Commit | Line | Data |
---|---|---|
b2441318 | 1 | # SPDX-License-Identifier: GPL-2.0 |
fb32e03f MD |
2 | # |
3 | # General architecture dependent options | |
4 | # | |
125e5645 | 5 | |
1572497c CH |
6 | # |
7 | # Note: arch/$(SRCARCH)/Kconfig needs to be included first so that it can | |
8 | # override the default values in this file. | |
9 | # | |
10 | source "arch/$(SRCARCH)/Kconfig" | |
11 | ||
22471e13 RD |
12 | menu "General architecture-dependent options" |
13 | ||
692f66f2 HB |
14 | config CRASH_CORE |
15 | bool | |
16 | ||
2965faa5 | 17 | config KEXEC_CORE |
692f66f2 | 18 | select CRASH_CORE |
2965faa5 DY |
19 | bool |
20 | ||
175fca3b SS |
21 | config KEXEC_ELF |
22 | bool | |
23 | ||
467d2782 TJB |
24 | config HAVE_IMA_KEXEC |
25 | bool | |
26 | ||
05736e4a TG |
27 | config HOTPLUG_SMT |
28 | bool | |
29 | ||
142781e1 TG |
30 | config GENERIC_ENTRY |
31 | bool | |
32 | ||
125e5645 MD |
33 | config KPROBES |
34 | bool "Kprobes" | |
05ed160e | 35 | depends on MODULES |
125e5645 | 36 | depends on HAVE_KPROBES |
05ed160e | 37 | select KALLSYMS |
125e5645 MD |
38 | help |
39 | Kprobes allows you to trap at almost any kernel address and | |
40 | execute a callback function. register_kprobe() establishes | |
41 | a probepoint and specifies the callback. Kprobes is useful | |
42 | for kernel debugging, non-intrusive instrumentation and testing. | |
43 | If in doubt, say "N". | |
44 | ||
45f81b1c | 45 | config JUMP_LABEL |
24b54fee KK |
46 | bool "Optimize very unlikely/likely branches" |
47 | depends on HAVE_ARCH_JUMP_LABEL | |
48 | depends on CC_HAS_ASM_GOTO | |
4ab7674f | 49 | select OBJTOOL if HAVE_JUMP_LABEL_HACK |
24b54fee KK |
50 | help |
51 | This option enables a transparent branch optimization that | |
c5905afb IM |
52 | makes certain almost-always-true or almost-always-false branch |
53 | conditions even cheaper to execute within the kernel. | |
54 | ||
55 | Certain performance-sensitive kernel code, such as trace points, | |
56 | scheduler functionality, networking code and KVM have such | |
57 | branches and include support for this optimization technique. | |
58 | ||
24b54fee | 59 | If it is detected that the compiler has support for "asm goto", |
c5905afb IM |
60 | the kernel will compile such branches with just a nop |
61 | instruction. When the condition flag is toggled to true, the | |
62 | nop will be converted to a jump instruction to execute the | |
63 | conditional block of instructions. | |
64 | ||
65 | This technique lowers overhead and stress on the branch prediction | |
66 | of the processor and generally makes the kernel faster. The update | |
67 | of the condition is slower, but those are always very rare. | |
45f81b1c | 68 | |
c5905afb IM |
69 | ( On 32-bit x86, the necessary options added to the compiler |
70 | flags may increase the size of the kernel slightly. ) | |
45f81b1c | 71 | |
1987c947 PZ |
72 | config STATIC_KEYS_SELFTEST |
73 | bool "Static key selftest" | |
74 | depends on JUMP_LABEL | |
75 | help | |
76 | Boot time self-test of the branch patching code. | |
77 | ||
f03c4129 PZ |
78 | config STATIC_CALL_SELFTEST |
79 | bool "Static call selftest" | |
80 | depends on HAVE_STATIC_CALL | |
81 | help | |
82 | Boot time self-test of the call patching code. | |
83 | ||
afd66255 | 84 | config OPTPROBES |
5cc718b9 MH |
85 | def_bool y |
86 | depends on KPROBES && HAVE_OPTPROBES | |
01b1d88b | 87 | select TASKS_RCU if PREEMPTION |
afd66255 | 88 | |
e7dbfe34 MH |
89 | config KPROBES_ON_FTRACE |
90 | def_bool y | |
91 | depends on KPROBES && HAVE_KPROBES_ON_FTRACE | |
92 | depends on DYNAMIC_FTRACE_WITH_REGS | |
93 | help | |
94 | If function tracer is enabled and the arch supports full | |
95 | passing of pt_regs to function tracing, then kprobes can | |
96 | optimize on top of function tracing. | |
97 | ||
2b144498 | 98 | config UPROBES |
09294e31 | 99 | def_bool n |
e8f4aa60 | 100 | depends on ARCH_SUPPORTS_UPROBES |
2b144498 | 101 | help |
7b2d81d4 IM |
102 | Uprobes is the user-space counterpart to kprobes: they |
103 | enable instrumentation applications (such as 'perf probe') | |
104 | to establish unintrusive probes in user-space binaries and | |
105 | libraries, by executing handler functions when the probes | |
106 | are hit by user-space applications. | |
107 | ||
108 | ( These probes come in the form of single-byte breakpoints, | |
109 | managed by the kernel and kept transparent to the probed | |
110 | application. ) | |
2b144498 | 111 | |
adab66b7 SRV |
112 | config HAVE_64BIT_ALIGNED_ACCESS |
113 | def_bool 64BIT && !HAVE_EFFICIENT_UNALIGNED_ACCESS | |
114 | help | |
115 | Some architectures require 64 bit accesses to be 64 bit | |
116 | aligned, which also requires structs containing 64 bit values | |
117 | to be 64 bit aligned too. This includes some 32 bit | |
118 | architectures which can do 64 bit accesses, as well as 64 bit | |
119 | architectures without unaligned access. | |
120 | ||
121 | This symbol should be selected by an architecture if 64 bit | |
122 | accesses are required to be 64 bit aligned in this way even | |
123 | though it is not a 64 bit architecture. | |
124 | ||
ba1a297d LB |
125 | See Documentation/core-api/unaligned-memory-access.rst for |
126 | more information on the topic of unaligned memory accesses. | |
adab66b7 | 127 | |
58340a07 | 128 | config HAVE_EFFICIENT_UNALIGNED_ACCESS |
9ba16087 | 129 | bool |
58340a07 JB |
130 | help |
131 | Some architectures are unable to perform unaligned accesses | |
132 | without the use of get_unaligned/put_unaligned. Others are | |
133 | unable to perform such accesses efficiently (e.g. trap on | |
134 | unaligned access and require fixing it up in the exception | |
135 | handler.) | |
136 | ||
137 | This symbol should be selected by an architecture if it can | |
138 | perform unaligned accesses efficiently to allow different | |
139 | code paths to be selected for these cases. Some network | |
140 | drivers, for example, could opt to not fix up alignment | |
141 | problems with received packets if doing so would not help | |
142 | much. | |
143 | ||
c9b54d6f | 144 | See Documentation/core-api/unaligned-memory-access.rst for more |
58340a07 JB |
145 | information on the topic of unaligned memory accesses. |
146 | ||
cf66bb93 | 147 | config ARCH_USE_BUILTIN_BSWAP |
24b54fee KK |
148 | bool |
149 | help | |
cf66bb93 DW |
150 | Modern versions of GCC (since 4.4) have builtin functions |
151 | for handling byte-swapping. Using these, instead of the old | |
152 | inline assembler that the architecture code provides in the | |
153 | __arch_bswapXX() macros, allows the compiler to see what's | |
154 | happening and offers more opportunity for optimisation. In | |
155 | particular, the compiler will be able to combine the byteswap | |
156 | with a nearby load or store and use load-and-swap or | |
157 | store-and-swap instructions if the architecture has them. It | |
158 | should almost *never* result in code which is worse than the | |
159 | hand-coded assembler in <asm/swab.h>. But just in case it | |
160 | does, the use of the builtins is optional. | |
161 | ||
162 | Any architecture with load-and-swap or store-and-swap | |
163 | instructions should set this. And it shouldn't hurt to set it | |
164 | on architectures that don't have such instructions. | |
