Newer
Older
config KERNEL_BUILD_USER
string "Custom Kernel Build User Name"
default "builder" if BUILDBOT
default ""
help
Sets the Kernel build user string, which for example will be returned
by 'uname -a' on running systems.
If not set, uses system user at build time.
config KERNEL_BUILD_DOMAIN
string "Custom Kernel Build Domain Name"
default "buildhost" if BUILDBOT
default ""
help
Sets the Kernel build domain string, which for example will be
returned by 'uname -a' on running systems.
If not set, uses system hostname at build time.
config KERNEL_PRINTK
bool "Enable support for printk"
default y
config KERNEL_SWAP
bool "Support for paging of anonymous memory (swap)"
config KERNEL_PROC_STRIPPED
bool "Strip non-essential /proc functionality to reduce code size"
default y if SMALL_FLASH
config KERNEL_DEBUG_FS
bool "Compile the kernel with debug filesystem enabled"
default y
help
debugfs is a virtual file system that kernel developers use to put
debugging files into. Enable this option to be able to read and
write to these files. Many common debugging facilities, such as
ftrace, require the existence of debugfs.
# remove KERNEL_MIPS_FPU_EMULATOR after kernel 4.19 is gone
config KERNEL_MIPS_FPU_EMULATOR
bool "Compile the kernel with MIPS FPU Emulator"
default y if TARGET_pistachio
depends on (mips || mipsel || mips64 || mips64el)
config KERNEL_MIPS_FP_SUPPORT
bool
default y if KERNEL_MIPS_FPU_EMULATOR
default y if TARGET_armsr_armv8
config KERNEL_X86_VSYSCALL_EMULATION
bool "Enable vsyscall emulation"
depends on x86_64
help
This enables emulation of the legacy vsyscall page. Disabling
it is roughly equivalent to booting with vsyscall=none, except
that it will also disable the helpful warning if a program
tries to use a vsyscall. With this option set to N, offending
programs will just segfault, citing addresses of the form
0xffffffffff600?00.
This option is required by many programs built before 2013, and
care should be used even with newer programs if set to N.
Disabling this option saves about 7K of kernel size and
possibly 4K of additional runtime pagetable memory.
config KERNEL_PERF_EVENTS
bool "Compile the kernel with performance events and counters"
select KERNEL_ARM_PMU if (arm || aarch64)
config KERNEL_PROFILING
bool "Compile the kernel with profiling enabled"
select KERNEL_PERF_EVENTS
help
Enable the extended profiling support mechanisms used by profilers such
as OProfile.
config KERNEL_RPI_AXIPERF
bool "Compile the kernel with RaspberryPi AXI Performance monitors"
default y
depends on KERNEL_PERF_EVENTS && TARGET_bcm27xx
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
config KERNEL_UBSAN
bool "Compile the kernel with undefined behaviour sanity checker"
help
This option enables undefined behaviour sanity checker
Compile-time instrumentation is used to detect various undefined
behaviours in runtime. Various types of checks may be enabled
via boot parameter ubsan_handle
(see: Documentation/dev-tools/ubsan.rst).
config KERNEL_UBSAN_SANITIZE_ALL
bool "Enable instrumentation for the entire kernel"
depends on KERNEL_UBSAN
default y
help
This option activates instrumentation for the entire kernel.
If you don't enable this option, you have to explicitly specify
UBSAN_SANITIZE := y for the files/directories you want to check for UB.
Enabling this option will get kernel image size increased
significantly.
config KERNEL_UBSAN_ALIGNMENT
bool "Enable checking of pointers alignment"
depends on KERNEL_UBSAN
help
This option enables detection of unaligned memory accesses.
