This causes the -cpu host option to be used, which has the side-effect
of enabling nested KVM.
<apic/>
<pae/>
</features>
<apic/>
<pae/>
</features>
- <cpu mode='host-model' fallback='allow' />
+ <cpu mode='host-passthrough'/> <!-- -cpu host, also allows nested -->
<clock offset='utc'>
<timer name='rtc' tickpolicy='catchup'/>
<timer name='pit' tickpolicy='delay'/>
<clock offset='utc'>
<timer name='rtc' tickpolicy='catchup'/>
<timer name='pit' tickpolicy='delay'/>