[RFC PATCH 0/2] Loop device psuedo filesystem

[RFC PATCH 0/2] Loop device psuedo filesystem

[Seth Forshee]

I'm posting these patches in response to the ongoing discussion of loop
devices in containers at [1].

The patches implement a psuedo filesystem for loop devices, which will
allow use of loop devices in containters using standard utilities. Under
normal use a loopfs mount will initially contain a single device node
for loop-control which can be used to request and release loop devices.
Any devices allocated via this node will automatically appear in that
loopfs mount (and in devtmpfs) but not in any other loopfs mounts.
CAP_SYS_ADMIN in the userns of the process which performed the mount is
allowed to perform privileged loop ioctls on these devices.

Alternately loopfs can be mounted with the hostmount option, intended
for mounting /dev/loop in the host. This is the default mount for any
devices not created via loop-control in a loopfs mount (e.g. devices
created during driver init, devices created via /dev/loop-control, etc).
This is only available to system-wide CAP_SYS_ADMIN.

I still have some testing to do on these patches, but they work at
minimum for simple use cases. It's possible to use an unmodified losetup
if it's new enough to know about loop-control, with a couple of caveats:

 * /dev/loop-control must be symlinked to /dev/loop/loop-control
 * In some cases losetup attempts to use /dev/loopN when the device node
   is at /dev/loop/N. For example, 'losetup -f disk.img' fails.

Device nodes for loop partitions are not created in loopfs. These
devices are created by the generic block layer, and the loop driver has
no way of knowing when they are created, so some kind of hook into the
driver will be needed to support this.

Thanks,
Seth

[1] http://article.gmane.org/gmane.linux.kernel/1703988

Seth Forshee (2):
  loop: Add loop filesystem
  loop: Permit priveleged operations within user namespaces

 drivers/block/loop.c       | 137 +++++++++++++----
 drivers/block/loop.h       |   2 +
 fs/Makefile                |   1 +
 fs/loopfs/Makefile         |   6 +
 fs/loopfs/inode.c          | 360 +++++++++++++++++++++++++++++++++++++++++++++
 include/linux/loopfs.h     |  53 +++++++
 include/uapi/linux/magic.h |   1 +
 7 files changed, 535 insertions(+), 25 deletions(-)
 create mode 100644 fs/loopfs/Makefile
 create mode 100644 fs/loopfs/inode.c
 create mode 100644 include/linux/loopfs.h

[RFC PATCH 1/2] loop: Add loop filesystem

[Seth Forshee]

Add limited capability for use of loop devices in containers via
a loopfs psuedo fs. When mounted this filesystem will contain
only a loop-control device node. This can be used to request free
loop devices which will be "owned" by that mount. Device nodes
appear automatically for these devices, and the same device will
not be given to another loopfs mount. Privileged loop ioctls
(for encrypted loop) will be allowed within the namespace which
mounted the loopfs.

Privileged block ioctls are not permitted, so features such as
partitions are not supported for unprivileged users.

Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
---
 drivers/block/loop.c       | 110 +++++++++++---
 drivers/block/loop.h       |   2 +
 fs/Makefile                |   1 +
 fs/loopfs/Makefile         |   6 +
 fs/loopfs/inode.c          | 349 +++++++++++++++++++++++++++++++++++++++++++++
 include/linux/loopfs.h     |  46 ++++++
 include/uapi/linux/magic.h |   1 +
 7 files changed, 495 insertions(+), 20 deletions(-)
 create mode 100644 fs/loopfs/Makefile
 create mode 100644 fs/loopfs/inode.c
 create mode 100644 include/linux/loopfs.h

diff --git a/drivers/block/loop.c b/drivers/block/loop.c
index c83c535c0beb..b69e6e91af10 100644
--- a/drivers/block/loop.c
+++ b/drivers/block/loop.c
@@ -75,6 +75,7 @@
 #include <linux/sysfs.h>
 #include <linux/miscdevice.h>
 #include <linux/falloc.h>
+#include <linux/loopfs.h>
 #include "loop.h"
 
 #include <asm/uaccess.h>
@@ -1042,7 +1043,7 @@ static int loop_clr_fd(struct loop_device *lo)
 	}
 	set_capacity(lo->lo_disk, 0);
 	loop_sysfs_exit(lo);
-	if (bdev) {
+	if (bdev && bdev->bd_openers) {
 		bd_set_size(bdev, 0);
 		/* let user-space know about this change */
 		kobject_uevent(&disk_to_dev(bdev->bd_disk)->kobj, KOBJ_CHANGE);
@@ -1051,7 +1052,7 @@ static int loop_clr_fd(struct loop_device *lo)
 	lo->lo_state = Lo_unbound;
 	/* This is safe: open() is still holding a reference. */
 	module_put(THIS_MODULE);
-	if (lo->lo_flags & LO_FLAGS_PARTSCAN && bdev)
+	if (lo->lo_flags & LO_FLAGS_PARTSCAN && bdev && bdev->bd_openers)
 		ioctl_by_bdev(bdev, BLKRRPART, 0);
 	lo->lo_flags = 0;
 	if (!part_shift)
@@ -1605,7 +1606,7 @@ int loop_unregister_transfer(int number)
 EXPORT_SYMBOL(loop_register_transfer);
 EXPORT_SYMBOL(loop_unregister_transfer);
 
-static int loop_add(struct loop_device **l, int i)
+static int loop_add(struct loop_device **l, int i, struct inode *inode)
 {
 	struct loop_device *lo;
 	struct gendisk *disk;
@@ -1679,6 +1680,14 @@ static int loop_add(struct loop_device **l, int i)
 	disk->queue		= lo->lo_queue;
 	sprintf(disk->disk_name, "loop%d", i);
 	add_disk(disk);
+
+	lo->loopfs_inode = loopfs_new_dev(inode, disk_devt(disk),
+					  lo->lo_number);
+	if (IS_ERR(lo->loopfs_inode)) {
+		pr_warn("Unable to create loopfs inode\n");
+		lo->loopfs_inode = NULL;
+	}
+
 	*l = lo;
 	return lo->lo_number;
 
@@ -1694,33 +1703,88 @@ out:
 
 static void loop_remove(struct loop_device *lo)
 {
+	loopfs_kill_dev(lo->loopfs_inode);
+	lo->loopfs_inode = NULL;
 	del_gendisk(lo->lo_disk);
 	blk_cleanup_queue(lo->lo_queue);
 	put_disk(lo->lo_disk);
 	kfree(lo);
 }
 
-static int find_free_cb(int id, void *ptr, void *data)
+static int release_device_cb(int id, void *ptr, void *data)
 {
 	struct loop_device *lo = ptr;
-	struct loop_device **l = data;
+	struct super_block *sb = data;
 
-	if (lo->lo_state == Lo_unbound) {
-		*l = lo;
-		return 1;
+	if (loopfs_sb_from_inode(lo->loopfs_inode) == sb) {
+		mutex_lock(&lo->lo_ctl_mutex);
+
+		/*
+		 * Since this device was allocated to a loopfs mount
+		 * we assume that something outside the mount isn't
+		 * using it. There isn't actually anything to prevent
+		 * a sufficiently priveliged context from using the
+		 * device outside of loopfs, but that just isn't a
+		 * good idea.
+		 */
+		if (lo->lo_state != Lo_unbound)
+			loop_clr_fd(lo);
+
+		lo->lo_disk->private_data = NULL;
+		mutex_unlock(&lo->lo_ctl_mutex);
+
+		idr_remove(&loop_index_idr, lo->lo_number);
+		loop_remove(lo);
 	}
+
 	return 0;
 }
 
-static int loop_lookup(struct loop_device **l, int i)
+int loop_release_devices(struct super_block *sb)
+{
+	int err;
+
+	mutex_lock(&loop_index_mutex);
+	err = idr_for_each(&loop_index_idr, release_device_cb, sb);
+	mutex_unlock(&loop_index_mutex);
+
+	return err;
+}
+
+struct find_free_cb_data {
+	struct loop_device **l;
+	struct inode *inode;
+};
+
+static int find_free_cb(int id, void *ptr, void *data)
+{
+	struct loop_device *lo = ptr;
+	struct find_free_cb_data *cb_data = data;
+
+	if (lo->lo_state != Lo_unbound)
+		return 0;
+
+	/* Don't return a device added from a different loopfs mount */
+	if (loopfs_sb_from_inode(cb_data->inode) !=
+	    loopfs_sb_from_inode(lo->loopfs_inode))
+		return 0;
+
+	*cb_data->l = lo;
+	return 1;
+}
+
+static int loop_lookup(struct loop_device **l, int i, struct inode *inode)
 {
 	struct loop_device *lo;
 	int ret = -ENODEV;
 
 	if (i < 0) {
+		struct find_free_cb_data cb_data;
 		int err;
 
-		err = idr_for_each(&loop_index_idr, &find_free_cb, &lo);
+		cb_data.l = &lo;
+		cb_data.inode = inode;
+		err = idr_for_each(&loop_index_idr, &find_free_cb, &cb_data);
 		if (err == 1) {
 			*l = lo;
 			ret = lo->lo_number;
@@ -1731,8 +1795,13 @@ static int loop_lookup(struct loop_device **l, int i)
 	/* lookup and return a specific i */
 	lo = idr_find(&loop_index_idr, i);
 	if (lo) {
-		*l = lo;
-		ret = lo->lo_number;
+		if (loopfs_sb_from_inode(inode) !=
+		    loopfs_sb_from_inode(lo->loopfs_inode)) {
+			ret = -EACCES;
+		} else {
+			*l = lo;
+			ret = lo->lo_number;
+		}
 	}
 out:
 	return ret;
@@ -1745,9 +1814,9 @@ static struct kobject *loop_probe(dev_t dev, int *part, void *data)
 	int err;
 
 	mutex_lock(&loop_index_mutex);
-	err = loop_lookup(&lo, MINOR(dev) >> part_shift);
+	err = loop_lookup(&lo, MINOR(dev) >> part_shift, NULL);
 	if (err < 0)
-		err = loop_add(&lo, MINOR(dev) >> part_shift);
+		err = loop_add(&lo, MINOR(dev) >> part_shift, NULL);
 	if (err < 0)
 		kobj = NULL;
 	else
@@ -1761,21 +1830,22 @@ static struct kobject *loop_probe(dev_t dev, int *part, void *data)
 static long loop_control_ioctl(struct file *file, unsigned int cmd,
 			       unsigned long parm)
 {
+	struct inode *inode = file_inode(file);
 	struct loop_device *lo;
 	int ret = -ENOSYS;
 
 	mutex_lock(&loop_index_mutex);
 	switch (cmd) {
 	case LOOP_CTL_ADD:
-		ret = loop_lookup(&lo, parm);
+		ret = loop_lookup(&lo, parm, inode);
 		if (ret >= 0) {
 			ret = -EEXIST;
 			break;
 		}
-		ret = loop_add(&lo, parm);
+		ret = loop_add(&lo, parm, inode);
 		break;
 	case LOOP_CTL_REMOVE:
-		ret = loop_lookup(&lo, parm);
+		ret = loop_lookup(&lo, parm, inode);
 		if (ret < 0)
 			break;
 		mutex_lock(&lo->lo_ctl_mutex);
@@ -1795,10 +1865,10 @@ static long loop_control_ioctl(struct file *file, unsigned int cmd,
 		loop_remove(lo);
 		break;
 	case LOOP_CTL_GET_FREE:
-		ret = loop_lookup(&lo, -1);
+		ret = loop_lookup(&lo, -1, inode);
 		if (ret >= 0)
 			break;
-		ret = loop_add(&lo, -1);
+		ret = loop_add(&lo, -1, inode);
 	}
 	mutex_unlock(&loop_index_mutex);
 
@@ -1885,7 +1955,7 @@ static int __init loop_init(void)
 	/* pre-create number of devices given by config or max_loop */
 	mutex_lock(&loop_index_mutex);
 	for (i = 0; i < nr; i++)
-		loop_add(&lo, i);
+		loop_add(&lo, i, NULL);
 	mutex_unlock(&loop_index_mutex);
 
 	printk(KERN_INFO "loop: module loaded\n");
diff --git a/drivers/block/loop.h b/drivers/block/loop.h
index 90df5d6485b6..65237b01cc07 100644
--- a/drivers/block/loop.h
+++ b/drivers/block/loop.h
@@ -63,6 +63,8 @@ struct loop_device {
 
 	struct request_queue	*lo_queue;
 	struct gendisk		*lo_disk;
+
+	struct inode		*loopfs_inode;
 };
 
 /* Support for loadable transfer modules */
diff --git a/fs/Makefile b/fs/Makefile
index f9cb9876e466..14fbf21bb11c 100644
--- a/fs/Makefile
+++ b/fs/Makefile
@@ -56,6 +56,7 @@ obj-$(CONFIG_KERNFS)		+= kernfs/
 obj-$(CONFIG_SYSFS)		+= sysfs/
 obj-$(CONFIG_CONFIGFS_FS)	+= configfs/
 obj-y				+= devpts/
+obj-y				+= loopfs/
 
 obj-$(CONFIG_PROFILING)		+= dcookies.o
 obj-$(CONFIG_DLM)		+= dlm/
diff --git a/fs/loopfs/Makefile b/fs/loopfs/Makefile
new file mode 100644
index 000000000000..01aedfb2f841
--- /dev/null
+++ b/fs/loopfs/Makefile
@@ -0,0 +1,6 @@
+#
+# Makefile for the loopfs virtual filesystem
+#
+
+obj-$(CONFIG_BLK_DEV_LOOP)		+= loopfs.o
+loopfs-$(CONFIG_BLK_DEV_LOOP)		:= inode.o
diff --git a/fs/loopfs/inode.c b/fs/loopfs/inode.c
new file mode 100644
index 000000000000..78dbaf831d9b
--- /dev/null
+++ b/fs/loopfs/inode.c
@@ -0,0 +1,349 @@
+/*
+ * fs/loopfs/inode.c
+ *
+ * Copyright (C) 2014 Canonical Ltd.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#include <linux/module.h>
+#include <linux/init.h>
+#include <linux/fs.h>
+#include <linux/sched.h>
+#include <linux/slab.h>
+#include <linux/mount.h>
+#include <linux/magic.h>
+#include <linux/major.h>
+#include <linux/list.h>
+#include <linux/miscdevice.h>
+#include <linux/parser.h>
+#include <linux/fsnotify.h>
+#include <linux/loopfs.h>
+
+static struct vfsmount *loopfs_mnt;
+
+struct loop_mount_opts {
+	bool host_mount;
+};
+
+struct loop_fs_info {
+	struct dentry *control_dentry;
+	struct loop_mount_opts opts;
+	kuid_t root_uid;
+	kgid_t root_gid;
+};
+
+enum {
+	opt_hostmount,
+	opt_err
+};
+
+static const match_table_t tokens = {
+	{opt_hostmount, "hostmount"},
+	{opt_err, NULL}
+};
+
+static inline struct loop_fs_info *LOOPFS_SB(struct super_block *sb)
+{
+	return sb->s_fs_info;
+}
+
+struct super_block *loopfs_sb_from_inode(struct inode *inode)
+{
+	if (inode && inode->i_sb->s_magic == LOOPFS_SUPER_MAGIC)
+		return inode->i_sb;
+	return loopfs_mnt->mnt_sb;
+}
+
+static int mknod_loop_control(struct super_block *sb)
+{
+	int ret = 0;
+	struct loop_fs_info *fsi = LOOPFS_SB(sb);
+	struct dentry *root = sb->s_root;
+	struct dentry *dentry;
+	struct inode *inode;
+
+	mutex_lock(&root->d_inode->i_mutex);
+
+	if (fsi->control_dentry)
+		goto out;
+
+	dentry = d_alloc_name(root, "loop-control");
+	if (!dentry) {
+		pr_notice("Unable to allocate dentry for loop-control\n");
+		ret = -ENOMEM;
+		goto out;
+	}
+
+	inode = new_inode(sb);
+	if (!inode) {
+		pr_notice("Uname to allocate inode for loop-control\n");
+		dput(dentry);
+		ret = -ENOMEM;
+		goto out;
+	}
+
+	inode->i_ino = 2;
+	inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
+	init_special_inode(inode, S_IFCHR | S_IRUSR | S_IWUSR,
+			   MKDEV(MISC_MAJOR, LOOP_CTRL_MINOR));
+	inode->i_uid = fsi->root_uid;
+	inode->i_gid = fsi->root_gid;
+
+	d_add(dentry, inode);
+	fsi->control_dentry = dentry;
+
+out:
+	mutex_unlock(&root->d_inode->i_mutex);
+	return ret;
+}
+
+static const struct super_operations loopfs_sops = {
+	.statfs = simple_statfs,
+};
+
+static int parse_mount_options(char *data, struct loop_mount_opts *opts)
+{
+	char *p;
+
+	opts->host_mount = false;
+
+	while ((p = strsep(&data, ",")) != NULL) {
+		substring_t args[MAX_OPT_ARGS];
+		int token;
+
+		if (!*p)
+			continue;
+
+		token = match_token(p, tokens, args);
+		switch (token) {
+		case opt_hostmount:
+			opts->host_mount = true;
+			break;
+		default:
+			pr_err("loopfs: invalid mount options\n");
+			return -EINVAL;
+		}
+	}
+
+	return 0;
+}
+
+static int loopfs_fill_super(struct super_block *s, void *data, int silent)
+{
+	struct inode *inode = NULL;
+	struct loop_fs_info *fsi;
+
+	s->s_blocksize = 1024;
+	s->s_blocksize_bits = 10;
+	s->s_magic = LOOPFS_SUPER_MAGIC;
+	s->s_op = &loopfs_sops;
+	s->s_time_gran = 1;
+
+	fsi = kzalloc(sizeof(struct loop_fs_info), GFP_KERNEL);
+	if (!fsi)
+		return -ENOMEM;
+
+	s->s_fs_info = fsi;
+
+	fsi->root_uid = make_kuid(current_user_ns(), 0);
+	if (!uid_valid(fsi->root_uid))
+		fsi->root_uid = GLOBAL_ROOT_UID;
+	fsi->root_gid = make_kgid(current_user_ns(), 0);
+	if (!gid_valid(fsi->root_gid))
+		fsi->root_gid = GLOBAL_ROOT_GID;
+
+	inode = new_inode(s);
+	if (!inode)
+		goto cleanup;
+	inode->i_ino = 1;
+	inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
+	inode->i_mode = S_IFDIR | S_IRUGO | S_IWUSR | S_IXUGO;
+	inode->i_op = &simple_dir_inode_operations;
+	inode->i_fop = &simple_dir_operations;
+	set_nlink(inode, 2);
+
+	s->s_root = d_make_root(inode);
+	if (s->s_root)
+		return 0;
+
+cleanup:
+	if (inode)
+		iput(inode);
+	if (fsi)
+		kfree(fsi);
+	return -ENOMEM;
+}
+
+static int compare_init_loop_sb(struct super_block *s, void *p)
+{
+	if (loopfs_mnt)
+		return loopfs_mnt->mnt_sb == s;
+	return 0;
+}
+
+static struct dentry *loopfs_mount(struct file_system_type *fs_type,
+				    int flags, const char *dev_name,
+				    void *data)
+{
+	int ret;
+	struct super_block *s;
+	struct loop_mount_opts opts;
+
+	ret = parse_mount_options(data, &opts);
+	if (ret)
+		return ERR_PTR(ret);
+
+	/*
+	 * hostmount is only available for system-wide CAP_SYS_ADMIN;
+	 * drop it otherwise.
+	 */
+	if (opts.host_mount && !capable(CAP_SYS_ADMIN)) {
+		pr_notice("loopfs: dropping hostmount option for unprivileged user\n");
+		opts.host_mount = false;
+	}
+
+	if (opts.host_mount)
+		s = sget(fs_type, compare_init_loop_sb, set_anon_super,
+			 flags, NULL);
+	else
+		s = sget(fs_type, NULL, set_anon_super, flags, NULL);
+
+	if (IS_ERR(s))
+		return ERR_CAST(s);
+
+	if (!s->s_root) {
+		ret = loopfs_fill_super(s, data, (flags & MS_SILENT) != 0);
+		if (ret)
+			goto cleanup;
+		s->s_flags |= MS_ACTIVE;
+	}
+
+	LOOPFS_SB(s)->opts = opts;
+
+	ret = mknod_loop_control(s);
+	if (ret)
+		goto cleanup;
+
+	return dget(s->s_root);
+
+cleanup:
+	deactivate_locked_super(s);
+	return ERR_PTR(ret);
+}
+
+static void loopfs_kill_sb(struct super_block *sb)
+{
+	loop_release_devices(sb);
+	kfree(LOOPFS_SB(sb));
+	kill_litter_super(sb);
+}
+
+static struct file_system_type loopfs_fs_type = {
+	.name		= "loopfs",
+	.mount		= loopfs_mount,
+	.kill_sb	= loopfs_kill_sb,
+	.fs_flags	= FS_USERNS_MOUNT | FS_USERNS_DEV_MOUNT,
+};
+
+/**
+ * loopfs_new_dev -- create new loop device in /dev/loop/
+ * @ref_inode: inode in the superblock where the new node is to be
+ *	created. Usually this will be the loop-control inode but might
+ *	also be another loop device inode if the new device is a
+ *	partition.
+ * @device: major+minor of the node to be created
+ * @lo_number: index of new loop device
+ *
+ * Returns the created inode, which can be removed from /dev/loop by
+ * loopfs_kill_dev(). Returns NULL if @ref_inode is not in a loopfs
+ * superblock.
+ */
+struct inode *loopfs_new_dev(struct inode *ref_inode, dev_t device,
+			      int lo_number)
+{
+	struct super_block *sb = loopfs_sb_from_inode(ref_inode);
+	unsigned int major = MAJOR(device);
+	unsigned int minor = MINOR(device);
+	struct dentry *root, *dentry;
+	struct inode *inode;
+	char name[12];
+
+	if (major != LOOP_MAJOR)
+		return ERR_PTR(-EINVAL);
+
+	if (!sb)
+		return NULL;
+
+	if (snprintf(name, sizeof(name), "%d", lo_number) >= sizeof(name))
+		return ERR_PTR(-EINVAL);
+
+	root = sb->s_root;
+
+	inode = new_inode(sb);
+	if (!inode)
+		return ERR_PTR(-ENOMEM);
+
+	inode->i_ino = minor + 3;
+	inode->i_uid = LOOPFS_SB(sb)->root_uid;
+	inode->i_gid = LOOPFS_SB(sb)->root_gid;
+	inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
+	init_special_inode(inode, S_IFBLK | 0660, device);
+
+	mutex_lock(&root->d_inode->i_mutex);
+	dentry = d_alloc_name(root, name);
+	if (dentry) {
+		d_add(dentry, inode);
+		fsnotify_create(root->d_inode, dentry);
+	} else {
+		iput(inode);
+		inode = ERR_PTR(-ENOMEM);
+	}
+	mutex_unlock(&root->d_inode->i_mutex);
+
+	return inode;
+}
+
+/**
+ * loopfs_kill_dev -- remove inode from /dev/loop/
+ * @inode: inode of loop device to be removed
+ *
+ * Kill an inode created by loopfs_new_dev().
+ */
+void loopfs_kill_dev(struct inode *inode)
+{
+	struct dentry *root, *dentry;
+
+	if (!inode)
+		return;
+
+	if (!S_ISBLK(inode->i_mode) || imajor(inode) != LOOP_MAJOR)
+		return;
+
+	root = loopfs_sb_from_inode(inode)->s_root;
+	mutex_lock(&root->d_inode->i_mutex);
+
+	dentry = d_find_alias(inode);
+	drop_nlink(inode);
+	d_delete(dentry);
+	dput(dentry);	/* for d_alloc_name() in loopfs_new_dev() */
+	dput(dentry);	/* for d_find_alias() above */
+
+	mutex_unlock(&root->d_inode->i_mutex);
+}
+
+static int __init init_loopfs_fs(void)
+{
+	int ret = register_filesystem(&loopfs_fs_type);
+	if (!ret) {
+		loopfs_mnt = kern_mount(&loopfs_fs_type);
+		if (IS_ERR(loopfs_mnt)) {
+			ret = PTR_ERR(loopfs_mnt);
+			unregister_filesystem(&loopfs_fs_type);
+		}
+	}
+	return ret;
+}
+module_init(init_loopfs_fs);
diff --git a/include/linux/loopfs.h b/include/linux/loopfs.h
new file mode 100644
index 000000000000..27deadd02364
--- /dev/null
+++ b/include/linux/loopfs.h
@@ -0,0 +1,46 @@
+/*
+ * include/linux/loopfs_fs.h
+ *
+ * Copyright (C) 2014 Canonical Ltd.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2 as
+ * published by the Free Software Foundation.
+ */
+
+#ifndef _LINUX_LOOPFS_FS_H
+#define _LINUX_LOOPFS_FS_H
+
+#include <linux/errno.h>
+#include <linux/fs.h>
+#include <linux/magic.h>
+
+#ifdef CONFIG_BLK_DEV_LOOP
+
+struct super_block *loopfs_sb_from_inode(struct inode *inode);
+struct inode *loopfs_new_dev(struct inode *ref_inode, dev_t device,
+			     int lo_number);
+void loopfs_kill_dev(struct inode *inode);
+
+/* Callback into drivers/block/loop.c */
+int loop_release_devices(struct super_block *sb);
+
+#else
+
+static inline struct super_block *loopfs_sb_from_inode(struct inode *inode)
+{
+	return NULL;
+}
+
+static inline struct inode *loopfs_new_dev(struct inode *ref_inode,
+					   dev_t device, int lo_number)
+{
+	return ERR_PTR(-EINVAL);
+}
+
+static inline void loopfs_kill_dev(struct inode *inode) { }
+static inline int loop_release_devices(struct superblock *sb) { }
+
+#endif
+
+#endif /* _LINUX_LOOPFS_FS_H */
diff --git a/include/uapi/linux/magic.h b/include/uapi/linux/magic.h
index 77c60311a6c6..e713aac3c6a6 100644
--- a/include/uapi/linux/magic.h
+++ b/include/uapi/linux/magic.h
@@ -63,6 +63,7 @@
 #define BDEVFS_MAGIC            0x62646576
 #define BINFMTFS_MAGIC          0x42494e4d
 #define DEVPTS_SUPER_MAGIC	0x1cd1
+#define LOOPFS_SUPER_MAGIC	0x6c6f6f70
 #define FUTEXFS_SUPER_MAGIC	0xBAD1DEA
 #define PIPEFS_MAGIC            0x50495045
 #define PROC_SUPER_MAGIC	0x9fa0
-- 
1.9.1

[RFC PATCH 2/2] loop: Permit priveleged operations within user namespaces

[Seth Forshee]

Priveleged operations should be allowed on loop devices within a
devloop mount by root within the user namespace which owns the
mount. Stash away the namespace at mount time and allow
CAP_SYS_ADMIN within this namespace to perform priveleged
operations on loop devices.

Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
---
 drivers/block/loop.c   | 27 ++++++++++++++++++++++-----
 fs/loopfs/inode.c      | 11 +++++++++++
 include/linux/loopfs.h |  7 +++++++
 3 files changed, 40 insertions(+), 5 deletions(-)

diff --git a/drivers/block/loop.c b/drivers/block/loop.c
index b69e6e91af10..34ade8193ca1 100644
--- a/drivers/block/loop.c
+++ b/drivers/block/loop.c
@@ -86,6 +86,19 @@ static DEFINE_MUTEX(loop_index_mutex);
 static int max_part;
 static int part_shift;
 
+static bool loop_capable(struct loop_device *lo, int cap)
+{
+	struct user_namespace *ns;
+
+	if (lo->loopfs_inode) {
+		ns = loopfs_user_ns(loopfs_sb_from_inode(lo->loopfs_inode));
+		if (ns)
+			return ns_capable(ns, cap);
+	}
+
+	return capable(cap);
+}
+
 /*
  * Transfer functions
  */
@@ -1077,7 +1090,7 @@ loop_set_status(struct loop_device *lo, const struct loop_info64 *info)
 
 	if (lo->lo_encrypt_key_size &&
 	    !uid_eq(lo->lo_key_owner, uid) &&
-	    !capable(CAP_SYS_ADMIN))
+	    !loop_capable(lo, CAP_SYS_ADMIN))
 		return -EPERM;
 	if (lo->lo_state != Lo_bound)
 		return -ENXIO;
@@ -1167,7 +1180,8 @@ loop_get_status(struct loop_device *lo, struct loop_info64 *info)
 	memcpy(info->lo_crypt_name, lo->lo_crypt_name, LO_NAME_SIZE);
 	info->lo_encrypt_type =
 		lo->lo_encryption ? lo->lo_encryption->number : 0;
-	if (lo->lo_encrypt_key_size && capable(CAP_SYS_ADMIN)) {
+	if (lo->lo_encrypt_key_size &&
+	    loop_capable(lo, CAP_SYS_ADMIN)) {
 		info->lo_encrypt_key_size = lo->lo_encrypt_key_size;
 		memcpy(info->lo_encrypt_key, lo->lo_encrypt_key,
 		       lo->lo_encrypt_key_size);
@@ -1312,7 +1326,8 @@ static int lo_ioctl(struct block_device *bdev, fmode_t mode,
 		break;
 	case LOOP_SET_STATUS:
 		err = -EPERM;
-		if ((mode & FMODE_WRITE) || capable(CAP_SYS_ADMIN))
+		if ((mode & FMODE_WRITE) ||
+		    loop_capable(lo, CAP_SYS_ADMIN))
 			err = loop_set_status_old(lo,
 					(struct loop_info __user *)arg);
 		break;
@@ -1321,7 +1336,8 @@ static int lo_ioctl(struct block_device *bdev, fmode_t mode,
 		break;
 	case LOOP_SET_STATUS64:
 		err = -EPERM;
-		if ((mode & FMODE_WRITE) || capable(CAP_SYS_ADMIN))
+		if ((mode & FMODE_WRITE) ||
+		    loop_capable(lo, CAP_SYS_ADMIN))
 			err = loop_set_status64(lo,
 					(struct loop_info64 __user *) arg);
 		break;
@@ -1330,7 +1346,8 @@ static int lo_ioctl(struct block_device *bdev, fmode_t mode,
 		break;
 	case LOOP_SET_CAPACITY:
 		err = -EPERM;
-		if ((mode & FMODE_WRITE) || capable(CAP_SYS_ADMIN))
+		if ((mode & FMODE_WRITE) ||
+		    loop_capable(lo, CAP_SYS_ADMIN))
 			err = loop_set_capacity(lo, bdev);
 		break;
 	default:
diff --git a/fs/loopfs/inode.c b/fs/loopfs/inode.c
index 78dbaf831d9b..6410af5700c4 100644
--- a/fs/loopfs/inode.c
+++ b/fs/loopfs/inode.c
@@ -20,6 +20,7 @@
 #include <linux/miscdevice.h>
 #include <linux/parser.h>
 #include <linux/fsnotify.h>
+#include <linux/user_namespace.h>
 #include <linux/loopfs.h>
 
 static struct vfsmount *loopfs_mnt;
@@ -31,6 +32,7 @@ struct loop_mount_opts {
 struct loop_fs_info {
 	struct dentry *control_dentry;
 	struct loop_mount_opts opts;
+	struct user_namespace *user_ns;
 	kuid_t root_uid;
 	kgid_t root_gid;
 };
@@ -57,6 +59,13 @@ struct super_block *loopfs_sb_from_inode(struct inode *inode)
 	return loopfs_mnt->mnt_sb;
 }
 
+struct user_namespace *loopfs_user_ns(struct super_block *sb)
+{
+	if (!sb)
+		return NULL;
+	return LOOPFS_SB(sb)->user_ns;
+}
+
 static int mknod_loop_control(struct super_block *sb)
 {
 	int ret = 0;
@@ -147,6 +156,7 @@ static int loopfs_fill_super(struct super_block *s, void *data, int silent)
 		return -ENOMEM;
 
 	s->s_fs_info = fsi;
+	fsi->user_ns = get_user_ns(current_user_ns());
 
 	fsi->root_uid = make_kuid(current_user_ns(), 0);
 	if (!uid_valid(fsi->root_uid))
@@ -237,6 +247,7 @@ cleanup:
 static void loopfs_kill_sb(struct super_block *sb)
 {
 	loop_release_devices(sb);
+	put_user_ns(LOOPFS_SB(sb)->user_ns);
 	kfree(LOOPFS_SB(sb));
 	kill_litter_super(sb);
 }
diff --git a/include/linux/loopfs.h b/include/linux/loopfs.h
index 27deadd02364..a4ff5094073e 100644
--- a/include/linux/loopfs.h
+++ b/include/linux/loopfs.h
@@ -14,10 +14,12 @@
 #include <linux/errno.h>
 #include <linux/fs.h>
 #include <linux/magic.h>
+#include <linux/user_namespace.h>
 
 #ifdef CONFIG_BLK_DEV_LOOP
 
 struct super_block *loopfs_sb_from_inode(struct inode *inode);
+struct user_namespace *loopfs_user_ns(struct super_block *sb);
 struct inode *loopfs_new_dev(struct inode *ref_inode, dev_t device,
 			     int lo_number);
 void loopfs_kill_dev(struct inode *inode);
@@ -32,6 +34,11 @@ static inline struct super_block *loopfs_sb_from_inode(struct inode *inode)
 	return NULL;
 }
 
+static inline struct user_namespace *loopfs_user_ns(struct super_block *sb)
+{
+	return NULL;
+}
+
 static inline struct inode *loopfs_new_dev(struct inode *ref_inode,
 					   dev_t device, int lo_number)
 {
-- 
1.9.1

Re: [RFC PATCH 0/2] Loop device psuedo filesystem

[Andy Lutomirski]

On Tue, May 27, 2014 at 2:58 PM, Seth Forshee
<seth.forshee@canonical.com> wrote:
> I'm posting these patches in response to the ongoing discussion of loop
> devices in containers at [1].
>
> The patches implement a psuedo filesystem for loop devices, which will
> allow use of loop devices in containters using standard utilities. Under
> normal use a loopfs mount will initially contain a single device node
> for loop-control which can be used to request and release loop devices.
> Any devices allocated via this node will automatically appear in that
> loopfs mount (and in devtmpfs) but not in any other loopfs mounts.
> CAP_SYS_ADMIN in the userns of the process which performed the mount is
> allowed to perform privileged loop ioctls on these devices.
>
> Alternately loopfs can be mounted with the hostmount option, intended
> for mounting /dev/loop in the host. This is the default mount for any
> devices not created via loop-control in a loopfs mount (e.g. devices
> created during driver init, devices created via /dev/loop-control, etc).
> This is only available to system-wide CAP_SYS_ADMIN.
>
> I still have some testing to do on these patches, but they work at
> minimum for simple use cases. It's possible to use an unmodified losetup
> if it's new enough to know about loop-control, with a couple of caveats:
>
>  * /dev/loop-control must be symlinked to /dev/loop/loop-control
>  * In some cases losetup attempts to use /dev/loopN when the device node
>    is at /dev/loop/N. For example, 'losetup -f disk.img' fails.
>
> Device nodes for loop partitions are not created in loopfs. These
> devices are created by the generic block layer, and the loop driver has
> no way of knowing when they are created, so some kind of hook into the
> driver will be needed to support this.

This is entertaining and a bit terrifying :)

ISTM that what you've done is to create a way for per-userns devices
to live in a special filesystem and for userns containers to
instantiate those devices by offloading all the hard work to the
kernel.

What if we generalized this?

For example, we could add a concept of ephemeral devices.  An
ephemeral device is a device that can be referenced by an inode with a
guarantee that the inode will *never* accidentally point to a
different device [1].  Then we add a concept of the userns that owns a
struct device.

To make this safe, we'll need to make sure that old host udev will not
see non-init-userns devices, ever.  This is easy enough to do, but
doing it elegantly might take some design work.

To make this useful, we'll need a way for things inside user
namespaces to create the device nodes.  I can imagine at least three
ways to make this work.

a) Allow mknod on a tmpfs created by a particular userns to succeed if
the targetting struct device is owned by that userns or a child and if
the caller is ns_capable(CAP_MKNOD).
b) Create a new filesystem that has some special ioctl or whatever to do it.
c) Have real per-user-ns devtmpfs.

