Sean Christopherson <seanjc@xxxxxxxxxx> writes: > On Wed, Jan 13, 2021, Vitaly Kuznetsov wrote: >> Hyper-V emulation is enabled in KVM unconditionally. This is bad at least >> from security standpoint as it is an extra attack surface. Ideally, there >> should be a per-VM capability explicitly enabled by VMM but currently it > > Would adding a module param buy us anything (other than complexity)? > A tiny bit, yes. This series is aimed at protecting KVM from 'curious guests' which can try to enable Hyper-V emulation features even when they don't show up in CPUID. A module parameter would help to protect against a malicious VMM which can still enable all these features. What I'm not sure about is how common Linux-guests-only deployments (where the parameter can actually get used) are as we'll have to keep it 'enabled' by default to avoid breaking existing deployments. -- Vitaly
