On 03/23/18 15:34, Paolo Bonzini wrote: >> >> I guess the security issue is that if it is permitted to *read* from >> port 0x80 then you can read the last value written, at least on some >> systems (it aliases an unused DMA page register which are RW storage at >> least on some systems.) This would allow the guest to snoop on activity >> in the host or other guests depending on what is going on. > > No, IIRC it was just crashing the host occasionally. > In that case it should be possible to allow it IF AND ONLY IF the host uses it itself for I/O delay (not blocked by DMI). However, I suspect the above issue would exist anyway :( -hpa
