config X86_64
	def_bool y
	select 64BIT

config X86
	def_bool y
	select ACPI
	select ACPI_LEGACY_TABLES_LOOKUP
	select ACPI_NUMA
	select ALTERNATIVE_CALL
	select ARCH_MAP_DOMAIN_PAGE
	select ARCH_PAGING_MEMPOOL
	select ARCH_SUPPORTS_INT128
	imply CORE_PARKING
	select FUNCTION_ALIGNMENT_16B
	select GENERIC_BUG_FRAME
	select HAS_ALTERNATIVE
	select HAS_COMPAT
	select HAS_CPUFREQ
	select HAS_DIT
	select HAS_EHCI
	select HAS_EX_TABLE
	select HAS_FAST_MULTIPLY
	select HAS_IOPORTS
	select HAS_KEXEC
	select HAS_NS16550
	select HAS_PASSTHROUGH
	select HAS_PCI
	select HAS_PCI_MSI
	select HAS_PIRQ
	select HAS_SCHED_GRANULARITY
	select HAS_UBSAN
	select HAS_VMAP
	select HAS_VPCI if HVM
	select NEEDS_LIBELF
	select SYSTEM_SUSPEND_ALWAYS_ON

config ARCH_DEFCONFIG
	string
	default "arch/x86/configs/x86_64_defconfig"

config CC_HAS_INDIRECT_THUNK
	# GCC >= 8 or Clang >= 6
	def_bool $(cc-option,-mindirect-branch-register) || \
	         $(cc-option,-mretpoline-external-thunk)

config CC_HAS_RETURN_THUNK
	# GCC >= 8 or Clang >= 15
	def_bool $(cc-option,-mfunction-return=thunk-extern)

config HAS_AS_CET_SS
	# binutils >= 2.29 or LLVM >= 6
	def_bool $(as-instr,wrssq %rax$(comma)0;setssbsy)

config HAS_CC_CET_IBT
	# GCC >= 9 and binutils >= 2.29
	# Retpoline check to work around https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93654
	def_bool $(cc-option,-fcf-protection=branch -mmanual-endbr -mindirect-branch=thunk-extern) && $(as-instr,endbr64)

menu "Architecture Features"

source "arch/x86/Kconfig.cpu"

source "arch/Kconfig"

config PV
	def_bool y
	prompt "PV support"
	help
	  Interfaces to support PV domains. These require guest kernel support
	  to run as a PV guest, but don't require any specific hardware support.

	  This option is needed if you want to run PV domains.

	  If unsure, say Y.

config PV32
	bool "Support for 32bit PV guests"
	depends on PV
	default PV_SHIM
	select COMPAT
	help
	  The 32bit PV ABI uses Ring1, an area of the x86 architecture which
	  was deprecated and mostly removed in the AMD64 spec.  As a result,
	  it occasionally conflicts with newer x86 hardware features, causing
	  overheads for Xen to maintain backwards compatibility.

	  People may wish to disable 32bit PV guests for attack surface
	  reduction, or performance reasons.  Backwards compatibility can be
	  provided via the PV Shim mechanism.

	  Note that outside of PV Shim, 32-bit PV guests are not security
	  supported anymore.

	  If unsure, use the default setting.

config PV_LINEAR_PT
       bool "Support for PV linear pagetables"
       depends on PV
       default y
       help
         Linear pagetables (also called "recursive pagetables") refers
         to the practice of a guest operating system having pagetable
         entries pointing to other pagetables of the same level (i.e.,
         allowing L2 PTEs to point to other L2 pages).  Some operating
         systems use it as a simple way to consistently map the current
         process's pagetables into its own virtual address space.

         Linux and MiniOS don't use this technique.  NetBSD and Novell
         Netware do; there may be other custom operating systems which
         do.  If you're certain you don't plan on having PV guests
         which use this feature, turning it off can reduce the attack
         surface.

         If unsure, say Y.

source "arch/x86/hvm/Kconfig"

config XEN_SHSTK
	bool "Supervisor Shadow Stacks"
	depends on HAS_AS_CET_SS
	default y
	help
	  Control-flow Enforcement Technology (CET) is a set of features in
	  hardware designed to combat Return-oriented Programming (ROP, also
	  call/jump COP/JOP) attacks.  Shadow Stacks are one CET feature
	  designed to provide return address protection.

	  This option arranges for Xen to use CET-SS for its own protection.
	  When CET-SS is active, 32bit PV guests cannot be used.  Backwards
	  compatiblity can be provided via the PV Shim mechanism.

config XEN_IBT
	bool "Supervisor Indirect Branch Tracking"
	depends on HAS_CC_CET_IBT
	default y
	help
	  Control-flow Enforcement Technology (CET) is a set of features in
	  hardware designed to combat Return-oriented Programming (ROP, also
	  call/jump COP/JOP) attacks.  Indirect Branch Tracking is one CET
	  feature designed to provide function pointer protection.

	  This option arranges for Xen to use CET-IBT for its own protection.

config SHADOW_PAGING
	bool "Shadow Paging"
	default !PV_SHIM_EXCLUSIVE
	depends on PV || HVM
	help

          Shadow paging is a software alternative to hardware paging support
          (Intel EPT, AMD NPT).

          It is required for:
            * Running HVM guests on hardware lacking hardware paging support
              (First-generation Intel VT-x or AMD SVM).
            * Live migration of PV guests.
            * L1TF sidechannel mitigation for PV guests.

