mirror of
https://github.com/FEX-Emu/linux.git
synced 2024-12-24 02:18:54 +00:00
d9eaec9e29
* 'audit.b21' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: (25 commits) [PATCH] make set_loginuid obey audit_enabled [PATCH] log more info for directory entry change events [PATCH] fix AUDIT_FILTER_PREPEND handling [PATCH] validate rule fields' types [PATCH] audit: path-based rules [PATCH] Audit of POSIX Message Queue Syscalls v.2 [PATCH] fix se_sen audit filter [PATCH] deprecate AUDIT_POSSBILE [PATCH] inline more audit helpers [PATCH] proc_loginuid_write() uses simple_strtoul() on non-terminated array [PATCH] update of IPC audit record cleanup [PATCH] minor audit updates [PATCH] fix audit_krule_to_{rule,data} return values [PATCH] add filtering by ppid [PATCH] log ppid [PATCH] collect sid of those who send signals to auditd [PATCH] execve argument logging [PATCH] fix deadlocks in AUDIT_LIST/AUDIT_LIST_RULES [PATCH] audit_panic() is audit-internal [PATCH] inotify (5/5): update kernel documentation ... Manual fixup of conflict in unclude/linux/inotify.h
480 lines
17 KiB
Plaintext
480 lines
17 KiB
Plaintext
menu "Code maturity level options"
|
|
|
|
config EXPERIMENTAL
|
|
bool "Prompt for development and/or incomplete code/drivers"
|
|
---help---
|
|
Some of the various things that Linux supports (such as network
|
|
drivers, file systems, network protocols, etc.) can be in a state
|
|
of development where the functionality, stability, or the level of
|
|
testing is not yet high enough for general use. This is usually
|
|
known as the "alpha-test" phase among developers. If a feature is
|
|
currently in alpha-test, then the developers usually discourage
|
|
uninformed widespread use of this feature by the general public to
|
|
avoid "Why doesn't this work?" type mail messages. However, active
|
|
testing and use of these systems is welcomed. Just be aware that it
|
|
may not meet the normal level of reliability or it may fail to work
|
|
in some special cases. Detailed bug reports from people familiar
|
|
with the kernel internals are usually welcomed by the developers
|
|
(before submitting bug reports, please read the documents
|
|
<file:README>, <file:MAINTAINERS>, <file:REPORTING-BUGS>,
|
|
<file:Documentation/BUG-HUNTING>, and
|
|
<file:Documentation/oops-tracing.txt> in the kernel source).
|
|
|
|
This option will also make obsoleted drivers available. These are
|
|
drivers that have been replaced by something else, and/or are
|
|
scheduled to be removed in a future kernel release.
|
|
|
|
Unless you intend to help test and develop a feature or driver that
|
|
falls into this category, or you have a situation that requires
|
|
using these features, you should probably say N here, which will
|
|
cause the configurator to present you with fewer choices. If
|
|
you say Y here, you will be offered the choice of using features or
|
|
drivers that are currently considered to be in the alpha-test phase.
|
|
|
|
config BROKEN
|
|
bool
|
|
|
|
config BROKEN_ON_SMP
|
|
bool
|
|
depends on BROKEN || !SMP
|
|
default y
|
|
|
|
config LOCK_KERNEL
|
|
bool
|
|
depends on SMP || PREEMPT
|
|
default y
|
|
|
|
config INIT_ENV_ARG_LIMIT
|
|
int
|
|
default 32 if !USERMODE
|
|
default 128 if USERMODE
|
|
help
|
|
Maximum of each of the number of arguments and environment
|
|
variables passed to init from the kernel command line.
|
|
|
|
endmenu
|
|
|
|
menu "General setup"
|
|
|
|
config LOCALVERSION
|
|
string "Local version - append to kernel release"
|
|
help
|
|
Append an extra string to the end of your kernel version.
|
|
This will show up when you type uname, for example.
|
|
The string you set here will be appended after the contents of
|
|
any files with a filename matching localversion* in your
|
|
object and source tree, in that order. Your total string can
|
|
be a maximum of 64 characters.
|
|
|
|
config LOCALVERSION_AUTO
|
|
bool "Automatically append version information to the version string"
|
|
default y
|
|
help
|
|
This will try to automatically determine if the current tree is a
|
|
release tree by looking for git tags that
|
|
belong to the current top of tree revision.
