projects / openwrt / staging / wigyori.git / blob
? search:


c0460db72aba5bbb9845bab0615eefdfdfdda860
[openwrt/staging/wigyori.git] / config / Config-kernel.in
1 # Copyright (C) 2006-2014 OpenWrt.org
2 #
3 # This is free software, licensed under the GNU General Public License v2.
4 # See /LICENSE for more information.
5 #
6
7 config KERNEL_BUILD_USER
8 string "Custom Kernel Build User Name"
9 default "builder" if BUILDBOT
10 default ""
11 help
12 Sets the Kernel build user string, which for example will be returned
13 by 'uname -a' on running systems.
14 If not set, uses system user at build time.
15
16 config KERNEL_BUILD_DOMAIN
17 string "Custom Kernel Build Domain Name"
18 default "buildhost" if BUILDBOT
19 default ""
20 help
21 Sets the Kernel build domain string, which for example will be
22 returned by 'uname -a' on running systems.
23 If not set, uses system hostname at build time.
24
25 config KERNEL_PRINTK
26 bool "Enable support for printk"
27 default y
28
29 config KERNEL_CRASHLOG
30 bool "Crash logging"
31 depends on !(arm || powerpc || sparc || TARGET_uml || i386 || x86_64)
32 default y
33
34 config KERNEL_SWAP
35 bool "Support for paging of anonymous memory (swap)"
36 default y if !SMALL_FLASH
37
38 config KERNEL_PROC_STRIPPED
39 bool "Strip non-essential /proc functionality to reduce code size"
40 default y if SMALL_FLASH
41
42 config KERNEL_DEBUG_FS
43 bool "Compile the kernel with debug filesystem enabled"
44 default y
45 help
46 debugfs is a virtual file system that kernel developers use to put
47 debugging files into. Enable this option to be able to read and
48 write to these files. Many common debugging facilities, such as
49 ftrace, require the existence of debugfs.
50
51 config KERNEL_MIPS_FP_SUPPORT
52 bool
53 default y if TARGET_pistachio
54
55 config KERNEL_ARM_PMU
56 bool
57 default n
58 depends on (arm || aarch64)
59
60 config KERNEL_X86_VSYSCALL_EMULATION
61 bool "Enable vsyscall emulation"
62 default n
63 depends on x86_64
64 help
65 This enables emulation of the legacy vsyscall page. Disabling
66 it is roughly equivalent to booting with vsyscall=none, except
67 that it will also disable the helpful warning if a program
68 tries to use a vsyscall. With this option set to N, offending
69 programs will just segfault, citing addresses of the form
70 0xffffffffff600?00.
71
72 This option is required by many programs built before 2013, and
73 care should be used even with newer programs if set to N.
74
75 Disabling this option saves about 7K of kernel size and
76 possibly 4K of additional runtime pagetable memory.
77
78 config KERNEL_PERF_EVENTS
79 bool "Compile the kernel with performance events and counters"
80 default n
81 select KERNEL_ARM_PMU if (arm || aarch64)
82
83 config KERNEL_PROFILING
84 bool "Compile the kernel with profiling enabled"
85 default n
86 select KERNEL_PERF_EVENTS
87 help
88 Enable the extended profiling support mechanisms used by profilers such
89 as OProfile.
90
91 config KERNEL_UBSAN
92 bool "Compile the kernel with undefined behaviour sanity checker"
93 help
94 This option enables undefined behaviour sanity checker
95 Compile-time instrumentation is used to detect various undefined
96 behaviours in runtime. Various types of checks may be enabled
97 via boot parameter ubsan_handle
98 (see: Documentation/dev-tools/ubsan.rst).
99
100 config KERNEL_UBSAN_SANITIZE_ALL
101 bool "Enable instrumentation for the entire kernel"
102 depends on KERNEL_UBSAN
103 default y
104 help
105 This option activates instrumentation for the entire kernel.
106 If you don't enable this option, you have to explicitly specify
107 UBSAN_SANITIZE := y for the files/directories you want to check for UB.
108 Enabling this option will get kernel image size increased
109 significantly.
110
111 config KERNEL_UBSAN_ALIGNMENT
112 bool "Enable checking of pointers alignment"
113 depends on KERNEL_UBSAN
114 help
115 This option enables detection of unaligned memory accesses.
116 Enabling this option on architectures that support unaligned
117 accesses may produce a lot of false positives.
118
119 config KERNEL_UBSAN_NULL
120 bool "Enable checking of null pointers"
121 depends on KERNEL_UBSAN
122 help
123 This option enables detection of memory accesses via a
124 null pointer.
125
126 config KERNEL_KASAN
127 bool "Compile the kernel with KASan: runtime memory debugger"
128 select KERNEL_SLUB_DEBUG
129 depends on (x86_64 || aarch64)
130 help
131 Enables kernel address sanitizer - runtime memory debugger,
132 designed to find out-of-bounds accesses and use-after-free bugs.
133 This is strictly a debugging feature and it requires a gcc version
134 of 4.9.2 or later. Detection of out of bounds accesses to stack or
135 global variables requires gcc 5.0 or later.
136 This feature consumes about 1/8 of available memory and brings about
137 ~x3 performance slowdown.
138 For better error detection enable CONFIG_STACKTRACE.
139 Currently CONFIG_KASAN doesn't work with CONFIG_DEBUG_SLAB
140 (the resulting kernel does not boot).