Enabling this option on architectures that support unaligned
accesses may produce a lot of false positives.
config KERNEL_UBSAN_BOUNDS
bool "Perform array index bounds checking"
depends on KERNEL_UBSAN
help
This option enables detection of directly indexed out of bounds array
accesses, where the array size is known at compile time. Note that
this does not protect array overflows via bad calls to the
{str,mem}*cpy() family of functions (that is addressed by
FORTIFY_SOURCE).
config KERNEL_UBSAN_NULL
bool "Enable checking of null pointers"
depends on KERNEL_UBSAN
help
This option enables detection of memory accesses via a
null pointer.
config KERNEL_UBSAN_TRAP
bool "On Sanitizer warnings, abort the running kernel code"
depends on KERNEL_UBSAN
help
Building kernels with Sanitizer features enabled tends to grow the
kernel size by around 5%, due to adding all the debugging text on
failure paths. To avoid this, Sanitizer instrumentation can just
issue a trap. This reduces the kernel size overhead but turns all
warnings (including potentially harmless conditions) into full
exceptions that abort the running kernel code (regardless of context,
locks held, etc), which may destabilize the system. For some system
builders this is an acceptable trade-off.
config KERNEL_KASAN
bool "Compile the kernel with KASan: runtime memory debugger"
select KERNEL_SLUB_DEBUG
depends on (x86_64 || aarch64)
help
Enables kernel address sanitizer - runtime memory debugger,
designed to find out-of-bounds accesses and use-after-free bugs.
This is strictly a debugging feature and it requires a gcc version
of 4.9.2 or later. Detection of out of bounds accesses to stack or
global variables requires gcc 5.0 or later.
This feature consumes about 1/8 of available memory and brings about
~x3 performance slowdown.
For better error detection enable CONFIG_STACKTRACE.
Currently CONFIG_KASAN doesn't work with CONFIG_DEBUG_SLAB
(the resulting kernel does not boot).
config KERNEL_KASAN_VMALLOC
bool "Back mappings in vmalloc space with real shadow memory"
depends on KERNEL_KASAN
By default, the shadow region for vmalloc space is the read-only
zero page. This means that KASAN cannot detect errors involving
vmalloc space.
Enabling this option will hook in to vmap/vmalloc and back those
mappings with real shadow memory allocated on demand. This allows
for KASAN to detect more sorts of errors (and to support vmapped
stacks), but at the cost of higher memory usage.
This option depends on HAVE_ARCH_KASAN_VMALLOC, but we can't
depend on that in here, so it is possible that enabling this
will have no effect.
if KERNEL_KASAN
config KERNEL_KASAN_GENERIC
def_bool y
config KERNEL_KASAN_SW_TAGS
def_bool n
endif
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
choice
prompt "Instrumentation type"
depends on KERNEL_KASAN
default KERNEL_KASAN_OUTLINE
config KERNEL_KASAN_OUTLINE
bool "Outline instrumentation"
help
Before every memory access compiler insert function call
__asan_load*/__asan_store*. These functions performs check
of shadow memory. This is slower than inline instrumentation,
however it doesn't bloat size of kernel's .text section so
much as inline does.
config KERNEL_KASAN_INLINE
bool "Inline instrumentation"
help
Compiler directly inserts code checking shadow memory before
memory accesses. This is faster than outline (in some workloads
it gives about x2 boost over outline instrumentation), but
make kernel's .text size much bigger.
This requires a gcc version of 5.0 or later.
endchoice
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
config KERNEL_KCOV
bool "Compile the kernel with code coverage for fuzzing"
select KERNEL_DEBUG_FS
help
KCOV exposes kernel code coverage information in a form suitable
for coverage-guided fuzzing (randomized testing).
If RANDOMIZE_BASE is enabled, PC values will not be stable across
different machines and across reboots. If you need stable PC values,
disable RANDOMIZE_BASE.
For more details, see Documentation/kcov.txt.
config KERNEL_KCOV_ENABLE_COMPARISONS
bool "Enable comparison operands collection by KCOV"
depends on KERNEL_KCOV
help
KCOV also exposes operands of every comparison in the instrumented
code along with operand sizes and PCs of the comparison instructions.
