mirror of
https://github.com/torvalds/linux.git
synced 2024-11-16 00:52:01 +00:00
1d54cf2b97
As described in the help text in the patch, this token restricts general access to /dev/mem as a way of increasing the security. Specifically, access to exclusive IOMEM and kernel RAM is denied unless CONFIG_STRICT_DEVMEM is set to 'n'. Implement the 'devmem_is_allowed()' interface for Powerpc. It will be called from range_is_allowed() when userpsace attempts to access /dev/mem. This patch is based on an earlier patch from Steve Best and with input from Paul Mackerras and Scott Wood. [BenH] Fixed a typo or two and removed the generic change which should be submitted as a separate patch Signed-off-by: Sukadev Bhattiprolu <sukadev@linux.vnet.ibm.com> Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
352 lines
10 KiB
Plaintext
352 lines
10 KiB
Plaintext
menu "Kernel hacking"
|
|
|
|
source "lib/Kconfig.debug"
|
|
|
|
config PPC_DISABLE_WERROR
|
|
bool "Don't build arch/powerpc code with -Werror"
|
|
default n
|
|
help
|
|
This option tells the compiler NOT to build the code under
|
|
arch/powerpc with the -Werror flag (which means warnings
|
|
are treated as errors).
|
|
|
|
Only enable this if you are hitting a build failure in the
|
|
arch/powerpc code caused by a warning, and you don't feel
|
|
inclined to fix it.
|
|
|
|
config PPC_WERROR
|
|
bool
|
|
depends on !PPC_DISABLE_WERROR
|
|
default y
|
|
|
|
config PRINT_STACK_DEPTH
|
|
int "Stack depth to print" if DEBUG_KERNEL
|
|
default 64
|
|
help
|
|
This option allows you to set the stack depth that the kernel
|
|
prints in stack traces. This can be useful if your display is
|
|
too small and stack traces cause important information to
|
|
scroll off the screen.
|
|
|
|
config DEBUG_STACKOVERFLOW
|
|
bool "Check for stack overflows"
|
|
depends on DEBUG_KERNEL
|
|
help
|
|
This option will cause messages to be printed if free stack space
|
|
drops below a certain limit.
|
|
|
|
config HCALL_STATS
|
|
bool "Hypervisor call instrumentation"
|
|
depends on PPC_PSERIES && DEBUG_FS && TRACEPOINTS
|
|
help
|
|
Adds code to keep track of the number of hypervisor calls made and
|
|
the amount of time spent in hypervisor calls. Wall time spent in
|
|
each call is always calculated, and if available CPU cycles spent
|
|
are also calculated. A directory named hcall_inst is added at the
|
|
root of the debugfs filesystem. Within the hcall_inst directory
|
|
are files that contain CPU specific call statistics.
|
|
|
|
This option will add a small amount of overhead to all hypervisor
|
|
calls.
|
|
|
|
config PPC_EMULATED_STATS
|
|
bool "Emulated instructions tracking"
|
|
depends on DEBUG_FS
|
|
help
|
|
Adds code to keep track of the number of instructions that are
|
|
emulated by the in-kernel emulator. Counters for the various classes
|
|
of emulated instructions are available under
|
|
powerpc/emulated_instructions/ in the root of the debugfs file
|
|
system. Optionally (controlled by
|
|
powerpc/emulated_instructions/do_warn in debugfs), rate-limited
|
|
warnings can be printed to the console when instructions are
|
|
emulated.
|
|
|
|
config CODE_PATCHING_SELFTEST
|
|
bool "Run self-tests of the code-patching code."
|
|
depends on DEBUG_KERNEL
|
|
default n
|
|
|
|
config FTR_FIXUP_SELFTEST
|
|
bool "Run self-tests of the feature-fixup code."
|
|
depends on DEBUG_KERNEL
|
|
default n
|
|
|
|
config MSI_BITMAP_SELFTEST
|
|
bool "Run self-tests of the MSI bitmap code."
