IGD Passthrough fixes for linux based stubdomains

[PATCH 0/3] IGD Passthrough fixes for linux based stubdomains

Grzegorz Uriasz posted 3 patches 3 years, 10 months ago

Download series mbox

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/xen tags/patchew/cover.1592171394.git.gorbak25@gmail.com

Maintainers: Anthony PERARD <anthony.perard@citrix.com>, Wei Liu <wl@xen.org>, Ian Jackson <ian.jackson@eu.citrix.com>

tools/libxl/libxl_pci.c | 153 +++++++++++++++++++++++++++++++++-------
1 file changed, 127 insertions(+), 26 deletions(-)

Expand all Fold all

[PATCH 0/3] IGD Passthrough fixes for linux based stubdomains

Posted by Grzegorz Uriasz 3 years, 10 months ago

Hi,

The included patches are a small subset of a bigger patch set spanning few 
projects aiming to isolate the GPU in Qubes OS to a dedicated security domain.
I'm doing this together with 3 colleagues as part of our Bachelors thesis.

Right now qemu assumes it runs in dom0 so it may grant access to
required memory regions and ioports to the target domain for the IGD to work. 
This is no longer the case with linux based stubdomains as the stubdom is 
not privileged. Moving some logic from qemu to libxl is necessary for 
some features to work inside a stubdomain. The included patches were tested
on a few laptops(together with the linked qemu patchset) and they work
fine.

Grzegorz Uriasz (3):
  tools/libxl: Grant VGA IO port permission for stubdom/target domain
  tools/libxl: Grant permission for mapping opregions to the target
    domain
  tools/libxl: Directly map VBIOS to stubdomain

 tools/libxl/libxl_pci.c | 153 +++++++++++++++++++++++++++++++++-------
 1 file changed, 127 insertions(+), 26 deletions(-)

-- 
2.27.0