1# SPDX-License-Identifier: GPL-2.0 2# Select 32 or 64 bit 3config 64BIT 4 bool "64-bit kernel" if "$(ARCH)" = "x86" 5 default "$(ARCH)" != "i386" 6 help 7 Say yes to build a 64-bit kernel - formerly known as x86_64 8 Say no to build a 32-bit kernel - formerly known as i386 9 10config X86_32 11 def_bool y 12 depends on !64BIT 13 # Options that are inherently 32-bit kernel only: 14 select ARCH_WANT_IPC_PARSE_VERSION 15 select CLKSRC_I8253 16 select CLONE_BACKWARDS 17 select HAVE_DEBUG_STACKOVERFLOW 18 select MODULES_USE_ELF_REL 19 select OLD_SIGACTION 20 select GENERIC_VDSO_32 21 select ARCH_SPLIT_ARG64 22 23config X86_64 24 def_bool y 25 depends on 64BIT 26 # Options that are inherently 64-bit kernel only: 27 select ARCH_HAS_GIGANTIC_PAGE 28 select ARCH_SUPPORTS_INT128 if CC_HAS_INT128 29 select ARCH_USE_CMPXCHG_LOCKREF 30 select HAVE_ARCH_SOFT_DIRTY 31 select MODULES_USE_ELF_RELA 32 select NEED_DMA_MAP_STATE 33 select SWIOTLB 34 35config FORCE_DYNAMIC_FTRACE 36 def_bool y 37 depends on X86_32 38 depends on FUNCTION_TRACER 39 select DYNAMIC_FTRACE 40 help 41 We keep the static function tracing (!DYNAMIC_FTRACE) around 42 in order to test the non static function tracing in the 43 generic code, as other architectures still use it. But we 44 only need to keep it around for x86_64. No need to keep it 45 for x86_32. For x86_32, force DYNAMIC_FTRACE. 46# 47# Arch settings 48# 49# ( Note that options that are marked 'if X86_64' could in principle be 50# ported to 32-bit as well. ) 51# 52config X86 53 def_bool y 54 # 55 # Note: keep this list sorted alphabetically 56 # 57 select ACPI_LEGACY_TABLES_LOOKUP if ACPI 58 select ACPI_SYSTEM_POWER_STATES_SUPPORT if ACPI 59 select ARCH_32BIT_OFF_T if X86_32 60 select ARCH_CLOCKSOURCE_INIT 61 select ARCH_HAS_ACPI_TABLE_UPGRADE if ACPI 62 select ARCH_HAS_CPU_FINALIZE_INIT 63 select ARCH_HAS_CACHE_LINE_SIZE 64 select ARCH_HAS_DEBUG_VIRTUAL 65 select ARCH_HAS_DEBUG_VM_PGTABLE if !X86_PAE 66 select ARCH_HAS_DEVMEM_IS_ALLOWED 67 select ARCH_HAS_EARLY_DEBUG if KGDB 68 select ARCH_HAS_ELF_RANDOMIZE 69 select ARCH_HAS_FAST_MULTIPLIER 70 select ARCH_HAS_FILTER_PGPROT 71 select ARCH_HAS_FORTIFY_SOURCE 72 select ARCH_HAS_GCOV_PROFILE_ALL 73 select ARCH_HAS_KCOV if X86_64 && STACK_VALIDATION 74 select ARCH_HAS_MEM_ENCRYPT 75 select ARCH_HAS_MEMBARRIER_SYNC_CORE 76 select ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE 77 select ARCH_HAS_PMEM_API if X86_64 78 select ARCH_HAS_PTE_DEVMAP if X86_64 79 select ARCH_HAS_PTE_SPECIAL 80 select ARCH_HAS_UACCESS_FLUSHCACHE if X86_64 81 select ARCH_HAS_COPY_MC if X86_64 82 select ARCH_HAS_SET_MEMORY 83 select ARCH_HAS_SET_DIRECT_MAP 84 select ARCH_HAS_STRICT_KERNEL_RWX 85 select ARCH_HAS_STRICT_MODULE_RWX 86 select ARCH_HAS_SYNC_CORE_BEFORE_USERMODE 87 select ARCH_HAS_SYSCALL_WRAPPER 88 select ARCH_HAS_UBSAN_SANITIZE_ALL 89 select ARCH_HAS_DEBUG_WX 90 select ARCH_HAVE_NMI_SAFE_CMPXCHG 91 select ARCH_MIGHT_HAVE_ACPI_PDC if ACPI 92 select ARCH_MIGHT_HAVE_PC_PARPORT 93 select ARCH_MIGHT_HAVE_PC_SERIO 94 select ARCH_STACKWALK 95 select ARCH_SUPPORTS_ACPI 96 select ARCH_SUPPORTS_ATOMIC_RMW 97 select ARCH_SUPPORTS_NUMA_BALANCING if X86_64 98 select ARCH_USE_BUILTIN_BSWAP 99 select ARCH_USE_QUEUED_RWLOCKS 100 select ARCH_USE_QUEUED_SPINLOCKS 101 select ARCH_USE_SYM_ANNOTATIONS 102 select ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH 103 select ARCH_WANT_DEFAULT_BPF_JIT if X86_64 104 select ARCH_WANTS_DYNAMIC_TASK_STRUCT 105 select ARCH_WANT_HUGE_PMD_SHARE 106 select ARCH_WANT_LD_ORPHAN_WARN 107 select ARCH_WANTS_THP_SWAP if X86_64 108 select BUILDTIME_TABLE_SORT 109 select CLKEVT_I8253 110 select CLOCKSOURCE_VALIDATE_LAST_CYCLE 111 select CLOCKSOURCE_WATCHDOG 112 select DCACHE_WORD_ACCESS 113 select EDAC_ATOMIC_SCRUB 114 select EDAC_SUPPORT 115 select GENERIC_CLOCKEVENTS 116 select GENERIC_CLOCKEVENTS_BROADCAST if X86_64 || (X86_32 && X86_LOCAL_APIC) 117 select GENERIC_CLOCKEVENTS_MIN_ADJUST 118 select GENERIC_CMOS_UPDATE 119 select GENERIC_CPU_AUTOPROBE 120 select GENERIC_CPU_VULNERABILITIES 121 select GENERIC_EARLY_IOREMAP 122 select GENERIC_ENTRY 123 select GENERIC_FIND_FIRST_BIT 124 select GENERIC_IOMAP 125 select GENERIC_IRQ_EFFECTIVE_AFF_MASK if SMP 126 select GENERIC_IRQ_MATRIX_ALLOCATOR if X86_LOCAL_APIC 127 select GENERIC_IRQ_MIGRATION if SMP 128 select GENERIC_IRQ_PROBE 129 select GENERIC_IRQ_RESERVATION_MODE 130 select GENERIC_IRQ_SHOW 131 select GENERIC_PENDING_IRQ if SMP 132 select GENERIC_PTDUMP 133 select GENERIC_SMP_IDLE_THREAD 134 select GENERIC_STRNCPY_FROM_USER 135 select GENERIC_STRNLEN_USER 136 select GENERIC_TIME_VSYSCALL 137 select GENERIC_GETTIMEOFDAY 138 select GENERIC_VDSO_TIME_NS 139 select GUP_GET_PTE_LOW_HIGH if X86_PAE 140 select HARDIRQS_SW_RESEND 141 select HARDLOCKUP_CHECK_TIMESTAMP if X86_64 142 select HAVE_ACPI_APEI if ACPI 143 select HAVE_ACPI_APEI_NMI if ACPI 144 select HAVE_ALIGNED_STRUCT_PAGE if SLUB 145 select HAVE_ARCH_AUDITSYSCALL 146 select HAVE_ARCH_HUGE_VMAP if X86_64 || X86_PAE 147 select HAVE_ARCH_JUMP_LABEL 148 select HAVE_ARCH_JUMP_LABEL_RELATIVE 149 select HAVE_ARCH_KASAN if X86_64 150 select HAVE_ARCH_KASAN_VMALLOC if X86_64 151 select HAVE_ARCH_KGDB 152 select HAVE_ARCH_MMAP_RND_BITS if MMU 153 select HAVE_ARCH_MMAP_RND_COMPAT_BITS if MMU && COMPAT 154 select HAVE_ARCH_COMPAT_MMAP_BASES if MMU && COMPAT 155 select HAVE_ARCH_PREL32_RELOCATIONS 156 select HAVE_ARCH_SECCOMP_FILTER 157 select HAVE_ARCH_THREAD_STRUCT_WHITELIST 158 select HAVE_ARCH_STACKLEAK 159 select HAVE_ARCH_TRACEHOOK 160 select HAVE_ARCH_TRANSPARENT_HUGEPAGE 161 select HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD if X86_64 162 select HAVE_ARCH_USERFAULTFD_WP if X86_64 && USERFAULTFD 163 select HAVE_ARCH_VMAP_STACK if X86_64 164 select HAVE_ARCH_WITHIN_STACK_FRAMES 165 select HAVE_ASM_MODVERSIONS 166 select HAVE_CMPXCHG_DOUBLE 167 select HAVE_CMPXCHG_LOCAL 168 select HAVE_CONTEXT_TRACKING if X86_64 169 select HAVE_C_RECORDMCOUNT 170 select HAVE_DEBUG_KMEMLEAK 171 select HAVE_DMA_CONTIGUOUS 172 select HAVE_DYNAMIC_FTRACE 173 select HAVE_DYNAMIC_FTRACE_WITH_REGS 174 select HAVE_DYNAMIC_FTRACE_WITH_DIRECT_CALLS 175 select HAVE_EBPF_JIT 176 select HAVE_EFFICIENT_UNALIGNED_ACCESS 177 select HAVE_EISA 178 select HAVE_EXIT_THREAD 179 select HAVE_FAST_GUP 180 select HAVE_FENTRY if X86_64 || DYNAMIC_FTRACE 181 select HAVE_FTRACE_MCOUNT_RECORD 182 select HAVE_FUNCTION_GRAPH_TRACER 183 select HAVE_FUNCTION_TRACER 184 select HAVE_GCC_PLUGINS 185 select HAVE_HW_BREAKPOINT 186 select HAVE_IDE 187 select HAVE_IOREMAP_PROT 188 select HAVE_IRQ_TIME_ACCOUNTING 189 select HAVE_KERNEL_BZIP2 190 select HAVE_KERNEL_GZIP 191 select HAVE_KERNEL_LZ4 192 select HAVE_KERNEL_LZMA 193 select HAVE_KERNEL_LZO 194 select HAVE_KERNEL_XZ 195 select HAVE_KERNEL_ZSTD 196 select HAVE_KPROBES 197 select HAVE_KPROBES_ON_FTRACE 198 select HAVE_FUNCTION_ERROR_INJECTION 199 select HAVE_KRETPROBES 200 select HAVE_KVM 201 select HAVE_LIVEPATCH if X86_64 202 select HAVE_MIXED_BREAKPOINTS_REGS 203 select HAVE_MOD_ARCH_SPECIFIC 204 select HAVE_MOVE_PMD 205 select HAVE_NMI 206 select HAVE_OPROFILE 207 select HAVE_OPTPROBES 208 select HAVE_PCSPKR_PLATFORM 209 select HAVE_PERF_EVENTS 210 select HAVE_PERF_EVENTS_NMI 211 select HAVE_HARDLOCKUP_DETECTOR_PERF if PERF_EVENTS && HAVE_PERF_EVENTS_NMI 212 select HAVE_PCI 213 select HAVE_PERF_REGS 214 select HAVE_PERF_USER_STACK_DUMP 215 select MMU_GATHER_RCU_TABLE_FREE if PARAVIRT 216 select HAVE_POSIX_CPU_TIMERS_TASK_WORK 217 select HAVE_REGS_AND_STACK_ACCESS_API 218 select HAVE_RELIABLE_STACKTRACE if X86_64 && (UNWINDER_FRAME_POINTER || UNWINDER_ORC) && STACK_VALIDATION 219 select HAVE_FUNCTION_ARG_ACCESS_API 220 select HAVE_STACKPROTECTOR if CC_HAS_SANE_STACKPROTECTOR 221 select HAVE_STACK_VALIDATION if X86_64 222 select HAVE_STATIC_CALL 223 select HAVE_STATIC_CALL_INLINE if HAVE_STACK_VALIDATION 224 select HAVE_RSEQ 225 select HAVE_SYSCALL_TRACEPOINTS 226 select HAVE_UNSTABLE_SCHED_CLOCK 227 select HAVE_USER_RETURN_NOTIFIER 228 select HAVE_GENERIC_VDSO 229 select HOTPLUG_SMT if SMP 230 select IRQ_FORCED_THREADING 231 select NEED_SG_DMA_LENGTH 232 select PCI_DOMAINS if PCI 233 select PCI_LOCKLESS_CONFIG if PCI 234 select PERF_EVENTS 235 select RTC_LIB 236 select RTC_MC146818_LIB 237 select SPARSE_IRQ 238 select SRCU 239 select STACK_VALIDATION if HAVE_STACK_VALIDATION && (HAVE_STATIC_CALL_INLINE || RETPOLINE) 240 select SYSCTL_EXCEPTION_TRACE 241 select THREAD_INFO_IN_TASK 242 select USER_STACKTRACE_SUPPORT 243 select VIRT_TO_BUS 244 select HAVE_ARCH_KCSAN if X86_64 245 select X86_FEATURE_NAMES if PROC_FS 246 select PROC_PID_ARCH_STATUS if PROC_FS 247 imply IMA_SECURE_AND_OR_TRUSTED_BOOT if EFI 248 249config INSTRUCTION_DECODER 250 def_bool y 251 depends on KPROBES || PERF_EVENTS || UPROBES 252 253config OUTPUT_FORMAT 254 string 255 default "elf32-i386" if X86_32 256 default "elf64-x86-64" if X86_64 257 258config LOCKDEP_SUPPORT 259 def_bool y 260 261config STACKTRACE_SUPPORT 262 def_bool y 263 264config MMU 265 def_bool y 266 267config ARCH_MMAP_RND_BITS_MIN 268 default 28 if 64BIT 269 default 8 270 271config ARCH_MMAP_RND_BITS_MAX 272 default 32 if 64BIT 273 default 16 274 275config ARCH_MMAP_RND_COMPAT_BITS_MIN 276 default 8 277 278config ARCH_MMAP_RND_COMPAT_BITS_MAX 279 default 16 280 281config SBUS 282 bool 283 284config GENERIC_ISA_DMA 285 def_bool y 286 depends on ISA_DMA_API 287 288config GENERIC_BUG 289 def_bool y 290 depends on BUG 291 select GENERIC_BUG_RELATIVE_POINTERS if X86_64 292 293config GENERIC_BUG_RELATIVE_POINTERS 294 bool 295 296config ARCH_MAY_HAVE_PC_FDC 297 def_bool y 298 depends on ISA_DMA_API 299 300config GENERIC_CALIBRATE_DELAY 301 def_bool y 302 303config ARCH_HAS_CPU_RELAX 304 def_bool y 305 306config ARCH_HAS_FILTER_PGPROT 307 def_bool y 308 309config HAVE_SETUP_PER_CPU_AREA 310 def_bool y 311 312config NEED_PER_CPU_EMBED_FIRST_CHUNK 313 def_bool y 314 315config NEED_PER_CPU_PAGE_FIRST_CHUNK 316 def_bool y 317 318config ARCH_HIBERNATION_POSSIBLE 319 def_bool y 320 321config ARCH_SUSPEND_POSSIBLE 322 def_bool y 323 324config ARCH_WANT_GENERAL_HUGETLB 325 def_bool y 326 327config ZONE_DMA32 328 def_bool y if X86_64 329 330config AUDIT_ARCH 331 def_bool y if X86_64 332 333config ARCH_SUPPORTS_DEBUG_PAGEALLOC 334 def_bool y 335 336config KASAN_SHADOW_OFFSET 337 hex 338 depends on KASAN 339 default 0xdffffc0000000000 340 341config HAVE_INTEL_TXT 342 def_bool y 343 depends on INTEL_IOMMU && ACPI 344 345config X86_32_SMP 346 def_bool y 347 depends on X86_32 && SMP 348 349config X86_64_SMP 350 def_bool y 351 depends on X86_64 && SMP 352 353config X86_32_LAZY_GS 354 def_bool y 355 depends on X86_32 && !STACKPROTECTOR 356 357config ARCH_SUPPORTS_UPROBES 358 def_bool y 359 360config FIX_EARLYCON_MEM 361 def_bool y 362 363config DYNAMIC_PHYSICAL_MASK 364 bool 365 366config PGTABLE_LEVELS 367 int 368 default 5 if X86_5LEVEL 369 default 4 if X86_64 370 default 3 if X86_PAE 371 default 2 372 373config CC_HAS_SANE_STACKPROTECTOR 374 bool 375 default $(success,$(srctree)/scripts/gcc-x86_64-has-stack-protector.sh $(CC)) if 64BIT 376 default $(success,$(srctree)/scripts/gcc-x86_32-has-stack-protector.sh $(CC)) 377 help 378 We have to make sure stack protector is unconditionally disabled if 379 the compiler produces broken code. 380 381menu "Processor type and features" 382 383config ZONE_DMA 384 bool "DMA memory allocation support" if EXPERT 385 default y 386 help 387 DMA memory allocation support allows devices with less than 32-bit 388 addressing to allocate within the first 16MB of address space. 389 Disable if no such devices will be used. 390 391 If unsure, say Y. 392 393config SMP 394 bool "Symmetric multi-processing support" 395 help 396 This enables support for systems with more than one CPU. If you have 397 a system with only one CPU, say N. If you have a system with more 398 than one CPU, say Y. 399 400 If you say N here, the kernel will run on uni- and multiprocessor 401 machines, but will use only one CPU of a multiprocessor machine. If 402 you say Y here, the kernel will run on many, but not all, 403 uniprocessor machines. On a uniprocessor machine, the kernel 404 will run faster if you say N here. 405 406 Note that if you say Y here and choose architecture "586" or 407 "Pentium" under "Processor family", the kernel will not work on 486 408 architectures. Similarly, multiprocessor kernels for the "PPro" 409 architecture may not work on all Pentium based boards. 410 411 People using multiprocessor machines who say Y here should also say 412 Y to "Enhanced Real Time Clock Support", below. The "Advanced Power 413 Management" code will be disabled if you say Y here. 414 415 See also <file:Documentation/x86/i386/IO-APIC.rst>, 416 <file:Documentation/admin-guide/lockup-watchdogs.rst> and the SMP-HOWTO available at 417 <http://www.tldp.org/docs.html#howto>. 418 419 If you don't know what to do here, say N. 420 421config X86_FEATURE_NAMES 422 bool "Processor feature human-readable names" if EMBEDDED 423 default y 424 help 425 This option compiles in a table of x86 feature bits and corresponding 426 names. This is required to support /proc/cpuinfo and a few kernel 427 messages. You can disable this to save space, at the expense of 428 making those few kernel messages show numeric feature bits instead. 429 430 If in doubt, say Y. 431 432config X86_X2APIC 433 bool "Support x2apic" 434 depends on X86_LOCAL_APIC && X86_64 && (IRQ_REMAP || HYPERVISOR_GUEST) 435 help 436 This enables x2apic support on CPUs that have this feature. 