| Age | Commit message (Collapse) | Author |
|---|
|
The Android kernel config fragments now live in a separate repository.
To prevent others from having to search for this location, add a script
to fetch and unpack the fragments.
Update .gitignore to include these fragments.
Change-Id: If2d4a59b86e4573b0a9b3190025dfe4191870b46
Signed-off-by: Steve Muckle <smuckle@google.com>
|
|
The kernel config fragments for Android have moved into
their own repository located at
https://android.googlesource.com/kernel/configs/
Bug: 63994171
Change-Id: I837bac54cb5c90e6a6eb0f6f0ad5c90588c1a46a
Signed-off-by: Steve Muckle <smuckle@google.com>
|
|
USB tethering has a hard dependency on ip6t_rpfilter module now.
So enable IP6_NF_MATCH_RPFILTER config to make it work again,
otherwise we run into following failures when we try to enable
USB tethering on Hikey:
W IptablesRestoreController: iptables-restore process 1893 terminated status=256
E IptablesRestoreController: iptables error:
E IptablesRestoreController: ------- COMMAND -------
E IptablesRestoreController: *raw
E IptablesRestoreController: -A natctrl_raw_PREROUTING -i usb0 -m rpfilter --invert ! -s fe80::/64 -j DROP
E IptablesRestoreController: COMMIT
E IptablesRestoreController:
E IptablesRestoreController: ------- ERROR -------
E IptablesRestoreController: ip6tables-restore: line 319 failed
E IptablesRestoreController: ----------------------
E NatController: Error setting forward rules
E Tethering: [usb0] ERROR Exception enabling NAT: java.lang.IllegalStateException: command '55 nat enable
usb0 wlan0 1 192.168.42.0/24' failed with '400 55 Nat operation failed (No such device)'
Change-Id: I4a4e192ee1c81a7a425eefee9a2a53dd41e1fa0e
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
|
|
Bug: 64468882
Change-Id: Ifdd59c83ca52ecaca00ddcea6a003a2611bf8694
Signed-off-by: Steve Muckle <smuckle@google.com>
|
|
This config option is not required by Android.
Bug: 63578267
Change-Id: I163fa19183734a1a343d525e885a000a495c242e
Signed-off-by: Steve Muckle <smuckle@google.com>
|
|
These config options are specific to arm64 so should not be universally
required.
Bug: 62523096
Change-Id: I52bcad68f32d5314032c6aa3f37402b2ffba79be
Signed-off-by: Steve Muckle <smuckle@google.com>
|
|
Signed-off-by: Roberto Pereira <rpere@google.com>
Bug:37753761
Change-Id: I1b96d7baa329dad0400c6e5c3fb12e81f1251a62
|
|
CONFIG_MODULES must be enabled as part of the android base kernel
configuration. There is already a line specifying the option be
enabled, but there was a pre-existing line requiring it be disabled.
Remove it.
Bug: 38224475
Change-Id: I608de5ae68f3a03d5da4e5800bbf37cc71dff8b8
Signed-off-by: Steve Muckle <smuckle@google.com>
|
|
There are currently a couple different implementations for this
functionality. Until things are unified, remove the requirement
for this kernel config.
Bug: 37749708
Change-Id: I10ef038edc656185644d1dcb128658136a8c994f
Signed-off-by: Steve Muckle <smuckle@google.com>
|
|
CONFIG_USB_OTG_WAKELOCK is currently somewhat outdated
and as such is not applicable to all Android devices. Until
it is brought up to date, remove it from the base Android
kernel configuration.
Bug: 37750863
Change-Id: I5b1c0bef24476cc503a60003bf48ffb59eea8c94
Signed-off-by: Steve Muckle <smuckle@google.com>
|
|
INET6_DIAG_DESTROY and NETFILTER_TPROXY are not used anymore
so they should not be part of the base Android kernel configuration.
Bug: 37749708
Change-Id: Iab263a5723f1810e2133919b8db93cc2bb986624
Signed-off-by: Steve Muckle <smuckle@google.com>
|
|
As of Android N, this is required to close sockets when a
network disconnects.
Change-Id: I9fe81c5fc5224c17bfd8d9e236ea9e436b5971cb
(cherry picked from commit 4a15cee4bdaf764756e98cd8f03784f330459ab1)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
|
This adds CONFIG_MODULES, CONFIG_MODULE_UNLOAD, and CONFIG_MODVERSIONS
which are required by the O release.
Bug: 35803310
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
(cherry picked from commit 56f22e654a311f3c2492b8b3609916265fe34e20)
|
|
This adds CONFIG_IKCONFIG and CONFIG_IKCONFIG_PROC options, which are a
requirement for the O release.
Bug: 35803310
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
(cherry picked from commit 7d9280f579ff0731facb1e10f32e4a88a07f33f8)
|
|
It somehow got out of alphabetical order, fix it to make merges and
testing easier.
