Kconfig

	prompt "Enable seccomp to safely compute untrusted bytecode"
	depends on PROC_FS
	help
	  This kernel feature is useful for number crunching applications
	  that may need to compute untrusted bytecode during their
	  execution. By using pipes or other transports made available to
	  the process as file descriptors supporting the read/write
	  syscalls, it's possible to isolate those applications in
	  their own address space using seccomp. Once seccomp is
	  enabled via /proc/<pid>/seccomp, it cannot be disabled
	  and the task is only allowed to execute a few safe syscalls
	  defined by each seccomp mode.

	  If unsure, say Y. Only embedded should say N here.

config CC_STACKPROTECTOR
	bool "Enable -fstack-protector buffer overflow detection (EXPERIMENTAL)"
	depends on X86_64 && EXPERIMENTAL
	help
         This option turns on the -fstack-protector GCC feature. This
	  feature puts, at the beginning of critical functions, a canary
	  value on the stack just before the return address, and validates
	  the value just before actually returning.  Stack based buffer
	  overflows (that need to overwrite this return address) now also
	  overwrite the canary, which gets detected and the attack is then
	  neutralized via a kernel panic.

	  This feature requires gcc version 4.2 or above, or a distribution
	  gcc with the feature backported. Older versions are automatically
	  detected and for those versions, this configuration option is ignored.

config CC_STACKPROTECTOR_ALL
	bool "Use stack-protector for all functions"
	depends on CC_STACKPROTECTOR
	help
	  Normally, GCC only inserts the canary value protection for
	  functions that use large-ish on-stack buffers. By enabling
	  this option, GCC will be asked to do this for ALL functions.

source kernel/Kconfig.hz

config KEXEC
	bool "kexec system call"
	help
	  kexec is a system call that implements the ability to shutdown your
	  current kernel, and to start another kernel.  It is like a reboot
	  but it is independent of the system firmware.   And like a reboot
	  you can start any kernel with it, not just Linux.

	  The name comes from the similarity to the exec system call.

	  It is an ongoing process to be certain the hardware in a machine
	  is properly shutdown, so do not be surprised if this code does not
	  initially work for you.  It may help to enable device hotplugging
	  support.  As of this writing the exact hardware interface is
	  strongly in flux, so no good recommendation can be made.

config CRASH_DUMP
	bool "kernel crash dumps (EXPERIMENTAL)"
	depends on EXPERIMENTAL
	depends on X86_64 || (X86_32 && HIGHMEM)
	help
	  Generate crash dump after being started by kexec.
	  This should be normally only set in special crash dump kernels
	  which are loaded in the main kernel with kexec-tools into
	  a specially reserved region and then later executed after
	  a crash by kdump/kexec. The crash dump kernel must be compiled
	  to a memory address not used by the main kernel or BIOS using
	  PHYSICAL_START, or it must be built as a relocatable image
	  (CONFIG_RELOCATABLE=y).
	  For more details see Documentation/kdump/kdump.txt

config PHYSICAL_START
	hex "Physical address where the kernel is loaded" if (EMBEDDED || CRASH_DUMP)
	default "0x1000000" if X86_NUMAQ
	default "0x200000" if X86_64
	default "0x100000"
	help
	  This gives the physical address where the kernel is loaded.

	  If kernel is a not relocatable (CONFIG_RELOCATABLE=n) then
	  bzImage will decompress itself to above physical address and
	  run from there. Otherwise, bzImage will run from the address where
	  it has been loaded by the boot loader and will ignore above physical
	  address.

	  In normal kdump cases one does not have to set/change this option
	  as now bzImage can be compiled as a completely relocatable image
	  (CONFIG_RELOCATABLE=y) and be used to load and run from a different
	  address. This option is mainly useful for the folks who don't want
	  to use a bzImage for capturing the crash dump and want to use a
	  vmlinux instead. vmlinux is not relocatable hence a kernel needs
	  to be specifically compiled to run from a specific memory area
	  (normally a reserved region) and this option comes handy.

	  So if you are using bzImage for capturing the crash dump, leave
	  the value here unchanged to 0x100000 and set CONFIG_RELOCATABLE=y.
	  Otherwise if you plan to use vmlinux for capturing the crash dump
	  change this value to start of the reserved region (Typically 16MB
	  0x1000000). In other words, it can be set based on the "X" value as
	  specified in the "crashkernel=YM@XM" command line boot parameter
	  passed to the panic-ed kernel. Typically this parameter is set as
	  crashkernel=64M@16M. Please take a look at
	  Documentation/kdump/kdump.txt for more details about crash dumps.

