aboutsummaryrefslogtreecommitdiffstats
path: root/config/Config-kernel.in
Commit message (Collapse)AuthorAgeFilesLines
* kernel: enable SRv6 support by enabling lwtunnelNick Hainke2021-01-111-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | Enable the ability to use segment routing based on IPv6. It allows the packet to specify a path that the packet should take through the network. Lwtunnel allow an easy encapsulation of a package. You can just install ip-full package and use it: ip -6 route add 2003::/64 dev eth0 encap seg6 mode encap \ segs 2001::1,2002::2 An IPv6 package looks like this: [IPv6 HDR][IPv6 RH][IPv6 HDR][Data...] Netifd support: https://git.openwrt.org/?p=project/netifd.git; a=commit;h=458b1a7e9473c150a40cae5d8be174f4bb03bd39 Increases imagesize by 24.125 KiB. Therefore, only enable for devices with enough flash. Signed-off-by: Nick Hainke <vincent@systemli.org>
* kernel: only strip proc for small flash devicesNick Hainke2020-12-221-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, you are not able to get statistics about IPv4 and IPv6 usage. This information can be collected via the snmp and snmp6. However, in the current state this interface is disabled as you can read in the "902-debloat_proc.patch": "Strip non-essential /proc functionality to reduce code size" Tools like netstat use the snmp/6 interface to collect interface statistics. Some prometheus exporters also mention this: - prometheus-collectors/netstat.lua - prometheus-collectors/snmp6 (still a PR) - collectd/snmp6 (still a PR) PRs: - https://github.com/collectd/collectd/pull/3789 - https://github.com/openwrt/packages/pull/14158 Instead of enabling it as default for all devices we condition it default y if SMALL_FLASH A test shows it needs around 16 kiB. Signed-off-by: Nick Hainke <vincent@systemli.org> [fixed whitespace issue] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* kernel: add KERNEL_IO_URING optionAndy Walsh2020-12-221-0/+5
| | | | | | | | | | | | | | | | | | | | | | * add KERNEL_IO_URING option NOTES: Adds configurable support for the io_uring interface (CONFIG_IO_URING) via KERNEL_IO_URING option. The kernel only zImage grows by about 5-9KB ? I would like to enable this by default for all 5.4 kernels, so i can use the new io_uring samba-4.12.x vfs module by default. The associated liburing was already submitted and merged. The kernel + liburing was tested on ARM/mvebu via samba4 vfs_io_uring module and i have no issues so far. Some extra reads on it and why we should enable it by default, since i expect more packages to use this in the future. https://wiki.samba.org/index.php/Samba_4.12_Features_added/changed#.27io_uring.27_vfs_module https://lwn.net/Articles/810414/ https://kernel.dk/io_uring.pdf https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.6-IO-uring-Tests Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
* build: Add IRQSOFF and PREEMPT TRACER kernel config optionHauke Mehrtens2020-12-161-0/+34
| | | | | | | | | | | | | This adds the CONFIG_IRQSOFF_TRACER and the CONFIG_PREEMPT_TRACER kernel configuration option to the OpenWrt menu. This can be used to debug latencies in the system. The CONFIG_PREEMPT_TRACER option needs the CONFIG_PREEMPT option which is supposed to be used for Low-Latency Desktop and not used by many targets in OpenWrt. The help text is copied from the Linux kernel Kconfig. Signed-off-by: Hauke Mehrtens <hmehrtens@maxlinear.com>
* kernel: enable kernel keyring by default on !SMALL_FLASHDaniel Golle2020-12-141-1/+1
| | | | | | | | | | | | | Enable CONFIG_KEYS by default on systems which are not marked as flash-space constraint by the 'small_flash' feature. CONFIG_KEYS is required by Docker, enabling it in our kernel allows users to run Docker on stock OpenWrt. It is also used of by some network file systems (such as NFSv4) to store credentials as well as UID/GID mappings. Adds about 50kB to vmlinux on ath79/generic (~18kB compressed) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* kernel: update and clean kernel keyring optionsDaniel Golle2020-12-141-13/+13
| | | | | | | | | | Add KERNEL_KEYS_REQUEST_CACHE option. 'tristate' (ie. module builds) are not valid in Config-kernel.in, hence remove tristate KERNEL_ENCRYPTED_KEYS. It will be readded as a kernel module in a follow-up commit. Fixes: 39d817cf38 ("Add config symbols for kernel keyring support") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* kernel: Activate KERNEL_MIPS_FP_SUPPORT for pistachio targetHauke Mehrtens2020-11-011-0/+1
