~hc/RK356X_SDK_RELEASE.git

..	..	@@ -3,7 +3,7 @@
3	3	config 64BIT
4	4	bool "64-bit kernel" if "$(ARCH)" = "x86"
5	5	default "$(ARCH)" != "i386"
6		- ---help---
	6	+ help
7	7	Say yes to build a 64-bit kernel - formerly known as x86_64
8	8	Say no to build a 32-bit kernel - formerly known as i386
9	9
..	..	@@ -14,26 +14,37 @@
14	14	select ARCH_WANT_IPC_PARSE_VERSION
15	15	select CLKSRC_I8253
16	16	select CLONE_BACKWARDS
17		- select HAVE_AOUT
18		- select HAVE_GENERIC_DMA_COHERENT
	17	+ select HAVE_DEBUG_STACKOVERFLOW
	18	+ select KMAP_LOCAL
19	19	select MODULES_USE_ELF_REL
20	20	select OLD_SIGACTION
21	21	select GENERIC_VDSO_32
	22	+ select ARCH_SPLIT_ARG64
22	23
23	24	config X86_64
24	25	def_bool y
25	26	depends on 64BIT
26	27	# Options that are inherently 64-bit kernel only:
27		- select ARCH_HAS_GIGANTIC_PAGE if (MEMORY_ISOLATION && COMPACTION) \|\| CMA
28		- select ARCH_SUPPORTS_INT128
	28	+ select ARCH_HAS_GIGANTIC_PAGE
	29	+ select ARCH_SUPPORTS_INT128 if CC_HAS_INT128
	30	+ select ARCH_SUPPORTS_SPECULATIVE_PAGE_FAULT
29	31	select ARCH_USE_CMPXCHG_LOCKREF
30	32	select HAVE_ARCH_SOFT_DIRTY
31	33	select MODULES_USE_ELF_RELA
32	34	select NEED_DMA_MAP_STATE
33	35	select SWIOTLB
34		- select X86_DEV_DMA_OPS
35		- select ARCH_HAS_SYSCALL_WRAPPER
36	36
	37	+config FORCE_DYNAMIC_FTRACE
	38	+ def_bool y
	39	+ depends on X86_32
	40	+ depends on FUNCTION_TRACER
	41	+ select DYNAMIC_FTRACE
	42	+ help
	43	+ We keep the static function tracing (!DYNAMIC_FTRACE) around
	44	+ in order to test the non static function tracing in the
	45	+ generic code, as other architectures still use it. But we
	46	+ only need to keep it around for x86_64. No need to keep it
	47	+ for x86_32. For x86_32, force DYNAMIC_FTRACE.
37	48	#
38	49	# Arch settings
39	50	#
..	..	@@ -47,50 +58,60 @@
47	58	#
48	59	select ACPI_LEGACY_TABLES_LOOKUP if ACPI
49	60	select ACPI_SYSTEM_POWER_STATES_SUPPORT if ACPI
50		- select ARCH_CLOCKSOURCE_DATA
51		- select ARCH_DISCARD_MEMBLOCK
	61	+ select ARCH_32BIT_OFF_T if X86_32
	62	+ select ARCH_CLOCKSOURCE_INIT
52	63	select ARCH_HAS_ACPI_TABLE_UPGRADE if ACPI
53	64	select ARCH_HAS_DEBUG_VIRTUAL
	65	+ select ARCH_HAS_DEBUG_VM_PGTABLE if !X86_PAE
54	66	select ARCH_HAS_DEVMEM_IS_ALLOWED
	67	+ select ARCH_HAS_EARLY_DEBUG if KGDB
55	68	select ARCH_HAS_ELF_RANDOMIZE
56	69	select ARCH_HAS_FAST_MULTIPLIER
57	70	select ARCH_HAS_FILTER_PGPROT
58	71	select ARCH_HAS_FORTIFY_SOURCE
59	72	select ARCH_HAS_GCOV_PROFILE_ALL
60		- select ARCH_HAS_KCOV if X86_64
	73	+ select ARCH_HAS_KCOV if X86_64 && STACK_VALIDATION
	74	+ select ARCH_HAS_MEM_ENCRYPT
61	75	select ARCH_HAS_MEMBARRIER_SYNC_CORE
	76	+ select ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
62	77	select ARCH_HAS_PMEM_API if X86_64
	78	+ select ARCH_HAS_PTE_DEVMAP if X86_64
63	79	select ARCH_HAS_PTE_SPECIAL
64		- select ARCH_HAS_REFCOUNT
65	80	select ARCH_HAS_UACCESS_FLUSHCACHE if X86_64
66		- select ARCH_HAS_UACCESS_MCSAFE if X86_64 && X86_MCE
	81	+ select ARCH_HAS_COPY_MC if X86_64
67	82	select ARCH_HAS_SET_MEMORY
68		- select ARCH_HAS_SG_CHAIN
	83	+ select ARCH_HAS_SET_DIRECT_MAP
69	84	select ARCH_HAS_STRICT_KERNEL_RWX
70	85	select ARCH_HAS_STRICT_MODULE_RWX
71	86	select ARCH_HAS_SYNC_CORE_BEFORE_USERMODE
	87	+ select ARCH_HAS_SYSCALL_WRAPPER
72	88	select ARCH_HAS_UBSAN_SANITIZE_ALL
73		- select ARCH_HAS_ZONE_DEVICE if X86_64
	89	+ select ARCH_HAS_DEBUG_WX
74	90	select ARCH_HAVE_NMI_SAFE_CMPXCHG
75	91	select ARCH_MIGHT_HAVE_ACPI_PDC if ACPI
76	92	select ARCH_MIGHT_HAVE_PC_PARPORT
77	93	select ARCH_MIGHT_HAVE_PC_SERIO
	94	+ select ARCH_STACKWALK
78	95	select ARCH_SUPPORTS_ACPI
79	96	select ARCH_SUPPORTS_ATOMIC_RMW
80	97	select ARCH_SUPPORTS_NUMA_BALANCING if X86_64
81	98	select ARCH_SUPPORTS_LTO_CLANG if X86_64
	99	+ select ARCH_SUPPORTS_LTO_CLANG_THIN if X86_64
82	100	select ARCH_USE_BUILTIN_BSWAP
83	101	select ARCH_USE_QUEUED_RWLOCKS
84	102	select ARCH_USE_QUEUED_SPINLOCKS
	103	+ select ARCH_USE_SYM_ANNOTATIONS
85	104	select ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH
	105	+ select ARCH_WANT_DEFAULT_BPF_JIT if X86_64
86	106	select ARCH_WANTS_DYNAMIC_TASK_STRUCT
	107	+ select ARCH_WANT_HUGE_PMD_SHARE
	108	+ select ARCH_WANT_LD_ORPHAN_WARN
87	109	select ARCH_WANTS_THP_SWAP if X86_64
88		- select BUILDTIME_EXTABLE_SORT
	110	+ select BUILDTIME_TABLE_SORT
89	111	select CLKEVT_I8253
90	112	select CLOCKSOURCE_VALIDATE_LAST_CYCLE
91	113	select CLOCKSOURCE_WATCHDOG
92	114	select DCACHE_WORD_ACCESS
93		- select DMA_DIRECT_OPS
94	115	select EDAC_ATOMIC_SCRUB
95	116	select EDAC_SUPPORT
96	117	select GENERIC_CLOCKEVENTS
..	..	@@ -100,6 +121,7 @@
100	121	select GENERIC_CPU_AUTOPROBE
101	122	select GENERIC_CPU_VULNERABILITIES
102	123	select GENERIC_EARLY_IOREMAP
	124	+ select GENERIC_ENTRY
103	125	select GENERIC_FIND_FIRST_BIT
104	126	select GENERIC_IOMAP
105	127	select GENERIC_IRQ_EFFECTIVE_AFF_MASK if SMP
..	..	@@ -109,11 +131,15 @@
109	131	select GENERIC_IRQ_RESERVATION_MODE
110	132	select GENERIC_IRQ_SHOW
111	133	select GENERIC_PENDING_IRQ if SMP
	134	+ select GENERIC_PTDUMP
112	135	select GENERIC_SMP_IDLE_THREAD
113	136	select GENERIC_STRNCPY_FROM_USER
114	137	select GENERIC_STRNLEN_USER
115	138	select GENERIC_TIME_VSYSCALL
116	139	select GENERIC_GETTIMEOFDAY
	140	+ select GENERIC_VDSO_TIME_NS
	141	+ select GUP_GET_PTE_LOW_HIGH if X86_PAE
	142	+ select HARDIRQS_SW_RESEND
117	143	select HARDLOCKUP_CHECK_TIMESTAMP if X86_64
118	144	select HAVE_ACPI_APEI if ACPI
119	145	select HAVE_ACPI_APEI_NMI if ACPI
..	..	@@ -121,32 +147,41 @@
121	147	select HAVE_ARCH_AUDITSYSCALL
122	148	select HAVE_ARCH_HUGE_VMAP if X86_64 \|\| X86_PAE
123	149	select HAVE_ARCH_JUMP_LABEL
	150	+ select HAVE_ARCH_JUMP_LABEL_RELATIVE
124	151	select HAVE_ARCH_KASAN if X86_64
	152	+ select HAVE_ARCH_KASAN_VMALLOC if X86_64
	153	+ select HAVE_ARCH_KFENCE
125	154	select HAVE_ARCH_KGDB
126	155	select HAVE_ARCH_MMAP_RND_BITS if MMU
127	156	select HAVE_ARCH_MMAP_RND_COMPAT_BITS if MMU && COMPAT
128	157	select HAVE_ARCH_COMPAT_MMAP_BASES if MMU && COMPAT
129		- select HAVE_ARCH_PREL32_RELOCATIONS if !LTO_CLANG
	158	+ select HAVE_ARCH_PREL32_RELOCATIONS
130	159	select HAVE_ARCH_SECCOMP_FILTER
131	160	select HAVE_ARCH_THREAD_STRUCT_WHITELIST
	161	+ select HAVE_ARCH_STACKLEAK
132	162	select HAVE_ARCH_TRACEHOOK
133	163	select HAVE_ARCH_TRANSPARENT_HUGEPAGE
134	164	select HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD if X86_64
	165	+ select HAVE_ARCH_USERFAULTFD_WP if X86_64 && USERFAULTFD
	166	+ select HAVE_ARCH_USERFAULTFD_MINOR if X86_64 && USERFAULTFD
135	167	select HAVE_ARCH_VMAP_STACK if X86_64
136	168	select HAVE_ARCH_WITHIN_STACK_FRAMES
	169	+ select HAVE_ASM_MODVERSIONS
137	170	select HAVE_CMPXCHG_DOUBLE
138	171	select HAVE_CMPXCHG_LOCAL
139	172	select HAVE_CONTEXT_TRACKING if X86_64
140		- select HAVE_COPY_THREAD_TLS
141	173	select HAVE_C_RECORDMCOUNT
	174	+ select HAVE_OBJTOOL_MCOUNT if STACK_VALIDATION
142	175	select HAVE_DEBUG_KMEMLEAK
143		- select HAVE_DEBUG_STACKOVERFLOW
144	176	select HAVE_DMA_CONTIGUOUS
145	177	select HAVE_DYNAMIC_FTRACE
146	178	select HAVE_DYNAMIC_FTRACE_WITH_REGS
	179	+ select HAVE_DYNAMIC_FTRACE_WITH_DIRECT_CALLS
147	180	select HAVE_EBPF_JIT
148	181	select HAVE_EFFICIENT_UNALIGNED_ACCESS
	182	+ select HAVE_EISA
149	183	select HAVE_EXIT_THREAD
	184	+ select HAVE_FAST_GUP
150	185	select HAVE_FENTRY if X86_64 \|\| DYNAMIC_FTRACE
151	186	select HAVE_FTRACE_MCOUNT_RECORD
152	187	select HAVE_FUNCTION_GRAPH_TRACER
..	..	@@ -155,7 +190,6 @@
155	190	select HAVE_HW_BREAKPOINT
156	191	select HAVE_IDE
157	192	select HAVE_IOREMAP_PROT
158		- select HAVE_IRQ_EXIT_ON_IRQ_STACK if X86_64
159	193	select HAVE_IRQ_TIME_ACCOUNTING
160	194	select HAVE_KERNEL_BZIP2
161	195	select HAVE_KERNEL_GZIP
..	..	@@ -163,16 +197,17 @@
163	197	select HAVE_KERNEL_LZMA
164	198	select HAVE_KERNEL_LZO
165	199	select HAVE_KERNEL_XZ
	200	+ select HAVE_KERNEL_ZSTD
166	201	select HAVE_KPROBES
167	202	select HAVE_KPROBES_ON_FTRACE
168	203	select HAVE_FUNCTION_ERROR_INJECTION
169	204	select HAVE_KRETPROBES
170	205	select HAVE_KVM
171	206	select HAVE_LIVEPATCH if X86_64
172		- select HAVE_MEMBLOCK
173		- select HAVE_MEMBLOCK_NODE_MAP
174	207	select HAVE_MIXED_BREAKPOINTS_REGS
175	208	select HAVE_MOD_ARCH_SPECIFIC
	209	+ select HAVE_MOVE_PMD
	210	+ select HAVE_MOVE_PUD
176	211	select HAVE_NMI
177	212	select HAVE_OPROFILE
178	213	select HAVE_OPTPROBES
..	..	@@ -180,14 +215,19 @@
180	215	select HAVE_PERF_EVENTS
181	216	select HAVE_PERF_EVENTS_NMI
182	217	select HAVE_HARDLOCKUP_DETECTOR_PERF if PERF_EVENTS && HAVE_PERF_EVENTS_NMI
	218	+ select HAVE_PCI
183	219	select HAVE_PERF_REGS
184	220	select HAVE_PERF_USER_STACK_DUMP
185		- select HAVE_RCU_TABLE_FREE if PARAVIRT
186		- select HAVE_RCU_TABLE_INVALIDATE if HAVE_RCU_TABLE_FREE
	221	+ select HAVE_PREEMPT_LAZY
	222	+ select MMU_GATHER_RCU_TABLE_FREE if PARAVIRT
	223	+ select HAVE_POSIX_CPU_TIMERS_TASK_WORK
187	224	select HAVE_REGS_AND_STACK_ACCESS_API
188	225	select HAVE_RELIABLE_STACKTRACE if X86_64 && (UNWINDER_FRAME_POINTER \|\| UNWINDER_ORC) && STACK_VALIDATION
	226	+ select HAVE_FUNCTION_ARG_ACCESS_API
189	227	select HAVE_STACKPROTECTOR if CC_HAS_SANE_STACKPROTECTOR
190		- select HAVE_STACK_VALIDATION if X86_64 && !LTO_CLANG
	228	+ select HAVE_STACK_VALIDATION if X86_64
	229	+ select HAVE_STATIC_CALL
	230	+ select HAVE_STATIC_CALL_INLINE if HAVE_STACK_VALIDATION