	  Usage of bzImage for capturing the crash dump is recommended as
	  one does not have to build two kernels. Same kernel can be used
	  as production kernel and capture kernel. Above option should have
	  gone away after relocatable bzImage support is introduced. But it
	  is present because there are users out there who continue to use
	  vmlinux for dump capture. This option should go away down the
	  line.

	  Don't change this unless you know what you are doing.

config RELOCATABLE
	bool "Build a relocatable kernel (EXPERIMENTAL)"
	depends on EXPERIMENTAL
	help
	  This builds a kernel image that retains relocation information
	  so it can be loaded someplace besides the default 1MB.
	  The relocations tend to make the kernel binary about 10% larger,
	  but are discarded at runtime.

	  One use is for the kexec on panic case where the recovery kernel
	  must live at a different physical address than the primary
	  kernel.

	  Note: If CONFIG_RELOCATABLE=y, then the kernel runs from the address
	  it has been loaded at and the compile time physical address
	  (CONFIG_PHYSICAL_START) is ignored.

config PHYSICAL_ALIGN
	hex
	prompt "Alignment value to which kernel should be aligned" if X86_32
	default "0x100000" if X86_32
	default "0x200000" if X86_64
	range 0x2000 0x400000
	help
	  This value puts the alignment restrictions on physical address
	  where kernel is loaded and run from. Kernel is compiled for an
	  address which meets above alignment restriction.

	  If bootloader loads the kernel at a non-aligned address and
	  CONFIG_RELOCATABLE is set, kernel will move itself to nearest
	  address aligned to above value and run from there.

	  If bootloader loads the kernel at a non-aligned address and
	  CONFIG_RELOCATABLE is not set, kernel will ignore the run time
	  load address and decompress itself to the address it has been
	  compiled for and run from there. The address for which kernel is
	  compiled already meets above alignment restrictions. Hence the
	  end result is that kernel runs from a physical address meeting
	  above alignment restrictions.

	  Don't change this unless you know what you are doing.

config HOTPLUG_CPU
	bool "Support for suspend on SMP and hot-pluggable CPUs (EXPERIMENTAL)"
	depends on SMP && HOTPLUG && EXPERIMENTAL && !X86_VOYAGER
	---help---
	  Say Y here to experiment with turning CPUs off and on, and to
	  enable suspend on SMP systems. CPUs can be controlled through
	  /sys/devices/system/cpu.
	  Say N if you want to disable CPU hotplug and don't need to
	  suspend.

config COMPAT_VDSO
	def_bool y
	prompt "Compat VDSO support"
	depends on X86_32 || IA32_EMULATION
	help
	  Map the 32-bit VDSO to the predictable old-style address too.
	---help---
	  Say N here if you are running a sufficiently recent glibc
	  version (2.3.3 or later), to remove the high-mapped
	  VDSO mapping and to exclusively use the randomized VDSO.

	  If unsure, say Y.

endmenu

config ARCH_ENABLE_MEMORY_HOTPLUG
	def_bool y
	depends on X86_64 || (X86_32 && HIGHMEM)

config HAVE_ARCH_EARLY_PFN_TO_NID
	def_bool X86_64
	depends on NUMA

menu "Power management options"
	depends on !X86_VOYAGER

config ARCH_HIBERNATION_HEADER
	def_bool y
	depends on X86_64 && HIBERNATION

source "kernel/power/Kconfig"

source "drivers/acpi/Kconfig"

menuconfig APM
	tristate "APM (Advanced Power Management) BIOS support"
	depends on X86_32 && PM_SLEEP && !X86_VISWS
	---help---
	  APM is a BIOS specification for saving power using several different
	  techniques. This is mostly useful for battery powered laptops with
	  APM compliant BIOSes. If you say Y here, the system time will be
	  reset after a RESUME operation, the /proc/apm device will provide
	  battery status information, and user-space programs will receive
	  notification of APM "events" (e.g. battery status change).

	  If you select "Y" here, you can disable actual use of the APM
	  BIOS by passing the "apm=off" option to the kernel at boot time.

	  Note that the APM support is almost completely disabled for
	  machines with more than one CPU.

