Xen allows guest OSes to install a custom GDT if they require it;
this is context switched transparently whenever a domain is
[de]scheduled. The following hypercall is effectively a
`safe' version of lgdt:
set_gdt(unsigned long *frame_list, int entries)
Install a global descriptor table for a domain; frame_list is
an array of up to 16 machine page frames within which the GDT resides,
with entries being the actual number of descriptor-entry
slots. All page frames must be mapped read-only within the guest's
address space, and the table must be large enough to contain Xen's
reserved entries (see xen/include/public/arch-x86_32.h).
Many guest OSes will also wish to install LDTs; this is achieved by
using mmu_update() with an extended command, passing the
linear address of the LDT base along with the number of entries. No
special safety checks are required; Xen needs to perform this task
simply since lldt requires CPL 0.
Xen also allows guest operating systems to update just an
individual segment descriptor in the GDT or LDT:
update_descriptor(uint64_t ma, uint64_t desc)
Update the GDT/LDT entry at machine address ma; the new
8-byte descriptor is stored in desc.
Xen performs a number of checks to ensure the descriptor is
valid.
Guest OSes can use the above in place of context switching entire
LDTs (or the GDT) when the number of changing descriptors is small.
