On 28/04/20 09:25, Krish Sadhukhan wrote: >>> >> Absolutely. Unrestricted guest requires EPT, but EPT is invisible to >> the guest. (Currently EPT requires guest MAXPHYADDR = host MAXPHYADDR, >> in the sense that the guest can detect that the host is lying about >> MAXPHYADDR; but that is really a bug that I hope will be fixed in 5.8, >> relaxing the requirement to guest MAXPHYADDR <= host PHYADDR). > > Should EPT for the nested guest be set up in the normal way (PML4E -> > PDPTE-> PDE -> PTE) when GUEST_CR0.PE is zero ? Or does it have to be a > special set up like only the PTEs are needed because no protection and > no paging are used ? I don't understand. When EPT is in use, the vmcs02 CR3 is simply set to the vmcs12 CR3. Paolo
