Lines Matching +full:non +full:- +full:tunable
1 # SPDX-License-Identifier: GPL-2.0
22 # IOMMUs not handled by dma-iommu. Drivers must never select this symbol.
29 menu "General architecture-dependent options"
34 Select if the architecture can check permissions at sub-page
80 for kernel debugging, non-intrusive instrumentation and testing.
89 makes certain almost-always-true or almost-always-false branch
92 Certain performance-sensitive kernel code, such as trace points,
106 ( On 32-bit x86, the necessary options added to the compiler
113 Boot time self-test of the branch patching code.
119 Boot time self-test of the call patching code.
140 Uprobes is the user-space counterpart to kprobes: they
142 to establish unintrusive probes in user-space binaries and
144 are hit by user-space applications.
146 ( These probes come in the form of single-byte breakpoints,
163 See Documentation/core-api/unaligned-memory-access.rst for
182 See Documentation/core-api/unaligned-memory-access.rst for more
189 for handling byte-swapping. Using these, instead of the old
194 with a nearby load or store and use load-and-swap or
195 store-and-swap instructions if the architecture has them. It
197 hand-coded assembler in <asm/swab.h>. But just in case it
200 Any architecture with load-and-swap or store-and-swap
218 Provide a kernel-internal notification when a cpu is about to
263 # arch_has_single_step() if there is hardware single-step support
264 # arch_has_block_step() if there is hardware block-step support
265 # asm/syscall.h supplying asm-generic/syscall.h interface
314 # to undo an in-place page table remap for uncached access.
322 # The architecture has a per-task state that includes the mm's PASID
352 All new 32-bit architectures should have 64-bit off_t type on
355 still support 32-bit off_t. This option is enabled for all such
366 <asm/asm-prototypes.h> to support the module versioning for symbols
375 For example the kprobes-based event tracer needs this API.
426 The arch chooses to use the generic perf-NMI-based hardlockup
442 bit-mapping of each registers and a unique architecture id.
491 # multi-threaded application), by reducing contention on the mm refcount.
500 # the lazy tlb reference of a kthread's ->active_mm (non-arch code has been
514 # - At the time of the final mmdrop of the mm, ensure mm_cpumask(mm) contains
516 # - It must meet the requirements for MMU_LAZY_TLB_REFCOUNT=n (see above).
527 arch-specific ELF note section to core files. It must provide two
567 and compat syscalls if the asm-generic/seccomp.h defaults need adjustment:
568 - __NR_seccomp_read_32
569 - __NR_seccomp_write_32
570 - __NR_seccomp_exit_32
571 - __NR_seccomp_sigreturn_32
578 - all the requirements for HAVE_ARCH_SECCOMP
579 - syscall_get_arch()
580 - syscall_get_arguments()
581 - syscall_rollback()
582 - syscall_set_return_value()
583 - SIGSYS siginfo_t support
584 - secure_computing is called from a ptrace_event()-safe context
585 - secure_computing return value is checked and a return value of -1
587 - seccomp syscall wired up
588 - if !HAVE_SPARSE_SYSCALL_NR, have SECCOMP_ARCH_NATIVE,
615 task-defined system call filtering polices.
617 See Documentation/userspace-api/seccomp_filter.rst for details.
644 - it has implemented a stack canary (e.g. __stack_chk_guard)
649 depends on $(cc-option,-fstack-protector)
652 This option turns on the "stack-protector" GCC feature. This
660 Functions will have the stack-protector canary logic added if they
661 have an 8-byte or larger character array on the stack.
664 gcc with the feature backported ("-fstack-protector").
673 depends on $(cc-option,-fstack-protector-strong)
676 Functions will have the stack-protector canary logic added in any
679 - local variable's address used as part of the right hand side of an
681 - local variable is an array (or union containing an array),
683 - uses register local variables
686 gcc with the feature backported ("-fstack-protector-strong").
710 - Clang: https://clang.llvm.org/docs/ShadowCallStack.html
711 - GCC: https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html#Instrumentation-Options
741 - compiling with Clang,
742 - compiling inline assembly with Clang's integrated assembler,
743 - and linking with LLD.
