Paolo Bonzini <pbonzini@xxxxxxxxxx> writes: > VFIO has proved itself a much better option than KVM's built-in > device assignment. It is mature, provides better isolation because > it enforces ACS, and even the userspace code is being tested on > a wider variety of hardware these days than the legacy support. > > Disable legacy device assignment by default. Shouldn't we mark it as Deprecated then ? Bandan > Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx> > --- > arch/x86/kvm/Kconfig | 7 ++++--- > 1 file changed, 4 insertions(+), 3 deletions(-) > > diff --git a/arch/x86/kvm/Kconfig b/arch/x86/kvm/Kconfig > index 413a7bf9efbb..a0f06a5947c5 100644 > --- a/arch/x86/kvm/Kconfig > +++ b/arch/x86/kvm/Kconfig > @@ -88,13 +88,14 @@ config KVM_MMU_AUDIT > config KVM_DEVICE_ASSIGNMENT > bool "KVM legacy PCI device assignment support" > depends on KVM && PCI && IOMMU_API > - default y > + default n > ---help--- > Provide support for legacy PCI device assignment through KVM. The > kernel now also supports a full featured userspace device driver > - framework through VFIO, which supersedes much of this support. > + framework through VFIO, which supersedes this support and provides > + better security. > > - If unsure, say Y. > + If unsure, say N. > > # OK, it's a little counter-intuitive to do this, but it puts it neatly under > # the virtualization menu. -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
