aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/src/tests/qemu
diff options
context:
space:
mode:
Diffstat (limited to 'src/tests/qemu')
-rw-r--r--src/tests/qemu/Makefile196
-rw-r--r--src/tests/qemu/debug.config64
-rw-r--r--src/tests/qemu/init.c110
-rw-r--r--src/tests/qemu/kernel.config68
4 files changed, 438 insertions, 0 deletions
diff --git a/src/tests/qemu/Makefile b/src/tests/qemu/Makefile
new file mode 100644
index 0000000..1474734
--- /dev/null
+++ b/src/tests/qemu/Makefile
@@ -0,0 +1,196 @@
+PWD := $(shell pwd)
+
+# Set these from the environment to override
+KERNEL_VERSION ?= 4.7
+BUILD_PATH ?= $(PWD)/build
+DISTFILES_PATH ?= $(PWD)/distfiles
+DEBUG_KERNEL ?= no
+NR_CPUS ?= 2
+
+
+DOWNLOAD := wget -O
+# DOWNLOAD := curl -f -o
+
+MIRROR := https://download.wireguard.io/qemu-test/distfiles/
+
+CHOST := x86_64-pc-linux-gnu
+WIREGUARD_SOURCES := $(wildcard ../../*.c ../../*.h ../../selftest/*.h ../../crypto/*.c ../../crypto/*.h ../../crypto/*.S)
+TOOLS_SOURCES := $(wildcard ../../tools/*.c ../../tools*.h ../../uapi.h)
+
+default: qemu
+
+# variable name, tarball project name, version, tarball extension, default URI base
+define tar_download =
+$(1)_VERSION := $(3)
+$(1)_NAME := $(2)-$$($(1)_VERSION)
+$(1)_TAR := $(DISTFILES_PATH)/$$($(1)_NAME)$(4)
+$(1)_PATH := $(BUILD_PATH)/$$($(1)_NAME)
+$(call file_download,$$($(1)_NAME)$(4),$(5))
+endef
+
+define file_download =
+$(DISTFILES_PATH)/$(1):
+ mkdir -p $(DISTFILES_PATH)
+ [ -n "$(MIRROR)" ] && $(DOWNLOAD) $$@ $(MIRROR)/$(1) || $(DOWNLOAD) $$@ $(2)/$(1)
+endef
+
+$(eval $(call tar_download,KERNEL,linux,$(KERNEL_VERSION),.tar.xz,https://www.kernel.org/pub/linux/kernel/v4.x/))
+KERNEL_BZIMAGE := $(KERNEL_PATH)/arch/x86/boot/bzImage
+$(eval $(call tar_download,MUSL,musl,1.1.15,.tar.gz,https://www.musl-libc.org/releases/))
+$(eval $(call tar_download,LIBMNL,libmnl,1.0.4,.tar.bz2,http://ftp.netfilter.org/pub/libmnl/))
+$(eval $(call tar_download,IPERF,iperf,3.1.3,.tar.gz,http://downloads.es.net/pub/iperf/))
+$(eval $(call tar_download,BASH,bash,30a978b7d808c067219c95be88c4979b6a7aa251,.tar.gz,http://git.savannah.gnu.org/cgit/bash.git/snapshot/))
+$(eval $(call tar_download,IPROUTE2,iproute2,4.3.0,.tar.gz,http://www.kernel.org/pub/linux/utils/net/iproute2/))
+$(eval $(call tar_download,IPTABLES,iptables,1.6.0,.tar.bz2,http://ftp.netfilter.org/pub/iptables/))
