1 # SPDX-License-Identifier: GPL-2.0-only
4 default "$(CC_VERSION_TEXT)"
6 This is used in unclear ways:
8 - Re-run Kconfig when the compiler is updated
9 The 'default' property references the environment variable,
10 CC_VERSION_TEXT so it is recorded in include/config/auto.conf.cmd.
11 When the compiler is updated, Kconfig will be invoked.
13 - Ensure full rebuild when the compiler is updated
14 include/linux/compiler-version.h contains this option in the comment
15 line so fixdep adds include/config/CC_VERSION_TEXT into the
16 auto-generated dependency. When the compiler is updated, syncconfig
17 will touch it and then every file will be rebuilt.
20 def_bool $(success,test "$(cc-name)" = GCC)
24 default $(cc-version) if CC_IS_GCC
28 def_bool $(success,test "$(cc-name)" = Clang)
32 default $(cc-version) if CC_IS_CLANG
36 def_bool $(success,test "$(as-name)" = GNU)
39 def_bool $(success,test "$(as-name)" = LLVM)
43 # Use clang version if this is the integrated assembler
44 default CLANG_VERSION if AS_IS_LLVM
48 def_bool $(success,test "$(ld-name)" = BFD)
52 default $(ld-version) if LD_IS_BFD
56 def_bool $(success,test "$(ld-name)" = LLD)
60 default $(ld-version) if LD_IS_LLD
65 default $(success,$(srctree)/scripts/cc-can-link.sh $(CC) $(CLANG_FLAGS) $(m64-flag)) if 64BIT
66 default $(success,$(srctree)/scripts/cc-can-link.sh $(CC) $(CLANG_FLAGS) $(m32-flag))
68 config CC_CAN_LINK_STATIC
70 default $(success,$(srctree)/scripts/cc-can-link.sh $(CC) $(CLANG_FLAGS) $(m64-flag) -static) if 64BIT
71 default $(success,$(srctree)/scripts/cc-can-link.sh $(CC) $(CLANG_FLAGS) $(m32-flag) -static)
73 config CC_HAS_ASM_GOTO
74 def_bool $(success,$(srctree)/scripts/gcc-goto.sh $(CC))
76 config CC_HAS_ASM_GOTO_OUTPUT
77 depends on CC_HAS_ASM_GOTO
78 def_bool $(success,echo 'int foo(int x) { asm goto ("": "=r"(x) ::: bar); return x; bar: return 0; }' | $(CC) -x c - -c -o /dev/null)
80 config TOOLS_SUPPORT_RELR
81 def_bool $(success,env "CC=$(CC)" "LD=$(LD)" "NM=$(NM)" "OBJCOPY=$(OBJCOPY)" $(srctree)/scripts/tools-support-relr.sh)
83 config CC_HAS_ASM_INLINE
84 def_bool $(success,echo 'void foo(void) { asm inline (""); }' | $(CC) -x c - -c -o /dev/null)
86 config CC_HAS_NO_PROFILE_FN_ATTR
87 def_bool $(success,echo '__attribute__((no_profile_instrument_function)) int x();' | $(CC) -x c - -c -o /dev/null -Werror)
91 default $(shell,$(srctree)/scripts/pahole-version.sh $(PAHOLE))
99 config BUILDTIME_TABLE_SORT
102 config THREAD_INFO_IN_TASK
105 Select this to move thread_info off the stack into task_struct. To
106 make this work, an arch will need to remove all thread_info fields
107 except flags and fix any runtime bugs.
109 One subtle change that will be needed is to use try_get_task_stack()
110 and put_task_stack() in save_thread_stack_tsk() and get_wchan().
119 depends on BROKEN || !SMP
122 config INIT_ENV_ARG_LIMIT
127 Maximum of each of the number of arguments and environment
128 variables passed to init from the kernel command line.
131 bool "Compile also drivers which will not load"
134 Some drivers can be compiled on a different platform than they are
135 intended to be run on. Despite they cannot be loaded there (or even
136 when they load they cannot be used due to missing HW support),
137 developers still, opposing to distributors, might want to build such
138 drivers to compile-test them.
140 If you are a developer and want to build everything available, say Y
141 here. If you are a user/distributor, say N here to exclude useless
142 drivers to be distributed.
145 bool "Compile the kernel with warnings as errors"
148 A kernel build should not cause any compiler warnings, and this
149 enables the '-Werror' flag to enforce that rule by default.
151 However, if you have a new (or very old) compiler with odd and
152 unusual warnings, or you have some architecture with problems,
153 you may need to disable this config option in order to
154 successfully build the kernel.
158 config UAPI_HEADER_TEST
159 bool "Compile test UAPI headers"
160 depends on HEADERS_INSTALL && CC_CAN_LINK
162 Compile test headers exported to user-space to ensure they are
163 self-contained, i.e. compilable as standalone units.
165 If you are a developer or tester and want to ensure the exported
166 headers are self-contained, say Y here. Otherwise, choose N.
169 string "Local version - append to kernel release"
171 Append an extra string to the end of your kernel version.
172 This will show up when you type uname, for example.
173 The string you set here will be appended after the contents of
174 any files with a filename matching localversion* in your
175 object and source tree, in that order. Your total string can
176 be a maximum of 64 characters.
178 config LOCALVERSION_AUTO
179 bool "Automatically append version information to the version string"
181 depends on !COMPILE_TEST
183 This will try to automatically determine if the current tree is a
184 release tree by looking for git tags that belong to the current
185 top of tree revision.
187 A string of the format -gxxxxxxxx will be added to the localversion
188 if a git-based tree is found. The string generated by this will be
189 appended after any matching localversion* files, and after the value
190 set in CONFIG_LOCALVERSION.
192 (The actual string used here is the first eight characters produced
193 by running the command:
195 $ git rev-parse --verify HEAD
197 which is done within the script "scripts/setlocalversion".)
200 string "Build ID Salt"
203 The build ID is used to link binaries and their debug info. Setting
204 this option will use the value in the calculation of the build id.
205 This is mostly useful for distributions which want to ensure the
206 build is unique between builds. It's safe to leave the default.
208 config HAVE_KERNEL_GZIP
211 config HAVE_KERNEL_BZIP2
214 config HAVE_KERNEL_LZMA
217 config HAVE_KERNEL_XZ
220 config HAVE_KERNEL_LZO
223 config HAVE_KERNEL_LZ4
226 config HAVE_KERNEL_ZSTD
229 config HAVE_KERNEL_UNCOMPRESSED
233 prompt "Kernel compression mode"
235 depends on HAVE_KERNEL_GZIP || HAVE_KERNEL_BZIP2 || HAVE_KERNEL_LZMA || HAVE_KERNEL_XZ || HAVE_KERNEL_LZO || HAVE_KERNEL_LZ4 || HAVE_KERNEL_ZSTD || HAVE_KERNEL_UNCOMPRESSED
237 The linux kernel is a kind of self-extracting executable.
238 Several compression algorithms are available, which differ
239 in efficiency, compression and decompression speed.
240 Compression speed is only relevant when building a kernel.
241 Decompression speed is relevant at each boot.
243 If you have any problems with bzip2 or lzma compressed
244 kernels, mail me (Alain Knaff) <alain@knaff.lu>. (An older
245 version of this functionality (bzip2 only), for 2.4, was
246 supplied by Christian Ludwig)
248 High compression options are mostly useful for users, who
249 are low on disk space (embedded systems), but for whom ram
252 If in doubt, select 'gzip'
256 depends on HAVE_KERNEL_GZIP
258 The old and tried gzip compression. It provides a good balance
259 between compression ratio and decompression speed.
263 depends on HAVE_KERNEL_BZIP2
265 Its compression ratio and speed is intermediate.
266 Decompression speed is slowest among the choices. The kernel
267 size is about 10% smaller with bzip2, in comparison to gzip.
268 Bzip2 uses a large amount of memory. For modern kernels you
269 will need at least 8MB RAM or more for booting.
273 depends on HAVE_KERNEL_LZMA
275 This compression algorithm's ratio is best. Decompression speed
276 is between gzip and bzip2. Compression is slowest.
277 The kernel size is about 33% smaller with LZMA in comparison to gzip.
281 depends on HAVE_KERNEL_XZ
283 XZ uses the LZMA2 algorithm and instruction set specific
284 BCJ filters which can improve compression ratio of executable
285 code. The size of the kernel is about 30% smaller with XZ in
286 comparison to gzip. On architectures for which there is a BCJ
287 filter (i386, x86_64, ARM, IA-64, PowerPC, and SPARC), XZ
288 will create a few percent smaller kernel than plain LZMA.
290 The speed is about the same as with LZMA: The decompression
291 speed of XZ is better than that of bzip2 but worse than gzip
292 and LZO. Compression is slow.
296 depends on HAVE_KERNEL_LZO
298 Its compression ratio is the poorest among the choices. The kernel
299 size is about 10% bigger than gzip; however its speed
300 (both compression and decompression) is the fastest.
