Re: [RESEND RFC 2/2] X86: Use KVM CR pin MSRs
From: Borislav Petkov
Date: Mon Dec 23 2019 - 07:06:34 EST
On Sun, Dec 22, 2019 at 11:39:19PM -0800, Andy Lutomirski wrote:
> FWIW, I think that handling these details through Kconfig is the wrong
> choice. Distribution kernels should enable this, and they're not
> going to turn off kexec.
Nope, the other way around is way likely.
> Arguably kexec should be made to work -- there is no fundamental
> reason that kexec should need to fiddle with CR0.WP, for example. But
> a boot option could also work as a short-term option.
The problem with short-term solutions is that they become immutable
once people start using them. So it better be done right from the very
beginning, before it gets exposed.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette