From a0cc185c3f53787dee566d8c21f5b81a67e5f7f5 Mon Sep 17 00:00:00 2001 From: Konstantinos Papazafeiropoulos Date: Wed, 23 Dec 2020 20:37:45 -0600 Subject: [PATCH 01/14] Enable KVM support for t210/Jetson Nano --- README.md | 27 ++++++++++++------- ...g-4.9.140-tegra-virt => config-4.9.140-kvm | 2 +- .../0001-Enable-KVM-support-for-t210.patch | 16 +++++++++++ 3 files changed, 35 insertions(+), 10 deletions(-) rename config-4.9.140-tegra-virt => config-4.9.140-kvm (99%) create mode 100644 patches/hardware/0001-Enable-KVM-support-for-t210.patch diff --git a/README.md b/README.md index e1de2d6..b10421a 100644 --- a/README.md +++ b/README.md @@ -1,13 +1,13 @@ -## KVM for Nvidia AGX Xavier - Installation Guide +## KVM for Nvidia AGX Xavier/Nano - Installation Guide -This guide provides instructions to enable KVM virtualization on the Jetson AGX Xavier. +This guide provides instructions to enable KVM virtualization on the Jetson AGX Xavier/Nano. The Jetson AGX Xavier incorporates an Nvidia Xavier t194 SoC with 8 Carmel processor cores. The Carmel cores of the Xavier T194 provides full support for virtualization with ARMv8.1 VHE. ##### Requirements: -- An Nvidia Jetson AGX Xavier +- An Nvidia Jetson AGX Xavier/Nano -##### On your Xavier: +##### On your Xavier/Nano: ``` # Grab build dependencies sudo apt install build-essential libssl-dev bc @@ -26,14 +26,17 @@ git clone https://github.com/b-man/Xavier-KVM.git ~/Xavier-KVM # Patch the device tree cd hardware/ +# for Xavier patch -Np1 -i ~/Xavier-KVM/patches/hardware/0001-Enable-KVM-support-for-t194.patch +# for Nano +patch -Np1 -i ~/Xavier-KVM/patches/hardware/0001-Enable-KVM-support-for-t210.patch # Patch the kernel cd ../kernel/kernel-4.9 for i in ~/Xavier-KVM/patches/kernel/*; do patch -Np1 -i $i; done # Copy the kernel config to the kernel source tree -cp ~/Xavier-KVM/config-4.9.140-tegra-virt .config +cp ~/Xavier-KVM/config-4.9.140-kvm .config # Build kernel components make ARCH=arm64 Image -j8 @@ -45,15 +48,21 @@ sudo make ARCH=arm64 modules_install -j8 # Install the kernel # On AGX Xavier, cboot accepts unsigned kernels when Secure Boot is off, which is the default. - +# for Xavier sudo rm /boot/Image.sig -sudo rm /boot/tegra194-p2888-0001-p2822-0000.dtb +sudo rm /boot/tegra194-p2888-0001-p2822-0000.dtb +# for Nano +sudo rm /boot/Image +sudo rm /boot/tegra210-p3448-0000-p3449-0000-a02.dtb -sudo install -m 0644 arch/arm64/boot/Image /boot/ +sudo install -m 0644 arch/arm64/boot/Image /boot/ +# for Xavier sudo install -m 0644 arch/arm64/boot/dts/tegra194-p2888-0001-p2822-0000.dtb /boot/dtb/ +# for Nano +sudo install -m 0644 arch/arm64/boot/dts/tegra210-p3448-0000-p3449-0000-a02.dtb /boot/dtb/ ``` -Reboot your Jetson AGX Xavier. After rebooting you can verify that virtualization is enabled +Reboot your Jetson AGX Xavier/Nano. After rebooting you can verify that virtualization is enabled by running the following commands: ##### Command: diff --git a/config-4.9.140-tegra-virt b/config-4.9.140-kvm similarity index 99% rename from config-4.9.140-tegra-virt rename to config-4.9.140-kvm index 0a07297..014d8ef 100644 --- a/config-4.9.140-tegra-virt +++ b/config-4.9.140-kvm @@ -46,7 +46,7 @@ CONFIG_THREAD_INFO_IN_TASK=y CONFIG_INIT_ENV_ARG_LIMIT=32 CONFIG_CROSS_COMPILE="" # CONFIG_COMPILE_TEST is not set -CONFIG_LOCALVERSION="-tegra-virt" +CONFIG_LOCALVERSION="-kvm" # CONFIG_LOCALVERSION_AUTO is not set CONFIG_DEFAULT_HOSTNAME="(none)" CONFIG_SWAP=y diff --git a/patches/hardware/0001-Enable-KVM-support-for-t210.patch b/patches/hardware/0001-Enable-KVM-support-for-t210.patch new file mode 100644 index 0000000..3c8d61f --- /dev/null +++ b/patches/hardware/0001-Enable-KVM-support-for-t210.patch @@ -0,0 +1,16 @@ +This patch enables KVM support for the Nvidia t210 SoC. + +--- a/nvidia/soc/t210/kernel-dts/tegra210-soc/tegra210-soc-base.dtsi ++++ b/nvidia/soc/t210/kernel-dts/tegra210-soc/tegra210-soc-base.dtsi +@@ -351,7 +351,10 @@ + #interrupt-cells = <3>; + interrupt-controller; + reg = <0x0 0x50041000 0x0 0x1000 +- 0x0 0x50042000 0x0 0x0100>; ++ 0x0 0x50042000 0x0 0x0100 ++ 0x0 0x50044000 0x0 0x0100 ++ 0x0 0x50046000 0x0 0x0100>; ++ interrupts = <0x1 0x9 0xf04>; + status = "disabled"; + }; + From bb89c9c6425c5780159a72d9dfd6f750bfd807b1 Mon Sep 17 00:00:00 2001 From: Anastassios Nanos Date: Fri, 11 Jun 2021 12:38:47 +0000 Subject: [PATCH 02/14] update kernel config for DM & VXLAN k8s Signed-off-by: Anastassios Nanos --- config-4.9.140-kvm | 298 +++++++++++++++++++++++++++++++-------------- 1 file changed, 209 insertions(+), 89 deletions(-) diff --git a/config-4.9.140-kvm b/config-4.9.140-kvm index 014d8ef..c148c70 100644 --- a/config-4.9.140-kvm +++ b/config-4.9.140-kvm @@ -719,23 +719,26 @@ CONFIG_IP_ADVANCED_ROUTER=y CONFIG_IP_MULTIPLE_TABLES=y # CONFIG_IP_ROUTE_MULTIPATH is not set # CONFIG_IP_ROUTE_VERBOSE is not set +CONFIG_IP_ROUTE_CLASSID=y CONFIG_IP_PNP=y CONFIG_IP_PNP_DHCP=y CONFIG_IP_PNP_BOOTP=y # CONFIG_IP_PNP_RARP is not set -# CONFIG_NET_IPIP is not set -# CONFIG_NET_IPGRE_DEMUX is not set +CONFIG_NET_IPIP=m +CONFIG_NET_IPGRE_DEMUX=m CONFIG_NET_IP_TUNNEL=y +CONFIG_NET_IPGRE=m +# CONFIG_NET_IPGRE_BROADCAST is not set # CONFIG_IP_MROUTE is not set -# CONFIG_SYN_COOKIES is not set -# CONFIG_NET_IPVTI is not set +CONFIG_SYN_COOKIES=y +CONFIG_NET_IPVTI=m CONFIG_NET_UDP_TUNNEL=y -# CONFIG_NET_FOU is not set +CONFIG_NET_FOU=m # CONFIG_NET_FOU_IP_TUNNELS is not set # CONFIG_INET_AH is not set CONFIG_INET_ESP=m -# CONFIG_INET_IPCOMP is not set -# CONFIG_INET_XFRM_TUNNEL is not set +CONFIG_INET_IPCOMP=m +CONFIG_INET_XFRM_TUNNEL=m CONFIG_INET_TUNNEL=m CONFIG_INET_XFRM_MODE_TRANSPORT=y CONFIG_INET_XFRM_MODE_TUNNEL=y @@ -768,7 +771,8 @@ CONFIG_IPV6_SIT=m # CONFIG_IPV6_SIT_6RD is not set CONFIG_IPV6_NDISC_NODETYPE=y CONFIG_IPV6_TUNNEL=m -# CONFIG_IPV6_FOU is not set +# CONFIG_IPV6_GRE is not set +CONFIG_IPV6_FOU=m # CONFIG_IPV6_FOU_TUNNEL is not set CONFIG_IPV6_MULTIPLE_TABLES=y # CONFIG_IPV6_SUBTREES is not set @@ -794,10 +798,12 @@ CONFIG_NETFILTER_NETLINK_LOG=m CONFIG_NF_CONNTRACK=m CONFIG_NF_LOG_COMMON=m CONFIG_NF_CONNTRACK_MARK=y +CONFIG_NF_CONNTRACK_ZONES=y CONFIG_NF_CONNTRACK_PROCFS=y CONFIG_NF_CONNTRACK_EVENTS=y # CONFIG_NF_CONNTRACK_TIMEOUT is not set # CONFIG_NF_CONNTRACK_TIMESTAMP is not set +CONFIG_NF_CONNTRACK_LABELS=y CONFIG_NF_CT_PROTO_DCCP=m CONFIG_NF_CT_PROTO_GRE=m CONFIG_NF_CT_PROTO_SCTP=m @@ -808,13 +814,13 @@ CONFIG_NF_CONNTRACK_H323=m CONFIG_NF_CONNTRACK_IRC=m CONFIG_NF_CONNTRACK_BROADCAST=m CONFIG_NF_CONNTRACK_NETBIOS_NS=m -# CONFIG_NF_CONNTRACK_SNMP is not set +CONFIG_NF_CONNTRACK_SNMP=m CONFIG_NF_CONNTRACK_PPTP=m CONFIG_NF_CONNTRACK_SANE=m CONFIG_NF_CONNTRACK_SIP=m CONFIG_NF_CONNTRACK_TFTP=m CONFIG_NF_CT_NETLINK=m -# CONFIG_NF_CT_NETLINK_TIMEOUT is not set +CONFIG_NF_CT_NETLINK_TIMEOUT=m # CONFIG_NETFILTER_NETLINK_GLUE_CT is not set CONFIG_NF_NAT=m CONFIG_NF_NAT_NEEDED=y @@ -827,7 +833,31 @@ CONFIG_NF_NAT_IRC=m CONFIG_NF_NAT_SIP=m CONFIG_NF_NAT_TFTP=m CONFIG_NF_NAT_REDIRECT=m -# CONFIG_NF_TABLES is not set +CONFIG_NETFILTER_SYNPROXY=m +CONFIG_NF_TABLES=m +CONFIG_NF_TABLES_INET=m +CONFIG_NF_TABLES_NETDEV=m +CONFIG_NFT_EXTHDR=m +CONFIG_NFT_META=m +CONFIG_NFT_NUMGEN=m +CONFIG_NFT_CT=m +CONFIG_NFT_SET_RBTREE=m +CONFIG_NFT_SET_HASH=m +CONFIG_NFT_COUNTER=m +CONFIG_NFT_LOG=m +CONFIG_NFT_LIMIT=m +CONFIG_NFT_MASQ=m +CONFIG_NFT_REDIR=m +CONFIG_NFT_NAT=m +CONFIG_NFT_QUEUE=m +CONFIG_NFT_QUOTA=m +CONFIG_NFT_REJECT=m +CONFIG_NFT_REJECT_INET=m +CONFIG_NFT_COMPAT=m +CONFIG_NFT_HASH=m +CONFIG_NF_DUP_NETDEV=m +CONFIG_NFT_DUP_NETDEV=m +CONFIG_NFT_FWD_NETDEV=m CONFIG_NETFILTER_XTABLES=m # @@ -835,68 +865,69 @@ CONFIG_NETFILTER_XTABLES=m # CONFIG_NETFILTER_XT_MARK=m CONFIG_NETFILTER_XT_CONNMARK=m +CONFIG_NETFILTER_XT_SET=m # # Xtables targets # -# CONFIG_NETFILTER_XT_TARGET_AUDIT is not set +CONFIG_NETFILTER_XT_TARGET_AUDIT=m CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m CONFIG_NETFILTER_XT_TARGET_CONNMARK=m -# CONFIG_NETFILTER_XT_TARGET_CT is not set -# CONFIG_NETFILTER_XT_TARGET_DSCP is not set -# CONFIG_NETFILTER_XT_TARGET_HL is not set -# CONFIG_NETFILTER_XT_TARGET_HMARK is not set +CONFIG_NETFILTER_XT_TARGET_CT=m +CONFIG_NETFILTER_XT_TARGET_DSCP=m +CONFIG_NETFILTER_XT_TARGET_HL=m +CONFIG_NETFILTER_XT_TARGET_HMARK=m CONFIG_NETFILTER_XT_TARGET_IDLETIMER=m -# CONFIG_NETFILTER_XT_TARGET_LED is not set +CONFIG_NETFILTER_XT_TARGET_LED=m CONFIG_NETFILTER_XT_TARGET_LOG=m CONFIG_NETFILTER_XT_TARGET_MARK=m CONFIG_NETFILTER_XT_NAT=m -# CONFIG_NETFILTER_XT_TARGET_NETMAP is not set +CONFIG_NETFILTER_XT_TARGET_NETMAP=m CONFIG_NETFILTER_XT_TARGET_NFLOG=m CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m -# CONFIG_NETFILTER_XT_TARGET_NOTRACK is not set -# CONFIG_NETFILTER_XT_TARGET_RATEEST is not set +CONFIG_NETFILTER_XT_TARGET_NOTRACK=m +CONFIG_NETFILTER_XT_TARGET_RATEEST=m CONFIG_NETFILTER_XT_TARGET_REDIRECT=m -# CONFIG_NETFILTER_XT_TARGET_TEE is not set +CONFIG_NETFILTER_XT_TARGET_TEE=m CONFIG_NETFILTER_XT_TARGET_TPROXY=m CONFIG_NETFILTER_XT_TARGET_TRACE=m CONFIG_NETFILTER_XT_TARGET_TCPMSS=m -# CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP is not set +CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m # # Xtables matches # CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m -# CONFIG_NETFILTER_XT_MATCH_BPF is not set -# CONFIG_NETFILTER_XT_MATCH_CGROUP is not set -# CONFIG_NETFILTER_XT_MATCH_CLUSTER is not set +CONFIG_NETFILTER_XT_MATCH_BPF=m +CONFIG_NETFILTER_XT_MATCH_CGROUP=m +CONFIG_NETFILTER_XT_MATCH_CLUSTER=m CONFIG_NETFILTER_XT_MATCH_COMMENT=m CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m -# CONFIG_NETFILTER_XT_MATCH_CONNLABEL is not set +CONFIG_NETFILTER_XT_MATCH_CONNLABEL=m CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=m CONFIG_NETFILTER_XT_MATCH_CONNMARK=m CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m -# CONFIG_NETFILTER_XT_MATCH_CPU is not set -# CONFIG_NETFILTER_XT_MATCH_DCCP is not set -# CONFIG_NETFILTER_XT_MATCH_DEVGROUP is not set -# CONFIG_NETFILTER_XT_MATCH_DSCP is not set +CONFIG_NETFILTER_XT_MATCH_CPU=m +CONFIG_NETFILTER_XT_MATCH_DCCP=m +CONFIG_NETFILTER_XT_MATCH_DEVGROUP=m +CONFIG_NETFILTER_XT_MATCH_DSCP=m CONFIG_NETFILTER_XT_MATCH_ECN=m -# CONFIG_NETFILTER_XT_MATCH_ESP is not set +CONFIG_NETFILTER_XT_MATCH_ESP=m CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=m CONFIG_NETFILTER_XT_MATCH_HELPER=m CONFIG_NETFILTER_XT_MATCH_HL=m -# CONFIG_NETFILTER_XT_MATCH_IPCOMP is not set +CONFIG_NETFILTER_XT_MATCH_IPCOMP=m CONFIG_NETFILTER_XT_MATCH_IPRANGE=m CONFIG_NETFILTER_XT_MATCH_IPVS=m -# CONFIG_NETFILTER_XT_MATCH_L2TP is not set +CONFIG_NETFILTER_XT_MATCH_L2TP=m CONFIG_NETFILTER_XT_MATCH_LENGTH=m CONFIG_NETFILTER_XT_MATCH_LIMIT=m CONFIG_NETFILTER_XT_MATCH_MAC=m CONFIG_NETFILTER_XT_MATCH_MARK=m CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m -# CONFIG_NETFILTER_XT_MATCH_NFACCT is not set -# CONFIG_NETFILTER_XT_MATCH_OSF is not set +CONFIG_NETFILTER_XT_MATCH_NFACCT=m +CONFIG_NETFILTER_XT_MATCH_OSF=m CONFIG_NETFILTER_XT_MATCH_OWNER=m CONFIG_NETFILTER_XT_MATCH_POLICY=m CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m @@ -904,21 +935,37 @@ CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m CONFIG_NETFILTER_XT_MATCH_QUOTA=m CONFIG_NETFILTER_XT_MATCH_QUOTA2=m # CONFIG_NETFILTER_XT_MATCH_QUOTA2_LOG is not set -# CONFIG_NETFILTER_XT_MATCH_RATEEST is not set -# CONFIG_NETFILTER_XT_MATCH_REALM is not set +CONFIG_NETFILTER_XT_MATCH_RATEEST=m +CONFIG_NETFILTER_XT_MATCH_REALM=m CONFIG_NETFILTER_XT_MATCH_RECENT=m -# CONFIG_NETFILTER_XT_MATCH_SCTP is not set +CONFIG_NETFILTER_XT_MATCH_SCTP=m CONFIG_NETFILTER_XT_MATCH_SOCKET=m CONFIG_NETFILTER_XT_MATCH_STATE=m CONFIG_NETFILTER_XT_MATCH_STATISTIC=m