| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enable the ability to use segment routing based on IPv6. It allows the
packet to specify a path that the packet should take through the
network.
Lwtunnel allow an easy encapsulation of a package. You can just install
ip-full package and use it:
ip -6 route add 2003::/64 dev eth0 encap seg6 mode encap \
segs 2001::1,2002::2
An IPv6 package looks like this:
[IPv6 HDR][IPv6 RH][IPv6 HDR][Data...]
Netifd support:
https://git.openwrt.org/?p=project/netifd.git;
a=commit;h=458b1a7e9473c150a40cae5d8be174f4bb03bd39
Increases imagesize by 24.125 KiB. Therefore, only enable for devices
with enough flash.
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, you are not able to get statistics about IPv4 and IPv6
usage. This information can be collected via the snmp and snmp6.
However, in the current state this interface is disabled as you can
read in the "902-debloat_proc.patch":
"Strip non-essential /proc functionality to reduce code size"
Tools like netstat use the snmp/6 interface to collect interface
statistics. Some prometheus exporters also mention this:
- prometheus-collectors/netstat.lua
- prometheus-collectors/snmp6 (still a PR)
- collectd/snmp6 (still a PR)
PRs:
- https://github.com/collectd/collectd/pull/3789
- https://github.com/openwrt/packages/pull/14158
Instead of enabling it as default for all devices we condition it
default y if SMALL_FLASH
A test shows it needs around 16 kiB.
Signed-off-by: Nick Hainke <vincent@systemli.org>
[fixed whitespace issue]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* add KERNEL_IO_URING option
NOTES:
Adds configurable support for the io_uring interface (CONFIG_IO_URING) via KERNEL_IO_URING option.
The kernel only zImage grows by about 5-9KB ?
I would like to enable this by default for all 5.4 kernels, so i can use the new io_uring samba-4.12.x vfs module by default.
The associated liburing was already submitted and merged.
The kernel + liburing was tested on ARM/mvebu via samba4 vfs_io_uring module and i have no issues so far.
Some extra reads on it and why we should enable it by default, since i expect more packages to use this in the future.
https://wiki.samba.org/index.php/Samba_4.12_Features_added/changed#.27io_uring.27_vfs_module
https://lwn.net/Articles/810414/
https://kernel.dk/io_uring.pdf
https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.6-IO-uring-Tests
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds the CONFIG_IRQSOFF_TRACER and the CONFIG_PREEMPT_TRACER kernel
configuration option to the OpenWrt menu. This can be used to debug
latencies in the system.
The CONFIG_PREEMPT_TRACER option needs the CONFIG_PREEMPT option which is
supposed to be used for Low-Latency Desktop and not used by many targets
in OpenWrt.
The help text is copied from the Linux kernel Kconfig.
Signed-off-by: Hauke Mehrtens <hmehrtens@maxlinear.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enable CONFIG_KEYS by default on systems which are not marked as
flash-space constraint by the 'small_flash' feature.
CONFIG_KEYS is required by Docker, enabling it in our kernel allows
users to run Docker on stock OpenWrt.
It is also used of by some network file systems (such as NFSv4) to
store credentials as well as UID/GID mappings.
Adds about 50kB to vmlinux on ath79/generic (~18kB compressed)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
|
|
|
| |
Add KERNEL_KEYS_REQUEST_CACHE option.
'tristate' (ie. module builds) are not valid in Config-kernel.in, hence
remove tristate KERNEL_ENCRYPTED_KEYS. It will be readded as a kernel
module in a follow-up commit.
Fixes: 39d817cf38 ("Add config symbols for kernel keyring support")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
|
|
| |
The pistachio target uses a MIPS CPU with FPU and OpenWrt uses a
toolchain with hard FPU support. MIPS FPU support needs the FPU
emulation code in the kernel.
Fixes: ac5671f46cb4 ("kernel: remove obsolete kernel version switches for 4.19")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
| |
This removes switches dependent on kernel version 4.19 as well as
several packages/modules selected only for that version.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
|
|
|
|
|
|
|
|
|
| |
In order to make it easier for users to build with SELinux, have a
single option in 'Global build settings' to enable all necessary
kernel features, userland packages and build-system hooks.
