Lines Matching +full:in +full:- +full:and +full:- +full:around

1 # SPDX-License-Identifier: GPL-2.0-only
285 ARM 64-bit (AArch64) Linux support.
293 # required due to use of the -Zfixed-x18 flag.
296 # -Zsanitizer=shadow-call-stack flag.
306 depends on $(cc-option,-fpatchable-function-entry=2)
332 # VA_BITS - PTDESC_TABLE_SHIFT
410 def_bool !$(as-instr,1:\n.inst 0\n.rept . - 1b\n\nnop\n.endr\n)
415 # https://github.com/llvm/llvm-project/commit/2a96f47c5ffca84cd774ad402cacd137f4bf45e2
418 # and this was backported to 10.2.0, 9.4.0, 8.5.0, but not earlier
451 bool "AmpereOne: AC03_CPU_38: Certain bits in the Virtualization Translation Control Register and Translation Control Registers do not follow RES0 semantics"
454 This option adds an alternative code sequence to work around Ampere
455 errata AC03_CPU_38 and AC04_CPU_10 on AmpereOne.
457 The affected design reports FEAT_HAFDBS as not implemented in
465 at stage-2.
473 This option adds an alternative code sequence to work around Ampere
481 for corruption, and an ISB after is sufficient to prevent younger
490 bool "Cortex-A53: 826319: System might deadlock if a write cannot complete until read data is accepted"
494 This option adds an alternative code sequence to work around ARM
495 erratum 826319 on Cortex-A53 parts up to r0p2 with an AMBA 4 ACE or
496 AXI master interface and an L2 cache.
498 If a Cortex-A53 uses an AMBA AXI4 ACE interface to other processors
499 and is unable to accept a certain write via this interface, it will
500 not progress on read data presented on the read data channel and the
504 data cache clean-and-invalidate.
512 bool "Cortex-A53: 827319: Data cache clean instructions might cause overlapping transactions to the interconnect"
516 This option adds an alternative code sequence to work around ARM
517 erratum 827319 on Cortex-A53 parts up to r0p2 with an AMBA 5 CHI
518 master interface and an L2 cache.
526 data cache clean-and-invalidate.
534 bool "Cortex-A53: 824069: Cache line might not be marked as clean after a CleanShared snoop"
538 This option adds an alternative code sequence to work around ARM
539 erratum 824069 on Cortex-A53 parts up to r0p2 when it is connected
542 If a Cortex-A53 processor is executing a store or prefetch for
543 write instruction at the same time as a processor in another
549 data cache clean-and-invalidate.
557 bool "Cortex-A53: 819472: Store exclusive instructions might cause data corruption"
561 This option adds an alternative code sequence to work around ARM
562 erratum 819472 on Cortex-A53 parts up to r0p1 with an L2 cache
565 If the processor is executing a load and store exclusive sequence at
566 the same time as a processor in another cluster is executing a cache
571 data cache clean-and-invalidate.
579 bool "Cortex-A57: 832075: possible deadlock on mixing exclusive memory accesses with device loads"
582 This option adds an alternative code sequence to work around ARM
583 erratum 832075 on Cortex-A57 parts up to r1p2.
585 Affected Cortex-A57 parts might deadlock when exclusive load/store
586 instructions to Write-Back memory are mixed with Device loads.
588 The workaround is to promote device loads to use Load-Acquire
597 bool "Cortex-A57: 834220: Stage 2 translation fault might be incorrectly reported in presence of a Stage 1 fault (rare)"
600 This option adds an alternative code sequence to work around ARM
601 erratum 834220 on Cortex-A57 parts up to r1p2.
603 Affected Cortex-A57 parts might report a Stage 2 translation
606 alignment fault at Stage 1 and a translation fault at Stage 2.
617 bool "Cortex-A57/A72: 1742098: ELR recorded incorrectly on interrupt taken between cryptographic instructions in a sequence"
621 This option removes the AES hwcap for aarch32 user-space to
622 workaround erratum 1742098 on Cortex-A57 and Cortex-A72.
633 bool "Cortex-A53: 845719: a load might read incorrect data"
637 This option adds an alternative code sequence to work around ARM
638 erratum 845719 on Cortex-A53 parts up to r0p4.
640 When running a compat (AArch32) userspace on an affected Cortex-A53
646 return to a 32-bit task.
