From nobody Fri Nov 21 10:01:19 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1762195786558977.795488531635; Mon, 3 Nov 2025 10:49:46 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id E1C8244198; Mon, 3 Nov 2025 13:49:45 -0500 (EST) Received: from [172.19.199.29] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id E68D7441AB; Mon, 3 Nov 2025 13:47:41 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 0797443EB5; Mon, 3 Nov 2025 13:47:30 -0500 (EST) Received: from CH1PR05CU001.outbound.protection.outlook.com (mail-northcentralusazon11010047.outbound.protection.outlook.com [52.101.193.47]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id ADC9243EB1 for ; Mon, 3 Nov 2025 13:47:29 -0500 (EST) Received: from SJ0PR12MB6855.namprd12.prod.outlook.com (2603:10b6:a03:47e::6) by BL3PR12MB6643.namprd12.prod.outlook.com (2603:10b6:208:38f::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9275.15; Mon, 3 Nov 2025 18:47:24 +0000 Received: from SJ0PR12MB6855.namprd12.prod.outlook.com ([fe80::1924:8e6f:c8f3:83c2]) by SJ0PR12MB6855.namprd12.prod.outlook.com ([fe80::1924:8e6f:c8f3:83c2%3]) with mapi id 15.20.9275.015; Mon, 3 Nov 2025 18:47:24 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=JH1yj/8FIA/Crdq25RkCYWyZ3YdUU/vstr5VYqMAInTZT/fq+a24XZGx1AYE7jBcLp6JDH20kfHHezGMV9gQeNbP2DMWWUKQw5cRlXdh7oDkEgtY4a2u0Bqv3z1zkEMzCyAuZMGOZcg4S8QlaW6bjyoXkzglgoVTLslV6Q0EWPrcvF0NkN9zv56ErKQZ0zamdteX41tQ4hsshagtM5IpcdOrex9PApWaiPiC2fXoDNpO2vgHj3dc5q0HkauuxsCek1hAM5q5FDu5x6ZcP97mI1bPzBQgzGYcJX9Sq2vLfNN+zVsByCwXs1XG+fTc6b4aOvbjn2zxqiP5wTqvMHR3Dg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=luMpDj9meLB+4/S4U220jb3skc/hMdPxBO6VzxWkxzQ=; b=DmXHPCiuyJ9RNvVdCs598XiIOs+5mZ+Y0rzz1RxePgpn7MrVDEkOrR1NX0O3et1rbn7T5GAt0nH0xpoieblEc9nmIUqP4giwf54MhqdhHKksZGMKx+YaI6NV+Gn6Q2GHJw84YVfGO2GD8CIeYAtK2fFwD5eQHqsooQAcgmO12yHxEV8u+Xgzum1G2dQr1diR3nd6XNx2i2ij4gOvqFJNCVDxl98La/jPCl55+NVv5dZrOaT9eyBLuWJwt3IC6qPfQZyHWshjG6Vf0BqHzd0BVkDQfTnyGXGfhB54ntlp+8F/2s3hXIof26SE77nZQZEiuFyCuIwnAa+MxV12kaqaZA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=luMpDj9meLB+4/S4U220jb3skc/hMdPxBO6VzxWkxzQ=; b=ZxkwEbSYKcx3Ap6CQzvMlvWUIsxRoCRtv5A9m+3RqGN7RK7PNqBFchtxb/LdyxIi4AFzgyEIqQVjhVYlw1kW63ze9D9sb9CZf6uGemQ6JdWQGzG07GMMzCBemj3OF6iKWPT2AudimKThOz9eTnSSg1P26lYYsrtN4y3yeGiwgjDvVN1QANuQ0CxDyAV9Vo0Q6BnfYnzLveV8QMdrQBMykuBgySGOPmcp3cIMvEzGBjfkBXkUdPFb1Z7c5QAtHbvsZH+OK7oSMPR/xzgqeUIKz3jt6G8Zb6zTUrOLpciutpw41pJqR85OkUqLUsTqYB0sGxfjbrGPhk6JhtzA0/nGlA== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH 1/4] qemu: Implement support for associating iommufd to hostdev Date: Mon, 3 Nov 2025 10:47:08 -0800 Message-ID: <20251103184711.4022833-2-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251103184711.4022833-1-nathanc@nvidia.com> References: <20251103184711.4022833-1-nathanc@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: PH7P221CA0081.NAMP221.PROD.OUTLOOK.COM (2603:10b6:510:328::33) To SJ0PR12MB6855.namprd12.prod.outlook.com (2603:10b6:a03:47e::6) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ0PR12MB6855:EE_|BL3PR12MB6643:EE_ X-MS-Office365-Filtering-Correlation-Id: 6db49436-99e3-443d-9588-08de1b096dce X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?IafboSUGGb58yCeD3INhlUFWnd3K61HJruitibLRr9/W8H3cSsPJT9fX6IDZ?= =?us-ascii?Q?TPyGusQn7iNb5vzh3G8jgiPoQqblAcJrV34w/301I4b/+rvGcegHk5yg1LFp?= =?us-ascii?Q?LgGhYrqBw7raRGy/xUePkJNdLwiuHIjPdYTo8N+HpNmzAUFQz+5dYj9GFTCI?= =?us-ascii?Q?34kLD+uRYAQWXGdlAL68hrbtPkWX8T73A8Yd8agxWuKuyiPZi+29Y0EFg3tK?= =?us-ascii?Q?uSj5+2VcInQsvPyX18Hp+AFdeG1lqqfLqlGoVxmw/Ekk6EP7tFxxajeAnBb7?= =?us-ascii?Q?MrMoWg6Xha0nt4FTSIXThuzW/rfa/D/nLfUD+qR3GHGqN/0OomewP+sTC4B4?= =?us-ascii?Q?wbWzOqJA+EbP/gnPGdEbcrpYxq6IbxqnPs94ACzIu3xKPWTupobvrrqLG7ld?= =?us-ascii?Q?znYdhasmb2+r+sJCxmU0mmi79TTc+BRw1bc4AtPxleiRyXz8CBXwdQrT2/d2?= =?us-ascii?Q?LuGaykPtQnNpGxZ98NIcwnw9YI+XNj9z6yuRh2FRDxQLc/ONGi7qbNk1sUzi?= =?us-ascii?Q?eSRw49HKrZnAzXhriQHDVhaQbcs85RtYCJT9OzSPnni7DY2sFHyU/HJ1NN4G?= =?us-ascii?Q?mBQGJSMtwva75h1IhSZ+EuadeTA6JKa5NfyJ7+YUQY8IqVuxSc+AF4LnivCB?= =?us-ascii?Q?MugP9kQyJYdVzuX9SKF1D7M8hLAEyqac5EhojC4KXLTWFyu8rZHLlRqYqzU9?= =?us-ascii?Q?fTqu/4mzzjz9F8D3cIGpL602iOY/n/LslmJsoIoRGR4sL3wwU9VBdoij/IlC?= =?us-ascii?Q?73+Ck5nfo7YroGbXGAHqffFzLxffPB+5A9UfLlU+4mQwu16yveU0RSP0ZaaL?= =?us-ascii?Q?ml06bbUiHh4jTr1jgD2mLymsD1HeR2d7qoZRYbnIFGrdaGDDsGfcRs3xfE0t?= =?us-ascii?Q?JCYsJC74CYEBpHIHwtw72mQhfGAL1TGAqGiOTOji8SgC+aOmUFoQK/KUJ9Se?= =?us-ascii?Q?wR6CkJiO+HVIlf+7lcvkLomVBkn9cvH/z9M1ZlbJOLy3VP3Y+PcLvub1g60X?= =?us-ascii?Q?jC5YFZEivw0wck2CMs5fhI8y9GDwUnBZOUv99AYtXweDZGP83UUH3H6YLoBw?= =?us-ascii?Q?BdYHk7ouBvvJ7YmQNrRMMnD0KO17pVv6K9dp6AY9ZLoMjuPeprKCmiz5n7jd?= =?us-ascii?Q?2NcWdjU+Ssr0x66fAd7h65uVRD8PJAhiqNP6IJpyn1b2t0/wXv3QPAdRhxFL?= =?us-ascii?Q?EvXAUoEUGNBC2bx0J7huEV4CFBbRQPosc9LTQYAsCHJ9/1jJwV9MjdU2L47H?= =?us-ascii?Q?yYhT+UFNPEMJkOr+mOkOp92I/o5anIHoH/m6Dm+9VUrRcUQN+yXqBpXCnfs0?= =?us-ascii?Q?2INCcT+aqhxqKWHmaXfz6k15o8tRtaY6CCf4A7AGAcONEwCOMbh9g9qCNtAt?= =?us-ascii?Q?N5AtwP280A862bpZa91eVcqnV+/FnCIF4S7sHkd1fJa0jm01Mylk5stG5Wbs?= =?us-ascii?Q?n2Si+UcU4JF4qV80+3UM+FbtLUnoOD+/?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SJ0PR12MB6855.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?TjNTlm9LpuN3/OPJBJspqdU324INPwUaOsa85QczD0WXHWxYWlVM5znpLA7j?= =?us-ascii?Q?l35WQVbsUkyo/Z46FegER3Hqs8pdEabqrfEVNJuSrALSPtL2ahDNspjfg2eX?= =?us-ascii?Q?gfZRLQNyltzYfyVQJJ71HbkQL2yoygsno+0ilIbeD7iAJsv1Q8LCQYAQgBE1?= =?us-ascii?Q?Jrkfb0J13cJysXaveIqe0qyGZN1LbUO2HT98Bv28tsNfDZPY/1iz7mwA1K3t?= =?us-ascii?Q?ve1R73j7VutXD0HXLerSvnVznCJUm3ifhfVhzikgqcXMC0MMOSd/6Bbupn/h?= =?us-ascii?Q?yFZehObZUHYyOPrN1rERHH1Mg+uy9KpTV4SX5I51LQd2OlR9xa6H7pV6Rijc?= =?us-ascii?Q?URWUtW+1reP/JmjD5/5CeSeTvdC9Th7gDTLfwngHsXsciDMTJJ7djt8Snpnr?= =?us-ascii?Q?5f2QzJlUv/Lw3t3y5zmW5C/iAMZjfCAu6+fXtNXqcv/wOr+BBB9sxdQkawG1?= =?us-ascii?Q?R1tarYXgaCdUaLky4XBKqluDY4UKEKcMF59qYQpWh3CLZO1dT1DVj6YrTkIT?= =?us-ascii?Q?6sKecGPV5+iQafRaqrqcK4e16iymSmAjKkq1u0PJuFtR3IHajjTJcG7gc6iI?= =?us-ascii?Q?lJkwR02fCDZMlf0J0YOgUpVqG2DH++j6+L+U+zCzYAGf/EEdX9qE6OjpxwBA?= =?us-ascii?Q?EtUkduCU3J+vKY964h+Qm8qfGSt6xINrshh+y0R+KmyVn0L8n5SuY6ysZr6H?= =?us-ascii?Q?OwJn4yYUwNWnX9AjVM4DbDkmOdIjSSpJZqtJql9RXOXZ66ongHHAl0vBI/gG?= =?us-ascii?Q?Lh87t3vxWXg4rsGR/SWJek0JQmdbLKg6PVRmmKYINwrd9iMXHaYr6O7Dys57?= =?us-ascii?Q?ILTO1tJ3dy5r/blYiT/+cvjJP1RrJ9Q7UVAOHVvZOvTcUg6J/4dtt6/6Q4y3?= =?us-ascii?Q?Ecbee9vd5+5r1emouGgJAupgBCHiXynPvRBsLErKxF10UA95ot0ENZ4fJ2iM?= =?us-ascii?Q?uQ+MJVPaJv3g5SX4x2mq84dSQSlcmGeiUaSugucwSBpRfObs4eDahPqovOgm?= =?us-ascii?Q?AvobiJkURLvQAVOBcung5x9MDA6+oCJ8+nT9199ISkaBZWJPOYi/CnTXyrM8?= =?us-ascii?Q?DO4mKKrI3mFWFIVncoqaiEBiZRCheceREWbinqGqWYECPZwmen7HDk5mTnju?= =?us-ascii?Q?zvTgNF/rZIh6xZTnzFd8lkLNYOnrZ6A7UlHJRT6dNAEVNXmHf57tLIZKLkPA?= =?us-ascii?Q?1lVMoOpTHF6x38iwe4OGJ9/hqMadubvXx4eMBBUDrWcyq/oalkhxKiSDvBZW?= =?us-ascii?Q?zpn1Tb03Q7ntNe0ILrQ3CQer/gkxiYwUW7Ya0WG4CYyqoG1RPmBpTb1jJt/m?= =?us-ascii?Q?2BtY4wlfy4ACLL/u2RMKSw9Y3kZC2uPjRcFBJIv+ZJomGu1lx4oBdwHi6F8G?= =?us-ascii?Q?vz18mR4j9JlxfCQM5tsWdXK78fuqGNziwUe549sLPlId/4UXY3GtSLOfNSs6?= =?us-ascii?Q?lLE5jQ9xvbM4DZfOZL6tl3lSWNSVsJKzMUxAdeK9g9jgO5bNPx1w8EUcVhzX?= =?us-ascii?Q?rxufTHKPMw/bnuotdUj/jgvgVMWuElg8HXyxDsrMyTxfrZeEqOe8uwsnCUgE?= =?us-ascii?Q?lY8SyUsHxhkngepza4EUnzMPRcDcfg3QlzLeVNm6?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6db49436-99e3-443d-9588-08de1b096dce X-MS-Exchange-CrossTenant-AuthSource: SJ0PR12MB6855.