projects / openwrt / staging / chunkeey.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
build: use SPDX license tags
[openwrt/staging/chunkeey.git] / config / Config-kernel.in
1 # SPDX-License-Identifier: GPL-2.0-only
2 #
3 # Copyright (C) 2006-2014 OpenWrt.org
4
5 config KERNEL_BUILD_USER
6 string "Custom Kernel Build User Name"
7 default "builder" if BUILDBOT
8 default ""
9 help
10 Sets the Kernel build user string, which for example will be returned
11 by 'uname -a' on running systems.
12 If not set, uses system user at build time.
13
14 config KERNEL_BUILD_DOMAIN
15 string "Custom Kernel Build Domain Name"
16 default "buildhost" if BUILDBOT
17 default ""
18 help
19 Sets the Kernel build domain string, which for example will be
20 returned by 'uname -a' on running systems.
21 If not set, uses system hostname at build time.
22
23 config KERNEL_PRINTK
24 bool "Enable support for printk"
25 default y
26
27 config KERNEL_CRASHLOG
28 bool "Crash logging"
29 depends on !(arm || powerpc || sparc || TARGET_uml || i386 || x86_64)
30 default y
31
32 config KERNEL_SWAP
33 bool "Support for paging of anonymous memory (swap)"
34 default y if !SMALL_FLASH
35
36 config KERNEL_PROC_STRIPPED
37 bool "Strip non-essential /proc functionality to reduce code size"
38 default y if SMALL_FLASH
39
40 config KERNEL_DEBUG_FS
41 bool "Compile the kernel with debug filesystem enabled"
42 default y
43 help
44 debugfs is a virtual file system that kernel developers use to put
45 debugging files into. Enable this option to be able to read and
46 write to these files. Many common debugging facilities, such as
47 ftrace, require the existence of debugfs.
48
49 config KERNEL_MIPS_FP_SUPPORT
50 bool
51 default y if TARGET_pistachio
52
53 config KERNEL_ARM_PMU
54 bool
55 default n
56 depends on (arm || aarch64)
57
58 config KERNEL_X86_VSYSCALL_EMULATION
59 bool "Enable vsyscall emulation"
60 default n
61 depends on x86_64
62 help
63 This enables emulation of the legacy vsyscall page. Disabling
64 it is roughly equivalent to booting with vsyscall=none, except
65 that it will also disable the helpful warning if a program
66 tries to use a vsyscall. With this option set to N, offending
67 programs will just segfault, citing addresses of the form
68 0xffffffffff600?00.
69
70 This option is required by many programs built before 2013, and
71 care should be used even with newer programs if set to N.
72
73 Disabling this option saves about 7K of kernel size and
74 possibly 4K of additional runtime pagetable memory.
75
76 config KERNEL_PERF_EVENTS
77 bool "Compile the kernel with performance events and counters"
78 default n
79 select KERNEL_ARM_PMU if (arm || aarch64)
80
81 config KERNEL_PROFILING
82 bool "Compile the kernel with profiling enabled"
83 default n
84 select KERNEL_PERF_EVENTS
85 help
86 Enable the extended profiling support mechanisms used by profilers such
87 as OProfile.
88
89 config KERNEL_UBSAN
90 bool "Compile the kernel with undefined behaviour sanity checker"
91 help
92 This option enables undefined behaviour sanity checker
93 Compile-time instrumentation is used to detect various undefined
94 behaviours in runtime. Various types of checks may be enabled
95 via boot parameter ubsan_handle
96 (see: Documentation/dev-tools/ubsan.rst).
97
98 config KERNEL_UBSAN_SANITIZE_ALL
99 bool "Enable instrumentation for the entire kernel"
100 depends on KERNEL_UBSAN
101 default y
102 help
103 This option activates instrumentation for the entire kernel.
104 If you don't enable this option, you have to explicitly specify
105 UBSAN_SANITIZE := y for the files/directories you want to check for UB.
106 Enabling this option will get kernel image size increased
107 significantly.
108
109 config KERNEL_UBSAN_ALIGNMENT
110 bool "Enable checking of pointers alignment"
111 depends on KERNEL_UBSAN
112 help
113 This option enables detection of unaligned memory accesses.
114 Enabling this option on architectures that support unaligned
115 accesses may produce a lot of false positives.
116
117 config KERNEL_UBSAN_NULL
118 bool "Enable checking of null pointers"
119 depends on KERNEL_UBSAN
120 help
121 This option enables detection of memory accesses via a
122 null pointer.
123
124 config KERNEL_KASAN
125 bool "Compile the kernel with KASan: runtime memory debugger"
126 select KERNEL_SLUB_DEBUG
127 depends on (x86_64 || aarch64)
128 help
129 Enables kernel address sanitizer - runtime memory debugger,
130 designed to find out-of-bounds accesses and use-after-free bugs.
131 This is strictly a debugging feature and it requires a gcc version
132 of 4.9.2 or later. Detection of out of bounds accesses to stack or
133 global variables requires gcc 5.0 or later.
134 This feature consumes about 1/8 of available memory and brings about
135 ~x3 performance slowdown.
136 For better error detection enable CONFIG_STACKTRACE.
137 Currently CONFIG_KASAN doesn't work with CONFIG_DEBUG_SLAB
138 (the resulting kernel does not boot).
