e194bbdf36
VFIO has proved itself a much better option than KVM's built-in device assignment. It is mature, provides better isolation because it enforces ACS, and even the userspace code is being tested on a wider variety of hardware these days than the legacy support. Disable legacy device assignment by default. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
106 lines
2.8 KiB
Plaintext
106 lines
2.8 KiB
Plaintext
#
|
|
# KVM configuration
|
|
#
|
|
|
|
source "virt/kvm/Kconfig"
|
|
|
|
menuconfig VIRTUALIZATION
|
|
bool "Virtualization"
|
|
depends on HAVE_KVM || X86
|
|
default y
|
|
---help---
|
|
Say Y here to get to see options for using your Linux host to run other
|
|
operating systems inside virtual machines (guests).
|
|
This option alone does not add any kernel code.
|
|
|
|
If you say N, all options in this submenu will be skipped and disabled.
|
|
|
|
if VIRTUALIZATION
|
|
|
|
config KVM
|
|
tristate "Kernel-based Virtual Machine (KVM) support"
|
|
depends on HAVE_KVM
|
|
depends on HIGH_RES_TIMERS
|
|
# for TASKSTATS/TASK_DELAY_ACCT:
|
|
depends on NET
|
|
select PREEMPT_NOTIFIERS
|
|
select MMU_NOTIFIER
|
|
select ANON_INODES
|
|
select HAVE_KVM_IRQCHIP
|
|
select HAVE_KVM_IRQFD
|
|
select HAVE_KVM_IRQ_ROUTING
|
|
select HAVE_KVM_EVENTFD
|
|
select KVM_APIC_ARCHITECTURE
|
|
select KVM_ASYNC_PF
|
|
select USER_RETURN_NOTIFIER
|
|
select KVM_MMIO
|
|
select TASKSTATS
|
|
select TASK_DELAY_ACCT
|
|
select PERF_EVENTS
|
|
select HAVE_KVM_MSI
|
|
select HAVE_KVM_CPU_RELAX_INTERCEPT
|
|
select KVM_GENERIC_DIRTYLOG_READ_PROTECT
|
|
select KVM_VFIO
|
|
select SRCU
|
|
---help---
|
|
Support hosting fully virtualized guest machines using hardware
|
|
virtualization extensions. You will need a fairly recent
|
|
processor equipped with virtualization extensions. You will also
|
|
need to select one or more of the processor modules below.
|
|
|
|
This module provides access to the hardware capabilities through
|
|
a character device node named /dev/kvm.
|
|
|
|
To compile this as a module, choose M here: the module
|
|
will be called kvm.
|
|
|
|
If unsure, say N.
|
|
|
|
config KVM_INTEL
|
|
tristate "KVM for Intel processors support"
|
|
depends on KVM
|
|
# for perf_guest_get_msrs():
|
|
depends on CPU_SUP_INTEL
|
|
---help---
|
|
Provides support for KVM on Intel processors equipped with the VT
|
|
extensions.
|
|
|
|
To compile this as a module, choose M here: the module
|
|
will be called kvm-intel.
|
|
|
|
config KVM_AMD
|
|
tristate "KVM for AMD processors support"
|
|
depends on KVM
|
|
---help---
|
|
Provides support for KVM on AMD processors equipped with the AMD-V
|
|
(SVM) extensions.
|
|
|
|
To compile this as a module, choose M here: the module
|
|
will be called kvm-amd.
|
|
|
|
config KVM_MMU_AUDIT
|
|
bool "Audit KVM MMU"
|
|
depends on KVM && TRACEPOINTS
|
|
---help---
|
|
This option adds a R/W kVM module parameter 'mmu_audit', which allows
|
|
auditing of KVM MMU events at runtime.
|
|
|
|
config KVM_DEVICE_ASSIGNMENT
|
|
bool "KVM legacy PCI device assignment support"
|
|
depends on KVM && PCI && IOMMU_API
|
|
default n
|
|
---help---
|
|
Provide support for legacy PCI device assignment through KVM. The
|
|
kernel now also supports a full featured userspace device driver
|
|
framework through VFIO, which supersedes this support and provides
|
|
better security.
|
|
|
|
If unsure, say N.
|
|
|
|
# OK, it's a little counter-intuitive to do this, but it puts it neatly under
|
|
# the virtualization menu.
|
|
source drivers/vhost/Kconfig
|
|
source drivers/lguest/Kconfig
|
|
|
|
endif # VIRTUALIZATION
|