License cleanup: add SPDX GPL-2.0 license identifier to files with no license
Many source files in the tree are missing licensing information, which
makes it harder for compliance tools to determine the correct license.
By default all files without license information are under the default
license of the kernel, which is GPL version 2.
Update the files which contain no license information with the 'GPL-2.0'
SPDX license identifier. The SPDX identifier is a legally binding
shorthand, which can be used instead of the full boiler plate text.
This patch is based on work done by Thomas Gleixner and Kate Stewart and
Philippe Ombredanne.
How this work was done:
Patches were generated and checked against linux-4.14-rc6 for a subset of
the use cases:
- file had no licensing information it it.
- file was a */uapi/* one with no licensing information in it,
- file was a */uapi/* one with existing licensing information,
Further patches will be generated in subsequent months to fix up cases
where non-standard license headers were used, and references to license
had to be inferred by heuristics based on keywords.
The analysis to determine which SPDX License Identifier to be applied to
a file was done in a spreadsheet of side by side results from of the
output of two independent scanners (ScanCode & Windriver) producing SPDX
tag:value files created by Philippe Ombredanne. Philippe prepared the
base worksheet, and did an initial spot review of a few 1000 files.
The 4.13 kernel was the starting point of the analysis with 60,537 files
assessed. Kate Stewart did a file by file comparison of the scanner
results in the spreadsheet to determine which SPDX license identifier(s)
to be applied to the file. She confirmed any determination that was not
immediately clear with lawyers working with the Linux Foundation.
Criteria used to select files for SPDX license identifier tagging was:
- Files considered eligible had to be source code files.
- Make and config files were included as candidates if they contained >5
lines of source
- File already had some variant of a license header in it (even if <5
lines).
All documentation files were explicitly excluded.
The following heuristics were used to determine which SPDX license
identifiers to apply.
- when both scanners couldn't find any license traces, file was
considered to have no license information in it, and the top level
COPYING file license applied.
For non */uapi/* files that summary was:
SPDX license identifier # files
---------------------------------------------------|-------
GPL-2.0 11139
and resulted in the first patch in this series.
If that file was a */uapi/* path one, it was "GPL-2.0 WITH
Linux-syscall-note" otherwise it was "GPL-2.0". Results of that was:
SPDX license identifier # files
---------------------------------------------------|-------
GPL-2.0 WITH Linux-syscall-note 930
and resulted in the second patch in this series.
- if a file had some form of licensing information in it, and was one
of the */uapi/* ones, it was denoted with the Linux-syscall-note if
any GPL family license was found in the file or had no licensing in
it (per prior point). Results summary:
SPDX license identifier # files
---------------------------------------------------|------
GPL-2.0 WITH Linux-syscall-note 270
GPL-2.0+ WITH Linux-syscall-note 169
((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause) 21
((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) 17
LGPL-2.1+ WITH Linux-syscall-note 15
GPL-1.0+ WITH Linux-syscall-note 14
((GPL-2.0+ WITH Linux-syscall-note) OR BSD-3-Clause) 5
LGPL-2.0+ WITH Linux-syscall-note 4
LGPL-2.1 WITH Linux-syscall-note 3
((GPL-2.0 WITH Linux-syscall-note) OR MIT) 3
((GPL-2.0 WITH Linux-syscall-note) AND MIT) 1
and that resulted in the third patch in this series.
- when the two scanners agreed on the detected license(s), that became
the concluded license(s).
- when there was disagreement between the two scanners (one detected a
license but the other didn't, or they both detected different
licenses) a manual inspection of the file occurred.
- In most cases a manual inspection of the information in the file
resulted in a clear resolution of the license that should apply (and
which scanner probably needed to revisit its heuristics).
- When it was not immediately clear, the license identifier was
confirmed with lawyers working with the Linux Foundation.
- If there was any question as to the appropriate license identifier,
the file was flagged for further research and to be revisited later
in time.
In total, over 70 hours of logged manual review was done on the
spreadsheet to determine the SPDX license identifiers to apply to the
source files by Kate, Philippe, Thomas and, in some cases, confirmation
by lawyers working with the Linux Foundation.
Kate also obtained a third independent scan of the 4.13 code base from
FOSSology, and compared selected files where the other two scanners
disagreed against that SPDX file, to see if there was new insights. The
Windriver scanner is based on an older version of FOSSology in part, so
they are related.
Thomas did random spot checks in about 500 files from the spreadsheets
for the uapi headers and agreed with SPDX license identifier in the
files he inspected. For the non-uapi files Thomas did random spot checks
in about 15000 files.
In initial set of patches against 4.14-rc6, 3 files were found to have
copy/paste license identifier errors, and have been fixed to reflect the
correct identifier.
Additionally Philippe spent 10 hours this week doing a detailed manual
inspection and review of the 12,461 patched files from the initial patch
version early this week with:
- a full scancode scan run, collecting the matched texts, detected
license ids and scores
- reviewing anything where there was a license detected (about 500+
files) to ensure that the applied SPDX license was correct
- reviewing anything where there was no detection but the patch license
was not GPL-2.0 WITH Linux-syscall-note to ensure that the applied
SPDX license was correct
This produced a worksheet with 20 files needing minor correction. This
worksheet was then exported into 3 different .csv files for the
different types of files to be modified.
These .csv files were then reviewed by Greg. Thomas wrote a script to
parse the csv files and add the proper SPDX tag to the file, in the
format that the file expected. This script was further refined by Greg
based on the output to detect more types of files automatically and to
distinguish between header and source .c files (which need different
comment types.) Finally Greg ran the script using the .csv files to
generate the patches.
Reviewed-by: Kate Stewart <kstewart@linuxfoundation.org>
Reviewed-by: Philippe Ombredanne <pombredanne@nexb.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-11-01 17:07:57 +03:00
# SPDX-License-Identifier: GPL-2.0
2007-11-12 22:54:30 +03:00
# Select 32 or 64 bit
config 64BIT
kconfig: reference environment variables directly and remove 'option env='
To get access to environment variables, Kconfig needs to define a
symbol using "option env=" syntax. It is tedious to add a symbol entry
for each environment variable given that we need to define much more
such as 'CC', 'AS', 'srctree' etc. to evaluate the compiler capability
in Kconfig.
Adding '$' for symbol references is grammatically inconsistent.
Looking at the code, the symbols prefixed with 'S' are expanded by:
- conf_expand_value()
This is used to expand 'arch/$ARCH/defconfig' and 'defconfig_list'
- sym_expand_string_value()
This is used to expand strings in 'source' and 'mainmenu'
All of them are fixed values independent of user configuration. So,
they can be changed into the direct expansion instead of symbols.
This change makes the code much cleaner. The bounce symbols 'SRCARCH',
'ARCH', 'SUBARCH', 'KERNELVERSION' are gone.
sym_init() hard-coding 'UNAME_RELEASE' is also gone. 'UNAME_RELEASE'
should be replaced with an environment variable.
ARCH_DEFCONFIG is a normal symbol, so it should be simply referenced
without '$' prefix.
The new syntax is addicted by Make. The variable reference needs
parentheses, like $(FOO), but you can omit them for single-letter
variables, like $F. Yet, in Makefiles, people tend to use the
parenthetical form for consistency / clarification.
At this moment, only the environment variable is supported, but I will
extend the concept of 'variable' later on.
The variables are expanded in the lexer so we can simplify the token
handling on the parser side.
For example, the following code works.
[Example code]
config MY_TOOLCHAIN_LIST
string
default "My tools: CC=$(CC), AS=$(AS), CPP=$(CPP)"
[Result]
$ make -s alldefconfig && tail -n 1 .config
CONFIG_MY_TOOLCHAIN_LIST="My tools: CC=gcc, AS=as, CPP=gcc -E"
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
2018-05-28 12:21:40 +03:00
bool "64-bit kernel" if "$(ARCH)" = "x86"
default "$(ARCH)" != "i386"
2020-06-13 19:50:22 +03:00
help
2007-11-12 22:54:30 +03:00
Say yes to build a 64-bit kernel - formerly known as x86_64
Say no to build a 32-bit kernel - formerly known as i386
config X86_32
2012-09-10 15:41:45 +04:00
def_bool y
depends on !64BIT
2016-11-15 12:04:55 +03:00
# Options that are inherently 32-bit kernel only:
select ARCH_WANT_IPC_PARSE_VERSION
select CLKSRC_I8253
select CLONE_BACKWARDS
2019-04-14 19:00:08 +03:00
select HAVE_DEBUG_STACKOVERFLOW
2016-11-15 12:04:55 +03:00
select MODULES_USE_ELF_REL
select OLD_SIGACTION
2019-06-21 12:52:49 +03:00
select GENERIC_VDSO_32
2007-11-12 22:54:30 +03:00
config X86_64
2012-09-10 15:41:45 +04:00
def_bool y
depends on 64BIT
2016-11-15 12:11:57 +03:00
# Options that are inherently 64-bit kernel only:
2019-05-14 03:19:04 +03:00
select ARCH_HAS_GIGANTIC_PAGE
2019-11-08 15:22:27 +03:00
select ARCH_SUPPORTS_INT128 if CC_HAS_INT128
2016-11-15 12:11:57 +03:00
select ARCH_USE_CMPXCHG_LOCKREF
select HAVE_ARCH_SOFT_DIRTY
select MODULES_USE_ELF_RELA
2018-05-09 07:53:49 +03:00
select NEED_DMA_MAP_STATE
2018-04-24 10:00:54 +03:00
select SWIOTLB
2007-11-06 23:35:08 +03:00
2019-05-10 19:05:46 +03:00
config FORCE_DYNAMIC_FTRACE
def_bool y
depends on X86_32
depends on FUNCTION_TRACER
select DYNAMIC_FTRACE
help
We keep the static function tracing (!DYNAMIC_FTRACE) around
in order to test the non static function tracing in the
generic code, as other architectures still use it. But we
only need to keep it around for x86_64. No need to keep it
for x86_32. For x86_32, force DYNAMIC_FTRACE.
2016-11-15 12:11:57 +03:00
#
# Arch settings
#
# ( Note that options that are marked 'if X86_64' could in principle be
# ported to 32-bit as well. )
#
2007-11-07 01:30:30 +03:00
config X86
2008-01-30 15:31:03 +03:00
def_bool y
2016-11-15 12:26:39 +03:00
#
# Note: keep this list sorted alphabetically
#
2015-06-03 11:00:13 +03:00
select ACPI_LEGACY_TABLES_LOOKUP if ACPI
select ACPI_SYSTEM_POWER_STATES_SUPPORT if ACPI
32-bit userspace ABI: introduce ARCH_32BIT_OFF_T config option
All new 32-bit architectures should have 64-bit userspace off_t type, but
existing architectures has 32-bit ones.
To enforce the rule, new config option is added to arch/Kconfig that defaults
ARCH_32BIT_OFF_T to be disabled for new 32-bit architectures. All existing
32-bit architectures enable it explicitly.
New option affects force_o_largefile() behaviour. Namely, if userspace
off_t is 64-bits long, we have no reason to reject user to open big files.
Note that even if architectures has only 64-bit off_t in the kernel
(arc, c6x, h8300, hexagon, nios2, openrisc, and unicore32),
a libc may use 32-bit off_t, and therefore want to limit the file size
to 4GB unless specified differently in the open flags.
Signed-off-by: Yury Norov <ynorov@caviumnetworks.com>
Acked-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Yury Norov <ynorov@marvell.com>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2018-05-16 11:18:49 +03:00
select ARCH_32BIT_OFF_T if X86_32
2018-09-17 15:45:35 +03:00
select ARCH_CLOCKSOURCE_INIT
2016-11-15 12:26:39 +03:00
select ARCH_HAS_ACPI_TABLE_UPGRADE if ACPI
2017-01-11 00:35:40 +03:00
select ARCH_HAS_DEBUG_VIRTUAL
mm/debug: add tests validating architecture page table helpers
This adds tests which will validate architecture page table helpers and
other accessors in their compliance with expected generic MM semantics.
This will help various architectures in validating changes to existing
page table helpers or addition of new ones.
This test covers basic page table entry transformations including but not
limited to old, young, dirty, clean, write, write protect etc at various
level along with populating intermediate entries with next page table page
and validating them.
Test page table pages are allocated from system memory with required size
and alignments. The mapped pfns at page table levels are derived from a
real pfn representing a valid kernel text symbol. This test gets called
via late_initcall().
This test gets built and run when CONFIG_DEBUG_VM_PGTABLE is selected.
Any architecture, which is willing to subscribe this test will need to
select ARCH_HAS_DEBUG_VM_PGTABLE. For now this is limited to arc, arm64,
x86, s390 and powerpc platforms where the test is known to build and run
successfully Going forward, other architectures too can subscribe the test
after fixing any build or runtime problems with their page table helpers.
Folks interested in making sure that a given platform's page table helpers
conform to expected generic MM semantics should enable the above config
which will just trigger this test during boot. Any non conformity here
will be reported as an warning which would need to be fixed. This test
will help catch any changes to the agreed upon semantics expected from
generic MM and enable platforms to accommodate it thereafter.
[anshuman.khandual@arm.com: v17]
Link: http://lkml.kernel.org/r/1587436495-22033-3-git-send-email-anshuman.khandual@arm.com
[anshuman.khandual@arm.com: v18]
Link: http://lkml.kernel.org/r/1588564865-31160-3-git-send-email-anshuman.khandual@arm.com
Suggested-by: Catalin Marinas <catalin.marinas@arm.com>
Signed-off-by: Anshuman Khandual <anshuman.khandual@arm.com>
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Signed-off-by: Qian Cai <cai@lca.pw>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Tested-by: Gerald Schaefer <gerald.schaefer@de.ibm.com> [s390]
Tested-by: Christophe Leroy <christophe.leroy@c-s.fr> [ppc32]
Reviewed-by: Ingo Molnar <mingo@kernel.org>
Cc: Mike Rapoport <rppt@linux.ibm.com>
Cc: Vineet Gupta <vgupta@synopsys.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will@kernel.org>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Vasily Gorbik <gor@linux.ibm.com>
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Kirill A. Shutemov <kirill@shutemov.name>
Cc: Paul Walmsley <paul.walmsley@sifive.com>
Cc: Palmer Dabbelt <palmer@dabbelt.com>
Link: http://lkml.kernel.org/r/1583919272-24178-1-git-send-email-anshuman.khandual@arm.com
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2020-06-05 02:47:15 +03:00
select ARCH_HAS_DEBUG_VM_PGTABLE if !X86_PAE
2015-11-20 05:19:29 +03:00
select ARCH_HAS_DEVMEM_IS_ALLOWED
2020-05-07 23:08:42 +03:00
select ARCH_HAS_EARLY_DEBUG if KGDB
2015-06-03 11:00:13 +03:00
select ARCH_HAS_ELF_RANDOMIZE
2014-09-13 22:14:53 +04:00
select ARCH_HAS_FAST_MULTIPLIER
2018-04-21 01:20:28 +03:00
select ARCH_HAS_FILTER_PGPROT
include/linux/string.h: add the option of fortified string.h functions
This adds support for compiling with a rough equivalent to the glibc
_FORTIFY_SOURCE=1 feature, providing compile-time and runtime buffer
overflow checks for string.h functions when the compiler determines the
size of the source or destination buffer at compile-time. Unlike glibc,
it covers buffer reads in addition to writes.
GNU C __builtin_*_chk intrinsics are avoided because they would force a
much more complex implementation. They aren't designed to detect read
overflows and offer no real benefit when using an implementation based
on inline checks. Inline checks don't add up to much code size and
allow full use of the regular string intrinsics while avoiding the need
for a bunch of _chk functions and per-arch assembly to avoid wrapper
overhead.
This detects various overflows at compile-time in various drivers and
some non-x86 core kernel code. There will likely be issues caught in
regular use at runtime too.
Future improvements left out of initial implementation for simplicity,
as it's all quite optional and can be done incrementally:
* Some of the fortified string functions (strncpy, strcat), don't yet
place a limit on reads from the source based on __builtin_object_size of
the source buffer.
* Extending coverage to more string functions like strlcat.
* It should be possible to optionally use __builtin_object_size(x, 1) for
some functions (C strings) to detect intra-object overflows (like
glibc's _FORTIFY_SOURCE=2), but for now this takes the conservative
approach to avoid likely compatibility issues.
* The compile-time checks should be made available via a separate config
option which can be enabled by default (or always enabled) once enough
time has passed to get the issues it catches fixed.
Kees said:
"This is great to have. While it was out-of-tree code, it would have
blocked at least CVE-2016-3858 from being exploitable (improper size
argument to strlcpy()). I've sent a number of fixes for
out-of-bounds-reads that this detected upstream already"
[arnd@arndb.de: x86: fix fortified memcpy]
Link: http://lkml.kernel.org/r/20170627150047.660360-1-arnd@arndb.de
[keescook@chromium.org: avoid panic() in favor of BUG()]
Link: http://lkml.kernel.org/r/20170626235122.GA25261@beast
[keescook@chromium.org: move from -mm, add ARCH_HAS_FORTIFY_SOURCE, tweak Kconfig help]
Link: http://lkml.kernel.org/r/20170526095404.20439-1-danielmicay@gmail.com
Link: http://lkml.kernel.org/r/1497903987-21002-8-git-send-email-keescook@chromium.org
Signed-off-by: Daniel Micay <danielmicay@gmail.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Acked-by: Kees Cook <keescook@chromium.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Daniel Axtens <dja@axtens.net>
Cc: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Cc: Chris Metcalf <cmetcalf@ezchip.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-07-13 00:36:10 +03:00
select ARCH_HAS_FORTIFY_SOURCE
2014-12-13 03:57:44 +03:00
select ARCH_HAS_GCOV_PROFILE_ALL
2020-06-12 17:05:26 +03:00
select ARCH_HAS_KCOV if X86_64 && STACK_VALIDATION
2019-08-06 07:49:14 +03:00
select ARCH_HAS_MEM_ENCRYPT
membarrier/x86: Provide core serializing command
There are two places where core serialization is needed by membarrier:
1) When returning from the membarrier IPI,
2) After scheduler updates curr to a thread with a different mm, before
going back to user-space, since the curr->mm is used by membarrier to
check whether it needs to send an IPI to that CPU.
x86-32 uses IRET as return from interrupt, and both IRET and SYSEXIT to go
back to user-space. The IRET instruction is core serializing, but not
SYSEXIT.
x86-64 uses IRET as return from interrupt, which takes care of the IPI.
However, it can return to user-space through either SYSRETL (compat
code), SYSRETQ, or IRET. Given that SYSRET{L,Q} is not core serializing,
we rely instead on write_cr3() performed by switch_mm() to provide core
serialization after changing the current mm, and deal with the special
case of kthread -> uthread (temporarily keeping current mm into
active_mm) by adding a sync_core() in that specific case.
Use the new sync_core_before_usermode() to guarantee this.
Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Acked-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Andrea Parri <parri.andrea@gmail.com>
Cc: Andrew Hunter <ahh@google.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Avi Kivity <avi@scylladb.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Boqun Feng <boqun.feng@gmail.com>
Cc: Dave Watson <davejwatson@fb.com>
Cc: David Sehr <sehr@google.com>
Cc: Greg Hackmann <ghackmann@google.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Maged Michael <maged.michael@gmail.com>
Cc: Michael Ellerman <mpe@ellerman.id.au>
Cc: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Russell King <linux@armlinux.org.uk>
Cc: Will Deacon <will.deacon@arm.com>
Cc: linux-api@vger.kernel.org
Cc: linux-arch@vger.kernel.org
Link: http://lkml.kernel.org/r/20180129202020.8515-10-mathieu.desnoyers@efficios.com
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2018-01-29 23:20:18 +03:00
select ARCH_HAS_MEMBARRIER_SYNC_CORE
bpf: Restrict bpf_probe_read{, str}() only to archs where they work
Given the legacy bpf_probe_read{,str}() BPF helpers are broken on archs
with overlapping address ranges, we should really take the next step to
disable them from BPF use there.
To generally fix the situation, we've recently added new helper variants
bpf_probe_read_{user,kernel}() and bpf_probe_read_{user,kernel}_str().
For details on them, see 6ae08ae3dea2 ("bpf: Add probe_read_{user, kernel}
and probe_read_{user,kernel}_str helpers").
Given bpf_probe_read{,str}() have been around for ~5 years by now, there
are plenty of users at least on x86 still relying on them today, so we
cannot remove them entirely w/o breaking the BPF tracing ecosystem.
However, their use should be restricted to archs with non-overlapping
address ranges where they are working in their current form. Therefore,
move this behind a CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE and
have x86, arm64, arm select it (other archs supporting it can follow-up
on it as well).
For the remaining archs, they can workaround easily by relying on the
feature probe from bpftool which spills out defines that can be used out
of BPF C code to implement the drop-in replacement for old/new kernels
via: bpftool feature probe macro
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Reviewed-by: Masami Hiramatsu <mhiramat@kernel.org>
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Brendan Gregg <brendan.d.gregg@gmail.com>
Cc: Christoph Hellwig <hch@lst.de>
Link: https://lore.kernel.org/bpf/20200515101118.6508-2-daniel@iogearbox.net
2020-05-15 13:11:16 +03:00
select ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
2016-11-15 12:26:39 +03:00
select ARCH_HAS_PMEM_API if X86_64
2019-07-17 02:30:47 +03:00
select ARCH_HAS_PTE_DEVMAP if X86_64
2018-06-08 03:06:08 +03:00
select ARCH_HAS_PTE_SPECIAL
2017-05-29 22:22:50 +03:00
select ARCH_HAS_UACCESS_FLUSHCACHE if X86_64
2018-07-08 23:46:17 +03:00
select ARCH_HAS_UACCESS_MCSAFE if X86_64 && X86_MCE
2017-02-21 18:09:33 +03:00
select ARCH_HAS_SET_MEMORY
2019-04-26 03:11:34 +03:00
select ARCH_HAS_SET_DIRECT_MAP
2017-02-07 03:31:57 +03:00
select ARCH_HAS_STRICT_KERNEL_RWX
select ARCH_HAS_STRICT_MODULE_RWX
2018-01-29 23:20:16 +03:00
select ARCH_HAS_SYNC_CORE_BEFORE_USERMODE
2020-03-13 22:51:42 +03:00
select ARCH_HAS_SYSCALL_WRAPPER
2016-01-21 02:00:55 +03:00
select ARCH_HAS_UBSAN_SANITIZE_ALL
2020-06-04 02:03:58 +03:00
select ARCH_HAS_DEBUG_WX
2015-06-03 11:00:13 +03:00
select ARCH_HAVE_NMI_SAFE_CMPXCHG
select ARCH_MIGHT_HAVE_ACPI_PDC if ACPI
2013-10-08 06:18:07 +04:00
select ARCH_MIGHT_HAVE_PC_PARPORT
2014-01-01 23:34:16 +04:00
select ARCH_MIGHT_HAVE_PC_SERIO
2019-04-25 12:45:22 +03:00
select ARCH_STACKWALK
2018-07-24 12:48:45 +03:00
select ARCH_SUPPORTS_ACPI
2015-06-03 11:00:13 +03:00
select ARCH_SUPPORTS_ATOMIC_RMW
select ARCH_SUPPORTS_NUMA_BALANCING if X86_64
select ARCH_USE_BUILTIN_BSWAP
select ARCH_USE_QUEUED_RWLOCKS
select ARCH_USE_QUEUED_SPINLOCKS
2020-04-16 21:24:02 +03:00
select ARCH_USE_SYM_ANNOTATIONS
2017-05-28 20:00:14 +03:00
select ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH
2019-12-09 18:08:03 +03:00
select ARCH_WANT_DEFAULT_BPF_JIT if X86_64
2016-11-15 12:26:39 +03:00
select ARCH_WANTS_DYNAMIC_TASK_STRUCT
2019-06-28 01:00:11 +03:00
select ARCH_WANT_HUGE_PMD_SHARE
mm, THP, swap: delay splitting THP during swap out
Patch series "THP swap: Delay splitting THP during swapping out", v11.
This patchset is to optimize the performance of Transparent Huge Page
(THP) swap.
Recently, the performance of the storage devices improved so fast that
we cannot saturate the disk bandwidth with single logical CPU when do
page swap out even on a high-end server machine. Because the
performance of the storage device improved faster than that of single
logical CPU. And it seems that the trend will not change in the near
future. On the other hand, the THP becomes more and more popular
because of increased memory size. So it becomes necessary to optimize
THP swap performance.
The advantages of the THP swap support include:
- Batch the swap operations for the THP to reduce lock
acquiring/releasing, including allocating/freeing the swap space,
adding/deleting to/from the swap cache, and writing/reading the swap
space, etc. This will help improve the performance of the THP swap.
- The THP swap space read/write will be 2M sequential IO. It is
particularly helpful for the swap read, which are usually 4k random
IO. This will improve the performance of the THP swap too.
- It will help the memory fragmentation, especially when the THP is
heavily used by the applications. The 2M continuous pages will be
free up after THP swapping out.
- It will improve the THP utilization on the system with the swap
turned on. Because the speed for khugepaged to collapse the normal
pages into the THP is quite slow. After the THP is split during the
swapping out, it will take quite long time for the normal pages to
collapse back into the THP after being swapped in. The high THP
utilization helps the efficiency of the page based memory management
too.
There are some concerns regarding THP swap in, mainly because possible
enlarged read/write IO size (for swap in/out) may put more overhead on
the storage device. To deal with that, the THP swap in should be turned
on only when necessary. For example, it can be selected via
"always/never/madvise" logic, to be turned on globally, turned off
globally, or turned on only for VMA with MADV_HUGEPAGE, etc.
This patchset is the first step for the THP swap support. The plan is
to delay splitting THP step by step, finally avoid splitting THP during
the THP swapping out and swap out/in the THP as a whole.
As the first step, in this patchset, the splitting huge page is delayed
from almost the first step of swapping out to after allocating the swap
space for the THP and adding the THP into the swap cache. This will
reduce lock acquiring/releasing for the locks used for the swap cache
management.
With the patchset, the swap out throughput improves 15.5% (from about
3.73GB/s to about 4.31GB/s) in the vm-scalability swap-w-seq test case
with 8 processes. The test is done on a Xeon E5 v3 system. The swap
device used is a RAM simulated PMEM (persistent memory) device. To test
the sequential swapping out, the test case creates 8 processes, which
sequentially allocate and write to the anonymous pages until the RAM and
part of the swap device is used up.
This patch (of 5):
In this patch, splitting huge page is delayed from almost the first step
of swapping out to after allocating the swap space for the THP
(Transparent Huge Page) and adding the THP into the swap cache. This
will batch the corresponding operation, thus improve THP swap out
throughput.
This is the first step for the THP swap optimization. The plan is to
delay splitting the THP step by step and avoid splitting the THP
finally.
In this patch, one swap cluster is used to hold the contents of each THP
swapped out. So, the size of the swap cluster is changed to that of the
THP (Transparent Huge Page) on x86_64 architecture (512). For other
architectures which want such THP swap optimization,
ARCH_USES_THP_SWAP_CLUSTER needs to be selected in the Kconfig file for
the architecture. In effect, this will enlarge swap cluster size by 2
times on x86_64. Which may make it harder to find a free cluster when
the swap space becomes fragmented. So that, this may reduce the
continuous swap space allocation and sequential write in theory. The
performance test in 0day shows no regressions caused by this.
In the future of THP swap optimization, some information of the swapped
out THP (such as compound map count) will be recorded in the
swap_cluster_info data structure.
The mem cgroup swap accounting functions are enhanced to support charge
or uncharge a swap cluster backing a THP as a whole.
The swap cluster allocate/free functions are added to allocate/free a
swap cluster for a THP. A fair simple algorithm is used for swap
cluster allocation, that is, only the first swap device in priority list
will be tried to allocate the swap cluster. The function will fail if
the trying is not successful, and the caller will fallback to allocate a
single swap slot instead. This works good enough for normal cases. If
the difference of the number of the free swap clusters among multiple
swap devices is significant, it is possible that some THPs are split
earlier than necessary. For example, this could be caused by big size
difference among multiple swap devices.
The swap cache functions is enhanced to support add/delete THP to/from
the swap cache as a set of (HPAGE_PMD_NR) sub-pages. This may be
enhanced in the future with multi-order radix tree. But because we will
split the THP soon during swapping out, that optimization doesn't make
much sense for this first step.
The THP splitting functions are enhanced to support to split THP in swap
cache during swapping out. The page lock will be held during allocating
the swap cluster, adding the THP into the swap cache and splitting the
THP. So in the code path other than swapping out, if the THP need to be
split, the PageSwapCache(THP) will be always false.
The swap cluster is only available for SSD, so the THP swap optimization
in this patchset has no effect for HDD.
[ying.huang@intel.com: fix two issues in THP optimize patch]
Link: http://lkml.kernel.org/r/87k25ed8zo.fsf@yhuang-dev.intel.com
[hannes@cmpxchg.org: extensive cleanups and simplifications, reduce code size]
Link: http://lkml.kernel.org/r/20170515112522.32457-2-ying.huang@intel.com
Signed-off-by: "Huang, Ying" <ying.huang@intel.com>
Signed-off-by: Johannes Weiner <hannes@cmpxchg.org>
Suggested-by: Andrew Morton <akpm@linux-foundation.org> [for config option]
Acked-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> [for changes in huge_memory.c and huge_mm.h]
Cc: Andrea Arcangeli <aarcange@redhat.com>
Cc: Ebru Akagunduz <ebru.akagunduz@gmail.com>
Cc: Johannes Weiner <hannes@cmpxchg.org>
Cc: Michal Hocko <mhocko@kernel.org>
Cc: Tejun Heo <tj@kernel.org>
Cc: Hugh Dickins <hughd@google.com>
Cc: Shaohua Li <shli@kernel.org>
Cc: Minchan Kim <minchan@kernel.org>
Cc: Rik van Riel <riel@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2017-07-07 01:37:18 +03:00
select ARCH_WANTS_THP_SWAP if X86_64
2019-12-04 03:46:31 +03:00
select BUILDTIME_TABLE_SORT
2015-06-03 11:00:13 +03:00
select CLKEVT_I8253
select CLOCKSOURCE_VALIDATE_LAST_CYCLE
select CLOCKSOURCE_WATCHDOG
select DCACHE_WORD_ACCESS
EDAC changes, v2:
* New APM X-Gene SoC EDAC driver (Loc Ho)
* AMD error injection module improvements (Aravind Gopalakrishnan)
* Altera Arria 10 support (Thor Thayer)
* misc fixes and cleanups all over the place
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAABAgAGBQJViuInAAoJEBLB8Bhh3lVKHT8QAKkHIMreO8obo09haxNJlfdF
BaG7SNEDhvcgQ1B76RsjnjkUpsivvUt+mCYMP+BxcAqFrTA33UZCCOK5tEhGb1wr
matRdR6+aezqAl2e/0/Ti25bWOkDxcOeazh2TyezuyIXtaJjOq1oZC7OaYGmxPun
NlZY+/uY1eiHlewKsK04y8G8J5i4wGoKnuxBvOyELT90+a+fLfAOshAp0D4r0piB
Znv0ydsHlu+Wx57slg1DktlsyswmcGS9WfWwwTlELOLulKgN8wEAVYzUB5pJzNbz
ehq0J4wYz95juXADC4M4tEjErHVJNl6PbyMqwt0+XUUJ1NSgOj7Q6iqwxDoZX8km
oxiLVydQBtoIzF1LojFKAVZDFnrMKHKwK3RaDaUJjTI90+tVzEU8xsBlUf6+EgD2
Ss2RH8Gfuf52RdtwHh9++T1ur5rM9YNCAm31msq06mcOf0bEtmDbhZ+fVC5mjhqB
fIb3hxnk0r2BVg+ZCN/boxGS6RzUtYVcCXaBPDMeHcg9BEEds70KCFEcsX7TvJIg
5/SHI+033MylqkX2zrgDQLj7CQk3R0jaotHVbdhLupyOldcM7r5uF+VO84drNWGN
GfM2lpyE/swZWnzKuotgYIGR1XvFjtJAVAyNGIvwP+ajjTsqXzEnLSLClY5LWfYd
nSSSMpCCqsEmhoWftOix
=Id4f
-----END PGP SIGNATURE-----
Merge tag 'edac_for_4.2_2' of git://git.kernel.org/pub/scm/linux/kernel/git/bp/bp
Pull EDAC updates from Borislav Petkov:
- New APM X-Gene SoC EDAC driver (Loc Ho)
- AMD error injection module improvements (Aravind Gopalakrishnan)
- Altera Arria 10 support (Thor Thayer)
- misc fixes and cleanups all over the place
* tag 'edac_for_4.2_2' of git://git.kernel.org/pub/scm/linux/kernel/git/bp/bp: (28 commits)
EDAC: Update Documentation/edac.txt
EDAC: Fix typos in Documentation/edac.txt
EDAC, mce_amd_inj: Set MISCV on injection
EDAC, mce_amd_inj: Move bit preparations before the injection
EDAC, mce_amd_inj: Cleanup and simplify README
EDAC, altera: Do not allow suspend when EDAC is enabled
EDAC, mce_amd_inj: Make inj_type static
arm: socfpga: dts: Add Arria10 SDRAM EDAC DTS support
EDAC, altera: Add Arria10 EDAC support
EDAC, altera: Refactor for Altera CycloneV SoC
EDAC, altera: Generalize driver to use DT Memory size
EDAC, mce_amd_inj: Add README file
EDAC, mce_amd_inj: Add individual permissions field to dfs_node
EDAC, mce_amd_inj: Modify flags attribute to use string arguments
EDAC, mce_amd_inj: Read out number of MCE banks from the hardware
EDAC, mce_amd_inj: Use MCE_INJECT_GET macro for bank node too
EDAC, xgene: Fix cpuid abuse
EDAC, mpc85xx: Extend error address to 64 bit
EDAC, mpc8xxx: Adapt for FSL SoC
EDAC, edac_stub: Drop arch-specific include
...