Also add better descriptions and help messages while at it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The LSM (Linux security mechanism) list is the successor of the now
legacy *major LSM*. Instead of defining a single security mechanism the
LSM symbol is a comma separated list of mechanisms to load.
Until recently OpenWrt would only support DAC (Unix discretionary access
controls) which don't require an additional entry in the LSM list. With
the newly introduced SELinux support the LSM needs to be extended else
only a manual modified Kernel cmdline (`security=selinux`) would
activate SELinux.
As the default OpenWrt Kernel config sets DAC as default security
mechanism, SELinux is stripped from the LSM list, even if
`KERNEL_DEFAULT_SECURITY_SELINUX` is activated. To allow SELinux without
a modified cmdline this commit sets a specific LSM list if
`KERNEL_SECURITY_SELINUX` is enabled.
The upstream Kconfig adds even more mechanisms
(smack,selinux,tomoyo,apparmor), but until they're ported to OpenWrt,
these can be ignored.
To compile SELinux Kernel support but disable it from loading, the
already present options `KERNEL_SECURITY_SELINUX_DISABLE` or
`KERNEL_SECURITY_SELINUX_BOOTPARAM` (with custom cmdline `selinux=0`)
can be used. Further it's possible to edit `/etc/selinux/config`.
Signed-off-by: Paul Spooren <mail@aparcar.org>
|
|
|
|
|
|
|
|
|
|
| |
This removes switches dependent on kernel version 4.14 as well as
several packages/modules selected only for that version.
This also removes sched-cake-virtual, which is not required anymore
now that we have only one variant of cake.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
|
|
|
|
|
|
|
|
|
|
| |
This adds a number of options to config/Config-kernel.in so that
packages related to SELinux support can enable the appropriate Linux
kernel support.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[rebase; add ext4, F2FS, UBIFS, and JFFS2 support; add commit message]
Signed-off-by: W. Michael Petullo <mike@flyn.org>
|
|
|
|
|
|
|
| |
The symbol KERNEL_CGROUP_HUGETLB is always used whenever KERNEL_CGROUPS is enabled.
The absence of this notation will cause the user to be asked to enter this parameter the first time it is compiled.
Signed-off-by: Yuan Tao <ty@wevs.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove `if !SMALL_FLASH` in places which are anyway already augmented
by `if !SMALL_FLASH`.
Always enable CONFIG_BLK_DEV_THROTTLING on !SMALL_FLASH devices rather
than just enabling it on bcm27xx.
Enabled CPU bandwidth provisioning for FAIR_GROUP_SCHED on !SMALL_FLASH
devices as CONFIG_FAIR_GROUP_SCHED is already enabled and becomes more
useful for cgroups with that option enbled as well.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enabling KERNEL_TRANSPARENT_HUGEPAGE exposes 2 missing symbols:
* CONFIG_READ_ONLY_THP_FOR_FS
* TRANSPARENT_HUGEPAGE_ALWAYS
* TRANSPARENT_HUGEPAGE_MADVISE
The first one was added in 5.4, and is marked experimental there so just
disable it in the generic config.
For the latter two, we should not force the user to use either of them,
so add them as build-configurable kernel options.
Fixes: d1a8217d87bf ("kernel: clean-up build-configurable kernel config symbols")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
|
|
|
|
|
|
| |
It was removed from target defaults though it didn't exist in the
build-systems kernel configuration options. Add it there.
Fixes: d1a8217d87 ("kernel: clean-up build-configurable kernel config symbols")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
|
|
| |
Don't explicitely disable options in target/linux/generic/config-* if
they are already controlled in config/Config-kernel.in.
Add a bunch of new symbols and prepare defaults for using only unified
hierarchy (ie. cgroup2). Update symbol dependencies while at it
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
| |
This has been changed in kernel 3.14.