Now, to get loop working in a userns, we need a way for the userns (or
the host!) to create a new loop-control device owned by that userns
and we need to tweak the loop driver to make the created loop devices
be owned by the userns.

(Note: I'm deliberately ignoring the fact that just doing this for
loop seems to be almost entirely useless right now: you still can't
mount the things.)

Thoughts?


[1]  For example, there could be a special set of device numbers that
are not reused until reboot.  Ephemeral device nodes point to these
devices by number.  Alternatively, the inodes could keep references to
the struct device.

Re: [RFC PATCH 1/2] loop: Add loop filesystem

[Randy Dunlap]

On 05/27/2014 02:58 PM, Seth Forshee wrote:
> Add limited capability for use of loop devices in containers via
> a loopfs psuedo fs. When mounted this filesystem will contain
> only a loop-control device node. This can be used to request free
> loop devices which will be "owned" by that mount. Device nodes
> appear automatically for these devices, and the same device will
> not be given to another loopfs mount. Privileged loop ioctls
> (for encrypted loop) will be allowed within the namespace which
> mounted the loopfs.
> 
> Privileged block ioctls are not permitted, so features such as
> partitions are not supported for unprivileged users.
> 
> Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
> ---
>  drivers/block/loop.c       | 110 +++++++++++---
>  drivers/block/loop.h       |   2 +
>  fs/Makefile                |   1 +
>  fs/loopfs/Makefile         |   6 +
>  fs/loopfs/inode.c          | 349 +++++++++++++++++++++++++++++++++++++++++++++
>  include/linux/loopfs.h     |  46 ++++++
>  include/uapi/linux/magic.h |   1 +
>  7 files changed, 495 insertions(+), 20 deletions(-)
>  create mode 100644 fs/loopfs/Makefile
>  create mode 100644 fs/loopfs/inode.c
>  create mode 100644 include/linux/loopfs.h
> 

> diff --git a/fs/loopfs/Makefile b/fs/loopfs/Makefile
> new file mode 100644
> index 000000000000..01aedfb2f841
> --- /dev/null
> +++ b/fs/loopfs/Makefile
> @@ -0,0 +1,6 @@
> +#
> +# Makefile for the loopfs virtual filesystem
> +#
> +
> +obj-$(CONFIG_BLK_DEV_LOOP)		+= loopfs.o
> +loopfs-$(CONFIG_BLK_DEV_LOOP)		:= inode.o

I guess that you need to update the BLK_DEV_LOOP entry in
drivers/block/Kconfig to mention this?


-- 
~Randy

Re: [RFC PATCH 0/2] Loop device psuedo filesystem

[Seth Forshee]

On Tue, May 27, 2014 at 03:19:15PM -0700, Andy Lutomirski wrote:
> On Tue, May 27, 2014 at 2:58 PM, Seth Forshee
> <seth.forshee@canonical.com> wrote:
> > I'm posting these patches in response to the ongoing discussion of loop
> > devices in containers at [1].
> >
> > The patches implement a psuedo filesystem for loop devices, which will
> > allow use of loop devices in containters using standard utilities. Under
> > normal use a loopfs mount will initially contain a single device node
> > for loop-control which can be used to request and release loop devices.
> > Any devices allocated via this node will automatically appear in that
> > loopfs mount (and in devtmpfs) but not in any other loopfs mounts.
> > CAP_SYS_ADMIN in the userns of the process which performed the mount is
> > allowed to perform privileged loop ioctls on these devices.
> >
> > Alternately loopfs can be mounted with the hostmount option, intended
> > for mounting /dev/loop in the host. This is the default mount for any
> > devices not created via loop-control in a loopfs mount (e.g. devices
> > created during driver init, devices created via /dev/loop-control, etc).
> > This is only available to system-wide CAP_SYS_ADMIN.
> >
> > I still have some testing to do on these patches, but they work at
> > minimum for simple use cases. It's possible to use an unmodified losetup
> > if it's new enough to know about loop-control, with a couple of caveats:
> >
> >  * /dev/loop-control must be symlinked to /dev/loop/loop-control
> >  * In some cases losetup attempts to use /dev/loopN when the device node
> >    is at /dev/loop/N. For example, 'losetup -f disk.img' fails.
> >
> > Device nodes for loop partitions are not created in loopfs. These
> > devices are created by the generic block layer, and the loop driver has
> > no way of knowing when they are created, so some kind of hook into the
> > driver will be needed to support this.
> 
> This is entertaining and a bit terrifying :)
> 
> ISTM that what you've done is to create a way for per-userns devices
> to live in a special filesystem and for userns containers to
> instantiate those devices by offloading all the hard work to the
> kernel.
> 
> What if we generalized this?
> 
> For example, we could add a concept of ephemeral devices.  An
> ephemeral device is a device that can be referenced by an inode with a
> guarantee that the inode will *never* accidentally point to a
> different device [1].  Then we add a concept of the userns that owns a
> struct device.
> 
> To make this safe, we'll need to make sure that old host udev will not
> see non-init-userns devices, ever.  This is easy enough to do, but
> doing it elegantly might take some design work.

To do this wouldn't we need a generic way to know which namespace a
device goes with? Greg has clearly stated that he doesn't want to do
this.

> To make this useful, we'll need a way for things inside user
> namespaces to create the device nodes.  I can imagine at least three
> ways to make this work.
> 
> a) Allow mknod on a tmpfs created by a particular userns to succeed if
> the targetting struct device is owned by that userns or a child and if
> the caller is ns_capable(CAP_MKNOD).
> b) Create a new filesystem that has some special ioctl or whatever to do it.
> c) Have real per-user-ns devtmpfs.
> 
> Now, to get loop working in a userns, we need a way for the userns (or
> the host!) to create a new loop-control device owned by that userns
> and we need to tweak the loop driver to make the created loop devices
> be owned by the userns.

The patches I posted previously more or less did this using per-ns
devtmpfs, aside from the ephimeral part. The feedback was "just do it in
loop," so I sent these to facilitate discussing this option with
something concrete. I personally still like the per-ns devtmpfs
approach, but that's been nacked.

(a) might be interesting, but I'd expect the same objections to be
raised as for (c). And it seems to me that (b) is just a alternate
interface for (a).

> (Note: I'm deliberately ignoring the fact that just doing this for
> loop seems to be almost entirely useless right now: you still can't
> mount the things.)

You could also argue that it's useless to be able to mount things if you
have no block device on which to mount them. We have to start somewhere.

Re: [RFC PATCH 1/2] loop: Add loop filesystem

[Seth Forshee]

On Tue, May 27, 2014 at 03:56:53PM -0700, Randy Dunlap wrote:
> On 05/27/2014 02:58 PM, Seth Forshee wrote:
> > Add limited capability for use of loop devices in containers via
> > a loopfs psuedo fs. When mounted this filesystem will contain
> > only a loop-control device node. This can be used to request free
> > loop devices which will be "owned" by that mount. Device nodes
> > appear automatically for these devices, and the same device will
> > not be given to another loopfs mount. Privileged loop ioctls
> > (for encrypted loop) will be allowed within the namespace which
> > mounted the loopfs.
> > 
> > Privileged block ioctls are not permitted, so features such as
> > partitions are not supported for unprivileged users.
> > 
> > Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
> > ---
> >  drivers/block/loop.c       | 110 +++++++++++---
> >  drivers/block/loop.h       |   2 +
> >  fs/Makefile                |   1 +
> >  fs/loopfs/Makefile         |   6 +
> >  fs/loopfs/inode.c          | 349 +++++++++++++++++++++++++++++++++++++++++++++
> >  include/linux/loopfs.h     |  46 ++++++
> >  include/uapi/linux/magic.h |   1 +
> >  7 files changed, 495 insertions(+), 20 deletions(-)
> >  create mode 100644 fs/loopfs/Makefile
> >  create mode 100644 fs/loopfs/inode.c
> >  create mode 100644 include/linux/loopfs.h
> > 
> 
> > diff --git a/fs/loopfs/Makefile b/fs/loopfs/Makefile
> > new file mode 100644
> > index 000000000000..01aedfb2f841
> > --- /dev/null
> > +++ b/fs/loopfs/Makefile
> > @@ -0,0 +1,6 @@
> > +#
> > +# Makefile for the loopfs virtual filesystem
> > +#
> > +
> > +obj-$(CONFIG_BLK_DEV_LOOP)		+= loopfs.o
> > +loopfs-$(CONFIG_BLK_DEV_LOOP)		:= inode.o
> 
> I guess that you need to update the BLK_DEV_LOOP entry in
> drivers/block/Kconfig to mention this?

Sure, I'll do that.

Re: [RFC PATCH 0/2] Loop device psuedo filesystem

[Andy Lutomirski]

On Wed, May 28, 2014 at 12:32 AM, Seth Forshee
<seth.forshee@canonical.com> wrote:
> On Tue, May 27, 2014 at 03:19:15PM -0700, Andy Lutomirski wrote:
>> On Tue, May 27, 2014 at 2:58 PM, Seth Forshee
>> <seth.forshee@canonical.com> wrote:
>> > I'm posting these patches in response to the ongoing discussion of loop
>> > devices in containers at [1].
>> >
>> > The patches implement a psuedo filesystem for loop devices, which will
>> > allow use of loop devices in containters using standard utilities. Under
>> > normal use a loopfs mount will initially contain a single device node
>> > for loop-control which can be used to request and release loop devices.
>> > Any devices allocated via this node will automatically appear in that
>> > loopfs mount (and in devtmpfs) but not in any other loopfs mounts.
>> > CAP_SYS_ADMIN in the userns of the process which performed the mount is
>> > allowed to perform privileged loop ioctls on these devices.
>> >
>> > Alternately loopfs can be mounted with the hostmount option, intended
>> > for mounting /dev/loop in the host. This is the default mount for any
>> > devices not created via loop-control in a loopfs mount (e.g. devices
>> > created during driver init, devices created via /dev/loop-control, etc).
>> > This is only available to system-wide CAP_SYS_ADMIN.
>> >
>> > I still have some testing to do on these patches, but they work at
>> > minimum for simple use cases. It's possible to use an unmodified losetup
>> > if it's new enough to know about loop-control, with a couple of caveats:
>> >
>> >  * /dev/loop-control must be symlinked to /dev/loop/loop-control
>> >  * In some cases losetup attempts to use /dev/loopN when the device node
>> >    is at /dev/loop/N. For example, 'losetup -f disk.img' fails.
>> >
>> > Device nodes for loop partitions are not created in loopfs. These
>> > devices are created by the generic block layer, and the loop driver has
>> > no way of knowing when they are created, so some kind of hook into the
>> > driver will be needed to support this.
>>
>> This is entertaining and a bit terrifying :)
>>
>> ISTM that what you've done is to create a way for per-userns devices
>> to live in a special filesystem and for userns containers to
>> instantiate those devices by offloading all the hard work to the
>> kernel.
>>
>> What if we generalized this?
>>
>> For example, we could add a concept of ephemeral devices.  An
>> ephemeral device is a device that can be referenced by an inode with a
>> guarantee that the inode will *never* accidentally point to a
>> different device [1].  Then we add a concept of the userns that owns a
>> struct device.
>>
>> To make this safe, we'll need to make sure that old host udev will not
>> see non-init-userns devices, ever.  This is easy enough to do, but
>> doing it elegantly might take some design work.
>
> To do this wouldn't we need a generic way to know which namespace a
> device goes with? Greg has clearly stated that he doesn't want to do
> this.

This is IMO silly.  If Greg doesn't want any kind of namespaces in the
device core, then sticking considerably more complicated namespaces
into the *loop* driver is just absurd.



>
>> To make this useful, we'll need a way for things inside user
>> namespaces to create the device nodes.  I can imagine at least three
>> ways to make this work.
>>
>> a) Allow mknod on a tmpfs created by a particular userns to succeed if
>> the targetting struct device is owned by that userns or a child and if
>> the caller is ns_capable(CAP_MKNOD).
>> b) Create a new filesystem that has some special ioctl or whatever to do it.
>> c) Have real per-user-ns devtmpfs.
>>
>> Now, to get loop working in a userns, we need a way for the userns (or
>> the host!) to create a new loop-control device owned by that userns
>> and we need to tweak the loop driver to make the created loop devices
>> be owned by the userns.
>
> The patches I posted previously more or less did this using per-ns
> devtmpfs, aside from the ephimeral part. The feedback was "just do it in
> loop," so I sent these to facilitate discussing this option with
> something concrete. I personally still like the per-ns devtmpfs
> approach, but that's been nacked.

The ephemeral part might not be needed using devtmpfs if devtmpfs can
guarantee that the device nodes go away if the device goes away.  I
don't know whether it can make that guarantee.

>
> (a) might be interesting, but I'd expect the same objections to be
> raised as for (c). And it seems to me that (b) is just a alternate
> interface for (a).
>

True.

>> (Note: I'm deliberately ignoring the fact that just doing this for
>> loop seems to be almost entirely useless right now: you still can't
>> mount the things.)
>
> You could also argue that it's useless to be able to mount things if you
> have no block device on which to mount them. We have to start somewhere.
>

True.

But if we take this particular route, then I can imagine a real mess
when someone wants to mount a non-loop device, and we get stuck on how
to expose the device node.  Sigh.

--Andy

Re: [RFC PATCH 0/2] Loop device psuedo filesystem

[Michael H. Warfield]

[-- Attachment #1: Type: text/plain, Size: 6315 bytes --]

On Wed, 2014-05-28 at 09:10 -0700, Andy Lutomirski wrote:
> On Wed, May 28, 2014 at 12:32 AM, Seth Forshee
> <seth.forshee@canonical.com> wrote:
> > On Tue, May 27, 2014 at 03:19:15PM -0700, Andy Lutomirski wrote:
> >> On Tue, May 27, 2014 at 2:58 PM, Seth Forshee
> >> <seth.forshee@canonical.com> wrote:
> >> > I'm posting these patches in response to the ongoing discussion of loop
> >> > devices in containers at [1].
> >> >
> >> > The patches implement a psuedo filesystem for loop devices, which will
> >> > allow use of loop devices in containters using standard utilities. Under
> >> > normal use a loopfs mount will initially contain a single device node
> >> > for loop-control which can be used to request and release loop devices.
> >> > Any devices allocated via this node will automatically appear in that
> >> > loopfs mount (and in devtmpfs) but not in any other loopfs mounts.
> >> > CAP_SYS_ADMIN in the userns of the process which performed the mount is
> >> > allowed to perform privileged loop ioctls on these devices.
> >> >
> >> > Alternately loopfs can be mounted with the hostmount option, intended
> >> > for mounting /dev/loop in the host. This is the default mount for any
> >> > devices not created via loop-control in a loopfs mount (e.g. devices
> >> > created during driver init, devices created via /dev/loop-control, etc).
> >> > This is only available to system-wide CAP_SYS_ADMIN.
> >> >
> >> > I still have some testing to do on these patches, but they work at
> >> > minimum for simple use cases. It's possible to use an unmodified losetup
> >> > if it's new enough to know about loop-control, with a couple of caveats:
> >> >
> >> >  * /dev/loop-control must be symlinked to /dev/loop/loop-control
> >> >  * In some cases losetup attempts to use /dev/loopN when the device node
> >> >    is at /dev/loop/N. For example, 'losetup -f disk.img' fails.
> >> >
> >> > Device nodes for loop partitions are not created in loopfs. These
> >> > devices are created by the generic block layer, and the loop driver has
> >> > no way of knowing when they are created, so some kind of hook into the
> >> > driver will be needed to support this.
> >>
> >> This is entertaining and a bit terrifying :)
> >>
> >> ISTM that what you've done is to create a way for per-userns devices
> >> to live in a special filesystem and for userns containers to
> >> instantiate those devices by offloading all the hard work to the
> >> kernel.
> >>
> >> What if we generalized this?
> >>
> >> For example, we could add a concept of ephemeral devices.  An
> >> ephemeral device is a device that can be referenced by an inode with a
> >> guarantee that the inode will *never* accidentally point to a
> >> different device [1].  Then we add a concept of the userns that owns a
> >> struct device.
> >>
> >> To make this safe, we'll need to make sure that old host udev will not
> >> see non-init-userns devices, ever.  This is easy enough to do, but
> >> doing it elegantly might take some design work.
> >
> > To do this wouldn't we need a generic way to know which namespace a
> > device goes with? Greg has clearly stated that he doesn't want to do
> > this.

> This is IMO silly.  If Greg doesn't want any kind of namespaces in the
> device core, then sticking considerably more complicated namespaces
> into the *loop* driver is just absurd.

Maybe so, maybe no, but it is what it is.  Greg K-H has been very clear
and emphatic on this topic.  He made it clear at LinuxPlumbers in NOLA
last year and he made it clear in this thread.  He did admit to some use
cases which several of us presented and he did say he would be open to
patches in this limited case, which is what Seth is presenting.  This is
working within the confines he has defined.  We'll take what we can get.

> >> To make this useful, we'll need a way for things inside user
> >> namespaces to create the device nodes.  I can imagine at least three
> >> ways to make this work.
> >>
> >> a) Allow mknod on a tmpfs created by a particular userns to succeed if
> >> the targetting struct device is owned by that userns or a child and if
> >> the caller is ns_capable(CAP_MKNOD).
> >> b) Create a new filesystem that has some special ioctl or whatever to do it.
> >> c) Have real per-user-ns devtmpfs.
> >>
> >> Now, to get loop working in a userns, we need a way for the userns (or
> >> the host!) to create a new loop-control device owned by that userns
> >> and we need to tweak the loop driver to make the created loop devices
> >> be owned by the userns.
> >
> > The patches I posted previously more or less did this using per-ns
> > devtmpfs, aside from the ephimeral part. The feedback was "just do it in
> > loop," so I sent these to facilitate discussing this option with
> > something concrete. I personally still like the per-ns devtmpfs
> > approach, but that's been nacked.

> The ephemeral part might not be needed using devtmpfs if devtmpfs can
> guarantee that the device nodes go away if the device goes away.  I
> don't know whether it can make that guarantee.

> > (a) might be interesting, but I'd expect the same objections to be
> > raised as for (c). And it seems to me that (b) is just a alternate
> > interface for (a).

> True.

> >> (Note: I'm deliberately ignoring the fact that just doing this for
> >> loop seems to be almost entirely useless right now: you still can't
> >> mount the things.)

> > You could also argue that it's useless to be able to mount things if you
> > have no block device on which to mount them. We have to start somewhere.

> True.

> But if we take this particular route, then I can imagine a real mess
> when someone wants to mount a non-loop device, and we get stuck on how
> to expose the device node.  Sigh.

Then we deal with that horse when we have to make him sing.  One way or
the other, we're trying to moving forward.

> --Andy

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 978-7061 |  mhw@WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!


[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 482 bytes --]

Re: [RFC PATCH 0/2] Loop device psuedo filesystem

[H. Peter Anvin]

On 05/27/2014 02:58 PM, Seth Forshee wrote:
> 
> The patches implement a psuedo filesystem for loop devices, which will
> allow use of loop devices in containters using standard utilities. Under
> normal use a loopfs mount will initially contain a single device node
> for loop-control which can be used to request and release loop devices.
> Any devices allocated via this node will automatically appear in that
> loopfs mount (and in devtmpfs) but not in any other loopfs mounts.
> CAP_SYS_ADMIN in the userns of the process which performed the mount is
> allowed to perform privileged loop ioctls on these devices.
> 
> Alternately loopfs can be mounted with the hostmount option, intended
> for mounting /dev/loop in the host. This is the default mount for any
> devices not created via loop-control in a loopfs mount (e.g. devices
> created during driver init, devices created via /dev/loop-control, etc).
> This is only available to system-wide CAP_SYS_ADMIN.
> 

May I instead strongly advocate a slightly different solution: leave
legacy loop devices where they are, with the current semantics, and let
them be.  Make the loopfs loop devices completely independent.  Consider
this equivalent of Unix98 ptys versus legacy BSD ptys.

Then, hopefully, use of the legacy ones will disappear over time.
Enabling the new ones in losetup and friends is simple enough; this is
not like ptys where the old scheme was hard-coded into a hundred
different applications.

	-hpa

Re: [RFC PATCH 0/2] Loop device psuedo filesystem

[Seth Forshee]

On Wed, May 28, 2014 at 04:47:24PM -0700, H. Peter Anvin wrote:
> On 05/27/2014 02:58 PM, Seth Forshee wrote:
> > 
> > The patches implement a psuedo filesystem for loop devices, which will
> > allow use of loop devices in containters using standard utilities. Under
> > normal use a loopfs mount will initially contain a single device node
> > for loop-control which can be used to request and release loop devices.
> > Any devices allocated via this node will automatically appear in that
> > loopfs mount (and in devtmpfs) but not in any other loopfs mounts.
> > CAP_SYS_ADMIN in the userns of the process which performed the mount is
> > allowed to perform privileged loop ioctls on these devices.
> > 
> > Alternately loopfs can be mounted with the hostmount option, intended
> > for mounting /dev/loop in the host. This is the default mount for any
> > devices not created via loop-control in a loopfs mount (e.g. devices
> > created during driver init, devices created via /dev/loop-control, etc).
> > This is only available to system-wide CAP_SYS_ADMIN.
> > 
> 
> May I instead strongly advocate a slightly different solution: leave
> legacy loop devices where they are, with the current semantics, and let
> them be.  Make the loopfs loop devices completely independent.  Consider
> this equivalent of Unix98 ptys versus legacy BSD ptys.
> 
> Then, hopefully, use of the legacy ones will disappear over time.
> Enabling the new ones in losetup and friends is simple enough; this is
> not like ptys where the old scheme was hard-coded into a hundred
> different applications.

I'm not really sure what you're thinking should be changed about the
loop driver. Sure, I can think of a few things I'd change, but nothing
intractable.

If it's the semantics, I'm not really changing those in any significant
way. Today losetup opens /dev/loop-control and asks for a free device,
and it receives either an existing, unused device or a new device which
appears at /dev/loopN. All that changes here is that it would need to
try /dev/loop/loop-control as well, and devices would appear at
/dev/loop/N (which is a convention losetup already understands, it just
needs to look there in some cases where it doesn't currently).

Or perhaps you're suggesting a more radical change to the semantics?

Thanks,
Seth

Re: [RFC PATCH 0/2] Loop device psuedo filesystem

[Shea Levy]

Hi,

I wanted to test these patches (to support creating and filling a disk
image containing a btrfs filesystem and several subvolumes as an
unprivileged user), but the build fails due to what looks like a missing
loopfs.c in fs/loopfs (or alternatively an erroneous line in
fs/loopfs/Makefile). I built based off of 3.17-rc5.

~Shea


On Tue, May 27, 2014 at 11:58:54PM +0200, Seth Forshee wrote:
> I'm posting these patches in response to the ongoing discussion of loop
> devices in containers at [1].
> 
> The patches implement a psuedo filesystem for loop devices, which will
> allow use of loop devices in containters using standard utilities. Under
> normal use a loopfs mount will initially contain a single device node
> for loop-control which can be used to request and release loop devices.
> Any devices allocated via this node will automatically appear in that
> loopfs mount (and in devtmpfs) but not in any other loopfs mounts.
> CAP_SYS_ADMIN in the userns of the process which performed the mount is
> allowed to perform privileged loop ioctls on these devices.
> 
> Alternately loopfs can be mounted with the hostmount option, intended
> for mounting /dev/loop in the host. This is the default mount for any
> devices not created via loop-control in a loopfs mount (e.g. devices
> created during driver init, devices created via /dev/loop-control, etc).
> This is only available to system-wide CAP_SYS_ADMIN.
> 
> I still have some testing to do on these patches, but they work at
> minimum for simple use cases. It's possible to use an unmodified losetup
> if it's new enough to know about loop-control, with a couple of caveats:
> 
>  * /dev/loop-control must be symlinked to /dev/loop/loop-control
>  * In some cases losetup attempts to use /dev/loopN when the device node
>    is at /dev/loop/N. For example, 'losetup -f disk.img' fails.
> 
> Device nodes for loop partitions are not created in loopfs. These
> devices are created by the generic block layer, and the loop driver has
> no way of knowing when they are created, so some kind of hook into the
> driver will be needed to support this.
> 
> Thanks,
> Seth
> 
> [1] http://article.gmane.org/gmane.linux.kernel/1703988
> 
> Seth Forshee (2):
>   loop: Add loop filesystem
>   loop: Permit priveleged operations within user namespaces
> 
>  drivers/block/loop.c       | 137 +++++++++++++----
>  drivers/block/loop.h       |   2 +
>  fs/Makefile                |   1 +
>  fs/loopfs/Makefile         |   6 +
>  fs/loopfs/inode.c          | 360 +++++++++++++++++++++++++++++++++++++++++++++
>  include/linux/loopfs.h     |  53 +++++++
>  include/uapi/linux/magic.h |   1 +
>  7 files changed, 535 insertions(+), 25 deletions(-)
>  create mode 100644 fs/loopfs/Makefile
>  create mode 100644 fs/loopfs/inode.c
>  create mode 100644 include/linux/loopfs.h
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
> 
> 

Re: [RFC PATCH 0/2] Loop device psuedo filesystem

[Seth Forshee]

On Mon, Sep 15, 2014 at 04:38:44PM -0400, Shea Levy wrote:
> Hi,
> 
> I wanted to test these patches (to support creating and filling a disk
> image containing a btrfs filesystem and several subvolumes as an
> unprivileged user), but the build fails due to what looks like a missing
> loopfs.c in fs/loopfs (or alternatively an erroneous line in
> fs/loopfs/Makefile). I built based off of 3.17-rc5.

There's no loopfs.c, loopfs.o gets built from inode.o which is in turn
built from inode.c. I'm pretty sure the patches built when I posted
them, which seems to be 3.15-rc7 based on the branch I've got here.

Seth

> 
> ~Shea
> 
> 
> On Tue, May 27, 2014 at 11:58:54PM +0200, Seth Forshee wrote:
> > I'm posting these patches in response to the ongoing discussion of loop
> > devices in containers at [1].
> > 
> > The patches implement a psuedo filesystem for loop devices, which will
> > allow use of loop devices in containters using standard utilities. Under
> > normal use a loopfs mount will initially contain a single device node
> > for loop-control which can be used to request and release loop devices.
> > Any devices allocated via this node will automatically appear in that
> > loopfs mount (and in devtmpfs) but not in any other loopfs mounts.
> > CAP_SYS_ADMIN in the userns of the process which performed the mount is
> > allowed to perform privileged loop ioctls on these devices.
> > 
> > Alternately loopfs can be mounted with the hostmount option, intended
> > for mounting /dev/loop in the host. This is the default mount for any
> > devices not created via loop-control in a loopfs mount (e.g. devices
> > created during driver init, devices created via /dev/loop-control, etc).
> > This is only available to system-wide CAP_SYS_ADMIN.
> > 
> > I still have some testing to do on these patches, but they work at
> > minimum for simple use cases. It's possible to use an unmodified losetup
> > if it's new enough to know about loop-control, with a couple of caveats:
> > 
> >  * /dev/loop-control must be symlinked to /dev/loop/loop-control
> >  * In some cases losetup attempts to use /dev/loopN when the device node
> >    is at /dev/loop/N. For example, 'losetup -f disk.img' fails.
> > 
> > Device nodes for loop partitions are not created in loopfs. These
> > devices are created by the generic block layer, and the loop driver has
> > no way of knowing when they are created, so some kind of hook into the
> > driver will be needed to support this.
> > 
> > Thanks,
> > Seth
> > 
> > [1] http://article.gmane.org/gmane.linux.kernel/1703988
> > 
> > Seth Forshee (2):
> >   loop: Add loop filesystem
> >   loop: Permit priveleged operations within user namespaces
> > 
> >  drivers/block/loop.c       | 137 +++++++++++++----
> >  drivers/block/loop.h       |   2 +
> >  fs/Makefile                |   1 +
> >  fs/loopfs/Makefile         |   6 +
> >  fs/loopfs/inode.c          | 360 +++++++++++++++++++++++++++++++++++++++++++++
> >  include/linux/loopfs.h     |  53 +++++++
> >  include/uapi/linux/magic.h |   1 +
> >  7 files changed, 535 insertions(+), 25 deletions(-)
> >  create mode 100644 fs/loopfs/Makefile
> >  create mode 100644 fs/loopfs/inode.c
> >  create mode 100644 include/linux/loopfs.h
> > 
> > --
> > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> > the body of a message to majordomo@vger.kernel.org
> > More majordomo info at  http://vger.kernel.org/majordomo-info.html
> > Please read the FAQ at  http://www.tux.org/lkml/
> > 
> > 

Re: [RFC PATCH 0/2] Loop device psuedo filesystem

[Shea Levy]

[-- Attachment #1: Type: text/plain, Size: 4168 bytes --]

Hi Seth,

I applied your patches to 3.15-rc7, and had the same problem, the build
fails with:

> make[3]: *** No rule to make target `fs/loopfs/loopfs.c', needed by `fs/loopfs/loopfs.o'.  Stop.

I've attached the config I used, I generated it via make allnoconfig and
then enabled MODULES, BLK, BLK_DEV, and BLK_DEV_LOOP=m in make nconfig.

The build succeeds if I set BLK_DEV_LOOP=y, so I'll go ahead with my
testing using that.

~Shea

On Mon, Sep 15, 2014 at 03:55:32PM -0500, Seth Forshee wrote:
> On Mon, Sep 15, 2014 at 04:38:44PM -0400, Shea Levy wrote:
> > Hi,
> > 
> > I wanted to test these patches (to support creating and filling a disk
> > image containing a btrfs filesystem and several subvolumes as an
> > unprivileged user), but the build fails due to what looks like a missing
> > loopfs.c in fs/loopfs (or alternatively an erroneous line in
> > fs/loopfs/Makefile). I built based off of 3.17-rc5.
> 
> There's no loopfs.c, loopfs.o gets built from inode.o which is in turn
> built from inode.c. I'm pretty sure the patches built when I posted
> them, which seems to be 3.15-rc7 based on the branch I've got here.
> 
> Seth
> 
> > 
> > ~Shea
> > 
> > 
> > On Tue, May 27, 2014 at 11:58:54PM +0200, Seth Forshee wrote:
> > > I'm posting these patches in response to the ongoing discussion of loop
> > > devices in containers at [1].
> > > 
> > > The patches implement a psuedo filesystem for loop devices, which will
> > > allow use of loop devices in containters using standard utilities. Under
> > > normal use a loopfs mount will initially contain a single device node
> > > for loop-control which can be used to request and release loop devices.
> > > Any devices allocated via this node will automatically appear in that
> > > loopfs mount (and in devtmpfs) but not in any other loopfs mounts.
> > > CAP_SYS_ADMIN in the userns of the process which performed the mount is
> > > allowed to perform privileged loop ioctls on these devices.
> > > 
> > > Alternately loopfs can be mounted with the hostmount option, intended
> > > for mounting /dev/loop in the host. This is the default mount for any
> > > devices not created via loop-control in a loopfs mount (e.g. devices
> > > created during driver init, devices created via /dev/loop-control, etc).
> > > This is only available to system-wide CAP_SYS_ADMIN.
> > > 
> > > I still have some testing to do on these patches, but they work at
> > > minimum for simple use cases. It's possible to use an unmodified losetup
> > > if it's new enough to know about loop-control, with a couple of caveats:
> > > 
> > >  * /dev/loop-control must be symlinked to /dev/loop/loop-control
> > >  * In some cases losetup attempts to use /dev/loopN when the device node
> > >    is at /dev/loop/N. For example, 'losetup -f disk.img' fails.
> > > 
> > > Device nodes for loop partitions are not created in loopfs. These
> > > devices are created by the generic block layer, and the loop driver has
> > > no way of knowing when they are created, so some kind of hook into the
> > > driver will be needed to support this.
> > > 
> > > Thanks,
> > > Seth
> > > 
> > > [1] http://article.gmane.org/gmane.linux.kernel/1703988
> > > 
> > > Seth Forshee (2):
> > >   loop: Add loop filesystem
> > >   loop: Permit priveleged operations within user namespaces
> > > 
> > >  drivers/block/loop.c       | 137 +++++++++++++----
> > >  drivers/block/loop.h       |   2 +
> > >  fs/Makefile                |   1 +
> > >  fs/loopfs/Makefile         |   6 +
> > >  fs/loopfs/inode.c          | 360 +++++++++++++++++++++++++++++++++++++++++++++
> > >  include/linux/loopfs.h     |  53 +++++++
> > >  include/uapi/linux/magic.h |   1 +
> > >  7 files changed, 535 insertions(+), 25 deletions(-)
> > >  create mode 100644 fs/loopfs/Makefile
> > >  create mode 100644 fs/loopfs/inode.c
> > >  create mode 100644 include/linux/loopfs.h
> > > 
> > > --
> > > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> > > the body of a message to majordomo@vger.kernel.org
> > > More majordomo info at  http://vger.kernel.org/majordomo-info.html
> > > Please read the FAQ at  http://www.tux.org/lkml/
> > > 
> > > 

[-- Attachment #2: config --]
[-- Type: text/plain, Size: 22186 bytes --]

#
# Automatically generated file; DO NOT EDIT.
# Linux/x86 3.15.0-rc7 Kernel Configuration
#
CONFIG_64BIT=y
CONFIG_X86_64=y
CONFIG_X86=y
CONFIG_INSTRUCTION_DECODER=y
CONFIG_OUTPUT_FORMAT="elf64-x86-64"
CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig"
CONFIG_LOCKDEP_SUPPORT=y
CONFIG_STACKTRACE_SUPPORT=y
CONFIG_HAVE_LATENCYTOP_SUPPORT=y
CONFIG_MMU=y
CONFIG_NEED_DMA_MAP_STATE=y
CONFIG_NEED_SG_DMA_LENGTH=y
CONFIG_GENERIC_ISA_DMA=y
CONFIG_GENERIC_HWEIGHT=y
CONFIG_ARCH_MAY_HAVE_PC_FDC=y
CONFIG_RWSEM_XCHGADD_ALGORITHM=y
CONFIG_GENERIC_CALIBRATE_DELAY=y
CONFIG_ARCH_HAS_CPU_RELAX=y
CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y
CONFIG_HAVE_SETUP_PER_CPU_AREA=y
CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y
CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y
CONFIG_ARCH_HIBERNATION_POSSIBLE=y
CONFIG_ARCH_SUSPEND_POSSIBLE=y
CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y
CONFIG_ARCH_WANT_GENERAL_HUGETLB=y
CONFIG_ZONE_DMA32=y
CONFIG_AUDIT_ARCH=y
CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y
CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y
CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11"
CONFIG_ARCH_SUPPORTS_UPROBES=y
CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config"
CONFIG_IRQ_WORK=y
CONFIG_BUILDTIME_EXTABLE_SORT=y

#
# General setup
#
CONFIG_BROKEN_ON_SMP=y
CONFIG_INIT_ENV_ARG_LIMIT=32
CONFIG_CROSS_COMPILE=""
# CONFIG_COMPILE_TEST is not set
CONFIG_LOCALVERSION=""
# CONFIG_LOCALVERSION_AUTO is not set
CONFIG_HAVE_KERNEL_GZIP=y
CONFIG_HAVE_KERNEL_BZIP2=y
CONFIG_HAVE_KERNEL_LZMA=y
CONFIG_HAVE_KERNEL_XZ=y
CONFIG_HAVE_KERNEL_LZO=y
CONFIG_HAVE_KERNEL_LZ4=y
CONFIG_KERNEL_GZIP=y
# CONFIG_KERNEL_BZIP2 is not set
# CONFIG_KERNEL_LZMA is not set
# CONFIG_KERNEL_XZ is not set
# CONFIG_KERNEL_LZO is not set
# CONFIG_KERNEL_LZ4 is not set
CONFIG_DEFAULT_HOSTNAME="(none)"
CONFIG_SWAP=y
# CONFIG_SYSVIPC is not set
# CONFIG_FHANDLE is not set
# CONFIG_USELIB is not set
CONFIG_HAVE_ARCH_AUDITSYSCALL=y

