projects / openwrt / staging / chunkeey.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
kernel: enable SRv6 support by enabling lwtunnel
[openwrt/staging/chunkeey.git] / config / Config-kernel.in
1 # Copyright (C) 2006-2014 OpenWrt.org
2 #
3 # This is free software, licensed under the GNU General Public License v2.
4 # See /LICENSE for more information.
5 #
6
7 config KERNEL_BUILD_USER
8 string "Custom Kernel Build User Name"
9 default "builder" if BUILDBOT
10 default ""
11 help
12 Sets the Kernel build user string, which for example will be returned
13 by 'uname -a' on running systems.
14 If not set, uses system user at build time.
15
16 config KERNEL_BUILD_DOMAIN
17 string "Custom Kernel Build Domain Name"
18 default "buildhost" if BUILDBOT
19 default ""
20 help
21 Sets the Kernel build domain string, which for example will be
22 returned by 'uname -a' on running systems.
23 If not set, uses system hostname at build time.
24
25 config KERNEL_PRINTK
26 bool "Enable support for printk"
27 default y
28
29 config KERNEL_CRASHLOG
30 bool "Crash logging"
31 depends on !(arm || powerpc || sparc || TARGET_uml || i386 || x86_64)
32 default y
33
34 config KERNEL_SWAP
35 bool "Support for paging of anonymous memory (swap)"
36 default y if !SMALL_FLASH
37
38 config KERNEL_PROC_STRIPPED
39 bool "Strip non-essential /proc functionality to reduce code size"
40 default y if SMALL_FLASH
41
42 config KERNEL_DEBUG_FS
43 bool "Compile the kernel with debug filesystem enabled"
44 default y
45 help
46 debugfs is a virtual file system that kernel developers use to put
47 debugging files into. Enable this option to be able to read and
48 write to these files. Many common debugging facilities, such as
49 ftrace, require the existence of debugfs.
50
51 config KERNEL_MIPS_FP_SUPPORT
52 bool
53 default y if TARGET_pistachio
54
55 config KERNEL_ARM_PMU
56 bool
57 default n
58 depends on (arm || aarch64)
59
60 config KERNEL_X86_VSYSCALL_EMULATION
61 bool "Enable vsyscall emulation"
62 default n
63 depends on x86_64
64 help
65 This enables emulation of the legacy vsyscall page. Disabling
66 it is roughly equivalent to booting with vsyscall=none, except
67 that it will also disable the helpful warning if a program
68 tries to use a vsyscall. With this option set to N, offending
69 programs will just segfault, citing addresses of the form
70 0xffffffffff600?00.
71
72 This option is required by many programs built before 2013, and
73 care should be used even with newer programs if set to N.
74
75 Disabling this option saves about 7K of kernel size and
76 possibly 4K of additional runtime pagetable memory.
77
78 config KERNEL_PERF_EVENTS
79 bool "Compile the kernel with performance events and counters"
80 default n
81 select KERNEL_ARM_PMU if (arm || aarch64)
82
83 config KERNEL_PROFILING
84 bool "Compile the kernel with profiling enabled"
85 default n
86 select KERNEL_PERF_EVENTS
87 help
88 Enable the extended profiling support mechanisms used by profilers such
89 as OProfile.
90
91 config KERNEL_UBSAN
92 bool "Compile the kernel with undefined behaviour sanity checker"
93 help
94 This option enables undefined behaviour sanity checker
95 Compile-time instrumentation is used to detect various undefined
96 behaviours in runtime. Various types of checks may be enabled
97 via boot parameter ubsan_handle
98 (see: Documentation/dev-tools/ubsan.rst).
99
100 config KERNEL_UBSAN_SANITIZE_ALL
101 bool "Enable instrumentation for the entire kernel"
102 depends on KERNEL_UBSAN
103 default y
104 help
105 This option activates instrumentation for the entire kernel.
106 If you don't enable this option, you have to explicitly specify
107 UBSAN_SANITIZE := y for the files/directories you want to check for UB.
108 Enabling this option will get kernel image size increased
109 significantly.
110
111 config KERNEL_UBSAN_ALIGNMENT
112 bool "Enable checking of pointers alignment"
113 depends on KERNEL_UBSAN
114 help
115 This option enables detection of unaligned memory accesses.
116 Enabling this option on architectures that support unaligned
117 accesses may produce a lot of false positives.
118
119 config KERNEL_UBSAN_NULL
120 bool "Enable checking of null pointers"
121 depends on KERNEL_UBSAN
122 help
123 This option enables detection of memory accesses via a
124 null pointer.
125
126 config KERNEL_KASAN
127 bool "Compile the kernel with KASan: runtime memory debugger"
128 select KERNEL_SLUB_DEBUG
129 depends on (x86_64 || aarch64)
130 help
131 Enables kernel address sanitizer - runtime memory debugger,
132 designed to find out-of-bounds accesses and use-after-free bugs.
133 This is strictly a debugging feature and it requires a gcc version
134 of 4.9.2 or later. Detection of out of bounds accesses to stack or
135 global variables requires gcc 5.0 or later.
136 This feature consumes about 1/8 of available memory and brings about
137 ~x3 performance slowdown.
138 For better error detection enable CONFIG_STACKTRACE.
139 Currently CONFIG_KASAN doesn't work with CONFIG_DEBUG_SLAB
140 (the resulting kernel does not boot).
