menu "Common Features" config COMPAT bool help 32-bit interface support on 64-bit Xen which is used for both HVM and PV guests. HVMLoader makes 32-bit hypercalls irrespective of the destination runmode of the guest. config CORE_PARKING bool config HAS_ALTERNATIVE bool config HAS_DEVICE_TREE bool config HAS_EX_TABLE bool config HAS_MEM_ACCESS bool config HAS_MEM_PAGING bool config HAS_MEM_SHARING bool config HAS_PDX bool config HAS_UBSAN bool config HAS_KEXEC bool config HAS_GDBSX bool config HAS_IOPORTS bool config HAS_BUILD_ID string option env="XEN_HAS_BUILD_ID" config HAS_CHECKPOLICY string option env="XEN_HAS_CHECKPOLICY" config KEXEC bool "kexec support" default y depends on HAS_KEXEC ---help--- Allows a running Xen hypervisor to be replaced with another OS without rebooting. This is primarily used to execute a crash environment to collect information on a Xen hypervisor or dom0 crash. If unsure, say Y. config TMEM def_bool y prompt "Transcendent Memory Support" if EXPERT = "y" ---help--- Transcendent memory allows PV-aware guests to collaborate on memory usage. Guests can 'swap' their memory to the hypervisor or have an collective pool of memory shared across guests. The end result is less memory usage by guests allowing higher guest density. You also have to enable it on the Xen commandline by using tmem=1 If unsure, say Y. config XENOPROF def_bool y prompt "Xen Oprofile Support" if EXPERT = "y" depends on X86 ---help--- Xen OProfile (Xenoprof) is a system-wide profiler for Xen virtual machine environments, capable of profiling the Xen virtual machine monitor, multiple Linux guest operating systems, and applications running on them. If unsure, say Y. config XSM bool "Xen Security Modules support" default n ---help--- Enables the security framework known as Xen Security Modules which allows administrators fine-grained control over a Xen domain and its capabilities by defining permissible interactions between domains, the hypervisor itself, and related resources such as memory and devices. If unsure, say N. config FLASK def_bool y prompt "FLux Advanced Security Kernel support" if EXPERT = "y" depends on XSM ---help--- Enables FLASK (FLux Advanced Security Kernel) as the access control mechanism used by the XSM framework. This provides a mandatory access control framework by which security enforcement, isolation, and auditing can be achieved with fine granular control via a security policy. If unsure, say Y. config FLASK_AVC_STATS def_bool y prompt "Maintain statistics on the FLASK access vector cache" if EXPERT = "y" depends on FLASK ---help--- Maintain counters on the access vector cache that can be viewed using the FLASK_AVC_CACHESTATS sub-op of the xsm_op hypercall. Disabling this will save a tiny amount of memory and time to update the stats. If unsure, say Y. config XSM_POLICY bool "Compile Xen with a built-in security policy" default y if HAS_CHECKPOLICY = "y" depends on XSM ---help--- This includes a default XSM policy in the hypervisor so that the bootloader does not need to load a policy to get sane behavior from an XSM-enabled hypervisor. If this is disabled, a policy must be provided by the bootloader or by Domain 0. Even if this is enabled, a policy provided by the bootloader will override it. This requires that the SELinux policy compiler (checkpolicy) be available when compiling the hypervisor. If unsure, say Y. config LATE_HWDOM bool "Dedicated hardware domain" default n depends on XSM && X86 ---help--- Allows the creation of a dedicated hardware domain distinct from domain 0 that manages devices without needing access to other privileged functionality such as the ability to manage domains. This requires that the actual domain 0 be a stub domain that constructs the actual hardware domain instead of initializing the hardware itself. Because the hardware domain needs access to hypercalls not available to unprivileged guests, an XSM policy is required to properly define the privilege of these domains. This feature does nothing if the "hardware_dom" boot parameter is not present. If this feature is being used for security, it should be combined with an IOMMU in strict mode. If unsure, say N. menu "Schedulers" visible if EXPERT = "y" config SCHED_CREDIT def_bool y ---help--- The traditional credit scheduler is a general purpose scheduler. config SCHED_CREDIT2 bool "Credit2 scheduler support" default y ---help--- The credit2 scheduler is a general purpose scheduler that is optimized for lower latency and higher VM density. config SCHED_RTDS bool "RTDS scheduler support (EXPERIMENTAL)" default y ---help--- The RTDS scheduler is a soft and firm real-time scheduler for multicore, targeted for embedded, automotive, graphics and gaming in the cloud, and general low-latency workloads. config SCHED_ARINC653 bool "ARINC653 scheduler support (EXPERIMENTAL)" default y ---help--- The ARINC653 scheduler is a hard real-time scheduler for single cores, targeted for avionics, drones, and medical devices. config SCHED_NULL bool "Null scheduler support (EXPERIMENTAL)" default y ---help--- The null scheduler is a static, zero overhead scheduler, for when there always are less vCPUs than pCPUs, typically in embedded or HPC scenarios. choice prompt "Default Scheduler?" default SCHED_CREDIT_DEFAULT config SCHED_CREDIT_DEFAULT bool "Credit Scheduler" if SCHED_CREDIT config SCHED_CREDIT2_DEFAULT bool "Credit2 Scheduler" if SCHED_CREDIT2 config SCHED_RTDS_DEFAULT bool "RT Scheduler" if SCHED_RTDS config SCHED_ARINC653_DEFAULT bool "ARINC653 Scheduler" if SCHED_ARINC653 config SCHED_NULL_DEFAULT bool "Null Scheduler" if SCHED_NULL endchoice config SCHED_DEFAULT string default "credit" if SCHED_CREDIT_DEFAULT default "credit2" if SCHED_CREDIT2_DEFAULT default "rtds" if SCHED_RTDS_DEFAULT default "arinc653" if SCHED_ARINC653_DEFAULT default "null" if SCHED_NULL_DEFAULT default "credit" endmenu config CRYPTO bool config LIVEPATCH bool "Live patching support" default X86 depends on HAS_BUILD_ID = "y" ---help--- Allows a running Xen hypervisor to be dynamically patched using binary patches without rebooting. This is primarily used to binarily patch in the field an hypervisor with XSA fixes. If unsure, say Y. config FAST_SYMBOL_LOOKUP bool "Fast symbol lookup (bigger binary)" default y depends on LIVEPATCH ---help--- When searching for symbol addresses we can use the built-in system that is optimized for searching symbols using addresses as the key. However using it for the inverse (find address using the symbol name) it is slow. This extra data and code (~55kB) speeds up the search. The only user of this is Live patching. If unsure, say Y. config SUPPRESS_DUPLICATE_SYMBOL_WARNINGS bool "Suppress duplicate symbol warnings" if !LIVEPATCH default y if !LIVEPATCH ---help--- Multiple symbols with the same name aren't generally a problem unless Live patching is to be used, so these warnings can be suppressed by enabling this option. Certain other options (known to produce many duplicate names) may select this to avoid the build becoming overly verbose. config CMDLINE string "Built-in hypervisor command string" if EXPERT = "y" default "" ---help--- Enter arguments here that should be compiled into the hypervisor image and used at boot time. When the system boots, this string will be parsed prior to the bootloader command line. So if a non-cumulative option is set both in this string and in the bootloader command line, only the latter one will take effect. config CMDLINE_OVERRIDE bool "Built-in command line overrides bootloader arguments" default n depends on CMDLINE != "" ---help--- Set this option to 'Y' to have the hypervisor ignore the bootloader command line, and use ONLY the built-in command line. This is used to work around broken bootloaders. This should be set to 'N' under normal conditions. endmenu