KVM: remove CAP_SYS_RAWIO requirement from kvm_vm_ioctl_assign_irq

Remove this check in an effort to allow kvm guests to run without
root privileges.  This capability check doesn't seem to add any
security since the device needs to have already been added via the
assign device ioctl and the io actually occurs through the pci
sysfs interface.

Signed-off-by: Alex Williamson <alex.williamson@redhat.com>
Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>

diff --git a/virt/kvm/assigned-dev.c b/virt/kvm/assigned-dev.c
index 4d10b1e047f4e9b3c3c22df98b25be6d23247e12..64672e2d43c3681afec9cd6cfd783d1f6b3a8bed 100644 (file)
--- a/virt/kvm/assigned-dev.c
+++ b/virt/kvm/assigned-dev.c
@@ -448,9 +448,6 @@ static int kvm_vm_ioctl_assign_irq(struct kvm *kvm,
        struct kvm_assigned_dev_kernel *match;
        unsigned long host_irq_type, guest_irq_type;
 
-       if (!capable(CAP_SYS_RAWIO))
-               return -EPERM;
-
        if (!irqchip_in_kernel(kvm))
                return r;