Re: [PATCH 0/9] Intel Processor Trace virtulization enabling

[Paolo Bonzini]

On 18/10/2017 12:18, Kang, Luwei wrote:
>> Nested virtualization is interesting.  We would like the nested
>> hypervisor to be forced to set the "use GPA for processor tracing" 
>> secondary execution control whenever "enable EPT" is set and
>> RTIT_CTL is nonzero.  There is no way to encode that in 
>> IA32_VMX_PROCBASED_CTLS2, however.  It would be nice if Intel could
>> reserve a bit in IA32_VMX_EPT_VPID_CAP for KVM to express that
>> constraint.
>
> Do you mean if nested hypervisor get the capability of "Guest PT use 
> GPA" and EPT has enable. Highly recommend nested hypervisor set "
> Guest PT use GPA " as well.

Well, it's required more than recommended.  However, it's only required
if "enable EPT" is set and RTIT_CTL is nonzero.

> If nested hypervisor is also KVM, "use GPA for processor tracing"
> will be set for sure. But other hypervisor may not do that. So, we'd
> better add a flag in IA32_VMX_EPT_VPID_CAP to express that
> constraint.

Correct.  The constraint would be:

* RTIT_CTL on entry is zero if EPT is disabled

* RTIT_CTL on entry is zero if EPT is enabled and "Guest PT uses GPA" is
zero

Maybe IA32_VMX_EPT_VPID_CAP is not the best place.  I'll let Intel
decide that.

Paolo