373 lines
11 KiB
Plaintext
373 lines
11 KiB
Plaintext
# Kconfig - x86 general configuration options
|
|
|
|
#
|
|
# Copyright (c) 2014-2015 Wind River Systems, Inc.
|
|
#
|
|
# SPDX-License-Identifier: Apache-2.0
|
|
#
|
|
menu "X86 Architecture Options"
|
|
depends on X86
|
|
|
|
config ARCH
|
|
default "x86"
|
|
|
|
config X86_MULTIBOOT
|
|
bool "Generate multiboot header"
|
|
default y
|
|
help
|
|
Embed a multiboot header in the output executable. This is used
|
|
by some boot loaders (e.g., GRUB) when loading Zephyr. It is safe
|
|
to leave this option on if you're not sure. It only expands the
|
|
text segment by 12-16 bytes and is typically ignored if not needed.
|
|
|
|
|
|
source "arch/x86/core/Kconfig"
|
|
|
|
#
|
|
# Hidden CPU family configs which are to be selected by
|
|
# individual SoC.
|
|
#
|
|
config CPU_ATOM
|
|
# Hidden
|
|
bool
|
|
select CMOV
|
|
select CPU_HAS_FPU
|
|
select ARCH_HAS_STACK_PROTECTION if X86_MMU
|
|
select ARCH_HAS_USERSPACE if X86_MMU
|
|
help
|
|
This option signifies the use of a CPU from the Atom family.
|
|
|
|
config CPU_MINUTEIA
|
|
# Hidden
|
|
select ARCH_HAS_STACK_PROTECTION if X86_MMU
|
|
select ARCH_HAS_USERSPACE if X86_MMU
|
|
bool
|
|
help
|
|
This option signifies the use of a CPU from the Minute IA family.
|
|
|
|
config CPU_APOLLO_LAKE
|
|
# Hidden
|
|
bool
|
|
select CMOV
|
|
select CPU_HAS_FPU
|
|
select ARCH_HAS_STACK_PROTECTION if X86_MMU
|
|
select ARCH_HAS_USERSPACE if X86_MMU
|
|
help
|
|
This option signifies the use of a CPU from the Apollo Lake family.
|
|
|
|
menu "Processor Capabilities"
|
|
|
|
config X86_IAMCU
|
|
bool "IAMCU calling convention"
|
|
help
|
|
The IAMCU calling convention changes the X86 C calling convention to
|
|
pass some arguments via registers allowing for code size and performance
|
|
improvements. Great care needs to be taken if you have assembly code
|
|
that will be called from C or C code called from assembly code, the
|
|
assembly code will need to be updated to conform to the new calling
|
|
convention. If in doubt say N
|
|
|
|
config X86_MMU
|
|
bool "Enable Memory Management Unit"
|
|
select MEMORY_PROTECTION
|
|
help
|
|
This options enables the memory management unit present in x86
|
|
and creates a set of page tables at build time. Requires an MMU
|
|
which supports PAE page tables.
|
|
|
|
config X86_NO_MELTDOWN
|
|
bool
|
|
help
|
|
This hidden option should be set on a per-SOC basis to indicate that
|
|
a particular SOC is not vulnerable to the Meltdown CPU vulnerability,
|
|
as described in CVE-2017-5754.
|
|
|
|
config X86_NO_SPECTRE_V1
|
|
bool
|
|
help
|
|
This hidden option should be set on a per-SOC basis to indicate that
|
|
a particular SOC is not vulnerable to the Spectre V1, V1.1, and V1.2
|
|
CPU vulnerabilities as described in CVE-2017-5753 and CVE-2018-3693.
|
|
|
|
config X86_NO_SPECTRE_V2
|
|
bool
|
|
help
|
|
This hidden option should be set on a per-SOC basis to indicate that
|
|
a particular SOC is not vulnerable to the Spectre V2 CPU
|
|
vulnerability, as described in CVE-2017-5715.
|
|
|
|
config X86_NO_SPECTRE_V4
|
|
bool
|
|
help
|
|
This hidden option should be set on a per-SOC basis to indicate that
|
|
a particular SOC is not vulnerable to the Spectre V4 CPU
|
|
vulnerability, as described in CVE-2018-3639.
|
|
|
|
config X86_NO_LAZY_FP
|
|
bool
|
|
help
|
|
This hidden option should be set on a per-SOC basis to indicate
|
|
that a particular SOC is not vulnerable to the Lazy FP CPU
|
|
vulnerability, as described in CVE-2018-3665.
|
|
|
|
config X86_NO_SPECULATIVE_VULNERABILITIES
|
|
bool
|
|
select X86_NO_MELTDOWN
|
|
select X86_NO_SPECTRE_V1
|
|
select X86_NO_SPECTRE_V2
|
|
select X86_NO_SPECTRE_V4
|
|
select X86_NO_LAZY_FP
|
|
help
|
|
This hidden option should be set on a per-SOC basis to indicate that
|
|
a particular SOC does not perform any kind of speculative execution,
|
|
or is a newer chip which is immune to the class of vulnerabilities
|
|
which exploit speculative execution side channel attacks.