754 depends on $(success,$(NM) --help | head -n 1 | grep -qi llvm)
755 depends on $(success,$(AR) --help | head -n 1 | grep -qi llvm)
773 If unsure, select LTO_NONE. Note that LTO is very resource-intensive
858 Control-Flow Integrity (CFI) checking.
866 depends on $(cc-option,-fsanitize=kcfi)
868 This option enables Clang's forward-edge Control Flow Integrity
896 depends on $(cc-option,-fsanitize=kcfi -fsanitize-cfi-icall-experimental-normalize-integers)
897 # With GCOV/KASAN we need this fix: https://github.com/llvm/llvm-project/pull/104826
904 # With GCOV/KASAN we need this fix: https://github.com/rust-lang/rust/pull/129373
932 Syscalls need to be wrapped inside user_exit()-user_enter(), either
948 - Critical entry code isn't preemptible (or better yet:
950 - No use of RCU read side critical sections, unless ct_nmi_enter()
952 - No use of instrumentation, unless instrumentation_begin() got
977 With VIRT_CPU_ACCOUNTING_GEN, cputime_t becomes 64-bit.
980 cputime_t. For example, reading/writing 64-bit cputime_t on
981 some 32-bit arches may require multiple accesses, so proper
1012 # Archs that select this would be capable of PMD-sized vmaps (i.e.,
1038 just need a simple module loader without arch specific data - those
1072 with read-only execute permissions. Architecture must implement
1110 - arch_mmap_rnd()
1111 - arch_randomize_brk()
1119 - ARCH_MMAP_RND_BITS_MIN
1120 - ARCH_MMAP_RND_BITS_MAX
1149 /proc/sys/vm/mmap_rnd_bits tunable
1158 - ARCH_MMAP_RND_COMPAT_BITS_MIN
1159 - ARCH_MMAP_RND_COMPAT_BITS_MAX
1184 /proc/sys/vm/mmap_rnd_compat_bits tunable
1189 This allows 64bit applications to invoke 32-bit mmap() syscall
1190 and vice-versa 32-bit applications to call 64-bit mmap().
1240 per-page operations in the kernel at the expense of a larger
1260 This is not suitable for general-purpose workloads but the
1263 large in-memory data rather than small files.
1271 that have been compiled with '-zmax-page-size' set to 256KiB
1295 # address by giving priority to top-down scheme only if the process
1299 # - STACK_RND_MASK
1324 Architecture supports objtool compile-time frame pointer rule
1339 file which provides platform-specific implementations of some
1376 Architecture has old sigsuspend(2) syscall, of one-argument variety
1381 Even weirder antique ABI - three-argument sigsuspend(2)
1387 as OLD_SIGSUSPEND | OLD_SIGSUSPEND3 - alpha has sigsuspend(2),
1395 bool "Provide system calls for 32-bit time_t"
1399 This is relevant on all 32-bit architectures, and 64-bit architectures
1417 - vmalloc space must be large enough to hold many kernel stacks.
1418 This may rule out many 32-bit architectures.
1420 - Stacks in vmalloc space need to work reliably. For example, if
1427 - If the stack overflows into a guard page, something reasonable
1433 bool "Use a virtually-mapped stack"
1437 Enable this if you want the use virtually-mapped kernel stacks
1439 caught immediately rather than causing difficult-to-diagnose
1452 syscall exit. Careful removal of -fstack-protector-strong and
1453 -fstack-protector should also be applied to the entry code and
1467 cross-syscall address exposures.
1493 bool "Make kernel text and rodata read-only" if ARCH_OPTIONAL_KERNEL_RWX
1497 If this is set, kernel text and rodata memory will be made read-only,
1498 and non-text memory will be made non-executable. This provides
1513 If this is set, module text and rodata memory will be made read-only,
1514 and non-text memory will be made non-executable. This provides
1517 # select if the architecture provides an asm/dma-direct.h header
1526 linux/compiler-*.h in order to override macro definitions that those
1540 May be selected by an architecture if it supports place-relative
1541 32-bit relocations, both in the toolchain and in the module loader,
1554 Enable light-weight counting of various locking related events
1570 well as compatible NM and OBJCOPY utilities (llvm-nm and llvm-objcopy
1628 static key. This should have slightly lower overhead than non-inline
1640 included, size-asserted, or discarded in the linker scripts. This is
1657 If a 32-bit architecture requires 64-bit arguments to be split into
1658 pairs of 32-bit arguments, select this option.
1688 accessed bit in non-leaf PMD entries when using them as part of linear
1695 Architectures that select this option can run floating-point code in
1696 the kernel, as described in Documentation/core-api/floating-point.rst.
1700 source "scripts/gcc-plugins/Kconfig"
1727 # Detect availability of the GCC option -fmin-function-alignment which
1729 # -falign-functions which the compiler ignores for cold functions.
1730 def_bool $(cc-option, -fmin-function-alignment=8)
1733 # Set if the guaranteed alignment with -fmin-function-alignment is
1735 # strict alignment always, even with -falign-functions.