These operands can be used by fuzzing engines to improve the quality
of fuzzing coverage.
config KERNEL_KCOV_INSTRUMENT_ALL
bool "Instrument all code by default"
depends on KERNEL_KCOV
default y if KERNEL_KCOV
help
If you are doing generic system call fuzzing (like e.g. syzkaller),
then you will want to instrument the whole kernel and you should
say y here. If you are doing more targeted fuzzing (like e.g.
filesystem fuzzing with AFL) then you will want to enable coverage
for more specific subsets of files, and should say n here.
config KERNEL_TASKSTATS
bool "Compile the kernel with task resource/io statistics and accounting"
help
Enable the collection and publishing of task/io statistics and
accounting. Enable this option to enable i/o monitoring in system
monitors.
if KERNEL_TASKSTATS
config KERNEL_TASK_DELAY_ACCT
def_bool y
config KERNEL_TASK_IO_ACCOUNTING
def_bool y
config KERNEL_TASK_XACCT
def_bool y
endif
config KERNEL_KALLSYMS
bool "Compile the kernel with symbol table information"
This will give you more information in stack traces from kernel oopses.
config KERNEL_FTRACE
bool "Compile the kernel with tracing support"
config KERNEL_FTRACE_SYSCALLS
bool "Trace system calls"
depends on KERNEL_FTRACE
config KERNEL_ENABLE_DEFAULT_TRACERS
bool "Trace process context switches and events"
depends on KERNEL_FTRACE
config KERNEL_FUNCTION_TRACER
bool "Function tracer"
depends on KERNEL_FTRACE
config KERNEL_FUNCTION_GRAPH_TRACER
bool "Function graph tracer"
depends on KERNEL_FUNCTION_TRACER
config KERNEL_DYNAMIC_FTRACE
bool "Enable/disable function tracing dynamically"
depends on KERNEL_FUNCTION_TRACER
config KERNEL_FUNCTION_PROFILER
bool "Function profiler"
depends on KERNEL_FUNCTION_TRACER
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
config KERNEL_IRQSOFF_TRACER
bool "Interrupts-off Latency Tracer"
depends on KERNEL_FTRACE
help
This option measures the time spent in irqs-off critical
sections, with microsecond accuracy.
The default measurement method is a maximum search, which is
disabled by default and can be runtime (re-)started
via:
echo 0 > /sys/kernel/debug/tracing/tracing_max_latency
(Note that kernel size and overhead increase with this option
enabled. This option and the preempt-off timing option can be
used together or separately.)
config KERNEL_PREEMPT_TRACER
bool "Preemption-off Latency Tracer"
depends on KERNEL_FTRACE
help
This option measures the time spent in preemption-off critical
sections, with microsecond accuracy.
The default measurement method is a maximum search, which is
disabled by default and can be runtime (re-)started
via:
echo 0 > /sys/kernel/debug/tracing/tracing_max_latency
(Note that kernel size and overhead increase with this option
enabled. This option and the irqs-off timing option can be
used together or separately.)
config KERNEL_HIST_TRIGGERS
bool "Histogram triggers"
depends on KERNEL_FTRACE
help
Hist triggers allow one or more arbitrary trace event fields to be
aggregated into hash tables and dumped to stdout by reading a
debugfs/tracefs file. They're useful for gathering quick and dirty
(though precise) summaries of event activity as an initial guide for
further investigation using more advanced tools.
Inter-event tracing of quantities such as latencies is also
supported using hist triggers under this option.
config KERNEL_DEBUG_KERNEL
bool
config KERNEL_DEBUG_INFO
bool "Compile the kernel with debug information"
select KERNEL_DEBUG_KERNEL
help
This will compile your kernel and modules with debug information.
config KERNEL_DEBUG_INFO_BTF
bool "Enable additional BTF type information"
depends on !HOST_OS_MACOS
depends on KERNEL_DEBUG_INFO && !KERNEL_DEBUG_INFO_REDUCED
select DWARVES
help
Generate BPF Type Format (BTF) information from DWARF debug info.
Turning this on expects presence of pahole tool, which will convert
DWARF type info into equivalent deduplicated BTF type info.
