1. Patchew
  2. Xen
  3. View series

[PATCH] x86/hvm: add HVM-specific Kconfig

dmkhn@proton.me posted 1 patch 1 month ago
Patches applied successfully (tree, apply log)
git fetch https://gitlab.com/xen-project/patchew/xen tags/patchew/20250207220302.4190210-1-dmukhin@ford.com
There is a newer version of this series
xen/arch/x86/Kconfig     | 76 +---------------------------------------
xen/arch/x86/hvm/Kconfig | 73 ++++++++++++++++++++++++++++++++++++++
2 files changed, 74 insertions(+), 75 deletions(-)
create mode 100644 xen/arch/x86/hvm/Kconfig
[PATCH] x86/hvm: add HVM-specific Kconfig
Posted by dmkhn@proton.me 1 month ago 
Add separate menu for configuring HVM build-time settings to help organizing
HVM-specific options.

Signed-off-by: Denis Mukhin <dmukhin@ford.com>

---
Link to the original patch:
  https://lore.kernel.org/xen-devel/20250103-vuart-ns8250-v3-v1-20-c5d36b31d66c@ford.com/
---
---
 xen/arch/x86/Kconfig     | 76 +---------------------------------------
 xen/arch/x86/hvm/Kconfig | 73 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 74 insertions(+), 75 deletions(-)
 create mode 100644 xen/arch/x86/hvm/Kconfig

diff --git a/xen/arch/x86/Kconfig b/xen/arch/x86/Kconfig
index 9cdd04721a..37362c205d 100644
--- a/xen/arch/x86/Kconfig
+++ b/xen/arch/x86/Kconfig
@@ -30,7 +30,6 @@ config X86
 	select HAS_SCHED_GRANULARITY
 	select HAS_UBSAN
 	select HAS_VMAP
-	select HAS_VPCI if HVM
 	select NEEDS_LIBELF
 
 config ARCH_DEFCONFIG
@@ -107,42 +106,7 @@ config PV_LINEAR_PT
 
          If unsure, say Y.
 
-config HVM
-	bool "HVM support"
-	depends on !PV_SHIM_EXCLUSIVE
-	default !PV_SHIM
-	select COMPAT
-	select IOREQ_SERVER
-	select MEM_ACCESS_ALWAYS_ON
-	help
-	  Interfaces to support HVM domains.  HVM domains require hardware
-	  virtualisation extensions (e.g. Intel VT-x, AMD SVM), but can boot
-	  guests which have no specific Xen knowledge.
-
-	  This option is needed if you want to run HVM or PVH domains.
-
-	  If unsure, say Y.
-
-config AMD_SVM
-	bool "AMD-V" if EXPERT
-	depends on HVM
-	default y
-	help
-	  Enables virtual machine extensions on platforms that implement the
-	  AMD Virtualization Technology (AMD-V).
-	  If your system includes a processor with AMD-V support, say Y.
-	  If in doubt, say Y.
-
-config INTEL_VMX
-	bool "Intel VT-x" if EXPERT
-	depends on HVM
-	default y
-	select ARCH_VCPU_IOREQ_COMPLETION
-	help
-	  Enables virtual machine extensions on platforms that implement the
-	  Intel Virtualization Technology (Intel VT-x).
-	  If your system includes a processor with Intel VT-x support, say Y.
-	  If in doubt, say Y.
+source "arch/x86/hvm/Kconfig"
 
 config XEN_SHSTK
 	bool "Supervisor Shadow Stacks"
@@ -201,25 +165,6 @@ config BIGMEM
 
 	  If unsure, say N.
 
