1config ARM64 2 def_bool y 3 select ACPI_CCA_REQUIRED if ACPI 4 select ACPI_GENERIC_GSI if ACPI 5 select ACPI_GTDT if ACPI 6 select ACPI_IORT if ACPI 7 select ACPI_REDUCED_HARDWARE_ONLY if ACPI 8 select ACPI_MCFG if (ACPI && PCI) 9 select ACPI_SPCR_TABLE if ACPI 10 select ACPI_PPTT if ACPI 11 select ARCH_CLOCKSOURCE_DATA 12 select ARCH_HAS_DEBUG_VIRTUAL 13 select ARCH_HAS_DEVMEM_IS_ALLOWED 14 select ARCH_HAS_DMA_COHERENT_TO_PFN 15 select ARCH_HAS_DMA_MMAP_PGPROT 16 select ARCH_HAS_ACPI_TABLE_UPGRADE if ACPI 17 select ARCH_HAS_ELF_RANDOMIZE 18 select ARCH_HAS_FAST_MULTIPLIER 19 select ARCH_HAS_FORTIFY_SOURCE 20 select ARCH_HAS_GCOV_PROFILE_ALL 21 select ARCH_HAS_GIGANTIC_PAGE if (MEMORY_ISOLATION && COMPACTION) || CMA 22 select ARCH_HAS_KCOV 23 select ARCH_HAS_MEMBARRIER_SYNC_CORE 24 select ARCH_HAS_PTE_SPECIAL 25 select ARCH_HAS_SET_MEMORY 26 select ARCH_HAS_STRICT_KERNEL_RWX 27 select ARCH_HAS_STRICT_MODULE_RWX 28 select ARCH_HAS_SYNC_DMA_FOR_DEVICE 29 select ARCH_HAS_SYNC_DMA_FOR_CPU 30 select ARCH_HAS_SYSCALL_WRAPPER 31 select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST 32 select ARCH_HAVE_NMI_SAFE_CMPXCHG 33 select ARCH_INLINE_READ_LOCK if !PREEMPT 34 select ARCH_INLINE_READ_LOCK_BH if !PREEMPT 35 select ARCH_INLINE_READ_LOCK_IRQ if !PREEMPT 36 select ARCH_INLINE_READ_LOCK_IRQSAVE if !PREEMPT 37 select ARCH_INLINE_READ_UNLOCK if !PREEMPT 38 select ARCH_INLINE_READ_UNLOCK_BH if !PREEMPT 39 select ARCH_INLINE_READ_UNLOCK_IRQ if !PREEMPT 40 select ARCH_INLINE_READ_UNLOCK_IRQRESTORE if !PREEMPT 41 select ARCH_INLINE_WRITE_LOCK if !PREEMPT 42 select ARCH_INLINE_WRITE_LOCK_BH if !PREEMPT 43 select ARCH_INLINE_WRITE_LOCK_IRQ if !PREEMPT 44 select ARCH_INLINE_WRITE_LOCK_IRQSAVE if !PREEMPT 45 select ARCH_INLINE_WRITE_UNLOCK if !PREEMPT 46 select ARCH_INLINE_WRITE_UNLOCK_BH if !PREEMPT 47 select ARCH_INLINE_WRITE_UNLOCK_IRQ if !PREEMPT 48 select ARCH_INLINE_WRITE_UNLOCK_IRQRESTORE if !PREEMPT 49 select ARCH_INLINE_SPIN_TRYLOCK if !PREEMPT 50 select ARCH_INLINE_SPIN_TRYLOCK_BH if !PREEMPT 51 select ARCH_INLINE_SPIN_LOCK if !PREEMPT 52 select ARCH_INLINE_SPIN_LOCK_BH if !PREEMPT 53 select ARCH_INLINE_SPIN_LOCK_IRQ if !PREEMPT 54 select ARCH_INLINE_SPIN_LOCK_IRQSAVE if !PREEMPT 55 select ARCH_INLINE_SPIN_UNLOCK if !PREEMPT 56 select ARCH_INLINE_SPIN_UNLOCK_BH if !PREEMPT 57 select ARCH_INLINE_SPIN_UNLOCK_IRQ if !PREEMPT 58 select ARCH_INLINE_SPIN_UNLOCK_IRQRESTORE if !PREEMPT 59 select ARCH_USE_CMPXCHG_LOCKREF 60 select ARCH_USE_QUEUED_RWLOCKS 61 select ARCH_USE_QUEUED_SPINLOCKS 62 select ARCH_SUPPORTS_MEMORY_FAILURE 63 select ARCH_SUPPORTS_ATOMIC_RMW 64 select ARCH_SUPPORTS_INT128 if GCC_VERSION >= 50000 || CC_IS_CLANG 65 select ARCH_SUPPORTS_NUMA_BALANCING 66 select ARCH_WANT_COMPAT_IPC_PARSE_VERSION 67 select ARCH_WANT_FRAME_POINTERS 68 select ARCH_HAS_UBSAN_SANITIZE_ALL 69 select ARM_AMBA 70 select ARM_ARCH_TIMER 71 select ARM_GIC 72 select AUDIT_ARCH_COMPAT_GENERIC 73 select ARM_GIC_V2M if PCI 74 select ARM_GIC_V3 75 select ARM_GIC_V3_ITS if PCI 76 select ARM_PSCI_FW 77 select BUILDTIME_EXTABLE_SORT 78 select CLONE_BACKWARDS 79 select COMMON_CLK 80 select CPU_PM if (SUSPEND || CPU_IDLE) 81 select CRC32 82 select DCACHE_WORD_ACCESS 83 select DMA_DIRECT_REMAP 84 select EDAC_SUPPORT 85 select FRAME_POINTER 86 select GENERIC_ALLOCATOR 87 select GENERIC_ARCH_TOPOLOGY 88 select GENERIC_CLOCKEVENTS 89 select GENERIC_CLOCKEVENTS_BROADCAST 90 select GENERIC_CPU_AUTOPROBE 91 select GENERIC_EARLY_IOREMAP 92 select GENERIC_IDLE_POLL_SETUP 93 select GENERIC_IRQ_MULTI_HANDLER 94 select GENERIC_IRQ_PROBE 95 select GENERIC_IRQ_SHOW 96 select GENERIC_IRQ_SHOW_LEVEL 97 select GENERIC_PCI_IOMAP 98 select GENERIC_SCHED_CLOCK 99 select GENERIC_SMP_IDLE_THREAD 100 select GENERIC_STRNCPY_FROM_USER 101 select GENERIC_STRNLEN_USER 102 select GENERIC_TIME_VSYSCALL 103 select HANDLE_DOMAIN_IRQ 104 select HARDIRQS_SW_RESEND 105 select HAVE_PCI 106 select HAVE_ACPI_APEI if (ACPI && EFI) 107 select HAVE_ALIGNED_STRUCT_PAGE if SLUB 108 select HAVE_ARCH_AUDITSYSCALL 109 select HAVE_ARCH_BITREVERSE 110 select HAVE_ARCH_HUGE_VMAP 111 select HAVE_ARCH_JUMP_LABEL 112 select HAVE_ARCH_JUMP_LABEL_RELATIVE 113 select HAVE_ARCH_KASAN if !(ARM64_16K_PAGES && ARM64_VA_BITS_48) 114 select HAVE_ARCH_KASAN_SW_TAGS if HAVE_ARCH_KASAN 115 select HAVE_ARCH_KGDB 116 select HAVE_ARCH_MMAP_RND_BITS 117 select HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT 118 select HAVE_ARCH_PREL32_RELOCATIONS 119 select HAVE_ARCH_SECCOMP_FILTER 120 select HAVE_ARCH_STACKLEAK 121 select HAVE_ARCH_THREAD_STRUCT_WHITELIST 122 select HAVE_ARCH_TRACEHOOK 123 select HAVE_ARCH_TRANSPARENT_HUGEPAGE 124 select HAVE_ARCH_VMAP_STACK 125 select HAVE_ARM_SMCCC 126 select HAVE_EBPF_JIT 127 select HAVE_C_RECORDMCOUNT 128 select HAVE_CMPXCHG_DOUBLE 129 select HAVE_CMPXCHG_LOCAL 130 select HAVE_CONTEXT_TRACKING 131 select HAVE_DEBUG_BUGVERBOSE 132 select HAVE_DEBUG_KMEMLEAK 133 select HAVE_DMA_CONTIGUOUS 134 select HAVE_DYNAMIC_FTRACE 135 select HAVE_EFFICIENT_UNALIGNED_ACCESS 136 select HAVE_FTRACE_MCOUNT_RECORD 137 select HAVE_FUNCTION_TRACER 138 select HAVE_FUNCTION_GRAPH_TRACER 139 select HAVE_GCC_PLUGINS 140 select HAVE_GENERIC_DMA_COHERENT 141 select HAVE_HW_BREAKPOINT if PERF_EVENTS 142 select HAVE_IRQ_TIME_ACCOUNTING 143 select HAVE_MEMBLOCK_NODE_MAP if NUMA 144 select HAVE_NMI 145 select HAVE_PATA_PLATFORM 146 select HAVE_PERF_EVENTS 147 select HAVE_PERF_REGS 148 select HAVE_PERF_USER_STACK_DUMP 149 select HAVE_REGS_AND_STACK_ACCESS_API 150 select HAVE_RCU_TABLE_FREE 151 select HAVE_RCU_TABLE_INVALIDATE 152 select HAVE_RSEQ 153 select HAVE_STACKPROTECTOR 154 select HAVE_SYSCALL_TRACEPOINTS 155 select HAVE_KPROBES 156 select HAVE_KRETPROBES 157 select IOMMU_DMA if IOMMU_SUPPORT 158 select IRQ_DOMAIN 159 select IRQ_FORCED_THREADING 160 select MODULES_USE_ELF_RELA 161 select MULTI_IRQ_HANDLER 162 select NEED_DMA_MAP_STATE 163 select NEED_SG_DMA_LENGTH 164 select OF 165 select OF_EARLY_FLATTREE 166 select OF_RESERVED_MEM 167 select PCI_DOMAINS_GENERIC if PCI 168 select PCI_ECAM if (ACPI && PCI) 169 select PCI_SYSCALL if PCI 170 select POWER_RESET 171 select POWER_SUPPLY 172 select REFCOUNT_FULL 173 select SPARSE_IRQ 174 select SWIOTLB 175 select SYSCTL_EXCEPTION_TRACE 176 select THREAD_INFO_IN_TASK 177 help 178 ARM 64-bit (AArch64) Linux support. 