1# SPDX-License-Identifier: GPL-2.0-only 2config ARM64 3 def_bool y 4 select ACPI_CCA_REQUIRED if ACPI 5 select ACPI_GENERIC_GSI if ACPI 6 select ACPI_GTDT if ACPI 7 select ACPI_IORT if ACPI 8 select ACPI_REDUCED_HARDWARE_ONLY if ACPI 9 select ACPI_MCFG if (ACPI && PCI) 10 select ACPI_SPCR_TABLE if ACPI 11 select ACPI_PPTT if ACPI 12 select ARCH_HAS_DEBUG_WX 13 select ARCH_BINFMT_ELF_STATE 14 select ARCH_HAS_DEBUG_VIRTUAL 15 select ARCH_HAS_DEBUG_VM_PGTABLE 16 select ARCH_HAS_DEVMEM_IS_ALLOWED 17 select ARCH_HAS_DMA_PREP_COHERENT 18 select ARCH_HAS_ACPI_TABLE_UPGRADE if ACPI 19 select ARCH_HAS_FAST_MULTIPLIER 20 select ARCH_HAS_FORTIFY_SOURCE 21 select ARCH_HAS_GCOV_PROFILE_ALL 22 select ARCH_HAS_GIGANTIC_PAGE 23 select ARCH_HAS_IOREMAP_PHYS_HOOKS 24 select ARCH_HAS_KCOV 25 select ARCH_HAS_KEEPINITRD 26 select ARCH_HAS_MEMBARRIER_SYNC_CORE 27 select ARCH_HAS_MEM_ENCRYPT 28 select ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE 29 select ARCH_HAS_PTE_DEVMAP 30 select ARCH_HAS_PTE_SPECIAL 31 select ARCH_HAS_SETUP_DMA_OPS 32 select ARCH_HAS_SET_DIRECT_MAP 33 select ARCH_HAS_SET_MEMORY 34 select ARCH_STACKWALK 35 select ARCH_HAS_STRICT_KERNEL_RWX 36 select ARCH_HAS_STRICT_MODULE_RWX 37 select ARCH_HAS_SYNC_DMA_FOR_DEVICE 38 select ARCH_HAS_SYNC_DMA_FOR_CPU 39 select ARCH_HAS_SYSCALL_WRAPPER 40 select ARCH_HAS_TEARDOWN_DMA_OPS if IOMMU_SUPPORT 41 select ARCH_HAS_TICK_BROADCAST if GENERIC_CLOCKEVENTS_BROADCAST 42 select ARCH_HAVE_ELF_PROT 43 select ARCH_HAVE_NMI_SAFE_CMPXCHG 44 select ARCH_INLINE_READ_LOCK if !PREEMPTION 45 select ARCH_INLINE_READ_LOCK_BH if !PREEMPTION 46 select ARCH_INLINE_READ_LOCK_IRQ if !PREEMPTION 47 select ARCH_INLINE_READ_LOCK_IRQSAVE if !PREEMPTION 48 select ARCH_INLINE_READ_UNLOCK if !PREEMPTION 49 select ARCH_INLINE_READ_UNLOCK_BH if !PREEMPTION 50 select ARCH_INLINE_READ_UNLOCK_IRQ if !PREEMPTION 51 select ARCH_INLINE_READ_UNLOCK_IRQRESTORE if !PREEMPTION 52 select ARCH_INLINE_WRITE_LOCK if !PREEMPTION 53 select ARCH_INLINE_WRITE_LOCK_BH if !PREEMPTION 54 select ARCH_INLINE_WRITE_LOCK_IRQ if !PREEMPTION 55 select ARCH_INLINE_WRITE_LOCK_IRQSAVE if !PREEMPTION 56 select ARCH_INLINE_WRITE_UNLOCK if !PREEMPTION 57 select ARCH_INLINE_WRITE_UNLOCK_BH if !PREEMPTION 58 select ARCH_INLINE_WRITE_UNLOCK_IRQ if !PREEMPTION 59 select ARCH_INLINE_WRITE_UNLOCK_IRQRESTORE if !PREEMPTION 60 select ARCH_INLINE_SPIN_TRYLOCK if !PREEMPTION 61 select ARCH_INLINE_SPIN_TRYLOCK_BH if !PREEMPTION 62 select ARCH_INLINE_SPIN_LOCK if !PREEMPTION 63 select ARCH_INLINE_SPIN_LOCK_BH if !PREEMPTION 64 select ARCH_INLINE_SPIN_LOCK_IRQ if !PREEMPTION 65 select ARCH_INLINE_SPIN_LOCK_IRQSAVE if !PREEMPTION 66 select ARCH_INLINE_SPIN_UNLOCK if !PREEMPTION 67 select ARCH_INLINE_SPIN_UNLOCK_BH if !PREEMPTION 68 select ARCH_INLINE_SPIN_UNLOCK_IRQ if !PREEMPTION 69 select ARCH_INLINE_SPIN_UNLOCK_IRQRESTORE if !PREEMPTION 70 select ARCH_KEEP_MEMBLOCK 71 select ARCH_USE_CMPXCHG_LOCKREF 72 select ARCH_USE_GNU_PROPERTY 73 select ARCH_USE_QUEUED_RWLOCKS 74 select ARCH_USE_QUEUED_SPINLOCKS 75 select ARCH_USE_SYM_ANNOTATIONS 76 select ARCH_SUPPORTS_MEMORY_FAILURE 77 select ARCH_SUPPORTS_SHADOW_CALL_STACK if CC_HAVE_SHADOW_CALL_STACK 78 select ARCH_SUPPORTS_LTO_CLANG if CPU_LITTLE_ENDIAN 79 select ARCH_SUPPORTS_LTO_CLANG_THIN 80 select ARCH_SUPPORTS_ATOMIC_RMW 81 select ARCH_SUPPORTS_INT128 if CC_HAS_INT128 && (GCC_VERSION >= 50000 || CC_IS_CLANG) 82 select ARCH_SUPPORTS_NUMA_BALANCING 83 select ARCH_WANT_COMPAT_IPC_PARSE_VERSION if COMPAT 84 select ARCH_WANT_DEFAULT_BPF_JIT 85 select ARCH_WANT_DEFAULT_TOPDOWN_MMAP_LAYOUT 86 select ARCH_WANT_FRAME_POINTERS 87 select ARCH_WANT_HUGE_PMD_SHARE if ARM64_4K_PAGES || (ARM64_16K_PAGES && !ARM64_VA_BITS_36) 88 select ARCH_WANT_LD_ORPHAN_WARN 89 select ARCH_HAS_UBSAN_SANITIZE_ALL 90 select ARM_AMBA 91 select ARM_ARCH_TIMER 92 select ARM_GIC 93 select AUDIT_ARCH_COMPAT_GENERIC 94 select ARM_GIC_V2M if PCI 95 select ARM_GIC_V3 96 select ARM_GIC_V3_ITS if PCI 97 select ARM_PSCI_FW 98 select BUILDTIME_TABLE_SORT 99 select CLONE_BACKWARDS 100 select COMMON_CLK 101 select CPU_PM if (SUSPEND || CPU_IDLE) 102 select CRC32 103 select DCACHE_WORD_ACCESS 104 select DMA_DIRECT_REMAP 105 select EDAC_SUPPORT 106 select FRAME_POINTER 107 select GENERIC_ALLOCATOR 108 select GENERIC_ARCH_TOPOLOGY 109 select GENERIC_CLOCKEVENTS 110 select GENERIC_CLOCKEVENTS_BROADCAST 111 select GENERIC_CPU_AUTOPROBE 112 select GENERIC_CPU_VULNERABILITIES 113 select GENERIC_EARLY_IOREMAP 114 select GENERIC_IDLE_POLL_SETUP 115 select GENERIC_IRQ_IPI 116 select ARCH_WANTS_IRQ_RAW 117 select GENERIC_IRQ_MULTI_HANDLER 118 select GENERIC_IRQ_PROBE 119 select GENERIC_IRQ_SHOW 120 select GENERIC_IRQ_SHOW_LEVEL 121 select GENERIC_PCI_IOMAP 122 select GENERIC_PTDUMP 123 select GENERIC_SCHED_CLOCK 124 select GENERIC_SMP_IDLE_THREAD 125 select GENERIC_STRNCPY_FROM_USER 126 select GENERIC_STRNLEN_USER 127 select GENERIC_TIME_VSYSCALL 128 select GENERIC_GETTIMEOFDAY 129 select GENERIC_VDSO_TIME_NS 130 select HANDLE_DOMAIN_IRQ 131 select HARDIRQS_SW_RESEND 132 select HAVE_MOVE_PMD 133 select HAVE_MOVE_PUD 134 select HAVE_PCI 135 select HAVE_ACPI_APEI if (ACPI && EFI) 136 select HAVE_ALIGNED_STRUCT_PAGE if SLUB 137 select HAVE_ARCH_AUDITSYSCALL 138 select HAVE_ARCH_BITREVERSE 139 select HAVE_ARCH_COMPILER_H 140 select HAVE_ARCH_HUGE_VMAP 141 select HAVE_ARCH_JUMP_LABEL 142 select HAVE_ARCH_JUMP_LABEL_RELATIVE 143 select HAVE_ARCH_KASAN if !(ARM64_16K_PAGES && ARM64_VA_BITS_48) 144 select HAVE_ARCH_KASAN_VMALLOC if HAVE_ARCH_KASAN 145 select HAVE_ARCH_KASAN_SW_TAGS if HAVE_ARCH_KASAN 146 select HAVE_ARCH_KASAN_HW_TAGS if (HAVE_ARCH_KASAN && ARM64_MTE) 147 select HAVE_ARCH_KFENCE 148 select HAVE_ARCH_KGDB 149 select HAVE_ARCH_MMAP_RND_BITS 150 select HAVE_ARCH_MMAP_RND_COMPAT_BITS if COMPAT 151 select HAVE_ARCH_PREL32_RELOCATIONS 152 select HAVE_ARCH_SECCOMP_FILTER 153 select HAVE_ARCH_STACKLEAK 154 select HAVE_ARCH_THREAD_STRUCT_WHITELIST 155 select HAVE_ARCH_TRACEHOOK 156 select HAVE_ARCH_TRANSPARENT_HUGEPAGE 157 select HAVE_ARCH_VMAP_STACK 158 select HAVE_ARM_SMCCC 159 select HAVE_ASM_MODVERSIONS 160 select HAVE_EBPF_JIT 161 select HAVE_C_RECORDMCOUNT 162 select HAVE_CMPXCHG_DOUBLE 163 select HAVE_CMPXCHG_LOCAL 164 select HAVE_CONTEXT_TRACKING 165 select HAVE_DEBUG_BUGVERBOSE 166 select HAVE_DEBUG_KMEMLEAK 167 select HAVE_DMA_CONTIGUOUS 168 select HAVE_DYNAMIC_FTRACE 169 select HAVE_DYNAMIC_FTRACE_WITH_REGS \ 170 if $(cc-option,-fpatchable-function-entry=2) 171 select FTRACE_MCOUNT_USE_PATCHABLE_FUNCTION_ENTRY \ 172 if DYNAMIC_FTRACE_WITH_REGS 173 select HAVE_EFFICIENT_UNALIGNED_ACCESS 174 select HAVE_FAST_GUP 175 select HAVE_FTRACE_MCOUNT_RECORD 176 select HAVE_FUNCTION_TRACER 177 select HAVE_FUNCTION_ERROR_INJECTION 178 select HAVE_FUNCTION_GRAPH_TRACER 179 select HAVE_GCC_PLUGINS 180 select HAVE_HW_BREAKPOINT if PERF_EVENTS 181 select HAVE_IRQ_TIME_ACCOUNTING 182 select HAVE_KVM 183 select HAVE_NMI 184 select HAVE_PATA_PLATFORM 185 select HAVE_PERF_EVENTS 186 select HAVE_PERF_REGS 187 select HAVE_PERF_USER_STACK_DUMP 188 select HAVE_REGS_AND_STACK_ACCESS_API 189 select HAVE_FUNCTION_ARG_ACCESS_API 190 select HAVE_FUTEX_CMPXCHG if FUTEX 191 select MMU_GATHER_RCU_TABLE_FREE 192 select HAVE_RSEQ 193 select HAVE_STACKPROTECTOR 194 select HAVE_SYSCALL_TRACEPOINTS 195 select HAVE_KPROBES 196 select HAVE_KRETPROBES 197 select HAVE_GENERIC_VDSO 198 select IOMMU_DMA if IOMMU_SUPPORT 199 select IRQ_DOMAIN 200 select IRQ_FORCED_THREADING 201 select KASAN_VMALLOC if KASAN 202 select MODULES_USE_ELF_RELA 203 select NEED_DMA_MAP_STATE 204 select NEED_SG_DMA_LENGTH 205 select OF 206 select OF_EARLY_FLATTREE 207 select PCI_DOMAINS_GENERIC if PCI 208 select PCI_ECAM if (ACPI && PCI) 209 select PCI_SYSCALL if PCI 210 select POWER_RESET 211 select POWER_SUPPLY 212 select SET_FS 213 select SPARSE_IRQ 214 select SWIOTLB 215 select SYSCTL_EXCEPTION_TRACE 216 select THREAD_INFO_IN_TASK 217 select ARCH_SUPPORTS_SPECULATIVE_PAGE_FAULT 218 select HAVE_ARCH_USERFAULTFD_MINOR if USERFAULTFD 219 help 220 ARM 64-bit (AArch64) Linux support. 221 222config 64BIT 223 def_bool y 224 225config MMU 226 def_bool y 227 228config ARM64_PAGE_SHIFT 229 int 230 default 16 if ARM64_64K_PAGES 231 default 14 if ARM64_16K_PAGES 232 default 12 233 234config ARM64_CONT_PTE_SHIFT 235 int 236 default 5 if ARM64_64K_PAGES 237 default 7 if ARM64_16K_PAGES 238 default 4 239 240config ARM64_CONT_PMD_SHIFT 241 int 242 default 5 if ARM64_64K_PAGES 243 default 5 if ARM64_16K_PAGES 244 default 4 245 246config ARCH_MMAP_RND_BITS_MIN 247 default 14 if ARM64_64K_PAGES 248 default 16 if ARM64_16K_PAGES 249 default 18 250 251# max bits determined by the following formula: 252# VA_BITS - PAGE_SHIFT - 3 253config ARCH_MMAP_RND_BITS_MAX 254 default 19 if ARM64_VA_BITS=36 255 default 24 if ARM64_VA_BITS=39 256 default 27 if ARM64_VA_BITS=42 257 default 30 if ARM64_VA_BITS=47 258 default 29 if ARM64_VA_BITS=48 && ARM64_64K_PAGES 259 default 31 if ARM64_VA_BITS=48 && ARM64_16K_PAGES 260 default 33 if ARM64_VA_BITS=48 261 default 14 if ARM64_64K_PAGES 262 default 16 if ARM64_16K_PAGES 263 default 18 264 265config ARCH_MMAP_RND_COMPAT_BITS_MIN 266 default 7 if ARM64_64K_PAGES 267 default 9 if ARM64_16K_PAGES 268 default 11 269 270config ARCH_MMAP_RND_COMPAT_BITS_MAX 271 default 16 272 273config NO_IOPORT_MAP 274 def_bool y if !PCI 275 276config STACKTRACE_SUPPORT 277 def_bool y 278 279config ILLEGAL_POINTER_VALUE 280 hex 281 default 0xdead000000000000 282 283config LOCKDEP_SUPPORT 284 def_bool y 285 286config TRACE_IRQFLAGS_SUPPORT 287 def_bool y 288 289config GENERIC_BUG 290 def_bool y 291 depends on BUG 292 293config GENERIC_BUG_RELATIVE_POINTERS 294 def_bool y 295 depends on GENERIC_BUG 296 297config GENERIC_HWEIGHT 298 def_bool y 299 300config GENERIC_CSUM 301 def_bool y 302 303config GENERIC_CALIBRATE_DELAY 304 def_bool y 305 306config ZONE_DMA 307 bool "Support DMA zone" if EXPERT 308 default y 309 310config ZONE_DMA32 311 bool "Support DMA32 zone" if EXPERT 312 default y 313 314config ARCH_ENABLE_MEMORY_HOTPLUG 315 def_bool y 316 317config ARCH_ENABLE_MEMORY_HOTREMOVE 318 def_bool y 319 320config SMP 321 def_bool y 322 323config KERNEL_MODE_NEON 324 def_bool y 325 326config FIX_EARLYCON_MEM 327 def_bool y 328 329config PGTABLE_LEVELS 330 int 331 default 2 if ARM64_16K_PAGES && ARM64_VA_BITS_36 332 default 2 if ARM64_64K_PAGES && ARM64_VA_BITS_42 333 default 3 if ARM64_64K_PAGES && (ARM64_VA_BITS_48 || ARM64_VA_BITS_52) 334 default 3 if ARM64_4K_PAGES && ARM64_VA_BITS_39 335 default 3 if ARM64_16K_PAGES && ARM64_VA_BITS_47 336 default 4 if !ARM64_64K_PAGES && ARM64_VA_BITS_48 337 338config ARCH_SUPPORTS_UPROBES 339 def_bool y 340 341config ARCH_PROC_KCORE_TEXT 342 def_bool y 343 344config BROKEN_GAS_INST 345 def_bool !$(as-instr,1:\n.inst 0\n.rept . - 1b\n\nnop\n.endr\n) 346 347config KASAN_SHADOW_OFFSET 348 hex 349 depends on KASAN_GENERIC || KASAN_SW_TAGS 350 default 0xdfffa00000000000 if (ARM64_VA_BITS_48 || ARM64_VA_BITS_52) && !KASAN_SW_TAGS 351 default 0xdfffd00000000000 if ARM64_VA_BITS_47 && !KASAN_SW_TAGS 352 default 0xdffffe8000000000 if ARM64_VA_BITS_42 && !KASAN_SW_TAGS 353 default 0xdfffffd000000000 if ARM64_VA_BITS_39 && !KASAN_SW_TAGS 354 default 0xdffffffa00000000 if ARM64_VA_BITS_36 && !KASAN_SW_TAGS 355 default 0xefff900000000000 if (ARM64_VA_BITS_48 || ARM64_VA_BITS_52) && KASAN_SW_TAGS 356 default 0xefffc80000000000 if ARM64_VA_BITS_47 && KASAN_SW_TAGS 357 default 0xeffffe4000000000 if ARM64_VA_BITS_42 && KASAN_SW_TAGS 358 default 0xefffffc800000000 if ARM64_VA_BITS_39 && KASAN_SW_TAGS 359 default 0xeffffff900000000 if ARM64_VA_BITS_36 && KASAN_SW_TAGS 360 default 0xffffffffffffffff 361 362source "arch/arm64/Kconfig.platforms" 363 364menu "Kernel Features" 365 366menu "ARM errata workarounds via the alternatives framework" 367 368config ARM64_WORKAROUND_CLEAN_CACHE 369 bool 370 371config ARM64_ERRATUM_826319 372 bool "Cortex-A53: 826319: System might deadlock if a write cannot complete until read data is accepted" 373 default y 374 select ARM64_WORKAROUND_CLEAN_CACHE 375 help 376 This option adds an alternative code sequence to work around ARM 377 erratum 826319 on Cortex-A53 parts up to r0p2 with an AMBA 4 ACE or 378 AXI master interface and an L2 cache. 379 380 If a Cortex-A53 uses an AMBA AXI4 ACE interface to other processors 381 and is unable to accept a certain write via this interface, it will 382 not progress on read data presented on the read data channel and the 383 system can deadlock. 384 385 The workaround promotes data cache clean instructions to 386 data cache clean-and-invalidate. 387 Please note that this does not necessarily enable the workaround, 388 as it depends on the alternative framework, which will only patch 389 the kernel if an affected CPU is detected. 390 391 If unsure, say Y. 392 393config ARM64_ERRATUM_827319 394 bool "Cortex-A53: 827319: Data cache clean instructions might cause overlapping transactions to the interconnect" 395 default y 396 select ARM64_WORKAROUND_CLEAN_CACHE 397 help 398 This option adds an alternative code sequence to work around ARM 399 erratum 827319 on Cortex-A53 parts up to r0p2 with an AMBA 5 CHI 400 master interface and an L2 cache. 401 402 Under certain conditions this erratum can cause a clean line eviction 403 to occur at the same time as another transaction to the same address 404 on the AMBA 5 CHI interface, which can cause data corruption if the 405 interconnect reorders the two transactions. 406 407 The workaround promotes data cache clean instructions to 408 data cache clean-and-invalidate. 409 Please note that this does not necessarily enable the workaround, 410 as it depends on the alternative framework, which will only patch 411 the kernel if an affected CPU is detected. 412 413 If unsure, say Y. 414 415config ARM64_ERRATUM_824069 416 bool "Cortex-A53: 824069: Cache line might not be marked as clean after a CleanShared snoop" 417 default y 418 select ARM64_WORKAROUND_CLEAN_CACHE 419 help 420 This option adds an alternative code sequence to work around ARM 421 erratum 824069 on Cortex-A53 parts up to r0p2 when it is connected 422 to a coherent interconnect. 423 424 If a Cortex-A53 processor is executing a store or prefetch for 425 write instruction at the same time as a processor in another 426 cluster is executing a cache maintenance operation to the same 427 address, then this erratum might cause a clean cache line to be 428 incorrectly marked as dirty. 429 430 The workaround promotes data cache clean instructions to 431 data cache clean-and-invalidate. 432 Please note that this option does not necessarily enable the 433 workaround, as it depends on the alternative framework, which will 434 only patch the kernel if an affected CPU is detected. 435 436 If unsure, say Y. 437 438config ARM64_ERRATUM_819472 439 bool "Cortex-A53: 819472: Store exclusive instructions might cause data corruption" 440 default y 441 select ARM64_WORKAROUND_CLEAN_CACHE 442 help 443 This option adds an alternative code sequence to work around ARM 444 erratum 819472 on Cortex-A53 parts up to r0p1 with an L2 cache 445 present when it is connected to a coherent interconnect. 446 447 If the processor is executing a load and store exclusive sequence at 448 the same time as a processor in another cluster is executing a cache 449 maintenance operation to the same address, then this erratum might 450 cause data corruption. 451 452 The workaround promotes data cache clean instructions to 453 data cache clean-and-invalidate. 454 Please note that this does not necessarily enable the workaround, 455 as it depends on the alternative framework, which will only patch 456 the kernel if an affected CPU is detected. 457 458 If unsure, say Y. 459 460config ARM64_ERRATUM_832075 461 bool "Cortex-A57: 832075: possible deadlock on mixing exclusive memory accesses with device loads" 462 default y 463 help 464 This option adds an alternative code sequence to work around ARM 465 erratum 832075 on Cortex-A57 parts up to r1p2. 466 467 Affected Cortex-A57 parts might deadlock when exclusive load/store 468 instructions to Write-Back memory are mixed with Device loads. 469 470 The workaround is to promote device loads to use Load-Acquire 471 semantics. 472 Please note that this does not necessarily enable the workaround, 473 as it depends on the alternative framework, which will only patch 474 the kernel if an affected CPU is detected. 475 476 If unsure, say Y. 477 478config ARM64_ERRATUM_834220 479 bool "Cortex-A57: 834220: Stage 2 translation fault might be incorrectly reported in presence of a Stage 1 fault" 480 depends on KVM 481 default y 482 help 483 This option adds an alternative code sequence to work around ARM 484 erratum 834220 on Cortex-A57 parts up to r1p2. 485 486 Affected Cortex-A57 parts might report a Stage 2 translation 487 fault as the result of a Stage 1 fault for load crossing a 488 page boundary when there is a permission or device memory 489 alignment fault at Stage 1 and a translation fault at Stage 2. 490 491 The workaround is to verify that the Stage 1 translation 492 doesn't generate a fault before handling the Stage 2 fault. 493 Please note that this does not necessarily enable the workaround, 494 as it depends on the alternative framework, which will only patch 495 the kernel if an affected CPU is detected. 496 497 If unsure, say Y. 498 499config ARM64_ERRATUM_1742098 500 bool "Cortex-A57/A72: 1742098: ELR recorded incorrectly on interrupt taken between cryptographic instructions in a sequence" 501 depends on COMPAT 502 default y 503 help 504 This option removes the AES hwcap for aarch32 user-space to 505 workaround erratum 1742098 on Cortex-A57 and Cortex-A72. 506 507 Affected parts may corrupt the AES state if an interrupt is 508 taken between a pair of AES instructions. These instructions 509 are only present if the cryptography extensions are present. 510 All software should have a fallback implementation for CPUs 511 that don't implement the cryptography extensions. 512 513 If unsure, say Y. 514 515config ARM64_ERRATUM_845719 516 bool "Cortex-A53: 845719: a load might read incorrect data" 517 depends on COMPAT 518 default y 519 help 520 This option adds an alternative code sequence to work around ARM 521 erratum 845719 on Cortex-A53 parts up to r0p4. 522 523 When running a compat (AArch32) userspace on an affected Cortex-A53 524 part, a load at EL0 from a virtual address that matches the bottom 32 525 bits of the virtual address used by a recent load at (AArch64) EL1 526 might return incorrect data. 527 528 The workaround is to write the contextidr_el1 register on exception 529 return to a 32-bit task. 530 Please note that this does not necessarily enable the workaround, 531 as it depends on the alternative framework, which will only patch 532 the kernel if an affected CPU is detected. 