projects / openwrt / staging / chunkeey.git / blob
? search:


22e2286b8deddbf418dc8bdb950e8f26ca34256b
[openwrt/staging/chunkeey.git] / config / Config-kernel.in
1 # Copyright (C) 2006-2014 OpenWrt.org
2 #
3 # This is free software, licensed under the GNU General Public License v2.
4 # See /LICENSE for more information.
5 #
6
7 config KERNEL_BUILD_USER
8 string "Custom Kernel Build User Name"
9 default "builder" if BUILDBOT
10 default ""
11 help
12 Sets the Kernel build user string, which for example will be returned
13 by 'uname -a' on running systems.
14 If not set, uses system user at build time.
15
16 config KERNEL_BUILD_DOMAIN
17 string "Custom Kernel Build Domain Name"
18 default "buildhost" if BUILDBOT
19 default ""
20 help
21 Sets the Kernel build domain string, which for example will be
22 returned by 'uname -a' on running systems.
23 If not set, uses system hostname at build time.
24
25 config KERNEL_PRINTK
26 bool "Enable support for printk"
27 default y
28
29 config KERNEL_CRASHLOG
30 bool "Crash logging"
31 depends on !(arm || powerpc || sparc || TARGET_uml || i386 || x86_64)
32 default y
33
34 config KERNEL_SWAP
35 bool "Support for paging of anonymous memory (swap)"
36 default y if !SMALL_FLASH
37
38 config KERNEL_DEBUG_FS
39 bool "Compile the kernel with debug filesystem enabled"
40 default y
41 help
42 debugfs is a virtual file system that kernel developers use to put
43 debugging files into. Enable this option to be able to read and
44 write to these files. Many common debugging facilities, such as
45 ftrace, require the existence of debugfs.
46
47 config KERNEL_MIPS_FP_SUPPORT
48 bool
49 default y if TARGET_pistachio
50
51 config KERNEL_ARM_PMU
52 bool
53 default n
54 depends on (arm || aarch64)
55
56 config KERNEL_X86_VSYSCALL_EMULATION
57 bool "Enable vsyscall emulation"
58 default n
59 depends on x86_64
60 help
61 This enables emulation of the legacy vsyscall page. Disabling
62 it is roughly equivalent to booting with vsyscall=none, except
63 that it will also disable the helpful warning if a program
64 tries to use a vsyscall. With this option set to N, offending
65 programs will just segfault, citing addresses of the form
66 0xffffffffff600?00.
67
68 This option is required by many programs built before 2013, and
69 care should be used even with newer programs if set to N.
70
71 Disabling this option saves about 7K of kernel size and
72 possibly 4K of additional runtime pagetable memory.
73
74 config KERNEL_PERF_EVENTS
75 bool "Compile the kernel with performance events and counters"
76 default n
77 select KERNEL_ARM_PMU if (arm || aarch64)
78
79 config KERNEL_PROFILING
80 bool "Compile the kernel with profiling enabled"
81 default n
82 select KERNEL_PERF_EVENTS
83 help
84 Enable the extended profiling support mechanisms used by profilers such
85 as OProfile.
86
87 config KERNEL_UBSAN
88 bool "Compile the kernel with undefined behaviour sanity checker"
89 help
90 This option enables undefined behaviour sanity checker
91 Compile-time instrumentation is used to detect various undefined
92 behaviours in runtime. Various types of checks may be enabled
93 via boot parameter ubsan_handle
94 (see: Documentation/dev-tools/ubsan.rst).
95
96 config KERNEL_UBSAN_SANITIZE_ALL
97 bool "Enable instrumentation for the entire kernel"
98 depends on KERNEL_UBSAN
99 default y
100 help
101 This option activates instrumentation for the entire kernel.
102 If you don't enable this option, you have to explicitly specify
103 UBSAN_SANITIZE := y for the files/directories you want to check for UB.
104 Enabling this option will get kernel image size increased
105 significantly.
106
107 config KERNEL_UBSAN_ALIGNMENT
108 bool "Enable checking of pointers alignment"
109 depends on KERNEL_UBSAN
110 help
111 This option enables detection of unaligned memory accesses.
112 Enabling this option on architectures that support unaligned
113 accesses may produce a lot of false positives.
114
115 config KERNEL_UBSAN_NULL
116 bool "Enable checking of null pointers"
117 depends on KERNEL_UBSAN
118 help
119 This option enables detection of memory accesses via a
120 null pointer.
121
122 config KERNEL_KASAN
123 bool "Compile the kernel with KASan: runtime memory debugger"
124 select KERNEL_SLUB_DEBUG
125 depends on (x86_64 || aarch64)
126 help
127 Enables kernel address sanitizer - runtime memory debugger,
128 designed to find out-of-bounds accesses and use-after-free bugs.
129 This is strictly a debugging feature and it requires a gcc version
130 of 4.9.2 or later. Detection of out of bounds accesses to stack or
131 global variables requires gcc 5.0 or later.
132 This feature consumes about 1/8 of available memory and brings about
133 ~x3 performance slowdown.
134 For better error detection enable CONFIG_STACKTRACE.
135 Currently CONFIG_KASAN doesn't work with CONFIG_DEBUG_SLAB
136 (the resulting kernel does not boot).
