mirror of
https://github.com/torvalds/linux.git
synced 2024-12-28 22:02:28 +00:00
0d025d271e
There are three usercopy warnings which are currently being silenced for
gcc 4.6 and newer:
1) "copy_from_user() buffer size is too small" compile warning/error
This is a static warning which happens when object size and copy size
are both const, and copy size > object size. I didn't see any false
positives for this one. So the function warning attribute seems to
be working fine here.
Note this scenario is always a bug and so I think it should be
changed to *always* be an error, regardless of
CONFIG_DEBUG_STRICT_USER_COPY_CHECKS.
2) "copy_from_user() buffer size is not provably correct" compile warning
This is another static warning which happens when I enable
__compiletime_object_size() for new compilers (and
CONFIG_DEBUG_STRICT_USER_COPY_CHECKS). It happens when object size
is const, but copy size is *not*. In this case there's no way to
compare the two at build time, so it gives the warning. (Note the
warning is a byproduct of the fact that gcc has no way of knowing
whether the overflow function will be called, so the call isn't dead
code and the warning attribute is activated.)
So this warning seems to only indicate "this is an unusual pattern,
maybe you should check it out" rather than "this is a bug".
I get 102(!) of these warnings with allyesconfig and the
__compiletime_object_size() gcc check removed. I don't know if there
are any real bugs hiding in there, but from looking at a small
sample, I didn't see any. According to Kees, it does sometimes find
real bugs. But the false positive rate seems high.
3) "Buffer overflow detected" runtime warning
This is a runtime warning where object size is const, and copy size >
object size.
All three warnings (both static and runtime) were completely disabled
for gcc 4.6 with the following commit:
2fb0815c9e
("gcc4: disable __compiletime_object_size for GCC 4.6+")
That commit mistakenly assumed that the false positives were caused by a
gcc bug in __compiletime_object_size(). But in fact,
__compiletime_object_size() seems to be working fine. The false
positives were instead triggered by #2 above. (Though I don't have an
explanation for why the warnings supposedly only started showing up in
gcc 4.6.)
So remove warning #2 to get rid of all the false positives, and re-enable
warnings #1 and #3 by reverting the above commit.
Furthermore, since #1 is a real bug which is detected at compile time,
upgrade it to always be an error.
Having done all that, CONFIG_DEBUG_STRICT_USER_COPY_CHECKS is no longer
needed.
Signed-off-by: Josh Poimboeuf <jpoimboe@redhat.com>
Cc: Kees Cook <keescook@chromium.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: "H . Peter Anvin" <hpa@zytor.com>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Steven Rostedt <rostedt@goodmis.org>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Frederic Weisbecker <fweisbec@gmail.com>
Cc: Byungchul Park <byungchul.park@lge.com>
Cc: Nilay Vaish <nilayvaish@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
