On Tue, Sep 05, 2023, Luiz Capitulino wrote: > From: Sean Christopherson <seanjc@xxxxxxxxxx> > > Commit 0b210faf337314e4bc88e796218bc70c72a51209 upstream. > > Add a "never" option to the nx_huge_pages module param to allow userspace > to do a one-way hard disabling of the mitigation, and don't create the > per-VM recovery threads when the mitigation is hard disabled. Letting > userspace pinky swear that userspace doesn't want to enable NX mitigation > (without reloading KVM) allows certain use cases to avoid the latency > problems associated with spawning a kthread for each VM. > > E.g. in FaaS use cases, the guest kernel is trusted and the host may > create 100+ VMs per logical CPU, which can result in 100ms+ latencies when > a burst of VMs is created. > > Reported-by: Li RongQing <lirongqing@xxxxxxxxx> > Closes: https://lore.kernel.org/all/1679555884-32544-1-git-send-email-lirongqing@xxxxxxxxx > Cc: Yong He <zhuangel570@xxxxxxxxx> > Cc: Robert Hoo <robert.hoo.linux@xxxxxxxxx> > Cc: Kai Huang <kai.huang@xxxxxxxxx> > Reviewed-by: Robert Hoo <robert.hoo.linux@xxxxxxxxx> > Acked-by: Kai Huang <kai.huang@xxxxxxxxx> > Tested-by: Luiz Capitulino <luizcap@xxxxxxxxxx> > Reviewed-by: Li RongQing <lirongqing@xxxxxxxxx> > Link: https://lore.kernel.org/r/20230602005859.784190-1-seanjc@xxxxxxxxxx > Signed-off-by: Sean Christopherson <seanjc@xxxxxxxxxx> > Signed-off-by: Luiz Capitulino <luizcap@xxxxxxxxxx> > --- > arch/x86/kvm/mmu/mmu.c | 41 ++++++++++++++++++++++++++++++++++++----- > 1 file changed, 36 insertions(+), 5 deletions(-) > > I submitted this backport for 6.1.y[1] but we agreed that having it for 6.4.y > is desirable to allow upgrade path. Heh, I would have personally just let 6.4 suffer, but since you went through the effort: Acked-by: Sean Christopherson <seanjc@xxxxxxxxxx>
