X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=README;h=bc0e116a33ef67fc63da9a483836863da4d34deb;hb=15d1081010ba29a3bd0995137441ffade39e9921;hp=db997a77c85240650f5165d2fdc7cc3c0ef9834c;hpb=043808ec7b9b5a9c1446e197213511c044cfe452;p=pve-kernel.git diff --git a/README b/README index db997a7..bc0e116 100644 --- a/README +++ b/README @@ -3,20 +3,20 @@ KERNEL SOURCE: We currently use the Ubuntu kernel sources, available from: - http://kernel.ubuntu.com/git/ubuntu/ubuntu-bionic.git/ + http://kernel.ubuntu.com/git/ubuntu/ubuntu-jammy.git/ Ubuntu will maintain those kernels till: https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable + or + https://pve.proxmox.com/pve-docs/chapter-pve-faq.html#faq-support-table + + whatever happens to be earlier. Additional/Updated Modules: --------------------------- -- include latest e1000e driver from intel/sourceforge - -- include latest igb driver from intel/sourceforge - - include native OpenZFS filesystem kernel modules for Linux * https://github.com/zfsonlinux/ @@ -24,6 +24,32 @@ Additional/Updated Modules: For licensing questions, see: http://open-zfs.org/wiki/Talk:FAQ +SUBMODULE +========= + +We track the current upstream repository as submodule. Besides obvious +advantages over tracking binary tar archives this also has some implications. + +For building the submodule directory gets copied into build/ and a few patches +get applied with the `patch` tool. From a git point-of-view, the copied +directory remains clean even with extra patches applied since it does not +contain a .git directory, but a reference to the (still pristine) submodule: + +$ cat build/ubuntu-jammy/.git + +If you mistakenly cloned the upstream repo as "normal" clone (not via the +submodule mechanics) this means that you have a real .git directory with its +independent objects and tracking info when copying for building, thus git +operates on the copied directory - and "sees" that it was dirtied by `patch`, +and thus the kernel buildsystem sees this too and will add a '+' to the version +as a result. This changes the output directories for modules and other build +artefacts and let's then the build fail on packaging. + +So always ensure that you really checked it out as submodule, not as full +"normal" clone. You can also explicitly set the LOCALVERSION variable to +undefined with: `export LOCALVERSION= but that should only be done for test +builds. + RELATED PACKAGES: ================= @@ -38,7 +64,7 @@ pve-kernel-meta --------------- depends on latest kernel and header package within a certain kernel series, -e.g., pve-kernel-4.15 / pve-headers-4.15 +e.g., pve-kernel-5.15 / pve-headers-5.15 git clone git://git.proxmox.com/git/pve-kernel-meta.git @@ -76,6 +102,18 @@ which device is actually used for /dev/watchdog. We ship this list in /lib/modprobe.d/blacklist_pve-kernel-.conf The user typically edit /etc/modules to enable a specific watchdog device. +Debug kernel and modules +------------------------ + +In order to build a -dbgsym package containing an unstripped copy of the kernel +image and modules, enable the 'pkg.pve-kernel.debug' build profile (e.g. by +exporting DEB_BUILD_PROFILES='pkg.pve-kernel.debug'). The resulting package can +be used together with 'crash'/'kdump-tools' to debug kernel crashes. + +Note: the -dbgsym package is only valid for the pve-kernel packages produced by +the same build. A kernel/module from a different build will likely not match, +even if both builds are of the same kernel and package version. + Additional information ---------------------- @@ -99,55 +137,39 @@ NOTE: For the exact and current list see debian/rules (PVE_CONFIG_OPTS) CONFIG_BLK_DEV_SR=y CONFIG_BLK_DEV_DM=y -- add workaround for Debian bug #807000 (see - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=807000) - - CONFIG_BLK_DEV_NVME=y - - compile NBD and RBD modules CONFIG_BLK_DEV_NBD=m CONFIG_BLK_DEV_RBD=m - enable IBM JFS file system as module - - enable it as requested by users (bug #64) + requested by users (bug #64) - enable apple HFS and HFSPLUS as module - - enable it as requested by users + requested by users - enable CONFIG_BCACHE=m (requested by user) - enable CONFIG_BRIDGE=y - - Else we get warnings on boot, that - net.bridge.bridge-nf-call-iptables is an unknown key + to avoid warnings on boot, e.g. that net.bridge.bridge-nf-call-iptables is an unknown key - enable CONFIG_DEFAULT_SECURITY_APPARMOR - We need this for lxc - set CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y - because if not set, it can give some dynamic memory or cpu frequencies change, and vms can crash (mainly windows guest). - see http://forum.proxmox.com/threads/18238-Windows-7-x64-VMs-crashing-randomly-during-process-termination?p=93273#post93273 - use 'deadline' as default scheduler - - This is the suggested setting for KVM. We also measure bad fsync - performance with ext4 and cfq. + This is the suggested setting for KVM. We also measure bad fsync performance with ext4 and cfq. - disable CONFIG_INPUT_EVBUG - - Module evbug is not blacklisted on debian, so we simply disable it - to avoid key-event logs (which is a big security problem) + Module evbug is not blacklisted on debian, so we simply disable it to avoid + key-event logs (which is a big security problem) - enable CONFIG_MODVERSIONS (needed for ABI tracking) - switch default UNWINDER to FRAME_POINTER - the recently introduced ORC_UNWINDER is not 100% stable yet, especially in combination with ZFS - enable CONFIG_PAGE_TABLE_ISOLATION (Meltdown mitigation)