179 180config 64BIT 181 def_bool y 182 183config MMU 184 def_bool y 185 186config ARM64_PAGE_SHIFT 187 int 188 default 16 if ARM64_64K_PAGES 189 default 14 if ARM64_16K_PAGES 190 default 12 191 192config ARM64_CONT_SHIFT 193 int 194 default 5 if ARM64_64K_PAGES 195 default 7 if ARM64_16K_PAGES 196 default 4 197 198config ARCH_MMAP_RND_BITS_MIN 199 default 14 if ARM64_64K_PAGES 200 default 16 if ARM64_16K_PAGES 201 default 18 202 203# max bits determined by the following formula: 204# VA_BITS - PAGE_SHIFT - 3 205config ARCH_MMAP_RND_BITS_MAX 206 default 19 if ARM64_VA_BITS=36 207 default 24 if ARM64_VA_BITS=39 208 default 27 if ARM64_VA_BITS=42 209 default 30 if ARM64_VA_BITS=47 210 default 29 if ARM64_VA_BITS=48 && ARM64_64K_PAGES 211 default 31 if ARM64_VA_BITS=48 && ARM64_16K_PAGES 212 default 33 if ARM64_VA_BITS=48 213 default 14 if ARM64_64K_PAGES 214 default 16 if ARM64_16K_PAGES 215 default 18 216 217config ARCH_MMAP_RND_COMPAT_BITS_MIN 218 default 7 if ARM64_64K_PAGES 219 default 9 if ARM64_16K_PAGES 220 default 11 221 222config ARCH_MMAP_RND_COMPAT_BITS_MAX 223 default 16 224 225config NO_IOPORT_MAP 226 def_bool y if !PCI 227 228config STACKTRACE_SUPPORT 229 def_bool y 230 231config ILLEGAL_POINTER_VALUE 232 hex 233 default 0xdead000000000000 234 235config LOCKDEP_SUPPORT 236 def_bool y 237 238config TRACE_IRQFLAGS_SUPPORT 239 def_bool y 240 241config RWSEM_XCHGADD_ALGORITHM 242 def_bool y 243 244config GENERIC_BUG 245 def_bool y 246 depends on BUG 247 248config GENERIC_BUG_RELATIVE_POINTERS 249 def_bool y 250 depends on GENERIC_BUG 251 252config GENERIC_HWEIGHT 253 def_bool y 254 255config GENERIC_CSUM 256 def_bool y 257 258config GENERIC_CALIBRATE_DELAY 259 def_bool y 260 261config ZONE_DMA32 262 def_bool y 263 264config HAVE_GENERIC_GUP 265 def_bool y 266 267config ARCH_ENABLE_MEMORY_HOTPLUG 268 def_bool y 269 270config SMP 271 def_bool y 272 273config KERNEL_MODE_NEON 274 def_bool y 275 276config FIX_EARLYCON_MEM 277 def_bool y 278 279config PGTABLE_LEVELS 280 int 281 default 2 if ARM64_16K_PAGES && ARM64_VA_BITS_36 282 default 2 if ARM64_64K_PAGES && ARM64_VA_BITS_42 283 default 3 if ARM64_64K_PAGES && (ARM64_VA_BITS_48 || ARM64_USER_VA_BITS_52) 284 default 3 if ARM64_4K_PAGES && ARM64_VA_BITS_39 285 default 3 if ARM64_16K_PAGES && ARM64_VA_BITS_47 286 default 4 if !ARM64_64K_PAGES && ARM64_VA_BITS_48 287 288config ARCH_SUPPORTS_UPROBES 289 def_bool y 290 291config ARCH_PROC_KCORE_TEXT 292 def_bool y 293 294source "arch/arm64/Kconfig.platforms" 295 296menu "Kernel Features" 297 298menu "ARM errata workarounds via the alternatives framework" 299 300config ARM64_WORKAROUND_CLEAN_CACHE 301 def_bool n 302 303config ARM64_ERRATUM_826319 304 bool "Cortex-A53: 826319: System might deadlock if a write cannot complete until read data is accepted" 305 default y 306 select ARM64_WORKAROUND_CLEAN_CACHE 307 help 308 This option adds an alternative code sequence to work around ARM 309 erratum 826319 on Cortex-A53 parts up to r0p2 with an AMBA 4 ACE or 310 AXI master interface and an L2 cache. 311 312 If a Cortex-A53 uses an AMBA AXI4 ACE interface to other processors 313 and is unable to accept a certain write via this interface, it will 314 not progress on read data presented on the read data channel and the 315 system can deadlock. 316 317 The workaround promotes data cache clean instructions to 318 data cache clean-and-invalidate. 319 Please note that this does not necessarily enable the workaround, 320 as it depends on the alternative framework, which will only patch 321 the kernel if an affected CPU is detected. 322 323 If unsure, say Y. 324 325config ARM64_ERRATUM_827319 326 bool "Cortex-A53: 827319: Data cache clean instructions might cause overlapping transactions to the interconnect" 327 default y 328 select ARM64_WORKAROUND_CLEAN_CACHE 329 help 330 This option adds an alternative code sequence to work around ARM 331 erratum 827319 on Cortex-A53 parts up to r0p2 with an AMBA 5 CHI 332 master interface and an L2 cache. 333 334 Under certain conditions this erratum can cause a clean line eviction 335 to occur at the same time as another transaction to the same address 336 on the AMBA 5 CHI interface, which can cause data corruption if the 337 interconnect reorders the two transactions. 338 339 The workaround promotes data cache clean instructions to 340 data cache clean-and-invalidate. 341 Please note that this does not necessarily enable the workaround, 342 as it depends on the alternative framework, which will only patch 343 the kernel if an affected CPU is detected. 344 345 If unsure, say Y. 346 347config ARM64_ERRATUM_824069 348 bool "Cortex-A53: 824069: Cache line might not be marked as clean after a CleanShared snoop" 349 default y 350 select ARM64_WORKAROUND_CLEAN_CACHE 351 help 352 This option adds an alternative code sequence to work around ARM 353 erratum 824069 on Cortex-A53 parts up to r0p2 when it is connected 354 to a coherent interconnect. 355 356 If a Cortex-A53 processor is executing a store or prefetch for 357 write instruction at the same time as a processor in another 358 cluster is executing a cache maintenance operation to the same 359 address, then this erratum might cause a clean cache line to be 360 incorrectly marked as dirty. 361 362 The workaround promotes data cache clean instructions to 363 data cache clean-and-invalidate. 364 Please note that this option does not necessarily enable the 365 workaround, as it depends on the alternative framework, which will 366 only patch the kernel if an affected CPU is detected. 367 368 If unsure, say Y. 369 370config ARM64_ERRATUM_819472 371 bool "Cortex-A53: 819472: Store exclusive instructions might cause data corruption" 372 default y 373 select ARM64_WORKAROUND_CLEAN_CACHE 374 help 375 This option adds an alternative code sequence to work around ARM 376 erratum 819472 on Cortex-A53 parts up to r0p1 with an L2 cache 377 present when it is connected to a coherent interconnect. 378 379 If the processor is executing a load and store exclusive sequence at 380 the same time as a processor in another cluster is executing a cache 381 maintenance operation to the same address, then this erratum might 382 cause data corruption. 383 384 The workaround promotes data cache clean instructions to 385 data cache clean-and-invalidate. 386 Please note that this does not necessarily enable the workaround, 387 as it depends on the alternative framework, which will only patch 388 the kernel if an affected CPU is detected. 389 390 If unsure, say Y. 391 392config ARM64_ERRATUM_832075 393 bool "Cortex-A57: 832075: possible deadlock on mixing exclusive memory accesses with device loads" 394 default y 395 help 396 This option adds an alternative code sequence to work around ARM 397 erratum 832075 on Cortex-A57 parts up to r1p2. 