]>
Commit | Line | Data |
---|---|---|
ec8f24b7 | 1 | # SPDX-License-Identifier: GPL-2.0-only |
8c2c3df3 CM |
2 | config ARM64 |
3 | def_bool y | |
b6197b93 | 4 | select ACPI_CCA_REQUIRED if ACPI |
d8f4f161 | 5 | select ACPI_GENERIC_GSI if ACPI |
5f1ae4eb | 6 | select ACPI_GTDT if ACPI |
c6bb8f89 | 7 | select ACPI_IORT if ACPI |
6933de0c | 8 | select ACPI_REDUCED_HARDWARE_ONLY if ACPI |
52146173 | 9 | select ACPI_MCFG if (ACPI && PCI) |
888125a7 | 10 | select ACPI_SPCR_TABLE if ACPI |
0ce82232 | 11 | select ACPI_PPTT if ACPI |
1d8f51d4 | 12 | select ARCH_CLOCKSOURCE_DATA |
ec6d06ef | 13 | select ARCH_HAS_DEBUG_VIRTUAL |
21266be9 | 14 | select ARCH_HAS_DEVMEM_IS_ALLOWED |
13bf5ced | 15 | select ARCH_HAS_DMA_PREP_COHERENT |
38b04a74 | 16 | select ARCH_HAS_ACPI_TABLE_UPGRADE if ACPI |
e75bef2a | 17 | select ARCH_HAS_FAST_MULTIPLIER |
6974f0c4 | 18 | select ARCH_HAS_FORTIFY_SOURCE |
957e3fac | 19 | select ARCH_HAS_GCOV_PROFILE_ALL |
4eb0716e | 20 | select ARCH_HAS_GIGANTIC_PAGE |
5e4c7549 | 21 | select ARCH_HAS_KCOV |
d8ae8a37 | 22 | select ARCH_HAS_KEEPINITRD |
f1e3a12b | 23 | select ARCH_HAS_MEMBARRIER_SYNC_CORE |
73b20c84 | 24 | select ARCH_HAS_PTE_DEVMAP |
3010a5ea | 25 | select ARCH_HAS_PTE_SPECIAL |
347cb6af | 26 | select ARCH_HAS_SETUP_DMA_OPS |
4739d53f | 27 | select ARCH_HAS_SET_DIRECT_MAP |
d2852a22 | 28 | select ARCH_HAS_SET_MEMORY |
ad21fc4f LA |
29 | select ARCH_HAS_STRICT_KERNEL_RWX |
30 | select ARCH_HAS_STRICT_MODULE_RWX | |
886643b7 CH |
31 | select ARCH_HAS_SYNC_DMA_FOR_DEVICE |
32 | select ARCH_HAS_SYNC_DMA_FOR_CPU | |
4378a7d4 | 33 | select ARCH_HAS_SYSCALL_WRAPPER |
dc2acded | 34 | select ARCH_HAS_TEARDOWN_DMA_OPS if IOMMU_SUPPORT |
1f85008e | 35 | select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST |
396a5d4a | 36 | select ARCH_HAVE_NMI_SAFE_CMPXCHG |
7ef858da TG |
37 | select ARCH_INLINE_READ_LOCK if !PREEMPTION |
38 | select ARCH_INLINE_READ_LOCK_BH if !PREEMPTION | |
39 | select ARCH_INLINE_READ_LOCK_IRQ if !PREEMPTION | |
40 | select ARCH_INLINE_READ_LOCK_IRQSAVE if !PREEMPTION | |
41 | select ARCH_INLINE_READ_UNLOCK if !PREEMPTION | |
42 | select ARCH_INLINE_READ_UNLOCK_BH if !PREEMPTION | |
43 | select ARCH_INLINE_READ_UNLOCK_IRQ if !PREEMPTION | |
44 | select ARCH_INLINE_READ_UNLOCK_IRQRESTORE if !PREEMPTION | |
45 | select ARCH_INLINE_WRITE_LOCK if !PREEMPTION | |
46 | select ARCH_INLINE_WRITE_LOCK_BH if !PREEMPTION | |
47 | select ARCH_INLINE_WRITE_LOCK_IRQ if !PREEMPTION | |
48 | select ARCH_INLINE_WRITE_LOCK_IRQSAVE if !PREEMPTION | |
49 | select ARCH_INLINE_WRITE_UNLOCK if !PREEMPTION | |
50 | select ARCH_INLINE_WRITE_UNLOCK_BH if !PREEMPTION | |
51 | select ARCH_INLINE_WRITE_UNLOCK_IRQ if !PREEMPTION | |
52 | select ARCH_INLINE_WRITE_UNLOCK_IRQRESTORE if !PREEMPTION | |
53 | select ARCH_INLINE_SPIN_TRYLOCK if !PREEMPTION | |
54 | select ARCH_INLINE_SPIN_TRYLOCK_BH if !PREEMPTION | |
55 | select ARCH_INLINE_SPIN_LOCK if !PREEMPTION | |
56 | select ARCH_INLINE_SPIN_LOCK_BH if !PREEMPTION | |
57 | select ARCH_INLINE_SPIN_LOCK_IRQ if !PREEMPTION | |
58 | select ARCH_INLINE_SPIN_LOCK_IRQSAVE if !PREEMPTION | |
59 | select ARCH_INLINE_SPIN_UNLOCK if !PREEMPTION | |
60 | select ARCH_INLINE_SPIN_UNLOCK_BH if !PREEMPTION | |
61 | select ARCH_INLINE_SPIN_UNLOCK_IRQ if !PREEMPTION | |
62 | select ARCH_INLINE_SPIN_UNLOCK_IRQRESTORE if !PREEMPTION | |
350e88ba | 63 | select ARCH_KEEP_MEMBLOCK |
c63c8700 | 64 | select ARCH_USE_CMPXCHG_LOCKREF |
087133ac | 65 | select ARCH_USE_QUEUED_RWLOCKS |
c1109047 | 66 | select ARCH_USE_QUEUED_SPINLOCKS |
c484f256 | 67 | select ARCH_SUPPORTS_MEMORY_FAILURE |
4badad35 | 68 | select ARCH_SUPPORTS_ATOMIC_RMW |
c12d3362 | 69 | select ARCH_SUPPORTS_INT128 if CC_HAS_INT128 && (GCC_VERSION >= 50000 || CC_IS_CLANG) |
56166230 | 70 | select ARCH_SUPPORTS_NUMA_BALANCING |
84c187af | 71 | select ARCH_WANT_COMPAT_IPC_PARSE_VERSION if COMPAT |
81c22041 | 72 | select ARCH_WANT_DEFAULT_BPF_JIT |
67f3977f | 73 | select ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT |
b6f35981 | 74 | select ARCH_WANT_FRAME_POINTERS |
3876d4a3 | 75 | select ARCH_WANT_HUGE_PMD_SHARE if ARM64_4K_PAGES || (ARM64_16K_PAGES && !ARM64_VA_BITS_36) |
f0b7f8a4 | 76 | select ARCH_HAS_UBSAN_SANITIZE_ALL |
25c92a37 | 77 | select ARM_AMBA |
1aee5d7a | 78 | select ARM_ARCH_TIMER |
c4188edc | 79 | select ARM_GIC |
875cbf3e | 80 | select AUDIT_ARCH_COMPAT_GENERIC |
3ee80364 | 81 | select ARM_GIC_V2M if PCI |
021f6537 | 82 | select ARM_GIC_V3 |
3ee80364 | 83 | select ARM_GIC_V3_ITS if PCI |
bff60792 | 84 | select ARM_PSCI_FW |
10916706 | 85 | select BUILDTIME_TABLE_SORT |
db2789b5 | 86 | select CLONE_BACKWARDS |
7ca2ef33 | 87 | select COMMON_CLK |
166936ba | 88 | select CPU_PM if (SUSPEND || CPU_IDLE) |
7481cddf | 89 | select CRC32 |
7bc13fd3 | 90 | select DCACHE_WORD_ACCESS |
0c3b3171 | 91 | select DMA_DIRECT_REMAP |
ef37566c | 92 | select EDAC_SUPPORT |
2f34f173 | 93 | select FRAME_POINTER |
d4932f9e | 94 | select GENERIC_ALLOCATOR |
2ef7a295 | 95 | select GENERIC_ARCH_TOPOLOGY |
8c2c3df3 | 96 | select GENERIC_CLOCKEVENTS |
4b3dc967 | 97 | select GENERIC_CLOCKEVENTS_BROADCAST |
3be1a5c4 | 98 | select GENERIC_CPU_AUTOPROBE |
61ae1321 | 99 | select GENERIC_CPU_VULNERABILITIES |
bf4b558e | 100 | select GENERIC_EARLY_IOREMAP |
2314ee4d | 101 | select GENERIC_IDLE_POLL_SETUP |
78ae2e1c | 102 | select GENERIC_IRQ_MULTI_HANDLER |
8c2c3df3 CM |
103 | select GENERIC_IRQ_PROBE |
104 | select GENERIC_IRQ_SHOW | |
6544e67b | 105 | select GENERIC_IRQ_SHOW_LEVEL |
cb61f676 | 106 | select GENERIC_PCI_IOMAP |
102f45fd | 107 | select GENERIC_PTDUMP |
65cd4f6c | 108 | select GENERIC_SCHED_CLOCK |
8c2c3df3 | 109 | select GENERIC_SMP_IDLE_THREAD |
12a0ef7b WD |
110 | select GENERIC_STRNCPY_FROM_USER |
111 | select GENERIC_STRNLEN_USER | |
8c2c3df3 | 112 | select GENERIC_TIME_VSYSCALL |
28b1a824 | 113 | select GENERIC_GETTIMEOFDAY |
a1ddc74a | 114 | select HANDLE_DOMAIN_IRQ |
8c2c3df3 | 115 | select HARDIRQS_SW_RESEND |
eb01d42a | 116 | select HAVE_PCI |
9f9a35a7 | 117 | select HAVE_ACPI_APEI if (ACPI && EFI) |
5284e1b4 | 118 | select HAVE_ALIGNED_STRUCT_PAGE if SLUB |
875cbf3e | 119 | select HAVE_ARCH_AUDITSYSCALL |
8e7a4cef | 120 | select HAVE_ARCH_BITREVERSE |
324420bf | 121 | select HAVE_ARCH_HUGE_VMAP |
9732cafd | 122 | select HAVE_ARCH_JUMP_LABEL |
c296146c | 123 | select HAVE_ARCH_JUMP_LABEL_RELATIVE |
e17d8025 | 124 | select HAVE_ARCH_KASAN if !(ARM64_16K_PAGES && ARM64_VA_BITS_48) |
2d4acb90 | 125 | select HAVE_ARCH_KASAN_SW_TAGS if HAVE_ARCH_KASAN |
9529247d | 126 | select HAVE_ARCH_KGDB |
8f0d3aa9 DC |
127 | select HAVE_ARCH_MMAP_RND_BITS |
128 | select HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT | |
271ca788 | 129 | select HAVE_ARCH_PREL32_RELOCATIONS |
a1ae65b2 | 130 | select HAVE_ARCH_SECCOMP_FILTER |
0b3e3366 | 131 | select HAVE_ARCH_STACKLEAK |
9e8084d3 | 132 | select HAVE_ARCH_THREAD_STRUCT_WHITELIST |
8c2c3df3 | 133 | select HAVE_ARCH_TRACEHOOK |
8ee70879 | 134 | select HAVE_ARCH_TRANSPARENT_HUGEPAGE |
e3067861 | 135 | select HAVE_ARCH_VMAP_STACK |
8ee70879 | 136 | select HAVE_ARM_SMCCC |
2ff2b7ec | 137 | select HAVE_ASM_MODVERSIONS |
6077776b | 138 | select HAVE_EBPF_JIT |
af64d2aa | 139 | select HAVE_C_RECORDMCOUNT |
5284e1b4 | 140 | select HAVE_CMPXCHG_DOUBLE |
95eff6b2 | 141 | select HAVE_CMPXCHG_LOCAL |
8ee70879 | 142 | select HAVE_CONTEXT_TRACKING |
a4376f2f | 143 | select HAVE_COPY_THREAD_TLS |
9b2a60c4 | 144 | select HAVE_DEBUG_BUGVERBOSE |
b69ec42b | 145 | select HAVE_DEBUG_KMEMLEAK |
6ac2104d | 146 | select HAVE_DMA_CONTIGUOUS |
bd7d38db | 147 | select HAVE_DYNAMIC_FTRACE |
3b23e499 TD |
148 | select HAVE_DYNAMIC_FTRACE_WITH_REGS \ |
149 | if $(cc-option,-fpatchable-function-entry=2) | |
50afc33a | 150 | select HAVE_EFFICIENT_UNALIGNED_ACCESS |
67a929e0 | 151 | select HAVE_FAST_GUP |
af64d2aa | 152 | select HAVE_FTRACE_MCOUNT_RECORD |
819e50e2 | 153 | select HAVE_FUNCTION_TRACER |
42d038c4 | 154 | select HAVE_FUNCTION_ERROR_INJECTION |
819e50e2 | 155 | select HAVE_FUNCTION_GRAPH_TRACER |
6b90bd4b | 156 | select HAVE_GCC_PLUGINS |
8c2c3df3 | 157 | select HAVE_HW_BREAKPOINT if PERF_EVENTS |
24da208d | 158 | select HAVE_IRQ_TIME_ACCOUNTING |
1a2db300 | 159 | select HAVE_MEMBLOCK_NODE_MAP if NUMA |
396a5d4a | 160 | select HAVE_NMI |
55834a77 | 161 | select HAVE_PATA_PLATFORM |
8c2c3df3 | 162 | select HAVE_PERF_EVENTS |
2ee0d7fd JP |
163 | select HAVE_PERF_REGS |
164 | select HAVE_PERF_USER_STACK_DUMP | |
0a8ea52c | 165 | select HAVE_REGS_AND_STACK_ACCESS_API |
a823c35f | 166 | select HAVE_FUNCTION_ARG_ACCESS_API |
98346023 | 167 | select HAVE_FUTEX_CMPXCHG if FUTEX |
ff2e6d72 | 168 | select MMU_GATHER_RCU_TABLE_FREE |
409d5db4 | 169 | select HAVE_RSEQ |
d148eac0 | 170 | select HAVE_STACKPROTECTOR |
055b1212 | 171 | select HAVE_SYSCALL_TRACEPOINTS |
2dd0e8d2 | 172 | select HAVE_KPROBES |
cd1ee3b1 | 173 | select HAVE_KRETPROBES |
28b1a824 | 174 | select HAVE_GENERIC_VDSO |
876945db | 175 | select IOMMU_DMA if IOMMU_SUPPORT |
8c2c3df3 | 176 | select IRQ_DOMAIN |
e8557d1f | 177 | select IRQ_FORCED_THREADING |
fea2acaa | 178 | select MODULES_USE_ELF_RELA |
f616ab59 | 179 | select NEED_DMA_MAP_STATE |
86596f0a | 180 | select NEED_SG_DMA_LENGTH |
8c2c3df3 CM |
181 | select OF |
182 | select OF_EARLY_FLATTREE | |
2eac9c2d | 183 | select PCI_DOMAINS_GENERIC if PCI |
52146173 | 184 | select PCI_ECAM if (ACPI && PCI) |
20f1b79d | 185 | select PCI_SYSCALL if PCI |
aa1e8ec1 CM |
186 | select POWER_RESET |
187 | select POWER_SUPPLY | |
8c2c3df3 | 188 | select SPARSE_IRQ |
09230cbc | 189 | select SWIOTLB |
7ac57a89 | 190 | select SYSCTL_EXCEPTION_TRACE |
c02433dd | 191 | select THREAD_INFO_IN_TASK |
8c2c3df3 CM |
192 | help |
193 | ARM 64-bit (AArch64) Linux support. | |
194 | ||
195 | config 64BIT | |
196 | def_bool y | |
197 | ||
8c2c3df3 CM |
198 | config MMU |
199 | def_bool y | |
200 | ||
030c4d24 MR |
201 | config ARM64_PAGE_SHIFT |
202 | int | |
203 | default 16 if ARM64_64K_PAGES | |
204 | default 14 if ARM64_16K_PAGES | |
205 | default 12 | |
206 | ||
207 | config ARM64_CONT_SHIFT | |
208 | int | |
209 | default 5 if ARM64_64K_PAGES | |
210 | default 7 if ARM64_16K_PAGES | |
211 | default 4 | |
212 | ||
8f0d3aa9 DC |
213 | config ARCH_MMAP_RND_BITS_MIN |
214 | default 14 if ARM64_64K_PAGES | |
215 | default 16 if ARM64_16K_PAGES | |
216 | default 18 | |
217 | ||
218 | # max bits determined by the following formula: | |
219 | # VA_BITS - PAGE_SHIFT - 3 | |
220 | config ARCH_MMAP_RND_BITS_MAX | |
221 | default 19 if ARM64_VA_BITS=36 | |
222 | default 24 if ARM64_VA_BITS=39 | |
223 | default 27 if ARM64_VA_BITS=42 | |
224 | default 30 if ARM64_VA_BITS=47 | |
225 | default 29 if ARM64_VA_BITS=48 && ARM64_64K_PAGES | |
226 | default 31 if ARM64_VA_BITS=48 && ARM64_16K_PAGES | |
227 | default 33 if ARM64_VA_BITS=48 | |
228 | default 14 if ARM64_64K_PAGES | |
229 | default 16 if ARM64_16K_PAGES | |
230 | default 18 | |
231 | ||
232 | config ARCH_MMAP_RND_COMPAT_BITS_MIN | |
233 | default 7 if ARM64_64K_PAGES | |
234 | default 9 if ARM64_16K_PAGES | |
235 | default 11 | |
236 | ||
237 | config ARCH_MMAP_RND_COMPAT_BITS_MAX | |
238 | default 16 | |
239 | ||
ce816fa8 | 240 | config NO_IOPORT_MAP |
d1e6dc91 | 241 | def_bool y if !PCI |
8c2c3df3 CM |
242 | |
243 | config STACKTRACE_SUPPORT | |
244 | def_bool y | |
245 | ||
bf0c4e04 JVS |
246 | config ILLEGAL_POINTER_VALUE |
247 | hex | |
248 | default 0xdead000000000000 | |
249 | ||
8c2c3df3 CM |
250 | config LOCKDEP_SUPPORT |
251 | def_bool y | |
252 | ||
253 | config TRACE_IRQFLAGS_SUPPORT | |
254 | def_bool y | |
255 | ||
9fb7410f DM |
256 | config GENERIC_BUG |
257 | def_bool y | |
258 | depends on BUG | |
259 | ||
260 | config GENERIC_BUG_RELATIVE_POINTERS | |
261 | def_bool y | |
262 | depends on GENERIC_BUG | |
263 | ||
8c2c3df3 CM |
264 | config GENERIC_HWEIGHT |
265 | def_bool y | |
266 | ||
267 | config GENERIC_CSUM | |
268 | def_bool y | |
269 | ||
270 | config GENERIC_CALIBRATE_DELAY | |
271 | def_bool y | |
272 | ||
1a8e1cef NSJ |
273 | config ZONE_DMA |
274 | bool "Support DMA zone" if EXPERT | |
275 | default y | |
276 | ||
ad67f5a6 | 277 | config ZONE_DMA32 |
0c1f14ed MC |
278 | bool "Support DMA32 zone" if EXPERT |
279 | default y | |
8c2c3df3 | 280 | |
4ab21506 RM |
281 | config ARCH_ENABLE_MEMORY_HOTPLUG |
282 | def_bool y | |
283 | ||
4b3dc967 WD |
284 | config SMP |
285 | def_bool y | |
286 | ||
4cfb3613 AB |
287 | config KERNEL_MODE_NEON |
288 | def_bool y | |
289 | ||
92cc15fc RH |
290 | config FIX_EARLYCON_MEM |
291 | def_bool y | |
292 | ||
9f25e6ad KS |
293 | config PGTABLE_LEVELS |
294 | int | |
21539939 | 295 | default 2 if ARM64_16K_PAGES && ARM64_VA_BITS_36 |
9f25e6ad | 296 | default 2 if ARM64_64K_PAGES && ARM64_VA_BITS_42 |
b6d00d47 | 297 | default 3 if ARM64_64K_PAGES && (ARM64_VA_BITS_48 || ARM64_VA_BITS_52) |
9f25e6ad | 298 | default 3 if ARM64_4K_PAGES && ARM64_VA_BITS_39 |
44eaacf1 SP |
299 | default 3 if ARM64_16K_PAGES && ARM64_VA_BITS_47 |
300 | default 4 if !ARM64_64K_PAGES && ARM64_VA_BITS_48 | |
9f25e6ad | 301 | |
9842ceae PA |
302 | config ARCH_SUPPORTS_UPROBES |
303 | def_bool y | |
304 | ||
8f360948 AB |
305 | config ARCH_PROC_KCORE_TEXT |
306 | def_bool y | |
307 | ||
8bf9284d VM |
308 | config BROKEN_GAS_INST |
309 | def_bool !$(as-instr,1:\n.inst 0\n.rept . - 1b\n\nnop\n.endr\n) | |
310 | ||
6bd1d0be SC |
311 | config KASAN_SHADOW_OFFSET |
312 | hex | |
313 | depends on KASAN | |
b6d00d47 | 314 | default 0xdfffa00000000000 if (ARM64_VA_BITS_48 || ARM64_VA_BITS_52) && !KASAN_SW_TAGS |
6bd1d0be SC |
315 | default 0xdfffd00000000000 if ARM64_VA_BITS_47 && !KASAN_SW_TAGS |
316 | default 0xdffffe8000000000 if ARM64_VA_BITS_42 && !KASAN_SW_TAGS | |
317 | default 0xdfffffd000000000 if ARM64_VA_BITS_39 && !KASAN_SW_TAGS | |
318 | default 0xdffffffa00000000 if ARM64_VA_BITS_36 && !KASAN_SW_TAGS | |
b6d00d47 | 319 | default 0xefff900000000000 if (ARM64_VA_BITS_48 || ARM64_VA_BITS_52) && KASAN_SW_TAGS |
6bd1d0be SC |
320 | default 0xefffc80000000000 if ARM64_VA_BITS_47 && KASAN_SW_TAGS |
321 | default 0xeffffe4000000000 if ARM64_VA_BITS_42 && KASAN_SW_TAGS | |
322 | default 0xefffffc800000000 if ARM64_VA_BITS_39 && KASAN_SW_TAGS | |
323 | default 0xeffffff900000000 if ARM64_VA_BITS_36 && KASAN_SW_TAGS | |
324 | default 0xffffffffffffffff | |
325 | ||
6a377491 | 326 | source "arch/arm64/Kconfig.platforms" |
8c2c3df3 | 327 | |
8c2c3df3 CM |
328 | menu "Kernel Features" |
329 | ||
c0a01b84 AP |
330 | menu "ARM errata workarounds via the alternatives framework" |
331 | ||
c9460dcb | 332 | config ARM64_WORKAROUND_CLEAN_CACHE |
bc15cf70 | 333 | bool |
c9460dcb | 334 | |
c0a01b84 AP |
335 | config ARM64_ERRATUM_826319 |
336 | bool "Cortex-A53: 826319: System might deadlock if a write cannot complete until read data is accepted" | |
337 | default y | |
c9460dcb | 338 | select ARM64_WORKAROUND_CLEAN_CACHE |
c0a01b84 AP |
339 | help |
340 | This option adds an alternative code sequence to work around ARM | |
341 | erratum 826319 on Cortex-A53 parts up to r0p2 with an AMBA 4 ACE or | |
342 | AXI master interface and an L2 cache. | |
343 | ||
344 | If a Cortex-A53 uses an AMBA AXI4 ACE interface to other processors | |
345 | and is unable to accept a certain write via this interface, it will | |
346 | not progress on read data presented on the read data channel and the | |
347 | system can deadlock. | |
348 | ||
349 | The workaround promotes data cache clean instructions to | |
350 | data cache clean-and-invalidate. | |
351 | Please note that this does not necessarily enable the workaround, | |
352 | as it depends on the alternative framework, which will only patch | |
353 | the kernel if an affected CPU is detected. | |
354 | ||
355 | If unsure, say Y. | |
356 | ||
357 | config ARM64_ERRATUM_827319 | |
358 | bool "Cortex-A53: 827319: Data cache clean instructions might cause overlapping transactions to the interconnect" | |
359 | default y | |
c9460dcb | 360 | select ARM64_WORKAROUND_CLEAN_CACHE |
c0a01b84 AP |
361 | help |
362 | This option adds an alternative code sequence to work around ARM | |
363 | erratum 827319 on Cortex-A53 parts up to r0p2 with an AMBA 5 CHI | |
364 | master interface and an L2 cache. | |
365 | ||
366 | Under certain conditions this erratum can cause a clean line eviction | |
367 | to occur at the same time as another transaction to the same address | |
368 | on the AMBA 5 CHI interface, which can cause data corruption if the | |
369 | interconnect reorders the two transactions. | |
370 | ||
371 | The workaround promotes data cache clean instructions to | |
372 | data cache clean-and-invalidate. | |
373 | Please note that this does not necessarily enable the workaround, | |
374 | as it depends on the alternative framework, which will only patch | |
375 | the kernel if an affected CPU is detected. | |
376 | ||
377 | If unsure, say Y. | |
378 | ||
379 | config ARM64_ERRATUM_824069 | |
380 | bool "Cortex-A53: 824069: Cache line might not be marked as clean after a CleanShared snoop" | |
381 | default y | |
c9460dcb | 382 | select ARM64_WORKAROUND_CLEAN_CACHE |
c0a01b84 AP |
383 | help |
384 | This option adds an alternative code sequence to work around ARM | |
385 | erratum 824069 on Cortex-A53 parts up to r0p2 when it is connected | |
386 | to a coherent interconnect. | |
387 | ||
388 | If a Cortex-A53 processor is executing a store or prefetch for | |
389 | write instruction at the same time as a processor in another | |
390 | cluster is executing a cache maintenance operation to the same | |
391 | address, then this erratum might cause a clean cache line to be | |
392 | incorrectly marked as dirty. | |
393 | ||
394 | The workaround promotes data cache clean instructions to | |
395 | data cache clean-and-invalidate. | |
396 | Please note that this option does not necessarily enable the | |
397 | workaround, as it depends on the alternative framework, which will | |
398 | only patch the kernel if an affected CPU is detected. | |
399 | ||
400 | If unsure, say Y. | |
401 | ||
402 | config ARM64_ERRATUM_819472 | |
403 | bool "Cortex-A53: 819472: Store exclusive instructions might cause data corruption" | |
404 | default y | |
c9460dcb | 405 | select ARM64_WORKAROUND_CLEAN_CACHE |
c0a01b84 AP |
406 | help |
407 | This option adds an alternative code sequence to work around ARM | |
408 | erratum 819472 on Cortex-A53 parts up to r0p1 with an L2 cache | |
409 | present when it is connected to a coherent interconnect. | |
410 | ||
411 | If the processor is executing a load and store exclusive sequence at | |
412 | the same time as a processor in another cluster is executing a cache | |
413 | maintenance operation to the same address, then this erratum might | |
414 | cause data corruption. | |
415 | ||
416 | The workaround promotes data cache clean instructions to | |
417 | data cache clean-and-invalidate. | |
418 | Please note that this does not necessarily enable the workaround, | |
419 | as it depends on the alternative framework, which will only patch | |
420 | the kernel if an affected CPU is detected. | |
421 | ||
422 | If unsure, say Y. | |
423 | ||
424 | config ARM64_ERRATUM_832075 | |
425 | bool "Cortex-A57: 832075: possible deadlock on mixing exclusive memory accesses with device loads" | |
426 | default y | |
427 | help | |
428 | This option adds an alternative code sequence to work around ARM | |
429 | erratum 832075 on Cortex-A57 parts up to r1p2. | |
430 | ||
431 | Affected Cortex-A57 parts might deadlock when exclusive load/store | |
432 | instructions to Write-Back memory are mixed with Device loads. | |
433 | ||
434 | The workaround is to promote device loads to use Load-Acquire | |
435 | semantics. | |
436 | Please note that this does not necessarily enable the workaround, | |
498cd5c3 MZ |
437 | as it depends on the alternative framework, which will only patch |
438 | the kernel if an affected CPU is detected. | |
439 | ||
440 | If unsure, say Y. | |
441 | ||
442 | config ARM64_ERRATUM_834220 | |
443 | bool "Cortex-A57: 834220: Stage 2 translation fault might be incorrectly reported in presence of a Stage 1 fault" | |
444 | depends on KVM | |
445 | default y | |
446 | help | |
447 | This option adds an alternative code sequence to work around ARM | |
448 | erratum 834220 on Cortex-A57 parts up to r1p2. | |
449 | ||
450 | Affected Cortex-A57 parts might report a Stage 2 translation | |
451 | fault as the result of a Stage 1 fault for load crossing a | |
452 | page boundary when there is a permission or device memory | |
453 | alignment fault at Stage 1 and a translation fault at Stage 2. | |
454 | ||
455 | The workaround is to verify that the Stage 1 translation | |
456 | doesn't generate a fault before handling the Stage 2 fault. | |
457 | Please note that this does not necessarily enable the workaround, | |
c0a01b84 AP |
458 | as it depends on the alternative framework, which will only patch |
459 | the kernel if an affected CPU is detected. | |
460 | ||
461 | If unsure, say Y. | |
462 | ||
905e8c5d WD |
463 | config ARM64_ERRATUM_845719 |
464 | bool "Cortex-A53: 845719: a load might read incorrect data" | |
465 | depends on COMPAT | |
466 | default y | |
467 | help | |
468 | This option adds an alternative code sequence to work around ARM | |
469 | erratum 845719 on Cortex-A53 parts up to r0p4. | |
470 | ||
471 | When running a compat (AArch32) userspace on an affected Cortex-A53 | |
472 | part, a load at EL0 from a virtual address that matches the bottom 32 | |
473 | bits of the virtual address used by a recent load at (AArch64) EL1 | |
474 | might return incorrect data. | |
475 | ||
476 | The workaround is to write the contextidr_el1 register on exception | |
477 | return to a 32-bit task. | |
478 | Please note that this does not necessarily enable the workaround, | |
479 | as it depends on the alternative framework, which will only patch | |
480 | the kernel if an affected CPU is detected. | |
481 | ||
482 | If unsure, say Y. | |
483 | ||
df057cc7 WD |
484 | config ARM64_ERRATUM_843419 |
485 | bool "Cortex-A53: 843419: A load or store might access an incorrect address" | |
df057cc7 | 486 | default y |
a257e025 | 487 | select ARM64_MODULE_PLTS if MODULES |
df057cc7 | 488 | help |
6ffe9923 | 489 | This option links the kernel with '--fix-cortex-a53-843419' and |
a257e025 AB |
490 | enables PLT support to replace certain ADRP instructions, which can |
491 | cause subsequent memory accesses to use an incorrect address on | |
492 | Cortex-A53 parts up to r0p4. | |
df057cc7 WD |
493 | |
494 | If unsure, say Y. | |
495 | ||
ece1397c SP |
496 | config ARM64_ERRATUM_1024718 |
497 | bool "Cortex-A55: 1024718: Update of DBM/AP bits without break before make might result in incorrect update" | |
498 | default y | |
499 | help | |
bc15cf70 | 500 | This option adds a workaround for ARM Cortex-A55 Erratum 1024718. |
ece1397c SP |
501 | |
502 | Affected Cortex-A55 cores (r0p0, r0p1, r1p0) could cause incorrect | |
503 | update of the hardware dirty bit when the DBM/AP bits are updated | |
bc15cf70 | 504 | without a break-before-make. The workaround is to disable the usage |
ece1397c | 505 | of hardware DBM locally on the affected cores. CPUs not affected by |
bc15cf70 | 506 | this erratum will continue to use the feature. |
df057cc7 WD |
507 | |
508 | If unsure, say Y. | |
509 | ||
a5325089 | 510 | config ARM64_ERRATUM_1418040 |
6989303a | 511 | bool "Cortex-A76/Neoverse-N1: MRC read following MRRC read of specific Generic Timer in AArch32 might give incorrect result" |
95b861a4 | 512 | default y |
c2b5bba3 | 513 | depends on COMPAT |
95b861a4 | 514 | help |
24cf262d | 515 | This option adds a workaround for ARM Cortex-A76/Neoverse-N1 |
a5325089 | 516 | errata 1188873 and 1418040. |
95b861a4 | 517 | |
a5325089 | 518 | Affected Cortex-A76/Neoverse-N1 cores (r0p0 to r3p1) could |
6989303a MZ |
519 | cause register corruption when accessing the timer registers |
520 | from AArch32 userspace. | |
95b861a4 MZ |
521 | |
522 | If unsure, say Y. | |
523 | ||
e85d68fa SP |
524 | config ARM64_WORKAROUND_SPECULATIVE_AT_VHE |
525 | bool | |
526 | ||
a457b0f7 MZ |
527 | config ARM64_ERRATUM_1165522 |
528 | bool "Cortex-A76: Speculative AT instruction using out-of-context translation regime could cause subsequent request to generate an incorrect translation" | |
529 | default y | |
e85d68fa | 530 | select ARM64_WORKAROUND_SPECULATIVE_AT_VHE |
a457b0f7 | 531 | help |
bc15cf70 | 532 | This option adds a workaround for ARM Cortex-A76 erratum 1165522. |
a457b0f7 MZ |
533 | |
534 | Affected Cortex-A76 cores (r0p0, r1p0, r2p0) could end-up with | |
535 | corrupted TLBs by speculating an AT instruction during a guest | |
536 | context switch. | |
537 | ||
538 | If unsure, say Y. | |
539 | ||
275fa0ea SP |
540 | config ARM64_ERRATUM_1530923 |
541 | bool "Cortex-A55: Speculative AT instruction using out-of-context translation regime could cause subsequent request to generate an incorrect translation" | |
542 | default y | |
543 | select ARM64_WORKAROUND_SPECULATIVE_AT_VHE | |
544 | help | |
545 | This option adds a workaround for ARM Cortex-A55 erratum 1530923. | |
546 | ||
547 | Affected Cortex-A55 cores (r0p0, r0p1, r1p0, r2p0) could end-up with | |
548 | corrupted TLBs by speculating an AT instruction during a guest | |
549 | context switch. | |
550 | ||
551 | If unsure, say Y. | |
a457b0f7 | 552 | |
ce8c80c5 CM |
553 | config ARM64_ERRATUM_1286807 |
554 | bool "Cortex-A76: Modification of the translation table for a virtual address might lead to read-after-read ordering violation" | |
555 | default y | |
556 | select ARM64_WORKAROUND_REPEAT_TLBI | |
557 | help | |
bc15cf70 | 558 | This option adds a workaround for ARM Cortex-A76 erratum 1286807. |
ce8c80c5 CM |
559 | |
560 | On the affected Cortex-A76 cores (r0p0 to r3p0), if a virtual | |
561 | address for a cacheable mapping of a location is being | |
562 | accessed by a core while another core is remapping the virtual | |
563 | address to a new physical page using the recommended | |
564 | break-before-make sequence, then under very rare circumstances | |
565 | TLBI+DSB completes before a read using the translation being | |
566 | invalidated has been observed by other observers. The | |
567 | workaround repeats the TLBI+DSB operation. | |
568 | ||
db0d46a5 SP |
569 | config ARM64_WORKAROUND_SPECULATIVE_AT_NVHE |
570 | bool | |
571 | ||
c2cc62d8 MZ |
572 | config ARM64_ERRATUM_1319367 |
573 | bool "Cortex-A57/A72: Speculative AT instruction using out-of-context translation regime could cause subsequent request to generate an incorrect translation" | |
574 | default y | |
db0d46a5 | 575 | select ARM64_WORKAROUND_SPECULATIVE_AT_NVHE |
c2cc62d8 MZ |
576 | help |
577 | This option adds work arounds for ARM Cortex-A57 erratum 1319537 | |
578 | and A72 erratum 1319367 | |
579 | ||
580 | Cortex-A57 and A72 cores could end-up with corrupted TLBs by | |
581 | speculating an AT instruction during a guest context switch. | |
582 | ||
ce8c80c5 CM |
583 | If unsure, say Y. |
584 | ||
969f5ea6 WD |
585 | config ARM64_ERRATUM_1463225 |
586 | bool "Cortex-A76: Software Step might prevent interrupt recognition" | |
587 | default y | |
588 | help | |
589 | This option adds a workaround for Arm Cortex-A76 erratum 1463225. | |
590 | ||
591 | On the affected Cortex-A76 cores (r0p0 to r3p1), software stepping | |
592 | of a system call instruction (SVC) can prevent recognition of | |
593 | subsequent interrupts when software stepping is disabled in the | |
594 | exception handler of the system call and either kernel debugging | |
595 | is enabled or VHE is in use. | |
596 | ||
597 | Work around the erratum by triggering a dummy step exception | |
598 | when handling a system call from a task that is being stepped | |
599 | in a VHE configuration of the kernel. | |
600 | ||
601 | If unsure, say Y. | |
602 | ||
05460849 JM |
603 | config ARM64_ERRATUM_1542419 |
604 | bool "Neoverse-N1: workaround mis-ordering of instruction fetches" | |
605 | default y | |
606 | help | |
607 | This option adds a workaround for ARM Neoverse-N1 erratum | |
608 | 1542419. | |
609 | ||
610 | Affected Neoverse-N1 cores could execute a stale instruction when | |
611 | modified by another CPU. The workaround depends on a firmware | |
612 | counterpart. | |
613 | ||
614 | Workaround the issue by hiding the DIC feature from EL0. This | |
615 | forces user-space to perform cache maintenance. | |
616 | ||
617 | If unsure, say Y. | |
618 | ||
94100970 RR |
619 | config CAVIUM_ERRATUM_22375 |
620 | bool "Cavium erratum 22375, 24313" | |
621 | default y | |
622 | help | |
bc15cf70 | 623 | Enable workaround for errata 22375 and 24313. |
94100970 RR |
624 | |
625 | This implements two gicv3-its errata workarounds for ThunderX. Both | |
bc15cf70 | 626 | with a small impact affecting only ITS table allocation. |
94100970 RR |
627 | |
628 | erratum 22375: only alloc 8MB table size | |
629 | erratum 24313: ignore memory access type | |
630 | ||
631 | The fixes are in ITS initialization and basically ignore memory access | |
632 | type and table size provided by the TYPER and BASER registers. | |
633 | ||
634 | If unsure, say Y. | |
635 | ||
fbf8f40e GK |
636 | config CAVIUM_ERRATUM_23144 |
637 | bool "Cavium erratum 23144: ITS SYNC hang on dual socket system" | |
638 | depends on NUMA | |
639 | default y | |
640 | help | |
641 | ITS SYNC command hang for cross node io and collections/cpu mapping. | |
642 | ||
643 | If unsure, say Y. | |
644 | ||
6d4e11c5 RR |
645 | config CAVIUM_ERRATUM_23154 |
646 | bool "Cavium erratum 23154: Access to ICC_IAR1_EL1 is not sync'ed" | |
647 | default y | |
648 | help | |
649 | The gicv3 of ThunderX requires a modified version for | |
650 | reading the IAR status to ensure data synchronization | |
651 | (access to icc_iar1_el1 is not sync'ed before and after). | |
652 | ||
653 | If unsure, say Y. | |
654 | ||
104a0c02 AP |
655 | config CAVIUM_ERRATUM_27456 |