-config HVM_FEP
-	bool "HVM Forced Emulation Prefix support (UNSUPPORTED)" if UNSUPPORTED
-	default DEBUG
-	depends on HVM
-	help
-
-	  Compiles in a feature that allows HVM guest to arbitrarily
-	  exercise the instruction emulator.
-
-	  This feature can only be enabled during boot time with
-	  appropriate hypervisor command line option. Please read
-	  hypervisor command line documentation before trying to use
-	  this feature.
-
-	  This is strictly for testing purposes, and not appropriate
-	  for use in production.
-
-	  If unsure, say N.
-
 config TBOOT
 	bool "Xen tboot support (UNSUPPORTED)"
 	depends on INTEL && UNSUPPORTED
@@ -348,14 +293,6 @@ config HYPERV_GUEST
 
 endif
 
-config MEM_PAGING
-	bool "Xen memory paging support (UNSUPPORTED)" if UNSUPPORTED
-	depends on HVM
-
-config MEM_SHARING
-	bool "Xen memory sharing support (UNSUPPORTED)" if UNSUPPORTED
-	depends on HVM
-
 config REQUIRE_NX
 	bool "Require NX (No eXecute) support"
 	help
@@ -372,17 +309,6 @@ config REQUIRE_NX
 	  was unavailable. However, if enabled, Xen will no longer boot on
 	  any CPU which is lacking NX support.
 
-config ALTP2M
-	bool "Alternate P2M support" if EXPERT
-	depends on INTEL_VMX
-	default y
-	help
-	  Alternate-p2m allows a guest to manage multiple p2m guest physical
-	  "memory views" (as opposed to a single p2m).
-	  Useful for memory introspection.
-
-	  If unsure, stay with defaults.
-
 endmenu
 
 source "common/Kconfig"
diff --git a/xen/arch/x86/hvm/Kconfig b/xen/arch/x86/hvm/Kconfig
new file mode 100644
index 0000000000..cbfeb5e4f4
--- /dev/null
+++ b/xen/arch/x86/hvm/Kconfig
@@ -0,0 +1,73 @@
+menuconfig HVM
+	bool "HVM support"
+	depends on !PV_SHIM_EXCLUSIVE
+	default !PV_SHIM
+	select COMPAT
+	select HAS_VPCI
+	select IOREQ_SERVER
+	select MEM_ACCESS_ALWAYS_ON
+	help
+	  Interfaces to support HVM domains.  HVM domains require hardware
+	  virtualisation extensions (e.g. Intel VT-x, AMD SVM), but can boot
+	  guests which have no specific Xen knowledge.
+
+	  This option is needed if you want to run HVM or PVH domains.
+
+	  If unsure, say Y.
+
+if HVM
+
+config AMD_SVM
+	bool "AMD-V" if EXPERT
+	default y
+	help
+	  Enables virtual machine extensions on platforms that implement the
+	  AMD Virtualization Technology (AMD-V).
+	  If your system includes a processor with AMD-V support, say Y.
+	  If in doubt, say Y.
+
+config INTEL_VMX
+	bool "Intel VT-x" if EXPERT
+	default y
+	select ARCH_VCPU_IOREQ_COMPLETION
+	help
+	  Enables virtual machine extensions on platforms that implement the
+	  Intel Virtualization Technology (Intel VT-x).
+	  If your system includes a processor with Intel VT-x support, say Y.
+	  If in doubt, say Y.
+
+config ALTP2M
+	bool "Alternate P2M support" if EXPERT
+	depends on INTEL_VMX
+	default y
+	help
+	  Alternate-p2m allows a guest to manage multiple p2m guest physical
+	  "memory views" (as opposed to a single p2m).
+	  Useful for memory introspection.
+
+	  If unsure, stay with defaults.
+
+config MEM_PAGING
+	bool "Xen memory paging support (UNSUPPORTED)" if UNSUPPORTED
+
+config MEM_SHARING
+	bool "Xen memory sharing support (UNSUPPORTED)" if UNSUPPORTED
+
+config HVM_FEP
+	bool "HVM Forced Emulation Prefix support (UNSUPPORTED)" if UNSUPPORTED
+	default DEBUG
+	help
+	  Compiles in a feature that allows HVM guest to arbitrarily
+	  exercise the instruction emulator.
+
+	  This feature can only be enabled during boot time with
+	  appropriate hypervisor command line option. Please read
+	  hypervisor command line documentation before trying to use
+	  this feature.
+
+	  This is strictly for testing purposes, and not appropriate
+	  for use in production.
+
+	  If unsure, say N.
+
+endif
-- 
2.34.1
Re: [PATCH] x86/hvm: add HVM-specific Kconfig
Posted by Jan Beulich 3 days, 6 hours ago 
On 07.02.2025 23:03, dmkhn@proton.me wrote:
> Add separate menu for configuring HVM build-time settings to help organizing
> HVM-specific options.
> 
> Signed-off-by: Denis Mukhin <dmukhin@ford.com>

I think it would be nice if "organizing" was further qualified, to really see
_why_ the change is being made. A particular benefit that Roger points out is
that this way all HVM-dependent options moved here will then appear in a sub-
menu like fashion in the tool.

