1#
2# Copyright 2020, Data61, CSIRO (ABN 41 687 119 230)
3#
4# SPDX-License-Identifier: GPL-2.0-only
5#
6
7cmake_minimum_required(VERSION 3.7.2)
8
9if(KernelArchX86)
10    set_property(TARGET kernel_config_target APPEND PROPERTY TOPLEVELTYPES pde_C)
11    # x86 always has an FPU
12    set(KernelHaveFPU ON)
13
14endif()
15
16# Add any top level types
17if(KernelSel4ArchX86_64)
18    set_property(TARGET kernel_config_target APPEND PROPERTY TOPLEVELTYPES pdpte_C pml4e_C)
19endif()
20
21config_choice(
22    KernelX86MicroArch
23    KERNEL_X86_MICRO_ARCH
24    "Select the x86 micro architecture"
25    "nehalem;KernelX86MicroArchNehalem;ARCH_X86_NEHALEM;KernelArchX86"
26    "generic;KernelX86MicroArchGeneric;ARCH_X86_GENERIC;KernelArchX86"
27    "westmere;KernelX86MicroArchWestmere;ARCH_X86_WESTMERE;KernelArchX86"
28    "sandy;KernelX86MicroArchSandy;ARCH_X86_SANDY;KernelArchX86"
29    "ivy;KernelX86MicroArchIvy;ARCH_X86_IVY;KernelArchX86"
30    "haswell;KernelX86MicroArchHaswell;ARCH_X86_HASWELL;KernelArchX86"
31    "broadwell;KernelX86MicroArchBroadwell;ARCH_X86_BROADWELL;KernelArchX86"
32    "skylake;KernelX86MicroArchSkylake;ARCH_X86_SKYLAKE;KernelArchX86"
33)
34
35config_choice(
36    KernelIRQController
37    KERNEL_IRQ_CONTROLLER
38    "Select the IRQ controller seL4 will use. Code for others may still be included if \
39    needed to disable at run time. \
40    PIC -> Use the legacy PIC controller. \
41    IOAPIC -> Use one or more IOAPIC controllers"
42    "IOAPIC;KernelIRQControllerIOAPIC;IRQ_IOAPIC;KernelArchX86"
43    "PIC;KernelIRQControllerPIC;IRQ_PIC;KernelArchX86"
44)
45
46config_string(
47    KernelMaxNumIOAPIC MAX_NUM_IOAPIC
48    "Configure the maximum number of IOAPIC controllers that can be supported. SeL4 \
49    will detect IOAPICs regardless of whether the IOAPIC will actually be used as \
50    the final IRQ controller."
51    DEFAULT 1
52    DEPENDS "KernelIRQControllerIOAPIC" DEFAULT_DISABLED 0
53    UNQUOTE
54)
55
56config_choice(
57    KernelLAPICMode
58    KERNEL_LAPIC_MODE
59    "Select the mode local APIC will use. Not all machines support X2APIC mode."
60    "XAPIC;KernelLAPICModeXPAIC;XAPIC;KernelArchX86"
61    "X2APIC;KernelLAPICModeX2APIC;X2APIC;KernelArchX86"
62)
63
64config_option(
65    KernelUseLogcalIDs USE_LOGCAL_IDS
66    "Use logical IDs to broadcast IPI between cores. Not all machines support logical \
67    IDs. In xAPIC mode only 8 cores can be addressed using logical IDs."
68    DEFAULT OFF
69    DEPENDS "NOT ${KernelMaxNumNodes} EQUAL 1;KernelArchX86"
70)
71
72config_string(
73    KernelCacheLnSz CACHE_LN_SZ "Define cache line size for the current architecture"
74    DEFAULT 64
75    DEPENDS "KernelArchX86" UNDEF_DISABLED
76    UNQUOTE
77)
78
79config_option(
80    KernelVTX VTX "VTX support"
81    DEFAULT OFF
82    DEPENDS "KernelArchX86;NOT KernelVerificationBuild"
83)
84
85config_option(
86    KernelIOMMU IOMMU "IOMMU support for VT-d enabled chipset"
87    DEFAULT ON
88    DEPENDS "KernelPlatPC99; NOT KernelVerificationBuild"
89    DEFAULT_DISABLED OFF
90)
91
92config_string(
93    KernelMaxRMRREntries MAX_RMRR_ENTRIES
94    "Setsthe maximum number of Reserved Memory Region Reporting structures we support \
95    recording from the ACPI tables"
96    DEFAULT 32
97    DEPENDS "KernelIOMMU" DEFAULT_DISABLED 1
98    UNQUOTE
99)
100
101config_string(
102    KernelMaxVPIDs MAX_VPIDS
103    "The kernel maintains a mapping of 16-bit VPIDs to VCPUs. This option should be \
104    sized as small as possible to save memory, but be at least the number of VCPUs that \
105    will be run for optimum performance."
