| menu "Kernel hacking" |
| |
| source "lib/Kconfig.debug" |
| |
| config FRAME_POINTER |
| bool |
| default y |
| |
| config STRICT_DEVMEM |
| bool "Filter access to /dev/mem" |
| depends on MMU |
| help |
| If this option is disabled, you allow userspace (root) access to all |
| of memory, including kernel and userspace memory. Accidental |
| access to this is obviously disastrous, but specific access can |
| be used by people debugging the kernel. |
| |
| If this option is switched on, the /dev/mem file only allows |
| userspace access to memory mapped peripherals. |
| |
| If in doubt, say Y. |
| |
| config PID_IN_CONTEXTIDR |
| bool "Write the current PID to the CONTEXTIDR register" |
| help |
| Enabling this option causes the kernel to write the current PID to |
| the CONTEXTIDR register, at the expense of some additional |
| instructions during context switch. Say Y here only if you are |
| planning to use hardware trace tools with this kernel. |
| |
| config ARM64_RANDOMIZE_TEXT_OFFSET |
| bool "Randomize TEXT_OFFSET at build time" |
| help |
| Say Y here if you want the image load offset (AKA TEXT_OFFSET) |
| of the kernel to be randomized at build-time. When selected, |
| this option will cause TEXT_OFFSET to be randomized upon any |
| build of the kernel, and the offset will be reflected in the |
| text_offset field of the resulting Image. This can be used to |
| fuzz-test bootloaders which respect text_offset. |
| |
| This option is intended for bootloader and/or kernel testing |
| only. Bootloaders must make no assumptions regarding the value |
| of TEXT_OFFSET and platforms must not require a specific |
| value. |
| |
| config DEBUG_SET_MODULE_RONX |
| bool "Set loadable kernel module data as NX and text as RO" |
| depends on MODULES |
| help |
| This option helps catch unintended modifications to loadable |
| kernel module's text and read-only data. It also prevents execution |
| of module data. Such protection may interfere with run-time code |
| patching and dynamic kernel tracing - and they might also protect |
| against certain classes of kernel exploits. |
| If in doubt, say "N". |
| |
| endmenu |