On Fri, 20 Jun 2025 12:09:38 +0100, Alexandru Elisei <alexandru.elisei@xxxxxxx> wrote: > > Hi Andre, > > Thanks for doing this, it was needed. Haven't given this a proper look (I'm > planning to do that though!), but something jumped at me, below. > > On Fri, Jun 20, 2025 at 11:44:53AM +0100, Andre Przywara wrote: > > The ARMv8.3 architecture update includes support for nested > > virtualization. Allow the user to specify "--nested" to start a guest in > > './vm help run' shows: > > --pmu Create PMUv3 device > --disable-mte Disable Memory Tagging Extension > --no-pvtime Disable stolen time > > Where: > > --pmu checks for KVM_CAP_ARM_PMU_V3. > --disable-mte is there because MTE is enabled automatically for a guest when > KVM_CAP_ARM_MTE is present. > --no-pvtime is there because pvtime is enabled automatically; no capability > check is needed, but the control group for pvtime is called > KVM_ARM_VCPU_PVTIME_CTRL. > > What I'm trying to get at is that the name for the kvmtool command line option > matches KVM's name for the capability. What do you think about naming the > parameter --el2 to match KVM_CAP_ARM_EL2 instead of --nested? > > Also, I seem to remember that the command line option for enabling > KVM_CAP_ARM_EL2_E2H0 in Marc's repo is --e2h0, so having --el2 instead of > --nested looks somewhat more consistent to me. > > Thoughts? I think --el2 describes the wrong thing. We don't only expose EL2 to a guest, but we also expose FEAT_NV2 by default. So "nested" is IMO closer to the effects of the capability. If anything, it is KVM_CAP_ARM_EL2 that is badly named (yes, there is some history here, but I'm not going to entertain changing the #define after 8 years). Similarly, QEMU has "virtualization=on" as an indication that it should engage NV, and not "el2=on". If you wanted a pure --el2 flag, then it should engage NV just like --nested does, but disable FEAT_NV2 in the idregs. This would give you EL2 without recursive NV and HCR_EL2.E2H RES1. Thanks, M. -- Without deviation from the norm, progress is not possible.