437 438 This allows 32-bit apic IDs (so it can support very large systems), 439 and accesses the local apic via MSRs not via mmio. 440 441 If you don't know what to do here, say N. 442 443config X86_MPPARSE 444 bool "Enable MPS table" if ACPI || SFI 445 default y 446 depends on X86_LOCAL_APIC 447 help 448 For old smp systems that do not have proper acpi support. Newer systems 449 (esp with 64bit cpus) with acpi support, MADT and DSDT will override it 450 451config GOLDFISH 452 def_bool y 453 depends on X86_GOLDFISH 454 455config X86_CPU_RESCTRL 456 bool "x86 CPU resource control support" 457 depends on X86 && (CPU_SUP_INTEL || CPU_SUP_AMD) 458 select KERNFS 459 select PROC_CPU_RESCTRL if PROC_FS 460 help 461 Enable x86 CPU resource control support. 462 463 Provide support for the allocation and monitoring of system resources 464 usage by the CPU. 465 466 Intel calls this Intel Resource Director Technology 467 (Intel(R) RDT). More information about RDT can be found in the 468 Intel x86 Architecture Software Developer Manual. 469 470 AMD calls this AMD Platform Quality of Service (AMD QoS). 471 More information about AMD QoS can be found in the AMD64 Technology 472 Platform Quality of Service Extensions manual. 473 474 Say N if unsure. 475 476if X86_32 477config X86_BIGSMP 478 bool "Support for big SMP systems with more than 8 CPUs" 479 depends on SMP 480 help 481 This option is needed for the systems that have more than 8 CPUs. 482 483config X86_EXTENDED_PLATFORM 484 bool "Support for extended (non-PC) x86 platforms" 485 default y 486 help 487 If you disable this option then the kernel will only support 488 standard PC platforms. (which covers the vast majority of 489 systems out there.) 490 491 If you enable this option then you'll be able to select support 492 for the following (non-PC) 32 bit x86 platforms: 493 Goldfish (Android emulator) 494 AMD Elan 495 RDC R-321x SoC 496 SGI 320/540 (Visual Workstation) 497 STA2X11-based (e.g. Northville) 498 Moorestown MID devices 499 500 If you have one of these systems, or if you want to build a 501 generic distribution kernel, say Y here - otherwise say N. 502endif 503 504if X86_64 505config X86_EXTENDED_PLATFORM 506 bool "Support for extended (non-PC) x86 platforms" 507 default y 508 help 509 If you disable this option then the kernel will only support 510 standard PC platforms. (which covers the vast majority of 511 systems out there.) 512 513 If you enable this option then you'll be able to select support 514 for the following (non-PC) 64 bit x86 platforms: 515 Numascale NumaChip 516 ScaleMP vSMP 517 SGI Ultraviolet 518 519 If you have one of these systems, or if you want to build a 520 generic distribution kernel, say Y here - otherwise say N. 521endif 522# This is an alphabetically sorted list of 64 bit extended platforms 523# Please maintain the alphabetic order if and when there are additions 524config X86_NUMACHIP 525 bool "Numascale NumaChip" 526 depends on X86_64 527 depends on X86_EXTENDED_PLATFORM 528 depends on NUMA 529 depends on SMP 530 depends on X86_X2APIC 531 depends on PCI_MMCONFIG 532 help 533 Adds support for Numascale NumaChip large-SMP systems. Needed to 534 enable more than ~168 cores. 535 If you don't have one of these, you should say N here. 536 537config X86_VSMP 538 bool "ScaleMP vSMP" 539 select HYPERVISOR_GUEST 540 select PARAVIRT 541 depends on X86_64 && PCI 542 depends on X86_EXTENDED_PLATFORM 543 depends on SMP 544 help 545 Support for ScaleMP vSMP systems. Say 'Y' here if this kernel is 546 supposed to run on these EM64T-based machines. Only choose this option 547 if you have one of these machines. 548 549config X86_UV 550 bool "SGI Ultraviolet" 551 depends on X86_64 552 depends on X86_EXTENDED_PLATFORM 553 depends on NUMA 554 depends on EFI 555 depends on KEXEC_CORE 556 depends on X86_X2APIC 557 depends on PCI 558 help 559 This option is needed in order to support SGI Ultraviolet systems. 560 If you don't have one of these, you should say N here. 561 562# Following is an alphabetically sorted list of 32 bit extended platforms 563# Please maintain the alphabetic order if and when there are additions 564 565config X86_GOLDFISH 566 bool "Goldfish (Virtual Platform)" 567 depends on X86_EXTENDED_PLATFORM 568 help 569 Enable support for the Goldfish virtual platform used primarily 570 for Android development. Unless you are building for the Android 571 Goldfish emulator say N here. 572 573config X86_INTEL_CE 574 bool "CE4100 TV platform" 575 depends on PCI 576 depends on PCI_GODIRECT 577 depends on X86_IO_APIC 578 depends on X86_32 579 depends on X86_EXTENDED_PLATFORM 580 select X86_REBOOTFIXUPS 581 select OF 582 select OF_EARLY_FLATTREE 583 help 584 Select for the Intel CE media processor (CE4100) SOC. 585 This option compiles in support for the CE4100 SOC for settop 586 boxes and media devices. 587 588config X86_INTEL_MID 589 bool "Intel MID platform support" 590 depends on X86_EXTENDED_PLATFORM 591 depends on X86_PLATFORM_DEVICES 592 depends on PCI 593 depends on X86_64 || (PCI_GOANY && X86_32) 594 depends on X86_IO_APIC 595 select SFI 596 select I2C 597 select DW_APB_TIMER 598 select APB_TIMER 599 select INTEL_SCU_PCI 600 select MFD_INTEL_MSIC 601 help 602 Select to build a kernel capable of supporting Intel MID (Mobile 603 Internet Device) platform systems which do not have the PCI legacy 604 interfaces. If you are building for a PC class system say N here. 605 606 Intel MID platforms are based on an Intel processor and chipset which 607 consume less power than most of the x86 derivatives. 608 609config X86_INTEL_QUARK 610 bool "Intel Quark platform support" 611 depends on X86_32 612 depends on X86_EXTENDED_PLATFORM 613 depends on X86_PLATFORM_DEVICES 614 depends on X86_TSC 615 depends on PCI 616 depends on PCI_GOANY 617 depends on X86_IO_APIC 618 select IOSF_MBI 619 select INTEL_IMR 620 select COMMON_CLK 621 help 622 Select to include support for Quark X1000 SoC. 623 Say Y here if you have a Quark based system such as the Arduino 624 compatible Intel Galileo. 625 626config X86_INTEL_LPSS 627 bool "Intel Low Power Subsystem Support" 628 depends on X86 && ACPI && PCI 629 select COMMON_CLK 630 select PINCTRL 631 select IOSF_MBI 632 help 633 Select to build support for Intel Low Power Subsystem such as 634 found on Intel Lynxpoint PCH. Selecting this option enables 635 things like clock tree (common clock framework) and pincontrol 636 which are needed by the LPSS peripheral drivers. 637 638config X86_AMD_PLATFORM_DEVICE 639 bool "AMD ACPI2Platform devices support" 640 depends on ACPI 641 select COMMON_CLK 642 select PINCTRL 643 help 644 Select to interpret AMD specific ACPI device to platform device 645 such as I2C, UART, GPIO found on AMD Carrizo and later chipsets. 646 I2C and UART depend on COMMON_CLK to set clock. GPIO driver is 647 implemented under PINCTRL subsystem. 648 649config IOSF_MBI 650 tristate "Intel SoC IOSF Sideband support for SoC platforms" 651 depends on PCI 652 help 653 This option enables sideband register access support for Intel SoC 654 platforms. On these platforms the IOSF sideband is used in lieu of 655 MSR's for some register accesses, mostly but not limited to thermal 656 and power. Drivers may query the availability of this device to 657 determine if they need the sideband in order to work on these 658 platforms. The sideband is available on the following SoC products. 659 This list is not meant to be exclusive. 660 - BayTrail 661 - Braswell 662 - Quark 663 664 You should say Y if you are running a kernel on one of these SoC's. 665 666config IOSF_MBI_DEBUG 667 bool "Enable IOSF sideband access through debugfs" 668 depends on IOSF_MBI && DEBUG_FS 669 help 670 Select this option to expose the IOSF sideband access registers (MCR, 671 MDR, MCRX) through debugfs to write and read register information from 672 different units on the SoC. This is most useful for obtaining device 673 state information for debug and analysis. As this is a general access 674 mechanism, users of this option would have specific knowledge of the 675 device they want to access. 676 677 If you don't require the option or are in doubt, say N. 678 679config X86_RDC321X 680 bool "RDC R-321x SoC" 681 depends on X86_32 682 depends on X86_EXTENDED_PLATFORM 683 select M486 684 select X86_REBOOTFIXUPS 685 help 686 This option is needed for RDC R-321x system-on-chip, also known 687 as R-8610-(G). 688 If you don't have one of these chips, you should say N here. 689 690config X86_32_NON_STANDARD 691 bool "Support non-standard 32-bit SMP architectures" 692 depends on X86_32 && SMP 693 depends on X86_EXTENDED_PLATFORM 694 help 695 This option compiles in the bigsmp and STA2X11 default 696 subarchitectures. It is intended for a generic binary 697 kernel. If you select them all, kernel will probe it one by 698 one and will fallback to default. 699 700# Alphabetically sorted list of Non standard 32 bit platforms 701 702config X86_SUPPORTS_MEMORY_FAILURE 703 def_bool y 704 # MCE code calls memory_failure(): 705 depends on X86_MCE 706 # On 32-bit this adds too big of NODES_SHIFT and we run out of page flags: 707 # On 32-bit SPARSEMEM adds too big of SECTIONS_WIDTH: 708 depends on X86_64 || !SPARSEMEM 709 select ARCH_SUPPORTS_MEMORY_FAILURE 710 711config STA2X11 712 bool "STA2X11 Companion Chip Support" 713 depends on X86_32_NON_STANDARD && PCI 714 select SWIOTLB 715 select MFD_STA2X11 716 select GPIOLIB 717 help 718 This adds support for boards based on the STA2X11 IO-Hub, 719 a.k.a. "ConneXt". The chip is used in place of the standard 720 PC chipset, so all "standard" peripherals are missing. If this 721 option is selected the kernel will still be able to boot on 722 standard PC machines. 723 724config X86_32_IRIS 725 tristate "Eurobraille/Iris poweroff module" 726 depends on X86_32 727 help 728 The Iris machines from EuroBraille do not have APM or ACPI support 729 to shut themselves down properly. A special I/O sequence is 730 needed to do so, which is what this module does at 731 kernel shutdown. 732 733 This is only for Iris machines from EuroBraille. 734 735 If unused, say N. 736 737config SCHED_OMIT_FRAME_POINTER 738 def_bool y 739 prompt "Single-depth WCHAN output" 740 depends on X86 741 help 742 Calculate simpler /proc/<PID>/wchan values. If this option 743 is disabled then wchan values will recurse back to the 744 caller function. This provides more accurate wchan values, 745 at the expense of slightly more scheduling overhead. 746 747 If in doubt, say "Y". 748 749menuconfig HYPERVISOR_GUEST 750 bool "Linux guest support" 751 help 752 Say Y here to enable options for running Linux under various hyper- 753 visors. This option enables basic hypervisor detection and platform 754 setup. 755 756 If you say N, all options in this submenu will be skipped and 757 disabled, and Linux guest support won't be built in. 758 759if HYPERVISOR_GUEST 760 761config PARAVIRT 762 bool "Enable paravirtualization code" 763 help 764 This changes the kernel so it can modify itself when it is run 765 under a hypervisor, potentially improving performance significantly 766 over full virtualization. However, when run without a hypervisor 767 the kernel is theoretically slower and slightly larger. 768 769config PARAVIRT_XXL 770 bool 771 772config PARAVIRT_DEBUG 773 bool "paravirt-ops debugging" 774 depends on PARAVIRT && DEBUG_KERNEL 775 help 776 Enable to debug paravirt_ops internals. Specifically, BUG if 777 a paravirt_op is missing when it is called. 778 779config PARAVIRT_SPINLOCKS 780 bool "Paravirtualization layer for spinlocks" 781 depends on PARAVIRT && SMP 782 help 783 Paravirtualized spinlocks allow a pvops backend to replace the 784 spinlock implementation with something virtualization-friendly 785 (for example, block the virtual CPU rather than spinning). 786 787 It has a minimal impact on native kernels and gives a nice performance 788 benefit on paravirtualized KVM / Xen kernels. 789 790 If you are unsure how to answer this question, answer Y. 791 792config X86_HV_CALLBACK_VECTOR 793 def_bool n 794 795source "arch/x86/xen/Kconfig" 796 797config KVM_GUEST 798 bool "KVM Guest support (including kvmclock)" 799 depends on PARAVIRT 800 select PARAVIRT_CLOCK 801 select ARCH_CPUIDLE_HALTPOLL 802 select X86_HV_CALLBACK_VECTOR 803 default y 804 help 805 This option enables various optimizations for running under the KVM 806 hypervisor. It includes a paravirtualized clock, so that instead 807 of relying on a PIT (or probably other) emulation by the 808 underlying device model, the host provides the guest with 809 timing infrastructure such as time of day, and system time 810 811config ARCH_CPUIDLE_HALTPOLL 812 def_bool n 813 prompt "Disable host haltpoll when loading haltpoll driver" 814 help 815 If virtualized under KVM, disable host haltpoll. 816 817config PVH 818 bool "Support for running PVH guests" 819 help 820 This option enables the PVH entry point for guest virtual machines 821 as specified in the x86/HVM direct boot ABI. 822 823config PARAVIRT_TIME_ACCOUNTING 824 bool "Paravirtual steal time accounting" 825 depends on PARAVIRT 826 help 827 Select this option to enable fine granularity task steal time 828 accounting. Time spent executing other tasks in parallel with 829 the current vCPU is discounted from the vCPU power. To account for 830 that, there can be a small performance impact. 