137
138 config KERNEL_KASAN_EXTRA
139 bool "KAsan: extra checks"
140 depends on KERNEL_KASAN && KERNEL_DEBUG_KERNEL
141 help
142 This enables further checks in the kernel address sanitizer, for now
143 it only includes the address-use-after-scope check that can lead
144 to excessive kernel stack usage, frame size warnings and longer
145 compile time.
146 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715 has more
147
148
149 choice
150 prompt "Instrumentation type"
151 depends on KERNEL_KASAN
152 default KERNEL_KASAN_OUTLINE
153
154 config KERNEL_KASAN_OUTLINE
155 bool "Outline instrumentation"
156 help
157 Before every memory access compiler insert function call
158 __asan_load*/__asan_store*. These functions performs check
159 of shadow memory. This is slower than inline instrumentation,
160 however it doesn't bloat size of kernel's .text section so
161 much as inline does.
162
163 config KERNEL_KASAN_INLINE
164 bool "Inline instrumentation"
165 help
166 Compiler directly inserts code checking shadow memory before
167 memory accesses. This is faster than outline (in some workloads
168 it gives about x2 boost over outline instrumentation), but
169 make kernel's .text size much bigger.
170 This requires a gcc version of 5.0 or later.
171
172 endchoice
173
174 config KERNEL_KCOV
175 bool "Compile the kernel with code coverage for fuzzing"
176 select KERNEL_DEBUG_FS
177 help
178 KCOV exposes kernel code coverage information in a form suitable
179 for coverage-guided fuzzing (randomized testing).
180
181 If RANDOMIZE_BASE is enabled, PC values will not be stable across
182 different machines and across reboots. If you need stable PC values,
183 disable RANDOMIZE_BASE.
184
185 For more details, see Documentation/kcov.txt.
186
187 config KERNEL_KCOV_ENABLE_COMPARISONS
188 bool "Enable comparison operands collection by KCOV"
189 depends on KERNEL_KCOV
190 help
191 KCOV also exposes operands of every comparison in the instrumented
192 code along with operand sizes and PCs of the comparison instructions.
193 These operands can be used by fuzzing engines to improve the quality
194 of fuzzing coverage.
195
196 config KERNEL_KCOV_INSTRUMENT_ALL
197 bool "Instrument all code by default"
198 depends on KERNEL_KCOV
199 default y if KERNEL_KCOV
200 help
201 If you are doing generic system call fuzzing (like e.g. syzkaller),
202 then you will want to instrument the whole kernel and you should
203 say y here. If you are doing more targeted fuzzing (like e.g.
204 filesystem fuzzing with AFL) then you will want to enable coverage
205 for more specific subsets of files, and should say n here.
206
207 config KERNEL_TASKSTATS
208 bool "Compile the kernel with task resource/io statistics and accounting"
209 default n
210 help
211 Enable the collection and publishing of task/io statistics and
212 accounting. Enable this option to enable i/o monitoring in system
213 monitors.
214
215 if KERNEL_TASKSTATS
216
217 config KERNEL_TASK_DELAY_ACCT
218 def_bool y
219
220 config KERNEL_TASK_IO_ACCOUNTING
221 def_bool y
222
223 config KERNEL_TASK_XACCT
224 def_bool y
225
226 endif
227
228 config KERNEL_KALLSYMS
229 bool "Compile the kernel with symbol table information"
230 default y if !SMALL_FLASH
231 help
232 This will give you more information in stack traces from kernel oopses.
233
234 config KERNEL_FTRACE
235 bool "Compile the kernel with tracing support"
236 depends on !TARGET_uml
237 default n
238
239 config KERNEL_FTRACE_SYSCALLS
240 bool "Trace system calls"
241 depends on KERNEL_FTRACE
242 default n
243
244 config KERNEL_ENABLE_DEFAULT_TRACERS
245 bool "Trace process context switches and events"
246 depends on KERNEL_FTRACE
247 default n
248
249 config KERNEL_FUNCTION_TRACER
250 bool "Function tracer"
251 depends on KERNEL_FTRACE
252 default n
253
254 config KERNEL_FUNCTION_GRAPH_TRACER
255 bool "Function graph tracer"
256 depends on KERNEL_FUNCTION_TRACER
257 default n
258
259 config KERNEL_DYNAMIC_FTRACE
260 bool "Enable/disable function tracing dynamically"
261 depends on KERNEL_FUNCTION_TRACER
262 default n
263
264 config KERNEL_FUNCTION_PROFILER
265 bool "Function profiler"
266 depends on KERNEL_FUNCTION_TRACER
267 default n
268
269 config KERNEL_IRQSOFF_TRACER
270 bool "Interrupts-off Latency Tracer"
271 depends on KERNEL_FTRACE
272 help
273 This option measures the time spent in irqs-off critical
274 sections, with microsecond accuracy.
275
276 The default measurement method is a maximum search, which is
277 disabled by default and can be runtime (re-)started
278 via:
279
280 echo 0 > /sys/kernel/debug/tracing/tracing_max_latency
281
282 (Note that kernel size and overhead increase with this option
283 enabled. This option and the preempt-off timing option can be
284 used together or separately.)
285
286 config KERNEL_PREEMPT_TRACER
287 bool "Preemption-off Latency Tracer"
288 depends on KERNEL_FTRACE
289 help
290 This option measures the time spent in preemption-off critical
291 sections, with microsecond accuracy.
