On Thu, Nov 25, 2021, Paolo Bonzini wrote: > On 11/25/21 21:11, Thomas Gleixner wrote: > > > > > > Use kvm_x86_ops.cache_reg() in ept_update_paging_mode_cr0() rather than > > > trying to expose vt_cache_reg() to vmx.c, even though it means taking a > > > retpoline. The code runs if and only if EPT is enabled but unrestricted > > > guest. > > This sentence does not parse because it's not a proper sentence. Heh, supposed to be "... but unrestricted guest is disabled". > > > Only one generation of CPU, Nehalem, supports EPT but not > > > unrestricted guest, and disabling unrestricted guest without also > > > disabling EPT is, to put it bluntly, dumb. > > This one is only significantly better and lacks an explanation what this > > means for the dumb case. > > Well, it means a retpoline (see paragraph before). No, the point being made is that, on a CPU that supports Unrestricted Guest (UG), disabling UG without disabling EPT is really, really stupid. UG requires EPT, so disabling EPT _and_ UG is reasonable as there are scenarios where using shadow paging is desirable. But inentionally disabling UG and enabling EPT makes no sense. It forces KVM to emulate non-trivial amounts of guest code and has zero benefits for anything other than testing KVM itself. > why it one wouldn't create a vt.h header with all vt_* functions. > > Paolo >
