On 06.09.2021 17:48, Andrew Cooper wrote: > On 02/09/2021 09:33, Jan Beulich wrote: >> To become independent of the sequence of mapping operations, permit >> "access" to accumulate for Dom0, noting that there's not going to be an >> introspection agent for it which this might interfere with. While e.g. >> ideally only ROM regions would get mapped with X set, getting there is >> quite a bit of work. > > ? > > That's literally the opposite of what needs to happen to fix this bug. > Introspection is the only interface which should be restricting X > permissions.
What agent would be handling access violations in Dom0? The description (now) focuses on entirely Dom0; I agree that DomU wants things the way you describe (provided all p2m_access_t abuses are gone). Jan
