Commit Graph

200 Commits

Author SHA1 Message Date
Thomas Lamprecht
91266dcbe2 backport "netfilter: nf_tables: deactivate anonymous set from preparation phase"
Link: https://ubuntu.com/security/CVE-2023-32233
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-05-10 11:13:20 +02:00
Thomas Lamprecht
40592ac627 update to Proxmox-6.2.9-1
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-04-03 11:53:01 +02:00
Thomas Lamprecht
2c4688ec2e replace rever of RDMA link-speed reporting patch with fix
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-03-17 14:58:46 +01:00
Thomas Lamprecht
af0b394907 update to Ubuntu-6.2.0-17.17
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-03-14 18:07:40 +01:00
Thomas Lamprecht
24d804a086 update and drop applied patches for 6.2
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-03-08 12:29:55 +01:00
Fiona Ebner
3d016e115f add patch to fix issue with large IO requests
Several people reported IO-related issues since kernel 6.1.6 [0].
Things got better with 6.1.10, but apparently the issues are not fully
resolved (e.g. [1]).

I ran into an issue with PBS backup of a VM with passed-through disks
(error with 6.1.6, hang with 6.1.10+) and found that the issue did not
occur anymore with v6.3-rc1. Bisecting what fixed the issue led to the
commit in this patch. The hope is that it fixes some other issues too.

The commit has a CC-stable tag for 5.15+, but telling from the absence
of user reports, it was much less likely to trigger before 6.1.x (it's
not clear what x is, because of the other issue in 6.1.6). The commit
says it depends on 613b14884b85 ("block: handle bio_split_to_limits()
NULL return") which is already present as a3f1c82e0413 ("block:
handle bio_split_to_limits() NULL return") in the Ubuntu tree.

[0]: https://forum.proxmox.com/threads/119483/post-530365
[1]: https://forum.proxmox.com/threads/119483/post-537991

Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
2023-03-07 19:38:11 +01:00
Thomas Lamprecht
fc2b61b134 update submodule and patches to 6.1.14
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-02-27 18:09:00 +01:00
Thomas Lamprecht
9fde3ef1c6 wireless: Add Debian wireless-regdb certificates
so that plain Debian crda + wireless-regdb can work, alternatively we
could disable CRDA and bake in the regdb directly in the kernel,
using the CFG80211_INTERNAL_REGDB KConfig.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-02-10 12:48:20 +01:00
Thomas Lamprecht
7c0483e8cd update to Proxmox-6.1.10-1
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-02-07 14:09:31 +01:00
Fabian Grünbichler
826eb0ff89 build: re-enable BTF
but allow discarding BTF information when loading modules, so that upgrades
which are otherwise ABI compatible still work. this allows using BTF
information when matching and available, while degrading gracefully if the
currently running kernel is not identical to the one that module was built for.

in case of a mismatch, the kernel will log a warning when loading the module,
for example:

Jan 30 13:57:58 test kernel: BPF:          type_id=184 bits_offset=4096
Jan 30 13:57:58 test kernel: BPF:
Jan 30 13:57:58 test kernel: BPF: Invalid name
Jan 30 13:57:58 test kernel: BPF:
Jan 30 13:57:58 test kernel: failed to validate module [bonding] BTF: -22

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2023-01-31 17:44:18 +01:00
Thomas Lamprecht
2162f4c4e7 backport fix for CPU stalls with hugepage in use
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-01-31 10:21:37 +01:00
Thomas Lamprecht
5ddf42542e rebase patches on top of Ubuntu-6.1.0-14.14
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-01-28 15:01:34 +01:00
Thomas Lamprecht
3ba39b6c0a rever fortify patch that breaks our gcc 10.2
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-01-10 08:53:57 +01:00
Thomas Lamprecht
4d1db3083c backport some fixes-fixes from v6.1.4
found with

 git log --decorate v5.16^..v6.1.4 -- Makefile kernel/ secuirty drivers/ fs \
   block mm net virt/ ipc init arch/x86/ | ~/gitdm/stablefixes \
   --fixed-after v6.1.2 --regressed-before v6.1.2

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-01-07 14:52:24 +01:00
Thomas Lamprecht
a0a93ff7fe revert two stable patches that have reports about regressions
we never released them yet (only introduced after 6.1.0), but there
are upstream reports about regressions for them at:
https://lore.kernel.org/netdev/CAK8fFZ5pzMaw3U1KXgC_OK4shKGsN=HDcR62cfPOuL0umXE1Ww@mail.gmail.com/
https://lore.kernel.org/netdev/CAK8fFZ6A_Gphw_3-QMGKEFQk=sfCw1Qmq0TVZK3rtAi7vb621A@mail.gmail.com/

So do a preventive revert.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-01-07 13:52:36 +01:00
Thomas Lamprecht
898be11352 rebase patches on top of Ubuntu-6.1.0-12.12
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2023-01-07 13:45:05 +01:00
Thomas Lamprecht
12247ad0df update to Ubuntu-6.1.0-1.1
from upcoming 23.04 lunar repo

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-12-13 14:57:09 +01:00
Thomas Lamprecht
a61c6773b5 rebase patches on top of Ubuntu-5.19.0-24.25
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-11-14 20:24:23 +01:00
Thomas Lamprecht
ddff189f90 Revert "backport patch to fix TSC scaling for SVM"
this was actually intended for the stable 5.15 branch, already
included in 5.19.

This reverts commit 198fde3a16.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-10-24 09:28:01 +02:00
Fiona Ebner
198fde3a16 backport patch to fix TSC scaling for SVM
The following issue reported on the community forum [0] is likely
fixed by this.

