On 2/12/21 12:54 PM, Sean Christopherson wrote: > Ah, I see what you're thinking. > > Treating an EPT #VE as fatal was also considered as an option. IIUC it was > thought that finding every nook and cranny that could access a page, without > forcing the kernel to pre-accept huge swaths of memory, would be very > difficult. > It'd be wonderful if that's not the case.
We have to manually set up the page table entries for every physical page of memory (except for the hard-coded early stuff below 8MB or whatever). We *KNOW*, 100% before physical memory is accessed. There aren't nooks and crannies where memory is accessed. There are a few, very well-defined choke points which must be crossed before memory is accessed. Page table creation, bootmem and the core page allocator come to mind. If Linux doesn't have a really good handle on which physical pages are accessed when, we've got bigger problems on our hands. Remember, we even have debugging mechanisms that unmap pages from the kernel when they're in the allocator. We know so well that nobody is accessing those physical addresses that we even tell hypervisors they can toss the page contents and remove the physical backing (guest free page hinting).