|
|
depends on DEBUG_KERNEL
|
|
default n
|
|
|
|
config XMON
|
|
bool "Include xmon kernel debugger"
|
|
depends on DEBUG_KERNEL
|
|
help
|
|
Include in-kernel hooks for the xmon kernel monitor/debugger.
|
|
Unless you are intending to debug the kernel, say N here.
|
|
Make sure to enable also CONFIG_BOOTX_TEXT on Macs. Otherwise
|
|
nothing will appear on the screen (xmon writes directly to the
|
|
framebuffer memory).
|
|
The cmdline option 'xmon' or 'xmon=early' will drop into xmon
|
|
very early during boot. 'xmon=on' will just enable the xmon
|
|
debugger hooks. 'xmon=off' will disable the debugger hooks
|
|
if CONFIG_XMON_DEFAULT is set.
|
|
xmon will print a backtrace on the very first invocation.
|
|
'xmon=nobt' will disable this autobacktrace.
|
|
|
|
config XMON_DEFAULT
|
|
bool "Enable xmon by default"
|
|
depends on XMON
|
|
help
|
|
xmon is normally disabled unless booted with 'xmon=on'.
|
|
Use 'xmon=off' to disable xmon init during runtime.
|
|
|
|
config XMON_DISASSEMBLY
|
|
bool "Include disassembly support in xmon"
|
|
depends on XMON
|
|
default y
|
|
help
|
|
Include support for disassembling in xmon. You probably want
|
|
to say Y here, unless you're building for a memory-constrained
|
|
system.
|
|
|
|
config DEBUGGER
|
|
bool
|
|
depends on KGDB || XMON
|
|
default y
|
|
|
|
config VIRQ_DEBUG
|
|
bool "Expose hardware/virtual IRQ mapping via debugfs"
|
|
depends on DEBUG_FS
|
|
help
|
|
This option will show the mapping relationship between hardware irq
|
|
numbers and virtual irq numbers. The mapping is exposed via debugfs
|
|
in the file powerpc/virq_mapping.
|
|
|
|
If you don't know what this means you don't need it.
|
|
|
|
config BDI_SWITCH
|
|
bool "Include BDI-2000 user context switcher"
|
|
depends on DEBUG_KERNEL && PPC32
|
|
help
|
|
Include in-kernel support for the Abatron BDI2000 debugger.
|
|
Unless you are intending to debug the kernel with one of these
|
|
machines, say N here.
|
|
|
|
config BOOTX_TEXT
|
|
bool "Support for early boot text console (BootX or OpenFirmware only)"
|
|
depends on PPC_OF && PPC_BOOK3S
|
|
help
|
|
Say Y here to see progress messages from the boot firmware in text
|
|
mode. Requires either BootX or Open Firmware.
|
|
|
|
config PPC_EARLY_DEBUG
|
|
bool "Early debugging (dangerous)"
|
|
help
|
|
Say Y to enable some early debugging facilities that may be available
|
|
for your processor/board combination. Those facilities are hacks
|
|
intended to debug problems early during boot, this should not be
|
|
enabled in a production kernel.
|
|
Note that enabling this will also cause the kernel default log level
|
|
to be pushed to max automatically very early during boot
|
|
|
|
choice
|
|
prompt "Early debugging console"
|
|
depends on PPC_EARLY_DEBUG
|
|
help
|
|
Use the selected console for early debugging. Careful, if you
|
|
enable debugging for the wrong type of machine your kernel
|
|
_will not boot_.
|
|
|
|
config PPC_EARLY_DEBUG_LPAR
|
|
bool "LPAR HV Console"
|
|
depends on PPC_PSERIES
|
|
help
|
|
Select this to enable early debugging for a machine with a HVC
|
|
console on vterm 0.
|
|
|
|
config PPC_EARLY_DEBUG_LPAR_HVSI
|
|
bool "LPAR HVSI Console"
|
|
depends on PPC_PSERIES
|
|
help
|
|
Select this to enable early debugging for a machine with a HVSI
|
|
console on a specified vterm.