139
140 config KERNEL_KASAN_EXTRA
141 bool "KAsan: extra checks"
142 depends on KERNEL_KASAN && KERNEL_DEBUG_KERNEL
143 help
144 This enables further checks in the kernel address sanitizer, for now
145 it only includes the address-use-after-scope check that can lead
146 to excessive kernel stack usage, frame size warnings and longer
147 compile time.
148 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715 has more
149
150
151 choice
152 prompt "Instrumentation type"
153 depends on KERNEL_KASAN
154 default KERNEL_KASAN_OUTLINE
155
156 config KERNEL_KASAN_OUTLINE
157 bool "Outline instrumentation"
158 help
159 Before every memory access compiler insert function call
160 __asan_load*/__asan_store*. These functions performs check
161 of shadow memory. This is slower than inline instrumentation,
162 however it doesn't bloat size of kernel's .text section so
163 much as inline does.
164
165 config KERNEL_KASAN_INLINE
166 bool "Inline instrumentation"
167 help
168 Compiler directly inserts code checking shadow memory before
169 memory accesses. This is faster than outline (in some workloads
170 it gives about x2 boost over outline instrumentation), but
171 make kernel's .text size much bigger.
172 This requires a gcc version of 5.0 or later.
173
174 endchoice
175
176 config KERNEL_KCOV
177 bool "Compile the kernel with code coverage for fuzzing"
178 select KERNEL_DEBUG_FS
179 help
180 KCOV exposes kernel code coverage information in a form suitable
181 for coverage-guided fuzzing (randomized testing).
182
183 If RANDOMIZE_BASE is enabled, PC values will not be stable across
184 different machines and across reboots. If you need stable PC values,
185 disable RANDOMIZE_BASE.
186
187 For more details, see Documentation/kcov.txt.
188
189 config KERNEL_KCOV_ENABLE_COMPARISONS
190 bool "Enable comparison operands collection by KCOV"
191 depends on KERNEL_KCOV
192 help
193 KCOV also exposes operands of every comparison in the instrumented
194 code along with operand sizes and PCs of the comparison instructions.
195 These operands can be used by fuzzing engines to improve the quality
196 of fuzzing coverage.
197
198 config KERNEL_KCOV_INSTRUMENT_ALL
199 bool "Instrument all code by default"
200 depends on KERNEL_KCOV
201 default y if KERNEL_KCOV
202 help
203 If you are doing generic system call fuzzing (like e.g. syzkaller),
204 then you will want to instrument the whole kernel and you should
205 say y here. If you are doing more targeted fuzzing (like e.g.
206 filesystem fuzzing with AFL) then you will want to enable coverage
207 for more specific subsets of files, and should say n here.
208
209 config KERNEL_TASKSTATS
210 bool "Compile the kernel with task resource/io statistics and accounting"
211 default n
212 help
213 Enable the collection and publishing of task/io statistics and
214 accounting. Enable this option to enable i/o monitoring in system
215 monitors.
216
217 if KERNEL_TASKSTATS
218
219 config KERNEL_TASK_DELAY_ACCT
220 def_bool y
221
222 config KERNEL_TASK_IO_ACCOUNTING
223 def_bool y
224
225 config KERNEL_TASK_XACCT
226 def_bool y
227
228 endif
229
230 config KERNEL_KALLSYMS
231 bool "Compile the kernel with symbol table information"
232 default y if !SMALL_FLASH
233 help
234 This will give you more information in stack traces from kernel oopses.
235
236 config KERNEL_FTRACE
237 bool "Compile the kernel with tracing support"
238 depends on !TARGET_uml
239 default n
240
241 config KERNEL_FTRACE_SYSCALLS
242 bool "Trace system calls"
243 depends on KERNEL_FTRACE
244 default n
245
246 config KERNEL_ENABLE_DEFAULT_TRACERS
247 bool "Trace process context switches and events"
248 depends on KERNEL_FTRACE
249 default n
250
251 config KERNEL_FUNCTION_TRACER
252 bool "Function tracer"
253 depends on KERNEL_FTRACE
254 default n
255
256 config KERNEL_FUNCTION_GRAPH_TRACER
257 bool "Function graph tracer"
258 depends on KERNEL_FUNCTION_TRACER
259 default n
260
261 config KERNEL_DYNAMIC_FTRACE
262 bool "Enable/disable function tracing dynamically"
263 depends on KERNEL_FUNCTION_TRACER
264 default n
265
266 config KERNEL_FUNCTION_PROFILER
267 bool "Function profiler"
268 depends on KERNEL_FUNCTION_TRACER
269 default n
270
271 config KERNEL_IRQSOFF_TRACER
272 bool "Interrupts-off Latency Tracer"
273 depends on KERNEL_FTRACE
274 help
275 This option measures the time spent in irqs-off critical
276 sections, with microsecond accuracy.
277
278 The default measurement method is a maximum search, which is
279 disabled by default and can be runtime (re-)started
280 via:
281
282 echo 0 > /sys/kernel/debug/tracing/tracing_max_latency
283
284 (Note that kernel size and overhead increase with this option
285 enabled. This option and the preempt-off timing option can be
286 used together or separately.)
287
288 config KERNEL_PREEMPT_TRACER
289 bool "Preemption-off Latency Tracer"
290 depends on KERNEL_FTRACE
291 help
292 This option measures the time spent in preemption-off critical
293 sections, with microsecond accuracy.
294
295 The default measurement method is a maximum search, which is
296 disabled by default and can be runtime (re-)started
297 via:
298
299 echo 0 > /sys/kernel/debug/tracing/tracing_max_latency
300
301 (Note that kernel size and overhead increase with this option
302 enabled. This option and the irqs-off timing option can be
303 used together or separately.)
304
305 config KERNEL_DEBUG_KERNEL
306 bool
307 default n
308
309 config KERNEL_DEBUG_INFO
310 bool "Compile the kernel with debug information"
311 default y if !SMALL_FLASH
312 select KERNEL_DEBUG_KERNEL
313 help
314 This will compile your kernel and modules with debug information.
315
316 config KERNEL_DEBUG_LL_UART_NONE
317 bool
318 default n
319 depends on arm
320
321 config KERNEL_DEBUG_LL
322 bool
323 default n
324 depends on arm
325 select KERNEL_DEBUG_LL_UART_NONE
326 help
327 ARM low level debugging.
328
329 config KERNEL_DYNAMIC_DEBUG
330 bool "Compile the kernel with dynamic printk"
331 select KERNEL_DEBUG_FS
332 default n
333 help
334 Compiles debug level messages into the kernel, which would not
335 otherwise be available at runtime. These messages can then be
336 enabled/disabled based on various levels of scope - per source file,
337 function, module, format string, and line number. This mechanism
338 implicitly compiles in all pr_debug() and dev_dbg() calls, which
339 enlarges the kernel text size by about 2%.
340
341 config KERNEL_EARLY_PRINTK
342 bool "Compile the kernel with early printk"
343 default y if TARGET_bcm53xx
344 default n
345 depends on arm
346 select KERNEL_DEBUG_KERNEL
347 select KERNEL_DEBUG_LL if arm
348 help
349 Compile the kernel with early printk support. This is only useful for
350 debugging purposes to send messages over the serial console in early boot.
351 Enable this to debug early boot problems.
352
353 config KERNEL_KPROBES
354 bool "Compile the kernel with kprobes support"
355 default n
356 select KERNEL_FTRACE
357 select KERNEL_PERF_EVENTS
358 help
359 Compiles the kernel with KPROBES support, which allows you to trap
360 at almost any kernel address and execute a callback function.
361 register_kprobe() establishes a probepoint and specifies the
362 callback. Kprobes is useful for kernel debugging, non-intrusive
363 instrumentation and testing.
364 If in doubt, say "N".
365
366 config KERNEL_KPROBE_EVENTS
367 bool
368 default y if KERNEL_KPROBES
369
370 config KERNEL_AIO
371 bool "Compile the kernel with asynchronous IO support"
372 default y if !SMALL_FLASH
373
374 config KERNEL_IO_URING
375 bool "Compile the kernel with io_uring support"
376 default y if !SMALL_FLASH
377
378 config KERNEL_FHANDLE
379 bool "Compile the kernel with support for fhandle syscalls"
380 default y if !SMALL_FLASH
381
382 config KERNEL_FANOTIFY
383 bool "Compile the kernel with modern file notification support"
384 default y if !SMALL_FLASH
385
386 config KERNEL_BLK_DEV_BSG
387 bool "Compile the kernel with SCSI generic v4 support for any block device"
388 default n
389
390 config KERNEL_TRANSPARENT_HUGEPAGE
391 bool
392
393 choice
394 prompt "Transparent Hugepage Support sysfs defaults"
395 depends on KERNEL_TRANSPARENT_HUGEPAGE
396 default KERNEL_TRANSPARENT_HUGEPAGE_ALWAYS
397
398 config KERNEL_TRANSPARENT_HUGEPAGE_ALWAYS
399 bool "always"
400
401 config KERNEL_TRANSPARENT_HUGEPAGE_MADVISE
402 bool "madvise"
403 endchoice
404
405 config KERNEL_HUGETLBFS
406 bool
407
408 config KERNEL_HUGETLB_PAGE
409 bool "Compile the kernel with HugeTLB support"
410 select KERNEL_TRANSPARENT_HUGEPAGE
411 select KERNEL_HUGETLBFS
412 default n
413
414 config KERNEL_MAGIC_SYSRQ
415 bool "Compile the kernel with SysRq support"
416 default y
417
418 config KERNEL_DEBUG_PINCTRL
419 bool "Compile the kernel with pinctrl debugging"
420 select KERNEL_DEBUG_KERNEL
421
422 config KERNEL_DEBUG_GPIO
423 bool "Compile the kernel with gpio debugging"
424 select KERNEL_DEBUG_KERNEL
425
426 config KERNEL_COREDUMP
427 bool
428
429 config KERNEL_ELF_CORE
430 bool "Enable process core dump support"
431 select KERNEL_COREDUMP
432 default y if !SMALL_FLASH
433
434 config KERNEL_PROVE_LOCKING
435 bool "Enable kernel lock checking"
436 select KERNEL_DEBUG_KERNEL
437 default n
438
439 config KERNEL_LOCKUP_DETECTOR
440 bool "Compile the kernel with detect Hard and Soft Lockups"
441 depends on KERNEL_DEBUG_KERNEL
442 help
443 Say Y here to enable the kernel to act as a watchdog to detect
444 hard and soft lockups.
445
446 Softlockups are bugs that cause the kernel to loop in kernel
447 mode for more than 20 seconds, without giving other tasks a
448 chance to run. The current stack trace is displayed upon
449 detection and the system will stay locked up.
