github/linuxkit
1
0
Fork 0
mirror of https://github.com/linuxkit/linuxkit.git synced 2025-08-01 23:17:49 +00:00
Code Issues Projects Releases Wiki Activity
5,810 Commits 1 Branch 27 Tags 240 MiB
v0.3
Commit Graph

73 Commits

Author SHA1 Message Date
Rolf Neugebauer
a5a685750d kernel: Update to 4.15.15/4.14.32/4.9.92/4.4.126 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
 2018-04-01 17:52:14 +01:00
Rolf Neugebauer
462961d5c9 kernel: Update to 4.15.14/4.14.31/4.9.91/4.4.125 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
 2018-03-30 13:29:03 +01:00
Rolf Neugebauer
7f12cb577a kernel: Update to 4.15.13/4.14.30/4.9.90/4.4.124 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
 2018-03-30 12:19:02 +01:00
Rolf Neugebauer
208811355a kernel: Update to 4.15.12/4.14.29/4.9.89/4.4.123 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@gmail.com>
 2018-03-22 19:55:57 +00:00
Rolf Neugebauer
45b613e668 kernel: Update to 4.15.11/4.14.28/4.9.88/4.4.122 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-20 12:05:27 +00:00
Rolf Neugebauer
659f877da6 kernel: Update to 4.15.9/4.14.26/4.9.87/4.4.121 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-12 17:00:06 +00:00
Rolf Neugebauer
ae30674227 kernel: Update to 4.14.24/4.9.86/4.4.120 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-03-09 12:39:11 +00:00
Rolf Neugebauer
fcba3e2350 kernel: Update to 4.15.7/4.4.23/4.9.85/4.4.119 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-28 11:02:15 +00:00
Rolf Neugebauer
75ac2563f5 kernel: Update to 4.15.6/4.14.22/4.9.84/4.4.118 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-26 12:16:51 +00:00
Rolf Neugebauer
5c68ca489d kernel: Update to 4.15.5/4.14.21/4.9.83/4.4.117 
Also remove the 4.4 patch which should have been removed by
231cead2cc ("kernel: Update to 4.15.4/4.14.20/4.9.82/4.4.116")

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-23 18:06:18 +00:00
Rolf Neugebauer
231cead2cc kernel: Update to 4.15.4/4.14.20/4.9.82/4.4.116 
The 4.14.20 update has Meltdown/Spectre fixes for arm64

The 4.4.116 update incorporates the proper fix for the
div by zero crash in the firmware loader, so the patch
with the hackish workaround was dropped.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-19 14:06:11 +00:00
Rolf Neugebauer
43ba6de147 kernel: Update to 4.15.3/4.14.19/4.9.81 
Drop the hack for the microcode division by 0 on GCP as
a proper fix is in upstream as:
2760f452a718 ("x86/microcode: Do the family check first")

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-13 17:22:23 +00:00
Rolf Neugebauer
ee0f182014 kernel: Update to 4.15.1/4.14.17/4.9.80/4.4.115 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-06 18:06:25 +00:00
Rolf Neugebauer
e4c4737548 kernel: Add patch to prevent division by zero panic 
This adds a patch to avoid a division by zero panic for 4.4.x
and 4.9.x kernels on single vCPU machine types on Google Cloud.

4.14.x and 4.15.x kernels seem to work fine.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-06 13:23:40 +00:00
Rolf Neugebauer
a6a5f69c8d kernel: Update to 4.14.16/4.9.79/4.4.114 
The 4.14 and 4.9 kernels have a significant number of
fixes to eBPF and also a fix for kernel level sockets
and namespace removals, ie fixes some aspects of
https://github.com/moby/moby/issues/5618
"unregister_netdevice: waiting for lo to become free"

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-02-06 13:23:40 +00:00
Rolf Neugebauer
5de66f4fd9 kernel: Update to 4.14.15/4.9.78/4.4.113 
While at it, also update to latest alpine base

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-24 11:56:34 +00:00
Rolf Neugebauer
bfceb1dfbb kernel: Update to 4.14.14/4.9.77/4.4.112 
The 4.4.14 has a number of important fixes/additions:
- New support for retpolines (enabled but requires newer gcc
  to take advantage of). This provides mitigation for Spectre
  style attacks.
- Various KPTI fixes including fixes for EFI booting
- More eBPF fixes around out-of-bounds and overflow of
  maps. These were used for variant 1 of CVE-2017-5753.
- Several KVM related to CVE-2017-5753, CVE-2017-5715,
  CVE-2017-17741.
- New sysfs interface listing vulnerabilities:
  /sys/devices/system/cpu/vulnerabilities

The 4.9.77 kernel also has seems to have most/all of the above
back-ported.

See https://lwn.net/SubscriberLink/744287/1fc3c18173f732e7/
for more details on the Spectre mitigation.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-17 14:31:54 +00:00
Rolf Neugebauer
9a101d1136 kernel: Update to 4.14.13/4.9.76/4.4.111 
This looks like there are a couple of minor fixes to the
recent KPTI changes but nothing major...

