Avi Kivity <avi at redhat.com> writes: > Eduardo Habkost wrote: >> Can't we just set a flag when we are about to enable vmx, so we run vmxoff >> only when know it's enabled? There will be a tiny window between setting >> this flag and and actually running vmxon where things could go wrong, >> but this doesn't look that bad. >> > > It makes more sense to have a vmxon api in the core; you call it, the kernel > enables it and sets a flag; then either you or the core can disable it. Yes. That sounds like the most maintainable approach. >> The patches I've sent to the kvm mailing list added a notifier interface >> specific for kexec_crash, using raw_notifier_*(). >> >> IMO, if a notifier registration interface was acceptable, the raw >> notifiers would be good enough for that. But Eric seems to think that >> adding a notifier registration interface for the crash handler path >> wouldn't be a good idea, and I am starting to agree with him. >> >> > > I wouldn't mind notifiers (with a nice comment explaining that you must know > what you're doing, though that's the case with most kernel APIs). I'm fine with > either approach. This is the 3rd request I have seen for a notifier. This is the first request I have seen for code that must be executed in the kexec on panic path. So history suggest to me that notifiers make it unreasonably easy to get code onto the kexec on panic code path. Occasionally the kexec on panic code path is tested to see how well it works in strange situations like being called from a stack overflow etc. The rest of the history is that previous attempts like lkcd had very programmer friendly interfaces, that worked fine in test environments giving beautiful core dumps, but when things broke in the field they were essentially useless. The kdump approach is still not completely reliable but it does work well enough that people get useful crash dumps sometimes. I feel anything that makes the kexec on panic code path harder to verify it will work when things are crazy broken, like a notifier is something we should avoid. Eric