831 832 If in doubt, say N here. 833 834config PARAVIRT_CLOCK 835 bool 836 837config JAILHOUSE_GUEST 838 bool "Jailhouse non-root cell support" 839 depends on X86_64 && PCI 840 select X86_PM_TIMER 841 help 842 This option allows to run Linux as guest in a Jailhouse non-root 843 cell. You can leave this option disabled if you only want to start 844 Jailhouse and run Linux afterwards in the root cell. 845 846config ACRN_GUEST 847 bool "ACRN Guest support" 848 depends on X86_64 849 select X86_HV_CALLBACK_VECTOR 850 help 851 This option allows to run Linux as guest in the ACRN hypervisor. ACRN is 852 a flexible, lightweight reference open-source hypervisor, built with 853 real-time and safety-criticality in mind. It is built for embedded 854 IOT with small footprint and real-time features. More details can be 855 found in https://projectacrn.org/. 856 857endif #HYPERVISOR_GUEST 858 859source "arch/x86/Kconfig.cpu" 860 861config HPET_TIMER 862 def_bool X86_64 863 prompt "HPET Timer Support" if X86_32 864 help 865 Use the IA-PC HPET (High Precision Event Timer) to manage 866 time in preference to the PIT and RTC, if a HPET is 867 present. 868 HPET is the next generation timer replacing legacy 8254s. 869 The HPET provides a stable time base on SMP 870 systems, unlike the TSC, but it is more expensive to access, 871 as it is off-chip. The interface used is documented 872 in the HPET spec, revision 1. 873 874 You can safely choose Y here. However, HPET will only be 875 activated if the platform and the BIOS support this feature. 876 Otherwise the 8254 will be used for timing services. 877 878 Choose N to continue using the legacy 8254 timer. 879 880config HPET_EMULATE_RTC 881 def_bool y 882 depends on HPET_TIMER && (RTC=y || RTC=m || RTC_DRV_CMOS=m || RTC_DRV_CMOS=y) 883 884config APB_TIMER 885 def_bool y if X86_INTEL_MID 886 prompt "Intel MID APB Timer Support" if X86_INTEL_MID 887 select DW_APB_TIMER 888 depends on X86_INTEL_MID && SFI 889 help 890 APB timer is the replacement for 8254, HPET on X86 MID platforms. 891 The APBT provides a stable time base on SMP 892 systems, unlike the TSC, but it is more expensive to access, 893 as it is off-chip. APB timers are always running regardless of CPU 894 C states, they are used as per CPU clockevent device when possible. 895 896# Mark as expert because too many people got it wrong. 897# The code disables itself when not needed. 898config DMI 899 default y 900 select DMI_SCAN_MACHINE_NON_EFI_FALLBACK 901 bool "Enable DMI scanning" if EXPERT 902 help 903 Enabled scanning of DMI to identify machine quirks. Say Y 904 here unless you have verified that your setup is not 905 affected by entries in the DMI blacklist. Required by PNP 906 BIOS code. 907 908config GART_IOMMU 909 bool "Old AMD GART IOMMU support" 910 select DMA_OPS 911 select IOMMU_HELPER 912 select SWIOTLB 913 depends on X86_64 && PCI && AMD_NB 914 help 915 Provides a driver for older AMD Athlon64/Opteron/Turion/Sempron 916 GART based hardware IOMMUs. 917 918 The GART supports full DMA access for devices with 32-bit access 919 limitations, on systems with more than 3 GB. This is usually needed 920 for USB, sound, many IDE/SATA chipsets and some other devices. 921 922 Newer systems typically have a modern AMD IOMMU, supported via 923 the CONFIG_AMD_IOMMU=y config option. 924 925 In normal configurations this driver is only active when needed: 926 there's more than 3 GB of memory and the system contains a 927 32-bit limited device. 928 929 If unsure, say Y. 930 931config MAXSMP 932 bool "Enable Maximum number of SMP Processors and NUMA Nodes" 933 depends on X86_64 && SMP && DEBUG_KERNEL 934 select CPUMASK_OFFSTACK 935 help 936 Enable maximum number of CPUS and NUMA Nodes for this architecture. 937 If unsure, say N. 938 939# 940# The maximum number of CPUs supported: 941# 942# The main config value is NR_CPUS, which defaults to NR_CPUS_DEFAULT, 943# and which can be configured interactively in the 944# [NR_CPUS_RANGE_BEGIN ... NR_CPUS_RANGE_END] range. 945# 946# The ranges are different on 32-bit and 64-bit kernels, depending on 947# hardware capabilities and scalability features of the kernel. 948# 949# ( If MAXSMP is enabled we just use the highest possible value and disable 950# interactive configuration. ) 951# 952 953config NR_CPUS_RANGE_BEGIN 954 int 955 default NR_CPUS_RANGE_END if MAXSMP 956 default 1 if !SMP 957 default 2 958 959config NR_CPUS_RANGE_END 960 int 961 depends on X86_32 962 default 64 if SMP && X86_BIGSMP 963 default 8 if SMP && !X86_BIGSMP 964 default 1 if !SMP 965 966config NR_CPUS_RANGE_END 967 int 968 depends on X86_64 969 default 8192 if SMP && CPUMASK_OFFSTACK 970 default 512 if SMP && !CPUMASK_OFFSTACK 971 default 1 if !SMP 972 973config NR_CPUS_DEFAULT 974 int 975 depends on X86_32 976 default 32 if X86_BIGSMP 977 default 8 if SMP 978 default 1 if !SMP 979 980config NR_CPUS_DEFAULT 981 int 982 depends on X86_64 983 default 8192 if MAXSMP 984 default 64 if SMP 985 default 1 if !SMP 986 987config NR_CPUS 988 int "Maximum number of CPUs" if SMP && !MAXSMP 989 range NR_CPUS_RANGE_BEGIN NR_CPUS_RANGE_END 990 default NR_CPUS_DEFAULT 991 help 992 This allows you to specify the maximum number of CPUs which this 993 kernel will support. If CPUMASK_OFFSTACK is enabled, the maximum 994 supported value is 8192, otherwise the maximum value is 512. The 995 minimum value which makes sense is 2. 996 997 This is purely to save memory: each supported CPU adds about 8KB 998 to the kernel image. 999 1000config SCHED_SMT 1001 def_bool y if SMP 1002 1003config SCHED_MC 1004 def_bool y 1005 prompt "Multi-core scheduler support" 1006 depends on SMP 1007 help 1008 Multi-core scheduler support improves the CPU scheduler's decision 1009 making when dealing with multi-core CPU chips at a cost of slightly 1010 increased overhead in some places. If unsure say N here. 1011 1012config SCHED_MC_PRIO 1013 bool "CPU core priorities scheduler support" 1014 depends on SCHED_MC && CPU_SUP_INTEL 1015 select X86_INTEL_PSTATE 1016 select CPU_FREQ 1017 default y 1018 help 1019 Intel Turbo Boost Max Technology 3.0 enabled CPUs have a 1020 core ordering determined at manufacturing time, which allows 1021 certain cores to reach higher turbo frequencies (when running 1022 single threaded workloads) than others. 1023 1024 Enabling this kernel feature teaches the scheduler about 1025 the TBM3 (aka ITMT) priority order of the CPU cores and adjusts the 1026 scheduler's CPU selection logic accordingly, so that higher 1027 overall system performance can be achieved. 1028 1029 This feature will have no effect on CPUs without this feature. 1030 1031 If unsure say Y here. 1032 1033config UP_LATE_INIT 1034 def_bool y 1035 depends on !SMP && X86_LOCAL_APIC 1036 1037config X86_UP_APIC 1038 bool "Local APIC support on uniprocessors" if !PCI_MSI 1039 default PCI_MSI 1040 depends on X86_32 && !SMP && !X86_32_NON_STANDARD 1041 help 1042 A local APIC (Advanced Programmable Interrupt Controller) is an 1043 integrated interrupt controller in the CPU. If you have a single-CPU 1044 system which has a processor with a local APIC, you can say Y here to 1045 enable and use it. If you say Y here even though your machine doesn't 1046 have a local APIC, then the kernel will still run with no slowdown at 1047 all. The local APIC supports CPU-generated self-interrupts (timer, 1048 performance counters), and the NMI watchdog which detects hard 1049 lockups. 1050 1051config X86_UP_IOAPIC 1052 bool "IO-APIC support on uniprocessors" 1053 depends on X86_UP_APIC 1054 help 1055 An IO-APIC (I/O Advanced Programmable Interrupt Controller) is an 1056 SMP-capable replacement for PC-style interrupt controllers. Most 1057 SMP systems and many recent uniprocessor systems have one. 1058 1059 If you have a single-CPU system with an IO-APIC, you can say Y here 1060 to use it. If you say Y here even though your machine doesn't have 1061 an IO-APIC, then the kernel will still run with no slowdown at all. 1062 1063config X86_LOCAL_APIC 1064 def_bool y 1065 depends on X86_64 || SMP || X86_32_NON_STANDARD || X86_UP_APIC || PCI_MSI 1066 select IRQ_DOMAIN_HIERARCHY 1067 select PCI_MSI_IRQ_DOMAIN if PCI_MSI 1068 1069config X86_IO_APIC 1070 def_bool y 1071 depends on X86_LOCAL_APIC || X86_UP_IOAPIC 1072 1073config X86_REROUTE_FOR_BROKEN_BOOT_IRQS 1074 bool "Reroute for broken boot IRQs" 1075 depends on X86_IO_APIC 1076 help 1077 This option enables a workaround that fixes a source of 1078 spurious interrupts. This is recommended when threaded 1079 interrupt handling is used on systems where the generation of 1080 superfluous "boot interrupts" cannot be disabled. 1081 1082 Some chipsets generate a legacy INTx "boot IRQ" when the IRQ 1083 entry in the chipset's IO-APIC is masked (as, e.g. the RT 1084 kernel does during interrupt handling). On chipsets where this 1085 boot IRQ generation cannot be disabled, this workaround keeps 1086 the original IRQ line masked so that only the equivalent "boot 1087 IRQ" is delivered to the CPUs. The workaround also tells the 1088 kernel to set up the IRQ handler on the boot IRQ line. In this 1089 way only one interrupt is delivered to the kernel. Otherwise 1090 the spurious second interrupt may cause the kernel to bring 1091 down (vital) interrupt lines. 1092 1093 Only affects "broken" chipsets. Interrupt sharing may be 1094 increased on these systems. 1095 1096config X86_MCE 1097 bool "Machine Check / overheating reporting" 1098 select GENERIC_ALLOCATOR 1099 default y 1100 help 1101 Machine Check support allows the processor to notify the 1102 kernel if it detects a problem (e.g. overheating, data corruption). 1103 The action the kernel takes depends on the severity of the problem, 1104 ranging from warning messages to halting the machine. 1105 1106config X86_MCELOG_LEGACY 1107 bool "Support for deprecated /dev/mcelog character device" 1108 depends on X86_MCE 1109 help 1110 Enable support for /dev/mcelog which is needed by the old mcelog 1111 userspace logging daemon. Consider switching to the new generation 1112 rasdaemon solution. 1113 1114config X86_MCE_INTEL 1115 def_bool y 1116 prompt "Intel MCE features" 1117 depends on X86_MCE && X86_LOCAL_APIC 1118 help 1119 Additional support for intel specific MCE features such as 1120 the thermal monitor. 1121 1122config X86_MCE_AMD 1123 def_bool y 1124 prompt "AMD MCE features" 1125 depends on X86_MCE && X86_LOCAL_APIC && AMD_NB 1126 help 1127 Additional support for AMD specific MCE features such as 1128 the DRAM Error Threshold. 1129 1130config X86_ANCIENT_MCE 1131 bool "Support for old Pentium 5 / WinChip machine checks" 1132 depends on X86_32 && X86_MCE 1133 help 1134 Include support for machine check handling on old Pentium 5 or WinChip 1135 systems. These typically need to be enabled explicitly on the command 1136 line. 1137 1138config X86_MCE_THRESHOLD 1139 depends on X86_MCE_AMD || X86_MCE_INTEL 1140 def_bool y 1141 1142config X86_MCE_INJECT 1143 depends on X86_MCE && X86_LOCAL_APIC && DEBUG_FS 1144 tristate "Machine check injector support" 1145 help 1146 Provide support for injecting machine checks for testing purposes. 1147 If you don't know what a machine check is and you don't do kernel 1148 QA it is safe to say n. 1149 1150config X86_THERMAL_VECTOR 1151 def_bool y 1152 depends on X86_MCE_INTEL 1153 1154source "arch/x86/events/Kconfig" 1155 1156config X86_LEGACY_VM86 1157 bool "Legacy VM86 support" 1158 depends on X86_32 1159 help 1160 This option allows user programs to put the CPU into V8086 1161 mode, which is an 80286-era approximation of 16-bit real mode. 1162 1163 Some very old versions of X and/or vbetool require this option 1164 for user mode setting. Similarly, DOSEMU will use it if 1165 available to accelerate real mode DOS programs. However, any 1166 recent version of DOSEMU, X, or vbetool should be fully 1167 functional even without kernel VM86 support, as they will all 1168 fall back to software emulation. Nevertheless, if you are using 1169 a 16-bit DOS program where 16-bit performance matters, vm86 1170 mode might be faster than emulation and you might want to 1171 enable this option. 1172 1173 Note that any app that works on a 64-bit kernel is unlikely to 1174 need this option, as 64-bit kernels don't, and can't, support 1175 V8086 mode. This option is also unrelated to 16-bit protected 1176 mode and is not needed to run most 16-bit programs under Wine. 1177 1178 Enabling this option increases the complexity of the kernel 1179 and slows down exception handling a tiny bit. 1180 1181 If unsure, say N here. 1182 1183config VM86 1184 bool 1185 default X86_LEGACY_VM86 1186 1187config X86_16BIT 1188 bool "Enable support for 16-bit segments" if EXPERT 1189 default y 1190 depends on MODIFY_LDT_SYSCALL 1191 help 1192 This option is required by programs like Wine to run 16-bit 1193 protected mode legacy code on x86 processors. Disabling 1194 this option saves about 300 bytes on i386, or around 6K text 1195 plus 16K runtime memory on x86-64, 1196 1197config X86_ESPFIX32 1198 def_bool y 1199 depends on X86_16BIT && X86_32 1200 1201config X86_ESPFIX64 1202 def_bool y 1203 depends on X86_16BIT && X86_64 1204 1205config X86_VSYSCALL_EMULATION 1206 bool "Enable vsyscall emulation" if EXPERT 1207 default y 1208 depends on X86_64 1209 help 1210 This enables emulation of the legacy vsyscall page. Disabling 1211 it is roughly equivalent to booting with vsyscall=none, except 1212 that it will also disable the helpful warning if a program 1213 tries to use a vsyscall. With this option set to N, offending 1214 programs will just segfault, citing addresses of the form 1215 0xffffffffff600?00. 1216 1217 This option is required by many programs built before 2013, and 1218 care should be used even with newer programs if set to N. 1219 1220 Disabling this option saves about 7K of kernel size and 1221 possibly 4K of additional runtime pagetable memory. 