From nobody Fri Jan 9 07:53:10 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1767754415516782.072154510277; Tue, 6 Jan 2026 18:53:35 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 228E643E36; Tue, 6 Jan 2026 21:53:33 -0500 (EST) Received: from [172.19.199.83] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id EA52843DEF; Tue, 6 Jan 2026 21:50:11 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 36E5641B4C; Tue, 6 Jan 2026 21:49:48 -0500 (EST) Received: from SN4PR2101CU001.outbound.protection.outlook.com (mail-southcentralusazon11012048.outbound.protection.outlook.com [40.93.195.48]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id D063941B68 for ; Tue, 6 Jan 2026 21:49:43 -0500 (EST) Received: from SN7PR12MB6838.namprd12.prod.outlook.com (2603:10b6:806:266::18) by SN7PR12MB7977.namprd12.prod.outlook.com (2603:10b6:806:340::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9478.4; Wed, 7 Jan 2026 02:49:40 +0000 Received: from SN7PR12MB6838.namprd12.prod.outlook.com ([fe80::69ae:2df4:372b:6fbc]) by SN7PR12MB6838.namprd12.prod.outlook.com ([fe80::69ae:2df4:372b:6fbc%7]) with mapi id 15.20.9499.002; Wed, 7 Jan 2026 02:49:40 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=BUiRJSQvO9e/PA4/Y96jeUPUpmQRvMK8O2APjPdETQQI/JCigobHCgXozBYAP43y6F9vm/h6+jCD4Z+db+rqk0iWlLSd4wbT5r4IJk2MhTpD90gCBD/kV/j9LpiI8/9qwMI5e9jl4XDO6e5HMuHZWp39j9FKfWBlebFt5VAryI1EtMVSZ3CxpFliUDn+INdcWIwN5fKS+WKoJdUJPonGoI6i6DfLBGr+hmns4YN2xKnzmOU3gcTYj+SetKO/PVsdFgLJyuLL6Pn93MJm0crpg2SwOd9Ct6Wc+i2r87dCEmAsSIp7+VSIdF3aputE9HOoixV8SAMcAMJyYr4yOJyY5Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3wTtO2ZA/pOH9zJ39JBubt/USt+35sAkxzBAJQmccJQ=; b=lLxMv0hazrupcx3lC+lamHz7LaVdJcbwHWt8vcs5kst0UDPmO5d1XRNtd0VLmuxj9UiieXNw1CwUr2ZKqKyq5btOPlmlNT7a9AOwe8/gU40avQBcpKAgTk3jkOQ63PhhTsphwmQGtSdanZ8jjnTYkfT5gMbaZJkZolvn74lLuqAh8iU17pI3JsJ96GYJZjf+xEG9cGVulCOA4GWvHP7NT4USWfP91Llov9n1EVeToo9HEVSsY+Q6tnaYRRPzL1cgX6QHVrZNY1CRPVkP+DpkxmYXkNnXyq7OxXe+ryjEhliCkq5taigJb1shdLi3D2uqpuw96HZfpIcYrmErXMjeoQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3wTtO2ZA/pOH9zJ39JBubt/USt+35sAkxzBAJQmccJQ=; b=PNzOhLQ11Py6rtxeNY/XcjAb7B7KEwfnPkTWjXRMLBrTASpDRQC6eJZZYbpycCRn6ryqVGICqy0sWpPXFjpw0lXwBNq6y84FUoELVKDdsejFPaBKaoziDm5a/E0VQIegcNyj82vypHNjKV4u0dV5C4cp4eZSh5cYCTXC/4r26BGMtYhyY9we7rOFhrkHztX7aEFTalShD695MMgpJ+r+8L4GmDCij2wn1x1UKVFo4WdMny3tdrQVaiioan4EzaJExbol2jSqhLINjXyR5XKyRP0l4TRnbvtwOtN8qjhkP9WtbLuaMwbMDGlloSbygVOgVnB+SXQMzaD8Q4eRIrBRoA== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v4 1/7] qemu: Implement support for associating iommufd to hostdev Date: Tue, 6 Jan 2026 18:49:32 -0800 Message-ID: <20260107024938.461794-2-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260107024938.461794-1-nathanc@nvidia.com> References: <20260107024938.461794-1-nathanc@nvidia.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: BY3PR03CA0014.namprd03.prod.outlook.com (2603:10b6:a03:39a::19) To SN7PR12MB6838.namprd12.prod.outlook.com (2603:10b6:806:266::18) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN7PR12MB6838:EE_|SN7PR12MB7977:EE_ X-MS-Office365-Filtering-Correlation-Id: 364dc6e4-fbb7-4ec1-9e8e-08de4d97674c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|366016; X-Microsoft-Antispam-Message-Info: =?utf-8?B?aTVtWklaYzFEbmZLUnN1N1dvYTRheEhYT2I3cG5XcllvL3hlbWdYRUlPSFpT?= =?utf-8?B?VXh2ejdHOWpFVWZ3dlhoTTNvOWJHa2lWSnd6NU10a3ZSNG9TRGtIN1lkU3Ir?= =?utf-8?B?SHZCS3lhUFgwaHpBVzJDMllWMGtkVVBWRUhXeUtoOUNKSisxT3lZR1J3MlI3?= =?utf-8?B?REdZWWV1V1lVekpDVHIzak1VaE5taE9yZjVQNmNTTTI1QlZteC8va2JveFNl?= =?utf-8?B?dXJiRWhTaFNuYTNpMTh1ZnY3eHU2Q25LZHpPOExBK0RlaEhHMDRhcjBtcS85?= =?utf-8?B?bjVxU0l0d2pIaUNnZEYyLzdzV3JQTEVvOE12VlQwZVZNdFhLN1pEMlBwMVVF?= =?utf-8?B?SEJYL3gxSjBVNmk3ajlrSzBKanRKcGtIWS9yQzB2cys2eUh0RTFoODRycUEx?= =?utf-8?B?ejFEZmZGdFF1bWRNc0grYmFzUlJUZ2J6L2o1VitCbW9ZMFlzSEhvVThiV09h?= =?utf-8?B?cVJmV2RDR2xvSEFyUnhtWEVwczAxY0lMeDJvUS8vNFZZV2V0NnNkVHpkWXdK?= =?utf-8?B?b2VreC9LWi8wNWUzZmRXRG4rSHVIMjFsUkliN3k5S3Y2TmpFYVJvVXlKVlFX?= =?utf-8?B?RW5pTGJteVpCdUNGbGZGaExHUE1tS2ZlRVpVb3ZiQnE0N05XcnpuWnNKL3Vr?= =?utf-8?B?TEJHS1N4TkY2L1ZQZEVHS3ZTOWRTUmZYVndzOE16d3QrMlVSRk96d0t0emU0?= =?utf-8?B?UStLSWJ4MmtldjRtNFlhRWZXL3ZGMlRwWFUyZEhhRmFJa1A4N0dWOHNtRXdB?= =?utf-8?B?T1NFUHBJSGdQdnRLbEFJRzllaUxET1FOemw0SXFzbkhXZXY0WGR4NGVQVEYr?= =?utf-8?B?WGw2bHgzMWxicW11bE85WjFMandIS1V0emMwM1ZtSHRyY3lDWnJPNHp3MTNF?= =?utf-8?B?YjlUR24yVk9DN3FibExzWk90VjNORCsvM0VZZnNRYTV6MUgvNTVIM0dzQlNo?= =?utf-8?B?NjJvNzNMU05YS0xKdnJFYWo1SUJyOWNsU3RqUkNwekg0WjRFazk5YmZUQUts?= =?utf-8?B?Y3JDYWVVTU5QTTZMY0RVNnd6b1ZNMXNYV1hmMzBpdjVHTkEybGNKQWdFUVZY?= =?utf-8?B?VzJGNHB6TDEzY2k5dDVwbkZOeE1yRHg0bEFpUG9Ib08rSWhEVHBqQXh6T1J6?= =?utf-8?B?UzdsL1JlRElwK2hZRVVnMk8rVkx3dE5EYzdkWldXUDJXaUIwK1RiRVpkRFlI?= =?utf-8?B?bGJLK0N2VDZSa25pb1BCNjJRbXUxNnNHN3BsNFFPbVMrZGZlUlo5NVhtd0J3?= =?utf-8?B?NXhBbmZRSVJ6ZmtjZG5lQ0dxNWVDRzhmY1dDMjgwK2FqeVh6Y2JvUFJpRUk5?= =?utf-8?B?a0w4N2F4MzFkVzdqQXBra1NUNjdTWnIvUHBiT0xOUklzUW9LbFI4SlVCbXVX?= =?utf-8?B?ekhXVHZPZG5sa2I3cU05NEJNMnphck15OXdPbCtuVGJYSDNMS3ZDa3EyZElV?= =?utf-8?B?WWNkdXFmek9mTW4ybmcyaHhsYTUwTGFwQWxFamFXWU9QSnZpNzJZelBkbkY0?= =?utf-8?B?L0ZHYUsrK2dSQVFQU0tGZ2dyS05FYjFRTGw0aU4xMFdET1V1ZG1KeTlYQnlq?= =?utf-8?B?ZHhxYkFHWERiTC9QRmQ5R3ppVDllVVJBaGFDeTFsQmxjQ25KNk94MyswY1VY?= =?utf-8?B?VXFXODluaFpNWDZoSlhrdzBIQlFKR0taMjRIdUdVeWprbTMxMjUzdlJTcll5?= =?utf-8?B?L2RkTUZzWnRhTThOSmw0TUNSM2Vmd0ZmcUMrMHpYWnJSVzFteDQza0NIbUhV?= =?utf-8?B?TFNBeWJKWVNQKzQ2RTQ5aVlBRmxCdTAzYUNEZ0ZIaFFuQ1ZyaGF2LzJWMU9F?= =?utf-8?B?WVFzY01MWlF1bkFQaWJCWklkQkt6ZFdpQ2lTd2wwUXZNa0VXWWFsd1NOdmNi?= =?utf-8?B?U09UZURCT1d2cmRha3VzdHdPSlRjSmJCLzdMdTdhUnN2M1VIK1h3QjIyeWEw?= =?utf-8?Q?xpvsqwBMGQcY8c58IaM/L+ioJnVxTgFl?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN7PR12MB6838.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?ajgwdEs3RkdQU3pyMEdyWHNKTzF5RncwWEh1RlZYNThlcTVVdnZHaTFGT1ky?= =?utf-8?B?SnRQQlRxVkFCTzRVeXcwQTdnQlF4MTRSMzZNNWZDRk5qWDQ3UE9LQjRRNTFy?= =?utf-8?B?a1hCNmRCeE5GOWtVWGFZZ2I3M0hHT1FEZFNtQ1RuTEZFMFdlZi92WEhXZmpP?= =?utf-8?B?ZTRja1YrQ3dGN2RUUlJET3BxMGdrUnhLa21QUnEra3VwbWZIRXUwVk9OeEQ2?= =?utf-8?B?ZytCY1l2eFlkaDE1M0hGUnJ4ajBmUnFkN1J3UDVQRTdVWlV4TEhMcVhueEhT?= =?utf-8?B?MGJKR2VqemVZczlxZW93bW9haldlSkIrdjNqUFlvczAxbUw1cVdGT2E2Lzkx?= =?utf-8?B?RHd2UmR1SHdmU2NUdzJtRThBdVc4UTZhUWlTT0xxM25BamxseTJoYnZ2L2No?= =?utf-8?B?NG5ld3FoMkNGYlk2ZVIwSkwxM3VEUDRJNGhHQ0xoOU9JR2RPckhvaVlyNUhV?= =?utf-8?B?ZHBaWStEMHY1Vm9VM2c5ZzY2MG1vYW1pTXBBQm1SMWdHcHVlVThxU1R1UGFh?= =?utf-8?B?ZW9hUjVvbEZvZjBRV1FDaDNrYzRZQVBURTB5MzJyS0R5OFZ1UkhtUWpnVmhq?= =?utf-8?B?dEVQNWQ2enNIRTZtTEl4YU95K0NZelZ6MUpFQ1BEejR4Y0lFWnc5ejlxb3lv?= =?utf-8?B?UGVnZjJJeUExY1dNQWZYdEFDSERkcElYcWlJa05nSXZQWkN4Q0RraDRFNjIz?= =?utf-8?B?RG43VVVpRUtZZkpSanBsNWp5SlQ3emExNGowK2lYMkxZWFlRelNRRW1DUUpu?= =?utf-8?B?dCtVbXdLRUt1OFpSZU8yMWpIb1FVMVo2YkpaMjVMeGliUHB6dE51cUQva1gy?= =?utf-8?B?YUVhS3M3S3lrUjZ0aWwzVVcvdjdaRGwvblB1M0o2MS85Sm9oTnRkK2JYTitO?= =?utf-8?B?M2dURktYR0xtbkZkOW5nRTNqRmNVeXk0bWlaU0YxVk5TWnlzTWNJTk5rUzM5?= =?utf-8?B?LzBEclYzelJlSFc4Ky8zSERDaElBNWxYQ3ZlRlIxWWdXUnZBbk1BQmVJMTJL?= =?utf-8?B?bjkxSzd4ZEVhT1dFSzMrZWwvZEFRaDRXdE5ld2hhU0laQTExRllxdlVqd1gy?= =?utf-8?B?OHZqalhwMUtzM0VUREo0UDUyLzVRWUFRUlQ4RUEwVWlpc0NjTWpwK1p4dGo1?= =?utf-8?B?Y284d3FnVzFuREN6dVBCR2V2dllJRkxwS3luNEpZNzhtZndnak5EUkV2UzVX?= =?utf-8?B?WS9uOCtmOU54TWQ0RTgwY0ZXaHNLdG5JSHFpanI4eWJzVldlYVk3SWsybng0?= =?utf-8?B?VUF0TDd1TUNYdjJNVzRST29kNm5YTVI5VytZM3QvY05jT01DOXBDZERlaHly?= =?utf-8?B?aHRPdFVDMURpeTZQVDFkcXo3cEJSdDc0NVhrNEJmY0dnM2tWUmlIdjU0SHlC?= =?utf-8?B?L1lHejNHTkZ1N1RMb1Y5eU53djdkQit3eiszTWptT0NITFhoYnp1V2c1UGI5?= =?utf-8?B?MTVib1NDRzl4R2pDSHhOODNheko1MmVOSFVRV09WMVNJUWtxMmZJTU1WVU4r?= =?utf-8?B?WjJTUGVFYVRmOHRhRjU4ZHlITElUWWxla3pMOUMzaVZkbU9xUVBoOHZNSitm?= =?utf-8?B?N2J6UTExN0ZJVEdFMThId1hXQ09Xc3FTa0hLMmZwT3Y2aHFEWkpsRXlhYWZi?= =?utf-8?B?SUZGRG5XS0NJNFZqTXVwK0w1NFIyclJhWmpyZlVHbVI1TFBIeWhSbGRVWEZX?= =?utf-8?B?bDM2dXZnME5pM2xrRjB3ZTVia0ZrcjNjVTJrclJjY2RqWG9uaExweURlZzls?= =?utf-8?B?dzRMSk1YR3NzT3o3cm9jenc3M01zWU00cnUvbzFxdytHQldCUGpOL3BiTTRz?= =?utf-8?B?RzZGZTZVRm1VcFBYa2lTSldlMGlUc084alI3Sm5mL2tMYXdNZHFGNlNyRVAv?= =?utf-8?B?Ym1scEd2ZmJ4TkpCaE85dWdobkFzc0ZkaUpzeDR5bnFwNGovTGIrN3FUdHJ6?= =?utf-8?B?U1Y0YTk4U1JNQ1B6N1hQRWNMMVFGL0d2QlVvcDhvRFRXS0RIV0tpdzJaRWgr?= =?utf-8?B?RjVQcEcwL0JLaTZCSWJUSlRtaHBTOE1wTXZSR3VpUWRaMTNzZzFsbStwUVlz?= =?utf-8?B?N0pQVld1SkI0QXVDT25nQkpuNUVNVDB0NFFvUTFrRmpMSzIyUktSK3dnK2tZ?= =?utf-8?B?TE8wWHp1ODA2dkpWSlRqbGJLbHhvdkl0S3loM2U4UmxOSjIzbVRveXdySVVI?= =?utf-8?B?ZngrUzNVUU1kaVdyK28xZjNMcFFPZkhRTDliTHQ4cTFCWFJya0VCYVk3djRx?= =?utf-8?B?cnlUOTROY2d2OW0vblp0TjNHdm9zYmlMQ0pRSDJpL3ZsYTAvdnUyN1VoWEdr?= =?utf-8?B?UkJnQVA1dnBJQm9yK0JVRXJUVS9hTW9zSFJ5eHlOcTJGQWVzTWRpUT09?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 364dc6e4-fbb7-4ec1-9e8e-08de4d97674c X-MS-Exchange-CrossTenant-AuthSource: SN7PR12MB6838.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jan 2026 02:49:40.2516 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: bQ2s/Svm45koql1KXX0ycfKaG6RptWXvMoL2LlQsFA9ueeKaMmsJWReq3+HzaKS1bBZ9mUUw+UBdJqji2KPIOg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7977 Message-ID-Hash: I3W5XKZCVTP7PSESUR2UTX2QSS2IDBQL X-Message-ID-Hash: I3W5XKZCVTP7PSESUR2UTX2QSS2IDBQL X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1767754417774158500 From: Nathan Chen Implement a new iommufd attribute under hostdevs' PCI subsystem driver that can be used to specify associated iommufd object when launching a qemu VM. Signed-off-by: J=C3=A1n Tomko Signed-off-by: Nathan Chen --- docs/formatdomain.rst | 7 +++++ src/conf/device_conf.c | 11 ++++++++ src/conf/device_conf.h | 1 + src/conf/schemas/basictypes.rng | 5 ++++ src/qemu/qemu_command.c | 46 +++++++++++++++++++++++++++++++++ 5 files changed, 70 insertions(+) diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 1467fc7e10..c8f827d460 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -4907,6 +4907,13 @@ or: found is "problematic" in some way, the generic vfio-pci driver similarly be forced. =20 + The ```` element's ``iommufd`` attribute is used to specify + using the iommufd interface to propagate DMA mappings to the kernel, + instead of VFIO alone. When the attribute is present, an iommufd + object will be created by the resulting qemu command. Libvirt will + open the /dev/iommu and VFIO device cdev, passing the associated + file descriptor numbers to the qemu command. + (Note: :since:`Since 1.0.5`, the ``name`` attribute has been described to be used to select the type of PCI device assignment ("vfio", "kvm", or "xen"), but those values have been mostly diff --git a/src/conf/device_conf.c b/src/conf/device_conf.c index c278b81652..d68232a4f4 100644 --- a/src/conf/device_conf.c +++ b/src/conf/device_conf.c @@ -67,6 +67,11 @@ virDeviceHostdevPCIDriverInfoParseXML(xmlNodePtr node, return -1; } =20 + if (virXMLPropTristateBool(node, "iommufd", + VIR_XML_PROP_NONE, + &driver->iommufd) < 0) + return -1; + driver->model =3D virXMLPropString(node, "model"); return 0; } @@ -93,6 +98,12 @@ virDeviceHostdevPCIDriverInfoFormat(virBuffer *buf, =20 virBufferEscapeString(&driverAttrBuf, " model=3D'%s'", driver->model); =20 + if (driver->iommufd =3D=3D VIR_TRISTATE_BOOL_YES) { + virBufferAddLit(&driverAttrBuf, " iommufd=3D'yes'"); + } else if (driver->iommufd =3D=3D VIR_TRISTATE_BOOL_NO) { + virBufferAddLit(&driverAttrBuf, " iommufd=3D'no'"); + } + virXMLFormatElement(buf, "driver", &driverAttrBuf, NULL); return 0; } diff --git a/src/conf/device_conf.h b/src/conf/device_conf.h index e570f51824..116b959143 100644 --- a/src/conf/device_conf.h +++ b/src/conf/device_conf.h @@ -47,6 +47,7 @@ VIR_ENUM_DECL(virDeviceHostdevPCIDriverName); struct _virDeviceHostdevPCIDriverInfo { virDeviceHostdevPCIDriverName name; char *model; + virTristateBool iommufd; }; =20 typedef enum { diff --git a/src/conf/schemas/basictypes.rng b/src/conf/schemas/basictypes.= rng index 5689170fad..381e0ac24f 100644 --- a/src/conf/schemas/basictypes.rng +++ b/src/conf/schemas/basictypes.rng @@ -673,6 +673,11 @@ + + + + + diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 98229d7cf9..98e4469c25 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -4760,6 +4760,7 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, g_autofree char *host =3D virPCIDeviceAddressAsString(&pcisrc->addr); const char *failover_pair_id =3D NULL; const char *driver =3D NULL; + const char *iommufdId =3D NULL; /* 'ramfb' property must be omitted unless it's to be enabled */ bool ramfb =3D pcisrc->ramfb =3D=3D VIR_TRISTATE_SWITCH_ON; =20 @@ -4793,6 +4794,9 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, teaming->persistent) failover_pair_id =3D teaming->persistent; =20 + if (pcisrc->driver.iommufd =3D=3D VIR_TRISTATE_BOOL_YES) + iommufdId =3D "iommufd0"; + if (virJSONValueObjectAdd(&props, "s:driver", driver, "s:host", host, @@ -4801,6 +4805,7 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, "S:failover_pair_id", failover_pair_id, "S:display", qemuOnOffAuto(pcisrc->display), "B:ramfb", ramfb, + "S:iommufd", iommufdId, NULL) < 0) return NULL; =20 @@ -5320,6 +5325,44 @@ qemuBuildHostdevCommandLine(virCommand *cmd, } =20 =20 +static int +qemuBuildIOMMUFDCommandLine(virCommand *cmd, + const virDomainDef *def) +{ + size_t i; + + for (i =3D 0; i < def->nhostdevs; i++) { + virDomainHostdevDef *hostdev =3D def->hostdevs[i]; + virDomainHostdevSubsys *subsys =3D &hostdev->source.subsys; + g_autoptr(virJSONValue) props =3D NULL; + + if (hostdev->mode !=3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS) + continue; + + if (subsys->type !=3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI) + continue; + + if (hostdev->info->type =3D=3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_UNAS= SIGNED) + continue; + + if (subsys->u.pci.driver.iommufd !=3D VIR_TRISTATE_BOOL_YES) + continue; + + if (qemuMonitorCreateObjectProps(&props, "iommufd", + "iommufd0", + NULL) < 0) + return -1; + + if (qemuBuildObjectCommandlineFromJSON(cmd, props) < 0) + return -1; + + break; + } + + return 0; +} + + static int qemuBuildMonitorCommandLine(virCommand *cmd, qemuDomainObjPrivate *priv) @@ -10932,6 +10975,9 @@ qemuBuildCommandLine(virDomainObj *vm, if (qemuBuildRedirdevCommandLine(cmd, def, qemuCaps) < 0) return NULL; =20 + if (qemuBuildIOMMUFDCommandLine(cmd, def) < 0) + return NULL; + if (qemuBuildHostdevCommandLine(cmd, def, qemuCaps) < 0) return NULL; =20 --=20 2.43.0 From nobody Fri Jan 9 07:53:10 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1767754721950607.2236795071381; Tue, 6 Jan 2026 18:58:41 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 0BCE941BCF; Tue, 6 Jan 2026 21:58:41 -0500 (EST) Received: from [172.19.199.83] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 4B91343E30; Tue, 6 Jan 2026 21:50:41 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 8850E41B9E; Tue, 6 Jan 2026 21:49:52 -0500 (EST) Received: from SN4PR2101CU001.outbound.protection.outlook.com (mail-southcentralusazon11012048.outbound.protection.outlook.com [40.93.195.48]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 0A12C41B94 for ; Tue, 6 Jan 2026 21:49:44 -0500 (EST) Received: from SN7PR12MB6838.namprd12.prod.outlook.com (2603:10b6:806:266::18) by SN7PR12MB7977.namprd12.prod.outlook.com (2603:10b6:806:340::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9478.4; Wed, 7 Jan 2026 02:49:41 +0000 Received: from SN7PR12MB6838.namprd12.prod.outlook.com ([fe80::69ae:2df4:372b:6fbc]) by SN7PR12MB6838.namprd12.prod.outlook.com ([fe80::69ae:2df4:372b:6fbc%7]) with mapi id 15.20.9499.002; Wed, 7 Jan 2026 02:49:41 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=poLwZlbI5jvOlGFb068AppJwRzizSHk451dNkBjgfpjt0dJJkoo3/awgggIGFGgl3QoPVL0tKNZPhrRDBSuFTOSdinAJcw0PEnd29F8n4NWKzb+udcI8UmAruWghNw+gwhDH/QPZVcfqofd6tWUG7YyvecTNLol4H62+jZu74BSGp1fT6Jgw2wavHibphQdQSjExXqNsbB/0UzIkhGJXob2AVdwzLevYxMWWecQqkC0hcV3t+TZt8C5qNf8UhqiZHsj8UcEqDOusEZloQU/8/CXwW/I90Zsx75PxYF1EXLrvFwHVcyVvHeWRXpj3WumKdfa4Culbz+gzW2zrAsDacA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=SAIH0Nmq5K6feJcqqiwS2Bnpqa77YbaWLWgLPH0dipE=; b=RNtdX6sckDh27PEEcqJ0nvtJd0cY/cHujsg7+07yRpEk7rxqYf4gIA9IX67HW2dMORo3GwSW+nT9G2VUSb5/fsU5Lbs/oVumd2qOeqFAYlNJKwQ6Dc4SREYPEsyxpFUAHjlsLmXam1g7JDpKi+ld2JXPb80cgoxDPpqcXd5+S38NVaqwawRFhcCauz5NY2UNFNBBmCOYf3uDDWbc9DUYZ3uS4em+3wn3u1s/KKxgg4sHTGbgNuwJNTPtAfzmYZ3Iaa/e+dJT3gHB5y+bWwmAqOvIJ+3lhU2X7MPgE90lgbD7tL6j8EMjPRUMDtJzHm83/A/xkc8VrdKSZdbp1D40Xw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=SAIH0Nmq5K6feJcqqiwS2Bnpqa77YbaWLWgLPH0dipE=; b=GC01q7963Mb2F7LKVku9xD/EamvVuOeSdnf5Yq96zFkQTobNwdEdrtW1p96M6Jgz/n2aHwUhsOTAe8touo2ts1BG55hIBsapsZ9yimFxm7ja881ksC3w6yRGA2o3btj5DGu4PQ16Dz0hgZDalj9uWKoPY8COyQi0D+rtMQweKzsrIYa/Z+tqdXM6CgFdbMSi4SHMAY6S2fL98KXl6Wq8TkK7f88Cre0uHfAPEswet3GrGsR/4+X+8z4DNwc4lAZdbfYufCjA3xbBJUqZ8AvXDN+50gTt8SRCaDHm/Yp1oLuWEe061XgtDGWSaavK3TziGsce1WncGWtK4I0UcP97Sw== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v4 2/7] qemu: Introduce privateData for hostdevs Date: Tue, 6 Jan 2026 18:49:33 -0800 Message-ID: <20260107024938.461794-3-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260107024938.461794-1-nathanc@nvidia.com> References: <20260107024938.461794-1-nathanc@nvidia.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: BY3PR03CA0023.namprd03.prod.outlook.com (2603:10b6:a03:39a::28) To SN7PR12MB6838.namprd12.prod.outlook.com (2603:10b6:806:266::18) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN7PR12MB6838:EE_|SN7PR12MB7977:EE_ X-MS-Office365-Filtering-Correlation-Id: 11c33a7d-8bf8-4bf6-7c0f-08de4d9767e4 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|366016; X-Microsoft-Antispam-Message-Info: =?utf-8?B?K2hJUDBaYkJmVlNlRXMxR1VsdngzZDYzWE95ak1xOFA5cXlaWFh3NExmd0Zu?= =?utf-8?B?K2xnZnFKZlRzVXRKOEE4SXh1bjVWZE9Yd1BsbW5acWs4MU1rR3hHU3JtNXJk?= =?utf-8?B?c3ptYzJFYW1MUE42eE5aR0c3TjY5ZTNROW9ZaGZWclp6TDdTVjVSZTVSellk?= =?utf-8?B?QWxZYm9NbXRiWWpVM2dGUzFPY0xjM1BidU1BTkYxQWovbjdadHlTWWlGLzhP?= =?utf-8?B?T1JKOHE4Q0pZdDUyYTZwL3BhTkQ5MFBVQVRKcmxIVFBhTENkNTBnT29SM0Zv?= =?utf-8?B?ZXBJWGN6ZUhKZm15L3plR0hZcXFtK3N2OXJHb0ppM0ZWMSs5M1crUWJrNWNN?= =?utf-8?B?cjlaNXUvdWtOWWdVaVJTSmlpTzBIMVF1UzVQeENRSE1jUVlLMGgvSkhPeUtY?= =?utf-8?B?TFBrbGhYbGJhRmNyYTZXTU9hK2lYS0pMY0dia252TkhadjRRa2NoQTEvZjFV?= =?utf-8?B?VlFMM2UvWXk2NDdMVGR6VHNDSHZSQzVVRUUxN2RuRU9vUGxueEx0VjU2MklJ?= =?utf-8?B?bmcrU1ZteXNmRjlzeFUvUHNjb0FieHJ2ZEFKRGZnYVgzblFwaWN5VGozckVz?= =?utf-8?B?ak1iREhFS2I3SUV5eFBFcHBONmV0dklzOHE0eWIvZlZDZm1Ucy9OeUJpSXht?= =?utf-8?B?RnpQR3gzekZLbDFBZFZsVm5hQUdLaUNTU1paeEVlT2ZncTljR1JrTTM5WTZI?= =?utf-8?B?V3NLZ0t4TTgwdEJlbFBsbXI4Sndic0x6SWRnOGFhZVIrV21UUTVFNmtrakZn?= =?utf-8?B?UlN5RUF0ekpaQlgxbjhqTCtoZXA1dU9BblVVdEtQcHhxVjFtYTF5TXFhK0RJ?= =?utf-8?B?VFhzYkU2RGQ2RjZtUG9WWTQ3cFNpaHF2VmVManFhdWZBeFVvN1A1OHNtU0d3?= =?utf-8?B?d1lTUDNNTWVBSlMvc0hReEpocEdmRU4rZWNZb2FvRW9YZzg1QmVEN01aVlEz?= =?utf-8?B?MFNBc2pId09SakNrNjkwamx1STA2cVMxVkhYVXBqRzJGSDU3blJtQlFPM29r?= =?utf-8?B?Z3hDTG1uN1RJQVB1VDZBOFpVQTlRanRpeWNmS01sVkJlWkt3Yy9sclFQSXh3?= =?utf-8?B?cnhkK25rRG0ySVY2RlM0YnZGQ1lrZGQzc0tSVGgyL3BJbThUTG9CS1RWeCtC?= =?utf-8?B?NytnUzVjUHZDTFY3WlArMEVUbDlPZm1BbmVzbmZGME4xcVUxMjVnc3NPdDVQ?= =?utf-8?B?d1h1bWVXK2JVV1h3aEcrajhiUUxBTWw1TlF5eEVUQk5kRUJPRDB2UXRJUUZO?= =?utf-8?B?YVpzV2tnZ3p0S2g0NFdMZVJQZ2dBMFAyb004S0dMcE9ON3dDNkJTc09JVERU?= =?utf-8?B?VERHZVJySVhDZlhRdU4wN0dzd1FIc1UrNlZ0a21sM053SGtvc0VnRFlRUUFJ?= =?utf-8?B?cXA4TGlFNGtBeDIyK05pMmdNTHZZaUx6aWdEeGorZ3lrQ20rKy9zUy9Fd1JX?= =?utf-8?B?cUMvNHlqYjZoSzdWMjhhMlorRmovdTRHMFBlUHAzbVkxU0tMb1NtZndicHl4?= =?utf-8?B?YlUwWkJXM1IvY0RDRlExZHFVekNxdU5nR3I4T0c0V2QwVGRKNGNmYzBGakc2?= =?utf-8?B?V0EvZ1ZDUEhZaUtvQXhsVjM5TWlZUUhXRmh5TDVCbVZFWE1OZzlNSUZQbE0x?= =?utf-8?B?M2g1bEg3U2dKdm1GNnFiTjc5MWlnVk13aTFKU0w0YTdyTE1SUzJGSkJKK3VH?= =?utf-8?B?SFNDRm5yaGMzNEc0QmdRckNwNUdrcHYrSUllQmUxOWM0cVUzaFlDWlJRTjdC?= =?utf-8?B?ekk4TlRYSmoybWpINFFMbXlZNnFOSXh2bnY4MTB3NEFRd0lpYXZyZUdLVXJD?= =?utf-8?B?UVZ0bXFETm9RK01SL0ZsSFhYem1tRXRIS3VlSGtTdDAwdDhaTHpHSnFGa2tq?= =?utf-8?B?SGs3Sk9aSGYrVjJFT3pLVm85MHM3NXBoRW4xTG8rTk8xbWNLR1VWdUxma2F4?= =?utf-8?Q?RQnsoVqjDkviO+eX9tw4IifWh05FG3oS?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN7PR12MB6838.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?N3JrVi9pMVpWdUpIL2tGOHp1MFdUQUtBeGhhNi85V0pYUTVwZjlMUkg1ajZB?= =?utf-8?B?SmpSa3g1SEdDNUwzK0NjVEhRK1owL3RON2thcHpILzVJY2J2djRZTGJkVjhU?= =?utf-8?B?d3F0SzRUNGJXSnQzNDdCQ0dmZnFpMitiZTFoUUYyYU5vakVYcDR6UWE3SE50?= =?utf-8?B?VDFDS2V1eC9rMkpVazU2RkVGZWZEZ0ZWRGV4VWEvWUZuR0xLbllQVkhlV2RI?= =?utf-8?B?N0lpbWFnRDd6ckJ5UTNRRi85Y1RPK05nanFObHpVVU5mRXZLOTlDd2Z1ZjEv?= =?utf-8?B?Qk9WQ0ExNUpOcGRnbEEvZWlQcTlYSjdxNXJuTjZZU2xYTVpGb3RNNVcxSGVp?= =?utf-8?B?QVVMUnc5bUlhRHNkclFpUnR5WHJsdFFjbnBhY2hvd1ZKd1lncTV6cVhuS2ZM?= =?utf-8?B?ZGZIQ1JsM3c0UmlBQUJXUXpOaFFSbXhhRFQrM2NNQS9UdEdZRjRzU0pBaTJS?= =?utf-8?B?SDhlUnFQRFEvS0dRSVRIanJPTlNmNmU5MCtDR0hMcjNzRmFEd1BPbVRGcjQw?= =?utf-8?B?a0hMSHVJNlJteUUxcVpVOU9OZlNqK3Y5M2FsWFFnVEhVckZQVEhpTzBKZHVU?= =?utf-8?B?OEREYlJLTmFsL1JtSkJUU05PNmtVVHRkR3pET3dPMVpRUkhSTytFVHd5Wmly?= =?utf-8?B?c0xjSkVmaWJnbWcvTmdTL0VrQnJMcmd3ZnhzckdqZGNzUEt5aENTZUdjUUp2?= =?utf-8?B?UklUVUwreHZEOC9oOGtIUTdDcC9ZOWU2OUtvcy95WkxjeWd3cXYxUExjSmZj?= =?utf-8?B?SENXRDlCcG1oR3ZLZHdLYXNGNk5wNDlMQ3FrY291cVVwek9XSEVqTHJ4czhJ?= =?utf-8?B?SFh0L0NSUkhHeFYxa21UU0ZaSTRpU0svdXNVWC9EK214RXMvVDlUQzBkYXJ0?= =?utf-8?B?dTFJUlZRRGF5a3lWb1hUOTYzMS8zKzdDWTVMai8xZ2R3RURlbGZDb3RqWVli?= =?utf-8?B?aVNVanYxTHNOb0tNOUROVXgwMGNDMkM4SGlydkoxNTNnWGpOemc5YTE3bnlk?= =?utf-8?B?aGpCaTdyeVBnVENPZEQzTlZyRmpwUnF1MXBqZit3YUplclpSNDBnQzRCcjZR?= =?utf-8?B?SU5RcEhMUklPOVlibzI1ak90UFdSZG01MkJTZHNGMkhiSG5GaVEvU2I5OUZJ?= =?utf-8?B?ZFRabkcramJ1eXJUZ3c5KzdjRHEvQ3Z6OU5sWkppY2lkNmJOTzVwV3RzUEt3?= =?utf-8?B?aVBpcEtQeG1hZXVzR2JCejdzSEl1dk9OQnlCajNiZ3lXTUdRekEyRGxVbHJ6?= =?utf-8?B?S0UxRkNlbHhKUUw5TVNxSlNEUkFtU0YzRWdFNFZCUEFMWU5hY3l0M3dIck91?= =?utf-8?B?OTlyYkZXTzg0dDlGSkIxWEJJb0locHFSZXhVUmc4Qy9lTFowNld0OHpXNmNQ?= =?utf-8?B?VjArSlF5OHM2Tloxb0ZCS0VndTZISm5GTzV3SFV6VnZHb0hPdytBQlV6dUFI?= =?utf-8?B?eUlKeWhLQ0tEd2JnMUVxbm44eTVKb3RESTFVUUptV0VqWEg4b3oyTW1JeWs5?= =?utf-8?B?ODc1SkxpTHZGUEk5RDhIMmtnTHNiYlZJL2hGY0gzQTcwNkM5VStTb08yWXEx?= =?utf-8?B?aWdDWnZrUzZaWDlEQXk0LzM5amlBMDF2N05pQVpZWWtvVS91OW5jbVc1MUNQ?= =?utf-8?B?ODFaeWw5Vkw1b1VRQUloWjNBRDh2TzNMWFZGcHVGSjlVSHpPZzZYTkdvQVIv?= =?utf-8?B?ZlM5ekd0dnIzY1dDM25UaUQyUUljMUYrMEpHaHZ2VE04VzdLN0NiUFpBWVJ5?= =?utf-8?B?bm5xd0NVTEttM3phRTZIczhISVlmUnRIaUNzVGMrbGdoS3F5N3JxYm0yVVBZ?= =?utf-8?B?a2xIWm02alJwOCtQTGV0ZGVRVkc2clVuM0d0MjdGRkg0UW5XOEZzYm5wQ2FZ?= =?utf-8?B?Q3JRYkQwYm0wMG5VMWNob2M4SXB5ZXVrYTN5bkh6VXhLSm12Nm94VENGckVB?= =?utf-8?B?VWNlMG5QaGM2a2d0M1p1b1lhdWgxek4rN0FVelBWQUpvYXZTVm9hVnZoYk5S?= =?utf-8?B?ZlE5Z29ZQUJncVJLdlRQbDlSK3MySFFDNVl0eEZrOHMrZWR1ODlROGNIUUFs?= =?utf-8?B?c21RRkwxWUdmRjdOeFQwNklPNzg0Q2hkNGE3bnRDQ3FmYlZyYU1PdzZ0YWdP?= =?utf-8?B?SUE3a0xSQzVJUFVLV3RBbS81Ly9ReW9ydmNkeWtmZTV3ZXl5eDdwbnJFVlFP?= =?utf-8?B?c3pycGdydnI4d2JsTFNwek9ESGsyRFA3T0RLckdSYXh6RUJjVjJERVV1dVNH?= =?utf-8?B?Tkl6dTRMV3VBNjIydGhGRlZ3NGdSU01uWDd1ejFWdUJTYU1sT1dXelFvT0xa?= =?utf-8?B?NDRHL1pUUUxoanBScVg4QWVQMk5QM2h3SVVZL0VLTWVHYm9hejltZz09?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 11c33a7d-8bf8-4bf6-7c0f-08de4d9767e4 X-MS-Exchange-CrossTenant-AuthSource: SN7PR12MB6838.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jan 2026 02:49:41.2549 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 8tzQZR45035UyZk3vJ0pd3oDvnHVW92jfZYY8R4kK0Knk0bZRNMl0SAuqOZ2WPL4+yQhgubYGMIN+u1QlM3AkQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7977 Message-ID-Hash: KQTO4KH2HFRFR6SJGGSCI3LOXJ5YYIV3 X-Message-ID-Hash: KQTO4KH2HFRFR6SJGGSCI3LOXJ5YYIV3 X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1767754724756158500 From: Nathan Chen Introduce private data for hostdevs and allocate hostdev private data by default. Signed-off-by: J=C3=A1n Tomko Signed-off-by: Nathan Chen --- src/bhyve/bhyve_parse_command.c | 2 +- src/conf/domain_conf.c | 13 +++++++++-- src/conf/domain_conf.h | 5 ++++- src/libxl/xen_common.c | 2 +- src/libxl/xen_xl.c | 2 +- src/lxc/lxc_native.c | 2 +- src/qemu/qemu_domain.c | 40 +++++++++++++++++++++++++++++++++ src/qemu/qemu_domain.h | 18 +++++++++++++++ src/vbox/vbox_common.c | 2 +- tests/virhostdevtest.c | 2 +- 10 files changed, 79 insertions(+), 9 deletions(-) diff --git a/src/bhyve/bhyve_parse_command.c b/src/bhyve/bhyve_parse_comman= d.c index d62ea64beb..8b405206bd 100644 --- a/src/bhyve/bhyve_parse_command.c +++ b/src/bhyve/bhyve_parse_command.c @@ -687,7 +687,7 @@ bhyveParsePassthru(virDomainDef *def G_GNUC_UNUSED, return -1; } =20 - hostdev =3D virDomainHostdevDefNew(); + hostdev =3D virDomainHostdevDefNew(NULL); hostdev->mode =3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS; hostdev->source.subsys.type =3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI; =20 diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 541dad5bdc..f950f7c75d 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -2733,6 +2733,8 @@ virDomainHostdevDefClear(virDomainHostdevDef *def) case VIR_DOMAIN_HOSTDEV_MODE_LAST: break; } + + g_clear_pointer(&def->privateData, virObjectUnref); } =20 =20 @@ -3483,7 +3485,7 @@ void virDomainVideoDefFree(virDomainVideoDef *def) =20 =20 virDomainHostdevDef * -virDomainHostdevDefNew(void) +virDomainHostdevDefNew(virDomainXMLOption *xmlopt) { virDomainHostdevDef *def; =20 @@ -3491,6 +3493,13 @@ virDomainHostdevDefNew(void) =20 def->info =3D g_new0(virDomainDeviceInfo, 1); =20 + if (xmlopt && xmlopt->privateData.hostdevNew && + !