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Nov 2025 18:47:24.5733 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: y2a5kGx7qhHi3Wk5ZpR9vdAxcS8IYeYT4gP1sxtLR8wJ2Lkk4IZtuSDwDDaTnqtCHl5vhpGEGGdYYHTP39ZfOw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL3PR12MB6643 Message-ID-Hash: 4XPDXFO77QPC475I7UPEEEBTA4L7B24W X-Message-ID-Hash: 4XPDXFO77QPC475I7UPEEEBTA4L7B24W X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1762195789583154100 Content-Type: text/plain; charset="utf-8" Implement a new iommufd attribute under hostdevs' PCI subsystem driver that can be used to specify associated iommufd object when launching a qemu VM. Signed-off-by: Nathan Chen --- docs/formatdomain.rst | 8 ++++++++ src/conf/device_conf.c | 9 +++++++++ src/conf/device_conf.h | 1 + src/conf/schemas/basictypes.rng | 5 +++++ src/qemu/qemu_command.c | 19 +++++++++++++++++++ 5 files changed, 42 insertions(+) diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 34dc9c3af7..a5c69dbcf4 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -4845,6 +4845,7 @@ or: device; if PCI ROM loading is disabled through this attribute, attempts= to tweak the loading process further using the ``bar`` or ``file`` attribu= tes will be rejected. :since:`Since 4.3.0 (QEMU and KVM only)`. + ``address`` The ``address`` element for USB devices has a ``bus`` and ``device`` attribute to specify the USB bus and device number the device appears a= t on @@ -4885,6 +4886,13 @@ or: found is "problematic" in some way, the generic vfio-pci driver similarly be forced. =20 + The ```` element's ``iommufd`` attribute is used to specify + using the iommufd interface to propagate DMA mappings to the kernel, + instead of legacy VFIO. When the attribute is present, an iommufd + object will be created by the resulting qemu command. Libvirt will + open the /dev/iommu and VFIO device cdev, passing the associated + file descriptor numbers to the qemu command. + (Note: :since:`Since 1.0.5`, the ``name`` attribute has been described to be used to select the type of PCI device assignment ("vfio", "kvm", or "xen"), but those values have been mostly diff --git a/src/conf/device_conf.c b/src/conf/device_conf.c index c278b81652..88979ecc39 100644 --- a/src/conf/device_conf.c +++ b/src/conf/device_conf.c @@ -60,6 +60,8 @@ int virDeviceHostdevPCIDriverInfoParseXML(xmlNodePtr node, virDeviceHostdevPCIDriverInfo *drive= r) { + virTristateBool iommufd; + driver->iommufd =3D false; if (virXMLPropEnum(node, "name", virDeviceHostdevPCIDriverNameTypeFromString, VIR_XML_PROP_NONZERO, @@ -67,6 +69,10 @@ virDeviceHostdevPCIDriverInfoParseXML(xmlNodePtr node, return -1; } =20 + if (virXMLPropTristateBool(node, "iommufd", VIR_XML_PROP_NONE, &iommuf= d) < 0) + return -1; + virTristateBoolToBool(iommufd, &driver->iommufd); + driver->model =3D virXMLPropString(node, "model"); return 0; } @@ -93,6 +99,9 @@ virDeviceHostdevPCIDriverInfoFormat(virBuffer *buf, =20 virBufferEscapeString(&driverAttrBuf, " model=3D'%s'", driver->model); =20 + if (driver->iommufd) + virBufferAddLit(&driverAttrBuf, " iommufd=3D'yes'"); + virXMLFormatElement(buf, "driver", &driverAttrBuf, NULL); return 0; } diff --git a/src/conf/device_conf.h b/src/conf/device_conf.h index e570f51824..7bdbd80b0a 100644 --- a/src/conf/device_conf.h +++ b/src/conf/device_conf.h @@ -47,6 +47,7 @@ VIR_ENUM_DECL(virDeviceHostdevPCIDriverName); struct _virDeviceHostdevPCIDriverInfo { virDeviceHostdevPCIDriverName name; char *model; + bool iommufd; }; =20 typedef enum { diff --git a/src/conf/schemas/basictypes.rng b/src/conf/schemas/basictypes.= rng index 2931e316b7..089fc0f1c2 100644 --- a/src/conf/schemas/basictypes.rng +++ b/src/conf/schemas/basictypes.rng @@ -673,6 +673,11 @@ + + + + + diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index c538a9fb2f..8fd7527645 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -4738,6 +4738,7 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, g_autofree char *host =3D virPCIDeviceAddressAsString(&pcisrc->addr); const char *failover_pair_id =3D NULL; const char *driver =3D NULL; + const char *iommufdId =3D NULL; /* 'ramfb' property must be omitted unless it's to be enabled */ bool ramfb =3D pcisrc->ramfb =3D=3D VIR_TRISTATE_SWITCH_ON; =20 @@ -4771,6 +4772,9 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, teaming->persistent) failover_pair_id =3D teaming->persistent; =20 + if (pcisrc->driver.iommufd) + iommufdId =3D "iommufd0"; + if (virJSONValueObjectAdd(&props, "s:driver", driver, "s:host", host, @@ -4779,6 +4783,7 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, "S:failover_pair_id", failover_pair_id, "S:display", qemuOnOffAuto(pcisrc->display), "B:ramfb", ramfb, + "S:iommufd", iommufdId, NULL) < 0) return NULL; =20 @@ -5195,6 +5200,9 @@ qemuBuildHostdevCommandLine(virCommand *cmd, virQEMUCaps *qemuCaps) { size_t i; + g_autoptr(virJSONValue) props =3D NULL; + int iommufd =3D 0; + const char * iommufdId =3D "iommufd0"; =20 for (i =3D 0; i < def->nhostdevs; i++) { virDomainHostdevDef *hostdev =3D def->hostdevs[i]; @@ -5223,6 +5231,17 @@ qemuBuildHostdevCommandLine(virCommand *cmd, if (hostdev->info->type =3D=3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_U= NASSIGNED) continue; =20 + if (subsys->u.pci.driver.iommufd && iommufd =3D=3D 0) { + iommufd =3D 1; + if (qemuMonitorCreateObjectProps(&props, "iommufd", + iommufdId, + NULL) < 0) + return -1; + + if (qemuBuildObjectCommandlineFromJSON(cmd, props) < 0) + return -1; + } + if (qemuCommandAddExtDevice(cmd, hostdev->info, def, qemuCaps)= < 0) return -1; =20 --=20 2.43.0 From nobody Fri Nov 21 10:01:19 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1762195888239222.25173067676621; Mon, 3 Nov 2025 10:51:28 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 36A523F358; Mon, 3 Nov 2025 13:51:27 -0500 (EST) Received: from [172.19.199.29] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id E3078441CD; Mon, 3 Nov 2025 13:48:03 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id AF9A944139; Mon, 3 Nov 2025 13:47:54 -0500 (EST) Received: from SN4PR0501CU005.outbound.protection.outlook.com (mail-southcentralusazon11011030.outbound.protection.outlook.com [40.93.194.30]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 30C9244112 for ; Mon, 3 Nov 2025 13:47:34 -0500 (EST) Received: from SJ0PR12MB6855.namprd12.prod.outlook.com (2603:10b6:a03:47e::6) by BL3PR12MB6643.namprd12.prod.outlook.com (2603:10b6:208:38f::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9275.15; Mon, 3 Nov 2025 18:47:28 +0000 Received: from SJ0PR12MB6855.namprd12.prod.outlook.com ([fe80::1924:8e6f:c8f3:83c2]) by SJ0PR12MB6855.namprd12.prod.outlook.com ([fe80::1924:8e6f:c8f3:83c2%3]) with mapi id 15.20.9275.015; Mon, 3 Nov 2025 18:47:27 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=gtWljJYaVP//NHRMEBFPE97lIHLS0m+LSnjIjygnDQQec3X6kG6YLIQ7rcrxaB2+F9oiihKT+PdyQbBXCs2kA9wpgEtFy+MybMrlndZb/s6EV7SY18dQ8U2v3nnQRa1cSgzFhAVjwvx7moreuWG5qJcCwotwNhcWvVmgJNNBRbeVFahOvBvwCW3RP/t/UZo/cIng67EkrF9H6ph/oyd0585VAYL+u5YgKxKcJP/F5VVfuZjmSaHgWm2zlLQRlVLiSXazF3ygwdLTKmGzSE9/8eb+3r7pz116aJ/M9cd1lcCwfcZQJSgzc45pDB/hWIaEA3bke8jMM477OwKF8OOP4Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=qABJKzH3qAGuilz9elVH9PI9KAjMz5vC0L0V1hq9v5Y=; b=tw2zP7QwOVN5fYzkK7R/m19RmEAFS00W6vfT2/tGKWfn7ZqNUEydY9MDZE1Ga4M2uy8xmKjkS9zd/yGEOwu0AxOCjRWBuENHlCUnBSpM9r0GTudK02UKSWXOaSwIeQQa+Douvcbahw9zwZAsm2uXcuDRbPPULPZ1kSUUp1aSehhdvTeNpgh8gJ9HzTiLHL6B61aBMPAQg9eDVDNMaXypuh23281a3slA0qMcl4Ektx+ask6gdJ/Dc3K0rFN3rwKR+a4cG6wvp2TnCCShTa3HJeyjJh5yWRkIPPwLa37rO86Fz3UBbvHm+LOt65VezUFMOxw8UUD6+7xys8zPUR2t/Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qABJKzH3qAGuilz9elVH9PI9KAjMz5vC0L0V1hq9v5Y=; b=A2kOoXEYtZcg4PLeShxuheFHgM1KdRe1SCWCKrJMUGZfjwCNbaVtdwTwDJ832iMgwI/kcmPdc3j1nIaH38YSWZUmgscELonEeGeswzllesunXbNqvoRbk8CSdUWt7Y/CKUyHjsnjmNJv0x6prE4849RGEd3q5/4gCIff57xIOIN/cHcdPCuEjADiR+BkJG7czCNgjgj1tTJoGnnVWc0MZAFNGFlO2+xR4v3GlpeY0Oc+gdLbBQNCTS4IXcvjpobT56ANVMA9iejEb5KW/AfFxku7UgDj0aAMWkiAihrtfzexxxo7ko0y4yyfVgebP1XN5s+cFyGp1MmGu+o0cY15QQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH 2/4] qemu: open iommufd FDs from libvirt backend Date: Mon, 3 Nov 2025 10:47:09 -0800 Message-ID: <20251103184711.4022833-3-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251103184711.4022833-1-nathanc@nvidia.com> References: <20251103184711.4022833-1-nathanc@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: PH8P220CA0026.NAMP220.PROD.OUTLOOK.COM (2603:10b6:510:348::12) To SJ0PR12MB6855.namprd12.prod.outlook.com (2603:10b6:a03:47e::6) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ0PR12MB6855:EE_|BL3PR12MB6643:EE_ X-MS-Office365-Filtering-Correlation-Id: c726466d-0e9a-4288-8ba8-08de1b096f82 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?HKmQDEVt0uRuWJoqmk4dLECDmaX2WpnpVq00mLzp/JsWx60slqxbWluwZVVG?= =?us-ascii?Q?Sj2OIA+F6pw6mM7dPJwbicNl00z95Rx+NWjcaKJB8hZKB7HYpdnT6XZpNStc?= =?us-ascii?Q?Dry8SUGyQp66dcK2F/XXV0oUIvMuYr0jiYm8PwJPEG4RGBtgbacS0tQF5Ho0?= =?us-ascii?Q?QOXVMeKTTiE1EmILt+ADqoa8y2xegdsRHbchTEwypG/sj0cavn+6GjJVogbw?= =?us-ascii?Q?QnZPWtZRdw8wGnH8kyfl8h/6rYD9LDlwBhQbOnOCLryr/0ap61Ww8MoNWkzL?= =?us-ascii?Q?Sh70XKrSG1k7rHHuljlCWNp4id61OPBKoek/jw0XrHfOxP0C1Scl5P/PfDA2?= =?us-ascii?Q?QusDHPq69dxrvN4qo970C71Sg4okkmlMeUMTbaWF61pS/jLKcfFiqOHrWxdv?