OK - there are other fixes needed. will comment on that patch specifically.
On 9/2/22 08:10, Vincenzo Frascino wrote:
Hi Carsten,
On 9/1/22 21:03, Carsten Haitzler wrote:
Shouldn't this be split as this enables keys which has nothing to do with running in docker?
The patches will go in together anyway and keeping them in the same series helps with the testing of the usecase.
Thanks, Vincenzo
On 8/31/22 15:37, Vincenzo Frascino wrote:
Enable the required config options to run docker in the default defconfig for Morello Transitional PCUABI (morello_transitional_pcuabi_defconfig).
The resulting .config was certified with [1]:
...
info: reading kernel config from linux-out/.config ...
Generally Necessary:
- cgroup hierarchy: properly mounted [/sys/fs/cgroup]
- apparmor: enabled and tools installed
- CONFIG_NAMESPACES: enabled
- CONFIG_NET_NS: enabled
- CONFIG_PID_NS: enabled
- CONFIG_IPC_NS: enabled
- CONFIG_UTS_NS: enabled
- CONFIG_CGROUPS: enabled
- CONFIG_CGROUP_CPUACCT: enabled
- CONFIG_CGROUP_DEVICE: enabled
- CONFIG_CGROUP_FREEZER: enabled
- CONFIG_CGROUP_SCHED: enabled
- CONFIG_CPUSETS: enabled
- CONFIG_MEMCG: enabled
- CONFIG_KEYS: enabled
- CONFIG_VETH: enabled
- CONFIG_BRIDGE: enabled
- CONFIG_BRIDGE_NETFILTER: enabled
- CONFIG_IP_NF_FILTER: enabled
- CONFIG_IP_NF_TARGET_MASQUERADE: enabled
- CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled
- CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled
- CONFIG_NETFILTER_XT_MATCH_IPVS: enabled
- CONFIG_NETFILTER_XT_MARK: enabled
- CONFIG_IP_NF_NAT: enabled
- CONFIG_NF_NAT: enabled
- CONFIG_POSIX_MQUEUE: enabled
- CONFIG_CGROUP_BPF: enabled
...
[1] https://github.com/moby/moby/blob/master/contrib/check-config.sh
Signed-off-by: Vincenzo Frascino vincenzo.frascino@arm.com
.../morello_transitional_pcuabi_defconfig | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+)
diff --git a/arch/arm64/configs/morello_transitional_pcuabi_defconfig b/arch/arm64/configs/morello_transitional_pcuabi_defconfig index 20f14545d27e..693e1604b58d 100644 --- a/arch/arm64/configs/morello_transitional_pcuabi_defconfig +++ b/arch/arm64/configs/morello_transitional_pcuabi_defconfig @@ -3,6 +3,7 @@ CONFIG_POSIX_MQUEUE=y CONFIG_AUDIT=y CONFIG_NO_HZ_IDLE=y CONFIG_HIGH_RES_TIMERS=y +CONFIG_BPF_SYSCALL=y CONFIG_PREEMPT=y CONFIG_IRQ_TIME_ACCOUNTING=y CONFIG_BSD_PROCESS_ACCT=y @@ -19,11 +20,13 @@ CONFIG_MEMCG=y CONFIG_BLK_CGROUP=y CONFIG_UCLAMP_TASK_GROUP=y CONFIG_CGROUP_PIDS=y +CONFIG_CGROUP_FREEZER=y CONFIG_CGROUP_HUGETLB=y CONFIG_CPUSETS=y CONFIG_CGROUP_DEVICE=y CONFIG_CGROUP_CPUACCT=y CONFIG_CGROUP_PERF=y +CONFIG_CGROUP_BPF=y CONFIG_USER_NS=y CONFIG_SCHED_AUTOGROUP=y CONFIG_BLK_DEV_INITRD=y @@ -64,7 +67,21 @@ CONFIG_UNIX=y CONFIG_INET=y CONFIG_IP_PNP=y CONFIG_IP_PNP_DHCP=y +CONFIG_NETFILTER=y +CONFIG_BRIDGE_NETFILTER=y +CONFIG_NF_CONNTRACK=y +CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=y +CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y +CONFIG_NETFILTER_XT_MATCH_IPVS=y +CONFIG_NETFILTER_XT_MATCH_MARK=y +CONFIG_IP_VS=y +CONFIG_IP_NF_IPTABLES=y +CONFIG_IP_NF_FILTER=y +CONFIG_IP_NF_NAT=y +CONFIG_IP_NF_TARGET_MASQUERADE=y +CONFIG_BRIDGE=y CONFIG_PCI=y +CONFIG_PCI_MSI=y CONFIG_PCI_HOST_GENERIC=y CONFIG_DEVTMPFS=y CONFIG_DEVTMPFS_MOUNT=y @@ -77,6 +94,7 @@ CONFIG_SATA_AHCI=y CONFIG_MD=y CONFIG_BLK_DEV_DM=y CONFIG_NETDEVICES=y +CONFIG_VETH=y CONFIG_VIRTIO_NET=y CONFIG_R8169=y CONFIG_SMC91X=y @@ -86,6 +104,11 @@ CONFIG_SERIAL_AMBA_PL011=y CONFIG_SERIAL_AMBA_PL011_CONSOLE=y CONFIG_HW_RANDOM=y CONFIG_HW_RANDOM_VIRTIO=y +CONFIG_GPIOLIB=y +CONFIG_GPIO_GENERIC_PLATFORM=y +CONFIG_POWER_RESET=y +CONFIG_POWER_SUPPLY=y +CONFIG_MFD_SYSCON=y CONFIG_REGULATOR=y CONFIG_REGULATOR_FIXED_VOLTAGE=y CONFIG_USB=y @@ -113,8 +136,10 @@ CONFIG_CONFIGFS_FS=y # CONFIG_EFIVAR_FS is not set CONFIG_NLS_CODEPAGE_437=y CONFIG_NLS_ISO8859_1=y +CONFIG_KEYS=y CONFIG_SECURITY=y CONFIG_SECURITY_NETWORK=y +CONFIG_LSM_MMAP_MIN_ADDR=32768 CONFIG_SECURITY_SELINUX=y CONFIG_PRINTK_TIME=y CONFIG_DEBUG_KERNEL=y