1222 1223config X86_IOPL_IOPERM 1224 bool "IOPERM and IOPL Emulation" 1225 default y 1226 help 1227 This enables the ioperm() and iopl() syscalls which are necessary 1228 for legacy applications. 1229 1230 Legacy IOPL support is an overbroad mechanism which allows user 1231 space aside of accessing all 65536 I/O ports also to disable 1232 interrupts. To gain this access the caller needs CAP_SYS_RAWIO 1233 capabilities and permission from potentially active security 1234 modules. 1235 1236 The emulation restricts the functionality of the syscall to 1237 only allowing the full range I/O port access, but prevents the 1238 ability to disable interrupts from user space which would be 1239 granted if the hardware IOPL mechanism would be used. 1240 1241config TOSHIBA 1242 tristate "Toshiba Laptop support" 1243 depends on X86_32 1244 help 1245 This adds a driver to safely access the System Management Mode of 1246 the CPU on Toshiba portables with a genuine Toshiba BIOS. It does 1247 not work on models with a Phoenix BIOS. The System Management Mode 1248 is used to set the BIOS and power saving options on Toshiba portables. 1249 1250 For information on utilities to make use of this driver see the 1251 Toshiba Linux utilities web site at: 1252 <http://www.buzzard.org.uk/toshiba/>. 1253 1254 Say Y if you intend to run this kernel on a Toshiba portable. 1255 Say N otherwise. 1256 1257config I8K 1258 tristate "Dell i8k legacy laptop support" 1259 depends on HWMON 1260 depends on PROC_FS 1261 select SENSORS_DELL_SMM 1262 help 1263 This option enables legacy /proc/i8k userspace interface in hwmon 1264 dell-smm-hwmon driver. Character file /proc/i8k reports bios version, 1265 temperature and allows controlling fan speeds of Dell laptops via 1266 System Management Mode. For old Dell laptops (like Dell Inspiron 8000) 1267 it reports also power and hotkey status. For fan speed control is 1268 needed userspace package i8kutils. 1269 1270 Say Y if you intend to run this kernel on old Dell laptops or want to 1271 use userspace package i8kutils. 1272 Say N otherwise. 1273 1274config X86_REBOOTFIXUPS 1275 bool "Enable X86 board specific fixups for reboot" 1276 depends on X86_32 1277 help 1278 This enables chipset and/or board specific fixups to be done 1279 in order to get reboot to work correctly. This is only needed on 1280 some combinations of hardware and BIOS. The symptom, for which 1281 this config is intended, is when reboot ends with a stalled/hung 1282 system. 1283 1284 Currently, the only fixup is for the Geode machines using 1285 CS5530A and CS5536 chipsets and the RDC R-321x SoC. 1286 1287 Say Y if you want to enable the fixup. Currently, it's safe to 1288 enable this option even if you don't need it. 1289 Say N otherwise. 1290 1291config MICROCODE 1292 bool "CPU microcode loading support" 1293 default y 1294 depends on CPU_SUP_AMD || CPU_SUP_INTEL 1295 help 1296 If you say Y here, you will be able to update the microcode on 1297 Intel and AMD processors. The Intel support is for the IA32 family, 1298 e.g. Pentium Pro, Pentium II, Pentium III, Pentium 4, Xeon etc. The 1299 AMD support is for families 0x10 and later. You will obviously need 1300 the actual microcode binary data itself which is not shipped with 1301 the Linux kernel. 1302 1303 The preferred method to load microcode from a detached initrd is described 1304 in Documentation/x86/microcode.rst. For that you need to enable 1305 CONFIG_BLK_DEV_INITRD in order for the loader to be able to scan the 1306 initrd for microcode blobs. 1307 1308 In addition, you can build the microcode into the kernel. For that you 1309 need to add the vendor-supplied microcode to the CONFIG_EXTRA_FIRMWARE 1310 config option. 1311 1312config MICROCODE_INTEL 1313 bool "Intel microcode loading support" 1314 depends on CPU_SUP_INTEL && MICROCODE 1315 default MICROCODE 1316 help 1317 This options enables microcode patch loading support for Intel 1318 processors. 1319 1320 For the current Intel microcode data package go to 1321 <https://downloadcenter.intel.com> and search for 1322 'Linux Processor Microcode Data File'. 1323 1324config MICROCODE_AMD 1325 bool "AMD microcode loading support" 1326 depends on CPU_SUP_AMD && MICROCODE 1327 help 1328 If you select this option, microcode patch loading support for AMD 1329 processors will be enabled. 1330 1331config MICROCODE_LATE_LOADING 1332 bool "Late microcode loading (DANGEROUS)" 1333 default n 1334 depends on MICROCODE 1335 help 1336 Loading microcode late, when the system is up and executing instructions 1337 is a tricky business and should be avoided if possible. Just the sequence 1338 of synchronizing all cores and SMT threads is one fragile dance which does 1339 not guarantee that cores might not softlock after the loading. Therefore, 1340 use this at your own risk. Late loading taints the kernel too. 1341 1342config X86_MSR 1343 tristate "/dev/cpu/*/msr - Model-specific register support" 1344 help 1345 This device gives privileged processes access to the x86 1346 Model-Specific Registers (MSRs). It is a character device with 1347 major 202 and minors 0 to 31 for /dev/cpu/0/msr to /dev/cpu/31/msr. 1348 MSR accesses are directed to a specific CPU on multi-processor 1349 systems. 1350 1351config X86_CPUID 1352 tristate "/dev/cpu/*/cpuid - CPU information support" 1353 help 1354 This device gives processes access to the x86 CPUID instruction to 1355 be executed on a specific processor. It is a character device 1356 with major 203 and minors 0 to 31 for /dev/cpu/0/cpuid to 1357 /dev/cpu/31/cpuid. 1358 1359choice 1360 prompt "High Memory Support" 1361 default HIGHMEM4G 1362 depends on X86_32 1363 1364config NOHIGHMEM 1365 bool "off" 1366 help 1367 Linux can use up to 64 Gigabytes of physical memory on x86 systems. 1368 However, the address space of 32-bit x86 processors is only 4 1369 Gigabytes large. That means that, if you have a large amount of 1370 physical memory, not all of it can be "permanently mapped" by the 1371 kernel. The physical memory that's not permanently mapped is called 1372 "high memory". 1373 1374 If you are compiling a kernel which will never run on a machine with 1375 more than 1 Gigabyte total physical RAM, answer "off" here (default 1376 choice and suitable for most users). This will result in a "3GB/1GB" 1377 split: 3GB are mapped so that each process sees a 3GB virtual memory 1378 space and the remaining part of the 4GB virtual memory space is used 1379 by the kernel to permanently map as much physical memory as 1380 possible. 1381 1382 If the machine has between 1 and 4 Gigabytes physical RAM, then 1383 answer "4GB" here. 1384 1385 If more than 4 Gigabytes is used then answer "64GB" here. This 1386 selection turns Intel PAE (Physical Address Extension) mode on. 1387 PAE implements 3-level paging on IA32 processors. PAE is fully 1388 supported by Linux, PAE mode is implemented on all recent Intel 1389 processors (Pentium Pro and better). NOTE: If you say "64GB" here, 1390 then the kernel will not boot on CPUs that don't support PAE! 1391 1392 The actual amount of total physical memory will either be 1393 auto detected or can be forced by using a kernel command line option 1394 such as "mem=256M". (Try "man bootparam" or see the documentation of 1395 your boot loader (lilo or loadlin) about how to pass options to the 1396 kernel at boot time.) 1397 1398 If unsure, say "off". 1399 1400config HIGHMEM4G 1401 bool "4GB" 1402 help 1403 Select this if you have a 32-bit processor and between 1 and 4 1404 gigabytes of physical RAM. 1405 1406config HIGHMEM64G 1407 bool "64GB" 1408 depends on !M486SX && !M486 && !M586 && !M586TSC && !M586MMX && !MGEODE_LX && !MGEODEGX1 && !MCYRIXIII && !MELAN && !MWINCHIPC6 && !MWINCHIP3D && !MK6 1409 select X86_PAE 1410 help 1411 Select this if you have a 32-bit processor and more than 4 1412 gigabytes of physical RAM. 1413 1414endchoice 1415 1416choice 1417 prompt "Memory split" if EXPERT 1418 default VMSPLIT_3G 1419 depends on X86_32 1420 help 1421 Select the desired split between kernel and user memory. 1422 1423 If the address range available to the kernel is less than the 1424 physical memory installed, the remaining memory will be available 1425 as "high memory". Accessing high memory is a little more costly 1426 than low memory, as it needs to be mapped into the kernel first. 1427 Note that increasing the kernel address space limits the range 1428 available to user programs, making the address space there 1429 tighter. Selecting anything other than the default 3G/1G split 1430 will also likely make your kernel incompatible with binary-only 1431 kernel modules. 1432 1433 If you are not absolutely sure what you are doing, leave this 1434 option alone! 1435 1436 config VMSPLIT_3G 1437 bool "3G/1G user/kernel split" 1438 config VMSPLIT_3G_OPT 1439 depends on !X86_PAE 1440 bool "3G/1G user/kernel split (for full 1G low memory)" 1441 config VMSPLIT_2G 1442 bool "2G/2G user/kernel split" 1443 config VMSPLIT_2G_OPT 1444 depends on !X86_PAE 1445 bool "2G/2G user/kernel split (for full 2G low memory)" 1446 config VMSPLIT_1G 1447 bool "1G/3G user/kernel split" 1448endchoice 1449 1450config PAGE_OFFSET 1451 hex 1452 default 0xB0000000 if VMSPLIT_3G_OPT 1453 default 0x80000000 if VMSPLIT_2G 1454 default 0x78000000 if VMSPLIT_2G_OPT 1455 default 0x40000000 if VMSPLIT_1G 1456 default 0xC0000000 1457 depends on X86_32 1458 1459config HIGHMEM 1460 def_bool y 1461 depends on X86_32 && (HIGHMEM64G || HIGHMEM4G) 1462 1463config X86_PAE 1464 bool "PAE (Physical Address Extension) Support" 1465 depends on X86_32 && !HIGHMEM4G 1466 select PHYS_ADDR_T_64BIT 1467 select SWIOTLB 1468 help 1469 PAE is required for NX support, and furthermore enables 1470 larger swapspace support for non-overcommit purposes. It 1471 has the cost of more pagetable lookup overhead, and also 1472 consumes more pagetable space per process. 1473 1474config X86_5LEVEL 1475 bool "Enable 5-level page tables support" 1476 default y 1477 select DYNAMIC_MEMORY_LAYOUT 1478 select SPARSEMEM_VMEMMAP 1479 depends on X86_64 1480 help 1481 5-level paging enables access to larger address space: 1482 upto 128 PiB of virtual address space and 4 PiB of 1483 physical address space. 1484 1485 It will be supported by future Intel CPUs. 1486 1487 A kernel with the option enabled can be booted on machines that 1488 support 4- or 5-level paging. 1489 1490 See Documentation/x86/x86_64/5level-paging.rst for more 1491 information. 1492 1493 Say N if unsure. 1494 1495config X86_DIRECT_GBPAGES 1496 def_bool y 1497 depends on X86_64 1498 help 1499 Certain kernel features effectively disable kernel 1500 linear 1 GB mappings (even if the CPU otherwise 1501 supports them), so don't confuse the user by printing 1502 that we have them enabled. 1503 1504config X86_CPA_STATISTICS 1505 bool "Enable statistic for Change Page Attribute" 1506 depends on DEBUG_FS 1507 help 1508 Expose statistics about the Change Page Attribute mechanism, which 1509 helps to determine the effectiveness of preserving large and huge 1510 page mappings when mapping protections are changed. 1511 1512config AMD_MEM_ENCRYPT 1513 bool "AMD Secure Memory Encryption (SME) support" 1514 depends on X86_64 && CPU_SUP_AMD 1515 select DMA_COHERENT_POOL 1516 select DYNAMIC_PHYSICAL_MASK 1517 select ARCH_USE_MEMREMAP_PROT 1518 select ARCH_HAS_FORCE_DMA_UNENCRYPTED 1519 select INSTRUCTION_DECODER 1520 select ARCH_HAS_CC_PLATFORM 1521 help 1522 Say yes to enable support for the encryption of system memory. 1523 This requires an AMD processor that supports Secure Memory 1524 Encryption (SME). 1525 1526config AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT 1527 bool "Activate AMD Secure Memory Encryption (SME) by default" 1528 depends on AMD_MEM_ENCRYPT 1529 help 1530 Say yes to have system memory encrypted by default if running on 1531 an AMD processor that supports Secure Memory Encryption (SME). 1532 1533 If set to Y, then the encryption of system memory can be 1534 deactivated with the mem_encrypt=off command line option. 1535 1536 If set to N, then the encryption of system memory can be 1537 activated with the mem_encrypt=on command line option. 1538 1539# Common NUMA Features 1540config NUMA 1541 bool "NUMA Memory Allocation and Scheduler Support" 1542 depends on SMP 1543 depends on X86_64 || (X86_32 && HIGHMEM64G && X86_BIGSMP) 1544 default y if X86_BIGSMP 1545 help 1546 Enable NUMA (Non-Uniform Memory Access) support. 1547 1548 The kernel will try to allocate memory used by a CPU on the 1549 local memory controller of the CPU and add some more 1550 NUMA awareness to the kernel. 1551 1552 For 64-bit this is recommended if the system is Intel Core i7 1553 (or later), AMD Opteron, or EM64T NUMA. 1554 1555 For 32-bit this is only needed if you boot a 32-bit 1556 kernel on a 64-bit NUMA platform. 1557 1558 Otherwise, you should say N. 1559 1560config AMD_NUMA 1561 def_bool y 1562 prompt "Old style AMD Opteron NUMA detection" 1563 depends on X86_64 && NUMA && PCI 1564 help 1565 Enable AMD NUMA node topology detection. You should say Y here if 1566 you have a multi processor AMD system. This uses an old method to 1567 read the NUMA configuration directly from the builtin Northbridge 1568 of Opteron. It is recommended to use X86_64_ACPI_NUMA instead, 1569 which also takes priority if both are compiled in. 1570 1571config X86_64_ACPI_NUMA 1572 def_bool y 1573 prompt "ACPI NUMA detection" 1574 depends on X86_64 && NUMA && ACPI && PCI 1575 select ACPI_NUMA 1576 help 1577 Enable ACPI SRAT based node topology detection. 