= =?us-ascii?Q?mBcmIf71JsG+fsBxEAEF5/BhO03O8hpSkXqan2HCljgWteFs2sX4ZQ2H+2Ej?= =?us-ascii?Q?7SEY9lxqWE2CnfdQjmVhP9rr4OrWXlV+fu7ZkO97zMFtCuUukM19HtcAPic+?= =?us-ascii?Q?jMz4gsg4MkMIoMhLlGiIBgbaSZrUuFxwFvXESmrNHR4i5nBinVGxd04YZ27/?= =?us-ascii?Q?XqYpgjonP/H3CIwqvD8lAZCRNemHnmGDAotCk5l247/LuV64KntgfSoqVsF1?= =?us-ascii?Q?TYEQevEds0R09O9U2HELUIMnx0DJ81zb49LrIQ3UhTz3J+rt2up5Q/TgetI+?= =?us-ascii?Q?L5mcsU3YYIeEFPLVm7Q4hy2a5w6p6daFXIIfrZ4iCDZlr2vWECE4ZrIKfxrH?= =?us-ascii?Q?iESstgpC6ODPkWSLYfGzQbOZV7h9W8XBCpIwzeTAM1G55S/3UK4sYV+8xUc/?= =?us-ascii?Q?3rIQBRcOnZda4yWcwu5t1deVvFDk+KtVSbqs1uRFoq+uKgJguzGCzP00dbR4?= =?us-ascii?Q?TiH1hYIQ/A04z4Qv/WXSDJEN+kZEPUlRXyW65MlzXTm5MFF8RVJSGbz2M7zA?= =?us-ascii?Q?8Sc0CNHac3tgD7Rpce2Yz1vH0R7/f05ehBWvPiLIkRRZV2MxfwAs01O+UyjX?= =?us-ascii?Q?RZpE7exahB+6pNwP6aPaEq9z529MhXqLb4PVI80RCz+KMebfhr883Vr7jaz7?= =?us-ascii?Q?0ytuAKFGex5abDhe2FU2smkK+Qc61yVZNf/Pv29cQG3ZBry4l7QjhY54SxKw?= =?us-ascii?Q?BMp60knIvFjK7iUerOSWMx+30MwZo+QYykGeJPdcJmKM4cJ16tUo7hTkRiYz?= =?us-ascii?Q?Rd9Xg8ybMr6YvD26esv0qbcsEioLE6XXA6vFcfj4GRKcizdO/WkeKv7d2rAJ?= =?us-ascii?Q?V5GMG15oXmECJpoDMa6NaCZRSr3jty3xA7bejgqta/BDdOGeU9/7GMRjrdvp?= =?us-ascii?Q?H59DnziE14QrsIoFW4LYyPyAvPB2Pgsng6vKSM5uPCxno4RMugmaX02oeSoD?= =?us-ascii?Q?Vxj5Oevxs3Z9hjJ9wfQuqbSUqtKbgTKBe1hafsQHvtv42wz9TFYAFNaJst1/?= =?us-ascii?Q?WfFuwA6cN7X+tRe9TEe8qSAwD+W14Am0?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SJ0PR12MB6855.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?QlJjhteKkKP8fdizgu9tzbA4pC5cjoVZcMixkvRzq81anN7Ji6I+QKqEuV5S?= =?us-ascii?Q?3O1ncQ1Su9Qvb/PeSA/6gVHpEUmMtt8Ee/14ETJ8B66ps0yg1bmDA+XOP1Tv?= =?us-ascii?Q?EfMkGa7s07CzSYM2kf/s2bF8YF2+tH9QIPWZKSX3qXs9AbEU3ayo8N5NHoNn?= =?us-ascii?Q?pcVMXec0VEBAHl6rqGuatKHYMK2NFP0GiIxlJksE4rt/VyfV/h+zBr5Z5UyY?= =?us-ascii?Q?+EdDkFn/L2aDmTtivr/2DC6iijr3Zjwe+c3c/3tL7ZwZnjNzfWZvLEkZEjSC?= =?us-ascii?Q?9Guu644l+VStkw+Cdz9SSEONWkEG3Qg2XttXMBtASyXoEZC+PLDGSje23y40?= =?us-ascii?Q?DyYUmKqjLtD46ojoNg5gRyrmWlF5/o+YHxSBxHZh78jMNVVMB2jjH6pBIyNE?= =?us-ascii?Q?SaENC8A5ggGEkNmw2ZM5T5f3ckR3BN6Jhy8Z0G7RPkTSj5G2MkZ9+Y7CpD1N?= =?us-ascii?Q?RRjZarSnFo7ZUiQnl20qIrIJoOT1vLR8PWIcHigz2sv9cTJEWJ0s3q2qmh72?= =?us-ascii?Q?28MN/P/xzF57uYYa5/wohOGK44Z5YcCgi+VhYhodFc6dLJWfGUJVBlP0tUn+?= =?us-ascii?Q?+7Q8+O+tPfPezNoo2t3Qlf35/nXZ6PQmdlfeLbaezcQSm9QmmpPc+cB8KxC0?= =?us-ascii?Q?X2SwA3Sp3Zk4WSPW6MRqwACetcJhtjnXAd/wluO7cd6B/CXX1g6BbXuBUUYA?= =?us-ascii?Q?DTZ+bW5qfCuQK3ZUp/Nv66ncAHe/sTsSwLYYcZ6y3MgO+U40J0i82C/bmE5+?= =?us-ascii?Q?90Kkrl4X+0GkfR0oieiNOQSe2ktYuHM2/jpOzvqUQKuIYOhmwEuyJ/lPZ0L0?= =?us-ascii?Q?54XduRIIFnUBxOcXhl/M9diUUt9SaUEsxKnZDI3gvfKMv0rN/UN+zSrOxNUg?= =?us-ascii?Q?psXOavxIXEWFQgavXdM4DVP+t26p0Idjgkqv04/9/y1Rs5djD85xR06SBZtL?= =?us-ascii?Q?Y4LyxoRgDPME7+vmN9ruBdNUXCVVpgQRiKOetT/vUANNie7lomDzQKmRuRNR?= =?us-ascii?Q?xeiby+QXv18jbanSx2vzeo0yABnJ3snWN6iqmo44ppOkQgmoj6Tbmrx3V4xG?= =?us-ascii?Q?mH+AtfDyT3buCeDbvvow/kQd8Hl0cWlQQnWUFdJOqELqFGH38OYi6iNvG7iz?= =?us-ascii?Q?+t0Nu87WrxzGz/xDzmpu744HeYRteRLm0gnWP7QtHMGa448yN/SjoGIQxTQz?= =?us-ascii?Q?MR+T5S+O4Fyyu3ExNnwnESPVG9dRheG8bIVeF8s/f6oWyvUlNXhpkxZLhmNe?= =?us-ascii?Q?5Sf5pnmUkLOMusV0rqP6NFIzyHpB2X71odDy2N979lL8kdKqkobXXeVKpnYC?= =?us-ascii?Q?fm0JtduZsysnRErF4CoBzI3d2zU7AGWHFEv5CNE68oyS8QXN6QHbh7yb5m5a?= =?us-ascii?Q?sjptcKUuLfAfKCeMiAtKlhD4c4/M4r8FXkanGb/N/aTtmLQ45eU45/vsecvm?= =?us-ascii?Q?slQlRIuI2l/C1BWNvwOFZx7UeOW/p+Bd+1f96ZfOCrLLDZld1fOiOiTYh9uY?= =?us-ascii?Q?dzXzWyoEH9EOtz9/SjJ0DajN4Bv0VIcZRCeATujtciB+7paLx/Zrr/kTZW4w?= =?us-ascii?Q?V5i6IZ3+vvtd6nK8gocfw0W9nn6849aBVAMzZB5j?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: c726466d-0e9a-4288-8ba8-08de1b096f82 X-MS-Exchange-CrossTenant-AuthSource: SJ0PR12MB6855.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Nov 2025 18:47:27.3758 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: M5Qoz9u8ICVKZOyW49gCNM+HV3XvUj7N1k/gC/x99toGZUgCfMcuKNPJSGYBSrEofkmszLISJ7etFv3TAPucBg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BL3PR12MB6643 Message-ID-Hash: O3ZXSBDEZLSWBHGF3UJTVCETBELY5WIQ X-Message-ID-Hash: O3ZXSBDEZLSWBHGF3UJTVCETBELY5WIQ X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1762195891686158500 Content-Type: text/plain; charset="utf-8" Open iommufd FDs from libvirt backend without exposing these FDs to XML users, i.e. one per domain for /dev/iommu and one per iommufd hostdev for /dev/vfio/devices/vfioX, and pass the FD to qemu command line. Signed-off-by: Nathan Chen --- src/qemu/qemu_command.c | 43 +++++++- src/qemu/qemu_command.h | 3 +- src/qemu/qemu_domain.c | 8 ++ src/qemu/qemu_domain.h | 7 ++ src/qemu/qemu_hotplug.c | 2 +- src/qemu/qemu_process.c | 232 ++++++++++++++++++++++++++++++++++++++++ 6 files changed, 289 insertions(+), 6 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 8fd7527645..740a6970f2 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -4730,7 +4730,8 @@ qemuBuildVideoCommandLine(virCommand *cmd, =20 virJSONValue * qemuBuildPCIHostdevDevProps(const virDomainDef *def, - virDomainHostdevDef *dev) + virDomainHostdevDef *dev, + virDomainObj *vm) { g_autoptr(virJSONValue) props =3D NULL; virDomainHostdevSubsysPCI *pcisrc =3D &dev->source.subsys.u.pci; @@ -4741,6 +4742,13 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, const char *iommufdId =3D NULL; /* 'ramfb' property must be omitted unless it's to be enabled */ bool ramfb =3D pcisrc->ramfb =3D=3D VIR_TRISTATE_SWITCH_ON; + bool useIommufd =3D false; + qemuDomainObjPrivate *priv =3D vm ? vm->privateData : NULL; + + if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_VFIO= && + pcisrc->driver.iommufd) { + useIommufd =3D true; + } =20 /* caller has to assign proper passthrough driver name */ switch (pcisrc->driver.name) { @@ -4787,6 +4795,18 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, NULL) < 0) return NULL; =20 + if (useIommufd && priv) { + g_autofree char *vfioFdName =3D g_strdup_printf("vfio-%04x:%02x:%0= 2x.%d", + pcisrc->addr.domain,= pcisrc->addr.bus, + pcisrc->addr.slot, p= cisrc->addr.function); + + int vfiofd =3D GPOINTER_TO_INT(g_hash_table_lookup(priv->vfioDevic= eFds, vfioFdName)); + if (virJSONValueObjectAdd(&props, + "S:fd", g_strdup_printf("%d", vfiofd), + NULL) < 0) + return NULL; + } + if (qemuBuildDeviceAddressProps(props, def, dev->info) < 0) return NULL; =20 @@ -5197,12 +5217,14 @@ qemuBuildAcpiNodesetProps(virCommand *cmd, static int qemuBuildHostdevCommandLine(virCommand *cmd, const virDomainDef *def, - virQEMUCaps *qemuCaps) + virQEMUCaps *qemuCaps, + virDomainObj *vm) { size_t i; g_autoptr(virJSONValue) props =3D NULL; int iommufd =3D 0; const char * iommufdId =3D "iommufd0"; + qemuDomainObjPrivate *priv =3D vm->privateData; =20 for (i =3D 0; i < def->nhostdevs; i++) { virDomainHostdevDef *hostdev =3D def->hostdevs[i]; @@ -5233,8 +5255,10 @@ qemuBuildHostdevCommandLine(virCommand *cmd, =20 if (subsys->u.pci.driver.iommufd && iommufd =3D=3D 0) { iommufd =3D 1; + virCommandPassFD(cmd, priv->iommufd, VIR_COMMAND_PASS_FD_C= LOSE_PARENT); if (qemuMonitorCreateObjectProps(&props, "iommufd", iommufdId, + "S:fd", g_strdup_printf("= %d", priv->iommufd), NULL) < 0) return -1; =20 @@ -5245,7 +5269,18 @@ qemuBuildHostdevCommandLine(virCommand *cmd, if (qemuCommandAddExtDevice(cmd, hostdev->info, def, qemuCaps)= < 0) return -1; =20 - if (!(devprops =3D qemuBuildPCIHostdevDevProps(def, hostdev))) + if (subsys->u.pci.driver.iommufd) { + virDomainHostdevSubsysPCI *pcisrc =3D &hostdev->source.sub= sys.u.pci; + g_autofree char *vfioFdName =3D g_strdup_printf("vfio-%04x= :%02x:%02x.%d", + pcisrc->addr= .domain, pcisrc->addr.bus, + pcisrc->addr= .slot, pcisrc->addr.function); + + int vfiofd =3D GPOINTER_TO_INT(g_hash_table_lookup(priv->v= fioDeviceFds, vfioFdName)); + + virCommandPassFD(cmd, vfiofd, VIR_COMMAND_PASS_FD_CLOSE_PA= RENT); + } + + if (!