101 lines
3.1 KiB
Plaintext
101 lines
3.1 KiB
Plaintext
|
# SPDX-License-Identifier: GPL-2.0-only
|
||
|
menuconfig VFIO
|
||
|
tristate "VFIO Non-Privileged userspace driver framework"
|
||
|
select IOMMU_API
|
||
|
depends on IOMMUFD || !IOMMUFD
|
||
|
select INTERVAL_TREE
|
||
|
select VFIO_GROUP if SPAPR_TCE_IOMMU || IOMMUFD=n
|
||
|
select VFIO_DEVICE_CDEV if !VFIO_GROUP
|
||
|
select VFIO_CONTAINER if IOMMUFD=n
|
||
|
help
|
||
|
VFIO provides a framework for secure userspace device drivers.
|
||
|
See Documentation/driver-api/vfio.rst for more details.
|
||
|
|
||
|
If you don't know what to do here, say N.
|
||
|
|
||
|
if VFIO
|
||
|
config VFIO_DEVICE_CDEV
|
||
|
bool "Support for the VFIO cdev /dev/vfio/devices/vfioX"
|
||
|
depends on IOMMUFD && !SPAPR_TCE_IOMMU
|
||
|
default !VFIO_GROUP
|
||
|
help
|
||
|
The VFIO device cdev is another way for userspace to get device
|
||
|
access. Userspace gets device fd by opening device cdev under
|
||
|
/dev/vfio/devices/vfioX, and then bind the device fd with an iommufd
|
||
|
to set up secure DMA context for device access. This interface does
|
||
|
not support noiommu.
|
||
|
|
||
|
If you don't know what to do here, say N.
|
||
|
|
||
|
config VFIO_GROUP
|
||
|
bool "Support for the VFIO group /dev/vfio/$group_id"
|
||
|
default y
|
||
|
help
|
||
|
VFIO group support provides the traditional model for accessing
|
||
|
devices through VFIO and is used by the majority of userspace
|
||
|
applications and drivers making use of VFIO.
|
||
|
|
||
|
If you don't know what to do here, say Y.
|
||
|
|
||
|
config VFIO_CONTAINER
|
||
|
bool "Support for the VFIO container /dev/vfio/vfio"
|
||
|
select VFIO_IOMMU_TYPE1 if MMU && (X86 || S390 || ARM || ARM64)
|
||
|
depends on VFIO_GROUP
|
||
|
default y
|
||
|
help
|
||
|
The VFIO container is the classic interface to VFIO for establishing
|
||
|
IOMMU mappings. If N is selected here then IOMMUFD must be used to
|
||
|
manage the mappings.
|
||
|
|
||
|
Unless testing IOMMUFD say Y here.
|
||
|
|
||
|
if VFIO_CONTAINER
|
||
|
config VFIO_IOMMU_TYPE1
|
||
|
tristate
|
||
|
default n
|
||
|
|
||
|
config VFIO_IOMMU_SPAPR_TCE
|
||
|
tristate
|
||
|
depends on SPAPR_TCE_IOMMU
|
||
|
default VFIO
|
||
|
endif
|
||
|
|
||
|
config VFIO_NOIOMMU
|
||
|
bool "VFIO No-IOMMU support"
|
||
|
depends on VFIO_GROUP
|
||
|
help
|
||
|
VFIO is built on the ability to isolate devices using the IOMMU.
|
||
|
Only with an IOMMU can userspace access to DMA capable devices be
|
||
|
considered secure. VFIO No-IOMMU mode enables IOMMU groups for
|
||
|
devices without IOMMU backing for the purpose of re-using the VFIO
|
||
|
infrastructure in a non-secure mode. Use of this mode will result
|
||
|
in an unsupportable kernel and will therefore taint the kernel.
|
||
|
Device assignment to virtual machines is also not possible with
|
||
|
this mode since there is no IOMMU to provide DMA translation.
|
||
|
|
||
|
If you don't know what to do here, say N.
|
||
|
|
||
|
config VFIO_VIRQFD
|
||
|
bool
|
||
|
select EVENTFD
|
||
|
default n
|
||
|
|
||
|
config VFIO_DEBUGFS
|
||
|
bool "Export VFIO internals in DebugFS"
|
||
|
depends on DEBUG_FS
|
||
|
help
|
||
|
Allows exposure of VFIO device internals. This option enables
|
||
|
the use of debugfs by VFIO drivers as required. The device can
|
||
|
cause the VFIO code create a top-level debug/vfio directory
|
||
|
during initialization, and then populate a subdirectory with
|
||
|
entries as required.
|
||
|
|
||
|
source "drivers/vfio/pci/Kconfig"
|
||
|
source "drivers/vfio/platform/Kconfig"
|
||
|
source "drivers/vfio/mdev/Kconfig"
|
||
|
source "drivers/vfio/fsl-mc/Kconfig"
|
||
|
source "drivers/vfio/cdx/Kconfig"
|
||
|
endif
|
||
|
|
||
|
source "virt/lib/Kconfig"
|