The Tor process on Whonix-Gateway machine is using a lot of CPU under load and its slow, the reason seems to be that there is no AES passed to the KVM guest.
I changed from vcpu to a cpu host-passthrough like this in the Whonix-Gateway xml file
Checking /proc/cpuinfo now shows AES and alot of other features and Tor uses around 2-3% at max.
Are there any reasons that it uses vcpu as default? Is it bad to pass AES to the guest?
Now that the hosts cpu is directly passed to the guest there are a lot more cpu features added, could one of these be exploited if a guest would be hacked? Maybe find serial number of the CPU and identify who bought it ?