From: Jan Beulich Subject: x86/pass-through: documents as security-unsupported when sharing resources When multiple devices share resources and one of them is to be passed through to a guest, security of the entire system and of respective guests individually cannot really be guaranteed without knowing internals of any of the involved guests. Therefore such a configuration cannot really be security-supported, yet making that explicit was so far missing. This is XSA-461 / CVE-2024-31146. Signed-off-by: Jan Beulich Reviewed-by: Juergen Gross --- TBD: Of course the system bus(es) is a / are shared resource(s), too. I'm afraid I don't know the low level details of PCI to be able to tell whether there are any fairness guarantees there. --- a/SUPPORT.md +++ b/SUPPORT.md @@ -841,6 +841,11 @@ This feature is not security supported: Only systems using IOMMUs are supported. +Passing through of devices sharing resources with another device is not +security supported. Such sharing could e.g. be the same line interrupt being +used by multiple devices, one of which is to be passed through, or two such +devices having memory BARs within the same 4k page. + Not compatible with migration, populate-on-demand, altp2m, introspection, memory sharing, or memory paging.