From mboxrd@z Thu Jan 1 00:00:00 1970 From: Julien Grall Subject: Re: [PATCH v8 13/14] tools/libxl: explicitly grant access to needed I/O-memory ranges Date: Sun, 25 May 2014 18:08:23 +0100 Message-ID: <53822387.2030101@linaro.org> References: <1401015115-7610-1-git-send-email-avanzini.arianna@gmail.com> <1401015115-7610-14-git-send-email-avanzini.arianna@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; Format="flowed" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <1401015115-7610-14-git-send-email-avanzini.arianna@gmail.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Arianna Avanzini , xen-devel@lists.xen.org Cc: julien.grall@citrix.com, paolo.valente@unimore.it, keir@xen.org, stefano.stabellini@eu.citrix.com, tim@xen.org, dario.faggioli@citrix.com, Ian.Jackson@eu.citrix.com, Ian.Campbell@eu.citrix.com, etrudeau@broadcom.com, JBeulich@suse.com, andrew.cooper3@citrix.com, viktor.kleinik@globallogic.com List-Id: xen-devel@lists.xenproject.org Hi Arianna, On 25/05/14 11:51, Arianna Avanzini wrote: > + > + /* > + * If VGA passthru is enabled by domain config, be sure that the > + * domain can access VGA-related iomem regions. > + */ > + if (d_config->b_info.u.hvm.gfx_passthru.val) { > + uint64_t vga_iomem_start = 0xa0000 >> XC_PAGE_SHIFT; > + ret = xc_domain_iomem_permission(CTX->xch, domid, > + vga_iomem_start, 0x20, 1); > + if (ret < 0) { > + LOGE(ERROR, > + "failed to give dom%d access to iomem range " > + "%"PRIx64"-%"PRIx64" for VGA passthru", > + domid, vga_iomem_start, (vga_iomem_start + 0x20 - 1)); > + goto error_out; > + } > + } IHMO, the guest doesn't need to have permission to this region. When QEMU ask to map this region to the guest, the hypercall will only check the permission on the domain where QEMU is running. Therefore, the permission should be given to the stubdomain. Regards, -- Julien Grall