533 534 If unsure, say Y. 535 536config ARM64_ERRATUM_843419 537 bool "Cortex-A53: 843419: A load or store might access an incorrect address" 538 default y 539 select ARM64_MODULE_PLTS if MODULES 540 help 541 This option links the kernel with '--fix-cortex-a53-843419' and 542 enables PLT support to replace certain ADRP instructions, which can 543 cause subsequent memory accesses to use an incorrect address on 544 Cortex-A53 parts up to r0p4. 545 546 If unsure, say Y. 547 548config ARM64_ERRATUM_1024718 549 bool "Cortex-A55: 1024718: Update of DBM/AP bits without break before make might result in incorrect update" 550 default y 551 help 552 This option adds a workaround for ARM Cortex-A55 Erratum 1024718. 553 554 Affected Cortex-A55 cores (all revisions) could cause incorrect 555 update of the hardware dirty bit when the DBM/AP bits are updated 556 without a break-before-make. The workaround is to disable the usage 557 of hardware DBM locally on the affected cores. CPUs not affected by 558 this erratum will continue to use the feature. 559 560 If unsure, say Y. 561 562config ARM64_ERRATUM_1418040 563 bool "Cortex-A76/Neoverse-N1: MRC read following MRRC read of specific Generic Timer in AArch32 might give incorrect result" 564 default y 565 depends on COMPAT 566 help 567 This option adds a workaround for ARM Cortex-A76/Neoverse-N1 568 errata 1188873 and 1418040. 569 570 Affected Cortex-A76/Neoverse-N1 cores (r0p0 to r3p1) could 571 cause register corruption when accessing the timer registers 572 from AArch32 userspace. 573 574 If unsure, say Y. 575 576config ARM64_WORKAROUND_SPECULATIVE_AT 577 bool 578 579config ARM64_ERRATUM_1165522 580 bool "Cortex-A76: 1165522: Speculative AT instruction using out-of-context translation regime could cause subsequent request to generate an incorrect translation" 581 default y 582 select ARM64_WORKAROUND_SPECULATIVE_AT 583 help 584 This option adds a workaround for ARM Cortex-A76 erratum 1165522. 585 586 Affected Cortex-A76 cores (r0p0, r1p0, r2p0) could end-up with 587 corrupted TLBs by speculating an AT instruction during a guest 588 context switch. 589 590 If unsure, say Y. 591 592config ARM64_ERRATUM_1319367 593 bool "Cortex-A57/A72: 1319537: Speculative AT instruction using out-of-context translation regime could cause subsequent request to generate an incorrect translation" 594 default y 595 select ARM64_WORKAROUND_SPECULATIVE_AT 596 help 597 This option adds work arounds for ARM Cortex-A57 erratum 1319537 598 and A72 erratum 1319367 599 600 Cortex-A57 and A72 cores could end-up with corrupted TLBs by 601 speculating an AT instruction during a guest context switch. 602 603 If unsure, say Y. 604 605config ARM64_ERRATUM_1530923 606 bool "Cortex-A55: 1530923: Speculative AT instruction using out-of-context translation regime could cause subsequent request to generate an incorrect translation" 607 default y 608 select ARM64_WORKAROUND_SPECULATIVE_AT 609 help 610 This option adds a workaround for ARM Cortex-A55 erratum 1530923. 611 612 Affected Cortex-A55 cores (r0p0, r0p1, r1p0, r2p0) could end-up with 613 corrupted TLBs by speculating an AT instruction during a guest 614 context switch. 615 616 If unsure, say Y. 617 618config ARM64_WORKAROUND_REPEAT_TLBI 619 bool 620 621config ARM64_ERRATUM_1286807 622 bool "Cortex-A76: Modification of the translation table for a virtual address might lead to read-after-read ordering violation" 623 default y 624 select ARM64_WORKAROUND_REPEAT_TLBI 625 help 626 This option adds a workaround for ARM Cortex-A76 erratum 1286807. 627 628 On the affected Cortex-A76 cores (r0p0 to r3p0), if a virtual 629 address for a cacheable mapping of a location is being 630 accessed by a core while another core is remapping the virtual 631 address to a new physical page using the recommended 632 break-before-make sequence, then under very rare circumstances 633 TLBI+DSB completes before a read using the translation being 634 invalidated has been observed by other observers. The 635 workaround repeats the TLBI+DSB operation. 636 637config ARM64_ERRATUM_1463225 638 bool "Cortex-A76: Software Step might prevent interrupt recognition" 639 default y 640 help 641 This option adds a workaround for Arm Cortex-A76 erratum 1463225. 642 643 On the affected Cortex-A76 cores (r0p0 to r3p1), software stepping 644 of a system call instruction (SVC) can prevent recognition of 645 subsequent interrupts when software stepping is disabled in the 646 exception handler of the system call and either kernel debugging 647 is enabled or VHE is in use. 648 649 Work around the erratum by triggering a dummy step exception 650 when handling a system call from a task that is being stepped 651 in a VHE configuration of the kernel. 652 653 If unsure, say Y. 654 655config ARM64_ERRATUM_1542419 656 bool "Neoverse-N1: workaround mis-ordering of instruction fetches" 657 default y 658 help 659 This option adds a workaround for ARM Neoverse-N1 erratum 660 1542419. 661 662 Affected Neoverse-N1 cores could execute a stale instruction when 663 modified by another CPU. The workaround depends on a firmware 664 counterpart. 665 666 Workaround the issue by hiding the DIC feature from EL0. This 667 forces user-space to perform cache maintenance. 668 669 If unsure, say Y. 670 671config ARM64_ERRATUM_1508412 672 bool "Cortex-A77: 1508412: workaround deadlock on sequence of NC/Device load and store exclusive or PAR read" 673 default y 674 help 675 This option adds a workaround for Arm Cortex-A77 erratum 1508412. 676 677 Affected Cortex-A77 cores (r0p0, r1p0) could deadlock on a sequence 678 of a store-exclusive or read of PAR_EL1 and a load with device or 679 non-cacheable memory attributes. The workaround depends on a firmware 680 counterpart. 681 682 KVM guests must also have the workaround implemented or they can 683 deadlock the system. 684 685 Work around the issue by inserting DMB SY barriers around PAR_EL1 686 register reads and warning KVM users. The DMB barrier is sufficient 687 to prevent a speculative PAR_EL1 read. 688 689 If unsure, say Y. 690 691config ARM64_WORKAROUND_TSB_FLUSH_FAILURE 692 bool 693 694config ARM64_ERRATUM_2054223 695 bool "Cortex-A710: 2054223: workaround TSB instruction failing to flush trace" 696 default y 697 select ARM64_WORKAROUND_TSB_FLUSH_FAILURE 698 help 699 Enable workaround for ARM Cortex-A710 erratum 2054223 700 701 Affected cores may fail to flush the trace data on a TSB instruction, when 702 the PE is in trace prohibited state. This will cause losing a few bytes 703 of the trace cached. 704 705 Workaround is to issue two TSB consecutively on affected cores. 706 707 If unsure, say Y. 708 709config ARM64_ERRATUM_2067961 710 bool "Neoverse-N2: 2067961: workaround TSB instruction failing to flush trace" 711 default y 712 select ARM64_WORKAROUND_TSB_FLUSH_FAILURE 713 help 714 Enable workaround for ARM Neoverse-N2 erratum 2067961 715 716 Affected cores may fail to flush the trace data on a TSB instruction, when 717 the PE is in trace prohibited state. This will cause losing a few bytes 718 of the trace cached. 719 720 Workaround is to issue two TSB consecutively on affected cores. 721 722 If unsure, say Y. 723 724config ARM64_ERRATUM_2457168 725 bool "Cortex-A510: 2457168: workaround for AMEVCNTR01 incrementing incorrectly" 726 depends on ARM64_AMU_EXTN 727 default y 728 help 729 This option adds the workaround for ARM Cortex-A510 erratum 2457168. 730 731 The AMU counter AMEVCNTR01 (constant counter) should increment at the same rate 732 as the system counter. On affected Cortex-A510 cores AMEVCNTR01 increments 733 incorrectly giving a significantly higher output value. 734 735 Work around this problem by keeping the reference values of affected counters 736 to 0 thus signaling an error case. This effect is the same to firmware disabling 737 affected counters, in which case 0 will be returned when reading the disabled 738 counters. 739 740 If unsure, say Y. 741 742config CAVIUM_ERRATUM_22375 743 bool "Cavium erratum 22375, 24313" 744 default y 745 help 746 Enable workaround for errata 22375 and 24313. 747 748 This implements two gicv3-its errata workarounds for ThunderX. Both 749 with a small impact affecting only ITS table allocation. 750 751 erratum 22375: only alloc 8MB table size 752 erratum 24313: ignore memory access type 753 754 The fixes are in ITS initialization and basically ignore memory access 755 type and table size provided by the TYPER and BASER registers. 756 757 If unsure, say Y. 758 759config CAVIUM_ERRATUM_23144 760 bool "Cavium erratum 23144: ITS SYNC hang on dual socket system" 761 depends on NUMA 762 default y 763 help 764 ITS SYNC command hang for cross node io and collections/cpu mapping. 765 766 If unsure, say Y. 767 768config CAVIUM_ERRATUM_23154 769 bool "Cavium erratum 23154: Access to ICC_IAR1_EL1 is not sync'ed" 770 default y 771 help 772 The gicv3 of ThunderX requires a modified version for 773 reading the IAR status to ensure data synchronization 774 (access to icc_iar1_el1 is not sync'ed before and after). 