From bc309b98656a2df4a3f84e3abd658e2b60cecf95 Mon Sep 17 00:00:00 2001
From: Alex Lyn <alex.lyn@antgroup.com>
Date: Thu, 7 Mar 2024 15:55:31 +0800
Subject: [PATCH 1/4] kernel: add CONFIG_CRYPTO_ECDSA into whitelist

CONFIG_CRYPTO_ECDSA is not supported in older kernels such as 5.10.x
which may cause building broken problem if we build such kernel with
NVIDIA GPU in version 5.10.x

So this patch is to add CONFIG_CRYPTO_ECDSA into whitelist.conf to
avoid break building guest kernel with NVIDIA GPU.

Fixes: #9140

Signed-off-by: Alex Lyn <alex.lyn@antgroup.com>
---
 tools/packaging/kernel/configs/fragments/whitelist.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tools/packaging/kernel/configs/fragments/whitelist.conf b/tools/packaging/kernel/configs/fragments/whitelist.conf
index c376c43d7e..8df4187a7f 100644
--- a/tools/packaging/kernel/configs/fragments/whitelist.conf
+++ b/tools/packaging/kernel/configs/fragments/whitelist.conf
@@ -26,3 +26,4 @@ CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE
 CONFIG_SPECULATION_MITIGATIONS
 CONFIG_X86_SGX
 CONFIG_VIRTIO_IOMMU
+CONFIG_CRYPTO_ECDSA

From 070c3fa657b6f24db4c4a17bccde6ae0a5f2594a Mon Sep 17 00:00:00 2001
From: Alex Lyn <alex.lyn@antgroup.com>
Date: Thu, 7 Mar 2024 20:31:07 +0800
Subject: [PATCH 2/4] docs: add doc about building kernel with upcall and GPU
 hotplug

We need some docs about how to build a guest kernel to support
both Upcall and Nvidia GPU Passthrough(hotplug) at the same time.
This patch is to do such thing to help users to build a guest
kernel with support both Upcall and Nvidia GPU hotplug/unlplug.

Fixes: #9140

Signed-off-by: Alex Lyn <alex.lyn@antgroup.com>
---
 .../NVIDIA-GPU-passthrough-and-Kata.md        | 23 +++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/docs/use-cases/NVIDIA-GPU-passthrough-and-Kata.md b/docs/use-cases/NVIDIA-GPU-passthrough-and-Kata.md
index e1b5af76e3..7c54de53c3 100644
--- a/docs/use-cases/NVIDIA-GPU-passthrough-and-Kata.md
+++ b/docs/use-cases/NVIDIA-GPU-passthrough-and-Kata.md
@@ -154,6 +154,29 @@ $ ./build-kernel.sh -v 5.15.23 -g nvidia build
 $ sudo -E ./build-kernel.sh -v 5.15.23 -g nvidia install
 ```
 
+However, there are special cases like `Dragonball VMM`. It directly supports device `hot-plug/hot-unplug`
+via upcall to avoid `ACPI` virtualization and minimize `VM` overhead. Since upcall isn't upstream kernel
+code, using `Dragonball VMM` for NVIDIA GPU `hot-plug/hot-unplug` requires applying the Upcall patchset in
+addition to the above kernel configuration items. Follow these steps to build for NVIDIA GPU `hot-[un]plug`
+for `Dragonball`:
+
+```sh 
+# Prepare .config to support both upcall and nvidia gpu 
+$ ./build-kernel.sh -v 5.10.25 -e -t dragonball -g nvidia -f setup
+
+# Build guest kernel to support both upcall and nvidia gpu 
+$ ./build-kernel.sh -v 5.10.25 -e -t dragonball -g nvidia build
+
+# Install guest kernel to support both upcall and nvidia gpu
+$ sudo -E ./build-kernel.sh -v 5.10.25 -e -t dragonball -g nvidia install
+```
+
+> **Note**:
+> - `-v 5.10.25` is for the guest kernel version.
+> - `-e` here means experimental, mainly because `upcall` patches are not in upstream Linux kernel.
+> - `-t dragonball` is for specifying hypervisor type.
+> - `-f` is for generating `.config` file.
+
 To build NVIDIA Driver in Kata container, `linux-headers` are required.
 This is a way to generate deb packages for `linux-headers`:
 

From 079d894496272d6f544c0072466347707e552748 Mon Sep 17 00:00:00 2001
From: Alex Lyn <alex.lyn@antgroup.com>
Date: Thu, 7 Mar 2024 20:31:41 +0800
Subject: [PATCH 3/4] kernel: bump version in kata config version

Fixes: #9140

Signed-off-by: Alex Lyn <alex.lyn@antgroup.com>
---
 tools/packaging/kernel/kata_config_version | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/packaging/kernel/kata_config_version b/tools/packaging/kernel/kata_config_version
index 0a3e7b0422..c75acbe2ff 100644
--- a/tools/packaging/kernel/kata_config_version
+++ b/tools/packaging/kernel/kata_config_version
@@ -1 +1 @@
-126
+127

From 5c54315a87533f5590ddc741da8ddee65d17e255 Mon Sep 17 00:00:00 2001
From: Alex Lyn <alex.lyn@antgroup.com>
Date: Mon, 25 Mar 2024 17:31:02 +0800
Subject: [PATCH 4/4] dragonball: fix CI failure due to poor UT adaptation.

Fixes: #9144

Signed-off-by: Alex Lyn <alex.lyn@antgroup.com>
---
 src/dragonball/src/dbs_arch/src/x86_64/regs.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/dragonball/src/dbs_arch/src/x86_64/regs.rs b/src/dragonball/src/dbs_arch/src/x86_64/regs.rs
index e8d94f5747..56533d656f 100644
--- a/src/dragonball/src/dbs_arch/src/x86_64/regs.rs
+++ b/src/dragonball/src/dbs_arch/src/x86_64/regs.rs
@@ -379,7 +379,7 @@ mod tests {
         // tenth one (i.e the one with index msr_index::MSR_IA32_MISC_ENABLE has the data we
         // expect.
         let entry_vec = create_msr_entries();
-        assert_eq!(entry_vec[9], kvm_msrs.as_slice()[0]);
+        assert_eq!(entry_vec[10], kvm_msrs.as_slice()[0]);
     }
 
     #[test]