| Kconfig (d8da19fbdedd5852592fbba18a7348e3f09500e6) | Kconfig (e5f02b51fa0cb785e352e77271a65e96051b789b) |
|---|---|
| 1# SPDX-License-Identifier: GPL-2.0 2config LOONGARCH 3 bool 4 default y 5 select ACPI 6 select ACPI_GENERIC_GSI if ACPI 7 select ACPI_MCFG if ACPI 8 select ACPI_SYSTEM_POWER_STATES_SUPPORT if ACPI --- 487 unchanged lines hidden (view full) --- 496config RELOCATABLE 497 bool "Relocatable kernel" 498 help 499 This builds the kernel as a Position Independent Executable (PIE), 500 which retains all relocation metadata required, so as to relocate 501 the kernel binary at runtime to a different virtual address from 502 its link address. 503 | 1# SPDX-License-Identifier: GPL-2.0 2config LOONGARCH 3 bool 4 default y 5 select ACPI 6 select ACPI_GENERIC_GSI if ACPI 7 select ACPI_MCFG if ACPI 8 select ACPI_SYSTEM_POWER_STATES_SUPPORT if ACPI --- 487 unchanged lines hidden (view full) --- 496config RELOCATABLE 497 bool "Relocatable kernel" 498 help 499 This builds the kernel as a Position Independent Executable (PIE), 500 which retains all relocation metadata required, so as to relocate 501 the kernel binary at runtime to a different virtual address from 502 its link address. 503 |
| 504config RANDOMIZE_BASE 505 bool "Randomize the address of the kernel (KASLR)" 506 depends on RELOCATABLE 507 help 508 Randomizes the physical and virtual address at which the 509 kernel image is loaded, as a security feature that 510 deters exploit attempts relying on knowledge of the location 511 of kernel internals. 512 513 The kernel will be offset by up to RANDOMIZE_BASE_MAX_OFFSET. 514 515 If unsure, say N. 516 517config RANDOMIZE_BASE_MAX_OFFSET 518 hex "Maximum KASLR offset" if EXPERT 519 depends on RANDOMIZE_BASE 520 range 0x0 0x10000000 521 default "0x01000000" 522 help 523 When KASLR is active, this provides the maximum offset that will 524 be applied to the kernel image. It should be set according to the 525 amount of physical RAM available in the target system. 526 527 This is limited by the size of the lower address memory, 256MB. 528 |
|
| 504config SECCOMP 505 bool "Enable seccomp to safely compute untrusted bytecode" 506 depends on PROC_FS 507 default y 508 help 509 This kernel feature is useful for number crunching applications 510 that may need to compute untrusted bytecode during their 511 execution. By using pipes or other transports made available to --- 59 unchanged lines hidden --- | 529config SECCOMP 530 bool "Enable seccomp to safely compute untrusted bytecode" 531 depends on PROC_FS 532 default y 533 help 534 This kernel feature is useful for number crunching applications 535 that may need to compute untrusted bytecode during their 536 execution. By using pipes or other transports made available to --- 59 unchanged lines hidden --- |