~hc/RK356X_SDK_RELEASE.git

..	..	@@ -3,7 +3,7 @@
3	3	config 64BIT
4	4	bool "64-bit kernel" if "$(ARCH)" = "x86"
5	5	default "$(ARCH)" != "i386"
6		- ---help---
	6	+ help
7	7	Say yes to build a 64-bit kernel - formerly known as x86_64
8	8	Say no to build a 32-bit kernel - formerly known as i386
9	9
..	..	@@ -14,26 +14,36 @@
14	14	select ARCH_WANT_IPC_PARSE_VERSION
15	15	select CLKSRC_I8253
16	16	select CLONE_BACKWARDS
17		- select HAVE_AOUT
18		- select HAVE_GENERIC_DMA_COHERENT
	17	+ select HAVE_DEBUG_STACKOVERFLOW
19	18	select MODULES_USE_ELF_REL
20	19	select OLD_SIGACTION
21	20	select GENERIC_VDSO_32
	21	+ select ARCH_SPLIT_ARG64
22	22
23	23	config X86_64
24	24	def_bool y
25	25	depends on 64BIT
26	26	# Options that are inherently 64-bit kernel only:
27		- select ARCH_HAS_GIGANTIC_PAGE if (MEMORY_ISOLATION && COMPACTION) \|\| CMA
28		- select ARCH_SUPPORTS_INT128
	27	+ select ARCH_HAS_GIGANTIC_PAGE
	28	+ select ARCH_SUPPORTS_INT128 if CC_HAS_INT128
	29	+ select ARCH_SUPPORTS_SPECULATIVE_PAGE_FAULT
29	30	select ARCH_USE_CMPXCHG_LOCKREF
30	31	select HAVE_ARCH_SOFT_DIRTY
31	32	select MODULES_USE_ELF_RELA
32	33	select NEED_DMA_MAP_STATE
33	34	select SWIOTLB
34		- select X86_DEV_DMA_OPS
35		- select ARCH_HAS_SYSCALL_WRAPPER
36	35
	36	+config FORCE_DYNAMIC_FTRACE
	37	+ def_bool y
	38	+ depends on X86_32
	39	+ depends on FUNCTION_TRACER
	40	+ select DYNAMIC_FTRACE
	41	+ help
	42	+ We keep the static function tracing (!DYNAMIC_FTRACE) around
	43	+ in order to test the non static function tracing in the
	44	+ generic code, as other architectures still use it. But we
	45	+ only need to keep it around for x86_64. No need to keep it
	46	+ for x86_32. For x86_32, force DYNAMIC_FTRACE.
37	47	#
38	48	# Arch settings
39	49	#
..	..	@@ -47,50 +57,60 @@
47	57	#
48	58	select ACPI_LEGACY_TABLES_LOOKUP if ACPI
49	59	select ACPI_SYSTEM_POWER_STATES_SUPPORT if ACPI
50		- select ARCH_CLOCKSOURCE_DATA
51		- select ARCH_DISCARD_MEMBLOCK
	60	+ select ARCH_32BIT_OFF_T if X86_32
	61	+ select ARCH_CLOCKSOURCE_INIT
52	62	select ARCH_HAS_ACPI_TABLE_UPGRADE if ACPI
53	63	select ARCH_HAS_DEBUG_VIRTUAL
	64	+ select ARCH_HAS_DEBUG_VM_PGTABLE if !X86_PAE
54	65	select ARCH_HAS_DEVMEM_IS_ALLOWED
	66	+ select ARCH_HAS_EARLY_DEBUG if KGDB
55	67	select ARCH_HAS_ELF_RANDOMIZE
56	68	select ARCH_HAS_FAST_MULTIPLIER
57	69	select ARCH_HAS_FILTER_PGPROT
58	70	select ARCH_HAS_FORTIFY_SOURCE
59	71	select ARCH_HAS_GCOV_PROFILE_ALL
60		- select ARCH_HAS_KCOV if X86_64
	72	+ select ARCH_HAS_KCOV if X86_64 && STACK_VALIDATION
	73	+ select ARCH_HAS_MEM_ENCRYPT
61	74	select ARCH_HAS_MEMBARRIER_SYNC_CORE
	75	+ select ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
62	76	select ARCH_HAS_PMEM_API if X86_64
	77	+ select ARCH_HAS_PTE_DEVMAP if X86_64
63	78	select ARCH_HAS_PTE_SPECIAL
64		- select ARCH_HAS_REFCOUNT
65	79	select ARCH_HAS_UACCESS_FLUSHCACHE if X86_64
66		- select ARCH_HAS_UACCESS_MCSAFE if X86_64 && X86_MCE
	80	+ select ARCH_HAS_COPY_MC if X86_64
67	81	select ARCH_HAS_SET_MEMORY
68		- select ARCH_HAS_SG_CHAIN
	82	+ select ARCH_HAS_SET_DIRECT_MAP
69	83	select ARCH_HAS_STRICT_KERNEL_RWX
70	84	select ARCH_HAS_STRICT_MODULE_RWX
71	85	select ARCH_HAS_SYNC_CORE_BEFORE_USERMODE
	86	+ select ARCH_HAS_SYSCALL_WRAPPER
72	87	select ARCH_HAS_UBSAN_SANITIZE_ALL
73		- select ARCH_HAS_ZONE_DEVICE if X86_64
	88	+ select ARCH_HAS_DEBUG_WX
74	89	select ARCH_HAVE_NMI_SAFE_CMPXCHG
75	90	select ARCH_MIGHT_HAVE_ACPI_PDC if ACPI
76	91	select ARCH_MIGHT_HAVE_PC_PARPORT
77	92	select ARCH_MIGHT_HAVE_PC_SERIO
	93	+ select ARCH_STACKWALK
78	94	select ARCH_SUPPORTS_ACPI
79	95	select ARCH_SUPPORTS_ATOMIC_RMW
80	96	select ARCH_SUPPORTS_NUMA_BALANCING if X86_64
81	97	select ARCH_SUPPORTS_LTO_CLANG if X86_64
	98	+ select ARCH_SUPPORTS_LTO_CLANG_THIN if X86_64
82	99	select ARCH_USE_BUILTIN_BSWAP
83	100	select ARCH_USE_QUEUED_RWLOCKS
84	101	select ARCH_USE_QUEUED_SPINLOCKS
	102	+ select ARCH_USE_SYM_ANNOTATIONS
85	103	select ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH
	104	+ select ARCH_WANT_DEFAULT_BPF_JIT if X86_64
86	105	select ARCH_WANTS_DYNAMIC_TASK_STRUCT
	106	+ select ARCH_WANT_HUGE_PMD_SHARE
	107	+ select ARCH_WANT_LD_ORPHAN_WARN
87	108	select ARCH_WANTS_THP_SWAP if X86_64
88		- select BUILDTIME_EXTABLE_SORT
	109	+ select BUILDTIME_TABLE_SORT
89	110	select CLKEVT_I8253
90	111	select CLOCKSOURCE_VALIDATE_LAST_CYCLE
91	112	select CLOCKSOURCE_WATCHDOG
92	113	select DCACHE_WORD_ACCESS
93		- select DMA_DIRECT_OPS
94	114	select EDAC_ATOMIC_SCRUB
95	115	select EDAC_SUPPORT
96	116	select GENERIC_CLOCKEVENTS
..	..	@@ -100,6 +120,7 @@
100	120	select GENERIC_CPU_AUTOPROBE
101	121	select GENERIC_CPU_VULNERABILITIES
102	122	select GENERIC_EARLY_IOREMAP
	123	+ select GENERIC_ENTRY
103	124	select GENERIC_FIND_FIRST_BIT
104	125	select GENERIC_IOMAP
105	126	select GENERIC_IRQ_EFFECTIVE_AFF_MASK if SMP
..	..	@@ -109,11 +130,15 @@
109	130	select GENERIC_IRQ_RESERVATION_MODE
110	131	select GENERIC_IRQ_SHOW
111	132	select GENERIC_PENDING_IRQ if SMP
	133	+ select GENERIC_PTDUMP
112	134	select GENERIC_SMP_IDLE_THREAD
113	135	select GENERIC_STRNCPY_FROM_USER
114	136	select GENERIC_STRNLEN_USER
115	137	select GENERIC_TIME_VSYSCALL
116	138	select GENERIC_GETTIMEOFDAY
	139	+ select GENERIC_VDSO_TIME_NS
	140	+ select GUP_GET_PTE_LOW_HIGH if X86_PAE
	141	+ select HARDIRQS_SW_RESEND
117	142	select HARDLOCKUP_CHECK_TIMESTAMP if X86_64
118	143	select HAVE_ACPI_APEI if ACPI
119	144	select HAVE_ACPI_APEI_NMI if ACPI
..	..	@@ -121,32 +146,41 @@
121	146	select HAVE_ARCH_AUDITSYSCALL
122	147	select HAVE_ARCH_HUGE_VMAP if X86_64 \|\| X86_PAE
123	148	select HAVE_ARCH_JUMP_LABEL
	149	+ select HAVE_ARCH_JUMP_LABEL_RELATIVE
124	150	select HAVE_ARCH_KASAN if X86_64
	151	+ select HAVE_ARCH_KASAN_VMALLOC if X86_64
	152	+ select HAVE_ARCH_KFENCE
125	153	select HAVE_ARCH_KGDB
126	154	select HAVE_ARCH_MMAP_RND_BITS if MMU
127	155	select HAVE_ARCH_MMAP_RND_COMPAT_BITS if MMU && COMPAT
128	156	select HAVE_ARCH_COMPAT_MMAP_BASES if MMU && COMPAT
129		- select HAVE_ARCH_PREL32_RELOCATIONS if !LTO_CLANG
	157	+ select HAVE_ARCH_PREL32_RELOCATIONS
130	158	select HAVE_ARCH_SECCOMP_FILTER
131	159	select HAVE_ARCH_THREAD_STRUCT_WHITELIST
	160	+ select HAVE_ARCH_STACKLEAK
132	161	select HAVE_ARCH_TRACEHOOK
133	162	select HAVE_ARCH_TRANSPARENT_HUGEPAGE
134	163	select HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD if X86_64
	164	+ select HAVE_ARCH_USERFAULTFD_WP if X86_64 && USERFAULTFD
	165	+ select HAVE_ARCH_USERFAULTFD_MINOR if X86_64 && USERFAULTFD
135	166	select HAVE_ARCH_VMAP_STACK if X86_64
136	167	select HAVE_ARCH_WITHIN_STACK_FRAMES
	168	+ select HAVE_ASM_MODVERSIONS
137	169	select HAVE_CMPXCHG_DOUBLE
138	170	select HAVE_CMPXCHG_LOCAL
139	171	select HAVE_CONTEXT_TRACKING if X86_64
140		- select HAVE_COPY_THREAD_TLS
141	172	select HAVE_C_RECORDMCOUNT
	173	+ select HAVE_OBJTOOL_MCOUNT if STACK_VALIDATION
142	174	select HAVE_DEBUG_KMEMLEAK
143		- select HAVE_DEBUG_STACKOVERFLOW
144	175	select HAVE_DMA_CONTIGUOUS
145	176	select HAVE_DYNAMIC_FTRACE
146	177	select HAVE_DYNAMIC_FTRACE_WITH_REGS
	178	+ select HAVE_DYNAMIC_FTRACE_WITH_DIRECT_CALLS
147	179	select HAVE_EBPF_JIT
148	180	select HAVE_EFFICIENT_UNALIGNED_ACCESS
	181	+ select HAVE_EISA
149	182	select HAVE_EXIT_THREAD
	183	+ select HAVE_FAST_GUP
150	184	select HAVE_FENTRY if X86_64 \|\| DYNAMIC_FTRACE
151	185	select HAVE_FTRACE_MCOUNT_RECORD
152	186	select HAVE_FUNCTION_GRAPH_TRACER
..	..	@@ -155,7 +189,6 @@
155	189	select HAVE_HW_BREAKPOINT
156	190	select HAVE_IDE
157	191	select HAVE_IOREMAP_PROT
158		- select HAVE_IRQ_EXIT_ON_IRQ_STACK if X86_64
159	192	select HAVE_IRQ_TIME_ACCOUNTING
160	193	select HAVE_KERNEL_BZIP2
161	194	select HAVE_KERNEL_GZIP
..	..	@@ -163,16 +196,17 @@
163	196	select HAVE_KERNEL_LZMA
164	197	select HAVE_KERNEL_LZO
165	198	select HAVE_KERNEL_XZ
	199	+ select HAVE_KERNEL_ZSTD
166	200	select HAVE_KPROBES
167	201	select HAVE_KPROBES_ON_FTRACE
168	202	select HAVE_FUNCTION_ERROR_INJECTION
169	203	select HAVE_KRETPROBES
170	204	select HAVE_KVM
171	205	select HAVE_LIVEPATCH if X86_64
172		- select HAVE_MEMBLOCK
173		- select HAVE_MEMBLOCK_NODE_MAP
174	206	select HAVE_MIXED_BREAKPOINTS_REGS
175	207	select HAVE_MOD_ARCH_SPECIFIC
	208	+ select HAVE_MOVE_PMD
	209	+ select HAVE_MOVE_PUD
176	210	select HAVE_NMI
177	211	select HAVE_OPROFILE
178	212	select HAVE_OPTPROBES
..	..	@@ -180,14 +214,18 @@
180	214	select HAVE_PERF_EVENTS
181	215	select HAVE_PERF_EVENTS_NMI
182	216	select HAVE_HARDLOCKUP_DETECTOR_PERF if PERF_EVENTS && HAVE_PERF_EVENTS_NMI
	217	+ select HAVE_PCI
183	218	select HAVE_PERF_REGS
184	219	select HAVE_PERF_USER_STACK_DUMP
185		- select HAVE_RCU_TABLE_FREE if PARAVIRT
186		- select HAVE_RCU_TABLE_INVALIDATE if HAVE_RCU_TABLE_FREE
	220	+ select MMU_GATHER_RCU_TABLE_FREE if PARAVIRT
	221	+ select HAVE_POSIX_CPU_TIMERS_TASK_WORK
187	222	select HAVE_REGS_AND_STACK_ACCESS_API
188	223	select HAVE_RELIABLE_STACKTRACE if X86_64 && (UNWINDER_FRAME_POINTER \|\| UNWINDER_ORC) && STACK_VALIDATION
	224	+ select HAVE_FUNCTION_ARG_ACCESS_API
189	225	select HAVE_STACKPROTECTOR if CC_HAS_SANE_STACKPROTECTOR
190		- select HAVE_STACK_VALIDATION if X86_64 && !LTO_CLANG
	226	+ select HAVE_STACK_VALIDATION if X86_64
	227	+ select HAVE_STATIC_CALL
	228	+ select HAVE_STATIC_CALL_INLINE if HAVE_STACK_VALIDATION
191	229	select HAVE_RSEQ
192	230	select HAVE_SYSCALL_TRACEPOINTS
193	231	select HAVE_UNSTABLE_SCHED_CLOCK
..	..	@@ -196,17 +234,22 @@
196	234	select HOTPLUG_SMT if SMP
197	235	select IRQ_FORCED_THREADING
198	236	select NEED_SG_DMA_LENGTH
199		- select PCI_LOCKLESS_CONFIG
	237	+ select PCI_DOMAINS if PCI
	238	+ select PCI_LOCKLESS_CONFIG if PCI
200	239	select PERF_EVENTS
201	240	select RTC_LIB