191	231	select HAVE_RSEQ
192	232	select HAVE_SYSCALL_TRACEPOINTS
193	233	select HAVE_UNSTABLE_SCHED_CLOCK
..	..	@@ -196,17 +236,22 @@
196	236	select HOTPLUG_SMT if SMP
197	237	select IRQ_FORCED_THREADING
198	238	select NEED_SG_DMA_LENGTH
199		- select PCI_LOCKLESS_CONFIG
	239	+ select PCI_DOMAINS if PCI
	240	+ select PCI_LOCKLESS_CONFIG if PCI
200	241	select PERF_EVENTS
201	242	select RTC_LIB
202	243	select RTC_MC146818_LIB
203	244	select SPARSE_IRQ
204	245	select SRCU
	246	+ select STACK_VALIDATION if HAVE_STACK_VALIDATION && (HAVE_STATIC_CALL_INLINE \|\| RETPOLINE)
205	247	select SYSCTL_EXCEPTION_TRACE
206	248	select THREAD_INFO_IN_TASK
207	249	select USER_STACKTRACE_SUPPORT
208	250	select VIRT_TO_BUS
	251	+ select HAVE_ARCH_KCSAN if X86_64
209	252	select X86_FEATURE_NAMES if PROC_FS
	253	+ select PROC_PID_ARCH_STATUS if PROC_FS
	254	+ imply IMA_SECURE_AND_OR_TRUSTED_BOOT if EFI
210	255
211	256	config INSTRUCTION_DECODER
212	257	def_bool y
..	..	@@ -216,11 +261,6 @@
216	261	string
217	262	default "elf32-i386" if X86_32
218	263	default "elf64-x86-64" if X86_64
219		-
220		-config ARCH_DEFCONFIG
221		- string
222		- default "arch/x86/configs/i386_defconfig" if X86_32
223		- default "arch/x86/configs/x86_64_defconfig" if X86_64
224	264
225	265	config LOCKDEP_SUPPORT
226	266	def_bool y
..	..	@@ -260,15 +300,9 @@
260	300	config GENERIC_BUG_RELATIVE_POINTERS
261	301	bool
262	302
263		-config GENERIC_HWEIGHT
264		- def_bool y
265		-
266	303	config ARCH_MAY_HAVE_PC_FDC
267	304	def_bool y
268	305	depends on ISA_DMA_API
269		-
270		-config RWSEM_XCHGADD_ALGORITHM
271		- def_bool y
272	306
273	307	config GENERIC_CALIBRATE_DELAY
274	308	def_bool y
..	..	@@ -297,9 +331,6 @@
297	331	config ARCH_SUSPEND_POSSIBLE
298	332	def_bool y
299	333
300		-config ARCH_WANT_HUGE_PMD_SHARE
301		- def_bool y
302		-
303	334	config ARCH_WANT_GENERAL_HUGETLB
304	335	def_bool y
305	336
..	..	@@ -308,9 +339,6 @@
308	339
309	340	config AUDIT_ARCH
310	341	def_bool y if X86_64
311		-
312		-config ARCH_SUPPORTS_OPTIMIZED_INLINING
313		- def_bool y
314	342
315	343	config ARCH_SUPPORTS_DEBUG_PAGEALLOC
316	344	def_bool y
..	..	@@ -374,7 +402,7 @@
374	402
375	403	config SMP
376	404	bool "Symmetric multi-processing support"
377		- ---help---
	405	+ help
378	406	This enables support for systems with more than one CPU. If you have
379	407	a system with only one CPU, say N. If you have a system with more
380	408	than one CPU, say Y.
..	..	@@ -394,8 +422,8 @@
394	422	Y to "Enhanced Real Time Clock Support", below. The "Advanced Power
395	423	Management" code will be disabled if you say Y here.
396	424
397		- See also <file:Documentation/x86/i386/IO-APIC.txt>,
398		- <file:Documentation/lockup-watchdogs.txt> and the SMP-HOWTO available at
	425	+ See also <file:Documentation/x86/i386/IO-APIC.rst>,
	426	+ <file:Documentation/admin-guide/lockup-watchdogs.rst> and the SMP-HOWTO available at
399	427	<http://www.tldp.org/docs.html#howto>.
400	428
401	429	If you don't know what to do here, say N.
..	..	@@ -403,7 +431,7 @@
403	431	config X86_FEATURE_NAMES
404	432	bool "Processor feature human-readable names" if EMBEDDED
405	433	default y
406		- ---help---
	434	+ help
407	435	This option compiles in a table of x86 feature bits and corresponding
408	436	names. This is required to support /proc/cpuinfo and a few kernel
409	437	messages. You can disable this to save space, at the expense of
..	..	@@ -414,7 +442,7 @@
414	442	config X86_X2APIC
415	443	bool "Support x2apic"
416	444	depends on X86_LOCAL_APIC && X86_64 && (IRQ_REMAP \|\| HYPERVISOR_GUEST)
417		- ---help---
	445	+ help
418	446	This enables x2apic support on CPUs that have this feature.
419	447
420	448	This allows 32-bit apic IDs (so it can support very large systems),
..	..	@@ -426,34 +454,32 @@
426	454	bool "Enable MPS table" if ACPI \|\| SFI
427	455	default y
428	456	depends on X86_LOCAL_APIC
429		- ---help---
	457	+ help
430	458	For old smp systems that do not have proper acpi support. Newer systems
431	459	(esp with 64bit cpus) with acpi support, MADT and DSDT will override it
432	460
433	461	config GOLDFISH
434		- def_bool y
435		- depends on X86_GOLDFISH
	462	+ def_bool y
	463	+ depends on X86_GOLDFISH
436	464
437		-config RETPOLINE
438		- bool "Avoid speculative indirect branches in kernel"
439		- default y
440		- select STACK_VALIDATION if HAVE_STACK_VALIDATION
441		- help
442		- Compile kernel with the retpoline compiler options to guard against
443		- kernel-to-user data leaks by avoiding speculative indirect
444		- branches. Requires a compiler with -mindirect-branch=thunk-extern
445		- support for full protection. The kernel may run slower.
446		-
447		-config INTEL_RDT
448		- bool "Intel Resource Director Technology support"
449		- default n
450		- depends on X86 && CPU_SUP_INTEL
	465	+config X86_CPU_RESCTRL
	466	+ bool "x86 CPU resource control support"
	467	+ depends on X86 && (CPU_SUP_INTEL \|\| CPU_SUP_AMD)
451	468	select KERNFS
	469	+ select PROC_CPU_RESCTRL if PROC_FS
452	470	help
453		- Select to enable resource allocation and monitoring which are
454		- sub-features of Intel Resource Director Technology(RDT). More
455		- information about RDT can be found in the Intel x86
456		- Architecture Software Developer Manual.
	471	+ Enable x86 CPU resource control support.
	472	+
	473	+ Provide support for the allocation and monitoring of system resources
	474	+ usage by the CPU.
	475	+
	476	+ Intel calls this Intel Resource Director Technology
	477	+ (Intel(R) RDT). More information about RDT can be found in the
	478	+ Intel x86 Architecture Software Developer Manual.
	479	+
	480	+ AMD calls this AMD Platform Quality of Service (AMD QoS).
	481	+ More information about AMD QoS can be found in the AMD64 Technology
	482	+ Platform Quality of Service Extensions manual.
457	483
458	484	Say N if unsure.
459	485
..	..	@@ -461,13 +487,13 @@
461	487	config X86_BIGSMP
462	488	bool "Support for big SMP systems with more than 8 CPUs"
463	489	depends on SMP
464		- ---help---
465		- This option is needed for the systems that have more than 8 CPUs
	490	+ help
	491	+ This option is needed for the systems that have more than 8 CPUs.
466	492
467	493	config X86_EXTENDED_PLATFORM
468	494	bool "Support for extended (non-PC) x86 platforms"
469	495	default y
470		- ---help---
	496	+ help
471	497	If you disable this option then the kernel will only support
472	498	standard PC platforms. (which covers the vast majority of
473	499	systems out there.)
..	..	@@ -489,7 +515,7 @@
489	515	config X86_EXTENDED_PLATFORM
490	516	bool "Support for extended (non-PC) x86 platforms"
491	517	default y
492		- ---help---
	518	+ help
493	519	If you disable this option then the kernel will only support
494	520	standard PC platforms. (which covers the vast majority of
495	521	systems out there.)
..	..	@@ -513,7 +539,7 @@
513	539	depends on SMP
514	540	depends on X86_X2APIC
515	541	depends on PCI_MMCONFIG
516		- ---help---
	542	+ help
517	543	Adds support for Numascale NumaChip large-SMP systems. Needed to
518	544	enable more than ~168 cores.
519	545	If you don't have one of these, you should say N here.
..	..	@@ -525,7 +551,7 @@
525	551	depends on X86_64 && PCI
526	552	depends on X86_EXTENDED_PLATFORM
527	553	depends on SMP
528		- ---help---
	554	+ help
529	555	Support for ScaleMP vSMP systems. Say 'Y' here if this kernel is
530	556	supposed to run on these EM64T-based machines. Only choose this option
531	557	if you have one of these machines.
..	..	@@ -539,7 +565,7 @@
539	565	depends on KEXEC_CORE
540	566	depends on X86_X2APIC
541	567	depends on PCI
542		- ---help---
	568	+ help
543	569	This option is needed in order to support SGI Ultraviolet systems.
544	570	If you don't have one of these, you should say N here.
545	571
..	..	@@ -547,9 +573,9 @@
547	573	# Please maintain the alphabetic order if and when there are additions
548	574
549	575	config X86_GOLDFISH
550		- bool "Goldfish (Virtual Platform)"
551		- depends on X86_EXTENDED_PLATFORM
552		- ---help---
	576	+ bool "Goldfish (Virtual Platform)"
	577	+ depends on X86_EXTENDED_PLATFORM
	578	+ help
553	579	Enable support for the Goldfish virtual platform used primarily
554	580	for Android development. Unless you are building for the Android
555	581	Goldfish emulator say N here.
..	..	@@ -564,7 +590,7 @@
564	590	select X86_REBOOTFIXUPS
565	591	select OF
566	592	select OF_EARLY_FLATTREE
567		- ---help---
	593	+ help
568	594	Select for the Intel CE media processor (CE4100) SOC.
569	595	This option compiles in support for the CE4100 SOC for settop
570	596	boxes and media devices.
..	..	@@ -580,9 +606,9 @@
580	606	select I2C
581	607	select DW_APB_TIMER
582	608	select APB_TIMER
583		- select INTEL_SCU_IPC
	609	+ select INTEL_SCU_PCI
584	610	select MFD_INTEL_MSIC
585		- ---help---
	611	+ help
586	612	Select to build a kernel capable of supporting Intel MID (Mobile
587	613	Internet Device) platform systems which do not have the PCI legacy
588	614	interfaces. If you are building for a PC class system say N here.
..	..	@@ -602,18 +628,18 @@
602	628	select IOSF_MBI
603	629	select INTEL_IMR
604	630	select COMMON_CLK
605		- ---help---
	631	+ help
606	632	Select to include support for Quark X1000 SoC.
607	633	Say Y here if you have a Quark based system such as the Arduino
608	634	compatible Intel Galileo.
