From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:36066)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jan.kiszka@siemens.com>) id 1VEivc-0002Ny-37
	for qemu-devel@nongnu.org; Wed, 28 Aug 2013 12:49:15 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <jan.kiszka@siemens.com>) id 1VEivS-00018I-KO
	for qemu-devel@nongnu.org; Wed, 28 Aug 2013 12:49:07 -0400
Received: from goliath.siemens.de ([192.35.17.28]:17996)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jan.kiszka@siemens.com>) id 1VEivS-00015i-AE
	for qemu-devel@nongnu.org; Wed, 28 Aug 2013 12:48:58 -0400
Message-ID: <521E29F5.3070000@siemens.com>
Date: Wed, 28 Aug 2013 18:48:53 +0200
From: Jan Kiszka <jan.kiszka@siemens.com>
MIME-Version: 1.0
References: <87sixtsxdj.fsf@fimbulvetr.bsc.es>
In-Reply-To: <87sixtsxdj.fsf@fimbulvetr.bsc.es>
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: quoted-printable
Subject: Re: [Qemu-devel] Direct guest device access from nested guest
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: =?ISO-8859-15?Q?Llu=EDs_Vilanova?= <vilanova@ac.upc.edu>
Cc: qemu-devel@nongnu.org, kvm <kvm@vger.kernel.org>

On 2013-08-28 16:28, Llu=EDs Vilanova wrote:
> Hi,
>=20
> I want to get the following setup, but don't know how (or if it's even
> possible):
>=20
> * A guest VM with two AHCI controllers, with one device each. One of th=
e AHCI
>   controllers provides the VM's disk ("system"), while the other provid=
es
>   another disk ("nested") and uses a different emulation driver in QEMU=
 (ahci2):
>=20
>   host$ qemu-system-x86_64 -enable-kvm \
>             -drive id=3Dsystem,file=3Dsystem.img,if=3Dnone \
>             -device ahci,id=3Dahci \
>             -device ide-drive,drive=3Dsystem,bus=3Dahci.0 \
>             -drive id=3Dnested,file=3Dnested.img,if=3Dnone \
>             -device ahci2,id=3Dahci2 \
>             -device ide-drive,drive=3Dnested,bus=3Dahci2.0
>=20
> * A nested guest VM using the guest's (its host) AHCI2 controller.
>=20
>   I've tried assigning the AHCI2 device to the nested guest using "pci-=
assign"
>   and "vfio", but without any luck.
>=20
>   The culprit of the problem seems to be I cannot get the nested guest =
to have
>   an IOMMU.
>=20
> Is it possible to give a nested guest direct access to a device on the =
guest?
> (more specifically, an AHCI controller).

Nope, we are lacking support for emulating or (securely) forwarding
VT-d/IOMMU features to the first level guest. Would be cool to have,
just not yet there. But I've talked to Intel people recently, and they
are considering to support some nested VT-d with KVM.

Jan

--=20
Siemens AG, Corporate Technology, CT RTC ITP SES-DE
Corporate Competence Center Embedded Linux