> --- a/xen/arch/x86/Kconfig
> +++ b/xen/arch/x86/Kconfig
> @@ -30,7 +30,6 @@ config X86
>  	select HAS_SCHED_GRANULARITY
>  	select HAS_UBSAN
>  	select HAS_VMAP
> -	select HAS_VPCI if HVM
>  	select NEEDS_LIBELF

As said before, personally I'd prefer if this didn't move.

> --- /dev/null
> +++ b/xen/arch/x86/hvm/Kconfig
> @@ -0,0 +1,73 @@
> +menuconfig HVM
> +	bool "HVM support"
> +	depends on !PV_SHIM_EXCLUSIVE
> +	default !PV_SHIM
> +	select COMPAT
> +	select HAS_VPCI
> +	select IOREQ_SERVER
> +	select MEM_ACCESS_ALWAYS_ON
> +	help
> +	  Interfaces to support HVM domains.  HVM domains require hardware
> +	  virtualisation extensions (e.g. Intel VT-x, AMD SVM), but can boot
> +	  guests which have no specific Xen knowledge.
> +
> +	  This option is needed if you want to run HVM or PVH domains.
> +
> +	  If unsure, say Y.
> +
> +if HVM
> +
> +config AMD_SVM
> +	bool "AMD-V" if EXPERT
> +	default y
> +	help
> +	  Enables virtual machine extensions on platforms that implement the
> +	  AMD Virtualization Technology (AMD-V).
> +	  If your system includes a processor with AMD-V support, say Y.
> +	  If in doubt, say Y.
> +
> +config INTEL_VMX
> +	bool "Intel VT-x" if EXPERT
> +	default y
> +	select ARCH_VCPU_IOREQ_COMPLETION
> +	help
> +	  Enables virtual machine extensions on platforms that implement the
> +	  Intel Virtualization Technology (Intel VT-x).
> +	  If your system includes a processor with Intel VT-x support, say Y.
> +	  If in doubt, say Y.

Perhaps not to be done right here, but still: I guess the "default" of these
want to change to use AMD / INTEL respectively. While we permit enabling the
virt extension support separately, generally there's little point doing so
by default when the corresponding CPU support code was disabled.

> +config ALTP2M
> +	bool "Alternate P2M support" if EXPERT
> +	depends on INTEL_VMX
> +	default y
> +	help
> +	  Alternate-p2m allows a guest to manage multiple p2m guest physical
> +	  "memory views" (as opposed to a single p2m).
> +	  Useful for memory introspection.
> +
> +	  If unsure, stay with defaults.
> +
> +config MEM_PAGING
> +	bool "Xen memory paging support (UNSUPPORTED)" if UNSUPPORTED
> +
> +config MEM_SHARING
> +	bool "Xen memory sharing support (UNSUPPORTED)" if UNSUPPORTED
> +
> +config HVM_FEP
> +	bool "HVM Forced Emulation Prefix support (UNSUPPORTED)" if UNSUPPORTED
> +	default DEBUG
> +	help
> +	  Compiles in a feature that allows HVM guest to arbitrarily
> +	  exercise the instruction emulator.
> +
> +	  This feature can only be enabled during boot time with
> +	  appropriate hypervisor command line option. Please read
> +	  hypervisor command line documentation before trying to use
> +	  this feature.
> +
> +	  This is strictly for testing purposes, and not appropriate
> +	  for use in production.
> +
> +	  If unsure, say N.

Please can this move ahead of at least the two MEM_* ones, maybe even ahead
of ALTP2M?

