projects / openwrt / staging / chunkeey.git / blob
? search:


c9efed84d3f53ba0d328017a788d21f94ff301ca
[openwrt/staging/chunkeey.git] / config / Config-kernel.in
1 # Copyright (C) 2006-2014 OpenWrt.org
2 #
3 # This is free software, licensed under the GNU General Public License v2.
4 # See /LICENSE for more information.
5 #
6
7 config KERNEL_BUILD_USER
8 string "Custom Kernel Build User Name"
9 default "builder" if BUILDBOT
10 default ""
11 help
12 Sets the Kernel build user string, which for example will be returned
13 by 'uname -a' on running systems.
14 If not set, uses system user at build time.
15
16 config KERNEL_BUILD_DOMAIN
17 string "Custom Kernel Build Domain Name"
18 default "buildhost" if BUILDBOT
19 default ""
20 help
21 Sets the Kernel build domain string, which for example will be
22 returned by 'uname -a' on running systems.
23 If not set, uses system hostname at build time.
24
25 config KERNEL_PRINTK
26 bool "Enable support for printk"
27 default y
28
29 config KERNEL_CRASHLOG
30 bool "Crash logging"
31 depends on !(arm || powerpc || sparc || TARGET_uml || i386 || x86_64)
32 default y
33
34 config KERNEL_SWAP
35 bool "Support for paging of anonymous memory (swap)"
36 default y if !SMALL_FLASH
37
38 config KERNEL_DEBUG_FS
39 bool "Compile the kernel with debug filesystem enabled"
40 default y
41 help
42 debugfs is a virtual file system that kernel developers use to put
43 debugging files into. Enable this option to be able to read and
44 write to these files. Many common debugging facilities, such as
45 ftrace, require the existence of debugfs.
46
47 config KERNEL_MIPS_FP_SUPPORT
48 bool
49 default y if TARGET_pistachio
50
51 config KERNEL_ARM_PMU
52 bool
53 default n
54 depends on (arm || aarch64)
55
56 config KERNEL_X86_VSYSCALL_EMULATION
57 bool "Enable vsyscall emulation"
58 default n
59 depends on x86_64
60 help
61 This enables emulation of the legacy vsyscall page. Disabling
62 it is roughly equivalent to booting with vsyscall=none, except
63 that it will also disable the helpful warning if a program
64 tries to use a vsyscall. With this option set to N, offending
65 programs will just segfault, citing addresses of the form
66 0xffffffffff600?00.
67
68 This option is required by many programs built before 2013, and
69 care should be used even with newer programs if set to N.
70
71 Disabling this option saves about 7K of kernel size and
72 possibly 4K of additional runtime pagetable memory.
73
74 config KERNEL_PERF_EVENTS
75 bool "Compile the kernel with performance events and counters"
76 default n
77 select KERNEL_ARM_PMU if (arm || aarch64)
78
79 config KERNEL_PROFILING
80 bool "Compile the kernel with profiling enabled"
81 default n
82 select KERNEL_PERF_EVENTS
83 help
84 Enable the extended profiling support mechanisms used by profilers such
85 as OProfile.
86
87 config KERNEL_UBSAN
88 bool "Compile the kernel with undefined behaviour sanity checker"
89 help
90 This option enables undefined behaviour sanity checker
91 Compile-time instrumentation is used to detect various undefined
92 behaviours in runtime. Various types of checks may be enabled
93 via boot parameter ubsan_handle
94 (see: Documentation/dev-tools/ubsan.rst).
95
96 config KERNEL_UBSAN_SANITIZE_ALL
97 bool "Enable instrumentation for the entire kernel"
98 depends on KERNEL_UBSAN
99 default y
100 help
101 This option activates instrumentation for the entire kernel.
102 If you don't enable this option, you have to explicitly specify
103 UBSAN_SANITIZE := y for the files/directories you want to check for UB.
104 Enabling this option will get kernel image size increased
105 significantly.
106
107 config KERNEL_UBSAN_ALIGNMENT
108 bool "Enable checking of pointers alignment"
109 depends on KERNEL_UBSAN
110 help
111 This option enables detection of unaligned memory accesses.
112 Enabling this option on architectures that support unaligned
113 accesses may produce a lot of false positives.
114
115 config KERNEL_UBSAN_NULL
116 bool "Enable checking of null pointers"
117 depends on KERNEL_UBSAN
118 help
119 This option enables detection of memory accesses via a
120 null pointer.
121
122 config KERNEL_KASAN
123 bool "Compile the kernel with KASan: runtime memory debugger"
124 select KERNEL_SLUB_DEBUG
125 depends on (x86_64 || aarch64)
126 help
127 Enables kernel address sanitizer - runtime memory debugger,
128 designed to find out-of-bounds accesses and use-after-free bugs.
129 This is strictly a debugging feature and it requires a gcc version
130 of 4.9.2 or later. Detection of out of bounds accesses to stack or
131 global variables requires gcc 5.0 or later.
132 This feature consumes about 1/8 of available memory and brings about
133 ~x3 performance slowdown.
134 For better error detection enable CONFIG_STACKTRACE.
135 Currently CONFIG_KASAN doesn't work with CONFIG_DEBUG_SLAB
136 (the resulting kernel does not boot).
