nexos wrote:
Even in that case there still is a race condition as what if the CPU speculatively reads from the junk PTE? Then you just read junk data into the pipeline
What junk PTE? There is no junk PTE. The last level means the actual page itself.
On 64-bit the page table layout is as follows, top to bottom:
* PML4 (pointed to by CR3)
* PML3 (pointed to by entries in the PML4)
* PML2
* PML1
* The pages themselves (pointed to by entries in the PML1,
this is the last level I was talking about)
When mapping actual pages, you don't need to zero them out because they aren't part of the page table tree that's processed using the TLB.