Re: Writable module parameters in KVM

From: Paolo Bonzini
Date: Wed May 26 2021 - 12:30:22 EST

Next message: Mike Rapoport: "Re: [PATCH] x86/Kconfig: decrease maximum of X86_RESERVE_LOW to 512K"
Previous message: Pavel Begunkov: "Re: [syzbot] KCSAN: data-race in __io_uring_cancel / io_uring_try_cancel_requests"
In reply to: Sean Christopherson: "Re: Writable module parameters in KVM"
Next in thread: Ben Gardon: "Re: Writable module parameters in KVM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 26/05/21 17:44, Sean Christopherson wrote:

Sure, making them writable is okay.

making a param writable (new or existing) must come with strong
justification for taking on the extra complexity.

I agree. It's the same for every change, and it's the reason why most parameters are read-only: no justification for the extra complexity. But if somebody has a usecase, it can be considered.

Making 'npt' writable is probably feasible ('ept' would be beyond messy), but I
strongly prefer to keep it read-only. The direct impacts on the MMU and SVM
aren't too bad, but NPT is required for SEV and VLS, affects kvm_cpu_caps, etc...
And, no offense to win98, there's isn't a strong use case because outside of
personal usage, the host admin/VMM doesn't know that the guest will be running a
broken kernel.

Making 'npt' writable would be beyond messy too; allowing select VMs to disable EPT/NPT might be simpler, but not that much. I can't say offhand if the code would be ugly or not.

Paolo

Next message: Mike Rapoport: "Re: [PATCH] x86/Kconfig: decrease maximum of X86_RESERVE_LOW to 512K"
Previous message: Pavel Begunkov: "Re: [syzbot] KCSAN: data-race in __io_uring_cancel / io_uring_try_cancel_requests"
In reply to: Sean Christopherson: "Re: Writable module parameters in KVM"
Next in thread: Ben Gardon: "Re: Writable module parameters in KVM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]