137
138 config KERNEL_KASAN_EXTRA
139 bool "KAsan: extra checks"
140 depends on KERNEL_KASAN && KERNEL_DEBUG_KERNEL
141 help
142 This enables further checks in the kernel address sanitizer, for now
143 it only includes the address-use-after-scope check that can lead
144 to excessive kernel stack usage, frame size warnings and longer
145 compile time.
146 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715 has more
147
148
149 choice
150 prompt "Instrumentation type"
151 depends on KERNEL_KASAN
152 default KERNEL_KASAN_OUTLINE
153
154 config KERNEL_KASAN_OUTLINE
155 bool "Outline instrumentation"
156 help
157 Before every memory access compiler insert function call
158 __asan_load*/__asan_store*. These functions performs check
159 of shadow memory. This is slower than inline instrumentation,
160 however it doesn't bloat size of kernel's .text section so
161 much as inline does.
162
163 config KERNEL_KASAN_INLINE
164 bool "Inline instrumentation"
165 help
166 Compiler directly inserts code checking shadow memory before
167 memory accesses. This is faster than outline (in some workloads
168 it gives about x2 boost over outline instrumentation), but
169 make kernel's .text size much bigger.
170 This requires a gcc version of 5.0 or later.
171
172 endchoice
173
174 config KERNEL_KCOV
175 bool "Compile the kernel with code coverage for fuzzing"
176 select KERNEL_DEBUG_FS
177 help
178 KCOV exposes kernel code coverage information in a form suitable
179 for coverage-guided fuzzing (randomized testing).
180
181 If RANDOMIZE_BASE is enabled, PC values will not be stable across
182 different machines and across reboots. If you need stable PC values,
183 disable RANDOMIZE_BASE.
184
185 For more details, see Documentation/kcov.txt.
186
187 config KERNEL_KCOV_ENABLE_COMPARISONS
188 bool "Enable comparison operands collection by KCOV"
189 depends on KERNEL_KCOV
190 help
191 KCOV also exposes operands of every comparison in the instrumented
192 code along with operand sizes and PCs of the comparison instructions.
193 These operands can be used by fuzzing engines to improve the quality
194 of fuzzing coverage.
195
196 config KERNEL_KCOV_INSTRUMENT_ALL
197 bool "Instrument all code by default"
198 depends on KERNEL_KCOV
199 default y if KERNEL_KCOV
200 help
201 If you are doing generic system call fuzzing (like e.g. syzkaller),
202 then you will want to instrument the whole kernel and you should
203 say y here. If you are doing more targeted fuzzing (like e.g.
204 filesystem fuzzing with AFL) then you will want to enable coverage
205 for more specific subsets of files, and should say n here.
206
207 config KERNEL_TASKSTATS
208 bool "Compile the kernel with task resource/io statistics and accounting"
209 default n
210 help
211 Enable the collection and publishing of task/io statistics and
212 accounting. Enable this option to enable i/o monitoring in system
213 monitors.
214
215 if KERNEL_TASKSTATS
216
217 config KERNEL_TASK_DELAY_ACCT
218 def_bool y
219
220 config KERNEL_TASK_IO_ACCOUNTING
221 def_bool y
222
223 config KERNEL_TASK_XACCT
224 def_bool y
225
226 endif
227
228 config KERNEL_KALLSYMS
229 bool "Compile the kernel with symbol table information"
230 default y if !SMALL_FLASH
231 help
232 This will give you more information in stack traces from kernel oopses.
233
234 config KERNEL_FTRACE
235 bool "Compile the kernel with tracing support"
236 depends on !TARGET_uml
237 default n
238
239 config KERNEL_FTRACE_SYSCALLS
240 bool "Trace system calls"
241 depends on KERNEL_FTRACE
242 default n
243
244 config KERNEL_ENABLE_DEFAULT_TRACERS
245 bool "Trace process context switches and events"
246 depends on KERNEL_FTRACE
247 default n
248
249 config KERNEL_FUNCTION_TRACER
250 bool "Function tracer"
251 depends on KERNEL_FTRACE
252 default n
253
254 config KERNEL_FUNCTION_GRAPH_TRACER
255 bool "Function graph tracer"
256 depends on KERNEL_FUNCTION_TRACER
257 default n
258
259 config KERNEL_DYNAMIC_FTRACE
260 bool "Enable/disable function tracing dynamically"
261 depends on KERNEL_FUNCTION_TRACER
262 default n
263
264 config KERNEL_FUNCTION_PROFILER
265 bool "Function profiler"
266 depends on KERNEL_FUNCTION_TRACER
267 default n
268
269 config KERNEL_IRQSOFF_TRACER
270 bool "Interrupts-off Latency Tracer"
271 depends on KERNEL_FTRACE
272 help
273 This option measures the time spent in irqs-off critical
274 sections, with microsecond accuracy.
275
276 The default measurement method is a maximum search, which is
277 disabled by default and can be runtime (re-)started
278 via:
279
280 echo 0 > /sys/kernel/debug/tracing/tracing_max_latency
281
282 (Note that kernel size and overhead increase with this option
283 enabled. This option and the preempt-off timing option can be
284 used together or separately.)
285
286 config KERNEL_PREEMPT_TRACER
287 bool "Preemption-off Latency Tracer"
288 depends on KERNEL_FTRACE
289 help
290 This option measures the time spent in preemption-off critical
291 sections, with microsecond accuracy.
