Kernel setting CONFIG_IO_URING supports high-performance I/O for file
access and servers, generally for more performant platforms, and adds
~45 KB to kernel sizes. The need for this on less "beefy" devices is
questionable, as is the size cost considering many platforms have kernel
size limits which require tricky repartitioning if outgrown. The size
cost is also large relative to the ~180 KB bump expected between major
OpenWRT kernel releases.
No OpenWrt packages have hard dependencies on this; samba4 and mariadb
can take advantage if available (+KERNEL_IO_URING:liburing) but
otherwise build and work fine.
Since CONFIG_IO_URING is already managed via the KERNEL_IO_URING setting
in Config-kernel.in (default Y), remove it from those target configs
which unconditionally enable it, and update the defaults to enable it
conditionally only on more powerful 64-bit x86 and arm devices. It may
still be manually enabled as needed for high-performance custom builds.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
This deactivates the CONFIG_COMPAT kernel option.
With CONFIG_COMPAT the kernel will provide syscall interfaces for arm32
binaries in addition to the interfaces needed for arm64 binaries.
In OpenWrt the complete userspace is compiled for this specific
architecture and support for 32 bit ARM applications is not needed.
This reduces the size and the attack surface for the systems.
On all other targets CONFIG_COMPAT is already deactivated.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The legacy (BSD) PTY support could open security problems in a system,
We do not need them in OpenWrt, deactivate this option in all targets.
Debian also deactivates this option.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This activates the CONFIG_ARM64_SW_TTBR0_PAN option for all arm64
kernels by default.
The CONFIG_ARM64_SW_TTBR0_PAN option prevents the kernel form accessing
user space memory directly. This makes it harder to exploit the kernel.
This is activated by default and was already activate on all other arm64
targets before.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This activates CONFIG_HARDENED_USERCOPY for the remaining targets. This
adds additional checks in the copy_from_user() and copy_to_user()
functions.
This was not activated for ARCHS38 before because of a bug in the Linux
kernel 5.4 till 5.14, which as fixed and is described here:
https://github.com/foss-for-synopsys-dwc-arc-processors/linux/issues/15
I do not know why this was deactivated for mt7629 and rockchip.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Endianness depends on CPU architecture. CONFIG_CPU_(BIG/LITTLE)_ENDIAN should
be enabled on target or subtarget based on SoC architecture.
Fixes warning:
$ make kernel_oldconfig CONFIG_TARGET=subtarget
...
.config:1008:warning: override: CPU_LITTLE_ENDIAN changes choice state
....
Summary:
- ARC - only the CONFIG_CPU_BIG_ENDIAN symbol is defined for this architeture.
If it is disabled then the processor operates in LITTLE_ENDIAN mode (default),
- ARM32 - CONFIG_CPU_LITTLE_ENDIAN symbol available since kernel 5.19. This
option should be enabled after OpenWRT moves to kernel 6.x. After refreshing
the kernel, the symbol disappears,
- ARM64 - enabled CONFIG_CPU_LITTLE_ENDIAN,
- MIPS - enabled relevant symbols,
- POWERPC - enabled CONFIG_CPU_BIG_ENDIAN,
- UML - Symbols are not defined for this architecture,
- X86 - always little endian. Symbols are not defined for this architecture.
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
This adds some missing IOMMU related options for x86/64 and moves some
of them to generic for all targets.
On x86 IOMMU_DEFAULT_DMA_LAZY is used by default, on all other platforms
IOMMU_DEFAULT_DMA_STRICT is the default. we just follow the default
kernel configuration here.
Fixes: 8fea4a102c ("x86/64: enable IOMMU support")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
All targets expect the malta target already activate the CONFIG_GPIOLIB
option. Move it to generic kernel configuration and also activate it for
malta.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
CONFIG_INPUT_MISC does not do any changes to the kernel image, it only
shows some extra kernel configuration options.
Activate it on all targets.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This is now built-in, enable so it won't propagate on target configs.
Link: https://lkml.org/lkml/2022/1/3/168
Fixes: 79e7a2552e ("kernel: bump 5.15 to 5.15.44")
Fixes: 0ca9367069 ("kernel: bump 5.10 to 5.10.119")
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
(Link to Kernel's commit taht made it built-in,
CRYPTO_LIB_BLAKE2S[_ARM|_X86] as it's selectable, 5.10 backport)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>