609	635
610	636	config X86_INTEL_LPSS
611	637	bool "Intel Low Power Subsystem Support"
612		- depends on X86 && ACPI
	638	+ depends on X86 && ACPI && PCI
613	639	select COMMON_CLK
614	640	select PINCTRL
615	641	select IOSF_MBI
616		- ---help---
	642	+ help
617	643	Select to build support for Intel Low Power Subsystem such as
618	644	found on Intel Lynxpoint PCH. Selecting this option enables
619	645	things like clock tree (common clock framework) and pincontrol
..	..	@@ -624,7 +650,7 @@
624	650	depends on ACPI
625	651	select COMMON_CLK
626	652	select PINCTRL
627		- ---help---
	653	+ help
628	654	Select to interpret AMD specific ACPI device to platform device
629	655	such as I2C, UART, GPIO found on AMD Carrizo and later chipsets.
630	656	I2C and UART depend on COMMON_CLK to set clock. GPIO driver is
..	..	@@ -633,7 +659,7 @@
633	659	config IOSF_MBI
634	660	tristate "Intel SoC IOSF Sideband support for SoC platforms"
635	661	depends on PCI
636		- ---help---
	662	+ help
637	663	This option enables sideband register access support for Intel SoC
638	664	platforms. On these platforms the IOSF sideband is used in lieu of
639	665	MSR's for some register accesses, mostly but not limited to thermal
..	..	@@ -650,7 +676,7 @@
650	676	config IOSF_MBI_DEBUG
651	677	bool "Enable IOSF sideband access through debugfs"
652	678	depends on IOSF_MBI && DEBUG_FS
653		- ---help---
	679	+ help
654	680	Select this option to expose the IOSF sideband access registers (MCR,
655	681	MDR, MCRX) through debugfs to write and read register information from
656	682	different units on the SoC. This is most useful for obtaining device
..	..	@@ -666,7 +692,7 @@
666	692	depends on X86_EXTENDED_PLATFORM
667	693	select M486
668	694	select X86_REBOOTFIXUPS
669		- ---help---
	695	+ help
670	696	This option is needed for RDC R-321x system-on-chip, also known
671	697	as R-8610-(G).
672	698	If you don't have one of these chips, you should say N here.
..	..	@@ -675,7 +701,7 @@
675	701	bool "Support non-standard 32-bit SMP architectures"
676	702	depends on X86_32 && SMP
677	703	depends on X86_EXTENDED_PLATFORM
678		- ---help---
	704	+ help
679	705	This option compiles in the bigsmp and STA2X11 default
680	706	subarchitectures. It is intended for a generic binary
681	707	kernel. If you select them all, kernel will probe it one by
..	..	@@ -695,14 +721,10 @@
695	721	config STA2X11
696	722	bool "STA2X11 Companion Chip Support"
697	723	depends on X86_32_NON_STANDARD && PCI
698		- select ARCH_HAS_PHYS_TO_DMA
699		- select X86_DEV_DMA_OPS
700		- select X86_DMA_REMAP
701	724	select SWIOTLB
702	725	select MFD_STA2X11
703	726	select GPIOLIB
704		- default n
705		- ---help---
	727	+ help
706	728	This adds support for boards based on the STA2X11 IO-Hub,
707	729	a.k.a. "ConneXt". The chip is used in place of the standard
708	730	PC chipset, so all "standard" peripherals are missing. If this
..	..	@@ -712,7 +734,7 @@
712	734	config X86_32_IRIS
713	735	tristate "Eurobraille/Iris poweroff module"
714	736	depends on X86_32
715		- ---help---
	737	+ help
716	738	The Iris machines from EuroBraille do not have APM or ACPI support
717	739	to shut themselves down properly. A special I/O sequence is
718	740	needed to do so, which is what this module does at
..	..	@@ -726,7 +748,7 @@
726	748	def_bool y
727	749	prompt "Single-depth WCHAN output"
728	750	depends on X86
729		- ---help---
	751	+ help
730	752	Calculate simpler /proc/<PID>/wchan values. If this option
731	753	is disabled then wchan values will recurse back to the
732	754	caller function. This provides more accurate wchan values,
..	..	@@ -736,7 +758,7 @@
736	758
737	759	menuconfig HYPERVISOR_GUEST
738	760	bool "Linux guest support"
739		- ---help---
	761	+ help
740	762	Say Y here to enable options for running Linux under various hyper-
741	763	visors. This option enables basic hypervisor detection and platform
742	764	setup.
..	..	@@ -748,23 +770,26 @@
748	770
749	771	config PARAVIRT
750	772	bool "Enable paravirtualization code"
751		- ---help---
	773	+ help
752	774	This changes the kernel so it can modify itself when it is run
753	775	under a hypervisor, potentially improving performance significantly
754	776	over full virtualization. However, when run without a hypervisor
755	777	the kernel is theoretically slower and slightly larger.
756	778
	779	+config PARAVIRT_XXL
	780	+ bool
	781	+
757	782	config PARAVIRT_DEBUG
758	783	bool "paravirt-ops debugging"
759	784	depends on PARAVIRT && DEBUG_KERNEL
760		- ---help---
	785	+ help
761	786	Enable to debug paravirt_ops internals. Specifically, BUG if
762	787	a paravirt_op is missing when it is called.
763	788
764	789	config PARAVIRT_SPINLOCKS
765	790	bool "Paravirtualization layer for spinlocks"
766	791	depends on PARAVIRT && SMP
767		- ---help---
	792	+ help
768	793	Paravirtualized spinlocks allow a pvops backend to replace the
769	794	spinlock implementation with something virtualization-friendly
770	795	(for example, block the virtual CPU rather than spinning).
..	..	@@ -774,13 +799,8 @@
774	799
775	800	If you are unsure how to answer this question, answer Y.
776	801
777		-config QUEUED_LOCK_STAT
778		- bool "Paravirt queued spinlock statistics"
779		- depends on PARAVIRT_SPINLOCKS && DEBUG_FS
780		- ---help---
781		- Enable the collection of statistical data on the slowpath
782		- behavior of paravirtualized queued spinlocks and report
783		- them on debugfs.
	802	+config X86_HV_CALLBACK_VECTOR
	803	+ def_bool n
784	804
785	805	source "arch/x86/xen/Kconfig"
786	806
..	..	@@ -788,28 +808,32 @@
788	808	bool "KVM Guest support (including kvmclock)"
789	809	depends on PARAVIRT
790	810	select PARAVIRT_CLOCK
	811	+ select ARCH_CPUIDLE_HALTPOLL
	812	+ select X86_HV_CALLBACK_VECTOR
791	813	default y
792		- ---help---
	814	+ help
793	815	This option enables various optimizations for running under the KVM
794	816	hypervisor. It includes a paravirtualized clock, so that instead
795	817	of relying on a PIT (or probably other) emulation by the
796	818	underlying device model, the host provides the guest with
797	819	timing infrastructure such as time of day, and system time
798	820
799		-config KVM_DEBUG_FS
800		- bool "Enable debug information for KVM Guests in debugfs"
801		- depends on KVM_GUEST && DEBUG_FS
802		- default n
803		- ---help---
804		- This option enables collection of various statistics for KVM guest.
805		- Statistics are displayed in debugfs filesystem. Enabling this option
806		- may incur significant overhead.
	821	+config ARCH_CPUIDLE_HALTPOLL
	822	+ def_bool n
	823	+ prompt "Disable host haltpoll when loading haltpoll driver"
	824	+ help
	825	+ If virtualized under KVM, disable host haltpoll.
	826	+
	827	+config PVH
	828	+ bool "Support for running PVH guests"
	829	+ help
	830	+ This option enables the PVH entry point for guest virtual machines
	831	+ as specified in the x86/HVM direct boot ABI.
807	832
808	833	config PARAVIRT_TIME_ACCOUNTING
809	834	bool "Paravirtual steal time accounting"
810	835	depends on PARAVIRT
811		- default n
812		- ---help---
	836	+ help
813	837	Select this option to enable fine granularity task steal time
814	838	accounting. Time spent executing other tasks in parallel with
815	839	the current vCPU is discounted from the vCPU power. To account for
..	..	@@ -824,22 +848,30 @@
824	848	bool "Jailhouse non-root cell support"
825	849	depends on X86_64 && PCI
826	850	select X86_PM_TIMER
827		- ---help---
	851	+ help
828	852	This option allows to run Linux as guest in a Jailhouse non-root
829	853	cell. You can leave this option disabled if you only want to start
830	854	Jailhouse and run Linux afterwards in the root cell.
831	855
832		-endif #HYPERVISOR_GUEST
	856	+config ACRN_GUEST
	857	+ bool "ACRN Guest support"
	858	+ depends on X86_64
	859	+ select X86_HV_CALLBACK_VECTOR
	860	+ help
	861	+ This option allows to run Linux as guest in the ACRN hypervisor. ACRN is
	862	+ a flexible, lightweight reference open-source hypervisor, built with
	863	+ real-time and safety-criticality in mind. It is built for embedded
	864	+ IOT with small footprint and real-time features. More details can be
	865	+ found in https://projectacrn.org/.
833	866
834		-config NO_BOOTMEM
835		- def_bool y
	867	+endif #HYPERVISOR_GUEST
836	868
837	869	source "arch/x86/Kconfig.cpu"
838	870
839	871	config HPET_TIMER
840	872	def_bool X86_64
841	873	prompt "HPET Timer Support" if X86_32
842		- ---help---
	874	+ help
843	875	Use the IA-PC HPET (High Precision Event Timer) to manage
844	876	time in preference to the PIT and RTC, if a HPET is
845	877	present.
..	..	@@ -860,16 +892,16 @@
860	892	depends on HPET_TIMER && (RTC=y \|\| RTC=m \|\| RTC_DRV_CMOS=m \|\| RTC_DRV_CMOS=y)
861	893
862	894	config APB_TIMER
863		- def_bool y if X86_INTEL_MID
864		- prompt "Intel MID APB Timer Support" if X86_INTEL_MID
865		- select DW_APB_TIMER
866		- depends on X86_INTEL_MID && SFI
867		- help
868		- APB timer is the replacement for 8254, HPET on X86 MID platforms.
869		- The APBT provides a stable time base on SMP
870		- systems, unlike the TSC, but it is more expensive to access,
871		- as it is off-chip. APB timers are always running regardless of CPU
872		- C states, they are used as per CPU clockevent device when possible.
	895	+ def_bool y if X86_INTEL_MID
	896	+ prompt "Intel MID APB Timer Support" if X86_INTEL_MID
	897	+ select DW_APB_TIMER
	898	+ depends on X86_INTEL_MID && SFI
	899	+ help
	900	+ APB timer is the replacement for 8254, HPET on X86 MID platforms.
	901	+ The APBT provides a stable time base on SMP
	902	+ systems, unlike the TSC, but it is more expensive to access,
	903	+ as it is off-chip. APB timers are always running regardless of CPU
	904	+ C states, they are used as per CPU clockevent device when possible.
873	905
874	906	# Mark as expert because too many people got it wrong.
875	907	# The code disables itself when not needed.
..	..	@@ -877,7 +909,7 @@
877	909	default y
878	910	select DMI_SCAN_MACHINE_NON_EFI_FALLBACK
879	911	bool "Enable DMI scanning" if EXPERT
880		- ---help---
	912	+ help
881	913	Enabled scanning of DMI to identify machine quirks. Say Y
882	914	here unless you have verified that your setup is not
883	915	affected by entries in the DMI blacklist. Required by PNP
..	..	@@ -885,10 +917,11 @@
885	917
886	918	config GART_IOMMU
887	919	bool "Old AMD GART IOMMU support"
	920	+ select DMA_OPS
888	921	select IOMMU_HELPER
889	922	select SWIOTLB
890	923	depends on X86_64 && PCI && AMD_NB
891		- ---help---
	924	+ help
892	925	Provides a driver for older AMD Athlon64/Opteron/Turion/Sempron
893	926	GART based hardware IOMMUs.
894	927
..	..	@@ -905,41 +938,11 @@
905	938
906	939	If unsure, say Y.
907	940
908		-config CALGARY_IOMMU
909		- bool "IBM Calgary IOMMU support"
910		- select IOMMU_HELPER
911		- select SWIOTLB
912		- depends on X86_64 && PCI
913		- ---help---
914		- Support for hardware IOMMUs in IBM's xSeries x366 and x460
915		- systems. Needed to run systems with more than 3GB of memory
916		- properly with 32-bit PCI devices that do not support DAC
917		- (Double Address Cycle). Calgary also supports bus level
918		- isolation, where all DMAs pass through the IOMMU. This
919		- prevents them from going anywhere except their intended
920		- destination. This catches hard-to-find kernel bugs and
921		- mis-behaving drivers and devices that do not use the DMA-API
922		- properly to set up their DMA buffers. The IOMMU can be
923		- turned off at boot time with the iommu=off parameter.
924		- Normally the kernel will make the right choice by itself.
925		- If unsure, say Y.
926		-
927		-config CALGARY_IOMMU_ENABLED_BY_DEFAULT
928		- def_bool y
929		- prompt "Should Calgary be enabled by default?"
930		- depends on CALGARY_IOMMU
931		- ---help---
932		- Should Calgary be enabled by default? if you choose 'y', Calgary
933		- will be used (if it exists). If you choose 'n', Calgary will not be
934		- used even if it exists. If you choose 'n' and would like to use
935		- Calgary anyway, pass 'iommu=calgary' on the kernel command line.
936		- If unsure, say Y.
937		-
938	941	config MAXSMP
939	942	bool "Enable Maximum number of SMP Processors and NUMA Nodes"
940	943	depends on X86_64 && SMP && DEBUG_KERNEL
941	944	select CPUMASK_OFFSTACK
942		- ---help---
	945	+ help
943	946	Enable maximum number of CPUS and NUMA Nodes for this architecture.