141
142 config KERNEL_KASAN_EXTRA
143 bool "KAsan: extra checks"
144 depends on KERNEL_KASAN && KERNEL_DEBUG_KERNEL
145 help
146 This enables further checks in the kernel address sanitizer, for now
147 it only includes the address-use-after-scope check that can lead
148 to excessive kernel stack usage, frame size warnings and longer
149 compile time.
150 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715 has more
151
152
153 choice
154 prompt "Instrumentation type"
155 depends on KERNEL_KASAN
156 default KERNEL_KASAN_OUTLINE
157
158 config KERNEL_KASAN_OUTLINE
159 bool "Outline instrumentation"
160 help
161 Before every memory access compiler insert function call
162 __asan_load*/__asan_store*. These functions performs check
163 of shadow memory. This is slower than inline instrumentation,
164 however it doesn't bloat size of kernel's .text section so
165 much as inline does.
166
167 config KERNEL_KASAN_INLINE
168 bool "Inline instrumentation"
169 help
170 Compiler directly inserts code checking shadow memory before
171 memory accesses. This is faster than outline (in some workloads
172 it gives about x2 boost over outline instrumentation), but
173 make kernel's .text size much bigger.
174 This requires a gcc version of 5.0 or later.
175
176 endchoice
177
178 config KERNEL_KCOV
179 bool "Compile the kernel with code coverage for fuzzing"
180 select KERNEL_DEBUG_FS
181 help
182 KCOV exposes kernel code coverage information in a form suitable
183 for coverage-guided fuzzing (randomized testing).
184
185 If RANDOMIZE_BASE is enabled, PC values will not be stable across
186 different machines and across reboots. If you need stable PC values,
187 disable RANDOMIZE_BASE.
188
189 For more details, see Documentation/kcov.txt.
190
191 config KERNEL_KCOV_ENABLE_COMPARISONS
192 bool "Enable comparison operands collection by KCOV"
193 depends on KERNEL_KCOV
194 help
195 KCOV also exposes operands of every comparison in the instrumented
196 code along with operand sizes and PCs of the comparison instructions.
197 These operands can be used by fuzzing engines to improve the quality
198 of fuzzing coverage.
199
200 config KERNEL_KCOV_INSTRUMENT_ALL
201 bool "Instrument all code by default"
202 depends on KERNEL_KCOV
203 default y if KERNEL_KCOV
204 help
205 If you are doing generic system call fuzzing (like e.g. syzkaller),
206 then you will want to instrument the whole kernel and you should
207 say y here. If you are doing more targeted fuzzing (like e.g.
208 filesystem fuzzing with AFL) then you will want to enable coverage
209 for more specific subsets of files, and should say n here.
210
211 config KERNEL_TASKSTATS
212 bool "Compile the kernel with task resource/io statistics and accounting"
213 default n
214 help
215 Enable the collection and publishing of task/io statistics and
216 accounting. Enable this option to enable i/o monitoring in system
217 monitors.
218
219 if KERNEL_TASKSTATS
220
221 config KERNEL_TASK_DELAY_ACCT
222 def_bool y
223
224 config KERNEL_TASK_IO_ACCOUNTING
225 def_bool y
226
227 config KERNEL_TASK_XACCT
228 def_bool y
229
230 endif
231
232 config KERNEL_KALLSYMS
233 bool "Compile the kernel with symbol table information"
234 default y if !SMALL_FLASH
235 help
236 This will give you more information in stack traces from kernel oopses.
237
238 config KERNEL_FTRACE
239 bool "Compile the kernel with tracing support"
240 depends on !TARGET_uml
241 default n
242
243 config KERNEL_FTRACE_SYSCALLS
244 bool "Trace system calls"
245 depends on KERNEL_FTRACE
246 default n
247
248 config KERNEL_ENABLE_DEFAULT_TRACERS
249 bool "Trace process context switches and events"
250 depends on KERNEL_FTRACE
251 default n
252
253 config KERNEL_FUNCTION_TRACER
254 bool "Function tracer"
255 depends on KERNEL_FTRACE
256 default n
257
258 config KERNEL_FUNCTION_GRAPH_TRACER
259 bool "Function graph tracer"
260 depends on KERNEL_FUNCTION_TRACER
261 default n
262
263 config KERNEL_DYNAMIC_FTRACE
264 bool "Enable/disable function tracing dynamically"
265 depends on KERNEL_FUNCTION_TRACER
266 default n
267
268 config KERNEL_FUNCTION_PROFILER
269 bool "Function profiler"
270 depends on KERNEL_FUNCTION_TRACER
271 default n
272
273 config KERNEL_IRQSOFF_TRACER
274 bool "Interrupts-off Latency Tracer"
275 depends on KERNEL_FTRACE
276 help
277 This option measures the time spent in irqs-off critical
278 sections, with microsecond accuracy.
279
280 The default measurement method is a maximum search, which is
281 disabled by default and can be runtime (re-)started
282 via:
283
284 echo 0 > /sys/kernel/debug/tracing/tracing_max_latency
285
286 (Note that kernel size and overhead increase with this option
287 enabled. This option and the preempt-off timing option can be
288 used together or separately.)
289
290 config KERNEL_PREEMPT_TRACER
291 bool "Preemption-off Latency Tracer"
292 depends on KERNEL_FTRACE
293 help
294 This option measures the time spent in preemption-off critical
295 sections, with microsecond accuracy.
