summaryrefslogtreecommitdiffstats
path: root/arch/arm64/Kconfig.debug
blob: 0a12933e50edaef727d67e5f678f779418ea24b4 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
menu "Kernel hacking"

source "lib/Kconfig.debug"

config FRAME_POINTER
	bool
	default y

config STRICT_DEVMEM
	bool "Filter access to /dev/mem"
	depends on MMU
	help
	  If this option is disabled, you allow userspace (root) access to all
	  of memory, including kernel and userspace memory. Accidental
	  access to this is obviously disastrous, but specific access can
	  be used by people debugging the kernel.

	  If this option is switched on, the /dev/mem file only allows
	  userspace access to memory mapped peripherals.

	  If in doubt, say Y.

config PID_IN_CONTEXTIDR
	bool "Write the current PID to the CONTEXTIDR register"
	help
	  Enabling this option causes the kernel to write the current PID to
	  the CONTEXTIDR register, at the expense of some additional
	  instructions during context switch. Say Y here only if you are
	  planning to use hardware trace tools with this kernel.

config ARM64_RANDOMIZE_TEXT_OFFSET
	bool "Randomize TEXT_OFFSET at build time"
	help
	  Say Y here if you want the image load offset (AKA TEXT_OFFSET)
	  of the kernel to be randomized at build-time. When selected,
	  this option will cause TEXT_OFFSET to be randomized upon any
	  build of the kernel, and the offset will be reflected in the
	  text_offset field of the resulting Image. This can be used to
	  fuzz-test bootloaders which respect text_offset.

	  This option is intended for bootloader and/or kernel testing
	  only. Bootloaders must make no assumptions regarding the value
	  of TEXT_OFFSET and platforms must not require a specific
	  value.

config DEBUG_SET_MODULE_RONX
        bool "Set loadable kernel module data as NX and text as RO"
        depends on MODULES
        help
          This option helps catch unintended modifications to loadable
          kernel module's text and read-only data. It also prevents execution
          of module data. Such protection may interfere with run-time code
          patching and dynamic kernel tracing - and they might also protect
          against certain classes of kernel exploits.
          If in doubt, say "N".

endmenu