202	241	select RTC_MC146818_LIB
203	242	select SPARSE_IRQ
204	243	select SRCU
	244	+ select STACK_VALIDATION if HAVE_STACK_VALIDATION && (HAVE_STATIC_CALL_INLINE \|\| RETPOLINE)
205	245	select SYSCTL_EXCEPTION_TRACE
206	246	select THREAD_INFO_IN_TASK
207	247	select USER_STACKTRACE_SUPPORT
208	248	select VIRT_TO_BUS
	249	+ select HAVE_ARCH_KCSAN if X86_64
209	250	select X86_FEATURE_NAMES if PROC_FS
	251	+ select PROC_PID_ARCH_STATUS if PROC_FS
	252	+ imply IMA_SECURE_AND_OR_TRUSTED_BOOT if EFI
210	253
211	254	config INSTRUCTION_DECODER
212	255	def_bool y
..	..	@@ -216,11 +259,6 @@
216	259	string
217	260	default "elf32-i386" if X86_32
218	261	default "elf64-x86-64" if X86_64
219		-
220		-config ARCH_DEFCONFIG
221		- string
222		- default "arch/x86/configs/i386_defconfig" if X86_32
223		- default "arch/x86/configs/x86_64_defconfig" if X86_64
224	262
225	263	config LOCKDEP_SUPPORT
226	264	def_bool y
..	..	@@ -260,15 +298,9 @@
260	298	config GENERIC_BUG_RELATIVE_POINTERS
261	299	bool
262	300
263		-config GENERIC_HWEIGHT
264		- def_bool y
265		-
266	301	config ARCH_MAY_HAVE_PC_FDC
267	302	def_bool y
268	303	depends on ISA_DMA_API
269		-
270		-config RWSEM_XCHGADD_ALGORITHM
271		- def_bool y
272	304
273	305	config GENERIC_CALIBRATE_DELAY
274	306	def_bool y
..	..	@@ -297,9 +329,6 @@
297	329	config ARCH_SUSPEND_POSSIBLE
298	330	def_bool y
299	331
300		-config ARCH_WANT_HUGE_PMD_SHARE
301		- def_bool y
302		-
303	332	config ARCH_WANT_GENERAL_HUGETLB
304	333	def_bool y
305	334
..	..	@@ -308,9 +337,6 @@
308	337
309	338	config AUDIT_ARCH
310	339	def_bool y if X86_64
311		-
312		-config ARCH_SUPPORTS_OPTIMIZED_INLINING
313		- def_bool y
314	340
315	341	config ARCH_SUPPORTS_DEBUG_PAGEALLOC
316	342	def_bool y
..	..	@@ -374,7 +400,7 @@
374	400
375	401	config SMP
376	402	bool "Symmetric multi-processing support"
377		- ---help---
	403	+ help
378	404	This enables support for systems with more than one CPU. If you have
379	405	a system with only one CPU, say N. If you have a system with more
380	406	than one CPU, say Y.
..	..	@@ -394,8 +420,8 @@
394	420	Y to "Enhanced Real Time Clock Support", below. The "Advanced Power
395	421	Management" code will be disabled if you say Y here.
396	422
397		- See also <file:Documentation/x86/i386/IO-APIC.txt>,
398		- <file:Documentation/lockup-watchdogs.txt> and the SMP-HOWTO available at
	423	+ See also <file:Documentation/x86/i386/IO-APIC.rst>,
	424	+ <file:Documentation/admin-guide/lockup-watchdogs.rst> and the SMP-HOWTO available at
399	425	<http://www.tldp.org/docs.html#howto>.
400	426
401	427	If you don't know what to do here, say N.
..	..	@@ -403,7 +429,7 @@
403	429	config X86_FEATURE_NAMES
404	430	bool "Processor feature human-readable names" if EMBEDDED
405	431	default y
406		- ---help---
	432	+ help
407	433	This option compiles in a table of x86 feature bits and corresponding
408	434	names. This is required to support /proc/cpuinfo and a few kernel
409	435	messages. You can disable this to save space, at the expense of
..	..	@@ -414,7 +440,7 @@
414	440	config X86_X2APIC
415	441	bool "Support x2apic"
416	442	depends on X86_LOCAL_APIC && X86_64 && (IRQ_REMAP \|\| HYPERVISOR_GUEST)
417		- ---help---
	443	+ help
418	444	This enables x2apic support on CPUs that have this feature.
419	445
420	446	This allows 32-bit apic IDs (so it can support very large systems),
..	..	@@ -426,34 +452,32 @@
426	452	bool "Enable MPS table" if ACPI \|\| SFI
427	453	default y
428	454	depends on X86_LOCAL_APIC
429		- ---help---
	455	+ help
430	456	For old smp systems that do not have proper acpi support. Newer systems
431	457	(esp with 64bit cpus) with acpi support, MADT and DSDT will override it
432	458
433	459	config GOLDFISH
434		- def_bool y
435		- depends on X86_GOLDFISH
	460	+ def_bool y
	461	+ depends on X86_GOLDFISH
436	462
437		-config RETPOLINE
438		- bool "Avoid speculative indirect branches in kernel"
439		- default y
440		- select STACK_VALIDATION if HAVE_STACK_VALIDATION
441		- help
442		- Compile kernel with the retpoline compiler options to guard against
443		- kernel-to-user data leaks by avoiding speculative indirect
444		- branches. Requires a compiler with -mindirect-branch=thunk-extern
445		- support for full protection. The kernel may run slower.
446		-
447		-config INTEL_RDT
448		- bool "Intel Resource Director Technology support"
449		- default n
450		- depends on X86 && CPU_SUP_INTEL
	463	+config X86_CPU_RESCTRL
	464	+ bool "x86 CPU resource control support"
	465	+ depends on X86 && (CPU_SUP_INTEL \|\| CPU_SUP_AMD)
451	466	select KERNFS
	467	+ select PROC_CPU_RESCTRL if PROC_FS
452	468	help
453		- Select to enable resource allocation and monitoring which are
454		- sub-features of Intel Resource Director Technology(RDT). More
455		- information about RDT can be found in the Intel x86
456		- Architecture Software Developer Manual.
	469	+ Enable x86 CPU resource control support.
	470	+
	471	+ Provide support for the allocation and monitoring of system resources
	472	+ usage by the CPU.
	473	+
	474	+ Intel calls this Intel Resource Director Technology
	475	+ (Intel(R) RDT). More information about RDT can be found in the
	476	+ Intel x86 Architecture Software Developer Manual.
	477	+
	478	+ AMD calls this AMD Platform Quality of Service (AMD QoS).
	479	+ More information about AMD QoS can be found in the AMD64 Technology
	480	+ Platform Quality of Service Extensions manual.
457	481
458	482	Say N if unsure.
459	483
..	..	@@ -461,13 +485,13 @@
461	485	config X86_BIGSMP
462	486	bool "Support for big SMP systems with more than 8 CPUs"
463	487	depends on SMP
464		- ---help---
465		- This option is needed for the systems that have more than 8 CPUs
	488	+ help
	489	+ This option is needed for the systems that have more than 8 CPUs.
466	490
467	491	config X86_EXTENDED_PLATFORM
468	492	bool "Support for extended (non-PC) x86 platforms"
469	493	default y
470		- ---help---
	494	+ help
471	495	If you disable this option then the kernel will only support
472	496	standard PC platforms. (which covers the vast majority of
473	497	systems out there.)
..	..	@@ -489,7 +513,7 @@
489	513	config X86_EXTENDED_PLATFORM
490	514	bool "Support for extended (non-PC) x86 platforms"
491	515	default y
492		- ---help---
	516	+ help
493	517	If you disable this option then the kernel will only support
494	518	standard PC platforms. (which covers the vast majority of
495	519	systems out there.)
..	..	@@ -513,7 +537,7 @@
513	537	depends on SMP
514	538	depends on X86_X2APIC
515	539	depends on PCI_MMCONFIG
516		- ---help---
	540	+ help
517	541	Adds support for Numascale NumaChip large-SMP systems. Needed to
518	542	enable more than ~168 cores.
519	543	If you don't have one of these, you should say N here.
..	..	@@ -525,7 +549,7 @@
525	549	depends on X86_64 && PCI
526	550	depends on X86_EXTENDED_PLATFORM
527	551	depends on SMP
528		- ---help---
	552	+ help
529	553	Support for ScaleMP vSMP systems. Say 'Y' here if this kernel is
530	554	supposed to run on these EM64T-based machines. Only choose this option
531	555	if you have one of these machines.
..	..	@@ -539,7 +563,7 @@
539	563	depends on KEXEC_CORE
540	564	depends on X86_X2APIC
541	565	depends on PCI
542		- ---help---
	566	+ help
543	567	This option is needed in order to support SGI Ultraviolet systems.
544	568	If you don't have one of these, you should say N here.
545	569
..	..	@@ -547,9 +571,9 @@
547	571	# Please maintain the alphabetic order if and when there are additions
548	572
549	573	config X86_GOLDFISH
550		- bool "Goldfish (Virtual Platform)"
551		- depends on X86_EXTENDED_PLATFORM
552		- ---help---
	574	+ bool "Goldfish (Virtual Platform)"
	575	+ depends on X86_EXTENDED_PLATFORM
	576	+ help
553	577	Enable support for the Goldfish virtual platform used primarily
554	578	for Android development. Unless you are building for the Android
555	579	Goldfish emulator say N here.
..	..	@@ -564,7 +588,7 @@
564	588	select X86_REBOOTFIXUPS
565	589	select OF
566	590	select OF_EARLY_FLATTREE
567		- ---help---
	591	+ help
568	592	Select for the Intel CE media processor (CE4100) SOC.
569	593	This option compiles in support for the CE4100 SOC for settop
570	594	boxes and media devices.
..	..	@@ -580,9 +604,9 @@
580	604	select I2C
581	605	select DW_APB_TIMER
582	606	select APB_TIMER
583		- select INTEL_SCU_IPC
	607	+ select INTEL_SCU_PCI
584	608	select MFD_INTEL_MSIC
585		- ---help---
	609	+ help
586	610	Select to build a kernel capable of supporting Intel MID (Mobile
587	611	Internet Device) platform systems which do not have the PCI legacy
588	612	interfaces. If you are building for a PC class system say N here.
..	..	@@ -602,18 +626,18 @@
602	626	select IOSF_MBI
603	627	select INTEL_IMR
604	628	select COMMON_CLK
605		- ---help---
	629	+ help
606	630	Select to include support for Quark X1000 SoC.
607	631	Say Y here if you have a Quark based system such as the Arduino
608	632	compatible Intel Galileo.
609	633
610	634	config X86_INTEL_LPSS
611	635	bool "Intel Low Power Subsystem Support"
612		- depends on X86 && ACPI
	636	+ depends on X86 && ACPI && PCI
613	637	select COMMON_CLK
614	638	select PINCTRL
615	639	select IOSF_MBI
616		- ---help---
	640	+ help
617	641	Select to build support for Intel Low Power Subsystem such as
618	642	found on Intel Lynxpoint PCH. Selecting this option enables
619	643	things like clock tree (common clock framework) and pincontrol
..	..	@@ -624,7 +648,7 @@
624	648	depends on ACPI
625	649	select COMMON_CLK
626	650	select PINCTRL
627		- ---help---
	651	+ help
628	652	Select to interpret AMD specific ACPI device to platform device
629	653	such as I2C, UART, GPIO found on AMD Carrizo and later chipsets.
