From nobody Mon Feb 2 05:55:48 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1769799717791389.9287195610076; Fri, 30 Jan 2026 11:01:57 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 8ED1E41A0E; Fri, 30 Jan 2026 14:01:57 -0500 (EST) Received: from [172.19.199.6] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id A73AC41B59; Fri, 30 Jan 2026 13:59:37 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 942B23F870; Fri, 30 Jan 2026 13:59:27 -0500 (EST) Received: from BN1PR04CU002.outbound.protection.outlook.com (mail-eastus2azon11010039.outbound.protection.outlook.com [52.101.56.39]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 4C7BA3F878 for ; Fri, 30 Jan 2026 13:59:26 -0500 (EST) Received: from DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) by SN7PR12MB7106.namprd12.prod.outlook.com (2603:10b6:806:2a1::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9564.7; Fri, 30 Jan 2026 18:59:21 +0000 Received: from DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5]) by DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5%3]) with mapi id 15.20.9564.008; Fri, 30 Jan 2026 18:59:21 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=Z3+uHXoKDXwn3oJOONXvoBXEsjhZihdfNeWBrEO7iTwq6fBiE0wBSZABStxRQnv+2ys2XrfgG4/CvxSS4dLSxUPP9qWCJXl0bMPYJbQavmanyAlTUwpjb67aZMmK9lshnVfwZLCpZXaD9/BFXtur3l4OBWMKrr5HmxEwTdou11EqrOMk0Lb2waM9iBE5HlBPenLUxjtHmeczxBUrQ7sU61q9C0glYojyt52gch7rCca6m31TC1d1cNvWdgfVQKJOfLrvTHwCEVH0eqWY5/D+eclz/Vx1qlsnvuBa7Shc+/ALlPz/8ONscUZI0QzCMajELu8ez5dodpkD/gyClF4Bbg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=/75/67k305sTDMgiXMGx+i4LTodbTeFakdaw4ayVrEc=; b=K39uzvVQW65xz77FwjwmHFC0/u3dwXsvamGmwhYouyzenHEs8QWwrBHCRQbbAUBy4xIM0kUPjh100noR5XKzeWa8l6o77oFEjHZeJp1CPlbjmrcMxa0PBP8dOkOL9i+FFIW/8DhyZrIeQPvKz6qEh8RCwUlhO7XVeTW3g9BdMG3v7FftPrRGdOEBwNKtVf1CQIGUL6Z5FWBbLERu3L1pGSFpFJBdz57CkCP9OVCxxGo300cESoze9Tp7J0pXfaXavNKk1jIgMq9OQgtJMU0cj5g/jBOQ++MVAk91Mv0ah0MZeLb5hN7hSoA1CYEKZkrW3VWh/pF8oSdGaL7vf3x3rg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/75/67k305sTDMgiXMGx+i4LTodbTeFakdaw4ayVrEc=; b=UVZE8O64QRPPFRval3GbnO3beqt6hhnNLz7Ko3wSWj2mY742cdRIYyKjS9iEmjuyAsFk7yPMHoBcgp8DwXbpvQb7fsFtnB6/GI8hjAPDpGTG6v5JEbazlmonOkE1E9ByYazFjpwQJQM3WPh4KYNBSLFdwzcMx0Acr9t7NOMPt3WmLHKzbkJkyGJooBySzNd/lKggthXPU1//tCo5hmXbTm3/GjiQZedIvpHxwVfD4/b4o6kv7lG4kPI4WS/Q9jAAsQwIUYUilRM1PlPMor7u5eV15tl1LKQ2fuKTaE2W5QeiaNNu6Ku3+YZIi+UZyEWiT9iu2c9Iv30shsNwx6b3UQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v6 1/7] qemu: Implement support for associating iommufd to hostdev Date: Fri, 30 Jan 2026 10:59:12 -0800 Message-ID: <20260130185918.4154310-2-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260130185918.4154310-1-nathanc@nvidia.com> References: <20260130185918.4154310-1-nathanc@nvidia.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SJ0PR05CA0066.namprd05.prod.outlook.com (2603:10b6:a03:332::11) To DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PR12MB9567:EE_|SN7PR12MB7106:EE_ X-MS-Office365-Filtering-Correlation-Id: fe71bae5-a506-436f-aa43-08de6031ad43 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|1800799024|376014; X-Microsoft-Antispam-Message-Info: =?utf-8?B?VjRWMWU0RFluOTBtM05CKzdsYUdidi8wSlJwcFp4ZlpUbGRWaTF0WnY2OHoz?= =?utf-8?B?QUdxZk5zaTE3MWhKbzBacExSOFZHT25ta0dMVno0NjkvSzd4ZkpHdFFkY25Y?= =?utf-8?B?UzNBV2JVYk1LNnZsWFpITUsyS2hLVlZncjF3ejJWdU5Ha0JJRW9iVnB4SlZj?= =?utf-8?B?K1FxVHphMHVCVHQ4K3ZkLzF4Z1M5RUp0aFk5NUpHbUJrYitqaG1BOGdRdFVO?= =?utf-8?B?eElJOWIwZnFaUVE5OWVtY2NDZDVUNmZPdWhKTmFtaHVHUXhzcEhkQm5WNk1G?= =?utf-8?B?NVROMXJna0YzU21JOXlFMGp0QW9pSXhVb25RRzVzbkZLUElsdHV6ZTFBdkFT?= =?utf-8?B?d2dtRjB2QWZQZTVBOG43d0dEdmRqZzVjemkrV1ZOMnpvekpLNGdKSzUzSFNh?= =?utf-8?B?TzNoRC9Tak9qdXo1a3JwVWRWTWp5K2k4NkRqMXVrS2tNeXBIZ1Q3blQ2QnBC?= =?utf-8?B?YW1TS2ZXa3NCQmVqWm9YMkxVcElYczdLWllFT0tBVHVYMlpaemNXcU9YOXBw?= =?utf-8?B?b3UrWUJ1Znk1bmdhdzZOSmxkVDI0RUpIQkRxSTErVnllMFZwQ1ZwR3hQSVNn?= =?utf-8?B?eVBIODAxdmsyYUYwd29rOW5iRDFybWlIZjRQTWtnRXNzVmtjOWM0aEUrYVdS?= =?utf-8?B?Wk1mK0tFcU11MlkyZDhzY2Qzak9CYVpJZTlWWUoxOW9CL21iZldNQTgyRmlH?= =?utf-8?B?aVExUmg2UEZ3TTVVRzFnaTlHY2ZSdlNkalRpdFlsdzcwamk3Nm5WK0tXWHdG?= =?utf-8?B?TlZUN0Rsb0o1NmdObnBCK3YyY0t4cDgzSHA0LzdPK1NlYmtGU05TVWZJaCt0?= =?utf-8?B?TkFXbGZaVjVYNjJ3SUVWQ2J6R1p4UTRmT1ZSYlJ6OW45UVJJMklVekdnSm8r?= =?utf-8?B?Nnk1ajA4Y0hwaks3elV6UXRqcjNaOElKSlk0NWxIT2t2Y2RWaTUwdUg4dGI4?= =?utf-8?B?ajBwY1R4TFRKbG1CVlkwc293ZnNJYXZWaURwYnl0Q0tVQUdCZlN6SzlKdVZZ?= =?utf-8?B?ODd0NFdxT3BaOVBYYlJSazR2WjdOVWt6dGYxZ0FSZTNmbG0xdCtDbDcxS29E?= =?utf-8?B?dzhzaDRKVWUwWlFSMnNMZ0gwMVJUK3VDOVBVbU1UdTBUZGVxN2w4clhCakFs?= =?utf-8?B?QlRXMjNOeEFQS0pnVmtPY3ltOUFBSkFSTDRrV2hQZ1lOdjE0aUtFakRVdFQz?= =?utf-8?B?d21sUGZaak8xRkljTVZJRndoWG1WcFhsYS8zbmZRUEY5VG45Q2lEY00rQmFm?= =?utf-8?B?TWo1M1NPRnlYZnYreU5xM2VrODZvc0dib1BESEV4M1JGZURnUlljaXhyU3F4?= =?utf-8?B?UjdQYnZyS002eTMrMVQ2U2dlRFZhajNGZTNYb255NTQyWTBuZVRvdm5xc29z?= =?utf-8?B?aXBvcVVOUW4rNHh0VTVXK3ROVWJteFk5cmg5QmxMYmVWbWo1QVd4anZYbGVB?= =?utf-8?B?NUNJZmpCUlhaaW0vcjFIQlNhY2RHQXlQQjhjLzVhNysxVHdEOXZYaDAvZmYr?= =?utf-8?B?bHYxcjZ6d1krcndMdGNSK2wxc290OGtRWmhlZ3JMa05VZ3U1N1lheWdVRWpY?= =?utf-8?B?NGdHU2VzNm1hMENzK1pYY0VveFpRZi9SMVp5NDdvaDl3NGdIaG11Nkk3WWdG?= =?utf-8?B?Sk92K0M0SzZzd1UxODNyT2ZIeDMzeS9CeWdMUDRaTEZYejVpaW5OdE8weTgw?= =?utf-8?B?T0N2cW5NZlBsZkFWOGlqaVVlZ1NyUFJsRzVJQTFTMlpJTWNDSExhSE1US3Zh?= =?utf-8?B?Z2xoYS9lek9mRnVLc0NaTXVmcjFNMHdZSHdlWERJYTY1WFIvTVRoRlJueXJz?= =?utf-8?B?SUY4Q1lMVGovaExWL2UyNG0zQklKUFF3NUt2akVUMGFKVHl3LzBrS3dhcEc2?= =?utf-8?B?Y3Z0NGhPcjdpNi9kMTVwQ1JpcUdQblpjNmg0WDJIMjVtamdmWERvb2pIN1hm?= =?utf-8?B?SkRrVXlwc3BNdWVMZmVYNXBGRkNMdnhXTnhsaWhzTnFvQ3VCUkIrTmpodGN1?= =?utf-8?B?N1pKVFNOR2ZsTWorNHQ5T094emRPUE5KUHpIZVV3dHhLaWhRbVNOazQ1MkVs?= =?utf-8?B?Z0JwdStRZGpuNm9lTk51dFpkcGhScUh5VmEzVkdNQUM4cmUraG9XTW5mYmpl?= =?utf-8?Q?2RHM=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS2PR12MB9567.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?TGlrRzVoYXVtYSthQmtxSk9uUGtnYnk0WlpyZ1VJQTdyVVRlQnZlcXVWYWtI?= =?utf-8?B?US9aNUZNNjMzY1RzcC9WWEJCQWJ2dG9rTmNmbm9rYUNnNmQza1gvRGw1VmFV?= =?utf-8?B?dlJaNFpYRVphYWlCOEtQWW92dmU3Z05IWWllU0xWSU9UNzRkS2Y5MWdtU09K?= =?utf-8?B?dk1qVDJWUVBxRmhCTlgrYWtGc3ZjSkVlOVNPMzlUSVhKVkxuaWJob1hBOHhJ?= =?utf-8?B?ZDBjaHBlb3RDYklHaWV6Mzl0ZVVaL2t0dC9wczVIOUZ5Q3BCbk4zbElhMXN5?= =?utf-8?B?b2Y5d3FSRjNTYUJBREdZZFh6YXhQaTVaamp2eGtjWDYrNzc1azNOVjR1VVlS?= =?utf-8?B?SXpXandRWmZhYnZNR3l1ZW4rSkNLbTA5VGhPeDMwNVJPZWVtS2pvSGFrYVBW?= =?utf-8?B?UlkxTWhMYXRHeVd6SzNvdDNXNlhSTTNSRFJ4azh0VUhzZ1JQdnZSd013V09z?= =?utf-8?B?d0xBL25KeWIzdFBLbXdyTG5EVzI2VWRZQnJkU3V6cEM1NktrOCtWUTNMTW5q?= =?utf-8?B?RjRVbVE4elBYMjlDNGhscUx6Q0wxN3NDRkZRSEVHZDNrbFU4MGxISm1pYmM4?= =?utf-8?B?NkhJdUVsY2xNRSsxakU3NXFNZHEzdWFwM1dIRVZWUlp3VFIwdEd2ck5UU3du?= =?utf-8?B?dFEvUlN2am80TUxuR1RkSk0vVFVVNTFoaENiWDZzRVpsUVdGUXFhbjkvZGt4?= =?utf-8?B?akZna21sbG44MHhscEdTMlU4R2RLdHg3YURWcjY3ZnMvMHVjaWdGS3NlVkJ2?= =?utf-8?B?dWU2bGJOcG9VZ0dkb2YwdUJGZGgrMDVqZ3pwSEhNWEl4RDhmRUdKYlpMK3Br?= =?utf-8?B?L2YrK2tpWkt2T24vcFRGaXBPajNjUDBBQ3JjaFFXKzhIWWZHOHBYRnVWN3BQ?= =?utf-8?B?NFRhVU13cmhUMVFPTndEby9iU3g3bzBiTTlaSU11ZlEwL3ZPYkNqaHc0WW9B?= =?utf-8?B?T1FkNXdvVm9YblJ1MWh0SW1KZXl4Zm85Mksrd3VLZ0lwbHdKM2lSZkFXYm93?= =?utf-8?B?TXdMM25pZVNGNDJhekNJQ0pOR0ZMZkZESjVGSWRJYUk2NTQvMG85cWZ6RTJX?= =?utf-8?B?Z0pOdHpzMFVHem1QbFNaeXNPYVhpRnp1ckZrUFk3YVpVcFJ4TkJNeGhNYytD?= =?utf-8?B?RjlMeUdiVERFNWF5S2IwYy9SeFBCci9abFpacEtKVjNLUUsvdUY4Z0kzaGty?= =?utf-8?B?Uis3YkpqT2F2SjFWSkJrSU0wVDdkZXVpWHpBZGpXa01UNytWWHdaOStvNEdK?= =?utf-8?B?Vk1tTVkwK0xqQXBId3dXUGNnSjJXd3VQV0tzY3BYMXJqLzRSRkRaOXJzVWVr?= =?utf-8?B?MTlYeG9vVmM4Tk1LY09QV2NhbHVkcHRmajZZZkY5MGx6aVpCcjA2LzBNWlVG?= =?utf-8?B?TDM1bVNsWnFJVk1IS1EvSWl5RVpiRjU4RE85dHBrWE82RklrelhUVU5FY0d1?= =?utf-8?B?QmROT25xMkNKQUg5VFRXOGJoQlVHQVB1N210MlpTUkpGSUNlWjZaRlZkUTAy?= =?utf-8?B?elNNRGhUNUxkaTNXSm5qUElPK1d1RGxtQlA4YVQ4d2NnbnJuVHBaZjFuRU9n?= =?utf-8?B?cHNVd1hqeHNnbEdHUUd4M0pVSHNhS2NHUHI1czJVVzh0Y2V2Q3RlSmVZM3pS?= =?utf-8?B?MmxSb3lDSURIR3VYYkxDeGF3cGlMaXlUV3hRM1BMZkZvUFByNndSMmdtdmZt?= =?utf-8?B?dWVZOXpZNHlVOFZza3ZpbkkzWGdlNkZyV2dpMEc3ekN3d3M0OHpYUllwZFFX?= =?utf-8?B?TlI0UmVVU1BEN1lMQjRmUUNiZmdXQzFSaTFETTV1S1NXNEhCL1Q4NFYrNE0y?= =?utf-8?B?SnRYQmU2a0c3bDA3YUpnV1dMTFd6YitOYkRQVGR2bWZ4aWc2aE41Rkk3S3hL?= =?utf-8?B?YzEyRU00Yi80MFdqV1dkZmVUOXFKLzFkUnFGQU10eE1RVVVBUm9CWmhnMTdl?= =?utf-8?B?SzhKYy9RczdaRCs1YStmV3FKSGdiWWxVRm1kZ3NGSFlsNnJxN3ZSTU5zSmtj?= =?utf-8?B?cWJHdW44ekJNMElGeGo1YmtMR0greDNzbk1DaTUvdG40T1RlbUFHM3VDNXVG?= =?utf-8?B?bFpPMXBXN2NkSi90Nnk4Vi9rcHRSdWVISTZERFZZRFR3aEUxZitadDZYZlpM?= =?utf-8?B?cFY3WXlocVd4c2JCNnhCbTZrMWxocVRVa090RmRaU1IwL0NwditESGhPRmJK?= =?utf-8?B?YXRVeGxJUS9FdTBDdWdGZVhKdjZ4c21yaWJsVVZ1VjRSVy94aWNGc21jZEpz?= =?utf-8?B?cHowbzY3V1haYWlpQ1hJeUNkSWhaaENEWVpoQTBMVUtoL0hseG1lTVNPeUVv?= =?utf-8?B?L2tMVEUvNVJxakpUclJ0b0dJR05aaUFodTlabXQ1N2lVVVBrWUdjZz09?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: fe71bae5-a506-436f-aa43-08de6031ad43 X-MS-Exchange-CrossTenant-AuthSource: DS2PR12MB9567.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Jan 2026 18:59:21.0621 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: ddDvR+BhnKsWARmPfYp+wQUOYFC6uMRZwGpmScB+ruy3ScqmfgJ+9NIpPFq3h4XXzVJ0DXHj3DKl2eEtlcrGIg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7106 Message-ID-Hash: JGJHQV4G4YH2TCGIK6FSLYTIWDW5LCCP X-Message-ID-Hash: JGJHQV4G4YH2TCGIK6FSLYTIWDW5LCCP X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1769799719630158500 From: Nathan Chen Implement a new iommufd attribute under hostdevs' PCI subsystem driver that can be used to specify associated iommufd object when launching a qemu VM. Signed-off-by: J=C3=A1n Tomko Signed-off-by: Nathan Chen Reviewed-by: Pavel Hrdina --- docs/formatdomain.rst | 6 +++++ src/conf/device_conf.c | 11 ++++++++ src/conf/device_conf.h | 1 + src/conf/schemas/basictypes.rng | 5 ++++ src/qemu/qemu_command.c | 46 +++++++++++++++++++++++++++++++++ 5 files changed, 69 insertions(+) diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 04ef319a73..f85a113344 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -4920,6 +4920,12 @@ or: found is "problematic" in some way, the generic vfio-pci driver similarly be forced. =20 + :since:`Since 12.1.0 (QEMU and KVM only)`, the ``iommufd`` element + can be used to enable IOMMUFD backend for VFIO device. This + provides an interface to propagate DMA mappings to kernel for + assigned devices. Libvirt will open the /dev/iommu and VFIO device + cdev and pass associated file descriptors to QEMU. + (Note: :since:`Since 1.0.5`, the ``name`` attribute has been described to be used to select the type of PCI device assignment ("vfio", "kvm", or "xen"), but those values have been mostly diff --git a/src/conf/device_conf.c b/src/conf/device_conf.c index c278b81652..d68232a4f4 100644 --- a/src/conf/device_conf.c +++ b/src/conf/device_conf.c @@ -67,6 +67,11 @@ virDeviceHostdevPCIDriverInfoParseXML(xmlNodePtr node, return -1; } =20 + if (virXMLPropTristateBool(node, "iommufd", + VIR_XML_PROP_NONE, + &driver->iommufd) < 0) + return -1; + driver->model =3D virXMLPropString(node, "model"); return 0; } @@ -93,6 +98,12 @@ virDeviceHostdevPCIDriverInfoFormat(virBuffer *buf, =20 virBufferEscapeString(&driverAttrBuf, " model=3D'%s'", driver->model); =20 + if (driver->iommufd =3D=3D VIR_TRISTATE_BOOL_YES) { + virBufferAddLit(&driverAttrBuf, " iommufd=3D'yes'"); + } else if (driver->iommufd =3D=3D VIR_TRISTATE_BOOL_NO) { + virBufferAddLit(&driverAttrBuf, " iommufd=3D'no'"); + } + virXMLFormatElement(buf, "driver", &driverAttrBuf, NULL); return 0; } diff --git a/src/conf/device_conf.h b/src/conf/device_conf.h index e570f51824..116b959143 100644 --- a/src/conf/device_conf.h +++ b/src/conf/device_conf.h @@ -47,6 +47,7 @@ VIR_ENUM_DECL(virDeviceHostdevPCIDriverName); struct _virDeviceHostdevPCIDriverInfo { virDeviceHostdevPCIDriverName name; char *model; + virTristateBool iommufd; }; =20 typedef enum { diff --git a/src/conf/schemas/basictypes.rng b/src/conf/schemas/basictypes.= rng index 5689170fad..381e0ac24f 100644 --- a/src/conf/schemas/basictypes.rng +++ b/src/conf/schemas/basictypes.rng @@ -673,6 +673,11 @@ + + + + + diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index e81efdfde7..fb09c678f3 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -4761,6 +4761,7 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, g_autofree char *host =3D virPCIDeviceAddressAsString(&pcisrc->addr); const char *failover_pair_id =3D NULL; const char *driver =3D NULL; + const char *iommufdId =3D NULL; /* 'ramfb' property must be omitted unless it's to be enabled */ bool ramfb =3D pcisrc->ramfb =3D=3D VIR_TRISTATE_SWITCH_ON; =20 @@ -4794,6 +4795,9 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, teaming->persistent) failover_pair_id =3D teaming->persistent; =20 + if (pcisrc->driver.iommufd =3D=3D VIR_TRISTATE_BOOL_YES) + iommufdId =3D "iommufd0"; + if (virJSONValueObjectAdd(&props, "s:driver", driver, "s:host", host, @@ -4802,6 +4806,7 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, "S:failover_pair_id", failover_pair_id, "S:display", qemuOnOffAuto(pcisrc->display), "B:ramfb", ramfb, + "S:iommufd", iommufdId, NULL) < 0) return NULL; =20 @@ -5321,6 +5326,44 @@ qemuBuildHostdevCommandLine(virCommand *cmd, } =20 =20 +static int +qemuBuildIOMMUFDCommandLine(virCommand *cmd, + const virDomainDef *def) +{ + size_t i; + + for (i =3D 0; i < def->nhostdevs; i++) { + virDomainHostdevDef *hostdev =3D def->hostdevs[i]; + virDomainHostdevSubsys *subsys =3D &hostdev->source.subsys; + g_autoptr(virJSONValue) props =3D NULL; + + if (hostdev->mode !=3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS) + continue; + + if (subsys->type !