Grzegorz Uriasz writes ("[PATCH 1/3] tools/libxl: Grant VGA IO port permission
for stubdom/target domain"):
> When qemu is running inside a linux based stubdomain, qemu does not
> have the necessary permissions to map the ioports to the target domain.
> Currently, libxl is granting permissions only for the VGA RAM memory region
> and not passing the required ioports. This patch grants the required
> permission for the necessary vga io ports.
Thanks.
I'm afraid I don't know much about this.
The code looks plausible, although there is a minor breach of official
libxl coding style in the use of `ret' rather than `r' for the xc
return values, and retuerning that value rather than a libxl error
code. I wouldn't regard that as a blocker considering the state of
the surrounding code.
I see from SUPPPORT.md that graphics passthrough seems to be security
supported. Frankly this seems very surprising to me.
Given that, I think we need a review from someone who understood
graphics passthrough.
I think that applies to all 3 of these patches.
Ian.