|
|
|
|
config PPC_EARLY_DEBUG_G5
|
|
bool "Apple G5"
|
|
depends on PPC_PMAC64
|
|
help
|
|
Select this to enable early debugging for Apple G5 machines.
|
|
|
|
config PPC_EARLY_DEBUG_RTAS_PANEL
|
|
bool "RTAS Panel"
|
|
depends on PPC_RTAS
|
|
help
|
|
Select this to enable early debugging via the RTAS panel.
|
|
|
|
config PPC_EARLY_DEBUG_RTAS_CONSOLE
|
|
bool "RTAS Console"
|
|
depends on PPC_RTAS
|
|
select UDBG_RTAS_CONSOLE
|
|
help
|
|
Select this to enable early debugging via the RTAS console.
|
|
|
|
config PPC_EARLY_DEBUG_MAPLE
|
|
bool "Maple real mode"
|
|
depends on PPC_MAPLE
|
|
help
|
|
Select this to enable early debugging for Maple.
|
|
|
|
config PPC_EARLY_DEBUG_ISERIES
|
|
bool "iSeries HV Console"
|
|
depends on PPC_ISERIES
|
|
help
|
|
Select this to enable early debugging for legacy iSeries. You need
|
|
to hit "Ctrl-x Ctrl-x" to see the messages on the console.
|
|
|
|
config PPC_EARLY_DEBUG_PAS_REALMODE
|
|
bool "PA Semi real mode"
|
|
depends on PPC_PASEMI
|
|
help
|
|
Select this to enable early debugging for PA Semi.
|
|
Output will be on UART0.
|
|
|
|
config PPC_EARLY_DEBUG_BEAT
|
|
bool "Beat HV Console"
|
|
depends on PPC_CELLEB
|
|
select PPC_UDBG_BEAT
|
|
help
|
|
Select this to enable early debugging for Celleb with Beat.
|
|
|
|
config PPC_EARLY_DEBUG_44x
|
|
bool "Early serial debugging for IBM/AMCC 44x CPUs"
|
|
# PPC_EARLY_DEBUG on 440 leaves AS=1 mappings above the TLB high water
|
|
# mark, which doesn't work with current 440 KVM.
|
|
depends on 44x && !KVM
|
|
help
|
|
Select this to enable early debugging for IBM 44x chips via the
|
|
inbuilt serial port. If you enable this, ensure you set
|
|
PPC_EARLY_DEBUG_44x_PHYSLOW below to suit your target board.
|
|
|
|
config PPC_EARLY_DEBUG_40x
|
|
bool "Early serial debugging for IBM/AMCC 40x CPUs"
|
|
depends on 40x
|
|
help
|
|
Select this to enable early debugging for IBM 40x chips via the
|
|
inbuilt serial port. This works on chips with a 16550 compatible
|
|
UART. Xilinx chips with uartlite cannot use this option.
|
|
|
|
config PPC_EARLY_DEBUG_CPM
|
|
bool "Early serial debugging for Freescale CPM-based serial ports"
|
|
depends on SERIAL_CPM
|
|
select PIN_TLB if PPC_8xx
|
|
help
|
|
Select this to enable early debugging for Freescale chips
|
|
using a CPM-based serial port. This assumes that the bootwrapper
|
|
has run, and set up the CPM in a particular way.
|
|
|
|
config PPC_EARLY_DEBUG_USBGECKO
|
|
bool "Early debugging through the USB Gecko adapter"
|
|
depends on GAMECUBE_COMMON
|
|
select USBGECKO_UDBG
|
|
help
|
|
Select this to enable early debugging for Nintendo GameCube/Wii
|
|
consoles via an external USB Gecko adapter.