656 | bool "Cavium erratum 27456: Broadcast TLBI instructions may cause icache corruption" | |
657 | default y | |
658 | help | |
659 | On ThunderX T88 pass 1.x through 2.1 parts, broadcast TLBI | |
660 | instructions may cause the icache to become corrupted if it | |
661 | contains data for a non-current ASID. The fix is to | |
662 | invalidate the icache when changing the mm context. | |
663 | ||
664 | If unsure, say Y. | |
665 | ||
690a3415 DD |
666 | config CAVIUM_ERRATUM_30115 |
667 | bool "Cavium erratum 30115: Guest may disable interrupts in host" | |
668 | default y | |
669 | help | |
670 | On ThunderX T88 pass 1.x through 2.2, T81 pass 1.0 through | |
671 | 1.2, and T83 Pass 1.0, KVM guest execution may disable | |
672 | interrupts in host. Trapping both GICv3 group-0 and group-1 | |
673 | accesses sidesteps the issue. | |
674 | ||
675 | If unsure, say Y. | |
676 | ||
603afdc9 MZ |
677 | config CAVIUM_TX2_ERRATUM_219 |
678 | bool "Cavium ThunderX2 erratum 219: PRFM between TTBR change and ISB fails" | |
679 | default y | |
680 | help | |
681 | On Cavium ThunderX2, a load, store or prefetch instruction between a | |
682 | TTBR update and the corresponding context synchronizing operation can | |
683 | cause a spurious Data Abort to be delivered to any hardware thread in | |
684 | the CPU core. | |
685 | ||
686 | Work around the issue by avoiding the problematic code sequence and | |
687 | trapping KVM guest TTBRx_EL1 writes to EL2 when SMT is enabled. The | |
688 | trap handler performs the corresponding register access, skips the | |
689 | instruction and ensures context synchronization by virtue of the | |
690 | exception return. | |
691 | ||
692 | If unsure, say Y. | |
693 | ||
38fd94b0 CC |
694 | config QCOM_FALKOR_ERRATUM_1003 |
695 | bool "Falkor E1003: Incorrect translation due to ASID change" | |
696 | default y | |
38fd94b0 CC |
697 | help |
698 | On Falkor v1, an incorrect ASID may be cached in the TLB when ASID | |
d1777e68 WD |
699 | and BADDR are changed together in TTBRx_EL1. Since we keep the ASID |
700 | in TTBR1_EL1, this situation only occurs in the entry trampoline and | |
701 | then only for entries in the walk cache, since the leaf translation | |
702 | is unchanged. Work around the erratum by invalidating the walk cache | |
703 | entries for the trampoline before entering the kernel proper. | |
38fd94b0 | 704 | |
ce8c80c5 CM |
705 | config ARM64_WORKAROUND_REPEAT_TLBI |
706 | bool | |
ce8c80c5 | 707 | |
d9ff80f8 CC |
708 | config QCOM_FALKOR_ERRATUM_1009 |
709 | bool "Falkor E1009: Prematurely complete a DSB after a TLBI" | |
710 | default y | |
ce8c80c5 | 711 | select ARM64_WORKAROUND_REPEAT_TLBI |
d9ff80f8 CC |
712 | help |
713 | On Falkor v1, the CPU may prematurely complete a DSB following a | |
714 | TLBI xxIS invalidate maintenance operation. Repeat the TLBI operation | |
715 | one more time to fix the issue. | |
716 | ||
717 | If unsure, say Y. | |
718 | ||
90922a2d SD |
719 | config QCOM_QDF2400_ERRATUM_0065 |
720 | bool "QDF2400 E0065: Incorrect GITS_TYPER.ITT_Entry_size" | |
721 | default y | |
722 | help | |
723 | On Qualcomm Datacenter Technologies QDF2400 SoC, ITS hardware reports | |
724 | ITE size incorrectly. The GITS_TYPER.ITT_Entry_size field should have | |
725 | been indicated as 16Bytes (0xf), not 8Bytes (0x7). | |
726 | ||
727 | If unsure, say Y. | |
728 | ||
558b0165 AB |
729 | config SOCIONEXT_SYNQUACER_PREITS |
730 | bool "Socionext Synquacer: Workaround for GICv3 pre-ITS" | |
731 | default y | |
732 | help | |
733 | Socionext Synquacer SoCs implement a separate h/w block to generate | |
734 | MSI doorbell writes with non-zero values for the device ID. | |
735 | ||
5c9a882e MZ |
736 | If unsure, say Y. |
737 | ||
738 | config HISILICON_ERRATUM_161600802 | |
739 | bool "Hip07 161600802: Erroneous redistributor VLPI base" | |
740 | default y | |
741 | help | |
bc15cf70 | 742 | The HiSilicon Hip07 SoC uses the wrong redistributor base |
5c9a882e MZ |
743 | when issued ITS commands such as VMOVP and VMAPP, and requires |
744 | a 128kB offset to be applied to the target address in this commands. | |
745 | ||
558b0165 | 746 | If unsure, say Y. |
932b50c7 SD |
747 | |
748 | config QCOM_FALKOR_ERRATUM_E1041 | |
749 | bool "Falkor E1041: Speculative instruction fetches might cause errant memory access" | |
750 | default y | |
751 | help | |
752 | Falkor CPU may speculatively fetch instructions from an improper | |
753 | memory location when MMU translation is changed from SCTLR_ELn[M]=1 | |
754 | to SCTLR_ELn[M]=0. Prefix an ISB instruction to fix the problem. | |
755 | ||
756 | If unsure, say Y. | |
757 | ||
3e32131a ZL |
758 | config FUJITSU_ERRATUM_010001 |
759 | bool "Fujitsu-A64FX erratum E#010001: Undefined fault may occur wrongly" | |
760 | default y | |
761 | help | |
bc15cf70 | 762 | This option adds a workaround for Fujitsu-A64FX erratum E#010001. |
3e32131a ZL |
763 | On some variants of the Fujitsu-A64FX cores ver(1.0, 1.1), memory |
764 | accesses may cause undefined fault (Data abort, DFSC=0b111111). | |
765 | This fault occurs under a specific hardware condition when a | |
766 | load/store instruction performs an address translation using: | |
767 | case-1 TTBR0_EL1 with TCR_EL1.NFD0 == 1. | |
768 | case-2 TTBR0_EL2 with TCR_EL2.NFD0 == 1. | |
769 | case-3 TTBR1_EL1 with TCR_EL1.NFD1 == 1. | |
770 | case-4 TTBR1_EL2 with TCR_EL2.NFD1 == 1. | |
771 | ||
772 | The workaround is to ensure these bits are clear in TCR_ELx. | |
bc15cf70 | 773 | The workaround only affects the Fujitsu-A64FX. |
3e32131a ZL |
774 | |
775 | If unsure, say Y. | |
776 | ||
c0a01b84 AP |
777 | endmenu |
778 | ||
779 | ||
e41ceed0 JL |
780 | choice |
781 | prompt "Page size" | |
782 | default ARM64_4K_PAGES | |
783 | help | |
784 | Page size (translation granule) configuration. | |
785 | ||
786 | config ARM64_4K_PAGES | |
787 | bool "4KB" | |
788 | help | |
789 | This feature enables 4KB pages support. | |
790 | ||
44eaacf1 SP |
791 | config ARM64_16K_PAGES |
792 | bool "16KB" | |
793 | help | |
794 | The system will use 16KB pages support. AArch32 emulation | |
795 | requires applications compiled with 16K (or a multiple of 16K) | |
796 | aligned segments. | |
797 | ||
8c2c3df3 | 798 | config ARM64_64K_PAGES |
e41ceed0 | 799 | bool "64KB" |
8c2c3df3 CM |
800 | help |
801 | This feature enables 64KB pages support (4KB by default) | |
802 | allowing only two levels of page tables and faster TLB | |
db488be3 SP |
803 | look-up. AArch32 emulation requires applications compiled |
804 | with 64K aligned segments. | |
8c2c3df3 | 805 | |
e41ceed0 JL |
806 | endchoice |
807 | ||
808 | choice | |
809 | prompt "Virtual address space size" | |
810 | default ARM64_VA_BITS_39 if ARM64_4K_PAGES | |
44eaacf1 | 811 | default ARM64_VA_BITS_47 if ARM64_16K_PAGES |
e41ceed0 JL |
812 | default ARM64_VA_BITS_42 if ARM64_64K_PAGES |
813 | help | |
814 | Allows choosing one of multiple possible virtual address | |
815 | space sizes. The level of translation table is determined by | |
816 | a combination of page size and virtual address space size. | |
817 | ||
21539939 | 818 | config ARM64_VA_BITS_36 |
56a3f30e | 819 | bool "36-bit" if EXPERT |
21539939 SP |
820 | depends on ARM64_16K_PAGES |
821 | ||
e41ceed0 JL |
822 | config ARM64_VA_BITS_39 |
823 | bool "39-bit" | |
824 | depends on ARM64_4K_PAGES | |
825 | ||
826 | config ARM64_VA_BITS_42 | |
827 | bool "42-bit" | |
828 | depends on ARM64_64K_PAGES | |
829 | ||
44eaacf1 SP |
830 | config ARM64_VA_BITS_47 |
831 | bool "47-bit" | |
832 | depends on ARM64_16K_PAGES | |
833 | ||
c79b954b JL |
834 | config ARM64_VA_BITS_48 |
835 | bool "48-bit" | |
c79b954b | 836 | |
b6d00d47 SC |
837 | config ARM64_VA_BITS_52 |
838 | bool "52-bit" | |
68d23da4 WD |
839 | depends on ARM64_64K_PAGES && (ARM64_PAN || !ARM64_SW_TTBR0_PAN) |
840 | help | |
841 | Enable 52-bit virtual addressing for userspace when explicitly | |
b6d00d47 SC |
842 | requested via a hint to mmap(). The kernel will also use 52-bit |
843 | virtual addresses for its own mappings (provided HW support for | |
844 | this feature is available, otherwise it reverts to 48-bit). | |
68d23da4 WD |
845 | |
846 | NOTE: Enabling 52-bit virtual addressing in conjunction with | |
847 | ARMv8.3 Pointer Authentication will result in the PAC being | |
848 | reduced from 7 bits to 3 bits, which may have a significant | |
849 | impact on its susceptibility to brute-force attacks. | |
850 | ||
851 | If unsure, select 48-bit virtual addressing instead. | |
852 | ||
e41ceed0 JL |
853 | endchoice |
854 | ||
68d23da4 WD |
855 | config ARM64_FORCE_52BIT |
856 | bool "Force 52-bit virtual addresses for userspace" | |
b6d00d47 | 857 | depends on ARM64_VA_BITS_52 && EXPERT |
68d23da4 WD |
858 | help |
859 | For systems with 52-bit userspace VAs enabled, the kernel will attempt | |
860 | to maintain compatibility with older software by providing 48-bit VAs | |
861 | unless a hint is supplied to mmap. | |
862 | ||
863 | This configuration option disables the 48-bit compatibility logic, and | |
864 | forces all userspace addresses to be 52-bit on HW that supports it. One | |
865 | should only enable this configuration option for stress testing userspace | |
866 | memory management code. If unsure say N here. | |
867 | ||
e41ceed0 JL |
868 | config ARM64_VA_BITS |
869 | int | |
21539939 | 870 | default 36 if ARM64_VA_BITS_36 |
e41ceed0 JL |
871 | default 39 if ARM64_VA_BITS_39 |
872 | default 42 if ARM64_VA_BITS_42 | |
44eaacf1 | 873 | default 47 if ARM64_VA_BITS_47 |
b6d00d47 SC |
874 | default 48 if ARM64_VA_BITS_48 |
875 | default 52 if ARM64_VA_BITS_52 | |
e41ceed0 | 876 | |
982aa7c5 KM |
877 | choice |
878 | prompt "Physical address space size" | |
879 | default ARM64_PA_BITS_48 | |
880 | help | |
881 | Choose the maximum physical address range that the kernel will | |
882 | support. | |
883 | ||
884 | config ARM64_PA_BITS_48 | |
885 | bool "48-bit" | |
886 | ||
f77d2817 KM |
887 | config ARM64_PA_BITS_52 |
