On Thu, Sep 05, 2024 at 08:29:16AM +0000, Tian, Kevin wrote: > Could you elaborate why the new uAPI is for making vPCI "bind capable" > instead of doing the actual binding to KVM? I don't see why you'd do any of this in KVM, I mean you could, but you also don't have to and KVM people don't really know about all the VFIO parts anyhow. It is like a bunch of our other viommu stuff, KVM has to share some of the HW and interfaces with the iommu driver. In this case it would be the secure VM context and the handles to talk to the trusted world Jason
