Hi Udo,
Just to clarify this point:
The hypervisor neither forces you to put Vancouver and its associated VM in the same PD, nor does it force you to have one instance of Vancouver per VM. You can create a PD, remotely create a vCPU in it and establish the VMX/SVM portals to point to some other PD. Then that other PD can manage its virtual address space any way it wants.
thanks. Let's keep that for the records. ;-)
That said, we have found that putting both VMM and VM in the same PD has a number of advantages. First, a VMM needs to frequently access the memory of its VM, e.g., to look at the guest page tables. Having a 1:1 relationship between virtual memory in the VMM and guest-physical memory of the VM greatly simplifies that task. Second, if the VMM and VM were in different PDs, you'd pay for two additional address-space switches on each VM exit.
These are damn good arguments for the current design - I don't dare to question them. So the 1:1 relationship between guest memory and Vancouver's address space is actually not "imposed" by the kernel but seems to be the most sensible design. Sorry that I mixed that up.
Cheers Norman