executor: isolate x86 page table pool to high memory in SYZOS

Refactor the SYZOS guest memory layout to decouple the dynamic page table
allocator from the fixed system data structures (GDT, IDT, initial PML4).
Previously, the page table pool was located at 0x5000, tightly packed with
the initial system pages. This rigid structure made it difficult to expand
the pool or inject configuration data without shifting fixed offsets.

Move X86_SYZOS_ADDR_PT_POOL to 0x180000, creating a distinct high-memory
region well above the L2 VCPU data, and increase the pool size to 64 pages
(256KB) to support deeper nested hierarchies.

Update the syz_kvm_setup_syzos_vm logic to handle non-contiguous
Guest-to-Host address translation via a new get_host_pte_ptr() helper.
This is necessary because the executor's host memory allocation remains
strictly linear while the guest physical address space now contains
significant gaps.

This layout change is a prerequisite for enabling "SYZOS inside SYZOS"
(L2 nesting), allowing the future injection of boot arguments into the
gap created between fixed data and dynamic regions.

1 files changed, 5 insertions, 2 deletions

diff --git a/executor/kvm.h b/executor/kvm.h
index a390becbb..ab5178792 100644
--- a/executor/kvm.h
+++ b/executor/kvm.h
@@ -45,8 +45,6 @@
 #define X86_SYZOS_ADDR_PML4 0x2000
 // PDP for GPAs 0x0 - 0x7fffffffff.
 #define X86_SYZOS_ADDR_PDP 0x3000
-// Pool of 32 pages for dynamic PT/PD allocations.
-#define X86_SYZOS_ADDR_PT_POOL 0x5000
 #define X86_SYZOS_ADDR_VAR_IDT 0x25000
 #define X86_SYZOS_ADDR_VAR_TSS 0x26000
 
@@ -76,6 +74,11 @@
 // Base offset for the area containing the 4 L2 VM slots.
 #define X86_SYZOS_L1_VCPU_OFFSET_L2_VMS_AREA 0x1000
 
+// Separated Page Table Pool in high memory.
+// Located above L2 VCPU regions.
+#define X86_SYZOS_ADDR_PT_POOL 0x180000
+#define X86_SYZOS_PT_POOL_SIZE 64
+
 // Layout of a single L2 VM's data block.
 
 // Size of the memory block for a single L2 VM.