          Under a small number of specific workloads, shadow paging may be
          deliberately used as a performance optimisation.

          If unsure, say Y.

config PAGING
	def_bool HVM || SHADOW_PAGING

config BIGMEM
	bool "big memory support"
	default n
	help
	  Allows Xen to support up to 123Tb of memory.

	  This requires enlarging struct page_info as well as shrinking
	  the always accessible direct mapped memory range.

	  If unsure, say N.

config TBOOT
	bool "Xen tboot support (UNSUPPORTED)"
	depends on INTEL && UNSUPPORTED
	default !PV_SHIM_EXCLUSIVE
	select CRYPTO
	help
	  Allows support for Trusted Boot using the Intel(R) Trusted Execution
	  Technology (TXT)

	  If unsure, stay with the default.

config X86_PSR
	bool "Platform Shared Resource support" if EXPERT
	default INTEL
	help
	  Support of Platform Shared Resource technology, which is basis for
	  monitoring and control of resources like cache and memory bandwidth.
	  See xl-psr documentation for details.

	  If unsure, stay with the default.

choice
	prompt "Alignment of Xen image"
	default XEN_ALIGN_2M if PV_SHIM_EXCLUSIVE
	default XEN_ALIGN_DEFAULT
	help
	  Specify alignment for Xen image.

	  If unsure, choose "default".

config XEN_ALIGN_DEFAULT
	bool "Default alignment"
	help
	  Pick alignment according to build variants.

	  For EFI build the default alignment is 2M. For ELF build
	  the default alignment is 4K due to syslinux failing to handle
	  the increment of image size induced by 2M alignment.

config XEN_ALIGN_2M
	bool "2M alignment"

endchoice

choice
	prompt "x2APIC Driver default"
	default X2APIC_MIXED
	help
	  Select APIC addressing when x2APIC is enabled.

	  The default mode is mixed which should provide the best aspects
	  of both physical and cluster modes.

config X2APIC_PHYSICAL
	bool "Physical Destination mode"
	help
	  When using this mode APICs are addressed using the Physical
	  Destination mode, which allows using all dynamic vectors on each
	  CPU independently.

	  Physical Destination has the benefit of having more vectors available
	  for external interrupts, but it also makes the delivery of multi
	  destination inter processor interrupts (IPIs) slightly slower than
	  Logical Destination mode.

config X2APIC_MIXED
	bool "Mixed Destination mode"
	help
	  When using this mode APICs are addressed using the Cluster Logical
	  Destination mode for IPIs and Physical mode for external interrupts.

	  Should provide the best of both modes.

endchoice

config MCE_NONFATAL
	bool "Check for non-fatal MCEs" if EXPERT
	default y
	help
	  Check for non-fatal MCE errors.
	
	  When this option is on (default), Xen regularly checks for
	  non-fatal MCEs potentially occurring on all physical CPUs. The
	  checking is done via timers and IPI interrupts, which is
	  acceptable in most configurations, but not for real-time.
	
	  Turn this option off if you plan on deploying real-time workloads
	  on Xen.

config GUEST
	bool

config XEN_GUEST
	bool "Xen Guest"
	select GUEST
	help
	  Support for Xen detecting when it is running under Xen.

	  If unsure, say N.

config PVH_GUEST
	def_bool y
	prompt "PVH Guest"
	depends on XEN_GUEST
	help
	  Support booting using the PVH ABI.

	  If unsure, say Y.

config PV_SHIM
	def_bool y
	prompt "PV Shim"
	depends on PV && XEN_GUEST
	help
	  Build Xen with a mode which acts as a shim to allow PV guest to run
	  in an HVM/PVH container. This mode can only be enabled with command
	  line option.

	  If unsure, say Y.

config PV_SHIM_EXCLUSIVE
	bool "PV Shim Exclusive"
	depends on PV_SHIM
	help
	  Build Xen in a way which unconditionally assumes PV_SHIM mode.  This
	  option is only intended for use when building a dedicated PV Shim
	  firmware, and will not function correctly in other scenarios.

	  If unsure, say N.

config HYPERV_GUEST
	bool "Hyper-V Guest"
	select GUEST
	help
	  Support for Xen detecting when it is running under Hyper-V.

	  If unsure, say N.

config REQUIRE_NX
	bool "Require NX (No eXecute) support"
	help
	  No-eXecute (also called XD "eXecute Disable" and DEP "Data
	  Execution Prevention") is a security feature designed originally
	  to combat buffer overflow attacks by marking regions of memory
	  which the CPU must not interpret as instructions.

	  The NX feature exists in every 64bit CPU except for some very
	  early Pentium 4 Prescott machines.

	  Enabling this option will improve Xen's security by removing
	  cases where Xen could be tricked into thinking that the feature
	  was unavailable. However, if enabled, Xen will no longer boot on
	  any CPU which is lacking NX support.

config UCODE_SCAN_DEFAULT
	bool "Scan for microcode by default"
	help
	  During boot, Xen can scan the multiboot images for a CPIO archive
	  containing CPU microcode to be loaded, which is Linux's mechanism for
	  early microcode loading.

	  Enable if you have a Linux-based dom0 with microcode attached to the
	  initramfs.

endmenu

source "common/Kconfig"

source "drivers/Kconfig"
