Commit graph

587 commits

Author SHA1 Message Date
Thomas Lamprecht
ff93581f3f rebase patches on top of Ubuntu-5.0.0-18.19
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-06-18 07:28:40 +02:00
Thomas Lamprecht
93ed037e39 update sources to Ubuntu-5.0.0-18.19
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-06-18 07:28:40 +02:00
Thomas Lamprecht
8caa9b27c3 build with ZFS 0.8.1
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-06-18 07:28:18 +02:00
Thomas Lamprecht
6ac09c547c revert KVM nested param back to off as default, for now
Else everyone booting the 5.0 based kernel will have nesting
activated by default[0], and this break live migration for all VMs
with CPU type host, even if they do not host KVM (nested) guests
themself and never made a VMX call, at least with newer QEMU versions
>= 3.1 [1]

While the kernel now may had good reasons to change the default to
true for this[0], i.e., it can now handle nested guest migrations in
a nice and sane way, the user space side of this in QEMU is not yet
ready, and may only become so with or even after 4.1.

After we have a working qemu which can also live migrate arbitrary
nested guest we may well enable this as default, but until then it
brings just pain but no advantage.

So let's protect people which did not manually enabled nesting for
a live-migration breakage. All those who enabled nesting manually
them self knew that it was still experimental and thus will have to
live with their decision and have a live migration breakage (for
those VMs with CPU type 'host')

[0]: https://git.kernel.org/torvalds/c/1e58e5e59148916fa43444a406335a990783fb78
[1]: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commitdiff;h=d98f26073bebddcd3da0ba1b86c3a34e840c0fb8

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-06-08 20:12:35 +02:00
Thomas Lamprecht
faed21722c update ABI file for 5.0.8-2-pve
(generated with debian/scripts/abi-generate)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-25 19:16:57 +02:00
Thomas Lamprecht
fdf82cf531 bump version to 5.0.1-2
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-25 18:54:06 +02:00
Thomas Lamprecht
b76c223cac followup: buildsys: fix initializing submodules and do so recursively
"${ZFSONLINUX_SUBMODULE}/upstream/README.markdown" does not exists
anymore, if it'd be ".../README.md", but actually lets just switch
over to a recursive initialization and be done with it..

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-25 18:17:55 +02:00
Stoiko Ivanov
3c4b3fd82f update ZFS on Linux to 0.8
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2019-05-24 14:59:47 +02:00
Stoiko Ivanov
1de1353133 adapt debian/rules to ZFS 0.8 structure
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2019-05-24 14:59:47 +02:00
Stoiko Ivanov
5fa6b6aee2 adapt global Makefile to ZFS 0.8 structure
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2019-05-24 14:59:47 +02:00
Thomas Lamprecht
2552aa9d09 buildsys: switch upload dist over to buster
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-22 16:27:40 +02:00
Thomas Lamprecht
2135c72329 remove gcc check completely, we have build dependencies for that
RETPOLINE is now for sure included, further as this is build through
buildpackage the build dependencies are checked

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-22 15:42:57 +02:00
Thomas Lamprecht
b8e09c3c69 support gcc 8.3 from buster
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-22 15:42:57 +02:00
Thomas Lamprecht
3f2c044fbf bump version to 5.0.8-1
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-22 15:42:57 +02:00
Thomas Lamprecht
a8f81bcf2b update fwlist-previous
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-22 15:42:57 +02:00
Thomas Lamprecht
d6d2efea0c replace obsoleted 'silentoldconfig' kernel make target with 'syncconfig'
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-22 15:42:57 +02:00
Thomas Lamprecht
d7b1c00b9d find-firmware: check for 5.0 versioned directory
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-22 15:42:57 +02:00
Thomas Lamprecht
1e51973430 use in tree igb and e1000 module for now
the current OOT are not compatible with 5.0 and we want to obsolete
them anyway sooner or later

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-22 15:42:57 +02:00
Thomas Lamprecht
ff71f8b949 update patches for 5.0.8
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-22 14:11:57 +02:00
Thomas Lamprecht
117c2cd60c move from ubuntu-bionic to ubuntu-disco submodule
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-22 13:52:55 +02:00
Thomas Lamprecht
a06fbd44c7 bump version to 4.15.18-40
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-21 20:43:47 +02:00
Thomas Lamprecht
91bc0e0e0c update sources to Ubuntu-4.15.0-51.55
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-21 17:21:44 +02:00
Thomas Lamprecht
afc295f5e9 bump version to 4.15.18-39
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-15 08:57:38 +02:00
Thomas Lamprecht
c98ed5b4e3 fail if kernel patches to not apply
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-15 08:56:10 +02:00
Thomas Lamprecht
a599f53da3 rebase patches on top of Ubuntu-4.15.0-50.54
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-15 08:55:36 +02:00
Thomas Lamprecht
6f58e3c81d update sources to Ubuntu-4.15.0-50.54
It mainly comes with some mitigation for MDS[1][3][4][5], for best
result a microupdate of the CPU is required, else the kernel falls
back to some "best effort mitigation", trying to clear the CPU
buffers on kernel/userspace, hypervisor/guest and C-state (idle)
transitions.

