1b2441318SGreg Kroah-Hartman# SPDX-License-Identifier: GPL-2.0 2fb32e03fSMathieu Desnoyers# 3fb32e03fSMathieu Desnoyers# General architecture dependent options 4fb32e03fSMathieu Desnoyers# 5125e5645SMathieu Desnoyers 61572497cSChristoph Hellwig# 71572497cSChristoph Hellwig# Note: arch/$(SRCARCH)/Kconfig needs to be included first so that it can 81572497cSChristoph Hellwig# override the default values in this file. 91572497cSChristoph Hellwig# 101572497cSChristoph Hellwigsource "arch/$(SRCARCH)/Kconfig" 111572497cSChristoph Hellwig 1222471e13SRandy Dunlapmenu "General architecture-dependent options" 1322471e13SRandy Dunlap 14692f66f2SHari Bathiniconfig CRASH_CORE 15692f66f2SHari Bathini bool 16692f66f2SHari Bathini 172965faa5SDave Youngconfig KEXEC_CORE 18692f66f2SHari Bathini select CRASH_CORE 192965faa5SDave Young bool 202965faa5SDave Young 21175fca3bSSven Schnelleconfig KEXEC_ELF 22175fca3bSSven Schnelle bool 23175fca3bSSven Schnelle 24467d2782SThiago Jung Bauermannconfig HAVE_IMA_KEXEC 25467d2782SThiago Jung Bauermann bool 26467d2782SThiago Jung Bauermann 27da32b581SCatalin Marinasconfig ARCH_HAS_SUBPAGE_FAULTS 28da32b581SCatalin Marinas bool 29da32b581SCatalin Marinas help 30da32b581SCatalin Marinas Select if the architecture can check permissions at sub-page 31da32b581SCatalin Marinas granularity (e.g. arm64 MTE). The probe_user_*() functions 32da32b581SCatalin Marinas must be implemented. 33da32b581SCatalin Marinas 3405736e4aSThomas Gleixnerconfig HOTPLUG_SMT 3505736e4aSThomas Gleixner bool 3605736e4aSThomas Gleixner 37142781e1SThomas Gleixnerconfig GENERIC_ENTRY 38142781e1SThomas Gleixner bool 39142781e1SThomas Gleixner 40125e5645SMathieu Desnoyersconfig KPROBES 41125e5645SMathieu Desnoyers bool "Kprobes" 4205ed160eSMasami Hiramatsu depends on MODULES 43125e5645SMathieu Desnoyers depends on HAVE_KPROBES 4405ed160eSMasami Hiramatsu select KALLSYMS 45835f14edSPaul E. McKenney select TASKS_RCU if PREEMPTION 46125e5645SMathieu Desnoyers help 47125e5645SMathieu Desnoyers Kprobes allows you to trap at almost any kernel address and 48125e5645SMathieu Desnoyers execute a callback function. register_kprobe() establishes 49125e5645SMathieu Desnoyers a probepoint and specifies the callback. Kprobes is useful 50125e5645SMathieu Desnoyers for kernel debugging, non-intrusive instrumentation and testing. 51125e5645SMathieu Desnoyers If in doubt, say "N". 52125e5645SMathieu Desnoyers 5345f81b1cSSteven Rostedtconfig JUMP_LABEL 54c5905afbSIngo Molnar bool "Optimize very unlikely/likely branches" 5545f81b1cSSteven Rostedt depends on HAVE_ARCH_JUMP_LABEL 56e9666d10SMasahiro Yamada depends on CC_HAS_ASM_GOTO 574ab7674fSJosh Poimboeuf select OBJTOOL if HAVE_JUMP_LABEL_HACK 5845f81b1cSSteven Rostedt help 59c5905afbSIngo Molnar This option enables a transparent branch optimization that 60c5905afbSIngo Molnar makes certain almost-always-true or almost-always-false branch 61c5905afbSIngo Molnar conditions even cheaper to execute within the kernel. 6245f81b1cSSteven Rostedt 63c5905afbSIngo Molnar Certain performance-sensitive kernel code, such as trace points, 64c5905afbSIngo Molnar scheduler functionality, networking code and KVM have such 65c5905afbSIngo Molnar branches and include support for this optimization technique. 66c5905afbSIngo Molnar 67c5905afbSIngo Molnar If it is detected that the compiler has support for "asm goto", 68c5905afbSIngo Molnar the kernel will compile such branches with just a nop 69c5905afbSIngo Molnar instruction. When the condition flag is toggled to true, the 70c5905afbSIngo Molnar nop will be converted to a jump instruction to execute the 71c5905afbSIngo Molnar conditional block of instructions. 72c5905afbSIngo Molnar 73c5905afbSIngo Molnar This technique lowers overhead and stress on the branch prediction 74c5905afbSIngo Molnar of the processor and generally makes the kernel faster. The update 75c5905afbSIngo Molnar of the condition is slower, but those are always very rare. 76c5905afbSIngo Molnar 77c5905afbSIngo Molnar ( On 32-bit x86, the necessary options added to the compiler 78c5905afbSIngo Molnar flags may increase the size of the kernel slightly. ) 7945f81b1cSSteven Rostedt 801987c947SPeter Zijlstraconfig STATIC_KEYS_SELFTEST 811987c947SPeter Zijlstra bool "Static key selftest" 821987c947SPeter Zijlstra depends on JUMP_LABEL 831987c947SPeter Zijlstra help 841987c947SPeter Zijlstra Boot time self-test of the branch patching code. 851987c947SPeter Zijlstra 86f03c4129SPeter Zijlstraconfig STATIC_CALL_SELFTEST 87f03c4129SPeter Zijlstra bool "Static call selftest" 88f03c4129SPeter Zijlstra depends on HAVE_STATIC_CALL 89f03c4129SPeter Zijlstra help 90f03c4129SPeter Zijlstra Boot time self-test of the call patching code. 91f03c4129SPeter Zijlstra 92afd66255SMasami Hiramatsuconfig OPTPROBES 935cc718b9SMasami Hiramatsu def_bool y 945cc718b9SMasami Hiramatsu depends on KPROBES && HAVE_OPTPROBES 9501b1d88bSThomas Gleixner select TASKS_RCU if PREEMPTION 96afd66255SMasami Hiramatsu 97e7dbfe34SMasami Hiramatsuconfig KPROBES_ON_FTRACE 98e7dbfe34SMasami Hiramatsu def_bool y 99e7dbfe34SMasami Hiramatsu depends on KPROBES && HAVE_KPROBES_ON_FTRACE 100e7dbfe34SMasami Hiramatsu depends on DYNAMIC_FTRACE_WITH_REGS 101e7dbfe34SMasami Hiramatsu help 102e7dbfe34SMasami Hiramatsu If function tracer is enabled and the arch supports full 103e7dbfe34SMasami Hiramatsu passing of pt_regs to function tracing, then kprobes can 104e7dbfe34SMasami Hiramatsu optimize on top of function tracing. 105e7dbfe34SMasami Hiramatsu 1062b144498SSrikar Dronamrajuconfig UPROBES 10709294e31SDavid A. Long def_bool n 108e8f4aa60SAllen Pais depends on ARCH_SUPPORTS_UPROBES 1092b144498SSrikar Dronamraju help 1107b2d81d4SIngo Molnar Uprobes is the user-space counterpart to kprobes: they 1117b2d81d4SIngo Molnar enable instrumentation applications (such as 'perf probe') 1127b2d81d4SIngo Molnar to establish unintrusive probes in user-space binaries and 1137b2d81d4SIngo Molnar libraries, by executing handler functions when the probes 1147b2d81d4SIngo Molnar are hit by user-space applications. 1157b2d81d4SIngo Molnar 1167b2d81d4SIngo Molnar ( These probes come in the form of single-byte breakpoints, 1177b2d81d4SIngo Molnar managed by the kernel and kept transparent to the probed 1187b2d81d4SIngo Molnar application. ) 1192b144498SSrikar Dronamraju 120adab66b7SSteven Rostedt (VMware)config HAVE_64BIT_ALIGNED_ACCESS 121adab66b7SSteven Rostedt (VMware) def_bool 64BIT && !HAVE_EFFICIENT_UNALIGNED_ACCESS 122adab66b7SSteven Rostedt (VMware) help 123adab66b7SSteven Rostedt (VMware) Some architectures require 64 bit accesses to be 64 bit 124adab66b7SSteven Rostedt (VMware) aligned, which also requires structs containing 64 bit values 125adab66b7SSteven Rostedt (VMware) to be 64 bit aligned too. This includes some 32 bit 126adab66b7SSteven Rostedt (VMware) architectures which can do 64 bit accesses, as well as 64 bit 127adab66b7SSteven Rostedt (VMware) architectures without unaligned access. 128adab66b7SSteven Rostedt (VMware) 129adab66b7SSteven Rostedt (VMware) This symbol should be selected by an architecture if 64 bit 130adab66b7SSteven Rostedt (VMware) accesses are required to be 64 bit aligned in this way even 131adab66b7SSteven Rostedt (VMware) though it is not a 64 bit architecture. 132adab66b7SSteven Rostedt (VMware) 133ba1a297dSLukas Bulwahn See Documentation/core-api/unaligned-memory-access.rst for 134ba1a297dSLukas Bulwahn more information on the topic of unaligned memory accesses. 135adab66b7SSteven Rostedt (VMware) 13658340a07SJohannes Bergconfig HAVE_EFFICIENT_UNALIGNED_ACCESS 1379ba16087SJan Beulich bool 13858340a07SJohannes Berg help 13958340a07SJohannes Berg Some architectures are unable to perform unaligned accesses 14058340a07SJohannes Berg without the use of get_unaligned/put_unaligned. Others are 14158340a07SJohannes Berg unable to perform such accesses efficiently (e.g. trap on 14258340a07SJohannes Berg unaligned access and require fixing it up in the exception 14358340a07SJohannes Berg handler.) 14458340a07SJohannes Berg 14558340a07SJohannes Berg This symbol should be selected by an architecture if it can 14658340a07SJohannes Berg perform unaligned accesses efficiently to allow different 14758340a07SJohannes Berg code paths to be selected for these cases. Some network 14858340a07SJohannes Berg drivers, for example, could opt to not fix up alignment 14958340a07SJohannes Berg problems with received packets if doing so would not help 15058340a07SJohannes Berg much. 15158340a07SJohannes Berg 152c9b54d6fSMauro Carvalho Chehab See Documentation/core-api/unaligned-memory-access.rst for more 15358340a07SJohannes Berg information on the topic of unaligned memory accesses. 15458340a07SJohannes Berg 155cf66bb93SDavid Woodhouseconfig ARCH_USE_BUILTIN_BSWAP 156cf66bb93SDavid Woodhouse bool 157cf66bb93SDavid Woodhouse help 158cf66bb93SDavid Woodhouse Modern versions of GCC (since 4.4) have builtin functions 159cf66bb93SDavid Woodhouse for handling byte-swapping. Using these, instead of the old 160cf66bb93SDavid Woodhouse inline assembler that the architecture code provides in the 161cf66bb93SDavid Woodhouse __arch_bswapXX() macros, allows the compiler to see what's 162cf66bb93SDavid Woodhouse happening and offers more opportunity for optimisation. In 163cf66bb93SDavid Woodhouse particular, the compiler will be able to combine the byteswap 164cf66bb93SDavid Woodhouse with a nearby load or store and use load-and-swap or 165cf66bb93SDavid Woodhouse store-and-swap instructions if the architecture has them. It 166cf66bb93SDavid Woodhouse should almost *never* result in code which is worse than the 167cf66bb93SDavid Woodhouse hand-coded assembler in <asm/swab.h>. But just in case it 168cf66bb93SDavid Woodhouse does, the use of the builtins is optional. 