What the commit message doesn't say is, did we miss this
opportunity all along, or has there been a change since commit
47c42e6b4192 ("KVM: x86: fix handling of role.cr4_pae and rename it
to 'gpte_size'", 2019-03-28) that allows this?
The code was wrong from the initial "unsync" commit. The 4-byte vs.
8-byte check papered over the real bug, which was that the roles were
not checked for compabitility. I suspect that the bug only
manisfested as an observable problem when the GPTE sizes mismatched,
thus the PAE check was added.