944	947	If unsure, say N.
945	948
..	..	@@ -973,8 +976,8 @@
973	976	config NR_CPUS_RANGE_END
974	977	int
975	978	depends on X86_64
976		- default 8192 if SMP && ( MAXSMP \|\| CPUMASK_OFFSTACK)
977		- default 512 if SMP && (!MAXSMP && !CPUMASK_OFFSTACK)
	979	+ default 8192 if SMP && CPUMASK_OFFSTACK
	980	+ default 512 if SMP && !CPUMASK_OFFSTACK
978	981	default 1 if !SMP
979	982
980	983	config NR_CPUS_DEFAULT
..	..	@@ -995,7 +998,7 @@
995	998	int "Maximum number of CPUs" if SMP && !MAXSMP
996	999	range NR_CPUS_RANGE_BEGIN NR_CPUS_RANGE_END
997	1000	default NR_CPUS_DEFAULT
998		- ---help---
	1001	+ help
999	1002	This allows you to specify the maximum number of CPUs which this
1000	1003	kernel will support. If CPUMASK_OFFSTACK is enabled, the maximum
1001	1004	supported value is 8192, otherwise the maximum value is 512. The
..	..	@@ -1011,7 +1014,7 @@
1011	1014	def_bool y
1012	1015	prompt "Multi-core scheduler support"
1013	1016	depends on SMP
1014		- ---help---
	1017	+ help
1015	1018	Multi-core scheduler support improves the CPU scheduler's decision
1016	1019	making when dealing with multi-core CPU chips at a cost of slightly
1017	1020	increased overhead in some places. If unsure say N here.
..	..	@@ -1022,7 +1025,7 @@
1022	1025	select X86_INTEL_PSTATE
1023	1026	select CPU_FREQ
1024	1027	default y
1025		- ---help---
	1028	+ help
1026	1029	Intel Turbo Boost Max Technology 3.0 enabled CPUs have a
1027	1030	core ordering determined at manufacturing time, which allows
1028	1031	certain cores to reach higher turbo frequencies (when running
..	..	@@ -1038,14 +1041,14 @@
1038	1041	If unsure say Y here.
1039	1042
1040	1043	config UP_LATE_INIT
1041		- def_bool y
1042		- depends on !SMP && X86_LOCAL_APIC
	1044	+ def_bool y
	1045	+ depends on !SMP && X86_LOCAL_APIC
1043	1046
1044	1047	config X86_UP_APIC
1045	1048	bool "Local APIC support on uniprocessors" if !PCI_MSI
1046	1049	default PCI_MSI
1047	1050	depends on X86_32 && !SMP && !X86_32_NON_STANDARD
1048		- ---help---
	1051	+ help
1049	1052	A local APIC (Advanced Programmable Interrupt Controller) is an
1050	1053	integrated interrupt controller in the CPU. If you have a single-CPU
1051	1054	system which has a processor with a local APIC, you can say Y here to
..	..	@@ -1058,7 +1061,7 @@
1058	1061	config X86_UP_IOAPIC
1059	1062	bool "IO-APIC support on uniprocessors"
1060	1063	depends on X86_UP_APIC
1061		- ---help---
	1064	+ help
1062	1065	An IO-APIC (I/O Advanced Programmable Interrupt Controller) is an
1063	1066	SMP-capable replacement for PC-style interrupt controllers. Most
1064	1067	SMP systems and many recent uniprocessor systems have one.
..	..	@@ -1080,7 +1083,7 @@
1080	1083	config X86_REROUTE_FOR_BROKEN_BOOT_IRQS
1081	1084	bool "Reroute for broken boot IRQs"
1082	1085	depends on X86_IO_APIC
1083		- ---help---
	1086	+ help
1084	1087	This option enables a workaround that fixes a source of
1085	1088	spurious interrupts. This is recommended when threaded
1086	1089	interrupt handling is used on systems where the generation of
..	..	@@ -1104,7 +1107,7 @@
1104	1107	bool "Machine Check / overheating reporting"
1105	1108	select GENERIC_ALLOCATOR
1106	1109	default y
1107		- ---help---
	1110	+ help
1108	1111	Machine Check support allows the processor to notify the
1109	1112	kernel if it detects a problem (e.g. overheating, data corruption).
1110	1113	The action the kernel takes depends on the severity of the problem,
..	..	@@ -1113,7 +1116,7 @@
1113	1116	config X86_MCELOG_LEGACY
1114	1117	bool "Support for deprecated /dev/mcelog character device"
1115	1118	depends on X86_MCE
1116		- ---help---
	1119	+ help
1117	1120	Enable support for /dev/mcelog which is needed by the old mcelog
1118	1121	userspace logging daemon. Consider switching to the new generation
1119	1122	rasdaemon solution.
..	..	@@ -1122,7 +1125,7 @@
1122	1125	def_bool y
1123	1126	prompt "Intel MCE features"
1124	1127	depends on X86_MCE && X86_LOCAL_APIC
1125		- ---help---
	1128	+ help
1126	1129	Additional support for intel specific MCE features such as
1127	1130	the thermal monitor.
1128	1131
..	..	@@ -1130,14 +1133,14 @@
1130	1133	def_bool y
1131	1134	prompt "AMD MCE features"
1132	1135	depends on X86_MCE && X86_LOCAL_APIC && AMD_NB
1133		- ---help---
	1136	+ help
1134	1137	Additional support for AMD specific MCE features such as
1135	1138	the DRAM Error Threshold.
1136	1139
1137	1140	config X86_ANCIENT_MCE
1138	1141	bool "Support for old Pentium 5 / WinChip machine checks"
1139	1142	depends on X86_32 && X86_MCE
1140		- ---help---
	1143	+ help
1141	1144	Include support for machine check handling on old Pentium 5 or WinChip
1142	1145	systems. These typically need to be enabled explicitly on the command
1143	1146	line.
..	..	@@ -1149,7 +1152,7 @@
1149	1152	config X86_MCE_INJECT
1150	1153	depends on X86_MCE && X86_LOCAL_APIC && DEBUG_FS
1151	1154	tristate "Machine check injector support"
1152		- ---help---
	1155	+ help
1153	1156	Provide support for injecting machine checks for testing purposes.
1154	1157	If you don't know what a machine check is and you don't do kernel
1155	1158	QA it is safe to say n.
..	..	@@ -1162,9 +1165,8 @@
1162	1165
1163	1166	config X86_LEGACY_VM86
1164	1167	bool "Legacy VM86 support"
1165		- default n
1166	1168	depends on X86_32
1167		- ---help---
	1169	+ help
1168	1170	This option allows user programs to put the CPU into V8086
1169	1171	mode, which is an 80286-era approximation of 16-bit real mode.
1170	1172
..	..	@@ -1189,14 +1191,14 @@
1189	1191	If unsure, say N here.
1190	1192
1191	1193	config VM86
1192		- bool
1193		- default X86_LEGACY_VM86
	1194	+ bool
	1195	+ default X86_LEGACY_VM86
1194	1196
1195	1197	config X86_16BIT
1196	1198	bool "Enable support for 16-bit segments" if EXPERT
1197	1199	default y
1198	1200	depends on MODIFY_LDT_SYSCALL
1199		- ---help---
	1201	+ help
1200	1202	This option is required by programs like Wine to run 16-bit
1201	1203	protected mode legacy code on x86 processors. Disabling
1202	1204	this option saves about 300 bytes on i386, or around 6K text
..	..	@@ -1211,10 +1213,10 @@
1211	1213	depends on X86_16BIT && X86_64
1212	1214
1213	1215	config X86_VSYSCALL_EMULATION
1214		- bool "Enable vsyscall emulation" if EXPERT
1215		- default y
1216		- depends on X86_64
1217		- ---help---
	1216	+ bool "Enable vsyscall emulation" if EXPERT
	1217	+ default y
	1218	+ depends on X86_64
	1219	+ help
1218	1220	This enables emulation of the legacy vsyscall page. Disabling
1219	1221	it is roughly equivalent to booting with vsyscall=none, except
1220	1222	that it will also disable the helpful warning if a program
..	..	@@ -1228,10 +1230,28 @@
1228	1230	Disabling this option saves about 7K of kernel size and
1229	1231	possibly 4K of additional runtime pagetable memory.
1230	1232
	1233	+config X86_IOPL_IOPERM
	1234	+ bool "IOPERM and IOPL Emulation"
	1235	+ default y
	1236	+ help
	1237	+ This enables the ioperm() and iopl() syscalls which are necessary
	1238	+ for legacy applications.
	1239	+
	1240	+ Legacy IOPL support is an overbroad mechanism which allows user
	1241	+ space aside of accessing all 65536 I/O ports also to disable
	1242	+ interrupts. To gain this access the caller needs CAP_SYS_RAWIO
	1243	+ capabilities and permission from potentially active security
	1244	+ modules.
	1245	+
	1246	+ The emulation restricts the functionality of the syscall to
	1247	+ only allowing the full range I/O port access, but prevents the
	1248	+ ability to disable interrupts from user space which would be
	1249	+ granted if the hardware IOPL mechanism would be used.
	1250	+
1231	1251	config TOSHIBA
1232	1252	tristate "Toshiba Laptop support"
1233	1253	depends on X86_32
1234		- ---help---
	1254	+ help
1235	1255	This adds a driver to safely access the System Management Mode of
1236	1256	the CPU on Toshiba portables with a genuine Toshiba BIOS. It does
1237	1257	not work on models with a Phoenix BIOS. The System Management Mode
..	..	@@ -1246,9 +1266,10 @@
1246	1266
1247	1267	config I8K
1248	1268	tristate "Dell i8k legacy laptop support"
1249		- select HWMON
	1269	+ depends on HWMON
	1270	+ depends on PROC_FS
1250	1271	select SENSORS_DELL_SMM
1251		- ---help---
	1272	+ help
1252	1273	This option enables legacy /proc/i8k userspace interface in hwmon
1253	1274	dell-smm-hwmon driver. Character file /proc/i8k reports bios version,
1254	1275	temperature and allows controlling fan speeds of Dell laptops via
..	..	@@ -1263,7 +1284,7 @@
1263	1284	config X86_REBOOTFIXUPS
1264	1285	bool "Enable X86 board specific fixups for reboot"
1265	1286	depends on X86_32
1266		- ---help---
	1287	+ help
1267	1288	This enables chipset and/or board specific fixups to be done
1268	1289	in order to get reboot to work correctly. This is only needed on
1269	1290	some combinations of hardware and BIOS. The symptom, for which
..	..	@@ -1281,8 +1302,7 @@
1281	1302	bool "CPU microcode loading support"
1282	1303	default y
1283	1304	depends on CPU_SUP_AMD \|\| CPU_SUP_INTEL
1284		- select FW_LOADER
1285		- ---help---
	1305	+ help
1286	1306	If you say Y here, you will be able to update the microcode on
1287	1307	Intel and AMD processors. The Intel support is for the IA32 family,
1288	1308	e.g. Pentium Pro, Pentium II, Pentium III, Pentium 4, Xeon etc. The
..	..	@@ -1291,7 +1311,7 @@
1291	1311	the Linux kernel.
1292	1312
1293	1313	The preferred method to load microcode from a detached initrd is described
1294		- in Documentation/x86/microcode.txt. For that you need to enable
	1314	+ in Documentation/x86/microcode.rst. For that you need to enable
1295	1315	CONFIG_BLK_DEV_INITRD in order for the loader to be able to scan the
1296	1316	initrd for microcode blobs.
1297	1317
..	..	@@ -1301,10 +1321,9 @@
1301	1321
1302	1322	config MICROCODE_INTEL
1303	1323	bool "Intel microcode loading support"
1304		- depends on MICROCODE
	1324	+ depends on CPU_SUP_INTEL && MICROCODE
1305	1325	default MICROCODE
1306		- select FW_LOADER
1307		- ---help---
	1326	+ help
1308	1327	This options enables microcode patch loading support for Intel
1309	1328	processors.
1310	1329
..	..	@@ -1314,19 +1333,26 @@
1314	1333
1315	1334	config MICROCODE_AMD
1316	1335	bool "AMD microcode loading support"
1317		- depends on MICROCODE
1318		- select FW_LOADER
1319		- ---help---
	1336	+ depends on CPU_SUP_AMD && MICROCODE
	1337	+ help
1320	1338	If you select this option, microcode patch loading support for AMD
1321	1339	processors will be enabled.
1322	1340
1323	1341	config MICROCODE_OLD_INTERFACE
1324		- def_bool y
	1342	+ bool "Ancient loading interface (DEPRECATED)"
	1343	+ default n
1325	1344	depends on MICROCODE
	1345	+ help
	1346	+ DO NOT USE THIS! This is the ancient /dev/cpu/microcode interface
	1347	+ which was used by userspace tools like iucode_tool and microcode.ctl.