141
142 config KERNEL_KASAN_EXTRA
143 bool "KAsan: extra checks"
144 depends on KERNEL_KASAN && KERNEL_DEBUG_KERNEL
145 help
146 This enables further checks in the kernel address sanitizer, for now
147 it only includes the address-use-after-scope check that can lead
148 to excessive kernel stack usage, frame size warnings and longer
149 compile time.
150 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715 has more
151
152
153 choice
154 prompt "Instrumentation type"
155 depends on KERNEL_KASAN
156 default KERNEL_KASAN_OUTLINE
157
158 config KERNEL_KASAN_OUTLINE
159 bool "Outline instrumentation"
160 help
161 Before every memory access compiler insert function call
162 __asan_load*/__asan_store*. These functions performs check
163 of shadow memory. This is slower than inline instrumentation,
164 however it doesn't bloat size of kernel's .text section so
165 much as inline does.
166
167 config KERNEL_KASAN_INLINE
168 bool "Inline instrumentation"
169 help
170 Compiler directly inserts code checking shadow memory before
171 memory accesses. This is faster than outline (in some workloads
172 it gives about x2 boost over outline instrumentation), but
173 make kernel's .text size much bigger.
174 This requires a gcc version of 5.0 or later.
175
176 endchoice
177
178 config KERNEL_KCOV
179 bool "Compile the kernel with code coverage for fuzzing"
180 select KERNEL_DEBUG_FS
181 help
182 KCOV exposes kernel code coverage information in a form suitable
183 for coverage-guided fuzzing (randomized testing).
184
185 If RANDOMIZE_BASE is enabled, PC values will not be stable across
186 different machines and across reboots. If you need stable PC values,
187 disable RANDOMIZE_BASE.
188
189 For more details, see Documentation/kcov.txt.
190
191 config KERNEL_KCOV_ENABLE_COMPARISONS
192 bool "Enable comparison operands collection by KCOV"
193 depends on KERNEL_KCOV
194 help
195 KCOV also exposes operands of every comparison in the instrumented
196 code along with operand sizes and PCs of the comparison instructions.
197 These operands can be used by fuzzing engines to improve the quality
198 of fuzzing coverage.
199
200 config KERNEL_KCOV_INSTRUMENT_ALL
201 bool "Instrument all code by default"
202 depends on KERNEL_KCOV
203 default y if KERNEL_KCOV
204 help
205 If you are doing generic system call fuzzing (like e.g. syzkaller),
206 then you will want to instrument the whole kernel and you should
207 say y here. If you are doing more targeted fuzzing (like e.g.
208 filesystem fuzzing with AFL) then you will want to enable coverage
209 for more specific subsets of files, and should say n here.
210
211 config KERNEL_TASKSTATS
212 bool "Compile the kernel with task resource/io statistics and accounting"
213 default n
214 help
215 Enable the collection and publishing of task/io statistics and
216 accounting. Enable this option to enable i/o monitoring in system
217 monitors.
218
219 if KERNEL_TASKSTATS
220
221 config KERNEL_TASK_DELAY_ACCT
222 def_bool y
223
224 config KERNEL_TASK_IO_ACCOUNTING
225 def_bool y
226
227 config KERNEL_TASK_XACCT
228 def_bool y
229
230 endif
231
232 config KERNEL_KALLSYMS
233 bool "Compile the kernel with symbol table information"
234 default y if !SMALL_FLASH
235 help
236 This will give you more information in stack traces from kernel oopses.
237
238 config KERNEL_FTRACE
239 bool "Compile the kernel with tracing support"
240 depends on !TARGET_uml
241 default n
242
243 config KERNEL_FTRACE_SYSCALLS
244 bool "Trace system calls"
245 depends on KERNEL_FTRACE
246 default n
247
248 config KERNEL_ENABLE_DEFAULT_TRACERS
249 bool "Trace process context switches and events"
250 depends on KERNEL_FTRACE
251 default n
252
253 config KERNEL_FUNCTION_TRACER
254 bool "Function tracer"
255 depends on KERNEL_FTRACE
256 default n
257
258 config KERNEL_FUNCTION_GRAPH_TRACER
259 bool "Function graph tracer"
260 depends on KERNEL_FUNCTION_TRACER
261 default n
262
263 config KERNEL_DYNAMIC_FTRACE
264 bool "Enable/disable function tracing dynamically"
265 depends on KERNEL_FUNCTION_TRACER
266 default n
267
268 config KERNEL_FUNCTION_PROFILER
269 bool "Function profiler"
270 depends on KERNEL_FUNCTION_TRACER
271 default n
272
273 config KERNEL_IRQSOFF_TRACER
274 bool "Interrupts-off Latency Tracer"
275 depends on KERNEL_FTRACE
276 help
277 This option measures the time spent in irqs-off critical
278 sections, with microsecond accuracy.
279
280 The default measurement method is a maximum search, which is
281 disabled by default and can be runtime (re-)started
282 via:
283
284 echo 0 > /sys/kernel/debug/tracing/tracing_max_latency
285
286 (Note that kernel size and overhead increase with this option
287 enabled. This option and the preempt-off timing option can be
288 used together or separately.)
289
290 config KERNEL_PREEMPT_TRACER
291 bool "Preemption-off Latency Tracer"
292 depends on KERNEL_FTRACE
293 help
294 This option measures the time spent in preemption-off critical
295 sections, with microsecond accuracy.
