[Vogtinator]

Doesn't this still allow to read memory from the hypervisor shared between the PV VMs in a HVM container?

[cthalupa]

The intention, from my understanding, is not to boot multiple PV guests inside of one HVM shim, but instead treat it as more of a packaged deal - for each PV guest, you will be running it inside an independent vixen shim. So 5 PV guests, 5 vixen shims, etc.

[quanstro]

correct.

[bonzini]

No, because page tables are isolated between guests.