> From: Liu, Yi L <yi.l.liu@xxxxxxxxx>
> Sent: Wednesday, May 24, 2023 10:21 AM
>
> > >
> > > vfio_device_open_file()
> > > {
> > > dev_warn(device->dev, "vfio-noiommu device opened by user "
> > > "(%s:%d)\n", current->comm, task_pid_nr(current));
> > > }
> >
> > There needs to be a taint when VFIO_GROUP is disabled. Thanks,
> I see. I misunderstood you. You are asking for a taint. 😊
>
> Actually, I've considered it. But it appears to me the taint in
> vfio_group_find_or_alloc() is due to vfio allocates fake iommu_group.
> This seems to be a taint to kernel. But now, you are suggesting to add
> a taint as long as noiommu device is registered to vfio. Is it? If so,
taint is required because the kernel is exposed to user DMA attack
due to lacking of IOMMU protection.
fake iommu_group is just to meet vfio_group requirement.
