Capstone is a disassembly framework which is not required for Kata.
Disabling it in configure can reduce ~6M bytes on arm64.
-rwxr-xr-x 71977368 May 8 09:32 qemu-system-aarch64.with.capstone*
-rwxr-xr-x 65676640 May 8 09:39 qemu-system-aarch64.without.capstone*
Fixes: #1044
Signed-off-by: Jia He <justin.he@arm.com>
This PR adds the documentation repository for the update-repository-version
verification.
Fixes#1027
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
Rename directory name from release_pieline to release_pipeline
Fixes: #1034
Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Enable the Travis CI configuration to perform static CI checks
on PRs to this repo.
Fixes: #1031
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Whilst enabling the static CI checks for this repo, it picked up
a spelling mistake. We'll need to fix that before we can enable
the CI.
Signed-off-by: Graham Whaley <graham.whaley@intel.com>
Only load runtime config when it is not set.
We do not expect a service's runtime config to change while
it is running.
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
To use the kata-containers repo path.
Most of the change is generated by script:
find . -type f -name "*.go" |xargs sed -i -e \
's|github.com/kata-containers/runtime|github.com/kata-containers/kata-containers/src/runtime|g'
Fixes: #201
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
- Removes `CODE_OF_CONDUCT.md` and `CONTRIBUTING.md` from osbuilder
directory.
- Fixes a reference from `image-builder/README.md` to
`rootfs-builder/README.md`
- Updates the main `README.md` making a reference to the local
`tools/osbuilder/README.md`
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
move all osbuilder files into `tools` directory to be able
to merge this into kata-containers repo.
Signed-off-by: Salvador Fuentes <salvador.fuentes@intel.com>
QEMU >= 4.0 is able to boot into the uncompressed kernel using the PVH
entry point, but to get this `CONFIG_PVH` must be enabled in the guest
kernel and `pvh.bin` installed in the host.
Booting uncompressed kernels in QEMU 5.0 can reduce the memory footprint,
~17% for KSM and ~15% nonKSM.
fixes#1029
Signed-off-by: Julio Montes <julio.montes@intel.com>
It is simply wrong to test kata-check within before sub commands
as it is NOT before at all. Besides it causes errors if kata is
not installed.
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
We should not use a plain unix socket reader to act as grpc
server. Place a really mock grpc server instead.
Signed-off-by: Peng Tao <bergwolf@hyper.sh>
Support for passing sandbox annotations to the OCI layer was added
in containerd 1.3.0. Add this to the docs along with configuration
changes needed.
Fixes#653
Signed-off-by: Archana Shinde <archana.m.shinde@intel.com>
This PR updates the current version of the SLES obs packages that are
being generated.
Fixes#651
Signed-off-by: Gabriela Cervantes <gabriela.cervantes.tellez@intel.com>
The config file created by kernel fragments scheme is quite different
with the old arm64_kata_kvm_5.4.x.
So I will update arm64_kata_kvm_5.4.x for consistency.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
kvm-ptp is critical for mitigating time drift between host and guest.
This implementation in kernel side is still one experimental feature on
aarch64, and see https://github.com/kata-containers/packaging/pull/998
for detailed instructions.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
Since we disable pci shpc hotplug for arm64, see
https://github.com/kata-containers/packaging/pull/498 for detailed
reason.
We need to move CONFIG_HOTPLUG_PCI_SHPC from common conf to
x86_64-specific.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Signed-off-by: Jianyong Wu <jianyong.wu@arm.com>
Backport Anshuman Khandual's patch series of Enabling memory hot
remove on aarch64(https://patchwork.kernel.org/cover/11419305/)
to v5.4.x.
XONE_DEVICE is dependent on the implementation of memory hot remove.
This patch series has already been merged, and queued for 5.7.
After backporting this series, we could finally enable nvdimm/dax
on arm64.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Add a few arm64-specific configs and classify them into seven new categories
, that is,
1. base architecture-dependent options(base.conf)
It also includes varient-specific features, like CONFIG_ARM64_PMEM is
one ARMv8.2 arichitectural features.
2. crypto-related options(crypto.conf)
ARMv8 adds cryptographic instructions that could significantly improve
performance on tasks such as AES encryption and SHA1 and SHA256 hashing.
3. device tree related options(dt.conf)
The "Open Firmware Device Tree", or simply Device Tree (DT), is a data
structure and language for describing hardware, which is commonly
used in arm architecture.
4. ARM errata workarounds options(errata.conf)
There are many Kconfig entires under "Kernel Features" ->
"ARM errata workarounds via the alternatives framework", which provides
software workarounds to mitigate systems affected by those erratum.
Vendor-specific option will be left to users to decide.
5. pci related options(pci.conf)
a simplified pci host controller for mach-virt.
6. serial devices options(serial.conf)
CONFIG_SERIAL_OF_PLATFORM is used for all 8250 compatible serial ports
that are probed through device tree.
7. rtc related options(rtc.conf)
we don't have KVM’s paravirtualized clock and ptp implementation is
still under experimental mode, so we need rtc on aarch64.
QEMU provides an emulated ARM AMBA PrimeCell PL031 RTC.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Compaction is the only memory management component to form high order
(larger physically contiguous) memory blocks reliably.
The page allocator relies on compaction heavily and the lack of the feature
can lead to unexpected OOM killer invocations for high order memory requests.
We shouldn't disable this option unless there really is a strong reason.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
mmio devices are required in firecracker, and for now, x86_64 and
aarch64 are all supporting kata containers with firecracker.
So, we need to move mmio-related configs to common dir.
Fixes: #1004
Signed-off-by: Penny Zheng <penny.zheng@arm.com>