398 399 Affected Cortex-A57 parts might deadlock when exclusive load/store 400 instructions to Write-Back memory are mixed with Device loads. 401 402 The workaround is to promote device loads to use Load-Acquire 403 semantics. 404 Please note that this does not necessarily enable the workaround, 405 as it depends on the alternative framework, which will only patch 406 the kernel if an affected CPU is detected. 407 408 If unsure, say Y. 409 410config ARM64_ERRATUM_834220 411 bool "Cortex-A57: 834220: Stage 2 translation fault might be incorrectly reported in presence of a Stage 1 fault" 412 depends on KVM 413 default y 414 help 415 This option adds an alternative code sequence to work around ARM 416 erratum 834220 on Cortex-A57 parts up to r1p2. 417 418 Affected Cortex-A57 parts might report a Stage 2 translation 419 fault as the result of a Stage 1 fault for load crossing a 420 page boundary when there is a permission or device memory 421 alignment fault at Stage 1 and a translation fault at Stage 2. 422 423 The workaround is to verify that the Stage 1 translation 424 doesn't generate a fault before handling the Stage 2 fault. 425 Please note that this does not necessarily enable the workaround, 426 as it depends on the alternative framework, which will only patch 427 the kernel if an affected CPU is detected. 428 429 If unsure, say Y. 430 431config ARM64_ERRATUM_845719 432 bool "Cortex-A53: 845719: a load might read incorrect data" 433 depends on COMPAT 434 default y 435 help 436 This option adds an alternative code sequence to work around ARM 437 erratum 845719 on Cortex-A53 parts up to r0p4. 438 439 When running a compat (AArch32) userspace on an affected Cortex-A53 440 part, a load at EL0 from a virtual address that matches the bottom 32 441 bits of the virtual address used by a recent load at (AArch64) EL1 442 might return incorrect data. 443 444 The workaround is to write the contextidr_el1 register on exception 445 return to a 32-bit task. 446 Please note that this does not necessarily enable the workaround, 447 as it depends on the alternative framework, which will only patch 448 the kernel if an affected CPU is detected. 449 450 If unsure, say Y. 451 452config ARM64_ERRATUM_843419 453 bool "Cortex-A53: 843419: A load or store might access an incorrect address" 454 default y 455 select ARM64_MODULE_PLTS if MODULES 456 help 457 This option links the kernel with '--fix-cortex-a53-843419' and 458 enables PLT support to replace certain ADRP instructions, which can 459 cause subsequent memory accesses to use an incorrect address on 460 Cortex-A53 parts up to r0p4. 461 462 If unsure, say Y. 463 464config ARM64_ERRATUM_1024718 465 bool "Cortex-A55: 1024718: Update of DBM/AP bits without break before make might result in incorrect update" 466 default y 467 help 468 This option adds work around for Arm Cortex-A55 Erratum 1024718. 469 470 Affected Cortex-A55 cores (r0p0, r0p1, r1p0) could cause incorrect 471 update of the hardware dirty bit when the DBM/AP bits are updated 472 without a break-before-make. The work around is to disable the usage 473 of hardware DBM locally on the affected cores. CPUs not affected by 474 erratum will continue to use the feature. 475 476 If unsure, say Y. 477 478config ARM64_ERRATUM_1188873 479 bool "Cortex-A76: MRC read following MRRC read of specific Generic Timer in AArch32 might give incorrect result" 480 default y 481 select ARM_ARCH_TIMER_OOL_WORKAROUND 482 help 483 This option adds work arounds for ARM Cortex-A76 erratum 1188873 484 485 Affected Cortex-A76 cores (r0p0, r1p0, r2p0) could cause 486 register corruption when accessing the timer registers from 487 AArch32 userspace. 488 489 If unsure, say Y. 490 491config ARM64_ERRATUM_1165522 492 bool "Cortex-A76: Speculative AT instruction using out-of-context translation regime could cause subsequent request to generate an incorrect translation" 493 default y 494 help 495 This option adds work arounds for ARM Cortex-A76 erratum 1165522 496 497 Affected Cortex-A76 cores (r0p0, r1p0, r2p0) could end-up with 498 corrupted TLBs by speculating an AT instruction during a guest 499 context switch. 500 501 If unsure, say Y. 502 503config ARM64_ERRATUM_1286807 504 bool "Cortex-A76: Modification of the translation table for a virtual address might lead to read-after-read ordering violation" 505 default y 506 select ARM64_WORKAROUND_REPEAT_TLBI 507 help 508 This option adds workaround for ARM Cortex-A76 erratum 1286807 509 510 On the affected Cortex-A76 cores (r0p0 to r3p0), if a virtual 511 address for a cacheable mapping of a location is being 512 accessed by a core while another core is remapping the virtual 513 address to a new physical page using the recommended 514 break-before-make sequence, then under very rare circumstances 515 TLBI+DSB completes before a read using the translation being 516 invalidated has been observed by other observers. The 517 workaround repeats the TLBI+DSB operation. 518 519 If unsure, say Y. 520 521config CAVIUM_ERRATUM_22375 522 bool "Cavium erratum 22375, 24313" 523 default y 524 help 525 Enable workaround for erratum 22375, 24313. 526 527 This implements two gicv3-its errata workarounds for ThunderX. Both 528 with small impact affecting only ITS table allocation. 529 530 erratum 22375: only alloc 8MB table size 531 erratum 24313: ignore memory access type 532 533 The fixes are in ITS initialization and basically ignore memory access 534 type and table size provided by the TYPER and BASER registers. 535 536 If unsure, say Y. 537 538config CAVIUM_ERRATUM_23144 539 bool "Cavium erratum 23144: ITS SYNC hang on dual socket system" 540 depends on NUMA 541 default y 542 help 543 ITS SYNC command hang for cross node io and collections/cpu mapping. 544 545 If unsure, say Y. 546 547config CAVIUM_ERRATUM_23154 548 bool "Cavium erratum 23154: Access to ICC_IAR1_EL1 is not sync'ed" 549 default y 550 help 551 The gicv3 of ThunderX requires a modified version for 552 reading the IAR status to ensure data synchronization 553 (access to icc_iar1_el1 is not sync'ed before and after). 554 555 If unsure, say Y. 556 557config CAVIUM_ERRATUM_27456 558 bool "Cavium erratum 27456: Broadcast TLBI instructions may cause icache corruption" 559 default y 560 help 561 On ThunderX T88 pass 1.x through 2.1 parts, broadcast TLBI 562 instructions may cause the icache to become corrupted if it 563 contains data for a non-current ASID. The fix is to 564 invalidate the icache when changing the mm context. 