TODO(fxbug.dev/53594): move kernel_cmdline.md verbiage here
Default: false
If this option is set, the system will not use Address Space Layout Randomization.
Default: 0x1e
For address spaces that use ASLR this controls the number of bits of entropy in the randomization. Higher entropy results in a sparser address space and uses more memory for page tables. Valid values range from 0-36.
Default: false
When enabled and if HW RNG fails at reseeding, CPRNG panics.
Default: false
When enabled and if jitterentropy fails at reseeding, CPRNG panics.
Default: false
When enabled and if HW RNG fails at initial seeding, CPRNG panics.
Default: false
When enabled and if jitterentrop fails initial seeding, CPRNG panics.
Default: false
When enabled and if you do not provide entropy input from the kernel command line, CPRNG panics.
Provides entropy to be mixed into the kernel's CPRNG. The value must be a string of lowercase hexadecimal digits.
The original value will be scrubbed from memory as soon as possible and will be redacted from all diagnostic output.
Default: 0x40
Sets the “memory block size” parameter for jitterentropy. When jitterentropy is performing memory operations (to increase variation in CPU timing), the memory will be accessed in blocks of this size.
Default: 0x200
Sets the “memory block count” parameter for jitterentropy. When jitterentropy is performing memory operations (to increase variation in CPU timing), this controls how many blocks (of size kernel.jitterentropy.bs) are accessed.
Default: 0x20
Sets the “memory loops” parameter for jitterentropy. When jitterentropy is performing memory operations (to increase variation in CPU timing), this controls how many times the memory access routine is repeated. This parameter is only used when kernel.jitterentropy.raw is true. If the value of this parameter is 0 or if kernel.jitterentropy.raw is false, then jitterentropy chooses the number of loops is a random-ish way.
Default: 0x1
Sets the “LFSR loops” parameter for jitterentropy (the default is 1). When jitterentropy is performing CPU-intensive LFSR operations (to increase variation in CPU timing), this controls how many times the LFSR routine is repeated. This parameter is only used when kernel.jitterentropy.raw is true. If the value of this parameter is 0 or if kernel.jitterentropy.raw is false, then jitterentropy chooses the number of loops is a random-ish way.
Default: true
When true (the default), the jitterentropy entropy collector will return raw, unprocessed samples. When false, the raw samples will be processed by jitterentropy, producing output data that looks closer to uniformly random. Note that even when set to false, the CPRNG will re-process the samples, so the processing inside of jitterentropy is somewhat redundant.
Default: reboot
This option can be used to configure the behavior of the kernel when encountering an out-of-memory (OOM) situation. Valid values are jobkill, and reboot.
If set to jobkill, when encountering OOM, the kernel attempts to kill jobs that have the ZX_PROP_JOB_KILL_ON_OOM bit set to recover memory.
If set to reboot, when encountering OOM, the kernel signals an out-of-memory event (see zx_system_get_event()), delays briefly, and then reboots the system.
Default: true
This option turns on the out-of-memory (OOM) kernel thread, which kills processes or reboots the system (per kernel.oom.behavior), when the PMM has less than kernel.oom.outofmemory-mb free memory.
An OOM can be manually triggered by the command k pmm oom, which will cause free memory to fall below the kernel.oom.outofmemory-mb threshold. An allocation rate can be provided with k pmm oom <rate>, where <rate> is in MB. This will cause the specified amount of memory to be allocated every second, which can be useful for observing memory pressure state transitions.
Refer to kernel.oom.outofmemory-mb, kernel.oom.critical-mb, kernel.oom.warning-mb, and zx_system_get_event() for further details on memory pressure state transitions.
The current memory availability state can be queried with the command k pmm mem_avail_state info.
Default: 0x32
This option specifies the free-memory threshold at which the out-of-memory (OOM) thread will trigger an out-of-memory event and begin killing processes, or rebooting the system.
Default: 0x96
This option specifies the free-memory threshold at which the out-of-memory (OOM) thread will trigger a critical memory pressure event, signaling that processes should free up memory.