165 | ||
9edddaa2 AM |
166 | config KRETPROBES |
167 | def_bool y | |
73f9b911 MH |
168 | depends on KPROBES && (HAVE_KRETPROBES || HAVE_RETHOOK) |
169 | ||
170 | config KRETPROBE_ON_RETHOOK | |
171 | def_bool y | |
172 | depends on HAVE_RETHOOK | |
173 | depends on KRETPROBES | |
174 | select RETHOOK | |
9edddaa2 | 175 | |
7c68af6e AK |
176 | config USER_RETURN_NOTIFIER |
177 | bool | |
178 | depends on HAVE_USER_RETURN_NOTIFIER | |
179 | help | |
180 | Provide a kernel-internal notification when a cpu is about to | |
181 | switch to user mode. | |
182 | ||
28b2ee20 | 183 | config HAVE_IOREMAP_PROT |
9ba16087 | 184 | bool |
28b2ee20 | 185 | |
125e5645 | 186 | config HAVE_KPROBES |
9ba16087 | 187 | bool |
9edddaa2 AM |
188 | |
189 | config HAVE_KRETPROBES | |
9ba16087 | 190 | bool |
74bc7cee | 191 | |
afd66255 MH |
192 | config HAVE_OPTPROBES |
193 | bool | |
d314d74c | 194 | |
e7dbfe34 MH |
195 | config HAVE_KPROBES_ON_FTRACE |
196 | bool | |
197 | ||
1f6d3a8f MH |
198 | config ARCH_CORRECT_STACKTRACE_ON_KRETPROBE |
199 | bool | |
200 | help | |
201 | Since kretprobes modifies return address on the stack, the | |
202 | stacktrace may see the kretprobe trampoline address instead | |
203 | of correct one. If the architecture stacktrace code and | |
204 | unwinder can adjust such entries, select this configuration. | |
205 | ||
540adea3 | 206 | config HAVE_FUNCTION_ERROR_INJECTION |
9802d865 JB |
207 | bool |
208 | ||
42a0bb3f PM |
209 | config HAVE_NMI |
210 | bool | |
211 | ||
a257cacc CL |
212 | config HAVE_FUNCTION_DESCRIPTORS |
213 | bool | |
214 | ||
4aae683f MY |
215 | config TRACE_IRQFLAGS_SUPPORT |
216 | bool | |
217 | ||
1f5a4ad9 RM |
218 | # |
219 | # An arch should select this if it provides all these things: | |
220 | # | |
221 | # task_pt_regs() in asm/processor.h or asm/ptrace.h | |
222 | # arch_has_single_step() if there is hardware single-step support | |
223 | # arch_has_block_step() if there is hardware block-step support | |
1f5a4ad9 RM |
224 | # asm/syscall.h supplying asm-generic/syscall.h interface |
225 | # linux/regset.h user_regset interfaces | |
226 | # CORE_DUMP_USE_REGSET #define'd in linux/elf.h | |
153474ba | 227 | # TIF_SYSCALL_TRACE calls ptrace_report_syscall_{entry,exit} |
03248add | 228 | # TIF_NOTIFY_RESUME calls resume_user_mode_work() |
1f5a4ad9 RM |
229 | # |
230 | config HAVE_ARCH_TRACEHOOK | |
9ba16087 | 231 | bool |
1f5a4ad9 | 232 | |
c64be2bb MS |
233 | config HAVE_DMA_CONTIGUOUS |
234 | bool | |
235 | ||
29d5e047 | 236 | config GENERIC_SMP_IDLE_THREAD |
24b54fee | 237 | bool |
29d5e047 | 238 | |
485cf5da | 239 | config GENERIC_IDLE_POLL_SETUP |
24b54fee | 240 | bool |
485cf5da | 241 | |
6974f0c4 DM |
242 | config ARCH_HAS_FORTIFY_SOURCE |
243 | bool | |
244 | help | |
245 | An architecture should select this when it can successfully | |
246 | build and run with CONFIG_FORTIFY_SOURCE. | |
247 | ||
d8ae8a37 CH |
248 | # |
249 | # Select if the arch provides a historic keepinit alias for the retain_initrd | |
250 | # command line option | |
251 | # | |
252 | config ARCH_HAS_KEEPINITRD | |
253 | bool | |
254 | ||
d2852a22 DB |
255 | # Select if arch has all set_memory_ro/rw/x/nx() functions in asm/cacheflush.h |
256 | config ARCH_HAS_SET_MEMORY | |
257 | bool | |
258 | ||
d253ca0c RE |
259 | # Select if arch has all set_direct_map_invalid/default() functions |
260 | config ARCH_HAS_SET_DIRECT_MAP | |
261 | bool | |
262 | ||
c30700db | 263 | # |
fa7e2247 | 264 | # Select if the architecture provides the arch_dma_set_uncached symbol to |
a86ecfa6 | 265 | # either provide an uncached segment alias for a DMA allocation, or |
fa7e2247 | 266 | # to remap the page tables in place. |
c30700db | 267 | # |
fa7e2247 | 268 | config ARCH_HAS_DMA_SET_UNCACHED |
c30700db CH |
269 | bool |
270 | ||
999a5d12 CH |
271 | # |
272 | # Select if the architectures provides the arch_dma_clear_uncached symbol | |
273 | # to undo an in-place page table remap for uncached access. | |
274 | # | |
275 | config ARCH_HAS_DMA_CLEAR_UNCACHED | |
c30700db CH |
276 | bool |
277 | ||
0500871f DH |
278 | # Select if arch init_task must go in the __init_task_data section |
279 | config ARCH_TASK_STRUCT_ON_STACK | |
24b54fee | 280 | bool |
a4a2eb49 | 281 | |
f5e10287 TG |
282 | # Select if arch has its private alloc_task_struct() function |
283 | config ARCH_TASK_STRUCT_ALLOCATOR | |
284 | bool | |
285 | ||
5905429a KC |
286 | config HAVE_ARCH_THREAD_STRUCT_WHITELIST |
287 | bool | |
288 | depends on !ARCH_TASK_STRUCT_ALLOCATOR | |
289 | help | |
290 | An architecture should select this to provide hardened usercopy | |
291 | knowledge about what region of the thread_struct should be | |
292 | whitelisted for copying to userspace. Normally this is only the | |
293 | FPU registers. Specifically, arch_thread_struct_whitelist() | |
294 | should be implemented. Without this, the entire thread_struct | |
295 | field in task_struct will be left whitelisted. | |
296 | ||
b235beea LT |
297 | # Select if arch has its private alloc_thread_stack() function |
298 | config ARCH_THREAD_STACK_ALLOCATOR | |
f5e10287 TG |
299 | bool |
300 | ||
5aaeb5c0 IM |
301 | # Select if arch wants to size task_struct dynamically via arch_task_struct_size: |
302 | config ARCH_WANTS_DYNAMIC_TASK_STRUCT | |
303 | bool | |
304 | ||
51c2ee6d ND |
305 | config ARCH_WANTS_NO_INSTR |
306 | bool | |
307 | help | |
308 | An architecture should select this if the noinstr macro is being used on | |
309 | functions to denote that the toolchain should avoid instrumenting such | |
310 | functions and is required for correctness. | |
311 | ||
942fa985 YN |
312 | config ARCH_32BIT_OFF_T |
313 | bool | |
314 | depends on !64BIT | |
315 | help | |
316 | All new 32-bit architectures should have 64-bit off_t type on | |
317 | userspace side which corresponds to the loff_t kernel type. This | |
318 | is the requirement for modern ABIs. Some existing architectures | |
319 | still support 32-bit off_t. This option is enabled for all such | |
320 | architectures explicitly. | |
321 | ||
96c0a6a7 HC |
322 | # Selected by 64 bit architectures which have a 32 bit f_tinode in struct ustat |
323 | config ARCH_32BIT_USTAT_F_TINODE | |
324 | bool | |
325 | ||
2ff2b7ec MY |
326 | config HAVE_ASM_MODVERSIONS |
327 | bool | |
328 | help | |
a86ecfa6 | 329 | This symbol should be selected by an architecture if it provides |
2ff2b7ec MY |
330 | <asm/asm-prototypes.h> to support the module versioning for symbols |
331 | exported from assembly code. | |
332 | ||
f850c30c HC |
333 | config HAVE_REGS_AND_STACK_ACCESS_API |
334 | bool | |
e01292b1 | 335 | help |
a86ecfa6 | 336 | This symbol should be selected by an architecture if it supports |
e01292b1 HC |
337 | the API needed to access registers and stack entries from pt_regs, |
338 | declared in asm/ptrace.h | |
339 | For example the kprobes-based event tracer needs this API. | |
f850c30c | 340 | |
d7822b1e MD |
341 | config HAVE_RSEQ |
342 | bool | |
343 | depends on HAVE_REGS_AND_STACK_ACCESS_API | |
344 | help | |
345 | This symbol should be selected by an architecture if it | |
346 | supports an implementation of restartable sequences. | |
347 | ||
3c88ee19 MH |
348 | config HAVE_FUNCTION_ARG_ACCESS_API |
349 | bool | |
350 | help | |