304 depends on HAVE_KERNEL_LZ4
306 LZ4 is an LZ77-type compressor with a fixed, byte-oriented encoding.
307 A preliminary version of LZ4 de/compression tool is available at
308 <https://code.google.com/p/lz4/>.
310 Its compression ratio is worse than LZO. The size of the kernel
311 is about 8% bigger than LZO. But the decompression speed is
316 depends on HAVE_KERNEL_ZSTD
318 ZSTD is a compression algorithm targeting intermediate compression
319 with fast decompression speed. It will compress better than GZIP and
320 decompress around the same speed as LZO, but slower than LZ4. You
321 will need at least 192 KB RAM or more for booting. The zstd command
322 line tool is required for compression.
324 config KERNEL_UNCOMPRESSED
326 depends on HAVE_KERNEL_UNCOMPRESSED
328 Produce uncompressed kernel image. This option is usually not what
329 you want. It is useful for debugging the kernel in slow simulation
330 environments, where decompressing and moving the kernel is awfully
331 slow. This option allows early boot code to skip the decompressor
332 and jump right at uncompressed kernel image.
337 string "Default init path"
340 This option determines the default init for the system if no init=
341 option is passed on the kernel command line. If the requested path is
342 not present, we will still then move on to attempting further
343 locations (e.g. /sbin/init, etc). If this is empty, we will just use
344 the fallback list when init= is not passed.
346 config DEFAULT_HOSTNAME
347 string "Default hostname"
350 This option determines the default system hostname before userspace
351 calls sethostname(2). The kernel traditionally uses "(none)" here,
352 but you may wish to use a different default here to make a minimal
353 system more usable with less configuration.
356 # For some reason microblaze and nios2 hard code SWAP=n. Hopefully we can
357 # add proper SWAP support to them, in which case this can be remove.
362 config VERSION_SIGNATURE
363 string "Arbitrary version signature"
365 This string will be created in a file, /proc/version_signature. It
366 is useful in determining arbitrary data about your kernel. For instance,
367 if you have several kernels of the same version, but need to keep track
368 of a revision of the same kernel, but not affect it's ability to load
369 compatible modules, this is the easiest way to do that.
372 bool "Support for paging of anonymous memory (swap)"
373 depends on MMU && BLOCK && !ARCH_NO_SWAP
376 This option allows you to choose whether you want to have support
377 for so called swap devices or swap files in your kernel that are
378 used to provide more virtual memory than the actual RAM present
379 in your computer. If unsure say Y.
384 Inter Process Communication is a suite of library functions and
385 system calls which let processes (running programs) synchronize and
386 exchange information. It is generally considered to be a good thing,
387 and some programs won't run unless you say Y here. In particular, if
388 you want to run the DOS emulator dosemu under Linux (read the
389 DOSEMU-HOWTO, available from <http://www.tldp.org/docs.html#howto>),
390 you'll need to say Y here.
392 You can find documentation about IPC with "info ipc" and also in
393 section 6.4 of the Linux Programmer's Guide, available from
394 <http://www.tldp.org/guides.html>.
396 config SYSVIPC_SYSCTL
403 bool "POSIX Message Queues"
406 POSIX variant of message queues is a part of IPC. In POSIX message
407 queues every message has a priority which decides about succession
408 of receiving it by a process. If you want to compile and run
409 programs written e.g. for Solaris with use of its POSIX message
410 queues (functions mq_*) say Y here.
412 POSIX message queues are visible as a filesystem called 'mqueue'
413 and can be mounted somewhere if you want to do filesystem
414 operations on message queues.
418 config POSIX_MQUEUE_SYSCTL
420 depends on POSIX_MQUEUE
425 bool "General notification queue"
429 This is a general notification queue for the kernel to pass events to
430 userspace by splicing them into pipes. It can be used in conjunction
431 with watches for key/keyring change notifications and device
434 See Documentation/watch_queue.rst
436 config CROSS_MEMORY_ATTACH
437 bool "Enable process_vm_readv/writev syscalls"
441 Enabling this option adds the system calls process_vm_readv and
442 process_vm_writev which allow a process with the correct privileges
443 to directly read from or write to another process' address space.
444 See the man page for more details.
447 bool "uselib syscall"
448 def_bool ALPHA || M68K || SPARC || X86_32 || IA32_EMULATION
450 This option enables the uselib syscall, a system call used in the
451 dynamic linker from libc5 and earlier. glibc does not use this
452 system call. If you intend to run programs built on libc5 or
453 earlier, you may need to enable this syscall. Current systems
454 running glibc can safely disable this.
457 bool "Auditing support"
460 Enable auditing infrastructure that can be used with another
461 kernel subsystem, such as SELinux (which requires this for
462 logging of avc messages output). System call auditing is included
463 on architectures which support it.
465 config HAVE_ARCH_AUDITSYSCALL
470 depends on AUDIT && HAVE_ARCH_AUDITSYSCALL
473 source "kernel/irq/Kconfig"
474 source "kernel/time/Kconfig"
475 source "kernel/bpf/Kconfig"
476 source "kernel/Kconfig.preempt"
478 menu "CPU/Task time and stats accounting"
480 config VIRT_CPU_ACCOUNTING
484 prompt "Cputime accounting"
485 default TICK_CPU_ACCOUNTING if !PPC64
486 default VIRT_CPU_ACCOUNTING_NATIVE if PPC64
488 # Kind of a stub config for the pure tick based cputime accounting
489 config TICK_CPU_ACCOUNTING
490 bool "Simple tick based cputime accounting"
491 depends on !S390 && !NO_HZ_FULL
493 This is the basic tick based cputime accounting that maintains
494 statistics about user, system and idle time spent on per jiffies
499 config VIRT_CPU_ACCOUNTING_NATIVE
500 bool "Deterministic task and CPU time accounting"
501 depends on HAVE_VIRT_CPU_ACCOUNTING && !NO_HZ_FULL
502 select VIRT_CPU_ACCOUNTING
504 Select this option to enable more accurate task and CPU time
505 accounting. This is done by reading a CPU counter on each
506 kernel entry and exit and on transitions within the kernel
507 between system, softirq and hardirq state, so there is a
508 small performance impact. In the case of s390 or IBM POWER > 5,
509 this also enables accounting of stolen time on logically-partitioned
512 config VIRT_CPU_ACCOUNTING_GEN
513 bool "Full dynticks CPU time accounting"
514 depends on HAVE_CONTEXT_TRACKING
515 depends on HAVE_VIRT_CPU_ACCOUNTING_GEN
516 depends on GENERIC_CLOCKEVENTS
517 select VIRT_CPU_ACCOUNTING
518 select CONTEXT_TRACKING
520 Select this option to enable task and CPU time accounting on full
521 dynticks systems. This accounting is implemented by watching every
522 kernel-user boundaries using the context tracking subsystem.
523 The accounting is thus performed at the expense of some significant
526 For now this is only useful if you are working on the full
527 dynticks subsystem development.
533 config IRQ_TIME_ACCOUNTING
534 bool "Fine granularity task level IRQ time accounting"
535 depends on HAVE_IRQ_TIME_ACCOUNTING && !VIRT_CPU_ACCOUNTING_NATIVE
537 Select this option to enable fine granularity task irq time
538 accounting. This is done by reading a timestamp on each
539 transitions between softirq and hardirq state, so there can be a
540 small performance impact.
542 If in doubt, say N here.
544 config HAVE_SCHED_AVG_IRQ
546 depends on IRQ_TIME_ACCOUNTING || PARAVIRT_TIME_ACCOUNTING
549 config SCHED_THERMAL_PRESSURE
551 default y if ARM && ARM_CPU_TOPOLOGY
554 depends on CPU_FREQ_THERMAL
556 Select this option to enable thermal pressure accounting in the
557 scheduler. Thermal pressure is the value conveyed to the scheduler
558 that reflects the reduction in CPU compute capacity resulted from
559 thermal throttling. Thermal throttling occurs when the performance of
560 a CPU is capped due to high operating temperatures.
562 If selected, the scheduler will be able to balance tasks accordingly,
563 i.e. put less load on throttled CPUs than on non/less throttled ones.
565 This requires the architecture to implement
566 arch_set_thermal_pressure() and arch_scale_thermal_pressure().
568 config BSD_PROCESS_ACCT
569 bool "BSD Process Accounting"
572 If you say Y here, a user level program will be able to instruct the
573 kernel (via a special system call) to write process accounting
574 information to a file: whenever a process exits, information about
575 that process will be appended to the file by the kernel. The
576 information includes things such as creation time, owning user,
577 command name, memory usage, controlling terminal etc. (the complete
578 list is in the struct acct in <file:include/linux/acct.h>). It is
579 up to the user level program to do useful things with this
580 information. This is generally a good idea, so say Y.
582 config BSD_PROCESS_ACCT_V3
583 bool "BSD Process Accounting version 3 file format"
584 depends on BSD_PROCESS_ACCT
587 If you say Y here, the process accounting information is written
588 in a new file format that also logs the process IDs of each
589 process and its parent. Note that this file format is incompatible
590 with previous v0/v1/v2 file formats, so you will need updated tools
591 for processing it. A preliminary version of these tools is available
592 at <http://www.gnu.org/software/acct/>.