296
297 The default measurement method is a maximum search, which is
298 disabled by default and can be runtime (re-)started
299 via:
300
301 echo 0 > /sys/kernel/debug/tracing/tracing_max_latency
302
303 (Note that kernel size and overhead increase with this option
304 enabled. This option and the irqs-off timing option can be
305 used together or separately.)
306
307 config KERNEL_DEBUG_KERNEL
308 bool
309 default n
310
311 config KERNEL_DEBUG_INFO
312 bool "Compile the kernel with debug information"
313 default y if !SMALL_FLASH
314 select KERNEL_DEBUG_KERNEL
315 help
316 This will compile your kernel and modules with debug information.
317
318 config KERNEL_DEBUG_LL_UART_NONE
319 bool
320 default n
321 depends on arm
322
323 config KERNEL_DEBUG_LL
324 bool
325 default n
326 depends on arm
327 select KERNEL_DEBUG_LL_UART_NONE
328 help
329 ARM low level debugging.
330
331 config KERNEL_DYNAMIC_DEBUG
332 bool "Compile the kernel with dynamic printk"
333 select KERNEL_DEBUG_FS
334 default n
335 help
336 Compiles debug level messages into the kernel, which would not
337 otherwise be available at runtime. These messages can then be
338 enabled/disabled based on various levels of scope - per source file,
339 function, module, format string, and line number. This mechanism
340 implicitly compiles in all pr_debug() and dev_dbg() calls, which
341 enlarges the kernel text size by about 2%.
342
343 config KERNEL_EARLY_PRINTK
344 bool "Compile the kernel with early printk"
345 default y if TARGET_bcm53xx
346 default n
347 depends on arm
348 select KERNEL_DEBUG_KERNEL
349 select KERNEL_DEBUG_LL if arm
350 help
351 Compile the kernel with early printk support. This is only useful for
352 debugging purposes to send messages over the serial console in early boot.
353 Enable this to debug early boot problems.
354
355 config KERNEL_KPROBES
356 bool "Compile the kernel with kprobes support"
357 default n
358 select KERNEL_FTRACE
359 select KERNEL_PERF_EVENTS
360 help
361 Compiles the kernel with KPROBES support, which allows you to trap
362 at almost any kernel address and execute a callback function.
363 register_kprobe() establishes a probepoint and specifies the
364 callback. Kprobes is useful for kernel debugging, non-intrusive
365 instrumentation and testing.
366 If in doubt, say "N".
367
368 config KERNEL_KPROBE_EVENTS
369 bool
370 default y if KERNEL_KPROBES
371
372 config KERNEL_AIO
373 bool "Compile the kernel with asynchronous IO support"
374 default y if !SMALL_FLASH
375
376 config KERNEL_IO_URING
377 bool "Compile the kernel with io_uring support"
378 default y if !SMALL_FLASH
379
380 config KERNEL_FHANDLE
381 bool "Compile the kernel with support for fhandle syscalls"
382 default y if !SMALL_FLASH
383
384 config KERNEL_FANOTIFY
385 bool "Compile the kernel with modern file notification support"
386 default y if !SMALL_FLASH
387
388 config KERNEL_BLK_DEV_BSG
389 bool "Compile the kernel with SCSI generic v4 support for any block device"
390 default n
391
392 config KERNEL_TRANSPARENT_HUGEPAGE
393 bool
394
395 choice
396 prompt "Transparent Hugepage Support sysfs defaults"
397 depends on KERNEL_TRANSPARENT_HUGEPAGE
398 default KERNEL_TRANSPARENT_HUGEPAGE_ALWAYS
399
400 config KERNEL_TRANSPARENT_HUGEPAGE_ALWAYS
401 bool "always"
402
403 config KERNEL_TRANSPARENT_HUGEPAGE_MADVISE
404 bool "madvise"
405 endchoice
406
407 config KERNEL_HUGETLBFS
408 bool
409
410 config KERNEL_HUGETLB_PAGE
411 bool "Compile the kernel with HugeTLB support"
412 select KERNEL_TRANSPARENT_HUGEPAGE
413 select KERNEL_HUGETLBFS
414 default n
415
416 config KERNEL_MAGIC_SYSRQ
417 bool "Compile the kernel with SysRq support"
418 default y
419
420 config KERNEL_DEBUG_PINCTRL
421 bool "Compile the kernel with pinctrl debugging"
422 select KERNEL_DEBUG_KERNEL
423
424 config KERNEL_DEBUG_GPIO
425 bool "Compile the kernel with gpio debugging"
426 select KERNEL_DEBUG_KERNEL
427
428 config KERNEL_COREDUMP
429 bool
430
431 config KERNEL_ELF_CORE
432 bool "Enable process core dump support"
433 select KERNEL_COREDUMP
434 default y if !SMALL_FLASH
435
436 config KERNEL_PROVE_LOCKING
437 bool "Enable kernel lock checking"
438 select KERNEL_DEBUG_KERNEL
439 default n
440
441 config KERNEL_LOCKUP_DETECTOR
442 bool "Compile the kernel with detect Hard and Soft Lockups"
443 depends on KERNEL_DEBUG_KERNEL
444 help
445 Say Y here to enable the kernel to act as a watchdog to detect
446 hard and soft lockups.
447
448 Softlockups are bugs that cause the kernel to loop in kernel
449 mode for more than 20 seconds, without giving other tasks a
450 chance to run. The current stack trace is displayed upon
451 detection and the system will stay locked up.