(devprops =3D qemuBuildPCIHostdevDevProps(def, hostdev, v= m))) return -1; =20 if (qemuBuildDeviceCommandlineFromJSON(cmd, devprops, def, qem= uCaps) < 0) @@ -10893,7 +10928,7 @@ qemuBuildCommandLine(virDomainObj *vm, if (qemuBuildRedirdevCommandLine(cmd, def, qemuCaps) < 0) return NULL; =20 - if (qemuBuildHostdevCommandLine(cmd, def, qemuCaps) < 0) + if (qemuBuildHostdevCommandLine(cmd, def, qemuCaps, vm) < 0) return NULL; =20 if (migrateURI) diff --git a/src/qemu/qemu_command.h b/src/qemu/qemu_command.h index ad068f1f16..380aac261f 100644 --- a/src/qemu/qemu_command.h +++ b/src/qemu/qemu_command.h @@ -180,7 +180,8 @@ qemuBuildThreadContextProps(virJSONValue **tcProps, /* Current, best practice */ virJSONValue * qemuBuildPCIHostdevDevProps(const virDomainDef *def, - virDomainHostdevDef *dev); + virDomainHostdevDef *dev, + virDomainObj *vm); =20 virJSONValue * qemuBuildRNGDevProps(const virDomainDef *def, diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index a42721efad..86640aa3e3 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1953,6 +1953,11 @@ qemuDomainObjPrivateFree(void *data) =20 virChrdevFree(priv->devs); =20 + if (priv->iommufd >=3D 0) { + virEventRemoveHandle(priv->iommufd); + priv->iommufd =3D -1; + } + if (priv->pidMonitored >=3D 0) { virEventRemoveHandle(priv->pidMonitored); priv->pidMonitored =3D -1; @@ -1974,6 +1979,7 @@ qemuDomainObjPrivateFree(void *data) =20 g_clear_pointer(&priv->blockjobs, g_hash_table_unref); g_clear_pointer(&priv->fds, g_hash_table_unref); + g_clear_pointer(&priv->vfioDeviceFds, g_hash_table_unref); =20 /* This should never be non-NULL if we get here, but just in case... */ if (priv->eventThread) { @@ -2002,7 +2008,9 @@ qemuDomainObjPrivateAlloc(void *opaque) =20 priv->blockjobs =3D virHashNew(virObjectUnref); priv->fds =3D virHashNew(g_object_unref); + priv->vfioDeviceFds =3D g_hash_table_new(g_str_hash, g_str_equal); =20 + priv->iommufd =3D -1; priv->pidMonitored =3D -1; =20 /* agent commands block by default, user can choose different behavior= */ diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index 3396f929fd..d6214df783 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -264,6 +264,10 @@ struct _qemuDomainObjPrivate { /* named file descriptor groups associated with the VM */ GHashTable *fds; =20 + int iommufd; + + GHashTable *vfioDeviceFds; + char *memoryBackingDir; }; =20 @@ -1174,3 +1178,6 @@ qemuDomainCheckCPU(virArch arch, bool qemuDomainMachineSupportsFloppy(const char *machine, virQEMUCaps *qemuCaps); + +int qemuProcessOpenVfioFds(virDomainObj *vm); +void qemuProcessCloseVfioFds(virDomainObj *vm); diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c index fb426deb1a..661e9008f7 100644 --- a/src/qemu/qemu_hotplug.c +++ b/src/qemu/qemu_hotplug.c @@ -1630,7 +1630,7 @@ qemuDomainAttachHostPCIDevice(virQEMUDriver *driver, goto error; } =20 - if (!(devprops =3D qemuBuildPCIHostdevDevProps(vm->def, hostdev))) + if (!(devprops =3D qemuBuildPCIHostdevDevProps(vm->def, hostdev, vm))) goto error; =20 qemuDomainObjEnterMonitor(vm); diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 45fc32a663..cecfed94a7 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -25,6 +25,7 @@ #include #include #include +#include #if WITH_SYS_SYSCALL_H # include #endif @@ -8091,6 +8092,9 @@ qemuProcessLaunch(virConnectPtr conn, if (qemuExtDevicesStart(driver, vm, incomingMigrationExtDevices) < 0) goto cleanup; =20 + if (qemuProcessOpenVfioFds(vm) < 0) + goto cleanup; + if (!(cmd =3D qemuBuildCommandLine(vm, incoming ? "defer" : NULL, vmop, @@ -10267,3 +10271,231 @@ qemuProcessHandleNbdkitExit(qemuNbdkitProcess *nb= dkit, qemuProcessEventSubmit(vm, QEMU_PROCESS_EVENT_NBDKIT_EXITED, 0, 0, nbd= kit); virObjectUnlock(vm); } + +/** + * qemuProcessOpenIommuFd: + * @vm: domain object + * @iommuFd: returned file descriptor + * + * Opens /dev/iommu file descriptor for the VM. + * + * Returns: 0 on success, -1 on failure + */ +static int +qemuProcessOpenIommuFd(virDomainObj *vm, int *iommuFd) +{ + int fd =3D -1; + + VIR_DEBUG("Opening IOMMU FD for domain %s", vm->def->name); + + if ((fd =3D open("/dev/iommu", O_RDWR | O_CLOEXEC)) < 0) { + if (errno =3D=3D ENOENT) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("IOMMU FD support requires /dev/iommu device"= )); + } else { + virReportSystemError(errno, "%s", + _("cannot open /dev/iommu")); + } + return -1; + } + + *iommuFd =3D fd; + VIR_DEBUG("Opened IOMMU FD %d for domain %s", fd, vm->def->name); + return 0; +} + +/** + * qemuProcessGetVfioDevicePath: + * @hostdev: host device definition + * @vfioPath: returned VFIO device path + * + * Constructs the VFIO device path for a PCI hostdev. + * + * Returns: 0 on success, -1 on failure + */ +static int +qemuProcessGetVfioDevicePath(virDomainHostdevDef *hostdev, + char **vfioPath) +{ + virPCIDeviceAddress *addr; + g_autofree char *sysfsPath =3D NULL; + DIR *dir =3D NULL; + struct dirent *entry =3D NULL; + int ret =3D -1; + + if (hostdev->mode !=3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS || + hostdev->source.subsys.type !=3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PC= I) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("VFIO FD only supported for PCI hostdevs")); + return -1; + } + + addr =3D &hostdev->source.subsys.u.pci.addr; + + /* Build sysfs path: /sys/bus/pci/devices/DDDD:BB:DD.F/vfio-dev/ */ + sysfsPath =3D g_strdup_printf("/sys/bus/pci/devices/" + "%04x:%02x:%02x.%d/vfio-dev/", + addr->domain, addr->bus, + addr->slot, addr->function); + + if (virDirOpen(&dir, sysfsPath) < 0) { + virReportSystemError(errno, + _("cannot open VFIO sysfs directory %1$s"), + sysfsPath); + return -1; + } + + /* Find the vfio device name in the directory */ + while (virDirRead(dir, &entry, sysfsPath) > 0) { + if (STRPREFIX(entry->d_name, "vfio")) { + *vfioPath =3D g_strdup_printf("/dev/vfio/devices/%s", entry->d= _name); + ret =3D 0; + break; + } + } + + if (ret < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot find VFIO device for PCI device %1$04x:%2= $02x:%3$02x.%4$d"), + addr->domain, addr->bus, addr->slot, addr->function= ); + } + + virDirClose(dir); + return ret; +} + +/** + * qemuProcessOpenVfioDeviceFd: + * @hostdev: host device definition + * @vfioFd: returned file descriptor + * + * Opens the VFIO device file descriptor for a hostdev. + * + * Returns: 0 on success, -1 on failure + */ +static int +qemuProcessOpenVfioDeviceFd(virDomainHostdevDef *hostdev, + int *vfioFd) +{ + g_autofree char *vfioPath =3D NULL; + int fd =3D -1; + + if (qemuProcessGetVfioDevicePath(hostdev, &vfioPath) < 0) + return -1; + + VIR_DEBUG("Opening VFIO device %s", vfioPath); + + if ((fd =3D open(vfioPath, O_RDWR | O_CLOEXEC)) < 0) { + if (errno =3D=3D ENOENT) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("VFIO device %1$s not found - ensure device i= s bound to vfio-pci driver"), + vfioPath); + } else { + virReportSystemError(errno, + _("cannot open VFIO device %1$s"), vfioPa= th); + } + return -1; + } + + *vfioFd =3D fd; + VIR_DEBUG("Opened VFIO device FD %d for %s", *vfioFd, vfioPath); + return 0; +} + +/** + * qemuProcessOpenVfioFds: + * @vm: domain object + * + * Opens all necessary VFIO file descriptors for the domain. + * + * Returns: 0 on success, -1 on failure + */ +int +qemuProcessOpenVfioFds(virDomainObj *vm) +{ + qemuDomainObjPrivate *priv =3D vm->privateData; + bool needsIommuFd =3D false; + size_t i; + + /* Check if we have any hostdevs that need VFIO FDs */ + for (i =3D 0; i < vm->def->nhostdevs; i++) { + virDomainHostdevDef *hostdev =3D vm->def->hostdevs[i]; + int vfioFd =3D -1; + g_autofree char *fdname =3D NULL; + + if (hostdev->mode =3D=3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS && + hostdev->source.subsys.type =3D=3D VIR_DOMAIN_HOSTDEV_SUBSYS_T= YPE_PCI) { + + /* Check if this hostdev uses VFIO with IOMMU FD */ + if (hostdev->source.subsys.u.pci.driver.name =3D=3D VIR_DEVICE= _HOSTDEV_PCI_DRIVER_NAME_VFIO && + hostdev->source.subsys.u.pci.driver.iommufd) { + + needsIommuFd =3D true; + + /* Open VFIO device FD */ + if (qemuProcessOpenVfioDeviceFd(hostdev, &vfioFd) < 0) + goto error; + + /* Store the FD */ + fdname =3D g_strdup_printf("vfio-%04x:%02x:%02x.