• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# SPDX-License-Identifier: GPL-2.0
2#
3# KVM configuration
4#
5
6source "virt/kvm/Kconfig"
7
8menuconfig VIRTUALIZATION
9	bool "Virtualization"
10	help
11	  Say Y here to get to see options for using your Linux host to run
12	  other operating systems inside virtual machines (guests).
13	  This option alone does not add any kernel code.
14
15	  If you say N, all options in this submenu will be skipped and
16	  disabled.
17
18if VIRTUALIZATION
19
20menuconfig KVM
21	bool "Kernel-based Virtual Machine (KVM) support"
22	depends on AS_HAS_ARMV8_4
23	select KVM_COMMON
24	select KVM_GENERIC_HARDWARE_ENABLING
25	select KVM_GENERIC_MMU_NOTIFIER
26	select HAVE_KVM_CPU_RELAX_INTERCEPT
27	select KVM_MMIO
28	select KVM_GENERIC_DIRTYLOG_READ_PROTECT
29	select KVM_XFER_TO_GUEST_WORK
30	select KVM_VFIO
31	select HAVE_KVM_DIRTY_RING_ACQ_REL
32	select NEED_KVM_DIRTY_RING_WITH_BITMAP
33	select HAVE_KVM_MSI
34	select HAVE_KVM_IRQCHIP
35	select HAVE_KVM_IRQ_ROUTING
36	select HAVE_KVM_IRQ_BYPASS
37	select HAVE_KVM_READONLY_MEM
38	select HAVE_KVM_VCPU_RUN_PID_CHANGE
39	select SCHED_INFO
40	select GUEST_PERF_EVENTS if PERF_EVENTS
41	help
42	  Support hosting virtualized guest machines.
43
44	  If unsure, say N.
45
46if KVM
47
48config PTDUMP_STAGE2_DEBUGFS
49	bool "Present the stage-2 pagetables to debugfs"
50	depends on DEBUG_KERNEL
51	depends on DEBUG_FS
52	depends on GENERIC_PTDUMP
53	select PTDUMP_CORE
54	default n
55	help
56	  Say Y here if you want to show the stage-2 kernel pagetables
57	  layout in a debugfs file. This information is only useful for kernel developers
58	  who are working in architecture specific areas of the kernel.
59	  It is probably not a good idea to enable this feature in a production
60	  kernel.
61
62	  If in doubt, say N.
63
64config PKVM_MODULE_PATH
65	string "Path to pKVM modules"
66	default ""
67	help
68	  Directory where the pKVM modules are found. If empty, the modules
69	  will be searched into the default path /lib/modules/<uname>.
70
71menuconfig PKVM_DEBUG
72	bool "Debug mode for Protected KVM hypervisor"
73	help
74	  Say Y here to enable the debug mode for the Protected KVM (pKVM)
75	  hypervisor. Failure reports will BUG() in the hypervisor. This is
76	  intended for local EL2 hypervisor development.
77
78	  If unsure, say N.
79
80if PKVM_DEBUG
81
82config PKVM_STRICT_CHECKS
83	bool "Additional checks in the Protected KVM hypervisor"
84	default y
85	help
86	  Say Y here to add more checks into the Protected KVM hypervisor.
87          Those checks have a slight performance cost and will BUG() on a
88          failure. This is intended for EL2 hypervisor development.
89
90config PKVM_SELFTESTS
91	bool "Protected KVM hypervisor selftests"
92	default y
93	help
94	  Say Y here to enable Protected KVM (pKVM) hypervisor selftests
95	  during boot. Failure reports will panic the hypervisor. This is
96	  intended for EL2 hypervisor development.
97
98	  If unsure, say N.
99
100config PKVM_DUMP_TRACE_ON_PANIC
101	bool "Dump Protected KVM hypervisor trace buffer on panic"
102	default y
103	help
104	   Say Y here to dump the content of the pKVM hypervisor on either
105           hypervisor or host panic. In the case of a hyp panic, only the tail
106           page is dumped. It only has an effect if the command line option
107           hyp_trace_printk is set.
108
109config PKVM_FTRACE
110	bool "Protected KVM hypervisor function tracing"
111	depends on FTRACE
112	default y
113	help
114	  Say Y here to enable func and func_ret hypervisor tracing events.
115	  Those events are raised whenever the hypervisor branch to a
116	  function.
117
118	  If unsure, Say N.
119
120config PKVM_STACKTRACE
121	bool "Protected KVM hypervisor stacktraces"
122	depends on PKVM_DISABLE_STAGE2_ON_PANIC
123	default y
124	help
125	  Say Y here to enable pKVM hypervisor stacktraces on hyp_panic()
126
127	  If using protected nVHE mode, but cannot afford the associated
128	  memory cost (less than 0.75 page per CPU) of pKVM stacktraces,
129	  say N.
130
131	  If unsure, or not using protected nVHE (pKVM), say N.
132
133config PKVM_DISABLE_STAGE2_ON_PANIC
134	bool "Disable the host stage-2 on panic"
135	default n
136	help
137	  If panic occurs while the host lock is held and if, plagued by bad
138	  luck the panic path triggers a host stage-2 memory abort, a lockup
139	  would happen. The only way out is to disable the stage-2 page-table.
140	  This however tamper the system security. This option should therefore
141	  solely be enabled to debug specific issues.
142
143	  Just say N.
144
145endif # PKVM_DEBUG
146endif # KVM
147endif # VIRTUALIZATION
148