On Mon, Sep 15, 2025 at 11:41:13PM -0500, CAREY SCHUG via Talk wrote:
isn't a keyboard just a serial device? ai/search said a serial port can be assigned to a virtual machine....i really hate going back to my usual refrain. Well traditionally keyboards were effectively a serial device, but not RS232 serial. Now they are USB HID (human interface device). If you were to run two separate X11 (or perhaps wayland) instances, you could assign different input devices to each one along with different displays to each one, and you could run the virtual machine in one session, while using the other session for linux things. There are documents out there on how to setup a system for multi seat and this could be done with that.
if necessary, use adapters for a usb or din mouse to a db9 serial port, assign to the virtual machine, THEN plug in the mouse and per search/AI "The mousedev interface is also available for legacy applications that expect a PS/2-style mouse protocol. The system dynamically creates these device files when a mouse is plugged in, ensuring compatibility with both modern and older software."
ditto, for keyboards
And I thought I recalled seeing a game that talked about having two players, each with their own mouse or keyboard, playing against each other on one computer. many years ago.
I have seen a joystick per player. I have seen a mouse per player (although extremely rarely). Never seen a keyboard per player. The Amiga version of lemmings supported using two mice with split screen play for two players.
Can an I/O hardware address just be passed to a virtual machine, so the host does NOTHING to the data, doesn't buffer it (so no buffer overrun attack, etc), doesn't try to determine what kind of device it is, nothing except pass through to virtual machine? Now granted for that 400 gigabit network port, perhaps virtualization can't keep up with the interrupts and state switching to the guest, since the device cannot slow down, but I am not likely to have one on my home computer. (i checked, AI seems to think 400gb/s is the fastest currently available).
For PCIe devices, some support being passed through to a VM. If the host supports iommu and VTd. Common on server hardware, less common on desktop hardware, and on desktop systems even if they support it, it is almost always disabled in the BIOS (or UEFI) settings so you would need to go enable all the right settings before it could work. Having to do that is probably contrary to the goal of being usable by less experienced users.
Is there some committee somewhere I can make suggestions to bring virtualization up to the 20th (yes, 20th) century? including hardware upgrades to chips? truly independent channels in hardware that can be passed through to virtual machines and so make the host immune to any malware that exploits software unable to defend against incoming data violating protocols?
I think the ability to protect a guest from malware would be called magic. Not going to happen. "Stop all bad stuff" is not a well defined feature and hence can't be implemented. If you allow a system to have access to the network, it is going to have access to the network. The only way to make a windows system that is no longer getting security support safe from the internet is to not allow it any network access. A virtual machine doesn't change any of that. Network cards often support virtual functions which allows you to give a limited copy of the network card to a VM while allowed the host to keep the main instance of the network card. A few other types of hardware also has virtual functions, but I have mainly seen it on network cards since there it is pretty clear what it should do. Sharing a video card is a lot harder. I suppose letting each instance have one display output might work, although there is still sharing of rendering and memory resources which could get complicated. So yes the hardware to do this exists and has been supported for years, but usually only on server hardware since that is where people wanted to use it. -- Len Sorensen