Re: [PATCH v2] Documentation: Update the behaviour of "kvm-arm.mode"

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Marc Zyngier <maz@kernel.org>
To: Mostafa Saleh <smostafa@google.com>
Cc: linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org,
	linux-arm-kernel@lists.infradead.org, corbet@lwn.net,
	Will Deacon <will@kernel.org>
Subject: Re: [PATCH v2] Documentation: Update the behaviour of "kvm-arm.mode"
Date: Thu, 24 Oct 2024 17:43:49 +0100	[thread overview]
Message-ID: <86o73930ze.wl-maz@kernel.org> (raw)
In-Reply-To: <20241024160614.1894599-1-smostafa@google.com>

Hi Mostafa,

On Thu, 24 Oct 2024 17:06:14 +0100,
Mostafa Saleh <smostafa@google.com> wrote:
> 
> Commit 5053c3f0519c ("KVM: arm64: Use hVHE in pKVM by default on CPUs with
> VHE support") modified the behaviour of "kvm-arm.mode=protected" without
> the updating the kernel parameters doc.
> 
> Update it to match the current implementation.
> 
> Also, update required architecture version for nested virtualization as
> suggested by Marc.
> 
> Cc: Will Deacon <will@kernel.org>
> Cc: Marc Zyngier <maz@kernel.org>
> 
> Signed-off-by: Mostafa Saleh <smostafa@google.com>
> 
> ---
> v2: Update nested value also

Thanks for that. However...

> ---
>  Documentation/admin-guide/kernel-parameters.txt | 10 +++++++---
>  1 file changed, 7 insertions(+), 3 deletions(-)
> 
> diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
> index 1518343bbe22..d5b771e5cb5b 100644
> --- a/Documentation/admin-guide/kernel-parameters.txt
> +++ b/Documentation/admin-guide/kernel-parameters.txt
> @@ -2740,12 +2740,16 @@
>  			nvhe: Standard nVHE-based mode, without support for
>  			      protected guests.
>  
> -			protected: nVHE-based mode with support for guests whose
> +			protected: hVHE-based mode with support for guests whose
>  				   state is kept private from the host.
> +				   In case hVHE is not supported in hardware, it will
> +				   boot with protected nVHE.
> +				   nVHE protected mode can still be forced on VHE systems
> +				   using "kvm_arm.mode=protected arm64_sw.hvhe=0 id_aa64mmfr1.vh=0"


I probably didn't explain myself very well. I would like to avoid
mentioning hVHE at all, because this is pretty confusing (and really
an implementation detail). Instead, we can talk about VHE/nVHE, which
are real architectural features.

Also, I just realised that we can use your command-line magic for
downgrading from VHE to nVHE in all cases, so I'd be suggesting
something like this:

diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index 1518343bbe223..2bb19f1331fed 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -2740,8 +2740,9 @@
 			nvhe: Standard nVHE-based mode, without support for
 			      protected guests.
 
-			protected: nVHE-based mode with support for guests whose
-				   state is kept private from the host.
+			protected: Mode with support for guests whose state is
+				   kept private from the host, using VHE or
+				   nVHE depending on HW support.
 
 			nested: VHE-based mode with support for nested
 				virtualization. Requires at least ARMv8.3
@@ -2749,8 +2750,11 @@
 
 			Defaults to VHE/nVHE based on hardware support. Setting
 			mode to "protected" will disable kexec and hibernation
-			for the host. "nested" is experimental and should be
-			used with extreme caution.
+			for the host. To force nVHE on VHE hardware, add
+			"arm64_sw.hvhe=0 id_aa64mmfr1.vh=0" to the
+			command-line.
+			"nested" is experimental and should be used with
+			extreme caution.
 
 	kvm-arm.vgic_v3_group0_trap=
 			[KVM,ARM,EARLY] Trap guest accesses to GICv3 group-0


>
>  			nested: VHE-based mode with support for nested
> -				virtualization. Requires at least ARMv8.3
> -				hardware.
> +				virtualization. Requires at least ARMv8.4
> +				hardware (with FEAT_NV2).

That part looks good!

Thanks,

	M.

-- 
Without deviation from the norm, progress is not possible.

next prev parent reply	other threads:[~2024-10-24 16:47 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-10-24 16:06 [PATCH v2] Documentation: Update the behaviour of "kvm-arm.mode" Mostafa Saleh
2024-10-24 16:43 ` Marc Zyngier [this message]
2024-10-24 16:55   ` Mostafa Saleh

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:1518343bbe22 dfblob:2bb19f1331fe )
 OR (
bs:"Re: [PATCH v2] Documentation: Update the behaviour of "
bs:"kvm-arm.mode" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=86o73930ze.wl-maz@kernel.org \
    --to=maz@kernel.org \
    --cc=corbet@lwn.net \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-doc@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=smostafa@google.com \
    --cc=will@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.