(def->privateData =3D xmlopt->privateData.hostdevNew())) { + VIR_FREE(def->info); + VIR_FREE(def); + return NULL; + } + return def; } =20 @@ -13678,7 +13687,7 @@ virDomainHostdevDefParseXML(virDomainXMLOption *xml= opt, =20 ctxt->node =3D node; =20 - def =3D virDomainHostdevDefNew(); + def =3D virDomainHostdevDefNew(xmlopt); =20 if (virXMLPropEnumDefault(node, "mode", virDomainHostdevModeTypeFromSt= ring, VIR_XML_PROP_NONE, diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index cb35ff06bd..8f53ed96c0 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -364,6 +364,8 @@ struct _virDomainHostdevDef { */ virDomainNetDef *parentnet; =20 + virObject *privateData; + virDomainHostdevMode mode; virDomainStartupPolicy startupPolicy; bool managed; @@ -3588,6 +3590,7 @@ struct _virDomainXMLPrivateDataCallbacks { virDomainXMLPrivateDataNewFunc vsockNew; virDomainXMLPrivateDataNewFunc cryptoNew; virDomainXMLPrivateDataNewFunc graphicsNew; + virDomainXMLPrivateDataNewFunc hostdevNew; virDomainXMLPrivateDataNewFunc networkNew; virDomainXMLPrivateDataNetParseFunc networkParse; virDomainXMLPrivateDataNetFormatFunc networkFormat; @@ -3797,7 +3800,7 @@ virDomainVideoDef *virDomainVideoDefNew(virDomainXMLO= ption *xmlopt); void virDomainVideoDefFree(virDomainVideoDef *def); G_DEFINE_AUTOPTR_CLEANUP_FUNC(virDomainVideoDef, virDomainVideoDefFree); void virDomainVideoDefClear(virDomainVideoDef *def); -virDomainHostdevDef *virDomainHostdevDefNew(void); +virDomainHostdevDef *virDomainHostdevDefNew(virDomainXMLOption *xmlopt); void virDomainHostdevDefFree(virDomainHostdevDef *def); void virDomainHubDefFree(virDomainHubDef *def); void virDomainRedirdevDefFree(virDomainRedirdevDef *def); diff --git a/src/libxl/xen_common.c b/src/libxl/xen_common.c index 890ef11723..e6a372e078 100644 --- a/src/libxl/xen_common.c +++ b/src/libxl/xen_common.c @@ -445,7 +445,7 @@ xenParsePCI(char *entry) } } =20 - hostdev =3D virDomainHostdevDefNew(); + hostdev =3D virDomainHostdevDefNew(NULL); hostdev->managed =3D false; hostdev->writeFiltering =3D filtered; hostdev->source.subsys.type =3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI; diff --git a/src/libxl/xen_xl.c b/src/libxl/xen_xl.c index b2ff0edcf2..e62302736b 100644 --- a/src/libxl/xen_xl.c +++ b/src/libxl/xen_xl.c @@ -930,7 +930,7 @@ xenParseXLUSB(virConf *conf, virDomainDef *def) key =3D nextkey; } =20 - hostdev =3D virDomainHostdevDefNew(); + hostdev =3D virDomainHostdevDefNew(NULL); hostdev->managed =3D false; hostdev->source.subsys.type =3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE= _USB; hostdev->source.subsys.u.usb.bus =3D busNum; diff --git a/src/lxc/lxc_native.c b/src/lxc/lxc_native.c index 7700804429..a94427b027 100644 --- a/src/lxc/lxc_native.c +++ b/src/lxc/lxc_native.c @@ -376,7 +376,7 @@ lxcCreateNetDef(const char *type, static virDomainHostdevDef * lxcCreateHostdevDef(const char *data) { - virDomainHostdevDef *hostdev =3D virDomainHostdevDefNew(); + virDomainHostdevDef *hostdev =3D virDomainHostdevDefNew(NULL); hostdev->mode =3D VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES; hostdev->source.caps.type =3D VIR_DOMAIN_HOSTDEV_CAPS_TYPE_NET; hostdev->source.caps.u.net.ifname =3D g_strdup(data); diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index ac56fc7cb4..85eea1801f 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1238,6 +1238,45 @@ qemuDomainNetworkPrivateFormat(const virDomainNetDef= *net, } =20 =20 +static virClass *qemuDomainHostdevPrivateClass; + +static void +qemuDomainHostdevPrivateDispose(void *obj) +{ + qemuDomainHostdevPrivate *priv =3D obj; + + VIR_FORCE_CLOSE(priv->vfioDeviceFd); +} + + +static int +qemuDomainHostdevPrivateOnceInit(void) +{ + if (!VIR_CLASS_NEW(qemuDomainHostdevPrivate, virClassForObject())) + return -1; + + return 0; +} + +VIR_ONCE_GLOBAL_INIT(qemuDomainHostdevPrivate); + +virObject * +qemuDomainHostdevPrivateNew(void) +{ + qemuDomainHostdevPrivate *priv; + + if (qemuDomainHostdevPrivateInitialize() < 0) + return NULL; + + if (!(priv =3D virObjectNew(qemuDomainHostdevPrivateClass))) + return NULL; + + priv->vfioDeviceFd =3D -1; + + return (virObject *) priv; +} + + /* qemuDomainSecretInfoSetup: * @priv: pointer to domain private object * @alias: alias of the secret @@ -3563,6 +3602,7 @@ virDomainXMLPrivateDataCallbacks virQEMUDriverPrivate= DataCallbacks =3D { .chrSourceNew =3D qemuDomainChrSourcePrivateNew, .vsockNew =3D qemuDomainVsockPrivateNew, .graphicsNew =3D qemuDomainGraphicsPrivateNew, + .hostdevNew =3D qemuDomainHostdevPrivateNew, .networkNew =3D qemuDomainNetworkPrivateNew, .networkParse =3D qemuDomainNetworkPrivateParse, .networkFormat =3D qemuDomainNetworkPrivateFormat, diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index 3396f929fd..e91435c062 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -461,6 +461,18 @@ struct _qemuDomainTPMPrivate { }; =20 =20 +#define QEMU_DOMAIN_HOSTDEV_PRIVATE(hostdev) \ + ((qemuDomainHostdevPrivate *) (hostdev)->privateData) + +typedef struct _qemuDomainHostdevPrivate qemuDomainHostdevPrivate; +struct _qemuDomainHostdevPrivate { + virObject parent; + + /* VFIO device file descriptor for iommufd passthrough */ + int vfioDeviceFd; +}; + + void qemuDomainNetworkPrivateClearFDs(qemuDomainNetworkPrivate *priv); =20 @@ -1174,3 +1186,9 @@ qemuDomainCheckCPU(virArch arch, bool qemuDomainMachineSupportsFloppy(const char *machine, virQEMUCaps *qemuCaps); + +virObject * +qemuDomainHostdevPrivateNew(void); + +int +qemuProcessOpenVfioFds(virDomainObj *vm); diff --git a/src/vbox/vbox_common.c b/src/vbox/vbox_common.c index 26c5fdfef6..d2a8cf8da4 100644 --- a/src/vbox/vbox_common.c +++ b/src/vbox/vbox_common.c @@ -3090,7 +3090,7 @@ vboxHostDeviceGetXMLDesc(struct _vboxDriver *data, vi= rDomainDef *def, IMachine * def->hostdevs =3D g_new0(virDomainHostdevDef *, def->nhostdevs); =20 for (i =3D 0; i < def->nhostdevs; i++) - def->hostdevs[i] =3D virDomainHostdevDefNew(); + def->hostdevs[i] =3D virDomainHostdevDefNew(NULL); =20 for (i =3D 0; i < deviceFilters.count; i++) { PRBool active =3D PR_FALSE; diff --git a/tests/virhostdevtest.c b/tests/virhostdevtest.c index aec474a148..a35c1d9402 100644 --- a/tests/virhostdevtest.c +++ b/tests/virhostdevtest.c @@ -124,7 +124,7 @@ myInit(void) =20 for (i =3D 0; i < nhostdevs; i++) { virDomainHostdevSubsys *subsys; - hostdevs[i] =3D virDomainHostdevDefNew(); + hostdevs[i] =3D virDomainHostdevDefNew(NULL); if (!hostdevs[i]) goto cleanup; hostdevs[i]->mode =3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS; --=20 2.43.0 From nobody Fri Jan 9 07:53:10 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1767754530893937.3071375595075; Tue, 6 Jan 2026 18:55:30 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id D809841BA2; Tue, 6 Jan 2026 21:55:29 -0500 (EST) Received: from [172.19.199.83] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id A6C8F43EAD; Tue, 6 Jan 2026 21:50:18 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 445D541B50; Tue, 6 Jan 2026 21:49:51 -0500 (EST) Received: from SN4PR2101CU001.outbound.protection.outlook.com (mail-southcentralusazon11012048.outbound.protection.outlook.com [40.93.195.48]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 34AE641B72 for ; Tue, 6 Jan 2026 21:49:44 -0500 (EST) Received: from SN7PR12MB6838.namprd12.prod.outlook.com (2603:10b6:806:266::18) by SN7PR12MB7977.namprd12.prod.outlook.com (2603:10b6:806:340::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9478.4; Wed, 7 Jan 2026 02:49:42 +0000 Received: from SN7PR12MB6838.namprd12.prod.outlook.com ([fe80::69ae:2df4:372b:6fbc]) by SN7PR12MB6838.namprd12.prod.outlook.com ([fe80::69ae:2df4:372b:6fbc%7]) with mapi id 15.20.9499.002; Wed, 7 Jan 2026 02:49:42 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=fpxp60WEG+mISk4/vnDcBcUNcUY38KeqrZue9sQWctxqapH5ZV+jVyqv4FPjSjhphULYj/NSwCjNYdF0usUlG9rRjGj0h1GGGd422J8BpK5W54L9VXH69KxMu/8FxHTKleVlVkg+WMCT3eB+iXEIS7PB3qQvq+xa5eFZFvcAXlSDpYl2psuxEgMbpnHUYsEOl+cTyl77l17b9odTGWyglY+upygguPk/3MnV6Vo5Rgs3OMjUqNJf4JoQ1cM11O6nVgd8p+eRDOv9OZAOeqAQSnjDkl9SPAM2poPUbN6lhOzhVN2nrUu6iL1CTclmltpthGg1V01vrTE+7MYJc5B6cQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4XEtfusprL7mfcov4IKWFeZ3Jz7siH+CERcBaa7xdTg=; b=W7Zs0Ky8rXX0o3jw8HK2cSeA1yxL0LO5eqBVMAAdx2kP0aHYVejV0EYzqondm3rqcXRG+aI8tjhDji1IhXeaFOABwdZm0byWgl6A4/Y6sq6yBI3a15HcIwCW3B4csOEbDPTsqWN2g8l6FQPdDbem6LIpiRKLEvtxIkrFhF7V3v+Fj0v5WWHOAfmlopOBaO6+pbgCLxOGp4Lvg1DeowacjzR6t1tfo1acEmuIb8lC95GSN29Dutx5suPXfF4y4qxmkvtxk7YXKdEnZ6sYFIBhPHELbSEOVgcYQYjQARPeYr95dVSxpzNkdFOw/dOkA87k5031JhNVRwe7bc1kkCHvEg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4XEtfusprL7mfcov4IKWFeZ3Jz7siH+CERcBaa7xdTg=; b=fsFQDaB3E8OheGf4gWCn9ZBlzGr5qcJWvZ5cerMSMX0wj+IvL4e4cqkJT+Rcx4fYlgtfHm19A8RNtunkXrl8i8Oj+0w6Oaa8ZAb9tRgtNGsMbrjHoXOyU2sUZHoZNUK0SvqBkwEzT6uS+/7yiNAfvyNkTSekC8ao8LKOJLL1IDz/DSkOrP+zxJ3qxHWbAz7C3aLyxbhd/V5S4YPfc9PE+P934JINZ90CrkCwy24LZyfxZc21a8lCxp6nq/eetH1opK0LITJqtts/D5Z2L3oycOdUuktkU8ONl4J3kjeVvC6oT5Rc/M6RoqqkVCycWbR6mp7F6CybLHAERCvyqP8haQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v4 3/7] qemu: Set per-process memory accounting for iommufd Date: Tue, 6 Jan 2026 18:49:34 -0800 Message-ID: <20260107024938.461794-4-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260107024938.461794-1-nathanc@nvidia.com> References: <20260107024938.461794-1-nathanc@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SJ0PR03CA0136.namprd03.prod.outlook.com (2603:10b6:a03:33c::21) To SN7PR12MB6838.namprd12.prod.outlook.com (2603:10b6:806:266::18) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN7PR12MB6838:EE_|SN7PR12MB7977:EE_ X-MS-Office365-Filtering-Correlation-Id: 9d076b03-e708-4f74-b9f1-08de4d97687c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|366016; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?yQ2+dL6+HWCF15rVPho1sq7ZlB93reyRUe6P0Qa54Gq8uO33eSKHhfxe6xoH?= =?us-ascii?Q?8dwgwKeJNbgSlHzdDdE1gZ4HdPPatIbdQROsPE3yETfqc8y0obdMuZugBuwR?= =?us-ascii?Q?uLOhzXDngi/9l7G4rioY9w6nM8Ce0aRwRilq4uyx8ExUOiUQfatD35FaoZwY?= =?us-ascii?Q?74D5KObwsL/CDekKIREzJ9ENiDZB2PEAb0gt/3ttUS/x0Nh+kpbAwcAyaLYO?= =?us-ascii?Q?46ZlQ3QL60sbH/Nn2UP4PWpQlxQ9AD5jwqH+xC+PSx6GdSJ7mVN8YMNT83Jz?= =?us-ascii?Q?SE+bDK4HXtb3X4sDbSHtWP+ZiiNKDRL74gdFQTgUx1uIsAHbTWbrUHbVg7/P?= =?us-ascii?Q?2RceToFQAV8Lk++F7tJZfdA0JfkxkO0AaahLy9Tq6rQa7fs5VRNPSywkhPT+?= =?us-ascii?Q?FW71w0Ffp9Y4rFuNjOU3bT38h2y5fdHwrf+I+My46Nsdv4fO7nIDHQKaQT2A?= =?us-ascii?Q?mr810TE8EDG52h0xleXkm+Dd8sLNEXtTLY7VYHQJq0rC1vlnnuiaHHUfLk/s?= =?us-ascii?Q?QqGYBhyo9IHgmpEpwIUhNoEJNxn9N7nVk023rAlz29afnFKeg2NRqP6FgGaZ?= =?us-ascii?Q?U3YaRXuP4e/35M7qwai5z+Dm3YCocZQktYEVYaWLetHCUt7C90MHrixisTi9?= =?us-ascii?Q?QA1WMiYhmZfSXC0oFKzhA4qys8bAe85GWQUxQhn+wO/nhHEDbGrQF02aThxo?= =?us-ascii?Q?2ixDrDUDoBGTWAA2qj5cg6abIMN3ylcgHc48kdhRQD+xkN+CFwz50TB1HBAA?= =?us-ascii?Q?0kAJfbj2XFIpF/fRQ8vuuUU905viL1+0limLvgIczrFSiL12scZAl1ILvQQg?= =?us-ascii?Q?yz4Q1bmh7Xy1LSbqvpTMuxtCZCocieODOTyH3DlOk6hanJMYd726UByW50P9?= =?us-ascii?Q?8XjagFHRAA43oOS04gl6xry1HzFumpBtzCLgDZmHmpfuRn9LnTmq19RIGhwy?= =?us-ascii?Q?g+VCHc4E4vBHzLHG9DCyFPej4raSRvCTieulRK3bVsqNp6Z/SG2CO1H7cmdD?= =?us-ascii?Q?LHsSiePhQcihjHu/1irSRBZ8noB9lUiY1cbkHn8ubZLxDs95nQLX0SD3ciGp?= =?us-ascii?Q?WxkgVk57dN5ciR4J6eSWvj6JyBJwLaXUFqURd2Jfqdpa8kAYO08AgytalSY6?= =?us-ascii?Q?pGBTRSo/B3DvvV9PxsLJaBI9fUYfBZRtzZSzrWQY3KxxSK9jM1tg56Fkdpui?= =?us-ascii?Q?5U+s5a/YJb30AnD4KtQxYFi3XZ9DkLr1Lg2u8Qy1FpaoTwQ+0JxtvQICdGg/?= =?us-ascii?Q?YJGKdiDJFNVnEc488nwgPYrHxtzAVOOfjCYvKPNo/62MzJruBRpTrWu7TFC4?= =?us-ascii?Q?daF2pmaBUlKWDIjAiQ7Ejs0xYQzlAyi5BMCVblF9jwt8o9WZhMKqDgL5al4n?= =?us-ascii?Q?tTNqa/KTJ2x4/Fua1Tviogv0OU9i9iK/5kf60DYjdutnyNanrDCRCgAezF0i?= =?us-ascii?Q?hATaqONTfMszfkEfzUhK2kZy+2E9kLmM4l2P1X9s/R7v61I92sfDCw=3D=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN7PR12MB6838.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?44SDJvknqSD0YcpUsGKkJ/ND3RkGHOQo2FCPcw0H95qb+sNFyy0UNrj+sTi8?= =?us-ascii?Q?P19BCntzGqO1H9eHZmpWvi/PUyfLlMFFf3LpQnpgL97VOX04LiN/JGLzcr17?= =?us-ascii?Q?AGfTJHXxsbRjM3aQK2wTIQBp8+Rjg7fOmcJKpiv6dmyIMdXl25zKkECqkG3r?= =?us-ascii?Q?aLI5R7vWMy5LPnXJyvDXZnznSGS2SdF+6kfFOrdDVji98uONMfHBHwCbEsEo?= =?us-ascii?Q?mPDztDeK+M2Tmood00xOdJDuJ8I8Ta5vr/rk3wmoQ00OS+arqoZVVGwx4jdG?= =?us-ascii?Q?d17ieZd1eTMHil2p2gPVd72w5PEd8eXJzFIUAswy4yytjGKFoZ5azb4uilL1?= =?us-ascii?Q?nwmDWtQHtSw7L8BqBg3zXjd8a3Yx0C8ytCYFFV13S6RdW29Itjqg7Kty/Es/?= =?us-ascii?Q?fbyAQUT/UXUyR80R9c9dlR/WApBLKdxWZEN/oAtRxkGy4jb4riXR9qGsHs3r?= =?us-ascii?Q?5233jlijSRkNW8IMoN0kkhzkBhUM8hLtSX4STYB4LGU9ezUMq/6r82bzHv+1?= =?us-ascii?Q?IbxekeS8TUa86ZA40R/hEMMEVH5vryfwlzktKkIdFu6INbbE9rWj5CypZLrp?= =?us-ascii?Q?FDyYhZD4dYNPdeQZhtSk7LNmDn8s8TIQ7mV9WfSVlNQ840jHSYsh+7zp6qKf?= =?us-ascii?Q?5lx4olChNv8KOUBIZLky1tTsCjpi1Skr1Ox6gESARipKdKROTjQeiPqr0lQh?= =?us-ascii?Q?nfwJgRLUvYxjs+kv4GX68l0YXHprHkI5KJ3kMLiP2s4OQBGDw2jVPrLfbUbW?= =?us-ascii?Q?wUDvZSJz1zTKe7t0YadFOZS0oruJ+6viCcULSJ6gy86/ytWvWYCryuhPOj0T?= =?us-ascii?Q?fDvNshwUyZwWyLHpqwSiqpGZ9WDzXUYiGM66D4m7jPTzczBoW0gDFPFE1oeL?= =?us-ascii?Q?6Z8AQ4ExrGEj/jrLjUT8FdGypgjD2SCqntImElEVmVyIRdpiCcSio1rklSie?= =?us-ascii?Q?IVrnH1/Srz/y2C83mmzUQ3KjwFFH73Ck8qPUXJzT3k9savlmkmgJg8F/X1lh?= =?us-ascii?Q?KzJVthilMcQ/zisLkHl+VTG+ORciHGG31E3omyo8NC90jNUCl6Wx4gE/hgXO?= =?us-ascii?Q?ebbJblPRSXJvD8fJt3x2ztwK/CGWEh3wojiet03X2yMFCcjAM/OvsslJCLLi?= =?us-ascii?Q?VNSaWAv9rJ0BSbzWwawlZFXYGTLTXKnEszbjfFuAgV7XLU+ufaS6zh4Fu1Nm?= =?us-ascii?Q?2r0uKa38H65/lZ+PhoPs0a6dxn2pK7ZIySkUIo3DcvfXRX9x7SeFYB4xX/mn?= =?us-ascii?Q?hSGUtYGYmIvIx/8GgpFkVD8hHafiDyLj+fjO9qDd/jeE0NVX2Sp+v30my9NW?= =?us-ascii?Q?FdTpCV6BIb8PQ9gnOpNLI/Clfv+xbH2y2kqYg+NRrbSqkC8DIAOEvDih31um?= =?us-ascii?Q?2FABjFZ4iplfwOLnBfMuT/pSEBZXeYJar7NhzLySf8V5oHqg7ms6m1cSLomc?= =?us-ascii?Q?hCBU1OElx1gkLJI27aqiX3I9IPz0Z5uc9bVfZmEUtG11B7ugf/xaB6aHj72P?= =?us-ascii?Q?E+5Cm8GGetfOlwMsqMXSMbtPctEEORX2W8M902mZ2v7TyqcbrRk+Pogav4DJ?= =?us-ascii?Q?gXbjjFjabPffnwy/Npp7zY80VBONHtL+DBiAotJQn5Lfvi+GbktNeYyGie9V?= =?us-ascii?Q?i2c0b98LOOjBsiJI4DDiy1XtryvrvvaJm5o7tAICrzoUvYs2YUyydc9s2qQU?= =?us-ascii?Q?HUjr4w5Mlz/S/5+uQ1sqKkBSsbsEGJPQ7RQ50wJF+FQO2r4vLIMm+UmjLk7P?= =?us-ascii?Q?pqE1zH8N1Q=3D=3D?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9d076b03-e708-4f74-b9f1-08de4d97687c X-MS-Exchange-CrossTenant-AuthSource: SN7PR12MB6838.