On Thu, Oct 03, 2013 at 08:21:20AM +1000, Benjamin Herrenschmidt wrote: > On Wed, 2013-10-02 at 17:37 +0300, Gleb Natapov wrote: > > On Wed, Oct 02, 2013 at 04:33:18PM +0200, Paolo Bonzini wrote: > > > Il 02/10/2013 16:08, Alexander Graf ha scritto: > > > > > The hwrng is accessible by host userspace via /dev/mem. > > > > > > > > A guest should live on the same permission level as a user space > > > > application. If you run QEMU as UID 1000 without access to /dev/mem, why > > > > should the guest suddenly be able to directly access a memory location > > > > (MMIO) it couldn't access directly through a normal user space interface. > > > > > > > > It's basically a layering violation. > > > > > > With Michael's earlier patch in this series, the hwrng is accessible by > > > host userspace via /dev/hwrng, no? > > > > > Access to which can be controlled by its permission. Permission of > > /dev/kvm may be different. If we route hypercall via userspace and > > configure qemu to get entropy from /dev/hwrng everything will fall > > nicely together (except performance). > > Yes, except abysmall performance and a lot more code for something > completely and utterly pointless .... nice. > Pointless? You yourself said that fallback to userspace will be required for migration, so the code have to be there regardless. About abysmal performance this is what you repeatedly refused to prove. All you said is that exit to userspace is expensive, we all know that, it is slow for all arch and all devices implemented in usrerspace, but we do not move all of them to the kernel. We do move some, most performance critical, so all you need to show that for typical guest workload having device in the kernel speed up things measurably. Why not do that instead of writing rude emails? -- Gleb. -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html