From 95edfb3c6f043c6052bf7d078d8345aba2dfa486 Mon Sep 17 00:00:00 2001
From: Lei Huang <leih@nvidia.com>
Date: Fri, 10 May 2024 15:54:57 -0700
Subject: [PATCH] build: add kernel config for Nvidia DPU/ConnectX adapter

With Nvidia DPU or ConnectX network adapter, VF can do VFIO passthrough
to guest VM in `guest-kernel` mode. In the guest kernel, the adapter's
driver is required to claim the VFIO device and create network interface.

Signed-off-by: Lei Huang <leih@nvidia.com>
---
 tools/packaging/kernel/build-kernel.sh        | 26 ++++++++++++++-----
 .../kernel/configs/fragments/dpu/nvidia.conf  | 10 +++++++
 tools/packaging/kernel/kata_config_version    |  2 +-
 3 files changed, 31 insertions(+), 7 deletions(-)
 create mode 100644 tools/packaging/kernel/configs/fragments/dpu/nvidia.conf

diff --git a/tools/packaging/kernel/build-kernel.sh b/tools/packaging/kernel/build-kernel.sh
index 99b01484ba67..278b1cee5810 100755
--- a/tools/packaging/kernel/build-kernel.sh
+++ b/tools/packaging/kernel/build-kernel.sh
@@ -32,9 +32,9 @@ readonly default_kernel_config_dir="${script_dir}/configs"
 readonly default_config_frags_dir="${script_dir}/configs/fragments"
 readonly default_config_whitelist="${script_dir}/configs/fragments/whitelist.conf"
 readonly default_initramfs="${script_dir}/initramfs.cpio.gz"
-# GPU vendor
-readonly GV_INTEL="intel"
-readonly GV_NVIDIA="nvidia"
+# xPU vendor
+readonly VENDOR_INTEL="intel"
+readonly VENDOR_NVIDIA="nvidia"
 
 #Path to kernel directory
 kernel_path=""
@@ -44,6 +44,8 @@ build_type=""
 force_setup_generate_config="false"
 #GPU kernel support
 gpu_vendor=""
+#DPU kernel support
+dpu_vendor=""
 #Confidential guest type
 conf_guest=""
 #
@@ -96,6 +98,7 @@ Options:
 	-a <arch>   	: Arch target to build the kernel, such as aarch64/ppc64le/s390x/x86_64.
 	-b <type>    	: Enable optional config type.
 	-c <path>   	: Path to config file to build the kernel.
+	-D <vendor> 	: DPU/SmartNIC vendor, only nvidia.
 	-d          	: Enable bash debug.
 	-e          	: Enable experimental kernel.
 	-E          	: Enable arch-specific experimental kernel, arch info offered by "-a".
@@ -224,6 +227,7 @@ get_kernel_frag_path() {
 	local arch_path="$1"
 	local common_path="${arch_path}/../common"
 	local gpu_path="${arch_path}/../gpu"
+	local dpu_path="${arch_path}/../dpu"
 
 	local kernel_path="$2"
 	local arch="$3"
@@ -280,6 +284,12 @@ get_kernel_frag_path() {
 		all_configs="${all_configs} ${gpu_configs}"
 	fi
 
+	if [[ "${dpu_vendor}" != "" ]]; then
+		info "Add kernel config for DPU/SmartNIC due to '-n ${dpu_vendor}'"
+		local dpu_configs="${dpu_path}/${dpu_vendor}.conf"
+		all_configs="${all_configs} ${dpu_configs}"
+	fi
+
 	if [ "${measured_rootfs}" == "true" ]; then
 		info "Enabling config for confidential guest trust storage protection"
 		local cryptsetup_configs="$(ls ${common_path}/confidential_containers/cryptsetup.conf)"
@@ -559,7 +569,7 @@ install_kata() {
 }
 
 main() {
-	while getopts "a:b:c:deEfg:hH:k:mp:st:u:v:x" opt; do
+	while getopts "a:b:c:dD:eEfg:hH:k:mp:st:u:v:x" opt; do
 		case "$opt" in
 			a)
 				arch_target="${OPTARG}"
@@ -574,6 +584,10 @@ main() {
 				PS4=' Line ${LINENO}: '
 				set -x
 				;;
+			D)
+				dpu_vendor="${OPTARG}"
+				[[ "${dpu_vendor}" == "${VENDOR_NVIDIA}" ]] || die "DPU vendor only support nvidia"
+				;;
 			e)
 				build_type="experimental"
 				;;
@@ -585,7 +599,7 @@ main() {
 				;;
 			g)
 				gpu_vendor="${OPTARG}"
-				[[ "${gpu_vendor}" == "${GV_INTEL}" || "${gpu_vendor}" == "${GV_NVIDIA}" ]] || die "GPU vendor only support intel and nvidia"
+				[[ "${gpu_vendor}" == "${VENDOR_INTEL}" || "${gpu_vendor}" == "${VENDOR_NVIDIA}" ]] || die "GPU vendor only support intel and nvidia"
 				;;
 			h)
 				usage 0
@@ -635,7 +649,7 @@ main() {
 		if [ -n "$kernel_version" ];  then
 			kernel_major_version=$(get_major_kernel_version "${kernel_version}")
 			if [[ ${kernel_major_version} != "5.10" ]]; then
-				info "dragonball-experimental kernel patches are only tested on 5.10.x kernel now, other kernel version may cause confliction"	
+				info "dragonball-experimental kernel patches are only tested on 5.10.x kernel now, other kernel version may cause confliction"
 			fi
 		fi
 	fi
diff --git a/tools/packaging/kernel/configs/fragments/dpu/nvidia.conf b/tools/packaging/kernel/configs/fragments/dpu/nvidia.conf
new file mode 100644
index 000000000000..140d72092815
--- /dev/null
+++ b/tools/packaging/kernel/configs/fragments/dpu/nvidia.conf
@@ -0,0 +1,10 @@
+# Mellanox devices
+CONFIG_NET_VENDOR_MELLANOX=y
+# Mellanox 5th generation network adapters (ConnectX series) core driver
+CONFIG_MLX5_CORE=y
+# Mellanox 5th generation network adapters (ConnectX series) Ethernet support
+CONFIG_MLX5_CORE_EN=y
+# Mellanox MLX5 ethernet accelerated receive flow steering (ARFS) support
+CONFIG_MLX5_EN_ARFS=y
+# Mellanox MLX5 ethernet rx nfc flow steering support
+CONFIG_MLX5_EN_RXNFC=y
diff --git a/tools/packaging/kernel/kata_config_version b/tools/packaging/kernel/kata_config_version
index a949a93dfcca..b0d73241cad2 100644
--- a/tools/packaging/kernel/kata_config_version
+++ b/tools/packaging/kernel/kata_config_version
@@ -1 +1 @@
-128
+129