e5a9ec7e09
Add a kconfig CONFIG_VFIO_CONTAINER that controls compiling the container code. If 'n' then only iommufd will provide the container service. All the support for vfio iommu drivers, including type1, will not be built. This allows a compilation check that no inappropriate dependencies between the device/group and container have been created. Link: https://lore.kernel.org/r/9-v4-42cd2eb0e3eb+335a-vfio_iommufd_jgg@nvidia.com Reviewed-by: Kevin Tian <kevin.tian@intel.com> Reviewed-by: Alex Williamson <alex.williamson@redhat.com> Tested-by: Alex Williamson <alex.williamson@redhat.com> Tested-by: Nicolin Chen <nicolinc@nvidia.com> Tested-by: Yi Liu <yi.l.liu@intel.com> Tested-by: Lixiao Yang <lixiao.yang@intel.com> Tested-by: Matthew Rosato <mjrosato@linux.ibm.com> Tested-by: Yu He <yu.he@intel.com> Signed-off-by: Jason Gunthorpe <jgg@nvidia.com>
67 lines
1.8 KiB
Text
67 lines
1.8 KiB
Text
# SPDX-License-Identifier: GPL-2.0-only
|
|
menuconfig VFIO
|
|
tristate "VFIO Non-Privileged userspace driver framework"
|
|
select IOMMU_API
|
|
depends on IOMMUFD || !IOMMUFD
|
|
select INTERVAL_TREE
|
|
select VFIO_CONTAINER if IOMMUFD=n
|
|
help
|
|
VFIO provides a framework for secure userspace device drivers.
|
|
See Documentation/driver-api/vfio.rst for more details.
|
|
|
|
If you don't know what to do here, say N.
|
|
|
|
if VFIO
|
|
config VFIO_CONTAINER
|
|
bool "Support for the VFIO container /dev/vfio/vfio"
|
|
select VFIO_IOMMU_TYPE1 if MMU && (X86 || S390 || ARM || ARM64)
|
|
default y
|
|
help
|
|
The VFIO container is the classic interface to VFIO for establishing
|
|
IOMMU mappings. If N is selected here then IOMMUFD must be used to
|
|
manage the mappings.
|
|
|
|
Unless testing IOMMUFD say Y here.
|
|
|
|
if VFIO_CONTAINER
|
|
config VFIO_IOMMU_TYPE1
|
|
tristate
|
|
default n
|
|
|
|
config VFIO_IOMMU_SPAPR_TCE
|
|
tristate
|
|
depends on SPAPR_TCE_IOMMU
|
|
default VFIO
|
|
|
|
config VFIO_NOIOMMU
|
|
bool "VFIO No-IOMMU support"
|
|
help
|
|
VFIO is built on the ability to isolate devices using the IOMMU.
|
|
Only with an IOMMU can userspace access to DMA capable devices be
|
|
considered secure. VFIO No-IOMMU mode enables IOMMU groups for
|
|
devices without IOMMU backing for the purpose of re-using the VFIO
|
|
infrastructure in a non-secure mode. Use of this mode will result
|
|
in an unsupportable kernel and will therefore taint the kernel.
|
|
Device assignment to virtual machines is also not possible with
|
|
this mode since there is no IOMMU to provide DMA translation.
|
|
|
|
If you don't know what to do here, say N.
|
|
endif
|
|
|
|
config VFIO_SPAPR_EEH
|
|
tristate
|
|
depends on EEH && VFIO_IOMMU_SPAPR_TCE
|
|
default VFIO
|
|
|
|
config VFIO_VIRQFD
|
|
tristate
|
|
select EVENTFD
|
|
default n
|
|
|
|
source "drivers/vfio/pci/Kconfig"
|
|
source "drivers/vfio/platform/Kconfig"
|
|
source "drivers/vfio/mdev/Kconfig"
|
|
source "drivers/vfio/fsl-mc/Kconfig"
|
|
endif
|
|
|
|
source "virt/lib/Kconfig"
|