Gentoo Wiki




This HOWTO will hopefully provide you, the reader, with all the basics and principles that you will need to know in manually configuring your kernel, along with brief details on each kernel sub-menu. As this is a Wiki page, it is sure to grow as more input is added.

This document assumes the following:

Commands Used

When working with kernel source, there are three common commands used to get the job done:

Configuration Conventions

Please Note: The examples used in this kernel configuration are geared towards a conservative setup for a home desktop user based on a modern hardware and processor (Intel-compatible 32-bit).

Another thing to realize is to take all the options here with a grain of salt. The comments provided here are meant to help you, who are configuring your kernel for the first or fiftieth time, which side of the fence to swing towards if trying to decide what to include in your base setup.

Some of the conventions taken in here add some features which are completely unnecessary, but are added in good faith based on reading the Help files, that enabling the features won't harm the system, and can and will benefit it. The examples lean towards the documentation's opinion in almost every case. At the same time, you will also see a lot of times where we recommend turning off some of the features which are enabled by default, because they are unnecessary or experimental.

Comments are sprinkled throughout that talk about how to setup a "generic" kernel. As a general rule, if you are having issues getting your kernel to compile or boot, it's best to turn off as much as possible and then slowly add and test new features added in. This is especially a good approach when installing kernels on older systems (x86, Pentiums, laptops, etc).

As always, use common sense and documentation as your guide when making your decisions. If you used all the settings in the examples, you should be fine, but the best way to learn what works best for your system is experimentation and usage. Good luck!

The Basics

Before beginning, there are a few principles that apply to making all your choices in kernel configuration:

Why Bother?

The ability to compile your own kernel is a great skill to learn. The kernel is where all the system optimization and tweaking begins. A badly configured kernel can make a Quad Xeon run like a tired Pentium II, or make a Pentium III make you think it's a Pentium IV on crank.

Though the performance hit will be negligible on most modern systems, you can dramatically increase your speed on older systems by removing unnecessary drivers from your configuration. A headless server, for example, can benefit from turning off all unnecessary hardware drivers such as USB, serial ports, parallel ports, etc, not to mention the added security of knowing those will never be recognized and therefore a non-factor when it comes to penetration and security measures. The same principle in software services can apply to kernel configuration as well: turn off whatever you don't need and/or will never use.

There is absolutely no need whatsoever to be afraid of building your own kernel. It's just a matter of knowing what your hardware is, and what the role of your system will be. Plus, boot loaders allow you to choose from multiple kernels to select from, so while you have your "stable" kernel archived somewhere, you can experiment all you like with something new.

Starting From Scratch

Assuming you are starting with a clean slate, and haven't yet configured your first kernel, or worse, don't have a .config file, you can be provided with a general purpose .config by typing make defconfig. Legend has it this gives you Linus Torvalds' default kernel configuration.


If you already have a kernel .config, and want to upgrade to a new kernel version, issue the make oldconfig command. This will update most features. Because there can be some variation as to what options get put where, it's a good thing to follow that command up with either make menuconfig or make xconfig, depending on whether you are in an X environment or not.

Now that you're ready to go, let's look at the actual main menu in 'make menuconfig'. This guide assumes you are using a 2.6.10 kernel or higher.

Linux Kernel Configuration (make menuconfig)


Almost every option in the kernel is documented. At the bottom of your screen when you first enter you should see <Select>, <Exit> and <Help>. You can change your selection with the right and left arrow keys, or hit the key highlighted (S, E and H).

If you haven't already, look at the Help file from the main menu for a good overview of configuring your kernel, along with some good keyboard navigation tips. We'll duplicate some of them here:

Keyboard Navigation Tips

From the main menu (or anywhere within the kernel configuration menu) hit the / key. That will open a search dialog window. Enter in a keyword and hit Enter. The search results page will display matches, and locations of where they are at in the kernel. If this is your first time setting up your kernel, ignore the feature for now since it will probably confuse you more than help out.

Warning: The search function (hitting /) will not return all the possible options that are actually available in the kernel, and relying on it exclusively to find settings is not a good idea. Use it as a supplemental tool.