+
+IPUTILS_VERSION := s20160308
+IPUTILS_TAR := $(DISTFILES_PATH)/$(IPUTILS_VERSION).tar.gz
+IPUTILS_PATH := $(BUILD_PATH)/iputils-$(IPUTILS_VERSION)
+$(eval $(call file_download,$(IPUTILS_VERSION).tar.gz,https://github.com/iputils/iputils/archive/))
+
+CFLAGS ?= -O3 -march=native -pipe
+CPPFLAGS := -I$(BUILD_PATH)/include
+
+MUSL_CC := $(BUILD_PATH)/musl-gcc
+
+qemu: $(KERNEL_BZIMAGE)
+ rm -f $(BUILD_PATH)/result
+ qemu-system-x86_64 \
+ -nodefaults \
+ -nographic \
+ -machine q35,accel=kvm \
+ -cpu host \
+ -smp $(NR_CPUS) \
+ -m 64M \
+ -object rng-random,id=rng0,filename=/dev/urandom \
+ -device virtio-rng-pci,rng=rng0 \
+ -device virtio-serial,max_ports=2 \
+ -chardev stdio,id=stdio \
+ -device virtconsole,chardev=stdio \
+ -chardev file,id=status,path=$(BUILD_PATH)/result \
+ -device virtserialport,chardev=status \
+ -monitor none \
+ -kernel $< \
+ -append "console=hvc0"
+ grep -Fq success $(BUILD_PATH)/result
+
+$(BUILD_PATH)/init-cpio-spec.txt:
+ mkdir -p $(BUILD_PATH)
+ echo "file /init $(BUILD_PATH)/init 755 0 0" > $@
+ echo "file /init.sh $(PWD)/../netns.sh 755 0 0" >> $@
+ echo "dir /dev 755 0 0" >> $@
+ echo "nod /dev/console 644 0 0 c 5 1" >> $@
+ echo "dir /bin 755 0 0" >> $@
+ echo "file /bin/iperf3 $(IPERF_PATH)/src/iperf3 755 0 0" >> $@
+ echo "file /bin/wg $(BUILD_PATH)/tools/wg 755 0 0" >> $@
+ echo "file /bin/bash $(BASH_PATH)/bash 755 0 0" >> $@
+ echo "file /bin/ip $(IPROUTE2_PATH)/ip/ip 755 0 0" >> $@
+ echo "file /bin/ss $(IPROUTE2_PATH)/misc/ss 755 0 0" >> $@
+ echo "file /bin/ping $(IPUTILS_PATH)/ping 755 0 0" >> $@
+ echo "file /bin/xtables-multi $(IPTABLES_PATH)/iptables/xtables-multi 755 0 0" >> $@
+ echo "slink /bin/iptables xtables-multi 777 0 0" >> $@
+ echo "slink /bin/ping6 ping 777 0 0" >> $@
+ echo "dir /lib 755 0 0" >> $@
+ echo "file /lib/libc.so $(MUSL_PATH)/lib/libc.so 755 0 0" >> $@
+ echo "slink /lib/ld-linux.so.1 libc.so 777 0 0" >> $@
+
+$(KERNEL_PATH): $(KERNEL_TAR)
+ mkdir -p $(BUILD_PATH)
+ tar -C $(BUILD_PATH) -xf $<
+ sed -i "/^if INET\$$/a source \"net/wireguard/Kconfig\"" $(KERNEL_PATH)/net/Kconfig
+ sed -i "/^obj-\$$(CONFIG_NET).*:=/a obj-\$$(CONFIG_WIREGUARD) += wireguard/" $(KERNEL_PATH)/net/Makefile
+ ln -sf $(shell readlink -f ../..) $(KERNEL_PATH)/net/wireguard
+
+$(KERNEL_PATH)/.config: kernel.config | $(KERNEL_PATH)
