[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: How to express "externally managed" IOMMU domains for VFIO/IOMMUFD ?

  • To: Teddy Astie <teddy.astie@xxxxxxxxxx>, "iommu@xxxxxxxxxxxxxxx" <iommu@xxxxxxxxxxxxxxx>, "linux-kernel@xxxxxxxxxxxxxxx" <linux-kernel@xxxxxxxxxxxxxxx>
  • From: "Tian, Kevin" <kevin.tian@xxxxxxxxx>
  • Date: Thu, 23 Apr 2026 08:01:50 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=mI8UwAD7OHI7ISiSB9HEpm60Fqupw13CdiWlOlqt3DM=; b=IAttDLV/6be2ZgoCY8jmS23lzxT3d1A002gmrU1jZyOUkssKbSMiUq5+LVJtApdg65RaChpC0wtevi8LVuqiffD5GhDAnKgwRgwv4/IL8OR6uqnytiw4zGm5zn5JSxBOgHnGU8BPVUnvs3iN7QfjYlustmHgiXj8pKpOfzMayz0puGZmsxJ3SplXI6q2cuOXUpF6gDV/oVK4m80ul9Os5xuqD/2AkxEtlBHI4Ws43RJvoQ4H1fn9dIoNl/jFsfc4vXV9ddBNvlCDDiPh50GqGmoMQosBKrEwJ61IRqP7x/6znUxI4cPy3vDI/98p+dfrSMcxn7muMngVvENzkHj6Ig==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=jkLgOjstDWEMofQogmzbHn+LPiBHYeaYyRN8VYmP6Ffyh0hf1SuOsQLijgZ2EaoBYoqYNCe89RDWxEKuvwPbVm+2YKzAbE1pFEINjormZYn1x7vZEVdgK23sZ8NuNRb4A7r84CZCqj5xUPjHQCjzJGftmhZ3PvbOE20HhRPeDwF1Mnj4IUEk9dnUcl7bjhw690V2SCZtlKtqCl+8cgOSSf1yIwicfHSa5B/hYJUdX359tp1ns3KW9xnl0e20JDNpXvAryND6TmelIq0ts3rlzNyeLlwZrwCBgq0pWL8Yk15d/GMrWAsbwJd1MOBTiJE2C0jKHvQX9aAsDkVb/7miMA==
  • Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=Intel header.d=intel.com header.i="@intel.com" header.h="From:To:CC:Subject:Date:Message-ID:References:In-Reply-To:Content-Transfer-Encoding:MIME-Version"
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com;
  • Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Thu, 23 Apr 2026 08:02:07 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHc0nD/HbUzotrTgkKZyZa10hSZGrXsSRwA
  • Thread-topic: How to express "externally managed" IOMMU domains for VFIO/IOMMUFD ?
> From: Teddy Astie
> Sent: Wednesday, April 22, 2026 11:59 PM
> 
> Hello,
> 
> On Xen, for PV-IOMMU [1], we have IOMMU support in Dom0, which in
> particular allows using VFIO and IOMMUFD from Dom0.
> 
> However, its interactions with PCI Passthrough are unclear, and it would

VFIO manages PCI passthrough. since it's already allowed which part of
interaction is unclear?

> be preferable to let the kernel handle some of this logic. That would
> for instance avoid situations where toolstack causes Xen and Linux to go
> out of sync on where devices belong.

what is 'some of this logic' and what is the exact out-of-sync scenario?

> 
> On Xen, we have a dedicated hypercalls for moving a device into another
> guest (so it no longer belongs in Dom0, at far as DMA is concerned).
> 
> But it looks like there are no way to describe that idea of "attach that
> device to this VM" nor "the device is in a VM"; which makes that
> impracticable.
> 
> There may be things that could be done with the vIOMMU objects, but
> there would be no "parent domain" in such case, as said earlier it
> doesn't exist in the IOMMU subsystem.
> 
> What is expected to be done instead ?
> 
> Teddy
> 
> [1] https://www.youtube.com/watch?v=pLMGRgEJ-Eg
> 

It'd be much easier to collect comments if you can put plain words
to explain the problem rather than expecting other folks to watch
the video first...

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.