summaryrefslogtreecommitdiff
path: root/rust/kernel/interop/git@git.tavy.me:linux-stable.git
diff options
context:
space:
mode:
authorLi RongQing <lirongqing@baidu.com>2026-02-02 04:50:04 -0500
committerSean Christopherson <seanjc@google.com>2026-03-02 14:50:30 -0800
commit5a6b189317501169b0510f2f1256cfc0c6ca81c7 (patch)
tree5e4859d83bde273481a2d0f46788a2f91420d34c /rust/kernel/interop/git@git.tavy.me:linux-stable.git
parent46ee9d718b9b67a8be067a39e21da6634107ed0e (diff)
KVM: SVM: Mark module parameters as __ro_after_init for security and performance
SVM module parameters such as avic, sev_enabled, npt_enabled, and pause_filter_thresh are configured exclusively during initialization (via kernel command line) and remain constant throughout runtime. Additionally, sev_supported_vmsa_features and svm_gp_erratum_intercept, while not exposed as module parameters, share the same initialization pattern and runtime constancy. Mark these variables with '__ro_after_init' to: - Harden against accidental or malicious runtime modification - Enable compiler and CPU optimizations (improved caching, branch prediction) - Align with kernel security best practices for init-only configuration The exception is 'iopm_base', which retains '__read_mostly' as it requires updates during module unloading. Suggested-by: Sean Christopherson <seanjc@google.com> Signed-off-by: Li RongQing <lirongqing@baidu.com> Link: https://patch.msgid.link/20260202095004.1765-1-lirongqing@baidu.com Signed-off-by: Sean Christopherson <seanjc@google.com>
Diffstat (limited to 'rust/kernel/interop/git@git.tavy.me:linux-stable.git')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2026-04-26 03:02:02 +0000