Signed-off-by: Javier Marcet <javier@marcet.info>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. KERNEL_CRASH_DUMP should depends on KERNEL_PROC_KCORE (kexec use it)
2. select crashkernel mem size by totalmem
mem <= 256M disable crashkernel by default
mem >= 4G use 256M for crashkernel
mem >= 8G use 512M for crashkernel
default use 128M
3. set BOOT_IMAGE in kdump.init
4. resolve a "Unhandled rela relocation: R_X86_64_PLT32" error
Tested on x86_64
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
With kernel 5.4 the upstream kernel supports deactivating the FPU
support on MIPS. Use this new upstream feature instead of our older
patch which was removed when porting the kernel patches to kernel 5.4.
This way both options are set which should work for older kernel
versions and also new ones.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
| |
Make it possible to activate some additional kernel debug options.
This can be used to debug some problems in kernel drivers.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Reviewed-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
|
|
|
|
|
|
| |
The adds an option to activate KCOV (Code coverage for fuzzing).
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Reviewed-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
|
|
|
|
|
|
|
| |
The kernel kernel address sanitizer is able to detect some memory
bugs in the kernel like out of range array accesses.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Reviewed-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
|
|
|
|
|
|
|
| |
The kernel Undefined Behavior Sanitizer is able to detect some memory
bugs in the kernel like out of range array accesses.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Reviewed-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change makes the names of Broadcom targets consistent by using
the common notation based on SoC/CPU ID (which is used internally
anyway), bcmXXXX instead of brcmXXXX.
This is even used for target TITLE in make menuconfig already,
only the short target name used brcm so far.
Despite, since subtargets range from bcm2708 to bcm2711, it seems
appropriate to use bcm27xx instead of bcm2708 (again, as already done
for BOARDNAME).
This also renames the packages brcm2708-userland and brcm2708-gpu-fw.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Acked-by: Álvaro Fernández Rojas <noltari@gmail.com>
|
|
|
|
| |
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
|
|
|
|
|
|
|
|
|
|
| |
KERNEL_DEVPTS_MULTIPLE_INSTANCES and KERNEL_POSIX_MQUEUE were
previously enabled by default only if KERNEL_LXC_MISC was selected.
KERNEL_LXC_MISC was enabled only if the SMALL_FLASH (anti-)feature
was not selected.
Now that KERNEL_LXC_MISC no longer exists, make sure that those
options are also only enabled by default for !SMALL_FLASH targets.
Fixes: 4f94a331 ("config: kernel: remove KERNEL_LXC_MISC")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
|
|
|
| |
Kernel features are neutral. The two cascaded features can also be
useful for other container related tools
It's also less error-prone if only kconfig symbols from the kernel are
prefixed KERNEL_
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Binaries in container images may need this. E.g. nginx:1.7.9 used in
k8s default deployment manifest file for demostration [1]
[1] https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#creating-a-deployment
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The linux kernel is not reproducible because the build user
and domain is included into the kernel. Set the build user
to `builder` and build domain to buildhost.
It's also possible to build reproducible builds by setting
KERNEL_BUILD_USER KERNEL_BUILD_DOMAIN to static values.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
|
|
|
|
|
|
|
|
|
|
| |
enable kernel features needed for procd-ujail, procd-seccomp, lxc and
more on devices with big enough flash. Those packages are currently
useless in binary builds due to missing kernel features.
Enable the features on devices which can bare with the extra space
consumption.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upstream has renamed KPROBE_EVENT to KPROBE_EVENTS in the following
commit:
commit 6b0b7551428e4caae1e2c023a529465a9a9ae2d4
Author: Anton Blanchard <anton@samba.org>
Date: Thu Feb 16 17:00:50 2017 +1100
perf/core: Rename CONFIG_[UK]PROBE_EVENT to CONFIG_[UK]PROBE_EVENTS
We have uses of CONFIG_UPROBE_EVENT and CONFIG_KPROBE_EVENT as
well as CONFIG_UPROBE_EVENTS and CONFIG_KPROBE_EVENTS.
Consistently use the plurals.
