Groups should disappear into an internal implementation detail, not be so prominent in the API. > IIUC this work is heading towards allowing multiple domains in one group > as long as the group is owned by one entity. No, it isn't. This work is only about properly arbitrating which single domain is attached to an entire group. > 1) Introduce a concept of a sub-group (or whatever we want to > call it), which groups devices together which must be in the > same domain because they use the same request ID and thus > look all the same to the IOMMU. > > 2) Keep todays IOMMU groups to group devices together which can > bypass the IOMMU when talking to each other, like > multi-function devices and devices behind a no-ACS bridge. We've talked about all these details before and nobody has thought they are important enough to implement. This distinction is not the goal of this series. I think if someone did want to do this there is room in the API to allow the distinction between 1 (must share) and 2 (sharing is insecure). eg by checking owner and blocking mixing user/kernel. This is another reason to stick with the device centric API as if we did someday want multi-domain groups then the device input is still the correct input and the iommu code can figure out what sub-groups or whatever transparently. Jason
