On Fri, 2020-03-06 at 13:29 +0100, Jan Beulich wrote: > How do you tell pages in use by domains from ones free to re-use? > Because of the overloading of struct page_info, I expect you can't > judge by just looking at a page's struct page_info instance. Are > you peeking into the migration streams for the domains to collect > all the pages? And are you walking IOMMU structures to collect the > ones used for but not accessible by the domains? I just outlined the two-part nature of the issue. First the old Xen must ensure *not* to put any pages that need to be preserved, in the reserved region. You're talking about the second part, where the new Xen has to work out what pages in the *rest* of memory are available to it and which it needs to preserve. Which means my first answer has to be "hell no, you can't even *talk* about the page_info here". Because what we pass from Xen#1 to Xen#2 has to be an *ABI*, with clearly defined forward-compatible structures. Never passing over Xen-internal structs like the page_info. So yes, the new Xen has to infer it from the migration structures for the domains, and mark the appropriate pages as 'in use' before init_heap_pages() gets to look at them. But bear in mind that we can *define* the structures we use for this too, based on top of the existing live migration data structures. We don't want to have to actually walk the hardware page tables in the new Xen. We'll probably end up passing over a list of pages, from old Xen to new in a newly-defined record type. And old Xen would just keep that list as it allocates pages for those page tables. Much as it keeps the page list for domains.