Kernel

File systems  --->
 <*> The Extended 4 (ext4) filesystem
 [*]   Use ext4 for ext2/ext3 file systems
 [*]   Ext4 extended attributes

-*- Enable the block layer  --->
  Partition Types  --->
    [*]   EFI GUID Partition support

General setup  --->
 [*] open by fhandle syscalls
 [*] Auditing support
  [*]   Make audit loginuid immutable
 [*] Control Group support  --->
  [*]   Freezer cgroup subsystem
  [*]   Device controller for cgroups
  [*]   Cpuset support
  [*]   Simple CPU accounting cgroup subsystem
  [*]   Resource counters
  [*]     Memory Resource Controller for Control Groups
  [*]       Memory Resource Controller Swap Extension
  [*]         Memory Resource Controller Swap Extension enabled by default
  [*]       Memory Resource Controller Kernel Memory accounting (EXPERIMENTAL)
  [*]   Enable perf_event per-cpu per-container group (cgroup) monitoring
  [*]   Group CPU scheduler  --->
   [*]   Group scheduling for SCHED_OTHER
   [*]     CPU bandwidth provisioning for FAIR_GROUP_SCHED
   [*]   Group scheduling for SCHED_RR/FIFO
  [*]   Block IO controller
 [*] Namespaces support  --->
  [*]   UTS namespace
  [*]   IPC namespace
  [*]   PID Namespaces
  [*]   Network namespace
 [*] Automatic process group scheduling
Device Drivers  --->
 Generic Driver Options  --->
  [*] Maintain a devtmpfs filesystem to mount at /dev
  [*]   Automount devtmpfs at /dev, after the kernel mounted the rootfs
 [*] Real Time Clock  --->
  [*]   /sys/class/rtc/rtcN (sysfs)
  [*]   /proc/driver/rtc (procfs for rtc0)
  [*]   /dev/rtcN (character devices)
  <*>   PC-style 'CMOS'
File systems  --->
 [*] Filesystem wide access notification
  [*]   fanotify permissions checking
 <*> Kernel automounter version 4 support (also supports v3)
 Pseudo filesystems
  [*] Tmpfs virtual memory file system support (former shm fs)
Security options  --->
 [*] Enable different security models

Device Drivers  --->
 Generic Driver Options  --->
  [*] Maintain a devtmpfs filesystem to mount at /dev
  [*]   Automount devtmpfs at /dev, after the kernel mounted the rootfs
File systems  --->
 Pseudo filesystems
  [*] Tmpfs virtual memory file system support (former shm fs)

General setup  --->
 [*] Support for paging of anonymous memory (swap)
Device Drivers  --->
 [*] USB support  --->
  [*]     USB runtime power management (autosuspend) and wakeup
File systems  --->
 Pseudo filesystems
  [*] Tmpfs virtual memory file system support (former shm fs)
  [*]   Tmpfs POSIX Access Control Lists
 -*- Native language support  --->
  (utf8) Default NLS Option
  <*>   NLS UTF-8

Processor type and features  --->
 [*] Cross Memory Support
 [*] Enable seccomp to safely compute untrusted bytecode

General setup  --->
 [*] Namespaces support  --->
  [*]   PID Namespaces
  [*]   Network namespace
Processor type and features  --->
 [*] Enable seccomp to safely compute untrusted bytecode

General setup  --->
 [*] System V IPC

mpm-itk 2.4.2

Processor type and features  --->
 [*] Enable seccomp to safely compute untrusted bytecode

[*] Networking support  --->
 Networking options  --->
  [*]   Advanced netfilter configuration
  [*] Network packet filtering framework (Netfilter)  --->
   Core Netfilter Configuration  --->
    <*>   CHECKSUM target support
  [*] Network packet filtering framework (Netfilter)  --->
   <*>   Ethernet Bridge tables (ebtables) support  --->

Linux Containers virtualisation support:

General setup  --->
 [*] POSIX Message Queues
 [*] Control Group support  --->
  [*]   Freezer cgroup subsystem
  [*]   Device controller for cgroups
  [*]   Cpuset support
  [*]   Simple CPU accounting cgroup subsystem
  [*]   Resource counters
  [*]     Memory Resource Controller for Control Groups
  [*]       Memory Resource Controller Swap Extension
  [*]         Memory Resource Controller Swap Extension enabled by default
  [*]       Memory Resource Controller Kernel Memory accounting (EXPERIMENTAL)
  [*]   Enable perf_event per-cpu per-container group (cgroup) monitoring
  [*]   Group CPU scheduler  --->
   [*]   Group scheduling for SCHED_OTHER
   [*]     CPU bandwidth provisioning for FAIR_GROUP_SCHED
   [*]   Group scheduling for SCHED_RR/FIFO
  [*]   Block IO controller
 [*] Namespaces support  --->
  [*]   UTS namespace
  [*]   IPC namespace
  [*]   PID Namespaces
  [*]   Network namespace
Device Drivers  --->
 Character devices  --->
  -*- Unix98 PTY support
   [*]   Support multiple instances of devpts
Device Drivers  --->
 [*] Network device support  --->
  [*]   Network core driver support
  <*>     MAC-VLAN support (EXPERIMENTAL)
  <*>     Virtual ethernet pair device

MAC-based TAP (macvlan/macvtap) for networking instead of the normal TUN/TAP:

Device Drivers  --->
 [*] Network device support  --->
  [*]   Network core driver support
  <*>     MAC-VLAN support (EXPERIMENTAL)
  <*>       MAC-VLAN based tap driver (EXPERIMENTAL)

[*] Networking support  --->
 Networking options  --->
  <*> 802.1d Ethernet Bridging
Device Drivers  --->
 [*] Network device support  --->
  [*]   Network core driver support
   <*>     Universal TUN/TAP device driver support
[*] Virtualization  --->
 <*>   Kernel-based Virtual Machine (KVM) support
 <*>     KVM for Intel processors support
 < >     KVM for AMD processors support
 <*>   Host kernel accelerator for virtio net (EXPERIMENTAL)

Official VT-d documentation

Bus options (PCI etc.)  --->
 [*] Enable PCI resource re-allocation detection
 <*> PCI Stub driver
 [*] PCI IOV support
Device Drivers  --->
 [*] IOMMU Hardware Support  --->
  [ ]   AMD IOMMU support
  [*]   Support for Intel IOMMU using DMA Remapping Devices
  [*]     Enable Intel DMA Remapping Devices by default
  [*]   Support for Interrupt Remapping (EXPERIMENTAL)

Device Drivers  --->
 Misc devices  --->
  <*> VMware Balloon Driver
 SCSI device support  --->
  [*] SCSI low-level drivers  --->
   <*>   VMware PVSCSI driver support
 [*] Network device support  --->
  <*>   VMware VMXNET3 ethernet driver
 Graphics support  --->
  <*> Direct Rendering Manager (XFree86 4.1.0 and higher DRI support)  --->
   <*>   DRM driver for VMware Virtual GPU