Hi,
I don't mind the allocation of guest memory issue, the fact that guest memory is consumed by built-in devices is exactly what happens on bare metal.
And following in qemu what happens on bare metal usually works best long-term.
to pre-populate it, we could. It at least puts QEMU in control, but relaying back the address via a device specific register is still a bit ugly.
It is the usual way. We do the same for a few other addresses too (mmconfig xbar, acpi registers). Firmware programs the hardware, and qemu picks up the addresses from there (and puts them into the generated acpi tables for example).
Main advantage is that we don't need a paravirtual firmware <=> qemu interface for each address.
Yes, each firmware (seabios/ovmf/...) needs to handle it then. But if we allocate the stolen memory from guest ram the firmware has to handle it _anyway_ so it is marked reserved in e820 etc.
cheers, Gerd