Re: [RFC PATCH 2/2] vfio: Include no-iommu mode

On Mon, 2015-10-12 at 08:56 -0700, Stephen Hemminger wrote: > On Fri, 09 Oct 2015 12:41:10 -0600 > Alex Williamson wrote: > > > There is really no way to safely give a user full access to a PCI > > without an IOMMU to protect the host from errant DMA. There is also >

Re: [RFC PATCH 2/2] vfio: Include no-iommu mode

On Mon, Oct 12, 2015 at 08:56:07AM -0700, Stephen Hemminger wrote: > On Fri, 09 Oct 2015 12:41:10 -0600 > Alex Williamson wrote: > > > There is really no way to safely give a user full access to a PCI > > without an IOMMU to protect the host from errant DMA. There is

Re: [RFC PATCH 2/2] vfio: Include no-iommu mode

On 10/12/2015 07:23 PM, Alex Williamson wrote: Also, although you think the long option will set the bar high enough it probably will not satisfy anyone. It is annoying enough, that I would just carry a patch to remove it the silly requirement. And the the people who believe all user mode DMA

Re: [RFC PATCH 2/2] vfio: Include no-iommu mode

On 10/09/2015 09:41 PM, Alex Williamson wrote: There is really no way to safely give a user full access to a PCI without an IOMMU to protect the host from errant DMA. There is also no way to provide DMA translation, for use cases such as devices assignment to virtual machines. However, there

Re: [RFC PATCH 2/2] vfio: Include no-iommu mode

On Sun, Oct 11, 2015 at 12:19:54PM +0300, Michael S. Tsirkin wrote: > > But since you must pass the same value to open(), you already know that > > you're using noiommu. > > > > >VFIO_IOMMU_MAP_DMA, VFIO_IOMMU_ENABLE and VFIO_IOMMU_DISABLE > > >will probably also fail ... > > > > > > > Don't you

Re: [RFC PATCH 2/2] vfio: Include no-iommu mode

On 10/11/2015 11:57 AM, Michael S. Tsirkin wrote: On Sun, Oct 11, 2015 at 11:12:14AM +0300, Avi Kivity wrote: Mixing no-iommu and secure VFIO is also unsupported, as are any VFIO IOMMU backends other than the vfio-noiommu backend. Furthermore, unsafe group files are relocated to

Re: [RFC PATCH 2/2] vfio: Include no-iommu mode

On Mon, 2015-10-12 at 19:27 +0300, Michael S. Tsirkin wrote: > On Mon, Oct 12, 2015 at 08:56:07AM -0700, Stephen Hemminger wrote: > > On Fri, 09 Oct 2015 12:41:10 -0600 > > Alex Williamson wrote: > > > > > There is really no way to safely give a user full access to a

Re: [RFC PATCH 2/2] vfio: Include no-iommu mode

On Mon, 2015-10-12 at 11:46 -0600, Alex Williamson wrote: > On Mon, 2015-10-12 at 19:27 +0300, Michael S. Tsirkin wrote: > > On Mon, Oct 12, 2015 at 08:56:07AM -0700, Stephen Hemminger wrote: > > > On Fri, 09 Oct 2015 12:41:10 -0600 > > > Alex Williamson wrote: > > >

Re: [RFC PATCH 2/2] vfio: Include no-iommu mode

On Sun, Oct 11, 2015 at 12:03:17PM +0300, Avi Kivity wrote: > > > On 10/11/2015 11:57 AM, Michael S. Tsirkin wrote: > >On Sun, Oct 11, 2015 at 11:12:14AM +0300, Avi Kivity wrote: > >>> Mixing no-iommu and secure VFIO is > >>>also unsupported, as are any VFIO IOMMU backends other than the >

Re: [RFC PATCH 2/2] vfio: Include no-iommu mode

On Sun, Oct 11, 2015 at 11:12:14AM +0300, Avi Kivity wrote: > > Mixing no-iommu and secure VFIO is > >also unsupported, as are any VFIO IOMMU backends other than the > >vfio-noiommu backend. Furthermore, unsafe group files are relocated > >to /dev/vfio-noiommu/. Upon successful loading in this

Re: [RFC PATCH 2/2] vfio: Include no-iommu mode

On Sun, 2015-10-11 at 11:12 +0300, Avi Kivity wrote: > > On 10/09/2015 09:41 PM, Alex Williamson wrote: > > There is really no way to safely give a user full access to a PCI > > without an IOMMU to protect the host from errant DMA. There is also > > no way to provide DMA translation, for use

[RFC PATCH 2/2] vfio: Include no-iommu mode

There is really no way to safely give a user full access to a PCI without an IOMMU to protect the host from errant DMA. There is also no way to provide DMA translation, for use cases such as devices assignment to virtual machines. However, there are still those users that want userspace drivers