On 02/07/2012 02:28 PM, Anthony Liguori wrote:
It's a potential source of exploits
(from bugs in KVM or in hardware). I can see people wanting to be
selective with access because of that.
As is true of the rest of the kernel.
If you want finer grain access control, that's exactly why we have
things like LSM and SELinux. You can add the appropriate LSM hooks
into the KVM infrastructure and setup default SELinux policies
appropriately.
LSMs protect objects, not syscalls. There isn't an object to protect
here (except the fake /dev/kvm object).
In theory, kvm is exactly the same as other syscalls, but in practice,
it is used by only very few user programs, so there may be many
unexercised paths.
--
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