| | | | | | | | | The pistachio target uses a MIPS CPU with FPU and OpenWrt uses a toolchain with hard FPU support. MIPS FPU support needs the FPU emulation code in the kernel. Fixes: ac5671f46cb4 ("kernel: remove obsolete kernel version switches for 4.19") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: remove obsolete kernel version switches for 4.19Adrian Schmutzler2020-10-301-7/+0
| | | | | | | This removes switches dependent on kernel version 4.19 as well as several packages/modules selected only for that version. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* config: clean up SELinux optionsDaniel Golle2020-10-161-0/+2
| | | | | | | | | In order to make it easier for users to build with SELinux, have a single option in 'Global build settings' to enable all necessary kernel features, userland packages and build-system hooks. Also add better descriptions and help messages while at it. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* config: add KERNEL_LSM symbolPaul Spooren2020-09-031-11/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | The LSM (Linux security mechanism) list is the successor of the now legacy *major LSM*. Instead of defining a single security mechanism the LSM symbol is a comma separated list of mechanisms to load. Until recently OpenWrt would only support DAC (Unix discretionary access controls) which don't require an additional entry in the LSM list. With the newly introduced SELinux support the LSM needs to be extended else only a manual modified Kernel cmdline (`security=selinux`) would activate SELinux. As the default OpenWrt Kernel config sets DAC as default security mechanism, SELinux is stripped from the LSM list, even if `KERNEL_DEFAULT_SECURITY_SELINUX` is activated. To allow SELinux without a modified cmdline this commit sets a specific LSM list if `KERNEL_SECURITY_SELINUX` is enabled. The upstream Kconfig adds even more mechanisms (smack,selinux,tomoyo,apparmor), but until they're ported to OpenWrt, these can be ignored. To compile SELinux Kernel support but disable it from loading, the already present options `KERNEL_SECURITY_SELINUX_DISABLE` or `KERNEL_SECURITY_SELINUX_BOOTPARAM` (with custom cmdline `selinux=0`) can be used. Further it's possible to edit `/etc/selinux/config`. Signed-off-by: Paul Spooren <mail@aparcar.org>
* kernel: remove obsolete kernel version switches for 4.14Adrian Schmutzler2020-09-021-1/+1
| | | | | | | | | | This removes switches dependent on kernel version 4.14 as well as several packages/modules selected only for that version. This also removes sched-cake-virtual, which is not required anymore now that we have only one variant of cake. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* kernel: add options needed for SELinuxThomas Petazzoni2020-08-311-0/+55
| | | | | | | | | | This adds a number of options to config/Config-kernel.in so that packages related to SELinux support can enable the appropriate Linux kernel support. Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> [rebase; add ext4, F2FS, UBIFS, and JFFS2 support; add commit message] Signed-off-by: W. Michael Petullo <mike@flyn.org>
* config: kernel: fix missed CGROUP_HUGETLB symbolYuan Tao2020-08-241-2/+2
| | | | | | | The symbol KERNEL_CGROUP_HUGETLB is always used whenever KERNEL_CGROUPS is enabled. The absence of this notation will cause the user to be asked to enter this parameter the first time it is compiled. Signed-off-by: Yuan Tao <ty@wevs.org>
* kernel: further clean-up options and defaultsDaniel Golle2020-08-101-11/+11
| | | | | | | | | | | | Remove `if !SMALL_FLASH` in places which are anyway already augmented by `if !SMALL_FLASH`. Always enable CONFIG_BLK_DEV_THROTTLING on !SMALL_FLASH devices rather than just enabling it on bcm27xx. Enabled CPU bandwidth provisioning for FAIR_GROUP_SCHED on !SMALL_FLASH devices as CONFIG_FAIR_GROUP_SCHED is already enabled and becomes more useful for cgroups with that option enbled as well. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* kernel: fix missing TRANSPARENT_HUGEPAGE symbolsStijn Tintel2020-08-011-0/+12
| | | | | | | | | | | | | | | | Enabling KERNEL_TRANSPARENT_HUGEPAGE exposes 2 missing symbols: * CONFIG_READ_ONLY_THP_FOR_FS * TRANSPARENT_HUGEPAGE_ALWAYS * TRANSPARENT_HUGEPAGE_MADVISE The first one was added in 5.4, and is marked experimental there so just disable it in the generic config. For the latter two, we should not force the user to use either of them, so add them as build-configurable kernel options. Fixes: d1a8217d87bf ("kernel: clean-up build-configurable kernel config symbols") Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: add menuconfig entry for kernel CONFIG_CGROUP_NET_CLASSIDDaniel Golle2020-07-311-0/+4