When hovering over a selection in the menu, you can change your setting one of two ways: by hitting the spacebar to tab through the options < >, <*>, <M> or hit 'Y' to compile something in, or 'M' to add it as a module. If a selection only has brackets [ ] next to it, then it cannot be compiled as a module and can either be Yes 'Y' or No 'N'.

Again, read the Overview from the Help menu for more navigation tips.

Main Menu

The main menu splits off into a number of sub-menus:

Linux Kernel Configuration: Loadable module support
Code maturity level options  --->
General setup  --->
Loadable module support  --->
Processor type and features  --->
Power management options (ACPI, APM)  --->
Bus options (PCI, PCMCIA, EISA, MCA, ISA)  --->
Executable file formats  --->
Device Drivers  --->
File systems  --->
Profiling support  --->
Kernel hacking  --->
Security options  --->
Cryptographic options  --->
Library routines  --->

If you don't see all those menus, don't panic. Chances are you have something turned off (or on) somewhere, that is disabling them. That will happen a lot in kernel configuration. For example, in Device Drivers, the SCSI menu will show up automatically without anything selected if you turn on USB Mass Storage.

Code maturity level options

Linux Kernel Configuration: Code maturity level options
[*] Prompt for development and/or incomplete code/drivers
[*]   Select only drivers expected to compile cleanly

This menu turns on the alpha, beta, and experimental code in the kernel. While it may not seem that way, you are generally safe to turn these on, provided they are both turned on. In a lot of cases, some options won't show up unless these are turned on.

If you are still nervous about enabling the options, just remember this: a lot of packages are marked "stable" in the portage tree, even though the developers themselves release the projects as alpha, beta, or release candidates as well. That's not to say that ALL experimental code will work with no problems, but that a point release does not always equate with stability.

General setup

Linux Kernel Configuration: General setup
()  Local version - append to kernel release
[*] Support for paging of anonymous memory (swap)
[*] System V IPC
[*] POSIX Message Queues
[*] BSD Process Accounting
[ ]   BSD Process Accounting version 3 file format
[*] Sysctl support
[ ] Auditing support
[*] Support for hot-pluggable devices
[*] Kernel Userspace Events
[*] Kernel .config support
[*]   Enable access to .config through /proc/config.gz
[ ] Cpuset support
[ ] Configure standard kernel features (for small systems)  --->

There's no reason to go into much detail here, since these options are pretty general, and reading the Help file will tell you to pretty much enable what is selected in the above boxes.

The only exceptions are that our example turns on that were turned off by default are "BSD Process Accounting", and "Kernel .config support".

Kernel .config support

The .config support is handy, because when you save your kernel configuration after you exit the main menu, the changes are all in .config. With Kernel .config support, you can extract the configuration of the currently running kernel. Adding access to it in /proc/config.gz makes things even simpler. It's generally a good idea to turn this on, if you ever want to build off your current running config when rebuilding your kernel.

When you finish, your config file will be in /usr/src/linux/.config. If you ever boot off a kernel that provides access in /proc/config.gz, you can copy that to your current kernel with zcat. zcat is included with app-arch/gzip.

 zcat /proc/config.gz > /usr/src/linux/.config

That will overwrite your current .config file with the one that your kernel is running. It makes upgrading kernels a snap, since you don't have to re-configure all your old options.

If you are upgrading from an older kernel, and don't want to go into make menuconfig, run make oldconfig, which will give you an output of the new options and ask you what you'd like to set them to.

 make oldconfig

See make help in /usr/src/linux for more details.

Configure standard kernel features (for small systems)

If you are building a kernel for a small system, or something like a rescue floppy, take a look in here for some extra options that will lead to (hopefully) making your kernel smaller and a little more generic. A smaller kernel would come in handy if you're trying to cram an image with as many options as possible a floppy, and it's not a necessary goal for a desktop user.

This guide won't cover the options in the submenu, since they don't apply for for a general setup.