595 bool "Export task/process statistics through netlink"
600 Export selected statistics for tasks/processes through the
601 generic netlink interface. Unlike BSD process accounting, the
602 statistics are available during the lifetime of tasks/processes as
603 responses to commands. Like BSD accounting, they are sent to user
608 config TASK_DELAY_ACCT
609 bool "Enable per-task delay accounting"
613 Collect information on time spent by a task waiting for system
614 resources like cpu, synchronous block I/O completion and swapping
615 in pages. Such statistics can help in setting a task's priorities
616 relative to other tasks for cpu, io, rss limits etc.
621 bool "Enable extended accounting over taskstats"
624 Collect extended task accounting data and send the data
625 to userland for processing over the taskstats interface.
629 config TASK_IO_ACCOUNTING
630 bool "Enable per-task storage I/O accounting"
631 depends on TASK_XACCT
633 Collect information on the number of bytes of storage I/O which this
639 bool "Pressure stall information tracking"
641 Collect metrics that indicate how overcommitted the CPU, memory,
642 and IO capacity are in the system.
644 If you say Y here, the kernel will create /proc/pressure/ with the
645 pressure statistics files cpu, memory, and io. These will indicate
646 the share of walltime in which some or all tasks in the system are
647 delayed due to contention of the respective resource.
649 In kernels with cgroup support, cgroups (cgroup2 only) will
650 have cpu.pressure, memory.pressure, and io.pressure files,
651 which aggregate pressure stalls for the grouped tasks only.
653 For more details see Documentation/accounting/psi.rst.
657 config PSI_DEFAULT_DISABLED
658 bool "Require boot parameter to enable pressure stall information tracking"
662 If set, pressure stall information tracking will be disabled
663 per default but can be enabled through passing psi=1 on the
664 kernel commandline during boot.
666 This feature adds some code to the task wakeup and sleep
667 paths of the scheduler. The overhead is too low to affect
668 common scheduling-intense workloads in practice (such as
669 webservers, memcache), but it does show up in artificial
670 scheduler stress tests, such as hackbench.
672 If you are paranoid and not sure what the kernel will be
677 endmenu # "CPU/Task time and stats accounting"
681 depends on SMP || COMPILE_TEST
684 Make sure that CPUs running critical tasks are not disturbed by
685 any source of "noise" such as unbound workqueues, timers, kthreads...
686 Unbound jobs get offloaded to housekeeping CPUs. This is driven by
687 the "isolcpus=" boot parameter.
691 source "kernel/rcu/Kconfig"
698 tristate "Kernel .config support"
700 This option enables the complete Linux kernel ".config" file
701 contents to be saved in the kernel. It provides documentation
702 of which kernel options are used in a running kernel or in an
703 on-disk kernel. This information can be extracted from the kernel
704 image file with the script scripts/extract-ikconfig and used as
705 input to rebuild the current kernel or to build another kernel.
706 It can also be extracted from a running kernel by reading
707 /proc/config.gz if enabled (below).
710 bool "Enable access to .config through /proc/config.gz"
711 depends on IKCONFIG && PROC_FS
713 This option enables access to the kernel configuration file
714 through /proc/config.gz.
717 tristate "Enable kernel headers through /sys/kernel/kheaders.tar.xz"
720 This option enables access to the in-kernel headers that are generated during
721 the build process. These can be used to build eBPF tracing programs,
722 or similar programs. If you build the headers as a module, a module called
723 kheaders.ko is built which can be loaded on-demand to get access to headers.
726 int "Kernel log buffer size (16 => 64KB, 17 => 128KB)"
727 range 12 25 if !H8300
732 Select the minimal kernel log buffer size as a power of 2.
733 The final size is affected by LOG_CPU_MAX_BUF_SHIFT config
734 parameter, see below. Any higher size also might be forced
735 by "log_buf_len" boot parameter.
745 config LOG_CPU_MAX_BUF_SHIFT
746 int "CPU kernel log buffer size contribution (13 => 8 KB, 17 => 128KB)"
749 default 12 if !BASE_SMALL
750 default 0 if BASE_SMALL
753 This option allows to increase the default ring buffer size
754 according to the number of CPUs. The value defines the contribution
755 of each CPU as a power of 2. The used space is typically only few
756 lines however it might be much more when problems are reported,
759 The increased size means that a new buffer has to be allocated and
760 the original static one is unused. It makes sense only on systems
761 with more CPUs. Therefore this value is used only when the sum of
762 contributions is greater than the half of the default kernel ring
763 buffer as defined by LOG_BUF_SHIFT. The default values are set
764 so that more than 16 CPUs are needed to trigger the allocation.
766 Also this option is ignored when "log_buf_len" kernel parameter is
767 used as it forces an exact (power of two) size of the ring buffer.
769 The number of possible CPUs is used for this computation ignoring
770 hotplugging making the computation optimal for the worst case
771 scenario while allowing a simple algorithm to be used from bootup.
773 Examples shift values and their meaning:
774 17 => 128 KB for each CPU
775 16 => 64 KB for each CPU
776 15 => 32 KB for each CPU
777 14 => 16 KB for each CPU
778 13 => 8 KB for each CPU
779 12 => 4 KB for each CPU
781 config PRINTK_SAFE_LOG_BUF_SHIFT
782 int "Temporary per-CPU printk log buffer size (12 => 4KB, 13 => 8KB)"
787 Select the size of an alternate printk per-CPU buffer where messages
788 printed from usafe contexts are temporary stored. One example would
789 be NMI messages, another one - printk recursion. The messages are
790 copied to the main log buffer in a safe context to avoid a deadlock.
791 The value defines the size as a power of 2.
793 Those messages are rare and limited. The largest one is when
794 a backtrace is printed. It usually fits into 4KB. Select
795 8KB if you want to be on the safe side.
798 17 => 128 KB for each CPU
799 16 => 64 KB for each CPU
800 15 => 32 KB for each CPU
801 14 => 16 KB for each CPU
802 13 => 8 KB for each CPU
803 12 => 4 KB for each CPU
806 bool "Printk indexing debugfs interface"
807 depends on PRINTK && DEBUG_FS
809 Add support for indexing of all printk formats known at compile time
810 at <debugfs>/printk/index/<module>.
812 This can be used as part of maintaining daemons which monitor
813 /dev/kmsg, as it permits auditing the printk formats present in a
814 kernel, allowing detection of cases where monitored printks are
815 changed or no longer present.
817 There is no additional runtime cost to printk with this enabled.
820 # Architectures with an unreliable sched_clock() should select this:
822 config HAVE_UNSTABLE_SCHED_CLOCK
825 config GENERIC_SCHED_CLOCK
828 menu "Scheduler features"
831 bool "Enable utilization clamping for RT/FAIR tasks"
832 depends on CPU_FREQ_GOV_SCHEDUTIL
834 This feature enables the scheduler to track the clamped utilization
835 of each CPU based on RUNNABLE tasks scheduled on that CPU.
837 With this option, the user can specify the min and max CPU
838 utilization allowed for RUNNABLE tasks. The max utilization defines
839 the maximum frequency a task should use while the min utilization
840 defines the minimum frequency it should use.
842 Both min and max utilization clamp values are hints to the scheduler,
843 aiming at improving its frequency selection policy, but they do not
844 enforce or grant any specific bandwidth for tasks.
848 config UCLAMP_BUCKETS_COUNT
849 int "Number of supported utilization clamp buckets"
852 depends on UCLAMP_TASK
854 Defines the number of clamp buckets to use. The range of each bucket
855 will be SCHED_CAPACITY_SCALE/UCLAMP_BUCKETS_COUNT. The higher the
856 number of clamp buckets the finer their granularity and the higher
857 the precision of clamping aggregation and tracking at run-time.
859 For example, with the minimum configuration value we will have 5
860 clamp buckets tracking 20% utilization each. A 25% boosted tasks will
861 be refcounted in the [20..39]% bucket and will set the bucket clamp
862 effective value to 25%.
863 If a second 30% boosted task should be co-scheduled on the same CPU,
864 that task will be refcounted in the same bucket of the first task and
865 it will boost the bucket clamp effective value to 30%.
866 The clamp effective value of a bucket is reset to its nominal value
867 (20% in the example above) when there are no more tasks refcounted in
870 An additional boost/capping margin can be added to some tasks. In the
871 example above the 25% task will be boosted to 30% until it exits the
872 CPU. If that should be considered not acceptable on certain systems,
873 it's always possible to reduce the margin by increasing the number of
874 clamp buckets to trade off used memory for run-time tracking
877 If in doubt, use the default value.
882 # For architectures that want to enable the support for NUMA-affine scheduler
885 config ARCH_SUPPORTS_NUMA_BALANCING
889 # For architectures that prefer to flush all TLBs after a number of pages
890 # are unmapped instead of sending one IPI per page to flush. The architecture
891 # must provide guarantees on what happens if a clean TLB cache entry is
892 # written after the unmap. Details are in mm/rmap.c near the check for
893 # should_defer_flush. The architecture should also consider if the full flush
894 # and the refill costs are offset by the savings of sending fewer IPIs.
