On Tue, 27 Jun 2023 00:42:53 +0100, "Lameter, Christopher" <cl@xxxxxxxxxxxxxxxxxxxxxx> wrote: > > On Fri, 23 Jun 2023, Marc Zyngier wrote: > > >> That sounds great, but my initial question would be whether, with such a > >> setup, one could then run VMs under such a kernel without hardware that > >> supports nested virtualisation? I suspect the answer would be no. > > > > The answer is yes. All you need to do is to switch between the host > > and guest stage-2s in the hypervisor, which is what KVM running in > > protected mode does. > > Well I think his point was that there are machines running without a > hypervisor and kernel replication needs to work on that. We certainly > benefit a lot from kernel replication and our customers may elect to > run ARM64 kernels without hypervisors on bare metal. These are not incompatible goals. The hypervisor is a function that the user may want to enable or not. Irrespective of that, the HW that underpins the virtualisation functionality is available and allows you to solve this particular problem in a different way. This doesn't preclude from running bare-metal at all. There is even precedent in using stage-2 to work around critical bugs (the Socionext PCIe fiasco springs to mind). M. -- Without deviation from the norm, progress is not possible.
