We were building the omap-rng driver, because the same block is used
on some recent Marvell chips and HW_RANDOM_OMAP is enabled by default
if ARCH_MVEBU is enabled.
We were also building virtio-rng, but there isn't (so far as I know)
any publicly available emulation of the ARMv5 Marvell chips.
As we're about to include HWRNG drivers to the installer, disable the
whole subsystem for armel/marvell to avoid adding useless drivers.
With this option set, module text and rodata memory areas will be made
read-only. Moreover, non-text memory will be made non-executable. This
provides protection against certain security exploits. Currently, this
option is implicitly enabled in Kconfig for most configurations where it
is possible to enable it. This commit enables the option by default
explictly for all supported targets (except marvell to keep it small)
When set, this generates crash dump after being started by kexec. Useful
for debugging purpose on ARM. As this is already enabled for other arch,
enable it for ARM, as well (except marvell to keep it small).
- Various config symbols were removed, renamed or split
- HOTPLUG_PCI_SHPC is now boolean, so set it to built-in
- The stack protector config symbols were changed to two booleans
with different names
- Various ancient SCSI drivers were removed
- BT_HCIBTUART and INFINIBAND_CXGB3_DEBUG were removed
- OMAP_DM_TIMER is now an automatic symbol
- Marvell NAND driver was rewritten, so we enable MTD_NAND_MARVELL
instead of MTD_NAND_PXA3xx
- Various netfilter symbols are now boolean instead of tristate
Reduce armel image size by:
- Set CONFIG_CRYPTO_MANAGER_DISABLE_TESTS=y
- Change MTD, MTD_CMDLINE_PARTS, RTC_DRV_MV, and SPI_ORION from
built-in to module.
- Disable VT, ZSWAP, RD_BZIP2, and RD_LZMA.
So qnap support is back.
Thanks to Leigh Brown <leigh@solinno.co.uk> for his idea to disable VT.
(cherry picked from commit a4fdfa09ce)
- Change CONNECTOR from built-in to module, and disable PROC_EVENTS
- Disable INTEGRITY and dependent options
- video: Disable USB_APPLEDISPLAY, BACKLIGHT_CLASS_DEVICE
This still only gets us down to 99.26% of maximum size, so further
changes will be needed soon.
- [alpha] fbdev: Re-enable FRAMEBUFFER_CONSOLE as built-in
- [armel] fbdev: Explicitly disable FRAMEBUFFER_CONSOLE, as it can no longer
be a module
- [arm64] Re-enable MMC_QCOM_DML
- Change RC_CORE back to being a module
- power/supply: Enable BATTERY_BQ27XXX and BATTERY_BQ27XXX_HDQ as modules,
replacing W1_SLAVE_BQ27000
Clean up with kconfigeditor2 and delete obsolete symbols.
Change MTD_OF_PARTS, MTD_BLOCK, and MTD_PHYSMAP_OF from built-in
to modules.
And, also change all RTC related except RTC_DRV_MV, which includes
RTC_DRV_DS1307, RTC_DRV_RS5C372, RTC_DRV_PCF8563, RTC_DRV_M41T80,
and RTC_DRV_S35390A, to modules. Because most marvell boards use
RTC_DRV_MV.
This will save about 3MB on linux Image (before compression).
u-boot loader on some armel devices has limitation that:
- kernel image size <= 2MB (already described in
debian/config/armel/defines)
- kernel size after decompression <= 7MB
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlkI0/kACgkQ57/I7JWG
EQkutQ/9EsYdnQXf4HaC1YTqQW0Nu5+swZzyosOcdtMfJrj+PWXQMgmY4WWav8I/
DipRGhfXXMnqlBg1vOR5cEdqPznRm/cwcuPqZpw7H0fA7LvyCibg/7yERJYv7i1U
BIy8s29NCpVVRhDhY9Nl5t0WLGQT4Rg9JW6iKNRDq2y91etahSxzOBxB2B3k04Ys
9vFPpuKq5QAskCBGEucinYYKTy7/ciIXsaSij2m/G7/ly/Qaqt0pIgjqi4QhuJs3
yWidIm1aBvE4MHXH8WQkg1aF20vfdGXz3CZNT6BWFn/6hNesS+tEQpF/nYLBqnfS
2GghqeWO1+xzxlXWNZU/SD0JhkB6gAeZ+4MP7eYz8BAtpUz7H/zZfZNsOBWb6YJY
Pc8AjqG6mBd/1B2O8yXUda/j/xazEtg0c7uxQjyOEqh2nPeHn9FVLuJsSP74wxdx
zjGmOjJzKUmhBGxLdJZAFL5N7YbLR+qNQfV2UGz4+zVIJge9R7HwWwR9+Um8AHq0
qrnjRf6iAla1phYlgHnPx4r6A9kactDuFsNMfUN8nsUrV+KX15k+dt02CpFSWw0B
lXGPf2MNXTEp+CsuAVBAWFP55JCOwD6yYoLfEfErXvchc7qqIKHgmIrLSyexro7O
F1+HBfu6t1M4tRz0xNu8sGL4uzsjockMW8RL1HFgboUluMgTFPQ=
=k/sj
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.25-1'
Drop the added patches, which are already in 4.11.
CONFIG_NFP_NETVF is replaced by CONFIG_NFP in 4.11.
Various free and proprietary AV products use this feature and users
apparently want it. But punting access checks to userland seems like
an easy way to deadlock the system, and there will be nothing we can
do about that. So warn and taint the kernel if this feature is
actually used.