Kernel

From Q
Jump to navigation Jump to search

Compile and Install

Exherbo

# make -j5 && make modules_install && make install

EFI Boot

Linux Kernel Configuration: Kernel .config
-*- Enable the block layer  --->
 Partition Types  --->
  [*] Advanced partition selection
  [*]   EFI GUID Partition support
Processor type and features  --->
 [*] EFI runtime service support
 [*]   EFI stub support
Bus options (PCI etc.)  --->
 [*] Mark VGA/VBE/EFI FB as generic system framebuffer
Device Drivers  --->
 Graphics support  --->
  Frame buffer Devices  --->
   <*> Support for frame buffer devices  --->
    [*]   VESA VGA graphics support
    [*]   EFI-based Framebuffer Support
    [*]   Simple framebuffer support
  Console display driver support  --->
   <*> Framebuffer Console support
Firmware Drivers  --->
 EFI (Extensible Firmware Interface) Support  --->
  <*> EFI Variable Support via sysfs
File systems  --->
 DOS/FAT/NT Filesystems  --->
  <*> MSDOS fs support
  <*> VFAT (Windows-95) fs support
  (850) Default codepage for FAT
  (iso8859-15) Default iocharset for FAT
 Pseudo filesystems  --->
  <*>   EFI Variable filesystem
 -*- Native language support  ---
  <*>   Codepage 850 (Europe)
  <*>   NLS ISO 8859-15 (Latin 9; Western European Languages with Euro)

GPT partitions

Linux Kernel Configuration: Kernel .config
-*- Enable the block layer  --->
  Partition Types  --->
    [*] Advanced partition selection
    [*]   EFI GUID Partition support

Ext4 filesystem

Linux Kernel Configuration: Kernel .config
File systems  --->
 <*> The Extended 4 (ext4) filesystem
 [*]   Use ext4 for ext2/ext3 file systems
 [*]   Ext4 extended attributes

systemd

Linux Kernel Configuration: Kernel .config
General setup  --->
 [*] open by fhandle syscalls (CONFIG_FHANDLE)
 [ ] Auditing support (CONFIG_AUDIT)
 [*] Control Group support (CONFIG_CGROUPS) --->
  [*]   Freezer cgroup subsystem
  [*]   Device controller for cgroups
  [*]   Cpuset support
  [*]   Simple CPU accounting cgroup subsystem
  [*]   Resource counters
  [*]     Memory Resource Controller for Control Groups
  [*]       Memory Resource Controller Swap Extension
  [*]         Memory Resource Controller Swap Extension enabled by default
  [*]       Memory Resource Controller Kernel Memory accounting
  [*]     HugeTLB Resource Controller for Control Groups
  [*]   Enable perf_event per-cpu per-container group (cgroup) monitoring
  [*]   Group CPU scheduler  --->
   [*]   Group scheduling for SCHED_OTHER
   [*]     CPU bandwidth provisioning for FAIR_GROUP_SCHED
   [*]   Group scheduling for SCHED_RR/FIFO
  [*]   Block IO controller
  [*]   Support for eBPF programs attached to cgroups
 [*] Namespaces support  --->
  [*]   UTS namespace
  [*]   IPC namespace
  [*]   User namespace
  [*]   PID Namespaces
  [*]   Network namespace
 [*] Automatic process group scheduling
 [ ] Enable deprecated sysfs features to support old userspace tools (CONFIG_SYSFS_DEPRECATED)
 [ ] Configure standard kernel features (expert users)  ----
 [*] Enable bpf() system call
[*] Enable the block layer  --->
 [*]   Block layer SG support v4 (CONFIG_BLK_DEV_BSG)
 Partition Types  --->
  [*] Advanced partition selection
   [*]   EFI GUID Partition support (CONFIG_EFI_PARTITION)
Processor type and features  --->
 [*] Transparent Hugepage Support
       Transparent Hugepage Support sysfs defaults (always)  --->
 [*] Enable seccomp to safely compute untrusted bytecode (CONFIG_SECCOMP)
 [*] EFI runtime service support
[*] Networking support (CONFIG_NET) --->
 Networking options  --->
  [*]   The IPv6 protocol (CONFIG_IPV6)  --->
  [*] QoS and/or fair queueing  --->
   <*>   Fair Queue Controlled Delay AQM (FQ_CODEL)
Device Drivers  --->
 Generic Driver Options  --->
  [ ] Support for uevent helper (CONFIG_UEVENT_HELPER)
  [*] Maintain a devtmpfs filesystem to mount at /dev (CONFIG_DEVTMPFS)
  [*]   Automount devtmpfs at /dev, after the kernel mounted the rootfs
  [ ] Fallback user-helper invocation for firmware loading (CONFIG_FW_LOADER_USER_HELPER_FALLBACK)
 [*] Real Time Clock  --->
  [*]   Set system time from RTC on startup and resume
   (rtc0)  RTC used to set the system time
  [*]   /sys/class/rtc/rtcN (sysfs)
  [*]   /proc/driver/rtc (procfs for rtc0)
  [*]   /dev/rtcN (character devices)
  [*]   PC-style 'CMOS'
Firmware Drivers  --->
 [*] Export DMI identification via sysfs to userspace (CONFIG_DMIID)
 [*] DMI table support in sysfs
 EFI (Extensible Firmware Interface) Support  --->
  [*] EFI Variable Support via sysfs (CONFIG_EFI_VARS)
File systems  --->
 [*] Inotify support for userspace (CONFIG_INOTIFY_USER)
 [*] Filesystem wide access notification 
  [*]   fanotify permissions checking
 [*] Kernel automounter version 4 support (also supports v3) (CONFIG_AUTOFS4_FS)
 Pseudo filesystems
  [*] /proc file system support (CONFIG_PROC_FS)
  [*] Tmpfs virtual memory file system support (former shm fs) (CONFIG_TMPFS)
  [*]   Tmpfs POSIX Access Control Lists (CONFIG_TMPFS_POSIX_ACL)
  [*]   Tmpfs extended attributes (CONFIG_TMPFS_XATTR)
  [*] HugeTLB file system support
Security options  --->
 [*] Enable different security models