481 lines
12 KiB
Plaintext
481 lines
12 KiB
Plaintext
# For a description of the syntax of this configuration file,
|
|
# see Documentation/kbuild/kconfig-language.txt.
|
|
|
|
config TILE
|
|
def_bool y
|
|
select ARCH_HAS_ATOMIC64_DEC_IF_POSITIVE
|
|
select ARCH_HAS_DEVMEM_IS_ALLOWED
|
|
select ARCH_HAVE_NMI_SAFE_CMPXCHG
|
|
select ARCH_WANT_FRAME_POINTERS
|
|
select CC_OPTIMIZE_FOR_SIZE
|
|
select EDAC_SUPPORT
|
|
select GENERIC_CLOCKEVENTS
|
|
select GENERIC_FIND_FIRST_BIT
|
|
select GENERIC_IRQ_PROBE
|
|
select GENERIC_IRQ_SHOW
|
|
select GENERIC_PENDING_IRQ if SMP
|
|
select GENERIC_STRNCPY_FROM_USER
|
|
select GENERIC_STRNLEN_USER
|
|
select HAVE_ARCH_SECCOMP_FILTER
|
|
select HAVE_ARCH_TRACEHOOK
|
|
select HAVE_CONTEXT_TRACKING
|
|
select HAVE_DEBUG_BUGVERBOSE
|
|
select HAVE_DEBUG_KMEMLEAK
|
|
select HAVE_DEBUG_STACKOVERFLOW
|
|
select HAVE_DMA_API_DEBUG
|
|
select HAVE_EXIT_THREAD
|
|
select HAVE_KVM if !TILEGX
|
|
select HAVE_NMI if USE_PMC
|
|
select HAVE_PERF_EVENTS
|
|
select HAVE_SYSCALL_TRACEPOINTS
|
|
select MODULES_USE_ELF_RELA
|
|
select SYSCTL_EXCEPTION_TRACE
|
|
select SYS_HYPERVISOR
|
|
select USER_STACKTRACE_SUPPORT
|
|
select USE_PMC if PERF_EVENTS
|
|
select VIRT_TO_BUS
|
|
|
|
config MMU
|
|
def_bool y
|
|
|
|
config GENERIC_CSUM
|
|
def_bool y
|
|
|
|
config HAVE_ARCH_ALLOC_REMAP
|
|
def_bool y
|
|
|
|
config HAVE_SETUP_PER_CPU_AREA
|
|
def_bool y
|
|
|
|
config NEED_PER_CPU_PAGE_FIRST_CHUNK
|
|
def_bool y
|
|
|
|
config SYS_SUPPORTS_HUGETLBFS
|
|
def_bool y
|
|
|
|
# Support for additional huge page sizes besides HPAGE_SIZE.
|
|
# The software support is currently only present in the TILE-Gx
|
|
# hypervisor. TILEPro in any case does not support page sizes
|
|
# larger than the default HPAGE_SIZE.
|
|
config HUGETLB_SUPER_PAGES
|
|
depends on HUGETLB_PAGE && TILEGX
|
|
def_bool y
|
|
|
|
config GENERIC_TIME_VSYSCALL
|
|
def_bool y
|
|
|
|
# Enable PMC if PERF_EVENTS, OPROFILE, or WATCHPOINTS are enabled.
|
|
config USE_PMC
|
|
bool
|
|
|
|
# FIXME: tilegx can implement a more efficient rwsem.
|
|
config RWSEM_GENERIC_SPINLOCK
|
|
def_bool y
|
|
|
|
# We only support gcc 4.4 and above, so this should work.
|
|
config ARCH_SUPPORTS_OPTIMIZED_INLINING
|
|
def_bool y
|
|
|
|
config ARCH_PHYS_ADDR_T_64BIT
|
|
def_bool y
|
|
|
|
config ARCH_DMA_ADDR_T_64BIT
|
|
def_bool y
|
|
|
|
config NEED_DMA_MAP_STATE
|
|
def_bool y
|
|
|
|
config ARCH_HAS_DMA_SET_COHERENT_MASK
|
|
bool
|
|
|
|
config LOCKDEP_SUPPORT
|
|
def_bool y
|
|
|
|
config STACKTRACE_SUPPORT
|
|
def_bool y
|
|
select STACKTRACE
|
|
|
|
# We use discontigmem for now; at some point we may want to switch
|
|
# to sparsemem (Tilera bug 7996).
|
|
config ARCH_DISCONTIGMEM_ENABLE
|
|
def_bool y
|
|
|
|
config ARCH_DISCONTIGMEM_DEFAULT
|
|
def_bool y
|
|
|
|
config TRACE_IRQFLAGS_SUPPORT
|
|
def_bool y
|
|
|
|
# SMP is required for Tilera Linux.
|
|
config SMP
|
|
def_bool y
|
|
|
|
config HVC_TILE
|
|
depends on TTY
|
|
select HVC_DRIVER
|
|
select HVC_IRQ if TILEGX
|
|
def_bool y
|
|
|
|
# Building with ARCH=tilegx (or ARCH=tile) implies using the
|
|
# 64-bit TILE-Gx toolchain, so force CONFIG_TILEGX on.
|
|
config TILEGX
|
|
def_bool ARCH != "tilepro"
|
|
select ARCH_SUPPORTS_ATOMIC_RMW
|
|
select GENERIC_IRQ_LEGACY_ALLOC_HWIRQ
|
|
select HAVE_ARCH_JUMP_LABEL
|
|
select HAVE_ARCH_KGDB
|
|
select HAVE_DYNAMIC_FTRACE
|
|
select HAVE_FTRACE_MCOUNT_RECORD
|
|
select HAVE_FUNCTION_GRAPH_TRACER
|
|
select HAVE_FUNCTION_TRACER
|
|
select HAVE_KPROBES
|
|
select HAVE_KRETPROBES
|
|
select SPARSE_IRQ
|
|
|
|
config TILEPRO
|
|
def_bool !TILEGX
|
|
|
|
config 64BIT
|
