On 06/09/2018 18:06, Jim Mattson wrote: > On Thu, Sep 6, 2018 at 6:32 AM, Liran Alon <liran.alon@xxxxxxxxxx> wrote: >> If CPU use both VPID and EPT, TLB entries populated by CPU are tagged >> with both EPTP and VPID. Therefore, if L1 uses EPT, L2 TLB entries >> are separated from L1 TLB entries by the EPTP tags as vmcs02 use >> EPTP02 while vmcs01 use EPTP01. >> >> Thus, we don't need to make sure that vmcs02->vpid != vmcs01->vpid. >> Therefore, we can just set vmcs02->vpid to vmcs12->vpid. >> >> Reviewed-by: Mihai Carabas <mihai.carabas@xxxxxxxxxx> >> Reviewed-by: Darren Kenny <darren.kenny@xxxxxxxxxx> >> Reviewed-by: Nikita Leshchenko <nikita.leshchenko@xxxxxxxxxx> >> Signed-off-by: Liran Alon <liran.alon@xxxxxxxxxx> > > I suggested this back in July, but Paolo didn't like it. I still like it. :-) > > Reviewed-by: Jim Mattson <jmattson@xxxxxxxxxx> The problem with this is still the same as in July, namely that if all guests (at any level) share the VPID space, then L1 can force an invalidation of any VPID (and thus slow down execution of other guests, including siblings of L1) through INVVPID. Paolo
