The SVM module had a "nested" option, on by default, which controls whether
to allow nested virtualization. Now that VMX also supports nested
virtualization, we can move this option to x86.c, for both SVM and VMX.
The "nested" option takes three possible values. 0 disables nested
virtualization on both SVM and VMX, and 1 enables it on both.
The value 2, which is the default when this module option is not explicitly
set, asks each of SVM or VMX to choose its own default; Currently, VMX
disables nested virtualization in this case, while SVM leaves it enabled.
When nested VMX becomes more mature, this default should probably be changed
to enable nested virtualization on both architectures.
Signed-off-by: Nadav Har'El <nyh@xxxxxxxxxx>
---
--- .before/arch/x86/kvm/svm.c 2010-06-13 15:01:28.000000000 +0300
+++ .after/arch/x86/kvm/svm.c 2010-06-13 15:01:28.000000000 +0300
@@ -158,9 +158,6 @@ static int npt = 1;
module_param(npt, int, S_IRUGO);
-static int nested = 1;
-module_param(nested, int, S_IRUGO);
-
static void svm_flush_tlb(struct kvm_vcpu *vcpu);
static void svm_complete_interrupts(struct vcpu_svm *svm);
--- .before/arch/x86/kvm/x86.c 2010-06-13 15:01:28.000000000 +0300
+++ .after/arch/x86/kvm/x86.c 2010-06-13 15:01:28.000000000 +0300
@@ -95,6 +95,17 @@ EXPORT_SYMBOL_GPL(kvm_x86_ops);
int ignore_msrs = 0;
module_param_named(ignore_msrs, ignore_msrs, bool, S_IRUGO | S_IWUSR);
+/* If nested=1, nested virtualization is supported. I.e., the guest may use
+ * VMX or SVM (as appropriate) and be a hypervisor for its own guests.
+ * If nested=0, nested virtualization is not supported.
+ * When nested starts as 2 (which is the default), it is later modified by the
+ * specific module used (VMX or SVM). Currently, nested will be left enabled
+ * on SVM, but reset to 0 on VMX.
+ */
+int nested = 2;
+EXPORT_SYMBOL_GPL(nested);
+module_param(nested, int, S_IRUGO);
+
#define KVM_NR_SHARED_MSRS 16
struct kvm_shared_msrs_global {
--- .before/arch/x86/kvm/x86.h 2010-06-13 15:01:28.000000000 +0300
+++ .after/arch/x86/kvm/x86.h 2010-06-13 15:01:28.000000000 +0300
@@ -75,4 +75,6 @@ static inline struct kvm_mem_aliases *kv
void kvm_before_handle_nmi(struct kvm_vcpu *vcpu);
void kvm_after_handle_nmi(struct kvm_vcpu *vcpu);
+extern int nested;
+
#endif
--- .before/arch/x86/kvm/vmx.c 2010-06-13 15:01:28.000000000 +0300
+++ .after/arch/x86/kvm/vmx.c 2010-06-13 15:01:28.000000000 +0300
@@ -4310,6 +4310,12 @@ static int __init vmx_init(void)
{
int r, i;
+ /* By default (when nested==2), turn off nested support. This check
+ * should be removed when nested VMX is considered mature enough.
+ */
+ if (nested != 1)
+ nested = 0;
+
rdmsrl_safe(MSR_EFER, &host_efer);
for (i = 0; i < NR_VMX_MSR; ++i)
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