775 776 If unsure, say Y. 777 778config CAVIUM_ERRATUM_27456 779 bool "Cavium erratum 27456: Broadcast TLBI instructions may cause icache corruption" 780 default y 781 help 782 On ThunderX T88 pass 1.x through 2.1 parts, broadcast TLBI 783 instructions may cause the icache to become corrupted if it 784 contains data for a non-current ASID. The fix is to 785 invalidate the icache when changing the mm context. 786 787 If unsure, say Y. 788 789config CAVIUM_ERRATUM_30115 790 bool "Cavium erratum 30115: Guest may disable interrupts in host" 791 default y 792 help 793 On ThunderX T88 pass 1.x through 2.2, T81 pass 1.0 through 794 1.2, and T83 Pass 1.0, KVM guest execution may disable 795 interrupts in host. Trapping both GICv3 group-0 and group-1 796 accesses sidesteps the issue. 797 798 If unsure, say Y. 799 800config CAVIUM_TX2_ERRATUM_219 801 bool "Cavium ThunderX2 erratum 219: PRFM between TTBR change and ISB fails" 802 default y 803 help 804 On Cavium ThunderX2, a load, store or prefetch instruction between a 805 TTBR update and the corresponding context synchronizing operation can 806 cause a spurious Data Abort to be delivered to any hardware thread in 807 the CPU core. 808 809 Work around the issue by avoiding the problematic code sequence and 810 trapping KVM guest TTBRx_EL1 writes to EL2 when SMT is enabled. The 811 trap handler performs the corresponding register access, skips the 812 instruction and ensures context synchronization by virtue of the 813 exception return. 814 815 If unsure, say Y. 816 817config FUJITSU_ERRATUM_010001 818 bool "Fujitsu-A64FX erratum E#010001: Undefined fault may occur wrongly" 819 default y 820 help 821 This option adds a workaround for Fujitsu-A64FX erratum E#010001. 822 On some variants of the Fujitsu-A64FX cores ver(1.0, 1.1), memory 823 accesses may cause undefined fault (Data abort, DFSC=0b111111). 824 This fault occurs under a specific hardware condition when a 825 load/store instruction performs an address translation using: 826 case-1 TTBR0_EL1 with TCR_EL1.NFD0 == 1. 827 case-2 TTBR0_EL2 with TCR_EL2.NFD0 == 1. 828 case-3 TTBR1_EL1 with TCR_EL1.NFD1 == 1. 829 case-4 TTBR1_EL2 with TCR_EL2.NFD1 == 1. 830 831 The workaround is to ensure these bits are clear in TCR_ELx. 832 The workaround only affects the Fujitsu-A64FX. 833 834 If unsure, say Y. 835 836config HISILICON_ERRATUM_161600802 837 bool "Hip07 161600802: Erroneous redistributor VLPI base" 838 default y 839 help 840 The HiSilicon Hip07 SoC uses the wrong redistributor base 841 when issued ITS commands such as VMOVP and VMAPP, and requires 842 a 128kB offset to be applied to the target address in this commands. 843 844 If unsure, say Y. 845 846config QCOM_FALKOR_ERRATUM_1003 847 bool "Falkor E1003: Incorrect translation due to ASID change" 848 default y 849 help 850 On Falkor v1, an incorrect ASID may be cached in the TLB when ASID 851 and BADDR are changed together in TTBRx_EL1. Since we keep the ASID 852 in TTBR1_EL1, this situation only occurs in the entry trampoline and 853 then only for entries in the walk cache, since the leaf translation 854 is unchanged. Work around the erratum by invalidating the walk cache 855 entries for the trampoline before entering the kernel proper. 856 857config QCOM_FALKOR_ERRATUM_1009 858 bool "Falkor E1009: Prematurely complete a DSB after a TLBI" 859 default y 860 select ARM64_WORKAROUND_REPEAT_TLBI 861 help 862 On Falkor v1, the CPU may prematurely complete a DSB following a 863 TLBI xxIS invalidate maintenance operation. Repeat the TLBI operation 864 one more time to fix the issue. 865 866 If unsure, say Y. 867 868config QCOM_QDF2400_ERRATUM_0065 869 bool "QDF2400 E0065: Incorrect GITS_TYPER.ITT_Entry_size" 870 default y 871 help 872 On Qualcomm Datacenter Technologies QDF2400 SoC, ITS hardware reports 873 ITE size incorrectly. The GITS_TYPER.ITT_Entry_size field should have 874 been indicated as 16Bytes (0xf), not 8Bytes (0x7). 875 876 If unsure, say Y. 877 878config QCOM_FALKOR_ERRATUM_E1041 879 bool "Falkor E1041: Speculative instruction fetches might cause errant memory access" 880 default y 881 help 882 Falkor CPU may speculatively fetch instructions from an improper 883 memory location when MMU translation is changed from SCTLR_ELn[M]=1 884 to SCTLR_ELn[M]=0. Prefix an ISB instruction to fix the problem. 885 886 If unsure, say Y. 887 888config SOCIONEXT_SYNQUACER_PREITS 889 bool "Socionext Synquacer: Workaround for GICv3 pre-ITS" 890 default y 891 help 892 Socionext Synquacer SoCs implement a separate h/w block to generate 893 MSI doorbell writes with non-zero values for the device ID. 894 895 If unsure, say Y. 896 897endmenu 898 899 900choice 901 prompt "Page size" 902 default ARM64_4K_PAGES 903 help 904 Page size (translation granule) configuration. 905 906config ARM64_4K_PAGES 907 bool "4KB" 908 help 909 This feature enables 4KB pages support. 910 911config ARM64_16K_PAGES 912 bool "16KB" 913 help 914 The system will use 16KB pages support. AArch32 emulation 915 requires applications compiled with 16K (or a multiple of 16K) 916 aligned segments. 917 918config ARM64_64K_PAGES 919 bool "64KB" 920 help 921 This feature enables 64KB pages support (4KB by default) 922 allowing only two levels of page tables and faster TLB 923 look-up. AArch32 emulation requires applications compiled 924 with 64K aligned segments. 925 926endchoice 927 928choice 929 prompt "Virtual address space size" 930 default ARM64_VA_BITS_39 if ARM64_4K_PAGES 931 default ARM64_VA_BITS_47 if ARM64_16K_PAGES 932 default ARM64_VA_BITS_42 if ARM64_64K_PAGES 933 help 934 Allows choosing one of multiple possible virtual address 935 space sizes. The level of translation table is determined by 936 a combination of page size and virtual address space size. 937 938config ARM64_VA_BITS_36 939 bool "36-bit" if EXPERT 940 depends on ARM64_16K_PAGES 941 942config ARM64_VA_BITS_39 943 bool "39-bit" 944 depends on ARM64_4K_PAGES 945 946config ARM64_VA_BITS_42 947 bool "42-bit" 948 depends on ARM64_64K_PAGES 949 950config ARM64_VA_BITS_47 951 bool "47-bit" 952 depends on ARM64_16K_PAGES 953 954config ARM64_VA_BITS_48 955 bool "48-bit" 956 957config ARM64_VA_BITS_52 958 bool "52-bit" 959 depends on ARM64_64K_PAGES && (ARM64_PAN || !ARM64_SW_TTBR0_PAN) 960 help 961 Enable 52-bit virtual addressing for userspace when explicitly 962 requested via a hint to mmap(). The kernel will also use 52-bit 963 virtual addresses for its own mappings (provided HW support for 964 this feature is available, otherwise it reverts to 48-bit). 965 966 NOTE: Enabling 52-bit virtual addressing in conjunction with 967 ARMv8.3 Pointer Authentication will result in the PAC being 968 reduced from 7 bits to 3 bits, which may have a significant 969 impact on its susceptibility to brute-force attacks. 970 971 If unsure, select 48-bit virtual addressing instead. 972 973endchoice 974 975config ARM64_FORCE_52BIT 976 bool "Force 52-bit virtual addresses for userspace" 977 depends on ARM64_VA_BITS_52 && EXPERT 978 help 979 For systems with 52-bit userspace VAs enabled, the kernel will attempt 980 to maintain compatibility with older software by providing 48-bit VAs 981 unless a hint is supplied to mmap. 982 983 This configuration option disables the 48-bit compatibility logic, and 984 forces all userspace addresses to be 52-bit on HW that supports it. One 985 should only enable this configuration option for stress testing userspace 986 memory management code. If unsure say N here. 987 988config ARM64_VA_BITS 989 int 990 default 36 if ARM64_VA_BITS_36 991 default 39 if ARM64_VA_BITS_39 992 default 42 if ARM64_VA_BITS_42 993 default 47 if ARM64_VA_BITS_47 994 default 48 if ARM64_VA_BITS_48 995 default 52 if ARM64_VA_BITS_52 996 997choice 998 prompt "Physical address space size" 999 default ARM64_PA_BITS_48 1000 help 1001 Choose the maximum physical address range that the kernel will 1002 support. 1003 1004config ARM64_PA_BITS_48 1005 bool "48-bit" 1006 1007config ARM64_PA_BITS_52 1008 bool "52-bit (ARMv8.2)" 1009 depends on ARM64_64K_PAGES 1010 depends on ARM64_PAN || !ARM64_SW_TTBR0_PAN 1011 help 1012 Enable support for a 52-bit physical address space, introduced as 1013 part of the ARMv8.2-LPA extension. 1014 1015 With this enabled, the kernel will also continue to work on CPUs that 1016 do not support ARMv8.2-LPA, but with some added memory overhead (and 1017 minor performance overhead). 1018 1019endchoice 1020 1021config ARM64_PA_BITS 1022 int 1023 default 48 if ARM64_PA_BITS_48 1024 default 52 if ARM64_PA_BITS_52 1025 1026choice 1027 prompt "Endianness" 1028 default CPU_LITTLE_ENDIAN 1029 help 1030 Select the endianness of data accesses performed by the CPU. Userspace 1031 applications will need to be compiled and linked for the endianness 1032 that is selected here. 1033 1034config CPU_BIG_ENDIAN 1035 bool "Build big-endian kernel" 1036 depends on !LD_IS_LLD || LLD_VERSION >= 130000 1037 # https://github.com/llvm/llvm-project/commit/1379b150991f70a5782e9a143c2ba5308da1161c 1038 depends on AS_IS_GNU || AS_VERSION >= 150000 1039 help 1040 Say Y if you plan on running a kernel with a big-endian userspace. 1041 1042config CPU_LITTLE_ENDIAN 1043 bool "Build little-endian kernel" 1044 help 1045 Say Y if you plan on running a kernel with a little-endian userspace. 1046 This is usually the case for distributions targeting arm64. 