mirror of
https://github.com/torvalds/linux.git
synced 2024-11-24 21:21:41 +00:00
87590ce6e3
As the meltdown/spectre problem affects several CPU architectures, it makes sense to have common way to express whether a system is affected by a particular vulnerability or not. If affected the way to express the mitigation should be common as well. Create /sys/devices/system/cpu/vulnerabilities folder and files for meltdown, spectre_v1 and spectre_v2. Allow architectures to override the show function. Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Will Deacon <will.deacon@arm.com> Cc: Dave Hansen <dave.hansen@intel.com> Cc: Linus Torvalds <torvalds@linuxfoundation.org> Cc: Borislav Petkov <bp@alien8.de> Cc: David Woodhouse <dwmw@amazon.co.uk> Link: https://lkml.kernel.org/r/20180107214913.096657732@linutronix.de
352 lines
12 KiB
Plaintext
352 lines
12 KiB
Plaintext
# SPDX-License-Identifier: GPL-2.0
|
|
menu "Generic Driver Options"
|
|
|
|
config UEVENT_HELPER
|
|
bool "Support for uevent helper"
|
|
default y
|
|
help
|
|
The uevent helper program is forked by the kernel for
|
|
every uevent.
|
|
Before the switch to the netlink-based uevent source, this was
|
|
used to hook hotplug scripts into kernel device events. It
|
|
usually pointed to a shell script at /sbin/hotplug.
|
|
This should not be used today, because usual systems create
|
|
many events at bootup or device discovery in a very short time
|
|
frame. One forked process per event can create so many processes
|
|
that it creates a high system load, or on smaller systems
|
|
it is known to create out-of-memory situations during bootup.
|
|
|
|
config UEVENT_HELPER_PATH
|
|
string "path to uevent helper"
|
|
depends on UEVENT_HELPER
|
|
default ""
|
|
help
|
|
To disable user space helper program execution at by default
|
|
specify an empty string here. This setting can still be altered
|
|
via /proc/sys/kernel/hotplug or via /sys/kernel/uevent_helper
|
|
later at runtime.
|
|
|
|
config DEVTMPFS
|
|
bool "Maintain a devtmpfs filesystem to mount at /dev"
|
|
help
|
|
This creates a tmpfs/ramfs filesystem instance early at bootup.
|
|
In this filesystem, the kernel driver core maintains device
|
|
nodes with their default names and permissions for all
|
|
registered devices with an assigned major/minor number.
|
|
Userspace can modify the filesystem content as needed, add
|
|
symlinks, and apply needed permissions.
|
|
It provides a fully functional /dev directory, where usually
|
|
udev runs on top, managing permissions and adding meaningful
|
|
symlinks.
|
|
In very limited environments, it may provide a sufficient
|
|
functional /dev without any further help. It also allows simple
|
|
rescue systems, and reliably handles dynamic major/minor numbers.
|
|
|
|
Notice: if CONFIG_TMPFS isn't enabled, the simpler ramfs
|
|
file system will be used instead.
|
|
|
|
config DEVTMPFS_MOUNT
|
|
bool "Automount devtmpfs at /dev, after the kernel mounted the rootfs"
|
|
depends on DEVTMPFS
|
|
help
|
|
This will instruct the kernel to automatically mount the
|
|
devtmpfs filesystem at /dev, directly after the kernel has
|
|
mounted the root filesystem. The behavior can be overridden
|
|
with the commandline parameter: devtmpfs.mount=0|1.
|
|
This option does not affect initramfs based booting, here
|
|
the devtmpfs filesystem always needs to be mounted manually
|
|
after the rootfs is mounted.
|
|
With this option enabled, it allows to bring up a system in
|
|
rescue mode with init=/bin/sh, even when the /dev directory
|
|
on the rootfs is completely empty.