=3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI) + continue; + + if (hostdev->info->type =3D=3D VIR_DOMAIN_DEVICE_ADDRESS_TYPE_UNAS= SIGNED) + continue; + + if (subsys->u.pci.driver.iommufd !=3D VIR_TRISTATE_BOOL_YES) + continue; + + if (qemuMonitorCreateObjectProps(&props, "iommufd", + "iommufd0", + NULL) < 0) + return -1; + + if (qemuBuildObjectCommandlineFromJSON(cmd, props) < 0) + return -1; + + break; + } + + return 0; +} + + static int qemuBuildMonitorCommandLine(virCommand *cmd, qemuDomainObjPrivate *priv) @@ -10933,6 +10976,9 @@ qemuBuildCommandLine(virDomainObj *vm, if (qemuBuildRedirdevCommandLine(cmd, def, qemuCaps) < 0) return NULL; =20 + if (qemuBuildIOMMUFDCommandLine(cmd, def) < 0) + return NULL; + if (qemuBuildHostdevCommandLine(cmd, def, qemuCaps) < 0) return NULL; =20 --=20 2.43.0 From nobody Mon Feb 2 05:55:48 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1769799776600510.6076904743778; Fri, 30 Jan 2026 11:02:56 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id B69B741A35; Fri, 30 Jan 2026 14:02:55 -0500 (EST) Received: from [172.19.199.6] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id A8C0A41BE0; Fri, 30 Jan 2026 13:59:39 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 3A94E41802; Fri, 30 Jan 2026 13:59:29 -0500 (EST) Received: from MW6PR02CU001.outbound.protection.outlook.com (mail-westus2azon11012032.outbound.protection.outlook.com [52.101.48.32]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 4332C3F878 for ; Fri, 30 Jan 2026 13:59:28 -0500 (EST) Received: from DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) by SN7PR12MB7106.namprd12.prod.outlook.com (2603:10b6:806:2a1::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9564.7; Fri, 30 Jan 2026 18:59:24 +0000 Received: from DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5]) by DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5%3]) with mapi id 15.20.9564.008; Fri, 30 Jan 2026 18:59:22 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=tfYKsZEF+9UxRqhICO/MI3jqfVOcBr1lZrXsbe/S0OPpVx/Cv5lfBiwh/IKKjq14YFbUw75ziGjmrqodns1CNzvjGTAp/UmsOwYpAuRrOb1tethKzkHBqlPvnq1qb6m1rJ8byzptsuVNilZjMrws/lKVh61s2dIhM/2J18lPZMMtRFSimCcTfboDQ6U05ruoe6o9qM+5fCEN79lptVpApYWfV7dv1c0KNCwOKHomwI3yUxTPdo9lNy/JXJ43MgSf+bK2tHJ42fQNEw6ArRfxncVnk4Hu8VCoys81NsOk6HxQo4mY27QEfBxsA8PJn7jaxONl1tI/CcnvMrPyzATTyg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=s9Kkx3CRDKf7HFPgOoCuiDHQoes90ZzmiKWSoyjF3Do=; b=UcX7qO86meJQzQMKk6qQCAJXsGCN1fq23dEbkguz1JA3v00yvRIDEbQ1CrHaTWx/DsgCulfRwx8DzfUYm/jd9CZLaVRB0lCT9KtTZ5Wq0UftoblEPUAb7E0cGAF7+tfhiRBhrTf3CYr+j/vjJj03CTsu/vTVp/AwjWQJhLhZI8WOxaereYJEjiBmbMcXw9LYBpRgq+Uo6uUGlNnpu/ItAkUyl6MrNgRKd1lpPVmVuP/16zjZJiIuaW/odn8Ge6FGq6o0uYv//PWbvpFHFQQHI0LyXcN8xGW6iTPG9YxecRJtfRpUOgnc5tv6IJMDrxaNXxnpQzD6OFYYWpP5dlZRYQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=s9Kkx3CRDKf7HFPgOoCuiDHQoes90ZzmiKWSoyjF3Do=; b=EoQiSteJIhIVJfJrQoIiZRfVgbHDbnYOov+9oT2x9oihCt/CLCEte3RgyYXa6k9VQufODWOwfjqDJnQTJ2UNH5Uz/atliOysFioLY+MrgHOxhWkpy2svVSM7JfI4AQ2Ia1leQLhpmh/S9kyqEdtKb8i3cKLvdGuRxOuJdq8fQwb/RnTBZOGaIqh+Df1tvWNCWIgGpxMIso9xDZltvOhQf5w0x4+T+viuR39ShJGFVC+jRcGfeidjV0i08NmnTzMsvDcol+c+BYgkKeQGuOzAyyFI5A+z1S7txsmZGNsrUUYG9diZ8A/xwsUFUnPbOb7BWzOwClEjNB8+urdW0eNSQQ== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v6 2/7] qemu: Introduce privateData for hostdevs Date: Fri, 30 Jan 2026 10:59:13 -0800 Message-ID: <20260130185918.4154310-3-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260130185918.4154310-1-nathanc@nvidia.com> References: <20260130185918.4154310-1-nathanc@nvidia.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SJ0PR13CA0074.namprd13.prod.outlook.com (2603:10b6:a03:2c4::19) To DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PR12MB9567:EE_|SN7PR12MB7106:EE_ X-MS-Office365-Filtering-Correlation-Id: 6ed7b742-8679-4aa0-ec3a-08de6031adf2 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|1800799024|376014; X-Microsoft-Antispam-Message-Info: =?utf-8?B?d3dHK2JHK3RweHJSTEFxZWErTTI3aCtEVE9MNTZEMlVqdkRLWUdzMkdJVnZi?= =?utf-8?B?WEV3eHFjdE9RODdSU0RqRWdJVUZLMEl5bGg5VFlaNHpJVVZkUHJ5NlR2aGdk?= =?utf-8?B?STF0eStJaVd6K2M1TmR6WVcvMmhyMFdRSUsvUitlcVZQVDVlVHVxRkluK0Zs?= =?utf-8?B?VmNXUlFtMGQ1NzRKemJIUXpjZk84aHkzbVU3VjV1MlpxMjdWNXVWM25uaVVZ?= =?utf-8?B?RStLNEErZXR6Sks2NG9hN2RLZ0tORzVHcGhldVZodDNDRHF0Q0hrQ3ZHN0xs?= =?utf-8?B?b0RvU0ozZGhjRkVaK0hSMnFqRFc5UWNMT3dKQ2NQbVF2cFFuRTVIb2F5Rjhj?= =?utf-8?B?MmlEWUF4bU9nNzRJQmY5WHVLZWxBY3orKzNCd1kwSWttNjI0Rkh6aFVLTm5y?= =?utf-8?B?QzJCSExjY2ZzaW90b2RTY0RmTUw1cktLQTVWWjBIS2NDbGZDeTloc2RxS3Ay?= =?utf-8?B?K0lNWi9DbDdSY3Juby8wRlZSR05OVWhlQXd5SExtQmxlQ01WMHNHU0M1U0tl?= =?utf-8?B?blZneU10b0tHeXJjSGR6TURNa2JQZEFmQXRTcndKdFJON3VSbjlLRVZxNlVk?= =?utf-8?B?Z0k4bHRocmJxMVJOeUdOTnVKd2sxOGRJMFNvdkwzTE5YRXMzVExCb2YyZjJ4?= =?utf-8?B?b1hOdVZlWGxNQytReE55TUhweEp2QlZKQm1PUk9vN2F3MnFtYUc1UFZvTVVT?= =?utf-8?B?ZlZhSkswdHQzSkFoZGRvcGlVaXE2QzZQN2ZBbEhSSXdTNEgzbVVFdFFaT2ZD?= =?utf-8?B?RjVpRXRsWlhVMnhka1pzZWJ1T25vNituOUFTQVNQK3h0WTZMUVJPUUEyUU9Q?= =?utf-8?B?QUJjZ3RwaUNEL2FqeHF2RXh1NjNlTTFBLzVua1BVd1hHZTlHVFIzK0VwUXZh?= =?utf-8?B?ZTVOSFMrcWZuM0kyc0RJL1c2UXRtcDJrcCtFanVFWHowb3pqRTBrSzZQR1o4?= =?utf-8?B?QVJORVN5S0VSVmVweEYwamQvK0dQek1VZnZ4NXA1ak1SbzRleURlSUJyYytH?= =?utf-8?B?WDRvY1pQSkUvV0hYdCt3REwvQytXb3FzZDlvRk15eGpkL21aNnZmak0wTGgy?= =?utf-8?B?RnBCNmV6T1hkTDgrazhtL1FXcWs3a1Jlb21ja1JvNkJnK20wcVptVEFwV1d4?= =?utf-8?B?RGdWOEY1YXBHdHMvTVFsUVR1TFZpSW9RRFdaM3RUYTZoMXlFSCtMdkR4cVo0?= =?utf-8?B?bm0xRHVQOEdoRmxGR1RkZ3htei93VXNUQTVhbk1QbXZNWStSd2x5ZkdDWlB6?= =?utf-8?B?U0FHaHFucTIwWGQyc0FlTHlvdnFIZWx2b0VTZWtjYTNYYW9NRHd3MGdXZTlk?= =?utf-8?B?WlRsRHJINlQ4TTdPQ3ZNY3dkYlB3dG1makhmUUlWOXNVUFJhK0pyTTRNeEJ6?= =?utf-8?B?VmxMaDc5dTRZbGtacDRJSGxhdXVNdUlPSHJCVHpNTkNKZ2hsRlFCMURST2Nn?= =?utf-8?B?aE1JcDhjY2pmUEtoQ1E2dHlPNzd4QUtVWjV0enZwYW9ObVpSNUdJcmNZTkhN?= =?utf-8?B?QzJWKy9QY0pneUdiOGJFR3N0UTNxT0dTYUxsZEFGRVpSVFlobzVFQUwrN21O?= =?utf-8?B?YU4rWm9oVldXTE5Cc1NLZm1qMkxkRnd6OFN6OFIzTTZ3enNSQmpGcEhhUlND?= =?utf-8?B?UjBNa0lNbUx4dFdPelduYmVhWGt0b3ZmZklKL0p6djdBS2Y5OWR4YzVESGNN?= =?utf-8?B?QnhlUEZBb0loU3d2L1NJUlBpUGhXVUwyRTlTUGFnNHJGNFprK1lKYmJhQWZV?= =?utf-8?B?UWFsak9OQ2ZTOTNsYVBFME5JUDN6YnRCN01JMGJYU0VsYWVWN3g3N3RiNW5V?= =?utf-8?B?SUFHN1FBUDhzRXJKaHpYZ2hWSEpsano0cEUvb1lzOE9oVCtRRE1DSFR4eHQ5?= =?utf-8?B?Z21naGVKRjl1Q3NkT1RGR25SbHZsR3N4YmVFZVBwVWxJZkI0SkNmVThpcjQx?= =?utf-8?B?L2xZSkNHVkVpM2ZVOHNpRWxkSVNaYUJSaW1oN1IwNGZwa25paW5ScGdVeDF0?= =?utf-8?B?VVFFOEhkeUdaZjZLTHZCcU10Q0ptRk14ejVpRmFZUjVGM0J4ODNsdyt1aE1U?= =?utf-8?B?cWtzbURqbXYybkRZdE9qb2lRUHh0SThWallWbkVSajhzL3BMVmVCNmtaNU5n?= =?utf-8?Q?evK4=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS2PR12MB9567.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?VzdiSmQvZVROdzZ6a3p5ZmZ1NnJKTVl5bGU0bi9raStFZlk2Mkxra3h3YW91?= =?utf-8?B?QlY2a29UREhXQUh2N1NPd1lhT1piQk5QeGZPdno4UXJNZklqVDVHUGZhRkJC?= =?utf-8?B?MmpwazBlVnpCeEc0UkFhNllsYk1DbGJlSVJwOThxU2sxalh5Wk5TNzVOV3ln?= =?utf-8?B?cDZheTFNU0kyUGhDYldDYmo2Z3AveWsrU2RmeW4vT1lEWlhyMWJNc0dLaVdQ?= =?utf-8?B?Z0lRZGg2STdtQlRVbEZ0MjRLb0RGcGV1OVR4M3ZRRGEzM1RzTEJkbTFJaEpv?= =?utf-8?B?NElBRW5QOVo2Z1BYVWtBbFdKTWtUeTlUeW5ienBWNU9yRFo4c3RGTlBCenNH?= =?utf-8?B?N3h1NS84MFZpcEFRTW9xaml3b2JwZm9wZE5JVkNFYk13WmRVaXlqYTZ1N0g3?= =?utf-8?B?cG9VL0JQS3hVQzk4dHZ2aU1LYUZsMlhlUlg1SDlmM1B6d1ZVaUw4dEtzbDUy?= =?utf-8?B?amNEOE9GNWkzMi9TbFhKMDFQMXM1VE5XV2tDRWlIK2gyelFiYzVPYzBuRUlP?= =?utf-8?B?Mnp0RUlza3M4THZIR1hjQTcwR2pEcmEwZ0cyVXNKV3ZKclU4L2dTbVNPYTk0?= =?utf-8?B?WXRMdmRKUldRKzQ0aG1sOE85MkEzTnpYR285aWU5Um52cU10M2Nnek96Ujcy?= =?utf-8?B?NVI5YThGalZTWTNKY3lnckpHQzdueTduSGcxOThuVjdVMnRZNk1Wa2hVL0tl?= =?utf-8?B?STVqNG4wWDF2czc0ZTZHWC9JVE9RbGloWU9PVlpwUHlNOTZ4OTc1V2lQZ2N3?= =?utf-8?B?TUQ3MFRCRlArTVFSYU1waU5FeThlMGJjbjFpQ3pRZndrcFdvRFpaS1UyTmk5?= =?utf-8?B?TTFjUDlNN0JzRE5wSWxEUC9nZG5QbFgyNnFVbFVTaVpVeDZ2V3pWbU96QU5n?= =?utf-8?B?cEtTSWNIMEpwMmNNWTJrTitDbkF3RmpxeldHSmVpdXhQTndpVVFEZHB2UXlH?= =?utf-8?B?NHBFa01yTEJiaG1VZEZSZUlsYjBlWHYxZ09NMUdsRFNLRVF1bEw4K2NFalNY?= =?utf-8?B?SFA4eEpwMkQyem0vZW5NdkpaL2l2dkVaaXVxMkQrdTRJK3VRdVBzZURzTDBY?= =?utf-8?B?b2NZb0M5bForU3g4L0tvVnMxQW5FV21nSm1uSWhxWkZLbXRXbDRQcFpvVEtn?= =?utf-8?B?LzRsTHhUY3NMVmxXekFibmVLTjM0TWZqdWRiRVZoaEdXRXViMlIyNmlsemt0?= =?utf-8?B?VG1KS0IyUEVRMElVeU9zOE9jYlhmSXJwL0tOWTlDaWJMVVh6SnRCNDBWalVj?= =?utf-8?B?QlpmVUM0RDNxSlRwOVFZNC80ajk5TmZGNURHd1k2ZUVUYnBCR0VjMmpPdmxi?= =?utf-8?B?dC9PSG4yUW5HbURtTU1kVHF3Tk83NzFMUmdzSXhrQ3Y4bFhyK3I5Z0V5RzBL?= =?utf-8?B?WTRJMHd2dHVDdTQvWlJxOG10d0hnV1k1OUp4cng1S3lPQzNqWFIybmVSMkhx?= =?utf-8?B?QnpSZWEyY0ZzMk1SUVYzRUFMeGxJWTlsWDJNcFVmQ1lmNmNGSnRXenZ4NnRX?= =?utf-8?B?dTIyWFJuTmQyNjJZZU9OMWNXdXQyOC9Ncll5RyszSnhqMGdNMTBVM2h5TXlR?= =?utf-8?B?MnFjVG9vQWFtREZzUUpyMVRycE9UanluOXNOaXNQZE04ZGFTQ2pXZy9ybWth?= =?utf-8?B?N09PWGhzUUVPMnNiM0JZQ2VOWUdFcmhzcmNhd3hYblJGT3p3azI1MGg0RUdQ?= =?utf-8?B?S28yTU8zT3M5ZzA2UjZxNVBiMkM5cGViektyZ3JENHJldklGWml2Y3hEWEd4?= =?utf-8?B?bmoyRGJ1WVY1ampmdm9GOUp5WkY5SUZpUWtLZjFDRlEza2YyY0s2ejB1NjVV?= =?utf-8?B?U2dWQTdSNkdNOUw2Tmk1YzUxS2tya2xqcXNVZXY4RzVkNlJwNW1meEUrNE9B?= =?utf-8?B?bUdob3pnL3VCTjJqVHRaR2VyRmlkbGlXVzlKMnlxbTh5N1MrbHBXTGhwVXZT?= =?utf-8?B?c0U3bzRBNFQ5OHJvZHZ2MjdQeE1wMzJ2bWgxYmhMMElhaFJjeVgvbzZEdTRu?= =?utf-8?B?emUxRWwxRlZoV2c2dUpnQlN2UEo5SThGYnNHOHVyeWN3dDYyb3JrZDdkeUQ4?= =?utf-8?B?RGJrZkhXYW5sbVB6alFmRHZnZG11THlQM1Ira1lKbzRLMlcvM0pQdmN5WlR4?= =?utf-8?B?T1ZheXFFQVpnNzM2S01iTWx0U2lMUFp0OGdZOWpaUHZ6ZjNrU3A4Rk5lVHpI?= =?utf-8?B?bGphNnZHZkdkdFVVTGlrVzJQaEtiY0VVNHU4dUxNTXlEbXcvOERnYmZ6UHVk?= =?utf-8?B?ZjM0N3ZjampZWU5qemlsZU5tb1owUVdwQld1aTF1cGUvSEx6MTBQN0hKSFdH?= =?utf-8?B?VTJ0VXNiRndBeG14QU0vanFhQjZpNDJJZlRNT1RLZDh5L3FyOEtEQT09?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6ed7b742-8679-4aa0-ec3a-08de6031adf2 X-MS-Exchange-CrossTenant-AuthSource: DS2PR12MB9567.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Jan 2026 18:59:22.2277 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: eSz9RbMr6Hf+BNHnVP6kvTTrrCfcncM/6VfZ3zezzplvgzH9L7qtnPIz8m8jum1mZc01g7hk4W1rWue8WiwUQg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7106 Message-ID-Hash: 4WG46FQKYPKFFDRLMY373YCJ4R7EWLCR X-Message-ID-Hash: 4WG46FQKYPKFFDRLMY373YCJ4R7EWLCR X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1769799778218158500 From: Nathan Chen Introduce private data for hostdevs and allocate hostdev private data by default. Signed-off-by: J=C3=A1n Tomko Signed-off-by: Nathan Chen Reviewed-by: Pavel Hrdina --- src/bhyve/bhyve_parse_command.c | 2 +- src/conf/domain_conf.c | 13 +++++++++-- src/conf/domain_conf.h | 5 ++++- src/libxl/xen_common.c | 2 +- src/libxl/xen_xl.c | 2 +- src/lxc/lxc_native.c | 2 +- src/qemu/qemu_domain.c | 40 +++++++++++++++++++++++++++++++++ src/qemu/qemu_domain.h | 15 +++++++++++++ src/vbox/vbox_common.c | 2 +- tests/virhostdevtest.c | 2 +- 10 files changed, 76 insertions(+), 9 deletions(-) diff --git a/src/bhyve/bhyve_parse_command.c b/src/bhyve/bhyve_parse_comman= d.c index d62ea64beb..8b405206bd 100644 --- a/src/bhyve/bhyve_parse_command.c +++ b/src/bhyve/bhyve_parse_command.c @@ -687,7 +687,7 @@ bhyveParsePassthru(virDomainDef *def G_GNUC_UNUSED, return -1; } =20 - hostdev =3D virDomainHostdevDefNew(); + hostdev =3D virDomainHostdevDefNew(NULL); hostdev->mode =3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS; hostdev->source.subsys.type =3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI; =20 diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c index 9672168df9..10425b2cb1 100644 --- a/src/conf/domain_conf.c +++ b/src/conf/domain_conf.c @@ -2733,6 +2733,8 @@ virDomainHostdevDefClear(virDomainHostdevDef *def) case VIR_DOMAIN_HOSTDEV_MODE_LAST: break; } + + g_clear_pointer(&def->privateData, virObjectUnref); } =20 =20 @@ -3483,7 +3485,7 @@ void virDomainVideoDefFree(virDomainVideoDef *def) =20 =20 virDomainHostdevDef * -virDomainHostdevDefNew(void) +virDomainHostdevDefNew(virDomainXMLOption *xmlopt) { virDomainHostdevDef *def; =20 @@ -3491,6 +3493,13 @@ virDomainHostdevDefNew(void) =20 def->info =3D g_new0(virDomainDeviceInfo, 1); =20 + if (xmlopt && xmlopt->privateData.hostdevNew && + !