895 config ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH
899 def_bool !$(cc-option,$(m64-flag) -D__SIZEOF_INT128__=0) && 64BIT
902 # For architectures that know their GCC __int128 support is sound
904 config ARCH_SUPPORTS_INT128
907 # For architectures that (ab)use NUMA to represent different memory regions
908 # all cpu-local but of different latencies, such as SuperH.
910 config ARCH_WANT_NUMA_VARIABLE_LOCALITY
913 config NUMA_BALANCING
914 bool "Memory placement aware NUMA scheduler"
915 depends on ARCH_SUPPORTS_NUMA_BALANCING
916 depends on !ARCH_WANT_NUMA_VARIABLE_LOCALITY
917 depends on SMP && NUMA && MIGRATION
919 This option adds support for automatic NUMA aware memory/task placement.
920 The mechanism is quite primitive and is based on migrating memory when
921 it has references to the node the task is running on.
923 This system will be inactive on UMA systems.
925 config NUMA_BALANCING_DEFAULT_ENABLED
926 bool "Automatically enable NUMA aware memory/task placement"
928 depends on NUMA_BALANCING
930 If set, automatic NUMA balancing will be enabled if running on a NUMA
934 bool "Control Group support"
937 This option adds support for grouping sets of processes together, for
938 use with process control subsystems such as Cpusets, CFS, memory
939 controls or device isolation.
941 - Documentation/scheduler/sched-design-CFS.rst (CFS)
942 - Documentation/admin-guide/cgroup-v1/ (features for grouping, isolation
943 and resource control)
953 bool "Memory controller"
957 Provides control over the memory footprint of tasks in a cgroup.
961 depends on MEMCG && SWAP
966 depends on MEMCG && !SLOB
974 Generic block IO controller cgroup interface. This is the common
975 cgroup interface which should be used by various IO controlling
978 Currently, CFQ IO scheduler uses it to recognize task groups and
979 control disk bandwidth allocation (proportional time slice allocation)
980 to such task groups. It is also used by bio throttling logic in
981 block layer to implement upper limit in IO rates on a device.
983 This option only enables generic Block IO controller infrastructure.
984 One needs to also enable actual IO controlling logic/policy. For
985 enabling proportional weight division of disk bandwidth in CFQ, set
986 CONFIG_BFQ_GROUP_IOSCHED=y; for enabling throttling policy, set
987 CONFIG_BLK_DEV_THROTTLING=y.
989 See Documentation/admin-guide/cgroup-v1/blkio-controller.rst for more information.
991 config CGROUP_WRITEBACK
993 depends on MEMCG && BLK_CGROUP
996 menuconfig CGROUP_SCHED
997 bool "CPU controller"
1000 This feature lets CPU scheduler recognize task groups and control CPU
1001 bandwidth allocation to such task groups. It uses cgroups to group
1005 config FAIR_GROUP_SCHED
1006 bool "Group scheduling for SCHED_OTHER"
1007 depends on CGROUP_SCHED
1008 default CGROUP_SCHED
1010 config CFS_BANDWIDTH
1011 bool "CPU bandwidth provisioning for FAIR_GROUP_SCHED"
1012 depends on FAIR_GROUP_SCHED
1015 This option allows users to define CPU bandwidth rates (limits) for
1016 tasks running within the fair group scheduler. Groups with no limit
1017 set are considered to be unconstrained and will run with no
1019 See Documentation/scheduler/sched-bwc.rst for more information.
1021 config RT_GROUP_SCHED
1022 bool "Group scheduling for SCHED_RR/FIFO"
1023 depends on CGROUP_SCHED
1026 This feature lets you explicitly allocate real CPU bandwidth
1027 to task groups. If enabled, it will also make it impossible to
1028 schedule realtime tasks for non-root users until you allocate
1029 realtime bandwidth for them.
1030 See Documentation/scheduler/sched-rt-group.rst for more information.
1034 config UCLAMP_TASK_GROUP
1035 bool "Utilization clamping per group of tasks"
1036 depends on CGROUP_SCHED
1037 depends on UCLAMP_TASK
1040 This feature enables the scheduler to track the clamped utilization
1041 of each CPU based on RUNNABLE tasks currently scheduled on that CPU.
1043 When this option is enabled, the user can specify a min and max
1044 CPU bandwidth which is allowed for each single task in a group.
1045 The max bandwidth allows to clamp the maximum frequency a task
1046 can use, while the min bandwidth allows to define a minimum
1047 frequency a task will always use.
1049 When task group based utilization clamping is enabled, an eventually
1050 specified task-specific clamp value is constrained by the cgroup
1051 specified clamp value. Both minimum and maximum task clamping cannot
1052 be bigger than the corresponding clamping defined at task group level.
1057 bool "PIDs controller"
1059 Provides enforcement of process number limits in the scope of a
1060 cgroup. Any attempt to fork more processes than is allowed in the
1061 cgroup will fail. PIDs are fundamentally a global resource because it
1062 is fairly trivial to reach PID exhaustion before you reach even a
1063 conservative kmemcg limit. As a result, it is possible to grind a
1064 system to halt without being limited by other cgroup policies. The
1065 PIDs controller is designed to stop this from happening.
1067 It should be noted that organisational operations (such as attaching
1068 to a cgroup hierarchy) will *not* be blocked by the PIDs controller,
1069 since the PIDs limit only affects a process's ability to fork, not to
1073 bool "RDMA controller"
1075 Provides enforcement of RDMA resources defined by IB stack.
1076 It is fairly easy for consumers to exhaust RDMA resources, which
1077 can result into resource unavailability to other consumers.
1078 RDMA controller is designed to stop this from happening.
1079 Attaching processes with active RDMA resources to the cgroup
1080 hierarchy is allowed even if can cross the hierarchy's limit.
1082 config CGROUP_FREEZER
1083 bool "Freezer controller"
1085 Provides a way to freeze and unfreeze all tasks in a
1088 This option affects the ORIGINAL cgroup interface. The cgroup2 memory
1089 controller includes important in-kernel memory consumers per default.
1091 If you're using cgroup2, say N.
1093 config CGROUP_HUGETLB
1094 bool "HugeTLB controller"
1095 depends on HUGETLB_PAGE
1099 Provides a cgroup controller for HugeTLB pages.
1100 When you enable this, you can put a per cgroup limit on HugeTLB usage.
1101 The limit is enforced during page fault. Since HugeTLB doesn't
1102 support page reclaim, enforcing the limit at page fault time implies
1103 that, the application will get SIGBUS signal if it tries to access
1104 HugeTLB pages beyond its limit. This requires the application to know
1105 beforehand how much HugeTLB pages it would require for its use. The
1106 control group is tracked in the third page lru pointer. This means
1107 that we cannot use the controller with huge page less than 3 pages.
1110 bool "Cpuset controller"
1113 This option will let you create and manage CPUSETs which
1114 allow dynamically partitioning a system into sets of CPUs and
1115 Memory Nodes and assigning tasks to run only within those sets.
1116 This is primarily useful on large SMP or NUMA systems.
1120 config PROC_PID_CPUSET
1121 bool "Include legacy /proc/<pid>/cpuset file"
1125 config CGROUP_DEVICE
1126 bool "Device controller"
1128 Provides a cgroup controller implementing whitelists for
1129 devices which a process in the cgroup can mknod or open.
1131 config CGROUP_CPUACCT
1132 bool "Simple CPU accounting controller"
1134 Provides a simple controller for monitoring the
1135 total CPU consumed by the tasks in a cgroup.
1138 bool "Perf controller"
1139 depends on PERF_EVENTS
1141 This option extends the perf per-cpu mode to restrict monitoring
1142 to threads which belong to the cgroup specified and run on the
1143 designated cpu. Or this can be used to have cgroup ID in samples
1144 so that it can monitor performance events among cgroups.
1149 bool "Support for eBPF programs attached to cgroups"
1150 depends on BPF_SYSCALL
1151 select SOCK_CGROUP_DATA
1153 Allow attaching eBPF programs to a cgroup using the bpf(2)
1154 syscall command BPF_PROG_ATTACH.
1156 In which context these programs are accessed depends on the type
1157 of attachment. For instance, programs that are attached using
1158 BPF_CGROUP_INET_INGRESS will be executed on the ingress path of
1162 bool "Misc resource controller"
1165 Provides a controller for miscellaneous resources on a host.
1167 Miscellaneous scalar resources are the resources on the host system
1168 which cannot be abstracted like the other cgroups. This controller
1169 tracks and limits the miscellaneous resources used by a process
1170 attached to a cgroup hierarchy.
1172 For more information, please check misc cgroup section in
1173 /Documentation/admin-guide/cgroup-v2.rst.
1176 bool "Debug controller"
1178 depends on DEBUG_KERNEL
1180 This option enables a simple controller that exports
1181 debugging information about the cgroups framework. This
1182 controller is for control cgroup debugging only. Its
1183 interfaces are not stable.
