On 10/31/2012 02:46 PM, Jan Kiszka wrote: >> Please allow me to clarify it more clearly. >> >> The flash is ROMD device means guest can not write it, any kinds of guest >> write >> access on this device can cause vmexit to kvm and return to userspace. >> >> We should pay more attention on it if we execute the code in ROMD since we >> can not use ROMD as stack/page table/IDT table and all other implicitly >> write access. >> Of course, if you do not use ROM as those purposes, it is okay. :) > > So the problem is that there is KVM code that still blindly writes to > guest memory and does not take the memory regions' protection flag into > account? And we cannot mark those regions read only in the host's page > table?
KVM has the ability to catch this kind of write access on ROMD, it is just hard to emulate the implicitly memory access.