	  In order to use APM, you will need supporting software. For location
	  and more information, read <file:Documentation/pm.txt> and the
	  Battery Powered Linux mini-HOWTO, available from
	  <http://www.tldp.org/docs.html#howto>.

	  This driver does not spin down disk drives (see the hdparm(8)
	  manpage ("man 8 hdparm") for that), and it doesn't turn off
	  VESA-compliant "green" monitors.

	  This driver does not support the TI 4000M TravelMate and the ACER
	  486/DX4/75 because they don't have compliant BIOSes. Many "green"
	  desktop machines also don't have compliant BIOSes, and this driver
	  may cause those machines to panic during the boot phase.

	  Generally, if you don't have a battery in your machine, there isn't
	  much point in using this driver and you should say N. If you get
	  random kernel OOPSes or reboots that don't seem to be related to
	  anything, try disabling/enabling this option (or disabling/enabling
	  APM in your BIOS).

	  Some other things you should try when experiencing seemingly random,
	  "weird" problems:

	  1) make sure that you have enough swap space and that it is
	  enabled.
	  2) pass the "no-hlt" option to the kernel
	  3) switch on floating point emulation in the kernel and pass
	  the "no387" option to the kernel
	  4) pass the "floppy=nodma" option to the kernel
	  5) pass the "mem=4M" option to the kernel (thereby disabling
	  all but the first 4 MB of RAM)
	  6) make sure that the CPU is not over clocked.
	  7) read the sig11 FAQ at <http://www.bitwizard.nl/sig11/>
	  8) disable the cache from your BIOS settings
	  9) install a fan for the video card or exchange video RAM
	  10) install a better fan for the CPU
	  11) exchange RAM chips
	  12) exchange the motherboard.

	  To compile this driver as a module, choose M here: the
	  module will be called apm.

if APM

config APM_IGNORE_USER_SUSPEND
	bool "Ignore USER SUSPEND"
	help
	  This option will ignore USER SUSPEND requests. On machines with a
	  compliant APM BIOS, you want to say N. However, on the NEC Versa M
	  series notebooks, it is necessary to say Y because of a BIOS bug.

config APM_DO_ENABLE
	bool "Enable PM at boot time"
	---help---
	  Enable APM features at boot time. From page 36 of the APM BIOS
	  specification: "When disabled, the APM BIOS does not automatically
	  power manage devices, enter the Standby State, enter the Suspend
	  State, or take power saving steps in response to CPU Idle calls."
	  This driver will make CPU Idle calls when Linux is idle (unless this
	  feature is turned off -- see "Do CPU IDLE calls", below). This
	  should always save battery power, but more complicated APM features
	  will be dependent on your BIOS implementation. You may need to turn
	  this option off if your computer hangs at boot time when using APM
	  support, or if it beeps continuously instead of suspending. Turn
	  this off if you have a NEC UltraLite Versa 33/C or a Toshiba
	  T400CDT. This is off by default since most machines do fine without
	  this feature.

config APM_CPU_IDLE
	bool "Make CPU Idle calls when idle"
	help
	  Enable calls to APM CPU Idle/CPU Busy inside the kernel's idle loop.
	  On some machines, this can activate improved power savings, such as
	  a slowed CPU clock rate, when the machine is idle. These idle calls
	  are made after the idle loop has run for some length of time (e.g.,
	  333 mS). On some machines, this will cause a hang at boot time or
	  whenever the CPU becomes idle. (On machines with more than one CPU,
	  this option does nothing.)

config APM_DISPLAY_BLANK
	bool "Enable console blanking using APM"
	help
	  Enable console blanking using the APM. Some laptops can use this to
	  turn off the LCD backlight when the screen blanker of the Linux
	  virtual console blanks the screen. Note that this is only used by
	  the virtual console screen blanker, and won't turn off the backlight
	  when using the X Window system. This also doesn't have anything to
	  do with your VESA-compliant power-saving monitor. Further, this
	  option doesn't work for all laptops -- it might not turn off your
	  backlight at all, or it might print a lot of errors to the console,
	  especially if you are using gpm.

config APM_ALLOW_INTS
	bool "Allow interrupts during APM BIOS calls"
	help
	  Normally we disable external interrupts while we are making calls to
	  the APM BIOS as a measure to lessen the effects of a badly behaving
	  BIOS implementation.  The BIOS should reenable interrupts if it
	  needs to.  Unfortunately, some BIOSes do not -- especially those in
	  many of the newer IBM Thinkpads.  If you experience hangs when you
	  suspend, try setting this to Y.  Otherwise, say N.