169cf66bb93SDavid Woodhouse 170cf66bb93SDavid Woodhouse Any architecture with load-and-swap or store-and-swap 171cf66bb93SDavid Woodhouse instructions should set this. And it shouldn't hurt to set it 172cf66bb93SDavid Woodhouse on architectures that don't have such instructions. 173cf66bb93SDavid Woodhouse 1749edddaa2SAnanth N Mavinakayanahalliconfig KRETPROBES 1759edddaa2SAnanth N Mavinakayanahalli def_bool y 17673f9b911SMasami Hiramatsu depends on KPROBES && (HAVE_KRETPROBES || HAVE_RETHOOK) 17773f9b911SMasami Hiramatsu 17873f9b911SMasami Hiramatsuconfig KRETPROBE_ON_RETHOOK 17973f9b911SMasami Hiramatsu def_bool y 18073f9b911SMasami Hiramatsu depends on HAVE_RETHOOK 18173f9b911SMasami Hiramatsu depends on KRETPROBES 18273f9b911SMasami Hiramatsu select RETHOOK 1839edddaa2SAnanth N Mavinakayanahalli 1847c68af6eSAvi Kivityconfig USER_RETURN_NOTIFIER 1857c68af6eSAvi Kivity bool 1867c68af6eSAvi Kivity depends on HAVE_USER_RETURN_NOTIFIER 1877c68af6eSAvi Kivity help 1887c68af6eSAvi Kivity Provide a kernel-internal notification when a cpu is about to 1897c68af6eSAvi Kivity switch to user mode. 1907c68af6eSAvi Kivity 19128b2ee20SRik van Rielconfig HAVE_IOREMAP_PROT 1929ba16087SJan Beulich bool 19328b2ee20SRik van Riel 194125e5645SMathieu Desnoyersconfig HAVE_KPROBES 1959ba16087SJan Beulich bool 1969edddaa2SAnanth N Mavinakayanahalli 1979edddaa2SAnanth N Mavinakayanahalliconfig HAVE_KRETPROBES 1989ba16087SJan Beulich bool 19974bc7ceeSArthur Kepner 200afd66255SMasami Hiramatsuconfig HAVE_OPTPROBES 201afd66255SMasami Hiramatsu bool 202d314d74cSCong Wang 203e7dbfe34SMasami Hiramatsuconfig HAVE_KPROBES_ON_FTRACE 204e7dbfe34SMasami Hiramatsu bool 205e7dbfe34SMasami Hiramatsu 2061f6d3a8fSMasami Hiramatsuconfig ARCH_CORRECT_STACKTRACE_ON_KRETPROBE 2071f6d3a8fSMasami Hiramatsu bool 2081f6d3a8fSMasami Hiramatsu help 2091f6d3a8fSMasami Hiramatsu Since kretprobes modifies return address on the stack, the 2101f6d3a8fSMasami Hiramatsu stacktrace may see the kretprobe trampoline address instead 2111f6d3a8fSMasami Hiramatsu of correct one. If the architecture stacktrace code and 2121f6d3a8fSMasami Hiramatsu unwinder can adjust such entries, select this configuration. 2131f6d3a8fSMasami Hiramatsu 214540adea3SMasami Hiramatsuconfig HAVE_FUNCTION_ERROR_INJECTION 2159802d865SJosef Bacik bool 2169802d865SJosef Bacik 21742a0bb3fSPetr Mladekconfig HAVE_NMI 21842a0bb3fSPetr Mladek bool 21942a0bb3fSPetr Mladek 220a257caccSChristophe Leroyconfig HAVE_FUNCTION_DESCRIPTORS 221a257caccSChristophe Leroy bool 222a257caccSChristophe Leroy 2234aae683fSMasahiro Yamadaconfig TRACE_IRQFLAGS_SUPPORT 2244aae683fSMasahiro Yamada bool 2254aae683fSMasahiro Yamada 2261f5a4ad9SRoland McGrath# 2271f5a4ad9SRoland McGrath# An arch should select this if it provides all these things: 2281f5a4ad9SRoland McGrath# 2291f5a4ad9SRoland McGrath# task_pt_regs() in asm/processor.h or asm/ptrace.h 2301f5a4ad9SRoland McGrath# arch_has_single_step() if there is hardware single-step support 2311f5a4ad9SRoland McGrath# arch_has_block_step() if there is hardware block-step support 2321f5a4ad9SRoland McGrath# asm/syscall.h supplying asm-generic/syscall.h interface 2331f5a4ad9SRoland McGrath# linux/regset.h user_regset interfaces 2341f5a4ad9SRoland McGrath# CORE_DUMP_USE_REGSET #define'd in linux/elf.h 235153474baSEric W. Biederman# TIF_SYSCALL_TRACE calls ptrace_report_syscall_{entry,exit} 23603248addSEric W. Biederman# TIF_NOTIFY_RESUME calls resume_user_mode_work() 2371f5a4ad9SRoland McGrath# 2381f5a4ad9SRoland McGrathconfig HAVE_ARCH_TRACEHOOK 2399ba16087SJan Beulich bool 2401f5a4ad9SRoland McGrath 241c64be2bbSMarek Szyprowskiconfig HAVE_DMA_CONTIGUOUS 242c64be2bbSMarek Szyprowski bool 243c64be2bbSMarek Szyprowski 24429d5e047SThomas Gleixnerconfig GENERIC_SMP_IDLE_THREAD 24529d5e047SThomas Gleixner bool 24629d5e047SThomas Gleixner 247485cf5daSKevin Hilmanconfig GENERIC_IDLE_POLL_SETUP 248485cf5daSKevin Hilman bool 249485cf5daSKevin Hilman 2506974f0c4SDaniel Micayconfig ARCH_HAS_FORTIFY_SOURCE 2516974f0c4SDaniel Micay bool 2526974f0c4SDaniel Micay help 2536974f0c4SDaniel Micay An architecture should select this when it can successfully 2546974f0c4SDaniel Micay build and run with CONFIG_FORTIFY_SOURCE. 2556974f0c4SDaniel Micay 256d8ae8a37SChristoph Hellwig# 257d8ae8a37SChristoph Hellwig# Select if the arch provides a historic keepinit alias for the retain_initrd 258d8ae8a37SChristoph Hellwig# command line option 259d8ae8a37SChristoph Hellwig# 260d8ae8a37SChristoph Hellwigconfig ARCH_HAS_KEEPINITRD 261d8ae8a37SChristoph Hellwig bool 262d8ae8a37SChristoph Hellwig 263d2852a22SDaniel Borkmann# Select if arch has all set_memory_ro/rw/x/nx() functions in asm/cacheflush.h 264d2852a22SDaniel Borkmannconfig ARCH_HAS_SET_MEMORY 265d2852a22SDaniel Borkmann bool 266d2852a22SDaniel Borkmann 267d253ca0cSRick Edgecombe# Select if arch has all set_direct_map_invalid/default() functions 268d253ca0cSRick Edgecombeconfig ARCH_HAS_SET_DIRECT_MAP 269d253ca0cSRick Edgecombe bool 270d253ca0cSRick Edgecombe 271c30700dbSChristoph Hellwig# 272fa7e2247SChristoph Hellwig# Select if the architecture provides the arch_dma_set_uncached symbol to 273a86ecfa6SColin Ian King# either provide an uncached segment alias for a DMA allocation, or 274fa7e2247SChristoph Hellwig# to remap the page tables in place. 275c30700dbSChristoph Hellwig# 276fa7e2247SChristoph Hellwigconfig ARCH_HAS_DMA_SET_UNCACHED 277c30700dbSChristoph Hellwig bool 278c30700dbSChristoph Hellwig 279999a5d12SChristoph Hellwig# 280999a5d12SChristoph Hellwig# Select if the architectures provides the arch_dma_clear_uncached symbol 281999a5d12SChristoph Hellwig# to undo an in-place page table remap for uncached access. 282999a5d12SChristoph Hellwig# 283999a5d12SChristoph Hellwigconfig ARCH_HAS_DMA_CLEAR_UNCACHED 284f5e10287SThomas Gleixner bool 285f5e10287SThomas Gleixner 2865905429aSKees Cook# Select if arch init_task must go in the __init_task_data section 2875905429aSKees Cookconfig ARCH_TASK_STRUCT_ON_STACK 2885905429aSKees Cook bool 2895905429aSKees Cook 2905905429aSKees Cook# Select if arch has its private alloc_task_struct() function 2915905429aSKees Cookconfig ARCH_TASK_STRUCT_ALLOCATOR 2925905429aSKees Cook bool 2935905429aSKees Cook 2945905429aSKees Cookconfig HAVE_ARCH_THREAD_STRUCT_WHITELIST 2955905429aSKees Cook bool 2965905429aSKees Cook depends on !ARCH_TASK_STRUCT_ALLOCATOR 297b235beeaSLinus Torvalds help 298b235beeaSLinus Torvalds An architecture should select this to provide hardened usercopy 299f5e10287SThomas Gleixner knowledge about what region of the thread_struct should be 300f5e10287SThomas Gleixner whitelisted for copying to userspace. Normally this is only the 3015aaeb5c0SIngo Molnar FPU registers. Specifically, arch_thread_struct_whitelist() 3025aaeb5c0SIngo Molnar should be implemented. Without this, the entire thread_struct 3035aaeb5c0SIngo Molnar field in task_struct will be left whitelisted. 3045aaeb5c0SIngo Molnar 305942fa985SYury Norov# Select if arch has its private alloc_thread_stack() function 306942fa985SYury Norovconfig ARCH_THREAD_STACK_ALLOCATOR 307942fa985SYury Norov bool 308942fa985SYury Norov 309942fa985SYury Norov# Select if arch wants to size task_struct dynamically via arch_task_struct_size: 310942fa985SYury Norovconfig ARCH_WANTS_DYNAMIC_TASK_STRUCT 311942fa985SYury Norov bool 312942fa985SYury Norov 31351c2ee6dSNick Desaulniersconfig ARCH_WANTS_NO_INSTR 31451c2ee6dSNick Desaulniers bool 31551c2ee6dSNick Desaulniers help 31651c2ee6dSNick Desaulniers An architecture should select this if the noinstr macro is being used on 31751c2ee6dSNick Desaulniers functions to denote that the toolchain should avoid instrumenting such 31851c2ee6dSNick Desaulniers functions and is required for correctness. 31951c2ee6dSNick Desaulniers 320942fa985SYury Norovconfig ARCH_32BIT_OFF_T 321942fa985SYury Norov bool 322942fa985SYury Norov depends on !64BIT 323942fa985SYury Norov help 324942fa985SYury Norov All new 32-bit architectures should have 64-bit off_t type on 325942fa985SYury Norov userspace side which corresponds to the loff_t kernel type. This 326942fa985SYury Norov is the requirement for modern ABIs. Some existing architectures 327942fa985SYury Norov still support 32-bit off_t. This option is enabled for all such 328942fa985SYury Norov architectures explicitly. 329942fa985SYury Norov 33096c0a6a7SHeiko Carstens# Selected by 64 bit architectures which have a 32 bit f_tinode in struct ustat 33196c0a6a7SHeiko Carstensconfig ARCH_32BIT_USTAT_F_TINODE 33296c0a6a7SHeiko Carstens bool 33396c0a6a7SHeiko Carstens 3342ff2b7ecSMasahiro Yamadaconfig HAVE_ASM_MODVERSIONS 3352ff2b7ecSMasahiro Yamada bool 3362ff2b7ecSMasahiro Yamada help 337a86ecfa6SColin Ian King This symbol should be selected by an architecture if it provides 3382ff2b7ecSMasahiro Yamada <asm/asm-prototypes.h> to support the module versioning for symbols 3392ff2b7ecSMasahiro Yamada exported from assembly code. 3402ff2b7ecSMasahiro Yamada 341f850c30cSHeiko Carstensconfig HAVE_REGS_AND_STACK_ACCESS_API 342f850c30cSHeiko Carstens bool 343e01292b1SHeiko Carstens help 344a86ecfa6SColin Ian King This symbol should be selected by an architecture if it supports 345e01292b1SHeiko Carstens the API needed to access registers and stack entries from pt_regs, 346e01292b1SHeiko Carstens declared in asm/ptrace.h 347e01292b1SHeiko Carstens For example the kprobes-based event tracer needs this API. 348f850c30cSHeiko Carstens 349d7822b1eSMathieu Desnoyersconfig HAVE_RSEQ 350d7822b1eSMathieu Desnoyers bool 351d7822b1eSMathieu Desnoyers depends on HAVE_REGS_AND_STACK_ACCESS_API 352d7822b1eSMathieu Desnoyers help 353d7822b1eSMathieu Desnoyers This symbol should be selected by an architecture if it 354d7822b1eSMathieu Desnoyers supports an implementation of restartable sequences. 