Re: Kindly review for kernel config changes

Home Messages Hashtags Subgroups

#4949

Re: Kindly review for kernel config changes

Kento Yoshida #4949 isar-cip-core and deby share cip-kernel-config configuration files. isar-cip-core still has the configuration files there but conf/machine files with USE_CIP_KERNEL_CONFIG = "1" do not use them anymore. I see. Thank you, Daniel. But, I'm wondering why conf/machine/qemu-amd64.conf doesn't define USE_CIP_KERNEL_CONFIG = "1". Do you have any information for this, Dinesh or Venkata? I think we should reconfirm to add these configs to https://gitlab.com/cip-project/cip-kernel/cip-kernel-config/-/blob/master/4.19.y-cip/x86/cip_qemu_defconfig. Or, have you already confirmed to build the image using this? BR, Kent -----Original Message----- From: cip-dev@... <cip-dev@...> On Behalf Of Daniel Sangorrin via lists.cip-project.org Sent: Tuesday, July 21, 2020 4:57 PM To: cip-dev@... Subject: Re: [cip-dev] Kindly review for kernel config changes Hi Kent, The configuration should go to https://gitlab.com/cip-project/cip-kernel/cip-kernel-config not isar-cip-core. isar-cip-core and deby share cip-kernel-config configuration files. isar-cip-core still has the configuration files there but conf/machine files with USE_CIP_KERNEL_CONFIG = "1" do not use them anymore. Actually that is a nother AI. Thanks, Daniel ________________________________________ From: cip-dev@... <cip-dev@...> on behalf of Kento Yoshida <kento.yoshida.wz@...> Sent: Tuesday, July 21, 2020 4:12 PM To: cip-dev@... Subject: [cip-dev] Kindly review for kernel config changes Hi, The security working group need to use "nftables", and it requires to add the below kernel configs to work. Before merging to the master branch of "isar-cip-core", would you kindly review to add the below configs by this Friday, everyone? --- a/recipes-kernel/linux/files/qemu-amd64_defconfig +++ b/recipes-kernel/linux/files/qemu-amd64_defconfig @@ -351,3 +351,34 @@ CONFIG_CRYPTO_DEV_CCP=y # CONFIG_XZ_DEC_ARM is not set # CONFIG_XZ_DEC_ARMTHUMB is not set # CONFIG_XZ_DEC_SPARC is not set +CONFIG_NF_TABLES=y +CONFIG_NF_TABLES_INET=y +CONFIG_NF_TABLES_NETDEV=y +CONFIG_NFT_EXTHDR=y +CONFIG_NFT_META=y +CONFIG_NFT_CT=y +CONFIG_NFT_RBTREE=y +CONFIG_NFT_HASH=y +CONFIG_NFT_COUNTER=y +CONFIG_NFT_LOG=y +CONFIG_NFT_LIMIT=y +CONFIG_NFT_MASQ=y +CONFIG_NFT_REDIR=y +CONFIG_NFT_NAT=y +CONFIG_NFT_QUEUE=y +CONFIG_NFT_REJECT=y +CONFIG_NFT_REJECT_INET=y +CONFIG_NFT_COMPAT=y +CONFIG_NFT_CHAIN_ROUTE_IPV4=y +CONFIG_NFT_REJECT_IPV4=y +CONFIG_NFT_CHAIN_NAT_IPV4=y +CONFIG_NFT_MASQ_IPV4=y +# CONFIG_NFT_REDIR_IPV4 is not set +CONFIG_NFT_CHAIN_ROUTE_IPV6=y +CONFIG_NFT_REJECT_IPV6=y +CONFIG_NFT_CHAIN_NAT_IPV6=y +CONFIG_NFT_MASQ_IPV6=y +# CONFIG_NFT_REDIR_IPV6 is not set +CONFIG_NFT_BRIDGE_META=y +CONFIG_NFT_BRIDGE_REJECT=y +CONFIG_NF_LOG_BRIDGE=y BR, Kent
More All Messages By This Member

View All 6 Messages In Topic

#4949

Join cip-dev@lists.cip-project.org to automatically receive all group messages.

Home Hashtags Subgroups Terms