630	654	I2C and UART depend on COMMON_CLK to set clock. GPIO driver is
..	..	@@ -633,7 +657,7 @@
633	657	config IOSF_MBI
634	658	tristate "Intel SoC IOSF Sideband support for SoC platforms"
635	659	depends on PCI
636		- ---help---
	660	+ help
637	661	This option enables sideband register access support for Intel SoC
638	662	platforms. On these platforms the IOSF sideband is used in lieu of
639	663	MSR's for some register accesses, mostly but not limited to thermal
..	..	@@ -650,7 +674,7 @@
650	674	config IOSF_MBI_DEBUG
651	675	bool "Enable IOSF sideband access through debugfs"
652	676	depends on IOSF_MBI && DEBUG_FS
653		- ---help---
	677	+ help
654	678	Select this option to expose the IOSF sideband access registers (MCR,
655	679	MDR, MCRX) through debugfs to write and read register information from
656	680	different units on the SoC. This is most useful for obtaining device
..	..	@@ -666,7 +690,7 @@
666	690	depends on X86_EXTENDED_PLATFORM
667	691	select M486
668	692	select X86_REBOOTFIXUPS
669		- ---help---
	693	+ help
670	694	This option is needed for RDC R-321x system-on-chip, also known
671	695	as R-8610-(G).
672	696	If you don't have one of these chips, you should say N here.
..	..	@@ -675,7 +699,7 @@
675	699	bool "Support non-standard 32-bit SMP architectures"
676	700	depends on X86_32 && SMP
677	701	depends on X86_EXTENDED_PLATFORM
678		- ---help---
	702	+ help
679	703	This option compiles in the bigsmp and STA2X11 default
680	704	subarchitectures. It is intended for a generic binary
681	705	kernel. If you select them all, kernel will probe it one by
..	..	@@ -695,14 +719,10 @@
695	719	config STA2X11
696	720	bool "STA2X11 Companion Chip Support"
697	721	depends on X86_32_NON_STANDARD && PCI
698		- select ARCH_HAS_PHYS_TO_DMA
699		- select X86_DEV_DMA_OPS
700		- select X86_DMA_REMAP
701	722	select SWIOTLB
702	723	select MFD_STA2X11
703	724	select GPIOLIB
704		- default n
705		- ---help---
	725	+ help
706	726	This adds support for boards based on the STA2X11 IO-Hub,
707	727	a.k.a. "ConneXt". The chip is used in place of the standard
708	728	PC chipset, so all "standard" peripherals are missing. If this
..	..	@@ -712,7 +732,7 @@
712	732	config X86_32_IRIS
713	733	tristate "Eurobraille/Iris poweroff module"
714	734	depends on X86_32
715		- ---help---
	735	+ help
716	736	The Iris machines from EuroBraille do not have APM or ACPI support
717	737	to shut themselves down properly. A special I/O sequence is
718	738	needed to do so, which is what this module does at
..	..	@@ -726,7 +746,7 @@
726	746	def_bool y
727	747	prompt "Single-depth WCHAN output"
728	748	depends on X86
729		- ---help---
	749	+ help
730	750	Calculate simpler /proc/<PID>/wchan values. If this option
731	751	is disabled then wchan values will recurse back to the
732	752	caller function. This provides more accurate wchan values,
..	..	@@ -736,7 +756,7 @@
736	756
737	757	menuconfig HYPERVISOR_GUEST
738	758	bool "Linux guest support"
739		- ---help---
	759	+ help
740	760	Say Y here to enable options for running Linux under various hyper-
741	761	visors. This option enables basic hypervisor detection and platform
742	762	setup.
..	..	@@ -748,23 +768,26 @@
748	768
749	769	config PARAVIRT
750	770	bool "Enable paravirtualization code"
751		- ---help---
	771	+ help
752	772	This changes the kernel so it can modify itself when it is run
753	773	under a hypervisor, potentially improving performance significantly
754	774	over full virtualization. However, when run without a hypervisor
755	775	the kernel is theoretically slower and slightly larger.
756	776
	777	+config PARAVIRT_XXL
	778	+ bool
	779	+
757	780	config PARAVIRT_DEBUG
758	781	bool "paravirt-ops debugging"
759	782	depends on PARAVIRT && DEBUG_KERNEL
760		- ---help---
	783	+ help
761	784	Enable to debug paravirt_ops internals. Specifically, BUG if
762	785	a paravirt_op is missing when it is called.
763	786
764	787	config PARAVIRT_SPINLOCKS
765	788	bool "Paravirtualization layer for spinlocks"
766	789	depends on PARAVIRT && SMP
767		- ---help---
	790	+ help
768	791	Paravirtualized spinlocks allow a pvops backend to replace the
769	792	spinlock implementation with something virtualization-friendly
770	793	(for example, block the virtual CPU rather than spinning).
..	..	@@ -774,13 +797,8 @@
774	797
775	798	If you are unsure how to answer this question, answer Y.
776	799
777		-config QUEUED_LOCK_STAT
778		- bool "Paravirt queued spinlock statistics"
779		- depends on PARAVIRT_SPINLOCKS && DEBUG_FS
780		- ---help---
781		- Enable the collection of statistical data on the slowpath
782		- behavior of paravirtualized queued spinlocks and report
783		- them on debugfs.
	800	+config X86_HV_CALLBACK_VECTOR
	801	+ def_bool n
784	802
785	803	source "arch/x86/xen/Kconfig"
786	804
..	..	@@ -788,28 +806,32 @@
788	806	bool "KVM Guest support (including kvmclock)"
789	807	depends on PARAVIRT
790	808	select PARAVIRT_CLOCK
	809	+ select ARCH_CPUIDLE_HALTPOLL
	810	+ select X86_HV_CALLBACK_VECTOR
791	811	default y
792		- ---help---
	812	+ help
793	813	This option enables various optimizations for running under the KVM
794	814	hypervisor. It includes a paravirtualized clock, so that instead
795	815	of relying on a PIT (or probably other) emulation by the
796	816	underlying device model, the host provides the guest with
797	817	timing infrastructure such as time of day, and system time
798	818
799		-config KVM_DEBUG_FS
800		- bool "Enable debug information for KVM Guests in debugfs"
801		- depends on KVM_GUEST && DEBUG_FS
802		- default n
803		- ---help---
804		- This option enables collection of various statistics for KVM guest.
805		- Statistics are displayed in debugfs filesystem. Enabling this option
806		- may incur significant overhead.
	819	+config ARCH_CPUIDLE_HALTPOLL
	820	+ def_bool n
	821	+ prompt "Disable host haltpoll when loading haltpoll driver"
	822	+ help
	823	+ If virtualized under KVM, disable host haltpoll.
	824	+
	825	+config PVH
	826	+ bool "Support for running PVH guests"
	827	+ help
	828	+ This option enables the PVH entry point for guest virtual machines
	829	+ as specified in the x86/HVM direct boot ABI.
807	830
808	831	config PARAVIRT_TIME_ACCOUNTING
809	832	bool "Paravirtual steal time accounting"
810	833	depends on PARAVIRT
811		- default n
812		- ---help---
	834	+ help
813	835	Select this option to enable fine granularity task steal time
814	836	accounting. Time spent executing other tasks in parallel with
815	837	the current vCPU is discounted from the vCPU power. To account for
..	..	@@ -824,22 +846,30 @@
824	846	bool "Jailhouse non-root cell support"
825	847	depends on X86_64 && PCI
826	848	select X86_PM_TIMER
827		- ---help---
	849	+ help
828	850	This option allows to run Linux as guest in a Jailhouse non-root
829	851	cell. You can leave this option disabled if you only want to start
830	852	Jailhouse and run Linux afterwards in the root cell.
831	853
832		-endif #HYPERVISOR_GUEST
	854	+config ACRN_GUEST
	855	+ bool "ACRN Guest support"
	856	+ depends on X86_64
	857	+ select X86_HV_CALLBACK_VECTOR
	858	+ help
	859	+ This option allows to run Linux as guest in the ACRN hypervisor. ACRN is
	860	+ a flexible, lightweight reference open-source hypervisor, built with
	861	+ real-time and safety-criticality in mind. It is built for embedded
	862	+ IOT with small footprint and real-time features. More details can be
	863	+ found in https://projectacrn.org/.
833	864
834		-config NO_BOOTMEM
835		- def_bool y
	865	+endif #HYPERVISOR_GUEST
836	866
837	867	source "arch/x86/Kconfig.cpu"
838	868
839	869	config HPET_TIMER
840	870	def_bool X86_64
841	871	prompt "HPET Timer Support" if X86_32
842		- ---help---
	872	+ help
843	873	Use the IA-PC HPET (High Precision Event Timer) to manage
844	874	time in preference to the PIT and RTC, if a HPET is
845	875	present.
..	..	@@ -860,16 +890,16 @@
860	890	depends on HPET_TIMER && (RTC=y \|\| RTC=m \|\| RTC_DRV_CMOS=m \|\| RTC_DRV_CMOS=y)
861	891
862	892	config APB_TIMER
863		- def_bool y if X86_INTEL_MID
864		- prompt "Intel MID APB Timer Support" if X86_INTEL_MID
865		- select DW_APB_TIMER
866		- depends on X86_INTEL_MID && SFI
867		- help
868		- APB timer is the replacement for 8254, HPET on X86 MID platforms.
869		- The APBT provides a stable time base on SMP
870		- systems, unlike the TSC, but it is more expensive to access,
871		- as it is off-chip. APB timers are always running regardless of CPU
872		- C states, they are used as per CPU clockevent device when possible.
	893	+ def_bool y if X86_INTEL_MID
	894	+ prompt "Intel MID APB Timer Support" if X86_INTEL_MID
	895	+ select DW_APB_TIMER
	896	+ depends on X86_INTEL_MID && SFI
	897	+ help
	898	+ APB timer is the replacement for 8254, HPET on X86 MID platforms.
	899	+ The APBT provides a stable time base on SMP
	900	+ systems, unlike the TSC, but it is more expensive to access,
	901	+ as it is off-chip. APB timers are always running regardless of CPU
	902	+ C states, they are used as per CPU clockevent device when possible.
873	903
874	904	# Mark as expert because too many people got it wrong.
875	905	# The code disables itself when not needed.
..	..	@@ -877,7 +907,7 @@
877	907	default y
878	908	select DMI_SCAN_MACHINE_NON_EFI_FALLBACK
879	909	bool "Enable DMI scanning" if EXPERT
880		- ---help---
	910	+ help
881	911	Enabled scanning of DMI to identify machine quirks. Say Y
882	912	here unless you have verified that your setup is not
883	913	affected by entries in the DMI blacklist. Required by PNP
..	..	@@ -885,10 +915,11 @@
885	915
886	916	config GART_IOMMU
887	917	bool "Old AMD GART IOMMU support"
	918	+ select DMA_OPS
888	919	select IOMMU_HELPER
889	920	select SWIOTLB
890	921	depends on X86_64 && PCI && AMD_NB
891		- ---help---
	922	+ help
892	923	Provides a driver for older AMD Athlon64/Opteron/Turion/Sempron
893	924	GART based hardware IOMMUs.
894	925
..	..	@@ -905,41 +936,11 @@
905	936
906	937	If unsure, say Y.
907	938
908		-config CALGARY_IOMMU
909		- bool "IBM Calgary IOMMU support"
910		- select IOMMU_HELPER
911		- select SWIOTLB
912		- depends on X86_64 && PCI
913		- ---help---
914		- Support for hardware IOMMUs in IBM's xSeries x366 and x460
915		- systems. Needed to run systems with more than 3GB of memory
916		- properly with 32-bit PCI devices that do not support DAC
917		- (Double Address Cycle). Calgary also supports bus level
918		- isolation, where all DMAs pass through the IOMMU. This
919		- prevents them from going anywhere except their intended
920		- destination. This catches hard-to-find kernel bugs and
921		- mis-behaving drivers and devices that do not use the DMA-API
922		- properly to set up their DMA buffers. The IOMMU can be
923		- turned off at boot time with the iommu=off parameter.
924		- Normally the kernel will make the right choice by itself.
925		- If unsure, say Y.
926		-
927		-config CALGARY_IOMMU_ENABLED_BY_DEFAULT
928		- def_bool y
929		- prompt "Should Calgary be enabled by default?"
930		- depends on CALGARY_IOMMU
931		- ---help---
932		- Should Calgary be enabled by default? if you choose 'y', Calgary
933		- will be used (if it exists). If you choose 'n', Calgary will not be
934		- used even if it exists. If you choose 'n' and would like to use
935		- Calgary anyway, pass 'iommu=calgary' on the kernel command line.
936		- If unsure, say Y.
937		-
938	939	config MAXSMP
939	940	bool "Enable Maximum number of SMP Processors and NUMA Nodes"
940	941	depends on X86_64 && SMP && DEBUG_KERNEL
941	942	select CPUMASK_OFFSTACK
942		- ---help---
	943	+ help
943	944	Enable maximum number of CPUS and NUMA Nodes for this architecture.
