config LTO
bool "Link Time Optimisation"
depends on BROKEN
- ---help---
+ help
Enable Link Time Optimisation.
If unsure, say N.
config DEBUG
bool "Developer Checks"
default y
- ---help---
+ help
If you say Y here this will enable developer checks such as asserts
and extra printks. This option is intended for development purposes
only, and not for production use.
bool "Guest debugging with gdbsx"
depends on X86
default y
- ---help---
+ help
If you want to enable support for debugging guests from dom0 via
gdbsx then say Y.
config FRAME_POINTER
bool "Compile Xen with frame pointers"
default DEBUG
- ---help---
+ help
If you say Y here the resulting Xen will be slightly larger and
maybe slower, but it gives very useful debugging information
in case of any Xen bugs.
bool "Code coverage support"
depends on !LIVEPATCH
select SUPPRESS_DUPLICATE_SYMBOL_WARNINGS if !ENFORCE_UNIQUE_SYMBOLS
- ---help---
+ help
Enable code coverage support.
If unsure, say N here.
config DEBUG_LOCK_PROFILE
bool "Lock Profiling"
select DEBUG_LOCKS
- ---help---
+ help
Lock profiling allows you to see how often locks are taken and blocked.
You can use serial console to print (and reset) using 'l' and 'L'
respectively, or the 'xenlockprof' tool.
config DEBUG_LOCKS
bool "Lock debugging"
default DEBUG
- ---help---
+ help
Enable debugging features of lock handling. Some additional
checks will be performed when acquiring and releasing locks.
config PERF_COUNTERS
bool "Performance Counters"
- ---help---
+ help
Enables software performance counters that allows you to analyze
bottlenecks in the system. To access this data you can use serial
console to print (and reset) using 'p' and 'P' respectively, or
config PERF_ARRAYS
bool "Performance Counter Array Histograms"
depends on PERF_COUNTERS
- ---help---
+ help
Enables software performance counter array histograms.
config VERBOSE_DEBUG
bool "Verbose debug messages"
default DEBUG
- ---help---
+ help
Guest output from HYPERVISOR_console_io and hypervisor parsing
ELF images (dom0) will be logged in the Xen ring buffer.
config DEVICE_TREE_DEBUG
bool "Device tree debug messages"
depends on HAS_DEVICE_TREE
- ---help---
+ help
Device tree parsing and DOM0 device tree building messages are
logged in the Xen ring buffer.
If unsure, say N here.
config SCRUB_DEBUG
bool "Page scrubbing test"
default DEBUG
- ---help---
+ help
Verify that pages that need to be scrubbed before being allocated to
a guest are indeed scrubbed.
config UBSAN
bool "Undefined behaviour sanitizer"
depends on HAS_UBSAN
- ---help---
+ help
Enable undefined behaviour sanitizer. It uses compiler to insert code
snippets so that undefined behaviours in C are detected during runtime.
This requires a UBSAN capable compiler and it is a debug only feature.
config DEBUG_TRACE
bool "Debug trace support"
- ---help---
+ help
Debug trace enables to record debug trace messages which are printed
either directly to the console or are printed to console in case of
a system crash.
config XMEM_POOL_POISON
bool "Poison free xenpool blocks"
default DEBUG
- ---help---
+ help
Poison free blocks with 0xAA bytes and verify them when a block is
allocated in order to spot use-after-free issues.
config ACPI
bool "ACPI (Advanced Configuration and Power Interface) Support (UNSUPPORTED)" if UNSUPPORTED
depends on ARM_64 && ARM_EFI
- ---help---
+ help
Advanced Configuration and Power Interface (ACPI) support for Xen is
an alternative to device tree on ARM64. This requires UEFI.
depends on !NEW_VGIC
default n if ARM_32
default y if ARM_64
- ---help---
+ help
Driver for the ARM Generic Interrupt Controller v3.
If unsure, use the default setting.
config NEW_VGIC
bool "Use new VGIC implementation"
select GICV2
- ---help---
+ help
This is an alternative implementation of the ARM GIC interrupt
controller emulation, based on the Linux/KVM VGIC. It has a better
config SBSA_VUART_CONSOLE
bool "Emulated SBSA UART console support"
default y
- ---help---
+ help
Allows a guest to use SBSA Generic UART as a console. The
SBSA Generic UART implements a subset of ARM PL011 UART.
choice
prompt "Platform Support"
default ALL_PLAT
- ---help---
+ help
Choose which hardware platform to enable in Xen.