(def->privateData =3D xmlopt->privateData.hostdevNew())) { + VIR_FREE(def->info); + VIR_FREE(def); + return NULL; + } + return def; } =20 @@ -13681,7 +13690,7 @@ virDomainHostdevDefParseXML(virDomainXMLOption *xml= opt, =20 ctxt->node =3D node; =20 - def =3D virDomainHostdevDefNew(); + def =3D virDomainHostdevDefNew(xmlopt); =20 if (virXMLPropEnumDefault(node, "mode", virDomainHostdevModeTypeFromSt= ring, VIR_XML_PROP_NONE, diff --git a/src/conf/domain_conf.h b/src/conf/domain_conf.h index 83d49969d3..dee1e85a35 100644 --- a/src/conf/domain_conf.h +++ b/src/conf/domain_conf.h @@ -364,6 +364,8 @@ struct _virDomainHostdevDef { */ virDomainNetDef *parentnet; =20 + virObject *privateData; + virDomainHostdevMode mode; virDomainStartupPolicy startupPolicy; bool managed; @@ -3588,6 +3590,7 @@ struct _virDomainXMLPrivateDataCallbacks { virDomainXMLPrivateDataNewFunc vsockNew; virDomainXMLPrivateDataNewFunc cryptoNew; virDomainXMLPrivateDataNewFunc graphicsNew; + virDomainXMLPrivateDataNewFunc hostdevNew; virDomainXMLPrivateDataNewFunc networkNew; virDomainXMLPrivateDataNetParseFunc networkParse; virDomainXMLPrivateDataNetFormatFunc networkFormat; @@ -3797,7 +3800,7 @@ virDomainVideoDef *virDomainVideoDefNew(virDomainXMLO= ption *xmlopt); void virDomainVideoDefFree(virDomainVideoDef *def); G_DEFINE_AUTOPTR_CLEANUP_FUNC(virDomainVideoDef, virDomainVideoDefFree); void virDomainVideoDefClear(virDomainVideoDef *def); -virDomainHostdevDef *virDomainHostdevDefNew(void); +virDomainHostdevDef *virDomainHostdevDefNew(virDomainXMLOption *xmlopt); void virDomainHostdevDefFree(virDomainHostdevDef *def); void virDomainHubDefFree(virDomainHubDef *def); void virDomainRedirdevDefFree(virDomainRedirdevDef *def); diff --git a/src/libxl/xen_common.c b/src/libxl/xen_common.c index 890ef11723..e6a372e078 100644 --- a/src/libxl/xen_common.c +++ b/src/libxl/xen_common.c @@ -445,7 +445,7 @@ xenParsePCI(char *entry) } } =20 - hostdev =3D virDomainHostdevDefNew(); + hostdev =3D virDomainHostdevDefNew(NULL); hostdev->managed =3D false; hostdev->writeFiltering =3D filtered; hostdev->source.subsys.type =3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI; diff --git a/src/libxl/xen_xl.c b/src/libxl/xen_xl.c index e72e7d7f44..42e1408cf3 100644 --- a/src/libxl/xen_xl.c +++ b/src/libxl/xen_xl.c @@ -930,7 +930,7 @@ xenParseXLUSB(virConf *conf, virDomainDef *def) key =3D nextkey; } =20 - hostdev =3D virDomainHostdevDefNew(); + hostdev =3D virDomainHostdevDefNew(NULL); hostdev->managed =3D false; hostdev->source.subsys.type =3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE= _USB; hostdev->source.subsys.u.usb.bus =3D busNum; diff --git a/src/lxc/lxc_native.c b/src/lxc/lxc_native.c index 7700804429..a94427b027 100644 --- a/src/lxc/lxc_native.c +++ b/src/lxc/lxc_native.c @@ -376,7 +376,7 @@ lxcCreateNetDef(const char *type, static virDomainHostdevDef * lxcCreateHostdevDef(const char *data) { - virDomainHostdevDef *hostdev =3D virDomainHostdevDefNew(); + virDomainHostdevDef *hostdev =3D virDomainHostdevDefNew(NULL); hostdev->mode =3D VIR_DOMAIN_HOSTDEV_MODE_CAPABILITIES; hostdev->source.caps.type =3D VIR_DOMAIN_HOSTDEV_CAPS_TYPE_NET; hostdev->source.caps.u.net.ifname =3D g_strdup(data); diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 486a0e7913..3366214677 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -1238,6 +1238,45 @@ qemuDomainNetworkPrivateFormat(const virDomainNetDef= *net, } =20 =20 +static virClass *qemuDomainHostdevPrivateClass; + +static void +qemuDomainHostdevPrivateDispose(void *obj) +{ + qemuDomainHostdevPrivate *priv =3D obj; + + VIR_FORCE_CLOSE(priv->vfioDeviceFd); +} + + +static int +qemuDomainHostdevPrivateOnceInit(void) +{ + if (!VIR_CLASS_NEW(qemuDomainHostdevPrivate, virClassForObject())) + return -1; + + return 0; +} + +VIR_ONCE_GLOBAL_INIT(qemuDomainHostdevPrivate); + +virObject * +qemuDomainHostdevPrivateNew(void) +{ + qemuDomainHostdevPrivate *priv; + + if (qemuDomainHostdevPrivateInitialize() < 0) + return NULL; + + if (!(priv =3D virObjectNew(qemuDomainHostdevPrivateClass))) + return NULL; + + priv->vfioDeviceFd =3D -1; + + return (virObject *) priv; +} + + /* qemuDomainSecretInfoSetup: * @priv: pointer to domain private object * @alias: alias of the secret @@ -3563,6 +3602,7 @@ virDomainXMLPrivateDataCallbacks virQEMUDriverPrivate= DataCallbacks =3D { .chrSourceNew =3D qemuDomainChrSourcePrivateNew, .vsockNew =3D qemuDomainVsockPrivateNew, .graphicsNew =3D qemuDomainGraphicsPrivateNew, + .hostdevNew =3D qemuDomainHostdevPrivateNew, .networkNew =3D qemuDomainNetworkPrivateNew, .networkParse =3D qemuDomainNetworkPrivateParse, .networkFormat =3D qemuDomainNetworkPrivateFormat, diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index b9bb338682..88c8416aa4 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -461,6 +461,18 @@ struct _qemuDomainTPMPrivate { }; =20 =20 +#define QEMU_DOMAIN_HOSTDEV_PRIVATE(hostdev) \ + ((qemuDomainHostdevPrivate *) (hostdev)->privateData) + +typedef struct _qemuDomainHostdevPrivate qemuDomainHostdevPrivate; +struct _qemuDomainHostdevPrivate { + virObject parent; + + /* VFIO device file descriptor for iommufd passthrough */ + int vfioDeviceFd; +}; + + void qemuDomainNetworkPrivateClearFDs(qemuDomainNetworkPrivate *priv); =20 @@ -1175,3 +1187,6 @@ qemuDomainCheckCPU(virArch arch, bool qemuDomainMachineSupportsFloppy(const char *machine, virQEMUCaps *qemuCaps); + +virObject * +qemuDomainHostdevPrivateNew(void); diff --git a/src/vbox/vbox_common.c b/src/vbox/vbox_common.c index 26c5fdfef6..d2a8cf8da4 100644 --- a/src/vbox/vbox_common.c +++ b/src/vbox/vbox_common.c @@ -3090,7 +3090,7 @@ vboxHostDeviceGetXMLDesc(struct _vboxDriver *data, vi= rDomainDef *def, IMachine * def->hostdevs =3D g_new0(virDomainHostdevDef *, def->nhostdevs); =20 for (i =3D 0; i < def->nhostdevs; i++) - def->hostdevs[i] =3D virDomainHostdevDefNew(); + def->hostdevs[i] =3D virDomainHostdevDefNew(NULL); =20 for (i =3D 0; i < deviceFilters.count; i++) { PRBool active =3D PR_FALSE; diff --git a/tests/virhostdevtest.c b/tests/virhostdevtest.c index aec474a148..a35c1d9402 100644 --- a/tests/virhostdevtest.c +++ b/tests/virhostdevtest.c @@ -124,7 +124,7 @@ myInit(void) =20 for (i =3D 0; i < nhostdevs; i++) { virDomainHostdevSubsys *subsys; - hostdevs[i] =3D virDomainHostdevDefNew(); + hostdevs[i] =3D virDomainHostdevDefNew(NULL); if (!hostdevs[i]) goto cleanup; hostdevs[i]->mode =3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS; --=20 2.43.0 From nobody Mon Feb 2 05:55:48 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1769799840705345.74257896851134; Fri, 30 Jan 2026 11:04:00 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id DB206419AB; Fri, 30 Jan 2026 14:03:59 -0500 (EST) Received: from [172.19.199.6] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 4D86A43DBD; Fri, 30 Jan 2026 13:59:42 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 511CF3F870; Fri, 30 Jan 2026 13:59:29 -0500 (EST) Received: from MW6PR02CU001.outbound.protection.outlook.com (mail-westus2azon11012032.outbound.protection.outlook.com [52.101.48.32]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id 9A18C3F89E for ; Fri, 30 Jan 2026 13:59:28 -0500 (EST) Received: from DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) by SN7PR12MB7106.namprd12.prod.outlook.com (2603:10b6:806:2a1::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9564.7; Fri, 30 Jan 2026 18:59:24 +0000 Received: from DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5]) by DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5%3]) with mapi id 15.20.9564.008; Fri, 30 Jan 2026 18:59:24 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=LIhfF6VXnV+ehrv9JN5SxxO/gRsjKzJoRBai8fge9i1mSC4BV6Z19x+IrwXw7ap5+r8f47weMsoJvzdkd6eMaSKOvowWGh41k5E18htIQhtxtLL4ErQesqsm9N6HNni29aT9XSxu5z8kdG9FyTdJrU6Jc9WF/l4lwN6FHpz04DinjxWwRvP/x7gzyNUlukYOtHIAzrkzxst173l3jAm39SN9jlN1b+zBXUiFwic+La2bbnGZNSj58K7BCiuRtMGKeJ3qYtZPH9K0iSBVzJEWZy5Q9S9yqznmJQCq/D2eUMtvr0Sy+hE9JAfq9E3zis0baQCCeoFxSOfbGk8OzEXHgQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3IKMnaRCdmDLYVxcnQb5AjCYEh8ZsmBxYRFXqd3bnTU=; b=q6DHie44qUYZpyBJoDs4C2nM8BCd8Y/94K07Np8gNbPcmt2+m94rb0Y0fVJ/6YjTtVv2OnWDhLN4nD4XlA1vlv7Iy4RtAVtDrWaWpo1o+8rvLEpL9a2a8rQ0IfTZ0u9zr5SEgtB4PkdV+sB7+MMtqMK1blaAna1Rx2FOOfpkrt0jjmGfN9Oa8nbY3WBYsJg+90lUhUSA0oiKpPnUvbVXxRksZh3Wk/45kGWXDvF1/+2B9YeUtC6r5Ghh5+ndHuo68hiYijIbqY3em0ZLc5w6AkYNWQ8G9HJfVR4RwcU380HLYogCDtQpJcyecpgABS32lrly7f16FnD5HmSnJYnYhQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3IKMnaRCdmDLYVxcnQb5AjCYEh8ZsmBxYRFXqd3bnTU=; b=HM6cYlsjpsCJ9WjlldsiLIquPEW1Vf7NNgBS5cejSSPriB7EMlyEF9D0A6beg6a12DSKFJFJd9GUoSyertabAqnZqe9QyrHAmrFMiSZoLCAxRcIrttjJsHoWg9DTCP76W45qopajgLyr8GzuYsu0ZxpB4Wlo1Rzyvt1I4ECJwMjAiG1kGv12lC9GiOdnOtmNuKdCpYYC9dMZckNyCDo/NzIl6hPG+nnORhEHnMU+W95+aTNwCE2AvzRvkoEIJ1/1cW6s0WbrMbVHdrEemLoEjJ5aVux1shtu4NJ9e2JoOXzLnqjvEZJHzifDesxKs7uCSDlfkRxhthaskcVIPWw2TA== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v6 3/7] qemu: Support per-process memory accounting for iommufd Date: Fri, 30 Jan 2026 10:59:14 -0800 Message-ID: <20260130185918.4154310-4-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260130185918.4154310-1-nathanc@nvidia.com> References: <20260130185918.4154310-1-nathanc@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: BYAPR05CA0067.namprd05.prod.outlook.com (2603:10b6:a03:74::44) To DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PR12MB9567:EE_|SN7PR12MB7106:EE_ X-MS-Office365-Filtering-Correlation-Id: b0012a02-eb85-4228-b473-08de6031aec0 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|1800799024|376014|18082099003; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?QeRcN0mo7ccKPQzgu4JSrD4phYzgMtr6ES9Hf+fdKP6z8qKutN8TOmMrFXC+?= =?us-ascii?Q?EjYZoeFLTwMreJbYmJl1p1IC5l6aIELZUJpjT3drd7S3bR1Dzd4IhndGNyNH?= =?us-ascii?Q?6JoyqEWdW2e9AnsDFKNDohiaVoQUA6w0bECeKR2L52W3jvEROct1ffgXOZJj?= =?us-ascii?Q?N3F3mWJj5ns/E1agGiciteXW8kZtxAOd0ld6RYCpz3MsLSGh0j8uTPgB4/Sl?= =?us-ascii?Q?op3N2PIDJXn0BltV/gauAwC2sN5+YHRvbVDn/Osk26MnezLxDP+pdJI5GKS/?= =?us-ascii?Q?5GJ1RsCmSnJ/5ZtxMQOxqqYdD0Db9VSAcnf1ECACEMDptAy9FDL/jQHD42bs?= =?us-ascii?Q?LfdV/ICGHiJC+YegT84CfmBZhr2yo70ahR7XuNIqWgAjy0WQvIc9/ScI6xg8?= =?us-ascii?Q?Xv6EoYbdsFQr0xU085tT+DS9JDbAPKTQ2LmY/C7QitjbMa3URfqLlWm5jcKz?= =?us-ascii?Q?WOhr61QuFwh1ZNyKsE5ypy9DvdQRx6pOt6Pl0c2+/t8D7DX5ljun6XUBZeMC?= =?us-ascii?Q?ipYFqNHmEYXpwbiEHM+zWU3MSdn5GVFvEISCG9WAYzOhQ0kfUDHEUmglKQch?= =?us-ascii?Q?8UXkzmdbAiY1BoX1glbyNDs6g1mSup8gYKhKqtMakAJ8kRqQvuRbKqeCNDK0?= =?us-ascii?Q?FAD23NQTjNjnd51zmEMBxM87yCCHoHg69qwS/zqdxj1XfCGKoOqhTZm2Mcm/?= =?us-ascii?Q?ipuvSP+b22yqbZDA1rtryZhAk/XC1sY0814NIySaGUDCaauOKU6+XaTwlq5n?= =?us-ascii?Q?vLoqDIgd0X2yVF7KFPmG0BvXNcdUClzPNBtdgQeOIFFnb44FgdAraKoN6Ixh?= =?us-ascii?Q?hRKeDAdbare/P1f9IU3ocm9i2mTfrz+hWGQFdw5gCaHN90JsShErcSAA5k0Z?= =?us-ascii?Q?X9cDylfKtwz3U3mQ8auEFK8AmKDQ5c3JWLpaNrXYe7WqKDSAFcVeBCz0wg3R?= =?us-ascii?Q?CQdJt/MYgPQfY4MbIDtmMtoxfEddoh6/kZHiry5dmenU1F0Uh2PPl1DsQZw0?= =?us-ascii?Q?PpIglPuyuKSFJOa6eGPZ+AvrE/MnNUfC+w6Oa2PdCSxwkWwKS29u8wp3jUSY?= =?us-ascii?Q?PiWGZK33R/Ly19cs35RovocDXlVa0ceMe/hhl56EUuo3OS3yY46VaqIo0T+7?= =?us-ascii?Q?W5r/lGnv1lstAKzXXoArUK6gvwdxuqrZaZX5SqaCWd9s4d/cdDit4ivw1daF?= =?us-ascii?Q?6kjVlYkgm5D5w9AtNqBObfmcPqMoHuaZGP8+TJihvJ3xVj0pLd29jIJMr7vs?= =?us-ascii?Q?6gO9LZcP6Cs5gKGDi6TL4m65tOLCt+YolqMoT05iQ8dUFUmSSYbd9TSqB2/4?= =?us-ascii?Q?XeVTS2Ev5tTE0R1KS5e0/BW4xPVT5gfS8dgGFPnihJxJ9ahSJrK4XC8B7rrX?= =?us-ascii?Q?eXIUU6HH+5/rmgtbftSY4UKr3eS8k4anzKI8ZE/76l/DjsaTIQQG6IoikHyv?= =?us-ascii?Q?eTz4RVWIl0pkO0MA+Tld0v3Zoxsz6b/hWLwaZ3PIdUC3kZG5G+VHeLKcReSV?= =?us-ascii?Q?vkMLr04IXqDZhHxSkeaEVjkSfJvglQ3R9Dh/si21n00hK4uEZwF0wnDSXiXE?= =?us-ascii?Q?PuO2mAXkoIA+25pyKAZ8MonbMnKJ9IL1vOQwPjv0?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS2PR12MB9567.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(376014)(18082099003);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?pDzyOzifMRvaVEFHhB84sNu/zcyW6ASo3Ox+LRav9BUKHkXUp9+LZYxuRw8A?= =?us-ascii?Q?BZPud9V0JBchIKQ9BkoVdHsCL6D0RsokUfs+rk6J29aAiUfkaHb+HNAL1O66?= =?us-ascii?Q?J7pHEmqxJM3eRLE92O/bcDsAh+ES1i7H3R32KuG2T5jI00DXPHpjGG26BAM6?= =?us-ascii?Q?KwUwnxV0ep+Kjf+H63OxIg4kf7JzWkwDNKKqw1yQ8Wnc9ZztlIvbC7DZYmTf?= =?us-ascii?Q?0/JaSV66VsRqgXJmCjKCvSdViM0+Fu1QKO0sAOTWuFoO0IyDOSG6NmT+gkdF?= =?us-ascii?Q?r947gtTqPNVLfvdxiZo7/IAud9A8YfQDQB5CilY79/Tb//q2S9+ToPalZ09M?= =?us-ascii?Q?/KzkPP+6EwKs6bzt49qmDZqnVpSQYM7fNVlo9l/yS/Sw5m49j1M+WbB1VP+B?= =?us-ascii?Q?pvu5iCY39awb+tH7VE/zYSUlFPEzcAjF6rrTHgpppW+QeXaZQUEeqysythJq?= =?us-ascii?Q?xsXl+XX4GHlnKLiChkxnl20bAKub+xDaJPERtIFTMZU+Qpuuwf0+tvyxuoI8?= =?us-ascii?Q?Yme3mN+2BF+nM1IgnwZkATxPLo52HbeYFb8lAnCMRnihUwrRlYAtyOQ9xQfX?= =?us-ascii?Q?lrvxJqS7lmFdJg6hE7K28ObApP31VGelc3WJBk7fKoT70TYXh7MNp/aXL3w0?= =?us-ascii?Q?AyCWkZScgUyvn+XUOZ0VE5h+dJ5vLzIBVtrzLiFp0dXFBIgxrHJRjm8bkIVG?= =?us-ascii?Q?5RzRRZ2TLEoZn68DbkmnM9mXdSvwkc0zG/6geWnyLehjdHpj9t3mANIHMC13?= =?us-ascii?Q?QOGoLgRoL3PpRed5DZAsIigb9PXgvLDMVowlZycuEE4i2dbrEX4kjbv1TL4X?= =?us-ascii?Q?WhBKPmYy4omrnd32iOuQYuNaCs4WaMpMPKvM0GLXGkh/sG0d/p0hjcKXvC6T?= =?us-ascii?Q?vx4+49fQRlyJyo/aPDegCUGH8deJB5kHCT1/GVQ0dctm80v5ia/9PwmRJNG3?= =?us-ascii?Q?Ahnz+7399dWEJIoc1faYlpdufsFt3qHkbGfWsjMd61p70h5fTrdzhT+vmtrq?= =?us-ascii?Q?YOvBpMQbLVVF+1TyIBySg9cFIjtMkHyojtFFJPO8ZDFXMpqFN8RUOdHqhZYx?= =?us-ascii?Q?Y5ngnqEgI96yIOm7kpTGcQq2NNCyiYl/hTsohgqcRWM33YP59KEJVi/oujzc?= =?us-ascii?Q?kpu03nnU46dMqeIt8jdlVaJ8jozuOeC1pn5Me0supI2hpbeuNOBxITzBLdBE?= =?us-ascii?Q?tP7Va3LkpkUMUo/XydluagFJW/j7SrZhcSCnzjEsbmVj0Vfuli7aGLxwECyk?= =?us-ascii?Q?sO5TrdnYOZuMohZTXkH6Jdhd0pRCnxL8Njb+MZOVphO5PlXv3VSQAQN7sm/1?= =?us-ascii?Q?A0C/S68ifcvXFPhSEM1u3+Y9ncQgCNQEqePsu91vzbs/Cn+OpwdrgoSlqe+h?= =?us-ascii?Q?mMl+tXR5+YJqVBHKyOzJ5W7ZLPhg3Doll+OSYs418ss3udaSNovKK3VynL3T?= =?us-ascii?Q?GB8tbto01zV4e4nq437ZDfawZqFTkMIMLPUjVWGEVZ+pLzdzvd9ZU+IPnF/e?= =?us-ascii?Q?nOTbRU1lMHETmhr9ojf0N3+lM8cDnsuitBBy3P9mwSQk9DDXol/fnANhCSSh?= =?us-ascii?Q?C8orTztjPiJzreo87AEMdulB7lLTDSm82BItEc6d7mzjX+79SkLHhLfedatf?= =?us-ascii?Q?L7hsvwPB+wRggMlF17POCL82a0fjzaF0U0WEgGMM8v8quFueVcHe/c7KfaxI?= =?us-ascii?Q?33BN/VJqAMqbU5DKXEI6qRiwAnWDD1p6Hcc/0djHvsSATSaadK8kvPfJnbFD?= =?us-ascii?Q?gfqZbQRFyQ=3D=3D?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: b0012a02-eb85-4228-b473-08de6031aec0 X-MS-Exchange-CrossTenant-AuthSource: DS2PR12MB9567.