On Fri, Sep 19, 2014 at 3:05 PM, Theodore Ts'o <tytso@xxxxxxx> wrote: > On Fri, Sep 19, 2014 at 09:40:42AM -0700, H. Peter Anvin wrote: >> >> There is a huge disadvantage to the fact that CPUID is a user space >> instruction, though. > > But if the goal is to provide something like getrandom(2) direct from > the Host OS, it's not necessarily harmful to allow the Guest ring 3 > code to be able to fetch randomness in that way. The hypervisor can > implement rate limiting to protect against the guest using this too > frequently, but this is something that you should be doing for guest > ring 0 code anyway, since from the POV of the hypervisor Guest ring 0 > is not necessarily any more trusted than Guest ring 3. On the other hand, the guest kernel might not want the guest ring 3 to be able to get random numbers. --Andy -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
