1# SPDX-License-Identifier: GPL-2.0 2# 3# General architecture dependent options 4# 5 6# 7# Note: arch/$(SRCARCH)/Kconfig needs to be included first so that it can 8# override the default values in this file. 9# 10source "arch/$(SRCARCH)/Kconfig" 11 12menu "General architecture-dependent options" 13 14config CRASH_CORE 15 bool 16 17config KEXEC_CORE 18 select CRASH_CORE 19 bool 20 21config KEXEC_ELF 22 bool 23 24config HAVE_IMA_KEXEC 25 bool 26 27config ARCH_HAS_SUBPAGE_FAULTS 28 bool 29 help 30 Select if the architecture can check permissions at sub-page 31 granularity (e.g. arm64 MTE). The probe_user_*() functions 32 must be implemented. 33 34config HOTPLUG_SMT 35 bool 36 37# Selected by HOTPLUG_CORE_SYNC_DEAD or HOTPLUG_CORE_SYNC_FULL 38config HOTPLUG_CORE_SYNC 39 bool 40 41# Basic CPU dead synchronization selected by architecture 42config HOTPLUG_CORE_SYNC_DEAD 43 bool 44 select HOTPLUG_CORE_SYNC 45 46# Full CPU synchronization with alive state selected by architecture 47config HOTPLUG_CORE_SYNC_FULL 48 bool 49 select HOTPLUG_CORE_SYNC_DEAD if HOTPLUG_CPU 50 select HOTPLUG_CORE_SYNC 51 52config HOTPLUG_SPLIT_STARTUP 53 bool 54 select HOTPLUG_CORE_SYNC_FULL 55 56config GENERIC_ENTRY 57 bool 58 59config KPROBES 60 bool "Kprobes" 61 depends on MODULES 62 depends on HAVE_KPROBES 63 select KALLSYMS 64 select TASKS_RCU if PREEMPTION 65 help 66 Kprobes allows you to trap at almost any kernel address and 67 execute a callback function. register_kprobe() establishes 68 a probepoint and specifies the callback. Kprobes is useful 69 for kernel debugging, non-intrusive instrumentation and testing. 70 If in doubt, say "N". 71 72config JUMP_LABEL 73 bool "Optimize very unlikely/likely branches" 74 depends on HAVE_ARCH_JUMP_LABEL 75 select OBJTOOL if HAVE_JUMP_LABEL_HACK 76 help 77 This option enables a transparent branch optimization that 78 makes certain almost-always-true or almost-always-false branch 79 conditions even cheaper to execute within the kernel. 80 81 Certain performance-sensitive kernel code, such as trace points, 82 scheduler functionality, networking code and KVM have such 83 branches and include support for this optimization technique. 84 85 If it is detected that the compiler has support for "asm goto", 86 the kernel will compile such branches with just a nop 87 instruction. When the condition flag is toggled to true, the 88 nop will be converted to a jump instruction to execute the 89 conditional block of instructions. 90 91 This technique lowers overhead and stress on the branch prediction 92 of the processor and generally makes the kernel faster. The update 93 of the condition is slower, but those are always very rare. 94 95 ( On 32-bit x86, the necessary options added to the compiler 96 flags may increase the size of the kernel slightly. ) 97 98config STATIC_KEYS_SELFTEST 99 bool "Static key selftest" 100 depends on JUMP_LABEL 101 help 102 Boot time self-test of the branch patching code. 103 104config STATIC_CALL_SELFTEST 105 bool "Static call selftest" 106 depends on HAVE_STATIC_CALL 107 help 108 Boot time self-test of the call patching code. 109 110config OPTPROBES 111 def_bool y 112 depends on KPROBES && HAVE_OPTPROBES 113 select TASKS_RCU if PREEMPTION 114 115config KPROBES_ON_FTRACE 116 def_bool y 117 depends on KPROBES && HAVE_KPROBES_ON_FTRACE 118 depends on DYNAMIC_FTRACE_WITH_REGS 119 help 120 If function tracer is enabled and the arch supports full 121 passing of pt_regs to function tracing, then kprobes can 122 optimize on top of function tracing. 123 124config UPROBES 125 def_bool n 126 depends on ARCH_SUPPORTS_UPROBES 127 help 128 Uprobes is the user-space counterpart to kprobes: they 129 enable instrumentation applications (such as 'perf probe') 130 to establish unintrusive probes in user-space binaries and 131 libraries, by executing handler functions when the probes 132 are hit by user-space applications. 133 134 ( These probes come in the form of single-byte breakpoints, 135 managed by the kernel and kept transparent to the probed 136 application. ) 137 138config HAVE_64BIT_ALIGNED_ACCESS 139 def_bool 64BIT && !HAVE_EFFICIENT_UNALIGNED_ACCESS 140 help 141 Some architectures require 64 bit accesses to be 64 bit 142 aligned, which also requires structs containing 64 bit values 143 to be 64 bit aligned too. This includes some 32 bit 144 architectures which can do 64 bit accesses, as well as 64 bit 145 architectures without unaligned access. 146 147 This symbol should be selected by an architecture if 64 bit 148 accesses are required to be 64 bit aligned in this way even 149 though it is not a 64 bit architecture. 150 151 See Documentation/core-api/unaligned-memory-access.rst for 152 more information on the topic of unaligned memory accesses. 153 154config HAVE_EFFICIENT_UNALIGNED_ACCESS 155 bool 156 help 157 Some architectures are unable to perform unaligned accesses 158 without the use of get_unaligned/put_unaligned. Others are 159 unable to perform such accesses efficiently (e.g. trap on 160 unaligned access and require fixing it up in the exception 161 handler.) 162 163 This symbol should be selected by an architecture if it can 164 perform unaligned accesses efficiently to allow different 165 code paths to be selected for these cases. Some network 166 drivers, for example, could opt to not fix up alignment 167 problems with received packets if doing so would not help 168 much. 169 170 See Documentation/core-api/unaligned-memory-access.rst for more 171 information on the topic of unaligned memory accesses. 172 173config ARCH_USE_BUILTIN_BSWAP 174 bool 175 help 176 Modern versions of GCC (since 4.4) have builtin functions 177 for handling byte-swapping. Using these, instead of the old 178 inline assembler that the architecture code provides in the 179 __arch_bswapXX() macros, allows the compiler to see what's 180 happening and offers more opportunity for optimisation. In 181 particular, the compiler will be able to combine the byteswap 182 with a nearby load or store and use load-and-swap or 183 store-and-swap instructions if the architecture has them. It 184 should almost *never* result in code which is worse than the 185 hand-coded assembler in <asm/swab.h>. But just in case it 186 does, the use of the builtins is optional. 