1#
2# Copyright 2017, Data61
3# Commonwealth Scientific and Industrial Research Organisation (CSIRO)
4# ABN 41 687 119 230.
5#
6# This software may be distributed and modified according to the terms of
7# the GNU General Public License version 2. Note that NO WARRANTY is provided.
8# See "LICENSE_GPLv2.txt" for details.
9#
10# @TAG(DATA61_GPL)
11#
12
13cmake_minimum_required(VERSION 3.7.2)
14
15config_choice(KernelX86Sel4Arch X86_SEL4_ARCH "Architecture mode for building the kernel"
16    "x86_64;KernelSel4ArchX86_64;ARCH_X86_64;KernelArchX86"
17    "ia32;KernelSel4ArchIA32;ARCH_IA32;KernelArchX86"
18)
19
20# Add any top level types
21if(KernelSel4ArchX86_64)
22    set_property(TARGET kernel_config_target APPEND PROPERTY TOPLEVELTYPES
23        pdpte_C pml4e_C
24    )
25endif()
26
27if(KernelArchX86)
28    # Only one platform so just force it to be set
29    config_set(KernelPlatform PLAT "pc99")
30    config_set(KernelPlatPC99 PLAT_PC99 ON)
31    config_set(KernelSel4Arch SEL4_ARCH "${KernelX86Sel4Arch}")
32    # x86 always has an FPU
33    set(KernelHaveFPU ON)
34else()
35    config_set(KernelPlatPC99 PLAT_PC99 OFF)
36endif()
37
38if(KernelSel4ArchX86_64)
39    set_kernel_64()
40elseif(KernelSel4ArchIA32)
41    set_kernel_32()
42endif()
43
44config_choice(KernelX86MicroArch KERNEL_X86_MICRO_ARCH "Select the x86 micro architecture"
45    "nehalem;KernelX86MicroArchNehalem;ARCH_X86_NEHALEM;KernelArchX86"
46    "generic;KernelX86MicroArchGeneric;ARCH_X86_GENERIC;KernelArchX86"
47    "westmere;KernelX86MicroArchWestmere;ARCH_X86_WESTMERE;KernelArchX86"
48    "sandy;KernelX86MicroArchSandy;ARCH_X86_SANDY;KernelArchX86"
49    "ivy;KernelX86MicroArchIvy;ARCH_X86_IVY;KernelArchX86"
50    "haswell;KernelX86MicroArchHaswell;ARCH_X86_HASWELL;KernelArchX86"
51    "broadwell;KernelX86MicroArchBroadwell;ARCH_X86_BROADWELL;KernelArchX86"
52    "skylake;KernelX86MicroArchSkylake;ARCH_X86_SKYLAKE;KernelArchX86"
53)
54
55config_choice(KernelIRQController KERNEL_IRQ_CONTROLLER
56    "Select the IRQ controller seL4 will use. Code for others may still be included if \
57    needed to disable at run time. \
58    PIC -> Use the legacy PIC controller. \
59    IOAPIC -> Use one or more IOAPIC controllers"
60    "IOAPIC;KernelIRQControllerIOAPIC;IRQ_IOAPIC;KernelArchX86"
61    "PIC;KernelIRQControllerPIC;IRQ_PIC;KernelArchX86"
62)
63
64config_string(KernelMaxNumIOAPIC MAX_NUM_IOAPIC
65    "Configure the maximum number of IOAPIC controllers that can be supported. SeL4 \
66    will detect IOAPICs regardless of whether the IOAPIC will actually be used as \
67    the final IRQ controller."
68    DEFAULT 1
69    DEPENDS "KernelIRQControllerIOAPIC" DEFAULT_DISABLED 0
70    UNQUOTE
71)
72
73config_choice(KernelLAPICMode KERNEL_LAPIC_MODE
74    "Select the mode local APIC will use. Not all machines support X2APIC mode."
75    "XAPIC;KernelLAPICModeXPAIC;XAPIC;KernelArchX86"
76    "X2APIC;KernelLAPICModeX2APIC;X2APIC;KernelArchX86"
77)
78
79config_option(KernelUseLogcalIDs USE_LOGCAL_IDS
80    "Use logical IDs to broadcast IPI between cores. Not all machines support logical \
81    IDs. In xAPIC mode only 8 cores can be addressed using logical IDs."
82    DEFAULT OFF
83    DEPENDS "NOT ${KernelMaxNumNodes} EQUAL 1;KernelArchX86"
84)
85
86config_string(KernelCacheLnSz CACHE_LN_SZ
87    "Define cache line size for the current architecture"
88    DEFAULT 64
89    DEPENDS "KernelArchX86" UNDEF_DISABLED
90    UNQUOTE
91)
92
93config_option(KernelVTX VTX
94    "VTX support"
95    DEFAULT OFF
96    DEPENDS "KernelArchX86;NOT KernelVerificationBuild"
97)
98
99config_string(KernelMaxVPIDs MAX_VPIDS
100    "The kernel maintains a mapping of 16-bit VPIDs to VCPUs. This option should be \
101    sized as small as possible to save memory, but be at least the number of VCPUs that \
102    will be run for optimum performance."
