Add kconfig check for containers (MR 2060)
Usage: pmbootstrap kconfig check --containers linux-postmarketos-qcom-msm8974
This commit is contained in:
parent
716336e30b
commit
687807fa73
|
@ -152,4 +152,6 @@ def menuconfig(args, pkgname):
|
|||
|
||||
# Check config
|
||||
pmb.parse.kconfig.check(args, apkbuild["_flavor"], force_anbox_check=False,
|
||||
force_nftables_check=False, details=True)
|
||||
force_nftables_check=False,
|
||||
force_containers_check=False,
|
||||
details=True)
|
||||
|
|
|
@ -323,6 +323,117 @@ necessary_kconfig_options_nftables = {
|
|||
},
|
||||
}
|
||||
|
||||
# Necessary kernel config options for containers (lxc, Docker)
|
||||
necessary_kconfig_options_containers = {
|
||||
">=0.0.0": { # all versions, more specifically - since >=2.5~2.6
|
||||
"all": { # all arches
|
||||
"NAMESPACES": True,
|
||||
"NET_NS": True,
|
||||
"PID_NS": True,
|
||||
"IPC_NS": True,
|
||||
"UTS_NS": True,
|
||||
"CGROUPS": True,
|
||||
"CGROUP_CPUACCT": True,
|
||||
"CGROUP_DEVICE": True,
|
||||
"CGROUP_FREEZER": True,
|
||||
"CGROUP_SCHED": True,
|
||||
"CPUSETS": True,
|
||||
"KEYS": True,
|
||||
"VETH": True,
|
||||
"BRIDGE": True, # (also needed for anbox)
|
||||
"BRIDGE_NETFILTER": True,
|
||||
"IP_NF_FILTER": True,
|
||||
"IP_NF_TARGET_MASQUERADE": True,
|
||||
"NETFILTER_XT_MATCH_ADDRTYPE": True,
|
||||
"NETFILTER_XT_MATCH_CONNTRACK": True,
|
||||
"NETFILTER_XT_MATCH_IPVS": True,
|
||||
"NETFILTER_XT_MARK": True,
|
||||
"NETFILTER_XT_TARGET_CHECKSUM": True, # Needed for lxc
|
||||
"IP_NF_NAT": True,
|
||||
"NF_NAT": True,
|
||||
"POSIX_MQUEUE": True,
|
||||
"BLK_DEV_DM": True, # Storage Drivers
|
||||
"DUMMY": True, # Network Drivers
|
||||
# "USER_NS": True, # This is already in pmOS kconfig check
|
||||
"BLK_CGROUP": True, # Optional section
|
||||
"BLK_DEV_THROTTLING": True, # Optional section
|
||||
"CGROUP_PERF": True, # Optional section
|
||||
"NET_CLS_CGROUP": True, # Optional section
|
||||
"FAIR_GROUP_SCHED": True, # Optional section
|
||||
"RT_GROUP_SCHED": True, # Optional section
|
||||
"IP_NF_TARGET_REDIRECT": True, # Optional section
|
||||
"IP_VS": True, # Optional section
|
||||
"IP_VS_NFCT": True, # Optional section
|
||||
"IP_VS_PROTO_TCP": True, # Optional section
|
||||
"IP_VS_PROTO_UDP": True, # Optional section
|
||||
"IP_VS_RR": True, # Optional section
|
||||
# "EXT4_FS": True, # This is already in pmOS kconfig check
|
||||
"EXT4_FS_POSIX_ACL": True, # Optional section
|
||||
"EXT4_FS_SECURITY": True, # Optional section
|
||||
}
|
||||
},
|
||||
">=3.2": {
|
||||
"all": {
|
||||
"CFS_BANDWIDTH": True, # Optional section
|
||||
}
|
||||
},
|
||||
">=3.3": {
|
||||
"all": { # all arches
|
||||
"CHECKPOINT_RESTORE": True, # Needed for lxc
|
||||
}
|
||||
},
|
||||
">=3.6": {
|
||||
"all": { # all arches
|
||||
"MEMCG": True,
|
||||
"MEMCG_SWAP": True,
|
||||
"DM_THIN_PROVISIONING": True, # Storage Drivers
|
||||
},
|
||||
"x86 x86_64": { # only for x86, x86_64 (and sparc64, ia64)
|
||||
"CONFIG_HUGETLB_PAGE": True,
|
||||
"CGROUP_HUGETLB": True, # Optional section
|
||||
}
|
||||
},
|
||||
">=3.7 <5.0": {
|
||||
"all": {
|
||||
"NF_NAT_IPV4": True, # Needed for lxc
|
||||
"NF_NAT_IPV6": True, # Needed for lxc
|
||||
},
|
||||
},
|
||||
">=3.7": {
|
||||
"all": { # all arches
|
||||
"VXLAN": True, # Network Drivers
|
||||
"IP6_NF_TARGET_MASQUERADE": True, # Needed for lxc
|
||||
}
|
||||
},
|
||||
">=3.9": {
|
||||
"all": { # all arches
|
||||
"BRIDGE_VLAN_FILTERING": True, # Network Drivers (also for anbox)
|
||||
"MACVLAN": True, # Network Drivers
|
||||
}
|
||||
},
|
||||
">=3.14": {
|
||||
"all": { # all arches
|
||||
"CGROUP_NET_PRIO": True, # Optional section
|
||||
}
|
||||
},
|
||||
">=3.18": {
|
||||
"all": { # all arches
|
||||
"OVERLAY_FS": True, # Storage Drivers
|
||||
}
|
||||
},
|
||||
">=3.19": {
|
||||
"all": { # all arches
|
||||
"IPVLAN": True, # Network Drivers
|
||||
"SECCOMP": True, # Optional section
|
||||
}
|
||||
},
|
||||
">=4.4": {
|
||||
"all": { # all arches
|
||||
"CGROUP_PIDS": True, # Optional section
|
||||
}
|
||||
},
|
||||
}
|
||||
|
||||
#
|
||||
# PARSE
|
||||
#
|
||||
|
@ -390,6 +501,7 @@ apkbuild_custom_valid_options = [
|
|||
"!pmb:crossdirect",
|
||||
"!pmb:kconfig-check",
|
||||
"pmb:kconfigcheck-anbox",
|
||||
"pmb:kconfigcheck-containers",
|
||||
"pmb:kconfigcheck-nftables",
|
||||
"pmb:cross-native",
|
||||
"pmb:strict",
|
||||
|
|
|
@ -376,6 +376,7 @@ def kconfig(args):
|
|||
if pmb.parse.kconfig.check_file(args, args.package,
|
||||
anbox=args.anbox,
|
||||
nftables=args.nftables,
|
||||
containers=args.containers,
|
||||
details=True):
|
||||
logging.info("kconfig check succeeded!")