452
453 Hardlockups are bugs that cause the CPU to loop in kernel mode
454 for more than 10 seconds, without letting other interrupts have a
455 chance to run. The current stack trace is displayed upon detection
456 and the system will stay locked up.
457
458 The overhead should be minimal. A periodic hrtimer runs to
459 generate interrupts and kick the watchdog task every 4 seconds.
460 An NMI is generated every 10 seconds or so to check for hardlockups.
461
462 The frequency of hrtimer and NMI events and the soft and hard lockup
463 thresholds can be controlled through the sysctl watchdog_thresh.
464
465 config KERNEL_DETECT_HUNG_TASK
466 bool "Compile the kernel with detect Hung Tasks"
467 depends on KERNEL_DEBUG_KERNEL
468 default KERNEL_LOCKUP_DETECTOR
469 help
470 Say Y here to enable the kernel to detect "hung tasks",
471 which are bugs that cause the task to be stuck in
472 uninterruptible "D" state indefinitely.
473
474 When a hung task is detected, the kernel will print the
475 current stack trace (which you should report), but the
476 task will stay in uninterruptible state. If lockdep is
477 enabled then all held locks will also be reported. This
478 feature has negligible overhead.
479
480 config KERNEL_WQ_WATCHDOG
481 bool "Compile the kernel with detect Workqueue Stalls"
482 depends on KERNEL_DEBUG_KERNEL
483 help
484 Say Y here to enable stall detection on workqueues. If a
485 worker pool doesn't make forward progress on a pending work
486 item for over a given amount of time, 30s by default, a
487 warning message is printed along with dump of workqueue
488 state. This can be configured through kernel parameter
489 "workqueue.watchdog_thresh" and its sysfs counterpart.
490
491 config KERNEL_DEBUG_ATOMIC_SLEEP
492 bool "Compile the kernel with sleep inside atomic section checking"
493 depends on KERNEL_DEBUG_KERNEL
494 help
495 If you say Y here, various routines which may sleep will become very
496 noisy if they are called inside atomic sections: when a spinlock is
497 held, inside an rcu read side critical section, inside preempt disabled
498 sections, inside an interrupt, etc...
499
500 config KERNEL_DEBUG_VM
501 bool "Compile the kernel with debug VM"
502 depends on KERNEL_DEBUG_KERNEL
503 help
504 Enable this to turn on extended checks in the virtual-memory system
505 that may impact performance.
506
507 If unsure, say N.
508
509 config KERNEL_PRINTK_TIME
510 bool "Enable printk timestamps"
511 default y
512
513 config KERNEL_SLUB_DEBUG
514 bool
515
516 config KERNEL_SLUB_DEBUG_ON
517 bool
518
519 config KERNEL_SLABINFO
520 select KERNEL_SLUB_DEBUG
521 select KERNEL_SLUB_DEBUG_ON
522 bool "Enable /proc slab debug info"
523
524 config KERNEL_PROC_PAGE_MONITOR
525 bool "Enable /proc page monitoring"
526
527 config KERNEL_RELAY
528 bool
529
530 config KERNEL_KEXEC
531 bool "Enable kexec support"
532
533 config KERNEL_PROC_VMCORE
534 bool
535
536 config KERNEL_PROC_KCORE
537 bool
538
539 config KERNEL_CRASH_DUMP
540 depends on i386 || x86_64 || arm || armeb
541 select KERNEL_KEXEC
542 select KERNEL_PROC_VMCORE
543 select KERNEL_PROC_KCORE
544 bool "Enable support for kexec crashdump"
545 default y
546
547 config USE_RFKILL
548 bool "Enable rfkill support"
549 default RFKILL_SUPPORT
550
551 config USE_SPARSE
552 bool "Enable sparse check during kernel build"
553 default n
554
555 config KERNEL_DEVTMPFS
556 bool "Compile the kernel with device tmpfs enabled"
557 default n
558 help
559 devtmpfs is a simple, kernel-managed /dev filesystem. The kernel creates
560 devices nodes for all registered devices to simplify boot, but leaves more
561 complex tasks to userspace (e.g. udev).
562
563 if KERNEL_DEVTMPFS
564
565 config KERNEL_DEVTMPFS_MOUNT
566 bool "Automatically mount devtmpfs after root filesystem is mounted"
567 default n
568
569 endif
570
571 config KERNEL_KEYS
572 bool "Enable kernel access key retention support"
573 default !SMALL_FLASH
574
575 config KERNEL_PERSISTENT_KEYRINGS
576 bool "Enable kernel persistent keyrings"
577 depends on KERNEL_KEYS
578 default n
579
580 config KERNEL_KEYS_REQUEST_CACHE
581 bool "Enable temporary caching of the last request_key() result"
582 depends on KERNEL_KEYS
583 default n
584
585 config KERNEL_BIG_KEYS
586 bool "Enable large payload keys on kernel keyrings"
587 depends on KERNEL_KEYS
588 default n
589
590 #
591 # CGROUP support symbols
592 #
593
594 config KERNEL_CGROUPS
595 bool "Enable kernel cgroups"
596 default y if !SMALL_FLASH
597
598 if KERNEL_CGROUPS
599
600 config KERNEL_CGROUP_DEBUG
601 bool "Example debug cgroup subsystem"
602 default n
603 help
604 This option enables a simple cgroup subsystem that
605 exports useful debugging information about the cgroups
606 framework.