|
|
|
|
A string of the format -gxxxxxxxx will be added to the localversion
|
|
if a git based tree is found. The string generated by this will be
|
|
appended after any matching localversion* files, and after the value
|
|
set in CONFIG_LOCALVERSION
|
|
|
|
Note: This requires Perl, and a git repository, but not necessarily
|
|
the git or cogito tools to be installed.
|
|
|
|
config SWAP
|
|
bool "Support for paging of anonymous memory (swap)"
|
|
depends on MMU
|
|
default y
|
|
help
|
|
This option allows you to choose whether you want to have support
|
|
for so called swap devices or swap files in your kernel that are
|
|
used to provide more virtual memory than the actual RAM present
|
|
in your computer. If unsure say Y.
|
|
|
|
config SYSVIPC
|
|
bool "System V IPC"
|
|
---help---
|
|
Inter Process Communication is a suite of library functions and
|
|
system calls which let processes (running programs) synchronize and
|
|
exchange information. It is generally considered to be a good thing,
|
|
and some programs won't run unless you say Y here. In particular, if
|
|
you want to run the DOS emulator dosemu under Linux (read the
|
|
DOSEMU-HOWTO, available from <http://www.tldp.org/docs.html#howto>),
|
|
you'll need to say Y here.
|
|
|
|
You can find documentation about IPC with "info ipc" and also in
|
|
section 6.4 of the Linux Programmer's Guide, available from
|
|
<http://www.tldp.org/guides.html>.
|
|
|
|
config POSIX_MQUEUE
|
|
bool "POSIX Message Queues"
|
|
depends on NET && EXPERIMENTAL
|
|
---help---
|
|
POSIX variant of message queues is a part of IPC. In POSIX message
|
|
queues every message has a priority which decides about succession
|
|
of receiving it by a process. If you want to compile and run
|
|
programs written e.g. for Solaris with use of its POSIX message
|
|
queues (functions mq_*) say Y here. To use this feature you will
|
|
also need mqueue library, available from
|
|
<http://www.mat.uni.torun.pl/~wrona/posix_ipc/>
|
|
|
|
POSIX message queues are visible as a filesystem called 'mqueue'
|
|
and can be mounted somewhere if you want to do filesystem
|
|
operations on message queues.
|
|
|
|
If unsure, say Y.
|
|
|
|
config BSD_PROCESS_ACCT
|
|
bool "BSD Process Accounting"
|
|
help
|
|
If you say Y here, a user level program will be able to instruct the
|
|
kernel (via a special system call) to write process accounting
|
|
information to a file: whenever a process exits, information about
|
|
that process will be appended to the file by the kernel. The
|
|
information includes things such as creation time, owning user,
|
|
command name, memory usage, controlling terminal etc. (the complete
|
|
list is in the struct acct in <file:include/linux/acct.h>). It is
|
|
up to the user level program to do useful things with this
|
|
information. This is generally a good idea, so say Y.
|
|
|
|
config BSD_PROCESS_ACCT_V3
|
|
bool "BSD Process Accounting version 3 file format"
|
|
depends on BSD_PROCESS_ACCT
|
|
default n
|
|
help
|
|
If you say Y here, the process accounting information is written
|
|
in a new file format that also logs the process IDs of each
|
|
process and it's parent. Note that this file format is incompatible
|
|
with previous v0/v1/v2 file formats, so you will need updated tools
|
|
for processing it. A preliminary version of these tools is available
|
|
at <http://www.physik3.uni-rostock.de/tim/kernel/utils/acct/>.
|
|
|
|
config SYSCTL
|
|
bool "Sysctl support"
|
|
---help---
|
|
The sysctl interface provides a means of dynamically changing
|
|
certain kernel parameters and variables on the fly without requiring
|
|
a recompile of the kernel or reboot of the system. The primary
|
|
interface consists of a system call, but if you say Y to "/proc
|
|
file system support", a tree of modifiable sysctl entries will be
|
|
generated beneath the /proc/sys directory. They are explained in the
|
|
files in <file:Documentation/sysctl/>. Note that enabling this
|
|
option will enlarge the kernel by at least 8 KB.
|
|
|
|
As it is generally a good thing, you should say Y here unless
|
|
building a kernel for install/rescue disks or your system is very
|
|
limited in memory.
