On Mon, 2013-06-17 at 20:32 -0600, Alex Williamson wrote: > Right, we don't want to create dependencies across modules. I don't > have a vision for how this should work. This is effectively a complete > side-band to vfio, so we're really just dealing in the iommu group > space. Maybe there needs to be some kind of registration of ownership > for the group using some kind of token. It would need to include some > kind of notification when that ownership ends. That might also be a > convenient tag to toggle driver probing off for devices in the group. > Other ideas? Thanks, All of that smells nasty like it will need a pile of bloody infrastructure.... which makes me think it's too complicated and not the right approach. How does access control work today on x86/VFIO ? Can you give me a bit more details ? I didn't get a good grasp in your previous email.... >From the look of it, the VFIO file descriptor is what has the "access control" to the underlying iommu, is this right ? So we somewhat need to transfer (or copy) that ownership from the VFIO fd to the KVM VM. I don't see a way to do that without some cross-layering here... Rusty, are you aware of some kernel mechanism we can use for that ? Cheers, Ben. -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
