On 26/05/21 17:44, Sean Christopherson wrote:
Sure, making them writable is okay.
making a param writable (new or existing) must come with strong
justification for taking on the extra complexity.
I agree. It's the same for every change, and it's the reason why most
parameters are read-only: no justification for the extra complexity.
But if somebody has a usecase, it can be considered.
Making 'npt' writable is probably feasible ('ept' would be beyond messy), but I
strongly prefer to keep it read-only. The direct impacts on the MMU and SVM
aren't too bad, but NPT is required for SEV and VLS, affects kvm_cpu_caps, etc...
And, no offense to win98, there's isn't a strong use case because outside of
personal usage, the host admin/VMM doesn't know that the guest will be running a
broken kernel.
Making 'npt' writable would be beyond messy too; allowing select VMs to
disable EPT/NPT might be simpler, but not that much. I can't say
offhand if the code would be ugly or not.
Paolo