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jan 2026 02:49:42.2469 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: x9XkuRf/+PjTCmvMkWbNvbRgHP73HpgjjsZlnrs/1wHn4jXl+IMQZC07jbpnpaAAjHpoIhkTUZn8ju2W8/YqLw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7977 Message-ID-Hash: H36IH7DQVOIIIAOCD7SG5XHGDOMPU3LY X-Message-ID-Hash: H36IH7DQVOIIIAOCD7SG5XHGDOMPU3LY X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1767754532116158500 Content-Type: text/plain; charset="utf-8" From: Nathan Chen Integrate and use the IOMMU_OPTION_RLIMIT_MODE ioctl to set per-process memory accounting for iommufd. This prevents ENOMEM errors from the default per-user memory accounting when multiple VMs under the libvirt-qemu user have their pinned memory summed and checked against a per-process RLIMIT_MEMLOCK limit. Signed-off-by: Nathan Chen --- po/POTFILES | 1 + src/libvirt_private.syms | 4 ++ src/util/meson.build | 1 + src/util/viriommufd.c | 127 +++++++++++++++++++++++++++++++++++++++ src/util/viriommufd.h | 27 +++++++++ 5 files changed, 160 insertions(+) create mode 100644 src/util/viriommufd.c create mode 100644 src/util/viriommufd.h diff --git a/po/POTFILES b/po/POTFILES index f0aad35c8c..c78d2b8000 100644 --- a/po/POTFILES +++ b/po/POTFILES @@ -303,6 +303,7 @@ src/util/virhostuptime.c src/util/viridentity.c src/util/virinhibitor.c src/util/virinitctl.c +src/util/viriommufd.c src/util/viriscsi.c src/util/virjson.c src/util/virlease.c diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 4e57e4a8f6..a8eadbfb8a 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -2652,6 +2652,10 @@ virInhibitorRelease; virInitctlFifos; virInitctlSetRunLevel; =20 +# util/viriommufd.h +virIOMMUFDSetRLimitMode; +virIOMMUFDSupported; + # util/viriscsi.h virISCSIConnectionLogin; virISCSIConnectionLogout; diff --git a/src/util/meson.build b/src/util/meson.build index 4950a795cc..9fb0aa0fe7 100644 --- a/src/util/meson.build +++ b/src/util/meson.build @@ -46,6 +46,7 @@ util_sources =3D [ 'viridentity.c', 'virinhibitor.c', 'virinitctl.c', + 'viriommufd.c', 'viriscsi.c', 'virjson.c', 'virkeycode.c', diff --git a/src/util/viriommufd.c b/src/util/viriommufd.c new file mode 100644 index 0000000000..0f87f95330 --- /dev/null +++ b/src/util/viriommufd.c @@ -0,0 +1,127 @@ +#include + +#include "viriommufd.h" +#include "virlog.h" +#include "virerror.h" +#include "virfile.h" + +#ifdef __linux__ + +# include +# include + +# ifdef HAVE_LINUX_IOMMUFD_H +# include +# endif + +#define VIR_FROM_THIS VIR_FROM_NONE + +VIR_LOG_INIT("util.iommufd"); + +#ifndef IOMMU_OPTION + +enum iommufd_option { + IOMMU_OPTION_RLIMIT_MODE =3D 0, + IOMMU_OPTION_HUGE_PAGES =3D 1, +}; + +enum iommufd_option_ops { + IOMMU_OPTION_OP_SET =3D 0, + IOMMU_OPTION_OP_GET =3D 1, +}; + +struct iommu_option { + __u32 size; + __u32 option_id; + __u16 op; + __u16 __reserved; + __u32 object_id; + __aligned_u64 val64; +}; + +# define IOMMUFD_TYPE (';') +# define IOMMUFD_CMD_OPTION 0x87 +# define IOMMU_OPTION _IO(IOMMUFD_TYPE, IOMMUFD_CMD_OPTION) + +#endif + +/** + * virIOMMUFDSetRLimitMode: + * @fd: iommufd file descriptor + * @processAccounting: true for per-process, false for per-user + * + * Set RLIMIT_MEMLOCK accounting mode for the iommufd. + * + * Returns: 0 on success, -1 on error + */ +int +virIOMMUFDSetRLimitMode(int fd, bool processAccounting) +{ + struct iommu_option option =3D { + .size =3D sizeof(struct iommu_option), + .option_id =3D IOMMU_OPTION_RLIMIT_MODE, + .op =3D IOMMU_OPTION_OP_SET, + .__reserved =3D 0, + .object_id =3D 0, + .val64 =3D processAccounting ? 1 : 0, + }; + + if (ioctl(fd, IOMMU_OPTION, &option) < 0) { + switch (errno) { + case ENOTTY: + VIR_WARN("IOMMU_OPTION ioctl not supported"); + return 0; + + case EOPNOTSUPP: + VIR_WARN("IOMMU_OPTION_RLIMIT_MODE not supported by kernel= "); + return 0; + + case EINVAL: + virReportSystemError(errno, "%s", + _("invalid iommufd option parameters")= ); + return -1; + + case EPERM: + VIR_WARN("Permission denied for IOMMU_OPTION ioctl. " + "Per-user-based memory accounting to be used by d= efault."); + return 0; + + default: + virReportSystemError(errno, "%s", + _("failed to set iommufd option")); + return -1; + } + } + + VIR_DEBUG("Set iommufd rlimit mode to %s-based accounting", + processAccounting ? "process" : "user"); + return 0; +} + +/** + * virIOMMUFDSupported: Check for presence of /dev/iommu on host. + * + * Returns true if the file exists and false if it does not. + */ +bool +virIOMMUFDSupported(void) +{ + return virFileExists(VIR_IOMMU_DEV_PATH); +} + +#else + +int virIOMMUFDSetRLimitMode(int fd G_GNUC_UNUSED, + bool processAccounting G_GNUC_UNUSED) +{ + virReportError(VIR_ERR_NO_SUPPORT, "%s", + _("IOMMUFD is not supported on this platform")); + return -1; +} + +bool virIOMMUFDSupported(void) +{ + return false; +} + +#endif diff --git a/src/util/viriommufd.h b/src/util/viriommufd.h new file mode 100644 index 0000000000..ec6be9fa66 --- /dev/null +++ b/src/util/viriommufd.h @@ -0,0 +1,27 @@ +/* + * viriommufd.h: iommufd helpers + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * . + */ + +#pragma once + +#include "internal.h" + +#define VIR_IOMMU_DEV_PATH "/dev/iommu" + +int virIOMMUFDSetRLimitMode(int fd, bool processAccounting); + +bool virIOMMUFDSupported(void); --=20 2.43.0 From nobody Fri Jan 9 07:53:10 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1767754645340478.8104796311512; Tue, 6 Jan 2026 18:57:25 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 64DF141BCF; Tue, 6 Jan 2026 21:57:24 -0500 (EST) Received: from [172.19.199.83] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 3941A43F15; Tue, 6 Jan 2026 21:50:34 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id EF54D41BA4; Tue, 6 Jan 2026 21:49:51 -0500 (EST) Received: from SN4PR2101CU001.outbound.protection.outlook.com (mail-southcentralusazon11012042.outbound.protection.outlook.com [40.93.195.42]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 8EE3041B9E for ; Tue, 6 Jan 2026 21:49:45 -0500 (EST) Received: from SN7PR12MB6838.namprd12.prod.outlook.com (2603:10b6:806:266::18) by SN7PR12MB7977.namprd12.prod.outlook.com (2603:10b6:806:340::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9478.4; Wed, 7 Jan 2026 02:49:43 +0000 Received: from SN7PR12MB6838.namprd12.prod.outlook.com ([fe80::69ae:2df4:372b:6fbc]) by SN7PR12MB6838.namprd12.prod.outlook.com ([fe80::69ae:2df4:372b:6fbc%7]) with mapi id 15.20.9499.002; Wed, 7 Jan 2026 02:49:43 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=EHtgrCj0Y072gVcA+GLoxxEBoSN6DEYDjHjgBd/mTWRmSQ0KgZckRhu9GFofBVUxhmm1wpLpyTNFxPvCKSO/I8CYjK2WqzZqHURaTiu2ZIMnCMuj5eQwk3HjIJf8G9lUZHohkNKC/BsRiKBhhLBgVOyKJP5Z+youMRv1s2k4ZUqoJumv6wkBkJrfvjwaAsZHNEgD4w9wOjLM1uqKlmIJGTyKI/zYGER80HVkMV7ks8pU6jyA17dERaawqcnBZ4yyAD2awey06FyVvUYSc0euOmCshYUxSjtGtOLz5ArCMjm0FK3APIdNA1U2hbcEcD3D6sm3s48dcNTqE1oLsg2HJQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=sKvBp80mQ/WAL9SKUsKhYAmrRJq6TYxSmDVvD+nx/X0=; b=r8htGaERSSFrHlYAIATYhDbfTZDaGRsm0OPWqrrihDcWxHFMVT7o2Ppf9FaiieCxvL7eRO8dIMMFJ95FgqSaG6PxZKZvGIsz/ravFp1xTz9Z9D/72+e3aPDqoycN2ravtVtuDmBX9Smutsnp/dDoCfaFykokVs4K7Syegt4Yft9Jl7GG4uB4r1DSfskUUncvCNtgwhAoZ6HdSgEnycdnbdF2gJk7hfAGqsPjF9mol6t+UwP04/4Y/PU99lp97nHNQPAJtfk5I1LGLi0GD30USpWi0DOlD3xev3vaw0PkN6MOh9WPo97GtyGtyo8CcswqmeiwFgFPNbo+4sGkxds3vg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=sKvBp80mQ/WAL9SKUsKhYAmrRJq6TYxSmDVvD+nx/X0=; b=Od/+8Ce/mt4Yeudi4w+XStfmpgvDNLRi/wCPvQeKzM/oM6OsRDSG4XRrpgNI7ijqUBOcW9nvR3FRxY/amaVFu2VSjjfAxEAKHYKFcJkhVNX9lkjD1b6D34PK62x7+oe3A9dPA0OiK4LY2eSeSCK7AYEVkDaFA0uUnsIo4DlAiPZTquuPwDoHLB7giZKRWRIzfv9m35o/bnRu81Z7C9EbLgzTeZyVDb5LeWDOmeB/fCVgWULGKXujueXOpgMnUKMNU2G8P/ajjvD0qT9Zqo89DtywFoktCnQltpATLMEwMYYipP9lDcU5/WheSMaTZB1ntR66x2TrW1lQ1nRgfKweuQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v4 4/7] qemu: open VFIO FDs from libvirt backend Date: Tue, 6 Jan 2026 18:49:35 -0800 Message-ID: <20260107024938.461794-5-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260107024938.461794-1-nathanc@nvidia.com> References: <20260107024938.461794-1-nathanc@nvidia.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: BY3PR03CA0020.namprd03.prod.outlook.com (2603:10b6:a03:39a::25) To SN7PR12MB6838.namprd12.prod.outlook.com (2603:10b6:806:266::18) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN7PR12MB6838:EE_|SN7PR12MB7977:EE_ X-MS-Office365-Filtering-Correlation-Id: adab5f8d-1e88-423d-0f64-08de4d976914 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|366016; X-Microsoft-Antispam-Message-Info: =?utf-8?B?T0RKS05Xa3MybWlzcHVnY3dyNWpGb0VTbElGMDJsY0dpcCtzY3A1N29xaEI4?= =?utf-8?B?QzFKNk5hZmtBbzd0YkxLWGd1bzFqN05BKy8wMnpwaVlRSEZuc3pMVlpsd3Vh?= =?utf-8?B?cnBGUnFCMVQ4TS8yY1Z6WnVlcWkyWnArM2hwMmViY1p0RHBOYk1UL2oyMUVq?= =?utf-8?B?UGdNSHRGMGpPVStXMW92aWNiWklvOVJxQlhHbUZrZ1I0dDBsa0FVS2ZCQjVw?= =?utf-8?B?aFdnZTdiNHpJME5GVzYyK1d6MU81OExkaXZEYnJTT1NndkhBbnZvUzFCd29F?= =?utf-8?B?NWVBOUgvcXp2YTg2bVBjSldkY1lIdzArU3Q1U3lyZWlKclA1dW9oZW52aDlZ?= =?utf-8?B?MEx2SWRHUGg1V1E4OEM2Z0ZkRnFhOTRPVStzcE9ib05JaFRCMUxoN2dPL0or?= =?utf-8?B?ZEEzZTBUYnVwUkV5YTFkOFFVZUIwbmhWQzdJZytYNVYrWnh2Smx5VVRYc2M3?= =?utf-8?B?NGpLOTNDcmdBQTNVZGx3NlFGNFNhY05nbENIVjhjVW9WUENFNnZEWTBjMElQ?= =?utf-8?B?YktxTjJESjY2VlhNSmE3T1BNUzhiRzU5YXV2WHFJVDBlWlZBL3NHRVdYenNH?= =?utf-8?B?UU5wd0hXSFVsRUdZOGdXUWJ2Vkx3cUF4S0RobG9zNXFMYmJGaXZPWjNOWUJT?= =?utf-8?B?Y3NDRzlKcFpaL3VzQUdSL3JiMnJqT2NueGVWbmdjQ3pjdzI2UUdzYlBzZ2xh?= =?utf-8?B?NkJmR1BkdHBHd2xzZEFrKzU2RnZJY0lUNEFpRDFnMWQ2UDVORVlRQTZ3dEhD?= =?utf-8?B?RGJIdzgxTzA4MXZNaWFXTWNMWmVnTUZ5NVNhZEN1RmtoTHVNRy90UTRFNjZj?= =?utf-8?B?Tk12bncwalpTMXRqTkt3OHQ5WWJDWWs0c3Q1amdYTjQ2RTJBUjN0QW1PTHFD?= =?utf-8?B?TW16d3N0cCswRlNXY1QxR2UwaXNaZ1B1eWZkSEl3ai9yL05Ya3BtNjQ0QUIv?= =?utf-8?B?dVV3TlAydExDRzNZVXlja2JZLzZlbnRZR09MSzZSTnkyOHoxTlF3clo5aitP?= =?utf-8?B?aTlLUml3aksxUVhQc3kxWTFvS1orQzVFOWtxLzh2SDg1MWQ3UHNqSWFzaUh3?= =?utf-8?B?L3JBanIyZzVhWDU0d2hwSCtuZW5peFdqZmwrZXZGR3FvRHMxcldodk9yM1FP?= =?utf-8?B?Q2h6WDN0QUJxQUN0ZGhxc1VjbTFuaVNrczg2ZWErRk5RdGF2TzY2b2xMT3Nl?= =?utf-8?B?eERVd1BPVkR0bEhNZDRxTXZvQWdXSUo5TVduK0U2clluRzJiN3VZMnE4bGFt?= =?utf-8?B?OGtMNnV5QmJXa1ZjYnFLTitCQ0ZzZUpsTzJpSGtYcVplUk1BbzdqTXUyMmZy?= =?utf-8?B?ZVlIUnNEMk5xa2VoNElaVG94bE5hNXMyaHdMV2pvREVzRjgzaU13eXBFQnhQ?= =?utf-8?B?WWxDL1BFQ0ZnNmVndWVWckR6YWJuL1dDZGl0NWZkaUNEc1c2eDZuM3NZWUNL?= =?utf-8?B?dForMWg4MldiNERCZ0VxTG1udmd5RGhVQmlCNmo5em9UM2pBZkszVVRSbFVQ?= =?utf-8?B?a1lGUWtZL0FLeEF2ZHRBK3REL0lLcHZ4M0dLUDFHZ0gzblNFRE5vNnZoeHVY?= =?utf-8?B?WnFuVFNNWFl3Ymk4UjJjWFBRNEVuL3JQaE5VNVVnOGE1VWtoUk83VGFsK1dj?= =?utf-8?B?TWEzWWx4M3ZHMVNaY0RQb2xkMkRiRUQxZDA2R09NNGc2TkVxcjdnQjZTZjJx?= =?utf-8?B?M1k4NEdsbWVkVlc1bExuT1RGVGkzMlBQVWdaWjRUb1JIeCtZSHRWK204cElM?= =?utf-8?B?blRSMXJzdFZRWW1La1pVc0VWRFpLcE9FTVJPRXdHMHhhUGhKYnlGamZGYkF3?= =?utf-8?B?OHIzVTdTeTRWRFhrbFZnVFZpVXlHaHAwT2thRTdiWXZCWmRTa1JEREJkZjda?= =?utf-8?B?SzFkZzhrdUgxb0t6RnNDb0JUcTFtSGkyRldaZnZLdzkwVHZ3U3dnd3prVnoz?= =?utf-8?Q?l0FXIaascC0q0Us1eK2NER+mx2pqoqE+?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN7PR12MB6838.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?bnZiTHN5Mi9rVHJaelMzekExaHdPT3E2cTVRbnV3UG95OGNJK0ExT3hlbEtQ?= =?utf-8?B?eUhKdlRmUUNId0FrdWJzYjdaRjJaWFZlY0YyWHVqU2RXaXltZCs3N3dVbWkr?= =?utf-8?B?RTgyREc1TWptVWlNV011K200UDZENVdnYjlOQnRPQ252ak54UCtLR0dvRCtT?= =?utf-8?B?Q29rSlc1MnBoVkJtdTk5TUVSaDFERDV5a2N2UFFkZTQ3MTF1a29LckFyZFF6?= =?utf-8?B?dGdCN0VRWDRGNDVwMEtPdStERTVoUG9aelhHLzlML3F2aWgzZ1p5M2Z5YmNq?= =?utf-8?B?dVV5SVVFT3hyZW82c3RHSkpwbUt2SDVFUUJzM0VualNMZU1LbStrRlBsY2tG?= =?utf-8?B?Y2pHQitmNktKK0oyUkM3UGl3aE1hT2pDa1ZTZ0ZFQjJCWXJiN2lwMmVpZ0ZX?= =?utf-8?B?aDhqNzZ5ZURFVVRZR05zR1JUQ1NhTjdHQndMM3lWeXY0WEVEZk4xVjRVNGxR?= =?utf-8?B?UjZzaEMxVWx5czhxTDczRGNZb2Q1Qm1IUHpRRDZuMWJFNVZpOUcxbGRKcDFr?= =?utf-8?B?YkxadW1wZTJXKzEydnEvWDlhVG9seGpUL3FMdlRCWUtXVVhKdk9RUEQxMFhl?= =?utf-8?B?R0Zrc1BjRkFTNnlpL204NlVDYlI1MjBWYlI4a1hUdjAwQmdDN2FRbmtNOENW?= =?utf-8?B?ZEN5a1VoOVRsQ21iQkFuMHFIWk5KdkRuNnpqVlZ0SGZUaTlIVE8zRGpCdVpa?= =?utf-8?B?aTNFNmpVTEdOREpsYWkyZG5DVkZnd1FsWkowZ1lvNFdycXdHaUpBYWZyYTQx?= =?utf-8?B?NW91dFJ6NjBOYnZaR1hhL0dhTW9JUFhZSDQza1ZkWnlJWXoya092cmduUW9Z?= =?utf-8?B?YmhXeGJwOUVzZkhadXRCSWFJVTM2Zi93RkdGdE1IWThuMEVudXFldGg2VXU4?= =?utf-8?B?b0U2WkVxWmIyazF4cURZYnljbnpnL3J3eml1UE5PVWI5aERGWno1Z2lKZWY5?= =?utf-8?B?NVpHOTV1ZXUzMHdDekc0UDhqVENHZjU2Qlc2WWZhZ0JoRVBIOXh0SGJDUWZx?= =?utf-8?B?Wm5BZVErWmV1bDZtYTJVb05nUk9VdlprV2VtaTR6Y1hRRC9kaENGWEYwWHNC?= =?utf-8?B?YTJkQmVlMWNtenlBaG5IRWdiZXBzWThqTGxxSkpiYVZrTC83T1VySkpoRG5y?= =?utf-8?B?VkhqZVJwOVh1SGQ1TnpCUk9TME1xemN0c3NOQTZ2ejVxRXdodUUrVGUvUlNB?= =?utf-8?B?QmJqY090Z0tUTE8vQjRnY2hJQ2IrNGRyUFNQZGNzcFZMcnByY1RwdFdKT3hn?= =?utf-8?B?QStFTXNaME9qdG9ZcHA5MVpjZitsMWlrNEl2NG5WNXIxcEtOZTBuaUJUQnA0?= =?utf-8?B?MGN4cFBRTUhKN2VjeWducGxGaEg3MURsVWV5UFlYT0lPQUNwNWlKQWdlamRB?= =?utf-8?B?MkpPU01tTGlHOVVxRUFVVi9pV2FlRitvTzhRN3FCT0U3YlUvQytpVW9qVXNL?= =?utf-8?B?S2lwazJoOHpsYnNid05FWGs4ZDM5cmxLSGtqV2VDd0lHT0NRS2Q0U1RZbkRa?= =?utf-8?B?T25Wd0w1OG9wbUFHNm00UmJ2NjZnNjNLSGoveFVOM3F3b2NWMjVQbW8zb2dC?= =?utf-8?B?R213dVNOYXYvSXRJNkVxVVdoTTM2Mi9HckdQNHdvdFlabEoyTVl3cHphZVlO?= =?utf-8?B?WEk2Z0NHSmVwVVZleXJRRHZMRFV1NTBXMHNIOCs3MngvMzlyYkJqWkxDNmJU?= =?utf-8?B?SEdBM2dsMkxiQnh0LzQxRjJjYm1IK2swVU4vWXFtT1JzZkpyN2lLRWpzN2sz?= =?utf-8?B?QzFnOGFXMEpGS3VEZXJZdjAzYkNIeDlPTDhJQmZUMW1TbkVyR1NrK2ZMTWt2?= =?utf-8?B?VmlEWk1wbCszQ0RUaFNORTUrUjRJY0oyUVhhZHJvTUdXeTZNRFFCTDJXZmpk?= =?utf-8?B?RnVHVXhFMDFPRVJ5MlQ3T0JzL011dzRlY3AzSXVQTk5rRjNYcVpuQUF5MEFx?= =?utf-8?B?R3RnSzFxYzJGVVhqbTJLWmVBeGpSeGltWWRTdGJkN1RVcFZ6blF6MDAvOWdx?= =?utf-8?B?aWhNRlJia25LVmtlcmtDNzBUMkpTZnAzUmhvZEVFRWlzb20vb3MzcjBvVzZT?= =?utf-8?B?V3VnMVhML3pCZERxR05ndmFIeFFkL21uV0FpWm9Hd1g0aEV3aTU5bkJyVWRx?= =?utf-8?B?MW9OaU03d1dKZGpUS3V6RTlab0VXdGlOMEVNTHBJT1Zubzl0ektHcUdHTEpC?= =?utf-8?B?VkxlUzltc05uVUxkQ2lpang3RFBzRXlKaU1jM1Z5Yngwd0pPcG5XWUhleEE5?= =?utf-8?B?SEg3eUJyZVRMTHdhd3BCYjhlOElPaFp2dW42V3dXSWRqaTNQZzM5alo2SFMz?= =?utf-8?B?dHpuREJLRSsydTBkUlVTYXd2S01tYjZ5UkNBcVhHZU4rTmtwUmk4Zz09?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: adab5f8d-1e88-423d-0f64-08de4d976914 X-MS-Exchange-CrossTenant-AuthSource: SN7PR12MB6838.