187 188 Any architecture with load-and-swap or store-and-swap 189 instructions should set this. And it shouldn't hurt to set it 190 on architectures that don't have such instructions. 191 192config KRETPROBES 193 def_bool y 194 depends on KPROBES && (HAVE_KRETPROBES || HAVE_RETHOOK) 195 196config KRETPROBE_ON_RETHOOK 197 def_bool y 198 depends on HAVE_RETHOOK 199 depends on KRETPROBES 200 select RETHOOK 201 202config USER_RETURN_NOTIFIER 203 bool 204 depends on HAVE_USER_RETURN_NOTIFIER 205 help 206 Provide a kernel-internal notification when a cpu is about to 207 switch to user mode. 208 209config HAVE_IOREMAP_PROT 210 bool 211 212config HAVE_KPROBES 213 bool 214 215config HAVE_KRETPROBES 216 bool 217 218config HAVE_OPTPROBES 219 bool 220 221config HAVE_KPROBES_ON_FTRACE 222 bool 223 224config ARCH_CORRECT_STACKTRACE_ON_KRETPROBE 225 bool 226 help 227 Since kretprobes modifies return address on the stack, the 228 stacktrace may see the kretprobe trampoline address instead 229 of correct one. If the architecture stacktrace code and 230 unwinder can adjust such entries, select this configuration. 231 232config HAVE_FUNCTION_ERROR_INJECTION 233 bool 234 235config HAVE_NMI 236 bool 237 238config HAVE_FUNCTION_DESCRIPTORS 239 bool 240 241config TRACE_IRQFLAGS_SUPPORT 242 bool 243 244config TRACE_IRQFLAGS_NMI_SUPPORT 245 bool 246 247# 248# An arch should select this if it provides all these things: 249# 250# task_pt_regs() in asm/processor.h or asm/ptrace.h 251# arch_has_single_step() if there is hardware single-step support 252# arch_has_block_step() if there is hardware block-step support 253# asm/syscall.h supplying asm-generic/syscall.h interface 254# linux/regset.h user_regset interfaces 255# CORE_DUMP_USE_REGSET #define'd in linux/elf.h 256# TIF_SYSCALL_TRACE calls ptrace_report_syscall_{entry,exit} 257# TIF_NOTIFY_RESUME calls resume_user_mode_work() 258# 259config HAVE_ARCH_TRACEHOOK 260 bool 261 262config HAVE_DMA_CONTIGUOUS 263 bool 264 265config GENERIC_SMP_IDLE_THREAD 266 bool 267 268config GENERIC_IDLE_POLL_SETUP 269 bool 270 271config ARCH_HAS_FORTIFY_SOURCE 272 bool 273 help 274 An architecture should select this when it can successfully 275 build and run with CONFIG_FORTIFY_SOURCE. 276 277# 278# Select if the arch provides a historic keepinit alias for the retain_initrd 279# command line option 280# 281config ARCH_HAS_KEEPINITRD 282 bool 283 284# Select if arch has all set_memory_ro/rw/x/nx() functions in asm/cacheflush.h 285config ARCH_HAS_SET_MEMORY 286 bool 287 288# Select if arch has all set_direct_map_invalid/default() functions 289config ARCH_HAS_SET_DIRECT_MAP 290 bool 291 292# 293# Select if the architecture provides the arch_dma_set_uncached symbol to 294# either provide an uncached segment alias for a DMA allocation, or 295# to remap the page tables in place. 296# 297config ARCH_HAS_DMA_SET_UNCACHED 298 bool 299 300# 301# Select if the architectures provides the arch_dma_clear_uncached symbol 302# to undo an in-place page table remap for uncached access. 303# 304config ARCH_HAS_DMA_CLEAR_UNCACHED 305 bool 306 307# Select if arch init_task must go in the __init_task_data section 308config ARCH_TASK_STRUCT_ON_STACK 309 bool 310 311# Select if arch has its private alloc_task_struct() function 312config ARCH_TASK_STRUCT_ALLOCATOR 313 bool 314 315config HAVE_ARCH_THREAD_STRUCT_WHITELIST 316 bool 317 depends on !ARCH_TASK_STRUCT_ALLOCATOR 318 help 319 An architecture should select this to provide hardened usercopy 320 knowledge about what region of the thread_struct should be 321 whitelisted for copying to userspace. Normally this is only the 322 FPU registers. Specifically, arch_thread_struct_whitelist() 323 should be implemented. Without this, the entire thread_struct 324 field in task_struct will be left whitelisted. 325 326# Select if arch has its private alloc_thread_stack() function 327config ARCH_THREAD_STACK_ALLOCATOR 328 bool 329 330# Select if arch wants to size task_struct dynamically via arch_task_struct_size: 331config ARCH_WANTS_DYNAMIC_TASK_STRUCT 332 bool 333 334config ARCH_WANTS_NO_INSTR 335 bool 336 help 337 An architecture should select this if the noinstr macro is being used on 338 functions to denote that the toolchain should avoid instrumenting such 339 functions and is required for correctness. 340 341config ARCH_32BIT_OFF_T 342 bool 343 depends on !64BIT 344 help 345 All new 32-bit architectures should have 64-bit off_t type on 346 userspace side which corresponds to the loff_t kernel type. This 347 is the requirement for modern ABIs. Some existing architectures 348 still support 32-bit off_t. This option is enabled for all such 349 architectures explicitly. 350 351# Selected by 64 bit architectures which have a 32 bit f_tinode in struct ustat 352config ARCH_32BIT_USTAT_F_TINODE 353 bool 354 355config HAVE_ASM_MODVERSIONS 356 bool 357 help 358 This symbol should be selected by an architecture if it provides 359 <asm/asm-prototypes.h> to support the module versioning for symbols 360 exported from assembly code. 361 362config HAVE_REGS_AND_STACK_ACCESS_API 363 bool 364 help 365 This symbol should be selected by an architecture if it supports 366 the API needed to access registers and stack entries from pt_regs, 367 declared in asm/ptrace.h 368 For example the kprobes-based event tracer needs this API. 369 370config HAVE_RSEQ 371 bool 372 depends on HAVE_REGS_AND_STACK_ACCESS_API 373 help 374 This symbol should be selected by an architecture if it 375 supports an implementation of restartable sequences. 376 377config HAVE_RUST 378 bool 379 help 380 This symbol should be selected by an architecture if it 381 supports Rust. 382 383config HAVE_FUNCTION_ARG_ACCESS_API 384 bool 385 help 386 This symbol should be selected by an architecture if it supports 387 the API needed to access function arguments from pt_regs, 388 declared in asm/ptrace.h 389 390config HAVE_HW_BREAKPOINT 391 bool 392 depends on PERF_EVENTS 393 394config HAVE_MIXED_BREAKPOINTS_REGS 395 bool 396 depends on HAVE_HW_BREAKPOINT 397 help 398 Depending on the arch implementation of hardware breakpoints, 399 some of them have separate registers for data and instruction 400 breakpoints addresses, others have mixed registers to store 401 them but define the access type in a control register. 