Commit 1e58e5e5 authored by Paolo Bonzini's avatar Paolo Bonzini

KVM: VMX: enable nested virtualization by default

With live migration support and finally a good solution for exception
event injection, nested VMX should be ready for having a stable userspace
ABI.  The results of syzkaller fuzzing are not perfect but not horrible
either (and might be partially due to running on GCE, so that effectively
we're testing three-level nesting on a fork of upstream KVM!).  Enabling
it by default seems like a nice way to conclude the 4.20 pull request. :)

Unfortunately, enabling nested SVM in 2009 (commit 4b6e4dca) was a
bit premature.  However, until live migration support is in place we can
reasonably expect that it does not offer much in terms of ABI guarantees.
Therefore we are still in time to break things and conform as much as
possible to the interface used for VMX.
Suggested-by: default avatarJim Mattson <jmattson@google.com>
Suggested-by: default avatarLiran Alon <liran.alon@oracle.com>
Reviewed-by: default avatarLiran Alon <liran.alon@oracle.com>
Celebrated-by: default avatarLiran Alon <liran.alon@oracle.com>
Celebrated-by: default avatarWanpeng Li <kernellwp@gmail.com>
Celebrated-by: default avatarWincy Van <fanwenyi0529@gmail.com>
Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
parent 43ce76ce
...@@ -108,7 +108,7 @@ module_param_named(enable_shadow_vmcs, enable_shadow_vmcs, bool, S_IRUGO); ...@@ -108,7 +108,7 @@ module_param_named(enable_shadow_vmcs, enable_shadow_vmcs, bool, S_IRUGO);
* VMX and be a hypervisor for its own guests. If nested=0, guests may not * VMX and be a hypervisor for its own guests. If nested=0, guests may not
* use VMX instructions. * use VMX instructions.
*/ */
static bool __read_mostly nested = 0; static bool __read_mostly nested = 1;
module_param(nested, bool, S_IRUGO); module_param(nested, bool, S_IRUGO);
static bool __read_mostly nested_early_check = 0; static bool __read_mostly nested_early_check = 0;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment