On Thu, Jan 14, 2021, Vitaly Kuznetsov wrote: > Sean Christopherson <seanjc@xxxxxxxxxx> writes: > > > On Wed, Jan 13, 2021, Vitaly Kuznetsov wrote: > >> Hyper-V emulation is enabled in KVM unconditionally. This is bad at least > >> from security standpoint as it is an extra attack surface. Ideally, there > >> should be a per-VM capability explicitly enabled by VMM but currently it > > > > Would adding a module param buy us anything (other than complexity)? > > > > A tiny bit, yes. This series is aimed at protecting KVM from 'curious > guests' which can try to enable Hyper-V emulation features even when > they don't show up in CPUID. A module parameter would help to protect > against a malicious VMM which can still enable all these features. What > I'm not sure about is how common Linux-guests-only deployments (where > the parameter can actually get used) are as we'll have to keep it > 'enabled' by default to avoid breaking existing deployments. I always forget that these "optional" features aren't so optional for Windows guests. Given that, it does seem like a module param would be of dubious value. What I really want for my own personal development is a Kconfig option to turn it off completely and shave a few cycles of build time, but I can't even justify that to myself :-)