|
|
|
|
config STANDALONE
|
|
bool "Select only drivers that don't need compile-time external firmware"
|
|
default y
|
|
help
|
|
Select this option if you don't have magic firmware for drivers that
|
|
need it.
|
|
|
|
If unsure, say Y.
|
|
|
|
config PREVENT_FIRMWARE_BUILD
|
|
bool "Prevent firmware from being built"
|
|
default y
|
|
help
|
|
Say yes to avoid building firmware. Firmware is usually shipped
|
|
with the driver and only when updating the firmware should a
|
|
rebuild be made.
|
|
If unsure, say Y here.
|
|
|
|
config FW_LOADER
|
|
tristate "Userspace firmware loading support" if EXPERT
|
|
default y
|
|
---help---
|
|
This option is provided for the case where none of the in-tree modules
|
|
require userspace firmware loading support, but a module built
|
|
out-of-tree does.
|
|
|
|
config FIRMWARE_IN_KERNEL
|
|
bool "Include in-kernel firmware blobs in kernel binary"
|
|
depends on FW_LOADER
|
|
default y
|
|
help
|
|
The kernel source tree includes a number of firmware 'blobs'
|
|
that are used by various drivers. The recommended way to
|
|
use these is to run "make firmware_install", which, after
|
|
converting ihex files to binary, copies all of the needed
|
|
binary files in firmware/ to /lib/firmware/ on your system so
|
|
that they can be loaded by userspace helpers on request.
|
|
|
|
Enabling this option will build each required firmware blob
|
|
into the kernel directly, where request_firmware() will find
|
|
them without having to call out to userspace. This may be
|
|
useful if your root file system requires a device that uses
|
|
such firmware and do not wish to use an initrd.
|
|
|
|
This single option controls the inclusion of firmware for
|
|
every driver that uses request_firmware() and ships its
|
|
firmware in the kernel source tree, which avoids a
|
|
proliferation of 'Include firmware for xxx device' options.
|
|
|
|
Say 'N' and let firmware be loaded from userspace.
|
|
|
|
config EXTRA_FIRMWARE
|
|
string "External firmware blobs to build into the kernel binary"
|
|
depends on FW_LOADER
|
|
help
|
|
This option allows firmware to be built into the kernel for the case
|
|
where the user either cannot or doesn't want to provide it from
|
|
userspace at runtime (for example, when the firmware in question is
|
|
required for accessing the boot device, and the user doesn't want to
|
|
use an initrd).
|
|
|
|
This option is a string and takes the (space-separated) names of the
|
|
firmware files -- the same names that appear in MODULE_FIRMWARE()
|
|
and request_firmware() in the source. These files should exist under
|
|
the directory specified by the EXTRA_FIRMWARE_DIR option, which is
|
|
by default the firmware subdirectory of the kernel source tree.
|
|
|
|
For example, you might set CONFIG_EXTRA_FIRMWARE="usb8388.bin", copy
|
|
the usb8388.bin file into the firmware directory, and build the kernel.
|
|
Then any request_firmware("usb8388.bin") will be satisfied internally
|
|
without needing to call out to userspace.
|
|
|
|
WARNING: If you include additional firmware files into your binary
|
|
kernel image that are not available under the terms of the GPL,
|
|
then it may be a violation of the GPL to distribute the resulting
|
|
image since it combines both GPL and non-GPL work. You should
|
|
consult a lawyer of your own before distributing such an image.
|
|
|
|
config EXTRA_FIRMWARE_DIR
|
|
string "Firmware blobs root directory"
|
|
depends on EXTRA_FIRMWARE != ""
|
|
default "/lib/firmware"
|
|
help
|
|
This option controls the directory in which the kernel build system
|
|
looks for the firmware files listed in the EXTRA_FIRMWARE option.
