Comment 56 for bug 156085

On Fri, Sep 05, 2008 at 07:41:02AM -0000, Martin Pitt wrote:
> TJ [2008-09-04 18:20 +0100]:
> > The USB devices in /dev/bus/usb/*/* have root:root permissions.
> > Obviously it wouldn't be a great idea to have VMs running as root so I
> > was looking for an existing group that might be used to modify those
> > permissions so that kvm/qemu can obtain read/write access to the
> > devices. Without it USB support fails.
>
> Oh, hang on, it seems I misunderstood you in my previous reply. You
> weren't talking about /dev/kvm, but the actual USB devices, for
> propagating them through the kvm guest? In that case you really
> shouldn't change anything. If the user can access those USB devices on
> the host, then he should equally be able to access them on the guest,
> since the kvm process runs under his user account and thus can use the
> ACLs?

KVM is something of a special case here.

Normally, users access USB devices via a kernel driver which presents an
appropriate device node (e.g. /dev/sd* for mass storage devices),
and sane permissions are set based on that cooked interface.

For KVM USB pass-through, however, it needs access to the raw USB device
(/dev/bus/usb/*/*) so that it can be presented as a virtual device to the
guest OS. These raw USB device nodes are typically owned by root, because
they could be anything and we don't know what the appropriate permissions
should be. The device is released by the kernel driver, and KVM accesses it
exclusively.

Perhaps the raw device node permissions should be set to be the same as the
cooked ones? This would at least avoid tweaking for devices recognized by
the kernel.

Alternatively, we could punt and say that USB pass-through requires root
privileges or manual tweaking of the device node permissions. I'm not sure
to what extent this feature is used in typical KVM usage; I would think it's
mostly useful for reverse engineering and such.

--
 - mdz