~hc/RK356X_SDK_RELEASE.git

..	..	@@ -3,7 +3,7 @@
3	3	config 64BIT
4	4	bool "64-bit kernel" if "$(ARCH)" = "x86"
5	5	default "$(ARCH)" != "i386"
6		- ---help---
	6	+ help
7	7	Say yes to build a 64-bit kernel - formerly known as x86_64
8	8	Say no to build a 32-bit kernel - formerly known as i386
9	9
..	..	@@ -14,26 +14,36 @@
14	14	select ARCH_WANT_IPC_PARSE_VERSION
15	15	select CLKSRC_I8253
16	16	select CLONE_BACKWARDS
17		- select HAVE_AOUT
18		- select HAVE_GENERIC_DMA_COHERENT
	17	+ select HAVE_DEBUG_STACKOVERFLOW
19	18	select MODULES_USE_ELF_REL
20	19	select OLD_SIGACTION
21	20	select GENERIC_VDSO_32
	21	+ select ARCH_SPLIT_ARG64
22	22
23	23	config X86_64
24	24	def_bool y
25	25	depends on 64BIT
26	26	# Options that are inherently 64-bit kernel only:
27		- select ARCH_HAS_GIGANTIC_PAGE if (MEMORY_ISOLATION && COMPACTION) \|\| CMA
28		- select ARCH_SUPPORTS_INT128
	27	+ select ARCH_HAS_GIGANTIC_PAGE
	28	+ select ARCH_SUPPORTS_INT128 if CC_HAS_INT128
	29	+ select ARCH_SUPPORTS_SPECULATIVE_PAGE_FAULT
29	30	select ARCH_USE_CMPXCHG_LOCKREF
30	31	select HAVE_ARCH_SOFT_DIRTY
31	32	select MODULES_USE_ELF_RELA
32	33	select NEED_DMA_MAP_STATE
33	34	select SWIOTLB
34		- select X86_DEV_DMA_OPS
35		- select ARCH_HAS_SYSCALL_WRAPPER
36	35
	36	+config FORCE_DYNAMIC_FTRACE
	37	+ def_bool y
	38	+ depends on X86_32
	39	+ depends on FUNCTION_TRACER
	40	+ select DYNAMIC_FTRACE
	41	+ help
	42	+ We keep the static function tracing (!DYNAMIC_FTRACE) around
	43	+ in order to test the non static function tracing in the
	44	+ generic code, as other architectures still use it. But we
	45	+ only need to keep it around for x86_64. No need to keep it
	46	+ for x86_32. For x86_32, force DYNAMIC_FTRACE.
37	47	#
38	48	# Arch settings
39	49	#
..	..	@@ -47,50 +57,61 @@
47	57	#
48	58	select ACPI_LEGACY_TABLES_LOOKUP if ACPI
49	59	select ACPI_SYSTEM_POWER_STATES_SUPPORT if ACPI
50		- select ARCH_CLOCKSOURCE_DATA
51		- select ARCH_DISCARD_MEMBLOCK
	60	+ select ARCH_32BIT_OFF_T if X86_32
	61	+ select ARCH_CLOCKSOURCE_INIT
52	62	select ARCH_HAS_ACPI_TABLE_UPGRADE if ACPI
	63	+ select ARCH_HAS_CPU_FINALIZE_INIT
53	64	select ARCH_HAS_DEBUG_VIRTUAL
	65	+ select ARCH_HAS_DEBUG_VM_PGTABLE if !X86_PAE
54	66	select ARCH_HAS_DEVMEM_IS_ALLOWED
	67	+ select ARCH_HAS_EARLY_DEBUG if KGDB
55	68	select ARCH_HAS_ELF_RANDOMIZE
56	69	select ARCH_HAS_FAST_MULTIPLIER
57	70	select ARCH_HAS_FILTER_PGPROT
58	71	select ARCH_HAS_FORTIFY_SOURCE
59	72	select ARCH_HAS_GCOV_PROFILE_ALL
60		- select ARCH_HAS_KCOV if X86_64
	73	+ select ARCH_HAS_KCOV if X86_64 && STACK_VALIDATION
	74	+ select ARCH_HAS_MEM_ENCRYPT
61	75	select ARCH_HAS_MEMBARRIER_SYNC_CORE
	76	+ select ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
62	77	select ARCH_HAS_PMEM_API if X86_64
	78	+ select ARCH_HAS_PTE_DEVMAP if X86_64
63	79	select ARCH_HAS_PTE_SPECIAL
64		- select ARCH_HAS_REFCOUNT
65	80	select ARCH_HAS_UACCESS_FLUSHCACHE if X86_64
66		- select ARCH_HAS_UACCESS_MCSAFE if X86_64 && X86_MCE
	81	+ select ARCH_HAS_COPY_MC if X86_64
67	82	select ARCH_HAS_SET_MEMORY
68		- select ARCH_HAS_SG_CHAIN
	83	+ select ARCH_HAS_SET_DIRECT_MAP
69	84	select ARCH_HAS_STRICT_KERNEL_RWX
70	85	select ARCH_HAS_STRICT_MODULE_RWX
71	86	select ARCH_HAS_SYNC_CORE_BEFORE_USERMODE
	87	+ select ARCH_HAS_SYSCALL_WRAPPER
72	88	select ARCH_HAS_UBSAN_SANITIZE_ALL
73		- select ARCH_HAS_ZONE_DEVICE if X86_64
	89	+ select ARCH_HAS_DEBUG_WX
74	90	select ARCH_HAVE_NMI_SAFE_CMPXCHG
75	91	select ARCH_MIGHT_HAVE_ACPI_PDC if ACPI
76	92	select ARCH_MIGHT_HAVE_PC_PARPORT
77	93	select ARCH_MIGHT_HAVE_PC_SERIO
	94	+ select ARCH_STACKWALK
78	95	select ARCH_SUPPORTS_ACPI
79	96	select ARCH_SUPPORTS_ATOMIC_RMW
80	97	select ARCH_SUPPORTS_NUMA_BALANCING if X86_64
81	98	select ARCH_SUPPORTS_LTO_CLANG if X86_64
	99	+ select ARCH_SUPPORTS_LTO_CLANG_THIN if X86_64
82	100	select ARCH_USE_BUILTIN_BSWAP
83	101	select ARCH_USE_QUEUED_RWLOCKS
84	102	select ARCH_USE_QUEUED_SPINLOCKS
	103	+ select ARCH_USE_SYM_ANNOTATIONS
85	104	select ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH
	105	+ select ARCH_WANT_DEFAULT_BPF_JIT if X86_64
86	106	select ARCH_WANTS_DYNAMIC_TASK_STRUCT
	107	+ select ARCH_WANT_HUGE_PMD_SHARE
	108	+ select ARCH_WANT_LD_ORPHAN_WARN
87	109	select ARCH_WANTS_THP_SWAP if X86_64
88		- select BUILDTIME_EXTABLE_SORT
	110	+ select BUILDTIME_TABLE_SORT
89	111	select CLKEVT_I8253
90	112	select CLOCKSOURCE_VALIDATE_LAST_CYCLE
91	113	select CLOCKSOURCE_WATCHDOG
92	114	select DCACHE_WORD_ACCESS
93		- select DMA_DIRECT_OPS
94	115	select EDAC_ATOMIC_SCRUB
95	116	select EDAC_SUPPORT
96	117	select GENERIC_CLOCKEVENTS
..	..	@@ -100,6 +121,7 @@
100	121	select GENERIC_CPU_AUTOPROBE
101	122	select GENERIC_CPU_VULNERABILITIES
102	123	select GENERIC_EARLY_IOREMAP
	124	+ select GENERIC_ENTRY
103	125	select GENERIC_FIND_FIRST_BIT
104	126	select GENERIC_IOMAP
105	127	select GENERIC_IRQ_EFFECTIVE_AFF_MASK if SMP
..	..	@@ -109,11 +131,15 @@
109	131	select GENERIC_IRQ_RESERVATION_MODE
110	132	select GENERIC_IRQ_SHOW
111	133	select GENERIC_PENDING_IRQ if SMP
	134	+ select GENERIC_PTDUMP
112	135	select GENERIC_SMP_IDLE_THREAD
113	136	select GENERIC_STRNCPY_FROM_USER
114	137	select GENERIC_STRNLEN_USER
115	138	select GENERIC_TIME_VSYSCALL
116	139	select GENERIC_GETTIMEOFDAY
	140	+ select GENERIC_VDSO_TIME_NS
	141	+ select GUP_GET_PTE_LOW_HIGH if X86_PAE
	142	+ select HARDIRQS_SW_RESEND
117	143	select HARDLOCKUP_CHECK_TIMESTAMP if X86_64
118	144	select HAVE_ACPI_APEI if ACPI
119	145	select HAVE_ACPI_APEI_NMI if ACPI
..	..	@@ -121,32 +147,41 @@
121	147	select HAVE_ARCH_AUDITSYSCALL
122	148	select HAVE_ARCH_HUGE_VMAP if X86_64 \|\| X86_PAE
123	149	select HAVE_ARCH_JUMP_LABEL
	150	+ select HAVE_ARCH_JUMP_LABEL_RELATIVE
124	151	select HAVE_ARCH_KASAN if X86_64
	152	+ select HAVE_ARCH_KASAN_VMALLOC if X86_64
	153	+ select HAVE_ARCH_KFENCE
125	154	select HAVE_ARCH_KGDB
126	155	select HAVE_ARCH_MMAP_RND_BITS if MMU
127	156	select HAVE_ARCH_MMAP_RND_COMPAT_BITS if MMU && COMPAT
128	157	select HAVE_ARCH_COMPAT_MMAP_BASES if MMU && COMPAT
129		- select HAVE_ARCH_PREL32_RELOCATIONS if !LTO_CLANG
	158	+ select HAVE_ARCH_PREL32_RELOCATIONS
130	159	select HAVE_ARCH_SECCOMP_FILTER
131	160	select HAVE_ARCH_THREAD_STRUCT_WHITELIST
	161	+ select HAVE_ARCH_STACKLEAK
132	162	select HAVE_ARCH_TRACEHOOK
133	163	select HAVE_ARCH_TRANSPARENT_HUGEPAGE
134	164	select HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD if X86_64
	165	+ select HAVE_ARCH_USERFAULTFD_WP if X86_64 && USERFAULTFD
	166	+ select HAVE_ARCH_USERFAULTFD_MINOR if X86_64 && USERFAULTFD
135	167	select HAVE_ARCH_VMAP_STACK if X86_64
136	168	select HAVE_ARCH_WITHIN_STACK_FRAMES
	169	+ select HAVE_ASM_MODVERSIONS
137	170	select HAVE_CMPXCHG_DOUBLE
138	171	select HAVE_CMPXCHG_LOCAL
139	172	select HAVE_CONTEXT_TRACKING if X86_64
140		- select HAVE_COPY_THREAD_TLS
141	173	select HAVE_C_RECORDMCOUNT
	174	+ select HAVE_OBJTOOL_MCOUNT if STACK_VALIDATION
142	175	select HAVE_DEBUG_KMEMLEAK
143		- select HAVE_DEBUG_STACKOVERFLOW
144	176	select HAVE_DMA_CONTIGUOUS
145	177	select HAVE_DYNAMIC_FTRACE
146	178	select HAVE_DYNAMIC_FTRACE_WITH_REGS
	179	+ select HAVE_DYNAMIC_FTRACE_WITH_DIRECT_CALLS
147	180	select HAVE_EBPF_JIT
148	181	select HAVE_EFFICIENT_UNALIGNED_ACCESS
	182	+ select HAVE_EISA
149	183	select HAVE_EXIT_THREAD
	184	+ select HAVE_FAST_GUP
150	185	select HAVE_FENTRY if X86_64 \|\| DYNAMIC_FTRACE
151	186	select HAVE_FTRACE_MCOUNT_RECORD
152	187	select HAVE_FUNCTION_GRAPH_TRACER
..	..	@@ -155,7 +190,6 @@
155	190	select HAVE_HW_BREAKPOINT
156	191	select HAVE_IDE
157	192	select HAVE_IOREMAP_PROT
158		- select HAVE_IRQ_EXIT_ON_IRQ_STACK if X86_64
159	193	select HAVE_IRQ_TIME_ACCOUNTING
160	194	select HAVE_KERNEL_BZIP2
161	195	select HAVE_KERNEL_GZIP
..	..	@@ -163,16 +197,17 @@
163	197	select HAVE_KERNEL_LZMA
164	198	select HAVE_KERNEL_LZO
165	199	select HAVE_KERNEL_XZ
	200	+ select HAVE_KERNEL_ZSTD
166	201	select HAVE_KPROBES
167	202	select HAVE_KPROBES_ON_FTRACE
168	203	select HAVE_FUNCTION_ERROR_INJECTION
169	204	select HAVE_KRETPROBES
170	205	select HAVE_KVM
171	206	select HAVE_LIVEPATCH if X86_64
172		- select HAVE_MEMBLOCK
173		- select HAVE_MEMBLOCK_NODE_MAP
174	207	select HAVE_MIXED_BREAKPOINTS_REGS
175	208	select HAVE_MOD_ARCH_SPECIFIC
	209	+ select HAVE_MOVE_PMD
	210	+ select HAVE_MOVE_PUD
176	211	select HAVE_NMI
177	212	select HAVE_OPROFILE
178	213	select HAVE_OPTPROBES
..	..	@@ -180,14 +215,18 @@
180	215	select HAVE_PERF_EVENTS
181	216	select HAVE_PERF_EVENTS_NMI
182	217	select HAVE_HARDLOCKUP_DETECTOR_PERF if PERF_EVENTS && HAVE_PERF_EVENTS_NMI
	218	+ select HAVE_PCI
183	219	select HAVE_PERF_REGS
184	220	select HAVE_PERF_USER_STACK_DUMP
185		- select HAVE_RCU_TABLE_FREE if PARAVIRT
186		- select HAVE_RCU_TABLE_INVALIDATE if HAVE_RCU_TABLE_FREE
	221	+ select MMU_GATHER_RCU_TABLE_FREE if PARAVIRT
	222	+ select HAVE_POSIX_CPU_TIMERS_TASK_WORK
187	223	select HAVE_REGS_AND_STACK_ACCESS_API
188	224	select HAVE_RELIABLE_STACKTRACE if X86_64 && (UNWINDER_FRAME_POINTER \|\| UNWINDER_ORC) && STACK_VALIDATION
	225	+ select HAVE_FUNCTION_ARG_ACCESS_API
189	226	select HAVE_STACKPROTECTOR if CC_HAS_SANE_STACKPROTECTOR
190		- select HAVE_STACK_VALIDATION if X86_64 && !LTO_CLANG
	227	+ select HAVE_STACK_VALIDATION if X86_64
	228	+ select HAVE_STATIC_CALL
	229	+ select HAVE_STATIC_CALL_INLINE if HAVE_STACK_VALIDATION
191	230	select HAVE_RSEQ
192	231	select HAVE_SYSCALL_TRACEPOINTS
193	232	select HAVE_UNSTABLE_SCHED_CLOCK
..	..	@@ -196,17 +235,22 @@
196	235	select HOTPLUG_SMT if SMP
197	236	select IRQ_FORCED_THREADING
198	237	select NEED_SG_DMA_LENGTH
199		- select PCI_LOCKLESS_CONFIG
	238	+ select PCI_DOMAINS if PCI
	239	+ select PCI_LOCKLESS_CONFIG if PCI
200	240	select PERF_EVENTS
