32 lines
881 B
Plaintext
32 lines
881 B
Plaintext
---
|
|
layout: default
|
|
title: Kernel non-obvious options for custom build
|
|
date: 2026-02-08 17:44 +0100
|
|
tags: kernel
|
|
---
|
|
Compiling a custom kernel typically involves removing everything deemed
|
|
unnecessary. This ensures the fastest and most secure kernel, as there is no
|
|
faster and safer code than nonexistent code. Unfortunately, it's easy to remove
|
|
too much: non-obvious elements that are essential for everyday work.
|
|
|
|
The option names and configuration symbols you might want to add are based on
|
|
kernel v6.12.
|
|
|
|
|
|
h2. Bluetooth
|
|
|
|
Sending files over e.g. @blueman@:
|
|
|
|
* RFCOMM protocol support (@BT_RFCOMM@)
|
|
|
|
h2. Security hardening
|
|
|
|
Control flow Enforcement Technology, used when @cet@ USE flag is enabled for
|
|
build toolchain:
|
|
* Indirect Branch Tracking (@X86_KERNEL_IBT@)
|
|
* X86 userspace shadow stack (@X86_USER_SHADOW_STACK@)
|
|
|
|
h2. Wireguard
|
|
|
|
* IP: policy routing (@IP_MULTIPLE_TABLES@)
|