Required to run BPF CO-RE applications.
config KERNEL_DEBUG_INFO_REDUCED
bool "Reduce debugging information"
default y
depends on KERNEL_DEBUG_INFO
help
If you say Y here gcc is instructed to generate less debugging
information for structure types. This means that tools that
need full debugging information (like kgdb or systemtap) won't
be happy. But if you merely need debugging information to
resolve line numbers there is no loss. Advantage is that
build directory object sizes shrink dramatically over a full
DEBUG_INFO build and compile times are reduced too.
Only works with newer gcc versions.
config KERNEL_FRAME_WARN
int
range 0 8192
default 1280 if KERNEL_KASAN && !ARCH_64BIT
default 1024 if !ARCH_64BIT
default 2048 if ARCH_64BIT
help
Tell the compiler to warn at build time for stack frames larger than this.
Setting this too low will cause a lot of warnings.
Setting it to 0 disables the warning.
# KERNEL_DEBUG_LL symbols must have the default value set as otherwise
# KConfig wont evaluate them unless KERNEL_EARLY_PRINTK is selected
# which means that buildroot wont override the DEBUG_LL symbols in target
# kernel configurations and lead to devices that dont have working console
config KERNEL_DEBUG_LL_UART_NONE
bool
default n
depends on arm
config KERNEL_DEBUG_LL
bool
default n
depends on arm
select KERNEL_DEBUG_LL_UART_NONE
help
ARM low level debugging.
config KERNEL_DEBUG_VIRTUAL
bool "Compile the kernel with VM translations debugging"
select KERNEL_DEBUG_KERNEL
help
Enable checks sanity checks to catch invalid uses of
virt_to_phys()/phys_to_virt() against the non-linear address space.
bool "Compile the kernel with dynamic printk"
select KERNEL_DEBUG_FS
help
Compiles debug level messages into the kernel, which would not
otherwise be available at runtime. These messages can then be
enabled/disabled based on various levels of scope - per source file,
function, module, format string, and line number. This mechanism
implicitly compiles in all pr_debug() and dev_dbg() calls, which
enlarges the kernel text size by about 2%.
config KERNEL_EARLY_PRINTK
bool "Compile the kernel with early printk"
default y if TARGET_bcm53xx
depends on arm
select KERNEL_DEBUG_KERNEL
select KERNEL_DEBUG_LL if arm
help
Compile the kernel with early printk support. This is only useful for
debugging purposes to send messages over the serial console in early boot.
Enable this to debug early boot problems.
config KERNEL_KPROBES
bool "Compile the kernel with kprobes support"
select KERNEL_FTRACE
select KERNEL_PERF_EVENTS
help
Compiles the kernel with KPROBES support, which allows you to trap
at almost any kernel address and execute a callback function.
register_kprobe() establishes a probepoint and specifies the
callback. Kprobes is useful for kernel debugging, non-intrusive
instrumentation and testing.
If in doubt, say "N".
config KERNEL_KPROBE_EVENTS
bool
default y if KERNEL_KPROBES
config KERNEL_BPF_EVENTS
bool "Compile the kernel with BPF event support"
select KERNEL_KPROBES
help
Allows to attach BPF programs to kprobe, uprobe and tracepoint events.
This is required to use BPF maps of type BPF_MAP_TYPE_PERF_EVENT_ARRAY
for sending data from BPF programs to user-space for post-processing
or logging.
