Say Y here to get to see options for using your Linux host to run other operating systems inside virtual machines (guests). This option alone does not add any kernel code. If you say N, all options in this submenu will be skipped and disabled.
Support hosting fully virtualized guest machines using hardware virtualization extensions. You will need a fairly recent processor equipped with virtualization extensions. You will also need to select one or more of the processor modules below. This module provides access to the hardware capabilities through a character device node named /dev/kvm. To compile this as a module, choose M here: the module will be called kvm. If unsure, say N.
Add -Werror to the build flags for KVM. If in doubt, say "N".
Provides support for KVM on processors equipped with Intel's VT extensions, a.k.a. Virtual Machine Extensions (VMX). To compile this as a module, choose M here: the module will be called kvm-intel.
Enables KVM guests to create SGX enclaves. This includes support to expose "raw" unreclaimable enclave memory to guests via a device node, e.g. /dev/sgx_vepc. If unsure, say N.
Provides support for KVM on AMD processors equipped with the AMD-V (SVM) extensions. To compile this as a module, choose M here: the module will be called kvm-amd.
Provides support for launching Encrypted VMs (SEV) and Encrypted VMs with Encrypted State (SEV-ES) on AMD processors.
Provides KVM support for the hosting Xen HVM guests and passing Xen hypercalls to userspace. If in doubt, say "N".
This option adds a R/W kVM module parameter 'mmu_audit', which allows auditing of KVM MMU events at runtime.