I'm developing my own bare-metal hypervisor over intel vt-x technology.
My goal is to make it inaccessible to the OS I'm running over my hypervisor in any way, therefore I configured an EPT table to protect from memory access. I believe that now I'm missing protection from devices with DMA access.
I would like to know how do I prevent from all PCI devices access to my hypervisor memory area? Code examples would be perfect for me.
BTW: I test my project using QEMU environment if it's might affect the answer.