config KERNEL_BPF_KPROBE_OVERRIDE
bool
depends on KERNEL_KPROBES
default n
config KERNEL_AIO
bool "Compile the kernel with asynchronous IO support"
default y if !SMALL_FLASH
config KERNEL_IO_URING
bool "Compile the kernel with io_uring support"
depends on !SMALL_FLASH
default y if (x86_64 || aarch64)
config KERNEL_FHANDLE
bool "Compile the kernel with support for fhandle syscalls"
default y if !SMALL_FLASH
config KERNEL_FANOTIFY
bool "Compile the kernel with modern file notification support"
default y if !SMALL_FLASH
config KERNEL_BLK_DEV_BSG
bool "Compile the kernel with SCSI generic v4 support for any block device"
config KERNEL_TRANSPARENT_HUGEPAGE
bool
choice
prompt "Transparent Hugepage Support sysfs defaults"
depends on KERNEL_TRANSPARENT_HUGEPAGE
default KERNEL_TRANSPARENT_HUGEPAGE_ALWAYS
config KERNEL_TRANSPARENT_HUGEPAGE_ALWAYS
bool "always"
config KERNEL_TRANSPARENT_HUGEPAGE_MADVISE
bool "madvise"
endchoice
config KERNEL_HUGETLBFS
bool
config KERNEL_HUGETLB_PAGE
bool "Compile the kernel with HugeTLB support"
select KERNEL_TRANSPARENT_HUGEPAGE
select KERNEL_HUGETLBFS
config KERNEL_MAGIC_SYSRQ
bool "Compile the kernel with SysRq support"
default y
config KERNEL_DEBUG_PINCTRL
bool "Compile the kernel with pinctrl debugging"
select KERNEL_DEBUG_KERNEL
config KERNEL_DEBUG_GPIO
bool "Compile the kernel with gpio debugging"
select KERNEL_DEBUG_KERNEL
config KERNEL_COREDUMP
bool
config KERNEL_ELF_CORE
bool "Enable process core dump support"
select KERNEL_COREDUMP
config KERNEL_PROVE_LOCKING
bool "Enable kernel lock checking"
select KERNEL_DEBUG_KERNEL
config KERNEL_SOFTLOCKUP_DETECTOR
bool "Compile the kernel with detect Soft Lockups"
depends on KERNEL_DEBUG_KERNEL
help
Say Y here to enable the kernel to act as a watchdog to detect
soft lockups.
Softlockups are bugs that cause the kernel to loop in kernel
mode for more than 20 seconds, without giving other tasks a
chance to run. The current stack trace is displayed upon
detection and the system will stay locked up.
config KERNEL_HARDLOCKUP_DETECTOR
bool "Compile the kernel with detect Hard Lockups"
depends on KERNEL_DEBUG_KERNEL
help
Say Y here to enable the kernel to act as a watchdog to detect
hard lockups.
Hardlockups are bugs that cause the CPU to loop in kernel mode
for more than 10 seconds, without letting other interrupts have a
chance to run. The current stack trace is displayed upon detection
and the system will stay locked up.
config KERNEL_DETECT_HUNG_TASK
bool "Compile the kernel with detect Hung Tasks"
depends on KERNEL_DEBUG_KERNEL
default KERNEL_SOFTLOCKUP_DETECTOR
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
help
Say Y here to enable the kernel to detect "hung tasks",
which are bugs that cause the task to be stuck in
uninterruptible "D" state indefinitely.
When a hung task is detected, the kernel will print the
current stack trace (which you should report), but the
task will stay in uninterruptible state. If lockdep is
enabled then all held locks will also be reported. This
feature has negligible overhead.
config KERNEL_WQ_WATCHDOG
bool "Compile the kernel with detect Workqueue Stalls"
depends on KERNEL_DEBUG_KERNEL
help
Say Y here to enable stall detection on workqueues. If a
worker pool doesn't make forward progress on a pending work
item for over a given amount of time, 30s by default, a
warning message is printed along with dump of workqueue
state. This can be configured through kernel parameter
"workqueue.watchdog_thresh" and its sysfs counterpart.
config KERNEL_DEBUG_ATOMIC_SLEEP
bool "Compile the kernel with sleep inside atomic section checking"
depends on KERNEL_DEBUG_KERNEL
help
If you say Y here, various routines which may sleep will become very
noisy if they are called inside atomic sections: when a spinlock is
held, inside an rcu read side critical section, inside preempt disabled
sections, inside an interrupt, etc...
config KERNEL_DEBUG_VM
bool "Compile the kernel with debug VM"
depends on KERNEL_DEBUG_KERNEL
help
Enable this to turn on extended checks in the virtual-memory system
that may impact performance.
