1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
|
config X86_64
def_bool y
config X86
def_bool y
select ACPI
select ACPI_LEGACY_TABLES_LOOKUP
select ARCH_SUPPORTS_INT128
select COMPAT
select CORE_PARKING
select HAS_ALTERNATIVE
select HAS_CPUFREQ
select HAS_EHCI
select HAS_EX_TABLE
select HAS_FAST_MULTIPLY
select HAS_IOPORTS
select HAS_KEXEC
select MEM_ACCESS_ALWAYS_ON
select HAS_MEM_PAGING
select HAS_NS16550
select HAS_PASSTHROUGH
select HAS_PCI
select HAS_PDX
select HAS_SCHED_GRANULARITY
select HAS_UBSAN
select HAS_VPCI if !PV_SHIM_EXCLUSIVE && HVM
select NEEDS_LIBELF
select NUMA
config ARCH_DEFCONFIG
string
default "arch/x86/configs/x86_64_defconfig"
config INDIRECT_THUNK
def_bool $(cc-option,-mindirect-branch-register)
config HAS_AS_CET_SS
# binutils >= 2.29 or LLVM >= 6
def_bool $(as-instr,wrssq %rax$(comma)0;setssbsy)
menu "Architecture Features"
source "arch/Kconfig"
config PV
def_bool y
prompt "PV support"
---help---
Interfaces to support PV domains. These require guest kernel support
to run as a PV guest, but don't require any specific hardware support.
This option is needed if you want to run PV domains.
If unsure, say Y.
config PV32
bool "Support for 32bit PV guests"
depends on PV
default y
---help---
The 32bit PV ABI uses Ring1, an area of the x86 architecture which
was deprecated and mostly removed in the AMD64 spec. As a result,
it occasionally conflicts with newer x86 hardware features, causing
overheads for Xen to maintain backwards compatibility.
People may wish to disable 32bit PV guests for attack surface
reduction, or performance reasons. Backwards compatibility can be
provided via the PV Shim mechanism.
If unsure, say Y.
config PV_LINEAR_PT
bool "Support for PV linear pagetables"
depends on PV
default y
---help---
Linear pagetables (also called "recursive pagetables") refers
to the practice of a guest operating system having pagetable
entries pointing to other pagetables of the same level (i.e.,
allowing L2 PTEs to point to other L2 pages). Some operating
systems use it as a simple way to consistently map the current
process's pagetables into its own virtual address space.
Linux and MiniOS don't use this technique. NetBSD and Novell
Netware do; there may be other custom operating systems which
do. If you're certain you don't plan on having PV guests
which use this feature, turning it off can reduce the attack
surface.
If unsure, say Y.
config HVM
def_bool !PV_SHIM_EXCLUSIVE
prompt "HVM support"
---help---
Interfaces to support HVM domains. HVM domains require hardware
virtualisation extensions (e.g. Intel VT-x, AMD SVM), but can boot
guests which have no specific Xen knowledge.
This option is needed if you want to run HVM or PVH domains.
If unsure, say Y.
config XEN_SHSTK
bool "Supervisor Shadow Stacks"
depends on HAS_AS_CET_SS && EXPERT
default y
---help---
Control-flow Enforcement Technology (CET) is a set of features in
hardware designed to combat Return-oriented Programming (ROP, also
call/jump COP/JOP) attacks. Shadow Stacks are one CET feature
designed to provide return address protection.
This option arranges for Xen to use CET-SS for its own protection.
When CET-SS is active, 32bit PV guests cannot be used. Backwards
compatiblity can be provided via the PV Shim mechanism.
config SHADOW_PAGING
bool "Shadow Paging"
default !PV_SHIM_EXCLUSIVE
---help---
Shadow paging is a software alternative to hardware paging support
(Intel EPT, AMD NPT).
It is required for:
* Running HVM guests on hardware lacking hardware paging support
(First-generation Intel VT-x or AMD SVM).
* Live migration of PV guests.
* L1TF sidechannel mitigation for PV guests.
Under a small number of specific workloads, shadow paging may be
deliberately used as a performance optimisation.
If unsure, say Y.
config BIGMEM
bool "big memory support"
default n
---help---
Allows Xen to support up to 123Tb of memory.
This requires enlarging struct page_info as well as shrinking
the always accessible direct mapped memory range.
If unsure, say N.
config HVM_FEP
bool "HVM Forced Emulation Prefix support" if EXPERT
default DEBUG
depends on HVM
---help---
Compiles in a feature that allows HVM guest to arbitrarily
exercise the instruction emulator.
This feature can only be enabled during boot time with
appropriate hypervisor command line option. Please read
hypervisor command line documentation before trying to use
this feature.
This is strictly for testing purposes, and not appropriate
for use in production.
If unsure, say N.
config TBOOT
bool "Xen tboot support" if EXPERT
default y if !PV_SHIM_EXCLUSIVE
select CRYPTO
---help---
Allows support for Trusted Boot using the Intel(R) Trusted Execution
Technology (TXT)
If unsure, say Y.
choice
prompt "Alignment of Xen image"
default XEN_ALIGN_2M if PV_SHIM_EXCLUSIVE
default XEN_ALIGN_DEFAULT
---help---
Specify alignment for Xen image.
If unsure, choose "default".
config XEN_ALIGN_DEFAULT
bool "Default alignment"
---help---
Pick alignment according to build variants.
For EFI build the default alignment is 2M. For ELF build
the default alignment is 4K due to syslinux failing to handle
the increment of image size induced by 2M alignment.
config XEN_ALIGN_2M
bool "2M alignment"
endchoice
config GUEST
bool
config XEN_GUEST
bool "Xen Guest"
select GUEST
---help---
Support for Xen detecting when it is running under Xen.
If unsure, say N.
config PVH_GUEST
def_bool y
prompt "PVH Guest"
depends on XEN_GUEST
---help---
Support booting using the PVH ABI.
If unsure, say Y.
config PV_SHIM
def_bool y
prompt "PV Shim"
depends on PV && XEN_GUEST
---help---
Build Xen with a mode which acts as a shim to allow PV guest to run
in an HVM/PVH container. This mode can only be enabled with command
line option.
If unsure, say Y.
config PV_SHIM_EXCLUSIVE
bool "PV Shim Exclusive"
depends on PV_SHIM
---help---
Build Xen in a way which unconditionally assumes PV_SHIM mode. This
option is only intended for use when building a dedicated PV Shim
firmware, and will not function correctly in other scenarios.
If unsure, say N.
if !PV_SHIM_EXCLUSIVE
config HYPERV_GUEST
bool "Hyper-V Guest"
select GUEST
---help---
Support for Xen detecting when it is running under Hyper-V.
If unsure, say N.
endif
config MEM_SHARING
bool "Xen memory sharing support" if EXPERT
depends on HVM
endmenu
source "common/Kconfig"
source "drivers/Kconfig"
|