402 Select this option if your arch implements breakpoints under the 403 latter fashion. 404 405config HAVE_USER_RETURN_NOTIFIER 406 bool 407 408config HAVE_PERF_EVENTS_NMI 409 bool 410 help 411 System hardware can generate an NMI using the perf event 412 subsystem. Also has support for calculating CPU cycle events 413 to determine how many clock cycles in a given period. 414 415config HAVE_HARDLOCKUP_DETECTOR_PERF 416 bool 417 depends on HAVE_PERF_EVENTS_NMI 418 help 419 The arch chooses to use the generic perf-NMI-based hardlockup 420 detector. Must define HAVE_PERF_EVENTS_NMI. 421 422config HAVE_NMI_WATCHDOG 423 depends on HAVE_NMI 424 bool 425 help 426 The arch provides a low level NMI watchdog. It provides 427 asm/nmi.h, and defines its own arch_touch_nmi_watchdog(). 428 429config HAVE_HARDLOCKUP_DETECTOR_ARCH 430 bool 431 select HAVE_NMI_WATCHDOG 432 help 433 The arch chooses to provide its own hardlockup detector, which is 434 a superset of the HAVE_NMI_WATCHDOG. It also conforms to config 435 interfaces and parameters provided by hardlockup detector subsystem. 436 437config HAVE_PERF_REGS 438 bool 439 help 440 Support selective register dumps for perf events. This includes 441 bit-mapping of each registers and a unique architecture id. 442 443config HAVE_PERF_USER_STACK_DUMP 444 bool 445 help 446 Support user stack dumps for perf event samples. This needs 447 access to the user stack pointer which is not unified across 448 architectures. 449 450config HAVE_ARCH_JUMP_LABEL 451 bool 452 453config HAVE_ARCH_JUMP_LABEL_RELATIVE 454 bool 455 456config MMU_GATHER_TABLE_FREE 457 bool 458 459config MMU_GATHER_RCU_TABLE_FREE 460 bool 461 select MMU_GATHER_TABLE_FREE 462 463config MMU_GATHER_PAGE_SIZE 464 bool 465 466config MMU_GATHER_NO_RANGE 467 bool 468 select MMU_GATHER_MERGE_VMAS 469 470config MMU_GATHER_NO_FLUSH_CACHE 471 bool 472 473config MMU_GATHER_MERGE_VMAS 474 bool 475 476config MMU_GATHER_NO_GATHER 477 bool 478 depends on MMU_GATHER_TABLE_FREE 479 480config ARCH_WANT_IRQS_OFF_ACTIVATE_MM 481 bool 482 help 483 Temporary select until all architectures can be converted to have 484 irqs disabled over activate_mm. Architectures that do IPI based TLB 485 shootdowns should enable this. 486 487# Use normal mm refcounting for MMU_LAZY_TLB kernel thread references. 488# MMU_LAZY_TLB_REFCOUNT=n can improve the scalability of context switching 489# to/from kernel threads when the same mm is running on a lot of CPUs (a large 490# multi-threaded application), by reducing contention on the mm refcount. 491# 492# This can be disabled if the architecture ensures no CPUs are using an mm as a 493# "lazy tlb" beyond its final refcount (i.e., by the time __mmdrop frees the mm 494# or its kernel page tables). This could be arranged by arch_exit_mmap(), or 495# final exit(2) TLB flush, for example. 496# 497# To implement this, an arch *must*: 498# Ensure the _lazy_tlb variants of mmgrab/mmdrop are used when manipulating 499# the lazy tlb reference of a kthread's ->active_mm (non-arch code has been 500# converted already). 501config MMU_LAZY_TLB_REFCOUNT 502 def_bool y 503 depends on !MMU_LAZY_TLB_SHOOTDOWN 504 505# This option allows MMU_LAZY_TLB_REFCOUNT=n. It ensures no CPUs are using an 506# mm as a lazy tlb beyond its last reference count, by shooting down these 507# users before the mm is deallocated. __mmdrop() first IPIs all CPUs that may 508# be using the mm as a lazy tlb, so that they may switch themselves to using 509# init_mm for their active mm. mm_cpumask(mm) is used to determine which CPUs 510# may be using mm as a lazy tlb mm. 511# 512# To implement this, an arch *must*: 513# - At the time of the final mmdrop of the mm, ensure mm_cpumask(mm) contains 514# at least all possible CPUs in which the mm is lazy. 515# - It must meet the requirements for MMU_LAZY_TLB_REFCOUNT=n (see above). 516config MMU_LAZY_TLB_SHOOTDOWN 517 bool 518 519config ARCH_HAVE_NMI_SAFE_CMPXCHG 520 bool 521 522config ARCH_HAS_NMI_SAFE_THIS_CPU_OPS 523 bool 524 525config HAVE_ALIGNED_STRUCT_PAGE 526 bool 527 help 528 This makes sure that struct pages are double word aligned and that 529 e.g. the SLUB allocator can perform double word atomic operations 530 on a struct page for better performance. However selecting this 531 might increase the size of a struct page by a word. 532 533config HAVE_CMPXCHG_LOCAL 534 bool 535 536config HAVE_CMPXCHG_DOUBLE 537 bool 538 539config ARCH_WEAK_RELEASE_ACQUIRE 540 bool 541 542config ARCH_WANT_IPC_PARSE_VERSION 543 bool 544 545config ARCH_WANT_COMPAT_IPC_PARSE_VERSION 546 bool 547 548config ARCH_WANT_OLD_COMPAT_IPC 549 select ARCH_WANT_COMPAT_IPC_PARSE_VERSION 550 bool 551 552config HAVE_ARCH_SECCOMP 553 bool 554 help 555 An arch should select this symbol to support seccomp mode 1 (the fixed 556 syscall policy), and must provide an overrides for __NR_seccomp_sigreturn, 557 and compat syscalls if the asm-generic/seccomp.h defaults need adjustment: 558 - __NR_seccomp_read_32 559 - __NR_seccomp_write_32 560 - __NR_seccomp_exit_32 561 - __NR_seccomp_sigreturn_32 562 563config HAVE_ARCH_SECCOMP_FILTER 564 bool 565 select HAVE_ARCH_SECCOMP 566 help 567 An arch should select this symbol if it provides all of these things: 568 - all the requirements for HAVE_ARCH_SECCOMP 569 - syscall_get_arch() 570 - syscall_get_arguments() 571 - syscall_rollback() 572 - syscall_set_return_value() 573 - SIGSYS siginfo_t support 574 - secure_computing is called from a ptrace_event()-safe context 575 - secure_computing return value is checked and a return value of -1 576 results in the system call being skipped immediately. 