On 16/02/2023 11:13 am, Viresh Kumar wrote: > Hi Oleksandr, > > As you already know, I am looking at how we can integrate the Xen > grants work in our implementation of Rust based Xen vhost frontend [1]. > > The hypervisor independent vhost-user backends [2] talk to > xen-vhost-frontend using the standard vhost-user protocol [3]. Every > memory region that the backends get access to are sent to it by the > frontend as memory region descriptors, which contain only address and > size information and lack any permission flags. > > I noticed that with Xen grants, there are strict memory access > restrictions, where a memory region may be marked READ only and we > can't map it as RW anymore, trying that just fails. Because the > standard vhost-user protocol doesn't have any permission flags, the > vhost libraries (in Rust) can't do anything else but try to map > everything as RW. > > I am wondering how do I proceed on this as I am very much stuck here. >
(unhelpful comment) This is what happens when people try to reinvent the wheel a little more square than it was before. If the guest grants the page read-only, then you can only map it read only. Anything else is a violation of the security model. So either you need to adjust the guest to always grant read/write, or you need to teach virtio that read only is actually a real concept. ~Andrew
