aboutsummaryrefslogtreecommitdiffstats
path: root/chapter10
diff options
context:
space:
mode:
Diffstat (limited to 'chapter10')
-rw-r--r--chapter10/kernel.xml43
1 files changed, 36 insertions, 7 deletions
diff --git a/chapter10/kernel.xml b/chapter10/kernel.xml
index e7bcfdb87..023aa32b9 100644
--- a/chapter10/kernel.xml
+++ b/chapter10/kernel.xml
@@ -96,12 +96,28 @@
information about configuring and building the kernel can be found at
<ulink url="http://www.kroah.com/lkn/"/> </para>
- <note>
+ <caution>
<para>A good starting place for setting up the kernel configuration is to
- run <command>make defconfig</command>. This will set the base
- configuration to a good state that takes your current system architecture
- into account.</para>
+ run <command>make localmodconfig</command>. If the host kernel version
+ is not too different from the version of the kernel you are building,
+ this will set the base configuration to a good state similar to what
+ the host uses. Another possibility is to use <command>make
+ localyesconfig</command>, which does the same except everything is built
+ into the kernel.</para>
+
+ <para>Do not disable any option enabled by <command>make
+ localmodconfig</command> unless the following notes explicitly make it
+ disabled or you really know what you are doing.</para>
+ </caution>
+
+ <note>
+ <para>Another possibility is to run <command>make defconfig</command>,
+ which creates a more generic configuration for your architecture. You
+ may then have to disable drivers for hardware you do not have if
+ you want to reduce the kernel size.</para>
+ </note>
+ <note>
<para>Be sure to enable/disable/set the following features or the system might
not work correctly or boot at all:</para>
@@ -111,6 +127,7 @@
General setup ---&gt;
[ ] Compile the kernel with warnings as errors [CONFIG_WERROR]
&lt; &gt; Enable kernel headers through /sys/kernel/kheaders.tar.xz [CONFIG_IKHEADERS]
+ [ ] Configure standard kernel features (expert users) [CONFIG_EXPERT]
General architecture-dependent options ---&gt;
[*] Stack Protector buffer overflow detection [CONFIG_STACKPROTECTOR]
[*] Strong Stack Protector [CONFIG_STACKPROTECTOR_STRONG]
@@ -137,8 +154,7 @@ General setup ---&gt;
[*] Control Group support [CONFIG_CGROUPS] ---&gt;
[*] Memory controller [CONFIG_MEMCG]
[ ] Enable deprecated sysfs features to support old userspace tools [CONFIG_SYSFS_DEPRECATED]
- [*] Configure standard kernel features (expert users) [CONFIG_EXPERT] ---&gt;
- [*] open by fhandle syscalls [CONFIG_FHANDLE]
+ [ ] Configure standard kernel features (expert users) [CONFIG_EXPERT]
General architecture-dependent options ---&gt;
[*] Enable seccomp to safely compute untrusted bytecode [CONFIG_SECCOMP]
[*] Stack Protector buffer overflow detection [CONFIG_STACKPROTECTOR]
@@ -237,6 +253,19 @@ Device Drivers ---&gt;
</varlistentry>
<varlistentry>
+ <term>
+ <parameter>
+ Configure standard kernel features (expert users)
+ </parameter>
+ </term>
+ <listitem>
+ <para>This will make some options show up in the configuration
+ interface but changing those options may be dangerous. Do not use
+ this unless you know what you are doing.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
<term><parameter>Strong Stack Protector</parameter></term>
<listitem>
<para>Enable SSP for the kernel. We've enabled it for the entire
@@ -293,7 +322,7 @@ Device Drivers ---&gt;
<para>Support running the interrupt controller of 64-bit x86
processors in x2APIC mode. x2APIC may be enabled by firmware on
64-bit x86 systems, and a kernel without this option enabled will
- panic on boot if x2APIC is enabled by firmware. This option has
+ panic on boot if x2APIC is enabled by firmware. This option
has no effect, but also does no harm if x2APIC is disabled by the
firmware.</para>
</listitem>