#
# IRQ subsystem
#
CONFIG_GENERIC_IRQ_PROBE=y
CONFIG_GENERIC_IRQ_SHOW=y
CONFIG_IRQ_FORCED_THREADING=y
CONFIG_SPARSE_IRQ=y
CONFIG_CLOCKSOURCE_WATCHDOG=y
CONFIG_ARCH_CLOCKSOURCE_DATA=y
CONFIG_GENERIC_TIME_VSYSCALL=y
CONFIG_GENERIC_CLOCKEVENTS=y
CONFIG_GENERIC_CLOCKEVENTS_BUILD=y
CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y
CONFIG_GENERIC_CLOCKEVENTS_MIN_ADJUST=y
CONFIG_GENERIC_CMOS_UPDATE=y

#
# Timers subsystem
#
CONFIG_HZ_PERIODIC=y
# CONFIG_NO_HZ_IDLE is not set
# CONFIG_NO_HZ is not set
# CONFIG_HIGH_RES_TIMERS is not set

#
# CPU/Task time and stats accounting
#
CONFIG_TICK_CPU_ACCOUNTING=y
# CONFIG_VIRT_CPU_ACCOUNTING_GEN is not set
# CONFIG_IRQ_TIME_ACCOUNTING is not set
# CONFIG_BSD_PROCESS_ACCT is not set

#
# RCU Subsystem
#
CONFIG_TINY_RCU=y
# CONFIG_PREEMPT_RCU is not set
# CONFIG_RCU_STALL_COMMON is not set
# CONFIG_TREE_RCU_TRACE is not set
# CONFIG_IKCONFIG is not set
CONFIG_LOG_BUF_SHIFT=17
CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y
CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y
CONFIG_ARCH_SUPPORTS_INT128=y
CONFIG_ARCH_WANTS_PROT_NUMA_PROT_NONE=y
# CONFIG_CGROUPS is not set
# CONFIG_CHECKPOINT_RESTORE is not set
# CONFIG_NAMESPACES is not set
# CONFIG_SCHED_AUTOGROUP is not set
# CONFIG_RELAY is not set
# CONFIG_BLK_DEV_INITRD is not set
# CONFIG_CC_OPTIMIZE_FOR_SIZE is not set
CONFIG_ANON_INODES=y
CONFIG_SYSCTL_EXCEPTION_TRACE=y
CONFIG_HAVE_PCSPKR_PLATFORM=y
CONFIG_EXPERT=y
# CONFIG_SYSFS_SYSCALL is not set
# CONFIG_KALLSYMS is not set
# CONFIG_PRINTK is not set
# CONFIG_BUG is not set
# CONFIG_PCSPKR_PLATFORM is not set
# CONFIG_BASE_FULL is not set
# CONFIG_FUTEX is not set
# CONFIG_EPOLL is not set
# CONFIG_SIGNALFD is not set
# CONFIG_TIMERFD is not set
# CONFIG_EVENTFD is not set
# CONFIG_SHMEM is not set
# CONFIG_AIO is not set
CONFIG_EMBEDDED=y
CONFIG_HAVE_PERF_EVENTS=y

#
# Kernel Performance Events And Counters
#
CONFIG_PERF_EVENTS=y
# CONFIG_DEBUG_PERF_USE_VMALLOC is not set
# CONFIG_VM_EVENT_COUNTERS is not set
# CONFIG_COMPAT_BRK is not set
# CONFIG_SLAB is not set
CONFIG_SLUB=y
# CONFIG_SLOB is not set
# CONFIG_PROFILING is not set
CONFIG_HAVE_OPROFILE=y
CONFIG_OPROFILE_NMI_TIMER=y
# CONFIG_KPROBES is not set
# CONFIG_JUMP_LABEL is not set
# CONFIG_UPROBES is not set
# CONFIG_HAVE_64BIT_ALIGNED_ACCESS is not set
CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y
CONFIG_ARCH_USE_BUILTIN_BSWAP=y
CONFIG_HAVE_IOREMAP_PROT=y
CONFIG_HAVE_KPROBES=y
CONFIG_HAVE_KRETPROBES=y
CONFIG_HAVE_OPTPROBES=y
CONFIG_HAVE_KPROBES_ON_FTRACE=y
CONFIG_HAVE_ARCH_TRACEHOOK=y
CONFIG_HAVE_DMA_ATTRS=y
CONFIG_GENERIC_SMP_IDLE_THREAD=y
CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y
CONFIG_HAVE_DMA_API_DEBUG=y
CONFIG_HAVE_HW_BREAKPOINT=y
CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y
CONFIG_HAVE_USER_RETURN_NOTIFIER=y
CONFIG_HAVE_PERF_EVENTS_NMI=y
CONFIG_HAVE_PERF_REGS=y
CONFIG_HAVE_PERF_USER_STACK_DUMP=y
CONFIG_HAVE_ARCH_JUMP_LABEL=y
CONFIG_ARCH_HAVE_NMI_SAFE_CMPXCHG=y
CONFIG_HAVE_ALIGNED_STRUCT_PAGE=y
CONFIG_HAVE_CMPXCHG_LOCAL=y
CONFIG_HAVE_CMPXCHG_DOUBLE=y
CONFIG_HAVE_ARCH_SECCOMP_FILTER=y
CONFIG_HAVE_CC_STACKPROTECTOR=y
# CONFIG_CC_STACKPROTECTOR is not set
CONFIG_CC_STACKPROTECTOR_NONE=y
# CONFIG_CC_STACKPROTECTOR_REGULAR is not set
# CONFIG_CC_STACKPROTECTOR_STRONG is not set
CONFIG_HAVE_CONTEXT_TRACKING=y
CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y
CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y
CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE=y
CONFIG_HAVE_ARCH_SOFT_DIRTY=y
CONFIG_MODULES_USE_ELF_RELA=y
CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y

#
# GCOV-based kernel profiling
#
# CONFIG_HAVE_GENERIC_DMA_COHERENT is not set
CONFIG_BASE_SMALL=1
CONFIG_MODULES=y
# CONFIG_MODULE_FORCE_LOAD is not set
# CONFIG_MODULE_UNLOAD is not set
# CONFIG_MODVERSIONS is not set
# CONFIG_MODULE_SRCVERSION_ALL is not set
# CONFIG_MODULE_SIG is not set
CONFIG_BLOCK=y
CONFIG_BLK_DEV_BSG=y
# CONFIG_BLK_DEV_BSGLIB is not set
# CONFIG_BLK_DEV_INTEGRITY is not set
# CONFIG_BLK_CMDLINE_PARSER is not set

#
# Partition Types
#
# CONFIG_PARTITION_ADVANCED is not set
CONFIG_MSDOS_PARTITION=y
CONFIG_EFI_PARTITION=y

#
# IO Schedulers
#
CONFIG_IOSCHED_NOOP=y
CONFIG_IOSCHED_DEADLINE=y
CONFIG_IOSCHED_CFQ=y
# CONFIG_DEFAULT_DEADLINE is not set
CONFIG_DEFAULT_CFQ=y
# CONFIG_DEFAULT_NOOP is not set
CONFIG_DEFAULT_IOSCHED="cfq"
CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
CONFIG_INLINE_READ_UNLOCK=y
CONFIG_INLINE_READ_UNLOCK_IRQ=y
CONFIG_INLINE_WRITE_UNLOCK=y
CONFIG_INLINE_WRITE_UNLOCK_IRQ=y
# CONFIG_FREEZER is not set

#
# Processor type and features
#
# CONFIG_ZONE_DMA is not set
# CONFIG_SMP is not set
CONFIG_X86_MPPARSE=y
# CONFIG_X86_EXTENDED_PLATFORM is not set
# CONFIG_SCHED_OMIT_FRAME_POINTER is not set
# CONFIG_HYPERVISOR_GUEST is not set
CONFIG_NO_BOOTMEM=y
# CONFIG_MEMTEST is not set
# CONFIG_M486 is not set
# CONFIG_M586 is not set
# CONFIG_M586TSC is not set
# CONFIG_M586MMX is not set
# CONFIG_M686 is not set
# CONFIG_MPENTIUMII is not set
# CONFIG_MPENTIUMIII is not set
# CONFIG_MPENTIUMM is not set
# CONFIG_MPENTIUM4 is not set
# CONFIG_MK6 is not set
# CONFIG_MK7 is not set
# CONFIG_MK8 is not set
# CONFIG_MCRUSOE is not set
# CONFIG_MEFFICEON is not set
# CONFIG_MWINCHIPC6 is not set
# CONFIG_MWINCHIP3D is not set
# CONFIG_MELAN is not set
# CONFIG_MGEODEGX1 is not set
# CONFIG_MGEODE_LX is not set
# CONFIG_MCYRIXIII is not set
# CONFIG_MVIAC3_2 is not set
# CONFIG_MVIAC7 is not set
# CONFIG_MPSC is not set
# CONFIG_MCORE2 is not set
# CONFIG_MATOM is not set
CONFIG_GENERIC_CPU=y
CONFIG_X86_INTERNODE_CACHE_SHIFT=6
CONFIG_X86_L1_CACHE_SHIFT=6
CONFIG_X86_TSC=y
CONFIG_X86_CMPXCHG64=y
CONFIG_X86_CMOV=y
CONFIG_X86_MINIMUM_CPU_FAMILY=64
CONFIG_X86_DEBUGCTLMSR=y
# CONFIG_PROCESSOR_SELECT is not set
CONFIG_CPU_SUP_INTEL=y
CONFIG_CPU_SUP_AMD=y
CONFIG_CPU_SUP_CENTAUR=y
CONFIG_HPET_TIMER=y
# CONFIG_DMI is not set
CONFIG_SWIOTLB=y
CONFIG_IOMMU_HELPER=y
CONFIG_NR_CPUS=1
CONFIG_PREEMPT_NONE=y
# CONFIG_PREEMPT_VOLUNTARY is not set
# CONFIG_PREEMPT is not set
CONFIG_X86_LOCAL_APIC=y
CONFIG_X86_IO_APIC=y
# CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS is not set
# CONFIG_X86_MCE is not set
# CONFIG_I8K is not set
# CONFIG_MICROCODE is not set
# CONFIG_MICROCODE_INTEL_EARLY is not set
# CONFIG_MICROCODE_AMD_EARLY is not set
# CONFIG_X86_MSR is not set
# CONFIG_X86_CPUID is not set
# CONFIG_NOHIGHMEM is not set
# CONFIG_HIGHMEM4G is not set
# CONFIG_HIGHMEM64G is not set
# CONFIG_VMSPLIT_3G is not set
# CONFIG_VMSPLIT_3G_OPT is not set
# CONFIG_VMSPLIT_2G is not set
# CONFIG_VMSPLIT_2G_OPT is not set
# CONFIG_VMSPLIT_1G is not set
CONFIG_ARCH_PHYS_ADDR_T_64BIT=y
CONFIG_ARCH_DMA_ADDR_T_64BIT=y
CONFIG_DIRECT_GBPAGES=y
CONFIG_ARCH_SPARSEMEM_ENABLE=y
CONFIG_ARCH_SPARSEMEM_DEFAULT=y
CONFIG_ARCH_SELECT_MEMORY_MODEL=y
CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000
CONFIG_SELECT_MEMORY_MODEL=y
# CONFIG_FLATMEM_MANUAL is not set
CONFIG_SPARSEMEM_MANUAL=y
CONFIG_SPARSEMEM=y
CONFIG_HAVE_MEMORY_PRESENT=y
CONFIG_SPARSEMEM_EXTREME=y
CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y
CONFIG_SPARSEMEM_ALLOC_MEM_MAP_TOGETHER=y
CONFIG_SPARSEMEM_VMEMMAP=y
CONFIG_HAVE_MEMBLOCK=y
CONFIG_HAVE_MEMBLOCK_NODE_MAP=y
CONFIG_ARCH_DISCARD_MEMBLOCK=y
# CONFIG_HAVE_BOOTMEM_INFO_NODE is not set
# CONFIG_MEMORY_HOTPLUG is not set
CONFIG_PAGEFLAGS_EXTENDED=y
CONFIG_SPLIT_PTLOCK_CPUS=4
CONFIG_ARCH_ENABLE_SPLIT_PMD_PTLOCK=y
# CONFIG_COMPACTION is not set
CONFIG_PHYS_ADDR_T_64BIT=y
CONFIG_ZONE_DMA_FLAG=0
CONFIG_VIRT_TO_BUS=y
# CONFIG_KSM is not set
CONFIG_DEFAULT_MMAP_MIN_ADDR=4096
# CONFIG_TRANSPARENT_HUGEPAGE is not set
# CONFIG_CROSS_MEMORY_ATTACH is not set
CONFIG_NEED_PER_CPU_KM=y
# CONFIG_CLEANCACHE is not set
# CONFIG_FRONTSWAP is not set
# CONFIG_CMA is not set
# CONFIG_ZBUD is not set
# CONFIG_ZSMALLOC is not set
CONFIG_GENERIC_EARLY_IOREMAP=y
# CONFIG_X86_CHECK_BIOS_CORRUPTION is not set
CONFIG_X86_RESERVE_LOW=64
# CONFIG_MTRR is not set
# CONFIG_ARCH_RANDOM is not set
# CONFIG_X86_SMAP is not set
# CONFIG_SECCOMP is not set
# CONFIG_HZ_100 is not set
CONFIG_HZ_250=y
# CONFIG_HZ_300 is not set
# CONFIG_HZ_1000 is not set
CONFIG_HZ=250
# CONFIG_SCHED_HRTICK is not set
# CONFIG_KEXEC is not set
# CONFIG_CRASH_DUMP is not set
CONFIG_PHYSICAL_START=0x1000000
# CONFIG_RELOCATABLE is not set
CONFIG_PHYSICAL_ALIGN=0x200000
# CONFIG_CMDLINE_BOOL is not set
CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y

#
# Power management and ACPI options
#
# CONFIG_SUSPEND is not set
# CONFIG_HIBERNATION is not set
# CONFIG_PM_RUNTIME is not set
# CONFIG_SFI is not set

#
# CPU Frequency scaling
#
# CONFIG_CPU_FREQ is not set

#
# CPU Idle
#
# CONFIG_CPU_IDLE is not set
# CONFIG_ARCH_NEEDS_CPU_IDLE_COUPLED is not set

#
# Memory power savings
#
# CONFIG_I7300_IDLE is not set

#
# Bus options (PCI etc.)
#
# CONFIG_PCI is not set
CONFIG_ISA_DMA_API=y
# CONFIG_PCCARD is not set
# CONFIG_X86_SYSFB is not set

#
# Executable file formats / Emulations
#
# CONFIG_BINFMT_ELF is not set
CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE=y
# CONFIG_BINFMT_SCRIPT is not set
# CONFIG_HAVE_AOUT is not set
# CONFIG_BINFMT_MISC is not set
# CONFIG_COREDUMP is not set
# CONFIG_IA32_EMULATION is not set
CONFIG_X86_DEV_DMA_OPS=y
# CONFIG_NET is not set
CONFIG_HAVE_BPF_JIT=y

#
# Device Drivers
#

#
# Generic Driver Options
#
CONFIG_UEVENT_HELPER_PATH=""
# CONFIG_DEVTMPFS is not set
# CONFIG_STANDALONE is not set
# CONFIG_PREVENT_FIRMWARE_BUILD is not set
# CONFIG_FW_LOADER is not set
# CONFIG_DEBUG_DRIVER is not set
# CONFIG_DEBUG_DEVRES is not set
# CONFIG_SYS_HYPERVISOR is not set
# CONFIG_GENERIC_CPU_DEVICES is not set
CONFIG_GENERIC_CPU_AUTOPROBE=y
# CONFIG_DMA_SHARED_BUFFER is not set

#
# Bus devices
#
# CONFIG_MTD is not set
# CONFIG_PARPORT is not set
CONFIG_ARCH_MIGHT_HAVE_PC_PARPORT=y
CONFIG_BLK_DEV=y
# CONFIG_BLK_DEV_NULL_BLK is not set
# CONFIG_BLK_DEV_FD is not set
# CONFIG_BLK_DEV_COW_COMMON is not set
CONFIG_BLK_DEV_LOOP=m
CONFIG_BLK_DEV_LOOP_MIN_COUNT=8
# CONFIG_BLK_DEV_CRYPTOLOOP is not set

#
# DRBD disabled because PROC_FS or INET not selected
#
# CONFIG_BLK_DEV_RAM is not set
# CONFIG_CDROM_PKTCDVD is not set
# CONFIG_BLK_DEV_HD is not set

#
# Misc devices
#
# CONFIG_DUMMY_IRQ is not set
# CONFIG_ATMEL_SSC is not set
# CONFIG_ENCLOSURE_SERVICES is not set
# CONFIG_SRAM is not set
# CONFIG_C2PORT is not set

#
# EEPROM support
#
# CONFIG_EEPROM_93CX6 is not set

#
# Texas Instruments shared transport line discipline
#

#
# Altera FPGA firmware download module
#

#
# Intel MIC Host Driver
#

#
# Intel MIC Card Driver
#
# CONFIG_INTEL_MIC_CARD is not set
# CONFIG_ECHO is not set
CONFIG_HAVE_IDE=y
# CONFIG_IDE is not set

#
# SCSI device support
#
CONFIG_SCSI_MOD=y
# CONFIG_RAID_ATTRS is not set
# CONFIG_SCSI is not set
# CONFIG_SCSI_DMA is not set
# CONFIG_SCSI_NETLINK is not set
# CONFIG_ATA is not set
# CONFIG_MD is not set
# CONFIG_MACINTOSH_DRIVERS is not set

#
# Input device support
#
# CONFIG_INPUT is not set

#
# Hardware I/O ports
#
# CONFIG_SERIO is not set
CONFIG_ARCH_MIGHT_HAVE_PC_SERIO=y
# CONFIG_GAMEPORT is not set

#
# Character devices
#
# CONFIG_TTY is not set
# CONFIG_DEVKMEM is not set
# CONFIG_IPMI_HANDLER is not set
# CONFIG_HW_RANDOM is not set
# CONFIG_NVRAM is not set
# CONFIG_RAW_DRIVER is not set
# CONFIG_HANGCHECK_TIMER is not set
# CONFIG_TCG_TPM is not set
# CONFIG_TELCLOCK is not set
# CONFIG_I2C is not set
# CONFIG_SPI is not set
# CONFIG_SPMI is not set
# CONFIG_HSI is not set

#
# PPS support
#
# CONFIG_PPS is not set

#
# PPS generators support
#

#
# PTP clock support
#

#
# Enable PHYLIB and NETWORK_PHY_TIMESTAMPING to see the additional clocks.
#
CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y
# CONFIG_GPIOLIB is not set
# CONFIG_W1 is not set
# CONFIG_POWER_SUPPLY is not set
# CONFIG_POWER_AVS is not set
# CONFIG_HWMON is not set
# CONFIG_THERMAL is not set
# CONFIG_WATCHDOG is not set
CONFIG_SSB_POSSIBLE=y

#
# Sonics Silicon Backplane
#
# CONFIG_SSB is not set
CONFIG_BCMA_POSSIBLE=y

#
# Broadcom specific AMBA
#
# CONFIG_BCMA is not set

#
# Multifunction device drivers
#
# CONFIG_MFD_CORE is not set
# CONFIG_MFD_CROS_EC is not set
# CONFIG_HTC_PASIC3 is not set
# CONFIG_MFD_KEMPLD is not set
# CONFIG_MFD_SM501 is not set
# CONFIG_ABX500_CORE is not set
# CONFIG_MFD_SYSCON is not set
# CONFIG_MFD_TI_AM335X_TSCADC is not set
# CONFIG_MFD_TMIO is not set
# CONFIG_REGULATOR is not set
# CONFIG_MEDIA_SUPPORT is not set

#
# Graphics support
#

#
# Direct Rendering Manager
#
# CONFIG_DRM is not set

#
# Frame buffer Devices
#
# CONFIG_FB is not set
# CONFIG_EXYNOS_VIDEO is not set
# CONFIG_BACKLIGHT_LCD_SUPPORT is not set
# CONFIG_VGASTATE is not set
# CONFIG_SOUND is not set
CONFIG_USB_OHCI_LITTLE_ENDIAN=y
# CONFIG_USB_SUPPORT is not set
# CONFIG_MMC is not set
# CONFIG_MEMSTICK is not set
# CONFIG_NEW_LEDS is not set
# CONFIG_ACCESSIBILITY is not set
# CONFIG_EDAC is not set
CONFIG_RTC_LIB=y
# CONFIG_RTC_CLASS is not set
# CONFIG_DMADEVICES is not set
# CONFIG_AUXDISPLAY is not set
# CONFIG_UIO is not set
# CONFIG_VIRT_DRIVERS is not set

#
# Virtio drivers
#
# CONFIG_VIRTIO_MMIO is not set

#
# Microsoft Hyper-V guest support
#
# CONFIG_STAGING is not set
# CONFIG_X86_PLATFORM_DEVICES is not set
# CONFIG_CHROME_PLATFORMS is not set

#
# Hardware Spinlock drivers
#
CONFIG_CLKEVT_I8253=y
CONFIG_CLKBLD_I8253=y
# CONFIG_SH_TIMER_CMT is not set
# CONFIG_SH_TIMER_MTU2 is not set
# CONFIG_SH_TIMER_TMU is not set
# CONFIG_EM_TIMER_STI is not set
# CONFIG_MAILBOX is not set
# CONFIG_IOMMU_SUPPORT is not set

#
# Remoteproc drivers
#
# CONFIG_STE_MODEM_RPROC is not set

#
# Rpmsg drivers
#
# CONFIG_PM_DEVFREQ is not set
# CONFIG_EXTCON is not set
# CONFIG_MEMORY is not set
# CONFIG_IIO is not set
# CONFIG_PWM is not set
# CONFIG_IPACK_BUS is not set
# CONFIG_RESET_CONTROLLER is not set
# CONFIG_FMC is not set

#
# PHY Subsystem
#
# CONFIG_GENERIC_PHY is not set
# CONFIG_PHY_SAMSUNG_USB2 is not set
# CONFIG_POWERCAP is not set
# CONFIG_MCB is not set

#
# Firmware Drivers
#
# CONFIG_EDD is not set
# CONFIG_FIRMWARE_MEMMAP is not set
# CONFIG_DELL_RBU is not set
# CONFIG_DCDBAS is not set
# CONFIG_GOOGLE_FIRMWARE is not set

#
# File systems
#
CONFIG_DCACHE_WORD_ACCESS=y
# CONFIG_EXT2_FS is not set
# CONFIG_EXT3_FS is not set
# CONFIG_EXT4_FS is not set
# CONFIG_REISERFS_FS is not set
# CONFIG_JFS_FS is not set
# CONFIG_XFS_FS is not set
# CONFIG_GFS2_FS is not set
# CONFIG_BTRFS_FS is not set
# CONFIG_NILFS2_FS is not set
# CONFIG_FS_POSIX_ACL is not set
# CONFIG_FILE_LOCKING is not set
# CONFIG_FSNOTIFY is not set
# CONFIG_DNOTIFY is not set
# CONFIG_INOTIFY_USER is not set
# CONFIG_FANOTIFY is not set
# CONFIG_QUOTA is not set
# CONFIG_QUOTACTL is not set
# CONFIG_AUTOFS4_FS is not set
# CONFIG_FUSE_FS is not set

#
# Caches
#
# CONFIG_FSCACHE is not set

#
# CD-ROM/DVD Filesystems
#
# CONFIG_ISO9660_FS is not set
# CONFIG_UDF_FS is not set

#
# DOS/FAT/NT Filesystems
#
# CONFIG_MSDOS_FS is not set
# CONFIG_VFAT_FS is not set
# CONFIG_NTFS_FS is not set

#
# Pseudo filesystems
#
# CONFIG_PROC_FS is not set
# CONFIG_KERNFS is not set
# CONFIG_SYSFS is not set
# CONFIG_HUGETLBFS is not set
# CONFIG_HUGETLB_PAGE is not set
# CONFIG_CONFIGFS_FS is not set
# CONFIG_MISC_FILESYSTEMS is not set
# CONFIG_NLS is not set

#
# Kernel hacking
#
CONFIG_TRACE_IRQFLAGS_SUPPORT=y

#
# printk and dmesg options
#
CONFIG_DEFAULT_MESSAGE_LOGLEVEL=4

#
# Compile-time checks and compiler options
#
# CONFIG_DEBUG_INFO is not set
# CONFIG_ENABLE_WARN_DEPRECATED is not set
# CONFIG_ENABLE_MUST_CHECK is not set
CONFIG_FRAME_WARN=1024
# CONFIG_STRIP_ASM_SYMS is not set
# CONFIG_READABLE_ASM is not set
# CONFIG_UNUSED_SYMBOLS is not set
# CONFIG_DEBUG_FS is not set
# CONFIG_HEADERS_CHECK is not set
# CONFIG_DEBUG_SECTION_MISMATCH is not set
CONFIG_ARCH_WANT_FRAME_POINTERS=y
# CONFIG_FRAME_POINTER is not set
# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set
# CONFIG_MAGIC_SYSRQ is not set
CONFIG_DEBUG_KERNEL=y

#
# Memory Debugging
#
# CONFIG_DEBUG_PAGEALLOC is not set
# CONFIG_DEBUG_OBJECTS is not set
CONFIG_HAVE_DEBUG_KMEMLEAK=y
# CONFIG_DEBUG_KMEMLEAK is not set
# CONFIG_DEBUG_STACK_USAGE is not set
# CONFIG_DEBUG_VM is not set
# CONFIG_DEBUG_VIRTUAL is not set
# CONFIG_DEBUG_MEMORY_INIT is not set
CONFIG_HAVE_DEBUG_STACKOVERFLOW=y
# CONFIG_DEBUG_STACKOVERFLOW is not set
CONFIG_HAVE_ARCH_KMEMCHECK=y
# CONFIG_KMEMCHECK is not set
# CONFIG_DEBUG_SHIRQ is not set

#
# Debug Lockups and Hangs
#
# CONFIG_LOCKUP_DETECTOR is not set
# CONFIG_DETECT_HUNG_TASK is not set
# CONFIG_PANIC_ON_OOPS is not set
CONFIG_PANIC_ON_OOPS_VALUE=0
CONFIG_PANIC_TIMEOUT=0

#
# Lock Debugging (spinlocks, mutexes, etc...)
#
# CONFIG_DEBUG_SPINLOCK is not set
# CONFIG_DEBUG_MUTEXES is not set
# CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set
# CONFIG_DEBUG_LOCK_ALLOC is not set
# CONFIG_PROVE_LOCKING is not set
# CONFIG_LOCK_STAT is not set
# CONFIG_DEBUG_ATOMIC_SLEEP is not set
# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set
# CONFIG_LOCK_TORTURE_TEST is not set
# CONFIG_DEBUG_KOBJECT is not set
# CONFIG_DEBUG_LIST is not set
# CONFIG_DEBUG_SG is not set
# CONFIG_DEBUG_NOTIFIERS is not set
# CONFIG_DEBUG_CREDENTIALS is not set

#
# RCU Debugging
#
# CONFIG_SPARSE_RCU_POINTER is not set
# CONFIG_TORTURE_TEST is not set
# CONFIG_RCU_TORTURE_TEST is not set
# CONFIG_RCU_TRACE is not set
# CONFIG_DEBUG_BLOCK_EXT_DEVT is not set
# CONFIG_NOTIFIER_ERROR_INJECTION is not set
# CONFIG_FAULT_INJECTION is not set
CONFIG_ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS=y
# CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is not set
CONFIG_USER_STACKTRACE_SUPPORT=y
CONFIG_HAVE_FUNCTION_TRACER=y
CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y
CONFIG_HAVE_FUNCTION_GRAPH_FP_TEST=y
CONFIG_HAVE_FUNCTION_TRACE_MCOUNT_TEST=y
CONFIG_HAVE_DYNAMIC_FTRACE=y
CONFIG_HAVE_DYNAMIC_FTRACE_WITH_REGS=y
CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y
CONFIG_HAVE_SYSCALL_TRACEPOINTS=y
CONFIG_HAVE_FENTRY=y
CONFIG_HAVE_C_RECORDMCOUNT=y
CONFIG_TRACING_SUPPORT=y
# CONFIG_FTRACE is not set

#
# Runtime Testing
#
# CONFIG_TEST_LIST_SORT is not set
# CONFIG_BACKTRACE_SELF_TEST is not set
# CONFIG_RBTREE_TEST is not set
# CONFIG_INTERVAL_TREE_TEST is not set
# CONFIG_PERCPU_TEST is not set
# CONFIG_ATOMIC64_SELFTEST is not set
# CONFIG_TEST_STRING_HELPERS is not set
# CONFIG_TEST_KSTRTOX is not set
# CONFIG_DMA_API_DEBUG is not set
# CONFIG_TEST_MODULE is not set
# CONFIG_TEST_USER_COPY is not set
# CONFIG_SAMPLES is not set
CONFIG_HAVE_ARCH_KGDB=y
# CONFIG_KGDB is not set
# CONFIG_STRICT_DEVMEM is not set
# CONFIG_X86_VERBOSE_BOOTUP is not set
# CONFIG_EARLY_PRINTK is not set
# CONFIG_X86_PTDUMP is not set
# CONFIG_DEBUG_RODATA is not set
# CONFIG_DEBUG_SET_MODULE_RONX is not set
# CONFIG_DEBUG_NX_TEST is not set
# CONFIG_DOUBLEFAULT is not set
# CONFIG_DEBUG_TLBFLUSH is not set
# CONFIG_IOMMU_STRESS is not set
CONFIG_HAVE_MMIOTRACE_SUPPORT=y
CONFIG_IO_DELAY_TYPE_0X80=0
CONFIG_IO_DELAY_TYPE_0XED=1
CONFIG_IO_DELAY_TYPE_UDELAY=2
CONFIG_IO_DELAY_TYPE_NONE=3
CONFIG_IO_DELAY_0X80=y
# CONFIG_IO_DELAY_0XED is not set
# CONFIG_IO_DELAY_UDELAY is not set
# CONFIG_IO_DELAY_NONE is not set
CONFIG_DEFAULT_IO_DELAY_TYPE=0
# CONFIG_CPA_DEBUG is not set
# CONFIG_OPTIMIZE_INLINING is not set
# CONFIG_DEBUG_NMI_SELFTEST is not set
# CONFIG_X86_DEBUG_STATIC_CPU_HAS is not set

#
# Security options
#
# CONFIG_KEYS is not set
# CONFIG_SECURITY_DMESG_RESTRICT is not set
# CONFIG_SECURITYFS is not set
CONFIG_DEFAULT_SECURITY_DAC=y
CONFIG_DEFAULT_SECURITY=""
# CONFIG_CRYPTO is not set
CONFIG_HAVE_KVM=y
# CONFIG_VIRTUALIZATION is not set
# CONFIG_BINARY_PRINTF is not set

#
# Library routines
#
CONFIG_BITREVERSE=y
CONFIG_GENERIC_STRNCPY_FROM_USER=y
CONFIG_GENERIC_STRNLEN_USER=y
CONFIG_GENERIC_FIND_FIRST_BIT=y
CONFIG_GENERIC_PCI_IOMAP=y
CONFIG_GENERIC_IOMAP=y
CONFIG_GENERIC_IO=y
CONFIG_ARCH_USE_CMPXCHG_LOCKREF=y
# CONFIG_CRC_CCITT is not set
# CONFIG_CRC16 is not set
# CONFIG_CRC_T10DIF is not set
# CONFIG_CRC_ITU_T is not set
CONFIG_CRC32=y
# CONFIG_CRC32_SELFTEST is not set
CONFIG_CRC32_SLICEBY8=y
# CONFIG_CRC32_SLICEBY4 is not set
# CONFIG_CRC32_SARWATE is not set
# CONFIG_CRC32_BIT is not set
# CONFIG_CRC7 is not set
# CONFIG_LIBCRC32C is not set
# CONFIG_CRC8 is not set
# CONFIG_AUDIT_ARCH_COMPAT_GENERIC is not set
# CONFIG_RANDOM32_SELFTEST is not set
# CONFIG_XZ_DEC is not set
# CONFIG_XZ_DEC_BCJ is not set
CONFIG_HAS_IOMEM=y
CONFIG_HAS_IOPORT_MAP=y
CONFIG_HAS_DMA=y
CONFIG_ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE=y
# CONFIG_AVERAGE is not set
# CONFIG_CORDIC is not set
# CONFIG_DDR is not set

Re: [RFC PATCH 0/2] Loop device psuedo filesystem

[Seth Forshee]

On Mon, Sep 15, 2014 at 07:20:52PM -0400, Shea Levy wrote:
> Hi Seth,
> 
> I applied your patches to 3.15-rc7, and had the same problem, the build
> fails with:
> 
> > make[3]: *** No rule to make target `fs/loopfs/loopfs.c', needed by `fs/loopfs/loopfs.o'.  Stop.
> 
> I've attached the config I used, I generated it via make allnoconfig and
> then enabled MODULES, BLK, BLK_DEV, and BLK_DEV_LOOP=m in make nconfig.
> 
> The build succeeds if I set BLK_DEV_LOOP=y, so I'll go ahead with my
> testing using that.

