On older Windows builds (e.g. 10586) the 4.9.x TimeSync integration
service spams the logs with multiple messages a second of the form:
hv_utils: Using TimeSync version 4.0
It seems that a new protocol version was introduced with newer
Windows 10 builds but the kernel patches don't negotiate the
protocol version based on what the host supports, but instead
simply use the Windows version of the host.
Added two new patches:
- the first one is a cherry-pick from upstream which fixes some
of the TimeSync protocol negotiation, but does not fix the issue.
- the second one forces the TimeSync protocol to version 3.0 even on
Windows 10 hosts.
Patches based on: https://github.com/rneugeba/linux-stable/tree/v4.9.2-moby
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
- use jq to fix up the output where there are still issues
- some issues will need fixing up in future too
- can remove fixes later
- still plan to restructure the code around containers to make it easier and clearer
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Missed these before, noticed while making a new one.
Also a copy paste error left one shasum incorrect.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
- remove patch now https://github.com/iovisor/bcc/pull/887 is merged
- move the patches to the base image as it makes more sense like this
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Where the suggestions came from is not that useful, just have a
single file for the main ones and then distro specific versions.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Some/most of the samples/tools throw and error, e.g.:
LLVM ERROR: Cannot select: 0x56049b79dcb0: ch,glue = BPFISD::CALL 0x56049a93ad60, TargetExternalSymbol:i64'__stack_chk_fail'
0x56049b391500: i64 = TargetExternalSymbol'__stack_chk_fail'
In function: waker
bcc-stack-protector.patch adds -fno-stack-protector to the CFLAGS
which fixes this error.
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
This is a temporary workaround for https://github.com/docker/docker/issues/29950
which has broken caching and therefore is very annoying for development, but we
don't really need to set it, so it can stay...
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This has various security updates which do potentially affect
containerised application security see
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.1
estimated medium severity.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
A lot of the `iovisor/bcc` tools take a pid as a command line option and using
`--pid=host` allows you to use `$(pgrep foo)`
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
