Overlay and veth support wasn't included when migrating to fragment
based configs. Re-add to fix DinD use case.
Fixes: #715
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
As per the comments in security.conf, the intention was to
enable STACKPROTECTOR and STACKPROTECTOR_STRONG.
The current config leaves them unset in the final .config
and also prevents other fragments from overriding the setting.
Set both to =y as indicated in the comments.
Signed-off-by: Mikko Ylinen <mikko.ylinen@intel.com>
common/DAX:
- ARCH_ENABLE_MEMORY_HOTPLUG: not needed (auto-selected)
- ARCH_HAS_ZONE_DEVICE: already automatically selected. This is
also removed in future kernels, so let's go ahead and drop.
- RADIX_TREE_MULTIORDER: already autoselected, and dropped in future
kernels
common/net:
- NF_NAT_NEEDED, NF_NAT_PROTO_*: these don't exist in newer kernels, as
they are refactored and unecessary in the upstream kernel. Keep them for
now, but consider dropping if we move to newer LTS. These are part of
whitelist of options we expect to be dropped with newer kernels in our
fragment building.
- NF_NAT_MASQUERADE_IPV4: this is a select, not a tristate. Also, in
the future much of the ipv4/ipv6 nat code is combined, so this config
will not exist in newer kernels. Dropped.
- INET6_XFRM_MODE_* are not needed on newer kernels. While I'm not
confident they are needed today for Kata, we will just note them and add
to whitelist for options we expect to be dropped with newer kernels in
our fragment building.
- MAY_USE_DEVLINK: removed in future kernels, and should not be needed
anyway. Dropped.
x86_64/DAX:
- ARCH_HAS_HMM: should not be needed, and is dropped in future kernels.
Dropped
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
These will be handled directly from virtio-fs gitlab, which is utilized
when experimental support is requested in kernel build.
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Experimental kernel is much newer, and many configuration options have
dropped since 4.19. Let's use a whitelist to itemize what we expect to
be dropped in the final config if experimental kernel us utilized.
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
This isn't available in the baseline kernel, necessarily. Only
add these config options if an experimental kernel is being used.
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Adding option `-e` to support experimental flag. When selected, the
kernel for virtio-fs is utilized instead of standard kernel.org.
This is a bit more hack-ish than I'd prefer, sorry.
Fixes: #700
Signed-off-by: Eric Ernst <eric.ernst@intel.com>
Now we are using the fragments, drop the x86_64 4.19 config file
so we default to fragment mode.
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Add the framework to build kernel config files from trees
of kernel fragments.
If no fragment directory is found for the requested kernel
version and architecture then revert to looking for a whole
prebuilt kernel config file instead.
Fixes: #234
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Add missing kernel configs to avoid `make oldconfig` asks or
takes the default value for the missing configs.
fixes#623
Signed-off-by: Julio Montes <julio.montes@intel.com>
Packeges uses fuzz 0, lets have the same behavior
in scripts and packages.
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
we need to do patch and config update for v4.19.52 on AArch64.
The config file adds a few configs involved with memory hot-plug
support.
Fixes: #591
Depends-on: github.com/kata-containers/runtime#1817
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Correct typos and resolve formatting issues including incorrect heading
levels and missing TOC entries.
Fixes: #541.
Signed-off-by: James O. D. Hunt <james.o.hunt@intel.com>
As shpchp used for pci hotplug on arm64 initialized
its bottom half work as a delay work for 5 seconds, pci bus
rescan triggered between up half and bottom half of shpc interrupt
handling will fail. so disable shpc and let bus rescan
to do the device hotplug on arm64.
Fixes: #498
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
We modified the kernel subdir, even thought it was only a doc
change, so we need to bump the config ver to reflect that.
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
We don't append fullstops to section titles, and they mess the
ToC up (looks wise). Nuke the one we had in this file.
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Note that to use the build script you need to have some prereqs,
including a new enough golang.
Fixes: #478
Reported-by: Rory Savage <rsavage@dispersivegroup.com>
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
This patches adds virtio-fs capability to the kata kernel along with
config changes to enable the same on kata by default. The system will
only be exercised when `shared_fs` is set to `virtio-fs` in the kata
configuration file. the default still remains to be 9p
Fixes: #387
Depends-on: github.com/kata-containers/runtime#1016
Signed-off-by: Ganesh Maharaj Mahalingam <ganesh.mahalingam@intel.com>
Using only one directory to hold kernel patches lead to
difficult maintenance. Instead use a list of patches per
kernel version.
If patches for a kernel version does not exist, dont fail.
Fixes: #308
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
All instances of the deprecated `arch` command are now replaced with `uname -m`.
Bumps kernel/kata_config_version to 34.
Fixes: #423
Signed-off-by: Rasmus Moorats <me@neonsea.uk>
This patch is update version for [1] as kernel
upgrad to v4.19.
It derives from [2] which has accept by kernel
community after v4.20. Modifacation has been done
to make it be able to enable memory hotplug using
probe method as it originally aims to using acpi.
Also some corresponding configurations in kernel
config are opened.
[1] https://github.com/kata-containers/packaging/
commit/e654dbd8367371c1b34776445a402d3c90f0dc66
[2] https://git.kernel.org/pub/scm/linux/kernel/
git/torvalds/linux.git/commit/
?id=4ab215061554ae2a4b78744a5dd3b3c6639f16a7
Change-Id: I305435f1d7e38d5cfcee22799792d1f4b0f015f8
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
Jira: ENTOS-899
Unless we run kata VM as a hypervisor, we may need
CONFIG_S390_HYPFS_FS and CONFIG_SYS_HYPERVISOR.
CONFIG_S390_VMUR is for z/VM hypvervisor.
Remove CONFIG_ZSWAP and its dependencies to match other arches.
Fixes: #421
Signed-off-by: Tuan Hoang <tmhoang@linux.ibm.com>
let's open nvdimm-related kernel config parameters on arm64, such as
CONFIG_ACPI_NFIT, etc. and we also need to backport patch
'kvm:arm64:Dynamic IPA and 52bit IPA'(https://patchwork.kernel.org/cover/10616271/)
and related dependency into v4.19.X to fully support nvdimm from guest kernel.
Former patch has already been merged into v4.20.X.
Fixes: #376
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
enable ZONE_DEVICE config to support map pages, pmem_should_map_pages()
function fails if this config is not enabled.
fixes#378
Signed-off-by: Julio Montes <julio.montes@intel.com