1047 1048endchoice 1049 1050config SCHED_MC 1051 bool "Multi-core scheduler support" 1052 help 1053 Multi-core scheduler support improves the CPU scheduler's decision 1054 making when dealing with multi-core CPU chips at a cost of slightly 1055 increased overhead in some places. If unsure say N here. 1056 1057config SCHED_SMT 1058 bool "SMT scheduler support" 1059 help 1060 Improves the CPU scheduler's decision making when dealing with 1061 MultiThreading at a cost of slightly increased overhead in some 1062 places. If unsure say N here. 1063 1064config NR_CPUS 1065 int "Maximum number of CPUs (2-4096)" 1066 range 2 4096 1067 default "256" 1068 1069config HOTPLUG_CPU 1070 bool "Support for hot-pluggable CPUs" 1071 select GENERIC_IRQ_MIGRATION 1072 help 1073 Say Y here to experiment with turning CPUs off and on. CPUs 1074 can be controlled through /sys/devices/system/cpu. 1075 1076# Common NUMA Features 1077config NUMA 1078 bool "NUMA Memory Allocation and Scheduler Support" 1079 select ACPI_NUMA if ACPI 1080 select OF_NUMA 1081 help 1082 Enable NUMA (Non-Uniform Memory Access) support. 1083 1084 The kernel will try to allocate memory used by a CPU on the 1085 local memory of the CPU and add some more 1086 NUMA awareness to the kernel. 1087 1088config NODES_SHIFT 1089 int "Maximum NUMA Nodes (as a power of 2)" 1090 range 1 10 1091 default "4" 1092 depends on NEED_MULTIPLE_NODES 1093 help 1094 Specify the maximum number of NUMA Nodes available on the target 1095 system. Increases memory reserved to accommodate various tables. 1096 1097config USE_PERCPU_NUMA_NODE_ID 1098 def_bool y 1099 depends on NUMA 1100 1101config HAVE_SETUP_PER_CPU_AREA 1102 def_bool y 1103 depends on NUMA 1104 1105config NEED_PER_CPU_EMBED_FIRST_CHUNK 1106 def_bool y 1107 depends on NUMA 1108 1109config HOLES_IN_ZONE 1110 def_bool y 1111 1112source "kernel/Kconfig.hz" 1113 1114config ARCH_SUPPORTS_DEBUG_PAGEALLOC 1115 def_bool y 1116 1117config ARCH_SPARSEMEM_ENABLE 1118 def_bool y 1119 select SPARSEMEM_VMEMMAP_ENABLE 1120 1121config ARCH_SPARSEMEM_DEFAULT 1122 def_bool ARCH_SPARSEMEM_ENABLE 1123 1124config ARCH_SELECT_MEMORY_MODEL 1125 def_bool ARCH_SPARSEMEM_ENABLE 1126 1127config ARCH_FLATMEM_ENABLE 1128 def_bool !NUMA 1129 1130config HAVE_ARCH_PFN_VALID 1131 def_bool y 1132 1133config HW_PERF_EVENTS 1134 def_bool y 1135 depends on ARM_PMU 1136 1137config SYS_SUPPORTS_HUGETLBFS 1138 def_bool y 1139 1140config ARCH_WANT_HUGE_PMD_SHARE 1141 1142config ARCH_HAS_CACHE_LINE_SIZE 1143 def_bool y 1144 1145config ARCH_ENABLE_SPLIT_PMD_PTLOCK 1146 def_bool y if PGTABLE_LEVELS > 2 1147 1148# Supported by clang >= 7.0 1149config CC_HAVE_SHADOW_CALL_STACK 1150 def_bool $(cc-option, -fsanitize=shadow-call-stack -ffixed-x18) 1151 1152config PARAVIRT 1153 bool "Enable paravirtualization code" 1154 help 1155 This changes the kernel so it can modify itself when it is run 1156 under a hypervisor, potentially improving performance significantly 1157 over full virtualization. 1158 1159config PARAVIRT_TIME_ACCOUNTING 1160 bool "Paravirtual steal time accounting" 1161 select PARAVIRT 1162 help 1163 Select this option to enable fine granularity task steal time 1164 accounting. Time spent executing other tasks in parallel with 1165 the current vCPU is discounted from the vCPU power. To account for 1166 that, there can be a small performance impact. 1167 1168 If in doubt, say N here. 1169 1170config KEXEC 1171 depends on PM_SLEEP_SMP 1172 select KEXEC_CORE 1173 bool "kexec system call" 1174 help 1175 kexec is a system call that implements the ability to shutdown your 1176 current kernel, and to start another kernel. It is like a reboot 1177 but it is independent of the system firmware. And like a reboot 1178 you can start any kernel with it, not just Linux. 1179 1180config KEXEC_FILE 1181 bool "kexec file based system call" 1182 select KEXEC_CORE 1183 help 1184 This is new version of kexec system call. This system call is 1185 file based and takes file descriptors as system call argument 1186 for kernel and initramfs as opposed to list of segments as 1187 accepted by previous system call. 1188 1189config KEXEC_SIG 1190 bool "Verify kernel signature during kexec_file_load() syscall" 1191 depends on KEXEC_FILE 1192 help 1193 Select this option to verify a signature with loaded kernel 1194 image. If configured, any attempt of loading a image without 1195 valid signature will fail. 1196 1197 In addition to that option, you need to enable signature 1198 verification for the corresponding kernel image type being 1199 loaded in order for this to work. 1200 1201config KEXEC_IMAGE_VERIFY_SIG 1202 bool "Enable Image signature verification support" 1203 default y 1204 depends on KEXEC_SIG 1205 depends on EFI && SIGNED_PE_FILE_VERIFICATION 1206 help 1207 Enable Image signature verification support. 1208 1209comment "Support for PE file signature verification disabled" 1210 depends on KEXEC_SIG 1211 depends on !EFI || !SIGNED_PE_FILE_VERIFICATION 1212 1213config CRASH_DUMP 1214 bool "Build kdump crash kernel" 1215 help 1216 Generate crash dump after being started by kexec. This should 1217 be normally only set in special crash dump kernels which are 1218 loaded in the main kernel with kexec-tools into a specially 1219 reserved region and then later executed after a crash by 1220 kdump/kexec. 1221 1222 For more details see Documentation/admin-guide/kdump/kdump.rst 1223 1224config XEN_DOM0 1225 def_bool y 1226 depends on XEN 1227 1228config XEN 1229 bool "Xen guest support on ARM64" 1230 depends on ARM64 && OF 1231 select SWIOTLB_XEN 1232 select PARAVIRT 1233 help 1234 Say Y if you want to run Linux in a Virtual Machine on Xen on ARM64. 1235 1236config FORCE_MAX_ZONEORDER 1237 int 1238 default "14" if (ARM64_64K_PAGES && TRANSPARENT_HUGEPAGE) 1239 default "12" if (ARM64_16K_PAGES && TRANSPARENT_HUGEPAGE) 1240 default "11" 1241 help 1242 The kernel memory allocator divides physically contiguous memory 1243 blocks into "zones", where each zone is a power of two number of 1244 pages. This option selects the largest power of two that the kernel 1245 keeps in the memory allocator. If you need to allocate very large 1246 blocks of physically contiguous memory, then you may need to 1247 increase this value. 1248 1249 This config option is actually maximum order plus one. For example, 1250 a value of 11 means that the largest free memory block is 2^10 pages. 1251 1252 We make sure that we can allocate upto a HugePage size for each configuration. 1253 Hence we have : 1254 MAX_ORDER = (PMD_SHIFT - PAGE_SHIFT) + 1 => PAGE_SHIFT - 2 1255 1256 However for 4K, we choose a higher default value, 11 as opposed to 10, giving us 1257 4M allocations matching the default size used by generic code. 1258 1259config UNMAP_KERNEL_AT_EL0 1260 bool "Unmap kernel when running in userspace (aka \"KAISER\")" if EXPERT 1261 default y 1262 help 1263 Speculation attacks against some high-performance processors can 1264 be used to bypass MMU permission checks and leak kernel data to 1265 userspace. This can be defended against by unmapping the kernel 1266 when running in userspace, mapping it back in on exception entry 1267 via a trampoline page in the vector table. 1268 1269 If unsure, say Y. 1270 1271config MITIGATE_SPECTRE_BRANCH_HISTORY 1272 bool "Mitigate Spectre style attacks against branch history" if EXPERT 1273 default y 1274 help 1275 Speculation attacks against some high-performance processors can 1276 make use of branch history to influence future speculation. 1277 When taking an exception from user-space, a sequence of branches 1278 or a firmware call overwrites the branch history. 1279 1280config RODATA_FULL_DEFAULT_ENABLED 1281 bool "Apply r/o permissions of VM areas also to their linear aliases" 1282 default y 1283 help 1284 Apply read-only attributes of VM areas to the linear alias of 1285 the backing pages as well. This prevents code or read-only data 1286 from being modified (inadvertently or intentionally) via another 1287 mapping of the same memory page. This additional enhancement can 1288 be turned off at runtime by passing rodata=[off|on] (and turned on 1289 with rodata=full if this option is set to 'n') 1290 1291 This requires the linear region to be mapped down to pages, 1292 which may adversely affect performance in some cases. 1293 1294config ARM64_SW_TTBR0_PAN 1295 bool "Emulate Privileged Access Never using TTBR0_EL1 switching" 1296 help 1297 Enabling this option prevents the kernel from accessing 1298 user-space memory directly by pointing TTBR0_EL1 to a reserved 1299 zeroed area and reserved ASID. The user access routines 1300 restore the valid TTBR0_EL1 temporarily. 1301 1302config ARM64_TAGGED_ADDR_ABI 1303 bool "Enable the tagged user addresses syscall ABI" 1304 default y 1305 help 1306 When this option is enabled, user applications can opt in to a 1307 relaxed ABI via prctl() allowing tagged addresses to be passed 1308 to system calls as pointer arguments. For details, see 1309 Documentation/arm64/tagged-address-abi.rst. 1310 1311menuconfig COMPAT 1312 bool "Kernel support for 32-bit EL0" 1313 depends on ARM64_4K_PAGES || EXPERT 1314 select COMPAT_BINFMT_ELF if BINFMT_ELF 1315 select HAVE_UID16 1316 select OLD_SIGSUSPEND3 1317 select COMPAT_OLD_SIGACTION 1318 help 1319 This option enables support for a 32-bit EL0 running under a 64-bit 1320 kernel at EL1. AArch32-specific components such as system calls, 1321 the user helper functions, VFP support and the ptrace interface are 1322 handled appropriately by the kernel. 