888 | bool "52-bit (ARMv8.2)" | |
889 | depends on ARM64_64K_PAGES | |
890 | depends on ARM64_PAN || !ARM64_SW_TTBR0_PAN | |
891 | help | |
892 | Enable support for a 52-bit physical address space, introduced as | |
893 | part of the ARMv8.2-LPA extension. | |
894 | ||
895 | With this enabled, the kernel will also continue to work on CPUs that | |
896 | do not support ARMv8.2-LPA, but with some added memory overhead (and | |
897 | minor performance overhead). | |
898 | ||
982aa7c5 KM |
899 | endchoice |
900 | ||
901 | config ARM64_PA_BITS | |
902 | int | |
903 | default 48 if ARM64_PA_BITS_48 | |
f77d2817 | 904 | default 52 if ARM64_PA_BITS_52 |
982aa7c5 | 905 | |
d8e85e14 AR |
906 | choice |
907 | prompt "Endianness" | |
908 | default CPU_LITTLE_ENDIAN | |
909 | help | |
910 | Select the endianness of data accesses performed by the CPU. Userspace | |
911 | applications will need to be compiled and linked for the endianness | |
912 | that is selected here. | |
913 | ||
a872013d WD |
914 | config CPU_BIG_ENDIAN |
915 | bool "Build big-endian kernel" | |
916 | help | |
d8e85e14 AR |
917 | Say Y if you plan on running a kernel with a big-endian userspace. |
918 | ||
919 | config CPU_LITTLE_ENDIAN | |
920 | bool "Build little-endian kernel" | |
921 | help | |
922 | Say Y if you plan on running a kernel with a little-endian userspace. | |
923 | This is usually the case for distributions targeting arm64. | |
924 | ||
925 | endchoice | |
a872013d | 926 | |
f6e763b9 MB |
927 | config SCHED_MC |
928 | bool "Multi-core scheduler support" | |
f6e763b9 MB |
929 | help |
930 | Multi-core scheduler support improves the CPU scheduler's decision | |
931 | making when dealing with multi-core CPU chips at a cost of slightly | |
932 | increased overhead in some places. If unsure say N here. | |
933 | ||
934 | config SCHED_SMT | |
935 | bool "SMT scheduler support" | |
f6e763b9 MB |
936 | help |
937 | Improves the CPU scheduler's decision making when dealing with | |
938 | MultiThreading at a cost of slightly increased overhead in some | |
939 | places. If unsure say N here. | |
940 | ||
8c2c3df3 | 941 | config NR_CPUS |
62aa9655 GK |
942 | int "Maximum number of CPUs (2-4096)" |
943 | range 2 4096 | |
846a415b | 944 | default "256" |
8c2c3df3 | 945 | |
9327e2c6 MR |
946 | config HOTPLUG_CPU |
947 | bool "Support for hot-pluggable CPUs" | |
217d453d | 948 | select GENERIC_IRQ_MIGRATION |
9327e2c6 MR |
949 | help |
950 | Say Y here to experiment with turning CPUs off and on. CPUs | |
951 | can be controlled through /sys/devices/system/cpu. | |
952 | ||
1a2db300 GK |
953 | # Common NUMA Features |
954 | config NUMA | |
955 | bool "Numa Memory Allocation and Scheduler Support" | |
0c2a6cce KW |
956 | select ACPI_NUMA if ACPI |
957 | select OF_NUMA | |
1a2db300 GK |
958 | help |
959 | Enable NUMA (Non Uniform Memory Access) support. | |
960 | ||
961 | The kernel will try to allocate memory used by a CPU on the | |
962 | local memory of the CPU and add some more | |
963 | NUMA awareness to the kernel. | |
964 | ||
965 | config NODES_SHIFT | |
966 | int "Maximum NUMA Nodes (as a power of 2)" | |
967 | range 1 10 | |
968 | default "2" | |
969 | depends on NEED_MULTIPLE_NODES | |
970 | help | |
971 | Specify the maximum number of NUMA Nodes available on the target | |
972 | system. Increases memory reserved to accommodate various tables. | |
973 | ||
974 | config USE_PERCPU_NUMA_NODE_ID | |
975 | def_bool y | |
976 | depends on NUMA | |
977 | ||
7af3a0a9 ZL |
978 | config HAVE_SETUP_PER_CPU_AREA |
979 | def_bool y | |
980 | depends on NUMA | |
981 | ||
982 | config NEED_PER_CPU_EMBED_FIRST_CHUNK | |
983 | def_bool y | |
984 | depends on NUMA | |
985 | ||
6d526ee2 AB |
986 | config HOLES_IN_ZONE |
987 | def_bool y | |
6d526ee2 | 988 | |
8636a1f9 | 989 | source "kernel/Kconfig.hz" |
8c2c3df3 | 990 | |
83863f25 LA |
991 | config ARCH_SUPPORTS_DEBUG_PAGEALLOC |
992 | def_bool y | |
993 | ||
8c2c3df3 CM |
994 | config ARCH_SPARSEMEM_ENABLE |
995 | def_bool y | |
996 | select SPARSEMEM_VMEMMAP_ENABLE | |
997 | ||
998 | config ARCH_SPARSEMEM_DEFAULT | |
999 | def_bool ARCH_SPARSEMEM_ENABLE | |
1000 | ||
1001 | config ARCH_SELECT_MEMORY_MODEL | |
1002 | def_bool ARCH_SPARSEMEM_ENABLE | |
1003 | ||
e7d4bac4 | 1004 | config ARCH_FLATMEM_ENABLE |
54501ac1 | 1005 | def_bool !NUMA |
e7d4bac4 | 1006 | |
8c2c3df3 | 1007 | config HAVE_ARCH_PFN_VALID |
8a695a58 | 1008 | def_bool y |
8c2c3df3 CM |
1009 | |
1010 | config HW_PERF_EVENTS | |
6475b2d8 MR |
1011 | def_bool y |
1012 | depends on ARM_PMU | |
8c2c3df3 | 1013 | |
084bd298 SC |
1014 | config SYS_SUPPORTS_HUGETLBFS |
1015 | def_bool y | |
1016 | ||
084bd298 | 1017 | config ARCH_WANT_HUGE_PMD_SHARE |
084bd298 | 1018 | |
a41dc0e8 CM |
1019 | config ARCH_HAS_CACHE_LINE_SIZE |
1020 | def_bool y | |
1021 | ||
54c8d911 YZ |
1022 | config ARCH_ENABLE_SPLIT_PMD_PTLOCK |
1023 | def_bool y if PGTABLE_LEVELS > 2 | |
1024 | ||
a1ae65b2 AT |
1025 | config SECCOMP |
1026 | bool "Enable seccomp to safely compute untrusted bytecode" | |
1027 | ---help--- | |
1028 | This kernel feature is useful for number crunching applications | |
1029 | that may need to compute untrusted bytecode during their | |
1030 | execution. By using pipes or other transports made available to | |
1031 | the process as file descriptors supporting the read/write | |
1032 | syscalls, it's possible to isolate those applications in | |
1033 | their own address space using seccomp. Once seccomp is | |
1034 | enabled via prctl(PR_SET_SECCOMP), it cannot be disabled | |
1035 | and the task is only allowed to execute a few safe syscalls | |
1036 | defined by each seccomp mode. | |
1037 | ||
dfd57bc3 SS |
1038 | config PARAVIRT |
1039 | bool "Enable paravirtualization code" | |
1040 | help | |
1041 | This changes the kernel so it can modify itself when it is run | |
1042 | under a hypervisor, potentially improving performance significantly | |
1043 | over full virtualization. | |
1044 | ||
1045 | config PARAVIRT_TIME_ACCOUNTING | |
1046 | bool "Paravirtual steal time accounting" | |
1047 | select PARAVIRT | |
dfd57bc3 SS |
1048 | help |
1049 | Select this option to enable fine granularity task steal time | |
1050 | accounting. Time spent executing other tasks in parallel with | |
1051 | the current vCPU is discounted from the vCPU power. To account for | |
1052 | that, there can be a small performance impact. | |
1053 | ||
1054 | If in doubt, say N here. | |
1055 | ||
d28f6df1 GL |
1056 | config KEXEC |
1057 | depends on PM_SLEEP_SMP | |
1058 | select KEXEC_CORE | |
1059 | bool "kexec system call" | |
1060 | ---help--- | |
1061 | kexec is a system call that implements the ability to shutdown your | |
1062 | current kernel, and to start another kernel. It is like a reboot | |
1063 | but it is independent of the system firmware. And like a reboot | |
1064 | you can start any kernel with it, not just Linux. | |
1065 | ||
3ddd9992 AT |
1066 | config KEXEC_FILE |
1067 | bool "kexec file based system call" | |
1068 | select KEXEC_CORE | |
1069 | help | |
1070 | This is new version of kexec system call. This system call is | |
1071 | file based and takes file descriptors as system call argument | |
1072 | for kernel and initramfs as opposed to list of segments as | |
1073 | accepted by previous system call. | |
1074 | ||
99d5cadf | 1075 | config KEXEC_SIG |
732b7b93 AT |
1076 | bool "Verify kernel signature during kexec_file_load() syscall" |
1077 | depends on KEXEC_FILE | |
1078 | help | |
1079 | Select this option to verify a signature with loaded kernel | |
1080 | image. If configured, any attempt of loading a image without | |
1081 | valid signature will fail. | |
1082 | ||
1083 | In addition to that option, you need to enable signature | |
1084 | verification for the corresponding kernel image type being | |
1085 | loaded in order for this to work. | |
1086 | ||
1087 | config KEXEC_IMAGE_VERIFY_SIG | |
1088 | bool "Enable Image signature verification support" | |
1089 | default y | |
99d5cadf | 1090 | depends on KEXEC_SIG |
732b7b93 AT |
1091 | depends on EFI && SIGNED_PE_FILE_VERIFICATION |
1092 | help | |
1093 | Enable Image signature verification support. | |
1094 | ||
1095 | comment "Support for PE file signature verification disabled" | |
99d5cadf | 1096 | depends on KEXEC_SIG |
732b7b93 AT |
1097 | depends on !EFI || !SIGNED_PE_FILE_VERIFICATION |
1098 | ||
e62aaeac AT |
1099 | config CRASH_DUMP |
1100 | bool "Build kdump crash kernel" | |
1101 | help | |
1102 | Generate crash dump after being started by kexec. This should | |
1103 | be normally only set in special crash dump kernels which are | |
1104 | loaded in the main kernel with kexec-tools into a specially | |
1105 | reserved region and then later executed after a crash by | |
1106 | kdump/kexec. | |
1107 | ||
330d4810 | 1108 | For more details see Documentation/admin-guide/kdump/kdump.rst |
e62aaeac | 1109 | |
aa42aa13 SS |
1110 | config XEN_DOM0 |
1111 | def_bool y | |
1112 | depends on XEN | |
1113 | ||
1114 | config XEN | |
c2ba1f7d | 1115 | bool "Xen guest support on ARM64" |
aa42aa13 | 1116 | depends on ARM64 && OF |
83862ccf | 1117 | select SWIOTLB_XEN |
dfd57bc3 | 1118 | select PARAVIRT |
aa42aa13 SS |
1119 | help |
1120 | Say Y if you want to run Linux in a Virtual Machine on Xen on ARM64. | |
1121 | ||
d03bb145 SC |
1122 | config FORCE_MAX_ZONEORDER |
1123 | int | |
1124 | default "14" if (ARM64_64K_PAGES && TRANSPARENT_HUGEPAGE) | |
44eaacf1 | 1125 | default "12" if (ARM64_16K_PAGES && TRANSPARENT_HUGEPAGE) |
d03bb145 | 1126 | default "11" |
44eaacf1 SP |
1127 | help |
1128 | The kernel memory allocator divides physically contiguous memory | |
1129 | blocks into "zones", where each zone is a power of two number of | |
1130 | pages. This option selects the largest power of two that the kernel | |
1131 | keeps in the memory allocator. If you need to allocate very large | |
1132 | blocks of physically contiguous memory, then you may need to | |