|
|
|
|
config AUDIT
|
|
bool "Auditing support"
|
|
depends on NET
|
|
help
|
|
Enable auditing infrastructure that can be used with another
|
|
kernel subsystem, such as SELinux (which requires this for
|
|
logging of avc messages output). Does not do system-call
|
|
auditing without CONFIG_AUDITSYSCALL.
|
|
|
|
config AUDITSYSCALL
|
|
bool "Enable system-call auditing support"
|
|
depends on AUDIT && (X86 || PPC || PPC64 || S390 || IA64 || UML || SPARC64)
|
|
default y if SECURITY_SELINUX
|
|
help
|
|
Enable low-overhead system-call auditing infrastructure that
|
|
can be used independently or with another kernel subsystem,
|
|
such as SELinux. To use audit's filesystem watch feature, please
|
|
ensure that INOTIFY is configured.
|
|
|
|
config IKCONFIG
|
|
bool "Kernel .config support"
|
|
---help---
|
|
This option enables the complete Linux kernel ".config" file
|
|
contents to be saved in the kernel. It provides documentation
|
|
of which kernel options are used in a running kernel or in an
|
|
on-disk kernel. This information can be extracted from the kernel
|
|
image file with the script scripts/extract-ikconfig and used as
|
|
input to rebuild the current kernel or to build another kernel.
|
|
It can also be extracted from a running kernel by reading
|
|
/proc/config.gz if enabled (below).
|
|
|
|
config IKCONFIG_PROC
|
|
bool "Enable access to .config through /proc/config.gz"
|
|
depends on IKCONFIG && PROC_FS
|
|
---help---
|
|
This option enables access to the kernel configuration file
|
|
through /proc/config.gz.
|
|
|
|
config CPUSETS
|
|
bool "Cpuset support"
|
|
depends on SMP
|
|
help
|
|
This option will let you create and manage CPUSETs which
|
|
allow dynamically partitioning a system into sets of CPUs and
|
|
Memory Nodes and assigning tasks to run only within those sets.
|
|
This is primarily useful on large SMP or NUMA systems.
|
|
|
|
Say N if unsure.
|
|
|
|
config RELAY
|
|
bool "Kernel->user space relay support (formerly relayfs)"
|
|
help
|
|
This option enables support for relay interface support in
|
|
certain file systems (such as debugfs).
|
|
It is designed to provide an efficient mechanism for tools and
|
|
facilities to relay large amounts of data from kernel space to
|
|
user space.
|
|
|
|
If unsure, say N.
|
|
|
|
source "usr/Kconfig"
|
|
|
|
config UID16
|
|
bool "Enable 16-bit UID system calls" if EMBEDDED
|
|
depends on ARM || CRIS || FRV || H8300 || X86_32 || M68K || (S390 && !64BIT) || SUPERH || SPARC32 || (SPARC64 && SPARC32_COMPAT) || UML || (X86_64 && IA32_EMULATION)
|
|
default y
|
|
help
|
|
This enables the legacy 16-bit UID syscall wrappers.
|
|
|
|
config VM86
|
|
depends X86
|
|
default y
|
|
bool "Enable VM86 support" if EMBEDDED
|
|
help
|
|
This option is required by programs like DOSEMU to run 16-bit legacy
|
|
code on X86 processors. It also may be needed by software like
|
|
XFree86 to initialize some video cards via BIOS. Disabling this
|
|
option saves about 6k.
|
|
|
|
config CC_OPTIMIZE_FOR_SIZE
|
|
bool "Optimize for size (Look out for broken compilers!)"
|
|
default y
|
|
depends on ARM || H8300 || EXPERIMENTAL
|
|
help
|
|
Enabling this option will pass "-Os" instead of "-O2" to gcc
|
|
resulting in a smaller kernel.
|
|
|
|
WARNING: some versions of gcc may generate incorrect code with this
|
|
option. If problems are observed, a gcc upgrade may be needed.
|
|
|
|
If unsure, say N.
|
|
|
|
menuconfig EMBEDDED
|
|
bool "Configure standard kernel features (for small systems)"
|
|
help
|
|
This option allows certain base kernel options and settings
|
|
to be disabled or tweaked. This is for specialized
|
|
environments which can tolerate a "non-standard" kernel.
