On 31/01/2018 15:54, Jim Mattson wrote: > You seem to be making the assumption that there is one L2. What if > there are 100 L2s, and only one has write-access to IA32_SPEC_CTRL? Or > what if there once was such an L2, but it's been gone for months? The > current mechanism penalizes *all* L2s if any L2, ever, has > write-access to IA32_SPEC_CTRL.
Yes, but how would moving the field into struct loaded_vmcs do anything? Only vmon/vmoff would change anything in vmx->nested.vmcs02. Even then, L1 vmexits will also be penalized because L1 has probably done an RDMSR/WRMSR on L2->L1 vmexit. So I don't think it's an issue? Paolo
