mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-09-28 21:33:52 +00:00
79e06c4c49
- Use common KVM implementation of MMU memory caches
- SBI v0.2 support for Guest
- Initial KVM selftests support
- Fix to avoid spurious virtual interrupts after clearing hideleg CSR
- Update email address for Anup and Atish
ARM:
- Simplification of the 'vcpu first run' by integrating it into
KVM's 'pid change' flow
- Refactoring of the FP and SVE state tracking, also leading to
a simpler state and less shared data between EL1 and EL2 in
the nVHE case
- Tidy up the header file usage for the nvhe hyp object
- New HYP unsharing mechanism, finally allowing pages to be
unmapped from the Stage-1 EL2 page-tables
- Various pKVM cleanups around refcounting and sharing
- A couple of vgic fixes for bugs that would trigger once
the vcpu xarray rework is merged, but not sooner
- Add minimal support for ARMv8.7's PMU extension
- Rework kvm_pgtable initialisation ahead of the NV work
- New selftest for IRQ injection
- Teach selftests about the lack of default IPA space and
page sizes
- Expand sysreg selftest to deal with Pointer Authentication
- The usual bunch of cleanups and doc update
s390:
- fix sigp sense/start/stop/inconsistency
- cleanups
x86:
- Clean up some function prototypes more
- improved gfn_to_pfn_cache with proper invalidation, used by Xen emulation
- add KVM_IRQ_ROUTING_XEN_EVTCHN and event channel delivery
- completely remove potential TOC/TOU races in nested SVM consistency checks
- update some PMCs on emulated instructions
- Intel AMX support (joint work between Thomas and Intel)
- large MMU cleanups
- module parameter to disable PMU virtualization
- cleanup register cache
- first part of halt handling cleanups
- Hyper-V enlightened MSR bitmap support for nested hypervisors
Generic:
- clean up Makefiles
- introduce CONFIG_HAVE_KVM_DIRTY_RING
- optimize memslot lookup using a tree
- optimize vCPU array usage by converting to xarray
-----BEGIN PGP SIGNATURE-----
iQFIBAABCAAyFiEE8TM4V0tmI4mGbHaCv/vSX3jHroMFAmHhxvsUHHBib256aW5p
QHJlZGhhdC5jb20ACgkQv/vSX3jHroPZkAf+Nz92UL/5nNGcdHtE4m7AToMmitE9
bYkesf9BMQvAe5wjkABLuoHGi6ay4jabo4fiGzbdkiK7lO5YgfsWiMB3/MT5fl4E
jRPzaVQabp3YZLM8UYCBmfUVuRj524S967SfSRe0AvYjDEH8y7klPf4+7sCsFT0/
Px9Vf2KGuOlf0eM78yKg4rGaF0jS22eLgXm6FfNMY8/e29ZAo/jyUmqBY+Z2xxZG
aWhceDtSheW1jwLHLj3nOlQJvHTn8LVGXBE/R8Gda3ZjrBV2rKaDi4Fh+HD+dz86
2zVXwzQ7uck2CMW73GMoXMTWoKSHMyvlBOs1BdvBm4UsnGcXR+q8IFCeuQ==
=s73m
-----END PGP SIGNATURE-----
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
Pull kvm updates from Paolo Bonzini:
"RISCV:
- Use common KVM implementation of MMU memory caches
- SBI v0.2 support for Guest
- Initial KVM selftests support
- Fix to avoid spurious virtual interrupts after clearing hideleg CSR
- Update email address for Anup and Atish
ARM:
- Simplification of the 'vcpu first run' by integrating it into KVM's
'pid change' flow
- Refactoring of the FP and SVE state tracking, also leading to a
simpler state and less shared data between EL1 and EL2 in the nVHE
case
- Tidy up the header file usage for the nvhe hyp object
- New HYP unsharing mechanism, finally allowing pages to be unmapped
from the Stage-1 EL2 page-tables
- Various pKVM cleanups around refcounting and sharing
- A couple of vgic fixes for bugs that would trigger once the vcpu
xarray rework is merged, but not sooner
- Add minimal support for ARMv8.7's PMU extension
- Rework kvm_pgtable initialisation ahead of the NV work
- New selftest for IRQ injection
- Teach selftests about the lack of default IPA space and page sizes
- Expand sysreg selftest to deal with Pointer Authentication
- The usual bunch of cleanups and doc update
s390:
- fix sigp sense/start/stop/inconsistency
- cleanups
x86:
- Clean up some function prototypes more
- improved gfn_to_pfn_cache with proper invalidation, used by Xen
emulation
- add KVM_IRQ_ROUTING_XEN_EVTCHN and event channel delivery
- completely remove potential TOC/TOU races in nested SVM consistency
checks
- update some PMCs on emulated instructions
- Intel AMX support (joint work between Thomas and Intel)
- large MMU cleanups
- module parameter to disable PMU virtualization
- cleanup register cache
- first part of halt handling cleanups
- Hyper-V enlightened MSR bitmap support for nested hypervisors
Generic:
- clean up Makefiles
- introduce CONFIG_HAVE_KVM_DIRTY_RING
- optimize memslot lookup using a tree
- optimize vCPU array usage by converting to xarray"
* tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm: (268 commits)
x86/fpu: Fix inline prefix warnings
selftest: kvm: Add amx selftest
selftest: kvm: Move struct kvm_x86_state to header
selftest: kvm: Reorder vcpu_load_state steps for AMX
kvm: x86: Disable interception for IA32_XFD on demand
x86/fpu: Provide fpu_sync_guest_vmexit_xfd_state()
kvm: selftests: Add support for KVM_CAP_XSAVE2
kvm: x86: Add support for getting/setting expanded xstate buffer
x86/fpu: Add uabi_size to guest_fpu
kvm: x86: Add CPUID support for Intel AMX
kvm: x86: Add XCR0 support for Intel AMX
kvm: x86: Disable RDMSR interception of IA32_XFD_ERR
kvm: x86: Emulate IA32_XFD_ERR for guest
kvm: x86: Intercept #NM for saving IA32_XFD_ERR
x86/fpu: Prepare xfd_err in struct fpu_guest
kvm: x86: Add emulation for IA32_XFD
x86/fpu: Provide fpu_update_guest_xfd() for IA32_XFD emulation
kvm: x86: Enable dynamic xfeatures at KVM_SET_CPUID2
x86/fpu: Provide fpu_enable_guest_xfd_features() for KVM
x86/fpu: Add guest support to xfd_enable_feature()
...
139 lines
3.7 KiB
Text
139 lines
3.7 KiB
Text
# SPDX-License-Identifier: GPL-2.0
|
|
#
|
|
# KVM configuration
|
|
#
|
|
|
|
source "virt/kvm/Kconfig"
|
|
|
|
menuconfig VIRTUALIZATION
|
|
bool "Virtualization"
|
|
depends on HAVE_KVM || X86
|
|
default y
|
|
help
|
|
Say Y here to get to see options for using your Linux host to run other
|
|
operating systems inside virtual machines (guests).
|
|
This option alone does not add any kernel code.
|
|
|
|
If you say N, all options in this submenu will be skipped and disabled.
|
|
|
|
if VIRTUALIZATION
|
|
|
|
config KVM
|
|
tristate "Kernel-based Virtual Machine (KVM) support"
|
|
depends on HAVE_KVM
|
|
depends on HIGH_RES_TIMERS
|
|
depends on X86_LOCAL_APIC
|
|
select PREEMPT_NOTIFIERS
|
|
select MMU_NOTIFIER
|
|
select HAVE_KVM_IRQCHIP
|
|
select HAVE_KVM_PFNCACHE
|
|
select HAVE_KVM_IRQFD
|
|
select HAVE_KVM_DIRTY_RING
|
|
select IRQ_BYPASS_MANAGER
|
|
select HAVE_KVM_IRQ_BYPASS
|
|
select HAVE_KVM_IRQ_ROUTING
|
|
select HAVE_KVM_EVENTFD
|
|
select KVM_ASYNC_PF
|
|
select USER_RETURN_NOTIFIER
|
|
select KVM_MMIO
|
|
select SCHED_INFO
|
|
select PERF_EVENTS
|
|
select GUEST_PERF_EVENTS
|
|
select HAVE_KVM_MSI
|
|
select HAVE_KVM_CPU_RELAX_INTERCEPT
|
|
select HAVE_KVM_NO_POLL
|
|
select KVM_XFER_TO_GUEST_WORK
|
|
select KVM_GENERIC_DIRTYLOG_READ_PROTECT
|
|
select KVM_VFIO
|
|
select SRCU
|
|
select INTERVAL_TREE
|
|
select HAVE_KVM_PM_NOTIFIER if PM
|
|
help
|
|
Support hosting fully virtualized guest machines using hardware
|
|
virtualization extensions. You will need a fairly recent
|
|
processor equipped with virtualization extensions. You will also
|
|
need to select one or more of the processor modules below.
