- there was once talk that instead of folding pt_access and pte_accessYeah, i have considered this way, but it will change the shadow page's mapping
together into the leaf sp->role.access, each sp level would have its own
access permissions. In this case we don't even have to get a new direct
sp, only change the PT_DIRECTORY_LEVEL spte to add write permissions
(all direct sp's would be writeable and permissions would be controlled
at their parent_pte level). Of course that's a much bigger change than
this bug fix.
way: it control the access at the upper level, but in the current code, we allow
the upper level have the ALL_ACCESS and control the access right at the last level.
It will break many things, such as write-protected...