59dc61df5b
Linux has embraced another LTS kernel version v5.4.x. If we, AArch64, update stable guest kernel version to v5.4.x, we could get rid of huge chunkes of backport patches under patches/4.19.x/. Except following configs are penny-defined turned on/off, all the other are sort of `built-in` defined or inherited from v4.19.x. 1. CONFIG_IO_URING = y This option enables support for the io_uring interface. 2. CONFIG_RODATA_FULL_DEFAULT_ENABLED = n Apply read-only attributes of VM areas to the linear alias of the backing pages as well. 3. CONFIG_ARM64_TAGGED_ADDR_ABI = n When this option is enabled, user applications can opt in to a relaxed ABI allow virtual tagged addresses to be passed to system calls as pointer arguments. 4. CONFIG_ARM64_PTR_AUTH = n Pointer authentication provides instructions for signing and authenticating pointers against secret keys, which can be used to mitigate Return Oriented Programming (ROP) and other attacks. Fixes: #882 Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Kata Containers kernel config files
This directory contains Linux Kernel config files used to configure Kata Containers VM kernels.
Types of config files
This directory holds config files for the Kata Linux Kernel in two forms:
- A tree of config file 'fragments' in the
fragmentssub-folder, that are constructed into a complete config file using the kernelscripts/kconfig/merge_config.shscript. - As complete config files that can be used as-is.
Kernel config fragments are the preferred method of constructing .config files
to build Kata Containers kernels, due to their improved clarity and ease of maintenance
over single file monolithic .configs.
How to use config files
The recommended way to set up a kernel tree, populate it with a relevant .config file,
and build a kernel, is to use the build_kernel.sh script. For
example:
$ ./build-kernel.sh setup
The build-kernel.sh script understands both full and fragment based config files.
Run ./build-kernel.sh help for more information.
How to modify config files
Complete config files can be modified either with an editor, or preferably
using the kernel Kconfig configuration tools, for example:
$ cp x86_kata_kvm_4.14.x linux-4.14.22/.config
$ pushd linux-4.14.22
$ make menuconfig
$ popd
$ cp linux-4.14.22/.config x86_kata_kvm_4.14.x
Kernel fragments are best constructed using an editor. Tools such as grep and
diff can help find the differences between two config files to be placed
into a fragment.
If adding config entries for a new subsystem or feature, consider making a new fragment with an appropriately descriptive name.
The fragment gathering tool perfoms some basic sanity checks, and the build-kernel.sh will
fail and report the error in the cases of:
- A duplicate
CONFIGsymbol appearing. - A
CONFIGsymbol being in a fragment, but not appearing in the final .config- which indicates that
CONFIGvariable is not a part of the kernelKconfigsetup, which can indicate a typing mistake in the name of the symbol.
- which indicates that
- A
CONFIGsymbol appearing in the fragments with multiple different values.