355d7822b1eSMathieu Desnoyers 3563c88ee19SMasami Hiramatsuconfig HAVE_FUNCTION_ARG_ACCESS_API 3573c88ee19SMasami Hiramatsu bool 3583c88ee19SMasami Hiramatsu help 359a86ecfa6SColin Ian King This symbol should be selected by an architecture if it supports 3603c88ee19SMasami Hiramatsu the API needed to access function arguments from pt_regs, 3613c88ee19SMasami Hiramatsu declared in asm/ptrace.h 3623c88ee19SMasami Hiramatsu 36362a038d3SK.Prasadconfig HAVE_HW_BREAKPOINT 36462a038d3SK.Prasad bool 36599e8c5a3SFrederic Weisbecker depends on PERF_EVENTS 36662a038d3SK.Prasad 3670102752eSFrederic Weisbeckerconfig HAVE_MIXED_BREAKPOINTS_REGS 3680102752eSFrederic Weisbecker bool 3690102752eSFrederic Weisbecker depends on HAVE_HW_BREAKPOINT 3700102752eSFrederic Weisbecker help 3710102752eSFrederic Weisbecker Depending on the arch implementation of hardware breakpoints, 3720102752eSFrederic Weisbecker some of them have separate registers for data and instruction 3730102752eSFrederic Weisbecker breakpoints addresses, others have mixed registers to store 3740102752eSFrederic Weisbecker them but define the access type in a control register. 3750102752eSFrederic Weisbecker Select this option if your arch implements breakpoints under the 3760102752eSFrederic Weisbecker latter fashion. 3770102752eSFrederic Weisbecker 3787c68af6eSAvi Kivityconfig HAVE_USER_RETURN_NOTIFIER 3797c68af6eSAvi Kivity bool 380a1922ed6SIngo Molnar 381c01d4323SFrederic Weisbeckerconfig HAVE_PERF_EVENTS_NMI 382c01d4323SFrederic Weisbecker bool 38323637d47SFrederic Weisbecker help 38423637d47SFrederic Weisbecker System hardware can generate an NMI using the perf event 38523637d47SFrederic Weisbecker subsystem. Also has support for calculating CPU cycle events 38623637d47SFrederic Weisbecker to determine how many clock cycles in a given period. 387c01d4323SFrederic Weisbecker 38805a4a952SNicholas Pigginconfig HAVE_HARDLOCKUP_DETECTOR_PERF 38905a4a952SNicholas Piggin bool 39005a4a952SNicholas Piggin depends on HAVE_PERF_EVENTS_NMI 39105a4a952SNicholas Piggin help 39205a4a952SNicholas Piggin The arch chooses to use the generic perf-NMI-based hardlockup 39305a4a952SNicholas Piggin detector. Must define HAVE_PERF_EVENTS_NMI. 39405a4a952SNicholas Piggin 39505a4a952SNicholas Pigginconfig HAVE_NMI_WATCHDOG 39605a4a952SNicholas Piggin depends on HAVE_NMI 39705a4a952SNicholas Piggin bool 39805a4a952SNicholas Piggin help 39905a4a952SNicholas Piggin The arch provides a low level NMI watchdog. It provides 40005a4a952SNicholas Piggin asm/nmi.h, and defines its own arch_touch_nmi_watchdog(). 40105a4a952SNicholas Piggin 40205a4a952SNicholas Pigginconfig HAVE_HARDLOCKUP_DETECTOR_ARCH 40305a4a952SNicholas Piggin bool 40405a4a952SNicholas Piggin select HAVE_NMI_WATCHDOG 40505a4a952SNicholas Piggin help 40605a4a952SNicholas Piggin The arch chooses to provide its own hardlockup detector, which is 40705a4a952SNicholas Piggin a superset of the HAVE_NMI_WATCHDOG. It also conforms to config 40805a4a952SNicholas Piggin interfaces and parameters provided by hardlockup detector subsystem. 40905a4a952SNicholas Piggin 410c5e63197SJiri Olsaconfig HAVE_PERF_REGS 411c5e63197SJiri Olsa bool 412c5e63197SJiri Olsa help 413c5e63197SJiri Olsa Support selective register dumps for perf events. This includes 414c5e63197SJiri Olsa bit-mapping of each registers and a unique architecture id. 415c5e63197SJiri Olsa 416c5ebcedbSJiri Olsaconfig HAVE_PERF_USER_STACK_DUMP 417c5ebcedbSJiri Olsa bool 418c5ebcedbSJiri Olsa help 419c5ebcedbSJiri Olsa Support user stack dumps for perf event samples. This needs 420c5ebcedbSJiri Olsa access to the user stack pointer which is not unified across 421c5ebcedbSJiri Olsa architectures. 422c5ebcedbSJiri Olsa 423bf5438fcSJason Baronconfig HAVE_ARCH_JUMP_LABEL 424bf5438fcSJason Baron bool 425bf5438fcSJason Baron 42650ff18abSArd Biesheuvelconfig HAVE_ARCH_JUMP_LABEL_RELATIVE 42750ff18abSArd Biesheuvel bool 42850ff18abSArd Biesheuvel 4290d6e24d4SPeter Zijlstraconfig MMU_GATHER_TABLE_FREE 4300d6e24d4SPeter Zijlstra bool 4310d6e24d4SPeter Zijlstra 432ff2e6d72SPeter Zijlstraconfig MMU_GATHER_RCU_TABLE_FREE 43326723911SPeter Zijlstra bool 4340d6e24d4SPeter Zijlstra select MMU_GATHER_TABLE_FREE 43526723911SPeter Zijlstra 4363af4bd03SPeter Zijlstraconfig MMU_GATHER_PAGE_SIZE 437ed6a7935SPeter Zijlstra bool 438ed6a7935SPeter Zijlstra 43927796d03SPeter Zijlstraconfig MMU_GATHER_NO_RANGE 44027796d03SPeter Zijlstra bool 44127796d03SPeter Zijlstra 442580a586cSPeter Zijlstraconfig MMU_GATHER_NO_GATHER 443952a31c9SMartin Schwidefsky bool 4440d6e24d4SPeter Zijlstra depends on MMU_GATHER_TABLE_FREE 445952a31c9SMartin Schwidefsky 446d53c3dfbSNicholas Pigginconfig ARCH_WANT_IRQS_OFF_ACTIVATE_MM 447d53c3dfbSNicholas Piggin bool 448d53c3dfbSNicholas Piggin help 449d53c3dfbSNicholas Piggin Temporary select until all architectures can be converted to have 450d53c3dfbSNicholas Piggin irqs disabled over activate_mm. Architectures that do IPI based TLB 451d53c3dfbSNicholas Piggin shootdowns should enable this. 452d53c3dfbSNicholas Piggin 453df013ffbSHuang Yingconfig ARCH_HAVE_NMI_SAFE_CMPXCHG 454df013ffbSHuang Ying bool 455df013ffbSHuang Ying 45643570fd2SHeiko Carstensconfig HAVE_ALIGNED_STRUCT_PAGE 45743570fd2SHeiko Carstens bool 45843570fd2SHeiko Carstens help 45943570fd2SHeiko Carstens This makes sure that struct pages are double word aligned and that 46043570fd2SHeiko Carstens e.g. the SLUB allocator can perform double word atomic operations 46143570fd2SHeiko Carstens on a struct page for better performance. However selecting this 46243570fd2SHeiko Carstens might increase the size of a struct page by a word. 46343570fd2SHeiko Carstens 4644156153cSHeiko Carstensconfig HAVE_CMPXCHG_LOCAL 4654156153cSHeiko Carstens bool 4664156153cSHeiko Carstens 4672565409fSHeiko Carstensconfig HAVE_CMPXCHG_DOUBLE 4682565409fSHeiko Carstens bool 4692565409fSHeiko Carstens 47077e58496SPaul E. McKenneyconfig ARCH_WEAK_RELEASE_ACQUIRE 47177e58496SPaul E. McKenney bool 47277e58496SPaul E. McKenney 473c1d7e01dSWill Deaconconfig ARCH_WANT_IPC_PARSE_VERSION 474c1d7e01dSWill Deacon bool 475c1d7e01dSWill Deacon 476c1d7e01dSWill Deaconconfig ARCH_WANT_COMPAT_IPC_PARSE_VERSION 477c1d7e01dSWill Deacon bool 478c1d7e01dSWill Deacon 47948b25c43SChris Metcalfconfig ARCH_WANT_OLD_COMPAT_IPC 480c1d7e01dSWill Deacon select ARCH_WANT_COMPAT_IPC_PARSE_VERSION 48148b25c43SChris Metcalf bool 48248b25c43SChris Metcalf 483282a181bSYiFei Zhuconfig HAVE_ARCH_SECCOMP 484e2cfabdfSWill Drewry bool 485e2cfabdfSWill Drewry help 486282a181bSYiFei Zhu An arch should select this symbol to support seccomp mode 1 (the fixed 487282a181bSYiFei Zhu syscall policy), and must provide an overrides for __NR_seccomp_sigreturn, 488282a181bSYiFei Zhu and compat syscalls if the asm-generic/seccomp.h defaults need adjustment: 489282a181bSYiFei Zhu - __NR_seccomp_read_32 490282a181bSYiFei Zhu - __NR_seccomp_write_32 491282a181bSYiFei Zhu - __NR_seccomp_exit_32 492282a181bSYiFei Zhu - __NR_seccomp_sigreturn_32 493282a181bSYiFei Zhu 494282a181bSYiFei Zhuconfig HAVE_ARCH_SECCOMP_FILTER 495282a181bSYiFei Zhu bool 496282a181bSYiFei Zhu select HAVE_ARCH_SECCOMP 497282a181bSYiFei Zhu help 498fb0fadf9SWill Drewry An arch should select this symbol if it provides all of these things: 499282a181bSYiFei Zhu - all the requirements for HAVE_ARCH_SECCOMP 500bb6ea430SWill Drewry - syscall_get_arch() 501bb6ea430SWill Drewry - syscall_get_arguments() 502bb6ea430SWill Drewry - syscall_rollback() 503bb6ea430SWill Drewry - syscall_set_return_value() 504fb0fadf9SWill Drewry - SIGSYS siginfo_t support 505fb0fadf9SWill Drewry - secure_computing is called from a ptrace_event()-safe context 506fb0fadf9SWill Drewry - secure_computing return value is checked and a return value of -1 507fb0fadf9SWill Drewry results in the system call being skipped immediately. 50848dc92b9SKees Cook - seccomp syscall wired up 5090d8315ddSYiFei Zhu - if !HAVE_SPARSE_SYSCALL_NR, have SECCOMP_ARCH_NATIVE, 5100d8315ddSYiFei Zhu SECCOMP_ARCH_NATIVE_NR, SECCOMP_ARCH_NATIVE_NAME defined. If 5110d8315ddSYiFei Zhu COMPAT is supported, have the SECCOMP_ARCH_COMPAT* defines too. 512e2cfabdfSWill Drewry 513282a181bSYiFei Zhuconfig SECCOMP 514282a181bSYiFei Zhu prompt "Enable seccomp to safely execute untrusted bytecode" 515282a181bSYiFei Zhu def_bool y 516282a181bSYiFei Zhu depends on HAVE_ARCH_SECCOMP 517282a181bSYiFei Zhu help 518282a181bSYiFei Zhu This kernel feature is useful for number crunching applications 519282a181bSYiFei Zhu that may need to handle untrusted bytecode during their 520282a181bSYiFei Zhu execution. By using pipes or other transports made available 521282a181bSYiFei Zhu to the process as file descriptors supporting the read/write 522282a181bSYiFei Zhu syscalls, it's possible to isolate those applications in their 523282a181bSYiFei Zhu own address space using seccomp. Once seccomp is enabled via 524282a181bSYiFei Zhu prctl(PR_SET_SECCOMP) or the seccomp() syscall, it cannot be 525282a181bSYiFei Zhu disabled and the task is only allowed to execute a few safe 526282a181bSYiFei Zhu syscalls defined by each seccomp mode. 527282a181bSYiFei Zhu 528282a181bSYiFei Zhu If unsure, say Y. 529282a181bSYiFei Zhu 530e2cfabdfSWill Drewryconfig SECCOMP_FILTER 531e2cfabdfSWill Drewry def_bool y 532e2cfabdfSWill Drewry depends on HAVE_ARCH_SECCOMP_FILTER && SECCOMP && NET 533e2cfabdfSWill Drewry help 534e2cfabdfSWill Drewry Enable tasks to build secure computing environments defined 535e2cfabdfSWill Drewry in terms of Berkeley Packet Filter programs which implement 536e2cfabdfSWill Drewry task-defined system call filtering polices. 537e2cfabdfSWill Drewry 5385fb94e9cSMauro Carvalho Chehab See Documentation/userspace-api/seccomp_filter.rst for details. 