This activates "Emulate Privileged Access Never using TTBR0_EL1
switching" on ARM64.
This should prevent the kernel from reading code from user space in
kernel context.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This is required for running armvirt_32 on QEMU 3.0 [1], otherwise the
kernel will emit the following complaint and virtio-net-pci devices will
fail to be initialized
[ 1.124214] OF: PCI: host bridge /pcie@10000000 ranges:
[ 1.125093] OF: PCI: IO 0x3eff0000..0x3effffff -> 0x00000000
[ 1.125942] OF: PCI: MEM 0x10000000..0x3efeffff -> 0x10000000
[ 1.126403] OF: PCI: MEM 0x8000000000..0xffffffffff -> 0x8000000000
[ 1.127748] pci-host-generic 4010000000.pcie: can't claim ECAM area [mem 0x10000000-0x1fffffff]: address conflict with /pcie@10000000 [mem 0x10000000-0x3efeffff]
[ 1.129752] pci-host-generic: probe of 4010000000.pcie failed with error -16
Running QEMU with "-M virt,highmem=off" is an option, but "highmem" was only
introduced as a default on flag since QEMU 2.5.0 and QEMU will fail and quit on
encounter of unknown flags
[1] Armv7 guest fails to boot with qemu-3.0.0-1,
https://bugzilla.redhat.com/show_bug.cgi?id=1633328#c5
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
The diff was genereated by running the following command without
actually changing any kernel config options
make kernel_menuconfig CONFIG_TARGET=subtarget
Here are some initial findings on the change
- CONFIG_ARCH_OPTIONAL_KERNEL_RWX is now arch default
- CONFIG_ARM_GIC_V3_ITS is selected by CONFIG_ARCH_VIRT
- CONFIG_CPU_SPECTRE is select by CONFIG_CPU_V7
- CONFIG_TIMER_OF is now a arch default
- CONFIG_TIMER_PROBE is select by CONFIG_TIMER_OF
The following options should probably be moved to generic config
- CONFIG_MIGRATION is a default on option
- CONFIG_TREE_SRCU is a default on option for !PREEMPT && SMP system
- CONFIG_RCU_NEED_SEGCBLIST
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Refreshed all patches.
Altered patches:
- 666-Add-support-for-MAP-E-FMRs-mesh-mode.patch
New symbol for arm targets:
- HARDEN_BRANCH_PREDICTOR
Compile-tested on: ar71xx, cns3xxx, imx6
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Compaction is the only memory management component to form high order (larger
physically contiguous) memory blocks reliably. The page allocator relies on
compaction heavily and the lack of the feature can lead to unexpected OOM
killer invocations for high order memory requests. You shouldn't disable this
option unless there really is a strong reason for it.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Michal Hrusecky <michal.hrusecky@nic.cz>
In 4.14.57, a new symbol for Spectre v4 mitigation was introduced for
ARM64. Add this symbol to all ARM64 targets using kernel 4.14.
This mitigates CVE-2018-3639 on ARM64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
The 4.14 kernel configuration defaulted to a v4/v5 multiplatform while
4.9 was using a v6/v7 default configuration. Resync 4.14 against 4.9 so
they are nearly identical.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Enable CONFIG_VFP again which was disabled during the 4.9 -> 4.14 bump.
Boot tested both 32 and 64 bit subtargets using initramfs images with the
qemu-system-arm and qemu-system-aarch64 emulators.
Fixes: aa100b66f2 ("armvirt: bump to v4.14")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
While bumping 4.14, the kernel build failed due to missing CONFIG_KASAN
symbol. Move it to generic config instead of defining it for all arm64
and x86/64 targets.
It was only added in 4.0, so not needed in config-3.18.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
We will be prompted with this config symbol when performance monitoring is
enabled in the kernel.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
The kernel configs for all targets should have the version in the
filename, for clearness and consistency across all targets.
It is also expected by the update_kernel.sh script.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
It was originally only enabled for the "32" subtarget along with the
"usb" feature which is now also shared by the "64" target
This should fix the phase1 build of armvirt/64
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Original armvirt target is now subtarget 32. Other than that the built
result should remain the same as before
Besides old features already available with arm64, the new armvirt/64
subtarget will also have those features originally enabled for
armvirt/32 with commit 44ecfc2 ("armvirt: new target")
- pl011, uart
- pl031, rtc
- pl061, gpio
- pci-host-generic
- virtio_{mmio,pci,net,blk,scsi,9p,console,balloon}
- smp with NR_CPUS=4
- cpu-hotplug
- ext4
- DEBUG_BUGVERBOSE for debug purposes
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>