1578 1579config NUMA_EMU 1580 bool "NUMA emulation" 1581 depends on NUMA 1582 help 1583 Enable NUMA emulation. A flat machine will be split 1584 into virtual nodes when booted with "numa=fake=N", where N is the 1585 number of nodes. This is only useful for debugging. 1586 1587config NODES_SHIFT 1588 int "Maximum NUMA Nodes (as a power of 2)" if !MAXSMP 1589 range 1 10 1590 default "10" if MAXSMP 1591 default "6" if X86_64 1592 default "3" 1593 depends on NEED_MULTIPLE_NODES 1594 help 1595 Specify the maximum number of NUMA Nodes available on the target 1596 system. Increases memory reserved to accommodate various tables. 1597 1598config ARCH_FLATMEM_ENABLE 1599 def_bool y 1600 depends on X86_32 && !NUMA 1601 1602config ARCH_SPARSEMEM_ENABLE 1603 def_bool y 1604 depends on X86_64 || NUMA || X86_32 || X86_32_NON_STANDARD 1605 select SPARSEMEM_STATIC if X86_32 1606 select SPARSEMEM_VMEMMAP_ENABLE if X86_64 1607 1608config ARCH_SPARSEMEM_DEFAULT 1609 def_bool X86_64 || (NUMA && X86_32) 1610 1611config ARCH_SELECT_MEMORY_MODEL 1612 def_bool y 1613 depends on ARCH_SPARSEMEM_ENABLE 1614 1615config ARCH_MEMORY_PROBE 1616 bool "Enable sysfs memory/probe interface" 1617 depends on X86_64 && MEMORY_HOTPLUG 1618 help 1619 This option enables a sysfs memory/probe interface for testing. 1620 See Documentation/admin-guide/mm/memory-hotplug.rst for more information. 1621 If you are unsure how to answer this question, answer N. 1622 1623config ARCH_PROC_KCORE_TEXT 1624 def_bool y 1625 depends on X86_64 && PROC_KCORE 1626 1627config ILLEGAL_POINTER_VALUE 1628 hex 1629 default 0 if X86_32 1630 default 0xdead000000000000 if X86_64 1631 1632config X86_PMEM_LEGACY_DEVICE 1633 bool 1634 1635config X86_PMEM_LEGACY 1636 tristate "Support non-standard NVDIMMs and ADR protected memory" 1637 depends on PHYS_ADDR_T_64BIT 1638 depends on BLK_DEV 1639 select X86_PMEM_LEGACY_DEVICE 1640 select NUMA_KEEP_MEMINFO if NUMA 1641 select LIBNVDIMM 1642 help 1643 Treat memory marked using the non-standard e820 type of 12 as used 1644 by the Intel Sandy Bridge-EP reference BIOS as protected memory. 1645 The kernel will offer these regions to the 'pmem' driver so 1646 they can be used for persistent storage. 1647 1648 Say Y if unsure. 1649 1650config HIGHPTE 1651 bool "Allocate 3rd-level pagetables from highmem" 1652 depends on HIGHMEM 1653 help 1654 The VM uses one page table entry for each page of physical memory. 1655 For systems with a lot of RAM, this can be wasteful of precious 1656 low memory. Setting this option will put user-space page table 1657 entries in high memory. 1658 1659config X86_CHECK_BIOS_CORRUPTION 1660 bool "Check for low memory corruption" 1661 help 1662 Periodically check for memory corruption in low memory, which 1663 is suspected to be caused by BIOS. Even when enabled in the 1664 configuration, it is disabled at runtime. Enable it by 1665 setting "memory_corruption_check=1" on the kernel command 1666 line. By default it scans the low 64k of memory every 60 1667 seconds; see the memory_corruption_check_size and 1668 memory_corruption_check_period parameters in 1669 Documentation/admin-guide/kernel-parameters.rst to adjust this. 1670 1671 When enabled with the default parameters, this option has 1672 almost no overhead, as it reserves a relatively small amount 1673 of memory and scans it infrequently. It both detects corruption 1674 and prevents it from affecting the running system. 1675 1676 It is, however, intended as a diagnostic tool; if repeatable 1677 BIOS-originated corruption always affects the same memory, 1678 you can use memmap= to prevent the kernel from using that 1679 memory. 1680 1681config X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK 1682 bool "Set the default setting of memory_corruption_check" 1683 depends on X86_CHECK_BIOS_CORRUPTION 1684 default y 1685 help 1686 Set whether the default state of memory_corruption_check is 1687 on or off. 1688 1689config X86_RESERVE_LOW 1690 int "Amount of low memory, in kilobytes, to reserve for the BIOS" 1691 default 64 1692 range 4 640 1693 help 1694 Specify the amount of low memory to reserve for the BIOS. 1695 1696 The first page contains BIOS data structures that the kernel 1697 must not use, so that page must always be reserved. 1698 1699 By default we reserve the first 64K of physical RAM, as a 1700 number of BIOSes are known to corrupt that memory range 1701 during events such as suspend/resume or monitor cable 1702 insertion, so it must not be used by the kernel. 1703 1704 You can set this to 4 if you are absolutely sure that you 1705 trust the BIOS to get all its memory reservations and usages 1706 right. If you know your BIOS have problems beyond the 1707 default 64K area, you can set this to 640 to avoid using the 1708 entire low memory range. 1709 1710 If you have doubts about the BIOS (e.g. suspend/resume does 1711 not work or there's kernel crashes after certain hardware 1712 hotplug events) then you might want to enable 1713 X86_CHECK_BIOS_CORRUPTION=y to allow the kernel to check 1714 typical corruption patterns. 1715 1716 Leave this to the default value of 64 if you are unsure. 1717 1718config MATH_EMULATION 1719 bool 1720 depends on MODIFY_LDT_SYSCALL 1721 prompt "Math emulation" if X86_32 && (M486SX || MELAN) 1722 help 1723 Linux can emulate a math coprocessor (used for floating point 1724 operations) if you don't have one. 486DX and Pentium processors have 1725 a math coprocessor built in, 486SX and 386 do not, unless you added 1726 a 487DX or 387, respectively. (The messages during boot time can 1727 give you some hints here ["man dmesg"].) Everyone needs either a 1728 coprocessor or this emulation. 1729 1730 If you don't have a math coprocessor, you need to say Y here; if you 1731 say Y here even though you have a coprocessor, the coprocessor will 1732 be used nevertheless. (This behavior can be changed with the kernel 1733 command line option "no387", which comes handy if your coprocessor 1734 is broken. Try "man bootparam" or see the documentation of your boot 1735 loader (lilo or loadlin) about how to pass options to the kernel at 1736 boot time.) This means that it is a good idea to say Y here if you 1737 intend to use this kernel on different machines. 1738 1739 More information about the internals of the Linux math coprocessor 1740 emulation can be found in <file:arch/x86/math-emu/README>. 1741 1742 If you are not sure, say Y; apart from resulting in a 66 KB bigger 1743 kernel, it won't hurt. 1744 1745config MTRR 1746 def_bool y 1747 prompt "MTRR (Memory Type Range Register) support" if EXPERT 1748 help 1749 On Intel P6 family processors (Pentium Pro, Pentium II and later) 1750 the Memory Type Range Registers (MTRRs) may be used to control 1751 processor access to memory ranges. This is most useful if you have 1752 a video (VGA) card on a PCI or AGP bus. Enabling write-combining 1753 allows bus write transfers to be combined into a larger transfer 1754 before bursting over the PCI/AGP bus. This can increase performance 1755 of image write operations 2.5 times or more. Saying Y here creates a 1756 /proc/mtrr file which may be used to manipulate your processor's 1757 MTRRs. Typically the X server should use this. 1758 1759 This code has a reasonably generic interface so that similar 1760 control registers on other processors can be easily supported 1761 as well: 1762 1763 The Cyrix 6x86, 6x86MX and M II processors have Address Range 1764 Registers (ARRs) which provide a similar functionality to MTRRs. For 1765 these, the ARRs are used to emulate the MTRRs. 1766 The AMD K6-2 (stepping 8 and above) and K6-3 processors have two 1767 MTRRs. The Centaur C6 (WinChip) has 8 MCRs, allowing 1768 write-combining. All of these processors are supported by this code 1769 and it makes sense to say Y here if you have one of them. 1770 1771 Saying Y here also fixes a problem with buggy SMP BIOSes which only 1772 set the MTRRs for the boot CPU and not for the secondary CPUs. This 1773 can lead to all sorts of problems, so it's good to say Y here. 1774 1775 You can safely say Y even if your machine doesn't have MTRRs, you'll 1776 just add about 9 KB to your kernel. 1777 1778 See <file:Documentation/x86/mtrr.rst> for more information. 1779 1780config MTRR_SANITIZER 1781 def_bool y 1782 prompt "MTRR cleanup support" 1783 depends on MTRR 1784 help 1785 Convert MTRR layout from continuous to discrete, so X drivers can 1786 add writeback entries. 1787 1788 Can be disabled with disable_mtrr_cleanup on the kernel command line. 1789 The largest mtrr entry size for a continuous block can be set with 1790 mtrr_chunk_size. 1791 1792 If unsure, say Y. 1793 1794config MTRR_SANITIZER_ENABLE_DEFAULT 1795 int "MTRR cleanup enable value (0-1)" 1796 range 0 1 1797 default "0" 1798 depends on MTRR_SANITIZER 1799 help 1800 Enable mtrr cleanup default value 1801 1802config MTRR_SANITIZER_SPARE_REG_NR_DEFAULT 1803 int "MTRR cleanup spare reg num (0-7)" 1804 range 0 7 1805 default "1" 1806 depends on MTRR_SANITIZER 1807 help 1808 mtrr cleanup spare entries default, it can be changed via 1809 mtrr_spare_reg_nr=N on the kernel command line. 1810 1811config X86_PAT 1812 def_bool y 1813 prompt "x86 PAT support" if EXPERT 1814 depends on MTRR 1815 help 1816 Use PAT attributes to setup page level cache control. 1817 1818 PATs are the modern equivalents of MTRRs and are much more 1819 flexible than MTRRs. 1820 1821 Say N here if you see bootup problems (boot crash, boot hang, 1822 spontaneous reboots) or a non-working video driver. 1823 1824 If unsure, say Y. 1825 1826config ARCH_USES_PG_UNCACHED 1827 def_bool y 1828 depends on X86_PAT 1829 1830config ARCH_RANDOM 1831 def_bool y 1832 prompt "x86 architectural random number generator" if EXPERT 1833 help 1834 Enable the x86 architectural RDRAND instruction 1835 (Intel Bull Mountain technology) to generate random numbers. 1836 If supported, this is a high bandwidth, cryptographically 1837 secure hardware random number generator. 1838 1839config X86_SMAP 1840 def_bool y 1841 prompt "Supervisor Mode Access Prevention" if EXPERT 1842 help 1843 Supervisor Mode Access Prevention (SMAP) is a security 1844 feature in newer Intel processors. There is a small 1845 performance cost if this enabled and turned on; there is 1846 also a small increase in the kernel size if this is enabled. 1847 1848 If unsure, say Y. 1849 1850config X86_UMIP 1851 def_bool y 1852 prompt "User Mode Instruction Prevention" if EXPERT 1853 help 1854 User Mode Instruction Prevention (UMIP) is a security feature in 1855 some x86 processors. If enabled, a general protection fault is 1856 issued if the SGDT, SLDT, SIDT, SMSW or STR instructions are 1857 executed in user mode. These instructions unnecessarily expose 1858 information about the hardware state. 1859 1860 The vast majority of applications do not use these instructions. 1861 For the very few that do, software emulation is provided in 1862 specific cases in protected and virtual-8086 modes. Emulated 1863 results are dummy. 1864 1865config X86_INTEL_MEMORY_PROTECTION_KEYS 1866 prompt "Memory Protection Keys" 1867 def_bool y 1868 # Note: only available in 64-bit mode 1869 depends on X86_64 && (CPU_SUP_INTEL || CPU_SUP_AMD) 1870 select ARCH_USES_HIGH_VMA_FLAGS 1871 select ARCH_HAS_PKEYS 1872 help 1873 Memory Protection Keys provides a mechanism for enforcing 1874 page-based protections, but without requiring modification of the 1875 page tables when an application changes protection domains. 1876 1877 For details, see Documentation/core-api/protection-keys.rst 1878 1879 If unsure, say y. 1880 1881choice 1882 prompt "TSX enable mode" 1883 depends on CPU_SUP_INTEL 1884 default X86_INTEL_TSX_MODE_OFF 1885 help 1886 Intel's TSX (Transactional Synchronization Extensions) feature 1887 allows to optimize locking protocols through lock elision which 1888 can lead to a noticeable performance boost. 1889 1890 On the other hand it has been shown that TSX can be exploited 1891 to form side channel attacks (e.g. TAA) and chances are there 1892 will be more of those attacks discovered in the future. 1893 1894 Therefore TSX is not enabled by default (aka tsx=off). An admin 1895 might override this decision by tsx=on the command line parameter. 1896 Even with TSX enabled, the kernel will attempt to enable the best 1897 possible TAA mitigation setting depending on the microcode available 1898 for the particular machine. 1899 1900 This option allows to set the default tsx mode between tsx=on, =off 1901 and =auto. See Documentation/admin-guide/kernel-parameters.txt for more 1902 details. 1903 1904 Say off if not sure, auto if TSX is in use but it should be used on safe 1905 platforms or on if TSX is in use and the security aspect of tsx is not 1906 relevant. 1907 1908config X86_INTEL_TSX_MODE_OFF 1909 bool "off" 1910 help 1911 TSX is disabled if possible - equals to tsx=off command line parameter. 1912 1913config X86_INTEL_TSX_MODE_ON 1914 bool "on" 1915 help 1916 TSX is always enabled on TSX capable HW - equals the tsx=on command 1917 line parameter. 1918 1919config X86_INTEL_TSX_MODE_AUTO 1920 bool "auto" 1921 help 1922 TSX is enabled on TSX capable HW that is believed to be safe against 1923 side channel attacks- equals the tsx=auto command line parameter. 1924endchoice 1925 1926config EFI 1927 bool "EFI runtime service support" 1928 depends on ACPI 1929 select UCS2_STRING 1930 select EFI_RUNTIME_WRAPPERS 1931 select ARCH_USE_MEMREMAP_PROT 1932 help 1933 This enables the kernel to use EFI runtime services that are 1934 available (such as the EFI variable services). 