Received: by 2002:ab2:6309:0:b0:1fb:d597:ff75 with SMTP id s9csp1370785lqt; Fri, 7 Jun 2024 17:09:21 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCW8P0/wSBlml9q+S/IPfAeP/FnzDXKSGW2VN22lnhkeSLUDZ6J414IB6yXngGN2tPqMmryEJXaYBa5mr78Pe3d3fNvfhANE7dtidw7iSA== X-Google-Smtp-Source: AGHT+IG11nvRphNlMc9f3eizu6kzt0BKh/9QUxdhL/O0x8bQfxa60esIIAXh3nC6d9hlF1GlJVpX X-Received: by 2002:a17:90b:1918:b0:2c2:53f9:56fe with SMTP id 98e67ed59e1d1-2c2bcb1060cmr3664781a91.24.1717805361309; Fri, 07 Jun 2024 17:09:21 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1717805361; cv=pass; d=google.com; s=arc-20160816; b=k4PU9W6R2aXqcxTJ3sq7Wh218EjWGnretyl+HUNE8KN50kTw2HymY7xDcGQxdrrJWJ EOnLDr9zIX2j++gcOcE0qTAhMnK/31zBr5ouuh9dnsVAGHD7Qbta9pThEICV4Lb/B4s/ yX3JiPl95zSufY6vz61jsCa1tEO3jfFPXtTo8Sx9qUPktOCtX8SHB1hMEJf7yXbRLJ1L FHwkYZ4283wiXFhvks1gr8MYA8HI0HDkn8gJ+A0Njhc9nuUi8p0K38xxwiwzyPcRvzN6 Ho6gJR8RDfobFhNRxFKeI7GWzi4FyqECXtjyVVnrHiKUHQIZMKe6x2hUk/o0ExVuO9uo gMbg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=cc:to:from:subject:message-id:references:mime-version :list-unsubscribe:list-subscribe:list-id:precedence:in-reply-to:date :reply-to:dkim-signature; bh=BUjd1F/nSMBLgzmpYGS3K0aopy7os8Y5usHW0sJFCA4=; fh=5NXoLybVX26yjEN/lV2wlY2SO3VoGYqQsF/QZzoZunc=; b=FLxRsHnYX6/jx8Ds9i76rwfE7XqeNl6uyzwQouEFF9lQS5BnWgIgWBLUk0giwWB/2c VWq0IQg3NM3Z73tjNpy8VZBJT0gRfagxxxd/25/y6j02Dg7BGbNWcZ+4siBE7raD52en AM/VfQbRP/509uJGDYphq8VeCqxHYPsOVUKPqcCSo4LDa5ZQPqn0QyO174HHS4M0Xx/2 uEwBtlD6unP/V0DKELhAZTmd+FbIwSFUt2hqYy1IV3Hc37yLLsYYwo/Z34LGQGyramic e7QxPof7+Aluzf4HS9ri3Y33bjBxzmigtJyvLizidKXqab3Lc7mV2mo8gT7WfzpGjeCc M97g==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=teDdsSyT; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-206847-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-206847-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [2604:1380:40f1:3f00::1]) by mx.google.com with ESMTPS id 98e67ed59e1d1-2c2d0e5943fsi1139208a91.66.2024.06.07.17.09.20 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 07 Jun 2024 17:09:21 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-206847-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) client-ip=2604:1380:40f1:3f00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=teDdsSyT; arc=pass (i=1 spf=pass spfdomain=flex--seanjc.bounces.google.com dkim=pass dkdomain=google.com dmarc=pass fromdomain=google.com); spf=pass (google.com: domain of linux-kernel+bounces-206847-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:40f1:3f00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-206847-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sy.mirrors.kernel.org (Postfix) with ESMTPS id EE663B2207E for ; Sat, 8 Jun 2024 00:09:07 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 111FE21345; Sat, 8 Jun 2024 00:07:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="teDdsSyT" Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com [209.85.128.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D675F1EEF9 for ; Sat, 8 Jun 2024 00:06:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717805219; cv=none; b=FjOXW8s2tr/Ey7cXyHuuhUIJt7QptXzBVUdhRVUkFm/oi3ISNELZt3Kazn2+lNKr6FpmFxMeRNHOvkrOBQ/aB828L8Q/nnBins2w9GlN0MQ2DrGBvN+ld0obD890/tAjA///R30Q1HRQuUXtXq1CR2fToGvb8/3S2BUTAZbRKV8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1717805219; c=relaxed/simple; bh=keNcwSMF4FkApxmQ2VK4QyKAfPOMI5FV7pwCXoqwCiw=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=LIuYOkofv4S7vyfjJqOYjU8hLCFWmds7QlY2/vVN5cbv4KKbH/ZmJ63CBw59oTRi6ShgY3pSt87iJpKVhmQtv+vbBmRIzbAOug5NLYlHnbrn0itGEKhSlhy0F0vrfzHFjKgtVYRHZWtKHS1nboxxfG5Nr8HaC01D6G0K9iC4wM4= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=teDdsSyT; arc=none smtp.client-ip=209.85.128.