[PATCH 6.6] arm64: configs: Enable additional docker configs
Suhaas Joshi
s-joshi at ti.com
Sun Oct 27 21:53:40 PDT 2024
Docker requires a list of config options to be enabled in the kernel.
This list is generated by the script at [1]. The list has "mandatory"
configs and "optional" ones. The mandatory ones are already enabled, so
Docker works well with some images. But many of the optional ones,
particularly security and network configs, aren't enabled. So
enable those so that Docker can pull and run all valid images.
The configs generated are listed below.
Generally Necessary
...
- CONFIG_MEMCG_SWAP: enabled
- CONFIG_BLK_DEV_THROTTLING: enabled
- CONFIG_NET_CLS_CGROUP: enabled (as module)
- CONFIG_CGROUP_NET_PRIO: enabled
- CONFIG_CFS_BANDWIDTH: enabled
- CONFIG_IP_NF_TARGET_REDIRECT: enabled (as module)
- CONFIG_IP_VS_NFCT: enabled
- CONFIG_IP_VS_PROTO_TCP: enabled
- CONFIG_IP_VS_PROTO_UDP: enabled
- CONFIG_IP_VS_RR: enabled (as module)
- CONFIG_SECURITY_SELINUX: enabled
- CONFIG_SECURITY_APPARMOR: enabled
- CONFIG_EXT3_FS_XATTR: enabled
- CONFIG_EXT3_FS_POSIX_ACL: enabled
- CONFIG_EXT3_FS_SECURITY: enabled
- CONFIG_EXT4_FS_SECURITY: enabled
- CONFIG_VXLAN: enabled (as module)
- CONFIG_CRYPTO_SEQIV: enabled (as module)
- CONFIG_XFRM: enabled
- CONFIG_XFRM_USER: enabled
- CONFIG_XFRM_ALGO: enabled
- CONFIG_INET_ESP: enabled
- CONFIG_NETFILTER_XT_MATCH_BPF: enabled (as module)
- CONFIG_IPVLAN: enabled (as module)
- CONFIG_DUMMY: enabled (as module)
- CONFIG_NF_NAT_FTP: enabled (as module)
- CONFIG_NF_CONNTRACK_FTP: enabled (as module)
- CONFIG_NF_NAT_TFTP: enabled (as module)
- CONFIG_NF_CONNTRACK_TFTP: enabled (as module)
...
[1] https://github.com/moby/moby/blob/25.0/contrib/check-config.sh
Signed-off-by: Suhaas Joshi <s-joshi at ti.com>
---
arch/arm64/configs/defconfig | 29 +++++++++++++++++++++++++++++
1 file changed, 29 insertions(+)
diff --git a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig
index 7ffb46b74ae5..c37f18bddd38 100644
--- a/arch/arm64/configs/defconfig
+++ b/arch/arm64/configs/defconfig
@@ -1,6 +1,7 @@
CONFIG_SYSVIPC=y
CONFIG_POSIX_MQUEUE=y
CONFIG_AUDIT=y
+CONFIG_DUMMY=m
CONFIG_NO_HZ_IDLE=y
CONFIG_HIGH_RES_TIMERS=y
CONFIG_BPF_SYSCALL=y
@@ -16,7 +17,9 @@ CONFIG_IKCONFIG=y
CONFIG_IKCONFIG_PROC=y
CONFIG_NUMA_BALANCING=y
CONFIG_MEMCG=y
+CONFIG_MEMCG_SWAP=y
CONFIG_BLK_CGROUP=y
+CONFIG_CFS_BANDWIDTH=y
CONFIG_CGROUP_PIDS=y
CONFIG_CGROUP_FREEZER=y
