On 15/04/20 22:18, Jim Mattson wrote: >> Has anyone worked through all the flows to verify this won't break any >> assumptions with respect to enable_unrestricted_guest? I would be >> (pleasantly) surprised if this was sufficient to run L2 without >> unrestricted guest when it's enabled for L1, e.g. vmx_set_cr0() looks >> suspect. > > I think you're right to be concerned. Thirded, but it shouldn't be too hard. Basically, enable_unrestricted_guest must be moved into loaded_vmcs for this to work. It may be more work to write the test cases for L2 real mode <-> protected mode switch, which do not entirely fit into the vmx_tests.c framework (but with the v2 tests it should not be hard to adapt). Paolo
