Kernel: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| Line 140: | Line 140: | ||
Security options ---> | Security options ---> | ||
[*] Enable different security models | [*] Enable different security models | ||
</pre> | |||
systemd-networkd: forwarding information base (FIB) rules support | |||
<pre> | |||
[*] Networking support ---> | |||
Networking options ---> | |||
[*] TCP/IP networking | |||
[*] IP: advanced router | |||
[*] IP: policy routing | |||
</pre> | </pre> | ||
Revision as of 12:53, 11 October 2017
Compile and Install
Exherbo
# make HOSTCC=x86_64-pc-linux-gnu-gcc CROSS_COMPILE=x86_64-pc-linux-gnu-
# make HOSTCC=x86_64-pc-linux-gnu-gcc CROSS_COMPILE=x86_64-pc-linux-gnu- -j5
# make HOSTCC=x86_64-pc-linux-gnu-gcc CROSS_COMPILE=x86_64-pc-linux-gnu- modules_install
# make HOSTCC=x86_64-pc-linux-gnu-gcc CROSS_COMPILE=x86_64-pc-linux-gnu- install
EFI Boot
| Linux Kernel Configuration: Kernel .config |
-*- Enable the block layer --->
Partition Types --->
[*] Advanced partition selection
[*] EFI GUID Partition support
Processor type and features --->
[*] EFI runtime service support
[*] EFI stub support
Bus options (PCI etc.) --->
[*] Mark VGA/VBE/EFI FB as generic system framebuffer
Device Drivers --->
Graphics support --->
Frame buffer Devices --->
<*> Support for frame buffer devices --->
[*] VESA VGA graphics support
[*] EFI-based Framebuffer Support
[*] Simple framebuffer support
Console display driver support --->
<*> Framebuffer Console support
Firmware Drivers --->
EFI (Extensible Firmware Interface) Support --->
<*> EFI Variable Support via sysfs
File systems --->
DOS/FAT/NT Filesystems --->
<*> MSDOS fs support
<*> VFAT (Windows-95) fs support
(850) Default codepage for FAT
(iso8859-15) Default iocharset for FAT
[*] Miscellaneous filesystems --->
<*> EFI Variable filesystem
-*- Native language support ---
<*> Codepage 850 (Europe)
<*> NLS ISO 8859-15 (Latin 9; Western European Languages with Euro)
|
GPT partitions
| Linux Kernel Configuration: Kernel .config |
-*- Enable the block layer --->
Partition Types --->
[*] Advanced partition selection
[*] EFI GUID Partition support
|
Ext4 filesystem
| Linux Kernel Configuration: Kernel .config |
File systems ---> <*> The Extended 4 (ext4) filesystem [*] Use ext4 for ext2/ext3 file systems [*] Ext4 extended attributes |
systemd
| Linux Kernel Configuration: Kernel .config |
General setup --->
[*] open by fhandle syscalls (CONFIG_FHANDLE)
[ ] Auditing support (CONFIG_AUDIT)
[*] Control Group support (CONFIG_CGROUPS) --->
[*] Freezer cgroup subsystem
[*] Device controller for cgroups
[*] Cpuset support
[*] Simple CPU accounting cgroup subsystem
[*] Resource counters
[*] Memory Resource Controller for Control Groups
[*] Memory Resource Controller Swap Extension
[*] Memory Resource Controller Swap Extension enabled by default
[*] Memory Resource Controller Kernel Memory accounting
[*] HugeTLB Resource Controller for Control Groups
[*] Enable perf_event per-cpu per-container group (cgroup) monitoring
[*] Group CPU scheduler --->
[*] Group scheduling for SCHED_OTHER
[*] CPU bandwidth provisioning for FAIR_GROUP_SCHED
[*] Group scheduling for SCHED_RR/FIFO
[*] Block IO controller
[*] Namespaces support --->
[*] UTS namespace
[*] IPC namespace
[*] User namespace
[*] PID Namespaces
[*] Network namespace
[*] Automatic process group scheduling
[ ] Enable deprecated sysfs features to support old userspace tools (CONFIG_SYSFS_DEPRECATED)