1133 | increase this value. | |
1134 | ||
1135 | This config option is actually maximum order plus one. For example, | |
1136 | a value of 11 means that the largest free memory block is 2^10 pages. | |
1137 | ||
1138 | We make sure that we can allocate upto a HugePage size for each configuration. | |
1139 | Hence we have : | |
1140 | MAX_ORDER = (PMD_SHIFT - PAGE_SHIFT) + 1 => PAGE_SHIFT - 2 | |
1141 | ||
1142 | However for 4K, we choose a higher default value, 11 as opposed to 10, giving us | |
1143 | 4M allocations matching the default size used by generic code. | |
d03bb145 | 1144 | |
084eb77c | 1145 | config UNMAP_KERNEL_AT_EL0 |
0617052d | 1146 | bool "Unmap kernel when running in userspace (aka \"KAISER\")" if EXPERT |
084eb77c WD |
1147 | default y |
1148 | help | |
0617052d WD |
1149 | Speculation attacks against some high-performance processors can |
1150 | be used to bypass MMU permission checks and leak kernel data to | |
1151 | userspace. This can be defended against by unmapping the kernel | |
1152 | when running in userspace, mapping it back in on exception entry | |
1153 | via a trampoline page in the vector table. | |
084eb77c WD |
1154 | |
1155 | If unsure, say Y. | |
1156 | ||
0f15adbb WD |
1157 | config HARDEN_BRANCH_PREDICTOR |
1158 | bool "Harden the branch predictor against aliasing attacks" if EXPERT | |
1159 | default y | |
1160 | help | |
1161 | Speculation attacks against some high-performance processors rely on | |
1162 | being able to manipulate the branch predictor for a victim context by | |
1163 | executing aliasing branches in the attacker context. Such attacks | |
1164 | can be partially mitigated against by clearing internal branch | |
1165 | predictor state and limiting the prediction logic in some situations. | |
1166 | ||
1167 | This config option will take CPU-specific actions to harden the | |
1168 | branch predictor against aliasing attacks and may rely on specific | |
1169 | instruction sequences or control bits being set by the system | |
1170 | firmware. | |
1171 | ||
1172 | If unsure, say Y. | |
1173 | ||
dee39247 MZ |
1174 | config HARDEN_EL2_VECTORS |
1175 | bool "Harden EL2 vector mapping against system register leak" if EXPERT | |
1176 | default y | |
1177 | help | |
1178 | Speculation attacks against some high-performance processors can | |
1179 | be used to leak privileged information such as the vector base | |
1180 | register, resulting in a potential defeat of the EL2 layout | |
1181 | randomization. | |
1182 | ||
1183 | This config option will map the vectors to a fixed location, | |
1184 | independent of the EL2 code mapping, so that revealing VBAR_EL2 | |
1185 | to an attacker does not give away any extra information. This | |
1186 | only gets enabled on affected CPUs. | |
1187 | ||
1188 | If unsure, say Y. | |
1189 | ||
a725e3dd MZ |
1190 | config ARM64_SSBD |
1191 | bool "Speculative Store Bypass Disable" if EXPERT | |
1192 | default y | |
1193 | help | |
1194 | This enables mitigation of the bypassing of previous stores | |
1195 | by speculative loads. | |
1196 | ||
1197 | If unsure, say Y. | |
1198 | ||
c55191e9 AB |
1199 | config RODATA_FULL_DEFAULT_ENABLED |
1200 | bool "Apply r/o permissions of VM areas also to their linear aliases" | |
1201 | default y | |
1202 | help | |
1203 | Apply read-only attributes of VM areas to the linear alias of | |
1204 | the backing pages as well. This prevents code or read-only data | |
1205 | from being modified (inadvertently or intentionally) via another | |
1206 | mapping of the same memory page. This additional enhancement can | |
1207 | be turned off at runtime by passing rodata=[off|on] (and turned on | |
1208 | with rodata=full if this option is set to 'n') | |
1209 | ||
1210 | This requires the linear region to be mapped down to pages, | |
1211 | which may adversely affect performance in some cases. | |
1212 | ||
dd523791 WD |
1213 | config ARM64_SW_TTBR0_PAN |
1214 | bool "Emulate Privileged Access Never using TTBR0_EL1 switching" | |
1215 | help | |
1216 | Enabling this option prevents the kernel from accessing | |
1217 | user-space memory directly by pointing TTBR0_EL1 to a reserved | |
1218 | zeroed area and reserved ASID. The user access routines | |
1219 | restore the valid TTBR0_EL1 temporarily. | |
1220 | ||
63f0c603 CM |
1221 | config ARM64_TAGGED_ADDR_ABI |
1222 | bool "Enable the tagged user addresses syscall ABI" | |
1223 | default y | |
1224 | help | |
1225 | When this option is enabled, user applications can opt in to a | |
1226 | relaxed ABI via prctl() allowing tagged addresses to be passed | |
1227 | to system calls as pointer arguments. For details, see | |
799c8510 | 1228 | Documentation/arm64/tagged-address-abi.rst. |
63f0c603 | 1229 | |
dd523791 WD |
1230 | menuconfig COMPAT |
1231 | bool "Kernel support for 32-bit EL0" | |
1232 | depends on ARM64_4K_PAGES || EXPERT | |
1233 | select COMPAT_BINFMT_ELF if BINFMT_ELF | |
1234 | select HAVE_UID16 | |
1235 | select OLD_SIGSUSPEND3 | |
1236 | select COMPAT_OLD_SIGACTION | |
1237 | help | |
1238 | This option enables support for a 32-bit EL0 running under a 64-bit | |
1239 | kernel at EL1. AArch32-specific components such as system calls, | |
1240 | the user helper functions, VFP support and the ptrace interface are | |
1241 | handled appropriately by the kernel. | |
1242 | ||
1243 | If you use a page size other than 4KB (i.e, 16KB or 64KB), please be aware | |
1244 | that you will only be able to execute AArch32 binaries that were compiled | |
1245 | with page size aligned segments. | |
1246 | ||
1247 | If you want to execute 32-bit userspace applications, say Y. | |
1248 | ||
1249 | if COMPAT | |
1250 | ||
1251 | config KUSER_HELPERS | |
7c4791c9 | 1252 | bool "Enable kuser helpers page for 32-bit applications" |
dd523791 WD |
1253 | default y |
1254 | help | |
1255 | Warning: disabling this option may break 32-bit user programs. | |
1256 | ||
1257 | Provide kuser helpers to compat tasks. The kernel provides | |
1258 | helper code to userspace in read only form at a fixed location | |
1259 | to allow userspace to be independent of the CPU type fitted to | |
1260 | the system. This permits binaries to be run on ARMv4 through | |
1261 | to ARMv8 without modification. | |
1262 | ||
dc7a12bd | 1263 | See Documentation/arm/kernel_user_helpers.rst for details. |
dd523791 WD |
1264 | |
1265 | However, the fixed address nature of these helpers can be used | |
1266 | by ROP (return orientated programming) authors when creating | |
1267 | exploits. | |
1268 | ||
1269 | If all of the binaries and libraries which run on your platform | |
1270 | are built specifically for your platform, and make no use of | |
1271 | these helpers, then you can turn this option off to hinder | |
1272 | such exploits. However, in that case, if a binary or library | |
1273 | relying on those helpers is run, it will not function correctly. | |
1274 | ||
1275 | Say N here only if you are absolutely certain that you do not | |
1276 | need these helpers; otherwise, the safe option is to say Y. | |
1277 | ||
7c4791c9 WD |
1278 | config COMPAT_VDSO |
1279 | bool "Enable vDSO for 32-bit applications" | |
1280 | depends on !CPU_BIG_ENDIAN && "$(CROSS_COMPILE_COMPAT)" != "" | |
1281 | select GENERIC_COMPAT_VDSO | |
1282 | default y | |
1283 | help | |
1284 | Place in the process address space of 32-bit applications an | |
1285 | ELF shared object providing fast implementations of gettimeofday | |
1286 | and clock_gettime. | |
1287 | ||
1288 | You must have a 32-bit build of glibc 2.22 or later for programs | |
1289 | to seamlessly take advantage of this. | |
dd523791 | 1290 | |
1b907f46 WD |
1291 | menuconfig ARMV8_DEPRECATED |
1292 | bool "Emulate deprecated/obsolete ARMv8 instructions" | |
6cfa7cc4 | 1293 | depends on SYSCTL |
1b907f46 WD |
1294 | help |
1295 | Legacy software support may require certain instructions | |
1296 | that have been deprecated or obsoleted in the architecture. | |
1297 | ||
1298 | Enable this config to enable selective emulation of these | |
1299 | features. | |
1300 | ||
1301 | If unsure, say Y | |
1302 | ||
1303 | if ARMV8_DEPRECATED | |
1304 | ||
1305 | config SWP_EMULATION | |
1306 | bool "Emulate SWP/SWPB instructions" | |
1307 | help | |
1308 | ARMv8 obsoletes the use of A32 SWP/SWPB instructions such that | |
1309 | they are always undefined. Say Y here to enable software | |
1310 | emulation of these instructions for userspace using LDXR/STXR. | |
1311 | ||
1312 | In some older versions of glibc [<=2.8] SWP is used during futex | |
1313 | trylock() operations with the assumption that the code will not | |
1314 | be preempted. This invalid assumption may be more likely to fail | |
1315 | with SWP emulation enabled, leading to deadlock of the user | |
1316 | application. | |
1317 | ||
1318 | NOTE: when accessing uncached shared regions, LDXR/STXR rely | |
1319 | on an external transaction monitoring block called a global | |
1320 | monitor to maintain update atomicity. If your system does not | |
1321 | implement a global monitor, this option can cause programs that | |
1322 | perform SWP operations to uncached memory to deadlock. | |
1323 | ||
1324 | If unsure, say Y | |
1325 | ||
1326 | config CP15_BARRIER_EMULATION | |
1327 | bool "Emulate CP15 Barrier instructions" | |
1328 | help | |
1329 | The CP15 barrier instructions - CP15ISB, CP15DSB, and | |
1330 | CP15DMB - are deprecated in ARMv8 (and ARMv7). It is | |
1331 | strongly recommended to use the ISB, DSB, and DMB | |
1332 | instructions instead. | |
1333 | ||
1334 | Say Y here to enable software emulation of these | |
1335 | instructions for AArch32 userspace code. When this option is | |
1336 | enabled, CP15 barrier usage is traced which can help | |
1337 | identify software that needs updating. | |
1338 | ||
1339 | If unsure, say Y | |
1340 | ||
2d888f48 SP |
1341 | config SETEND_EMULATION |
1342 | bool "Emulate SETEND instruction" | |
1343 | help | |
1344 | The SETEND instruction alters the data-endianness of the | |
1345 | AArch32 EL0, and is deprecated in ARMv8. | |
1346 | ||
1347 | Say Y here to enable software emulation of the instruction | |
1348 | for AArch32 userspace code. | |
1349 | ||
1350 | Note: All the cpus on the system must have mixed endian support at EL0 | |
1351 | for this feature to be enabled. If a new CPU - which doesn't support mixed | |
1352 | endian - is hotplugged in after this feature has been enabled, there could | |
1353 | be unexpected results in the applications. | |
1354 | ||
1355 | If unsure, say Y | |
1b907f46 WD |
1356 | endif |
1357 | ||
dd523791 | 1358 | endif |
ba42822a | 1359 | |
0e4a0709 WD |
1360 | menu "ARMv8.1 architectural features" |
1361 | ||
1362 | config ARM64_HW_AFDBM | |
1363 | bool "Support for hardware updates of the Access and Dirty page flags" | |
1364 | default y | |
1365 | help | |
1366 | The ARMv8.1 architecture extensions introduce support for | |
1367 | hardware updates of the access and dirty information in page | |
1368 | table entries. When enabled in TCR_EL1 (HA and HD bits) on | |
1369 | capable processors, accesses to pages with PTE_AF cleared will | |
1370 | set this bit instead of raising an access flag fault. | |
1371 | Similarly, writes to read-only pages with the DBM bit set will | |
1372 | clear the read-only bit (AP[2]) instead of raising a | |
1373 | permission fault. | |
1374 | ||
1375 | Kernels built with this configuration option enabled continue | |
1376 | to work on pre-ARMv8.1 hardware and the performance impact is | |
1377 | minimal. If unsure, say Y. | |
1378 | ||
1379 | config ARM64_PAN | |
1380 | bool "Enable support for Privileged Access Never (PAN)" | |
1381 | default y | |
1382 | help | |
1383 | Privileged Access Never (PAN; part of the ARMv8.1 Extensions) | |
1384 | prevents the kernel or hypervisor from accessing user-space (EL0) | |
1385 | memory directly. | |
1386 | ||
1387 | Choosing this option will cause any unprotected (not using | |
1388 | copy_to_user et al) memory access to fail with a permission fault. | |
1389 | ||
1390 | The feature is detected at runtime, and will remain as a 'nop' | |
1391 | instruction if the cpu does not implement the feature. | |
1392 | ||
1393 | config ARM64_LSE_ATOMICS | |
395af861 CM |
1394 | bool |
1395 | default ARM64_USE_LSE_ATOMICS | |
1396 | depends on $(as-instr,.arch_extension lse) | |
1397 | ||
1398 | config ARM64_USE_LSE_ATOMICS | |
0e4a0709 | 1399 | bool "Atomic instructions" |
b32baf91 | 1400 | depends on JUMP_LABEL |
7bd99b40 | 1401 | default y |
0e4a0709 WD |
1402 | help |
1403 | As part of the Large System Extensions, ARMv8.1 introduces new | |
1404 | atomic instructions that are designed specifically to scale in | |
1405 | very large systems. | |
1406 | ||
1407 | Say Y here to make use of these instructions for the in-kernel | |
1408 | atomic routines. This incurs a small overhead on CPUs that do | |
1409 | not support these instructions and requires the kernel to be | |
7bd99b40 WD |
1410 | built with binutils >= 2.25 in order for the new instructions |
1411 | to be used. | |
0e4a0709 | 1412 | |
1f364c8c MZ |
1413 | config ARM64_VHE |
1414 | bool "Enable support for Virtualization Host Extensions (VHE)" | |
1415 | default y | |
1416 | help | |
1417 | Virtualization Host Extensions (VHE) allow the kernel to run | |
1418 | directly at EL2 (instead of EL1) on processors that support | |
1419 | it. This leads to better performance for KVM, as they reduce | |
1420 | the cost of the world switch. | |
1421 | ||
1422 | Selecting this option allows the VHE feature to be detected | |
1423 | at runtime, and does not affect processors that do not | |
1424 | implement this feature. | |
1425 | ||
0e4a0709 WD |
1426 | endmenu |
1427 | ||
f993318b WD |
1428 | menu "ARMv8.2 architectural features" |
1429 | ||
57f4959b JM |
1430 | config ARM64_UAO |
1431 | bool "Enable support for User Access Override (UAO)" | |
1432 | default y | |
1433 | help | |
1434 | User Access Override (UAO; part of the ARMv8.2 Extensions) | |
1435 | causes the 'unprivileged' variant of the load/store instructions to | |
83fc61a5 | 1436 | be overridden to be privileged. |
57f4959b JM |
1437 | |
1438 | This option changes get_user() and friends to use the 'unprivileged' | |
1439 | variant of the load/store instructions. This ensures that user-space | |
1440 | really did have access to the supplied memory. When addr_limit is | |
1441 | set to kernel memory the UAO bit will be set, allowing privileged | |
1442 | access to kernel memory. | |
1443 | ||
1444 | Choosing this option will cause copy_to_user() et al to use user-space | |
1445 | memory permissions. | |
1446 | ||
1447 | The feature is detected at runtime, the kernel will use the | |
1448 | regular load/store instructions if the cpu does not implement the | |
1449 | feature. | |
1450 | ||
d50e071f RM |
1451 | config ARM64_PMEM |
1452 | bool "Enable support for persistent memory" | |
1453 | select ARCH_HAS_PMEM_API | |
5d7bdeb1 | 1454 | select ARCH_HAS_UACCESS_FLUSHCACHE |
d50e071f RM |
1455 | help |
1456 | Say Y to enable support for the persistent memory API based on the | |
1457 | ARMv8.2 DCPoP feature. | |
1458 | ||
1459 | The feature is detected at runtime, and the kernel will use DC CVAC | |
1460 | operations if DC CVAP is not supported (following the behaviour of | |
1461 | DC CVAP itself if the system does not define a point of persistence). | |
1462 | ||
64c02720 XX |
1463 | config ARM64_RAS_EXTN |
1464 | bool "Enable support for RAS CPU Extensions" | |
1465 | default y | |
1466 | help | |
1467 | CPUs that support the Reliability, Availability and Serviceability | |
1468 | (RAS) Extensions, part of ARMv8.2 are able to track faults and | |
1469 | errors, classify them and report them to software. | |
1470 | ||
1471 | On CPUs with these extensions system software can use additional | |
1472 | barriers to determine if faults are pending and read the | |
1473 | classification from a new set of registers. | |
1474 | ||
1475 | Selecting this feature will allow the kernel to use these barriers | |
1476 | and access the new registers if the system supports the extension. | |
1477 | Platform RAS features may additionally depend on firmware support. | |
1478 | ||
5ffdfaed VM |
1479 | config ARM64_CNP |
1480 | bool "Enable support for Common Not Private (CNP) translations" | |
1481 | default y | |
1482 | depends on ARM64_PAN || !ARM64_SW_TTBR0_PAN | |
1483 | help | |
1484 | Common Not Private (CNP) allows translation table entries to | |
1485 | be shared between different PEs in the same inner shareable | |
1486 | domain, so the hardware can use this fact to optimise the | |
1487 | caching of such entries in the TLB. | |
1488 | ||
1489 | Selecting this option allows the CNP feature to be detected | |
1490 | at runtime, and does not affect PEs that do not implement | |
1491 | this feature. | |
1492 | ||
f993318b WD |
1493 | endmenu |
1494 | ||
04ca3204 MR |
1495 | menu "ARMv8.3 architectural features" |
1496 | ||
1497 | config ARM64_PTR_AUTH | |
1498 | bool "Enable support for pointer authentication" | |
1499 | default y | |
384b40ca | 1500 | depends on !KVM || ARM64_VHE |
04ca3204 MR |
1501 | help |
1502 | Pointer authentication (part of the ARMv8.3 Extensions) provides | |
1503 | instructions for signing and authenticating pointers against secret | |
1504 | keys, which can be used to mitigate Return Oriented Programming (ROP) | |
1505 | and other attacks. | |
1506 | ||
1507 | This option enables these instructions at EL0 (i.e. for userspace). | |
1508 | ||
1509 | Choosing this option will cause the kernel to initialise secret keys | |
1510 | for each process at exec() time, with these keys being | |
1511 | context-switched along with the process. | |
1512 | ||
1513 | The feature is detected at runtime. If the feature is not present in | |
384b40ca MR |
1514 | hardware it will not be advertised to userspace/KVM guest nor will it |
1515 | be enabled. However, KVM guest also require VHE mode and hence | |
1516 | CONFIG_ARM64_VHE=y option to use this feature. | |
04ca3204 MR |
1517 | |
1518 | endmenu | |
1519 | ||
3e6c69a0 MB |
1520 | menu "ARMv8.5 architectural features" |
1521 | ||
1522 | config ARM64_E0PD | |
1523 | bool "Enable support for E0PD" | |
1524 | default y | |
1525 | help | |
e717d93b WD |
1526 | E0PD (part of the ARMv8.5 extensions) allows us to ensure |
1527 | that EL0 accesses made via TTBR1 always fault in constant time, | |
1528 | providing similar benefits to KASLR as those provided by KPTI, but | |
1529 | with lower overhead and without disrupting legitimate access to | |
1530 | kernel memory such as SPE. | |
3e6c69a0 | 1531 | |
e717d93b | 1532 | This option enables E0PD for TTBR1 where available. |
3e6c69a0 | 1533 | |
1a50ec0b RH |
1534 | config ARCH_RANDOM |
1535 | bool "Enable support for random number generation" | |
1536 | default y | |
1537 | help | |
1538 | Random number generation (part of the ARMv8.5 Extensions) | |
1539 | provides a high bandwidth, cryptographically secure | |
1540 | hardware random number generator. | |
1541 | ||
3e6c69a0 MB |
1542 | endmenu |
1543 | ||
ddd25ad1 DM |
1544 | config ARM64_SVE |
1545 | bool "ARM Scalable Vector Extension support" | |
1546 | default y | |
85acda3b | 1547 | depends on !KVM || ARM64_VHE |
ddd25ad1 DM |
1548 | help |
1549 | The Scalable Vector Extension (SVE) is an extension to the AArch64 | |
1550 | execution state which complements and extends the SIMD functionality | |
1551 | of the base architecture to support much larger vectors and to enable | |
1552 | additional vectorisation opportunities. | |
1553 | ||
1554 | To enable use of this extension on CPUs that implement it, say Y. | |
1555 | ||
06a916fe DM |
1556 | On CPUs that support the SVE2 extensions, this option will enable |
1557 | those too. | |
1558 | ||
5043694e DM |
1559 | Note that for architectural reasons, firmware _must_ implement SVE |
