On 2/6/26 16:05, Stefano Stabellini wrote: > Introduce CONFIG_NESTED_VIRT (default y, requires EXPERT to disable) > to allow nested virtualization support to be disabled at build time. > This is useful for embedded or safety-focused deployments where > nested virtualization is not needed, reducing code size and attack > surface. > > When CONFIG_NESTED_VIRT=n, the following source files are excluded: > - arch/x86/hvm/nestedhvm.c > - arch/x86/hvm/svm/nestedsvm.c > - arch/x86/hvm/vmx/vvmx.c > - arch/x86/mm/nested.c > - arch/x86/mm/hap/nested_hap.c > - arch/x86/mm/hap/nested_ept.c > > Add inline stubs where needed in headers. > > No functional change when CONFIG_NESTED_VIRT=y. > > Signed-off-by: Stefano Stabellini <[email protected]>
Commit message is stale: the default is now N and the dependency on EXPERT was removed. Personally, I would add a dependency on UNSUPPORTED, since it is known to not work well and should not be used. -- Sincerely, Demi Marie Obenour (she/her/hers)
OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
