On Fri, Apr 15, 2022 at 04:07:51AM +0000, Tian, Kevin wrote: > > + struct vfio_group *group = filep->private_data; > > + bool ret; > > + > > + /* > > + * Since the coherency state is determined only once a container is > > + * attached the user must do so before they can prove they have > > + * permission. > > + */ > > + if (vfio_group_add_container_user(group)) > > + return true; > > I wonder whether it's better to return error here and let KVM to > decide whether it wants to allow wbinvd in such case (though > likely the conclusion is same) or simply rejects adding the group. Since the new model is to present proof at add it is OK - it just means the user doesn't have a proof to enable wbinvd. The thing that is missing here is a notifier so kvm can track changes in the group's assigned iommu_domain, but I think it is not necessary.. Jason