|
|
|
|
config X86_ENABLE_TSS
|
|
bool
|
|
help
|
|
This hidden option enables defining a Task State Segment (TSS) for
|
|
kernel execution. This is needed to handle double-faults or
|
|
do privilege elevation. It also defines a special TSS and handler
|
|
for correctly handling double-fault exceptions, instead of just
|
|
letting the system triple-fault and reset.
|
|
|
|
config X86_STACK_PROTECTION
|
|
bool
|
|
default y if HW_STACK_PROTECTION
|
|
select SET_GDT
|
|
select GDT_DYNAMIC
|
|
select X86_ENABLE_TSS
|
|
help
|
|
This option leverages the MMU to cause a system fatal error if the
|
|
bounds of the current process stack are overflowed. This is done
|
|
by preceding all stack areas with a 4K guard page.
|
|
|
|
config X86_USERSPACE
|
|
bool
|
|
default y if USERSPACE
|
|
select THREAD_STACK_INFO
|
|
select SET_GDT
|
|
select GDT_DYNAMIC
|
|
select X86_ENABLE_TSS
|
|
help
|
|
This option enables APIs to drop a thread's privileges down to ring 3,
|
|
supporting user-level threads that are protected from each other and
|
|
from crashing the kernel.
|
|
|
|
config X86_KPTI
|
|
bool "Enable kernel page table isolation"
|
|
default y
|
|
depends on USERSPACE
|
|
depends on !X86_NO_MELTDOWN
|
|
help
|
|
Implements kernel page table isolation to mitigate Meltdown exploits
|
|
to read Kernel RAM. Incurs a significant performance cost for
|
|
user thread interrupts and system calls, and significant footprint
|
|
increase for additional page tables and trampoline stacks.
|
|
|
|
menu "Architecture Floating Point Options"
|
|
depends on CPU_HAS_FPU
|
|
|
|
config SSE
|
|
bool "SSE registers"
|
|
depends on FLOAT
|
|
help
|
|
This option enables the use of SSE registers by threads.
|
|
|
|
config SSE_FP_MATH
|
|
bool "Compiler-generated SSEx instructions"
|
|
depends on SSE
|
|
help
|
|
This option allows the compiler to generate SSEx instructions for
|
|
performing floating point math. This can greatly improve performance
|
|
when exactly the same operations are to be performed on multiple
|
|
data objects; however, it can also significantly reduce performance
|
|
when preemptive task switches occur because of the larger register
|
|
set that must be saved and restored.
|
|
|
|
Disabling this option means that the compiler utilizes only the
|
|
x87 instruction set for floating point operations.
|
|
|
|
config EAGER_FP_SHARING
|
|
bool
|
|
depends on FLOAT
|
|
depends on USERSPACE
|
|
default y if !X86_NO_LAZY_FP
|
|
help
|
|
This hidden option unconditionally saves/restores the FPU/SIMD
|
|
register state on every context switch.
|
|
|
|
Mitigates CVE-2018-3665, but incurs a performance hit.
|
|
|
|
For vulnerable systems that process sensitive information in the
|
|
FPU register set, should be used any time CONFIG_FLOAT is
|
|
enabled, regardless if the FPU is used by one thread or multiple.
|
|
|
|
config LAZY_FP_SHARING
|
|
bool
|
|
depends on FLOAT
|
|
depends on !EAGER_FP_SHARING
|
|
depends on FP_SHARING
|
|
default y if X86_NO_LAZY_FP || !USERSPACE
|
|
help
|
|
This hidden option allows multiple threads to use the floating point
|
|
registers, using logic to lazily save/restore the floating point
|
|
register state on context switch.
|
|
|
|
On Intel Core procesors, may be vulnerable to exploits which allows
|
|
malware to read the contents of all floating point registers, see
|
|
CVE-2018-3665.
|
|
|
|
endmenu
|
|
|
|
choice
|
|
prompt "Reboot implementation"
|
|
depends on REBOOT
|
|
default REBOOT_RST_CNT
|
|
|
|
config REBOOT_RST_CNT
|
|
bool "Reboot via RST_CNT register"
|
|
help
|
|
Reboot via the RST_CNT register, going back to BIOS.
|
|
|
|
endchoice
|
|
|
|
|
|
config ISA_IA32
|
|
bool
|
|
default y
|
|
help
|
|
This option signifies the use of a CPU based on the Intel IA-32
|
|
instruction set architecture.
|
|
|
|
config IA32_LEGACY_IO_PORTS
|
|
bool "Support IA32 legacy IO ports"
|
|
depends on ISA_IA32
|
|
help
|
|
This option enables IA32 legacy IO ports. Note these are much slower
|
|
than memory access, so they should be used in last resort.