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Jan 2026 18:59:23.6460 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: KLQBo2KftQ7FI/6vq7eEfnoL56n+aNnDjJobn03nJB02ILq0nGQjZnptLormY20+RyMtWIjBOpMidRgFzbepyQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7106 Message-ID-Hash: C7772ASNRQQBWYL5F7IBHDCNQ5R36SCN X-Message-ID-Hash: C7772ASNRQQBWYL5F7IBHDCNQ5R36SCN X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1769799842258158500 Content-Type: text/plain; charset="utf-8" From: Nathan Chen Implement the IOMMU_OPTION_RLIMIT_MODE ioctl to set per-process memory accounting for iommufd. This prevents ENOMEM errors from the default per-user memory accounting when multiple VMs under the libvirt-qemu user have their pinned memory summed and checked against a per-process RLIMIT_MEMLOCK limit. Signed-off-by: Nathan Chen Reviewed-by: Pavel Hrdina --- meson.build | 1 + po/POTFILES | 1 + src/libvirt_private.syms | 3 ++ src/util/meson.build | 1 + src/util/viriommufd.c | 111 +++++++++++++++++++++++++++++++++++++++ src/util/viriommufd.h | 25 +++++++++ 6 files changed, 142 insertions(+) create mode 100644 src/util/viriommufd.c create mode 100644 src/util/viriommufd.h diff --git a/meson.build b/meson.build index 964d1fa4e1..a6db70f13e 100644 --- a/meson.build +++ b/meson.build @@ -732,6 +732,7 @@ headers =3D [ 'ifaddrs.h', 'libtasn1.h', 'linux/kvm.h', + 'linux/iommufd.h', 'mntent.h', 'net/ethernet.h', 'net/if.h', diff --git a/po/POTFILES b/po/POTFILES index f0aad35c8c..c78d2b8000 100644 --- a/po/POTFILES +++ b/po/POTFILES @@ -303,6 +303,7 @@ src/util/virhostuptime.c src/util/viridentity.c src/util/virinhibitor.c src/util/virinitctl.c +src/util/viriommufd.c src/util/viriscsi.c src/util/virjson.c src/util/virlease.c diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 6bffd2eb6d..7fa76a1ec3 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -2646,6 +2646,9 @@ virInhibitorRelease; virInitctlFifos; virInitctlSetRunLevel; =20 +# util/viriommufd.h +virIOMMUFDSetRLimitMode; + # util/viriscsi.h virISCSIConnectionLogin; virISCSIConnectionLogout; diff --git a/src/util/meson.build b/src/util/meson.build index 4950a795cc..9fb0aa0fe7 100644 --- a/src/util/meson.build +++ b/src/util/meson.build @@ -46,6 +46,7 @@ util_sources =3D [ 'viridentity.c', 'virinhibitor.c', 'virinitctl.c', + 'viriommufd.c', 'viriscsi.c', 'virjson.c', 'virkeycode.c', diff --git a/src/util/viriommufd.c b/src/util/viriommufd.c new file mode 100644 index 0000000000..b44bc8ed1d --- /dev/null +++ b/src/util/viriommufd.c @@ -0,0 +1,111 @@ +#include + +#include "viriommufd.h" +#include "virlog.h" +#include "virerror.h" +#include "virfile.h" + +#define VIR_FROM_THIS VIR_FROM_NONE + +VIR_LOG_INIT("util.iommufd"); + +#ifdef __linux__ + +# include +# include + +# ifdef HAVE_LINUX_IOMMUFD_H +# include +# endif + +# ifndef IOMMU_OPTION + +enum iommufd_option { + IOMMU_OPTION_RLIMIT_MODE =3D 0, + IOMMU_OPTION_HUGE_PAGES =3D 1, +}; + +enum iommufd_option_ops { + IOMMU_OPTION_OP_SET =3D 0, + IOMMU_OPTION_OP_GET =3D 1, +}; + +struct iommu_option { + __u32 size; + __u32 option_id; + __u16 op; + __u16 __reserved; + __u32 object_id; + __aligned_u64 val64; +}; + +# define IOMMUFD_TYPE (';') +# define IOMMUFD_CMD_OPTION 0x87 +# define IOMMU_OPTION _IO(IOMMUFD_TYPE, IOMMUFD_CMD_OPTION) + +# endif + +/** + * virIOMMUFDSetRLimitMode: + * @fd: iommufd file descriptor + * @processAccounting: true for per-process, false for per-user + * + * Set RLIMIT_MEMLOCK accounting mode for the iommufd. + * + * Returns: 0 on success, -1 on error + */ +int +virIOMMUFDSetRLimitMode(int fd, bool processAccounting) +{ + struct iommu_option option =3D { + .size =3D sizeof(struct iommu_option), + .option_id =3D IOMMU_OPTION_RLIMIT_MODE, + .op =3D IOMMU_OPTION_OP_SET, + .__reserved =3D 0, + .object_id =3D 0, + .val64 =3D processAccounting ? 1 : 0, + }; + + if (ioctl(fd, IOMMU_OPTION, &option) < 0) { + switch (errno) { + case ENOTTY: + VIR_WARN("IOMMU_OPTION ioctl not supported"); + return -1; + + case EOPNOTSUPP: + VIR_WARN("IOMMU_OPTION_RLIMIT_MODE not supported by kernel= "); + return -1; + + case EINVAL: + virReportSystemError(errno, "%s", + _("invalid iommufd option parameters"= )); + return -1; + + case EPERM: + VIR_WARN("Permission denied for IOMMU_OPTION ioctl. " + "Per-user-based memory accounting to be used by d= efault."); + return -1; + + default: + virReportSystemError(errno, "%s", + _("failed to set iommufd option")); + return -1; + } + } + + VIR_DEBUG("Set iommufd rlimit mode to %s-based accounting", + processAccounting ? "process" : "user"); + return 0; +} + +#else + +int virIOMMUFDSetRLimitMode(int fd G_GNUC_UNUSED, + bool processAccounting G_GNUC_UNUSED) +{ + virReportError(VIR_ERR_NO_SUPPORT, "%s", + _("IOMMUFD is not supported on this platform")); + return -1; +} + +#endif diff --git a/src/util/viriommufd.h b/src/util/viriommufd.h new file mode 100644 index 0000000000..ebecfe3633 --- /dev/null +++ b/src/util/viriommufd.h @@ -0,0 +1,25 @@ +/* + * viriommufd.h: iommufd helpers + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2.1 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library. If not, see + * . + */ + +#pragma once + +#include "internal.h" + +#define VIR_IOMMU_DEV_PATH "/dev/iommu" + +int virIOMMUFDSetRLimitMode(int fd, bool processAccounting); --=20 2.43.0 From nobody Mon Feb 2 05:55:48 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1769799896966344.35803901493955; Fri, 30 Jan 2026 11:04:56 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 25D8841A32; Fri, 30 Jan 2026 14:04:56 -0500 (EST) Received: from [172.19.199.6] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 69BAF43E24; Fri, 30 Jan 2026 13:59:43 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id C9C8B3F878; Fri, 30 Jan 2026 13:59:29 -0500 (EST) Received: from MW6PR02CU001.outbound.protection.outlook.com (mail-westus2azon11012032.outbound.protection.outlook.com [52.101.48.32]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id E593D3F8B4 for ; Fri, 30 Jan 2026 13:59:28 -0500 (EST) Received: from DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) by SN7PR12MB7106.namprd12.prod.outlook.com (2603:10b6:806:2a1::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9564.7; Fri, 30 Jan 2026 18:59:25 +0000 Received: from DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5]) by DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5%3]) with mapi id 15.20.9564.008; Fri, 30 Jan 2026 18:59:25 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ICG3nr23DZOU1Bmppv1zYy71KsxCkut1QCnLIIf04TfyR1Ah/bq0RGRLT9LEfMT2QLCsCyhNXgeRubedUg7lUg8l2yAzzxxZyCMKoBHxVaJgjfkoLC8Mj1YQXKukqcMtSth/b598QWKxg/N+vU61UfjR2ZC0hhTTrep3TfRnTXijTopnYf7v1dJNgTehFcFiWSxO02pp8Op30uwIdT05gM69Go/8O44vHVSkV7lZKCx6Lv2xbirIPboFQz6zygqRFcTpRqNJ8VZqXjFaQ7SX0L3AFN07Ewx3Se7yN3xBXUX6/NiRnannz5MLUqzp/bRQuRINhzHmz8yF34sfsfZtLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=LyCUGK0HV+DWDXtGaa/rXqr2QW+GTh8GlJ38oDOiyEc=; b=ufwdffhZY0ujaWyNgUYJyEnO4O99cHgkNw0bIww4kxAs1hA9ipFBVSdyTmBz8HLY2k/RoJAmCmungUOfq4LiVlH/a49yYPZNe75YwQv5y5EljvV6tIeDyLwBqJbRTMPeUPA6j4EY1holZpErgfNZq0VOlkOT4rpLcdONMTxhJ1OgDjMD4EALb5toga5lN83TwrXwzDEAmUyti/t4p0Sry8LvOty0cEk6wQ2HxCJHi89Al32ARlojckB/jhC0MWctaJSWR99e57xoYQYFRA1dr3tXzTw2T/IkwVHWxqieB6ip/avAqW+QXFEV4bxOvLWuFdSClnW24Wz9ST7jgDDCkA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=LyCUGK0HV+DWDXtGaa/rXqr2QW+GTh8GlJ38oDOiyEc=; b=Zc/+mvt3OJ3JLGTQ8ZUFBWmcjD5sz06SfgEUwlee45fiAxh9cJtOqsNeLKgbXvHzc/cw7LLCiOuXH0+Ua1HAdiRoit9gZ+mrEadlQdkkXg3UDRnqL2KMRWXCEl5Yfjn93WgiGLW9hMORA5Sz1Sn4nkKfqdx2Sz3qlL0fZKs46pWUgQwN6+w2if9a1n3lSgeU4YSoLZ92KSPxBvbXYAVY6CBNN5X2NZyI697UCAucbC3NQgeppI3yYC5f4bTHPlfNHrU2PNgGXZfYP0SeCmD1hkWlCccUPNrgbH6IY/Zg3uFl3/hMolYfZsswt5CPVzJ3ghmxD3kLfrjxDHjwSPLFWw== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v6 4/7] qemu: open VFIO FDs from libvirt backend Date: Fri, 30 Jan 2026 10:59:15 -0800 Message-ID: <20260130185918.4154310-5-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260130185918.4154310-1-nathanc@nvidia.com> References: <20260130185918.4154310-1-nathanc@nvidia.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SJ0PR03CA0198.namprd03.prod.outlook.com (2603:10b6:a03:2ef::23) To DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PR12MB9567:EE_|SN7PR12MB7106:EE_ X-MS-Office365-Filtering-Correlation-Id: 534dc79f-9afa-422a-8154-08de6031af95 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|1800799024|376014; X-Microsoft-Antispam-Message-Info: =?utf-8?B?Nlo4TjFtc05RdTVpdXE2WmJNY2pPQ3c5N2JjVkEzZ3JqRFlrNVVtSHZUMGZW?= =?utf-8?B?aTBjMHFhY1pqQkVIQlRaZ2x1MTl0TlAxd1JGVVdHK1FmWWRtbFdWSGsyQjlP?= =?utf-8?B?SGM4OXdBZmpCdkxMdVFrQzhkYm1rQTFibi8vdUdiQ3lwenhmM1REM0lMRGtq?= =?utf-8?B?UzRMa0k0UCtjb2gyOTIwWEx2SHhxeVdGSHY1UnBDcTltVXJ2L2YwUzI2YlAz?= =?utf-8?B?MHpHM0d2YlU4aElNOWpwNkppSXRDTFNWV1BTV3BMREVJZWVLTlA3cWFOVko4?= =?utf-8?B?QnFnUlQvcVFLajljQzdNRWpLcXpjMitJTTlnMEg3dVVXKzMvSzAxaGt1MUlW?= =?utf-8?B?Z09uUTdwT0R3aVM5ZTJKUk9XL0NoR1RoS081bUNKelRqUjJjUVpaYWFGN1Jr?= =?utf-8?B?cHd1T1p6aXp1NHkxTzdtMXNxQmRoN3E2MmlJS2pUU2xiZW5YN0VKMXZNaUxO?= =?utf-8?B?bTRMZXRVS0lBRnp3SGJ2SWc4UGtCdnRaUndSdXVvRzVpajIwUWFXMm1RUEUy?= =?utf-8?B?UWJoK1poMCs1OHRwR29wVXcrRlJ4eVBERUFSUmpZbWNNeUpyTCtsY0pyMzVh?= =?utf-8?B?M2QzaXBmcXBSK1BiU2puOWRKdnlMTHhCQUR0S3U0bEFSU1pxRGl6TDRIN2Fw?= =?utf-8?B?TkpuNThITllyQzRrclU1MHMyblhDQnZlSm85Q0JWRTJCOG8wUUlhVGJxWWhk?= =?utf-8?B?Z0liN3hGbDlYRXdlSHhNMU1uV2k1L2ZiaEwyTmVIWHhselFOTGRJVHp5cTMz?= =?utf-8?B?eTE3NlpncEpQbXRwbUM3Wnc1RG1nU1VSd2Y0TzJhbTBQdzVncmI3a0tRR28y?= =?utf-8?B?N3dJU0FscU9xTFBlOGlMa3NjUEVQbzI1UHo2ZVFPQlFQU2pUZnBBMzFCZnBW?= =?utf-8?B?N1F0S2lDUnIycU9FcEEzQ05DaGRqNjAxTklhQms0U0gyL0ZqM3VhSXhYTXNn?= =?utf-8?B?TzFvaitHZjUycFVpM3NRK1RCQXpUb3JFaXRFVVd0OVFlUUVEZmtaWkxDd1Fs?= =?utf-8?B?SExzNU9Rejlwc1BFN1NwZ3BYbGVjUklKWmc3Kzc2bmQ3MGVrWFZESTBXSnF0?= =?utf-8?B?WGVSZU9uaGxuME5obS9JRVRNRUU4YkZ2bW0yUFU4d3VVNzRpRVB5WkFBUWc1?= =?utf-8?B?cjBKWm1PVkdtUS95SVUvaUlHcjR1ZDIzODFyaEFaZUhsVWdIbXN5c3ZaQlB5?= =?utf-8?B?MElDbHlHK0dac1F6VFQ2cnhJK09EYXR5QTQvNk0wUVFybWVXVUxQUUczdU1K?= =?utf-8?B?YXh6c0YwMDRCSU5jSjhUODloc3I1NmtRNmZSOFFZVkJKbGl1ejZEbmxiVWNy?= =?utf-8?B?SWlaS3c1TnhJVXhpRzJCSERHc0dIUThKcExDZXdMV0ZzL3JueGYvYVJZcXR0?= =?utf-8?B?aE01RkZGOGpIVUMyaUx0bTJ5c0xQVkVkTzJBcjgvakhLMnVFMDJpZVY2enVq?= =?utf-8?B?RDN0L3BhMjQ4QzNuTGhWbGx2ZlZTNzRTWlE4b3l4OVBETHVYVE9NWlZSNTVB?= =?utf-8?B?eG41a2xZeDVGQ0paaXV0NFFEemFpZmUyK29zb1VGUjdReWlUbW5aY3MwdGdD?= =?utf-8?B?UVIwVStONmxuSGsvVjkxUnV4K3h5YUJ4MEJQb01uRS9WTHNRNDlJcEtjK2RF?= =?utf-8?B?alZMNU4zRDdTdXBnSDlBNXc2U2ZYbDUyOENUY0ZoUnl6MG5yYU5jQUh5dkpX?= =?utf-8?B?d0VvRVMxczZtTjNEM0plb3NMZjBjYVMvM3Bpc000a3c0R2o4R2F3aXQxeGxv?= =?utf-8?B?U085RUM1WnpSRndTcWpPQ29LY0psYm51WUF3WmpCeVlEN0laUTRtTDdoM2Iv?= =?utf-8?B?QmJRdG5LMnFKVHdHdnIrVDRtWjJBMkhxSHJTb0o1S2RGelpHeC9kUXU2cG1w?= =?utf-8?B?Sit1UXlXelgrcUVML1JHdVVFZCtWeTFTSGdFYkVHckdNbTlCU3RWdlZBUjhR?= =?utf-8?B?dWkzRmlMeTVaeEFrYjFiNTVKcndDbzJZajk4dXhlT210OE8veCtNQ0lWczZ1?= =?utf-8?B?K2k0RVNhOHFMVnAwSVRDdDhOOFVyWmFnQ1U4NXZDVnFBTDRhS3BSbEFnTEFm?= =?utf-8?B?U1p4UjNVM1pvN0NMS00vYXBvQXZOVkg3VFBmcnRLN2xadkZ1OG0wczZ6d3la?= =?utf-8?Q?X0x4=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS2PR12MB9567.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?cC96cVpVK1RvRWIyZWhscWtTRWJ3WXF1bW1DdnhZUGlkS3BCQ1hibm41V3d3?= =?utf-8?B?RHBWa2QyK1BPUTVVNHJSbnRWOVJ5KzZqWDNyU2sxSkdHbHNJZEhuYy9hT0hN?= =?utf-8?B?YnBodGxZWGtGRUVpNGJzbDlRdjFRa3ozb2hJNUd3YnppdW9tM0JGYVVIMVVn?= =?utf-8?B?M2lXcW0wU2kxeFRDVWhURnpnQVNydldNbk5YS0wvWHZyODZMQld0SVA5WXVL?= =?utf-8?B?alViZFhOcDJjaFpLUElVNGFkYTkxWFVsZEVpVk9RR2FGd3Z5SmxIL1FEMmV4?= =?utf-8?B?NDV1VjlJcTVHSkxZUnRJb0pOVzJ5MCtJNGkyWlpKNHI1NG5OVnJ0TnpySHFi?= =?utf-8?B?ZCtxaTBEeWVoOTIzeXFMWWljaDN5R013ajJmV2o3MzVyYXFYYklDWE1yMFo4?= =?utf-8?B?dXVJZjl0dk9tWXhkVStvM1cvamtRMHdHdnZjbnRJdGVNbmNPeTFlcmZUM0Zw?= =?utf-8?B?UXYyV3o3NkpianVFSnVFSGVGamdkZFZzS3F3M0xDUGxkSjE2dmMwazIwSjRm?= =?utf-8?B?WUU4bTY3MzBoQ1RuV1lTWWdBMzYxUXV0cXBoRWVMNU5lTkkzR0VreWxXRE5Z?= =?utf-8?B?RkZRbStoZ2JKSklHdVJRMWFhaWNHbmNzcHBqQURnTHpPaHp6TTFnOXZ3WkZu?= =?utf-8?B?YTg2NGVqNjN3bTVqYWlvOTlGY2V0Y0pXL3JmZER4aTZwdGRhY3RrSnFNV3ky?= =?utf-8?B?RDN1alFhMG5oM2ZRV3VOL1ZkVHVkbHZvM0tzRDFpMGtnZTNvdk5xcFlDNVd1?= =?utf-8?B?Z3BXbkVmR1h0UEVHR3VLbldOVGduVzRTd1ZEQVlGallJbnZtOHcxU05wSFQz?= =?utf-8?B?N3lObGxwR3I5aThjaDR5VVVYMDBDSXRpVWpLK3N5WHhhOU1UR0ZXaWpqRUFS?= =?utf-8?B?eDRXczVxUGRkUVNNWTVPaWVyamxadlVHTHZNWmJVdFVvUk9GT0JWdWVGc3Q0?= =?utf-8?B?TUtMWnhVdVN5QUlXbURmN3FxZS9mWitFTzZ1NExtem9haUJMVDFwUkdZY1Bk?= =?utf-8?B?eDNoeGU4aDF3MHRGMjlac0RLSkdwRnBPajFreUY3b1U4NVREdjc1ZTZ5RW53?= =?utf-8?B?ODdEUk1RWTlEbHA5em5YeWp3QmlyRWZxUllRR29DR3R2V3ZaaDE5TEhmL0NM?= =?utf-8?B?a3NLd2dTYjh6WExBakxHVGhtVm5YYjViTnRhUlAwNWVUZm1hQUFBS3U0a2V2?= =?utf-8?B?aXAyVWp2bHdLRU04eCtTMjBvQ1pkMWd3ZUdhN0tpMy9sQnBaZm9LaDNkcmZ3?= =?utf-8?B?bGFTUFA2TkJTWXhLMWR6SU1CeGZIZmR1UjFrL1RtNEJwZTlIUCs4TDRxUzVm?= =?utf-8?B?S2cvTTdWcGFPb0g2NlJxMUJNeTJJY1QxaGFUeDY3anJnaWFSejJTTmJLdUJH?= =?utf-8?B?SE5DdFpjVCs5L2MxblZDYVgra2VCQ2VpdTVvV1daem84MmpId0VsVlZCZkpJ?= =?utf-8?B?Ykorbk5GRS9IVFpyMGUxQUVlY3krbHk3SGV3QlRhbHdmd1hKNDB6ODJudEFS?= =?utf-8?B?Qm9NRUIyTnVUYUdGd3VUTjdRRGE1N2RHRE05eUZKdzVOOWQxMjB1UE8zRVpz?= =?utf-8?B?djVrZEgvbG9oVUJBSzVLSmVTdGxkR0prVkVUUUZMV1dOaVovTjFlWHRKOFVI?= =?utf-8?B?WklhVkxQcGxPK2x2aGFIYW9OSHhMMEVwbUUxdG9nM2RmR2FTK1VrL1lpeFRy?= =?utf-8?B?MXpacmF6VFM1R1Zwc1R5MktoNmd6Sm4xQWVTeEQrMDM1aURoaE9qSkJCemlF?= =?utf-8?B?eGtHMEh5T3dZR3hURnFMZEJPVjBXZVdkdVpCL1NUd010SXpIQUM2cDkwR2RD?= =?utf-8?B?aU5DQmlFNFFaUmlMNUNoMkg1RGxMS1VGQm9BYUlXKzdBQmdvMURIRUNZYUho?= =?utf-8?B?dm10UmV3YmdOZ2Z1S2QwbzRvM3ZTZlFQc0pNb29qVHkxS1J2bUVnaTd1Lzcw?= =?utf-8?B?a0ZDR0I4WFB2TTN6U2ZmSkNsS0RjWmV0eHRYRWJXQVhrbDNsVTFiYkc1OThJ?= =?utf-8?B?T2pWNHRlNEtObTgxQUFlTnV3bVlaUGxWQ1BJYm9STW1uMmN3S2pxYUZzaVhO?= =?utf-8?B?eHVjTmlRNWZ3emJkaG54QmRkRXQ1WEh0YkVJdWs4cjN5T1RiaTZXSzB4TWRN?= =?utf-8?B?alhYY0RacWsvVHRaVTJXTS90QUxwKzZ0eFEwOHJDZGFpb0t0RWxDQ25MeHYz?= =?utf-8?B?bzZDVURQek1FdzFTR2dJa0NzWWVuSWtxeWd4V2ZQdVlzZHNIVThQRkNDMzhp?= =?utf-8?B?U1hFVnJXcmtyaVZvUTNMU3g3bUpSVXg3azFtalBJdTNUZm5UeGd1ZkxTVENP?= =?utf-8?B?M241TldTUmtSQXBFQ0F3QU5FbkhHRFpOY2tFSndiTXNicG9kWHUxUT09?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 534dc79f-9afa-422a-8154-08de6031af95 X-MS-Exchange-CrossTenant-AuthSource: DS2PR12MB9567.