%d", + hostdev->source.subsys.u.pci.addr= .domain, + hostdev->source.subsys.u.pci.addr= .bus, + hostdev->source.subsys.u.pci.addr= .slot, + hostdev->source.subsys.u.pci.addr= .function); + + g_hash_table_insert(priv->vfioDeviceFds, g_steal_pointer(&= fdname), GINT_TO_POINTER(vfioFd)); + + VIR_DEBUG("Stored VFIO FD for device %s", fdname); + } + } + } + + /* Open IOMMU FD if needed */ + if (needsIommuFd) { + int iommuFd =3D -1; + + if (qemuProcessOpenIommuFd(vm, &iommuFd) < 0) + goto error; + + priv->iommufd =3D iommuFd; + + VIR_DEBUG("Stored IOMMU FD"); + } + + return 0; + + error: + qemuProcessCloseVfioFds(vm); + return -1; +} + +/** + * qemuProcessCloseVfioFds: + * @vm: domain object + * + * Closes all VFIO file descriptors for the domain. + */ +void +qemuProcessCloseVfioFds(virDomainObj *vm) +{ + qemuDomainObjPrivate *priv =3D vm->privateData; + GHashTableIter iter; + gpointer key, value; + + /* Close all VFIO device FDs */ + if (priv->vfioDeviceFds) { + g_hash_table_iter_init(&iter, priv->vfioDeviceFds); + while (g_hash_table_iter_next(&iter, &key, &value)) { + int fd =3D GPOINTER_TO_INT(value); + VIR_DEBUG("Closing VFIO device FD %d for %s", fd, (char*)key); + VIR_FORCE_CLOSE(fd); + } + g_hash_table_remove_all(priv->vfioDeviceFds); + } + + /* Close IOMMU FD */ + if (priv->iommufd >=3D 0) { + VIR_DEBUG("Closing IOMMU FD %d", priv->iommufd); + VIR_FORCE_CLOSE(priv->iommufd); + } +} --=20 2.43.0 From nobody Fri Nov 21 10:01:19 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1762196022349336.66730840687444; Mon, 3 Nov 2025 10:53:42 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 4EFC8440DF; Mon, 3 Nov 2025 13:53:41 -0500 (EST) Received: from [172.19.199.29] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 36B2A44235; Mon, 3 Nov 2025 13:48:17 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id BDF08440C8; Mon, 3 Nov 2025 13:48:05 -0500 (EST) Received: from MW6PR02CU001.outbound.protection.outlook.com (mail-westus2azon11012022.outbound.protection.outlook.com [52.101.48.22]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 8137C4412A for ; Mon, 3 Nov 2025 13:47:34 -0500 (EST) Received: from SJ0PR12MB6855.namprd12.prod.outlook.com (2603:10b6:a03:47e::6) by MN2PR12MB4205.namprd12.prod.outlook.com (2603:10b6:208:198::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9275.16; Mon, 3 Nov 2025 18:47:29 +0000 Received: from SJ0PR12MB6855.namprd12.prod.outlook.com ([fe80::1924:8e6f:c8f3:83c2]) by SJ0PR12MB6855.namprd12.prod.outlook.com ([fe80::1924:8e6f:c8f3:83c2%3]) with mapi id 15.20.9275.015; Mon, 3 Nov 2025 18:47:29 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=f7GkfI9ypUxKE0JbUlUi0QkNApylrM8s2mVfFv1xFNsd2hIs5zgWDQ3/at/dSz5sK4xBK5BMLWglmFsitIin1/4070uRzjlbw7m20ou5JSBV3gu45oUFIDmXYjFK25GOzT1z65BxaMDi8WGp7NVxy7fzBLgvBGPTbLR828YHEW2UFwk8MWlLwpGgl8pGQNjiePp87KL1kPaPwESY8iUf5Z6Qa8/C/mOzGd7V4zLt3cUNC5yj1WG25LvXeiOrVNa1PxanpH76HdOGpe+nYnxGHsr6sVCcjMAXNDB8tZU8JrpG0lDVaaZFOjccCLQQWOeTOjkEzV2Ibts1/GdZjESNaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=iWVnOzZmrgqYuf2vcWNaZsG0rLf8F6A3we4UwJ4UX3M=; b=UEkNDoCukBnmykC2tGACx6JfUu35Gh5j9IlnkJ8K10zGiNfIHKa3OyQMzm68/yythzd6f4JrujrOVXJ5mT9itE3qL/xkbBH2iKQLR3s+Ilg7QlKBecOflzHEZ5Z6TZNZA1e9pJMEswafD8t4mARgnX3lx+xRSSm6N5KBO4i2qiNAzUeGLgsh6uNr1v5UcJOp3K7BFiUOYIx2f9zMeFmMAhVd93bAmAw1TiPko6IU5mddPzv/WEjqACZ7Xv3bwTNsWkKWhqrkh2TcgTtxbVoue2iZwszsgppVT9P4FHg94y33xkYSj8x4F+aIWbjiJ3vpfZxIpxcXw8aomfLXmfrEuA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=iWVnOzZmrgqYuf2vcWNaZsG0rLf8F6A3we4UwJ4UX3M=; b=ccvjeEekM34sA3iNo/dP+GVENOm5NPOt0Zh1vJ3ts6uB0XNpHp8utjStk6Vt8r2msQ+9HoWDwOYlGigPB/lC9YFZ5Lq69rJFRvE+RMYbwU4Z5brkiySbEcOOyMZKm0dcVQbEawAOWCewnEnmGebhJ1X7a1iqwyAtWIhlHhFyLlxie19t6d69fAfxRw660sRZ+kDMFWG+OFUb6sXK4RV2qlGlf5C0cgerV2yVKVyHUC2uux+nxnk+BHwE3ZM7EOzSUoJ/qeXLk0ExsG7Zdp38AGrlZIz/zrPuv0Awt+tI52FLRwlMg9OlllAMffnaHJzlqzp/GfzopeMjuget8OAtdQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH 3/4] qemu: Update Cgroup, namespace, and seclabel for qemu to access iommufd paths Date: Mon, 3 Nov 2025 10:47:10 -0800 Message-ID: <20251103184711.4022833-4-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251103184711.4022833-1-nathanc@nvidia.com> References: <20251103184711.4022833-1-nathanc@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: PH7P221CA0089.NAMP221.PROD.OUTLOOK.COM (2603:10b6:510:328::7) To SJ0PR12MB6855.namprd12.prod.outlook.com (2603:10b6:a03:47e::6) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ0PR12MB6855:EE_|MN2PR12MB4205:EE_ X-MS-Office365-Filtering-Correlation-Id: 3251c8fc-7d26-4fa0-6406-08de1b0970a6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|366016|376014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?fbPq6vsf4wyls6yhM+csHyEo/BS2s1xWiHBy6DfvuyW8OIVXD5qKX47SkEn1?= =?us-ascii?Q?bJcH5mjnstjbhfbxY9PcQd5b5L5O51Bh4ydl4uRDiP3GDn0PuEraJVVPOABL?= =?us-ascii?Q?G+eMK+TSw6RkUBW5rcc8sZsW1f7VhN7lduN0G9KEMtGhxglAgzZM3LCQtOTE?= =?us-ascii?Q?mmbkUEgzTCpx02oKnknsnXdJPbAO2izMj7CbHvk6Tz9TFCIDD+oIbOidPenU?= =?us-ascii?Q?qyLVagke7oK55w78B86pAnSijo2qz/pJQJY2TeJKdMIKgLeuwxrqiYOcjEgq?= =?us-ascii?Q?7SPCaIcr/Fcg5MHYQf8tYtDAWylY2LG1syT+7++GUw2qLy0OBxWraRT8B7rg?= =?us-ascii?Q?pvtEDWOe5IZKXrp/YbScn5sY2qVq7xrUrR0xtB4vIQRq+Iat4z6wbZjoj2gG?= =?us-ascii?Q?/sF4DIuCUdEvw02nh6l1v2Oo7Q5LiDdQz0b+g1XWFYc5/jftbX8wXRZUpwqC?= =?us-ascii?Q?ViZatOmsA8oWy4eiRNLXgiZIYidd9Thor/USBkVicaWI5dg/U/K+ZyGSgE4n?= =?us-ascii?Q?Am3mFpwWxTjbpOIAhrwG5RDZcwNZs7ZhLHW30Xrz7KnFTZeWwCw1BfFu7rUp?= =?us-ascii?Q?F9jflQKJA7ZQHFyzY1WytzVBxFxPekmoB5wiPVobObQqt4iJcxMzjyU10nZK?= =?us-ascii?Q?qQkruTnIteveALF4n1pUsyytqTY6Ffgxr8oQ5DFAoN0DlsIMTWLQ5NffWI5k?= =?us-ascii?Q?Y9iPT0BzNeK+MBhAd7D1njw25jsygScTo1GhwPufJAAWiDFphjZxvgj/AB0G?= =?us-ascii?Q?VhRAdhqXSn0ZRTl8jlc817QxYqNE2iRqgcpuNXPNvOh8gKmCSeRrKt9H+i4a?= =?us-ascii?Q?AFQBymC8yx0cQ7r7GluFk6Q/54V4jdJJHa46Iu06vF3b8AVQKmc4evxBrFwy?= =?us-ascii?Q?5m1O3eKSMO88k+1Dnmt3chbyuV28r+uuZATyfZdPZtV8k8zubbE3nApB/cvX?= =?us-ascii?Q?CHC36rrVfYZnkRTGbaIUp8JZvTTnUpVWhfXcrSEk3hae/7gR78ojrL7p3CnU?= =?us-ascii?Q?e2JHdvfwHbFWPgCE+jnUcR040rEnICPbK5UYEtl0/mkit8e0iUW6P4RD4Nb8?= =?us-ascii?Q?pNmnYKGijhw/AUIMCT2IbqChQkcoeS8cZNWGm+HZdbDA0IZFpyKKdGfmHfeV?= =?us-ascii?Q?i/RlZpfK9RTaMVIeE/lAC3jqgIG1mBq7huTO7br+F1rOquaoApA2VxNStwi2?= =?us-ascii?Q?68YyxcTiE2MCu/YqxDVfyFazHMC13aI0dsThRLgOQ2WMAAJDl/6bouI+uJCP?= =?us-ascii?Q?zxbnWBaaFDNEYhO0F5NS5UCo/RexILsF4omHvP2xiEBV58cNqZKw80AHitty?= =?us-ascii?Q?c051SyDA2IG91pOugMUPwzc7ZLTBvodkSKkZ7/wRnh2/AGSZprSMGqZLOZ8P?= =?us-ascii?Q?7uqVzNLmPXrCQCz5d1G0Oa9wo13gzbGYBrsszhnMltb1dtCSFzfQTrhrG5Uk?= =?us-ascii?Q?BE8hFs5FyGrEwsiPsjmmU+/NocoY/CMF?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SJ0PR12MB6855.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?stP8bU+no09vwO9uUzLPSSgIJrlIcrznOYlwiEmaeR6tX4RKNof0tkFEa6f9?= =?us-ascii?Q?DNnqKFi1V0k6ixOo7YJm4HOIj96tHvKlN1AfF45iE3/SVNDK1lVLOqNNqX6p?= =?us-ascii?Q?Kz22939qvLhpbmffVWqXY+/3wUe5OnzgXdFIi/JFf04ohIpuRENLZa+Jt2KB?= =?us-ascii?Q?5OShr9+jRNhpjsWIICJMED8ltOUc2c4l3Ts+CP6H/xW6dOGETB5od3Hk/zVA?= =?us-ascii?Q?maUoBaMWCUjLkOXlWYX+k/mjNvVks40IS6SVfJyFIVBwz7g6+P7GZdk9+mrJ?= =?us-ascii?Q?/20KiiAw1bXJTlb9VAnvWtPE6ZUfgUBgc7xqLXhOURE4fSpzSTB6dzz9jpHJ?= =?us-ascii?Q?D+WCigkIL/zfje7lqbLqnh0jR5EY3gHs8Xcsv6BWXuIN37Eii10CMKP6WATC?= =?us-ascii?Q?HBndBXFsPxwFqD19sPfIT6EcZ2X8J2eEb6szdVWgc6q5w3eOImHMFT2KfKkv?= =?us-ascii?Q?L2vDu/Zc0NTNUgCYqJgau02Oy7XwyP5ktsfQvLmmUsp42xaGo6ueyQxUzI7d?= =?us-ascii?Q?Urcnrqo4ygtAw9Xtj7p8SU0sw1TzewXU1OJbN4Z2TIULe1OTkznPHfp4iWBT?= =?us-ascii?Q?0a8A5Uxc9890xNw0GHLF9gNgvNZSgtjWMOCrIQlg5YJF77Rn70N9xjQLBTrz?= =?us-ascii?Q?d2jgZtwDnpT9+nkS7cB27ZitLFPPiyYTikBWwicfDNUdDJUzUrGYSm3zvkbC?= =?us-ascii?Q?qNUL4LP36fZ5peh3iLyDD4Fk2jAaT7vbu8eAXN2LZZO25TT4AMUqr8Vb/4lr?= =?us-ascii?Q?kk4uZllAzSlwjEQpo2NvQZGFQjMLKJSEdsAEHfWNDLibVLc6ADj2Ct4eHFmg?= =?us-ascii?Q?JgCyrzeAtUfFnwuvHgISo/wkPUHsduEyTyL9STZIHfnjMc9NqG1HyT3O9WHV?= =?us-ascii?Q?Df9xgUbxKcgQigbh+uun4DQOpGEMqwvrnFuRYg/pYWWqA52JvCc2tlNXJorY?= =?us-ascii?Q?Okp+D3S2nidykrNAr6GGV0LIsZjzdg9ex1ye/R8QECosP1olja6Uc6Ty7D3L?= =?us-ascii?Q?K94rr41VaCKV99pbTk4jx/z5BLRB8isUDTwP69Xk5ssCIXMkXl8MEVkaTQfI?= =?us-ascii?Q?A4J6WvtT2ldvc+RQps6ydkSpGWtzfDomFrkPmnfeqls2wE4TuH0q1twmfn1Q?= =?us-ascii?Q?YD0sxgQwX4YVt2V2mJ9MvLYFG9V25ErfInA9RVcQjldMEP4ylR90A2EN3HYF?= =?us-ascii?Q?+H91SSAZXdGrGsi4gfHrXy9X27SrhYhEKOQmYUZLDjXqZLTE+PvAmBARgOlm?= =?us-ascii?Q?mI81BAlNfq4z6p7GhG97phuqTu88/I6agNGLJjRISHxJCveQZJhDNOS9aX/c?= =?us-ascii?Q?GO9HS9MgnaOZ4mfaddLuJKlCKIJtSIVJcCPA4igB3nlL+/Uu4o3K13W9hmTy?= =?us-ascii?Q?HnWsvuPVpNrMdXJ3QyQNsxVqN13UiXZmnSn9EKW6+vkt3D+unWgZStvZAjn+?= =?us-ascii?Q?CmYEd+fMvACsv0SMJJtw+jyR6q7L0dkDnt1KzsOR339jSMGvYX0w522qM/mK?= =?us-ascii?Q?Gf8MN9iHnITj75n0u9E7HqtD9z/mI6oTmMmDdRNJ39Cmn0gfX7mIykAEooVi?= =?us-ascii?Q?TU+fhAGlNl0IhPNk2oMnWTgBekrvue9BIxgK941O?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3251c8fc-7d26-4fa0-6406-08de1b0970a6 X-MS-Exchange-CrossTenant-AuthSource: SJ0PR12MB6855.