1935 1936 This option is only useful on systems that have EFI firmware. 1937 In addition, you should use the latest ELILO loader available 1938 at <http://elilo.sourceforge.net> in order to take advantage 1939 of EFI runtime services. However, even with this option, the 1940 resultant kernel should continue to boot on existing non-EFI 1941 platforms. 1942 1943config EFI_STUB 1944 bool "EFI stub support" 1945 depends on EFI && !X86_USE_3DNOW 1946 select RELOCATABLE 1947 help 1948 This kernel feature allows a bzImage to be loaded directly 1949 by EFI firmware without the use of a bootloader. 1950 1951 See Documentation/admin-guide/efi-stub.rst for more information. 1952 1953config EFI_MIXED 1954 bool "EFI mixed-mode support" 1955 depends on EFI_STUB && X86_64 1956 help 1957 Enabling this feature allows a 64-bit kernel to be booted 1958 on a 32-bit firmware, provided that your CPU supports 64-bit 1959 mode. 1960 1961 Note that it is not possible to boot a mixed-mode enabled 1962 kernel via the EFI boot stub - a bootloader that supports 1963 the EFI handover protocol must be used. 1964 1965 If unsure, say N. 1966 1967source "kernel/Kconfig.hz" 1968 1969config KEXEC 1970 bool "kexec system call" 1971 select KEXEC_CORE 1972 help 1973 kexec is a system call that implements the ability to shutdown your 1974 current kernel, and to start another kernel. It is like a reboot 1975 but it is independent of the system firmware. And like a reboot 1976 you can start any kernel with it, not just Linux. 1977 1978 The name comes from the similarity to the exec system call. 1979 1980 It is an ongoing process to be certain the hardware in a machine 1981 is properly shutdown, so do not be surprised if this code does not 1982 initially work for you. As of this writing the exact hardware 1983 interface is strongly in flux, so no good recommendation can be 1984 made. 1985 1986config KEXEC_FILE 1987 bool "kexec file based system call" 1988 select KEXEC_CORE 1989 select BUILD_BIN2C 1990 depends on X86_64 1991 depends on CRYPTO=y 1992 depends on CRYPTO_SHA256=y 1993 help 1994 This is new version of kexec system call. This system call is 1995 file based and takes file descriptors as system call argument 1996 for kernel and initramfs as opposed to list of segments as 1997 accepted by previous system call. 1998 1999config ARCH_HAS_KEXEC_PURGATORY 2000 def_bool KEXEC_FILE 2001 2002config KEXEC_SIG 2003 bool "Verify kernel signature during kexec_file_load() syscall" 2004 depends on KEXEC_FILE 2005 help 2006 2007 This option makes the kexec_file_load() syscall check for a valid 2008 signature of the kernel image. The image can still be loaded without 2009 a valid signature unless you also enable KEXEC_SIG_FORCE, though if 2010 there's a signature that we can check, then it must be valid. 2011 2012 In addition to this option, you need to enable signature 2013 verification for the corresponding kernel image type being 2014 loaded in order for this to work. 2015 2016config KEXEC_SIG_FORCE 2017 bool "Require a valid signature in kexec_file_load() syscall" 2018 depends on KEXEC_SIG 2019 help 2020 This option makes kernel signature verification mandatory for 2021 the kexec_file_load() syscall. 2022 2023config KEXEC_BZIMAGE_VERIFY_SIG 2024 bool "Enable bzImage signature verification support" 2025 depends on KEXEC_SIG 2026 depends on SIGNED_PE_FILE_VERIFICATION 2027 select SYSTEM_TRUSTED_KEYRING 2028 help 2029 Enable bzImage signature verification support. 2030 2031config CRASH_DUMP 2032 bool "kernel crash dumps" 2033 depends on X86_64 || (X86_32 && HIGHMEM) 2034 help 2035 Generate crash dump after being started by kexec. 2036 This should be normally only set in special crash dump kernels 2037 which are loaded in the main kernel with kexec-tools into 2038 a specially reserved region and then later executed after 2039 a crash by kdump/kexec. The crash dump kernel must be compiled 2040 to a memory address not used by the main kernel or BIOS using 2041 PHYSICAL_START, or it must be built as a relocatable image 2042 (CONFIG_RELOCATABLE=y). 2043 For more details see Documentation/admin-guide/kdump/kdump.rst 2044 2045config KEXEC_JUMP 2046 bool "kexec jump" 2047 depends on KEXEC && HIBERNATION 2048 help 2049 Jump between original kernel and kexeced kernel and invoke 2050 code in physical address mode via KEXEC 2051 2052config PHYSICAL_START 2053 hex "Physical address where the kernel is loaded" if (EXPERT || CRASH_DUMP) 2054 default "0x1000000" 2055 help 2056 This gives the physical address where the kernel is loaded. 2057 2058 If kernel is a not relocatable (CONFIG_RELOCATABLE=n) then 2059 bzImage will decompress itself to above physical address and 2060 run from there. Otherwise, bzImage will run from the address where 2061 it has been loaded by the boot loader and will ignore above physical 2062 address. 2063 2064 In normal kdump cases one does not have to set/change this option 2065 as now bzImage can be compiled as a completely relocatable image 2066 (CONFIG_RELOCATABLE=y) and be used to load and run from a different 2067 address. This option is mainly useful for the folks who don't want 2068 to use a bzImage for capturing the crash dump and want to use a 2069 vmlinux instead. vmlinux is not relocatable hence a kernel needs 2070 to be specifically compiled to run from a specific memory area 2071 (normally a reserved region) and this option comes handy. 2072 2073 So if you are using bzImage for capturing the crash dump, 2074 leave the value here unchanged to 0x1000000 and set 2075 CONFIG_RELOCATABLE=y. Otherwise if you plan to use vmlinux 2076 for capturing the crash dump change this value to start of 2077 the reserved region. In other words, it can be set based on 2078 the "X" value as specified in the "crashkernel=YM@XM" 2079 command line boot parameter passed to the panic-ed 2080 kernel. Please take a look at Documentation/admin-guide/kdump/kdump.rst 2081 for more details about crash dumps. 2082 2083 Usage of bzImage for capturing the crash dump is recommended as 2084 one does not have to build two kernels. Same kernel can be used 2085 as production kernel and capture kernel. Above option should have 2086 gone away after relocatable bzImage support is introduced. But it 2087 is present because there are users out there who continue to use 2088 vmlinux for dump capture. This option should go away down the 2089 line. 2090 2091 Don't change this unless you know what you are doing. 2092 2093config RELOCATABLE 2094 bool "Build a relocatable kernel" 2095 default y 2096 help 2097 This builds a kernel image that retains relocation information 2098 so it can be loaded someplace besides the default 1MB. 2099 The relocations tend to make the kernel binary about 10% larger, 2100 but are discarded at runtime. 2101 2102 One use is for the kexec on panic case where the recovery kernel 2103 must live at a different physical address than the primary 2104 kernel. 2105 2106 Note: If CONFIG_RELOCATABLE=y, then the kernel runs from the address 2107 it has been loaded at and the compile time physical address 2108 (CONFIG_PHYSICAL_START) is used as the minimum location. 2109 2110config RANDOMIZE_BASE 2111 bool "Randomize the address of the kernel image (KASLR)" 2112 depends on RELOCATABLE 2113 default y 2114 help 2115 In support of Kernel Address Space Layout Randomization (KASLR), 2116 this randomizes the physical address at which the kernel image 2117 is decompressed and the virtual address where the kernel 2118 image is mapped, as a security feature that deters exploit 2119 attempts relying on knowledge of the location of kernel 2120 code internals. 2121 2122 On 64-bit, the kernel physical and virtual addresses are 2123 randomized separately. The physical address will be anywhere 2124 between 16MB and the top of physical memory (up to 64TB). The 2125 virtual address will be randomized from 16MB up to 1GB (9 bits 2126 of entropy). Note that this also reduces the memory space 2127 available to kernel modules from 1.5GB to 1GB. 2128 2129 On 32-bit, the kernel physical and virtual addresses are 2130 randomized together. They will be randomized from 16MB up to 2131 512MB (8 bits of entropy). 2132 2133 Entropy is generated using the RDRAND instruction if it is 2134 supported. If RDTSC is supported, its value is mixed into 2135 the entropy pool as well. If neither RDRAND nor RDTSC are 2136 supported, then entropy is read from the i8254 timer. The 2137 usable entropy is limited by the kernel being built using 2138 2GB addressing, and that PHYSICAL_ALIGN must be at a 2139 minimum of 2MB. As a result, only 10 bits of entropy are 2140 theoretically possible, but the implementations are further 2141 limited due to memory layouts. 2142 2143 If unsure, say Y. 2144 2145# Relocation on x86 needs some additional build support 2146config X86_NEED_RELOCS 2147 def_bool y 2148 depends on RANDOMIZE_BASE || (X86_32 && RELOCATABLE) 2149 2150config PHYSICAL_ALIGN 2151 hex "Alignment value to which kernel should be aligned" 2152 default "0x200000" 2153 range 0x2000 0x1000000 if X86_32 2154 range 0x200000 0x1000000 if X86_64 2155 help 2156 This value puts the alignment restrictions on physical address 2157 where kernel is loaded and run from. Kernel is compiled for an 2158 address which meets above alignment restriction. 2159 2160 If bootloader loads the kernel at a non-aligned address and 2161 CONFIG_RELOCATABLE is set, kernel will move itself to nearest 2162 address aligned to above value and run from there. 2163 2164 If bootloader loads the kernel at a non-aligned address and 2165 CONFIG_RELOCATABLE is not set, kernel will ignore the run time 2166 load address and decompress itself to the address it has been 2167 compiled for and run from there. The address for which kernel is 2168 compiled already meets above alignment restrictions. Hence the 2169 end result is that kernel runs from a physical address meeting 2170 above alignment restrictions. 2171 2172 On 32-bit this value must be a multiple of 0x2000. On 64-bit 2173 this value must be a multiple of 0x200000. 2174 2175 Don't change this unless you know what you are doing. 2176 2177config DYNAMIC_MEMORY_LAYOUT 2178 bool 2179 help 2180 This option makes base addresses of vmalloc and vmemmap as well as 2181 __PAGE_OFFSET movable during boot. 2182 2183config RANDOMIZE_MEMORY 2184 bool "Randomize the kernel memory sections" 2185 depends on X86_64 2186 depends on RANDOMIZE_BASE 2187 select DYNAMIC_MEMORY_LAYOUT 2188 default RANDOMIZE_BASE 2189 help 2190 Randomizes the base virtual address of kernel memory sections 2191 (physical memory mapping, vmalloc & vmemmap). This security feature 2192 makes exploits relying on predictable memory locations less reliable. 2193 2194 The order of allocations remains unchanged. Entropy is generated in 2195 the same way as RANDOMIZE_BASE. Current implementation in the optimal 2196 configuration have in average 30,000 different possible virtual 2197 addresses for each memory section. 2198 2199 If unsure, say Y. 2200 2201config RANDOMIZE_MEMORY_PHYSICAL_PADDING 2202 hex "Physical memory mapping padding" if EXPERT 2203 depends on RANDOMIZE_MEMORY 2204 default "0xa" if MEMORY_HOTPLUG 2205 default "0x0" 2206 range 0x1 0x40 if MEMORY_HOTPLUG 2207 range 0x0 0x40 2208 help 2209 Define the padding in terabytes added to the existing physical 2210 memory size during kernel memory randomization. It is useful 2211 for memory hotplug support but reduces the entropy available for 2212 address randomization. 2213 2214 If unsure, leave at the default value. 2215 2216config HOTPLUG_CPU 2217 def_bool y 2218 depends on SMP 2219 2220config BOOTPARAM_HOTPLUG_CPU0 2221 bool "Set default setting of cpu0_hotpluggable" 2222 depends on HOTPLUG_CPU 2223 help 2224 Set whether default state of cpu0_hotpluggable is on or off. 2225 2226 Say Y here to enable CPU0 hotplug by default. If this switch 2227 is turned on, there is no need to give cpu0_hotplug kernel 2228 parameter and the CPU0 hotplug feature is enabled by default. 2229 2230 Please note: there are two known CPU0 dependencies if you want 2231 to enable the CPU0 hotplug feature either by this switch or by 2232 cpu0_hotplug kernel parameter. 2233 2234 First, resume from hibernate or suspend always starts from CPU0. 2235 So hibernate and suspend are prevented if CPU0 is offline. 2236 2237 Second dependency is PIC interrupts always go to CPU0. CPU0 can not 2238 offline if any interrupt can not migrate out of CPU0. There may 2239 be other CPU0 dependencies. 2240 2241 Please make sure the dependencies are under your control before 2242 you enable this feature. 2243 2244 Say N if you don't want to enable CPU0 hotplug feature by default. 2245 You still can enable the CPU0 hotplug feature at boot by kernel 2246 parameter cpu0_hotplug. 2247 2248config DEBUG_HOTPLUG_CPU0 2249 def_bool n 2250 prompt "Debug CPU0 hotplug" 2251 depends on HOTPLUG_CPU 2252 help 2253 Enabling this option offlines CPU0 (if CPU0 can be offlined) as 2254 soon as possible and boots up userspace with CPU0 offlined. User 2255 can online CPU0 back after boot time. 2256 2257 To debug CPU0 hotplug, you need to enable CPU0 offline/online 2258 feature by either turning on CONFIG_BOOTPARAM_HOTPLUG_CPU0 during 2259 compilation or giving cpu0_hotplug kernel parameter at boot. 2260 2261 If unsure, say N. 2262 2263config COMPAT_VDSO 2264 def_bool n 2265 prompt "Disable the 32-bit vDSO (needed for glibc 2.3.3)" 2266 depends on COMPAT_32 2267 help 2268 Certain buggy versions of glibc will crash if they are 2269 presented with a 32-bit vDSO that is not mapped at the address 2270 indicated in its segment table. 