x86, kaiser: allow KAISER to be enabled/disabled at runtime
The KAISER CR3 switches are expensive for many reasons. Not all systems
benefit from the protection provided by KAISER. Some of them can not
pay the high performance cost.
This patch adds a debugfs file. To disable KAISER, you do:
echo 0 > /sys/kernel/debug/x86/kaiser-enabled
and to reenable it, you can:
echo 1 > /sys/kernel/debug/x86/kaiser-enabled
This is a *minimal* implementation. There are certainly plenty of
optimizations that we can do on top of this by using ALTERNATIVES
among other things.
It even leaves the NMI code mostly untouched, doing an unnecessary
but harmless CR3 restore there since it is not horribly performance-
2 files changed