CONFIG_NETFILTER_XT_MATCH_STRING=m -# CONFIG_NETFILTER_XT_MATCH_TCPMSS is not set +CONFIG_NETFILTER_XT_MATCH_TCPMSS=m CONFIG_NETFILTER_XT_MATCH_TIME=m CONFIG_NETFILTER_XT_MATCH_U32=m -# CONFIG_IP_SET is not set +CONFIG_IP_SET=m +CONFIG_IP_SET_MAX=256 +CONFIG_IP_SET_BITMAP_IP=m +CONFIG_IP_SET_BITMAP_IPMAC=m +CONFIG_IP_SET_BITMAP_PORT=m +CONFIG_IP_SET_HASH_IP=m +CONFIG_IP_SET_HASH_IPMARK=m +CONFIG_IP_SET_HASH_IPPORT=m +CONFIG_IP_SET_HASH_IPPORTIP=m +CONFIG_IP_SET_HASH_IPPORTNET=m +CONFIG_IP_SET_HASH_MAC=m +CONFIG_IP_SET_HASH_NETPORTNET=m +CONFIG_IP_SET_HASH_NET=m +CONFIG_IP_SET_HASH_NETNET=m +CONFIG_IP_SET_HASH_NETPORT=m +CONFIG_IP_SET_HASH_NETIFACE=m +CONFIG_IP_SET_LIST_SET=m CONFIG_IP_VS=m # CONFIG_IP_VS_IPV6 is not set -# CONFIG_IP_VS_DEBUG is not set +CONFIG_IP_VS_DEBUG=y CONFIG_IP_VS_TAB_BITS=12 # @@ -926,26 +973,26 @@ CONFIG_IP_VS_TAB_BITS=12 # CONFIG_IP_VS_PROTO_TCP=y CONFIG_IP_VS_PROTO_UDP=y -# CONFIG_IP_VS_PROTO_AH_ESP is not set -# CONFIG_IP_VS_PROTO_ESP is not set -# CONFIG_IP_VS_PROTO_AH is not set -# CONFIG_IP_VS_PROTO_SCTP is not set +CONFIG_IP_VS_PROTO_AH_ESP=y +CONFIG_IP_VS_PROTO_ESP=y +CONFIG_IP_VS_PROTO_AH=y +CONFIG_IP_VS_PROTO_SCTP=y # # IPVS scheduler # CONFIG_IP_VS_RR=m -# CONFIG_IP_VS_WRR is not set -# CONFIG_IP_VS_LC is not set -# CONFIG_IP_VS_WLC is not set -# CONFIG_IP_VS_FO is not set -# CONFIG_IP_VS_OVF is not set -# CONFIG_IP_VS_LBLC is not set -# CONFIG_IP_VS_LBLCR is not set -# CONFIG_IP_VS_DH is not set -# CONFIG_IP_VS_SH is not set -# CONFIG_IP_VS_SED is not set -# CONFIG_IP_VS_NQ is not set +CONFIG_IP_VS_WRR=m +CONFIG_IP_VS_LC=m +CONFIG_IP_VS_WLC=m +CONFIG_IP_VS_FO=m +CONFIG_IP_VS_OVF=m +CONFIG_IP_VS_LBLC=m +CONFIG_IP_VS_LBLCR=m +CONFIG_IP_VS_DH=m +CONFIG_IP_VS_SH=m +CONFIG_IP_VS_SED=m +CONFIG_IP_VS_NQ=m # # IPVS SH scheduler @@ -964,12 +1011,21 @@ CONFIG_IP_VS_NFCT=y # CONFIG_NF_DEFRAG_IPV4=m CONFIG_NF_CONNTRACK_IPV4=m -# CONFIG_NF_DUP_IPV4 is not set -# CONFIG_NF_LOG_ARP is not set +CONFIG_NF_TABLES_IPV4=m +CONFIG_NFT_CHAIN_ROUTE_IPV4=m +CONFIG_NFT_REJECT_IPV4=m +CONFIG_NFT_DUP_IPV4=m +CONFIG_NF_TABLES_ARP=m +CONFIG_NF_DUP_IPV4=m +CONFIG_NF_LOG_ARP=m CONFIG_NF_LOG_IPV4=m CONFIG_NF_REJECT_IPV4=m CONFIG_NF_NAT_IPV4=m +CONFIG_NFT_CHAIN_NAT_IPV4=m CONFIG_NF_NAT_MASQUERADE_IPV4=m +CONFIG_NFT_MASQ_IPV4=m +CONFIG_NFT_REDIR_IPV4=m +CONFIG_NF_NAT_SNMP_BASIC=m CONFIG_NF_NAT_PROTO_GRE=m CONFIG_NF_NAT_PPTP=m CONFIG_NF_NAT_H323=m @@ -980,17 +1036,17 @@ CONFIG_IP_NF_MATCH_RPFILTER=m CONFIG_IP_NF_MATCH_TTL=m CONFIG_IP_NF_FILTER=m CONFIG_IP_NF_TARGET_REJECT=m -# CONFIG_IP_NF_TARGET_SYNPROXY is not set +CONFIG_IP_NF_TARGET_SYNPROXY=m CONFIG_IP_NF_NAT=m CONFIG_IP_NF_TARGET_MASQUERADE=m -# CONFIG_IP_NF_TARGET_NETMAP is not set +CONFIG_IP_NF_TARGET_NETMAP=m CONFIG_IP_NF_TARGET_REDIRECT=m CONFIG_IP_NF_MANGLE=m -# CONFIG_IP_NF_TARGET_CLUSTERIP is not set -# CONFIG_IP_NF_TARGET_ECN is not set -# CONFIG_IP_NF_TARGET_TTL is not set +CONFIG_IP_NF_TARGET_CLUSTERIP=m +CONFIG_IP_NF_TARGET_ECN=m +CONFIG_IP_NF_TARGET_TTL=m CONFIG_IP_NF_RAW=m -# CONFIG_IP_NF_SECURITY is not set +CONFIG_IP_NF_SECURITY=m CONFIG_IP_NF_ARPTABLES=m CONFIG_IP_NF_ARPFILTER=m CONFIG_IP_NF_ARP_MANGLE=m @@ -1000,11 +1056,18 @@ CONFIG_IP_NF_ARP_MANGLE=m # CONFIG_NF_DEFRAG_IPV6=m CONFIG_NF_CONNTRACK_IPV6=m -# CONFIG_NF_DUP_IPV6 is not set +CONFIG_NF_TABLES_IPV6=m +CONFIG_NFT_CHAIN_ROUTE_IPV6=m +CONFIG_NFT_REJECT_IPV6=m +CONFIG_NFT_DUP_IPV6=m +CONFIG_NF_DUP_IPV6=m CONFIG_NF_REJECT_IPV6=m CONFIG_NF_LOG_IPV6=m CONFIG_NF_NAT_IPV6=m +CONFIG_NFT_CHAIN_NAT_IPV6=m CONFIG_NF_NAT_MASQUERADE_IPV6=m +CONFIG_NFT_MASQ_IPV6=m +CONFIG_NFT_REDIR_IPV6=m CONFIG_IP6_NF_IPTABLES=m # CONFIG_IP6_NF_MATCH_AH is not set # CONFIG_IP6_NF_MATCH_EUI64 is not set @@ -1025,7 +1088,31 @@ CONFIG_IP6_NF_RAW=m CONFIG_IP6_NF_NAT=m CONFIG_IP6_NF_TARGET_MASQUERADE=m # CONFIG_IP6_NF_TARGET_NPT is not set -# CONFIG_BRIDGE_NF_EBTABLES is not set +CONFIG_NF_TABLES_BRIDGE=m +CONFIG_NFT_BRIDGE_META=m +CONFIG_NFT_BRIDGE_REJECT=m +CONFIG_NF_LOG_BRIDGE=m +CONFIG_BRIDGE_NF_EBTABLES=m +CONFIG_BRIDGE_EBT_BROUTE=m +CONFIG_BRIDGE_EBT_T_FILTER=m +CONFIG_BRIDGE_EBT_T_NAT=m +CONFIG_BRIDGE_EBT_802_3=m +CONFIG_BRIDGE_EBT_AMONG=m +CONFIG_BRIDGE_EBT_ARP=m +CONFIG_BRIDGE_EBT_IP=m +CONFIG_BRIDGE_EBT_IP6=m +CONFIG_BRIDGE_EBT_LIMIT=m +CONFIG_BRIDGE_EBT_MARK=m +CONFIG_BRIDGE_EBT_PKTTYPE=m +CONFIG_BRIDGE_EBT_STP=m +CONFIG_BRIDGE_EBT_VLAN=m +CONFIG_BRIDGE_EBT_ARPREPLY=m +CONFIG_BRIDGE_EBT_DNAT=m +CONFIG_BRIDGE_EBT_MARK_T=m +CONFIG_BRIDGE_EBT_REDIRECT=m +CONFIG_BRIDGE_EBT_SNAT=m +CONFIG_BRIDGE_EBT_LOG=m +CONFIG_BRIDGE_EBT_NFLOG=m # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set # CONFIG_RDS is not set @@ -1110,6 +1197,7 @@ CONFIG_NET_EMATCH_U32=y # CONFIG_NET_EMATCH_META is not set # CONFIG_NET_EMATCH_TEXT is not set # CONFIG_NET_EMATCH_CANID is not set +CONFIG_NET_EMATCH_IPSET=m CONFIG_NET_CLS_ACT=y # CONFIG_NET_ACT_POLICE is not set # CONFIG_NET_ACT_GACT is not set @@ -1337,7 +1425,9 @@ CONFIG_NET_9P=y CONFIG_NET_9P_VIRTIO=y # CONFIG_NET_9P_DEBUG is not set # CONFIG_CAIF is not set -# CONFIG_CEPH_LIB is not set +CONFIG_CEPH_LIB=m +# CONFIG_CEPH_LIB_PRETTYDEBUG is not set +# CONFIG_CEPH_LIB_USE_DNS_RESOLVER is not set # CONFIG_NFC is not set # CONFIG_LWTUNNEL is not set CONFIG_DST_CACHE=y @@ -1403,7 +1493,7 @@ CONFIG_CMA_ALIGNMENT=8 # CONFIG_ARM_CCN is not set CONFIG_TEGRA_ACONNECT=y # CONFIG_VEXPRESS_CONFIG is not set -# CONFIG_CONNECTOR is not set +CONFIG_CONNECTOR=m CONFIG_MTD=y # CONFIG_MTD_TESTS is not set # CONFIG_MTD_REDBOOT_PARTS is not set @@ -1516,7 +1606,7 @@ CONFIG_ZRAM=m # CONFIG_BLK_DEV_COW_COMMON is not set CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_LOOP_MIN_COUNT=8 -# CONFIG_BLK_DEV_CRYPTOLOOP is not set +CONFIG_BLK_DEV_CRYPTOLOOP=m # CONFIG_BLK_DEV_DRBD is not set CONFIG_BLK_DEV_NBD=m # CONFIG_BLK_DEV_SKD is not set @@ -1527,7 +1617,7 @@ CONFIG_BLK_DEV_RAM_SIZE=8192 # CONFIG_CDROM_PKTCDVD is not set # CONFIG_ATA_OVER_ETH is not set CONFIG_VIRTIO_BLK=y -# CONFIG_BLK_DEV_RBD is not set +CONFIG_BLK_DEV_RBD=m # CONFIG_BLK_DEV_RSXX is not set CONFIG_NVME_CORE=y CONFIG_BLK_DEV_NVME=y @@ -1834,28 +1924,50 @@ CONFIG_ATA_BMDMA=y # CONFIG_PATA_LEGACY is not set # CONFIG_SATA_AHCI_TEGRA_SHIELD is not set CONFIG_MD=y -# CONFIG_BLK_DEV_MD is not set -# CONFIG_BCACHE is not set +CONFIG_BLK_DEV_MD=m +CONFIG_MD_LINEAR=m +CONFIG_MD_RAID0=m +CONFIG_MD_RAID1=m +CONFIG_MD_RAID10=m +CONFIG_MD_RAID456=m +CONFIG_MD_MULTIPATH=m +CONFIG_MD_FAULTY=m +CONFIG_BCACHE=m +CONFIG_BCACHE_DEBUG=y +CONFIG_BCACHE_CLOSURES_DEBUG=y CONFIG_BLK_DEV_DM_BUILTIN=y CONFIG_BLK_DEV_DM=y -# CONFIG_DM_MQ_DEFAULT is not set -# CONFIG_DM_DEBUG is not set -CONFIG_DM_CRYPT=y -# CONFIG_DM_SNAPSHOT is not set -# CONFIG_DM_THIN_PROVISIONING is not set -# CONFIG_DM_CACHE is not set -# CONFIG_DM_ERA is not set -# CONFIG_DM_MIRROR is not set -# CONFIG_DM_RAID is not set -# CONFIG_DM_ZERO is not set -# CONFIG_DM_MULTIPATH is not set -# CONFIG_DM_DELAY is not set +CONFIG_DM_MQ_DEFAULT=y +CONFIG_DM_DEBUG=y +CONFIG_DM_BUFIO=m +CONFIG_DM_DEBUG_BLOCK_STACK_TRACING=y +CONFIG_DM_BIO_PRISON=m +CONFIG_DM_PERSISTENT_DATA=m +CONFIG_DM_CRYPT=m +CONFIG_DM_SNAPSHOT=m +CONFIG_DM_THIN_PROVISIONING=m +CONFIG_DM_CACHE=m +CONFIG_DM_CACHE_SMQ=m +CONFIG_DM_CACHE_CLEANER=m +CONFIG_DM_ERA=m +CONFIG_DM_MIRROR=m +CONFIG_DM_LOG_USERSPACE=m +CONFIG_DM_RAID=m +CONFIG_DM_ZERO=m +CONFIG_DM_MULTIPATH=m +CONFIG_DM_MULTIPATH_QL=m +CONFIG_DM_MULTIPATH_ST=m +CONFIG_DM_DELAY=m CONFIG_DM_UEVENT=y -# CONFIG_DM_FLAKEY is not set -# CONFIG_DM_VERITY is not set -# CONFIG_DM_VERITY_HASH_PREFETCH_MIN_SIZE_128 is not set -# CONFIG_DM_SWITCH is not set -# CONFIG_DM_LOG_WRITES is not set +CONFIG_DM_FLAKEY=m +CONFIG_DM_VERITY=m +CONFIG_DM_VERITY_HASH_PREFETCH_MIN_SIZE_128=y +CONFIG_DM_VERITY_HASH_PREFETCH_MIN_SIZE=128 +CONFIG_DM_VERITY_FEC=y +CONFIG_DM_SWITCH=m +CONFIG_DM_LOG_WRITES=m +CONFIG_DM_VERITY_AVB=m +CONFIG_DM_ANDROID_VERITY_AT_MOST_ONCE_DEFAULT_ENABLED=y # CONFIG_TARGET_CORE is not set # CONFIG_FUSION is not set @@ -2176,6 +2288,7 @@ CONFIG_PPP_FILTER=y CONFIG_PPP_MPPE=y # CONFIG_PPP_MULTILINK is not set # CONFIG_PPPOE is not set +CONFIG_PPTP=m CONFIG_PPPOLAC=y CONFIG_PPPOPNS=y CONFIG_PPP_ASYNC=y @@ -3837,6 +3950,7 @@ CONFIG_FB_MODE_PIXCLOCK_HZ=y # CONFIG_FB_CYBER2000 is not set # CONFIG_FB_ASILIANT is not set # CONFIG_FB_IMSTT is not set +# CONFIG_FB_UVESA is not set # CONFIG_FB_OPENCORES is not set # CONFIG_FB_S1D13XXX is not set # CONFIG_FB_NVIDIA is not set @@ -6131,6 +6245,7 @@ CONFIG_TRACING_EVENTS_GPIO=y # CONFIG_INTERVAL_TREE_TEST is not set # CONFIG_PERCPU_TEST is not set # CONFIG_ATOMIC64_SELFTEST is not set +# CONFIG_ASYNC_RAID6_TEST is not set # CONFIG_TEST_HEXDUMP is not set # CONFIG_TEST_STRING_HELPERS is not set # CONFIG_TEST_KSTRTOX is not set @@ -6198,6 +6313,11 @@ CONFIG_DEFAULT_SECURITY_DAC=y CONFIG_DEFAULT_SECURITY="" # CONFIG_TRUSTED_LITTLE_KERNEL is not set CONFIG_XOR_BLOCKS=m +CONFIG_ASYNC_CORE=m +CONFIG_ASYNC_MEMCPY=m +CONFIG_ASYNC_XOR=m +CONFIG_ASYNC_PQ=m +CONFIG_ASYNC_RAID6_RECOV=m CONFIG_CRYPTO=y # From f100943a54c7b9e9d23a31fd386eaaba9b8ee60f Mon Sep 17 00:00:00 2001 From: Anastassios Nanos Date: Fri, 11 Jun 2021 12:41:53 +0000 Subject: [PATCH 03/14] Attempt to automate kernel building with a dockerfile Signed-off-by: Anastassios Nanos --- Dockerfile | 48 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..aeda89a --- /dev/null +++ b/Dockerfile @@ -0,0 +1,48 @@ +FROM ananos/debian-dev-aarch64 as build + +# Grab build dependencies +RUN apt-get update && apt install -y build-essential libssl-dev bc flex bison libelf-dev openssl libssl-dev bc cpio rsync kmod + +RUN mkdir -p /build +WORKDIR /build + +# Download the L4T source tarball +RUN wget -c https://developer.nvidia.com/embedded/dlc/r32-3-1_Release_v1.0/Sources/T186/public_sources.tbz2 + +# Unpack the kernel tarball +RUN tar -jxpf public_sources.tbz2 +RUN cd Linux_for_Tegra/source/public && tar -jxpf kernel_src.tbz2 + +# Get gcc-7 aarch64 toolchain +RUN mkdir -p /store/toolchains +WORKDIR /store/toolchains +RUN wget https://releases.linaro.org/components/toolchain/binaries/latest-7/aarch64-linux-gnu/gcc-linaro-7.5.0-2019.12-x86_64_aarch64-linux-gnu.tar.xz && xzcat gcc-linaro-7.5.0-2019.12-x86_64_aarch64-linux-gnu.tar.xz | tar -xf - + +# Download patch and kernel config. +# If no branch is specified, then the latest L4T release is used. +RUN git clone https://github.com/cloudkernels/Xavier-KVM.git ~/Xavier-KVM -b Nano/t210 + +WORKDIR /build/Linux_for_Tegra/source/public/hardware +# Patch the device tree +RUN patch -Np1 -i ~/Xavier-KVM/patches/hardware/0001-Enable-KVM-support-for-t194.patch + +# Patch the kernel +WORKDIR /build/Linux_for_Tegra/source/public/kernel/kernel-4.9 +RUN for i in ~/Xavier-KVM/patches/kernel/*; do patch -Np1 -i $i; done + +# Copy the kernel config to the kernel source tree +RUN cp ~/Xavier-KVM/config-4.9.140-kvm .config + +# Build kernel components +RUN make ARCH=arm64 Image -j$(nproc) CROSS_COMPILE=/store/toolchains/gcc-linaro-7.5.0-2019.12-x86_64_aarch64-linux-gnu/bin/aarch64-linux-gnu- +RUN make ARCH=arm64 dtbs -j$(nproc) CROSS_COMPILE=/store/toolchains/gcc-linaro-7.5.0-2019.12-x86_64_aarch64-linux-gnu/bin/aarch64-linux-gnu- +RUN make ARCH=arm64 modules -j$(nproc) CROSS_COMPILE=/store/toolchains/gcc-linaro-7.5.0-2019.12-x86_64_aarch64-linux-gnu/bin/aarch64-linux-gnu- + +# Install kernel modules and firmware +RUN make ARCH=arm64 modules_install -j$(nproc) CROSS_COMPILE=/store/toolchains/gcc-linaro-7.5.0-2019.12-x86_64_aarch64-linux-gnu/bin/aarch64-linux-gnu- + +FROM scratch as artifact +COPY --from=build /lib/modules/ /modules +COPY --from=build /lib/firmware/ /firmware +COPY --from=build /build/Linux_for_Tegra/source/public/kernel/kernel-4.9/arch/arm64/boot/Image /Image + From ebb42db21f6084405837395a2ca90cf20cfd3eed Mon Sep 17 00:00:00 2001 From: Anastassios Nanos Date: Fri, 11 Jun 2021 12:42:22 +0000 Subject: [PATCH 04/14] include example command Signed-off-by: Anastassios Nanos --- Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Dockerfile b/Dockerfile index aeda89a..5df637e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,6 @@ +### +### DOCKER_BUILDKIT=1 docker build -f Dockerfile -t jetson-kernel --target artifact --output type=local,dest=./output . +### FROM ananos/debian-dev-aarch64 as build # Grab build dependencies From a0e953708f9b9a8e5b47d24cc514ea26bd4138ae Mon Sep 17 00:00:00 2001 From: Anastassios Nanos Date: Fri, 11 Jun 2021 15:14:46 +0000 Subject: [PATCH 05/14] Remove patch --- ...tribute-packed-from-struct-regcache_.patch | 43 ------------------- 1 file changed, 43 deletions(-) delete mode 100644 patches/kernel/0003-regmap-Remove-attribute-packed-from-struct-regcache_.patch diff --git a/patches/kernel/0003-regmap-Remove-attribute-packed-from-struct-regcache_.patch b/patches/kernel/0003-regmap-Remove-attribute-packed-from-struct-regcache_.patch deleted file mode 100644 index 9f07f1d..0000000 --- a/patches/kernel/0003-regmap-Remove-attribute-packed-from-struct-regcache_.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 5ba9a17dcfb28ce57beb3fff2dc8abf76f1873f7 Mon Sep 17 00:00:00 2001 -From: Mathieu Malaterre -Date: Thu, 24 Jan 2019 19:06:24 +0100 -Subject: [PATCH 7/7] regmap: Remove attribute packed from struct - 'regcache_rbtree_node' - -On one hand commit 28644c809f44 ("regmap: Add the rbtree cache support") -added 'regcache_rbtree_node' as packed structure, while on the other hand -commit e977145aeaad ("[RBTREE] Add explicit alignment to sizeof(long) -for struct rb_node.") declared struct 'rb_node' as aligned. - -Solve the ambiguity of placing aligned structure in a packed one by -removing the packed attribute from struct. This seems to be the behavior -of gcc anyway. - -This removes the following warning (W=1): - - drivers/base/regmap/regcache-rbtree.c:36:1: warning: alignment 1 of 'struct regcache_rbtree_node' is less than 4 [-Wpacked-not-aligned] - -Cc: Dimitris Papastamos -Cc: David Woodhouse -Signed-off-by: Mathieu Malaterre -Signed-off-by: Mark Brown ---- - drivers/base/regmap/regcache-rbtree.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/drivers/base/regmap/regcache-rbtree.c b/drivers/base/regmap/regcache-rbtree.c -index b11af3f2c1db..9d2715be7654 100644 ---- a/drivers/base/regmap/regcache-rbtree.c -+++ b/drivers/base/regmap/regcache-rbtree.c -@@ -33,7 +33,7 @@ struct regcache_rbtree_node { - unsigned int blklen; - /* the actual rbtree node holding this block */ - struct rb_node node; --} __attribute__ ((packed)); -+}; - - struct regcache_rbtree_ctx { - struct rb_root root; --- -2.17.1 - From b5363826daf0e9b0c89ea3c402b5004143afbcee Mon Sep 17 00:00:00 2001 From: Anastassios Nanos Date: Fri, 11 Jun 2021 15:33:10 +0000 Subject: [PATCH 06/14] update & fix for latest Nano BSP release Signed-off-by: Anastassios Nanos --- Dockerfile | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5df637e..a74a431 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,7 +10,8 @@ RUN mkdir -p /build WORKDIR /build # Download the L4T source tarball -RUN wget -c https://developer.nvidia.com/embedded/dlc/r32-3-1_Release_v1.0/Sources/T186/public_sources.tbz2 +#RUN wget -c https://developer.nvidia.com/embedded/dlc/r32-3-1_Release_v1.0/Sources/T186/public_sources.tbz2 +RUN wget -c https://developer.nvidia.com/embedded/l4t/r32_release_v5.1/r32_release_v5.1/sources/t210/public_sources.tbz2 # Unpack the kernel tarball RUN tar -jxpf public_sources.tbz2 @@ -24,17 +25,22 @@ RUN wget https://releases.linaro.org/components/toolchain/binaries/latest-7/aarc # Download patch and kernel config. # If no branch is specified, then the latest L4T release is used. RUN git clone https://github.com/cloudkernels/Xavier-KVM.git ~/Xavier-KVM -b Nano/t210 +WORKDIR /root/Xavier-KVM +RUN git pull WORKDIR /build/Linux_for_Tegra/source/public/hardware # Patch the device tree -RUN patch -Np1 -i ~/Xavier-KVM/patches/hardware/0001-Enable-KVM-support-for-t194.patch +#RUN patch -Np1 -i ~/Xavier-KVM/patches/hardware/0001-Enable-KVM-support-for-t194.patch +RUN patch -Np1 -i ~/Xavier-KVM/patches/hardware/0001-Enable-KVM-support-for-t210.patch # Patch the kernel WORKDIR /build/Linux_for_Tegra/source/public/kernel/kernel-4.9 RUN for i in ~/Xavier-KVM/patches/kernel/*; do patch -Np1 -i $i; done # Copy the kernel config to the kernel source tree -RUN cp ~/Xavier-KVM/config-4.9.140-kvm .config +RUN cp ~/Xavier-KVM/config-4.9.140-kvm arch/arm64/configs/tegra-kvm_defconfig +RUN touch .config +RUN make ARCH=arm64 CROSS_COMPILE=/store/toolchains/gcc-linaro-7.5.0-2019.12-x86_64_aarch64-linux-gnu/bin/aarch64-linux-gnu- tegra-kvm_defconfig # Build kernel components RUN make ARCH=arm64 Image -j$(nproc) CROSS_COMPILE=/store/toolchains/gcc-linaro-7.5.0-2019.12-x86_64_aarch64-linux-gnu/bin/aarch64-linux-gnu- @@ -48,4 +54,5 @@ FROM scratch as artifact COPY --from=build /lib/modules/ /modules COPY --from=build /lib/firmware/ /firmware COPY --from=build /build/Linux_for_Tegra/source/public/kernel/kernel-4.9/arch/arm64/boot/Image /Image - +COPY --from=build /build/Linux_for_Tegra/source/public/kernel/kernel-4.9/arch/arm64/boot/dts/tegra210-p3448-0000-p3449-0000-a02.dtb /tegra210-p3448-0000-p3449-0000-a02.dtb +COPY --from=build /build/Linux_for_Tegra/source/public/kernel/kernel-4.9/arch/arm64/boot/dts/tegra210-p3448-0000-p3449-0000-a02.dtb /tegra210-p3448-0000-p3449-0000-b00.dtb From ed2cfb95acdefe771cc68228ec410eaa247cc978 Mon Sep 17 00:00:00 2001 From: Anastassios Nanos Date: Fri, 11 Jun 2021 20:03:03 +0000 Subject: [PATCH 07/14] update config for kata Signed-off-by: Anastassios Nanos --- config-4.9.140-kvm | 48 +++++++++++++++++++++++----------------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/config-4.9.140-kvm b/config-4.9.140-kvm index c148c70..0b6c413 100644 --- a/config-4.9.140-kvm +++ b/config-4.9.140-kvm @@ -1145,31 +1145,31 @@ CONFIG_NET_SCHED=y # # Queueing/Scheduling # -# CONFIG_NET_SCH_CBQ is not set +CONFIG_NET_SCH_CBQ=m CONFIG_NET_SCH_HTB=y -# CONFIG_NET_SCH_HFSC is not set -# CONFIG_NET_SCH_PRIO is not set -# CONFIG_NET_SCH_MULTIQ is not set -# CONFIG_NET_SCH_RED is not set -# CONFIG_NET_SCH_SFB is not set -# CONFIG_NET_SCH_SFQ is not set -# CONFIG_NET_SCH_TEQL is not set -# CONFIG_NET_SCH_TBF is not set -# CONFIG_NET_SCH_GRED is not set -# CONFIG_NET_SCH_DSMARK is not set -# CONFIG_NET_SCH_NETEM is not set -# CONFIG_NET_SCH_DRR is not set -# CONFIG_NET_SCH_MQPRIO is not set -# CONFIG_NET_SCH_CHOKE is not set -# CONFIG_NET_SCH_QFQ is not set -# CONFIG_NET_SCH_CODEL is not set -# CONFIG_NET_SCH_FQ_CODEL is not set -# CONFIG_NET_SCH_FQ is not set -# CONFIG_NET_SCH_HHF is not set -# CONFIG_NET_SCH_PIE is not set -# CONFIG_NET_SCH_TEGRA is not set -# CONFIG_NET_SCH_INGRESS is not set -# CONFIG_NET_SCH_PLUG is not set +CONFIG_NET_SCH_HFSC=m +CONFIG_NET_SCH_PRIO=m +CONFIG_NET_SCH_MULTIQ=m +CONFIG_NET_SCH_RED=m +CONFIG_NET_SCH_SFB=m +CONFIG_NET_SCH_SFQ=m +CONFIG_NET_SCH_TEQL=m +CONFIG_NET_SCH_TBF=m +CONFIG_NET_SCH_GRED=m +CONFIG_NET_SCH_DSMARK=m +CONFIG_NET_SCH_NETEM=m +CONFIG_NET_SCH_DRR=m +CONFIG_NET_SCH_MQPRIO=m +CONFIG_NET_SCH_CHOKE=m +CONFIG_NET_SCH_QFQ=m +CONFIG_NET_SCH_CODEL=m +CONFIG_NET_SCH_FQ_CODEL=m +CONFIG_NET_SCH_FQ=m +CONFIG_NET_SCH_HHF=m +CONFIG_NET_SCH_PIE=m +CONFIG_NET_SCH_TEGRA=m +CONFIG_NET_SCH_INGRESS=m +CONFIG_NET_SCH_PLUG=m # # Classification From 51c8160161b4df3d9528f2aeab20dc6507f60992 Mon Sep 17 00:00:00 2001 From: Anastassios Nanos Date: Fri, 11 Jun 2021 20:29:49 +0000 Subject: [PATCH 08/14] update config for kata Signed-off-by: Anastassios Nanos --- Dockerfile | 1 + config-4.9.140-kvm | 48 +++++++++++++++++++++++----------------------- 2 files changed, 25 insertions(+), 24 deletions(-) diff --git a/Dockerfile b/Dockerfile index a74a431..8379a7e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -40,6 +40,7 @@ RUN for i in ~/Xavier-KVM/patches/kernel/*; do patch -Np1 -i $i; done # Copy the kernel config to the kernel source tree RUN cp ~/Xavier-KVM/config-4.9.140-kvm arch/arm64/configs/tegra-kvm_defconfig RUN touch .config +RUN touch .config RUN make ARCH=arm64 CROSS_COMPILE=/store/toolchains/gcc-linaro-7.5.0-2019.12-x86_64_aarch64-linux-gnu/bin/aarch64-linux-gnu- tegra-kvm_defconfig # Build kernel components diff --git a/config-4.9.140-kvm b/config-4.9.140-kvm index 0b6c413..ab43c2e 100644 --- a/config-4.9.140-kvm +++ b/config-4.9.140-kvm @@ -1145,31 +1145,31 @@ CONFIG_NET_SCHED=y # # Queueing/Scheduling # -CONFIG_NET_SCH_CBQ=m +CONFIG_NET_SCH_CBQ=y CONFIG_NET_SCH_HTB=y -CONFIG_NET_SCH_HFSC=m -CONFIG_NET_SCH_PRIO=m -CONFIG_NET_SCH_MULTIQ=m -CONFIG_NET_SCH_RED=m -CONFIG_NET_SCH_SFB=m -CONFIG_NET_SCH_SFQ=m -CONFIG_NET_SCH_TEQL=m -CONFIG_NET_SCH_TBF=m -CONFIG_NET_SCH_GRED=m -CONFIG_NET_SCH_DSMARK=m -CONFIG_NET_SCH_NETEM=m -CONFIG_NET_SCH_DRR=m -CONFIG_NET_SCH_MQPRIO=m -CONFIG_NET_SCH_CHOKE=m -CONFIG_NET_SCH_QFQ=m -CONFIG_NET_SCH_CODEL=m -CONFIG_NET_SCH_FQ_CODEL=m -CONFIG_NET_SCH_FQ=m -CONFIG_NET_SCH_HHF=m -CONFIG_NET_SCH_PIE=m -CONFIG_NET_SCH_TEGRA=m -CONFIG_NET_SCH_INGRESS=m -CONFIG_NET_SCH_PLUG=m +CONFIG_NET_SCH_HFSC=y +CONFIG_NET_SCH_PRIO=y +CONFIG_NET_SCH_MULTIQ=y +CONFIG_NET_SCH_RED=y +CONFIG_NET_SCH_SFB=y +CONFIG_NET_SCH_SFQ=y +CONFIG_NET_SCH_TEQL=y +CONFIG_NET_SCH_TBF=y +CONFIG_NET_SCH_GRED=y +CONFIG_NET_SCH_DSMARK=y +CONFIG_NET_SCH_NETEM=y +CONFIG_NET_SCH_DRR=y +CONFIG_NET_SCH_MQPRIO=y +CONFIG_NET_SCH_CHOKE=y +CONFIG_NET_SCH_QFQ=y +CONFIG_NET_SCH_CODEL=y +CONFIG_NET_SCH_FQ_CODEL=y +CONFIG_NET_SCH_FQ=y +CONFIG_NET_SCH_HHF=y +CONFIG_NET_SCH_PIE=y +CONFIG_NET_SCH_TEGRA=y +CONFIG_NET_SCH_INGRESS=y +CONFIG_NET_SCH_PLUG=y # # Classification From 22a789efed5628bb9c0221a7f154005ca21bcb8b Mon Sep 17 00:00:00 2001 From: Anastassios Nanos Date: Fri, 11 Jun 2021 20:50:51 +0000 Subject: [PATCH 09/14] update config for kata Signed-off-by: Anastassios Nanos --- Dockerfile | 1 + config-4.9.140-kvm | 53 ++++++++++++++++++++++++++-------------------- 2 files changed, 31 insertions(+), 23 deletions(-) diff --git a/Dockerfile b/Dockerfile index 8379a7e..6b95433 100644 --- a/Dockerfile +++ b/Dockerfile @@ -41,6 +41,7 @@ RUN for i in ~/Xavier-KVM/patches/kernel/*; do patch -Np1 -i $i; done RUN cp ~/Xavier-KVM/config-4.9.140-kvm arch/arm64/configs/tegra-kvm_defconfig RUN touch .config RUN touch .config +RUN touch .config RUN make ARCH=arm64 CROSS_COMPILE=/store/toolchains/gcc-linaro-7.5.0-2019.12-x86_64_aarch64-linux-gnu/bin/aarch64-linux-gnu- tegra-kvm_defconfig # Build kernel components diff --git a/config-4.9.140-kvm b/config-4.9.140-kvm index ab43c2e..ad5dc47 100644 --- a/config-4.9.140-kvm +++ b/config-4.9.140-kvm @@ -1145,31 +1145,38 @@ CONFIG_NET_SCHED=y # # Queueing/Scheduling # -CONFIG_NET_SCH_CBQ=y -CONFIG_NET_SCH_HTB=y -CONFIG_NET_SCH_HFSC=y +CONFIG_NET_SCH_CBQ=m +CONFIG_NET_SCH_HTB=m +CONFIG_NET_SCH_HFSC=m CONFIG_NET_SCH_PRIO=y -CONFIG_NET_SCH_MULTIQ=y -CONFIG_NET_SCH_RED=y -CONFIG_NET_SCH_SFB=y -CONFIG_NET_SCH_SFQ=y -CONFIG_NET_SCH_TEQL=y +CONFIG_NET_SCH_MULTIQ=m +CONFIG_NET_SCH_RED=m +CONFIG_NET_SCH_SFB=m +CONFIG_NET_SCH_SFQ=m +CONFIG_NET_SCH_TEQL=m CONFIG_NET_SCH_TBF=y -CONFIG_NET_SCH_GRED=y -CONFIG_NET_SCH_DSMARK=y -CONFIG_NET_SCH_NETEM=y -CONFIG_NET_SCH_DRR=y -CONFIG_NET_SCH_MQPRIO=y -CONFIG_NET_SCH_CHOKE=y -CONFIG_NET_SCH_QFQ=y -CONFIG_NET_SCH_CODEL=y -CONFIG_NET_SCH_FQ_CODEL=y -CONFIG_NET_SCH_FQ=y -CONFIG_NET_SCH_HHF=y -CONFIG_NET_SCH_PIE=y -CONFIG_NET_SCH_TEGRA=y -CONFIG_NET_SCH_INGRESS=y -CONFIG_NET_SCH_PLUG=y +# CONFIG_NET_SCH_CBS is not set +# CONFIG_NET_SCH_ETF is not set +# CONFIG_NET_SCH_TAPRIO is not set +# CONFIG_NET_SCH_GRED is not set +# CONFIG_NET_SCH_DSMARK is not set +# CONFIG_NET_SCH_NETEM is not set +# CONFIG_NET_SCH_DRR is not set +CONFIG_NET_SCH_MQPRIO=m +# CONFIG_NET_SCH_SKBPRIO is not set +# CONFIG_NET_SCH_CHOKE is not set +CONFIG_NET_SCH_QFQ=m +# CONFIG_NET_SCH_CODEL is not set +# CONFIG_NET_SCH_FQ_CODEL is not set +# CONFIG_NET_SCH_CAKE is not set +# CONFIG_NET_SCH_FQ is not set +# CONFIG_NET_SCH_HHF is not set +# CONFIG_NET_SCH_PIE is not set +CONFIG_NET_SCH_INGRESS=m +# CONFIG_NET_SCH_PLUG is not set +# CONFIG_NET_SCH_ETS is not set +# CONFIG_NET_SCH_DEFAULT is not set +CONFIG_NET_SCH_FIFO=y # # Classification From 7cc208dea51aa9b8a02a837213913ec18642a910 Mon Sep 17 00:00:00 2001 From: Anastassios Nanos Date: Fri, 11 Jun 2021 22:41:22 +0000 Subject: [PATCH 10/14] update config Signed-off-by: Anastassios Nanos --- Dockerfile | 3 +- config-4.9.140-kvm | 109 +++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 107 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6b95433..1d6f887 100644 --- a/Dockerfile +++ b/Dockerfile @@ -40,9 +40,8 @@ RUN for i in ~/Xavier-KVM/patches/kernel/*; do patch -Np1 -i $i; done # Copy the kernel config to the kernel source tree RUN cp ~/Xavier-KVM/config-4.9.140-kvm arch/arm64/configs/tegra-kvm_defconfig RUN touch .config -RUN touch .config -RUN touch .config RUN make ARCH=arm64 CROSS_COMPILE=/store/toolchains/gcc-linaro-7.5.0-2019.12-x86_64_aarch64-linux-gnu/bin/aarch64-linux-gnu- tegra-kvm_defconfig +RUN cat .config |grep -i NET_SCH # Build kernel components RUN make ARCH=arm64 Image -j$(nproc) CROSS_COMPILE=/store/toolchains/gcc-linaro-7.5.0-2019.12-x86_64_aarch64-linux-gnu/bin/aarch64-linux-gnu- diff --git a/config-4.9.140-kvm b/config-4.9.140-kvm index ad5dc47..9686220 100644 --- a/config-4.9.140-kvm +++ b/config-4.9.140-kvm @@ -196,7 +196,7 @@ CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y -# CONFIG_BPF_SYSCALL is not set +CONFIG_BPF_SYSCALL=y CONFIG_SHMEM=y # CONFIG_SHMEM_ALL_RAM is not set CONFIG_AIO=y @@ -792,7 +792,110 @@ CONFIG_BRIDGE_NETFILTER=m # CONFIG_NETFILTER_INGRESS=y CONFIG_NETFILTER_NETLINK=m +CONFIG_NETFILTER_FAMILY_BRIDGE=y +CONFIG_NETFILTER_FAMILY_ARP=y CONFIG_NETFILTER_NETLINK_ACCT=m +CONFIG_NETFILTER_NETLINK_OSF=m +CONFIG_NF_CT_NETLINK_HELPER=m +CONFIG_NETFILTER_NETLINK_GLUE_CT=y +CONFIG_NF_NAT_REDIRECT=y +CONFIG_NF_NAT_MASQUERADE=y +CONFIG_NF_TABLES_INET=y +CONFIG_NF_TABLES_NETDEV=y +CONFIG_NFT_FLOW_OFFLOAD=m +CONFIG_NFT_CONNLIMIT=m +CONFIG_NFT_TUNNEL=m +CONFIG_NFT_OBJREF=m +CONFIG_NFT_FIB=m +CONFIG_NFT_XFRM=m +CONFIG_NFT_SOCKET=m +CONFIG_NFT_OSF=m +CONFIG_NFT_TPROXY=m +CONFIG_NFT_SYNPROXY=m +CONFIG_NF_FLOW_TABLE_INET=m +CONFIG_NF_FLOW_TABLE=m +CONFIG_NETFILTER_XTABLES=y +CONFIG_NETFILTER_XT_TARGET_MASQUERADE=m +CONFIG_IP_SET_HASH_IPMAC=m +CONFIG_IP_VS_MH=m +CONFIG_IP_VS_MH_TAB_INDEX=12 +CONFIG_IP_VS_FTP=m +CONFIG_IP_VS_PE_SIP=m +CONFIG_NF_SOCKET_IPV4=m +CONFIG_NF_TPROXY_IPV4=m +CONFIG_NF_TABLES_IPV4=y +CONFIG_NFT_FIB_IPV4=m +CONFIG_NF_TABLES_ARP=y +CONFIG_NF_FLOW_TABLE_IPV4=m +CONFIG_NF_SOCKET_IPV6=m +CONFIG_NF_TPROXY_IPV6=m +CONFIG_NF_TABLES_IPV6=y +CONFIG_NF_DEFRAG_IPV6=m +CONFIG_NF_CONNTRACK_BRIDGE=m +CONFIG_IP_DCCP=m +CONFIG_INET_DCCP_DIAG=m +CONFIG_IP_DCCP_TFRC_LIB=y +CONFIG_IP_DCCP_CCID3=y +CONFIG_IP_SCTP=m +CONFIG_SCTP_DEFAULT_COOKIE_HMAC_MD5=y +CONFIG_SCTP_COOKIE_HMAC_MD5=y +CONFIG_INET_SCTP_DIAG=m +CONFIG_STP=m +CONFIG_BRIDGE=m +CONFIG_NET_CLS_BASIC=m +CONFIG_NET_CLS_TCINDEX=m +CONFIG_NET_CLS_ROUTE4=m +CONFIG_NET_CLS_FW=m +CONFIG_NET_CLS_U32=m +CONFIG_CLS_U32_PERF=y +CONFIG_CLS_U32_MARK=y +CONFIG_NET_CLS_FLOW=m +CONFIG_NET_CLS_CGROUP=m +CONFIG_NET_CLS_BPF=m +CONFIG_NET_CLS_FLOWER=m +CONFIG_NET_CLS_MATCHALL=m +CONFIG_NET_ACT_POLICE=m +CONFIG_NET_ACT_GACT=m +CONFIG_GACT_PROB=y +CONFIG_NET_ACT_MIRRED=m +CONFIG_NET_ACT_IPT=m +CONFIG_NET_ACT_NAT=m +CONFIG_NET_ACT_PEDIT=m +CONFIG_NET_ACT_SIMP=m +CONFIG_NET_ACT_SKBEDIT=m +CONFIG_NET_ACT_CSUM=m +CONFIG_NET_ACT_VLAN=m +CONFIG_NET_ACT_TUNNEL_KEY=m +CONFIG_OPENVSWITCH=m +CONFIG_OPENVSWITCH_GRE=m +CONFIG_OPENVSWITCH_VXLAN=m +CONFIG_OPENVSWITCH_GENEVE=m +CONFIG_VSOCKETS=m +CONFIG_VSOCKETS_DIAG=m +CONFIG_VSOCKETS_LOOPBACK=m +CONFIG_VIRTIO_VSOCKETS=m +CONFIG_VIRTIO_VSOCKETS_COMMON=m +CONFIG_MPLS=y +CONFIG_NET_MPLS_GSO=m +CONFIG_NET_NSH=m +CONFIG_NET_SWITCHDEV=y +CONFIG_QRTR=m +CONFIG_QRTR_SMD=m +CONFIG_QRTR_TUN=m +CONFIG_BT=m +CONFIG_BT_HIDP=m +CONFIG_BT_HCIUART_SERDEV=y +CONFIG_CFG80211_REQUIRE_SIGNED_REGDB=y +CONFIG_CFG80211_USE_KERNEL_REGDB_KEYS=y +CONFIG_RFKILL=m +CONFIG_RFKILL_INPUT=y +CONFIG_GRO_CELLS=y +CONFIG_NET_DEVLINK=y +CONFIG_PAGE_POOL=y +CONFIG_FAILOVER=y +CONFIG_ETHTOOL_NETLINK=y + + CONFIG_NETFILTER_NETLINK_QUEUE=m CONFIG_NETFILTER_NETLINK_LOG=m CONFIG_NF_CONNTRACK=m @@ -1193,7 +1296,7 @@ CONFIG_NET_CLS_U32=y # CONFIG_NET_CLS_RSVP6 is not set # CONFIG_NET_CLS_FLOW is not set CONFIG_NET_CLS_CGROUP=y -# CONFIG_NET_CLS_BPF is not set +CONFIG_NET_CLS_BPF=y # CONFIG_NET_CLS_FLOWER is not set # CONFIG_NET_CLS_MATCHALL is not set CONFIG_NET_EMATCH=y @@ -1216,7 +1319,7 @@ CONFIG_NET_CLS_ACT=y # CONFIG_NET_ACT_SKBEDIT is not set # CONFIG_NET_ACT_CSUM is not set # CONFIG_NET_ACT_VLAN is not set -# CONFIG_NET_ACT_BPF is not set +CONFIG_NET_ACT_BPF=y # CONFIG_NET_ACT_CONNMARK is not set # CONFIG_NET_ACT_SKBMOD is not set # CONFIG_NET_ACT_IFE is not set From 6545f40d65e0ca16bfe5bbc4d20370f18760fcae Mon Sep 17 00:00:00 2001 From: Anastassios Nanos Date: Fri, 11 Jun 2021 23:38:47 +0000 Subject: [PATCH 11/14] update config (https://github.com/kata-containers/documentation/pull/445) Signed-off-by: Anastassios Nanos --- Dockerfile | 2 +- config-4.9.140-kvm | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1d6f887..376259f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -22,6 +22,7 @@ RUN mkdir -p /store/toolchains WORKDIR /store/toolchains RUN wget https://releases.linaro.org/components/toolchain/binaries/latest-7/aarch64-linux-gnu/gcc-linaro-7.5.0-2019.12-x86_64_aarch64-linux-gnu.tar.xz && xzcat gcc-linaro-7.5.0-2019.12-x86_64_aarch64-linux-gnu.tar.xz | tar -xf - +RUN touch /tmp/blah # Download patch and kernel config. # If no branch is specified, then the latest L4T release is used. RUN git clone https://github.com/cloudkernels/Xavier-KVM.git ~/Xavier-KVM -b Nano/t210 @@ -41,7 +42,6 @@ RUN for i in ~/Xavier-KVM/patches/kernel/*; do patch -Np1 -i $i; done RUN cp ~/Xavier-KVM/config-4.9.140-kvm arch/arm64/configs/tegra-kvm_defconfig RUN touch .config RUN make ARCH=arm64 CROSS_COMPILE=/store/toolchains/gcc-linaro-7.5.0-2019.12-x86_64_aarch64-linux-gnu/bin/aarch64-linux-gnu- tegra-kvm_defconfig -RUN cat .config |grep -i NET_SCH # Build kernel components RUN make ARCH=arm64 Image -j$(nproc) CROSS_COMPILE=/store/toolchains/gcc-linaro-7.5.0-2019.12-x86_64_aarch64-linux-gnu/bin/aarch64-linux-gnu- diff --git a/config-4.9.140-kvm b/config-4.9.140-kvm index 9686220..77f10fb 100644 --- a/config-4.9.140-kvm +++ b/config-4.9.140-kvm @@ -1311,7 +1311,7 @@ CONFIG_NET_EMATCH_IPSET=m CONFIG_NET_CLS_ACT=y # CONFIG_NET_ACT_POLICE is not set # CONFIG_NET_ACT_GACT is not set -# CONFIG_NET_ACT_MIRRED is not set +CONFIG_NET_ACT_MIRRED is not set # CONFIG_NET_ACT_IPT is not set # CONFIG_NET_ACT_NAT is not set # CONFIG_NET_ACT_PEDIT is not set From e57373bd19d556d270054a8bd9e00e93c9139980 Mon Sep 17 00:00:00 2001 From: Anastassios Nanos Date: Sat, 12 Jun 2021 09:18:47 +0000 Subject: [PATCH 12/14] enable vsock Signed-off-by: Anastassios Nanos --- config-4.9.140-kvm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config-4.9.140-kvm b/config-4.9.140-kvm index 77f10fb..76787fe 100644 --- a/config-4.9.140-kvm +++ b/config-4.9.140-kvm @@ -873,6 +873,7 @@ CONFIG_OPENVSWITCH_GENEVE=m CONFIG_VSOCKETS=m CONFIG_VSOCKETS_DIAG=m CONFIG_VSOCKETS_LOOPBACK=m +CONFIG_VHOST_VSOCK=m CONFIG_VIRTIO_VSOCKETS=m CONFIG_VIRTIO_VSOCKETS_COMMON=m CONFIG_MPLS=y @@ -1330,7 +1331,6 @@ CONFIG_NET_SCH_FIFO=y CONFIG_DNS_RESOLVER=y # CONFIG_BATMAN_ADV is not set # CONFIG_OPENVSWITCH is not set -# CONFIG_VSOCKETS is not set # CONFIG_NETLINK_DIAG is not set # CONFIG_MPLS is not set # CONFIG_HSR is not set From 9024264f87d1114bca03c748a35b873ef529927b Mon Sep 17 00:00:00 2001 From: Anastassios Nanos Date: Tue, 15 Jun 2021 00:11:08 +0100 Subject: [PATCH 13/14] add action Signed-off-by: Anastassios Nanos --- .github/workflows/main.yml | 47 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 .github/workflows/main.yml diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 0000000..8b1735e --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,47 @@ +# This is a basic workflow to help you get started with Actions + +name: build + +# Controls when the action will run. +on: + # Triggers the workflow on push or pull request events but only for the master branch + push: + branches: [ master ] + pull_request: + branches: [ master ] + + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: + # This workflow contains a single job called "build" + build: + # The type of runner that the job will run on + runs-on: [self-hosted, cloud, x86_64] + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - uses: actions/checkout@v2 + + # Runs a single command using the runners shell + - name: Run a one-line script + run: DOCKER_BUILDKIT=1 docker build --no-cache -f Dockerfile -t jetson-kernel --target artifact --output type=local,dest=${{github.workspace}}/artifacts/ . + + - name: Pack assets + working-directory: ${{ github.workspace }}/artifacts + run: | + zip -r \ + ${{github.workspace}}/jetson_kernel.zip * + + - name: Upload artifact + id: upload-artifact + if: steps.build-kvmm.outputs.build_exit_code == 0 + uses: cloudkernels/minio-upload@master + with: + url: https://s3.nubificus.co.uk + access-key: ${{ secrets.AWS_ACCESS_KEY }} + secret-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + local-path: ${{github.workspace}}/jetson_kernel.zip + remote-path: nbfc-assets/github/jetson_kernel/jetson_kernel.zip From e0a1176beb66cec14b4a580fd1f4082201bcc289 Mon Sep 17 00:00:00 2001 From: Anastassios Nanos Date: Tue, 15 Jun 2021 00:47:51 +0100 Subject: [PATCH 14/14] polish action Signed-off-by: Anastassios Nanos --- .github/workflows/main.yml | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 8b1735e..a28bd04 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -27,21 +27,30 @@ jobs: # Runs a single command using the runners shell - name: Run a one-line script - run: DOCKER_BUILDKIT=1 docker build --no-cache -f Dockerfile -t jetson-kernel --target artifact --output type=local,dest=${{github.workspace}}/artifacts/ . + id: build-artifacts + + run: | + echo ::set-output name=build_exit_code::1 + DOCKER_BUILDKIT=1 docker build --no-cache -f Dockerfile -t jetson-kernel --target artifact --output type=local,dest=${{github.workspace}}/artifacts/ . + echo ::set-output name=build_exit_code::$? - name: Pack assets + id: pack-artifacts + if: steps.build-artifacts.outputs.build_exit_code == 0 working-directory: ${{ github.workspace }}/artifacts run: | + echo ::set-output name=exit_code::1 zip -r \ ${{github.workspace}}/jetson_kernel.zip * + echo ::set-output name=exit_code::$? - name: Upload artifact id: upload-artifact - if: steps.build-kvmm.outputs.build_exit_code == 0 + if: steps.pack-artifacts.outputs.build_exit_code == 0 uses: cloudkernels/minio-upload@master with: url: https://s3.nubificus.co.uk access-key: ${{ secrets.AWS_ACCESS_KEY }} secret-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - local-path: ${{github.workspace}}/jetson_kernel.zip + local-path: jetson_kernel.zip remote-path: nbfc-assets/github/jetson_kernel/jetson_kernel.zip