292
293 The default measurement method is a maximum search, which is
294 disabled by default and can be runtime (re-)started
295 via:
296
297 echo 0 > /sys/kernel/debug/tracing/tracing_max_latency
298
299 (Note that kernel size and overhead increase with this option
300 enabled. This option and the irqs-off timing option can be
301 used together or separately.)
302
303 config KERNEL_DEBUG_KERNEL
304 bool
305 default n
306
307 config KERNEL_DEBUG_INFO
308 bool "Compile the kernel with debug information"
309 default y if !SMALL_FLASH
310 select KERNEL_DEBUG_KERNEL
311 help
312 This will compile your kernel and modules with debug information.
313
314 config KERNEL_DEBUG_LL_UART_NONE
315 bool
316 default n
317 depends on arm
318
319 config KERNEL_DEBUG_LL
320 bool
321 default n
322 depends on arm
323 select KERNEL_DEBUG_LL_UART_NONE
324 help
325 ARM low level debugging.
326
327 config KERNEL_DYNAMIC_DEBUG
328 bool "Compile the kernel with dynamic printk"
329 select KERNEL_DEBUG_FS
330 default n
331 help
332 Compiles debug level messages into the kernel, which would not
333 otherwise be available at runtime. These messages can then be
334 enabled/disabled based on various levels of scope - per source file,
335 function, module, format string, and line number. This mechanism
336 implicitly compiles in all pr_debug() and dev_dbg() calls, which
337 enlarges the kernel text size by about 2%.
338
339 config KERNEL_EARLY_PRINTK
340 bool "Compile the kernel with early printk"
341 default y if TARGET_bcm53xx
342 default n
343 depends on arm
344 select KERNEL_DEBUG_KERNEL
345 select KERNEL_DEBUG_LL if arm
346 help
347 Compile the kernel with early printk support. This is only useful for
348 debugging purposes to send messages over the serial console in early boot.
349 Enable this to debug early boot problems.
350
351 config KERNEL_KPROBES
352 bool "Compile the kernel with kprobes support"
353 default n
354 select KERNEL_FTRACE
355 select KERNEL_PERF_EVENTS
356 help
357 Compiles the kernel with KPROBES support, which allows you to trap
358 at almost any kernel address and execute a callback function.
359 register_kprobe() establishes a probepoint and specifies the
360 callback. Kprobes is useful for kernel debugging, non-intrusive
361 instrumentation and testing.
362 If in doubt, say "N".
363
364 config KERNEL_KPROBE_EVENT
365 bool
366 default y if KERNEL_KPROBES
367
368 config KERNEL_KPROBE_EVENTS
369 bool
370 default y if KERNEL_KPROBES
371
372 config KERNEL_AIO
373 bool "Compile the kernel with asynchronous IO support"
374 default y if !SMALL_FLASH
375
376 config KERNEL_IO_URING
377 bool "Compile the kernel with io_uring support"
378 default y if !SMALL_FLASH
379 depends on LINUX_5_4
380
381 config KERNEL_FHANDLE
382 bool "Compile the kernel with support for fhandle syscalls"
383 default y if !SMALL_FLASH
384
385 config KERNEL_FANOTIFY
386 bool "Compile the kernel with modern file notification support"
387 default y if !SMALL_FLASH
388
389 config KERNEL_BLK_DEV_BSG
390 bool "Compile the kernel with SCSI generic v4 support for any block device"
391 default n
392
393 config KERNEL_TRANSPARENT_HUGEPAGE
394 bool
395
396 choice
397 prompt "Transparent Hugepage Support sysfs defaults"
398 depends on KERNEL_TRANSPARENT_HUGEPAGE
399 default KERNEL_TRANSPARENT_HUGEPAGE_ALWAYS
400
401 config KERNEL_TRANSPARENT_HUGEPAGE_ALWAYS
402 bool "always"
403
404 config KERNEL_TRANSPARENT_HUGEPAGE_MADVISE
405 bool "madvise"
406 endchoice
407
408 config KERNEL_HUGETLBFS
409 bool
410
411 config KERNEL_HUGETLB_PAGE
412 bool "Compile the kernel with HugeTLB support"
413 select KERNEL_TRANSPARENT_HUGEPAGE
414 select KERNEL_HUGETLBFS
415 default n
416
417 config KERNEL_MAGIC_SYSRQ
418 bool "Compile the kernel with SysRq support"
419 default y
420
421 config KERNEL_DEBUG_PINCTRL
422 bool "Compile the kernel with pinctrl debugging"
423 select KERNEL_DEBUG_KERNEL
424
425 config KERNEL_DEBUG_GPIO
426 bool "Compile the kernel with gpio debugging"
427 select KERNEL_DEBUG_KERNEL
428
429 config KERNEL_COREDUMP
430 bool
431
432 config KERNEL_ELF_CORE
433 bool "Enable process core dump support"
434 select KERNEL_COREDUMP
435 default y if !SMALL_FLASH
436
437 config KERNEL_PROVE_LOCKING
438 bool "Enable kernel lock checking"
439 select KERNEL_DEBUG_KERNEL
440 default n
441
442 config KERNEL_LOCKUP_DETECTOR
443 bool "Compile the kernel with detect Hard and Soft Lockups"
444 depends on KERNEL_DEBUG_KERNEL
445 help
446 Say Y here to enable the kernel to act as a watchdog to detect
447 hard and soft lockups.