If unsure, choose ALL_PLAT.
config ALL_PLAT
bool "All Platforms"
- ---help---
+ help
Enable support for all available hardware platforms. It doesn't
automatically select any of the related drivers.
depends on ARM_64
select GICV3
select HAS_PL011
- ---help---
+ help
Enable all the required drivers for QEMU aarch64 virt emulated
machine.
depends on ARM_64
select HAS_SCIF
select IPMMU_VMSA
- ---help---
+ help
Enable all the required drivers for Renesas RCar3
config MPSOC
depends on ARM_64
select HAS_CADENCE_UART
select ARM_SMMU
- ---help---
+ help
Enable all the required drivers for Xilinx Ultrascale+ MPSoC
config NO_PLAT
bool "No Platforms"
- ---help---
+ help
Do not enable specific support for any platform.
endchoice
config PV
def_bool y
prompt "PV support"
- ---help---
+ help
Interfaces to support PV domains. These require guest kernel support
to run as a PV guest, but don't require any specific hardware support.
depends on PV
default PV_SHIM
select COMPAT
- ---help---
+ help
The 32bit PV ABI uses Ring1, an area of the x86 architecture which
was deprecated and mostly removed in the AMD64 spec. As a result,
it occasionally conflicts with newer x86 hardware features, causing
bool "Support for PV linear pagetables"
depends on PV
default y
- ---help---
+ help
Linear pagetables (also called "recursive pagetables") refers
to the practice of a guest operating system having pagetable
entries pointing to other pagetables of the same level (i.e.,
select COMPAT
select IOREQ_SERVER
select MEM_ACCESS_ALWAYS_ON
- ---help---
+ help
Interfaces to support HVM domains. HVM domains require hardware
virtualisation extensions (e.g. Intel VT-x, AMD SVM), but can boot
guests which have no specific Xen knowledge.
bool "Supervisor Shadow Stacks"
depends on HAS_AS_CET_SS
default y
- ---help---
+ help
Control-flow Enforcement Technology (CET) is a set of features in
hardware designed to combat Return-oriented Programming (ROP, also
call/jump COP/JOP) attacks. Shadow Stacks are one CET feature
bool "Shadow Paging"
default !PV_SHIM_EXCLUSIVE
depends on PV || HVM
- ---help---
+ help
Shadow paging is a software alternative to hardware paging support
(Intel EPT, AMD NPT).
config BIGMEM
bool "big memory support"
default n
- ---help---
+ help
Allows Xen to support up to 123Tb of memory.
This requires enlarging struct page_info as well as shrinking
bool "HVM Forced Emulation Prefix support (UNSUPPORTED)" if UNSUPPORTED
default DEBUG
depends on HVM
- ---help---
+ help
Compiles in a feature that allows HVM guest to arbitrarily
exercise the instruction emulator.
depends on UNSUPPORTED
default !PV_SHIM_EXCLUSIVE
select CRYPTO
- ---help---
+ help
Allows support for Trusted Boot using the Intel(R) Trusted Execution
Technology (TXT)
prompt "Alignment of Xen image"
default XEN_ALIGN_2M if PV_SHIM_EXCLUSIVE
default XEN_ALIGN_DEFAULT
- ---help---
+ help
Specify alignment for Xen image.
If unsure, choose "default".
config XEN_ALIGN_DEFAULT
bool "Default alignment"
- ---help---
+ help
Pick alignment according to build variants.
For EFI build the default alignment is 2M. For ELF build
config XEN_GUEST
bool "Xen Guest"
select GUEST
- ---help---
+ help
Support for Xen detecting when it is running under Xen.
If unsure, say N.
def_bool y
prompt "PVH Guest"
depends on XEN_GUEST
- ---help---
+ help
Support booting using the PVH ABI.
If unsure, say Y.
def_bool y
prompt "PV Shim"
depends on PV && XEN_GUEST
- ---help---
+ help
Build Xen with a mode which acts as a shim to allow PV guest to run
in an HVM/PVH container. This mode can only be enabled with command
line option.
config PV_SHIM_EXCLUSIVE
bool "PV Shim Exclusive"
depends on PV_SHIM
- ---help---
+ help
Build Xen in a way which unconditionally assumes PV_SHIM mode. This
option is only intended for use when building a dedicated PV Shim
firmware, and will not function correctly in other scenarios.
config HYPERV_GUEST
bool "Hyper-V Guest"
select GUEST
- ---help---
+ help
Support for Xen detecting when it is running under Hyper-V.