a86ecfa6 | 351 | This symbol should be selected by an architecture if it supports |
3c88ee19 MH |
352 | the API needed to access function arguments from pt_regs, |
353 | declared in asm/ptrace.h | |
354 | ||
62a038d3 P |
355 | config HAVE_HW_BREAKPOINT |
356 | bool | |
99e8c5a3 | 357 | depends on PERF_EVENTS |
62a038d3 | 358 | |
0102752e FW |
359 | config HAVE_MIXED_BREAKPOINTS_REGS |
360 | bool | |
361 | depends on HAVE_HW_BREAKPOINT | |
362 | help | |
363 | Depending on the arch implementation of hardware breakpoints, | |
364 | some of them have separate registers for data and instruction | |
365 | breakpoints addresses, others have mixed registers to store | |
366 | them but define the access type in a control register. | |
367 | Select this option if your arch implements breakpoints under the | |
368 | latter fashion. | |
369 | ||
7c68af6e AK |
370 | config HAVE_USER_RETURN_NOTIFIER |
371 | bool | |
a1922ed6 | 372 | |
c01d4323 FW |
373 | config HAVE_PERF_EVENTS_NMI |
374 | bool | |
23637d47 FW |
375 | help |
376 | System hardware can generate an NMI using the perf event | |
377 | subsystem. Also has support for calculating CPU cycle events | |
378 | to determine how many clock cycles in a given period. | |
c01d4323 | 379 | |
05a4a952 NP |
380 | config HAVE_HARDLOCKUP_DETECTOR_PERF |
381 | bool | |
382 | depends on HAVE_PERF_EVENTS_NMI | |
383 | help | |
384 | The arch chooses to use the generic perf-NMI-based hardlockup | |
385 | detector. Must define HAVE_PERF_EVENTS_NMI. | |
386 | ||
387 | config HAVE_NMI_WATCHDOG | |
388 | depends on HAVE_NMI | |
389 | bool | |
390 | help | |
391 | The arch provides a low level NMI watchdog. It provides | |
392 | asm/nmi.h, and defines its own arch_touch_nmi_watchdog(). | |
393 | ||
394 | config HAVE_HARDLOCKUP_DETECTOR_ARCH | |
395 | bool | |
396 | select HAVE_NMI_WATCHDOG | |
397 | help | |
398 | The arch chooses to provide its own hardlockup detector, which is | |
399 | a superset of the HAVE_NMI_WATCHDOG. It also conforms to config | |
400 | interfaces and parameters provided by hardlockup detector subsystem. | |
401 | ||
c5e63197 JO |
402 | config HAVE_PERF_REGS |
403 | bool | |
404 | help | |
405 | Support selective register dumps for perf events. This includes | |
406 | bit-mapping of each registers and a unique architecture id. | |
407 | ||
c5ebcedb JO |
408 | config HAVE_PERF_USER_STACK_DUMP |
409 | bool | |
410 | help | |
411 | Support user stack dumps for perf event samples. This needs | |
412 | access to the user stack pointer which is not unified across | |
413 | architectures. | |
414 | ||
bf5438fc JB |
415 | config HAVE_ARCH_JUMP_LABEL |
416 | bool | |
417 | ||
50ff18ab AB |
418 | config HAVE_ARCH_JUMP_LABEL_RELATIVE |
419 | bool | |
420 | ||
0d6e24d4 PZ |
421 | config MMU_GATHER_TABLE_FREE |
422 | bool | |
423 | ||
ff2e6d72 | 424 | config MMU_GATHER_RCU_TABLE_FREE |
26723911 | 425 | bool |
0d6e24d4 | 426 | select MMU_GATHER_TABLE_FREE |
26723911 | 427 | |
3af4bd03 | 428 | config MMU_GATHER_PAGE_SIZE |
ed6a7935 PZ |
429 | bool |
430 | ||
27796d03 PZ |
431 | config MMU_GATHER_NO_RANGE |
432 | bool | |
433 | ||
580a586c | 434 | config MMU_GATHER_NO_GATHER |
952a31c9 | 435 | bool |
0d6e24d4 | 436 | depends on MMU_GATHER_TABLE_FREE |
952a31c9 | 437 | |
d53c3dfb NP |
438 | config ARCH_WANT_IRQS_OFF_ACTIVATE_MM |
439 | bool | |
440 | help | |
441 | Temporary select until all architectures can be converted to have | |
442 | irqs disabled over activate_mm. Architectures that do IPI based TLB | |
443 | shootdowns should enable this. | |
444 | ||
df013ffb HY |
445 | config ARCH_HAVE_NMI_SAFE_CMPXCHG |
446 | bool | |
447 | ||
43570fd2 HC |
448 | config HAVE_ALIGNED_STRUCT_PAGE |
449 | bool | |
450 | help | |
451 | This makes sure that struct pages are double word aligned and that | |
452 | e.g. the SLUB allocator can perform double word atomic operations | |
453 | on a struct page for better performance. However selecting this | |
454 | might increase the size of a struct page by a word. | |
455 | ||
4156153c HC |
456 | config HAVE_CMPXCHG_LOCAL |
457 | bool | |
458 | ||
2565409f HC |
459 | config HAVE_CMPXCHG_DOUBLE |
460 | bool | |
461 | ||
77e58496 PM |
462 | config ARCH_WEAK_RELEASE_ACQUIRE |
463 | bool | |
464 | ||
c1d7e01d WD |
465 | config ARCH_WANT_IPC_PARSE_VERSION |
466 | bool | |
467 | ||
468 | config ARCH_WANT_COMPAT_IPC_PARSE_VERSION | |
469 | bool | |
470 | ||
48b25c43 | 471 | config ARCH_WANT_OLD_COMPAT_IPC |
c1d7e01d | 472 | select ARCH_WANT_COMPAT_IPC_PARSE_VERSION |
48b25c43 CM |
473 | bool |
474 | ||
282a181b YZ |
475 | config HAVE_ARCH_SECCOMP |
476 | bool | |
477 | help | |
478 | An arch should select this symbol to support seccomp mode 1 (the fixed | |
479 | syscall policy), and must provide an overrides for __NR_seccomp_sigreturn, | |
480 | and compat syscalls if the asm-generic/seccomp.h defaults need adjustment: | |
481 | - __NR_seccomp_read_32 | |
482 | - __NR_seccomp_write_32 | |
483 | - __NR_seccomp_exit_32 | |
484 | - __NR_seccomp_sigreturn_32 | |
485 | ||
e2cfabdf WD |
486 | config HAVE_ARCH_SECCOMP_FILTER |
487 | bool | |
282a181b | 488 | select HAVE_ARCH_SECCOMP |
e2cfabdf | 489 | help |
fb0fadf9 | 490 | An arch should select this symbol if it provides all of these things: |
282a181b | 491 | - all the requirements for HAVE_ARCH_SECCOMP |
bb6ea430 WD |
492 | - syscall_get_arch() |
493 | - syscall_get_arguments() | |
494 | - syscall_rollback() | |
495 | - syscall_set_return_value() | |
fb0fadf9 WD |
496 | - SIGSYS siginfo_t support |
497 | - secure_computing is called from a ptrace_event()-safe context | |
498 | - secure_computing return value is checked and a return value of -1 | |
499 | results in the system call being skipped immediately. | |
48dc92b9 | 500 | - seccomp syscall wired up |
0d8315dd YZ |
501 | - if !HAVE_SPARSE_SYSCALL_NR, have SECCOMP_ARCH_NATIVE, |
502 | SECCOMP_ARCH_NATIVE_NR, SECCOMP_ARCH_NATIVE_NAME defined. If | |
503 | COMPAT is supported, have the SECCOMP_ARCH_COMPAT* defines too. | |
e2cfabdf | 504 | |
282a181b YZ |
505 | config SECCOMP |
506 | prompt "Enable seccomp to safely execute untrusted bytecode" | |
507 | def_bool y | |
508 | depends on HAVE_ARCH_SECCOMP | |
509 | help | |
510 | This kernel feature is useful for number crunching applications | |
511 | that may need to handle untrusted bytecode during their | |
512 | execution. By using pipes or other transports made available | |
513 | to the process as file descriptors supporting the read/write | |
514 | syscalls, it's possible to isolate those applications in their | |
515 | own address space using seccomp. Once seccomp is enabled via | |
516 | prctl(PR_SET_SECCOMP) or the seccomp() syscall, it cannot be | |
517 | disabled and the task is only allowed to execute a few safe | |
518 | syscalls defined by each seccomp mode. | |
519 | ||
520 | If unsure, say Y. | |
521 | ||
e2cfabdf WD |
522 | config SECCOMP_FILTER |
523 | def_bool y | |
524 | depends on HAVE_ARCH_SECCOMP_FILTER && SECCOMP && NET | |
525 | help | |
526 | Enable tasks to build secure computing environments defined | |
527 | in terms of Berkeley Packet Filter programs which implement | |
528 | task-defined system call filtering polices. | |
529 | ||
5fb94e9c | 530 | See Documentation/userspace-api/seccomp_filter.rst for details. |
e2cfabdf | 531 | |
