support tailoring and building linux kernel for kuasar security container #98
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Burning1020
approved these changes
Jan 10, 2024
vmm/scripts/kernel/build-kernel/how-to-tailor-linux-kernel-for-kuasar-security-container.md
Outdated
Show resolved
Hide resolved
| The characteristic of this scenario is that the applications are typically standard linux monolithic applications with complex functionality and high performance requirements, such as multi-tenant AI training/inference scenarios. To reduce performance loss, accelerator hardware devices need to be directly passthrough to secure containers. In addition, the device driver module can be loaded and complex networking modes can be supported. | ||
| **The requirements for the kernel in these scenarios are advanced capabilities, including support for hardware device pass-through, multiple network modes, and loadable kernel modules.** | ||
|
|
||
| Based on the directory structure of kernel features output by the `make menuconfig` command and combined with the typical scenarios of security container, the kernel features can be divided into the following categories:: |
There was a problem hiding this comment.
Suggested change
| Based on the directory structure of kernel features output by the `make menuconfig` command and combined with the typical scenarios of security container, the kernel features can be divided into the following categories:: | |
| Based on the directory structure of kernel features output by the `make menuconfig` command and combined with the typical scenarios of security container, the kernel features can be divided into the following categories: |
vmm/scripts/kernel/build-kernel/how-to-tailor-linux-kernel-for-kuasar-security-container.md
Outdated
Show resolved
Hide resolved
vmm/scripts/kernel/build-kernel/how-to-tailor-linux-kernel-for-kuasar-security-container.md
Outdated
Show resolved
Hide resolved
vmm/scripts/kernel/build-kernel/how-to-tailor-linux-kernel-for-kuasar-security-container.md
Outdated
Show resolved
Hide resolved
vmm/scripts/kernel/build-kernel/how-to-tailor-linux-kernel-for-kuasar-security-container.md
Outdated
Show resolved
Hide resolved
vmm/scripts/kernel/build-kernel/how-to-tailor-linux-kernel-for-kuasar-security-container.md
Outdated
Show resolved
Hide resolved
vmm/scripts/kernel/build-kernel/how-to-tailor-linux-kernel-for-kuasar-security-container.md
Outdated
Show resolved
Hide resolved
…y container reason: provide developers with a simple and automatical method to tailor the kernel on demand to meet the different scenarios of kuasar secure container. Signed-off-by: flyflypeng <[email protected]>
flyflypeng
force-pushed
the
support-guest-kernel-tailor
branch
from
b5fe1fd to
89f8c94
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
fix #97
provide developers with a simple and automatic method to tailor the kernel on demand to meet the different scenarios of kuasar secure container.