Gitiles
Code Review Sign In
gerrit-dev.monogon.dev / monogon / 4e090357c4f1f3bae53a5f2feaf20ea5e1bbbe61^! / . / third_party
commit4e090357c4f1f3bae53a5f2feaf20ea5e1bbbe61[log] [tgz]
authorLorenz Brun <lorenz@nexantic.com>Wed Mar 17 17:44:41 2021 +0100
committerLorenz Brun <lorenz@nexantic.com>Wed Mar 17 17:44:41 2021 +0100
tree335ec273335722befdeca623b8f3f787a2cd6571
parent0ed2f96a3a86aff2c9ce36289aa5d58a75f4d59b [diff]
Add KVM device plugin

This adds a KVM device plugin for Kubernetes. This plugin allows for unprivileged access and granular
control of KVM access.

Test Plan: Tested in subsequent revision

X-Origin-Diff: phab/D739
GitOrigin-RevId: 5cd738a47d24e7bfdc29bbd1a31537209e1ebf46

diff --git a/third_party/linux/linux-metropolis.config b/third_party/linux/linux-metropolis.config
index a6faa09..f03e66b 100644
--- a/third_party/linux/linux-metropolis.config
+++ b/third_party/linux/linux-metropolis.config

@@ -86,11 +86,12 @@
 #
 # Timers subsystem
 #
+CONFIG_TICK_ONESHOT=y
 CONFIG_HZ_PERIODIC=y
 # CONFIG_NO_HZ_IDLE is not set
 # CONFIG_NO_HZ_FULL is not set
 # CONFIG_NO_HZ is not set
-# CONFIG_HIGH_RES_TIMERS is not set
+CONFIG_HIGH_RES_TIMERS=y
 # end of Timers subsystem
 
 CONFIG_PREEMPT_NONE=y
@@ -105,7 +106,7 @@
 # CONFIG_IRQ_TIME_ACCOUNTING is not set
 # CONFIG_BSD_PROCESS_ACCT is not set
 CONFIG_TASKSTATS=y
-# CONFIG_TASK_DELAY_ACCT is not set
+CONFIG_TASK_DELAY_ACCT=y
 # CONFIG_TASK_XACCT is not set
 CONFIG_PSI=y
 # CONFIG_PSI_DEFAULT_DISABLED is not set
@@ -425,6 +426,7 @@
 # CONFIG_HZ_300 is not set
 # CONFIG_HZ_1000 is not set
 CONFIG_HZ=250
+CONFIG_SCHED_HRTICK=y
 # CONFIG_KEXEC is not set
 # CONFIG_KEXEC_FILE is not set
 # CONFIG_CRASH_DUMP is not set
@@ -632,7 +634,24 @@
 # end of Firmware Drivers
 
 CONFIG_HAVE_KVM=y
+CONFIG_HAVE_KVM_IRQCHIP=y
+CONFIG_HAVE_KVM_IRQFD=y
+CONFIG_HAVE_KVM_IRQ_ROUTING=y
+CONFIG_HAVE_KVM_EVENTFD=y
+CONFIG_KVM_MMIO=y
+CONFIG_KVM_ASYNC_PF=y
+CONFIG_HAVE_KVM_MSI=y
+CONFIG_HAVE_KVM_CPU_RELAX_INTERCEPT=y
+CONFIG_KVM_VFIO=y
+CONFIG_KVM_GENERIC_DIRTYLOG_READ_PROTECT=y
+CONFIG_HAVE_KVM_IRQ_BYPASS=y
+CONFIG_HAVE_KVM_NO_POLL=y
+CONFIG_KVM_XFER_TO_GUEST_WORK=y
 CONFIG_VIRTUALIZATION=y
+CONFIG_KVM=y
+CONFIG_KVM_INTEL=y
+CONFIG_KVM_AMD=y
+CONFIG_KVM_AMD_SEV=y
 CONFIG_AS_AVX512=y
 CONFIG_AS_SHA1_NI=y
 CONFIG_AS_SHA256_NI=y
@@ -650,6 +669,7 @@
 # CONFIG_STATIC_CALL_SELFTEST is not set
 CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y
 CONFIG_ARCH_USE_BUILTIN_BSWAP=y
+CONFIG_USER_RETURN_NOTIFIER=y
 CONFIG_HAVE_IOREMAP_PROT=y
 CONFIG_HAVE_KPROBES=y
 CONFIG_HAVE_KRETPROBES=y
@@ -791,6 +811,7 @@
 # CONFIG_IOSCHED_BFQ is not set
 # end of IO Schedulers
 
+CONFIG_PREEMPT_NOTIFIERS=y
 CONFIG_PADATA=y
 CONFIG_ASN1=y
 CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
@@ -2634,6 +2655,7 @@
 # CONFIG_UIO_MF624 is not set
 # CONFIG_UIO_HV_GENERIC is not set
 # CONFIG_VFIO is not set
+CONFIG_IRQ_BYPASS_MANAGER=y
 # CONFIG_VIRT_DRIVERS is not set
 CONFIG_VIRTIO=y
 CONFIG_VIRTIO_MENU=y
@@ -3391,7 +3413,9 @@
 # CONFIG_CRYPTO_DEV_PADLOCK is not set
 # CONFIG_CRYPTO_DEV_ATMEL_ECC is not set
 # CONFIG_CRYPTO_DEV_ATMEL_SHA204A is not set
-# CONFIG_CRYPTO_DEV_CCP is not set
+CONFIG_CRYPTO_DEV_CCP=y
+CONFIG_CRYPTO_DEV_CCP_DD=y
+CONFIG_CRYPTO_DEV_SP_PSP=y
 # CONFIG_CRYPTO_DEV_QAT_DH895xCC is not set
 # CONFIG_CRYPTO_DEV_QAT_C3XXX is not set
 # CONFIG_CRYPTO_DEV_QAT_C62X is not set
@@ -3633,6 +3657,7 @@
 # Scheduler Debugging
 #
 CONFIG_SCHED_DEBUG=y
+CONFIG_SCHED_INFO=y
 # CONFIG_SCHEDSTATS is not set
 # end of Scheduler Debugging