From 25cc8ac2fed8a33396176912f697c30a2b5ec0f5 Mon Sep 17 00:00:00 2001 From: Andrew Fasano Date: Mon, 19 Aug 2024 16:48:17 -0400 Subject: [PATCH 1/3] Add misc options, linted --- configs/4.10/all-common.inc | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/configs/4.10/all-common.inc b/configs/4.10/all-common.inc index dced0cb..d5c3586 100644 --- a/configs/4.10/all-common.inc +++ b/configs/4.10/all-common.inc @@ -1,9 +1,3 @@ -CONFIG_NETLINK_DIAG=y -CONFIG_IKCONFIG_PROC=y -CONFIG_TASKSTATS=y - - - CONFIG_9P_FS=y CONFIG_9P_FS_POSIX_ACL=y CONFIG_AFFS_FS=y @@ -90,6 +84,7 @@ CONFIG_HIDRAW=y CONFIG_HID_PID=y CONFIG_HPFS_FS=y CONFIG_IKCONFIG=y +CONFIG_IKCONFIG_PROC=y CONFIG_INET6_AH=y CONFIG_INET6_ESP=y CONFIG_INET=y @@ -103,6 +98,7 @@ CONFIG_IP6_NF_NAT=y CONFIG_IP6_NF_RAW=y CONFIG_IPV6_MIP6=y CONFIG_IPV6_MROUTE=y +CONFIG_IPV6_MULTIPLE_TABLES=y CONFIG_IPV6_PIMSM_V2=y CONFIG_IPV6_ROUTER_PREF=y CONFIG_IPV6_SIT_6RD=y @@ -111,9 +107,6 @@ CONFIG_IP_ADVANCED_ROUTER=y CONFIG_IP_MROUTE=y CONFIG_IP_MULTICAST=y CONFIG_IP_MULTIPLE_TABLES=y -CONFIG_IP_NF_ARPFILTER=y -CONFIG_IP_NF_ARPTABLES=y -CONFIG_IP_NF_ARP_MANGLE=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MANGLE=y @@ -206,10 +199,12 @@ CONFIG_NETFILTER_XT_TARGET_MARK=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y +CONFIG_NETFILTER_XT_TARGET_SECMARK=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y CONFIG_NETFILTER_XT_TARGET_TPROXY=y CONFIG_NETFILTER_XT_TARGET_TRACE=y +CONFIG_NETLINK_DIAG=y CONFIG_NET_9P=y CONFIG_NET_9P_DEBUG=y CONFIG_NET_9P_VIRTIO=y @@ -257,17 +252,18 @@ CONFIG_ROMFS_FS=y CONFIG_RTC_CLASS=y CONFIG_RTC_INTF_DEV_UIE_EMUL=y CONFIG_SECURITY=y +CONFIG_SECURITYFS=y CONFIG_SECURITY_NETWORK_XFRM=y CONFIG_SECURITY_SELINUX=y CONFIG_SECURITY_SELINUX_BOOTPARAM=y CONFIG_SECURITY_SELINUX_DISABLE=y CONFIG_SECURITY_SMACK=y -CONFIG_SECURITYFS=y CONFIG_SLAB=y CONFIG_SQUASHFS=y CONFIG_SYN_COOKIES=y CONFIG_SYSVIPC=y CONFIG_SYSV_FS=y +CONFIG_TASKSTATS=y CONFIG_TMPFS=y CONFIG_TUN=y CONFIG_UDF_FS=y @@ -288,4 +284,4 @@ CONFIG_VLAN_8021Q=y CONFIG_VSOCKETS=y CONFIG_VXFS_FS=y CONFIG_XFRM_USER=y -CONFIG_ZISOFS=y +CONFIG_ZISOFS=y \ No newline at end of file From c195772c18be39c1790ed18b2eabdde7bcf16288 Mon Sep 17 00:00:00 2001 From: Andrew Fasano Date: Thu, 22 Aug 2024 14:55:05 -0400 Subject: [PATCH 2/3] Lint: explain why options are bad --- _in_container_build.sh | 71 +++++++++++++++++++++++++++++++++++++++--- 1 file changed, 66 insertions(+), 5 deletions(-) diff --git