Thomas Lamprecht
625b5c77e0
switch over to ubuntu focal 20.04 kernel
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-03-02 17:32:42 +01:00
Thomas Lamprecht
17f964317d
rebase patches on top of Ubuntu-5.3.0-41.33
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-02-15 14:00:47 +01:00
Thomas Lamprecht
6ad155377d
rebase patches on top of Ubuntu-5.3.0-40.32
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-02-05 11:47:41 +01:00
Thomas Lamprecht
de6f4b1d95
backport fixes for information leak within a KVM guest
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-01-31 13:14:32 +01:00
Thomas Lamprecht
7284a6db39
rebase patches on top of Ubuntu-5.3.0-29.31
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-01-24 09:48:43 +01:00
Thomas Lamprecht
34fce89fd4
fix #2549 : backport: drm/i915: Avoid HPD poll detect triggering a new detect cycle
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2020-01-23 13:04:17 +01:00
Stefan Reiter
9538cc28e9
Add MCE patch for Threadripper 3000 series compatibility
...
A forum user reported that our kernel does not boot on Threadripper 3000
series CPUs, unless 'mce=off' is provided on the kernel commandline. [0]
This is a known issue, which has been fixed in mainline kernels and
backported to 5.4, 4.19 and 4.14 [1]. It is not, however, included in
5.3, nor in the Ubuntu builds. [2]
This patch is the original one posted for 5.5, which is the same as the
one ported to 5.4. It also applies cleanly to 5.3, and should work the
same, seeing as the backports to older versions do not have functional
changes either.
[0] https://forum.proxmox.com/threads/bug-pve-wont-boot-properly.63432/
[1] https://patchwork.kernel.org/project/linux-edac/list/?q=Allow+Reserved+types+to+be+overwritten+in+smca_banks
[2] https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/eoan/log/?qt=grep&q=Allow+Reserved+types+to+be+overwritten+in+smca_banks
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
2020-01-15 15:26:11 +01:00
Thomas Lamprecht
6985f5cc9e
rebase patches on top of Ubuntu-5.3.0-25.27
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-12-05 07:16:43 +01:00
Thomas Lamprecht
8d0ce71c45
rebase patches on top of Ubuntu-5.3.0-24.26
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-11-14 10:42:02 +01:00
Thomas Lamprecht
a7939a9abe
rebase patches on top of Ubuntu-5.3.0-20.21
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-10-23 18:58:29 +02:00
Thomas Lamprecht
ba68212d64
rebase patches for eoan
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-10-01 18:57:02 +02:00
Thomas Lamprecht
0570f90d28
backport new FPU register copy helpers
...
This allows us to fix the ZFS SIMD patch for 5.0 kernel way easier.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-09-27 14:43:41 +02:00
Thomas Lamprecht
b671e62ef8
rebase patches on top of Ubuntu-5.0.0-28.30
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-09-05 10:26:04 +02:00
Thomas Lamprecht
b9200da0c5
backport vhost_net: disable zerocopy by default
...
It seems to make general problems[0], and upstream changed the
default back to 0 again[1] (was enabled long ago, ca. 2012).
[0]: https://pve.proxmox.com/pipermail/pve-devel/2019-August/038571.html
[1]: https://git.kernel.org/torvalds/c/098eadce3c622c07b328d0a43dda379b38cf7c5e
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-08-21 09:50:11 +02:00
Thomas Lamprecht
118616fd5f
rebase patches on top of Ubuntu-5.0.0-26.27
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-08-20 17:13:36 +02:00
Thomas Lamprecht
f4beb2f868
rebase patches on top of Ubuntu-5.0.0-22.23
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-07-24 08:12:25 +02:00
Thomas Lamprecht
225d38f866
backport: rbd: don't assert on writes to snapshots
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-07-24 08:11:49 +02:00
Thomas Lamprecht
ff93581f3f
rebase patches on top of Ubuntu-5.0.0-18.19
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-06-18 07:28:40 +02:00
Thomas Lamprecht
6ac09c547c
revert KVM nested param back to off as default, for now
...
Else everyone booting the 5.0 based kernel will have nesting
activated by default[0], and this break live migration for all VMs
with CPU type host, even if they do not host KVM (nested) guests
themself and never made a VMX call, at least with newer QEMU versions
>= 3.1 [1]
While the kernel now may had good reasons to change the default to
true for this[0], i.e., it can now handle nested guest migrations in
a nice and sane way, the user space side of this in QEMU is not yet
ready, and may only become so with or even after 4.1.
