On Wed, 20 Sep 2023 14:49:19 -0300 Jason Gunthorpe <j...@nvidia.com> wrote:
> On Wed, Sep 20, 2023 at 07:37:53PM +0200, Eric Auger wrote: > > > >> qemu will typically not be able to > > >> self-open /dev/iommufd as it is root-only. > > > > > > I don't understand, we open multiple fds to KVM devices. This is the > > > same. > > Actually qemu opens the /dev/iommu in case no fd is passed along with > > the iommufd object. This is done in > > [PATCH v1 16/22] backends/iommufd: Introduce the iommufd object, in > > > > iommufd_backend_connect(). I don't understand either. > > The char dev node is root only so this automatic behvaior is fine > but not useful if qmeu is running in a sandbox. > > I'm not sure what "multiple fds to KVM devices" means, I don't know > anything about kvm devices.. Looking at a local VM, the only kvm related open file is /dev/kvm, which kvm_init() does directly open. The other tun/tap/vhost files are all passed by fd. We have a bunch of anon_inodes representing eventfds and vcpu source from /dev/kvm, but the only other direct files are disk images and the created pid file. > The iommufd design requires one open of the /dev/iommu to be shared > across all the vfios. "requires"? It's certainly of limited value to have multiple iommufd instances rather than create multiple address spaces within a single iommufd, but what exactly precludes an iommufd per device if QEMU, or any other userspace so desired? Thanks, Alex