1187 config SOCK_CGROUP_DATA
1193 menuconfig NAMESPACES
1194 bool "Namespaces support" if EXPERT
1195 depends on MULTIUSER
1198 Provides the way to make tasks work with different objects using
1199 the same id. For example same IPC id may refer to different objects
1200 or same user id or pid may refer to different tasks when used in
1201 different namespaces.
1206 bool "UTS namespace"
1209 In this namespace tasks see different info provided with the
1213 bool "TIME namespace"
1214 depends on GENERIC_VDSO_TIME_NS
1217 In this namespace boottime and monotonic clocks can be set.
1218 The time will keep going with the same pace.
1221 bool "IPC namespace"
1222 depends on (SYSVIPC || POSIX_MQUEUE)
1225 In this namespace tasks work with IPC ids which correspond to
1226 different IPC objects in different namespaces.
1229 bool "User namespace"
1232 This allows containers, i.e. vservers, to use user namespaces
1233 to provide different user info for different servers.
1235 When user namespaces are enabled in the kernel it is
1236 recommended that the MEMCG option also be enabled and that
1237 user-space use the memory control groups to limit the amount
1238 of memory a memory unprivileged users can use.
1243 bool "PID Namespaces"
1246 Support process id namespaces. This allows having multiple
1247 processes with the same pid as long as they are in different
1248 pid namespaces. This is a building block of containers.
1251 bool "Network namespace"
1255 Allow user space to create what appear to be multiple instances
1256 of the network stack.
1260 config CHECKPOINT_RESTORE
1261 bool "Checkpoint/restore support"
1262 select PROC_CHILDREN
1266 Enables additional kernel features in a sake of checkpoint/restore.
1267 In particular it adds auxiliary prctl codes to setup process text,
1268 data and heap segment sizes, and a few additional /proc filesystem
1271 If unsure, say N here.
1273 config SCHED_AUTOGROUP
1274 bool "Automatic process group scheduling"
1277 select FAIR_GROUP_SCHED
1279 This option optimizes the scheduler for common desktop workloads by
1280 automatically creating and populating task groups. This separation
1281 of workloads isolates aggressive CPU burners (like build jobs) from
1282 desktop applications. Task group autogeneration is currently based
1285 config SYSFS_DEPRECATED
1286 bool "Enable deprecated sysfs features to support old userspace tools"
1290 This option adds code that switches the layout of the "block" class
1291 devices, to not show up in /sys/class/block/, but only in
1294 This switch is only active when the sysfs.deprecated=1 boot option is
1295 passed or the SYSFS_DEPRECATED_V2 option is set.
1297 This option allows new kernels to run on old distributions and tools,
1298 which might get confused by /sys/class/block/. Since 2007/2008 all
1299 major distributions and tools handle this just fine.
1301 Recent distributions and userspace tools after 2009/2010 depend on
1302 the existence of /sys/class/block/, and will not work with this
1305 Only if you are using a new kernel on an old distribution, you might
1308 config SYSFS_DEPRECATED_V2
1309 bool "Enable deprecated sysfs features by default"
1312 depends on SYSFS_DEPRECATED
1314 Enable deprecated sysfs by default.
1316 See the CONFIG_SYSFS_DEPRECATED option for more details about this
1319 Only if you are using a new kernel on an old distribution, you might
1320 need to say Y here. Even then, odds are you would not need it
1321 enabled, you can always pass the boot option if absolutely necessary.
1324 bool "Kernel->user space relay support (formerly relayfs)"
1327 This option enables support for relay interface support in
1328 certain file systems (such as debugfs).
1329 It is designed to provide an efficient mechanism for tools and
1330 facilities to relay large amounts of data from kernel space to
1335 config BLK_DEV_INITRD
1336 bool "Initial RAM filesystem and RAM disk (initramfs/initrd) support"
1338 The initial RAM filesystem is a ramfs which is loaded by the
1339 boot loader (loadlin or lilo) and that is mounted as root
1340 before the normal boot procedure. It is typically used to
1341 load modules needed to mount the "real" root file system,
1342 etc. See <file:Documentation/admin-guide/initrd.rst> for details.
1344 If RAM disk support (BLK_DEV_RAM) is also included, this
1345 also enables initial RAM disk (initrd) support and adds
1346 15 Kbytes (more on some other architectures) to the kernel size.
1352 source "usr/Kconfig"
1357 bool "Boot config support"
1358 select BLK_DEV_INITRD
1360 Extra boot config allows system admin to pass a config file as
1361 complemental extension of kernel cmdline when booting.
1362 The boot config file must be attached at the end of initramfs
1363 with checksum, size and magic word.
1364 See <file:Documentation/admin-guide/bootconfig.rst> for details.
1369 prompt "Compiler optimization level"
1370 default CC_OPTIMIZE_FOR_PERFORMANCE
1372 config CC_OPTIMIZE_FOR_PERFORMANCE
1373 bool "Optimize for performance (-O2)"
1375 This is the default optimization level for the kernel, building
1376 with the "-O2" compiler flag for best performance and most
1377 helpful compile-time warnings.
1379 config CC_OPTIMIZE_FOR_PERFORMANCE_O3
1380 bool "Optimize more for performance (-O3)"
1383 Choosing this option will pass "-O3" to your compiler to optimize
1384 the kernel yet more for performance.
1386 config CC_OPTIMIZE_FOR_SIZE
1387 bool "Optimize for size (-Os)"
1389 Choosing this option will pass "-Os" to your compiler resulting
1390 in a smaller kernel.
1394 config HAVE_LD_DEAD_CODE_DATA_ELIMINATION
1397 This requires that the arch annotates or otherwise protects
1398 its external entry points from being discarded. Linker scripts
1399 must also merge .text.*, .data.*, and .bss.* correctly into
1400 output sections. Care must be taken not to pull in unrelated
1401 sections (e.g., '.text.init'). Typically '.' in section names
1402 is used to distinguish them from label names / C identifiers.
1404 config LD_DEAD_CODE_DATA_ELIMINATION
1405 bool "Dead code and data elimination (EXPERIMENTAL)"
1406 depends on HAVE_LD_DEAD_CODE_DATA_ELIMINATION
1408 depends on $(cc-option,-ffunction-sections -fdata-sections)
1409 depends on $(ld-option,--gc-sections)
1411 Enable this if you want to do dead code and data elimination with
1412 the linker by compiling with -ffunction-sections -fdata-sections,
1413 and linking with --gc-sections.
1415 This can reduce on disk and in-memory size of the kernel
1416 code and static data, particularly for small configs and
1417 on small systems. This has the possibility of introducing
1418 silently broken kernel if the required annotations are not
1419 present. This option is not well tested yet, so use at your
1422 config LD_ORPHAN_WARN
1424 depends on ARCH_WANT_LD_ORPHAN_WARN
1425 depends on !LD_IS_LLD || LLD_VERSION >= 110000
1426 depends on $(ld-option,--orphan-handling=warn)
1434 config SYSCTL_EXCEPTION_TRACE
1437 Enable support for /proc/sys/debug/exception-trace.
1439 config SYSCTL_ARCH_UNALIGN_NO_WARN
1442 Enable support for /proc/sys/kernel/ignore-unaligned-usertrap
1443 Allows arch to define/use @no_unaligned_warning to possibly warn
1444 about unaligned access emulation going on under the hood.
1446 config SYSCTL_ARCH_UNALIGN_ALLOW
1449 Enable support for /proc/sys/kernel/unaligned-trap
1450 Allows arches to define/use @unaligned_enabled to runtime toggle
1451 the unaligned access emulation.
1452 see arch/parisc/kernel/unaligned.c for reference
1454 config HAVE_PCSPKR_PLATFORM
1457 # interpreter that classic socket filters depend on
1462 bool "Configure standard kernel features (expert users)"
1463 # Unhide debug options, to make the on-by-default options visible
1466 This option allows certain base kernel options and settings
1467 to be disabled or tweaked. This is for specialized
1468 environments which can tolerate a "non-standard" kernel.
1469 Only use this if you really know what you are doing.
1472 bool "Enable 16-bit UID system calls" if EXPERT
1473 depends on HAVE_UID16 && MULTIUSER
1476 This enables the legacy 16-bit UID syscall wrappers.
1479 bool "Multiple users, groups and capabilities support" if EXPERT
1482 This option enables support for non-root users, groups and
1485 If you say N here, all processes will run with UID 0, GID 0, and all
1486 possible capabilities. Saying N here also compiles out support for
1487 system calls related to UIDs, GIDs, and capabilities, such as setuid,
1490 If unsure, say Y here.
1492 config SGETMASK_SYSCALL
1493 bool "sgetmask/ssetmask syscalls support" if EXPERT
1494 def_bool PARISC || M68K || PPC || MIPS || X86 || SPARC || MICROBLAZE || SUPERH
1496 sys_sgetmask and sys_ssetmask are obsolete system calls
1497 no longer supported in libc but still enabled by default in some
1500 If unsure, leave the default option here.
1502 config SYSFS_SYSCALL
1503 bool "Sysfs syscall support" if EXPERT
1506 sys_sysfs is an obsolete system call no longer supported in libc.
