On Mon, Jun 22, 2020 at 11:53:48PM -0700, Sean Christopherson wrote: > If we do get agressive and zap all children (or if my analysis is wrong), > and prevent the mixed level insansity, then a simpler approach would be to > skip the lookup if the MMU is direct. I.e. no need for the per-VM toggle. > Direct vs. indirect MMUs are guaranteed to have different roles and so the > direct MMU's pages can't be reused/shared.
Clarification on the above. Direct and not-guaranteed-to-be-direct MMUs for a given VM are guaranteed to have different roles, even for nested NPT vs. NPT, as nested MMUs will have role.guest_mode=1.
