Andrea Arcangeli wrote: > On Tue, Apr 01, 2008 at 06:18:07PM +0100, Daniel P. Berrange wrote: > >> and very few application domains are allowed to access them. THe KVM/QEMU >> policy will not allow this for example. Basically on the X server, HAL and >> dmidecode have access in current policy. It would be undesirable to have to >> all KVM guests full access to /dev/mem, so a more fine grained access method >> would have benefits here. >> > > But pci-passthrough can give a root on the host even to the ring0 > guest, just like /dev/mem without VT-d, so there's no muchx difference > with using /dev/mem as far as security is concerned. Only on the CPUs > including VT-d it's possible to retain a mostly equivalent security > level despite pci-passthrough. >
Eventually, most machines with have an IOMMU so that's the assumption to design to. It is true that PCI pass-through w/o VT-d is always going to be equivalent to /dev/mem access but it's really a special case. Unless you have an IOMMU, you would not do PCI pass-through if you cared at all about security/reliability. Regards, Anthony Liguori ------------------------------------------------------------------------- Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ kvm-devel mailing list kvm-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/kvm-devel