565 566 If unsure, say Y. 567 568config CAVIUM_ERRATUM_30115 569 bool "Cavium erratum 30115: Guest may disable interrupts in host" 570 default y 571 help 572 On ThunderX T88 pass 1.x through 2.2, T81 pass 1.0 through 573 1.2, and T83 Pass 1.0, KVM guest execution may disable 574 interrupts in host. Trapping both GICv3 group-0 and group-1 575 accesses sidesteps the issue. 576 577 If unsure, say Y. 578 579config QCOM_FALKOR_ERRATUM_1003 580 bool "Falkor E1003: Incorrect translation due to ASID change" 581 default y 582 help 583 On Falkor v1, an incorrect ASID may be cached in the TLB when ASID 584 and BADDR are changed together in TTBRx_EL1. Since we keep the ASID 585 in TTBR1_EL1, this situation only occurs in the entry trampoline and 586 then only for entries in the walk cache, since the leaf translation 587 is unchanged. Work around the erratum by invalidating the walk cache 588 entries for the trampoline before entering the kernel proper. 589 590config ARM64_WORKAROUND_REPEAT_TLBI 591 bool 592 help 593 Enable the repeat TLBI workaround for Falkor erratum 1009 and 594 Cortex-A76 erratum 1286807. 595 596config QCOM_FALKOR_ERRATUM_1009 597 bool "Falkor E1009: Prematurely complete a DSB after a TLBI" 598 default y 599 select ARM64_WORKAROUND_REPEAT_TLBI 600 help 601 On Falkor v1, the CPU may prematurely complete a DSB following a 602 TLBI xxIS invalidate maintenance operation. Repeat the TLBI operation 603 one more time to fix the issue. 604 605 If unsure, say Y. 606 607config QCOM_QDF2400_ERRATUM_0065 608 bool "QDF2400 E0065: Incorrect GITS_TYPER.ITT_Entry_size" 609 default y 610 help 611 On Qualcomm Datacenter Technologies QDF2400 SoC, ITS hardware reports 612 ITE size incorrectly. The GITS_TYPER.ITT_Entry_size field should have 613 been indicated as 16Bytes (0xf), not 8Bytes (0x7). 614 615 If unsure, say Y. 616 617config SOCIONEXT_SYNQUACER_PREITS 618 bool "Socionext Synquacer: Workaround for GICv3 pre-ITS" 619 default y 620 help 621 Socionext Synquacer SoCs implement a separate h/w block to generate 622 MSI doorbell writes with non-zero values for the device ID. 623 624 If unsure, say Y. 625 626config HISILICON_ERRATUM_161600802 627 bool "Hip07 161600802: Erroneous redistributor VLPI base" 628 default y 629 help 630 The HiSilicon Hip07 SoC usees the wrong redistributor base 631 when issued ITS commands such as VMOVP and VMAPP, and requires 632 a 128kB offset to be applied to the target address in this commands. 633 634 If unsure, say Y. 635 636config QCOM_FALKOR_ERRATUM_E1041 637 bool "Falkor E1041: Speculative instruction fetches might cause errant memory access" 638 default y 639 help 640 Falkor CPU may speculatively fetch instructions from an improper 641 memory location when MMU translation is changed from SCTLR_ELn[M]=1 642 to SCTLR_ELn[M]=0. Prefix an ISB instruction to fix the problem. 643 644 If unsure, say Y. 645 646endmenu 647 648 649choice 650 prompt "Page size" 651 default ARM64_4K_PAGES 652 help 653 Page size (translation granule) configuration. 654 655config ARM64_4K_PAGES 656 bool "4KB" 657 help 658 This feature enables 4KB pages support. 659 660config ARM64_16K_PAGES 661 bool "16KB" 662 help 663 The system will use 16KB pages support. AArch32 emulation 664 requires applications compiled with 16K (or a multiple of 16K) 665 aligned segments. 666 667config ARM64_64K_PAGES 668 bool "64KB" 669 help 670 This feature enables 64KB pages support (4KB by default) 671 allowing only two levels of page tables and faster TLB 672 look-up. AArch32 emulation requires applications compiled 673 with 64K aligned segments. 674 675endchoice 676 677choice 678 prompt "Virtual address space size" 679 default ARM64_VA_BITS_39 if ARM64_4K_PAGES 680 default ARM64_VA_BITS_47 if ARM64_16K_PAGES 681 default ARM64_VA_BITS_42 if ARM64_64K_PAGES 682 help 683 Allows choosing one of multiple possible virtual address 684 space sizes. The level of translation table is determined by 685 a combination of page size and virtual address space size. 686 687config ARM64_VA_BITS_36 688 bool "36-bit" if EXPERT 689 depends on ARM64_16K_PAGES 690 691config ARM64_VA_BITS_39 692 bool "39-bit" 693 depends on ARM64_4K_PAGES 694 695config ARM64_VA_BITS_42 696 bool "42-bit" 697 depends on ARM64_64K_PAGES 698 699config ARM64_VA_BITS_47 700 bool "47-bit" 701 depends on ARM64_16K_PAGES 702 703config ARM64_VA_BITS_48 704 bool "48-bit" 705 706config ARM64_USER_VA_BITS_52 707 bool "52-bit (user)" 708 depends on ARM64_64K_PAGES && (ARM64_PAN || !ARM64_SW_TTBR0_PAN) 709 help 710 Enable 52-bit virtual addressing for userspace when explicitly 711 requested via a hint to mmap(). The kernel will continue to 712 use 48-bit virtual addresses for its own mappings. 713 714 NOTE: Enabling 52-bit virtual addressing in conjunction with 715 ARMv8.3 Pointer Authentication will result in the PAC being 716 reduced from 7 bits to 3 bits, which may have a significant 717 impact on its susceptibility to brute-force attacks. 718 719 If unsure, select 48-bit virtual addressing instead. 720 721endchoice 722 723config ARM64_FORCE_52BIT 724 bool "Force 52-bit virtual addresses for userspace" 725 depends on ARM64_USER_VA_BITS_52 && EXPERT 726 help 727 For systems with 52-bit userspace VAs enabled, the kernel will attempt 728 to maintain compatibility with older software by providing 48-bit VAs 729 unless a hint is supplied to mmap. 730 731 This configuration option disables the 48-bit compatibility logic, and 732 forces all userspace addresses to be 52-bit on HW that supports it. One 733 should only enable this configuration option for stress testing userspace 734 memory management code. If unsure say N here. 735 736config ARM64_VA_BITS 737 int 738 default 36 if ARM64_VA_BITS_36 739 default 39 if ARM64_VA_BITS_39 740 default 42 if ARM64_VA_BITS_42 741 default 47 if ARM64_VA_BITS_47 742 default 48 if ARM64_VA_BITS_48 || ARM64_USER_VA_BITS_52 743 744choice 745 prompt "Physical address space size" 746 default ARM64_PA_BITS_48 747 help 748 Choose the maximum physical address range that the kernel will 749 support. 750 751config ARM64_PA_BITS_48 752 bool "48-bit" 753 754config ARM64_PA_BITS_52 755 bool "52-bit (ARMv8.2)" 756 depends on ARM64_64K_PAGES 757 depends on ARM64_PAN || !ARM64_SW_TTBR0_PAN 758 help 759 Enable support for a 52-bit physical address space, introduced as 760 part of the ARMv8.2-LPA extension. 761 762 With this enabled, the kernel will also continue to work on CPUs that 763 do not support ARMv8.2-LPA, but with some added memory overhead (and 764 minor performance overhead). 