On Tue, 31 Jan 2023 12:03:52 +0000, Catalin Marinas <catalin.marinas@xxxxxxx> wrote: > > On Tue, Jan 31, 2023 at 09:23:56AM +0000, Marc Zyngier wrote: > > diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt > > index 6cfa6e3996cf..b7b0704e360e 100644 > > --- a/Documentation/admin-guide/kernel-parameters.txt > > +++ b/Documentation/admin-guide/kernel-parameters.txt > > @@ -2553,9 +2553,14 @@ > > protected: nVHE-based mode with support for guests whose > > state is kept private from the host. > > > > + nested: VHE-based mode with support for nested > > + virtualization. Requires at least ARMv8.3 > > + hardware. > > So we can't have protected + nested at the same time? ;) (I guess once > you make the protected mode use VHE, this could be revisited) We could move the whole shadow S2 inside the protected hypervisor, but that's pretty complicated, as this mandates multiple S2 contexts per VMs. I'd really want to see a use case for it before I even try. On the other hand, debugging the protected hypervisor (or at least its VHE version) under NV is pretty fun. Makes the whole debug cycle incredibly short. > In the hope that this averts another post of the series: > > Acked-by: Catalin Marinas <catalin.marinas@xxxxxxx> Thanks! But I'm afraid you'll definitely see more of this stuff. I can only hope it gets merge quicker than I add to it... M. -- Without deviation from the norm, progress is not possible.
