On 11/05/2018 00:15, Junaid Shahid wrote: >> Not having KPTI slow down to a crawl without EPT is surely useful, >> but I wonder if this could be generalized a bit, so that for >> example we don't acquire the MMU lock on nested vmentry/vmexit... > > Yes, it seems like we may be able to use a similar scheme for L1<->L2 > switches. For nested vmexits, we should always be able to use the > fast path. For nested vmentries, we could use the fast path if the > target CR3/EPTP is the same as the previous one. So my suggestion is to first introduce an optimization for the case where the CR3 and mode haven't changed, where everything is done without the mmu_lock, and then we can add a third "struct kvm_mmu" to be used in LRU fashion. Paolo
