On Mon, Oct 14, 2024 at 08:48:27PM -0700, Christoph Hellwig wrote: > On Mon, Oct 14, 2024 at 01:18:01PM +0000, Srujana Challa wrote: > > > On Fri, Sep 20, 2024 at 07:35:28PM +0530, Srujana Challa wrote: > > > > This patchset introduces support for an UNSAFE, no-IOMMU mode in the > > > > vhost-vdpa driver. When enabled, this mode provides no device > > > > isolation, no DMA translation, no host kernel protection, and cannot > > > > be used for device assignment to virtual machines. It requires RAWIO > > > > permissions and will taint the kernel. > > > > > > > > This mode requires enabling the > > > "enable_vhost_vdpa_unsafe_noiommu_mode" > > > > option on the vhost-vdpa driver and also negotiate the feature flag > > > > VHOST_BACKEND_F_NOIOMMU. This mode would be useful to get better > > > > performance on specifice low end machines and can be leveraged by > > > > embedded platforms where applications run in controlled environment. > > > > > > ... and is completely broken and dangerous. > > Based on the discussions in this thread https://www.spinics.net/lists/kvm/msg357569.html, > > we have decided to proceed with this implementation. Could you please share any > > alternative ideas or suggestions you might have? > > Don't do this. It is inherently unsafe and dangerous and there is not > valid reason to implement it. > > Double-Nacked-by: Christoph Hellwig <hch@xxxxxx> It's basically because vfio does, so we have to follow suit. -- MST