Loadable module support

Linux Kernel Configuration: Loadable module support
[*] Enable loadable module support
[*]   Module unloading
[ ]     Forced module unloading
[ ]   Module versioning support (EXPERIMENTAL)
[ ]   Source checksum for all modules
[*]   Automatic kernel module loading

From the helpfile, "Kernel modules are small pieces of compiled code which can be inserted in the running kernel, rather than being permanently built into the kernel. You use the "modprobe" tool to add (and sometimes remove) them."

If you ever need to add support for third-party modules (parts of the kernel which can't be built in), or just load modules when you need them, then make sure to enable module support here. For almost all of your hardware, the kernel can load it as modules. This entry won't go into depth as to which method is "better," compiling vs. loading drivers as modules.

If your computer needs to add support for third-party drivers or firmware, then most likely you will need to enable modular support. In fact, probably the only time you will ever need to turn it off is if you are locking down your system. Without modular support, a cracker couldn't load one of their own modules if they had access to your box.

If you do know what you're doing, and want to remove modular support for whatever reason, Gentoo will give you errors on boot because it won't find any modular dependencies in /lib/modules/`uname -r`. One workaround for this option is to delete modules from boot's startup process, and modify any init scripts that depend on them.

 # rc-update del modules
 # egrep "need *modules" /etc/init.d/*

Module unloading

Our example here also enables Module unloading which isn't added by default. With that option, you can run rmmod <module> to remove the module from your running kernel.

Forced module unloading

If you add support for forced module unloading then you can forcibly remove the module if its giving you problems, with rmmod -f <module>. Be sure to read the man page for rmmod for more options and details.

Processor type and features

Linux Kernel Configuration: Processor type and features
   Subarchitecture Type (PC-compatible)  --->
   Processor family (Athlon/Duron/K7)  --->
[ ] Generic x86 support
[*] HPET Timer Support
[*]   Provide RTC interrupt
[ ] Symmetric multi-processing support
[ ] Preemptible Kernel
[ ] Local APIC support on uniprocessors
[*] Machine Check Exception
<*>   Check for non-fatal errors on AMD Athlon/Duron / Intel Pentium
< > Toshiba Laptop support
< > Dell laptop support
[ ] Enable X86 board specific fixups for reboot
< > /dev/cpu/microcode - Intel IA32 CPU microcode support
< > /dev/cpu/*/msr - Model-specific register support
< > /dev/cpu/*/cpuid - CPU information support
     Firmware Drivers  --->
     High Memory Support (off)  --->
[ ] Math emulation
[*] MTRR (Memory Type Range Register) support
[ ] Boot from EFI support (EXPERIMENTAL)
[*] Use register arguments
[*] Enable seccomp to safely compute untrusted bytecode

Before going into details here, it's important to remember that this wiki entry is coming from the perspective of setting up a kernel for a modern desktop system, and so there are some slight enhancements turned on occassionally. Remember to take a lot of these options as a matter of opinion, and not core necessities.

Subarchitecture Type and Processor family

The settings for these two sub-menus should be obvious. If you haven't already figured out your hardware specs, now would be a good time. cat /proc/cpuinfo is a crude, but good place to start.

If you're building for a general configuration (for example, deployment on many systems) on a PC-compatible system, be sure to not select a specific architecture under processor family. Instead, choose something like 586/K5/5x86/6x86/6x86MX.

See Also: Detecting your Hardware

HPET Timer Support

This option (along with providing RTC interrupt support) is non-critical, but has been turned on for assumed benefit, from reading the Help file.

Machine Check Exception

This is another option turned on in good faith, assuming it will help our system. Read the Help file for more details.

Symmetric multi-processing support

Most desktop users will not need this enabled, though it is generally ticked on by default in the kernel. Symmetric multi-processing basically translates to "more than one CPU in your shiny box." Turn this on if you have a multicore processor (like Athlon X2) or multiple processors. If you don't know, then you probably don't have one.

SMT (Hyperthreading) scheduler support

Enable this if you have an Intel Pentium 4 processor or an Intel Atom processor. If you don't have an Intel processor, leave this off.

Multi-core scheduler support

This should be on for all processors with separate cores. Disable it if you have a CPU that has "a core and a half" like some Pentium 4 HyperThreading models.

Preemptible Kernel

There is much debate on the forums on whether or not this is beneficial to your system or not.

Our conservative example follows the advice in the Help file, "Say Y here if you are building a kernel for a desktop, embedded or real-time system. Say N if you are unsure."

Kernels >= 2.6.14 provide even more options for preemption.

High Memory Support

If your system has 1gb of RAM, only 894 megs (or so) will be noticed by the kernel if this option is turned off. You can turn on the 4GB option to use all your RAM, but the performance boost from that extra bit of ram may not make up for the overhead required in the kernel. According to an article on

It is advised to not enable CONFIG_HIGHMEM in the kernel to utilize the extra 128 MB you get for 
your 1 GB RAM system. I/O Devices cannot directly address high memory from PCI space, so bounce 
buffers have to be used. Plus the virtual memory management and paging costs come with extra mappings.
-Amit Shah

Also, ck-sources includes a patch which adds support for 1gb low-memory support, if you are interested in trying that kernel.

Math emulation

See the Help file to decide if you want to turn it on or off. If your CPU is an Intel greater than a 486 SX, you do not need to enable this setting.

MTRR (Memory Type Range Register) support

If you are using the nVidia kernel, you will need to turn this on. If you're using your AGP slot, or X-Windows, turn it on.

"You can safely say Y even if your machine doesn't have MTRRs, you'll just add about 9 KB to your kernel."

Enable seccomp to safely compute untrusted bytecode

"If unsure, say Y. Only embedded should say N here."

Power management options (ACPI, APM)

Linux Kernel Configuration: Power management options (ACPI, APM)
[*] Power Management support
[ ]   Power Management Debug Support
[ ]   Software Suspend (EXPERIMENTAL)
    ACPI (Advanced Configuration and Power Interface) Support  --->
    APM (Advanced Power Management) BIOS Support  --->
    CPU Frequency scaling  --->

Bus options (PCI, PCMCIA, EISA, MCA, ISA)

Linux Kernel Configuration: Bus options (PCI, PCMCIA, EISA, MCA, ISA)
[*] PCI support
      PCI access mode (Any)  --->
[ ]   PCI Express support
[*]   Legacy /proc/pci interface
[*]   PCI device name database
[ ]   PCI Debugging
[*] ISA support
[ ]   EISA support
[ ] MCA support
< > NatSemi SCx200 support
    PCCARD (PCMCIA/CardBus) support  --->
    PCI Hotplug Support  --->

Device Drivers

Make sure to compile in support for your network card, video card, USB controller and other such devices.

File Systems

For this section, press Y for all filesystems that are going to be used on your system. For example, if you've set up your partitions to be in the ext3 filesystem, compile support for this filesystem directly into your kernel. All elements that must exist prior to full file system booting should be compiled into the kernel, so you don't need an initrd.

Other filesystems, such as network filesystems, can be compiled in as modules. If you plan on networking with Windows computers, enable CIFS support.

Other Systems

Most of these, you won't need to touch at all. This guide recommends leaving the defaults set for these sub-menus of the main branch:

Kernel Compilation and Installation

Once you have set up your kernel to your liking, exit menuconfig and when prompted, save the settings. In the same directory, run make && make modules_install. If you haven't done so already, use eselect kernel to make /usr/src/linux point to the directory of the kernel you just built, so that it becomes the "active" kernel. If you have a separate boot partition, mount it now. Then install the kernel itself by issuing make install in the directory /usr/src/linux. Reboot and your new kernel should start.

Loading modules

To view the modules that are available to you in your new kernel, use modprobe -l. Load a module with modprobe modulename, not including the path or file extension. For example, to load the Samba filesystem module, you would type modprobe smbfs. If some or all of your modules to load automatically when you boot up, edit /etc/modules.autoload/2.6 and add the names of the modules you want to start automatically.

Retrieved from ""

Last modified: Sat, 27 Sep 2008 15:08:00 +0000 Hits: 15,835