448
449 Softlockups are bugs that cause the kernel to loop in kernel
450 mode for more than 20 seconds, without giving other tasks a
451 chance to run. The current stack trace is displayed upon
452 detection and the system will stay locked up.
453
454 Hardlockups are bugs that cause the CPU to loop in kernel mode
455 for more than 10 seconds, without letting other interrupts have a
456 chance to run. The current stack trace is displayed upon detection
457 and the system will stay locked up.
458
459 The overhead should be minimal. A periodic hrtimer runs to
460 generate interrupts and kick the watchdog task every 4 seconds.
461 An NMI is generated every 10 seconds or so to check for hardlockups.
462
463 The frequency of hrtimer and NMI events and the soft and hard lockup
464 thresholds can be controlled through the sysctl watchdog_thresh.
465
466 config KERNEL_DETECT_HUNG_TASK
467 bool "Compile the kernel with detect Hung Tasks"
468 depends on KERNEL_DEBUG_KERNEL
469 default KERNEL_LOCKUP_DETECTOR
470 help
471 Say Y here to enable the kernel to detect "hung tasks",
472 which are bugs that cause the task to be stuck in
473 uninterruptible "D" state indefinitely.
474
475 When a hung task is detected, the kernel will print the
476 current stack trace (which you should report), but the
477 task will stay in uninterruptible state. If lockdep is
478 enabled then all held locks will also be reported. This
479 feature has negligible overhead.
480
481 config KERNEL_WQ_WATCHDOG
482 bool "Compile the kernel with detect Workqueue Stalls"
483 depends on KERNEL_DEBUG_KERNEL
484 help
485 Say Y here to enable stall detection on workqueues. If a
486 worker pool doesn't make forward progress on a pending work
487 item for over a given amount of time, 30s by default, a
488 warning message is printed along with dump of workqueue
489 state. This can be configured through kernel parameter
490 "workqueue.watchdog_thresh" and its sysfs counterpart.
491
492 config KERNEL_DEBUG_ATOMIC_SLEEP
493 bool "Compile the kernel with sleep inside atomic section checking"
494 depends on KERNEL_DEBUG_KERNEL
495 help
496 If you say Y here, various routines which may sleep will become very
497 noisy if they are called inside atomic sections: when a spinlock is
498 held, inside an rcu read side critical section, inside preempt disabled
499 sections, inside an interrupt, etc...
500
501 config KERNEL_DEBUG_VM
502 bool "Compile the kernel with debug VM"
503 depends on KERNEL_DEBUG_KERNEL
504 help
505 Enable this to turn on extended checks in the virtual-memory system
506 that may impact performance.
507
508 If unsure, say N.
509
510 config KERNEL_PRINTK_TIME
511 bool "Enable printk timestamps"
512 default y
513
514 config KERNEL_SLUB_DEBUG
515 bool
516
517 config KERNEL_SLUB_DEBUG_ON
518 bool
519
520 config KERNEL_SLABINFO
521 select KERNEL_SLUB_DEBUG
522 select KERNEL_SLUB_DEBUG_ON
523 bool "Enable /proc slab debug info"
524
525 config KERNEL_PROC_PAGE_MONITOR
526 bool "Enable /proc page monitoring"
527
528 config KERNEL_RELAY
529 bool
530
531 config KERNEL_KEXEC
532 bool "Enable kexec support"
533
534 config KERNEL_PROC_VMCORE
535 bool
536
537 config KERNEL_PROC_KCORE
538 bool
539
540 config KERNEL_CRASH_DUMP
541 depends on i386 || x86_64 || arm || armeb
542 select KERNEL_KEXEC
543 select KERNEL_PROC_VMCORE
544 select KERNEL_PROC_KCORE
545 bool "Enable support for kexec crashdump"
546 default y
547
548 config USE_RFKILL
549 bool "Enable rfkill support"
550 default RFKILL_SUPPORT
551
552 config USE_SPARSE
553 bool "Enable sparse check during kernel build"
554 default n
555
556 config KERNEL_DEVTMPFS
557 bool "Compile the kernel with device tmpfs enabled"
558 default n
559 help
560 devtmpfs is a simple, kernel-managed /dev filesystem. The kernel creates
561 devices nodes for all registered devices to simplify boot, but leaves more
562 complex tasks to userspace (e.g. udev).
563
564 if KERNEL_DEVTMPFS
565
566 config KERNEL_DEVTMPFS_MOUNT
567 bool "Automatically mount devtmpfs after root filesystem is mounted"
568 default n
569
570 endif
571
572 config KERNEL_KEYS
573 bool "Enable kernel access key retention support"
574 default !SMALL_FLASH
575
576 config KERNEL_PERSISTENT_KEYRINGS
577 bool "Enable kernel persistent keyrings"
578 depends on KERNEL_KEYS
579 default n
580
581 config KERNEL_KEYS_REQUEST_CACHE
582 bool "Enable temporary caching of the last request_key() result"
583 depends on KERNEL_KEYS
584 default n
585
586 config KERNEL_BIG_KEYS
587 bool "Enable large payload keys on kernel keyrings"
588 depends on KERNEL_KEYS
589 default n
590
591 #
592 # CGROUP support symbols
593 #
594
595 config KERNEL_CGROUPS
596 bool "Enable kernel cgroups"
597 default y if !SMALL_FLASH
598
599 if KERNEL_CGROUPS
600
601 config KERNEL_CGROUP_DEBUG
602 bool "Example debug cgroup subsystem"
603 default n
604 help
605 This option enables a simple cgroup subsystem that
606 exports useful debugging information about the cgroups
607 framework.