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
|
These will be required going forward.
Change-Id: Idf0593461cef88051564ae0df495c156e31048c4
Signed-off-by: Martijn Coenen <maco@google.com>
|
|
It got out-of-order, so resort it to make it easier to sync with other
trees.
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
|
Option is long gone, see commit 5d9efa7ee99e ("ipv6: Remove privacy
config option.")
Link: http://lkml.kernel.org/r/20160811170340.9859-1-bp@alien8.de
Signed-off-by: Borislav Petkov <bp@suse.de>
Cc: Rob Herring <robh@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit a2c6a235dbf4318fc7f7981932478e6c47f093ab)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
|
Android won't boot without SELinux enabled, so make it the default.
Link: http://lkml.kernel.org/r/20160908185934.18098-2-robh@kernel.org
Signed-off-by: Rob Herring <robh@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit d90ae51a3e7556c9f50431db43cd8190934ccf94)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
|
CONFIG_MD is in recommended, but other dependent options like DM_CRYPT and
DM_VERITY options are in base. The result is the options in base don't
get enabled when applying both base and recommended fragments. Move all
the options to recommended.
Link: http://lkml.kernel.org/r/20160908185934.18098-1-robh@kernel.org
Signed-off-by: Rob Herring <robh@kernel.org>
Acked-by: John Stultz <john.stultz@linaro.org>
Cc: Amit Pundir <amit.pundir@linaro.org>
Cc: Dmitry Shmidt <dimitrysh@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
(cherry picked from commit f023a3956f273859ed36f624f75a66c272124b16)
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
|
turn off the two kernel configs to disable related system ABI.
Bug: 30903194
Change-Id: I32e2ff3323135ce4b67a86f106fa9327a71fe309
Signed-off-by: Max Shi <meixuanshi@google.com>
|
|
This module tracks cputime and io stats.
Signed-off-by: Jin Qian <jinqian@google.com>
Bug: 34198239
Change-Id: I9ee7d9e915431e0bb714b36b5a2282e1fdcc7342
|
|
Bug: 31374660
Change-Id: Id2710a5fa2694da66d3f34cbcc0c2a58a006cec5
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
|
|
Bug: 31432001
Change-Id: Ia72c3aa70a463d3a7f52b76e5082520aa328d29b
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
|
|
Bug: 33757366
Change-Id: Iec4f55c3ca4a16dbc8695054f481d9261c56d0f6
|
|
The aio interface adds substantial attack surface for a feature that's
not being exposed by Android at all. It's unlikely that anyone is using
the kernel feature directly either. This feature is rarely used even on
servers. The glibc POSIX aio calls really use thread pools. The lack of
widespread usage also means this is relatively poorly audited/tested.
The kernel's aio rarely provides performance benefits over using a
thread pool and is quite incomplete in terms of system call coverage
along with having edge cases where blocking can occur. Part of the
performance issue is the fact that it only supports direct io, not
buffered io. The existing API is considered fundamentally flawed
and it's unlikely it will be expanded, but rather replaced:
https://marc.info/?l=linux-aio&m=145255815216051&w=2
Since ext4 encryption means no direct io support, kernel aio isn't even
going to work properly on Android devices using file-based encryption.
Change-Id: Iccc7cab4437791240817e6275a23e1d3f4a47f2d
Signed-off-by: Daniel Micay <danielmicay@gmail.com>
|
|
Bug: 31374226
Change-Id: I977e76395017d8d718ea634421b3635023934ef9
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
|
|
Bug: 30369029
Change-Id: I0c1c932255866f308d67de1df2ad52c9c19c4799
|
|
Don't need to set SECCOMP_FILTER explicitly since CONFIG_SECCOMP=y will
select that config anyway.
Fixes: a49dcf2e745c ("ANDROID: base-cfg: enable SECCOMP config")
Change-Id: Iff18ed4d2db5a55b9f9480d5ecbeef7b818b3837
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
|
|
Enable following seccomp configs
CONFIG_SECCOMP=y
CONFIG_SECCOMP_FILTER=y
Otherwise we will get mediacode error like this on Android N:
E /system/bin/mediaextractor: libminijail: prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER): Invalid argument
Change-Id: I2477b6a2cfdded5c0ebf6ffbb6150b0e5fe2ba12
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
|
|
New driver memory_state_time tracks time spent in different DDR
frequency and bandwidth states.
Memory drivers such as qcom,cpubw can post updated state to the driver
after registering a callback. Processed by a workqueue
Bandwidth buckets are read in from device tree in the relevant qualcomm
section, can be defined in any quantity and spacing.
The data is exposed at /sys/kernel/memory_state_time, able to be read by
the Android framework.