| | | | | | | | It was removed from target defaults though it didn't exist in the build-systems kernel configuration options. Add it there. Fixes: d1a8217d87 ("kernel: clean-up build-configurable kernel config symbols") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* kernel: clean-up build-configurable kernel config symbolsDaniel Golle2020-07-301-10/+39
| | | | | | | | | Don't explicitely disable options in target/linux/generic/config-* if they are already controlled in config/Config-kernel.in. Add a bunch of new symbols and prepare defaults for using only unified hierarchy (ie. cgroup2). Update symbol dependencies while at it Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* kernel: rename CONFIG_NETPRIO_CGROUP to CONFIG_CGROUP_NET_PRIOJavier Marcet2020-06-271-1/+1
| | | | | | This has been changed in kernel 3.14. Signed-off-by: Javier Marcet <javier@marcet.info>
* x86: make crashdump worksChen Minqiang2020-03-201-0/+4
| | | | | | | | | | | | | | | 1. KERNEL_CRASH_DUMP should depends on KERNEL_PROC_KCORE (kexec use it) 2. select crashkernel mem size by totalmem mem <= 256M disable crashkernel by default mem >= 4G use 256M for crashkernel mem >= 8G use 512M for crashkernel default use 128M 3. set BOOT_IMAGE in kdump.init 4. resolve a "Unhandled rela relocation: R_X86_64_PLT32" error Tested on x86_64 Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
* kernel: Use new symbol to deactivate MIPS FPU supportHauke Mehrtens2020-02-281-0/+5
| | | | | | | | | | | With kernel 5.4 the upstream kernel supports deactivating the FPU support on MIPS. Use this new upstream feature instead of our older patch which was removed when porting the kernel patches to kernel 5.4. This way both options are set which should work for older kernel versions and also new ones. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* build: Add additional kernel debug optionsHauke Mehrtens2020-02-221-0/+68
| | | | | | | | Make it possible to activate some additional kernel debug options. This can be used to debug some problems in kernel drivers. Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com> Reviewed-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* build: Add KCOV kernel code coverage for fuzzingHauke Mehrtens2020-02-221-0/+33
| | | | | | | The adds an option to activate KCOV (Code coverage for fuzzing). Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com> Reviewed-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* build: Add option KERNEL_KASANHauke Mehrtens2020-02-221-0/+52
| | | | | | | | The kernel kernel address sanitizer is able to detect some memory bugs in the kernel like out of range array accesses. Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com> Reviewed-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* build: Add option KERNEL_UBSANHauke Mehrtens2020-02-221-0/+35
| | | | | | | | The kernel Undefined Behavior Sanitizer is able to detect some memory bugs in the kernel like out of range array accesses. Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com> Reviewed-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* brcm2708: rename target to bcm27xxAdrian Schmutzler2020-02-141-1/+1
| | | | | | | | | | | | | | | | | This change makes the names of Broadcom targets consistent by using the common notation based on SoC/CPU ID (which is used internally anyway), bcmXXXX instead of brcmXXXX. This is even used for target TITLE in make menuconfig already, only the short target name used brcm so far. Despite, since subtargets range from bcm2708 to bcm2711, it seems appropriate to use bcm27xx instead of bcm2708 (again, as already done for BOARDNAME). This also renames the packages brcm2708-userland and brcm2708-gpu-fw. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> Acked-by: Álvaro Fernández Rojas <noltari@gmail.com>
* config: kernel: fix typo in HFSPLUG_FS_POSIX_ACLStijn Tintel2019-11-281-1/+1
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* config: kernel: only enable container features if !SMALL_FLASHDaniel Golle2019-09-121-2/+2