654 bool "Cortex-A53: 843419: A load or store might access an incorrect address"
657 This option links the kernel with '--fix-cortex-a53-843419' and
660 Cortex-A53 parts up to r0p4.
665 bool "Cortex-A55: 1024718: Update of DBM/AP bits without break before make might result in incorrect update"
668 This option adds a workaround for ARM Cortex-A55 Erratum 1024718.
670 Affected Cortex-A55 cores (all revisions) could cause incorrect
672 without a break-before-make. The workaround is to disable the usage
679 bool "Cortex-A76/Neoverse-N1: MRC read following MRRC read of specific Generic Timer in AArch32 might give incorrect result"
683 This option adds a workaround for ARM Cortex-A76/Neoverse-N1
684 errata 1188873 and 1418040.
686 Affected Cortex-A76/Neoverse-N1 cores (r0p0 to r3p1) could
696 bool "Cortex-A76: 1165522: Speculative AT instruction using out-of-context translation regime could cause subsequent request to generate an incorrect translation"
700 This option adds a workaround for ARM Cortex-A76 erratum 1165522.
702 Affected Cortex-A76 cores (r0p0, r1p0, r2p0) could end-up with
709 bool "Cortex-A57/A72: 1319537: Speculative AT instruction using out-of-context translation regime could cause subsequent request to generate an incorrect translation"
713 This option adds work arounds for ARM Cortex-A57 erratum 1319537
714 and A72 erratum 1319367
716 Cortex-A57 and A72 cores could end-up with corrupted TLBs by
722 bool "Cortex-A55: 1530923: Speculative AT instruction using out-of-context translation regime could cause subsequent request to generate an incorrect translation"
726 This option adds a workaround for ARM Cortex-A55 erratum 1530923.
728 Affected Cortex-A55 cores (r0p0, r0p1, r1p0, r2p0) could end-up with
738 bool "Cortex-A55: Completion of affected memory accesses might not be guaranteed by completion of a TLBI (rare)"
741 This option adds a workaround for ARM Cortex-A55 erratum #2441007.
743 Under very rare circumstances, affected Cortex-A55 CPUs
744 may not handle a race between a break-before-make sequence on one
745 CPU, and another CPU accessing the same page. This could allow a
748 Work around this by adding the affected CPUs to the list that needs
754 bool "Cortex-A76: Modification of the translation table for a virtual address might lead to read-after-read ordering violation (rare)"
757 This option adds a workaround for ARM Cortex-A76 erratum 1286807.
759 On the affected Cortex-A76 cores (r0p0 to r3p0), if a virtual
763 break-before-make sequence, then under very rare circumstances
771 bool "Cortex-A76: Software Step might prevent interrupt recognition"
774 This option adds a workaround for Arm Cortex-A76 erratum 1463225.
776 On the affected Cortex-A76 cores (r0p0 to r3p1), software stepping
778 subsequent interrupts when software stepping is disabled in the
779 exception handler of the system call and either kernel debugging
780 is enabled or VHE is in use.
782 Work around the erratum by triggering a dummy step exception
784 in a VHE configuration of the kernel.
789 bool "Neoverse-N1: workaround mis-ordering of instruction fetches (rare)"
791 This option adds a workaround for ARM Neoverse-N1 erratum
794 Affected Neoverse-N1 cores could execute a stale instruction when
799 forces user-space to perform cache maintenance.
804 bool "Cortex-A77: 1508412: workaround deadlock on sequence of NC/Device load and store exclusive or PAR read"
807 This option adds a workaround for Arm Cortex-A77 erratum 1508412.
809 Affected Cortex-A77 cores (r0p0, r1p0) could deadlock on a sequence
810 of a store-exclusive or read of PAR_EL1 and a load with device or
811 non-cacheable memory attributes. The workaround depends on a firmware
817 Work around the issue by inserting DMB SY barriers around PAR_EL1
818 register reads and warning KVM users. The DMB barrier is sufficient
827 bool "Cortex-A510: 2051678: disable Hardware Update of the page table dirty bit"
830 This options adds the workaround for ARM Cortex-A510 erratum ARM64_ERRATUM_2051678.
831 Affected Cortex-A510 might not respect the ordering rules for
838 bool "Cortex-A510: 2077057: workaround software-step corrupting SPSR_EL2"
841 This option adds the workaround for ARM Cortex-A510 erratum 2077057.
842 Affected Cortex-A510 may corrupt SPSR_EL2 when the a step exception is
850 previous guest entry, and can be restored from the in-memory copy.
855 bool "Cortex-A510: 2658417: remove BF16 support due to incorrect result"
858 This option adds the workaround for ARM Cortex-A510 erratum 2658417.
859 Affected Cortex-A510 (r0p0 to r1p1) may produce the wrong result for
860 BFMMLA or VMMLA instructions in rare circumstances when a pair of
863 user-space should not be using these instructions.
868 bool "Cortex-A710/X2: 2119858: workaround TRBE overwriting trace data in FILL mode"
873 This option adds the workaround for ARM Cortex-A710/X2 erratum 2119858.
875 Affected Cortex-A710/X2 cores could overwrite up to 3 cache lines of trace
876 data at the base of the buffer (pointed to by TRBASER_EL1) in FILL mode in
879 Work around the issue by always making sure we move the TRBPTR_EL1 by
880 256 bytes before enabling the buffer and filling the first 256 bytes of
886 bool "Neoverse-N2: 2139208: workaround TRBE overwriting trace data in FILL mode"
891 This option adds the workaround for ARM Neoverse-N2 erratum 2139208.
893 Affected Neoverse-N2 cores could overwrite up to 3 cache lines of trace
894 data at the base of the buffer (pointed to by TRBASER_EL1) in FILL mode in
897 Work around the issue by always making sure we move the TRBPTR_EL1 by
898 256 bytes before enabling the buffer and filling the first 256 bytes of
907 bool "Cortex-A710: 2054223: workaround TSB instruction failing to flush trace"
911 Enable workaround for ARM Cortex-A710 erratum 2054223
914 the PE is in trace prohibited state. This will cause losing a few bytes
922 bool "Neoverse-N2: 2067961: workaround TSB instruction failing to flush trace"
926 Enable workaround for ARM Neoverse-N2 erratum 2067961
929 the PE is in trace prohibited state. This will cause losing a few bytes
940 bool "Neoverse-N2: 2253138: workaround TRBE writing to address out-of-range"
945 This option adds the workaround for ARM Neoverse-N2 erratum 2253138.
947 Affected Neoverse-N2 cores might write to an out-of-range address, not reserved
950 (i.e., the TRBLIMITR_EL1.LIMIT), instead of wrapping around to the base.
952 Work around this in the driver by always making sure that there is a
958 bool "Cortex-A710/X2: 2224489: workaround TRBE writing to address out-of-range"
963 This option adds the workaround for ARM Cortex-A710/X2 erratum 2224489.
965 Affected Cortex-A710/X2 cores might write to an out-of-range address, not reserved
968 (i.e., the TRBLIMITR_EL1.LIMIT), instead of wrapping around to the base.
970 Work around this in the driver by always making sure that there is a
976 bool "Cortex-A510: Completion of affected memory accesses might not be guaranteed by completion of a TLBI (rare)"
979 This option adds a workaround for ARM Cortex-A510 erratum #2441009.
981 Under very rare circumstances, affected Cortex-A510 CPUs
982 may not handle a race between a break-before-make sequence on one
983 CPU, and another CPU accessing the same page. This could allow a
986 Work around this by adding the affected CPUs to the list that needs
992 bool "Cortex-A510: 2064142: workaround TRBE register writes while disabled"
996 This option adds the workaround for ARM Cortex-A510 erratum 2064142.
998 Affected Cortex-A510 core might fail to write into system registers after the
1001 and TRBTRG_EL1 will be ignored and will not be effected.
1003 Work around this in the driver by executing TSB CSYNC and DSB after collection
1004 is stopped and before performing a system register write to one of the affected
1010 bool "Cortex-A510: 2038923: workaround TRBE corruption with enable"
1014 This option adds the workaround for ARM Cortex-A510 erratum 2038923.
1016 Affected Cortex-A510 core might cause an inconsistent view on whether trace is
1020 execution changes from a context, in which trace is prohibited to one where it
1021 isn't, or vice versa. In these mentioned conditions, the view of whether trace
1022 is prohibited is inconsistent between parts of the CPU, and the trace buffer or
1025 Work around this in the driver by preventing an inconsistent view of whether the
1033 bool "Cortex-A510: 1902691: workaround TRBE trace corruption"