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Jan 2026 18:59:24.9760 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: +CZxoCwywgJl5zxZWRTnqO8b54kIrIjD5m/ihEDhdqD0nDWvxA3qJAuwoZgfoudPmHX4sj5w8SKvEo2BZp51nQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7106 Message-ID-Hash: SY5HZM7UH4Y7VQ2BZEGHEVWMY6W6WKWB X-Message-ID-Hash: SY5HZM7UH4Y7VQ2BZEGHEVWMY6W6WKWB X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1769799898725158500 From: Nathan Chen Open VFIO FDs from libvirt backend without exposing these FDs to XML users, i.e. one per iommufd hostdev for /dev/vfio/devices/vfioX, and pass the FD to qemu command line. Suggested-by: J=C3=A1n Tomko Signed-off-by: Nathan Chen Reviewed-by: Pavel Hrdina --- src/libvirt_private.syms | 1 + src/qemu/qemu_command.c | 21 +++++++++++ src/qemu/qemu_process.c | 78 ++++++++++++++++++++++++++++++++++++++++ src/util/virpci.c | 39 ++++++++++++++++++++ src/util/virpci.h | 2 ++ 5 files changed, 141 insertions(+) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 7fa76a1ec3..d81b30f0b6 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -3156,6 +3156,7 @@ virPCIDeviceGetStubDriverName; virPCIDeviceGetStubDriverType; virPCIDeviceGetUnbindFromStub; virPCIDeviceGetUsedBy; +virPCIDeviceGetVfioPath; virPCIDeviceGetVPD; virPCIDeviceHasPCIExpressLink; virPCIDeviceIsAssignable; diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index fb09c678f3..db5712721e 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -4810,6 +4810,18 @@ qemuBuildPCIHostdevDevProps(const virDomainDef *def, NULL) < 0) return NULL; =20 + if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_VFIO= && + pcisrc->driver.iommufd =3D=3D VIR_TRISTATE_BOOL_YES) { + qemuDomainHostdevPrivate *hostdevPriv =3D QEMU_DOMAIN_HOSTDEV_PRIV= ATE(dev); + + if (hostdevPriv->vfioDeviceFd !=3D -1) { + g_autofree char *fdstr =3D g_strdup_printf("%d", hostdevPriv->= vfioDeviceFd); + if (virJSONValueObjectAdd(&props, "S:fd", fdstr, NULL) < 0) + return NULL; + hostdevPriv->vfioDeviceFd =3D -1; + } + } + if (qemuBuildDeviceAddressProps(props, def, dev->info) < 0) return NULL; =20 @@ -5254,6 +5266,15 @@ qemuBuildHostdevCommandLine(virCommand *cmd, if (qemuCommandAddExtDevice(cmd, hostdev->info, def, qemuCaps)= < 0) return -1; =20 + if (subsys->u.pci.driver.iommufd =3D=3D VIR_TRISTATE_BOOL_YES)= { + qemuDomainHostdevPrivate *hostdevPriv =3D QEMU_DOMAIN_HOST= DEV_PRIVATE(hostdev); + + if (hostdevPriv->vfioDeviceFd !=3D -1) { + virCommandPassFD(cmd, hostdevPriv->vfioDeviceFd, + VIR_COMMAND_PASS_FD_CLOSE_PARENT); + } + } + if (!(devprops =3D qemuBuildPCIHostdevDevProps(def, hostdev))) return -1; =20 diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index a53bb40783..2841856454 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -103,6 +103,7 @@ #include "storage_source.h" #include "backup_conf.h" #include "storage_file_probe.h" +#include "virpci.h" =20 #include "logging/log_manager.h" #include "logging/log_protocol.h" @@ -7670,6 +7671,81 @@ qemuProcessPrepareHostBackendChardevHotplug(virDomai= nObj *vm, return 0; } =20 +/** + * qemuProcessOpenVfioDeviceFd: + * @hostdev: host device definition + * @vfioFd: returned file descriptor + * + * Opens the VFIO device file descriptor for a hostdev. + * + * Returns: FD on success, -1 on failure + */ +static int +qemuProcessOpenVfioDeviceFd(virDomainHostdevDef *hostdev) +{ + g_autofree char *vfioPath =3D NULL; + int fd =3D -1; + + if (hostdev->mode !=3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS || + hostdev->source.subsys.type !=3D VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PC= I) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("VFIO FD only supported for PCI hostdevs")); + return -1; + } + + if (virPCIDeviceGetVfioPath(&hostdev->source.subsys.u.pci.addr, &vfioP= ath) < 0) + return -1; + + VIR_DEBUG("Opening VFIO device %s", vfioPath); + + if ((fd =3D open(vfioPath, O_RDWR | O_CLOEXEC)) < 0) { + if (errno =3D=3D ENOENT) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, + _("VFIO device %1$s not found - ensure device i= s bound to vfio-pci driver"), + vfioPath); + } else { + virReportSystemError(errno, + _("cannot open VFIO device %1$s"), vfioPa= th); + } + return -1; + } + + VIR_DEBUG("Opened VFIO device FD %d for %s", fd, vfioPath); + return fd; +} + +/** + * qemuProcessOpenVfioFds: + * @vm: domain object + * + * Opens all necessary VFIO file descriptors for the domain. + * + * Returns: 0 on success, -1 on failure + */ +static int +qemuProcessOpenVfioFds(virDomainObj *vm) +{ + size_t i; + + /* Check if we have any hostdevs that need VFIO FDs */ + for (i =3D 0; i < vm->def->nhostdevs; i++) { + virDomainHostdevDef *hostdev =3D vm->def->hostdevs[i]; + qemuDomainHostdevPrivate *hostdevPriv =3D QEMU_DOMAIN_HOSTDEV_PRIV= ATE(hostdev); + + if (hostdev->mode =3D=3D VIR_DOMAIN_HOSTDEV_MODE_SUBSYS && + hostdev->source.subsys.type =3D=3D VIR_DOMAIN_HOSTDEV_SUBSYS_T= YPE_PCI && + hostdev->source.subsys.u.pci.driver.name =3D=3D VIR_DEVICE_HOS= TDEV_PCI_DRIVER_NAME_VFIO && + hostdev->source.subsys.u.pci.driver.iommufd =3D=3D VIR_TRISTAT= E_BOOL_YES) { + /* Open VFIO device FD */ + hostdevPriv->vfioDeviceFd =3D qemuProcessOpenVfioDeviceFd(host= dev); + if (hostdevPriv->vfioDeviceFd =3D=3D -1) + return -1; + } + } + + return 0; +} + /** * qemuProcessPrepareHost: * @driver: qemu driver @@ -7725,6 +7801,8 @@ qemuProcessPrepareHost(virQEMUDriver *driver, hostdev_flags |=3D VIR_HOSTDEV_COLD_BOOT; if (qemuHostdevPrepareDomainDevices(driver, vm->def, hostdev_flags) < = 0) return -1; + if (qemuProcessOpenVfioFds(vm) < 0) + return -1; =20 VIR_DEBUG("Preparing chr device backends"); if (qemuProcessPrepareHostBackendChardev(vm) < 0) diff --git a/src/util/virpci.c b/src/util/virpci.c index 90617e69c6..2348a98003 100644 --- a/src/util/virpci.c +++ b/src/util/virpci.c @@ -3320,3 +3320,42 @@ virPCIDeviceAddressFree(virPCIDeviceAddress *address) { g_free(address); } + +/** + * virPCIDeviceGetVfioPath: + * @addr: host device PCI address + * @vfioPath: returned VFIO device path + * + * Constructs the VFIO device path for a PCI hostdev. + * + * Returns: 0 on success, -1 on failure + */ +int +virPCIDeviceGetVfioPath(virPCIDeviceAddress *addr, + char **vfioPath) +{ + g_autofree char *addrStr =3D NULL; + g_autofree char *sysfsPath =3D NULL; + g_autoptr(DIR) dir =3D NULL; + struct dirent *entry =3D NULL; + + *vfioPath =3D NULL; + addrStr =3D virPCIDeviceAddressAsString(addr); + + /* Look in device's vfio-dev subdirectory */ + sysfsPath =3D g_strdup_printf("/sys/bus/pci/devices/%s/vfio-dev/", add= rStr); + + if (virDirOpen(&dir, sysfsPath) =3D=3D 1) { + while (virDirRead(dir, &entry, sysfsPath) > 0) { + if (STRPREFIX(entry->d_name, "vfio")) { + *vfioPath =3D g_strdup_printf("/dev/vfio/devices/%s", entr= y->d_name); + return 0; + } + } + } + + virReportError(VIR_ERR_INTERNAL_ERROR, + _("cannot find VFIO device for PCI device %1$s"), + addrStr); + return -1; +} diff --git a/src/util/virpci.h b/src/util/virpci.h index fc538566e1..24ede10755 100644 --- a/src/util/virpci.h +++ b/src/util/virpci.h @@ -296,6 +296,8 @@ void virPCIEDeviceInfoFree(virPCIEDeviceInfo *dev); =20 void virPCIDeviceAddressFree(virPCIDeviceAddress *address); =20 +int virPCIDeviceGetVfioPath(virPCIDeviceAddress *addr, char **vfioPath); + G_DEFINE_AUTOPTR_CLEANUP_FUNC(virPCIDevice, virPCIDeviceFree); G_DEFINE_AUTOPTR_CLEANUP_FUNC(virPCIDeviceAddress, virPCIDeviceAddressFree= ); G_DEFINE_AUTOPTR_CLEANUP_FUNC(virPCIEDeviceInfo, virPCIEDeviceInfoFree); --=20 2.43.0 From nobody Mon Feb 2 05:55:48 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1769799955613958.1486649397682; Fri, 30 Jan 2026 11:05:55 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id C398C3F316; Fri, 30 Jan 2026 14:05:54 -0500 (EST) Received: from [172.19.199.6] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id C692843E81; Fri, 30 Jan 2026 13:59:44 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 4FF523F878; Fri, 30 Jan 2026 13:59:31 -0500 (EST) Received: from MW6PR02CU001.outbound.protection.outlook.com (mail-westus2azon11012050.outbound.protection.outlook.com [52.101.48.50]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits)) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id F162B3F878 for ; Fri, 30 Jan 2026 13:59:29 -0500 (EST) Received: from DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) by SN7PR12MB7106.namprd12.prod.outlook.com (2603:10b6:806:2a1::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9564.7; Fri, 30 Jan 2026 18:59:26 +0000 Received: from DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5]) by DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5%3]) with mapi id 15.20.9564.008; Fri, 30 Jan 2026 18:59:26 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=LprIMnwm1sCG1d5AtRwg0Wv+szs1lj/BMF/6d3QvUeh8GLGjNC6SdBpsrujY/xIICkCd/LryV6W53wQ4J0euB5muYBXqzfNvm31V+i4kwNM9IJhwdFnbU59wJK14bdzALftDlkYItiuATB8EJxCnZpOd+0wwY2swy6mZ7yuOLTAKU5MB8Zik9pzi3AsmJdTcoRpNOH+ldoz0rIBv/6KMV+bzFgXDJKJqRgjIyvW/QAgAqBPnlslx2d/qFaULx+BKJXvi4WK4MrgMjJrTZLIKZ3hglEcLbK5QJ8sSZkBJTNfq/FUZAKZx2vzrlEG/g22asmBJEyJh2XZP0X9FrbVXjw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=cpzXwYuLKRMpyXKBMtXdqjlLWp9iNhaftzphHxNkWDg=; b=hIWZipoBqblSSMdfM3q6c0ACcF/j/7fxQe/epZmN0BkOmfKkyutR/kBjUTw372NQh7SekomYTeVyPOwTAAk7mWiFuVwXIKiC5YrD8T0qEzYyci5OJcmkhAg9j8SAOgn5vnaZME40zv8ArWAbjx0za4ny5ZX770Ckifo0lleKc4lwjE4hUnINlfBlhVVsIfO0hF7GDPgYgx7PPr3je9ryY2rMRiQIe3oWzhMSWKx7z2B1C6/H2VKpPReQhs0Btmv6XvchMwTt+DeA8venN1wrYP8itiGKsjfowmpeudRGKaZQUDxlRwMT9UajikuiMNjTNKCSzyAk4laVIl8o+SpdEQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cpzXwYuLKRMpyXKBMtXdqjlLWp9iNhaftzphHxNkWDg=; b=h68bWsKA8gdKuiwdVJttd4CnLc0sYIbc6eOX12yqtEKWxV577SxWcilTZbiSUGlrrLj8ko0baz6XfDZB8fMHyI1JCUTNNuKU+e7ECkFQJ5ReWXZvkESMIlMZOu+xl9LDVhVjZElETWQB0ehuLyfCmEL1mt0OSDav9pkF5yC+heVi34hD0B2kKRa6G9NlyY3IfKAomMbmrfVUKCm3UuAYgmh6HhOEg0AutVCGq5Qls86lsZNpo/q7G6XeCh7ekkh4OCD2sbEtWJjMNUrR6RwB28gigJs3/P1enKjfLKXSUxDdx9V3tYcaw9cJznjYR+JBiYeO+e1aAHltiAgTsfmLNA== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v6 5/7] qemu: open iommufd FD from libvirt backend Date: Fri, 30 Jan 2026 10:59:16 -0800 Message-ID: <20260130185918.4154310-6-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260130185918.4154310-1-nathanc@nvidia.com> References: <20260130185918.4154310-1-nathanc@nvidia.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SJ0PR05CA0079.namprd05.prod.outlook.com (2603:10b6:a03:332::24) To DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PR12MB9567:EE_|SN7PR12MB7106:EE_ X-MS-Office365-Filtering-Correlation-Id: 12e96034-9a17-4aaa-43f0-08de6031b074 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|1800799024|376014; X-Microsoft-Antispam-Message-Info: =?utf-8?B?aE1qMUpyQU90Y3NseEhkd3pPN0RZemtVTU9MeUMydWVIYmFBRGc2dnd4TkdL?= =?utf-8?B?ZWtONXYvaUpqZSszZmRabnZqcW5KODhNd2lIMDd2dTNDVG52bGdESm5FKzNK?= =?utf-8?B?ckg4YWpRemRJQmg1UldlUGM4eUl0NnlJTFBNTWZKMGtwUWlPYjlIbUpUQmRn?= =?utf-8?B?NzUzUXhnL2lsU2hoekhYc0JjT2ZIRHgvMnZpNlNEZXEzYVFzVncxNmN4UTV3?= =?utf-8?B?QUZkVUVxWmJyOUwzM2pGNU01MnhhNW9hZFdHUnRzZk54NXo0a2pCM1BTaVRI?= =?utf-8?B?Qlg4WmJ4TS90T1BKRmI5WW5oNGNJc0l4VmkxSENlQ2pER0JNYkh4THFWdXhw?= =?utf-8?B?UGtKQmZaRll5UVY2ODBRQUJhWWoxV0ZKKzZxL1E0OE5uLzhMdjZYekl2a2Fp?= =?utf-8?B?NlNoaDhVMEtqcHBRMHBFN3lKbm85V2ljYkpsZExPUW02RlB6VGtiNzU4ZE1L?= =?utf-8?B?TWFGWjBCUHdFWFF0Y2VGRVhmK3lURXV5R3U4NDlBRGZ4SWVrZFRhKzFiVGQz?= =?utf-8?B?QklDTW1iUWZ1VzdqdlNhR2Nxckw2SkMvaCtDZzdxTCs3Zzd1VlRhQUlYWjMx?= =?utf-8?B?dUlGWm5QL3NmN1ZGY0lBTEZham1NY09PN2dEWSs2WkFlcFp5WGNKZ1N1VkE1?= =?utf-8?B?K0U0cGx6UGlkUDFJV2x0RjdSekF6VDlKbXVYdUpUVzBHR0h6M2RROFRQMnh6?= =?utf-8?B?ek52UFdldThJZEplMTEzSUtSRUVRZVVsdDM0Um5jSlhJcGhpa2pnODdlQVl4?= =?utf-8?B?SEhJcWpaRy9uTEljRjZOc0hjYk82VStuOG9nRUFHMFhxZ29keGxVMlVDSXFO?= =?utf-8?B?TElLd3NKWUtreHN6blEzRXhXYW5ZcXljSXdUMGZnWi9va3owOFlvN2VSTHpR?= =?utf-8?B?T01sTW9OamtlbFl1T0lKVWZRU2hodTdvdXlXMG5XdkJ3M1RuajRGK3g4dzBz?= =?utf-8?B?eCttZkoydzFtRHd3LzhaeGQxOFpacndYT1d3NWlPak83MjR2amovVlJoZTY4?= =?utf-8?B?ZGk1VXl1bDV2L2hjeFpSaW5lWm9vNHpNTmhzWWtFY1E4eksycG1oNDZZcW9p?= =?utf-8?B?MkJHU2ErTUcwZ09KVVBqa2oxNEdzck1XdExXKzJzblZ5RTZhUk15YU4zckJW?= =?utf-8?B?L1A1TmU1MmFqNGgrblBaQWdDSkZ2WGZFVTk3MXV5RjZYOFNBb3NLYTI2SVAr?= =?utf-8?B?M2VQNVhDSGxON1JCQXg3ODJjS2NsbTBzRVA1Q2FwaURDODNnVGRxOWpXcnVP?= =?utf-8?B?bTZtSENOQkxqMmI0a1h4aU9XY0V5eTBaalBldnRyV1hjZU4xeFJOU2lqOWhs?= =?utf-8?B?ZGMyNDd5UDZ1OTlJVmEzdlJibXVuUUlmUHhqL25XTkx1M1RkcmVOd3RjdndX?= =?utf-8?B?c3kxbDkwRERkMVN6bE9sQ0ZKSE0vUTlqVHNMR3BTV3pjQ2I5bEYyL1F0a0I5?= =?utf-8?B?TXMwdnVHenNOYjMySmpBY1R5SkhXOXJLY3FVLzIvL1VvZ014Y0tGcExERExk?= =?utf-8?B?SHpDMlJvUEJWOVQxOXpQRUhycWFNcFVDc0Rrd2gvbDBzZkF4YityV0VZckFI?= =?utf-8?B?Und4cEVHUjVtd2RRVXcyc1NLeUR5cjF0VEFuV1JBNjZnRXFMYmh6QXU5dGln?= =?utf-8?B?bXdqR2poOSs0R0Q3bzNVZWRNV3UzRzBlNEpLTEdhWW5IYzhuRFcwRDJMMURa?= =?utf-8?B?YjhPUzFqdllENGxpdExNSHNIOWZvQ0h5cTFGcVlYVVhheHZkU0pGS3ZBQUNC?= =?utf-8?B?QWJkS2RFM3NVS3JPMWQ3cXlpV1dPOGsxYk1odk1YNXdSQzZPUlgvSXVYa09y?= =?utf-8?B?bE1oeDEyQU8zMlhtUzRYblVBZXZwVFhMSUdsRmZ2OVpZaEUxMzFBRXIrWE51?= =?utf-8?B?eVlETnRtanFrRzFuem9jQVhvcFhZVW5zVmNUblJ3SGh3V3JWdkNQZzhhWkVX?= =?utf-8?B?Y3lvOWoveHF5V2hpbkhhMGdqQldFYWVUY3FnY3BtUmEzUFhnWEIzKzlvRnhR?= =?utf-8?B?Y0s1YVNTM21NMmN3OWcwcUJXUWV1aTRqL2dlc1pBcGJwWVBjRzVCVFVCbTJ1?= =?utf-8?B?RVI3dk9tUkZ0MTBxbXJhN3BaQW9xei9UcEpOZ3diK1pKRHRoaFUrM2lJVi9S?= =?utf-8?Q?0LVk=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS2PR12MB9567.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?RDVyZTc4cHNtWGJtR29MOXpNK3htbFpFRzJLYmxtTkZxSDAvRFlPVXFuNFhr?= =?utf-8?B?WG43bENHMlRMOUdMUXlaa1lPamdDSUFrN1R5SG9aWTUrUC9HU2Urd0ZvbVpM?= =?utf-8?B?cGJHOFg0a254RS9EZ09lK0VOTmVpcERMOEtNTEZOYXpId254Q2hIbk1BTzAv?= =?utf-8?B?NkxVYUNIZjd2TFMzTzNydUtLa3dObFpkYzNHdXZvOUdnaHhNdzU2N0lKYXFL?= =?utf-8?B?U0lzcFArUFBhU2lySXU2MDU1c3YwR0p3cCt1bVlqSmVzQTYwNnN4T0E5WUVm?= =?utf-8?B?MjFhZGZDNngrSXY0K001YnJLbW14TTh0KzEzZ3dvVVhMdkVMTUdPYjZpbmM1?= =?utf-8?B?UmRic1dKRStrcXF2VS9VcC92Y0JpNGxORmZpR0hybWxqREhDT0ZwL0xsUnpG?