577 - seccomp syscall wired up 578 - if !HAVE_SPARSE_SYSCALL_NR, have SECCOMP_ARCH_NATIVE, 579 SECCOMP_ARCH_NATIVE_NR, SECCOMP_ARCH_NATIVE_NAME defined. If 580 COMPAT is supported, have the SECCOMP_ARCH_COMPAT* defines too. 581 582config SECCOMP 583 prompt "Enable seccomp to safely execute untrusted bytecode" 584 def_bool y 585 depends on HAVE_ARCH_SECCOMP 586 help 587 This kernel feature is useful for number crunching applications 588 that may need to handle untrusted bytecode during their 589 execution. By using pipes or other transports made available 590 to the process as file descriptors supporting the read/write 591 syscalls, it's possible to isolate those applications in their 592 own address space using seccomp. Once seccomp is enabled via 593 prctl(PR_SET_SECCOMP) or the seccomp() syscall, it cannot be 594 disabled and the task is only allowed to execute a few safe 595 syscalls defined by each seccomp mode. 596 597 If unsure, say Y. 598 599config SECCOMP_FILTER 600 def_bool y 601 depends on HAVE_ARCH_SECCOMP_FILTER && SECCOMP && NET 602 help 603 Enable tasks to build secure computing environments defined 604 in terms of Berkeley Packet Filter programs which implement 605 task-defined system call filtering polices. 606 607 See Documentation/userspace-api/seccomp_filter.rst for details. 608 609config SECCOMP_CACHE_DEBUG 610 bool "Show seccomp filter cache status in /proc/pid/seccomp_cache" 611 depends on SECCOMP_FILTER && !HAVE_SPARSE_SYSCALL_NR 612 depends on PROC_FS 613 help 614 This enables the /proc/pid/seccomp_cache interface to monitor 615 seccomp cache data. The file format is subject to change. Reading 616 the file requires CAP_SYS_ADMIN. 617 618 This option is for debugging only. Enabling presents the risk that 619 an adversary may be able to infer the seccomp filter logic. 620 621 If unsure, say N. 622 623config HAVE_ARCH_STACKLEAK 624 bool 625 help 626 An architecture should select this if it has the code which 627 fills the used part of the kernel stack with the STACKLEAK_POISON 628 value before returning from system calls. 629 630config HAVE_STACKPROTECTOR 631 bool 632 help 633 An arch should select this symbol if: 634 - it has implemented a stack canary (e.g. __stack_chk_guard) 635 636config STACKPROTECTOR 637 bool "Stack Protector buffer overflow detection" 638 depends on HAVE_STACKPROTECTOR 639 depends on $(cc-option,-fstack-protector) 640 default y 641 help 642 This option turns on the "stack-protector" GCC feature. This 643 feature puts, at the beginning of functions, a canary value on 644 the stack just before the return address, and validates 645 the value just before actually returning. Stack based buffer 646 overflows (that need to overwrite this return address) now also 647 overwrite the canary, which gets detected and the attack is then 648 neutralized via a kernel panic. 649 650 Functions will have the stack-protector canary logic added if they 651 have an 8-byte or larger character array on the stack. 652 653 This feature requires gcc version 4.2 or above, or a distribution 654 gcc with the feature backported ("-fstack-protector"). 655 656 On an x86 "defconfig" build, this feature adds canary checks to 657 about 3% of all kernel functions, which increases kernel code size 658 by about 0.3%. 659 660config STACKPROTECTOR_STRONG 661 bool "Strong Stack Protector" 662 depends on STACKPROTECTOR 663 depends on $(cc-option,-fstack-protector-strong) 664 default y 665 help 666 Functions will have the stack-protector canary logic added in any 667 of the following conditions: 668 669 - local variable's address used as part of the right hand side of an 670 assignment or function argument 671 - local variable is an array (or union containing an array), 672 regardless of array type or length 673 - uses register local variables 674 675 This feature requires gcc version 4.9 or above, or a distribution 676 gcc with the feature backported ("-fstack-protector-strong"). 677 678 On an x86 "defconfig" build, this feature adds canary checks to 679 about 20% of all kernel functions, which increases the kernel code 680 size by about 2%. 681 682config ARCH_SUPPORTS_SHADOW_CALL_STACK 683 bool 684 help 685 An architecture should select this if it supports the compiler's 686 Shadow Call Stack and implements runtime support for shadow stack 687 switching. 688 689config SHADOW_CALL_STACK 690 bool "Shadow Call Stack" 691 depends on ARCH_SUPPORTS_SHADOW_CALL_STACK 692 depends on DYNAMIC_FTRACE_WITH_ARGS || DYNAMIC_FTRACE_WITH_REGS || !FUNCTION_GRAPH_TRACER 693 help 694 This option enables the compiler's Shadow Call Stack, which 695 uses a shadow stack to protect function return addresses from 696 being overwritten by an attacker. More information can be found 697 in the compiler's documentation: 698 699 - Clang: https://clang.llvm.org/docs/ShadowCallStack.html 700 - GCC: https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html#Instrumentation-Options 701 702 Note that security guarantees in the kernel differ from the 703 ones documented for user space. The kernel must store addresses 704 of shadow stacks in memory, which means an attacker capable of 705 reading and writing arbitrary memory may be able to locate them 706 and hijack control flow by modifying the stacks. 707 708config DYNAMIC_SCS 709 bool 710 help 711 Set by the arch code if it relies on code patching to insert the 712 shadow call stack push and pop instructions rather than on the 713 compiler. 714 715config LTO 716 bool 717 help 718 Selected if the kernel will be built using the compiler's LTO feature. 719 720config LTO_CLANG 721 bool 722 select LTO 723 help 724 Selected if the kernel will be built using Clang's LTO feature. 725 726config ARCH_SUPPORTS_LTO_CLANG 727 bool 728 help 729 An architecture should select this option if it supports: 730 - compiling with Clang, 731 - compiling inline assembly with Clang's integrated assembler, 732 - and linking with LLD. 733 734config ARCH_SUPPORTS_LTO_CLANG_THIN 735 bool 736 help 737 An architecture should select this option if it can support Clang's 738 ThinLTO mode. 739 740config HAS_LTO_CLANG 741 def_bool y 742 depends on CC_IS_CLANG && LD_IS_LLD && AS_IS_LLVM 743 depends on $(success,$(NM) --help | head -n 1 | grep -qi llvm) 744 depends on $(success,$(AR) --help | head -n 1 | grep -qi llvm) 745 depends on ARCH_SUPPORTS_LTO_CLANG 746 depends on !FTRACE_MCOUNT_USE_RECORDMCOUNT 747 depends on !KASAN || KASAN_HW_TAGS 748 depends on !GCOV_KERNEL 749 help 750 The compiler and Kconfig options support building with Clang's 751 LTO. 752 753choice 754 prompt "Link Time Optimization (LTO)" 755 default LTO_NONE 756 help 757 This option enables Link Time Optimization (LTO), which allows the 758 compiler to optimize binaries globally. 759 760 If unsure, select LTO_NONE. Note that LTO is very resource-intensive 761 so it's disabled by default. 