0d8315dd YZ |
532 | config SECCOMP_CACHE_DEBUG |
533 | bool "Show seccomp filter cache status in /proc/pid/seccomp_cache" | |
534 | depends on SECCOMP_FILTER && !HAVE_SPARSE_SYSCALL_NR | |
535 | depends on PROC_FS | |
536 | help | |
537 | This enables the /proc/pid/seccomp_cache interface to monitor | |
538 | seccomp cache data. The file format is subject to change. Reading | |
539 | the file requires CAP_SYS_ADMIN. | |
540 | ||
541 | This option is for debugging only. Enabling presents the risk that | |
542 | an adversary may be able to infer the seccomp filter logic. | |
543 | ||
544 | If unsure, say N. | |
545 | ||
afaef01c AP |
546 | config HAVE_ARCH_STACKLEAK |
547 | bool | |
548 | help | |
549 | An architecture should select this if it has the code which | |
550 | fills the used part of the kernel stack with the STACKLEAK_POISON | |
551 | value before returning from system calls. | |
552 | ||
d148eac0 | 553 | config HAVE_STACKPROTECTOR |
19952a92 KC |
554 | bool |
555 | help | |
556 | An arch should select this symbol if: | |
19952a92 KC |
557 | - it has implemented a stack canary (e.g. __stack_chk_guard) |
558 | ||
050e9baa | 559 | config STACKPROTECTOR |
2a61f474 | 560 | bool "Stack Protector buffer overflow detection" |
d148eac0 | 561 | depends on HAVE_STACKPROTECTOR |
2a61f474 MY |
562 | depends on $(cc-option,-fstack-protector) |
563 | default y | |
19952a92 | 564 | help |
8779657d | 565 | This option turns on the "stack-protector" GCC feature. This |
19952a92 KC |
566 | feature puts, at the beginning of functions, a canary value on |
567 | the stack just before the return address, and validates | |
568 | the value just before actually returning. Stack based buffer | |
569 | overflows (that need to overwrite this return address) now also | |
570 | overwrite the canary, which gets detected and the attack is then | |
571 | neutralized via a kernel panic. | |
572 | ||
8779657d KC |
573 | Functions will have the stack-protector canary logic added if they |
574 | have an 8-byte or larger character array on the stack. | |
575 | ||
19952a92 | 576 | This feature requires gcc version 4.2 or above, or a distribution |
8779657d KC |
577 | gcc with the feature backported ("-fstack-protector"). |
578 | ||
579 | On an x86 "defconfig" build, this feature adds canary checks to | |
580 | about 3% of all kernel functions, which increases kernel code size | |
581 | by about 0.3%. | |
582 | ||
050e9baa | 583 | config STACKPROTECTOR_STRONG |
2a61f474 | 584 | bool "Strong Stack Protector" |
050e9baa | 585 | depends on STACKPROTECTOR |
2a61f474 MY |
586 | depends on $(cc-option,-fstack-protector-strong) |
587 | default y | |
8779657d KC |
588 | help |
589 | Functions will have the stack-protector canary logic added in any | |
590 | of the following conditions: | |
591 | ||
592 | - local variable's address used as part of the right hand side of an | |
593 | assignment or function argument | |
594 | - local variable is an array (or union containing an array), | |
595 | regardless of array type or length | |
596 | - uses register local variables | |
597 | ||
598 | This feature requires gcc version 4.9 or above, or a distribution | |
599 | gcc with the feature backported ("-fstack-protector-strong"). | |
600 | ||
601 | On an x86 "defconfig" build, this feature adds canary checks to | |
602 | about 20% of all kernel functions, which increases the kernel code | |
603 | size by about 2%. | |
604 | ||
d08b9f0c ST |
605 | config ARCH_SUPPORTS_SHADOW_CALL_STACK |
606 | bool | |
607 | help | |
afcf5441 DL |
608 | An architecture should select this if it supports the compiler's |
609 | Shadow Call Stack and implements runtime support for shadow stack | |
aa7a65ae | 610 | switching. |
d08b9f0c ST |
611 | |
612 | config SHADOW_CALL_STACK | |
afcf5441 DL |
613 | bool "Shadow Call Stack" |
614 | depends on ARCH_SUPPORTS_SHADOW_CALL_STACK | |
ddc9863e | 615 | depends on DYNAMIC_FTRACE_WITH_REGS || !FUNCTION_GRAPH_TRACER |
d08b9f0c | 616 | help |
afcf5441 DL |
617 | This option enables the compiler's Shadow Call Stack, which |
618 | uses a shadow stack to protect function return addresses from | |
619 | being overwritten by an attacker. More information can be found | |
620 | in the compiler's documentation: | |
d08b9f0c | 621 | |
afcf5441 DL |
622 | - Clang: https://clang.llvm.org/docs/ShadowCallStack.html |
623 | - GCC: https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html#Instrumentation-Options | |
d08b9f0c ST |
624 | |
625 | Note that security guarantees in the kernel differ from the | |
626 | ones documented for user space. The kernel must store addresses | |
627 | of shadow stacks in memory, which means an attacker capable of | |
628 | reading and writing arbitrary memory may be able to locate them | |
629 | and hijack control flow by modifying the stacks. | |
630 | ||
dc5723b0 ST |
631 | config LTO |
632 | bool | |
633 | help | |
634 | Selected if the kernel will be built using the compiler's LTO feature. | |
635 | ||
636 | config LTO_CLANG | |
637 | bool | |
638 | select LTO | |
639 | help | |
640 | Selected if the kernel will be built using Clang's LTO feature. | |
641 | ||
642 | config ARCH_SUPPORTS_LTO_CLANG | |
643 | bool | |
644 | help | |
645 | An architecture should select this option if it supports: | |
646 | - compiling with Clang, | |
647 | - compiling inline assembly with Clang's integrated assembler, | |
648 | - and linking with LLD. | |
649 | ||
650 | config ARCH_SUPPORTS_LTO_CLANG_THIN | |
651 | bool | |
652 | help | |
653 | An architecture should select this option if it can support Clang's | |
654 | ThinLTO mode. | |
655 | ||
656 | config HAS_LTO_CLANG | |
657 | def_bool y | |
1e68a8af | 658 | depends on CC_IS_CLANG && LD_IS_LLD && AS_IS_LLVM |
dc5723b0 ST |
659 | depends on $(success,$(NM) --help | head -n 1 | grep -qi llvm) |
660 | depends on $(success,$(AR) --help | head -n 1 | grep -qi llvm) | |
661 | depends on ARCH_SUPPORTS_LTO_CLANG | |
662 | depends on !FTRACE_MCOUNT_USE_RECORDMCOUNT | |
bf3c2551 | 663 | depends on !KASAN || KASAN_HW_TAGS |
dc5723b0 | 664 | depends on !GCOV_KERNEL |
dc5723b0 ST |
665 | help |
666 | The compiler and Kconfig options support building with Clang's | |
667 | LTO. | |
668 | ||
669 | choice | |
670 | prompt "Link Time Optimization (LTO)" | |
671 | default LTO_NONE | |
672 | help | |
673 | This option enables Link Time Optimization (LTO), which allows the | |
674 | compiler to optimize binaries globally. | |
675 | ||
676 | If unsure, select LTO_NONE. Note that LTO is very resource-intensive | |
677 | so it's disabled by default. | |
678 | ||
679 | config LTO_NONE | |
680 | bool "None" | |
681 | help | |
682 | Build the kernel normally, without Link Time Optimization (LTO). | |
683 | ||
684 | config LTO_CLANG_FULL | |
685 | bool "Clang Full LTO (EXPERIMENTAL)" | |
686 | depends on HAS_LTO_CLANG | |
687 | depends on !COMPILE_TEST | |
688 | select LTO_CLANG | |
689 | help | |
690 | This option enables Clang's full Link Time Optimization (LTO), which | |
691 | allows the compiler to optimize the kernel globally. If you enable | |
692 | this option, the compiler generates LLVM bitcode instead of ELF | |
693 | object files, and the actual compilation from bitcode happens at | |
694 | the LTO link step, which may take several minutes depending on the | |
