x86/kexec: refactor for kernel/Kconfig.kexec

source "kernel/Kconfig.hz"

config KEXEC

	bool "kexec system call"

	select KEXEC_CORE

	help

	  kexec is a system call that implements the ability to shutdown your

	  current kernel, and to start another kernel.  It is like a reboot

	  but it is independent of the system firmware.   And like a reboot

	  you can start any kernel with it, not just Linux.

	  The name comes from the similarity to the exec system call.

	  It is an ongoing process to be certain the hardware in a machine

	  is properly shutdown, so do not be surprised if this code does not

	  initially work for you.  As of this writing the exact hardware

	  interface is strongly in flux, so no good recommendation can be

	  made.

config KEXEC_FILE

	bool "kexec file based system call"

	select KEXEC_CORE

	select HAVE_IMA_KEXEC if IMA

	depends on X86_64

	depends on CRYPTO=y

	depends on CRYPTO_SHA256=y

	help

	  This is new version of kexec system call. This system call is

	  file based and takes file descriptors as system call argument

	  for kernel and initramfs as opposed to list of segments as

	  accepted by previous system call.

config ARCH_SUPPORTS_KEXEC

	def_bool y

config ARCH_HAS_KEXEC_PURGATORY

	def_bool KEXEC_FILE

config ARCH_SUPPORTS_KEXEC_FILE

	def_bool X86_64 && CRYPTO && CRYPTO_SHA256

config KEXEC_SIG

	bool "Verify kernel signature during kexec_file_load() syscall"

config ARCH_SELECTS_KEXEC_FILE

	def_bool y

	depends on KEXEC_FILE

	help

	select HAVE_IMA_KEXEC if IMA

	  This option makes the kexec_file_load() syscall check for a valid

	  signature of the kernel image.  The image can still be loaded without

	  a valid signature unless you also enable KEXEC_SIG_FORCE, though if

	  there's a signature that we can check, then it must be valid.

config ARCH_HAS_KEXEC_PURGATORY

	def_bool KEXEC_FILE

	  In addition to this option, you need to enable signature

	  verification for the corresponding kernel image type being

	  loaded in order for this to work.

config ARCH_SUPPORTS_KEXEC_SIG

	def_bool y

config KEXEC_SIG_FORCE

	bool "Require a valid signature in kexec_file_load() syscall"

	depends on KEXEC_SIG

	help

	  This option makes kernel signature verification mandatory for

	  the kexec_file_load() syscall.

config ARCH_SUPPORTS_KEXEC_SIG_FORCE

	def_bool y

config KEXEC_BZIMAGE_VERIFY_SIG

	bool "Enable bzImage signature verification support"

	depends on KEXEC_SIG

	depends on SIGNED_PE_FILE_VERIFICATION

	select SYSTEM_TRUSTED_KEYRING

	help

	  Enable bzImage signature verification support.

config ARCH_SUPPORTS_KEXEC_BZIMAGE_VERIFY_SIG

	def_bool y

config CRASH_DUMP

	bool "kernel crash dumps"

	depends on X86_64 || (X86_32 && HIGHMEM)

	help

	  Generate crash dump after being started by kexec.

	  This should be normally only set in special crash dump kernels

	  which are loaded in the main kernel with kexec-tools into

	  a specially reserved region and then later executed after

	  a crash by kdump/kexec. The crash dump kernel must be compiled

	  to a memory address not used by the main kernel or BIOS using

	  PHYSICAL_START, or it must be built as a relocatable image

	  (CONFIG_RELOCATABLE=y).

	  For more details see Documentation/admin-guide/kdump/kdump.rst

config ARCH_SUPPORTS_KEXEC_JUMP

	def_bool y

config KEXEC_JUMP

	bool "kexec jump"

	depends on KEXEC && HIBERNATION

	help

	  Jump between original kernel and kexeced kernel and invoke

	  code in physical address mode via KEXEC

config ARCH_SUPPORTS_CRASH_DUMP

	def_bool X86_64 || (X86_32 && HIGHMEM)

config PHYSICAL_START

	hex "Physical address where the kernel is loaded" if (EXPERT || CRASH_DUMP)