On Tue, 10 Dec 2019 10:09:34 +0000 Daniel P. Berrangé <berrange@redhat.com> wrote:
On Mon, Dec 09, 2019 at 02:23:38PM -0600, Jonathon Jongsma wrote:
mdevctl also supports assigning arbitrary sysfs attributes to a device. These attributes have an explicit ordering and are written to sysfs in the specified order when a device is started. This might be the only thing that doesn't fit into the current xml format.
Not sure how much the 'explicit ordering' is actually required by the devices currently supporting this. It's probably a good idea to keep this, though, as future device types might end up having such a requirement.
Well we need to define a schema, but there will need to be some kind of validation added because. AFAICT, mdevctl does no validation, so a plain passthrough of this allows arbitrary writing of files anywhere on the host given a suitable malicious attribute name.
Uh, we really should do something about that in mdevctl as well. Writes outside the sysfs hierarchy should not be allowed.