Ah, I probably didn't ever try it with BLK_DEV_LOOP=m. I think I see the
problem. Try making this change:

-loopfs-$(CONFIG_BLK_DEV_LOOP)          := inode.o
+loopfs-objs                            := inode.o

> 
> ~Shea
> 
> On Mon, Sep 15, 2014 at 03:55:32PM -0500, Seth Forshee wrote:
> > On Mon, Sep 15, 2014 at 04:38:44PM -0400, Shea Levy wrote:
> > > Hi,
> > > 
> > > I wanted to test these patches (to support creating and filling a disk
> > > image containing a btrfs filesystem and several subvolumes as an
> > > unprivileged user), but the build fails due to what looks like a missing
> > > loopfs.c in fs/loopfs (or alternatively an erroneous line in
> > > fs/loopfs/Makefile). I built based off of 3.17-rc5.
> > 
> > There's no loopfs.c, loopfs.o gets built from inode.o which is in turn
> > built from inode.c. I'm pretty sure the patches built when I posted
> > them, which seems to be 3.15-rc7 based on the branch I've got here.
> > 
> > Seth
> > 
> > > 
> > > ~Shea
> > > 
> > > 
> > > On Tue, May 27, 2014 at 11:58:54PM +0200, Seth Forshee wrote:
> > > > I'm posting these patches in response to the ongoing discussion of loop
> > > > devices in containers at [1].
> > > > 
> > > > The patches implement a psuedo filesystem for loop devices, which will
> > > > allow use of loop devices in containters using standard utilities. Under
> > > > normal use a loopfs mount will initially contain a single device node
> > > > for loop-control which can be used to request and release loop devices.
> > > > Any devices allocated via this node will automatically appear in that
> > > > loopfs mount (and in devtmpfs) but not in any other loopfs mounts.
> > > > CAP_SYS_ADMIN in the userns of the process which performed the mount is
> > > > allowed to perform privileged loop ioctls on these devices.
> > > > 
> > > > Alternately loopfs can be mounted with the hostmount option, intended
> > > > for mounting /dev/loop in the host. This is the default mount for any
> > > > devices not created via loop-control in a loopfs mount (e.g. devices
> > > > created during driver init, devices created via /dev/loop-control, etc).
> > > > This is only available to system-wide CAP_SYS_ADMIN.
> > > > 
> > > > I still have some testing to do on these patches, but they work at
> > > > minimum for simple use cases. It's possible to use an unmodified losetup
> > > > if it's new enough to know about loop-control, with a couple of caveats:
> > > > 
> > > >  * /dev/loop-control must be symlinked to /dev/loop/loop-control
> > > >  * In some cases losetup attempts to use /dev/loopN when the device node
> > > >    is at /dev/loop/N. For example, 'losetup -f disk.img' fails.
> > > > 
> > > > Device nodes for loop partitions are not created in loopfs. These
> > > > devices are created by the generic block layer, and the loop driver has
> > > > no way of knowing when they are created, so some kind of hook into the
> > > > driver will be needed to support this.
> > > > 
> > > > Thanks,
> > > > Seth
> > > > 
> > > > [1] http://article.gmane.org/gmane.linux.kernel/1703988
> > > > 
> > > > Seth Forshee (2):
> > > >   loop: Add loop filesystem
> > > >   loop: Permit priveleged operations within user namespaces
> > > > 
> > > >  drivers/block/loop.c       | 137 +++++++++++++----
> > > >  drivers/block/loop.h       |   2 +
> > > >  fs/Makefile                |   1 +
> > > >  fs/loopfs/Makefile         |   6 +
> > > >  fs/loopfs/inode.c          | 360 +++++++++++++++++++++++++++++++++++++++++++++
> > > >  include/linux/loopfs.h     |  53 +++++++
> > > >  include/uapi/linux/magic.h |   1 +
> > > >  7 files changed, 535 insertions(+), 25 deletions(-)
> > > >  create mode 100644 fs/loopfs/Makefile
> > > >  create mode 100644 fs/loopfs/inode.c
> > > >  create mode 100644 include/linux/loopfs.h
> > > > 
> > > > --
> > > > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> > > > the body of a message to majordomo@vger.kernel.org
> > > > More majordomo info at  http://vger.kernel.org/majordomo-info.html
> > > > Please read the FAQ at  http://www.tux.org/lkml/
> > > > 
> > > > 

> #
> # Automatically generated file; DO NOT EDIT.
> # Linux/x86 3.15.0-rc7 Kernel Configuration
> #
> CONFIG_64BIT=y
> CONFIG_X86_64=y
> CONFIG_X86=y
> CONFIG_INSTRUCTION_DECODER=y
> CONFIG_OUTPUT_FORMAT="elf64-x86-64"
> CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig"
> CONFIG_LOCKDEP_SUPPORT=y
> CONFIG_STACKTRACE_SUPPORT=y
> CONFIG_HAVE_LATENCYTOP_SUPPORT=y
> CONFIG_MMU=y
> CONFIG_NEED_DMA_MAP_STATE=y
> CONFIG_NEED_SG_DMA_LENGTH=y
> CONFIG_GENERIC_ISA_DMA=y
> CONFIG_GENERIC_HWEIGHT=y
> CONFIG_ARCH_MAY_HAVE_PC_FDC=y
> CONFIG_RWSEM_XCHGADD_ALGORITHM=y
> CONFIG_GENERIC_CALIBRATE_DELAY=y
> CONFIG_ARCH_HAS_CPU_RELAX=y
> CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y
> CONFIG_HAVE_SETUP_PER_CPU_AREA=y
> CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y
> CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y
> CONFIG_ARCH_HIBERNATION_POSSIBLE=y
> CONFIG_ARCH_SUSPEND_POSSIBLE=y
> CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y
> CONFIG_ARCH_WANT_GENERAL_HUGETLB=y
> CONFIG_ZONE_DMA32=y
> CONFIG_AUDIT_ARCH=y
> CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y
> CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y
> CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11"
> CONFIG_ARCH_SUPPORTS_UPROBES=y
> CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config"
> CONFIG_IRQ_WORK=y
> CONFIG_BUILDTIME_EXTABLE_SORT=y
> 
> #
> # General setup
> #
> CONFIG_BROKEN_ON_SMP=y
> CONFIG_INIT_ENV_ARG_LIMIT=32
> CONFIG_CROSS_COMPILE=""
> # CONFIG_COMPILE_TEST is not set
> CONFIG_LOCALVERSION=""
> # CONFIG_LOCALVERSION_AUTO is not set
> CONFIG_HAVE_KERNEL_GZIP=y
> CONFIG_HAVE_KERNEL_BZIP2=y
> CONFIG_HAVE_KERNEL_LZMA=y
> CONFIG_HAVE_KERNEL_XZ=y
> CONFIG_HAVE_KERNEL_LZO=y
> CONFIG_HAVE_KERNEL_LZ4=y
> CONFIG_KERNEL_GZIP=y
> # CONFIG_KERNEL_BZIP2 is not set
> # CONFIG_KERNEL_LZMA is not set
> # CONFIG_KERNEL_XZ is not set
> # CONFIG_KERNEL_LZO is not set
> # CONFIG_KERNEL_LZ4 is not set
> CONFIG_DEFAULT_HOSTNAME="(none)"
> CONFIG_SWAP=y
> # CONFIG_SYSVIPC is not set
> # CONFIG_FHANDLE is not set
> # CONFIG_USELIB is not set
> CONFIG_HAVE_ARCH_AUDITSYSCALL=y
> 
> #
> # IRQ subsystem
> #
> CONFIG_GENERIC_IRQ_PROBE=y
> CONFIG_GENERIC_IRQ_SHOW=y
> CONFIG_IRQ_FORCED_THREADING=y
> CONFIG_SPARSE_IRQ=y
> CONFIG_CLOCKSOURCE_WATCHDOG=y
> CONFIG_ARCH_CLOCKSOURCE_DATA=y
> CONFIG_GENERIC_TIME_VSYSCALL=y
> CONFIG_GENERIC_CLOCKEVENTS=y
> CONFIG_GENERIC_CLOCKEVENTS_BUILD=y
> CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y
> CONFIG_GENERIC_CLOCKEVENTS_MIN_ADJUST=y
> CONFIG_GENERIC_CMOS_UPDATE=y
> 
> #
> # Timers subsystem
> #
> CONFIG_HZ_PERIODIC=y
> # CONFIG_NO_HZ_IDLE is not set
> # CONFIG_NO_HZ is not set
> # CONFIG_HIGH_RES_TIMERS is not set
> 
> #
> # CPU/Task time and stats accounting
> #
> CONFIG_TICK_CPU_ACCOUNTING=y
> # CONFIG_VIRT_CPU_ACCOUNTING_GEN is not set
> # CONFIG_IRQ_TIME_ACCOUNTING is not set
> # CONFIG_BSD_PROCESS_ACCT is not set
> 
> #
> # RCU Subsystem
> #
> CONFIG_TINY_RCU=y
> # CONFIG_PREEMPT_RCU is not set
> # CONFIG_RCU_STALL_COMMON is not set
> # CONFIG_TREE_RCU_TRACE is not set
> # CONFIG_IKCONFIG is not set
> CONFIG_LOG_BUF_SHIFT=17
> CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y
> CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y
> CONFIG_ARCH_SUPPORTS_INT128=y
> CONFIG_ARCH_WANTS_PROT_NUMA_PROT_NONE=y
> # CONFIG_CGROUPS is not set
> # CONFIG_CHECKPOINT_RESTORE is not set
> # CONFIG_NAMESPACES is not set
> # CONFIG_SCHED_AUTOGROUP is not set
> # CONFIG_RELAY is not set
> # CONFIG_BLK_DEV_INITRD is not set
> # CONFIG_CC_OPTIMIZE_FOR_SIZE is not set
> CONFIG_ANON_INODES=y
> CONFIG_SYSCTL_EXCEPTION_TRACE=y
> CONFIG_HAVE_PCSPKR_PLATFORM=y
> CONFIG_EXPERT=y
> # CONFIG_SYSFS_SYSCALL is not set
> # CONFIG_KALLSYMS is not set
> # CONFIG_PRINTK is not set
> # CONFIG_BUG is not set
> # CONFIG_PCSPKR_PLATFORM is not set
> # CONFIG_BASE_FULL is not set
> # CONFIG_FUTEX is not set
> # CONFIG_EPOLL is not set
> # CONFIG_SIGNALFD is not set
> # CONFIG_TIMERFD is not set
> # CONFIG_EVENTFD is not set
> # CONFIG_SHMEM is not set
> # CONFIG_AIO is not set
> CONFIG_EMBEDDED=y
> CONFIG_HAVE_PERF_EVENTS=y
> 
> #
> # Kernel Performance Events And Counters
> #
> CONFIG_PERF_EVENTS=y
> # CONFIG_DEBUG_PERF_USE_VMALLOC is not set
> # CONFIG_VM_EVENT_COUNTERS is not set
> # CONFIG_COMPAT_BRK is not set
> # CONFIG_SLAB is not set
> CONFIG_SLUB=y
> # CONFIG_SLOB is not set
> # CONFIG_PROFILING is not set
> CONFIG_HAVE_OPROFILE=y
> CONFIG_OPROFILE_NMI_TIMER=y
> # CONFIG_KPROBES is not set
> # CONFIG_JUMP_LABEL is not set
> # CONFIG_UPROBES is not set
> # CONFIG_HAVE_64BIT_ALIGNED_ACCESS is not set
> CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y
> CONFIG_ARCH_USE_BUILTIN_BSWAP=y
> CONFIG_HAVE_IOREMAP_PROT=y
> CONFIG_HAVE_KPROBES=y
> CONFIG_HAVE_KRETPROBES=y
> CONFIG_HAVE_OPTPROBES=y
> CONFIG_HAVE_KPROBES_ON_FTRACE=y
> CONFIG_HAVE_ARCH_TRACEHOOK=y
> CONFIG_HAVE_DMA_ATTRS=y
> CONFIG_GENERIC_SMP_IDLE_THREAD=y
> CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y
> CONFIG_HAVE_DMA_API_DEBUG=y
> CONFIG_HAVE_HW_BREAKPOINT=y
> CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y
> CONFIG_HAVE_USER_RETURN_NOTIFIER=y
> CONFIG_HAVE_PERF_EVENTS_NMI=y
> CONFIG_HAVE_PERF_REGS=y
> CONFIG_HAVE_PERF_USER_STACK_DUMP=y
> CONFIG_HAVE_ARCH_JUMP_LABEL=y
> CONFIG_ARCH_HAVE_NMI_SAFE_CMPXCHG=y
> CONFIG_HAVE_ALIGNED_STRUCT_PAGE=y
> CONFIG_HAVE_CMPXCHG_LOCAL=y
> CONFIG_HAVE_CMPXCHG_DOUBLE=y
> CONFIG_HAVE_ARCH_SECCOMP_FILTER=y
> CONFIG_HAVE_CC_STACKPROTECTOR=y
> # CONFIG_CC_STACKPROTECTOR is not set
> CONFIG_CC_STACKPROTECTOR_NONE=y
> # CONFIG_CC_STACKPROTECTOR_REGULAR is not set
> # CONFIG_CC_STACKPROTECTOR_STRONG is not set
> CONFIG_HAVE_CONTEXT_TRACKING=y
> CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y
> CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y
> CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE=y
> CONFIG_HAVE_ARCH_SOFT_DIRTY=y
> CONFIG_MODULES_USE_ELF_RELA=y
> CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y
> 
> #
> # GCOV-based kernel profiling
> #
> # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set
> CONFIG_BASE_SMALL=1
> CONFIG_MODULES=y
> # CONFIG_MODULE_FORCE_LOAD is not set
> # CONFIG_MODULE_UNLOAD is not set
> # CONFIG_MODVERSIONS is not set
> # CONFIG_MODULE_SRCVERSION_ALL is not set
> # CONFIG_MODULE_SIG is not set
> CONFIG_BLOCK=y
> CONFIG_BLK_DEV_BSG=y
> # CONFIG_BLK_DEV_BSGLIB is not set
> # CONFIG_BLK_DEV_INTEGRITY is not set
> # CONFIG_BLK_CMDLINE_PARSER is not set
> 
> #
> # Partition Types
> #
> # CONFIG_PARTITION_ADVANCED is not set
> CONFIG_MSDOS_PARTITION=y
> CONFIG_EFI_PARTITION=y
> 
> #
> # IO Schedulers
> #
> CONFIG_IOSCHED_NOOP=y
> CONFIG_IOSCHED_DEADLINE=y
> CONFIG_IOSCHED_CFQ=y
> # CONFIG_DEFAULT_DEADLINE is not set
> CONFIG_DEFAULT_CFQ=y
> # CONFIG_DEFAULT_NOOP is not set
> CONFIG_DEFAULT_IOSCHED="cfq"
> CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
> CONFIG_INLINE_READ_UNLOCK=y
> CONFIG_INLINE_READ_UNLOCK_IRQ=y
> CONFIG_INLINE_WRITE_UNLOCK=y
> CONFIG_INLINE_WRITE_UNLOCK_IRQ=y
> # CONFIG_FREEZER is not set
> 
> #
> # Processor type and features
> #
> # CONFIG_ZONE_DMA is not set
> # CONFIG_SMP is not set
> CONFIG_X86_MPPARSE=y
> # CONFIG_X86_EXTENDED_PLATFORM is not set
> # CONFIG_SCHED_OMIT_FRAME_POINTER is not set
> # CONFIG_HYPERVISOR_GUEST is not set
> CONFIG_NO_BOOTMEM=y
> # CONFIG_MEMTEST is not set
> # CONFIG_M486 is not set
> # CONFIG_M586 is not set
> # CONFIG_M586TSC is not set
> # CONFIG_M586MMX is not set
> # CONFIG_M686 is not set
> # CONFIG_MPENTIUMII is not set
> # CONFIG_MPENTIUMIII is not set
> # CONFIG_MPENTIUMM is not set
> # CONFIG_MPENTIUM4 is not set
> # CONFIG_MK6 is not set
> # CONFIG_MK7 is not set
> # CONFIG_MK8 is not set
> # CONFIG_MCRUSOE is not set
> # CONFIG_MEFFICEON is not set
> # CONFIG_MWINCHIPC6 is not set
> # CONFIG_MWINCHIP3D is not set
> # CONFIG_MELAN is not set
> # CONFIG_MGEODEGX1 is not set
> # CONFIG_MGEODE_LX is not set
> # CONFIG_MCYRIXIII is not set
> # CONFIG_MVIAC3_2 is not set
> # CONFIG_MVIAC7 is not set
> # CONFIG_MPSC is not set
> # CONFIG_MCORE2 is not set
> # CONFIG_MATOM is not set
> CONFIG_GENERIC_CPU=y
> CONFIG_X86_INTERNODE_CACHE_SHIFT=6
> CONFIG_X86_L1_CACHE_SHIFT=6
> CONFIG_X86_TSC=y
> CONFIG_X86_CMPXCHG64=y
> CONFIG_X86_CMOV=y
> CONFIG_X86_MINIMUM_CPU_FAMILY=64
> CONFIG_X86_DEBUGCTLMSR=y
> # CONFIG_PROCESSOR_SELECT is not set
> CONFIG_CPU_SUP_INTEL=y
> CONFIG_CPU_SUP_AMD=y
> CONFIG_CPU_SUP_CENTAUR=y
> CONFIG_HPET_TIMER=y
> # CONFIG_DMI is not set
> CONFIG_SWIOTLB=y
> CONFIG_IOMMU_HELPER=y
> CONFIG_NR_CPUS=1
> CONFIG_PREEMPT_NONE=y
> # CONFIG_PREEMPT_VOLUNTARY is not set
> # CONFIG_PREEMPT is not set
> CONFIG_X86_LOCAL_APIC=y
> CONFIG_X86_IO_APIC=y
> # CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS is not set
> # CONFIG_X86_MCE is not set
> # CONFIG_I8K is not set
> # CONFIG_MICROCODE is not set
> # CONFIG_MICROCODE_INTEL_EARLY is not set
> # CONFIG_MICROCODE_AMD_EARLY is not set
> # CONFIG_X86_MSR is not set
> # CONFIG_X86_CPUID is not set
> # CONFIG_NOHIGHMEM is not set
> # CONFIG_HIGHMEM4G is not set
> # CONFIG_HIGHMEM64G is not set
> # CONFIG_VMSPLIT_3G is not set
> # CONFIG_VMSPLIT_3G_OPT is not set
> # CONFIG_VMSPLIT_2G is not set
> # CONFIG_VMSPLIT_2G_OPT is not set
> # CONFIG_VMSPLIT_1G is not set
> CONFIG_ARCH_PHYS_ADDR_T_64BIT=y
> CONFIG_ARCH_DMA_ADDR_T_64BIT=y
> CONFIG_DIRECT_GBPAGES=y
> CONFIG_ARCH_SPARSEMEM_ENABLE=y
> CONFIG_ARCH_SPARSEMEM_DEFAULT=y
> CONFIG_ARCH_SELECT_MEMORY_MODEL=y
> CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000
> CONFIG_SELECT_MEMORY_MODEL=y
> # CONFIG_FLATMEM_MANUAL is not set
> CONFIG_SPARSEMEM_MANUAL=y
> CONFIG_SPARSEMEM=y
> CONFIG_HAVE_MEMORY_PRESENT=y
> CONFIG_SPARSEMEM_EXTREME=y
> CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y
> CONFIG_SPARSEMEM_ALLOC_MEM_MAP_TOGETHER=y
> CONFIG_SPARSEMEM_VMEMMAP=y
> CONFIG_HAVE_MEMBLOCK=y
> CONFIG_HAVE_MEMBLOCK_NODE_MAP=y
> CONFIG_ARCH_DISCARD_MEMBLOCK=y
> # CONFIG_HAVE_BOOTMEM_INFO_NODE is not set
> # CONFIG_MEMORY_HOTPLUG is not set
> CONFIG_PAGEFLAGS_EXTENDED=y
> CONFIG_SPLIT_PTLOCK_CPUS=4
> CONFIG_ARCH_ENABLE_SPLIT_PMD_PTLOCK=y
> # CONFIG_COMPACTION is not set
> CONFIG_PHYS_ADDR_T_64BIT=y
> CONFIG_ZONE_DMA_FLAG=0
> CONFIG_VIRT_TO_BUS=y
> # CONFIG_KSM is not set
> CONFIG_DEFAULT_MMAP_MIN_ADDR=4096
> # CONFIG_TRANSPARENT_HUGEPAGE is not set
> # CONFIG_CROSS_MEMORY_ATTACH is not set
> CONFIG_NEED_PER_CPU_KM=y
> # CONFIG_CLEANCACHE is not set
> # CONFIG_FRONTSWAP is not set
> # CONFIG_CMA is not set
> # CONFIG_ZBUD is not set
> # CONFIG_ZSMALLOC is not set
> CONFIG_GENERIC_EARLY_IOREMAP=y
> # CONFIG_X86_CHECK_BIOS_CORRUPTION is not set
> CONFIG_X86_RESERVE_LOW=64
> # CONFIG_MTRR is not set
> # CONFIG_ARCH_RANDOM is not set
> # CONFIG_X86_SMAP is not set
> # CONFIG_SECCOMP is not set
> # CONFIG_HZ_100 is not set
> CONFIG_HZ_250=y
> # CONFIG_HZ_300 is not set
> # CONFIG_HZ_1000 is not set
> CONFIG_HZ=250
> # CONFIG_SCHED_HRTICK is not set
> # CONFIG_KEXEC is not set
> # CONFIG_CRASH_DUMP is not set
> CONFIG_PHYSICAL_START=0x1000000
> # CONFIG_RELOCATABLE is not set
> CONFIG_PHYSICAL_ALIGN=0x200000
> # CONFIG_CMDLINE_BOOL is not set
> CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y
> 
> #
> # Power management and ACPI options
> #
> # CONFIG_SUSPEND is not set
> # CONFIG_HIBERNATION is not set
> # CONFIG_PM_RUNTIME is not set
> # CONFIG_SFI is not set
> 
> #
> # CPU Frequency scaling
> #
> # CONFIG_CPU_FREQ is not set
> 
> #
> # CPU Idle
> #
> # CONFIG_CPU_IDLE is not set
> # CONFIG_ARCH_NEEDS_CPU_IDLE_COUPLED is not set
> 
> #
> # Memory power savings
> #
> # CONFIG_I7300_IDLE is not set
> 
> #
> # Bus options (PCI etc.)
> #
> # CONFIG_PCI is not set
> CONFIG_ISA_DMA_API=y
> # CONFIG_PCCARD is not set
> # CONFIG_X86_SYSFB is not set
> 
> #
> # Executable file formats / Emulations
> #
> # CONFIG_BINFMT_ELF is not set
> CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE=y
> # CONFIG_BINFMT_SCRIPT is not set
> # CONFIG_HAVE_AOUT is not set
> # CONFIG_BINFMT_MISC is not set
> # CONFIG_COREDUMP is not set
> # CONFIG_IA32_EMULATION is not set
> CONFIG_X86_DEV_DMA_OPS=y
> # CONFIG_NET is not set
> CONFIG_HAVE_BPF_JIT=y
> 
> #
> # Device Drivers
> #
> 
> #
> # Generic Driver Options
> #
> CONFIG_UEVENT_HELPER_PATH=""
> # CONFIG_DEVTMPFS is not set
> # CONFIG_STANDALONE is not set
> # CONFIG_PREVENT_FIRMWARE_BUILD is not set
> # CONFIG_FW_LOADER is not set
> # CONFIG_DEBUG_DRIVER is not set
> # CONFIG_DEBUG_DEVRES is not set
> # CONFIG_SYS_HYPERVISOR is not set
> # CONFIG_GENERIC_CPU_DEVICES is not set
> CONFIG_GENERIC_CPU_AUTOPROBE=y
> # CONFIG_DMA_SHARED_BUFFER is not set
> 
> #
> # Bus devices
> #
> # CONFIG_MTD is not set
> # CONFIG_PARPORT is not set
> CONFIG_ARCH_MIGHT_HAVE_PC_PARPORT=y
> CONFIG_BLK_DEV=y
> # CONFIG_BLK_DEV_NULL_BLK is not set
> # CONFIG_BLK_DEV_FD is not set
> # CONFIG_BLK_DEV_COW_COMMON is not set
> CONFIG_BLK_DEV_LOOP=m
> CONFIG_BLK_DEV_LOOP_MIN_COUNT=8
> # CONFIG_BLK_DEV_CRYPTOLOOP is not set
> 
> #
> # DRBD disabled because PROC_FS or INET not selected
> #
> # CONFIG_BLK_DEV_RAM is not set
> # CONFIG_CDROM_PKTCDVD is not set
> # CONFIG_BLK_DEV_HD is not set
> 
> #
> # Misc devices
> #
> # CONFIG_DUMMY_IRQ is not set
> # CONFIG_ATMEL_SSC is not set
> # CONFIG_ENCLOSURE_SERVICES is not set
> # CONFIG_SRAM is not set
> # CONFIG_C2PORT is not set
> 
> #
> # EEPROM support
> #
> # CONFIG_EEPROM_93CX6 is not set
> 
> #
> # Texas Instruments shared transport line discipline
> #
> 
> #
> # Altera FPGA firmware download module
> #
> 
> #
> # Intel MIC Host Driver
> #
> 
> #
> # Intel MIC Card Driver
> #
> # CONFIG_INTEL_MIC_CARD is not set
> # CONFIG_ECHO is not set
> CONFIG_HAVE_IDE=y
> # CONFIG_IDE is not set
> 
> #
> # SCSI device support
> #
> CONFIG_SCSI_MOD=y
> # CONFIG_RAID_ATTRS is not set
> # CONFIG_SCSI is not set
> # CONFIG_SCSI_DMA is not set
> # CONFIG_SCSI_NETLINK is not set
> # CONFIG_ATA is not set
> # CONFIG_MD is not set
> # CONFIG_MACINTOSH_DRIVERS is not set
> 
> #
> # Input device support
> #
> # CONFIG_INPUT is not set
> 
> #
> # Hardware I/O ports
> #
> # CONFIG_SERIO is not set
> CONFIG_ARCH_MIGHT_HAVE_PC_SERIO=y
> # CONFIG_GAMEPORT is not set
> 
> #
> # Character devices
> #
> # CONFIG_TTY is not set
> # CONFIG_DEVKMEM is not set
> # CONFIG_IPMI_HANDLER is not set
> # CONFIG_HW_RANDOM is not set
> # CONFIG_NVRAM is not set
> # CONFIG_RAW_DRIVER is not set
> # CONFIG_HANGCHECK_TIMER is not set
> # CONFIG_TCG_TPM is not set
> # CONFIG_TELCLOCK is not set
> # CONFIG_I2C is not set
> # CONFIG_SPI is not set
> # CONFIG_SPMI is not set
> # CONFIG_HSI is not set
> 
> #
> # PPS support
> #
> # CONFIG_PPS is not set
> 
> #
> # PPS generators support
> #
> 
> #
> # PTP clock support
> #
> 
> #
> # Enable PHYLIB and NETWORK_PHY_TIMESTAMPING to see the additional clocks.
> #
> CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y
> # CONFIG_GPIOLIB is not set
> # CONFIG_W1 is not set
> # CONFIG_POWER_SUPPLY is not set
> # CONFIG_POWER_AVS is not set
> # CONFIG_HWMON is not set
> # CONFIG_THERMAL is not set
> # CONFIG_WATCHDOG is not set
> CONFIG_SSB_POSSIBLE=y
> 
> #
> # Sonics Silicon Backplane
> #
> # CONFIG_SSB is not set
> CONFIG_BCMA_POSSIBLE=y
> 
> #
> # Broadcom specific AMBA
> #
> # CONFIG_BCMA is not set
> 
> #
> # Multifunction device drivers
> #
> # CONFIG_MFD_CORE is not set
> # CONFIG_MFD_CROS_EC is not set
> # CONFIG_HTC_PASIC3 is not set
> # CONFIG_MFD_KEMPLD is not set
> # CONFIG_MFD_SM501 is not set
> # CONFIG_ABX500_CORE is not set
> # CONFIG_MFD_SYSCON is not set
> # CONFIG_MFD_TI_AM335X_TSCADC is not set
> # CONFIG_MFD_TMIO is not set
> # CONFIG_REGULATOR is not set
> # CONFIG_MEDIA_SUPPORT is not set
> 
> #
> # Graphics support
> #
> 
> #
> # Direct Rendering Manager
> #
> # CONFIG_DRM is not set
> 
> #
> # Frame buffer Devices
> #
> # CONFIG_FB is not set
> # CONFIG_EXYNOS_VIDEO is not set
> # CONFIG_BACKLIGHT_LCD_SUPPORT is not set
> # CONFIG_VGASTATE is not set
> # CONFIG_SOUND is not set
> CONFIG_USB_OHCI_LITTLE_ENDIAN=y
> # CONFIG_USB_SUPPORT is not set
> # CONFIG_MMC is not set
> # CONFIG_MEMSTICK is not set
> # CONFIG_NEW_LEDS is not set
> # CONFIG_ACCESSIBILITY is not set
> # CONFIG_EDAC is not set
> CONFIG_RTC_LIB=y
> # CONFIG_RTC_CLASS is not set
> # CONFIG_DMADEVICES is not set
> # CONFIG_AUXDISPLAY is not set
> # CONFIG_UIO is not set
> # CONFIG_VIRT_DRIVERS is not set
> 
> #
> # Virtio drivers
> #
> # CONFIG_VIRTIO_MMIO is not set
> 
> #
> # Microsoft Hyper-V guest support
> #
> # CONFIG_STAGING is not set
> # CONFIG_X86_PLATFORM_DEVICES is not set
> # CONFIG_CHROME_PLATFORMS is not set
> 
> #
> # Hardware Spinlock drivers
> #
> CONFIG_CLKEVT_I8253=y
> CONFIG_CLKBLD_I8253=y
> # CONFIG_SH_TIMER_CMT is not set
> # CONFIG_SH_TIMER_MTU2 is not set
> # CONFIG_SH_TIMER_TMU is not set
> # CONFIG_EM_TIMER_STI is not set
> # CONFIG_MAILBOX is not set
> # CONFIG_IOMMU_SUPPORT is not set
> 
> #
> # Remoteproc drivers
> #
> # CONFIG_STE_MODEM_RPROC is not set
> 
> #
> # Rpmsg drivers
> #
> # CONFIG_PM_DEVFREQ is not set
> # CONFIG_EXTCON is not set
> # CONFIG_MEMORY is not set
> # CONFIG_IIO is not set
> # CONFIG_PWM is not set
> # CONFIG_IPACK_BUS is not set
> # CONFIG_RESET_CONTROLLER is not set
> # CONFIG_FMC is not set
> 
> #
> # PHY Subsystem
> #
> # CONFIG_GENERIC_PHY is not set
> # CONFIG_PHY_SAMSUNG_USB2 is not set
> # CONFIG_POWERCAP is not set
> # CONFIG_MCB is not set
> 
> #
> # Firmware Drivers
> #
> # CONFIG_EDD is not set
> # CONFIG_FIRMWARE_MEMMAP is not set
> # CONFIG_DELL_RBU is not set
> # CONFIG_DCDBAS is not set
> # CONFIG_GOOGLE_FIRMWARE is not set
> 
> #
> # File systems
> #
> CONFIG_DCACHE_WORD_ACCESS=y
> # CONFIG_EXT2_FS is not set
> # CONFIG_EXT3_FS is not set
> # CONFIG_EXT4_FS is not set
> # CONFIG_REISERFS_FS is not set
> # CONFIG_JFS_FS is not set
> # CONFIG_XFS_FS is not set
> # CONFIG_GFS2_FS is not set
> # CONFIG_BTRFS_FS is not set
> # CONFIG_NILFS2_FS is not set
> # CONFIG_FS_POSIX_ACL is not set
> # CONFIG_FILE_LOCKING is not set
> # CONFIG_FSNOTIFY is not set
> # CONFIG_DNOTIFY is not set
> # CONFIG_INOTIFY_USER is not set
> # CONFIG_FANOTIFY is not set
> # CONFIG_QUOTA is not set
> # CONFIG_QUOTACTL is not set
> # CONFIG_AUTOFS4_FS is not set
> # CONFIG_FUSE_FS is not set
> 
> #
> # Caches
> #
> # CONFIG_FSCACHE is not set
> 
> #
> # CD-ROM/DVD Filesystems
> #
> # CONFIG_ISO9660_FS is not set
> # CONFIG_UDF_FS is not set
> 
> #
> # DOS/FAT/NT Filesystems
> #
> # CONFIG_MSDOS_FS is not set
> # CONFIG_VFAT_FS is not set
> # CONFIG_NTFS_FS is not set
> 
> #
> # Pseudo filesystems
> #
> # CONFIG_PROC_FS is not set
> # CONFIG_KERNFS is not set
> # CONFIG_SYSFS is not set
> # CONFIG_HUGETLBFS is not set
> # CONFIG_HUGETLB_PAGE is not set
> # CONFIG_CONFIGFS_FS is not set
> # CONFIG_MISC_FILESYSTEMS is not set
> # CONFIG_NLS is not set
> 
> #
> # Kernel hacking
> #
> CONFIG_TRACE_IRQFLAGS_SUPPORT=y
> 
> #
> # printk and dmesg options
> #
> CONFIG_DEFAULT_MESSAGE_LOGLEVEL=4
> 
> #
> # Compile-time checks and compiler options
> #
> # CONFIG_DEBUG_INFO is not set
> # CONFIG_ENABLE_WARN_DEPRECATED is not set
> # CONFIG_ENABLE_MUST_CHECK is not set
> CONFIG_FRAME_WARN=1024
> # CONFIG_STRIP_ASM_SYMS is not set
> # CONFIG_READABLE_ASM is not set
> # CONFIG_UNUSED_SYMBOLS is not set
> # CONFIG_DEBUG_FS is not set
> # CONFIG_HEADERS_CHECK is not set
> # CONFIG_DEBUG_SECTION_MISMATCH is not set
> CONFIG_ARCH_WANT_FRAME_POINTERS=y
> # CONFIG_FRAME_POINTER is not set
> # CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set
> # CONFIG_MAGIC_SYSRQ is not set
> CONFIG_DEBUG_KERNEL=y
> 
> #
> # Memory Debugging
> #
> # CONFIG_DEBUG_PAGEALLOC is not set
> # CONFIG_DEBUG_OBJECTS is not set
> CONFIG_HAVE_DEBUG_KMEMLEAK=y
> # CONFIG_DEBUG_KMEMLEAK is not set
> # CONFIG_DEBUG_STACK_USAGE is not set
> # CONFIG_DEBUG_VM is not set
> # CONFIG_DEBUG_VIRTUAL is not set
> # CONFIG_DEBUG_MEMORY_INIT is not set
> CONFIG_HAVE_DEBUG_STACKOVERFLOW=y
> # CONFIG_DEBUG_STACKOVERFLOW is not set
> CONFIG_HAVE_ARCH_KMEMCHECK=y
> # CONFIG_KMEMCHECK is not set
> # CONFIG_DEBUG_SHIRQ is not set
> 
> #
> # Debug Lockups and Hangs
> #
> # CONFIG_LOCKUP_DETECTOR is not set
> # CONFIG_DETECT_HUNG_TASK is not set
> # CONFIG_PANIC_ON_OOPS is not set
> CONFIG_PANIC_ON_OOPS_VALUE=0
> CONFIG_PANIC_TIMEOUT=0
> 
> #
> # Lock Debugging (spinlocks, mutexes, etc...)
> #
> # CONFIG_DEBUG_SPINLOCK is not set
> # CONFIG_DEBUG_MUTEXES is not set
> # CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set
> # CONFIG_DEBUG_LOCK_ALLOC is not set
> # CONFIG_PROVE_LOCKING is not set
> # CONFIG_LOCK_STAT is not set
> # CONFIG_DEBUG_ATOMIC_SLEEP is not set
> # CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set
> # CONFIG_LOCK_TORTURE_TEST is not set
> # CONFIG_DEBUG_KOBJECT is not set
> # CONFIG_DEBUG_LIST is not set
> # CONFIG_DEBUG_SG is not set
> # CONFIG_DEBUG_NOTIFIERS is not set
> # CONFIG_DEBUG_CREDENTIALS is not set
> 
> #
> # RCU Debugging
> #
> # CONFIG_SPARSE_RCU_POINTER is not set
> # CONFIG_TORTURE_TEST is not set
> # CONFIG_RCU_TORTURE_TEST is not set
> # CONFIG_RCU_TRACE is not set
> # CONFIG_DEBUG_BLOCK_EXT_DEVT is not set
> # CONFIG_NOTIFIER_ERROR_INJECTION is not set
> # CONFIG_FAULT_INJECTION is not set
> CONFIG_ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS=y
> # CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is not set
> CONFIG_USER_STACKTRACE_SUPPORT=y
> CONFIG_HAVE_FUNCTION_TRACER=y
> CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y
> CONFIG_HAVE_FUNCTION_GRAPH_FP_TEST=y
> CONFIG_HAVE_FUNCTION_TRACE_MCOUNT_TEST=y
> CONFIG_HAVE_DYNAMIC_FTRACE=y
> CONFIG_HAVE_DYNAMIC_FTRACE_WITH_REGS=y
> CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y
> CONFIG_HAVE_SYSCALL_TRACEPOINTS=y
> CONFIG_HAVE_FENTRY=y
> CONFIG_HAVE_C_RECORDMCOUNT=y
> CONFIG_TRACING_SUPPORT=y
> # CONFIG_FTRACE is not set
> 
> #
> # Runtime Testing
> #
> # CONFIG_TEST_LIST_SORT is not set
> # CONFIG_BACKTRACE_SELF_TEST is not set
> # CONFIG_RBTREE_TEST is not set
> # CONFIG_INTERVAL_TREE_TEST is not set
> # CONFIG_PERCPU_TEST is not set
> # CONFIG_ATOMIC64_SELFTEST is not set
> # CONFIG_TEST_STRING_HELPERS is not set
> # CONFIG_TEST_KSTRTOX is not set
> # CONFIG_DMA_API_DEBUG is not set
> # CONFIG_TEST_MODULE is not set
> # CONFIG_TEST_USER_COPY is not set
> # CONFIG_SAMPLES is not set
> CONFIG_HAVE_ARCH_KGDB=y
> # CONFIG_KGDB is not set
> # CONFIG_STRICT_DEVMEM is not set
> # CONFIG_X86_VERBOSE_BOOTUP is not set
> # CONFIG_EARLY_PRINTK is not set
> # CONFIG_X86_PTDUMP is not set
> # CONFIG_DEBUG_RODATA is not set
> # CONFIG_DEBUG_SET_MODULE_RONX is not set
> # CONFIG_DEBUG_NX_TEST is not set
> # CONFIG_DOUBLEFAULT is not set
> # CONFIG_DEBUG_TLBFLUSH is not set
> # CONFIG_IOMMU_STRESS is not set
> CONFIG_HAVE_MMIOTRACE_SUPPORT=y
> CONFIG_IO_DELAY_TYPE_0X80=0
> CONFIG_IO_DELAY_TYPE_0XED=1
> CONFIG_IO_DELAY_TYPE_UDELAY=2
> CONFIG_IO_DELAY_TYPE_NONE=3
> CONFIG_IO_DELAY_0X80=y
> # CONFIG_IO_DELAY_0XED is not set
> # CONFIG_IO_DELAY_UDELAY is not set
> # CONFIG_IO_DELAY_NONE is not set
> CONFIG_DEFAULT_IO_DELAY_TYPE=0
> # CONFIG_CPA_DEBUG is not set
> # CONFIG_OPTIMIZE_INLINING is not set
> # CONFIG_DEBUG_NMI_SELFTEST is not set
> # CONFIG_X86_DEBUG_STATIC_CPU_HAS is not set
> 
> #
> # Security options
> #
> # CONFIG_KEYS is not set
> # CONFIG_SECURITY_DMESG_RESTRICT is not set
> # CONFIG_SECURITYFS is not set
> CONFIG_DEFAULT_SECURITY_DAC=y
> CONFIG_DEFAULT_SECURITY=""
> # CONFIG_CRYPTO is not set
> CONFIG_HAVE_KVM=y
> # CONFIG_VIRTUALIZATION is not set
> # CONFIG_BINARY_PRINTF is not set
> 
> #
> # Library routines
> #
> CONFIG_BITREVERSE=y
> CONFIG_GENERIC_STRNCPY_FROM_USER=y
> CONFIG_GENERIC_STRNLEN_USER=y
> CONFIG_GENERIC_FIND_FIRST_BIT=y
> CONFIG_GENERIC_PCI_IOMAP=y
> CONFIG_GENERIC_IOMAP=y
> CONFIG_GENERIC_IO=y
> CONFIG_ARCH_USE_CMPXCHG_LOCKREF=y
> # CONFIG_CRC_CCITT is not set
> # CONFIG_CRC16 is not set
> # CONFIG_CRC_T10DIF is not set
> # CONFIG_CRC_ITU_T is not set
> CONFIG_CRC32=y
> # CONFIG_CRC32_SELFTEST is not set
> CONFIG_CRC32_SLICEBY8=y
> # CONFIG_CRC32_SLICEBY4 is not set
> # CONFIG_CRC32_SARWATE is not set
> # CONFIG_CRC32_BIT is not set
> # CONFIG_CRC7 is not set
> # CONFIG_LIBCRC32C is not set
> # CONFIG_CRC8 is not set
> # CONFIG_AUDIT_ARCH_COMPAT_GENERIC is not set
> # CONFIG_RANDOM32_SELFTEST is not set
> # CONFIG_XZ_DEC is not set
> # CONFIG_XZ_DEC_BCJ is not set
> CONFIG_HAS_IOMEM=y
> CONFIG_HAS_IOPORT_MAP=y
> CONFIG_HAS_DMA=y
> CONFIG_ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE=y
> # CONFIG_AVERAGE is not set
> # CONFIG_CORDIC is not set
> # CONFIG_DDR is not set

Re: [RFC PATCH 0/2] Loop device psuedo filesystem

[Shea Levy]

OK, compiling with BLK_DEV_LOOP=y (on top of 3.16.2), I was able to
mount loopfs, request a loop device from loop-control, and associate it
with an image with an ext4 partition with losetup, but mount still gives
EPERM (all as root in a userns started from an unprivileged account). Is
this expected? I do have read and write permissions to the resultant
loop device. If this is expected, what would be needed to be able to
mount the device?

