linux-aspeed: Enable CGROUP_BPF and NAMESPACES
These are used by systemd to provide isolation features:
Required for IPAddressDeny= and IPAddressAllow= in resource control
unit settings
CONFIG_CGROUP_BPF
Required for PrivateNetwork= in service units:
CONFIG_NET_NS
Note that systemd-localed.service and other systemd units use
PrivateNetwork so this is effectively required.
Required for PrivateUsers= in service units:
CONFIG_USER_NS
(NET_NS is default y so we get it by enabling namespace support).
(From meta-aspeed rev: 5ad76c27abbb7d7e65c97bce6be63d7aa542a531)
Change-Id: I8e6311526393c663c62e310a465df9306251c021
Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
diff --git a/meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g5/defconfig b/meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g5/defconfig
index d189de8..4432d52 100644
--- a/meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g5/defconfig
+++ b/meta-aspeed/recipes-kernel/linux/linux-aspeed/aspeed-g5/defconfig
@@ -9,6 +9,9 @@
CONFIG_IKCONFIG_PROC=y
CONFIG_LOG_BUF_SHIFT=16
CONFIG_CGROUPS=y
+CONFIG_CGROUP_BPF=y
+CONFIG_NAMESPACES=y
+CONFIG_USER_NS=y
CONFIG_BLK_DEV_INITRD=y
# CONFIG_RD_BZIP2 is not set
# CONFIG_RD_LZO is not set