[PATCH] kvm: remove CAP_SYS_RAWIO requirement fromkvm_vm_ioctl_assign_irq

From: Alex Williamson
Date: Wed May 12 2010 - 17:48:18 EST

Next message: Don Zickus: "Re: [PATCH 2/8] [nmi watchdog] touch_softlockup cleanups andsoftlockup_tick removal"
Previous message: Stephen Hemminger: "Re: [PATCH RFC tip/core/rcu 04/23] net: Make accesses to ->br_portsafe for sparse RCU"
Next in thread: Chris Wright: "Re: [PATCH] kvm: remove CAP_SYS_RAWIO requirement fromkvm_vm_ioctl_assign_irq"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Remove this check in an effort to allow kvm guests to run without
root privileges. This capability check doesn't seem to add any
security since the device needs to have already been added via the
assign device ioctl and the io actually occurs through the pci
sysfs interface.

Signed-off-by: Alex Williamson <alex.williamson@xxxxxxxxxx>
---

virt/kvm/assigned-dev.c | 3 ---
1 files changed, 0 insertions(+), 3 deletions(-)

diff --git a/virt/kvm/assigned-dev.c b/virt/kvm/assigned-dev.c
index 4d10b1e..64672e2 100644
--- a/virt/kvm/assigned-dev.c
+++ b/virt/kvm/assigned-dev.c
@@ -448,9 +448,6 @@ static int kvm_vm_ioctl_assign_irq(struct kvm *kvm,
struct kvm_assigned_dev_kernel *match;
unsigned long host_irq_type, guest_irq_type;

- if (!capable(CAP_SYS_RAWIO))
- return -EPERM;
-
if (!irqchip_in_kernel(kvm))
return r;

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Don Zickus: "Re: [PATCH 2/8] [nmi watchdog] touch_softlockup cleanups andsoftlockup_tick removal"
Previous message: Stephen Hemminger: "Re: [PATCH RFC tip/core/rcu 04/23] net: Make accesses to ->br_portsafe for sparse RCU"
Next in thread: Chris Wright: "Re: [PATCH] kvm: remove CAP_SYS_RAWIO requirement fromkvm_vm_ioctl_assign_irq"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]