On 05/07/2018 09:27 AM, Paolo Bonzini wrote: > Not having KPTI slow down to a crawl without EPT is surely useful, but I > wonder if this could be generalized a bit, so that for example we don't > acquire the MMU lock on nested vmentry/vmexit... Yes, it seems like we may be able to use a similar scheme for L1<->L2 switches. For nested vmexits, we should always be able to use the fast path. For nested vmentries, we could use the fast path if the target CR3/EPTP is the same as the previous one. Thanks, Junaid