+ cp kernel.config $(KERNEL_PATH)/minimal.config
+ printf 'CONFIG_NR_CPUS=$(NR_CPUS)\nCONFIG_INITRAMFS_SOURCE="$(BUILD_PATH)/init-cpio-spec.txt"\n' >> $(KERNEL_PATH)/minimal.config
+ $(MAKE) -C $(KERNEL_PATH) ARCH=x86_64 tinyconfig
+ cd $(KERNEL_PATH) && scripts/kconfig/merge_config.sh -n .config minimal.config
+ -[ "$(DEBUG_KERNEL)" = "yes" ] && ( cd $(KERNEL_PATH) && scripts/kconfig/merge_config.sh -n .config $(PWD)/debug.config )
+
+$(KERNEL_BZIMAGE): $(KERNEL_PATH) $(KERNEL_PATH)/.config $(BUILD_PATH)/init-cpio-spec.txt $(MUSL_PATH)/lib/libc.so $(IPERF_PATH)/src/iperf3 $(BUILD_PATH)/tools/wg $(IPUTILS_PATH)/ping $(BASH_PATH)/bash $(IPROUTE2_PATH)/ip/ip $(IPTABLES_PATH)/iptables/xtables-multi $(BUILD_PATH)/init ../netns.sh $(WIREGUARD_SOURCES) $(TOOLS_SOURCES)
+ $(MAKE) -C $(KERNEL_PATH)
+
+$(BUILD_PATH)/include/linux: | $(KERNEL_PATH)
+ $(MAKE) -C $(KERNEL_PATH) INSTALL_HDR_PATH=$(BUILD_PATH) headers_install
+
+$(MUSL_PATH)/lib/libc.so: $(MUSL_TAR) | $(BUILD_PATH)/include/linux
+ tar -C $(BUILD_PATH) -xf $<
+ cd $(MUSL_PATH) && ./configure --prefix=/ --disable-static CFLAGS="$(CFLAGS)"
+ $(MAKE) -C $(MUSL_PATH)
+ strip -s $@
+
+$(MUSL_CC): $(MUSL_PATH)/lib/libc.so
+ $(MAKE) -C $(MUSL_PATH) DESTDIR=$(BUILD_PATH) install-headers
+ sh $(MUSL_PATH)/tools/musl-gcc.specs.sh $(BUILD_PATH)/include $(MUSL_PATH)/lib /lib/ld-linux.so.1 > $(BUILD_PATH)/musl-gcc.specs
+ printf '#!/bin/sh\nexec "$(CC)" "$$@" -specs "$(BUILD_PATH)/musl-gcc.specs"\n' > $(BUILD_PATH)/musl-gcc
+ chmod +x $(BUILD_PATH)/musl-gcc
+
+$(IPERF_PATH): $(IPERF_TAR)
+ tar -C $(BUILD_PATH) -xf $<
+ sed -i '1s/^/#include <stdint.h>/' $(IPERF_PATH)/src/cjson.h $(IPERF_PATH)/src/timer.h
+ sed -i -r 's/-p?g//g' $(IPERF_PATH)/src/Makefile*
+
+$(IPERF_PATH)/src/iperf3: $(IPERF_PATH) $(MUSL_CC)
+ cd $(IPERF_PATH) && CC="$(MUSL_CC)" CFLAGS="$(CFLAGS) -D_GNU_SOURCE" ./configure --prefix=/ --host=$(CHOST) --enable-static --disable-shared
+ $(MAKE) -C $(IPERF_PATH)
+ strip -s $@
+
+$(LIBMNL_PATH): $(LIBMNL_TAR)
+ tar -C $(BUILD_PATH) -xf $<
+
+$(LIBMNL_PATH)/src/.libs/libmnl.a: $(LIBMNL_PATH) $(MUSL_CC)
+ cd $(LIBMNL_PATH) && CC="$(MUSL_CC)" CFLAGS="$(CFLAGS)" ./configure --prefix=/ --host=$(CHOST) --enable-static --disable-shared
+ $(MAKE) -C $(LIBMNL_PATH)
+
