[PATCH v2 0/8] Initial support for SMMUv3 nested translation
Jason Gunthorpe
jgg at nvidia.com
Wed Oct 16 04:53:31 PDT 2024
On Wed, Oct 16, 2024 at 10:23:49AM +0800, Zhangfei Gao wrote:
> > Nesting support requires the system to either support S2FWB or the
> > stronger CANWBS ACPI flag. This is to ensure the VM cannot bypass the
> > cache and view incoherent data, currently VFIO lacks any cache flushing
> > that would make this safe.
>
> What if the system does not support S2FWB or CANWBS, any workaround to
> passthrough?
Eventually we can add the required cache flushing to VFIO, but that
would have to be a followup.
> Currently I am testing nesting by ignoring this check.
This is probably OK, but I wouldn't run it as a production environment
with a hostile VM.
Jason
More information about the linux-arm-kernel
mailing list