00
Rolf Neugebauer
700ef35c8c test: Update trust setting for remaining test YAMLs 
The YAMLs in ./test/hack enumerated the images to pull with
content trust. All images in the 'linuxkit' org should
now have trust enabled.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-06 18:44:23 +00:00
Rolf Neugebauer
c79607a8a4 Update YAMLs to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-06 18:44:23 +00:00
Rolf Neugebauer
334334cea9 kernel: Adjust 4.4 kernel config 
The CONFIG_BPF_JIT_ALWAYS_ON option has now been back-ported
to 4.4.115 as well. Enable it.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-06 18:43:34 +00:00
Rolf Neugebauer
ee0f182014 kernel: Update to 4.15.1/4.14.17/4.9.80/4.4.115 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-06 18:06:25 +00:00
Rolf Neugebauer
536555f7d2
Merge pull request #2900 from rn/kern-up 
Update kernels to 4.14.16/4.9.79/4.4.114 and add 4.15 kernels
 2018-02-06 16:08:10 +00:00
Rolf Neugebauer
a4907741af test: Add kerel tests for 4.15 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-06 13:23:40 +00:00
Rolf Neugebauer
f6bc92666a Update YAML files to latest kernels 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-06 13:23:40 +00:00
Rolf Neugebauer
9ccfe3cef7 kernel: Add the 4.15.x kernel series 
The kernel config was derived from the 4.14.x config being run
through make oldconfig

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-06 13:23:40 +00:00
Rolf Neugebauer
e4c4737548 kernel: Add patch to prevent division by zero panic 
This adds a patch to avoid a division by zero panic for 4.4.x
and 4.9.x kernels on single vCPU machine types on Google Cloud.

4.14.x and 4.15.x kernels seem to work fine.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-06 13:23:40 +00:00
Rolf Neugebauer
82f3f9ae9a kernel: Enable new BPF_JIT_ALWAYS_ON 
This option is not enabled by default, but disables the
BPF interpreter which can be used to inject speculative
execution into the kernel. Enabled it as it seems
like a good security measure.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-06 13:23:40 +00:00
Rolf Neugebauer
a6a5f69c8d kernel: Update to 4.14.16/4.9.79/4.4.114 
The 4.14 and 4.9 kernels have a significant number of
fixes to eBPF and also a fix for kernel level sockets
and namespace removals, ie fixes some aspects of
https://github.com/moby/moby/issues/5618
"unregister_netdevice: waiting for lo to become free"

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-06 13:23:40 +00:00
Rolf Neugebauer
46b20a2d0c
Merge pull request #2899 from rn/qemu 
Allow choice of qemu binary and acceleration
 2018-02-05 10:20:26 +00:00
Rolf Neugebauer
685501ce70
Merge pull request #2902 from zx2c4-forks/wireguard-bump 
wireguard: update to 0.0.20180202
 2018-02-03 17:08:52 +00:00
Avi Deitcher
1c1d159e5e
Merge pull request #2901 from rvs/master 
Make it possible to key the package tags off of top level tree hash
 2018-02-03 18:44:34 +02:00
Jason A. Donenfeld
fa77458231 wireguard: update to 0.0.20180202 
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
 2018-02-02 19:12:19 +01:00
Rolf Neugebauer
5d0e677397 cmd/qemu: Enable additional accelerators 
Upstream qemu supports accelerators other than kvm. Allow the user
to choose. On Linux we still default to 'lvm' if available. On
macOS we try the new 'hvf' accelerator, if available.

Disable acceleration if the host arch does not match requested
qemu arch.

Also change the LINUXKIT_QEMU_KVM env var to LINUXKIT_QEMU_ACCEL
and use the functions in utils.go for env var overrides.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-02 18:05:39 +00:00
Roman Shaposhnik
528e3e6850 Make it possible to key the package tags off of top level tree hash 
Closes #2887

Signed-off-by: Roman Shaposhnik <rvs@zededa.com>
 2018-02-02 04:05:16 -08:00
Rolf Neugebauer
c5b3d088b0 cmd: Add option to override the qemu binary to use 
It still defaults to whatever is in your PATH but it's
useful to override when experimenting with different
qemu builds.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-01 17:39:40 +00:00
Rolf Neugebauer
ca2e4f06a0
Merge pull request #2896 from pcfdev-forks/master 
Use microcode-20171117 in kernel build as microcode-20180108 is no longer available
 2018-01-31 13:18:55 +00:00
Ian Campbell
1091ae688d
Merge pull request #2898 from ijc/containerd-1.0.2-rc.0 
Bump to containerd v1.0.2-rc.0
 2018-01-31 10:52:13 +00:00
Ian Campbell
c47a70aece Bump yml to pickup containerd v1.0.2-rc.0 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2018-01-31 09:50:15 +00:00
Ian Campbell
46b0ab3d9b Bump runc to version from containerd v1.0.2-rc.0 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2018-01-31 09:43:25 +00:00
Ian Campbell
726f967f2d Bump packages to new alpine w/ containerd v1.0.2-rc.0 
Signed-off-by: Ian Campbell <ijc@docker.com>
 2018-01-31 09:41:49 +00:00
Ian Campbell
2e5f24a2c0 alpine: Bump to containerd v1.0.2-rc.0 
https://github.com/containerd/containerd/releases/tag/v1.0.2-rc.0

