The only we support cores that don't have CMOV insns are the MINUTEIAs,
so we simply check for that rather this using a layer of indirection.
Signed-off-by: Charles E. Youse <charles.youse@intel.com>
This option is set iff CONFIG_X86 is set, thus it provides no useful
information. Remove the option and replace references with CONFIG_X86.
Signed-off-by: Charles E. Youse <charles.youse@intel.com>
A basic display driver is added for a generic 32-bpp framebuffer.
Glue logic is added to the x86 arch to request the intitialization
of a linear framebuffer by the Multiboot loader (GRUB) and connect
it to this generic driver.
Signed-off-by: Charles E. Youse <charles.youse@intel.com>
When booting using GRUB, some useful information about the environment
is given to us via a boot information structure. We've not made any
use of this information so far, but the x86 framebuffer driver will.
A skeletal definition of the structure is given, and provisions are
made to preserve its contents at boot if the configuration requires it.
Signed-off-by: Charles E. Youse <charles.youse@intel.com>
The only use of the BOOTLOADER_UNKNOWN config option is on x86, where
it controls whether a multiboot header is embedded in the output.
This patch renames the option to be more descriptive, and makes it
an x86-specific option, rather than a Zephyr top-level option.
This also enables X86_MULTIBOOT by default, since the header only
occupies 12-16 bytes of memory and is (almost always) harmless.
Signed-off-by: Charles E. Youse <charles.youse@intel.com>
Architecture defconfigs are not used anymore and are stale. Remove them
to avoid confusion.
Related to #14442
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Speculative execution side channel attacks can read the
entire FPU/SIMD register state on affected Intel Core
processors, see CVE-2018-3665.
We now have two options for managing floating point
context between threads on x86: CONFIG_EAGER_FP_SHARING
and CONFIG_LAZY_FP_SHARING.
The mitigation is to unconditionally save/restore these
registers on context switch, instead of the lazy sharing
algorithm used by CONFIG_LAZY_FP_SHARING.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
We introduce hidden Kconfigs for all speculative
side channel attacks that we plan to address in the
kernel and update the existing ones to indicate their
CVEs.
This list keeps growing, so introduce a new config
CONFIG_X86_NO_SPECULATIVE_VULNERABILITIES, for CPUs
which don't speculatively execute, or are otherwise
immune by design.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
The SOC code can set whether it's known that the CPU
is immune, don't default to turning this off.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
PAE tables introduce the NX bit which is very desirable
from a security perspetive, back in 1995.
PAE tables are larger, but we are not targeting x86 memory
protection for RAM constrained devices.
Remove the old style 32-bit tables to make the x86 port
easier to maintain.
Renamed some verbosely named data structures, and fixed
incorrect number of entries for the page directory
pointer table.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This commit exposes k_mem_partition_attr_t outside User Mode, so
we can use struct k_mem_partition for defining memory partitions
outside the scope of user space (for example, to describe thread
stack guards or no-cacheable MPU regions). A requirement is that
the Zephyr build supports Memory protection. To signify this, a
new hidden, all-architecture Kconfig symbol is defined (MPU). In
the wake of exposing k_mem_partition_attr_t, the commit exposes
the MPU architecture-specific access permission attribute macros
outside the User space context (for all ARCHs), so they can be
used in a more generic way.
Signed-off-by: Ioannis Glaropoulos <Ioannis.Glaropoulos@nordicsemi.no>
If dynamic interrupts are enabled, a set of trampoline stubs
are generated which transfer control to a common dynamic
interrupt handler function, which then looks up the proper
handler and parameter and then executes the interrupt.
Based on the prior x86 dynamic interrupt implementation which
was removed from the kernel some time ago, and adapted to
changes in the common interrupt handling code, build system,
and IDT generation tools.
An alternative approach could be to read the currently executing
vector out of the APIC, but this is a much slower operation.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Rather than do that for each architecture, source SoC Kconfigs where the
code is maintained, under ZEPHYR_BASE/soc.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Move the SoC outside of the architecture tree and put them at the same
level as boards and architectures allowing both SoCs and boards to be
maintained outside the tree.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
Consistently use
config FOO
bool/int/hex/string "Prompt text"
instead of
config FOO
bool/int/hex/string
prompt "Prompt text"
(...and a bunch of other variations that e.g. swapped the order of the
type and the 'prompt', or put other properties between them).
The shorthand is fully equivalent to using 'prompt'. It saves lines and
avoids tricking people into thinking there is some semantic difference.
