On Thu, Aug 15, 2019 at 04:03:31PM +0200, Vitaly Kuznetsov wrote: > Yang Weijiang <weijiang.yang@xxxxxxxxx> writes: > > > After looked into the issue and others, I feel to make SPP co-existing > > with nested VM is not good, the major reason is, L1 pages protected by > > SPP are transparent to L1 VM, if it launches L2 VM, probably the > > pages would be allocated to L2 VM, and that will bother to L1 and L2. > > Given the feature is new and I don't see nested VM can benefit > > from it right now, I would like to make SPP and nested feature mutually > > exclusive, i.e., detecting if the other part is active before activate one > > feature,what do you think of it? > > I was mostly worried about creating a loophole (if I understand > correctly) for guests to defeat SPP protection: just launching a nested > guest and giving it a protected page. I don't see a problem if we limit > SPP to non-nested guests as step 1: we, however, need to document this > side-effect of the ioctl. Also, if you decide to do this enforecement, > I'd suggest you forbid VMLAUCH/VMRESUME and not VMXON as kvm module > loads in linux guests automatically when the hardware is suitable. > > Thanks, > > -- > Vitaly OK, I'll follow your suggestion to add the exclusion, thanks!