With this applied you will have a new file in sysfs to get the
mitigation state of the server regarding MDS:
 $ cat /sys/devices/system/cpu/vulnerabilities/mds

Microcode updates should come available in stretch with
3.20190514.1~deb9u1 [2] version currently only tagged[2], but not yet
released.

[1]: https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/mds.html#mitigation-strategy
[2]: https://salsa.debian.org/hmh/intel-microcode/commits/debian/3.20190514.1_deb9u1
[3]: https://mdsattacks.com/
[4]: https://cpu.fail/
[5]: https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-15 08:54:30 +02:00
Thomas Lamprecht
e560b66842 update ABI file for 4.15.18-14-pve
(generated with debian/scripts/abi-generate)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-30 14:07:31 +02:00
Thomas Lamprecht
8ba6ec4ad4 bump version to 4.15.18-38
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-30 13:52:32 +02:00
Thomas Lamprecht
075873666c update submodule to Ubuntu-4.15.0-49.53
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-30 13:52:32 +02:00
Thomas Lamprecht
81801c5658 update patches
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-30 12:10:08 +02:00
Thomas Lamprecht
8713734e79 fix #2008: kvm: x86: Add AMD's EX_CFG to the list of ignored MSRs
clean backport from kernel mainline commit
0e1b869fff60c81b510c2d00602d778f8f59dd9a  [0]

[0]: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0e1b869fff60c81b510c2d00602d778f8f59dd9a

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-16 17:48:59 +02:00
Thomas Lamprecht
1e7994545c update ABI file for 4.15.18-13-pve
(generated with debian/scripts/abi-generate)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-13 22:00:24 +02:00
Thomas Lamprecht
90eff7b943 bump version to 4.15.18-37
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-13 22:00:24 +02:00
Thomas Lamprecht
2b3306dee4 update ABI file for 4.15.18-12-pve
Late followup for commit 61f33dc8f2
bump version to 4.15.18-35
(generated with debian/scripts/abi-generate)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-13 21:59:02 +02:00
Thomas Lamprecht
a4ea6fb33c bump version to 4.15.18-36
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-11 13:06:49 +02:00
Thomas Lamprecht
2de599de08 rebase patches on top of Ubuntu-4.15.0-48.51
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-05 07:18:45 +02:00
Thomas Lamprecht
4cb71ccc3b update sources to Ubuntu-4.15.0-48.51
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-05 07:17:43 +02:00
Thomas Lamprecht
61f33dc8f2 bump version to 4.15.18-35
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-03-13 08:40:24 +01:00
Thomas Lamprecht
89d8eaee98 rebase patches on top of Ubuntu-4.15.0-47.50
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-03-13 07:25:59 +01:00
Thomas Lamprecht
c19df7fe61 update sources to Ubuntu-4.15.0-47.50
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-03-13 07:25:59 +01:00
Thomas Lamprecht
67bef33bd4 update zfsonlinux to 0.7.13
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-03-08 06:57:18 +01:00
Fabian Grünbichler
62307a081a ZFS/SPL: rework submodule and build
to follow changes made to our zfsonlinux repository.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2019-02-27 15:38:52 +01:00
Thomas Lamprecht
9bd09ca97a bump version to 4.15.18-34
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-02-25 15:31:07 +01:00
Thomas Lamprecht
4e6465dfa5 backport fixes for multiple KVM vulnerabilities
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-02-25 14:51:28 +01:00
Thomas Lamprecht
cf6ea5cf34 backport: net: crypto set sk to NULL when af_alg_release
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-02-21 14:39:03 +01:00
David Limbeck
c774433e2a add patch to fix ipset memory exhaustion
Add a patch from upstream until it is fixed in the Ubuntu 4.15 kernel.

Signed-off-by: David Limbeck <d.limbeck@proxmox.com>
2019-02-20 15:43:31 +01:00
Thomas Lamprecht
3ec7f4d1ea add *.prepared to .gitignore
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-02-06 11:43:29 +01:00
Thomas Lamprecht
7c03f8fe85 update ABI file for 4.15.18-11-pve
(generated with debian/scripts/abi-generate)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-02-06 11:43:04 +01:00
Thomas Lamprecht
c47b16cb68 bump version to 4.15.18-33
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-02-06 11:43:04 +01:00
Thomas Lamprecht
91b336e761 backport i40e fixes
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-02-06 11:42:55 +01:00