1323 1324 If you use a page size other than 4KB (i.e, 16KB or 64KB), please be aware 1325 that you will only be able to execute AArch32 binaries that were compiled 1326 with page size aligned segments. 1327 1328 If you want to execute 32-bit userspace applications, say Y. 1329 1330if COMPAT 1331 1332config KUSER_HELPERS 1333 bool "Enable kuser helpers page for 32-bit applications" 1334 default y 1335 help 1336 Warning: disabling this option may break 32-bit user programs. 1337 1338 Provide kuser helpers to compat tasks. The kernel provides 1339 helper code to userspace in read only form at a fixed location 1340 to allow userspace to be independent of the CPU type fitted to 1341 the system. This permits binaries to be run on ARMv4 through 1342 to ARMv8 without modification. 1343 1344 See Documentation/arm/kernel_user_helpers.rst for details. 1345 1346 However, the fixed address nature of these helpers can be used 1347 by ROP (return orientated programming) authors when creating 1348 exploits. 1349 1350 If all of the binaries and libraries which run on your platform 1351 are built specifically for your platform, and make no use of 1352 these helpers, then you can turn this option off to hinder 1353 such exploits. However, in that case, if a binary or library 1354 relying on those helpers is run, it will not function correctly. 1355 1356 Say N here only if you are absolutely certain that you do not 1357 need these helpers; otherwise, the safe option is to say Y. 1358 1359config COMPAT_VDSO 1360 bool "Enable vDSO for 32-bit applications" 1361 depends on !CPU_BIG_ENDIAN 1362 depends on (CC_IS_CLANG && LD_IS_LLD) || "$(CROSS_COMPILE_COMPAT)" != "" 1363 select GENERIC_COMPAT_VDSO 1364 default y 1365 help 1366 Place in the process address space of 32-bit applications an 1367 ELF shared object providing fast implementations of gettimeofday 1368 and clock_gettime. 1369 1370 You must have a 32-bit build of glibc 2.22 or later for programs 1371 to seamlessly take advantage of this. 1372 1373config THUMB2_COMPAT_VDSO 1374 bool "Compile the 32-bit vDSO for Thumb-2 mode" if EXPERT 1375 depends on COMPAT_VDSO 1376 default y 1377 help 1378 Compile the compat vDSO with '-mthumb -fomit-frame-pointer' if y, 1379 otherwise with '-marm'. 1380 1381menuconfig ARMV8_DEPRECATED 1382 bool "Emulate deprecated/obsolete ARMv8 instructions" 1383 depends on SYSCTL 1384 help 1385 Legacy software support may require certain instructions 1386 that have been deprecated or obsoleted in the architecture. 1387 1388 Enable this config to enable selective emulation of these 1389 features. 1390 1391 If unsure, say Y 1392 1393if ARMV8_DEPRECATED 1394 1395config SWP_EMULATION 1396 bool "Emulate SWP/SWPB instructions" 1397 help 1398 ARMv8 obsoletes the use of A32 SWP/SWPB instructions such that 1399 they are always undefined. Say Y here to enable software 1400 emulation of these instructions for userspace using LDXR/STXR. 1401 This feature can be controlled at runtime with the abi.swp 1402 sysctl which is disabled by default. 1403 1404 In some older versions of glibc [<=2.8] SWP is used during futex 1405 trylock() operations with the assumption that the code will not 1406 be preempted. This invalid assumption may be more likely to fail 1407 with SWP emulation enabled, leading to deadlock of the user 1408 application. 1409 1410 NOTE: when accessing uncached shared regions, LDXR/STXR rely 1411 on an external transaction monitoring block called a global 1412 monitor to maintain update atomicity. If your system does not 1413 implement a global monitor, this option can cause programs that 1414 perform SWP operations to uncached memory to deadlock. 1415 1416 If unsure, say Y 1417 1418config CP15_BARRIER_EMULATION 1419 bool "Emulate CP15 Barrier instructions" 1420 help 1421 The CP15 barrier instructions - CP15ISB, CP15DSB, and 1422 CP15DMB - are deprecated in ARMv8 (and ARMv7). It is 1423 strongly recommended to use the ISB, DSB, and DMB 1424 instructions instead. 1425 1426 Say Y here to enable software emulation of these 1427 instructions for AArch32 userspace code. When this option is 1428 enabled, CP15 barrier usage is traced which can help 1429 identify software that needs updating. This feature can be 1430 controlled at runtime with the abi.cp15_barrier sysctl. 1431 1432 If unsure, say Y 1433 1434config SETEND_EMULATION 1435 bool "Emulate SETEND instruction" 1436 help 1437 The SETEND instruction alters the data-endianness of the 1438 AArch32 EL0, and is deprecated in ARMv8. 1439 1440 Say Y here to enable software emulation of the instruction 1441 for AArch32 userspace code. This feature can be controlled 1442 at runtime with the abi.setend sysctl. 1443 1444 Note: All the cpus on the system must have mixed endian support at EL0 1445 for this feature to be enabled. If a new CPU - which doesn't support mixed 1446 endian - is hotplugged in after this feature has been enabled, there could 1447 be unexpected results in the applications. 1448 1449 If unsure, say Y 1450endif 1451 1452endif 1453 1454menu "ARMv8.1 architectural features" 1455 1456config ARM64_HW_AFDBM 1457 bool "Support for hardware updates of the Access and Dirty page flags" 1458 default y 1459 help 1460 The ARMv8.1 architecture extensions introduce support for 1461 hardware updates of the access and dirty information in page 1462 table entries. When enabled in TCR_EL1 (HA and HD bits) on 1463 capable processors, accesses to pages with PTE_AF cleared will 1464 set this bit instead of raising an access flag fault. 1465 Similarly, writes to read-only pages with the DBM bit set will 1466 clear the read-only bit (AP[2]) instead of raising a 1467 permission fault. 1468 1469 Kernels built with this configuration option enabled continue 1470 to work on pre-ARMv8.1 hardware and the performance impact is 1471 minimal. If unsure, say Y. 1472 1473config ARM64_PAN 1474 bool "Enable support for Privileged Access Never (PAN)" 1475 default y 1476 help 1477 Privileged Access Never (PAN; part of the ARMv8.1 Extensions) 1478 prevents the kernel or hypervisor from accessing user-space (EL0) 1479 memory directly. 1480 1481 Choosing this option will cause any unprotected (not using 1482 copy_to_user et al) memory access to fail with a permission fault. 1483 1484 The feature is detected at runtime, and will remain as a 'nop' 1485 instruction if the cpu does not implement the feature. 1486 1487config AS_HAS_LDAPR 1488 def_bool $(as-instr,.arch_extension rcpc) 1489 1490config AS_HAS_LSE_ATOMICS 1491 def_bool $(as-instr,.arch_extension lse) 1492 1493config ARM64_LSE_ATOMICS 1494 bool 1495 default ARM64_USE_LSE_ATOMICS 1496 depends on AS_HAS_LSE_ATOMICS 1497 1498config ARM64_USE_LSE_ATOMICS 1499 bool "Atomic instructions" 1500 depends on JUMP_LABEL 1501 default y 1502 help 1503 As part of the Large System Extensions, ARMv8.1 introduces new 1504 atomic instructions that are designed specifically to scale in 1505 very large systems. 1506 1507 Say Y here to make use of these instructions for the in-kernel 1508 atomic routines. This incurs a small overhead on CPUs that do 1509 not support these instructions and requires the kernel to be 1510 built with binutils >= 2.25 in order for the new instructions 1511 to be used. 1512 1513endmenu 1514 1515menu "ARMv8.2 architectural features" 1516 1517config ARM64_UAO 1518 bool "Enable support for User Access Override (UAO)" 1519 default y 1520 help 1521 User Access Override (UAO; part of the ARMv8.2 Extensions) 1522 causes the 'unprivileged' variant of the load/store instructions to 1523 be overridden to be privileged. 1524 1525 This option changes get_user() and friends to use the 'unprivileged' 1526 variant of the load/store instructions. This ensures that user-space 1527 really did have access to the supplied memory. When addr_limit is 1528 set to kernel memory the UAO bit will be set, allowing privileged 1529 access to kernel memory. 1530 1531 Choosing this option will cause copy_to_user() et al to use user-space 1532 memory permissions. 1533 1534 The feature is detected at runtime, the kernel will use the 1535 regular load/store instructions if the cpu does not implement the 1536 feature. 1537 1538config ARM64_PMEM 1539 bool "Enable support for persistent memory" 1540 select ARCH_HAS_PMEM_API 1541 select ARCH_HAS_UACCESS_FLUSHCACHE 1542 help 1543 Say Y to enable support for the persistent memory API based on the 1544 ARMv8.2 DCPoP feature. 1545 1546 The feature is detected at runtime, and the kernel will use DC CVAC 1547 operations if DC CVAP is not supported (following the behaviour of 1548 DC CVAP itself if the system does not define a point of persistence). 1549 1550config ARM64_RAS_EXTN 1551 bool "Enable support for RAS CPU Extensions" 1552 default y 1553 help 1554 CPUs that support the Reliability, Availability and Serviceability 1555 (RAS) Extensions, part of ARMv8.2 are able to track faults and 1556 errors, classify them and report them to software. 1557 1558 On CPUs with these extensions system software can use additional 1559 barriers to determine if faults are pending and read the 1560 classification from a new set of registers. 