	1348	+ It is inadequate because it runs too late to be able to properly
	1349	+ load microcode on a machine and it needs special tools. Instead, you
	1350	+ should've switched to the early loading method with the initrd or
	1351	+ builtin microcode by now: Documentation/x86/microcode.rst
1326	1352
1327	1353	config X86_MSR
1328	1354	tristate "/dev/cpu/*/msr - Model-specific register support"
1329		- ---help---
	1355	+ help
1330	1356	This device gives privileged processes access to the x86
1331	1357	Model-Specific Registers (MSRs). It is a character device with
1332	1358	major 202 and minors 0 to 31 for /dev/cpu/0/msr to /dev/cpu/31/msr.
..	..	@@ -1335,7 +1361,7 @@
1335	1361
1336	1362	config X86_CPUID
1337	1363	tristate "/dev/cpu/*/cpuid - CPU information support"
1338		- ---help---
	1364	+ help
1339	1365	This device gives processes access to the x86 CPUID instruction to
1340	1366	be executed on a specific processor. It is a character device
1341	1367	with major 203 and minors 0 to 31 for /dev/cpu/0/cpuid to
..	..	@@ -1348,7 +1374,7 @@
1348	1374
1349	1375	config NOHIGHMEM
1350	1376	bool "off"
1351		- ---help---
	1377	+ help
1352	1378	Linux can use up to 64 Gigabytes of physical memory on x86 systems.
1353	1379	However, the address space of 32-bit x86 processors is only 4
1354	1380	Gigabytes large. That means that, if you have a large amount of
..	..	@@ -1384,15 +1410,15 @@
1384	1410
1385	1411	config HIGHMEM4G
1386	1412	bool "4GB"
1387		- ---help---
	1413	+ help
1388	1414	Select this if you have a 32-bit processor and between 1 and 4
1389	1415	gigabytes of physical RAM.
1390	1416
1391	1417	config HIGHMEM64G
1392	1418	bool "64GB"
1393		- depends on !M486 && !M586 && !M586TSC && !M586MMX && !MGEODE_LX && !MGEODEGX1 && !MCYRIXIII && !MELAN && !MWINCHIPC6 && !MWINCHIP3D && !MK6
	1419	+ depends on !M486SX && !M486 && !M586 && !M586TSC && !M586MMX && !MGEODE_LX && !MGEODEGX1 && !MCYRIXIII && !MELAN && !MWINCHIPC6 && !MWINCHIP3D && !MK6
1394	1420	select X86_PAE
1395		- ---help---
	1421	+ help
1396	1422	Select this if you have a 32-bit processor and more than 4
1397	1423	gigabytes of physical RAM.
1398	1424
..	..	@@ -1402,7 +1428,7 @@
1402	1428	prompt "Memory split" if EXPERT
1403	1429	default VMSPLIT_3G
1404	1430	depends on X86_32
1405		- ---help---
	1431	+ help
1406	1432	Select the desired split between kernel and user memory.
1407	1433
1408	1434	If the address range available to the kernel is less than the
..	..	@@ -1450,7 +1476,7 @@
1450	1476	depends on X86_32 && !HIGHMEM4G
1451	1477	select PHYS_ADDR_T_64BIT
1452	1478	select SWIOTLB
1453		- ---help---
	1479	+ help
1454	1480	PAE is required for NX support, and furthermore enables
1455	1481	larger swapspace support for non-overcommit purposes. It
1456	1482	has the cost of more pagetable lookup overhead, and also
..	..	@@ -1458,10 +1484,11 @@
1458	1484
1459	1485	config X86_5LEVEL
1460	1486	bool "Enable 5-level page tables support"
	1487	+ default y
1461	1488	select DYNAMIC_MEMORY_LAYOUT
1462	1489	select SPARSEMEM_VMEMMAP
1463	1490	depends on X86_64
1464		- ---help---
	1491	+ help
1465	1492	5-level paging enables access to larger address space:
1466	1493	upto 128 PiB of virtual address space and 4 PiB of
1467	1494	physical address space.
..	..	@@ -1471,29 +1498,38 @@
1471	1498	A kernel with the option enabled can be booted on machines that
1472	1499	support 4- or 5-level paging.
1473	1500
1474		- See Documentation/x86/x86_64/5level-paging.txt for more
	1501	+ See Documentation/x86/x86_64/5level-paging.rst for more
1475	1502	information.
1476	1503
1477	1504	Say N if unsure.
1478	1505
1479	1506	config X86_DIRECT_GBPAGES
1480	1507	def_bool y
1481		- depends on X86_64 && !DEBUG_PAGEALLOC
1482		- ---help---
	1508	+ depends on X86_64
	1509	+ help
1483	1510	Certain kernel features effectively disable kernel
1484	1511	linear 1 GB mappings (even if the CPU otherwise
1485	1512	supports them), so don't confuse the user by printing
1486	1513	that we have them enabled.
1487	1514
1488		-config ARCH_HAS_MEM_ENCRYPT
1489		- def_bool y
	1515	+config X86_CPA_STATISTICS
	1516	+ bool "Enable statistic for Change Page Attribute"
	1517	+ depends on DEBUG_FS
	1518	+ help
	1519	+ Expose statistics about the Change Page Attribute mechanism, which
	1520	+ helps to determine the effectiveness of preserving large and huge
	1521	+ page mappings when mapping protections are changed.
1490	1522
1491	1523	config AMD_MEM_ENCRYPT
1492	1524	bool "AMD Secure Memory Encryption (SME) support"
1493	1525	depends on X86_64 && CPU_SUP_AMD
	1526	+ select DMA_COHERENT_POOL
1494	1527	select DYNAMIC_PHYSICAL_MASK
1495	1528	select ARCH_USE_MEMREMAP_PROT
1496		- ---help---
	1529	+ select ARCH_HAS_FORCE_DMA_UNENCRYPTED
	1530	+ select INSTRUCTION_DECODER
	1531	+ select ARCH_HAS_CC_PLATFORM
	1532	+ help
1497	1533	Say yes to enable support for the encryption of system memory.
1498	1534	This requires an AMD processor that supports Secure Memory
1499	1535	Encryption (SME).
..	..	@@ -1501,7 +1537,7 @@
1501	1537	config AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT
1502	1538	bool "Activate AMD Secure Memory Encryption (SME) by default"
1503	1539	depends on AMD_MEM_ENCRYPT
1504		- ---help---
	1540	+ help
1505	1541	Say yes to have system memory encrypted by default if running on
1506	1542	an AMD processor that supports Secure Memory Encryption (SME).
1507	1543
..	..	@@ -1513,12 +1549,12 @@
1513	1549
1514	1550	# Common NUMA Features
1515	1551	config NUMA
1516		- bool "Numa Memory Allocation and Scheduler Support"
	1552	+ bool "NUMA Memory Allocation and Scheduler Support"
1517	1553	depends on SMP
1518	1554	depends on X86_64 \|\| (X86_32 && HIGHMEM64G && X86_BIGSMP)
1519	1555	default y if X86_BIGSMP
1520		- ---help---
1521		- Enable NUMA (Non Uniform Memory Access) support.
	1556	+ help
	1557	+ Enable NUMA (Non-Uniform Memory Access) support.
1522	1558
1523	1559	The kernel will try to allocate memory used by a CPU on the
1524	1560	local memory controller of the CPU and add some more
..	..	@@ -1536,7 +1572,7 @@
1536	1572	def_bool y
1537	1573	prompt "Old style AMD Opteron NUMA detection"
1538	1574	depends on X86_64 && NUMA && PCI
1539		- ---help---
	1575	+ help
1540	1576	Enable AMD NUMA node topology detection. You should say Y here if
1541	1577	you have a multi processor AMD system. This uses an old method to
1542	1578	read the NUMA configuration directly from the builtin Northbridge
..	..	@@ -1548,22 +1584,13 @@
1548	1584	prompt "ACPI NUMA detection"
1549	1585	depends on X86_64 && NUMA && ACPI && PCI
1550	1586	select ACPI_NUMA
1551		- ---help---
	1587	+ help
1552	1588	Enable ACPI SRAT based node topology detection.
1553		-
1554		-# Some NUMA nodes have memory ranges that span
1555		-# other nodes. Even though a pfn is valid and
1556		-# between a node's start and end pfns, it may not
1557		-# reside on that node. See memmap_init_zone()
1558		-# for details.
1559		-config NODES_SPAN_OTHER_NODES
1560		- def_bool y
1561		- depends on X86_64_ACPI_NUMA
1562	1589
1563	1590	config NUMA_EMU
1564	1591	bool "NUMA emulation"
1565	1592	depends on NUMA
1566		- ---help---
	1593	+ help
1567	1594	Enable NUMA emulation. A flat machine will be split
1568	1595	into virtual nodes when booted with "numa=fake=N", where N is the
1569	1596	number of nodes. This is only useful for debugging.
..	..	@@ -1575,25 +1602,13 @@
1575	1602	default "6" if X86_64
1576	1603	default "3"
1577	1604	depends on NEED_MULTIPLE_NODES
1578		- ---help---
	1605	+ help
1579	1606	Specify the maximum number of NUMA Nodes available on the target
1580	1607	system. Increases memory reserved to accommodate various tables.
1581		-
1582		-config ARCH_HAVE_MEMORY_PRESENT
1583		- def_bool y
1584		- depends on X86_32 && DISCONTIGMEM
1585	1608
1586	1609	config ARCH_FLATMEM_ENABLE
1587	1610	def_bool y
1588	1611	depends on X86_32 && !NUMA
1589		-
1590		-config ARCH_DISCONTIGMEM_ENABLE
1591		- def_bool y
1592		- depends on NUMA && X86_32
1593		-
1594		-config ARCH_DISCONTIGMEM_DEFAULT
1595		- def_bool y
1596		- depends on NUMA && X86_32
1597	1612
1598	1613	config ARCH_SPARSEMEM_ENABLE
1599	1614	def_bool y
..	..	@@ -1602,8 +1617,7 @@
1602	1617	select SPARSEMEM_VMEMMAP_ENABLE if X86_64
1603	1618
1604	1619	config ARCH_SPARSEMEM_DEFAULT
1605		- def_bool y
1606		- depends on X86_64
	1620	+ def_bool X86_64 \|\| (NUMA && X86_32)
1607	1621
1608	1622	config ARCH_SELECT_MEMORY_MODEL
1609	1623	def_bool y
..	..	@@ -1614,7 +1628,7 @@
1614	1628	depends on X86_64 && MEMORY_HOTPLUG
1615	1629	help
1616	1630	This option enables a sysfs memory/probe interface for testing.
1617		- See Documentation/memory-hotplug.txt for more information.
	1631	+ See Documentation/admin-guide/mm/memory-hotplug.rst for more information.
1618	1632	If you are unsure how to answer this question, answer N.
1619	1633
1620	1634	config ARCH_PROC_KCORE_TEXT
..	..	@@ -1622,9 +1636,9 @@
1622	1636	depends on X86_64 && PROC_KCORE
1623	1637
1624	1638	config ILLEGAL_POINTER_VALUE
1625		- hex
1626		- default 0 if X86_32
1627		- default 0xdead000000000000 if X86_64
	1639	+ hex
	1640	+ default 0 if X86_32
	1641	+ default 0xdead000000000000 if X86_64
1628	1642
1629	1643	config X86_PMEM_LEGACY_DEVICE
1630	1644	bool
..	..	@@ -1634,6 +1648,7 @@
1634	1648	depends on PHYS_ADDR_T_64BIT
1635	1649	depends on BLK_DEV
1636	1650	select X86_PMEM_LEGACY_DEVICE
	1651	+ select NUMA_KEEP_MEMINFO if NUMA
1637	1652	select LIBNVDIMM
1638	1653	help
1639	1654	Treat memory marked using the non-standard e820 type of 12 as used
..	..	@@ -1646,7 +1661,7 @@
1646	1661	config HIGHPTE
1647	1662	bool "Allocate 3rd-level pagetables from highmem"
1648	1663	depends on HIGHMEM
1649		- ---help---
	1664	+ help
1650	1665	The VM uses one page table entry for each page of physical memory.
1651	1666	For systems with a lot of RAM, this can be wasteful of precious
1652	1667	low memory. Setting this option will put user-space page table
..	..	@@ -1654,7 +1669,7 @@
1654	1669
1655	1670	config X86_CHECK_BIOS_CORRUPTION
1656	1671	bool "Check for low memory corruption"
1657		- ---help---
	1672	+ help
1658	1673	Periodically check for memory corruption in low memory, which
1659	1674	is suspected to be caused by BIOS. Even when enabled in the
1660	1675	configuration, it is disabled at runtime. Enable it by
..	..	@@ -1678,7 +1693,7 @@
1678	1693	bool "Set the default setting of memory_corruption_check"
1679	1694	depends on X86_CHECK_BIOS_CORRUPTION
1680	1695	default y
1681		- ---help---
	1696	+ help
1682	1697	Set whether the default state of memory_corruption_check is
1683	1698	on or off.
1684	1699
..	..	@@ -1686,7 +1701,7 @@
1686	1701	int "Amount of low memory, in kilobytes, to reserve for the BIOS"
1687	1702	default 64
1688	1703	range 4 640
1689		- ---help---
	1704	+ help
1690	1705	Specify the amount of low memory to reserve for the BIOS.
