On 10/31/2017 04:44 PM, Dave Hansen wrote: >> That seems insane. Why isn't only tyhe top level shadowed, and >> then lower levels are shared between the shadowed and the "kernel" >> page tables? > There are obviously two PGDs. The userspace half of the PGD is an exact > copy so all the lower levels are shared. You can see this bit in the > memcpy that we do in clone_pgd_range().
This is wrong. The userspace copying is done via the code we add to native_set_pgd(). Whenever we set the kernel PGD, we also make sure to make a corresponding entry in the user/shadow PGD. The memcpy() that I was talking about does the kernel portion of the PGD.