106    DEFAULT 1024
107    DEPENDS "KernelVTX" DEFAULT_DISABLED 0
108    UNQUOTE
109)
110
111config_option(
112    KernelHugePage HUGE_PAGE
113    "Add support for 1GB huge page. Not all recent processor models support this feature."
114    DEFAULT ON
115    DEPENDS "KernelSel4ArchX86_64"
116    DEFAULT_DISABLED OFF
117)
118config_option(
119    KernelSupportPCID SUPPORT_PCID
120    "Add support for PCIDs (aka hardware ASIDs). Not all processor models support this feature."
121    DEFAULT ON
122    DEPENDS "KernelSel4ArchX86_64"
123    DEFAULT_DISABLED OFF
124)
125
126config_choice(
127    KernelSyscall
128    KERNEL_X86_SYSCALL
129    "The kernel only ever supports one method of performing syscalls at a time. This \
130    config should be set to the most efficient one that is support by the hardware the \
131    system will run on"
132    "syscall;KernelX86SyscallSyscall;SYSCALL;KernelSel4ArchX86_64"
133    "sysenter;KernelX86SyscallSysenter;SYSENTER;KernelArchX86"
134)
135
136config_choice(
137    KernelFPU
138    KERNEL_X86_FPU
139    "Choose the method that FPU state is stored in. This \
140    directly affects the method used to save and restore it. \
141    FXSAVE -> This chooses the legacy 512-byte region used by the fxsave and fxrstor functions \
142    XSAVE -> This chooses the variable xsave region, and enables the ability to use any \
143    of the xsave variants to save and restore. The actual size of the region is dependent on \
144    the features enabled."
145    "XSAVE;KernelFPUXSave;XSAVE;KernelArchX86"
146    "FXSAVE;KernelFPUFXSave;FXSAVE;KernelArchX86"
147)
148
149config_choice(
150    KernelXSave
151    KERNEL_XSAVE
152    "The XSAVE area supports multiple instructions to save
153        and restore to it. These instructions are dependent upon specific CPU support. See Chapter 13 of Volume \
154        1 of the Intel Architectures SOftware Developers Manual for discussion on the init and modified \
155        optimizations. \
156        XSAVE -> Original XSAVE instruction. This is the only XSAVE instruction that is guaranteed to exist if \
157            XSAVE is present \
158        XSAVEC -> Save state with compaction. This compaction has to do with minimizing the total size of \
159            XSAVE buffer, if using non contiguous features, XSAVEC will attempt to use the init optimization \
160            when saving \
161        XSAVEOPT -> Save state taking advantage of both the init optimization and modified optimization \
162        XSAVES -> Save state taking advantage of the modified optimization. This instruction is only \
163            available in OS code, and is the preferred save method if it exists."
164    "XSAVEOPT;KernelXSaveXSaveOpt;XSAVE_XSAVEOPT;KernelFPUXSave"
165    "XSAVE;KernelXSaveXSave;XSAVE_XSAVE;KernelFPUXSave"
166    "XSAVEC;KernelXSaveXSaveC;XSAVE_XSAVEC;KernelFPUXSave"
167)
168config_string(
169    KernelXSaveFeatureSet XSAVE_FEATURE_SET
170    "XSAVE can save and restore the state for various features \
171    through the use of the feature mask. This config option represents the feature mask that we want to \
172    support. The CPU must support all bits in this feature mask. Current known bits are \
173        0 - FPU \
174        1 - SSE \
175        2 - AVX \
176        FPU and SSE is guaranteed to exist if XSAVE exists."
177    DEFAULT 3
178    DEPENDS "KernelFPUXSave" DEFAULT_DISABLED 0
179    UNQUOTE
180)
181
182if(KernelFPUXSave)
183    set(default_xsave_size 576)
184else()
185    set(default_xsave_size 512)
186endif()
187
188config_string(
189    KernelXSaveSize XSAVE_SIZE
190    "The size of the XSAVE region. This is dependent upon the features in \
191    XSAVE_FEATURE_SET that have been requested. Default is 576 for the FPU and SSE
192    state, unless XSAVE is not in use then it should be 512 for the legacy FXSAVE region."