If unsure, say N.
config KERNEL_PRINTK_TIME
bool "Enable printk timestamps"
default y
config KERNEL_SLUB_DEBUG
bool
config KERNEL_SLUB_DEBUG_ON
bool
config KERNEL_SLABINFO
select KERNEL_SLUB_DEBUG
select KERNEL_SLUB_DEBUG_ON
bool "Enable /proc slab debug info"
Felix Fietkau
committed
config KERNEL_PROC_PAGE_MONITOR
bool "Enable /proc page monitoring"
config KERNEL_RELAY
bool
config KERNEL_KEXEC
bool "Enable kexec support"
config KERNEL_PROC_VMCORE
bool
config KERNEL_CRASH_DUMP
depends on i386 || x86_64 || arm || armeb
select KERNEL_KEXEC
select KERNEL_PROC_VMCORE
bool "Enable support for kexec crashdump"
default y
config USE_RFKILL
bool "Enable rfkill support"
default RFKILL_SUPPORT
config USE_SPARSE
bool "Enable sparse check during kernel build"
config KERNEL_DEVTMPFS
bool "Compile the kernel with device tmpfs enabled"
help
devtmpfs is a simple, kernel-managed /dev filesystem. The kernel creates
devices nodes for all registered devices to simplify boot, but leaves more
complex tasks to userspace (e.g. udev).
if KERNEL_DEVTMPFS
config KERNEL_DEVTMPFS_MOUNT
bool "Automatically mount devtmpfs after root filesystem is mounted"
endif
config KERNEL_KEYS
bool "Enable kernel access key retention support"
default !SMALL_FLASH
config KERNEL_PERSISTENT_KEYRINGS
bool "Enable kernel persistent keyrings"
depends on KERNEL_KEYS
config KERNEL_KEYS_REQUEST_CACHE
bool "Enable temporary caching of the last request_key() result"
depends on KERNEL_KEYS
config KERNEL_BIG_KEYS
bool "Enable large payload keys on kernel keyrings"
depends on KERNEL_KEYS
#
# CGROUP support symbols
#
config KERNEL_CGROUPS
bool "Enable kernel cgroups"
default y if !SMALL_FLASH
if KERNEL_CGROUPS
config KERNEL_CGROUP_DEBUG
bool "Example debug cgroup subsystem"
help
This option enables a simple cgroup subsystem that
exports useful debugging information about the cgroups
framework.
config KERNEL_FREEZER
bool
config KERNEL_CGROUP_FREEZER
bool "legacy Freezer cgroup subsystem"
select KERNEL_FREEZER
help
Provides a way to freeze and unfreeze all tasks in a
cgroup.
(legacy cgroup1-only controller, in cgroup2 freezer
is integrated in the Memory controller)
config KERNEL_CGROUP_DEVICE
bool "legacy Device controller for cgroups"
help
Provides a cgroup implementing whitelists for devices which
a process in the cgroup can mknod or open.
(legacy cgroup1-only controller)
config KERNEL_CGROUP_HUGETLB
bool "HugeTLB controller"
config KERNEL_CGROUP_PIDS
bool "PIDs cgroup subsystem"
default y
help
Provides enforcement of process number limits in the scope of a
cgroup.
config KERNEL_CGROUP_RDMA
bool "RDMA controller for cgroups"
default y
config KERNEL_CGROUP_BPF
bool "Support for eBPF programs attached to cgroups"
default y
config KERNEL_CPUSETS
bool "Cpuset support"
help
This option will let you create and manage CPUSETs which
allow dynamically partitioning a system into sets of CPUs and
Memory Nodes and assigning tasks to run only within those sets.
This is primarily useful on large SMP or NUMA systems.
config KERNEL_PROC_PID_CPUSET
bool "Include legacy /proc/<pid>/cpuset file"
depends on KERNEL_CPUSETS
config KERNEL_CGROUP_CPUACCT
bool "Simple CPU accounting cgroup subsystem"
help
Provides a simple Resource Controller for monitoring the
total CPU consumed by the tasks in a cgroup.
config KERNEL_RESOURCE_COUNTERS
bool "Resource counters"
help
This option enables controller independent resource accounting
infrastructure that works with cgroups.
config KERNEL_MM_OWNER
bool
default y if KERNEL_MEMCG
config KERNEL_MEMCG
bool "Memory Resource Controller for Control Groups"
select KERNEL_FREEZER
depends on KERNEL_RESOURCE_COUNTERS
help
Provides a memory resource controller that manages both anonymous
memory and page cache. (See Documentation/cgroups/memory.txt)
Note that setting this option increases fixed memory overhead
associated with each page of memory in the system. By this,
20(40)bytes/PAGE_SIZE on 32(64)bit system will be occupied by memory
usage tracking struct at boot. Total amount of this is printed out
at boot.
Only enable when you're ok with these tradeoffs and really
sure you need the memory resource controller. Even when you enable
this, you can set "cgroup_disable=memory" at your boot option to
disable memory resource controller and you can avoid overheads
(but lose benefits of memory resource controller).
This config option also selects MM_OWNER config option, which
could in turn add some fork/exit overhead.
config KERNEL_MEMCG_SWAP
bool "Memory Resource Controller Swap Extension"
depends on KERNEL_MEMCG
help
Add swap management feature to memory resource controller. When you
enable this, you can limit mem+swap usage per cgroup. In other words,
when you disable this, memory resource controller has no cares to
usage of swap...a process can exhaust all of the swap. This extension
is useful when you want to avoid exhaustion swap but this itself
adds more overheads and consumes memory for remembering information.
Especially if you use 32bit system or small memory system, please
be careful about enabling this. When memory resource controller
is disabled by boot option, this will be automatically disabled and
there will be no overhead from this. Even when you set this config=y,
if boot option "swapaccount=0" is set, swap will not be accounted.
Now, memory usage of swap_cgroup is 2 bytes per entry. If swap page
size is 4096bytes, 512k per 1Gbytes of swap.
config KERNEL_MEMCG_SWAP_ENABLED
bool "Memory Resource Controller Swap Extension enabled by default"
depends on KERNEL_MEMCG_SWAP
help
Memory Resource Controller Swap Extension comes with its price in
a bigger memory consumption. General purpose distribution kernels
which want to enable the feature but keep it disabled by default
and let the user enable it by swapaccount boot command line
parameter should have this option unselected.
Those who want to have the feature enabled by default should
select this option (if, for some reason, they need to disable it,
then swapaccount=0 does the trick).
config KERNEL_MEMCG_KMEM
bool "Memory Resource Controller Kernel Memory accounting (EXPERIMENTAL)"
depends on KERNEL_MEMCG
help
The Kernel Memory extension for Memory Resource Controller can limit
the amount of memory used by kernel objects in the system. Those are
fundamentally different from the entities handled by the standard
Memory Controller, which are page-based, and can be swapped. Users of
the kmem extension can use it to guarantee that no group of processes
will ever exhaust kernel resources alone.
config KERNEL_CGROUP_PERF
bool "Enable perf_event per-cpu per-container group (cgroup) monitoring"
select KERNEL_PERF_EVENTS
help
This option extends the per-cpu mode to restrict monitoring to
threads which belong to the cgroup specified and run on the
designated cpu.
menuconfig KERNEL_CGROUP_SCHED
bool "Group CPU scheduler"
help
This feature lets CPU scheduler recognize task groups and control CPU
bandwidth allocation to such task groups. It uses cgroups to group
tasks.
if KERNEL_CGROUP_SCHED
config KERNEL_FAIR_GROUP_SCHED
bool "Group scheduling for SCHED_OTHER"
config KERNEL_CFS_BANDWIDTH
bool "CPU bandwidth provisioning for FAIR_GROUP_SCHED"
depends on KERNEL_FAIR_GROUP_SCHED
help
This option allows users to define CPU bandwidth rates (limits) for
tasks running within the fair group scheduler. Groups with no limit
set are considered to be unconstrained and will run with no
restriction.
