4 We currently use the Ubuntu kernel sources, available from:
6 http://kernel.ubuntu.com/git/ubuntu/ubuntu-hirsute.git/
8 Ubuntu will maintain those kernels till:
10 https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable
13 Additional/Updated Modules:
14 ---------------------------
16 - include native OpenZFS filesystem kernel modules for Linux
18 * https://github.com/zfsonlinux/
20 For licensing questions, see: http://open-zfs.org/wiki/Talk:FAQ
26 We track the current upstream repository as submodule. Besides obvious
27 advantages over tracking binary tar archives this also has some implications.
29 For building the submodule directory gets copied into build/ and a few patches
30 get applied with the `patch` tool. From a git point-of-view, the copied
31 directory remains clean even with extra patches applied since it does not
32 contain a .git directory, but a reference to the (still pristine) submodule:
34 $ cat build/ubuntu-hirsute/.git
36 If you mistakenly cloned the upstream repo as "normal" clone (not via the
37 submodule mechanics) this means that you have a real .git directory with its
38 independent objects and tracking info when copying for building, thus git
39 operates on the copied directory - and "sees" that it was dirtied by `patch`,
40 and thus the kernel buildsystem sees this too and will add a '+' to the version
41 as a result. This changes the output directories for modules and other build
42 artefacts and let's then the build fail on packaging.
44 So always ensure that you really checked it out as submodule, not as full
45 "normal" clone. You can also explicitly set the LOCALVERSION variable to
46 undefined with: `export LOCALVERSION= but that should only be done for test
55 top level meta package, depends on current default kernel series meta package.
57 git clone git://git.proxmox.com/git/proxmox-ve.git
62 depends on latest kernel and header package within a certain kernel series,
63 e.g., pve-kernel-4.15 / pve-headers-4.15
65 git clone git://git.proxmox.com/git/pve-kernel-meta.git
70 contains the firmware for all released PVE kernels.
72 git clone git://git.proxmox.com/git/pve-firmware.git
78 ABI versions, package versions and package name:
79 ------------------------------------------------
81 We follow debian's versioning w.r.t ABI changes:
83 https://kernel-team.pages.debian.net/kernel-handbook/ch-versions.html
84 https://wiki.debian.org/DebianKernelABIChanges
86 The debian/rules file has a target comparing the build kernel's ABI against the
87 version stored in the repository and indicates when an ABI bump is necessary.
88 An ABI bump within one upstream version consists of incrementing the KREL
89 variable in the Makefile, rebuilding the packages and running 'make abiupdate'
90 (the 'abiupdate' target in 'Makefile' contains the steps for consistently
91 updating the repository).
96 By default, all watchdog modules are black-listed because it is totally undefined
97 which device is actually used for /dev/watchdog.
98 We ship this list in /lib/modprobe.d/blacklist_pve-kernel-<VERSION>.conf
99 The user typically edit /etc/modules to enable a specific watchdog device.
101 Additional information
102 ----------------------
104 We use the default configuration provided by Ubuntu, and apply
105 the following modifications:
107 NOTE: For the exact and current list see debian/rules (PVE_CONFIG_OPTS)
109 - enable INTEL_MEI_WDT=m (to allow disabling via patch)
111 - disable CONFIG_SND_PCM_OSS (enabled by default in Ubuntu, not needed)
113 - switch CONFIG_TRANSPARENT_HUGEPAGE to MADVISE from ALWAYS
115 - enable CONFIG_CEPH_FS=m (request from user)
117 - enable common CONFIG_BLK_DEV_XXX to avoid hardware detection
118 problems (udev, update-initramfs have serious problems without that)
124 - add workaround for Debian bug #807000 (see
125 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807000)
127 CONFIG_BLK_DEV_NVME=y
129 - compile NBD and RBD modules
133 - enable IBM JFS file system as module
135 enable it as requested by users (bug #64)
137 - enable apple HFS and HFSPLUS as module
139 enable it as requested by users
141 - enable CONFIG_BCACHE=m (requested by user)
143 - enable CONFIG_BRIDGE=y
145 Else we get warnings on boot, that
146 net.bridge.bridge-nf-call-iptables is an unknown key
148 - enable CONFIG_DEFAULT_SECURITY_APPARMOR
152 - set CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y
154 because if not set, it can give some dynamic memory or cpu frequencies
155 change, and vms can crash (mainly windows guest).
157 see http://forum.proxmox.com/threads/18238-Windows-7-x64-VMs-crashing-randomly-during-process-termination?p=93273#post93273
159 - use 'deadline' as default scheduler
161 This is the suggested setting for KVM. We also measure bad fsync
162 performance with ext4 and cfq.
164 - disable CONFIG_INPUT_EVBUG
166 Module evbug is not blacklisted on debian, so we simply disable it
167 to avoid key-event logs (which is a big security problem)
169 - enable CONFIG_MODVERSIONS (needed for ABI tracking)
171 - switch default UNWINDER to FRAME_POINTER
173 the recently introduced ORC_UNWINDER is not 100% stable yet, especially in combination with ZFS
175 - enable CONFIG_PAGE_TABLE_ISOLATION (Meltdown mitigation)