linuxkit

mirror of https://github.com/linuxkit/linuxkit.git synced 2026-04-11 19:59:15 +00:00

Files

Justin Cormack 2b92b100ea Add Yama LSM

Default config is restricted ptrace, processes can only ptrace
related processes, such as child processes, rather than any process
with the same uid.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>

2016-12-14 17:04:36 -08:00

patches

kernel: update/fix patches for 4.8.10

2016-11-21 21:37:05 +00:00

.gitignore

Simplify kernel output and main Dockerfile

2016-09-12 16:02:07 +01:00

Dockerfile

Update to Linux 4.8.12

2016-12-02 14:12:06 +00:00

kernel_config

Add Yama LSM

2016-12-14 17:04:36 -08:00

kernel_config.debug

Update kernel config

2016-11-08 16:12:29 +00:00

Makefile

Keep vmlinux in build media for kernel debugging

2016-11-07 14:45:37 +00:00

README.md

doc: add a note on building debug kernels

2016-10-11 18:16:06 +01:00

README.md

Temporary non modular kernel config for pinata alpha

TODO: build with Alpine and/or use Alpine kernels - needs some patches.

The build is mostly silent. To view the output use docker log -f <containerid>. The build creates multiple containers, so multiple invocations may be necessary. To view the full build output one may also invoke docker build . and then copy the build artefacts from the image afterwards.

To build with various debug options enabled, build the kernel with make DEBUG=1. The options enabled are listed in kernel_config.debug. This allocates a significant amount of memory on boot and you may need to adjust the kernel config on some systems. Specifically:

--- a/alpine/kernel/kernel_config
+++ b/alpine/kernel/kernel_config
@@ -415,8 +415,8 @@ CONFIG_DMI=y
 # CONFIG_CALGARY_IOMMU is not set
 CONFIG_SWIOTLB=y
 CONFIG_IOMMU_HELPER=y
-CONFIG_MAXSMP=y
-CONFIG_NR_CPUS=8192
+CONFIG_MAXSMP=n
+CONFIG_NR_CPUS=8
 # CONFIG_SCHED_SMT is not set
 CONFIG_SCHED_MC=y
 # CONFIG_PREEMPT_NONE is not set