539e2cfabdfSWill Drewry 5400d8315ddSYiFei Zhuconfig SECCOMP_CACHE_DEBUG 5410d8315ddSYiFei Zhu bool "Show seccomp filter cache status in /proc/pid/seccomp_cache" 5420d8315ddSYiFei Zhu depends on SECCOMP_FILTER && !HAVE_SPARSE_SYSCALL_NR 5430d8315ddSYiFei Zhu depends on PROC_FS 5440d8315ddSYiFei Zhu help 5450d8315ddSYiFei Zhu This enables the /proc/pid/seccomp_cache interface to monitor 5460d8315ddSYiFei Zhu seccomp cache data. The file format is subject to change. Reading 5470d8315ddSYiFei Zhu the file requires CAP_SYS_ADMIN. 5480d8315ddSYiFei Zhu 5490d8315ddSYiFei Zhu This option is for debugging only. Enabling presents the risk that 5500d8315ddSYiFei Zhu an adversary may be able to infer the seccomp filter logic. 5510d8315ddSYiFei Zhu 5520d8315ddSYiFei Zhu If unsure, say N. 5530d8315ddSYiFei Zhu 554afaef01cSAlexander Popovconfig HAVE_ARCH_STACKLEAK 555afaef01cSAlexander Popov bool 556afaef01cSAlexander Popov help 557afaef01cSAlexander Popov An architecture should select this if it has the code which 558afaef01cSAlexander Popov fills the used part of the kernel stack with the STACKLEAK_POISON 559afaef01cSAlexander Popov value before returning from system calls. 560afaef01cSAlexander Popov 561d148eac0SMasahiro Yamadaconfig HAVE_STACKPROTECTOR 56219952a92SKees Cook bool 56319952a92SKees Cook help 56419952a92SKees Cook An arch should select this symbol if: 56519952a92SKees Cook - it has implemented a stack canary (e.g. __stack_chk_guard) 56619952a92SKees Cook 567050e9baaSLinus Torvaldsconfig STACKPROTECTOR 5682a61f474SMasahiro Yamada bool "Stack Protector buffer overflow detection" 569d148eac0SMasahiro Yamada depends on HAVE_STACKPROTECTOR 5702a61f474SMasahiro Yamada depends on $(cc-option,-fstack-protector) 5712a61f474SMasahiro Yamada default y 5728779657dSKees Cook help 5738779657dSKees Cook This option turns on the "stack-protector" GCC feature. This 57419952a92SKees Cook feature puts, at the beginning of functions, a canary value on 57519952a92SKees Cook the stack just before the return address, and validates 57619952a92SKees Cook the value just before actually returning. Stack based buffer 57719952a92SKees Cook overflows (that need to overwrite this return address) now also 57819952a92SKees Cook overwrite the canary, which gets detected and the attack is then 57919952a92SKees Cook neutralized via a kernel panic. 58019952a92SKees Cook 5818779657dSKees Cook Functions will have the stack-protector canary logic added if they 5828779657dSKees Cook have an 8-byte or larger character array on the stack. 5838779657dSKees Cook 58419952a92SKees Cook This feature requires gcc version 4.2 or above, or a distribution 5858779657dSKees Cook gcc with the feature backported ("-fstack-protector"). 5868779657dSKees Cook 5878779657dSKees Cook On an x86 "defconfig" build, this feature adds canary checks to 5888779657dSKees Cook about 3% of all kernel functions, which increases kernel code size 5898779657dSKees Cook by about 0.3%. 5908779657dSKees Cook 591050e9baaSLinus Torvaldsconfig STACKPROTECTOR_STRONG 5922a61f474SMasahiro Yamada bool "Strong Stack Protector" 593050e9baaSLinus Torvalds depends on STACKPROTECTOR 5942a61f474SMasahiro Yamada depends on $(cc-option,-fstack-protector-strong) 5952a61f474SMasahiro Yamada default y 5968779657dSKees Cook help 5978779657dSKees Cook Functions will have the stack-protector canary logic added in any 5988779657dSKees Cook of the following conditions: 5998779657dSKees Cook 6008779657dSKees Cook - local variable's address used as part of the right hand side of an 6018779657dSKees Cook assignment or function argument 6028779657dSKees Cook - local variable is an array (or union containing an array), 6038779657dSKees Cook regardless of array type or length 6048779657dSKees Cook - uses register local variables 6058779657dSKees Cook 6068779657dSKees Cook This feature requires gcc version 4.9 or above, or a distribution 6078779657dSKees Cook gcc with the feature backported ("-fstack-protector-strong"). 6088779657dSKees Cook 6098779657dSKees Cook On an x86 "defconfig" build, this feature adds canary checks to 6108779657dSKees Cook about 20% of all kernel functions, which increases the kernel code 6118779657dSKees Cook size by about 2%. 6128779657dSKees Cook 613d08b9f0cSSami Tolvanenconfig ARCH_SUPPORTS_SHADOW_CALL_STACK 614d08b9f0cSSami Tolvanen bool 615d08b9f0cSSami Tolvanen help 616afcf5441SDan Li An architecture should select this if it supports the compiler's 617afcf5441SDan Li Shadow Call Stack and implements runtime support for shadow stack 618aa7a65aeSWill Deacon switching. 619d08b9f0cSSami Tolvanen 620d08b9f0cSSami Tolvanenconfig SHADOW_CALL_STACK 621afcf5441SDan Li bool "Shadow Call Stack" 622afcf5441SDan Li depends on ARCH_SUPPORTS_SHADOW_CALL_STACK 623ddc9863eSSami Tolvanen depends on DYNAMIC_FTRACE_WITH_REGS || !FUNCTION_GRAPH_TRACER 624d08b9f0cSSami Tolvanen help 625afcf5441SDan Li This option enables the compiler's Shadow Call Stack, which 626afcf5441SDan Li uses a shadow stack to protect function return addresses from 627afcf5441SDan Li being overwritten by an attacker. More information can be found 628afcf5441SDan Li in the compiler's documentation: 629d08b9f0cSSami Tolvanen 630afcf5441SDan Li - Clang: https://clang.llvm.org/docs/ShadowCallStack.html 631afcf5441SDan Li - GCC: https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html#Instrumentation-Options 632d08b9f0cSSami Tolvanen 633d08b9f0cSSami Tolvanen Note that security guarantees in the kernel differ from the 634d08b9f0cSSami Tolvanen ones documented for user space. The kernel must store addresses 635d08b9f0cSSami Tolvanen of shadow stacks in memory, which means an attacker capable of 636d08b9f0cSSami Tolvanen reading and writing arbitrary memory may be able to locate them 637d08b9f0cSSami Tolvanen and hijack control flow by modifying the stacks. 638d08b9f0cSSami Tolvanen 639dc5723b0SSami Tolvanenconfig LTO 640dc5723b0SSami Tolvanen bool 641dc5723b0SSami Tolvanen help 642dc5723b0SSami Tolvanen Selected if the kernel will be built using the compiler's LTO feature. 643dc5723b0SSami Tolvanen 644dc5723b0SSami Tolvanenconfig LTO_CLANG 645dc5723b0SSami Tolvanen bool 646dc5723b0SSami Tolvanen select LTO 647dc5723b0SSami Tolvanen help 648dc5723b0SSami Tolvanen Selected if the kernel will be built using Clang's LTO feature. 649dc5723b0SSami Tolvanen 650dc5723b0SSami Tolvanenconfig ARCH_SUPPORTS_LTO_CLANG 651dc5723b0SSami Tolvanen bool 652dc5723b0SSami Tolvanen help 653dc5723b0SSami Tolvanen An architecture should select this option if it supports: 654dc5723b0SSami Tolvanen - compiling with Clang, 655dc5723b0SSami Tolvanen - compiling inline assembly with Clang's integrated assembler, 656dc5723b0SSami Tolvanen - and linking with LLD. 657dc5723b0SSami Tolvanen 658dc5723b0SSami Tolvanenconfig ARCH_SUPPORTS_LTO_CLANG_THIN 659dc5723b0SSami Tolvanen bool 660dc5723b0SSami Tolvanen help 661dc5723b0SSami Tolvanen An architecture should select this option if it can support Clang's 662dc5723b0SSami Tolvanen ThinLTO mode. 663dc5723b0SSami Tolvanen 664dc5723b0SSami Tolvanenconfig HAS_LTO_CLANG 665dc5723b0SSami Tolvanen def_bool y 6661e68a8afSNathan Chancellor depends on CC_IS_CLANG && LD_IS_LLD && AS_IS_LLVM 667dc5723b0SSami Tolvanen depends on $(success,$(NM) --help | head -n 1 | grep -qi llvm) 668dc5723b0SSami Tolvanen depends on $(success,$(AR) --help | head -n 1 | grep -qi llvm) 669dc5723b0SSami Tolvanen depends on ARCH_SUPPORTS_LTO_CLANG 670dc5723b0SSami Tolvanen depends on !FTRACE_MCOUNT_USE_RECORDMCOUNT 671bf3c2551SSami Tolvanen depends on !KASAN || KASAN_HW_TAGS 672dc5723b0SSami Tolvanen depends on !GCOV_KERNEL 673dc5723b0SSami Tolvanen help 674dc5723b0SSami Tolvanen The compiler and Kconfig options support building with Clang's 675dc5723b0SSami Tolvanen LTO. 676dc5723b0SSami Tolvanen 677dc5723b0SSami Tolvanenchoice 678dc5723b0SSami Tolvanen prompt "Link Time Optimization (LTO)" 679dc5723b0SSami Tolvanen default LTO_NONE 680dc5723b0SSami Tolvanen help 681dc5723b0SSami Tolvanen This option enables Link Time Optimization (LTO), which allows the 682dc5723b0SSami Tolvanen compiler to optimize binaries globally. 683dc5723b0SSami Tolvanen 684dc5723b0SSami Tolvanen If unsure, select LTO_NONE. Note that LTO is very resource-intensive 685dc5723b0SSami Tolvanen so it's disabled by default. 686dc5723b0SSami Tolvanen 687dc5723b0SSami Tolvanenconfig LTO_NONE 688dc5723b0SSami Tolvanen bool "None" 689dc5723b0SSami Tolvanen help 690dc5723b0SSami Tolvanen Build the kernel normally, without Link Time Optimization (LTO). 691dc5723b0SSami Tolvanen 692dc5723b0SSami Tolvanenconfig LTO_CLANG_FULL 693dc5723b0SSami Tolvanen bool "Clang Full LTO (EXPERIMENTAL)" 694dc5723b0SSami Tolvanen depends on HAS_LTO_CLANG 695dc5723b0SSami Tolvanen depends on !COMPILE_TEST 696dc5723b0SSami Tolvanen select LTO_CLANG 697dc5723b0SSami Tolvanen help 698dc5723b0SSami Tolvanen This option enables Clang's full Link Time Optimization (LTO), which 699dc5723b0SSami Tolvanen allows the compiler to optimize the kernel globally. If you enable 700dc5723b0SSami Tolvanen this option, the compiler generates LLVM bitcode instead of ELF 701dc5723b0SSami Tolvanen object files, and the actual compilation from bitcode happens at 702dc5723b0SSami Tolvanen the LTO link step, which may take several minutes depending on the 703dc5723b0SSami Tolvanen kernel configuration. More information can be found from LLVM's 704dc5723b0SSami Tolvanen documentation: 705dc5723b0SSami Tolvanen 706dc5723b0SSami Tolvanen https://llvm.org/docs/LinkTimeOptimization.html 707dc5723b0SSami Tolvanen 708dc5723b0SSami Tolvanen During link time, this option can use a large amount of RAM, and 709dc5723b0SSami Tolvanen may take much longer than the ThinLTO option. 