Jan
Re: [PATCH] x86/hvm: add HVM-specific Kconfig
Posted by Denis Mukhin 14 hours ago 
On Monday, March 10th, 2025 at 3:36 AM, Jan Beulich <jbeulich@suse.com> wrote:

> 
> 
> On 07.02.2025 23:03, dmkhn@proton.me wrote:
> 
> > Add separate menu for configuring HVM build-time settings to help organizing
> > HVM-specific options.
> > 
> > Signed-off-by: Denis Mukhin dmukhin@ford.com
> 
> 
> I think it would be nice if "organizing" was further qualified, to really see
> why the change is being made. A particular benefit that Roger points out is
> that this way all HVM-dependent options moved here will then appear in a sub-
> menu like fashion in the tool.
> 
> > --- a/xen/arch/x86/Kconfig
> > +++ b/xen/arch/x86/Kconfig
> > @@ -30,7 +30,6 @@ config X86
> > select HAS_SCHED_GRANULARITY
> > select HAS_UBSAN
> > select HAS_VMAP
> > - select HAS_VPCI if HVM
> > select NEEDS_LIBELF
> 
> 
> As said before, personally I'd prefer if this didn't move.

Fixed in v2, sorry overlooked that.

> 
> > --- /dev/null
> > +++ b/xen/arch/x86/hvm/Kconfig
> > @@ -0,0 +1,73 @@
> > +menuconfig HVM
> > + bool "HVM support"
> > + depends on !PV_SHIM_EXCLUSIVE
> > + default !PV_SHIM
> > + select COMPAT
> > + select HAS_VPCI
> > + select IOREQ_SERVER
> > + select MEM_ACCESS_ALWAYS_ON
> > + help
> > + Interfaces to support HVM domains. HVM domains require hardware
> > + virtualisation extensions (e.g. Intel VT-x, AMD SVM), but can boot
> > + guests which have no specific Xen knowledge.
> > +
> > + This option is needed if you want to run HVM or PVH domains.
> > +
> > + If unsure, say Y.
> > +
> > +if HVM
> > +
> > +config AMD_SVM
> > + bool "AMD-V" if EXPERT
> > + default y
> > + help
> > + Enables virtual machine extensions on platforms that implement the
> > + AMD Virtualization Technology (AMD-V).
> > + If your system includes a processor with AMD-V support, say Y.
> > + If in doubt, say Y.
> > +
> > +config INTEL_VMX
> > + bool "Intel VT-x" if EXPERT
> > + default y
> > + select ARCH_VCPU_IOREQ_COMPLETION
> > + help
> > + Enables virtual machine extensions on platforms that implement the
> > + Intel Virtualization Technology (Intel VT-x).
> > + If your system includes a processor with Intel VT-x support, say Y.
> > + If in doubt, say Y.
> 
> 
> Perhaps not to be done right here, but still: I guess the "default" of these
> want to change to use AMD / INTEL respectively. While we permit enabling the
> virt extension support separately, generally there's little point doing so
> by default when the corresponding CPU support code was disabled.

Addressed.

> 
> > +config ALTP2M
> > + bool "Alternate P2M support" if EXPERT
> > + depends on INTEL_VMX
> > + default y
> > + help
> > + Alternate-p2m allows a guest to manage multiple p2m guest physical
> > + "memory views" (as opposed to a single p2m).
> > + Useful for memory introspection.
> > +
> > + If unsure, stay with defaults.
> > +
> > +config MEM_PAGING
> > + bool "Xen memory paging support (UNSUPPORTED)" if UNSUPPORTED
> > +
> > +config MEM_SHARING
> > + bool "Xen memory sharing support (UNSUPPORTED)" if UNSUPPORTED
> > +
> > +config HVM_FEP
> > + bool "HVM Forced Emulation Prefix support (UNSUPPORTED)" if UNSUPPORTED
> > + default DEBUG
> > + help
> > + Compiles in a feature that allows HVM guest to arbitrarily
> > + exercise the instruction emulator.
> > +
> > + This feature can only be enabled during boot time with
> > + appropriate hypervisor command line option. Please read
> > + hypervisor command line documentation before trying to use
> > + this feature.
> > +
> > + This is strictly for testing purposes, and not appropriate
> > + for use in production.
> > +
> > + If unsure, say N.
> 
> 
> Please can this move ahead of at least the two MEM_* ones, maybe even ahead
> of ALTP2M?

