Re: [PATCH 1/1] riscv: enable Docker requirements in defconfig

[Heinrich Schuchardt]

On 7/22/22 07:06, Palmer Dabbelt wrote:
> On Tue, 07 Jun 2022 17:02:51 PDT (-0700), 
> heinrich.schuchardt@xxxxxxxxxxxxx wrote:
> > The defconfig kernel should be able to run Docker.
> >
> > Enable the missing settings according to [1].
> > make savedefconfig eliminates CONFIG_STACKTRACE
> > which is enabled by default.
> >
> > Many of the settings are also needed to run a defconfig kernel
> > on default distro installations or to run snaps.
> >
> > [1] https://github.com/moby/moby/blob/master/contrib/check-config.sh
> >
> > Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@xxxxxxxxxxxxx>
> > ---
> > Cf. [PATCH] arm64: Enable docker support in defconfig
> > https://lore.kernel.org/lkml/20220606140103.32779-1-vincenzo.frascino@xxxxxxx/
> > ---
> >  arch/riscv/configs/defconfig | 65 +++++++++++++++++++++++++++++++++++-
> >  1 file changed, 64 insertions(+), 1 deletion(-)
> >
> > diff --git a/arch/riscv/configs/defconfig b/arch/riscv/configs/defconfig
> > index 0cc17db8aaba..d4fffcd3cc05 100644
> > --- a/arch/riscv/configs/defconfig
> > +++ b/arch/riscv/configs/defconfig
> > @@ -6,8 +6,18 @@ CONFIG_BPF_SYSCALL=y
> >  CONFIG_IKCONFIG=y
> >  CONFIG_IKCONFIG_PROC=y
> >  CONFIG_CGROUPS=y
> > +CONFIG_MEMCG=y
> > +CONFIG_BLK_CGROUP=y
> >  CONFIG_CGROUP_SCHED=y
> >  CONFIG_CFS_BANDWIDTH=y
> > +CONFIG_RT_GROUP_SCHED=y
> > +CONFIG_CGROUP_PIDS=y
> > +CONFIG_CGROUP_FREEZER=y
> > +CONFIG_CGROUP_HUGETLB=y
> > +CONFIG_CPUSETS=y
> > +CONFIG_CGROUP_DEVICE=y
> > +CONFIG_CGROUP_CPUACCT=y
> > +CONFIG_CGROUP_PERF=y
> >  CONFIG_CGROUP_BPF=y
> >  CONFIG_NAMESPACES=y
> >  CONFIG_USER_NS=y
> > @@ -28,9 +38,11 @@ CONFIG_KVM=m
> >  CONFIG_JUMP_LABEL=y
> >  CONFIG_MODULES=y
> >  CONFIG_MODULE_UNLOAD=y
> > +CONFIG_BLK_DEV_THROTTLING=y
> >  CONFIG_NET=y
> >  CONFIG_PACKET=y
> >  CONFIG_UNIX=y
> > +CONFIG_XFRM_USER=m
> >  CONFIG_INET=y
> >  CONFIG_IP_MULTICAST=y
> >  CONFIG_IP_ADVANCED_ROUTER=y
> > @@ -38,7 +50,43 @@ CONFIG_IP_PNP=y
> >  CONFIG_IP_PNP_DHCP=y
> >  CONFIG_IP_PNP_BOOTP=y
> >  CONFIG_IP_PNP_RARP=y
> > +CONFIG_INET_ESP=m
> > +CONFIG_NETFILTER=y
> > +CONFIG_BRIDGE_NETFILTER=m
> > +CONFIG_NF_CONNTRACK=m
> > +CONFIG_NF_CONNTRACK_FTP=m
> > +CONFIG_NF_CONNTRACK_TFTP=m
> > +CONFIG_NETFILTER_XT_MARK=m
> > +CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m
> > +CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m
> > +CONFIG_NETFILTER_XT_MATCH_IPVS=m
> > +CONFIG_IP_VS=m
> > +CONFIG_IP_VS_PROTO_TCP=y
> > +CONFIG_IP_VS_PROTO_UDP=y
> > +CONFIG_IP_VS_RR=m
> > +CONFIG_IP_VS_NFCT=y
> > +CONFIG_NF_LOG_ARP=m
> > +CONFIG_NF_LOG_IPV4=m
> > +CONFIG_IP_NF_IPTABLES=m
> > +CONFIG_IP_NF_FILTER=m
> > +CONFIG_IP_NF_TARGET_REJECT=m
> > +CONFIG_IP_NF_NAT=m
