On 09/09/2015 14:03, Ефимов Василий wrote: > We also can set up redirection at machine initialization, but using of > listener makes sure redirection is actual at runtime. I do not know > case in which regions at the PAM addresses are changed dynamically > during guest work. But even during machine initialization the memory > tree is changed multiple times. So, listener at least ensures the last > version of tree is used for redirection choice.
Fair enough. >> 2) For the "Make current PAM region an I/O region" case, you could add >> an IOMMU region that to 0xc0000-0xfffff. The listener would disable >> pam->region[1] if address_space_translate returns an I/O region and >> enable it if it returns RAM/ROM. > As I see, IOMMU cannot be used for CPU access to memory because of > assertion (!section->mr->iommu_ops) in > exec.c: address_space_translate_for_iotlb > IOMMU is used for redirection of device and debug access through > address_space_translate. Please correct me if I miss something. You're right. We could remove the assertion and reuse subpage_ops for IOMMUs, it would not allow running code but it would allow accesses. But it's not necessary because this can never happen in practice. > There is no known case in which an I/O region is at PAM addresses. > But it is theoretically possible. Hence, I decide to implement it > instead of insert an assertion. Let's keep the code simple and assert. If you put a BAR at 0xc0000-0xfffff, RAM wins, so this situation should never happen on x86 chipsets. Paolo
