> >> Nested virtualization is interesting. We would like the nested > >> hypervisor to be forced to set the "use GPA for processor tracing" > >> secondary execution control whenever "enable EPT" is set and RTIT_CTL > >> is nonzero. There is no way to encode that in > >> IA32_VMX_PROCBASED_CTLS2, however. It would be nice if Intel could > >> reserve a bit in IA32_VMX_EPT_VPID_CAP for KVM to express that > >> constraint. > > > > Do you mean if nested hypervisor get the capability of "Guest PT use > > GPA" and EPT has enable. Highly recommend nested hypervisor set " > > Guest PT use GPA " as well. > > Well, it's required more than recommended. However, it's only required if "enable EPT" is set and RTIT_CTL is nonzero. > > > If nested hypervisor is also KVM, "use GPA for processor tracing" > > will be set for sure. But other hypervisor may not do that. So, we'd > > better add a flag in IA32_VMX_EPT_VPID_CAP to express that constraint. > > Correct. The constraint would be: > > * RTIT_CTL on entry is zero if EPT is disabled > > * RTIT_CTL on entry is zero if EPT is enabled and "Guest PT uses GPA" is zero > > Maybe IA32_VMX_EPT_VPID_CAP is not the best place. I'll let Intel decide that. > Get it. I have feedback to hardware architect. I hope it can be applied but it may need wait a long time. Thanks, Luwei Kang