= =?utf-8?B?dlRKRHQ5M1U5eWd0Q25VV0VGQ0hqbEhDQ2E3bmFyWGNFT0JzV1lmYzVQc3RT?= =?utf-8?B?eHMzN1V3RENCL1daOU84TGZxYTBWc3NsYUVNMXIwNVdwdVJVaWVmNUxpWlV6?= =?utf-8?B?c0NzL2lNYkY4SSsxNWlCMXJMbW1tOSsySi9IUUJvMG5Dc3duZFhlZG5EbXNC?= =?utf-8?B?VG5LM1FnSmFDckNGcnhENG9yZDNTTGNPbXBGNHAzRnlHR0NQTjE2NTk3MFJp?= =?utf-8?B?VWJ6L0M2MTM2N1BwK3pMV0VGc3EvNkFNZ3pySWkwRUIzRGRETU9LS2pMN1Jo?= =?utf-8?B?dUZGQWt3SW9FdUd3N0VFaHN0N0REKzd6b3R5M0FycldkaHNWN2hhZTR2by91?= =?utf-8?B?MXhVcmtGK0xnTWpXaCs1TWJNQzFRMjlYbExHQnNSbyt3eHA0RjJCZ2wyZmdR?= =?utf-8?B?ejMrVDM2L05wNkRyQm9HYXBhNHdmbWozZ25wWXVSVUZvQlRPeEhTZUJ3T0l0?= =?utf-8?B?V0paK1hIQTBXQzZOblM2clQxeitkTU5qOXJJdHlLMDJPcm1uOHRlZnFieTNo?= =?utf-8?B?blpRNjBxMVpkN2ZiaUxlSEtYZUg0MGR1bXZjMGl5ZnB1K0tSdHE2N1JOOVF5?= =?utf-8?B?SUlLT1RiTldHbUFIaGJEVjQ0RWNjc1AxbWlBRXREY21GalIwUEJ6aWRNN3Qr?= =?utf-8?B?anpIVy9NRmUwUHpxcUlrdGVHejEzR1FtOWF6T0paMXVHZHdpZGRRTnhqZEk2?= =?utf-8?B?Tlg1Z25nWlU0RHhGR2o0WW8zMFUvQnVab3VrWUl1eXdSWnNDcGUrWGx0bkd3?= =?utf-8?B?b0V1dk5IK2Fvd2c3K05pMnl1djNkZFc4cFBTeWhOUDMydjdKUWo4TFg0TWxI?= =?utf-8?B?TkxheE1PQTIvMkttRVRHYVIwTmRldDUvclpGaElJVHEwQjB2NCtUd1BIdzRS?= =?utf-8?B?d3dLZ0VQcmVTMmZ3eDA5TDBDV2JUc3dPaVFmSmhFRjEzK1FtMGV0aXFWdVdw?= =?utf-8?B?a1BwRUJXY21WcHJHQldYY1ZZbzJiSnBjOFRMbUliTSt4bGxiVDJ3TEo0bjdJ?= =?utf-8?B?Z1ZvY1B3TGdRdmIzVm43V2pBcmEvMTFMa0tURDg0M2h2OG1yVmtKM2piVW8r?= =?utf-8?B?dTBoN2RHZGs4MXkvdzV0QUhnSXY1Q3JMcTcvTUlRVnlnckFuYUpiTy9WNmNI?= =?utf-8?B?MlRFekhpWC9nWmdqNk9mYUM3SnVvSUw1bUtDa0M0UUVuK2JqeDlYUkY3NUxS?= =?utf-8?B?bHV6N0tOVXgwSmsrcm1CMXMzWWk5Tkh4anJ6cXM3YlJUTHg1UTR4c1owU1dQ?= =?utf-8?B?TXZQMHVEY1NOVVNybXFhMGU2OG5UbU4wUUZkOFhuYi84NHBuWDdrUWJGMDJ3?= =?utf-8?B?eGtGRFkwTXdMdWpSMXBvakQ2Z2p4R1hhMnVKd01LVWtGRmJsckJCdkVDL2tx?= =?utf-8?B?VW9qcmFZZEZRV3gzaUx0QTNEK0tKVHhlZVVJWDNnQUNCMzhwTlZKbzdyaEVY?= =?utf-8?B?WUVlb2h5SWlCYTBzNytiUSt3cGthNGh3MDB1Ni9mVXZtNDFsOTZ5SWVmQm1Z?= =?utf-8?B?RG9Fd0xyZkI3dUJjS2E2MDhJK05zR29BcFZ5S2lBajJKeTgwYXRmREVxMkxM?= =?utf-8?B?dTAxQUh0VHJTVnpxQUV3R2NNZDhXc1BhRWxNKzBaM1NpL3M0NENURy9WREhY?= =?utf-8?B?eWtqQ25NZXcrd2luMkVyYUl6NmxxQUR5Y0x0QVdTVzYrUUVuU3E4cG1lTDNw?= =?utf-8?B?U2I0dUxrK0RKeHQ4SThnWDcvc2E0N0IxeVZwaTVOQWtYanBpdlRnaW5BTm9a?= =?utf-8?B?NVo0aTRGeUdCWU94SWMzSkFqQ0xJYlNtWG9DN2p1WEVvVEhoaFJnOGhlVFVq?= =?utf-8?B?YWMzQ2lnL0ZyNS9PYkFNWHpleExSZFVIMElKYml0WndxWFRtaTFOMnRPR29s?= =?utf-8?B?L2Z0MU55bFVPTTVyUkhFS1JPRHNCRzlIQ0huNXUrZEdDNlRoYTNCZz09?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: 12e96034-9a17-4aaa-43f0-08de6031b074 X-MS-Exchange-CrossTenant-AuthSource: DS2PR12MB9567.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Jan 2026 18:59:26.4427 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: cpjaAEbxbbFCcctZQ2dpsgXtCHB9L12DWbtGYfnjoSvdAR83FMDK3sGl1Ztahimihae5w2DVeaLecEtqLQxChg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7106 Message-ID-Hash: CB2LN7EGBNRYMRSH2AXCU7QI7DALGOT7 X-Message-ID-Hash: CB2LN7EGBNRYMRSH2AXCU7QI7DALGOT7 X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1769799956919158500 From: Nathan Chen Open iommufd FD from libvirt backend without exposing these FDs to XML users, i.e. one per domain for /dev/iommu, and pass the FD to qemu command line. Set per-process memory accounting for iommufd instead of the default per-user memory accounting. Suggested-by: J=C3=A1n Tomko Signed-off-by: Nathan Chen Reviewed-by: Pavel Hrdina --- src/qemu/qemu_command.c | 13 +++++++++++-- src/qemu/qemu_domain.c | 1 + src/qemu/qemu_domain.h | 2 ++ src/qemu/qemu_process.c | 43 +++++++++++++++++++++++++++++++++++++++++ 4 files changed, 57 insertions(+), 2 deletions(-) diff --git a/src/qemu/qemu_command.c b/src/qemu/qemu_command.c index db5712721e..7f96eb1a01 100644 --- a/src/qemu/qemu_command.c +++ b/src/qemu/qemu_command.c @@ -5349,9 +5349,13 @@ qemuBuildHostdevCommandLine(virCommand *cmd, =20 static int qemuBuildIOMMUFDCommandLine(virCommand *cmd, - const virDomainDef *def) + const virDomainDef *def, + virDomainObj *vm) { size_t i; + qemuDomainObjPrivate *priv =3D vm->privateData; + g_autofree char *fdstr =3D g_strdup_printf("%d", priv->iommufd); + =20 for (i =3D 0; i < def->nhostdevs; i++) { virDomainHostdevDef *hostdev =3D def->hostdevs[i]; @@ -5370,8 +5374,13 @@ qemuBuildIOMMUFDCommandLine(virCommand *cmd, if (subsys->u.pci.driver.iommufd !=3D VIR_TRISTATE_BOOL_YES) continue; =20 + virCommandPassFD(cmd, priv->iommufd, VIR_COMMAND_PASS_FD_CLOSE_PAR= ENT); + + priv->iommufd =3D -1; + if (qemuMonitorCreateObjectProps(&props, "iommufd", "iommufd0", + "S:fd", fdstr, NULL) < 0) return -1; =20 @@ -10997,7 +11006,7 @@ qemuBuildCommandLine(virDomainObj *vm, if (qemuBuildRedirdevCommandLine(cmd, def, qemuCaps) < 0) return NULL; =20 - if (qemuBuildIOMMUFDCommandLine(cmd, def) < 0) + if (qemuBuildIOMMUFDCommandLine(cmd, def, vm) < 0) return NULL; =20 if (qemuBuildHostdevCommandLine(cmd, def, qemuCaps) < 0) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 3366214677..8e1ebe7799 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -2042,6 +2042,7 @@ qemuDomainObjPrivateAlloc(void *opaque) priv->blockjobs =3D virHashNew(virObjectUnref); priv->fds =3D virHashNew(g_object_unref); =20 + priv->iommufd =3D -1; priv->pidMonitored =3D -1; =20 /* agent commands block by default, user can choose different behavior= */ diff --git a/src/qemu/qemu_domain.h b/src/qemu/qemu_domain.h index 88c8416aa4..3361e97315 100644 --- a/src/qemu/qemu_domain.h +++ b/src/qemu/qemu_domain.h @@ -264,6 +264,8 @@ struct _qemuDomainObjPrivate { /* named file descriptor groups associated with the VM */ GHashTable *fds; =20 + int iommufd; + char *memoryBackingDir; }; =20 diff --git a/src/qemu/qemu_process.c b/src/qemu/qemu_process.c index 2841856454..c5b2a5fda8 100644 --- a/src/qemu/qemu_process.c +++ b/src/qemu/qemu_process.c @@ -104,6 +104,7 @@ #include "backup_conf.h" #include "storage_file_probe.h" #include "virpci.h" +#include "viriommufd.h" =20 #include "logging/log_manager.h" #include "logging/log_protocol.h" @@ -7671,6 +7672,42 @@ qemuProcessPrepareHostBackendChardevHotplug(virDomai= nObj *vm, return 0; } =20 +/** + * qemuProcessOpenIommuFd: + * @vm: domain object + * @iommuFd: returned file descriptor + * + * Opens /dev/iommu file descriptor for the VM. + * + * Returns: FD on success, -1 on failure + */ +static int +qemuProcessOpenIommuFd(virDomainObj *vm) +{ + int fd =3D -1; + + VIR_DEBUG("Opening IOMMU FD for domain %s", vm->def->name); + + if ((fd =3D open(VIR_IOMMU_DEV_PATH, O_RDWR | O_CLOEXEC)) < 0) { + if (errno =3D=3D ENOENT) { + virReportError(VIR_ERR_CONFIG_UNSUPPORTED, "%s", + _("IOMMU FD support requires /dev/iommu device"= )); + } else { + virReportSystemError(errno, "%s", + _("cannot open /dev/iommu")); + } + return -1; + } + + if (virIOMMUFDSetRLimitMode(fd, true) < 0) { + VIR_FORCE_CLOSE(fd); + return -1; + } + + VIR_DEBUG("Opened IOMMU FD %d for domain %s", fd, vm->def->name); + return fd; +} + /** * qemuProcessOpenVfioDeviceFd: * @hostdev: host device definition @@ -7725,6 +7762,7 @@ qemuProcessOpenVfioDeviceFd(virDomainHostdevDef *host= dev) static int qemuProcessOpenVfioFds(virDomainObj *vm) { + qemuDomainObjPrivate *priv =3D vm->privateData; size_t i; =20 /* Check if we have any hostdevs that need VFIO FDs */ @@ -7740,6 +7778,11 @@ qemuProcessOpenVfioFds(virDomainObj *vm) hostdevPriv->vfioDeviceFd =3D qemuProcessOpenVfioDeviceFd(host= dev); if (hostdevPriv->vfioDeviceFd =3D=3D -1) return -1; + + /* Open IOMMU FD */ + priv->iommufd =3D qemuProcessOpenIommuFd(vm); + if (priv->iommufd =3D=3D -1) + return -1; } } =20 --=20 2.43.0 From nobody Mon Feb 2 05:55:48 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1769800024667662.2066963824325; Fri, 30 Jan 2026 11:07:04 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id 7E38D3F8B4; Fri, 30 Jan 2026 14:07:04 -0500 (EST) Received: from [172.19.199.6] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id 2756143ECE; Fri, 30 Jan 2026 14:00:18 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 61D4543DBB; Fri, 30 Jan 2026 14:00:13 -0500 (EST) Received: from MW6PR02CU001.outbound.protection.outlook.com (mail-westus2azon11012006.outbound.protection.outlook.com [52.101.48.6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id BB59A418E4 for ; Fri, 30 Jan 2026 13:59:31 -0500 (EST) Received: from DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) by SN7PR12MB7106.namprd12.prod.outlook.com (2603:10b6:806:2a1::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9564.7; Fri, 30 Jan 2026 18:59:27 +0000 Received: from DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5]) by DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5%3]) with mapi id 15.20.9564.008; Fri, 30 Jan 2026 18:59:27 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=hgNoWwNUNLRehGToE2KQYIRyBDsQorzaQ/GDAGKHoKpOyDYPyeRd/luCMllKsIgQmfnr5+SMCQn/TLSB+WtyP5nA56xh3kotXqHZyC6lpRsSsUBJ3W9nAUqNB/sT9EO4itZR2T/0OfzRA+UkQqsRW3dBE8LKpFEMBS/mpC7KwfiFU60/Y9FXYtUqLak5nvgm+7PRF+9HuC+q0GQSv4nF0xihaupJO4PtqhgsC8WzPZGDFAVuvxwgFDKmB+bm+t3/Q9iNkQ+6hdpua6upORN1mi+dN8Nwrs0YtULAXRpN7SCtMVGCTZsu0GjQ593lpJLVvyLH0LItldBlEMsX/hl8hQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=CKVwJ1/E1wuBgciFuaoMNog0L2aVFnp9ol1/iLgaAKg=; b=LqsZsA6MGwNCWkt2H7E6wtdNV5XpzKkmuqqqDSHa+AdzMrSaOPugRGoSFY2vH0/8mZI6XDTvsgRftAGR3byNOaL6t47G439d2n+MzTmBA2xRMYaV1f/hMBTyDWXdo5zqTc8YMqtMrQG9uqvuVcs7DRWMjDV3G+OGg8HAUUGqji0BuFM38YvHfhffZ+wWAOUfOcmiCHh1INinSMrjYNiLScW9nGb2C0XZVgPMBKcC8RR3KqlSF+5baP5bn3PVKEbaPkLF4J+Xy9TgoV3gN8CXJIie8ciuTVycUOJJQyTDfaCONu/lelBSvXkYG1dx67mm91y9+ALXTAm77IDIW0uMgg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CKVwJ1/E1wuBgciFuaoMNog0L2aVFnp9ol1/iLgaAKg=; b=rlwmZD/KRTBAMMwNOznIXmiTCc3Bt93HCkNY3FQ124nJJt3LOo6lHNNOwcnrbm6s4E+XuHbJwFnwJFloa968NwOUo/XSAlr3eua6G3xjnS7ASlla7fRPAV3T56jtzDRd5gSfrVA/2Uk4b5I/DpoSFVuaPnyhvLnau/GRHQ/x8GuJCuXgadEv26ZG9NejdjPksM8ZOJuCeke1CJEAHq/KmK3e9OH7iN5g+aYxuNZ/DtqNTfYfc9bqzwOaPxgGeYCovtHCxNspcdh3ct1bkxfB4BdkZZpJdmRQKTeoEWeytLU/LeUK+4V/VnNuYQKYmjpzitLxUiLccdNdtuOX38qS9A== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v6 6/7] qemu: Update Cgroup, namespace, and seclabel for iommufd Date: Fri, 30 Jan 2026 10:59:17 -0800 Message-ID: <20260130185918.4154310-7-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260130185918.4154310-1-nathanc@nvidia.com> References: <20260130185918.4154310-1-nathanc@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SJ0PR03CA0189.namprd03.prod.outlook.com (2603:10b6:a03:2ef::14) To DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PR12MB9567:EE_|SN7PR12MB7106:EE_ X-MS-Office365-Filtering-Correlation-Id: f9f99283-56d6-427f-6292-08de6031b11d X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|1800799024|376014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?2JOWLGPFHLzIkXq1Xl/+fGcEhLVexUIbEU/IuH0kGIB733dUALzf2Q9c5LG7?= =?us-ascii?Q?5vv1HFmlWPyyDkrOb/5lXZBd5weeNirktTs4LJQOu8QUVjJD+iveSwsNfFdt?= =?us-ascii?Q?qx3iI9wBOF4v6DbFzl4eXkTooXfXQIFG5M8jM2hK+W1GGnr+F00e32qeMM+9?= =?us-ascii?Q?6DNtmX27FE5DVM51kV+jqoEyXnxHOkEhQDKIF1gzjqd3JYKZoErGkDAfmqAd?= =?us-ascii?Q?U6xJnuoCNNgwZjL3FduBVFnIIbrvttj7V49m6EpRUQxUr3fSz7BnWbZl88KK?= =?us-ascii?Q?Qwj27vWtR7lmmwZbDlBEInQvBzANWhSrn8NkFFAg1kSNkvr3yeYm2kojtrmu?= =?us-ascii?Q?AcVW67UlQj+alJMbUxptqEDcnZAXG9wJFtj71uqbjTqXAvecAcrKjyW5sUCz?= =?us-ascii?Q?shSNhY7WLP1eGP9lPOGAHILM6tdRl80+50t4W7BDcZNyr9i9klndxKXYDQyp?= =?us-ascii?Q?inrdDwkAyDfTmO+nV5/WJtvwOgQrl1YJH6wNLNCpty6io54HyfnTyDaLgXez?= =?us-ascii?Q?vzrZFFc/mHqTF6NjZ7DXtRZx2jI/di5z0GQPyZMqeRNkNcVXj9htac8EnkTt?= =?us-ascii?Q?aed6Q+2MF8UXfbyDf5B+jYOd48F0j2as+xiMMgCRUG9BHgL83ibRmLz9UpcZ?= =?us-ascii?Q?sBjg7u+3GiuFhIPb0wjo5gg6fylO7C1CyDZOrBWG61T1+HHJNvJyqYivTStX?= =?us-ascii?Q?WQJHiUj/WHKF4ex8mZYGZBYUhQFHmqJ6D2S8bbT9vjoO+z4BQHiKHgkOoLLr?= =?us-ascii?Q?wZGXWcJSt2p9QfpSp0uIy2BzBC8g6Owpuh7VJDW/CIxrltdb+Xa5w3LQFt/V?= =?us-ascii?Q?M5UYxGP02IZ0GpkzVJC3UI9+Ccjr3kTlsaqxkKKJCqeGJ0dUp/9hUEjTpsBn?= =?us-ascii?Q?ARz0YCkr7eIZ4kQ30kkS+hGwQYY0SFY29CP8U3yt0NcoqCqNhCPYFOEK/S03?= =?us-ascii?Q?nImX69ehOzQf6/GqFP3wBfwlFPoHS93PiUD2raAZcvklINrmyWUmmqt1vSVk?= =?us-ascii?Q?Qnxj+mUPg4OWB1PauUbWb5b4kP9UtSv35uApQQMpShlKQPjRR+0/QmYxQ1Qa?= =?us-ascii?Q?igGsRbLneDsRWXJ3Kfgrs+gBelMeNrEijBb4ZUveKbqPx3slwFCTe0LDTdX/?= =?us-ascii?Q?SgRh3PysfUI6Ojo7FsTE17kKIl+bNwNpGXnynFAyUDGCYgr6EtO/mkubtSHw?= =?us-ascii?Q?0KvW0bvVTJQ0ScxUdZakYO1wJWn8KhYvCRbYvRlLvHg04B7WaFDMmeUmuvxO?= =?us-ascii?Q?waXkpbilo9IRkvmSI+fJrrYs1GxBDEiQMDYjXO0yn2r6Nd7eJHmPxQ6xBdol?= =?us-ascii?Q?gubqFuPkQpNfBGpt7kIuNg5VBCJ5ZzVnT6zps04SXhIX0uszkPb/+bX1Wj+8?= =?us-ascii?Q?Cz2fXpHQMlDOoF2RIjURRqpMubtpwgheNzVucm54xzdh3sRQb/iNMRmGaykz?= =?us-ascii?Q?/aLeubbZQndOpG1RlSOD0GggtY3oKpGMKSR95OCXsoHdDnQT1XSLDAfhVECD?= =?us-ascii?Q?RUnL1m5PXcDSpRKS29ghu3f1jciLFNCSOvR3ZZsqu/eIo6AZTfzvaFkHGJsf?= =?us-ascii?Q?PAohZjh0NmQug4jp9SQ=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS2PR12MB9567.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?VoWTrMws9DEOKvZjjQSf0pPf7DHyO9cp9eucd3WZbmI+B7qwASpWaQFy5+GD?= =?us-ascii?Q?NcNTzKtqQBk4XD/+NxXJXOaQkgVTU59udpuCKguffYSlfpgVDEJKNhkANPgs?= =?us-ascii?Q?ZzhvIEmaECSIPkoBCdmfROI7kowBCL5r8HyvtPhsGfpeoJdo9lVW8fw3a5ei?= =?us-ascii?Q?2lenQwawYMWGcc0UI+XHISv1O0yHAi/yh9yBURlEMcu38l1IAfse4KrWiiES?= =?us-ascii?Q?g8Em8ZnBlXQ1uv8OlhmnKPg6NoL7dWWNk8QK6ANSydqm05qOpUR0+FQGE5xK?= =?us-ascii?Q?4Yy8LUSLuIgH292omr7MqzDOHuBXFWgbZQzXRI2MBh9M48u09yPNPVf5vbdU?= =?us-ascii?Q?j/DG/Eng6ay11djXG20tTS5k2I4sbmU7VFwq5bpvjIKoGftZFGp0Zn5VvOei?= =?us-ascii?Q?2gfQ1eoZjJp+XIJbsJQSWsNugs6kaic/GWlDAbUl44inaaKiPUzgC+hc7bcw?= =?us-ascii?Q?Yg63hvx/6+q1BMgok/wAKFNtPrP/ofhYQZFSA/cLzezXmOJfSQ0+rYtnF2Yu?= =?us-ascii?Q?+AVPHBQTuTMM4+umNVDmbtgkJ4iWLkuZkI5kA4BIQ7lCo2tU8wCIc2VBbz5R?= =?us-ascii?Q?+BcP8H3i7C9a52uOM7nFBKm19ePfmmDSrKhJj1KHv8KpvIyx+iGVSle2ea25?