After we have a working qemu which can also live migrate arbitrary
nested guest we may well enable this as default, but until then it
brings just pain but no advantage.
So let's protect people which did not manually enabled nesting for
a live-migration breakage. All those who enabled nesting manually
them self knew that it was still experimental and thus will have to
live with their decision and have a live migration breakage (for
those VMs with CPU type 'host')
[0]: https://git.kernel.org/torvalds/c/1e58e5e59148916fa43444a406335a990783fb78
[1]: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commitdiff;h=d98f26073bebddcd3da0ba1b86c3a34e840c0fb8
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-06-08 20:12:35 +02:00
Thomas Lamprecht
ff71f8b949
update patches for 5.0.8
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-22 14:11:57 +02:00
Thomas Lamprecht
a599f53da3
rebase patches on top of Ubuntu-4.15.0-50.54
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-05-15 08:55:36 +02:00
Thomas Lamprecht
81801c5658
update patches
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-30 12:10:08 +02:00
Thomas Lamprecht
8713734e79
fix #2008 : kvm: x86: Add AMD's EX_CFG to the list of ignored MSRs
...
clean backport from kernel mainline commit
0e1b869fff60c81b510c2d00602d778f8f59dd9a [0]
[0]: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0e1b869fff60c81b510c2d00602d778f8f59dd9a
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-16 17:48:59 +02:00
Thomas Lamprecht
2de599de08
rebase patches on top of Ubuntu-4.15.0-48.51
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-05 07:18:45 +02:00
Thomas Lamprecht
89d8eaee98
rebase patches on top of Ubuntu-4.15.0-47.50
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-03-13 07:25:59 +01:00
Thomas Lamprecht
4e6465dfa5
backport fixes for multiple KVM vulnerabilities
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-02-25 14:51:28 +01:00
Thomas Lamprecht
cf6ea5cf34
backport: net: crypto set sk to NULL when af_alg_release
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-02-21 14:39:03 +01:00
David Limbeck
c774433e2a
add patch to fix ipset memory exhaustion
...
Add a patch from upstream until it is fixed in the Ubuntu 4.15 kernel.
Signed-off-by: David Limbeck <d.limbeck@proxmox.com>
2019-02-20 15:43:31 +01:00
Thomas Lamprecht
91b336e761
backport i40e fixes
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-02-06 11:42:55 +01:00
Thomas Lamprecht
322691b072
rebase patches on top of Ubuntu-4.15.0-46.49
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-02-06 11:41:14 +01:00
Thomas Lamprecht
835a39ebaa
add fix for possible NULL pointer dereference in net/ipip
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-01-19 12:10:33 +01:00
Thomas Lamprecht
4618decfe0
update ACS capabillities patch context
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-01-14 13:59:17 +01:00
Thomas Lamprecht
05c4f2217f
drop patches applied upstream
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-01-14 13:59:17 +01:00
Stoiko Ivanov
47f3b8990f
Add 3 Patches addressing security issues
...
* CVE-2018-18955 (https://launchpad.net/bugs/1801924 ) is addressed by
0009-userns-also-map-extents-in-the-reverse-map-to-kernel.patch
* https://launchpad.net/bugs/1789161 is addressed by the other 2 patches. (see
the link for a reproducer)
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2018-11-14 18:29:55 +01:00
Thomas Lamprecht
9aa2d28ebb
rebase patches on top of Ubuntu-4.15.0-40.43
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-11-12 13:33:04 +01:00
Thomas Lamprecht
0c12c00b3a
rebase patches on top of Ubuntu-4.15.0-39.42
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-10-25 11:48:58 +02:00
Thomas Lamprecht
dbb1ed6d87
backport: block: fix silent corruption in Linux kernel 4.15
...
reproducer: https://www.spinics.net/lists/linux-block/msg28507.html
ubuntu bugreport: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1796542
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-10-10 14:22:27 +02:00
Thomas Lamprecht
9de43ded7a
rebase patches on top of Ubuntu-4.15.0-35.38
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-09-17 11:46:13 +02:00
Thomas Lamprecht
16fb26e70c
backport protection against userspace-userspace spectreRSB
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-08-30 13:05:06 +02:00
Thomas Lamprecht
72d7b7039d
rebase patches on top of Ubuntu-4.15.0-34.37
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-08-28 12:00:57 +02:00
Thomas Lamprecht
9464be5351
rebase patches on top of Ubuntu-4.15.0-33.36
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-08-24 10:30:36 +02:00
Stoiko Ivanov
61721594cf
add patch for hpsa, preventing clean reboots
...