292
293 The default measurement method is a maximum search, which is
294 disabled by default and can be runtime (re-)started
295 via:
296
297 echo 0 > /sys/kernel/debug/tracing/tracing_max_latency
298
299 (Note that kernel size and overhead increase with this option
300 enabled. This option and the irqs-off timing option can be
301 used together or separately.)
302
303 config KERNEL_DEBUG_KERNEL
304 bool
305 default n
306
307 config KERNEL_DEBUG_INFO
308 bool "Compile the kernel with debug information"
309 default y if !SMALL_FLASH
310 select KERNEL_DEBUG_KERNEL
311 help
312 This will compile your kernel and modules with debug information.
313
314 config KERNEL_DEBUG_LL_UART_NONE
315 bool
316 default n
317 depends on arm
318
319 config KERNEL_DEBUG_LL
320 bool
321 default n
322 depends on arm
323 select KERNEL_DEBUG_LL_UART_NONE
324 help
325 ARM low level debugging.
326
327 config KERNEL_DYNAMIC_DEBUG
328 bool "Compile the kernel with dynamic printk"
329 select KERNEL_DEBUG_FS
330 default n
331 help
332 Compiles debug level messages into the kernel, which would not
333 otherwise be available at runtime. These messages can then be
334 enabled/disabled based on various levels of scope - per source file,
335 function, module, format string, and line number. This mechanism
336 implicitly compiles in all pr_debug() and dev_dbg() calls, which
337 enlarges the kernel text size by about 2%.
338
339 config KERNEL_EARLY_PRINTK
340 bool "Compile the kernel with early printk"
341 default y if TARGET_bcm53xx
342 default n
343 depends on arm
344 select KERNEL_DEBUG_KERNEL
345 select KERNEL_DEBUG_LL if arm
346 help
347 Compile the kernel with early printk support. This is only useful for
348 debugging purposes to send messages over the serial console in early boot.
349 Enable this to debug early boot problems.
350
351 config KERNEL_KPROBES
352 bool "Compile the kernel with kprobes support"
353 default n
354 select KERNEL_FTRACE
355 select KERNEL_PERF_EVENTS
356 help
357 Compiles the kernel with KPROBES support, which allows you to trap
358 at almost any kernel address and execute a callback function.
359 register_kprobe() establishes a probepoint and specifies the
360 callback. Kprobes is useful for kernel debugging, non-intrusive
361 instrumentation and testing.
362 If in doubt, say "N".
363
364 config KERNEL_KPROBE_EVENT
365 bool
366 default y if KERNEL_KPROBES
367
368 config KERNEL_KPROBE_EVENTS
369 bool
370 default y if KERNEL_KPROBES
371
372 config KERNEL_AIO
373 bool "Compile the kernel with asynchronous IO support"
374 default y if !SMALL_FLASH
375
376 config KERNEL_FHANDLE
377 bool "Compile the kernel with support for fhandle syscalls"
378 default y if !SMALL_FLASH
379
380 config KERNEL_FANOTIFY
381 bool "Compile the kernel with modern file notification support"
382 default y if !SMALL_FLASH
383
384 config KERNEL_BLK_DEV_BSG
385 bool "Compile the kernel with SCSI generic v4 support for any block device"
386 default n
387
388 config KERNEL_TRANSPARENT_HUGEPAGE
389 bool
390
391 choice
392 prompt "Transparent Hugepage Support sysfs defaults"
393 depends on KERNEL_TRANSPARENT_HUGEPAGE
394 default KERNEL_TRANSPARENT_HUGEPAGE_ALWAYS
395
396 config KERNEL_TRANSPARENT_HUGEPAGE_ALWAYS
397 bool "always"
398
399 config KERNEL_TRANSPARENT_HUGEPAGE_MADVISE
400 bool "madvise"
401 endchoice
402
403 config KERNEL_HUGETLBFS
404 bool
405
406 config KERNEL_HUGETLB_PAGE
407 bool "Compile the kernel with HugeTLB support"
408 select KERNEL_TRANSPARENT_HUGEPAGE
409 select KERNEL_HUGETLBFS
410 default n
411
412 config KERNEL_MAGIC_SYSRQ
413 bool "Compile the kernel with SysRq support"
414 default y
415
416 config KERNEL_DEBUG_PINCTRL
417 bool "Compile the kernel with pinctrl debugging"
418 select KERNEL_DEBUG_KERNEL
419
420 config KERNEL_DEBUG_GPIO
421 bool "Compile the kernel with gpio debugging"
422 select KERNEL_DEBUG_KERNEL
423
424 config KERNEL_COREDUMP
425 bool
426
427 config KERNEL_ELF_CORE
428 bool "Enable process core dump support"
429 select KERNEL_COREDUMP
430 default y if !SMALL_FLASH
431
432 config KERNEL_PROVE_LOCKING
433 bool "Enable kernel lock checking"
434 select KERNEL_DEBUG_KERNEL
435 default n
436
437 config KERNEL_LOCKUP_DETECTOR
438 bool "Compile the kernel with detect Hard and Soft Lockups"
439 depends on KERNEL_DEBUG_KERNEL
440 help
441 Say Y here to enable the kernel to act as a watchdog to detect
442 hard and soft lockups.
