On 11/20/2011 04:58 PM, Sasha Levin wrote: > Hi all, > > I've been working on adding device assignment to KVM tools, and started > with the basics of just getting a device assigned using the > KVM_ASSIGN_PCI_DEVICE ioctl. > > What I've figured is that unprivileged users can request any PCI device > to be assigned to him, including devices which he shouldn't be touching. > > In my case, it happened with the VGA card, where an unprivileged user > simply called KVM_ASSIGN_PCI_DEVICE with the bus, seg and fn of the VGA > card and caused the display on the host to go apeshit. > > Was it supposed to work this way? No, of course not. > I couldn't find any security checks in > the code paths of KVM_ASSIGN_PCI_DEVICE and it looks like any user can > invoke it with any parameters he'd want - enabling him to kill the host. Alex, Chris? -- error compiling committee.c: too many arguments to function -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