Most of the grunt work was done by a modified version of
https://unix.stackexchange.com/questions/26284/how-can-i-use-sed-to-replace-a-multi-line-string/26290#26290, but some
of the rarer variations had to be converted manually.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
A design flaw of 'gsource' is that there's no way to require at least
one file to match the glob pattern. This could lead to silent errors.
Switch to a new design, where a plain 'source' is globbing and requires
at least one file to match. A separate 'osource' (optional source)
statement is available for cases where it's okay for a pattern (or plain
filename) to not match any files.
'orsource' combines 'osource' and 'rsource' (relative source).
This commit search-replaces 'gsource' with 'source', but backwards
compatibility with 'gsource' is still maintained by making it an alias
for 'osource' (and by making 'grsource' an alias for 'orsource').
The three Kconfig files arch/{nios2,posix,xtensa}/Kconfig source
arch/{nios2,posix,xtensa}/soc/*/Kconfig, which doesn't match any files.
Use 'osource' for those. The soc/*/Kconfig files seem to be for
additional SoC-specific symbols, only none exist yet on those ARCHes.
Also use 'osource' for the source of $ENV_VAR_BOARD_DIR/Kconfig in
boards/Kconfig, which doesn't exist for all boards.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Up until now, Zephyr has patched Kconfig to use the last 'default' with
a satisfied condition, instead of the first one. I'm not sure why the
patch was added (it predates Kconfiglib), but I suspect it's related to
Kconfig.defconfig files.
There are at least three problems with the patch:
1. It's inconsistent with how Kconfig works in other projects, which
might confuse newcomers.
2. Due to oversights, earlier 'range' properties are still preferred,
as well as earlier 'default' properties on choices.
In addition to being inconsistent, this makes it impossible to
override 'range' properties and choice 'default' properties if the
base definition of the symbol/choice already has 'range'/'default'
properties.
I've seen errors caused by the inconsistency, and I suspect there
are more.
3. A fork of Kconfiglib that adds the patch needs to be maintained.
Get rid of the patch and go back to standard Kconfig behavior, as
follows:
1. Include the Kconfig.defconfig files first instead of last in
Kconfig.zephyr.
2. Include boards/Kconfig and arch/<arch>/Kconfig first instead of
last in arch/Kconfig.
3. Include arch/<arch>/soc/*/Kconfig first instead of last in
arch/<arch>/Kconfig.
4. Swap a few other 'source's to preserve behavior for some scattered
symbols with multiple definitions.
Swap 'source's in some no-op cases too, where it might match the
intent.
5. Reverse the defaults on symbol definitions that have more than one
default.
Skip defaults that are mutually exclusive, e.g. where each default
has an 'if <some board>' condition. They are already safe.
6. Remove the prefer-later-defaults patch from Kconfiglib.
Testing was done with a Python script that lists all Kconfig
symbols/choices with multiple defaults, along with a whitelist of fixed
symbols. The script also verifies that there are no "unreachable"
defaults hidden by defaults without conditions
As an additional test, zephyr/.config was generated before and after the
change for several samples and checked to be identical (after sorting).
This commit includes some default-related cleanups as well:
- Simplify some symbol definitions, e.g. where a default has 'if FOO'
when the symbol already has 'depends on FOO'.
- Remove some redundant 'default ""' for string symbols. This is the
implicit default.
Piggyback fixes for swapped ranges on BT_L2CAP_RX_MTU and
BT_L2CAP_TX_MTU (caused by confusing inconsistency).
Piggyback some fixes for style nits too, e.g. unindented help texts.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
- Remove redundant 'n' defaults. 'n' is the default value for bool
symbols.
This makes the auto-generated documentation clearer as well: You get
"implicitly defaults to n" instead of
"- n if <propagated dependencies>".
- Shorten
<type>
prompt "foo"
to
<type> "foo"
This works for all types, not just bool.
- Various formatting nits.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
This adds the SoC configuration for Apollo Lake. This is based
on the Atom configuration.
Origin: Original
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
With Zephyr's prefer-later-defaults behavior, the default value of
CACHE_LINE_SIZE was always 0, because 'default 0' acts like
'default 0 if y'.
Change the code to what was probably the intention (default to 0 unless
CPU_ATOM).
It looks like CACHE_LINE_SIZE is never used in the code when
CACHE_LINE_SIZE_DETECT is on, so maybe things could be simplified
further.
Piggy-back some prompt style consistency cleanups.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Bool symbols implicitly default to 'n'.
