UBUNTU: kvm: [config] Enable support for Transformation(XFRM)

Message ID 20180406200923.12034-1-julio.montes@intel.com
State New
Headers show
Series
  • UBUNTU: kvm: [config] Enable support for Transformation(XFRM)
Related show

Commit Message

Julio Montes April 6, 2018, 8:09 p.m.
BugLink: https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1761856

Enable support for Transformation(XFRM) and IP set support to let kata containers agent
configure the network inside the container.

Next configs are needed:
* CONFIG_IP_SET
* CONFIG_NETFILTER_NETLINK
* CONFIG_XFRM_USER

Signed-off-by: Julio Montes <julio.montes@intel.com>
---
 debian.kvm/config/config.common.ubuntu | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

Comments

Kleber Sacilotto de Souza April 23, 2018, 1:49 p.m. | #1
On 04/06/18 22:09, Julio Montes wrote:
> BugLink: https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1761856
> 
> Enable support for Transformation(XFRM) and IP set support to let kata containers agent
> configure the network inside the container.
> 
> Next configs are needed:
> * CONFIG_IP_SET
> * CONFIG_NETFILTER_NETLINK
> * CONFIG_XFRM_USER
> 
> Signed-off-by: Julio Montes <julio.montes@intel.com>
> ---
>  debian.kvm/config/config.common.ubuntu | 7 ++++---
>  1 file changed, 4 insertions(+), 3 deletions(-)
> 
> diff --git a/debian.kvm/config/config.common.ubuntu b/debian.kvm/config/config.common.ubuntu
> index 93532e3..b52fac0 100644
> --- a/debian.kvm/config/config.common.ubuntu
> +++ b/debian.kvm/config/config.common.ubuntu
> @@ -1004,7 +1004,7 @@ CONFIG_IP_ROUTE_CLASSID=y
>  # CONFIG_IP_ROUTE_MULTIPATH is not set
>  # CONFIG_IP_ROUTE_VERBOSE is not set
>  # CONFIG_IP_SCTP is not set
> -CONFIG_IP_SET=m
> +CONFIG_IP_SET=y
>  CONFIG_IP_SET_BITMAP_IP=m
>  CONFIG_IP_SET_BITMAP_IPMAC=m
>  CONFIG_IP_SET_BITMAP_PORT=m
> @@ -1297,7 +1297,7 @@ CONFIG_NETFILTER=y
>  CONFIG_NETFILTER_ADVANCED=y
>  # CONFIG_NETFILTER_DEBUG is not set
>  CONFIG_NETFILTER_INGRESS=y
> -CONFIG_NETFILTER_NETLINK=m
> +CONFIG_NETFILTER_NETLINK=y
>  CONFIG_NETFILTER_NETLINK_ACCT=m
>  CONFIG_NETFILTER_NETLINK_GLUE_CT=y
>  CONFIG_NETFILTER_NETLINK_LOG=m
> @@ -2250,10 +2250,11 @@ CONFIG_X86_X2APIC=y
>  # CONFIG_X86_X32 is not set
>  # CONFIG_XEN is not set
>  CONFIG_XFRM=y
> +CONFIG_XFRM_ALGO=y
>  # CONFIG_XFRM_MIGRATE is not set
>  # CONFIG_XFRM_STATISTICS is not set
>  # CONFIG_XFRM_SUB_POLICY is not set
> -# CONFIG_XFRM_USER is not set
> +CONFIG_XFRM_USER=y
>  # CONFIG_XFS_DEBUG is not set
>  CONFIG_XFS_FS=m
>  # CONFIG_XFS_POSIX_ACL is not set
> 

Hi Julio,

Is there any reason these config options couldn't be kept as modules?