Done.

> 
> Jan
Re: [PATCH] x86/hvm: add HVM-specific Kconfig
Posted by Denis Mukhin 1 week ago 
On Friday, February 7th, 2025 at 2:03 PM, dmkhn@proton.me <dmkhn@proton.me> wrote:

> 
> 
> Add separate menu for configuring HVM build-time settings to help organizing
> HVM-specific options.
> 
> Signed-off-by: Denis Mukhin dmukhin@ford.com

Can I get a review please?

> 
> 
> ---
> Link to the original patch:
> https://lore.kernel.org/xen-devel/20250103-vuart-ns8250-v3-v1-20-c5d36b31d66c@ford.com/
> ---
> ---
> xen/arch/x86/Kconfig | 76 +---------------------------------------
> xen/arch/x86/hvm/Kconfig | 73 ++++++++++++++++++++++++++++++++++++++
> 2 files changed, 74 insertions(+), 75 deletions(-)
> create mode 100644 xen/arch/x86/hvm/Kconfig
> 
> diff --git a/xen/arch/x86/Kconfig b/xen/arch/x86/Kconfig
> index 9cdd04721a..37362c205d 100644
> --- a/xen/arch/x86/Kconfig
> +++ b/xen/arch/x86/Kconfig
> @@ -30,7 +30,6 @@ config X86
> select HAS_SCHED_GRANULARITY
> select HAS_UBSAN
> select HAS_VMAP
> - select HAS_VPCI if HVM
> select NEEDS_LIBELF
> 
> config ARCH_DEFCONFIG
> @@ -107,42 +106,7 @@ config PV_LINEAR_PT
> 
> If unsure, say Y.
> 
> -config HVM
> - bool "HVM support"
> - depends on !PV_SHIM_EXCLUSIVE
> - default !PV_SHIM
> - select COMPAT
> - select IOREQ_SERVER
> - select MEM_ACCESS_ALWAYS_ON
> - help
> - Interfaces to support HVM domains. HVM domains require hardware
> - virtualisation extensions (e.g. Intel VT-x, AMD SVM), but can boot
> - guests which have no specific Xen knowledge.
> -
> - This option is needed if you want to run HVM or PVH domains.
> -
> - If unsure, say Y.
> -
> -config AMD_SVM
> - bool "AMD-V" if EXPERT
> - depends on HVM
> - default y
> - help
> - Enables virtual machine extensions on platforms that implement the
> - AMD Virtualization Technology (AMD-V).
> - If your system includes a processor with AMD-V support, say Y.
> - If in doubt, say Y.
> -
> -config INTEL_VMX
> - bool "Intel VT-x" if EXPERT
> - depends on HVM
> - default y
> - select ARCH_VCPU_IOREQ_COMPLETION
> - help
> - Enables virtual machine extensions on platforms that implement the
> - Intel Virtualization Technology (Intel VT-x).
> - If your system includes a processor with Intel VT-x support, say Y.
> - If in doubt, say Y.
> +source "arch/x86/hvm/Kconfig"
> 
> config XEN_SHSTK
> bool "Supervisor Shadow Stacks"
> @@ -201,25 +165,6 @@ config BIGMEM
> 
> If unsure, say N.
> 
> -config HVM_FEP
> - bool "HVM Forced Emulation Prefix support (UNSUPPORTED)" if UNSUPPORTED
> - default DEBUG
> - depends on HVM
> - help
> -
> - Compiles in a feature that allows HVM guest to arbitrarily
> - exercise the instruction emulator.
> -
> - This feature can only be enabled during boot time with
> - appropriate hypervisor command line option. Please read
> - hypervisor command line documentation before trying to use
> - this feature.
> -
> - This is strictly for testing purposes, and not appropriate
> - for use in production.
> -
> - If unsure, say N.
> -
> config TBOOT
> bool "Xen tboot support (UNSUPPORTED)"
> depends on INTEL && UNSUPPORTED
> @@ -348,14 +293,6 @@ config HYPERV_GUEST
> 
> endif
> 
> -config MEM_PAGING