|
|
Only use this if you really know what you are doing.
|
|
|
|
config KALLSYMS
|
|
bool "Load all symbols for debugging/kksymoops" if EMBEDDED
|
|
default y
|
|
help
|
|
Say Y here to let the kernel print out symbolic crash information and
|
|
symbolic stack backtraces. This increases the size of the kernel
|
|
somewhat, as all symbols have to be loaded into the kernel image.
|
|
|
|
config KALLSYMS_ALL
|
|
bool "Include all symbols in kallsyms"
|
|
depends on DEBUG_KERNEL && KALLSYMS
|
|
help
|
|
Normally kallsyms only contains the symbols of functions, for nicer
|
|
OOPS messages. Some debuggers can use kallsyms for other
|
|
symbols too: say Y here to include all symbols, if you need them
|
|
and you don't care about adding 300k to the size of your kernel.
|
|
|
|
Say N.
|
|
|
|
config KALLSYMS_EXTRA_PASS
|
|
bool "Do an extra kallsyms pass"
|
|
depends on KALLSYMS
|
|
help
|
|
If kallsyms is not working correctly, the build will fail with
|
|
inconsistent kallsyms data. If that occurs, log a bug report and
|
|
turn on KALLSYMS_EXTRA_PASS which should result in a stable build.
|
|
Always say N here unless you find a bug in kallsyms, which must be
|
|
reported. KALLSYMS_EXTRA_PASS is only a temporary workaround while
|
|
you wait for kallsyms to be fixed.
|
|
|
|
|
|
config HOTPLUG
|
|
bool "Support for hot-pluggable devices" if EMBEDDED
|
|
default y
|
|
help
|
|
This option is provided for the case where no hotplug or uevent
|
|
capabilities is wanted by the kernel. You should only consider
|
|
disabling this option for embedded systems that do not use modules, a
|
|
dynamic /dev tree, or dynamic device discovery. Just say Y.
|
|
|
|
config PRINTK
|
|
default y
|
|
bool "Enable support for printk" if EMBEDDED
|
|
help
|
|
This option enables normal printk support. Removing it
|
|
eliminates most of the message strings from the kernel image
|
|
and makes the kernel more or less silent. As this makes it
|
|
very difficult to diagnose system problems, saying N here is
|
|
strongly discouraged.
|
|
|
|
config BUG
|
|
bool "BUG() support" if EMBEDDED
|
|
default y
|
|
help
|
|
Disabling this option eliminates support for BUG and WARN, reducing
|
|
the size of your kernel image and potentially quietly ignoring
|
|
numerous fatal conditions. You should only consider disabling this
|
|
option for embedded systems with no facilities for reporting errors.
|
|
Just say Y.
|
|
|
|
config ELF_CORE
|
|
default y
|
|
bool "Enable ELF core dumps" if EMBEDDED
|
|
help
|
|
Enable support for generating core dumps. Disabling saves about 4k.
|
|
|
|
config BASE_FULL
|
|
default y
|
|
bool "Enable full-sized data structures for core" if EMBEDDED
|
|
help
|
|
Disabling this option reduces the size of miscellaneous core
|
|
kernel data structures. This saves memory on small machines,
|
|
but may reduce performance.
|
|
|
|
config FUTEX
|
|
bool "Enable futex support" if EMBEDDED
|
|
default y
|
|
help
|
|
Disabling this option will cause the kernel to be built without
|
|
support for "fast userspace mutexes". The resulting kernel may not
|
|
run glibc-based applications correctly.
|
|
|
|
config EPOLL
|
|
bool "Enable eventpoll support" if EMBEDDED
|
|
default y
|
|
help
|
|
Disabling this option will cause the kernel to be built without
|
|
support for epoll family of system calls.
|
|
|
|
config SHMEM
|
|
bool "Use full shmem filesystem" if EMBEDDED
|
|
default y
|
|
depends on MMU
|
|
help
|
|
The shmem is an internal filesystem used to manage shared memory.
|
|
It is backed by swap and manages resource limits. It is also exported
|
|
to userspace as tmpfs if TMPFS is enabled. Disabling this
|
|
option replaces shmem and tmpfs with the much simpler ramfs code,
|
|
which may be appropriate on small systems without swap.