Default: 0x12c
This option specifies the free-memory threshold at which the out-of-memory (OOM) thread will trigger a warning memory pressure event, signaling that processes should slow down memory allocations.
Default: 0x1
This option specifies the memory debounce value used when computing the memory pressure state based on the free-memory thresholds (kernel.oom.outofmemory-mb, kernel.oom.critical-mb and kernel.oom.warning-mb). Transitions between memory availability states are debounced by not leaving a state until the amount of free memory is at least kernel.oom.debounce-mb outside of that state.
For example, consider the case where kernel.oom.critical-mb is set to 100 MB and kernel.oom.debounce-mb set to 5 MB. If we currently have 90 MB of free memory on the system, i.e. we're in the Critical state, free memory will have to increase to at least 105 MB (100 MB + 5 MB) for the state to change from Critical to Warning.
Default: false
This option triggers eviction of file pages at the Warning pressure state, in addition to the default behavior, which is to evict at the Critical and OOM states.
Default: none
TODO(53594)
Default: false
If set, disables all speculative execution information leak mitigations.
If unset, the per-mitigation defaults will be used.
Default: false
When enabled, each ARM cpu will enable an event stream generator, which per-cpu sets the hidden event flag at a particular rate. This has the effect of kicking cpus out of any WFE states they may be sitting in.
Default: 0x2710
If the event stream is enabled, specifies the frequency at which it will attempt to run. The resolution is limited, so the driver will only be able to pick the nearest power of 2 from the cpu timer counter.
If set, tries to initialize the dap debug aperture at a hard coded address for the particular system on chip. Currently accepted values are amlogic-t931g, amlogic-s905d2, and amlogic-s905d3g.
Default: false
If set, disables all speculative execution information leak mitigations.
If unset, the per-mitigation defaults will be used.
Default: true
This settings enables HWP (hardware P-states) on supported chips. This feature lets Intel CPUs automatically scale their own clock speed.
Default: bios-specified
Set a power/performance tradeoff policy of the CPU. x86 CPUs with HWP (hardware P-state) support can be configured to autonomusly scale their frequency to favour different policies.
Currently supported policies are:
bios-specified: Use the power/performance tradeoff policy specified in firmware/BIOS settings. If no policy is available, falls back to balanced.performance: Maximise performance.balanced: Balance performance / power savings.power-save: Reduce power usage, at the cost of lower performance.stable-performance: Use settings that keep system performance consistent. This may be useful for benchmarking, for example, where keeping performance predictable is more important than maximising performance.Default: true
MDS (Microarchitectural Data Sampling) is a family of speculative execution information leak bugs that allow the contents of recent loads or stores to be inferred by hostile code, regardless of privilege level (CVE-2019-11091, CVE-2018-12126, CVE-2018-12130, CVE-2018-12127). For example, this could allow user code to read recent kernel loads/stores.
To avoid this bug, it is required that all microarchitectural structures that could leak data be flushed on trust level transitions. Also, it is important that trust levels do not concurrently execute on a single physical processor core.
This option controls whether microarchitectual structures are flushed on the kernel to user exit path, if possible. It may have a negative performance impact.
Default: 0x2
Page table isolation configures user page tables to not have kernel text or data mapped. This may impact performance negatively. This is a mitigation for Meltdown (AKA CVE-2017-5754).
TODO(joshuaseaton): make this an enum instead of using magic integers.
Default: false
Spec-store-bypass (Spectre V4) is a speculative execution information leak vulnerability that affects many Intel and AMD x86 CPUs. It targets memory disambiguation hardware to infer the contents of recent stores. The attack only affects same-privilege-level, intra-process data.
This command line option controls whether a mitigation is enabled. The mitigation has negative performance impacts.
Default: true
Turbo Boost or Core Performance Boost are mechanisms that allow processors to dynamically vary their performance at runtime based on available thermal and electrical budget. This may provide improved interactive performance at the cost of performance variability. Some workloads may benefit from disabling Turbo; if this command line flag is set to false, turbo is disabled for all CPUs in the system.
TODO: put something here