443
444 Softlockups are bugs that cause the kernel to loop in kernel
445 mode for more than 20 seconds, without giving other tasks a
446 chance to run. The current stack trace is displayed upon
447 detection and the system will stay locked up.
448
449 Hardlockups are bugs that cause the CPU to loop in kernel mode
450 for more than 10 seconds, without letting other interrupts have a
451 chance to run. The current stack trace is displayed upon detection
452 and the system will stay locked up.
453
454 The overhead should be minimal. A periodic hrtimer runs to
455 generate interrupts and kick the watchdog task every 4 seconds.
456 An NMI is generated every 10 seconds or so to check for hardlockups.
457
458 The frequency of hrtimer and NMI events and the soft and hard lockup
459 thresholds can be controlled through the sysctl watchdog_thresh.
460
461 config KERNEL_DETECT_HUNG_TASK
462 bool "Compile the kernel with detect Hung Tasks"
463 depends on KERNEL_DEBUG_KERNEL
464 default KERNEL_LOCKUP_DETECTOR
465 help
466 Say Y here to enable the kernel to detect "hung tasks",
467 which are bugs that cause the task to be stuck in
468 uninterruptible "D" state indefinitely.
469
470 When a hung task is detected, the kernel will print the
471 current stack trace (which you should report), but the
472 task will stay in uninterruptible state. If lockdep is
473 enabled then all held locks will also be reported. This
474 feature has negligible overhead.
475
476 config KERNEL_WQ_WATCHDOG
477 bool "Compile the kernel with detect Workqueue Stalls"
478 depends on KERNEL_DEBUG_KERNEL
479 help
480 Say Y here to enable stall detection on workqueues. If a
481 worker pool doesn't make forward progress on a pending work
482 item for over a given amount of time, 30s by default, a
483 warning message is printed along with dump of workqueue
484 state. This can be configured through kernel parameter
485 "workqueue.watchdog_thresh" and its sysfs counterpart.
486
487 config KERNEL_DEBUG_ATOMIC_SLEEP
488 bool "Compile the kernel with sleep inside atomic section checking"
489 depends on KERNEL_DEBUG_KERNEL
490 help
491 If you say Y here, various routines which may sleep will become very
492 noisy if they are called inside atomic sections: when a spinlock is
493 held, inside an rcu read side critical section, inside preempt disabled
494 sections, inside an interrupt, etc...
495
496 config KERNEL_DEBUG_VM
497 bool "Compile the kernel with debug VM"
498 depends on KERNEL_DEBUG_KERNEL
499 help
500 Enable this to turn on extended checks in the virtual-memory system
501 that may impact performance.
502
503 If unsure, say N.
504
505 config KERNEL_PRINTK_TIME
506 bool "Enable printk timestamps"
507 default y
508
509 config KERNEL_SLUB_DEBUG
510 bool
511
512 config KERNEL_SLUB_DEBUG_ON
513 bool
514
515 config KERNEL_SLABINFO
516 select KERNEL_SLUB_DEBUG
517 select KERNEL_SLUB_DEBUG_ON
518 bool "Enable /proc slab debug info"
519
520 config KERNEL_PROC_PAGE_MONITOR
521 bool "Enable /proc page monitoring"
522
523 config KERNEL_RELAY
524 bool
525
526 config KERNEL_KEXEC
527 bool "Enable kexec support"
528
529 config KERNEL_PROC_VMCORE
530 bool
531
532 config KERNEL_PROC_KCORE
533 bool
534
535 config KERNEL_CRASH_DUMP
536 depends on i386 || x86_64 || arm || armeb
537 select KERNEL_KEXEC
538 select KERNEL_PROC_VMCORE
539 select KERNEL_PROC_KCORE
540 bool "Enable support for kexec crashdump"
541 default y
542
543 config USE_RFKILL
544 bool "Enable rfkill support"
545 default RFKILL_SUPPORT
546
547 config USE_SPARSE
548 bool "Enable sparse check during kernel build"
549 default n
550
551 config KERNEL_DEVTMPFS
552 bool "Compile the kernel with device tmpfs enabled"
553 default n
554 help
555 devtmpfs is a simple, kernel-managed /dev filesystem. The kernel creates
556 devices nodes for all registered devices to simplify boot, but leaves more
557 complex tasks to userspace (e.g. udev).
558
559 if KERNEL_DEVTMPFS
560
561 config KERNEL_DEVTMPFS_MOUNT
562 bool "Automatically mount devtmpfs after root filesystem is mounted"
563 default n
564
565 endif
566
567 config KERNEL_KEYS
568 bool "Enable kernel access key retention support"
569 default !SMALL_FLASH
570
571 config KERNEL_PERSISTENT_KEYRINGS
572 bool "Enable kernel persistent keyrings"
573 depends on KERNEL_KEYS
574 default n
575
576 config KERNEL_KEYS_REQUEST_CACHE
577 bool "Enable temporary caching of the last request_key() result"
578 depends on KERNEL_KEYS
579 default n
580
581 config KERNEL_BIG_KEYS
582 bool "Enable large payload keys on kernel keyrings"
583 depends on KERNEL_KEYS
584 default n
585
586 #
587 # CGROUP support symbols
588 #
589
590 config KERNEL_CGROUPS
591 bool "Enable kernel cgroups"
592 default y if !SMALL_FLASH
593
594 if KERNEL_CGROUPS
595
596 config KERNEL_CGROUP_DEBUG
597 bool "Example debug cgroup subsystem"
598 default n
599 help
600 This option enables a simple cgroup subsystem that
601 exports useful debugging information about the cgroups
602 framework.