1507 Note that disabling this option is more secure but might break
1508 compatibility with some systems.
1510 If unsure say Y here.
1513 bool "open by fhandle syscalls" if EXPERT
1517 If you say Y here, a user level program will be able to map
1518 file names to handle and then later use the handle for
1519 different file system operations. This is useful in implementing
1520 userspace file servers, which now track files using handles instead
1521 of names. The handle would remain the same even if file names
1522 get renamed. Enables open_by_handle_at(2) and name_to_handle_at(2)
1526 bool "Posix Clocks & timers" if EXPERT
1529 This includes native support for POSIX timers to the kernel.
1530 Some embedded systems have no use for them and therefore they
1531 can be configured out to reduce the size of the kernel image.
1533 When this option is disabled, the following syscalls won't be
1534 available: timer_create, timer_gettime: timer_getoverrun,
1535 timer_settime, timer_delete, clock_adjtime, getitimer,
1536 setitimer, alarm. Furthermore, the clock_settime, clock_gettime,
1537 clock_getres and clock_nanosleep syscalls will be limited to
1538 CLOCK_REALTIME, CLOCK_MONOTONIC and CLOCK_BOOTTIME only.
1544 bool "Enable support for printk" if EXPERT
1547 This option enables normal printk support. Removing it
1548 eliminates most of the message strings from the kernel image
1549 and makes the kernel more or less silent. As this makes it
1550 very difficult to diagnose system problems, saying N here is
1551 strongly discouraged.
1554 bool "BUG() support" if EXPERT
1557 Disabling this option eliminates support for BUG and WARN, reducing
1558 the size of your kernel image and potentially quietly ignoring
1559 numerous fatal conditions. You should only consider disabling this
1560 option for embedded systems with no facilities for reporting errors.
1566 bool "Enable ELF core dumps" if EXPERT
1568 Enable support for generating core dumps. Disabling saves about 4k.
1571 config PCSPKR_PLATFORM
1572 bool "Enable PC-Speaker support" if EXPERT
1573 depends on HAVE_PCSPKR_PLATFORM
1577 This option allows to disable the internal PC-Speaker
1578 support, saving some memory.
1582 bool "Enable full-sized data structures for core" if EXPERT
1584 Disabling this option reduces the size of miscellaneous core
1585 kernel data structures. This saves memory on small machines,
1586 but may reduce performance.
1589 bool "Enable futex support" if EXPERT
1593 Disabling this option will cause the kernel to be built without
1594 support for "fast userspace mutexes". The resulting kernel may not
1595 run glibc-based applications correctly.
1599 depends on FUTEX && RT_MUTEXES
1602 config HAVE_FUTEX_CMPXCHG
1606 Architectures should select this if futex_atomic_cmpxchg_inatomic()
1607 is implemented and always working. This removes a couple of runtime
1611 bool "Enable eventpoll support" if EXPERT
1614 Disabling this option will cause the kernel to be built without
1615 support for epoll family of system calls.
1618 bool "Enable signalfd() system call" if EXPERT
1621 Enable the signalfd() system call that allows to receive signals
1622 on a file descriptor.
1627 bool "Enable timerfd() system call" if EXPERT
1630 Enable the timerfd() system call that allows to receive timer
1631 events on a file descriptor.
1636 bool "Enable eventfd() system call" if EXPERT
1639 Enable the eventfd() system call that allows to receive both
1640 kernel notification (ie. KAIO) or userspace notifications.
1645 bool "Use full shmem filesystem" if EXPERT
1649 The shmem is an internal filesystem used to manage shared memory.
1650 It is backed by swap and manages resource limits. It is also exported
1651 to userspace as tmpfs if TMPFS is enabled. Disabling this
1652 option replaces shmem and tmpfs with the much simpler ramfs code,
1653 which may be appropriate on small systems without swap.
1656 bool "Enable AIO support" if EXPERT
1659 This option enables POSIX asynchronous I/O which may by used
1660 by some high performance threaded applications. Disabling
1661 this option saves about 7k.
1664 bool "Enable IO uring support" if EXPERT
1668 This option enables support for the io_uring interface, enabling
1669 applications to submit and complete IO through submission and
1670 completion rings that are shared between the kernel and application.
1672 config ADVISE_SYSCALLS
1673 bool "Enable madvise/fadvise syscalls" if EXPERT
1676 This option enables the madvise and fadvise syscalls, used by
1677 applications to advise the kernel about their future memory or file
1678 usage, improving performance. If building an embedded system where no
1679 applications use these syscalls, you can disable this option to save
1682 config HAVE_ARCH_USERFAULTFD_WP
1685 Arch has userfaultfd write protection support
1687 config HAVE_ARCH_USERFAULTFD_MINOR
1690 Arch has userfaultfd minor fault support
1693 bool "Enable membarrier() system call" if EXPERT
1696 Enable the membarrier() system call that allows issuing memory
1697 barriers across all running threads, which can be used to distribute
1698 the cost of user-space memory barriers asymmetrically by transforming
1699 pairs of memory barriers into pairs consisting of membarrier() and a
1705 bool "Load all symbols for debugging/ksymoops" if EXPERT
1708 Say Y here to let the kernel print out symbolic crash information and
1709 symbolic stack backtraces. This increases the size of the kernel
1710 somewhat, as all symbols have to be loaded into the kernel image.
1713 bool "Include all symbols in kallsyms"
1714 depends on DEBUG_KERNEL && KALLSYMS
1716 Normally kallsyms only contains the symbols of functions for nicer
1717 OOPS messages and backtraces (i.e., symbols from the text and inittext
1718 sections). This is sufficient for most cases. And only in very rare
1719 cases (e.g., when a debugger is used) all symbols are required (e.g.,
1720 names of variables from the data sections, etc).
1722 This option makes sure that all symbols are loaded into the kernel
1723 image (i.e., symbols from all sections) in cost of increased kernel
1724 size (depending on the kernel configuration, it may be 300KiB or
1725 something like this).
1727 Say N unless you really need all symbols.
1729 config KALLSYMS_ABSOLUTE_PERCPU
1732 default X86_64 && SMP
1734 config KALLSYMS_BASE_RELATIVE
1739 Instead of emitting them as absolute values in the native word size,
1740 emit the symbol references in the kallsyms table as 32-bit entries,
1741 each containing a relative value in the range [base, base + U32_MAX]
1742 or, when KALLSYMS_ABSOLUTE_PERCPU is in effect, each containing either
1743 an absolute value in the range [0, S32_MAX] or a relative value in the
1744 range [base, base + S32_MAX], where base is the lowest relative symbol
1745 address encountered in the image.
1747 On 64-bit builds, this reduces the size of the address table by 50%,
1748 but more importantly, it results in entries whose values are build
1749 time constants, and no relocation pass is required at runtime to fix
1750 up the entries based on the runtime load address of the kernel.
1752 # end of the "standard kernel features (expert users)" menu
1754 # syscall, maps, verifier
1757 bool "Enable userfaultfd() system call"
1760 Enable the userfaultfd() system call that allows to intercept and
1761 handle page faults in userland.
1763 config ARCH_HAS_MEMBARRIER_CALLBACKS
1766 config ARCH_HAS_MEMBARRIER_SYNC_CORE
1770 bool "Enable kcmp() system call" if EXPERT
1772 Enable the kernel resource comparison system call. It provides
1773 user-space with the ability to compare two processes to see if they
1774 share a common resource, such as a file descriptor or even virtual
1780 bool "Enable rseq() system call" if EXPERT
1782 depends on HAVE_RSEQ
1785 Enable the restartable sequences system call. It provides a
1786 user-space cache for the current CPU number value, which
1787 speeds up getting the current CPU number from user-space,
1788 as well as an ABI to speed up user-space operations on
1795 bool "Enabled debugging of rseq() system call" if EXPERT
1796 depends on RSEQ && DEBUG_KERNEL
1798 Enable extra debugging checks for the rseq system call.
1803 bool "Embedded system"
1806 This option should be enabled if compiling the kernel for
1807 an embedded system so certain expert options are available
1810 config HAVE_PERF_EVENTS
1813 See tools/perf/design.txt for details.
1815 config PERF_USE_VMALLOC
1818 See tools/perf/design.txt for details
1821 bool "PC/104 support" if EXPERT
1823 Expose PC/104 form factor device drivers and options available for
1824 selection and configuration. Enable this option if your target
1825 machine has a PC/104 bus.
1827 menu "Kernel Performance Events And Counters"
1830 bool "Kernel performance events and counters"
1831 default y if PROFILING
1832 depends on HAVE_PERF_EVENTS
1836 Enable kernel support for various performance events provided
1837 by software and hardware.
1839 Software events are supported either built-in or via the
1840 use of generic tracepoints.