765 766endchoice 767 768config ARM64_PA_BITS 769 int 770 default 48 if ARM64_PA_BITS_48 771 default 52 if ARM64_PA_BITS_52 772 773config CPU_BIG_ENDIAN 774 bool "Build big-endian kernel" 775 help 776 Say Y if you plan on running a kernel in big-endian mode. 777 778config SCHED_MC 779 bool "Multi-core scheduler support" 780 help 781 Multi-core scheduler support improves the CPU scheduler's decision 782 making when dealing with multi-core CPU chips at a cost of slightly 783 increased overhead in some places. If unsure say N here. 784 785config SCHED_SMT 786 bool "SMT scheduler support" 787 help 788 Improves the CPU scheduler's decision making when dealing with 789 MultiThreading at a cost of slightly increased overhead in some 790 places. If unsure say N here. 791 792config NR_CPUS 793 int "Maximum number of CPUs (2-4096)" 794 range 2 4096 795 # These have to remain sorted largest to smallest 796 default "64" 797 798config HOTPLUG_CPU 799 bool "Support for hot-pluggable CPUs" 800 select GENERIC_IRQ_MIGRATION 801 help 802 Say Y here to experiment with turning CPUs off and on. CPUs 803 can be controlled through /sys/devices/system/cpu. 804 805# Common NUMA Features 806config NUMA 807 bool "Numa Memory Allocation and Scheduler Support" 808 select ACPI_NUMA if ACPI 809 select OF_NUMA 810 help 811 Enable NUMA (Non Uniform Memory Access) support. 812 813 The kernel will try to allocate memory used by a CPU on the 814 local memory of the CPU and add some more 815 NUMA awareness to the kernel. 816 817config NODES_SHIFT 818 int "Maximum NUMA Nodes (as a power of 2)" 819 range 1 10 820 default "2" 821 depends on NEED_MULTIPLE_NODES 822 help 823 Specify the maximum number of NUMA Nodes available on the target 824 system. Increases memory reserved to accommodate various tables. 825 826config USE_PERCPU_NUMA_NODE_ID 827 def_bool y 828 depends on NUMA 829 830config HAVE_SETUP_PER_CPU_AREA 831 def_bool y 832 depends on NUMA 833 834config NEED_PER_CPU_EMBED_FIRST_CHUNK 835 def_bool y 836 depends on NUMA 837 838config HOLES_IN_ZONE 839 def_bool y 840 841source "kernel/Kconfig.hz" 842 843config ARCH_SUPPORTS_DEBUG_PAGEALLOC 844 def_bool y 845 846config ARCH_SPARSEMEM_ENABLE 847 def_bool y 848 select SPARSEMEM_VMEMMAP_ENABLE 849 850config ARCH_SPARSEMEM_DEFAULT 851 def_bool ARCH_SPARSEMEM_ENABLE 852 853config ARCH_SELECT_MEMORY_MODEL 854 def_bool ARCH_SPARSEMEM_ENABLE 855 856config ARCH_FLATMEM_ENABLE 857 def_bool !NUMA 858 859config HAVE_ARCH_PFN_VALID 860 def_bool y 861 862config HW_PERF_EVENTS 863 def_bool y 864 depends on ARM_PMU 865 866config SYS_SUPPORTS_HUGETLBFS 867 def_bool y 868 869config ARCH_WANT_HUGE_PMD_SHARE 870 def_bool y if ARM64_4K_PAGES || (ARM64_16K_PAGES && !ARM64_VA_BITS_36) 871 872config ARCH_HAS_CACHE_LINE_SIZE 873 def_bool y 874 875config SECCOMP 876 bool "Enable seccomp to safely compute untrusted bytecode" 877 ---help--- 878 This kernel feature is useful for number crunching applications 879 that may need to compute untrusted bytecode during their 880 execution. By using pipes or other transports made available to 881 the process as file descriptors supporting the read/write 882 syscalls, it's possible to isolate those applications in 883 their own address space using seccomp. Once seccomp is 884 enabled via prctl(PR_SET_SECCOMP), it cannot be disabled 885 and the task is only allowed to execute a few safe syscalls 886 defined by each seccomp mode. 887 888config PARAVIRT 889 bool "Enable paravirtualization code" 890 help 891 This changes the kernel so it can modify itself when it is run 892 under a hypervisor, potentially improving performance significantly 893 over full virtualization. 894 895config PARAVIRT_TIME_ACCOUNTING 896 bool "Paravirtual steal time accounting" 897 select PARAVIRT 898 default n 899 help 900 Select this option to enable fine granularity task steal time 901 accounting. Time spent executing other tasks in parallel with 902 the current vCPU is discounted from the vCPU power. To account for 903 that, there can be a small performance impact. 904 905 If in doubt, say N here. 906 907config KEXEC 908 depends on PM_SLEEP_SMP 909 select KEXEC_CORE 910 bool "kexec system call" 911 ---help--- 912 kexec is a system call that implements the ability to shutdown your 913 current kernel, and to start another kernel. It is like a reboot 914 but it is independent of the system firmware. And like a reboot 915 you can start any kernel with it, not just Linux. 916 917config KEXEC_FILE 918 bool "kexec file based system call" 919 select KEXEC_CORE 920 help 921 This is new version of kexec system call. This system call is 922 file based and takes file descriptors as system call argument 923 for kernel and initramfs as opposed to list of segments as 924 accepted by previous system call. 925 926config KEXEC_VERIFY_SIG 927 bool "Verify kernel signature during kexec_file_load() syscall" 928 depends on KEXEC_FILE 929 help 930 Select this option to verify a signature with loaded kernel 931 image. If configured, any attempt of loading a image without 932 valid signature will fail. 933 934 In addition to that option, you need to enable signature 935 verification for the corresponding kernel image type being 936 loaded in order for this to work. 937 938config KEXEC_IMAGE_VERIFY_SIG 939 bool "Enable Image signature verification support" 940 default y 941 depends on KEXEC_VERIFY_SIG 942 depends on EFI && SIGNED_PE_FILE_VERIFICATION 943 help 944 Enable Image signature verification support. 945 946comment "Support for PE file signature verification disabled" 947 depends on KEXEC_VERIFY_SIG 948 depends on !EFI || !SIGNED_PE_FILE_VERIFICATION 949 950config CRASH_DUMP 951 bool "Build kdump crash kernel" 952 help 953 Generate crash dump after being started by kexec. This should 954 be normally only set in special crash dump kernels which are 955 loaded in the main kernel with kexec-tools into a specially 956 reserved region and then later executed after a crash by 957 kdump/kexec. 958 959 For more details see Documentation/kdump/kdump.txt 960 961config XEN_DOM0 962 def_bool y 963 depends on XEN 964 965config XEN 966 bool "Xen guest support on ARM64" 967 depends on ARM64 && OF 968 select SWIOTLB_XEN 969 select PARAVIRT 970 help 971 Say Y if you want to run Linux in a Virtual Machine on Xen on ARM64. 972 973config FORCE_MAX_ZONEORDER 974 int 975 default "14" if (ARM64_64K_PAGES && TRANSPARENT_HUGEPAGE) 976 default "12" if (ARM64_16K_PAGES && TRANSPARENT_HUGEPAGE) 977 default "11" 978 help 979 The kernel memory allocator divides physically contiguous memory 980 blocks into "zones", where each zone is a power of two number of 981 pages. This option selects the largest power of two that the kernel 982 keeps in the memory allocator. If you need to allocate very large 983 blocks of physically contiguous memory, then you may need to 984 increase this value. 