PVE linux kernel for ThunderX CPU
Find a file
Fabian Grünbichler 2068d368d7 revert broken kernel Makefile modification
see [1] for upstream report

1: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1758856/comments/1
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2018-04-04 15:43:07 +02:00
debian bump version to 4.15.10-4 2018-03-28 15:47:55 +02:00
patches revert broken kernel Makefile modification 2018-04-04 15:43:07 +02:00
submodules update sources to Ubuntu-4.15.0-14.15 2018-04-04 15:43:07 +02:00
.gitignore buildsys: convert to submodules 2017-03-24 13:03:07 +01:00
.gitmodules switch source to Ubuntu-4.15.0-10.11 2018-03-09 14:18:36 +01:00
abi-blacklist buildsys: simplify abi-check 2017-03-24 14:14:10 +01:00
abi-prev-4.15.10-1-pve update ABI file for 4.15.10-1-pve 2018-03-22 14:07:29 +01:00
e1000e-3.3.6.tar.gz update intel drivers to latest upstream releases 2017-11-22 09:47:25 +01:00
fwlist-previous bump version to 4.15.3-1, bump ABI to 4.15.3-1-pve 2018-03-09 15:43:24 +01:00
igb-5.3.5.10.tar.gz revert igb to 5.3.5.10 2017-12-05 13:05:16 +01:00
ixgbe-5.3.3.tar.gz update intel drivers to latest upstream releases 2017-11-22 09:47:25 +01:00
Makefile bump version to 4.15.10-4 2018-03-28 15:47:55 +02:00
README build: replace 4.13 with 4.15 2018-03-09 14:47:21 +01:00

KERNEL SOURCE:
==============

We currently use the Ubuntu kernel sources, available from:

 http://kernel.ubuntu.com/git/ubuntu/ubuntu-bionic.git/

Ubuntu will maintain those kernels till:

 https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable


Additional/Updated Modules:
---------------------------

- include latest e1000e driver from intel/sourceforge

- include latest ixgbe driver from intel/sourceforge

- include latest igb driver from intel/sourceforge

- include native OpenZFS filesystem kernel modules for Linux

  * https://github.com/zfsonlinux/

  For licensing questions, see: http://open-zfs.org/wiki/Talk:FAQ


RELATED PACKAGES:
=================

proxmox-ve
----------

top level meta package, depends on current default kernel series meta package.

git clone git://git.proxmox.com/git/proxmox-ve.git

pve-kernel-meta
---------------

depends on latest kernel and header package within a certain kernel series,
e.g., pve-kernel-4.15 / pve-headers-4.15

git clone git://git.proxmox.com/git/pve-kernel-meta.git

pve-firmware
------------

contains the firmware for all released PVE kernels.

git clone git://git.proxmox.com/git/pve-firmware.git


NOTES:
======

Watchdog blacklist
------------------

By default, all watchdog modules are black-listed because it is totally undefined
which device is actually used for /dev/watchdog.
We ship this list in /lib/modprobe.d/blacklist_pve-kernel-<VERSION>.conf
The user typically edit /etc/modules to enable a specific watchdog device.

Additional information
----------------------

We use the default configuration provided by Ubuntu, and apply
the following modifications:

see debian/rules (PVE_CONFIG_OPTS)

- enable INTEL_MEI_WDT=m (to allow disabling via patch)

- disable CONFIG_SND_PCM_OSS (enabled by default in Ubuntu, not needed)

- switch CONFIG_TRANSPARENT_HUGEPAGE to MADVISE from ALWAYS

- enable CONFIG_CEPH_FS=m (request from user)

- enable common CONFIG_BLK_DEV_XXX to avoid hardware detection
  problems (udev, undate-initramfs have serious problems without that)

  	 CONFIG_BLK_DEV_SD=y
  	 CONFIG_BLK_DEV_SR=y
  	 CONFIG_BLK_DEV_DM=y

- add workaround for Debian bug #807000 (see
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807000)

  	 CONFIG_BLK_DEV_NVME=y

- compile NBD and RBD modules
	 CONFIG_BLK_DEV_NBD=m
	 CONFIG_BLK_DEV_RBD=m

- set LOOP_MIN_COUNT to 8 (debian defaults)
	 CONFIG_BLK_DEV_LOOP_MIN_COUNT=8

- disable module signatures (CONFIG_MODULE_SIG)

- enable IBM JFS file system

  This is disabled in RHEL kernel for no real reason, so we enable
  it as requested by users (bug #64)

- enable apple HFS and HFSPLUS

  This is disabled in RHEL kernel for no real reason, so we enable
  it as requested by users

- enable CONFIG_BCACHE=m (requested by user)

- enable CONFIG_BRIDGE=y

  Else we get warnings on boot, that
  net.bridge.bridge-nf-call-iptables is an unknown key

- enable CONFIG_DEFAULT_SECURITY_APPARMOR

  We need this for lxc

- set CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y

  because if not set, it can give some dynamic memory or cpu frequencies 
  change, and vms can crash (mainly windows guest).

  see http://forum.proxmox.com/threads/18238-Windows-7-x64-VMs-crashing-randomly-during-process-termination?p=93273#post93273

- use 'deadline' as default scheduler

  This is the suggested setting for KVM. We also measure bad fsync
  performance with ext4 and cfq.

- disable CONFIG_INPUT_EVBUG

  Module evbug is not blacklisted on debian, so we simply disable it
  to avoid key-event logs (which is a big security problem)

- enable CONFIG_MODVERSIONS (needed for ABI tracking)

- switch default UNWINDER to FRAME_POINTER

  the recently introduced ORC_UNWINDER is not 100% stable yet, especially in combination with ZFS

- enable CONFIG_PAGE_TABLE_ISOLATION (Meltdown mitigation)