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-10 11:12:27 +00:00
Rolf Neugebauer
d86d43fe40 kernel: Update to 4.14.12/4.9.75/4.4.110 
4.9.75 and 4.4.10 now have KPTI backported as well

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-06 10:00:13 +00:00
Rolf Neugebauer
7abc1df0ad kernel: Update to 4.14.11/4.9.74/4.4.109 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2018-01-03 11:03:52 +00:00
Rolf Neugebauer
37291f5967 kernel: Update to 4.14.10/4.9.73 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-30 16:11:10 +00:00
Rolf Neugebauer
dfb1982c65 kernel: Update to 4.14.9/4.9.72/4.4.108 
This contains the fixes to the eBPF verifier which allowed
privilege escalation in 4.9 and 4.14 kernels.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-28 16:43:14 +00:00
Rolf Neugebauer
e140ab4acc kernel: Update to 4.14.8/4.9.71/4.4.107 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-28 14:48:20 +00:00
Rolf Neugebauer
467c1af0e2 kernel: Update to 4.14.7/4.9.70/4.4.106 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-18 16:59:21 +00:00
Rolf Neugebauer
1cf58d95b1 kernel: Update to 4.14.6/4.9.69 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-14 11:21:07 +00:00
Rolf Neugebauer
6a15459665 kernel: Update to 4.14.5/4.9.68/4.4.105 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-11 11:24:38 +00:00
Rolf Neugebauer
53127d7209 kernel: Update to 4.14.4/4.9.67/4.4.104 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-06 10:11:50 +00:00
Rolf Neugebauer
3ed38c59f4 kernel: Update to 4.14.3/4.9.66/4.4.103 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-12-01 15:28:09 +00:00
Rolf Neugebauer
43b2caf69e kernel: Update to 4.4.102/4.9.65/4.13.16/4.14.2 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-11-24 13:55:21 +00:00
Rolf Neugebauer
6ede240737 kernel: Update to 4.14.1/4.13.15/4.9.64/4.4.100 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-11-21 17:05:35 +00:00
Rolf Neugebauer
f5e970b7fb kernel: Update to 4.13.14/4.9.63/4.4.99 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-11-21 15:54:15 +00:00
Rolf Neugebauer
98025f4649 kernel: Update to 4.13.13/4.9.62/4.4.98 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-11-16 17:35:43 +00:00
Rolf Neugebauer
7a67aaf7db kernel: Update to 4.13.12/4.9.61/4.4.97 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-11-10 13:29:34 +00:00
Rolf Neugebauer
1ea69cbcf3 kernel: Update to 4.13.11/4.9.60/4.4.96 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-11-03 15:11:06 +00:00
Rolf Neugebauer
17e5b55d17 kernel: Update to 4.13.10/4.9.59/4.4.95 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-10-28 17:46:23 +01:00
Rolf Neugebauer
89af138f18 kernel: Update to 4.13.9/4.9.58/4.4.94 
Note: There were more conflicts in applying the
vmbus patches to 4.13. For now I've just skipped the
conflicting patches so the end-result may be that
Hyper-V sockets on 4.13 may break (if they were not
already broken by the update to 4.13.6).

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-10-22 19:49:15 +01:00
Rolf Neugebauer
12b8d9d6bd kernel: Update to 4.13.8/4.9.57/4.4.93 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-10-22 19:49:15 +01:00
Rolf Neugebauer
571dba104d kernel: Update to 4.13.6/4.9.56/4.4.92 
NOTE: Some of the 4.13.x VMBus patches did not apply cleanly and they
were dropped for now. This may break LCOW and other Windows support.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-10-20 20:22:03 +01:00
Rolf Neugebauer
5609cdeae7 kernel: Update to 4.9.55 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-10-20 20:22:03 +01:00
Rolf Neugebauer
38c37276a2 kernel: Update to 4.9.54/4.4.91 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-10-11 13:12:49 +01:00
Rolf Neugebauer
06b09fb6a8 kernel: Update kernel to 4.13.5/4.9.53/4.4.90 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-10-05 12:01:12 +01:00
Rolf Neugebauer
35fde3ec7d kernel: Update to 4.9.52/4.4.89 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-09-28 15:44:04 +01:00
Rolf Neugebauer
bd4723d1aa kernel: Update kernels to 4.12.14/4.9.51 
While at it might as well update the alpine base...

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-09-20 12:13:26 +01:00
Rolf Neugebauer
59782d502e kernel: Update to 4.12.13/4.9.50/4.4.88 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-09-14 17:19:43 +01:00
Rolf Neugebauer
7bc93a6c46 kernel: Update to 4,9.49/4.12.12 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-09-12 11:23:41 +01:00
Rolf Neugebauer
5427147e3b kernel: Update to 4.12.11/4.9.48/4.4.87 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-09-08 14:44:44 +01:00
Rolf Neugebauer
8be4a2b2c4 kernel: Update to 4.9.47/4.4.86 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-09-04 17:58:16 +01:00
Rolf Neugebauer
3fe863e8e6 kernel: Update kernels to 4.9.46/4.4.85 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-08-30 19:23:45 +01:00
Rolf Neugebauer
279d3f05bd kernel: Update to 4.4.84/4.9.45/4.12.9 
Note, on x86_64 for 4.12.9 a new kernel option,
HARDLOCKUP_CHECK_TIMESTAMP was added which defaults to enabled. It enables
a low pass filter to compensate for perf based hard lockup detection.

Added this option to the x86_64 4.12.x kernel confog file.

Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-08-30 19:23:45 +01:00
Rolf Neugebauer
5898bc9f0d kernel: Update to 4.9.44/4.4.83 
Signed-off-by: Rolf Neugebauer <rolf.neugebauer@docker.com>
 2017-08-18 18:08:32 +01:00