+$(BUILD_PATH)/tools/wg: $(MUSL_CC) $(TOOLS_SOURCES) $(LIBMNL_PATH)/src/.libs/libmnl.a | $(BUILD_PATH)/include/linux
+ cp -pr ../../uapi.h ../../tools $(BUILD_PATH)/
+ $(MAKE) -C $(BUILD_PATH)/tools clean
+ CC="$(MUSL_CC)" CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS) -L$(LIBMNL_PATH)/src/.libs" $(MAKE) -C $(BUILD_PATH)/tools LIBMNL_CFLAGS="-I$(LIBMNL_PATH)/include" LIBMNL_LDLIBS="-lmnl" wg
+ strip -s $@
+
+$(BUILD_PATH)/init: init.c $(MUSL_CC)
+ $(MUSL_CC) -o $@ $<
+ strip -s $@
+
+$(IPUTILS_PATH): $(IPUTILS_TAR)
+ tar -C $(BUILD_PATH) -xf $<
+
+$(IPUTILS_PATH)/ping: $(IPUTILS_PATH) $(MUSL_CC) | $(BUILD_PATH)/include/linux
+ $(MAKE) -C $(IPUTILS_PATH) CC="$(MUSL_CC)" USE_CAP=no USE_IDN=no USE_NETTLE=no USE_CRYPTO=no ping
+ strip -s $@
+
+$(BASH_PATH): $(BASH_TAR)
+ tar -C $(BUILD_PATH) -xf $<
+
+$(BASH_PATH)/bash: $(BASH_PATH) $(MUSL_CC) | $(BUILD_PATH)/include/linux
+ cd $(BASH_PATH) && CC="$(MUSL_CC)" CFLAGS="$(CFLAGS)" ./configure --prefix=/ --host=$(CHOST) --without-bash-malloc --disable-debugger --disable-help-builtin --disable-history --disable-multibyte --disable-progcomp --disable-readline --disable-mem-scramble
+ $(MAKE) -C $(BASH_PATH)
+ strip -s $@
+
+$(IPROUTE2_PATH): $(IPROUTE2_TAR)
+ tar -C $(BUILD_PATH) -xf $<
+ sed -i '/ARPD/d' $(IPROUTE2_PATH)/Makefile
+ sed -i 's/arpd.8//' $(IPROUTE2_PATH)/man/man8/Makefile
+ sed -i 's/m_ipt.o//;s/[^ ]*_bpf.o//' $(IPROUTE2_PATH)/tc/Makefile
+ sed -i '/#include <linux\/in\.h>/d;/#include <linux\/in6\.h>/d' $(IPROUTE2_PATH)/include/libiptc/ipt_kernel_headers.h $(IPROUTE2_PATH)/include/linux/if_bridge.h $(IPROUTE2_PATH)/include/linux/netfilter.h $(IPROUTE2_PATH)/include/linux/xfrm.h
+ printf 'TC_CONFIG_XT=n\nTC_CONFIG_ATM=n\nTC_CONFIG_IPSET=n\nIP_CONFIG_SETNS=y\n' > $(IPROUTE2_PATH)/Config
+
+$(IPROUTE2_PATH)/ip/ip: $(IPROUTE2_PATH) $(MUSL_CC) | $(BUILD_PATH)/include/linux
+ CFLAGS="$(CFLAGS)" $(MAKE) -C $(IPROUTE2_PATH) PREFIX=/ CC="$(MUSL_CC)"
+ strip -s $(IPROUTE2_PATH)/ip/ip $(IPROUTE2_PATH)/misc/ss
+
+$(IPTABLES_PATH): $(IPTABLES_TAR)
+ tar -C $(BUILD_PATH) -xf $<
+ rm -f $(IPTABLES_PATH)/include/linux/{kernel,types}.h
+ sed -i -e "/nfnetlink=[01]/s:=[01]:=0:" -e "/nfconntrack=[01]/s:=[01]:=0:" $(IPTABLES_PATH)/configure
+
+$(IPTABLES_PATH)/iptables/xtables-multi: $(IPTABLES_PATH) $(MUSL_CC) $(LIBMNL_PATH)/src/.libs/libmnl.a | $(KERNEL_PATH)