1037 This option adds the workaround for ARM Cortex-A510 erratum 1902691.
1039 Affected Cortex-A510 core might cause trace data corruption, when being written
1040 into the memory. Effectively TRBE is broken and hence cannot be used to capture
1043 Work around this problem in the driver by just preventing TRBE initialization on
1051 bool "Cortex-A510: 2457168: workaround for AMEVCNTR01 incrementing incorrectly"
1055 This option adds the workaround for ARM Cortex-A510 erratum 2457168.
1058 as the system counter. On affected Cortex-A510 cores AMEVCNTR01 increments
1061 Work around this problem by returning 0 when reading the affected counter in
1062 key locations that results in disabling all users of this counter. This effect
1068 bool "Cortex-A715: 2645198: Workaround possible [ESR|FAR]_ELx corruption"
1071 This option adds the workaround for ARM Cortex-A715 erratum 2645198.
1073 If a Cortex-A715 cpu sees a page mapping permissions change from executable
1074 to non-executable, it may corrupt the ESR_ELx and FAR_ELx registers on the
1077 Only user-space does executable to non-executable permission transition via
1078 mprotect() system call. Workaround the problem by doing a break-before-make
1087 bool "Cortex-A520: 2966298: workaround for speculatively executed unprivileged load"
1091 This option adds the workaround for ARM Cortex-A520 erratum 2966298.
1093 On an affected Cortex-A520 core, a speculatively executed unprivileged
1096 Work around this problem by executing a TLBI before returning to EL0.
1101 bool "Cortex-A510: 3117295: workaround for speculatively executed unprivileged load"
1105 This option adds the workaround for ARM Cortex-A510 erratum 3117295.
1107 On an affected Cortex-A510 core, a speculatively executed unprivileged
1110 Work around this problem by executing a TLBI before returning to EL0.
1115 bool "Cortex-*/Neoverse-*: workaround for MSR SSBS not self-synchronizing"
1120 * ARM Cortex-A76 erratum 3324349
1121 * ARM Cortex-A77 erratum 3324348
1122 * ARM Cortex-A78 erratum 3324344
1123 * ARM Cortex-A78C erratum 3324346
1124 * ARM Cortex-A78C erratum 3324347
1125 * ARM Cortex-A710 erratam 3324338
1126 * ARM Cortex-A715 errartum 3456084
1127 * ARM Cortex-A720 erratum 3456091
1128 * ARM Cortex-A725 erratum 3456106
1129 * ARM Cortex-X1 erratum 3324344
1130 * ARM Cortex-X1C erratum 3324346
1131 * ARM Cortex-X2 erratum 3324338
1132 * ARM Cortex-X3 erratum 3324335
1133 * ARM Cortex-X4 erratum 3194386
1134 * ARM Cortex-X925 erratum 3324334
1135 * ARM Neoverse-N1 erratum 3324349
1137 * ARM Neoverse-N3 erratum 3456111
1138 * ARM Neoverse-V1 erratum 3324341
1140 * ARM Neoverse-V3 erratum 3312417
1146 Work around this problem by placing a Speculation Barrier (SB) or
1148 SSBS. The presence of the SSBS special-purpose register is hidden
1149 from hwcaps and EL0 reads of ID_AA64PFR1_EL1, such that userspace
1158 Enable workaround for errata 22375 and 24313.
1160 This implements two gicv3-its errata workarounds for ThunderX. Both
1166 The fixes are in ITS initialization and basically ignore memory access
1167 type and table size provided by the TYPER and BASER registers.
1176 ITS SYNC command hang for cross node io and collections/cpu mapping.
1181 bool "Cavium errata 23154 and 38545: GICv3 lacks HW synchronisation"
1186 (access to icc_iar1_el1 is not sync'ed before and after).
1189 OcteonTX and OcteonTX2), resulting in deactivated interrupts being
1200 contains data for a non-current ASID. The fix is to
1206 bool "Cavium erratum 30115: Guest may disable interrupts in host"
1210 1.2, and T83 Pass 1.0, KVM guest execution may disable
1211 interrupts in host. Trapping both GICv3 group-0 and group-1
1217 bool "Cavium ThunderX2 erratum 219: PRFM between TTBR change and ISB fails"
1221 TTBR update and the corresponding context synchronizing operation can
1222 cause a spurious Data Abort to be delivered to any hardware thread in
1225 Work around the issue by avoiding the problematic code sequence and
1228 instruction and ensures context synchronization by virtue of the
1234 bool "Fujitsu-A64FX erratum E#010001: Undefined fault may occur wrongly"
1237 This option adds a workaround for Fujitsu-A64FX erratum E#010001.
1238 On some variants of the Fujitsu-A64FX cores ver(1.0, 1.1), memory
1242 case-1 TTBR0_EL1 with TCR_EL1.NFD0 == 1.