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Nov 2025 18:47:29.3823 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: IJUtyyKT6uAaAcpJp+Vzqa4Eoji7euTSNClfwjNjWF+hIg3fKf+xKEvroat/ciSmYa27mmIyROFETL+cxHV5WQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4205 Message-ID-Hash: 7WPWN3N4QKJ7WCFYMSYHA7AKDRGXFDJD X-Message-ID-Hash: 7WPWN3N4QKJ7WCFYMSYHA7AKDRGXFDJD X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1762196026269158500 Content-Type: text/plain; charset="utf-8" Allow access to /dev/iommu and /dev/vfio/devices/vfio* when launching a qemu VM with iommufd feature enabled. Signed-off-by: Nathan Chen --- src/qemu/qemu_cgroup.c | 61 ++++++++++++++++++++++++++++ src/qemu/qemu_cgroup.h | 1 + src/qemu/qemu_namespace.c | 44 +++++++++++++++++++++ src/security/security_apparmor.c | 15 +++++++ src/security/security_dac.c | 34 ++++++++++++++++ src/security/security_selinux.c | 34 ++++++++++++++++ src/security/virt-aa-helper.c | 11 +++++- src/util/virpci.c | 68 ++++++++++++++++++++++++++++++++ src/util/virpci.h | 1 + 9 files changed, 268 insertions(+), 1 deletion(-) diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index 46a7dc1d8b..e15ffd2007 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -461,6 +461,54 @@ qemuTeardownInputCgroup(virDomainObj *vm, } =20 =20 +int +qemuSetupIommufdCgroup(virDomainObj *vm) +{ + qemuDomainObjPrivate *priv =3D vm->privateData; + g_autoptr(DIR) dir =3D NULL; + struct dirent *dent; + g_autofree char *path =3D NULL; + int iommufd =3D 0; + size_t i; + + for (i =3D 0; i < vm->def->nhostdevs; i++) { + if (vm->def->hostdevs[i]->source.subsys.u.pci.driver.iommufd) { + iommufd =3D 1; + break; + } + } + + if (iommufd =3D=3D 1) { + if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DE= VICES)) + return 0; + if (virDirOpen(&dir, "/dev/vfio/devices") < 0) { + if (errno =3D=3D ENOENT) + return 0; + return -1; + } + while (virDirRead(dir, &dent, "/dev/vfio/devices") > 0) { + if (STRPREFIX(dent->d_name, "vfio")) { + path =3D g_strdup_printf("/dev/vfio/devices/%s", dent->d_n= ame); + } + if (path && + qemuCgroupAllowDevicePath(vm, path, + VIR_CGROUP_DEVICE_RW, false) < 0= ) { + return -1; + } + path =3D NULL; + } + if (virFileExists("/dev/iommu")) + path =3D g_strdup("/dev/iommu"); + if (path && + qemuCgroupAllowDevicePath(vm, path, + VIR_CGROUP_DEVICE_RW, false) < 0) { + return -1; + } + } + return 0; +} + + /** * qemuSetupHostdevCgroup: * vm: domain object @@ -759,6 +807,7 @@ qemuSetupDevicesCgroup(virDomainObj *vm) g_autoptr(virQEMUDriverConfig) cfg =3D virQEMUDriverGetConfig(priv->dr= iver); const char *const *deviceACL =3D (const char *const *) cfg->cgroupDevi= ceACL; int rv =3D -1; + int iommufd =3D 0; size_t i; =20 if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DEVICE= S)) @@ -836,6 +885,18 @@ qemuSetupDevicesCgroup(virDomainObj *vm) return -1; } =20 + for (i =3D 0; i < vm->def->nhostdevs; i++) { + if (vm->def->hostdevs[i]->source.subsys.u.pci.driver.iommufd) { + iommufd =3D 1; + break; + } + } + + if (iommufd =3D=3D 1) { + if (qemuSetupIommufdCgroup(vm) < 0) + return -1; + } + for (i =3D 0; i < vm->def->nmems; i++) { if (qemuSetupMemoryDevicesCgroup(vm, vm->def->mems[i]) < 0) return -1; diff --git a/src/qemu/qemu_cgroup.h b/src/qemu/qemu_cgroup.h index 3668034cde..bea677ba3c 100644 --- a/src/qemu/qemu_cgroup.h +++ b/src/qemu/qemu_cgroup.h @@ -42,6 +42,7 @@ int qemuSetupHostdevCgroup(virDomainObj *vm, int qemuTeardownHostdevCgroup(virDomainObj *vm, virDomainHostdevDef *dev) G_GNUC_WARN_UNUSED_RESULT; +int qemuSetupIommufdCgroup(virDomainObj *vm); int qemuSetupMemoryDevicesCgroup(virDomainObj *vm, virDomainMemoryDef *mem); int qemuTeardownMemoryDevicesCgroup(virDomainObj *vm, diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c index 932777505b..80496f2f0f 100644 --- a/src/qemu/qemu_namespace.c +++ b/src/qemu/qemu_namespace.c @@ -683,6 +683,47 @@ qemuDomainSetupLaunchSecurity(virDomainObj *vm, } =20 =20 +static int +qemuDomainSetupIommufd(virDomainObj *vm, + GSList **paths) +{ + g_autoptr(DIR) dir =3D NULL; + struct dirent *dent; + g_autofree char *path =3D NULL; + int iommufd =3D 0; + size_t i; + + for (i =3D 0; i < vm->def->nhostdevs; i++) { + if (vm->def->hostdevs[i]->source.subsys.u.pci.driver.iommufd) { + iommufd =3D 1; + break; + } + } + + /* Check if iommufd is enabled */ + if (iommufd =3D=3D 1) { + if (virDirOpen(&dir, "/dev/vfio/devices") < 0) { + if (errno =3D=3D ENOENT) + return 0; + return -1; + } + while (virDirRead(dir, &dent, "/dev/vfio/devices") > 0) { + if (STRPREFIX(dent->d_name, "vfio")) { + path =3D g_strdup_printf("/dev/vfio/devices/%s", dent->d_n= ame); + *paths =3D g_slist_prepend(*paths, g_steal_pointer(&path)); + } + } + path =3D NULL; + if (virFileExists("/dev/iommu")) + path =3D g_strdup("/dev/iommu"); + if (path) + *paths =3D g_slist_prepend(*paths, g_steal_pointer(&path)); + } + + return 0; +} + + static int qemuNamespaceMknodPaths(virDomainObj *vm, GSList *paths, @@ -706,6 +747,9 @@ qemuDomainBuildNamespace(virQEMUDriverConfig *cfg, if (qemuDomainSetupAllDisks(vm, &paths) < 0) return -1; =20 + if (qemuDomainSetupIommufd(vm, &paths) < 0) + return -1; + if (qemuDomainSetupAllHostdevs(vm, &paths) < 0) return -1; =20 diff --git a/src/security/security_apparmor.c b/src/security/security_appar= mor.c index 68ac39611f..0a878fd205 100644 --- a/src/security/security_apparmor.c +++ b/src/security/security_apparmor.c @@ -856,6 +856,21 @@ AppArmorSetSecurityHostdevLabel(virSecurityManager *mg= r, } ret =3D AppArmorSetSecurityPCILabel(pci, vfioGroupDev, ptr); VIR_FREE(vfioGroupDev); + + if (dev->source.subsys.u.pci.driver.iommufd) { + g_autofree char *vfiofdDev =3D virPCIDeviceGetIOMMUFDDev(p= ci); + const char *iommufdDir =3D "/dev/iommu"; + if (vfiofdDev) { + int ret2 =3D AppArmorSetSecurityPCILabel(pci, vfiofdDe= v, ptr); + if (ret2 < 0) + ret =3D ret2; + ret2 =3D AppArmorSetSecurityPCILabel(pci, iommufdDir, = ptr); + if (ret2 < 0) + ret =3D ret2; + } else { + return -1; + } + } } else { ret =3D virPCIDeviceFileIterate(pci, AppArmorSetSecurityPCILab= el, ptr); } diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 2f788b872a..361106222d 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -1290,6 +1290,24 @@ virSecurityDACSetHostdevLabel(virSecurityManager *mg= r, ret =3D virSecurityDACSetHostdevLabelHelper(vfioGroupDev, false, &cbdata); + if (dev->source.subsys.u.pci.driver.iommufd) { + g_autofree char *vfiofdDev =3D virPCIDeviceGetIOMMUFDDev(p= ci); + const char *iommufdDir =3D "/dev/iommu"; + if (vfiofdDev) { + int ret2 =3D virSecurityDACSetHostdevLabelHelper(vfiof= dDev, + false, + &cbdata= ); + if (ret2 < 0) + ret =3D ret2; + ret2 =3D virSecurityDACSetHostdevLabelHelper(iommufdDi= r, + false, + &cbdata); + if (ret2 < 0) + ret =3D ret2; + } else { + return -1; + } + } } else { ret =3D virPCIDeviceFileIterate(pci, virSecurityDACSetPCILabel, @@ -1450,6 +1468,22 @@ virSecurityDACRestoreHostdevLabel(virSecurityManager= *mgr, =20 ret =3D virSecurityDACRestoreFileLabelInternal(mgr, NULL, vfioGroupDev, fal= se); + if (dev->source.subsys.u.pci.driver.iommufd) { + g_autofree char *vfiofdDev =3D virPCIDeviceGetIOMMUFDDev(p= ci); + const char *iommufdDir =3D "/dev/iommu"; + if (vfiofdDev) { + int ret2 =3D virSecurityDACRestoreFileLabelInternal(mg= r, NULL, + vfio= fdDev, false); + if (ret2 < 0) + ret =3D ret2; + ret2 =3D virSecurityDACRestoreFileLabelInternal(mgr, N= ULL, + iommufdD= ir, false); + if (ret2 < 0) + ret =3D ret2; + } else { + return -1; + } + } } else { ret =3D virPCIDeviceFileIterate(pci, virSecurityDACRestorePCIL= abel, mgr); } diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index fa5d1568eb..fbe8f63ab4 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -2248,6 +2248,25 @@ virSecuritySELinuxSetHostdevSubsysLabel(virSecurityM= anager *mgr, ret =3D virSecuritySELinuxSetHostdevLabelHelper(vfioGroupDev, false, &data); + if (dev->source.subsys.u.pci.driver.iommufd) { + g_autofree char *vfiofdDev =3D virPCIDeviceGetIOMMUFDDev(p= ci); + const char *iommufdDir =3D "/dev/iommu"; + if (vfiofdDev) { + int ret2 =3D virSecuritySELinuxSetHostdevLabelHelper(v= fiofdDev, + fal= se, + &da= ta); + if (ret2 < 0) + ret =3D ret2; + ret2 =3D virSecuritySELinuxSetHostdevLabelHelper(iommu= fdDir, + false, + &data); + if (ret2 < 0) + ret =3D ret2; + } else { + return -1; + } + } + } else { ret =3D virPCIDeviceFileIterate(pci, virSecuritySELinuxSetPCIL= abel, &data); } @@ -2481,6 +2500,21 @@ virSecuritySELinuxRestoreHostdevSubsysLabel(virSecur= ityManager *mgr, return -1; =20 ret =3D