2271 2272 The bug was introduced by f866314b89d56845f55e6f365e18b31ec978ec3a 2273 and fixed by 3b3ddb4f7db98ec9e912ccdf54d35df4aa30e04a and 2274 49ad572a70b8aeb91e57483a11dd1b77e31c4468. Glibc 2.3.3 is 2275 the only released version with the bug, but OpenSUSE 9 2276 contains a buggy "glibc 2.3.2". 2277 2278 The symptom of the bug is that everything crashes on startup, saying: 2279 dl_main: Assertion `(void *) ph->p_vaddr == _rtld_local._dl_sysinfo_dso' failed! 2280 2281 Saying Y here changes the default value of the vdso32 boot 2282 option from 1 to 0, which turns off the 32-bit vDSO entirely. 2283 This works around the glibc bug but hurts performance. 2284 2285 If unsure, say N: if you are compiling your own kernel, you 2286 are unlikely to be using a buggy version of glibc. 2287 2288choice 2289 prompt "vsyscall table for legacy applications" 2290 depends on X86_64 2291 default LEGACY_VSYSCALL_XONLY 2292 help 2293 Legacy user code that does not know how to find the vDSO expects 2294 to be able to issue three syscalls by calling fixed addresses in 2295 kernel space. Since this location is not randomized with ASLR, 2296 it can be used to assist security vulnerability exploitation. 2297 2298 This setting can be changed at boot time via the kernel command 2299 line parameter vsyscall=[emulate|xonly|none]. 2300 2301 On a system with recent enough glibc (2.14 or newer) and no 2302 static binaries, you can say None without a performance penalty 2303 to improve security. 2304 2305 If unsure, select "Emulate execution only". 2306 2307 config LEGACY_VSYSCALL_EMULATE 2308 bool "Full emulation" 2309 help 2310 The kernel traps and emulates calls into the fixed vsyscall 2311 address mapping. This makes the mapping non-executable, but 2312 it still contains readable known contents, which could be 2313 used in certain rare security vulnerability exploits. This 2314 configuration is recommended when using legacy userspace 2315 that still uses vsyscalls along with legacy binary 2316 instrumentation tools that require code to be readable. 2317 2318 An example of this type of legacy userspace is running 2319 Pin on an old binary that still uses vsyscalls. 2320 2321 config LEGACY_VSYSCALL_XONLY 2322 bool "Emulate execution only" 2323 help 2324 The kernel traps and emulates calls into the fixed vsyscall 2325 address mapping and does not allow reads. This 2326 configuration is recommended when userspace might use the 2327 legacy vsyscall area but support for legacy binary 2328 instrumentation of legacy code is not needed. It mitigates 2329 certain uses of the vsyscall area as an ASLR-bypassing 2330 buffer. 2331 2332 config LEGACY_VSYSCALL_NONE 2333 bool "None" 2334 help 2335 There will be no vsyscall mapping at all. This will 2336 eliminate any risk of ASLR bypass due to the vsyscall 2337 fixed address mapping. Attempts to use the vsyscalls 2338 will be reported to dmesg, so that either old or 2339 malicious userspace programs can be identified. 2340 2341endchoice 2342 2343config CMDLINE_BOOL 2344 bool "Built-in kernel command line" 2345 help 2346 Allow for specifying boot arguments to the kernel at 2347 build time. On some systems (e.g. embedded ones), it is 2348 necessary or convenient to provide some or all of the 2349 kernel boot arguments with the kernel itself (that is, 2350 to not rely on the boot loader to provide them.) 2351 2352 To compile command line arguments into the kernel, 2353 set this option to 'Y', then fill in the 2354 boot arguments in CONFIG_CMDLINE. 2355 2356 Systems with fully functional boot loaders (i.e. non-embedded) 2357 should leave this option set to 'N'. 2358 2359config CMDLINE 2360 string "Built-in kernel command string" 2361 depends on CMDLINE_BOOL 2362 default "" 2363 help 2364 Enter arguments here that should be compiled into the kernel 2365 image and used at boot time. If the boot loader provides a 2366 command line at boot time, it is appended to this string to 2367 form the full kernel command line, when the system boots. 2368 2369 However, you can use the CONFIG_CMDLINE_OVERRIDE option to 2370 change this behavior. 2371 2372 In most cases, the command line (whether built-in or provided 2373 by the boot loader) should specify the device for the root 2374 file system. 2375 2376config CMDLINE_OVERRIDE 2377 bool "Built-in command line overrides boot loader arguments" 2378 depends on CMDLINE_BOOL && CMDLINE != "" 2379 help 2380 Set this option to 'Y' to have the kernel ignore the boot loader 2381 command line, and use ONLY the built-in command line. 2382 2383 This is used to work around broken boot loaders. This should 2384 be set to 'N' under normal conditions. 2385 2386config MODIFY_LDT_SYSCALL 2387 bool "Enable the LDT (local descriptor table)" if EXPERT 2388 default y 2389 help 2390 Linux can allow user programs to install a per-process x86 2391 Local Descriptor Table (LDT) using the modify_ldt(2) system 2392 call. This is required to run 16-bit or segmented code such as 2393 DOSEMU or some Wine programs. It is also used by some very old 2394 threading libraries. 2395 2396 Enabling this feature adds a small amount of overhead to 2397 context switches and increases the low-level kernel attack 2398 surface. Disabling it removes the modify_ldt(2) system call. 2399 2400 Saying 'N' here may make sense for embedded or server kernels. 2401 2402source "kernel/livepatch/Kconfig" 2403 2404endmenu 2405 2406config CC_HAS_SLS 2407 def_bool $(cc-option,-mharden-sls=all) 2408 2409config CC_HAS_RETURN_THUNK 2410 def_bool $(cc-option,-mfunction-return=thunk-extern) 2411 2412menuconfig SPECULATION_MITIGATIONS 2413 bool "Mitigations for speculative execution vulnerabilities" 2414 default y 2415 help 2416 Say Y here to enable options which enable mitigations for 2417 speculative execution hardware vulnerabilities. 2418 2419 If you say N, all mitigations will be disabled. You really 2420 should know what you are doing to say so. 2421 2422if SPECULATION_MITIGATIONS 2423 2424config PAGE_TABLE_ISOLATION 2425 bool "Remove the kernel mapping in user mode" 2426 default y 2427 depends on (X86_64 || X86_PAE) 2428 help 2429 This feature reduces the number of hardware side channels by 2430 ensuring that the majority of kernel addresses are not mapped 2431 into userspace. 2432 2433 See Documentation/x86/pti.rst for more details. 2434 2435config RETPOLINE 2436 bool "Avoid speculative indirect branches in kernel" 2437 default y 2438 help 2439 Compile kernel with the retpoline compiler options to guard against 2440 kernel-to-user data leaks by avoiding speculative indirect 2441 branches. Requires a compiler with -mindirect-branch=thunk-extern 2442 support for full protection. The kernel may run slower. 2443 2444config RETHUNK 2445 bool "Enable return-thunks" 2446 depends on RETPOLINE && CC_HAS_RETURN_THUNK 2447 default y if X86_64 2448 help 2449 Compile the kernel with the return-thunks compiler option to guard 2450 against kernel-to-user data leaks by avoiding return speculation. 2451 Requires a compiler with -mfunction-return=thunk-extern 2452 support for full protection. The kernel may run slower. 2453 2454config CPU_UNRET_ENTRY 2455 bool "Enable UNRET on kernel entry" 2456 depends on CPU_SUP_AMD && RETHUNK && X86_64 2457 default y 2458 help 2459 Compile the kernel with support for the retbleed=unret mitigation. 2460 2461config CPU_IBPB_ENTRY 2462 bool "Enable IBPB on kernel entry" 2463 depends on CPU_SUP_AMD && X86_64 2464 default y 2465 help 2466 Compile the kernel with support for the retbleed=ibpb mitigation. 2467 2468config CPU_IBRS_ENTRY 2469 bool "Enable IBRS on kernel entry" 2470 depends on CPU_SUP_INTEL && X86_64 2471 default y 2472 help 2473 Compile the kernel with support for the spectre_v2=ibrs mitigation. 2474 This mitigates both spectre_v2 and retbleed at great cost to 2475 performance. 2476 2477config CPU_SRSO 2478 bool "Mitigate speculative RAS overflow on AMD" 2479 depends on CPU_SUP_AMD && X86_64 && RETHUNK 2480 default y 2481 help 2482 Enable the SRSO mitigation needed on AMD Zen1-4 machines. 2483 2484config SLS 2485 bool "Mitigate Straight-Line-Speculation" 2486 depends on CC_HAS_SLS && X86_64 2487 default n 2488 help 2489 Compile the kernel with straight-line-speculation options to guard 2490 against straight line speculation. The kernel image might be slightly 2491 larger. 2492 2493config GDS_FORCE_MITIGATION 2494 bool "Force GDS Mitigation" 2495 depends on CPU_SUP_INTEL 2496 default n 2497 help 2498 Gather Data Sampling (GDS) is a hardware vulnerability which allows 2499 unprivileged speculative access to data which was previously stored in 2500 vector registers. 2501 2502 This option is equivalent to setting gather_data_sampling=force on the 2503 command line. The microcode mitigation is used if present, otherwise 2504 AVX is disabled as a mitigation. On affected systems that are missing 2505 the microcode any userspace code that unconditionally uses AVX will 2506 break with this option set. 2507 2508 Setting this option on systems not vulnerable to GDS has no effect. 2509 2510 If in doubt, say N. 2511 2512config MITIGATION_RFDS 2513 bool "RFDS Mitigation" 2514 depends on CPU_SUP_INTEL 2515 default y 2516 help 2517 Enable mitigation for Register File Data Sampling (RFDS) by default. 2518 RFDS is a hardware vulnerability which affects Intel Atom CPUs. It 2519 allows unprivileged speculative access to stale data previously 2520 stored in floating point, vector and integer registers. 2521 See also <file:Documentation/admin-guide/hw-vuln/reg-file-data-sampling.rst> 2522 2523endif 2524 2525config ARCH_HAS_ADD_PAGES 2526 def_bool y 2527 depends on X86_64 && ARCH_ENABLE_MEMORY_HOTPLUG 2528 2529config ARCH_ENABLE_MEMORY_HOTPLUG 2530 def_bool y 2531 depends on X86_64 || (X86_32 && HIGHMEM) 2532 2533config ARCH_ENABLE_MEMORY_HOTREMOVE 2534 def_bool y 2535 depends on MEMORY_HOTPLUG 2536 2537config USE_PERCPU_NUMA_NODE_ID 2538 def_bool y 2539 depends on NUMA 2540 2541config ARCH_ENABLE_SPLIT_PMD_PTLOCK 2542 def_bool y 2543 depends on X86_64 || X86_PAE 2544 2545config ARCH_ENABLE_HUGEPAGE_MIGRATION 2546 def_bool y 2547 depends on X86_64 && HUGETLB_PAGE && MIGRATION 2548 2549config ARCH_ENABLE_THP_MIGRATION 2550 def_bool y 2551 depends on X86_64 && TRANSPARENT_HUGEPAGE 2552 2553menu "Power management and ACPI options" 2554 2555config ARCH_HIBERNATION_HEADER 2556 def_bool y 2557 depends on HIBERNATION 2558 2559source "kernel/power/Kconfig" 2560 2561source "drivers/acpi/Kconfig" 2562 2563source "drivers/sfi/Kconfig" 2564 2565config X86_APM_BOOT 2566 def_bool y 2567 depends on APM 2568 2569menuconfig APM 2570 tristate "APM (Advanced Power Management) BIOS support" 2571 depends on X86_32 && PM_SLEEP 2572 help 2573 APM is a BIOS specification for saving power using several different 2574 techniques. This is mostly useful for battery powered laptops with 2575 APM compliant BIOSes. If you say Y here, the system time will be 2576 reset after a RESUME operation, the /proc/apm device will provide 2577 battery status information, and user-space programs will receive 2578 notification of APM "events" (e.g. battery status change). 2579 2580 If you select "Y" here, you can disable actual use of the APM 2581 BIOS by passing the "apm=off" option to the kernel at boot time. 2582 2583 Note that the APM support is almost completely disabled for 2584 machines with more than one CPU. 2585 2586 In order to use APM, you will need supporting software. For location 2587 and more information, read <file:Documentation/power/apm-acpi.rst> 2588 and the Battery Powered Linux mini-HOWTO, available from 2589 <http://www.tldp.org/docs.html#howto>. 2590 2591 This driver does not spin down disk drives (see the hdparm(8) 2592 manpage ("man 8 hdparm") for that), and it doesn't turn off 2593 VESA-compliant "green" monitors. 2594 2595 This driver does not support the TI 4000M TravelMate and the ACER 2596 486/DX4/75 because they don't have compliant BIOSes. Many "green" 2597 desktop machines also don't have compliant BIOSes, and this driver 2598 may cause those machines to panic during the boot phase. 2599 2600 Generally, if you don't have a battery in your machine, there isn't 2601 much point in using this driver and you should say N. If you get 2602 random kernel OOPSes or reboots that don't seem to be related to 2603 anything, try disabling/enabling this option (or disabling/enabling 2604 APM in your BIOS). 2605 2606 Some other things you should try when experiencing seemingly random, 2607 "weird" problems: 2608 2609 1) make sure that you have enough swap space and that it is 2610 enabled. 2611 2) pass the "no-hlt" option to the kernel 2612 3) switch on floating point emulation in the kernel and pass 2613 the "no387" option to the kernel 2614 4) pass the "floppy=nodma" option to the kernel 2615 5) pass the "mem=4M" option to the kernel (thereby disabling 2616 all but the first 4 MB of RAM) 2617 6) make sure that the CPU is not over clocked. 2618 7) read the sig11 FAQ at <http://www.bitwizard.nl/sig11/> 2619 8) disable the cache from your BIOS settings 2620 9) install a fan for the video card or exchange video RAM 2621 10) install a better fan for the CPU 2622 11) exchange RAM chips 2623 12) exchange the motherboard. 