1691	1706
1692	1707	The first page contains BIOS data structures that the kernel
..	..	@@ -1714,8 +1729,8 @@
1714	1729	config MATH_EMULATION
1715	1730	bool
1716	1731	depends on MODIFY_LDT_SYSCALL
1717		- prompt "Math emulation" if X86_32
1718		- ---help---
	1732	+ prompt "Math emulation" if X86_32 && (M486SX \|\| MELAN)
	1733	+ help
1719	1734	Linux can emulate a math coprocessor (used for floating point
1720	1735	operations) if you don't have one. 486DX and Pentium processors have
1721	1736	a math coprocessor built in, 486SX and 386 do not, unless you added
..	..	@@ -1741,7 +1756,7 @@
1741	1756	config MTRR
1742	1757	def_bool y
1743	1758	prompt "MTRR (Memory Type Range Register) support" if EXPERT
1744		- ---help---
	1759	+ help
1745	1760	On Intel P6 family processors (Pentium Pro, Pentium II and later)
1746	1761	the Memory Type Range Registers (MTRRs) may be used to control
1747	1762	processor access to memory ranges. This is most useful if you have
..	..	@@ -1771,13 +1786,13 @@
1771	1786	You can safely say Y even if your machine doesn't have MTRRs, you'll
1772	1787	just add about 9 KB to your kernel.
1773	1788
1774		- See <file:Documentation/x86/mtrr.txt> for more information.
	1789	+ See <file:Documentation/x86/mtrr.rst> for more information.
1775	1790
1776	1791	config MTRR_SANITIZER
1777	1792	def_bool y
1778	1793	prompt "MTRR cleanup support"
1779	1794	depends on MTRR
1780		- ---help---
	1795	+ help
1781	1796	Convert MTRR layout from continuous to discrete, so X drivers can
1782	1797	add writeback entries.
1783	1798
..	..	@@ -1792,7 +1807,7 @@
1792	1807	range 0 1
1793	1808	default "0"
1794	1809	depends on MTRR_SANITIZER
1795		- ---help---
	1810	+ help
1796	1811	Enable mtrr cleanup default value
1797	1812
1798	1813	config MTRR_SANITIZER_SPARE_REG_NR_DEFAULT
..	..	@@ -1800,7 +1815,7 @@
1800	1815	range 0 7
1801	1816	default "1"
1802	1817	depends on MTRR_SANITIZER
1803		- ---help---
	1818	+ help
1804	1819	mtrr cleanup spare entries default, it can be changed via
1805	1820	mtrr_spare_reg_nr=N on the kernel command line.
1806	1821
..	..	@@ -1808,7 +1823,7 @@
1808	1823	def_bool y
1809	1824	prompt "x86 PAT support" if EXPERT
1810	1825	depends on MTRR
1811		- ---help---
	1826	+ help
1812	1827	Use PAT attributes to setup page level cache control.
1813	1828
1814	1829	PATs are the modern equivalents of MTRRs and are much more
..	..	@@ -1826,7 +1841,7 @@
1826	1841	config ARCH_RANDOM
1827	1842	def_bool y
1828	1843	prompt "x86 architectural random number generator" if EXPERT
1829		- ---help---
	1844	+ help
1830	1845	Enable the x86 architectural RDRAND instruction
1831	1846	(Intel Bull Mountain technology) to generate random numbers.
1832	1847	If supported, this is a high bandwidth, cryptographically
..	..	@@ -1835,7 +1850,7 @@
1835	1850	config X86_SMAP
1836	1851	def_bool y
1837	1852	prompt "Supervisor Mode Access Prevention" if EXPERT
1838		- ---help---
	1853	+ help
1839	1854	Supervisor Mode Access Prevention (SMAP) is a security
1840	1855	feature in newer Intel processors. There is a small
1841	1856	performance cost if this enabled and turned on; there is
..	..	@@ -1843,63 +1858,34 @@
1843	1858
1844	1859	If unsure, say Y.
1845	1860
1846		-config X86_INTEL_UMIP
	1861	+config X86_UMIP
1847	1862	def_bool y
1848		- depends on CPU_SUP_INTEL
1849		- prompt "Intel User Mode Instruction Prevention" if EXPERT
1850		- ---help---
1851		- The User Mode Instruction Prevention (UMIP) is a security
1852		- feature in newer Intel processors. If enabled, a general
1853		- protection fault is issued if the SGDT, SLDT, SIDT, SMSW
1854		- or STR instructions are executed in user mode. These instructions
1855		- unnecessarily expose information about the hardware state.
	1863	+ prompt "User Mode Instruction Prevention" if EXPERT
	1864	+ help
	1865	+ User Mode Instruction Prevention (UMIP) is a security feature in
	1866	+ some x86 processors. If enabled, a general protection fault is
	1867	+ issued if the SGDT, SLDT, SIDT, SMSW or STR instructions are
	1868	+ executed in user mode. These instructions unnecessarily expose
	1869	+ information about the hardware state.
1856	1870
1857	1871	The vast majority of applications do not use these instructions.
1858	1872	For the very few that do, software emulation is provided in
1859	1873	specific cases in protected and virtual-8086 modes. Emulated
1860	1874	results are dummy.
1861	1875
1862		-config X86_INTEL_MPX
1863		- prompt "Intel MPX (Memory Protection Extensions)"
1864		- def_bool n
1865		- # Note: only available in 64-bit mode due to VMA flags shortage
1866		- depends on CPU_SUP_INTEL && X86_64
1867		- select ARCH_USES_HIGH_VMA_FLAGS
1868		- ---help---
1869		- MPX provides hardware features that can be used in
1870		- conjunction with compiler-instrumented code to check
1871		- memory references. It is designed to detect buffer
1872		- overflow or underflow bugs.
1873		-
1874		- This option enables running applications which are
1875		- instrumented or otherwise use MPX. It does not use MPX
1876		- itself inside the kernel or to protect the kernel
1877		- against bad memory references.
1878		-
1879		- Enabling this option will make the kernel larger:
1880		- ~8k of kernel text and 36 bytes of data on a 64-bit
1881		- defconfig. It adds a long to the 'mm_struct' which
1882		- will increase the kernel memory overhead of each
1883		- process and adds some branches to paths used during
1884		- exec() and munmap().
1885		-
1886		- For details, see Documentation/x86/intel_mpx.txt
1887		-
1888		- If unsure, say N.
1889		-
1890	1876	config X86_INTEL_MEMORY_PROTECTION_KEYS
1891		- prompt "Intel Memory Protection Keys"
	1877	+ prompt "Memory Protection Keys"
1892	1878	def_bool y
1893	1879	# Note: only available in 64-bit mode
1894		- depends on CPU_SUP_INTEL && X86_64
	1880	+ depends on X86_64 && (CPU_SUP_INTEL \|\| CPU_SUP_AMD)
1895	1881	select ARCH_USES_HIGH_VMA_FLAGS
1896	1882	select ARCH_HAS_PKEYS
1897		- ---help---
	1883	+ help
1898	1884	Memory Protection Keys provides a mechanism for enforcing
1899	1885	page-based protections, but without requiring modification of the
1900	1886	page tables when an application changes protection domains.
1901	1887
1902		- For details, see Documentation/x86/protection-keys.txt
	1888	+ For details, see Documentation/core-api/protection-keys.rst
1903	1889
1904	1890	If unsure, say y.
1905	1891
..	..	@@ -1954,7 +1940,7 @@
1954	1940	select UCS2_STRING
1955	1941	select EFI_RUNTIME_WRAPPERS
1956	1942	select ARCH_USE_MEMREMAP_PROT
1957		- ---help---
	1943	+ help
1958	1944	This enables the kernel to use EFI runtime services that are
1959	1945	available (such as the EFI variable services).
1960	1946
..	..	@@ -1966,19 +1952,19 @@
1966	1952	platforms.
1967	1953
1968	1954	config EFI_STUB
1969		- bool "EFI stub support"
1970		- depends on EFI && !X86_USE_3DNOW
1971		- select RELOCATABLE
1972		- ---help---
1973		- This kernel feature allows a bzImage to be loaded directly
	1955	+ bool "EFI stub support"
	1956	+ depends on EFI && !X86_USE_3DNOW
	1957	+ select RELOCATABLE
	1958	+ help
	1959	+ This kernel feature allows a bzImage to be loaded directly
1974	1960	by EFI firmware without the use of a bootloader.
1975	1961
1976		- See Documentation/efi-stub.txt for more information.
	1962	+ See Documentation/admin-guide/efi-stub.rst for more information.
1977	1963
1978	1964	config EFI_MIXED
1979	1965	bool "EFI mixed-mode support"
1980	1966	depends on EFI_STUB && X86_64
1981		- ---help---
	1967	+ help
1982	1968	Enabling this feature allows a 64-bit kernel to be booted
1983	1969	on a 32-bit firmware, provided that your CPU supports 64-bit
1984	1970	mode.
..	..	@@ -1989,28 +1975,12 @@
1989	1975
1990	1976	If unsure, say N.
1991	1977
1992		-config SECCOMP
1993		- def_bool y
1994		- prompt "Enable seccomp to safely compute untrusted bytecode"
1995		- ---help---
1996		- This kernel feature is useful for number crunching applications
1997		- that may need to compute untrusted bytecode during their
1998		- execution. By using pipes or other transports made available to
1999		- the process as file descriptors supporting the read/write
2000		- syscalls, it's possible to isolate those applications in
2001		- their own address space using seccomp. Once seccomp is
2002		- enabled via prctl(PR_SET_SECCOMP), it cannot be disabled
2003		- and the task is only allowed to execute a few safe syscalls
2004		- defined by each seccomp mode.
2005		-
2006		- If unsure, say Y. Only embedded should say N here.
2007		-
2008		-source kernel/Kconfig.hz
	1978	+source "kernel/Kconfig.hz"
2009	1979
2010	1980	config KEXEC
2011	1981	bool "kexec system call"
2012	1982	select KEXEC_CORE
2013		- ---help---
	1983	+ help
2014	1984	kexec is a system call that implements the ability to shutdown your
2015	1985	current kernel, and to start another kernel. It is like a reboot
2016	1986	but it is independent of the system firmware. And like a reboot
..	..	@@ -2031,7 +2001,7 @@
2031	2001	depends on X86_64
2032	2002	depends on CRYPTO=y
2033	2003	depends on CRYPTO_SHA256=y
2034		- ---help---
	2004	+ help
2035	2005	This is new version of kexec system call. This system call is
2036	2006	file based and takes file descriptors as system call argument
2037	2007	for kernel and initramfs as opposed to list of segments as
..	..	@@ -2040,29 +2010,39 @@
2040	2010	config ARCH_HAS_KEXEC_PURGATORY
2041	2011	def_bool KEXEC_FILE
2042	2012
2043		-config KEXEC_VERIFY_SIG
	2013	+config KEXEC_SIG
2044	2014	bool "Verify kernel signature during kexec_file_load() syscall"
2045	2015	depends on KEXEC_FILE
2046		- ---help---
2047		- This option makes kernel signature verification mandatory for
2048		- the kexec_file_load() syscall.
	2016	+ help
2049	2017
2050		- In addition to that option, you need to enable signature
	2018	+ This option makes the kexec_file_load() syscall check for a valid
	2019	+ signature of the kernel image. The image can still be loaded without
	2020	+ a valid signature unless you also enable KEXEC_SIG_FORCE, though if
	2021	+ there's a signature that we can check, then it must be valid.
	2022	+
	2023	+ In addition to this option, you need to enable signature
2051	2024	verification for the corresponding kernel image type being
2052	2025	loaded in order for this to work.
2053	2026
	2027	+config KEXEC_SIG_FORCE
	2028	+ bool "Require a valid signature in kexec_file_load() syscall"
	2029	+ depends on KEXEC_SIG
	2030	+ help
	2031	+ This option makes kernel signature verification mandatory for
	2032	+ the kexec_file_load() syscall.
	2033	+
2054	2034	config KEXEC_BZIMAGE_VERIFY_SIG
2055	2035	bool "Enable bzImage signature verification support"
2056		- depends on KEXEC_VERIFY_SIG
	2036	+ depends on KEXEC_SIG
2057	2037	depends on SIGNED_PE_FILE_VERIFICATION
2058	2038	select SYSTEM_TRUSTED_KEYRING
2059		- ---help---
	2039	+ help
2060	2040	Enable bzImage signature verification support.
2061	2041
2062	2042	config CRASH_DUMP
2063	2043	bool "kernel crash dumps"
2064	2044	depends on X86_64 \|\| (X86_32 && HIGHMEM)
2065		- ---help---
	2045	+ help
2066	2046	Generate crash dump after being started by kexec.
2067	2047	This should be normally only set in special crash dump kernels
2068	2048	which are loaded in the main kernel with kexec-tools into
..	..	@@ -2071,19 +2051,19 @@
2071	2051	to a memory address not used by the main kernel or BIOS using
2072	2052	PHYSICAL_START, or it must be built as a relocatable image
2073	2053	(CONFIG_RELOCATABLE=y).
2074		- For more details see Documentation/kdump/kdump.txt
	2054	+ For more details see Documentation/admin-guide/kdump/kdump.rst
2075	2055
2076	2056	config KEXEC_JUMP
2077	2057	bool "kexec jump"
2078	2058	depends on KEXEC && HIBERNATION
2079		- ---help---
	2059	+ help
2080	2060	Jump between original kernel and kexeced kernel and invoke
2081	2061	code in physical address mode via KEXEC
2082	2062
2083	2063	config PHYSICAL_START
2084	2064	hex "Physical address where the kernel is loaded" if (EXPERT \|\| CRASH_DUMP)
2085	2065	default "0x1000000"
2086		- ---help---
	2066	+ help
2087	2067	This gives the physical address where the kernel is loaded.
