0001 # SPDX-License-Identifier: GPL-2.0
0002 #
0003 # KVM configuration
0004 #
0005
0006 source "virt/kvm/Kconfig"
0007
0008 menuconfig VIRTUALIZATION
0009 bool "Virtualization"
0010 depends on HAVE_KVM || X86
0011 default y
0012 help
0013 Say Y here to get to see options for using your Linux host to run other
0014 operating systems inside virtual machines (guests).
0015 This option alone does not add any kernel code.
0016
0017 If you say N, all options in this submenu will be skipped and disabled.
0018
0019 if VIRTUALIZATION
0020
0021 config KVM
0022 tristate "Kernel-based Virtual Machine (KVM) support"
0023 depends on HAVE_KVM
0024 depends on HIGH_RES_TIMERS
0025 depends on X86_LOCAL_APIC
0026 select PREEMPT_NOTIFIERS
0027 select MMU_NOTIFIER
0028 select HAVE_KVM_IRQCHIP
0029 select HAVE_KVM_PFNCACHE
0030 select HAVE_KVM_IRQFD
0031 select HAVE_KVM_DIRTY_RING
0032 select IRQ_BYPASS_MANAGER
0033 select HAVE_KVM_IRQ_BYPASS
0034 select HAVE_KVM_IRQ_ROUTING
0035 select HAVE_KVM_EVENTFD
0036 select KVM_ASYNC_PF
0037 select USER_RETURN_NOTIFIER
0038 select KVM_MMIO
0039 select SCHED_INFO
0040 select PERF_EVENTS
0041 select GUEST_PERF_EVENTS
0042 select HAVE_KVM_MSI
0043 select HAVE_KVM_CPU_RELAX_INTERCEPT
0044 select HAVE_KVM_NO_POLL
0045 select KVM_XFER_TO_GUEST_WORK
0046 select KVM_GENERIC_DIRTYLOG_READ_PROTECT
0047 select KVM_VFIO
0048 select SRCU
0049 select INTERVAL_TREE
0050 select HAVE_KVM_PM_NOTIFIER if PM
0051 help
0052 Support hosting fully virtualized guest machines using hardware
0053 virtualization extensions. You will need a fairly recent
0054 processor equipped with virtualization extensions. You will also
0055 need to select one or more of the processor modules below.
0056
0057 This module provides access to the hardware capabilities through
0058 a character device node named /dev/kvm.
0059
0060 To compile this as a module, choose M here: the module
0061 will be called kvm.
0062
0063 If unsure, say N.
0064
0065 config KVM_WERROR
0066 bool "Compile KVM with -Werror"
0067 # KASAN may cause the build to fail due to larger frames
0068 default y if X86_64 && !KASAN
0069 # We use the dependency on !COMPILE_TEST to not be enabled
0070 # blindly in allmodconfig or allyesconfig configurations
0071 depends on KVM
0072 depends on (X86_64 && !KASAN) || !COMPILE_TEST
0073 depends on EXPERT
0074 help
0075 Add -Werror to the build flags for KVM.
0076
0077 If in doubt, say "N".
0078
0079 config KVM_INTEL
0080 tristate "KVM for Intel (and compatible) processors support"
0081 depends on KVM && IA32_FEAT_CTL
0082 help
0083 Provides support for KVM on processors equipped with Intel's VT
0084 extensions, a.k.a. Virtual Machine Extensions (VMX).
0085
0086 To compile this as a module, choose M here: the module
0087 will be called kvm-intel.
0088
0089 config X86_SGX_KVM
0090 bool "Software Guard eXtensions (SGX) Virtualization"
0091 depends on X86_SGX && KVM_INTEL
0092 help
0093
0094 Enables KVM guests to create SGX enclaves.
0095
0096 This includes support to expose "raw" unreclaimable enclave memory to
0097 guests via a device node, e.g. /dev/sgx_vepc.
0098
0099 If unsure, say N.
0100
0101 config KVM_AMD
0102 tristate "KVM for AMD processors support"
0103 depends on KVM
0104 help
0105 Provides support for KVM on AMD processors equipped with the AMD-V
0106 (SVM) extensions.
0107
0108 To compile this as a module, choose M here: the module
0109 will be called kvm-amd.
0110
0111 config KVM_AMD_SEV
0112 def_bool y
0113 bool "AMD Secure Encrypted Virtualization (SEV) support"
0114 depends on KVM_AMD && X86_64
0115 depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=y && CRYPTO_DEV_CCP_DD=m)
0116 help
0117 Provides support for launching Encrypted VMs (SEV) and Encrypted VMs
0118 with Encrypted State (SEV-ES) on AMD processors.
0119
0120 config KVM_XEN
0121 bool "Support for Xen hypercall interface"
0122 depends on KVM
0123 help
0124 Provides KVM support for the hosting Xen HVM guests and
0125 passing Xen hypercalls to userspace.
0126
0127 If in doubt, say "N".
0128
0129 config KVM_EXTERNAL_WRITE_TRACKING
0130 bool
0131
0132 endif # VIRTUALIZATION