2015-06-25 05:52:06 +03:00
select EDAC_ATOMIC_SCRUB
select EDAC_SUPPORT
2015-06-03 11:00:13 +03:00
select GENERIC_CLOCKEVENTS
select GENERIC_CLOCKEVENTS_BROADCAST if X86_64 || (X86_32 && X86_LOCAL_APIC)
select GENERIC_CLOCKEVENTS_MIN_ADJUST
select GENERIC_CMOS_UPDATE
select GENERIC_CPU_AUTOPROBE
2018-01-08 00:48:01 +03:00
select GENERIC_CPU_VULNERABILITIES
2014-04-08 02:39:49 +04:00
select GENERIC_EARLY_IOREMAP
2015-06-03 11:00:13 +03:00
select GENERIC_FIND_FIRST_BIT
select GENERIC_IOMAP
2017-06-20 02:37:46 +03:00
select GENERIC_IRQ_EFFECTIVE_AFF_MASK if SMP
2017-09-14 00:29:38 +03:00
select GENERIC_IRQ_MATRIX_ALLOCATOR if X86_LOCAL_APIC
2017-06-20 02:37:33 +03:00
select GENERIC_IRQ_MIGRATION if SMP
2015-06-03 11:00:13 +03:00
select GENERIC_IRQ_PROBE
2017-10-17 10:54:59 +03:00
select GENERIC_IRQ_RESERVATION_MODE
2015-06-03 11:00:13 +03:00
select GENERIC_IRQ_SHOW
select GENERIC_PENDING_IRQ if SMP
2020-02-04 04:36:24 +03:00
select GENERIC_PTDUMP
2015-06-03 11:00:13 +03:00
select GENERIC_SMP_IDLE_THREAD
select GENERIC_STRNCPY_FROM_USER
select GENERIC_STRNLEN_USER
select GENERIC_TIME_VSYSCALL
2019-06-21 12:52:49 +03:00
select GENERIC_GETTIMEOFDAY
2019-11-12 04:27:11 +03:00
select GENERIC_VDSO_TIME_NS
2019-07-12 06:56:49 +03:00
select GUP_GET_PTE_LOW_HIGH if X86_PAE
x86: Select HARDIRQS_SW_RESEND on x86
Modern x86 laptops are starting to use GPIO pins as interrupts more
and more, e.g. touchpads and touchscreens have almost all moved away
from PS/2 and USB to using I2C with a GPIO pin as interrupt.
Modern x86 laptops also have almost all moved to using s2idle instead
of using the system S3 ACPI power state to suspend.
The Intel and AMD pinctrl drivers do not define irq_retrigger handlers
for the irqchips they register, this is causing edge triggered interrupts
which happen while suspended using s2idle to get lost.
One specific example of this is the lid switch on some devices, lid
switches used to be handled by the embedded-controller, but now the
lid open/closed sensor is sometimes directly connected to a GPIO pin.
On most devices the ACPI code for this looks like this:
Method (_E00, ...) {
Notify (LID0, 0x80) // Status Change
}
Where _E00 is an ACPI event handler for changes on both edges of the GPIO
connected to the lid sensor, this event handler is then combined with an
_LID method which directly reads the pin. When the device is resumed by
opening the lid, the GPIO interrupt will wake the system, but because the
pinctrl irqchip doesn't have an irq_retrigger handler, the Notify will not
happen. This is not a problem in the case the _LID method directly reads
the GPIO, because the drivers/acpi/button.c code will call _LID on resume
anyways.
But some devices have an event handler for the GPIO connected to the
lid sensor which looks like this:
Method (_E00, ...) {
if (LID_GPIO == One)
LIDS = One
else
LIDS = Zero
Notify (LID0, 0x80) // Status Change
}
And the _LID method returns the cached LIDS value, since on open we
do not re-run the edge-interrupt handler when we re-enable IRQS on resume
(because of the missing irq_retrigger handler), _LID now will keep
reporting closed, as LIDS was never changed to reflect the open status,
this causes userspace to re-resume the laptop again shortly after opening
the lid.
The Intel GPIO controllers do not allow implementing irq_retrigger without
emulating it in software, at which point we are better of just using the
generic HARDIRQS_SW_RESEND mechanism rather then re-implementing software
emulation for this separately in aprox. 14 different pinctrl drivers.
Select HARDIRQS_SW_RESEND to solve the problem of edge-triggered GPIO
interrupts not being re-triggered on resume when they were triggered during
suspend (s2idle) and/or when they were the cause of the wakeup.
This requires
008f1d60fe25 ("x86/apic/vector: Force interupt handler invocation to irq context")
c16816acd086 ("genirq: Add protection against unsafe usage of generic_handle_irq()")
to protect the APIC based interrupts from being wreckaged by a software
resend.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Link: https://lkml.kernel.org/r/20200123210242.53367-1-hdegoede@redhat.com
2020-01-24 00:02:42 +03:00
select HARDIRQS_SW_RESEND
2017-08-15 10:50:13 +03:00
select HARDLOCKUP_CHECK_TIMESTAMP if X86_64
2015-06-03 11:00:13 +03:00
select HAVE_ACPI_APEI if ACPI
select HAVE_ACPI_APEI_NMI if ACPI
select HAVE_ALIGNED_STRUCT_PAGE if SLUB
select HAVE_ARCH_AUDITSYSCALL
select HAVE_ARCH_HUGE_VMAP if X86_64 || X86_PAE
select HAVE_ARCH_JUMP_LABEL
2018-09-19 09:51:41 +03:00
select HAVE_ARCH_JUMP_LABEL_RELATIVE
2017-11-16 04:36:35 +03:00
select HAVE_ARCH_KASAN if X86_64
2019-12-01 04:55:00 +03:00
select HAVE_ARCH_KASAN_VMALLOC if X86_64
2015-06-03 11:00:13 +03:00
select HAVE_ARCH_KGDB
2016-01-15 02:20:06 +03:00
select HAVE_ARCH_MMAP_RND_BITS if MMU
select HAVE_ARCH_MMAP_RND_COMPAT_BITS if MMU && COMPAT
2017-03-06 17:17:19 +03:00
select HAVE_ARCH_COMPAT_MMAP_BASES if MMU && COMPAT
arch: enable relative relocations for arm64, power and x86
Patch series "add support for relative references in special sections", v10.
This adds support for emitting special sections such as initcall arrays,
PCI fixups and tracepoints as relative references rather than absolute
references. This reduces the size by 50% on 64-bit architectures, but
more importantly, it removes the need for carrying relocation metadata for
these sections in relocatable kernels (e.g., for KASLR) that needs to be
fixed up at boot time. On arm64, this reduces the vmlinux footprint of
such a reference by 8x (8 byte absolute reference + 24 byte RELA entry vs
4 byte relative reference)
Patch #3 was sent out before as a single patch. This series supersedes
the previous submission. This version makes relative ksymtab entries
dependent on the new Kconfig symbol HAVE_ARCH_PREL32_RELOCATIONS rather
than trying to infer from kbuild test robot replies for which
architectures it should be blacklisted.
Patch #1 introduces the new Kconfig symbol HAVE_ARCH_PREL32_RELOCATIONS,
and sets it for the main architectures that are expected to benefit the
most from this feature, i.e., 64-bit architectures or ones that use
runtime relocations.
Patch #2 add support for #define'ing __DISABLE_EXPORTS to get rid of
ksymtab/kcrctab sections in decompressor and EFI stub objects when
rebuilding existing C files to run in a different context.
Patches #4 - #6 implement relative references for initcalls, PCI fixups
and tracepoints, respectively, all of which produce sections with order
~1000 entries on an arm64 defconfig kernel with tracing enabled. This
means we save about 28 KB of vmlinux space for each of these patches.
[From the v7 series blurb, which included the jump_label patches as well]:
For the arm64 kernel, all patches combined reduce the memory footprint
of vmlinux by about 1.3 MB (using a config copied from Ubuntu that has
KASLR enabled), of which ~1 MB is the size reduction of the RELA section
in .init, and the remaining 300 KB is reduction of .text/.data.
This patch (of 6):
Before updating certain subsystems to use place relative 32-bit
relocations in special sections, to save space and reduce the number of
absolute relocations that need to be processed at runtime by relocatable
kernels, introduce the Kconfig symbol and define it for some architectures
that should be able to support and benefit from it.
Link: http://lkml.kernel.org/r/20180704083651.24360-2-ard.biesheuvel@linaro.org
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Acked-by: Michael Ellerman <mpe@ellerman.id.au>
Reviewed-by: Will Deacon <will.deacon@arm.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Cc: Arnd Bergmann <arnd@arndb.de>
Cc: Kees Cook <keescook@chromium.org>
Cc: Thomas Garnier <thgarnie@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: Bjorn Helgaas <bhelgaas@google.com>
Cc: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Cc: Russell King <linux@armlinux.org.uk>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Petr Mladek <pmladek@suse.com>
Cc: James Morris <jmorris@namei.org>
Cc: Nicolas Pitre <nico@linaro.org>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>,
Cc: James Morris <james.morris@microsoft.com>
Cc: Jessica Yu <jeyu@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-08-22 07:56:00 +03:00
select HAVE_ARCH_PREL32_RELOCATIONS
2015-06-03 11:00:13 +03:00
select HAVE_ARCH_SECCOMP_FILTER
2017-08-16 23:26:03 +03:00
select HAVE_ARCH_THREAD_STRUCT_WHITELIST
2018-08-17 01:16:58 +03:00
select HAVE_ARCH_STACKLEAK
2015-06-03 11:00:13 +03:00
select HAVE_ARCH_TRACEHOOK
select HAVE_ARCH_TRANSPARENT_HUGEPAGE
2017-02-25 01:57:02 +03:00
select HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD if X86_64
2020-04-21 04:13:45 +03:00
select HAVE_ARCH_USERFAULTFD_WP if X86_64 && USERFAULTFD
2016-08-11 12:35:23 +03:00
select HAVE_ARCH_VMAP_STACK if X86_64
2016-11-15 12:26:39 +03:00
select HAVE_ARCH_WITHIN_STACK_FRAMES
2019-08-19 08:54:20 +03:00
select HAVE_ASM_MODVERSIONS
2015-06-03 11:00:13 +03:00
select HAVE_CMPXCHG_DOUBLE
select HAVE_CMPXCHG_LOCAL
select HAVE_CONTEXT_TRACKING if X86_64
2010-10-15 07:32:44 +04:00
select HAVE_C_RECORDMCOUNT
2015-06-03 11:00:13 +03:00
select HAVE_DEBUG_KMEMLEAK
select HAVE_DMA_CONTIGUOUS
2008-05-17 08:01:36 +04:00
select HAVE_DYNAMIC_FTRACE
2012-09-28 12:15:17 +04:00
select HAVE_DYNAMIC_FTRACE_WITH_REGS
2019-11-08 21:11:39 +03:00
select HAVE_DYNAMIC_FTRACE_WITH_DIRECT_CALLS
bpf, x86_32: add eBPF JIT compiler for ia32
The JIT compiler emits ia32 bit instructions. Currently, It supports eBPF
only. Classic BPF is supported because of the conversion by BPF core.
Almost all instructions from eBPF ISA supported except the following:
BPF_ALU64 | BPF_DIV | BPF_K
BPF_ALU64 | BPF_DIV | BPF_X
BPF_ALU64 | BPF_MOD | BPF_K
BPF_ALU64 | BPF_MOD | BPF_X
BPF_STX | BPF_XADD | BPF_W
BPF_STX | BPF_XADD | BPF_DW
It doesn't support BPF_JMP|BPF_CALL with BPF_PSEUDO_CALL at the moment.
IA32 has few general purpose registers, EAX|EDX|ECX|EBX|ESI|EDI. I use
EAX|EDX|ECX|EBX as temporary registers to simulate instructions in eBPF
ISA, and allocate ESI|EDI to BPF_REG_AX for constant blinding, all others
eBPF registers, R0-R10, are simulated through scratch space on stack.
The reasons behind the hardware registers allocation policy are:
1:MUL need EAX:EDX, shift operation need ECX, so they aren't fit
for general eBPF 64bit register simulation.
2:We need at least 4 registers to simulate most eBPF ISA operations
on registers operands instead of on register&memory operands.
3:We need to put BPF_REG_AX on hardware registers, or constant blinding
will degrade jit performance heavily.
Tested on PC (Intel(R) Core(TM) i5-5200U CPU).
Testing results on i5-5200U:
1) test_bpf: Summary: 349 PASSED, 0 FAILED, [319/341 JIT'ed]
2) test_progs: Summary: 83 PASSED, 0 FAILED.
3) test_lpm: OK
4) test_lru_map: OK
5) test_verifier: Summary: 828 PASSED, 0 FAILED.
Above tests are all done in following two conditions separately:
1:bpf_jit_enable=1 and bpf_jit_harden=0
2:bpf_jit_enable=1 and bpf_jit_harden=2
Below are some numbers for this jit implementation:
Note:
I run test_progs in kselftest 100 times continuously for every condition,
the numbers are in format: total/times=avg.
The numbers that test_bpf reports show almost the same relation.
a:jit_enable=0 and jit_harden=0 b:jit_enable=1 and jit_harden=0
test_pkt_access:PASS:ipv4:15622/100=156 test_pkt_access:PASS:ipv4:10674/100=106
test_pkt_access:PASS:ipv6:9130/100=91 test_pkt_access:PASS:ipv6:4855/100=48
test_xdp:PASS:ipv4:240198/100=2401 test_xdp:PASS:ipv4:138912/100=1389
test_xdp:PASS:ipv6:137326/100=1373 test_xdp:PASS:ipv6:68542/100=685
test_l4lb:PASS:ipv4:61100/100=611 test_l4lb:PASS:ipv4:37302/100=373
test_l4lb:PASS:ipv6:101000/100=1010 test_l4lb:PASS:ipv6:55030/100=550
c:jit_enable=1 and jit_harden=2
test_pkt_access:PASS:ipv4:10558/100=105
test_pkt_access:PASS:ipv6:5092/100=50
test_xdp:PASS:ipv4:131902/100=1319
test_xdp:PASS:ipv6:77932/100=779
test_l4lb:PASS:ipv4:38924/100=389
test_l4lb:PASS:ipv6:57520/100=575
The numbers show we get 30%~50% improvement.
See Documentation/networking/filter.txt for more information.
Changelog:
Changes v5-v6:
1:Add do {} while (0) to RETPOLINE_RAX_BPF_JIT for
consistence reason.
2:Clean up non-standard comments, reported by Daniel Borkmann.
3:Fix a memory leak issue, repoted by Daniel Borkmann.
Changes v4-v5:
1:Delete is_on_stack, BPF_REG_AX is the only one
on real hardware registers, so just check with
it.
2:Apply commit 1612a981b766 ("bpf, x64: fix JIT emission
for dead code"), suggested by Daniel Borkmann.
Changes v3-v4:
1:Fix changelog in commit.
I install llvm-6.0, then test_progs willn't report errors.
I submit another patch:
"bpf: fix misaligned access for BPF_PROG_TYPE_PERF_EVENT program type on x86_32 platform"
to fix another problem, after that patch, test_verifier willn't report errors too.
2:Fix clear r0[1] twice unnecessarily in *BPF_IND|BPF_ABS* simulation.
Changes v2-v3:
1:Move BPF_REG_AX to real hardware registers for performance reason.
3:Using bpf_load_pointer instead of bpf_jit32.S, suggested by Daniel Borkmann.
4:Delete partial codes in 1c2a088a6626, suggested by Daniel Borkmann.
5:Some bug fixes and comments improvement.
Changes v1-v2:
1:Fix bug in emit_ia32_neg64.
2:Fix bug in emit_ia32_arsh_r64.
3:Delete filename in top level comment, suggested by Thomas Gleixner.
4:Delete unnecessary boiler plate text, suggested by Thomas Gleixner.
5:Rewrite some words in changelog.
6:CodingSytle improvement and a little more comments.
Signed-off-by: Wang YanQing <udknight@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-05-03 09:10:43 +03:00
select HAVE_EBPF_JIT
2008-07-25 12:45:33 +04:00
select HAVE_EFFICIENT_UNALIGNED_ACCESS
2018-11-15 22:05:37 +03:00
select HAVE_EISA
2016-05-21 03:00:16 +03:00
select HAVE_EXIT_THREAD
2019-07-12 06:57:14 +03:00
select HAVE_FAST_GUP
2017-03-23 17:33:52 +03:00
select HAVE_FENTRY if X86_64 || DYNAMIC_FTRACE
2015-06-03 11:00:13 +03:00
select HAVE_FTRACE_MCOUNT_RECORD
select HAVE_FUNCTION_GRAPH_TRACER
select HAVE_FUNCTION_TRACER
2016-05-24 01:09:38 +03:00
select HAVE_GCC_PLUGINS
2015-06-03 11:00:13 +03:00
select HAVE_HW_BREAKPOINT
select HAVE_IDE
select HAVE_IOREMAP_PROT
select HAVE_IRQ_TIME_ACCOUNTING
2009-01-05 02:41:25 +03:00
select HAVE_KERNEL_BZIP2
2015-06-03 11:00:13 +03:00
select HAVE_KERNEL_GZIP
select HAVE_KERNEL_LZ4
2009-01-05 02:41:25 +03:00
select HAVE_KERNEL_LZMA
2010-01-09 01:42:45 +03:00
select HAVE_KERNEL_LZO
2015-06-03 11:00:13 +03:00
select HAVE_KERNEL_XZ
2020-07-30 22:08:39 +03:00
select HAVE_KERNEL_ZSTD
2015-06-03 11:00:13 +03:00
select HAVE_KPROBES
select HAVE_KPROBES_ON_FTRACE
2018-01-12 20:55:03 +03:00
select HAVE_FUNCTION_ERROR_INJECTION
2015-06-03 11:00:13 +03:00
select HAVE_KRETPROBES
select HAVE_KVM
select HAVE_LIVEPATCH if X86_64
2010-04-11 20:55:56 +04:00
select HAVE_MIXED_BREAKPOINTS_REGS
2017-07-25 02:36:57 +03:00
select HAVE_MOD_ARCH_SPECIFIC
2019-01-04 02:28:41 +03:00
select HAVE_MOVE_PMD
2016-05-21 03:00:33 +03:00
select HAVE_NMI
2015-06-03 11:00:13 +03:00
select HAVE_OPROFILE
select HAVE_OPTPROBES
select HAVE_PCSPKR_PLATFORM
select HAVE_PERF_EVENTS
2010-05-16 00:57:48 +04:00
select HAVE_PERF_EVENTS_NMI
2017-08-19 01:15:51 +03:00
select HAVE_HARDLOCKUP_DETECTOR_PERF if PERF_EVENTS && HAVE_PERF_EVENTS_NMI
2018-11-15 22:05:32 +03:00
select HAVE_PCI
2012-08-07 17:20:36 +04:00
select HAVE_PERF_REGS
2012-08-07 17:20:40 +04:00
select HAVE_PERF_USER_STACK_DUMP
2020-02-04 04:37:02 +03:00
select MMU_GATHER_RCU_TABLE_FREE if PARAVIRT
2015-06-03 11:00:13 +03:00
select HAVE_REGS_AND_STACK_ACCESS_API
2018-05-18 09:47:13 +03:00
select HAVE_RELIABLE_STACKTRACE if X86_64 && (UNWINDER_FRAME_POINTER || UNWINDER_ORC) && STACK_VALIDATION
2018-04-25 15:20:57 +03:00
select HAVE_FUNCTION_ARG_ACCESS_API
2018-06-14 13:36:45 +03:00
select HAVE_STACKPROTECTOR if CC_HAS_SANE_STACKPROTECTOR
2016-11-15 12:26:39 +03:00
select HAVE_STACK_VALIDATION if X86_64
2018-06-02 15:43:58 +03:00
select HAVE_RSEQ
2015-06-03 11:00:13 +03:00
select HAVE_SYSCALL_TRACEPOINTS
select HAVE_UNSTABLE_SCHED_CLOCK
2009-09-19 10:40:22 +04:00
select HAVE_USER_RETURN_NOTIFIER
2019-06-21 12:52:49 +03:00
select HAVE_GENERIC_VDSO
2018-05-29 18:48:27 +03:00
select HOTPLUG_SMT if SMP
2011-02-07 04:24:08 +03:00
select IRQ_FORCED_THREADING
2018-04-05 10:44:52 +03:00
select NEED_SG_DMA_LENGTH
2018-11-15 22:05:33 +03:00
select PCI_DOMAINS if PCI
2019-01-22 02:19:58 +03:00
select PCI_LOCKLESS_CONFIG if PCI
2015-06-03 11:00:13 +03:00
select PERF_EVENTS
x86: Do full rtc synchronization with ntp
Every 11 minutes ntp attempts to update the x86 rtc with the current
system time. Currently, the x86 code only updates the rtc if the system
time is within +/-15 minutes of the current value of the rtc. This
was done originally to avoid setting the RTC if the RTC was in localtime
mode (common with Windows dualbooting). Other architectures do a full
synchronization and now that we have better infrastructure to detect
when the RTC is in localtime, there is no reason that x86 should be
software limited to a 30 minute window.
This patch changes the behavior of the kernel to do a full synchronization
(year, month, day, hour, minute, and second) of the rtc when ntp requests
a synchronization between the system time and the rtc.
I've used the RTC library functions in this patchset as they do all the
required bounds checking.
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: John Stultz <john.stultz@linaro.org>
Cc: x86@kernel.org
Cc: Matt Fleming <matt.fleming@intel.com>
Cc: David Vrabel <david.vrabel@citrix.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andi Kleen <ak@linux.intel.com>
Cc: linux-efi@vger.kernel.org
Signed-off-by: Prarit Bhargava <prarit@redhat.com>
[jstultz: Tweak commit message, fold in build fix found by fengguang
Also add select RTC_LIB to X86, per new dependency, as found by prarit]
Signed-off-by: John Stultz <john.stultz@linaro.org>
2013-02-14 21:02:54 +04:00
select RTC_LIB
2016-06-01 17:46:23 +03:00
select RTC_MC146818_LIB
2015-06-03 11:00:13 +03:00
select SPARSE_IRQ
2014-12-05 19:24:45 +03:00
select SRCU
2015-06-03 11:00:13 +03:00
select SYSCTL_EXCEPTION_TRACE
2016-09-14 00:29:25 +03:00
select THREAD_INFO_IN_TASK
2015-06-03 11:00:13 +03:00
select USER_STACKTRACE_SUPPORT
select VIRT_TO_BUS
2020-04-13 10:44:39 +03:00
select HAVE_ARCH_KCSAN if X86_64
2015-06-03 11:00:13 +03:00
select X86_FEATURE_NAMES if PROC_FS
2019-06-06 04:22:35 +03:00
select PROC_PID_ARCH_STATUS if PROC_FS
2020-03-09 03:57:51 +03:00
imply IMA_SECURE_AND_OR_TRUSTED_BOOT if EFI
2008-02-10 10:16:28 +03:00
2009-06-06 15:58:12 +04:00
config INSTRUCTION_DECODER
2012-09-10 15:41:45 +04:00
def_bool y
depends on KPROBES || PERF_EVENTS || UPROBES
2009-06-06 15:58:12 +04:00
x86: unify arch/x86/boot/compressed/vmlinux_*.lds
Look at the:
diff -u arch/x86/boot/compressed/vmlinux_*.lds
output and realize that they're basially exactly the same except for
trivial naming differences, and the fact that the 64-bit version has a
"pgtable" thing.
So unify them.
There's some trivial cleanup there (make the output format a Kconfig thing
rather than doing #ifdef's for it, and unify both 32-bit and 64-bit BSS
end to "_ebss", where 32-bit used to use the traditional "_end"), but
other than that it's really very mindless and straigt conversion.
For example, I think we should aim to remove "startup_32" vs "startup_64",
and just call it "startup", and get rid of one more difference. I didn't
do that.
Also, notice the comment in the unified vmlinux.lds.S talks about
"head_64" and "startup_32" which is an odd and incorrect mix, but that was
actually what the old 64-bit only lds file had, so the confusion isn't
new, and now that mixing is arguably more accurate thanks to the
vmlinux.lds.S file being shared between the two cases ;)
[ Impact: cleanup, unification ]
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Acked-by: Sam Ravnborg <sam@ravnborg.org>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2009-04-26 21:12:47 +04:00
config OUTPUT_FORMAT
string
default "elf32-i386" if X86_32
default "elf64-x86-64" if X86_64
2007-11-07 01:30:30 +03:00
config LOCKDEP_SUPPORT
2008-01-30 15:31:03 +03:00
def_bool y
2007-11-07 01:30:30 +03:00
config STACKTRACE_SUPPORT
2008-01-30 15:31:03 +03:00
def_bool y
2007-11-07 01:30:30 +03:00
config MMU
2008-01-30 15:31:03 +03:00
def_bool y
2007-11-07 01:30:30 +03:00
2016-01-15 02:20:06 +03:00
config ARCH_MMAP_RND_BITS_MIN
default 28 if 64BIT
default 8
config ARCH_MMAP_RND_BITS_MAX
default 32 if 64BIT
default 16
config ARCH_MMAP_RND_COMPAT_BITS_MIN
default 8
config ARCH_MMAP_RND_COMPAT_BITS_MAX
default 16
2007-11-07 01:30:30 +03:00
config SBUS
bool
config GENERIC_ISA_DMA
2012-09-10 15:41:45 +04:00
def_bool y
depends on ISA_DMA_API
2007-11-07 01:30:30 +03:00
config GENERIC_BUG
2008-01-30 15:31:03 +03:00
def_bool y
2007-11-07 01:30:30 +03:00
depends on BUG
2008-12-16 14:40:27 +03:00
select GENERIC_BUG_RELATIVE_POINTERS if X86_64
config GENERIC_BUG_RELATIVE_POINTERS
bool
2007-11-07 01:30:30 +03:00
config ARCH_MAY_HAVE_PC_FDC
2012-09-10 15:41:45 +04:00
def_bool y
depends on ISA_DMA_API
2007-11-07 01:30:30 +03:00
2007-11-06 23:35:08 +03:00
config GENERIC_CALIBRATE_DELAY
def_bool y
2008-02-01 04:35:06 +03:00
config ARCH_HAS_CPU_RELAX
def_bool y
2008-04-28 13:12:22 +04:00
config ARCH_HAS_CACHE_LINE_SIZE
def_bool y
2018-04-21 01:20:28 +03:00
config ARCH_HAS_FILTER_PGPROT
def_bool y
2008-01-30 15:33:32 +03:00
config HAVE_SETUP_PER_CPU_AREA
2009-01-27 06:56:48 +03:00
def_bool y
2008-01-30 15:32:51 +03:00
2009-08-14 10:00:49 +04:00
config NEED_PER_CPU_EMBED_FIRST_CHUNK
def_bool y
config NEED_PER_CPU_PAGE_FIRST_CHUNK
2009-02-20 10:29:09 +03:00
def_bool y
2007-12-08 04:12:39 +03:00
config ARCH_HIBERNATION_POSSIBLE
def_bool y
2007-12-08 04:14:00 +03:00
config ARCH_SUSPEND_POSSIBLE
def_bool y
2013-04-30 11:03:42 +04:00
config ARCH_WANT_GENERAL_HUGETLB
def_bool y
2007-11-07 01:30:30 +03:00
config ZONE_DMA32
2015-02-05 18:39:34 +03:00
def_bool y if X86_64
2007-11-07 01:30:30 +03:00
config AUDIT_ARCH
2015-02-05 18:39:34 +03:00
def_bool y if X86_64
2007-11-07 01:30:30 +03:00
2009-04-01 02:23:17 +04:00
config ARCH_SUPPORTS_DEBUG_PAGEALLOC
def_bool y
2015-07-02 12:09:38 +03:00
config KASAN_SHADOW_OFFSET
hex
depends on KASAN
default 0xdffffc0000000000
2009-09-02 05:25:07 +04:00
config HAVE_INTEL_TXT
def_bool y
2012-10-02 22:16:47 +04:00
depends on INTEL_IOMMU && ACPI
2009-09-02 05:25:07 +04:00
2008-01-30 15:32:27 +03:00
config X86_32_SMP
def_bool y
depends on X86_32 && SMP
config X86_64_SMP
def_bool y
depends on X86_64 && SMP
2009-02-09 16:17:40 +03:00
config X86_32_LAZY_GS
def_bool y
2018-06-14 13:36:43 +03:00
depends on X86_32 && !STACKPROTECTOR
2009-02-09 16:17:40 +03:00
uprobes, mm, x86: Add the ability to install and remove uprobes breakpoints
Add uprobes support to the core kernel, with x86 support.
This commit adds the kernel facilities, the actual uprobes
user-space ABI and perf probe support comes in later commits.
General design:
Uprobes are maintained in an rb-tree indexed by inode and offset
(the offset here is from the start of the mapping). For a unique
(inode, offset) tuple, there can be at most one uprobe in the
rb-tree.
Since the (inode, offset) tuple identifies a unique uprobe, more
than one user may be interested in the same uprobe. This provides
the ability to connect multiple 'consumers' to the same uprobe.
Each consumer defines a handler and a filter (optional). The
'handler' is run every time the uprobe is hit, if it matches the
'filter' criteria.
The first consumer of a uprobe causes the breakpoint to be
inserted at the specified address and subsequent consumers are
appended to this list. On subsequent probes, the consumer gets
appended to the existing list of consumers. The breakpoint is
removed when the last consumer unregisters. For all other
unregisterations, the consumer is removed from the list of
consumers.
Given a inode, we get a list of the mms that have mapped the
inode. Do the actual registration if mm maps the page where a
probe needs to be inserted/removed.
We use a temporary list to walk through the vmas that map the
inode.
- The number of maps that map the inode, is not known before we
walk the rmap and keeps changing.
- extending vm_area_struct wasn't recommended, it's a
size-critical data structure.
- There can be more than one maps of the inode in the same mm.
We add callbacks to the mmap methods to keep an eye on text vmas
that are of interest to uprobes. When a vma of interest is mapped,
we insert the breakpoint at the right address.
Uprobe works by replacing the instruction at the address defined
by (inode, offset) with the arch specific breakpoint
instruction. We save a copy of the original instruction at the
uprobed address.
This is needed for:
a. executing the instruction out-of-line (xol).
b. instruction analysis for any subsequent fixups.
c. restoring the instruction back when the uprobe is unregistered.
We insert or delete a breakpoint instruction, and this
breakpoint instruction is assumed to be the smallest instruction
available on the platform. For fixed size instruction platforms
this is trivially true, for variable size instruction platforms
the breakpoint instruction is typically the smallest (often a
single byte).
Writing the instruction is done by COWing the page and changing
the instruction during the copy, this even though most platforms
allow atomic writes of the breakpoint instruction. This also
mirrors the behaviour of a ptrace() memory write to a PRIVATE
file map.
The core worker is derived from KSM's replace_page() logic.
In essence, similar to KSM:
a. allocate a new page and copy over contents of the page that
has the uprobed vaddr
b. modify the copy and insert the breakpoint at the required
address
c. switch the original page with the copy containing the
breakpoint
d. flush page tables.
replace_page() is being replicated here because of some minor
changes in the type of pages and also because Hugh Dickins had
plans to improve replace_page() for KSM specific work.
Instruction analysis on x86 is based on instruction decoder and
determines if an instruction can be probed and determines the
necessary fixups after singlestep. Instruction analysis is done
at probe insertion time so that we avoid having to repeat the
same analysis every time a probe is hit.
A lot of code here is due to the improvement/suggestions/inputs
from Peter Zijlstra.
Changelog:
(v10):
- Add code to clear REX.B prefix as suggested by Denys Vlasenko
and Masami Hiramatsu.
(v9):
- Use insn_offset_modrm as suggested by Masami Hiramatsu.
(v7):
Handle comments from Peter Zijlstra:
- Dont take reference to inode. (expect inode to uprobe_register to be sane).
- Use PTR_ERR to set the return value.
- No need to take reference to inode.
- use PTR_ERR to return error value.
- register and uprobe_unregister share code.
(v5):
- Modified del_consumer as per comments from Peter.
- Drop reference to inode before dropping reference to uprobe.
- Use i_size_read(inode) instead of inode->i_size.
- Ensure uprobe->consumers is NULL, before __uprobe_unregister() is called.
- Includes errno.h as recommended by Stephen Rothwell to fix a build issue
on sparc defconfig
- Remove restrictions while unregistering.
- Earlier code leaked inode references under some conditions while
registering/unregistering.
- Continue the vma-rmap walk even if the intermediate vma doesnt
meet the requirements.
- Validate the vma found by find_vma before inserting/removing the
breakpoint
- Call del_consumer under mutex_lock.
- Use hash locks.
- Handle mremap.
- Introduce find_least_offset_node() instead of close match logic in
find_uprobe
- Uprobes no more depends on MM_OWNER; No reference to task_structs
while inserting/removing a probe.
- Uses read_mapping_page instead of grab_cache_page so that the pages
have valid content.
- pass NULL to get_user_pages for the task parameter.
- call SetPageUptodate on the new page allocated in write_opcode.
- fix leaking a reference to the new page under certain conditions.
- Include Instruction Decoder if Uprobes gets defined.
- Remove const attributes for instruction prefix arrays.
- Uses mm_context to know if the application is 32 bit.
Signed-off-by: Srikar Dronamraju <srikar@linux.vnet.ibm.com>
Also-written-by: Jim Keniston <jkenisto@us.ibm.com>
Reviewed-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Andi Kleen <andi@firstfloor.org>
Cc: Christoph Hellwig <hch@infradead.org>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: Roland McGrath <roland@hack.frob.com>
Cc: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Cc: Arnaldo Carvalho de Melo <acme@infradead.org>
Cc: Anton Arapov <anton@redhat.com>
Cc: Ananth N Mavinakayanahalli <ananth@in.ibm.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: Denys Vlasenko <vda.linux@googlemail.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Linux-mm <linux-mm@kvack.org>
Link: http://lkml.kernel.org/r/20120209092642.GE16600@linux.vnet.ibm.com
[ Made various small edits to the commit log ]
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2012-02-09 13:26:42 +04:00
config ARCH_SUPPORTS_UPROBES
def_bool y
2014-04-19 02:19:54 +04:00
config FIX_EARLYCON_MEM
def_bool y
2018-05-18 14:30:28 +03:00
config DYNAMIC_PHYSICAL_MASK
bool
2015-04-15 01:46:14 +03:00
config PGTABLE_LEVELS
int
2017-07-17 01:59:54 +03:00
default 5 if X86_5LEVEL
2015-04-15 01:46:14 +03:00
default 4 if X86_64
default 3 if X86_PAE
default 2
stack-protector: test compiler capability in Kconfig and drop AUTO mode
Move the test for -fstack-protector(-strong) option to Kconfig.
