On 11/11/19 16:24, Liran Alon wrote: > Because when L1 don’t use TPR-Shadow, L0 configures vmcs02 without TPR-Shadow. > Thus, writing to vmcs02->tpr_threshold doesn’t have any effect. Uh, sorry that was obvious: if (exec_control & CPU_BASED_TPR_SHADOW) vmcs_write32(TPR_THRESHOLD, vmcs12->tpr_threshold); Paolo > If l1 do use TPR-Shadow, then VMX’s update_cr8_intercept() doesn’t write to vmcs at all, > because it means L1 defines a vTPR for L2 and thus doesn’t provide it direct access to L1 TPR.