| | | | | | | | | | | | KERNEL_DEVPTS_MULTIPLE_INSTANCES and KERNEL_POSIX_MQUEUE were previously enabled by default only if KERNEL_LXC_MISC was selected. KERNEL_LXC_MISC was enabled only if the SMALL_FLASH (anti-)feature was not selected. Now that KERNEL_LXC_MISC no longer exists, make sure that those options are also only enabled by default for !SMALL_FLASH targets. Fixes: 4f94a331 ("config: kernel: remove KERNEL_LXC_MISC") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* config: kernel: remove KERNEL_LXC_MISCYousong Zhou2019-09-121-33/+22
| | | | | | | | | | Kernel features are neutral. The two cascaded features can also be useful for other container related tools It's also less error-prone if only kconfig symbols from the kernel are prefixed KERNEL_ Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* config: kernel: add KERNEL_X86_VSYSCALL_EMULATIONYousong Zhou2019-09-121-0/+18
| | | | | | | | | Binaries in container images may need this. E.g. nginx:1.7.9 used in k8s default deployment manifest file for demostration [1] [1] https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#creating-a-deployment Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* Make linux kernel builds reproducible when BUILDBOT selectedAlexander Couzens2019-07-021-0/+2
| | | | | | | | | | | The linux kernel is not reproducible because the build user and domain is included into the kernel. Set the build user to `builder` and build domain to buildhost. It's also possible to build reproducible builds by setting KERNEL_BUILD_USER KERNEL_BUILD_DOMAIN to static values. Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* config: enable some useful features on !SMALL_FLASH devicesDaniel Golle2019-06-121-16/+16
| | | | | | | | | | enable kernel features needed for procd-ujail, procd-seccomp, lxc and more on devices with big enough flash. Those packages are currently useless in binary builds due to missing kernel features. Enable the features on devices which can bare with the extra space consumption. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* config: kernel: Add KPROBE_EVENTS config optionPetr Štetiar2019-05-051-0/+4
| | | | | | | | | | | | | | | | | | | | | | | Upstream has renamed KPROBE_EVENT to KPROBE_EVENTS in the following commit: commit 6b0b7551428e4caae1e2c023a529465a9a9ae2d4 Author: Anton Blanchard <anton@samba.org> Date: Thu Feb 16 17:00:50 2017 +1100 perf/core: Rename CONFIG_[UK]PROBE_EVENT to CONFIG_[UK]PROBE_EVENTS We have uses of CONFIG_UPROBE_EVENT and CONFIG_KPROBE_EVENT as well as CONFIG_UPROBE_EVENTS and CONFIG_KPROBE_EVENTS. Consistently use the plurals. So I'm adding this plural option in order to make kconfig happy and stop asking about it if kernel is compiled with verbose logging: Enable kprobes-based dynamic events (KPROBE_EVENTS) [Y/n/?] (NEW) Signed-off-by: Petr Štetiar <ynezz@true.cz>
* config: kernel: Fix missing symbol on brcm2708 with CGROUPSDaniel F. Dickinson2019-02-171-0/+14
| | | | | | | | | | | | | | When CGROUP block io is enabled a new symbol is exposed and needs to be set or unset else kernel oldconfig hangs waiting for input during normal OpenWrt builds. Therefore add sane defaults for this symbol in that case. Also, the defaults brcm2708 are different than generic defaults because the platform's defconfig enables BLK_DEV_THROTTLING by default (in defconfig config from the patches used to match upstream's kernel, not in OpenWrt config-4.xx). Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com> [make KERNEL_BLK_DEV_THROTTLING_LOW depend on KERNEL_BLK_DEV_THROTTLING] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* config: extend small_flash featureAlex Maclean2018-07-121-3/+8
| | | | | | | | | | Extend the small_flash feature to disable swap, core dumps, and kernel debug info, and change the squashfs block size to 1024KiB. Also change squashfs fragment cache to 2 for small_flash to ease memory usage. Signed-off-by: Alex Maclean <monkeh@monkeh.net>
* kernel: only optimized for size if small_flashMathias Kresin2018-07-121-0/+22
| | | | | | | | | | | | | | | | | | | | | | | | Add a new config option to allow to select the default compile optimization level for the kernel. Select the optimization for size by default if the small_flash feature is set. Otherwise "Optimize for performance" is set. Add the small_flash feature flag to all (sub)targets which had the optimization for size in their default kernel config. Remove CC_OPTIMIZE_FOR_* symbols from all kernel configs to apply the new setting. Exceptions to the above are: - lantiq, where the optimization for size is only required for the xway_legacy subtarget but was set for the whole target - mediatek, ramips/mt7620 & ramips/mt76x8 where boards should have plenty of space and an optimization for size doesn't make much sense - rb532, which has 128MByte flash Signed-off-by: Mathias Kresin <dev@kresin.me>
