On Tue, Dec 06, 2022 at 11:28:12AM -0400, Jason Gunthorpe wrote: > I'm interested as well, my mental model goes as far as mlx5 and > hisillicon, so if nvme prevents the VFs from being contained units, it > is a really big deviation from VFIO's migration design.. In NVMe the controller (which maps to a PCIe physical or virtual function) is unfortunately not very self contained. A lot of state is subsystem-wide, where the subsystem is, roughly speaking, the container for all controllers that shared storage. That is the right thing to do for say dual ported SSDs that are used for clustering or multi-pathing, for tentant isolation is it about as wrong as it gets. There is nothing in the NVMe spec that prohibits your from implementing multiple subsystems for multiple functions of a PCIe device, but if you do that there is absolutely no support in the spec to manage shared resources or any other interaction between them.
