This is kind of fallout from XSA-427 investigations, partly related to there having been a more intrusive first approach.
Most patches aren't really dependent upon one another, so can probably go in independently (as they get acked). A few patches from v2 went in, but there are also two new OOS patches in v3. See individual patches for what has changed (in response to review comments). 01: reduce explicit log-dirty recording for HVM 02: call sh_update_cr3() directly from sh_page_fault() 03: don't generate bogus "domain dying" trace entry from sh_page_fault() 04: use lighter weight mode checks 05: move OOS functions to their own file 06: restrict OOS allocation to when it's really needed 07: OOS doesn't track VAs anymore 08: sh_rm_write_access_from_sl1p() is HVM-only 09: drop is_hvm_...() where easily possible 10: make monitor table create/destroy more consistent 11: vCPU-s never have "no mode" 12: adjust monitor table prealloc amount Jan