201	241	select RTC_LIB
202	242	select RTC_MC146818_LIB
203	243	select SPARSE_IRQ
204	244	select SRCU
	245	+ select STACK_VALIDATION if HAVE_STACK_VALIDATION && (HAVE_STATIC_CALL_INLINE \|\| RETPOLINE)
205	246	select SYSCTL_EXCEPTION_TRACE
206	247	select THREAD_INFO_IN_TASK
207	248	select USER_STACKTRACE_SUPPORT
208	249	select VIRT_TO_BUS
	250	+ select HAVE_ARCH_KCSAN if X86_64
209	251	select X86_FEATURE_NAMES if PROC_FS
	252	+ select PROC_PID_ARCH_STATUS if PROC_FS
	253	+ imply IMA_SECURE_AND_OR_TRUSTED_BOOT if EFI
210	254
211	255	config INSTRUCTION_DECODER
212	256	def_bool y
..	..	@@ -216,11 +260,6 @@
216	260	string
217	261	default "elf32-i386" if X86_32
218	262	default "elf64-x86-64" if X86_64
219		-
220		-config ARCH_DEFCONFIG
221		- string
222		- default "arch/x86/configs/i386_defconfig" if X86_32
223		- default "arch/x86/configs/x86_64_defconfig" if X86_64
224	263
225	264	config LOCKDEP_SUPPORT
226	265	def_bool y
..	..	@@ -260,15 +299,9 @@
260	299	config GENERIC_BUG_RELATIVE_POINTERS
261	300	bool
262	301
263		-config GENERIC_HWEIGHT
264		- def_bool y
265		-
266	302	config ARCH_MAY_HAVE_PC_FDC
267	303	def_bool y
268	304	depends on ISA_DMA_API
269		-
270		-config RWSEM_XCHGADD_ALGORITHM
271		- def_bool y
272	305
273	306	config GENERIC_CALIBRATE_DELAY
274	307	def_bool y
..	..	@@ -297,9 +330,6 @@
297	330	config ARCH_SUSPEND_POSSIBLE
298	331	def_bool y
299	332
300		-config ARCH_WANT_HUGE_PMD_SHARE
301		- def_bool y
302		-
303	333	config ARCH_WANT_GENERAL_HUGETLB
304	334	def_bool y
305	335
..	..	@@ -308,9 +338,6 @@
308	338
309	339	config AUDIT_ARCH
310	340	def_bool y if X86_64
311		-
312		-config ARCH_SUPPORTS_OPTIMIZED_INLINING
313		- def_bool y
314	341
315	342	config ARCH_SUPPORTS_DEBUG_PAGEALLOC
316	343	def_bool y
..	..	@@ -374,7 +401,7 @@
374	401
375	402	config SMP
376	403	bool "Symmetric multi-processing support"
377		- ---help---
	404	+ help
378	405	This enables support for systems with more than one CPU. If you have
379	406	a system with only one CPU, say N. If you have a system with more
380	407	than one CPU, say Y.
..	..	@@ -394,8 +421,8 @@
394	421	Y to "Enhanced Real Time Clock Support", below. The "Advanced Power
395	422	Management" code will be disabled if you say Y here.
396	423
397		- See also <file:Documentation/x86/i386/IO-APIC.txt>,
398		- <file:Documentation/lockup-watchdogs.txt> and the SMP-HOWTO available at
	424	+ See also <file:Documentation/x86/i386/IO-APIC.rst>,
	425	+ <file:Documentation/admin-guide/lockup-watchdogs.rst> and the SMP-HOWTO available at
399	426	<http://www.tldp.org/docs.html#howto>.
400	427
401	428	If you don't know what to do here, say N.
..	..	@@ -403,7 +430,7 @@
403	430	config X86_FEATURE_NAMES
404	431	bool "Processor feature human-readable names" if EMBEDDED
405	432	default y
406		- ---help---
	433	+ help
407	434	This option compiles in a table of x86 feature bits and corresponding
408	435	names. This is required to support /proc/cpuinfo and a few kernel
409	436	messages. You can disable this to save space, at the expense of
..	..	@@ -414,7 +441,7 @@
414	441	config X86_X2APIC
415	442	bool "Support x2apic"
416	443	depends on X86_LOCAL_APIC && X86_64 && (IRQ_REMAP \|\| HYPERVISOR_GUEST)
417		- ---help---
	444	+ help
418	445	This enables x2apic support on CPUs that have this feature.
419	446
420	447	This allows 32-bit apic IDs (so it can support very large systems),
..	..	@@ -426,34 +453,32 @@
426	453	bool "Enable MPS table" if ACPI \|\| SFI
427	454	default y
428	455	depends on X86_LOCAL_APIC
429		- ---help---
	456	+ help
430	457	For old smp systems that do not have proper acpi support. Newer systems
431	458	(esp with 64bit cpus) with acpi support, MADT and DSDT will override it
432	459
433	460	config GOLDFISH
434		- def_bool y
435		- depends on X86_GOLDFISH
	461	+ def_bool y
	462	+ depends on X86_GOLDFISH
436	463
437		-config RETPOLINE
438		- bool "Avoid speculative indirect branches in kernel"
439		- default y
440		- select STACK_VALIDATION if HAVE_STACK_VALIDATION
441		- help
442		- Compile kernel with the retpoline compiler options to guard against
443		- kernel-to-user data leaks by avoiding speculative indirect
444		- branches. Requires a compiler with -mindirect-branch=thunk-extern
445		- support for full protection. The kernel may run slower.
446		-
447		-config INTEL_RDT
448		- bool "Intel Resource Director Technology support"
449		- default n
450		- depends on X86 && CPU_SUP_INTEL
	464	+config X86_CPU_RESCTRL
	465	+ bool "x86 CPU resource control support"
	466	+ depends on X86 && (CPU_SUP_INTEL \|\| CPU_SUP_AMD)
451	467	select KERNFS
	468	+ select PROC_CPU_RESCTRL if PROC_FS
452	469	help
453		- Select to enable resource allocation and monitoring which are
454		- sub-features of Intel Resource Director Technology(RDT). More
455		- information about RDT can be found in the Intel x86
456		- Architecture Software Developer Manual.
	470	+ Enable x86 CPU resource control support.
	471	+
	472	+ Provide support for the allocation and monitoring of system resources
	473	+ usage by the CPU.
	474	+
	475	+ Intel calls this Intel Resource Director Technology
	476	+ (Intel(R) RDT). More information about RDT can be found in the
	477	+ Intel x86 Architecture Software Developer Manual.
	478	+
	479	+ AMD calls this AMD Platform Quality of Service (AMD QoS).
	480	+ More information about AMD QoS can be found in the AMD64 Technology
	481	+ Platform Quality of Service Extensions manual.
457	482
458	483	Say N if unsure.
459	484
..	..	@@ -461,13 +486,13 @@
461	486	config X86_BIGSMP
462	487	bool "Support for big SMP systems with more than 8 CPUs"
463	488	depends on SMP
464		- ---help---
465		- This option is needed for the systems that have more than 8 CPUs
	489	+ help
	490	+ This option is needed for the systems that have more than 8 CPUs.
466	491
467	492	config X86_EXTENDED_PLATFORM
468	493	bool "Support for extended (non-PC) x86 platforms"
469	494	default y
470		- ---help---
	495	+ help
471	496	If you disable this option then the kernel will only support
472	497	standard PC platforms. (which covers the vast majority of
473	498	systems out there.)
..	..	@@ -489,7 +514,7 @@
489	514	config X86_EXTENDED_PLATFORM
490	515	bool "Support for extended (non-PC) x86 platforms"
491	516	default y
492		- ---help---
	517	+ help
493	518	If you disable this option then the kernel will only support
494	519	standard PC platforms. (which covers the vast majority of
495	520	systems out there.)
..	..	@@ -513,7 +538,7 @@
513	538	depends on SMP
514	539	depends on X86_X2APIC
515	540	depends on PCI_MMCONFIG
516		- ---help---
	541	+ help
517	542	Adds support for Numascale NumaChip large-SMP systems. Needed to
518	543	enable more than ~168 cores.
519	544	If you don't have one of these, you should say N here.
..	..	@@ -525,7 +550,7 @@
525	550	depends on X86_64 && PCI
526	551	depends on X86_EXTENDED_PLATFORM
527	552	depends on SMP
528		- ---help---
	553	+ help
529	554	Support for ScaleMP vSMP systems. Say 'Y' here if this kernel is
530	555	supposed to run on these EM64T-based machines. Only choose this option
531	556	if you have one of these machines.
..	..	@@ -539,7 +564,7 @@
539	564	depends on KEXEC_CORE
540	565	depends on X86_X2APIC
541	566	depends on PCI
542		- ---help---
	567	+ help
543	568	This option is needed in order to support SGI Ultraviolet systems.
544	569	If you don't have one of these, you should say N here.
545	570
..	..	@@ -547,9 +572,9 @@
547	572	# Please maintain the alphabetic order if and when there are additions
548	573
549	574	config X86_GOLDFISH
550		- bool "Goldfish (Virtual Platform)"
551		- depends on X86_EXTENDED_PLATFORM
552		- ---help---
	575	+ bool "Goldfish (Virtual Platform)"
	576	+ depends on X86_EXTENDED_PLATFORM
	577	+ help
553	578	Enable support for the Goldfish virtual platform used primarily
554	579	for Android development. Unless you are building for the Android
555	580	Goldfish emulator say N here.
..	..	@@ -564,7 +589,7 @@
564	589	select X86_REBOOTFIXUPS
565	590	select OF
566	591	select OF_EARLY_FLATTREE
567		- ---help---
	592	+ help
568	593	Select for the Intel CE media processor (CE4100) SOC.
569	594	This option compiles in support for the CE4100 SOC for settop
570	595	boxes and media devices.
..	..	@@ -580,9 +605,9 @@
580	605	select I2C
581	606	select DW_APB_TIMER
582	607	select APB_TIMER
583		- select INTEL_SCU_IPC
	608	+ select INTEL_SCU_PCI
584	609	select MFD_INTEL_MSIC
585		- ---help---
	610	+ help
586	611	Select to build a kernel capable of supporting Intel MID (Mobile
587	612	Internet Device) platform systems which do not have the PCI legacy
588	613	interfaces. If you are building for a PC class system say N here.
..	..	@@ -602,18 +627,18 @@
602	627	select IOSF_MBI
603	628	select INTEL_IMR
604	629	select COMMON_CLK
605		- ---help---
	630	+ help
606	631	Select to include support for Quark X1000 SoC.
607	632	Say Y here if you have a Quark based system such as the Arduino
608	633	compatible Intel Galileo.
609	634
610	635	config X86_INTEL_LPSS
611	636	bool "Intel Low Power Subsystem Support"
612		- depends on X86 && ACPI
	637	+ depends on X86 && ACPI && PCI
613	638	select COMMON_CLK
614	639	select PINCTRL
615	640	select IOSF_MBI
616		- ---help---
	641	+ help
617	642	Select to build support for Intel Low Power Subsystem such as
618	643	found on Intel Lynxpoint PCH. Selecting this option enables
619	644	things like clock tree (common clock framework) and pincontrol
..	..	@@ -624,7 +649,7 @@
624	649	depends on ACPI
625	650	select COMMON_CLK
626	651	select PINCTRL
627		- ---help---
	652	+ help
628	653	Select to interpret AMD specific ACPI device to platform device
629	654	such as I2C, UART, GPIO found on AMD Carrizo and later chipsets.
