From ba7e9864fb3bdce243fd3bf3fdbf4a0455704430 Mon Sep 17 00:00:00 2001
From: Joel Stanley <joel@jms.id.au>
Date: Mon, 23 Mar 2020 17:52:05 +1030
Subject: linux-aspeed: Enable CGROUP_BPF and NAMESPACES

These are used by systemd to provide isolation features:

  Required for IPAddressDeny= and IPAddressAllow= in resource control
  unit settings
    CONFIG_CGROUP_BPF

  Required for PrivateNetwork= in service units:
    CONFIG_NET_NS
  Note that systemd-localed.service and other systemd units use
  PrivateNetwork so this is effectively required.

  Required for PrivateUsers= in service units:
    CONFIG_USER_NS

(NET_NS is default y so we get it by enabling namespace support).

(From meta-aspeed rev: 5ad76c27abbb7d7e65c97bce6be63d7aa542a531)

Change-Id: I8e6311526393c663c62e310a465df9306251c021
Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
---
 meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g4/defconfig | 3 +++
 meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g5/defconfig | 3 +++
 meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g6/defconfig | 3 +++
 3 files changed, 9 insertions(+)

diff --git a/meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g4/defconfig b/meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g4/defconfig
index 939a60e91..00dd0ca60 100644
--- a/meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g4/defconfig
+++ b/meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g4/defconfig
@@ -7,6 +7,9 @@ CONFIG_IKCONFIG=y
 CONFIG_IKCONFIG_PROC=y
 CONFIG_LOG_BUF_SHIFT=16
 CONFIG_CGROUPS=y
+CONFIG_CGROUP_BPF=y
+CONFIG_NAMESPACES=y
+CONFIG_USER_NS=y
 CONFIG_BLK_DEV_INITRD=y
 # CONFIG_RD_BZIP2 is not set
 # CONFIG_RD_LZO is not set
diff --git a/meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g5/defconfig b/meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g5/defconfig
index d189de899..4432d52b2 100644
--- a/meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g5/defconfig
+++ b/meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g5/defconfig
@@ -9,6 +9,9 @@ CONFIG_IKCONFIG=y
 CONFIG_IKCONFIG_PROC=y
 CONFIG_LOG_BUF_SHIFT=16
 CONFIG_CGROUPS=y
+CONFIG_CGROUP_BPF=y
+CONFIG_NAMESPACES=y
+CONFIG_USER_NS=y
 CONFIG_BLK_DEV_INITRD=y
 # CONFIG_RD_BZIP2 is not set
 # CONFIG_RD_LZO is not set
diff --git a/meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g6/defconfig b/meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g6/defconfig
index bf6e9527c..7acf0a8c5 100644
--- a/meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g6/defconfig
+++ b/meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g6/defconfig
@@ -9,6 +9,9 @@ CONFIG_IKCONFIG=y
 CONFIG_IKCONFIG_PROC=y
 CONFIG_LOG_BUF_SHIFT=16
 CONFIG_CGROUPS=y
+CONFIG_CGROUP_BPF=y
+CONFIG_NAMESPACES=y
+CONFIG_USER_NS=y
 CONFIG_BLK_DEV_INITRD=y
 # CONFIG_RD_BZIP2 is not set
 # CONFIG_RD_LZO is not set
-- 
cgit v1.2.3