762 763config LTO_NONE 764 bool "None" 765 help 766 Build the kernel normally, without Link Time Optimization (LTO). 767 768config LTO_CLANG_FULL 769 bool "Clang Full LTO (EXPERIMENTAL)" 770 depends on HAS_LTO_CLANG 771 depends on !COMPILE_TEST 772 select LTO_CLANG 773 help 774 This option enables Clang's full Link Time Optimization (LTO), which 775 allows the compiler to optimize the kernel globally. If you enable 776 this option, the compiler generates LLVM bitcode instead of ELF 777 object files, and the actual compilation from bitcode happens at 778 the LTO link step, which may take several minutes depending on the 779 kernel configuration. More information can be found from LLVM's 780 documentation: 781 782 https://llvm.org/docs/LinkTimeOptimization.html 783 784 During link time, this option can use a large amount of RAM, and 785 may take much longer than the ThinLTO option. 786 787config LTO_CLANG_THIN 788 bool "Clang ThinLTO (EXPERIMENTAL)" 789 depends on HAS_LTO_CLANG && ARCH_SUPPORTS_LTO_CLANG_THIN 790 select LTO_CLANG 791 help 792 This option enables Clang's ThinLTO, which allows for parallel 793 optimization and faster incremental compiles compared to the 794 CONFIG_LTO_CLANG_FULL option. More information can be found 795 from Clang's documentation: 796 797 https://clang.llvm.org/docs/ThinLTO.html 798 799 If unsure, say Y. 800endchoice 801 802config ARCH_SUPPORTS_CFI_CLANG 803 bool 804 help 805 An architecture should select this option if it can support Clang's 806 Control-Flow Integrity (CFI) checking. 807 808config ARCH_USES_CFI_TRAPS 809 bool 810 811config CFI_CLANG 812 bool "Use Clang's Control Flow Integrity (CFI)" 813 depends on ARCH_SUPPORTS_CFI_CLANG 814 depends on $(cc-option,-fsanitize=kcfi) 815 help 816 This option enables Clang’s forward-edge Control Flow Integrity 817 (CFI) checking, where the compiler injects a runtime check to each 818 indirect function call to ensure the target is a valid function with 819 the correct static type. This restricts possible call targets and 820 makes it more difficult for an attacker to exploit bugs that allow 821 the modification of stored function pointers. More information can be 822 found from Clang's documentation: 823 824 https://clang.llvm.org/docs/ControlFlowIntegrity.html 825 826config CFI_PERMISSIVE 827 bool "Use CFI in permissive mode" 828 depends on CFI_CLANG 829 help 830 When selected, Control Flow Integrity (CFI) violations result in a 831 warning instead of a kernel panic. This option should only be used 832 for finding indirect call type mismatches during development. 833 834 If unsure, say N. 835 836config HAVE_ARCH_WITHIN_STACK_FRAMES 837 bool 838 help 839 An architecture should select this if it can walk the kernel stack 840 frames to determine if an object is part of either the arguments 841 or local variables (i.e. that it excludes saved return addresses, 842 and similar) by implementing an inline arch_within_stack_frames(), 843 which is used by CONFIG_HARDENED_USERCOPY. 844 845config HAVE_CONTEXT_TRACKING_USER 846 bool 847 help 848 Provide kernel/user boundaries probes necessary for subsystems 849 that need it, such as userspace RCU extended quiescent state. 850 Syscalls need to be wrapped inside user_exit()-user_enter(), either 851 optimized behind static key or through the slow path using TIF_NOHZ 852 flag. Exceptions handlers must be wrapped as well. Irqs are already 853 protected inside ct_irq_enter/ct_irq_exit() but preemption or signal 854 handling on irq exit still need to be protected. 855 856config HAVE_CONTEXT_TRACKING_USER_OFFSTACK 857 bool 858 help 859 Architecture neither relies on exception_enter()/exception_exit() 860 nor on schedule_user(). Also preempt_schedule_notrace() and 861 preempt_schedule_irq() can't be called in a preemptible section 862 while context tracking is CONTEXT_USER. This feature reflects a sane 863 entry implementation where the following requirements are met on 864 critical entry code, ie: before user_exit() or after user_enter(): 865 866 - Critical entry code isn't preemptible (or better yet: 867 not interruptible). 868 - No use of RCU read side critical sections, unless ct_nmi_enter() 869 got called. 870 - No use of instrumentation, unless instrumentation_begin() got 871 called. 872 873config HAVE_TIF_NOHZ 874 bool 875 help 876 Arch relies on TIF_NOHZ and syscall slow path to implement context 877 tracking calls to user_enter()/user_exit(). 878 879config HAVE_VIRT_CPU_ACCOUNTING 880 bool 881 882config HAVE_VIRT_CPU_ACCOUNTING_IDLE 883 bool 884 help 885 Architecture has its own way to account idle CPU time and therefore 886 doesn't implement vtime_account_idle(). 887 888config ARCH_HAS_SCALED_CPUTIME 889 bool 890 891config HAVE_VIRT_CPU_ACCOUNTING_GEN 892 bool 893 default y if 64BIT 894 help 895 With VIRT_CPU_ACCOUNTING_GEN, cputime_t becomes 64-bit. 896 Before enabling this option, arch code must be audited 897 to ensure there are no races in concurrent read/write of 898 cputime_t. For example, reading/writing 64-bit cputime_t on 899 some 32-bit arches may require multiple accesses, so proper 900 locking is needed to protect against concurrent accesses. 901 902config HAVE_IRQ_TIME_ACCOUNTING 903 bool 904 help 905 Archs need to ensure they use a high enough resolution clock to 906 support irq time accounting and then call enable_sched_clock_irqtime(). 907 908config HAVE_MOVE_PUD 909 bool 910 help 911 Architectures that select this are able to move page tables at the 912 PUD level. If there are only 3 page table levels, the move effectively 913 happens at the PGD level. 914 915config HAVE_MOVE_PMD 916 bool 917 help 918 Archs that select this are able to move page tables at the PMD level. 919 920config HAVE_ARCH_TRANSPARENT_HUGEPAGE 921 bool 922 923config HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD 924 bool 925 926config HAVE_ARCH_HUGE_VMAP 927 bool 928 929# 930# Archs that select this would be capable of PMD-sized vmaps (i.e., 931# arch_vmap_pmd_supported() returns true). The VM_ALLOW_HUGE_VMAP flag 932# must be used to enable allocations to use hugepages. 