* config: add config option for KERNEL_TASKSTATSJeremiah McConnell2018-07-071-0/+21
| | | | | | | | | | In order for monitoring tools such as atop and htop to track and report i/o data, kernel support for task statistics and io accounting is required. Add a config option to enable building this support in the kernel. Signed-off-by: Jeremiah McConnell <miah@miah.com>
* config: fix ARM64 dependency checkHauke Mehrtens2018-02-101-2/+2
| | | | | | The ARM64 CPUs use aarch64 config symbol, fix the depends lines. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* lantiq: ase: turn off fpu emulator in default buildYousong Zhou2018-01-291-1/+1
| | | | | | | | | | It was only enabled when the target was added back in commit 9b321bc ("lantiq: add Amazon-SE subtarget") Leave pistachio alone as devices of this target are not likely have small_flash or low_mem constraint Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* build: add config option KERNEL_MIPS_FPU_EMULATORYousong Zhou2018-01-291-0/+5
| | | | | | | To make it more accessible for nodejs users to configure and run a build on mips target lacking hardware fpu Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* kernel: allow disabling multicast routing supportMatthias Schiffer2018-01-111-1/+16
| | | | | | | | Multicast routing support is not needed in most setups, and increases the size of the kernel considerably (>10K after LZMA). Add a config switch to allow disabling it. Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* kernel: fix spelling in CONFIG_DEVTMPFS help textSascha Paunovic2017-12-111-1/+1
| | | | | | Change "ti" to "to", as that's the correct spelling. Signed-off-by: Sascha Paunovic <azarus@posteo.net>
* kernel: Make KERNEL_PERF_EVENTS selectableFlorian Fainelli2017-05-261-1/+1
| | | | | | | The kernel itself allows enabling/disabling CONFIG_PERF_EVENTS, so allow doing the same thing. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* kernel: enable CRASH_DUMP on supported platformsDaniel Golle2017-05-201-0/+10
| | | | | | | While we have CRASHLOG on MIPS it makes sense to support 'classic' kexec-based CRASH_DUMP on x86 and arm platforms. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* kernel: remove out of tree direct-io disable hackFelix Fietkau2017-04-261-4/+0
| | | | | | | Direct-IO support has to be enabled for the release build anyway, so this hack is not worth keeping Signed-off-by: Felix Fietkau <nbd@nbd.name>
* x86: disable crashlogFelix Fietkau2017-01-131-1/+1
| | | | | | | | It could cause crashes with some forms of virtualization, and it is unlikely to work properly with most systems. It's safer to just disable it. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: add KERNEL_DEVMEM and KERNEL_DEVKMEMHauke Mehrtens2016-12-241-0/+14
| | | | | | | | | These options are needed to create /dev/mem or /dev/kmem . /dev/mem is needed by the io tool to access raw hardware memory, which is helpful when debugging and developing drivers. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Acked-by: John Crispin <john@phrozen.org>
* kernel: add KERNEL_DEBUG_PINCTRL and KERNEL_DEBUG_GPIOHauke Mehrtens2016-12-101-0/+8
| | | | | | | | This makes it possible to activate the gpio and the pinctl debugging from LEDE menuconfig. Acked-by: John Crispin <john@phrozen.org> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* Add config symbols for kernel keyring supportNathaniel Wesley Filardo2016-09-021-0/+19
| | | | | | | | Enable selection of the kernel key retention framework and some of its additional facilities; see Documentation/security/keys.txt and security/keys/Kconfig for details Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
* kernel: Move POSIX ACL and attr support options into submenuDaniel Dickinson2016-07-051-72/+75
| | | | | | | Make global options menuconfig cleaner by moving POSIX ACL and attr support options into a submenu. Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
* kernel: Add option to make using filesystem ACL support the defaultDaniel Dickinson2016-06-301-0/+85
| | | | | | | This adds a configuration options that allows to make filesystem ACL support the default in the kernel, except for old nfs. Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>