608
609 config KERNEL_FREEZER
610 bool
611
612 config KERNEL_CGROUP_FREEZER
613 bool "legacy Freezer cgroup subsystem"
614 default n
615 select KERNEL_FREEZER
616 help
617 Provides a way to freeze and unfreeze all tasks in a
618 cgroup.
619 (legacy cgroup1-only controller, in cgroup2 freezer
620 is integrated in the Memory controller)
621
622 config KERNEL_CGROUP_DEVICE
623 bool "legacy Device controller for cgroups"
624 default n
625 help
626 Provides a cgroup implementing whitelists for devices which
627 a process in the cgroup can mknod or open.
628 (legacy cgroup1-only controller)
629
630 config KERNEL_CGROUP_HUGETLB
631 bool "HugeTLB controller"
632 default n
633 select KERNEL_HUGETLB_PAGE
634
635 config KERNEL_CGROUP_PIDS
636 bool "PIDs cgroup subsystem"
637 default y
638 help
639 Provides enforcement of process number limits in the scope of a
640 cgroup.
641
642 config KERNEL_CGROUP_RDMA
643 bool "RDMA controller for cgroups"
644 default y
645
646 config KERNEL_CGROUP_BPF
647 bool "Support for eBPF programs attached to cgroups"
648 default y
649
650 config KERNEL_CPUSETS
651 bool "Cpuset support"
652 default y
653 help
654 This option will let you create and manage CPUSETs which
655 allow dynamically partitioning a system into sets of CPUs and
656 Memory Nodes and assigning tasks to run only within those sets.
657 This is primarily useful on large SMP or NUMA systems.
658
659 config KERNEL_PROC_PID_CPUSET
660 bool "Include legacy /proc/<pid>/cpuset file"
661 default n
662 depends on KERNEL_CPUSETS
663
664 config KERNEL_CGROUP_CPUACCT
665 bool "Simple CPU accounting cgroup subsystem"
666 default y
667 help
668 Provides a simple Resource Controller for monitoring the
669 total CPU consumed by the tasks in a cgroup.
670
671 config KERNEL_RESOURCE_COUNTERS
672 bool "Resource counters"
673 default y
674 help
675 This option enables controller independent resource accounting
676 infrastructure that works with cgroups.
677
678 config KERNEL_MM_OWNER
679 bool
680 default y if KERNEL_MEMCG
681
682 config KERNEL_MEMCG
683 bool "Memory Resource Controller for Control Groups"
684 default y
685 select KERNEL_FREEZER
686 depends on KERNEL_RESOURCE_COUNTERS || !LINUX_3_18
687 help
688 Provides a memory resource controller that manages both anonymous
689 memory and page cache. (See Documentation/cgroups/memory.txt)
690
691 Note that setting this option increases fixed memory overhead
692 associated with each page of memory in the system. By this,
693 20(40)bytes/PAGE_SIZE on 32(64)bit system will be occupied by memory
694 usage tracking struct at boot. Total amount of this is printed out
695 at boot.
696
697 Only enable when you're ok with these tradeoffs and really
698 sure you need the memory resource controller. Even when you enable
699 this, you can set "cgroup_disable=memory" at your boot option to
700 disable memory resource controller and you can avoid overheads
701 (but lose benefits of memory resource controller).
702
703 This config option also selects MM_OWNER config option, which
704 could in turn add some fork/exit overhead.
705
706 config KERNEL_MEMCG_SWAP
707 bool "Memory Resource Controller Swap Extension"
708 default y
709 depends on KERNEL_MEMCG
710 help
711 Add swap management feature to memory resource controller. When you
712 enable this, you can limit mem+swap usage per cgroup. In other words,
713 when you disable this, memory resource controller has no cares to
714 usage of swap...a process can exhaust all of the swap. This extension
715 is useful when you want to avoid exhaustion swap but this itself
716 adds more overheads and consumes memory for remembering information.
717 Especially if you use 32bit system or small memory system, please
718 be careful about enabling this. When memory resource controller
719 is disabled by boot option, this will be automatically disabled and
720 there will be no overhead from this. Even when you set this config=y,
721 if boot option "swapaccount=0" is set, swap will not be accounted.
722 Now, memory usage of swap_cgroup is 2 bytes per entry. If swap page
723 size is 4096bytes, 512k per 1Gbytes of swap.
724
725 config KERNEL_MEMCG_SWAP_ENABLED
726 bool "Memory Resource Controller Swap Extension enabled by default"
727 default n
728 depends on KERNEL_MEMCG_SWAP
729 help
730 Memory Resource Controller Swap Extension comes with its price in
731 a bigger memory consumption. General purpose distribution kernels
732 which want to enable the feature but keep it disabled by default
733 and let the user enable it by swapaccount boot command line
734 parameter should have this option unselected.
735
736 Those who want to have the feature enabled by default should
737 select this option (if, for some reason, they need to disable it,
738 then swapaccount=0 does the trick).