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jan 2026 02:49:43.2324 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: zzUvVdDfM61fYFcBO+zpi7p1Xqr1S1t3kPZCNEGmH6ThessrvjfpMftzNbyoTmMggZAdjT63XcsWBRVt5kFf4A== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7977 Message-ID-Hash: ZHV5EBSGN2K57ZLU4UVWZ65647BSJROV X-Message-ID-Hash: ZHV5EBSGN2K57ZLU4UVWZ65647BSJROV X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1767754648504158500 From: Nathan Chen Open VFIO FDs from libvirt backend without exposing these FDs to XML users, i.e. one per iommufd hostdev for /dev/vfio/devices/vfioX, and pass the FD to qemu command line. Suggested-by: J=C3=A1n Tomko Signed-off-by: Nathan Chen --- src/libvirt_private.syms | 1 + src/qemu/qemu_command.c | 21 +++++++++++ src/qemu/qemu_process.c | 79 ++++++++++++++++++++++++++++++++++++++++ src/util/virpci.c | 42 +++++++++++++++++++++ src/util/virpci.h | 2 + 5 files changed, 145 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index a8eadbfb8a..0904265459 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -3163,6 +3163,7 @@ virPCIDeviceGetStubDriverName; virPCIDeviceGetStubDriverType; virPCIDeviceGetUnbindFromStub; virPCIDeviceGetUsedBy; +virPCIDeviceGetVfioPath; virPCIDeviceGetVPD; virPCIDeviceHasPCIExpressLink; virPCIDeviceIsAssignable; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 98e4469c25..2a16f9df63 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -4809,6 +4809,18 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, NULL) < 0) return NULL; =20 + if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_VFIO= && + pcisrc->driver.iommufd =3D=3D VIR_TRISTATE_BOOL_YES) { + qemuDomainHostdevPrivate *hostdevPriv =3D QEMU_DOMAIN_HOSTDEV_PRIV= ATE(dev); + + if (hostdevPriv->vfioDeviceFd !=3D -1) { + g_autofree char *fdstr =3D g_strdup_printf("%d", hostdevPriv->= vfioDeviceFd); + if (virJSONValueObjectAdd(&props, "S:fd", fdstr, NULL) < 0) + return NULL; + hostdevPriv->vfioDeviceFd =3D -1; + } + } + if (qemuBuildDeviceAddressProps(props, def, dev->info) < 0) return NULL; =20 @@ -5253,6 +5265,15 @@ qemuBuildHostdevCommandLine(virCommand *cmd, if (qemuCommandAddExtDevice(cmd, hostdev->info, def, qemuCaps)= < 0) return -1; =20 + if (subsys->u.pci.driver.iommufd =3D=3D VIR_TRISTATE_BOOL_YES)= { + qemuDomainHostdevPrivate *hostdevPriv =3D QEMU_DOMAIN_HOST= DEV_PRIVATE(hostdev); + + if (hostdevPriv->vfioDeviceFd !=3D -1) { + virCommandPassFD(cmd, hostdevPriv->vfioDeviceFd, + VIR_COMMAND_PASS_FD_CLOSE_PARENT); + } + } + if (!(devprops =3D qemuBuildPCIHostdevDevProps(def, hostdev))) return -1; =20 diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 0e50cd1ccc..ab88a6bf62 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -103,6 +103,7 @@ #include "storage_source.h" #include "backup_conf.h" #include "storage_file_probe.h" +#include "virpci.h" =20 #include "logging/log_manager.h" #include "logging/log_protocol.h" @@ -8181,6 +8182,9 @@ qemuProcessLaunch(virConnectPtr conn, if (qemuExtDevicesStart(driver, vm, incomingMigrationExtDevices) < 0) goto cleanup; =20 + if (qemuProcessOpenVfioFds(vm) < 0) + goto cleanup; + if (!(cmd =3D qemuBuildCommandLine(vm, incoming ? "defer" : NULL, vmop, @@ -10360,3 +10364,78 @@ qemuProcessHandleNbdkitExit(qemuNbdkitProcess *nbd= kit, qemuProcessEventSubmit(vm, QEMU_PROCESS_EVENT_NBDKIT_EXITED, 0, 0, nbd= kit); virObjectUnlock(vm); } + +/** + * qemuProcessOpenVfioDeviceFd: + * @hostdev: host device definition + * @vfioFd: returned file descriptor + * + * Opens the VFIO device file descriptor for a hostdev. + * + * Returns: FD on success, -1 on failure + */ +static int +qemuProcessOpenVfioDeviceFd(virDomainHostdevDef *hostdev) +{ + g_autofree char *vfioPath =3D NULL; + int fd =3D -1; + + if (hostdev->mode !=3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS || + hostdev->source.subsys.type !=3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PC= I) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("VFIO FD only supported for PCI hostdevs")); + return -1; + } + + if (virPCIDeviceGetVfioPath(&hostdev->source.subsys.u.pci.addr, &vfioP= ath) < 0) + return -1; + + VIR_DEBUG("Opening VFIO device %s", vfioPath); + + if ((fd =3D open(vfioPath, O_RDWR | O_CLOEXEC)) < 0) { + if (errno =3D=3D ENOENT) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("VFIO device %1$s not found - ensure device i= s bound to vfio-pci driver"), + vfioPath); + } else { + virReportSystemError(errno, + _("cannot open VFIO device %1$s"), vfioPa= th); + } + return -1; + } + + VIR_DEBUG("Opened VFIO device FD %d for %s", fd, vfioPath); + return fd; +} + +/** + * qemuProcessOpenVfioFds: + * @vm: domain object + * + * Opens all necessary VFIO file descriptors for the domain. + * + * Returns: 0 on success, -1 on failure + */ +int +qemuProcessOpenVfioFds(virDomainObj *vm) +{ + size_t i; + + /* Check if we have any hostdevs that need VFIO FDs */ + for (i =3D 0; i < vm->def->nhostdevs; i++) { + virDomainHostdevDef *hostdev =3D vm->def->hostdevs[i]; + qemuDomainHostdevPrivate *hostdevPriv =3D QEMU_DOMAIN_HOSTDEV_PRIV= ATE(hostdev); + + if (hostdev->mode =3D=3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS && + hostdev->source.subsys.type =3D=3D VIR_DOMAIN_HOSTDEV_SUBSYS_T= YPE_PCI && + hostdev->source.subsys.u.pci.driver.name =3D=3D VIR_DEVICE_HOS= TDEV_PCI_DRIVER_NAME_VFIO && + hostdev->source.subsys.u.pci.driver.iommufd =3D=3D VIR_TRISTAT= E_BOOL_YES) { + /* Open VFIO device FD */ + hostdevPriv->vfioDeviceFd =3D qemuProcessOpenVfioDeviceFd(host= dev); + if (hostdevPriv->vfioDeviceFd =3D=3D -1) + return -1; + } + } + + return 0; +} diff --git a/src/util/virpci.c b/src/util/virpci.c index 90617e69c6..886e2c55e6 100644 --- a/src/util/virpci.c +++ b/src/util/virpci.c @@ -3320,3 +3320,45 @@ virPCIDeviceAddressFree(virPCIDeviceAddress *address) { g_free(address); } + +/** + * virPCIDeviceGetVfioPath: + * @addr: host device PCI address + * @vfioPath: returned VFIO device path + * + * Constructs the VFIO device path for a PCI hostdev. + * + * Returns: 0 on success, -1 on failure + */ +int +virPCIDeviceGetVfioPath(virPCIDeviceAddress *addr, + char **vfioPath) +{ + g_autofree char *addrStr =3D NULL; + + *vfioPath =3D NULL; + addrStr =3D virPCIDeviceAddressAsString(addr); + + /* First try: Direct lookup in device's vfio-dev subdirectory */ + { + g_autofree char *sysfsPath =3D NULL; + g_autoptr(DIR) dir =3D NULL; + struct dirent *entry =3D NULL; + + sysfsPath =3D g_strdup_printf("/sys/bus/pci/devices/%s/vfio-dev/",= addrStr); + + if (virDirOpen(&dir, sysfsPath) =3D=3D 1) { + while (virDirRead(dir, &entry, sysfsPath) > 0) { + if (STRPREFIX(entry->d_name, "vfio")) { + *vfioPath =3D g_strdup_printf("/dev/vfio/devices/%s", = entry->d_name); + return 0; + } + } + } + } + + virReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot find VFIO device for PCI device %1$s"), + addrStr); + return -1; +} diff --git a/src/util/virpci.h b/src/util/virpci.h index fc538566e1..24ede10755 100644 --- a/src/util/virpci.h +++ b/src/util/virpci.h @@ -296,6 +296,8 @@ void virPCIEDeviceInfoFree(virPCIEDeviceInfo *dev); =20 void virPCIDeviceAddressFree(virPCIDeviceAddress *address); =20 +int virPCIDeviceGetVfioPath(virPCIDeviceAddress *addr, char **vfioPath); + G_DEFINE_AUTOPTR_CLEANUP_FUNC(virPCIDevice, virPCIDeviceFree); G_DEFINE_AUTOPTR_CLEANUP_FUNC(virPCIDeviceAddress, virPCIDeviceAddressFree= ); G_DEFINE_AUTOPTR_CLEANUP_FUNC(virPCIEDeviceInfo, virPCIEDeviceInfoFree); --=20 2.43.0 From nobody Fri Jan 9 07:53:10 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 17677547848961003.6367073341178; Tue, 6 Jan 2026 18:59:44 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 0958043E52; Tue, 6 Jan 2026 21:59:44 -0500 (EST) Received: from [172.19.199.83] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id CB8CC43FB5; Tue, 6 Jan 2026 21:50:46 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id C610D41B72; Tue, 6 Jan 2026 21:49:52 -0500 (EST) Received: from SN4PR2101CU001.outbound.protection.outlook.com (mail-southcentralusazon11012061.outbound.protection.outlook.com [40.93.195.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id B01FA41BA1 for ; Tue, 6 Jan 2026 21:49:46 -0500 (EST) Received: from SN7PR12MB6838.namprd12.prod.outlook.com (2603:10b6:806:266::18) by SN7PR12MB7977.namprd12.prod.outlook.com (2603:10b6:806:340::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9478.4; Wed, 7 Jan 2026 02:49:44 +0000 Received: from SN7PR12MB6838.namprd12.prod.outlook.com ([fe80::69ae:2df4:372b:6fbc]) by SN7PR12MB6838.namprd12.prod.outlook.com ([fe80::69ae:2df4:372b:6fbc%7]) with mapi id 15.20.9499.002; Wed, 7 Jan 2026 02:49:44 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ItMNGKhliHrUcKUtX6Nmh35AUJtn1d8BmcAgtQXhNjUGHXeTjxvZ1UUe1wSVW/nivgYN+XY3WiVGEiaxQNQCqXhOkdbhAoLQn+/9yd4oWRJgPoEkvJyQrlG4btG0lv8dAnbb/3mPYG8pxOXwPYVA5aek6lRNPDEktXSl8j+Z20gStAC/eWKCEwoxKnvN7REAdVTdltSmFE3QhsKtv9kldznjo40DjNrmSMwbwTcPT5G/dBbqGnb7Yy/eJFvGwXJMRP/zfESYRH1J3jWR+7ZUaPfRNXxcKyaXA3OYAurC09mlnNY9aCqfb82zd6bV/a7uMQyyJiUwxPtFpFBC5qxyUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9T/cWSaDjeTNzmFAS5Wgm1BRIsilegAxN6kzMSPc3jE=; b=yaFi3mBK9Z4Hq1R2NdJjDTVzuPoaBhf3N+YA3akD5rew8GaUl0EszzOyK/ev8BKPfNw85eoENnsQ8HMlhPDq1H50qlY/62NiUqo/o0F3Itvk0JBXrlFw7PTYxJB4nnSjwcrzIiqJWiTKX40IK3I0bdgOPAEQG/AVJha3yETC7MOMSbw2RSiLHCrF13jzbOL7KnPfsxWRdLSiiALOw+ODaxArFOveghDCDlDUyzHBhqKuXox68p19BCa8kHjqb4no+5fWzDzvnOEtE6/AK6pVuDEGsxkb+eT+XfcLbhhjAI3Fh5E8eQXwL0IUVasrUhiW2QCF3qsaQYSy8PjlQ563NA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9T/cWSaDjeTNzmFAS5Wgm1BRIsilegAxN6kzMSPc3jE=; b=lInRIRSGad1K990ohA2OxCC6WEYEyAbvHi7zWhWJQfcS7xNNQ9h5ltMan4ekBiY0VlaMVMJHVLMNlZd3b20CSDisffRFEAmymOCP8/QlYkrwWoV9wLc8cjD+TNMurIqzjAXl3r9Q4SbZ+SB55MN95ZL4xGIv4rboYqfzm/Gu0H3Nc6ysay35SbuCqQKy9rpfiyARmaohLoZgqwaJ6nKs7BjKANxK6wKXMRznvb699IfH9zvIZuTz46DZZuGLFSiwTP9pKdspP9pC1W0aARLDTaEEQK61Rm4O35EP+4YXW4699fG3AJUMpvP75WJjKnUao+/go38iS1IGny3RcK4EHQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v4 5/7] qemu: open iommufd FD from libvirt backend Date: Tue, 6 Jan 2026 18:49:36 -0800 Message-ID: <20260107024938.461794-6-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260107024938.461794-1-nathanc@nvidia.com> References: <20260107024938.461794-1-nathanc@nvidia.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: BY5PR13CA0006.namprd13.prod.outlook.com (2603:10b6:a03:180::19) To SN7PR12MB6838.namprd12.prod.outlook.com (2603:10b6:806:266::18) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN7PR12MB6838:EE_|SN7PR12MB7977:EE_ X-MS-Office365-Filtering-Correlation-Id: 55c04259-4ba7-410d-c442-08de4d9769e6 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|1800799024|366016; X-Microsoft-Antispam-Message-Info: =?utf-8?B?ZEJObU96TFBDV2VsaElzdnkrRFZ3VkprWE01QlBtMFVGeGxZSk5Qd0taTlNh?= =?utf-8?B?WjVVWE9rL2J4eGNoYW8yeDc1eEtkbGhodFpGMFdJM3BKZFNLSzQyM1Jlbkwv?= =?utf-8?B?NGRxNlJ0ZmdveXVPV1NkeExYSldkTDlRWWEzRkROTGdRRXh3Sjd5SzJiU2xV?= =?utf-8?B?bzI3bFoxNlREcmNhNFB4Zm9VT3VFRFZuWjBtVFdPaHhKeHA0eUtxeWZIT0pz?= =?utf-8?B?aC9YMHBwVHZjWXo4cFA5QlFtakRYb1FSRVlwdG9CZGdxSGZIMzkyd1NnaTVk?= =?utf-8?B?OFJxcG42V3FRK0Fham82L01HWUNOU3JkcG9vZ29yMkRsOGJBaWI2V3hvQ1NE?= =?utf-8?B?eFJtdHRQL29ZMEtxL08zd3cxbjZjQXVUR2pxc0oxUDgvTHg5c1grck5xdkRN?= =?utf-8?B?WDkwaW8yeXZVY0F6dHM1am9DTTlyUTBDb0tlaklnVTRsb2J6cUF4RzJXT3RL?= =?utf-8?B?OWswSHdMaVo5RVdIN1F5T3NNZDIzNjNLM2dwdGpYaHBNdmJFS2xOd3pBRUhX?= =?utf-8?B?eGlOTFRKMml2K2txQ1NqRzg1cVdoei9HQ2RaMGphVmJhVlZDTXdSMEk1L0xm?= =?utf-8?B?NzArbWQ4SWV4UEUwVTVjTWV0aEpKWDllMmtzNGJ3RURFQjAyWllwNUJNb25O?= =?utf-8?B?bHo2bUZtUnJxUDRhQk82RUU4ZzNPdmZpQXJGUVZkQzhTNjdIdWpwRGpDOUJC?= =?utf-8?B?bmMwL1VKSXN2cFZNejIrTjZEOThGeFlNZWxLOUNCTk9TRWRObTB4cmVYcE1P?= =?utf-8?B?d3dNcHF0ZHUrNHlpQUFSR0tBZnFES3MxZ0hxOUZaQnMrMTA1S09HYW0zK1FJ?= =?utf-8?B?VHYwSnZ1ZVNnL3JMZnJRdktuYklYS1krU2JBalpIVVNvQVAxS29jNndRQ0Fa?= =?utf-8?B?clVsdTVlMENIajJrSzBEbS9JV2ZqVitFQVk2Zkp0SmI0SnZ5d3hMbXVnL1dU?= =?utf-8?B?bGtsK1hraHoybG1MUVMwUjI1WWR2UkRWeXp6bVBHMzRtdkxSUHlsdWIyU2RJ?= =?utf-8?B?YmJmMTFzTzJMTWphbHNaaEIwdFEvQkdMQUFVeFBzaUNWVHFiRDlrM25WSDFE?= =?utf-8?B?Zy9WQjk2TXM2N3hDTm1MZGthQXp0QVhlSCtydXU3VmluVXY3c1VlWStiVzVI?= =?utf-8?B?azgybElQemVOcDVaWldlWE9IUzYrWS9CNVRhOUN2VnExL2ZQeXZYRi9SZmtt?= =?utf-8?B?djgxcEVOYUVsY1c0ZXY2R1dGWE5hRERLaVJNSGdoYmJXSFU4WDhJalJWZHNU?= =?utf-8?B?THNxNk1NZEFMTDdLc2RhdEUvTGR0SElBUGRWbmpWNEJKTC9YZmFONng0aGlZ?= =?utf-8?B?VWFYMHRVbWVqQ3c2TkdvbU5qOVNZNk1QSHhyTTlVNjNrKzRvdVFYa21iNEc0?= =?utf-8?B?VnZDMS9uMEcxVVZzYUZweExvWnBDdmRVQm9DNVY0NDIralQ5THhlMmJaR3Za?= =?utf-8?B?UERxYmlMektnQU1PRnh3R2REeVMwaEhucGJjWEpjbmVwSlJ2ci80ZXRpeTh5?= =?utf-8?B?bW9xdzJKcGdSRDJCWTNsb0pxT084bmVRc0VxeHc1cGhoYlRtZ25ORTNrckNt?= =?utf-8?B?cldiVWhaRERwNiszUzIxTlYrNzR5MEdKbGxaN1djcGFFUmYzTlJZaVpQK0xR?= =?utf-8?B?Zi9oTmQ2dUdnYnAxaXFEWWcxK0NCM2hMQ2JDbExvTnd5SWNmNzZHVlBkcndZ?= =?utf-8?B?U2sxMW9lUkRDUjNMaXNyOUVoU3BoU2pGYkhVM050V25hLzY0SGQ4aEtnMnBF?= =?utf-8?B?Nlg1ZW15YzRaNUk5UWVMbSttN3orSnArMmRSRzh2aW5ZWlltR0FzQ1NnYUNs?= =?utf-8?B?ZDd5dCt6R2RpQ2FRdjk5VlZxbVJQRU82ODFLL1FzL09JN0lOd203QTZKWUFm?= =?utf-8?B?OWtDdlhZUXZrUnFYWUJIaG4vRTV6YXBBTU1nTHlyeWQyMk1MREFpUkk5cTgy?= =?utf-8?Q?8BgGbkF/eTYXlaQgXuMIxTs1nSmDByWh?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN7PR12MB6838.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(376014)(1800799024)(366016);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?WjJiUHJLN3J1aFFwbGdYSCsrTERTVG81NmpSelE5bk5KWEprOVZSdWlBRmZB?