Also build the performance governor into the kernel so there is a sane
default. Note that cpufreq.service will still load "ondemand" on
non-pstate systems.
The option has been removed in torvalds/linux@6cd176a and thus we
shouldn't try to set it for kernel version 4.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Using linux-testing for a bunch of machines, I'd actually expect it to
be more recent than the latest stable, but until now it actually was
behind.
Since torvalds/linux@464ed18ebd, the option
PM_RUNTIME doesn't exist anymore, so we need to remove it from our
common config.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
We don't really need this anymore, except that our docs say that you
can put firmware in /root/test-firmware, which doesn't work via
/sys/module/firmware_class/parameters/path.
This should only be temporary, but there's a bug in the 3.17 rc1 and rc2 that leads to cyclic module dependencies and a segfault during the build process.
I'm only enabling for kernels >= 3.11 to be conservative, because clients and
servers automatically negotiate and use the highest mutually supported version
by default, but only in kernel 3.11 server NFSv4.1 support actually became RFC
compliant.
I'm also adding support for swap on NFS, which is enabled by default on
Ubuntu kernels.
This now provides a handful of different grsecurity kernels for slightly
different 'flavors' of packages. This doesn't change the grsecurity
module to use them just yet, however.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
AppArmor only requires a few patches to the 3.2 and 3.4 kernels in order
to work properly (with the minor catch grsecurity -stable includes the
3.2 patches.) This adds them to the kernel builds by default, removes
features.apparmor (since it's always true) and makes it the default MAC
system.
Signed-off-by: Austin Seipp <aseipp@pobox.com>
Realistically, common-config is useful, but there are a lot of things in
there that are non-optionally specified that aren't always useful. For
example, when deploying grsecurity, I don't want the bluetooth,
wireless, or input joystick/extra filesystem stack (XFS, etc), nor the
staging drivers tree.
The problem is that if you specify this in your own kernel config in the
grsecurity module, by saying 'BT n' to turn off bluetooth,
common-config turns on 'BT_HCIUART_BCSP y', which then becomes unused
and errors out.
This is really just an arbitrary picking at the moment, but it should be
OK.
Signed-off-by: Austin Seipp <aseipp@pobox.com>