296
297 The default measurement method is a maximum search, which is
298 disabled by default and can be runtime (re-)started
299 via:
300
301 echo 0 > /sys/kernel/debug/tracing/tracing_max_latency
302
303 (Note that kernel size and overhead increase with this option
304 enabled. This option and the irqs-off timing option can be
305 used together or separately.)
306
307 config KERNEL_DEBUG_KERNEL
308 bool
309 default n
310
311 config KERNEL_DEBUG_INFO
312 bool "Compile the kernel with debug information"
313 default y if !SMALL_FLASH
314 select KERNEL_DEBUG_KERNEL
315 help
316 This will compile your kernel and modules with debug information.
317
318 config KERNEL_DEBUG_LL_UART_NONE
319 bool
320 default n
321 depends on arm
322
323 config KERNEL_DEBUG_LL
324 bool
325 default n
326 depends on arm
327 select KERNEL_DEBUG_LL_UART_NONE
328 help
329 ARM low level debugging.
330
331 config KERNEL_DYNAMIC_DEBUG
332 bool "Compile the kernel with dynamic printk"
333 select KERNEL_DEBUG_FS
334 default n
335 help
336 Compiles debug level messages into the kernel, which would not
337 otherwise be available at runtime. These messages can then be
338 enabled/disabled based on various levels of scope - per source file,
339 function, module, format string, and line number. This mechanism
340 implicitly compiles in all pr_debug() and dev_dbg() calls, which
341 enlarges the kernel text size by about 2%.
342
343 config KERNEL_EARLY_PRINTK
344 bool "Compile the kernel with early printk"
345 default y if TARGET_bcm53xx
346 default n
347 depends on arm
348 select KERNEL_DEBUG_KERNEL
349 select KERNEL_DEBUG_LL if arm
350 help
351 Compile the kernel with early printk support. This is only useful for
352 debugging purposes to send messages over the serial console in early boot.
353 Enable this to debug early boot problems.
354
355 config KERNEL_KPROBES
356 bool "Compile the kernel with kprobes support"
357 default n
358 select KERNEL_FTRACE
359 select KERNEL_PERF_EVENTS
360 help
361 Compiles the kernel with KPROBES support, which allows you to trap
362 at almost any kernel address and execute a callback function.
363 register_kprobe() establishes a probepoint and specifies the
364 callback. Kprobes is useful for kernel debugging, non-intrusive
365 instrumentation and testing.
366 If in doubt, say "N".
367
368 config KERNEL_KPROBE_EVENT
369 bool
370 default y if KERNEL_KPROBES
371
372 config KERNEL_KPROBE_EVENTS
373 bool
374 default y if KERNEL_KPROBES
375
376 config KERNEL_AIO
377 bool "Compile the kernel with asynchronous IO support"
378 default y if !SMALL_FLASH
379
380 config KERNEL_IO_URING
381 bool "Compile the kernel with io_uring support"
382 default y if !SMALL_FLASH
383 depends on LINUX_5_4
384
385 config KERNEL_FHANDLE
386 bool "Compile the kernel with support for fhandle syscalls"
387 default y if !SMALL_FLASH
388
389 config KERNEL_FANOTIFY
390 bool "Compile the kernel with modern file notification support"
391 default y if !SMALL_FLASH
392
393 config KERNEL_BLK_DEV_BSG
394 bool "Compile the kernel with SCSI generic v4 support for any block device"
395 default n
396
397 config KERNEL_TRANSPARENT_HUGEPAGE
398 bool
399
400 choice
401 prompt "Transparent Hugepage Support sysfs defaults"
402 depends on KERNEL_TRANSPARENT_HUGEPAGE
403 default KERNEL_TRANSPARENT_HUGEPAGE_ALWAYS
404
405 config KERNEL_TRANSPARENT_HUGEPAGE_ALWAYS
406 bool "always"
407
408 config KERNEL_TRANSPARENT_HUGEPAGE_MADVISE
409 bool "madvise"
410 endchoice
411
412 config KERNEL_HUGETLBFS
413 bool
414
415 config KERNEL_HUGETLB_PAGE
416 bool "Compile the kernel with HugeTLB support"
417 select KERNEL_TRANSPARENT_HUGEPAGE
418 select KERNEL_HUGETLBFS
419 default n
420
421 config KERNEL_MAGIC_SYSRQ
422 bool "Compile the kernel with SysRq support"
423 default y
424
425 config KERNEL_DEBUG_PINCTRL
426 bool "Compile the kernel with pinctrl debugging"
427 select KERNEL_DEBUG_KERNEL
428
429 config KERNEL_DEBUG_GPIO
430 bool "Compile the kernel with gpio debugging"
431 select KERNEL_DEBUG_KERNEL
432
433 config KERNEL_COREDUMP
434 bool
435
436 config KERNEL_ELF_CORE
437 bool "Enable process core dump support"
438 select KERNEL_COREDUMP
439 default y if !SMALL_FLASH
440
441 config KERNEL_PROVE_LOCKING
442 bool "Enable kernel lock checking"
443 select KERNEL_DEBUG_KERNEL
444 default n
445
446 config KERNEL_LOCKUP_DETECTOR
447 bool "Compile the kernel with detect Hard and Soft Lockups"
448 depends on KERNEL_DEBUG_KERNEL
449 help
450 Say Y here to enable the kernel to act as a watchdog to detect
451 hard and soft lockups.
452
453 Softlockups are bugs that cause the kernel to loop in kernel
454 mode for more than 20 seconds, without giving other tasks a
455 chance to run. The current stack trace is displayed upon
456 detection and the system will stay locked up.
457
458 Hardlockups are bugs that cause the CPU to loop in kernel mode
459 for more than 10 seconds, without letting other interrupts have a
460 chance to run. The current stack trace is displayed upon detection
461 and the system will stay locked up.
462
463 The overhead should be minimal. A periodic hrtimer runs to
464 generate interrupts and kick the watchdog task every 4 seconds.
465 An NMI is generated every 10 seconds or so to check for hardlockups.
466
467 The frequency of hrtimer and NMI events and the soft and hard lockup
468 thresholds can be controlled through the sysctl watchdog_thresh.
469
470 config KERNEL_DETECT_HUNG_TASK
471 bool "Compile the kernel with detect Hung Tasks"
472 depends on KERNEL_DEBUG_KERNEL
473 default KERNEL_LOCKUP_DETECTOR
474 help
475 Say Y here to enable the kernel to detect "hung tasks",
476 which are bugs that cause the task to be stuck in
477 uninterruptible "D" state indefinitely.
478
479 When a hung task is detected, the kernel will print the
480 current stack trace (which you should report), but the
481 task will stay in uninterruptible state. If lockdep is
482 enabled then all held locks will also be reported. This
483 feature has negligible overhead.
484
485 config KERNEL_WQ_WATCHDOG
486 bool "Compile the kernel with detect Workqueue Stalls"
487 depends on KERNEL_DEBUG_KERNEL
488 help
489 Say Y here to enable stall detection on workqueues. If a
490 worker pool doesn't make forward progress on a pending work
491 item for over a given amount of time, 30s by default, a
492 warning message is printed along with dump of workqueue
493 state. This can be configured through kernel parameter
494 "workqueue.watchdog_thresh" and its sysfs counterpart.
495
496 config KERNEL_DEBUG_ATOMIC_SLEEP
497 bool "Compile the kernel with sleep inside atomic section checking"
498 depends on KERNEL_DEBUG_KERNEL
499 help
500 If you say Y here, various routines which may sleep will become very
501 noisy if they are called inside atomic sections: when a spinlock is
502 held, inside an rcu read side critical section, inside preempt disabled
503 sections, inside an interrupt, etc...
504
505 config KERNEL_DEBUG_VM
506 bool "Compile the kernel with debug VM"
507 depends on KERNEL_DEBUG_KERNEL
508 help
509 Enable this to turn on extended checks in the virtual-memory system
510 that may impact performance.
511
512 If unsure, say N.
513
514 config KERNEL_PRINTK_TIME
515 bool "Enable printk timestamps"
516 default y
517
518 config KERNEL_SLUB_DEBUG
519 bool
520
521 config KERNEL_SLUB_DEBUG_ON
522 bool
523
524 config KERNEL_SLABINFO
525 select KERNEL_SLUB_DEBUG
526 select KERNEL_SLUB_DEBUG_ON
527 bool "Enable /proc slab debug info"
528
529 config KERNEL_PROC_PAGE_MONITOR
530 bool "Enable /proc page monitoring"
531
532 config KERNEL_RELAY
533 bool
534
535 config KERNEL_KEXEC
536 bool "Enable kexec support"
537
538 config KERNEL_PROC_VMCORE
539 bool
540
541 config KERNEL_PROC_KCORE
542 bool
543
544 config KERNEL_CRASH_DUMP
545 depends on i386 || x86_64 || arm || armeb
546 select KERNEL_KEXEC
547 select KERNEL_PROC_VMCORE
548 select KERNEL_PROC_KCORE
549 bool "Enable support for kexec crashdump"
550 default y
551
552 config USE_RFKILL
553 bool "Enable rfkill support"
554 default RFKILL_SUPPORT
555
556 config USE_SPARSE
557 bool "Enable sparse check during kernel build"
558 default n
559
560 config KERNEL_DEVTMPFS
561 bool "Compile the kernel with device tmpfs enabled"
562 default n
563 help
564 devtmpfs is a simple, kernel-managed /dev filesystem. The kernel creates
565 devices nodes for all registered devices to simplify boot, but leaves more
566 complex tasks to userspace (e.g. udev).
567
568 if KERNEL_DEVTMPFS
569
570 config KERNEL_DEVTMPFS_MOUNT
571 bool "Automatically mount devtmpfs after root filesystem is mounted"
572 default n
573
574 endif
575
576 config KERNEL_KEYS
577 bool "Enable kernel access key retention support"
578 default !SMALL_FLASH
579
580 config KERNEL_PERSISTENT_KEYRINGS
581 bool "Enable kernel persistent keyrings"
582 depends on KERNEL_KEYS
583 default n
584
585 config KERNEL_KEYS_REQUEST_CACHE
586 bool "Enable temporary caching of the last request_key() result"
587 depends on KERNEL_KEYS
588 default n
589
590 config KERNEL_BIG_KEYS
591 bool "Enable large payload keys on kernel keyrings"
592 depends on KERNEL_KEYS
593 default n
594
595 #
596 # CGROUP support symbols
597 #
598
599 config KERNEL_CGROUPS
600 bool "Enable kernel cgroups"
601 default y if !SMALL_FLASH
602
603 if KERNEL_CGROUPS
604
605 config KERNEL_CGROUP_DEBUG
606 bool "Example debug cgroup subsystem"
607 default n
608 help
609 This option enables a simple cgroup subsystem that
610 exports useful debugging information about the cgroups
611 framework.
612
613 config KERNEL_FREEZER
614 bool
615
616 config KERNEL_CGROUP_FREEZER
617 bool "legacy Freezer cgroup subsystem"
618 default n
619 select KERNEL_FREEZER
620 help
621 Provides a way to freeze and unfreeze all tasks in a
622 cgroup.
623 (legacy cgroup1-only controller, in cgroup2 freezer
624 is integrated in the Memory controller)
625
626 config KERNEL_CGROUP_DEVICE
627 bool "legacy Device controller for cgroups"
628 default n
629 help
630 Provides a cgroup implementing whitelists for devices which
631 a process in the cgroup can mknod or open.
632 (legacy cgroup1-only controller)
633
634 config KERNEL_CGROUP_HUGETLB
635 bool "HugeTLB controller"
636 default n
637 select KERNEL_HUGETLB_PAGE
638
639 config KERNEL_CGROUP_PIDS
640 bool "PIDs cgroup subsystem"
641 default y
642 help
643 Provides enforcement of process number limits in the scope of a
644 cgroup.
645
646 config KERNEL_CGROUP_RDMA
647 bool "RDMA controller for cgroups"
648 default y
649
650 config KERNEL_CGROUP_BPF
651 bool "Support for eBPF programs attached to cgroups"
652 default y
653
654 config KERNEL_CPUSETS
655 bool "Cpuset support"
656 default y
657 help
658 This option will let you create and manage CPUSETs which
659 allow dynamically partitioning a system into sets of CPUs and
660 Memory Nodes and assigning tasks to run only within those sets.
661 This is primarily useful on large SMP or NUMA systems.
662
663 config KERNEL_PROC_PID_CPUSET
664 bool "Include legacy /proc/<pid>/cpuset file"
665 default n
666 depends on KERNEL_CPUSETS
667
668 config KERNEL_CGROUP_CPUACCT
669 bool "Simple CPU accounting cgroup subsystem"
670 default y
671 help
672 Provides a simple Resource Controller for monitoring the
673 total CPU consumed by the tasks in a cgroup.
674
675 config KERNEL_RESOURCE_COUNTERS
676 bool "Resource counters"
677 default y
678 help
679 This option enables controller independent resource accounting
680 infrastructure that works with cgroups.
681
682 config KERNEL_MM_OWNER
683 bool
684 default y if KERNEL_MEMCG
685
686 config KERNEL_MEMCG
687 bool "Memory Resource Controller for Control Groups"
688 default y
689 select KERNEL_FREEZER
690 depends on KERNEL_RESOURCE_COUNTERS || !LINUX_3_18
691 help
692 Provides a memory resource controller that manages both anonymous
693 memory and page cache. (See Documentation/cgroups/memory.txt)
694
695 Note that setting this option increases fixed memory overhead
696 associated with each page of memory in the system. By this,
697 20(40)bytes/PAGE_SIZE on 32(64)bit system will be occupied by memory
698 usage tracking struct at boot. Total amount of this is printed out
699 at boot.
700
701 Only enable when you're ok with these tradeoffs and really
702 sure you need the memory resource controller. Even when you enable
703 this, you can set "cgroup_disable=memory" at your boot option to
704 disable memory resource controller and you can avoid overheads
705 (but lose benefits of memory resource controller).
706
707 This config option also selects MM_OWNER config option, which
708 could in turn add some fork/exit overhead.
709
710 config KERNEL_MEMCG_SWAP
711 bool "Memory Resource Controller Swap Extension"
712 default y
713 depends on KERNEL_MEMCG
714 help
715 Add swap management feature to memory resource controller. When you
716 enable this, you can limit mem+swap usage per cgroup. In other words,
717 when you disable this, memory resource controller has no cares to
718 usage of swap...a process can exhaust all of the swap. This extension
719 is useful when you want to avoid exhaustion swap but this itself
720 adds more overheads and consumes memory for remembering information.
721 Especially if you use 32bit system or small memory system, please
722 be careful about enabling this. When memory resource controller
723 is disabled by boot option, this will be automatically disabled and
724 there will be no overhead from this. Even when you set this config=y,
725 if boot option "swapaccount=0" is set, swap will not be accounted.
726 Now, memory usage of swap_cgroup is 2 bytes per entry. If swap page
727 size is 4096bytes, 512k per 1Gbytes of swap.
728
729 config KERNEL_MEMCG_SWAP_ENABLED
730 bool "Memory Resource Controller Swap Extension enabled by default"
731 default n
732 depends on KERNEL_MEMCG_SWAP
733 help
734 Memory Resource Controller Swap Extension comes with its price in
735 a bigger memory consumption. General purpose distribution kernels
736 which want to enable the feature but keep it disabled by default
737 and let the user enable it by swapaccount boot command line
738 parameter should have this option unselected.
739
740 Those who want to have the feature enabled by default should
741 select this option (if, for some reason, they need to disable it,
742 then swapaccount=0 does the trick).