[ ] Configure standard kernel features (expert users) ----
[*] Enable the block layer --->
[*] Block layer SG support v4 (CONFIG_BLK_DEV_BSG)
Partition Types --->
[*] Advanced partition selection
[*] EFI GUID Partition support (CONFIG_EFI_PARTITION)
Processor type and features --->
[*] Transparent Hugepage Support
Transparent Hugepage Support sysfs defaults (always) --->
[*] Enable seccomp to safely compute untrusted bytecode (CONFIG_SECCOMP)
[*] EFI runtime service support
[*] Networking support (CONFIG_NET) --->
Networking options --->
[*] The IPv6 protocol (CONFIG_IPV6) --->
Device Drivers --->
Generic Driver Options --->
[ ] Support for uevent helper (CONFIG_UEVENT_HELPER)
[*] Maintain a devtmpfs filesystem to mount at /dev (CONFIG_DEVTMPFS)
[*] Automount devtmpfs at /dev, after the kernel mounted the rootfs
[ ] Fallback user-helper invocation for firmware loading (CONFIG_FW_LOADER_USER_HELPER_FALLBACK)
[*] Real Time Clock --->
[*] Set system time from RTC on startup and resume
(rtc0) RTC used to set the system time
[*] /sys/class/rtc/rtcN (sysfs)
[*] /proc/driver/rtc (procfs for rtc0)
[*] /dev/rtcN (character devices)
[*] PC-style 'CMOS'
Firmware Drivers --->
[*] Export DMI identification via sysfs to userspace (CONFIG_DMIID)
[*] DMI table support in sysfs
EFI (Extensible Firmware Interface) Support --->
[*] EFI Variable Support via sysfs (CONFIG_EFI_VARS)
File systems --->
[*] Inotify support for userspace (CONFIG_INOTIFY_USER)
[*] Filesystem wide access notification
[*] fanotify permissions checking
[*] Kernel automounter version 4 support (also supports v3) (CONFIG_AUTOFS4_FS)
Pseudo filesystems
[*] /proc file system support (CONFIG_PROC_FS)
[*] Tmpfs virtual memory file system support (former shm fs) (CONFIG_TMPFS)
[*] Tmpfs POSIX Access Control Lists (CONFIG_TMPFS_POSIX_ACL)
[*] Tmpfs extended attributes (CONFIG_TMPFS_XATTR)
[*] HugeTLB file system support
Security options --->
[*] Enable different security models
systemd-networkd: forwarding information base (FIB) rules support [*] Networking support --->
Networking options --->
[*] TCP/IP networking
[*] IP: advanced router
[*] IP: policy routing
SMACK support Security options ---> [*] Simplified Mandatory Access Control Kernel Support Default security module (Simplified Mandatory Access Control) ---> |
udev
| Linux Kernel Configuration: Kernel .config |
General setup ---> [*] open by fhandle syscalls (CONFIG_FHANDLE) [*] Enable the block layer ---> [*] Block layer SG support v4 [*] Networking support (CONFIG_NET) ---> Device Drivers ---> Generic Driver Options ---> [ ] Support for uevent helper (CONFIG_UEVENT_HELPER) [*] Maintain a devtmpfs filesystem to mount at /dev (CONFIG_DEVTMPFS) [*] Automount devtmpfs at /dev, after the kernel mounted the rootfs [ ] Fallback user-helper invocation for firmware loading (CONFIG_FW_LOADER_USER_HELPER_FALLBACK) Firmware Drivers ---> [*] Export DMI identification via sysfs to userspace (CONFIG_DMIID) File systems ---> Pseudo filesystems [*] Tmpfs virtual memory file system support (former shm fs) [*] Tmpfs POSIX Access Control Lists |
udisks2
| Linux Kernel Configuration: Kernel .config |
General setup ---> [*] Support for paging of anonymous memory (swap) Power management and ACPI options ---> [*] Run-time PM core functionality Device Drivers ---> [*] USB support ---> File systems ---> Pseudo filesystems [*] Tmpfs virtual memory file system support (former shm fs) [*] Tmpfs POSIX Access Control Lists [*] Native language support ---> (utf8) Default NLS Option [*] NLS UTF-8 |