607
608 config KERNEL_FREEZER
609 bool
610
611 config KERNEL_CGROUP_FREEZER
612 bool "legacy Freezer cgroup subsystem"
613 default n
614 select KERNEL_FREEZER
615 help
616 Provides a way to freeze and unfreeze all tasks in a
617 cgroup.
618 (legacy cgroup1-only controller, in cgroup2 freezer
619 is integrated in the Memory controller)
620
621 config KERNEL_CGROUP_DEVICE
622 bool "legacy Device controller for cgroups"
623 default n
624 help
625 Provides a cgroup implementing whitelists for devices which
626 a process in the cgroup can mknod or open.
627 (legacy cgroup1-only controller)
628
629 config KERNEL_CGROUP_HUGETLB
630 bool "HugeTLB controller"
631 default n
632 select KERNEL_HUGETLB_PAGE
633
634 config KERNEL_CGROUP_PIDS
635 bool "PIDs cgroup subsystem"
636 default y
637 help
638 Provides enforcement of process number limits in the scope of a
639 cgroup.
640
641 config KERNEL_CGROUP_RDMA
642 bool "RDMA controller for cgroups"
643 default y
644
645 config KERNEL_CGROUP_BPF
646 bool "Support for eBPF programs attached to cgroups"
647 default y
648
649 config KERNEL_CPUSETS
650 bool "Cpuset support"
651 default y
652 help
653 This option will let you create and manage CPUSETs which
654 allow dynamically partitioning a system into sets of CPUs and
655 Memory Nodes and assigning tasks to run only within those sets.
656 This is primarily useful on large SMP or NUMA systems.
657
658 config KERNEL_PROC_PID_CPUSET
659 bool "Include legacy /proc/<pid>/cpuset file"
660 default n
661 depends on KERNEL_CPUSETS
662
663 config KERNEL_CGROUP_CPUACCT
664 bool "Simple CPU accounting cgroup subsystem"
665 default y
666 help
667 Provides a simple Resource Controller for monitoring the
668 total CPU consumed by the tasks in a cgroup.
669
670 config KERNEL_RESOURCE_COUNTERS
671 bool "Resource counters"
672 default y
673 help
674 This option enables controller independent resource accounting
675 infrastructure that works with cgroups.
676
677 config KERNEL_MM_OWNER
678 bool
679 default y if KERNEL_MEMCG
680
681 config KERNEL_MEMCG
682 bool "Memory Resource Controller for Control Groups"
683 default y
684 select KERNEL_FREEZER
685 depends on KERNEL_RESOURCE_COUNTERS || !LINUX_3_18
686 help
687 Provides a memory resource controller that manages both anonymous
688 memory and page cache. (See Documentation/cgroups/memory.txt)
689
690 Note that setting this option increases fixed memory overhead
691 associated with each page of memory in the system. By this,
692 20(40)bytes/PAGE_SIZE on 32(64)bit system will be occupied by memory
693 usage tracking struct at boot. Total amount of this is printed out
694 at boot.
695
696 Only enable when you're ok with these tradeoffs and really
697 sure you need the memory resource controller. Even when you enable
698 this, you can set "cgroup_disable=memory" at your boot option to
699 disable memory resource controller and you can avoid overheads
700 (but lose benefits of memory resource controller).
701
702 This config option also selects MM_OWNER config option, which
703 could in turn add some fork/exit overhead.
704
705 config KERNEL_MEMCG_SWAP
706 bool "Memory Resource Controller Swap Extension"
707 default y
708 depends on KERNEL_MEMCG
709 help
710 Add swap management feature to memory resource controller. When you
711 enable this, you can limit mem+swap usage per cgroup. In other words,
712 when you disable this, memory resource controller has no cares to
713 usage of swap...a process can exhaust all of the swap. This extension
714 is useful when you want to avoid exhaustion swap but this itself
715 adds more overheads and consumes memory for remembering information.
716 Especially if you use 32bit system or small memory system, please
717 be careful about enabling this. When memory resource controller
718 is disabled by boot option, this will be automatically disabled and
719 there will be no overhead from this. Even when you set this config=y,
720 if boot option "swapaccount=0" is set, swap will not be accounted.
721 Now, memory usage of swap_cgroup is 2 bytes per entry. If swap page
722 size is 4096bytes, 512k per 1Gbytes of swap.
723
724 config KERNEL_MEMCG_SWAP_ENABLED
725 bool "Memory Resource Controller Swap Extension enabled by default"
726 default n
727 depends on KERNEL_MEMCG_SWAP
728 help
729 Memory Resource Controller Swap Extension comes with its price in
730 a bigger memory consumption. General purpose distribution kernels
731 which want to enable the feature but keep it disabled by default
732 and let the user enable it by swapaccount boot command line
733 parameter should have this option unselected.
734
735 Those who want to have the feature enabled by default should
736 select this option (if, for some reason, they need to disable it,
737 then swapaccount=0 does the trick).
738
739
740 config KERNEL_MEMCG_KMEM
741 bool "Memory Resource Controller Kernel Memory accounting (EXPERIMENTAL)"
742 default y
743 depends on KERNEL_MEMCG
744 help
745 The Kernel Memory extension for Memory Resource Controller can limit
746 the amount of memory used by kernel objects in the system. Those are
747 fundamentally different from the entities handled by the standard
748 Memory Controller, which are page-based, and can be swapped. Users of
749 the kmem extension can use it to guarantee that no group of processes
750 will ever exhaust kernel resources alone.