= =?utf-8?B?YnhXQzJXdXFnY2NsUk5mUjIrN3ZOdnZVMDhHQTNuRzNHdG5JUjNHTDBHYU9o?= =?utf-8?B?aG1oMGFqSnJ4dTNlWmE3VWxLTDk1dWFTNnNRc0VGNlJBVEVZa3pUeDJSd2hW?= =?utf-8?B?aGh6aFhTcEhYVzlMbS94SFJobGk0RGh2SEtHeFZRY20weHFOZElzcER1RmhZ?= =?utf-8?B?QWZoSDV5dXk5Z2l1YlZaQ0dxV1hlUVdhZ01rcFhMbjVvY1MvZnM0R1VkUkdX?= =?utf-8?B?eEVJSTJWVGM4Z2Q2V2Z3U0ZxYjlOUzhXWWhYcEgzYUtBUGlRVTlkWFpGRVcz?= =?utf-8?B?ZXR6cTRkZ0cybFZwbzMxZ09xb0dIOHlUWlJBUHRWT0dESzNqWHJOd1JhZVdr?= =?utf-8?B?SmJNeG9xOWRYemF1TmdUODVjK1BWVTBKQng3bEljUElNSlcvWCtNRCs0TUNo?= =?utf-8?B?VWlZeE1rZHNZeHJ2b3ZBT2E2NmV4UGFYNysvSEdPbnlPQm9sZ3RLWWFWNWJ1?= =?utf-8?B?Qy9qTXFQTXE2RG1LN3hOUVJ5aEVxQVNwMnd0K2haalh4UlFqWW4vMzJxZ28w?= =?utf-8?B?bS8zWmZadlVtL0dhbnRqS2I5SC9mdTdqNno2QXliT21QWE1lSUcwanRQb0lp?= =?utf-8?B?ajBDQ3FtNi9GN2JlWGlVaU1HZUJqMURSWU5LSzVwYSs0NDhjT09nY0dBbGcv?= =?utf-8?B?d1lOMzVZVmdnSnlRelNpUnQrK1pTNHFRNk5SWEZjb2N2LzhRQnRzNVBYRW1M?= =?utf-8?B?SERrazRHNnBIU3c4dEh3clVkQmVjUUNKYkEzR1dyTXl1aVJlV0pucUxaV1JE?= =?utf-8?B?NG1iS0wrMll0S2VoY04vamdsVUtXTDBEL0lsdEQ0UVkrTmNVNVZQRElHaGh0?= =?utf-8?B?RkI4UmY3YTZ6eXp0bVM4MEZ2ZHlpZU9kdDVOekpnQnpXRTgxQlpsb1I1UlJ4?= =?utf-8?B?dVIyQVUyU01ySWxLRzZvWlQwMHQ4cVRiTUluVGNsNC9tR2JZbzRuTFIrSUNV?= =?utf-8?B?dk9uK3pOeUhwaysrci9vUjB3cG91UTUxSTBVa2l0ckRHZXhPcnZxN1YycHVT?= =?utf-8?B?TzZSSHRRS1FPT1NRSXBYa0phNzdRWGZMV1hqdmVWZ3hMdXk0WUR5S256M0FT?= =?utf-8?B?emJaOGFwTzVvZ1JOUUptMEw3YWUyYWFXU2FsQWUwaS9EUSswUXIrUVpKV3RK?= =?utf-8?B?YW5mQnYzOWk4SENRYXF1eEZGMTdJN25tS1JYUmorNU1FRmh1c29TMmI5VVJx?= =?utf-8?B?blgwVmxwQndBUk0vOXU3Z1VVc3lQSUJRc2ZDamRJMlNJSVhhNjdDS2xkZWZV?= =?utf-8?B?NGdiM3ZBMHhEY1ArRldtbEJkL2I4dDJqWHFjR25YMkxFL0h2eTRzdExHckN4?= =?utf-8?B?Vmd4M2o4ZGNPNnpOS0FsZ0tjL0kwNDRYSi9VUCs2Mlh2QmlMamwyUDYwV0VJ?= =?utf-8?B?dUFoMW9vT085ZjdOcFJndnd3bDJzZ3p3Y1B5ZVl1TjhlZ2J4Qis2eUlDem9G?= =?utf-8?B?eXArUUlIUWM0UHlRYUlMdTViL0Q4MHZ6ZjdBVnFUTEs0Rm1RcVI4SndLUnFP?= =?utf-8?B?cWlVZU5YYitBYkJkZDlrQm5uUTFHeTF4MTNpZEJzZVRjM3MxSVZzdm5aSnhX?= =?utf-8?B?QUc2Rlg2T1JrSHE4THdONVR0QU9wOTVCUXgxYW04aG1ZZG8xbzJHK0ZBeFhB?= =?utf-8?B?dmR0RlBWZUt5cUlKTzZiRHRWck1hV1h6aVpkU0grY3BMTFpxRDBLR3Zoa2hE?= =?utf-8?B?VkxqbW5lLzd1S3IreU9nNTBETGsxdkJVaHdtajc1K0Z1bEU0ZXBWeVlKdVo0?= =?utf-8?B?b1lZdkZpTnVGMy95TUZ4VXB1L1hrUkpOaExlVGdiU0xMNDcvYzJFcTQ3eWpL?= =?utf-8?B?ZlNBVGlTNFlTbTJSYlFsRW95VlY1VkVYWVVBamw4WUVibDRTek4wVWFURnJ1?= =?utf-8?B?K1BDNzhURVRwejFyWjJucTluMHh4Z3ZYMnZqdXVDellzQTJSU004cUMzUzd1?= =?utf-8?B?enNNWTluZ1ZpUHJBNWtvR3hEVVd2eVRJeW1QbTdvMVppMlZKdWF6RkVBSTJI?= =?utf-8?B?anMxZUJTeUFXaGNtdTdnRTFjcFZITzFpNjB0Y0N2UENHNE83Zm1KL24xeG9M?= =?utf-8?B?dU5KY3hyanl3S1RZZFNZTmgzY2dEVnVYVlBsU2RvT2hhcmZOeExlRUcvODBQ?= =?utf-8?B?MzBNQlFrbVRwUDBBcnprNSs5dTVqVkdJaEpzK2tXaWFnS1dweldYdkNnTFhi?= =?utf-8?B?SEtmZWk1cXEwUUZJc0dlbFpXQkxKSjNhbk90Y3F2RWdsRm8vN2lUcHg4MHFv?= =?utf-8?B?OW5wNjdQWVFlV2lTbE85bzYvYXM4clNzeEJlb2FlRGpVQU1mK2h6QT09?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 55c04259-4ba7-410d-c442-08de4d9769e6 X-MS-Exchange-CrossTenant-AuthSource: SN7PR12MB6838.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jan 2026 02:49:44.6032 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Kh7aL9KsIXn+Tw5yAyRigHmPdqb8N3K6d3gDi1XQULs1bRRTmVVezot/qIvR9mx2I9FtiGPsidbKgLWftySUig== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7977 Message-ID-Hash: P5IVTVV6AQPQ2ZE5B2TB4K5KPJ7RQES6 X-Message-ID-Hash: P5IVTVV6AQPQ2ZE5B2TB4K5KPJ7RQES6 X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1767754786887158500 From: Nathan Chen Open iommufd FD from libvirt backend without exposing these FDs to XML users, i.e. one per domain for /dev/iommu, and pass the FD to qemu command line. Suggested-by: J=C3=A1n Tomko Signed-off-by: Nathan Chen --- src/qemu/qemu_command.c | 13 +++++++++++-- src/qemu/qemu_domain.c | 1 + src/qemu/qemu_domain.h | 2 ++ src/qemu/qemu_process.c | 39 +++++++++++++++++++++++++++++++++++++++ 4 files changed, 53 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index 2a16f9df63..5916283651 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -5348,9 +5348,13 @@ qemuBuildHostdevCommandLine(virCommand *cmd, =20 static int qemuBuildIOMMUFDCommandLine(virCommand *cmd, - const virDomainDef *def) + const virDomainDef *def, + virDomainObj *vm) { size_t i; + qemuDomainObjPrivate *priv =3D vm->privateData; + g_autofree char *fdstr =3D g_strdup_printf("%d", priv->iommufd); + =20 for (i =3D 0; i < def->nhostdevs; i++) { virDomainHostdevDef *hostdev =3D def->hostdevs[i]; @@ -5369,8 +5373,13 @@ qemuBuildIOMMUFDCommandLine(virCommand *cmd, if (subsys->u.pci.driver.iommufd !=3D VIR_TRISTATE_BOOL_YES) continue; =20 + virCommandPassFD(cmd, priv->iommufd, VIR_COMMAND_PASS_FD_CLOSE_PAR= ENT); + + priv->iommufd =3D -1; + if (qemuMonitorCreateObjectProps(&props, "iommufd", "iommufd0", + "S:fd", fdstr, NULL) < 0) return -1; =20 @@ -10996,7 +11005,7 @@ qemuBuildCommandLine(virDomainObj *vm, if (qemuBuildRedirdevCommandLine(cmd, def, qemuCaps) < 0) return NULL; =20 - if (qemuBuildIOMMUFDCommandLine(cmd, def) < 0) + if (qemuBuildIOMMUFDCommandLine(cmd, def, vm) < 0) return NULL; =20 if (qemuBuildHostdevCommandLine(cmd, def, qemuCaps) < 0) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 85eea1801f..c5e1cd5279 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -2042,6 +2042,7 @@ qemuDomainObjPrivateAlloc(void *opaque) priv->blockjobs =3D virHashNew(virObjectUnref); priv->fds =3D virHashNew(g_object_unref); =20 + priv->iommufd =3D -1; priv->pidMonitored =3D -1; =20 /* agent commands block by default, user can choose different behavior= */ diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index e91435c062..18ced7ebba 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -264,6 +264,8 @@ struct _qemuDomainObjPrivate { /* named file descriptor groups associated with the VM */ GHashTable *fds; =20 + int iommufd; + char *memoryBackingDir; }; =20 diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index ab88a6bf62..0ef46e4880 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -104,6 +104,7 @@ #include "backup_conf.h" #include "storage_file_probe.h" #include "virpci.h" +#include "viriommufd.h" =20 #include "logging/log_manager.h" #include "logging/log_protocol.h" @@ -10365,6 +10366,37 @@ qemuProcessHandleNbdkitExit(qemuNbdkitProcess *nbd= kit, virObjectUnlock(vm); } =20 +/** + * qemuProcessOpenIommuFd: + * @vm: domain object + * @iommuFd: returned file descriptor + * + * Opens /dev/iommu file descriptor for the VM. + * + * Returns: FD on success, -1 on failure + */ +static int +qemuProcessOpenIommuFd(virDomainObj *vm) +{ + int fd =3D -1; + + VIR_DEBUG("Opening IOMMU FD for domain %s", vm->def->name); + + if ((fd =3D open(VIR_IOMMU_DEV_PATH, O_RDWR | O_CLOEXEC)) < 0) { + if (errno =3D=3D ENOENT) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("IOMMU FD support requires /dev/iommu device"= )); + } else { + virReportSystemError(errno, "%s", + _("cannot open /dev/iommu")); + } + return -1; + } + + VIR_DEBUG("Opened IOMMU FD %d for domain %s", fd, vm->def->name); + return fd; +} + /** * qemuProcessOpenVfioDeviceFd: * @hostdev: host device definition @@ -10419,6 +10451,7 @@ qemuProcessOpenVfioDeviceFd(virDomainHostdevDef *ho= stdev) int qemuProcessOpenVfioFds(virDomainObj *vm) { + qemuDomainObjPrivate *priv =3D vm->privateData; size_t i; =20 /* Check if we have any hostdevs that need VFIO FDs */ @@ -10430,10 +10463,16 @@ qemuProcessOpenVfioFds(virDomainObj *vm) hostdev->source.subsys.type =3D=3D VIR_DOMAIN_HOSTDEV_SUBSYS_T= YPE_PCI && hostdev->source.subsys.u.pci.driver.name =3D=3D VIR_DEVICE_HOS= TDEV_PCI_DRIVER_NAME_VFIO && hostdev->source.subsys.u.pci.driver.iommufd =3D=3D VIR_TRISTAT= E_BOOL_YES) { + /* Open VFIO device FD */ hostdevPriv->vfioDeviceFd =3D qemuProcessOpenVfioDeviceFd(host= dev); if (hostdevPriv->vfioDeviceFd =3D=3D -1) return -1; + + /* Open IOMMU FD */ + priv->iommufd =3D qemuProcessOpenIommuFd(vm); + if (priv->iommufd =3D=3D -1) + return -1; } } =20 --=20 2.43.0 From nobody Fri Jan 9 07:53:10 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1767754873459711.2035093940265; Tue, 6 Jan 2026 19:01:13 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 8ED6943E55; Tue, 6 Jan 2026 22:01:12 -0500 (EST) Received: from [172.19.199.83] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id BDB1D43E77; Tue, 6 Jan 2026 21:50:51 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 3BB4941B60; Tue, 6 Jan 2026 21:49:54 -0500 (EST) Received: from SN4PR0501CU005.outbound.protection.outlook.com (mail-southcentralusazon11011001.outbound.protection.outlook.com [40.93.194.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 3772541B4C for ; Tue, 6 Jan 2026 21:49:50 -0500 (EST) Received: from SN7PR12MB6838.namprd12.prod.outlook.com (2603:10b6:806:266::18) by MN2PR12MB4208.namprd12.prod.outlook.com (2603:10b6:208:1d0::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9478.4; Wed, 7 Jan 2026 02:49:46 +0000 Received: from SN7PR12MB6838.namprd12.prod.outlook.com ([fe80::69ae:2df4:372b:6fbc]) by SN7PR12MB6838.namprd12.prod.outlook.com ([fe80::69ae:2df4:372b:6fbc%7]) with mapi id 15.20.9499.002; Wed, 7 Jan 2026 02:49:45 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ZNX4/DC4U7ey3E2fPoAXQ3OhjLDJELXYYj0KFd0A3rI9KVK3QQsSNLwES8QtQAv7p+2bbGgHHh5aqK4UbXUz6xM2d5KqOcEuGBoI91CNT0qCHXR2xUStdsBXeLvCnnkuYpTm+lFWNQxlcEt2NBxFayUY2sSkcDzZJ/d69pbIw4MDQ+sdipH2IglTkejFfuA1pGtS3oY74JfPXwtOkpUTHhK4/UTZKxT46QK1tWiM7aMxOmdOL88jSz00FnxZ+xMa53ekPnWFcU4pcIXNNcvP/1ecDGJl8A/PxLDl2DTUGs+os6UGbEgeAZBgAhhngzI+6xmKQc7h5SrqVgQlpXh5cw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=NSKrL3GYNuQdxyQ1fOfV/PNtQKzUx72u0KP3IrFVGGY=; b=CJb/eq0yK4kx8bO5E+ULG5886WrObacMitnIbc2mpEp6QCTKBTw+G5a7gj2ECnC3dVVDKTAoD1YHd3pVaGO9qB/SKNXIPoo3e/RLYZ5sdckBGtbdn4b6cdAPdQ3S3NPiLXTH4KBB1+hdUkzffy9+b43lieSBf5IRH4mlJGRjNQ6rcxw30a85h5zf6R2M8hxHP2rRqgHv8JyLI8TyWyyVxIIMne1FX4YwJTY3aN1EwWCkT+m6dCBLL/GSe5DvfKT3SJIedr/562NQT7blkdCQcMmUiHHrXj9M3X5KOtis0sRZdFHYfojz3B8eou7NSB705xbO4+fNJ9sZWzYkB5hWWw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NSKrL3GYNuQdxyQ1fOfV/PNtQKzUx72u0KP3IrFVGGY=; b=Xs2QDqPOjG489dPV2od6mMCvgXGmQ6nmBof8+OwOD2n1eN6IFuXJ9juwBPLkAj1wDH5/lv/UI+cinDINzyYb9CnXGmn3cBtC3DJKbl3lMAOhcfLoFuXycvCd1s75kauJk1Rn67nUcUY8fm11I36peXHFiPFnZrEdnmErPcCaepP8nqUsVgBax1gKgEiqTo2YP2k/17UHMrbda0wmHwulrg21S3FGcDozGtoE4ZsAa2WQz7fIOKGpRtFGTKP6QpWU1im5DeyWgAndz1ai7lpIrybXkKnTGSFlPucq5cM1YJLaxRSWD9mCk8XmMEDreW3wmZdF5t7W4tuqOfSmyKkUDQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v4 6/7] qemu: Update Cgroup, namespace, and seclabel for iommufd Date: Tue, 6 Jan 2026 18:49:37 -0800 Message-ID: <20260107024938.461794-7-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260107024938.461794-1-nathanc@nvidia.com> References: <20260107024938.461794-1-nathanc@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: BYAPR11CA0048.namprd11.prod.outlook.com (2603:10b6:a03:80::25) To SN7PR12MB6838.namprd12.prod.outlook.com (2603:10b6:806:266::18) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN7PR12MB6838:EE_|MN2PR12MB4208:EE_ X-MS-Office365-Filtering-Correlation-Id: 2e563ecc-adb4-473a-ea6b-08de4d976a87 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?/tPwlLwdUpoEPx5W0Ig6lXxh/BNPW5Y4aLdtFGjveputcs5XwhhlX7bBotJb?= =?us-ascii?Q?7fPvLFkbY8/i6KKYJbZzR0WusxkvEVG8rFwPhwyzVB0OBM3GnY2zrKyHT4Li?= =?us-ascii?Q?2vF9FvBSQe+A+O0CLI4K8ZnV/tir34vCdn13x6+8qEJPiXmyfUzsziu8GZjX?= =?us-ascii?Q?u0Vz5o3BwFWdA9Ov2D9D1B8A6yQdZif/Ij0b5AeV/3hvqRS45YudWaFKvM2z?= =?us-ascii?Q?NDt0GvmVgGj+dqEOBAnqaElnwrtu6WIfnJ9Wp9m4TsXvkftSXIKH/hspLi3Q?= =?us-ascii?Q?O8P8QdMm/iP6tmza73/95oOTkrFVfaCgjyCtkUNRTCwrY1WedrhDI9sejFnd?= =?us-ascii?Q?ijO/JP4QTpXL5i02U7Oxl0OZh7ZRZrWMcR4XhHfQsrbuoV2TBL6u8SegpLPZ?= =?us-ascii?Q?vOTGNwWdjeygVhikJLqZEbT9Hl4ci++wUurRkwBvOHPoNskTEz7VtI171Gw7?= =?us-ascii?Q?FYgRgCly4UVmiu12nzXcMyiAYI/3RkR1/xyicxItCboiQpkx0N7JlVF/O/Pt?= =?us-ascii?Q?UfUoYZuNwilomI9WuXZlJAOBxea/ZfbK69z5LzEs2+VYrtdT1m235jpsWM/i?= =?us-ascii?Q?WQdHgj08gjIaW35OWIbd2iT/ltEBr0BnULYhIvYDPQ8YSpKRCqYAsZA+Ovt4?= =?us-ascii?Q?oklNxQ6gi/zkhxJjB1oKyLiFkYWAyhRvUvRgxEi2xAys4N0q6UO59m6Eul4+?= =?us-ascii?Q?knh0LXmCaqHCY+pHU1ZQOaD+ouQLN7AXfAgbufZ4+nbFCsOlw6T59E5m8Pm1?= =?us-ascii?Q?wB2wNeb8zdhu0Uq/UHGLvLg/Sm1kilDe6pRjLOUf+O7z6MJanuoSv32AQ7XA?= =?us-ascii?Q?PqvMJbEi5JkLG78Txq+8gG5lYMtqBhwSwnxg8jSkRNnd5dBqwBFlVrXtYQi8?= =?us-ascii?Q?URbaIpG1YOchhdkMpS3GWtgNjQ3iVyO/ZFJhmjigll+aMPPm/HTmzA5vVJAK?= =?us-ascii?Q?gU7I8yzGaANI2lVNutzQ+mzNgm2NUHG7i6mqYi9HerA8VNVGQ+aYHYcZFtD8?= =?us-ascii?Q?j5gWK+UKWu8bbcjdOh3XKYl53vK+NBeV0Ah1dzVciytHTTliAfamWHVSUJT2?= =?us-ascii?Q?K+kLXkZbCi7YeE0CtSrXptLCPw+uyiVGnO1C2U+9Xhh5BaLZg+odtUVXTfMK?= =?us-ascii?Q?v4PXYk8QU3EFxv7wJ2vorV4ko/eZ8fpyQ673vP6MvPyvC6p+HDzb49TsGXFI?= =?us-ascii?Q?7x+WvOCkGSStobkthDbcwBn4EYGsyx71D8yiem/toUIkDXKq9QwKgoY6dsSZ?= =?us-ascii?Q?S+fcuUFB1d1C3eyGtJwQhG20OXg6C0u7bDteBqSeq2kBgdrK+CwBif4YJUqi?= =?us-ascii?Q?gfjGSJHadQfGTWPxtoxGJRWogTfcMWOycW/cDwAqWijnIh3udwM+R4pPSf2D?= =?us-ascii?Q?IR7oEzifusxxsT19dvXZPIh0zBaZCYuVlfoFt9D3oV2vCWaVH1MZdABqfGNZ?= =?us-ascii?Q?rXSdy7ujTIl1e/I0DsDbaOhRxuB2Yio7?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN7PR12MB6838.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?0youKLwOG6ejk3axXYzkJ0tnE4A054cJHP9WrZ1omuVvpyrZyoabuAVFzNO3?= =?us-ascii?Q?ZUhqNh9dc6yDSeo5B6lKYTqpK+CuZqmoNCP6ScnT8OpHVwY0a/qfSexIEIrD?= =?us-ascii?Q?BDhuMofWOiPGlua+sDOPqOZ7WmHwGxVNtRaJjNKJNc0iK6gvLdrbejbzIoNe?= =?us-ascii?Q?AFrpSLXKvxPgcTvknnHlUmutS14JtZD9EJT1m6IM8XQr5auFRw8wCR0eRw4D?= =?us-ascii?Q?a1YD7vTa1/RaduJnqK9ky39pzrITbJkG3H8TroucjEUTbDglSPk+q3oEHj2W?