1560 | support when running on SVE capable hardware. The required support | |
1561 | is present in: | |
1562 | ||
1563 | * version 1.5 and later of the ARM Trusted Firmware | |
1564 | * the AArch64 boot wrapper since commit 5e1261e08abf | |
1565 | ("bootwrapper: SVE: Enable SVE for EL2 and below"). | |
1566 | ||
1567 | For other firmware implementations, consult the firmware documentation | |
1568 | or vendor. | |
1569 | ||
1570 | If you need the kernel to boot on SVE-capable hardware with broken | |
1571 | firmware, you may need to say N here until you get your firmware | |
1572 | fixed. Otherwise, you may experience firmware panics or lockups when | |
1573 | booting the kernel. If unsure and you are not observing these | |
1574 | symptoms, you should assume that it is safe to say Y. | |
fd045f6c | 1575 | |
85acda3b DM |
1576 | CPUs that support SVE are architecturally required to support the |
1577 | Virtualization Host Extensions (VHE), so the kernel makes no | |
1578 | provision for supporting SVE alongside KVM without VHE enabled. | |
1579 | Thus, you will need to enable CONFIG_ARM64_VHE if you want to support | |
1580 | KVM in the same kernel image. | |
1581 | ||
fd045f6c | 1582 | config ARM64_MODULE_PLTS |
58557e48 | 1583 | bool "Use PLTs to allow module memory to spill over into vmalloc area" |
faaa73bc | 1584 | depends on MODULES |
fd045f6c | 1585 | select HAVE_MOD_ARCH_SPECIFIC |
58557e48 FF |
1586 | help |
1587 | Allocate PLTs when loading modules so that jumps and calls whose | |
1588 | targets are too far away for their relative offsets to be encoded | |
1589 | in the instructions themselves can be bounced via veneers in the | |
1590 | module's PLT. This allows modules to be allocated in the generic | |
1591 | vmalloc area after the dedicated module memory area has been | |
1592 | exhausted. | |
1593 | ||
1594 | When running with address space randomization (KASLR), the module | |
1595 | region itself may be too far away for ordinary relative jumps and | |
1596 | calls, and so in that case, module PLTs are required and cannot be | |
1597 | disabled. | |
1598 | ||
1599 | Specific errata workaround(s) might also force module PLTs to be | |
1600 | enabled (ARM64_ERRATUM_843419). | |
fd045f6c | 1601 | |
bc3c03cc JT |
1602 | config ARM64_PSEUDO_NMI |
1603 | bool "Support for NMI-like interrupts" | |
3c9c1dcd | 1604 | select ARM_GIC_V3 |
bc3c03cc JT |
1605 | help |
1606 | Adds support for mimicking Non-Maskable Interrupts through the use of | |
1607 | GIC interrupt priority. This support requires version 3 or later of | |
bc15cf70 | 1608 | ARM GIC. |
bc3c03cc JT |
1609 | |
1610 | This high priority configuration for interrupts needs to be | |
1611 | explicitly enabled by setting the kernel parameter | |
1612 | "irqchip.gicv3_pseudo_nmi" to 1. | |
1613 | ||
1614 | If unsure, say N | |
1615 | ||
48ce8f80 JT |
1616 | if ARM64_PSEUDO_NMI |
1617 | config ARM64_DEBUG_PRIORITY_MASKING | |
1618 | bool "Debug interrupt priority masking" | |
1619 | help | |
1620 | This adds runtime checks to functions enabling/disabling | |
1621 | interrupts when using priority masking. The additional checks verify | |
1622 | the validity of ICC_PMR_EL1 when calling concerned functions. | |
1623 | ||
1624 | If unsure, say N | |
1625 | endif | |
1626 | ||
1e48ef7f AB |
1627 | config RELOCATABLE |
1628 | bool | |
5cf896fb | 1629 | select ARCH_HAS_RELR |
1e48ef7f AB |
1630 | help |
1631 | This builds the kernel as a Position Independent Executable (PIE), | |
1632 | which retains all relocation metadata required to relocate the | |
1633 | kernel binary at runtime to a different virtual address than the | |
1634 | address it was linked at. | |
1635 | Since AArch64 uses the RELA relocation format, this requires a | |
1636 | relocation pass at runtime even if the kernel is loaded at the | |
1637 | same address it was linked at. | |
1638 | ||
f80fb3a3 AB |
1639 | config RANDOMIZE_BASE |
1640 | bool "Randomize the address of the kernel image" | |
b9c220b5 | 1641 | select ARM64_MODULE_PLTS if MODULES |
f80fb3a3 AB |
1642 | select RELOCATABLE |
1643 | help | |
1644 | Randomizes the virtual address at which the kernel image is | |
1645 | loaded, as a security feature that deters exploit attempts | |
1646 | relying on knowledge of the location of kernel internals. | |
1647 | ||
1648 | It is the bootloader's job to provide entropy, by passing a | |
1649 | random u64 value in /chosen/kaslr-seed at kernel entry. | |
1650 | ||
2b5fe07a AB |
1651 | When booting via the UEFI stub, it will invoke the firmware's |
1652 | EFI_RNG_PROTOCOL implementation (if available) to supply entropy | |
1653 | to the kernel proper. In addition, it will randomise the physical | |
1654 | location of the kernel Image as well. | |
1655 | ||
f80fb3a3 AB |
1656 | If unsure, say N. |
1657 | ||
1658 | config RANDOMIZE_MODULE_REGION_FULL | |
f2b9ba87 | 1659 | bool "Randomize the module region over a 4 GB range" |
e71a4e1b | 1660 | depends on RANDOMIZE_BASE |
f80fb3a3 AB |
1661 | default y |
1662 | help | |
f2b9ba87 AB |
1663 | Randomizes the location of the module region inside a 4 GB window |
1664 | covering the core kernel. This way, it is less likely for modules | |
f80fb3a3 AB |
1665 | to leak information about the location of core kernel data structures |
1666 | but it does imply that function calls between modules and the core | |
1667 | kernel will need to be resolved via veneers in the module PLT. | |
1668 | ||
1669 | When this option is not set, the module region will be randomized over | |
1670 | a limited range that contains the [_stext, _etext] interval of the | |
1671 | core kernel, so branch relocations are always in range. | |
1672 | ||
0a1213fa AB |
1673 | config CC_HAVE_STACKPROTECTOR_SYSREG |
1674 | def_bool $(cc-option,-mstack-protector-guard=sysreg -mstack-protector-guard-reg=sp_el0 -mstack-protector-guard-offset=0) | |
1675 | ||
1676 | config STACKPROTECTOR_PER_TASK | |
1677 | def_bool y | |
1678 | depends on STACKPROTECTOR && CC_HAVE_STACKPROTECTOR_SYSREG | |
1679 | ||
8c2c3df3 CM |
1680 | endmenu |
1681 | ||
1682 | menu "Boot options" | |
1683 | ||
5e89c55e LP |
1684 | config ARM64_ACPI_PARKING_PROTOCOL |
1685 | bool "Enable support for the ARM64 ACPI parking protocol" | |
1686 | depends on ACPI | |
1687 | help | |
1688 | Enable support for the ARM64 ACPI parking protocol. If disabled | |
1689 | the kernel will not allow booting through the ARM64 ACPI parking | |
1690 | protocol even if the corresponding data is present in the ACPI | |
1691 | MADT table. | |
1692 | ||
8c2c3df3 CM |
1693 | config CMDLINE |
1694 | string "Default kernel command string" | |
1695 | default "" | |
1696 | help | |
1697 | Provide a set of default command-line options at build time by | |
1698 | entering them here. As a minimum, you should specify the the | |
1699 | root device (e.g. root=/dev/nfs). | |
1700 | ||
1701 | config CMDLINE_FORCE | |
1702 | bool "Always use the default kernel command string" | |
f70c08e4 | 1703 | depends on CMDLINE != "" |
8c2c3df3 CM |
1704 | help |
1705 | Always use the default kernel command string, even if the boot | |
1706 | loader passes other arguments to the kernel. | |
1707 | This is useful if you cannot or don't want to change the | |
1708 | command-line options your boot loader passes to the kernel. | |
1709 | ||
f4f75ad5 AB |
1710 | config EFI_STUB |
1711 | bool | |
1712 | ||
f84d0275 MS |
1713 | config EFI |
1714 | bool "UEFI runtime support" | |
1715 | depends on OF && !CPU_BIG_ENDIAN | |
b472db6c | 1716 | depends on KERNEL_MODE_NEON |
2c870e61 | 1717 | select ARCH_SUPPORTS_ACPI |
f84d0275 MS |
1718 | select LIBFDT |
1719 | select UCS2_STRING | |
1720 | select EFI_PARAMS_FROM_FDT | |
e15dd494 | 1721 | select EFI_RUNTIME_WRAPPERS |
f4f75ad5 AB |
1722 | select EFI_STUB |
1723 | select EFI_ARMSTUB | |
f84d0275 MS |
1724 | default y |
1725 | help | |
1726 | This option provides support for runtime services provided | |
1727 | by UEFI firmware (such as non-volatile variables, realtime | |
3c7f2550 MS |
1728 | clock, and platform reset). A UEFI stub is also provided to |
1729 | allow the kernel to be booted as an EFI application. This | |
1730 | is only useful on systems that have UEFI firmware. | |
f84d0275 | 1731 | |
d1ae8c00 YL |
1732 | config DMI |
1733 | bool "Enable support for SMBIOS (DMI) tables" | |
1734 | depends on EFI | |
1735 | default y | |
1736 | help | |
1737 | This enables SMBIOS/DMI feature for systems. | |
1738 | ||
1739 | This option is only useful on systems that have UEFI firmware. | |
1740 | However, even with this option, the resultant kernel should | |
1741 | continue to boot on existing non-UEFI platforms. | |
1742 | ||
8c2c3df3 CM |
1743 | endmenu |
1744 | ||
8c2c3df3 CM |
1745 | config SYSVIPC_COMPAT |
1746 | def_bool y | |
1747 | depends on COMPAT && SYSVIPC | |
1748 | ||
4a03a058 AK |
1749 | config ARCH_ENABLE_HUGEPAGE_MIGRATION |
1750 | def_bool y | |
1751 | depends on HUGETLB_PAGE && MIGRATION | |
1752 | ||
166936ba LP |
1753 | menu "Power management options" |
1754 | ||
1755 | source "kernel/power/Kconfig" | |
1756 | ||
82869ac5 JM |
1757 | config ARCH_HIBERNATION_POSSIBLE |
1758 | def_bool y | |
1759 | depends on CPU_PM | |
1760 | ||
1761 | config ARCH_HIBERNATION_HEADER | |
1762 | def_bool y | |
1763 | depends on HIBERNATION | |
1764 | ||
166936ba LP |
1765 | config ARCH_SUSPEND_POSSIBLE |
1766 | def_bool y | |
1767 | ||
166936ba LP |
1768 | endmenu |
1769 | ||
1307220d LP |
1770 | menu "CPU Power Management" |
1771 | ||
1772 | source "drivers/cpuidle/Kconfig" | |
1773 | ||
52e7e816 RH |
1774 | source "drivers/cpufreq/Kconfig" |
1775 | ||
1776 | endmenu | |
1777 | ||
f84d0275 MS |
1778 | source "drivers/firmware/Kconfig" |
1779 | ||
b6a02173 GG |
1780 | source "drivers/acpi/Kconfig" |
1781 | ||
c3eb5b14 MZ |
1782 | source "arch/arm64/kvm/Kconfig" |
1783 | ||
2c98833a AB |
1784 | if CRYPTO |
1785 | source "arch/arm64/crypto/Kconfig" | |
1786 | endif |