On 14.06.2024 18:35, Demi Marie Obenour wrote: > On Fri, Jun 14, 2024 at 08:38:51AM +0200, Jan Beulich wrote: >> On 13.06.2024 20:43, Demi Marie Obenour wrote: >>> 2. Add support for `XEN_DOMCTL_memory_mapping` to use system RAM, not >>> just IOMEM. Mappings made with `XEN_DOMCTL_memory_mapping` are >>> guaranteed to be able to be successfully revoked with >>> `XEN_DOMCTL_memory_mapping`, so all operations that would create >>> extra references to the mapped memory must be forbidden. These >>> include, but may not be limited to: >>> >>> 1. Granting the pages to the same or other domains. >>> 2. Mapping into another domain using `XEN_DOMCTL_memory_mapping`. >>> 3. Another domain accessing the pages using the foreign memory APIs, >>> unless it is privileged over the domain that owns the pages. >> >> All of which may call for actually converting the memory to kind-of-MMIO, >> with a means to later convert it back. > > Would this support the case where the mapping domain is not fully > priviliged, and where it might be a PV guest? I suppose that should be a goal. Jan