If the compiler does not support the option, the corresponding menu
is automatically hidden. If STRONG is not supported, it will fall
back to REGULAR. If REGULAR is not supported, it will be disabled.
This means, AUTO is implicitly handled by the dependency solver of
Kconfig, hence removed.
I also turned the 'choice' into only two boolean symbols. The use of
'choice' is not a good idea here, because all of all{yes,mod,no}config
would choose the first visible value, while we want allnoconfig to
disable as many features as possible.
X86 has additional shell scripts in case the compiler supports those
options, but generates broken code. I added CC_HAS_SANE_STACKPROTECTOR
to test this. I had to add -m32 to gcc-x86_32-has-stack-protector.sh
to make it work correctly.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Acked-by: Kees Cook <keescook@chromium.org>
2018-05-28 12:22:00 +03:00
config CC_HAS_SANE_STACKPROTECTOR
bool
default $(success,$(srctree)/scripts/gcc-x86_64-has-stack-protector.sh $(CC)) if 64BIT
default $(success,$(srctree)/scripts/gcc-x86_32-has-stack-protector.sh $(CC))
help
We have to make sure stack protector is unconditionally disabled if
the compiler produces broken code.
2007-11-09 23:56:54 +03:00
menu "Processor type and features"
2012-01-16 23:57:18 +04:00
config ZONE_DMA
bool "DMA memory allocation support" if EXPERT
default y
help
DMA memory allocation support allows devices with less than 32-bit
addressing to allocate within the first 16MB of address space.
Disable if no such devices will be used.
If unsure, say Y.
2007-11-09 23:56:54 +03:00
config SMP
bool "Symmetric multi-processing support"
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
This enables support for systems with more than one CPU. If you have
2014-01-24 03:55:29 +04:00
a system with only one CPU, say N. If you have a system with more
than one CPU, say Y.
2007-11-09 23:56:54 +03:00
2014-01-24 03:55:29 +04:00
If you say N here, the kernel will run on uni- and multiprocessor
2007-11-09 23:56:54 +03:00
machines, but will use only one CPU of a multiprocessor machine. If
you say Y here, the kernel will run on many, but not all,
2014-01-24 03:55:29 +04:00
uniprocessor machines. On a uniprocessor machine, the kernel
2007-11-09 23:56:54 +03:00
will run faster if you say N here.
Note that if you say Y here and choose architecture "586" or
"Pentium" under "Processor family", the kernel will not work on 486
architectures. Similarly, multiprocessor kernels for the "PPro"
architecture may not work on all Pentium based boards.
People using multiprocessor machines who say Y here should also say
Y to "Enhanced Real Time Clock Support", below. The "Advanced Power
Management" code will be disabled if you say Y here.
2019-06-07 21:54:32 +03:00
See also <file:Documentation/x86/i386/IO-APIC.rst>,
2019-06-27 20:56:51 +03:00
<file:Documentation/admin-guide/lockup-watchdogs.rst> and the SMP-HOWTO available at
2007-11-09 23:56:54 +03:00
<http://www.tldp.org/docs.html#howto>.
If you don't know what to do here, say N.
2013-10-30 19:09:45 +04:00
config X86_FEATURE_NAMES
bool "Processor feature human-readable names" if EMBEDDED
default y
2020-06-13 19:50:22 +03:00
help
2013-10-30 19:09:45 +04:00
This option compiles in a table of x86 feature bits and corresponding
names. This is required to support /proc/cpuinfo and a few kernel
messages. You can disable this to save space, at the expense of
making those few kernel messages show numeric feature bits instead.
If in doubt, say Y.
2009-02-17 04:29:58 +03:00
config X86_X2APIC
bool "Support x2apic"
2015-05-04 18:58:01 +03:00
depends on X86_LOCAL_APIC && X86_64 && (IRQ_REMAP || HYPERVISOR_GUEST)
2020-06-13 19:50:22 +03:00
help
2009-02-17 04:29:58 +03:00
This enables x2apic support on CPUs that have this feature.
This allows 32-bit apic IDs (so it can support very large systems),
and accesses the local apic via MSRs not via mmio.
If you don't know what to do here, say N.
2008-06-19 23:13:09 +04:00
config X86_MPPARSE
2012-10-25 20:35:44 +04:00
bool "Enable MPS table" if ACPI || SFI
2008-10-30 13:38:24 +03:00
default y
2008-07-10 16:42:03 +04:00
depends on X86_LOCAL_APIC
2020-06-13 19:50:22 +03:00
help
2008-06-19 23:13:09 +04:00
For old smp systems that do not have proper acpi support. Newer systems
(esp with 64bit cpus) with acpi support, MADT and DSDT will override it
2013-01-21 21:23:09 +04:00
config GOLDFISH
2019-11-21 06:21:09 +03:00
def_bool y
depends on X86_GOLDFISH
2013-01-21 21:23:09 +04:00
x86/retpoline: Add initial retpoline support
Enable the use of -mindirect-branch=thunk-extern in newer GCC, and provide
the corresponding thunks. Provide assembler macros for invoking the thunks
in the same way that GCC does, from native and inline assembler.
This adds X86_FEATURE_RETPOLINE and sets it by default on all CPUs. In
some circumstances, IBRS microcode features may be used instead, and the
retpoline can be disabled.
On AMD CPUs if lfence is serialising, the retpoline can be dramatically
simplified to a simple "lfence; jmp *\reg". A future patch, after it has
been verified that lfence really is serialising in all circumstances, can
enable this by setting the X86_FEATURE_RETPOLINE_AMD feature bit in addition
to X86_FEATURE_RETPOLINE.
Do not align the retpoline in the altinstr section, because there is no
guarantee that it stays aligned when it's copied over the oldinstr during
alternative patching.
[ Andi Kleen: Rename the macros, add CONFIG_RETPOLINE option, export thunks]
[ tglx: Put actual function CALL/JMP in front of the macros, convert to
symbolic labels ]
[ dwmw2: Convert back to numeric labels, merge objtool fixes ]
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Arjan van de Ven <arjan@linux.intel.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Cc: gnomes@lxorguk.ukuu.org.uk
Cc: Rik van Riel <riel@redhat.com>
Cc: Andi Kleen <ak@linux.intel.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: thomas.lendacky@amd.com
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Jiri Kosina <jikos@kernel.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Kees Cook <keescook@google.com>
Cc: Tim Chen <tim.c.chen@linux.intel.com>
Cc: Greg Kroah-Hartman <gregkh@linux-foundation.org>
Cc: Paul Turner <pjt@google.com>
Link: https://lkml.kernel.org/r/1515707194-20531-4-git-send-email-dwmw@amazon.co.uk
2018-01-12 00:46:25 +03:00
config RETPOLINE
bool "Avoid speculative indirect branches in kernel"
default y
2018-02-06 11:46:13 +03:00
select STACK_VALIDATION if HAVE_STACK_VALIDATION
x86/retpoline: Add initial retpoline support
Enable the use of -mindirect-branch=thunk-extern in newer GCC, and provide
the corresponding thunks. Provide assembler macros for invoking the thunks
in the same way that GCC does, from native and inline assembler.
This adds X86_FEATURE_RETPOLINE and sets it by default on all CPUs. In
some circumstances, IBRS microcode features may be used instead, and the
retpoline can be disabled.
On AMD CPUs if lfence is serialising, the retpoline can be dramatically
simplified to a simple "lfence; jmp *\reg". A future patch, after it has
been verified that lfence really is serialising in all circumstances, can
enable this by setting the X86_FEATURE_RETPOLINE_AMD feature bit in addition
to X86_FEATURE_RETPOLINE.
Do not align the retpoline in the altinstr section, because there is no
guarantee that it stays aligned when it's copied over the oldinstr during
alternative patching.
[ Andi Kleen: Rename the macros, add CONFIG_RETPOLINE option, export thunks]
[ tglx: Put actual function CALL/JMP in front of the macros, convert to
symbolic labels ]
[ dwmw2: Convert back to numeric labels, merge objtool fixes ]
Signed-off-by: David Woodhouse <dwmw@amazon.co.uk>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Acked-by: Arjan van de Ven <arjan@linux.intel.com>
Acked-by: Ingo Molnar <mingo@kernel.org>
Cc: gnomes@lxorguk.ukuu.org.uk
Cc: Rik van Riel <riel@redhat.com>
Cc: Andi Kleen <ak@linux.intel.com>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: thomas.lendacky@amd.com
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Jiri Kosina <jikos@kernel.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Kees Cook <keescook@google.com>
Cc: Tim Chen <tim.c.chen@linux.intel.com>
Cc: Greg Kroah-Hartman <gregkh@linux-foundation.org>
Cc: Paul Turner <pjt@google.com>
Link: https://lkml.kernel.org/r/1515707194-20531-4-git-send-email-dwmw@amazon.co.uk
2018-01-12 00:46:25 +03:00
help
Compile kernel with the retpoline compiler options to guard against
kernel-to-user data leaks by avoiding speculative indirect
branches. Requires a compiler with -mindirect-branch=thunk-extern
support for full protection. The kernel may run slower.
2019-01-30 01:44:36 +03:00
config X86_CPU_RESCTRL
bool "x86 CPU resource control support"
2018-11-21 23:28:39 +03:00
depends on X86 && (CPU_SUP_INTEL || CPU_SUP_AMD)
2016-11-15 17:17:12 +03:00
select KERNFS
2020-01-15 12:28:51 +03:00
select PROC_CPU_RESCTRL if PROC_FS
2016-10-22 16:19:53 +03:00
help
2019-01-30 01:44:36 +03:00
Enable x86 CPU resource control support.
2018-11-21 23:28:39 +03:00
Provide support for the allocation and monitoring of system resources
usage by the CPU.
Intel calls this Intel Resource Director Technology
(Intel(R) RDT). More information about RDT can be found in the
Intel x86 Architecture Software Developer Manual.
AMD calls this AMD Platform Quality of Service (AMD QoS).
More information about AMD QoS can be found in the AMD64 Technology
Platform Quality of Service Extensions manual.
2016-10-22 16:19:53 +03:00
Say N if unsure.
2009-02-21 03:59:11 +03:00
if X86_32
2018-02-10 03:51:03 +03:00
config X86_BIGSMP
bool "Support for big SMP systems with more than 8 CPUs"
depends on SMP
2020-06-13 19:50:22 +03:00
help
2019-12-04 03:06:47 +03:00
This option is needed for the systems that have more than 8 CPUs.
2018-02-10 03:51:03 +03:00
2009-02-10 05:18:14 +03:00
config X86_EXTENDED_PLATFORM
bool "Support for extended (non-PC) x86 platforms"
default y
2020-06-13 19:50:22 +03:00
help
2009-01-27 20:11:43 +03:00
If you disable this option then the kernel will only support
standard PC platforms. (which covers the vast majority of
systems out there.)
2009-02-21 03:59:11 +03:00
If you enable this option then you'll be able to select support
for the following (non-PC) 32 bit x86 platforms:
2013-06-24 04:05:25 +04:00
Goldfish (Android emulator)
2009-02-21 03:59:11 +03:00
AMD Elan
RDC R-321x SoC
SGI 320/540 (Visual Workstation)
2012-04-04 21:40:21 +04:00
STA2X11-based (e.g. Northville)
2009-08-29 16:54:20 +04:00
Moorestown MID devices
2009-01-27 20:11:43 +03:00
If you have one of these systems, or if you want to build a
generic distribution kernel, say Y here - otherwise say N.
2009-02-21 03:59:11 +03:00
endif
2009-01-27 20:11:43 +03:00
2009-02-21 03:59:11 +03:00
if X86_64
config X86_EXTENDED_PLATFORM
bool "Support for extended (non-PC) x86 platforms"
default y
2020-06-13 19:50:22 +03:00
help
2009-02-21 03:59:11 +03:00
If you disable this option then the kernel will only support
standard PC platforms. (which covers the vast majority of
systems out there.)
If you enable this option then you'll be able to select support
for the following (non-PC) 64 bit x86 platforms:
2011-12-05 20:07:26 +04:00
Numascale NumaChip
2009-02-21 03:59:11 +03:00
ScaleMP vSMP
SGI Ultraviolet
If you have one of these systems, or if you want to build a
generic distribution kernel, say Y here - otherwise say N.
endif
2009-02-10 05:18:14 +03:00
# This is an alphabetically sorted list of 64 bit extended platforms
# Please maintain the alphabetic order if and when there are additions
2011-12-05 20:07:26 +04:00
config X86_NUMACHIP
bool "Numascale NumaChip"
depends on X86_64
depends on X86_EXTENDED_PLATFORM
depends on NUMA
depends on SMP
depends on X86_X2APIC
2012-12-08 01:24:32 +04:00
depends on PCI_MMCONFIG
2020-06-13 19:50:22 +03:00
help
2011-12-05 20:07:26 +04:00
Adds support for Numascale NumaChip large-SMP systems. Needed to
enable more than ~168 cores.
If you don't have one of these, you should say N here.
2007-11-09 23:56:54 +03:00
2009-02-10 05:18:14 +03:00
config X86_VSMP
bool "ScaleMP vSMP"
2013-03-05 00:20:21 +04:00
select HYPERVISOR_GUEST
2009-02-10 05:18:14 +03:00
select PARAVIRT
depends on X86_64 && PCI
depends on X86_EXTENDED_PLATFORM
2012-04-16 11:39:35 +04:00
depends on SMP
2020-06-13 19:50:22 +03:00
help
2009-02-10 05:18:14 +03:00
Support for ScaleMP vSMP systems. Say 'Y' here if this kernel is
supposed to run on these EM64T-based machines. Only choose this option
if you have one of these machines.
2008-01-30 15:33:36 +03:00
2009-01-20 06:36:04 +03:00
config X86_UV
bool "SGI Ultraviolet"
depends on X86_64
2009-02-10 05:18:14 +03:00
depends on X86_EXTENDED_PLATFORM
2009-04-04 00:39:42 +04:00
depends on NUMA
2016-02-12 03:13:20 +03:00
depends on EFI
2009-04-21 00:02:31 +04:00
depends on X86_X2APIC
2015-05-06 07:23:59 +03:00
depends on PCI
2020-06-13 19:50:22 +03:00
help
2009-01-20 06:36:04 +03:00
This option is needed in order to support SGI Ultraviolet systems.
If you don't have one of these, you should say N here.
2009-02-10 05:18:14 +03:00
# Following is an alphabetically sorted list of 32 bit extended platforms
# Please maintain the alphabetic order if and when there are additions
2007-11-09 23:56:54 +03:00
2013-01-21 21:23:09 +04:00
config X86_GOLDFISH
2019-11-21 06:21:09 +03:00
bool "Goldfish (Virtual Platform)"
depends on X86_EXTENDED_PLATFORM
2020-06-13 19:50:22 +03:00
help
2013-01-21 21:23:09 +04:00
Enable support for the Goldfish virtual platform used primarily
for Android development. Unless you are building for the Android
Goldfish emulator say N here.
2010-11-09 23:08:04 +03:00
config X86_INTEL_CE
bool "CE4100 TV platform"
depends on PCI
depends on PCI_GODIRECT
2014-06-09 12:19:46 +04:00
depends on X86_IO_APIC
2010-11-09 23:08:04 +03:00
depends on X86_32
depends on X86_EXTENDED_PLATFORM
2010-11-09 23:08:08 +03:00
select X86_REBOOTFIXUPS
2011-02-22 23:07:37 +03:00
select OF
select OF_EARLY_FLATTREE
2020-06-13 19:50:22 +03:00
help
2010-11-09 23:08:04 +03:00
Select for the Intel CE media processor (CE4100) SOC.
This option compiles in support for the CE4100 SOC for settop
boxes and media devices.
2013-12-17 05:37:26 +04:00
config X86_INTEL_MID
2011-07-12 20:49:29 +04:00
bool "Intel MID platform support"
depends on X86_EXTENDED_PLATFORM
2014-01-21 22:41:39 +04:00
depends on X86_PLATFORM_DEVICES
2011-11-10 17:29:14 +04:00
depends on PCI
2016-01-15 23:11:07 +03:00
depends on X86_64 || (PCI_GOANY && X86_32)
2011-11-10 17:29:14 +04:00
depends on X86_IO_APIC
2011-12-29 18:43:16 +04:00
select SFI
2013-12-17 05:37:26 +04:00
select I2C
2011-12-29 18:43:16 +04:00
select DW_APB_TIMER
2011-11-10 17:29:14 +04:00
select APB_TIMER
2020-04-16 11:15:33 +03:00
select INTEL_SCU_PCI
2012-01-26 21:35:05 +04:00
select MFD_INTEL_MSIC
2020-06-13 19:50:22 +03:00
help
2013-12-17 05:37:26 +04:00
Select to build a kernel capable of supporting Intel MID (Mobile
Internet Device) platform systems which do not have the PCI legacy
interfaces. If you are building for a PC class system say N here.
2011-11-10 17:29:14 +04:00
2013-12-17 05:37:26 +04:00
Intel MID platforms are based on an Intel processor and chipset which
consume less power than most of the x86 derivatives.
2011-07-12 20:49:29 +04:00
2015-01-30 19:29:39 +03:00
config X86_INTEL_QUARK
bool "Intel Quark platform support"
depends on X86_32
depends on X86_EXTENDED_PLATFORM
depends on X86_PLATFORM_DEVICES
depends on X86_TSC
depends on PCI
depends on PCI_GOANY
depends on X86_IO_APIC
select IOSF_MBI
select INTEL_IMR
2015-03-05 18:24:04 +03:00
select COMMON_CLK
2020-06-13 19:50:22 +03:00
help
2015-01-30 19:29:39 +03:00
Select to include support for Quark X1000 SoC.
Say Y here if you have a Quark based system such as the Arduino
compatible Intel Galileo.
2013-01-18 17:45:59 +04:00
config X86_INTEL_LPSS
bool "Intel Low Power Subsystem Support"
2019-01-02 21:10:37 +03:00
depends on X86 && ACPI && PCI
2013-01-18 17:45:59 +04:00
select COMMON_CLK
2013-09-13 18:02:29 +04:00
select PINCTRL
2015-12-12 04:45:06 +03:00
select IOSF_MBI
2020-06-13 19:50:22 +03:00
help
2013-01-18 17:45:59 +04:00
Select to build support for Intel Low Power Subsystem such as
found on Intel Lynxpoint PCH. Selecting this option enables
2013-09-13 18:02:29 +04:00
things like clock tree (common clock framework) and pincontrol
which are needed by the LPSS peripheral drivers.
2013-01-18 17:45:59 +04:00
2015-02-06 03:27:51 +03:00
config X86_AMD_PLATFORM_DEVICE
bool "AMD ACPI2Platform devices support"
depends on ACPI
select COMMON_CLK
select PINCTRL
2020-06-13 19:50:22 +03:00
help
2015-02-06 03:27:51 +03:00
Select to interpret AMD specific ACPI device to platform device
such as I2C, UART, GPIO found on AMD Carrizo and later chipsets.
I2C and UART depend on COMMON_CLK to set clock. GPIO driver is
implemented under PINCTRL subsystem.
2014-09-18 09:13:50 +04:00
config IOSF_MBI
tristate "Intel SoC IOSF Sideband support for SoC platforms"
depends on PCI
2020-06-13 19:50:22 +03:00
help
2014-09-18 09:13:50 +04:00
This option enables sideband register access support for Intel SoC
platforms. On these platforms the IOSF sideband is used in lieu of
MSR's for some register accesses, mostly but not limited to thermal
and power. Drivers may query the availability of this device to
determine if they need the sideband in order to work on these
platforms. The sideband is available on the following SoC products.
This list is not meant to be exclusive.
- BayTrail
- Braswell
- Quark
You should say Y if you are running a kernel on one of these SoC's.
2014-09-18 09:13:51 +04:00
config IOSF_MBI_DEBUG
bool "Enable IOSF sideband access through debugfs"
depends on IOSF_MBI && DEBUG_FS
2020-06-13 19:50:22 +03:00
help
2014-09-18 09:13:51 +04:00
Select this option to expose the IOSF sideband access registers (MCR,
MDR, MCRX) through debugfs to write and read register information from
different units on the SoC. This is most useful for obtaining device
state information for debug and analysis. As this is a general access
mechanism, users of this option would have specific knowledge of the
device they want to access.
If you don't require the option or are in doubt, say N.
2009-02-10 05:18:14 +03:00
config X86_RDC321X
bool "RDC R-321x SoC"
2007-11-09 23:56:54 +03:00
depends on X86_32
2009-02-10 05:18:14 +03:00
depends on X86_EXTENDED_PLATFORM
select M486
select X86_REBOOTFIXUPS
2020-06-13 19:50:22 +03:00
help
2009-02-10 05:18:14 +03:00
This option is needed for RDC R-321x system-on-chip, also known
as R-8610-(G).
If you don't have one of these chips, you should say N here.
2009-01-27 20:43:09 +03:00
config X86_32_NON_STANDARD
2009-01-27 20:24:57 +03:00
bool "Support non-standard 32-bit SMP architectures"
depends on X86_32 && SMP
2009-02-10 05:18:14 +03:00
depends on X86_EXTENDED_PLATFORM
2020-06-13 19:50:22 +03:00
help
2014-02-26 00:14:06 +04:00
This option compiles in the bigsmp and STA2X11 default
subarchitectures. It is intended for a generic binary
kernel. If you select them all, kernel will probe it one by
one and will fallback to default.
2008-06-09 05:31:54 +04:00
2009-02-10 05:18:14 +03:00
# Alphabetically sorted list of Non standard 32 bit platforms
2008-06-09 05:31:54 +04:00
2009-09-26 20:35:07 +04:00
config X86_SUPPORTS_MEMORY_FAILURE
2010-04-21 18:23:44 +04:00
def_bool y
2009-09-26 20:35:07 +04:00
# MCE code calls memory_failure():
depends on X86_MCE
# On 32-bit this adds too big of NODES_SHIFT and we run out of page flags:
# On 32-bit SPARSEMEM adds too big of SECTIONS_WIDTH:
depends on X86_64 || !SPARSEMEM
select ARCH_SUPPORTS_MEMORY_FAILURE
2012-04-04 21:40:21 +04:00
config STA2X11
bool "STA2X11 Companion Chip Support"
depends on X86_32_NON_STANDARD && PCI
select SWIOTLB
select MFD_STA2X11
2016-06-02 15:20:18 +03:00
select GPIOLIB
2020-06-13 19:50:22 +03:00
help
2012-04-04 21:40:21 +04:00
This adds support for boards based on the STA2X11 IO-Hub,
a.k.a. "ConneXt". The chip is used in place of the standard
PC chipset, so all "standard" peripherals are missing. If this
option is selected the kernel will still be able to boot on
standard PC machines.
2010-09-25 08:06:57 +04:00
config X86_32_IRIS
tristate "Eurobraille/Iris poweroff module"
depends on X86_32
2020-06-13 19:50:22 +03:00
help
2010-09-25 08:06:57 +04:00
The Iris machines from EuroBraille do not have APM or ACPI support
to shut themselves down properly. A special I/O sequence is
needed to do so, which is what this module does at
kernel shutdown.
This is only for Iris machines from EuroBraille.
If unused, say N.
2008-11-11 11:05:16 +03:00
config SCHED_OMIT_FRAME_POINTER
2008-01-30 15:31:03 +03:00
def_bool y
prompt "Single-depth WCHAN output"
2008-11-06 22:10:49 +03:00
depends on X86
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
Calculate simpler /proc/<PID>/wchan values. If this option
is disabled then wchan values will recurse back to the
caller function. This provides more accurate wchan values,
at the expense of slightly more scheduling overhead.
If in doubt, say "Y".
2013-03-05 00:20:21 +04:00
menuconfig HYPERVISOR_GUEST
bool "Linux guest support"
2020-06-13 19:50:22 +03:00
help
2013-03-05 00:20:21 +04:00
Say Y here to enable options for running Linux under various hyper-
visors. This option enables basic hypervisor detection and platform
setup.
2007-11-09 23:56:54 +03:00
2013-03-05 00:20:21 +04:00
If you say N, all options in this submenu will be skipped and
disabled, and Linux guest support won't be built in.
2007-11-09 23:56:54 +03:00
2013-03-05 00:20:21 +04:00
if HYPERVISOR_GUEST
2007-11-09 23:56:54 +03:00
2008-01-30 15:33:32 +03:00
config PARAVIRT
bool "Enable paravirtualization code"
2020-06-13 19:50:22 +03:00
help
2008-01-30 15:33:32 +03:00
This changes the kernel so it can modify itself when it is run
under a hypervisor, potentially improving performance significantly
over full virtualization. However, when run without a hypervisor
the kernel is theoretically slower and slightly larger.
2018-08-28 10:40:21 +03:00
config PARAVIRT_XXL
bool
2013-03-05 00:20:21 +04:00
config PARAVIRT_DEBUG
bool "paravirt-ops debugging"
depends on PARAVIRT && DEBUG_KERNEL
2020-06-13 19:50:22 +03:00
help
2013-03-05 00:20:21 +04:00
Enable to debug paravirt_ops internals. Specifically, BUG if
a paravirt_op is missing when it is called.
x86: Fix performance regression caused by paravirt_ops on native kernels
Xiaohui Xin and some other folks at Intel have been looking into what's
behind the performance hit of paravirt_ops when running native.
It appears that the hit is entirely due to the paravirtualized
spinlocks introduced by:
| commit 8efcbab674de2bee45a2e4cdf97de16b8e609ac8
| Date: Mon Jul 7 12:07:51 2008 -0700
|
| paravirt: introduce a "lock-byte" spinlock implementation
The extra call/return in the spinlock path is somehow
causing an increase in the cycles/instruction of somewhere around 2-7%
(seems to vary quite a lot from test to test). The working theory is
that the CPU's pipeline is getting upset about the
call->call->locked-op->return->return, and seems to be failing to
speculate (though I haven't seen anything definitive about the precise
reasons). This doesn't entirely make sense, because the performance
hit is also visible on unlock and other operations which don't involve
locked instructions. But spinlock operations clearly swamp all the
other pvops operations, even though I can't imagine that they're
nearly as common (there's only a .05% increase in instructions
executed).
If I disable just the pv-spinlock calls, my tests show that pvops is
identical to non-pvops performance on native (my measurements show that
it is actually about .1% faster, but Xiaohui shows a .05% slowdown).
Summary of results, averaging 10 runs of the "mmperf" test, using a
no-pvops build as baseline:
nopv Pv-nospin Pv-spin
CPU cycles 100.00% 99.89% 102.18%
instructions 100.00% 100.10% 100.15%
CPI 100.00% 99.79% 102.03%
cache ref 100.00% 100.84% 100.28%
cache miss 100.00% 90.47% 88.56%
cache miss rate 100.00% 89.72% 88.31%
branches 100.00% 99.93% 100.04%
branch miss 100.00% 103.66% 107.72%
branch miss rt 100.00% 103.73% 107.67%
wallclock 100.00% 99.90% 102.20%
The clear effect here is that the 2% increase in CPI is
directly reflected in the final wallclock time.
(The other interesting effect is that the more ops are
out of line calls via pvops, the lower the cache access
and miss rates. Not too surprising, but it suggests that
the non-pvops kernel is over-inlined. On the flipside,
the branch misses go up correspondingly...)
So, what's the fix?
Paravirt patching turns all the pvops calls into direct calls, so
_spin_lock etc do end up having direct calls. For example, the compiler
generated code for paravirtualized _spin_lock is:
<_spin_lock+0>: mov %gs:0xb4c8,%rax
<_spin_lock+9>: incl 0xffffffffffffe044(%rax)
<_spin_lock+15>: callq *0xffffffff805a5b30
<_spin_lock+22>: retq
The indirect call will get patched to:
<_spin_lock+0>: mov %gs:0xb4c8,%rax
<_spin_lock+9>: incl 0xffffffffffffe044(%rax)
<_spin_lock+15>: callq <__ticket_spin_lock>
<_spin_lock+20>: nop; nop /* or whatever 2-byte nop */
<_spin_lock+22>: retq
One possibility is to inline _spin_lock, etc, when building an
optimised kernel (ie, when there's no spinlock/preempt
instrumentation/debugging enabled). That will remove the outer
call/return pair, returning the instruction stream to a single
call/return, which will presumably execute the same as the non-pvops
case. The downsides arel 1) it will replicate the
preempt_disable/enable code at eack lock/unlock callsite; this code is
fairly small, but not nothing; and 2) the spinlock definitions are
already a very heavily tangled mass of #ifdefs and other preprocessor
magic, and making any changes will be non-trivial.
The other obvious answer is to disable pv-spinlocks. Making them a
separate config option is fairly easy, and it would be trivial to
enable them only when Xen is enabled (as the only non-default user).
But it doesn't really address the common case of a distro build which
is going to have Xen support enabled, and leaves the open question of
whether the native performance cost of pv-spinlocks is worth the
performance improvement on a loaded Xen system (10% saving of overall
system CPU when guests block rather than spin). Still it is a
reasonable short-term workaround.
[ Impact: fix pvops performance regression when running native ]
Analysed-by: "Xin Xiaohui" <xiaohui.xin@intel.com>
Analysed-by: "Li Xin" <xin.li@intel.com>
Analysed-by: "Nakajima Jun" <jun.nakajima@intel.com>
Signed-off-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
Acked-by: H. Peter Anvin <hpa@zytor.com>
Cc: Nick Piggin <npiggin@suse.de>
Cc: Xen-devel <xen-devel@lists.xensource.com>
LKML-Reference: <4A0B62F7.5030802@goop.org>
[ fixed the help text ]
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2009-05-14 04:16:55 +04:00
config PARAVIRT_SPINLOCKS
bool "Paravirtualization layer for spinlocks"
2012-10-02 22:16:47 +04:00
depends on PARAVIRT && SMP
2020-06-13 19:50:22 +03:00
help
x86: Fix performance regression caused by paravirt_ops on native kernels
Xiaohui Xin and some other folks at Intel have been looking into what's
behind the performance hit of paravirt_ops when running native.
It appears that the hit is entirely due to the paravirtualized
spinlocks introduced by:
| commit 8efcbab674de2bee45a2e4cdf97de16b8e609ac8
| Date: Mon Jul 7 12:07:51 2008 -0700
|
| paravirt: introduce a "lock-byte" spinlock implementation
The extra call/return in the spinlock path is somehow
causing an increase in the cycles/instruction of somewhere around 2-7%
(seems to vary quite a lot from test to test). The working theory is
that the CPU's pipeline is getting upset about the
call->call->locked-op->return->return, and seems to be failing to
speculate (though I haven't seen anything definitive about the precise
reasons). This doesn't entirely make sense, because the performance
hit is also visible on unlock and other operations which don't involve
locked instructions. But spinlock operations clearly swamp all the
other pvops operations, even though I can't imagine that they're
nearly as common (there's only a .05% increase in instructions
executed).
If I disable just the pv-spinlock calls, my tests show that pvops is
identical to non-pvops performance on native (my measurements show that
it is actually about .1% faster, but Xiaohui shows a .05% slowdown).
Summary of results, averaging 10 runs of the "mmperf" test, using a
no-pvops build as baseline:
nopv Pv-nospin Pv-spin
CPU cycles 100.00% 99.89% 102.18%
instructions 100.00% 100.10% 100.15%
CPI 100.00% 99.79% 102.03%
cache ref 100.00% 100.84% 100.28%
cache miss 100.00% 90.47% 88.56%
cache miss rate 100.00% 89.72% 88.31%
branches 100.00% 99.93% 100.04%
branch miss 100.00% 103.66% 107.72%
branch miss rt 100.00% 103.73% 107.67%
wallclock 100.00% 99.90% 102.20%
The clear effect here is that the 2% increase in CPI is
directly reflected in the final wallclock time.
(The other interesting effect is that the more ops are
out of line calls via pvops, the lower the cache access
and miss rates. Not too surprising, but it suggests that
the non-pvops kernel is over-inlined. On the flipside,
the branch misses go up correspondingly...)
So, what's the fix?
Paravirt patching turns all the pvops calls into direct calls, so
_spin_lock etc do end up having direct calls. For example, the compiler
generated code for paravirtualized _spin_lock is:
<_spin_lock+0>: mov %gs:0xb4c8,%rax
<_spin_lock+9>: incl 0xffffffffffffe044(%rax)
<_spin_lock+15>: callq *0xffffffff805a5b30
<_spin_lock+22>: retq
The indirect call will get patched to:
<_spin_lock+0>: mov %gs:0xb4c8,%rax
<_spin_lock+9>: incl 0xffffffffffffe044(%rax)
<_spin_lock+15>: callq <__ticket_spin_lock>
<_spin_lock+20>: nop; nop /* or whatever 2-byte nop */
<_spin_lock+22>: retq
One possibility is to inline _spin_lock, etc, when building an
optimised kernel (ie, when there's no spinlock/preempt
instrumentation/debugging enabled). That will remove the outer
call/return pair, returning the instruction stream to a single
call/return, which will presumably execute the same as the non-pvops
case. The downsides arel 1) it will replicate the
preempt_disable/enable code at eack lock/unlock callsite; this code is
fairly small, but not nothing; and 2) the spinlock definitions are
already a very heavily tangled mass of #ifdefs and other preprocessor
magic, and making any changes will be non-trivial.
The other obvious answer is to disable pv-spinlocks. Making them a
separate config option is fairly easy, and it would be trivial to
enable them only when Xen is enabled (as the only non-default user).
But it doesn't really address the common case of a distro build which
is going to have Xen support enabled, and leaves the open question of
whether the native performance cost of pv-spinlocks is worth the
performance improvement on a loaded Xen system (10% saving of overall
system CPU when guests block rather than spin). Still it is a
reasonable short-term workaround.
[ Impact: fix pvops performance regression when running native ]
Analysed-by: "Xin Xiaohui" <xiaohui.xin@intel.com>
Analysed-by: "Li Xin" <xin.li@intel.com>
Analysed-by: "Nakajima Jun" <jun.nakajima@intel.com>
Signed-off-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
Acked-by: H. Peter Anvin <hpa@zytor.com>
Cc: Nick Piggin <npiggin@suse.de>
Cc: Xen-devel <xen-devel@lists.xensource.com>
LKML-Reference: <4A0B62F7.5030802@goop.org>
[ fixed the help text ]
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2009-05-14 04:16:55 +04:00
Paravirtualized spinlocks allow a pvops backend to replace the
spinlock implementation with something virtualization-friendly
(for example, block the virtual CPU rather than spinning).