630	655	I2C and UART depend on COMMON_CLK to set clock. GPIO driver is
..	..	@@ -633,7 +658,7 @@
633	658	config IOSF_MBI
634	659	tristate "Intel SoC IOSF Sideband support for SoC platforms"
635	660	depends on PCI
636		- ---help---
	661	+ help
637	662	This option enables sideband register access support for Intel SoC
638	663	platforms. On these platforms the IOSF sideband is used in lieu of
639	664	MSR's for some register accesses, mostly but not limited to thermal
..	..	@@ -650,7 +675,7 @@
650	675	config IOSF_MBI_DEBUG
651	676	bool "Enable IOSF sideband access through debugfs"
652	677	depends on IOSF_MBI && DEBUG_FS
653		- ---help---
	678	+ help
654	679	Select this option to expose the IOSF sideband access registers (MCR,
655	680	MDR, MCRX) through debugfs to write and read register information from
656	681	different units on the SoC. This is most useful for obtaining device
..	..	@@ -666,7 +691,7 @@
666	691	depends on X86_EXTENDED_PLATFORM
667	692	select M486
668	693	select X86_REBOOTFIXUPS
669		- ---help---
	694	+ help
670	695	This option is needed for RDC R-321x system-on-chip, also known
671	696	as R-8610-(G).
672	697	If you don't have one of these chips, you should say N here.
..	..	@@ -675,7 +700,7 @@
675	700	bool "Support non-standard 32-bit SMP architectures"
676	701	depends on X86_32 && SMP
677	702	depends on X86_EXTENDED_PLATFORM
678		- ---help---
	703	+ help
679	704	This option compiles in the bigsmp and STA2X11 default
680	705	subarchitectures. It is intended for a generic binary
681	706	kernel. If you select them all, kernel will probe it one by
..	..	@@ -695,14 +720,10 @@
695	720	config STA2X11
696	721	bool "STA2X11 Companion Chip Support"
697	722	depends on X86_32_NON_STANDARD && PCI
698		- select ARCH_HAS_PHYS_TO_DMA
699		- select X86_DEV_DMA_OPS
700		- select X86_DMA_REMAP
701	723	select SWIOTLB
702	724	select MFD_STA2X11
703	725	select GPIOLIB
704		- default n
705		- ---help---
	726	+ help
706	727	This adds support for boards based on the STA2X11 IO-Hub,
707	728	a.k.a. "ConneXt". The chip is used in place of the standard
708	729	PC chipset, so all "standard" peripherals are missing. If this
..	..	@@ -712,7 +733,7 @@
712	733	config X86_32_IRIS
713	734	tristate "Eurobraille/Iris poweroff module"
714	735	depends on X86_32
715		- ---help---
	736	+ help
716	737	The Iris machines from EuroBraille do not have APM or ACPI support
717	738	to shut themselves down properly. A special I/O sequence is
718	739	needed to do so, which is what this module does at
..	..	@@ -726,7 +747,7 @@
726	747	def_bool y
727	748	prompt "Single-depth WCHAN output"
728	749	depends on X86
729		- ---help---
	750	+ help
730	751	Calculate simpler /proc/<PID>/wchan values. If this option
731	752	is disabled then wchan values will recurse back to the
732	753	caller function. This provides more accurate wchan values,
..	..	@@ -736,7 +757,7 @@
736	757
737	758	menuconfig HYPERVISOR_GUEST
738	759	bool "Linux guest support"
739		- ---help---
	760	+ help
740	761	Say Y here to enable options for running Linux under various hyper-
741	762	visors. This option enables basic hypervisor detection and platform
742	763	setup.
..	..	@@ -748,23 +769,26 @@
748	769
749	770	config PARAVIRT
750	771	bool "Enable paravirtualization code"
751		- ---help---
	772	+ help
752	773	This changes the kernel so it can modify itself when it is run
753	774	under a hypervisor, potentially improving performance significantly
754	775	over full virtualization. However, when run without a hypervisor
755	776	the kernel is theoretically slower and slightly larger.
756	777
	778	+config PARAVIRT_XXL
	779	+ bool
	780	+
757	781	config PARAVIRT_DEBUG
758	782	bool "paravirt-ops debugging"
759	783	depends on PARAVIRT && DEBUG_KERNEL
760		- ---help---
	784	+ help
761	785	Enable to debug paravirt_ops internals. Specifically, BUG if
762	786	a paravirt_op is missing when it is called.
763	787
764	788	config PARAVIRT_SPINLOCKS
765	789	bool "Paravirtualization layer for spinlocks"
766	790	depends on PARAVIRT && SMP
767		- ---help---
	791	+ help
768	792	Paravirtualized spinlocks allow a pvops backend to replace the
769	793	spinlock implementation with something virtualization-friendly
770	794	(for example, block the virtual CPU rather than spinning).
..	..	@@ -774,13 +798,8 @@
774	798
775	799	If you are unsure how to answer this question, answer Y.
776	800
777		-config QUEUED_LOCK_STAT
778		- bool "Paravirt queued spinlock statistics"
779		- depends on PARAVIRT_SPINLOCKS && DEBUG_FS
780		- ---help---
781		- Enable the collection of statistical data on the slowpath
782		- behavior of paravirtualized queued spinlocks and report
783		- them on debugfs.
	801	+config X86_HV_CALLBACK_VECTOR
	802	+ def_bool n
784	803
785	804	source "arch/x86/xen/Kconfig"
786	805
..	..	@@ -788,28 +807,32 @@
788	807	bool "KVM Guest support (including kvmclock)"
789	808	depends on PARAVIRT
790	809	select PARAVIRT_CLOCK
	810	+ select ARCH_CPUIDLE_HALTPOLL
	811	+ select X86_HV_CALLBACK_VECTOR
791	812	default y
792		- ---help---
	813	+ help
793	814	This option enables various optimizations for running under the KVM
794	815	hypervisor. It includes a paravirtualized clock, so that instead
795	816	of relying on a PIT (or probably other) emulation by the
796	817	underlying device model, the host provides the guest with
797	818	timing infrastructure such as time of day, and system time
798	819
799		-config KVM_DEBUG_FS
800		- bool "Enable debug information for KVM Guests in debugfs"
801		- depends on KVM_GUEST && DEBUG_FS
802		- default n
803		- ---help---
804		- This option enables collection of various statistics for KVM guest.
805		- Statistics are displayed in debugfs filesystem. Enabling this option
806		- may incur significant overhead.
	820	+config ARCH_CPUIDLE_HALTPOLL
	821	+ def_bool n
	822	+ prompt "Disable host haltpoll when loading haltpoll driver"
	823	+ help
	824	+ If virtualized under KVM, disable host haltpoll.
	825	+
	826	+config PVH
	827	+ bool "Support for running PVH guests"
	828	+ help
	829	+ This option enables the PVH entry point for guest virtual machines
	830	+ as specified in the x86/HVM direct boot ABI.
807	831
808	832	config PARAVIRT_TIME_ACCOUNTING
809	833	bool "Paravirtual steal time accounting"
810	834	depends on PARAVIRT
811		- default n
812		- ---help---
	835	+ help
813	836	Select this option to enable fine granularity task steal time
814	837	accounting. Time spent executing other tasks in parallel with
815	838	the current vCPU is discounted from the vCPU power. To account for
..	..	@@ -824,22 +847,30 @@
824	847	bool "Jailhouse non-root cell support"
825	848	depends on X86_64 && PCI
826	849	select X86_PM_TIMER
827		- ---help---
	850	+ help
828	851	This option allows to run Linux as guest in a Jailhouse non-root
829	852	cell. You can leave this option disabled if you only want to start
830	853	Jailhouse and run Linux afterwards in the root cell.
831	854
832		-endif #HYPERVISOR_GUEST
	855	+config ACRN_GUEST
	856	+ bool "ACRN Guest support"
	857	+ depends on X86_64
	858	+ select X86_HV_CALLBACK_VECTOR
	859	+ help
	860	+ This option allows to run Linux as guest in the ACRN hypervisor. ACRN is
	861	+ a flexible, lightweight reference open-source hypervisor, built with
	862	+ real-time and safety-criticality in mind. It is built for embedded
	863	+ IOT with small footprint and real-time features. More details can be
	864	+ found in https://projectacrn.org/.
833	865
834		-config NO_BOOTMEM
835		- def_bool y
	866	+endif #HYPERVISOR_GUEST
836	867
837	868	source "arch/x86/Kconfig.cpu"
838	869
839	870	config HPET_TIMER
840	871	def_bool X86_64
841	872	prompt "HPET Timer Support" if X86_32
842		- ---help---
	873	+ help
843	874	Use the IA-PC HPET (High Precision Event Timer) to manage
844	875	time in preference to the PIT and RTC, if a HPET is
845	876	present.
..	..	@@ -860,16 +891,16 @@
860	891	depends on HPET_TIMER && (RTC=y \|\| RTC=m \|\| RTC_DRV_CMOS=m \|\| RTC_DRV_CMOS=y)
861	892
862	893	config APB_TIMER
863		- def_bool y if X86_INTEL_MID
864		- prompt "Intel MID APB Timer Support" if X86_INTEL_MID
865		- select DW_APB_TIMER
866		- depends on X86_INTEL_MID && SFI
867		- help
868		- APB timer is the replacement for 8254, HPET on X86 MID platforms.
869		- The APBT provides a stable time base on SMP
870		- systems, unlike the TSC, but it is more expensive to access,
871		- as it is off-chip. APB timers are always running regardless of CPU
872		- C states, they are used as per CPU clockevent device when possible.
	894	+ def_bool y if X86_INTEL_MID
	895	+ prompt "Intel MID APB Timer Support" if X86_INTEL_MID
	896	+ select DW_APB_TIMER
	897	+ depends on X86_INTEL_MID && SFI
	898	+ help
	899	+ APB timer is the replacement for 8254, HPET on X86 MID platforms.
	900	+ The APBT provides a stable time base on SMP
	901	+ systems, unlike the TSC, but it is more expensive to access,
	902	+ as it is off-chip. APB timers are always running regardless of CPU
	903	+ C states, they are used as per CPU clockevent device when possible.
873	904
874	905	# Mark as expert because too many people got it wrong.
875	906	# The code disables itself when not needed.
..	..	@@ -877,7 +908,7 @@
877	908	default y
878	909	select DMI_SCAN_MACHINE_NON_EFI_FALLBACK
879	910	bool "Enable DMI scanning" if EXPERT
880		- ---help---
	911	+ help
881	912	Enabled scanning of DMI to identify machine quirks. Say Y
882	913	here unless you have verified that your setup is not
883	914	affected by entries in the DMI blacklist. Required by PNP
..	..	@@ -885,10 +916,11 @@
885	916
886	917	config GART_IOMMU
887	918	bool "Old AMD GART IOMMU support"
	919	+ select DMA_OPS
888	920	select IOMMU_HELPER
889	921	select SWIOTLB
890	922	depends on X86_64 && PCI && AMD_NB
891		- ---help---
	923	+ help
892	924	Provides a driver for older AMD Athlon64/Opteron/Turion/Sempron
893	925	GART based hardware IOMMUs.
894	926
..	..	@@ -905,41 +937,11 @@
905	937
906	938	If unsure, say Y.
907	939
908		-config CALGARY_IOMMU
909		- bool "IBM Calgary IOMMU support"
910		- select IOMMU_HELPER
911		- select SWIOTLB
912		- depends on X86_64 && PCI
913		- ---help---
914		- Support for hardware IOMMUs in IBM's xSeries x366 and x460
915		- systems. Needed to run systems with more than 3GB of memory
916		- properly with 32-bit PCI devices that do not support DAC
917		- (Double Address Cycle). Calgary also supports bus level
918		- isolation, where all DMAs pass through the IOMMU. This
919		- prevents them from going anywhere except their intended
920		- destination. This catches hard-to-find kernel bugs and
921		- mis-behaving drivers and devices that do not use the DMA-API
922		- properly to set up their DMA buffers. The IOMMU can be
923		- turned off at boot time with the iommu=off parameter.
924		- Normally the kernel will make the right choice by itself.
925		- If unsure, say Y.
926		-
927		-config CALGARY_IOMMU_ENABLED_BY_DEFAULT
928		- def_bool y
929		- prompt "Should Calgary be enabled by default?"
930		- depends on CALGARY_IOMMU
931		- ---help---
932		- Should Calgary be enabled by default? if you choose 'y', Calgary
933		- will be used (if it exists). If you choose 'n', Calgary will not be
934		- used even if it exists. If you choose 'n' and would like to use
935		- Calgary anyway, pass 'iommu=calgary' on the kernel command line.
936		- If unsure, say Y.
937		-
938	940	config MAXSMP
939	941	bool "Enable Maximum number of SMP Processors and NUMA Nodes"
940	942	depends on X86_64 && SMP && DEBUG_KERNEL
941	943	select CPUMASK_OFFSTACK
942		- ---help---
	944	+ help
943	945	Enable maximum number of CPUS and NUMA Nodes for this architecture.
944	946	If unsure, say N.