= =?us-ascii?Q?VB/s+eICRkIwUTtWNVjmJOTVzN64z+cpOg/9DWqlL9dt1qZ/yYtXGsNyTyeX?= =?us-ascii?Q?JROfEE+bpgZcXHxFWvrflr/o783MtJ4ubaYOIwhHQY3PL1koQFCS+zQpq8zi?= =?us-ascii?Q?8v6nZcOTgQO5vlM7wjgeu/Ove8NzMvP8D5DGhXbDsgvAmNAqmdBdPMqF11IE?= =?us-ascii?Q?f81nMrgKgKMDJ2LSRZK8fS3DlG1DMKfrOl2/9JCkLeZEaZ6UEWgbMR6/VgUQ?= =?us-ascii?Q?rgiSP74NPYl7D8/8kZwimmKILG02Vciy5NwddiI0nMdBk2vdx3RiFCV7NTwv?= =?us-ascii?Q?WiAQyEoiJLxsQgdFsr9vu9PO1dkBmPReBbA0f7JYK//fkX/CYx/9Jj6iTgd9?= =?us-ascii?Q?Z3ceM/YfgQkoJSfRaJIB8MzMHYPIPe/1tQfaXjaf05QmQ8Ia9NsUCX9ourER?= =?us-ascii?Q?yT5xGMn/jYRsMMy7lyRRRdTA+eWGWTSHba6w49mc7tSJZ9YoAE7f7OKLgPTM?= =?us-ascii?Q?ExEMDEN+Vh9KAqD3s1TbEiW9AElhRcnfU+rSuP0hQnFA6LUpVhQBl2WudT+u?= =?us-ascii?Q?GU7IbLhQBDFRrnyu+f+IO2x7AkfwxdrsxWI/I94LvYy5z3Ual5+Ys+loZ7dI?= =?us-ascii?Q?C/fA7Pg726ke7qa+0M3c+uWo0AoENuGFQIfmz0+6qxuOFPCh+7Iyps7mvcgL?= =?us-ascii?Q?WTJ0SCvNs3evHPHGHbUXbtjVAUEANJ5PUnxyw+WGKOp+ndtNDrApBhYmrqKg?= =?us-ascii?Q?Sy6jI5zNOY/u3YvjSzWXmVVvRLmUeB5lgfh6c1hLIQSGwtwvLM+mmm6V3RYU?= =?us-ascii?Q?77RVE8Yt/eGU2R2ZkRGQCuYuNui/zkhOQ74HkMSnwk+hr6HCKPDgLLsCI7Ts?= =?us-ascii?Q?Z/V97vaO3tb3NBOQGTkQTZQixey/AK/wHMN1qwYTlwM9tdFwA7BOhnNkYA5f?= =?us-ascii?Q?QtnbRIJnVw/9UMffzlOh7m4cM2RzAqnwtp+5dwwJl2arAPUmLhfDvrs1sJF1?= =?us-ascii?Q?hR2hhAVtDarFcXPwu3cPs+ilxDqJ8SzCntZkkGS2JmuMPEjFsQNCXI60GR0f?= =?us-ascii?Q?PfbiSF+Hmxb9n4BJqu/Cdr6T7SHZp6dM5lZy9ciYUBfk66vCaFMf1ZJ7/NZ0?= =?us-ascii?Q?zldcRQjyIQ=3D=3D?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: f9f99283-56d6-427f-6292-08de6031b11d X-MS-Exchange-CrossTenant-AuthSource: DS2PR12MB9567.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Jan 2026 18:59:27.6071 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: JNJ/RUbstSmWg3Rs61OsLp5BEJ6Ml3v/cqcJIjgeUlpUhdG4ITBXTbbFg5VkFidVa1ILhq9uxlKXuM6Fjg64hw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7106 Message-ID-Hash: KWLENJIU7KX2VUGZKDTGDKFT26SF2QV4 X-Message-ID-Hash: KWLENJIU7KX2VUGZKDTGDKFT26SF2QV4 X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1769800030373158500 Content-Type: text/plain; charset="utf-8" From: Nathan Chen When launching a qemu VM with the iommufd feature enabled for VFIO hostdevs: - Do not allow cgroup, namespace, and seclabel access to VFIO paths (/dev/vfio/vfio and /dev/vfio/) - Allow access to iommufd paths (/dev/iommu and /dev/vfio/devices/vfio*) for AppArmor, SELinux, and DAC Signed-off-by: Nathan Chen Reviewed-by: Pavel Hrdina --- src/qemu/qemu_cgroup.c | 3 ++ src/qemu/qemu_namespace.c | 3 ++ src/security/security_apparmor.c | 28 ++++++++++++------ src/security/security_dac.c | 49 +++++++++++++++++++++++++------- src/security/security_selinux.c | 47 +++++++++++++++++++++++------- src/security/virt-aa-helper.c | 33 ++++++++++++++++----- 6 files changed, 128 insertions(+), 35 deletions(-) diff --git a/src/qemu/qemu_cgroup.c b/src/qemu/qemu_cgroup.c index 7dadef0739..6148990f19 100644 --- a/src/qemu/qemu_cgroup.c +++ b/src/qemu/qemu_cgroup.c @@ -479,6 +479,9 @@ qemuSetupHostdevCgroup(virDomainObj *vm, g_autofree char *path =3D NULL; int perms; =20 + if (dev->source.subsys.u.pci.driver.iommufd =3D=3D VIR_TRISTATE_BOOL_Y= ES) + return 0; + if (!virCgroupHasController(priv->cgroup, VIR_CGROUP_CONTROLLER_DEVICE= S)) return 0; =20 diff --git a/src/qemu/qemu_namespace.c b/src/qemu/qemu_namespace.c index c689cc3e40..fb0734193d 100644 --- a/src/qemu/qemu_namespace.c +++ b/src/qemu/qemu_namespace.c @@ -345,6 +345,9 @@ qemuDomainSetupHostdev(virDomainObj *vm, { g_autofree char *path =3D NULL; =20 + if (hostdev->source.subsys.u.pci.driver.iommufd =3D=3D VIR_TRISTATE_BO= OL_YES) + return 0; + if (qemuDomainGetHostdevPath(hostdev, &path, NULL) < 0) return -1; =20 diff --git a/src/security/security_apparmor.c b/src/security/security_appar= mor.c index 68ac39611f..934acfb461 100644 --- a/src/security/security_apparmor.c +++ b/src/security/security_apparmor.c @@ -45,6 +45,7 @@ #include "virstring.h" #include "virscsi.h" #include "virmdev.h" +#include "viriommufd.h" =20 #define VIR_FROM_THIS VIR_FROM_SECURITY =20 @@ -841,25 +842,36 @@ AppArmorSetSecurityHostdevLabel(virSecurityManager *m= gr, } =20 case VIR_DOMAIN_HOSTDEV_SUBSYS_TYPE_PCI: { - virPCIDevice *pci =3D + g_autoptr(virPCIDevice) pci =3D virPCIDeviceNew(&pcisrc->addr); =20 if (!pci) goto done; =20 if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_= VFIO) { - char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev(pci); + if (dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { + char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev(pci); =20 - if (!vfioGroupDev) { - virPCIDeviceFree(pci); - goto done; + if (!vfioGroupDev) { + goto done; + } + ret =3D AppArmorSetSecurityPCILabel(pci, vfioGroupDev, ptr= ); + VIR_FREE(vfioGroupDev); + } else { + g_autofree char *vfiofdDev =3D NULL; + + if (virPCIDeviceGetVfioPath(&dev->source.subsys.u.pci.addr= , &vfiofdDev) < 0) + goto done; + + ret =3D AppArmorSetSecurityPCILabel(pci, vfiofdDev, ptr); + if (ret < 0) + goto done; + + ret =3D AppArmorSetSecurityPCILabel(pci, VIR_IOMMU_DEV_PAT= H, ptr); } - ret =3D AppArmorSetSecurityPCILabel(pci, vfioGroupDev, ptr); - VIR_FREE(vfioGroupDev); } else { ret =3D virPCIDeviceFileIterate(pci, AppArmorSetSecurityPCILab= el, ptr); } - virPCIDeviceFree(pci); break; } =20 diff --git a/src/security/security_dac.c b/src/security/security_dac.c index 2f788b872a..d0ed22db2d 100644 --- a/src/security/security_dac.c +++ b/src/security/security_dac.c @@ -41,6 +41,7 @@ #include "virscsivhost.h" #include "virstring.h" #include "virutil.h" +#include "viriommufd.h" =20 #define VIR_FROM_THIS VIR_FROM_SECURITY =20 @@ -1282,14 +1283,27 @@ virSecurityDACSetHostdevLabel(virSecurityManager *m= gr, return -1; =20 if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_= VFIO) { - g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev= (pci); + if (dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { + g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGrou= pDev(pci); =20 - if (!vfioGroupDev) - return -1; + if (!vfioGroupDev) + return -1; + + ret =3D virSecurityDACSetHostdevLabelHelper(vfioGroupDev, + false, + &cbdata); + } else { + g_autofree char *vfiofdDev =3D NULL; + + if (virPCIDeviceGetVfioPath(&dev->source.subsys.u.pci.addr= , &vfiofdDev) < 0) + return -1; =20 - ret =3D virSecurityDACSetHostdevLabelHelper(vfioGroupDev, - false, - &cbdata); + ret =3D virSecurityDACSetHostdevLabelHelper(vfiofdDev, fal= se, &cbdata); + if (ret < 0) + break; + + ret =3D virSecurityDACSetHostdevLabelHelper(VIR_IOMMU_DEV_= PATH, false, &cbdata); + } } else { ret =3D virPCIDeviceFileIterate(pci, virSecurityDACSetPCILabel, @@ -1443,13 +1457,28 @@ virSecurityDACRestoreHostdevLabel(virSecurityManage= r *mgr, return -1; =20 if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_= VFIO) { - g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev= (pci); + if (dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { + g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGrou= pDev(pci); =20 - if (!vfioGroupDev) - return -1; + if (!vfioGroupDev) + return -1; =20 - ret =3D virSecurityDACRestoreFileLabelInternal(mgr, NULL, + ret =3D virSecurityDACRestoreFileLabelInternal(mgr, NULL, vfioGroupDev, fal= se); + } else { + g_autofree char *vfiofdDev =3D NULL; + + if (virPCIDeviceGetVfioPath(&dev->source.subsys.u.pci.addr= , &vfiofdDev) < 0) + return -1; + + ret =3D virSecurityDACRestoreFileLabelInternal(mgr, NULL, + vfiofdDev, fa= lse); + if (ret < 0) + break; + + ret =3D virSecurityDACRestoreFileLabelInternal(mgr, NULL, + VIR_IOMMU_DEV= _PATH, false); + } } else { ret =3D virPCIDeviceFileIterate(pci, virSecurityDACRestorePCIL= abel, mgr); } diff --git a/src/security/security_selinux.c b/src/security/security_selinu= x.c index 2f3cc274a5..834383a7de 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -41,6 +41,7 @@ #include "virconf.h" #include "virtpm.h" #include "virstring.h" +#include "viriommufd.h" =20 #define VIR_FROM_THIS VIR_FROM_SECURITY =20 @@ -2256,14 +2257,27 @@ virSecuritySELinuxSetHostdevSubsysLabel(virSecurity= Manager *mgr, return -1; =20 if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_= VFIO) { - g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev= (pci); + if (dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { + g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGrou= pDev(pci); =20 - if (!vfioGroupDev) - return -1; + if (!vfioGroupDev) + return -1; + + ret =3D virSecuritySELinuxSetHostdevLabelHelper(vfioGroupD= ev, + false, + &data); + } else { + g_autofree char *vfiofdDev =3D NULL; + + if (virPCIDeviceGetVfioPath(&dev->source.subsys.u.pci.addr= , &vfiofdDev) < 0) + return -1; =20 - ret =3D virSecuritySELinuxSetHostdevLabelHelper(vfioGroupDev, - false, - &data); + ret =3D virSecuritySELinuxSetHostdevLabelHelper(vfiofdDev,= false, &data); + if (ret) + break; + + ret =3D virSecuritySELinuxSetHostdevLabelHelper(VIR_IOMMU_= DEV_PATH, false, &data); + } } else { ret =3D virPCIDeviceFileIterate(pci, virSecuritySELinuxSetPCIL= abel, &data); } @@ -2491,12 +2505,25 @@ virSecuritySELinuxRestoreHostdevSubsysLabel(virSecu= rityManager *mgr, return -1; =20 if (pcisrc->driver.name =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_= VFIO) { - g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGroupDev= (pci); + if (dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { + g_autofree char *vfioGroupDev =3D virPCIDeviceGetIOMMUGrou= pDev(pci); =20 - if (!vfioGroupDev) - return -1; + if (!vfioGroupDev) + return -1; + + ret =3D virSecuritySELinuxRestoreFileLabel(mgr, vfioGroupD= ev, false, false); + } else { + g_autofree char *vfiofdDev =3D NULL; + + if (virPCIDeviceGetVfioPath(&dev->source.subsys.u.pci.addr= , &vfiofdDev) < 0) + return -1; =20 - ret =3D virSecuritySELinuxRestoreFileLabel(mgr, vfioGroupDev, = false, false); + ret =3D virSecuritySELinuxRestoreFileLabel(mgr, vfiofdDev,= false, false); + if (ret < 0) + break; + + ret =3D virSecuritySELinuxRestoreFileLabel(mgr, VIR_IOMMU_= DEV_PATH, false, false); + } } else { ret =3D virPCIDeviceFileIterate(pci, virSecuritySELinuxRestore= PCILabel, mgr); } diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index 211c34f926..155dcb4039 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -50,6 +50,7 @@ #include "virstring.h" #include "virgettext.h" #include "virhostdev.h" +#include "viriommufd.h" =20 #define VIR_FROM_THIS VIR_FROM_SECURITY =20 @@ -1114,8 +1115,9 @@ get_files(vahControl * ctl) =20 virDeviceHostdevPCIDriverName driverName =3D dev->source.subsy= s.u.pci.driver.name; =20 - if (driverName =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_VFIO = || - driverName =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_DEFAU= LT) { + if ((driverName =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_VFIO= || + driverName =3D=3D VIR_DEVICE_HOSTDEV_PCI_DRIVER_NAME_DEFAU= LT) && + dev->source.subsys.u.pci.driver.iommufd !=3D VIR_TRISTATE_= BOOL_YES) { needsVfio =3D true; } =20 @@ -1348,6 +1350,7 @@ get_files(vahControl * ctl) virBufferAddLit(&buf, " \"/dev/vfio/vfio\" rw,\n"); virBufferAddLit(&buf, " \"/dev/vfio/[0-9]*\" rw,\n"); } + if (needsgl) { /* if using gl all sorts of further dri related paths will be need= ed */ virBufferAddLit(&buf, " # DRI/Mesa/(e)GL config and driver paths\= n"); @@ -1385,9 +1388,18 @@ get_files(vahControl * ctl) } } =20 - if (ctl->newfile && - vah_add_file(&buf, ctl->newfile, "rwk") !=3D 0) { - return -1; + if (ctl->newfile) { + const char *perms =3D "rwk"; + + /* VFIO and iommufd devices need mmap permission */ + if (STRPREFIX(ctl->newfile, "/dev/vfio/devices/vfio") || + STREQ(ctl->newfile, VIR_IOMMU_DEV_PATH)) { + perms =3D "rwm"; + } + + if (vah_add_file(&buf, ctl->newfile, perms) !=3D 0) { + return -1; + } } =20 ctl->files =3D virBufferContentAndReset(&buf); @@ -1561,8 +1573,15 @@ main(int argc, char **argv) } } if (ctl->append && ctl->newfile) { - if (vah_add_file(&buf, ctl->newfile, "rwk") !=3D 0) - goto cleanup; + const char *perms =3D "rwk"; + + if (STRPREFIX(ctl->newfile, "/dev/vfio/devices/vfio") || + STREQ(ctl->newfile, VIR_IOMMU_DEV_PATH)) { + perms =3D "rwm"; + } + + if (vah_add_file(&buf, ctl->newfile, perms) !=3D 0) + return -1; } else { if (ctl->def->virtType =3D=3D VIR_DOMAIN_VIRT_QEMU || ctl->def->virtType =3D=3D VIR_DOMAIN_VIRT_KQEMU || --=20 2.43.0 From nobody Mon Feb 2 05:55:48 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) client-ip=8.43.85.245; envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org; Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of lists.libvirt.org designates 8.43.85.245 as permitted sender) smtp.mailfrom=devel-bounces@lists.libvirt.org; arc=fail (Bad Signature); dmarc=pass(p=reject dis=none) header.from=lists.libvirt.org Return-Path: Received: from lists.libvirt.org (lists.libvirt.org [8.43.85.245]) by mx.zohomail.com with SMTPS id 1769800117880571.598975691079; Fri, 30 Jan 2026 11:08:37 -0800 (PST) Received: by lists.libvirt.org (Postfix, from userid 993) id F08E63F31D; Fri, 30 Jan 2026 14:08:36 -0500 (EST) Received: from [172.19.199.6] (lists.libvirt.org [8.43.85.245]) by lists.libvirt.org (Postfix) with ESMTP id F1A8441861; Fri, 30 Jan 2026 14:01:11 -0500 (EST) Received: by lists.libvirt.org (Postfix, from userid 993) id 7A1893F326; Fri, 30 Jan 2026 14:01:06 -0500 (EST) Received: from BN1PR04CU002.outbound.protection.outlook.com (mail-eastus2azon11010012.outbound.protection.outlook.com [52.101.56.