2013-10-21 20:05:08 +04:00
It has a minimal impact on native kernels and gives a nice performance
benefit on paravirtualized KVM / Xen kernels.
x86: Fix performance regression caused by paravirt_ops on native kernels
Xiaohui Xin and some other folks at Intel have been looking into what's
behind the performance hit of paravirt_ops when running native.
It appears that the hit is entirely due to the paravirtualized
spinlocks introduced by:
| commit 8efcbab674de2bee45a2e4cdf97de16b8e609ac8
| Date: Mon Jul 7 12:07:51 2008 -0700
|
| paravirt: introduce a "lock-byte" spinlock implementation
The extra call/return in the spinlock path is somehow
causing an increase in the cycles/instruction of somewhere around 2-7%
(seems to vary quite a lot from test to test). The working theory is
that the CPU's pipeline is getting upset about the
call->call->locked-op->return->return, and seems to be failing to
speculate (though I haven't seen anything definitive about the precise
reasons). This doesn't entirely make sense, because the performance
hit is also visible on unlock and other operations which don't involve
locked instructions. But spinlock operations clearly swamp all the
other pvops operations, even though I can't imagine that they're
nearly as common (there's only a .05% increase in instructions
executed).
If I disable just the pv-spinlock calls, my tests show that pvops is
identical to non-pvops performance on native (my measurements show that
it is actually about .1% faster, but Xiaohui shows a .05% slowdown).
Summary of results, averaging 10 runs of the "mmperf" test, using a
no-pvops build as baseline:
nopv Pv-nospin Pv-spin
CPU cycles 100.00% 99.89% 102.18%
instructions 100.00% 100.10% 100.15%
CPI 100.00% 99.79% 102.03%
cache ref 100.00% 100.84% 100.28%
cache miss 100.00% 90.47% 88.56%
cache miss rate 100.00% 89.72% 88.31%
branches 100.00% 99.93% 100.04%
branch miss 100.00% 103.66% 107.72%
branch miss rt 100.00% 103.73% 107.67%
wallclock 100.00% 99.90% 102.20%
The clear effect here is that the 2% increase in CPI is
directly reflected in the final wallclock time.
(The other interesting effect is that the more ops are
out of line calls via pvops, the lower the cache access
and miss rates. Not too surprising, but it suggests that
the non-pvops kernel is over-inlined. On the flipside,
the branch misses go up correspondingly...)
So, what's the fix?
Paravirt patching turns all the pvops calls into direct calls, so
_spin_lock etc do end up having direct calls. For example, the compiler
generated code for paravirtualized _spin_lock is:
<_spin_lock+0>: mov %gs:0xb4c8,%rax
<_spin_lock+9>: incl 0xffffffffffffe044(%rax)
<_spin_lock+15>: callq *0xffffffff805a5b30
<_spin_lock+22>: retq
The indirect call will get patched to:
<_spin_lock+0>: mov %gs:0xb4c8,%rax
<_spin_lock+9>: incl 0xffffffffffffe044(%rax)
<_spin_lock+15>: callq <__ticket_spin_lock>
<_spin_lock+20>: nop; nop /* or whatever 2-byte nop */
<_spin_lock+22>: retq
One possibility is to inline _spin_lock, etc, when building an
optimised kernel (ie, when there's no spinlock/preempt
instrumentation/debugging enabled). That will remove the outer
call/return pair, returning the instruction stream to a single
call/return, which will presumably execute the same as the non-pvops
case. The downsides arel 1) it will replicate the
preempt_disable/enable code at eack lock/unlock callsite; this code is
fairly small, but not nothing; and 2) the spinlock definitions are
already a very heavily tangled mass of #ifdefs and other preprocessor
magic, and making any changes will be non-trivial.
The other obvious answer is to disable pv-spinlocks. Making them a
separate config option is fairly easy, and it would be trivial to
enable them only when Xen is enabled (as the only non-default user).
But it doesn't really address the common case of a distro build which
is going to have Xen support enabled, and leaves the open question of
whether the native performance cost of pv-spinlocks is worth the
performance improvement on a loaded Xen system (10% saving of overall
system CPU when guests block rather than spin). Still it is a
reasonable short-term workaround.
[ Impact: fix pvops performance regression when running native ]
Analysed-by: "Xin Xiaohui" <xiaohui.xin@intel.com>
Analysed-by: "Li Xin" <xin.li@intel.com>
Analysed-by: "Nakajima Jun" <jun.nakajima@intel.com>
Signed-off-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
Acked-by: H. Peter Anvin <hpa@zytor.com>
Cc: Nick Piggin <npiggin@suse.de>
Cc: Xen-devel <xen-devel@lists.xensource.com>
LKML-Reference: <4A0B62F7.5030802@goop.org>
[ fixed the help text ]
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2009-05-14 04:16:55 +04:00
2013-10-21 20:05:08 +04:00
If you are unsure how to answer this question, answer Y.
x86: Fix performance regression caused by paravirt_ops on native kernels
Xiaohui Xin and some other folks at Intel have been looking into what's
behind the performance hit of paravirt_ops when running native.
It appears that the hit is entirely due to the paravirtualized
spinlocks introduced by:
| commit 8efcbab674de2bee45a2e4cdf97de16b8e609ac8
| Date: Mon Jul 7 12:07:51 2008 -0700
|
| paravirt: introduce a "lock-byte" spinlock implementation
The extra call/return in the spinlock path is somehow
causing an increase in the cycles/instruction of somewhere around 2-7%
(seems to vary quite a lot from test to test). The working theory is
that the CPU's pipeline is getting upset about the
call->call->locked-op->return->return, and seems to be failing to
speculate (though I haven't seen anything definitive about the precise
reasons). This doesn't entirely make sense, because the performance
hit is also visible on unlock and other operations which don't involve
locked instructions. But spinlock operations clearly swamp all the
other pvops operations, even though I can't imagine that they're
nearly as common (there's only a .05% increase in instructions
executed).
If I disable just the pv-spinlock calls, my tests show that pvops is
identical to non-pvops performance on native (my measurements show that
it is actually about .1% faster, but Xiaohui shows a .05% slowdown).
Summary of results, averaging 10 runs of the "mmperf" test, using a
no-pvops build as baseline:
nopv Pv-nospin Pv-spin
CPU cycles 100.00% 99.89% 102.18%
instructions 100.00% 100.10% 100.15%
CPI 100.00% 99.79% 102.03%
cache ref 100.00% 100.84% 100.28%
cache miss 100.00% 90.47% 88.56%
cache miss rate 100.00% 89.72% 88.31%
branches 100.00% 99.93% 100.04%
branch miss 100.00% 103.66% 107.72%
branch miss rt 100.00% 103.73% 107.67%
wallclock 100.00% 99.90% 102.20%
The clear effect here is that the 2% increase in CPI is
directly reflected in the final wallclock time.
(The other interesting effect is that the more ops are
out of line calls via pvops, the lower the cache access
and miss rates. Not too surprising, but it suggests that
the non-pvops kernel is over-inlined. On the flipside,
the branch misses go up correspondingly...)
So, what's the fix?
Paravirt patching turns all the pvops calls into direct calls, so
_spin_lock etc do end up having direct calls. For example, the compiler
generated code for paravirtualized _spin_lock is:
<_spin_lock+0>: mov %gs:0xb4c8,%rax
<_spin_lock+9>: incl 0xffffffffffffe044(%rax)
<_spin_lock+15>: callq *0xffffffff805a5b30
<_spin_lock+22>: retq
The indirect call will get patched to:
<_spin_lock+0>: mov %gs:0xb4c8,%rax
<_spin_lock+9>: incl 0xffffffffffffe044(%rax)
<_spin_lock+15>: callq <__ticket_spin_lock>
<_spin_lock+20>: nop; nop /* or whatever 2-byte nop */
<_spin_lock+22>: retq
One possibility is to inline _spin_lock, etc, when building an
optimised kernel (ie, when there's no spinlock/preempt
instrumentation/debugging enabled). That will remove the outer
call/return pair, returning the instruction stream to a single
call/return, which will presumably execute the same as the non-pvops
case. The downsides arel 1) it will replicate the
preempt_disable/enable code at eack lock/unlock callsite; this code is
fairly small, but not nothing; and 2) the spinlock definitions are
already a very heavily tangled mass of #ifdefs and other preprocessor
magic, and making any changes will be non-trivial.
The other obvious answer is to disable pv-spinlocks. Making them a
separate config option is fairly easy, and it would be trivial to
enable them only when Xen is enabled (as the only non-default user).
But it doesn't really address the common case of a distro build which
is going to have Xen support enabled, and leaves the open question of
whether the native performance cost of pv-spinlocks is worth the
performance improvement on a loaded Xen system (10% saving of overall
system CPU when guests block rather than spin). Still it is a
reasonable short-term workaround.
[ Impact: fix pvops performance regression when running native ]
Analysed-by: "Xin Xiaohui" <xiaohui.xin@intel.com>
Analysed-by: "Li Xin" <xin.li@intel.com>
Analysed-by: "Nakajima Jun" <jun.nakajima@intel.com>
Signed-off-by: Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>
Acked-by: H. Peter Anvin <hpa@zytor.com>
Cc: Nick Piggin <npiggin@suse.de>
Cc: Xen-devel <xen-devel@lists.xensource.com>
LKML-Reference: <4A0B62F7.5030802@goop.org>
[ fixed the help text ]
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2009-05-14 04:16:55 +04:00
2019-04-30 06:45:23 +03:00
config X86_HV_CALLBACK_VECTOR
def_bool n
2013-03-05 00:20:21 +04:00
source "arch/x86/xen/Kconfig"
2008-06-03 18:17:29 +04:00
2013-03-05 00:20:21 +04:00
config KVM_GUEST
bool "KVM Guest support (including kvmclock)"
depends on PARAVIRT
select PARAVIRT_CLOCK
2019-07-04 02:51:29 +03:00
select ARCH_CPUIDLE_HALTPOLL
2013-03-05 00:20:21 +04:00
default y
2020-06-13 19:50:22 +03:00
help
2013-03-05 00:20:21 +04:00
This option enables various optimizations for running under the KVM
hypervisor. It includes a paravirtualized clock, so that instead
of relying on a PIT (or probably other) emulation by the
underlying device model, the host provides the guest with
timing infrastructure such as time of day, and system time
2007-11-09 23:56:54 +03:00
2019-07-04 02:51:29 +03:00
config ARCH_CPUIDLE_HALTPOLL
2019-11-21 06:21:09 +03:00
def_bool n
prompt "Disable host haltpoll when loading haltpoll driver"
help
2019-07-04 02:51:29 +03:00
If virtualized under KVM, disable host haltpoll.
2018-12-10 22:07:28 +03:00
config PVH
bool "Support for running PVH guests"
2020-06-13 19:50:22 +03:00
help
2018-12-10 22:07:28 +03:00
This option enables the PVH entry point for guest virtual machines
as specified in the x86/HVM direct boot ABI.
2013-03-05 00:20:21 +04:00
config PARAVIRT_TIME_ACCOUNTING
bool "Paravirtual steal time accounting"
depends on PARAVIRT
2020-06-13 19:50:22 +03:00
help
2013-03-05 00:20:21 +04:00
Select this option to enable fine granularity task steal time
accounting. Time spent executing other tasks in parallel with
the current vCPU is discounted from the vCPU power. To account for
that, there can be a small performance impact.
If in doubt, say N here.
config PARAVIRT_CLOCK
bool
2008-06-25 08:19:14 +04:00
2017-11-27 11:11:46 +03:00
config JAILHOUSE_GUEST
bool "Jailhouse non-root cell support"
2018-01-15 18:51:20 +03:00
depends on X86_64 && PCI
2017-11-27 11:11:48 +03:00
select X86_PM_TIMER
2020-06-13 19:50:22 +03:00
help
2017-11-27 11:11:46 +03:00
This option allows to run Linux as guest in a Jailhouse non-root
cell. You can leave this option disabled if you only want to start
Jailhouse and run Linux afterwards in the root cell.
2019-04-30 06:45:24 +03:00
config ACRN_GUEST
bool "ACRN Guest support"
depends on X86_64
2019-04-30 06:45:25 +03:00
select X86_HV_CALLBACK_VECTOR
2019-04-30 06:45:24 +03:00
help
This option allows to run Linux as guest in the ACRN hypervisor. ACRN is
a flexible, lightweight reference open-source hypervisor, built with
real-time and safety-criticality in mind. It is built for embedded
IOT with small footprint and real-time features. More details can be
found in https://projectacrn.org/.
2013-03-05 00:20:21 +04:00
endif #HYPERVISOR_GUEST
2008-06-25 08:19:14 +04:00
2007-11-09 23:56:54 +03:00
source "arch/x86/Kconfig.cpu"
config HPET_TIMER
2008-01-30 15:31:03 +03:00
def_bool X86_64
2007-11-09 23:56:54 +03:00
prompt "HPET Timer Support" if X86_32
2020-06-13 19:50:22 +03:00
help
2009-02-05 18:21:53 +03:00
Use the IA-PC HPET (High Precision Event Timer) to manage
time in preference to the PIT and RTC, if a HPET is
present.
HPET is the next generation timer replacing legacy 8254s.
The HPET provides a stable time base on SMP
systems, unlike the TSC, but it is more expensive to access,
2016-02-11 02:05:01 +03:00
as it is off-chip. The interface used is documented
in the HPET spec, revision 1.
2007-11-09 23:56:54 +03:00
2009-02-05 18:21:53 +03:00
You can safely choose Y here. However, HPET will only be
activated if the platform and the BIOS support this feature.
Otherwise the 8254 will be used for timing services.
2007-11-09 23:56:54 +03:00
2009-02-05 18:21:53 +03:00
Choose N to continue using the legacy 8254 timer.
2007-11-09 23:56:54 +03:00
config HPET_EMULATE_RTC
2008-01-30 15:31:03 +03:00
def_bool y
2008-02-06 12:38:52 +03:00
depends on HPET_TIMER && (RTC=y || RTC=m || RTC_DRV_CMOS=m || RTC_DRV_CMOS=y)
2007-11-09 23:56:54 +03:00
2009-09-02 18:37:17 +04:00
config APB_TIMER
2019-11-21 06:21:09 +03:00
def_bool y if X86_INTEL_MID
prompt "Intel MID APB Timer Support" if X86_INTEL_MID
select DW_APB_TIMER
depends on X86_INTEL_MID && SFI
help
APB timer is the replacement for 8254, HPET on X86 MID platforms.
The APBT provides a stable time base on SMP
systems, unlike the TSC, but it is more expensive to access,
as it is off-chip. APB timers are always running regardless of CPU
C states, they are used as per CPU clockevent device when possible.
2009-09-02 18:37:17 +04:00
2011-01-21 01:44:16 +03:00
# Mark as expert because too many people got it wrong.
2007-11-09 23:56:54 +03:00
# The code disables itself when not needed.
2008-04-28 13:14:14 +04:00
config DMI
default y
2014-01-24 03:54:39 +04:00
select DMI_SCAN_MACHINE_NON_EFI_FALLBACK
2011-01-21 01:44:16 +03:00
bool "Enable DMI scanning" if EXPERT
2020-06-13 19:50:22 +03:00
help
2008-04-28 13:14:14 +04:00
Enabled scanning of DMI to identify machine quirks. Say Y
here unless you have verified that your setup is not
affected by entries in the DMI blacklist. Required by PNP
BIOS code.
2007-11-09 23:56:54 +03:00
config GART_IOMMU
2013-10-05 01:37:56 +04:00
bool "Old AMD GART IOMMU support"
2020-07-08 10:30:00 +03:00
select DMA_OPS
2018-04-03 16:47:59 +03:00
select IOMMU_HELPER
2007-11-09 23:56:54 +03:00
select SWIOTLB
2010-09-17 20:03:43 +04:00
depends on X86_64 && PCI && AMD_NB
2020-06-13 19:50:22 +03:00
help
2013-10-06 13:45:20 +04:00
Provides a driver for older AMD Athlon64/Opteron/Turion/Sempron
GART based hardware IOMMUs.
The GART supports full DMA access for devices with 32-bit access
limitations, on systems with more than 3 GB. This is usually needed
for USB, sound, many IDE/SATA chipsets and some other devices.
Newer systems typically have a modern AMD IOMMU, supported via
the CONFIG_AMD_IOMMU=y config option.
In normal configurations this driver is only active when needed:
there's more than 3 GB of memory and the system contains a
32-bit limited device.
If unsure, say Y.
2007-11-09 23:56:54 +03:00
2008-05-12 23:21:12 +04:00
config MAXSMP
2010-08-21 23:32:41 +04:00
bool "Enable Maximum number of SMP Processors and NUMA Nodes"
2012-10-02 22:16:47 +04:00
depends on X86_64 && SMP && DEBUG_KERNEL
2008-12-17 04:33:51 +03:00
select CPUMASK_OFFSTACK
2020-06-13 19:50:22 +03:00
help
2010-08-21 23:32:41 +04:00
Enable maximum number of CPUS and NUMA Nodes for this architecture.
2008-05-12 23:21:12 +04:00
If unsure, say N.
2007-11-09 23:56:54 +03:00
2018-02-10 14:36:29 +03:00
#
# The maximum number of CPUs supported:
#
# The main config value is NR_CPUS, which defaults to NR_CPUS_DEFAULT,
# and which can be configured interactively in the
# [NR_CPUS_RANGE_BEGIN ... NR_CPUS_RANGE_END] range.
#
# The ranges are different on 32-bit and 64-bit kernels, depending on
# hardware capabilities and scalability features of the kernel.
#
# ( If MAXSMP is enabled we just use the highest possible value and disable
# interactive configuration. )
#
config NR_CPUS_RANGE_BEGIN
2018-02-10 03:51:03 +03:00
int
2018-02-10 14:36:29 +03:00
default NR_CPUS_RANGE_END if MAXSMP
default 1 if !SMP
default 2
2018-02-10 03:51:03 +03:00
2018-02-10 14:36:29 +03:00
config NR_CPUS_RANGE_END
2018-02-10 03:51:03 +03:00
int
2018-02-10 14:36:29 +03:00
depends on X86_32
default 64 if SMP && X86_BIGSMP
default 8 if SMP && !X86_BIGSMP
default 1 if !SMP
2018-02-10 03:51:03 +03:00
2018-02-10 14:36:29 +03:00
config NR_CPUS_RANGE_END
2018-02-10 03:51:03 +03:00
int
2018-02-10 14:36:29 +03:00
depends on X86_64
2019-10-12 10:00:54 +03:00
default 8192 if SMP && CPUMASK_OFFSTACK
default 512 if SMP && !CPUMASK_OFFSTACK
2018-02-10 14:36:29 +03:00
default 1 if !SMP
2018-02-10 03:51:03 +03:00
2018-02-10 14:36:29 +03:00
config NR_CPUS_DEFAULT
2018-02-10 03:51:03 +03:00
int
depends on X86_32
2018-02-10 14:36:29 +03:00
default 32 if X86_BIGSMP
default 8 if SMP
default 1 if !SMP
2018-02-10 03:51:03 +03:00
2018-02-10 14:36:29 +03:00
config NR_CPUS_DEFAULT
2018-02-10 03:51:03 +03:00
int
depends on X86_64
2018-02-10 14:36:29 +03:00
default 8192 if MAXSMP
default 64 if SMP
default 1 if !SMP
2018-02-10 03:51:03 +03:00
2007-11-09 23:56:54 +03:00
config NR_CPUS
2008-12-17 04:33:51 +03:00
int "Maximum number of CPUs" if SMP && !MAXSMP
2018-02-10 14:36:29 +03:00
range NR_CPUS_RANGE_BEGIN NR_CPUS_RANGE_END
default NR_CPUS_DEFAULT
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
This allows you to specify the maximum number of CPUs which this
2013-11-05 18:37:29 +04:00
kernel will support. If CPUMASK_OFFSTACK is enabled, the maximum
2015-05-08 13:25:26 +03:00
supported value is 8192, otherwise the maximum value is 512. The
2007-11-09 23:56:54 +03:00
minimum value which makes sense is 2.
2018-02-10 14:36:29 +03:00
This is purely to save memory: each supported CPU adds about 8KB
to the kernel image.
2007-11-09 23:56:54 +03:00
config SCHED_SMT
2018-11-25 21:33:37 +03:00
def_bool y if SMP
2007-11-09 23:56:54 +03:00
config SCHED_MC
2008-01-30 15:31:03 +03:00
def_bool y
prompt "Multi-core scheduler support"
2015-06-04 19:55:25 +03:00
depends on SMP
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
Multi-core scheduler support improves the CPU scheduler's decision
making when dealing with multi-core CPU chips at a cost of slightly
increased overhead in some places. If unsure say N here.
2016-11-29 21:43:27 +03:00
config SCHED_MC_PRIO
bool "CPU core priorities scheduler support"
2016-11-30 10:33:54 +03:00
depends on SCHED_MC && CPU_SUP_INTEL
select X86_INTEL_PSTATE
select CPU_FREQ
2016-11-29 21:43:27 +03:00
default y
2020-06-13 19:50:22 +03:00
help
2016-11-30 10:33:54 +03:00
Intel Turbo Boost Max Technology 3.0 enabled CPUs have a
core ordering determined at manufacturing time, which allows
certain cores to reach higher turbo frequencies (when running
single threaded workloads) than others.
2016-11-29 21:43:27 +03:00
2016-11-30 10:33:54 +03:00
Enabling this kernel feature teaches the scheduler about
the TBM3 (aka ITMT) priority order of the CPU cores and adjusts the
scheduler's CPU selection logic accordingly, so that higher
overall system performance can be achieved.
2016-11-29 21:43:27 +03:00
2016-11-30 10:33:54 +03:00
This feature will have no effect on CPUs without this feature.
2016-11-29 21:43:27 +03:00
2016-11-30 10:33:54 +03:00
If unsure say Y here.
2016-11-22 23:23:55 +03:00
2015-01-16 00:22:39 +03:00
config UP_LATE_INIT
2019-11-21 06:21:09 +03:00
def_bool y
depends on !SMP && X86_LOCAL_APIC
2015-01-16 00:22:39 +03:00
2007-11-09 23:56:54 +03:00
config X86_UP_APIC
2015-02-05 18:31:56 +03:00
bool "Local APIC support on uniprocessors" if !PCI_MSI
default PCI_MSI
2015-01-23 01:58:49 +03:00
depends on X86_32 && !SMP && !X86_32_NON_STANDARD
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
A local APIC (Advanced Programmable Interrupt Controller) is an
integrated interrupt controller in the CPU. If you have a single-CPU
system which has a processor with a local APIC, you can say Y here to
enable and use it. If you say Y here even though your machine doesn't
have a local APIC, then the kernel will still run with no slowdown at
all. The local APIC supports CPU-generated self-interrupts (timer,
performance counters), and the NMI watchdog which detects hard
lockups.
config X86_UP_IOAPIC
bool "IO-APIC support on uniprocessors"
depends on X86_UP_APIC
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
An IO-APIC (I/O Advanced Programmable Interrupt Controller) is an
SMP-capable replacement for PC-style interrupt controllers. Most
SMP systems and many recent uniprocessor systems have one.
If you have a single-CPU system with an IO-APIC, you can say Y here
to use it. If you say Y here even though your machine doesn't have
an IO-APIC, then the kernel will still run with no slowdown at all.
config X86_LOCAL_APIC
2008-01-30 15:31:03 +03:00
def_bool y
x86, build, pci: Fix PCI_MSI build on !SMP
Commit ebd97be635 ('PCI: remove ARCH_SUPPORTS_MSI kconfig option')
removed the ARCH_SUPPORTS_MSI option which architectures could select
to indicate that they support MSI. Now, all architectures are supposed
to build fine when MSI support is enabled: instead of having the
architecture tell *when* MSI support can be used, it's up to the
architecture code to ensure that MSI support can be enabled.
On x86, commit ebd97be635 removed the following line:
select ARCH_SUPPORTS_MSI if (X86_LOCAL_APIC && X86_IO_APIC)
Which meant that MSI support was only available when the local APIC
and I/O APIC were enabled. While this is always true on SMP or x86-64,
it is not necessarily the case on i386 !SMP.
The below patch makes sure that the local APIC and I/O APIC support is
always enabled when MSI support is enabled. To do so, it:
* Ensures the X86_UP_APIC option is not visible when PCI_MSI is
enabled. This is the option that allows, on UP machines, to enable
or not the APIC support. It is already not visible on SMP systems,
or x86-64 systems, for example. We're simply also making it
invisible on i386 MSI systems.
* Ensures that the X86_LOCAL_APIC and X86_IO_APIC options are 'y'
when PCI_MSI is enabled.
Notice that this change requires a change in drivers/iommu/Kconfig to
avoid a recursive Kconfig dependencey. The AMD_IOMMU option selects
PCI_MSI, but was depending on X86_IO_APIC. This dependency is no
longer needed: as soon as PCI_MSI is selected, the presence of
X86_IO_APIC is guaranteed. Moreover, the AMD_IOMMU already depended on
X86_64, which already guaranteed that X86_IO_APIC was enabled, so this
dependency was anyway redundant.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Link: http://lkml.kernel.org/r/1380794354-9079-1-git-send-email-thomas.petazzoni@free-electrons.com
Reported-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Bjorn Helgaas <bhelgaas@google.com>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
2013-10-03 13:59:14 +04:00
depends on X86_64 || SMP || X86_32_NON_STANDARD || X86_UP_APIC || PCI_MSI
2015-04-13 09:11:24 +03:00
select IRQ_DOMAIN_HIERARCHY
2015-04-13 09:11:35 +03:00
select PCI_MSI_IRQ_DOMAIN if PCI_MSI
2007-11-09 23:56:54 +03:00
config X86_IO_APIC
2015-02-05 18:35:21 +03:00
def_bool y
depends on X86_LOCAL_APIC || X86_UP_IOAPIC
2007-11-09 23:56:54 +03:00
2008-07-15 15:48:55 +04:00
config X86_REROUTE_FOR_BROKEN_BOOT_IRQS
bool "Reroute for broken boot IRQs"
depends on X86_IO_APIC
2020-06-13 19:50:22 +03:00
help
2008-07-15 15:48:55 +04:00
This option enables a workaround that fixes a source of
spurious interrupts. This is recommended when threaded
interrupt handling is used on systems where the generation of
superfluous "boot interrupts" cannot be disabled.
Some chipsets generate a legacy INTx "boot IRQ" when the IRQ
entry in the chipset's IO-APIC is masked (as, e.g. the RT
kernel does during interrupt handling). On chipsets where this
boot IRQ generation cannot be disabled, this workaround keeps
the original IRQ line masked so that only the equivalent "boot
IRQ" is delivered to the CPUs. The workaround also tells the
kernel to set up the IRQ handler on the boot IRQ line. In this
way only one interrupt is delivered to the kernel. Otherwise
the spurious second interrupt may cause the kernel to bring
down (vital) interrupt lines.
Only affects "broken" chipsets. Interrupt sharing may be
increased on these systems.
2007-11-09 23:56:54 +03:00
config X86_MCE
2009-07-09 02:31:38 +04:00
bool "Machine Check / overheating reporting"
2015-08-12 19:29:34 +03:00
select GENERIC_ALLOCATOR
2011-09-13 17:23:21 +04:00
default y
2020-06-13 19:50:22 +03:00
help
2009-07-09 02:31:38 +04:00
Machine Check support allows the processor to notify the
kernel if it detects a problem (e.g. overheating, data corruption).
2007-11-09 23:56:54 +03:00
The action the kernel takes depends on the severity of the problem,
2009-07-09 02:31:38 +04:00
ranging from warning messages to halting the machine.
x86, mce: use 64bit machine check code on 32bit
The 64bit machine check code is in many ways much better than
the 32bit machine check code: it is more specification compliant,
is cleaner, only has a single code base versus one per CPU,
has better infrastructure for recovery, has a cleaner way to communicate
with user space etc. etc.
Use the 64bit code for 32bit too.
This is the second attempt to do this. There was one a couple of years
ago to unify this code for 32bit and 64bit. Back then this ran into some
trouble with K7s and was reverted.
I believe this time the K7 problems (and some others) are addressed.
I went over the old handlers and was very careful to retain
all quirks.
But of course this needs a lot of testing on old systems. On newer
64bit capable systems I don't expect much problems because they have been
already tested with the 64bit kernel.
I made this a CONFIG for now that still allows to select the old
machine check code. This is mostly to make testing easier,
if someone runs into a problem we can ask them to try
with the CONFIG switched.
The new code is default y for more coverage.
Once there is confidence the 64bit code works well on older hardware
too the CONFIG_X86_OLD_MCE and the associated code can be easily
removed.
This causes a behaviour change for 32bit installations. They now
have to install the mcelog package to be able to log
corrected machine checks.
The 64bit machine check code only handles CPUs which support the
standard Intel machine check architecture described in the IA32 SDM.
The 32bit code has special support for some older CPUs which
have non standard machine check architectures, in particular
WinChip C3 and Intel P5. I made those a separate CONFIG option
and kept them for now. The WinChip variant could be probably
removed without too much pain, it doesn't really do anything
interesting. P5 is also disabled by default (like it
was before) because many motherboards have it miswired, but
according to Alan Cox a few embedded setups use that one.
Forward ported/heavily changed version of old patch, original patch
included review/fixes from Thomas Gleixner, Bert Wesarg.
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Signed-off-by: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
2009-04-28 21:07:31 +04:00
2017-03-27 12:33:03 +03:00
config X86_MCELOG_LEGACY
bool "Support for deprecated /dev/mcelog character device"
depends on X86_MCE
2020-06-13 19:50:22 +03:00
help
2017-03-27 12:33:03 +03:00
Enable support for /dev/mcelog which is needed by the old mcelog
userspace logging daemon. Consider switching to the new generation
rasdaemon solution.
2007-11-09 23:56:54 +03:00
config X86_MCE_INTEL
2008-01-30 15:31:03 +03:00
def_bool y
prompt "Intel MCE features"
2009-07-09 02:31:41 +04:00
depends on X86_MCE && X86_LOCAL_APIC
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
Additional support for intel specific MCE features such as
the thermal monitor.
config X86_MCE_AMD
2008-01-30 15:31:03 +03:00
def_bool y
prompt "AMD MCE features"
2016-11-18 01:57:27 +03:00
depends on X86_MCE && X86_LOCAL_APIC && AMD_NB
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
Additional support for AMD specific MCE features such as
the DRAM Error Threshold.
x86, mce: use 64bit machine check code on 32bit
The 64bit machine check code is in many ways much better than
the 32bit machine check code: it is more specification compliant,
is cleaner, only has a single code base versus one per CPU,
has better infrastructure for recovery, has a cleaner way to communicate
with user space etc. etc.
Use the 64bit code for 32bit too.
This is the second attempt to do this. There was one a couple of years
ago to unify this code for 32bit and 64bit. Back then this ran into some
trouble with K7s and was reverted.
I believe this time the K7 problems (and some others) are addressed.
I went over the old handlers and was very careful to retain
all quirks.
But of course this needs a lot of testing on old systems. On newer
64bit capable systems I don't expect much problems because they have been
already tested with the 64bit kernel.
I made this a CONFIG for now that still allows to select the old
machine check code. This is mostly to make testing easier,
if someone runs into a problem we can ask them to try
with the CONFIG switched.
The new code is default y for more coverage.
Once there is confidence the 64bit code works well on older hardware
too the CONFIG_X86_OLD_MCE and the associated code can be easily
removed.
This causes a behaviour change for 32bit installations. They now
have to install the mcelog package to be able to log
corrected machine checks.
The 64bit machine check code only handles CPUs which support the
standard Intel machine check architecture described in the IA32 SDM.
The 32bit code has special support for some older CPUs which
have non standard machine check architectures, in particular
WinChip C3 and Intel P5. I made those a separate CONFIG option
and kept them for now. The WinChip variant could be probably
removed without too much pain, it doesn't really do anything
interesting. P5 is also disabled by default (like it
was before) because many motherboards have it miswired, but
according to Alan Cox a few embedded setups use that one.
Forward ported/heavily changed version of old patch, original patch
included review/fixes from Thomas Gleixner, Bert Wesarg.
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Signed-off-by: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
2009-04-28 21:07:31 +04:00
config X86_ANCIENT_MCE
2010-04-21 18:23:44 +04:00
bool "Support for old Pentium 5 / WinChip machine checks"
2009-07-09 02:31:37 +04:00
depends on X86_32 && X86_MCE
2020-06-13 19:50:22 +03:00
help
2009-05-27 11:57:31 +04:00
Include support for machine check handling on old Pentium 5 or WinChip
2013-11-30 16:38:43 +04:00
systems. These typically need to be enabled explicitly on the command
2009-05-27 11:57:31 +04:00
line.
x86, mce: use 64bit machine check code on 32bit
The 64bit machine check code is in many ways much better than
the 32bit machine check code: it is more specification compliant,
is cleaner, only has a single code base versus one per CPU,
has better infrastructure for recovery, has a cleaner way to communicate
with user space etc. etc.
Use the 64bit code for 32bit too.
This is the second attempt to do this. There was one a couple of years
ago to unify this code for 32bit and 64bit. Back then this ran into some
trouble with K7s and was reverted.
I believe this time the K7 problems (and some others) are addressed.
I went over the old handlers and was very careful to retain
all quirks.
But of course this needs a lot of testing on old systems. On newer
64bit capable systems I don't expect much problems because they have been
already tested with the 64bit kernel.
I made this a CONFIG for now that still allows to select the old
machine check code. This is mostly to make testing easier,
if someone runs into a problem we can ask them to try
with the CONFIG switched.
The new code is default y for more coverage.
Once there is confidence the 64bit code works well on older hardware
too the CONFIG_X86_OLD_MCE and the associated code can be easily
removed.
This causes a behaviour change for 32bit installations. They now
have to install the mcelog package to be able to log
corrected machine checks.
The 64bit machine check code only handles CPUs which support the
standard Intel machine check architecture described in the IA32 SDM.