1561 1562 Selecting this feature will allow the kernel to use these barriers 1563 and access the new registers if the system supports the extension. 1564 Platform RAS features may additionally depend on firmware support. 1565 1566config ARM64_CNP 1567 bool "Enable support for Common Not Private (CNP) translations" 1568 default y 1569 depends on ARM64_PAN || !ARM64_SW_TTBR0_PAN 1570 help 1571 Common Not Private (CNP) allows translation table entries to 1572 be shared between different PEs in the same inner shareable 1573 domain, so the hardware can use this fact to optimise the 1574 caching of such entries in the TLB. 1575 1576 Selecting this option allows the CNP feature to be detected 1577 at runtime, and does not affect PEs that do not implement 1578 this feature. 1579 1580endmenu 1581 1582menu "ARMv8.3 architectural features" 1583 1584config ARM64_PTR_AUTH 1585 bool "Enable support for pointer authentication" 1586 default y 1587 depends on (CC_HAS_SIGN_RETURN_ADDRESS || CC_HAS_BRANCH_PROT_PAC_RET) && AS_HAS_PAC 1588 # Modern compilers insert a .note.gnu.property section note for PAC 1589 # which is only understood by binutils starting with version 2.33.1. 1590 depends on LD_IS_LLD || LD_VERSION >= 23301 || (CC_IS_GCC && GCC_VERSION < 90100) 1591 depends on !CC_IS_CLANG || AS_HAS_CFI_NEGATE_RA_STATE 1592 depends on (!FUNCTION_GRAPH_TRACER || DYNAMIC_FTRACE_WITH_REGS) 1593 help 1594 Pointer authentication (part of the ARMv8.3 Extensions) provides 1595 instructions for signing and authenticating pointers against secret 1596 keys, which can be used to mitigate Return Oriented Programming (ROP) 1597 and other attacks. 1598 1599 This option enables these instructions at EL0 (i.e. for userspace). 1600 Choosing this option will cause the kernel to initialise secret keys 1601 for each process at exec() time, with these keys being 1602 context-switched along with the process. 1603 1604 If the compiler supports the -mbranch-protection or 1605 -msign-return-address flag (e.g. GCC 7 or later), then this option 1606 will also cause the kernel itself to be compiled with return address 1607 protection. In this case, and if the target hardware is known to 1608 support pointer authentication, then CONFIG_STACKPROTECTOR can be 1609 disabled with minimal loss of protection. 1610 1611 The feature is detected at runtime. If the feature is not present in 1612 hardware it will not be advertised to userspace/KVM guest nor will it 1613 be enabled. 1614 1615 If the feature is present on the boot CPU but not on a late CPU, then 1616 the late CPU will be parked. Also, if the boot CPU does not have 1617 address auth and the late CPU has then the late CPU will still boot 1618 but with the feature disabled. On such a system, this option should 1619 not be selected. 1620 1621 This feature works with FUNCTION_GRAPH_TRACER option only if 1622 DYNAMIC_FTRACE_WITH_REGS is enabled. 1623 1624config CC_HAS_BRANCH_PROT_PAC_RET 1625 # GCC 9 or later, clang 8 or later 1626 def_bool $(cc-option,-mbranch-protection=pac-ret+leaf) 1627 1628config CC_HAS_SIGN_RETURN_ADDRESS 1629 # GCC 7, 8 1630 def_bool $(cc-option,-msign-return-address=all) 1631 1632config AS_HAS_PAC 1633 def_bool $(cc-option,-Wa$(comma)-march=armv8.3-a) 1634 1635config AS_HAS_CFI_NEGATE_RA_STATE 1636 def_bool $(as-instr,.cfi_startproc\n.cfi_negate_ra_state\n.cfi_endproc\n) 1637 1638endmenu 1639 1640menu "ARMv8.4 architectural features" 1641 1642config ARM64_AMU_EXTN 1643 bool "Enable support for the Activity Monitors Unit CPU extension" 1644 default y 1645 help 1646 The activity monitors extension is an optional extension introduced 1647 by the ARMv8.4 CPU architecture. This enables support for version 1 1648 of the activity monitors architecture, AMUv1. 1649 1650 To enable the use of this extension on CPUs that implement it, say Y. 1651 1652 Note that for architectural reasons, firmware _must_ implement AMU 1653 support when running on CPUs that present the activity monitors 1654 extension. The required support is present in: 1655 * Version 1.5 and later of the ARM Trusted Firmware 1656 1657 For kernels that have this configuration enabled but boot with broken 1658 firmware, you may need to say N here until the firmware is fixed. 1659 Otherwise you may experience firmware panics or lockups when 1660 accessing the counter registers. Even if you are not observing these 1661 symptoms, the values returned by the register reads might not 1662 correctly reflect reality. Most commonly, the value read will be 0, 1663 indicating that the counter is not enabled. 1664 1665config AS_HAS_ARMV8_4 1666 def_bool $(cc-option,-Wa$(comma)-march=armv8.4-a) 1667 1668config ARM64_TLB_RANGE 1669 bool "Enable support for tlbi range feature" 1670 default y 1671 depends on AS_HAS_ARMV8_4 1672 help 1673 ARMv8.4-TLBI provides TLBI invalidation instruction that apply to a 1674 range of input addresses. 1675 1676 The feature introduces new assembly instructions, and they were 1677 support when binutils >= 2.30. 1678 1679endmenu 1680 1681menu "ARMv8.5 architectural features" 1682 1683config AS_HAS_ARMV8_5 1684 def_bool $(cc-option,-Wa$(comma)-march=armv8.5-a) 1685 1686config ARM64_BTI 1687 bool "Branch Target Identification support" 1688 default y 1689 help 1690 Branch Target Identification (part of the ARMv8.5 Extensions) 1691 provides a mechanism to limit the set of locations to which computed 1692 branch instructions such as BR or BLR can jump. 1693 1694 To make use of BTI on CPUs that support it, say Y. 1695 1696 BTI is intended to provide complementary protection to other control 1697 flow integrity protection mechanisms, such as the Pointer 1698 authentication mechanism provided as part of the ARMv8.3 Extensions. 1699 For this reason, it does not make sense to enable this option without 1700 also enabling support for pointer authentication. Thus, when 1701 enabling this option you should also select ARM64_PTR_AUTH=y. 1702 1703 Userspace binaries must also be specifically compiled to make use of 1704 this mechanism. If you say N here or the hardware does not support 1705 BTI, such binaries can still run, but you get no additional 1706 enforcement of branch destinations. 1707 1708config ARM64_BTI_KERNEL 1709 bool "Use Branch Target Identification for kernel" 1710 default y 1711 depends on ARM64_BTI 1712 depends on ARM64_PTR_AUTH 1713 depends on CC_HAS_BRANCH_PROT_PAC_RET_BTI 1714 # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=94697 1715 depends on !CC_IS_GCC || GCC_VERSION >= 100100 1716 # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106671 1717 depends on !CC_IS_GCC 1718 # https://bugs.llvm.org/show_bug.cgi?id=46258 1719 depends on !CFI_CLANG || CLANG_VERSION >= 120000 1720 depends on (!FUNCTION_GRAPH_TRACER || DYNAMIC_FTRACE_WITH_REGS) 1721 help 1722 Build the kernel with Branch Target Identification annotations 1723 and enable enforcement of this for kernel code. When this option 1724 is enabled and the system supports BTI all kernel code including 1725 modular code must have BTI enabled. 1726 1727config CC_HAS_BRANCH_PROT_PAC_RET_BTI 1728 # GCC 9 or later, clang 8 or later 1729 def_bool $(cc-option,-mbranch-protection=pac-ret+leaf+bti) 1730 1731config ARM64_E0PD 1732 bool "Enable support for E0PD" 1733 default y 1734 help 1735 E0PD (part of the ARMv8.5 extensions) allows us to ensure 1736 that EL0 accesses made via TTBR1 always fault in constant time, 1737 providing similar benefits to KASLR as those provided by KPTI, but 1738 with lower overhead and without disrupting legitimate access to 1739 kernel memory such as SPE. 1740 1741 This option enables E0PD for TTBR1 where available. 1742 1743config ARCH_RANDOM 1744 bool "Enable support for random number generation" 1745 default y 1746 help 1747 Random number generation (part of the ARMv8.5 Extensions) 1748 provides a high bandwidth, cryptographically secure 1749 hardware random number generator. 1750 1751config ARM64_AS_HAS_MTE 1752 # Initial support for MTE went in binutils 2.32.0, checked with 1753 # ".arch armv8.5-a+memtag" below. However, this was incomplete 1754 # as a late addition to the final architecture spec (LDGM/STGM) 1755 # is only supported in the newer 2.32.x and 2.33 binutils 1756 # versions, hence the extra "stgm" instruction check below. 1757 def_bool $(as-instr,.arch armv8.5-a+memtag\nstgm xzr$(comma)[x0]) 1758 1759config ARM64_MTE 1760 bool "Memory Tagging Extension support" 1761 default y 1762 depends on ARM64_AS_HAS_MTE && ARM64_TAGGED_ADDR_ABI 1763 depends on AS_HAS_ARMV8_5 1764 # Required for tag checking in the uaccess routines 1765 depends on ARM64_PAN 1766 depends on AS_HAS_LSE_ATOMICS 1767 select ARCH_USES_HIGH_VMA_FLAGS 1768 help 1769 Memory Tagging (part of the ARMv8.5 Extensions) provides 1770 architectural support for run-time, always-on detection of 1771 various classes of memory error to aid with software debugging 1772 to eliminate vulnerabilities arising from memory-unsafe 1773 languages. 1774 1775 This option enables the support for the Memory Tagging 1776 Extension at EL0 (i.e. for userspace). 