On Mon, Oct 25, 2021, Paolo Bonzini wrote: > On 25/10/21 16:35, Sean Christopherson wrote: > > > So yeah, I think you're right. > > Yep. The alternative would be to explicitly check for a pending APICv update. > > I don't have a strong opinion, I dislike both options equally:-) > > No, checking for the update is worse and with this example, I can now point > my finger on why I preferred the VM check even before: because even though > the page fault path runs in vCPU context and uses a vCPU-specific role, > overall the page tables are still per-VM. Arguably the lack of incorporation into the page role is the underlying bug, and all the shenanigans with synchronizing updates are just workarounds for that bug. I.e. page tables are never strictly per-VM, they're per-role, but we fudge it in this case because we don't want to take on the overhead of maintaining two sets of page tables to handle APICv.