710dc5723b0SSami Tolvanen 711dc5723b0SSami Tolvanenconfig LTO_CLANG_THIN 712dc5723b0SSami Tolvanen bool "Clang ThinLTO (EXPERIMENTAL)" 713dc5723b0SSami Tolvanen depends on HAS_LTO_CLANG && ARCH_SUPPORTS_LTO_CLANG_THIN 714dc5723b0SSami Tolvanen select LTO_CLANG 715dc5723b0SSami Tolvanen help 716dc5723b0SSami Tolvanen This option enables Clang's ThinLTO, which allows for parallel 717dc5723b0SSami Tolvanen optimization and faster incremental compiles compared to the 718dc5723b0SSami Tolvanen CONFIG_LTO_CLANG_FULL option. More information can be found 719dc5723b0SSami Tolvanen from Clang's documentation: 720dc5723b0SSami Tolvanen 721dc5723b0SSami Tolvanen https://clang.llvm.org/docs/ThinLTO.html 722dc5723b0SSami Tolvanen 723dc5723b0SSami Tolvanen If unsure, say Y. 724dc5723b0SSami Tolvanenendchoice 725dc5723b0SSami Tolvanen 726cf68fffbSSami Tolvanenconfig ARCH_SUPPORTS_CFI_CLANG 727cf68fffbSSami Tolvanen bool 728cf68fffbSSami Tolvanen help 729cf68fffbSSami Tolvanen An architecture should select this option if it can support Clang's 730cf68fffbSSami Tolvanen Control-Flow Integrity (CFI) checking. 731cf68fffbSSami Tolvanen 732cf68fffbSSami Tolvanenconfig CFI_CLANG 733cf68fffbSSami Tolvanen bool "Use Clang's Control Flow Integrity (CFI)" 734cf68fffbSSami Tolvanen depends on LTO_CLANG && ARCH_SUPPORTS_CFI_CLANG 735e6f3b3c9SSami Tolvanen depends on CLANG_VERSION >= 140000 736cf68fffbSSami Tolvanen select KALLSYMS 737cf68fffbSSami Tolvanen help 738cf68fffbSSami Tolvanen This option enables Clang’s forward-edge Control Flow Integrity 739cf68fffbSSami Tolvanen (CFI) checking, where the compiler injects a runtime check to each 740cf68fffbSSami Tolvanen indirect function call to ensure the target is a valid function with 741cf68fffbSSami Tolvanen the correct static type. This restricts possible call targets and 742cf68fffbSSami Tolvanen makes it more difficult for an attacker to exploit bugs that allow 743cf68fffbSSami Tolvanen the modification of stored function pointers. More information can be 744cf68fffbSSami Tolvanen found from Clang's documentation: 745cf68fffbSSami Tolvanen 746cf68fffbSSami Tolvanen https://clang.llvm.org/docs/ControlFlowIntegrity.html 747cf68fffbSSami Tolvanen 748cf68fffbSSami Tolvanenconfig CFI_CLANG_SHADOW 749cf68fffbSSami Tolvanen bool "Use CFI shadow to speed up cross-module checks" 750cf68fffbSSami Tolvanen default y 751cf68fffbSSami Tolvanen depends on CFI_CLANG && MODULES 752cf68fffbSSami Tolvanen help 753cf68fffbSSami Tolvanen If you select this option, the kernel builds a fast look-up table of 754cf68fffbSSami Tolvanen CFI check functions in loaded modules to reduce performance overhead. 755cf68fffbSSami Tolvanen 756cf68fffbSSami Tolvanen If unsure, say Y. 757cf68fffbSSami Tolvanen 758cf68fffbSSami Tolvanenconfig CFI_PERMISSIVE 759cf68fffbSSami Tolvanen bool "Use CFI in permissive mode" 760cf68fffbSSami Tolvanen depends on CFI_CLANG 761cf68fffbSSami Tolvanen help 762cf68fffbSSami Tolvanen When selected, Control Flow Integrity (CFI) violations result in a 763cf68fffbSSami Tolvanen warning instead of a kernel panic. This option should only be used 764cf68fffbSSami Tolvanen for finding indirect call type mismatches during development. 765cf68fffbSSami Tolvanen 766cf68fffbSSami Tolvanen If unsure, say N. 767cf68fffbSSami Tolvanen 7680f60a8efSKees Cookconfig HAVE_ARCH_WITHIN_STACK_FRAMES 7690f60a8efSKees Cook bool 7700f60a8efSKees Cook help 7710f60a8efSKees Cook An architecture should select this if it can walk the kernel stack 7720f60a8efSKees Cook frames to determine if an object is part of either the arguments 7730f60a8efSKees Cook or local variables (i.e. that it excludes saved return addresses, 7740f60a8efSKees Cook and similar) by implementing an inline arch_within_stack_frames(), 7750f60a8efSKees Cook which is used by CONFIG_HARDENED_USERCOPY. 7760f60a8efSKees Cook 777*24a9c541SFrederic Weisbeckerconfig HAVE_CONTEXT_TRACKING_USER 7782b1d5024SFrederic Weisbecker bool 7792b1d5024SFrederic Weisbecker help 78091d1aa43SFrederic Weisbecker Provide kernel/user boundaries probes necessary for subsystems 78191d1aa43SFrederic Weisbecker that need it, such as userspace RCU extended quiescent state. 782490f561bSFrederic Weisbecker Syscalls need to be wrapped inside user_exit()-user_enter(), either 783490f561bSFrederic Weisbecker optimized behind static key or through the slow path using TIF_NOHZ 784490f561bSFrederic Weisbecker flag. Exceptions handlers must be wrapped as well. Irqs are already 785490f561bSFrederic Weisbecker protected inside rcu_irq_enter/rcu_irq_exit() but preemption or signal 786490f561bSFrederic Weisbecker handling on irq exit still need to be protected. 787490f561bSFrederic Weisbecker 788*24a9c541SFrederic Weisbeckerconfig HAVE_CONTEXT_TRACKING_USER_OFFSTACK 78983c2da2eSFrederic Weisbecker bool 79083c2da2eSFrederic Weisbecker help 79183c2da2eSFrederic Weisbecker Architecture neither relies on exception_enter()/exception_exit() 79283c2da2eSFrederic Weisbecker nor on schedule_user(). Also preempt_schedule_notrace() and 79383c2da2eSFrederic Weisbecker preempt_schedule_irq() can't be called in a preemptible section 79483c2da2eSFrederic Weisbecker while context tracking is CONTEXT_USER. This feature reflects a sane 79583c2da2eSFrederic Weisbecker entry implementation where the following requirements are met on 79683c2da2eSFrederic Weisbecker critical entry code, ie: before user_exit() or after user_enter(): 79783c2da2eSFrederic Weisbecker 79883c2da2eSFrederic Weisbecker - Critical entry code isn't preemptible (or better yet: 79983c2da2eSFrederic Weisbecker not interruptible). 80083c2da2eSFrederic Weisbecker - No use of RCU read side critical sections, unless rcu_nmi_enter() 80183c2da2eSFrederic Weisbecker got called. 80283c2da2eSFrederic Weisbecker - No use of instrumentation, unless instrumentation_begin() got 80383c2da2eSFrederic Weisbecker called. 80483c2da2eSFrederic Weisbecker 805490f561bSFrederic Weisbeckerconfig HAVE_TIF_NOHZ 806490f561bSFrederic Weisbecker bool 807490f561bSFrederic Weisbecker help 808490f561bSFrederic Weisbecker Arch relies on TIF_NOHZ and syscall slow path to implement context 809490f561bSFrederic Weisbecker tracking calls to user_enter()/user_exit(). 8102b1d5024SFrederic Weisbecker 811b952741cSFrederic Weisbeckerconfig HAVE_VIRT_CPU_ACCOUNTING 812b952741cSFrederic Weisbecker bool 813b952741cSFrederic Weisbecker 8142b91ec9fSFrederic Weisbeckerconfig HAVE_VIRT_CPU_ACCOUNTING_IDLE 8152b91ec9fSFrederic Weisbecker bool 8162b91ec9fSFrederic Weisbecker help 8172b91ec9fSFrederic Weisbecker Architecture has its own way to account idle CPU time and therefore 8182b91ec9fSFrederic Weisbecker doesn't implement vtime_account_idle(). 8192b91ec9fSFrederic Weisbecker 82040565b5aSStanislaw Gruszkaconfig ARCH_HAS_SCALED_CPUTIME 82140565b5aSStanislaw Gruszka bool 82240565b5aSStanislaw Gruszka 823554b0004SKevin Hilmanconfig HAVE_VIRT_CPU_ACCOUNTING_GEN 824554b0004SKevin Hilman bool 825554b0004SKevin Hilman default y if 64BIT 826554b0004SKevin Hilman help 827554b0004SKevin Hilman With VIRT_CPU_ACCOUNTING_GEN, cputime_t becomes 64-bit. 828554b0004SKevin Hilman Before enabling this option, arch code must be audited 829554b0004SKevin Hilman to ensure there are no races in concurrent read/write of 830554b0004SKevin Hilman cputime_t. For example, reading/writing 64-bit cputime_t on 831554b0004SKevin Hilman some 32-bit arches may require multiple accesses, so proper 832554b0004SKevin Hilman locking is needed to protect against concurrent accesses. 833554b0004SKevin Hilman 834fdf9c356SFrederic Weisbeckerconfig HAVE_IRQ_TIME_ACCOUNTING 835fdf9c356SFrederic Weisbecker bool 836fdf9c356SFrederic Weisbecker help 837fdf9c356SFrederic Weisbecker Archs need to ensure they use a high enough resolution clock to 838fdf9c356SFrederic Weisbecker support irq time accounting and then call enable_sched_clock_irqtime(). 839fdf9c356SFrederic Weisbecker 840c49dd340SKalesh Singhconfig HAVE_MOVE_PUD 841c49dd340SKalesh Singh bool 842c49dd340SKalesh Singh help 843c49dd340SKalesh Singh Architectures that select this are able to move page tables at the 844c49dd340SKalesh Singh PUD level. If there are only 3 page table levels, the move effectively 845c49dd340SKalesh Singh happens at the PGD level. 846c49dd340SKalesh Singh 8472c91bd4aSJoel Fernandes (Google)config HAVE_MOVE_PMD 8482c91bd4aSJoel Fernandes (Google) bool 8492c91bd4aSJoel Fernandes (Google) help 8502c91bd4aSJoel Fernandes (Google) Archs that select this are able to move page tables at the PMD level. 8512c91bd4aSJoel Fernandes (Google) 85215626062SGerald Schaeferconfig HAVE_ARCH_TRANSPARENT_HUGEPAGE 85315626062SGerald Schaefer bool 85415626062SGerald Schaefer 855a00cc7d9SMatthew Wilcoxconfig HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD 856a00cc7d9SMatthew Wilcox bool 857a00cc7d9SMatthew Wilcox 8580ddab1d2SToshi Kaniconfig HAVE_ARCH_HUGE_VMAP 8590ddab1d2SToshi Kani bool 8600ddab1d2SToshi Kani 861121e6f32SNicholas Piggin# 862121e6f32SNicholas Piggin# Archs that select this would be capable of PMD-sized vmaps (i.e., 863559089e0SSong Liu# arch_vmap_pmd_supported() returns true). The VM_ALLOW_HUGE_VMAP flag 864559089e0SSong Liu# must be used to enable allocations to use hugepages. 865121e6f32SNicholas Piggin# 866121e6f32SNicholas Pigginconfig HAVE_ARCH_HUGE_VMALLOC 867121e6f32SNicholas Piggin depends on HAVE_ARCH_HUGE_VMAP 868121e6f32SNicholas Piggin bool 869121e6f32SNicholas Piggin 8703876d4a3SAlexandre Ghiticonfig ARCH_WANT_HUGE_PMD_SHARE 8713876d4a3SAlexandre Ghiti bool 8723876d4a3SAlexandre Ghiti 8730f8975ecSPavel Emelyanovconfig HAVE_ARCH_SOFT_DIRTY 8740f8975ecSPavel Emelyanov bool 8750f8975ecSPavel Emelyanov 876786d35d4SDavid Howellsconfig HAVE_MOD_ARCH_SPECIFIC 877786d35d4SDavid Howells bool 878786d35d4SDavid Howells help 879786d35d4SDavid Howells The arch uses struct mod_arch_specific to store data. Many arches 880786d35d4SDavid Howells just need a simple module loader without arch specific data - those 881786d35d4SDavid Howells should not enable this. 882786d35d4SDavid Howells 883786d35d4SDavid Howellsconfig MODULES_USE_ELF_RELA 884786d35d4SDavid Howells bool 885786d35d4SDavid Howells help 886786d35d4SDavid Howells Modules only use ELF RELA relocations. Modules with ELF REL 887786d35d4SDavid Howells relocations will give an error. 