On Tue, Feb 05, 2019 at 08:24:07AM +0100, Christoph Hellwig wrote: > On Mon, Feb 04, 2019 at 04:38:21PM -0500, Michael S. Tsirkin wrote: > > It was designed to make, when set, as many guests as we can work > > correctly, and it seems to be successful in doing exactly that. > > > > Unfortunately there could be legacy guests that do work correctly but > > become slow. Whether trying to somehow work around that > > can paint us into a corner where things again don't > > work for some people is a question worth discussing. > > The other problem is that some qemu machines just throw passthrough > devices and virtio devices on the same virtual PCI(e) bus, and have a > common IOMMU setup for the whole bus / root port / domain. I think > this is completely bogus, but unfortunately it is out in the field. > > Given that power is one of these examples I suspect that is what > Thiago referes to. But in this case the answer can't be that we > pile on hack ontop of another, but instead introduce a new qemu > machine that separates these clearly, and make that mandatory for > the secure guest support.
That could we one approach, assuming one exists that guests already support. -- MST _______________________________________________ Virtualization mailing list Virtualization@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/virtualization