695 | kernel configuration. More information can be found from LLVM's | |
696 | documentation: | |
697 | ||
698 | https://llvm.org/docs/LinkTimeOptimization.html | |
699 | ||
700 | During link time, this option can use a large amount of RAM, and | |
701 | may take much longer than the ThinLTO option. | |
702 | ||
703 | config LTO_CLANG_THIN | |
704 | bool "Clang ThinLTO (EXPERIMENTAL)" | |
705 | depends on HAS_LTO_CLANG && ARCH_SUPPORTS_LTO_CLANG_THIN | |
706 | select LTO_CLANG | |
707 | help | |
708 | This option enables Clang's ThinLTO, which allows for parallel | |
709 | optimization and faster incremental compiles compared to the | |
710 | CONFIG_LTO_CLANG_FULL option. More information can be found | |
711 | from Clang's documentation: | |
712 | ||
713 | https://clang.llvm.org/docs/ThinLTO.html | |
714 | ||
715 | If unsure, say Y. | |
716 | endchoice | |
717 | ||
cf68fffb ST |
718 | config ARCH_SUPPORTS_CFI_CLANG |
719 | bool | |
720 | help | |
721 | An architecture should select this option if it can support Clang's | |
722 | Control-Flow Integrity (CFI) checking. | |
723 | ||
724 | config CFI_CLANG | |
725 | bool "Use Clang's Control Flow Integrity (CFI)" | |
726 | depends on LTO_CLANG && ARCH_SUPPORTS_CFI_CLANG | |
727 | # Clang >= 12: | |
728 | # - https://bugs.llvm.org/show_bug.cgi?id=46258 | |
729 | # - https://bugs.llvm.org/show_bug.cgi?id=47479 | |
730 | depends on CLANG_VERSION >= 120000 | |
731 | select KALLSYMS | |
732 | help | |
733 | This option enables Clang’s forward-edge Control Flow Integrity | |
734 | (CFI) checking, where the compiler injects a runtime check to each | |
735 | indirect function call to ensure the target is a valid function with | |
736 | the correct static type. This restricts possible call targets and | |
737 | makes it more difficult for an attacker to exploit bugs that allow | |
738 | the modification of stored function pointers. More information can be | |
739 | found from Clang's documentation: | |
740 | ||
741 | https://clang.llvm.org/docs/ControlFlowIntegrity.html | |
742 | ||
743 | config CFI_CLANG_SHADOW | |
744 | bool "Use CFI shadow to speed up cross-module checks" | |
745 | default y | |
746 | depends on CFI_CLANG && MODULES | |
747 | help | |
748 | If you select this option, the kernel builds a fast look-up table of | |
749 | CFI check functions in loaded modules to reduce performance overhead. | |
750 | ||
751 | If unsure, say Y. | |
752 | ||
753 | config CFI_PERMISSIVE | |
754 | bool "Use CFI in permissive mode" | |
755 | depends on CFI_CLANG | |
756 | help | |
757 | When selected, Control Flow Integrity (CFI) violations result in a | |
758 | warning instead of a kernel panic. This option should only be used | |
759 | for finding indirect call type mismatches during development. | |
760 | ||
761 | If unsure, say N. | |
762 | ||
0f60a8ef KC |
763 | config HAVE_ARCH_WITHIN_STACK_FRAMES |
764 | bool | |
765 | help | |
766 | An architecture should select this if it can walk the kernel stack | |
767 | frames to determine if an object is part of either the arguments | |
768 | or local variables (i.e. that it excludes saved return addresses, | |
769 | and similar) by implementing an inline arch_within_stack_frames(), | |
770 | which is used by CONFIG_HARDENED_USERCOPY. | |
771 | ||
91d1aa43 | 772 | config HAVE_CONTEXT_TRACKING |
2b1d5024 FW |
773 | bool |
774 | help | |
91d1aa43 FW |
775 | Provide kernel/user boundaries probes necessary for subsystems |
776 | that need it, such as userspace RCU extended quiescent state. | |
490f561b FW |
777 | Syscalls need to be wrapped inside user_exit()-user_enter(), either |
778 | optimized behind static key or through the slow path using TIF_NOHZ | |
779 | flag. Exceptions handlers must be wrapped as well. Irqs are already | |
780 | protected inside rcu_irq_enter/rcu_irq_exit() but preemption or signal | |
781 | handling on irq exit still need to be protected. | |
782 | ||
83c2da2e FW |
783 | config HAVE_CONTEXT_TRACKING_OFFSTACK |
784 | bool | |
785 | help | |
786 | Architecture neither relies on exception_enter()/exception_exit() | |
787 | nor on schedule_user(). Also preempt_schedule_notrace() and | |
788 | preempt_schedule_irq() can't be called in a preemptible section | |
789 | while context tracking is CONTEXT_USER. This feature reflects a sane | |
790 | entry implementation where the following requirements are met on | |
791 | critical entry code, ie: before user_exit() or after user_enter(): | |
792 | ||
793 | - Critical entry code isn't preemptible (or better yet: | |
794 | not interruptible). | |
795 | - No use of RCU read side critical sections, unless rcu_nmi_enter() | |
796 | got called. | |
797 | - No use of instrumentation, unless instrumentation_begin() got | |
798 | called. | |
799 | ||
490f561b FW |
800 | config HAVE_TIF_NOHZ |
801 | bool | |
802 | help | |
803 | Arch relies on TIF_NOHZ and syscall slow path to implement context | |
804 | tracking calls to user_enter()/user_exit(). | |
2b1d5024 | 805 | |
b952741c FW |
806 | config HAVE_VIRT_CPU_ACCOUNTING |
807 | bool | |
808 | ||
2b91ec9f FW |
809 | config HAVE_VIRT_CPU_ACCOUNTING_IDLE |
810 | bool | |
811 | help | |
812 | Architecture has its own way to account idle CPU time and therefore | |
813 | doesn't implement vtime_account_idle(). | |
814 | ||
40565b5a SG |
815 | config ARCH_HAS_SCALED_CPUTIME |
816 | bool | |
817 | ||
554b0004 KH |
818 | config HAVE_VIRT_CPU_ACCOUNTING_GEN |
819 | bool | |
820 | default y if 64BIT | |
821 | help | |
822 | With VIRT_CPU_ACCOUNTING_GEN, cputime_t becomes 64-bit. | |
823 | Before enabling this option, arch code must be audited | |
824 | to ensure there are no races in concurrent read/write of | |
825 | cputime_t. For example, reading/writing 64-bit cputime_t on | |
826 | some 32-bit arches may require multiple accesses, so proper | |
827 | locking is needed to protect against concurrent accesses. | |
828 | ||
fdf9c356 FW |
829 | config HAVE_IRQ_TIME_ACCOUNTING |
830 | bool | |
831 | help | |
832 | Archs need to ensure they use a high enough resolution clock to | |
833 | support irq time accounting and then call enable_sched_clock_irqtime(). | |
834 | ||
c49dd340 KS |
835 | config HAVE_MOVE_PUD |
836 | bool | |
837 | help | |
838 | Architectures that select this are able to move page tables at the | |
839 | PUD level. If there are only 3 page table levels, the move effectively | |
840 | happens at the PGD level. | |
841 | ||
2c91bd4a JFG |
842 | config HAVE_MOVE_PMD |
843 | bool | |
844 | help | |
845 | Archs that select this are able to move page tables at the PMD level. | |
846 | ||
15626062 GS |
847 | config HAVE_ARCH_TRANSPARENT_HUGEPAGE |
848 | bool | |
849 | ||
a00cc7d9 MW |
850 | config HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD |
851 | bool | |
852 | ||
0ddab1d2 TK |
853 | config HAVE_ARCH_HUGE_VMAP |
854 | bool | |
855 | ||
121e6f32 NP |
856 | # |
857 | # Archs that select this would be capable of PMD-sized vmaps (i.e., | |
858 | # arch_vmap_pmd_supported() returns true), and they must make no assumptions | |
859 | # that vmalloc memory is mapped with PAGE_SIZE ptes. The VM_NO_HUGE_VMAP flag | |
860 | # can be used to prohibit arch-specific allocations from using hugepages to | |
