On Wed, May 26, 2021 at 12:56:30AM +0530, Kirti Wankhede wrote: > 2. iommu backed mdev devices for SRIOV where mdev device is created per > VF (mdev device == VF device) then that mdev device has same iommu > protection scope as VF associated to it. This doesn't require, and certainly shouldn't create, a fake group. Only the VF's real IOMMU group should be used to model an iommu domain linked to a VF. Injecting fake groups that are proxies for real groups only opens the possibility of security problems like David is concerned with. Max's series approaches this properly by fully linking the struct pci_device of the VF throughout the entire VFIO scheme, including the group and container, while still allowing override of various VFIO operations. Jason
