On 08/14/2012 11:54 AM, 陳韋任 (Wei-Ren Chen) wrote: > Hi all, > > If guest modify its guest page table entry, KVM should trap that event, > emulate what guest trying to do, and sync with the corresponding shadow > page table entry. Is my understanding correct? If so, does KVM use > something like mprotect to make guest page table read-only, or there is > another way? It is controlled by shadow page table, guest-page-tables are write-protected on shadow pages (the W bit on PTE is cleared). There has a special case, called unsync shadow page, if the page only used as guest page structure on the lowest level (level = 1), we allow it to be writable, it will be sync-ed when the guest flush the tlb (e.g: CR3 reload, invlpg...) because according to x86 TLB rules, it needs to flush tlb to apply the change. > Besides, how KVM know what guest try to write into the > guest page table entry? In the normal case, guest writes its page table will generate #PF since the page is write-protected as we mention above. For the special case (unsync shadow page), we can happily write its page table without #PF. -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