a/_in_container_build.sh b/_in_container_build.sh index 2adac74..5ce24da 100755 --- a/_in_container_build.sh +++ b/_in_container_build.sh @@ -39,6 +39,60 @@ get_cc() { echo "/opt/cross/${arch}-linux-musl${abi}/bin/${arch}-linux-musl${abi}-" } +get_all_options() { + local linux_dir="$1" + local arch="$2" + local temp_dir=$(mktemp -d) + + # Generate allnoconfig + make -C "$linux_dir" ARCH=$arch O="$temp_dir" allnoconfig >/dev/null 2>&1 + + # Generate allmodconfig + make -C "$linux_dir" ARCH=$arch O="$temp_dir" allmodconfig >/dev/null 2>&1 + + # Extract all CONFIG_ lines, remove comments and empty lines + grep '^CONFIG_' "$temp_dir/.config" | sed 's/=.*$//' | sort -u + + # Clean up + rm -rf "$temp_dir" +} + +lint_config() { + local config_file="$1" + local defconfig_file="$2" + local arch="$3" + local linux_dir="$4" + + # Get the list of all possible config options + all_options=$(get_all_options "$linux_dir" "$arch") + + + # Generate a full default config + make -C "$linux_dir" ARCH=$arch defconfig >/dev/null 2>&1 + local full_defconfig="$linux_dir/.config" + + # Compare the .config and defconfig files + diff -u <(sort "$config_file") <(sort "$defconfig_file" | sed '/^[ #]/d') | while read -r line; do + if [[ $line == -CONFIG_* ]]; then + option=${line#-} + option=${option%=y} # Remove the '=y' suffix + if grep -q "^$option=" "$full_defconfig"; then + echo "ON BY DEFAULT for $arch: $option" + elif ! echo "$all_options" | grep -q "^$option$"; then + echo "INVALID OPTION: $option" + else + echo "MISSING DEPENDENCY: $option" + fi + fi + done | sort + + echo $all_options > /app/all.txt + + + # Clean up + rm -f "$full_defconfig" +} + for VERSION in $VERSIONS; do for TARGET in $TARGETS; do BUILD_TARGETS="vmlinux" @@ -67,15 +121,22 @@ for TARGET in $TARGETS; do # If updating configs, lint them with kernel first! This removes default options and duplicates. + build_dir="/tmp/build/${VERSION}/${TARGET}" + linux_dir="/app/linux/$VERSION" + if $CONFIG_ONLY; then echo "Linting config for $TARGET to config_${VERSION}_${TARGET}.linted" - make -C /app/linux/$VERSION ARCH=${short_arch} CROSS_COMPILE=$(get_cc $TARGET) O=/tmp/build/${VERSION}/${TARGET}/ savedefconfig - cp "/tmp/build/${VERSION}/${TARGET}/defconfig" "/app/config_${VERSION}_${TARGET}.linted" - diff -u <(sort /tmp/build/${VERSION}/${TARGET}/.config) <(sort /tmp/build/${VERSION}/${TARGET}/defconfig | sed '/^[ #]/d') + + # Generate the .config and defconfig files + make -C "$linux_dir" ARCH="$short_arch" CROSS_COMPILE="$(get_cc $TARGET)" O="$build_dir" savedefconfig + + # Perform the linting + lint_config "$build_dir/.config" "$build_dir/defconfig" "$short_arch" "$linux_dir" > "/app/config_${VERSION}_${TARGET}.linted" + else echo "Building kernel for $TARGET" - make -C /app/linux/$VERSION ARCH=${short_arch} CROSS_COMPILE=$(get_cc $TARGET) O=/tmp/build/${VERSION}/${TARGET}/ olddefconfig - make -C /app/linux/$VERSION ARCH=${short_arch} CROSS_COMPILE=$(get_cc $TARGET) O=/tmp/build/${VERSION}/${TARGET}/ $BUILD_TARGETS -j$(nproc) + make -C $BUILD_DIR ARCH=${short_arch} CROSS_COMPILE=$(get_cc $TARGET) O=/tmp/build/${VERSION}/${TARGET}/ olddefconfig + make -C $BUILD_DIR ARCH=${short_arch} CROSS_COMPILE=$(get_cc $TARGET) O=/tmp/build/${VERSION}/${TARGET}/ $BUILD_TARGETS -j$(nproc) mkdir -p /kernels/$VERSION From 2c9ebbf52e9f2b19a96c5de2f466de80c5eb5061 Mon Sep 17 00:00:00 2001 From: Andrew Fasano Date: Thu, 22 Aug 2024 14:55:16 -0400 Subject: [PATCH 3/3] Add more network options based on linting --- configs/4.10/all-common.inc | 66 ++++++++++++++++++++++++++++++++++++ configs/4.10/arm-common.inc | 9 +++++ configs/4.10/mips-common.inc | 10 ++++++ 3 files changed, 85 insertions(+) diff --git a/configs/4.10/all-common.inc b/configs/4.10/all-common.inc index d5c3586..b752386 100644 --- a/configs/4.10/all-common.inc +++ b/configs/4.10/all-common.inc @@ -107,10 +107,16 @@ CONFIG_IP_ADVANCED_ROUTER=y CONFIG_IP_MROUTE=y CONFIG_IP_MULTICAST=y CONFIG_IP_MULTIPLE_TABLES=y + +CONFIG_IP_NF_ARPFILTER=y +CONFIG_IP_NF_ARP_MANGLE=y +CONFIG_IP_NF_ARPTABLES=y CONFIG_IP_NF_FILTER=y CONFIG_IP_NF_IPTABLES=y CONFIG_IP_NF_MANGLE=y +CONFIG_IP_NF_MATCH_AH=y CONFIG_IP_NF_MATCH_ECN=y +CONFIG_IP_NF_MATCH_RPFILTER=y CONFIG_IP_NF_MATCH_TTL=y CONFIG_IP_NF_NAT=y CONFIG_IP_NF_RAW=y @@ -120,6 +126,7 @@ CONFIG_IP_NF_TARGET_NETMAP=y CONFIG_IP_NF_TARGET_REDIRECT=y CONFIG_IP_NF_TARGET_REJECT=y CONFIG_IP_NF_TARGET_TTL=y + CONFIG_IP_PIMSM_V1=y CONFIG_IP_PIMSM_V2=y CONFIG_IP_PNP=y @@ -162,23 +169,53 @@ CONFIG_NAMESPACES=y CONFIG_NCP_FS=y CONFIG_NET=y CONFIG_NETDEVICES=y + CONFIG_NETFILTER=y +CONFIG_NETFILTER_ADVANCED=y +CONFIG_NETFILTER_DEBUG=y +CONFIG_NETFILTER_INGRESS=y +CONFIG_NETFILTER_NETLINK=y +CONFIG_NETFILTER_NETLINK_ACCT=y +CONFIG_NETFILTER_NETLINK_GLUE_CT=y +CONFIG_NETFILTER_NETLINK_LOG=y +CONFIG_NETFILTER_NETLINK_QUEUE=y +CONFIG_NETFILTER_SYNPROXY=y +CONFIG_NETFILTER_TPROXY=y +CONFIG_NETFILTER_XTABLES=y +CONFIG_NETFILTER_XT_CONNMARK=y +CONFIG_NETFILTER_XT_MARK=y +CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=y +CONFIG_NETFILTER_XT_MATCH_BPF=y +CONFIG_NETFILTER_XT_MATCH_CGROUP=y +CONFIG_NETFILTER_XT_MATCH_CLUSTER=y CONFIG_NETFILTER_XT_MATCH_COMMENT=y CONFIG_NETFILTER_XT_MATCH_CONNBYTES=y +CONFIG_NETFILTER_XT_MATCH_CONNLABEL=y CONFIG_NETFILTER_XT_MATCH_CONNLIMIT=y CONFIG_NETFILTER_XT_MATCH_CONNMARK=y CONFIG_NETFILTER_XT_MATCH_CONNTRACK=y +CONFIG_NETFILTER_XT_MATCH_CPU=y CONFIG_NETFILTER_XT_MATCH_DCCP=y +CONFIG_NETFILTER_XT_MATCH_DEVGROUP=y +CONFIG_NETFILTER_XT_MATCH_DSCP=y +CONFIG_NETFILTER_XT_MATCH_ECN=y CONFIG_NETFILTER_XT_MATCH_ESP=y CONFIG_NETFILTER_XT_MATCH_HASHLIMIT=y CONFIG_NETFILTER_XT_MATCH_HELPER=y +CONFIG_NETFILTER_XT_MATCH_HL=y +CONFIG_NETFILTER_XT_MATCH_IPCOMP=y CONFIG_NETFILTER_XT_MATCH_IPRANGE=y +CONFIG_NETFILTER_XT_MATCH_IPVS=y +CONFIG_NETFILTER_XT_MATCH_L2TP=y CONFIG_NETFILTER_XT_MATCH_LENGTH=y CONFIG_NETFILTER_XT_MATCH_LIMIT=y CONFIG_NETFILTER_XT_MATCH_MAC=y CONFIG_NETFILTER_XT_MATCH_MARK=y CONFIG_NETFILTER_XT_MATCH_MULTIPORT=y +CONFIG_NETFILTER_XT_MATCH_NFACCT=y +CONFIG_NETFILTER_XT_MATCH_OSF=y CONFIG_NETFILTER_XT_MATCH_OWNER=y +CONFIG_NETFILTER_XT_MATCH_PHYSDEV=y CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y CONFIG_NETFILTER_XT_MATCH_POLICY=y CONFIG_NETFILTER_XT_MATCH_QUOTA=y @@ -186,31 +223,54 @@ CONFIG_NETFILTER_XT_MATCH_RATEEST=y CONFIG_NETFILTER_XT_MATCH_REALM=y CONFIG_NETFILTER_XT_MATCH_RECENT=y CONFIG_NETFILTER_XT_MATCH_SCTP=y +CONFIG_NETFILTER_XT_MATCH_SOCKET=y CONFIG_NETFILTER_XT_MATCH_STATE=y CONFIG_NETFILTER_XT_MATCH_STATISTIC=y CONFIG_NETFILTER_XT_MATCH_STRING=y CONFIG_NETFILTER_XT_MATCH_TCPMSS=y CONFIG_NETFILTER_XT_MATCH_TIME=y CONFIG_NETFILTER_XT_MATCH_U32=y +CONFIG_NETFILTER_XT_NAT=y CONFIG_NETFILTER_XT_SET=y +CONFIG_NETFILTER_XT_TARGET_AUDIT=y +CONFIG_NETFILTER_XT_TARGET_CHECKSUM=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y +CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=y +CONFIG_NETFILTER_XT_TARGET_CT=y +CONFIG_NETFILTER_XT_TARGET_DSCP=y +CONFIG_NETFILTER_XT_TARGET_HL=y +CONFIG_NETFILTER_XT_TARGET_HMARK=y +CONFIG_NETFILTER_XT_TARGET_IDLETIMER=y +CONFIG_NETFILTER_XT_TARGET_LED=y +CONFIG_NETFILTER_XT_TARGET_LOG=y CONFIG_NETFILTER_XT_TARGET_MARK=y +CONFIG_NETFILTER_XT_TARGET_NETMAP=y CONFIG_NETFILTER_XT_TARGET_NFLOG=y CONFIG_NETFILTER_XT_TARGET_NFQUEUE=y CONFIG_NETFILTER_XT_TARGET_NOTRACK=y +CONFIG_NETFILTER_XT_TARGET_RATEEST=y +CONFIG_NETFILTER_XT_TARGET_REDIRECT=y CONFIG_NETFILTER_XT_TARGET_SECMARK=y