On Wed, Apr 23, 2025 at 11:31:29AM -0700, Nicolin Chen wrote: > > It also needs to act like a mdev and lock down the part of the IOAS > > that provides that memory so the pin can't be released and UAF things. > > If I capture this correctly, the GPA->PA mapping is already done > at the IOAS level for the S2 HWPT/domain, i.e. pages are already > pinned. So we just need to a pair of for-driver APIs to validate > the contiguity and refcount pages calling iopt_area_add_access().
Yes, adding an access is the key thing, the access will give you a page list which you can validate, but it also provides a way to synchronize if a hostile userspace does an unmap. Jason