944	945	If unsure, say N.
945	946
..	..	@@ -973,8 +974,8 @@
973	974	config NR_CPUS_RANGE_END
974	975	int
975	976	depends on X86_64
976		- default 8192 if SMP && ( MAXSMP \|\| CPUMASK_OFFSTACK)
977		- default 512 if SMP && (!MAXSMP && !CPUMASK_OFFSTACK)
	977	+ default 8192 if SMP && CPUMASK_OFFSTACK
	978	+ default 512 if SMP && !CPUMASK_OFFSTACK
978	979	default 1 if !SMP
979	980
980	981	config NR_CPUS_DEFAULT
..	..	@@ -995,7 +996,7 @@
995	996	int "Maximum number of CPUs" if SMP && !MAXSMP
996	997	range NR_CPUS_RANGE_BEGIN NR_CPUS_RANGE_END
997	998	default NR_CPUS_DEFAULT
998		- ---help---
	999	+ help
999	1000	This allows you to specify the maximum number of CPUs which this
1000	1001	kernel will support. If CPUMASK_OFFSTACK is enabled, the maximum
1001	1002	supported value is 8192, otherwise the maximum value is 512. The
..	..	@@ -1011,7 +1012,7 @@
1011	1012	def_bool y
1012	1013	prompt "Multi-core scheduler support"
1013	1014	depends on SMP
1014		- ---help---
	1015	+ help
1015	1016	Multi-core scheduler support improves the CPU scheduler's decision
1016	1017	making when dealing with multi-core CPU chips at a cost of slightly
1017	1018	increased overhead in some places. If unsure say N here.
..	..	@@ -1022,7 +1023,7 @@
1022	1023	select X86_INTEL_PSTATE
1023	1024	select CPU_FREQ
1024	1025	default y
1025		- ---help---
	1026	+ help
1026	1027	Intel Turbo Boost Max Technology 3.0 enabled CPUs have a
1027	1028	core ordering determined at manufacturing time, which allows
1028	1029	certain cores to reach higher turbo frequencies (when running
..	..	@@ -1038,14 +1039,14 @@
1038	1039	If unsure say Y here.
1039	1040
1040	1041	config UP_LATE_INIT
1041		- def_bool y
1042		- depends on !SMP && X86_LOCAL_APIC
	1042	+ def_bool y
	1043	+ depends on !SMP && X86_LOCAL_APIC
1043	1044
1044	1045	config X86_UP_APIC
1045	1046	bool "Local APIC support on uniprocessors" if !PCI_MSI
1046	1047	default PCI_MSI
1047	1048	depends on X86_32 && !SMP && !X86_32_NON_STANDARD
1048		- ---help---
	1049	+ help
1049	1050	A local APIC (Advanced Programmable Interrupt Controller) is an
1050	1051	integrated interrupt controller in the CPU. If you have a single-CPU
1051	1052	system which has a processor with a local APIC, you can say Y here to
..	..	@@ -1058,7 +1059,7 @@
1058	1059	config X86_UP_IOAPIC
1059	1060	bool "IO-APIC support on uniprocessors"
1060	1061	depends on X86_UP_APIC
1061		- ---help---
	1062	+ help
1062	1063	An IO-APIC (I/O Advanced Programmable Interrupt Controller) is an
1063	1064	SMP-capable replacement for PC-style interrupt controllers. Most
1064	1065	SMP systems and many recent uniprocessor systems have one.
..	..	@@ -1080,7 +1081,7 @@
1080	1081	config X86_REROUTE_FOR_BROKEN_BOOT_IRQS
1081	1082	bool "Reroute for broken boot IRQs"
1082	1083	depends on X86_IO_APIC
1083		- ---help---
	1084	+ help
1084	1085	This option enables a workaround that fixes a source of
1085	1086	spurious interrupts. This is recommended when threaded
1086	1087	interrupt handling is used on systems where the generation of
..	..	@@ -1104,7 +1105,7 @@
1104	1105	bool "Machine Check / overheating reporting"
1105	1106	select GENERIC_ALLOCATOR
1106	1107	default y
1107		- ---help---
	1108	+ help
1108	1109	Machine Check support allows the processor to notify the
1109	1110	kernel if it detects a problem (e.g. overheating, data corruption).
1110	1111	The action the kernel takes depends on the severity of the problem,
..	..	@@ -1113,7 +1114,7 @@
1113	1114	config X86_MCELOG_LEGACY
1114	1115	bool "Support for deprecated /dev/mcelog character device"
1115	1116	depends on X86_MCE
1116		- ---help---
	1117	+ help
1117	1118	Enable support for /dev/mcelog which is needed by the old mcelog
1118	1119	userspace logging daemon. Consider switching to the new generation
1119	1120	rasdaemon solution.
..	..	@@ -1122,7 +1123,7 @@
1122	1123	def_bool y
1123	1124	prompt "Intel MCE features"
1124	1125	depends on X86_MCE && X86_LOCAL_APIC
1125		- ---help---
	1126	+ help
1126	1127	Additional support for intel specific MCE features such as
1127	1128	the thermal monitor.
1128	1129
..	..	@@ -1130,14 +1131,14 @@
1130	1131	def_bool y
1131	1132	prompt "AMD MCE features"
1132	1133	depends on X86_MCE && X86_LOCAL_APIC && AMD_NB
1133		- ---help---
	1134	+ help
1134	1135	Additional support for AMD specific MCE features such as
1135	1136	the DRAM Error Threshold.
1136	1137
1137	1138	config X86_ANCIENT_MCE
1138	1139	bool "Support for old Pentium 5 / WinChip machine checks"
1139	1140	depends on X86_32 && X86_MCE
1140		- ---help---
	1141	+ help
1141	1142	Include support for machine check handling on old Pentium 5 or WinChip
1142	1143	systems. These typically need to be enabled explicitly on the command
1143	1144	line.
..	..	@@ -1149,7 +1150,7 @@
1149	1150	config X86_MCE_INJECT
1150	1151	depends on X86_MCE && X86_LOCAL_APIC && DEBUG_FS
1151	1152	tristate "Machine check injector support"
1152		- ---help---
	1153	+ help
1153	1154	Provide support for injecting machine checks for testing purposes.
1154	1155	If you don't know what a machine check is and you don't do kernel
1155	1156	QA it is safe to say n.
..	..	@@ -1162,9 +1163,8 @@
1162	1163
1163	1164	config X86_LEGACY_VM86
1164	1165	bool "Legacy VM86 support"
1165		- default n
1166	1166	depends on X86_32
1167		- ---help---
	1167	+ help
1168	1168	This option allows user programs to put the CPU into V8086
1169	1169	mode, which is an 80286-era approximation of 16-bit real mode.
1170	1170
..	..	@@ -1189,14 +1189,14 @@
1189	1189	If unsure, say N here.
1190	1190
1191	1191	config VM86
1192		- bool
1193		- default X86_LEGACY_VM86
	1192	+ bool
	1193	+ default X86_LEGACY_VM86
1194	1194
1195	1195	config X86_16BIT
1196	1196	bool "Enable support for 16-bit segments" if EXPERT
1197	1197	default y
1198	1198	depends on MODIFY_LDT_SYSCALL
1199		- ---help---
	1199	+ help
1200	1200	This option is required by programs like Wine to run 16-bit
1201	1201	protected mode legacy code on x86 processors. Disabling
1202	1202	this option saves about 300 bytes on i386, or around 6K text
..	..	@@ -1211,10 +1211,10 @@
1211	1211	depends on X86_16BIT && X86_64
1212	1212
1213	1213	config X86_VSYSCALL_EMULATION
1214		- bool "Enable vsyscall emulation" if EXPERT
1215		- default y
1216		- depends on X86_64
1217		- ---help---
	1214	+ bool "Enable vsyscall emulation" if EXPERT
	1215	+ default y
	1216	+ depends on X86_64
	1217	+ help
1218	1218	This enables emulation of the legacy vsyscall page. Disabling
1219	1219	it is roughly equivalent to booting with vsyscall=none, except
1220	1220	that it will also disable the helpful warning if a program
..	..	@@ -1228,10 +1228,28 @@
1228	1228	Disabling this option saves about 7K of kernel size and
1229	1229	possibly 4K of additional runtime pagetable memory.
1230	1230
	1231	+config X86_IOPL_IOPERM
	1232	+ bool "IOPERM and IOPL Emulation"
	1233	+ default y
	1234	+ help
	1235	+ This enables the ioperm() and iopl() syscalls which are necessary
	1236	+ for legacy applications.
	1237	+
	1238	+ Legacy IOPL support is an overbroad mechanism which allows user
	1239	+ space aside of accessing all 65536 I/O ports also to disable
	1240	+ interrupts. To gain this access the caller needs CAP_SYS_RAWIO
	1241	+ capabilities and permission from potentially active security
	1242	+ modules.
	1243	+
	1244	+ The emulation restricts the functionality of the syscall to
	1245	+ only allowing the full range I/O port access, but prevents the
	1246	+ ability to disable interrupts from user space which would be
	1247	+ granted if the hardware IOPL mechanism would be used.
	1248	+
1231	1249	config TOSHIBA
1232	1250	tristate "Toshiba Laptop support"
1233	1251	depends on X86_32
1234		- ---help---
	1252	+ help
1235	1253	This adds a driver to safely access the System Management Mode of
1236	1254	the CPU on Toshiba portables with a genuine Toshiba BIOS. It does
1237	1255	not work on models with a Phoenix BIOS. The System Management Mode
..	..	@@ -1246,9 +1264,10 @@
1246	1264
1247	1265	config I8K
1248	1266	tristate "Dell i8k legacy laptop support"
1249		- select HWMON
	1267	+ depends on HWMON
	1268	+ depends on PROC_FS
1250	1269	select SENSORS_DELL_SMM
1251		- ---help---
	1270	+ help
1252	1271	This option enables legacy /proc/i8k userspace interface in hwmon
1253	1272	dell-smm-hwmon driver. Character file /proc/i8k reports bios version,
1254	1273	temperature and allows controlling fan speeds of Dell laptops via
..	..	@@ -1263,7 +1282,7 @@
1263	1282	config X86_REBOOTFIXUPS
1264	1283	bool "Enable X86 board specific fixups for reboot"
1265	1284	depends on X86_32
1266		- ---help---
	1285	+ help
1267	1286	This enables chipset and/or board specific fixups to be done
1268	1287	in order to get reboot to work correctly. This is only needed on
1269	1288	some combinations of hardware and BIOS. The symptom, for which
..	..	@@ -1281,8 +1300,7 @@
1281	1300	bool "CPU microcode loading support"
1282	1301	default y
1283	1302	depends on CPU_SUP_AMD \|\| CPU_SUP_INTEL
1284		- select FW_LOADER
1285		- ---help---
	1303	+ help
1286	1304	If you say Y here, you will be able to update the microcode on
1287	1305	Intel and AMD processors. The Intel support is for the IA32 family,
1288	1306	e.g. Pentium Pro, Pentium II, Pentium III, Pentium 4, Xeon etc. The
..	..	@@ -1291,7 +1309,7 @@
1291	1309	the Linux kernel.
1292	1310
1293	1311	The preferred method to load microcode from a detached initrd is described
1294		- in Documentation/x86/microcode.txt. For that you need to enable
	1312	+ in Documentation/x86/microcode.rst. For that you need to enable
1295	1313	CONFIG_BLK_DEV_INITRD in order for the loader to be able to scan the
1296	1314	initrd for microcode blobs.
1297	1315
..	..	@@ -1301,10 +1319,9 @@
1301	1319
1302	1320	config MICROCODE_INTEL
1303	1321	bool "Intel microcode loading support"
1304		- depends on MICROCODE
	1322	+ depends on CPU_SUP_INTEL && MICROCODE
1305	1323	default MICROCODE
1306		- select FW_LOADER
1307		- ---help---
	1324	+ help
1308	1325	This options enables microcode patch loading support for Intel
1309	1326	processors.
1310	1327
..	..	@@ -1314,19 +1331,26 @@
1314	1331
1315	1332	config MICROCODE_AMD
1316	1333	bool "AMD microcode loading support"
1317		- depends on MICROCODE
1318		- select FW_LOADER
1319		- ---help---
	1334	+ depends on CPU_SUP_AMD && MICROCODE
	1335	+ help
1320	1336	If you select this option, microcode patch loading support for AMD
1321	1337	processors will be enabled.
1322	1338
1323	1339	config MICROCODE_OLD_INTERFACE
1324		- def_bool y
	1340	+ bool "Ancient loading interface (DEPRECATED)"
	1341	+ default n
1325	1342	depends on MICROCODE
	1343	+ help
	1344	+ DO NOT USE THIS! This is the ancient /dev/cpu/microcode interface
	1345	+ which was used by userspace tools like iucode_tool and microcode.ctl.
	1346	+ It is inadequate because it runs too late to be able to properly
	1347	+ load microcode on a machine and it needs special tools. Instead, you
	1348	+ should've switched to the early loading method with the initrd or
	1349	+ builtin microcode by now: Documentation/x86/microcode.rst
1326	1350
1327	1351	config X86_MSR
1328	1352	tristate "/dev/cpu/*/msr - Model-specific register support"
1329		- ---help---
	1353	+ help
1330	1354	This device gives privileged processes access to the x86
1331	1355	Model-Specific Registers (MSRs). It is a character device with
1332	1356	major 202 and minors 0 to 31 for /dev/cpu/0/msr to /dev/cpu/31/msr.