861 | # help with this (e.g., modules may require it). | |
862 | # | |
863 | config HAVE_ARCH_HUGE_VMALLOC | |
864 | depends on HAVE_ARCH_HUGE_VMAP | |
865 | bool | |
866 | ||
3876d4a3 AG |
867 | config ARCH_WANT_HUGE_PMD_SHARE |
868 | bool | |
869 | ||
0f8975ec PE |
870 | config HAVE_ARCH_SOFT_DIRTY |
871 | bool | |
872 | ||
786d35d4 DH |
873 | config HAVE_MOD_ARCH_SPECIFIC |
874 | bool | |
875 | help | |
876 | The arch uses struct mod_arch_specific to store data. Many arches | |
877 | just need a simple module loader without arch specific data - those | |
878 | should not enable this. | |
879 | ||
880 | config MODULES_USE_ELF_RELA | |
881 | bool | |
882 | help | |
883 | Modules only use ELF RELA relocations. Modules with ELF REL | |
884 | relocations will give an error. | |
885 | ||
886 | config MODULES_USE_ELF_REL | |
887 | bool | |
888 | help | |
889 | Modules only use ELF REL relocations. Modules with ELF RELA | |
890 | relocations will give an error. | |
891 | ||
cc1f0274 FW |
892 | config HAVE_IRQ_EXIT_ON_IRQ_STACK |
893 | bool | |
894 | help | |
895 | Architecture doesn't only execute the irq handler on the irq stack | |
896 | but also irq_exit(). This way we can process softirqs on this irq | |
897 | stack instead of switching to a new one when we call __do_softirq() | |
898 | in the end of an hardirq. | |
899 | This spares a stack switch and improves cache usage on softirq | |
900 | processing. | |
901 | ||
cd1a41ce TG |
902 | config HAVE_SOFTIRQ_ON_OWN_STACK |
903 | bool | |
904 | help | |
905 | Architecture provides a function to run __do_softirq() on a | |
c226bc3c | 906 | separate stack. |
cd1a41ce | 907 | |
12700c17 AB |
908 | config ALTERNATE_USER_ADDRESS_SPACE |
909 | bool | |
910 | help | |
911 | Architectures set this when the CPU uses separate address | |
912 | spaces for kernel and user space pointers. In this case, the | |
913 | access_ok() check on a __user pointer is skipped. | |
914 | ||
235a8f02 KS |
915 | config PGTABLE_LEVELS |
916 | int | |
917 | default 2 | |
918 | ||
2b68f6ca KC |
919 | config ARCH_HAS_ELF_RANDOMIZE |
920 | bool | |
921 | help | |
922 | An architecture supports choosing randomized locations for | |
923 | stack, mmap, brk, and ET_DYN. Defined functions: | |
924 | - arch_mmap_rnd() | |
204db6ed | 925 | - arch_randomize_brk() |
2b68f6ca | 926 | |
d07e2259 DC |
927 | config HAVE_ARCH_MMAP_RND_BITS |
928 | bool | |
929 | help | |
930 | An arch should select this symbol if it supports setting a variable | |
931 | number of bits for use in establishing the base address for mmap | |
932 | allocations, has MMU enabled and provides values for both: | |
933 | - ARCH_MMAP_RND_BITS_MIN | |
934 | - ARCH_MMAP_RND_BITS_MAX | |
935 | ||
5f56a5df JS |
936 | config HAVE_EXIT_THREAD |
937 | bool | |
938 | help | |
939 | An architecture implements exit_thread. | |
940 | ||
d07e2259 DC |
941 | config ARCH_MMAP_RND_BITS_MIN |
942 | int | |
943 | ||
944 | config ARCH_MMAP_RND_BITS_MAX | |
945 | int | |
946 | ||
947 | config ARCH_MMAP_RND_BITS_DEFAULT | |
948 | int | |
949 | ||
950 | config ARCH_MMAP_RND_BITS | |
951 | int "Number of bits to use for ASLR of mmap base address" if EXPERT | |
952 | range ARCH_MMAP_RND_BITS_MIN ARCH_MMAP_RND_BITS_MAX | |
953 | default ARCH_MMAP_RND_BITS_DEFAULT if ARCH_MMAP_RND_BITS_DEFAULT | |
954 | default ARCH_MMAP_RND_BITS_MIN | |
955 | depends on HAVE_ARCH_MMAP_RND_BITS | |
956 | help | |
957 | This value can be used to select the number of bits to use to | |
958 | determine the random offset to the base address of vma regions | |
959 | resulting from mmap allocations. This value will be bounded | |
960 | by the architecture's minimum and maximum supported values. | |
961 | ||
962 | This value can be changed after boot using the | |
963 | /proc/sys/vm/mmap_rnd_bits tunable | |
964 | ||
965 | config HAVE_ARCH_MMAP_RND_COMPAT_BITS | |
966 | bool | |
967 | help | |
968 | An arch should select this symbol if it supports running applications | |
969 | in compatibility mode, supports setting a variable number of bits for | |
970 | use in establishing the base address for mmap allocations, has MMU | |
971 | enabled and provides values for both: | |
972 | - ARCH_MMAP_RND_COMPAT_BITS_MIN | |
973 | - ARCH_MMAP_RND_COMPAT_BITS_MAX | |
974 | ||
975 | config ARCH_MMAP_RND_COMPAT_BITS_MIN | |
976 | int | |
977 | ||
978 | config ARCH_MMAP_RND_COMPAT_BITS_MAX | |
979 | int | |
980 | ||
981 | config ARCH_MMAP_RND_COMPAT_BITS_DEFAULT | |
982 | int | |
983 | ||
984 | config ARCH_MMAP_RND_COMPAT_BITS | |
985 | int "Number of bits to use for ASLR of mmap base address for compatible applications" if EXPERT | |
986 | range ARCH_MMAP_RND_COMPAT_BITS_MIN ARCH_MMAP_RND_COMPAT_BITS_MAX | |
987 | default ARCH_MMAP_RND_COMPAT_BITS_DEFAULT if ARCH_MMAP_RND_COMPAT_BITS_DEFAULT | |
988 | default ARCH_MMAP_RND_COMPAT_BITS_MIN | |
989 | depends on HAVE_ARCH_MMAP_RND_COMPAT_BITS | |
990 | help | |
991 | This value can be used to select the number of bits to use to | |
992 | determine the random offset to the base address of vma regions | |
993 | resulting from mmap allocations for compatible applications This | |
994 | value will be bounded by the architecture's minimum and maximum | |
995 | supported values. | |
996 | ||
997 | This value can be changed after boot using the | |
998 | /proc/sys/vm/mmap_rnd_compat_bits tunable | |
999 | ||
1b028f78 DS |
1000 | config HAVE_ARCH_COMPAT_MMAP_BASES |
1001 | bool | |
1002 | help | |
1003 | This allows 64bit applications to invoke 32-bit mmap() syscall | |
1004 | and vice-versa 32-bit applications to call 64-bit mmap(). | |
1005 | Required for applications doing different bitness syscalls. | |
1006 | ||
1f0e290c GR |
1007 | config PAGE_SIZE_LESS_THAN_64KB |
1008 | def_bool y | |
1009 | depends on !ARM64_64K_PAGES | |
1010 | depends on !IA64_PAGE_SIZE_64KB | |
1011 | depends on !PAGE_SIZE_64KB | |
1012 | depends on !PARISC_PAGE_SIZE_64KB | |
1013 | depends on !PPC_64K_PAGES | |
e4bbd20d NC |
1014 | depends on PAGE_SIZE_LESS_THAN_256KB |
1015 | ||
1016 | config PAGE_SIZE_LESS_THAN_256KB | |
1017 | def_bool y | |
1f0e290c GR |
1018 | depends on !PPC_256K_PAGES |
1019 | depends on !PAGE_SIZE_256KB | |
1020 | ||
67f3977f AG |
1021 | # This allows to use a set of generic functions to determine mmap base |
1022 | # address by giving priority to top-down scheme only if the process | |
1023 | # is not in legacy mode (compat task, unlimited stack size or | |
1024 | # sysctl_legacy_va_layout). | |
1025 | # Architecture that selects this option can provide its own version of: | |
1026 | # - STACK_RND_MASK | |
1027 | config ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT | |
1028 | bool | |
1029 | depends on MMU | |
e7142bf5 | 1030 | select ARCH_HAS_ELF_RANDOMIZE |
67f3977f | 1031 | |
03f16cd0 JP |
1032 | config HAVE_OBJTOOL |
1033 | bool | |
1034 | ||
4ab7674f JP |
1035 | config HAVE_JUMP_LABEL_HACK |
1036 | bool | |
1037 | ||
b9ab5ebb JP |
1038 | config HAVE_STACK_VALIDATION |
1039 | bool | |
1040 | help | |
03f16cd0 JP |
1041 | Architecture supports objtool compile-time frame pointer rule |
1042 | validation. | |
b9ab5ebb | 1043 | |
af085d90 JP |
1044 | config HAVE_RELIABLE_STACKTRACE |
1045 | bool | |
1046 | help | |
140d7e88 MB |
1047 | Architecture has either save_stack_trace_tsk_reliable() or |