739
740
741 config KERNEL_MEMCG_KMEM
742 bool "Memory Resource Controller Kernel Memory accounting (EXPERIMENTAL)"
743 default y
744 depends on KERNEL_MEMCG
745 help
746 The Kernel Memory extension for Memory Resource Controller can limit
747 the amount of memory used by kernel objects in the system. Those are
748 fundamentally different from the entities handled by the standard
749 Memory Controller, which are page-based, and can be swapped. Users of
750 the kmem extension can use it to guarantee that no group of processes
751 will ever exhaust kernel resources alone.
752
753 config KERNEL_CGROUP_PERF
754 bool "Enable perf_event per-cpu per-container group (cgroup) monitoring"
755 select KERNEL_PERF_EVENTS
756 default n
757 help
758 This option extends the per-cpu mode to restrict monitoring to
759 threads which belong to the cgroup specified and run on the
760 designated cpu.
761
762 menuconfig KERNEL_CGROUP_SCHED
763 bool "Group CPU scheduler"
764 default y
765 help
766 This feature lets CPU scheduler recognize task groups and control CPU
767 bandwidth allocation to such task groups. It uses cgroups to group
768 tasks.
769
770 if KERNEL_CGROUP_SCHED
771
772 config KERNEL_FAIR_GROUP_SCHED
773 bool "Group scheduling for SCHED_OTHER"
774 default y
775
776 config KERNEL_CFS_BANDWIDTH
777 bool "CPU bandwidth provisioning for FAIR_GROUP_SCHED"
778 default y
779 depends on KERNEL_FAIR_GROUP_SCHED
780 help
781 This option allows users to define CPU bandwidth rates (limits) for
782 tasks running within the fair group scheduler. Groups with no limit
783 set are considered to be unconstrained and will run with no
784 restriction.
785 See tip/Documentation/scheduler/sched-bwc.txt for more information.
786
787 config KERNEL_RT_GROUP_SCHED
788 bool "Group scheduling for SCHED_RR/FIFO"
789 default y
790 help
791 This feature lets you explicitly allocate real CPU bandwidth
792 to task groups. If enabled, it will also make it impossible to
793 schedule realtime tasks for non-root users until you allocate
794 realtime bandwidth for them.
795
796 endif
797
798 config KERNEL_BLK_CGROUP
799 bool "Block IO controller"
800 default y
801 help
802 Generic block IO controller cgroup interface. This is the common
803 cgroup interface which should be used by various IO controlling
804 policies.
805
806 Currently, CFQ IO scheduler uses it to recognize task groups and
807 control disk bandwidth allocation (proportional time slice allocation)
808 to such task groups. It is also used by bio throttling logic in
809 block layer to implement upper limit in IO rates on a device.
810
811 This option only enables generic Block IO controller infrastructure.
812 One needs to also enable actual IO controlling logic/policy. For
813 enabling proportional weight division of disk bandwidth in CFQ, set
814 CONFIG_CFQ_GROUP_IOSCHED=y; for enabling throttling policy, set
815 CONFIG_BLK_DEV_THROTTLING=y.
816
817 if KERNEL_BLK_CGROUP
818
819 config KERNEL_CFQ_GROUP_IOSCHED
820 bool "Proportional weight of disk bandwidth in CFQ"
821
822 config KERNEL_BLK_DEV_THROTTLING
823 bool "Enable throttling policy"
824 default y
825
826 config KERNEL_BLK_DEV_THROTTLING_LOW
827 bool "Block throttling .low limit interface support (EXPERIMENTAL)"
828 depends on KERNEL_BLK_DEV_THROTTLING
829 endif
830
831 config KERNEL_DEBUG_BLK_CGROUP
832 bool "Enable Block IO controller debugging"
833 default n
834 depends on KERNEL_BLK_CGROUP
835 help
836 Enable some debugging help. Currently it exports additional stat
837 files in a cgroup which can be useful for debugging.
838
839 config KERNEL_NET_CLS_CGROUP
840 bool "legacy Control Group Classifier"
841 default n
842
843 config KERNEL_CGROUP_NET_CLASSID
844 bool "legacy Network classid cgroup"
845 default n
846
847 config KERNEL_CGROUP_NET_PRIO
848 bool "legacy Network priority cgroup"
849 default n
850
851 endif
852
853 #
854 # Namespace support symbols
855 #
856
857 config KERNEL_NAMESPACES
858 bool "Enable kernel namespaces"
859 default y if !SMALL_FLASH
860
861 if KERNEL_NAMESPACES
862
863 config KERNEL_UTS_NS
864 bool "UTS namespace"
865 default y
866 help
867 In this namespace, tasks see different info provided
868 with the uname() system call.
869
870 config KERNEL_IPC_NS
871 bool "IPC namespace"
872 default y
873 help
874 In this namespace, tasks work with IPC ids which correspond to
875 different IPC objects in different namespaces.
876
877 config KERNEL_USER_NS
878 bool "User namespace (EXPERIMENTAL)"
879 default y
880 help
881 This allows containers, i.e. vservers, to use user namespaces
882 to provide different user info for different servers.
883
884 config KERNEL_PID_NS
885 bool "PID Namespaces"
886 default y
887 help
888 Support process id namespaces. This allows having multiple
889 processes with the same pid as long as they are in different
890 pid namespaces. This is a building block of containers.