945	947
..	..	@@ -973,8 +975,8 @@
973	975	config NR_CPUS_RANGE_END
974	976	int
975	977	depends on X86_64
976		- default 8192 if SMP && ( MAXSMP \|\| CPUMASK_OFFSTACK)
977		- default 512 if SMP && (!MAXSMP && !CPUMASK_OFFSTACK)
	978	+ default 8192 if SMP && CPUMASK_OFFSTACK
	979	+ default 512 if SMP && !CPUMASK_OFFSTACK
978	980	default 1 if !SMP
979	981
980	982	config NR_CPUS_DEFAULT
..	..	@@ -995,7 +997,7 @@
995	997	int "Maximum number of CPUs" if SMP && !MAXSMP
996	998	range NR_CPUS_RANGE_BEGIN NR_CPUS_RANGE_END
997	999	default NR_CPUS_DEFAULT
998		- ---help---
	1000	+ help
999	1001	This allows you to specify the maximum number of CPUs which this
1000	1002	kernel will support. If CPUMASK_OFFSTACK is enabled, the maximum
1001	1003	supported value is 8192, otherwise the maximum value is 512. The
..	..	@@ -1011,7 +1013,7 @@
1011	1013	def_bool y
1012	1014	prompt "Multi-core scheduler support"
1013	1015	depends on SMP
1014		- ---help---
	1016	+ help
1015	1017	Multi-core scheduler support improves the CPU scheduler's decision
1016	1018	making when dealing with multi-core CPU chips at a cost of slightly
1017	1019	increased overhead in some places. If unsure say N here.
..	..	@@ -1022,7 +1024,7 @@
1022	1024	select X86_INTEL_PSTATE
1023	1025	select CPU_FREQ
1024	1026	default y
1025		- ---help---
	1027	+ help
1026	1028	Intel Turbo Boost Max Technology 3.0 enabled CPUs have a
1027	1029	core ordering determined at manufacturing time, which allows
1028	1030	certain cores to reach higher turbo frequencies (when running
..	..	@@ -1038,14 +1040,14 @@
1038	1040	If unsure say Y here.
1039	1041
1040	1042	config UP_LATE_INIT
1041		- def_bool y
1042		- depends on !SMP && X86_LOCAL_APIC
	1043	+ def_bool y
	1044	+ depends on !SMP && X86_LOCAL_APIC
1043	1045
1044	1046	config X86_UP_APIC
1045	1047	bool "Local APIC support on uniprocessors" if !PCI_MSI
1046	1048	default PCI_MSI
1047	1049	depends on X86_32 && !SMP && !X86_32_NON_STANDARD
1048		- ---help---
	1050	+ help
1049	1051	A local APIC (Advanced Programmable Interrupt Controller) is an
1050	1052	integrated interrupt controller in the CPU. If you have a single-CPU
1051	1053	system which has a processor with a local APIC, you can say Y here to
..	..	@@ -1058,7 +1060,7 @@
1058	1060	config X86_UP_IOAPIC
1059	1061	bool "IO-APIC support on uniprocessors"
1060	1062	depends on X86_UP_APIC
1061		- ---help---
	1063	+ help
1062	1064	An IO-APIC (I/O Advanced Programmable Interrupt Controller) is an
1063	1065	SMP-capable replacement for PC-style interrupt controllers. Most
1064	1066	SMP systems and many recent uniprocessor systems have one.
..	..	@@ -1080,7 +1082,7 @@
1080	1082	config X86_REROUTE_FOR_BROKEN_BOOT_IRQS
1081	1083	bool "Reroute for broken boot IRQs"
1082	1084	depends on X86_IO_APIC
1083		- ---help---
	1085	+ help
1084	1086	This option enables a workaround that fixes a source of
1085	1087	spurious interrupts. This is recommended when threaded
1086	1088	interrupt handling is used on systems where the generation of
..	..	@@ -1104,7 +1106,7 @@
1104	1106	bool "Machine Check / overheating reporting"
1105	1107	select GENERIC_ALLOCATOR
1106	1108	default y
1107		- ---help---
	1109	+ help
1108	1110	Machine Check support allows the processor to notify the
1109	1111	kernel if it detects a problem (e.g. overheating, data corruption).
1110	1112	The action the kernel takes depends on the severity of the problem,
..	..	@@ -1113,7 +1115,7 @@
1113	1115	config X86_MCELOG_LEGACY
1114	1116	bool "Support for deprecated /dev/mcelog character device"
1115	1117	depends on X86_MCE
1116		- ---help---
	1118	+ help
1117	1119	Enable support for /dev/mcelog which is needed by the old mcelog
1118	1120	userspace logging daemon. Consider switching to the new generation
1119	1121	rasdaemon solution.
..	..	@@ -1122,7 +1124,7 @@
1122	1124	def_bool y
1123	1125	prompt "Intel MCE features"
1124	1126	depends on X86_MCE && X86_LOCAL_APIC
1125		- ---help---
	1127	+ help
1126	1128	Additional support for intel specific MCE features such as
1127	1129	the thermal monitor.
1128	1130
..	..	@@ -1130,14 +1132,14 @@
1130	1132	def_bool y
1131	1133	prompt "AMD MCE features"
1132	1134	depends on X86_MCE && X86_LOCAL_APIC && AMD_NB
1133		- ---help---
	1135	+ help
1134	1136	Additional support for AMD specific MCE features such as
1135	1137	the DRAM Error Threshold.
1136	1138
1137	1139	config X86_ANCIENT_MCE
1138	1140	bool "Support for old Pentium 5 / WinChip machine checks"
1139	1141	depends on X86_32 && X86_MCE
1140		- ---help---
	1142	+ help
1141	1143	Include support for machine check handling on old Pentium 5 or WinChip
1142	1144	systems. These typically need to be enabled explicitly on the command
1143	1145	line.
..	..	@@ -1149,7 +1151,7 @@
1149	1151	config X86_MCE_INJECT
1150	1152	depends on X86_MCE && X86_LOCAL_APIC && DEBUG_FS
1151	1153	tristate "Machine check injector support"
1152		- ---help---
	1154	+ help
1153	1155	Provide support for injecting machine checks for testing purposes.
1154	1156	If you don't know what a machine check is and you don't do kernel
1155	1157	QA it is safe to say n.
..	..	@@ -1162,9 +1164,8 @@
1162	1164
1163	1165	config X86_LEGACY_VM86
1164	1166	bool "Legacy VM86 support"
1165		- default n
1166	1167	depends on X86_32
1167		- ---help---
	1168	+ help
1168	1169	This option allows user programs to put the CPU into V8086
1169	1170	mode, which is an 80286-era approximation of 16-bit real mode.
1170	1171
..	..	@@ -1189,14 +1190,14 @@
1189	1190	If unsure, say N here.
1190	1191
1191	1192	config VM86
1192		- bool
1193		- default X86_LEGACY_VM86
	1193	+ bool
	1194	+ default X86_LEGACY_VM86
1194	1195
1195	1196	config X86_16BIT
1196	1197	bool "Enable support for 16-bit segments" if EXPERT
1197	1198	default y
1198	1199	depends on MODIFY_LDT_SYSCALL
1199		- ---help---
	1200	+ help
1200	1201	This option is required by programs like Wine to run 16-bit
1201	1202	protected mode legacy code on x86 processors. Disabling
1202	1203	this option saves about 300 bytes on i386, or around 6K text
..	..	@@ -1211,10 +1212,10 @@
1211	1212	depends on X86_16BIT && X86_64
1212	1213
1213	1214	config X86_VSYSCALL_EMULATION
1214		- bool "Enable vsyscall emulation" if EXPERT
1215		- default y
1216		- depends on X86_64
1217		- ---help---
	1215	+ bool "Enable vsyscall emulation" if EXPERT
	1216	+ default y
	1217	+ depends on X86_64
	1218	+ help
1218	1219	This enables emulation of the legacy vsyscall page. Disabling
1219	1220	it is roughly equivalent to booting with vsyscall=none, except
1220	1221	that it will also disable the helpful warning if a program
..	..	@@ -1228,10 +1229,28 @@
1228	1229	Disabling this option saves about 7K of kernel size and
1229	1230	possibly 4K of additional runtime pagetable memory.
1230	1231
	1232	+config X86_IOPL_IOPERM
	1233	+ bool "IOPERM and IOPL Emulation"
	1234	+ default y
	1235	+ help
	1236	+ This enables the ioperm() and iopl() syscalls which are necessary
	1237	+ for legacy applications.
	1238	+
	1239	+ Legacy IOPL support is an overbroad mechanism which allows user
	1240	+ space aside of accessing all 65536 I/O ports also to disable
	1241	+ interrupts. To gain this access the caller needs CAP_SYS_RAWIO
	1242	+ capabilities and permission from potentially active security
	1243	+ modules.
	1244	+
	1245	+ The emulation restricts the functionality of the syscall to
	1246	+ only allowing the full range I/O port access, but prevents the
	1247	+ ability to disable interrupts from user space which would be
	1248	+ granted if the hardware IOPL mechanism would be used.
	1249	+
1231	1250	config TOSHIBA
1232	1251	tristate "Toshiba Laptop support"
1233	1252	depends on X86_32
1234		- ---help---
	1253	+ help
1235	1254	This adds a driver to safely access the System Management Mode of
1236	1255	the CPU on Toshiba portables with a genuine Toshiba BIOS. It does
1237	1256	not work on models with a Phoenix BIOS. The System Management Mode
..	..	@@ -1246,9 +1265,10 @@
1246	1265
1247	1266	config I8K
1248	1267	tristate "Dell i8k legacy laptop support"
1249		- select HWMON
	1268	+ depends on HWMON
	1269	+ depends on PROC_FS
1250	1270	select SENSORS_DELL_SMM
1251		- ---help---
	1271	+ help
1252	1272	This option enables legacy /proc/i8k userspace interface in hwmon
1253	1273	dell-smm-hwmon driver. Character file /proc/i8k reports bios version,
1254	1274	temperature and allows controlling fan speeds of Dell laptops via
..	..	@@ -1263,7 +1283,7 @@
1263	1283	config X86_REBOOTFIXUPS
1264	1284	bool "Enable X86 board specific fixups for reboot"
1265	1285	depends on X86_32
1266		- ---help---
	1286	+ help
1267	1287	This enables chipset and/or board specific fixups to be done
1268	1288	in order to get reboot to work correctly. This is only needed on
1269	1289	some combinations of hardware and BIOS. The symptom, for which
..	..	@@ -1281,8 +1301,7 @@
1281	1301	bool "CPU microcode loading support"
1282	1302	default y
1283	1303	depends on CPU_SUP_AMD \|\| CPU_SUP_INTEL
1284		- select FW_LOADER
1285		- ---help---
	1304	+ help
1286	1305	If you say Y here, you will be able to update the microcode on
1287	1306	Intel and AMD processors. The Intel support is for the IA32 family,
1288	1307	e.g. Pentium Pro, Pentium II, Pentium III, Pentium 4, Xeon etc. The
..	..	@@ -1291,7 +1310,7 @@
1291	1310	the Linux kernel.
1292	1311
1293	1312	The preferred method to load microcode from a detached initrd is described
1294		- in Documentation/x86/microcode.txt. For that you need to enable
	1313	+ in Documentation/x86/microcode.rst. For that you need to enable
1295	1314	CONFIG_BLK_DEV_INITRD in order for the loader to be able to scan the
1296	1315	initrd for microcode blobs.
1297	1316
..	..	@@ -1301,10 +1320,9 @@
1301	1320
1302	1321	config MICROCODE_INTEL
1303	1322	bool "Intel microcode loading support"
1304		- depends on MICROCODE
	1323	+ depends on CPU_SUP_INTEL && MICROCODE
1305	1324	default MICROCODE
1306		- select FW_LOADER
1307		- ---help---
	1325	+ help
1308	1326	This options enables microcode patch loading support for Intel
1309	1327	processors.
1310	1328
..	..	@@ -1314,19 +1332,25 @@
1314	1332
1315	1333	config MICROCODE_AMD
1316	1334	bool "AMD microcode loading support"
1317		- depends on MICROCODE
1318		- select FW_LOADER
1319		- ---help---
	1335	+ depends on CPU_SUP_AMD && MICROCODE
	1336	+ help
1320	1337	If you select this option, microcode patch loading support for AMD
1321	1338	processors will be enabled.
1322	1339
1323		-config MICROCODE_OLD_INTERFACE
1324		- def_bool y
	1340	+config MICROCODE_LATE_LOADING
	1341	+ bool "Late microcode loading (DANGEROUS)"
	1342	+ default n
1325	1343	depends on MICROCODE
	1344	+ help
	1345	+ Loading microcode late, when the system is up and executing instructions
	1346	+ is a tricky business and should be avoided if possible. Just the sequence
	1347	+ of synchronizing all cores and SMT threads is one fragile dance which does
	1348	+ not guarantee that cores might not softlock after the loading. Therefore,
	1349	+ use this at your own risk. Late loading taints the kernel too.
1326	1350
1327	1351	config X86_MSR
1328	1352	tristate "/dev/cpu/*/msr - Model-specific register support"
1329		- ---help---
	1353	+ help
1330	1354	This device gives privileged processes access to the x86
1331	1355	Model-Specific Registers (MSRs). It is a character device with
1332	1356	major 202 and minors 0 to 31 for /dev/cpu/0/msr to /dev/cpu/31/msr.
