CPU_TTBR0_PAN has same effect as CPU_SW_DOMAIN_PAN, but it is compatible
to ARM_LPAE while CPU_SW_DOMAIN_PAN is not.
So it an optional way to go for ARM PAN solutions.
Bug: 174207917
Signed-off-by: Orson Zhai <orson.zhai@unisoc.com>
Change-Id: I70bd304b0a386e7b4bd7f0c26111e02f3986bdab
CONFIG_MEMCG is not required if device enables CONFIG_PSI. Change
CONFIG_MEMCG requirement to a conditional for either CONFIG_MEMCG or
CONFIG_PSI to be enabled. This saves memory resource on devices that
use PSI for memory pressure monitoring.
Bug: 150752949
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Merged-In: I67bd7aa17d4f939b7eb14a6c91a6f96ef862c80b
Change-Id: I67bd7aa17d4f939b7eb14a6c91a6f96ef862c80b
Android does not use per-cgroup CPU allowance for RT tasks feature.
Disable it so that RT task allowance is controlled globally using
/proc/sys/kernel/sched_rt_runtime_us.
Bug: 149954332
Test: TreeHugger
Change-Id: I63fe994732d9abb0119a79870f4c3c772db75aa7
Suggested-by: Snild Dolkow <snild@sony.com>
Signed-off-by: Suren Baghdasaryan <surenb@google.com>
Some platforms do not require this mitigation. For platforms that do,
this config requirement will continue to be enforced in CTS.
Bug: 135948601
Change-Id: I6a3cb5f4a003b0fbd80dbb412a451cd1b94e5eca
Signed-off-by: Steve Muckle <smuckle@google.com>
It's usually very helpful to enable AES-XTS and SHA-256 optimized with
the ARM crypto extensions (or x86 AES-NI and SHA-NI). AES-XTS is used
by file-based encryption; SHA-256 is used by dm-verity. I was a bit
surprised to see that these weren't already in the recommended configs.
This is change I6175e16261a7360d34de76735e06e21c41db58c8 applied to the
'q' directory.
Bug: 130816578
Change-Id: I7049f7f47bc343a8001640809e1eb6dafded172f
Signed-off-by: Eric Biggers <ebiggers@google.com>
Recommend enabling the kernel config options needed to use file-based
encryption on ext4 and f2fs.
This is change I69097c7e5f38f9c2916cae40df5720183377cd7e applied to the
'q' directory.
Bug: 130816578
Change-Id: I5bfba46d3a6aafa4d86a6e2c3bc50d6c0942d578
Signed-off-by: Eric Biggers <ebiggers@google.com>
... by copying the modules into q/ directory and renaming the kernel
config modules as kernel_config_q_*.
Kernel versions are yet to be frozen.
Bug: 130295628
Test: builds and look at compatibility matrix
Change-Id: I9e0d6faa936265d60416180a2898ca0da115cd18