= =?us-ascii?Q?vG1a46pdganpJi846s6NceaAiifVqp1hMP5vdEe9TXfmKaAwPyYfTU0W3PWv?= =?us-ascii?Q?6fNNCDbJ0YePMpa0JtRQdWjux2edUcca9462YgRfyPIw2EN/2vLt9wKFRwi+?= =?us-ascii?Q?4RIrwCnqw7gNOXev5eo0AK+NpUkTyage7k/pBo+fHNHIptzVgVStuK9w4/hh?= =?us-ascii?Q?rKuQaanh+/dIyyprgqenoRUettdJ3StdBnAxo0mL8JhOUyfMkGU/QLXyOqWO?= =?us-ascii?Q?k98DsWcHOWGZGxTxqPYjtYxBFHfH6nB6SBpIiYgnueNqvdE7gvG1JIY+uf4v?= =?us-ascii?Q?bnV24wDXx2zlZe2LoLZMciWmupAwTz/o7afkG83cQlcvDjySbTYsxQjuDzZc?= =?us-ascii?Q?mA1CcjeFJKLNjnNj7QD81Xs8PZl3LG2nNC1+l/cuVITDVt0i/fR4O5oNTWon?= =?us-ascii?Q?xgdUkUxTQYe0n0pfDovqepJlqmv4AmQLxNpdLg0SOTI4gIlWL93Qw+K+Rs7I?= =?us-ascii?Q?YQCiCGbDOmx4Wx6hwPNgCp1Q55E+MVXKJH+Vpz9/DnYUZKL1wAEA7dne4AqT?= =?us-ascii?Q?a8Z9UR7/NTfyLVXQ98JdfT52SP5OQ3bm/yue6AZHleJ8ntEzlZC1Y3oD3vCg?= =?us-ascii?Q?CRbWqCNypLS8dWVoEqfqVWB90sMlcVf7oWPiVEw84DmH/INCN+cas1VfrUQp?= =?us-ascii?Q?cLPryGg3dZhpY3klI7Cq6udX1v94gajMPH2Gqo3UypTpQDEO4bBblHD0WeOt?= =?us-ascii?Q?1HlhvGzIj/aXrZmuEXEqidet5D1LbmokPRCdp2lKJN7LO08gMBkkNFRFwplF?= =?us-ascii?Q?Jxin8aAi5ZRFTifwxvVwYgWjR4+EYcN1P/L53SnjX5LfZM+gdDWFsaipPv2u?= =?us-ascii?Q?x3jkt7LVzxJQ9phW+oMpqpufIgyuX5xgJccOGcAq8xc1uMH8yY9gZCirVozP?= =?us-ascii?Q?OnKCH37a7Rx8Xbq9TANaS3g27bhQUuKZs3HRzNgnU4+rPMLKFfT441C0xzj7?= =?us-ascii?Q?evxBjZKNMH/HaCovA5kRfhYJ0UW2/XNtUVh9cZqUZoy8/ZpN8JWxSd5/0LmY?= =?us-ascii?Q?Ny8lqW0HMTV1HS5yNqIpHkRY3zgciN+rpriHUP7Rzq7ezGTr44gE2UW3B7lp?= =?us-ascii?Q?Q2nLNp+1fR1xZ4bAx+BMi6psCcZqrhLPfIH2uILF4Xtbgsm71AVFWY8Aqtjg?= =?us-ascii?Q?Cv4DlohTOOzfwxD9VpI4DRXQfZqV0CNe/louSTtLupykaZ44Y1STyhs+i9K+?= =?us-ascii?Q?PDACZFoDxc2k7TKbi7N/MuQCAyOflv3/QrrquiYE+1b9U0tFA49KhJqauuAE?= =?us-ascii?Q?gOSI2BI/9JtVV/U+eSHDOT1Hl8wPVwOw6wE1J9z51as9G9XWF9iTEVH+k4qZ?= =?us-ascii?Q?Vfhwe7VoOrRHpGdUeUX5KiWGXMx019pwjCrVDe6S+R8QSKz/aUQ9bEAFAZ9j?= =?us-ascii?Q?3M7qv+mQw/ukGi2G2rhFjRAy2mxssRbbBOdOUvxVltAa0fdxvZz9gArJ0T/O?= =?us-ascii?Q?slJgjgBDAg=3D=3D?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 2e563ecc-adb4-473a-ea6b-08de4d976a87 X-MS-Exchange-CrossTenant-AuthSource: SN7PR12MB6838.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jan 2026 02:49:45.6630 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: hIghcs+fet2a6YHwnsgck9C5kc9wUHRy7yIXRIeie4zJJceWsNJmm/sgxv1YhEh4oeusgfKOHfo10mPeFNDyFQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4208 Message-ID-Hash: MIMYJTFI5UDLKWLREKR53EW7I3U7YOG2 X-Message-ID-Hash: MIMYJTFI5UDLKWLREKR53EW7I3U7YOG2 X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1767754875315158500 Content-Type: text/plain; charset="utf-8" From: Nathan Chen When launching a qemu VM with the iommufd feature enabled for VFIO hostdevs: - Do not allow cgroup, namespace, and seclabel access to VFIO paths (/dev/vfio/vfio and /dev/vfio/) - Allow access to iommufd paths (/dev/iommu and /dev/vfio/devices/vfio*) for AppArmor, SELinux, and DAC Signed-off-by: Nathan Chen --- src/qemu/qemu_cgroup.c | 26 +++++++------- src/qemu/qemu_namespace.c | 16 +++++---- src/security/security_apparmor.c | 32 +++++++++++++---- src/security/security_dac.c | 59 ++++++++++++++++++++++++++------ src/security/security_selinux.c | 57 ++++++++++++++++++++++++------ src/security/virt-aa-helper.c | 33 ++++++++++++++---- 6 files changed, 170 insertions(+), 53 deletions(-) diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index 7dadef0739..7190a4f80f 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -479,21 +479,23 @@ qemuSetupHostdevCgroup(virDomainObj *vm, g_autofree char *path =3D NULL; int perms; =20 - if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DEVICE= S)) - return 0; + if (dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_BOOL_YES= ) { + if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DE= VICES)) + return 0; =20 - if (qemuDomainGetHostdevPath(dev, &path, &perms) < 0) - return -1; + if (qemuDomainGetHostdevPath(dev, &path, &perms) < 0) + return -1; =20 - if (path && - qemuCgroupAllowDevicePath(vm, path, perms, false) < 0) { - return -1; - } + if (path && + qemuCgroupAllowDevicePath(vm, path, perms, false) < 0) { + return -1; + } =20 - if (virHostdevNeedsVFIO(dev) && - qemuCgroupAllowDevicePath(vm, QEMU_DEV_VFIO, - VIR_CGROUP_DEVICE_RW, false) < 0) { - return -1; + if (virHostdevNeedsVFIO(dev) && + qemuCgroupAllowDevicePath(vm, QEMU_DEV_VFIO, + VIR_CGROUP_DEVICE_RW, false) < 0) { + return -1; + } } =20 return 0; diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c index c689cc3e40..907b2773cf 100644 --- a/src/qemu/qemu_namespace.c +++ b/src/qemu/qemu_namespace.c @@ -345,15 +345,17 @@ qemuDomainSetupHostdev(virDomainObj *vm, { g_autofree char *path =3D NULL; =20 - if (qemuDomainGetHostdevPath(hostdev, &path, NULL) < 0) - return -1; + if (hostdev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_BOOL= _YES) { + if (qemuDomainGetHostdevPath(hostdev, &path, NULL) < 0) + return -1; =20 - if (path) - *paths =3D g_slist_prepend(*paths, g_steal_pointer(&path)); + if (path) + *paths =3D g_slist_prepend(*paths, g_steal_pointer(&path)); =20 - if (virHostdevNeedsVFIO(hostdev) && - (!hotplug || !qemuDomainNeedsVFIO(vm->def))) - *paths =3D g_slist_prepend(*paths, g_strdup(QEMU_DEV_VFIO)); + if (virHostdevNeedsVFIO(hostdev) && + (!hotplug || !qemuDomainNeedsVFIO(vm->def))) + *paths =3D g_slist_prepend(*paths, g_strdup(QEMU_DEV_VFIO)); + } =20 return 0; } diff --git a/src/security/security_apparmor.c b/src/security/security_appar= mor.c index 68ac39611f..362ca09562 100644 --- a/src/security/security_apparmor.c +++ b/src/security/security_apparmor.c @@ -848,14 +848,32 @@ AppArmorSetSecurityHostdevLabel(virSecurityManager *m= gr, goto done; =20 if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_= VFIO) { - char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev(pci); - - if (!vfioGroupDev) { - virPCIDeviceFree(pci); - goto done; + if (dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { + char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev(pci); + + if (!vfioGroupDev) { + virPCIDeviceFree(pci); + goto done; + } + ret =3D AppArmorSetSecurityPCILabel(pci, vfioGroupDev, ptr= ); + VIR_FREE(vfioGroupDev); + } else { + g_autofree char *vfiofdDev =3D NULL; + + if (virPCIDeviceGetVfioPath(&dev->source.subsys.u.pci.addr= , &vfiofdDev) < 0) + return -1; + + if (!virIOMMUFDSupported()) + return -1; + + ret =3D AppArmorSetSecurityPCILabel(pci, vfiofdDev, ptr); + if (ret) + return ret; + + ret =3D AppArmorSetSecurityPCILabel(pci, VIR_IOMMU_DEV_PAT= H, ptr); + if (ret) + return ret; } - ret =3D AppArmorSetSecurityPCILabel(pci, vfioGroupDev, ptr); - VIR_FREE(vfioGroupDev); } else { ret =3D virPCIDeviceFileIterate(pci, AppArmorSetSecurityPCILab= el, ptr); } diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 2f788b872a..fbe216637f 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -41,6 +41,7 @@ #include "virscsivhost.h" #include "virstring.h" #include "virutil.h" +#include "viriommufd.h" =20 #define VIR_FROM_THIS VIR_FROM_SECURITY =20 @@ -1282,14 +1283,32 @@ virSecurityDACSetHostdevLabel(virSecurityManager *m= gr, return -1; =20 if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_= VFIO) { - g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev= (pci); + if (dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { + g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGrou= pDev(pci); =20 - if (!vfioGroupDev) - return -1; + if (!vfioGroupDev) + return -1; + + ret =3D virSecurityDACSetHostdevLabelHelper(vfioGroupDev, + false, + &cbdata); + } else { + g_autofree char *vfiofdDev =3D NULL; + + if (virPCIDeviceGetVfioPath(&dev->source.subsys.u.pci.addr= , &vfiofdDev) < 0) + return -1; =20 - ret =3D virSecurityDACSetHostdevLabelHelper(vfioGroupDev, - false, - &cbdata); + if (!virIOMMUFDSupported()) + return -1; + + ret =3D virSecurityDACSetHostdevLabelHelper(vfiofdDev, fal= se, &cbdata); + if (ret) + return ret; + + ret =3D virSecurityDACSetHostdevLabelHelper(VIR_IOMMU_DEV_= PATH, false, &cbdata); + if (ret) + return ret; + } } else { ret =3D virPCIDeviceFileIterate(pci, virSecurityDACSetPCILabel, @@ -1443,13 +1462,33 @@ virSecurityDACRestoreHostdevLabel(virSecurityManage= r *mgr, return -1; =20 if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_= VFIO) { - g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev= (pci); + if (dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { + g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGrou= pDev(pci); =20 - if (!vfioGroupDev) - return -1; + if (!vfioGroupDev) + return -1; =20 - ret =3D virSecurityDACRestoreFileLabelInternal(mgr, NULL, + ret =3D virSecurityDACRestoreFileLabelInternal(mgr, NULL, vfioGroupDev, fal= se); + } else { + g_autofree char *vfiofdDev =3D NULL; + + if (virPCIDeviceGetVfioPath(&dev->source.subsys.u.pci.addr= , &vfiofdDev) < 0) + return -1; + + if (!virIOMMUFDSupported()) + return -1; + + ret =3D virSecurityDACRestoreFileLabelInternal(mgr, NULL, + vfiofdDev, fa= lse); + if (ret) + return ret; + + ret =3D virSecurityDACRestoreFileLabelInternal(mgr, NULL, + VIR_IOMMU_DEV= _PATH, false); + if (ret) + return ret; + } } else { ret =3D virPCIDeviceFileIterate(pci, virSecurityDACRestorePCIL= abel, mgr); } diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index 2f3cc274a5..05086ad9e1 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -41,6 +41,7 @@ #include "virconf.h" #include "virtpm.h" #include "virstring.h" +#include "viriommufd.h" =20 #define VIR_FROM_THIS VIR_FROM_SECURITY =20 @@ -2256,14 +2257,32 @@ virSecuritySELinuxSetHostdevSubsysLabel(virSecurity= Manager *mgr, return -1; =20 if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_= VFIO) { - g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev= (pci); + if (dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { + g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGrou= pDev(pci); =20 - if (!vfioGroupDev) - return -1; + if (!vfioGroupDev) + return -1; + + ret =3D virSecuritySELinuxSetHostdevLabelHelper(vfioGroupD= ev, + false, + &data); + } else { + g_autofree char *vfiofdDev =3D NULL; + + if (virPCIDeviceGetVfioPath(&dev->source.subsys.u.pci.addr= , &vfiofdDev) < 0) + return -1; =20 - ret =3D virSecuritySELinuxSetHostdevLabelHelper(vfioGroupDev, - false, - &data); + if (!virIOMMUFDSupported()) + return -1; + + ret =3D virSecuritySELinuxSetHostdevLabelHelper(vfiofdDev,= false, &data); + if (ret) + return ret; + + ret =3D virSecuritySELinuxSetHostdevLabelHelper(VIR_IOMMU_= DEV_PATH, false, &data); + if (ret) + return ret; + } } else { ret =3D virPCIDeviceFileIterate(pci, virSecuritySELinuxSetPCIL= abel, &data); } @@ -2491,12 +2510,30 @@ virSecuritySELinuxRestoreHostdevSubsysLabel(virSecu= rityManager *mgr, return -1; =20 if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_= VFIO) { - g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev= (pci); + if (dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { + g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGrou= pDev(pci); =20 - if (!vfioGroupDev) - return -1; + if (!vfioGroupDev) + return -1; + + ret =3D virSecuritySELinuxRestoreFileLabel(mgr, vfioGroupD= ev, false, false); + } else { + g_autofree char *vfiofdDev =3D NULL; + + if (virPCIDeviceGetVfioPath(&dev->source.subsys.u.pci.addr= , &vfiofdDev) < 0) + return -1; =20 - ret =3D virSecuritySELinuxRestoreFileLabel(mgr, vfioGroupDev, = false, false); + if (!virIOMMUFDSupported()) + return -1; + + ret =3D virSecuritySELinuxRestoreFileLabel(mgr, vfiofdDev,= false, false); + if (ret) + return ret; + + ret =3D virSecuritySELinuxRestoreFileLabel(mgr, VIR_IOMMU_= DEV_PATH, false, false); + if (ret) + return ret; + } } else { ret =3D virPCIDeviceFileIterate(pci, virSecuritySELinuxRestore= PCILabel, mgr); } diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index de0a826063..43046ab831 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -50,6 +50,7 @@ #include "virstring.h" #include "virgettext.h" #include "virhostdev.h" +#include "viriommufd.h" =20 #define VIR_FROM_THIS VIR_FROM_SECURITY =20 @@ -1114,8 +1115,9 @@ get_files(vahControl * ctl) =20 virDeviceHostdevPCIDriverName driverName =3D dev->source.subsy= s.u.pci.driver.name; =20 - if (driverName =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_VFIO = || - driverName =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_DEFAU= LT) { + if ((driverName =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_VFIO= || + driverName =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_DEFAU= LT) && + dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { needsVfio =3D true; } =20 @@ -1348,6 +1350,7 @@ get_files(vahControl * ctl) virBufferAddLit(&buf, " \"/dev/vfio/vfio\" rw,\n"); virBufferAddLit(&buf, " \"/dev/vfio/[0-9]*\" rw,\n"); } + if (needsgl) { /* if using gl all sorts of further dri related paths will be need= ed */ virBufferAddLit(&buf, " # DRI/Mesa/(e)GL config and driver paths\= n"); @@ -1385,9 +1388,18 @@ get_files(vahControl * ctl) } } =20 - if (ctl->newfile && - vah_add_file(&buf, ctl->newfile, "rwk") !=3D 0) { - return -1; + if (ctl->newfile) { + const char *perms =3D "rwk"; + + /* VFIO and iommufd devices need mmap permission */ + if (STRPREFIX(ctl->newfile, "/dev/vfio/devices/vfio") || + STREQ(ctl->newfile, VIR_IOMMU_DEV_PATH)) { + perms =3D "rwm"; + } + + if (vah_add_file(&buf, ctl->newfile, perms) !=3D 0) { + return -1; + } } =20 ctl->files =3D virBufferContentAndReset(&buf); @@ -1561,8 +1573,15 @@ main(int argc, char **argv) } } if (ctl->append && ctl->newfile) { - if (vah_add_file(&buf, ctl->newfile, "rwk") !