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--seanjc.bounces.google.com Received: by mail-yw1-f201.google.com with SMTP id 00721157ae682-62a23864df0so43321207b3.0 for ; Fri, 07 Jun 2024 17:06:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1717805217; x=1718410017; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:from:to:cc:subject:date:message-id:reply-to; bh=BUjd1F/nSMBLgzmpYGS3K0aopy7os8Y5usHW0sJFCA4=; b=teDdsSyTCKURqYcoDOZTAbKcSPC/I+JFVsgAmD3RQIO8Tj1AZdWwdl0hlVq6qqIob+ AY6n+mdi2I2ElQK0VdRAPccYgLo/mTzynKGXdxvDHfg3A6qziHEkqtfHAuAJ0f4uJn59 HcjnrzFP4oQNd5ghpbOpQQyWIrfGlQfzHRhkLEh2T9EsjEB0D/gM0xY5hI5D87aQP+uE 9s9gTobOxYOfn8rspF/3XBPYDfh4nhlHrvI96NFCUrvWn8L/viy/LHOlpPeXFd5uy/35 gEpPWprrpdgn6XRtITCNsEiy1thtdHeoM+nAGRl+NJX/mRcPJaiPwWOOFGdAzd6Dj8dp 2CVg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1717805217; x=1718410017; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:reply-to:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=BUjd1F/nSMBLgzmpYGS3K0aopy7os8Y5usHW0sJFCA4=; b=GG9QLDnhFqXaizh+8awpI9AetL2ah5obzPosgy1OWKDp+DC3LJmAoMtpcnlBmrQLn7 mRNzOStQ8TJJgJJVbMm/1XBaigtmvr8QsKLDRzEllH6OUcX48WNoLmjdWBDUZwjRFK5y 4EEB/0FR5xf23Ss7GkBkYkJPTj0XOFK8Le0A4QZUO4Wiz+55sYmjF6i1+RnGZp6i8cd9 jrsqPjMV9U9JADhG+P/yZYgzNCsZM6hNwMVi3hD+L4m9JCqLO2OVGUfs2PjR8k9WnLiU +mcEqbwEX8TGxvIwtAwunxaktEq3+tfQS/g9cUo1180zyhLUzzUVqfuM+SqyfhWy07yC Kbug== X-Forwarded-Encrypted: i=1; AJvYcCWkX0oIXvMfxO7shRsSKbpRwbdu2WEpXb09rjxV0vmthv/7Ig+Zt+oRRCHuesCJs1WNJ3PXNdYvcFeu/xfVcW5KiwwL5YKSArl+FTOM X-Gm-Message-State: AOJu0YzSnE8+2mPhs6qcPlU6ItgnvxSG82iilVN3GMj1Xjz6aWzGalh+ Jo7kC9/zu4KY6DKnajNQuwYEMq/sU3D+yZCUZiwRLqamFpGdUiNjWKbGDyS3QfueWWFaKn4d4xP Oug== X-Received: from zagreus.c.googlers.com ([fda3:e722:ac3:cc00:7f:e700:c0a8:5c37]) (user=seanjc job=sendgmr) by 2002:a05:690c:6609:b0:627:a97a:3bcc with SMTP id 00721157ae682-62cd56e1bc9mr11028927b3.9.1717805216879; Fri, 07 Jun 2024 17:06:56 -0700 (PDT) Reply-To: Sean Christopherson Date: Fri, 7 Jun 2024 17:06:39 -0700 In-Reply-To: <20240608000639.3295768-1-seanjc@google.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20240608000639.3295768-1-seanjc@google.com> X-Mailer: git-send-email 2.45.2.505.gda0bf45e8d-goog Message-ID: <20240608000639.3295768-9-seanjc@google.com> Subject: [PATCH v3 8/8] KVM: Enable virtualization at load/initialization by default From: Sean Christopherson To: Paolo Bonzini , Sean Christopherson Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Chao Gao , Kai Huang Content-Type: text/plain; charset="UTF-8" Enable virtualization when KVM loads by default, as doing so avoids the potential runtime overhead associated with using the cpuhp framework to enabling virtualization on each CPU. Prior to commit 10474ae8945c ("KVM: Activate Virtualization On Demand"), KVM _unconditionally_ enabled virtualization during load, i.e. there's no fundamental reason KVM needs to dynamically toggle virtualization. These days, the only known argument for not enabling virtualization is to allow KVM to be autoloaded without blocking other out-of-tree hypervisors, and such use cases can simply change the module param, e.g. via command line. Note, the aforementioned commit also mentioned that enabling SVM (AMD's virtualization extensions) can result in "using invalid TLB entries". It's not clear whether the changelog was referring to a KVM bug, a CPU bug, or something else entirely. Regardless, leaving virtualization off by default is not a robust "fix", as any protection provided is lost the instant userspace creates the first VM. Suggested-by: Chao Gao Signed-off-by: Sean Christopherson --- virt/kvm/kvm_main.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c index e20189a89a64..1440c0a7c3c3 100644 --- a/virt/kvm/kvm_main.c +++ b/virt/kvm/kvm_main.c @@ -5495,7 +5495,7 @@ static struct miscdevice kvm_dev = { }; #ifdef CONFIG_KVM_GENERIC_HARDWARE_ENABLING -static bool enable_virt_at_load; +static bool enable_virt_at_load = true; module_param(enable_virt_at_load, bool, 0444); __visible bool kvm_rebooting; -- 2.45.2.505.gda0bf45e8d-goog