pandora: defconfig: update

[pandora-kernel.git] / arch / x86 / Kconfig

diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index 9a42703..58d02a7 100644 (file)
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -73,8 +73,11 @@ config X86
        select IRQ_FORCED_THREADING
        select USE_GENERIC_SMP_HELPERS if SMP
        select HAVE_BPF_JIT if (X86_64 && NET)
+       select HAVE_ARCH_TRANSPARENT_HUGEPAGE
        select CLKEVT_I8253
        select ARCH_HAVE_NMI_SAFE_CMPXCHG
+       select GENERIC_CPU_VULNERABILITIES
+       select ARCH_SUPPORTS_ATOMIC_RMW
 
 config INSTRUCTION_DECODER
        def_bool (KPROBES || PERF_EVENTS)
@@ -132,7 +135,8 @@ config SBUS
        bool
 
 config NEED_DMA_MAP_STATE
-       def_bool (X86_64 || INTEL_IOMMU || DMA_API_DEBUG)
+       def_bool y
+       depends on X86_64 || INTEL_IOMMU || DMA_API_DEBUG || SWIOTLB
 
 config NEED_SG_DMA_LENGTH
        def_bool y
@@ -309,6 +313,19 @@ config X86_BIGSMP
        ---help---
          This option is needed for the systems that have more than 8 CPUs
 
+config RETPOLINE
+       bool "Avoid speculative indirect branches in kernel"
+       default y
+       help
+         Compile kernel with the retpoline compiler options to guard against
+         kernel-to-user data leaks by avoiding speculative indirect
+         branches. Requires a compiler with -mindirect-branch=thunk-extern
+         support for full protection. The kernel may run slower.
+
+         Without compiler support, at least indirect branches in assembler
+         code are eliminated. Since this includes the syscall entry path,
+         it is not entirely pointless.
+
 if X86_32
 config X86_EXTENDED_PLATFORM
        bool "Support for extended (non-PC) x86 platforms"
@@ -895,10 +912,27 @@ config VM86
        default y
        depends on X86_32
        ---help---
-         This option is required by programs like DOSEMU to run 16-bit legacy
-         code on X86 processors. It also may be needed by software like
-         XFree86 to initialize some video cards via BIOS. Disabling this
-         option saves about 6k.
+         This option is required by programs like DOSEMU to run
+         16-bit real mode legacy code on x86 processors. It also may
+         be needed by software like XFree86 to initialize some video
+         cards via BIOS. Disabling this option saves about 6K.
+
+config X86_16BIT
+       bool "Enable support for 16-bit segments" if EXPERT
+       default y
+       ---help---
+         This option is required by programs like Wine to run 16-bit
+         protected mode legacy code on x86 processors.  Disabling
+         this option saves about 300 bytes on i386, or around 6K text
+         plus 16K runtime memory on x86-64,
+
+config X86_ESPFIX32
+       def_bool y
+       depends on X86_16BIT && X86_32
+
+config X86_ESPFIX64
+       def_bool y
+       depends on X86_16BIT && X86_64
 
 config TOSHIBA
        tristate "Toshiba Laptop support"
@@ -2120,6 +2154,7 @@ source "fs/Kconfig.binfmt"
 config IA32_EMULATION
        bool "IA32 Emulation"
        depends on X86_64
+       select BINFMT_ELF
        select COMPAT_BINFMT_ELF
        ---help---
          Include code to run 32-bit programs under a 64-bit kernel. You should