+ cd $(IPTABLES_PATH) && PKG_CONFIG_LIBDIR="$(LIBMNL_PATH)" CC="$(MUSL_CC)" CFLAGS="$(CFLAGS)" ./configure --prefix=/ --host=$(CHOST) --enable-static --disable-shared --disable-nftables --disable-bpf-compiler --disable-nfsynproxy --disable-libipq --with-kernel=$(KERNEL_PATH)
+ $(MAKE) -C $(IPTABLES_PATH)
+
+clean:
+ rm -rf $(BUILD_PATH)
+
+distclean: clean
+ rm -rf $(DISTFILES_PATH)
diff --git a/src/tests/qemu/debug.config b/src/tests/qemu/debug.config
new file mode 100644
index 0000000..2298959
--- /dev/null
+++ b/src/tests/qemu/debug.config
@@ -0,0 +1,64 @@
+CONFIG_ENABLE_WARN_DEPRECATED=y
+CONFIG_ENABLE_MUST_CHECK=y
+CONFIG_FRAME_POINTER=y
+CONFIG_STACK_VALIDATION=y
+CONFIG_DEBUG_KERNEL=y
+CONFIG_PAGE_EXTENSION=y
+CONFIG_PAGE_POISONING=y
+CONFIG_DEBUG_OBJECTS=y
+CONFIG_DEBUG_OBJECTS_FREE=y
+CONFIG_DEBUG_OBJECTS_TIMERS=y
+CONFIG_DEBUG_OBJECTS_WORK=y
+CONFIG_DEBUG_OBJECTS_RCU_HEAD=y
+CONFIG_DEBUG_OBJECTS_PERCPU_COUNTER=y
+CONFIG_DEBUG_OBJECTS_ENABLE_DEFAULT=1
+CONFIG_SLUB_DEBUG_ON=y
+CONFIG_DEBUG_VM=y
+CONFIG_DEBUG_MEMORY_INIT=y
+CONFIG_HAVE_DEBUG_STACKOVERFLOW=y
+CONFIG_DEBUG_STACKOVERFLOW=y
+CONFIG_HAVE_ARCH_KMEMCHECK=y
+CONFIG_HAVE_ARCH_KASAN=y
+CONFIG_KASAN=y
+CONFIG_KASAN_INLINE=y
+CONFIG_ARCH_HAS_KCOV=y
+CONFIG_KCOV=y
+CONFIG_DEBUG_SHIRQ=y
+CONFIG_LOCKUP_DETECTOR=y
+CONFIG_HARDLOCKUP_DETECTOR=y
+CONFIG_BOOTPARAM_HARDLOCKUP_PANIC_VALUE=0
+CONFIG_BOOTPARAM_SOFTLOCKUP_PANIC_VALUE=0
+CONFIG_DETECT_HUNG_TASK=y
+CONFIG_DEFAULT_HUNG_TASK_TIMEOUT=120
+CONFIG_BOOTPARAM_HUNG_TASK_PANIC_VALUE=0
+CONFIG_WQ_WATCHDOG=y
+CONFIG_PANIC_ON_OOPS_VALUE=0
+CONFIG_PANIC_TIMEOUT=0
+CONFIG_SCHED_DEBUG=y
+CONFIG_SCHED_INFO=y
+CONFIG_SCHEDSTATS=y
+CONFIG_SCHED_STACK_END_CHECK=y
+CONFIG_DEBUG_TIMEKEEPING=y
+CONFIG_TIMER_STATS=y
+CONFIG_DEBUG_PREEMPT=y
+CONFIG_DEBUG_RT_MUTEXES=y
+CONFIG_DEBUG_SPINLOCK=y
+CONFIG_DEBUG_MUTEXES=y
+CONFIG_DEBUG_LOCK_ALLOC=y
+CONFIG_PROVE_LOCKING=y
+CONFIG_LOCKDEP=y
+CONFIG_DEBUG_ATOMIC_SLEEP=y
+CONFIG_TRACE_IRQFLAGS=y
+CONFIG_STACKTRACE=y
+CONFIG_DEBUG_BUGVERBOSE=y
+CONFIG_DEBUG_LIST=y
+CONFIG_DEBUG_PI_LIST=y
+CONFIG_PROVE_RCU=y
+CONFIG_SPARSE_RCU_POINTER=y
+CONFIG_RCU_CPU_STALL_TIMEOUT=21
+CONFIG_RCU_TRACE=y
+CONFIG_RCU_EQS_DEBUG=y
+CONFIG_ARCH_HAS_DEBUG_STRICT_USER_COPY_CHECKS=y
+CONFIG_USER_STACKTRACE_SUPPORT=y
+CONFIG_X86_VERBOSE_BOOTUP=y
+CONFIG_EARLY_PRINTK=y
diff --git a/src/tests/qemu/init.c b/src/tests/qemu/init.c