|
|
|
|
config SLAB
|
|
default y
|
|
bool "Use full SLAB allocator" if EMBEDDED
|
|
help
|
|
Disabling this replaces the advanced SLAB allocator and
|
|
kmalloc support with the drastically simpler SLOB allocator.
|
|
SLOB is more space efficient but does not scale well and is
|
|
more susceptible to fragmentation.
|
|
|
|
endmenu # General setup
|
|
|
|
config TINY_SHMEM
|
|
default !SHMEM
|
|
bool
|
|
|
|
config BASE_SMALL
|
|
int
|
|
default 0 if BASE_FULL
|
|
default 1 if !BASE_FULL
|
|
|
|
config SLOB
|
|
default !SLAB
|
|
bool
|
|
|
|
menu "Loadable module support"
|
|
|
|
config MODULES
|
|
bool "Enable loadable module support"
|
|
help
|
|
Kernel modules are small pieces of compiled code which can
|
|
be inserted in the running kernel, rather than being
|
|
permanently built into the kernel. You use the "modprobe"
|
|
tool to add (and sometimes remove) them. If you say Y here,
|
|
many parts of the kernel can be built as modules (by
|
|
answering M instead of Y where indicated): this is most
|
|
useful for infrequently used options which are not required
|
|
for booting. For more information, see the man pages for
|
|
modprobe, lsmod, modinfo, insmod and rmmod.
|
|
|
|
If you say Y here, you will need to run "make
|
|
modules_install" to put the modules under /lib/modules/
|
|
where modprobe can find them (you may need to be root to do
|
|
this).
|
|
|
|
If unsure, say Y.
|
|
|
|
config MODULE_UNLOAD
|
|
bool "Module unloading"
|
|
depends on MODULES
|
|
help
|
|
Without this option you will not be able to unload any
|
|
modules (note that some modules may not be unloadable
|
|
anyway), which makes your kernel slightly smaller and
|
|
simpler. If unsure, say Y.
|
|
|
|
config MODULE_FORCE_UNLOAD
|
|
bool "Forced module unloading"
|
|
depends on MODULE_UNLOAD && EXPERIMENTAL
|
|
help
|
|
This option allows you to force a module to unload, even if the
|
|
kernel believes it is unsafe: the kernel will remove the module
|
|
without waiting for anyone to stop using it (using the -f option to
|
|
rmmod). This is mainly for kernel developers and desperate users.
|
|
If unsure, say N.
|
|
|
|
config MODVERSIONS
|
|
bool "Module versioning support"
|
|
depends on MODULES
|
|
help
|
|
Usually, you have to use modules compiled with your kernel.
|
|
Saying Y here makes it sometimes possible to use modules
|
|
compiled for different kernels, by adding enough information
|
|
to the modules to (hopefully) spot any changes which would
|
|
make them incompatible with the kernel you are running. If
|
|
unsure, say N.
|
|
|
|
config MODULE_SRCVERSION_ALL
|
|
bool "Source checksum for all modules"
|
|
depends on MODULES
|
|
help
|
|
Modules which contain a MODULE_VERSION get an extra "srcversion"
|
|
field inserted into their modinfo section, which contains a
|
|
sum of the source files which made it. This helps maintainers
|
|
see exactly which source was used to build a module (since
|
|
others sometimes change the module source without updating
|
|
the version). With this option, such a "srcversion" field
|
|
will be created for all modules. If unsure, say N.
|
|
|
|
config KMOD
|
|
bool "Automatic kernel module loading"
|
|
depends on MODULES
|
|
help
|
|
Normally when you have selected some parts of the kernel to
|
|
be created as kernel modules, you must load them (using the
|
|
"modprobe" command) before you can use them. If you say Y
|
|
here, some parts of the kernel will be able to load modules
|
|
automatically: when a part of the kernel needs a module, it
|
|
runs modprobe with the appropriate arguments, thereby
|
|
loading the module if it is available. If unsure, say Y.
|
|
|
|
config STOP_MACHINE
|
|
bool
|
|
default y
|
|
depends on (SMP && MODULE_UNLOAD) || HOTPLUG_CPU
|
|
help
|
|
Need stop_machine() primitive.
|
|
endmenu
|
|
|
|
menu "Block layer"
|
|
source "block/Kconfig"
|
|
endmenu
|