systemd-networkd: forwarding information base (FIB) rules support

[*] Networking support  --->
 Networking options  --->
  [*] TCP/IP networking
   [*]   IP: advanced router
    [*]     IP: policy routing

SMACK support

Security options  --->
 [*] Simplified Mandatory Access Control Kernel Support
 Default security module (Simplified Mandatory Access Control)  --->

udev

Linux Kernel Configuration: Kernel .config
General setup  --->
 [*] open by fhandle syscalls (CONFIG_FHANDLE)
[*] Enable the block layer  --->
 [*]   Block layer SG support v4
[*] Networking support (CONFIG_NET) --->
Device Drivers  --->
 Generic Driver Options  --->
  [ ] Support for uevent helper (CONFIG_UEVENT_HELPER)
  [*] Maintain a devtmpfs filesystem to mount at /dev (CONFIG_DEVTMPFS)
  [*]   Automount devtmpfs at /dev, after the kernel mounted the rootfs
  [ ] Fallback user-helper invocation for firmware loading (CONFIG_FW_LOADER_USER_HELPER_FALLBACK)
Firmware Drivers  --->
 [*] Export DMI identification via sysfs to userspace (CONFIG_DMIID)
File systems  --->
 Pseudo filesystems
  [*] Tmpfs virtual memory file system support (former shm fs)
  [*]   Tmpfs POSIX Access Control Lists

udisks2

Linux Kernel Configuration: Kernel .config
General setup  --->
 [*] Support for paging of anonymous memory (swap)
Power management and ACPI options  --->
 [*] Run-time PM core functionality
Device Drivers  --->
 [*] USB support  --->
File systems  --->
 Pseudo filesystems
  [*] Tmpfs virtual memory file system support (former shm fs)
  [*]   Tmpfs POSIX Access Control Lists
 [*] Native language support  --->
  (utf8) Default NLS Option
  [*]   NLS UTF-8

NetworkManager

Linux Kernel Configuration: Kernel .config
General setup  --->
 [ ] Enable deprecated sysfs features to support old userspace tools

