In traditional, or single-level, machine virtualization a hypervisor controls the hardware (bare-metal) resources and runs one or more concurrent virtual machines (VMs), each VM running its own guest operating system. Nested virtualization enables a bare-metal hypervisor (level-0 or L0) to run one or more hypervisors (level-1 or L1), each of which can run its own set of VMs [18, 7, 29, 13] (level-2 or L2). Nested virtualization has many known potential benefits [7]. It can be used to host VMs running commodity operating systems, such as Linux and Windows, that utilize hardware virtualization to host other operating systems. Hypervisors that are embedded in firmware [15, 31] could use virtualization to run other hypervisors. Infrastructure-as-a-Service (IaaS) providers could use nested virtualization to allow users to run their own hypervisors and to allow migration of VMs across different IaaS providers [45]. Nested virtualization could also allow new approaches to hypervisor-level security [35, 33, 37, 20, 21, 14, 4], hypervisor development, and testing.