The 32bit code has special support for some older CPUs which
have non standard machine check architectures, in particular
WinChip C3 and Intel P5. I made those a separate CONFIG option
and kept them for now. The WinChip variant could be probably
removed without too much pain, it doesn't really do anything
interesting. P5 is also disabled by default (like it
was before) because many motherboards have it miswired, but
according to Alan Cox a few embedded setups use that one.
Forward ported/heavily changed version of old patch, original patch
included review/fixes from Thomas Gleixner, Bert Wesarg.
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Signed-off-by: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
2009-04-28 21:07:31 +04:00
2009-02-12 15:49:31 +03:00
config X86_MCE_THRESHOLD
depends on X86_MCE_AMD || X86_MCE_INTEL
2010-04-21 18:23:44 +04:00
def_bool y
2009-02-12 15:49:31 +03:00
2009-04-29 21:31:00 +04:00
config X86_MCE_INJECT
2017-06-13 19:28:30 +03:00
depends on X86_MCE && X86_LOCAL_APIC && DEBUG_FS
2009-04-29 21:31:00 +04:00
tristate "Machine check injector support"
2020-06-13 19:50:22 +03:00
help
2009-04-29 21:31:00 +04:00
Provide support for injecting machine checks for testing purposes.
If you don't know what a machine check is and you don't do kernel
QA it is safe to say n.
x86, mce: use 64bit machine check code on 32bit
The 64bit machine check code is in many ways much better than
the 32bit machine check code: it is more specification compliant,
is cleaner, only has a single code base versus one per CPU,
has better infrastructure for recovery, has a cleaner way to communicate
with user space etc. etc.
Use the 64bit code for 32bit too.
This is the second attempt to do this. There was one a couple of years
ago to unify this code for 32bit and 64bit. Back then this ran into some
trouble with K7s and was reverted.
I believe this time the K7 problems (and some others) are addressed.
I went over the old handlers and was very careful to retain
all quirks.
But of course this needs a lot of testing on old systems. On newer
64bit capable systems I don't expect much problems because they have been
already tested with the 64bit kernel.
I made this a CONFIG for now that still allows to select the old
machine check code. This is mostly to make testing easier,
if someone runs into a problem we can ask them to try
with the CONFIG switched.
The new code is default y for more coverage.
Once there is confidence the 64bit code works well on older hardware
too the CONFIG_X86_OLD_MCE and the associated code can be easily
removed.
This causes a behaviour change for 32bit installations. They now
have to install the mcelog package to be able to log
corrected machine checks.
The 64bit machine check code only handles CPUs which support the
standard Intel machine check architecture described in the IA32 SDM.
The 32bit code has special support for some older CPUs which
have non standard machine check architectures, in particular
WinChip C3 and Intel P5. I made those a separate CONFIG option
and kept them for now. The WinChip variant could be probably
removed without too much pain, it doesn't really do anything
interesting. P5 is also disabled by default (like it
was before) because many motherboards have it miswired, but
according to Alan Cox a few embedded setups use that one.
Forward ported/heavily changed version of old patch, original patch
included review/fixes from Thomas Gleixner, Bert Wesarg.
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Signed-off-by: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
2009-04-28 21:07:31 +04:00
config X86_THERMAL_VECTOR
def_bool y
2009-07-09 02:31:39 +04:00
depends on X86_MCE_INTEL
x86, mce: use 64bit machine check code on 32bit
The 64bit machine check code is in many ways much better than
the 32bit machine check code: it is more specification compliant,
is cleaner, only has a single code base versus one per CPU,
has better infrastructure for recovery, has a cleaner way to communicate
with user space etc. etc.
Use the 64bit code for 32bit too.
This is the second attempt to do this. There was one a couple of years
ago to unify this code for 32bit and 64bit. Back then this ran into some
trouble with K7s and was reverted.
I believe this time the K7 problems (and some others) are addressed.
I went over the old handlers and was very careful to retain
all quirks.
But of course this needs a lot of testing on old systems. On newer
64bit capable systems I don't expect much problems because they have been
already tested with the 64bit kernel.
I made this a CONFIG for now that still allows to select the old
machine check code. This is mostly to make testing easier,
if someone runs into a problem we can ask them to try
with the CONFIG switched.
The new code is default y for more coverage.
Once there is confidence the 64bit code works well on older hardware
too the CONFIG_X86_OLD_MCE and the associated code can be easily
removed.
This causes a behaviour change for 32bit installations. They now
have to install the mcelog package to be able to log
corrected machine checks.
The 64bit machine check code only handles CPUs which support the
standard Intel machine check architecture described in the IA32 SDM.
The 32bit code has special support for some older CPUs which
have non standard machine check architectures, in particular
WinChip C3 and Intel P5. I made those a separate CONFIG option
and kept them for now. The WinChip variant could be probably
removed without too much pain, it doesn't really do anything
interesting. P5 is also disabled by default (like it
was before) because many motherboards have it miswired, but
according to Alan Cox a few embedded setups use that one.
Forward ported/heavily changed version of old patch, original patch
included review/fixes from Thomas Gleixner, Bert Wesarg.
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Signed-off-by: Hidetoshi Seto <seto.hidetoshi@jp.fujitsu.com>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
2009-04-28 21:07:31 +04:00
2016-03-29 15:30:35 +03:00
source "arch/x86/events/Kconfig"
2016-03-20 11:33:36 +03:00
2015-07-10 18:34:23 +03:00
config X86_LEGACY_VM86
2015-09-05 09:58:10 +03:00
bool "Legacy VM86 support"
2007-11-09 23:56:54 +03:00
depends on X86_32
2020-06-13 19:50:22 +03:00
help
2015-07-10 18:34:23 +03:00
This option allows user programs to put the CPU into V8086
mode, which is an 80286-era approximation of 16-bit real mode.
Some very old versions of X and/or vbetool require this option
for user mode setting. Similarly, DOSEMU will use it if
available to accelerate real mode DOS programs. However, any
recent version of DOSEMU, X, or vbetool should be fully
functional even without kernel VM86 support, as they will all
2015-09-05 09:58:10 +03:00
fall back to software emulation. Nevertheless, if you are using
a 16-bit DOS program where 16-bit performance matters, vm86
mode might be faster than emulation and you might want to
enable this option.
2015-07-10 18:34:23 +03:00
2015-09-05 09:58:10 +03:00
Note that any app that works on a 64-bit kernel is unlikely to
need this option, as 64-bit kernels don't, and can't, support
V8086 mode. This option is also unrelated to 16-bit protected
mode and is not needed to run most 16-bit programs under Wine.
2015-07-10 18:34:23 +03:00
2015-09-05 09:58:10 +03:00
Enabling this option increases the complexity of the kernel
and slows down exception handling a tiny bit.
2015-07-10 18:34:23 +03:00
2015-09-05 09:58:10 +03:00
If unsure, say N here.
2015-07-10 18:34:23 +03:00
config VM86
2019-11-21 06:21:09 +03:00
bool
default X86_LEGACY_VM86
2014-05-04 21:36:22 +04:00
config X86_16BIT
bool "Enable support for 16-bit segments" if EXPERT
default y
2015-07-31 00:31:34 +03:00
depends on MODIFY_LDT_SYSCALL
2020-06-13 19:50:22 +03:00
help
2014-05-04 21:36:22 +04:00
This option is required by programs like Wine to run 16-bit
protected mode legacy code on x86 processors. Disabling
this option saves about 300 bytes on i386, or around 6K text
plus 16K runtime memory on x86-64,
config X86_ESPFIX32
def_bool y
depends on X86_16BIT && X86_32
2007-11-09 23:56:54 +03:00
2014-05-04 21:00:49 +04:00
config X86_ESPFIX64
def_bool y
2014-05-04 21:36:22 +04:00
depends on X86_16BIT && X86_64
2007-11-09 23:56:54 +03:00
2014-10-30 00:33:47 +03:00
config X86_VSYSCALL_EMULATION
2019-11-21 06:21:09 +03:00
bool "Enable vsyscall emulation" if EXPERT
default y
depends on X86_64
2020-06-13 19:50:22 +03:00
help
2014-10-30 00:33:47 +03:00
This enables emulation of the legacy vsyscall page. Disabling
it is roughly equivalent to booting with vsyscall=none, except
that it will also disable the helpful warning if a program
tries to use a vsyscall. With this option set to N, offending
programs will just segfault, citing addresses of the form
0xffffffffff600?00.
This option is required by many programs built before 2013, and
care should be used even with newer programs if set to N.
Disabling this option saves about 7K of kernel size and
possibly 4K of additional runtime pagetable memory.
2019-11-12 23:40:33 +03:00
config X86_IOPL_IOPERM
bool "IOPERM and IOPL Emulation"
2019-11-12 01:03:29 +03:00
default y
2020-06-13 19:50:22 +03:00
help
2019-11-12 23:40:33 +03:00
This enables the ioperm() and iopl() syscalls which are necessary
for legacy applications.
2019-11-12 01:03:28 +03:00
Legacy IOPL support is an overbroad mechanism which allows user
space aside of accessing all 65536 I/O ports also to disable
interrupts. To gain this access the caller needs CAP_SYS_RAWIO
capabilities and permission from potentially active security
modules.
The emulation restricts the functionality of the syscall to
only allowing the full range I/O port access, but prevents the
2019-11-12 01:03:29 +03:00
ability to disable interrupts from user space which would be
granted if the hardware IOPL mechanism would be used.
2019-11-12 01:03:28 +03:00
2007-11-09 23:56:54 +03:00
config TOSHIBA
tristate "Toshiba Laptop support"
depends on X86_32
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
This adds a driver to safely access the System Management Mode of
the CPU on Toshiba portables with a genuine Toshiba BIOS. It does
not work on models with a Phoenix BIOS. The System Management Mode
is used to set the BIOS and power saving options on Toshiba portables.
For information on utilities to make use of this driver see the
Toshiba Linux utilities web site at:
<http://www.buzzard.org.uk/toshiba/>.
Say Y if you intend to run this kernel on a Toshiba portable.
Say N otherwise.
config I8K
2015-05-14 14:16:37 +03:00
tristate "Dell i8k legacy laptop support"
2011-05-25 22:43:33 +04:00
select HWMON
2015-05-14 14:16:37 +03:00
select SENSORS_DELL_SMM
2020-06-13 19:50:22 +03:00
help
2015-05-14 14:16:37 +03:00
This option enables legacy /proc/i8k userspace interface in hwmon
dell-smm-hwmon driver. Character file /proc/i8k reports bios version,
temperature and allows controlling fan speeds of Dell laptops via
System Management Mode. For old Dell laptops (like Dell Inspiron 8000)
it reports also power and hotkey status. For fan speed control is
needed userspace package i8kutils.
Say Y if you intend to run this kernel on old Dell laptops or want to
use userspace package i8kutils.
2007-11-09 23:56:54 +03:00
Say N otherwise.
config X86_REBOOTFIXUPS
2008-10-16 09:01:38 +04:00
bool "Enable X86 board specific fixups for reboot"
depends on X86_32
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
This enables chipset and/or board specific fixups to be done
in order to get reboot to work correctly. This is only needed on
some combinations of hardware and BIOS. The symptom, for which
this config is intended, is when reboot ends with a stalled/hung
system.
Currently, the only fixup is for the Geode machines using
2008-01-30 15:33:36 +03:00
CS5530A and CS5536 chipsets and the RDC R-321x SoC.
2007-11-09 23:56:54 +03:00
Say Y if you want to enable the fixup. Currently, it's safe to
enable this option even if you don't need it.
Say N otherwise.
config MICROCODE
2015-10-20 12:54:44 +03:00
bool "CPU microcode loading support"
default y
2013-10-13 20:36:29 +04:00
depends on CPU_SUP_AMD || CPU_SUP_INTEL
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
If you say Y here, you will be able to update the microcode on
2016-02-03 14:33:29 +03:00
Intel and AMD processors. The Intel support is for the IA32 family,
e.g. Pentium Pro, Pentium II, Pentium III, Pentium 4, Xeon etc. The
AMD support is for families 0x10 and later. You will obviously need
the actual microcode binary data itself which is not shipped with
the Linux kernel.
The preferred method to load microcode from a detached initrd is described
2019-06-07 21:54:32 +03:00
in Documentation/x86/microcode.rst. For that you need to enable
2016-02-03 14:33:29 +03:00
CONFIG_BLK_DEV_INITRD in order for the loader to be able to scan the
initrd for microcode blobs.
2018-01-24 05:06:32 +03:00
In addition, you can build the microcode into the kernel. For that you
need to add the vendor-supplied microcode to the CONFIG_EXTRA_FIRMWARE
config option.
2007-11-09 23:56:54 +03:00
2008-07-28 20:44:21 +04:00
config MICROCODE_INTEL
2012-08-01 21:17:01 +04:00
bool "Intel microcode loading support"
2009-02-05 18:21:53 +03:00
depends on MICROCODE
default MICROCODE
2020-06-13 19:50:22 +03:00
help
2009-02-05 18:21:53 +03:00
This options enables microcode patch loading support for Intel
processors.
2014-01-20 22:01:56 +04:00
For the current Intel microcode data package go to
<https://downloadcenter.intel.com> and search for
'Linux Processor Microcode Data File'.
2008-07-28 20:44:21 +04:00
2008-07-28 20:44:22 +04:00
config MICROCODE_AMD
2012-08-01 21:17:01 +04:00
bool "AMD microcode loading support"
2009-02-05 18:21:53 +03:00
depends on MICROCODE
2020-06-13 19:50:22 +03:00
help
2009-02-05 18:21:53 +03:00
If you select this option, microcode patch loading support for AMD
processors will be enabled.
2008-07-28 20:44:22 +04:00
2009-02-05 18:21:53 +03:00
config MICROCODE_OLD_INTERFACE
2019-04-05 07:28:11 +03:00
bool "Ancient loading interface (DEPRECATED)"
default n
2007-11-09 23:56:54 +03:00
depends on MICROCODE
2020-06-13 19:50:22 +03:00
help
2019-04-05 07:28:11 +03:00
DO NOT USE THIS! This is the ancient /dev/cpu/microcode interface
which was used by userspace tools like iucode_tool and microcode.ctl.
It is inadequate because it runs too late to be able to properly
load microcode on a machine and it needs special tools. Instead, you
should've switched to the early loading method with the initrd or
2019-06-07 21:54:32 +03:00
builtin microcode by now: Documentation/x86/microcode.rst
2007-11-09 23:56:54 +03:00
config X86_MSR
tristate "/dev/cpu/*/msr - Model-specific register support"
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
This device gives privileged processes access to the x86
Model-Specific Registers (MSRs). It is a character device with
major 202 and minors 0 to 31 for /dev/cpu/0/msr to /dev/cpu/31/msr.
MSR accesses are directed to a specific CPU on multi-processor
systems.
config X86_CPUID
tristate "/dev/cpu/*/cpuid - CPU information support"
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
This device gives processes access to the x86 CPUID instruction to
be executed on a specific processor. It is a character device
with major 203 and minors 0 to 31 for /dev/cpu/0/cpuid to
/dev/cpu/31/cpuid.
choice
prompt "High Memory Support"
2010-04-21 18:23:44 +04:00
default HIGHMEM4G
2007-11-09 23:56:54 +03:00
depends on X86_32
config NOHIGHMEM
bool "off"
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
Linux can use up to 64 Gigabytes of physical memory on x86 systems.
However, the address space of 32-bit x86 processors is only 4
Gigabytes large. That means that, if you have a large amount of
physical memory, not all of it can be "permanently mapped" by the
kernel. The physical memory that's not permanently mapped is called
"high memory".
If you are compiling a kernel which will never run on a machine with
more than 1 Gigabyte total physical RAM, answer "off" here (default
choice and suitable for most users). This will result in a "3GB/1GB"
split: 3GB are mapped so that each process sees a 3GB virtual memory
space and the remaining part of the 4GB virtual memory space is used
by the kernel to permanently map as much physical memory as
possible.
If the machine has between 1 and 4 Gigabytes physical RAM, then
answer "4GB" here.
If more than 4 Gigabytes is used then answer "64GB" here. This
selection turns Intel PAE (Physical Address Extension) mode on.
PAE implements 3-level paging on IA32 processors. PAE is fully
supported by Linux, PAE mode is implemented on all recent Intel
processors (Pentium Pro and better). NOTE: If you say "64GB" here,
then the kernel will not boot on CPUs that don't support PAE!
The actual amount of total physical memory will either be
auto detected or can be forced by using a kernel command line option
such as "mem=256M". (Try "man bootparam" or see the documentation of
your boot loader (lilo or loadlin) about how to pass options to the
kernel at boot time.)
If unsure, say "off".
config HIGHMEM4G
bool "4GB"
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
Select this if you have a 32-bit processor and between 1 and 4
gigabytes of physical RAM.
config HIGHMEM64G
bool "64GB"
2018-02-15 19:54:55 +03:00
depends on !M486 && !M586 && !M586TSC && !M586MMX && !MGEODE_LX && !MGEODEGX1 && !MCYRIXIII && !MELAN && !MWINCHIPC6 && !WINCHIP3D && !MK6
2007-11-09 23:56:54 +03:00
select X86_PAE
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
Select this if you have a 32-bit processor and more than 4
gigabytes of physical RAM.
endchoice
choice
2011-01-21 01:44:16 +03:00
prompt "Memory split" if EXPERT
2007-11-09 23:56:54 +03:00
default VMSPLIT_3G
depends on X86_32
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
Select the desired split between kernel and user memory.
If the address range available to the kernel is less than the
physical memory installed, the remaining memory will be available
as "high memory". Accessing high memory is a little more costly
than low memory, as it needs to be mapped into the kernel first.
Note that increasing the kernel address space limits the range
available to user programs, making the address space there
tighter. Selecting anything other than the default 3G/1G split
will also likely make your kernel incompatible with binary-only
kernel modules.
If you are not absolutely sure what you are doing, leave this
option alone!
config VMSPLIT_3G
bool "3G/1G user/kernel split"
config VMSPLIT_3G_OPT
depends on !X86_PAE
bool "3G/1G user/kernel split (for full 1G low memory)"
config VMSPLIT_2G
bool "2G/2G user/kernel split"
config VMSPLIT_2G_OPT
depends on !X86_PAE
bool "2G/2G user/kernel split (for full 2G low memory)"
config VMSPLIT_1G
bool "1G/3G user/kernel split"
endchoice
config PAGE_OFFSET
hex
default 0xB0000000 if VMSPLIT_3G_OPT
default 0x80000000 if VMSPLIT_2G
default 0x78000000 if VMSPLIT_2G_OPT
default 0x40000000 if VMSPLIT_1G
default 0xC0000000
depends on X86_32
config HIGHMEM
2008-01-30 15:31:03 +03:00
def_bool y
2007-11-09 23:56:54 +03:00
depends on X86_32 && (HIGHMEM64G || HIGHMEM4G)
config X86_PAE
2008-10-16 09:01:38 +04:00
bool "PAE (Physical Address Extension) Support"
2007-11-09 23:56:54 +03:00
depends on X86_32 && !HIGHMEM4G
2018-04-03 17:24:20 +03:00
select PHYS_ADDR_T_64BIT
2015-10-05 18:31:33 +03:00
select SWIOTLB
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
PAE is required for NX support, and furthermore enables
larger swapspace support for non-overcommit purposes. It
has the cost of more pagetable lookup overhead, and also
consumes more pagetable space per process.
2017-07-17 01:59:54 +03:00
config X86_5LEVEL
bool "Enable 5-level page tables support"
2019-09-13 12:54:52 +03:00
default y
2018-02-14 14:16:50 +03:00
select DYNAMIC_MEMORY_LAYOUT
2018-02-14 14:16:54 +03:00
select SPARSEMEM_VMEMMAP
2017-07-17 01:59:54 +03:00
depends on X86_64
2020-06-13 19:50:22 +03:00
help
2017-07-17 01:59:54 +03:00
5-level paging enables access to larger address space:
upto 128 PiB of virtual address space and 4 PiB of
physical address space.
It will be supported by future Intel CPUs.
2018-02-14 21:25:42 +03:00
A kernel with the option enabled can be booted on machines that
support 4- or 5-level paging.
2017-07-17 01:59:54 +03:00
2019-06-07 21:54:32 +03:00
See Documentation/x86/x86_64/5level-paging.rst for more
2017-07-17 01:59:54 +03:00
information.
Say N if unsure.
2015-03-05 10:18:23 +03:00
config X86_DIRECT_GBPAGES
2015-03-05 04:24:12 +03:00
def_bool y
2019-08-07 16:02:58 +03:00
depends on X86_64
2020-06-13 19:50:22 +03:00
help
2015-03-05 10:18:23 +03:00
Certain kernel features effectively disable kernel
linear 1 GB mappings (even if the CPU otherwise
supports them), so don't confuse the user by printing
that we have them enabled.
2008-10-22 14:33:16 +04:00
2018-09-17 17:29:12 +03:00
config X86_CPA_STATISTICS
bool "Enable statistic for Change Page Attribute"
depends on DEBUG_FS
2020-06-13 19:50:22 +03:00
help
2019-11-20 17:57:04 +03:00
Expose statistics about the Change Page Attribute mechanism, which
2019-04-16 13:57:51 +03:00
helps to determine the effectiveness of preserving large and huge
2018-09-17 17:29:12 +03:00
page mappings when mapping protections are changed.
2017-07-18 00:10:03 +03:00
config AMD_MEM_ENCRYPT
bool "AMD Secure Memory Encryption (SME) support"
depends on X86_64 && CPU_SUP_AMD
2020-04-15 03:05:01 +03:00
select DMA_COHERENT_POOL
2018-05-18 14:30:28 +03:00
select DYNAMIC_PHYSICAL_MASK
2019-02-02 12:41:17 +03:00
select ARCH_USE_MEMREMAP_PROT
2019-07-10 22:01:19 +03:00
select ARCH_HAS_FORCE_DMA_UNENCRYPTED
2020-06-13 19:50:22 +03:00
help
2017-07-18 00:10:03 +03:00
Say yes to enable support for the encryption of system memory.
This requires an AMD processor that supports Secure Memory
Encryption (SME).
config AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT
bool "Activate AMD Secure Memory Encryption (SME) by default"
default y
depends on AMD_MEM_ENCRYPT
2020-06-13 19:50:22 +03:00
help
2017-07-18 00:10:03 +03:00
Say yes to have system memory encrypted by default if running on
an AMD processor that supports Secure Memory Encryption (SME).
If set to Y, then the encryption of system memory can be
deactivated with the mem_encrypt=off command line option.
If set to N, then the encryption of system memory can be
activated with the mem_encrypt=on command line option.
2007-11-09 23:56:54 +03:00
# Common NUMA Features
config NUMA
2019-12-04 03:06:47 +03:00
bool "NUMA Memory Allocation and Scheduler Support"
2007-11-09 23:56:54 +03:00
depends on SMP
2014-02-26 00:14:06 +04:00
depends on X86_64 || (X86_32 && HIGHMEM64G && X86_BIGSMP)
default y if X86_BIGSMP
2020-06-13 19:50:22 +03:00
help
2019-12-04 03:06:47 +03:00
Enable NUMA (Non-Uniform Memory Access) support.
2008-11-04 20:27:19 +03:00
2007-11-09 23:56:54 +03:00
The kernel will try to allocate memory used by a CPU on the
local memory controller of the CPU and add some more
NUMA awareness to the kernel.
2008-11-08 15:29:45 +03:00
For 64-bit this is recommended if the system is Intel Core i7
2008-11-04 20:27:19 +03:00
(or later), AMD Opteron, or EM64T NUMA.
2014-02-26 00:14:06 +04:00
For 32-bit this is only needed if you boot a 32-bit
2014-02-12 06:11:13 +04:00
kernel on a 64-bit NUMA platform.
2008-11-04 20:27:19 +03:00
Otherwise, you should say N.
2007-11-09 23:56:54 +03:00
2010-10-29 19:14:30 +04:00
config AMD_NUMA
2008-01-30 15:31:03 +03:00
def_bool y
prompt "Old style AMD Opteron NUMA detection"
2011-07-11 12:34:32 +04:00
depends on X86_64 && NUMA && PCI
2020-06-13 19:50:22 +03:00
help
2010-10-29 19:14:30 +04:00
Enable AMD NUMA node topology detection. You should say Y here if
you have a multi processor AMD system. This uses an old method to
read the NUMA configuration directly from the builtin Northbridge
of Opteron. It is recommended to use X86_64_ACPI_NUMA instead,
which also takes priority if both are compiled in.
2007-11-09 23:56:54 +03:00
config X86_64_ACPI_NUMA
2008-01-30 15:31:03 +03:00
def_bool y
prompt "ACPI NUMA detection"
2007-11-09 23:56:54 +03:00
depends on X86_64 && NUMA && ACPI && PCI
select ACPI_NUMA
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
Enable ACPI SRAT based node topology detection.
config NUMA_EMU
bool "NUMA emulation"
2011-05-02 19:24:48 +04:00
depends on NUMA
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
Enable NUMA emulation. A flat machine will be split
into virtual nodes when booted with "numa=fake=N", where N is the
number of nodes. This is only useful for debugging.
config NODES_SHIFT
2008-08-26 01:15:38 +04:00
int "Maximum NUMA Nodes (as a power of 2)" if !MAXSMP
2010-03-26 01:39:27 +03:00
range 1 10
default "10" if MAXSMP
2007-11-09 23:56:54 +03:00
default "6" if X86_64
default "3"
depends on NEED_MULTIPLE_NODES
2020-06-13 19:50:22 +03:00
help
2008-05-12 23:21:12 +04:00
Specify the maximum number of NUMA Nodes available on the target
2009-01-26 13:12:25 +03:00
system. Increases memory reserved to accommodate various tables.
2007-11-09 23:56:54 +03:00
config ARCH_FLATMEM_ENABLE
def_bool y
2011-04-01 13:15:12 +04:00
depends on X86_32 && !NUMA
2007-11-09 23:56:54 +03:00
config ARCH_SPARSEMEM_ENABLE
def_bool y
2012-10-02 22:16:47 +04:00
depends on X86_64 || NUMA || X86_32 || X86_32_NON_STANDARD
2007-11-09 23:56:54 +03:00
select SPARSEMEM_STATIC if X86_32
select SPARSEMEM_VMEMMAP_ENABLE if X86_64
2011-04-01 13:15:12 +04:00
config ARCH_SPARSEMEM_DEFAULT
2019-04-24 16:24:11 +03:00
def_bool X86_64 || (NUMA && X86_32)
2011-04-01 13:15:12 +04:00
2007-11-09 23:56:54 +03:00
config ARCH_SELECT_MEMORY_MODEL
def_bool y
2008-01-30 15:30:47 +03:00
depends on ARCH_SPARSEMEM_ENABLE
2007-11-09 23:56:54 +03:00
config ARCH_MEMORY_PROBE
2013-07-19 21:47:48 +04:00
bool "Enable sysfs memory/probe interface"
2012-09-10 15:41:45 +04:00
depends on X86_64 && MEMORY_HOTPLUG
2013-07-19 21:47:48 +04:00
help
This option enables a sysfs memory/probe interface for testing.
2019-06-07 21:54:32 +03:00
See Documentation/admin-guide/mm/memory-hotplug.rst for more information.
2013-07-19 21:47:48 +04:00
If you are unsure how to answer this question, answer N.
2007-11-09 23:56:54 +03:00
2011-04-01 13:15:12 +04:00
config ARCH_PROC_KCORE_TEXT
def_bool y
depends on X86_64 && PROC_KCORE
2010-01-10 17:28:09 +03:00
config ILLEGAL_POINTER_VALUE
2019-11-21 06:21:09 +03:00
hex
default 0 if X86_32
default 0xdead000000000000 if X86_64
2010-01-10 17:28:09 +03:00
2015-08-19 07:34:34 +03:00
config X86_PMEM_LEGACY_DEVICE
bool
2015-04-01 10:12:18 +03:00
config X86_PMEM_LEGACY
2015-08-19 07:34:34 +03:00
tristate "Support non-standard NVDIMMs and ADR protected memory"
2015-06-09 22:33:45 +03:00
depends on PHYS_ADDR_T_64BIT
depends on BLK_DEV
2015-08-19 07:34:34 +03:00
select X86_PMEM_LEGACY_DEVICE
libnvdimm/e820: Retrieve and populate correct 'target_node' info
Use the new phys_to_target_node() and numa_map_to_online_node() helpers
to retrieve the correct id for the 'numa_node' ("local" / online
initiator node) and 'target_node' (offline target memory node) sysfs
attributes.
Below is an example from a 4 NUMA node system where all the memory on
node2 is pmem / reserved. It should be noted that with the arrival of
the ACPI HMAT table and EFI Specific Purpose Memory the kernel will
start to see more platforms with reserved / performance differentiated
memory in its own NUMA node. Hence all the stakeholders on the Cc for
what is ostensibly a libnvdimm local patch.
=== Before ===
/* Notice no online memory on node2 at start */
# numactl --hardware
available: 3 nodes (0-1,3)
node 0 cpus: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
node 0 size: 3958 MB
node 0 free: 3708 MB
node 1 cpus: 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39
node 1 size: 4027 MB
node 1 free: 3871 MB
node 3 cpus:
node 3 size: 3994 MB
node 3 free: 3971 MB
node distances:
node 0 1 3
0: 10 21 21
1: 21 10 21
3: 21 21 10
/*
* Put the pmem namespace into devdax mode so it can be assigned to the
* kmem driver
*/
# ndctl create-namespace -e namespace0.0 -m devdax -f
{
"dev":"namespace0.0",
"mode":"devdax",
"map":"dev",
"size":"3.94 GiB (4.23 GB)",
"uuid":"1650af9b-9ba3-4704-acd6-10178399d9a3",
[..]
}
/* Online Persistent Memory as System RAM */
# daxctl reconfigure-device --mode=system-ram dax0.0
libdaxctl: memblock_in_dev: dax0.0: memory0: Unable to determine phys_index: Success
libdaxctl: memblock_in_dev: dax0.0: memory0: Unable to determine phys_index: Success
libdaxctl: memblock_in_dev: dax0.0: memory0: Unable to determine phys_index: Success
libdaxctl: memblock_in_dev: dax0.0: memory0: Unable to determine phys_index: Success
[
{
"chardev":"dax0.0",
"size":4225761280,
"target_node":0,
"mode":"system-ram"
}
]
reconfigured 1 device
/* Note that the memory is onlined by default to the wrong node, node0 */
# numactl --hardware
available: 3 nodes (0-1,3)
node 0 cpus: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
node 0 size: 7926 MB
node 0 free: 7655 MB
node 1 cpus: 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39
node 1 size: 4027 MB
node 1 free: 3871 MB
node 3 cpus:
node 3 size: 3994 MB
node 3 free: 3971 MB
node distances:
node 0 1 3
0: 10 21 21
1: 21 10 21
3: 21 21 10
=== After ===
/* Notice that the "phys_index" error messages are gone */
# daxctl reconfigure-device --mode=system-ram dax0.0
[
{
"chardev":"dax0.0",
"size":4225761280,
"target_node":2,
"mode":"system-ram"
}
]
reconfigured 1 device
/* Notice that node2 is now correctly populated */
# numactl --hardware
available: 4 nodes (0-3)
node 0 cpus: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
node 0 size: 3958 MB
node 0 free: 3793 MB
node 1 cpus: 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39
node 1 size: 4027 MB
node 1 free: 3851 MB
node 2 cpus:
node 2 size: 3968 MB
node 2 free: 3968 MB
node 3 cpus:
node 3 size: 3994 MB
node 3 free: 3908 MB
node distances:
node 0 1 2 3
0: 10 21 21 21
1: 21 10 21 21
2: 21 21 10 21
3: 21 21 21 10
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: David Hildenbrand <david@redhat.com>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Ira Weiny <ira.weiny@intel.com>
Cc: Vishal Verma <vishal.l.verma@intel.com>
Cc: Christoph Hellwig <hch@lst.de>
Reviewed-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Dan Williams <dan.j.williams@intel.com>
Link: https://lore.kernel.org/r/158188327614.894464.13122730362187722603.stgit@dwillia2-desk3.amr.corp.intel.com
2020-02-16 23:01:16 +03:00
select NUMA_KEEP_MEMINFO if NUMA
2015-06-09 22:33:45 +03:00
select LIBNVDIMM
2015-04-01 10:12:18 +03:00
help
Treat memory marked using the non-standard e820 type of 12 as used
by the Intel Sandy Bridge-EP reference BIOS as protected memory.
The kernel will offer these regions to the 'pmem' driver so
they can be used for persistent storage.
Say Y if unsure.
2007-11-09 23:56:54 +03:00
config HIGHPTE
bool "Allocate 3rd-level pagetables from highmem"
2010-04-21 18:23:44 +04:00
depends on HIGHMEM
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
The VM uses one page table entry for each page of physical memory.
For systems with a lot of RAM, this can be wasteful of precious
low memory. Setting this option will put user-space page table
entries in high memory.
2008-09-07 12:51:34 +04:00
config X86_CHECK_BIOS_CORRUPTION
2009-02-05 18:21:53 +03:00
bool "Check for low memory corruption"
2020-06-13 19:50:22 +03:00
help
2009-02-05 18:21:53 +03:00
Periodically check for memory corruption in low memory, which
is suspected to be caused by BIOS. Even when enabled in the
configuration, it is disabled at runtime. Enable it by
setting "memory_corruption_check=1" on the kernel command
line. By default it scans the low 64k of memory every 60
seconds; see the memory_corruption_check_size and
memory_corruption_check_period parameters in
2016-10-18 15:12:27 +03:00
Documentation/admin-guide/kernel-parameters.rst to adjust this.
2009-02-05 18:21:53 +03:00
When enabled with the default parameters, this option has
almost no overhead, as it reserves a relatively small amount
of memory and scans it infrequently. It both detects corruption
and prevents it from affecting the running system.
It is, however, intended as a diagnostic tool; if repeatable
BIOS-originated corruption always affects the same memory,
you can use memmap= to prevent the kernel from using that
memory.
2008-09-07 12:51:34 +04:00
2008-09-07 13:37:32 +04:00
config X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK
2009-02-05 18:21:53 +03:00
bool "Set the default setting of memory_corruption_check"
2008-09-07 13:37:32 +04:00
depends on X86_CHECK_BIOS_CORRUPTION
default y
2020-06-13 19:50:22 +03:00
help
2009-02-05 18:21:53 +03:00
Set whether the default state of memory_corruption_check is
on or off.