751
752 config KERNEL_CGROUP_PERF
753 bool "Enable perf_event per-cpu per-container group (cgroup) monitoring"
754 select KERNEL_PERF_EVENTS
755 default n
756 help
757 This option extends the per-cpu mode to restrict monitoring to
758 threads which belong to the cgroup specified and run on the
759 designated cpu.
760
761 menuconfig KERNEL_CGROUP_SCHED
762 bool "Group CPU scheduler"
763 default y
764 help
765 This feature lets CPU scheduler recognize task groups and control CPU
766 bandwidth allocation to such task groups. It uses cgroups to group
767 tasks.
768
769 if KERNEL_CGROUP_SCHED
770
771 config KERNEL_FAIR_GROUP_SCHED
772 bool "Group scheduling for SCHED_OTHER"
773 default y
774
775 config KERNEL_CFS_BANDWIDTH
776 bool "CPU bandwidth provisioning for FAIR_GROUP_SCHED"
777 default y
778 depends on KERNEL_FAIR_GROUP_SCHED
779 help
780 This option allows users to define CPU bandwidth rates (limits) for
781 tasks running within the fair group scheduler. Groups with no limit
782 set are considered to be unconstrained and will run with no
783 restriction.
784 See tip/Documentation/scheduler/sched-bwc.txt for more information.
785
786 config KERNEL_RT_GROUP_SCHED
787 bool "Group scheduling for SCHED_RR/FIFO"
788 default y
789 help
790 This feature lets you explicitly allocate real CPU bandwidth
791 to task groups. If enabled, it will also make it impossible to
792 schedule realtime tasks for non-root users until you allocate
793 realtime bandwidth for them.
794
795 endif
796
797 config KERNEL_BLK_CGROUP
798 bool "Block IO controller"
799 default y
800 help
801 Generic block IO controller cgroup interface. This is the common
802 cgroup interface which should be used by various IO controlling
803 policies.
804
805 Currently, CFQ IO scheduler uses it to recognize task groups and
806 control disk bandwidth allocation (proportional time slice allocation)
807 to such task groups. It is also used by bio throttling logic in
808 block layer to implement upper limit in IO rates on a device.
809
810 This option only enables generic Block IO controller infrastructure.
811 One needs to also enable actual IO controlling logic/policy. For
812 enabling proportional weight division of disk bandwidth in CFQ, set
813 CONFIG_CFQ_GROUP_IOSCHED=y; for enabling throttling policy, set
814 CONFIG_BLK_DEV_THROTTLING=y.
815
816 if KERNEL_BLK_CGROUP
817
818 config KERNEL_CFQ_GROUP_IOSCHED
819 bool "Proportional weight of disk bandwidth in CFQ"
820
821 config KERNEL_BLK_DEV_THROTTLING
822 bool "Enable throttling policy"
823 default y
824
825 config KERNEL_BLK_DEV_THROTTLING_LOW
826 bool "Block throttling .low limit interface support (EXPERIMENTAL)"
827 depends on KERNEL_BLK_DEV_THROTTLING
828 endif
829
830 config KERNEL_DEBUG_BLK_CGROUP
831 bool "Enable Block IO controller debugging"
832 default n
833 depends on KERNEL_BLK_CGROUP
834 help
835 Enable some debugging help. Currently it exports additional stat
836 files in a cgroup which can be useful for debugging.
837
838 config KERNEL_NET_CLS_CGROUP
839 bool "legacy Control Group Classifier"
840 default n
841
842 config KERNEL_CGROUP_NET_CLASSID
843 bool "legacy Network classid cgroup"
844 default n
845
846 config KERNEL_CGROUP_NET_PRIO
847 bool "legacy Network priority cgroup"
848 default n
849
850 endif
851
852 #
853 # Namespace support symbols
854 #
855
856 config KERNEL_NAMESPACES
857 bool "Enable kernel namespaces"
858 default y if !SMALL_FLASH
859
860 if KERNEL_NAMESPACES
861
862 config KERNEL_UTS_NS
863 bool "UTS namespace"
864 default y
865 help
866 In this namespace, tasks see different info provided
867 with the uname() system call.
868
869 config KERNEL_IPC_NS
870 bool "IPC namespace"
871 default y
872 help
873 In this namespace, tasks work with IPC ids which correspond to
874 different IPC objects in different namespaces.
875
876 config KERNEL_USER_NS
877 bool "User namespace (EXPERIMENTAL)"
878 default y
879 help
880 This allows containers, i.e. vservers, to use user namespaces
881 to provide different user info for different servers.
882
883 config KERNEL_PID_NS
884 bool "PID Namespaces"
885 default y
886 help
887 Support process id namespaces. This allows having multiple
888 processes with the same pid as long as they are in different
889 pid namespaces. This is a building block of containers.
890
891 config KERNEL_NET_NS
892 bool "Network namespace"
893 default y
894 help
895 Allow user space to create what appear to be multiple instances
896 of the network stack.
897
898 endif
899
900 config KERNEL_DEVPTS_MULTIPLE_INSTANCES
901 bool "Support multiple instances of devpts"
902 default y if !SMALL_FLASH
903 help
904 Enable support for multiple instances of devpts filesystem.
905 If you want to have isolated PTY namespaces (eg: in containers),
906 say Y here. Otherwise, say N. If enabled, each mount of devpts
907 filesystem with the '-o newinstance' option will create an
908 independent PTY namespace.