2088	2068
2089	2069	If kernel is a not relocatable (CONFIG_RELOCATABLE=n) then
..	..	@@ -2108,7 +2088,7 @@
2108	2088	the reserved region. In other words, it can be set based on
2109	2089	the "X" value as specified in the "crashkernel=YM@XM"
2110	2090	command line boot parameter passed to the panic-ed
2111		- kernel. Please take a look at Documentation/kdump/kdump.txt
	2091	+ kernel. Please take a look at Documentation/admin-guide/kdump/kdump.rst
2112	2092	for more details about crash dumps.
2113	2093
2114	2094	Usage of bzImage for capturing the crash dump is recommended as
..	..	@@ -2124,7 +2104,7 @@
2124	2104	config RELOCATABLE
2125	2105	bool "Build a relocatable kernel"
2126	2106	default y
2127		- ---help---
	2107	+ help
2128	2108	This builds a kernel image that retains relocation information
2129	2109	so it can be loaded someplace besides the default 1MB.
2130	2110	The relocations tend to make the kernel binary about 10% larger,
..	..	@@ -2142,7 +2122,7 @@
2142	2122	bool "Randomize the address of the kernel image (KASLR)"
2143	2123	depends on RELOCATABLE
2144	2124	default y
2145		- ---help---
	2125	+ help
2146	2126	In support of Kernel Address Space Layout Randomization (KASLR),
2147	2127	this randomizes the physical address at which the kernel image
2148	2128	is decompressed and the virtual address where the kernel
..	..	@@ -2183,7 +2163,7 @@
2183	2163	default "0x200000"
2184	2164	range 0x2000 0x1000000 if X86_32
2185	2165	range 0x200000 0x1000000 if X86_64
2186		- ---help---
	2166	+ help
2187	2167	This value puts the alignment restrictions on physical address
2188	2168	where kernel is loaded and run from. Kernel is compiled for an
2189	2169	address which meets above alignment restriction.
..	..	@@ -2207,7 +2187,7 @@
2207	2187
2208	2188	config DYNAMIC_MEMORY_LAYOUT
2209	2189	bool
2210		- ---help---
	2190	+ help
2211	2191	This option makes base addresses of vmalloc and vmemmap as well as
2212	2192	__PAGE_OFFSET movable during boot.
2213	2193
..	..	@@ -2217,7 +2197,7 @@
2217	2197	depends on RANDOMIZE_BASE
2218	2198	select DYNAMIC_MEMORY_LAYOUT
2219	2199	default RANDOMIZE_BASE
2220		- ---help---
	2200	+ help
2221	2201	Randomizes the base virtual address of kernel memory sections
2222	2202	(physical memory mapping, vmalloc & vmemmap). This security feature
2223	2203	makes exploits relying on predictable memory locations less reliable.
..	..	@@ -2236,7 +2216,7 @@
2236	2216	default "0x0"
2237	2217	range 0x1 0x40 if MEMORY_HOTPLUG
2238	2218	range 0x0 0x40
2239		- ---help---
	2219	+ help
2240	2220	Define the padding in terabytes added to the existing physical
2241	2221	memory size during kernel memory randomization. It is useful
2242	2222	for memory hotplug support but reduces the entropy available for
..	..	@@ -2250,9 +2230,8 @@
2250	2230
2251	2231	config BOOTPARAM_HOTPLUG_CPU0
2252	2232	bool "Set default setting of cpu0_hotpluggable"
2253		- default n
2254	2233	depends on HOTPLUG_CPU
2255		- ---help---
	2234	+ help
2256	2235	Set whether default state of cpu0_hotpluggable is on or off.
2257	2236
2258	2237	Say Y here to enable CPU0 hotplug by default. If this switch
..	..	@@ -2281,7 +2260,7 @@
2281	2260	def_bool n
2282	2261	prompt "Debug CPU0 hotplug"
2283	2262	depends on HOTPLUG_CPU
2284		- ---help---
	2263	+ help
2285	2264	Enabling this option offlines CPU0 (if CPU0 can be offlined) as
2286	2265	soon as possible and boots up userspace with CPU0 offlined. User
2287	2266	can online CPU0 back after boot time.
..	..	@@ -2296,7 +2275,7 @@
2296	2275	def_bool n
2297	2276	prompt "Disable the 32-bit vDSO (needed for glibc 2.3.3)"
2298	2277	depends on COMPAT_32
2299		- ---help---
	2278	+ help
2300	2279	Certain buggy versions of glibc will crash if they are
2301	2280	presented with a 32-bit vDSO that is not mapped at the address
2302	2281	indicated in its segment table.
..	..	@@ -2320,7 +2299,7 @@
2320	2299	choice
2321	2300	prompt "vsyscall table for legacy applications"
2322	2301	depends on X86_64
2323		- default LEGACY_VSYSCALL_EMULATE
	2302	+ default LEGACY_VSYSCALL_XONLY
2324	2303	help
2325	2304	Legacy user code that does not know how to find the vDSO expects
2326	2305	to be able to issue three syscalls by calling fixed addresses in
..	..	@@ -2328,23 +2307,38 @@
2328	2307	it can be used to assist security vulnerability exploitation.
2329	2308
2330	2309	This setting can be changed at boot time via the kernel command
2331		- line parameter vsyscall=[emulate\|none].
	2310	+ line parameter vsyscall=[emulate\|xonly\|none].
2332	2311
2333	2312	On a system with recent enough glibc (2.14 or newer) and no
2334	2313	static binaries, you can say None without a performance penalty
2335	2314	to improve security.
2336	2315
2337		- If unsure, select "Emulate".
	2316	+ If unsure, select "Emulate execution only".
2338	2317
2339	2318	config LEGACY_VSYSCALL_EMULATE
2340		- bool "Emulate"
	2319	+ bool "Full emulation"
2341	2320	help
2342		- The kernel traps and emulates calls into the fixed
2343		- vsyscall address mapping. This makes the mapping
2344		- non-executable, but it still contains known contents,
2345		- which could be used in certain rare security vulnerability
2346		- exploits. This configuration is recommended when userspace
2347		- still uses the vsyscall area.
	2321	+ The kernel traps and emulates calls into the fixed vsyscall
	2322	+ address mapping. This makes the mapping non-executable, but
	2323	+ it still contains readable known contents, which could be
	2324	+ used in certain rare security vulnerability exploits. This
	2325	+ configuration is recommended when using legacy userspace
	2326	+ that still uses vsyscalls along with legacy binary
	2327	+ instrumentation tools that require code to be readable.
	2328	+
	2329	+ An example of this type of legacy userspace is running
	2330	+ Pin on an old binary that still uses vsyscalls.
	2331	+
	2332	+ config LEGACY_VSYSCALL_XONLY
	2333	+ bool "Emulate execution only"
	2334	+ help
	2335	+ The kernel traps and emulates calls into the fixed vsyscall
	2336	+ address mapping and does not allow reads. This
	2337	+ configuration is recommended when userspace might use the
	2338	+ legacy vsyscall area but support for legacy binary
	2339	+ instrumentation of legacy code is not needed. It mitigates
	2340	+ certain uses of the vsyscall area as an ASLR-bypassing
	2341	+ buffer.
2348	2342
2349	2343	config LEGACY_VSYSCALL_NONE
2350	2344	bool "None"
..	..	@@ -2359,7 +2353,7 @@
2359	2353
2360	2354	config CMDLINE_BOOL
2361	2355	bool "Built-in kernel command line"
2362		- ---help---
	2356	+ help
2363	2357	Allow for specifying boot arguments to the kernel at
2364	2358	build time. On some systems (e.g. embedded ones), it is
2365	2359	necessary or convenient to provide some or all of the
..	..	@@ -2377,7 +2371,7 @@
2377	2371	string "Built-in kernel command string"
2378	2372	depends on CMDLINE_BOOL
2379	2373	default ""
2380		- ---help---
	2374	+ help
2381	2375	Enter arguments here that should be compiled into the kernel
2382	2376	image and used at boot time. If the boot loader provides a
2383	2377	command line at boot time, it is appended to this string to
..	..	@@ -2392,8 +2386,8 @@
2392	2386
2393	2387	config CMDLINE_OVERRIDE
2394	2388	bool "Built-in command line overrides boot loader arguments"
2395		- depends on CMDLINE_BOOL
2396		- ---help---
	2389	+ depends on CMDLINE_BOOL && CMDLINE != ""
	2390	+ help
2397	2391	Set this option to 'Y' to have the kernel ignore the boot loader
2398	2392	command line, and use ONLY the built-in command line.
2399	2393
..	..	@@ -2403,7 +2397,7 @@
2403	2397	config MODIFY_LDT_SYSCALL
2404	2398	bool "Enable the LDT (local descriptor table)" if EXPERT
2405	2399	default y
2406		- ---help---
	2400	+ help
2407	2401	Linux can allow user programs to install a per-process x86
2408	2402	Local Descriptor Table (LDT) using the modify_ldt(2) system
2409	2403	call. This is required to run 16-bit or segmented code such as
..	..	@@ -2419,6 +2413,88 @@
2419	2413	source "kernel/livepatch/Kconfig"
2420	2414
2421	2415	endmenu
	2416	+
	2417	+config CC_HAS_SLS
	2418	+ def_bool $(cc-option,-mharden-sls=all)
	2419	+
	2420	+config CC_HAS_RETURN_THUNK
	2421	+ def_bool $(cc-option,-mfunction-return=thunk-extern)
	2422	+
	2423	+menuconfig SPECULATION_MITIGATIONS
	2424	+ bool "Mitigations for speculative execution vulnerabilities"
	2425	+ default y
	2426	+ help
	2427	+ Say Y here to enable options which enable mitigations for
	2428	+ speculative execution hardware vulnerabilities.
	2429	+
	2430	+ If you say N, all mitigations will be disabled. You really
	2431	+ should know what you are doing to say so.
	2432	+
	2433	+if SPECULATION_MITIGATIONS
	2434	+
	2435	+config PAGE_TABLE_ISOLATION
	2436	+ bool "Remove the kernel mapping in user mode"
	2437	+ default y
	2438	+ depends on (X86_64 \|\| X86_PAE)
	2439	+ help
	2440	+ This feature reduces the number of hardware side channels by
	2441	+ ensuring that the majority of kernel addresses are not mapped
	2442	+ into userspace.
	2443	+
	2444	+ See Documentation/x86/pti.rst for more details.
	2445	+
	2446	+config RETPOLINE
	2447	+ bool "Avoid speculative indirect branches in kernel"
	2448	+ default y
	2449	+ help
	2450	+ Compile kernel with the retpoline compiler options to guard against
	2451	+ kernel-to-user data leaks by avoiding speculative indirect
	2452	+ branches. Requires a compiler with -mindirect-branch=thunk-extern
	2453	+ support for full protection. The kernel may run slower.
	2454	+
	2455	+config RETHUNK
	2456	+ bool "Enable return-thunks"
	2457	+ depends on RETPOLINE && CC_HAS_RETURN_THUNK
	2458	+ default y if X86_64
	2459	+ help
	2460	+ Compile the kernel with the return-thunks compiler option to guard
	2461	+ against kernel-to-user data leaks by avoiding return speculation.
	2462	+ Requires a compiler with -mfunction-return=thunk-extern
	2463	+ support for full protection. The kernel may run slower.
	2464	+
	2465	+config CPU_UNRET_ENTRY
	2466	+ bool "Enable UNRET on kernel entry"
	2467	+ depends on CPU_SUP_AMD && RETHUNK && X86_64
	2468	+ default y
	2469	+ help
	2470	+ Compile the kernel with support for the retbleed=unret mitigation.
	2471	+
	2472	+config CPU_IBPB_ENTRY
	2473	+ bool "Enable IBPB on kernel entry"
	2474	+ depends on CPU_SUP_AMD && X86_64
	2475	+ default y
	2476	+ help
	2477	+ Compile the kernel with support for the retbleed=ibpb mitigation.
	2478	+
	2479	+config CPU_IBRS_ENTRY
	2480	+ bool "Enable IBRS on kernel entry"
	2481	+ depends on CPU_SUP_INTEL && X86_64
	2482	+ default y
	2483	+ help
	2484	+ Compile the kernel with support for the spectre_v2=ibrs mitigation.
	2485	+ This mitigates both spectre_v2 and retbleed at great cost to
	2486	+ performance.
	2487	+
	2488	+config SLS
	2489	+ bool "Mitigate Straight-Line-Speculation"
	2490	+ depends on CC_HAS_SLS && X86_64
	2491	+ default n
	2492	+ help
	2493	+ Compile the kernel with straight-line-speculation options to guard
	2494	+ against straight line speculation. The kernel image might be slightly
	2495	+ larger.
