]>
Commit | Line | Data |
---|---|---|
1 | # SPDX-License-Identifier: GPL-2.0 | |
2 | # | |
3 | # KVM configuration | |
4 | # | |
5 | ||
6 | source "virt/kvm/Kconfig" | |
7 | ||
8 | menuconfig VIRTUALIZATION | |
9 | bool "Virtualization" | |
10 | depends on HAVE_KVM || X86 | |
11 | default y | |
12 | help | |
13 | Say Y here to get to see options for using your Linux host to run other | |
14 | operating systems inside virtual machines (guests). | |
15 | This option alone does not add any kernel code. | |
16 | ||
17 | If you say N, all options in this submenu will be skipped and disabled. | |
18 | ||
19 | if VIRTUALIZATION | |
20 | ||
21 | config KVM | |
22 | tristate "Kernel-based Virtual Machine (KVM) support" | |
23 | depends on HAVE_KVM | |
24 | depends on HIGH_RES_TIMERS | |
25 | depends on X86_LOCAL_APIC | |
26 | select PREEMPT_NOTIFIERS | |
27 | select MMU_NOTIFIER | |
28 | select HAVE_KVM_IRQCHIP | |
29 | select HAVE_KVM_IRQFD | |
30 | select IRQ_BYPASS_MANAGER | |
31 | select HAVE_KVM_IRQ_BYPASS | |
32 | select HAVE_KVM_IRQ_ROUTING | |
33 | select HAVE_KVM_EVENTFD | |
34 | select KVM_ASYNC_PF | |
35 | select USER_RETURN_NOTIFIER | |
36 | select KVM_MMIO | |
37 | select SCHED_INFO | |
38 | select PERF_EVENTS | |
39 | select HAVE_KVM_MSI | |
40 | select HAVE_KVM_CPU_RELAX_INTERCEPT | |
41 | select HAVE_KVM_NO_POLL | |
42 | select KVM_XFER_TO_GUEST_WORK | |
43 | select KVM_GENERIC_DIRTYLOG_READ_PROTECT | |
44 | select KVM_VFIO | |
45 | select SRCU | |
46 | select HAVE_KVM_PM_NOTIFIER if PM | |
47 | help | |
48 | Support hosting fully virtualized guest machines using hardware | |
49 | virtualization extensions. You will need a fairly recent | |
50 | processor equipped with virtualization extensions. You will also | |
51 | need to select one or more of the processor modules below. | |
52 | ||
53 | This module provides access to the hardware capabilities through | |
54 | a character device node named /dev/kvm. | |
55 | ||
56 | To compile this as a module, choose M here: the module | |
57 | will be called kvm. | |
58 | ||
59 | If unsure, say N. | |
60 | ||
61 | config KVM_WERROR | |
62 | bool "Compile KVM with -Werror" | |
63 | # KASAN may cause the build to fail due to larger frames | |
64 | default y if X86_64 && !KASAN | |
65 | # We use the dependency on !COMPILE_TEST to not be enabled | |
66 | # blindly in allmodconfig or allyesconfig configurations | |
67 | depends on KVM | |
68 | depends on (X86_64 && !KASAN) || !COMPILE_TEST | |
69 | depends on EXPERT | |
70 | help | |
71 | Add -Werror to the build flags for KVM. | |
72 | ||
73 | If in doubt, say "N". | |
74 | ||
75 | config KVM_INTEL | |
76 | tristate "KVM for Intel (and compatible) processors support" | |
77 | depends on KVM && IA32_FEAT_CTL | |
78 | help | |
79 | Provides support for KVM on processors equipped with Intel's VT | |
80 | extensions, a.k.a. Virtual Machine Extensions (VMX). | |
81 | ||
82 | To compile this as a module, choose M here: the module | |
83 | will be called kvm-intel. | |
84 | ||
85 | config X86_SGX_KVM | |
86 | bool "Software Guard eXtensions (SGX) Virtualization" | |
87 | depends on X86_SGX && KVM_INTEL | |
88 | help | |
89 | ||
90 | Enables KVM guests to create SGX enclaves. | |
91 | ||
92 | This includes support to expose "raw" unreclaimable enclave memory to | |
93 | guests via a device node, e.g. /dev/sgx_vepc. | |
94 | ||
95 | If unsure, say N. | |
96 | ||
97 | config KVM_AMD | |
98 | tristate "KVM for AMD processors support" | |
99 | depends on KVM | |
100 | help | |
101 | Provides support for KVM on AMD processors equipped with the AMD-V | |
102 | (SVM) extensions. | |
103 | ||
104 | To compile this as a module, choose M here: the module | |
105 | will be called kvm-amd. | |
106 | ||
107 | config KVM_AMD_SEV | |
108 | def_bool y | |
109 | bool "AMD Secure Encrypted Virtualization (SEV) support" | |
110 | depends on KVM_AMD && X86_64 | |
111 | depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=y && CRYPTO_DEV_CCP_DD=m) | |
112 | help | |
113 | Provides support for launching Encrypted VMs (SEV) and Encrypted VMs | |
114 | with Encrypted State (SEV-ES) on AMD processors. | |
115 | ||
116 | config KVM_XEN | |
117 | bool "Support for Xen hypercall interface" | |
118 | depends on KVM | |
119 | help | |
120 | Provides KVM support for the hosting Xen HVM guests and | |
121 | passing Xen hypercalls to userspace. | |
122 | ||
123 | If in doubt, say "N". | |
124 | ||
125 | config KVM_MMU_AUDIT | |
126 | bool "Audit KVM MMU" | |
127 | depends on KVM && TRACEPOINTS | |
128 | help | |
129 | This option adds a R/W kVM module parameter 'mmu_audit', which allows | |
130 | auditing of KVM MMU events at runtime. | |
131 | ||
132 | endif # VIRTUALIZATION |