$ git log --oneline --no-merges v1.0.1..v1.0.2-rc.0
a67e9d27 release: prepare 1.0.2-rc.0
91c3b8bf content/testsuite: pass context to hold lease
c910b470 content/testsuite: ensure unique content per test
45e7aa52 Update copy to discard over truncate
d7a0e702 Add resume content test cases
5c21576e Fix duplicate directories entries on metadata change
af4455b3 vendor: update go-runc to reduce gc pressure
f042dc58 cmd/containerd-shim: aggressive memory reclamation
8cf32d34 cmd/containerd-shim, reaper: reduce channel allocation
367eddb4 archive, cio, cmd, linux: use buffer pools
852f989a Update runc to 9f9c96235cc97674e935002fc3d78361b69
a03fb1bd Fix NPE in dialer
d04746b4 Update metadata image store to be initialized once
5a67161d Update namespace empty check to use buckets

Signed-off-by: Ian Campbell <ijc@docker.com>
 2018-01-31 09:40:52 +00:00
Emily Casey
e0374afb54 Use microcode-20171117 in kernel build as microcode-20180108 is no longer available 
Signed-off-by: Emily Casey <ecasey@pivotal.io>
Signed-off-by: Steve Hiehn <shiehn@pivotal.io>
 2018-01-30 17:51:40 -05:00
Justin Cormack
a7620b7604
Merge pull request #2892 from justincormack/no-commit 
Do not print git commit if empty
 2018-01-29 10:08:33 +00:00
Justin Cormack
e98cc7a328 Do not print git commit if empty 
fix #2891

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
 2018-01-26 14:32:46 +00:00
Rolf Neugebauer
bbf39350fb
Merge pull request #2888 from rn/after-rel 
build: Bump linuxkit version to v0.2+
 2018-01-25 23:47:23 +00:00
Rolf Neugebauer
85a6052fed build: Bump linuxkit version to v0.2+ 
To avoid confusion with master builds

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-25 21:39:43 +00:00
Rolf Neugebauer
1c552f7a9d
Merge pull request #2885 from rn/release-part1 
v0.2 release
 2018-01-25 21:11:18 +00:00
Rolf Neugebauer
935f6b26af Bump version to v0.2 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-25 19:40:28 +00:00
Rolf Neugebauer
4e8d7cd67d cmd: Update moby/tool vendoring 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-25 19:40:28 +00:00
Rolf Neugebauer
c582907b19 tools: Fix guestfs invocation (vmdk and dynamic-vhd) 
Looks like bc791e60e7 ("Update docs and test cases to work with
latest format versions") accidentally replaced 'qcow2' with
'qcow2-bios' for two of the output formats. Fix it.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-25 19:40:27 +00:00
Rolf Neugebauer
dd73698b77 test: Update YAML with latest test packages 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-25 15:23:31 +00:00
Rolf Neugebauer
761ef35eb1 test: Update test packages to latest linuxkit/alpine 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-25 15:07:27 +00:00
Rolf Neugebauer
adf5914233 Update YAML files to use the v0.2 tag for all pacakges 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-25 15:05:11 +00:00
Rolf Neugebauer
1fadf13ec4 pkg: Allow specifying addition options to 'linuxkit' invocations 
This is useful for 'make OPTIONS="-release=v0.1" push'

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-25 13:50:28 +00:00
Rolf Neugebauer
7cf2c5abf7 pkg: Update all packages to the latest linuxkit/alpine 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-25 13:42:33 +00:00
Rolf Neugebauer
bd6264458a cmd: Update linuxkit/qemu to the latest version 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-25 13:33:11 +00:00
Rolf Neugebauer
b0163e3138 build: Update linuxkit/go-compile to latest version 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-25 13:31:19 +00:00
Rolf Neugebauer
a2b3b4fb73 tools: Update linuxkit/guestfs 
This part reverts f7c50156c5 ("tools: pull linuxkit/guestfs by digest
only (not digest+tag)") as pulling by tag now seems to work and we
have content trust enabled, so pulling by digest should not be necessary.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-25 13:07:23 +00:00