|
def_bool TILEGX
|
|
|
|
config ARCH_DEFCONFIG
|
|
string
|
|
default "arch/tile/configs/tilepro_defconfig" if !TILEGX
|
|
default "arch/tile/configs/tilegx_defconfig" if TILEGX
|
|
|
|
config PGTABLE_LEVELS
|
|
int
|
|
default 3 if 64BIT
|
|
default 2
|
|
|
|
source "init/Kconfig"
|
|
|
|
source "kernel/Kconfig.freezer"
|
|
|
|
menu "Tilera-specific configuration"
|
|
|
|
config NR_CPUS
|
|
int "Maximum number of tiles (2-255)"
|
|
range 2 255
|
|
depends on SMP
|
|
default "64"
|
|
---help---
|
|
Building with 64 is the recommended value, but a slightly
|
|
smaller kernel memory footprint results from using a smaller
|
|
value on chips with fewer tiles.
|
|
|
|
choice
|
|
prompt "Kernel page size"
|
|
default PAGE_SIZE_64KB
|
|
help
|
|
This lets you select the page size of the kernel. For best
|
|
performance on memory-intensive applications, a page size of 64KB
|
|
is recommended. For workloads involving many small files, many
|
|
connections, etc., it may be better to select 16KB, which uses
|
|
memory more efficiently at some cost in TLB performance.
|
|
|
|
Note that for TILEPro, you must also rebuild the hypervisor
|
|
with a matching page size.
|
|
|
|
config PAGE_SIZE_4KB
|
|
bool "4KB" if TILEPRO
|
|
|
|
config PAGE_SIZE_16KB
|
|
bool "16KB"
|
|
|
|
config PAGE_SIZE_64KB
|
|
bool "64KB"
|
|
|
|
endchoice
|
|
|
|
source "kernel/Kconfig.hz"
|
|
|
|
config KEXEC
|
|
bool "kexec system call"
|
|
select KEXEC_CORE
|
|
---help---
|
|
kexec is a system call that implements the ability to shutdown your
|
|
current kernel, and to start another kernel. It is like a reboot
|
|
but it is independent of the system firmware. It is used
|
|
to implement the "mboot" Tilera booter.
|
|
|
|
The name comes from the similarity to the exec system call.
|
|
|
|
config COMPAT
|
|
bool "Support 32-bit TILE-Gx binaries in addition to 64-bit"
|
|
depends on TILEGX
|
|
select COMPAT_BINFMT_ELF
|
|
default y
|
|
---help---
|
|
If enabled, the kernel will support running TILE-Gx binaries
|
|
that were built with the -m32 option.
|
|
|
|
config SECCOMP
|
|
bool "Enable seccomp to safely compute untrusted bytecode"
|
|
depends on PROC_FS
|
|
help
|
|
This kernel feature is useful for number crunching applications
|
|
that may need to compute untrusted bytecode during their
|
|
execution. By using pipes or other transports made available to
|
|
the process as file descriptors supporting the read/write
|
|
syscalls, it's possible to isolate those applications in
|
|
their own address space using seccomp. Once seccomp is
|
|
enabled via prctl, it cannot be disabled and the task is only
|
|
allowed to execute a few safe syscalls defined by each seccomp
|
|
mode.
|
|
|
|
If unsure, say N.
|
|
|
|
config SYSVIPC_COMPAT
|
|
def_bool y
|
|
depends on COMPAT && SYSVIPC
|
|
|
|
# We do not currently support disabling HIGHMEM on tilepro.
|
|
config HIGHMEM
|
|
bool # "Support for more than 512 MB of RAM"
|
|
default !TILEGX
|
|
---help---
|
|
Linux can use the full amount of RAM in the system by
|
|
default. However, the address space of TILE processors is
|
|
only 4 Gigabytes large. That means that, if you have a large
|
|
amount of physical memory, not all of it can be "permanently
|
|
mapped" by the kernel. The physical memory that's not
|
|
permanently mapped is called "high memory".
|
|
|
|
If you are compiling a kernel which will never run on a
|
|
machine with more than 512 MB total physical RAM, answer
|
|
"false" here. This will result in the kernel mapping all of
|
|
physical memory into the top 1 GB of virtual memory space.
|
|
|
|
If unsure, say "true".
