On 02.10.2013, at 16:33, Paolo Bonzini wrote: > Il 02/10/2013 16:08, Alexander Graf ha scritto: >>> The hwrng is accessible by host userspace via /dev/mem. >> >> A guest should live on the same permission level as a user space >> application. If you run QEMU as UID 1000 without access to /dev/mem, why >> should the guest suddenly be able to directly access a memory location >> (MMIO) it couldn't access directly through a normal user space interface. >> >> It's basically a layering violation. > > With Michael's earlier patch in this series, the hwrng is accessible by > host userspace via /dev/hwrng, no? Yes, but there's not token from user space that gets passed into the kernel to check whether access is ok or not. So while QEMU may not have permission to open /dev/hwrng it could spawn a guest that opens it, drains all entropy out of it and thus stall other processes which try to fetch entropy, no? Maybe I haven't fully grasped the interface yet though :). Alex -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