985 986 This config option is actually maximum order plus one. For example, 987 a value of 11 means that the largest free memory block is 2^10 pages. 988 989 We make sure that we can allocate upto a HugePage size for each configuration. 990 Hence we have : 991 MAX_ORDER = (PMD_SHIFT - PAGE_SHIFT) + 1 => PAGE_SHIFT - 2 992 993 However for 4K, we choose a higher default value, 11 as opposed to 10, giving us 994 4M allocations matching the default size used by generic code. 995 996config UNMAP_KERNEL_AT_EL0 997 bool "Unmap kernel when running in userspace (aka \"KAISER\")" if EXPERT 998 default y 999 help 1000 Speculation attacks against some high-performance processors can 1001 be used to bypass MMU permission checks and leak kernel data to 1002 userspace. This can be defended against by unmapping the kernel 1003 when running in userspace, mapping it back in on exception entry 1004 via a trampoline page in the vector table. 1005 1006 If unsure, say Y. 1007 1008config HARDEN_BRANCH_PREDICTOR 1009 bool "Harden the branch predictor against aliasing attacks" if EXPERT 1010 default y 1011 help 1012 Speculation attacks against some high-performance processors rely on 1013 being able to manipulate the branch predictor for a victim context by 1014 executing aliasing branches in the attacker context. Such attacks 1015 can be partially mitigated against by clearing internal branch 1016 predictor state and limiting the prediction logic in some situations. 1017 1018 This config option will take CPU-specific actions to harden the 1019 branch predictor against aliasing attacks and may rely on specific 1020 instruction sequences or control bits being set by the system 1021 firmware. 1022 1023 If unsure, say Y. 1024 1025config HARDEN_EL2_VECTORS 1026 bool "Harden EL2 vector mapping against system register leak" if EXPERT 1027 default y 1028 help 1029 Speculation attacks against some high-performance processors can 1030 be used to leak privileged information such as the vector base 1031 register, resulting in a potential defeat of the EL2 layout 1032 randomization. 1033 1034 This config option will map the vectors to a fixed location, 1035 independent of the EL2 code mapping, so that revealing VBAR_EL2 1036 to an attacker does not give away any extra information. This 1037 only gets enabled on affected CPUs. 1038 1039 If unsure, say Y. 1040 1041config ARM64_SSBD 1042 bool "Speculative Store Bypass Disable" if EXPERT 1043 default y 1044 help 1045 This enables mitigation of the bypassing of previous stores 1046 by speculative loads. 1047 1048 If unsure, say Y. 1049 1050config RODATA_FULL_DEFAULT_ENABLED 1051 bool "Apply r/o permissions of VM areas also to their linear aliases" 1052 default y 1053 help 1054 Apply read-only attributes of VM areas to the linear alias of 1055 the backing pages as well. This prevents code or read-only data 1056 from being modified (inadvertently or intentionally) via another 1057 mapping of the same memory page. This additional enhancement can 1058 be turned off at runtime by passing rodata=[off|on] (and turned on 1059 with rodata=full if this option is set to 'n') 1060 1061 This requires the linear region to be mapped down to pages, 1062 which may adversely affect performance in some cases. 1063 1064menuconfig ARMV8_DEPRECATED 1065 bool "Emulate deprecated/obsolete ARMv8 instructions" 1066 depends on COMPAT 1067 depends on SYSCTL 1068 help 1069 Legacy software support may require certain instructions 1070 that have been deprecated or obsoleted in the architecture. 1071 1072 Enable this config to enable selective emulation of these 1073 features. 1074 1075 If unsure, say Y 1076 1077if ARMV8_DEPRECATED 1078 1079config SWP_EMULATION 1080 bool "Emulate SWP/SWPB instructions" 1081 help 1082 ARMv8 obsoletes the use of A32 SWP/SWPB instructions such that 1083 they are always undefined. Say Y here to enable software 1084 emulation of these instructions for userspace using LDXR/STXR. 1085 1086 In some older versions of glibc [<=2.8] SWP is used during futex 1087 trylock() operations with the assumption that the code will not 1088 be preempted. This invalid assumption may be more likely to fail 1089 with SWP emulation enabled, leading to deadlock of the user 1090 application. 1091 1092 NOTE: when accessing uncached shared regions, LDXR/STXR rely 1093 on an external transaction monitoring block called a global 1094 monitor to maintain update atomicity. If your system does not 1095 implement a global monitor, this option can cause programs that 1096 perform SWP operations to uncached memory to deadlock. 1097 1098 If unsure, say Y 1099 1100config CP15_BARRIER_EMULATION 1101 bool "Emulate CP15 Barrier instructions" 1102 help 1103 The CP15 barrier instructions - CP15ISB, CP15DSB, and 1104 CP15DMB - are deprecated in ARMv8 (and ARMv7). It is 1105 strongly recommended to use the ISB, DSB, and DMB 1106 instructions instead. 1107 1108 Say Y here to enable software emulation of these 1109 instructions for AArch32 userspace code. When this option is 1110 enabled, CP15 barrier usage is traced which can help 1111 identify software that needs updating. 1112 1113 If unsure, say Y 1114 1115config SETEND_EMULATION 1116 bool "Emulate SETEND instruction" 1117 help 1118 The SETEND instruction alters the data-endianness of the 1119 AArch32 EL0, and is deprecated in ARMv8. 1120 1121 Say Y here to enable software emulation of the instruction 1122 for AArch32 userspace code. 1123 1124 Note: All the cpus on the system must have mixed endian support at EL0 1125 for this feature to be enabled. If a new CPU - which doesn't support mixed 1126 endian - is hotplugged in after this feature has been enabled, there could 1127 be unexpected results in the applications. 1128 1129 If unsure, say Y 1130endif 1131 1132config ARM64_SW_TTBR0_PAN 1133 bool "Emulate Privileged Access Never using TTBR0_EL1 switching" 1134 help 1135 Enabling this option prevents the kernel from accessing 1136 user-space memory directly by pointing TTBR0_EL1 to a reserved 1137 zeroed area and reserved ASID. The user access routines 1138 restore the valid TTBR0_EL1 temporarily. 1139 1140menu "ARMv8.1 architectural features" 1141 1142config ARM64_HW_AFDBM 1143 bool "Support for hardware updates of the Access and Dirty page flags" 1144 default y 1145 help 1146 The ARMv8.1 architecture extensions introduce support for 1147 hardware updates of the access and dirty information in page 1148 table entries. When enabled in TCR_EL1 (HA and HD bits) on 1149 capable processors, accesses to pages with PTE_AF cleared will 1150 set this bit instead of raising an access flag fault. 