|
|
|
|
config PPC_EARLY_DEBUG_WSP
|
|
bool "Early debugging via WSP's internal UART"
|
|
depends on PPC_WSP
|
|
select PPC_UDBG_16550
|
|
|
|
config PPC_EARLY_DEBUG_PS3GELIC
|
|
bool "Early debugging through the PS3 Ethernet port"
|
|
depends on PPC_PS3
|
|
select PS3GELIC_UDBG
|
|
help
|
|
Select this to enable early debugging for the PlayStation3 via
|
|
UDP broadcasts sent out through the Ethernet port.
|
|
|
|
config PPC_EARLY_DEBUG_OPAL_RAW
|
|
bool "OPAL raw console"
|
|
depends on HVC_OPAL
|
|
help
|
|
Select this to enable early debugging for the PowerNV platform
|
|
using a "raw" console
|
|
|
|
config PPC_EARLY_DEBUG_OPAL_HVSI
|
|
bool "OPAL hvsi console"
|
|
depends on HVC_OPAL
|
|
help
|
|
Select this to enable early debugging for the PowerNV platform
|
|
using an "hvsi" console
|
|
|
|
endchoice
|
|
|
|
config PPC_EARLY_DEBUG_OPAL
|
|
def_bool y
|
|
depends on PPC_EARLY_DEBUG_OPAL_RAW || PPC_EARLY_DEBUG_OPAL_HVSI
|
|
|
|
|
|
config PPC_EARLY_DEBUG_HVSI_VTERMNO
|
|
hex "vterm number to use with early debug HVSI"
|
|
depends on PPC_EARLY_DEBUG_LPAR_HVSI
|
|
default "0x30000000"
|
|
help
|
|
You probably want 0x30000000 for your first serial port and
|
|
0x30000001 for your second one
|
|
|
|
config PPC_EARLY_DEBUG_OPAL_VTERMNO
|
|
hex "vterm number to use with OPAL early debug"
|
|
depends on PPC_EARLY_DEBUG_OPAL
|
|
default "0"
|
|
help
|
|
This correspond to which /dev/hvcN you want to use for early
|
|
debug.
|
|
|
|
On OPAL v1 (takeover) this should always be 0
|
|
On OPAL v2, this will be 0 for network console and 1 or 2 for
|
|
the machine built-in serial ports.
|
|
|
|
config PPC_EARLY_DEBUG_44x_PHYSLOW
|
|
hex "Low 32 bits of early debug UART physical address"
|
|
depends on PPC_EARLY_DEBUG_44x
|
|
default "0x40000200"
|
|
help
|
|
You probably want 0x40000200 for ebony boards and
|
|
0x40000300 for taishan
|
|
|
|
config PPC_EARLY_DEBUG_44x_PHYSHIGH
|
|
hex "EPRN of early debug UART physical address"
|
|
depends on PPC_EARLY_DEBUG_44x
|
|
default "0x1"
|
|
|
|
config PPC_EARLY_DEBUG_40x_PHYSADDR
|
|
hex "Early debug UART physical address"
|
|
depends on PPC_EARLY_DEBUG_40x
|
|
default "0xef600300"
|
|
|
|
config PPC_EARLY_DEBUG_CPM_ADDR
|
|
hex "CPM UART early debug transmit descriptor address"
|
|
depends on PPC_EARLY_DEBUG_CPM
|
|
default "0xfa202008" if PPC_EP88XC
|
|
default "0xf0001ff8" if CPM2
|
|
default "0xff002008" if CPM1
|
|
help
|
|
This specifies the address of the transmit descriptor
|
|
used for early debug output. Because it is needed before
|
|
platform probing is done, all platforms selected must
|
|
share the same address.
|
|
|
|
config STRICT_DEVMEM
|
|
def_bool y
|
|
prompt "Filter access to /dev/mem"
|
|
help
|
|
This option restricts access to /dev/mem. If this option is
|
|
disabled, you allow userspace access to all memory, including
|
|
kernel and userspace memory. Accidental memory access is likely
|
|
to be disastrous.
|
|
Memory access is required for experts who want to debug the kernel.
|
|
|
|
If you are unsure, say Y.
|
|
|
|
endmenu
|