603
604 config KERNEL_FREEZER
605 bool
606
607 config KERNEL_CGROUP_FREEZER
608 bool "legacy Freezer cgroup subsystem"
609 default n
610 select KERNEL_FREEZER
611 help
612 Provides a way to freeze and unfreeze all tasks in a
613 cgroup.
614 (legacy cgroup1-only controller, in cgroup2 freezer
615 is integrated in the Memory controller)
616
617 config KERNEL_CGROUP_DEVICE
618 bool "legacy Device controller for cgroups"
619 default n
620 help
621 Provides a cgroup implementing whitelists for devices which
622 a process in the cgroup can mknod or open.
623 (legacy cgroup1-only controller)
624
625 config KERNEL_CGROUP_HUGETLB
626 bool "HugeTLB controller"
627 default n
628 select KERNEL_HUGETLB_PAGE
629
630 config KERNEL_CGROUP_PIDS
631 bool "PIDs cgroup subsystem"
632 default y
633 help
634 Provides enforcement of process number limits in the scope of a
635 cgroup.
636
637 config KERNEL_CGROUP_RDMA
638 bool "RDMA controller for cgroups"
639 default y
640
641 config KERNEL_CGROUP_BPF
642 bool "Support for eBPF programs attached to cgroups"
643 default y
644
645 config KERNEL_CPUSETS
646 bool "Cpuset support"
647 default y
648 help
649 This option will let you create and manage CPUSETs which
650 allow dynamically partitioning a system into sets of CPUs and
651 Memory Nodes and assigning tasks to run only within those sets.
652 This is primarily useful on large SMP or NUMA systems.
653
654 config KERNEL_PROC_PID_CPUSET
655 bool "Include legacy /proc/<pid>/cpuset file"
656 default n
657 depends on KERNEL_CPUSETS
658
659 config KERNEL_CGROUP_CPUACCT
660 bool "Simple CPU accounting cgroup subsystem"
661 default y
662 help
663 Provides a simple Resource Controller for monitoring the
664 total CPU consumed by the tasks in a cgroup.
665
666 config KERNEL_RESOURCE_COUNTERS
667 bool "Resource counters"
668 default y
669 help
670 This option enables controller independent resource accounting
671 infrastructure that works with cgroups.
672
673 config KERNEL_MM_OWNER
674 bool
675 default y if KERNEL_MEMCG
676
677 config KERNEL_MEMCG
678 bool "Memory Resource Controller for Control Groups"
679 default y
680 select KERNEL_FREEZER
681 depends on KERNEL_RESOURCE_COUNTERS || !LINUX_3_18
682 help
683 Provides a memory resource controller that manages both anonymous
684 memory and page cache. (See Documentation/cgroups/memory.txt)
685
686 Note that setting this option increases fixed memory overhead
687 associated with each page of memory in the system. By this,
688 20(40)bytes/PAGE_SIZE on 32(64)bit system will be occupied by memory
689 usage tracking struct at boot. Total amount of this is printed out
690 at boot.
691
692 Only enable when you're ok with these tradeoffs and really
693 sure you need the memory resource controller. Even when you enable
694 this, you can set "cgroup_disable=memory" at your boot option to
695 disable memory resource controller and you can avoid overheads
696 (but lose benefits of memory resource controller).
697
698 This config option also selects MM_OWNER config option, which
699 could in turn add some fork/exit overhead.
700
701 config KERNEL_MEMCG_SWAP
702 bool "Memory Resource Controller Swap Extension"
703 default y
704 depends on KERNEL_MEMCG
705 help
706 Add swap management feature to memory resource controller. When you
707 enable this, you can limit mem+swap usage per cgroup. In other words,
708 when you disable this, memory resource controller has no cares to
709 usage of swap...a process can exhaust all of the swap. This extension
710 is useful when you want to avoid exhaustion swap but this itself
711 adds more overheads and consumes memory for remembering information.
712 Especially if you use 32bit system or small memory system, please
713 be careful about enabling this. When memory resource controller
714 is disabled by boot option, this will be automatically disabled and
715 there will be no overhead from this. Even when you set this config=y,
716 if boot option "swapaccount=0" is set, swap will not be accounted.
717 Now, memory usage of swap_cgroup is 2 bytes per entry. If swap page
718 size is 4096bytes, 512k per 1Gbytes of swap.
719
720 config KERNEL_MEMCG_SWAP_ENABLED
721 bool "Memory Resource Controller Swap Extension enabled by default"
722 default n
723 depends on KERNEL_MEMCG_SWAP
724 help
725 Memory Resource Controller Swap Extension comes with its price in
726 a bigger memory consumption. General purpose distribution kernels
727 which want to enable the feature but keep it disabled by default
728 and let the user enable it by swapaccount boot command line
729 parameter should have this option unselected.
730
731 Those who want to have the feature enabled by default should
732 select this option (if, for some reason, they need to disable it,
733 then swapaccount=0 does the trick).
