> -----Original Message----- > From: Sean Christopherson <seanjc@xxxxxxxxxx> > Sent: Friday, June 2, 2023 8:59 AM > To: Sean Christopherson <seanjc@xxxxxxxxxx>; Paolo Bonzini > <pbonzini@xxxxxxxxxx> > Cc: kvm@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx; Li,Rongqing > <lirongqing@xxxxxxxxx>; Yong He <zhuangel570@xxxxxxxxx>; Robert Hoo > <robert.hoo.linux@xxxxxxxxx>; Kai Huang <kai.huang@xxxxxxxxx> > Subject: [PATCH] KVM: x86/mmu: Add "never" option to allow sticky disabling of > nx_huge_pages > > Add a "never" option to the nx_huge_pages module param to allow userspace > to do a one-way hard disabling of the mitigation, and don't create the per-VM > recovery threads when the mitigation is hard disabled. Letting userspace pinky > swear that userspace doesn't want to enable NX mitigation (without reloading > KVM) allows certain use cases to avoid the latency problems associated with > spawning a kthread for each VM. > > E.g. in FaaS use cases, the guest kernel is trusted and the host may create 100+ > VMs per logical CPU, which can result in 100ms+ latencies when a burst of VMs > is created. > Reviewed-by: Li RongQing <lirongqing@xxxxxxxxx> And I hope nx_huge_pages is never by default if CPU reports that it doesn't have such bug Thanks -Li RongQing