See tip/Documentation/scheduler/sched-bwc.txt for more information.
config KERNEL_RT_GROUP_SCHED
bool "Group scheduling for SCHED_RR/FIFO"
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
help
This feature lets you explicitly allocate real CPU bandwidth
to task groups. If enabled, it will also make it impossible to
schedule realtime tasks for non-root users until you allocate
realtime bandwidth for them.
endif
config KERNEL_BLK_CGROUP
bool "Block IO controller"
default y
help
Generic block IO controller cgroup interface. This is the common
cgroup interface which should be used by various IO controlling
policies.
Currently, CFQ IO scheduler uses it to recognize task groups and
control disk bandwidth allocation (proportional time slice allocation)
to such task groups. It is also used by bio throttling logic in
block layer to implement upper limit in IO rates on a device.
This option only enables generic Block IO controller infrastructure.
One needs to also enable actual IO controlling logic/policy. For
enabling proportional weight division of disk bandwidth in CFQ, set
CONFIG_CFQ_GROUP_IOSCHED=y; for enabling throttling policy, set
CONFIG_BLK_DEV_THROTTLING=y.
if KERNEL_BLK_CGROUP
config KERNEL_CFQ_GROUP_IOSCHED
bool "Proportional weight of disk bandwidth in CFQ"
config KERNEL_BLK_DEV_THROTTLING
bool "Enable throttling policy"
config KERNEL_BLK_DEV_THROTTLING_LOW
bool "Block throttling .low limit interface support (EXPERIMENTAL)"
depends on KERNEL_BLK_DEV_THROTTLING
endif
config KERNEL_DEBUG_BLK_CGROUP
bool "Enable Block IO controller debugging"
depends on KERNEL_BLK_CGROUP
help
Enable some debugging help. Currently it exports additional stat
files in a cgroup which can be useful for debugging.
config KERNEL_NET_CLS_CGROUP
bool "legacy Control Group Classifier"
config KERNEL_CGROUP_NET_CLASSID
bool "legacy Network classid cgroup"
config KERNEL_CGROUP_NET_PRIO
bool "legacy Network priority cgroup"
endif
#
# Namespace support symbols
#
config KERNEL_NAMESPACES
bool "Enable kernel namespaces"
default y if !SMALL_FLASH
if KERNEL_NAMESPACES
config KERNEL_UTS_NS
bool "UTS namespace"
default y
help
In this namespace, tasks see different info provided
with the uname() system call.
config KERNEL_IPC_NS
bool "IPC namespace"
default y
help
In this namespace, tasks work with IPC ids which correspond to
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
different IPC objects in different namespaces.
config KERNEL_USER_NS
bool "User namespace (EXPERIMENTAL)"
default y
help
This allows containers, i.e. vservers, to use user namespaces
to provide different user info for different servers.
config KERNEL_PID_NS
bool "PID Namespaces"
default y
help
Support process id namespaces. This allows having multiple
processes with the same pid as long as they are in different
pid namespaces. This is a building block of containers.
config KERNEL_NET_NS
bool "Network namespace"
default y
help
Allow user space to create what appear to be multiple instances
of the network stack.
endif
config KERNEL_DEVPTS_MULTIPLE_INSTANCES
bool "Support multiple instances of devpts"
default y if !SMALL_FLASH
help
Enable support for multiple instances of devpts filesystem.
If you want to have isolated PTY namespaces (eg: in containers),
say Y here. Otherwise, say N. If enabled, each mount of devpts
filesystem with the '-o newinstance' option will create an
independent PTY namespace.
config KERNEL_POSIX_MQUEUE
bool "POSIX Message Queues"
default y if !SMALL_FLASH
help
POSIX variant of message queues is a part of IPC. In POSIX message
queues every message has a priority which decides about succession
of receiving it by a process. If you want to compile and run
programs written e.g. for Solaris with use of its POSIX message