Virtual machines generally provide a mechanism for emulating a computer architecture and functions of a real world computer. A Virtual Machine Monitor (VMM) refers to a software, firmware, or hardware that creates and runs virtual machines A VMM can use an Extended Page Table (EPT) to partition/isolate software within the same virtual address space into separate physical memory views such that the same linear address mapping has differing permissions in separate permission views. This isolation can be used to protect software from malware attacks by separating untrusted software components from trusted software components into different partitions.
Some techniques for using EPT may monitor the guest physical memory and require that the guest OS (Operating System) mapping in the guest page table does not change (i.e., the memory stays non-pageable or pinned in the OS page tables). While software elements may be made non-pageable in the OS address space, making virtual memory non-pageable is not a scalable solution, e.g., for monitoring the memory of a program that the OS may aim to page out to reduce physical memory pressure.