909
910 config KERNEL_POSIX_MQUEUE
911 bool "POSIX Message Queues"
912 default y if !SMALL_FLASH
913 help
914 POSIX variant of message queues is a part of IPC. In POSIX message
915 queues every message has a priority which decides about succession
916 of receiving it by a process. If you want to compile and run
917 programs written e.g. for Solaris with use of its POSIX message
918 queues (functions mq_*) say Y here.
919
920 POSIX message queues are visible as a filesystem called 'mqueue'
921 and can be mounted somewhere if you want to do filesystem
922 operations on message queues.
923
924
925 config KERNEL_SECCOMP_FILTER
926 bool
927 default y if !SMALL_FLASH
928
929 config KERNEL_SECCOMP
930 bool "Enable seccomp support"
931 depends on !(TARGET_uml)
932 select KERNEL_SECCOMP_FILTER
933 default y if !SMALL_FLASH
934 help
935 Build kernel with support for seccomp.
936
937 #
938 # IPv4 configuration
939 #
940
941 config KERNEL_IP_MROUTE
942 bool "Enable IPv4 multicast routing"
943 default y
944 help
945 Multicast routing requires a multicast routing daemon in
946 addition to kernel support.
947
948 #
949 # IPv6 configuration
950 #
951
952 config KERNEL_IPV6
953 def_bool IPV6
954
955 if KERNEL_IPV6
956
957 config KERNEL_IPV6_MULTIPLE_TABLES
958 def_bool y
959
960 config KERNEL_IPV6_SUBTREES
961 def_bool y
962
963 config KERNEL_IPV6_MROUTE
964 bool "Enable IPv6 multicast routing"
965 default y
966 help
967 Multicast routing requires a multicast routing daemon in
968 addition to kernel support.
969
970 config KERNEL_IPV6_PIMSM_V2
971 def_bool n
972
973 config KERNEL_IPV6_SEG6_LWTUNNEL
974 bool "Enable support for lightweight tunnels"
975 default y if !SMALL_FLASH
976 help
977 Using lwtunnel (needed for IPv6 segment routing) requires ip-full package.
978
979 config KERNEL_LWTUNNEL_BPF
980 def_bool n
981
982 endif
983
984 #
985 # NFS related symbols
986 #
987 config KERNEL_IP_PNP
988 bool "Compile the kernel with rootfs on NFS"
989 help
990 If you want to make your kernel boot off a NFS server as root
991 filesystem, select Y here.
992
993 if KERNEL_IP_PNP
994
995 config KERNEL_IP_PNP_DHCP
996 def_bool y
997
998 config KERNEL_IP_PNP_BOOTP
999 def_bool n
1000
1001 config KERNEL_IP_PNP_RARP
1002 def_bool n
1003
1004 config KERNEL_NFS_FS
1005 def_bool y
1006
1007 config KERNEL_NFS_V2
1008 def_bool y
1009
1010 config KERNEL_NFS_V3
1011 def_bool y
1012
1013 config KERNEL_ROOT_NFS
1014 def_bool y
1015
1016 endif
1017
1018 menu "Filesystem ACL and attr support options"
1019 config USE_FS_ACL_ATTR
1020 bool "Use filesystem ACL and attr support by default"
1021 default n
1022 help
1023 Make using ACLs (e.g. POSIX ACL, NFSv4 ACL) the default
1024 for kernel and packages, except tmpfs, flash filesystems,
1025 and old NFS. Also enable userspace extended attribute support
1026 by default. (OpenWrt already has an expection it will be
1027 present in the kernel).
1028
1029 config KERNEL_FS_POSIX_ACL
1030 bool "Enable POSIX ACL support"
1031 default y if USE_FS_ACL_ATTR
1032
1033 config KERNEL_BTRFS_FS_POSIX_ACL
1034 bool "Enable POSIX ACL for BtrFS Filesystems"
1035 select KERNEL_FS_POSIX_ACL
1036 default y if USE_FS_ACL_ATTR
1037
1038 config KERNEL_EXT4_FS_POSIX_ACL
1039 bool "Enable POSIX ACL for Ext4 Filesystems"
1040 select KERNEL_FS_POSIX_ACL
1041 default y if USE_FS_ACL_ATTR
1042
1043 config KERNEL_F2FS_FS_POSIX_ACL
1044 bool "Enable POSIX ACL for F2FS Filesystems"
1045 select KERNEL_FS_POSIX_ACL
1046 default n
1047
1048 config KERNEL_JFFS2_FS_POSIX_ACL
1049 bool "Enable POSIX ACL for JFFS2 Filesystems"
1050 select KERNEL_FS_POSIX_ACL
1051 default n
1052
1053 config KERNEL_TMPFS_POSIX_ACL
1054 bool "Enable POSIX ACL for TMPFS Filesystems"
1055 select KERNEL_FS_POSIX_ACL
1056 default n
1057
1058 config KERNEL_CIFS_ACL
1059 bool "Enable CIFS ACLs"
1060 select KERNEL_FS_POSIX_ACL
1061 default y if USE_FS_ACL_ATTR
1062
1063 config KERNEL_HFS_FS_POSIX_ACL
1064 bool "Enable POSIX ACL for HFS Filesystems"
