2 # For a description of the syntax of this configuration file,
3 # see Documentation/kbuild/kconfig-language.txt.
6 mainmenu "Linux Kernel Configuration"
12 This is the Linux Xen port.
26 config XEN_PRIVILEGED_GUEST
27 bool "Privileged Guest (domain 0)"
29 select XEN_PHYSDEV_ACCESS
31 Support for privileged operation (domain 0)
33 config XEN_PHYSDEV_ACCESS
34 bool "Physical device access"
35 default XEN_PRIVILEGED_GUEST
37 Assume access is available to physical hardware devices
38 (e.g., hard drives, network cards). This allows you to configure
39 such devices and also includes some low-level support that is
40 otherwise not compiled into the kernel.
42 config XEN_BLKDEV_BACKEND
43 bool "Block-device backend driver"
44 depends on XEN_PHYSDEV_ACCESS
47 The block-device backend driver allows the kernel to export its
48 block devices to other guests via a high-performance shared-memory
51 config XEN_BLKDEV_TAP_BE
52 bool "Block Tap support for backend driver (DANGEROUS)"
53 depends on XEN_BLKDEV_BACKEND
56 If you intend to use the block tap driver, the backend domain will
57 not know the domain id of the real frontend, and so will not be able
58 to map its data pages. This modifies the backend to attempt to map
59 from both the tap domain and the real frontend. This presents a
60 security risk, and so should ONLY be used for development
61 with the blktap. This option will be removed as the block drivers are
62 modified to use grant tables.
64 config XEN_BLKDEV_GRANT
65 bool "Grant table substrate for block drivers"
66 depends on !XEN_BLKDEV_TAP_BE
69 This introduces the use of grant tables as a data exhange mechanism
70 between the frontend and backend block drivers. This currently
71 conflicts with the block tap.
73 config XEN_NETDEV_BACKEND
74 bool "Network-device backend driver"
75 depends on XEN_PHYSDEV_ACCESS
78 The network-device backend driver allows the kernel to export its
79 network devices to other guests via a high-performance shared-memory
82 config XEN_BLKDEV_FRONTEND
83 bool "Block-device frontend driver"
86 The block-device frontend driver allows the kernel to access block
87 devices mounted within another guest OS. Unless you are building a
88 dedicated device-driver domain, or your master control domain
89 (domain 0), then you almost certainly want to say Y here.
91 config XEN_NETDEV_FRONTEND
92 bool "Network-device frontend driver"
95 The network-device frontend driver allows the kernel to access
96 network interfaces within another guest OS. Unless you are building a
97 dedicated device-driver domain, or your master control domain
98 (domain 0), then you almost certainly want to say Y here.
100 config XEN_NETDEV_FRONTEND_PIPELINED_TRANSMITTER
101 bool "Pipelined transmitter (DANGEROUS)"
102 depends on XEN_NETDEV_FRONTEND
105 The driver will assume that the backend is pipelining packets for
106 transmission: whenever packets are pending in the remote backend,
107 the driver will not send asynchronous notifications when it queues
108 additional packets for transmission.
109 If the backend is a dumb domain, such as a transparent Ethernet
110 bridge with no local IP interface, it is safe to say Y here to get
111 slightly lower network overhead.
112 If the backend has a local IP interface; or may be doing smart things
113 like reassembling packets to perform firewall filtering; or if you
114 are unsure; or if you experience network hangs when this option is
115 enabled; then you must say N here.
117 config XEN_BLKDEV_TAP
118 bool "Block device tap driver"
121 This driver allows a VM to interact on block device channels
122 to other VMs. Block messages may be passed through or redirected
123 to a character device, allowing device prototyping in application
124 space. Odds are that you want to say N here.
126 config XEN_SHADOW_MODE
127 bool "Fake shadow mode"
130 fakes out a shadow mode kernel
133 config XEN_SCRUB_PAGES
134 bool "Scrub memory before freeing it to Xen"
137 Erase memory contents before freeing it back to Xen's global
138 pool. This ensures that any secrets contained within that
139 memory (e.g., private keys) cannot be found by other guests that
140 may be running on the machine. Most people will want to say Y here.
141 If security is not a concern then you may increase performance by
145 prompt "Processor Type"
151 Choose this option if your computer is a X86 architecture.
156 Choose this option if your computer is a X86_64 architecture.
162 config HAVE_ARCH_DEV_ALLOC_SKB
166 source "init/Kconfig"
169 source "arch/xen/i386/Kconfig"
173 source "arch/xen/x86_64/Kconfig"
176 menu "Executable file formats"
178 source "fs/Kconfig.binfmt"
182 source "arch/xen/Kconfig.drivers"
186 source "arch/i386/Kconfig.debug"
188 source "kernel/vserver/Kconfig"
190 source "security/Kconfig"
192 source "crypto/Kconfig"