A 'default n' can make sense e.g. in a Kconfig.defconfig file, if you
want to override a 'default y' on the base definition of the symbol. It
isn't used like that on any of these symbols though.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
In order to mitigate against Spectre V4, add an option that will, at
boot time, verify if the CPU supports the SPEC_CTRL MSR; if so, it'll
attempt to disable the feature.
More information can be found in chapter 4 (Speculative Store Bypass
Mitigation) of the "Speculative Execution Side Channel Mitigations"
document, version 2, published by Intel: https://goo.gl/nocTcj
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
Until now, Zephyr has used a patched Kconfiglib that turns 'source' into
a globbing source (by replacing 'source' with 'gsource' at the token
level). There's two problems with this:
- The patch needs to be maintained separately
- Misspelled filenames are silently ignored, as they look like glob
patterns that don't match anything
Fix it as follows:
1. Replace all 'source' statements that use wildcards with 'gsource'
2. Remove the custom Kconfiglib patch so that 'source' no longer globs
The sed pattern '/source.*[*?]/s/source/gsource/' was run over all
Kconfig* files to do the replacement.
source's that use environment variables that might contain glob patterns
were manually changed to gsource.
Building the docs in doc/ is a good test, as doc/Makefile deliberately
sets the environment variables to glob up as many Kconfig files as
possible.
Signed-off-by: Ulf Magnusson <ulfalizer@gmail.com>
In order to mitigate Spectre variant 2 (branch target injection), use
retpolines for indirect jumps and calls.
The newly-added hidden CONFIG_X86_NO_SPECTRE flag, which is disabled
by default, must be set by a x86 SoC if its CPU performs speculative
execution. Most targets supported by Zephyr do not, so this is
set to "y" by default.
A new setting, CONFIG_RETPOLINE, has been added to the "Security
Options" sections, and that will be enabled by default if
CONFIG_X86_NO_SPECTRE is disabled.
Signed-off-by: Leandro Pereira <leandro.pereira@intel.com>
A fix for this issue is in progress, meanwhile warn the user that
they may be susceptible to this problem if they enable user mode on
an x86-based target that is not known to be immune.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This is intended for memory-constrained systems and will save
4K per thread, since we will no longer reserve room for or
activate a kernel stack guard page.
If CONFIG_USERSPACE is enabled, stack overflows will still be
caught in some situations:
1) User mode threads overflowing stack, since it crashes into the
kernel stack page
2) Supervisor mode threads overflowing stack, since the kernel
stack page is marked non-present for non-user threads
Stack overflows will not be caught:
1) When handling a system call
2) When the interrupt stack overflows
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Page Address Extension(PAE) page tables would be used
if this option is enabled.
JIRA:ZEP-2511
Signed-off-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
- _arch_user_mode_enter() implemented
- _arch_is_user_context() implemented
- _new_thread() will honor K_USER option if passed in
- System call triggering macros implemented
- _thread_entry_wrapper moved and now looks for the next function to
call in EDI
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
We now create a special IA hardware task for handling
double faults. This has a known good stack so that if
the kernel tries to push stack data onto an unmapped page,
we don't triple-fault and reset the system.
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
This enables the MMU-based stack protection feature,
which will cause a fatal error if a thread overflows
its stack in kernel mode, at a nontrivial cost in memory
(4K per thread).
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Kconfig definition for enabling the memory management Unit
on x86 based platforms.
JIRA: ZEP-2093
Signed-off-by: Adithya Baglody <adithya.nagaraj.baglody@intel.com>
We reserve a specific vector in the IDT to trigger when we want to
enter a fatal exception state from software.
Disabled for drivers/build_all tests as we were up to the ROM limit
on Quark D2000.
Issue: ZEP-843
Change-Id: I4de7f025fba0691d07bcc3b3f0925973834496a0
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Replace the existing Apache 2.0 boilerplate header with an SPDX tag
throughout the zephyr code tree. This patch was generated via a
script run over the master branch.
Also updated doc/porting/application.rst that had a dependency on
line numbers in a literal include.
Manually updated subsys/logging/sys_log.c that had a malformed
header in the original file. Also cleanup several cases that already
had a SPDX tag and we either got a duplicate or missed updating.
Jira: ZEP-1457
Change-Id: I6131a1d4ee0e58f5b938300c2d2fc77d2e69572c
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Updates x86 floating point support to reflect changes that have
been made in recent months.
* Many, many, many cosmetic changes (mostly revisions to comments).
