On Wed, Feb 16, 2022 at 02:28:09PM +0800, Lu Baolu wrote: > It seems everyone agrees that for device assignment (where the I/O > address is owned by the user-space application), the iommu_group-based > APIs should always be used. Otherwise, the isolation and protection are > not guaranteed. This group/device split is all just driven by VFIO. There is nothing preventing a struct device * API from being used with user-space, and Robin has been pushing that way. With enough fixing of VFIO we can do it. eg the device-centric VFIO patches should be able to eventually work entirely on an iommu device API. > Another proposal (as suggested by Joerg) is to introduce the concept of > "sub-group". An iommu group could have one or multiple sub-groups with > non-aliased devices sitting in different sub-groups and use different > domains. I still don't see how sub groups help or really change anything here. The API already has the concept of 'ownership' seperated from the concept of 'attach a domain to a device'. Ownership works on the ACS group and attach works on the 'same RID' group. The API can take in the struct device and select which internal group to use based on which action is being done. Jason