..	..	@@ -1335,7 +1359,7 @@
1335	1359
1336	1360	config X86_CPUID
1337	1361	tristate "/dev/cpu/*/cpuid - CPU information support"
1338		- ---help---
	1362	+ help
1339	1363	This device gives processes access to the x86 CPUID instruction to
1340	1364	be executed on a specific processor. It is a character device
1341	1365	with major 203 and minors 0 to 31 for /dev/cpu/0/cpuid to
..	..	@@ -1348,7 +1372,7 @@
1348	1372
1349	1373	config NOHIGHMEM
1350	1374	bool "off"
1351		- ---help---
	1375	+ help
1352	1376	Linux can use up to 64 Gigabytes of physical memory on x86 systems.
1353	1377	However, the address space of 32-bit x86 processors is only 4
1354	1378	Gigabytes large. That means that, if you have a large amount of
..	..	@@ -1384,15 +1408,15 @@
1384	1408
1385	1409	config HIGHMEM4G
1386	1410	bool "4GB"
1387		- ---help---
	1411	+ help
1388	1412	Select this if you have a 32-bit processor and between 1 and 4
1389	1413	gigabytes of physical RAM.
1390	1414
1391	1415	config HIGHMEM64G
1392	1416	bool "64GB"
1393		- depends on !M486 && !M586 && !M586TSC && !M586MMX && !MGEODE_LX && !MGEODEGX1 && !MCYRIXIII && !MELAN && !MWINCHIPC6 && !MWINCHIP3D && !MK6
	1417	+ depends on !M486SX && !M486 && !M586 && !M586TSC && !M586MMX && !MGEODE_LX && !MGEODEGX1 && !MCYRIXIII && !MELAN && !MWINCHIPC6 && !MWINCHIP3D && !MK6
1394	1418	select X86_PAE
1395		- ---help---
	1419	+ help
1396	1420	Select this if you have a 32-bit processor and more than 4
1397	1421	gigabytes of physical RAM.
1398	1422
..	..	@@ -1402,7 +1426,7 @@
1402	1426	prompt "Memory split" if EXPERT
1403	1427	default VMSPLIT_3G
1404	1428	depends on X86_32
1405		- ---help---
	1429	+ help
1406	1430	Select the desired split between kernel and user memory.
1407	1431
1408	1432	If the address range available to the kernel is less than the
..	..	@@ -1450,7 +1474,7 @@
1450	1474	depends on X86_32 && !HIGHMEM4G
1451	1475	select PHYS_ADDR_T_64BIT
1452	1476	select SWIOTLB
1453		- ---help---
	1477	+ help
1454	1478	PAE is required for NX support, and furthermore enables
1455	1479	larger swapspace support for non-overcommit purposes. It
1456	1480	has the cost of more pagetable lookup overhead, and also
..	..	@@ -1458,10 +1482,11 @@
1458	1482
1459	1483	config X86_5LEVEL
1460	1484	bool "Enable 5-level page tables support"
	1485	+ default y
1461	1486	select DYNAMIC_MEMORY_LAYOUT
1462	1487	select SPARSEMEM_VMEMMAP
1463	1488	depends on X86_64
1464		- ---help---
	1489	+ help
1465	1490	5-level paging enables access to larger address space:
1466	1491	upto 128 PiB of virtual address space and 4 PiB of
1467	1492	physical address space.
..	..	@@ -1471,29 +1496,38 @@
1471	1496	A kernel with the option enabled can be booted on machines that
1472	1497	support 4- or 5-level paging.
1473	1498
1474		- See Documentation/x86/x86_64/5level-paging.txt for more
	1499	+ See Documentation/x86/x86_64/5level-paging.rst for more
1475	1500	information.
1476	1501
1477	1502	Say N if unsure.
1478	1503
1479	1504	config X86_DIRECT_GBPAGES
1480	1505	def_bool y
1481		- depends on X86_64 && !DEBUG_PAGEALLOC
1482		- ---help---
	1506	+ depends on X86_64
	1507	+ help
1483	1508	Certain kernel features effectively disable kernel
1484	1509	linear 1 GB mappings (even if the CPU otherwise
1485	1510	supports them), so don't confuse the user by printing
1486	1511	that we have them enabled.
1487	1512
1488		-config ARCH_HAS_MEM_ENCRYPT
1489		- def_bool y
	1513	+config X86_CPA_STATISTICS
	1514	+ bool "Enable statistic for Change Page Attribute"
	1515	+ depends on DEBUG_FS
	1516	+ help
	1517	+ Expose statistics about the Change Page Attribute mechanism, which
	1518	+ helps to determine the effectiveness of preserving large and huge
	1519	+ page mappings when mapping protections are changed.
1490	1520
1491	1521	config AMD_MEM_ENCRYPT
1492	1522	bool "AMD Secure Memory Encryption (SME) support"
1493	1523	depends on X86_64 && CPU_SUP_AMD
	1524	+ select DMA_COHERENT_POOL
1494	1525	select DYNAMIC_PHYSICAL_MASK
1495	1526	select ARCH_USE_MEMREMAP_PROT
1496		- ---help---
	1527	+ select ARCH_HAS_FORCE_DMA_UNENCRYPTED
	1528	+ select INSTRUCTION_DECODER
	1529	+ select ARCH_HAS_CC_PLATFORM
	1530	+ help
1497	1531	Say yes to enable support for the encryption of system memory.
1498	1532	This requires an AMD processor that supports Secure Memory
1499	1533	Encryption (SME).
..	..	@@ -1501,7 +1535,7 @@
1501	1535	config AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT
1502	1536	bool "Activate AMD Secure Memory Encryption (SME) by default"
1503	1537	depends on AMD_MEM_ENCRYPT
1504		- ---help---
	1538	+ help
1505	1539	Say yes to have system memory encrypted by default if running on
1506	1540	an AMD processor that supports Secure Memory Encryption (SME).
1507	1541
..	..	@@ -1513,12 +1547,12 @@
1513	1547
1514	1548	# Common NUMA Features
1515	1549	config NUMA
1516		- bool "Numa Memory Allocation and Scheduler Support"
	1550	+ bool "NUMA Memory Allocation and Scheduler Support"
1517	1551	depends on SMP
1518	1552	depends on X86_64 \|\| (X86_32 && HIGHMEM64G && X86_BIGSMP)
1519	1553	default y if X86_BIGSMP
1520		- ---help---
1521		- Enable NUMA (Non Uniform Memory Access) support.
	1554	+ help
	1555	+ Enable NUMA (Non-Uniform Memory Access) support.
1522	1556
1523	1557	The kernel will try to allocate memory used by a CPU on the
1524	1558	local memory controller of the CPU and add some more
..	..	@@ -1536,7 +1570,7 @@
1536	1570	def_bool y
1537	1571	prompt "Old style AMD Opteron NUMA detection"
1538	1572	depends on X86_64 && NUMA && PCI
1539		- ---help---
	1573	+ help
1540	1574	Enable AMD NUMA node topology detection. You should say Y here if
1541	1575	you have a multi processor AMD system. This uses an old method to
1542	1576	read the NUMA configuration directly from the builtin Northbridge
..	..	@@ -1548,22 +1582,13 @@
1548	1582	prompt "ACPI NUMA detection"
1549	1583	depends on X86_64 && NUMA && ACPI && PCI
1550	1584	select ACPI_NUMA
1551		- ---help---
	1585	+ help
1552	1586	Enable ACPI SRAT based node topology detection.
1553		-
1554		-# Some NUMA nodes have memory ranges that span
1555		-# other nodes. Even though a pfn is valid and
1556		-# between a node's start and end pfns, it may not
1557		-# reside on that node. See memmap_init_zone()
1558		-# for details.
1559		-config NODES_SPAN_OTHER_NODES
1560		- def_bool y
1561		- depends on X86_64_ACPI_NUMA
1562	1587
1563	1588	config NUMA_EMU
1564	1589	bool "NUMA emulation"
1565	1590	depends on NUMA
1566		- ---help---
	1591	+ help
1567	1592	Enable NUMA emulation. A flat machine will be split
1568	1593	into virtual nodes when booted with "numa=fake=N", where N is the
1569	1594	number of nodes. This is only useful for debugging.
..	..	@@ -1575,25 +1600,13 @@
1575	1600	default "6" if X86_64
1576	1601	default "3"
1577	1602	depends on NEED_MULTIPLE_NODES
1578		- ---help---
	1603	+ help
1579	1604	Specify the maximum number of NUMA Nodes available on the target
1580	1605	system. Increases memory reserved to accommodate various tables.
1581		-
1582		-config ARCH_HAVE_MEMORY_PRESENT
1583		- def_bool y
1584		- depends on X86_32 && DISCONTIGMEM
1585	1606
1586	1607	config ARCH_FLATMEM_ENABLE
1587	1608	def_bool y
1588	1609	depends on X86_32 && !NUMA
1589		-
1590		-config ARCH_DISCONTIGMEM_ENABLE
1591		- def_bool y
1592		- depends on NUMA && X86_32
1593		-
1594		-config ARCH_DISCONTIGMEM_DEFAULT
1595		- def_bool y
1596		- depends on NUMA && X86_32
1597	1610
1598	1611	config ARCH_SPARSEMEM_ENABLE
1599	1612	def_bool y
..	..	@@ -1602,8 +1615,7 @@
1602	1615	select SPARSEMEM_VMEMMAP_ENABLE if X86_64
1603	1616
1604	1617	config ARCH_SPARSEMEM_DEFAULT
1605		- def_bool y
1606		- depends on X86_64
	1618	+ def_bool X86_64 \|\| (NUMA && X86_32)
1607	1619
1608	1620	config ARCH_SELECT_MEMORY_MODEL
1609	1621	def_bool y
..	..	@@ -1614,7 +1626,7 @@
1614	1626	depends on X86_64 && MEMORY_HOTPLUG
1615	1627	help
1616	1628	This option enables a sysfs memory/probe interface for testing.
1617		- See Documentation/memory-hotplug.txt for more information.
	1629	+ See Documentation/admin-guide/mm/memory-hotplug.rst for more information.
1618	1630	If you are unsure how to answer this question, answer N.
1619	1631
1620	1632	config ARCH_PROC_KCORE_TEXT
..	..	@@ -1622,9 +1634,9 @@
1622	1634	depends on X86_64 && PROC_KCORE
1623	1635
1624	1636	config ILLEGAL_POINTER_VALUE
1625		- hex
1626		- default 0 if X86_32
1627		- default 0xdead000000000000 if X86_64
	1637	+ hex
	1638	+ default 0 if X86_32
	1639	+ default 0xdead000000000000 if X86_64
1628	1640
1629	1641	config X86_PMEM_LEGACY_DEVICE
1630	1642	bool
..	..	@@ -1634,6 +1646,7 @@
1634	1646	depends on PHYS_ADDR_T_64BIT
1635	1647	depends on BLK_DEV
1636	1648	select X86_PMEM_LEGACY_DEVICE
	1649	+ select NUMA_KEEP_MEMINFO if NUMA
1637	1650	select LIBNVDIMM
1638	1651	help
1639	1652	Treat memory marked using the non-standard e820 type of 12 as used
..	..	@@ -1646,7 +1659,7 @@
1646	1659	config HIGHPTE
1647	1660	bool "Allocate 3rd-level pagetables from highmem"
1648	1661	depends on HIGHMEM
1649		- ---help---
	1662	+ help
1650	1663	The VM uses one page table entry for each page of physical memory.
1651	1664	For systems with a lot of RAM, this can be wasteful of precious
1652	1665	low memory. Setting this option will put user-space page table
..	..	@@ -1654,7 +1667,7 @@
1654	1667
1655	1668	config X86_CHECK_BIOS_CORRUPTION
1656	1669	bool "Check for low memory corruption"
1657		- ---help---
	1670	+ help
1658	1671	Periodically check for memory corruption in low memory, which
1659	1672	is suspected to be caused by BIOS. Even when enabled in the
1660	1673	configuration, it is disabled at runtime. Enable it by
..	..	@@ -1678,7 +1691,7 @@
1678	1691	bool "Set the default setting of memory_corruption_check"
1679	1692	depends on X86_CHECK_BIOS_CORRUPTION
1680	1693	default y
1681		- ---help---
	1694	+ help
1682	1695	Set whether the default state of memory_corruption_check is
1683	1696	on or off.
1684	1697
..	..	@@ -1686,7 +1699,7 @@
1686	1699	int "Amount of low memory, in kilobytes, to reserve for the BIOS"
1687	1700	default 64
1688	1701	range 4 640
1689		- ---help---
	1702	+ help
1690	1703	Specify the amount of low memory to reserve for the BIOS.
1691	1704
1692	1705	The first page contains BIOS data structures that the kernel
..	..	@@ -1714,8 +1727,8 @@
1714	1727	config MATH_EMULATION
1715	1728	bool
1716	1729	depends on MODIFY_LDT_SYSCALL
1717		- prompt "Math emulation" if X86_32
1718		- ---help---
	1730	+ prompt "Math emulation" if X86_32 && (M486SX \|\| MELAN)
	1731	+ help
1719	1732	Linux can emulate a math coprocessor (used for floating point
1720	1733	operations) if you don't have one. 486DX and Pentium processors have
1721	1734	a math coprocessor built in, 486SX and 386 do not, unless you added
..	..	@@ -1741,7 +1754,7 @@
1741	1754	config MTRR
1742	1755	def_bool y
1743	1756	prompt "MTRR (Memory Type Range Register) support" if EXPERT
1744		- ---help---
	1757	+ help
1745	1758	On Intel P6 family processors (Pentium Pro, Pentium II and later)
1746	1759	the Memory Type Range Registers (MTRRs) may be used to control
1747	1760	processor access to memory ranges. This is most useful if you have
..	..	@@ -1771,13 +1784,13 @@
1771	1784	You can safely say Y even if your machine doesn't have MTRRs, you'll
1772	1785	just add about 9 KB to your kernel.