..	..	@@ -1335,7 +1359,7 @@
1335	1359
1336	1360	config X86_CPUID
1337	1361	tristate "/dev/cpu/*/cpuid - CPU information support"
1338		- ---help---
	1362	+ help
1339	1363	This device gives processes access to the x86 CPUID instruction to
1340	1364	be executed on a specific processor. It is a character device
1341	1365	with major 203 and minors 0 to 31 for /dev/cpu/0/cpuid to
..	..	@@ -1348,7 +1372,7 @@
1348	1372
1349	1373	config NOHIGHMEM
1350	1374	bool "off"
1351		- ---help---
	1375	+ help
1352	1376	Linux can use up to 64 Gigabytes of physical memory on x86 systems.
1353	1377	However, the address space of 32-bit x86 processors is only 4
1354	1378	Gigabytes large. That means that, if you have a large amount of
..	..	@@ -1384,15 +1408,15 @@
1384	1408
1385	1409	config HIGHMEM4G
1386	1410	bool "4GB"
1387		- ---help---
	1411	+ help
1388	1412	Select this if you have a 32-bit processor and between 1 and 4
1389	1413	gigabytes of physical RAM.
1390	1414
1391	1415	config HIGHMEM64G
1392	1416	bool "64GB"
1393		- depends on !M486 && !M586 && !M586TSC && !M586MMX && !MGEODE_LX && !MGEODEGX1 && !MCYRIXIII && !MELAN && !MWINCHIPC6 && !MWINCHIP3D && !MK6
	1417	+ depends on !M486SX && !M486 && !M586 && !M586TSC && !M586MMX && !MGEODE_LX && !MGEODEGX1 && !MCYRIXIII && !MELAN && !MWINCHIPC6 && !MWINCHIP3D && !MK6
1394	1418	select X86_PAE
1395		- ---help---
	1419	+ help
1396	1420	Select this if you have a 32-bit processor and more than 4
1397	1421	gigabytes of physical RAM.
1398	1422
..	..	@@ -1402,7 +1426,7 @@
1402	1426	prompt "Memory split" if EXPERT
1403	1427	default VMSPLIT_3G
1404	1428	depends on X86_32
1405		- ---help---
	1429	+ help
1406	1430	Select the desired split between kernel and user memory.
1407	1431
1408	1432	If the address range available to the kernel is less than the
..	..	@@ -1450,7 +1474,7 @@
1450	1474	depends on X86_32 && !HIGHMEM4G
1451	1475	select PHYS_ADDR_T_64BIT
1452	1476	select SWIOTLB
1453		- ---help---
	1477	+ help
1454	1478	PAE is required for NX support, and furthermore enables
1455	1479	larger swapspace support for non-overcommit purposes. It
1456	1480	has the cost of more pagetable lookup overhead, and also
..	..	@@ -1458,10 +1482,11 @@
1458	1482
1459	1483	config X86_5LEVEL
1460	1484	bool "Enable 5-level page tables support"
	1485	+ default y
1461	1486	select DYNAMIC_MEMORY_LAYOUT
1462	1487	select SPARSEMEM_VMEMMAP
1463	1488	depends on X86_64
1464		- ---help---
	1489	+ help
1465	1490	5-level paging enables access to larger address space:
1466	1491	upto 128 PiB of virtual address space and 4 PiB of
1467	1492	physical address space.
..	..	@@ -1471,29 +1496,38 @@
1471	1496	A kernel with the option enabled can be booted on machines that
1472	1497	support 4- or 5-level paging.
1473	1498
1474		- See Documentation/x86/x86_64/5level-paging.txt for more
	1499	+ See Documentation/x86/x86_64/5level-paging.rst for more
1475	1500	information.
1476	1501
1477	1502	Say N if unsure.
1478	1503
1479	1504	config X86_DIRECT_GBPAGES
1480	1505	def_bool y
1481		- depends on X86_64 && !DEBUG_PAGEALLOC
1482		- ---help---
	1506	+ depends on X86_64
	1507	+ help
1483	1508	Certain kernel features effectively disable kernel
1484	1509	linear 1 GB mappings (even if the CPU otherwise
1485	1510	supports them), so don't confuse the user by printing
1486	1511	that we have them enabled.
1487	1512
1488		-config ARCH_HAS_MEM_ENCRYPT
1489		- def_bool y
	1513	+config X86_CPA_STATISTICS
	1514	+ bool "Enable statistic for Change Page Attribute"
	1515	+ depends on DEBUG_FS
	1516	+ help
	1517	+ Expose statistics about the Change Page Attribute mechanism, which
	1518	+ helps to determine the effectiveness of preserving large and huge
	1519	+ page mappings when mapping protections are changed.
1490	1520
1491	1521	config AMD_MEM_ENCRYPT
1492	1522	bool "AMD Secure Memory Encryption (SME) support"
1493	1523	depends on X86_64 && CPU_SUP_AMD
	1524	+ select DMA_COHERENT_POOL
1494	1525	select DYNAMIC_PHYSICAL_MASK
1495	1526	select ARCH_USE_MEMREMAP_PROT
1496		- ---help---
	1527	+ select ARCH_HAS_FORCE_DMA_UNENCRYPTED
	1528	+ select INSTRUCTION_DECODER
	1529	+ select ARCH_HAS_CC_PLATFORM
	1530	+ help
1497	1531	Say yes to enable support for the encryption of system memory.
1498	1532	This requires an AMD processor that supports Secure Memory
1499	1533	Encryption (SME).
..	..	@@ -1501,7 +1535,7 @@
1501	1535	config AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT
1502	1536	bool "Activate AMD Secure Memory Encryption (SME) by default"
1503	1537	depends on AMD_MEM_ENCRYPT
1504		- ---help---
	1538	+ help
1505	1539	Say yes to have system memory encrypted by default if running on
1506	1540	an AMD processor that supports Secure Memory Encryption (SME).
1507	1541
..	..	@@ -1513,12 +1547,12 @@
1513	1547
1514	1548	# Common NUMA Features
1515	1549	config NUMA
1516		- bool "Numa Memory Allocation and Scheduler Support"
	1550	+ bool "NUMA Memory Allocation and Scheduler Support"
1517	1551	depends on SMP
1518	1552	depends on X86_64 \|\| (X86_32 && HIGHMEM64G && X86_BIGSMP)
1519	1553	default y if X86_BIGSMP
1520		- ---help---
1521		- Enable NUMA (Non Uniform Memory Access) support.
	1554	+ help
	1555	+ Enable NUMA (Non-Uniform Memory Access) support.
1522	1556
1523	1557	The kernel will try to allocate memory used by a CPU on the
1524	1558	local memory controller of the CPU and add some more
..	..	@@ -1536,7 +1570,7 @@
1536	1570	def_bool y
1537	1571	prompt "Old style AMD Opteron NUMA detection"
1538	1572	depends on X86_64 && NUMA && PCI
1539		- ---help---
	1573	+ help
1540	1574	Enable AMD NUMA node topology detection. You should say Y here if
1541	1575	you have a multi processor AMD system. This uses an old method to
1542	1576	read the NUMA configuration directly from the builtin Northbridge
..	..	@@ -1548,22 +1582,13 @@
1548	1582	prompt "ACPI NUMA detection"
1549	1583	depends on X86_64 && NUMA && ACPI && PCI
1550	1584	select ACPI_NUMA
1551		- ---help---
	1585	+ help
1552	1586	Enable ACPI SRAT based node topology detection.
1553		-
1554		-# Some NUMA nodes have memory ranges that span
1555		-# other nodes. Even though a pfn is valid and
1556		-# between a node's start and end pfns, it may not
1557		-# reside on that node. See memmap_init_zone()
1558		-# for details.
1559		-config NODES_SPAN_OTHER_NODES
1560		- def_bool y
1561		- depends on X86_64_ACPI_NUMA
1562	1587
1563	1588	config NUMA_EMU
1564	1589	bool "NUMA emulation"
1565	1590	depends on NUMA
1566		- ---help---
	1591	+ help
1567	1592	Enable NUMA emulation. A flat machine will be split
1568	1593	into virtual nodes when booted with "numa=fake=N", where N is the
1569	1594	number of nodes. This is only useful for debugging.
..	..	@@ -1575,25 +1600,13 @@
1575	1600	default "6" if X86_64
1576	1601	default "3"
1577	1602	depends on NEED_MULTIPLE_NODES
1578		- ---help---
	1603	+ help
1579	1604	Specify the maximum number of NUMA Nodes available on the target
1580	1605	system. Increases memory reserved to accommodate various tables.
1581		-
1582		-config ARCH_HAVE_MEMORY_PRESENT
1583		- def_bool y
1584		- depends on X86_32 && DISCONTIGMEM
1585	1606
1586	1607	config ARCH_FLATMEM_ENABLE
1587	1608	def_bool y
1588	1609	depends on X86_32 && !NUMA
1589		-
1590		-config ARCH_DISCONTIGMEM_ENABLE
1591		- def_bool y
1592		- depends on NUMA && X86_32
1593		-
1594		-config ARCH_DISCONTIGMEM_DEFAULT
1595		- def_bool y
1596		- depends on NUMA && X86_32
1597	1610
1598	1611	config ARCH_SPARSEMEM_ENABLE
1599	1612	def_bool y
..	..	@@ -1602,8 +1615,7 @@
1602	1615	select SPARSEMEM_VMEMMAP_ENABLE if X86_64
1603	1616
1604	1617	config ARCH_SPARSEMEM_DEFAULT
1605		- def_bool y
1606		- depends on X86_64
	1618	+ def_bool X86_64 \|\| (NUMA && X86_32)
1607	1619
1608	1620	config ARCH_SELECT_MEMORY_MODEL
1609	1621	def_bool y
..	..	@@ -1614,7 +1626,7 @@
1614	1626	depends on X86_64 && MEMORY_HOTPLUG
1615	1627	help
1616	1628	This option enables a sysfs memory/probe interface for testing.
1617		- See Documentation/memory-hotplug.txt for more information.
	1629	+ See Documentation/admin-guide/mm/memory-hotplug.rst for more information.
1618	1630	If you are unsure how to answer this question, answer N.
1619	1631
1620	1632	config ARCH_PROC_KCORE_TEXT
..	..	@@ -1622,9 +1634,9 @@
1622	1634	depends on X86_64 && PROC_KCORE
1623	1635
1624	1636	config ILLEGAL_POINTER_VALUE
1625		- hex
1626		- default 0 if X86_32
1627		- default 0xdead000000000000 if X86_64
	1637	+ hex
	1638	+ default 0 if X86_32
	1639	+ default 0xdead000000000000 if X86_64
1628	1640
1629	1641	config X86_PMEM_LEGACY_DEVICE
1630	1642	bool
..	..	@@ -1634,6 +1646,7 @@
1634	1646	depends on PHYS_ADDR_T_64BIT
1635	1647	depends on BLK_DEV
1636	1648	select X86_PMEM_LEGACY_DEVICE
	1649	+ select NUMA_KEEP_MEMINFO if NUMA
1637	1650	select LIBNVDIMM
1638	1651	help
1639	1652	Treat memory marked using the non-standard e820 type of 12 as used
..	..	@@ -1646,7 +1659,7 @@
1646	1659	config HIGHPTE
1647	1660	bool "Allocate 3rd-level pagetables from highmem"
1648	1661	depends on HIGHMEM
1649		- ---help---
	1662	+ help
1650	1663	The VM uses one page table entry for each page of physical memory.
1651	1664	For systems with a lot of RAM, this can be wasteful of precious
1652	1665	low memory. Setting this option will put user-space page table
..	..	@@ -1654,7 +1667,7 @@
1654	1667
1655	1668	config X86_CHECK_BIOS_CORRUPTION
1656	1669	bool "Check for low memory corruption"
1657		- ---help---
	1670	+ help
1658	1671	Periodically check for memory corruption in low memory, which
1659	1672	is suspected to be caused by BIOS. Even when enabled in the
1660	1673	configuration, it is disabled at runtime. Enable it by
..	..	@@ -1678,7 +1691,7 @@
1678	1691	bool "Set the default setting of memory_corruption_check"
1679	1692	depends on X86_CHECK_BIOS_CORRUPTION
1680	1693	default y
1681		- ---help---
	1694	+ help
1682	1695	Set whether the default state of memory_corruption_check is
1683	1696	on or off.
1684	1697
..	..	@@ -1686,7 +1699,7 @@
1686	1699	int "Amount of low memory, in kilobytes, to reserve for the BIOS"
1687	1700	default 64
1688	1701	range 4 640
1689		- ---help---
	1702	+ help
1690	1703	Specify the amount of low memory to reserve for the BIOS.