If unsure, say N.
config GRANT_TABLE
bool "Grant table support" if EXPERT
default y
- ---help---
+ help
Grant table provides a generic mechanism to memory sharing
between domains. This shared memory interface underpins the
split device drivers for block and network IO in a classic
def_bool MEM_ACCESS_ALWAYS_ON
prompt "Memory Access and VM events" if !MEM_ACCESS_ALWAYS_ON
depends on HVM
- ---help---
+ help
Framework to configure memory access types for guests and receive
related events in userspace.
config SPECULATIVE_HARDEN_ARRAY
bool "Speculative Array Hardening"
default y
- ---help---
+ help
Contemporary processors may use speculative execution as a
performance optimisation, but this can potentially be abused by an
attacker to leak data via speculative sidechannels.
bool "Speculative Branch Hardening"
default y
depends on X86
- ---help---
+ help
Contemporary processors may use speculative execution as a
performance optimisation, but this can potentially be abused by an
attacker to leak data via speculative sidechannels.
config HYPFS
bool "Hypervisor file system support"
default y
- ---help---
+ help
Support Xen hypervisor file system. This file system is used to
present various hypervisor internal data to dom0 and in some
cases to allow modifying settings. Disabling the support will
bool "Provide hypervisor .config via hypfs entry"
default y
depends on HYPFS
- ---help---
+ help
When enabled the contents of the .config file used to build the
hypervisor are provided via the hypfs entry /buildinfo/config.
bool "IOREQ support (EXPERT)" if EXPERT && !X86
default X86
depends on HVM
- ---help---
+ help
Enables generic mechanism for providing emulated devices to the guests.
If unsure, say N.
bool "kexec support"
default y
depends on HAS_KEXEC
- ---help---
+ help
Allows a running Xen hypervisor to be replaced with another OS
without rebooting. This is primarily used to execute a crash
environment to collect information on a Xen hypervisor or dom0 crash.
config EFI_SET_VIRTUAL_ADDRESS_MAP
bool "EFI: call SetVirtualAddressMap()" if EXPERT
- ---help---
+ help
Call EFI SetVirtualAddressMap() runtime service to setup memory map for
further runtime services. According to UEFI spec, it isn't strictly
necessary, but many UEFI implementations misbehave when this call is
config XSM
bool "Xen Security Modules support"
default ARM
- ---help---
+ help
Enables the security framework known as Xen Security Modules which
allows administrators fine-grained control over a Xen domain and
its capabilities by defining permissible interactions between domains,
def_bool y
prompt "FLux Advanced Security Kernel support"
depends on XSM
- ---help---
+ help
Enables FLASK (FLux Advanced Security Kernel) as the access control
mechanism used by the XSM framework. This provides a mandatory access
control framework by which security enforcement, isolation, and
def_bool y
prompt "Maintain statistics on the FLASK access vector cache" if EXPERT
depends on XSM_FLASK
- ---help---
+ help
Maintain counters on the access vector cache that can be viewed using
the FLASK_AVC_CACHESTATS sub-op of the xsm_op hypercall. Disabling
this will save a tiny amount of memory and time to update the stats.
bool "Compile Xen with a built-in FLASK security policy"
default y if "$(XEN_HAS_CHECKPOLICY)" = "y"
depends on XSM_FLASK
- ---help---
+ help
This includes a default XSM policy in the hypervisor so that the
bootloader does not need to load a policy to get sane behavior from an
XSM-enabled hypervisor. If this is disabled, a policy must be
def_bool y
prompt "SILO support"
depends on XSM
- ---help---
+ help
Enables SILO as the access control mechanism used by the XSM framework.
This is not the default module, add boot parameter xsm=silo to choose
it. This will deny any unmediated communication channels (grant tables
bool "Dedicated hardware domain"
default n
depends on XSM && X86
- ---help---
+ help
Allows the creation of a dedicated hardware domain distinct from
domain 0 that manages devices without needing access to other
privileged functionality such as the ability to manage domains.
config ARGO
bool "Argo: hypervisor-mediated interdomain communication (UNSUPPORTED)" if UNSUPPORTED
- ---help---
+ help
Enables a hypercall for domains to ask the hypervisor to perform
data transfer of messages between domains.
default X86
depends on "$(XEN_HAS_BUILD_ID)" = "y"
select CC_SPLIT_SECTIONS
- ---help---
+ help
Allows a running Xen hypervisor to be dynamically patched using
binary patches without rebooting. This is primarily used to binarily
patch in the field an hypervisor with XSA fixes.
bool "Fast symbol lookup (bigger binary)"
default y
depends on LIVEPATCH
- ---help---
+ help
When searching for symbol addresses we can use the built-in system
that is optimized for searching symbols using addresses as the key.