virSecuritySELinuxRestoreFileLabel(mgr, vfioGroupDev, = false); + + if (dev->source.subsys.u.pci.driver.iommufd) { + g_autofree char *vfiofdDev =3D virPCIDeviceGetIOMMUFDDev(p= ci); + const char *iommufdDir =3D "/dev/iommu"; + if (vfiofdDev) { + int ret2 =3D virSecuritySELinuxRestoreFileLabel(mgr, v= fiofdDev, false); + if (ret2 < 0) + ret =3D ret2; + ret2 =3D virSecuritySELinuxRestoreFileLabel(mgr, iommu= fdDir, false); + if (ret2 < 0) + ret =3D ret2; + } else { + return -1; + } + } } else { ret =3D virPCIDeviceFileIterate(pci, virSecuritySELinuxRestore= PCILabel, mgr); } diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index de0a826063..c9e6d9c6a9 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -878,7 +878,7 @@ get_files(vahControl * ctl) size_t i; g_autofree char *uuid =3D NULL; char uuidstr[VIR_UUID_STRING_BUFLEN]; - bool needsVfio =3D false, needsvhost =3D false, needsgl =3D false; + bool needsVfio =3D false, needsvhost =3D false, needsgl =3D false, nee= dsIommufd =3D false; =20 /* verify uuid is same as what we were given on the command line */ virUUIDFormat(ctl->def->uuid, uuidstr); @@ -1119,6 +1119,9 @@ get_files(vahControl * ctl) needsVfio =3D true; } =20 + if (dev->source.subsys.u.pci.driver.iommufd) + needsIommufd =3D true; + if (pci =3D=3D NULL) continue; =20 @@ -1348,6 +1351,12 @@ get_files(vahControl * ctl) virBufferAddLit(&buf, " \"/dev/vfio/vfio\" rw,\n"); virBufferAddLit(&buf, " \"/dev/vfio/[0-9]*\" rw,\n"); } + + if (needsIommufd) { + virBufferAddLit(&buf, " \"/dev/iommu\" rwm,\n"); + virBufferAddLit(&buf, " \"/dev/vfio/devices/vfio[0-9]*\" rwm,\n"); + } + if (needsgl) { /* if using gl all sorts of further dri related paths will be need= ed */ virBufferAddLit(&buf, " # DRI/Mesa/(e)GL config and driver paths\= n"); diff --git a/src/util/virpci.c b/src/util/virpci.c index 90617e69c6..6e6e5e47c0 100644 --- a/src/util/virpci.c +++ b/src/util/virpci.c @@ -2478,6 +2478,74 @@ virPCIDeviceGetIOMMUGroupDev(virPCIDevice *dev) return g_strdup_printf("/dev/vfio/%s", groupFile); } =20 +/* virPCIDeviceGetIOMMUFDDev - return the name of the device used + * to control this PCI device's group (e.g. "/dev/vfio/devices/vfio15") + */ +char * +virPCIDeviceGetIOMMUFDDev(virPCIDevice *dev) +{ + g_autofree char *path =3D NULL; + const char *pci_addr =3D NULL; + g_autoptr(DIR) dir =3D NULL; + struct dirent *entry; + char *vfiodev =3D NULL; + + /* Get PCI device address */ + pci_addr =3D virPCIDeviceGetName(dev); + if (!pci_addr) + return NULL; + + /* First try: look in PCI device's vfio-dev subdirectory */ + path =3D g_strdup_printf("/sys/bus/pci/devices/%s/vfio-dev", pci_addr); + + if (virDirOpen(&dir, path) =3D=3D 1) { + while (virDirRead(dir, &entry, path) > 0) { + if (!g_str_has_prefix(entry->d_name, "vfio")) + continue; + + vfiodev =3D g_strdup_printf("/dev/vfio/devices/%s", entry->d_n= ame); + break; + } + /* g_autoptr will automatically close dir when it goes out of scop= e */ + dir =3D NULL; + } + + /* Second try: scan /sys/class/vfio-dev for matching device */ + if (!vfiodev) { + g_free(path); + path =3D g_strdup("/sys/class/vfio-dev"); + + if (virDirOpen(&dir, path) =3D=3D 1) { + while (virDirRead(dir, &entry, path) > 0) { + g_autofree char *dev_link =3D NULL; + g_autofree char *target =3D NULL; + + if (!g_str_has_prefix(entry->d_name, "vfio")) + continue; + + dev_link =3D g_strdup_printf("/sys/class/vfio-dev/%s/devic= e", entry->d_name); + + if (virFileResolveLink(dev_link, &target) < 0) + continue; + + if (strstr(target, pci_addr)) { + vfiodev =3D g_strdup_printf("/dev/vfio/devices/%s", en= try->d_name); + break; + } + } + /* g_autoptr will automatically close dir */ + } + } + + /* Verify the device path exists and is accessible */ + if (vfiodev && !virFileExists(vfiodev)) { + VIR_FREE(vfiodev); + return NULL; + } + + return vfiodev; +} + static int virPCIDeviceDownstreamLacksACS(virPCIDevice *dev) { diff --git a/src/util/virpci.h b/src/util/virpci.h index fc538566e1..996ffab2f9 100644 --- a/src/util/virpci.h +++ b/src/util/virpci.h @@ -203,6 +203,7 @@ int virPCIDeviceAddressGetIOMMUGroupNum(virPCIDeviceAdd= ress *addr); char *virPCIDeviceAddressGetIOMMUGroupDev(const virPCIDeviceAddress *devAd= dr); bool virPCIDeviceExists(const virPCIDeviceAddress *addr); char *virPCIDeviceGetIOMMUGroupDev(virPCIDevice *dev); +char *virPCIDeviceGetIOMMUFDDev(virPCIDevice *dev); =20 int virPCIDeviceIsAssignable(virPCIDevice *dev, int strict_acs_check); --=20 2.43.0 From nobody Fri Nov 21 10:01:19 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1762196188539625.1638687244656; Mon, 3 Nov 2025 10:56:28 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id E039741C24; Mon, 3 Nov 2025 13:56:27 -0500 (EST) Received: from [172.19.199.29] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 9F1D144267; Mon, 3 Nov 2025 13:48:21 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 3D5AB440C7; Mon, 3 Nov 2025 13:48:09 -0500 (EST) Received: from MW6PR02CU001.outbound.protection.outlook.com (mail-westus2azon11012022.outbound.protection.outlook.com [52.101.48.22]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 0EEBA4413F for ; Mon, 3 Nov 2025 13:47:35 -0500 (EST) Received: from SJ0PR12MB6855.namprd12.prod.outlook.com (2603:10b6:a03:47e::6) by MN2PR12MB4205.namprd12.prod.outlook.com (2603:10b6:208:198::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9275.16; Mon, 3 Nov 2025 18:47:32 +0000 Received: from SJ0PR12MB6855.namprd12.prod.outlook.com ([fe80::1924:8e6f:c8f3:83c2]) by SJ0PR12MB6855.namprd12.prod.outlook.com ([fe80::1924:8e6f:c8f3:83c2%3]) with mapi id 15.20.9275.015; Mon, 3 Nov 2025 18:47:31 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=jgSO55yQXvABUyEAeHsIGIYiHDAczs1rNGL0B7lx0QP7OoDlk/MSrZHDijbAnhc+CABXWxGdgmR2M+Nz0tpnDZtpgRapld957iA0NTZLflRRbgiRXYqshfMwdjYiWtNsSToElVf14611dG0WQPH2irAjw9w5MLd9f2yGJm6zbWCnAY8Nb8GFoSDt78Y0r+I2KnW3ROiMwy2mYZn/aLTroH2f3bjh4IHD0q72FappM0a0QUeTtCsyiYlU6htTD/1Xk+uaW4tqVv2eaCcWivSkj+mqodAnSCpAPmQQxrAiQfQ2j/cSraOMFm9vvoZJBocW2vlkXLBd8v6IWZmWEcEBKA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=XyME7kF6AAG9mesyRHZNJb2EkSz/25j1NozJqygpk/M=; b=LTu23FcoWttnwwvb/HwdKKbuw/j7I1rhsczsU05vOfs16rsxQs5UdZq7FRxYwiegpCfV0RS8JZSbLC3iT1m1ZqL6bz7HJwW4xlOFwbLobEcquvg631LM8Zz10sGSWj1pk4FP+OBuFGzGroFzZCGhwZs0R8jM6u6rFLELP2fwp4DqzSvp4sgUwmiDmU805E4RmAj34gv3lF/zC5x8iNvsUP1YQUi69xFoSzI+6pOGDeOdkZFA7BJmKWHOA5yw1v4k7OyhtAAWawktjoIm3SxTMV62hezGv6vIa2N/oIHsUYLwsQU3BiCNTZ+gheynFn2AfUB3mwvrEtAzYjHHVDgCFQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=XyME7kF6AAG9mesyRHZNJb2EkSz/25j1NozJqygpk/M=; b=amaDAkxAde22YXl64nIJ+84C9QbTPbhXmujQzcrQ/3fGtUyp5kF8oLF7tqMbPsSUrd6Hmkc9i/M6H8zFSly3eKRRURilsQ+LKPDegh9kOjbO58SuWfk2EMPGf/tRLk2qj/fm+nc2bR/HseESdTczuMcV7WbJ8aVQ0OJGK2fO2tvgfyWXbmB1giAn8j+yioP4IERwDlm5++fztanVSYM4UbvAFyjFHrzqq+WdqATLAl33FWLdAgi1EJJWYV0vsc/LA2IJ9Jq9HFhIguJv9Z7raQjZqD9DvuZo2NFkZ2m5YvbfoMPD/fVaazdkyJJ7OXn5eXFxwY7SwIGrpa2NK5MWmA== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH 4/4] tests: qemuxmlconfdata: provide iommufd sample XML and CLI args Date: Mon, 3 Nov 2025 10:47:11 -0800 Message-ID: <20251103184711.4022833-5-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20251103184711.4022833-1-nathanc@nvidia.com> References: <20251103184711.4022833-1-nathanc@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: PH0PR07CA0036.namprd07.prod.outlook.com (2603:10b6:510:e::11) To SJ0PR12MB6855.namprd12.prod.outlook.com (2603:10b6:a03:47e::6) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ0PR12MB6855:EE_|MN2PR12MB4205:EE_ X-MS-Office365-Filtering-Correlation-Id: 59c17453-6134-4038-cc74-08de1b09722e X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|366016|376014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?6d3Wj/vgoScTNjdNuk21OugkME5DZqlc93FWoJ3kO7KN9palzxROpy6VaKgQ?= =?us-ascii?Q?YEnSJznYpH2g74IWGHlrr3Djh1IHW98OFnvxVdkNpxDV4Sl8nwvIOaelgV28?= =?us-ascii?Q?gPaT0bFtEIuHHQJUrnwPYFHN/30FBIYqDzt/exCsps7+NiAKW2LC86LLhqRO?= =?us-ascii?Q?D/Ln6RROpexDzMLz7Q8zm0GysWo67pHHC5xkJ51/P0LgcViXxVzjwgRKKNmk?= =?us-ascii?Q?oB+wAS3yVodBjmE+GNfzDt5h/I2mg+6cJolOaRYuO+8uxu3JYMlmidPw+IX7?= =?us-ascii?Q?qtTTpciRwGnK8CUyUGusIiF1kd91wdQ/SrF2GZN7W2GNGLDmAb3FZE1+Y3ew?= =?us-ascii?Q?rUOdh1lDNlyC66c02xshb0KSwSS0tpLjOzmIE7z2S1fm8zW4FhySnKIenX3B?= =?us-ascii?Q?vnbPwX1mBcc9cWdku4tZPCLud8w2tQrSnA6HkH1rCUtWV3HNINi7I74TV8cg?