743
744
745 config KERNEL_MEMCG_KMEM
746 bool "Memory Resource Controller Kernel Memory accounting (EXPERIMENTAL)"
747 default y
748 depends on KERNEL_MEMCG
749 help
750 The Kernel Memory extension for Memory Resource Controller can limit
751 the amount of memory used by kernel objects in the system. Those are
752 fundamentally different from the entities handled by the standard
753 Memory Controller, which are page-based, and can be swapped. Users of
754 the kmem extension can use it to guarantee that no group of processes
755 will ever exhaust kernel resources alone.
756
757 config KERNEL_CGROUP_PERF
758 bool "Enable perf_event per-cpu per-container group (cgroup) monitoring"
759 select KERNEL_PERF_EVENTS
760 default n
761 help
762 This option extends the per-cpu mode to restrict monitoring to
763 threads which belong to the cgroup specified and run on the
764 designated cpu.
765
766 menuconfig KERNEL_CGROUP_SCHED
767 bool "Group CPU scheduler"
768 default y
769 help
770 This feature lets CPU scheduler recognize task groups and control CPU
771 bandwidth allocation to such task groups. It uses cgroups to group
772 tasks.
773
774 if KERNEL_CGROUP_SCHED
775
776 config KERNEL_FAIR_GROUP_SCHED
777 bool "Group scheduling for SCHED_OTHER"
778 default y
779
780 config KERNEL_CFS_BANDWIDTH
781 bool "CPU bandwidth provisioning for FAIR_GROUP_SCHED"
782 default y
783 depends on KERNEL_FAIR_GROUP_SCHED
784 help
785 This option allows users to define CPU bandwidth rates (limits) for
786 tasks running within the fair group scheduler. Groups with no limit
787 set are considered to be unconstrained and will run with no
788 restriction.
789 See tip/Documentation/scheduler/sched-bwc.txt for more information.
790
791 config KERNEL_RT_GROUP_SCHED
792 bool "Group scheduling for SCHED_RR/FIFO"
793 default y
794 help
795 This feature lets you explicitly allocate real CPU bandwidth
796 to task groups. If enabled, it will also make it impossible to
797 schedule realtime tasks for non-root users until you allocate
798 realtime bandwidth for them.
799
800 endif
801
802 config KERNEL_BLK_CGROUP
803 bool "Block IO controller"
804 default y
805 help
806 Generic block IO controller cgroup interface. This is the common
807 cgroup interface which should be used by various IO controlling
808 policies.
809
810 Currently, CFQ IO scheduler uses it to recognize task groups and
811 control disk bandwidth allocation (proportional time slice allocation)
812 to such task groups. It is also used by bio throttling logic in
813 block layer to implement upper limit in IO rates on a device.
814
815 This option only enables generic Block IO controller infrastructure.
816 One needs to also enable actual IO controlling logic/policy. For
817 enabling proportional weight division of disk bandwidth in CFQ, set
818 CONFIG_CFQ_GROUP_IOSCHED=y; for enabling throttling policy, set
819 CONFIG_BLK_DEV_THROTTLING=y.
820
821 if KERNEL_BLK_CGROUP
822
823 config KERNEL_CFQ_GROUP_IOSCHED
824 bool "Proportional weight of disk bandwidth in CFQ"
825
826 config KERNEL_BLK_DEV_THROTTLING
827 bool "Enable throttling policy"
828 default y
829
830 config KERNEL_BLK_DEV_THROTTLING_LOW
831 bool "Block throttling .low limit interface support (EXPERIMENTAL)"
832 depends on KERNEL_BLK_DEV_THROTTLING
833 endif
834
835 config KERNEL_DEBUG_BLK_CGROUP
836 bool "Enable Block IO controller debugging"
837 default n
838 depends on KERNEL_BLK_CGROUP
839 help
840 Enable some debugging help. Currently it exports additional stat
841 files in a cgroup which can be useful for debugging.
842
843 config KERNEL_NET_CLS_CGROUP
844 bool "legacy Control Group Classifier"
845 default n
846
847 config KERNEL_CGROUP_NET_CLASSID
848 bool "legacy Network classid cgroup"
849 default n
850
851 config KERNEL_CGROUP_NET_PRIO
852 bool "legacy Network priority cgroup"
853 default n
854
855 endif
856
857 #
858 # Namespace support symbols
859 #
860
861 config KERNEL_NAMESPACES
862 bool "Enable kernel namespaces"
863 default y if !SMALL_FLASH
864
865 if KERNEL_NAMESPACES
866
867 config KERNEL_UTS_NS
868 bool "UTS namespace"
869 default y
870 help
871 In this namespace, tasks see different info provided
872 with the uname() system call.
873
874 config KERNEL_IPC_NS
875 bool "IPC namespace"
876 default y
877 help
878 In this namespace, tasks work with IPC ids which correspond to
879 different IPC objects in different namespaces.
880
881 config KERNEL_USER_NS
882 bool "User namespace (EXPERIMENTAL)"
883 default y
884 help
885 This allows containers, i.e. vservers, to use user namespaces
886 to provide different user info for different servers.
887
888 config KERNEL_PID_NS
889 bool "PID Namespaces"
890 default y
891 help
892 Support process id namespaces. This allows having multiple
893 processes with the same pid as long as they are in different
894 pid namespaces. This is a building block of containers.
895
896 config KERNEL_NET_NS
897 bool "Network namespace"
898 default y
899 help
900 Allow user space to create what appear to be multiple instances
901 of the network stack.