Thanks,
Kleber
Julio Montes April 23, 2018, 3:57 p.m. | #2
Hi Kleber

Kata does not support modules, all features need to be built-in

Thanks,
Julio

On Mon, 2018-04-23 at 15:49 +0200, Kleber Souza wrote:
> On 04/06/18 22:09, Julio Montes wrote:
> > BugLink: https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1
> > 761856
> > 
> > Enable support for Transformation(XFRM) and IP set support to let
> > kata containers agent
> > configure the network inside the container.
> > 
> > Next configs are needed:
> > * CONFIG_IP_SET
> > * CONFIG_NETFILTER_NETLINK
> > * CONFIG_XFRM_USER
> > 
> > Signed-off-by: Julio Montes <julio.montes@intel.com>
> > ---
> >  debian.kvm/config/config.common.ubuntu | 7 ++++---
> >  1 file changed, 4 insertions(+), 3 deletions(-)
> > 
> > diff --git a/debian.kvm/config/config.common.ubuntu
> > b/debian.kvm/config/config.common.ubuntu
> > index 93532e3..b52fac0 100644
> > --- a/debian.kvm/config/config.common.ubuntu
> > +++ b/debian.kvm/config/config.common.ubuntu
> > @@ -1004,7 +1004,7 @@ CONFIG_IP_ROUTE_CLASSID=y
> >  # CONFIG_IP_ROUTE_MULTIPATH is not set
> >  # CONFIG_IP_ROUTE_VERBOSE is not set
> >  # CONFIG_IP_SCTP is not set
> > -CONFIG_IP_SET=m
> > +CONFIG_IP_SET=y
> >  CONFIG_IP_SET_BITMAP_IP=m
> >  CONFIG_IP_SET_BITMAP_IPMAC=m
> >  CONFIG_IP_SET_BITMAP_PORT=m
> > @@ -1297,7 +1297,7 @@ CONFIG_NETFILTER=y
> >  CONFIG_NETFILTER_ADVANCED=y
> >  # CONFIG_NETFILTER_DEBUG is not set
> >  CONFIG_NETFILTER_INGRESS=y
> > -CONFIG_NETFILTER_NETLINK=m
> > +CONFIG_NETFILTER_NETLINK=y
> >  CONFIG_NETFILTER_NETLINK_ACCT=m
> >  CONFIG_NETFILTER_NETLINK_GLUE_CT=y
> >  CONFIG_NETFILTER_NETLINK_LOG=m
> > @@ -2250,10 +2250,11 @@ CONFIG_X86_X2APIC=y
> >  # CONFIG_X86_X32 is not set
> >  # CONFIG_XEN is not set
> >  CONFIG_XFRM=y
> > +CONFIG_XFRM_ALGO=y
> >  # CONFIG_XFRM_MIGRATE is not set
> >  # CONFIG_XFRM_STATISTICS is not set
> >  # CONFIG_XFRM_SUB_POLICY is not set
> > -# CONFIG_XFRM_USER is not set
> > +CONFIG_XFRM_USER=y
> >  # CONFIG_XFS_DEBUG is not set
> >  CONFIG_XFS_FS=m
> >  # CONFIG_XFS_POSIX_ACL is not set
> > 
> 
> Hi Julio,
> 
> Is there any reason these config options couldn't be kept as modules?
> 
> 
> Thanks,
> Kleber

Patch

diff --git a/debian.kvm/config/config.common.ubuntu b/debian.kvm/config/config.common.ubuntu
index 93532e3..b52fac0 100644
--- a/debian.kvm/config/config.common.ubuntu
+++ b/debian.kvm/config/config.common.ubuntu
@@ -1004,7 +1004,7 @@  CONFIG_IP_ROUTE_CLASSID=y
 # CONFIG_IP_ROUTE_MULTIPATH is not set
 # CONFIG_IP_ROUTE_VERBOSE is not set
 # CONFIG_IP_SCTP is not set
-CONFIG_IP_SET=m
+CONFIG_IP_SET=y
 CONFIG_IP_SET_BITMAP_IP=m
 CONFIG_IP_SET_BITMAP_IPMAC=m
 CONFIG_IP_SET_BITMAP_PORT=m
@@ -1297,7 +1297,7 @@  CONFIG_NETFILTER=y
 CONFIG_NETFILTER_ADVANCED=y
 # CONFIG_NETFILTER_DEBUG is not set
 CONFIG_NETFILTER_INGRESS=y
-CONFIG_NETFILTER_NETLINK=m
+CONFIG_NETFILTER_NETLINK=y
 CONFIG_NETFILTER_NETLINK_ACCT=m
 CONFIG_NETFILTER_NETLINK_GLUE_CT=y
 CONFIG_NETFILTER_NETLINK_LOG=m
@@ -2250,10 +2250,11 @@  CONFIG_X86_X2APIC=y
 # CONFIG_X86_X32 is not set
 # CONFIG_XEN is not set
 CONFIG_XFRM=y
+CONFIG_XFRM_ALGO=y
 # CONFIG_XFRM_MIGRATE is not set
 # CONFIG_XFRM_STATISTICS is not set
 # CONFIG_XFRM_SUB_POLICY is not set
-# CONFIG_XFRM_USER is not set
+CONFIG_XFRM_USER=y
 # CONFIG_XFS_DEBUG is not set
 CONFIG_XFS_FS=m
 # CONFIG_XFS_POSIX_ACL is not set