Many computer systems utilize virtual memory for security, stability and/or other purposes. In various virtual memory systems, a virtual machine monitor (“VMM”) may control direct use of memory and/or computer processors in a computer system. The virtual machine monitor, which may be implemented in software and/or hardware, may allow guest software to run only in guest virtual machines, each containing their own guest address space defined by virtual memory addresses.
Thus, in many systems, a guest virtual machine may perform memory accesses using what appears, to the guest virtual machine, to be physical memory. These guest physical memory addresses may be mapped, in turn, to actual physical memory addresses through the use of page tables controlled by the virtual machine monitor. In some systems, these page tables may specify access permissions for memory pages (hereinafter, may simply referred to as “page”). Thus, a page table may define, for each page of virtual memory presented to a piece of guest software, whether the guest software may 1) execute instructions from that locations in that page, 2) read from locations in that page, and/or 3) write to locations in that page. In various systems, multiple page tables may be used, or switched to during execution, in order to allow particular accesses, as determined by the VMM. In various systems, additional page tables may be defined at the level of a guest virtual machine, where the page table may translate the guest virtual machines's virtual memory addresses to guest physical addresses. This may be separate, in some systems, from page tables used at the virtual machine monitor level, where the page tables may translate guest physical memory addresses to real physical memory addresses.
As an example, pages W and X may hold trusted data, while pages Y and Z may hold trusted code sections. To enable code in pages Y and Z to access data in pages W and X, but prevent code in other pages from accessing data in pages W and X, a page table may provide execute permission for pages Y and Z, and read/write permission for pages W and X.
However, in some scenarios, current page table utilization may introduce problems. In one scenario, an instruction may be large enough to fall in memory locations that straddle two different pages. If a page table does not allow execution of instructions for one of the pages, processor that seeks to execute the instruction may find itself unable to proceed, despite the fact that the instruction is at least partially found in memory for which execution is allowed.
In another scenario, modification of page tables may provide for inefficiencies. For example, during execution, the VMM may determine that a processor, or a hardware thread executing on a processor, may be desired to execute instructions in accordance with different permissions. In some such scenarios, page table used by the processor may be modified, or the processor may be pointed to a different page table in order to utilize the different permissions. However, in a situation where only a single hardware thread requires different permissions, modification or switching of the page table for the processor can cause every other thread operating on the processor to utilize the new page table as well. This can cause inefficiencies, as the other hardware threads may not be appropriate to operate under the different permissions, and/or the other hardware threads may find themselves paused or otherwise waiting while the page table is modified.
In yet another scenario, support may not exist in a VMM or in hardware for a VMM-level page table that keeps track of physical-page-level permissions. For example, in some existing systems, permissions are only kept at a guest VM level, and may be controlled at that level by the VMM. This may cause inefficiencies, however, because the VMM may not have a facility for keeping track of permissions on a per-physical-page level, and for manipulating permissions at this level. This may prevent the VMM from exercising the same degree of control and protection as may be desired.