bool "Support for paging of anonymous memory (swap)"
default y if !SMALL_FLASH
+config KERNEL_PROC_STRIPPED
+ bool "Strip non-essential /proc functionality to reduce code size"
+ default y if SMALL_FLASH
+
config KERNEL_DEBUG_FS
bool "Compile the kernel with debug filesystem enabled"
default y
write to these files. Many common debugging facilities, such as
ftrace, require the existence of debugfs.
-# remove KERNEL_MIPS_FPU_EMULATOR after kernel 4.14 and 4.14 are gone
-config KERNEL_MIPS_FPU_EMULATOR
- bool "Compile the kernel with MIPS FPU Emulator"
- default y if TARGET_pistachio
- depends on (mips || mipsel || mips64 || mips64el)
-
config KERNEL_MIPS_FP_SUPPORT
bool
- default y if KERNEL_MIPS_FPU_EMULATOR
+ default y if TARGET_pistachio
config KERNEL_ARM_PMU
bool
depends on KERNEL_FUNCTION_TRACER
default n
+config KERNEL_IRQSOFF_TRACER
+ bool "Interrupts-off Latency Tracer"
+ depends on KERNEL_FTRACE
+ help
+ This option measures the time spent in irqs-off critical
+ sections, with microsecond accuracy.
+
+ The default measurement method is a maximum search, which is
+ disabled by default and can be runtime (re-)started
+ via:
+
+ echo 0 > /sys/kernel/debug/tracing/tracing_max_latency
+
+ (Note that kernel size and overhead increase with this option
+ enabled. This option and the preempt-off timing option can be
+ used together or separately.)
+
+config KERNEL_PREEMPT_TRACER
+ bool "Preemption-off Latency Tracer"
+ depends on KERNEL_FTRACE
+ help
+ This option measures the time spent in preemption-off critical
+ sections, with microsecond accuracy.
+
+ The default measurement method is a maximum search, which is
+ disabled by default and can be runtime (re-)started
+ via:
+
+ echo 0 > /sys/kernel/debug/tracing/tracing_max_latency
+
+ (Note that kernel size and overhead increase with this option
+ enabled. This option and the irqs-off timing option can be
+ used together or separately.)
+
config KERNEL_DEBUG_KERNEL
bool
default n
bool "Compile the kernel with asynchronous IO support"
default y if !SMALL_FLASH
+config KERNEL_IO_URING
+ bool "Compile the kernel with io_uring support"
+ default y if !SMALL_FLASH
+ depends on LINUX_5_4
+
config KERNEL_FHANDLE
bool "Compile the kernel with support for fhandle syscalls"
default y if !SMALL_FLASH
endif
config KERNEL_KEYS
- bool "Enable kernel access key retention support"
- default n
+ bool "Enable kernel access key retention support"
+ default !SMALL_FLASH
config KERNEL_PERSISTENT_KEYRINGS
- bool "Enable kernel persistent keyrings"
- depends on KERNEL_KEYS
- default n
+ bool "Enable kernel persistent keyrings"
+ depends on KERNEL_KEYS
+ default n
-config KERNEL_BIG_KEYS
- bool "Enable large payload keys on kernel keyrings"
- depends on KERNEL_KEYS
- default n
+config KERNEL_KEYS_REQUEST_CACHE
+ bool "Enable temporary caching of the last request_key() result"
+ depends on KERNEL_KEYS
+ default n
-config KERNEL_ENCRYPTED_KEYS
- tristate "Enable keys with encrypted payloads on kernel keyrings"
- depends on KERNEL_KEYS
- default n
+config KERNEL_BIG_KEYS
+ bool "Enable large payload keys on kernel keyrings"
+ depends on KERNEL_KEYS
+ default n
#
# CGROUP support symbols
config KERNEL_IPV6_PIMSM_V2
def_bool n
+ config KERNEL_IPV6_SEG6_LWTUNNEL
+ def_bool y if !SMALL_FLASH
+ help
+ Using lwtunnel requires full-ip package.
+
+ config KERNEL_LWTUNNEL_BPF
+ def_bool n
+
endif
#
default 2 if (SMALL_FLASH && !LOW_MEMORY_FOOTPRINT)
default 3
+config KERNEL_SQUASHFS_XATTR
+ bool "Squashfs XATTR support"
+
#
# compile optimiziation setting
#
your compiler resulting in a smaller kernel.
endchoice
+
+config KERNEL_AUDIT
+ bool "Auditing support"
+
+config KERNEL_SECURITY
+ bool "Enable different security models"
+
+config KERNEL_SECURITY_NETWORK
+ bool "Socket and Networking Security Hooks"
+ select KERNEL_SECURITY
+
+config KERNEL_SECURITY_SELINUX
+ bool "NSA SELinux Support"
+ select KERNEL_SECURITY_NETWORK
+ select KERNEL_AUDIT
+
+config KERNEL_SECURITY_SELINUX_BOOTPARAM
+ bool "NSA SELinux boot parameter"
+ depends on KERNEL_SECURITY_SELINUX
+ default y
+
+config KERNEL_SECURITY_SELINUX_DISABLE
+ bool "NSA SELinux runtime disable"
+ depends on KERNEL_SECURITY_SELINUX
+
+config KERNEL_SECURITY_SELINUX_DEVELOP
+ bool "NSA SELinux Development Support"
+ depends on KERNEL_SECURITY_SELINUX
+ default y
+
+config KERNEL_LSM
+ string
+ default "lockdown,yama,loadpin,safesetid,integrity,selinux"
+ depends on KERNEL_SECURITY_SELINUX
+
+config KERNEL_EXT4_FS_SECURITY
+ bool "Ext4 Security Labels"
+
+config KERNEL_F2FS_FS_SECURITY
+ bool "F2FS Security Labels"
+
+config KERNEL_UBIFS_FS_SECURITY
+ bool "UBIFS Security Labels"
+
+config KERNEL_JFFS2_FS_SECURITY
+ bool "JFFS2 Security Labels"
projects / openwrt / staging / jow.git / blobdiff