# # hiperiso host kernel configuration # ================================ # Minimal x86_64 Linux kernel for the hiperiso hypervisor host. # # Goals: # - KVM built-in (NOT module) so /dev/kvm is available with no module loader # - USB mass-storage support (XHCI/EHCI/OHCI/UHCI) to read the USB stick # - exFAT / NTFS3 / ext4 / FAT filesystems to read ISOs and write logs # - Everything else stripped: no networking, no modules, no sound/wifi/DRM # - Small enough to bzImage in ~5-8 MB # # Apply with: cp hiperiso_defconfig .config && make olddefconfig # # ── Architecture ──────────────────────────────────────────────────────────── CONFIG_64BIT=y CONFIG_X86_64=y CONFIG_X86=y CONFIG_GENERIC_CPU=y CONFIG_SMP=y CONFIG_NR_CPUS=64 CONFIG_X86_LOCAL_APIC=y CONFIG_X86_IO_APIC=y CONFIG_HPET_TIMER=y # ── Local version / hostname ──────────────────────────────────────────────── CONFIG_LOCALVERSION="-hiperiso" CONFIG_DEFAULT_HOSTNAME="hiperiso" # ── Kernel timing / scheduler (KVM depends on HIGH_RES_TIMERS) ────────────── CONFIG_HIGH_RES_TIMERS=y CONFIG_TICK_ONESHOT=y CONFIG_NO_HZ_IDLE=y CONFIG_PREEMPT_VOLUNTARY=y # ── Virtualization: KVM built-in (NOT module) ─────────────────────────────── CONFIG_VIRTUALIZATION=y CONFIG_KVM=y CONFIG_KVM_INTEL=y CONFIG_KVM_AMD=y CONFIG_HAVE_KVM=y CONFIG_HAVE_KVM_IRQCHIP=y CONFIG_HAVE_KVM_IRQ_ROUTING=y CONFIG_HAVE_KVM_EVENTFD=y CONFIG_IRQ_BYPASS_MANAGER=y CONFIG_USER_RETURN_NOTIFIER=y CONFIG_VIRTUALIZATION_HOST=y # ── Modules: disabled (everything built-in) ──────────────────────────────── # CONFIG_MODULES is not set # CONFIG_MODULE_SIG is not set # ── Networking: disabled (host needs no network) ──────────────────────────── # CONFIG_NET is not set # CONFIG_WIRELESS is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set # ── PCI (host USB controllers live on PCI/PCIe) ───────────────────────────── CONFIG_PCI=y CONFIG_PCIEPORTBUS=y CONFIG_PCI_MSI=y CONFIG_PCI_IOV=y # CONFIG_PCIEASPM is not set # CONFIG_PCI_HISI is not set # ── AHCI / SATA (storage controllers on real hardware) ────────────────────── CONFIG_ATA=y CONFIG_SATA_AHCI=y CONFIG_ATA_PIIX=y # ── Virtio (paravirtualized devices for KVM/QEMU guests) ──────────────────── CONFIG_VIRTIO=y CONFIG_VIRTIO_PCI=y CONFIG_VIRTIO_BLK=y CONFIG_VIRTIO_CONSOLE=y # ── ACPI (host firmware enumeration + power) ──────────────────────────────── CONFIG_ACPI=y CONFIG_ACPI_AC=y CONFIG_ACPI_BUTTON=y CONFIG_ACPI_FAN=y CONFIG_ACPI_THERMAL=y CONFIG_ACPI_TABLE_UPGRADE=y # CONFIG_ACPI_DEBUG is not set # ── USB support (read ISOs/logs from the USB stick) ───────────────────────── CONFIG_USB_SUPPORT=y CONFIG_USB=y CONFIG_USB_ANNOUNCE_NEW_DEVICES=y CONFIG_USB_XHCI_HCD=y CONFIG_USB_EHCI_HCD=y CONFIG_USB_EHCI_HCD_PLATFORM=y CONFIG_USB_OHCI_HCD=y CONFIG_USB_OHCI_HCD_PCI=y CONFIG_USB_UHCI_HCD=y CONFIG_USB_STORAGE=y CONFIG_USB_STORAGE_REALTEK=y CONFIG_USB_STORAGE_DATAFAB=y CONFIG_USB_DEFAULT_PERSIST=y # ── HID (USB keyboards/mice) ───────────────────────────────────────────────── CONFIG_HID=y CONFIG_HID_GENERIC=y CONFIG_USB_HID=y # ── SCSI / block layer (USB mass-storage is a SCSI host) ──────────────────── CONFIG_BLOCK=y CONFIG_BLK_DEV=y CONFIG_BLK_DEV_LOOP=y CONFIG_SCSI=y CONFIG_BLK_DEV_SD=y CONFIG_CHR_DEV_SG=y CONFIG_SCSI_CONSTANTS=y CONFIG_SCSI_SCAN_ASYNC=y # ── Filesystems ───────────────────────────────────────────────────────────── CONFIG_EXT4_FS=y CONFIG_EXT4_FS_POSIX_ACL=y CONFIG_EXT4_FS_SECURITY=y CONFIG_FAT_FS=y CONFIG_MSDOS_FS=y CONFIG_VFAT_FS=y CONFIG_FAT_DEFAULT_CODEPAGE=437 CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1" CONFIG_FAT_DEFAULT_UTF8=y CONFIG_EXFAT_FS=y CONFIG_EXFAT_DEFAULT_IOCHARSET="utf8" CONFIG_NTFS3_FS=y CONFIG_NTFS3_64BIT_CLUSTER=y CONFIG_NTFS3_LZX_XPRESS=y CONFIG_NTFS3_FS_POSIX_ACL=y # CONFIG_NTFS_FS is not set CONFIG_PROC_FS=y CONFIG_PROC_SYSCTL=y CONFIG_SYSFS=y CONFIG_TMPFS=y CONFIG_TMPFS_POSIX_ACL=y CONFIG_TMPFS_XATTR=y CONFIG_HUGETLBFS=y CONFIG_HUGETLB_PAGE=y CONFIG_DEVTMPFS=y CONFIG_DEVTMPFS_MOUNT=y CONFIG_CONFIGFS_FS=y # ── Initramfs (supplied externally as initramfs.cpio.gz) ──────────────────── CONFIG_BLK_DEV_INITRD=y CONFIG_INITRAMFS_SOURCE="" CONFIG_RD_GZIP=y CONFIG_DECOMPRESS_GZIP=y # ── Binary formats ────────────────────────────────────────────────────────── CONFIG_BINFMT_ELF=y CONFIG_BINFMT_SCRIPT=y CONFIG_BINFMT_MISC=y # ── Console / TTY / serial (host console + early debug) ───────────────────── CONFIG_TTY=y CONFIG_VT=y CONFIG_VT_CONSOLE=y CONFIG_HW_CONSOLE=y CONFIG_UNIX98_PTYS=y CONFIG_LEGACY_PTYS=y CONFIG_SERIAL_8250=y CONFIG_SERIAL_8250_CONSOLE=y CONFIG_SERIAL_8250_PCI=y CONFIG_SERIAL_8250_NR_UARTS=4 CONFIG_SERIAL_8250_RUNTIME_UARTS=4 CONFIG_PRINTK=y CONFIG_PRINTK_TIME=y CONFIG_EARLY_PRINTK=y CONFIG_DEBUG_INFO_NONE=y CONFIG_EFI=y CONFIG_EFI_STUB=y CONFIG_FB_EFI=y CONFIG_FONT_SUPPORT=y CONFIG_FONT_8x16=y # ── Kernel features / syscalls (busybox + glibc needs) ────────────────────── CONFIG_MULTIUSER=y CONFIG_FHANDLE=y CONFIG_POSIX_TIMERS=y CONFIG_FUTEX=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_AIO=y CONFIG_IO_URING=y CONFIG_INOTIFY_USER=y CONFIG_FANOTIFY=y CONFIG_ADVISE_SYSCALLS=y CONFIG_MEMBARRIER=y CONFIG_KALLSYMS=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_BASE_FULL=y CONFIG_SGETMASK_SYSCALL=y CONFIG_KCMP=y CONFIG_STACKTRACE_SUPPORT=y CONFIG_HAVE_KERNEL_GZIP=y CONFIG_KERNEL_GZIP=y # ── Crypto (QEMU/KVM + TLS needs a few algos; keep minimal built-in) ──────── CONFIG_CRYPTO=y CONFIG_CRYPTO_CRC32C=y CONFIG_CRYPTO_SHA256=y CONFIG_CRYPTO_AES=y CONFIG_CRYPTO_GCM=y # ── Input (keyboard for VT console) ───────────────────────────────────────── CONFIG_INPUT=y CONFIG_INPUT_KEYBOARD=y CONFIG_KEYBOARD_ATKBD=y CONFIG_INPUT_MISC=y # ── RTC / timekeeping ─────────────────────────────────────────────────────── CONFIG_RTC_LIB=y CONFIG_RTC_CLASS=y CONFIG_RTC_HCTOSYS=y # ── Explicitly stripped (size reduction) ──────────────────────────────────── # CONFIG_SOUND is not set # CONFIG_SND is not set # CONFIG_DRM is not set # CONFIG_BT is not set # CONFIG_MEDIA_SUPPORT is not set # CONFIG_WATCHDOG is not set # CONFIG_AUDIT is not set # CONFIG_SECURITY is not set # CONFIG_SECURITYFS is not set # CONFIG_QUOTA is not set # CONFIG_SWAP is not set # CONFIG_SUSPEND is not set # CONFIG_HIBERNATION is not set # CONFIG_CPU_FREQ is not set # CONFIG_CPU_IDLE is not set # CONFIG_WLAN is not set # CONFIG_NLATTR is not set # CONFIG_COMPAT_BRK is not set # ── Debug (lightweight) ───────────────────────────────────────────────────── # CONFIG_DEBUG_INFO is not set # CONFIG_KASAN is not set # CONFIG_UBSAN is not set CONFIG_PANIC_ON_OOPS=y CONFIG_PANIC_TIMEOUT=5 CONFIG_MAGIC_SYSRQ=y CONFIG_SCHED_DEBUG=y