new file mode 100644
index 0000000..310f34b
--- /dev/null
+++ b/src/tests/qemu/init.c
@@ -0,0 +1,110 @@
+#include <unistd.h>
+#include <errno.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <fcntl.h>
+#include <sys/wait.h>
+#include <sys/mount.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <sys/io.h>
+#include <sys/ioctl.h>
+#include <linux/random.h>
+
+ __attribute__((noreturn)) static void poweroff(void)
+{
+ ioperm(0x604, 2, 1);
+ outw(1 << 13, 0x604);
+ sleep(30);
+ fprintf(stderr, "\x1b[37m\x1b[41m\x1b[1mFailed to power off!!!\x1b[0m\n");
+ exit(1);
+}
+
+static void panic(const char *what)
+{
+ fprintf(stderr, "\n\n\x1b[37m\x1b[41m\x1b[1mSOMETHING WENT HORRIBLY WRONG\x1b[0m\n\n \x1b[31m\x1b[1m%s: %s\x1b[0m\n\n\x1b[37m\x1b[44m\x1b[1mPower off...\x1b[0m\n\n", what, strerror(errno));
+ poweroff();
+}
+
+#define pretty_message(msg) puts("\x1b[32m\x1b[1m" msg "\x1b[0m")
+
+int main(int argc, char *argv[])
+{
+ int status, fd1, fd2, i;
+ struct {
+ int entropy_count;
+ int buffer_size;
+ unsigned char buffer[128];
+ } entropy = {
+ .entropy_count = 128,
+ .buffer_size = 128
+ };
+ pretty_message("[+] Mounting filesystems...");
+ mkdir("/dev", 0755);
+ mkdir("/proc", 0755);
+ mkdir("/sys", 0755);
+ mkdir("/tmp", 0755);
+ mkdir("/run", 0755);
+ mkdir("/var", 0755);
+ if (mount("none", "/dev", "devtmpfs", 0, NULL))
+ panic("devtmpfs mount");
+ if (mount("none", "/proc", "proc", 0, NULL))
+ panic("procfs mount");
+ if (mount("none", "/sys", "sysfs", 0, NULL))
+ panic("sysfs mount");
+ if (mount("none", "/tmp", "tmpfs", 0, NULL))
+ panic("tmpfs mount");
+ if (mount("none", "/run", "tmpfs", 0, NULL))
+ panic("tmpfs mount");
+ if (symlink("/run", "/var/run"))
+ panic("run symlink");
+ if (symlink("/proc/self/fd", "/dev/fd"))
+ panic("fd symlink");
+ pretty_message("[+] Enabling logging...");
+ fd1 = open("/proc/sys/kernel/printk", O_WRONLY);
+ if (fd1 < 0)
+ panic("open(printk)");
+ if (write(fd1, "9\n", 2) != 2)
+ panic("write(printk)");
+ close(fd1);
+ pretty_message("[+] Ensuring RNG entropy...");
+ fd1 = open("/dev/hwrng", O_RDONLY);
+ fd2 = open("/dev/urandom", O_WRONLY);
+ if (fd1 < 0 || fd2 < 0)
+ panic("open(hwrng,urandom)");
+ for (i = 0; i < 4096; ++i) {
+ if (read(fd1, entropy.buffer, 128) != 128)
+ panic("read(hwrng)");
+ if (ioctl(fd2, RNDADDENTROPY, &entropy) < 0)