Functionality is behind a config option CONFIG_MEMORY_STATE_TIME
Change-Id: I4fee165571cb975fb9eacbc9aada5e6d7dd748f0
Signed-off-by: James Carr <carrja@google.com>
|
|
If compiler has stack protector support, set
CONFIG_CC_STACKPROTECTOR_STRONG.
Bug: 28967314
Change-Id: I588c2d544250e9e4b5082b43c237b8f85b7313ca
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
|
|
Enabled UID_CPUTIME and dependent PROFILING config option.
UID_CPUTIME (/proc/uid_cputime) interfaces provide amount of time a
UID's processes spent executing in user-space and kernel-space. It is
used by batterystats service.
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
|
|
Remove following configs which no longer exist:
CONFIG_IP6_NF_TARGET_REJECT_SKERR
CONFIG_IP_NF_TARGET_REJECT_SKERR
CONFIG_RESOURCE_COUNTERS
CONFIG_TABLET_USB_WACOM
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
|
|
Add:
CONFIG_SECURITY_PERF_EVENTS_RESTRICT=y
to android-base.cfg
The kernel.perf_event_paranoid sysctl is set to 3 by default.
No unprivileged use of the perf_event_open syscall will be
permitted unless it is changed.
Bug: 29054680
Change-Id: Ie7512259150e146d8e382dc64d40e8faaa438917
|
|
Remove UID Stat driver.
Change-Id: Ifc9d2c6fe27900f30e6407398f5b24222518bffc
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
|
|
Change-Id: I3fd1aa7a54fe3a8d3ad5537cbc61386e52f41ea0
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
|
|
IP_NF_TARGET_{MASQUERADE,NETMAP,REDIRECT} configs,
already enabled in android-base.cfg for tethering,
are of no use if CONFIG_IP_NF_NAT is not enabled.
Don't rely on platform config for that and enable
CONFIG_IP_NF_NAT in android-base.cfg as well.
Change-Id: Ic72bcebbd925b142b09539466bf963188c83108a
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
|
|
Bug: 28032718
Change-Id: I7cb6b641f72085e69b90dca11d2ea68adcd02390
(cherry picked from commit e1b53a388e9cfcf870520a6899a37456cf1ae2c6)
|
|
Change-Id: I67430b05eca8fd520d2795d3db60faf2ec0fab9e
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
|
|
Bug: 21893453
Change-Id: Idd0dfe4e3e527df2eff2f0d734effc40dce294c7
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
(cherry picked from commit 9408350ed80005174918ce5147490035b2cf451b)
|
|
(cherry pick from commit 1d0f72986958c2bf3528cadf7d7acf0771465fd1)
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 19173869
Change-Id: I4ccd6161e87df7a87f3bd990cfe1de1f7567bf4c
|
|
CONFIG_TASKSTATS=y
CONFIG_TASK_DELAY_ACCT=y
CONFIG_TASK_XACCT=y
CONFIG_TASK_IO_ACCOUNTING=y
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Bug: 21334988
Bug: 26966375
Change-Id: Id54be2aad6acdb51040ba613d5d987dd693cd591
|
|
Android SELinux policies block SysV IPC. New kernels should not be
built with it.
Bug: 22300191
Change-Id: Ia4bcb179ff71825cab19eed603d4064a8d061a93
Signed-off-by: Greg Hackmann <ghackmann@google.com>
|
|
Now that Android is moving towards ConfigFS based USB gadgets,
lets enable USB_CONFIGFS and relevant Android gadget functions
instead of obsolete USB_G_ANDROID composite driver which doesn't
exist now.
Enabled following ConfigFS gadget functions:
F_FS for ADB
F_MTP/PTP for MTP/PTP
F_ACC for Android USB Accessory
F_AUDIO_SRC for USB Audio Source
F_MIDI for MIDI, and
CONFIGFS_UEVENT for communicating USB state change notifications to userspace.
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
|
|
Change-Id: I520c50f919ac569f537bb445b5e4cb758d55ba8e
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
|
|
Change-Id: If6bf443fcfb47b79fc9e70f5f6c08cfb3fe0b14e
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
|
|
android-base.cfg already enables several IPV6 sub-options, but not the
main IPV6 option. Without this, build errors such has this:
net/netfilter/xt_qtaguid.c:1591: undefined reference to `xt_socket_get6_sk'
occur if the starting defconfig hasn't already enabled IVP6,
Change-Id: I265089a2eec1ef8938e0a6fb95e1aacd16d99281
Cc: John Stultz <john.stultz@linaro.org>
Signed-off-by: Kevin Hilman <khilman@linaro.org>
|
|
Change-Id: I979813b95c0a9a79913df0913e6888f566da5ff1
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
|
|
Signed-off-by: Mark Salyzyn <salyzyn@google.com>
Change-Id: If8d324ffdb4ebd56e5d68876f8e229547e20eaf8
|