Connection sharing support

 [*] Networking support  --->
  Networking options  --->
   [*] Network packet filtering framework (Netfilter)  --->
    Core Netfilter Configuration  --->
     <*> Netfilter connection tracking support
     <*> Netfilter nf_tables support
    IP: Netfilter Configuration  --->
     <*> IPv4 connection tracking support (required for NAT)
     <*> IPv4 nf_tables support
     <*> IPv4 NAT
     <*>   IPv4 nf_tables nat chain support
     <*>   IPv4 masquerade support
    IPv6: Netfilter Configuration  --->
     <*> IPv6 connection tracking support
     <*> IPv6 nf_tables support
     <*> IPv6 NAT
      <*>   IPv6 nf_tables nat chain support
      <*>   IPv6 masquerade support

PulseAudio

Linux Kernel Configuration: Kernel .config
General setup  --->
 Timers subsystem  --->
  [*] High Resolution Timer Support (CONFIG_HIGH_RES_TIMERS)

PulseAudio (Intel HD Audio)

Linux Kernel Configuration: Kernel .config
Device Drivers  --->
 <*> Sound card support  --->
  <*>   Advanced Linux Sound Architecture  --->
   [*]   PCI sound devices  --->
    <*>   Intel HD Audio  --->
     (2048) Pre-allocated buffer size for HD-audio driver
     [*]   Support jack plugging notification via input layer
     [*]   Support initialization patch loading for HD-audio
     [*]   <Codec>

xf86-video-intel

Linux Kernel Configuration: Kernel .config
Device Drivers  --->
 Graphics support  --->
  [*] /dev/agpgart (AGP Support)  --->
  [*] Direct Rendering Manager (XFree86 4.1.0 and higher DRI support)  --->
  [*] Intel 8xx/9xx/G3x/G4x/HD Graphics
  [*]   Enable modesetting on intel by default

sydbox

Linux Kernel Configuration: Kernel .config
Processor type and features  --->
 [*] Cross Memory Support
 [*] Enable seccomp to safely compute untrusted bytecode

Chromium/Chrome

Linux Kernel Configuration: Kernel .config
General setup  --->
 [*] Namespaces support  --->
  [*]   PID Namespaces
  [*]   Network namespace
Processor type and features  --->
 [*] Enable seccomp to safely compute untrusted bytecode

Fail2ban (iptables)

Linux Kernel Configuration: Kernel .config
[*] Networking support  --->
 Networking options  --->
  [*] Network packet filtering framework (Netfilter)  --->
   [*]   Advanced netfilter configuration
   Core Netfilter Configuration  --->
    -*- Netfilter Xtables support (required for ip_tables)
    <*>   "multiport" Multiple port match support

Apache

Linux Kernel Configuration: Kernel .config
General setup  --->
 [*] System V IPC

mpm-itk 2.4.2

Processor type and features  --->
 [*] Enable seccomp to safely compute untrusted bytecode

libvirt

Linux Kernel Configuration: Kernel .config
[*] Networking support  --->
 Networking options  --->
  [*]   Advanced netfilter configuration
  [*] Network packet filtering framework (Netfilter)  --->
   Core Netfilter Configuration  --->
    [*]   CHECKSUM target support
  [*] Network packet filtering framework (Netfilter)  --->
   [*]   Ethernet Bridge tables (ebtables) support  --->

Linux Containers virtualisation support:

General setup  --->
 [*] POSIX Message Queues
 [*] Control Group support  --->
  [*]   Freezer cgroup subsystem
  [*]   Device controller for cgroups
  [*]   Cpuset support
  [*]   Simple CPU accounting cgroup subsystem
  [*]   Resource counters
  [*]     Memory Resource Controller for Control Groups
  [*]       Memory Resource Controller Swap Extension
  [*]         Memory Resource Controller Swap Extension enabled by default
  [*]       Memory Resource Controller Kernel Memory accounting (EXPERIMENTAL)
  [*]   Enable perf_event per-cpu per-container group (cgroup) monitoring
  [*]   Group CPU scheduler  --->
   [*]   Group scheduling for SCHED_OTHER
   [*]     CPU bandwidth provisioning for FAIR_GROUP_SCHED
   [*]   Group scheduling for SCHED_RR/FIFO
  [*]   Block IO controller
 [*] Namespaces support  --->
  [*]   UTS namespace
  [*]   IPC namespace
  [*]   PID Namespaces
  [*]   Network namespace
Device Drivers  --->
 Character devices  --->
  [*] Unix98 PTY support
   [*]   Support multiple instances of devpts
Device Drivers  --->
 [*] Network device support  --->
  [*]   Network core driver support
  [*]     MAC-VLAN support (EXPERIMENTAL)
  [*]     Virtual ethernet pair device

