On Thu, Apr 14, 2022, Paolo Bonzini wrote: > On 4/14/22 13:06, Lai Jiangshan wrote: > > > Right, but then load_pdptrs only needs to zap the page before (or > > > instead of) calling kvm_mmu_free_roots(). > > > > > > > Guest PAE page is write-protected instead now (see patch4) and > > kvm_mmu_pte_write() needs to handle this special write operation > > with respect to sp->pae_off (todo). > > And load_pdptrs() doesn't need to check if the pdptrs are changed. > > Write-protecting the PDPTR page is unnecessary, the PDPTRs cannot change > without another CR3. That should be easy to do in account_shadowed and > unaccount_shadowed Technically that's not true under SVM? Under SVM, however, when the processor is in guest mode with PAE enabled, the guest PDPT entries are not cached or validated at this point, but instead are loaded and checked on demand in the normal course of address translation, just like page directory and page table entries