888786d35d4SDavid Howells 889786d35d4SDavid Howellsconfig MODULES_USE_ELF_REL 890786d35d4SDavid Howells bool 891786d35d4SDavid Howells help 892786d35d4SDavid Howells Modules only use ELF REL relocations. Modules with ELF RELA 893786d35d4SDavid Howells relocations will give an error. 894786d35d4SDavid Howells 89501dc0386SChristophe Leroyconfig ARCH_WANTS_MODULES_DATA_IN_VMALLOC 89601dc0386SChristophe Leroy bool 89701dc0386SChristophe Leroy help 89801dc0386SChristophe Leroy For architectures like powerpc/32 which have constraints on module 89901dc0386SChristophe Leroy allocation and need to allocate module data outside of module area. 90001dc0386SChristophe Leroy 901cc1f0274SFrederic Weisbeckerconfig HAVE_IRQ_EXIT_ON_IRQ_STACK 902cc1f0274SFrederic Weisbecker bool 903cc1f0274SFrederic Weisbecker help 904cc1f0274SFrederic Weisbecker Architecture doesn't only execute the irq handler on the irq stack 905cc1f0274SFrederic Weisbecker but also irq_exit(). This way we can process softirqs on this irq 906cc1f0274SFrederic Weisbecker stack instead of switching to a new one when we call __do_softirq() 907cc1f0274SFrederic Weisbecker in the end of an hardirq. 908cc1f0274SFrederic Weisbecker This spares a stack switch and improves cache usage on softirq 909cc1f0274SFrederic Weisbecker processing. 910cc1f0274SFrederic Weisbecker 911cd1a41ceSThomas Gleixnerconfig HAVE_SOFTIRQ_ON_OWN_STACK 912cd1a41ceSThomas Gleixner bool 913cd1a41ceSThomas Gleixner help 914cd1a41ceSThomas Gleixner Architecture provides a function to run __do_softirq() on a 915c226bc3cSColin Ian King separate stack. 916cd1a41ceSThomas Gleixner 91712700c17SArnd Bergmannconfig ALTERNATE_USER_ADDRESS_SPACE 91812700c17SArnd Bergmann bool 91912700c17SArnd Bergmann help 92012700c17SArnd Bergmann Architectures set this when the CPU uses separate address 92112700c17SArnd Bergmann spaces for kernel and user space pointers. In this case, the 92212700c17SArnd Bergmann access_ok() check on a __user pointer is skipped. 92312700c17SArnd Bergmann 924235a8f02SKirill A. Shutemovconfig PGTABLE_LEVELS 925235a8f02SKirill A. Shutemov int 926235a8f02SKirill A. Shutemov default 2 927235a8f02SKirill A. Shutemov 9282b68f6caSKees Cookconfig ARCH_HAS_ELF_RANDOMIZE 9292b68f6caSKees Cook bool 9302b68f6caSKees Cook help 9312b68f6caSKees Cook An architecture supports choosing randomized locations for 9322b68f6caSKees Cook stack, mmap, brk, and ET_DYN. Defined functions: 9332b68f6caSKees Cook - arch_mmap_rnd() 934204db6edSKees Cook - arch_randomize_brk() 9352b68f6caSKees Cook 936d07e2259SDaniel Cashmanconfig HAVE_ARCH_MMAP_RND_BITS 937d07e2259SDaniel Cashman bool 938d07e2259SDaniel Cashman help 939d07e2259SDaniel Cashman An arch should select this symbol if it supports setting a variable 940d07e2259SDaniel Cashman number of bits for use in establishing the base address for mmap 941d07e2259SDaniel Cashman allocations, has MMU enabled and provides values for both: 942d07e2259SDaniel Cashman - ARCH_MMAP_RND_BITS_MIN 943d07e2259SDaniel Cashman - ARCH_MMAP_RND_BITS_MAX 944d07e2259SDaniel Cashman 9455f56a5dfSJiri Slabyconfig HAVE_EXIT_THREAD 9465f56a5dfSJiri Slaby bool 9475f56a5dfSJiri Slaby help 9485f56a5dfSJiri Slaby An architecture implements exit_thread. 9495f56a5dfSJiri Slaby 950d07e2259SDaniel Cashmanconfig ARCH_MMAP_RND_BITS_MIN 951d07e2259SDaniel Cashman int 952d07e2259SDaniel Cashman 953d07e2259SDaniel Cashmanconfig ARCH_MMAP_RND_BITS_MAX 954d07e2259SDaniel Cashman int 955d07e2259SDaniel Cashman 956d07e2259SDaniel Cashmanconfig ARCH_MMAP_RND_BITS_DEFAULT 957d07e2259SDaniel Cashman int 958d07e2259SDaniel Cashman 959d07e2259SDaniel Cashmanconfig ARCH_MMAP_RND_BITS 960d07e2259SDaniel Cashman int "Number of bits to use for ASLR of mmap base address" if EXPERT 961d07e2259SDaniel Cashman range ARCH_MMAP_RND_BITS_MIN ARCH_MMAP_RND_BITS_MAX 962d07e2259SDaniel Cashman default ARCH_MMAP_RND_BITS_DEFAULT if ARCH_MMAP_RND_BITS_DEFAULT 963d07e2259SDaniel Cashman default ARCH_MMAP_RND_BITS_MIN 964d07e2259SDaniel Cashman depends on HAVE_ARCH_MMAP_RND_BITS 965d07e2259SDaniel Cashman help 966d07e2259SDaniel Cashman This value can be used to select the number of bits to use to 967d07e2259SDaniel Cashman determine the random offset to the base address of vma regions 968d07e2259SDaniel Cashman resulting from mmap allocations. This value will be bounded 969d07e2259SDaniel Cashman by the architecture's minimum and maximum supported values. 970d07e2259SDaniel Cashman 971d07e2259SDaniel Cashman This value can be changed after boot using the 972d07e2259SDaniel Cashman /proc/sys/vm/mmap_rnd_bits tunable 973d07e2259SDaniel Cashman 974d07e2259SDaniel Cashmanconfig HAVE_ARCH_MMAP_RND_COMPAT_BITS 975d07e2259SDaniel Cashman bool 976d07e2259SDaniel Cashman help 977d07e2259SDaniel Cashman An arch should select this symbol if it supports running applications 978d07e2259SDaniel Cashman in compatibility mode, supports setting a variable number of bits for 979d07e2259SDaniel Cashman use in establishing the base address for mmap allocations, has MMU 980d07e2259SDaniel Cashman enabled and provides values for both: 981d07e2259SDaniel Cashman - ARCH_MMAP_RND_COMPAT_BITS_MIN 982d07e2259SDaniel Cashman - ARCH_MMAP_RND_COMPAT_BITS_MAX 983d07e2259SDaniel Cashman 984d07e2259SDaniel Cashmanconfig ARCH_MMAP_RND_COMPAT_BITS_MIN 985d07e2259SDaniel Cashman int 986d07e2259SDaniel Cashman 987d07e2259SDaniel Cashmanconfig ARCH_MMAP_RND_COMPAT_BITS_MAX 988d07e2259SDaniel Cashman int 989d07e2259SDaniel Cashman 990d07e2259SDaniel Cashmanconfig ARCH_MMAP_RND_COMPAT_BITS_DEFAULT 991d07e2259SDaniel Cashman int 992d07e2259SDaniel Cashman 993d07e2259SDaniel Cashmanconfig ARCH_MMAP_RND_COMPAT_BITS 994d07e2259SDaniel Cashman int "Number of bits to use for ASLR of mmap base address for compatible applications" if EXPERT 995d07e2259SDaniel Cashman range ARCH_MMAP_RND_COMPAT_BITS_MIN ARCH_MMAP_RND_COMPAT_BITS_MAX 996d07e2259SDaniel Cashman default ARCH_MMAP_RND_COMPAT_BITS_DEFAULT if ARCH_MMAP_RND_COMPAT_BITS_DEFAULT 997d07e2259SDaniel Cashman default ARCH_MMAP_RND_COMPAT_BITS_MIN 998d07e2259SDaniel Cashman depends on HAVE_ARCH_MMAP_RND_COMPAT_BITS 999d07e2259SDaniel Cashman help 1000d07e2259SDaniel Cashman This value can be used to select the number of bits to use to 1001d07e2259SDaniel Cashman determine the random offset to the base address of vma regions 1002d07e2259SDaniel Cashman resulting from mmap allocations for compatible applications This 1003d07e2259SDaniel Cashman value will be bounded by the architecture's minimum and maximum 1004d07e2259SDaniel Cashman supported values. 1005d07e2259SDaniel Cashman 1006d07e2259SDaniel Cashman This value can be changed after boot using the 1007d07e2259SDaniel Cashman /proc/sys/vm/mmap_rnd_compat_bits tunable 1008d07e2259SDaniel Cashman 10091b028f78SDmitry Safonovconfig HAVE_ARCH_COMPAT_MMAP_BASES 10101b028f78SDmitry Safonov bool 10111b028f78SDmitry Safonov help 10121b028f78SDmitry Safonov This allows 64bit applications to invoke 32-bit mmap() syscall 10131b028f78SDmitry Safonov and vice-versa 32-bit applications to call 64-bit mmap(). 10141b028f78SDmitry Safonov Required for applications doing different bitness syscalls. 10151b028f78SDmitry Safonov 10161f0e290cSGuenter Roeckconfig PAGE_SIZE_LESS_THAN_64KB 10171f0e290cSGuenter Roeck def_bool y 10181f0e290cSGuenter Roeck depends on !ARM64_64K_PAGES 10191f0e290cSGuenter Roeck depends on !IA64_PAGE_SIZE_64KB 10201f0e290cSGuenter Roeck depends on !PAGE_SIZE_64KB 10211f0e290cSGuenter Roeck depends on !PARISC_PAGE_SIZE_64KB 1022e4bbd20dSNathan Chancellor depends on PAGE_SIZE_LESS_THAN_256KB 1023e4bbd20dSNathan Chancellor 1024e4bbd20dSNathan Chancellorconfig PAGE_SIZE_LESS_THAN_256KB 1025e4bbd20dSNathan Chancellor def_bool y 10261f0e290cSGuenter Roeck depends on !PAGE_SIZE_256KB 10271f0e290cSGuenter Roeck 102867f3977fSAlexandre Ghiti# This allows to use a set of generic functions to determine mmap base 102967f3977fSAlexandre Ghiti# address by giving priority to top-down scheme only if the process 103067f3977fSAlexandre Ghiti# is not in legacy mode (compat task, unlimited stack size or 103167f3977fSAlexandre Ghiti# sysctl_legacy_va_layout). 103267f3977fSAlexandre Ghiti# Architecture that selects this option can provide its own version of: 103367f3977fSAlexandre Ghiti# - STACK_RND_MASK 103467f3977fSAlexandre Ghiticonfig ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT 103567f3977fSAlexandre Ghiti bool 103667f3977fSAlexandre Ghiti depends on MMU 1037e7142bf5SAlexandre Ghiti select ARCH_HAS_ELF_RANDOMIZE 103867f3977fSAlexandre Ghiti 103903f16cd0SJosh Poimboeufconfig HAVE_OBJTOOL 104003f16cd0SJosh Poimboeuf bool 104103f16cd0SJosh Poimboeuf 10424ab7674fSJosh Poimboeufconfig HAVE_JUMP_LABEL_HACK 10434ab7674fSJosh Poimboeuf bool 10444ab7674fSJosh Poimboeuf 104522102f45SJosh Poimboeufconfig HAVE_NOINSTR_HACK 104622102f45SJosh Poimboeuf bool 104722102f45SJosh Poimboeuf 1048489e355bSJosh Poimboeufconfig HAVE_NOINSTR_VALIDATION 1049489e355bSJosh Poimboeuf bool 1050489e355bSJosh Poimboeuf 10515f3da8c0SJosh Poimboeufconfig HAVE_UACCESS_VALIDATION 10525f3da8c0SJosh Poimboeuf bool 10535f3da8c0SJosh Poimboeuf select OBJTOOL 10545f3da8c0SJosh Poimboeuf 1055b9ab5ebbSJosh Poimboeufconfig HAVE_STACK_VALIDATION 1056b9ab5ebbSJosh Poimboeuf bool 1057b9ab5ebbSJosh Poimboeuf help 105803f16cd0SJosh Poimboeuf Architecture supports objtool compile-time frame pointer rule 105903f16cd0SJosh Poimboeuf validation. 