1048 | arch_stack_walk_reliable() function which only returns a stack trace | |
1049 | if it can guarantee the trace is reliable. | |
af085d90 | 1050 | |
468a9428 GS |
1051 | config HAVE_ARCH_HASH |
1052 | bool | |
1053 | default n | |
1054 | help | |
1055 | If this is set, the architecture provides an <asm/hash.h> | |
1056 | file which provides platform-specific implementations of some | |
1057 | functions in <linux/hash.h> or fs/namei.c. | |
1058 | ||
666047fe FT |
1059 | config HAVE_ARCH_NVRAM_OPS |
1060 | bool | |
1061 | ||
3a495511 WBG |
1062 | config ISA_BUS_API |
1063 | def_bool ISA | |
1064 | ||
d2125043 AV |
1065 | # |
1066 | # ABI hall of shame | |
1067 | # | |
1068 | config CLONE_BACKWARDS | |
1069 | bool | |
1070 | help | |
1071 | Architecture has tls passed as the 4th argument of clone(2), | |
1072 | not the 5th one. | |
1073 | ||
1074 | config CLONE_BACKWARDS2 | |
1075 | bool | |
1076 | help | |
1077 | Architecture has the first two arguments of clone(2) swapped. | |
1078 | ||
dfa9771a MS |
1079 | config CLONE_BACKWARDS3 |
1080 | bool | |
1081 | help | |
1082 | Architecture has tls passed as the 3rd argument of clone(2), | |
1083 | not the 5th one. | |
1084 | ||
eaca6eae AV |
1085 | config ODD_RT_SIGACTION |
1086 | bool | |
1087 | help | |
1088 | Architecture has unusual rt_sigaction(2) arguments | |
1089 | ||
0a0e8cdf AV |
1090 | config OLD_SIGSUSPEND |
1091 | bool | |
1092 | help | |
1093 | Architecture has old sigsuspend(2) syscall, of one-argument variety | |
1094 | ||
1095 | config OLD_SIGSUSPEND3 | |
1096 | bool | |
1097 | help | |
1098 | Even weirder antique ABI - three-argument sigsuspend(2) | |
1099 | ||
495dfbf7 AV |
1100 | config OLD_SIGACTION |
1101 | bool | |
1102 | help | |
1103 | Architecture has old sigaction(2) syscall. Nope, not the same | |
1104 | as OLD_SIGSUSPEND | OLD_SIGSUSPEND3 - alpha has sigsuspend(2), | |
1105 | but fairly different variant of sigaction(2), thanks to OSF/1 | |
1106 | compatibility... | |
1107 | ||
1108 | config COMPAT_OLD_SIGACTION | |
1109 | bool | |
1110 | ||
17435e5f | 1111 | config COMPAT_32BIT_TIME |
942437c9 AB |
1112 | bool "Provide system calls for 32-bit time_t" |
1113 | default !64BIT || COMPAT | |
17435e5f DD |
1114 | help |
1115 | This enables 32 bit time_t support in addition to 64 bit time_t support. | |
1116 | This is relevant on all 32-bit architectures, and 64-bit architectures | |
1117 | as part of compat syscall handling. | |
1118 | ||
87a4c375 CH |
1119 | config ARCH_NO_PREEMPT |
1120 | bool | |
1121 | ||
cb2c7d1a MS |
1122 | config ARCH_EPHEMERAL_INODES |
1123 | def_bool n | |
1124 | help | |
1125 | An arch should select this symbol if it doesn't keep track of inode | |
1126 | instances on its own, but instead relies on something else (e.g. the | |
1127 | host kernel for an UML kernel). | |
1128 | ||
a50a3f4b TG |
1129 | config ARCH_SUPPORTS_RT |
1130 | bool | |
1131 | ||
fff7fb0b ZZ |
1132 | config CPU_NO_EFFICIENT_FFS |
1133 | def_bool n | |
1134 | ||
ba14a194 AL |
1135 | config HAVE_ARCH_VMAP_STACK |
1136 | def_bool n | |
1137 | help | |
1138 | An arch should select this symbol if it can support kernel stacks | |
1139 | in vmalloc space. This means: | |
1140 | ||
1141 | - vmalloc space must be large enough to hold many kernel stacks. | |
1142 | This may rule out many 32-bit architectures. | |
1143 | ||
1144 | - Stacks in vmalloc space need to work reliably. For example, if | |
1145 | vmap page tables are created on demand, either this mechanism | |
1146 | needs to work while the stack points to a virtual address with | |
1147 | unpopulated page tables or arch code (switch_to() and switch_mm(), | |
1148 | most likely) needs to ensure that the stack's page table entries | |
1149 | are populated before running on a possibly unpopulated stack. | |
1150 | ||
1151 | - If the stack overflows into a guard page, something reasonable | |
1152 | should happen. The definition of "reasonable" is flexible, but | |
1153 | instantly rebooting without logging anything would be unfriendly. | |
1154 | ||
1155 | config VMAP_STACK | |
1156 | default y | |
1157 | bool "Use a virtually-mapped stack" | |
eafb149e | 1158 | depends on HAVE_ARCH_VMAP_STACK |
38dd767d | 1159 | depends on !KASAN || KASAN_HW_TAGS || KASAN_VMALLOC |
a7f7f624 | 1160 | help |
ba14a194 AL |
1161 | Enable this if you want the use virtually-mapped kernel stacks |
1162 | with guard pages. This causes kernel stack overflows to be | |
1163 | caught immediately rather than causing difficult-to-diagnose | |
1164 | corruption. | |
1165 | ||
38dd767d AK |
1166 | To use this with software KASAN modes, the architecture must support |
1167 | backing virtual mappings with real shadow memory, and KASAN_VMALLOC | |
1168 | must be enabled. | |
ba14a194 | 1169 | |
39218ff4 KC |
1170 | config HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET |
1171 | def_bool n | |
1172 | help | |
1173 | An arch should select this symbol if it can support kernel stack | |
1174 | offset randomization with calls to add_random_kstack_offset() | |
1175 | during syscall entry and choose_random_kstack_offset() during | |
1176 | syscall exit. Careful removal of -fstack-protector-strong and | |
1177 | -fstack-protector should also be applied to the entry code and | |
1178 | closely examined, as the artificial stack bump looks like an array | |
1179 | to the compiler, so it will attempt to add canary checks regardless | |
1180 | of the static branch state. | |
1181 | ||
8cb37a59 ME |
1182 | config RANDOMIZE_KSTACK_OFFSET |
1183 | bool "Support for randomizing kernel stack offset on syscall entry" if EXPERT | |
1184 | default y | |
39218ff4 | 1185 | depends on HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET |
efa90c11 | 1186 | depends on INIT_STACK_NONE || !CC_IS_CLANG || CLANG_VERSION >= 140000 |
39218ff4 KC |
1187 | help |
1188 | The kernel stack offset can be randomized (after pt_regs) by | |
1189 | roughly 5 bits of entropy, frustrating memory corruption | |
1190 | attacks that depend on stack address determinism or | |
8cb37a59 ME |
1191 | cross-syscall address exposures. |
1192 | ||
1193 | The feature is controlled via the "randomize_kstack_offset=on/off" | |
1194 | kernel boot param, and if turned off has zero overhead due to its use | |
1195 | of static branches (see JUMP_LABEL). | |
1196 | ||
1197 | If unsure, say Y. | |
1198 | ||
1199 | config RANDOMIZE_KSTACK_OFFSET_DEFAULT | |
1200 | bool "Default state of kernel stack offset randomization" | |
1201 | depends on RANDOMIZE_KSTACK_OFFSET | |
1202 | help | |
1203 | Kernel stack offset randomization is controlled by kernel boot param | |
1204 | "randomize_kstack_offset=on/off", and this config chooses the default | |
1205 | boot state. | |
39218ff4 | 1206 | |
ad21fc4f LA |
1207 | config ARCH_OPTIONAL_KERNEL_RWX |
1208 | def_bool n | |
1209 | ||
1210 | config ARCH_OPTIONAL_KERNEL_RWX_DEFAULT | |
1211 | def_bool n | |
1212 | ||
1213 | config ARCH_HAS_STRICT_KERNEL_RWX | |
1214 | def_bool n | |
1215 | ||
0f5bf6d0 | 1216 | config STRICT_KERNEL_RWX |
ad21fc4f LA |
1217 | bool "Make kernel text and rodata read-only" if ARCH_OPTIONAL_KERNEL_RWX |
1218 | depends on ARCH_HAS_STRICT_KERNEL_RWX | |
1219 | default !ARCH_OPTIONAL_KERNEL_RWX || ARCH_OPTIONAL_KERNEL_RWX_DEFAULT | |
1220 | help | |