> > +CONFIG_IP_NF_TARGET_MASQUERADE=m
> > +CONFIG_IP_NF_TARGET_REDIRECT=m
> > +CONFIG_IP_NF_MANGLE=m
> > +CONFIG_NF_LOG_IPV6=m
> > +CONFIG_IP6_NF_IPTABLES=m
> > +CONFIG_IP6_NF_MATCH_IPV6HEADER=m
> > +CONFIG_IP6_NF_FILTER=m
> > +CONFIG_IP6_NF_TARGET_REJECT=m
> > +CONFIG_IP6_NF_MANGLE=m
> > +CONFIG_BRIDGE=m
> > +CONFIG_BRIDGE_VLAN_FILTERING=y
> > +CONFIG_VLAN_8021Q=m
> > +CONFIG_NET_SCHED=y
> > +CONFIG_NET_CLS_CGROUP=m
> >  CONFIG_NETLINK_DIAG=y
> > +CONFIG_CGROUP_NET_PRIO=y
> >  CONFIG_NET_9P=y
> >  CONFIG_NET_9P_VIRTIO=y
> >  CONFIG_PCI=y
> > @@ -57,7 +105,15 @@ CONFIG_SCSI_VIRTIO=y
> >  CONFIG_ATA=y
> >  CONFIG_SATA_AHCI=y
> >  CONFIG_SATA_AHCI_PLATFORM=y
> > +CONFIG_MD=y
> > +CONFIG_BLK_DEV_DM=m
> > +CONFIG_DM_THIN_PROVISIONING=m
> >  CONFIG_NETDEVICES=y
> > +CONFIG_DUMMY=m
> > +CONFIG_MACVLAN=m
> > +CONFIG_IPVLAN=m
> > +CONFIG_VXLAN=m
> > +CONFIG_VETH=m
> >  CONFIG_VIRTIO_NET=y
> >  CONFIG_MACB=y
> >  CONFIG_E1000E=y
> > @@ -105,7 +161,11 @@ CONFIG_RPMSG_CTRL=y
> >  CONFIG_RPMSG_VIRTIO=y
> >  CONFIG_EXT4_FS=y
> >  CONFIG_EXT4_FS_POSIX_ACL=y
> > +CONFIG_EXT4_FS_SECURITY=y
> > +CONFIG_BTRFS_FS=m
> > +CONFIG_BTRFS_FS_POSIX_ACL=y
> >  CONFIG_AUTOFS4_FS=y
> > +CONFIG_OVERLAY_FS=m
> >  CONFIG_MSDOS_FS=y
> >  CONFIG_VFAT_FS=y
> >  CONFIG_TMPFS=y
> > @@ -119,6 +179,10 @@ CONFIG_ROOT_NFS=y
> >  CONFIG_9P_FS=y
> >  CONFIG_NLS_CODEPAGE_437=y
> >  CONFIG_NLS_ISO8859_1=m
> > +CONFIG_SECURITY=y
> > +CONFIG_SECURITY_SELINUX=y
> > +CONFIG_SECURITY_APPARMOR=y
> > +CONFIG_DEFAULT_SECURITY_DAC=y
> >  CONFIG_CRYPTO_USER_API_HASH=y
> >  CONFIG_CRYPTO_DEV_VIRTIO=y
> >  CONFIG_PRINTK_TIME=y
> > @@ -137,7 +201,6 @@ CONFIG_DEBUG_SPINLOCK=y
> >  CONFIG_DEBUG_MUTEXES=y
> >  CONFIG_DEBUG_RWSEMS=y
> >  CONFIG_DEBUG_ATOMIC_SLEEP=y
> > -CONFIG_STACKTRACE=y
> >  CONFIG_DEBUG_LIST=y
> >  CONFIG_DEBUG_PLIST=y
> >  CONFIG_DEBUG_SG=y
>
> Sorry for being so slow here.  I don't have any issues with this as a 
> concept, but it makes a handful of my test configs panic on boot.  Seems 
> like something is tripping up a kasan failure.  I guess it's kind of 

Hello Palmer,

thanks for sharing your test experience. Could you, please, provide the 
config file and the test configuration that leads the regression.

> arbitrary to call that a regression, as I'm sure it's just uncovering 
> some issue that already exists, but turning something on in defconfig 
> that panics with kasan is going to have a bunch of fallout.
>
> It looks like BLK_CGROUP is the problem here, so if you're OK with it 
> then I'm happy to take the rest of these.  I put that over at 
> kernel.org/palmer/linux/riscv-docker_no_blk_cgroup, if that's OK I'll 
> cherry-pick it onto for-next.

I am fine with cherry picking.

Best regards

Heinrich

> There's almost certainly a bug here that warrants fixing.