103    DEFAULT 1024
104    DEPENDS "KernelVTX" DEFAULT_DISABLED 0
105    UNQUOTE
106)
107
108config_option(KernelHugePage HUGE_PAGE
109    "Add support for 1GB huge page. Not all recent processor models support this feature."
110    DEFAULT ON
111    DEPENDS "KernelSel4ArchX86_64" DEFAULT_DISABLED OFF
112)
113config_option(KernelSupportPCID SUPPORT_PCID
114    "Add support for PCIDs (aka hardware ASIDs). Not all processor models support this feature."
115    DEFAULT ON
116    DEPENDS "KernelSel4ArchX86_64" DEFAULT_DISABLED OFF
117)
118
119config_choice(KernelSyscall KERNEL_X86_SYSCALL
120    "The kernel only ever supports one method of performing syscalls at a time. This \
121    config should be set to the most efficient one that is support by the hardware the \
122    system will run on"
123    "syscall;KernelX86SyscallSyscall;SYSCALL;KernelSel4ArchX86_64"
124    "sysenter;KernelX86SyscallSysenter;SYSENTER;KernelArchX86"
125)
126
127config_choice(KernelFPU KERNEL_X86_FPU "Choose the method that FPU state is stored in. This \
128    directly affects the method used to save and restore it. \
129    FXSAVE -> This chooses the legacy 512-byte region used by the fxsave and fxrstor functions \
130    XSAVE -> This chooses the variable xsave region, and enables the ability to use any \
131    of the xsave variants to save and restore. The actual size of the region is dependent on \
132    the features enabled."
133    "XSAVE;KernelFPUXSave;XSAVE;KernelArchX86"
134    "FXSAVE;KernelFPUFXSave;FXSAVE;KernelArchX86"
135)
136
137config_choice(KernelXSave KERNEL_XSAVE "The XSAVE area supports multiple instructions to save
138        and restore to it. These instructions are dependent upon specific CPU support. See Chapter 13 of Volume \
139        1 of the Intel Architectures SOftware Developers Manual for discussion on the init and modified \
140        optimizations. \
141        XSAVE -> Original XSAVE instruction. This is the only XSAVE instruction that is guaranteed to exist if \
142            XSAVE is present \
143        XSAVEC -> Save state with compaction. This compaction has to do with minimizing the total size of \
144            XSAVE buffer, if using non contiguous features, XSAVEC will attempt to use the init optimization \
145            when saving \
146        XSAVEOPT -> Save state taking advantage of both the init optimization and modified optimization \
147        XSAVES -> Save state taking advantage of the modified optimization. This instruction is only \
148            available in OS code, and is the preferred save method if it exists."
149    "XSAVEOPT;KernelXSaveXSaveOpt;XSAVE_XSAVEOPT;KernelFPUXSave"
150    "XSAVE;KernelXSaveXSave;XSAVE_XSAVE;KernelFPUXSave"
151    "XSAVEC;KernelXSaveXSaveC;XSAVE_XSAVEC;KernelFPUXSave"
152)
153config_string(KernelXSaveFeatureSet XSAVE_FEATURE_SET
154    "XSAVE can save and restore the state for various features \
155    through the use of the feature mask. This config option represents the feature mask that we want to \
156    support. The CPU must support all bits in this feature mask. Current known bits are \
157        0 - FPU \
158        1 - SSE \
159        2 - AVX \
160        FPU and SSE is guaranteed to exist if XSAVE exists."
161    DEFAULT 3
162    DEPENDS "KernelFPUXSave" DEFAULT_DISABLED 0
163    UNQUOTE
164)
165
166if(KernelFPUXSave)
167    set(default_xsave_size 576)
168else()
169    set(default_xsave_size 512)
170endif()
171
172config_string(KernelXSaveSize XSAVE_SIZE
173    "The size of the XSAVE region. This is dependent upon the features in \
174    XSAVE_FEATURE_SET that have been requested. Default is 576 for the FPU and SSE
175    state, unless XSAVE is not in use then it should be 512 for the legacy FXSAVE region."
