linuxkit

mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-19 09:16:29 +00:00

Author	SHA1	Message	Date
Rolf Neugebauer	57226034e6	kernel: Move KEYS_COMPAT Commit 31c8c4942820 ("security/keys: add CONFIG_KEYS_COMPAT to Kconfig") moved the KEYS_COMPAT config option to a different section. Adjust config file. Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2017-11-21 15:55:47 +00:00
Rolf Neugebauer	f5e970b7fb	kernel: Update to 4.13.14/4.9.63/4.4.99 Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2017-11-21 15:54:15 +00:00
Rolf Neugebauer	717829ea89	kernel: Don't build a debug kernel for 4.13 We already have too many kernels to build and 4.13 will be EOLed soon Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2017-11-21 15:53:34 +00:00
Rolf Neugebauer	f79c392ce3	kernel: Enable REFCOUNT_FULL on kernels supporting it REFCOUNT_FULL enables full reference count validation. There is a potential slow down but ti protects against certain use-after-free attacks. Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2017-11-21 14:02:33 +00:00
Rolf Neugebauer	66342d0646	kernel: Enable GCC_PLUGIN_RANDSTRUCT on kernels supporting it On 4.13 and 4.14 kernels GCC_PLUGIN_RANDSTRUCT can be use to randomise some kernel data structures such as structs with function pointers. We also select GCC_PLUGIN_RANDSTRUCT_PERFORMANCE which tries harder to restrict randomisation to cache-lines in order to reduce performance impact. Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2017-11-21 14:02:33 +00:00
Rolf Neugebauer	8d16426644	kernel: Enable GCC_PLUGIN_STRUCTLEAK on kernels supporting it The 4.13 and 4.14 kernels support GCC_PLUGIN_STRUCTLEAK, a GCC plugin to zero initialise any structures with the __user attribute to prevent information exposure. On 4.14 kernels also enable GCC_PLUGIN_STRUCTLEAK_BYREF_ALL which is an extension of the above Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2017-11-21 14:02:33 +00:00
Rolf Neugebauer	b0db43567e	kernel: Enable GCC_PLUGIN on kernels supporting it Subsequent commits will enable selected sub options. Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2017-11-21 14:02:33 +00:00
Rolf Neugebauer	2c1fdc7b47	kernel: Use latest linuxkit/alpine and install mpc1-dev/mpfr-dev The GCC_PLUGINS config options enabled in the next commits require mpc1-dev/mpfr-dev Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2017-11-21 14:02:33 +00:00
Rolf Neugebauer	eb9a5604a8	tools/alpine: Add mpc1-dev/mpfr-dev These are needed to enable GCC_PLUGINS for the Linux kernel build. Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2017-11-21 14:02:33 +00:00
Rolf Neugebauer	5995d9a10d	kernel: Fix Dockerfile.kbuild Patches were not applied and this fixes it as well as tidying up the error handling. Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2017-11-21 14:02:33 +00:00
Marco Mariani	e871cd693e	examples/cadvisor.yml Signed-off-by: Marco Mariani <marco.mariani@alterway.fr>	2017-11-21 13:49:19 +01:00
Marco Mariani	959b6dd96d	pkg/cadvisor Signed-off-by: Marco Mariani <marco.mariani@alterway.fr>	2017-11-21 13:46:42 +01:00
Rolf Neugebauer	3184572403	Merge pull request #2764 from riyazdf/signing-init-script signing: add init script and public certificate fixtures	2017-11-21 12:27:12 +00:00
Justin Cormack	83522d81fd	Merge pull request #2761 from justincormack/restore-build Restore linuxkit build	2017-11-21 10:21:39 +00:00
Robb Kistler	4f542ad46a	docs: replace `--data` with `-data` Signed-off-by: Robb Kistler <robb.kistler@docker.com>	2017-11-20 18:21:10 -08:00
Justin Cormack	b2a67710fa	Remove bits that build moby tool from Makefile Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2017-11-20 23:49:27 +00:00
Justin Cormack	934450c697	Update docs to only say install linuxkit tool. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2017-11-20 23:49:17 +00:00
Riyaz Faizullabhoy	057e59d0dc	signing: add init script and public certificate fixtures Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>	2017-11-20 15:06:28 -08:00
Rolf Neugebauer	ebe6fd8b4a	Merge pull request #2762 from ijc/handle-empty-metadata Handle empty metadata file better (by ignoring)	2017-11-20 22:12:38 +00:00
Rolf Neugebauer	e3606477b2	Merge pull request #2754 from Wolphin-project/node-exporter Node exporter	2017-11-20 22:10:39 +00:00
Justin Cormack	f8e352d375	Replace moby build with linuxkit build throughout Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2017-11-20 17:06:54 +00:00
Justin Cormack	ca0b1309b0	Update vendoring for moby/tool Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2017-11-20 17:06:47 +00:00
Ian Campbell	cef9d11f58	Only create metadata if file is non-zero sized The recent iso9660wrap vendoring bump means this does now work, but it seems pointless in this case so skip. Relates to https://github.com/linuxkit/kubernetes/issues/4 Signed-off-by: Ian Campbell <ijc@docker.com>	2017-11-20 15:26:51 +00:00
Ian Campbell	a5e5d42368	Move metadata ISO creation to common code This code was identical in the QEMU and HyperKit cases. Move it to util.go and wrap it in a function, with minimal changes for returning an error. Signed-off-by: Ian Campbell <ijc@docker.com>	2017-11-20 15:22:02 +00:00