193    DEFAULT ${default_xsave_size}
194    DEPENDS "KernelArchX86" DEFAULT_DISABLED 0
195    UNQUOTE
196)
197
198config_choice(
199    KernelFSGSBase
200    KERNEL_FSGS_BASE
201    "There are three ways to to set FS/GS base addresses: \
202    IA32_FS/GS_GDT, IA32_FS/GS_BASE_MSR, and fsgsbase instructions. \
203    IA32_FS/GS_GDT and IA32_FS/GS_BASE_MSR are availble for 32-bit. \
204    IA32_FS/GS_BASE_MSR and fsgsbase instructions are available for 64-bit."
205    "inst;KernelFSGSBaseInst;FSGSBASE_INST;KernelSel4ArchX86_64"
206    "gdt;KernelFSGSBaseGDT;FSGSBASE_GDT;KernelSel4ArchIA32"
207    "msr;KernelFSGSBaseMSR;FSGSBASE_MSR;KernelArchX86"
208)
209
210config_choice(
211    KernelMultibootGFXMode
212    KERNEL_MUTLTIBOOT_GFX_MODE
213    "The type of graphics mode to request from the boot loader. This is encoded into the \
214    multiboot header and is merely a hint, the boot loader is free to ignore or set some \
215    other mode"
216    "none;KernelMultibootGFXModeNone;MULTIBOOT_GRAPHICS_MODE_NONE;KernelArchX86"
217    "text;KernelMultibootGFXModeText;MULTIBOOT_GRAPHICS_MODE_TEXT;KernelArchX86"
218    "linear;KernelMultibootGFXModeLinear;MULTIBOOT_GRAPHICS_MODE_LINEAR;KernelArchX86"
219)
220
221config_string(
222    KernelMultibootGFXDepth MULTIBOOT_GRAPHICS_MODE_DEPTH
223    "The bits per pixel of the linear graphics mode ot request. Value of zero indicates \
224    no preference."
225    DEFAULT 32
226    DEPENDS "KernelMultibootGFXModeLinear" UNDEF_DISABLED
227    UNQUOTE
228)
229
230config_string(
231    KernelMultibootGFXWidth MULTIBOOT_GRAPHICS_MODE_WIDTH
232    "The width of the graphics mode to request. For a linear graphics mode this is the \
233    number of pixels. For a text mode this is the number of characters, value of zero \
234    indicates no preference."
235    DEFAULT 0
236    DEPENDS "KernelMultibootGFXModeText OR KernelMultibootGFXModeLinear" UNDEF_DISABLED
237    UNQUOTE
238)
239config_string(
240    KernelMultibootGFXHeight MULTIBOOT_GRAPHICS_MODE_HEIGHT
241    "The height of the graphics mode to request. For a linear graphics mode this is the \
242    number of pixels. For a text mode this is the number of characters, value of zero \
243    indicates no preference."
244    DEFAULT 0
245    DEPENDS "KernelMultibootGFXModeText OR KernelMultibootGFXModeLinear" UNDEF_DISABLED
246    UNQUOTE
247)
248
249config_option(
250    KernelMultiboot1Header MULTIBOOT1_HEADER
251    "Inserts a header that indicates to the bootloader that the kernel supports a multiboot 1 boot header"
252    DEFAULT ON
253    DEPENDS "KernelArchX86"
254)
255
256config_option(
257    KernelMultiboot2Header MULTIBOOT2_HEADER
258    "Inserts a header that indicates to the bootloader that the kernel supports a multiboot 2 boot header. \
259    This is can be enabled together with a multiboot 1 header and the boot loader may use either one"
260    DEFAULT ON
261    DEPENDS "KernelArchX86"
262)
263
264config_option(
265    KernelSkimWindow KERNEL_SKIM_WINDOW
266    "Prevent against the Meltdown vulnerability by using a reduced Static Kernel
267    Image and Micro-state window instead of having all kernel state in the kernel window.
268    This only needs to be enabled if deploying to a vulnerable processor"
269    DEFAULT ON
270    DEPENDS "KernelSel4ArchX86_64"
271    DEFAULT_DISABLED OFF
272)
273
274config_option(
275    KernelExportPMCUser EXPORT_PMC_USER "Grant user access to the Performance Monitoring Counters.
276    This allows the user to read performance counters, although
277    not control what the counters are and whether or not they
278    are counting. Nevertheless whilst this is useful for
279    evalulating performance this option opens timing and covert
280    channels."
281    DEFAULT OFF
282    DEPENDS "KernelArchX86;NOT KernelVerificationBuild"
283)
284
285config_option(
286    KernelX86DangerousMSR KERNEL_X86_DANGEROUS_MSR
287    "rdmsr/wrmsr kernel interface. Provides a syscall interface for reading and writing arbitrary MSRs.