|
|
|
|
This module provides access to the hardware capabilities through
|
|
a character device node named /dev/kvm.
|
|
|
|
To compile this as a module, choose M here: the module
|
|
will be called kvm.
|
|
|
|
If unsure, say N.
|
|
|
|
config KVM_WERROR
|
|
bool "Compile KVM with -Werror"
|
|
# KASAN may cause the build to fail due to larger frames
|
|
default y if X86_64 && !KASAN
|
|
# We use the dependency on !COMPILE_TEST to not be enabled
|
|
# blindly in allmodconfig or allyesconfig configurations
|
|
depends on KVM
|
|
depends on (X86_64 && !KASAN) || !COMPILE_TEST
|
|
depends on EXPERT
|
|
help
|
|
Add -Werror to the build flags for KVM.
|
|
|
|
If in doubt, say "N".
|
|
|
|
config KVM_INTEL
|
|
tristate "KVM for Intel (and compatible) processors support"
|
|
depends on KVM && IA32_FEAT_CTL
|
|
help
|
|
Provides support for KVM on processors equipped with Intel's VT
|
|
extensions, a.k.a. Virtual Machine Extensions (VMX).
|
|
|
|
To compile this as a module, choose M here: the module
|
|
will be called kvm-intel.
|
|
|
|
config X86_SGX_KVM
|
|
bool "Software Guard eXtensions (SGX) Virtualization"
|
|
depends on X86_SGX && KVM_INTEL
|
|
help
|
|
|
|
Enables KVM guests to create SGX enclaves.
|
|
|
|
This includes support to expose "raw" unreclaimable enclave memory to
|
|
guests via a device node, e.g. /dev/sgx_vepc.
|
|
|
|
If unsure, say N.
|
|
|
|
config KVM_AMD
|
|
tristate "KVM for AMD processors support"
|
|
depends on KVM
|
|
help
|
|
Provides support for KVM on AMD processors equipped with the AMD-V
|
|
(SVM) extensions.
|
|
|
|
To compile this as a module, choose M here: the module
|
|
will be called kvm-amd.
|
|
|
|
config KVM_AMD_SEV
|
|
def_bool y
|
|
bool "AMD Secure Encrypted Virtualization (SEV) support"
|
|
depends on KVM_AMD && X86_64
|
|
depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=y && CRYPTO_DEV_CCP_DD=m)
|
|
help
|
|
Provides support for launching Encrypted VMs (SEV) and Encrypted VMs
|
|
with Encrypted State (SEV-ES) on AMD processors.
|
|
|
|
config KVM_XEN
|
|
bool "Support for Xen hypercall interface"
|
|
depends on KVM
|
|
help
|
|
Provides KVM support for the hosting Xen HVM guests and
|
|
passing Xen hypercalls to userspace.
|
|
|
|
If in doubt, say "N".
|
|
|
|
config KVM_MMU_AUDIT
|
|
bool "Audit KVM MMU"
|
|
depends on KVM && TRACEPOINTS
|
|
help
|
|
This option adds a R/W kVM module parameter 'mmu_audit', which allows
|
|
auditing of KVM MMU events at runtime.
|
|
|
|
config KVM_EXTERNAL_WRITE_TRACKING
|
|
bool
|
|
|
|
endif # VIRTUALIZATION
|