Re: [PATCH v4 08/18] KVM: arm64: Add PROTECTED_NVHE_STACKTRACE Kconfig
From: Marc Zyngier
Date: Mon Jul 18 2022 - 02:56:01 EST
[- Drew and android-mm, as both addresses bounce]
On Fri, 15 Jul 2022 07:10:17 +0100,
Kalesh Singh <kaleshsingh@xxxxxxxxxx> wrote:
>
> This can be used to disable stacktrace for the protected KVM
> nVHE hypervisor, in order to save on the associated memory usage.
>
> This option is disabled by default, since protected KVM is not widely
> used on platforms other than Android currently.
>
> Signed-off-by: Kalesh Singh <kaleshsingh@xxxxxxxxxx>
> ---
> arch/arm64/kvm/Kconfig | 15 +++++++++++++++
> 1 file changed, 15 insertions(+)
>
> diff --git a/arch/arm64/kvm/Kconfig b/arch/arm64/kvm/Kconfig
> index 8a5fbbf084df..1edab6f8a3b8 100644
> --- a/arch/arm64/kvm/Kconfig
> +++ b/arch/arm64/kvm/Kconfig
> @@ -46,6 +46,21 @@ menuconfig KVM
>
> If unsure, say N.
>
> +config PROTECTED_NVHE_STACKTRACE
> + bool "Protected KVM hypervisor stacktraces"
> + depends on KVM
> + default n
> + help
> + Say Y here to enable pKVM hypervisor stacktraces on hyp_panic()
> +
> + If you are not using protected nVHE (pKVM), say N.
> +
> + If using protected nVHE mode, but cannot afford the associated
> + memory cost (less than 0.75 page per CPU) of pKVM stacktraces,
> + say N.
> +
> + If unsure, say N.
> +
Can we make this depend on NVHE_EL2_DEBUG instead? I'd like to keep
the disclosing of EL2 information in protected mode a strict debug
feature.
> config NVHE_EL2_DEBUG
> bool "Debug mode for non-VHE EL2 object"
> depends on KVM
Thanks,
M.
--
Without deviation from the norm, progress is not possible.