+ panic("ioctl(urandom)");
+ }
+ close(fd1);
+ close(fd2);
+
+ pretty_message("[+] Launching tests...");
+ switch (fork()) {
+ case -1:
+ panic("fork");
+ break;
+ case 0:
+ execl("/init.sh", "init", NULL);
+ panic("exec");
+ break;
+ }
+ if (wait(&status) < 0)
+ panic("wait");
+ if (WIFEXITED(status) && WEXITSTATUS(status) == 0) {
+ pretty_message("[+] Tests successful! :-)");
+ fd1 = open("/dev/vport1p1", O_WRONLY);
+ if (fd1 < 0)
+ panic("open(vport1p1)");
+ if (write(fd1, "success\n", 8) != 8)
+ panic("write(success)");
+ close(fd1);
+ } else
+ puts("\x1b[31m\x1b[1m[-] Tests failed! :-(\x1b[0m");
+ poweroff();
+ return 1;
+}
diff --git a/src/tests/qemu/kernel.config b/src/tests/qemu/kernel.config
new file mode 100644
index 0000000..e1bf4d6
--- /dev/null
+++ b/src/tests/qemu/kernel.config
@@ -0,0 +1,68 @@
+CONFIG_NET=y
+CONFIG_NETDEVICES=y
+CONFIG_NET_CORE=y
+CONFIG_VETH=y
+CONFIG_MULTIUSER=y
+CONFIG_NAMESPACES=y
+CONFIG_NET_NS=y
+CONFIG_UNIX=y
+CONFIG_INET=y
+CONFIG_IPV6=y
+CONFIG_NF_CONNTRACK=y
+CONFIG_NF_NAT=y
+CONFIG_NETFILTER_XTABLES=y
+CONFIG_NETFILTER_XT_NAT=y
+CONFIG_NF_CONNTRACK_IPV4=y
+CONFIG_NF_NAT_IPV4=y
+CONFIG_IP_NF_IPTABLES=y
+CONFIG_IP_NF_NAT=y
+CONFIG_TTY=y
+CONFIG_BINFMT_ELF=y
+CONFIG_BINFMT_SCRIPT=y
+CONFIG_PCI=y
+CONFIG_PCI_MSI=y
+CONFIG_VIRTUALIZATION=y
+CONFIG_HYPERVISOR_GUEST=y
+CONFIG_PARAVIRT=y
+CONFIG_KVM_GUEST=y
+CONFIG_PARAVIRT_SPINLOCKS=y
+CONFIG_VIRTIO=y
+CONFIG_VIRTIO_PCI=y
+CONFIG_VIRTIO_CONSOLE=y
+CONFIG_VIRTIO_PCI_LEGACY=y
+CONFIG_HW_RANDOM=y
+CONFIG_HW_RANDOM_VIRTIO=y
+CONFIG_PRINTK=y
+CONFIG_KALLSYMS=y
+CONFIG_BUG=y
+CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y
+CONFIG_EMBEDDED=n
+CONFIG_BASE_FULL=y
+CONFIG_FUTEX=y
+CONFIG_SHMEM=y
+CONFIG_SLUB=y
+CONFIG_SMP=y
+CONFIG_SCHED_SMT=y
+CONFIG_SCHED_MC=y
+CONFIG_NUMA=y
+CONFIG_PREEMPT=y
+CONFIG_NO_HZ=y
+CONFIG_NO_HZ_IDLE=y
+CONFIG_NO_HZ_FULL=n
+CONFIG_HZ_PERIODIC=n
+CONFIG_HIGH_RES_TIMERS=y
+CONFIG_ARCH_RANDOM=y
+CONFIG_FILE_LOCKING=y
+CONFIG_DEVTMPFS=y
+CONFIG_PROC_FS=y
+CONFIG_PROC_SYSCTL=y
+CONFIG_SYSFS=y
+CONFIG_TMPFS=y
+CONFIG_MESSAGE_LOGLEVEL_DEFAULT=7
+CONFIG_PRINTK_TIME=y
+CONFIG_BLK_DEV_INITRD=y
+CONFIG_LEGACY_VSYSCALL_NONE=y
+CONFIG_KERNEL_GZIP=y
+CONFIG_WIREGUARD=y
+CONFIG_WIREGUARD_PARALLEL=y
+CONFIG_WIREGUARD_DEBUG=y
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.