--
Acked-by: Christian Lindig <[email protected]>
________________________________________
From: Andrew Cooper <[email protected]>
Sent: 01 October 2020 12:02
To: Jan Beulich
Cc: Xen-devel; Roger Pau Monne; Wei Liu; Ian Jackson; Christian Lindig; Edwin
Torok; Rob Hoes
Subject: Re: [PATCH 3/8] xen/domctl: Introduce and use
XEN_DOMCTL_CDF_nested_virt
On 01/10/2020 11:23, Jan Beulich wrote:
> On 30.09.2020 15:42, Andrew Cooper wrote:
>> @@ -667,6 +668,12 @@ int arch_sanitise_domain_config(struct
>> xen_domctl_createdomain *config)
>> */
>> config->flags |= XEN_DOMCTL_CDF_oos_off;
>>
>> + if ( nested_virt && !hap )
>> + {
>> + dprintk(XENLOG_INFO, "Nested virt not supported without HAP\n");
>> + return -EINVAL;
>> + }
> Initially I was merely puzzled by this not being accompanied by
> any removal of code elsewhere. But when I started looking I couldn't
> find any such enforcement, but e.g. did find nsvm_vcpu_hostrestore()
> covering the shadow mode case. For this to be "No functional change
> yet" as the description claims, could you point me at where this
> restriction is currently enforced?
Currently enforced in the HVM_PARAM_NESTEDHVM write side effect, which
is deleted in patch 5.
~Andrew