1060b9ab5ebbSJosh Poimboeuf 1061af085d90SJosh Poimboeufconfig HAVE_RELIABLE_STACKTRACE 1062af085d90SJosh Poimboeuf bool 1063af085d90SJosh Poimboeuf help 1064140d7e88SMiroslav Benes Architecture has either save_stack_trace_tsk_reliable() or 1065140d7e88SMiroslav Benes arch_stack_walk_reliable() function which only returns a stack trace 1066140d7e88SMiroslav Benes if it can guarantee the trace is reliable. 1067af085d90SJosh Poimboeuf 1068468a9428SGeorge Spelvinconfig HAVE_ARCH_HASH 1069468a9428SGeorge Spelvin bool 1070468a9428SGeorge Spelvin default n 1071468a9428SGeorge Spelvin help 1072468a9428SGeorge Spelvin If this is set, the architecture provides an <asm/hash.h> 1073468a9428SGeorge Spelvin file which provides platform-specific implementations of some 1074468a9428SGeorge Spelvin functions in <linux/hash.h> or fs/namei.c. 1075468a9428SGeorge Spelvin 1076666047feSFinn Thainconfig HAVE_ARCH_NVRAM_OPS 1077666047feSFinn Thain bool 1078666047feSFinn Thain 10793a495511SWilliam Breathitt Grayconfig ISA_BUS_API 10803a495511SWilliam Breathitt Gray def_bool ISA 10813a495511SWilliam Breathitt Gray 1082d2125043SAl Viro# 1083d2125043SAl Viro# ABI hall of shame 1084d2125043SAl Viro# 1085d2125043SAl Viroconfig CLONE_BACKWARDS 1086d2125043SAl Viro bool 1087d2125043SAl Viro help 1088d2125043SAl Viro Architecture has tls passed as the 4th argument of clone(2), 1089d2125043SAl Viro not the 5th one. 1090d2125043SAl Viro 1091d2125043SAl Viroconfig CLONE_BACKWARDS2 1092d2125043SAl Viro bool 1093d2125043SAl Viro help 1094d2125043SAl Viro Architecture has the first two arguments of clone(2) swapped. 1095d2125043SAl Viro 1096dfa9771aSMichal Simekconfig CLONE_BACKWARDS3 1097dfa9771aSMichal Simek bool 1098dfa9771aSMichal Simek help 1099dfa9771aSMichal Simek Architecture has tls passed as the 3rd argument of clone(2), 1100dfa9771aSMichal Simek not the 5th one. 1101dfa9771aSMichal Simek 1102eaca6eaeSAl Viroconfig ODD_RT_SIGACTION 1103eaca6eaeSAl Viro bool 1104eaca6eaeSAl Viro help 1105eaca6eaeSAl Viro Architecture has unusual rt_sigaction(2) arguments 1106eaca6eaeSAl Viro 11070a0e8cdfSAl Viroconfig OLD_SIGSUSPEND 11080a0e8cdfSAl Viro bool 11090a0e8cdfSAl Viro help 11100a0e8cdfSAl Viro Architecture has old sigsuspend(2) syscall, of one-argument variety 11110a0e8cdfSAl Viro 11120a0e8cdfSAl Viroconfig OLD_SIGSUSPEND3 11130a0e8cdfSAl Viro bool 11140a0e8cdfSAl Viro help 11150a0e8cdfSAl Viro Even weirder antique ABI - three-argument sigsuspend(2) 11160a0e8cdfSAl Viro 1117495dfbf7SAl Viroconfig OLD_SIGACTION 1118495dfbf7SAl Viro bool 1119495dfbf7SAl Viro help 1120495dfbf7SAl Viro Architecture has old sigaction(2) syscall. Nope, not the same 1121495dfbf7SAl Viro as OLD_SIGSUSPEND | OLD_SIGSUSPEND3 - alpha has sigsuspend(2), 1122495dfbf7SAl Viro but fairly different variant of sigaction(2), thanks to OSF/1 1123495dfbf7SAl Viro compatibility... 1124495dfbf7SAl Viro 1125495dfbf7SAl Viroconfig COMPAT_OLD_SIGACTION 1126495dfbf7SAl Viro bool 1127495dfbf7SAl Viro 112817435e5fSDeepa Dinamaniconfig COMPAT_32BIT_TIME 1129942437c9SArnd Bergmann bool "Provide system calls for 32-bit time_t" 1130942437c9SArnd Bergmann default !64BIT || COMPAT 113117435e5fSDeepa Dinamani help 113217435e5fSDeepa Dinamani This enables 32 bit time_t support in addition to 64 bit time_t support. 113317435e5fSDeepa Dinamani This is relevant on all 32-bit architectures, and 64-bit architectures 113417435e5fSDeepa Dinamani as part of compat syscall handling. 113517435e5fSDeepa Dinamani 113687a4c375SChristoph Hellwigconfig ARCH_NO_PREEMPT 113787a4c375SChristoph Hellwig bool 113887a4c375SChristoph Hellwig 1139cb2c7d1aSMickaël Salaünconfig ARCH_EPHEMERAL_INODES 1140cb2c7d1aSMickaël Salaün def_bool n 1141cb2c7d1aSMickaël Salaün help 1142cb2c7d1aSMickaël Salaün An arch should select this symbol if it doesn't keep track of inode 1143cb2c7d1aSMickaël Salaün instances on its own, but instead relies on something else (e.g. the 1144cb2c7d1aSMickaël Salaün host kernel for an UML kernel). 1145cb2c7d1aSMickaël Salaün 1146a50a3f4bSThomas Gleixnerconfig ARCH_SUPPORTS_RT 1147a50a3f4bSThomas Gleixner bool 1148a50a3f4bSThomas Gleixner 1149fff7fb0bSZhaoxiu Zengconfig CPU_NO_EFFICIENT_FFS 1150fff7fb0bSZhaoxiu Zeng def_bool n 1151fff7fb0bSZhaoxiu Zeng 1152ba14a194SAndy Lutomirskiconfig HAVE_ARCH_VMAP_STACK 1153ba14a194SAndy Lutomirski def_bool n 1154ba14a194SAndy Lutomirski help 1155ba14a194SAndy Lutomirski An arch should select this symbol if it can support kernel stacks 1156ba14a194SAndy Lutomirski in vmalloc space. This means: 1157ba14a194SAndy Lutomirski 1158ba14a194SAndy Lutomirski - vmalloc space must be large enough to hold many kernel stacks. 1159ba14a194SAndy Lutomirski This may rule out many 32-bit architectures. 1160ba14a194SAndy Lutomirski 1161ba14a194SAndy Lutomirski - Stacks in vmalloc space need to work reliably. For example, if 1162ba14a194SAndy Lutomirski vmap page tables are created on demand, either this mechanism 1163ba14a194SAndy Lutomirski needs to work while the stack points to a virtual address with 1164ba14a194SAndy Lutomirski unpopulated page tables or arch code (switch_to() and switch_mm(), 1165ba14a194SAndy Lutomirski most likely) needs to ensure that the stack's page table entries 1166ba14a194SAndy Lutomirski are populated before running on a possibly unpopulated stack. 1167ba14a194SAndy Lutomirski 1168ba14a194SAndy Lutomirski - If the stack overflows into a guard page, something reasonable 1169ba14a194SAndy Lutomirski should happen. The definition of "reasonable" is flexible, but 1170ba14a194SAndy Lutomirski instantly rebooting without logging anything would be unfriendly. 1171ba14a194SAndy Lutomirski 1172ba14a194SAndy Lutomirskiconfig VMAP_STACK 1173ba14a194SAndy Lutomirski default y 1174ba14a194SAndy Lutomirski bool "Use a virtually-mapped stack" 1175eafb149eSDaniel Axtens depends on HAVE_ARCH_VMAP_STACK 117638dd767dSAndrey Konovalov depends on !KASAN || KASAN_HW_TAGS || KASAN_VMALLOC 1177a7f7f624SMasahiro Yamada help 1178ba14a194SAndy Lutomirski Enable this if you want the use virtually-mapped kernel stacks 1179ba14a194SAndy Lutomirski with guard pages. This causes kernel stack overflows to be 1180ba14a194SAndy Lutomirski caught immediately rather than causing difficult-to-diagnose 1181ba14a194SAndy Lutomirski corruption. 1182ba14a194SAndy Lutomirski 118338dd767dSAndrey Konovalov To use this with software KASAN modes, the architecture must support 118438dd767dSAndrey Konovalov backing virtual mappings with real shadow memory, and KASAN_VMALLOC 118538dd767dSAndrey Konovalov must be enabled. 1186ba14a194SAndy Lutomirski 118739218ff4SKees Cookconfig HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET 118839218ff4SKees Cook def_bool n 118939218ff4SKees Cook help 119039218ff4SKees Cook An arch should select this symbol if it can support kernel stack 119139218ff4SKees Cook offset randomization with calls to add_random_kstack_offset() 119239218ff4SKees Cook during syscall entry and choose_random_kstack_offset() during 119339218ff4SKees Cook syscall exit. Careful removal of -fstack-protector-strong and 119439218ff4SKees Cook -fstack-protector should also be applied to the entry code and 119539218ff4SKees Cook closely examined, as the artificial stack bump looks like an array 119639218ff4SKees Cook to the compiler, so it will attempt to add canary checks regardless 119739218ff4SKees Cook of the static branch state. 119839218ff4SKees Cook 11998cb37a59SMarco Elverconfig RANDOMIZE_KSTACK_OFFSET 12008cb37a59SMarco Elver bool "Support for randomizing kernel stack offset on syscall entry" if EXPERT 12018cb37a59SMarco Elver default y 120239218ff4SKees Cook depends on HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET 1203efa90c11SMarco Elver depends on INIT_STACK_NONE || !CC_IS_CLANG || CLANG_VERSION >= 140000 120439218ff4SKees Cook help 120539218ff4SKees Cook The kernel stack offset can be randomized (after pt_regs) by 120639218ff4SKees Cook roughly 5 bits of entropy, frustrating memory corruption 120739218ff4SKees Cook attacks that depend on stack address determinism or 12088cb37a59SMarco Elver cross-syscall address exposures. 12098cb37a59SMarco Elver 12108cb37a59SMarco Elver The feature is controlled via the "randomize_kstack_offset=on/off" 12118cb37a59SMarco Elver kernel boot param, and if turned off has zero overhead due to its use 12128cb37a59SMarco Elver of static branches (see JUMP_LABEL). 12138cb37a59SMarco Elver 12148cb37a59SMarco Elver If unsure, say Y. 12158cb37a59SMarco Elver 12168cb37a59SMarco Elverconfig RANDOMIZE_KSTACK_OFFSET_DEFAULT 12178cb37a59SMarco Elver bool "Default state of kernel stack offset randomization" 12188cb37a59SMarco Elver depends on RANDOMIZE_KSTACK_OFFSET 12198cb37a59SMarco Elver help 12208cb37a59SMarco Elver Kernel stack offset randomization is controlled by kernel boot param 12218cb37a59SMarco Elver "randomize_kstack_offset=on/off", and this config chooses the default 12228cb37a59SMarco Elver boot state. 122339218ff4SKees Cook 1224ad21fc4fSLaura Abbottconfig ARCH_OPTIONAL_KERNEL_RWX 1225ad21fc4fSLaura Abbott def_bool n 1226ad21fc4fSLaura Abbott 1227ad21fc4fSLaura Abbottconfig ARCH_OPTIONAL_KERNEL_RWX_DEFAULT 1228ad21fc4fSLaura Abbott def_bool n 1229ad21fc4fSLaura Abbott 1230ad21fc4fSLaura Abbottconfig ARCH_HAS_STRICT_KERNEL_RWX 1231ad21fc4fSLaura Abbott def_bool n 1232ad21fc4fSLaura Abbott 12330f5bf6d0SLaura Abbottconfig STRICT_KERNEL_RWX 1234ad21fc4fSLaura Abbott bool "Make kernel text and rodata read-only" if ARCH_OPTIONAL_KERNEL_RWX 1235ad21fc4fSLaura Abbott depends on ARCH_HAS_STRICT_KERNEL_RWX 1236ad21fc4fSLaura Abbott default !ARCH_OPTIONAL_KERNEL_RWX || ARCH_OPTIONAL_KERNEL_RWX_DEFAULT 1237ad21fc4fSLaura Abbott help 1238ad21fc4fSLaura Abbott If this is set, kernel text and rodata memory will be made read-only, 1239ad21fc4fSLaura Abbott and non-text memory will be made non-executable. This provides 1240ad21fc4fSLaura Abbott protection against certain security exploits (e.g. executing the heap 1241ad21fc4fSLaura Abbott or modifying text) 1242ad21fc4fSLaura Abbott 1243ad21fc4fSLaura Abbott These features are considered standard security practice these days. 1244ad21fc4fSLaura Abbott You should say Y here in almost all cases. 