1842 Most modern CPUs support performance events via performance
1843 counter registers. These registers count the number of certain
1844 types of hw events: such as instructions executed, cachemisses
1845 suffered, or branches mis-predicted - without slowing down the
1846 kernel or applications. These registers can also trigger interrupts
1847 when a threshold number of events have passed - and can thus be
1848 used to profile the code that runs on that CPU.
1850 The Linux Performance Event subsystem provides an abstraction of
1851 these software and hardware event capabilities, available via a
1852 system call and used by the "perf" utility in tools/perf/. It
1853 provides per task and per CPU counters, and it provides event
1854 capabilities on top of those.
1858 config DEBUG_PERF_USE_VMALLOC
1860 bool "Debug: use vmalloc to back perf mmap() buffers"
1861 depends on PERF_EVENTS && DEBUG_KERNEL && !PPC
1862 select PERF_USE_VMALLOC
1864 Use vmalloc memory to back perf mmap() buffers.
1866 Mostly useful for debugging the vmalloc code on platforms
1867 that don't require it.
1873 config VM_EVENT_COUNTERS
1875 bool "Enable VM event counters for /proc/vmstat" if EXPERT
1877 VM event counters are needed for event counts to be shown.
1878 This option allows the disabling of the VM event counters
1879 on EXPERT systems. /proc/vmstat will only show page counts
1880 if VM event counters are disabled.
1884 bool "Enable SLUB debugging support" if EXPERT
1885 depends on SLUB && SYSFS
1887 SLUB has extensive debug support features. Disabling these can
1888 result in significant savings in code size. This also disables
1889 SLUB sysfs support. /sys/slab will not exist and there will be
1890 no support for cache validation etc.
1893 bool "Disable heap randomization"
1896 Randomizing heap placement makes heap exploits harder, but it
1897 also breaks ancient binaries (including anything libc5 based).
1898 This option changes the bootup default to heap randomization
1899 disabled, and can be overridden at runtime by setting
1900 /proc/sys/kernel/randomize_va_space to 2.
1902 On non-ancient distros (post-2000 ones) N is usually a safe choice.
1905 prompt "Choose SLAB allocator"
1908 This option allows to select a slab allocator.
1912 select HAVE_HARDENED_USERCOPY_ALLOCATOR
1914 The regular slab allocator that is established and known to work
1915 well in all environments. It organizes cache hot objects in
1916 per cpu and per node queues.
1919 bool "SLUB (Unqueued Allocator)"
1920 select HAVE_HARDENED_USERCOPY_ALLOCATOR
1922 SLUB is a slab allocator that minimizes cache line usage
1923 instead of managing queues of cached objects (SLAB approach).
1924 Per cpu caching is realized using slabs of objects instead
1925 of queues of objects. SLUB can use memory efficiently
1926 and has enhanced diagnostics. SLUB is the default choice for
1931 bool "SLOB (Simple Allocator)"
1933 SLOB replaces the stock allocator with a drastically simpler
1934 allocator. SLOB is generally more space efficient but
1935 does not perform as well on large systems.
1939 config SLAB_MERGE_DEFAULT
1940 bool "Allow slab caches to be merged"
1943 For reduced kernel memory fragmentation, slab caches can be
1944 merged when they share the same size and other characteristics.
1945 This carries a risk of kernel heap overflows being able to
1946 overwrite objects from merged caches (and more easily control
1947 cache layout), which makes such heap attacks easier to exploit
1948 by attackers. By keeping caches unmerged, these kinds of exploits
1949 can usually only damage objects in the same cache. To disable
1950 merging at runtime, "slab_nomerge" can be passed on the kernel
1953 config SLAB_FREELIST_RANDOM
1954 bool "Randomize slab freelist"
1955 depends on SLAB || SLUB
1957 Randomizes the freelist order used on creating new pages. This
1958 security feature reduces the predictability of the kernel slab
1959 allocator against heap overflows.
1961 config SLAB_FREELIST_HARDENED
1962 bool "Harden slab freelist metadata"
1963 depends on SLAB || SLUB
1965 Many kernel heap attacks try to target slab cache metadata and
1966 other infrastructure. This options makes minor performance
1967 sacrifices to harden the kernel slab allocator against common
1968 freelist exploit methods. Some slab implementations have more
1969 sanity-checking than others. This option is most effective with
1972 config SHUFFLE_PAGE_ALLOCATOR
1973 bool "Page allocator randomization"
1974 default SLAB_FREELIST_RANDOM && ACPI_NUMA
1976 Randomization of the page allocator improves the average
1977 utilization of a direct-mapped memory-side-cache. See section
1978 5.2.27 Heterogeneous Memory Attribute Table (HMAT) in the ACPI
1979 6.2a specification for an example of how a platform advertises
1980 the presence of a memory-side-cache. There are also incidental
1981 security benefits as it reduces the predictability of page
1982 allocations to compliment SLAB_FREELIST_RANDOM, but the
1983 default granularity of shuffling on the "MAX_ORDER - 1" i.e,
1984 10th order of pages is selected based on cache utilization
1987 While the randomization improves cache utilization it may
1988 negatively impact workloads on platforms without a cache. For
1989 this reason, by default, the randomization is enabled only
1990 after runtime detection of a direct-mapped memory-side-cache.
1991 Otherwise, the randomization may be force enabled with the
1992 'page_alloc.shuffle' kernel command line parameter.
1996 config SLUB_CPU_PARTIAL
1998 depends on SLUB && SMP
1999 bool "SLUB per cpu partial cache"
2001 Per cpu partial caches accelerate objects allocation and freeing
2002 that is local to a processor at the price of more indeterminism
2003 in the latency of the free. On overflow these caches will be cleared
2004 which requires the taking of locks that may cause latency spikes.
2005 Typically one would choose no for a realtime system.
2007 config MMAP_ALLOW_UNINITIALIZED
2008 bool "Allow mmapped anonymous memory to be uninitialized"
2009 depends on EXPERT && !MMU
2012 Normally, and according to the Linux spec, anonymous memory obtained
2013 from mmap() has its contents cleared before it is passed to
2014 userspace. Enabling this config option allows you to request that
2015 mmap() skip that if it is given an MAP_UNINITIALIZED flag, thus
2016 providing a huge performance boost. If this option is not enabled,
2017 then the flag will be ignored.
2019 This is taken advantage of by uClibc's malloc(), and also by
2020 ELF-FDPIC binfmt's brk and stack allocator.
2022 Because of the obvious security issues, this option should only be
2023 enabled on embedded devices where you control what is run in
2024 userspace. Since that isn't generally a problem on no-MMU systems,
2025 it is normally safe to say Y here.
2027 See Documentation/admin-guide/mm/nommu-mmap.rst for more information.
2029 config SYSTEM_DATA_VERIFICATION
2031 select SYSTEM_TRUSTED_KEYRING
2035 select ASYMMETRIC_KEY_TYPE
2036 select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
2039 select X509_CERTIFICATE_PARSER
2040 select PKCS7_MESSAGE_PARSER
2042 Provide PKCS#7 message verification using the contents of the system
2043 trusted keyring to provide public keys. This then can be used for
2044 module verification, kexec image verification and firmware blob
2048 bool "Profiling support"
2050 Say Y here to enable the extended profiling support mechanisms used
2054 # Place an empty function call at each tracepoint site. Can be
2055 # dynamically changed for a probe function.
2060 endmenu # General setup
2062 source "arch/Kconfig"
2069 default 0 if BASE_FULL
2070 default 1 if !BASE_FULL
2072 config MODULE_SIG_FORMAT
2074 select SYSTEM_DATA_VERIFICATION
2077 bool "Enable loadable module support"
2080 Kernel modules are small pieces of compiled code which can
2081 be inserted in the running kernel, rather than being
2082 permanently built into the kernel. You use the "modprobe"
2083 tool to add (and sometimes remove) them. If you say Y here,
2084 many parts of the kernel can be built as modules (by
2085 answering M instead of Y where indicated): this is most
2086 useful for infrequently used options which are not required
2087 for booting. For more information, see the man pages for
2088 modprobe, lsmod, modinfo, insmod and rmmod.
2090 If you say Y here, you will need to run "make
2091 modules_install" to put the modules under /lib/modules/
2092 where modprobe can find them (you may need to be root to do
2099 config MODULE_FORCE_LOAD
2100 bool "Forced module loading"
2103 Allow loading of modules without version information (ie. modprobe
2104 --force). Forced module loading sets the 'F' (forced) taint flag and
2105 is usually a really bad idea.
2107 config MODULE_UNLOAD
2108 bool "Module unloading"
2110 Without this option you will not be able to unload any
2111 modules (note that some modules may not be unloadable
2112 anyway), which makes your kernel smaller, faster
2113 and simpler. If unsure, say Y.
2115 config MODULE_FORCE_UNLOAD
2116 bool "Forced module unloading"
2117 depends on MODULE_UNLOAD
2119 This option allows you to force a module to unload, even if the
2120 kernel believes it is unsafe: the kernel will remove the module
2121 without waiting for anyone to stop using it (using the -f option to
2122 rmmod). This is mainly for kernel developers and desperate users.
