forge/pve-kernel-thunderx
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

revert KVM nested param back to off as default, for now

Browse source 
Else everyone booting the 5.0 based kernel will have nesting
activated by default[0], and this break live migration for all VMs
with CPU type host, even if they do not host KVM (nested) guests
themself and never made a VMX call, at least with newer QEMU versions
>= 3.1 [1]

While the kernel now may had good reasons to change the default to
true for this[0], i.e., it can now handle nested guest migrations in
a nice and sane way, the user space side of this in QEMU is not yet
ready, and may only become so with or even after 4.1.

After we have a working qemu which can also live migrate arbitrary
nested guest we may well enable this as default, but until then it
brings just pain but no advantage.

So let's protect people which did not manually enabled nesting for
a live-migration breakage. All those who enabled nesting manually
them self knew that it was still experimental and thus will have to
live with their decision and have a live migration breakage (for
those VMs with CPU type 'host')

[0]: https://git.kernel.org/torvalds/c/1e58e5e59148916fa43444a406335a990783fb78
[1]: https://git.qemu.org/gitweb.cgi?p=qemu.git;a=commitdiff;h=d98f26073bebddcd3da0ba1b86c3a34e840c0fb8

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Thomas Lamprecht 2019-06-07 21:41:38 +02:00
parent faed21722c
commit 6ac09c547c
1 changed files with 32 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
patches/kernel/0005-Revert-KVM-VMX-enable-nested-virtualization-by-defau.patch Normal file
View file

@ -0,0 +1,32 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Thomas Lamprecht <t.lamprecht@proxmox.com>
Date: Fri, 7 Jun 2019 21:16:42 +0200
Subject: [PATCH] Revert "KVM: VMX: enable nested virtualization by default"
This reverts commit 1e58e5e59148916fa43444a406335a990783fb78
As we're not yet there, and this effectively breaks live migration
for all VMs using host or +vmx which did not manually enabled nesting
Those which already enabled nesting manually have already breakage,
but that was something to expect. The situation will get better in
the future (probably post qemu 4.1).
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
arch/x86/kvm/vmx/vmx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/kvm/vmx/vmx.c b/arch/x86/kvm/vmx/vmx.c
index c2e017de4541..08bf16f447ab 100644
--- a/arch/x86/kvm/vmx/vmx.c
+++ b/arch/x86/kvm/vmx/vmx.c
@@ -106,7 +106,7 @@ module_param(enable_apicv, bool, S_IRUGO);
* VMX and be a hypervisor for its own guests. If nested=0, guests may not
* use VMX instructions.
*/
-static bool __read_mostly nested = 1;
+static bool __read_mostly nested = 0;
module_param(nested, bool, S_IRUGO);
static u64 __read_mostly host_xss;