bhyve: passthrough SMART info from host nvme controller
Wanpeng Qian
wanpengqian at gmail.com
Thu Mar 19 06:16:38 UTC 2020
I dont think that is insecure.
as bhyve can passthrough real device to VM. as your point, that make
more insecure, right?
Such configuration will not enable by default.
if user intend to do it, system has this ability instead of not implement.
Simple is best, less is secure. I know that. but real world has all
kinds of requirements.
if you provide more, more people using it.
On Thu, Mar 19, 2020 at 12:58 PM Jason Tubnor <jason at tubnor.net> wrote:
>
>
>
> On Thu, 19 Mar 2020 at 14:09, Wanpeng Qian <wanpengqian at gmail.com> wrote:
>>
>> > Can't you do what something like pci_passthru.c does in passthru_init,
>> > and open /dev/nvme0 in pci_nvme_init?
>>
>> Yes, you are correct. but that will make /dev/nvme0 keep open all the time.
>> I just thinking when guest fire a logpage command, open the /dev/nvme0
>> and get the SMART info. then close /dev/nvme0.
>
>
> So are you implying that it is safe for a guest to send such a call at anytime? For those that use bhyve for isolation, this sort of facility would be problematic not to mention insecure.
More information about the freebsd-virtualization
mailing list