1691	1704
1692	1705	The first page contains BIOS data structures that the kernel
..	..	@@ -1714,8 +1727,8 @@
1714	1727	config MATH_EMULATION
1715	1728	bool
1716	1729	depends on MODIFY_LDT_SYSCALL
1717		- prompt "Math emulation" if X86_32
1718		- ---help---
	1730	+ prompt "Math emulation" if X86_32 && (M486SX \|\| MELAN)
	1731	+ help
1719	1732	Linux can emulate a math coprocessor (used for floating point
1720	1733	operations) if you don't have one. 486DX and Pentium processors have
1721	1734	a math coprocessor built in, 486SX and 386 do not, unless you added
..	..	@@ -1741,7 +1754,7 @@
1741	1754	config MTRR
1742	1755	def_bool y
1743	1756	prompt "MTRR (Memory Type Range Register) support" if EXPERT
1744		- ---help---
	1757	+ help
1745	1758	On Intel P6 family processors (Pentium Pro, Pentium II and later)
1746	1759	the Memory Type Range Registers (MTRRs) may be used to control
1747	1760	processor access to memory ranges. This is most useful if you have
..	..	@@ -1771,13 +1784,13 @@
1771	1784	You can safely say Y even if your machine doesn't have MTRRs, you'll
1772	1785	just add about 9 KB to your kernel.
1773	1786
1774		- See <file:Documentation/x86/mtrr.txt> for more information.
	1787	+ See <file:Documentation/x86/mtrr.rst> for more information.
1775	1788
1776	1789	config MTRR_SANITIZER
1777	1790	def_bool y
1778	1791	prompt "MTRR cleanup support"
1779	1792	depends on MTRR
1780		- ---help---
	1793	+ help
1781	1794	Convert MTRR layout from continuous to discrete, so X drivers can
1782	1795	add writeback entries.
1783	1796
..	..	@@ -1792,7 +1805,7 @@
1792	1805	range 0 1
1793	1806	default "0"
1794	1807	depends on MTRR_SANITIZER
1795		- ---help---
	1808	+ help
1796	1809	Enable mtrr cleanup default value
1797	1810
1798	1811	config MTRR_SANITIZER_SPARE_REG_NR_DEFAULT
..	..	@@ -1800,7 +1813,7 @@
1800	1813	range 0 7
1801	1814	default "1"
1802	1815	depends on MTRR_SANITIZER
1803		- ---help---
	1816	+ help
1804	1817	mtrr cleanup spare entries default, it can be changed via
1805	1818	mtrr_spare_reg_nr=N on the kernel command line.
1806	1819
..	..	@@ -1808,7 +1821,7 @@
1808	1821	def_bool y
1809	1822	prompt "x86 PAT support" if EXPERT
1810	1823	depends on MTRR
1811		- ---help---
	1824	+ help
1812	1825	Use PAT attributes to setup page level cache control.
1813	1826
1814	1827	PATs are the modern equivalents of MTRRs and are much more
..	..	@@ -1826,7 +1839,7 @@
1826	1839	config ARCH_RANDOM
1827	1840	def_bool y
1828	1841	prompt "x86 architectural random number generator" if EXPERT
1829		- ---help---
	1842	+ help
1830	1843	Enable the x86 architectural RDRAND instruction
1831	1844	(Intel Bull Mountain technology) to generate random numbers.
1832	1845	If supported, this is a high bandwidth, cryptographically
..	..	@@ -1835,7 +1848,7 @@
1835	1848	config X86_SMAP
1836	1849	def_bool y
1837	1850	prompt "Supervisor Mode Access Prevention" if EXPERT
1838		- ---help---
	1851	+ help
1839	1852	Supervisor Mode Access Prevention (SMAP) is a security
1840	1853	feature in newer Intel processors. There is a small
1841	1854	performance cost if this enabled and turned on; there is
..	..	@@ -1843,63 +1856,34 @@
1843	1856
1844	1857	If unsure, say Y.
1845	1858
1846		-config X86_INTEL_UMIP
	1859	+config X86_UMIP
1847	1860	def_bool y
1848		- depends on CPU_SUP_INTEL
1849		- prompt "Intel User Mode Instruction Prevention" if EXPERT
1850		- ---help---
1851		- The User Mode Instruction Prevention (UMIP) is a security
1852		- feature in newer Intel processors. If enabled, a general
1853		- protection fault is issued if the SGDT, SLDT, SIDT, SMSW
1854		- or STR instructions are executed in user mode. These instructions
1855		- unnecessarily expose information about the hardware state.
	1861	+ prompt "User Mode Instruction Prevention" if EXPERT
	1862	+ help
	1863	+ User Mode Instruction Prevention (UMIP) is a security feature in
	1864	+ some x86 processors. If enabled, a general protection fault is
	1865	+ issued if the SGDT, SLDT, SIDT, SMSW or STR instructions are
	1866	+ executed in user mode. These instructions unnecessarily expose
	1867	+ information about the hardware state.
1856	1868
1857	1869	The vast majority of applications do not use these instructions.
1858	1870	For the very few that do, software emulation is provided in
1859	1871	specific cases in protected and virtual-8086 modes. Emulated
1860	1872	results are dummy.
1861	1873
1862		-config X86_INTEL_MPX
1863		- prompt "Intel MPX (Memory Protection Extensions)"
1864		- def_bool n
1865		- # Note: only available in 64-bit mode due to VMA flags shortage
1866		- depends on CPU_SUP_INTEL && X86_64
1867		- select ARCH_USES_HIGH_VMA_FLAGS
1868		- ---help---
1869		- MPX provides hardware features that can be used in
1870		- conjunction with compiler-instrumented code to check
1871		- memory references. It is designed to detect buffer
1872		- overflow or underflow bugs.
1873		-
1874		- This option enables running applications which are
1875		- instrumented or otherwise use MPX. It does not use MPX
1876		- itself inside the kernel or to protect the kernel
1877		- against bad memory references.
1878		-
1879		- Enabling this option will make the kernel larger:
1880		- ~8k of kernel text and 36 bytes of data on a 64-bit
1881		- defconfig. It adds a long to the 'mm_struct' which
1882		- will increase the kernel memory overhead of each
1883		- process and adds some branches to paths used during
1884		- exec() and munmap().
1885		-
1886		- For details, see Documentation/x86/intel_mpx.txt
1887		-
1888		- If unsure, say N.
1889		-
1890	1874	config X86_INTEL_MEMORY_PROTECTION_KEYS
1891		- prompt "Intel Memory Protection Keys"
	1875	+ prompt "Memory Protection Keys"
1892	1876	def_bool y
1893	1877	# Note: only available in 64-bit mode
1894		- depends on CPU_SUP_INTEL && X86_64
	1878	+ depends on X86_64 && (CPU_SUP_INTEL \|\| CPU_SUP_AMD)
1895	1879	select ARCH_USES_HIGH_VMA_FLAGS
1896	1880	select ARCH_HAS_PKEYS
1897		- ---help---
	1881	+ help
1898	1882	Memory Protection Keys provides a mechanism for enforcing
1899	1883	page-based protections, but without requiring modification of the
1900	1884	page tables when an application changes protection domains.
1901	1885
1902		- For details, see Documentation/x86/protection-keys.txt
	1886	+ For details, see Documentation/core-api/protection-keys.rst
1903	1887
1904	1888	If unsure, say y.
1905	1889
..	..	@@ -1954,7 +1938,7 @@
1954	1938	select UCS2_STRING
1955	1939	select EFI_RUNTIME_WRAPPERS
1956	1940	select ARCH_USE_MEMREMAP_PROT
1957		- ---help---
	1941	+ help
1958	1942	This enables the kernel to use EFI runtime services that are
1959	1943	available (such as the EFI variable services).
1960	1944
..	..	@@ -1966,19 +1950,19 @@
1966	1950	platforms.
1967	1951
1968	1952	config EFI_STUB
1969		- bool "EFI stub support"
1970		- depends on EFI && !X86_USE_3DNOW
1971		- select RELOCATABLE
1972		- ---help---
1973		- This kernel feature allows a bzImage to be loaded directly
	1953	+ bool "EFI stub support"
	1954	+ depends on EFI && !X86_USE_3DNOW
	1955	+ select RELOCATABLE
	1956	+ help
	1957	+ This kernel feature allows a bzImage to be loaded directly
1974	1958	by EFI firmware without the use of a bootloader.
1975	1959
1976		- See Documentation/efi-stub.txt for more information.
	1960	+ See Documentation/admin-guide/efi-stub.rst for more information.
1977	1961
1978	1962	config EFI_MIXED
1979	1963	bool "EFI mixed-mode support"
1980	1964	depends on EFI_STUB && X86_64
1981		- ---help---
	1965	+ help
1982	1966	Enabling this feature allows a 64-bit kernel to be booted
1983	1967	on a 32-bit firmware, provided that your CPU supports 64-bit
1984	1968	mode.
..	..	@@ -1989,28 +1973,12 @@
1989	1973
1990	1974	If unsure, say N.
1991	1975
1992		-config SECCOMP
1993		- def_bool y
1994		- prompt "Enable seccomp to safely compute untrusted bytecode"
1995		- ---help---
1996		- This kernel feature is useful for number crunching applications
1997		- that may need to compute untrusted bytecode during their
1998		- execution. By using pipes or other transports made available to
1999		- the process as file descriptors supporting the read/write
2000		- syscalls, it's possible to isolate those applications in
2001		- their own address space using seccomp. Once seccomp is
2002		- enabled via prctl(PR_SET_SECCOMP), it cannot be disabled
2003		- and the task is only allowed to execute a few safe syscalls
2004		- defined by each seccomp mode.
2005		-
2006		- If unsure, say Y. Only embedded should say N here.
2007		-
2008		-source kernel/Kconfig.hz
	1976	+source "kernel/Kconfig.hz"
2009	1977
2010	1978	config KEXEC
2011	1979	bool "kexec system call"
2012	1980	select KEXEC_CORE
2013		- ---help---
	1981	+ help
2014	1982	kexec is a system call that implements the ability to shutdown your
2015	1983	current kernel, and to start another kernel. It is like a reboot
2016	1984	but it is independent of the system firmware. And like a reboot
..	..	@@ -2031,7 +1999,7 @@
2031	1999	depends on X86_64
2032	2000	depends on CRYPTO=y
2033	2001	depends on CRYPTO_SHA256=y
2034		- ---help---
	2002	+ help
2035	2003	This is new version of kexec system call. This system call is
2036	2004	file based and takes file descriptors as system call argument
2037	2005	for kernel and initramfs as opposed to list of segments as
..	..	@@ -2040,29 +2008,39 @@
2040	2008	config ARCH_HAS_KEXEC_PURGATORY
2041	2009	def_bool KEXEC_FILE
2042	2010
2043		-config KEXEC_VERIFY_SIG
	2011	+config KEXEC_SIG
2044	2012	bool "Verify kernel signature during kexec_file_load() syscall"
2045	2013	depends on KEXEC_FILE
2046		- ---help---
2047		- This option makes kernel signature verification mandatory for
2048		- the kexec_file_load() syscall.
	2014	+ help
2049	2015
2050		- In addition to that option, you need to enable signature
	2016	+ This option makes the kexec_file_load() syscall check for a valid
	2017	+ signature of the kernel image. The image can still be loaded without
	2018	+ a valid signature unless you also enable KEXEC_SIG_FORCE, though if
	2019	+ there's a signature that we can check, then it must be valid.
	2020	+
	2021	+ In addition to this option, you need to enable signature
2051	2022	verification for the corresponding kernel image type being
2052	2023	loaded in order for this to work.
2053	2024
	2025	+config KEXEC_SIG_FORCE
	2026	+ bool "Require a valid signature in kexec_file_load() syscall"
	2027	+ depends on KEXEC_SIG
	2028	+ help
	2029	+ This option makes kernel signature verification mandatory for
	2030	+ the kexec_file_load() syscall.
	2031	+
2054	2032	config KEXEC_BZIMAGE_VERIFY_SIG
2055	2033	bool "Enable bzImage signature verification support"
2056		- depends on KEXEC_VERIFY_SIG
	2034	+ depends on KEXEC_SIG
2057	2035	depends on SIGNED_PE_FILE_VERIFICATION
2058	2036	select SYSTEM_TRUSTED_KEYRING
2059		- ---help---
	2037	+ help
2060	2038	Enable bzImage signature verification support.
2061	2039
2062	2040	config CRASH_DUMP
2063	2041	bool "kernel crash dumps"
2064	2042	depends on X86_64 \|\| (X86_32 && HIGHMEM)
2065		- ---help---
	2043	+ help
2066	2044	Generate crash dump after being started by kexec.
2067	2045	This should be normally only set in special crash dump kernels
2068	2046	which are loaded in the main kernel with kexec-tools into
..	..	@@ -2071,19 +2049,19 @@
2071	2049	to a memory address not used by the main kernel or BIOS using
2072	2050	PHYSICAL_START, or it must be built as a relocatable image
2073	2051	(CONFIG_RELOCATABLE=y).
2074		- For more details see Documentation/kdump/kdump.txt
	2052	+ For more details see Documentation/admin-guide/kdump/kdump.rst
2075	2053
2076	2054	config KEXEC_JUMP
2077	2055	bool "kexec jump"
2078	2056	depends on KEXEC && HIBERNATION
2079		- ---help---
	2057	+ help
2080	2058	Jump between original kernel and kexeced kernel and invoke
2081	2059	code in physical address mode via KEXEC
2082	2060
2083	2061	config PHYSICAL_START
2084	2062	hex "Physical address where the kernel is loaded" if (EXPERT \|\| CRASH_DUMP)
2085	2063	default "0x1000000"
2086		- ---help---
	2064	+ help
2087	2065	This gives the physical address where the kernel is loaded.
