[PATCH v1 00/24] Opt-in always-on nVHE hypervisor
Marc Zyngier
maz at kernel.org
Tue Nov 10 06:18:56 EST 2020
On 2020-11-10 10:15, Christoph Hellwig wrote:
> On Mon, Nov 09, 2020 at 11:32:09AM +0000, David Brazdil wrote:
>> As we progress towards being able to keep guest state private to the
>> host running nVHE hypervisor, this series allows the hypervisor to
>> install itself on newly booted CPUs before the host is allowed to run
>> on them.
>
> Why? I thought we were trying to kill nVHE off now that newer CPUs
> provide the saner virtualization extensions?
We can't kill nVHE at all, because that is the only game in town.
You can't even buy a decent machine with VHE, no matter how much money
you put on the table.
nVHE is here for the foreseeable future, and we even use its misfeatures
to our advantage in order to offer confidential VMs. See Will's
presentation
at KVM forum a couple of weeks ago for the gory details.
Thanks,
M.
--
Jazz is not dead. It just smells funny...
More information about the linux-arm-kernel
mailing list