450
451 Hardlockups are bugs that cause the CPU to loop in kernel mode
452 for more than 10 seconds, without letting other interrupts have a
453 chance to run. The current stack trace is displayed upon detection
454 and the system will stay locked up.
455
456 The overhead should be minimal. A periodic hrtimer runs to
457 generate interrupts and kick the watchdog task every 4 seconds.
458 An NMI is generated every 10 seconds or so to check for hardlockups.
459
460 The frequency of hrtimer and NMI events and the soft and hard lockup
461 thresholds can be controlled through the sysctl watchdog_thresh.
462
463 config KERNEL_DETECT_HUNG_TASK
464 bool "Compile the kernel with detect Hung Tasks"
465 depends on KERNEL_DEBUG_KERNEL
466 default KERNEL_LOCKUP_DETECTOR
467 help
468 Say Y here to enable the kernel to detect "hung tasks",
469 which are bugs that cause the task to be stuck in
470 uninterruptible "D" state indefinitely.
471
472 When a hung task is detected, the kernel will print the
473 current stack trace (which you should report), but the
474 task will stay in uninterruptible state. If lockdep is
475 enabled then all held locks will also be reported. This
476 feature has negligible overhead.
477
478 config KERNEL_WQ_WATCHDOG
479 bool "Compile the kernel with detect Workqueue Stalls"
480 depends on KERNEL_DEBUG_KERNEL
481 help
482 Say Y here to enable stall detection on workqueues. If a
483 worker pool doesn't make forward progress on a pending work
484 item for over a given amount of time, 30s by default, a
485 warning message is printed along with dump of workqueue
486 state. This can be configured through kernel parameter
487 "workqueue.watchdog_thresh" and its sysfs counterpart.
488
489 config KERNEL_DEBUG_ATOMIC_SLEEP
490 bool "Compile the kernel with sleep inside atomic section checking"
491 depends on KERNEL_DEBUG_KERNEL
492 help
493 If you say Y here, various routines which may sleep will become very
494 noisy if they are called inside atomic sections: when a spinlock is
495 held, inside an rcu read side critical section, inside preempt disabled
496 sections, inside an interrupt, etc...
497
498 config KERNEL_DEBUG_VM
499 bool "Compile the kernel with debug VM"
500 depends on KERNEL_DEBUG_KERNEL
501 help
502 Enable this to turn on extended checks in the virtual-memory system
503 that may impact performance.
504
505 If unsure, say N.
506
507 config KERNEL_PRINTK_TIME
508 bool "Enable printk timestamps"
509 default y
510
511 config KERNEL_SLUB_DEBUG
512 bool
513
514 config KERNEL_SLUB_DEBUG_ON
515 bool
516
517 config KERNEL_SLABINFO
518 select KERNEL_SLUB_DEBUG
519 select KERNEL_SLUB_DEBUG_ON
520 bool "Enable /proc slab debug info"
521
522 config KERNEL_PROC_PAGE_MONITOR
523 bool "Enable /proc page monitoring"
524
525 config KERNEL_RELAY
526 bool
527
528 config KERNEL_KEXEC
529 bool "Enable kexec support"
530
531 config KERNEL_PROC_VMCORE
532 bool
533
534 config KERNEL_PROC_KCORE
535 bool
536
537 config KERNEL_CRASH_DUMP
538 depends on i386 || x86_64 || arm || armeb
539 select KERNEL_KEXEC
540 select KERNEL_PROC_VMCORE
541 select KERNEL_PROC_KCORE
542 bool "Enable support for kexec crashdump"
543 default y
544
545 config USE_RFKILL
546 bool "Enable rfkill support"
547 default RFKILL_SUPPORT
548
549 config USE_SPARSE
550 bool "Enable sparse check during kernel build"
551 default n
552
553 config KERNEL_DEVTMPFS
554 bool "Compile the kernel with device tmpfs enabled"
555 default n
556 help
557 devtmpfs is a simple, kernel-managed /dev filesystem. The kernel creates
558 devices nodes for all registered devices to simplify boot, but leaves more
559 complex tasks to userspace (e.g. udev).
560
561 if KERNEL_DEVTMPFS
562
563 config KERNEL_DEVTMPFS_MOUNT
564 bool "Automatically mount devtmpfs after root filesystem is mounted"
565 default n
566
567 endif
568
569 config KERNEL_KEYS
570 bool "Enable kernel access key retention support"
571 default !SMALL_FLASH
572
573 config KERNEL_PERSISTENT_KEYRINGS
574 bool "Enable kernel persistent keyrings"
575 depends on KERNEL_KEYS
576 default n
577
578 config KERNEL_KEYS_REQUEST_CACHE
579 bool "Enable temporary caching of the last request_key() result"
580 depends on KERNEL_KEYS
581 default n
582
583 config KERNEL_BIG_KEYS
584 bool "Enable large payload keys on kernel keyrings"
585 depends on KERNEL_KEYS
586 default n
587
588 #
589 # CGROUP support symbols
590 #
591
592 config KERNEL_CGROUPS
593 bool "Enable kernel cgroups"
594 default y if !SMALL_FLASH
595
596 if KERNEL_CGROUPS
597
598 config KERNEL_CGROUP_DEBUG
599 bool "Example debug cgroup subsystem"
600 default n
601 help
602 This option enables a simple cgroup subsystem that
603 exports useful debugging information about the cgroups
604 framework.
605
606 config KERNEL_FREEZER
607 bool
608
609 config KERNEL_CGROUP_FREEZER
610 bool "legacy Freezer cgroup subsystem"
611 default n
612 select KERNEL_FREEZER
613 help
614 Provides a way to freeze and unfreeze all tasks in a
615 cgroup.
616 (legacy cgroup1-only controller, in cgroup2 freezer
617 is integrated in the Memory controller)
618
619 config KERNEL_CGROUP_DEVICE
620 bool "legacy Device controller for cgroups"
621 default n
622 help
623 Provides a cgroup implementing whitelists for devices which
624 a process in the cgroup can mknod or open.
625 (legacy cgroup1-only controller)
626
627 config KERNEL_CGROUP_HUGETLB
628 bool "HugeTLB controller"
629 default n
630 select KERNEL_HUGETLB_PAGE
631
632 config KERNEL_CGROUP_PIDS
633 bool "PIDs cgroup subsystem"
634 default y
635 help
636 Provides enforcement of process number limits in the scope of a
637 cgroup.
638
639 config KERNEL_CGROUP_RDMA
640 bool "RDMA controller for cgroups"
641 default y
642
643 config KERNEL_CGROUP_BPF
644 bool "Support for eBPF programs attached to cgroups"
645 default y
646
647 config KERNEL_CPUSETS
648 bool "Cpuset support"
649 default y
650 help
651 This option will let you create and manage CPUSETs which
652 allow dynamically partitioning a system into sets of CPUs and
653 Memory Nodes and assigning tasks to run only within those sets.
654 This is primarily useful on large SMP or NUMA systems.
655
656 config KERNEL_PROC_PID_CPUSET
657 bool "Include legacy /proc/<pid>/cpuset file"
658 default n
659 depends on KERNEL_CPUSETS
660
661 config KERNEL_CGROUP_CPUACCT
662 bool "Simple CPU accounting cgroup subsystem"
663 default y
664 help
665 Provides a simple Resource Controller for monitoring the
666 total CPU consumed by the tasks in a cgroup.
667
668 config KERNEL_RESOURCE_COUNTERS
669 bool "Resource counters"
670 default y
671 help
672 This option enables controller independent resource accounting
673 infrastructure that works with cgroups.
674
675 config KERNEL_MM_OWNER
676 bool
677 default y if KERNEL_MEMCG
678
679 config KERNEL_MEMCG
680 bool "Memory Resource Controller for Control Groups"
681 default y
682 select KERNEL_FREEZER
683 depends on KERNEL_RESOURCE_COUNTERS || !LINUX_3_18
684 help
685 Provides a memory resource controller that manages both anonymous
686 memory and page cache. (See Documentation/cgroups/memory.txt)
687
688 Note that setting this option increases fixed memory overhead
689 associated with each page of memory in the system. By this,
690 20(40)bytes/PAGE_SIZE on 32(64)bit system will be occupied by memory
691 usage tracking struct at boot. Total amount of this is printed out
692 at boot.
693
694 Only enable when you're ok with these tradeoffs and really
695 sure you need the memory resource controller. Even when you enable
696 this, you can set "cgroup_disable=memory" at your boot option to
697 disable memory resource controller and you can avoid overheads
698 (but lose benefits of memory resource controller).
699
700 This config option also selects MM_OWNER config option, which
701 could in turn add some fork/exit overhead.
702
703 config KERNEL_MEMCG_SWAP
704 bool "Memory Resource Controller Swap Extension"
705 default y
706 depends on KERNEL_MEMCG
707 help
708 Add swap management feature to memory resource controller. When you
709 enable this, you can limit mem+swap usage per cgroup. In other words,
710 when you disable this, memory resource controller has no cares to
711 usage of swap...a process can exhaust all of the swap. This extension
712 is useful when you want to avoid exhaustion swap but this itself
713 adds more overheads and consumes memory for remembering information.
714 Especially if you use 32bit system or small memory system, please
715 be careful about enabling this. When memory resource controller
716 is disabled by boot option, this will be automatically disabled and
717 there will be no overhead from this. Even when you set this config=y,
718 if boot option "swapaccount=0" is set, swap will not be accounted.
719 Now, memory usage of swap_cgroup is 2 bytes per entry. If swap page
720 size is 4096bytes, 512k per 1Gbytes of swap.
721
722 config KERNEL_MEMCG_SWAP_ENABLED
723 bool "Memory Resource Controller Swap Extension enabled by default"
724 default n
725 depends on KERNEL_MEMCG_SWAP
726 help
727 Memory Resource Controller Swap Extension comes with its price in
728 a bigger memory consumption. General purpose distribution kernels
729 which want to enable the feature but keep it disabled by default
730 and let the user enable it by swapaccount boot command line
731 parameter should have this option unselected.
732
733 Those who want to have the feature enabled by default should
734 select this option (if, for some reason, they need to disable it,
735 then swapaccount=0 does the trick).
736
737
738 config KERNEL_MEMCG_KMEM
739 bool "Memory Resource Controller Kernel Memory accounting (EXPERIMENTAL)"
740 default y
741 depends on KERNEL_MEMCG
742 help
743 The Kernel Memory extension for Memory Resource Controller can limit
744 the amount of memory used by kernel objects in the system. Those are
745 fundamentally different from the entities handled by the standard
746 Memory Controller, which are page-based, and can be swapped. Users of
747 the kmem extension can use it to guarantee that no group of processes
748 will ever exhaust kernel resources alone.