2088	2066
2089	2067	If kernel is a not relocatable (CONFIG_RELOCATABLE=n) then
..	..	@@ -2108,7 +2086,7 @@
2108	2086	the reserved region. In other words, it can be set based on
2109	2087	the "X" value as specified in the "crashkernel=YM@XM"
2110	2088	command line boot parameter passed to the panic-ed
2111		- kernel. Please take a look at Documentation/kdump/kdump.txt
	2089	+ kernel. Please take a look at Documentation/admin-guide/kdump/kdump.rst
2112	2090	for more details about crash dumps.
2113	2091
2114	2092	Usage of bzImage for capturing the crash dump is recommended as
..	..	@@ -2124,7 +2102,7 @@
2124	2102	config RELOCATABLE
2125	2103	bool "Build a relocatable kernel"
2126	2104	default y
2127		- ---help---
	2105	+ help
2128	2106	This builds a kernel image that retains relocation information
2129	2107	so it can be loaded someplace besides the default 1MB.
2130	2108	The relocations tend to make the kernel binary about 10% larger,
..	..	@@ -2142,7 +2120,7 @@
2142	2120	bool "Randomize the address of the kernel image (KASLR)"
2143	2121	depends on RELOCATABLE
2144	2122	default y
2145		- ---help---
	2123	+ help
2146	2124	In support of Kernel Address Space Layout Randomization (KASLR),
2147	2125	this randomizes the physical address at which the kernel image
2148	2126	is decompressed and the virtual address where the kernel
..	..	@@ -2183,7 +2161,7 @@
2183	2161	default "0x200000"
2184	2162	range 0x2000 0x1000000 if X86_32
2185	2163	range 0x200000 0x1000000 if X86_64
2186		- ---help---
	2164	+ help
2187	2165	This value puts the alignment restrictions on physical address
2188	2166	where kernel is loaded and run from. Kernel is compiled for an
2189	2167	address which meets above alignment restriction.
..	..	@@ -2207,7 +2185,7 @@
2207	2185
2208	2186	config DYNAMIC_MEMORY_LAYOUT
2209	2187	bool
2210		- ---help---
	2188	+ help
2211	2189	This option makes base addresses of vmalloc and vmemmap as well as
2212	2190	__PAGE_OFFSET movable during boot.
2213	2191
..	..	@@ -2217,7 +2195,7 @@
2217	2195	depends on RANDOMIZE_BASE
2218	2196	select DYNAMIC_MEMORY_LAYOUT
2219	2197	default RANDOMIZE_BASE
2220		- ---help---
	2198	+ help
2221	2199	Randomizes the base virtual address of kernel memory sections
2222	2200	(physical memory mapping, vmalloc & vmemmap). This security feature
2223	2201	makes exploits relying on predictable memory locations less reliable.
..	..	@@ -2236,7 +2214,7 @@
2236	2214	default "0x0"
2237	2215	range 0x1 0x40 if MEMORY_HOTPLUG
2238	2216	range 0x0 0x40
2239		- ---help---
	2217	+ help
2240	2218	Define the padding in terabytes added to the existing physical
2241	2219	memory size during kernel memory randomization. It is useful
2242	2220	for memory hotplug support but reduces the entropy available for
..	..	@@ -2250,9 +2228,8 @@
2250	2228
2251	2229	config BOOTPARAM_HOTPLUG_CPU0
2252	2230	bool "Set default setting of cpu0_hotpluggable"
2253		- default n
2254	2231	depends on HOTPLUG_CPU
2255		- ---help---
	2232	+ help
2256	2233	Set whether default state of cpu0_hotpluggable is on or off.
2257	2234
2258	2235	Say Y here to enable CPU0 hotplug by default. If this switch
..	..	@@ -2281,7 +2258,7 @@
2281	2258	def_bool n
2282	2259	prompt "Debug CPU0 hotplug"
2283	2260	depends on HOTPLUG_CPU
2284		- ---help---
	2261	+ help
2285	2262	Enabling this option offlines CPU0 (if CPU0 can be offlined) as
2286	2263	soon as possible and boots up userspace with CPU0 offlined. User
2287	2264	can online CPU0 back after boot time.
..	..	@@ -2296,7 +2273,7 @@
2296	2273	def_bool n
2297	2274	prompt "Disable the 32-bit vDSO (needed for glibc 2.3.3)"
2298	2275	depends on COMPAT_32
2299		- ---help---
	2276	+ help
2300	2277	Certain buggy versions of glibc will crash if they are
2301	2278	presented with a 32-bit vDSO that is not mapped at the address
2302	2279	indicated in its segment table.
..	..	@@ -2320,7 +2297,7 @@
2320	2297	choice
2321	2298	prompt "vsyscall table for legacy applications"
2322	2299	depends on X86_64
2323		- default LEGACY_VSYSCALL_EMULATE
	2300	+ default LEGACY_VSYSCALL_XONLY
2324	2301	help
2325	2302	Legacy user code that does not know how to find the vDSO expects
2326	2303	to be able to issue three syscalls by calling fixed addresses in
..	..	@@ -2328,23 +2305,38 @@
2328	2305	it can be used to assist security vulnerability exploitation.
2329	2306
2330	2307	This setting can be changed at boot time via the kernel command
2331		- line parameter vsyscall=[emulate\|none].
	2308	+ line parameter vsyscall=[emulate\|xonly\|none].
2332	2309
2333	2310	On a system with recent enough glibc (2.14 or newer) and no
2334	2311	static binaries, you can say None without a performance penalty
2335	2312	to improve security.
2336	2313
2337		- If unsure, select "Emulate".
	2314	+ If unsure, select "Emulate execution only".
2338	2315
2339	2316	config LEGACY_VSYSCALL_EMULATE
2340		- bool "Emulate"
	2317	+ bool "Full emulation"
2341	2318	help
2342		- The kernel traps and emulates calls into the fixed
2343		- vsyscall address mapping. This makes the mapping
2344		- non-executable, but it still contains known contents,
2345		- which could be used in certain rare security vulnerability
2346		- exploits. This configuration is recommended when userspace
2347		- still uses the vsyscall area.
	2319	+ The kernel traps and emulates calls into the fixed vsyscall
	2320	+ address mapping. This makes the mapping non-executable, but
	2321	+ it still contains readable known contents, which could be
	2322	+ used in certain rare security vulnerability exploits. This
	2323	+ configuration is recommended when using legacy userspace
	2324	+ that still uses vsyscalls along with legacy binary
	2325	+ instrumentation tools that require code to be readable.
	2326	+
	2327	+ An example of this type of legacy userspace is running
	2328	+ Pin on an old binary that still uses vsyscalls.
	2329	+
	2330	+ config LEGACY_VSYSCALL_XONLY
	2331	+ bool "Emulate execution only"
	2332	+ help
	2333	+ The kernel traps and emulates calls into the fixed vsyscall
	2334	+ address mapping and does not allow reads. This
	2335	+ configuration is recommended when userspace might use the
	2336	+ legacy vsyscall area but support for legacy binary
	2337	+ instrumentation of legacy code is not needed. It mitigates
	2338	+ certain uses of the vsyscall area as an ASLR-bypassing
	2339	+ buffer.
2348	2340
2349	2341	config LEGACY_VSYSCALL_NONE
2350	2342	bool "None"
..	..	@@ -2359,7 +2351,7 @@
2359	2351
2360	2352	config CMDLINE_BOOL
2361	2353	bool "Built-in kernel command line"
2362		- ---help---
	2354	+ help
2363	2355	Allow for specifying boot arguments to the kernel at
2364	2356	build time. On some systems (e.g. embedded ones), it is
2365	2357	necessary or convenient to provide some or all of the
..	..	@@ -2377,7 +2369,7 @@
2377	2369	string "Built-in kernel command string"
2378	2370	depends on CMDLINE_BOOL
2379	2371	default ""
2380		- ---help---
	2372	+ help
2381	2373	Enter arguments here that should be compiled into the kernel
2382	2374	image and used at boot time. If the boot loader provides a
2383	2375	command line at boot time, it is appended to this string to
..	..	@@ -2392,8 +2384,8 @@
2392	2384
2393	2385	config CMDLINE_OVERRIDE
2394	2386	bool "Built-in command line overrides boot loader arguments"
2395		- depends on CMDLINE_BOOL
2396		- ---help---
	2387	+ depends on CMDLINE_BOOL && CMDLINE != ""
	2388	+ help
2397	2389	Set this option to 'Y' to have the kernel ignore the boot loader
2398	2390	command line, and use ONLY the built-in command line.
2399	2391
..	..	@@ -2403,7 +2395,7 @@
2403	2395	config MODIFY_LDT_SYSCALL
2404	2396	bool "Enable the LDT (local descriptor table)" if EXPERT
2405	2397	default y
2406		- ---help---
	2398	+ help
2407	2399	Linux can allow user programs to install a per-process x86
2408	2400	Local Descriptor Table (LDT) using the modify_ldt(2) system
2409	2401	call. This is required to run 16-bit or segmented code such as
..	..	@@ -2419,6 +2411,88 @@
2419	2411	source "kernel/livepatch/Kconfig"
2420	2412
2421	2413	endmenu
	2414	+
	2415	+config CC_HAS_SLS
	2416	+ def_bool $(cc-option,-mharden-sls=all)
	2417	+
	2418	+config CC_HAS_RETURN_THUNK
	2419	+ def_bool $(cc-option,-mfunction-return=thunk-extern)
	2420	+
	2421	+menuconfig SPECULATION_MITIGATIONS
	2422	+ bool "Mitigations for speculative execution vulnerabilities"
	2423	+ default y
	2424	+ help
	2425	+ Say Y here to enable options which enable mitigations for
	2426	+ speculative execution hardware vulnerabilities.
	2427	+
	2428	+ If you say N, all mitigations will be disabled. You really
	2429	+ should know what you are doing to say so.
	2430	+
	2431	+if SPECULATION_MITIGATIONS
	2432	+
	2433	+config PAGE_TABLE_ISOLATION
	2434	+ bool "Remove the kernel mapping in user mode"
	2435	+ default y
	2436	+ depends on (X86_64 \|\| X86_PAE)
	2437	+ help
	2438	+ This feature reduces the number of hardware side channels by
	2439	+ ensuring that the majority of kernel addresses are not mapped
	2440	+ into userspace.
	2441	+
	2442	+ See Documentation/x86/pti.rst for more details.
	2443	+
	2444	+config RETPOLINE
	2445	+ bool "Avoid speculative indirect branches in kernel"
	2446	+ default y
	2447	+ help
	2448	+ Compile kernel with the retpoline compiler options to guard against
	2449	+ kernel-to-user data leaks by avoiding speculative indirect
	2450	+ branches. Requires a compiler with -mindirect-branch=thunk-extern
	2451	+ support for full protection. The kernel may run slower.
	2452	+
	2453	+config RETHUNK
	2454	+ bool "Enable return-thunks"
	2455	+ depends on RETPOLINE && CC_HAS_RETURN_THUNK
	2456	+ default y if X86_64
	2457	+ help
	2458	+ Compile the kernel with the return-thunks compiler option to guard
	2459	+ against kernel-to-user data leaks by avoiding return speculation.
	2460	+ Requires a compiler with -mfunction-return=thunk-extern
	2461	+ support for full protection. The kernel may run slower.
	2462	+
	2463	+config CPU_UNRET_ENTRY
	2464	+ bool "Enable UNRET on kernel entry"
	2465	+ depends on CPU_SUP_AMD && RETHUNK && X86_64
	2466	+ default y
	2467	+ help
	2468	+ Compile the kernel with support for the retbleed=unret mitigation.
	2469	+
	2470	+config CPU_IBPB_ENTRY
	2471	+ bool "Enable IBPB on kernel entry"
	2472	+ depends on CPU_SUP_AMD && X86_64
	2473	+ default y
	2474	+ help
	2475	+ Compile the kernel with support for the retbleed=ibpb mitigation.
	2476	+
	2477	+config CPU_IBRS_ENTRY
	2478	+ bool "Enable IBRS on kernel entry"
	2479	+ depends on CPU_SUP_INTEL && X86_64
	2480	+ default y
	2481	+ help
	2482	+ Compile the kernel with support for the spectre_v2=ibrs mitigation.
	2483	+ This mitigates both spectre_v2 and retbleed at great cost to
	2484	+ performance.
	2485	+
	2486	+config SLS
	2487	+ bool "Mitigate Straight-Line-Speculation"
	2488	+ depends on CC_HAS_SLS && X86_64
	2489	+ default n
	2490	+ help
	2491	+ Compile the kernel with straight-line-speculation options to guard
	2492	+ against straight line speculation. The kernel image might be slightly
	2493	+ larger.