933# 934config HAVE_ARCH_HUGE_VMALLOC 935 depends on HAVE_ARCH_HUGE_VMAP 936 bool 937 938config ARCH_WANT_HUGE_PMD_SHARE 939 bool 940 941config HAVE_ARCH_SOFT_DIRTY 942 bool 943 944config HAVE_MOD_ARCH_SPECIFIC 945 bool 946 help 947 The arch uses struct mod_arch_specific to store data. Many arches 948 just need a simple module loader without arch specific data - those 949 should not enable this. 950 951config MODULES_USE_ELF_RELA 952 bool 953 help 954 Modules only use ELF RELA relocations. Modules with ELF REL 955 relocations will give an error. 956 957config MODULES_USE_ELF_REL 958 bool 959 help 960 Modules only use ELF REL relocations. Modules with ELF RELA 961 relocations will give an error. 962 963config ARCH_WANTS_MODULES_DATA_IN_VMALLOC 964 bool 965 help 966 For architectures like powerpc/32 which have constraints on module 967 allocation and need to allocate module data outside of module area. 968 969config HAVE_IRQ_EXIT_ON_IRQ_STACK 970 bool 971 help 972 Architecture doesn't only execute the irq handler on the irq stack 973 but also irq_exit(). This way we can process softirqs on this irq 974 stack instead of switching to a new one when we call __do_softirq() 975 in the end of an hardirq. 976 This spares a stack switch and improves cache usage on softirq 977 processing. 978 979config HAVE_SOFTIRQ_ON_OWN_STACK 980 bool 981 help 982 Architecture provides a function to run __do_softirq() on a 983 separate stack. 984 985config SOFTIRQ_ON_OWN_STACK 986 def_bool HAVE_SOFTIRQ_ON_OWN_STACK && !PREEMPT_RT 987 988config ALTERNATE_USER_ADDRESS_SPACE 989 bool 990 help 991 Architectures set this when the CPU uses separate address 992 spaces for kernel and user space pointers. In this case, the 993 access_ok() check on a __user pointer is skipped. 994 995config PGTABLE_LEVELS 996 int 997 default 2 998 999config ARCH_HAS_ELF_RANDOMIZE 1000 bool 1001 help 1002 An architecture supports choosing randomized locations for 1003 stack, mmap, brk, and ET_DYN. Defined functions: 1004 - arch_mmap_rnd() 1005 - arch_randomize_brk() 1006 1007config HAVE_ARCH_MMAP_RND_BITS 1008 bool 1009 help 1010 An arch should select this symbol if it supports setting a variable 1011 number of bits for use in establishing the base address for mmap 1012 allocations, has MMU enabled and provides values for both: 1013 - ARCH_MMAP_RND_BITS_MIN 1014 - ARCH_MMAP_RND_BITS_MAX 1015 1016config HAVE_EXIT_THREAD 1017 bool 1018 help 1019 An architecture implements exit_thread. 1020 1021config ARCH_MMAP_RND_BITS_MIN 1022 int 1023 1024config ARCH_MMAP_RND_BITS_MAX 1025 int 1026 1027config ARCH_MMAP_RND_BITS_DEFAULT 1028 int 1029 1030config ARCH_MMAP_RND_BITS 1031 int "Number of bits to use for ASLR of mmap base address" if EXPERT 1032 range ARCH_MMAP_RND_BITS_MIN ARCH_MMAP_RND_BITS_MAX 1033 default ARCH_MMAP_RND_BITS_DEFAULT if ARCH_MMAP_RND_BITS_DEFAULT 1034 default ARCH_MMAP_RND_BITS_MIN 1035 depends on HAVE_ARCH_MMAP_RND_BITS 1036 help 1037 This value can be used to select the number of bits to use to 1038 determine the random offset to the base address of vma regions 1039 resulting from mmap allocations. This value will be bounded 1040 by the architecture's minimum and maximum supported values. 1041 1042 This value can be changed after boot using the 1043 /proc/sys/vm/mmap_rnd_bits tunable 1044 1045config HAVE_ARCH_MMAP_RND_COMPAT_BITS 1046 bool 1047 help 1048 An arch should select this symbol if it supports running applications 1049 in compatibility mode, supports setting a variable number of bits for 1050 use in establishing the base address for mmap allocations, has MMU 1051 enabled and provides values for both: 1052 - ARCH_MMAP_RND_COMPAT_BITS_MIN 1053 - ARCH_MMAP_RND_COMPAT_BITS_MAX 1054 1055config ARCH_MMAP_RND_COMPAT_BITS_MIN 1056 int 1057 1058config ARCH_MMAP_RND_COMPAT_BITS_MAX 1059 int 1060 1061config ARCH_MMAP_RND_COMPAT_BITS_DEFAULT 1062 int 1063 1064config ARCH_MMAP_RND_COMPAT_BITS 1065 int "Number of bits to use for ASLR of mmap base address for compatible applications" if EXPERT 1066 range ARCH_MMAP_RND_COMPAT_BITS_MIN ARCH_MMAP_RND_COMPAT_BITS_MAX 1067 default ARCH_MMAP_RND_COMPAT_BITS_DEFAULT if ARCH_MMAP_RND_COMPAT_BITS_DEFAULT 1068 default ARCH_MMAP_RND_COMPAT_BITS_MIN 1069 depends on HAVE_ARCH_MMAP_RND_COMPAT_BITS 1070 help 1071 This value can be used to select the number of bits to use to 1072 determine the random offset to the base address of vma regions 1073 resulting from mmap allocations for compatible applications This 1074 value will be bounded by the architecture's minimum and maximum 1075 supported values. 1076 1077 This value can be changed after boot using the 1078 /proc/sys/vm/mmap_rnd_compat_bits tunable 1079 1080config HAVE_ARCH_COMPAT_MMAP_BASES 1081 bool 1082 help 1083 This allows 64bit applications to invoke 32-bit mmap() syscall 1084 and vice-versa 32-bit applications to call 64-bit mmap(). 1085 Required for applications doing different bitness syscalls. 1086 1087config PAGE_SIZE_LESS_THAN_64KB 1088 def_bool y 1089 depends on !ARM64_64K_PAGES 1090 depends on !IA64_PAGE_SIZE_64KB 1091 depends on !PAGE_SIZE_64KB 1092 depends on !PARISC_PAGE_SIZE_64KB 1093 depends on PAGE_SIZE_LESS_THAN_256KB 1094 1095config PAGE_SIZE_LESS_THAN_256KB 1096 def_bool y 1097 depends on !PAGE_SIZE_256KB 1098 1099# This allows to use a set of generic functions to determine mmap base 1100# address by giving priority to top-down scheme only if the process 1101# is not in legacy mode (compat task, unlimited stack size or 1102# sysctl_legacy_va_layout). 1103# Architecture that selects this option can provide its own version of: 1104# - STACK_RND_MASK 1105config ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT 1106 bool 1107 depends on MMU 1108 select ARCH_HAS_ELF_RANDOMIZE 1109 1110config HAVE_OBJTOOL 1111 bool 1112 1113config HAVE_JUMP_LABEL_HACK 1114 bool 1115 1116config HAVE_NOINSTR_HACK 1117 bool 1118 1119config HAVE_NOINSTR_VALIDATION 1120 bool 1121 1122config HAVE_UACCESS_VALIDATION 1123 bool 1124 select OBJTOOL 1125 1126config HAVE_STACK_VALIDATION 1127 bool 1128 help 1129 Architecture supports objtool compile-time frame pointer rule 1130 validation. 1131 1132config HAVE_RELIABLE_STACKTRACE 1133 bool 1134 help 1135 Architecture has either save_stack_trace_tsk_reliable() or 1136 arch_stack_walk_reliable() function which only returns a stack trace 1137 if it can guarantee the trace is reliable. 