902
903 endif
904
905 config KERNEL_DEVPTS_MULTIPLE_INSTANCES
906 bool "Support multiple instances of devpts"
907 default y if !SMALL_FLASH
908 help
909 Enable support for multiple instances of devpts filesystem.
910 If you want to have isolated PTY namespaces (eg: in containers),
911 say Y here. Otherwise, say N. If enabled, each mount of devpts
912 filesystem with the '-o newinstance' option will create an
913 independent PTY namespace.
914
915 config KERNEL_POSIX_MQUEUE
916 bool "POSIX Message Queues"
917 default y if !SMALL_FLASH
918 help
919 POSIX variant of message queues is a part of IPC. In POSIX message
920 queues every message has a priority which decides about succession
921 of receiving it by a process. If you want to compile and run
922 programs written e.g. for Solaris with use of its POSIX message
923 queues (functions mq_*) say Y here.
924
925 POSIX message queues are visible as a filesystem called 'mqueue'
926 and can be mounted somewhere if you want to do filesystem
927 operations on message queues.
928
929
930 config KERNEL_SECCOMP_FILTER
931 bool
932 default y if !SMALL_FLASH
933
934 config KERNEL_SECCOMP
935 bool "Enable seccomp support"
936 depends on !(TARGET_uml)
937 select KERNEL_SECCOMP_FILTER
938 default y if !SMALL_FLASH
939 help
940 Build kernel with support for seccomp.
941
942 #
943 # IPv4 configuration
944 #
945
946 config KERNEL_IP_MROUTE
947 bool "Enable IPv4 multicast routing"
948 default y
949 help
950 Multicast routing requires a multicast routing daemon in
951 addition to kernel support.
952
953 #
954 # IPv6 configuration
955 #
956
957 config KERNEL_IPV6
958 def_bool IPV6
959
960 if KERNEL_IPV6
961
962 config KERNEL_IPV6_MULTIPLE_TABLES
963 def_bool y
964
965 config KERNEL_IPV6_SUBTREES
966 def_bool y
967
968 config KERNEL_IPV6_MROUTE
969 bool "Enable IPv6 multicast routing"
970 default y
971 help
972 Multicast routing requires a multicast routing daemon in
973 addition to kernel support.
974
975 config KERNEL_IPV6_PIMSM_V2
976 def_bool n
977
978 config KERNEL_IPV6_SEG6_LWTUNNEL
979 def_bool y if !SMALL_FLASH
980 help
981 Using lwtunnel requires full-ip package.
982
983 config KERNEL_LWTUNNEL_BPF
984 def_bool n
985
986 endif
987
988 #
989 # NFS related symbols
990 #
991 config KERNEL_IP_PNP
992 bool "Compile the kernel with rootfs on NFS"
993 help
994 If you want to make your kernel boot off a NFS server as root
995 filesystem, select Y here.
996
997 if KERNEL_IP_PNP
998
999 config KERNEL_IP_PNP_DHCP
1000 def_bool y
1001
1002 config KERNEL_IP_PNP_BOOTP
1003 def_bool n
1004
1005 config KERNEL_IP_PNP_RARP
1006 def_bool n
1007
1008 config KERNEL_NFS_FS
1009 def_bool y
1010
1011 config KERNEL_NFS_V2
1012 def_bool y
1013
1014 config KERNEL_NFS_V3
1015 def_bool y
1016
1017 config KERNEL_ROOT_NFS
1018 def_bool y
1019
1020 endif
1021
1022 menu "Filesystem ACL and attr support options"
1023 config USE_FS_ACL_ATTR
1024 bool "Use filesystem ACL and attr support by default"
1025 default n
1026 help
1027 Make using ACLs (e.g. POSIX ACL, NFSv4 ACL) the default
1028 for kernel and packages, except tmpfs, flash filesystems,
1029 and old NFS. Also enable userspace extended attribute support
1030 by default. (OpenWrt already has an expection it will be
1031 present in the kernel).
