On 01/10/2015 11:43, Avi Kivity wrote: > > That is because the device itself contains an iommu.
Yes. It could be an option: - we could flag the Linux system unsafe when the device does not have any IOMMU - we flag the Linux system safe when the device has an IOMMU
