Boot Linux faster!

Check our new training course

Boot Linux faster!

Check our new training course
and Creative Commons CC-BY-SA
lecture and lab materials

Bootlin logo

Elixir Cross Referencer

# Kconfig - x86 core configuration options

#
# Copyright (c) 2014-2015 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#

config NESTED_INTERRUPTS
	bool "Enable nested interrupts"
	default y
	help
	  This option enables support for nested interrupts.

config EXCEPTION_DEBUG
	bool "Unhandled exception debugging"
	default y
	depends on PRINTK
	help
	  Install handlers for various CPU exception/trap vectors to
	  make debugging them easier, at a small expense in code size.
	  This prints out the specific exception vector and any associated
	  error codes.

menu "Memory Layout Options"

config IDT_NUM_VECTORS
	int "Number of IDT vectors"
	default 256
	range 32 256
	help
	  This option specifies the number of interrupt vector entries in the
	  Interrupt Descriptor Table (IDT). By default all 256 vectors are
	  supported in an IDT requiring 2048 bytes of memory.

config MAX_IRQ_LINES
	int "Number of IRQ lines"
	default 128
	range 0 256
	help
	  This option specifies the number of IRQ lines in the system.
	  It can be tuned to save some bytes in ROM, as it determines the
	  size of the _irq_to_interrupt_vector_table, which is used at runtime
	  to program to the PIC the association between vectors and
	  interrupts.

config SET_GDT
	bool "Setup GDT as part of boot process"
	default y
	help
	  This option sets up the GDT as part of the boot process. However,
	  this may conflict with some security scenarios where the GDT is
	  already appropriately set by an earlier bootloader stage, in which
	  case this should be disabled. If disabled, the global _gdt pointer
	  will not be available.

config GDT_DYNAMIC
	bool "Store GDT in RAM so that it can be modified"
	depends on SET_GDT
	help
	  This option stores the GDT in RAM instead of ROM, so that it may
	  be modified at runtime at the expense of some memory.

endmenu

config DISABLE_SSBD
	bool "Disable Speculative Store Bypass"
	depends on USERSPACE
	default y if !X86_NO_SPECTRE_V4
	help
	  This option will disable Speculative Store Bypass in order to
	  mitigate against certain kinds of side channel attacks.  Quoting
	  the "Speculative Execution Side Channels" document, version 2.0:

	      When SSBD is set, loads will not execute speculatively
	      until the addresses of all older stores are known.  This
	      ensure s that a load does not speculatively consume stale
	      data values due to bypassing an older store on the same
	      logical processor.

	  If enabled, this applies to all threads in the system.

	  Even if enabled, will have no effect on CPUs that do not
	  require this feature.

config ENABLE_EXTENDED_IBRS
	bool "Enable Extended IBRS"
	depends on USERSPACE
	default y if !X86_NO_SPECTRE_V2
	help
	  This option will enable the Extended Indirect Branch Restricted
	  Speculation 'always on' feature. This mitigates Indirect Branch
	  Control vulnerabilities (aka Spectre V2).

config X86_RETPOLINE
	bool "Build with retpolines enabled in x86 assembly code"
	depends on USERSPACE
	help
	  This is recommended on platforms with speculative executions, to
	  protect against branch target injection (AKA Spectre-V2).  Full
	  description of how retpolines work can be found here[1].

	  [1] https://support.google.com/faqs/answer/7625886

config X86_BOUNDS_CHECK_BYPASS_MITIGATION
	bool
	depends on USERSPACE
	default y if !X86_NO_SPECTRE_V1
	select BOUNDS_CHECK_BYPASS_MITIGATION
	help
	  Hidden config to select arch-independent option to enable
	  Spectre V1 mitigations by default if the CPU is not known
	  to be immune to it.