2624 2625 To compile this driver as a module, choose M here: the 2626 module will be called apm. 2627 2628if APM 2629 2630config APM_IGNORE_USER_SUSPEND 2631 bool "Ignore USER SUSPEND" 2632 help 2633 This option will ignore USER SUSPEND requests. On machines with a 2634 compliant APM BIOS, you want to say N. However, on the NEC Versa M 2635 series notebooks, it is necessary to say Y because of a BIOS bug. 2636 2637config APM_DO_ENABLE 2638 bool "Enable PM at boot time" 2639 help 2640 Enable APM features at boot time. From page 36 of the APM BIOS 2641 specification: "When disabled, the APM BIOS does not automatically 2642 power manage devices, enter the Standby State, enter the Suspend 2643 State, or take power saving steps in response to CPU Idle calls." 2644 This driver will make CPU Idle calls when Linux is idle (unless this 2645 feature is turned off -- see "Do CPU IDLE calls", below). This 2646 should always save battery power, but more complicated APM features 2647 will be dependent on your BIOS implementation. You may need to turn 2648 this option off if your computer hangs at boot time when using APM 2649 support, or if it beeps continuously instead of suspending. Turn 2650 this off if you have a NEC UltraLite Versa 33/C or a Toshiba 2651 T400CDT. This is off by default since most machines do fine without 2652 this feature. 2653 2654config APM_CPU_IDLE 2655 depends on CPU_IDLE 2656 bool "Make CPU Idle calls when idle" 2657 help 2658 Enable calls to APM CPU Idle/CPU Busy inside the kernel's idle loop. 2659 On some machines, this can activate improved power savings, such as 2660 a slowed CPU clock rate, when the machine is idle. These idle calls 2661 are made after the idle loop has run for some length of time (e.g., 2662 333 mS). On some machines, this will cause a hang at boot time or 2663 whenever the CPU becomes idle. (On machines with more than one CPU, 2664 this option does nothing.) 2665 2666config APM_DISPLAY_BLANK 2667 bool "Enable console blanking using APM" 2668 help 2669 Enable console blanking using the APM. Some laptops can use this to 2670 turn off the LCD backlight when the screen blanker of the Linux 2671 virtual console blanks the screen. Note that this is only used by 2672 the virtual console screen blanker, and won't turn off the backlight 2673 when using the X Window system. This also doesn't have anything to 2674 do with your VESA-compliant power-saving monitor. Further, this 2675 option doesn't work for all laptops -- it might not turn off your 2676 backlight at all, or it might print a lot of errors to the console, 2677 especially if you are using gpm. 2678 2679config APM_ALLOW_INTS 2680 bool "Allow interrupts during APM BIOS calls" 2681 help 2682 Normally we disable external interrupts while we are making calls to 2683 the APM BIOS as a measure to lessen the effects of a badly behaving 2684 BIOS implementation. The BIOS should reenable interrupts if it 2685 needs to. Unfortunately, some BIOSes do not -- especially those in 2686 many of the newer IBM Thinkpads. If you experience hangs when you 2687 suspend, try setting this to Y. Otherwise, say N. 2688 2689endif # APM 2690 2691source "drivers/cpufreq/Kconfig" 2692 2693source "drivers/cpuidle/Kconfig" 2694 2695source "drivers/idle/Kconfig" 2696 2697endmenu 2698 2699 2700menu "Bus options (PCI etc.)" 2701 2702choice 2703 prompt "PCI access mode" 2704 depends on X86_32 && PCI 2705 default PCI_GOANY 2706 help 2707 On PCI systems, the BIOS can be used to detect the PCI devices and 2708 determine their configuration. However, some old PCI motherboards 2709 have BIOS bugs and may crash if this is done. Also, some embedded 2710 PCI-based systems don't have any BIOS at all. Linux can also try to 2711 detect the PCI hardware directly without using the BIOS. 2712 2713 With this option, you can specify how Linux should detect the 2714 PCI devices. If you choose "BIOS", the BIOS will be used, 2715 if you choose "Direct", the BIOS won't be used, and if you 2716 choose "MMConfig", then PCI Express MMCONFIG will be used. 2717 If you choose "Any", the kernel will try MMCONFIG, then the 2718 direct access method and falls back to the BIOS if that doesn't 2719 work. If unsure, go with the default, which is "Any". 2720 2721config PCI_GOBIOS 2722 bool "BIOS" 2723 2724config PCI_GOMMCONFIG 2725 bool "MMConfig" 2726 2727config PCI_GODIRECT 2728 bool "Direct" 2729 2730config PCI_GOOLPC 2731 bool "OLPC XO-1" 2732 depends on OLPC 2733 2734config PCI_GOANY 2735 bool "Any" 2736 2737endchoice 2738 2739config PCI_BIOS 2740 def_bool y 2741 depends on X86_32 && PCI && (PCI_GOBIOS || PCI_GOANY) 2742 2743# x86-64 doesn't support PCI BIOS access from long mode so always go direct. 2744config PCI_DIRECT 2745 def_bool y 2746 depends on PCI && (X86_64 || (PCI_GODIRECT || PCI_GOANY || PCI_GOOLPC || PCI_GOMMCONFIG)) 2747 2748config PCI_MMCONFIG 2749 bool "Support mmconfig PCI config space access" if X86_64 2750 default y 2751 depends on PCI && (ACPI || SFI || JAILHOUSE_GUEST) 2752 depends on X86_64 || (PCI_GOANY || PCI_GOMMCONFIG) 2753 2754config PCI_OLPC 2755 def_bool y 2756 depends on PCI && OLPC && (PCI_GOOLPC || PCI_GOANY) 2757 2758config PCI_XEN 2759 def_bool y 2760 depends on PCI && XEN 2761 select SWIOTLB_XEN 2762 2763config MMCONF_FAM10H 2764 def_bool y 2765 depends on X86_64 && PCI_MMCONFIG && ACPI 2766 2767config PCI_CNB20LE_QUIRK 2768 bool "Read CNB20LE Host Bridge Windows" if EXPERT 2769 depends on PCI 2770 help 2771 Read the PCI windows out of the CNB20LE host bridge. This allows 2772 PCI hotplug to work on systems with the CNB20LE chipset which do 2773 not have ACPI. 2774 2775 There's no public spec for this chipset, and this functionality 2776 is known to be incomplete. 2777 2778 You should say N unless you know you need this. 2779 2780config ISA_BUS 2781 bool "ISA bus support on modern systems" if EXPERT 2782 help 2783 Expose ISA bus device drivers and options available for selection and 2784 configuration. Enable this option if your target machine has an ISA 2785 bus. ISA is an older system, displaced by PCI and newer bus 2786 architectures -- if your target machine is modern, it probably does 2787 not have an ISA bus. 2788 2789 If unsure, say N. 2790 2791# x86_64 have no ISA slots, but can have ISA-style DMA. 2792config ISA_DMA_API 2793 bool "ISA-style DMA support" if (X86_64 && EXPERT) 2794 default y 2795 help 2796 Enables ISA-style DMA support for devices requiring such controllers. 2797 If unsure, say Y. 2798 2799if X86_32 2800 2801config ISA 2802 bool "ISA support" 2803 help 2804 Find out whether you have ISA slots on your motherboard. ISA is the 2805 name of a bus system, i.e. the way the CPU talks to the other stuff 2806 inside your box. Other bus systems are PCI, EISA, MicroChannel 2807 (MCA) or VESA. ISA is an older system, now being displaced by PCI; 2808 newer boards don't support it. If you have ISA, say Y, otherwise N. 2809 2810config SCx200 2811 tristate "NatSemi SCx200 support" 2812 help 2813 This provides basic support for National Semiconductor's 2814 (now AMD's) Geode processors. The driver probes for the 2815 PCI-IDs of several on-chip devices, so its a good dependency 2816 for other scx200_* drivers. 2817 2818 If compiled as a module, the driver is named scx200. 2819 2820config SCx200HR_TIMER 2821 tristate "NatSemi SCx200 27MHz High-Resolution Timer Support" 2822 depends on SCx200 2823 default y 2824 help 2825 This driver provides a clocksource built upon the on-chip 2826 27MHz high-resolution timer. Its also a workaround for 2827 NSC Geode SC-1100's buggy TSC, which loses time when the 2828 processor goes idle (as is done by the scheduler). The 2829 other workaround is idle=poll boot option. 2830 2831config OLPC 2832 bool "One Laptop Per Child support" 2833 depends on !X86_PAE 2834 select GPIOLIB 2835 select OF 2836 select OF_PROMTREE 2837 select IRQ_DOMAIN 2838 select OLPC_EC 2839 help 2840 Add support for detecting the unique features of the OLPC 2841 XO hardware. 2842 2843config OLPC_XO1_PM 2844 bool "OLPC XO-1 Power Management" 2845 depends on OLPC && MFD_CS5535=y && PM_SLEEP 2846 help 2847 Add support for poweroff and suspend of the OLPC XO-1 laptop. 2848 2849config OLPC_XO1_RTC 2850 bool "OLPC XO-1 Real Time Clock" 2851 depends on OLPC_XO1_PM && RTC_DRV_CMOS 2852 help 2853 Add support for the XO-1 real time clock, which can be used as a 2854 programmable wakeup source. 2855 2856config OLPC_XO1_SCI 2857 bool "OLPC XO-1 SCI extras" 2858 depends on OLPC && OLPC_XO1_PM && GPIO_CS5535=y 2859 depends on INPUT=y 2860 select POWER_SUPPLY 2861 help 2862 Add support for SCI-based features of the OLPC XO-1 laptop: 2863 - EC-driven system wakeups 2864 - Power button 2865 - Ebook switch 2866 - Lid switch 2867 - AC adapter status updates 2868 - Battery status updates 2869 2870config OLPC_XO15_SCI 2871 bool "OLPC XO-1.5 SCI extras" 2872 depends on OLPC && ACPI 2873 select POWER_SUPPLY 2874 help 2875 Add support for SCI-based features of the OLPC XO-1.5 laptop: 2876 - EC-driven system wakeups 2877 - AC adapter status updates 2878 - Battery status updates 2879 2880config ALIX 2881 bool "PCEngines ALIX System Support (LED setup)" 2882 select GPIOLIB 2883 help 2884 This option enables system support for the PCEngines ALIX. 2885 At present this just sets up LEDs for GPIO control on 2886 ALIX2/3/6 boards. However, other system specific setup should 2887 get added here. 2888 2889 Note: You must still enable the drivers for GPIO and LED support 2890 (GPIO_CS5535 & LEDS_GPIO) to actually use the LEDs 2891 2892 Note: You have to set alix.force=1 for boards with Award BIOS. 2893 2894config NET5501 2895 bool "Soekris Engineering net5501 System Support (LEDS, GPIO, etc)" 2896 select GPIOLIB 2897 help 2898 This option enables system support for the Soekris Engineering net5501. 2899 2900config GEOS 2901 bool "Traverse Technologies GEOS System Support (LEDS, GPIO, etc)" 2902 select GPIOLIB 2903 depends on DMI 2904 help 2905 This option enables system support for the Traverse Technologies GEOS. 2906 2907config TS5500 2908 bool "Technologic Systems TS-5500 platform support" 2909 depends on MELAN 2910 select CHECK_SIGNATURE 2911 select NEW_LEDS 2912 select LEDS_CLASS 2913 help 2914 This option enables system support for the Technologic Systems TS-5500. 2915 2916endif # X86_32 2917 2918config AMD_NB 2919 def_bool y 2920 depends on CPU_SUP_AMD && PCI 2921 2922config X86_SYSFB 2923 bool "Mark VGA/VBE/EFI FB as generic system framebuffer" 2924 help 2925 Firmwares often provide initial graphics framebuffers so the BIOS, 2926 bootloader or kernel can show basic video-output during boot for 2927 user-guidance and debugging. Historically, x86 used the VESA BIOS 2928 Extensions and EFI-framebuffers for this, which are mostly limited 2929 to x86. 2930 This option, if enabled, marks VGA/VBE/EFI framebuffers as generic 2931 framebuffers so the new generic system-framebuffer drivers can be 2932 used on x86. If the framebuffer is not compatible with the generic 2933 modes, it is advertised as fallback platform framebuffer so legacy 2934 drivers like efifb, vesafb and uvesafb can pick it up. 2935 If this option is not selected, all system framebuffers are always 2936 marked as fallback platform framebuffers as usual. 2937 2938 Note: Legacy fbdev drivers, including vesafb, efifb, uvesafb, will 2939 not be able to pick up generic system framebuffers if this option 2940 is selected. You are highly encouraged to enable simplefb as 2941 replacement if you select this option. simplefb can correctly deal 2942 with generic system framebuffers. But you should still keep vesafb 2943 and others enabled as fallback if a system framebuffer is 2944 incompatible with simplefb. 2945 2946 If unsure, say Y. 2947 2948endmenu 2949 2950 2951menu "Binary Emulations" 2952 2953config IA32_EMULATION 2954 bool "IA32 Emulation" 2955 depends on X86_64 2956 select ARCH_WANT_OLD_COMPAT_IPC 2957 select BINFMT_ELF 2958 select COMPAT_BINFMT_ELF 2959 select COMPAT_OLD_SIGACTION 2960 help 2961 Include code to run legacy 32-bit programs under a 2962 64-bit kernel. You should likely turn this on, unless you're 2963 100% sure that you don't have any 32-bit programs left. 2964 2965config IA32_AOUT 2966 tristate "IA32 a.out support" 2967 depends on IA32_EMULATION 2968 depends on BROKEN 2969 help 2970 Support old a.out binaries in the 32bit emulation. 2971 2972config X86_X32 2973 bool "x32 ABI for 64-bit mode" 2974 depends on X86_64 2975 # llvm-objcopy does not convert x86_64 .note.gnu.property or 2976 # compressed debug sections to x86_x32 properly: 2977 # https://github.com/ClangBuiltLinux/linux/issues/514 2978 # https://github.com/ClangBuiltLinux/linux/issues/1141 2979 depends on $(success,$(OBJCOPY) --version | head -n1 | grep -qv llvm) 2980 help 2981 Include code to run binaries for the x32 native 32-bit ABI 2982 for 64-bit processors. An x32 process gets access to the 2983 full 64-bit register file and wide data path while leaving 2984 pointers at 32 bits for smaller memory footprint. 2985 2986 You will need a recent binutils (2.22 or later) with 2987 elf32_x86_64 support enabled to compile a kernel with this 2988 option set. 2989 2990config COMPAT_32 2991 def_bool y 2992 depends on IA32_EMULATION || X86_32 2993 select HAVE_UID16 2994 select OLD_SIGSUSPEND3 2995 2996config COMPAT 2997 def_bool y 2998 depends on IA32_EMULATION || X86_X32 2999 3000if COMPAT 3001config COMPAT_FOR_U64_ALIGNMENT 3002 def_bool y 3003 3004config SYSVIPC_COMPAT 3005 def_bool y 3006 depends on SYSVIPC 3007endif 3008 3009endmenu 3010 3011 3012config HAVE_ATOMIC_IOMAP 3013 def_bool y 3014 depends on X86_32 3015 3016source "drivers/firmware/Kconfig" 3017 3018source "arch/x86/kvm/Kconfig" 3019 3020source "arch/x86/Kconfig.assembler" 3021