On 19/07/2018 21:44, Jim Mattson wrote:
> If we're using nested EPT, why not do away with this allocation
> altogether, and just use the vpid from vmcs12? The TLB is tagged by
> {PCID, EP4TA, VPID}, and the shadow EP4TA will be different from any
> L1 EP4TA.
For correctness that's true, but INVEPT and INVVPID would impact
performance of L1 and especially of other guests sharing the host with L1.
In particular, we map an all-context INVVPID from L1 to a single-context
INVVPID on the vpid02. I think we could also replace the
KVM_REQ_TLB_FLUSH in INVEPT with a single-context INVVPID; the
"kvm_make_request(KVM_REQ_TLB_FLUSH, vcpu)" in handle_invept in fact
doesn't make much sense.
Paolo