749
750 config KERNEL_CGROUP_PERF
751 bool "Enable perf_event per-cpu per-container group (cgroup) monitoring"
752 select KERNEL_PERF_EVENTS
753 default n
754 help
755 This option extends the per-cpu mode to restrict monitoring to
756 threads which belong to the cgroup specified and run on the
757 designated cpu.
758
759 menuconfig KERNEL_CGROUP_SCHED
760 bool "Group CPU scheduler"
761 default y
762 help
763 This feature lets CPU scheduler recognize task groups and control CPU
764 bandwidth allocation to such task groups. It uses cgroups to group
765 tasks.
766
767 if KERNEL_CGROUP_SCHED
768
769 config KERNEL_FAIR_GROUP_SCHED
770 bool "Group scheduling for SCHED_OTHER"
771 default y
772
773 config KERNEL_CFS_BANDWIDTH
774 bool "CPU bandwidth provisioning for FAIR_GROUP_SCHED"
775 default y
776 depends on KERNEL_FAIR_GROUP_SCHED
777 help
778 This option allows users to define CPU bandwidth rates (limits) for
779 tasks running within the fair group scheduler. Groups with no limit
780 set are considered to be unconstrained and will run with no
781 restriction.
782 See tip/Documentation/scheduler/sched-bwc.txt for more information.
783
784 config KERNEL_RT_GROUP_SCHED
785 bool "Group scheduling for SCHED_RR/FIFO"
786 default y
787 help
788 This feature lets you explicitly allocate real CPU bandwidth
789 to task groups. If enabled, it will also make it impossible to
790 schedule realtime tasks for non-root users until you allocate
791 realtime bandwidth for them.
792
793 endif
794
795 config KERNEL_BLK_CGROUP
796 bool "Block IO controller"
797 default y
798 help
799 Generic block IO controller cgroup interface. This is the common
800 cgroup interface which should be used by various IO controlling
801 policies.
802
803 Currently, CFQ IO scheduler uses it to recognize task groups and
804 control disk bandwidth allocation (proportional time slice allocation)
805 to such task groups. It is also used by bio throttling logic in
806 block layer to implement upper limit in IO rates on a device.
807
808 This option only enables generic Block IO controller infrastructure.
809 One needs to also enable actual IO controlling logic/policy. For
810 enabling proportional weight division of disk bandwidth in CFQ, set
811 CONFIG_CFQ_GROUP_IOSCHED=y; for enabling throttling policy, set
812 CONFIG_BLK_DEV_THROTTLING=y.
813
814 if KERNEL_BLK_CGROUP
815
816 config KERNEL_CFQ_GROUP_IOSCHED
817 bool "Proportional weight of disk bandwidth in CFQ"
818
819 config KERNEL_BLK_DEV_THROTTLING
820 bool "Enable throttling policy"
821 default y
822
823 config KERNEL_BLK_DEV_THROTTLING_LOW
824 bool "Block throttling .low limit interface support (EXPERIMENTAL)"
825 depends on KERNEL_BLK_DEV_THROTTLING
826 endif
827
828 config KERNEL_DEBUG_BLK_CGROUP
829 bool "Enable Block IO controller debugging"
830 default n
831 depends on KERNEL_BLK_CGROUP
832 help
833 Enable some debugging help. Currently it exports additional stat
834 files in a cgroup which can be useful for debugging.
835
836 config KERNEL_NET_CLS_CGROUP
837 bool "legacy Control Group Classifier"
838 default n
839
840 config KERNEL_CGROUP_NET_CLASSID
841 bool "legacy Network classid cgroup"
842 default n
843
844 config KERNEL_CGROUP_NET_PRIO
845 bool "legacy Network priority cgroup"
846 default n
847
848 endif
849
850 #
851 # Namespace support symbols
852 #
853
854 config KERNEL_NAMESPACES
855 bool "Enable kernel namespaces"
856 default y if !SMALL_FLASH
857
858 if KERNEL_NAMESPACES
859
860 config KERNEL_UTS_NS
861 bool "UTS namespace"
862 default y
863 help
864 In this namespace, tasks see different info provided
865 with the uname() system call.
866
867 config KERNEL_IPC_NS
868 bool "IPC namespace"
869 default y
870 help
871 In this namespace, tasks work with IPC ids which correspond to
872 different IPC objects in different namespaces.
873
874 config KERNEL_USER_NS
875 bool "User namespace (EXPERIMENTAL)"
876 default y
877 help
878 This allows containers, i.e. vservers, to use user namespaces
879 to provide different user info for different servers.
880
881 config KERNEL_PID_NS
882 bool "PID Namespaces"
883 default y
884 help
885 Support process id namespaces. This allows having multiple
886 processes with the same pid as long as they are in different
887 pid namespaces. This is a building block of containers.
888
889 config KERNEL_NET_NS
890 bool "Network namespace"
891 default y
892 help
893 Allow user space to create what appear to be multiple instances
894 of the network stack.
895
896 endif
897
898 config KERNEL_DEVPTS_MULTIPLE_INSTANCES
899 bool "Support multiple instances of devpts"
900 default y if !SMALL_FLASH
901 help
902 Enable support for multiple instances of devpts filesystem.
903 If you want to have isolated PTY namespaces (eg: in containers),
904 say Y here. Otherwise, say N. If enabled, each mount of devpts
905 filesystem with the '-o newinstance' option will create an
906 independent PTY namespace.
