Re: [PATCH v2 3/10] KVM: MMU: fix direct sp's access corruptted

[Avi Kivity]

On 06/29/2010 10:45 AM, Xiao Guangrong wrote:
> > - there was once talk that instead of folding pt_access and pte_access
> > together into the leaf sp->role.access, each sp level would have its own
> > access permissions.  In this case we don't even have to get a new direct
> > sp, only change the PT_DIRECTORY_LEVEL spte to add write permissions
> > (all direct sp's would be writeable and permissions would be controlled
> > at their parent_pte level).  Of course that's a much bigger change than
> > this bug fix.
> >
> >      
> Yeah, i have considered this way, but it will change the shadow page's mapping
> way: it control the access at the upper level, but in the current code, we allow
> the upper level have the ALL_ACCESS and control the access right at the last level.
> It will break many things, such as write-protected...
>    

spte's access bits have dual purpose, both to map guest protection and 
for host protection (like for shadowed pages, or ksm pages).  So the 
last level sptes still need to consider host write protection.

--
error compiling committee.c: too many arguments to function

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/