891
892 config KERNEL_NET_NS
893 bool "Network namespace"
894 default y
895 help
896 Allow user space to create what appear to be multiple instances
897 of the network stack.
898
899 endif
900
901 config KERNEL_DEVPTS_MULTIPLE_INSTANCES
902 bool "Support multiple instances of devpts"
903 default y if !SMALL_FLASH
904 help
905 Enable support for multiple instances of devpts filesystem.
906 If you want to have isolated PTY namespaces (eg: in containers),
907 say Y here. Otherwise, say N. If enabled, each mount of devpts
908 filesystem with the '-o newinstance' option will create an
909 independent PTY namespace.
910
911 config KERNEL_POSIX_MQUEUE
912 bool "POSIX Message Queues"
913 default y if !SMALL_FLASH
914 help
915 POSIX variant of message queues is a part of IPC. In POSIX message
916 queues every message has a priority which decides about succession
917 of receiving it by a process. If you want to compile and run
918 programs written e.g. for Solaris with use of its POSIX message
919 queues (functions mq_*) say Y here.
920
921 POSIX message queues are visible as a filesystem called 'mqueue'
922 and can be mounted somewhere if you want to do filesystem
923 operations on message queues.
924
925
926 config KERNEL_SECCOMP_FILTER
927 bool
928 default y if !SMALL_FLASH
929
930 config KERNEL_SECCOMP
931 bool "Enable seccomp support"
932 depends on !(TARGET_uml)
933 select KERNEL_SECCOMP_FILTER
934 default y if !SMALL_FLASH
935 help
936 Build kernel with support for seccomp.
937
938 #
939 # IPv4 configuration
940 #
941
942 config KERNEL_IP_MROUTE
943 bool "Enable IPv4 multicast routing"
944 default y
945 help
946 Multicast routing requires a multicast routing daemon in
947 addition to kernel support.
948
949 #
950 # IPv6 configuration
951 #
952
953 config KERNEL_IPV6
954 def_bool IPV6
955
956 if KERNEL_IPV6
957
958 config KERNEL_IPV6_MULTIPLE_TABLES
959 def_bool y
960
961 config KERNEL_IPV6_SUBTREES
962 def_bool y
963
964 config KERNEL_IPV6_MROUTE
965 bool "Enable IPv6 multicast routing"
966 default y
967 help
968 Multicast routing requires a multicast routing daemon in
969 addition to kernel support.
970
971 config KERNEL_IPV6_PIMSM_V2
972 def_bool n
973
974 endif
975
976 #
977 # NFS related symbols
978 #
979 config KERNEL_IP_PNP
980 bool "Compile the kernel with rootfs on NFS"
981 help
982 If you want to make your kernel boot off a NFS server as root
983 filesystem, select Y here.
984
985 if KERNEL_IP_PNP
986
987 config KERNEL_IP_PNP_DHCP
988 def_bool y
989
990 config KERNEL_IP_PNP_BOOTP
991 def_bool n
992
993 config KERNEL_IP_PNP_RARP
994 def_bool n
995
996 config KERNEL_NFS_FS
997 def_bool y
998
999 config KERNEL_NFS_V2
1000 def_bool y
1001
1002 config KERNEL_NFS_V3
1003 def_bool y
1004
1005 config KERNEL_ROOT_NFS
1006 def_bool y
1007
1008 endif
1009
1010 menu "Filesystem ACL and attr support options"
1011 config USE_FS_ACL_ATTR
1012 bool "Use filesystem ACL and attr support by default"
1013 default n
1014 help
1015 Make using ACLs (e.g. POSIX ACL, NFSv4 ACL) the default
1016 for kernel and packages, except tmpfs, flash filesystems,
1017 and old NFS. Also enable userspace extended attribute support
1018 by default. (OpenWrt already has an expection it will be
1019 present in the kernel).
