Note: this ticket applies to the Xen 4.12 + v4v case. When Argo is added, the policy will have to be tweaked further.
set_max_evtchn and set_gnttab_limits have been deprecated (more accurately are handled elsewhere), remove these
add new get_cpu_policy permission
allow mca_op from dom0_t to xen_t
allow dom0 to access resource map of uivm and ndvm
Note that I already have working changes in my tree that resolves this ticket
Modifying to track for 9.0 release epic, it's also not related to xen 4.11 anymore.
No flask denials seen on stable-9 rc1. Tested ssh/scp argo functionality and performed some general ad-hoc testing with UIVM and NDVM.