907
908 config KERNEL_POSIX_MQUEUE
909 bool "POSIX Message Queues"
910 default y if !SMALL_FLASH
911 help
912 POSIX variant of message queues is a part of IPC. In POSIX message
913 queues every message has a priority which decides about succession
914 of receiving it by a process. If you want to compile and run
915 programs written e.g. for Solaris with use of its POSIX message
916 queues (functions mq_*) say Y here.
917
918 POSIX message queues are visible as a filesystem called 'mqueue'
919 and can be mounted somewhere if you want to do filesystem
920 operations on message queues.
921
922
923 config KERNEL_SECCOMP_FILTER
924 bool
925 default y if !SMALL_FLASH
926
927 config KERNEL_SECCOMP
928 bool "Enable seccomp support"
929 depends on !(TARGET_uml)
930 select KERNEL_SECCOMP_FILTER
931 default y if !SMALL_FLASH
932 help
933 Build kernel with support for seccomp.
934
935 #
936 # IPv4 configuration
937 #
938
939 config KERNEL_IP_MROUTE
940 bool "Enable IPv4 multicast routing"
941 default y
942 help
943 Multicast routing requires a multicast routing daemon in
944 addition to kernel support.
945
946 #
947 # IPv6 configuration
948 #
949
950 config KERNEL_IPV6
951 def_bool IPV6
952
953 if KERNEL_IPV6
954
955 config KERNEL_IPV6_MULTIPLE_TABLES
956 def_bool y
957
958 config KERNEL_IPV6_SUBTREES
959 def_bool y
960
961 config KERNEL_IPV6_MROUTE
962 bool "Enable IPv6 multicast routing"
963 default y
964 help
965 Multicast routing requires a multicast routing daemon in
966 addition to kernel support.
967
968 config KERNEL_IPV6_PIMSM_V2
969 def_bool n
970
971 config KERNEL_IPV6_SEG6_LWTUNNEL
972 bool "Enable support for lightweight tunnels"
973 default y if !SMALL_FLASH
974 help
975 Using lwtunnel (needed for IPv6 segment routing) requires ip-full package.
976
977 config KERNEL_LWTUNNEL_BPF
978 def_bool n
979
980 endif
981
982 #
983 # NFS related symbols
984 #
985 config KERNEL_IP_PNP
986 bool "Compile the kernel with rootfs on NFS"
987 help
988 If you want to make your kernel boot off a NFS server as root
989 filesystem, select Y here.
990
991 if KERNEL_IP_PNP
992
993 config KERNEL_IP_PNP_DHCP
994 def_bool y
995
996 config KERNEL_IP_PNP_BOOTP
997 def_bool n
998
999 config KERNEL_IP_PNP_RARP
1000 def_bool n
1001
1002 config KERNEL_NFS_FS
1003 def_bool y
1004
1005 config KERNEL_NFS_V2
1006 def_bool y
1007
1008 config KERNEL_NFS_V3
1009 def_bool y
1010
1011 config KERNEL_ROOT_NFS
1012 def_bool y
1013
1014 endif
1015
1016 menu "Filesystem ACL and attr support options"
1017 config USE_FS_ACL_ATTR
1018 bool "Use filesystem ACL and attr support by default"
1019 default n
1020 help
1021 Make using ACLs (e.g. POSIX ACL, NFSv4 ACL) the default
1022 for kernel and packages, except tmpfs, flash filesystems,
1023 and old NFS. Also enable userspace extended attribute support
1024 by default. (OpenWrt already has an expection it will be
1025 present in the kernel).
1026
1027 config KERNEL_FS_POSIX_ACL
1028 bool "Enable POSIX ACL support"
1029 default y if USE_FS_ACL_ATTR
1030
1031 config KERNEL_BTRFS_FS_POSIX_ACL
1032 bool "Enable POSIX ACL for BtrFS Filesystems"
1033 select KERNEL_FS_POSIX_ACL
1034 default y if USE_FS_ACL_ATTR
1035
1036 config KERNEL_EXT4_FS_POSIX_ACL
1037 bool "Enable POSIX ACL for Ext4 Filesystems"
1038 select KERNEL_FS_POSIX_ACL
1039 default y if USE_FS_ACL_ATTR
1040
1041 config KERNEL_F2FS_FS_POSIX_ACL
1042 bool "Enable POSIX ACL for F2FS Filesystems"
1043 select KERNEL_FS_POSIX_ACL
1044 default n
1045
1046 config KERNEL_JFFS2_FS_POSIX_ACL
1047 bool "Enable POSIX ACL for JFFS2 Filesystems"
1048 select KERNEL_FS_POSIX_ACL
1049 default n
1050
1051 config KERNEL_TMPFS_POSIX_ACL
1052 bool "Enable POSIX ACL for TMPFS Filesystems"
1053 select KERNEL_FS_POSIX_ACL
1054 default n
1055
1056 config KERNEL_CIFS_ACL
1057 bool "Enable CIFS ACLs"
1058 select KERNEL_FS_POSIX_ACL
1059 default y if USE_FS_ACL_ATTR
1060
1061 config KERNEL_HFS_FS_POSIX_ACL
1062 bool "Enable POSIX ACL for HFS Filesystems"
