PVE linux kernel for ThunderX CPU
Find a file
2018-02-16 09:58:12 +01:00
patches warn when non-RETPOLINED module gets loaded 2018-02-16 09:58:12 +01:00
proxmox-ve bump version to 4.13-39, bump ABI to 4.13.13-6-pve 2018-02-16 09:58:12 +01:00
submodules update sources to Ubuntu-4.13.0-35.39 2018-02-13 12:41:35 +01:00
.gitignore buildsys: convert to submodules 2017-03-24 13:03:07 +01:00
.gitmodules update ZFS/SPL to 0.7.2 2017-10-13 11:33:03 +02:00
abi-blacklist buildsys: simplify abi-check 2017-03-24 14:14:10 +01:00
abi-check buildsys: simplify abi-check 2017-03-24 14:14:10 +01:00
abi-previous bump version to 4.13-39, bump ABI to 4.13.13-6-pve 2018-02-16 09:58:12 +01:00
ceph-scheduler-fix.patch initial import from https://git.proxmox.com/?p=pve-kernel.git;a=tree 2017-03-15 14:43:14 +01:00
changelog.Debian bump version to 4.13-40 2018-02-16 09:58:12 +01:00
control.in allow also grub-efi-arm64 as an grub dependency 2017-05-11 08:50:39 +02:00
control.tools build: update for 4.13/artful 2017-09-26 10:38:27 +02:00
copyright initial import from https://git.proxmox.com/?p=pve-kernel.git;a=tree 2017-03-15 14:43:14 +01:00
e1000e-3.3.6.tar.gz update intel drivers to latest upstream releases 2017-11-22 09:47:25 +01:00
find-firmware.pl build: update for 4.13/artful 2017-09-26 10:38:27 +02:00
fwlist-previous update fwlist and abi for 4.13.1-1-pve 2017-09-27 10:06:33 +02:00
headers-control.in build-sys: replace fixed architecture use where possible 2017-05-11 08:50:39 +02:00
headers-postinst.in initial import from https://git.proxmox.com/?p=pve-kernel.git;a=tree 2017-03-15 14:43:14 +01:00
igb-5.3.5.10.tar.gz revert igb to 5.3.5.10 2017-12-05 13:05:16 +01:00
ixgbe-5.3.3.tar.gz update intel drivers to latest upstream releases 2017-11-22 09:47:25 +01:00
Makefile bump version to 4.13-40 2018-02-16 09:58:12 +01:00
postinst.in initial import from https://git.proxmox.com/?p=pve-kernel.git;a=tree 2017-03-15 14:43:14 +01:00
postrm.in initial import from https://git.proxmox.com/?p=pve-kernel.git;a=tree 2017-03-15 14:43:14 +01:00
prerm.in initial import from https://git.proxmox.com/?p=pve-kernel.git;a=tree 2017-03-15 14:43:14 +01:00
README initial import from https://git.proxmox.com/?p=pve-kernel.git;a=tree 2017-03-15 14:43:14 +01:00

KERNEL SOURCE:
==============

We currently use the Ubuntu kernel sources, available from:

 http://kernel.ubuntu.com/git/ubuntu/ubuntu-xenial.git/

Ubuntu will maintain those kernels till:

 https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable


Additional/Updated Modules:
---------------------------

- include latest e1000e driver from intel/sourceforge

- include latest ixgbe driver from intel/sourceforge

 - include latest igb driver from intel/sourceforge

# Note: hpsa does not compile with kernel 3.19.8
#- include latest HPSA driver (HP Smart Array)
#
#  * http://sourceforge.net/projects/cciss/

- include native OpenZFS filesystem kernel modules for Linux

  * https://github.com/zfsonlinux/

  For licensing questions, see: http://open-zfs.org/wiki/Talk:FAQ

- include latest DRBD 9 driver, see http://drbd.linbit.com/home/what-is-drbd/


FIRMWARE:
=========

We create our own firmware package, which includes the firmware for
all proxmox-ve kernels. So far this include

pve-kernel-2.6.18
pve-kernel-2.6.24
pve-kernel-2.6.32
pve-kernel-3.10.0
pve-kernel-3.19.0

We use 'find-firmware.pl' to extract lists of required firmeware
files.  The script 'assemble-firmware.pl' is used to read those lists
and copy the files from various source directory into a target
directory.

We do not include firmeware for some wireless HW when there is a
separate debian package for that, for example:

zd1211-firmware
atmel-firmware
bluez-firmware 


PATCHES:
--------

 bridge-patch.diff: Avoid bridge problems with changing MAC
  see also: http://forum.openvz.org/index.php?t=msg&th=5291

  Behaviour after 2.6.27 has changed slighly - after setting mac address
  of bridge device, then address won't change. So we could omit
  that patch, requiring to set hwaddress in /etc/network/interfaces.

Watchdog blacklist
------------------

By default, all watchdog modules are black-listed because it is totally undefined
which device is actually used for /dev/watchdog.
We ship this list in /lib/modprobe.d/blacklist_pve-kernel-<VERSION>.conf
The user typically edit /etc/modules to enable a specific watchdog device.

Additional information
----------------------

We use the default configuration provided by Ubuntu, and apply
the following modification:

see Makefile (PVE_CONFIG_OPTS)

- enable CONFIG_CEPH_FS=m (request from user)

- enable common CONFIG_BLK_DEV_XXX to avoid hardware detection
  problems (udev, undate-initramfs have serious problems without that)

  	 CONFIG_BLK_DEV_SD=y
  	 CONFIG_BLK_DEV_SR=y
  	 CONFIG_BLK_DEV_DM=y

- add workaround for Debian bug #807000 (see
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807000)

  	 CONFIG_BLK_DEV_NVME=y

- compile NBD and RBD modules
	 CONFIG_BLK_DEV_NBD=m
	 CONFIG_BLK_DEV_RBD=m

- set LOOP_MIN_COUNT to 8 (debian defaults)
	 CONFIG_BLK_DEV_LOOP_MIN_COUNT=8

- disable module signatures (CONFIG_MODULE_SIG)
 
- enable IBM JFS file system 

  This is disabled in RHEL kernel for no real reason, so we enable
  it as requested by users (bug #64)

- enable apple HFS and HFSPLUS

  This is disabled in RHEL kernel for no real reason, so we enable
  it as requested by users

- enable CONFIG_BCACHE=m (requested by user)

- enable CONFIG_BRIDGE=y

  Else we get warnings on boot, that
  net.bridge.bridge-nf-call-iptables is an unknown key

- enable CONFIG_DEFAULT_SECURITY_APPARMOR

  We need this for lxc
  
- set CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y

  because if not set, it can give some dynamic memory or cpu frequencies 
  change, and vms can crash (mainly windows guest).

  see http://forum.proxmox.com/threads/18238-Windows-7-x64-VMs-crashing-randomly-during-process-termination?p=93273#post93273

- use 'deadline' as default scheduler

  This is the suggested setting for KVM. We also measure bad fsync
  performance with ext4 and cfq.

- disable CONFIG_INPUT_EVBUG

  Module evbug is not blacklisted on debian, so we simply disable it
  to avoid key-event logs (which is a big security problem)

Testing final kernel with kvm
-----------------------------

kvm -kernel data/boot/vmlinuz-3.19.8-1-pve -initrd initrd.img-3.19.8-1-pve -append "vga=791 video=vesafb:ywrap,mtrr" /dev/zero