CONFIG_CGROUP_HUGETLB=y
@@ -28,6 +31,7 @@ CONFIG_CGROUP_BPF=y
CONFIG_USER_NS=y
CONFIG_SCHED_AUTOGROUP=y
CONFIG_BLK_DEV_INITRD=y
+CONFIG_BLK_DEV_THROTTLING=y
CONFIG_KALLSYMS_ALL=y
CONFIG_PROFILING=y
CONFIG_KEXEC=y
@@ -135,22 +139,33 @@ CONFIG_IP_PNP=y
CONFIG_IP_PNP_DHCP=y
CONFIG_IP_PNP_BOOTP=y
CONFIG_IPV6=m
+CONFIG_IPVLAN=m
CONFIG_NETFILTER=y
CONFIG_BRIDGE_NETFILTER=m
CONFIG_NF_CONNTRACK=m
CONFIG_NF_CONNTRACK_EVENTS=y
+CONFIG_NF_NAT_FTP=m
+CONFIG_NF_NAT_TFTP=m
+CONFIG_NF_CONNTRACK_FTP=m
+CONFIG_NF_CONNTRACK_TFTP=m
CONFIG_NETFILTER_XT_MARK=m
CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m
CONFIG_NETFILTER_XT_TARGET_LOG=m
CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m
CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m
CONFIG_NETFILTER_XT_MATCH_IPVS=m
+CONFIG_NETFILTER_XT_MATCH_BPF=m
CONFIG_IP_VS=m
+CONFIG_IP_VS_PROTO_TCP=y
+CONFIG_IP_VS_PROTO_UDP=y
+CONFIG_IP_VS_RR=m
+CONFIG_IP_VS_NFCT=y
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
CONFIG_IP_NF_NAT=m
CONFIG_IP_NF_TARGET_MASQUERADE=m
+CONFIG_IP_NF_TARGET_REDIRECT=m
CONFIG_IP_NF_MANGLE=m
CONFIG_IP6_NF_IPTABLES=m
CONFIG_IP6_NF_FILTER=m
@@ -171,6 +186,7 @@ CONFIG_NET_SCH_TAPRIO=m
CONFIG_NET_SCH_MQPRIO=m
CONFIG_NET_SCH_INGRESS=m
CONFIG_NET_CLS_BASIC=m
+CONFIG_NET_CLS_CGROUP=m
CONFIG_NET_CLS_ROUTE4=m
CONFIG_NET_CLS_FW=m
CONFIG_NET_CLS_U32=m
@@ -198,6 +214,7 @@ CONFIG_NET_ACT_GATE=m
CONFIG_HSR=m
CONFIG_QRTR_SMD=m
CONFIG_QRTR_TUN=m
+CONFIG_CGROUP_NET_PRIO=y
CONFIG_CAN=m
CONFIG_BT=m
CONFIG_BT_HIDP=m
@@ -1573,7 +1590,12 @@ CONFIG_HTE_TEGRA194=y
CONFIG_HTE_TEGRA194_TEST=m
CONFIG_EXT2_FS=y
CONFIG_EXT3_FS=y
+CONFIG_EXT3_FS_XATTR=y
+CONFIG_EXT3_FS_POSIX_ACL=y
+CONFIG_EXT3_FS_SECURITY=y
CONFIG_EXT4_FS_POSIX_ACL=y
+CONFIG_EXT4_FS_SECURITY=y
+CONFIG_VXLAN=m
CONFIG_BTRFS_FS=m
CONFIG_BTRFS_FS_POSIX_ACL=y
CONFIG_FANOTIFY=y
@@ -1598,6 +1620,8 @@ CONFIG_9P_FS=y
CONFIG_NLS_CODEPAGE_437=y
CONFIG_NLS_ISO8859_1=y
CONFIG_SECURITY=y
+CONFIG_SECURITY_SELINUX=y
+CONFIG_SECURITY_APPARMOR=y
CONFIG_CRYPTO_USER=y
CONFIG_CRYPTO_TEST=m
CONFIG_CRYPTO_ECHAINIV=y
@@ -1628,6 +1652,11 @@ CONFIG_CRYPTO_DEV_HISI_HPRE=m
CONFIG_CRYPTO_DEV_HISI_TRNG=m
CONFIG_CRYPTO_DEV_SA2UL=m
CONFIG_CRYPTO_DEV_TI_MCRC64=m
+CONFIG_CRYPTO_SEQIV=m
+CONFIG_XFRM=y
+CONFIG_XFRM_USER=y
+CONFIG_XFRM_ALGO=y
+CONFIG_INET_ESP=y
CONFIG_DMA_RESTRICTED_POOL=y
CONFIG_CMA_SIZE_MBYTES=32
CONFIG_PRINTK_TIME=y
--
2.40.0
More information about the linux-arm-kernel
mailing list