|
||||
return
|
||||
|
@ -403,9 +404,11 @@ def kconfig(args):
|
|||
if "!pmb:kconfigcheck" in apkbuild["options"]:
|
||||
skipped += 1
|
||||
continue
|
||||
if not pmb.parse.kconfig.check(args, package,
|
||||
if not pmb.parse.kconfig.check(
|
||||
args, package,
|
||||
force_anbox_check=args.anbox,
|
||||
force_nftables_check=args.nftables,
|
||||
force_containers_check=args.containers,
|
||||
details=True):
|
||||
error = True
|
||||
|
||||
|
|
|
@ -439,6 +439,8 @@ def arguments_kconfig(subparser):
|
|||
" options needed for anbox too")
|
||||
check.add_argument("--nftables", action="store_true", help="check"
|
||||
" options needed for nftables too")
|
||||
check.add_argument("--containers", action="store_true",
|
||||
help="check options needed for containers too")
|
||||
check_package = check.add_argument("package", default="", nargs='?')
|
||||
if argcomplete:
|
||||
check_package.completer = kernel_completer
|
||||
|
|
|
@ -65,7 +65,7 @@ def check_option(component, details, config, config_path_pretty, option,
|
|||
|
||||
|
||||
def check_config(config_path, config_path_pretty, config_arch, pkgver,
|
||||
anbox=False, nftables=False, details=False):
|
||||
anbox=False, nftables=False, containers=False, details=False):
|
||||
logging.debug(f"Check kconfig: {config_path}")
|
||||
with open(config_path) as handle:
|
||||
config = handle.read()
|
||||
|
@ -75,6 +75,9 @@ def check_config(config_path, config_path_pretty, config_arch, pkgver,
|
|||
components["anbox"] = pmb.config.necessary_kconfig_options_anbox
|
||||
if nftables:
|
||||
components["nftables"] = pmb.config.necessary_kconfig_options_nftables
|
||||
if containers:
|
||||
components["containers"] = \
|
||||
pmb.config.necessary_kconfig_options_containers
|
||||
|
||||
results = [check_config_options_set(config, config_path_pretty,
|
||||
config_arch, options, component,
|
||||
|
@ -118,7 +121,7 @@ def check_config_options_set(config, config_path_pretty, config_arch, options,
|
|||
|
||||
|
||||
def check(args, pkgname, force_anbox_check=False, force_nftables_check=False,
|
||||
details=False):
|
||||
force_containers_check=False, details=False):
|
||||
"""
|
||||
Check for necessary kernel config options in a package.
|
||||
|
||||
|
@ -141,13 +144,18 @@ def check(args, pkgname, force_anbox_check=False, force_nftables_check=False,
|
|||
"pmb:kconfigcheck-anbox" in apkbuild["options"])
|
||||
check_nftables = force_nftables_check or (
|
||||
"pmb:kconfigcheck-nftables" in apkbuild["options"])
|
||||
check_containers = force_containers_check or (
|
||||
"pmb:kconfigcheck-containers" in apkbuild["options"])
|
||||
for config_path in glob.glob(aport + "/config-*"):
|
||||
# The architecture of the config is in the name, so it just needs to be
|
||||
# extracted
|
||||
config_arch = os.path.basename(config_path).split(".")[1]
|
||||
config_path_pretty = f"linux-{flavor}/{os.path.basename(config_path)}"
|
||||
ret &= check_config(config_path, config_path_pretty, config_arch,
|
||||
pkgver, anbox=check_anbox, nftables=check_nftables,
|
||||
pkgver,
|
||||
anbox=check_anbox,
|
||||
nftables=check_nftables,
|
||||
containers=check_containers,
|
||||
details=details)
|
||||
return ret
|
||||
|
||||
|
@ -185,7 +193,7 @@ def extract_version(config_file):
|
|||
|
||||
|
||||
def check_file(args, config_file, anbox=False, nftables=False,
|
||||
details=False):
|
||||
containers=False, details=False):
|
||||
"""
|
||||
Check for necessary kernel config options in a kconfig file.
|
||||
|
||||
|
@ -196,4 +204,7 @@ def check_file(args, config_file, anbox=False, nftables=False,
|
|||
logging.debug(f"Check kconfig: parsed arch={arch}, version={version} from "
|
||||
"file: {config_file}")
|
||||
return check_config(config_file, config_file, arch, version,
|
||||
anbox=anbox, nftables=nftables, details=details)
|
||||
anbox=anbox,
|
||||
nftables=nftables,
|
||||
containers=containers,
|
||||
details=details)
|
||||
|
|
Loading…
Reference in New Issue