From: privacymiscoccasion@cock.li
To: Sean Christopherson <seanjc@google.com>
Cc: kvm@vger.kernel.org
Subject: Re: [USB Isolation] USB virt drivers access between guests instead of host -> guest?
Date: Mon, 22 Jul 2024 22:39:43 -0400 [thread overview]
Message-ID: <93ca9700dfce8ea0812e345bcbbf45cd@cock.li> (raw)
In-Reply-To: <Zp7rfbJpNDyhaZQO@google.com>
On 2024-07-22 19:30, Sean Christopherson wrote:
> On Mon, Jul 22, 2024, privacymiscoccasion@cock.li wrote:
>> Hi everyone,
>>
>> I'm coming over from reading about Qubes OS, which uses the Xen
>> hypervisor.
>> In Qubes, the way that untrusted devices like USBs are handled is that
>> they
>> are pass through to a VM, which then (I presume) allows other guests
>> to
>> access them using virtual drivers.
>>
>> I'm looking for a theoretical explanation on how this would be
>> possible with
>> KVM. I am not a developer and thus am having difficulty understanding
>> how
>> one would let a guest access virtual drivers connecting to hardware
>> devices
>> like USB and PCIe from another guest.
>>
>> Any help/practical examples of this would be greatly appreciated. This
>> seems
>> to be a hard topic to find and so far I haven't come across anything
>> like
>> this.
>
> In Linux, this would be done via VFIO[1]. VFIO allows assigning
> devices to host
> userspace, and thus to KVM guests. Very rougly speaking, most assets
> that get
> exposed to KVM guests are proxied through host userspace. I haven't
> actually
> read the DPDK docs[2], but if you get stuck with VFIO in particular, my
> guess is
> that they're a good starting point (beyond any VFIO+KVM tutorials).
>
> [1] https://docs.kernel.org/driver-api/vfio.html
> [2] https://doc.dpdk.org/guides/linux_gsg/linux_drivers.html
Hello,
Thank you for your response. Indeed, I have been looking at VFIO since
it's the first step to achieving such a configuration. However, from
what I understand, VFIO assists in "passing through" the hardware
controller/device(s) to a VM.
I do not follow how this fulfills the second part of my desired
configuration, i.e. allowing other guests to access USB
functionality/attached devices through a secure API with access control
mechanisms. I want the guest to be able to assign devices to other
guests, while maintaining the necessary security posture (since this can
become an attack vector). I might have missed something though, so I'll
go back and read again.
Thank you for your time.
next prev parent reply other threads:[~2024-07-23 2:39 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-22 14:11 [USB Isolation] USB virt drivers access between guests instead of host -> guest? privacymiscoccasion
2024-07-22 23:30 ` Sean Christopherson
2024-07-23 2:39 ` privacymiscoccasion [this message]
2024-07-23 4:51 ` privacymiscoccasion
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=93ca9700dfce8ea0812e345bcbbf45cd@cock.li \
--to=privacymiscoccasion@cock.li \
--cc=kvm@vger.kernel.org \
--cc=seanjc@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.