summaryrefslogtreecommitdiffstats
path: root/arch/x86
diff options
context:
space:
mode:
authorPaolo Bonzini <pbonzini@redhat.com>2018-10-17 00:55:22 +0200
committerPaolo Bonzini <pbonzini@redhat.com>2018-10-17 19:10:09 +0200
commit1e58e5e59148916fa43444a406335a990783fb78 (patch)
tree3b066c01b4b0abab52c035c2cddc2845477c1722 /arch/x86
parent43ce76ce731ff7f9cff51124fee738018c18a864 (diff)
downloadlinux-1e58e5e59148916fa43444a406335a990783fb78.tar.gz
linux-1e58e5e59148916fa43444a406335a990783fb78.tar.bz2
linux-1e58e5e59148916fa43444a406335a990783fb78.zip
KVM: VMX: enable nested virtualization by default
With live migration support and finally a good solution for exception event injection, nested VMX should be ready for having a stable userspace ABI. The results of syzkaller fuzzing are not perfect but not horrible either (and might be partially due to running on GCE, so that effectively we're testing three-level nesting on a fork of upstream KVM!). Enabling it by default seems like a nice way to conclude the 4.20 pull request. :) Unfortunately, enabling nested SVM in 2009 (commit 4b6e4dca701) was a bit premature. However, until live migration support is in place we can reasonably expect that it does not offer much in terms of ABI guarantees. Therefore we are still in time to break things and conform as much as possible to the interface used for VMX. Suggested-by: Jim Mattson <jmattson@google.com> Suggested-by: Liran Alon <liran.alon@oracle.com> Reviewed-by: Liran Alon <liran.alon@oracle.com> Celebrated-by: Liran Alon <liran.alon@oracle.com> Celebrated-by: Wanpeng Li <kernellwp@gmail.com> Celebrated-by: Wincy Van <fanwenyi0529@gmail.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'arch/x86')
-rw-r--r--arch/x86/kvm/vmx.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
index 3677609145a4..abeeb45d1c33 100644
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -108,7 +108,7 @@ module_param_named(enable_shadow_vmcs, enable_shadow_vmcs, bool, S_IRUGO);
* VMX and be a hypervisor for its own guests. If nested=0, guests may not
* use VMX instructions.
*/
-static bool __read_mostly nested = 0;
+static bool __read_mostly nested = 1;
module_param(nested, bool, S_IRUGO);
static bool __read_mostly nested_early_check = 0;