	2494	+
	2495	+endif
2422	2496
2423	2497	config ARCH_HAS_ADD_PAGES
2424	2498	def_bool y
..	..	@@ -2452,7 +2526,7 @@
2452	2526
2453	2527	config ARCH_HIBERNATION_HEADER
2454	2528	def_bool y
2455		- depends on X86_64 && HIBERNATION
	2529	+ depends on HIBERNATION
2456	2530
2457	2531	source "kernel/power/Kconfig"
2458	2532
..	..	@@ -2467,7 +2541,7 @@
2467	2541	menuconfig APM
2468	2542	tristate "APM (Advanced Power Management) BIOS support"
2469	2543	depends on X86_32 && PM_SLEEP
2470		- ---help---
	2544	+ help
2471	2545	APM is a BIOS specification for saving power using several different
2472	2546	techniques. This is mostly useful for battery powered laptops with
2473	2547	APM compliant BIOSes. If you say Y here, the system time will be
..	..	@@ -2482,7 +2556,7 @@
2482	2556	machines with more than one CPU.
2483	2557
2484	2558	In order to use APM, you will need supporting software. For location
2485		- and more information, read <file:Documentation/power/apm-acpi.txt>
	2559	+ and more information, read <file:Documentation/power/apm-acpi.rst>
2486	2560	and the Battery Powered Linux mini-HOWTO, available from
2487	2561	<http://www.tldp.org/docs.html#howto>.
2488	2562
..	..	@@ -2527,14 +2601,14 @@
2527	2601
2528	2602	config APM_IGNORE_USER_SUSPEND
2529	2603	bool "Ignore USER SUSPEND"
2530		- ---help---
	2604	+ help
2531	2605	This option will ignore USER SUSPEND requests. On machines with a
2532	2606	compliant APM BIOS, you want to say N. However, on the NEC Versa M
2533	2607	series notebooks, it is necessary to say Y because of a BIOS bug.
2534	2608
2535	2609	config APM_DO_ENABLE
2536	2610	bool "Enable PM at boot time"
2537		- ---help---
	2611	+ help
2538	2612	Enable APM features at boot time. From page 36 of the APM BIOS
2539	2613	specification: "When disabled, the APM BIOS does not automatically
2540	2614	power manage devices, enter the Standby State, enter the Suspend
..	..	@@ -2552,7 +2626,7 @@
2552	2626	config APM_CPU_IDLE
2553	2627	depends on CPU_IDLE
2554	2628	bool "Make CPU Idle calls when idle"
2555		- ---help---
	2629	+ help
2556	2630	Enable calls to APM CPU Idle/CPU Busy inside the kernel's idle loop.
2557	2631	On some machines, this can activate improved power savings, such as
2558	2632	a slowed CPU clock rate, when the machine is idle. These idle calls
..	..	@@ -2563,7 +2637,7 @@
2563	2637
2564	2638	config APM_DISPLAY_BLANK
2565	2639	bool "Enable console blanking using APM"
2566		- ---help---
	2640	+ help
2567	2641	Enable console blanking using the APM. Some laptops can use this to
2568	2642	turn off the LCD backlight when the screen blanker of the Linux
2569	2643	virtual console blanks the screen. Note that this is only used by
..	..	@@ -2576,7 +2650,7 @@
2576	2650
2577	2651	config APM_ALLOW_INTS
2578	2652	bool "Allow interrupts during APM BIOS calls"
2579		- ---help---
	2653	+ help
2580	2654	Normally we disable external interrupts while we are making calls to
2581	2655	the APM BIOS as a measure to lessen the effects of a badly behaving
2582	2656	BIOS implementation. The BIOS should reenable interrupts if it
..	..	@@ -2597,20 +2671,11 @@
2597	2671
2598	2672	menu "Bus options (PCI etc.)"
2599	2673
2600		-config PCI
2601		- bool "PCI support"
2602		- default y
2603		- ---help---
2604		- Find out whether you have a PCI motherboard. PCI is the name of a
2605		- bus system, i.e. the way the CPU talks to the other stuff inside
2606		- your box. Other bus systems are ISA, EISA, MicroChannel (MCA) or
2607		- VESA. If you have PCI, say Y, otherwise N.
2608		-
2609	2674	choice
2610	2675	prompt "PCI access mode"
2611	2676	depends on X86_32 && PCI
2612	2677	default PCI_GOANY
2613		- ---help---
	2678	+ help
2614	2679	On PCI systems, the BIOS can be used to detect the PCI devices and
2615	2680	determine their configuration. However, some old PCI motherboards
2616	2681	have BIOS bugs and may crash if this is done. Also, some embedded
..	..	@@ -2667,10 +2732,6 @@
2667	2732	depends on PCI && XEN
2668	2733	select SWIOTLB_XEN
2669	2734
2670		-config PCI_DOMAINS
2671		- def_bool y
2672		- depends on PCI
2673		-
2674	2735	config MMCONF_FAM10H
2675	2736	def_bool y
2676	2737	depends on X86_64 && PCI_MMCONFIG && ACPI
..	..	@@ -2687,8 +2748,6 @@
2687	2748	is known to be incomplete.
2688	2749
2689	2750	You should say N unless you know you need this.
2690		-
2691		-source "drivers/pci/Kconfig"
2692	2751
2693	2752	config ISA_BUS
2694	2753	bool "ISA bus support on modern systems" if EXPERT
..	..	@@ -2713,34 +2772,16 @@
2713	2772
2714	2773	config ISA
2715	2774	bool "ISA support"
2716		- ---help---
	2775	+ help
2717	2776	Find out whether you have ISA slots on your motherboard. ISA is the
2718	2777	name of a bus system, i.e. the way the CPU talks to the other stuff
2719	2778	inside your box. Other bus systems are PCI, EISA, MicroChannel
2720	2779	(MCA) or VESA. ISA is an older system, now being displaced by PCI;
2721	2780	newer boards don't support it. If you have ISA, say Y, otherwise N.
2722	2781
2723		-config EISA
2724		- bool "EISA support"
2725		- depends on ISA
2726		- ---help---
2727		- The Extended Industry Standard Architecture (EISA) bus was
2728		- developed as an open alternative to the IBM MicroChannel bus.
2729		-
2730		- The EISA bus provided some of the features of the IBM MicroChannel
2731		- bus while maintaining backward compatibility with cards made for
2732		- the older ISA bus. The EISA bus saw limited use between 1988 and
2733		- 1995 when it was made obsolete by the PCI bus.
2734		-
2735		- Say Y here if you are building a kernel for an EISA-based machine.
2736		-
2737		- Otherwise, say N.
2738		-
2739		-source "drivers/eisa/Kconfig"
2740		-
2741	2782	config SCx200
2742	2783	tristate "NatSemi SCx200 support"
2743		- ---help---
	2784	+ help
2744	2785	This provides basic support for National Semiconductor's
2745	2786	(now AMD's) Geode processors. The driver probes for the
2746	2787	PCI-IDs of several on-chip devices, so its a good dependency
..	..	@@ -2752,7 +2793,7 @@
2752	2793	tristate "NatSemi SCx200 27MHz High-Resolution Timer Support"
2753	2794	depends on SCx200
2754	2795	default y
2755		- ---help---
	2796	+ help
2756	2797	This driver provides a clocksource built upon the on-chip
2757	2798	27MHz high-resolution timer. Its also a workaround for
2758	2799	NSC Geode SC-1100's buggy TSC, which loses time when the
..	..	@@ -2766,20 +2807,21 @@
2766	2807	select OF
2767	2808	select OF_PROMTREE
2768	2809	select IRQ_DOMAIN
2769		- ---help---
	2810	+ select OLPC_EC
	2811	+ help
2770	2812	Add support for detecting the unique features of the OLPC
2771	2813	XO hardware.
2772	2814
2773	2815	config OLPC_XO1_PM
2774	2816	bool "OLPC XO-1 Power Management"
2775	2817	depends on OLPC && MFD_CS5535=y && PM_SLEEP
2776		- ---help---
	2818	+ help
2777	2819	Add support for poweroff and suspend of the OLPC XO-1 laptop.
2778	2820
2779	2821	config OLPC_XO1_RTC
2780	2822	bool "OLPC XO-1 Real Time Clock"
2781	2823	depends on OLPC_XO1_PM && RTC_DRV_CMOS
2782		- ---help---
	2824	+ help
2783	2825	Add support for the XO-1 real time clock, which can be used as a
2784	2826	programmable wakeup source.
2785	2827
..	..	@@ -2788,7 +2830,7 @@
2788	2830	depends on OLPC && OLPC_XO1_PM && GPIO_CS5535=y
2789	2831	depends on INPUT=y
2790	2832	select POWER_SUPPLY
2791		- ---help---
	2833	+ help
2792	2834	Add support for SCI-based features of the OLPC XO-1 laptop:
2793	2835	- EC-driven system wakeups
2794	2836	- Power button
..	..	@@ -2801,7 +2843,7 @@
2801	2843	bool "OLPC XO-1.5 SCI extras"
2802	2844	depends on OLPC && ACPI
2803	2845	select POWER_SUPPLY
2804		- ---help---
	2846	+ help
2805	2847	Add support for SCI-based features of the OLPC XO-1.5 laptop:
2806	2848	- EC-driven system wakeups
2807	2849	- AC adapter status updates
..	..	@@ -2810,7 +2852,7 @@
2810	2852	config ALIX
2811	2853	bool "PCEngines ALIX System Support (LED setup)"
2812	2854	select GPIOLIB
2813		- ---help---
	2855	+ help
2814	2856	This option enables system support for the PCEngines ALIX.
2815	2857	At present this just sets up LEDs for GPIO control on
2816	2858	ALIX2/3/6 boards. However, other system specific setup should
..	..	@@ -2824,14 +2866,14 @@
2824	2866	config NET5501
2825	2867	bool "Soekris Engineering net5501 System Support (LEDS, GPIO, etc)"
2826	2868	select GPIOLIB
2827		- ---help---
	2869	+ help
2828	2870	This option enables system support for the Soekris Engineering net5501.
2829	2871
2830	2872	config GEOS
2831	2873	bool "Traverse Technologies GEOS System Support (LEDS, GPIO, etc)"
2832	2874	select GPIOLIB
2833	2875	depends on DMI
2834		- ---help---
	2876	+ help
2835	2877	This option enables system support for the Traverse Technologies GEOS.
2836	2878
2837	2879	config TS5500
..	..	@@ -2840,7 +2882,7 @@
2840	2882	select CHECK_SIGNATURE
2841	2883	select NEW_LEDS
2842	2884	select LEDS_CLASS
2843		- ---help---
	2885	+ help
2844	2886	This option enables system support for the Technologic Systems TS-5500.
2845	2887
2846	2888	endif # X86_32
..	..	@@ -2848,18 +2890,6 @@
2848	2890	config AMD_NB
2849	2891	def_bool y
2850	2892	depends on CPU_SUP_AMD && PCI
2851		-
2852		-source "drivers/pcmcia/Kconfig"
2853		-
2854		-config RAPIDIO
2855		- tristate "RapidIO support"
2856		- depends on PCI
2857		- default n
2858		- help
2859		- If enabled this option will include drivers and the core
2860		- infrastructure code to support RapidIO interconnect devices.
2861		-
2862		-source "drivers/rapidio/Kconfig"
2863	2893
2864	2894	config X86_SYSFB
2865	2895	bool "Mark VGA/VBE/EFI FB as generic system framebuffer"
..	..	@@ -2899,7 +2929,7 @@
2899	2929	select BINFMT_ELF
2900	2930	select COMPAT_BINFMT_ELF
2901	2931	select COMPAT_OLD_SIGACTION
2902		- ---help---
	2932	+ help
2903	2933	Include code to run legacy 32-bit programs under a
2904	2934	64-bit kernel. You should likely turn this on, unless you're
2905	2935	100% sure that you don't have any 32-bit programs left.
..	..	@@ -2907,13 +2937,19 @@
2907	2937	config IA32_AOUT
2908	2938	tristate "IA32 a.out support"
2909	2939	depends on IA32_EMULATION
2910		- ---help---
	2940	+ depends on BROKEN
	2941	+ help
2911	2942	Support old a.out binaries in the 32bit emulation.
2912	2943
2913	2944	config X86_X32
2914	2945	bool "x32 ABI for 64-bit mode"
2915	2946	depends on X86_64
2916		- ---help---
	2947	+ # llvm-objcopy does not convert x86_64 .note.gnu.property or
	2948	+ # compressed debug sections to x86_x32 properly:
	2949	+ # https://github.com/ClangBuiltLinux/linux/issues/514
	2950	+ # https://github.com/ClangBuiltLinux/linux/issues/1141
	2951	+ depends on $(success,$(OBJCOPY) --version \| head -n1 \| grep -qv llvm)
	2952	+ help
2917	2953	Include code to run binaries for the x32 native 32-bit ABI
2918	2954	for 64-bit processors. An x32 process gets access to the
2919	2955	full 64-bit register file and wide data path while leaving
..	..	@@ -2949,17 +2985,8 @@
2949	2985	def_bool y
2950	2986	depends on X86_32
2951	2987
2952		-config X86_DEV_DMA_OPS
2953		- bool
2954		- depends on X86_64 \|\| STA2X11
2955		-
2956		-config X86_DMA_REMAP
2957		- bool
2958		- depends on STA2X11
2959		-
2960		-config HAVE_GENERIC_GUP
2961		- def_bool y
2962		-
2963	2988	source "drivers/firmware/Kconfig"
2964	2989
2965	2990	source "arch/x86/kvm/Kconfig"
	2991	+
	2992	+source "arch/x86/Kconfig.assembler"