1020
1021 config KERNEL_FS_POSIX_ACL
1022 bool "Enable POSIX ACL support"
1023 default y if USE_FS_ACL_ATTR
1024
1025 config KERNEL_BTRFS_FS_POSIX_ACL
1026 bool "Enable POSIX ACL for BtrFS Filesystems"
1027 select KERNEL_FS_POSIX_ACL
1028 default y if USE_FS_ACL_ATTR
1029
1030 config KERNEL_EXT4_FS_POSIX_ACL
1031 bool "Enable POSIX ACL for Ext4 Filesystems"
1032 select KERNEL_FS_POSIX_ACL
1033 default y if USE_FS_ACL_ATTR
1034
1035 config KERNEL_F2FS_FS_POSIX_ACL
1036 bool "Enable POSIX ACL for F2FS Filesystems"
1037 select KERNEL_FS_POSIX_ACL
1038 default n
1039
1040 config KERNEL_JFFS2_FS_POSIX_ACL
1041 bool "Enable POSIX ACL for JFFS2 Filesystems"
1042 select KERNEL_FS_POSIX_ACL
1043 default n
1044
1045 config KERNEL_TMPFS_POSIX_ACL
1046 bool "Enable POSIX ACL for TMPFS Filesystems"
1047 select KERNEL_FS_POSIX_ACL
1048 default n
1049
1050 config KERNEL_CIFS_ACL
1051 bool "Enable CIFS ACLs"
1052 select KERNEL_FS_POSIX_ACL
1053 default y if USE_FS_ACL_ATTR
1054
1055 config KERNEL_HFS_FS_POSIX_ACL
1056 bool "Enable POSIX ACL for HFS Filesystems"
1057 select KERNEL_FS_POSIX_ACL
1058 default y if USE_FS_ACL_ATTR
1059
1060 config KERNEL_HFSPLUS_FS_POSIX_ACL
1061 bool "Enable POSIX ACL for HFS+ Filesystems"
1062 select KERNEL_FS_POSIX_ACL
1063 default y if USE_FS_ACL_ATTR
1064
1065 config KERNEL_NFS_ACL_SUPPORT
1066 bool "Enable ACLs for NFS"
1067 default y if USE_FS_ACL_ATTR
1068
1069 config KERNEL_NFS_V3_ACL_SUPPORT
1070 bool "Enable ACLs for NFSv3"
1071 default n
1072
1073 config KERNEL_NFSD_V2_ACL_SUPPORT
1074 bool "Enable ACLs for NFSDv2"
1075 default n
1076
1077 config KERNEL_NFSD_V3_ACL_SUPPORT
1078 bool "Enable ACLs for NFSDv3"
1079 default n
1080
1081 config KERNEL_REISER_FS_POSIX_ACL
1082 bool "Enable POSIX ACLs for ReiserFS"
1083 select KERNEL_FS_POSIX_ACL
1084 default y if USE_FS_ACL_ATTR
1085
1086 config KERNEL_XFS_POSIX_ACL
1087 bool "Enable POSIX ACLs for XFS"
1088 select KERNEL_FS_POSIX_ACL
1089 default y if USE_FS_ACL_ATTR
1090
1091 config KERNEL_JFS_POSIX_ACL
1092 bool "Enable POSIX ACLs for JFS"
1093 select KERNEL_FS_POSIX_ACL
1094 default y if USE_FS_ACL_ATTR
1095
1096 endmenu
1097
1098 config KERNEL_DEVMEM
1099 bool "/dev/mem virtual device support"
1100 help
1101 Say Y here if you want to support the /dev/mem device.
1102 The /dev/mem device is used to access areas of physical
1103 memory.
1104
1105 config KERNEL_DEVKMEM
1106 bool "/dev/kmem virtual device support"
1107 help
1108 Say Y here if you want to support the /dev/kmem device. The
1109 /dev/kmem device is rarely used, but can be used for certain
1110 kind of kernel debugging operations.
1111
1112 config KERNEL_SQUASHFS_FRAGMENT_CACHE_SIZE
1113 int "Number of squashfs fragments cached"
1114 default 2 if (SMALL_FLASH && !LOW_MEMORY_FOOTPRINT)
1115 default 3
1116
1117 config KERNEL_SQUASHFS_XATTR
1118 bool "Squashfs XATTR support"
1119
1120 #
1121 # compile optimiziation setting
1122 #
1123 choice
1124 prompt "Compiler optimization level"
1125 default KERNEL_CC_OPTIMIZE_FOR_SIZE if SMALL_FLASH
1126
1127 config KERNEL_CC_OPTIMIZE_FOR_PERFORMANCE
1128 bool "Optimize for performance"
1129 help
1130 This is the default optimization level for the kernel, building
1131 with the "-O2" compiler flag for best performance and most
1132 helpful compile-time warnings.
1133
1134 config KERNEL_CC_OPTIMIZE_FOR_SIZE
1135 bool "Optimize for size"
1136 help
1137 Enabling this option will pass "-Os" instead of "-O2" to
1138 your compiler resulting in a smaller kernel.
1139
1140 endchoice
1141
1142 config KERNEL_AUDIT
1143 bool "Auditing support"
1144
1145 config KERNEL_SECURITY
1146 bool "Enable different security models"
1147
1148 config KERNEL_SECURITY_NETWORK
1149 bool "Socket and Networking Security Hooks"
1150 select KERNEL_SECURITY
1151
1152 config KERNEL_SECURITY_SELINUX
1153 bool "NSA SELinux Support"
1154 select KERNEL_SECURITY_NETWORK
1155 select KERNEL_AUDIT
1156
1157 config KERNEL_SECURITY_SELINUX_BOOTPARAM
1158 bool "NSA SELinux boot parameter"
1159 depends on KERNEL_SECURITY_SELINUX
1160 default y
1161
1162 config KERNEL_SECURITY_SELINUX_DISABLE
1163 bool "NSA SELinux runtime disable"
1164 depends on KERNEL_SECURITY_SELINUX
1165
1166 config KERNEL_SECURITY_SELINUX_DEVELOP
1167 bool "NSA SELinux Development Support"
1168 depends on KERNEL_SECURITY_SELINUX
1169 default y
1170
1171 config KERNEL_LSM
1172 string
1173 default "lockdown,yama,loadpin,safesetid,integrity,selinux"
1174 depends on KERNEL_SECURITY_SELINUX
1175
1176 config KERNEL_EXT4_FS_SECURITY
1177 bool "Ext4 Security Labels"
1178
1179 config KERNEL_F2FS_FS_SECURITY
1180 bool "F2FS Security Labels"
1181
1182 config KERNEL_UBIFS_FS_SECURITY
1183 bool "UBIFS Security Labels"
1184
1185 config KERNEL_JFFS2_FS_SECURITY
1186 bool "JFFS2 Security Labels"
Staging tree of Christian Lamparter