On 03/20/18 14:29, Paolo Bonzini wrote: > On 20/03/2018 21:43, hpa@xxxxxxxxx wrote: >> What is the security issue? Port 0x80 used for other purposes on >> real hardware? In that case, the host kernel would need to know >> about it, and could disable this hack, no? > > Yes, there are DMI-based quirks. > >> (Such a machine would have a hard time running Linux, too. That >> being said, I don't think it would be a bad idea to induce something >> like X86_FEATURE_NOIODELAY which would patch out those writes; KVM >> guests could set it.) > > We already do that in KVM guests through pvops. This flag could still > be useful if the DMI-based quirks were to set it, but honestly I think > that Tim has either a bad driver or some kind of misconfiguration. I guess the security issue is that if it is permitted to *read* from port 0x80 then you can read the last value written, at least on some systems (it aliases an unused DMA page register which are RW storage at least on some systems.) This would allow the guest to snoop on activity in the host or other guests depending on what is going on. So yes... not really possible without separate read and write bitmaps :( -hpa
