diff options
| author | Ross Zwisler <ross.zwisler@linux.intel.com> | 2018-02-03 00:26:26 -0700 |
|---|---|---|
| committer | Ross Zwisler <ross.zwisler@linux.intel.com> | 2018-02-03 00:26:26 -0700 |
| commit | ee95f4059a833839bf52972191b2d4c3d3cec552 (patch) | |
| tree | a1c8587d9b82e64a75dde376a90a3d69b0f4847a /arch/x86/Kconfig | |
| parent | d121f07691415df824e6b60520f782f6d13b3c81 (diff) | |
| parent | f81e1d35a6e36d30888c46283b8dd1022e847124 (diff) | |
Merge branch 'for-4.16/nfit' into libnvdimm-for-next
Diffstat (limited to 'arch/x86/Kconfig')
| -rw-r--r-- | arch/x86/Kconfig | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index d4fc98c50378..20da391b5f32 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -55,7 +55,6 @@ config X86 select ARCH_HAS_GCOV_PROFILE_ALL select ARCH_HAS_KCOV if X86_64 select ARCH_HAS_PMEM_API if X86_64 - # Causing hangs/crashes, see the commit that added this change for details. select ARCH_HAS_REFCOUNT select ARCH_HAS_UACCESS_FLUSHCACHE if X86_64 select ARCH_HAS_SET_MEMORY @@ -89,6 +88,7 @@ config X86 select GENERIC_CLOCKEVENTS_MIN_ADJUST select GENERIC_CMOS_UPDATE select GENERIC_CPU_AUTOPROBE + select GENERIC_CPU_VULNERABILITIES select GENERIC_EARLY_IOREMAP select GENERIC_FIND_FIRST_BIT select GENERIC_IOMAP @@ -429,6 +429,19 @@ config GOLDFISH def_bool y depends on X86_GOLDFISH +config RETPOLINE + bool "Avoid speculative indirect branches in kernel" + default y + help + Compile kernel with the retpoline compiler options to guard against + kernel-to-user data leaks by avoiding speculative indirect + branches. Requires a compiler with -mindirect-branch=thunk-extern + support for full protection. The kernel may run slower. + + Without compiler support, at least indirect branches in assembler + code are eliminated. Since this includes the syscall entry path, + it is not entirely pointless. + config INTEL_RDT bool "Intel Resource Director Technology support" default n |