PVE linux kernel for ThunderX CPU
Find a file
Fabian Grünbichler 03f37cb2bb d/control: update build-depends
with the help of "dpkg-checkdep" to mimic the current build-environment

asciidoc-base: used by perf man pages
automake: used by ZFS/SPL (among other things)
cpio: used in debian/rules
debhelper: used in debian/rules
kmod: used in debian/rules (depmod)
libdw-dev,libelf-dev: used for unwinder
libnuma-dev: used by perf
libslang2-dev: used by perf tui
python-minimal: used by perf
zlib1g-dev: used by perf

thank you Thomas for additional review and extensive discussions
regarding what to include (or not ;))!

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Reviewed-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-10-12 10:41:58 +02:00
debian d/control: update build-depends 2018-10-12 10:41:58 +02:00
patches backport: block: fix silent corruption in Linux kernel 4.15 2018-10-10 14:22:27 +02:00
submodules update sources to Ubuntu-4.15.0-37.40 2018-10-04 11:01:47 +02:00
.gitignore buildsys: convert to submodules 2017-03-24 13:03:07 +01:00
.gitmodules switch source to Ubuntu-4.15.0-10.11 2018-03-09 14:18:36 +01:00
abi-blacklist buildsys: simplify abi-check 2017-03-24 14:14:10 +01:00
abi-prev-4.15.18-7-pve update ABI file for 4.15.18-7-pve 2018-10-04 11:38:43 +02:00
e1000e-3.4.1.1.tar.gz update out-of-tree intel ethernet drivers 2018-06-08 11:35:11 +02:00
fwlist-previous sync firmware list 2018-07-04 15:02:04 +02:00
igb-5.3.5.18.tar.gz update out-of-tree intel ethernet drivers 2018-06-08 11:35:11 +02:00
Makefile bump version to 4.15.18-27 2018-10-10 14:23:25 +02:00
README README: remove RHEL mentions and updated some outdated infos 2018-08-22 10:27:55 +02:00

KERNEL SOURCE:
==============

We currently use the Ubuntu kernel sources, available from:

 http://kernel.ubuntu.com/git/ubuntu/ubuntu-bionic.git/

Ubuntu will maintain those kernels till:

 https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable


Additional/Updated Modules:
---------------------------

- include latest e1000e driver from intel/sourceforge

- include latest igb driver from intel/sourceforge

- include native OpenZFS filesystem kernel modules for Linux

  * https://github.com/zfsonlinux/

  For licensing questions, see: http://open-zfs.org/wiki/Talk:FAQ


RELATED PACKAGES:
=================

proxmox-ve
----------

top level meta package, depends on current default kernel series meta package.

git clone git://git.proxmox.com/git/proxmox-ve.git

pve-kernel-meta
---------------

depends on latest kernel and header package within a certain kernel series,
e.g., pve-kernel-4.15 / pve-headers-4.15

git clone git://git.proxmox.com/git/pve-kernel-meta.git

pve-firmware
------------

contains the firmware for all released PVE kernels.

git clone git://git.proxmox.com/git/pve-firmware.git


NOTES:
======

ABI versions, package versions and package name:
------------------------------------------------

We follow debian's versioning w.r.t ABI changes:

https://kernel-team.pages.debian.net/kernel-handbook/ch-versions.html
https://wiki.debian.org/DebianKernelABIChanges

The debian/rules file has a target comparing the build kernel's ABI against the
version stored in the repository and indicates when an ABI bump is necessary.
An ABI bump within one upstream version consists of incrementing the KREL
variable in the Makefile, rebuilding the packages and running 'make abiupdate'
(the 'abiupdate' target in 'Makefile' contains the steps for consistently
updating the repository).

Watchdog blacklist
------------------

By default, all watchdog modules are black-listed because it is totally undefined
which device is actually used for /dev/watchdog.
We ship this list in /lib/modprobe.d/blacklist_pve-kernel-<VERSION>.conf
The user typically edit /etc/modules to enable a specific watchdog device.

Additional information
----------------------

We use the default configuration provided by Ubuntu, and apply
the following modifications:

NOTE: For the exact and current list see debian/rules (PVE_CONFIG_OPTS)

- enable INTEL_MEI_WDT=m (to allow disabling via patch)

- disable CONFIG_SND_PCM_OSS (enabled by default in Ubuntu, not needed)

- switch CONFIG_TRANSPARENT_HUGEPAGE to MADVISE from ALWAYS

- enable CONFIG_CEPH_FS=m (request from user)

- enable common CONFIG_BLK_DEV_XXX to avoid hardware detection
  problems (udev, update-initramfs have serious problems without that)

  	 CONFIG_BLK_DEV_SD=y
  	 CONFIG_BLK_DEV_SR=y
  	 CONFIG_BLK_DEV_DM=y

- add workaround for Debian bug #807000 (see
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807000)

  	 CONFIG_BLK_DEV_NVME=y

- compile NBD and RBD modules
	 CONFIG_BLK_DEV_NBD=m
	 CONFIG_BLK_DEV_RBD=m

- enable IBM JFS file system as module

  enable it as requested by users (bug #64)

- enable apple HFS and HFSPLUS as module

  enable it as requested by users

- enable CONFIG_BCACHE=m (requested by user)

- enable CONFIG_BRIDGE=y

  Else we get warnings on boot, that
  net.bridge.bridge-nf-call-iptables is an unknown key

- enable CONFIG_DEFAULT_SECURITY_APPARMOR

  We need this for lxc

- set CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y

  because if not set, it can give some dynamic memory or cpu frequencies 
  change, and vms can crash (mainly windows guest).

  see http://forum.proxmox.com/threads/18238-Windows-7-x64-VMs-crashing-randomly-during-process-termination?p=93273#post93273

- use 'deadline' as default scheduler

  This is the suggested setting for KVM. We also measure bad fsync
  performance with ext4 and cfq.

- disable CONFIG_INPUT_EVBUG

  Module evbug is not blacklisted on debian, so we simply disable it
  to avoid key-event logs (which is a big security problem)

- enable CONFIG_MODVERSIONS (needed for ABI tracking)

- switch default UNWINDER to FRAME_POINTER

  the recently introduced ORC_UNWINDER is not 100% stable yet, especially in combination with ZFS

- enable CONFIG_PAGE_TABLE_ISOLATION (Meltdown mitigation)