I'd prefer to let the kvm module have the final say as to whether or not to allow userspace to do this. On Fri, May 11, 2018 at 8:43 AM, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> wrote: > On Fri, May 11, 2018 at 11:42:46AM -0400, Konrad Rzeszutek Wilk wrote: >> On Mon, Apr 16, 2018 at 10:46:01PM -0700, Wanpeng Li wrote: >> > From: Wanpeng Li <wanpengli@xxxxxxxxxxx> >> > >> > Allow to disable ioport intercept by userspace. >> > >> > Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> >> > Cc: Radim Krčmář <rkrcmar@xxxxxxxxxx> >> > Cc: Tim Shearer <tshearer@xxxxxxxxxxxxxxx> >> > Cc: Liran Alon <liran.alon@xxxxxxxxxx> >> > Signed-off-by: Wanpeng Li <wanpengli@xxxxxxxxxxx> >> > --- >> > Documentation/virtual/kvm/api.txt | 11 +++++++++++ >> > arch/x86/include/asm/kvm_host.h | 2 ++ >> > arch/x86/kvm/x86.c | 5 +++++ >> > include/uapi/linux/kvm.h | 1 + >> > 4 files changed, 19 insertions(+) >> > >> > diff --git a/Documentation/virtual/kvm/api.txt b/Documentation/virtual/kvm/api.txt >> > index 1c7958b..3d0488e 100644 >> > --- a/Documentation/virtual/kvm/api.txt >> > +++ b/Documentation/virtual/kvm/api.txt >> > @@ -4378,6 +4378,17 @@ all such vmexits. >> > >> > Do not enable KVM_FEATURE_PV_UNHALT if you disable HLT exits. >> > >> > +7.14 KVM_CAP_IOPORT_DISABLE_INTERCEPT >> > + >> > +Architectures: x86 > > And to be exact: Intel only..