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (3072 bits) server-digest SHA256) (No client certificate requested) by lists.libvirt.org (Postfix) with ESMTPS id C27D041A31 for ; Fri, 30 Jan 2026 13:59:33 -0500 (EST) Received: from DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) by SN7PR12MB7106.namprd12.prod.outlook.com (2603:10b6:806:2a1::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.9564.7; Fri, 30 Jan 2026 18:59:29 +0000 Received: from DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5]) by DS2PR12MB9567.namprd12.prod.outlook.com ([fe80::636:1b52:24ca:d7e5%3]) with mapi id 15.20.9564.008; Fri, 30 Jan 2026 18:59:29 +0000 X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=5.0 tests=ARC_SIGNED,ARC_VALID,BAYES_00, DKIM_INVALID,DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED, RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED, RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_PASS autolearn=unavailable autolearn_force=no version=4.0.1 ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=IblBuS2CK0KZP2xemow/lJC9mmmypNu6t6BAShYXQlReeFxcJPda6fl1livCpPV6ilZKzLFAYFB063KWObMhhBGEjkMHCZa6tMpbMMmiJ9JNiRqAmx1gycbE387D7CXqKPnUkGaIb5YjrkI5nNxwVGGsH1TDRGdArFYLBjMpS89R9FLRLsWbhzRdjjDj9jFhs7yFj++x/Zf8vB24ESJnr0nZXWdUjgK4ZkE52oecqyedja9IdR7MENF1klq7BqsVzJsw7pcMlvCc4v9Q+SiOwdjKLqMPxo/hNrZg9A7K4NoGhAhQMk/6oHJ6d3eu0AfXAB2DGUlzYf/6oE1QisYquA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=z08DTlLX/CGN8F6k/9YCxbUowJHvXP8xgwSzNm7M92k=; b=v7PW/DvG9ecOq+XcxroQMSCLfXuLDelh3i1W59DLRY9ze/hYz3WqLz/Bgklp2G96G1PEjZOaS5hPn6eudf4hQTJTBbTJUvQZXLt8K66t2bKtBKEZhOpPqHFF/W4S1MLemNbIwBdARzdwLqIp5TmDlxxu/bYlDvqlhWhkoSoI2aaNYRKveutPXlEdmJa0ieM3a/aiTP4X/tyLYtejFomxQRSrwMTWdhOCliaeyGZWEe0CkEgDz6YbnGasMObbgld9JBEFFnas1WeKGnH2BkkB8b0t4enDZA0M7hlJkB9SZzZuDs89RkFrTbzjJPVYAgRRtAENkbsk7huJSpXKgP/FZw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nvidia.com; dmarc=pass action=none header.from=nvidia.com; dkim=pass header.d=nvidia.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=z08DTlLX/CGN8F6k/9YCxbUowJHvXP8xgwSzNm7M92k=; b=FsC86L2ODwNaTSkvN9u1Im/y+BSAUz9hpmYjYFKhpboHTrP6uJjlCsFW3TC/cO4Xc9DYoDAJ5LCIV2c0JWiwexRj+1c8hdNX5BMvJ3LEp5GCrkkRLp51KZYdqtYQ/9Gk7uQ79qxLfRbtnbYeH4+0Ko5bvw0edvWHdOIxUObkB2EbrH+267Z/PSolsnqfKIwqmAeDUx6IKvvVZC+Ok0iaLyQcW81wHpGZKuu0r222FPIWr/P8wiGE2yVmHASS4G3AHhcOEZkMCPwZKV6B8RS0ftzhXKRgN8ukBcVDWWDlbI3qz3TO6Iy/cbEVccjECV1TrjQqrgk7b+QjT1i+Slz2Zw== Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=nvidia.com; To: devel@lists.libvirt.org Subject: [PATCH v6 7/7] tests: qemuxmlconfdata: provide iommufd sample XML and CLI args Date: Fri, 30 Jan 2026 10:59:18 -0800 Message-ID: <20260130185918.4154310-8-nathanc@nvidia.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260130185918.4154310-1-nathanc@nvidia.com> References: <20260130185918.4154310-1-nathanc@nvidia.com> Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SJ0PR03CA0194.namprd03.prod.outlook.com (2603:10b6:a03:2ef::19) To DS2PR12MB9567.namprd12.prod.outlook.com (2603:10b6:8:27c::8) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS2PR12MB9567:EE_|SN7PR12MB7106:EE_ X-MS-Office365-Filtering-Correlation-Id: f5f23f12-debc-4205-dd85-08de6031b1f8 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|366016|1800799024|376014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?bjk/fH9HHlaB1QlBPQscmVrkRRQq8c1wNfqqcQfvDqjpUFZ0rQh3jAVuqQW5?= =?us-ascii?Q?mvLPq8jgeIU7nlfLvDK5zTqVqqQyqD8ZMBDHWptbmxh7Hjhgf4m+IWdEXR3m?= =?us-ascii?Q?m9XG1DmaO1uvjDJUIKSKA7j8W9vhDFSnDtFXc/K4bQP1rnGDjWA5tBIwpGED?= =?us-ascii?Q?IssXdqhZf8EbjWMzVT/8Fv661nZYzOiqDkA1Us13+k/fXkJpmgSoO5sA7O+K?= =?us-ascii?Q?NBRJl8S4gIS6zMXAbeT7TSY6TeL2glKx4p5UbaRj8vZ0HNGKlrRjVi51Zd0f?= =?us-ascii?Q?OgzugNTE/lsRUV3CXzKV885t53HhbVDJZQjRA7Vwm1JeqBbqcZ8cqyCWkEEM?= =?us-ascii?Q?x492tKGUPjyXwZJ6hwwonm0gESXi6MQYZytr5gnWUt+kgFTVA56laMMbrCDu?= =?us-ascii?Q?phlV2Ur3zDFHup7cjogd3zmy/Yt9w+6omzTDjoTuM3sFYTTT6llX65dYTN4V?= =?us-ascii?Q?NEkrnM0NebgeLZIwhaP4D4PNoNW/gheXnDFKznSnYNTXbxIs7nvQTymLigRo?= =?us-ascii?Q?rzKEAWJdM3Vf2j3afVxcYmN3POrU3KtDwn5+FlD1XCMx7nRFgIkLDzEM2bEg?= =?us-ascii?Q?oiBTf1wBVOguKNR1591higf55Ea4lOXUu9NnjX2sahr1o4SIUcDKAjv8EuBl?= =?us-ascii?Q?RRC8WsbpSIq8nIuVvsi/CkXo2fvu4e061IJO3HfTcDnE7sdnItIJyln0xvBr?= =?us-ascii?Q?U9d06278Q14VVtQOjEY2JGXkQa5Y4lEJQZAUuh13ht9YbQ9OKy/JibSNw+Ws?= =?us-ascii?Q?TvETSkg8JvVFCACloVTmI5bsfiJ1G+zgkxEGAYKOCWy433Eu3jMF5N9chkBR?= =?us-ascii?Q?XcthxFLc8GjxTumdO7AdI0uqhSnGvx4GWqfulNR7kalbk52CdUSs3CeOrWR/?= =?us-ascii?Q?/X+V32nqYCavUBVv9Xf5Fy+lj5kuBZpmU5x+AAekcy9FH+I4dikygOGG9qxw?= =?us-ascii?Q?VGsmN5dLKAL0hivSg1d9ZUABVWDTmq+4ycklBkfsloGBmOP7Dic48+MU1M0U?= =?us-ascii?Q?xMxut1lSOUZJuXK549eo2wX7qZxoTeKrQk3nRhcW+SC7dq2z2T4mRGUOfkBB?= =?us-ascii?Q?+lKThyMFEZemiwYRXtx0KiFnAGcGSI8BHLgLpxyXV+8d3HqAjgOlMaz7291y?= =?us-ascii?Q?58QWKNOTwn/AI1J+17cMmm6NU5pfLBw5O7FUXmdM0U26Xzl7gR1usJMqCJeZ?= =?us-ascii?Q?aN0AlClKfIGUklIrrFwO9gVpmoLhU9+Z/KTA1V9qH81bHWqL9K8y+/NzzS6T?= =?us-ascii?Q?d4SXVwqTkzQmHcMYbuEIoeCbwtQNLRwPgYjv64Rp8zUnYwdTcqkmW2CiC3bC?= =?us-ascii?Q?6cxWsa/rmUklq4ImxXOi1ifhHgMUmqKrU/mD0S01L1CWjZ98AfI6PJND8dPQ?= =?us-ascii?Q?+uNeD8YBZvL2klrY3Z8tvNGBTN3vEr60x5z+2ncBn5LSkxOf/CobgSZqWewO?= =?us-ascii?Q?42uGa0VtGdh0f4GW4V1kM2XXqYoF5AczlmzpN9I41XkFA157T31IYQcNoAKt?= =?us-ascii?Q?CoOyHbhigrQG6Yi37VZF3Iem8KcHQHktMtUPqFEI9TAdcUwjHrs4tqCPr6Nm?= =?us-ascii?Q?UO4OcOtw3FBxZROpd7c=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DS2PR12MB9567.namprd12.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(1800799024)(376014);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?UuCtnGCAGGtvqRM9mDrz7JzxC0KvmjR4jNomHHDUFLRGCos4uo66H+h9tJx8?= =?us-ascii?Q?bINHi7CEYG8wABYf8teuDjRYjtgnsSmhzJ8zCHNGEaN1wofAlqMSy//u2fnR?= =?us-ascii?Q?USGNZc8qHcGUUBxZxJrquD1eBYjxrbGcUAuvVDNC2SPAZypCYWTIAZjQAyfA?= =?us-ascii?Q?QM2c+P8qTK/byjd0xTTwF+vpwlGDf9K04X2r2DwzSnxszD3ug/NOu90VuyV3?= =?us-ascii?Q?Bwhbp2J9emTZfWZVVkUarMA4yBTCFCh9GmzvEZCqtfjMnSt8R50DMkbP33Sq?= =?us-ascii?Q?4FPMQEe3SftO0eZ/aqeo48YHXDROGJCt987P+Vz++gz8DZP66tS1zK8ykYTg?= =?us-ascii?Q?TNhtYbeUK3TJmJwOUkONVP9RLbJptMGjamU/Vd0BRpk1y+9OPmYf4M90Kyw9?= =?us-ascii?Q?LK3HRKWDVsvP+h8hqFfa936yl/PbMzmbhEcLZvFg42ajC9h049lOjb66eNoU?= =?us-ascii?Q?GPkBQjTErn2poGNbOP2zUZSfeDUGJ79ny2r/a231+ISdZHCpi6hIbi3sqceF?= =?us-ascii?Q?Rq62VnLZkEprqRgi9dqDezBGaGueDu1PUuZDZwSgkVdqp3m0xY7AeD3YMtKw?= =?us-ascii?Q?aaoP3A/Tt1ssBSuOe+OgLE+RWJsYuJnWQpnfcj1oCVkHnUJQ1X2uhhSVWICq?= =?us-ascii?Q?x5LXMQUMpWKcSse/oxlspZnCRHFqI40LZjND1BrnN+dXlfRZoN0L87zuFD6Q?= =?us-ascii?Q?Tlosgb2oK2Esks95jJpvTGeQ6MjxgsH27rk8NZr3bGwkynsKz/tYdKOUIQvE?= =?us-ascii?Q?rvxA3DAJ0Vivnbd3fufYBo+EsUL91k2FF8mXjpJkGW0+u4BfYn1cOgmW6NQI?= =?us-ascii?Q?M0dIuX7ixGf5YyRDq9zXNxyNzHU7Pdu6bqFpC+aI3DQzZqweIbFs7I9mlbpA?= =?us-ascii?Q?3VdvZ2w5lpjSAg8XTmWlK3muZLMDvhhVw2nuZ23gVaLR5XXdc0Y1FnjHk85K?= =?us-ascii?Q?LAGoUfJWyNGJkZeVlxXm2qGaDtxhsfO2gjNrYJO2XoJSHkVq3AGMXYtA/xel?= =?us-ascii?Q?AqvNa39OUFrER2vvdvQoqJ/dspytPB54YiuUzxnD7sp5Qi+R+YUvXrOEgOzD?= =?us-ascii?Q?fuLvWM5a5dOew5v6JnU8Bm2d1QLaUnFI7korqU+8eFvcItUyGaSOqagvEDpa?= =?us-ascii?Q?R1t03no5XMSwCkoWO//o7LK8MG7NpzYp3cN6oKYZkCZo8vbeOfuIgtmCB7pj?= =?us-ascii?Q?c9Dv6V9WYC6w1QLevly22LcDb7Igv4etYYzROZvKrdhh2ejVD3WtHrwBhWeX?= =?us-ascii?Q?r71B7TjZxTbMYdg1U0xsFXClMHwycBHWrN14Qk4z9DGSj2H1rxx4rFEcUWGu?= =?us-ascii?Q?Zc9sTnJKCgGlh85Yl+fuTVxFYPeYPkauFdOr41LLnYYMTvCjxsoIikhQNaKr?= =?us-ascii?Q?nGld6wuBrc3dWdvES1kOAvB6Px31tW7c2gKSiU8SYy1VJExYNKYMu1Em2wH2?= =?us-ascii?Q?AkrYVQGsqG/DbGFKPT6lHzX/jpNO72H5EVDexHT2PmuW96FApwO1elNIvDdl?= =?us-ascii?Q?d0oWlt55J/VLMnr2OjIHuZGyQbvzrblBV/U5N9H1pCuJ0CNq6DajlQLjxKPV?= =?us-ascii?Q?m0wttRedcIQ6KXkMR1gyAPMdmdRIBS2cFmDaQIGS0Prr75YZjLr2X9ijj6bA?= =?us-ascii?Q?NToN0Lh8dKiN710iOD/O7MjkxsSAKwE1lDR13SJrxNVwm+Jf3vsaxCsKI1A0?= =?us-ascii?Q?it9z+iQ0t8x5J+LpbhKolvwcAi2iNCCK7gtfLvHDl9q/HqNbb1Nj5A8YPXfi?= =?us-ascii?Q?dD9MiXUtgQ=3D=3D?= X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-Network-Message-Id: f5f23f12-debc-4205-dd85-08de6031b1f8 X-MS-Exchange-CrossTenant-AuthSource: DS2PR12MB9567.namprd12.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Jan 2026 18:59:29.0661 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: Yw/s3X73Cjrzt8M0blLULaz9pnJmOLJ7GoUnj73qr1TYX51LUUT3g0PR6vgRVXsLoEIrMTcpvT/lsodUM1C1Gg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR12MB7106 Message-ID-Hash: AZX2UFMCEIYBLPQ2MJREH67WJRQC3LXJ X-Message-ID-Hash: AZX2UFMCEIYBLPQ2MJREH67WJRQC3LXJ X-MailFrom: nathanc@nvidia.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; header-match-devel.lists.libvirt.org-0; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: skolothumtho@nvidia.com, nicolinc@nvidia.com, nathanc@nvidia.com, mochs@nvidia.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Development discussions about the libvirt library & tools Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: From: Nathan Chen via Devel Reply-To: Nathan Chen X-ZohoMail-DKIM: fail (Header signature does not verify) X-ZM-MESSAGEID: 1769800119978158500 Content-Type: text/plain; charset="utf-8" From: Nathan Chen Provide sample XML and CLI args for the iommufd XML schema for pc, q35, and virt machine types. Signed-off-by: Nathan Chen Reviewed-by: Pavel Hrdina --- .../iommufd-q35.x86_64-latest.args | 41 +++++++++++++ .../iommufd-q35.x86_64-latest.xml | 60 +++++++++++++++++++ tests/qemuxmlconfdata/iommufd-q35.xml | 38 ++++++++++++ ...fd-virt-pci-bus-single.aarch64-latest.args | 32 ++++++++++ ...ufd-virt-pci-bus-single.aarch64-latest.xml | 31 ++++++++++ .../iommufd-virt-pci-bus-single.xml | 22 +++++++ .../iommufd-virt.aarch64-latest.args | 36 +++++++++++ .../iommufd-virt.aarch64-latest.xml | 53 ++++++++++++++++ tests/qemuxmlconfdata/iommufd-virt.xml | 29 +++++++++ .../iommufd.x86_64-latest.args | 35 +++++++++++ .../qemuxmlconfdata/iommufd.x86_64-latest.xml | 38 ++++++++++++ tests/qemuxmlconfdata/iommufd.xml | 30 ++++++++++ tests/qemuxmlconftest.c | 34 +++++++++++ 13 files changed, 479 insertions(+) create mode 100644 tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.args create mode 100644 tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.xml create mode 100644 tests/qemuxmlconfdata/iommufd-q35.xml create mode 100644 tests/qemuxmlconfdata/iommufd-virt-pci-bus-single.aarch= 64-latest.args create mode 100644 tests/qemuxmlconfdata/iommufd-virt-pci-bus-single.aarch= 64-latest.xml create mode 100644 tests/qemuxmlconfdata/iommufd-virt-pci-bus-single.xml create mode 100644 tests/qemuxmlconfdata/iommufd-virt.aarch64-latest.args create mode 100644 tests/qemuxmlconfdata/iommufd-virt.aarch64-latest.xml create mode 100644 tests/qemuxmlconfdata/iommufd-virt.xml create mode 100644 tests/qemuxmlconfdata/iommufd.x86_64-latest.args create mode 100644 tests/qemuxmlconfdata/iommufd.x86_64-latest.xml create mode 100644 tests/qemuxmlconfdata/iommufd.xml diff --git a/tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.args b/tests/q= emuxmlconfdata/iommufd-q35.x86_64-latest.args new file mode 100644 index 0000000000..7d819e141b --- /dev/null +++ b/tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.args @@ -0,0 +1,41 @@ +LC_ALL=3DC \ +PATH=3D/bin \ +HOME=3D/var/lib/libvirt/qemu/domain--1-q35-test \ +USER=3Dtest \ +LOGNAME=3Dtest \ +XDG_DATA_HOME=3D/var/lib/libvirt/qemu/domain--1-q35-test/.local/share \ +XDG_CACHE_HOME=3D/var/lib/libvirt/qemu/domain--1-q35-test/.cache \ +XDG_CONFIG_HOME=3D/var/lib/libvirt/qemu/domain--1-q35-test/.config \ +/usr/bin/qemu-system-x86_64 \ +-name guest=3Dq35-test,debug-threads=3Don \ +-S \ +-object '{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/va= r/lib/libvirt/qemu/domain--1-q35-test/master-key.aes"}' \ +-machine q35,usb=3Doff,dump-guest-core=3Doff,memory-backend=3Dpc.ram,acpi= =3Doff \ +-accel tcg \ +-cpu qemu64 \ +-m size=3D2097152k \ +-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":2147483648}= ' \ +-overcommit mem-lock=3Doff \ +-smp 2,sockets=3D2,cores=3D1,threads=3D1 \ +-uuid 11dbdcdd-4c3b-482b-8903-9bdb8c0a2774 \ +-display none \ +-no-user-config \ +-nodefaults \ +-chardev socket,id=3Dcharmonitor,fd=3D1729,server=3Don,wait=3Doff \ +-mon chardev=3Dcharmonitor,id=3Dmonitor,mode=3Dcontrol \ +-rtc base=3Dutc \ +-no-shutdown \ +-boot strict=3Don \ +-device '{"driver":"pcie-root-port","port":16,"chassis":1,"id":"pci.1","bu= s":"pcie.0","multifunction":true,"addr":"0x2"}' \ +-device '{"driver":"pcie-root-port","port":17,"chassis":2,"id":"pci.2","bu= s":"pcie.0","addr":"0x2.0x1"}' \ +-device '{"driver":"qemu-xhci","id":"usb","bus":"pci.1","addr":"0x0"}' \ +-blockdev '{"driver":"host_device","filename":"/dev/HostVG/QEMUGuest1","no= de-name":"libvirt-1-storage","read-only":false}' \ +-device '{"driver":"ide-hd","bus":"ide.0","drive":"libvirt-1-storage","id"= :"sata0-0-0","bootindex":1}' \ +-audiodev '{"id":"audio1","driver":"none"}' \ +-device '{"driver":"qxl-vga","id":"video0","max_outputs":1,"ram_size":6710= 8864,"vram_size":33554432,"vram64_size_mb":0,"vgamem_mb":8,"bus":"pcie.0","= addr":"0x1"}' \ +-global ICH9-LPC.noreboot=3Doff \ +-watchdog-action reset \ +-object '{"qom-type":"iommufd","id":"iommufd0","fd":"-1"}' \ +-device '{"driver":"vfio-pci","host":"0000:06:12.5","id":"hostdev0","iommu= fd":"iommufd0","fd":"0","bus":"pcie.0","addr":"0x3"}' \ +-sandbox on,obsolete=3Ddeny,elevateprivileges=3Ddeny,spawn=3Ddeny,resource= control=3Ddeny \ +-msg timestamp=3Don diff --git a/tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.xml b/tests/qe= muxmlconfdata/iommufd-q35.x86_64-latest.xml new file mode 100644 index 0000000000..bb76252b61 --- /dev/null +++ b/tests/qemuxmlconfdata/iommufd-q35.x86_64-latest.xml @@ -0,0 +1,60 @@ + + q35-test + 11dbdcdd-4c3b-482b-8903-9bdb8c0a2774 + 2097152 + 2097152 + 2 + + hvm + + + + qemu64 + + + destroy + restart + destroy + + /usr/bin/qemu-system-x86_64 + + + + +
+ + + + + +
+ + + + +
+ + +
+ + +
+ + + +