176    DEFAULT ${default_xsave_size}
177    DEPENDS "KernelArchX86" DEFAULT_DISABLED 0
178    UNQUOTE
179)
180
181config_choice(KernelFSGSBase KERNEL_FSGS_BASE
182    "There are three ways to to set FS/GS base addresses: \
183    IA32_FS/GS_GDT, IA32_FS/GS_BASE_MSR, and fsgsbase instructions. \
184    IA32_FS/GS_GDT and IA32_FS/GS_BASE_MSR are availble for 32-bit. \
185    IA32_FS/GS_BASE_MSR and fsgsbase instructions are available for 64-bit."
186    "inst;KernelFSGSBaseInst;FSGSBASE_INST;KernelSel4ArchX86_64"
187    "gdt;KernelFSGSBaseGDT;FSGSBASE_GDT;KernelSel4ArchIA32"
188    "msr;KernelFSGSBaseMSR;FSGSBASE_MSR;KernelSel4ArchX86_64"
189)
190
191config_choice(KernelMultibootGFXMode KERNEL_MUTLTIBOOT_GFX_MODE
192    "The type of graphics mode to request from the boot loader. This is encoded into the \
193    multiboot header and is merely a hint, the boot loader is free to ignore or set some \
194    other mode"
195    "none;KernelMultibootGFXModeNone;MULTIBOOT_GRAPHICS_MODE_NONE;KernelArchX86"
196    "text;KernelMultibootGFXModeText;MULTIBOOT_GRAPHICS_MODE_TEXT;KernelArchX86"
197    "linear;KernelMultibootGFXModeLinear;MULTIBOOT_GRAPHICS_MODE_LINEAR;KernelArchX86"
198)
199
200config_string(KernelMultibootGFXDepth MULTIBOOT_GRAPHICS_MODE_DEPTH
201    "The bits per pixel of the linear graphics mode ot request. Value of zero indicates \
202    no preference."
203    DEFAULT 32
204    DEPENDS "KernelMultibootGFXModeLinear" UNDEF_DISABLED
205    UNQUOTE
206)
207
208config_string(KernelMultibootGFXWidth MULTIBOOT_GRAPHICS_MODE_WIDTH
209    "The width of the graphics mode to request. For a linear graphics mode this is the \
210    number of pixels. For a text mode this is the number of characters, value of zero \
211    indicates no preference."
212    DEFAULT 0
213    DEPENDS "KernelMultibootGFXModeText OR KernelMultibootGFXModeLinear" UNDEF_DISABLED
214    UNQUOTE
215)
216config_string(KernelMultibootGFXHeight MULTIBOOT_GRAPHICS_MODE_HEIGHT
217    "The height of the graphics mode to request. For a linear graphics mode this is the \
218    number of pixels. For a text mode this is the number of characters, value of zero \
219    indicates no preference."
220    DEFAULT 0
221    DEPENDS "KernelMultibootGFXModeText OR KernelMultibootGFXModeLinear" UNDEF_DISABLED
222    UNQUOTE
223)
224
225config_option(KernelMultiboot1Header MULTIBOOT1_HEADER
226    "Inserts a header that indicates to the bootloader that the kernel supports a multiboot 1 boot header"
227    DEFAULT ON
228    DEPENDS "KernelArchX86"
229)
230
231config_option(KernelMultiboot2Header MULTIBOOT2_HEADER
232    "Inserts a header that indicates to the bootloader that the kernel supports a multiboot 2 boot header. \
233    This is can be enabled together with a multiboot 1 header and the boot loader may use either one"
234    DEFAULT ON
235    DEPENDS "KernelArchX86"
236)
237
238config_option(KernelSkimWindow KERNEL_SKIM_WINDOW
239    "Prevent against the Meltdown vulnerability by using a reduced Static Kernel
240    Image and Micro-state window instead of having all kernel state in the kernel window.
241    This only needs to be enabled if deploying to a vulnerable processor"
242    DEFAULT ON
243    DEPENDS "KernelSel4ArchX86_64"
244    DEFAULT_DISABLED OFF
245)
246
247config_option(KernelExportPMCUser EXPORT_PMC_USER
248    "Grant user access to the Performance Monitoring Counters.
249    This allows the user to read performance counters, although
250    not control what the counters are and whether or not they
251    are counting. Nevertheless whilst this is useful for
252    evalulating performance this option opens timing and covert
253    channels."