NetworkManager
| Linux Kernel Configuration: Kernel .config |
General setup ---> [ ] Enable deprecated sysfs features to support old userspace tools Connection sharing support [*] Networking support --->
Networking options --->
[*] Network packet filtering framework (Netfilter) --->
Core Netfilter Configuration --->
<*> Netfilter connection tracking support
<*> Netfilter nf_tables support
IP: Netfilter Configuration --->
<*> IPv4 connection tracking support (required for NAT)
<*> IPv4 nf_tables support
<*> IPv4 NAT
<*> IPv4 nf_tables nat chain support
<*> IPv4 masquerade support
IPv6: Netfilter Configuration --->
<*> IPv6 connection tracking support
<*> IPv6 nf_tables support
<*> IPv6 NAT
<*> IPv6 nf_tables nat chain support
<*> IPv6 masquerade support
|
PulseAudio
| Linux Kernel Configuration: Kernel .config |
General setup ---> Timers subsystem ---> [*] High Resolution Timer Support (CONFIG_HIGH_RES_TIMERS) |
PulseAudio (Intel HD Audio)
| Linux Kernel Configuration: Kernel .config |
Device Drivers --->
<*> Sound card support --->
<*> Advanced Linux Sound Architecture --->
[*] PCI sound devices --->
<*> Intel HD Audio --->
(2048) Pre-allocated buffer size for HD-audio driver
[*] Support jack plugging notification via input layer
[*] Support initialization patch loading for HD-audio
[*] <Codec>
|
xf86-video-intel
| Linux Kernel Configuration: Kernel .config |
Device Drivers ---> Graphics support ---> [*] /dev/agpgart (AGP Support) ---> [*] Direct Rendering Manager (XFree86 4.1.0 and higher DRI support) ---> [*] Intel 8xx/9xx/G3x/G4x/HD Graphics [*] Enable modesetting on intel by default |
sydbox
| Linux Kernel Configuration: Kernel .config |
Processor type and features ---> [*] Cross Memory Support [*] Enable seccomp to safely compute untrusted bytecode |
Chromium/Chrome
| Linux Kernel Configuration: Kernel .config |
General setup ---> [*] Namespaces support ---> [*] PID Namespaces [*] Network namespace Processor type and features ---> [*] Enable seccomp to safely compute untrusted bytecode |
Fail2ban (iptables)
| Linux Kernel Configuration: Kernel .config |
[*] Networking support --->
Networking options --->
[*] Network packet filtering framework (Netfilter) --->
[*] Advanced netfilter configuration
Core Netfilter Configuration --->
-*- Netfilter Xtables support (required for ip_tables)
<*> "multiport" Multiple port match support
|
Apache
| Linux Kernel Configuration: Kernel .config |
General setup ---> [*] System V IPC mpm-itk 2.4.2 Processor type and features ---> [*] Enable seccomp to safely compute untrusted bytecode |
libvirt
| Linux Kernel Configuration: Kernel .config |
[*] Networking support --->
Networking options --->
[*] Advanced netfilter configuration
[*] Network packet filtering framework (Netfilter) --->
Core Netfilter Configuration --->
[*] CHECKSUM target support
[*] Network packet filtering framework (Netfilter) --->
[*] Ethernet Bridge tables (ebtables) support --->