CONFIG_NETFILTER_XT_TARGET_TCPMSS=y CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=y +CONFIG_NETFILTER_XT_TARGET_TEE=y CONFIG_NETFILTER_XT_TARGET_TPROXY=y CONFIG_NETFILTER_XT_TARGET_TRACE=y +CONFIG_NETFILTER_XT_TARGET_TRACE_MODULE=y + + CONFIG_NETLINK_DIAG=y CONFIG_NET_9P=y CONFIG_NET_9P_DEBUG=y CONFIG_NET_9P_VIRTIO=y +CONFIG_NET_ACT_MPLS=y CONFIG_NET_CLS_ACT=y CONFIG_NET_IPIP=y +CONFIG_NET_IPV6=y +CONFIG_NET_MLPS_GSO=y CONFIG_NET_MPLS_GSO=y +CONFIG_NET_NS=y CONFIG_NET_SCHED=y CONFIG_NFS_FS=y CONFIG_NF_CONNTRACK=y @@ -218,9 +278,11 @@ CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_CONNTRACK_IPV4=y CONFIG_NF_CONNTRACK_IPV6=y CONFIG_NF_CONNTRACK_NETBIOS_NS=y +CONFIG_NF_CONNTRACK_PROCFS=y CONFIG_NF_CONNTRACK_SNMP=y CONFIG_NF_CONNTRACK_TFTP=y CONFIG_NF_CT_NETLINK=y +CONFIG_NF_DEFRAG_IPV6=y CONFIG_NF_NAT_MASQUERADE_IPV6=y CONFIG_NILFS2_FS=y CONFIG_NLS_CODEPAGE_437=y @@ -236,6 +298,7 @@ CONFIG_ORANGEFS_FS=y CONFIG_OVERLAY_FS=y CONFIG_PACKET=y CONFIG_PARTITION_ADVANCED=y +CONFIG_PID_NS=y CONFIG_POSIX_MQUEUE=y CONFIG_PPP=y CONFIG_PPPOE=y @@ -243,6 +306,8 @@ CONFIG_PPP_DEFLATE=y CONFIG_PPP_FILTER=y CONFIG_PPP_MPPE=y CONFIG_PRINTK_TIME=y +CONFIG_PROC_DEVICETREE=y +CONFIG_PROC_SYSCTL=y CONFIG_PSTORE=y CONFIG_QNX4FS_FS=y CONFIG_QNX6FS_FS=y @@ -272,6 +337,7 @@ CONFIG_UNIX=y CONFIG_USB=y CONFIG_USB_DYNAMIC_MINORS=y CONFIG_USB_HIDDEV=y +CONFIG_UTS_NS=y CONFIG_VFAT_FS=y CONFIG_VIRTIO_BALLOON=y CONFIG_VIRTIO_BLK=y diff --git a/configs/4.10/arm-common.inc b/configs/4.10/arm-common.inc index 9c78788..d6fbead 100644 --- a/configs/4.10/arm-common.inc +++ b/configs/4.10/arm-common.inc @@ -46,3 +46,12 @@ CONFIG_SYSCTL_SYSCALL=y CONFIG_USELIB=y CONFIG_USER_NS=y CONFIG_VIRTIO_CONSOLE=y + +CONFIG_IP_NF_ARPFILTER=y +CONFIG_IP_NF_ARP_MANGLE=y +CONFIG_IP_NF_CONNTRACK=y +CONFIG_IP_NF_CT_ACCT=y +CONFIG_IP_NF_CT_PROTO_SCTP=y +CONFIG_IP_NF_MATCH_ADDRTYPE=y +CONFIG_IP_NF_QUEUE=y +CONFIG_IP_NF_TARGET_LOG=y \ No newline at end of file diff --git a/configs/4.10/mips-common.inc b/configs/4.10/mips-common.inc index a1f40db..a2904d5 100644 --- a/configs/4.10/mips-common.inc +++ b/configs/4.10/mips-common.inc @@ -53,3 +53,13 @@ CONFIG_USB_EHCI_HCD=y CONFIG_USB_EHCI_ROOT_HUB_TT=y CONFIG_USB_OHCI_HCD=y CONFIG_USELIB=y + +CONFIG_MII=y +CONFIG_IP_NF_ARPFILTER=y +CONFIG_IP_NF_ARP_MANGLE=y +CONFIG_IP_NF_CONNTRACK=y +CONFIG_IP_NF_CT_ACCT=y +CONFIG_IP_NF_CT_PROTO_SCTP=y +CONFIG_IP_NF_MATCH_ADDRTYPE=y +CONFIG_IP_NF_QUEUE=y +CONFIG_IP_NF_TARGET_LOG=y \ No newline at end of file