The protected OS is de-privileged though. In order to protect a hardware virtualized hypervisor (i.e., one that also requires VT-x), they need to implement some sort of nested virtual machine.
The feature is called VMCS shadowing. Wikipedia's description cites an Intel whitepaper (https://www-ssl.intel.com/content/dam/www/public/us/en/docum...) which describes how it's intended to help with the case of using McAfee's Deep Safe hypervisor (which does basically the same thing as this Kernel Guard, but for Windows) nested inside of Xen.