From 1edf777803bdd2aeeb04cf44508fd9b88737fba8 Mon Sep 17 00:00:00 2001 From: Andi Kleen Date: Tue, 26 Sep 2006 10:52:35 +0200 Subject: [PATCH] i386/x86-64: Improve Kconfig description of CRASH_DUMP Improve Kconfig description of CONFIG_CRASH_DUMP. Previously it was too brief to be useful. Cc: vgoyal@in.ibm.com Cc: ebiederm@xmission.com Signed-off-by: Andi Kleen --- arch/x86_64/Kconfig | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'arch/x86_64/Kconfig') diff --git a/arch/x86_64/Kconfig b/arch/x86_64/Kconfig index 6cd4878..927b392 100644 --- a/arch/x86_64/Kconfig +++ b/arch/x86_64/Kconfig @@ -488,7 +488,14 @@ config CRASH_DUMP bool "kernel crash dumps (EXPERIMENTAL)" depends on EXPERIMENTAL help - Generate crash dump after being started by kexec. + Generate crash dump after being started by kexec. + This should be normally only set in special crash dump kernels + which are loaded in the main kernel with kexec-tools into + a specially reserved region and then later executed after + a crash by kdump/kexec. The crash dump kernel must be compiled + to a memory address not used by the main kernel or BIOS using + PHYSICAL_START. + For more details see Documentation/kdump/kdump.txt config PHYSICAL_START hex "Physical address where the kernel is loaded" if (EMBEDDED || CRASH_DUMP) -- cgit v1.1 From b62a5c740df1e3d49a97349fce0c6a23f633d7fe Mon Sep 17 00:00:00 2001 From: Arjan van de Ven Date: Tue, 26 Sep 2006 10:52:38 +0200 Subject: [PATCH] Add the Kconfig option for the stackprotector feature This patch adds the config options for -fstack-protector. Signed-off-by: Arjan van de Ven Signed-off-by: Ingo Molnar Signed-off-by: Andi Kleen CC: Andi Kleen --- arch/x86_64/Kconfig | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'arch/x86_64/Kconfig') diff --git a/arch/x86_64/Kconfig b/arch/x86_64/Kconfig index 927b392..0c61d00 100644 --- a/arch/x86_64/Kconfig +++ b/arch/x86_64/Kconfig @@ -533,6 +533,30 @@ config SECCOMP If unsure, say Y. Only embedded should say N here. +config CC_STACKPROTECTOR + bool "Enable -fstack-protector buffer overflow detection (EXPRIMENTAL)" + depends on EXPERIMENTAL + help + This option turns on the -fstack-protector GCC feature. This + feature puts, at the beginning of critical functions, a canary + value on the stack just before the return address, and validates + the value just before actually returning. Stack based buffer + overflows (that need to overwrite this return address) now also + overwrite the canary, which gets detected and the attack is then + neutralized via a kernel panic. + + This feature requires gcc version 4.2 or above, or a distribution + gcc with the feature backported. Older versions are automatically + detected and for those versions, this configuration option is ignored. + +config CC_STACKPROTECTOR_ALL + bool "Use stack-protector for all functions" + depends on CC_STACKPROTECTOR + help + Normally, GCC only inserts the canary value protection for + functions that use large-ish on-stack buffers. By enabling + this option, GCC will be asked to do this for ALL functions. + source kernel/Kconfig.hz config REORDER -- cgit v1.1 From 1c9c0a6ca35e9325cea811d734d6ab7352be086b Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Tue, 26 Sep 2006 10:52:40 +0200 Subject: [PATCH] Remove experimental mark of kexec kexec has been marked experimental for a year now and all of the serious problems have been worked through. So it is time (if not past time) to remove the experimental mark. Signed-off-by: Eric W. Biederman Signed-off-by: Andi Kleen --- arch/x86_64/Kconfig | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'arch/x86_64/Kconfig') diff --git a/arch/x86_64/Kconfig b/arch/x86_64/Kconfig index 0c61d00..1f42126 100644 --- a/arch/x86_64/Kconfig +++ b/arch/x86_64/Kconfig @@ -468,8 +468,7 @@ config X86_MCE_AMD the DRAM Error Threshold. config KEXEC - bool "kexec system call (EXPERIMENTAL)" - depends on EXPERIMENTAL + bool "kexec system call" help kexec is a system call that implements the ability to shutdown your current kernel, and to start another kernel. It is like a reboot -- cgit v1.1 From f157cbb1eb9ce3f33a401ec6d20eb3eb852351a3 Mon Sep 17 00:00:00 2001 From: Andi Kleen Date: Tue, 26 Sep 2006 10:52:41 +0200 Subject: [PATCH] i386/x86-64: Make all early PCI scans dependent on CONFIG_PCI This is useful on systems with broken PCI bus. Affects various scans in x86-64 and i386's early ACPI quirk scan. Cc: gregkh@suse.de Cc: len.brown@intel.com Cc: Trammell Hudson Signed-off-by: Andi Kleen --- arch/x86_64/Kconfig | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'arch/x86_64/Kconfig') diff --git a/arch/x86_64/Kconfig b/arch/x86_64/Kconfig index 1f42126..c2c68b9 100644 --- a/arch/x86_64/Kconfig +++ b/arch/x86_64/Kconfig @@ -105,6 +105,7 @@ config X86_PC config X86_VSMP bool "Support for ScaleMP vSMP" + depends on PCI help Support for ScaleMP vSMP systems. Say 'Y' here if this kernel is supposed to run on these EM64T-based machines. Only choose this option @@ -291,7 +292,7 @@ config NUMA config K8_NUMA bool "Old style AMD Opteron NUMA detection" - depends on NUMA + depends on NUMA && PCI default y help Enable K8 NUMA node topology detection. You should say Y here if -- cgit v1.1 From 3f75f42d7733e73aca5c78326489efd4189e0111 Mon Sep 17 00:00:00 2001 From: Andi Kleen Date: Tue, 26 Sep 2006 10:52:42 +0200 Subject: [PATCH] Don't set calgary iommu as default y Most systems don't need it. Signed-off-by: Andi Kleen --- arch/x86_64/Kconfig | 1 - 1 file changed, 1 deletion(-) (limited to 'arch/x86_64/Kconfig') diff --git a/arch/x86_64/Kconfig b/arch/x86_64/Kconfig index c2c68b9..294bf77 100644 --- a/arch/x86_64/Kconfig +++ b/arch/x86_64/Kconfig @@ -422,7 +422,6 @@ config IOMMU config CALGARY_IOMMU bool "IBM Calgary IOMMU support" - default y select SWIOTLB depends on PCI && EXPERIMENTAL help -- cgit v1.1