However using it for the inverse (find address using the symbol name)
config ENFORCE_UNIQUE_SYMBOLS
bool "Enforce unique symbols"
default LIVEPATCH
- ---help---
+ help
Multiple symbols with the same name aren't generally a problem
unless livepatching is to be used.
config SUPPRESS_DUPLICATE_SYMBOL_WARNINGS
bool "Suppress duplicate symbol warnings"
depends on !ENFORCE_UNIQUE_SYMBOLS
- ---help---
+ help
Multiple symbols with the same name aren't generally a problem
unless Live patching is to be used, so these warnings can be
suppressed by enabling this option. Certain other options (known
config CMDLINE
string "Built-in hypervisor command string" if EXPERT
default ""
- ---help---
+ help
Enter arguments here that should be compiled into the hypervisor
image and used at boot time. When the system boots, this string
will be parsed prior to the bootloader command line. So if a
bool "Built-in command line overrides bootloader arguments"
default n
depends on CMDLINE != ""
- ---help---
+ help
Set this option to 'Y' to have the hypervisor ignore the bootloader
command line, and use ONLY the built-in command line.
config DOM0_MEM
string "Default value for dom0_mem boot parameter"
default ""
- ---help---
+ help
Sets a default value for dom0_mem, e.g. "512M".
The specified string will be used for the dom0_mem parameter in
case it was not specified on the command line.
config TRACEBUFFER
bool "Enable tracing infrastructure" if EXPERT
default y
- ---help---
+ help
Enable tracing infrastructure and pre-defined tracepoints within Xen.
This will allow live information about Xen's execution and performance
to be collected at run time for debugging or performance analysis.
config SCHED_CREDIT
bool "Credit scheduler support"
default y
- ---help---
+ help
The traditional credit scheduler is a general purpose scheduler.
config SCHED_CREDIT2
bool "Credit2 scheduler support"
default y
- ---help---
+ help
The credit2 scheduler is a general purpose scheduler that is
optimized for lower latency and higher VM density.
config SCHED_RTDS
bool "RTDS scheduler support (UNSUPPORTED)" if UNSUPPORTED
default DEBUG
- ---help---
+ help
The RTDS scheduler is a soft and firm real-time scheduler for
multicore, targeted for embedded, automotive, graphics and gaming
in the cloud, and general low-latency workloads.
config SCHED_ARINC653
bool "ARINC653 scheduler support (UNSUPPORTED)" if UNSUPPORTED
default DEBUG
- ---help---
+ help
The ARINC653 scheduler is a hard real-time scheduler for single
cores, targeted for avionics, drones, and medical devices.
config SCHED_NULL
bool "Null scheduler support (UNSUPPORTED)" if UNSUPPORTED
default PV_SHIM || DEBUG
- ---help---
+ help
The null scheduler is a static, zero overhead scheduler,
for when there always are less vCPUs than pCPUs, typically
in embedded or HPC scenarios.
config ARM_SMMU
bool "ARM SMMUv1 and v2 driver"
default y
- ---help---
+ help
Support for implementations of the ARM System MMU architecture
versions 1 and 2.
config ARM_SMMU_V3
bool "ARM Ltd. System MMU Version 3 (SMMUv3) Support" if EXPERT
depends on ARM_64 && (!ACPI || BROKEN)
- ---help---
+ help
Support for implementations of the ARM System MMU architecture
version 3. Driver is in experimental stage and should not be used in
production.
config IPMMU_VMSA
bool "Renesas IPMMU-VMSA found in R-Car Gen3/Gen4 SoCs"
depends on ARM_64
- ---help---
+ help
Support for implementations of the Renesas IPMMU-VMSA found
in R-Car Gen3/Gen4 SoCs.
prompt "IOMMU device quarantining default behavior"
depends on HAS_PCI
default IOMMU_QUARANTINE_BASIC
- ---help---
+ help
When a PCI device is assigned to an untrusted domain, it is possible
for that domain to program the device to DMA to an arbitrary address.
The IOMMU is used to protect the host from malicious DMA by making
select VIDEO
depends on X86
default y if !PV_SHIM_EXCLUSIVE
- ---help---
+ help
Enable VGA output for the Xen hypervisor.
If unsure, say Y.
"endchoice" return T_ENDCHOICE;
"endif" return T_ENDIF;
"endmenu" return T_ENDMENU;
-"help"|"---help---" return T_HELP;
+"help" return T_HELP;
"hex" return T_HEX;
"if" return T_IF;
"imply" return T_IMPLY;
projects / people / royger / xen.git / commitdiff