1773	1786
1774		- See <file:Documentation/x86/mtrr.txt> for more information.
	1787	+ See <file:Documentation/x86/mtrr.rst> for more information.
1775	1788
1776	1789	config MTRR_SANITIZER
1777	1790	def_bool y
1778	1791	prompt "MTRR cleanup support"
1779	1792	depends on MTRR
1780		- ---help---
	1793	+ help
1781	1794	Convert MTRR layout from continuous to discrete, so X drivers can
1782	1795	add writeback entries.
1783	1796
..	..	@@ -1792,7 +1805,7 @@
1792	1805	range 0 1
1793	1806	default "0"
1794	1807	depends on MTRR_SANITIZER
1795		- ---help---
	1808	+ help
1796	1809	Enable mtrr cleanup default value
1797	1810
1798	1811	config MTRR_SANITIZER_SPARE_REG_NR_DEFAULT
..	..	@@ -1800,7 +1813,7 @@
1800	1813	range 0 7
1801	1814	default "1"
1802	1815	depends on MTRR_SANITIZER
1803		- ---help---
	1816	+ help
1804	1817	mtrr cleanup spare entries default, it can be changed via
1805	1818	mtrr_spare_reg_nr=N on the kernel command line.
1806	1819
..	..	@@ -1808,7 +1821,7 @@
1808	1821	def_bool y
1809	1822	prompt "x86 PAT support" if EXPERT
1810	1823	depends on MTRR
1811		- ---help---
	1824	+ help
1812	1825	Use PAT attributes to setup page level cache control.
1813	1826
1814	1827	PATs are the modern equivalents of MTRRs and are much more
..	..	@@ -1826,7 +1839,7 @@
1826	1839	config ARCH_RANDOM
1827	1840	def_bool y
1828	1841	prompt "x86 architectural random number generator" if EXPERT
1829		- ---help---
	1842	+ help
1830	1843	Enable the x86 architectural RDRAND instruction
1831	1844	(Intel Bull Mountain technology) to generate random numbers.
1832	1845	If supported, this is a high bandwidth, cryptographically
..	..	@@ -1835,7 +1848,7 @@
1835	1848	config X86_SMAP
1836	1849	def_bool y
1837	1850	prompt "Supervisor Mode Access Prevention" if EXPERT
1838		- ---help---
	1851	+ help
1839	1852	Supervisor Mode Access Prevention (SMAP) is a security
1840	1853	feature in newer Intel processors. There is a small
1841	1854	performance cost if this enabled and turned on; there is
..	..	@@ -1843,63 +1856,34 @@
1843	1856
1844	1857	If unsure, say Y.
1845	1858
1846		-config X86_INTEL_UMIP
	1859	+config X86_UMIP
1847	1860	def_bool y
1848		- depends on CPU_SUP_INTEL
1849		- prompt "Intel User Mode Instruction Prevention" if EXPERT
1850		- ---help---
1851		- The User Mode Instruction Prevention (UMIP) is a security
1852		- feature in newer Intel processors. If enabled, a general
1853		- protection fault is issued if the SGDT, SLDT, SIDT, SMSW
1854		- or STR instructions are executed in user mode. These instructions
1855		- unnecessarily expose information about the hardware state.
	1861	+ prompt "User Mode Instruction Prevention" if EXPERT
	1862	+ help
	1863	+ User Mode Instruction Prevention (UMIP) is a security feature in
	1864	+ some x86 processors. If enabled, a general protection fault is
	1865	+ issued if the SGDT, SLDT, SIDT, SMSW or STR instructions are
	1866	+ executed in user mode. These instructions unnecessarily expose
	1867	+ information about the hardware state.
1856	1868
1857	1869	The vast majority of applications do not use these instructions.
1858	1870	For the very few that do, software emulation is provided in
1859	1871	specific cases in protected and virtual-8086 modes. Emulated
1860	1872	results are dummy.
1861	1873
1862		-config X86_INTEL_MPX
1863		- prompt "Intel MPX (Memory Protection Extensions)"
1864		- def_bool n
1865		- # Note: only available in 64-bit mode due to VMA flags shortage
1866		- depends on CPU_SUP_INTEL && X86_64
1867		- select ARCH_USES_HIGH_VMA_FLAGS
1868		- ---help---
1869		- MPX provides hardware features that can be used in
1870		- conjunction with compiler-instrumented code to check
1871		- memory references. It is designed to detect buffer
1872		- overflow or underflow bugs.
1873		-
1874		- This option enables running applications which are
1875		- instrumented or otherwise use MPX. It does not use MPX
1876		- itself inside the kernel or to protect the kernel
1877		- against bad memory references.
1878		-
1879		- Enabling this option will make the kernel larger:
1880		- ~8k of kernel text and 36 bytes of data on a 64-bit
1881		- defconfig. It adds a long to the 'mm_struct' which
1882		- will increase the kernel memory overhead of each
1883		- process and adds some branches to paths used during
1884		- exec() and munmap().
1885		-
1886		- For details, see Documentation/x86/intel_mpx.txt
1887		-
1888		- If unsure, say N.
1889		-
1890	1874	config X86_INTEL_MEMORY_PROTECTION_KEYS
1891		- prompt "Intel Memory Protection Keys"
	1875	+ prompt "Memory Protection Keys"
1892	1876	def_bool y
1893	1877	# Note: only available in 64-bit mode
1894		- depends on CPU_SUP_INTEL && X86_64
	1878	+ depends on X86_64 && (CPU_SUP_INTEL \|\| CPU_SUP_AMD)
1895	1879	select ARCH_USES_HIGH_VMA_FLAGS
1896	1880	select ARCH_HAS_PKEYS
1897		- ---help---
	1881	+ help
1898	1882	Memory Protection Keys provides a mechanism for enforcing
1899	1883	page-based protections, but without requiring modification of the
1900	1884	page tables when an application changes protection domains.
1901	1885
1902		- For details, see Documentation/x86/protection-keys.txt
	1886	+ For details, see Documentation/core-api/protection-keys.rst
1903	1887
1904	1888	If unsure, say y.
1905	1889
..	..	@@ -1954,7 +1938,7 @@
1954	1938	select UCS2_STRING
1955	1939	select EFI_RUNTIME_WRAPPERS
1956	1940	select ARCH_USE_MEMREMAP_PROT
1957		- ---help---
	1941	+ help
1958	1942	This enables the kernel to use EFI runtime services that are
1959	1943	available (such as the EFI variable services).
1960	1944
..	..	@@ -1966,19 +1950,19 @@
1966	1950	platforms.
1967	1951
1968	1952	config EFI_STUB
1969		- bool "EFI stub support"
1970		- depends on EFI && !X86_USE_3DNOW
1971		- select RELOCATABLE
1972		- ---help---
1973		- This kernel feature allows a bzImage to be loaded directly
	1953	+ bool "EFI stub support"
	1954	+ depends on EFI && !X86_USE_3DNOW
	1955	+ select RELOCATABLE
	1956	+ help
	1957	+ This kernel feature allows a bzImage to be loaded directly
1974	1958	by EFI firmware without the use of a bootloader.
1975	1959
1976		- See Documentation/efi-stub.txt for more information.
	1960	+ See Documentation/admin-guide/efi-stub.rst for more information.
1977	1961
1978	1962	config EFI_MIXED
1979	1963	bool "EFI mixed-mode support"
1980	1964	depends on EFI_STUB && X86_64
1981		- ---help---
	1965	+ help
1982	1966	Enabling this feature allows a 64-bit kernel to be booted
1983	1967	on a 32-bit firmware, provided that your CPU supports 64-bit
1984	1968	mode.
..	..	@@ -1989,28 +1973,12 @@
1989	1973
1990	1974	If unsure, say N.
1991	1975
1992		-config SECCOMP
1993		- def_bool y
1994		- prompt "Enable seccomp to safely compute untrusted bytecode"
1995		- ---help---
1996		- This kernel feature is useful for number crunching applications
1997		- that may need to compute untrusted bytecode during their
1998		- execution. By using pipes or other transports made available to
1999		- the process as file descriptors supporting the read/write
2000		- syscalls, it's possible to isolate those applications in
2001		- their own address space using seccomp. Once seccomp is
2002		- enabled via prctl(PR_SET_SECCOMP), it cannot be disabled
2003		- and the task is only allowed to execute a few safe syscalls
2004		- defined by each seccomp mode.
2005		-
2006		- If unsure, say Y. Only embedded should say N here.
2007		-
2008		-source kernel/Kconfig.hz
	1976	+source "kernel/Kconfig.hz"
2009	1977
2010	1978	config KEXEC
2011	1979	bool "kexec system call"
2012	1980	select KEXEC_CORE
2013		- ---help---
	1981	+ help
2014	1982	kexec is a system call that implements the ability to shutdown your
2015	1983	current kernel, and to start another kernel. It is like a reboot
2016	1984	but it is independent of the system firmware. And like a reboot
..	..	@@ -2031,7 +1999,7 @@
2031	1999	depends on X86_64
2032	2000	depends on CRYPTO=y
2033	2001	depends on CRYPTO_SHA256=y
2034		- ---help---
	2002	+ help
2035	2003	This is new version of kexec system call. This system call is
2036	2004	file based and takes file descriptors as system call argument
2037	2005	for kernel and initramfs as opposed to list of segments as
..	..	@@ -2040,29 +2008,39 @@
2040	2008	config ARCH_HAS_KEXEC_PURGATORY
2041	2009	def_bool KEXEC_FILE
2042	2010
2043		-config KEXEC_VERIFY_SIG
	2011	+config KEXEC_SIG
2044	2012	bool "Verify kernel signature during kexec_file_load() syscall"
2045	2013	depends on KEXEC_FILE
2046		- ---help---
2047		- This option makes kernel signature verification mandatory for
2048		- the kexec_file_load() syscall.
	2014	+ help
2049	2015
2050		- In addition to that option, you need to enable signature
	2016	+ This option makes the kexec_file_load() syscall check for a valid
	2017	+ signature of the kernel image. The image can still be loaded without
	2018	+ a valid signature unless you also enable KEXEC_SIG_FORCE, though if
	2019	+ there's a signature that we can check, then it must be valid.
	2020	+
	2021	+ In addition to this option, you need to enable signature
2051	2022	verification for the corresponding kernel image type being
2052	2023	loaded in order for this to work.
2053	2024
	2025	+config KEXEC_SIG_FORCE
	2026	+ bool "Require a valid signature in kexec_file_load() syscall"
	2027	+ depends on KEXEC_SIG
	2028	+ help
	2029	+ This option makes kernel signature verification mandatory for
	2030	+ the kexec_file_load() syscall.
	2031	+
2054	2032	config KEXEC_BZIMAGE_VERIFY_SIG
2055	2033	bool "Enable bzImage signature verification support"
2056		- depends on KEXEC_VERIFY_SIG
	2034	+ depends on KEXEC_SIG
2057	2035	depends on SIGNED_PE_FILE_VERIFICATION
2058	2036	select SYSTEM_TRUSTED_KEYRING
2059		- ---help---
	2037	+ help
2060	2038	Enable bzImage signature verification support.
2061	2039
2062	2040	config CRASH_DUMP
2063	2041	bool "kernel crash dumps"
2064	2042	depends on X86_64 \|\| (X86_32 && HIGHMEM)
2065		- ---help---
	2043	+ help
2066	2044	Generate crash dump after being started by kexec.
2067	2045	This should be normally only set in special crash dump kernels
2068	2046	which are loaded in the main kernel with kexec-tools into
..	..	@@ -2071,19 +2049,19 @@
2071	2049	to a memory address not used by the main kernel or BIOS using
2072	2050	PHYSICAL_START, or it must be built as a relocatable image
2073	2051	(CONFIG_RELOCATABLE=y).
2074		- For more details see Documentation/kdump/kdump.txt
	2052	+ For more details see Documentation/admin-guide/kdump/kdump.rst
2075	2053
2076	2054	config KEXEC_JUMP
2077	2055	bool "kexec jump"
2078	2056	depends on KEXEC && HIBERNATION
2079		- ---help---
	2057	+ help
2080	2058	Jump between original kernel and kexeced kernel and invoke
2081	2059	code in physical address mode via KEXEC
2082	2060
2083	2061	config PHYSICAL_START
2084	2062	hex "Physical address where the kernel is loaded" if (EXPERT \|\| CRASH_DUMP)
2085	2063	default "0x1000000"
2086		- ---help---
	2064	+ help
2087	2065	This gives the physical address where the kernel is loaded.
2088	2066
2089	2067	If kernel is a not relocatable (CONFIG_RELOCATABLE=n) then
..	..	@@ -2108,7 +2086,7 @@
2108	2086	the reserved region. In other words, it can be set based on
2109	2087	the "X" value as specified in the "crashkernel=YM@XM"
2110	2088	command line boot parameter passed to the panic-ed
2111		- kernel. Please take a look at Documentation/kdump/kdump.txt
	2089	+ kernel. Please take a look at Documentation/admin-guide/kdump/kdump.rst
2112	2090	for more details about crash dumps.
