1menu "Kernel hacking" 2 3source "lib/Kconfig.debug" 4 5config ARM64_PTDUMP_CORE 6 def_bool n 7 8config ARM64_PTDUMP_DEBUGFS 9 bool "Export kernel pagetable layout to userspace via debugfs" 10 depends on DEBUG_KERNEL 11 select ARM64_PTDUMP_CORE 12 select DEBUG_FS 13 help 14 Say Y here if you want to show the kernel pagetable layout in a 15 debugfs file. This information is only useful for kernel developers 16 who are working in architecture specific areas of the kernel. 17 It is probably not a good idea to enable this feature in a production 18 kernel. 19 20 If in doubt, say N. 21 22config PID_IN_CONTEXTIDR 23 bool "Write the current PID to the CONTEXTIDR register" 24 help 25 Enabling this option causes the kernel to write the current PID to 26 the CONTEXTIDR register, at the expense of some additional 27 instructions during context switch. Say Y here only if you are 28 planning to use hardware trace tools with this kernel. 29 30config ARM64_RANDOMIZE_TEXT_OFFSET 31 bool "Randomize TEXT_OFFSET at build time" 32 help 33 Say Y here if you want the image load offset (AKA TEXT_OFFSET) 34 of the kernel to be randomized at build-time. When selected, 35 this option will cause TEXT_OFFSET to be randomized upon any 36 build of the kernel, and the offset will be reflected in the 37 text_offset field of the resulting Image. This can be used to 38 fuzz-test bootloaders which respect text_offset. 39 40 This option is intended for bootloader and/or kernel testing 41 only. Bootloaders must make no assumptions regarding the value 42 of TEXT_OFFSET and platforms must not require a specific 43 value. 44 45config DEBUG_WX 46 bool "Warn on W+X mappings at boot" 47 select ARM64_PTDUMP_CORE 48 ---help--- 49 Generate a warning if any W+X mappings are found at boot. 50 51 This is useful for discovering cases where the kernel is leaving 52 W+X mappings after applying NX, as such mappings are a security risk. 53 This check also includes UXN, which should be set on all kernel 54 mappings. 55 56 Look for a message in dmesg output like this: 57 58 arm64/mm: Checked W+X mappings: passed, no W+X pages found. 59 60 or like this, if the check failed: 61 62 arm64/mm: Checked W+X mappings: FAILED, <N> W+X pages found. 63 64 Note that even if the check fails, your kernel is possibly 65 still fine, as W+X mappings are not a security hole in 66 themselves, what they do is that they make the exploitation 67 of other unfixed kernel bugs easier. 68 69 There is no runtime or memory usage effect of this option 70 once the kernel has booted up - it's a one time check. 71 72 If in doubt, say "Y". 73 74config DEBUG_SET_MODULE_RONX 75 bool "Set loadable kernel module data as NX and text as RO" 76 depends on MODULES 77 default y 78 help 79 Is this is set, kernel module text and rodata will be made read-only. 80 This is to help catch accidental or malicious attempts to change the 81 kernel's executable code. 82 83 If in doubt, say Y. 84 85config DEBUG_ALIGN_RODATA 86 depends on DEBUG_RODATA 87 bool "Align linker sections up to SECTION_SIZE" 88 help 89 If this option is enabled, sections that may potentially be marked as 90 read only or non-executable will be aligned up to the section size of 91 the kernel. This prevents sections from being split into pages and 92 avoids a potential TLB penalty. The downside is an increase in 93 alignment and potentially wasted space. Turn on this option if 94 performance is more important than memory pressure. 95 96 If in doubt, say N. 97 98source "drivers/hwtracing/coresight/Kconfig" 99 100endmenu 101