734
735
736 config KERNEL_MEMCG_KMEM
737 bool "Memory Resource Controller Kernel Memory accounting (EXPERIMENTAL)"
738 default y
739 depends on KERNEL_MEMCG
740 help
741 The Kernel Memory extension for Memory Resource Controller can limit
742 the amount of memory used by kernel objects in the system. Those are
743 fundamentally different from the entities handled by the standard
744 Memory Controller, which are page-based, and can be swapped. Users of
745 the kmem extension can use it to guarantee that no group of processes
746 will ever exhaust kernel resources alone.
747
748 config KERNEL_CGROUP_PERF
749 bool "Enable perf_event per-cpu per-container group (cgroup) monitoring"
750 select KERNEL_PERF_EVENTS
751 default n
752 help
753 This option extends the per-cpu mode to restrict monitoring to
754 threads which belong to the cgroup specified and run on the
755 designated cpu.
756
757 menuconfig KERNEL_CGROUP_SCHED
758 bool "Group CPU scheduler"
759 default y
760 help
761 This feature lets CPU scheduler recognize task groups and control CPU
762 bandwidth allocation to such task groups. It uses cgroups to group
763 tasks.
764
765 if KERNEL_CGROUP_SCHED
766
767 config KERNEL_FAIR_GROUP_SCHED
768 bool "Group scheduling for SCHED_OTHER"
769 default y
770
771 config KERNEL_CFS_BANDWIDTH
772 bool "CPU bandwidth provisioning for FAIR_GROUP_SCHED"
773 default y
774 depends on KERNEL_FAIR_GROUP_SCHED
775 help
776 This option allows users to define CPU bandwidth rates (limits) for
777 tasks running within the fair group scheduler. Groups with no limit
778 set are considered to be unconstrained and will run with no
779 restriction.
780 See tip/Documentation/scheduler/sched-bwc.txt for more information.
781
782 config KERNEL_RT_GROUP_SCHED
783 bool "Group scheduling for SCHED_RR/FIFO"
784 default y
785 help
786 This feature lets you explicitly allocate real CPU bandwidth
787 to task groups. If enabled, it will also make it impossible to
788 schedule realtime tasks for non-root users until you allocate
789 realtime bandwidth for them.
790
791 endif
792
793 config KERNEL_BLK_CGROUP
794 bool "Block IO controller"
795 default y
796 help
797 Generic block IO controller cgroup interface. This is the common
798 cgroup interface which should be used by various IO controlling
799 policies.
800
801 Currently, CFQ IO scheduler uses it to recognize task groups and
802 control disk bandwidth allocation (proportional time slice allocation)
803 to such task groups. It is also used by bio throttling logic in
804 block layer to implement upper limit in IO rates on a device.
805
806 This option only enables generic Block IO controller infrastructure.
807 One needs to also enable actual IO controlling logic/policy. For
808 enabling proportional weight division of disk bandwidth in CFQ, set
809 CONFIG_CFQ_GROUP_IOSCHED=y; for enabling throttling policy, set
810 CONFIG_BLK_DEV_THROTTLING=y.
811
812 if KERNEL_BLK_CGROUP
813
814 config KERNEL_CFQ_GROUP_IOSCHED
815 bool "Proportional weight of disk bandwidth in CFQ"
816
817 config KERNEL_BLK_DEV_THROTTLING
818 bool "Enable throttling policy"
819 default y
820
821 config KERNEL_BLK_DEV_THROTTLING_LOW
822 bool "Block throttling .low limit interface support (EXPERIMENTAL)"
823 depends on KERNEL_BLK_DEV_THROTTLING
824 endif
825
826 config KERNEL_DEBUG_BLK_CGROUP
827 bool "Enable Block IO controller debugging"
828 default n
829 depends on KERNEL_BLK_CGROUP
830 help
831 Enable some debugging help. Currently it exports additional stat
832 files in a cgroup which can be useful for debugging.
833
834 config KERNEL_NET_CLS_CGROUP
835 bool "legacy Control Group Classifier"
836 default n
837
838 config KERNEL_CGROUP_NET_CLASSID
839 bool "legacy Network classid cgroup"
840 default n
841
842 config KERNEL_CGROUP_NET_PRIO
843 bool "legacy Network priority cgroup"
844 default n
845
846 endif
847
848 #
849 # Namespace support symbols
850 #
851
852 config KERNEL_NAMESPACES
853 bool "Enable kernel namespaces"
854 default y if !SMALL_FLASH
855
856 if KERNEL_NAMESPACES
857
858 config KERNEL_UTS_NS
859 bool "UTS namespace"
860 default y
861 help
862 In this namespace, tasks see different info provided
863 with the uname() system call.
864
865 config KERNEL_IPC_NS
866 bool "IPC namespace"
867 default y
868 help
869 In this namespace, tasks work with IPC ids which correspond to
870 different IPC objects in different namespaces.
871
872 config KERNEL_USER_NS
873 bool "User namespace (EXPERIMENTAL)"
874 default y
875 help
876 This allows containers, i.e. vservers, to use user namespaces
877 to provide different user info for different servers.
878
879 config KERNEL_PID_NS
880 bool "PID Namespaces"
881 default y
882 help
883 Support process id namespaces. This allows having multiple
884 processes with the same pid as long as they are in different
885 pid namespaces. This is a building block of containers.
886
887 config KERNEL_NET_NS
888 bool "Network namespace"
889 default y
890 help
891 Allow user space to create what appear to be multiple instances
892 of the network stack.