2126 bool "Module versioning support"
2128 Usually, you have to use modules compiled with your kernel.
2129 Saying Y here makes it sometimes possible to use modules
2130 compiled for different kernels, by adding enough information
2131 to the modules to (hopefully) spot any changes which would
2132 make them incompatible with the kernel you are running. If
2135 config ASM_MODVERSIONS
2137 default HAVE_ASM_MODVERSIONS && MODVERSIONS
2139 This enables module versioning for exported symbols also from
2140 assembly. This can be enabled only when the target architecture
2143 config MODULE_REL_CRCS
2145 depends on MODVERSIONS
2147 config MODULE_SRCVERSION_ALL
2148 bool "Source checksum for all modules"
2150 Modules which contain a MODULE_VERSION get an extra "srcversion"
2151 field inserted into their modinfo section, which contains a
2152 sum of the source files which made it. This helps maintainers
2153 see exactly which source was used to build a module (since
2154 others sometimes change the module source without updating
2155 the version). With this option, such a "srcversion" field
2156 will be created for all modules. If unsure, say N.
2159 bool "Module signature verification"
2160 select MODULE_SIG_FORMAT
2162 Check modules for valid signatures upon load: the signature
2163 is simply appended to the module. For more information see
2164 <file:Documentation/admin-guide/module-signing.rst>.
2166 Note that this option adds the OpenSSL development packages as a
2167 kernel build dependency so that the signing tool can use its crypto
2170 You should enable this option if you wish to use either
2171 CONFIG_SECURITY_LOCKDOWN_LSM or lockdown functionality imposed via
2172 another LSM - otherwise unsigned modules will be loadable regardless
2173 of the lockdown policy.
2175 !!!WARNING!!! If you enable this option, you MUST make sure that the
2176 module DOES NOT get stripped after being signed. This includes the
2177 debuginfo strip done by some packagers (such as rpmbuild) and
2178 inclusion into an initramfs that wants the module size reduced.
2180 config MODULE_SIG_FORCE
2181 bool "Require modules to be validly signed"
2182 depends on MODULE_SIG
2184 Reject unsigned modules or signed modules for which we don't have a
2185 key. Without this, such modules will simply taint the kernel.
2187 config MODULE_SIG_ALL
2188 bool "Automatically sign all modules"
2190 depends on MODULE_SIG || IMA_APPRAISE_MODSIG
2192 Sign all modules during make modules_install. Without this option,
2193 modules must be signed manually, using the scripts/sign-file tool.
2195 comment "Do not forget to sign required modules with scripts/sign-file"
2196 depends on MODULE_SIG_FORCE && !MODULE_SIG_ALL
2199 prompt "Which hash algorithm should modules be signed with?"
2200 depends on MODULE_SIG || IMA_APPRAISE_MODSIG
2202 This determines which sort of hashing algorithm will be used during
2203 signature generation. This algorithm _must_ be built into the kernel
2204 directly so that signature verification can take place. It is not
2205 possible to load a signed module containing the algorithm to check
2206 the signature on that module.
2208 config MODULE_SIG_SHA1
2209 bool "Sign modules with SHA-1"
2212 config MODULE_SIG_SHA224
2213 bool "Sign modules with SHA-224"
2214 select CRYPTO_SHA256
2216 config MODULE_SIG_SHA256
2217 bool "Sign modules with SHA-256"
2218 select CRYPTO_SHA256
2220 config MODULE_SIG_SHA384
2221 bool "Sign modules with SHA-384"
2222 select CRYPTO_SHA512
2224 config MODULE_SIG_SHA512
2225 bool "Sign modules with SHA-512"
2226 select CRYPTO_SHA512
2230 config MODULE_SIG_HASH
2232 depends on MODULE_SIG || IMA_APPRAISE_MODSIG
2233 default "sha1" if MODULE_SIG_SHA1
2234 default "sha224" if MODULE_SIG_SHA224
2235 default "sha256" if MODULE_SIG_SHA256
2236 default "sha384" if MODULE_SIG_SHA384
2237 default "sha512" if MODULE_SIG_SHA512
2240 prompt "Module compression mode"
2242 This option allows you to choose the algorithm which will be used to
2243 compress modules when 'make modules_install' is run. (or, you can
2244 choose to not compress modules at all.)
2246 External modules will also be compressed in the same way during the
2249 For modules inside an initrd or initramfs, it's more efficient to
2250 compress the whole initrd or initramfs instead.
2252 This is fully compatible with signed modules.
2254 Please note that the tool used to load modules needs to support the
2255 corresponding algorithm. module-init-tools MAY support gzip, and kmod
2256 MAY support gzip, xz and zstd.
2258 Your build system needs to provide the appropriate compression tool
2259 to compress the modules.
2261 If in doubt, select 'None'.
2263 config MODULE_COMPRESS_NONE
2266 Do not compress modules. The installed modules are suffixed
2269 config MODULE_COMPRESS_GZIP
2272 Compress modules with GZIP. The installed modules are suffixed
2275 config MODULE_COMPRESS_XZ
2278 Compress modules with XZ. The installed modules are suffixed
2281 config MODULE_COMPRESS_ZSTD
2284 Compress modules with ZSTD. The installed modules are suffixed
2289 config MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS
2290 bool "Allow loading of modules with missing namespace imports"
2292 Symbols exported with EXPORT_SYMBOL_NS*() are considered exported in
2293 a namespace. A module that makes use of a symbol exported with such a
2294 namespace is required to import the namespace via MODULE_IMPORT_NS().
2295 There is no technical reason to enforce correct namespace imports,
2296 but it creates consistency between symbols defining namespaces and
2297 users importing namespaces they make use of. This option relaxes this
2298 requirement and lifts the enforcement when loading a module.
2302 config MODPROBE_PATH
2303 string "Path to modprobe binary"
2304 default "/sbin/modprobe"
2306 When kernel code requests a module, it does so by calling
2307 the "modprobe" userspace utility. This option allows you to
2308 set the path where that binary is found. This can be changed
2309 at runtime via the sysctl file
2310 /proc/sys/kernel/modprobe. Setting this to the empty string
2311 removes the kernel's ability to request modules (but
2312 userspace can still load modules explicitly).
2314 config TRIM_UNUSED_KSYMS
2315 bool "Trim unused exported kernel symbols" if EXPERT
2316 depends on !COMPILE_TEST
2318 The kernel and some modules make many symbols available for
2319 other modules to use via EXPORT_SYMBOL() and variants. Depending
2320 on the set of modules being selected in your kernel configuration,
2321 many of those exported symbols might never be used.
2323 This option allows for unused exported symbols to be dropped from
2324 the build. In turn, this provides the compiler more opportunities
2325 (especially when using LTO) for optimizing the code and reducing
2326 binary size. This might have some security advantages as well.
2328 If unsure, or if you need to build out-of-tree modules, say N.
2330 config UNUSED_KSYMS_WHITELIST
2331 string "Whitelist of symbols to keep in ksymtab"
2332 depends on TRIM_UNUSED_KSYMS
2334 By default, all unused exported symbols will be un-exported from the
2335 build when TRIM_UNUSED_KSYMS is selected.
2337 UNUSED_KSYMS_WHITELIST allows to whitelist symbols that must be kept
2338 exported at all times, even in absence of in-tree users. The value to
2339 set here is the path to a text file containing the list of symbols,
2340 one per line. The path can be absolute, or relative to the kernel
2345 config MODULES_TREE_LOOKUP
2347 depends on PERF_EVENTS || TRACING || CFI_CLANG
2349 config INIT_ALL_POSSIBLE
2352 Back when each arch used to define their own cpu_online_mask and
2353 cpu_possible_mask, some of them chose to initialize cpu_possible_mask
2354 with all 1s, and others with all 0s. When they were centralised,
2355 it was better to provide this option than to break all the archs
2356 and have several arch maintainers pursuing me down dark alleys.
2358 source "block/Kconfig"
2360 config PREEMPT_NOTIFIERS
2370 Build a simple ASN.1 grammar compiler that produces a bytecode output
2371 that can be interpreted by the ASN.1 stream decoder and used to
2372 inform it as to what tags are to be expected in a stream and what
2373 functions to call on what tags.
2375 source "kernel/Kconfig.locks"
2377 config ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
2380 config ARCH_HAS_SYNC_CORE_BEFORE_USERMODE
2383 # It may be useful for an architecture to override the definitions of the
2384 # SYSCALL_DEFINE() and __SYSCALL_DEFINEx() macros in <linux/syscalls.h>
2385 # and the COMPAT_ variants in <linux/compat.h>, in particular to use a
2386 # different calling convention for syscalls. They can also override the
2387 # macros for not-implemented syscalls in kernel/sys_ni.c and
2388 # kernel/time/posix-stubs.c. All these overrides need to be available in
2389 # <asm/syscall_wrapper.h>.
2390 config ARCH_HAS_SYSCALL_WRAPPER
projects / mirror_ubuntu-jammy-kernel.git / blob