In my case, loading a VM snapshot that originally was taken on an
Intel CPU on my AMD-based host often caused problems in other VMs. In
particular, it often led to CPU stalls, and sometimes clock jumps far
into the future. With this backport applied, everything seems to run
smoothly even after loading the "bad" snapshot 10 times.

The backport from upstream commit 11d39e8cc43e ("KVM: SVM: fix tsc
scaling cache logic consisted of dropping the parts for nested TSC
scaling, which is not yet present in our kernel, renaming the constant
for the default ratio, and some context changes.

[0] https://forum.proxmox.com/threads/112756/

Signed-off-by: Fiona Ebner <f.ebner@proxmox.com>
2022-10-21 17:24:25 +02:00
Thomas Lamprecht
ed7d3489df rebase patches on top of Ubuntu-5.19.0-16.16
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-09-07 15:10:23 +02:00
Thomas Lamprecht
4fc427d906 rebase patches on top of Ubuntu-5.19.0-14.14
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-09-07 15:10:23 +02:00
Thomas Lamprecht
54ebe3cb9b apply "SMM emulation and interrupt shadow fixes"
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-09-07 15:10:23 +02:00
Thomas Lamprecht
4f993f3c8d drop hio from ubuntu makefile again
hio driver got removed by ubuntu already in jammy, but then they
forgot to remove this instance too, failing the clean build target,
my patch got accepted but was forgotten when doing the same in
kinetic, so here we go again

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-09-07 15:10:23 +02:00
Thomas Lamprecht
03f275ed36 rebase patches on top of Ubuntu-5.19.0-11.11
(partially generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-09-07 15:10:23 +02:00
Thomas Lamprecht
3ae8384f6f update patches and buildsys for kinetic kernel Ubuntu-5.18.0-6.6
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-09-06 10:50:21 +02:00
Thomas Lamprecht
bb7155fd8f backport fixes of regressions from newer stable kernels
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-08-29 18:09:47 +02:00
Thomas Lamprecht
96f7973c9b update submodule to Ubuntu-5.15.0-48.54 and rebase patches
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-08-26 16:53:06 +02:00
Thomas Lamprecht
832507353a update SMM shadow fixes to v3
Link: https://lore.kernel.org/kvm/20220803155011.43721-1-mlevitsk@redhat.com/
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-08-08 16:00:28 +02:00
Thomas Lamprecht
f6df304f26 backport "SMM emulation and interrupt shadow fixes"
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-07-27 13:45:07 +02:00
Thomas Lamprecht
f663b7d85c rebase patches on top of Ubuntu-5.15.0-45.48
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-07-20 17:21:06 +02:00
Thomas Lamprecht
4af054d560 rebase patches on top of Ubuntu-5.15.0-41.44
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-06-22 17:17:43 +02:00
Thomas Lamprecht
0594faab65 import Ubuntu-5.15.0-40.43 and update patches
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-06-17 13:42:23 +02:00
Thomas Lamprecht
ad0a766ee2 backport netfilter nf_table sanitiation fixes
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-06-08 18:15:27 +02:00
Thomas Lamprecht
c8298fb299 fix #4083: backport "EDAC/amd64: Add PCI device IDs for family 19h model 50h"
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-06-02 13:48:16 +02:00
Thomas Lamprecht
c1964433a1 update ubuntu to Ubuntu-5.15.0-36.37
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-06-02 13:12:12 +02:00
Thomas Lamprecht
b321611251 fix #4039: backport aquantia atlantic NIC fixes
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-05-11 07:57:40 +02:00
Thomas Lamprecht
eea5de8e26 cherry pick "NFSv4.1 provide mount option to toggle trunking discovery"
we got lots of reports with QNAP NFS being broken, and the commit
this cherry picked one fixes got backported to 5.15 by canonical, so
its def. worth a try.

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-05-05 13:53:16 +02:00
Thomas Lamprecht
6ef2b41a1e rebase patches on top of Ubuntu-5.15.0-29.30
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-05-04 12:31:19 +02:00
Thomas Lamprecht
842d7097a9 backport "io_uring: fix race between timeout flush and removal"
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-04-22 18:07:19 +02:00
Thomas Lamprecht
1615b3ee92 rebase patches on top of Ubuntu-5.15.0-24.24
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-03-29 10:31:51 +02:00
Thomas Lamprecht
d03ea6b3bd add buildsys fix for clean target
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-03-12 16:21:13 +01:00
Thomas Lamprecht
f641ad1603 rebase patches on top of Ubuntu-5.15.0-23.23
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-03-12 15:13:49 +01:00
Thomas Lamprecht
74eb34c8f9 bump version to 5.15.19-3
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-03-07 18:23:21 +01:00
Thomas Lamprecht
09d62646a4 backport simplefb/fbdev memory regio release improvements
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-02-08 12:18:54 +01:00
Thomas Lamprecht
23de619687 rebase patches on top of Ubuntu-5.15.0-20.20
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-02-04 06:08:27 +01:00
Thomas Lamprecht
55227d53ae rebase patches on top of Ubuntu-5.15.0-19.19
(generated with debian/scripts/import-upstream-tag)

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-01-31 09:40:02 +01:00
Thomas Lamprecht
fc0472a18f backport "vfs: fs_context: fix up param length parsing in legacy_parse_param"
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-01-20 16:55:55 +01:00
Thomas Lamprecht
76ce1e5017 drop -ERESTARTSYS handling in blkdev_get_by_dev patch
ZFS 2.1.2 handles this internally
(commit 16da688f2518526389e6bff8370684a1a2a1469c)

Originally-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-01-11 12:06:48 +01:00
Thomas Lamprecht
75d6cb4562 update blk cgroup format patch
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2022-01-11 09:46:51 +01:00