2008-09-07 13:37:32 +04:00
2010-08-26 03:38:20 +04:00
config X86_RESERVE_LOW
2010-08-25 04:32:04 +04:00
int "Amount of low memory, in kilobytes, to reserve for the BIOS"
default 64
range 4 640
2020-06-13 19:50:22 +03:00
help
2010-08-25 04:32:04 +04:00
Specify the amount of low memory to reserve for the BIOS.
The first page contains BIOS data structures that the kernel
must not use, so that page must always be reserved.
By default we reserve the first 64K of physical RAM, as a
number of BIOSes are known to corrupt that memory range
during events such as suspend/resume or monitor cable
insertion, so it must not be used by the kernel.
2008-09-16 12:07:34 +04:00
2010-08-25 04:32:04 +04:00
You can set this to 4 if you are absolutely sure that you
trust the BIOS to get all its memory reservations and usages
right. If you know your BIOS have problems beyond the
default 64K area, you can set this to 640 to avoid using the
entire low memory range.
2008-09-16 12:07:34 +04:00
2010-08-25 04:32:04 +04:00
If you have doubts about the BIOS (e.g. suspend/resume does
not work or there's kernel crashes after certain hardware
hotplug events) then you might want to enable
X86_CHECK_BIOS_CORRUPTION=y to allow the kernel to check
typical corruption patterns.
2008-09-16 12:07:34 +04:00
2010-08-25 04:32:04 +04:00
Leave this to the default value of 64 if you are unsure.
2008-09-16 12:07:34 +04:00
2007-11-09 23:56:54 +03:00
config MATH_EMULATION
bool
2015-07-31 00:31:34 +03:00
depends on MODIFY_LDT_SYSCALL
2019-10-01 17:23:35 +03:00
prompt "Math emulation" if X86_32 && (M486SX || MELAN)
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
Linux can emulate a math coprocessor (used for floating point
operations) if you don't have one. 486DX and Pentium processors have
a math coprocessor built in, 486SX and 386 do not, unless you added
a 487DX or 387, respectively. (The messages during boot time can
give you some hints here ["man dmesg"].) Everyone needs either a
coprocessor or this emulation.
If you don't have a math coprocessor, you need to say Y here; if you
say Y here even though you have a coprocessor, the coprocessor will
be used nevertheless. (This behavior can be changed with the kernel
command line option "no387", which comes handy if your coprocessor
is broken. Try "man bootparam" or see the documentation of your boot
loader (lilo or loadlin) about how to pass options to the kernel at
boot time.) This means that it is a good idea to say Y here if you
intend to use this kernel on different machines.
More information about the internals of the Linux math coprocessor
emulation can be found in <file:arch/x86/math-emu/README>.
If you are not sure, say Y; apart from resulting in a 66 KB bigger
kernel, it won't hurt.
config MTRR
2010-04-21 18:23:44 +04:00
def_bool y
2011-01-21 01:44:16 +03:00
prompt "MTRR (Memory Type Range Register) support" if EXPERT
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
On Intel P6 family processors (Pentium Pro, Pentium II and later)
the Memory Type Range Registers (MTRRs) may be used to control
processor access to memory ranges. This is most useful if you have
a video (VGA) card on a PCI or AGP bus. Enabling write-combining
allows bus write transfers to be combined into a larger transfer
before bursting over the PCI/AGP bus. This can increase performance
of image write operations 2.5 times or more. Saying Y here creates a
/proc/mtrr file which may be used to manipulate your processor's
MTRRs. Typically the X server should use this.
This code has a reasonably generic interface so that similar
control registers on other processors can be easily supported
as well:
The Cyrix 6x86, 6x86MX and M II processors have Address Range
Registers (ARRs) which provide a similar functionality to MTRRs. For
these, the ARRs are used to emulate the MTRRs.
The AMD K6-2 (stepping 8 and above) and K6-3 processors have two
MTRRs. The Centaur C6 (WinChip) has 8 MCRs, allowing
write-combining. All of these processors are supported by this code
and it makes sense to say Y here if you have one of them.
Saying Y here also fixes a problem with buggy SMP BIOSes which only
set the MTRRs for the boot CPU and not for the secondary CPUs. This
can lead to all sorts of problems, so it's good to say Y here.
You can safely say Y even if your machine doesn't have MTRRs, you'll
just add about 9 KB to your kernel.
2019-06-07 21:54:32 +03:00
See <file:Documentation/x86/mtrr.rst> for more information.
2007-11-09 23:56:54 +03:00
2008-04-29 14:52:33 +04:00
config MTRR_SANITIZER
x86: change MTRR_SANITIZER to def_bool y
This option has been added in v2.6.26 as a default-disabled
feature and went through several revisions since then.
The feature fixes a wide range of MTRR setup problems that BIOSes
leave us with: slow system, slow Xorg, slow system when adding lots
of RAM, etc., so we want to enable it by default for v2.6.28.
See:
[Bug 10508] Upgrade to 4GB of RAM messes up MTRRs
http://bugzilla.kernel.org/show_bug.cgi?id=10508
and the test results in:
http://lkml.org/lkml/2008/9/29/273
1. hpa
reg00: base=0xc0000000 (3072MB), size=1024MB: uncachable, count=1
reg01: base=0x13c000000 (5056MB), size= 64MB: uncachable, count=1
reg02: base=0x00000000 ( 0MB), size=4096MB: write-back, count=1
reg03: base=0x100000000 (4096MB), size=1024MB: write-back, count=1
reg04: base=0xbf700000 (3063MB), size= 1MB: uncachable, count=1
reg05: base=0xbf800000 (3064MB), size= 8MB: uncachable, count=1
will get
Found optimal setting for mtrr clean up
gran_size: 1M chunk_size: 128M num_reg: 6 lose RAM: 0M
range0: 0000000000000000 - 00000000c0000000
Setting variable MTRR 0, base: 0MB, range: 2048MB, type WB
Setting variable MTRR 1, base: 2048MB, range: 1024MB, type WB
hole: 00000000bf700000 - 00000000c0000000
Setting variable MTRR 2, base: 3063MB, range: 1MB, type UC
Setting variable MTRR 3, base: 3064MB, range: 8MB, type UC
range0: 0000000100000000 - 0000000140000000
Setting variable MTRR 4, base: 4096MB, range: 1024MB, type WB
hole: 000000013c000000 - 0000000140000000
Setting variable MTRR 5, base: 5056MB, range: 64MB, type UC
2. Dylan Taft
reg00: base=0x00000000 ( 0MB), size=4096MB: write-back, count=1
reg01: base=0x100000000 (4096MB), size= 512MB: write-back, count=1
reg02: base=0x120000000 (4608MB), size= 256MB: write-back, count=1
reg03: base=0xd0000000 (3328MB), size= 256MB: uncachable, count=1
reg04: base=0xe0000000 (3584MB), size= 512MB: uncachable, count=1
reg05: base=0xc7e00000 (3198MB), size= 2MB: uncachable, count=1
reg06: base=0xc8000000 (3200MB), size= 128MB: uncachable, count=1
will get
Found optimal setting for mtrr clean up
gran_size: 1M chunk_size: 4M num_reg: 6 lose RAM: 0M
range0: 0000000000000000 - 00000000c8000000
Setting variable MTRR 0, base: 0MB, range: 2048MB, type WB
Setting variable MTRR 1, base: 2048MB, range: 1024MB, type WB
Setting variable MTRR 2, base: 3072MB, range: 128MB, type WB
hole: 00000000c7e00000 - 00000000c8000000
Setting variable MTRR 3, base: 3198MB, range: 2MB, type UC
rangeX: 0000000100000000 - 0000000130000000
Setting variable MTRR 4, base: 4096MB, range: 512MB, type WB
Setting variable MTRR 5, base: 4608MB, range: 256MB, type WB
3. Gabriel
reg00: base=0xd0000000 (3328MB), size= 256MB: uncachable, count=1
reg01: base=0xe0000000 (3584MB), size= 512MB: uncachable, count=1
reg02: base=0x00000000 ( 0MB), size=4096MB: write-back, count=1
reg03: base=0x100000000 (4096MB), size= 512MB: write-back, count=1
reg04: base=0x120000000 (4608MB), size= 128MB: write-back, count=1
reg05: base=0x128000000 (4736MB), size= 64MB: write-back, count=1
reg06: base=0xcf600000 (3318MB), size= 2MB: uncachable, count=1
will get
Found optimal setting for mtrr clean up
gran_size: 1M chunk_size: 16M num_reg: 7 lose RAM: 0M
range0: 0000000000000000 - 00000000d0000000
Setting variable MTRR 0, base: 0MB, range: 2048MB, type WB
Setting variable MTRR 1, base: 2048MB, range: 1024MB, type WB
Setting variable MTRR 2, base: 3072MB, range: 256MB, type WB
hole: 00000000cf600000 - 00000000cf800000
Setting variable MTRR 3, base: 3318MB, range: 2MB, type UC
rangeX: 0000000100000000 - 000000012c000000
Setting variable MTRR 4, base: 4096MB, range: 512MB, type WB
Setting variable MTRR 5, base: 4608MB, range: 128MB, type WB
Setting variable MTRR 6, base: 4736MB, range: 64MB, type WB
4. Mika Fischer
reg00: base=0xc0000000 (3072MB), size=1024MB: uncachable, count=1
reg01: base=0x00000000 ( 0MB), size=4096MB: write-back, count=1
reg02: base=0x100000000 (4096MB), size=1024MB: write-back, count=1
reg03: base=0xbf700000 (3063MB), size= 1MB: uncachable, count=1
reg04: base=0xbf800000 (3064MB), size= 8MB: uncachable, count=1
will get
Found optimal setting for mtrr clean up
gran_size: 1M chunk_size: 16M num_reg: 5 lose RAM: 0M
range0: 0000000000000000 - 00000000c0000000
Setting variable MTRR 0, base: 0MB, range: 2048MB, type WB
Setting variable MTRR 1, base: 2048MB, range: 1024MB, type WB
hole: 00000000bf700000 - 00000000c0000000
Setting variable MTRR 2, base: 3063MB, range: 1MB, type UC
Setting variable MTRR 3, base: 3064MB, range: 8MB, type UC
rangeX: 0000000100000000 - 0000000140000000
Setting variable MTRR 4, base: 4096MB, range: 1024MB, type WB
Signed-off-by: Yinghai Lu <yhlu.kernel@gmail.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-10-01 03:29:40 +04:00
def_bool y
2008-04-29 14:52:33 +04:00
prompt "MTRR cleanup support"
depends on MTRR
2020-06-13 19:50:22 +03:00
help
2008-07-15 16:48:48 +04:00
Convert MTRR layout from continuous to discrete, so X drivers can
add writeback entries.
2008-04-29 14:52:33 +04:00
2008-07-15 16:48:48 +04:00
Can be disabled with disable_mtrr_cleanup on the kernel command line.
2009-01-26 13:12:25 +03:00
The largest mtrr entry size for a continuous block can be set with
2008-07-15 16:48:48 +04:00
mtrr_chunk_size.
2008-04-29 14:52:33 +04:00
x86: change MTRR_SANITIZER to def_bool y
This option has been added in v2.6.26 as a default-disabled
feature and went through several revisions since then.
The feature fixes a wide range of MTRR setup problems that BIOSes
leave us with: slow system, slow Xorg, slow system when adding lots
of RAM, etc., so we want to enable it by default for v2.6.28.
See:
[Bug 10508] Upgrade to 4GB of RAM messes up MTRRs
http://bugzilla.kernel.org/show_bug.cgi?id=10508
and the test results in:
http://lkml.org/lkml/2008/9/29/273
1. hpa
reg00: base=0xc0000000 (3072MB), size=1024MB: uncachable, count=1
reg01: base=0x13c000000 (5056MB), size= 64MB: uncachable, count=1
reg02: base=0x00000000 ( 0MB), size=4096MB: write-back, count=1
reg03: base=0x100000000 (4096MB), size=1024MB: write-back, count=1
reg04: base=0xbf700000 (3063MB), size= 1MB: uncachable, count=1
reg05: base=0xbf800000 (3064MB), size= 8MB: uncachable, count=1
will get
Found optimal setting for mtrr clean up
gran_size: 1M chunk_size: 128M num_reg: 6 lose RAM: 0M
range0: 0000000000000000 - 00000000c0000000
Setting variable MTRR 0, base: 0MB, range: 2048MB, type WB
Setting variable MTRR 1, base: 2048MB, range: 1024MB, type WB
hole: 00000000bf700000 - 00000000c0000000
Setting variable MTRR 2, base: 3063MB, range: 1MB, type UC
Setting variable MTRR 3, base: 3064MB, range: 8MB, type UC
range0: 0000000100000000 - 0000000140000000
Setting variable MTRR 4, base: 4096MB, range: 1024MB, type WB
hole: 000000013c000000 - 0000000140000000
Setting variable MTRR 5, base: 5056MB, range: 64MB, type UC
2. Dylan Taft
reg00: base=0x00000000 ( 0MB), size=4096MB: write-back, count=1
reg01: base=0x100000000 (4096MB), size= 512MB: write-back, count=1
reg02: base=0x120000000 (4608MB), size= 256MB: write-back, count=1
reg03: base=0xd0000000 (3328MB), size= 256MB: uncachable, count=1
reg04: base=0xe0000000 (3584MB), size= 512MB: uncachable, count=1
reg05: base=0xc7e00000 (3198MB), size= 2MB: uncachable, count=1
reg06: base=0xc8000000 (3200MB), size= 128MB: uncachable, count=1
will get
Found optimal setting for mtrr clean up
gran_size: 1M chunk_size: 4M num_reg: 6 lose RAM: 0M
range0: 0000000000000000 - 00000000c8000000
Setting variable MTRR 0, base: 0MB, range: 2048MB, type WB
Setting variable MTRR 1, base: 2048MB, range: 1024MB, type WB
Setting variable MTRR 2, base: 3072MB, range: 128MB, type WB
hole: 00000000c7e00000 - 00000000c8000000
Setting variable MTRR 3, base: 3198MB, range: 2MB, type UC
rangeX: 0000000100000000 - 0000000130000000
Setting variable MTRR 4, base: 4096MB, range: 512MB, type WB
Setting variable MTRR 5, base: 4608MB, range: 256MB, type WB
3. Gabriel
reg00: base=0xd0000000 (3328MB), size= 256MB: uncachable, count=1
reg01: base=0xe0000000 (3584MB), size= 512MB: uncachable, count=1
reg02: base=0x00000000 ( 0MB), size=4096MB: write-back, count=1
reg03: base=0x100000000 (4096MB), size= 512MB: write-back, count=1
reg04: base=0x120000000 (4608MB), size= 128MB: write-back, count=1
reg05: base=0x128000000 (4736MB), size= 64MB: write-back, count=1
reg06: base=0xcf600000 (3318MB), size= 2MB: uncachable, count=1
will get
Found optimal setting for mtrr clean up
gran_size: 1M chunk_size: 16M num_reg: 7 lose RAM: 0M
range0: 0000000000000000 - 00000000d0000000
Setting variable MTRR 0, base: 0MB, range: 2048MB, type WB
Setting variable MTRR 1, base: 2048MB, range: 1024MB, type WB
Setting variable MTRR 2, base: 3072MB, range: 256MB, type WB
hole: 00000000cf600000 - 00000000cf800000
Setting variable MTRR 3, base: 3318MB, range: 2MB, type UC
rangeX: 0000000100000000 - 000000012c000000
Setting variable MTRR 4, base: 4096MB, range: 512MB, type WB
Setting variable MTRR 5, base: 4608MB, range: 128MB, type WB
Setting variable MTRR 6, base: 4736MB, range: 64MB, type WB
4. Mika Fischer
reg00: base=0xc0000000 (3072MB), size=1024MB: uncachable, count=1
reg01: base=0x00000000 ( 0MB), size=4096MB: write-back, count=1
reg02: base=0x100000000 (4096MB), size=1024MB: write-back, count=1
reg03: base=0xbf700000 (3063MB), size= 1MB: uncachable, count=1
reg04: base=0xbf800000 (3064MB), size= 8MB: uncachable, count=1
will get
Found optimal setting for mtrr clean up
gran_size: 1M chunk_size: 16M num_reg: 5 lose RAM: 0M
range0: 0000000000000000 - 00000000c0000000
Setting variable MTRR 0, base: 0MB, range: 2048MB, type WB
Setting variable MTRR 1, base: 2048MB, range: 1024MB, type WB
hole: 00000000bf700000 - 00000000c0000000
Setting variable MTRR 2, base: 3063MB, range: 1MB, type UC
Setting variable MTRR 3, base: 3064MB, range: 8MB, type UC
rangeX: 0000000100000000 - 0000000140000000
Setting variable MTRR 4, base: 4096MB, range: 1024MB, type WB
Signed-off-by: Yinghai Lu <yhlu.kernel@gmail.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
2008-10-01 03:29:40 +04:00
If unsure, say Y.
2008-04-29 14:52:33 +04:00
config MTRR_SANITIZER_ENABLE_DEFAULT
2008-04-30 07:25:58 +04:00
int "MTRR cleanup enable value (0-1)"
range 0 1
default "0"
2008-04-29 14:52:33 +04:00
depends on MTRR_SANITIZER
2020-06-13 19:50:22 +03:00
help
2008-04-30 07:25:58 +04:00
Enable mtrr cleanup default value
2008-04-29 14:52:33 +04:00
2008-05-02 13:40:22 +04:00
config MTRR_SANITIZER_SPARE_REG_NR_DEFAULT
int "MTRR cleanup spare reg num (0-7)"
range 0 7
default "1"
depends on MTRR_SANITIZER
2020-06-13 19:50:22 +03:00
help
2008-05-02 13:40:22 +04:00
mtrr cleanup spare entries default, it can be changed via
2008-07-15 16:48:48 +04:00
mtrr_spare_reg_nr=N on the kernel command line.
2008-05-02 13:40:22 +04:00
2008-03-19 03:00:14 +03:00
config X86_PAT
2010-04-21 18:23:44 +04:00
def_bool y
2011-01-21 01:44:16 +03:00
prompt "x86 PAT support" if EXPERT
2008-04-26 12:26:52 +04:00
depends on MTRR
2020-06-13 19:50:22 +03:00
help
2008-03-19 03:00:14 +03:00
Use PAT attributes to setup page level cache control.
2008-03-25 00:22:35 +03:00
2008-03-19 03:00:14 +03:00
PATs are the modern equivalents of MTRRs and are much more
flexible than MTRRs.
Say N here if you see bootup problems (boot crash, boot hang,
2008-03-25 00:22:35 +03:00
spontaneous reboots) or a non-working video driver.
2008-03-19 03:00:14 +03:00
If unsure, say Y.
2009-07-10 20:57:37 +04:00
config ARCH_USES_PG_UNCACHED
def_bool y
depends on X86_PAT
x86, random: Architectural inlines to get random integers with RDRAND
Architectural inlines to get random ints and longs using the RDRAND
instruction.
Intel has introduced a new RDRAND instruction, a Digital Random Number
Generator (DRNG), which is functionally an high bandwidth entropy
source, cryptographic whitener, and integrity monitor all built into
hardware. This enables RDRAND to be used directly, bypassing the
kernel random number pool.
For technical documentation, see:
http://software.intel.com/en-us/articles/download-the-latest-bull-mountain-software-implementation-guide/
In this patch, this is *only* used for the nonblocking random number
pool. RDRAND is a nonblocking source, similar to our /dev/urandom,
and is therefore not a direct replacement for /dev/random. The
architectural hooks presented in the previous patch only feed the
kernel internal users, which only use the nonblocking pool, and so
this is not a problem.
Since this instruction is available in userspace, there is no reason
to have a /dev/hw_rng device driver for the purpose of feeding rngd.
This is especially so since RDRAND is a nonblocking source, and needs
additional whitening and reduction (see the above technical
documentation for details) in order to be of "pure entropy source"
quality.
The CONFIG_EXPERT compile-time option can be used to disable this use
of RDRAND.
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Originally-by: Fenghua Yu <fenghua.yu@intel.com>
Cc: Matt Mackall <mpm@selenic.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "Theodore Ts'o" <tytso@mit.edu>
2011-08-01 00:59:29 +04:00
config ARCH_RANDOM
def_bool y
prompt "x86 architectural random number generator" if EXPERT
2020-06-13 19:50:22 +03:00
help
x86, random: Architectural inlines to get random integers with RDRAND
Architectural inlines to get random ints and longs using the RDRAND
instruction.
Intel has introduced a new RDRAND instruction, a Digital Random Number
Generator (DRNG), which is functionally an high bandwidth entropy
source, cryptographic whitener, and integrity monitor all built into
hardware. This enables RDRAND to be used directly, bypassing the
kernel random number pool.
For technical documentation, see:
http://software.intel.com/en-us/articles/download-the-latest-bull-mountain-software-implementation-guide/
In this patch, this is *only* used for the nonblocking random number
pool. RDRAND is a nonblocking source, similar to our /dev/urandom,
and is therefore not a direct replacement for /dev/random. The
architectural hooks presented in the previous patch only feed the
kernel internal users, which only use the nonblocking pool, and so
this is not a problem.
Since this instruction is available in userspace, there is no reason
to have a /dev/hw_rng device driver for the purpose of feeding rngd.
This is especially so since RDRAND is a nonblocking source, and needs
additional whitening and reduction (see the above technical
documentation for details) in order to be of "pure entropy source"
quality.
The CONFIG_EXPERT compile-time option can be used to disable this use
of RDRAND.
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
Originally-by: Fenghua Yu <fenghua.yu@intel.com>
Cc: Matt Mackall <mpm@selenic.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "Theodore Ts'o" <tytso@mit.edu>
2011-08-01 00:59:29 +04:00
Enable the x86 architectural RDRAND instruction
(Intel Bull Mountain technology) to generate random numbers.
If supported, this is a high bandwidth, cryptographically
secure hardware random number generator.
2012-09-21 23:43:10 +04:00
config X86_SMAP
def_bool y
prompt "Supervisor Mode Access Prevention" if EXPERT
2020-06-13 19:50:22 +03:00
help
2012-09-21 23:43:10 +04:00
Supervisor Mode Access Prevention (SMAP) is a security
feature in newer Intel processors. There is a small
performance cost if this enabled and turned on; there is
also a small increase in the kernel size if this is enabled.
If unsure, say Y.
2019-11-06 00:25:32 +03:00
config X86_UMIP
2017-11-14 09:29:42 +03:00
def_bool y
2019-11-06 00:25:32 +03:00
prompt "User Mode Instruction Prevention" if EXPERT
2020-06-13 19:50:22 +03:00
help
2019-11-06 00:25:32 +03:00
User Mode Instruction Prevention (UMIP) is a security feature in
some x86 processors. If enabled, a general protection fault is
issued if the SGDT, SLDT, SIDT, SMSW or STR instructions are
executed in user mode. These instructions unnecessarily expose
information about the hardware state.
2017-11-14 09:29:42 +03:00
The vast majority of applications do not use these instructions.
For the very few that do, software emulation is provided in
specific cases in protected and virtual-8086 modes. Emulated
results are dummy.
2017-11-06 05:27:54 +03:00
2016-02-13 00:02:00 +03:00
config X86_INTEL_MEMORY_PROTECTION_KEYS
2020-05-28 19:08:23 +03:00
prompt "Memory Protection Keys"
2016-02-13 00:02:00 +03:00
def_bool y
2016-02-13 00:02:28 +03:00
# Note: only available in 64-bit mode
2020-05-28 19:08:23 +03:00
depends on X86_64 && (CPU_SUP_INTEL || CPU_SUP_AMD)
2016-11-15 12:15:03 +03:00
select ARCH_USES_HIGH_VMA_FLAGS
select ARCH_HAS_PKEYS
2020-06-13 19:50:22 +03:00
help
2016-02-13 00:02:28 +03:00
Memory Protection Keys provides a mechanism for enforcing
page-based protections, but without requiring modification of the
page tables when an application changes protection domains.
2019-06-07 21:54:31 +03:00
For details, see Documentation/core-api/protection-keys.rst
2016-02-13 00:02:28 +03:00
If unsure, say y.
2016-02-13 00:02:00 +03:00
2019-10-23 13:35:50 +03:00
choice
prompt "TSX enable mode"
depends on CPU_SUP_INTEL
default X86_INTEL_TSX_MODE_OFF
help
Intel's TSX (Transactional Synchronization Extensions) feature
allows to optimize locking protocols through lock elision which
can lead to a noticeable performance boost.
On the other hand it has been shown that TSX can be exploited
to form side channel attacks (e.g. TAA) and chances are there
will be more of those attacks discovered in the future.
Therefore TSX is not enabled by default (aka tsx=off). An admin
might override this decision by tsx=on the command line parameter.
Even with TSX enabled, the kernel will attempt to enable the best
possible TAA mitigation setting depending on the microcode available
for the particular machine.
This option allows to set the default tsx mode between tsx=on, =off
and =auto. See Documentation/admin-guide/kernel-parameters.txt for more
details.
Say off if not sure, auto if TSX is in use but it should be used on safe
platforms or on if TSX is in use and the security aspect of tsx is not
relevant.
config X86_INTEL_TSX_MODE_OFF
bool "off"
help
TSX is disabled if possible - equals to tsx=off command line parameter.
config X86_INTEL_TSX_MODE_ON
bool "on"
help
TSX is always enabled on TSX capable HW - equals the tsx=on command
line parameter.
config X86_INTEL_TSX_MODE_AUTO
bool "auto"
help
TSX is enabled on TSX capable HW that is believed to be safe against
side channel attacks- equals the tsx=auto command line parameter.
endchoice
2007-11-09 23:56:54 +03:00
config EFI
2008-10-16 09:01:38 +04:00
bool "EFI runtime service support"
2008-01-30 15:31:19 +03:00
depends on ACPI
2013-04-16 18:31:08 +04:00
select UCS2_STRING
2014-06-26 14:09:05 +04:00
select EFI_RUNTIME_WRAPPERS
2020-06-13 19:50:22 +03:00
help
2009-02-05 18:21:53 +03:00
This enables the kernel to use EFI runtime services that are
available (such as the EFI variable services).
2007-11-09 23:56:54 +03:00
2009-02-05 18:21:53 +03:00
This option is only useful on systems that have EFI firmware.
In addition, you should use the latest ELILO loader available
at <http://elilo.sourceforge.net> in order to take advantage
of EFI runtime services. However, even with this option, the
resultant kernel should continue to boot on existing non-EFI
platforms.
2007-11-09 23:56:54 +03:00
x86, efi: EFI boot stub support
There is currently a large divide between kernel development and the
development of EFI boot loaders. The idea behind this patch is to give
the kernel developers full control over the EFI boot process. As
H. Peter Anvin put it,
"The 'kernel carries its own stub' approach been very successful in
dealing with BIOS, and would make a lot of sense to me for EFI as
well."
This patch introduces an EFI boot stub that allows an x86 bzImage to
be loaded and executed by EFI firmware. The bzImage appears to the
firmware as an EFI application. Luckily there are enough free bits
within the bzImage header so that it can masquerade as an EFI
application, thereby coercing the EFI firmware into loading it and
jumping to its entry point. The beauty of this masquerading approach
is that both BIOS and EFI boot loaders can still load and run the same
bzImage, thereby allowing a single kernel image to work in any boot
environment.
The EFI boot stub supports multiple initrds, but they must exist on
the same partition as the bzImage. Command-line arguments for the
kernel can be appended after the bzImage name when run from the EFI
shell, e.g.
Shell> bzImage console=ttyS0 root=/dev/sdb initrd=initrd.img
v7:
- Fix checkpatch warnings.
v6:
- Try to allocate initrd memory just below hdr->inird_addr_max.
v5:
- load_options_size is UTF-16, which needs dividing by 2 to convert
to the corresponding ASCII size.
v4:
- Don't read more than image->load_options_size
v3:
- Fix following warnings when compiling CONFIG_EFI_STUB=n
arch/x86/boot/tools/build.c: In function ‘main’:
arch/x86/boot/tools/build.c:138:24: warning: unused variable ‘pe_header’
arch/x86/boot/tools/build.c:138:15: warning: unused variable ‘file_sz’
- As reported by Matthew Garrett, some Apple machines have GOPs that
don't have hardware attached. We need to weed these out by
searching for ones that handle the PCIIO protocol.
- Don't allocate memory if no initrds are on cmdline
- Don't trust image->load_options_size
Maarten Lankhorst noted:
- Don't strip first argument when booted from efibootmgr
- Don't allocate too much memory for cmdline
- Don't update cmdline_size, the kernel considers it read-only
- Don't accept '\n' for initrd names
v2:
- File alignment was too large, was 8192 should be 512. Reported by
Maarten Lankhorst on LKML.
- Added UGA support for graphics
- Use VIDEO_TYPE_EFI instead of hard-coded number.
- Move linelength assignment until after we've assigned depth
- Dynamically fill out AddressOfEntryPoint in tools/build.c
- Don't use magic number for GDT/TSS stuff. Requested by Andi Kleen
- The bzImage may need to be relocated as it may have been loaded at
a high address address by the firmware. This was required to get my
macbook booting because the firmware loaded it at 0x7cxxxxxx, which
triggers this error in decompress_kernel(),
if (heap > ((-__PAGE_OFFSET-(128<<20)-1) & 0x7fffffff))
error("Destination address too large");
Cc: Mike Waychison <mikew@google.com>
Cc: Matthew Garrett <mjg@redhat.com>
Tested-by: Henrik Rydberg <rydberg@euromail.se>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
Link: http://lkml.kernel.org/r/1321383097.2657.9.camel@mfleming-mobl1.ger.corp.intel.com
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
2011-12-13 01:27:52 +04:00
config EFI_STUB
2019-12-24 18:10:12 +03:00
bool "EFI stub support"
depends on EFI && !X86_USE_3DNOW
depends on $(cc-option,-mabi=ms) || X86_32
select RELOCATABLE
2020-06-13 19:50:22 +03:00
help
2019-12-24 18:10:12 +03:00
This kernel feature allows a bzImage to be loaded directly
x86, efi: EFI boot stub support
There is currently a large divide between kernel development and the
development of EFI boot loaders. The idea behind this patch is to give
the kernel developers full control over the EFI boot process. As
H. Peter Anvin put it,
"The 'kernel carries its own stub' approach been very successful in
dealing with BIOS, and would make a lot of sense to me for EFI as
well."
This patch introduces an EFI boot stub that allows an x86 bzImage to
be loaded and executed by EFI firmware. The bzImage appears to the
firmware as an EFI application. Luckily there are enough free bits
within the bzImage header so that it can masquerade as an EFI
application, thereby coercing the EFI firmware into loading it and
jumping to its entry point. The beauty of this masquerading approach
is that both BIOS and EFI boot loaders can still load and run the same
bzImage, thereby allowing a single kernel image to work in any boot
environment.
The EFI boot stub supports multiple initrds, but they must exist on
the same partition as the bzImage. Command-line arguments for the
kernel can be appended after the bzImage name when run from the EFI
shell, e.g.
Shell> bzImage console=ttyS0 root=/dev/sdb initrd=initrd.img
v7:
- Fix checkpatch warnings.
v6:
- Try to allocate initrd memory just below hdr->inird_addr_max.
v5:
- load_options_size is UTF-16, which needs dividing by 2 to convert
to the corresponding ASCII size.
v4:
- Don't read more than image->load_options_size
v3:
- Fix following warnings when compiling CONFIG_EFI_STUB=n
arch/x86/boot/tools/build.c: In function ‘main’:
arch/x86/boot/tools/build.c:138:24: warning: unused variable ‘pe_header’
arch/x86/boot/tools/build.c:138:15: warning: unused variable ‘file_sz’
- As reported by Matthew Garrett, some Apple machines have GOPs that
don't have hardware attached. We need to weed these out by
searching for ones that handle the PCIIO protocol.
- Don't allocate memory if no initrds are on cmdline
- Don't trust image->load_options_size
Maarten Lankhorst noted:
- Don't strip first argument when booted from efibootmgr
- Don't allocate too much memory for cmdline
- Don't update cmdline_size, the kernel considers it read-only
- Don't accept '\n' for initrd names
v2:
- File alignment was too large, was 8192 should be 512. Reported by
Maarten Lankhorst on LKML.
- Added UGA support for graphics
- Use VIDEO_TYPE_EFI instead of hard-coded number.
- Move linelength assignment until after we've assigned depth
- Dynamically fill out AddressOfEntryPoint in tools/build.c
- Don't use magic number for GDT/TSS stuff. Requested by Andi Kleen
- The bzImage may need to be relocated as it may have been loaded at
a high address address by the firmware. This was required to get my
macbook booting because the firmware loaded it at 0x7cxxxxxx, which
triggers this error in decompress_kernel(),
if (heap > ((-__PAGE_OFFSET-(128<<20)-1) & 0x7fffffff))
error("Destination address too large");
Cc: Mike Waychison <mikew@google.com>
Cc: Matthew Garrett <mjg@redhat.com>
Tested-by: Henrik Rydberg <rydberg@euromail.se>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
Link: http://lkml.kernel.org/r/1321383097.2657.9.camel@mfleming-mobl1.ger.corp.intel.com
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
2011-12-13 01:27:52 +04:00
by EFI firmware without the use of a bootloader.
2019-06-27 20:56:51 +03:00
See Documentation/admin-guide/efi-stub.rst for more information.
2012-03-16 16:03:13 +04:00
2014-01-10 22:52:06 +04:00
config EFI_MIXED
bool "EFI mixed-mode support"
depends on EFI_STUB && X86_64
2020-06-13 19:50:22 +03:00
help
2014-01-10 22:52:06 +04:00
Enabling this feature allows a 64-bit kernel to be booted
on a 32-bit firmware, provided that your CPU supports 64-bit
mode.
Note that it is not possible to boot a mixed-mode enabled
kernel via the EFI boot stub - a bootloader that supports
the EFI handover protocol must be used.
If unsure, say N.