1063 select KERNEL_FS_POSIX_ACL
1064 default y if USE_FS_ACL_ATTR
1065
1066 config KERNEL_HFSPLUS_FS_POSIX_ACL
1067 bool "Enable POSIX ACL for HFS+ Filesystems"
1068 select KERNEL_FS_POSIX_ACL
1069 default y if USE_FS_ACL_ATTR
1070
1071 config KERNEL_NFS_ACL_SUPPORT
1072 bool "Enable ACLs for NFS"
1073 default y if USE_FS_ACL_ATTR
1074
1075 config KERNEL_NFS_V3_ACL_SUPPORT
1076 bool "Enable ACLs for NFSv3"
1077 default n
1078
1079 config KERNEL_NFSD_V2_ACL_SUPPORT
1080 bool "Enable ACLs for NFSDv2"
1081 default n
1082
1083 config KERNEL_NFSD_V3_ACL_SUPPORT
1084 bool "Enable ACLs for NFSDv3"
1085 default n
1086
1087 config KERNEL_REISER_FS_POSIX_ACL
1088 bool "Enable POSIX ACLs for ReiserFS"
1089 select KERNEL_FS_POSIX_ACL
1090 default y if USE_FS_ACL_ATTR
1091
1092 config KERNEL_XFS_POSIX_ACL
1093 bool "Enable POSIX ACLs for XFS"
1094 select KERNEL_FS_POSIX_ACL
1095 default y if USE_FS_ACL_ATTR
1096
1097 config KERNEL_JFS_POSIX_ACL
1098 bool "Enable POSIX ACLs for JFS"
1099 select KERNEL_FS_POSIX_ACL
1100 default y if USE_FS_ACL_ATTR
1101
1102 endmenu
1103
1104 config KERNEL_DEVMEM
1105 bool "/dev/mem virtual device support"
1106 help
1107 Say Y here if you want to support the /dev/mem device.
1108 The /dev/mem device is used to access areas of physical
1109 memory.
1110
1111 config KERNEL_DEVKMEM
1112 bool "/dev/kmem virtual device support"
1113 help
1114 Say Y here if you want to support the /dev/kmem device. The
1115 /dev/kmem device is rarely used, but can be used for certain
1116 kind of kernel debugging operations.
1117
1118 config KERNEL_SQUASHFS_FRAGMENT_CACHE_SIZE
1119 int "Number of squashfs fragments cached"
1120 default 2 if (SMALL_FLASH && !LOW_MEMORY_FOOTPRINT)
1121 default 3
1122
1123 config KERNEL_SQUASHFS_XATTR
1124 bool "Squashfs XATTR support"
1125
1126 #
1127 # compile optimiziation setting
1128 #
1129 choice
1130 prompt "Compiler optimization level"
1131 default KERNEL_CC_OPTIMIZE_FOR_SIZE if SMALL_FLASH
1132
1133 config KERNEL_CC_OPTIMIZE_FOR_PERFORMANCE
1134 bool "Optimize for performance"
1135 help
1136 This is the default optimization level for the kernel, building
1137 with the "-O2" compiler flag for best performance and most
1138 helpful compile-time warnings.
1139
1140 config KERNEL_CC_OPTIMIZE_FOR_SIZE
1141 bool "Optimize for size"
1142 help
1143 Enabling this option will pass "-Os" instead of "-O2" to
1144 your compiler resulting in a smaller kernel.
1145
1146 endchoice
1147
1148 config KERNEL_AUDIT
1149 bool "Auditing support"
1150
1151 config KERNEL_SECURITY
1152 bool "Enable different security models"
1153
1154 config KERNEL_SECURITY_NETWORK
1155 bool "Socket and Networking Security Hooks"
1156 select KERNEL_SECURITY
1157
1158 config KERNEL_SECURITY_SELINUX
1159 bool "NSA SELinux Support"
1160 select KERNEL_SECURITY_NETWORK
1161 select KERNEL_AUDIT
1162
1163 config KERNEL_SECURITY_SELINUX_BOOTPARAM
1164 bool "NSA SELinux boot parameter"
1165 depends on KERNEL_SECURITY_SELINUX
1166 default y
1167
1168 config KERNEL_SECURITY_SELINUX_DISABLE
1169 bool "NSA SELinux runtime disable"
1170 depends on KERNEL_SECURITY_SELINUX
1171
1172 config KERNEL_SECURITY_SELINUX_DEVELOP
1173 bool "NSA SELinux Development Support"
1174 depends on KERNEL_SECURITY_SELINUX
1175 default y
1176
1177 config KERNEL_SECURITY_SELINUX_SIDTAB_HASH_BITS
1178 int
1179 depends on KERNEL_SECURITY_SELINUX
1180 default 9
1181
1182 config KERNEL_SECURITY_SELINUX_SID2STR_CACHE_SIZE
1183 int
1184 depends on KERNEL_SECURITY_SELINUX
1185 default 256
1186
1187 config KERNEL_LSM
1188 string
1189 default "lockdown,yama,loadpin,safesetid,integrity,selinux"
1190 depends on KERNEL_SECURITY_SELINUX
1191
1192 config KERNEL_EXT4_FS_SECURITY
1193 bool "Ext4 Security Labels"
1194
1195 config KERNEL_F2FS_FS_SECURITY
1196 bool "F2FS Security Labels"
1197
1198 config KERNEL_UBIFS_FS_SECURITY
1199 bool "UBIFS Security Labels"
1200
1201 config KERNEL_JFFS2_FS_SECURITY
1202 bool "JFFS2 Security Labels"
Staging tree of Christian Lamparter