288    This is extremely dangerous as no checks are performed and exists
289    to aid debugging and benchmarking."
290    DEFAULT OFF
291    DEPENDS "KernelArchX86;NOT KernelVerificationBuild"
292)
293
294if(KernelArchX86 AND (NOT "${KernelMaxNumNodes}" EQUAL 1))
295    set(STIBDEP TRUE)
296else()
297    set(STIBDEP FALSE)
298endif()
299
300config_choice(
301    KernelX86IBRSMode
302    KERNEL_X86_IBRS
303    "Indirect Branch Restricted Speculation mode
304    Used to prevent a user from manipulating the branch predictor to manipulate speculative
305    execution of other processes. On current processors IBRS has a prohibitive performance
306    penalty and it is recommended that it be disabled such that software mitigations are
307    used instead. Software mitigation is done by disabling jump tables (the only form of
308    indirect jump in seL4 except for 'ret') and flushing the RSB on vmexit. Flushing the RSB
309    at other times is not needed as seL4 does not switch kernel stacks and so is not
310    vulnerable to RSB underflow. The STIBP is essentially software mitigation but enables
311    the single thread isolation for branch predictions. This is only needed if attempting
312    to protect user level process from each other in a multicore environment."
313    "ibrs_none;KernelX86IBRSnone;KERNEL_X86_IBRS_NONE;KernelArchX86"
314    "ibrs_stibp;KernelX86IBRSSTIBP;KERNEL_X86_IBRS_STIBP;STIBPDEP"
315    "ibrs_basic;KernelX86IBRSBasic;KERNEL_X86_IBRS_BASIC;KernelArchX86"
316    "ibrs_all;KernelX86IBRSAll;KERNEL_X86_IBRS_ALL;KernelArchX86"
317)
318
319if(KernelX86IBRSBasic OR KernelX86IBRSSTIBP)
320    # As the kernel has no function pointers or other indirect jumps except those
321    # as generated by the compiler through switch statements we can disable jump
322    # tables in order to prevent Spectre Variant 2 style attacks.
323    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fno-jump-tables")
324endif()
325
326config_option(
327    KernelX86IBPBOnContextSwitch KERNEL_X86_IBPB_ON_CONTEXT_SWITCH
328    "Performs a IBPB on every context switch to prevent Spectre attacks between user
329    processes. This is extremely expensive and is recommended you only turn this on
330    if absolutely necessary.
331    Note that in a multicore environment you should also enable STIBP to prevent
332    other cores retraining the branch predictor even after context switch."
333    DEFAULT OFF
334    DEPENDS "KernelArchX86"
335)
336
337config_option(
338    KernelX86RSBOnContextSwitch KERNEL_X86_RSB_ON_CONTEXT_SWITCH
339    "Flushes the RSB on context switch to prevent Spectre attacks between user processes.
340    Whilst not nearly as expensive as an IBPB it is not enabled by default as it is
341    largely pointless to flush the RSB without also doing an IBPB as the RSB is already
342    a harder attack vector."
343    DEFAULT OFF
344    DEPENDS "KernelArchX86"
345)
346
347if(KernelSel4ArchIA32)
348    set(KernelSetTLSBaseSelf ON)
349    math(EXPR KernelPaddrUserTop "0xffff0000")
350else()
351    math(EXPR KernelPaddrUserTop "1 << 47")
352endif()
353if(KernelSel4ArchX86_64 AND NOT KernelFSGSBaseInst)
354    set(KernelSetTLSBaseSelf ON)
355endif()
356
357add_sources(
358    DEP "KernelArchX86"
359    PREFIX src/arch/x86
360    CFILES
361        c_traps.c
362        idle.c
363        api/faults.c
364        object/interrupt.c
365        object/ioport.c
366        object/objecttype.c
367        object/tcb.c
368        object/iospace.c
369        object/vcpu.c
370        kernel/vspace.c
371        kernel/apic.c
372        kernel/xapic.c
373        kernel/x2apic.c
374        kernel/boot_sys.c
375        kernel/smp_sys.c
376        kernel/boot.c
377        kernel/cmdline.c
378        kernel/ept.c
379        kernel/thread.c
380        model/statedata.c
381        machine/capdl.c
382        machine/hardware.c
383        machine/fpu.c
384        machine/cpu_identification.c
385        machine/breakpoint.c
386        machine/registerset.c
387        benchmark/benchmark.c
388        smp/ipi.c
389    ASMFILES multiboot.S
390)
391
392add_bf_source_old("KernelArchX86" "structures.bf" "include/arch/x86" "arch/object")
393
394include(src/arch/x86/${KernelWordSize}/config.cmake)
395