So I'm adding this plural option in order to make kconfig happy and stop
asking about it if kernel is compiled with verbose logging:
Enable kprobes-based dynamic events (KPROBE_EVENTS) [Y/n/?] (NEW)
Signed-off-by: Petr Štetiar <ynezz@true.cz>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When CGROUP block io is enabled a new symbol is exposed and needs to
be set or unset else kernel oldconfig hangs waiting for input during
normal OpenWrt builds. Therefore add sane defaults for this symbol
in that case. Also, the defaults brcm2708 are different than generic
defaults because the platform's defconfig enables BLK_DEV_THROTTLING
by default (in defconfig config from the patches used to match
upstream's kernel, not in OpenWrt config-4.xx).
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
[make KERNEL_BLK_DEV_THROTTLING_LOW depend on KERNEL_BLK_DEV_THROTTLING]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
|
| |
Extend the small_flash feature to disable swap, core dumps, and
kernel debug info, and change the squashfs block size to 1024KiB.
Also change squashfs fragment cache to 2 for small_flash to ease memory
usage.
Signed-off-by: Alex Maclean <monkeh@monkeh.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new config option to allow to select the default compile
optimization level for the kernel.
Select the optimization for size by default if the small_flash feature is
set. Otherwise "Optimize for performance" is set.
Add the small_flash feature flag to all (sub)targets which had the
optimization for size in their default kernel config.
Remove CC_OPTIMIZE_FOR_* symbols from all kernel configs to apply the new
setting.
Exceptions to the above are:
- lantiq, where the optimization for size is only required for the
xway_legacy subtarget but was set for the whole target
- mediatek, ramips/mt7620 & ramips/mt76x8 where boards should have
plenty of space and an optimization for size doesn't make much sense
- rb532, which has 128MByte flash
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
|
|
|
|
|
|
|
|
| |
In order for monitoring tools such as atop and htop to track and report
i/o data, kernel support for task statistics and io accounting is
required.
Add a config option to enable building this support in the kernel.
Signed-off-by: Jeremiah McConnell <miah@miah.com>
|
|
|
|
|
|
| |
The ARM64 CPUs use aarch64 config symbol, fix the depends lines.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
|
| |
It was only enabled when the target was added back in commit 9b321bc
("lantiq: add Amazon-SE subtarget")
Leave pistachio alone as devices of this target are not likely have
small_flash or low_mem constraint
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
|
|
|
|
|
|
| |
To make it more accessible for nodejs users to configure and run a build
on mips target lacking hardware fpu
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
|
|
|
|
|
|
|
| |
Multicast routing support is not needed in most setups, and increases the
size of the kernel considerably (>10K after LZMA). Add a config switch to
allow disabling it.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
|
|
|
|
|
| |
Change "ti" to "to", as that's the correct spelling.
Signed-off-by: Sascha Paunovic <azarus@posteo.net>
|
|
|
|
|
|
|
| |
The kernel itself allows enabling/disabling CONFIG_PERF_EVENTS, so allow
doing the same thing.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
|
|
|
|
|
|
|
| |
While we have CRASHLOG on MIPS it makes sense to support 'classic'
kexec-based CRASH_DUMP on x86 and arm platforms.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
| |
Direct-IO support has to be enabled for the release build anyway, so
this hack is not worth keeping
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
| |
It could cause crashes with some forms of virtualization, and it is
unlikely to work properly with most systems.
It's safer to just disable it.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
| |
These options are needed to create /dev/mem or /dev/kmem .
/dev/mem is needed by the io tool to access raw hardware memory, which
is helpful when debugging and developing drivers.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: John Crispin <john@phrozen.org>
|
|
|
|
|
|
|
|
| |
This makes it possible to activate the gpio and the pinctl debugging
from LEDE menuconfig.
Acked-by: John Crispin <john@phrozen.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
| |
Enable selection of the kernel key retention framework and some of its
additional facilities; see Documentation/security/keys.txt and
security/keys/Kconfig for details
Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
|
|
|
|
|
|
|
| |
Make global options menuconfig cleaner by moving POSIX ACL
and attr support options into a submenu.
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
|
|
|
|
|
|
|
| |
This adds a configuration options that allows to make filesystem ACL support
the default in the kernel, except for old nfs.
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
|