mirror of
https://github.com/torvalds/linux
synced 2024-11-05 18:23:50 +00:00
d30f370d3a
Prevent a config where KVM_AMD=y and CRYPTO_DEV_CCP_DD=m thereby ensuring
that AMD Secure Processor device driver will be built-in when KVM_AMD is
also built-in.
v1->v2:
* Removed usage of 'imply' Kconfig option.
* Change patch commit message.
Fixes: 505c9e94d8 ("KVM: x86: prefer "depends on" to "select" for SEV")
Cc: <stable@vger.kernel.org> # 4.16.x
Signed-off-by: Janakarajan Natarajan <Janakarajan.Natarajan@amd.com>
Reviewed-by: Brijesh Singh <brijesh.singh@amd.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
103 lines
2.8 KiB
Text
103 lines
2.8 KiB
Text
# SPDX-License-Identifier: GPL-2.0
|
|
#
|
|
# KVM configuration
|
|
#
|
|
|
|
source "virt/kvm/Kconfig"
|
|
|
|
menuconfig VIRTUALIZATION
|
|
bool "Virtualization"
|
|
depends on HAVE_KVM || X86
|
|
default y
|
|
---help---
|
|
Say Y here to get to see options for using your Linux host to run other
|
|
operating systems inside virtual machines (guests).
|
|
This option alone does not add any kernel code.
|
|
|
|
If you say N, all options in this submenu will be skipped and disabled.
|
|
|
|
if VIRTUALIZATION
|
|
|
|
config KVM
|
|
tristate "Kernel-based Virtual Machine (KVM) support"
|
|
depends on HAVE_KVM
|
|
depends on HIGH_RES_TIMERS
|
|
# for TASKSTATS/TASK_DELAY_ACCT:
|
|
depends on NET && MULTIUSER
|
|
depends on X86_LOCAL_APIC
|
|
select PREEMPT_NOTIFIERS
|
|
select MMU_NOTIFIER
|
|
select ANON_INODES
|
|
select HAVE_KVM_IRQCHIP
|
|
select HAVE_KVM_IRQFD
|
|
select IRQ_BYPASS_MANAGER
|
|
select HAVE_KVM_IRQ_BYPASS
|
|
select HAVE_KVM_IRQ_ROUTING
|
|
select HAVE_KVM_EVENTFD
|
|
select KVM_ASYNC_PF
|
|
select USER_RETURN_NOTIFIER
|
|
select KVM_MMIO
|
|
select TASKSTATS
|
|
select TASK_DELAY_ACCT
|
|
select PERF_EVENTS
|
|
select HAVE_KVM_MSI
|
|
select HAVE_KVM_CPU_RELAX_INTERCEPT
|
|
select KVM_GENERIC_DIRTYLOG_READ_PROTECT
|
|
select KVM_VFIO
|
|
select SRCU
|
|
---help---
|
|
Support hosting fully virtualized guest machines using hardware
|
|
virtualization extensions. You will need a fairly recent
|
|
processor equipped with virtualization extensions. You will also
|
|
need to select one or more of the processor modules below.
|
|
|
|
This module provides access to the hardware capabilities through
|
|
a character device node named /dev/kvm.
|
|
|
|
To compile this as a module, choose M here: the module
|
|
will be called kvm.
|
|
|
|
If unsure, say N.
|
|
|
|
config KVM_INTEL
|
|
tristate "KVM for Intel processors support"
|
|
depends on KVM
|
|
# for perf_guest_get_msrs():
|
|
depends on CPU_SUP_INTEL
|
|
---help---
|
|
Provides support for KVM on Intel processors equipped with the VT
|
|
extensions.
|
|
|
|
To compile this as a module, choose M here: the module
|
|
will be called kvm-intel.
|
|
|
|
config KVM_AMD
|
|
tristate "KVM for AMD processors support"
|
|
depends on KVM
|
|
---help---
|
|
Provides support for KVM on AMD processors equipped with the AMD-V
|
|
(SVM) extensions.
|
|
|
|
To compile this as a module, choose M here: the module
|
|
will be called kvm-amd.
|
|
|
|
config KVM_AMD_SEV
|
|
def_bool y
|
|
bool "AMD Secure Encrypted Virtualization (SEV) support"
|
|
depends on KVM_AMD && X86_64
|
|
depends on CRYPTO_DEV_SP_PSP && !(KVM_AMD=y && CRYPTO_DEV_CCP_DD=m)
|
|
---help---
|
|
Provides support for launching Encrypted VMs on AMD processors.
|
|
|
|
config KVM_MMU_AUDIT
|
|
bool "Audit KVM MMU"
|
|
depends on KVM && TRACEPOINTS
|
|
---help---
|
|
This option adds a R/W kVM module parameter 'mmu_audit', which allows
|
|
auditing of KVM MMU events at runtime.
|
|
|
|
# OK, it's a little counter-intuitive to do this, but it puts it neatly under
|
|
# the virtualization menu.
|
|
source drivers/vhost/Kconfig
|
|
|
|
endif # VIRTUALIZATION
|