1151 Similarly, writes to read-only pages with the DBM bit set will 1152 clear the read-only bit (AP[2]) instead of raising a 1153 permission fault. 1154 1155 Kernels built with this configuration option enabled continue 1156 to work on pre-ARMv8.1 hardware and the performance impact is 1157 minimal. If unsure, say Y. 1158 1159config ARM64_PAN 1160 bool "Enable support for Privileged Access Never (PAN)" 1161 default y 1162 help 1163 Privileged Access Never (PAN; part of the ARMv8.1 Extensions) 1164 prevents the kernel or hypervisor from accessing user-space (EL0) 1165 memory directly. 1166 1167 Choosing this option will cause any unprotected (not using 1168 copy_to_user et al) memory access to fail with a permission fault. 1169 1170 The feature is detected at runtime, and will remain as a 'nop' 1171 instruction if the cpu does not implement the feature. 1172 1173config ARM64_LSE_ATOMICS 1174 bool "Atomic instructions" 1175 default y 1176 help 1177 As part of the Large System Extensions, ARMv8.1 introduces new 1178 atomic instructions that are designed specifically to scale in 1179 very large systems. 1180 1181 Say Y here to make use of these instructions for the in-kernel 1182 atomic routines. This incurs a small overhead on CPUs that do 1183 not support these instructions and requires the kernel to be 1184 built with binutils >= 2.25 in order for the new instructions 1185 to be used. 1186 1187config ARM64_VHE 1188 bool "Enable support for Virtualization Host Extensions (VHE)" 1189 default y 1190 help 1191 Virtualization Host Extensions (VHE) allow the kernel to run 1192 directly at EL2 (instead of EL1) on processors that support 1193 it. This leads to better performance for KVM, as they reduce 1194 the cost of the world switch. 1195 1196 Selecting this option allows the VHE feature to be detected 1197 at runtime, and does not affect processors that do not 1198 implement this feature. 1199 1200endmenu 1201 1202menu "ARMv8.2 architectural features" 1203 1204config ARM64_UAO 1205 bool "Enable support for User Access Override (UAO)" 1206 default y 1207 help 1208 User Access Override (UAO; part of the ARMv8.2 Extensions) 1209 causes the 'unprivileged' variant of the load/store instructions to 1210 be overridden to be privileged. 1211 1212 This option changes get_user() and friends to use the 'unprivileged' 1213 variant of the load/store instructions. This ensures that user-space 1214 really did have access to the supplied memory. When addr_limit is 1215 set to kernel memory the UAO bit will be set, allowing privileged 1216 access to kernel memory. 1217 1218 Choosing this option will cause copy_to_user() et al to use user-space 1219 memory permissions. 1220 1221 The feature is detected at runtime, the kernel will use the 1222 regular load/store instructions if the cpu does not implement the 1223 feature. 1224 1225config ARM64_PMEM 1226 bool "Enable support for persistent memory" 1227 select ARCH_HAS_PMEM_API 1228 select ARCH_HAS_UACCESS_FLUSHCACHE 1229 help 1230 Say Y to enable support for the persistent memory API based on the 1231 ARMv8.2 DCPoP feature. 1232 1233 The feature is detected at runtime, and the kernel will use DC CVAC 1234 operations if DC CVAP is not supported (following the behaviour of 1235 DC CVAP itself if the system does not define a point of persistence). 1236 1237config ARM64_RAS_EXTN 1238 bool "Enable support for RAS CPU Extensions" 1239 default y 1240 help 1241 CPUs that support the Reliability, Availability and Serviceability 1242 (RAS) Extensions, part of ARMv8.2 are able to track faults and 1243 errors, classify them and report them to software. 1244 1245 On CPUs with these extensions system software can use additional 1246 barriers to determine if faults are pending and read the 1247 classification from a new set of registers. 1248 1249 Selecting this feature will allow the kernel to use these barriers 1250 and access the new registers if the system supports the extension. 1251 Platform RAS features may additionally depend on firmware support. 1252 1253config ARM64_CNP 1254 bool "Enable support for Common Not Private (CNP) translations" 1255 default y 1256 depends on ARM64_PAN || !ARM64_SW_TTBR0_PAN 1257 help 1258 Common Not Private (CNP) allows translation table entries to 1259 be shared between different PEs in the same inner shareable 1260 domain, so the hardware can use this fact to optimise the 1261 caching of such entries in the TLB. 1262 1263 Selecting this option allows the CNP feature to be detected 1264 at runtime, and does not affect PEs that do not implement 1265 this feature. 1266 1267endmenu 1268 1269menu "ARMv8.3 architectural features" 1270 1271config ARM64_PTR_AUTH 1272 bool "Enable support for pointer authentication" 1273 default y 1274 help 1275 Pointer authentication (part of the ARMv8.3 Extensions) provides 1276 instructions for signing and authenticating pointers against secret 1277 keys, which can be used to mitigate Return Oriented Programming (ROP) 1278 and other attacks. 1279 1280 This option enables these instructions at EL0 (i.e. for userspace). 1281 1282 Choosing this option will cause the kernel to initialise secret keys 1283 for each process at exec() time, with these keys being 1284 context-switched along with the process. 1285 1286 The feature is detected at runtime. If the feature is not present in 1287 hardware it will not be advertised to userspace nor will it be 1288 enabled. 1289 1290endmenu 1291 1292config ARM64_SVE 1293 bool "ARM Scalable Vector Extension support" 1294 default y 1295 depends on !KVM || ARM64_VHE 1296 help 1297 The Scalable Vector Extension (SVE) is an extension to the AArch64 1298 execution state which complements and extends the SIMD functionality 1299 of the base architecture to support much larger vectors and to enable 1300 additional vectorisation opportunities. 1301 1302 To enable use of this extension on CPUs that implement it, say Y. 1303 1304 Note that for architectural reasons, firmware _must_ implement SVE 1305 support when running on SVE capable hardware. The required support 1306 is present in: 1307 1308 * version 1.5 and later of the ARM Trusted Firmware 1309 * the AArch64 boot wrapper since commit 5e1261e08abf 1310 ("bootwrapper: SVE: Enable SVE for EL2 and below"). 1311 1312 For other firmware implementations, consult the firmware documentation 1313 or vendor. 