Avi Kivity wrote: > > Note: > > - modifying walk_addr() to call kvm_mmu_pte_write() is probably not so > bad. It's rare that a large pte walk sets the dirty bit, and it's > probably rare to share those large ptes. Still, I think the fetch() > change is better since it's more local. > > - there was once talk that instead of folding pt_access and pte_access > together into the leaf sp->role.access, each sp level would have its own > access permissions. In this case we don't even have to get a new direct > sp, only change the PT_DIRECTORY_LEVEL spte to add write permissions > (all direct sp's would be writeable and permissions would be controlled > at their parent_pte level). Of course that's a much bigger change than > this bug fix. > Yeah, i have considered this way, but it will change the shadow page's mapping way: it control the access at the upper level, but in the current code, we allow the upper level have the ALL_ACCESS and control the access right at the last level. It will break many things, such as write-protected... -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