|
|
|
|
config FW_LOADER_USER_HELPER
|
|
bool
|
|
|
|
config FW_LOADER_USER_HELPER_FALLBACK
|
|
bool "Fallback user-helper invocation for firmware loading"
|
|
depends on FW_LOADER
|
|
select FW_LOADER_USER_HELPER
|
|
help
|
|
This option enables / disables the invocation of user-helper
|
|
(e.g. udev) for loading firmware files as a fallback after the
|
|
direct file loading in kernel fails. The user-mode helper is
|
|
no longer required unless you have a special firmware file that
|
|
resides in a non-standard path. Moreover, the udev support has
|
|
been deprecated upstream.
|
|
|
|
If you are unsure about this, say N here.
|
|
|
|
config WANT_DEV_COREDUMP
|
|
bool
|
|
help
|
|
Drivers should "select" this option if they desire to use the
|
|
device coredump mechanism.
|
|
|
|
config ALLOW_DEV_COREDUMP
|
|
bool "Allow device coredump" if EXPERT
|
|
default y
|
|
help
|
|
This option controls if the device coredump mechanism is available or
|
|
not; if disabled, the mechanism will be omitted even if drivers that
|
|
can use it are enabled.
|
|
Say 'N' for more sensitive systems or systems that don't want
|
|
to ever access the information to not have the code, nor keep any
|
|
data.
|
|
|
|
If unsure, say Y.
|
|
|
|
config DEV_COREDUMP
|
|
bool
|
|
default y if WANT_DEV_COREDUMP
|
|
depends on ALLOW_DEV_COREDUMP
|
|
|
|
config DEBUG_DRIVER
|
|
bool "Driver Core verbose debug messages"
|
|
depends on DEBUG_KERNEL
|
|
help
|
|
Say Y here if you want the Driver core to produce a bunch of
|
|
debug messages to the system log. Select this if you are having a
|
|
problem with the driver core and want to see more of what is
|
|
going on.
|
|
|
|
If you are unsure about this, say N here.
|
|
|
|
config DEBUG_DEVRES
|
|
bool "Managed device resources verbose debug messages"
|
|
depends on DEBUG_KERNEL
|
|
help
|
|
This option enables kernel parameter devres.log. If set to
|
|
non-zero, devres debug messages are printed. Select this if
|
|
you are having a problem with devres or want to debug
|
|
resource management for a managed device. devres.log can be
|
|
switched on and off from sysfs node.
|
|
|
|
If you are unsure about this, Say N here.
|
|
|
|
config DEBUG_TEST_DRIVER_REMOVE
|
|
bool "Test driver remove calls during probe (UNSTABLE)"
|
|
depends on DEBUG_KERNEL
|
|
help
|
|
Say Y here if you want the Driver core to test driver remove functions
|
|
by calling probe, remove, probe. This tests the remove path without
|
|
having to unbind the driver or unload the driver module.
|
|
|
|
This option is expected to find errors and may render your system
|
|
unusable. You should say N here unless you are explicitly looking to
|
|
test this functionality.
|
|
|
|
source "drivers/base/test/Kconfig"
|
|
|
|
config SYS_HYPERVISOR
|
|
bool
|
|
default n
|
|
|
|
config GENERIC_CPU_DEVICES
|
|
bool
|
|
default n
|
|
|
|
config GENERIC_CPU_AUTOPROBE
|
|
bool
|
|
|
|
config GENERIC_CPU_VULNERABILITIES
|
|
bool
|
|
|
|
config SOC_BUS
|
|
bool
|
|
select GLOB
|
|
|
|
source "drivers/base/regmap/Kconfig"
|
|
|
|
config DMA_SHARED_BUFFER
|
|
bool
|
|
default n
|
|
select ANON_INODES
|
|
help
|
|
This option enables the framework for buffer-sharing between
|
|
multiple drivers. A buffer is associated with a file using driver
|
|
APIs extension; the file's descriptor can then be passed on to other
|
|
driver.