893
894 endif
895
896 config KERNEL_DEVPTS_MULTIPLE_INSTANCES
897 bool "Support multiple instances of devpts"
898 default y if !SMALL_FLASH
899 help
900 Enable support for multiple instances of devpts filesystem.
901 If you want to have isolated PTY namespaces (eg: in containers),
902 say Y here. Otherwise, say N. If enabled, each mount of devpts
903 filesystem with the '-o newinstance' option will create an
904 independent PTY namespace.
905
906 config KERNEL_POSIX_MQUEUE
907 bool "POSIX Message Queues"
908 default y if !SMALL_FLASH
909 help
910 POSIX variant of message queues is a part of IPC. In POSIX message
911 queues every message has a priority which decides about succession
912 of receiving it by a process. If you want to compile and run
913 programs written e.g. for Solaris with use of its POSIX message
914 queues (functions mq_*) say Y here.
915
916 POSIX message queues are visible as a filesystem called 'mqueue'
917 and can be mounted somewhere if you want to do filesystem
918 operations on message queues.
919
920
921 config KERNEL_SECCOMP_FILTER
922 bool
923 default y if !SMALL_FLASH
924
925 config KERNEL_SECCOMP
926 bool "Enable seccomp support"
927 depends on !(TARGET_uml)
928 select KERNEL_SECCOMP_FILTER
929 default y if !SMALL_FLASH
930 help
931 Build kernel with support for seccomp.
932
933 #
934 # IPv4 configuration
935 #
936
937 config KERNEL_IP_MROUTE
938 bool "Enable IPv4 multicast routing"
939 default y
940 help
941 Multicast routing requires a multicast routing daemon in
942 addition to kernel support.
943
944 #
945 # IPv6 configuration
946 #
947
948 config KERNEL_IPV6
949 def_bool IPV6
950
951 if KERNEL_IPV6
952
953 config KERNEL_IPV6_MULTIPLE_TABLES
954 def_bool y
955
956 config KERNEL_IPV6_SUBTREES
957 def_bool y
958
959 config KERNEL_IPV6_MROUTE
960 bool "Enable IPv6 multicast routing"
961 default y
962 help
963 Multicast routing requires a multicast routing daemon in
964 addition to kernel support.
965
966 config KERNEL_IPV6_PIMSM_V2
967 def_bool n
968
969 endif
970
971 #
972 # NFS related symbols
973 #
974 config KERNEL_IP_PNP
975 bool "Compile the kernel with rootfs on NFS"
976 help
977 If you want to make your kernel boot off a NFS server as root
978 filesystem, select Y here.
979
980 if KERNEL_IP_PNP
981
982 config KERNEL_IP_PNP_DHCP
983 def_bool y
984
985 config KERNEL_IP_PNP_BOOTP
986 def_bool n
987
988 config KERNEL_IP_PNP_RARP
989 def_bool n
990
991 config KERNEL_NFS_FS
992 def_bool y
993
994 config KERNEL_NFS_V2
995 def_bool y
996
997 config KERNEL_NFS_V3
998 def_bool y
999
1000 config KERNEL_ROOT_NFS
1001 def_bool y
1002
1003 endif
1004
1005 menu "Filesystem ACL and attr support options"
1006 config USE_FS_ACL_ATTR
1007 bool "Use filesystem ACL and attr support by default"
1008 default n
1009 help
1010 Make using ACLs (e.g. POSIX ACL, NFSv4 ACL) the default
1011 for kernel and packages, except tmpfs, flash filesystems,
1012 and old NFS. Also enable userspace extended attribute support
1013 by default. (OpenWrt already has an expection it will be
1014 present in the kernel).
1015
1016 config KERNEL_FS_POSIX_ACL
1017 bool "Enable POSIX ACL support"
1018 default y if USE_FS_ACL_ATTR
1019
1020 config KERNEL_BTRFS_FS_POSIX_ACL
1021 bool "Enable POSIX ACL for BtrFS Filesystems"
1022 select KERNEL_FS_POSIX_ACL
1023 default y if USE_FS_ACL_ATTR
1024
1025 config KERNEL_EXT4_FS_POSIX_ACL
1026 bool "Enable POSIX ACL for Ext4 Filesystems"
1027 select KERNEL_FS_POSIX_ACL
1028 default y if USE_FS_ACL_ATTR
1029
1030 config KERNEL_F2FS_FS_POSIX_ACL
1031 bool "Enable POSIX ACL for F2FS Filesystems"
1032 select KERNEL_FS_POSIX_ACL
1033 default n
1034
1035 config KERNEL_JFFS2_FS_POSIX_ACL
1036 bool "Enable POSIX ACL for JFFS2 Filesystems"
1037 select KERNEL_FS_POSIX_ACL
1038 default n
1039
1040 config KERNEL_TMPFS_POSIX_ACL
1041 bool "Enable POSIX ACL for TMPFS Filesystems"
1042 select KERNEL_FS_POSIX_ACL
1043 default n
1044
1045 config KERNEL_CIFS_ACL