1314 1315 If you need the kernel to boot on SVE-capable hardware with broken 1316 firmware, you may need to say N here until you get your firmware 1317 fixed. Otherwise, you may experience firmware panics or lockups when 1318 booting the kernel. If unsure and you are not observing these 1319 symptoms, you should assume that it is safe to say Y. 1320 1321 CPUs that support SVE are architecturally required to support the 1322 Virtualization Host Extensions (VHE), so the kernel makes no 1323 provision for supporting SVE alongside KVM without VHE enabled. 1324 Thus, you will need to enable CONFIG_ARM64_VHE if you want to support 1325 KVM in the same kernel image. 1326 1327config ARM64_MODULE_PLTS 1328 bool 1329 select HAVE_MOD_ARCH_SPECIFIC 1330 1331config RELOCATABLE 1332 bool 1333 help 1334 This builds the kernel as a Position Independent Executable (PIE), 1335 which retains all relocation metadata required to relocate the 1336 kernel binary at runtime to a different virtual address than the 1337 address it was linked at. 1338 Since AArch64 uses the RELA relocation format, this requires a 1339 relocation pass at runtime even if the kernel is loaded at the 1340 same address it was linked at. 1341 1342config RANDOMIZE_BASE 1343 bool "Randomize the address of the kernel image" 1344 select ARM64_MODULE_PLTS if MODULES 1345 select RELOCATABLE 1346 help 1347 Randomizes the virtual address at which the kernel image is 1348 loaded, as a security feature that deters exploit attempts 1349 relying on knowledge of the location of kernel internals. 1350 1351 It is the bootloader's job to provide entropy, by passing a 1352 random u64 value in /chosen/kaslr-seed at kernel entry. 1353 1354 When booting via the UEFI stub, it will invoke the firmware's 1355 EFI_RNG_PROTOCOL implementation (if available) to supply entropy 1356 to the kernel proper. In addition, it will randomise the physical 1357 location of the kernel Image as well. 1358 1359 If unsure, say N. 1360 1361config RANDOMIZE_MODULE_REGION_FULL 1362 bool "Randomize the module region over a 4 GB range" 1363 depends on RANDOMIZE_BASE 1364 default y 1365 help 1366 Randomizes the location of the module region inside a 4 GB window 1367 covering the core kernel. This way, it is less likely for modules 1368 to leak information about the location of core kernel data structures 1369 but it does imply that function calls between modules and the core 1370 kernel will need to be resolved via veneers in the module PLT. 1371 1372 When this option is not set, the module region will be randomized over 1373 a limited range that contains the [_stext, _etext] interval of the 1374 core kernel, so branch relocations are always in range. 1375 1376config CC_HAVE_STACKPROTECTOR_SYSREG 1377 def_bool $(cc-option,-mstack-protector-guard=sysreg -mstack-protector-guard-reg=sp_el0 -mstack-protector-guard-offset=0) 1378 1379config STACKPROTECTOR_PER_TASK 1380 def_bool y 1381 depends on STACKPROTECTOR && CC_HAVE_STACKPROTECTOR_SYSREG 1382 1383endmenu 1384 1385menu "Boot options" 1386 1387config ARM64_ACPI_PARKING_PROTOCOL 1388 bool "Enable support for the ARM64 ACPI parking protocol" 1389 depends on ACPI 1390 help 1391 Enable support for the ARM64 ACPI parking protocol. If disabled 1392 the kernel will not allow booting through the ARM64 ACPI parking 1393 protocol even if the corresponding data is present in the ACPI 1394 MADT table. 1395 1396config CMDLINE 1397 string "Default kernel command string" 1398 default "" 1399 help 1400 Provide a set of default command-line options at build time by 1401 entering them here. As a minimum, you should specify the the 1402 root device (e.g. root=/dev/nfs). 1403 1404config CMDLINE_FORCE 1405 bool "Always use the default kernel command string" 1406 help 1407 Always use the default kernel command string, even if the boot 1408 loader passes other arguments to the kernel. 1409 This is useful if you cannot or don't want to change the 1410 command-line options your boot loader passes to the kernel. 1411 1412config EFI_STUB 1413 bool 1414 1415config EFI 1416 bool "UEFI runtime support" 1417 depends on OF && !CPU_BIG_ENDIAN 1418 depends on KERNEL_MODE_NEON 1419 select ARCH_SUPPORTS_ACPI 1420 select LIBFDT 1421 select UCS2_STRING 1422 select EFI_PARAMS_FROM_FDT 1423 select EFI_RUNTIME_WRAPPERS 1424 select EFI_STUB 1425 select EFI_ARMSTUB 1426 default y 1427 help 1428 This option provides support for runtime services provided 1429 by UEFI firmware (such as non-volatile variables, realtime 1430 clock, and platform reset). A UEFI stub is also provided to 1431 allow the kernel to be booted as an EFI application. This 1432 is only useful on systems that have UEFI firmware. 1433 1434config DMI 1435 bool "Enable support for SMBIOS (DMI) tables" 1436 depends on EFI 1437 default y 1438 help 1439 This enables SMBIOS/DMI feature for systems. 1440 1441 This option is only useful on systems that have UEFI firmware. 1442 However, even with this option, the resultant kernel should 1443 continue to boot on existing non-UEFI platforms. 1444 1445endmenu 1446 1447config COMPAT 1448 bool "Kernel support for 32-bit EL0" 1449 depends on ARM64_4K_PAGES || EXPERT 1450 select COMPAT_BINFMT_ELF if BINFMT_ELF 1451 select HAVE_UID16 1452 select OLD_SIGSUSPEND3 1453 select COMPAT_OLD_SIGACTION 1454 help 1455 This option enables support for a 32-bit EL0 running under a 64-bit 1456 kernel at EL1. AArch32-specific components such as system calls, 1457 the user helper functions, VFP support and the ptrace interface are 1458 handled appropriately by the kernel. 1459 1460 If you use a page size other than 4KB (i.e, 16KB or 64KB), please be aware 1461 that you will only be able to execute AArch32 binaries that were compiled 1462 with page size aligned segments. 1463 1464 If you want to execute 32-bit userspace applications, say Y. 1465 1466config SYSVIPC_COMPAT 1467 def_bool y 1468 depends on COMPAT && SYSVIPC 1469 1470menu "Power management options" 1471 1472source "kernel/power/Kconfig" 1473 1474config ARCH_HIBERNATION_POSSIBLE 1475 def_bool y 1476 depends on CPU_PM 1477 1478config ARCH_HIBERNATION_HEADER 1479 def_bool y 1480 depends on HIBERNATION 1481 1482config ARCH_SUSPEND_POSSIBLE 1483 def_bool y 1484 1485endmenu 1486 1487menu "CPU Power Management" 1488 1489source "drivers/cpuidle/Kconfig" 1490 1491source "drivers/cpufreq/Kconfig" 1492 1493endmenu 1494 1495source "drivers/firmware/Kconfig" 1496 1497source "drivers/acpi/Kconfig" 1498 1499source "arch/arm64/kvm/Kconfig" 1500 1501if CRYPTO 1502source "arch/arm64/crypto/Kconfig" 1503endif 1504