Ask Your Question

Revision history [back]

libvirt has a driver option that can specify "vfio" or "kvm". I suspect the issue you're seeing is due to the IOMMU group configuration of the system, which is a function of the hardware. These IOMMU groups protect you from peer-to-peer DMA, which can allow the owner of one VF to read or write to the MMIO space of another VF, either maliciously or accidentally. A write-up of IOMMU groups and what they're trying to do can be found here. Newer kernels are introducing quirks to configure and enable isolation of various interconnect components as we're able to work with hardware vendors to supplement missing PCIe ACS support in the hardware.