254    DEFAULT OFF
255    DEPENDS "KernelArchX86;NOT KernelVerificationBuild"
256)
257
258config_option(KernelX86DangerousMSR KERNEL_X86_DANGEROUS_MSR
259    "rdmsr/wrmsr kernel interface. Provides a syscall interface for reading and writing arbitrary MSRs.
260    This is extremely dangerous as no checks are performed and exists
261    to aid debugging and benchmarking."
262    DEFAULT OFF
263    DEPENDS "KernelArchX86;NOT KernelVerificationBuild"
264)
265
266if (KernelArchX86 AND (NOT "${KernelMaxNumNodes}" EQUAL 1))
267    set(STIBDEP TRUE)
268else()
269    set(STIBDEP FALSE)
270endif()
271
272config_choice(KernelX86IBRSMode KERNEL_X86_IBRS
273    "Indirect Branch Restricted Speculation mode
274    Used to prevent a user from manipulating the branch predictor to manipulate speculative
275    execution of other processes. On current processors IBRS has a prohibitive performance
276    penalty and it is recommended that it be disabled such that software mitigations are
277    used instead. Software mitigation is done by disabling jump tables (the only form of
278    indirect jump in seL4 except for 'ret') and flushing the RSB on vmexit. Flushing the RSB
279    at other times is not needed as seL4 does not switch kernel stacks and so is not
280    vulernable to RSB underflow. The STIBP is essentially software mitigation but enables
281    the single thread isolation for branch predictions. This is only needed if attempting
282    to protect user level process from each other in a multicore environment."
283    "ibrs_none;KernelX86IBRSnone;KERNEL_X86_IBRS_NONE;KernelArchX86"
284    "ibrs_stibp;KernelX86IBRSSTIBP;KERNEL_X86_IBRS_STIBP;STIBPDEP"
285    "ibrs_basic;KernelX86IBRSBasic;KERNEL_X86_IBRS_BASIC;KernelArchX86"
286    "ibrs_all;KernelX86IBRSAll;KERNEL_X86_IBRS_ALL;KernelArchX86"
287)
288
289if (KernelX86IBRSBasic OR KernelX86IBRSSTIBP)
290    # As the kernel has no function pointers or other indirect jumps except those
291    # as generated by the compiler through switch statements we can disable jump
292    # tables in order to prevent Spectre Variant 2 style attacks.
293    set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fno-jump-tables")
294endif()
295
296config_option(KernelX86IBPBOnContextSwitch KERNEL_X86_IBPB_ON_CONTEXT_SWITCH
297    "Performs a IBPB on every context switch to prevent Spectre attacks between user
298    processes. This is extremely expensive and is recommended you only turn this on
299    if absolutely necessary.
300    Note that in a multicore environment you should also enable STIBP to prevent
301    other cores retraining the branch predictor even after context switch."
302    DEFAULT OFF
303    DEPENDS "KernelArchX86"
304)
305
306config_option(KernelX86RSBOnContextSwitch KERNEL_X86_RSB_ON_CONTEXT_SWITCH
307    "Flushes the RSB on context switch to prevent Spectre attacks between user processes.
308    Whilst not nearly as expensive as an IBPB it is not enabled by default as it is
309    largely pointless to flush the RSB without also doing an IBPB as the RSB is already
310    a harder attack vector."
311    DEFAULT OFF
312    DEPENDS "KernelArchX86"
313)
314
315add_sources(
316    DEP "KernelArchX86"
317    PREFIX src/arch/x86
318    CFILES
319        c_traps.c
320        idle.c
321        api/faults.c
322        object/interrupt.c
323        object/ioport.c
324        object/objecttype.c
325        object/tcb.c
326        object/iospace.c
327        object/vcpu.c
328        kernel/vspace.c
329        kernel/apic.c
330        kernel/xapic.c
331        kernel/x2apic.c
332        kernel/boot_sys.c
333        kernel/smp_sys.c
334        kernel/boot.c
335        kernel/cmdline.c
336        kernel/ept.c
337        kernel/thread.c
338        model/statedata.c
339        machine/hardware.c
340        machine/fpu.c
341        machine/cpu_identification.c
342        machine/breakpoint.c
343        machine/registerset.c
344        benchmark/benchmark.c
345        smp/ipi.c
346    ASMFILES
347        multiboot.S
348)
349
350add_sources(
351    DEP "KernelArchX86;KernelDebugBuild"
352    CFILES src/arch/x86/machine/capdl.c
353)
354
355add_bf_source_old("KernelArchX86" "structures.bf" "include/arch/x86" "arch/object")
356
357include(src/plat/pc99/config.cmake)
358
359include(src/arch/x86/32/config.cmake)
360include(src/arch/x86/64/config.cmake)
361