ANDROID: KVM: arm64: Remove DEBUG dependency to PKVM_STACKTRACE

Now pKVM prefaults the entire host stage-2, reading the stacktrace on panic will not trigger any fault. Also, the stacktrace copy is only "leaking" PC values to EL1. The PKVM_STACKTRACE option is therefore a safe option for production. Allow turning it on without PKVM_DEBUG. Bug: 357781595 Change-Id: Ie16dbdf948355f449ddbe830a875ce248e686e79 Signed-off-by: Vincent Donnefort <vdonnefort@google.com>
2025-02-24 11:01:39 +00:00
parent 3b1d8cc5a2
commit 265f4173a2
1 changed files with 12 additions and 12 deletions
--- a/arch/arm64/kvm/Kconfig
+++ b/arch/arm64/kvm/Kconfig
@@ -61,6 +61,18 @@ config PTDUMP_STAGE2_DEBUGFS

 	  If in doubt, say N.

+config PKVM_STACKTRACE
+	bool "Protected KVM hypervisor stacktraces"
+	default n
+	help
+	  Say Y here to enable pKVM hypervisor stacktraces on hyp_panic()
+
+	  If using protected nVHE mode, but cannot afford the associated
+	  memory cost (less than 0.75 page per CPU) of pKVM stacktraces,
+	  say N.
+
+	  If unsure, or not using protected nVHE (pKVM), say N.
+
 config PKVM_MODULE_PATH
 	string "Path to pKVM modules"
 	default ""
@@ -117,18 +129,6 @@ config PKVM_FTRACE

 	  If unsure, Say N.

-config PKVM_STACKTRACE
-	bool "Protected KVM hypervisor stacktraces"
-	default y
-	help
-	  Say Y here to enable pKVM hypervisor stacktraces on hyp_panic()
-
-	  If using protected nVHE mode, but cannot afford the associated
-	  memory cost (less than 0.75 page per CPU) of pKVM stacktraces,
-	  say N.
-
-	  If unsure, or not using protected nVHE (pKVM), say N.
-
 config PKVM_DISABLE_STAGE2_ON_PANIC
 	bool "Disable the host stage-2 on panic"
 	default n