1245ad21fc4fSLaura Abbott 1246ad21fc4fSLaura Abbottconfig ARCH_HAS_STRICT_MODULE_RWX 1247ad21fc4fSLaura Abbott def_bool n 1248ad21fc4fSLaura Abbott 12490f5bf6d0SLaura Abbottconfig STRICT_MODULE_RWX 1250ad21fc4fSLaura Abbott bool "Set loadable kernel module data as NX and text as RO" if ARCH_OPTIONAL_KERNEL_RWX 1251ad21fc4fSLaura Abbott depends on ARCH_HAS_STRICT_MODULE_RWX && MODULES 1252ad21fc4fSLaura Abbott default !ARCH_OPTIONAL_KERNEL_RWX || ARCH_OPTIONAL_KERNEL_RWX_DEFAULT 1253ad21fc4fSLaura Abbott help 1254ad21fc4fSLaura Abbott If this is set, module text and rodata memory will be made read-only, 1255ad21fc4fSLaura Abbott and non-text memory will be made non-executable. This provides 1256ad21fc4fSLaura Abbott protection against certain security exploits (e.g. writing to text) 1257ad21fc4fSLaura Abbott 1258ea8c64acSChristoph Hellwig# select if the architecture provides an asm/dma-direct.h header 1259ea8c64acSChristoph Hellwigconfig ARCH_HAS_PHYS_TO_DMA 1260ea8c64acSChristoph Hellwig bool 1261ea8c64acSChristoph Hellwig 126204f264d3SPaul Burtonconfig HAVE_ARCH_COMPILER_H 126304f264d3SPaul Burton bool 126404f264d3SPaul Burton help 126504f264d3SPaul Burton An architecture can select this if it provides an 126604f264d3SPaul Burton asm/compiler.h header that should be included after 126704f264d3SPaul Burton linux/compiler-*.h in order to override macro definitions that those 126804f264d3SPaul Burton headers generally provide. 126904f264d3SPaul Burton 1270271ca788SArd Biesheuvelconfig HAVE_ARCH_PREL32_RELOCATIONS 1271271ca788SArd Biesheuvel bool 1272271ca788SArd Biesheuvel help 1273271ca788SArd Biesheuvel May be selected by an architecture if it supports place-relative 1274271ca788SArd Biesheuvel 32-bit relocations, both in the toolchain and in the module loader, 1275271ca788SArd Biesheuvel in which case relative references can be used in special sections 1276271ca788SArd Biesheuvel for PCI fixup, initcalls etc which are only half the size on 64 bit 1277271ca788SArd Biesheuvel architectures, and don't require runtime relocation on relocatable 1278271ca788SArd Biesheuvel kernels. 1279271ca788SArd Biesheuvel 1280ce9084baSArd Biesheuvelconfig ARCH_USE_MEMREMAP_PROT 1281ce9084baSArd Biesheuvel bool 1282ce9084baSArd Biesheuvel 1283fb346fd9SWaiman Longconfig LOCK_EVENT_COUNTS 1284fb346fd9SWaiman Long bool "Locking event counts collection" 1285fb346fd9SWaiman Long depends on DEBUG_FS 1286a7f7f624SMasahiro Yamada help 1287fb346fd9SWaiman Long Enable light-weight counting of various locking related events 1288fb346fd9SWaiman Long in the system with minimal performance impact. This reduces 1289fb346fd9SWaiman Long the chance of application behavior change because of timing 1290fb346fd9SWaiman Long differences. The counts are reported via debugfs. 1291fb346fd9SWaiman Long 12925cf896fbSPeter Collingbourne# Select if the architecture has support for applying RELR relocations. 12935cf896fbSPeter Collingbourneconfig ARCH_HAS_RELR 12945cf896fbSPeter Collingbourne bool 12955cf896fbSPeter Collingbourne 12965cf896fbSPeter Collingbourneconfig RELR 12975cf896fbSPeter Collingbourne bool "Use RELR relocation packing" 12985cf896fbSPeter Collingbourne depends on ARCH_HAS_RELR && TOOLS_SUPPORT_RELR 12995cf896fbSPeter Collingbourne default y 13005cf896fbSPeter Collingbourne help 13015cf896fbSPeter Collingbourne Store the kernel's dynamic relocations in the RELR relocation packing 13025cf896fbSPeter Collingbourne format. Requires a compatible linker (LLD supports this feature), as 13035cf896fbSPeter Collingbourne well as compatible NM and OBJCOPY utilities (llvm-nm and llvm-objcopy 13045cf896fbSPeter Collingbourne are compatible). 13055cf896fbSPeter Collingbourne 13060c9c1d56SThiago Jung Bauermannconfig ARCH_HAS_MEM_ENCRYPT 13070c9c1d56SThiago Jung Bauermann bool 13080c9c1d56SThiago Jung Bauermann 130946b49b12STom Lendackyconfig ARCH_HAS_CC_PLATFORM 131046b49b12STom Lendacky bool 131146b49b12STom Lendacky 13120e242208SHassan Naveedconfig HAVE_SPARSE_SYSCALL_NR 13130e242208SHassan Naveed bool 13140e242208SHassan Naveed help 13150e242208SHassan Naveed An architecture should select this if its syscall numbering is sparse 13160e242208SHassan Naveed to save space. For example, MIPS architecture has a syscall array with 13170e242208SHassan Naveed entries at 4000, 5000 and 6000 locations. This option turns on syscall 13180e242208SHassan Naveed related optimizations for a given architecture. 13190e242208SHassan Naveed 1320d60d7de3SSven Schnelleconfig ARCH_HAS_VDSO_DATA 1321d60d7de3SSven Schnelle bool 1322d60d7de3SSven Schnelle 1323115284d8SJosh Poimboeufconfig HAVE_STATIC_CALL 1324115284d8SJosh Poimboeuf bool 1325115284d8SJosh Poimboeuf 13269183c3f9SJosh Poimboeufconfig HAVE_STATIC_CALL_INLINE 13279183c3f9SJosh Poimboeuf bool 13289183c3f9SJosh Poimboeuf depends on HAVE_STATIC_CALL 132903f16cd0SJosh Poimboeuf select OBJTOOL 13309183c3f9SJosh Poimboeuf 13316ef869e0SMichal Hockoconfig HAVE_PREEMPT_DYNAMIC 13326ef869e0SMichal Hocko bool 133399cf983cSMark Rutland 133499cf983cSMark Rutlandconfig HAVE_PREEMPT_DYNAMIC_CALL 133599cf983cSMark Rutland bool 13366ef869e0SMichal Hocko depends on HAVE_STATIC_CALL 133799cf983cSMark Rutland select HAVE_PREEMPT_DYNAMIC 13386ef869e0SMichal Hocko help 133999cf983cSMark Rutland An architecture should select this if it can handle the preemption 134099cf983cSMark Rutland model being selected at boot time using static calls. 134199cf983cSMark Rutland 134299cf983cSMark Rutland Where an architecture selects HAVE_STATIC_CALL_INLINE, any call to a 134399cf983cSMark Rutland preemption function will be patched directly. 134499cf983cSMark Rutland 134599cf983cSMark Rutland Where an architecture does not select HAVE_STATIC_CALL_INLINE, any 134699cf983cSMark Rutland call to a preemption function will go through a trampoline, and the 134799cf983cSMark Rutland trampoline will be patched. 134899cf983cSMark Rutland 134999cf983cSMark Rutland It is strongly advised to support inline static call to avoid any 135099cf983cSMark Rutland overhead. 135199cf983cSMark Rutland 135299cf983cSMark Rutlandconfig HAVE_PREEMPT_DYNAMIC_KEY 135399cf983cSMark Rutland bool 135499cf983cSMark Rutland depends on HAVE_ARCH_JUMP_LABEL && CC_HAS_ASM_GOTO 135599cf983cSMark Rutland select HAVE_PREEMPT_DYNAMIC 135699cf983cSMark Rutland help 135799cf983cSMark Rutland An architecture should select this if it can handle the preemption 135899cf983cSMark Rutland model being selected at boot time using static keys. 135999cf983cSMark Rutland 136099cf983cSMark Rutland Each preemption function will be given an early return based on a 136199cf983cSMark Rutland static key. This should have slightly lower overhead than non-inline 136299cf983cSMark Rutland static calls, as this effectively inlines each trampoline into the 136399cf983cSMark Rutland start of its callee. This may avoid redundant work, and may 136499cf983cSMark Rutland integrate better with CFI schemes. 136599cf983cSMark Rutland 136699cf983cSMark Rutland This will have greater overhead than using inline static calls as 136799cf983cSMark Rutland the call to the preemption function cannot be entirely elided. 13686ef869e0SMichal Hocko 136959612b24SNathan Chancellorconfig ARCH_WANT_LD_ORPHAN_WARN 137059612b24SNathan Chancellor bool 137159612b24SNathan Chancellor help 137259612b24SNathan Chancellor An arch should select this symbol once all linker sections are explicitly 137359612b24SNathan Chancellor included, size-asserted, or discarded in the linker scripts. This is 137459612b24SNathan Chancellor important because we never want expected sections to be placed heuristically 137559612b24SNathan Chancellor by the linker, since the locations of such sections can change between linker 137659612b24SNathan Chancellor versions. 137759612b24SNathan Chancellor 13784f5b0c17SMike Rapoportconfig HAVE_ARCH_PFN_VALID 13794f5b0c17SMike Rapoport bool 13804f5b0c17SMike Rapoport 13815d6ad668SMike Rapoportconfig ARCH_SUPPORTS_DEBUG_PAGEALLOC 13825d6ad668SMike Rapoport bool 13835d6ad668SMike Rapoport 1384df4e817bSPasha Tatashinconfig ARCH_SUPPORTS_PAGE_TABLE_CHECK 1385df4e817bSPasha Tatashin bool 1386df4e817bSPasha Tatashin 13872ca408d9SBrian Gerstconfig ARCH_SPLIT_ARG64 13882ca408d9SBrian Gerst bool 13892ca408d9SBrian Gerst help 13902ca408d9SBrian Gerst If a 32-bit architecture requires 64-bit arguments to be split into 13912ca408d9SBrian Gerst pairs of 32-bit arguments, select this option. 13922ca408d9SBrian Gerst 13937facdc42SAl Viroconfig ARCH_HAS_ELFCORE_COMPAT 13947facdc42SAl Viro bool 13957facdc42SAl Viro 139658e106e7SBalbir Singhconfig ARCH_HAS_PARANOID_L1D_FLUSH 139758e106e7SBalbir Singh bool 139858e106e7SBalbir Singh 13991bdda24cSThomas Gleixnerconfig DYNAMIC_SIGFRAME 14001bdda24cSThomas Gleixner bool 14011bdda24cSThomas Gleixner 140250468e43SJarkko Sakkinen# Select, if arch has a named attribute group bound to NUMA device nodes. 140350468e43SJarkko Sakkinenconfig HAVE_ARCH_NODE_DEV_GROUP 140450468e43SJarkko Sakkinen bool 140550468e43SJarkko Sakkinen 14062521f2c2SPeter Oberparleitersource "kernel/gcov/Kconfig" 140745332b1bSMasahiro Yamada 140845332b1bSMasahiro Yamadasource "scripts/gcc-plugins/Kconfig" 1409fa1b5d09SLinus Torvalds 141022471e13SRandy Dunlapendmenu 1411