MAC-based TAP (macvlan/macvtap) for networking instead of the normal TUN/TAP:

Device Drivers  --->
 [*] Network device support  --->
  [*]   Network core driver support
  [*]     MAC-VLAN support (EXPERIMENTAL)
  [*]       MAC-VLAN based tap driver (EXPERIMENTAL)

KVM host

Linux Kernel Configuration: Kernel .config
[*] Networking support  --->
 Networking options  --->
  [*] 802.1d Ethernet Bridging
Device Drivers  --->
 [*] Network device support  --->
  [*]   Network core driver support
   [*]     Universal TUN/TAP device driver support
[*] Virtualization  --->
 [*]   Kernel-based Virtual Machine (KVM) support
 [*]     KVM for Intel processors support
 [ ]     KVM for AMD processors support
 [*]   Host kernel accelerator for virtio net (EXPERIMENTAL)

Official VT-d documentation

Bus options (PCI etc.)  --->
 [*] Enable PCI resource re-allocation detection
 [*] PCI Stub driver
 [*] PCI IOV support
Device Drivers  --->
 [*] IOMMU Hardware Support  --->
  [ ]   AMD IOMMU support
  [*]   Support for Intel IOMMU using DMA Remapping Devices
  [*]     Enable Intel DMA Remapping Devices by default
  [*]   Support for Interrupt Remapping (EXPERIMENTAL)

KVM guest

Linux Kernel Configuration: Kernel .config
Processor type and features  --->
 [*] Linux guest support  --->
  [*]   Enable paravirtualization code
  [*]     Paravirtualization layer for spinlocks
  [*]     KVM Guest support (including kvmclock)
Device Drivers  --->
 [*] Block devices  --->
  <*>   Virtio block driver
 SCSI device support  --->
  [*] SCSI low-level drivers  --->
   <*>   virtio-scsi support
 [*] Network device support  --->
  [*]   Network core driver support
   <*>     Virtio network driver
 Graphics support  --->
  <*> Direct Rendering Manager (XFree86 4.1.0 and higher DRI support)  --->
   <*> Cirrus driver for QEMU emulated device
   <*> Virtio GPU driver
 Virtio drivers  --->
  <*> PCI driver for virtio devices
  [*]   Support for legacy virtio draft 0.9.X and older devices
  <*> Virtio balloon driver
  <*> Virtio input driver
  <*> Platform bus driver for memory mapped virtio devices

open-vm-tools

VMware ESXi guest

Linux Kernel Configuration: Kernel .config
Processor type and features  --->
 [*] Allow for memory hot-add
 [*]   Allow for memory hot remove
 [*] Support for hot-pluggable CPUs
[*] Networking support  --->
 Networking options  --->
  <*> Virtual Socket protocol
  <*>   VMware VMCI transport for Virtual Sockets
Device Drivers  --->
 Misc devices  --->
  [*] VMware Balloon Driver
  <*> VMware VMCI Driver
 SCSI device support  --->
  [*] SCSI low-level drivers  --->
   [*]   VMware PVSCSI driver support
 [*] Network device support  --->
  [*]   VMware VMXNET3 ethernet driver
 Graphics support  --->
  [*] Direct Rendering Manager (XFree86 4.1.0 and higher DRI support)  --->
   [*]   DRM driver for VMware Virtual GPU
    [*]   Enable framebuffer console under vmwgfx by default

KDE Info Center

Support for displaying of energy consumption

Linux Kernel Configuration: Kernel .config
Kernel hacking  --->
 [*] Kernel debugging
 [*] Collect kernel timers statistics