summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlex Williamson <alex.williamson@redhat.com>2010-05-12 09:46:31 -0400
committerAvi Kivity <avi@redhat.com>2010-08-01 10:35:45 +0300
commit48bb09eee4e102544808c00f43bc40a4a2e43e50 (patch)
tree8b3124aea0f596062816f4b5b4274685020f956d
parentaad827034e419fa8c5ec39e6455266f0b942d856 (diff)
downloadlwn-48bb09eee4e102544808c00f43bc40a4a2e43e50.tar.gz
lwn-48bb09eee4e102544808c00f43bc40a4a2e43e50.zip
KVM: remove CAP_SYS_RAWIO requirement from kvm_vm_ioctl_assign_irq
Remove this check in an effort to allow kvm guests to run without root privileges. This capability check doesn't seem to add any security since the device needs to have already been added via the assign device ioctl and the io actually occurs through the pci sysfs interface. Signed-off-by: Alex Williamson <alex.williamson@redhat.com> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
-rw-r--r--virt/kvm/assigned-dev.c3
1 files changed, 0 insertions, 3 deletions
diff --git a/virt/kvm/assigned-dev.c b/virt/kvm/assigned-dev.c
index 4d10b1e047f4..64672e2d43c3 100644
--- a/virt/kvm/assigned-dev.c
+++ b/virt/kvm/assigned-dev.c
@@ -448,9 +448,6 @@ static int kvm_vm_ioctl_assign_irq(struct kvm *kvm,
struct kvm_assigned_dev_kernel *match;
unsigned long host_irq_type, guest_irq_type;
- if (!capable(CAP_SYS_RAWIO))
- return -EPERM;
-
if (!irqchip_in_kernel(kvm))
return r;