Commit b6a68b97 authored by Marc Zyngier's avatar Marc Zyngier
Browse files

KVM: arm64: Allow KVM to be disabled from the command line 



Although KVM can be compiled out of the kernel, it cannot be disabled
at runtime. Allow this possibility by introducing a new mode that
will prevent KVM from initialising.

This is useful in the (limited) circumstances where you don't want
KVM to be available (what is wrong with you?), or when you want
to install another hypervisor instead (good luck with that).

Reviewed-by: default avatarDavid Brazdil <dbrazdil@google.com>
Acked-by: default avatarWill Deacon <will@kernel.org>
Acked-by: default avatarSuzuki K Poulose <suzuki.poulose@arm.com>
Signed-off-by: default avatarMarc Zyngier <maz@kernel.org>
Reviewed-by: default avatarAndrew Scull <ascull@google.com>
Link: https://lore.kernel.org/r/20211001170553.3062988-1-maz@kernel.org
parent 9e1ff307

Documentation/admin-guide/kernel-parameters.txt

+2 −0
Original line number Diff line number Diff line
@@ -2365,6 +2365,8 @@ 
	kvm-arm.mode=

			[KVM,ARM] Select one of KVM/arm64's modes of operation.



			none: Forcefully disable KVM.



			nvhe: Standard nVHE-based mode, without support for

			      protected guests.

arch/arm64/include/asm/kvm_host.h

+1 −0
Original line number Diff line number Diff line
@@ -58,6 +58,7 @@ 
enum kvm_mode {

	KVM_MODE_DEFAULT,

	KVM_MODE_PROTECTED,

	KVM_MODE_NONE,

};

enum kvm_mode kvm_get_mode(void);

arch/arm64/kvm/arm.c

+13 −1
Original line number Diff line number Diff line
@@ -2064,6 +2064,11 @@ int kvm_arch_init(void *opaque) 
		return -ENODEV;

	}



	if (kvm_get_mode() == KVM_MODE_NONE) {

		kvm_info("KVM disabled from command line\n");

		return -ENODEV;

	}



	in_hyp_mode = is_kernel_in_hyp_mode();



	if (cpus_have_final_cap(ARM64_WORKAROUND_DEVICE_LOAD_ACQUIRE) ||
@@ -2137,8 +2142,15 @@ static int __init early_kvm_mode_cfg(char *arg) 
		return 0;

	}



	if (strcmp(arg, "nvhe") == 0 && !WARN_ON(is_kernel_in_hyp_mode()))

	if (strcmp(arg, "nvhe") == 0 && !WARN_ON(is_kernel_in_hyp_mode())) {

		kvm_mode = KVM_MODE_DEFAULT;

		return 0;

	}



	if (strcmp(arg, "none") == 0) {

		kvm_mode = KVM_MODE_NONE;

		return 0;

	}



	return -EINVAL;

}