On Mon, 2019-04-08 at 09:23 -0600, Alex Williamson wrote: > Loading modules is privileged: > > $ modprobe vfio-pci > modprobe: ERROR: could not insert 'vfio_pci': Operation not permitted > > Granting a device to a user for device assignment purposes is also a > privileged operation. Can you describe a scenario where this is > reachable without elevated privileges? The driver core maintainer has > indicated previously that manipulation of driver binding is effectively > at your own risk. It's entirely possible to bind devices to the wrong > driver creating all sorts of bad behavior. In this case, it appears > that the system has been improperly configured if devices from a user > owned group can accidentally be bound to host drivers.
No user space action should ever crash the kernel, whether or not it is a privileged action and whether or not a configuration mistake is involved. The only exception are actions that are intended to crash the kernel, e.g. SysRq-c. I'm surprised that I have to explain this. Bart. _______________________________________________ iommu mailing list [email protected] https://lists.linuxfoundation.org/mailman/listinfo/iommu