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2018-08-22 13:01:23 +02:00
Stoiko Ivanov
2d13a2bdc2
add patch for CVE-2018-1118
...
The commit is already on bionic/master-next (first commit after the
latest tag on master-next)
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2018-08-22 13:01:23 +02:00
Alexandre Derumier
49b6d16422
vrf patches
...
This fix
https://github.com/FRRouting/frr/issues/2460
we can remove the workaround net.ipv4.tcp_l3mdev_accept=1 with this patches.
2018-08-21 09:10:33 +02:00
Stoiko Ivanov
e2af2a6161
rebase patches on top of Ubuntu-4.15.0-32.35
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2018-08-16 13:21:43 +02:00
Stoiko Ivanov
72f9fd46cc
add SGID non-directory fix
...
fixes CVE-2018-13405 (https://nvd.nist.gov/vuln/detail/CVE-2018-13405 )
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2018-08-08 12:08:54 +02:00
Wolfgang Bumiller
cd0e07c792
add apparmor socket mediation fix
...
Link: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1780227
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-07-30 11:47:20 +02:00
Thomas Lamprecht
c0514fa336
rebase patches on top of Ubuntu-4.15.0-24.26
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-07-04 11:50:41 +02:00
Thomas Lamprecht
2dc5b5fe0e
add KVM L1 guest escape - CVE-2018-12904 patch
...
see: http://www.openwall.com/lists/oss-security/2018/06/27/7
2018-06-27 17:17:27 +02:00
Thomas Lamprecht
d3722c5c8a
backport SUN NICs fix for OVS use
...
See: https://pve.proxmox.com/pipermail/pve-user/2018-June/169567.html
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-06-08 11:58:18 +02:00
Thomas Lamprecht
e4087db377
rebase patches on top of Ubuntu-4.15.0-22.24
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-05-23 11:46:22 +02:00
Thomas Lamprecht
c3592848d1
rebase patches on top of Ubuntu-4.15.0-20.21
...
(generated with debian/scripts/import-upstream-tag)
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-05-03 08:16:40 +02:00
Wolfgang Bumiller
1e12ef0dcc
fix #1737 : merge: net: fix deadlock while clearing neighbor proxy table
...
Link: https://bugzilla.kernel.org/show_bug.cgi?id=199289
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
2018-04-25 14:28:43 +02:00
Fabian Grünbichler
927081a949
rebase patches
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2018-04-20 14:55:21 +02:00
Fabian Grünbichler
2068d368d7
revert broken kernel Makefile modification
...
see [1] for upstream report
1: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1758856/comments/1
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2018-04-04 15:43:07 +02:00
Fabian Grünbichler
a214614ea9
rebase patches on top of Ubuntu-4.15.0-14.15
...
and drop those applied upstream
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2018-04-04 15:43:07 +02:00
Fabian Grünbichler
b25749a58c
fix #1633 : potential deadlock with shmem
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2018-03-28 15:17:19 +02:00
Fabian Grünbichler
8e89f13c59
fix #1633 : potential deadlock with THPs
...
see https://marc.info/?l=linux-mm&m=151683828707588
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2018-03-27 16:02:05 +02:00
Fabian Grünbichler
ecef40a218
rebase patches
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2018-03-22 11:12:48 +01:00
Fabian Grünbichler
15baf5b4c2
rebase patches
...
and drop those applied in 4.14/4.15
2018-03-09 14:47:21 +01:00
Fabian Grünbichler
55f9bfa990
update ACS override patch for 4.15
...
based on https://aur.archlinux.org/linux-vfio.git
2018-03-09 14:47:21 +01:00
Fabian Grünbichler
3323a8b78c
add cherry-picks for OCFS2 bug
...
see https://forum.proxmox.com/threads/ocfs2-kernel-bug.39163/
2018-03-09 11:57:49 +01:00
Fabian Grünbichler
863ccb9670
add cherry-pick for NFS in network namespaces
2018-03-09 11:57:49 +01:00
Fabian Grünbichler
38c79e8118
fix refcnt leaks with net namespaces
...
see https://github.com/lxc/lxc/issues/2141 and
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1711407/
2018-02-21 09:18:49 +01:00
Fabian Grünbichler
a4b1a797a0
warn when non-RETPOLINED module gets loaded
2018-02-16 09:58:12 +01:00
Fabian Grünbichler
ef812b062d
cherry-pick sched-wait bug fix
...