1138 1139config HAVE_ARCH_HASH 1140 bool 1141 default n 1142 help 1143 If this is set, the architecture provides an <asm/hash.h> 1144 file which provides platform-specific implementations of some 1145 functions in <linux/hash.h> or fs/namei.c. 1146 1147config HAVE_ARCH_NVRAM_OPS 1148 bool 1149 1150config ISA_BUS_API 1151 def_bool ISA 1152 1153# 1154# ABI hall of shame 1155# 1156config CLONE_BACKWARDS 1157 bool 1158 help 1159 Architecture has tls passed as the 4th argument of clone(2), 1160 not the 5th one. 1161 1162config CLONE_BACKWARDS2 1163 bool 1164 help 1165 Architecture has the first two arguments of clone(2) swapped. 1166 1167config CLONE_BACKWARDS3 1168 bool 1169 help 1170 Architecture has tls passed as the 3rd argument of clone(2), 1171 not the 5th one. 1172 1173config ODD_RT_SIGACTION 1174 bool 1175 help 1176 Architecture has unusual rt_sigaction(2) arguments 1177 1178config OLD_SIGSUSPEND 1179 bool 1180 help 1181 Architecture has old sigsuspend(2) syscall, of one-argument variety 1182 1183config OLD_SIGSUSPEND3 1184 bool 1185 help 1186 Even weirder antique ABI - three-argument sigsuspend(2) 1187 1188config OLD_SIGACTION 1189 bool 1190 help 1191 Architecture has old sigaction(2) syscall. Nope, not the same 1192 as OLD_SIGSUSPEND | OLD_SIGSUSPEND3 - alpha has sigsuspend(2), 1193 but fairly different variant of sigaction(2), thanks to OSF/1 1194 compatibility... 1195 1196config COMPAT_OLD_SIGACTION 1197 bool 1198 1199config COMPAT_32BIT_TIME 1200 bool "Provide system calls for 32-bit time_t" 1201 default !64BIT || COMPAT 1202 help 1203 This enables 32 bit time_t support in addition to 64 bit time_t support. 1204 This is relevant on all 32-bit architectures, and 64-bit architectures 1205 as part of compat syscall handling. 1206 1207config ARCH_NO_PREEMPT 1208 bool 1209 1210config ARCH_EPHEMERAL_INODES 1211 def_bool n 1212 help 1213 An arch should select this symbol if it doesn't keep track of inode 1214 instances on its own, but instead relies on something else (e.g. the 1215 host kernel for an UML kernel). 1216 1217config ARCH_SUPPORTS_RT 1218 bool 1219 1220config CPU_NO_EFFICIENT_FFS 1221 def_bool n 1222 1223config HAVE_ARCH_VMAP_STACK 1224 def_bool n 1225 help 1226 An arch should select this symbol if it can support kernel stacks 1227 in vmalloc space. This means: 1228 1229 - vmalloc space must be large enough to hold many kernel stacks. 1230 This may rule out many 32-bit architectures. 1231 1232 - Stacks in vmalloc space need to work reliably. For example, if 1233 vmap page tables are created on demand, either this mechanism 1234 needs to work while the stack points to a virtual address with 1235 unpopulated page tables or arch code (switch_to() and switch_mm(), 1236 most likely) needs to ensure that the stack's page table entries 1237 are populated before running on a possibly unpopulated stack. 1238 1239 - If the stack overflows into a guard page, something reasonable 1240 should happen. The definition of "reasonable" is flexible, but 1241 instantly rebooting without logging anything would be unfriendly. 1242 1243config VMAP_STACK 1244 default y 1245 bool "Use a virtually-mapped stack" 1246 depends on HAVE_ARCH_VMAP_STACK 1247 depends on !KASAN || KASAN_HW_TAGS || KASAN_VMALLOC 1248 help 1249 Enable this if you want the use virtually-mapped kernel stacks 1250 with guard pages. This causes kernel stack overflows to be 1251 caught immediately rather than causing difficult-to-diagnose 1252 corruption. 1253 1254 To use this with software KASAN modes, the architecture must support 1255 backing virtual mappings with real shadow memory, and KASAN_VMALLOC 1256 must be enabled. 1257 1258config HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET 1259 def_bool n 1260 help 1261 An arch should select this symbol if it can support kernel stack 1262 offset randomization with calls to add_random_kstack_offset() 1263 during syscall entry and choose_random_kstack_offset() during 1264 syscall exit. Careful removal of -fstack-protector-strong and 1265 -fstack-protector should also be applied to the entry code and 1266 closely examined, as the artificial stack bump looks like an array 1267 to the compiler, so it will attempt to add canary checks regardless 1268 of the static branch state. 1269 1270config RANDOMIZE_KSTACK_OFFSET 1271 bool "Support for randomizing kernel stack offset on syscall entry" if EXPERT 1272 default y 1273 depends on HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET 1274 depends on INIT_STACK_NONE || !CC_IS_CLANG || CLANG_VERSION >= 140000 1275 help 1276 The kernel stack offset can be randomized (after pt_regs) by 1277 roughly 5 bits of entropy, frustrating memory corruption 1278 attacks that depend on stack address determinism or 1279 cross-syscall address exposures. 1280 1281 The feature is controlled via the "randomize_kstack_offset=on/off" 1282 kernel boot param, and if turned off has zero overhead due to its use 1283 of static branches (see JUMP_LABEL). 1284 1285 If unsure, say Y. 1286 1287config RANDOMIZE_KSTACK_OFFSET_DEFAULT 1288 bool "Default state of kernel stack offset randomization" 1289 depends on RANDOMIZE_KSTACK_OFFSET 1290 help 1291 Kernel stack offset randomization is controlled by kernel boot param 1292 "randomize_kstack_offset=on/off", and this config chooses the default 1293 boot state. 1294 1295config ARCH_OPTIONAL_KERNEL_RWX 1296 def_bool n 1297 1298config ARCH_OPTIONAL_KERNEL_RWX_DEFAULT 1299 def_bool n 1300 1301config ARCH_HAS_STRICT_KERNEL_RWX 1302 def_bool n 1303 1304config STRICT_KERNEL_RWX 1305 bool "Make kernel text and rodata read-only" if ARCH_OPTIONAL_KERNEL_RWX 1306 depends on ARCH_HAS_STRICT_KERNEL_RWX 1307 default !ARCH_OPTIONAL_KERNEL_RWX || ARCH_OPTIONAL_KERNEL_RWX_DEFAULT 1308 help 1309 If this is set, kernel text and rodata memory will be made read-only, 1310 and non-text memory will be made non-executable. This provides 1311 protection against certain security exploits (e.g. executing the heap 1312 or modifying text) 1313 1314 These features are considered standard security practice these days. 1315 You should say Y here in almost all cases. 