Also, this isn't an issue exactly, but the free devices started at 8
(presumably because I have /dev/loop[0-7]) and appear in /dev in the
root ns (presumably via udev) until I unmounted.

~Shea

On Mon, Sep 15, 2014 at 07:20:52PM -0400, Shea Levy wrote:
> Hi Seth,
> 
> I applied your patches to 3.15-rc7, and had the same problem, the build
> fails with:
> 
> > make[3]: *** No rule to make target `fs/loopfs/loopfs.c', needed by `fs/loopfs/loopfs.o'.  Stop.
> 
> I've attached the config I used, I generated it via make allnoconfig and
> then enabled MODULES, BLK, BLK_DEV, and BLK_DEV_LOOP=m in make nconfig.
> 
> The build succeeds if I set BLK_DEV_LOOP=y, so I'll go ahead with my
> testing using that.
> 
> ~Shea
> 
> On Mon, Sep 15, 2014 at 03:55:32PM -0500, Seth Forshee wrote:
> > On Mon, Sep 15, 2014 at 04:38:44PM -0400, Shea Levy wrote:
> > > Hi,
> > > 
> > > I wanted to test these patches (to support creating and filling a disk
> > > image containing a btrfs filesystem and several subvolumes as an
> > > unprivileged user), but the build fails due to what looks like a missing
> > > loopfs.c in fs/loopfs (or alternatively an erroneous line in
> > > fs/loopfs/Makefile). I built based off of 3.17-rc5.
> > 
> > There's no loopfs.c, loopfs.o gets built from inode.o which is in turn
> > built from inode.c. I'm pretty sure the patches built when I posted
> > them, which seems to be 3.15-rc7 based on the branch I've got here.
> > 
> > Seth
> > 
> > > 
> > > ~Shea
> > > 
> > > 
> > > On Tue, May 27, 2014 at 11:58:54PM +0200, Seth Forshee wrote:
> > > > I'm posting these patches in response to the ongoing discussion of loop
> > > > devices in containers at [1].
> > > > 
> > > > The patches implement a psuedo filesystem for loop devices, which will
> > > > allow use of loop devices in containters using standard utilities. Under
> > > > normal use a loopfs mount will initially contain a single device node
> > > > for loop-control which can be used to request and release loop devices.
> > > > Any devices allocated via this node will automatically appear in that
> > > > loopfs mount (and in devtmpfs) but not in any other loopfs mounts.
> > > > CAP_SYS_ADMIN in the userns of the process which performed the mount is
> > > > allowed to perform privileged loop ioctls on these devices.
> > > > 
> > > > Alternately loopfs can be mounted with the hostmount option, intended
> > > > for mounting /dev/loop in the host. This is the default mount for any
> > > > devices not created via loop-control in a loopfs mount (e.g. devices
> > > > created during driver init, devices created via /dev/loop-control, etc).
> > > > This is only available to system-wide CAP_SYS_ADMIN.
> > > > 
> > > > I still have some testing to do on these patches, but they work at
> > > > minimum for simple use cases. It's possible to use an unmodified losetup
> > > > if it's new enough to know about loop-control, with a couple of caveats:
> > > > 
> > > >  * /dev/loop-control must be symlinked to /dev/loop/loop-control
> > > >  * In some cases losetup attempts to use /dev/loopN when the device node
> > > >    is at /dev/loop/N. For example, 'losetup -f disk.img' fails.
> > > > 
> > > > Device nodes for loop partitions are not created in loopfs. These
> > > > devices are created by the generic block layer, and the loop driver has
> > > > no way of knowing when they are created, so some kind of hook into the
> > > > driver will be needed to support this.
> > > > 
> > > > Thanks,
> > > > Seth
> > > > 
> > > > [1] http://article.gmane.org/gmane.linux.kernel/1703988
> > > > 
> > > > Seth Forshee (2):
> > > >   loop: Add loop filesystem
> > > >   loop: Permit priveleged operations within user namespaces
> > > > 
> > > >  drivers/block/loop.c       | 137 +++++++++++++----
> > > >  drivers/block/loop.h       |   2 +
> > > >  fs/Makefile                |   1 +
> > > >  fs/loopfs/Makefile         |   6 +
> > > >  fs/loopfs/inode.c          | 360 +++++++++++++++++++++++++++++++++++++++++++++
> > > >  include/linux/loopfs.h     |  53 +++++++
> > > >  include/uapi/linux/magic.h |   1 +
> > > >  7 files changed, 535 insertions(+), 25 deletions(-)
> > > >  create mode 100644 fs/loopfs/Makefile
> > > >  create mode 100644 fs/loopfs/inode.c
> > > >  create mode 100644 include/linux/loopfs.h
> > > > 
> > > > --
> > > > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> > > > the body of a message to majordomo@vger.kernel.org
> > > > More majordomo info at  http://vger.kernel.org/majordomo-info.html
> > > > Please read the FAQ at  http://www.tux.org/lkml/
> > > > 
> > > > 

> #
> # Automatically generated file; DO NOT EDIT.
> # Linux/x86 3.15.0-rc7 Kernel Configuration
> #
> CONFIG_64BIT=y
> CONFIG_X86_64=y
> CONFIG_X86=y
> CONFIG_INSTRUCTION_DECODER=y
> CONFIG_OUTPUT_FORMAT="elf64-x86-64"
> CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig"
> CONFIG_LOCKDEP_SUPPORT=y
> CONFIG_STACKTRACE_SUPPORT=y
> CONFIG_HAVE_LATENCYTOP_SUPPORT=y
> CONFIG_MMU=y
> CONFIG_NEED_DMA_MAP_STATE=y
> CONFIG_NEED_SG_DMA_LENGTH=y
> CONFIG_GENERIC_ISA_DMA=y
> CONFIG_GENERIC_HWEIGHT=y
> CONFIG_ARCH_MAY_HAVE_PC_FDC=y
> CONFIG_RWSEM_XCHGADD_ALGORITHM=y
> CONFIG_GENERIC_CALIBRATE_DELAY=y
> CONFIG_ARCH_HAS_CPU_RELAX=y
> CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y
> CONFIG_HAVE_SETUP_PER_CPU_AREA=y
> CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y
> CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y
> CONFIG_ARCH_HIBERNATION_POSSIBLE=y
> CONFIG_ARCH_SUSPEND_POSSIBLE=y
> CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y
> CONFIG_ARCH_WANT_GENERAL_HUGETLB=y
> CONFIG_ZONE_DMA32=y
> CONFIG_AUDIT_ARCH=y
> CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y
> CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y
> CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11"
> CONFIG_ARCH_SUPPORTS_UPROBES=y
> CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config"
> CONFIG_IRQ_WORK=y
> CONFIG_BUILDTIME_EXTABLE_SORT=y
> 
> #
> # General setup
> #
> CONFIG_BROKEN_ON_SMP=y
> CONFIG_INIT_ENV_ARG_LIMIT=32
> CONFIG_CROSS_COMPILE=""
> # CONFIG_COMPILE_TEST is not set
> CONFIG_LOCALVERSION=""
> # CONFIG_LOCALVERSION_AUTO is not set
> CONFIG_HAVE_KERNEL_GZIP=y
> CONFIG_HAVE_KERNEL_BZIP2=y
> CONFIG_HAVE_KERNEL_LZMA=y
> CONFIG_HAVE_KERNEL_XZ=y
> CONFIG_HAVE_KERNEL_LZO=y
> CONFIG_HAVE_KERNEL_LZ4=y
> CONFIG_KERNEL_GZIP=y
> # CONFIG_KERNEL_BZIP2 is not set
> # CONFIG_KERNEL_LZMA is not set
> # CONFIG_KERNEL_XZ is not set
> # CONFIG_KERNEL_LZO is not set
> # CONFIG_KERNEL_LZ4 is not set
> CONFIG_DEFAULT_HOSTNAME="(none)"
> CONFIG_SWAP=y
> # CONFIG_SYSVIPC is not set
> # CONFIG_FHANDLE is not set
> # CONFIG_USELIB is not set
> CONFIG_HAVE_ARCH_AUDITSYSCALL=y
> 
> #
> # IRQ subsystem
> #
> CONFIG_GENERIC_IRQ_PROBE=y
> CONFIG_GENERIC_IRQ_SHOW=y
> CONFIG_IRQ_FORCED_THREADING=y
> CONFIG_SPARSE_IRQ=y
> CONFIG_CLOCKSOURCE_WATCHDOG=y
> CONFIG_ARCH_CLOCKSOURCE_DATA=y
> CONFIG_GENERIC_TIME_VSYSCALL=y
> CONFIG_GENERIC_CLOCKEVENTS=y
> CONFIG_GENERIC_CLOCKEVENTS_BUILD=y
> CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y
> CONFIG_GENERIC_CLOCKEVENTS_MIN_ADJUST=y
> CONFIG_GENERIC_CMOS_UPDATE=y
> 
> #
> # Timers subsystem
> #
> CONFIG_HZ_PERIODIC=y
> # CONFIG_NO_HZ_IDLE is not set
> # CONFIG_NO_HZ is not set
> # CONFIG_HIGH_RES_TIMERS is not set
> 
> #
> # CPU/Task time and stats accounting
> #
> CONFIG_TICK_CPU_ACCOUNTING=y
> # CONFIG_VIRT_CPU_ACCOUNTING_GEN is not set
> # CONFIG_IRQ_TIME_ACCOUNTING is not set
> # CONFIG_BSD_PROCESS_ACCT is not set
> 
> #
> # RCU Subsystem
> #
> CONFIG_TINY_RCU=y
> # CONFIG_PREEMPT_RCU is not set
> # CONFIG_RCU_STALL_COMMON is not set
> # CONFIG_TREE_RCU_TRACE is not set
> # CONFIG_IKCONFIG is not set
> CONFIG_LOG_BUF_SHIFT=17
> CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y
> CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y
> CONFIG_ARCH_SUPPORTS_INT128=y
> CONFIG_ARCH_WANTS_PROT_NUMA_PROT_NONE=y
> # CONFIG_CGROUPS is not set
> # CONFIG_CHECKPOINT_RESTORE is not set
> # CONFIG_NAMESPACES is not set
> # CONFIG_SCHED_AUTOGROUP is not set
> # CONFIG_RELAY is not set
> # CONFIG_BLK_DEV_INITRD is not set
> # CONFIG_CC_OPTIMIZE_FOR_SIZE is not set
> CONFIG_ANON_INODES=y
> CONFIG_SYSCTL_EXCEPTION_TRACE=y
> CONFIG_HAVE_PCSPKR_PLATFORM=y
> CONFIG_EXPERT=y
> # CONFIG_SYSFS_SYSCALL is not set
> # CONFIG_KALLSYMS is not set
> # CONFIG_PRINTK is not set
> # CONFIG_BUG is not set
> # CONFIG_PCSPKR_PLATFORM is not set
> # CONFIG_BASE_FULL is not set
> # CONFIG_FUTEX is not set
> # CONFIG_EPOLL is not set
> # CONFIG_SIGNALFD is not set
> # CONFIG_TIMERFD is not set
> # CONFIG_EVENTFD is not set
> # CONFIG_SHMEM is not set
> # CONFIG_AIO is not set
> CONFIG_EMBEDDED=y
> CONFIG_HAVE_PERF_EVENTS=y
> 
> #
> # Kernel Performance Events And Counters
> #
> CONFIG_PERF_EVENTS=y
> # CONFIG_DEBUG_PERF_USE_VMALLOC is not set
> # CONFIG_VM_EVENT_COUNTERS is not set
> # CONFIG_COMPAT_BRK is not set
> # CONFIG_SLAB is not set
> CONFIG_SLUB=y
> # CONFIG_SLOB is not set
> # CONFIG_PROFILING is not set
> CONFIG_HAVE_OPROFILE=y
> CONFIG_OPROFILE_NMI_TIMER=y
> # CONFIG_KPROBES is not set
> # CONFIG_JUMP_LABEL is not set
> # CONFIG_UPROBES is not set
> # CONFIG_HAVE_64BIT_ALIGNED_ACCESS is not set
> CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y
> CONFIG_ARCH_USE_BUILTIN_BSWAP=y
> CONFIG_HAVE_IOREMAP_PROT=y
> CONFIG_HAVE_KPROBES=y
> CONFIG_HAVE_KRETPROBES=y
> CONFIG_HAVE_OPTPROBES=y
> CONFIG_HAVE_KPROBES_ON_FTRACE=y
> CONFIG_HAVE_ARCH_TRACEHOOK=y
> CONFIG_HAVE_DMA_ATTRS=y
> CONFIG_GENERIC_SMP_IDLE_THREAD=y
> CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y
> CONFIG_HAVE_DMA_API_DEBUG=y
> CONFIG_HAVE_HW_BREAKPOINT=y
> CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y
> CONFIG_HAVE_USER_RETURN_NOTIFIER=y
> CONFIG_HAVE_PERF_EVENTS_NMI=y
> CONFIG_HAVE_PERF_REGS=y
> CONFIG_HAVE_PERF_USER_STACK_DUMP=y
> CONFIG_HAVE_ARCH_JUMP_LABEL=y
> CONFIG_ARCH_HAVE_NMI_SAFE_CMPXCHG=y
> CONFIG_HAVE_ALIGNED_STRUCT_PAGE=y
> CONFIG_HAVE_CMPXCHG_LOCAL=y
> CONFIG_HAVE_CMPXCHG_DOUBLE=y
> CONFIG_HAVE_ARCH_SECCOMP_FILTER=y
> CONFIG_HAVE_CC_STACKPROTECTOR=y
> # CONFIG_CC_STACKPROTECTOR is not set
> CONFIG_CC_STACKPROTECTOR_NONE=y
> # CONFIG_CC_STACKPROTECTOR_REGULAR is not set
> # CONFIG_CC_STACKPROTECTOR_STRONG is not set
> CONFIG_HAVE_CONTEXT_TRACKING=y
> CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y
> CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y
> CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE=y
> CONFIG_HAVE_ARCH_SOFT_DIRTY=y
> CONFIG_MODULES_USE_ELF_RELA=y
> CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y
> 
> #
> # GCOV-based kernel profiling
> #
> # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set
> CONFIG_BASE_SMALL=1
> CONFIG_MODULES=y
> # CONFIG_MODULE_FORCE_LOAD is not set
> # CONFIG_MODULE_UNLOAD is not set
> # CONFIG_MODVERSIONS is not set
> # CONFIG_MODULE_SRCVERSION_ALL is not set
> # CONFIG_MODULE_SIG is not set
> CONFIG_BLOCK=y
> CONFIG_BLK_DEV_BSG=y
> # CONFIG_BLK_DEV_BSGLIB is not set
> # CONFIG_BLK_DEV_INTEGRITY is not set
> # CONFIG_BLK_CMDLINE_PARSER is not set
> 
> #
> # Partition Types
> #
> # CONFIG_PARTITION_ADVANCED is not set
> CONFIG_MSDOS_PARTITION=y
> CONFIG_EFI_PARTITION=y
> 
> #
> # IO Schedulers
> #
> CONFIG_IOSCHED_NOOP=y
> CONFIG_IOSCHED_DEADLINE=y
> CONFIG_IOSCHED_CFQ=y
> # CONFIG_DEFAULT_DEADLINE is not set
> CONFIG_DEFAULT_CFQ=y
> # CONFIG_DEFAULT_NOOP is not set
> CONFIG_DEFAULT_IOSCHED="cfq"
> CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
> CONFIG_INLINE_READ_UNLOCK=y
> CONFIG_INLINE_READ_UNLOCK_IRQ=y
> CONFIG_INLINE_WRITE_UNLOCK=y
> CONFIG_INLINE_WRITE_UNLOCK_IRQ=y
> # CONFIG_FREEZER is not set
> 
> #
> # Processor type and features
> #
> # CONFIG_ZONE_DMA is not set
> # CONFIG_SMP is not set
> CONFIG_X86_MPPARSE=y
> # CONFIG_X86_EXTENDED_PLATFORM is not set
> # CONFIG_SCHED_OMIT_FRAME_POINTER is not set
> # CONFIG_HYPERVISOR_GUEST is not set
> CONFIG_NO_BOOTMEM=y
> # CONFIG_MEMTEST is not set
> # CONFIG_M486 is not set
> # CONFIG_M586 is not set
> # CONFIG_M586TSC is not set
> # CONFIG_M586MMX is not set
> # CONFIG_M686 is not set
> # CONFIG_MPENTIUMII is not set
> # CONFIG_MPENTIUMIII is not set
> # CONFIG_MPENTIUMM is not set
> # CONFIG_MPENTIUM4 is not set
> # CONFIG_MK6 is not set
> # CONFIG_MK7 is not set
> # CONFIG_MK8 is not set
> # CONFIG_MCRUSOE is not set
> # CONFIG_MEFFICEON is not set
> # CONFIG_MWINCHIPC6 is not set
> # CONFIG_MWINCHIP3D is not set
> # CONFIG_MELAN is not set
> # CONFIG_MGEODEGX1 is not set
> # CONFIG_MGEODE_LX is not set
> # CONFIG_MCYRIXIII is not set
> # CONFIG_MVIAC3_2 is not set
> # CONFIG_MVIAC7 is not set
> # CONFIG_MPSC is not set
> # CONFIG_MCORE2 is not set
> # CONFIG_MATOM is not set
> CONFIG_GENERIC_CPU=y
> CONFIG_X86_INTERNODE_CACHE_SHIFT=6
> CONFIG_X86_L1_CACHE_SHIFT=6
> CONFIG_X86_TSC=y
> CONFIG_X86_CMPXCHG64=y
> CONFIG_X86_CMOV=y
> CONFIG_X86_MINIMUM_CPU_FAMILY=64
> CONFIG_X86_DEBUGCTLMSR=y
> # CONFIG_PROCESSOR_SELECT is not set
> CONFIG_CPU_SUP_INTEL=y
> CONFIG_CPU_SUP_AMD=y
> CONFIG_CPU_SUP_CENTAUR=y
> CONFIG_HPET_TIMER=y
> # CONFIG_DMI is not set
> CONFIG_SWIOTLB=y
> CONFIG_IOMMU_HELPER=y
> CONFIG_NR_CPUS=1
> CONFIG_PREEMPT_NONE=y
> # CONFIG_PREEMPT_VOLUNTARY is not set
> # CONFIG_PREEMPT is not set
> CONFIG_X86_LOCAL_APIC=y
> CONFIG_X86_IO_APIC=y
> # CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS is not set
> # CONFIG_X86_MCE is not set
> # CONFIG_I8K is not set
> # CONFIG_MICROCODE is not set
> # CONFIG_MICROCODE_INTEL_EARLY is not set
> # CONFIG_MICROCODE_AMD_EARLY is not set
> # CONFIG_X86_MSR is not set
> # CONFIG_X86_CPUID is not set
> # CONFIG_NOHIGHMEM is not set
> # CONFIG_HIGHMEM4G is not set
> # CONFIG_HIGHMEM64G is not set
> # CONFIG_VMSPLIT_3G is not set
> # CONFIG_VMSPLIT_3G_OPT is not set
> # CONFIG_VMSPLIT_2G is not set
> # CONFIG_VMSPLIT_2G_OPT is not set
> # CONFIG_VMSPLIT_1G is not set
> CONFIG_ARCH_PHYS_ADDR_T_64BIT=y
> CONFIG_ARCH_DMA_ADDR_T_64BIT=y
> CONFIG_DIRECT_GBPAGES=y
> CONFIG_ARCH_SPARSEMEM_ENABLE=y
> CONFIG_ARCH_SPARSEMEM_DEFAULT=y
> CONFIG_ARCH_SELECT_MEMORY_MODEL=y
> CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000
> CONFIG_SELECT_MEMORY_MODEL=y
> # CONFIG_FLATMEM_MANUAL is not set
> CONFIG_SPARSEMEM_MANUAL=y
> CONFIG_SPARSEMEM=y
> CONFIG_HAVE_MEMORY_PRESENT=y
> CONFIG_SPARSEMEM_EXTREME=y
> CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y
> CONFIG_SPARSEMEM_ALLOC_MEM_MAP_TOGETHER=y
> CONFIG_SPARSEMEM_VMEMMAP=y
> CONFIG_HAVE_MEMBLOCK=y
> CONFIG_HAVE_MEMBLOCK_NODE_MAP=y
> CONFIG_ARCH_DISCARD_MEMBLOCK=y
> # CONFIG_HAVE_BOOTMEM_INFO_NODE is not set
> # CONFIG_MEMORY_HOTPLUG is not set
> CONFIG_PAGEFLAGS_EXTENDED=y
> CONFIG_SPLIT_PTLOCK_CPUS=4
> CONFIG_ARCH_ENABLE_SPLIT_PMD_PTLOCK=y
> # CONFIG_COMPACTION is not set
> CONFIG_PHYS_ADDR_T_64BIT=y
> CONFIG_ZONE_DMA_FLAG=0
> CONFIG_VIRT_TO_BUS=y
> # CONFIG_KSM is not set
> CONFIG_DEFAULT_MMAP_MIN_ADDR=4096
> # CONFIG_TRANSPARENT_HUGEPAGE is not set
> # CONFIG_CROSS_MEMORY_ATTACH is not set
> CONFIG_NEED_PER_CPU_KM=y
> # CONFIG_CLEANCACHE is not set
> # CONFIG_FRONTSWAP is not set
> # CONFIG_CMA is not set
> # CONFIG_ZBUD is not set
> # CONFIG_ZSMALLOC is not set
> CONFIG_GENERIC_EARLY_IOREMAP=y
> # CONFIG_X86_CHECK_BIOS_CORRUPTION is not set
> CONFIG_X86_RESERVE_LOW=64
> # CONFIG_MTRR is not set
> # CONFIG_ARCH_RANDOM is not set
> # CONFIG_X86_SMAP is not set
> # CONFIG_SECCOMP is not set
> # CONFIG_HZ_100 is not set
> CONFIG_HZ_250=y
> # CONFIG_HZ_300 is not set
> # CONFIG_HZ_1000 is not set
> CONFIG_HZ=250
> # CONFIG_SCHED_HRTICK is not set
> # CONFIG_KEXEC is not set
> # CONFIG_CRASH_DUMP is not set
> CONFIG_PHYSICAL_START=0x1000000
> # CONFIG_RELOCATABLE is not set
> CONFIG_PHYSICAL_ALIGN=0x200000
> # CONFIG_CMDLINE_BOOL is not set
> CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y
> 
> #
> # Power management and ACPI options
> #
> # CONFIG_SUSPEND is not set
> # CONFIG_HIBERNATION is not set
> # CONFIG_PM_RUNTIME is not set
> # CONFIG_SFI is not set
> 
> #
> # CPU Frequency scaling
> #
> # CONFIG_CPU_FREQ is not set
> 
> #
> # CPU Idle
> #
> # CONFIG_CPU_IDLE is not set
> # CONFIG_ARCH_NEEDS_CPU_IDLE_COUPLED is not set
> 
> #
> # Memory power savings
> #
> # CONFIG_I7300_IDLE is not set
> 
> #
> # Bus options (PCI etc.)
> #
> # CONFIG_PCI is not set
> CONFIG_ISA_DMA_API=y
> # CONFIG_PCCARD is not set
> # CONFIG_X86_SYSFB is not set
> 
> #
> # Executable file formats / Emulations
> #
> # CONFIG_BINFMT_ELF is not set
> CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE=y
> # CONFIG_BINFMT_SCRIPT is not set
> # CONFIG_HAVE_AOUT is not set
> # CONFIG_BINFMT_MISC is not set
> # CONFIG_COREDUMP is not set
> # CONFIG_IA32_EMULATION is not set
> CONFIG_X86_DEV_DMA_OPS=y
> # CONFIG_NET is not set
> CONFIG_HAVE_BPF_JIT=y
> 
> #
> # Device Drivers
> #
> 
> #
> # Generic Driver Options
> #
> CONFIG_UEVENT_HELPER_PATH=""
> # CONFIG_DEVTMPFS is not set
> # CONFIG_STANDALONE is not set
> # CONFIG_PREVENT_FIRMWARE_BUILD is not set
> # CONFIG_FW_LOADER is not set
> # CONFIG_DEBUG_DRIVER is not set
> # CONFIG_DEBUG_DEVRES is not set
> # CONFIG_SYS_HYPERVISOR is not set
> # CONFIG_GENERIC_CPU_DEVICES is not set
> CONFIG_GENERIC_CPU_AUTOPROBE=y
> # CONFIG_DMA_SHARED_BUFFER is not set
> 
> #
> # Bus devices
> #
> # CONFIG_MTD is not set
> # CONFIG_PARPORT is not set
> CONFIG_ARCH_MIGHT_HAVE_PC_PARPORT=y
> CONFIG_BLK_DEV=y
> # CONFIG_BLK_DEV_NULL_BLK is not set
> # CONFIG_BLK_DEV_FD is not set
> # CONFIG_BLK_DEV_COW_COMMON is not set
> CONFIG_BLK_DEV_LOOP=m
> CONFIG_BLK_DEV_LOOP_MIN_COUNT=8
> # CONFIG_BLK_DEV_CRYPTOLOOP is not set
> 
> #
> # DRBD disabled because PROC_FS or INET not selected
> #
> # CONFIG_BLK_DEV_RAM is not set
> # CONFIG_CDROM_PKTCDVD is not set
> # CONFIG_BLK_DEV_HD is not set
> 
> #
> # Misc devices
> #
> # CONFIG_DUMMY_IRQ is not set
> # CONFIG_ATMEL_SSC is not set
> # CONFIG_ENCLOSURE_SERVICES is not set
> # CONFIG_SRAM is not set
> # CONFIG_C2PORT is not set
> 
> #
> # EEPROM support
> #
> # CONFIG_EEPROM_93CX6 is not set
> 
> #
> # Texas Instruments shared transport line discipline
> #
> 
> #
> # Altera FPGA firmware download module
> #
> 
> #
> # Intel MIC Host Driver
> #
> 
> #
> # Intel MIC Card Driver
> #
> # CONFIG_INTEL_MIC_CARD is not set
> # CONFIG_ECHO is not set
> CONFIG_HAVE_IDE=y
> # CONFIG_IDE is not set
> 
> #
> # SCSI device support
> #
> CONFIG_SCSI_MOD=y
> # CONFIG_RAID_ATTRS is not set
> # CONFIG_SCSI is not set
> # CONFIG_SCSI_DMA is not set
> # CONFIG_SCSI_NETLINK is not set
> # CONFIG_ATA is not set
> # CONFIG_MD is not set
> # CONFIG_MACINTOSH_DRIVERS is not set
> 
> #
> # Input device support
> #
> # CONFIG_INPUT is not set
> 
> #
> # Hardware I/O ports
> #
> # CONFIG_SERIO is not set
> CONFIG_ARCH_MIGHT_HAVE_PC_SERIO=y
> # CONFIG_GAMEPORT is not set
> 
> #
> # Character devices
> #
> # CONFIG_TTY is not set
> # CONFIG_DEVKMEM is not set
> # CONFIG_IPMI_HANDLER is not set
> # CONFIG_HW_RANDOM is not set
> # CONFIG_NVRAM is not set
> # CONFIG_RAW_DRIVER is not set
> # CONFIG_HANGCHECK_TIMER is not set
> # CONFIG_TCG_TPM is not set
> # CONFIG_TELCLOCK is not set
> # CONFIG_I2C is not set
> # CONFIG_SPI is not set
> # CONFIG_SPMI is not set
> # CONFIG_HSI is not set
> 
> #
> # PPS support
> #
> # CONFIG_PPS is not set
> 
> #
> # PPS generators support
> #
> 
> #
> # PTP clock support
> #
> 
> #
> # Enable PHYLIB and NETWORK_PHY_TIMESTAMPING to see the additional clocks.
> #
> CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y
> # CONFIG_GPIOLIB is not set
> # CONFIG_W1 is not set
> # CONFIG_POWER_SUPPLY is not set
> # CONFIG_POWER_AVS is not set
> # CONFIG_HWMON is not set
> # CONFIG_THERMAL is not set
> # CONFIG_WATCHDOG is not set
> CONFIG_SSB_POSSIBLE=y
> 
> #
> # Sonics Silicon Backplane
> #
> # CONFIG_SSB is not set
> CONFIG_BCMA_POSSIBLE=y
> 
> #
> # Broadcom specific AMBA
> #
> # CONFIG_BCMA is not set
> 
> #
> # Multifunction device drivers
> #
> # CONFIG_MFD_CORE is not set
> # CONFIG_MFD_CROS_EC is not set
> # CONFIG_HTC_PASIC3 is not set
> # CONFIG_MFD_KEMPLD is not set
> # CONFIG_MFD_SM501 is not set
> # CONFIG_ABX500_CORE is not set
> # CONFIG_MFD_SYSCON is not set
> # CONFIG_MFD_TI_AM335X_TSCADC is not set
> # CONFIG_MFD_TMIO is not set
> # CONFIG_REGULATOR is not set
> # CONFIG_MEDIA_SUPPORT is not set
> 
> #
> # Graphics support
> #
> 
> #
> # Direct Rendering Manager
> #
> # CONFIG_DRM is not set
> 
> #
> # Frame buffer Devices
> #
> # CONFIG_FB is not set
> # CONFIG_EXYNOS_VIDEO is not set
> # CONFIG_BACKLIGHT_LCD_SUPPORT is not set
> # CONFIG_VGASTATE is not set
> # CONFIG_SOUND is not set
> CONFIG_USB_OHCI_LITTLE_ENDIAN=y
> # CONFIG_USB_SUPPORT is not set
> # CONFIG_MMC is not set
> # CONFIG_MEMSTICK is not set
> # CONFIG_NEW_LEDS is not set
> # CONFIG_ACCESSIBILITY is not set
> # CONFIG_EDAC is not set
> CONFIG_RTC_LIB=y
> # CONFIG_RTC_CLASS is not set
> # CONFIG_DMADEVICES is not set
> # CONFIG_AUXDISPLAY is not set
> # CONFIG_UIO is not set
> # CONFIG_VIRT_DRIVERS is not set
> 
> #
> # Virtio drivers
> #
> # CONFIG_VIRTIO_MMIO is not set
> 
> #
> # Microsoft Hyper-V guest support
> #
> # CONFIG_STAGING is not set
> # CONFIG_X86_PLATFORM_DEVICES is not set
> # CONFIG_CHROME_PLATFORMS is not set
> 
> #
> # Hardware Spinlock drivers
> #
> CONFIG_CLKEVT_I8253=y
> CONFIG_CLKBLD_I8253=y
> # CONFIG_SH_TIMER_CMT is not set
> # CONFIG_SH_TIMER_MTU2 is not set
> # CONFIG_SH_TIMER_TMU is not set
> # CONFIG_EM_TIMER_STI is not set
> # CONFIG_MAILBOX is not set
> # CONFIG_IOMMU_SUPPORT is not set
> 
> #
> # Remoteproc drivers
> #
> # CONFIG_STE_MODEM_RPROC is not set
> 
> #
> # Rpmsg drivers
> #
> # CONFIG_PM_DEVFREQ is not set
> # CONFIG_EXTCON is not set
> # CONFIG_MEMORY is not set
> # CONFIG_IIO is not set
> # CONFIG_PWM is not set
> # CONFIG_IPACK_BUS is not set
> # CONFIG_RESET_CONTROLLER is not set
> # CONFIG_FMC is not set
> 
> #
> # PHY Subsystem
> #
> # CONFIG_GENERIC_PHY is not set
> # CONFIG_PHY_SAMSUNG_USB2 is not set
> # CONFIG_POWERCAP is not set
> # CONFIG_MCB is not set
> 
> #
> # Firmware Drivers
> #
> # CONFIG_EDD is not set
> # CONFIG_FIRMWARE_MEMMAP is not set
> # CONFIG_DELL_RBU is not set
> # CONFIG_DCDBAS is not set
> # CONFIG_GOOGLE_FIRMWARE is not set
> 
> #
> # File systems
> #
> CONFIG_DCACHE_WORD_ACCESS=y
> # CONFIG_EXT2_FS is not set
> # CONFIG_EXT3_FS is not set
> # CONFIG_EXT4_FS is not set
> # CONFIG_REISERFS_FS is not set
> # CONFIG_JFS_FS is not set
> # CONFIG_XFS_FS is not set
> # CONFIG_GFS2_FS is not set
> # CONFIG_BTRFS_FS is not set
> # CONFIG_NILFS2_FS is not set
> # CONFIG_FS_POSIX_ACL is not set
> # CONFIG_FILE_LOCKING is not set
> # CONFIG_FSNOTIFY is not set
> # CONFIG_DNOTIFY is not set
> # CONFIG_INOTIFY_USER is not set
> # CONFIG_FANOTIFY is not set
> # CONFIG_QUOTA is not set
> # CONFIG_QUOTACTL is not set
> # CONFIG_AUTOFS4_FS is not set
> # CONFIG_FUSE_FS is not set
> 
> #
> # Caches
> #
> # CONFIG_FSCACHE is not set
> 
> #
> # CD-ROM/DVD Filesystems
> #
> # CONFIG_ISO9660_FS is not set
> # CONFIG_UDF_FS is not set
> 
> #
> # DOS/FAT/NT Filesystems
> #
> # CONFIG_MSDOS_FS is not set
> # CONFIG_VFAT_FS is not set
> # CONFIG_NTFS_FS is not set
> 
> #
> # Pseudo filesystems
> #
> # CONFIG_PROC_FS is not set
> # CONFIG_KERNFS is not set
> # CONFIG_SYSFS is not set
> # CONFIG_HUGETLBFS is not set
> # CONFIG_HUGETLB_PAGE is not set
> # CONFIG_CONFIGFS_FS is not set
> # CONFIG_MISC_FILESYSTEMS is not set
> # CONFIG_NLS is not set
> 
> #
> # Kernel hacking
> #
> CONFIG_TRACE_IRQFLAGS_SUPPORT=y
> 
> #
> # printk and dmesg options
> #
> CONFIG_DEFAULT_MESSAGE_LOGLEVEL=4
> 
> #
> # Compile-time checks and compiler options
> #
> # CONFIG_DEBUG_INFO is not set
> # CONFIG_ENABLE_WARN_DEPRECATED is not set
> # CONFIG_ENABLE_MUST_CHECK is not set
> CONFIG_FRAME_WARN=1024
> # CONFIG_STRIP_ASM_SYMS is not set
> # CONFIG_READABLE_ASM is not set
> # CONFIG_UNUSED_SYMBOLS is not set
> # CONFIG_DEBUG_FS is not set
> # CONFIG_HEADERS_CHECK is not set
> # CONFIG_DEBUG_SECTION_MISMATCH is not set
> CONFIG_ARCH_WANT_FRAME_POINTERS=y
> # CONFIG_FRAME_POINTER is not set
> # CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set
> # CONFIG_MAGIC_SYSRQ is not set
> CONFIG_DEBUG_KERNEL=y
> 
> #
> # Memory Debugging
> #
> # CONFIG_DEBUG_PAGEALLOC is not set
> # CONFIG_DEBUG_OBJECTS is not set
> CONFIG_HAVE_DEBUG_KMEMLEAK=y
> # CONFIG_DEBUG_KMEMLEAK is not set
> # CONFIG_DEBUG_STACK_USAGE is not set
> # CONFIG_DEBUG_VM is not set
> # CONFIG_DEBUG_VIRTUAL is not set
> # CONFIG_DEBUG_MEMORY_INIT is not set
> CONFIG_HAVE_DEBUG_STACKOVERFLOW=y
> # CONFIG_DEBUG_STACKOVERFLOW is not set
> CONFIG_HAVE_ARCH_KMEMCHECK=y
> # CONFIG_KMEMCHECK is not set
> # CONFIG_DEBUG_SHIRQ is not set
> 
> #
> # Debug Lockups and Hangs
> #
> # CONFIG_LOCKUP_DETECTOR is not set
> # CONFIG_DETECT_HUNG_TASK is not set
> # CONFIG_PANIC_ON_OOPS is not set
> CONFIG_PANIC_ON_OOPS_VALUE=0
> CONFIG_PANIC_TIMEOUT=0
> 
> #
> # Lock Debugging (spinlocks, mutexes, etc...)
> #
> # CONFIG_DEBUG_SPINLOCK is not set
> # CONFIG_DEBUG_MUTEXES is not set
> # CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set
> # CONFIG_DEBUG_LOCK_ALLOC is not set
> # CONFIG_PROVE_LOCKING is not set
> # CONFIG_LOCK_STAT is not set
> # CONFIG_DEBUG_ATOMIC_SLEEP is not set
> # CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set
> # CONFIG_LOCK_TORTURE_TEST is not set
> # CONFIG_DEBUG_KOBJECT is not set
> # CONFIG_DEBUG_LIST is not set
> # CONFIG_DEBUG_SG is not set
> # CONFIG_DEBUG_NOTIFIERS is not set
> # CONFIG_DEBUG_CREDENTIALS is not set
> 
> #
> # RCU Debugging
> #
> # CONFIG_SPARSE_RCU_POINTER is not set
> # CONFIG_TORTURE_TEST is not set
> # CONFIG_RCU_TORTURE_TEST is not set
> # CONFIG_RCU_TRACE is not set
> # CONFIG_DEBUG_BLOCK_EXT_DEVT is not set
> # CONFIG_NOTIFIER_ERROR_INJECTION is not set
> # CONFIG_FAULT_INJECTION is not set
> CONFIG_ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS=y
> # CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is not set
> CONFIG_USER_STACKTRACE_SUPPORT=y
> CONFIG_HAVE_FUNCTION_TRACER=y
> CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y
> CONFIG_HAVE_FUNCTION_GRAPH_FP_TEST=y
> CONFIG_HAVE_FUNCTION_TRACE_MCOUNT_TEST=y
> CONFIG_HAVE_DYNAMIC_FTRACE=y
> CONFIG_HAVE_DYNAMIC_FTRACE_WITH_REGS=y
> CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y
> CONFIG_HAVE_SYSCALL_TRACEPOINTS=y
> CONFIG_HAVE_FENTRY=y
> CONFIG_HAVE_C_RECORDMCOUNT=y
> CONFIG_TRACING_SUPPORT=y
> # CONFIG_FTRACE is not set
> 
> #
> # Runtime Testing
> #
> # CONFIG_TEST_LIST_SORT is not set
> # CONFIG_BACKTRACE_SELF_TEST is not set
> # CONFIG_RBTREE_TEST is not set
> # CONFIG_INTERVAL_TREE_TEST is not set
> # CONFIG_PERCPU_TEST is not set
> # CONFIG_ATOMIC64_SELFTEST is not set
> # CONFIG_TEST_STRING_HELPERS is not set
> # CONFIG_TEST_KSTRTOX is not set
> # CONFIG_DMA_API_DEBUG is not set
> # CONFIG_TEST_MODULE is not set
> # CONFIG_TEST_USER_COPY is not set
> # CONFIG_SAMPLES is not set
> CONFIG_HAVE_ARCH_KGDB=y
> # CONFIG_KGDB is not set
> # CONFIG_STRICT_DEVMEM is not set
> # CONFIG_X86_VERBOSE_BOOTUP is not set
> # CONFIG_EARLY_PRINTK is not set
> # CONFIG_X86_PTDUMP is not set
> # CONFIG_DEBUG_RODATA is not set
> # CONFIG_DEBUG_SET_MODULE_RONX is not set
> # CONFIG_DEBUG_NX_TEST is not set
> # CONFIG_DOUBLEFAULT is not set
> # CONFIG_DEBUG_TLBFLUSH is not set
> # CONFIG_IOMMU_STRESS is not set
> CONFIG_HAVE_MMIOTRACE_SUPPORT=y
> CONFIG_IO_DELAY_TYPE_0X80=0
> CONFIG_IO_DELAY_TYPE_0XED=1
> CONFIG_IO_DELAY_TYPE_UDELAY=2
> CONFIG_IO_DELAY_TYPE_NONE=3
> CONFIG_IO_DELAY_0X80=y
> # CONFIG_IO_DELAY_0XED is not set
> # CONFIG_IO_DELAY_UDELAY is not set
> # CONFIG_IO_DELAY_NONE is not set
> CONFIG_DEFAULT_IO_DELAY_TYPE=0
> # CONFIG_CPA_DEBUG is not set
> # CONFIG_OPTIMIZE_INLINING is not set
> # CONFIG_DEBUG_NMI_SELFTEST is not set
> # CONFIG_X86_DEBUG_STATIC_CPU_HAS is not set
> 
> #
> # Security options
> #
> # CONFIG_KEYS is not set
> # CONFIG_SECURITY_DMESG_RESTRICT is not set
> # CONFIG_SECURITYFS is not set
> CONFIG_DEFAULT_SECURITY_DAC=y
> CONFIG_DEFAULT_SECURITY=""
> # CONFIG_CRYPTO is not set
> CONFIG_HAVE_KVM=y
> # CONFIG_VIRTUALIZATION is not set
> # CONFIG_BINARY_PRINTF is not set
> 
> #
> # Library routines
> #
> CONFIG_BITREVERSE=y
> CONFIG_GENERIC_STRNCPY_FROM_USER=y
> CONFIG_GENERIC_STRNLEN_USER=y
> CONFIG_GENERIC_FIND_FIRST_BIT=y
> CONFIG_GENERIC_PCI_IOMAP=y
> CONFIG_GENERIC_IOMAP=y
> CONFIG_GENERIC_IO=y
> CONFIG_ARCH_USE_CMPXCHG_LOCKREF=y
> # CONFIG_CRC_CCITT is not set
> # CONFIG_CRC16 is not set
> # CONFIG_CRC_T10DIF is not set
> # CONFIG_CRC_ITU_T is not set
> CONFIG_CRC32=y
> # CONFIG_CRC32_SELFTEST is not set
> CONFIG_CRC32_SLICEBY8=y
> # CONFIG_CRC32_SLICEBY4 is not set
> # CONFIG_CRC32_SARWATE is not set
> # CONFIG_CRC32_BIT is not set
> # CONFIG_CRC7 is not set
> # CONFIG_LIBCRC32C is not set
> # CONFIG_CRC8 is not set
> # CONFIG_AUDIT_ARCH_COMPAT_GENERIC is not set
> # CONFIG_RANDOM32_SELFTEST is not set
> # CONFIG_XZ_DEC is not set
> # CONFIG_XZ_DEC_BCJ is not set
> CONFIG_HAS_IOMEM=y
> CONFIG_HAS_IOPORT_MAP=y
> CONFIG_HAS_DMA=y
> CONFIG_ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE=y
> # CONFIG_AVERAGE is not set
> # CONFIG_CORDIC is not set
> # CONFIG_DDR is not set