1046 bool "Enable CIFS ACLs"
1047 select KERNEL_FS_POSIX_ACL
1048 default y if USE_FS_ACL_ATTR
1049
1050 config KERNEL_HFS_FS_POSIX_ACL
1051 bool "Enable POSIX ACL for HFS Filesystems"
1052 select KERNEL_FS_POSIX_ACL
1053 default y if USE_FS_ACL_ATTR
1054
1055 config KERNEL_HFSPLUS_FS_POSIX_ACL
1056 bool "Enable POSIX ACL for HFS+ Filesystems"
1057 select KERNEL_FS_POSIX_ACL
1058 default y if USE_FS_ACL_ATTR
1059
1060 config KERNEL_NFS_ACL_SUPPORT
1061 bool "Enable ACLs for NFS"
1062 default y if USE_FS_ACL_ATTR
1063
1064 config KERNEL_NFS_V3_ACL_SUPPORT
1065 bool "Enable ACLs for NFSv3"
1066 default n
1067
1068 config KERNEL_NFSD_V2_ACL_SUPPORT
1069 bool "Enable ACLs for NFSDv2"
1070 default n
1071
1072 config KERNEL_NFSD_V3_ACL_SUPPORT
1073 bool "Enable ACLs for NFSDv3"
1074 default n
1075
1076 config KERNEL_REISER_FS_POSIX_ACL
1077 bool "Enable POSIX ACLs for ReiserFS"
1078 select KERNEL_FS_POSIX_ACL
1079 default y if USE_FS_ACL_ATTR
1080
1081 config KERNEL_XFS_POSIX_ACL
1082 bool "Enable POSIX ACLs for XFS"
1083 select KERNEL_FS_POSIX_ACL
1084 default y if USE_FS_ACL_ATTR
1085
1086 config KERNEL_JFS_POSIX_ACL
1087 bool "Enable POSIX ACLs for JFS"
1088 select KERNEL_FS_POSIX_ACL
1089 default y if USE_FS_ACL_ATTR
1090
1091 endmenu
1092
1093 config KERNEL_DEVMEM
1094 bool "/dev/mem virtual device support"
1095 help
1096 Say Y here if you want to support the /dev/mem device.
1097 The /dev/mem device is used to access areas of physical
1098 memory.
1099
1100 config KERNEL_DEVKMEM
1101 bool "/dev/kmem virtual device support"
1102 help
1103 Say Y here if you want to support the /dev/kmem device. The
1104 /dev/kmem device is rarely used, but can be used for certain
1105 kind of kernel debugging operations.
1106
1107 config KERNEL_SQUASHFS_FRAGMENT_CACHE_SIZE
1108 int "Number of squashfs fragments cached"
1109 default 2 if (SMALL_FLASH && !LOW_MEMORY_FOOTPRINT)
1110 default 3
1111
1112 config KERNEL_SQUASHFS_XATTR
1113 bool "Squashfs XATTR support"
1114
1115 #
1116 # compile optimiziation setting
1117 #
1118 choice
1119 prompt "Compiler optimization level"
1120 default KERNEL_CC_OPTIMIZE_FOR_SIZE if SMALL_FLASH
1121
1122 config KERNEL_CC_OPTIMIZE_FOR_PERFORMANCE
1123 bool "Optimize for performance"
1124 help
1125 This is the default optimization level for the kernel, building
1126 with the "-O2" compiler flag for best performance and most
1127 helpful compile-time warnings.
1128
1129 config KERNEL_CC_OPTIMIZE_FOR_SIZE
1130 bool "Optimize for size"
1131 help
1132 Enabling this option will pass "-Os" instead of "-O2" to
1133 your compiler resulting in a smaller kernel.
1134
1135 endchoice
1136
1137 config KERNEL_AUDIT
1138 bool "Auditing support"
1139
1140 config KERNEL_SECURITY
1141 bool "Enable different security models"
1142
1143 config KERNEL_SECURITY_NETWORK
1144 bool "Socket and Networking Security Hooks"
1145 select KERNEL_SECURITY
1146
1147 config KERNEL_SECURITY_SELINUX
1148 bool "NSA SELinux Support"
1149 select KERNEL_SECURITY_NETWORK
1150 select KERNEL_AUDIT
1151
1152 config KERNEL_SECURITY_SELINUX_BOOTPARAM
1153 bool "NSA SELinux boot parameter"
1154 depends on KERNEL_SECURITY_SELINUX
1155 default y
1156
1157 config KERNEL_SECURITY_SELINUX_DISABLE
1158 bool "NSA SELinux runtime disable"
1159 depends on KERNEL_SECURITY_SELINUX
1160
1161 config KERNEL_SECURITY_SELINUX_DEVELOP
1162 bool "NSA SELinux Development Support"
1163 depends on KERNEL_SECURITY_SELINUX
1164 default y
1165
1166 config KERNEL_LSM
1167 string
1168 default "lockdown,yama,loadpin,safesetid,integrity,selinux"
1169 depends on KERNEL_SECURITY_SELINUX
1170
1171 config KERNEL_EXT4_FS_SECURITY
1172 bool "Ext4 Security Labels"
1173
1174 config KERNEL_F2FS_FS_SECURITY
1175 bool "F2FS Security Labels"
1176
1177 config KERNEL_UBIFS_FS_SECURITY
1178 bool "UBIFS Security Labels"
1179
1180 config KERNEL_JFFS2_FS_SECURITY
1181 bool "JFFS2 Security Labels"
Staging tree of Christian Lamparter