1065 select KERNEL_FS_POSIX_ACL
1066 default y if USE_FS_ACL_ATTR
1067
1068 config KERNEL_HFSPLUS_FS_POSIX_ACL
1069 bool "Enable POSIX ACL for HFS+ Filesystems"
1070 select KERNEL_FS_POSIX_ACL
1071 default y if USE_FS_ACL_ATTR
1072
1073 config KERNEL_NFS_ACL_SUPPORT
1074 bool "Enable ACLs for NFS"
1075 default y if USE_FS_ACL_ATTR
1076
1077 config KERNEL_NFS_V3_ACL_SUPPORT
1078 bool "Enable ACLs for NFSv3"
1079 default n
1080
1081 config KERNEL_NFSD_V2_ACL_SUPPORT
1082 bool "Enable ACLs for NFSDv2"
1083 default n
1084
1085 config KERNEL_NFSD_V3_ACL_SUPPORT
1086 bool "Enable ACLs for NFSDv3"
1087 default n
1088
1089 config KERNEL_REISER_FS_POSIX_ACL
1090 bool "Enable POSIX ACLs for ReiserFS"
1091 select KERNEL_FS_POSIX_ACL
1092 default y if USE_FS_ACL_ATTR
1093
1094 config KERNEL_XFS_POSIX_ACL
1095 bool "Enable POSIX ACLs for XFS"
1096 select KERNEL_FS_POSIX_ACL
1097 default y if USE_FS_ACL_ATTR
1098
1099 config KERNEL_JFS_POSIX_ACL
1100 bool "Enable POSIX ACLs for JFS"
1101 select KERNEL_FS_POSIX_ACL
1102 default y if USE_FS_ACL_ATTR
1103
1104 endmenu
1105
1106 config KERNEL_DEVMEM
1107 bool "/dev/mem virtual device support"
1108 help
1109 Say Y here if you want to support the /dev/mem device.
1110 The /dev/mem device is used to access areas of physical
1111 memory.
1112
1113 config KERNEL_DEVKMEM
1114 bool "/dev/kmem virtual device support"
1115 help
1116 Say Y here if you want to support the /dev/kmem device. The
1117 /dev/kmem device is rarely used, but can be used for certain
1118 kind of kernel debugging operations.
1119
1120 config KERNEL_SQUASHFS_FRAGMENT_CACHE_SIZE
1121 int "Number of squashfs fragments cached"
1122 default 2 if (SMALL_FLASH && !LOW_MEMORY_FOOTPRINT)
1123 default 3
1124
1125 config KERNEL_SQUASHFS_XATTR
1126 bool "Squashfs XATTR support"
1127
1128 #
1129 # compile optimiziation setting
1130 #
1131 choice
1132 prompt "Compiler optimization level"
1133 default KERNEL_CC_OPTIMIZE_FOR_SIZE if SMALL_FLASH
1134
1135 config KERNEL_CC_OPTIMIZE_FOR_PERFORMANCE
1136 bool "Optimize for performance"
1137 help
1138 This is the default optimization level for the kernel, building
1139 with the "-O2" compiler flag for best performance and most
1140 helpful compile-time warnings.
1141
1142 config KERNEL_CC_OPTIMIZE_FOR_SIZE
1143 bool "Optimize for size"
1144 help
1145 Enabling this option will pass "-Os" instead of "-O2" to
1146 your compiler resulting in a smaller kernel.
1147
1148 endchoice
1149
1150 config KERNEL_AUDIT
1151 bool "Auditing support"
1152
1153 config KERNEL_SECURITY
1154 bool "Enable different security models"
1155
1156 config KERNEL_SECURITY_NETWORK
1157 bool "Socket and Networking Security Hooks"
1158 select KERNEL_SECURITY
1159
1160 config KERNEL_SECURITY_SELINUX
1161 bool "NSA SELinux Support"
1162 select KERNEL_SECURITY_NETWORK
1163 select KERNEL_AUDIT
1164
1165 config KERNEL_SECURITY_SELINUX_BOOTPARAM
1166 bool "NSA SELinux boot parameter"
1167 depends on KERNEL_SECURITY_SELINUX
1168 default y
1169
1170 config KERNEL_SECURITY_SELINUX_DISABLE
1171 bool "NSA SELinux runtime disable"
1172 depends on KERNEL_SECURITY_SELINUX
1173
1174 config KERNEL_SECURITY_SELINUX_DEVELOP
1175 bool "NSA SELinux Development Support"
1176 depends on KERNEL_SECURITY_SELINUX
1177 default y
1178
1179 config KERNEL_SECURITY_SELINUX_SIDTAB_HASH_BITS
1180 int
1181 depends on KERNEL_SECURITY_SELINUX
1182 default 9
1183
1184 config KERNEL_SECURITY_SELINUX_SID2STR_CACHE_SIZE
1185 int
1186 depends on KERNEL_SECURITY_SELINUX
1187 default 256
1188
1189 config KERNEL_LSM
1190 string
1191 default "lockdown,yama,loadpin,safesetid,integrity,selinux"
1192 depends on KERNEL_SECURITY_SELINUX
1193
1194 config KERNEL_EXT4_FS_SECURITY
1195 bool "Ext4 Security Labels"
1196
1197 config KERNEL_F2FS_FS_SECURITY
1198 bool "F2FS Security Labels"
1199
1200 config KERNEL_UBIFS_FS_SECURITY
1201 bool "UBIFS Security Labels"
1202
1203 config KERNEL_JFFS2_FS_SECURITY
1204 bool "JFFS2 Security Labels"
Staging tree of Zoltan Herpai