2113	2091
2114	2092	Usage of bzImage for capturing the crash dump is recommended as
..	..	@@ -2124,7 +2102,7 @@
2124	2102	config RELOCATABLE
2125	2103	bool "Build a relocatable kernel"
2126	2104	default y
2127		- ---help---
	2105	+ help
2128	2106	This builds a kernel image that retains relocation information
2129	2107	so it can be loaded someplace besides the default 1MB.
2130	2108	The relocations tend to make the kernel binary about 10% larger,
..	..	@@ -2142,7 +2120,7 @@
2142	2120	bool "Randomize the address of the kernel image (KASLR)"
2143	2121	depends on RELOCATABLE
2144	2122	default y
2145		- ---help---
	2123	+ help
2146	2124	In support of Kernel Address Space Layout Randomization (KASLR),
2147	2125	this randomizes the physical address at which the kernel image
2148	2126	is decompressed and the virtual address where the kernel
..	..	@@ -2183,7 +2161,7 @@
2183	2161	default "0x200000"
2184	2162	range 0x2000 0x1000000 if X86_32
2185	2163	range 0x200000 0x1000000 if X86_64
2186		- ---help---
	2164	+ help
2187	2165	This value puts the alignment restrictions on physical address
2188	2166	where kernel is loaded and run from. Kernel is compiled for an
2189	2167	address which meets above alignment restriction.
..	..	@@ -2207,7 +2185,7 @@
2207	2185
2208	2186	config DYNAMIC_MEMORY_LAYOUT
2209	2187	bool
2210		- ---help---
	2188	+ help
2211	2189	This option makes base addresses of vmalloc and vmemmap as well as
2212	2190	__PAGE_OFFSET movable during boot.
2213	2191
..	..	@@ -2217,7 +2195,7 @@
2217	2195	depends on RANDOMIZE_BASE
2218	2196	select DYNAMIC_MEMORY_LAYOUT
2219	2197	default RANDOMIZE_BASE
2220		- ---help---
	2198	+ help
2221	2199	Randomizes the base virtual address of kernel memory sections
2222	2200	(physical memory mapping, vmalloc & vmemmap). This security feature
2223	2201	makes exploits relying on predictable memory locations less reliable.
..	..	@@ -2236,7 +2214,7 @@
2236	2214	default "0x0"
2237	2215	range 0x1 0x40 if MEMORY_HOTPLUG
2238	2216	range 0x0 0x40
2239		- ---help---
	2217	+ help
2240	2218	Define the padding in terabytes added to the existing physical
2241	2219	memory size during kernel memory randomization. It is useful
2242	2220	for memory hotplug support but reduces the entropy available for
..	..	@@ -2250,9 +2228,8 @@
2250	2228
2251	2229	config BOOTPARAM_HOTPLUG_CPU0
2252	2230	bool "Set default setting of cpu0_hotpluggable"
2253		- default n
2254	2231	depends on HOTPLUG_CPU
2255		- ---help---
	2232	+ help
2256	2233	Set whether default state of cpu0_hotpluggable is on or off.
2257	2234
2258	2235	Say Y here to enable CPU0 hotplug by default. If this switch
..	..	@@ -2281,7 +2258,7 @@
2281	2258	def_bool n
2282	2259	prompt "Debug CPU0 hotplug"
2283	2260	depends on HOTPLUG_CPU
2284		- ---help---
	2261	+ help
2285	2262	Enabling this option offlines CPU0 (if CPU0 can be offlined) as
2286	2263	soon as possible and boots up userspace with CPU0 offlined. User
2287	2264	can online CPU0 back after boot time.
..	..	@@ -2296,7 +2273,7 @@
2296	2273	def_bool n
2297	2274	prompt "Disable the 32-bit vDSO (needed for glibc 2.3.3)"
2298	2275	depends on COMPAT_32
2299		- ---help---
	2276	+ help
2300	2277	Certain buggy versions of glibc will crash if they are
2301	2278	presented with a 32-bit vDSO that is not mapped at the address
2302	2279	indicated in its segment table.
..	..	@@ -2320,7 +2297,7 @@
2320	2297	choice
2321	2298	prompt "vsyscall table for legacy applications"
2322	2299	depends on X86_64
2323		- default LEGACY_VSYSCALL_EMULATE
	2300	+ default LEGACY_VSYSCALL_XONLY
2324	2301	help
2325	2302	Legacy user code that does not know how to find the vDSO expects
2326	2303	to be able to issue three syscalls by calling fixed addresses in
..	..	@@ -2328,23 +2305,38 @@
2328	2305	it can be used to assist security vulnerability exploitation.
2329	2306
2330	2307	This setting can be changed at boot time via the kernel command
2331		- line parameter vsyscall=[emulate\|none].
	2308	+ line parameter vsyscall=[emulate\|xonly\|none].
2332	2309
2333	2310	On a system with recent enough glibc (2.14 or newer) and no
2334	2311	static binaries, you can say None without a performance penalty
2335	2312	to improve security.
2336	2313
2337		- If unsure, select "Emulate".
	2314	+ If unsure, select "Emulate execution only".
2338	2315
2339	2316	config LEGACY_VSYSCALL_EMULATE
2340		- bool "Emulate"
	2317	+ bool "Full emulation"
2341	2318	help
2342		- The kernel traps and emulates calls into the fixed
2343		- vsyscall address mapping. This makes the mapping
2344		- non-executable, but it still contains known contents,
2345		- which could be used in certain rare security vulnerability
2346		- exploits. This configuration is recommended when userspace
2347		- still uses the vsyscall area.
	2319	+ The kernel traps and emulates calls into the fixed vsyscall
	2320	+ address mapping. This makes the mapping non-executable, but
	2321	+ it still contains readable known contents, which could be
	2322	+ used in certain rare security vulnerability exploits. This
	2323	+ configuration is recommended when using legacy userspace
	2324	+ that still uses vsyscalls along with legacy binary
	2325	+ instrumentation tools that require code to be readable.
	2326	+
	2327	+ An example of this type of legacy userspace is running
	2328	+ Pin on an old binary that still uses vsyscalls.
	2329	+
	2330	+ config LEGACY_VSYSCALL_XONLY
	2331	+ bool "Emulate execution only"
	2332	+ help
	2333	+ The kernel traps and emulates calls into the fixed vsyscall
	2334	+ address mapping and does not allow reads. This
	2335	+ configuration is recommended when userspace might use the
	2336	+ legacy vsyscall area but support for legacy binary
	2337	+ instrumentation of legacy code is not needed. It mitigates
	2338	+ certain uses of the vsyscall area as an ASLR-bypassing
	2339	+ buffer.
2348	2340
2349	2341	config LEGACY_VSYSCALL_NONE
2350	2342	bool "None"
..	..	@@ -2359,7 +2351,7 @@
2359	2351
2360	2352	config CMDLINE_BOOL
2361	2353	bool "Built-in kernel command line"
2362		- ---help---
	2354	+ help
2363	2355	Allow for specifying boot arguments to the kernel at
2364	2356	build time. On some systems (e.g. embedded ones), it is
2365	2357	necessary or convenient to provide some or all of the
..	..	@@ -2377,7 +2369,7 @@
2377	2369	string "Built-in kernel command string"
2378	2370	depends on CMDLINE_BOOL
2379	2371	default ""
2380		- ---help---
	2372	+ help
2381	2373	Enter arguments here that should be compiled into the kernel
2382	2374	image and used at boot time. If the boot loader provides a
2383	2375	command line at boot time, it is appended to this string to
..	..	@@ -2392,8 +2384,8 @@
2392	2384
2393	2385	config CMDLINE_OVERRIDE
2394	2386	bool "Built-in command line overrides boot loader arguments"
2395		- depends on CMDLINE_BOOL
2396		- ---help---
	2387	+ depends on CMDLINE_BOOL && CMDLINE != ""
	2388	+ help
2397	2389	Set this option to 'Y' to have the kernel ignore the boot loader
2398	2390	command line, and use ONLY the built-in command line.
2399	2391
..	..	@@ -2403,7 +2395,7 @@
2403	2395	config MODIFY_LDT_SYSCALL
2404	2396	bool "Enable the LDT (local descriptor table)" if EXPERT
2405	2397	default y
2406		- ---help---
	2398	+ help
2407	2399	Linux can allow user programs to install a per-process x86
2408	2400	Local Descriptor Table (LDT) using the modify_ldt(2) system
2409	2401	call. This is required to run 16-bit or segmented code such as
..	..	@@ -2419,6 +2411,114 @@
2419	2411	source "kernel/livepatch/Kconfig"
2420	2412
2421	2413	endmenu
	2414	+
	2415	+config CC_HAS_SLS
	2416	+ def_bool $(cc-option,-mharden-sls=all)
	2417	+
	2418	+config CC_HAS_RETURN_THUNK
	2419	+ def_bool $(cc-option,-mfunction-return=thunk-extern)
	2420	+
	2421	+menuconfig SPECULATION_MITIGATIONS
	2422	+ bool "Mitigations for speculative execution vulnerabilities"
	2423	+ default y
	2424	+ help
	2425	+ Say Y here to enable options which enable mitigations for
	2426	+ speculative execution hardware vulnerabilities.
	2427	+
	2428	+ If you say N, all mitigations will be disabled. You really
	2429	+ should know what you are doing to say so.
	2430	+
	2431	+if SPECULATION_MITIGATIONS
	2432	+
	2433	+config PAGE_TABLE_ISOLATION
	2434	+ bool "Remove the kernel mapping in user mode"
	2435	+ default y
	2436	+ depends on (X86_64 \|\| X86_PAE)
	2437	+ help
	2438	+ This feature reduces the number of hardware side channels by
	2439	+ ensuring that the majority of kernel addresses are not mapped
	2440	+ into userspace.
	2441	+
	2442	+ See Documentation/x86/pti.rst for more details.
	2443	+
	2444	+config RETPOLINE
	2445	+ bool "Avoid speculative indirect branches in kernel"
	2446	+ default y
	2447	+ help
	2448	+ Compile kernel with the retpoline compiler options to guard against
	2449	+ kernel-to-user data leaks by avoiding speculative indirect
	2450	+ branches. Requires a compiler with -mindirect-branch=thunk-extern
	2451	+ support for full protection. The kernel may run slower.
	2452	+
	2453	+config RETHUNK
	2454	+ bool "Enable return-thunks"
	2455	+ depends on RETPOLINE && CC_HAS_RETURN_THUNK
	2456	+ default y if X86_64
	2457	+ help
	2458	+ Compile the kernel with the return-thunks compiler option to guard
	2459	+ against kernel-to-user data leaks by avoiding return speculation.
	2460	+ Requires a compiler with -mfunction-return=thunk-extern
	2461	+ support for full protection. The kernel may run slower.
	2462	+
	2463	+config CPU_UNRET_ENTRY
	2464	+ bool "Enable UNRET on kernel entry"
	2465	+ depends on CPU_SUP_AMD && RETHUNK && X86_64
	2466	+ default y
	2467	+ help
	2468	+ Compile the kernel with support for the retbleed=unret mitigation.
	2469	+
	2470	+config CPU_IBPB_ENTRY
	2471	+ bool "Enable IBPB on kernel entry"
	2472	+ depends on CPU_SUP_AMD && X86_64
	2473	+ default y
	2474	+ help
	2475	+ Compile the kernel with support for the retbleed=ibpb mitigation.
	2476	+
	2477	+config CPU_IBRS_ENTRY
	2478	+ bool "Enable IBRS on kernel entry"
	2479	+ depends on CPU_SUP_INTEL && X86_64
	2480	+ default y
	2481	+ help
	2482	+ Compile the kernel with support for the spectre_v2=ibrs mitigation.
	2483	+ This mitigates both spectre_v2 and retbleed at great cost to
	2484	+ performance.
	2485	+
	2486	+config CPU_SRSO
	2487	+ bool "Mitigate speculative RAS overflow on AMD"
	2488	+ depends on CPU_SUP_AMD && X86_64 && RETHUNK
	2489	+ default y
	2490	+ help
	2491	+ Enable the SRSO mitigation needed on AMD Zen1-4 machines.
	2492	+
	2493	+config SLS
	2494	+ bool "Mitigate Straight-Line-Speculation"
	2495	+ depends on CC_HAS_SLS && X86_64
	2496	+ default n
	2497	+ help
	2498	+ Compile the kernel with straight-line-speculation options to guard
	2499	+ against straight line speculation. The kernel image might be slightly
	2500	+ larger.
	2501	+
	2502	+config GDS_FORCE_MITIGATION
	2503	+ bool "Force GDS Mitigation"
	2504	+ depends on CPU_SUP_INTEL
	2505	+ default n
	2506	+ help
	2507	+ Gather Data Sampling (GDS) is a hardware vulnerability which allows
	2508	+ unprivileged speculative access to data which was previously stored in
	2509	+ vector registers.
	2510	+
	2511	+ This option is equivalent to setting gather_data_sampling=force on the
	2512	+ command line. The microcode mitigation is used if present, otherwise
	2513	+ AVX is disabled as a mitigation. On affected systems that are missing
	2514	+ the microcode any userspace code that unconditionally uses AVX will
	2515	+ break with this option set.
	2516	+
	2517	+ Setting this option on systems not vulnerable to GDS has no effect.
	2518	+
	2519	+ If in doubt, say N.