1243 case-2 TTBR0_EL2 with TCR_EL2.NFD0 == 1.
1244 case-3 TTBR1_EL1 with TCR_EL1.NFD1 == 1.
1245 case-4 TTBR1_EL2 with TCR_EL2.NFD1 == 1.
1247 The workaround is to ensure these bits are clear in TCR_ELx.
1248 The workaround only affects the Fujitsu-A64FX.
1257 when issued ITS commands such as VMOVP and VMAPP, and requires
1258 a 128kB offset to be applied to the target address in this commands.
1266 When enabling GICv4.1 in hip09, VMAPP will fail to clear some caches
1277 On Falkor v1, an incorrect ASID may be cached in the TLB when ASID
1278 and BADDR are changed together in TTBRx_EL1. Since we keep the ASID
1279 in TTBR1_EL1, this situation only occurs in the entry trampoline and
1280 then only for entries in the walk cache, since the leaf translation
1281 is unchanged. Work around the erratum by invalidating the walk cache
1319 If CNP is enabled on Carmel cores, non-sharable TLBIs on a core will not
1329 The Rockchip RK3566 and RK3568 GIC600 SoC integrations have AXI
1338 The Rockchip RK3588 GIC600 SoC integration does not support ACE/ACE-lite.
1345 bool "Socionext Synquacer: Workaround for GICv3 pre-ITS"
1349 MSI doorbell writes with non-zero values for the device ID.
1380 allowing only two levels of page tables and faster TLB
1381 look-up. AArch32 emulation requires applications compiled
1392 a combination of page size and virtual address space size.
1395 bool "36-bit" if EXPERT
1399 bool "39-bit"
1403 bool "42-bit"
1407 bool "47-bit"
1411 bool "48-bit"
1414 bool "52-bit"
1416 Enable 52-bit virtual addressing for userspace when explicitly
1417 requested via a hint to mmap(). The kernel will also use 52-bit
1419 this feature is available, otherwise it reverts to 48-bit).
1421 NOTE: Enabling 52-bit virtual addressing in conjunction with
1422 ARMv8.3 Pointer Authentication will result in the PAC being
1424 impact on its susceptibility to brute-force attacks.
1426 If unsure, select 48-bit virtual addressing instead.
1431 bool "Force 52-bit virtual addresses for userspace"
1434 For systems with 52-bit userspace VAs enabled, the kernel will attempt
1435 to maintain compatibility with older software by providing 48-bit VAs
1438 This configuration option disables the 48-bit compatibility logic, and
1439 forces all userspace addresses to be 52-bit on HW that supports it. One
1460 bool "48-bit"
1464 bool "52-bit"
1467 Enable support for a 52-bit physical address space, introduced as
1468 part of the ARMv8.2-LPA extension.
1471 do not support ARMv8.2-LPA, but with some added memory overhead (and
1490 applications will need to be compiled and linked for the endianness
1494 bool "Build big-endian kernel"
1495 # https://github.com/llvm/llvm-project/commit/1379b150991f70a5782e9a143c2ba5308da1161c
1498 Say Y if you plan on running a kernel with a big-endian userspace.
1501 bool "Build little-endian kernel"
1503 Say Y if you plan on running a kernel with a little-endian userspace.
1509 bool "Multi-core scheduler support"
1511 Multi-core scheduler support improves the CPU scheduler's decision
1512 making when dealing with multi-core CPU chips at a cost of slightly
1513 increased overhead in some places. If unsure say N here.
1521 by sharing mid-level caches, last-level cache tags or internal
1528 MultiThreading at a cost of slightly increased overhead in some
1532 int "Maximum number of CPUs (2-4096)"
1537 bool "Support for hot-pluggable CPUs"
1540 Say Y here to experiment with turning CPUs off and on. CPUs
1545 bool "NUMA Memory Allocation and Scheduler Support"
1553 Enable NUMA (Non-Uniform Memory Access) support.
1556 local memory of the CPU and add some more
1581 def_bool $(cc-option, -fsanitize=shadow-call-stack -ffixed-x18)
1595 accounting. Time spent executing other tasks in parallel with
1599 If in doubt, say N here.
1647 Say Y if you want to run Linux in a Virtual Machine on Xen on ARM64.
1653 # so the maximum value of MAX_PAGE_ORDER is SECTION_SIZE_BITS - PAGE_SHIFT:
1656 # ----+-------------------+--------------+----------------------+-------------------------+
1667 contiguous allocations. The limit is called MAX_PAGE_ORDER and it
1681 bool "Unmap kernel when running in userspace (KPTI)" if EXPERT
1684 Speculation attacks against some high-performance processors can
1685 be used to bypass MMU permission checks and leak kernel data to
1687 when running in userspace, mapping it back in on exception entry
1688 via a trampoline page in the vector table.
1696 Speculation attacks against some high-performance processors can
1698 When taking an exception from user-space, a sequence of branches
1705 Apply read-only attributes of VM areas to the linear alias of
1706 the backing pages as well. This prevents code or read-only data
1709 be turned off at runtime by passing rodata=[off|on] (and turned on
1713 which may adversely affect performance in some cases.
1721 user-space memory directly by pointing TTBR0_EL1 to a reserved
1722 zeroed area and reserved ASID. The user access routines
1729 When this option is enabled, user applications can opt in to a
1732 Documentation/arch/arm64/tagged-address-abi.rst.
1735 bool "Kernel support for 32-bit EL0"
1741 This option enables support for a 32-bit EL0 running under a 64-bit
1742 kernel at EL1. AArch32-specific components such as system calls,
1743 the user helper functions, VFP support and the ptrace interface are
1750 If you want to execute 32-bit userspace applications, say Y.
1755 bool "Enable kuser helpers page for 32-bit applications"
1758 Warning: disabling this option may break 32-bit user programs.
1761 helper code to userspace in read only form at a fixed location
1772 If all of the binaries and libraries which run on your platform
1773 are built specifically for your platform, and make no use of
1775 such exploits. However, in that case, if a binary or library
1782 bool "Enable vDSO for 32-bit applications"
1788 Place in the process address space of 32-bit applications an
1790 and clock_gettime.
1792 You must have a 32-bit build of glibc 2.22 or later for programs
1796 bool "Compile the 32-bit vDSO for Thumb-2 mode" if EXPERT
1800 Compile the compat vDSO with '-mthumb -fomit-frame-pointer' if y,
1801 otherwise with '-marm'.
1804 bool "Fix up misaligned multi-word loads and stores in user space"
1811 that have been deprecated or obsoleted in the architecture.
1829 In some older versions of glibc [<=2.8] SWP is used during futex
1846 The CP15 barrier instructions - CP15ISB, CP15DSB, and
1847 CP15DMB - are deprecated in ARMv8 (and ARMv7). It is
1848 strongly recommended to use the ISB, DSB, and DMB
1862 The SETEND instruction alters the data-endianness of the
1863 AArch32 EL0, and is deprecated in ARMv8.
1870 for this feature to be enabled. If a new CPU - which doesn't support mixed
1871 endian - is hotplugged in after this feature has been enabled, there could
1872 be unexpected results in the applications.
1882 bool "Support for hardware updates of the Access and Dirty page flags"
1886 hardware updates of the access and dirty information in page
1887 table entries. When enabled in TCR_EL1 (HA and HD bits) on
1890 Similarly, writes to read-only pages with the DBM bit set will
1891 clear the read-only bit (AP[2]) instead of raising a
1895 to work on pre-ARMv8.1 hardware and the performance impact is
1903 prevents the kernel or hypervisor from accessing user-space (EL0)
1909 The feature is detected at runtime, and will remain as a 'nop'
1921 atomic instructions that are designed specifically to scale in
1924 Say Y here to make use of these instructions for the in-kernel
1940 The feature is detected at runtime, and the kernel will use DC CVAC
1948 CPUs that support the Reliability, Availability and Serviceability
1949 (RAS) Extensions, part of ARMv8.2 are able to track faults and
1950 errors, classify them and report them to software.
1953 barriers to determine if faults are pending and read the
1957 and access the new registers if the system supports the extension.
1965 be shared between different PEs in the same inner shareable
1967 caching of such entries in the TLB.