Re: [RFC PATCH 0/2] Loop device psuedo filesystem

[Seth Forshee]

On Tue, Sep 16, 2014 at 12:12:47PM -0400, Shea Levy wrote:
> OK, compiling with BLK_DEV_LOOP=y (on top of 3.16.2), I was able to
> mount loopfs, request a loop device from loop-control, and associate it
> with an image with an ext4 partition with losetup, but mount still gives
> EPERM (all as root in a userns started from an unprivileged account). Is
> this expected? I do have read and write permissions to the resultant
> loop device. If this is expected, what would be needed to be able to
> mount the device?

Yes. Very few filesystems allow mounting from a userns right now, and
probably no "regular" filesystems do, only special filesystems like
sysfs. At minimum you'll need to add the FS_USERNS_MOUNT flag to any
filesystems you want to use, but even then the user/group ids probably
won't be translated into the userns.

> Also, this isn't an issue exactly, but the free devices started at 8
> (presumably because I have /dev/loop[0-7]) and appear in /dev in the
> root ns (presumably via udev) until I unmounted.

Right. 0-7 get created at module init time and end up allocated to the
init_user_ns superblock, so the first "free" id for your ns is 8.

I've brought up the problem of the devices for the userns also showing
up in devtmpfs. It was dismissed as not really being an issue, though I
still don't agree with that viewpoint. My proposed solution of assigning
devices to namespaces and then creating a namespaced devtmpfs was
rejected as well.

Just so you know, I'm not doing any further development of these patches
right now. I've shifted my efforts to getting fuse mountable from user
namespaces (https://lkml.org/lkml/2014/9/12/367).

Seth

> 
> ~Shea
> 
> On Mon, Sep 15, 2014 at 07:20:52PM -0400, Shea Levy wrote:
> > Hi Seth,
> > 
> > I applied your patches to 3.15-rc7, and had the same problem, the build
> > fails with:
> > 
> > > make[3]: *** No rule to make target `fs/loopfs/loopfs.c', needed by `fs/loopfs/loopfs.o'.  Stop.
> > 
> > I've attached the config I used, I generated it via make allnoconfig and
> > then enabled MODULES, BLK, BLK_DEV, and BLK_DEV_LOOP=m in make nconfig.
> > 
> > The build succeeds if I set BLK_DEV_LOOP=y, so I'll go ahead with my
> > testing using that.
> > 
> > ~Shea
> > 
> > On Mon, Sep 15, 2014 at 03:55:32PM -0500, Seth Forshee wrote:
> > > On Mon, Sep 15, 2014 at 04:38:44PM -0400, Shea Levy wrote:
> > > > Hi,
> > > > 
> > > > I wanted to test these patches (to support creating and filling a disk
> > > > image containing a btrfs filesystem and several subvolumes as an
> > > > unprivileged user), but the build fails due to what looks like a missing
> > > > loopfs.c in fs/loopfs (or alternatively an erroneous line in
> > > > fs/loopfs/Makefile). I built based off of 3.17-rc5.
> > > 
> > > There's no loopfs.c, loopfs.o gets built from inode.o which is in turn
> > > built from inode.c. I'm pretty sure the patches built when I posted
> > > them, which seems to be 3.15-rc7 based on the branch I've got here.
> > > 
> > > Seth
> > > 
> > > > 
> > > > ~Shea
> > > > 
> > > > 
> > > > On Tue, May 27, 2014 at 11:58:54PM +0200, Seth Forshee wrote:
> > > > > I'm posting these patches in response to the ongoing discussion of loop
> > > > > devices in containers at [1].
> > > > > 
> > > > > The patches implement a psuedo filesystem for loop devices, which will
> > > > > allow use of loop devices in containters using standard utilities. Under
> > > > > normal use a loopfs mount will initially contain a single device node
> > > > > for loop-control which can be used to request and release loop devices.
> > > > > Any devices allocated via this node will automatically appear in that
> > > > > loopfs mount (and in devtmpfs) but not in any other loopfs mounts.
> > > > > CAP_SYS_ADMIN in the userns of the process which performed the mount is
> > > > > allowed to perform privileged loop ioctls on these devices.
> > > > > 
> > > > > Alternately loopfs can be mounted with the hostmount option, intended
> > > > > for mounting /dev/loop in the host. This is the default mount for any
> > > > > devices not created via loop-control in a loopfs mount (e.g. devices
> > > > > created during driver init, devices created via /dev/loop-control, etc).
> > > > > This is only available to system-wide CAP_SYS_ADMIN.
> > > > > 
> > > > > I still have some testing to do on these patches, but they work at
> > > > > minimum for simple use cases. It's possible to use an unmodified losetup
> > > > > if it's new enough to know about loop-control, with a couple of caveats:
> > > > > 
> > > > >  * /dev/loop-control must be symlinked to /dev/loop/loop-control
> > > > >  * In some cases losetup attempts to use /dev/loopN when the device node
> > > > >    is at /dev/loop/N. For example, 'losetup -f disk.img' fails.
> > > > > 
> > > > > Device nodes for loop partitions are not created in loopfs. These
> > > > > devices are created by the generic block layer, and the loop driver has
> > > > > no way of knowing when they are created, so some kind of hook into the
> > > > > driver will be needed to support this.
> > > > > 
> > > > > Thanks,
> > > > > Seth
> > > > > 
> > > > > [1] http://article.gmane.org/gmane.linux.kernel/1703988
> > > > > 
> > > > > Seth Forshee (2):
> > > > >   loop: Add loop filesystem
> > > > >   loop: Permit priveleged operations within user namespaces
> > > > > 
> > > > >  drivers/block/loop.c       | 137 +++++++++++++----
> > > > >  drivers/block/loop.h       |   2 +
> > > > >  fs/Makefile                |   1 +
> > > > >  fs/loopfs/Makefile         |   6 +
> > > > >  fs/loopfs/inode.c          | 360 +++++++++++++++++++++++++++++++++++++++++++++
> > > > >  include/linux/loopfs.h     |  53 +++++++
> > > > >  include/uapi/linux/magic.h |   1 +
> > > > >  7 files changed, 535 insertions(+), 25 deletions(-)
> > > > >  create mode 100644 fs/loopfs/Makefile
> > > > >  create mode 100644 fs/loopfs/inode.c
> > > > >  create mode 100644 include/linux/loopfs.h
> > > > > 
> > > > > --
> > > > > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> > > > > the body of a message to majordomo@vger.kernel.org
> > > > > More majordomo info at  http://vger.kernel.org/majordomo-info.html
> > > > > Please read the FAQ at  http://www.tux.org/lkml/
> > > > > 
> > > > > 
> 
> > #
> > # Automatically generated file; DO NOT EDIT.
> > # Linux/x86 3.15.0-rc7 Kernel Configuration
> > #
> > CONFIG_64BIT=y
> > CONFIG_X86_64=y
> > CONFIG_X86=y
> > CONFIG_INSTRUCTION_DECODER=y
> > CONFIG_OUTPUT_FORMAT="elf64-x86-64"
> > CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig"
> > CONFIG_LOCKDEP_SUPPORT=y
> > CONFIG_STACKTRACE_SUPPORT=y
> > CONFIG_HAVE_LATENCYTOP_SUPPORT=y
> > CONFIG_MMU=y
> > CONFIG_NEED_DMA_MAP_STATE=y
> > CONFIG_NEED_SG_DMA_LENGTH=y
> > CONFIG_GENERIC_ISA_DMA=y
> > CONFIG_GENERIC_HWEIGHT=y
> > CONFIG_ARCH_MAY_HAVE_PC_FDC=y
> > CONFIG_RWSEM_XCHGADD_ALGORITHM=y
> > CONFIG_GENERIC_CALIBRATE_DELAY=y
> > CONFIG_ARCH_HAS_CPU_RELAX=y
> > CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y
> > CONFIG_HAVE_SETUP_PER_CPU_AREA=y
> > CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y
> > CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y
> > CONFIG_ARCH_HIBERNATION_POSSIBLE=y
> > CONFIG_ARCH_SUSPEND_POSSIBLE=y
> > CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y
> > CONFIG_ARCH_WANT_GENERAL_HUGETLB=y
> > CONFIG_ZONE_DMA32=y
> > CONFIG_AUDIT_ARCH=y
> > CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y
> > CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y
> > CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11"
> > CONFIG_ARCH_SUPPORTS_UPROBES=y
> > CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config"
> > CONFIG_IRQ_WORK=y
> > CONFIG_BUILDTIME_EXTABLE_SORT=y
> > 
> > #
> > # General setup
> > #
> > CONFIG_BROKEN_ON_SMP=y
> > CONFIG_INIT_ENV_ARG_LIMIT=32
> > CONFIG_CROSS_COMPILE=""
> > # CONFIG_COMPILE_TEST is not set
> > CONFIG_LOCALVERSION=""
> > # CONFIG_LOCALVERSION_AUTO is not set
> > CONFIG_HAVE_KERNEL_GZIP=y
> > CONFIG_HAVE_KERNEL_BZIP2=y
> > CONFIG_HAVE_KERNEL_LZMA=y
> > CONFIG_HAVE_KERNEL_XZ=y
> > CONFIG_HAVE_KERNEL_LZO=y
> > CONFIG_HAVE_KERNEL_LZ4=y
> > CONFIG_KERNEL_GZIP=y
> > # CONFIG_KERNEL_BZIP2 is not set
> > # CONFIG_KERNEL_LZMA is not set
> > # CONFIG_KERNEL_XZ is not set
> > # CONFIG_KERNEL_LZO is not set
> > # CONFIG_KERNEL_LZ4 is not set
> > CONFIG_DEFAULT_HOSTNAME="(none)"
> > CONFIG_SWAP=y
> > # CONFIG_SYSVIPC is not set
> > # CONFIG_FHANDLE is not set
> > # CONFIG_USELIB is not set
> > CONFIG_HAVE_ARCH_AUDITSYSCALL=y
> > 
> > #
> > # IRQ subsystem
> > #
> > CONFIG_GENERIC_IRQ_PROBE=y
> > CONFIG_GENERIC_IRQ_SHOW=y
> > CONFIG_IRQ_FORCED_THREADING=y
> > CONFIG_SPARSE_IRQ=y
> > CONFIG_CLOCKSOURCE_WATCHDOG=y
> > CONFIG_ARCH_CLOCKSOURCE_DATA=y
> > CONFIG_GENERIC_TIME_VSYSCALL=y
> > CONFIG_GENERIC_CLOCKEVENTS=y
> > CONFIG_GENERIC_CLOCKEVENTS_BUILD=y
> > CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y
> > CONFIG_GENERIC_CLOCKEVENTS_MIN_ADJUST=y
> > CONFIG_GENERIC_CMOS_UPDATE=y
> > 
> > #
> > # Timers subsystem
> > #
> > CONFIG_HZ_PERIODIC=y
> > # CONFIG_NO_HZ_IDLE is not set
> > # CONFIG_NO_HZ is not set
> > # CONFIG_HIGH_RES_TIMERS is not set
> > 
> > #
> > # CPU/Task time and stats accounting
> > #
> > CONFIG_TICK_CPU_ACCOUNTING=y
> > # CONFIG_VIRT_CPU_ACCOUNTING_GEN is not set
> > # CONFIG_IRQ_TIME_ACCOUNTING is not set
> > # CONFIG_BSD_PROCESS_ACCT is not set
> > 
> > #
> > # RCU Subsystem
> > #
> > CONFIG_TINY_RCU=y
> > # CONFIG_PREEMPT_RCU is not set
> > # CONFIG_RCU_STALL_COMMON is not set
> > # CONFIG_TREE_RCU_TRACE is not set
> > # CONFIG_IKCONFIG is not set
> > CONFIG_LOG_BUF_SHIFT=17
> > CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y
> > CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y
> > CONFIG_ARCH_SUPPORTS_INT128=y
> > CONFIG_ARCH_WANTS_PROT_NUMA_PROT_NONE=y
> > # CONFIG_CGROUPS is not set
> > # CONFIG_CHECKPOINT_RESTORE is not set
> > # CONFIG_NAMESPACES is not set
> > # CONFIG_SCHED_AUTOGROUP is not set
> > # CONFIG_RELAY is not set
> > # CONFIG_BLK_DEV_INITRD is not set
> > # CONFIG_CC_OPTIMIZE_FOR_SIZE is not set
> > CONFIG_ANON_INODES=y
> > CONFIG_SYSCTL_EXCEPTION_TRACE=y
> > CONFIG_HAVE_PCSPKR_PLATFORM=y
> > CONFIG_EXPERT=y
> > # CONFIG_SYSFS_SYSCALL is not set
> > # CONFIG_KALLSYMS is not set
> > # CONFIG_PRINTK is not set
> > # CONFIG_BUG is not set
> > # CONFIG_PCSPKR_PLATFORM is not set
> > # CONFIG_BASE_FULL is not set
> > # CONFIG_FUTEX is not set
> > # CONFIG_EPOLL is not set
> > # CONFIG_SIGNALFD is not set
> > # CONFIG_TIMERFD is not set
> > # CONFIG_EVENTFD is not set
> > # CONFIG_SHMEM is not set
> > # CONFIG_AIO is not set
> > CONFIG_EMBEDDED=y
> > CONFIG_HAVE_PERF_EVENTS=y
> > 
> > #
> > # Kernel Performance Events And Counters
> > #
> > CONFIG_PERF_EVENTS=y
> > # CONFIG_DEBUG_PERF_USE_VMALLOC is not set
> > # CONFIG_VM_EVENT_COUNTERS is not set
> > # CONFIG_COMPAT_BRK is not set
> > # CONFIG_SLAB is not set
> > CONFIG_SLUB=y
> > # CONFIG_SLOB is not set
> > # CONFIG_PROFILING is not set
> > CONFIG_HAVE_OPROFILE=y
> > CONFIG_OPROFILE_NMI_TIMER=y
> > # CONFIG_KPROBES is not set
> > # CONFIG_JUMP_LABEL is not set
> > # CONFIG_UPROBES is not set
> > # CONFIG_HAVE_64BIT_ALIGNED_ACCESS is not set
> > CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y
> > CONFIG_ARCH_USE_BUILTIN_BSWAP=y
> > CONFIG_HAVE_IOREMAP_PROT=y
> > CONFIG_HAVE_KPROBES=y
> > CONFIG_HAVE_KRETPROBES=y
> > CONFIG_HAVE_OPTPROBES=y
> > CONFIG_HAVE_KPROBES_ON_FTRACE=y
> > CONFIG_HAVE_ARCH_TRACEHOOK=y
> > CONFIG_HAVE_DMA_ATTRS=y
> > CONFIG_GENERIC_SMP_IDLE_THREAD=y
> > CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y
> > CONFIG_HAVE_DMA_API_DEBUG=y
> > CONFIG_HAVE_HW_BREAKPOINT=y
> > CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y
> > CONFIG_HAVE_USER_RETURN_NOTIFIER=y
> > CONFIG_HAVE_PERF_EVENTS_NMI=y
> > CONFIG_HAVE_PERF_REGS=y
> > CONFIG_HAVE_PERF_USER_STACK_DUMP=y
> > CONFIG_HAVE_ARCH_JUMP_LABEL=y
> > CONFIG_ARCH_HAVE_NMI_SAFE_CMPXCHG=y
> > CONFIG_HAVE_ALIGNED_STRUCT_PAGE=y
> > CONFIG_HAVE_CMPXCHG_LOCAL=y
> > CONFIG_HAVE_CMPXCHG_DOUBLE=y
> > CONFIG_HAVE_ARCH_SECCOMP_FILTER=y
> > CONFIG_HAVE_CC_STACKPROTECTOR=y
> > # CONFIG_CC_STACKPROTECTOR is not set
> > CONFIG_CC_STACKPROTECTOR_NONE=y
> > # CONFIG_CC_STACKPROTECTOR_REGULAR is not set
> > # CONFIG_CC_STACKPROTECTOR_STRONG is not set
> > CONFIG_HAVE_CONTEXT_TRACKING=y
> > CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y
> > CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y
> > CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE=y
> > CONFIG_HAVE_ARCH_SOFT_DIRTY=y
> > CONFIG_MODULES_USE_ELF_RELA=y
> > CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y
> > 
> > #
> > # GCOV-based kernel profiling
> > #
> > # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set
> > CONFIG_BASE_SMALL=1
> > CONFIG_MODULES=y
> > # CONFIG_MODULE_FORCE_LOAD is not set
> > # CONFIG_MODULE_UNLOAD is not set
> > # CONFIG_MODVERSIONS is not set
> > # CONFIG_MODULE_SRCVERSION_ALL is not set
> > # CONFIG_MODULE_SIG is not set
> > CONFIG_BLOCK=y
> > CONFIG_BLK_DEV_BSG=y
> > # CONFIG_BLK_DEV_BSGLIB is not set
> > # CONFIG_BLK_DEV_INTEGRITY is not set
> > # CONFIG_BLK_CMDLINE_PARSER is not set
> > 
> > #
> > # Partition Types
> > #
> > # CONFIG_PARTITION_ADVANCED is not set
> > CONFIG_MSDOS_PARTITION=y
> > CONFIG_EFI_PARTITION=y
> > 
> > #
> > # IO Schedulers
> > #
> > CONFIG_IOSCHED_NOOP=y
> > CONFIG_IOSCHED_DEADLINE=y
> > CONFIG_IOSCHED_CFQ=y
> > # CONFIG_DEFAULT_DEADLINE is not set
> > CONFIG_DEFAULT_CFQ=y
> > # CONFIG_DEFAULT_NOOP is not set
> > CONFIG_DEFAULT_IOSCHED="cfq"
> > CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
> > CONFIG_INLINE_READ_UNLOCK=y
> > CONFIG_INLINE_READ_UNLOCK_IRQ=y
> > CONFIG_INLINE_WRITE_UNLOCK=y
> > CONFIG_INLINE_WRITE_UNLOCK_IRQ=y
> > # CONFIG_FREEZER is not set
> > 
> > #
> > # Processor type and features
> > #
> > # CONFIG_ZONE_DMA is not set
> > # CONFIG_SMP is not set
> > CONFIG_X86_MPPARSE=y
> > # CONFIG_X86_EXTENDED_PLATFORM is not set
> > # CONFIG_SCHED_OMIT_FRAME_POINTER is not set
> > # CONFIG_HYPERVISOR_GUEST is not set
> > CONFIG_NO_BOOTMEM=y
> > # CONFIG_MEMTEST is not set
> > # CONFIG_M486 is not set
> > # CONFIG_M586 is not set
> > # CONFIG_M586TSC is not set
> > # CONFIG_M586MMX is not set
> > # CONFIG_M686 is not set
> > # CONFIG_MPENTIUMII is not set
> > # CONFIG_MPENTIUMIII is not set
> > # CONFIG_MPENTIUMM is not set
> > # CONFIG_MPENTIUM4 is not set
> > # CONFIG_MK6 is not set
> > # CONFIG_MK7 is not set
> > # CONFIG_MK8 is not set
> > # CONFIG_MCRUSOE is not set
> > # CONFIG_MEFFICEON is not set
> > # CONFIG_MWINCHIPC6 is not set
> > # CONFIG_MWINCHIP3D is not set
> > # CONFIG_MELAN is not set
> > # CONFIG_MGEODEGX1 is not set
> > # CONFIG_MGEODE_LX is not set
> > # CONFIG_MCYRIXIII is not set
> > # CONFIG_MVIAC3_2 is not set
> > # CONFIG_MVIAC7 is not set
> > # CONFIG_MPSC is not set
> > # CONFIG_MCORE2 is not set
> > # CONFIG_MATOM is not set
> > CONFIG_GENERIC_CPU=y
> > CONFIG_X86_INTERNODE_CACHE_SHIFT=6
> > CONFIG_X86_L1_CACHE_SHIFT=6
> > CONFIG_X86_TSC=y
> > CONFIG_X86_CMPXCHG64=y
> > CONFIG_X86_CMOV=y
> > CONFIG_X86_MINIMUM_CPU_FAMILY=64
> > CONFIG_X86_DEBUGCTLMSR=y
> > # CONFIG_PROCESSOR_SELECT is not set
> > CONFIG_CPU_SUP_INTEL=y
> > CONFIG_CPU_SUP_AMD=y
> > CONFIG_CPU_SUP_CENTAUR=y
> > CONFIG_HPET_TIMER=y
> > # CONFIG_DMI is not set
> > CONFIG_SWIOTLB=y
> > CONFIG_IOMMU_HELPER=y
> > CONFIG_NR_CPUS=1
> > CONFIG_PREEMPT_NONE=y
> > # CONFIG_PREEMPT_VOLUNTARY is not set
> > # CONFIG_PREEMPT is not set
> > CONFIG_X86_LOCAL_APIC=y
> > CONFIG_X86_IO_APIC=y
> > # CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS is not set
> > # CONFIG_X86_MCE is not set
> > # CONFIG_I8K is not set
> > # CONFIG_MICROCODE is not set
> > # CONFIG_MICROCODE_INTEL_EARLY is not set
> > # CONFIG_MICROCODE_AMD_EARLY is not set
> > # CONFIG_X86_MSR is not set
> > # CONFIG_X86_CPUID is not set
> > # CONFIG_NOHIGHMEM is not set
> > # CONFIG_HIGHMEM4G is not set
> > # CONFIG_HIGHMEM64G is not set
> > # CONFIG_VMSPLIT_3G is not set
> > # CONFIG_VMSPLIT_3G_OPT is not set
> > # CONFIG_VMSPLIT_2G is not set
> > # CONFIG_VMSPLIT_2G_OPT is not set
> > # CONFIG_VMSPLIT_1G is not set
> > CONFIG_ARCH_PHYS_ADDR_T_64BIT=y
> > CONFIG_ARCH_DMA_ADDR_T_64BIT=y
> > CONFIG_DIRECT_GBPAGES=y
> > CONFIG_ARCH_SPARSEMEM_ENABLE=y
> > CONFIG_ARCH_SPARSEMEM_DEFAULT=y
> > CONFIG_ARCH_SELECT_MEMORY_MODEL=y
> > CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000
> > CONFIG_SELECT_MEMORY_MODEL=y
> > # CONFIG_FLATMEM_MANUAL is not set
> > CONFIG_SPARSEMEM_MANUAL=y
> > CONFIG_SPARSEMEM=y
> > CONFIG_HAVE_MEMORY_PRESENT=y
> > CONFIG_SPARSEMEM_EXTREME=y
> > CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y
> > CONFIG_SPARSEMEM_ALLOC_MEM_MAP_TOGETHER=y
> > CONFIG_SPARSEMEM_VMEMMAP=y
> > CONFIG_HAVE_MEMBLOCK=y
> > CONFIG_HAVE_MEMBLOCK_NODE_MAP=y
> > CONFIG_ARCH_DISCARD_MEMBLOCK=y
> > # CONFIG_HAVE_BOOTMEM_INFO_NODE is not set
> > # CONFIG_MEMORY_HOTPLUG is not set
> > CONFIG_PAGEFLAGS_EXTENDED=y
> > CONFIG_SPLIT_PTLOCK_CPUS=4
> > CONFIG_ARCH_ENABLE_SPLIT_PMD_PTLOCK=y
> > # CONFIG_COMPACTION is not set
> > CONFIG_PHYS_ADDR_T_64BIT=y
> > CONFIG_ZONE_DMA_FLAG=0
> > CONFIG_VIRT_TO_BUS=y
> > # CONFIG_KSM is not set
> > CONFIG_DEFAULT_MMAP_MIN_ADDR=4096
> > # CONFIG_TRANSPARENT_HUGEPAGE is not set
> > # CONFIG_CROSS_MEMORY_ATTACH is not set
> > CONFIG_NEED_PER_CPU_KM=y
> > # CONFIG_CLEANCACHE is not set
> > # CONFIG_FRONTSWAP is not set
> > # CONFIG_CMA is not set
> > # CONFIG_ZBUD is not set
> > # CONFIG_ZSMALLOC is not set
> > CONFIG_GENERIC_EARLY_IOREMAP=y
> > # CONFIG_X86_CHECK_BIOS_CORRUPTION is not set
> > CONFIG_X86_RESERVE_LOW=64
> > # CONFIG_MTRR is not set
> > # CONFIG_ARCH_RANDOM is not set
> > # CONFIG_X86_SMAP is not set
> > # CONFIG_SECCOMP is not set
> > # CONFIG_HZ_100 is not set
> > CONFIG_HZ_250=y
> > # CONFIG_HZ_300 is not set
> > # CONFIG_HZ_1000 is not set
> > CONFIG_HZ=250
> > # CONFIG_SCHED_HRTICK is not set
> > # CONFIG_KEXEC is not set
> > # CONFIG_CRASH_DUMP is not set
> > CONFIG_PHYSICAL_START=0x1000000
> > # CONFIG_RELOCATABLE is not set
> > CONFIG_PHYSICAL_ALIGN=0x200000
> > # CONFIG_CMDLINE_BOOL is not set
> > CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y
> > 
> > #
> > # Power management and ACPI options
> > #
> > # CONFIG_SUSPEND is not set
> > # CONFIG_HIBERNATION is not set
> > # CONFIG_PM_RUNTIME is not set
> > # CONFIG_SFI is not set
> > 
> > #
> > # CPU Frequency scaling
> > #
> > # CONFIG_CPU_FREQ is not set
> > 
> > #
> > # CPU Idle
> > #
> > # CONFIG_CPU_IDLE is not set
> > # CONFIG_ARCH_NEEDS_CPU_IDLE_COUPLED is not set
> > 
> > #
> > # Memory power savings
> > #
> > # CONFIG_I7300_IDLE is not set
> > 
> > #
> > # Bus options (PCI etc.)
> > #
> > # CONFIG_PCI is not set
> > CONFIG_ISA_DMA_API=y
> > # CONFIG_PCCARD is not set
> > # CONFIG_X86_SYSFB is not set
> > 
> > #
> > # Executable file formats / Emulations
> > #
> > # CONFIG_BINFMT_ELF is not set
> > CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE=y
> > # CONFIG_BINFMT_SCRIPT is not set
> > # CONFIG_HAVE_AOUT is not set
> > # CONFIG_BINFMT_MISC is not set
> > # CONFIG_COREDUMP is not set
> > # CONFIG_IA32_EMULATION is not set
> > CONFIG_X86_DEV_DMA_OPS=y
> > # CONFIG_NET is not set
> > CONFIG_HAVE_BPF_JIT=y
> > 
> > #
> > # Device Drivers
> > #
> > 
> > #
> > # Generic Driver Options
> > #
> > CONFIG_UEVENT_HELPER_PATH=""
> > # CONFIG_DEVTMPFS is not set
> > # CONFIG_STANDALONE is not set
> > # CONFIG_PREVENT_FIRMWARE_BUILD is not set
> > # CONFIG_FW_LOADER is not set
> > # CONFIG_DEBUG_DRIVER is not set
> > # CONFIG_DEBUG_DEVRES is not set
> > # CONFIG_SYS_HYPERVISOR is not set
> > # CONFIG_GENERIC_CPU_DEVICES is not set
> > CONFIG_GENERIC_CPU_AUTOPROBE=y
> > # CONFIG_DMA_SHARED_BUFFER is not set
> > 
> > #
> > # Bus devices
> > #
> > # CONFIG_MTD is not set
> > # CONFIG_PARPORT is not set
> > CONFIG_ARCH_MIGHT_HAVE_PC_PARPORT=y
> > CONFIG_BLK_DEV=y
> > # CONFIG_BLK_DEV_NULL_BLK is not set
> > # CONFIG_BLK_DEV_FD is not set
> > # CONFIG_BLK_DEV_COW_COMMON is not set
> > CONFIG_BLK_DEV_LOOP=m
> > CONFIG_BLK_DEV_LOOP_MIN_COUNT=8
> > # CONFIG_BLK_DEV_CRYPTOLOOP is not set
> > 
> > #
> > # DRBD disabled because PROC_FS or INET not selected
> > #
> > # CONFIG_BLK_DEV_RAM is not set
> > # CONFIG_CDROM_PKTCDVD is not set
> > # CONFIG_BLK_DEV_HD is not set
> > 
> > #
> > # Misc devices
> > #
> > # CONFIG_DUMMY_IRQ is not set
> > # CONFIG_ATMEL_SSC is not set
> > # CONFIG_ENCLOSURE_SERVICES is not set
> > # CONFIG_SRAM is not set
> > # CONFIG_C2PORT is not set
> > 
> > #
> > # EEPROM support
> > #
> > # CONFIG_EEPROM_93CX6 is not set
> > 
> > #
> > # Texas Instruments shared transport line discipline
> > #
> > 
> > #
> > # Altera FPGA firmware download module
> > #
> > 
> > #
> > # Intel MIC Host Driver
> > #
> > 
> > #
> > # Intel MIC Card Driver
> > #
> > # CONFIG_INTEL_MIC_CARD is not set
> > # CONFIG_ECHO is not set
> > CONFIG_HAVE_IDE=y
> > # CONFIG_IDE is not set
> > 
> > #
> > # SCSI device support
> > #
> > CONFIG_SCSI_MOD=y
> > # CONFIG_RAID_ATTRS is not set
> > # CONFIG_SCSI is not set
> > # CONFIG_SCSI_DMA is not set
> > # CONFIG_SCSI_NETLINK is not set
> > # CONFIG_ATA is not set
> > # CONFIG_MD is not set
> > # CONFIG_MACINTOSH_DRIVERS is not set
> > 
> > #
> > # Input device support
> > #
> > # CONFIG_INPUT is not set
> > 
> > #
> > # Hardware I/O ports
> > #
> > # CONFIG_SERIO is not set
> > CONFIG_ARCH_MIGHT_HAVE_PC_SERIO=y
> > # CONFIG_GAMEPORT is not set
> > 
> > #
> > # Character devices
> > #
> > # CONFIG_TTY is not set
> > # CONFIG_DEVKMEM is not set
> > # CONFIG_IPMI_HANDLER is not set
> > # CONFIG_HW_RANDOM is not set
> > # CONFIG_NVRAM is not set
> > # CONFIG_RAW_DRIVER is not set
> > # CONFIG_HANGCHECK_TIMER is not set
> > # CONFIG_TCG_TPM is not set
> > # CONFIG_TELCLOCK is not set
> > # CONFIG_I2C is not set
> > # CONFIG_SPI is not set
> > # CONFIG_SPMI is not set
> > # CONFIG_HSI is not set
> > 
> > #
> > # PPS support
> > #
> > # CONFIG_PPS is not set
> > 
> > #
> > # PPS generators support
> > #
> > 
> > #
> > # PTP clock support
> > #
> > 
> > #
> > # Enable PHYLIB and NETWORK_PHY_TIMESTAMPING to see the additional clocks.
> > #
> > CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y
> > # CONFIG_GPIOLIB is not set
> > # CONFIG_W1 is not set
> > # CONFIG_POWER_SUPPLY is not set
> > # CONFIG_POWER_AVS is not set
> > # CONFIG_HWMON is not set
> > # CONFIG_THERMAL is not set
> > # CONFIG_WATCHDOG is not set
> > CONFIG_SSB_POSSIBLE=y
> > 
> > #
> > # Sonics Silicon Backplane
> > #
> > # CONFIG_SSB is not set
> > CONFIG_BCMA_POSSIBLE=y
> > 
> > #
> > # Broadcom specific AMBA
> > #
> > # CONFIG_BCMA is not set
> > 
> > #
> > # Multifunction device drivers
> > #
> > # CONFIG_MFD_CORE is not set
> > # CONFIG_MFD_CROS_EC is not set
> > # CONFIG_HTC_PASIC3 is not set
> > # CONFIG_MFD_KEMPLD is not set
> > # CONFIG_MFD_SM501 is not set
> > # CONFIG_ABX500_CORE is not set
> > # CONFIG_MFD_SYSCON is not set
> > # CONFIG_MFD_TI_AM335X_TSCADC is not set
> > # CONFIG_MFD_TMIO is not set
> > # CONFIG_REGULATOR is not set
> > # CONFIG_MEDIA_SUPPORT is not set
> > 
> > #
> > # Graphics support
> > #
> > 
> > #
> > # Direct Rendering Manager
> > #
> > # CONFIG_DRM is not set
> > 
> > #
> > # Frame buffer Devices
> > #
> > # CONFIG_FB is not set
> > # CONFIG_EXYNOS_VIDEO is not set
> > # CONFIG_BACKLIGHT_LCD_SUPPORT is not set
> > # CONFIG_VGASTATE is not set
> > # CONFIG_SOUND is not set
> > CONFIG_USB_OHCI_LITTLE_ENDIAN=y
> > # CONFIG_USB_SUPPORT is not set
> > # CONFIG_MMC is not set
> > # CONFIG_MEMSTICK is not set
> > # CONFIG_NEW_LEDS is not set
> > # CONFIG_ACCESSIBILITY is not set
> > # CONFIG_EDAC is not set
> > CONFIG_RTC_LIB=y
> > # CONFIG_RTC_CLASS is not set
> > # CONFIG_DMADEVICES is not set
> > # CONFIG_AUXDISPLAY is not set
> > # CONFIG_UIO is not set
> > # CONFIG_VIRT_DRIVERS is not set
> > 
> > #
> > # Virtio drivers
> > #
> > # CONFIG_VIRTIO_MMIO is not set
> > 
> > #
> > # Microsoft Hyper-V guest support
> > #
> > # CONFIG_STAGING is not set
> > # CONFIG_X86_PLATFORM_DEVICES is not set
> > # CONFIG_CHROME_PLATFORMS is not set
> > 
> > #
> > # Hardware Spinlock drivers
> > #
> > CONFIG_CLKEVT_I8253=y
> > CONFIG_CLKBLD_I8253=y
> > # CONFIG_SH_TIMER_CMT is not set
> > # CONFIG_SH_TIMER_MTU2 is not set
> > # CONFIG_SH_TIMER_TMU is not set
> > # CONFIG_EM_TIMER_STI is not set
> > # CONFIG_MAILBOX is not set
> > # CONFIG_IOMMU_SUPPORT is not set
> > 
> > #
> > # Remoteproc drivers
> > #
> > # CONFIG_STE_MODEM_RPROC is not set
> > 
> > #
> > # Rpmsg drivers
> > #
> > # CONFIG_PM_DEVFREQ is not set
> > # CONFIG_EXTCON is not set
> > # CONFIG_MEMORY is not set
> > # CONFIG_IIO is not set
> > # CONFIG_PWM is not set
> > # CONFIG_IPACK_BUS is not set
> > # CONFIG_RESET_CONTROLLER is not set
> > # CONFIG_FMC is not set
> > 
> > #
> > # PHY Subsystem
> > #
> > # CONFIG_GENERIC_PHY is not set
> > # CONFIG_PHY_SAMSUNG_USB2 is not set
> > # CONFIG_POWERCAP is not set
> > # CONFIG_MCB is not set
> > 
> > #
> > # Firmware Drivers
> > #
> > # CONFIG_EDD is not set
> > # CONFIG_FIRMWARE_MEMMAP is not set
> > # CONFIG_DELL_RBU is not set
> > # CONFIG_DCDBAS is not set
> > # CONFIG_GOOGLE_FIRMWARE is not set
> > 
> > #
> > # File systems
> > #
> > CONFIG_DCACHE_WORD_ACCESS=y
> > # CONFIG_EXT2_FS is not set
> > # CONFIG_EXT3_FS is not set
> > # CONFIG_EXT4_FS is not set
> > # CONFIG_REISERFS_FS is not set
> > # CONFIG_JFS_FS is not set
> > # CONFIG_XFS_FS is not set
> > # CONFIG_GFS2_FS is not set
> > # CONFIG_BTRFS_FS is not set
> > # CONFIG_NILFS2_FS is not set
> > # CONFIG_FS_POSIX_ACL is not set
> > # CONFIG_FILE_LOCKING is not set
> > # CONFIG_FSNOTIFY is not set
> > # CONFIG_DNOTIFY is not set
> > # CONFIG_INOTIFY_USER is not set
> > # CONFIG_FANOTIFY is not set
> > # CONFIG_QUOTA is not set
> > # CONFIG_QUOTACTL is not set
> > # CONFIG_AUTOFS4_FS is not set
> > # CONFIG_FUSE_FS is not set
> > 
> > #
> > # Caches
> > #
> > # CONFIG_FSCACHE is not set
> > 
> > #
> > # CD-ROM/DVD Filesystems
> > #
> > # CONFIG_ISO9660_FS is not set
> > # CONFIG_UDF_FS is not set
> > 
> > #
> > # DOS/FAT/NT Filesystems
> > #
> > # CONFIG_MSDOS_FS is not set
> > # CONFIG_VFAT_FS is not set
> > # CONFIG_NTFS_FS is not set
> > 
> > #
> > # Pseudo filesystems
> > #
> > # CONFIG_PROC_FS is not set
> > # CONFIG_KERNFS is not set
> > # CONFIG_SYSFS is not set
> > # CONFIG_HUGETLBFS is not set
> > # CONFIG_HUGETLB_PAGE is not set
> > # CONFIG_CONFIGFS_FS is not set
> > # CONFIG_MISC_FILESYSTEMS is not set
> > # CONFIG_NLS is not set
> > 
> > #
> > # Kernel hacking
> > #
> > CONFIG_TRACE_IRQFLAGS_SUPPORT=y
> > 
> > #
> > # printk and dmesg options
> > #
> > CONFIG_DEFAULT_MESSAGE_LOGLEVEL=4
> > 
> > #
> > # Compile-time checks and compiler options
> > #
> > # CONFIG_DEBUG_INFO is not set
> > # CONFIG_ENABLE_WARN_DEPRECATED is not set
> > # CONFIG_ENABLE_MUST_CHECK is not set
> > CONFIG_FRAME_WARN=1024
> > # CONFIG_STRIP_ASM_SYMS is not set
> > # CONFIG_READABLE_ASM is not set
> > # CONFIG_UNUSED_SYMBOLS is not set
> > # CONFIG_DEBUG_FS is not set
> > # CONFIG_HEADERS_CHECK is not set
> > # CONFIG_DEBUG_SECTION_MISMATCH is not set
> > CONFIG_ARCH_WANT_FRAME_POINTERS=y
> > # CONFIG_FRAME_POINTER is not set
> > # CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set
> > # CONFIG_MAGIC_SYSRQ is not set
> > CONFIG_DEBUG_KERNEL=y
> > 
> > #
> > # Memory Debugging
> > #
> > # CONFIG_DEBUG_PAGEALLOC is not set
> > # CONFIG_DEBUG_OBJECTS is not set
> > CONFIG_HAVE_DEBUG_KMEMLEAK=y
> > # CONFIG_DEBUG_KMEMLEAK is not set
> > # CONFIG_DEBUG_STACK_USAGE is not set
> > # CONFIG_DEBUG_VM is not set
> > # CONFIG_DEBUG_VIRTUAL is not set
> > # CONFIG_DEBUG_MEMORY_INIT is not set
> > CONFIG_HAVE_DEBUG_STACKOVERFLOW=y
> > # CONFIG_DEBUG_STACKOVERFLOW is not set
> > CONFIG_HAVE_ARCH_KMEMCHECK=y
> > # CONFIG_KMEMCHECK is not set
> > # CONFIG_DEBUG_SHIRQ is not set
> > 
> > #
> > # Debug Lockups and Hangs
> > #
> > # CONFIG_LOCKUP_DETECTOR is not set
> > # CONFIG_DETECT_HUNG_TASK is not set
> > # CONFIG_PANIC_ON_OOPS is not set
> > CONFIG_PANIC_ON_OOPS_VALUE=0
> > CONFIG_PANIC_TIMEOUT=0
> > 
> > #
> > # Lock Debugging (spinlocks, mutexes, etc...)
> > #
> > # CONFIG_DEBUG_SPINLOCK is not set
> > # CONFIG_DEBUG_MUTEXES is not set
> > # CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set
> > # CONFIG_DEBUG_LOCK_ALLOC is not set
> > # CONFIG_PROVE_LOCKING is not set
> > # CONFIG_LOCK_STAT is not set
> > # CONFIG_DEBUG_ATOMIC_SLEEP is not set
> > # CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set
> > # CONFIG_LOCK_TORTURE_TEST is not set
> > # CONFIG_DEBUG_KOBJECT is not set
> > # CONFIG_DEBUG_LIST is not set
> > # CONFIG_DEBUG_SG is not set
> > # CONFIG_DEBUG_NOTIFIERS is not set
> > # CONFIG_DEBUG_CREDENTIALS is not set
> > 
> > #
> > # RCU Debugging
> > #
> > # CONFIG_SPARSE_RCU_POINTER is not set
> > # CONFIG_TORTURE_TEST is not set
> > # CONFIG_RCU_TORTURE_TEST is not set
> > # CONFIG_RCU_TRACE is not set
> > # CONFIG_DEBUG_BLOCK_EXT_DEVT is not set
> > # CONFIG_NOTIFIER_ERROR_INJECTION is not set
> > # CONFIG_FAULT_INJECTION is not set
> > CONFIG_ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS=y
> > # CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is not set
> > CONFIG_USER_STACKTRACE_SUPPORT=y
> > CONFIG_HAVE_FUNCTION_TRACER=y
> > CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y
> > CONFIG_HAVE_FUNCTION_GRAPH_FP_TEST=y
> > CONFIG_HAVE_FUNCTION_TRACE_MCOUNT_TEST=y
> > CONFIG_HAVE_DYNAMIC_FTRACE=y
> > CONFIG_HAVE_DYNAMIC_FTRACE_WITH_REGS=y
> > CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y
> > CONFIG_HAVE_SYSCALL_TRACEPOINTS=y
> > CONFIG_HAVE_FENTRY=y
> > CONFIG_HAVE_C_RECORDMCOUNT=y
> > CONFIG_TRACING_SUPPORT=y
> > # CONFIG_FTRACE is not set
> > 
> > #
> > # Runtime Testing
> > #
> > # CONFIG_TEST_LIST_SORT is not set
> > # CONFIG_BACKTRACE_SELF_TEST is not set
> > # CONFIG_RBTREE_TEST is not set
> > # CONFIG_INTERVAL_TREE_TEST is not set
> > # CONFIG_PERCPU_TEST is not set
> > # CONFIG_ATOMIC64_SELFTEST is not set
> > # CONFIG_TEST_STRING_HELPERS is not set
> > # CONFIG_TEST_KSTRTOX is not set
> > # CONFIG_DMA_API_DEBUG is not set
> > # CONFIG_TEST_MODULE is not set
> > # CONFIG_TEST_USER_COPY is not set
> > # CONFIG_SAMPLES is not set
> > CONFIG_HAVE_ARCH_KGDB=y
> > # CONFIG_KGDB is not set
> > # CONFIG_STRICT_DEVMEM is not set
> > # CONFIG_X86_VERBOSE_BOOTUP is not set
> > # CONFIG_EARLY_PRINTK is not set
> > # CONFIG_X86_PTDUMP is not set
> > # CONFIG_DEBUG_RODATA is not set
> > # CONFIG_DEBUG_SET_MODULE_RONX is not set
> > # CONFIG_DEBUG_NX_TEST is not set
> > # CONFIG_DOUBLEFAULT is not set
> > # CONFIG_DEBUG_TLBFLUSH is not set
> > # CONFIG_IOMMU_STRESS is not set
> > CONFIG_HAVE_MMIOTRACE_SUPPORT=y
> > CONFIG_IO_DELAY_TYPE_0X80=0
> > CONFIG_IO_DELAY_TYPE_0XED=1
> > CONFIG_IO_DELAY_TYPE_UDELAY=2
> > CONFIG_IO_DELAY_TYPE_NONE=3
> > CONFIG_IO_DELAY_0X80=y
> > # CONFIG_IO_DELAY_0XED is not set
> > # CONFIG_IO_DELAY_UDELAY is not set
> > # CONFIG_IO_DELAY_NONE is not set
> > CONFIG_DEFAULT_IO_DELAY_TYPE=0
> > # CONFIG_CPA_DEBUG is not set
> > # CONFIG_OPTIMIZE_INLINING is not set
> > # CONFIG_DEBUG_NMI_SELFTEST is not set
> > # CONFIG_X86_DEBUG_STATIC_CPU_HAS is not set
> > 
> > #
> > # Security options
> > #
> > # CONFIG_KEYS is not set
> > # CONFIG_SECURITY_DMESG_RESTRICT is not set
> > # CONFIG_SECURITYFS is not set
> > CONFIG_DEFAULT_SECURITY_DAC=y
> > CONFIG_DEFAULT_SECURITY=""
> > # CONFIG_CRYPTO is not set
> > CONFIG_HAVE_KVM=y
> > # CONFIG_VIRTUALIZATION is not set
> > # CONFIG_BINARY_PRINTF is not set
> > 
> > #
> > # Library routines
> > #
> > CONFIG_BITREVERSE=y
> > CONFIG_GENERIC_STRNCPY_FROM_USER=y
> > CONFIG_GENERIC_STRNLEN_USER=y
> > CONFIG_GENERIC_FIND_FIRST_BIT=y
> > CONFIG_GENERIC_PCI_IOMAP=y
> > CONFIG_GENERIC_IOMAP=y
> > CONFIG_GENERIC_IO=y
> > CONFIG_ARCH_USE_CMPXCHG_LOCKREF=y
> > # CONFIG_CRC_CCITT is not set
> > # CONFIG_CRC16 is not set
> > # CONFIG_CRC_T10DIF is not set
> > # CONFIG_CRC_ITU_T is not set
> > CONFIG_CRC32=y
> > # CONFIG_CRC32_SELFTEST is not set
> > CONFIG_CRC32_SLICEBY8=y
> > # CONFIG_CRC32_SLICEBY4 is not set
> > # CONFIG_CRC32_SARWATE is not set
> > # CONFIG_CRC32_BIT is not set
> > # CONFIG_CRC7 is not set
> > # CONFIG_LIBCRC32C is not set
> > # CONFIG_CRC8 is not set
> > # CONFIG_AUDIT_ARCH_COMPAT_GENERIC is not set
> > # CONFIG_RANDOM32_SELFTEST is not set
> > # CONFIG_XZ_DEC is not set
> > # CONFIG_XZ_DEC_BCJ is not set
> > CONFIG_HAS_IOMEM=y
> > CONFIG_HAS_IOPORT_MAP=y
> > CONFIG_HAS_DMA=y
> > CONFIG_ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE=y
> > # CONFIG_AVERAGE is not set
> > # CONFIG_CORDIC is not set
> > # CONFIG_DDR is not set
> 