1316 1317config ARCH_HAS_STRICT_MODULE_RWX 1318 def_bool n 1319 1320config STRICT_MODULE_RWX 1321 bool "Set loadable kernel module data as NX and text as RO" if ARCH_OPTIONAL_KERNEL_RWX 1322 depends on ARCH_HAS_STRICT_MODULE_RWX && MODULES 1323 default !ARCH_OPTIONAL_KERNEL_RWX || ARCH_OPTIONAL_KERNEL_RWX_DEFAULT 1324 help 1325 If this is set, module text and rodata memory will be made read-only, 1326 and non-text memory will be made non-executable. This provides 1327 protection against certain security exploits (e.g. writing to text) 1328 1329# select if the architecture provides an asm/dma-direct.h header 1330config ARCH_HAS_PHYS_TO_DMA 1331 bool 1332 1333config HAVE_ARCH_COMPILER_H 1334 bool 1335 help 1336 An architecture can select this if it provides an 1337 asm/compiler.h header that should be included after 1338 linux/compiler-*.h in order to override macro definitions that those 1339 headers generally provide. 1340 1341config HAVE_ARCH_PREL32_RELOCATIONS 1342 bool 1343 help 1344 May be selected by an architecture if it supports place-relative 1345 32-bit relocations, both in the toolchain and in the module loader, 1346 in which case relative references can be used in special sections 1347 for PCI fixup, initcalls etc which are only half the size on 64 bit 1348 architectures, and don't require runtime relocation on relocatable 1349 kernels. 1350 1351config ARCH_USE_MEMREMAP_PROT 1352 bool 1353 1354config LOCK_EVENT_COUNTS 1355 bool "Locking event counts collection" 1356 depends on DEBUG_FS 1357 help 1358 Enable light-weight counting of various locking related events 1359 in the system with minimal performance impact. This reduces 1360 the chance of application behavior change because of timing 1361 differences. The counts are reported via debugfs. 1362 1363# Select if the architecture has support for applying RELR relocations. 1364config ARCH_HAS_RELR 1365 bool 1366 1367config RELR 1368 bool "Use RELR relocation packing" 1369 depends on ARCH_HAS_RELR && TOOLS_SUPPORT_RELR 1370 default y 1371 help 1372 Store the kernel's dynamic relocations in the RELR relocation packing 1373 format. Requires a compatible linker (LLD supports this feature), as 1374 well as compatible NM and OBJCOPY utilities (llvm-nm and llvm-objcopy 1375 are compatible). 1376 1377config ARCH_HAS_MEM_ENCRYPT 1378 bool 1379 1380config ARCH_HAS_CC_PLATFORM 1381 bool 1382 1383config HAVE_SPARSE_SYSCALL_NR 1384 bool 1385 help 1386 An architecture should select this if its syscall numbering is sparse 1387 to save space. For example, MIPS architecture has a syscall array with 1388 entries at 4000, 5000 and 6000 locations. This option turns on syscall 1389 related optimizations for a given architecture. 1390 1391config ARCH_HAS_VDSO_DATA 1392 bool 1393 1394config HAVE_STATIC_CALL 1395 bool 1396 1397config HAVE_STATIC_CALL_INLINE 1398 bool 1399 depends on HAVE_STATIC_CALL 1400 select OBJTOOL 1401 1402config HAVE_PREEMPT_DYNAMIC 1403 bool 1404 1405config HAVE_PREEMPT_DYNAMIC_CALL 1406 bool 1407 depends on HAVE_STATIC_CALL 1408 select HAVE_PREEMPT_DYNAMIC 1409 help 1410 An architecture should select this if it can handle the preemption 1411 model being selected at boot time using static calls. 1412 1413 Where an architecture selects HAVE_STATIC_CALL_INLINE, any call to a 1414 preemption function will be patched directly. 1415 1416 Where an architecture does not select HAVE_STATIC_CALL_INLINE, any 1417 call to a preemption function will go through a trampoline, and the 1418 trampoline will be patched. 1419 1420 It is strongly advised to support inline static call to avoid any 1421 overhead. 1422 1423config HAVE_PREEMPT_DYNAMIC_KEY 1424 bool 1425 depends on HAVE_ARCH_JUMP_LABEL 1426 select HAVE_PREEMPT_DYNAMIC 1427 help 1428 An architecture should select this if it can handle the preemption 1429 model being selected at boot time using static keys. 1430 1431 Each preemption function will be given an early return based on a 1432 static key. This should have slightly lower overhead than non-inline 1433 static calls, as this effectively inlines each trampoline into the 1434 start of its callee. This may avoid redundant work, and may 1435 integrate better with CFI schemes. 1436 1437 This will have greater overhead than using inline static calls as 1438 the call to the preemption function cannot be entirely elided. 1439 1440config ARCH_WANT_LD_ORPHAN_WARN 1441 bool 1442 help 1443 An arch should select this symbol once all linker sections are explicitly 1444 included, size-asserted, or discarded in the linker scripts. This is 1445 important because we never want expected sections to be placed heuristically 1446 by the linker, since the locations of such sections can change between linker 1447 versions. 1448 1449config HAVE_ARCH_PFN_VALID 1450 bool 1451 1452config ARCH_SUPPORTS_DEBUG_PAGEALLOC 1453 bool 1454 1455config ARCH_SUPPORTS_PAGE_TABLE_CHECK 1456 bool 1457 1458config ARCH_SPLIT_ARG64 1459 bool 1460 help 1461 If a 32-bit architecture requires 64-bit arguments to be split into 1462 pairs of 32-bit arguments, select this option. 1463 1464config ARCH_HAS_ELFCORE_COMPAT 1465 bool 1466 1467config ARCH_HAS_PARANOID_L1D_FLUSH 1468 bool 1469 1470config ARCH_HAVE_TRACE_MMIO_ACCESS 1471 bool 1472 1473config DYNAMIC_SIGFRAME 1474 bool 1475 1476# Select, if arch has a named attribute group bound to NUMA device nodes. 1477config HAVE_ARCH_NODE_DEV_GROUP 1478 bool 1479 1480config ARCH_HAS_NONLEAF_PMD_YOUNG 1481 bool 1482 help 1483 Architectures that select this option are capable of setting the 1484 accessed bit in non-leaf PMD entries when using them as part of linear 1485 address translations. Page table walkers that clear the accessed bit 1486 may use this capability to reduce their search space. 1487 1488source "kernel/gcov/Kconfig" 1489 1490source "scripts/gcc-plugins/Kconfig" 1491 1492config FUNCTION_ALIGNMENT_4B 1493 bool 1494 1495config FUNCTION_ALIGNMENT_8B 1496 bool 1497 1498config FUNCTION_ALIGNMENT_16B 1499 bool 1500 1501config FUNCTION_ALIGNMENT_32B 1502 bool 1503 1504config FUNCTION_ALIGNMENT_64B 1505 bool 1506 1507config FUNCTION_ALIGNMENT 1508 int 1509 default 64 if FUNCTION_ALIGNMENT_64B 1510 default 32 if FUNCTION_ALIGNMENT_32B 1511 default 16 if FUNCTION_ALIGNMENT_16B 1512 default 8 if FUNCTION_ALIGNMENT_8B 1513 default 4 if FUNCTION_ALIGNMENT_4B 1514 default 0 1515 1516endmenu 1517