2007-11-09 23:56:54 +03:00
config SECCOMP
2008-01-30 15:31:03 +03:00
def_bool y
prompt "Enable seccomp to safely compute untrusted bytecode"
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
This kernel feature is useful for number crunching applications
that may need to compute untrusted bytecode during their
execution. By using pipes or other transports made available to
the process as file descriptors supporting the read/write
syscalls, it's possible to isolate those applications in
their own address space using seccomp. Once seccomp is
2008-09-09 11:01:31 +04:00
enabled via prctl(PR_SET_SECCOMP), it cannot be disabled
2007-11-09 23:56:54 +03:00
and the task is only allowed to execute a few safe syscalls
defined by each seccomp mode.
If unsure, say Y. Only embedded should say N here.
2018-12-11 14:01:04 +03:00
source "kernel/Kconfig.hz"
2007-11-09 23:56:54 +03:00
config KEXEC
bool "kexec system call"
2015-09-10 01:38:55 +03:00
select KEXEC_CORE
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
kexec is a system call that implements the ability to shutdown your
current kernel, and to start another kernel. It is like a reboot
but it is independent of the system firmware. And like a reboot
you can start any kernel with it, not just Linux.
The name comes from the similarity to the exec system call.
It is an ongoing process to be certain the hardware in a machine
is properly shutdown, so do not be surprised if this code does not
2013-08-20 23:38:03 +04:00
initially work for you. As of this writing the exact hardware
interface is strongly in flux, so no good recommendation can be
made.
2007-11-09 23:56:54 +03:00
2014-08-30 02:18:46 +04:00
config KEXEC_FILE
bool "kexec file based system call"
2015-09-10 01:38:55 +03:00
select KEXEC_CORE
2014-08-30 02:18:46 +04:00
select BUILD_BIN2C
depends on X86_64
depends on CRYPTO=y
depends on CRYPTO_SHA256=y
2020-06-13 19:50:22 +03:00
help
2014-08-30 02:18:46 +04:00
This is new version of kexec system call. This system call is
file based and takes file descriptors as system call argument
for kernel and initramfs as opposed to list of segments as
accepted by previous system call.
kexec_file: make use of purgatory optional
Patch series "kexec_file, x86, powerpc: refactoring for other
architecutres", v2.
This is a preparatory patchset for adding kexec_file support on arm64.
It was originally included in a arm64 patch set[1], but Philipp is also
working on their kexec_file support on s390[2] and some changes are now
conflicting.
So these common parts were extracted and put into a separate patch set
for better integration. What's more, my original patch#4 was split into
a few small chunks for easier review after Dave's comment.
As such, the resulting code is basically identical with my original, and
the only *visible* differences are:
- renaming of _kexec_kernel_image_probe() and _kimage_file_post_load_cleanup()
- change one of types of arguments at prepare_elf64_headers()
Those, unfortunately, require a couple of trivial changes on the rest
(#1, #6 to #13) of my arm64 kexec_file patch set[1].
Patch #1 allows making a use of purgatory optional, particularly useful
for arm64.
Patch #2 commonalizes arch_kexec_kernel_{image_probe, image_load,
verify_sig}() and arch_kimage_file_post_load_cleanup() across
architectures.
Patches #3-#7 are also intended to generalize parse_elf64_headers(),
along with exclude_mem_range(), to be made best re-use of.
[1] http://lists.infradead.org/pipermail/linux-arm-kernel/2018-February/561182.html
[2] http://lkml.iu.edu//hypermail/linux/kernel/1802.1/02596.html
This patch (of 7):
On arm64, crash dump kernel's usable memory is protected by *unmapping*
it from kernel virtual space unlike other architectures where the region
is just made read-only. It is highly unlikely that the region is
accidentally corrupted and this observation rationalizes that digest
check code can also be dropped from purgatory. The resulting code is so
simple as it doesn't require a bit ugly re-linking/relocation stuff,
i.e. arch_kexec_apply_relocations_add().
Please see:
http://lists.infradead.org/pipermail/linux-arm-kernel/2017-December/545428.html
All that the purgatory does is to shuffle arguments and jump into a new
kernel, while we still need to have some space for a hash value
(purgatory_sha256_digest) which is never checked against.
As such, it doesn't make sense to have trampline code between old kernel
and new kernel on arm64.
This patch introduces a new configuration, ARCH_HAS_KEXEC_PURGATORY, and
allows related code to be compiled in only if necessary.
[takahiro.akashi@linaro.org: fix trivial screwup]
Link: http://lkml.kernel.org/r/20180309093346.GF25863@linaro.org
Link: http://lkml.kernel.org/r/20180306102303.9063-2-takahiro.akashi@linaro.org
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Acked-by: Dave Young <dyoung@redhat.com>
Tested-by: Dave Young <dyoung@redhat.com>
Cc: Vivek Goyal <vgoyal@redhat.com>
Cc: Baoquan He <bhe@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2018-04-14 01:35:45 +03:00
config ARCH_HAS_KEXEC_PURGATORY
def_bool KEXEC_FILE
2019-08-20 03:17:44 +03:00
config KEXEC_SIG
2014-08-09 01:26:13 +04:00
bool "Verify kernel signature during kexec_file_load() syscall"
2014-08-30 02:18:46 +04:00
depends on KEXEC_FILE
2020-06-13 19:50:22 +03:00
help
2015-03-13 16:04:37 +03:00
2019-08-20 03:17:44 +03:00
This option makes the kexec_file_load() syscall check for a valid
signature of the kernel image. The image can still be loaded without
a valid signature unless you also enable KEXEC_SIG_FORCE, though if
there's a signature that we can check, then it must be valid.
In addition to this option, you need to enable signature
2015-03-13 16:04:37 +03:00
verification for the corresponding kernel image type being
loaded in order for this to work.
2014-08-09 01:26:13 +04:00
2019-08-20 03:17:44 +03:00
config KEXEC_SIG_FORCE
bool "Require a valid signature in kexec_file_load() syscall"
depends on KEXEC_SIG
2020-06-13 19:50:22 +03:00
help
2019-08-20 03:17:44 +03:00
This option makes kernel signature verification mandatory for
the kexec_file_load() syscall.
2014-08-09 01:26:13 +04:00
config KEXEC_BZIMAGE_VERIFY_SIG
bool "Enable bzImage signature verification support"
2019-08-20 03:17:44 +03:00
depends on KEXEC_SIG
2014-08-09 01:26:13 +04:00
depends on SIGNED_PE_FILE_VERIFICATION
select SYSTEM_TRUSTED_KEYRING
2020-06-13 19:50:22 +03:00
help
2014-08-09 01:26:13 +04:00
Enable bzImage signature verification support.
2007-11-09 23:56:54 +03:00
config CRASH_DUMP
2008-08-14 19:16:50 +04:00
bool "kernel crash dumps"
2007-11-09 23:56:54 +03:00
depends on X86_64 || (X86_32 && HIGHMEM)
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
Generate crash dump after being started by kexec.
This should be normally only set in special crash dump kernels
which are loaded in the main kernel with kexec-tools into
a specially reserved region and then later executed after
a crash by kdump/kexec. The crash dump kernel must be compiled
to a memory address not used by the main kernel or BIOS using
PHYSICAL_START, or it must be built as a relocatable image
(CONFIG_RELOCATABLE=y).
2019-06-13 21:21:39 +03:00
For more details see Documentation/admin-guide/kdump/kdump.rst
2007-11-09 23:56:54 +03:00
2008-07-26 06:45:07 +04:00
config KEXEC_JUMP
2012-10-02 22:16:47 +04:00
bool "kexec jump"
2009-03-10 05:57:16 +03:00
depends on KEXEC && HIBERNATION
2020-06-13 19:50:22 +03:00
help
kexec jump: save/restore device state
This patch implements devices state save/restore before after kexec.
This patch together with features in kexec_jump patch can be used for
following:
- A simple hibernation implementation without ACPI support. You can kexec a
hibernating kernel, save the memory image of original system and shutdown
the system. When resuming, you restore the memory image of original system
via ordinary kexec load then jump back.
- Kernel/system debug through making system snapshot. You can make system
snapshot, jump back, do some thing and make another system snapshot.
- Cooperative multi-kernel/system. With kexec jump, you can switch between
several kernels/systems quickly without boot process except the first time.
This appears like swap a whole kernel/system out/in.
- A general method to call program in physical mode (paging turning
off). This can be used to invoke BIOS code under Linux.
The following user-space tools can be used with kexec jump:
- kexec-tools needs to be patched to support kexec jump. The patches
and the precompiled kexec can be download from the following URL:
source: http://khibernation.sourceforge.net/download/release_v10/kexec-tools/kexec-tools-src_git_kh10.tar.bz2
patches: http://khibernation.sourceforge.net/download/release_v10/kexec-tools/kexec-tools-patches_git_kh10.tar.bz2
binary: http://khibernation.sourceforge.net/download/release_v10/kexec-tools/kexec_git_kh10
- makedumpfile with patches are used as memory image saving tool, it
can exclude free pages from original kernel memory image file. The
patches and the precompiled makedumpfile can be download from the
following URL:
source: http://khibernation.sourceforge.net/download/release_v10/makedumpfile/makedumpfile-src_cvs_kh10.tar.bz2
patches: http://khibernation.sourceforge.net/download/release_v10/makedumpfile/makedumpfile-patches_cvs_kh10.tar.bz2
binary: http://khibernation.sourceforge.net/download/release_v10/makedumpfile/makedumpfile_cvs_kh10
- An initramfs image can be used as the root file system of kexeced
kernel. An initramfs image built with "BuildRoot" can be downloaded
from the following URL:
initramfs image: http://khibernation.sourceforge.net/download/release_v10/initramfs/rootfs_cvs_kh10.gz
All user space tools above are included in the initramfs image.
Usage example of simple hibernation:
1. Compile and install patched kernel with following options selected:
CONFIG_X86_32=y
CONFIG_RELOCATABLE=y
CONFIG_KEXEC=y
CONFIG_CRASH_DUMP=y
CONFIG_PM=y
CONFIG_HIBERNATION=y
CONFIG_KEXEC_JUMP=y
2. Build an initramfs image contains kexec-tool and makedumpfile, or
download the pre-built initramfs image, called rootfs.gz in
following text.
3. Prepare a partition to save memory image of original kernel, called
hibernating partition in following text.
4. Boot kernel compiled in step 1 (kernel A).
5. In the kernel A, load kernel compiled in step 1 (kernel B) with
/sbin/kexec. The shell command line can be as follow:
/sbin/kexec --load-preserve-context /boot/bzImage --mem-min=0x100000
--mem-max=0xffffff --initrd=rootfs.gz
6. Boot the kernel B with following shell command line:
/sbin/kexec -e
7. The kernel B will boot as normal kexec. In kernel B the memory
image of kernel A can be saved into hibernating partition as
follow:
jump_back_entry=`cat /proc/cmdline | tr ' ' '\n' | grep kexec_jump_back_entry | cut -d '='`
echo $jump_back_entry > kexec_jump_back_entry
cp /proc/vmcore dump.elf
Then you can shutdown the machine as normal.
8. Boot kernel compiled in step 1 (kernel C). Use the rootfs.gz as
root file system.
9. In kernel C, load the memory image of kernel A as follow:
/sbin/kexec -l --args-none --entry=`cat kexec_jump_back_entry` dump.elf
10. Jump back to the kernel A as follow:
/sbin/kexec -e
Then, kernel A is resumed.
Implementation point:
To support jumping between two kernels, before jumping to (executing)
the new kernel and jumping back to the original kernel, the devices
are put into quiescent state, and the state of devices and CPU is
saved. After jumping back from kexeced kernel and jumping to the new
kernel, the state of devices and CPU are restored accordingly. The
devices/CPU state save/restore code of software suspend is called to
implement corresponding function.
Known issues:
- Because the segment number supported by sys_kexec_load is limited,
hibernation image with many segments may not be load. This is
planned to be eliminated by adding a new flag to sys_kexec_load to
make a image can be loaded with multiple sys_kexec_load invoking.
Now, only the i386 architecture is supported.
Signed-off-by: Huang Ying <ying.huang@intel.com>
Acked-by: Vivek Goyal <vgoyal@redhat.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Pavel Machek <pavel@ucw.cz>
Cc: Nigel Cunningham <nigel@nigel.suspend2.net>
Cc: "Rafael J. Wysocki" <rjw@sisk.pl>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2008-07-26 06:45:10 +04:00
Jump between original kernel and kexeced kernel and invoke
code in physical address mode via KEXEC
2008-07-26 06:45:07 +04:00
2007-11-09 23:56:54 +03:00
config PHYSICAL_START
2011-01-21 01:44:16 +03:00
hex "Physical address where the kernel is loaded" if (EXPERT || CRASH_DUMP)
2009-05-12 03:12:16 +04:00
default "0x1000000"
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
This gives the physical address where the kernel is loaded.
If kernel is a not relocatable (CONFIG_RELOCATABLE=n) then
bzImage will decompress itself to above physical address and
run from there. Otherwise, bzImage will run from the address where
it has been loaded by the boot loader and will ignore above physical
address.
In normal kdump cases one does not have to set/change this option
as now bzImage can be compiled as a completely relocatable image
(CONFIG_RELOCATABLE=y) and be used to load and run from a different
address. This option is mainly useful for the folks who don't want
to use a bzImage for capturing the crash dump and want to use a
vmlinux instead. vmlinux is not relocatable hence a kernel needs
to be specifically compiled to run from a specific memory area
(normally a reserved region) and this option comes handy.
2009-05-12 03:12:16 +04:00
So if you are using bzImage for capturing the crash dump,
leave the value here unchanged to 0x1000000 and set
CONFIG_RELOCATABLE=y. Otherwise if you plan to use vmlinux
for capturing the crash dump change this value to start of
the reserved region. In other words, it can be set based on
the "X" value as specified in the "crashkernel=YM@XM"
command line boot parameter passed to the panic-ed
2019-06-13 21:21:39 +03:00
kernel. Please take a look at Documentation/admin-guide/kdump/kdump.rst
2009-05-12 03:12:16 +04:00
for more details about crash dumps.
2007-11-09 23:56:54 +03:00
Usage of bzImage for capturing the crash dump is recommended as
one does not have to build two kernels. Same kernel can be used
as production kernel and capture kernel. Above option should have
gone away after relocatable bzImage support is introduced. But it
is present because there are users out there who continue to use
vmlinux for dump capture. This option should go away down the
line.
Don't change this unless you know what you are doing.
config RELOCATABLE
2009-05-08 01:19:34 +04:00
bool "Build a relocatable kernel"
default y
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
This builds a kernel image that retains relocation information
so it can be loaded someplace besides the default 1MB.
The relocations tend to make the kernel binary about 10% larger,
but are discarded at runtime.
One use is for the kexec on panic case where the recovery kernel
must live at a different physical address than the primary
kernel.
Note: If CONFIG_RELOCATABLE=y, then the kernel runs from the address
it has been loaded at and the compile time physical address
2013-10-11 04:18:14 +04:00
(CONFIG_PHYSICAL_START) is used as the minimum location.
2007-11-09 23:56:54 +03:00
2013-10-11 04:18:14 +04:00
config RANDOMIZE_BASE
2016-04-20 23:55:43 +03:00
bool "Randomize the address of the kernel image (KASLR)"
2013-10-11 04:18:14 +04:00
depends on RELOCATABLE
2017-04-18 12:08:12 +03:00
default y
2020-06-13 19:50:22 +03:00
help
2016-04-20 23:55:43 +03:00
In support of Kernel Address Space Layout Randomization (KASLR),
this randomizes the physical address at which the kernel image
is decompressed and the virtual address where the kernel
image is mapped, as a security feature that deters exploit
attempts relying on knowledge of the location of kernel
code internals.
2016-05-26 01:45:33 +03:00
On 64-bit, the kernel physical and virtual addresses are
randomized separately. The physical address will be anywhere
between 16MB and the top of physical memory (up to 64TB). The
virtual address will be randomized from 16MB up to 1GB (9 bits
of entropy). Note that this also reduces the memory space
available to kernel modules from 1.5GB to 1GB.
On 32-bit, the kernel physical and virtual addresses are
randomized together. They will be randomized from 16MB up to
512MB (8 bits of entropy).
2016-04-20 23:55:43 +03:00
Entropy is generated using the RDRAND instruction if it is
supported. If RDTSC is supported, its value is mixed into
the entropy pool as well. If neither RDRAND nor RDTSC are
2016-05-26 01:45:33 +03:00
supported, then entropy is read from the i8254 timer. The
usable entropy is limited by the kernel being built using
2GB addressing, and that PHYSICAL_ALIGN must be at a
minimum of 2MB. As a result, only 10 bits of entropy are
theoretically possible, but the implementations are further
limited due to memory layouts.
2016-04-20 23:55:43 +03:00
2017-04-18 12:08:12 +03:00
If unsure, say Y.
2013-10-11 04:18:14 +04:00
# Relocation on x86 needs some additional build support
2009-05-06 08:20:51 +04:00
config X86_NEED_RELOCS
def_bool y
2013-10-11 04:18:14 +04:00
depends on RANDOMIZE_BASE || (X86_32 && RELOCATABLE)
2009-05-06 08:20:51 +04:00
2007-11-09 23:56:54 +03:00
config PHYSICAL_ALIGN
2013-07-08 20:15:17 +04:00
hex "Alignment value to which kernel should be aligned"
2013-10-11 04:18:14 +04:00
default "0x200000"
2013-07-08 20:15:17 +04:00
range 0x2000 0x1000000 if X86_32
range 0x200000 0x1000000 if X86_64
2020-06-13 19:50:22 +03:00
help
2007-11-09 23:56:54 +03:00
This value puts the alignment restrictions on physical address
where kernel is loaded and run from. Kernel is compiled for an
address which meets above alignment restriction.
If bootloader loads the kernel at a non-aligned address and
CONFIG_RELOCATABLE is set, kernel will move itself to nearest
address aligned to above value and run from there.
If bootloader loads the kernel at a non-aligned address and
CONFIG_RELOCATABLE is not set, kernel will ignore the run time
load address and decompress itself to the address it has been
compiled for and run from there. The address for which kernel is
compiled already meets above alignment restrictions. Hence the
end result is that kernel runs from a physical address meeting
above alignment restrictions.
2013-07-08 20:15:17 +04:00
On 32-bit this value must be a multiple of 0x2000. On 64-bit
this value must be a multiple of 0x200000.
2007-11-09 23:56:54 +03:00
Don't change this unless you know what you are doing.
2018-02-14 14:16:50 +03:00
config DYNAMIC_MEMORY_LAYOUT
bool
2020-06-13 19:50:22 +03:00
help
2018-02-14 14:16:50 +03:00
This option makes base addresses of vmalloc and vmemmap as well as
__PAGE_OFFSET movable during boot.
x86/mm: Implement ASLR for kernel memory regions
Randomizes the virtual address space of kernel memory regions for
x86_64. This first patch adds the infrastructure and does not randomize
any region. The following patches will randomize the physical memory
mapping, vmalloc and vmemmap regions.
This security feature mitigates exploits relying on predictable kernel
addresses. These addresses can be used to disclose the kernel modules
base addresses or corrupt specific structures to elevate privileges
bypassing the current implementation of KASLR. This feature can be
enabled with the CONFIG_RANDOMIZE_MEMORY option.
The order of each memory region is not changed. The feature looks at the
available space for the regions based on different configuration options
and randomizes the base and space between each. The size of the physical
memory mapping is the available physical memory. No performance impact
was detected while testing the feature.
Entropy is generated using the KASLR early boot functions now shared in
the lib directory (originally written by Kees Cook). Randomization is
done on PGD & PUD page table levels to increase possible addresses. The
physical memory mapping code was adapted to support PUD level virtual
addresses. This implementation on the best configuration provides 30,000
possible virtual addresses in average for each memory region. An
additional low memory page is used to ensure each CPU can start with a
PGD aligned virtual address (for realmode).
x86/dump_pagetable was updated to correctly display each region.
Updated documentation on x86_64 memory layout accordingly.
Performance data, after all patches in the series:
Kernbench shows almost no difference (-+ less than 1%):
Before:
Average Optimal load -j 12 Run (std deviation): Elapsed Time 102.63 (1.2695)
User Time 1034.89 (1.18115) System Time 87.056 (0.456416) Percent CPU 1092.9
(13.892) Context Switches 199805 (3455.33) Sleeps 97907.8 (900.636)
After:
Average Optimal load -j 12 Run (std deviation): Elapsed Time 102.489 (1.10636)
User Time 1034.86 (1.36053) System Time 87.764 (0.49345) Percent CPU 1095
(12.7715) Context Switches 199036 (4298.1) Sleeps 97681.6 (1031.11)
Hackbench shows 0% difference on average (hackbench 90 repeated 10 times):
attemp,before,after 1,0.076,0.069 2,0.072,0.069 3,0.066,0.066 4,0.066,0.068
5,0.066,0.067 6,0.066,0.069 7,0.067,0.066 8,0.063,0.067 9,0.067,0.065
10,0.068,0.071 average,0.0677,0.0677
Signed-off-by: Thomas Garnier <thgarnie@google.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Alexander Kuleshov <kuleshovmail@gmail.com>
Cc: Alexander Popov <alpopov@ptsecurity.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Cc: Baoquan He <bhe@redhat.com>
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Borislav Petkov <bp@suse.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Jan Beulich <JBeulich@suse.com>
Cc: Joerg Roedel <jroedel@suse.de>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Lv Zheng <lv.zheng@intel.com>
Cc: Mark Salter <msalter@redhat.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Toshi Kani <toshi.kani@hpe.com>
Cc: Xiao Guangrong <guangrong.xiao@linux.intel.com>
Cc: Yinghai Lu <yinghai@kernel.org>
Cc: kernel-hardening@lists.openwall.com
Cc: linux-doc@vger.kernel.org
Link: http://lkml.kernel.org/r/1466556426-32664-6-git-send-email-keescook@chromium.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-06-22 03:47:02 +03:00
config RANDOMIZE_MEMORY
bool "Randomize the kernel memory sections"
depends on X86_64
depends on RANDOMIZE_BASE
2018-02-14 14:16:50 +03:00
select DYNAMIC_MEMORY_LAYOUT
x86/mm: Implement ASLR for kernel memory regions
Randomizes the virtual address space of kernel memory regions for
x86_64. This first patch adds the infrastructure and does not randomize
any region. The following patches will randomize the physical memory
mapping, vmalloc and vmemmap regions.
This security feature mitigates exploits relying on predictable kernel
addresses. These addresses can be used to disclose the kernel modules
base addresses or corrupt specific structures to elevate privileges
bypassing the current implementation of KASLR. This feature can be
enabled with the CONFIG_RANDOMIZE_MEMORY option.
The order of each memory region is not changed. The feature looks at the
available space for the regions based on different configuration options
and randomizes the base and space between each. The size of the physical
memory mapping is the available physical memory. No performance impact
was detected while testing the feature.
Entropy is generated using the KASLR early boot functions now shared in
the lib directory (originally written by Kees Cook). Randomization is
done on PGD & PUD page table levels to increase possible addresses. The
physical memory mapping code was adapted to support PUD level virtual
addresses. This implementation on the best configuration provides 30,000
possible virtual addresses in average for each memory region. An
additional low memory page is used to ensure each CPU can start with a
PGD aligned virtual address (for realmode).
x86/dump_pagetable was updated to correctly display each region.
Updated documentation on x86_64 memory layout accordingly.
Performance data, after all patches in the series:
Kernbench shows almost no difference (-+ less than 1%):
Before:
Average Optimal load -j 12 Run (std deviation): Elapsed Time 102.63 (1.2695)
User Time 1034.89 (1.18115) System Time 87.056 (0.456416) Percent CPU 1092.9
(13.892) Context Switches 199805 (3455.33) Sleeps 97907.8 (900.636)
After:
Average Optimal load -j 12 Run (std deviation): Elapsed Time 102.489 (1.10636)
User Time 1034.86 (1.36053) System Time 87.764 (0.49345) Percent CPU 1095
(12.7715) Context Switches 199036 (4298.1) Sleeps 97681.6 (1031.11)
Hackbench shows 0% difference on average (hackbench 90 repeated 10 times):
attemp,before,after 1,0.076,0.069 2,0.072,0.069 3,0.066,0.066 4,0.066,0.068
5,0.066,0.067 6,0.066,0.069 7,0.067,0.066 8,0.063,0.067 9,0.067,0.065
10,0.068,0.071 average,0.0677,0.0677
Signed-off-by: Thomas Garnier <thgarnie@google.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Alexander Kuleshov <kuleshovmail@gmail.com>
Cc: Alexander Popov <alpopov@ptsecurity.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Cc: Baoquan He <bhe@redhat.com>
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Borislav Petkov <bp@suse.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Jan Beulich <JBeulich@suse.com>
Cc: Joerg Roedel <jroedel@suse.de>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Lv Zheng <lv.zheng@intel.com>
Cc: Mark Salter <msalter@redhat.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Toshi Kani <toshi.kani@hpe.com>
Cc: Xiao Guangrong <guangrong.xiao@linux.intel.com>
Cc: Yinghai Lu <yinghai@kernel.org>
Cc: kernel-hardening@lists.openwall.com
Cc: linux-doc@vger.kernel.org
Link: http://lkml.kernel.org/r/1466556426-32664-6-git-send-email-keescook@chromium.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-06-22 03:47:02 +03:00
default RANDOMIZE_BASE
2020-06-13 19:50:22 +03:00
help
x86/mm: Implement ASLR for kernel memory regions
Randomizes the virtual address space of kernel memory regions for
x86_64. This first patch adds the infrastructure and does not randomize
any region. The following patches will randomize the physical memory
mapping, vmalloc and vmemmap regions.
This security feature mitigates exploits relying on predictable kernel
addresses. These addresses can be used to disclose the kernel modules
base addresses or corrupt specific structures to elevate privileges
bypassing the current implementation of KASLR. This feature can be
enabled with the CONFIG_RANDOMIZE_MEMORY option.
The order of each memory region is not changed. The feature looks at the
available space for the regions based on different configuration options
and randomizes the base and space between each. The size of the physical
memory mapping is the available physical memory. No performance impact
was detected while testing the feature.
Entropy is generated using the KASLR early boot functions now shared in
the lib directory (originally written by Kees Cook). Randomization is
done on PGD & PUD page table levels to increase possible addresses. The
physical memory mapping code was adapted to support PUD level virtual
addresses. This implementation on the best configuration provides 30,000
possible virtual addresses in average for each memory region. An
additional low memory page is used to ensure each CPU can start with a
PGD aligned virtual address (for realmode).
x86/dump_pagetable was updated to correctly display each region.
Updated documentation on x86_64 memory layout accordingly.
Performance data, after all patches in the series:
Kernbench shows almost no difference (-+ less than 1%):
Before:
Average Optimal load -j 12 Run (std deviation): Elapsed Time 102.63 (1.2695)
User Time 1034.89 (1.18115) System Time 87.056 (0.456416) Percent CPU 1092.9
(13.892) Context Switches 199805 (3455.33) Sleeps 97907.8 (900.636)
After:
Average Optimal load -j 12 Run (std deviation): Elapsed Time 102.489 (1.10636)
User Time 1034.86 (1.36053) System Time 87.764 (0.49345) Percent CPU 1095
(12.7715) Context Switches 199036 (4298.1) Sleeps 97681.6 (1031.11)
Hackbench shows 0% difference on average (hackbench 90 repeated 10 times):
attemp,before,after 1,0.076,0.069 2,0.072,0.069 3,0.066,0.066 4,0.066,0.068
5,0.066,0.067 6,0.066,0.069 7,0.067,0.066 8,0.063,0.067 9,0.067,0.065
10,0.068,0.071 average,0.0677,0.0677
Signed-off-by: Thomas Garnier <thgarnie@google.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Alexander Kuleshov <kuleshovmail@gmail.com>
Cc: Alexander Popov <alpopov@ptsecurity.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Cc: Baoquan He <bhe@redhat.com>
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Borislav Petkov <bp@suse.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Jan Beulich <JBeulich@suse.com>
Cc: Joerg Roedel <jroedel@suse.de>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Lv Zheng <lv.zheng@intel.com>
Cc: Mark Salter <msalter@redhat.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Toshi Kani <toshi.kani@hpe.com>
Cc: Xiao Guangrong <guangrong.xiao@linux.intel.com>
Cc: Yinghai Lu <yinghai@kernel.org>
Cc: kernel-hardening@lists.openwall.com
Cc: linux-doc@vger.kernel.org
Link: http://lkml.kernel.org/r/1466556426-32664-6-git-send-email-keescook@chromium.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-06-22 03:47:02 +03:00
Randomizes the base virtual address of kernel memory sections
(physical memory mapping, vmalloc & vmemmap). This security feature
makes exploits relying on predictable memory locations less reliable.
The order of allocations remains unchanged. Entropy is generated in
the same way as RANDOMIZE_BASE. Current implementation in the optimal
configuration have in average 30,000 different possible virtual
addresses for each memory section.
2017-04-18 12:08:12 +03:00
If unsure, say Y.
x86/mm: Implement ASLR for kernel memory regions
Randomizes the virtual address space of kernel memory regions for
x86_64. This first patch adds the infrastructure and does not randomize
any region. The following patches will randomize the physical memory
mapping, vmalloc and vmemmap regions.
This security feature mitigates exploits relying on predictable kernel
addresses. These addresses can be used to disclose the kernel modules
base addresses or corrupt specific structures to elevate privileges
bypassing the current implementation of KASLR. This feature can be
enabled with the CONFIG_RANDOMIZE_MEMORY option.
The order of each memory region is not changed. The feature looks at the
available space for the regions based on different configuration options
and randomizes the base and space between each. The size of the physical
memory mapping is the available physical memory. No performance impact
was detected while testing the feature.
Entropy is generated using the KASLR early boot functions now shared in
the lib directory (originally written by Kees Cook). Randomization is
done on PGD & PUD page table levels to increase possible addresses. The
physical memory mapping code was adapted to support PUD level virtual
addresses. This implementation on the best configuration provides 30,000
possible virtual addresses in average for each memory region. An
additional low memory page is used to ensure each CPU can start with a
PGD aligned virtual address (for realmode).
x86/dump_pagetable was updated to correctly display each region.
Updated documentation on x86_64 memory layout accordingly.
Performance data, after all patches in the series:
Kernbench shows almost no difference (-+ less than 1%):
Before:
Average Optimal load -j 12 Run (std deviation): Elapsed Time 102.63 (1.2695)
User Time 1034.89 (1.18115) System Time 87.056 (0.456416) Percent CPU 1092.9
(13.892) Context Switches 199805 (3455.33) Sleeps 97907.8 (900.636)
After:
Average Optimal load -j 12 Run (std deviation): Elapsed Time 102.489 (1.10636)
User Time 1034.86 (1.36053) System Time 87.764 (0.49345) Percent CPU 1095
(12.7715) Context Switches 199036 (4298.1) Sleeps 97681.6 (1031.11)
Hackbench shows 0% difference on average (hackbench 90 repeated 10 times):
attemp,before,after 1,0.076,0.069 2,0.072,0.069 3,0.066,0.066 4,0.066,0.068
5,0.066,0.067 6,0.066,0.069 7,0.067,0.066 8,0.063,0.067 9,0.067,0.065
10,0.068,0.071 average,0.0677,0.0677
Signed-off-by: Thomas Garnier <thgarnie@google.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Alexander Kuleshov <kuleshovmail@gmail.com>
Cc: Alexander Popov <alpopov@ptsecurity.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Cc: Baoquan He <bhe@redhat.com>
Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Borislav Petkov <bp@suse.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Christian Borntraeger <borntraeger@de.ibm.com>
Cc: Dan Williams <dan.j.williams@intel.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: Dmitry Vyukov <dvyukov@google.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Jan Beulich <JBeulich@suse.com>
Cc: Joerg Roedel <jroedel@suse.de>
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Juergen Gross <jgross@suse.com>
Cc: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Lv Zheng <lv.zheng@intel.com>
Cc: Mark Salter <msalter@redhat.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Cc: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Toshi Kani <toshi.kani@hpe.com>
Cc: Xiao Guangrong <guangrong.xiao@linux.intel.com>
Cc: Yinghai Lu <yinghai@kernel.org>
Cc: kernel-hardening@lists.openwall.com
Cc: linux-doc@vger.kernel.org
Link: http://lkml.kernel.org/r/1466556426-32664-6-git-send-email-keescook@chromium.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
2016-06-22 03:47:02 +03:00
2016-06-22 03:47:06 +03:00
config RANDOMIZE_MEMORY_PHYSICAL_PADDING
hex "Physical memory mapping padding" if EXPERT
depends on RANDOMIZE_MEMORY
default "0xa" if MEMORY_HOTPLUG
default "0x0"
range 0x1 0x40 if MEMORY_HOTPLUG
range 0x0 0x40
2020-06-13 19:50:22 +03:00
help
2016-06-22 03:47:06 +03:00
Define the padding in terabytes added to the existing physical
memory size during kernel memory randomization. It is useful
for memory hotplug support but reduces the entropy available for
address randomization.
If unsure, leave at the default value.
2007-11-09 23:56:54 +03:00
config HOTPLUG_CPU
2019-03-26 19:36:06 +03:00
def_bool y
2013-05-21 07:49:35 +04:00
depends on SMP
2007-11-09 23:56:54 +03:00
2012-11-13 23:32:39 +04:00
config BOOTPARAM_HOTPLUG_CPU0
bool "Set default setting of cpu0_hotpluggable"
2013-01-23 01:01:19 +04:00
depends on HOTPLUG_CPU
2020-06-13 19:50:22 +03:00
help
2012-11-13 23:32:39 +04:00
Set whether default state of cpu0_hotpluggable is on or off.
Say Y here to enable CPU0 hotplug by default. If this switch
is turned on, there is no need to give cpu0_hotplug kernel
parameter and the CPU0 hotplug feature is enabled by default.
Please note: there are two known CPU0 dependencies if you want
to enable the CPU0 hotplug feature either by this switch or by
cpu0_hotplug kernel parameter.
First, resume from hibernate or suspend always starts from CPU0.
So hibernate and suspend are prevented if CPU0 is offline.
Second dependency is PIC interrupts always go to CPU0. CPU0 can not
offline if any interrupt can not migrate out of CPU0. There may
be other CPU0 dependencies.
Please make sure the dependencies are under your control before
you enable this feature.
Say N if you don't want to enable CPU0 hotplug feature by default.