Re: [RFC PATCH 0/2] Loop device psuedo filesystem

[Shea Levy]

On Tue, Sep 16, 2014 at 11:39:57AM -0500, Seth Forshee wrote:
> On Tue, Sep 16, 2014 at 12:12:47PM -0400, Shea Levy wrote:
> > OK, compiling with BLK_DEV_LOOP=y (on top of 3.16.2), I was able to
> > mount loopfs, request a loop device from loop-control, and associate it
> > with an image with an ext4 partition with losetup, but mount still gives
> > EPERM (all as root in a userns started from an unprivileged account). Is
> > this expected? I do have read and write permissions to the resultant
> > loop device. If this is expected, what would be needed to be able to
> > mount the device?
> 
> Yes. Very few filesystems allow mounting from a userns right now, and
> probably no "regular" filesystems do, only special filesystems like
> sysfs. At minimum you'll need to add the FS_USERNS_MOUNT flag to any
> filesystems you want to use, but even then the user/group ids probably
> won't be translated into the userns.
> 

Hm, I see. Yeah, none of the 'regular' filesystems have that set. Why is
that, if it's easy to explain? From a naive perspective it seems like if
you have the permissions to the device then the uid/gid mapping should
be generic (the on-disk id is the id *inside* the namespace, the kernel
maps that based on the id_map file to processes outside the namespace),
but I'm sure that's insecure in a way I'm not seeing.

> 
> > Also, this isn't an issue exactly, but the free devices started at 8
> > (presumably because I have /dev/loop[0-7]) and appear in /dev in the
> > root ns (presumably via udev) until I unmounted.
> 
> Right. 0-7 get created at module init time and end up allocated to the
> init_user_ns superblock, so the first "free" id for your ns is 8.
> 
> I've brought up the problem of the devices for the userns also showing
> up in devtmpfs. It was dismissed as not really being an issue, though I
> still don't agree with that viewpoint. My proposed solution of assigning
> devices to namespaces and then creating a namespaced devtmpfs was
> rejected as well.
> 
> Just so you know, I'm not doing any further development of these patches
> right now. I've shifted my efforts to getting fuse mountable from user
> namespaces (https://lkml.org/lkml/2014/9/12/367).
> 

Aside from the patch to build as a module, is there anything further to
be done on the loopfs side of things? If not I may try to get this
merged myself if you don't mind.

