On Thu, Feb 06, 2025 at 01:46:47PM -0400, Jason Gunthorpe wrote: > On Thu, Feb 06, 2025 at 05:10:32PM +0000, Daniel P. Berrangé wrote: > > On Thu, Feb 06, 2025 at 01:02:38PM -0400, Jason Gunthorpe wrote: > > > On Thu, Feb 06, 2025 at 03:07:06PM +0000, Shameerali Kolothum Thodi wrote: > > > > > If we set the physical/guest SMMU relationship directly, then at the > > > > > time the VFIO device is plugged, we can diagnose the incorrectly > > > > > placed VFIO device, and better reason about behaviour. > > > > > > > > Agree. > > > > > > Can you just take in a VFIO cdev FD reference on this command line: > > > > > > -device arm-smmuv3-accel,id=smmuv2,bus=pcie.2 > > > > > > And that will lock the pSMMU/vSMMU relationship? > > > > We shouldn't assume any VFIO device exists in the QEMU cnofig at the time > > we realize the virtual ssmu. I expect the SMMU may be cold plugged, while > > the VFIO devices may be hot plugged arbitrarly later, and we should have > > the association initialized the SMMU is realized. > > This is not supported kernel side, you can't instantiate a vIOMMU > without a VFIO device that uses it. For security.
What are the security concerns here ? With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