=3D 0) - goto cleanup; + const char *perms =3D "rwk"; + + if (STRPREFIX(ctl->newfile, "/dev/vfio/devices/vfio") || + STREQ(ctl->newfile, VIR_IOMMU_DEV_PATH)) { + perms =3D "rwm"; + } + + if (vah_add_file(&buf, ctl->newfile, perms) !=3D 0) + return -1; } else { if (ctl->def->virtType =3D=3D VIR_DOMAIN_VIRT_QEMU || ctl->def->virtType =3D=3D VIR_DOMAIN_VIRT_KQEMU || --=20 2.43.0 From nobody Fri Jan 9 07:53:10 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1767755012448921.9648024824666; Tue, 6 Jan 2026 19:03:32 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 76EC541C8C; Tue, 6 Jan 2026 22:03:31 -0500 (EST) Received: from [172.19.199.83] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 4BFA94404D; Tue, 6 Jan 2026 21:50:56 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id F137F41B4C; Tue, 6 Jan 2026 21:49:54 -0500 (EST) Received: from SN4PR0501CU005.outbound.protection.outlook.com (mail-southcentralusazon11011032.outbound.protection.outlook.com [40.93.194.32]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 8933641B9F for ; Tue, 6 Jan 2026 21:49:51 -0500 (EST) Received: from SN7PR12MB6838.namprd12.prod.outlook.com (2603:10b6:806:266::18) by MN2PR12MB4208.namprd12.prod.outlook.com (2603:10b6:208:1d0::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9478.4; Wed, 7 Jan 2026 02:49:46 +0000 Received: from SN7PR12MB6838.namprd12.prod.outlook.com ([fe80::69ae:2df4:372b:6fbc]) by SN7PR12MB6838.namprd12.prod.outlook.com ([fe80::69ae:2df4:372b:6fbc%7]) with mapi id 15.20.9499.002; Wed, 7 Jan 2026 02:49:46 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=hjDfqfHExQNy6P9EJ46Eo0nJ3pEqldXK/OU9c85tbImfedZsjMB6q4Le3mW266PGiojQVbhdJusWSgXuM68mFLOg5WXj/2DnfwPOeSbE2LgbcIUklP76Xbl2aGw6MBCVeuvE/iqifxdWFHRw6Gpze59+l9L0FWjPyclIAKNkQHv7FcO2l+IRI3lJ92vlDbP8bhIomBttYYs07nEYtLYRJFEo+K6P+dhkCpYHrdUob2r82acOM+7O9i4SRmkf2Otup1qX9mlEFYl8pfzWlLK9ZbMwpPVCjeyqZR1MziQtBfG000mlSeTXxUCfpGqpeHqvv5/yxg8SlDZFbFpodmvHmg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=9QlOAU+yRr8W1EKpIadpH0FwaA92irrAxxZ6EyXPlp4=; b=w8UtAJb/6/pxLoYawhPTjDgOVJfkkmfovqvLKR3/0Q1lytgcmRTfVSIwTm8Q/o0aO6EA2iMkixkOJUoypoPd3IbP/7RVO+2IiV9S+m9+hQzzz4x3f9tyS3JVjy6CiZ/5e6bV/zmEEkRqAr9xTFVZi+ZBIswjLg8Ir6CEEvIJjjhMneZzZfhxu+qarNeBBtS2J/eb7OukgMyQNJO0mO2iOWIdXcDPSvJYf6U79a8RCL+Noa2r2WXo1dy3FwijVT5Q52PD76JDBhz8VSxrlfm6qwmd3+IG0DmUhEQA9b1fGVfRliildLHRVQ5WuP7LnTAggCWXPTFnGHLy4yRj2KLgHw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9QlOAU+yRr8W1EKpIadpH0FwaA92irrAxxZ6EyXPlp4=; b=SoOZ6ldj1ZWdvHcMetu+8iVr70dyF6JiYPEyETYLTXQSL70JsNqpo41WUDPXZVf5NdPX2PejUUpYQhSfPk/esV/vK6iugF16CR2sPCRShuf2dM1R+FZKGG+QNXkB/e7Tl/idF9xYhIxaWEalxKNS0f4vSytnpvHGseW0LhyOKySinnHvdHhvWvqlrv257OAn6SpCGnept3hMrSZVngGfznsXYgG7+tB2XQPEl9KrswO9wMfIkmfoUEYsoURskW8/DGeYr8ht1RMyBebEkLlhiqP+4YHPHseRyzM1glZ6mRP8mlzqdwQ15oZt3JjGkYC6FPrXGKtLC3IjvEIxbXC82A== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v4 7/7] tests: qemuxmlconfdata: provide iommufd sample XML and CLI args Date: Tue, 6 Jan 2026 18:49:38 -0800 Message-ID: <20260107024938.461794-8-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260107024938.461794-1-nathanc@nvidia.com> References: <20260107024938.461794-1-nathanc@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: BY5PR13CA0005.namprd13.prod.outlook.com (2603:10b6:a03:180::18) To SN7PR12MB6838.namprd12.prod.outlook.com (2603:10b6:806:266::18) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SN7PR12MB6838:EE_|MN2PR12MB4208:EE_ X-MS-Office365-Filtering-Correlation-Id: aa03f416-4970-4af0-cad1-08de4d976b2f X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|376014|1800799024; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?df7L9skylAUkKOV86z+NgGGsg4OUVc2R3wQt49QBzETRBOCS8Pk6kxtNFZ3B?= =?us-ascii?Q?noPp4rxe+Q4pJR9wPJgComJ1SY7QsCmq62Pvuc06v4PaiCYenSdQVb+J5jQ5?= =?us-ascii?Q?m/LtIVgHHN9VfD9CL7Zk8KyA6ReddISknTqO9VEV7G0ddVpRee0tfDUniYuR?= =?us-ascii?Q?B7ytXEQbfCPQBQl6x7jd3UI8bnmged9ODWTyCcT0J3YhmEfboEQI7Zzkrq5C?= =?us-ascii?Q?GAoLqLYJRkuRWP40/GVMzcCp8fHEemAgI65JEveCHGJTZ1A519P9eLep2aVt?= =?us-ascii?Q?TRcqcbk/o+6sg779yX4+yK9nbW5jx9MSVuRYlJLVo2pWihRj7eg3lBd58fHS?= =?us-ascii?Q?ujrAv2WDZY8nfThbscFmNwa0SbQ20EcCFhClKvh8HOnoGIYtnfMHKZJi1dF5?= =?us-ascii?Q?jU/RaAoqDW+36HzwgEqz2s5ka8z6/kgPsdNJo2G7EOOBgz0IgBT67VbtXF1O?= =?us-ascii?Q?arLmiHsRzuWASm5Q0F2ANZNIz7lQansFBIXEH8keSq3nPWhztvHzixeH0DbP?= =?us-ascii?Q?2EJadzCz1QPovG5lhlHYcBJewksCGLN9g/PhAmlKh3YS+PDu54fjAku1ppKO?= =?us-ascii?Q?Bq3nD1XUHyo08Dcn21zgbAk+o3586NM5P0FwGBttPbC10Sjl6q4mB2bO/i7S?= =?us-ascii?Q?3ZpQPgAFdmceJ6FyhXhWCRIBE+ZP6zEnBzY1g3TAHMp9Z/M1uImauJY7zxjp?= =?us-ascii?Q?CEeWE+pxU/lDyh8PNzmQ4tp1WDR+ZKmQenWLBRGo+gGTbAvJ781FQXpPwVgn?= =?us-ascii?Q?buN71GeYHrp6RW7CnttQ/eM5HC/TbxipnMw1hl6vq+n6mXq67EKJVsE3VNZ/?= =?us-ascii?Q?bNP87dY/r/FT8eUiK96E8QRLVc4em8s4N1mGmap6snk0QTY2XMwqTBsTf7vj?= =?us-ascii?Q?KG3dEfqiuw+Z3QyngV68JZdAvq/aGMoH3aMVYzdXap6B4W5Ibm7YdEtWxjzd?= =?us-ascii?Q?YeKPRbIKNryuVKi1ec5rndLzQ9vgjk2jY0naWUfgqL7TiQkEdQTMYCxbxIKS?= =?us-ascii?Q?SigKE2PTy/amcJBOZa+c0EpVdnanrdeFUFblsaxV7ZXVKKJf1wOlBBBbkSOQ?= =?us-ascii?Q?1qamKsTNhHDfPVlz934R2NetTGmWVdbMK3Lv0YytetHcRDX2iBBFIAGB/Ijf?= =?us-ascii?Q?nLcYgxg3dkYTkDUBIZNzT6UW+lg8g4KecJLREmUMBlyqPtMz+XZUM64wYaq9?= =?us-ascii?Q?l05HwmojEh3okGqe1ZymR+y/xxbqs/+uXpZibZKsweEAmhEGPxhXEbHUkzvv?= =?us-ascii?Q?UUD34hQvki3BbpQ+zV2diMN/MhzunD/Wmtis2nlNhyW5XdTKQMOW8vwNN5bI?= =?us-ascii?Q?GV31XPA+VKo0EXNbAPwZ29QkTtOdM8BgWF/uOhiO8/vQobHm09Apr6zHvZwf?= =?us-ascii?Q?7kXLO8dkP4+4XcEAEOikvDBIL1lKFsgQwO2V7j3q0jpkMvTZZxt+FKq/y/PG?= =?us-ascii?Q?DGJX7ZMsRkhyL1IG51pdEH8FguyWaPKH?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN7PR12MB6838.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(376014)(1800799024);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?wPtLWHMiGDUES9jUCWkiDo5/YSx6XWBHnDra3Aup7c6nm30Sko3B7IbtPGCQ?= =?us-ascii?Q?ca7Vk+coNLWsYaHcoLMZnnSH+hWUGmC1t75vhZILkj1rPK4uVFlaCG8NcS4t?= =?us-ascii?Q?hu2tEHGgkNvymwt/mK75kahh9648M4aOS+gRVs+6gQ7smy/57T26yAErQM3b?= =?us-ascii?Q?aHCU83O2p6UyZTC1lssKmjDWGxGoiTRRmdXlw49EiHJdNJSJBryPJrEMSvU9?= =?us-ascii?Q?1ZqwYASvu684c+h3AS5CjBQiuMnfu0CJAvXf5taAoXqf9IMrJ03ISzaRWjPa?= =?us-ascii?Q?rlqcX1iI5XcZPX6drlo21xQCXrNy/Sj0udyDr7kAnY4az1RIVce8evlSWPiI?= =?us-ascii?Q?f378WXIf8g4+XgEGfzmSqM5ZeJqUeAUazF8dER6Kf28XfALiyKoopMQ/LYCb?= =?us-ascii?Q?gKKLJjp/eXBX8epyP72nUUROyEeeTAm9w98dQFi3Dm+kXhvB/TKLGxLCvpRd?= =?us-ascii?Q?mlEgvLKuN0gnKZ+gxo0vDU93akyDTSjFIU/HXOx5ObDQKsTbPZynDyDmcmlB?= =?us-ascii?Q?MrS6uljXbZp1PooE0kJkpYaIufRzs7AFPfVzOVoSVGJHxnDCt94h6mLcFJm8?= =?us-ascii?Q?r9Hdccf/Gl8sKY2yanBeGAm+I8lye/9B+FHIbV70uvuYlTUgY+kb8H/m42OA?= =?us-ascii?Q?uQv41o3VCkbrjWrOoq3BpMzRCNKB3fnwWE7hwvNay0t8kV/ESJTsGMJtfrT3?= =?us-ascii?Q?8Rdyo9DWyvFpAdlW55y3xMSZ+pCcGZaa18ent1iFV5pLshWnkV8ehawKpnuD?= =?us-ascii?Q?8l1CL1FLfhe7+97kvl1xqTtdxWTqlgsWzqt173CGuUyd7KwGfqk3OGg1PXWs?= =?us-ascii?Q?MbOJ/DTxotm5FVs+7uxXjPynn/8Luncdu4Jrl/PCZISqnahwvhyjkI3TrunY?= =?us-ascii?Q?IThdodmwZ1rgF6lgoDMEoYO7F+PhEa0jBLnXOmZ6VYEOFwWoMyb/62DgCmA5?= =?us-ascii?Q?ZnXBeBxjCEaM25Ht6JFMKoWlaLewESZ/d+ATGFNnJvpa8aXnAXxE6X00w/at?= =?us-ascii?Q?hscEpbXKIVQRoPbhUhNVl9rWx6Ezz4XiTUS+VyHnPdzjTBMvQt8h8P6xidba?= =?us-ascii?Q?XeneOI7vRRuOwtE61DdRj2I4dQ5/Hp7AWnx3h/cP29DGtLkuZ2A/Wic0XL4s?= =?us-ascii?Q?MWdur6w7nzxgU1t6kKrhps9FbM/z0jA+YJYF5wWN2SWq5gmaAQMeNscspj2R?= =?us-ascii?Q?+KateEqpL+1kc4eRH+FrcF7i1fctH2iyrYxvAKEBbemPiWYRIvt/uDOk5exA?= =?us-ascii?Q?m8CSLDTkrpThbDAV0L7NEDcFxouZIlnY3oxIamz7yk5jwH4e2Fl3T8UsWpBf?= =?us-ascii?Q?1F/rS7ItR5mMxz/Klg2btK12yNjHKKRqtWL9Q0mSXsuvoOJCfvJHtbQO6bi0?= =?us-ascii?Q?fzGP4lQ8ePgLgz/O6Z1dEsVLDiWPxi06YvmQqsLRsZk7ejnxtWd8XevZeOf1?= =?us-ascii?Q?zzw34qwWlTlj/Pk02fSxRtm7jnUgpeWcRX52psX1l/75rpLG1SCgyIe1aCx0?= =?us-ascii?Q?Jui2zCS8hDLsccPTJAsIHl5GVcKPQ7QRy4eqhirFtQqmAWpogPvNSYXCs+oO?= =?us-ascii?Q?Mugb+exIy+s1nxX6KSLlZuYCwVGqRyRlLOvt/Ea4/03Rk1H471w2BK7nHFYj?= =?us-ascii?Q?6myfmPeHMvOZThx8yZGonIBNld4gxW1M4EJW3jXXDB5EiLokUc/4kObPlh7W?= =?us-ascii?Q?K1Guz1448Xij4e+3OZC6BaDzJ3mrnaSOJSHDY1RJvAFLFyUeCqOCq+xBs+HQ?= =?us-ascii?Q?Ms+yDjcy6Q=3D=3D?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: aa03f416-4970-4af0-cad1-08de4d976b2f X-MS-Exchange-CrossTenant-AuthSource: SN7PR12MB6838.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jan 2026 02:49:46.8095 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: FazHUj7u69NH4eVdN5QYqn5L05iyNITE1m5AZ8KQWjyziINyPeGvV5gc+hAsrsMvQ9VaQ7fCMy+EubJ7qsB4sw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4208 Message-ID-Hash: 5NM3FTQFP7TAENEGIBBA7NZNYX4AOJDU X-Message-ID-Hash: 5NM3FTQFP7TAENEGIBBA7NZNYX4AOJDU X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1767755014065158500 Content-Type: text/plain; charset="utf-8" From: Nathan Chen Provide sample XML and CLI args for the iommufd XML schema for pc, q35, and virt machine types. Signed-off-by: Nathan Chen --- .../iommufd-q35.x86_64-latest.args | 41 +++++++++++++ .../iommufd-q35.x86_64-latest.xml | 60 +++++++++++++++++++ tests/qemuxmlconfdata/iommufd-q35.xml | 38 ++++++++++++ ...fd-virt-pci-bus-single.aarch64-latest.args | 33 ++++++++++ ...ufd-virt-pci-bus-single.aarch64-latest.xml | 34 +++++++++++ .../iommufd-virt-pci-bus-single.xml | 22 +++++++ .../iommufd-virt.aarch64-latest.args | 37 ++++++++++++ .../iommufd-virt.aarch64-latest.xml | 56 +++++++++++++++++ tests/qemuxmlconfdata/iommufd-virt.xml | 29 +++++++++ .../iommufd.x86_64-latest.args | 35 +++++++++++ .../qemuxmlconfdata/iommufd.x86_64-latest.xml | 38 ++++++++++++ tests/qemuxmlconfdata/iommufd.xml | 30 ++++++++++ tests/qemuxmlconftest.c | 34 +++++++++++ 13 files changed, 487 insertions(+) create mode 100644 tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.args create mode 100644 tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.xml create mode 100644 tests/qemuxmlconfdata/iommufd-q35.xml create mode 100644 tests/qemuxmlconfdata/iommufd-virt-pci-bus-single.aarch= 64-latest.args create mode 100644 tests/qemuxmlconfdata/iommufd-virt-pci-bus-single.aarch= 64-latest.xml create mode 100644 tests/qemuxmlconfdata/iommufd-virt-pci-bus-single.xml create mode 100644 tests/qemuxmlconfdata/iommufd-virt.aarch64-latest.args create mode 100644 tests/qemuxmlconfdata/iommufd-virt.aarch64-latest.xml create mode 100644 tests/qemuxmlconfdata/iommufd-virt.xml create mode 100644 tests/qemuxmlconfdata/iommufd.x86_64-latest.args create mode 100644 tests/qemuxmlconfdata/iommufd.x86_64-latest.xml create mode 100644 tests/qemuxmlconfdata/iommufd.xml diff --git a/tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.args b/tests/q= emuxmlconfdata/iommufd-q35.x86_64-latest.args new file mode 100644 index 0000000000..7d819e141b --- /dev/null +++ b/tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.args @@ -0,0 +1,41 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/var/lib/libvirt/qemu/domain--1-q35-test \ +USER=3Dtest \ +LOGNAME=3Dtest \ +XDG_DATA_HOME=3D/var/lib/libvirt/qemu/domain--1-q35-test/.local/share \ +XDG_CACHE_HOME=3D/var/lib/libvirt/qemu/domain--1-q35-test/.cache \ +XDG_CONFIG_HOME=3D/var/lib/libvirt/qemu/domain--1-q35-test/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=3Dq35-test,debug-threads=3Don \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/va= r/lib/libvirt/qemu/domain--1-q35-test/master-key.aes"}' \ +-machine q35,usb=3Doff,dump-guest-core=3Doff,memory-backend=3Dpc.ram,acpi= =3Doff \ +-accel tcg \ +-cpu qemu64 \ +-m size=3D2097152k \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":2147483648}= ' \ +-overcommit mem-lock=3Doff \ +-smp 2,sockets=3D2,cores=3D1,threads=3D1 \ +-uuid 11dbdcdd-4c3b-482b-8903-9bdb8c0a2774 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=3Dcharmonitor,fd=3D1729,server=3Don,wait=3Doff \ +-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \ +-rtc base=3Dutc \ +-no-shutdown \ +-boot strict=3Don \ +-device '{"driver":"pcie-root-port","port":16,"chassis":1,"id":"pci.1","bu= s":"pcie.0","multifunction":true,"addr":"0x2"}' \ +-device '{"driver":"pcie-root-port","port":17,"chassis":2,"id":"pci.2","bu= s":"pcie.0","addr":"0x2.0x1"}' \ +-device '{"driver":"qemu-xhci","id":"usb","bus":"pci.1","addr":"0x0"}' \ +-blockdev '{"driver":"host_device","filename":"/dev/HostVG/QEMUGuest1","no= de-name":"libvirt-1-storage","read-only":false}' \ +-device '{"driver":"ide-hd","bus":"ide.0","drive":"libvirt-1-storage","id"= :"sata0-0-0","bootindex":1}' \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-device '{"driver":"qxl-vga","id":"video0","max_outputs":1,"ram_size":6710= 8864,"vram_size":33554432,"vram64_size_mb":0,"vgamem_mb":8,"bus":"pcie.0","= addr":"0x1"}' \ +-global ICH9-LPC.noreboot=3Doff \ +-watchdog-action reset \ +-object '{"qom-type":"iommufd","id":"iommufd0","fd":"-1"}' \ +-device '{"driver":"vfio-pci","host":"0000:06:12.5","id":"hostdev0","iommu= fd":"iommufd0","fd":"0","bus":"pcie.0","addr":"0x3"}' \ +-sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,resource= control=3Ddeny \ +-msg timestamp=3Don diff --git a/tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.xml b/tests/qe= muxmlconfdata/iommufd-q35.x86_64-latest.xml new file mode 100644 index 0000000000..bb76252b61 --- /dev/null +++ b/tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.xml @@ -0,0 +1,60 @@ + + q35-test + 11dbdcdd-4c3b-482b-8903-9bdb8c0a2774 + 2097152 + 2097152 + 2 + + hvm + + + + qemu64 + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + +
+ + + + + +
+ + + + +
+ + +
+ + +
+ + + +