|
|
|
|
config ZONE_DMA
|
|
def_bool y
|
|
|
|
config IOMMU_HELPER
|
|
bool
|
|
|
|
config NEED_SG_DMA_LENGTH
|
|
bool
|
|
|
|
config SWIOTLB
|
|
bool
|
|
default TILEGX
|
|
select IOMMU_HELPER
|
|
select NEED_SG_DMA_LENGTH
|
|
select ARCH_HAS_DMA_SET_COHERENT_MASK
|
|
|
|
# We do not currently support disabling NUMA.
|
|
config NUMA
|
|
bool # "NUMA Memory Allocation and Scheduler Support"
|
|
depends on SMP && DISCONTIGMEM
|
|
default y
|
|
---help---
|
|
NUMA memory allocation is required for TILE processors
|
|
unless booting with memory striping enabled in the
|
|
hypervisor, or with only a single memory controller.
|
|
It is recommended that this option always be enabled.
|
|
|
|
config NODES_SHIFT
|
|
int "Log base 2 of the max number of memory controllers"
|
|
default 2
|
|
depends on NEED_MULTIPLE_NODES
|
|
---help---
|
|
By default, 2, i.e. 2^2 == 4 DDR2 controllers.
|
|
In a system with more controllers, this value should be raised.
|
|
|
|
choice
|
|
depends on !TILEGX
|
|
prompt "Memory split" if EXPERT
|
|
default VMSPLIT_3G
|
|
---help---
|
|
Select the desired split between kernel and user memory.
|
|
|
|
If the address range available to the kernel is less than the
|
|
physical memory installed, the remaining memory will be available
|
|
as "high memory". Accessing high memory is a little more costly
|
|
than low memory, as it needs to be mapped into the kernel first.
|
|
Note that increasing the kernel address space limits the range
|
|
available to user programs, making the address space there
|
|
tighter. Selecting anything other than the default 3G/1G split
|
|
will also likely make your kernel incompatible with binary-only
|
|
kernel modules.
|
|
|
|
If you are not absolutely sure what you are doing, leave this
|
|
option alone!
|
|
|
|
config VMSPLIT_3_75G
|
|
bool "3.75G/0.25G user/kernel split (no kernel networking)"
|
|
config VMSPLIT_3_5G
|
|
bool "3.5G/0.5G user/kernel split"
|
|
config VMSPLIT_3G
|
|
bool "3G/1G user/kernel split"
|
|
config VMSPLIT_2_75G
|
|
bool "2.75G/1.25G user/kernel split (for full 1G low memory)"
|
|
config VMSPLIT_2_5G
|
|
bool "2.5G/1.5G user/kernel split"
|
|
config VMSPLIT_2_25G
|
|
bool "2.25G/1.75G user/kernel split"
|
|
config VMSPLIT_2G
|
|
bool "2G/2G user/kernel split"
|
|
config VMSPLIT_1G
|
|
bool "1G/3G user/kernel split"
|
|
endchoice
|
|
|
|
config PAGE_OFFSET
|
|
hex
|
|
depends on !64BIT
|
|
default 0xF0000000 if VMSPLIT_3_75G
|
|
default 0xE0000000 if VMSPLIT_3_5G
|
|
default 0xB0000000 if VMSPLIT_2_75G
|
|
default 0xA0000000 if VMSPLIT_2_5G
|
|
default 0x90000000 if VMSPLIT_2_25G
|
|
default 0x80000000 if VMSPLIT_2G
|
|
default 0x40000000 if VMSPLIT_1G
|
|
default 0xC0000000
|
|
|
|
source "mm/Kconfig"
|
|
|
|
source "kernel/Kconfig.preempt"
|
|
|
|
config CMDLINE_BOOL
|
|
bool "Built-in kernel command line"
|
|
default n
|
|
---help---
|
|
Allow for specifying boot arguments to the kernel at
|
|
build time. On some systems (e.g. embedded ones), it is
|
|
necessary or convenient to provide some or all of the
|
|
kernel boot arguments with the kernel itself (that is,
|
|
to not rely on the boot loader to provide them.)
|
|
|
|
To compile command line arguments into the kernel,
|
|
set this option to 'Y', then fill in the
|
|
the boot arguments in CONFIG_CMDLINE.
|
|
|
|
Systems with fully functional boot loaders (e.g. mboot, or
|
|
if booting over PCI) should leave this option set to 'N'.
