[bionic/linux-kvm] [PATCH 1/3] UBUNTU: kvm: [Config] Enable IP set and netfilter

Julio Montes julio.montes at intel.com
Tue Jun 19 14:35:34 UTC 2018


BugLink: https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1761856

Enable IP set and netfilter netlink to allow kata agent to configure the network
inside the virtual machine.

Next configs are needed:
* CONFIG_IP_SET
* CONFIG_NETFILTER_NETLINK

Signed-off-by: Julio Montes <julio.montes at intel.com>
---
 debian.kvm/config/config.common.ubuntu | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

diff --git a/debian.kvm/config/config.common.ubuntu b/debian.kvm/config/config.common.ubuntu
index abb67e44bdb0..d27d549e2816 100644
--- a/debian.kvm/config/config.common.ubuntu
+++ b/debian.kvm/config/config.common.ubuntu
@@ -1163,7 +1163,24 @@ CONFIG_IP_ROUTE_CLASSID=y
 # CONFIG_IP_ROUTE_MULTIPATH is not set
 # CONFIG_IP_ROUTE_VERBOSE is not set
 # CONFIG_IP_SCTP is not set
-# CONFIG_IP_SET is not set
+CONFIG_IP_SET=y
+# CONFIG_IP_SET_BITMAP_IP is not set
+# CONFIG_IP_SET_BITMAP_IPMAC is not set
+# CONFIG_IP_SET_BITMAP_PORT is not set
+# CONFIG_IP_SET_HASH_IP is not set
+# CONFIG_IP_SET_HASH_IPMAC is not set
+# CONFIG_IP_SET_HASH_IPMARK is not set
+# CONFIG_IP_SET_HASH_IPPORT is not set
+# CONFIG_IP_SET_HASH_IPPORTIP is not set
+# CONFIG_IP_SET_HASH_IPPORTNET is not set
+# CONFIG_IP_SET_HASH_MAC is not set
+# CONFIG_IP_SET_HASH_NET is not set
+# CONFIG_IP_SET_HASH_NETIFACE is not set
+# CONFIG_IP_SET_HASH_NETNET is not set
+# CONFIG_IP_SET_HASH_NETPORT is not set
+# CONFIG_IP_SET_HASH_NETPORTNET is not set
+# CONFIG_IP_SET_LIST_SET is not set
+CONFIG_IP_SET_MAX=256
 # CONFIG_IP_VS is not set
 CONFIG_IRQ_BYPASS_MANAGER=y
 CONFIG_IRQ_DOMAIN=y
@@ -1423,7 +1440,7 @@ CONFIG_NETDEVICES=y
 CONFIG_NETFILTER=y
 CONFIG_NETFILTER_ADVANCED=y
 CONFIG_NETFILTER_INGRESS=y
-CONFIG_NETFILTER_NETLINK=m
+CONFIG_NETFILTER_NETLINK=y
 CONFIG_NETFILTER_NETLINK_ACCT=m
 CONFIG_NETFILTER_NETLINK_GLUE_CT=y
 CONFIG_NETFILTER_NETLINK_LOG=m
@@ -1477,6 +1494,7 @@ CONFIG_NETFILTER_XT_MATCH_TCPMSS=m
 CONFIG_NETFILTER_XT_MATCH_TIME=m
 CONFIG_NETFILTER_XT_MATCH_U32=m
 CONFIG_NETFILTER_XT_NAT=m
+# CONFIG_NETFILTER_XT_SET is not set
 # CONFIG_NETFILTER_XT_TARGET_AUDIT is not set
 CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m
 CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m
-- 
2.13.6





More information about the kernel-team mailing list