On Wed, Sep 30, 2020 at 02:42:48PM +0100, Andrew Cooper wrote: > Nested virt is still experimental, and requires explicitly opting in to at > domain create time. The VMX/SVM features should not be visible by default. > > Also correct them from all HVM guests, to just HAP-enabled guests. This has > been the restriction for SVM right from the outset (c/s e006a0e0aaa), while > VMX was first introduced supporting shadow mode (c/s 9122c69c8d3) but later > adjusted to HAP-only (c/s 77751ed79e3). > > There is deliberately no adjustment to xc_cpuid_apply_policy() for pre-4.14 > migration compatibility. The migration stream doesn't contain the required > architectural state for either VMX/SVM, and a nested virt VM which migrates > will explode in weird and wonderful ways. > > Signed-off-by: Andrew Cooper <andrew.coop...@citrix.com>
Acked-by: Roger Pau Monné <roger....@citrix.com> Thanks, Roger.
