It seems that from this forum post that the guest can get information about the host’s hardware such as your CPU. I’ve also tested this on Virtualbox and the CPU is shown.
Would it make sense to restrict /proc/cpuinfo, lspci and some files in /sys to root?
Has anyone tested whether other hardware information is leaked? Like motherboards, network adapters, GPUs etc.
Motherboard information can be found by running
cat /sys/devices/virtual/dmi/id/board_{vendor,name,version}
Virtualbox doesn’t leak the motherboard information. I haven’t tested this on other hypervisors.
Certain hardware devices like audio controllers and SATA controllers can be found by running lspci
. Virtualbox spoofs this info. I haven’t tested this on other hypervisors either.