1970 at runtime, and does not affect PEs that do not implement
1982 instructions for signing and authenticating pointers against secret
1984 and other attacks.
1989 context-switched along with the process.
1991 The feature is detected at runtime. If the feature is not present in
1997 address auth and the late CPU has then the late CPU will still boot
2011 If the compiler supports the -mbranch-protection or
2012 -msign-return-address flag (e.g. GCC 7 or later), then this option
2014 protection. In this case, and if the target hardware is known to
2023 def_bool $(cc-option,-mbranch-protection=pac-ret+leaf)
2027 def_bool $(as-instr,.cfi_startproc\n.cfi_negate_ra_state\n.cfi_endproc\n)
2045 extension. The required support is present in:
2046 * Version 1.5 and later of the ARM Trusted Firmware
2060 ARMv8.4-TLBI provides TLBI invalidation instruction that apply to a
2068 def_bool $(cc-option,-Wa$(comma)-march=armv8.5-a)
2105 and enable enforcement of this for kernel code. When this option
2106 is enabled and the system supports BTI all kernel code including
2111 def_bool $(cc-option,-mbranch-protection=pac-ret+leaf+bti)
2118 that EL0 accesses made via TTBR1 always fault in constant time,
2120 with lower overhead and without disrupting legitimate access to
2126 # Initial support for MTE went in binutils 2.32.0, checked with
2127 # ".arch armv8.5-a+memtag" below. However, this was incomplete
2129 # is only supported in the newer 2.32.x and 2.33 binutils
2131 def_bool $(as-instr,.arch armv8.5-a+memtag\nstgm xzr$(comma)[x0])
2138 # Required for tag checking in the uaccess routines
2146 architectural support for run-time, always-on detection of
2148 to eliminate vulnerabilities arising from memory-unsafe
2156 not be allowed a late bring-up.
2159 explicitly opt in. The mechanism for the userspace is
2160 described in:
2162 Documentation/arch/arm64/memory-tagging-extension.rst.
2174 Access Never to be used with Execute-only mappings.
2176 The feature is detected at runtime, and will remain disabled
2181 def_bool $(as-instr,.arch_extension mops)
2193 enforcing page-based protections, but without requiring modification
2196 For details, see Documentation/core-api/protection-keys.rst
2211 memory access will update the Access Flag in each Table descriptor
2212 which is accessed during the translation table walk and for which
2216 The feature will only be enabled if all the CPUs in the system
2234 stored in the GCS, and may also be used to efficiently obtain
2237 The feature is detected at runtime, and will remain disabled
2247 execution state which complements and extends the SIMD functionality
2248 of the base architecture to support much larger vectors and to enable
2258 is present in:
2260 * version 1.5 and later of the ARM Trusted Firmware
2262 ("bootwrapper: SVE: Enable SVE for EL2 and below").
2267 If you need the kernel to boot on SVE-capable hardware with broken
2270 booting the kernel. If unsure and you are not observing these
2285 bool "Support for NMI-like interrupts"
2288 Adds support for mimicking Non-Maskable Interrupts through the use of
2331 random u64 value in /chosen/kaslr-seed at kernel entry.
2335 to the kernel proper. In addition, it will randomise the physical
2348 but it does imply that function calls between modules and the core
2349 kernel will need to be resolved via veneers in the module PLT.
2353 core kernel, so branch relocations are almost always in range unless
2354 the region is exhausted. In this particular case of region
2358 def_bool $(cc-option,-mstack-protector-guard=sysreg -mstack-protector-guard-reg=sp_el0 -mstack-protector-guard-offset=0)
2366 # needs Clang with https://github.com/llvm/llvm-project/commit/de07cde67b5d205d58690be012106022aea6d2b3 incorporated
2379 bit, for any mappings that meet the size and alignment requirements.
2380 This reduces TLB pressure and improves performance.
2392 protocol even if the corresponding data is present in the ACPI
2399 Provide a set of default command-line options at build time by
2414 Uses the command-line options passed by the boot loader. If
2416 string provided in CMDLINE will be used.
2424 command-line options your boot loader passes to the kernel.
2446 by UEFI firmware (such as non-volatile variables, realtime
2447 clock, and platform reset). A UEFI stub is also provided to
2458 "make zinstall" first, and verifying that everything is fine
2459 in your environment before making "make install" do this for
2471 continue to boot on existing non-UEFI platforms.