|
|
|
|
config CMDLINE
|
|
string "Built-in kernel command string"
|
|
depends on CMDLINE_BOOL
|
|
default ""
|
|
---help---
|
|
Enter arguments here that should be compiled into the kernel
|
|
image and used at boot time. If the boot loader provides a
|
|
command line at boot time, it is appended to this string to
|
|
form the full kernel command line, when the system boots.
|
|
|
|
However, you can use the CONFIG_CMDLINE_OVERRIDE option to
|
|
change this behavior.
|
|
|
|
In most cases, the command line (whether built-in or provided
|
|
by the boot loader) should specify the device for the root
|
|
file system.
|
|
|
|
config CMDLINE_OVERRIDE
|
|
bool "Built-in command line overrides boot loader arguments"
|
|
default n
|
|
depends on CMDLINE_BOOL
|
|
---help---
|
|
Set this option to 'Y' to have the kernel ignore the boot loader
|
|
command line, and use ONLY the built-in command line.
|
|
|
|
This is used to work around broken boot loaders. This should
|
|
be set to 'N' under normal conditions.
|
|
|
|
config VMALLOC_RESERVE
|
|
hex
|
|
default 0x2000000
|
|
|
|
config HARDWALL
|
|
bool "Hardwall support to allow access to user dynamic network"
|
|
default y
|
|
|
|
config KERNEL_PL
|
|
int "Processor protection level for kernel"
|
|
range 1 2
|
|
default 2 if TILEGX
|
|
default 1 if !TILEGX
|
|
---help---
|
|
Since MDE 4.2, the Tilera hypervisor runs the kernel
|
|
at PL2 by default. If running under an older hypervisor,
|
|
or as a KVM guest, you must run at PL1. (The current
|
|
hypervisor may also be recompiled with "make HV_PL=2" to
|
|
allow it to run a kernel at PL1, but clients running at PL1
|
|
are not expected to be supported indefinitely.)
|
|
|
|
If you're not sure, don't change the default.
|
|
|
|
source "arch/tile/gxio/Kconfig"
|
|
|
|
endmenu # Tilera-specific configuration
|
|
|
|
menu "Bus options"
|
|
|
|
config PCI
|
|
bool "PCI support"
|
|
default y
|
|
select PCI_DOMAINS
|
|
select GENERIC_PCI_IOMAP
|
|
select TILE_GXIO_TRIO if TILEGX
|
|
select PCI_MSI if TILEGX
|
|
---help---
|
|
Enable PCI root complex support, so PCIe endpoint devices can
|
|
be attached to the Tile chip. Many, but not all, PCI devices
|
|
are supported under Tilera's root complex driver.
|
|
|
|
config PCI_DOMAINS
|
|
bool
|
|
|
|
config NO_IOMEM
|
|
def_bool !PCI
|
|
|
|
config NO_IOPORT_MAP
|
|
def_bool !PCI
|
|
|
|
config TILE_PCI_IO
|
|
bool "PCI I/O space support"
|
|
default n
|
|
depends on PCI
|
|
depends on TILEGX
|
|
---help---
|
|
Enable PCI I/O space support on TILEGx. Since the PCI I/O space
|
|
is used by few modern PCIe endpoint devices, its support is disabled
|
|
by default to save the TRIO PIO Region resource for other purposes.
|
|
|
|
source "drivers/pci/Kconfig"
|
|
|
|
config TILE_USB
|
|
tristate "Tilera USB host adapter support"
|
|
default y
|
|
depends on USB
|
|
depends on TILEGX
|
|
select TILE_GXIO_USB_HOST
|
|
---help---
|
|
Provides USB host adapter support for the built-in EHCI and OHCI
|
|
interfaces on TILE-Gx chips.
|
|
|
|
endmenu
|
|
|
|
menu "Executable file formats"
|
|
|
|
source "fs/Kconfig.binfmt"
|
|
|
|
endmenu
|
|
|
|
source "net/Kconfig"
|
|
|
|
source "drivers/Kconfig"
|
|
|
|
source "fs/Kconfig"
|
|
|
|
source "arch/tile/Kconfig.debug"
|
|
|
|
source "security/Kconfig"
|
|
|
|
source "crypto/Kconfig"
|
|
|
|
source "lib/Kconfig"
|
|
|
|
source "arch/tile/kvm/Kconfig"
|