* Elimination of unnecessary function aliases that were needed
to support the task and fiber versions of certain APIs.
* Elimination of run-time code to enable a thread's "FP regs"
option bit if the "SSE regs" option bit was set. The kernel
now recognizes that the thread is using the FPU as long as
either option bit is set. (If the thread has both option bits
enabled this is the same as if only the "SSE regs" bit is set.)
Change-Id: Ic12abc54b6fa78921749b546d8debf23e7ad232d
Signed-off-by: Allan Stephens <allan.stephens@windriver.com>
Originally, x86 just supported APIC. Then later support
for the Mint Valley Interrupt Controller was added. This
controller is mostly similar to the APIC with some differences,
but was integrated in a somewhat hacked-up fashion.
Now we define irq_controller.h, which is a layer of abstraction
between the core arch code and the interrupt controller
implementation.
Contents of the API:
- Controllers with a fixed irq-to-vector mapping define
_IRQ_CONTROLLER_VECTOR_MAPPING(irq) to obtain a compile-time
map between the two.
- _irq_controller_program() notifies the interrupt controller
what vector will be used for a particular IRQ along with triggering
flags
- _irq_controller_isr_vector_get() reports the vector number of
the IRQ currently being serviced
- In assembly language domain, _irq_controller_eoi implements
EOI handling.
- Since triggering options can vary, some common defines for
triggering IRQ_TRIGGER_EDGE, IRQ_TRIGGER_LEVEL, IRQ_POLARITY_HIGH,
IRQ_POLARITY_LOW introduced.
Specific changes made:
- New Kconfig X86_FIXED_IRQ_MAPPING for those interrupt controllers
that have a fixed relationship between IRQ lines and IDT vectors.
- MVIC driver rewritten per the HAS instead of the tortuous methods
used to get it to behave like LOAPIC. We are no longer writing values
to reserved registers. Additional assertions added.
- Some cleanup in the loapic_timer driver to make the MVIC differences
clearer.
- Unused APIs removed, or folded into calling code when used just once.
- MVIC doesn't bother to write a -1 to the intList priority field since
it gets ignored anyway
Issue: ZEP-48
Change-Id: I071a477ea68c36e00c3d0653ce74b3583454154d
Signed-off-by: Andrew Boie <andrew.p.boie@intel.com>
Completing the terminology change started with change 4008
by updating the Kconfig files processed to produce the
online documentation, plus header files processed by
doxygen. References to 'platform' are change to 'board'
Change-Id: Id0ed3dc1439a0ea0a4bd19d4904889cf79bec33e
Jira: ZEP-534
Signed-off-by: David B. Kinder <david.b.kinder@intel.com>
Convert leading whitespace into tabs in Kconfig files. Also replaced
double spaces between config and <prompt>.
Change-Id: I341c718ecf4143529b477c239bbde88e18f37062
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
There are two major issues with the kconfig:
() Some of the config options have incorrect dependencies inside help
under menuconfig. For example, CONFIG_GPIO depends on BOARD_GALILEO.
() Since the SoC and board specific kconfig files are parsed first,
the help screen would say, for example, CONFIG_SPI is defined at
arch/arm/soc/fsl_frdm_k64f/Kconfig. This is incorrect because
the actual config is defined in drivers/spi/Kconfig.
These cause great confusion to users of menuconfig/xconfig.
To fix these, the SoC and board defaults are now to be parsed last.
Note that the position swapping of defaults in this patch is due to
the fact the the default parsed last will be used.
And, spi_test is broken due to the fact that it requires
CONFIG_SPI_INTEL_PORT_1, but never enables it anywhere. This is
bypassed for now.
Origin: refactored and edited from existing files
Change-Id: I2a4b1ae5be4d27e68c960aa47d91ef350f2d500f
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Changed names of Kconfig flags, variables, functions, files and
return codes consistent with names used in the RFC. Updated
relevant comments to match the changes.
Origin: Original
Change-Id: Ie7941032d7ad7af61fc02928f74538745e7966e8
Signed-off-by: Ramesh Thomas <ramesh.thomas@intel.com>
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
The SoC selections for each architecture are moved to the top level
in menuconfig and xconfig. This makes it more intuitive to select
architecture -> SoC -> then board, avoiding an additional trip to
go into the architecture menu to select SoC.
Change-Id: I57a78a09adfc4bb12423915b6ad14ceb74381a2b
Signed-off-by: Daniel Leung <daniel.leung@intel.com>
Charles E. Youse