config APM_REAL_MODE_POWER_OFF
	bool "Use real mode APM BIOS call to power off"
	help
	  Use real mode APM BIOS calls to switch off the computer. This is
	  a work-around for a number of buggy BIOSes. Switch this option on if
	  your computer crashes instead of powering off properly.

endif # APM

source "arch/x86/kernel/cpu/cpufreq/Kconfig"

source "drivers/cpuidle/Kconfig"

endmenu


menu "Bus options (PCI etc.)"

config PCI
	bool "PCI support" if !X86_VISWS
	depends on !X86_VOYAGER
	default y if X86_VISWS
	select ARCH_SUPPORTS_MSI if (X86_LOCAL_APIC && X86_IO_APIC)
	help
	  Find out whether you have a PCI motherboard. PCI is the name of a
	  bus system, i.e. the way the CPU talks to the other stuff inside
	  your box. Other bus systems are ISA, EISA, MicroChannel (MCA) or
	  VESA. If you have PCI, say Y, otherwise N.

	  The PCI-HOWTO, available from
	  <http://www.tldp.org/docs.html#howto>, contains valuable
	  information about which PCI hardware does work under Linux and which
	  doesn't.

choice
	prompt "PCI access mode"
	depends on X86_32 && PCI && !X86_VISWS
	default PCI_GOANY
	---help---
	  On PCI systems, the BIOS can be used to detect the PCI devices and
	  determine their configuration. However, some old PCI motherboards
	  have BIOS bugs and may crash if this is done. Also, some embedded
	  PCI-based systems don't have any BIOS at all. Linux can also try to
	  detect the PCI hardware directly without using the BIOS.

	  With this option, you can specify how Linux should detect the
	  PCI devices. If you choose "BIOS", the BIOS will be used,
	  if you choose "Direct", the BIOS won't be used, and if you
	  choose "MMConfig", then PCI Express MMCONFIG will be used.
	  If you choose "Any", the kernel will try MMCONFIG, then the
	  direct access method and falls back to the BIOS if that doesn't
	  work. If unsure, go with the default, which is "Any".

config PCI_GOBIOS
	bool "BIOS"

config PCI_GOMMCONFIG
	bool "MMConfig"

config PCI_GODIRECT
	bool "Direct"

config PCI_GOANY
	bool "Any"

endchoice

config PCI_BIOS
	def_bool y
	depends on X86_32 && !X86_VISWS && PCI && (PCI_GOBIOS || PCI_GOANY)

# x86-64 doesn't support PCI BIOS access from long mode so always go direct.
config PCI_DIRECT
	def_bool y
	depends on PCI && (X86_64 || (PCI_GODIRECT || PCI_GOANY) || X86_VISWS)

config PCI_MMCONFIG
	def_bool y
	depends on X86_32 && PCI && ACPI && (PCI_GOMMCONFIG || PCI_GOANY)

config PCI_DOMAINS
	def_bool y
	depends on PCI

config PCI_MMCONFIG
	bool "Support mmconfig PCI config space access"
	depends on X86_64 && PCI && ACPI

config DMAR
	bool "Support for DMA Remapping Devices (EXPERIMENTAL)"
	depends on X86_64 && PCI_MSI && ACPI && EXPERIMENTAL
	help
	  DMA remapping (DMAR) devices support enables independent address
	  translations for Direct Memory Access (DMA) from devices.
	  These DMA remapping devices are reported via ACPI tables
	  and include PCI device scope covered by these DMA
	  remapping devices.

config DMAR_GFX_WA
	def_bool y
	prompt "Support for Graphics workaround"
	depends on DMAR
	help
	 Current Graphics drivers tend to use physical address
	 for DMA and avoid using DMA APIs. Setting this config
	 option permits the IOMMU driver to set a unity map for
	 all the OS-visible memory. Hence the driver can continue
	 to use physical addresses for DMA.

config DMAR_FLOPPY_WA
	def_bool y
	depends on DMAR
	help
	 Floppy disk drivers are know to bypass DMA API calls
	 thereby failing to work when IOMMU is enabled. This
	 workaround will setup a 1:1 mapping for the first
	 16M to make floppy (an ISA device) work.

source "drivers/pci/pcie/Kconfig"

source "drivers/pci/Kconfig"

