On Wed, Jan 9, 2019 at 5:00 AM Borislav Petkov <b...@alien8.de> wrote: > > On Wed, Jan 09, 2019 at 01:09:31PM +0100, Vitaly Kuznetsov wrote: > > Hm, why is that? In theory, hypervisors can pass through or emulate the > > required MSRs... > > ...and when the theory becomes reality we'll remove the check.
In practice that may be a long time coming. We don't have many CLOSIDs, or bits in a cache mask, at the h/w level. If you start trying to subdivide those resources to pass a subset to a guest, then you'll quickly find that you have no flexibility in the guest to do anything useful. It would only work if you limited to two, or perhaps three guests. -Tony