(included in 4.15 and queued for 4.14)
2018-02-14 12:14:12 +01:00
Fabian Grünbichler
d320e5b2c3
cherry-pick scsi lpfc HBA bug fix
...
see https://forum.proxmox.com/threads/proxmox-5-1-lpfc-hba-emulex-lpe12000-error.39179/
2018-02-13 12:41:35 +01:00
Fabian Grünbichler
3adc532101
rebase patches
2018-02-13 12:41:35 +01:00
Fabian Grünbichler
1da60899e3
add EDAC cherry-picks
2018-01-29 15:00:40 +01:00
Fabian Grünbichler
a70918fbbc
restructure patches
...
rebase on Ubuntu-4.13.0-32.35
the effective kernel tree which gets compiled after patches have been
applied is functionally identical (modulo parts for architectures which
we don't care about and Ubuntu build files)
2018-01-29 14:22:56 +01:00
Fabian Grünbichler
81f370d513
fix syscall retpoline
2018-01-26 10:46:25 +01:00
Fabian Grünbichler
a0f7ab8a6a
fix #1622 : i40e memory leak
...
cherry-pick from upstream 4.14
2018-01-19 12:43:16 +01:00
Fabian Grünbichler
f90505f3a2
add tc fixes
2018-01-19 12:27:49 +01:00
Fabian Grünbichler
035dbe6708
KPTI/Spectre: add more fixes
...
* initial IBRS/IBPB/SPEC_CTRL support
* regression fixes for KPTI
* additional hardening against Spectre
based on Ubuntu-4.13.0-29.32 and mainline 4.14
2018-01-15 12:34:50 +01:00
Fabian Grünbichler
59d5af6732
build: reformat existing patches
...
drop numbers and commit hashes from patch metadata to reduce future
patch churn
2018-01-15 12:26:15 +01:00
Fabian Grünbichler
633c5ed17f
revert buggy SCSI error handler commit
...
this causes kernel OOPS and upstream is unresponsive about it.
see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1726519
2018-01-08 11:51:24 +01:00
Fabian Grünbichler
76ec7e5931
update Spectre KVM PoC fix for AMD
2018-01-08 10:58:23 +01:00
Fabian Grünbichler
04f3b8beca
KPTI: disable on AMD
...
and allow loading of microcode on recent AMD systems in preparation of
further Spectre fixes
2018-01-08 10:25:31 +01:00
Fabian Grünbichler
e4cdf2a53e
KPTI: add follow-up fixes
2018-01-08 10:25:09 +01:00
Fabian Grünbichler
b378f209dd
add objtool build fix
2018-01-07 13:18:22 +01:00
Fabian Grünbichler
7c7389df50
add Spectre PoC fix
...
picked from https://patchwork.kernel.org/patch/10147679/
2018-01-06 15:15:39 +01:00
Fabian Grünbichler
321d628a98
add KPTI and related patches
...
picked from Ubuntu-4.13.0-23.26
2018-01-06 15:15:39 +01:00
Fabian Grünbichler
19894df472
reorder patches
...
numbering got messed up in the previous upload
2018-01-06 15:15:39 +01:00
Fabian Grünbichler
9e94988ca1
fix #1537 : cherry-pick AMD NPT / IOMMU fix
2018-01-02 10:01:56 +01:00
Fabian Grünbichler
b42b4a1b96
cherry-pick KVM fix for old CPUs
2017-12-04 09:36:58 +01:00
Fabian Grünbichler
905722fbce
cherry-pick / backport IB fixes
...
see https://forum.proxmox.com/threads/pve-5-1-and-infiniband-issues.37575/
2017-12-04 09:36:19 +01:00
Fabian Grünbichler
ddad99c986
cherry-pick vhost perf regression and mem-leak fix
2017-12-04 09:27:58 +01:00
Fabian Grünbichler
9a9f6e04a7
cherry-pick final KVM BSOD fix
2017-12-04 09:27:58 +01:00
Fabian Grünbichler
777ee9fe67
revert mmu changes causing bluescreens
2017-11-29 09:48:40 +01:00
Fabian Grünbichler
e03fa66fce
add cpuset v2 in v1 cherry-picks
2017-09-27 10:06:33 +02:00
Fabian Grünbichler
b9e76370ab
build: rebase and refactor kernel patches
2017-09-26 10:46:35 +02:00