1032
1033 config KERNEL_FS_POSIX_ACL
1034 bool "Enable POSIX ACL support"
1035 default y if USE_FS_ACL_ATTR
1036
1037 config KERNEL_BTRFS_FS_POSIX_ACL
1038 bool "Enable POSIX ACL for BtrFS Filesystems"
1039 select KERNEL_FS_POSIX_ACL
1040 default y if USE_FS_ACL_ATTR
1041
1042 config KERNEL_EXT4_FS_POSIX_ACL
1043 bool "Enable POSIX ACL for Ext4 Filesystems"
1044 select KERNEL_FS_POSIX_ACL
1045 default y if USE_FS_ACL_ATTR
1046
1047 config KERNEL_F2FS_FS_POSIX_ACL
1048 bool "Enable POSIX ACL for F2FS Filesystems"
1049 select KERNEL_FS_POSIX_ACL
1050 default n
1051
1052 config KERNEL_JFFS2_FS_POSIX_ACL
1053 bool "Enable POSIX ACL for JFFS2 Filesystems"
1054 select KERNEL_FS_POSIX_ACL
1055 default n
1056
1057 config KERNEL_TMPFS_POSIX_ACL
1058 bool "Enable POSIX ACL for TMPFS Filesystems"
1059 select KERNEL_FS_POSIX_ACL
1060 default n
1061
1062 config KERNEL_CIFS_ACL
1063 bool "Enable CIFS ACLs"
1064 select KERNEL_FS_POSIX_ACL
1065 default y if USE_FS_ACL_ATTR
1066
1067 config KERNEL_HFS_FS_POSIX_ACL
1068 bool "Enable POSIX ACL for HFS Filesystems"
1069 select KERNEL_FS_POSIX_ACL
1070 default y if USE_FS_ACL_ATTR
1071
1072 config KERNEL_HFSPLUS_FS_POSIX_ACL
1073 bool "Enable POSIX ACL for HFS+ Filesystems"
1074 select KERNEL_FS_POSIX_ACL
1075 default y if USE_FS_ACL_ATTR
1076
1077 config KERNEL_NFS_ACL_SUPPORT
1078 bool "Enable ACLs for NFS"
1079 default y if USE_FS_ACL_ATTR
1080
1081 config KERNEL_NFS_V3_ACL_SUPPORT
1082 bool "Enable ACLs for NFSv3"
1083 default n
1084
1085 config KERNEL_NFSD_V2_ACL_SUPPORT
1086 bool "Enable ACLs for NFSDv2"
1087 default n
1088
1089 config KERNEL_NFSD_V3_ACL_SUPPORT
1090 bool "Enable ACLs for NFSDv3"
1091 default n
1092
1093 config KERNEL_REISER_FS_POSIX_ACL
1094 bool "Enable POSIX ACLs for ReiserFS"
1095 select KERNEL_FS_POSIX_ACL
1096 default y if USE_FS_ACL_ATTR
1097
1098 config KERNEL_XFS_POSIX_ACL
1099 bool "Enable POSIX ACLs for XFS"
1100 select KERNEL_FS_POSIX_ACL
1101 default y if USE_FS_ACL_ATTR
1102
1103 config KERNEL_JFS_POSIX_ACL
1104 bool "Enable POSIX ACLs for JFS"
1105 select KERNEL_FS_POSIX_ACL
1106 default y if USE_FS_ACL_ATTR
1107
1108 endmenu
1109
1110 config KERNEL_DEVMEM
1111 bool "/dev/mem virtual device support"
1112 help
1113 Say Y here if you want to support the /dev/mem device.
1114 The /dev/mem device is used to access areas of physical
1115 memory.
1116
1117 config KERNEL_DEVKMEM
1118 bool "/dev/kmem virtual device support"
1119 help
1120 Say Y here if you want to support the /dev/kmem device. The
1121 /dev/kmem device is rarely used, but can be used for certain
1122 kind of kernel debugging operations.
1123
1124 config KERNEL_SQUASHFS_FRAGMENT_CACHE_SIZE
1125 int "Number of squashfs fragments cached"
1126 default 2 if (SMALL_FLASH && !LOW_MEMORY_FOOTPRINT)
1127 default 3
1128
1129 config KERNEL_SQUASHFS_XATTR
1130 bool "Squashfs XATTR support"
1131
1132 #
1133 # compile optimiziation setting
1134 #
1135 choice
1136 prompt "Compiler optimization level"
1137 default KERNEL_CC_OPTIMIZE_FOR_SIZE if SMALL_FLASH
1138
1139 config KERNEL_CC_OPTIMIZE_FOR_PERFORMANCE
1140 bool "Optimize for performance"
1141 help
1142 This is the default optimization level for the kernel, building
1143 with the "-O2" compiler flag for best performance and most
1144 helpful compile-time warnings.
1145
1146 config KERNEL_CC_OPTIMIZE_FOR_SIZE
1147 bool "Optimize for size"
1148 help
1149 Enabling this option will pass "-Os" instead of "-O2" to
1150 your compiler resulting in a smaller kernel.
1151
1152 endchoice
1153
1154 config KERNEL_AUDIT
1155 bool "Auditing support"
1156
1157 config KERNEL_SECURITY
1158 bool "Enable different security models"
1159
1160 config KERNEL_SECURITY_NETWORK
1161 bool "Socket and Networking Security Hooks"
1162 select KERNEL_SECURITY
1163
1164 config KERNEL_SECURITY_SELINUX
1165 bool "NSA SELinux Support"
1166 select KERNEL_SECURITY_NETWORK
1167 select KERNEL_AUDIT
1168
1169 config KERNEL_SECURITY_SELINUX_BOOTPARAM
1170 bool "NSA SELinux boot parameter"
1171 depends on KERNEL_SECURITY_SELINUX
1172 default y
1173
1174 config KERNEL_SECURITY_SELINUX_DISABLE
1175 bool "NSA SELinux runtime disable"
1176 depends on KERNEL_SECURITY_SELINUX
1177
1178 config KERNEL_SECURITY_SELINUX_DEVELOP
1179 bool "NSA SELinux Development Support"
1180 depends on KERNEL_SECURITY_SELINUX
1181 default y
1182
1183 config KERNEL_LSM
1184 string
1185 default "lockdown,yama,loadpin,safesetid,integrity,selinux"
1186 depends on KERNEL_SECURITY_SELINUX
1187
1188 config KERNEL_EXT4_FS_SECURITY
1189 bool "Ext4 Security Labels"
1190
1191 config KERNEL_F2FS_FS_SECURITY
1192 bool "F2FS Security Labels"
1193
1194 config KERNEL_UBIFS_FS_SECURITY
1195 bool "UBIFS Security Labels"
1196
1197 config KERNEL_JFFS2_FS_SECURITY
1198 bool "JFFS2 Security Labels"
Staging tree of Christian Lamparter