|
|
|
|
config DMA_FENCE_TRACE
|
|
bool "Enable verbose DMA_FENCE_TRACE messages"
|
|
depends on DMA_SHARED_BUFFER
|
|
help
|
|
Enable the DMA_FENCE_TRACE printks. This will add extra
|
|
spam to the console log, but will make it easier to diagnose
|
|
lockup related problems for dma-buffers shared across multiple
|
|
devices.
|
|
|
|
config DMA_CMA
|
|
bool "DMA Contiguous Memory Allocator"
|
|
depends on HAVE_DMA_CONTIGUOUS && CMA
|
|
help
|
|
This enables the Contiguous Memory Allocator which allows drivers
|
|
to allocate big physically-contiguous blocks of memory for use with
|
|
hardware components that do not support I/O map nor scatter-gather.
|
|
|
|
You can disable CMA by specifying "cma=0" on the kernel's command
|
|
line.
|
|
|
|
For more information see <include/linux/dma-contiguous.h>.
|
|
If unsure, say "n".
|
|
|
|
if DMA_CMA
|
|
comment "Default contiguous memory area size:"
|
|
|
|
config CMA_SIZE_MBYTES
|
|
int "Size in Mega Bytes"
|
|
depends on !CMA_SIZE_SEL_PERCENTAGE
|
|
default 0 if X86
|
|
default 16
|
|
help
|
|
Defines the size (in MiB) of the default memory area for Contiguous
|
|
Memory Allocator. If the size of 0 is selected, CMA is disabled by
|
|
default, but it can be enabled by passing cma=size[MG] to the kernel.
|
|
|
|
|
|
config CMA_SIZE_PERCENTAGE
|
|
int "Percentage of total memory"
|
|
depends on !CMA_SIZE_SEL_MBYTES
|
|
default 0 if X86
|
|
default 10
|
|
help
|
|
Defines the size of the default memory area for Contiguous Memory
|
|
Allocator as a percentage of the total memory in the system.
|
|
If 0 percent is selected, CMA is disabled by default, but it can be
|
|
enabled by passing cma=size[MG] to the kernel.
|
|
|
|
choice
|
|
prompt "Selected region size"
|
|
default CMA_SIZE_SEL_MBYTES
|
|
|
|
config CMA_SIZE_SEL_MBYTES
|
|
bool "Use mega bytes value only"
|
|
|
|
config CMA_SIZE_SEL_PERCENTAGE
|
|
bool "Use percentage value only"
|
|
|
|
config CMA_SIZE_SEL_MIN
|
|
bool "Use lower value (minimum)"
|
|
|
|
config CMA_SIZE_SEL_MAX
|
|
bool "Use higher value (maximum)"
|
|
|
|
endchoice
|
|
|
|
config CMA_ALIGNMENT
|
|
int "Maximum PAGE_SIZE order of alignment for contiguous buffers"
|
|
range 4 12
|
|
default 8
|
|
help
|
|
DMA mapping framework by default aligns all buffers to the smallest
|
|
PAGE_SIZE order which is greater than or equal to the requested buffer
|
|
size. This works well for buffers up to a few hundreds kilobytes, but
|
|
for larger buffers it just a memory waste. With this parameter you can
|
|
specify the maximum PAGE_SIZE order for contiguous buffers. Larger
|
|
buffers will be aligned only to this specified order. The order is
|
|
expressed as a power of two multiplied by the PAGE_SIZE.
|
|
|
|
For example, if your system defaults to 4KiB pages, the order value
|
|
of 8 means that the buffers will be aligned up to 1MiB only.
|
|
|
|
If unsure, leave the default value "8".
|
|
|
|
endif
|
|
|
|
config GENERIC_ARCH_TOPOLOGY
|
|
bool
|
|
help
|
|
Enable support for architectures common topology code: e.g., parsing
|
|
CPU capacity information from DT, usage of such information for
|
|
appropriate scaling, sysfs interface for changing capacity values at
|
|
runtime.
|
|
|
|
endmenu
|