1221 | If this is set, kernel text and rodata memory will be made read-only, | |
1222 | and non-text memory will be made non-executable. This provides | |
1223 | protection against certain security exploits (e.g. executing the heap | |
1224 | or modifying text) | |
1225 | ||
1226 | These features are considered standard security practice these days. | |
1227 | You should say Y here in almost all cases. | |
1228 | ||
1229 | config ARCH_HAS_STRICT_MODULE_RWX | |
1230 | def_bool n | |
1231 | ||
0f5bf6d0 | 1232 | config STRICT_MODULE_RWX |
ad21fc4f LA |
1233 | bool "Set loadable kernel module data as NX and text as RO" if ARCH_OPTIONAL_KERNEL_RWX |
1234 | depends on ARCH_HAS_STRICT_MODULE_RWX && MODULES | |
1235 | default !ARCH_OPTIONAL_KERNEL_RWX || ARCH_OPTIONAL_KERNEL_RWX_DEFAULT | |
1236 | help | |
1237 | If this is set, module text and rodata memory will be made read-only, | |
1238 | and non-text memory will be made non-executable. This provides | |
1239 | protection against certain security exploits (e.g. writing to text) | |
1240 | ||
ea8c64ac CH |
1241 | # select if the architecture provides an asm/dma-direct.h header |
1242 | config ARCH_HAS_PHYS_TO_DMA | |
1243 | bool | |
1244 | ||
04f264d3 PB |
1245 | config HAVE_ARCH_COMPILER_H |
1246 | bool | |
1247 | help | |
1248 | An architecture can select this if it provides an | |
1249 | asm/compiler.h header that should be included after | |
1250 | linux/compiler-*.h in order to override macro definitions that those | |
1251 | headers generally provide. | |
1252 | ||
271ca788 AB |
1253 | config HAVE_ARCH_PREL32_RELOCATIONS |
1254 | bool | |
1255 | help | |
1256 | May be selected by an architecture if it supports place-relative | |
1257 | 32-bit relocations, both in the toolchain and in the module loader, | |
1258 | in which case relative references can be used in special sections | |
1259 | for PCI fixup, initcalls etc which are only half the size on 64 bit | |
1260 | architectures, and don't require runtime relocation on relocatable | |
1261 | kernels. | |
1262 | ||
ce9084ba AB |
1263 | config ARCH_USE_MEMREMAP_PROT |
1264 | bool | |
1265 | ||
fb346fd9 WL |
1266 | config LOCK_EVENT_COUNTS |
1267 | bool "Locking event counts collection" | |
1268 | depends on DEBUG_FS | |
a7f7f624 | 1269 | help |
fb346fd9 WL |
1270 | Enable light-weight counting of various locking related events |
1271 | in the system with minimal performance impact. This reduces | |
1272 | the chance of application behavior change because of timing | |
1273 | differences. The counts are reported via debugfs. | |
1274 | ||
5cf896fb PC |
1275 | # Select if the architecture has support for applying RELR relocations. |
1276 | config ARCH_HAS_RELR | |
1277 | bool | |
1278 | ||
1279 | config RELR | |
1280 | bool "Use RELR relocation packing" | |
1281 | depends on ARCH_HAS_RELR && TOOLS_SUPPORT_RELR | |
1282 | default y | |
1283 | help | |
1284 | Store the kernel's dynamic relocations in the RELR relocation packing | |
1285 | format. Requires a compatible linker (LLD supports this feature), as | |
1286 | well as compatible NM and OBJCOPY utilities (llvm-nm and llvm-objcopy | |
1287 | are compatible). | |
1288 | ||
0c9c1d56 TJB |
1289 | config ARCH_HAS_MEM_ENCRYPT |
1290 | bool | |
1291 | ||
46b49b12 TL |
1292 | config ARCH_HAS_CC_PLATFORM |
1293 | bool | |
1294 | ||
0e242208 HN |
1295 | config HAVE_SPARSE_SYSCALL_NR |
1296 | bool | |
1297 | help | |
1298 | An architecture should select this if its syscall numbering is sparse | |
1299 | to save space. For example, MIPS architecture has a syscall array with | |
1300 | entries at 4000, 5000 and 6000 locations. This option turns on syscall | |
1301 | related optimizations for a given architecture. | |
1302 | ||
d60d7de3 SS |
1303 | config ARCH_HAS_VDSO_DATA |
1304 | bool | |
1305 | ||
115284d8 JP |
1306 | config HAVE_STATIC_CALL |
1307 | bool | |
1308 | ||
9183c3f9 JP |
1309 | config HAVE_STATIC_CALL_INLINE |
1310 | bool | |
1311 | depends on HAVE_STATIC_CALL | |
03f16cd0 | 1312 | select OBJTOOL |
9183c3f9 | 1313 | |
6ef869e0 MH |
1314 | config HAVE_PREEMPT_DYNAMIC |
1315 | bool | |
99cf983c MR |
1316 | |
1317 | config HAVE_PREEMPT_DYNAMIC_CALL | |
1318 | bool | |
6ef869e0 | 1319 | depends on HAVE_STATIC_CALL |
99cf983c MR |
1320 | select HAVE_PREEMPT_DYNAMIC |
1321 | help | |
1322 | An architecture should select this if it can handle the preemption | |
1323 | model being selected at boot time using static calls. | |
1324 | ||
1325 | Where an architecture selects HAVE_STATIC_CALL_INLINE, any call to a | |
1326 | preemption function will be patched directly. | |
1327 | ||
1328 | Where an architecture does not select HAVE_STATIC_CALL_INLINE, any | |
1329 | call to a preemption function will go through a trampoline, and the | |
1330 | trampoline will be patched. | |
1331 | ||
1332 | It is strongly advised to support inline static call to avoid any | |
1333 | overhead. | |
1334 | ||
1335 | config HAVE_PREEMPT_DYNAMIC_KEY | |
1336 | bool | |
1337 | depends on HAVE_ARCH_JUMP_LABEL && CC_HAS_ASM_GOTO | |
1338 | select HAVE_PREEMPT_DYNAMIC | |
6ef869e0 | 1339 | help |
99cf983c MR |
1340 | An architecture should select this if it can handle the preemption |
1341 | model being selected at boot time using static keys. | |
1342 | ||
1343 | Each preemption function will be given an early return based on a | |
1344 | static key. This should have slightly lower overhead than non-inline | |
1345 | static calls, as this effectively inlines each trampoline into the | |
1346 | start of its callee. This may avoid redundant work, and may | |
1347 | integrate better with CFI schemes. | |
1348 | ||
1349 | This will have greater overhead than using inline static calls as | |
1350 | the call to the preemption function cannot be entirely elided. | |
6ef869e0 | 1351 | |
59612b24 NC |
1352 | config ARCH_WANT_LD_ORPHAN_WARN |
1353 | bool | |
1354 | help | |
1355 | An arch should select this symbol once all linker sections are explicitly | |
1356 | included, size-asserted, or discarded in the linker scripts. This is | |
1357 | important because we never want expected sections to be placed heuristically | |
1358 | by the linker, since the locations of such sections can change between linker | |
1359 | versions. | |
1360 | ||
4f5b0c17 MR |
1361 | config HAVE_ARCH_PFN_VALID |
1362 | bool | |
1363 | ||
5d6ad668 MR |
1364 | config ARCH_SUPPORTS_DEBUG_PAGEALLOC |
1365 | bool | |
1366 | ||
df4e817b PT |
1367 | config ARCH_SUPPORTS_PAGE_TABLE_CHECK |
1368 | bool | |
1369 | ||
2ca408d9 BG |
1370 | config ARCH_SPLIT_ARG64 |
1371 | bool | |
1372 | help | |
1373 | If a 32-bit architecture requires 64-bit arguments to be split into | |
1374 | pairs of 32-bit arguments, select this option. | |
1375 | ||
7facdc42 AV |
1376 | config ARCH_HAS_ELFCORE_COMPAT |
1377 | bool | |
1378 | ||
58e106e7 BS |
1379 | config ARCH_HAS_PARANOID_L1D_FLUSH |
1380 | bool | |
1381 | ||
1bdda24c TG |
1382 | config DYNAMIC_SIGFRAME |
1383 | bool | |
1384 | ||
50468e43 JS |
1385 | # Select, if arch has a named attribute group bound to NUMA device nodes. |
1386 | config HAVE_ARCH_NODE_DEV_GROUP | |
1387 | bool | |
1388 | ||
2521f2c2 | 1389 | source "kernel/gcov/Kconfig" |
45332b1b MY |
1390 | |
1391 | source "scripts/gcc-plugins/Kconfig" | |
fa1b5d09 | 1392 | |
22471e13 | 1393 | endmenu |