You still can enable the CPU0 hotplug feature at boot by kernel
parameter cpu0_hotplug.
2012-11-13 23:32:51 +04:00
config DEBUG_HOTPLUG_CPU0
def_bool n
prompt "Debug CPU0 hotplug"
2013-01-23 01:01:19 +04:00
depends on HOTPLUG_CPU
2020-06-13 19:50:22 +03:00
help
2012-11-13 23:32:51 +04:00
Enabling this option offlines CPU0 (if CPU0 can be offlined) as
soon as possible and boots up userspace with CPU0 offlined. User
can online CPU0 back after boot time.
To debug CPU0 hotplug, you need to enable CPU0 offline/online
feature by either turning on CONFIG_BOOTPARAM_HOTPLUG_CPU0 during
compilation or giving cpu0_hotplug kernel parameter at boot.
If unsure, say N.
2007-11-09 23:56:54 +03:00
config COMPAT_VDSO
2014-03-14 03:01:26 +04:00
def_bool n
prompt "Disable the 32-bit vDSO (needed for glibc 2.3.3)"
2016-11-15 12:22:52 +03:00
depends on COMPAT_32
2020-06-13 19:50:22 +03:00
help
2014-03-14 03:01:26 +04:00
Certain buggy versions of glibc will crash if they are
presented with a 32-bit vDSO that is not mapped at the address
indicated in its segment table.
2009-11-11 02:46:52 +03:00
2014-03-14 03:01:26 +04:00
The bug was introduced by f866314b89d56845f55e6f365e18b31ec978ec3a
and fixed by 3b3ddb4f7db98ec9e912ccdf54d35df4aa30e04a and
49ad572a70b8aeb91e57483a11dd1b77e31c4468. Glibc 2.3.3 is
the only released version with the bug, but OpenSUSE 9
contains a buggy "glibc 2.3.2".
2007-11-09 23:56:54 +03:00
2014-03-14 03:01:26 +04:00
The symptom of the bug is that everything crashes on startup, saying:
dl_main: Assertion `(void *) ph->p_vaddr == _rtld_local._dl_sysinfo_dso' failed!
Saying Y here changes the default value of the vdso32 boot
option from 1 to 0, which turns off the 32-bit vDSO entirely.
This works around the glibc bug but hurts performance.
If unsure, say N: if you are compiling your own kernel, you
are unlikely to be using a buggy version of glibc.
2007-11-09 23:56:54 +03:00
2015-08-13 03:55:19 +03:00
choice
prompt "vsyscall table for legacy applications"
depends on X86_64
2019-06-27 07:45:07 +03:00
default LEGACY_VSYSCALL_XONLY
2015-08-13 03:55:19 +03:00
help
Legacy user code that does not know how to find the vDSO expects
to be able to issue three syscalls by calling fixed addresses in
kernel space. Since this location is not randomized with ASLR,
it can be used to assist security vulnerability exploitation.
This setting can be changed at boot time via the kernel command
2019-06-27 07:45:03 +03:00
line parameter vsyscall=[emulate|xonly|none].
2015-08-13 03:55:19 +03:00
On a system with recent enough glibc (2.14 or newer) and no
static binaries, you can say None without a performance penalty
to improve security.
2019-06-27 07:45:03 +03:00
If unsure, select "Emulate execution only".
2015-08-13 03:55:19 +03:00
config LEGACY_VSYSCALL_EMULATE
2019-06-27 07:45:03 +03:00
bool "Full emulation"
2015-08-13 03:55:19 +03:00
help
2019-06-27 07:45:03 +03:00
The kernel traps and emulates calls into the fixed vsyscall
address mapping. This makes the mapping non-executable, but
it still contains readable known contents, which could be
used in certain rare security vulnerability exploits. This
configuration is recommended when using legacy userspace
that still uses vsyscalls along with legacy binary
instrumentation tools that require code to be readable.
An example of this type of legacy userspace is running
Pin on an old binary that still uses vsyscalls.
config LEGACY_VSYSCALL_XONLY
bool "Emulate execution only"
help
The kernel traps and emulates calls into the fixed vsyscall
address mapping and does not allow reads. This
configuration is recommended when userspace might use the
legacy vsyscall area but support for legacy binary
instrumentation of legacy code is not needed. It mitigates
certain uses of the vsyscall area as an ASLR-bypassing
buffer.
2015-08-13 03:55:19 +03:00
config LEGACY_VSYSCALL_NONE
bool "None"
help
There will be no vsyscall mapping at all. This will
eliminate any risk of ASLR bypass due to the vsyscall
fixed address mapping. Attempts to use the vsyscalls
will be reported to dmesg, so that either old or
malicious userspace programs can be identified.
endchoice
2008-08-12 23:52:36 +04:00
config CMDLINE_BOOL
bool "Built-in kernel command line"
2020-06-13 19:50:22 +03:00
help
2008-08-12 23:52:36 +04:00
Allow for specifying boot arguments to the kernel at
build time. On some systems (e.g. embedded ones), it is
necessary or convenient to provide some or all of the
kernel boot arguments with the kernel itself (that is,
to not rely on the boot loader to provide them.)
To compile command line arguments into the kernel,
set this option to 'Y', then fill in the
2015-07-08 01:02:01 +03:00
boot arguments in CONFIG_CMDLINE.
2008-08-12 23:52:36 +04:00
Systems with fully functional boot loaders (i.e. non-embedded)
should leave this option set to 'N'.
config CMDLINE
string "Built-in kernel command string"
depends on CMDLINE_BOOL
default ""
2020-06-13 19:50:22 +03:00
help
2008-08-12 23:52:36 +04:00
Enter arguments here that should be compiled into the kernel
image and used at boot time. If the boot loader provides a
command line at boot time, it is appended to this string to
form the full kernel command line, when the system boots.
However, you can use the CONFIG_CMDLINE_OVERRIDE option to
change this behavior.
In most cases, the command line (whether built-in or provided
by the boot loader) should specify the device for the root
file system.
config CMDLINE_OVERRIDE
bool "Built-in command line overrides boot loader arguments"
2020-01-24 14:46:15 +03:00
depends on CMDLINE_BOOL && CMDLINE != ""
2020-06-13 19:50:22 +03:00
help
2008-08-12 23:52:36 +04:00
Set this option to 'Y' to have the kernel ignore the boot loader
command line, and use ONLY the built-in command line.
This is used to work around broken boot loaders. This should
be set to 'N' under normal conditions.
2015-07-31 00:31:34 +03:00
config MODIFY_LDT_SYSCALL
bool "Enable the LDT (local descriptor table)" if EXPERT
default y
2020-06-13 19:50:22 +03:00
help
2015-07-31 00:31:34 +03:00
Linux can allow user programs to install a per-process x86
Local Descriptor Table (LDT) using the modify_ldt(2) system
call. This is required to run 16-bit or segmented code such as
DOSEMU or some Wine programs. It is also used by some very old
threading libraries.
Enabling this feature adds a small amount of overhead to
context switches and increases the low-level kernel attack
surface. Disabling it removes the modify_ldt(2) system call.
Saying 'N' here may make sense for embedded or server kernels.
2014-12-16 20:58:19 +03:00
source "kernel/livepatch/Kconfig"
2007-11-09 23:56:54 +03:00
endmenu
2017-09-09 02:11:39 +03:00
config ARCH_HAS_ADD_PAGES
def_bool y
depends on X86_64 && ARCH_ENABLE_MEMORY_HOTPLUG
2007-11-09 23:56:54 +03:00
config ARCH_ENABLE_MEMORY_HOTPLUG
def_bool y
depends on X86_64 || (X86_32 && HIGHMEM)
2008-10-31 20:52:03 +03:00
config ARCH_ENABLE_MEMORY_HOTREMOVE
def_bool y
depends on MEMORY_HOTPLUG
2010-05-27 01:44:58 +04:00
config USE_PERCPU_NUMA_NODE_ID
2011-01-23 16:37:40 +03:00
def_bool y
2010-05-27 01:44:58 +04:00
depends on NUMA
2013-11-15 02:31:10 +04:00
config ARCH_ENABLE_SPLIT_PMD_PTLOCK
def_bool y
depends on X86_64 || X86_PAE
2014-06-05 03:05:35 +04:00
config ARCH_ENABLE_HUGEPAGE_MIGRATION
def_bool y
depends on X86_64 && HUGETLB_PAGE && MIGRATION
2017-09-09 02:10:53 +03:00
config ARCH_ENABLE_THP_MIGRATION
def_bool y
depends on X86_64 && TRANSPARENT_HUGEPAGE
2008-11-05 22:37:27 +03:00
menu "Power management and ACPI options"
2007-11-06 22:41:05 +03:00
config ARCH_HIBERNATION_HEADER
2008-01-30 15:31:03 +03:00
def_bool y
2018-09-21 09:27:29 +03:00
depends on HIBERNATION
2007-11-06 22:41:05 +03:00
source "kernel/power/Kconfig"
source "drivers/acpi/Kconfig"
2009-08-14 23:23:29 +04:00
source "drivers/sfi/Kconfig"
2008-01-30 15:32:49 +03:00
config X86_APM_BOOT
2010-04-21 18:23:44 +04:00
def_bool y
2011-11-17 14:41:31 +04:00
depends on APM
2008-01-30 15:32:49 +03:00
2007-11-06 22:41:05 +03:00
menuconfig APM
tristate "APM (Advanced Power Management) BIOS support"
2008-07-10 18:09:50 +04:00
depends on X86_32 && PM_SLEEP
2020-06-13 19:50:22 +03:00
help
2007-11-06 22:41:05 +03:00
APM is a BIOS specification for saving power using several different
techniques. This is mostly useful for battery powered laptops with
APM compliant BIOSes. If you say Y here, the system time will be
reset after a RESUME operation, the /proc/apm device will provide
battery status information, and user-space programs will receive
notification of APM "events" (e.g. battery status change).
If you select "Y" here, you can disable actual use of the APM
BIOS by passing the "apm=off" option to the kernel at boot time.
Note that the APM support is almost completely disabled for
machines with more than one CPU.
In order to use APM, you will need supporting software. For location
2019-06-13 13:10:36 +03:00
and more information, read <file:Documentation/power/apm-acpi.rst>
2011-07-09 01:11:16 +04:00
and the Battery Powered Linux mini-HOWTO, available from
2007-11-06 22:41:05 +03:00
<http://www.tldp.org/docs.html#howto>.
This driver does not spin down disk drives (see the hdparm(8)
manpage ("man 8 hdparm") for that), and it doesn't turn off
VESA-compliant "green" monitors.
This driver does not support the TI 4000M TravelMate and the ACER
486/DX4/75 because they don't have compliant BIOSes. Many "green"
desktop machines also don't have compliant BIOSes, and this driver
may cause those machines to panic during the boot phase.
Generally, if you don't have a battery in your machine, there isn't
much point in using this driver and you should say N. If you get
random kernel OOPSes or reboots that don't seem to be related to
anything, try disabling/enabling this option (or disabling/enabling
APM in your BIOS).
Some other things you should try when experiencing seemingly random,
"weird" problems:
1) make sure that you have enough swap space and that it is
enabled.
2) pass the "no-hlt" option to the kernel
3) switch on floating point emulation in the kernel and pass
the "no387" option to the kernel
4) pass the "floppy=nodma" option to the kernel
5) pass the "mem=4M" option to the kernel (thereby disabling
all but the first 4 MB of RAM)
6) make sure that the CPU is not over clocked.
7) read the sig11 FAQ at <http://www.bitwizard.nl/sig11/>
8) disable the cache from your BIOS settings
9) install a fan for the video card or exchange video RAM
10) install a better fan for the CPU
11) exchange RAM chips
12) exchange the motherboard.
To compile this driver as a module, choose M here: the
module will be called apm.
if APM
config APM_IGNORE_USER_SUSPEND
bool "Ignore USER SUSPEND"
2020-06-13 19:50:22 +03:00
help
2007-11-06 22:41:05 +03:00
This option will ignore USER SUSPEND requests. On machines with a
compliant APM BIOS, you want to say N. However, on the NEC Versa M
series notebooks, it is necessary to say Y because of a BIOS bug.
config APM_DO_ENABLE
bool "Enable PM at boot time"
2020-06-13 19:50:22 +03:00
help
2007-11-06 22:41:05 +03:00
Enable APM features at boot time. From page 36 of the APM BIOS
specification: "When disabled, the APM BIOS does not automatically
power manage devices, enter the Standby State, enter the Suspend
State, or take power saving steps in response to CPU Idle calls."
This driver will make CPU Idle calls when Linux is idle (unless this
feature is turned off -- see "Do CPU IDLE calls", below). This
should always save battery power, but more complicated APM features
will be dependent on your BIOS implementation. You may need to turn
this option off if your computer hangs at boot time when using APM
support, or if it beeps continuously instead of suspending. Turn
this off if you have a NEC UltraLite Versa 33/C or a Toshiba
T400CDT. This is off by default since most machines do fine without
this feature.
config APM_CPU_IDLE
2013-02-10 06:10:04 +04:00
depends on CPU_IDLE
2007-11-06 22:41:05 +03:00
bool "Make CPU Idle calls when idle"
2020-06-13 19:50:22 +03:00
help
2007-11-06 22:41:05 +03:00
Enable calls to APM CPU Idle/CPU Busy inside the kernel's idle loop.
On some machines, this can activate improved power savings, such as
a slowed CPU clock rate, when the machine is idle. These idle calls
are made after the idle loop has run for some length of time (e.g.,
333 mS). On some machines, this will cause a hang at boot time or
whenever the CPU becomes idle. (On machines with more than one CPU,
this option does nothing.)
config APM_DISPLAY_BLANK
bool "Enable console blanking using APM"
2020-06-13 19:50:22 +03:00
help
2007-11-06 22:41:05 +03:00
Enable console blanking using the APM. Some laptops can use this to
turn off the LCD backlight when the screen blanker of the Linux
virtual console blanks the screen. Note that this is only used by
the virtual console screen blanker, and won't turn off the backlight
when using the X Window system. This also doesn't have anything to
do with your VESA-compliant power-saving monitor. Further, this
option doesn't work for all laptops -- it might not turn off your
backlight at all, or it might print a lot of errors to the console,
especially if you are using gpm.
config APM_ALLOW_INTS
bool "Allow interrupts during APM BIOS calls"
2020-06-13 19:50:22 +03:00
help
2007-11-06 22:41:05 +03:00
Normally we disable external interrupts while we are making calls to
the APM BIOS as a measure to lessen the effects of a badly behaving
BIOS implementation. The BIOS should reenable interrupts if it
needs to. Unfortunately, some BIOSes do not -- especially those in
many of the newer IBM Thinkpads. If you experience hangs when you
suspend, try setting this to Y. Otherwise, say N.
endif # APM
2011-05-20 02:51:07 +04:00
source "drivers/cpufreq/Kconfig"
2007-11-06 22:41:05 +03:00
source "drivers/cpuidle/Kconfig"
2008-10-09 22:45:22 +04:00
source "drivers/idle/Kconfig"
2007-11-06 22:41:05 +03:00
endmenu
menu "Bus options (PCI etc.)"
choice
prompt "PCI access mode"
2008-07-10 18:09:50 +04:00
depends on X86_32 && PCI
2007-11-06 22:41:05 +03:00
default PCI_GOANY
2020-06-13 19:50:22 +03:00
help
2007-11-06 22:41:05 +03:00
On PCI systems, the BIOS can be used to detect the PCI devices and
determine their configuration. However, some old PCI motherboards
have BIOS bugs and may crash if this is done. Also, some embedded
PCI-based systems don't have any BIOS at all. Linux can also try to
detect the PCI hardware directly without using the BIOS.
With this option, you can specify how Linux should detect the
PCI devices. If you choose "BIOS", the BIOS will be used,
if you choose "Direct", the BIOS won't be used, and if you
choose "MMConfig", then PCI Express MMCONFIG will be used.
If you choose "Any", the kernel will try MMCONFIG, then the
direct access method and falls back to the BIOS if that doesn't
work. If unsure, go with the default, which is "Any".
config PCI_GOBIOS
bool "BIOS"
config PCI_GOMMCONFIG
bool "MMConfig"
config PCI_GODIRECT
bool "Direct"
2008-04-29 11:59:53 +04:00
config PCI_GOOLPC
2010-09-23 20:28:04 +04:00
bool "OLPC XO-1"
2008-04-29 11:59:53 +04:00
depends on OLPC
2008-06-06 01:14:41 +04:00
config PCI_GOANY
bool "Any"
2007-11-06 22:41:05 +03:00
endchoice
config PCI_BIOS
2008-01-30 15:31:03 +03:00
def_bool y
2008-07-10 18:09:50 +04:00
depends on X86_32 && PCI && (PCI_GOBIOS || PCI_GOANY)
2007-11-06 22:41:05 +03:00
# x86-64 doesn't support PCI BIOS access from long mode so always go direct.
config PCI_DIRECT
2008-01-30 15:31:03 +03:00
def_bool y
2011-05-27 10:59:39 +04:00
depends on PCI && (X86_64 || (PCI_GODIRECT || PCI_GOANY || PCI_GOOLPC || PCI_GOMMCONFIG))
2007-11-06 22:41:05 +03:00
config PCI_MMCONFIG
2018-03-07 10:39:16 +03:00
bool "Support mmconfig PCI config space access" if X86_64
default y
2018-03-07 10:39:17 +03:00
depends on PCI && (ACPI || SFI || JAILHOUSE_GUEST)
2018-03-07 10:39:16 +03:00
depends on X86_64 || (PCI_GOANY || PCI_GOMMCONFIG)
2007-11-06 22:41:05 +03:00
2008-04-29 11:59:53 +04:00
config PCI_OLPC
2008-06-06 01:14:41 +04:00
def_bool y
depends on PCI && OLPC && (PCI_GOOLPC || PCI_GOANY)
2008-04-29 11:59:53 +04:00
2010-03-18 23:31:34 +03:00
config PCI_XEN
def_bool y
depends on PCI && XEN
select SWIOTLB_XEN
2018-03-07 10:39:17 +03:00
config MMCONF_FAM10H
def_bool y
depends on X86_64 && PCI_MMCONFIG && ACPI
2007-11-06 22:41:05 +03:00
2010-04-01 22:43:30 +04:00
config PCI_CNB20LE_QUIRK
2011-01-21 01:44:16 +03:00
bool "Read CNB20LE Host Bridge Windows" if EXPERT
2012-10-02 22:16:47 +04:00
depends on PCI
2010-04-01 22:43:30 +04:00
help
Read the PCI windows out of the CNB20LE host bridge. This allows
PCI hotplug to work on systems with the CNB20LE chipset which do
not have ACPI.
2011-01-06 20:12:30 +03:00
There's no public spec for this chipset, and this functionality
is known to be incomplete.
You should say N unless you know you need this.
2016-05-28 01:08:27 +03:00
config ISA_BUS
2017-12-29 23:14:46 +03:00
bool "ISA bus support on modern systems" if EXPERT
2016-05-28 01:08:27 +03:00
help
2017-12-29 23:14:46 +03:00
Expose ISA bus device drivers and options available for selection and
configuration. Enable this option if your target machine has an ISA
bus. ISA is an older system, displaced by PCI and newer bus
architectures -- if your target machine is modern, it probably does
not have an ISA bus.
2016-05-28 01:08:27 +03:00
If unsure, say N.
2011-03-23 02:34:59 +03:00
# x86_64 have no ISA slots, but can have ISA-style DMA.
2007-11-06 22:41:05 +03:00
config ISA_DMA_API
2011-03-23 02:34:59 +03:00
bool "ISA-style DMA support" if (X86_64 && EXPERT)
default y
help
Enables ISA-style DMA support for devices requiring such controllers.
If unsure, say Y.
2007-11-06 22:41:05 +03:00
2016-05-21 20:25:19 +03:00
if X86_32
2007-11-06 22:41:05 +03:00
config ISA
bool "ISA support"
2020-06-13 19:50:22 +03:00
help
2007-11-06 22:41:05 +03:00
Find out whether you have ISA slots on your motherboard. ISA is the
name of a bus system, i.e. the way the CPU talks to the other stuff
inside your box. Other bus systems are PCI, EISA, MicroChannel
(MCA) or VESA. ISA is an older system, now being displaced by PCI;
newer boards don't support it. If you have ISA, say Y, otherwise N.
config SCx200
tristate "NatSemi SCx200 support"
2020-06-13 19:50:22 +03:00
help
2007-11-06 22:41:05 +03:00
This provides basic support for National Semiconductor's
(now AMD's) Geode processors. The driver probes for the
PCI-IDs of several on-chip devices, so its a good dependency
for other scx200_* drivers.
If compiled as a module, the driver is named scx200.
config SCx200HR_TIMER
tristate "NatSemi SCx200 27MHz High-Resolution Timer Support"
2010-07-14 04:56:20 +04:00
depends on SCx200
2007-11-06 22:41:05 +03:00
default y
2020-06-13 19:50:22 +03:00
help
2007-11-06 22:41:05 +03:00
This driver provides a clocksource built upon the on-chip
27MHz high-resolution timer. Its also a workaround for
NSC Geode SC-1100's buggy TSC, which loses time when the
processor goes idle (as is done by the scheduler). The
other workaround is idle=poll boot option.
2008-04-29 11:59:53 +04:00
config OLPC
bool "One Laptop Per Child support"
2011-02-23 11:50:15 +03:00
depends on !X86_PAE
2009-12-15 05:00:36 +03:00
select GPIOLIB
2011-02-23 12:08:31 +03:00
select OF
2011-03-13 18:10:17 +03:00
select OF_PROMTREE
2011-12-17 02:50:17 +04:00
select IRQ_DOMAIN
2019-05-13 10:56:37 +03:00
select OLPC_EC
2020-06-13 19:50:22 +03:00
help
2008-04-29 11:59:53 +04:00
Add support for detecting the unique features of the OLPC
XO hardware.
2011-06-25 20:34:10 +04:00
config OLPC_XO1_PM
bool "OLPC XO-1 Power Management"
2018-10-05 16:13:07 +03:00
depends on OLPC && MFD_CS5535=y && PM_SLEEP
2020-06-13 19:50:22 +03:00
help
2011-06-25 20:34:11 +04:00
Add support for poweroff and suspend of the OLPC XO-1 laptop.
2010-10-10 13:40:32 +04:00
2011-06-25 20:34:17 +04:00
config OLPC_XO1_RTC
bool "OLPC XO-1 Real Time Clock"
depends on OLPC_XO1_PM && RTC_DRV_CMOS
2020-06-13 19:50:22 +03:00
help
2011-06-25 20:34:17 +04:00
Add support for the XO-1 real time clock, which can be used as a
programmable wakeup source.
2011-06-25 20:34:12 +04:00
config OLPC_XO1_SCI
bool "OLPC XO-1 SCI extras"
2018-04-04 15:44:54 +03:00
depends on OLPC && OLPC_XO1_PM && GPIO_CS5535=y
2012-12-19 00:22:17 +04:00
depends on INPUT=y
2011-07-24 21:33:21 +04:00
select POWER_SUPPLY
2020-06-13 19:50:22 +03:00
help
2011-06-25 20:34:12 +04:00
Add support for SCI-based features of the OLPC XO-1 laptop:
2011-06-25 20:34:14 +04:00
- EC-driven system wakeups
2011-06-25 20:34:12 +04:00
- Power button
2011-06-25 20:34:14 +04:00
- Ebook switch
2011-06-25 20:34:15 +04:00
- Lid switch
2011-06-25 20:34:16 +04:00
- AC adapter status updates
- Battery status updates
2011-06-25 20:34:12 +04:00
2011-06-25 20:34:18 +04:00
config OLPC_XO15_SCI
bool "OLPC XO-1.5 SCI extras"
2011-07-24 21:33:21 +04:00
depends on OLPC && ACPI
select POWER_SUPPLY
2020-06-13 19:50:22 +03:00
help
2011-06-25 20:34:18 +04:00
Add support for SCI-based features of the OLPC XO-1.5 laptop:
- EC-driven system wakeups
- AC adapter status updates
- Battery status updates
2010-10-10 13:40:32 +04:00
2011-09-21 01:00:12 +04:00
config ALIX
bool "PCEngines ALIX System Support (LED setup)"
select GPIOLIB
2020-06-13 19:50:22 +03:00
help
2011-09-21 01:00:12 +04:00
This option enables system support for the PCEngines ALIX.
At present this just sets up LEDs for GPIO control on
ALIX2/3/6 boards. However, other system specific setup should
get added here.
Note: You must still enable the drivers for GPIO and LED support
(GPIO_CS5535 & LEDS_GPIO) to actually use the LEDs
Note: You have to set alix.force=1 for boards with Award BIOS.
2012-03-06 03:05:15 +04:00
config NET5501
bool "Soekris Engineering net5501 System Support (LEDS, GPIO, etc)"
select GPIOLIB
2020-06-13 19:50:22 +03:00
help
2012-03-06 03:05:15 +04:00
This option enables system support for the Soekris Engineering net5501.
2012-01-14 12:45:39 +04:00
config GEOS
bool "Traverse Technologies GEOS System Support (LEDS, GPIO, etc)"
select GPIOLIB
depends on DMI
2020-06-13 19:50:22 +03:00
help
2012-01-14 12:45:39 +04:00
This option enables system support for the Traverse Technologies GEOS.
2013-01-05 01:18:14 +04:00
config TS5500
bool "Technologic Systems TS-5500 platform support"
depends on MELAN
select CHECK_SIGNATURE
select NEW_LEDS
select LEDS_CLASS
2020-06-13 19:50:22 +03:00
help
2013-01-05 01:18:14 +04:00
This option enables system support for the Technologic Systems TS-5500.
2007-11-07 01:10:39 +03:00
endif # X86_32
2010-09-17 20:03:43 +04:00
config AMD_NB
2007-11-06 22:41:05 +03:00
def_bool y
2010-03-12 17:43:03 +03:00
depends on CPU_SUP_AMD && PCI
2007-11-06 22:41:05 +03:00
x86: provide platform-devices for boot-framebuffers
The current situation regarding boot-framebuffers (VGA, VESA/VBE, EFI) on
x86 causes troubles when loading multiple fbdev drivers. The global
"struct screen_info" does not provide any state-tracking about which
drivers use the FBs. request_mem_region() theoretically works, but
unfortunately vesafb/efifb ignore it due to quirks for broken boards.
Avoid this by creating a platform framebuffer devices with a pointer
to the "struct screen_info" as platform-data. Drivers can now create
platform-drivers and the driver-core will refuse multiple drivers being
active simultaneously.
We keep the screen_info available for backwards-compatibility. Drivers
can be converted in follow-up patches.
Different devices are created for VGA/VESA/EFI FBs to allow multiple
drivers to be loaded on distro kernels. We create:
- "vesa-framebuffer" for VBE/VESA graphics FBs
- "efi-framebuffer" for EFI FBs
- "platform-framebuffer" for everything else
This allows to load vesafb, efifb and others simultaneously and each
picks up only the supported FB types.
Apart from platform-framebuffer devices, this also introduces a
compatibility option for "simple-framebuffer" drivers which recently got
introduced for OF based systems. If CONFIG_X86_SYSFB is selected, we
try to match the screen_info against a simple-framebuffer supported
format. If we succeed, we create a "simple-framebuffer" device instead
of a platform-framebuffer.
This allows to reuse the simplefb.c driver across architectures and also
to introduce a SimpleDRM driver. There is no need to have vesafb.c,
efifb.c, simplefb.c and more just to have architecture specific quirks
in their setup-routines.
Instead, we now move the architecture specific quirks into x86-setup and
provide a generic simple-framebuffer. For backwards-compatibility (if
strange formats are used), we still allow vesafb/efifb to be loaded
simultaneously and pick up all remaining devices.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
Link: http://lkml.kernel.org/r/1375445127-15480-4-git-send-email-dh.herrmann@gmail.com
Tested-by: Stephen Warren <swarren@nvidia.com>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
2013-08-02 16:05:22 +04:00
config X86_SYSFB
bool "Mark VGA/VBE/EFI FB as generic system framebuffer"
help
Firmwares often provide initial graphics framebuffers so the BIOS,
bootloader or kernel can show basic video-output during boot for
user-guidance and debugging. Historically, x86 used the VESA BIOS
Extensions and EFI-framebuffers for this, which are mostly limited
to x86.
This option, if enabled, marks VGA/VBE/EFI framebuffers as generic
framebuffers so the new generic system-framebuffer drivers can be
used on x86. If the framebuffer is not compatible with the generic
2018-08-26 02:10:54 +03:00
modes, it is advertised as fallback platform framebuffer so legacy
x86: provide platform-devices for boot-framebuffers
The current situation regarding boot-framebuffers (VGA, VESA/VBE, EFI) on
x86 causes troubles when loading multiple fbdev drivers. The global
"struct screen_info" does not provide any state-tracking about which
drivers use the FBs. request_mem_region() theoretically works, but
unfortunately vesafb/efifb ignore it due to quirks for broken boards.
Avoid this by creating a platform framebuffer devices with a pointer
to the "struct screen_info" as platform-data. Drivers can now create
platform-drivers and the driver-core will refuse multiple drivers being
active simultaneously.
We keep the screen_info available for backwards-compatibility. Drivers
can be converted in follow-up patches.
Different devices are created for VGA/VESA/EFI FBs to allow multiple
drivers to be loaded on distro kernels. We create:
- "vesa-framebuffer" for VBE/VESA graphics FBs
- "efi-framebuffer" for EFI FBs
- "platform-framebuffer" for everything else
This allows to load vesafb, efifb and others simultaneously and each
picks up only the supported FB types.
Apart from platform-framebuffer devices, this also introduces a
compatibility option for "simple-framebuffer" drivers which recently got
introduced for OF based systems. If CONFIG_X86_SYSFB is selected, we
try to match the screen_info against a simple-framebuffer supported
format. If we succeed, we create a "simple-framebuffer" device instead
of a platform-framebuffer.
This allows to reuse the simplefb.c driver across architectures and also
to introduce a SimpleDRM driver. There is no need to have vesafb.c,
efifb.c, simplefb.c and more just to have architecture specific quirks
in their setup-routines.
Instead, we now move the architecture specific quirks into x86-setup and
provide a generic simple-framebuffer. For backwards-compatibility (if
strange formats are used), we still allow vesafb/efifb to be loaded
simultaneously and pick up all remaining devices.
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
Link: http://lkml.kernel.org/r/1375445127-15480-4-git-send-email-dh.herrmann@gmail.com
Tested-by: Stephen Warren <swarren@nvidia.com>
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
2013-08-02 16:05:22 +04:00
drivers like efifb, vesafb and uvesafb can pick it up.
If this option is not selected, all system framebuffers are always
marked as fallback platform framebuffers as usual.
Note: Legacy fbdev drivers, including vesafb, efifb, uvesafb, will
not be able to pick up generic system framebuffers if this option
is selected. You are highly encouraged to enable simplefb as
replacement if you select this option. simplefb can correctly deal
with generic system framebuffers. But you should still keep vesafb
and others enabled as fallback if a system framebuffer is
incompatible with simplefb.
If unsure, say Y.
2007-11-06 22:41:05 +03:00
endmenu
2018-07-31 14:39:30 +03:00
menu "Binary Emulations"
2007-11-06 22:41:05 +03:00
config IA32_EMULATION
bool "IA32 Emulation"
depends on X86_64
2016-11-15 12:22:52 +03:00
select ARCH_WANT_OLD_COMPAT_IPC
2013-06-18 23:33:40 +04:00
select BINFMT_ELF
2008-01-30 15:31:55 +03:00
select COMPAT_BINFMT_ELF
2016-11-15 12:22:52 +03:00
select COMPAT_OLD_SIGACTION
2020-06-13 19:50:22 +03:00
help
2012-02-19 22:40:03 +04:00
Include code to run legacy 32-bit programs under a
64-bit kernel. You should likely turn this on, unless you're
100% sure that you don't have any 32-bit programs left.
2007-11-06 22:41:05 +03:00
config IA32_AOUT
2009-02-05 18:21:53 +03:00
tristate "IA32 a.out support"
depends on IA32_EMULATION
2019-03-05 17:47:51 +03:00
depends on BROKEN
2020-06-13 19:50:22 +03:00
help
2009-02-05 18:21:53 +03:00
Support old a.out binaries in the 32bit emulation.
2007-11-06 22:41:05 +03:00
2012-02-28 02:09:10 +04:00
config X86_X32
2012-10-02 22:16:47 +04:00
bool "x32 ABI for 64-bit mode"
2015-06-22 14:55:21 +03:00
depends on X86_64
2020-06-13 19:50:22 +03:00
help
2012-02-19 22:40:03 +04:00
Include code to run binaries for the x32 native 32-bit ABI
for 64-bit processors. An x32 process gets access to the
full 64-bit register file and wide data path while leaving
pointers at 32 bits for smaller memory footprint.
You will need a recent binutils (2.22 or later) with
elf32_x86_64 support enabled to compile a kernel with this
option set.
2016-11-15 12:22:52 +03:00
config COMPAT_32
def_bool y
depends on IA32_EMULATION || X86_32
select HAVE_UID16
select OLD_SIGSUSPEND3
2007-11-06 22:41:05 +03:00
config COMPAT
2008-01-30 15:31:03 +03:00
def_bool y
2012-02-28 02:09:10 +04:00
depends on IA32_EMULATION || X86_X32
2007-11-06 22:41:05 +03:00
2012-09-10 15:41:45 +04:00
if COMPAT
2007-11-06 22:41:05 +03:00
config COMPAT_FOR_U64_ALIGNMENT
2012-09-10 15:41:45 +04:00
def_bool y
2007-11-06 22:41:05 +03:00
config SYSVIPC_COMPAT
2008-01-30 15:31:03 +03:00
def_bool y
2012-09-10 15:41:45 +04:00
depends on SYSVIPC
endif
2011-03-07 18:06:20 +03:00
2007-11-06 22:41:05 +03:00
endmenu
2008-11-03 20:21:45 +03:00
config HAVE_ATOMIC_IOMAP
def_bool y
depends on X86_32
2007-11-06 22:41:05 +03:00
source "drivers/firmware/Kconfig"
2007-12-16 12:02:48 +03:00
source "arch/x86/kvm/Kconfig"
2020-03-26 11:00:58 +03:00
source "arch/x86/Kconfig.assembler"