On 11/16/21 12:07, Maxim Levitsky wrote:
- * But, even though there are 18 bits in the mask below, not all
combinations
+ * But, even though there are 20 bits in the mask
below, not all combinations
I to be honest counted 19 bits there (which includes the 'smm' bit),
but I might have made a mistake. I do wonder maybe it is better to
just remove that comment with explicit number?
Yes, they are 19. But the explicit number is there to guide in
understanding how 19 goes down to 14 combinations.
Here is a better writeup:
* - invalid shadow pages are not accounted, so the bits are effectively 18
* - quadrant will only be used if gpte_is_8_bytes is zero (non-PAE paging);
* execonly and ad_disabled are only used for nested EPT which has
* gpte_is_8_bytes=1. Therefore, 2 bits are always unused.
* - the 4 bits of level are effectively limited to the values 2/3/4/5,
* as 4k SPs are not tracked (allowed to go unsync). In addition non-PAE
* paging has exactly one upper level, making level effectively redundant
* when gpte_is_8_bytes=0.
* - on top of this, smep_andnot_wp and smap_andnot_wp are only set if cr0_wp=0,
* therefore these three bits only give rise to 5 possibilities.
FWIW, the full count becomes 6400 unless I screwed up the math.
Paolo