> - bool "Xen memory paging support (UNSUPPORTED)" if UNSUPPORTED
> - depends on HVM
> -
> -config MEM_SHARING
> - bool "Xen memory sharing support (UNSUPPORTED)" if UNSUPPORTED
> - depends on HVM
> -
> config REQUIRE_NX
> bool "Require NX (No eXecute) support"
> help
> @@ -372,17 +309,6 @@ config REQUIRE_NX
> was unavailable. However, if enabled, Xen will no longer boot on
> any CPU which is lacking NX support.
> 
> -config ALTP2M
> - bool "Alternate P2M support" if EXPERT
> - depends on INTEL_VMX
> - default y
> - help
> - Alternate-p2m allows a guest to manage multiple p2m guest physical
> - "memory views" (as opposed to a single p2m).
> - Useful for memory introspection.
> -
> - If unsure, stay with defaults.
> -
> endmenu
> 
> source "common/Kconfig"
> diff --git a/xen/arch/x86/hvm/Kconfig b/xen/arch/x86/hvm/Kconfig
> new file mode 100644
> index 0000000000..cbfeb5e4f4
> --- /dev/null
> +++ b/xen/arch/x86/hvm/Kconfig
> @@ -0,0 +1,73 @@
> +menuconfig HVM
> + bool "HVM support"
> + depends on !PV_SHIM_EXCLUSIVE
> + default !PV_SHIM
> + select COMPAT
> + select HAS_VPCI
> + select IOREQ_SERVER
> + select MEM_ACCESS_ALWAYS_ON
> + help
> + Interfaces to support HVM domains. HVM domains require hardware
> + virtualisation extensions (e.g. Intel VT-x, AMD SVM), but can boot
> + guests which have no specific Xen knowledge.
> +
> + This option is needed if you want to run HVM or PVH domains.
> +
> + If unsure, say Y.
> +
> +if HVM
> +
> +config AMD_SVM
> + bool "AMD-V" if EXPERT
> + default y
> + help
> + Enables virtual machine extensions on platforms that implement the
> + AMD Virtualization Technology (AMD-V).
> + If your system includes a processor with AMD-V support, say Y.
> + If in doubt, say Y.
> +
> +config INTEL_VMX
> + bool "Intel VT-x" if EXPERT
> + default y
> + select ARCH_VCPU_IOREQ_COMPLETION
> + help
> + Enables virtual machine extensions on platforms that implement the
> + Intel Virtualization Technology (Intel VT-x).
> + If your system includes a processor with Intel VT-x support, say Y.
> + If in doubt, say Y.
> +
> +config ALTP2M
> + bool "Alternate P2M support" if EXPERT
> + depends on INTEL_VMX
> + default y
> + help
> + Alternate-p2m allows a guest to manage multiple p2m guest physical
> + "memory views" (as opposed to a single p2m).
> + Useful for memory introspection.
> +
> + If unsure, stay with defaults.
> +
> +config MEM_PAGING
> + bool "Xen memory paging support (UNSUPPORTED)" if UNSUPPORTED
> +
> +config MEM_SHARING
> + bool "Xen memory sharing support (UNSUPPORTED)" if UNSUPPORTED
> +
> +config HVM_FEP
> + bool "HVM Forced Emulation Prefix support (UNSUPPORTED)" if UNSUPPORTED
> + default DEBUG
> + help
> + Compiles in a feature that allows HVM guest to arbitrarily
> + exercise the instruction emulator.
> +
> + This feature can only be enabled during boot time with
> + appropriate hypervisor command line option. Please read
> + hypervisor command line documentation before trying to use
> + this feature.
> +
> + This is strictly for testing purposes, and not appropriate
> + for use in production.
> +
> + If unsure, say N.
> +
> +endif
> --
> 2.34.1

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.