	2496	+
	2497	+endif
2422	2498
2423	2499	config ARCH_HAS_ADD_PAGES
2424	2500	def_bool y
..	..	@@ -2452,7 +2528,7 @@
2452	2528
2453	2529	config ARCH_HIBERNATION_HEADER
2454	2530	def_bool y
2455		- depends on X86_64 && HIBERNATION
	2531	+ depends on HIBERNATION
2456	2532
2457	2533	source "kernel/power/Kconfig"
2458	2534
..	..	@@ -2467,7 +2543,7 @@
2467	2543	menuconfig APM
2468	2544	tristate "APM (Advanced Power Management) BIOS support"
2469	2545	depends on X86_32 && PM_SLEEP
2470		- ---help---
	2546	+ help
2471	2547	APM is a BIOS specification for saving power using several different
2472	2548	techniques. This is mostly useful for battery powered laptops with
2473	2549	APM compliant BIOSes. If you say Y here, the system time will be
..	..	@@ -2482,7 +2558,7 @@
2482	2558	machines with more than one CPU.
2483	2559
2484	2560	In order to use APM, you will need supporting software. For location
2485		- and more information, read <file:Documentation/power/apm-acpi.txt>
	2561	+ and more information, read <file:Documentation/power/apm-acpi.rst>
2486	2562	and the Battery Powered Linux mini-HOWTO, available from
2487	2563	<http://www.tldp.org/docs.html#howto>.
2488	2564
..	..	@@ -2527,14 +2603,14 @@
2527	2603
2528	2604	config APM_IGNORE_USER_SUSPEND
2529	2605	bool "Ignore USER SUSPEND"
2530		- ---help---
	2606	+ help
2531	2607	This option will ignore USER SUSPEND requests. On machines with a
2532	2608	compliant APM BIOS, you want to say N. However, on the NEC Versa M
2533	2609	series notebooks, it is necessary to say Y because of a BIOS bug.
2534	2610
2535	2611	config APM_DO_ENABLE
2536	2612	bool "Enable PM at boot time"
2537		- ---help---
	2613	+ help
2538	2614	Enable APM features at boot time. From page 36 of the APM BIOS
2539	2615	specification: "When disabled, the APM BIOS does not automatically
2540	2616	power manage devices, enter the Standby State, enter the Suspend
..	..	@@ -2552,7 +2628,7 @@
2552	2628	config APM_CPU_IDLE
2553	2629	depends on CPU_IDLE
2554	2630	bool "Make CPU Idle calls when idle"
2555		- ---help---
	2631	+ help
2556	2632	Enable calls to APM CPU Idle/CPU Busy inside the kernel's idle loop.
2557	2633	On some machines, this can activate improved power savings, such as
2558	2634	a slowed CPU clock rate, when the machine is idle. These idle calls
..	..	@@ -2563,7 +2639,7 @@
2563	2639
2564	2640	config APM_DISPLAY_BLANK
2565	2641	bool "Enable console blanking using APM"
2566		- ---help---
	2642	+ help
2567	2643	Enable console blanking using the APM. Some laptops can use this to
2568	2644	turn off the LCD backlight when the screen blanker of the Linux
2569	2645	virtual console blanks the screen. Note that this is only used by
..	..	@@ -2576,7 +2652,7 @@
2576	2652
2577	2653	config APM_ALLOW_INTS
2578	2654	bool "Allow interrupts during APM BIOS calls"
2579		- ---help---
	2655	+ help
2580	2656	Normally we disable external interrupts while we are making calls to
2581	2657	the APM BIOS as a measure to lessen the effects of a badly behaving
2582	2658	BIOS implementation. The BIOS should reenable interrupts if it
..	..	@@ -2597,20 +2673,11 @@
2597	2673
2598	2674	menu "Bus options (PCI etc.)"
2599	2675
2600		-config PCI
2601		- bool "PCI support"
2602		- default y
2603		- ---help---
2604		- Find out whether you have a PCI motherboard. PCI is the name of a
2605		- bus system, i.e. the way the CPU talks to the other stuff inside
2606		- your box. Other bus systems are ISA, EISA, MicroChannel (MCA) or
2607		- VESA. If you have PCI, say Y, otherwise N.
2608		-
2609	2676	choice
2610	2677	prompt "PCI access mode"
2611	2678	depends on X86_32 && PCI
2612	2679	default PCI_GOANY
2613		- ---help---
	2680	+ help
2614	2681	On PCI systems, the BIOS can be used to detect the PCI devices and
2615	2682	determine their configuration. However, some old PCI motherboards
2616	2683	have BIOS bugs and may crash if this is done. Also, some embedded
..	..	@@ -2667,10 +2734,6 @@
2667	2734	depends on PCI && XEN
2668	2735	select SWIOTLB_XEN
2669	2736
2670		-config PCI_DOMAINS
2671		- def_bool y
2672		- depends on PCI
2673		-
2674	2737	config MMCONF_FAM10H
2675	2738	def_bool y
2676	2739	depends on X86_64 && PCI_MMCONFIG && ACPI
..	..	@@ -2687,8 +2750,6 @@
2687	2750	is known to be incomplete.
2688	2751
2689	2752	You should say N unless you know you need this.
2690		-
2691		-source "drivers/pci/Kconfig"
2692	2753
2693	2754	config ISA_BUS
2694	2755	bool "ISA bus support on modern systems" if EXPERT
..	..	@@ -2713,34 +2774,16 @@
2713	2774
2714	2775	config ISA
2715	2776	bool "ISA support"
2716		- ---help---
	2777	+ help
2717	2778	Find out whether you have ISA slots on your motherboard. ISA is the
2718	2779	name of a bus system, i.e. the way the CPU talks to the other stuff
2719	2780	inside your box. Other bus systems are PCI, EISA, MicroChannel
2720	2781	(MCA) or VESA. ISA is an older system, now being displaced by PCI;
2721	2782	newer boards don't support it. If you have ISA, say Y, otherwise N.
2722	2783
2723		-config EISA
2724		- bool "EISA support"
2725		- depends on ISA
2726		- ---help---
2727		- The Extended Industry Standard Architecture (EISA) bus was
2728		- developed as an open alternative to the IBM MicroChannel bus.
2729		-
2730		- The EISA bus provided some of the features of the IBM MicroChannel
2731		- bus while maintaining backward compatibility with cards made for
2732		- the older ISA bus. The EISA bus saw limited use between 1988 and
2733		- 1995 when it was made obsolete by the PCI bus.
2734		-
2735		- Say Y here if you are building a kernel for an EISA-based machine.
2736		-
2737		- Otherwise, say N.
2738		-
2739		-source "drivers/eisa/Kconfig"
2740		-
2741	2784	config SCx200
2742	2785	tristate "NatSemi SCx200 support"
2743		- ---help---
	2786	+ help
2744	2787	This provides basic support for National Semiconductor's
2745	2788	(now AMD's) Geode processors. The driver probes for the
2746	2789	PCI-IDs of several on-chip devices, so its a good dependency
..	..	@@ -2752,7 +2795,7 @@
2752	2795	tristate "NatSemi SCx200 27MHz High-Resolution Timer Support"
2753	2796	depends on SCx200
2754	2797	default y
2755		- ---help---
	2798	+ help
2756	2799	This driver provides a clocksource built upon the on-chip
2757	2800	27MHz high-resolution timer. Its also a workaround for
2758	2801	NSC Geode SC-1100's buggy TSC, which loses time when the
..	..	@@ -2766,20 +2809,21 @@
2766	2809	select OF
2767	2810	select OF_PROMTREE
2768	2811	select IRQ_DOMAIN
2769		- ---help---
	2812	+ select OLPC_EC
	2813	+ help
2770	2814	Add support for detecting the unique features of the OLPC
2771	2815	XO hardware.
2772	2816
2773	2817	config OLPC_XO1_PM
2774	2818	bool "OLPC XO-1 Power Management"
2775	2819	depends on OLPC && MFD_CS5535=y && PM_SLEEP
2776		- ---help---
	2820	+ help
2777	2821	Add support for poweroff and suspend of the OLPC XO-1 laptop.
2778	2822
2779	2823	config OLPC_XO1_RTC
2780	2824	bool "OLPC XO-1 Real Time Clock"
2781	2825	depends on OLPC_XO1_PM && RTC_DRV_CMOS
2782		- ---help---
	2826	+ help
2783	2827	Add support for the XO-1 real time clock, which can be used as a
2784	2828	programmable wakeup source.
2785	2829
..	..	@@ -2788,7 +2832,7 @@
2788	2832	depends on OLPC && OLPC_XO1_PM && GPIO_CS5535=y
2789	2833	depends on INPUT=y
2790	2834	select POWER_SUPPLY
2791		- ---help---
	2835	+ help
2792	2836	Add support for SCI-based features of the OLPC XO-1 laptop:
2793	2837	- EC-driven system wakeups
2794	2838	- Power button
..	..	@@ -2801,7 +2845,7 @@
2801	2845	bool "OLPC XO-1.5 SCI extras"
2802	2846	depends on OLPC && ACPI
2803	2847	select POWER_SUPPLY
2804		- ---help---
	2848	+ help
2805	2849	Add support for SCI-based features of the OLPC XO-1.5 laptop:
2806	2850	- EC-driven system wakeups
2807	2851	- AC adapter status updates
..	..	@@ -2810,7 +2854,7 @@
2810	2854	config ALIX
2811	2855	bool "PCEngines ALIX System Support (LED setup)"
2812	2856	select GPIOLIB
2813		- ---help---
	2857	+ help
2814	2858	This option enables system support for the PCEngines ALIX.
2815	2859	At present this just sets up LEDs for GPIO control on
2816	2860	ALIX2/3/6 boards. However, other system specific setup should
..	..	@@ -2824,14 +2868,14 @@
2824	2868	config NET5501
2825	2869	bool "Soekris Engineering net5501 System Support (LEDS, GPIO, etc)"
2826	2870	select GPIOLIB
2827		- ---help---
	2871	+ help
2828	2872	This option enables system support for the Soekris Engineering net5501.
2829	2873
2830	2874	config GEOS
2831	2875	bool "Traverse Technologies GEOS System Support (LEDS, GPIO, etc)"
2832	2876	select GPIOLIB
2833	2877	depends on DMI
2834		- ---help---
	2878	+ help
2835	2879	This option enables system support for the Traverse Technologies GEOS.
2836	2880
2837	2881	config TS5500
..	..	@@ -2840,7 +2884,7 @@
2840	2884	select CHECK_SIGNATURE
2841	2885	select NEW_LEDS
2842	2886	select LEDS_CLASS
2843		- ---help---
	2887	+ help
2844	2888	This option enables system support for the Technologic Systems TS-5500.
2845	2889
2846	2890	endif # X86_32
..	..	@@ -2848,18 +2892,6 @@
2848	2892	config AMD_NB
2849	2893	def_bool y
2850	2894	depends on CPU_SUP_AMD && PCI
2851		-
2852		-source "drivers/pcmcia/Kconfig"
2853		-
2854		-config RAPIDIO
2855		- tristate "RapidIO support"
2856		- depends on PCI
2857		- default n
2858		- help
2859		- If enabled this option will include drivers and the core
2860		- infrastructure code to support RapidIO interconnect devices.
2861		-
2862		-source "drivers/rapidio/Kconfig"
2863	2895
2864	2896	config X86_SYSFB
2865	2897	bool "Mark VGA/VBE/EFI FB as generic system framebuffer"
..	..	@@ -2899,7 +2931,7 @@
2899	2931	select BINFMT_ELF
2900	2932	select COMPAT_BINFMT_ELF
2901	2933	select COMPAT_OLD_SIGACTION
2902		- ---help---
	2934	+ help
2903	2935	Include code to run legacy 32-bit programs under a
2904	2936	64-bit kernel. You should likely turn this on, unless you're
2905	2937	100% sure that you don't have any 32-bit programs left.
..	..	@@ -2907,13 +2939,19 @@
2907	2939	config IA32_AOUT
2908	2940	tristate "IA32 a.out support"
2909	2941	depends on IA32_EMULATION
2910		- ---help---
	2942	+ depends on BROKEN
	2943	+ help
2911	2944	Support old a.out binaries in the 32bit emulation.
2912	2945
2913	2946	config X86_X32
2914	2947	bool "x32 ABI for 64-bit mode"
2915	2948	depends on X86_64
2916		- ---help---
	2949	+ # llvm-objcopy does not convert x86_64 .note.gnu.property or
	2950	+ # compressed debug sections to x86_x32 properly:
	2951	+ # https://github.com/ClangBuiltLinux/linux/issues/514
	2952	+ # https://github.com/ClangBuiltLinux/linux/issues/1141
	2953	+ depends on $(success,$(OBJCOPY) --version \| head -n1 \| grep -qv llvm)
	2954	+ help
2917	2955	Include code to run binaries for the x32 native 32-bit ABI
2918	2956	for 64-bit processors. An x32 process gets access to the
2919	2957	full 64-bit register file and wide data path while leaving
..	..	@@ -2949,17 +2987,8 @@
2949	2987	def_bool y
2950	2988	depends on X86_32
2951	2989
2952		-config X86_DEV_DMA_OPS
2953		- bool
2954		- depends on X86_64 \|\| STA2X11
2955		-
2956		-config X86_DMA_REMAP
2957		- bool
2958		- depends on STA2X11
2959		-
2960		-config HAVE_GENERIC_GUP
2961		- def_bool y
2962		-
2963	2990	source "drivers/firmware/Kconfig"
2964	2991
2965	2992	source "arch/x86/kvm/Kconfig"
	2993	+
	2994	+source "arch/x86/Kconfig.assembler"