Ian Campbell	db9a783821	Bump iso9660wrap to baf8d62ad315 Reduces the linuxkit binary by 12k by removing The Raven. Also allows zero sized files to be created, see https://github.com/linuxkit/kubernetes/issues/4 `4606f848a0...baf8d62ad3` Signed-off-by: Ian Campbell <ijc@docker.com>	2017-11-20 15:17:57 +00:00
Justin Cormack	eef8ab7757	Add linuxkit build, using vendored moby/tool as a library Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2017-11-20 14:48:48 +00:00
Justin Cormack	c928acf73e	Merge pull request #2757 from errordeveloper/patch-1 docs: Improve intro in packages.md	2017-11-20 14:48:33 +00:00
Ilya Dmitrichenko	490a4d4cd8	docs: Improve intro in packages.md Signed-off-by: Ilya Dmitrichenko <errordeveloper@gmail.com>	2017-11-20 13:05:12 +00:00
Justin Cormack	98ba4f3b02	Merge pull request #2759 from damdo/fix-some-reports-typos Fix some typos and no-break char in reports markd	2017-11-20 11:48:27 +00:00
Marco Mariani	7f2ed70b89	updated examples/node_exporter.yml (built from sources) Signed-off-by: Marco Mariani <marco.mariani@alterway.fr>	2017-11-20 12:13:26 +01:00
Marco Mariani	01d0a1835c	pkg/node_exporter from sources Signed-off-by: Marco Mariani <marco.mariani@alterway.fr>	2017-11-20 12:13:26 +01:00
Rolf Neugebauer	41a4c2df10	Merge pull request #2760 from zlim/patch-2 kernel: update README.md	2017-11-20 08:40:18 +00:00
zlim	8e5006f8f9	kernel: update README.md Update description to reflect link to ../doc/kernels.md. Signed-off-by: Zi Shen Lim <zlim.lnx@gmail.com>	2017-11-19 22:19:49 -08:00
Damiano Donati	6daa911fa6	Fix some typos and no-break char in reports markd Signed-off-by: Damiano Donati <damiano.donati@gmail.com>	2017-11-17 20:31:39 +01:00
Rolf Neugebauer	29f711be94	Merge pull request #2728 from arm64b/rm-content-trust-build-wr alpine: Remove the 'content trust build' workaround	2017-11-17 18:27:53 +00:00
Rolf Neugebauer	0a2db0ac83	Merge pull request #2758 from rn/no-lcow Remove LCOW	2017-11-17 17:23:34 +00:00
Justin Cormack	cad6527033	Merge pull request #2755 from justincormack/runtime-cgroups Add support for creating cgroups in runtime section	2017-11-17 17:01:27 +00:00
Justin Cormack	d3533febe7	Merge pull request #2756 from justincormack/no-logos Improve language detection	2017-11-17 16:26:15 +00:00
Justin Cormack	a7b5b0ae07	Merge pull request #2752 from ijc/remove-kubernetes Remove projects/kubernetes, moved to https://github.com/linuxkit/kubernetes	2017-11-17 16:14:35 +00:00
Rolf Neugebauer	32fca2954f	Remove LCOW It is now under https://github.com/linuxkit/lcow Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2017-11-17 15:55:19 +00:00
Justin Cormack	914fce3f9f	Improve language detection github is marking a lot of ekrnel config files as "logos" again. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2017-11-17 15:00:31 +00:00
Ian Campbell	a09e6a5c7b	Add pointers to the new kubernetes location Signed-off-by: Ian Campbell <ijc@docker.com>	2017-11-17 14:25:32 +00:00
Justin Cormack	9e65b8b4c3	Merge pull request #2751 from ijc/simplify-circle-artifacts Move CI build artifacts to top level	2017-11-17 14:23:39 +00:00
Justin Cormack	6cb919b489	Add support for creating cgroups in runtime section Implements https://github.com/moby/tool/pull/181 Design for things like Kubernetes setup that requires some cgroups to exist when the service starts but it is not running in these, other services are, so there would be a race if they are not created in each. Essentially it is just a sugared `mkdir` in all the cgroup dirs. Signed-off-by: Justin Cormack <justin.cormack@docker.com>	2017-11-17 14:12:41 +00:00
Ian Campbell	6539b78a72	Remove projects/kubernetes, moved to https://github.com/linuxkit/kubernetes Signed-off-by: Ian Campbell <ijc@docker.com>	2017-11-17 10:42:18 +00:00
Dennis Chen	258e4c37d2	alpine: Remove the 'content trust build' workaround Before the alpine base image is multi-arch and signed, the DOCKER_CONTENT_TRUST=1 doesn't work on AArch64 for 'docker build'. Now since the alpine base image is already multi-arch and signed, also we've used 'push_manifest.sh' to push and sign linuxkit/image, so we can remove this workaround. Signed-off-by: Dennis Chen <dennis.chen@arm.com>	2017-11-17 10:37:40 +00:00
Ian Campbell	05f6085868	Move CI build artifacts to top level Currently one has to click down through a sequence of nested directories in the web UI: ↓ Container 0 ↓ go/ ↓ src/ ↓ github.com/ ↓ linuxkit/ ↓ linuxkit/ ↓ bin/ «actual binaries» Which is super tedious. Signed-off-by: Ian Campbell <ijc@docker.com>	2017-11-17 10:33:31 +00:00
Rolf Neugebauer	b27c196719	Merge pull request #2750 from rn/mo-auth Update AUTHORS	2017-11-16 22:45:58 +00:00
Rolf Neugebauer	6c34e8e8b9	Merge pull request #2748 from rn/kern-up Update kernels to 4.13.13/4.9.62/4.4.98	2017-11-16 20:56:24 +00:00
Rolf Neugebauer	3195e8168e	Update AUTHORS more contributors! Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>	2017-11-16 20:47:33 +00:00

1 2 3 4 5 ...

5320 Commits