On 2012-08-27 20:09, Avi Kivity wrote: > On 08/27/2012 10:14 AM, Jan Kiszka wrote: >>> >>> Deregistration is fine, the problem is destruction. >>> >> >> It isn't as you access memory region states that can change after >> deregistration. Devices can remove memory regions from the mapping, >> alter and then reinsert them. The last to steps must not happen while >> anyone is still using a reference to that region. >> > > Why not? If the guest is accessing an mmio region while reconfiguring > it in a way that changes its meaning, either the previous or the next > meaning is valid.
If the memory region owner sets the content to zero or even releases it (nothing states a memory region can only live inside a device structure), we will crash. Restricting how a memory region can be created and handled after it was once registered somewhere is an unnatural interface, waiting to cause subtle bugs. Jan -- Siemens AG, Corporate Technology, CT RTC ITP SDP-DE Corporate Competence Center Embedded Linux