= =?us-ascii?Q?WnC7as229kgKQjLPlD3KfnOItuSVT3mEoiub/mBeh9V2edRRLiBQX4Vu2msS?= =?us-ascii?Q?IZh2dNPKKtS5dH+YoDdUyCU1K0NLAkZycyoXQjxIqFkzeUpA5iHpHFAbb0e6?= =?us-ascii?Q?NFjI0tr1RfRwA5TE6Po/YclueChqtWP5kLcPZzZ3uJkeWbBEhkryyFrjFGFo?= =?us-ascii?Q?nK7+Ks3s3Qj56yz7pqCLp24ORFn7oz6R9SwY4guh4qC4HWGAXtg8PXHgPT+F?= =?us-ascii?Q?UWL2ZmNd0o2bsdkW6wfsd/FOwEbc3MwQZe9HC32VZxpwGuKAhaeA1BisjpQj?= =?us-ascii?Q?kot0hGidVuhRqy9jpijfDUUhCae1fnro8vY88URZHrGNLHyW2jjjj1lvFv2d?= =?us-ascii?Q?jXcNPTMvru9fDFeaZyjVVeoQSEV1vrCTURGqyYIz+4X7VoTB1rHURT2y0xos?= =?us-ascii?Q?RszcqCIt3ANmdsPuI0yqiqERp/KeNueD3M6hiR7zhC6OIKLKlLwFYJnadyAC?= =?us-ascii?Q?i/HIK66FejfJeeaIGZALZTE4Lw4J//LbxQE/9NEdwUJtdvbYo2NNkF3n4vM5?= =?us-ascii?Q?HAM8H53R24ROBfSs98mihcH4fPnnnw//XVlbUp8uuiLFhgHzoWBtkn3wI2PL?= =?us-ascii?Q?ZEaD6UuVFhbulVjPIPqXNf8H7zk+s4rXBe0OblUaWS9NfPgRqT7ZWEn/kiKF?= =?us-ascii?Q?IaDAJHGmD6uQMbCr7Bb7HPgs591RnT21jHyqzKFGUizKvm1bAW2oeom8lLWG?= =?us-ascii?Q?uNnWYbW1Hfaxa28t+Td8cOCqnqSzqlWAc0fAi9sb/nks8FjEnSxDBtMVNuaf?= =?us-ascii?Q?zQMPKrAo29hBb5xHvUbCnf14U2H4cfKHFdjpmYaWYF89emQXjtavn6S+UeB6?= =?us-ascii?Q?vao6L3FE6f48z/DMvFmPNHOWBoTutrhsi7+OAs4v/EbnHU3rDGRjgl4QDuCi?= =?us-ascii?Q?TPPaT4EawVaHGhP29NCUlEYG1hWJz8AlwBk+AEkht9YhIzZBOz/DCaS65ej5?= =?us-ascii?Q?DLuDyr+PpJejTQbl2UYJOkoOrFcR60bD?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SJ0PR12MB6855.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(366016)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?Z5wwZ3FQnxO9aWaTwgg8ZpCwe1AhDyW5o2UinwT0GflPty0oeIR3ZgtWbaTt?= =?us-ascii?Q?4/3jAYbSukth2XuKw2NSX9QTpH7xDpCml/FFgvTdOyPg52cZM2JeOIzfZSwB?= =?us-ascii?Q?drDCXiEURcInGBFLrzTWq3d8EviwPUmJyfAOluCTHNqUFOjkYMq9CmJIo7cq?= =?us-ascii?Q?F1XQ9qu3don7G1MOp8wXngqlTDH15LAihnZgNfsFKPTog+SqAAZTIvRyLX82?= =?us-ascii?Q?YmJebB62AZAHnOQFq3lxFNg3FRzFBmhzsJU+lo0SVPNrWNAGzqq8okymVaRH?= =?us-ascii?Q?jUr8TZcvybRsCZqtGamXwjeBYWp2uNTyZKaZbngX9Jdjtm1MB3QzebKppjaW?= =?us-ascii?Q?5jpZuSBHFXRtrOu93aCj1LrBncsFjeMcnqpyam83aaKmL2euxx6zwTsw0+z/?= =?us-ascii?Q?M5Ae7zMnj6frcSHfL4opCgxdeGPBRtJ4psBrDJn733llO24H6DVnQhErk299?= =?us-ascii?Q?tJ6+qX0j8uSIZvP7EyPViNpaRaeBCVVYIUhnV+EHPJqCfzDLd/mHybzRyU+u?= =?us-ascii?Q?N+FC88E74Sky8CnZEq+zY3C+9zP2VqIKY/vR9ut6+ZAU9L3b5tCOxEu0fzY6?= =?us-ascii?Q?okBbmWl0Pf8oQTdbt6uHUnHTVWFeUQMdZNFKHj17mKKUIrN68jO9WanJrCV/?= =?us-ascii?Q?OMNWXaNn57Ext7Ajqm94t1wlnlHn3TLP27HoMrqpwnc/LVMF18v2NCklwXnH?= =?us-ascii?Q?y+Za4ENA1LssdftsKfPYBDpnvTt/3Hmfe6fMWPAzBG1ABWoSy78mIAY6ZY3+?= =?us-ascii?Q?OcioaDFIOjz5+1TSVpsFBy9iw6gsJZ2ggjSHz3v8njA4FRaB2M1HrT5jvj24?= =?us-ascii?Q?NNUV6H4eoMTDtmax86Rpn0AGaLsd0NFAb9nf+eT8KNHetMb0eYBlGcZv1Nqj?= =?us-ascii?Q?/d48CGOJa7Wzf8YyYYzvBXrEbzJoig2a01wizDJIPLMLnyZmW5rHEoZJoG/i?= =?us-ascii?Q?fxkEFM/EdipnCoWYwFvqUOWHx5r/jHCa/bImrq57W6leUD3jNDSerzEZAC3N?= =?us-ascii?Q?BzZvoSA4Sm+5ygmRSO+DFYB0NAbsVNUqeLOxltthHryS/tC02a0RAcnfoqvo?= =?us-ascii?Q?J1qus7qyNLjXn19vfoEWEuSPOzWhbv5WmCCJcZ5i8T98z/i9QtIDXtUTQ4qI?= =?us-ascii?Q?hmwc8fUt4pc2L1fK6y5UpyL8+Y4wuORUk1o63wRVzyh6xQkj0zegCvYMC8Ag?= =?us-ascii?Q?kKnuO7Z+cyDA7tWxb/gxktoMBpk/5anM07LY+3iqTJNipsw0LsRhXkcUwlui?= =?us-ascii?Q?qOx9vD2vHPT8p8Crc44sC739HZGgcpg4H+wrRs0OuhtvWml3UEOvD2INuvWU?= =?us-ascii?Q?1JyLcgTWYiNCXDUv5emt449JBP40Afimxl285zZTO9erBWURphGWAUJAtYvq?= =?us-ascii?Q?WaCS0pm8fH0/GSCPIhimGj3hG3RE8XuH1I7lMI4szYs1piI68I5MPmFkZ4E1?= =?us-ascii?Q?Bwa2vfXa2bXZ7M/bR+2CqCejgpQTobmJi2t5vK51vi/4JhEzNqe/RgxoBIJy?= =?us-ascii?Q?IJf/VEVetLMaW2WnWdiybp1ilca0LXIRAu519itLXTKlgHXz+FrH1g3gT3db?= =?us-ascii?Q?Kt/atwMmhc1MfUAoiOkNlH37NKrSdYgsjLG2XoE5?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 59c17453-6134-4038-cc74-08de1b09722e X-MS-Exchange-CrossTenant-AuthSource: SJ0PR12MB6855.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 03 Nov 2025 18:47:31.9247 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: iyBoXA9YGJLfeWrWr+IT9qALcOkZuwGkKB/lB9i5h91xqtMOWxFI0uP6MmVp6lm9XGITRjQkmB7qJT4FtK4i/w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4205 Message-ID-Hash: R6HOOQS7Q62DT52IBZGUFIDZF2K7CQM3 X-Message-ID-Hash: R6HOOQS7Q62DT52IBZGUFIDZF2K7CQM3 X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1762196192599154100 Content-Type: text/plain; charset="utf-8" Provide sample XML and CLI args for the iommufd XML schema for pc, q35, and virt machine types. Signed-off-by: Nathan Chen --- .../iommufd-q35.x86_64-latest.args | 41 +++++++++++++ .../iommufd-q35.x86_64-latest.xml | 60 +++++++++++++++++++ tests/qemuxmlconfdata/iommufd-q35.xml | 38 ++++++++++++ .../iommufd-virt.aarch64-latest.args | 33 ++++++++++ .../iommufd-virt.aarch64-latest.xml | 34 +++++++++++ tests/qemuxmlconfdata/iommufd-virt.xml | 22 +++++++ .../iommufd.x86_64-latest.args | 35 +++++++++++ .../qemuxmlconfdata/iommufd.x86_64-latest.xml | 38 ++++++++++++ tests/qemuxmlconfdata/iommufd.xml | 30 ++++++++++ tests/qemuxmlconftest.c | 4 ++ 10 files changed, 335 insertions(+) create mode 100644 tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.args create mode 100644 tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.xml create mode 100644 tests/qemuxmlconfdata/iommufd-q35.xml create mode 100644 tests/qemuxmlconfdata/iommufd-virt.aarch64-latest.args create mode 100644 tests/qemuxmlconfdata/iommufd-virt.aarch64-latest.xml create mode 100644 tests/qemuxmlconfdata/iommufd-virt.xml create mode 100644 tests/qemuxmlconfdata/iommufd.x86_64-latest.args create mode 100644 tests/qemuxmlconfdata/iommufd.x86_64-latest.xml create mode 100644 tests/qemuxmlconfdata/iommufd.xml diff --git a/tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.args b/tests/q= emuxmlconfdata/iommufd-q35.x86_64-latest.args new file mode 100644 index 0000000000..7d819e141b --- /dev/null +++ b/tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.args @@ -0,0 +1,41 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/var/lib/libvirt/qemu/domain--1-q35-test \ +USER=3Dtest \ +LOGNAME=3Dtest \ +XDG_DATA_HOME=3D/var/lib/libvirt/qemu/domain--1-q35-test/.local/share \ +XDG_CACHE_HOME=3D/var/lib/libvirt/qemu/domain--1-q35-test/.cache \ +XDG_CONFIG_HOME=3D/var/lib/libvirt/qemu/domain--1-q35-test/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=3Dq35-test,debug-threads=3Don \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/va= r/lib/libvirt/qemu/domain--1-q35-test/master-key.aes"}' \ +-machine q35,usb=3Doff,dump-guest-core=3Doff,memory-backend=3Dpc.ram,acpi= =3Doff \ +-accel tcg \ +-cpu qemu64 \ +-m size=3D2097152k \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":2147483648}= ' \ +-overcommit mem-lock=3Doff \ +-smp 2,sockets=3D2,cores=3D1,threads=3D1 \ +-uuid 11dbdcdd-4c3b-482b-8903-9bdb8c0a2774 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=3Dcharmonitor,fd=3D1729,server=3Don,wait=3Doff \ +-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \ +-rtc base=3Dutc \ +-no-shutdown \ +-boot strict=3Don \ +-device '{"driver":"pcie-root-port","port":16,"chassis":1,"id":"pci.1","bu= s":"pcie.0","multifunction":true,"addr":"0x2"}' \ +-device '{"driver":"pcie-root-port","port":17,"chassis":2,"id":"pci.2","bu= s":"pcie.0","addr":"0x2.0x1"}' \ +-device '{"driver":"qemu-xhci","id":"usb","bus":"pci.1","addr":"0x0"}' \ +-blockdev '{"driver":"host_device","filename":"/dev/HostVG/QEMUGuest1","no= de-name":"libvirt-1-storage","read-only":false}' \ +-device '{"driver":"ide-hd","bus":"ide.0","drive":"libvirt-1-storage","id"= :"sata0-0-0","bootindex":1}' \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-device '{"driver":"qxl-vga","id":"video0","max_outputs":1,"ram_size":6710= 8864,"vram_size":33554432,"vram64_size_mb":0,"vgamem_mb":8,"bus":"pcie.0","= addr":"0x1"}' \ +-global ICH9-LPC.noreboot=3Doff \ +-watchdog-action reset \ +-object '{"qom-type":"iommufd","id":"iommufd0","fd":"-1"}' \ +-device '{"driver":"vfio-pci","host":"0000:06:12.5","id":"hostdev0","iommu= fd":"iommufd0","fd":"0","bus":"pcie.0","addr":"0x3"}' \ +-sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,resource= control=3Ddeny \ +-msg timestamp=3Don diff --git a/tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.xml b/tests/qe= muxmlconfdata/iommufd-q35.x86_64-latest.xml new file mode 100644 index 0000000000..bb76252b61 --- /dev/null +++ b/tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.xml @@ -0,0 +1,60 @@ + + q35-test + 11dbdcdd-4c3b-482b-8903-9bdb8c0a2774 + 2097152 + 2097152 + 2 + + hvm + + + + qemu64 + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + +
+ + + + + +
+ + + + +
+ + +
+ + +
+ + + +