• Sean Christopherson's avatar
    KVM: Add a module param to allow enabling virtualization when KVM is loaded · b4886fab
    Sean Christopherson authored
    Add an on-by-default module param, enable_virt_at_load, to let userspace
    force virtualization to be enabled in hardware when KVM is initialized,
    i.e. just before /dev/kvm is exposed to userspace.  Enabling virtualization
    during KVM initialization allows userspace to avoid the additional latency
    when creating/destroying the first/last VM (or more specifically, on the
    0=>1 and 1=>0 edges of creation/destruction).
    
    Now that KVM uses the cpuhp framework to do per-CPU enabling, the latency
    could be non-trivial as the cpuhup bringup/teardown is serialized across
    CPUs, e.g. the latency could be problematic for use case that need to spin
    up VMs quickly.
    
    Prior to commit 10474ae8 ("KVM: Activate Virtualization On Demand"),
    KVM _unconditionally_ enabled virtualization during load, i.e. there's no
    fundamental reason KVM needs to dynamically toggle virtualization.  These
    days, the only known argument for not enabling virtualization is to allow
    KVM to be autoloaded without blocking other out-of-tree hypervisors, and
    such use cases can simply change the module param, e.g. via command line.
    
    Note, the aforementioned commit also mentioned that enabling SVM (AMD's
    virtualization extensions) can result in "using invalid TLB entries".
    It's not clear whether the changelog was referring to a KVM bug, a CPU
    bug, or something else entirely.  Regardless, leaving virtualization off
    by default is not a robust "fix", as any protection provided is lost the
    instant userspace creates the first VM.
    Reviewed-by: default avatarChao Gao <chao.gao@intel.com>
    Acked-by: default avatarKai Huang <kai.huang@intel.com>
    Reviewed-by: default avatarKai Huang <kai.huang@intel.com>
    Tested-by: default avatarFarrah Chen <farrah.chen@intel.com>
    Signed-off-by: default avatarSean Christopherson <seanjc@google.com>
    Message-ID: <20240830043600.127750-8-seanjc@google.com>
    Signed-off-by: default avatarPaolo Bonzini <pbonzini@redhat.com>
    b4886fab
kernel-parameters.txt 271 KB