	2520	+
	2521	+endif
2422	2522
2423	2523	config ARCH_HAS_ADD_PAGES
2424	2524	def_bool y
..	..	@@ -2452,7 +2552,7 @@
2452	2552
2453	2553	config ARCH_HIBERNATION_HEADER
2454	2554	def_bool y
2455		- depends on X86_64 && HIBERNATION
	2555	+ depends on HIBERNATION
2456	2556
2457	2557	source "kernel/power/Kconfig"
2458	2558
..	..	@@ -2467,7 +2567,7 @@
2467	2567	menuconfig APM
2468	2568	tristate "APM (Advanced Power Management) BIOS support"
2469	2569	depends on X86_32 && PM_SLEEP
2470		- ---help---
	2570	+ help
2471	2571	APM is a BIOS specification for saving power using several different
2472	2572	techniques. This is mostly useful for battery powered laptops with
2473	2573	APM compliant BIOSes. If you say Y here, the system time will be
..	..	@@ -2482,7 +2582,7 @@
2482	2582	machines with more than one CPU.
2483	2583
2484	2584	In order to use APM, you will need supporting software. For location
2485		- and more information, read <file:Documentation/power/apm-acpi.txt>
	2585	+ and more information, read <file:Documentation/power/apm-acpi.rst>
2486	2586	and the Battery Powered Linux mini-HOWTO, available from
2487	2587	<http://www.tldp.org/docs.html#howto>.
2488	2588
..	..	@@ -2527,14 +2627,14 @@
2527	2627
2528	2628	config APM_IGNORE_USER_SUSPEND
2529	2629	bool "Ignore USER SUSPEND"
2530		- ---help---
	2630	+ help
2531	2631	This option will ignore USER SUSPEND requests. On machines with a
2532	2632	compliant APM BIOS, you want to say N. However, on the NEC Versa M
2533	2633	series notebooks, it is necessary to say Y because of a BIOS bug.
2534	2634
2535	2635	config APM_DO_ENABLE
2536	2636	bool "Enable PM at boot time"
2537		- ---help---
	2637	+ help
2538	2638	Enable APM features at boot time. From page 36 of the APM BIOS
2539	2639	specification: "When disabled, the APM BIOS does not automatically
2540	2640	power manage devices, enter the Standby State, enter the Suspend
..	..	@@ -2552,7 +2652,7 @@
2552	2652	config APM_CPU_IDLE
2553	2653	depends on CPU_IDLE
2554	2654	bool "Make CPU Idle calls when idle"
2555		- ---help---
	2655	+ help
2556	2656	Enable calls to APM CPU Idle/CPU Busy inside the kernel's idle loop.
2557	2657	On some machines, this can activate improved power savings, such as
2558	2658	a slowed CPU clock rate, when the machine is idle. These idle calls
..	..	@@ -2563,7 +2663,7 @@
2563	2663
2564	2664	config APM_DISPLAY_BLANK
2565	2665	bool "Enable console blanking using APM"
2566		- ---help---
	2666	+ help
2567	2667	Enable console blanking using the APM. Some laptops can use this to
2568	2668	turn off the LCD backlight when the screen blanker of the Linux
2569	2669	virtual console blanks the screen. Note that this is only used by
..	..	@@ -2576,7 +2676,7 @@
2576	2676
2577	2677	config APM_ALLOW_INTS
2578	2678	bool "Allow interrupts during APM BIOS calls"
2579		- ---help---
	2679	+ help
2580	2680	Normally we disable external interrupts while we are making calls to
2581	2681	the APM BIOS as a measure to lessen the effects of a badly behaving
2582	2682	BIOS implementation. The BIOS should reenable interrupts if it
..	..	@@ -2597,20 +2697,11 @@
2597	2697
2598	2698	menu "Bus options (PCI etc.)"
2599	2699
2600		-config PCI
2601		- bool "PCI support"
2602		- default y
2603		- ---help---
2604		- Find out whether you have a PCI motherboard. PCI is the name of a
2605		- bus system, i.e. the way the CPU talks to the other stuff inside
2606		- your box. Other bus systems are ISA, EISA, MicroChannel (MCA) or
2607		- VESA. If you have PCI, say Y, otherwise N.
2608		-
2609	2700	choice
2610	2701	prompt "PCI access mode"
2611	2702	depends on X86_32 && PCI
2612	2703	default PCI_GOANY
2613		- ---help---
	2704	+ help
2614	2705	On PCI systems, the BIOS can be used to detect the PCI devices and
2615	2706	determine their configuration. However, some old PCI motherboards
2616	2707	have BIOS bugs and may crash if this is done. Also, some embedded
..	..	@@ -2667,10 +2758,6 @@
2667	2758	depends on PCI && XEN
2668	2759	select SWIOTLB_XEN
2669	2760
2670		-config PCI_DOMAINS
2671		- def_bool y
2672		- depends on PCI
2673		-
2674	2761	config MMCONF_FAM10H
2675	2762	def_bool y
2676	2763	depends on X86_64 && PCI_MMCONFIG && ACPI
..	..	@@ -2687,8 +2774,6 @@
2687	2774	is known to be incomplete.
2688	2775
2689	2776	You should say N unless you know you need this.
2690		-
2691		-source "drivers/pci/Kconfig"
2692	2777
2693	2778	config ISA_BUS
2694	2779	bool "ISA bus support on modern systems" if EXPERT
..	..	@@ -2713,34 +2798,16 @@
2713	2798
2714	2799	config ISA
2715	2800	bool "ISA support"
2716		- ---help---
	2801	+ help
2717	2802	Find out whether you have ISA slots on your motherboard. ISA is the
2718	2803	name of a bus system, i.e. the way the CPU talks to the other stuff
2719	2804	inside your box. Other bus systems are PCI, EISA, MicroChannel
2720	2805	(MCA) or VESA. ISA is an older system, now being displaced by PCI;
2721	2806	newer boards don't support it. If you have ISA, say Y, otherwise N.
2722	2807
2723		-config EISA
2724		- bool "EISA support"
2725		- depends on ISA
2726		- ---help---
2727		- The Extended Industry Standard Architecture (EISA) bus was
2728		- developed as an open alternative to the IBM MicroChannel bus.
2729		-
2730		- The EISA bus provided some of the features of the IBM MicroChannel
2731		- bus while maintaining backward compatibility with cards made for
2732		- the older ISA bus. The EISA bus saw limited use between 1988 and
2733		- 1995 when it was made obsolete by the PCI bus.
2734		-
2735		- Say Y here if you are building a kernel for an EISA-based machine.
2736		-
2737		- Otherwise, say N.
2738		-
2739		-source "drivers/eisa/Kconfig"
2740		-
2741	2808	config SCx200
2742	2809	tristate "NatSemi SCx200 support"
2743		- ---help---
	2810	+ help
2744	2811	This provides basic support for National Semiconductor's
2745	2812	(now AMD's) Geode processors. The driver probes for the
2746	2813	PCI-IDs of several on-chip devices, so its a good dependency
..	..	@@ -2752,7 +2819,7 @@
2752	2819	tristate "NatSemi SCx200 27MHz High-Resolution Timer Support"
2753	2820	depends on SCx200
2754	2821	default y
2755		- ---help---
	2822	+ help
2756	2823	This driver provides a clocksource built upon the on-chip
2757	2824	27MHz high-resolution timer. Its also a workaround for
2758	2825	NSC Geode SC-1100's buggy TSC, which loses time when the
..	..	@@ -2766,20 +2833,21 @@
2766	2833	select OF
2767	2834	select OF_PROMTREE
2768	2835	select IRQ_DOMAIN
2769		- ---help---
	2836	+ select OLPC_EC
	2837	+ help
2770	2838	Add support for detecting the unique features of the OLPC
2771	2839	XO hardware.
2772	2840
2773	2841	config OLPC_XO1_PM
2774	2842	bool "OLPC XO-1 Power Management"
2775	2843	depends on OLPC && MFD_CS5535=y && PM_SLEEP
2776		- ---help---
	2844	+ help
2777	2845	Add support for poweroff and suspend of the OLPC XO-1 laptop.
2778	2846
2779	2847	config OLPC_XO1_RTC
2780	2848	bool "OLPC XO-1 Real Time Clock"
2781	2849	depends on OLPC_XO1_PM && RTC_DRV_CMOS
2782		- ---help---
	2850	+ help
2783	2851	Add support for the XO-1 real time clock, which can be used as a
2784	2852	programmable wakeup source.
2785	2853
..	..	@@ -2788,7 +2856,7 @@
2788	2856	depends on OLPC && OLPC_XO1_PM && GPIO_CS5535=y
2789	2857	depends on INPUT=y
2790	2858	select POWER_SUPPLY
2791		- ---help---
	2859	+ help
2792	2860	Add support for SCI-based features of the OLPC XO-1 laptop:
2793	2861	- EC-driven system wakeups
2794	2862	- Power button
..	..	@@ -2801,7 +2869,7 @@
2801	2869	bool "OLPC XO-1.5 SCI extras"
2802	2870	depends on OLPC && ACPI
2803	2871	select POWER_SUPPLY
2804		- ---help---
	2872	+ help
2805	2873	Add support for SCI-based features of the OLPC XO-1.5 laptop:
2806	2874	- EC-driven system wakeups
2807	2875	- AC adapter status updates
..	..	@@ -2810,7 +2878,7 @@
2810	2878	config ALIX
2811	2879	bool "PCEngines ALIX System Support (LED setup)"
2812	2880	select GPIOLIB
2813		- ---help---
	2881	+ help
2814	2882	This option enables system support for the PCEngines ALIX.
2815	2883	At present this just sets up LEDs for GPIO control on
2816	2884	ALIX2/3/6 boards. However, other system specific setup should
..	..	@@ -2824,14 +2892,14 @@
2824	2892	config NET5501
2825	2893	bool "Soekris Engineering net5501 System Support (LEDS, GPIO, etc)"
2826	2894	select GPIOLIB
2827		- ---help---
	2895	+ help
2828	2896	This option enables system support for the Soekris Engineering net5501.
2829	2897
2830	2898	config GEOS
2831	2899	bool "Traverse Technologies GEOS System Support (LEDS, GPIO, etc)"
2832	2900	select GPIOLIB
2833	2901	depends on DMI
2834		- ---help---
	2902	+ help
2835	2903	This option enables system support for the Traverse Technologies GEOS.
2836	2904
2837	2905	config TS5500
..	..	@@ -2840,7 +2908,7 @@
2840	2908	select CHECK_SIGNATURE
2841	2909	select NEW_LEDS
2842	2910	select LEDS_CLASS
2843		- ---help---
	2911	+ help
2844	2912	This option enables system support for the Technologic Systems TS-5500.
2845	2913
2846	2914	endif # X86_32
..	..	@@ -2848,18 +2916,6 @@
2848	2916	config AMD_NB
2849	2917	def_bool y
2850	2918	depends on CPU_SUP_AMD && PCI
2851		-
2852		-source "drivers/pcmcia/Kconfig"
2853		-
2854		-config RAPIDIO
2855		- tristate "RapidIO support"
2856		- depends on PCI
2857		- default n
2858		- help
2859		- If enabled this option will include drivers and the core
2860		- infrastructure code to support RapidIO interconnect devices.
2861		-
2862		-source "drivers/rapidio/Kconfig"
2863	2919
2864	2920	config X86_SYSFB
2865	2921	bool "Mark VGA/VBE/EFI FB as generic system framebuffer"
..	..	@@ -2899,7 +2955,7 @@
2899	2955	select BINFMT_ELF
2900	2956	select COMPAT_BINFMT_ELF
2901	2957	select COMPAT_OLD_SIGACTION
2902		- ---help---
	2958	+ help
2903	2959	Include code to run legacy 32-bit programs under a
2904	2960	64-bit kernel. You should likely turn this on, unless you're
2905	2961	100% sure that you don't have any 32-bit programs left.
..	..	@@ -2907,13 +2963,19 @@
2907	2963	config IA32_AOUT
2908	2964	tristate "IA32 a.out support"
2909	2965	depends on IA32_EMULATION
2910		- ---help---
	2966	+ depends on BROKEN
	2967	+ help
2911	2968	Support old a.out binaries in the 32bit emulation.
2912	2969
2913	2970	config X86_X32
2914	2971	bool "x32 ABI for 64-bit mode"
2915	2972	depends on X86_64
2916		- ---help---
	2973	+ # llvm-objcopy does not convert x86_64 .note.gnu.property or
	2974	+ # compressed debug sections to x86_x32 properly:
	2975	+ # https://github.com/ClangBuiltLinux/linux/issues/514
	2976	+ # https://github.com/ClangBuiltLinux/linux/issues/1141
	2977	+ depends on $(success,$(OBJCOPY) --version \| head -n1 \| grep -qv llvm)
	2978	+ help
2917	2979	Include code to run binaries for the x32 native 32-bit ABI
2918	2980	for 64-bit processors. An x32 process gets access to the
2919	2981	full 64-bit register file and wide data path while leaving
..	..	@@ -2949,17 +3011,8 @@
2949	3011	def_bool y
2950	3012	depends on X86_32
2951	3013
2952		-config X86_DEV_DMA_OPS
2953		- bool
2954		- depends on X86_64 \|\| STA2X11
2955		-
2956		-config X86_DMA_REMAP
2957		- bool
2958		- depends on STA2X11
2959		-
2960		-config HAVE_GENERIC_GUP
2961		- def_bool y
2962		-
2963	3014	source "drivers/firmware/Kconfig"
2964	3015
2965	3016	source "arch/x86/kvm/Kconfig"
	3017	+
	3018	+source "arch/x86/Kconfig.assembler"