|
|
|
|
config CMOV
|
|
bool
|
|
help
|
|
This option signifies the use of an Intel CPU that supports
|
|
the CMOV instruction.
|
|
|
|
config CACHE_LINE_SIZE_DETECT
|
|
bool "Detect cache line size at runtime"
|
|
default y
|
|
help
|
|
This option enables querying the CPUID register for finding the cache line
|
|
size at the expense of taking more memory and code and a slightly increased
|
|
boot time.
|
|
|
|
If the CPU's cache line size is known in advance, disable this option and
|
|
manually enter the value for CACHE_LINE_SIZE.
|
|
|
|
config CACHE_LINE_SIZE
|
|
int "Cache line size" if !CACHE_LINE_SIZE_DETECT
|
|
default 64 if CPU_ATOM
|
|
default 0
|
|
help
|
|
Size in bytes of a CPU cache line.
|
|
|
|
Detect automatically at runtime by selecting CACHE_LINE_SIZE_DETECT.
|
|
|
|
config CLFLUSH_INSTRUCTION_SUPPORTED
|
|
bool "CLFLUSH instruction supported"
|
|
depends on !CLFLUSH_DETECT && CACHE_FLUSHING
|
|
help
|
|
An implementation of sys_cache_flush() that uses CLFLUSH is made
|
|
available, instead of the one using WBINVD.
|
|
|
|
This option should only be enabled if it is known in advance that the
|
|
CPU supports the CLFLUSH instruction. It disables runtime detection of
|
|
CLFLUSH support thereby reducing both memory footprint and boot time.
|
|
|
|
config CLFLUSH_DETECT
|
|
bool "Detect support of CLFLUSH instruction at runtime"
|
|
depends on CACHE_FLUSHING
|
|
help
|
|
This option should be enabled if it is not known in advance whether the
|
|
CPU supports the CLFLUSH instruction or not.
|
|
|
|
The CPU is queried at boot time to determine which of the multiple
|
|
implementations of sys_cache_flush() linked into the image is the
|
|
correct one to use.
|
|
|
|
If the CPU's support (or lack thereof) of CLFLUSH is known in advance, then
|
|
disable this option and set CLFLUSH_INSTRUCTION_SUPPORTED as appropriate.
|
|
|
|
config ARCH_CACHE_FLUSH_DETECT
|
|
bool
|
|
default y
|
|
depends on CLFLUSH_DETECT
|
|
|
|
config CACHE_FLUSHING
|
|
bool "Enable cache flushing mechanism"
|
|
help
|
|
This links in the sys_cache_flush() function. A mechanism for flushing the
|
|
cache must be selected as well. By default, that mechanism is discovered at
|
|
runtime.
|
|
|
|
config PIC_DISABLE
|
|
bool "Disable PIC"
|
|
help
|
|
This option disables all interrupts on the PIC
|
|
|
|
|
|
config X86_KERNEL_OOPS
|
|
bool "Enable handling of kernel oops as an exception"
|
|
default y
|
|
help
|
|
Enable handling of k_oops() API as a CPU exception, which will provide
|
|
extra debugging information such as program counter and register
|
|
values when the oops is triggered. Requires an entry in the IDT.
|
|
|
|
config X86_KERNEL_OOPS_VECTOR
|
|
int "IDT vector to use for kernel oops"
|
|
default 62 if MVIC
|
|
default 33 if !MVIC
|
|
range 32 255
|
|
depends on X86_KERNEL_OOPS
|
|
help
|
|
Specify the IDT vector to use for the kernel oops exception handler.
|
|
The default should be fine for most arches, but on systems like MVIC
|
|
where there is a fixed IRQ-to-vector mapping another value may be
|
|
needed to avoid collision.
|
|
|
|
config IRQ_OFFLOAD_VECTOR
|
|
int "IDT vector to use for IRQ offload"
|
|
default 63 if MVIC
|
|
default 32 if !MVIC
|
|
range 32 255
|
|
depends on IRQ_OFFLOAD
|
|
help
|
|
Specify the IDT vector to use for the IRQ offload interrupt handler.
|
|
The default should be fine for most arches, but on systems like MVIC
|
|
where there is a fixed IRQ-to-vector mapping another value may be
|
|
needed to avoid collision.
|
|
|
|
config X86_DYNAMIC_IRQ_STUBS
|
|
int "Number of dynamic interrupt stubs"
|
|
depends on DYNAMIC_INTERRUPTS
|
|
default 4
|
|
help
|
|
Installing interrupt handlers with irq_connect_dynamic() requires
|
|
some stub code to be generated at build time, one stub per dynamic
|
|
interrupt.
|
|
|
|
config XIP
|
|
default n
|
|
|
|
config X86_FIXED_IRQ_MAPPING
|
|
bool
|
|
help
|
|
Specify whether the current interrupt controller in use has a fixed
|
|
mapping between IDT vectors and IRQ lines.
|
|
|
|
endmenu
|
|
|
|
endmenu
|