~Shea

> 
> Seth
> 
> > 
> > ~Shea
> > 
> > On Mon, Sep 15, 2014 at 07:20:52PM -0400, Shea Levy wrote:
> > > Hi Seth,
> > > 
> > > I applied your patches to 3.15-rc7, and had the same problem, the build
> > > fails with:
> > > 
> > > > make[3]: *** No rule to make target `fs/loopfs/loopfs.c', needed by `fs/loopfs/loopfs.o'.  Stop.
> > > 
> > > I've attached the config I used, I generated it via make allnoconfig and
> > > then enabled MODULES, BLK, BLK_DEV, and BLK_DEV_LOOP=m in make nconfig.
> > > 
> > > The build succeeds if I set BLK_DEV_LOOP=y, so I'll go ahead with my
> > > testing using that.
> > > 
> > > ~Shea
> > > 
> > > On Mon, Sep 15, 2014 at 03:55:32PM -0500, Seth Forshee wrote:
> > > > On Mon, Sep 15, 2014 at 04:38:44PM -0400, Shea Levy wrote:
> > > > > Hi,
> > > > > 
> > > > > I wanted to test these patches (to support creating and filling a disk
> > > > > image containing a btrfs filesystem and several subvolumes as an
> > > > > unprivileged user), but the build fails due to what looks like a missing
> > > > > loopfs.c in fs/loopfs (or alternatively an erroneous line in
> > > > > fs/loopfs/Makefile). I built based off of 3.17-rc5.
> > > > 
> > > > There's no loopfs.c, loopfs.o gets built from inode.o which is in turn
> > > > built from inode.c. I'm pretty sure the patches built when I posted
> > > > them, which seems to be 3.15-rc7 based on the branch I've got here.
> > > > 
> > > > Seth
> > > > 
> > > > > 
> > > > > ~Shea
> > > > > 
> > > > > 
> > > > > On Tue, May 27, 2014 at 11:58:54PM +0200, Seth Forshee wrote:
> > > > > > I'm posting these patches in response to the ongoing discussion of loop
> > > > > > devices in containers at [1].
> > > > > > 
> > > > > > The patches implement a psuedo filesystem for loop devices, which will
> > > > > > allow use of loop devices in containters using standard utilities. Under
> > > > > > normal use a loopfs mount will initially contain a single device node
> > > > > > for loop-control which can be used to request and release loop devices.
> > > > > > Any devices allocated via this node will automatically appear in that
> > > > > > loopfs mount (and in devtmpfs) but not in any other loopfs mounts.
> > > > > > CAP_SYS_ADMIN in the userns of the process which performed the mount is
> > > > > > allowed to perform privileged loop ioctls on these devices.
> > > > > > 
> > > > > > Alternately loopfs can be mounted with the hostmount option, intended
> > > > > > for mounting /dev/loop in the host. This is the default mount for any
> > > > > > devices not created via loop-control in a loopfs mount (e.g. devices
> > > > > > created during driver init, devices created via /dev/loop-control, etc).
> > > > > > This is only available to system-wide CAP_SYS_ADMIN.
> > > > > > 
> > > > > > I still have some testing to do on these patches, but they work at
> > > > > > minimum for simple use cases. It's possible to use an unmodified losetup
> > > > > > if it's new enough to know about loop-control, with a couple of caveats:
> > > > > > 
> > > > > >  * /dev/loop-control must be symlinked to /dev/loop/loop-control
> > > > > >  * In some cases losetup attempts to use /dev/loopN when the device node
> > > > > >    is at /dev/loop/N. For example, 'losetup -f disk.img' fails.
> > > > > > 
> > > > > > Device nodes for loop partitions are not created in loopfs. These
> > > > > > devices are created by the generic block layer, and the loop driver has
> > > > > > no way of knowing when they are created, so some kind of hook into the
> > > > > > driver will be needed to support this.
> > > > > > 
> > > > > > Thanks,
> > > > > > Seth
> > > > > > 
> > > > > > [1] http://article.gmane.org/gmane.linux.kernel/1703988
> > > > > > 
> > > > > > Seth Forshee (2):
> > > > > >   loop: Add loop filesystem
> > > > > >   loop: Permit priveleged operations within user namespaces
> > > > > > 
> > > > > >  drivers/block/loop.c       | 137 +++++++++++++----
> > > > > >  drivers/block/loop.h       |   2 +
> > > > > >  fs/Makefile                |   1 +
> > > > > >  fs/loopfs/Makefile         |   6 +
> > > > > >  fs/loopfs/inode.c          | 360 +++++++++++++++++++++++++++++++++++++++++++++
> > > > > >  include/linux/loopfs.h     |  53 +++++++
> > > > > >  include/uapi/linux/magic.h |   1 +
> > > > > >  7 files changed, 535 insertions(+), 25 deletions(-)
> > > > > >  create mode 100644 fs/loopfs/Makefile
> > > > > >  create mode 100644 fs/loopfs/inode.c
> > > > > >  create mode 100644 include/linux/loopfs.h
> > > > > > 
> > > > > > --
> > > > > > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> > > > > > the body of a message to majordomo@vger.kernel.org
> > > > > > More majordomo info at  http://vger.kernel.org/majordomo-info.html
> > > > > > Please read the FAQ at  http://www.tux.org/lkml/
> > > > > > 
> > > > > > 
> > 
> > > #
> > > # Automatically generated file; DO NOT EDIT.
> > > # Linux/x86 3.15.0-rc7 Kernel Configuration
> > > #
> > > CONFIG_64BIT=y
> > > CONFIG_X86_64=y
> > > CONFIG_X86=y
> > > CONFIG_INSTRUCTION_DECODER=y
> > > CONFIG_OUTPUT_FORMAT="elf64-x86-64"
> > > CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig"
> > > CONFIG_LOCKDEP_SUPPORT=y
> > > CONFIG_STACKTRACE_SUPPORT=y
> > > CONFIG_HAVE_LATENCYTOP_SUPPORT=y
> > > CONFIG_MMU=y
> > > CONFIG_NEED_DMA_MAP_STATE=y
> > > CONFIG_NEED_SG_DMA_LENGTH=y
> > > CONFIG_GENERIC_ISA_DMA=y
> > > CONFIG_GENERIC_HWEIGHT=y
> > > CONFIG_ARCH_MAY_HAVE_PC_FDC=y
> > > CONFIG_RWSEM_XCHGADD_ALGORITHM=y
> > > CONFIG_GENERIC_CALIBRATE_DELAY=y
> > > CONFIG_ARCH_HAS_CPU_RELAX=y
> > > CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y
> > > CONFIG_HAVE_SETUP_PER_CPU_AREA=y
> > > CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y
> > > CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y
> > > CONFIG_ARCH_HIBERNATION_POSSIBLE=y
> > > CONFIG_ARCH_SUSPEND_POSSIBLE=y
> > > CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y
> > > CONFIG_ARCH_WANT_GENERAL_HUGETLB=y
> > > CONFIG_ZONE_DMA32=y
> > > CONFIG_AUDIT_ARCH=y
> > > CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y
> > > CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y
> > > CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11"
> > > CONFIG_ARCH_SUPPORTS_UPROBES=y
> > > CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config"
> > > CONFIG_IRQ_WORK=y
> > > CONFIG_BUILDTIME_EXTABLE_SORT=y
> > > 
> > > #
> > > # General setup
> > > #
> > > CONFIG_BROKEN_ON_SMP=y
> > > CONFIG_INIT_ENV_ARG_LIMIT=32
> > > CONFIG_CROSS_COMPILE=""
> > > # CONFIG_COMPILE_TEST is not set
> > > CONFIG_LOCALVERSION=""
> > > # CONFIG_LOCALVERSION_AUTO is not set
> > > CONFIG_HAVE_KERNEL_GZIP=y
> > > CONFIG_HAVE_KERNEL_BZIP2=y
> > > CONFIG_HAVE_KERNEL_LZMA=y
> > > CONFIG_HAVE_KERNEL_XZ=y
> > > CONFIG_HAVE_KERNEL_LZO=y
> > > CONFIG_HAVE_KERNEL_LZ4=y
> > > CONFIG_KERNEL_GZIP=y
> > > # CONFIG_KERNEL_BZIP2 is not set
> > > # CONFIG_KERNEL_LZMA is not set
> > > # CONFIG_KERNEL_XZ is not set
> > > # CONFIG_KERNEL_LZO is not set
> > > # CONFIG_KERNEL_LZ4 is not set
> > > CONFIG_DEFAULT_HOSTNAME="(none)"
> > > CONFIG_SWAP=y
> > > # CONFIG_SYSVIPC is not set
> > > # CONFIG_FHANDLE is not set
> > > # CONFIG_USELIB is not set
> > > CONFIG_HAVE_ARCH_AUDITSYSCALL=y
> > > 
> > > #
> > > # IRQ subsystem
> > > #
> > > CONFIG_GENERIC_IRQ_PROBE=y
> > > CONFIG_GENERIC_IRQ_SHOW=y
> > > CONFIG_IRQ_FORCED_THREADING=y
> > > CONFIG_SPARSE_IRQ=y
> > > CONFIG_CLOCKSOURCE_WATCHDOG=y
> > > CONFIG_ARCH_CLOCKSOURCE_DATA=y
> > > CONFIG_GENERIC_TIME_VSYSCALL=y
> > > CONFIG_GENERIC_CLOCKEVENTS=y
> > > CONFIG_GENERIC_CLOCKEVENTS_BUILD=y
> > > CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y
> > > CONFIG_GENERIC_CLOCKEVENTS_MIN_ADJUST=y
> > > CONFIG_GENERIC_CMOS_UPDATE=y
> > > 
> > > #
> > > # Timers subsystem
> > > #
> > > CONFIG_HZ_PERIODIC=y
> > > # CONFIG_NO_HZ_IDLE is not set
> > > # CONFIG_NO_HZ is not set
> > > # CONFIG_HIGH_RES_TIMERS is not set
> > > 
> > > #
> > > # CPU/Task time and stats accounting
> > > #
> > > CONFIG_TICK_CPU_ACCOUNTING=y
> > > # CONFIG_VIRT_CPU_ACCOUNTING_GEN is not set
> > > # CONFIG_IRQ_TIME_ACCOUNTING is not set
> > > # CONFIG_BSD_PROCESS_ACCT is not set
> > > 
> > > #
> > > # RCU Subsystem
> > > #
> > > CONFIG_TINY_RCU=y
> > > # CONFIG_PREEMPT_RCU is not set
> > > # CONFIG_RCU_STALL_COMMON is not set
> > > # CONFIG_TREE_RCU_TRACE is not set
> > > # CONFIG_IKCONFIG is not set
> > > CONFIG_LOG_BUF_SHIFT=17
> > > CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y
> > > CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y
> > > CONFIG_ARCH_SUPPORTS_INT128=y
> > > CONFIG_ARCH_WANTS_PROT_NUMA_PROT_NONE=y
> > > # CONFIG_CGROUPS is not set
> > > # CONFIG_CHECKPOINT_RESTORE is not set
> > > # CONFIG_NAMESPACES is not set
> > > # CONFIG_SCHED_AUTOGROUP is not set
> > > # CONFIG_RELAY is not set
> > > # CONFIG_BLK_DEV_INITRD is not set
> > > # CONFIG_CC_OPTIMIZE_FOR_SIZE is not set
> > > CONFIG_ANON_INODES=y
> > > CONFIG_SYSCTL_EXCEPTION_TRACE=y
> > > CONFIG_HAVE_PCSPKR_PLATFORM=y
> > > CONFIG_EXPERT=y
> > > # CONFIG_SYSFS_SYSCALL is not set
> > > # CONFIG_KALLSYMS is not set
> > > # CONFIG_PRINTK is not set
> > > # CONFIG_BUG is not set
> > > # CONFIG_PCSPKR_PLATFORM is not set
> > > # CONFIG_BASE_FULL is not set
> > > # CONFIG_FUTEX is not set
> > > # CONFIG_EPOLL is not set
> > > # CONFIG_SIGNALFD is not set
> > > # CONFIG_TIMERFD is not set
> > > # CONFIG_EVENTFD is not set
> > > # CONFIG_SHMEM is not set
> > > # CONFIG_AIO is not set
> > > CONFIG_EMBEDDED=y
> > > CONFIG_HAVE_PERF_EVENTS=y
> > > 
> > > #
> > > # Kernel Performance Events And Counters
> > > #
> > > CONFIG_PERF_EVENTS=y
> > > # CONFIG_DEBUG_PERF_USE_VMALLOC is not set
> > > # CONFIG_VM_EVENT_COUNTERS is not set
> > > # CONFIG_COMPAT_BRK is not set
> > > # CONFIG_SLAB is not set
> > > CONFIG_SLUB=y
> > > # CONFIG_SLOB is not set
> > > # CONFIG_PROFILING is not set
> > > CONFIG_HAVE_OPROFILE=y
> > > CONFIG_OPROFILE_NMI_TIMER=y
> > > # CONFIG_KPROBES is not set
> > > # CONFIG_JUMP_LABEL is not set
> > > # CONFIG_UPROBES is not set
> > > # CONFIG_HAVE_64BIT_ALIGNED_ACCESS is not set
> > > CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y
> > > CONFIG_ARCH_USE_BUILTIN_BSWAP=y
> > > CONFIG_HAVE_IOREMAP_PROT=y
> > > CONFIG_HAVE_KPROBES=y
> > > CONFIG_HAVE_KRETPROBES=y
> > > CONFIG_HAVE_OPTPROBES=y
> > > CONFIG_HAVE_KPROBES_ON_FTRACE=y
> > > CONFIG_HAVE_ARCH_TRACEHOOK=y
> > > CONFIG_HAVE_DMA_ATTRS=y
> > > CONFIG_GENERIC_SMP_IDLE_THREAD=y
> > > CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y
> > > CONFIG_HAVE_DMA_API_DEBUG=y
> > > CONFIG_HAVE_HW_BREAKPOINT=y
> > > CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y
> > > CONFIG_HAVE_USER_RETURN_NOTIFIER=y
> > > CONFIG_HAVE_PERF_EVENTS_NMI=y
> > > CONFIG_HAVE_PERF_REGS=y
> > > CONFIG_HAVE_PERF_USER_STACK_DUMP=y
> > > CONFIG_HAVE_ARCH_JUMP_LABEL=y
> > > CONFIG_ARCH_HAVE_NMI_SAFE_CMPXCHG=y
> > > CONFIG_HAVE_ALIGNED_STRUCT_PAGE=y
> > > CONFIG_HAVE_CMPXCHG_LOCAL=y
> > > CONFIG_HAVE_CMPXCHG_DOUBLE=y
> > > CONFIG_HAVE_ARCH_SECCOMP_FILTER=y
> > > CONFIG_HAVE_CC_STACKPROTECTOR=y
> > > # CONFIG_CC_STACKPROTECTOR is not set
> > > CONFIG_CC_STACKPROTECTOR_NONE=y
> > > # CONFIG_CC_STACKPROTECTOR_REGULAR is not set
> > > # CONFIG_CC_STACKPROTECTOR_STRONG is not set
> > > CONFIG_HAVE_CONTEXT_TRACKING=y
> > > CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y
> > > CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y
> > > CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE=y
> > > CONFIG_HAVE_ARCH_SOFT_DIRTY=y
> > > CONFIG_MODULES_USE_ELF_RELA=y
> > > CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y
> > > 
> > > #
> > > # GCOV-based kernel profiling
> > > #
> > > # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set
> > > CONFIG_BASE_SMALL=1
> > > CONFIG_MODULES=y
> > > # CONFIG_MODULE_FORCE_LOAD is not set
> > > # CONFIG_MODULE_UNLOAD is not set
> > > # CONFIG_MODVERSIONS is not set
> > > # CONFIG_MODULE_SRCVERSION_ALL is not set
> > > # CONFIG_MODULE_SIG is not set
> > > CONFIG_BLOCK=y
> > > CONFIG_BLK_DEV_BSG=y
> > > # CONFIG_BLK_DEV_BSGLIB is not set
> > > # CONFIG_BLK_DEV_INTEGRITY is not set
> > > # CONFIG_BLK_CMDLINE_PARSER is not set
> > > 
> > > #
> > > # Partition Types
> > > #
> > > # CONFIG_PARTITION_ADVANCED is not set
> > > CONFIG_MSDOS_PARTITION=y
> > > CONFIG_EFI_PARTITION=y
> > > 
> > > #
> > > # IO Schedulers
> > > #
> > > CONFIG_IOSCHED_NOOP=y
> > > CONFIG_IOSCHED_DEADLINE=y
> > > CONFIG_IOSCHED_CFQ=y
> > > # CONFIG_DEFAULT_DEADLINE is not set
> > > CONFIG_DEFAULT_CFQ=y
> > > # CONFIG_DEFAULT_NOOP is not set
> > > CONFIG_DEFAULT_IOSCHED="cfq"
> > > CONFIG_INLINE_SPIN_UNLOCK_IRQ=y
> > > CONFIG_INLINE_READ_UNLOCK=y
> > > CONFIG_INLINE_READ_UNLOCK_IRQ=y
> > > CONFIG_INLINE_WRITE_UNLOCK=y
> > > CONFIG_INLINE_WRITE_UNLOCK_IRQ=y
> > > # CONFIG_FREEZER is not set
> > > 
> > > #
> > > # Processor type and features
> > > #
> > > # CONFIG_ZONE_DMA is not set
> > > # CONFIG_SMP is not set
> > > CONFIG_X86_MPPARSE=y
> > > # CONFIG_X86_EXTENDED_PLATFORM is not set
> > > # CONFIG_SCHED_OMIT_FRAME_POINTER is not set
> > > # CONFIG_HYPERVISOR_GUEST is not set
> > > CONFIG_NO_BOOTMEM=y
> > > # CONFIG_MEMTEST is not set
> > > # CONFIG_M486 is not set
> > > # CONFIG_M586 is not set
> > > # CONFIG_M586TSC is not set
> > > # CONFIG_M586MMX is not set
> > > # CONFIG_M686 is not set
> > > # CONFIG_MPENTIUMII is not set
> > > # CONFIG_MPENTIUMIII is not set
> > > # CONFIG_MPENTIUMM is not set
> > > # CONFIG_MPENTIUM4 is not set
> > > # CONFIG_MK6 is not set
> > > # CONFIG_MK7 is not set
> > > # CONFIG_MK8 is not set
> > > # CONFIG_MCRUSOE is not set
> > > # CONFIG_MEFFICEON is not set
> > > # CONFIG_MWINCHIPC6 is not set
> > > # CONFIG_MWINCHIP3D is not set
> > > # CONFIG_MELAN is not set
> > > # CONFIG_MGEODEGX1 is not set
> > > # CONFIG_MGEODE_LX is not set
> > > # CONFIG_MCYRIXIII is not set
> > > # CONFIG_MVIAC3_2 is not set
> > > # CONFIG_MVIAC7 is not set
> > > # CONFIG_MPSC is not set
> > > # CONFIG_MCORE2 is not set
> > > # CONFIG_MATOM is not set
> > > CONFIG_GENERIC_CPU=y
> > > CONFIG_X86_INTERNODE_CACHE_SHIFT=6
> > > CONFIG_X86_L1_CACHE_SHIFT=6
> > > CONFIG_X86_TSC=y
> > > CONFIG_X86_CMPXCHG64=y
> > > CONFIG_X86_CMOV=y
> > > CONFIG_X86_MINIMUM_CPU_FAMILY=64
> > > CONFIG_X86_DEBUGCTLMSR=y
> > > # CONFIG_PROCESSOR_SELECT is not set
> > > CONFIG_CPU_SUP_INTEL=y
> > > CONFIG_CPU_SUP_AMD=y
> > > CONFIG_CPU_SUP_CENTAUR=y
> > > CONFIG_HPET_TIMER=y
> > > # CONFIG_DMI is not set
> > > CONFIG_SWIOTLB=y
> > > CONFIG_IOMMU_HELPER=y
> > > CONFIG_NR_CPUS=1
> > > CONFIG_PREEMPT_NONE=y
> > > # CONFIG_PREEMPT_VOLUNTARY is not set
> > > # CONFIG_PREEMPT is not set
> > > CONFIG_X86_LOCAL_APIC=y
> > > CONFIG_X86_IO_APIC=y
> > > # CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS is not set
> > > # CONFIG_X86_MCE is not set
> > > # CONFIG_I8K is not set
> > > # CONFIG_MICROCODE is not set
> > > # CONFIG_MICROCODE_INTEL_EARLY is not set
> > > # CONFIG_MICROCODE_AMD_EARLY is not set
> > > # CONFIG_X86_MSR is not set
> > > # CONFIG_X86_CPUID is not set
> > > # CONFIG_NOHIGHMEM is not set
> > > # CONFIG_HIGHMEM4G is not set
> > > # CONFIG_HIGHMEM64G is not set
> > > # CONFIG_VMSPLIT_3G is not set
> > > # CONFIG_VMSPLIT_3G_OPT is not set
> > > # CONFIG_VMSPLIT_2G is not set
> > > # CONFIG_VMSPLIT_2G_OPT is not set
> > > # CONFIG_VMSPLIT_1G is not set
> > > CONFIG_ARCH_PHYS_ADDR_T_64BIT=y
> > > CONFIG_ARCH_DMA_ADDR_T_64BIT=y
> > > CONFIG_DIRECT_GBPAGES=y
> > > CONFIG_ARCH_SPARSEMEM_ENABLE=y
> > > CONFIG_ARCH_SPARSEMEM_DEFAULT=y
> > > CONFIG_ARCH_SELECT_MEMORY_MODEL=y
> > > CONFIG_ILLEGAL_POINTER_VALUE=0xdead000000000000
> > > CONFIG_SELECT_MEMORY_MODEL=y
> > > # CONFIG_FLATMEM_MANUAL is not set
> > > CONFIG_SPARSEMEM_MANUAL=y
> > > CONFIG_SPARSEMEM=y
> > > CONFIG_HAVE_MEMORY_PRESENT=y
> > > CONFIG_SPARSEMEM_EXTREME=y
> > > CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y
> > > CONFIG_SPARSEMEM_ALLOC_MEM_MAP_TOGETHER=y
> > > CONFIG_SPARSEMEM_VMEMMAP=y
> > > CONFIG_HAVE_MEMBLOCK=y
> > > CONFIG_HAVE_MEMBLOCK_NODE_MAP=y
> > > CONFIG_ARCH_DISCARD_MEMBLOCK=y
> > > # CONFIG_HAVE_BOOTMEM_INFO_NODE is not set
> > > # CONFIG_MEMORY_HOTPLUG is not set
> > > CONFIG_PAGEFLAGS_EXTENDED=y
> > > CONFIG_SPLIT_PTLOCK_CPUS=4
> > > CONFIG_ARCH_ENABLE_SPLIT_PMD_PTLOCK=y
> > > # CONFIG_COMPACTION is not set
> > > CONFIG_PHYS_ADDR_T_64BIT=y
> > > CONFIG_ZONE_DMA_FLAG=0
> > > CONFIG_VIRT_TO_BUS=y
> > > # CONFIG_KSM is not set
> > > CONFIG_DEFAULT_MMAP_MIN_ADDR=4096
> > > # CONFIG_TRANSPARENT_HUGEPAGE is not set
> > > # CONFIG_CROSS_MEMORY_ATTACH is not set
> > > CONFIG_NEED_PER_CPU_KM=y
> > > # CONFIG_CLEANCACHE is not set
> > > # CONFIG_FRONTSWAP is not set
> > > # CONFIG_CMA is not set
> > > # CONFIG_ZBUD is not set
> > > # CONFIG_ZSMALLOC is not set
> > > CONFIG_GENERIC_EARLY_IOREMAP=y
> > > # CONFIG_X86_CHECK_BIOS_CORRUPTION is not set
> > > CONFIG_X86_RESERVE_LOW=64
> > > # CONFIG_MTRR is not set
> > > # CONFIG_ARCH_RANDOM is not set
> > > # CONFIG_X86_SMAP is not set
> > > # CONFIG_SECCOMP is not set
> > > # CONFIG_HZ_100 is not set
> > > CONFIG_HZ_250=y
> > > # CONFIG_HZ_300 is not set
> > > # CONFIG_HZ_1000 is not set
> > > CONFIG_HZ=250
> > > # CONFIG_SCHED_HRTICK is not set
> > > # CONFIG_KEXEC is not set
> > > # CONFIG_CRASH_DUMP is not set
> > > CONFIG_PHYSICAL_START=0x1000000
> > > # CONFIG_RELOCATABLE is not set
> > > CONFIG_PHYSICAL_ALIGN=0x200000
> > > # CONFIG_CMDLINE_BOOL is not set
> > > CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y
> > > 
> > > #
> > > # Power management and ACPI options
> > > #
> > > # CONFIG_SUSPEND is not set
> > > # CONFIG_HIBERNATION is not set
> > > # CONFIG_PM_RUNTIME is not set
> > > # CONFIG_SFI is not set
> > > 
> > > #
> > > # CPU Frequency scaling
> > > #
> > > # CONFIG_CPU_FREQ is not set
> > > 
> > > #
> > > # CPU Idle
> > > #
> > > # CONFIG_CPU_IDLE is not set
> > > # CONFIG_ARCH_NEEDS_CPU_IDLE_COUPLED is not set
> > > 
> > > #
> > > # Memory power savings
> > > #
> > > # CONFIG_I7300_IDLE is not set
> > > 
> > > #
> > > # Bus options (PCI etc.)
> > > #
> > > # CONFIG_PCI is not set
> > > CONFIG_ISA_DMA_API=y
> > > # CONFIG_PCCARD is not set
> > > # CONFIG_X86_SYSFB is not set
> > > 
> > > #
> > > # Executable file formats / Emulations
> > > #
> > > # CONFIG_BINFMT_ELF is not set
> > > CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE=y
> > > # CONFIG_BINFMT_SCRIPT is not set
> > > # CONFIG_HAVE_AOUT is not set
> > > # CONFIG_BINFMT_MISC is not set
> > > # CONFIG_COREDUMP is not set
> > > # CONFIG_IA32_EMULATION is not set
> > > CONFIG_X86_DEV_DMA_OPS=y
> > > # CONFIG_NET is not set
> > > CONFIG_HAVE_BPF_JIT=y
> > > 
> > > #
> > > # Device Drivers
> > > #
> > > 
> > > #
> > > # Generic Driver Options
> > > #
> > > CONFIG_UEVENT_HELPER_PATH=""
> > > # CONFIG_DEVTMPFS is not set
> > > # CONFIG_STANDALONE is not set
> > > # CONFIG_PREVENT_FIRMWARE_BUILD is not set
> > > # CONFIG_FW_LOADER is not set
> > > # CONFIG_DEBUG_DRIVER is not set
> > > # CONFIG_DEBUG_DEVRES is not set
> > > # CONFIG_SYS_HYPERVISOR is not set
> > > # CONFIG_GENERIC_CPU_DEVICES is not set
> > > CONFIG_GENERIC_CPU_AUTOPROBE=y
> > > # CONFIG_DMA_SHARED_BUFFER is not set
> > > 
> > > #
> > > # Bus devices
> > > #
> > > # CONFIG_MTD is not set
> > > # CONFIG_PARPORT is not set
> > > CONFIG_ARCH_MIGHT_HAVE_PC_PARPORT=y
> > > CONFIG_BLK_DEV=y
> > > # CONFIG_BLK_DEV_NULL_BLK is not set
> > > # CONFIG_BLK_DEV_FD is not set
> > > # CONFIG_BLK_DEV_COW_COMMON is not set
> > > CONFIG_BLK_DEV_LOOP=m
> > > CONFIG_BLK_DEV_LOOP_MIN_COUNT=8
> > > # CONFIG_BLK_DEV_CRYPTOLOOP is not set
> > > 
> > > #
> > > # DRBD disabled because PROC_FS or INET not selected
> > > #
> > > # CONFIG_BLK_DEV_RAM is not set
> > > # CONFIG_CDROM_PKTCDVD is not set
> > > # CONFIG_BLK_DEV_HD is not set
> > > 
> > > #
> > > # Misc devices
> > > #
> > > # CONFIG_DUMMY_IRQ is not set
> > > # CONFIG_ATMEL_SSC is not set
> > > # CONFIG_ENCLOSURE_SERVICES is not set
> > > # CONFIG_SRAM is not set
> > > # CONFIG_C2PORT is not set
> > > 
> > > #
> > > # EEPROM support
> > > #
> > > # CONFIG_EEPROM_93CX6 is not set
> > > 
> > > #
> > > # Texas Instruments shared transport line discipline
> > > #
> > > 
> > > #
> > > # Altera FPGA firmware download module
> > > #
> > > 
> > > #
> > > # Intel MIC Host Driver
> > > #
> > > 
> > > #
> > > # Intel MIC Card Driver
> > > #
> > > # CONFIG_INTEL_MIC_CARD is not set
> > > # CONFIG_ECHO is not set
> > > CONFIG_HAVE_IDE=y
> > > # CONFIG_IDE is not set
> > > 
> > > #
> > > # SCSI device support
> > > #
> > > CONFIG_SCSI_MOD=y
> > > # CONFIG_RAID_ATTRS is not set
> > > # CONFIG_SCSI is not set
> > > # CONFIG_SCSI_DMA is not set
> > > # CONFIG_SCSI_NETLINK is not set
> > > # CONFIG_ATA is not set
> > > # CONFIG_MD is not set
> > > # CONFIG_MACINTOSH_DRIVERS is not set
> > > 
> > > #
> > > # Input device support
> > > #
> > > # CONFIG_INPUT is not set
> > > 
> > > #
> > > # Hardware I/O ports
> > > #
> > > # CONFIG_SERIO is not set
> > > CONFIG_ARCH_MIGHT_HAVE_PC_SERIO=y
> > > # CONFIG_GAMEPORT is not set
> > > 
> > > #
> > > # Character devices
> > > #
> > > # CONFIG_TTY is not set
> > > # CONFIG_DEVKMEM is not set
> > > # CONFIG_IPMI_HANDLER is not set
> > > # CONFIG_HW_RANDOM is not set
> > > # CONFIG_NVRAM is not set
> > > # CONFIG_RAW_DRIVER is not set
> > > # CONFIG_HANGCHECK_TIMER is not set
> > > # CONFIG_TCG_TPM is not set
> > > # CONFIG_TELCLOCK is not set
> > > # CONFIG_I2C is not set
> > > # CONFIG_SPI is not set
> > > # CONFIG_SPMI is not set
> > > # CONFIG_HSI is not set
> > > 
> > > #
> > > # PPS support
> > > #
> > > # CONFIG_PPS is not set
> > > 
> > > #
> > > # PPS generators support
> > > #
> > > 
> > > #
> > > # PTP clock support
> > > #
> > > 
> > > #
> > > # Enable PHYLIB and NETWORK_PHY_TIMESTAMPING to see the additional clocks.
> > > #
> > > CONFIG_ARCH_WANT_OPTIONAL_GPIOLIB=y
> > > # CONFIG_GPIOLIB is not set
> > > # CONFIG_W1 is not set
> > > # CONFIG_POWER_SUPPLY is not set
> > > # CONFIG_POWER_AVS is not set
> > > # CONFIG_HWMON is not set
> > > # CONFIG_THERMAL is not set
> > > # CONFIG_WATCHDOG is not set
> > > CONFIG_SSB_POSSIBLE=y
> > > 
> > > #
> > > # Sonics Silicon Backplane
> > > #
> > > # CONFIG_SSB is not set
> > > CONFIG_BCMA_POSSIBLE=y
> > > 
> > > #
> > > # Broadcom specific AMBA
> > > #
> > > # CONFIG_BCMA is not set
> > > 
> > > #
> > > # Multifunction device drivers
> > > #
> > > # CONFIG_MFD_CORE is not set
> > > # CONFIG_MFD_CROS_EC is not set
> > > # CONFIG_HTC_PASIC3 is not set
> > > # CONFIG_MFD_KEMPLD is not set
> > > # CONFIG_MFD_SM501 is not set
> > > # CONFIG_ABX500_CORE is not set
> > > # CONFIG_MFD_SYSCON is not set
> > > # CONFIG_MFD_TI_AM335X_TSCADC is not set
> > > # CONFIG_MFD_TMIO is not set
> > > # CONFIG_REGULATOR is not set
> > > # CONFIG_MEDIA_SUPPORT is not set
> > > 
> > > #
> > > # Graphics support
> > > #
> > > 
> > > #
> > > # Direct Rendering Manager
> > > #
> > > # CONFIG_DRM is not set
> > > 
> > > #
> > > # Frame buffer Devices
> > > #
> > > # CONFIG_FB is not set
> > > # CONFIG_EXYNOS_VIDEO is not set
> > > # CONFIG_BACKLIGHT_LCD_SUPPORT is not set
> > > # CONFIG_VGASTATE is not set
> > > # CONFIG_SOUND is not set
> > > CONFIG_USB_OHCI_LITTLE_ENDIAN=y
> > > # CONFIG_USB_SUPPORT is not set
> > > # CONFIG_MMC is not set
> > > # CONFIG_MEMSTICK is not set
> > > # CONFIG_NEW_LEDS is not set
> > > # CONFIG_ACCESSIBILITY is not set
> > > # CONFIG_EDAC is not set
> > > CONFIG_RTC_LIB=y
> > > # CONFIG_RTC_CLASS is not set
> > > # CONFIG_DMADEVICES is not set
> > > # CONFIG_AUXDISPLAY is not set
> > > # CONFIG_UIO is not set
> > > # CONFIG_VIRT_DRIVERS is not set
> > > 
> > > #
> > > # Virtio drivers
> > > #
> > > # CONFIG_VIRTIO_MMIO is not set
> > > 
> > > #
> > > # Microsoft Hyper-V guest support
> > > #
> > > # CONFIG_STAGING is not set
> > > # CONFIG_X86_PLATFORM_DEVICES is not set
> > > # CONFIG_CHROME_PLATFORMS is not set
> > > 
> > > #
> > > # Hardware Spinlock drivers
> > > #
> > > CONFIG_CLKEVT_I8253=y
> > > CONFIG_CLKBLD_I8253=y
> > > # CONFIG_SH_TIMER_CMT is not set
> > > # CONFIG_SH_TIMER_MTU2 is not set
> > > # CONFIG_SH_TIMER_TMU is not set
> > > # CONFIG_EM_TIMER_STI is not set
> > > # CONFIG_MAILBOX is not set
> > > # CONFIG_IOMMU_SUPPORT is not set
> > > 
> > > #
> > > # Remoteproc drivers
> > > #
> > > # CONFIG_STE_MODEM_RPROC is not set
> > > 
> > > #
> > > # Rpmsg drivers
> > > #
> > > # CONFIG_PM_DEVFREQ is not set
> > > # CONFIG_EXTCON is not set
> > > # CONFIG_MEMORY is not set
> > > # CONFIG_IIO is not set
> > > # CONFIG_PWM is not set
> > > # CONFIG_IPACK_BUS is not set
> > > # CONFIG_RESET_CONTROLLER is not set
> > > # CONFIG_FMC is not set
> > > 
> > > #
> > > # PHY Subsystem
> > > #
> > > # CONFIG_GENERIC_PHY is not set
> > > # CONFIG_PHY_SAMSUNG_USB2 is not set
> > > # CONFIG_POWERCAP is not set
> > > # CONFIG_MCB is not set
> > > 
> > > #
> > > # Firmware Drivers
> > > #
> > > # CONFIG_EDD is not set
> > > # CONFIG_FIRMWARE_MEMMAP is not set
> > > # CONFIG_DELL_RBU is not set
> > > # CONFIG_DCDBAS is not set
> > > # CONFIG_GOOGLE_FIRMWARE is not set
> > > 
> > > #
> > > # File systems
> > > #
> > > CONFIG_DCACHE_WORD_ACCESS=y
> > > # CONFIG_EXT2_FS is not set
> > > # CONFIG_EXT3_FS is not set
> > > # CONFIG_EXT4_FS is not set
> > > # CONFIG_REISERFS_FS is not set
> > > # CONFIG_JFS_FS is not set
> > > # CONFIG_XFS_FS is not set
> > > # CONFIG_GFS2_FS is not set
> > > # CONFIG_BTRFS_FS is not set
> > > # CONFIG_NILFS2_FS is not set
> > > # CONFIG_FS_POSIX_ACL is not set
> > > # CONFIG_FILE_LOCKING is not set
> > > # CONFIG_FSNOTIFY is not set
> > > # CONFIG_DNOTIFY is not set
> > > # CONFIG_INOTIFY_USER is not set
> > > # CONFIG_FANOTIFY is not set
> > > # CONFIG_QUOTA is not set
> > > # CONFIG_QUOTACTL is not set
> > > # CONFIG_AUTOFS4_FS is not set
> > > # CONFIG_FUSE_FS is not set
> > > 
> > > #
> > > # Caches
> > > #
> > > # CONFIG_FSCACHE is not set
> > > 
> > > #
> > > # CD-ROM/DVD Filesystems
> > > #
> > > # CONFIG_ISO9660_FS is not set
> > > # CONFIG_UDF_FS is not set
> > > 
> > > #
> > > # DOS/FAT/NT Filesystems
> > > #
> > > # CONFIG_MSDOS_FS is not set
> > > # CONFIG_VFAT_FS is not set
> > > # CONFIG_NTFS_FS is not set
> > > 
> > > #
> > > # Pseudo filesystems
> > > #
> > > # CONFIG_PROC_FS is not set
> > > # CONFIG_KERNFS is not set
> > > # CONFIG_SYSFS is not set
> > > # CONFIG_HUGETLBFS is not set
> > > # CONFIG_HUGETLB_PAGE is not set
> > > # CONFIG_CONFIGFS_FS is not set
> > > # CONFIG_MISC_FILESYSTEMS is not set
> > > # CONFIG_NLS is not set
> > > 
> > > #
> > > # Kernel hacking
> > > #
> > > CONFIG_TRACE_IRQFLAGS_SUPPORT=y
> > > 
> > > #
> > > # printk and dmesg options
> > > #
> > > CONFIG_DEFAULT_MESSAGE_LOGLEVEL=4
> > > 
> > > #
> > > # Compile-time checks and compiler options
> > > #
> > > # CONFIG_DEBUG_INFO is not set
> > > # CONFIG_ENABLE_WARN_DEPRECATED is not set
> > > # CONFIG_ENABLE_MUST_CHECK is not set
> > > CONFIG_FRAME_WARN=1024
> > > # CONFIG_STRIP_ASM_SYMS is not set
> > > # CONFIG_READABLE_ASM is not set
> > > # CONFIG_UNUSED_SYMBOLS is not set
> > > # CONFIG_DEBUG_FS is not set
> > > # CONFIG_HEADERS_CHECK is not set
> > > # CONFIG_DEBUG_SECTION_MISMATCH is not set
> > > CONFIG_ARCH_WANT_FRAME_POINTERS=y
> > > # CONFIG_FRAME_POINTER is not set
> > > # CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set
> > > # CONFIG_MAGIC_SYSRQ is not set
> > > CONFIG_DEBUG_KERNEL=y
> > > 
> > > #
> > > # Memory Debugging
> > > #
> > > # CONFIG_DEBUG_PAGEALLOC is not set
> > > # CONFIG_DEBUG_OBJECTS is not set
> > > CONFIG_HAVE_DEBUG_KMEMLEAK=y
> > > # CONFIG_DEBUG_KMEMLEAK is not set
> > > # CONFIG_DEBUG_STACK_USAGE is not set
> > > # CONFIG_DEBUG_VM is not set
> > > # CONFIG_DEBUG_VIRTUAL is not set
> > > # CONFIG_DEBUG_MEMORY_INIT is not set
> > > CONFIG_HAVE_DEBUG_STACKOVERFLOW=y
> > > # CONFIG_DEBUG_STACKOVERFLOW is not set
> > > CONFIG_HAVE_ARCH_KMEMCHECK=y
> > > # CONFIG_KMEMCHECK is not set
> > > # CONFIG_DEBUG_SHIRQ is not set
> > > 
> > > #
> > > # Debug Lockups and Hangs
> > > #
> > > # CONFIG_LOCKUP_DETECTOR is not set
> > > # CONFIG_DETECT_HUNG_TASK is not set
> > > # CONFIG_PANIC_ON_OOPS is not set
> > > CONFIG_PANIC_ON_OOPS_VALUE=0
> > > CONFIG_PANIC_TIMEOUT=0
> > > 
> > > #
> > > # Lock Debugging (spinlocks, mutexes, etc...)
> > > #
> > > # CONFIG_DEBUG_SPINLOCK is not set
> > > # CONFIG_DEBUG_MUTEXES is not set
> > > # CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set
> > > # CONFIG_DEBUG_LOCK_ALLOC is not set
> > > # CONFIG_PROVE_LOCKING is not set
> > > # CONFIG_LOCK_STAT is not set
> > > # CONFIG_DEBUG_ATOMIC_SLEEP is not set
> > > # CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set
> > > # CONFIG_LOCK_TORTURE_TEST is not set
> > > # CONFIG_DEBUG_KOBJECT is not set
> > > # CONFIG_DEBUG_LIST is not set
> > > # CONFIG_DEBUG_SG is not set
> > > # CONFIG_DEBUG_NOTIFIERS is not set
> > > # CONFIG_DEBUG_CREDENTIALS is not set
> > > 
> > > #
> > > # RCU Debugging
> > > #
> > > # CONFIG_SPARSE_RCU_POINTER is not set
> > > # CONFIG_TORTURE_TEST is not set
> > > # CONFIG_RCU_TORTURE_TEST is not set
> > > # CONFIG_RCU_TRACE is not set
> > > # CONFIG_DEBUG_BLOCK_EXT_DEVT is not set
> > > # CONFIG_NOTIFIER_ERROR_INJECTION is not set
> > > # CONFIG_FAULT_INJECTION is not set
> > > CONFIG_ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS=y
> > > # CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is not set
> > > CONFIG_USER_STACKTRACE_SUPPORT=y
> > > CONFIG_HAVE_FUNCTION_TRACER=y
> > > CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y
> > > CONFIG_HAVE_FUNCTION_GRAPH_FP_TEST=y
> > > CONFIG_HAVE_FUNCTION_TRACE_MCOUNT_TEST=y
> > > CONFIG_HAVE_DYNAMIC_FTRACE=y
> > > CONFIG_HAVE_DYNAMIC_FTRACE_WITH_REGS=y
> > > CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y
> > > CONFIG_HAVE_SYSCALL_TRACEPOINTS=y
> > > CONFIG_HAVE_FENTRY=y
> > > CONFIG_HAVE_C_RECORDMCOUNT=y
> > > CONFIG_TRACING_SUPPORT=y
> > > # CONFIG_FTRACE is not set
> > > 
> > > #
> > > # Runtime Testing
> > > #
> > > # CONFIG_TEST_LIST_SORT is not set
> > > # CONFIG_BACKTRACE_SELF_TEST is not set
> > > # CONFIG_RBTREE_TEST is not set
> > > # CONFIG_INTERVAL_TREE_TEST is not set
> > > # CONFIG_PERCPU_TEST is not set
> > > # CONFIG_ATOMIC64_SELFTEST is not set
> > > # CONFIG_TEST_STRING_HELPERS is not set
> > > # CONFIG_TEST_KSTRTOX is not set
> > > # CONFIG_DMA_API_DEBUG is not set
> > > # CONFIG_TEST_MODULE is not set
> > > # CONFIG_TEST_USER_COPY is not set
> > > # CONFIG_SAMPLES is not set
> > > CONFIG_HAVE_ARCH_KGDB=y
> > > # CONFIG_KGDB is not set
> > > # CONFIG_STRICT_DEVMEM is not set
> > > # CONFIG_X86_VERBOSE_BOOTUP is not set
> > > # CONFIG_EARLY_PRINTK is not set
> > > # CONFIG_X86_PTDUMP is not set
> > > # CONFIG_DEBUG_RODATA is not set
> > > # CONFIG_DEBUG_SET_MODULE_RONX is not set
> > > # CONFIG_DEBUG_NX_TEST is not set
> > > # CONFIG_DOUBLEFAULT is not set
> > > # CONFIG_DEBUG_TLBFLUSH is not set
> > > # CONFIG_IOMMU_STRESS is not set
> > > CONFIG_HAVE_MMIOTRACE_SUPPORT=y
> > > CONFIG_IO_DELAY_TYPE_0X80=0
> > > CONFIG_IO_DELAY_TYPE_0XED=1
> > > CONFIG_IO_DELAY_TYPE_UDELAY=2
> > > CONFIG_IO_DELAY_TYPE_NONE=3
> > > CONFIG_IO_DELAY_0X80=y
> > > # CONFIG_IO_DELAY_0XED is not set
> > > # CONFIG_IO_DELAY_UDELAY is not set
> > > # CONFIG_IO_DELAY_NONE is not set
> > > CONFIG_DEFAULT_IO_DELAY_TYPE=0
> > > # CONFIG_CPA_DEBUG is not set
> > > # CONFIG_OPTIMIZE_INLINING is not set
> > > # CONFIG_DEBUG_NMI_SELFTEST is not set
> > > # CONFIG_X86_DEBUG_STATIC_CPU_HAS is not set
> > > 
> > > #
> > > # Security options
> > > #
> > > # CONFIG_KEYS is not set
> > > # CONFIG_SECURITY_DMESG_RESTRICT is not set
> > > # CONFIG_SECURITYFS is not set
> > > CONFIG_DEFAULT_SECURITY_DAC=y
> > > CONFIG_DEFAULT_SECURITY=""
> > > # CONFIG_CRYPTO is not set
> > > CONFIG_HAVE_KVM=y
> > > # CONFIG_VIRTUALIZATION is not set
> > > # CONFIG_BINARY_PRINTF is not set
> > > 
> > > #
> > > # Library routines
> > > #
> > > CONFIG_BITREVERSE=y
> > > CONFIG_GENERIC_STRNCPY_FROM_USER=y
> > > CONFIG_GENERIC_STRNLEN_USER=y
> > > CONFIG_GENERIC_FIND_FIRST_BIT=y
> > > CONFIG_GENERIC_PCI_IOMAP=y
> > > CONFIG_GENERIC_IOMAP=y
> > > CONFIG_GENERIC_IO=y
> > > CONFIG_ARCH_USE_CMPXCHG_LOCKREF=y
> > > # CONFIG_CRC_CCITT is not set
> > > # CONFIG_CRC16 is not set
> > > # CONFIG_CRC_T10DIF is not set
> > > # CONFIG_CRC_ITU_T is not set
> > > CONFIG_CRC32=y
> > > # CONFIG_CRC32_SELFTEST is not set
> > > CONFIG_CRC32_SLICEBY8=y
> > > # CONFIG_CRC32_SLICEBY4 is not set
> > > # CONFIG_CRC32_SARWATE is not set
> > > # CONFIG_CRC32_BIT is not set
> > > # CONFIG_CRC7 is not set
> > > # CONFIG_LIBCRC32C is not set
> > > # CONFIG_CRC8 is not set
> > > # CONFIG_AUDIT_ARCH_COMPAT_GENERIC is not set
> > > # CONFIG_RANDOM32_SELFTEST is not set
> > > # CONFIG_XZ_DEC is not set
> > > # CONFIG_XZ_DEC_BCJ is not set
> > > CONFIG_HAS_IOMEM=y
> > > CONFIG_HAS_IOPORT_MAP=y
> > > CONFIG_HAS_DMA=y
> > > CONFIG_ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE=y
> > > # CONFIG_AVERAGE is not set
> > > # CONFIG_CORDIC is not set
> > > # CONFIG_DDR is not set
> > 

Re: [RFC PATCH 0/2] Loop device psuedo filesystem

[Seth Forshee]

On Tue, Sep 16, 2014 at 01:05:48PM -0400, Shea Levy wrote:
> On Tue, Sep 16, 2014 at 11:39:57AM -0500, Seth Forshee wrote:
> > On Tue, Sep 16, 2014 at 12:12:47PM -0400, Shea Levy wrote:
> > > OK, compiling with BLK_DEV_LOOP=y (on top of 3.16.2), I was able to
> > > mount loopfs, request a loop device from loop-control, and associate it
> > > with an image with an ext4 partition with losetup, but mount still gives
> > > EPERM (all as root in a userns started from an unprivileged account). Is
> > > this expected? I do have read and write permissions to the resultant
> > > loop device. If this is expected, what would be needed to be able to
> > > mount the device?
> > 
> > Yes. Very few filesystems allow mounting from a userns right now, and
> > probably no "regular" filesystems do, only special filesystems like
> > sysfs. At minimum you'll need to add the FS_USERNS_MOUNT flag to any
> > filesystems you want to use, but even then the user/group ids probably
> > won't be translated into the userns.
> > 
> 
> Hm, I see. Yeah, none of the 'regular' filesystems have that set. Why is
> that, if it's easy to explain? From a naive perspective it seems like if
> you have the permissions to the device then the uid/gid mapping should
> be generic (the on-disk id is the id *inside* the namespace, the kernel
> maps that based on the id_map file to processes outside the namespace),
> but I'm sure that's insecure in a way I'm not seeing.

Security. There are likely some bugs in how filesystem data is
processed, and if an arbitrary user can hand the kernel specially
crafted filesystem images these bugs could become exploits. I suspect
that some filesystems will be mountable from user namespaces eventually,
I just don't think anyone has done the work to alleviate the security
concerns yet.

> > > Also, this isn't an issue exactly, but the free devices started at 8
> > > (presumably because I have /dev/loop[0-7]) and appear in /dev in the
> > > root ns (presumably via udev) until I unmounted.
> > 
> > Right. 0-7 get created at module init time and end up allocated to the
> > init_user_ns superblock, so the first "free" id for your ns is 8.
> > 
> > I've brought up the problem of the devices for the userns also showing
> > up in devtmpfs. It was dismissed as not really being an issue, though I
> > still don't agree with that viewpoint. My proposed solution of assigning
> > devices to namespaces and then creating a namespaced devtmpfs was
> > rejected as well.
> > 
> > Just so you know, I'm not doing any further development of these patches
> > right now. I've shifted my efforts to getting fuse mountable from user
> > namespaces (https://lkml.org/lkml/2014/9/12/367).
> > 
> 
> Aside from the patch to build as a module, is there anything further to
> be done on the loopfs side of things? If not I may try to get this
> merged myself if you don't mind.

No, I don't mind.

There's probably some cleanup to do. I don't recall if I had resolved
all the issues with getting the loop devices "freed" when a superblock
was killed, which was kind of tricky to get right. Obviously I never
tested unloading the module either ;-)

Also go back through the thread and read the feedback the patches got.
There was a suggestion to leave loop alone and create something new for
this purpose as well.

There may be more, but that's what comes to mind. I also wanted to
somehow make the devices which are in a non-root loopfs mount not show
up in devtmpfs, but I still needed to come up with a way to do that
which Greg would be happy with.

Seth