# x86_64 have no ISA slots, but do have ISA-style DMA.
config ISA_DMA_API
	def_bool y

if X86_32

config ISA
	bool "ISA support"
	depends on !(X86_VOYAGER || X86_VISWS)
	help
	  Find out whether you have ISA slots on your motherboard.  ISA is the
	  name of a bus system, i.e. the way the CPU talks to the other stuff
	  inside your box.  Other bus systems are PCI, EISA, MicroChannel
	  (MCA) or VESA.  ISA is an older system, now being displaced by PCI;
	  newer boards don't support it.  If you have ISA, say Y, otherwise N.

config EISA
	bool "EISA support"
	depends on ISA
	---help---
	  The Extended Industry Standard Architecture (EISA) bus was
	  developed as an open alternative to the IBM MicroChannel bus.

	  The EISA bus provided some of the features of the IBM MicroChannel
	  bus while maintaining backward compatibility with cards made for
	  the older ISA bus.  The EISA bus saw limited use between 1988 and
	  1995 when it was made obsolete by the PCI bus.

	  Say Y here if you are building a kernel for an EISA-based machine.

	  Otherwise, say N.

source "drivers/eisa/Kconfig"

config MCA
	bool "MCA support" if !(X86_VISWS || X86_VOYAGER)
	default y if X86_VOYAGER
	help
	  MicroChannel Architecture is found in some IBM PS/2 machines and
	  laptops.  It is a bus system similar to PCI or ISA. See
	  <file:Documentation/mca.txt> (and especially the web page given
	  there) before attempting to build an MCA bus kernel.

source "drivers/mca/Kconfig"

config SCx200
	tristate "NatSemi SCx200 support"
	depends on !X86_VOYAGER
	help
	  This provides basic support for National Semiconductor's
	  (now AMD's) Geode processors.  The driver probes for the
	  PCI-IDs of several on-chip devices, so its a good dependency
	  for other scx200_* drivers.

	  If compiled as a module, the driver is named scx200.

config SCx200HR_TIMER
	tristate "NatSemi SCx200 27MHz High-Resolution Timer Support"
	depends on SCx200 && GENERIC_TIME
	default y
	help
	  This driver provides a clocksource built upon the on-chip
	  27MHz high-resolution timer.  Its also a workaround for
	  NSC Geode SC-1100's buggy TSC, which loses time when the
	  processor goes idle (as is done by the scheduler).  The
	  other workaround is idle=poll boot option.

config GEODE_MFGPT_TIMER
	def_bool y
	prompt "Geode Multi-Function General Purpose Timer (MFGPT) events"
	depends on MGEODE_LX && GENERIC_TIME && GENERIC_CLOCKEVENTS
	help
	  This driver provides a clock event source based on the MFGPT
	  timer(s) in the CS5535 and CS5536 companion chip for the geode.
	  MFGPTs have a better resolution and max interval than the
	  generic PIT, and are suitable for use as high-res timers.

endif # X86_32

config K8_NB
	def_bool y
	depends on AGP_AMD64 || (X86_64 && (GART_IOMMU || (PCI && NUMA)))

source "drivers/pcmcia/Kconfig"

source "drivers/pci/hotplug/Kconfig"

endmenu


menu "Executable file formats / Emulations"

source "fs/Kconfig.binfmt"

config IA32_EMULATION
	bool "IA32 Emulation"
	depends on X86_64
	select COMPAT_BINFMT_ELF
	help
	  Include code to run 32-bit programs under a 64-bit kernel. You should
	  likely turn this on, unless you're 100% sure that you don't have any
	  32-bit programs left.

config IA32_AOUT
       tristate "IA32 a.out support"
       depends on IA32_EMULATION
       help
         Support old a.out binaries in the 32bit emulation.

config COMPAT
	def_bool y
	depends on IA32_EMULATION

config COMPAT_FOR_U64_ALIGNMENT
	def_bool COMPAT
	depends on X86_64

config SYSVIPC_COMPAT
	def_bool y
	depends on X86_64 && COMPAT && SYSVIPC

endmenu


source "net/Kconfig"

source "drivers/Kconfig"

source "drivers/firmware/Kconfig"

source "fs/Kconfig"

source "kernel/Kconfig.instrumentation"

source "arch/x86/Kconfig.debug"

source "security/Kconfig"

source "crypto/Kconfig"

source "lib/Kconfig"