RE: [PATCH] KVM: x86/mmu: Add "never" option to allow sticky disabling of nx_huge_pages
From: Li,Rongqing
Date: Mon Jun 05 2023 - 01:12:28 EST
> -----Original Message-----
> From: Sean Christopherson <seanjc@xxxxxxxxxx>
> Sent: Friday, June 2, 2023 8:59 AM
> To: Sean Christopherson <seanjc@xxxxxxxxxx>; Paolo Bonzini
> <pbonzini@xxxxxxxxxx>
> Cc: kvm@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx; Li,Rongqing
> <lirongqing@xxxxxxxxx>; Yong He <zhuangel570@xxxxxxxxx>; Robert Hoo
> <robert.hoo.linux@xxxxxxxxx>; Kai Huang <kai.huang@xxxxxxxxx>
> Subject: [PATCH] KVM: x86/mmu: Add "never" option to allow sticky disabling of
> nx_huge_pages
>
> Add a "never" option to the nx_huge_pages module param to allow userspace
> to do a one-way hard disabling of the mitigation, and don't create the per-VM
> recovery threads when the mitigation is hard disabled. Letting userspace pinky
> swear that userspace doesn't want to enable NX mitigation (without reloading
> KVM) allows certain use cases to avoid the latency problems associated with
> spawning a kthread for each VM.
>
> E.g. in FaaS use cases, the guest kernel is trusted and the host may create 100+
> VMs per logical CPU, which can result in 100ms+ latencies when a burst of VMs
> is created.
>
Reviewed-by: Li RongQing <lirongqing@xxxxxxxxx>
And I hope nx_huge_pages is never by default if CPU reports that it doesn't have such bug
Thanks
-Li RongQing