On 20-02-23, 07:13, Juergen Gross wrote:

There are no permission flags in Xen PV device protocols either. The kind of a mapping (RO or RW) in the backend is selected via the I/O operation: in case it is a write type operation (guest writing data to a device), the related grants are mapper as RO in the backend, in all other cases they are mapped as RW.

The same applies to granted pages for virtio: the frontend side will grant the page as RO in case the I/O operation is flagged as "DMA_TO_DEVICE", and as RW in all other cases. The backend should always know, which direction the data is flowing, so it should be able to do the mapping with the correct access mode.

Right, so the back-end actually knows the permission details, but it is getting lost while we do some vhost-user operations.

Anyway, I have taken this in a different direction now and suggested a change to vhost-user protocol itself. That lets the back-end know that it is actually running on Xen and then it can do the mapping itself instead of asking the front-end, which doesn't make us loose the permission details.

This also lets us write the backends in hypervisor agnostic way, hypervisor specific stuff is handled in vhost-user protocol's implementation now.

https://lists.gnu.org/archive/html/qemu-devel/2023-02/msg05946.html