github/kata-containers
1
0
Fork 1
mirror of https://github.com/kata-containers/kata-containers.git synced 2025-04-27 19:35:32 +00:00
Code Issues Projects Releases Wiki Activity

build: add kernel config for Nvidia DPU/ConnectX adapter

Browse Source 
With Nvidia DPU or ConnectX network adapter, VF can do VFIO passthrough
to guest VM in `guest-kernel` mode. In the guest kernel, the adapter's
driver is required to claim the VFIO device and create network interface.

Signed-off-by: Lei Huang <leih@nvidia.com>
This commit is contained in:
Lei Huang 2024-05-10 15:54:57 -07:00
parent 1fdc5c1183
commit 20f6979d8f
3 changed files with 31 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
tools/packaging/kernel/build-kernel.sh
View File

@ -32,9 +32,9 @@ readonly default_kernel_config_dir="${script_dir}/configs"
readonly default_config_frags_dir="${script_dir}/configs/fragments" readonly default_config_frags_dir="${script_dir}/configs/fragments"
readonly default_config_whitelist="${script_dir}/configs/fragments/whitelist.conf" readonly default_config_whitelist="${script_dir}/configs/fragments/whitelist.conf"
readonly default_initramfs="${script_dir}/initramfs.cpio.gz" readonly default_initramfs="${script_dir}/initramfs.cpio.gz"
# GPU vendor # xPU vendor
readonly GV_INTEL="intel" readonly VENDOR_INTEL="intel"
readonly GV_NVIDIA="nvidia" readonly VENDOR_NVIDIA="nvidia"
#Path to kernel directory #Path to kernel directory
kernel_path="" kernel_path=""
@ -44,6 +44,8 @@ build_type=""
force_setup_generate_config="false" force_setup_generate_config="false"
#GPU kernel support #GPU kernel support
gpu_vendor="" gpu_vendor=""
#DPU kernel support
dpu_vendor=""
#Confidential guest type #Confidential guest type
conf_guest="" conf_guest=""
# #
@ -96,6 +98,7 @@ Options:
-a <arch> : Arch target to build the kernel, such as aarch64/ppc64le/s390x/x86_64. -a <arch> : Arch target to build the kernel, such as aarch64/ppc64le/s390x/x86_64.
-b <type> : Enable optional config type. -b <type> : Enable optional config type.
-c <path> : Path to config file to build the kernel. -c <path> : Path to config file to build the kernel.
-D <vendor> : DPU/SmartNIC vendor, only nvidia.
-d : Enable bash debug. -d : Enable bash debug.
-e : Enable experimental kernel. -e : Enable experimental kernel.
-E : Enable arch-specific experimental kernel, arch info offered by "-a". -E : Enable arch-specific experimental kernel, arch info offered by "-a".
@ -224,6 +227,7 @@ get_kernel_frag_path() {
local arch_path="$1" local arch_path="$1"
local common_path="${arch_path}/../common" local common_path="${arch_path}/../common"
local gpu_path="${arch_path}/../gpu" local gpu_path="${arch_path}/../gpu"
local dpu_path="${arch_path}/../dpu"
local kernel_path="$2" local kernel_path="$2"
local arch="$3" local arch="$3"
@ -280,6 +284,12 @@ get_kernel_frag_path() {
all_configs="${all_configs} ${gpu_configs}" all_configs="${all_configs} ${gpu_configs}"
fi fi
if [[ "${dpu_vendor}" != "" ]]; then
info "Add kernel config for DPU/SmartNIC due to '-n ${dpu_vendor}'"
local dpu_configs="${dpu_path}/${dpu_vendor}.conf"
all_configs="${all_configs} ${dpu_configs}"
fi
if [ "${measured_rootfs}" == "true" ]; then if [ "${measured_rootfs}" == "true" ]; then
info "Enabling config for confidential guest trust storage protection" info "Enabling config for confidential guest trust storage protection"
local cryptsetup_configs="$(ls ${common_path}/confidential_containers/cryptsetup.conf)" local cryptsetup_configs="$(ls ${common_path}/confidential_containers/cryptsetup.conf)"
@ -560,7 +570,7 @@ install_kata() {
} }
main() { main() {
while getopts "a:b:c:deEfg:hH:k:mp:st:u:v:x" opt; do while getopts "a:b:c:dD:eEfg:hH:k:mp:st:u:v:x" opt; do
case "$opt" in case "$opt" in
a) a)
arch_target="${OPTARG}" arch_target="${OPTARG}"
@ -575,6 +585,10 @@ main() {
PS4=' Line ${LINENO}: ' PS4=' Line ${LINENO}: '
set -x set -x
;; ;;
D)
dpu_vendor="${OPTARG}"
[[ "${dpu_vendor}" == "${VENDOR_NVIDIA}" ]] || die "DPU vendor only support nvidia"
;;
e) e)
build_type="experimental" build_type="experimental"
;; ;;
@ -586,7 +600,7 @@ main() {
;; ;;
g) g)
gpu_vendor="${OPTARG}" gpu_vendor="${OPTARG}"
[[ "${gpu_vendor}" == "${GV_INTEL}" || "${gpu_vendor}" == "${GV_NVIDIA}" ]] || die "GPU vendor only support intel and nvidia" [[ "${gpu_vendor}" == "${VENDOR_INTEL}" || "${gpu_vendor}" == "${VENDOR_NVIDIA}" ]] || die "GPU vendor only support intel and nvidia"
;; ;;
h) h)
usage 0 usage 0
@ -636,7 +650,7 @@ main() {
if [ -n "$kernel_version" ]; then if [ -n "$kernel_version" ]; then
kernel_major_version=$(get_major_kernel_version "${kernel_version}") kernel_major_version=$(get_major_kernel_version "${kernel_version}")
if [[ ${kernel_major_version} != "5.10" ]]; then if [[ ${kernel_major_version} != "5.10" ]]; then
info "dragonball-experimental kernel patches are only tested on 5.10.x kernel now, other kernel version may cause confliction" info "dragonball-experimental kernel patches are only tested on 5.10.x kernel now, other kernel version may cause confliction"
fi fi
fi fi
fi fi

10
tools/packaging/kernel/configs/fragments/dpu/nvidia.conf Normal file
View File

@ -0,0 +1,10 @@
# Mellanox devices
CONFIG_NET_VENDOR_MELLANOX=y
# Mellanox 5th generation network adapters (ConnectX series) core driver
CONFIG_MLX5_CORE=y
# Mellanox 5th generation network adapters (ConnectX series) Ethernet support
CONFIG_MLX5_CORE_EN=y
# Mellanox MLX5 ethernet accelerated receive flow steering (ARFS) support
CONFIG_MLX5_EN_ARFS=y
# Mellanox MLX5 ethernet rx nfc flow steering support
CONFIG_MLX5_EN_RXNFC=y

2
tools/packaging/kernel/kata_config_version
View File

@ -1 +1 @@
134 135