Some linux kernel configs are missing on Nvidia TX2

Graphics / Linux Linux
1

When I try to use some functions of Docker or K8s on Nvidia TX2, I found there are some kernel configs are missing.

uname -a gives:

Linux tx2 4.9.140-tegra #1 SMP PREEMPT Wed Mar 13 00:30:11 PDT 2019 aarch64 aarch64 aarch64 GNU/Linux

, and I was on JetPack 4.2

I used docker’s official kernel config checking script:

<b>nvidia@tx2:~$ wget https://raw.githubusercontent.com/moby/moby/master/contrib/check-config.sh</b>
--2019-07-17 10:00:48--  https://raw.githubusercontent.com/moby/moby/master/contrib/check-config.sh
Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 151.101.192.133, 151.101.128.133, 151.101.64.133, ...
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|151.101.192.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 10337 (10K) [text/plain]
Saving to: ‘check-config.sh’

check-config.sh                              100%[============================================================================================>]  10.09K  --.-KB/s    in 0.04s

2019-07-17 10:00:49 (225 KB/s) - ‘check-config.sh’ saved [10337/10337]

<b>nvidia@tx2:~$ bash check-config.sh</b>
info: reading kernel config from /proc/config.gz ...

Generally Necessary:
- cgroup hierarchy: properly mounted [/sys/fs/cgroup]
- CONFIG_NAMESPACES: enabled
- CONFIG_NET_NS: enabled
- CONFIG_PID_NS: enabled
- CONFIG_IPC_NS: enabled
- CONFIG_UTS_NS: enabled
- CONFIG_CGROUPS: enabled
- CONFIG_CGROUP_CPUACCT: enabled
- CONFIG_CGROUP_DEVICE: enabled
- CONFIG_CGROUP_FREEZER: enabled
- CONFIG_CGROUP_SCHED: enabled
- CONFIG_CPUSETS: enabled
- CONFIG_MEMCG: enabled
- CONFIG_KEYS: enabled
- CONFIG_VETH: enabled (as module)
- CONFIG_BRIDGE: enabled
- CONFIG_BRIDGE_NETFILTER: enabled (as module)
- CONFIG_NF_NAT_IPV4: enabled (as module)
- CONFIG_IP_NF_FILTER: enabled (as module)
- CONFIG_IP_NF_TARGET_MASQUERADE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_IPVS: enabled (as module)
- CONFIG_IP_NF_NAT: enabled (as module)
- CONFIG_NF_NAT: enabled (as module)
- CONFIG_NF_NAT_NEEDED: enabled
- CONFIG_POSIX_MQUEUE: enabled

Optional Features:
- CONFIG_USER_NS: enabled
- CONFIG_SECCOMP: enabled
- CONFIG_CGROUP_PIDS: enabled
- CONFIG_MEMCG_SWAP: enabled
- CONFIG_MEMCG_SWAP_ENABLED: enabled
    (cgroup swap accounting is currently enabled)
- CONFIG_BLK_CGROUP: enabled
- CONFIG_BLK_DEV_THROTTLING: enabled
- CONFIG_IOSCHED_CFQ: enabled
<b>- CONFIG_CFQ_GROUP_IOSCHED: missing</b>
- CONFIG_CGROUP_PERF: enabled
<b>- CONFIG_CGROUP_HUGETLB: missing</b>
- CONFIG_NET_CLS_CGROUP: enabled
- CONFIG_CGROUP_NET_PRIO: enabled
- CONFIG_CFS_BANDWIDTH: enabled
- CONFIG_FAIR_GROUP_SCHED: enabled
- CONFIG_RT_GROUP_SCHED: enabled
<b>- CONFIG_IP_NF_TARGET_REDIRECT: missing</b>
- CONFIG_IP_VS: enabled (as module)
- CONFIG_IP_VS_NFCT: enabled
<b>- CONFIG_IP_VS_PROTO_TCP: missing</b>
<b>- CONFIG_IP_VS_PROTO_UDP: missing</b>
- CONFIG_IP_VS_RR: enabled (as module)
- CONFIG_EXT4_FS: enabled
- CONFIG_EXT4_FS_POSIX_ACL: enabled
- CONFIG_EXT4_FS_SECURITY: enabled
- Network Drivers:
  - "overlay":
    - CONFIG_VXLAN: enabled
    - CONFIG_BRIDGE_VLAN_FILTERING: enabled
      Optional (for encrypted networks):
      - CONFIG_CRYPTO: enabled
      - CONFIG_CRYPTO_AEAD: enabled
      - CONFIG_CRYPTO_GCM: enabled
      - CONFIG_CRYPTO_SEQIV: enabled
      - CONFIG_CRYPTO_GHASH: enabled
      - CONFIG_XFRM: enabled
      - CONFIG_XFRM_USER: enabled
      - CONFIG_XFRM_ALGO: enabled
<b>      - CONFIG_INET_ESP: missing</b>
      - CONFIG_INET_XFRM_MODE_TRANSPORT: enabled
  - "ipvlan":
<b>    - CONFIG_IPVLAN: missing</b>
  - "macvlan":
    - CONFIG_MACVLAN: enabled (as module)
    - CONFIG_DUMMY: enabled
  - "ftp,tftp client in container":
    - CONFIG_NF_NAT_FTP: enabled (as module)
    - CONFIG_NF_CONNTRACK_FTP: enabled (as module)
    - CONFIG_NF_NAT_TFTP: enabled (as module)
    - CONFIG_NF_CONNTRACK_TFTP: enabled (as module)
- Storage Drivers:
  - "aufs":
<b>    - CONFIG_AUFS_FS: missing</b>
  - "btrfs":
    - CONFIG_BTRFS_FS: enabled (as module)
    - CONFIG_BTRFS_FS_POSIX_ACL: enabled
  - "devicemapper":
    - CONFIG_BLK_DEV_DM: enabled
<b>    - CONFIG_DM_THIN_PROVISIONING: missing</b>
  - "overlay":
    - CONFIG_OVERLAY_FS: enabled (as module)
  - "zfs":
    - /dev/zfs: missing
    - zfs command: missing
    - zpool command: missing

Limits:
- /proc/sys/kernel/keys/root_maxkeys: 1000000

Especially for this config: CONFIG_IP_NF_TARGET_REDIRECT
Will these kernel configs be enabled officially? or how can I enable them manually?

2

You would probably have to compile your own kernel. You should better ask that question there, though:
[url]https://devtalk.nvidia.com/default/board/188/jetson-tx2/[/url]