Linux Containers virtualisation support: General setup ---> [*] POSIX Message Queues [*] Control Group support ---> [*] Freezer cgroup subsystem [*] Device controller for cgroups [*] Cpuset support [*] Simple CPU accounting cgroup subsystem [*] Resource counters [*] Memory Resource Controller for Control Groups [*] Memory Resource Controller Swap Extension [*] Memory Resource Controller Swap Extension enabled by default [*] Memory Resource Controller Kernel Memory accounting (EXPERIMENTAL) [*] Enable perf_event per-cpu per-container group (cgroup) monitoring [*] Group CPU scheduler ---> [*] Group scheduling for SCHED_OTHER [*] CPU bandwidth provisioning for FAIR_GROUP_SCHED [*] Group scheduling for SCHED_RR/FIFO [*] Block IO controller [*] Namespaces support ---> [*] UTS namespace [*] IPC namespace [*] PID Namespaces [*] Network namespace Device Drivers ---> Character devices ---> [*] Unix98 PTY support [*] Support multiple instances of devpts Device Drivers ---> [*] Network device support ---> [*] Network core driver support [*] MAC-VLAN support (EXPERIMENTAL) [*] Virtual ethernet pair device MAC-based TAP (macvlan/macvtap) for networking instead of the normal TUN/TAP: Device Drivers ---> [*] Network device support ---> [*] Network core driver support [*] MAC-VLAN support (EXPERIMENTAL) [*] MAC-VLAN based tap driver (EXPERIMENTAL) |
KVM host
| Linux Kernel Configuration: Kernel .config |
[*] Networking support ---> Networking options ---> [*] 802.1d Ethernet Bridging Device Drivers ---> [*] Network device support ---> [*] Network core driver support [*] Universal TUN/TAP device driver support [*] Virtualization ---> [*] Kernel-based Virtual Machine (KVM) support [*] KVM for Intel processors support [ ] KVM for AMD processors support [*] Host kernel accelerator for virtio net (EXPERIMENTAL) Bus options (PCI etc.) ---> [*] Enable PCI resource re-allocation detection [*] PCI Stub driver [*] PCI IOV support Device Drivers ---> [*] IOMMU Hardware Support ---> [ ] AMD IOMMU support [*] Support for Intel IOMMU using DMA Remapping Devices [*] Enable Intel DMA Remapping Devices by default [*] Support for Interrupt Remapping (EXPERIMENTAL) |
KVM guest
| Linux Kernel Configuration: Kernel .config |
Processor type and features ---> [*] Linux guest support ---> [*] Enable paravirtualization code [*] Paravirtualization layer for spinlocks [*] KVM Guest support (including kvmclock) Device Drivers ---> [*] Block devices ---> <*> Virtio block driver SCSI device support ---> [*] SCSI low-level drivers ---> <*> virtio-scsi support [*] Network device support ---> [*] Network core driver support <*> Virtio network driver Graphics support ---> <*> Direct Rendering Manager (XFree86 4.1.0 and higher DRI support) ---> <*> Cirrus driver for QEMU emulated device <*> Virtio GPU driver Virtio drivers ---> <*> PCI driver for virtio devices [*] Support for legacy virtio draft 0.9.X and older devices <*> Virtio balloon driver <*> Virtio input driver <*> Platform bus driver for memory mapped virtio devices |
open-vm-tools
VMware ESXi guest
| Linux Kernel Configuration: Kernel .config |
Processor type and features --->
[*] Allow for memory hot-add
[*] Allow for memory hot remove
[*] Support for hot-pluggable CPUs
[*] Networking support --->
Networking options --->
<*> Virtual Socket protocol
<*> VMware VMCI transport for Virtual Sockets
Device Drivers --->
Misc devices --->
[*] VMware Balloon Driver
<*> VMware VMCI Driver
SCSI device support --->
[*] SCSI low-level drivers --->
[*] VMware PVSCSI driver support
[*] Network device support --->
[*] VMware VMXNET3 ethernet driver
Graphics support --->
[*] Direct Rendering Manager (XFree86 4.1.0 and higher DRI support) --->
[*] DRM driver for VMware Virtual GPU
[*] Enable framebuffer console under vmwgfx by default
|
KDE Info Center
Support for displaying of energy consumption
| Linux Kernel Configuration: Kernel .config |
Kernel hacking ---> [*] Kernel debugging [*] Collect kernel timers statistics |