1777 1778 Selecting this option allows the feature to be detected at 1779 runtime. Any secondary CPU not implementing this feature will 1780 not be allowed a late bring-up. 1781 1782 Userspace binaries that want to use this feature must 1783 explicitly opt in. The mechanism for the userspace is 1784 described in: 1785 1786 Documentation/arm64/memory-tagging-extension.rst. 1787 1788endmenu 1789 1790config ARM64_SVE 1791 bool "ARM Scalable Vector Extension support" 1792 default y 1793 help 1794 The Scalable Vector Extension (SVE) is an extension to the AArch64 1795 execution state which complements and extends the SIMD functionality 1796 of the base architecture to support much larger vectors and to enable 1797 additional vectorisation opportunities. 1798 1799 To enable use of this extension on CPUs that implement it, say Y. 1800 1801 On CPUs that support the SVE2 extensions, this option will enable 1802 those too. 1803 1804 Note that for architectural reasons, firmware _must_ implement SVE 1805 support when running on SVE capable hardware. The required support 1806 is present in: 1807 1808 * version 1.5 and later of the ARM Trusted Firmware 1809 * the AArch64 boot wrapper since commit 5e1261e08abf 1810 ("bootwrapper: SVE: Enable SVE for EL2 and below"). 1811 1812 For other firmware implementations, consult the firmware documentation 1813 or vendor. 1814 1815 If you need the kernel to boot on SVE-capable hardware with broken 1816 firmware, you may need to say N here until you get your firmware 1817 fixed. Otherwise, you may experience firmware panics or lockups when 1818 booting the kernel. If unsure and you are not observing these 1819 symptoms, you should assume that it is safe to say Y. 1820 1821config ARM64_MODULE_PLTS 1822 bool "Use PLTs to allow module memory to spill over into vmalloc area" 1823 depends on MODULES 1824 select HAVE_MOD_ARCH_SPECIFIC 1825 help 1826 Allocate PLTs when loading modules so that jumps and calls whose 1827 targets are too far away for their relative offsets to be encoded 1828 in the instructions themselves can be bounced via veneers in the 1829 module's PLT. This allows modules to be allocated in the generic 1830 vmalloc area after the dedicated module memory area has been 1831 exhausted. 1832 1833 When running with address space randomization (KASLR), the module 1834 region itself may be too far away for ordinary relative jumps and 1835 calls, and so in that case, module PLTs are required and cannot be 1836 disabled. 1837 1838 Specific errata workaround(s) might also force module PLTs to be 1839 enabled (ARM64_ERRATUM_843419). 1840 1841config ARM64_PSEUDO_NMI 1842 bool "Support for NMI-like interrupts" 1843 select ARM_GIC_V3 1844 help 1845 Adds support for mimicking Non-Maskable Interrupts through the use of 1846 GIC interrupt priority. This support requires version 3 or later of 1847 ARM GIC. 1848 1849 This high priority configuration for interrupts needs to be 1850 explicitly enabled by setting the kernel parameter 1851 "irqchip.gicv3_pseudo_nmi" to 1. 1852 1853 If unsure, say N 1854 1855if ARM64_PSEUDO_NMI 1856config ARM64_DEBUG_PRIORITY_MASKING 1857 bool "Debug interrupt priority masking" 1858 help 1859 This adds runtime checks to functions enabling/disabling 1860 interrupts when using priority masking. The additional checks verify 1861 the validity of ICC_PMR_EL1 when calling concerned functions. 1862 1863 If unsure, say N 1864endif 1865 1866config RELOCATABLE 1867 bool "Build a relocatable kernel image" if EXPERT 1868 select ARCH_HAS_RELR 1869 default y 1870 help 1871 This builds the kernel as a Position Independent Executable (PIE), 1872 which retains all relocation metadata required to relocate the 1873 kernel binary at runtime to a different virtual address than the 1874 address it was linked at. 1875 Since AArch64 uses the RELA relocation format, this requires a 1876 relocation pass at runtime even if the kernel is loaded at the 1877 same address it was linked at. 1878 1879config RANDOMIZE_BASE 1880 bool "Randomize the address of the kernel image" 1881 select ARM64_MODULE_PLTS if MODULES 1882 select RELOCATABLE 1883 help 1884 Randomizes the virtual address at which the kernel image is 1885 loaded, as a security feature that deters exploit attempts 1886 relying on knowledge of the location of kernel internals. 1887 1888 It is the bootloader's job to provide entropy, by passing a 1889 random u64 value in /chosen/kaslr-seed at kernel entry. 1890 1891 When booting via the UEFI stub, it will invoke the firmware's 1892 EFI_RNG_PROTOCOL implementation (if available) to supply entropy 1893 to the kernel proper. In addition, it will randomise the physical 1894 location of the kernel Image as well. 1895 1896 If unsure, say N. 1897 1898config RANDOMIZE_MODULE_REGION_FULL 1899 bool "Randomize the module region over a 4 GB range" 1900 depends on RANDOMIZE_BASE 1901 default y 1902 help 1903 Randomizes the location of the module region inside a 4 GB window 1904 covering the core kernel. This way, it is less likely for modules 1905 to leak information about the location of core kernel data structures 1906 but it does imply that function calls between modules and the core 1907 kernel will need to be resolved via veneers in the module PLT. 1908 1909 When this option is not set, the module region will be randomized over 1910 a limited range that contains the [_stext, _etext] interval of the 1911 core kernel, so branch relocations are always in range. 1912 1913config CC_HAVE_STACKPROTECTOR_SYSREG 1914 def_bool $(cc-option,-mstack-protector-guard=sysreg -mstack-protector-guard-reg=sp_el0 -mstack-protector-guard-offset=0) 1915 1916config STACKPROTECTOR_PER_TASK 1917 def_bool y 1918 depends on STACKPROTECTOR && CC_HAVE_STACKPROTECTOR_SYSREG 1919 1920endmenu 1921 1922menu "Boot options" 1923 1924config ARM64_ACPI_PARKING_PROTOCOL 1925 bool "Enable support for the ARM64 ACPI parking protocol" 1926 depends on ACPI 1927 help 1928 Enable support for the ARM64 ACPI parking protocol. If disabled 1929 the kernel will not allow booting through the ARM64 ACPI parking 1930 protocol even if the corresponding data is present in the ACPI 1931 MADT table. 1932 1933config CMDLINE 1934 string "Default kernel command string" 1935 default "" 1936 help 1937 Provide a set of default command-line options at build time by 1938 entering them here. As a minimum, you should specify the the 1939 root device (e.g. root=/dev/nfs). 1940 1941choice 1942 prompt "Kernel command line type" if CMDLINE != "" 1943 default CMDLINE_FROM_BOOTLOADER 1944 help 1945 Choose how the kernel will handle the provided default kernel 1946 command line string. 1947 1948config CMDLINE_FROM_BOOTLOADER 1949 bool "Use bootloader kernel arguments if available" 1950 help 1951 Uses the command-line options passed by the boot loader. If 1952 the boot loader doesn't provide any, the default kernel command 1953 string provided in CMDLINE will be used. 1954 1955config CMDLINE_EXTEND 1956 bool "Extend bootloader kernel arguments" 1957 help 1958 The command-line arguments provided by the boot loader will be 1959 appended to the default kernel command string. 1960 1961config CMDLINE_FORCE 1962 bool "Always use the default kernel command string" 1963 help 1964 Always use the default kernel command string, even if the boot 1965 loader passes other arguments to the kernel. 1966 This is useful if you cannot or don't want to change the 1967 command-line options your boot loader passes to the kernel. 1968 1969endchoice 1970 1971config EFI_STUB 1972 bool 1973 1974config EFI 1975 bool "UEFI runtime support" 1976 depends on OF && !CPU_BIG_ENDIAN 1977 depends on KERNEL_MODE_NEON 1978 select ARCH_SUPPORTS_ACPI 1979 select LIBFDT 1980 select UCS2_STRING 1981 select EFI_PARAMS_FROM_FDT 1982 select EFI_RUNTIME_WRAPPERS 1983 select EFI_STUB 1984 select EFI_GENERIC_STUB 1985 default y 1986 help 1987 This option provides support for runtime services provided 1988 by UEFI firmware (such as non-volatile variables, realtime 1989 clock, and platform reset). A UEFI stub is also provided to 1990 allow the kernel to be booted as an EFI application. This 1991 is only useful on systems that have UEFI firmware. 1992 1993config DMI 1994 bool "Enable support for SMBIOS (DMI) tables" 1995 depends on EFI 1996 default y 1997 help 1998 This enables SMBIOS/DMI feature for systems. 1999 2000 This option is only useful on systems that have UEFI firmware. 2001 However, even with this option, the resultant kernel should 2002 continue to boot on existing non-UEFI platforms. 2003 2004endmenu 2005 2006config SYSVIPC_COMPAT 2007 def_bool y 2008 depends on COMPAT && SYSVIPC 2009 2010config ARCH_ENABLE_HUGEPAGE_MIGRATION 2011 def_bool y 2012 depends on HUGETLB_PAGE && MIGRATION 2013 2014config ARCH_ENABLE_THP_MIGRATION 2015 def_bool y 2016 depends on TRANSPARENT_HUGEPAGE 2017 2018menu "Power management options" 2019 2020source "kernel/power/Kconfig" 2021 2022config ARCH_HIBERNATION_POSSIBLE 2023 def_bool y 2024 depends on CPU_PM 2025 2026config ARCH_HIBERNATION_HEADER 2027 def_bool y 2028 depends on HIBERNATION 2029 2030config ARCH_SUSPEND_POSSIBLE 2031 def_bool y 2032 2033endmenu 2034 2035menu "CPU Power Management" 2036 2037source "drivers/cpuidle/Kconfig" 2038 2039source "drivers/cpufreq/Kconfig" 2040 2041endmenu 2042 2043source "drivers/firmware/Kconfig" 2044 2045source "drivers/acpi/Kconfig" 2046 2047source "arch/arm64/kvm/Kconfig" 2048 2049if CRYPTO 2050source "arch/arm64/crypto/Kconfig" 2051endif 2052