Re: [PATCH v5 6/9] vfio/group: Add VFIO_CDEV_NOIOMMU Kconfig and tolerate NULL group

[Alex Williamson]

On Mon, 11 May 2026 11:41:11 -0700
Jacob Pan <jacob.pan@xxxxxxxxxxxxxxxxxxx> wrote:

> Add a new CONFIG_VFIO_CDEV_NOIOMMU option, independent of
> CONFIG_VFIO_GROUP, to support noiommu mode via the cdev interface.
> 
> Since CONFIG_VFIO_GROUP can be enabled while CONFIG_VFIO_GROUP_NOIOMMU
> is not, guard the noiommu group allocation in vfio_group_find_or_alloc()
> with IS_ENABLED(CONFIG_VFIO_GROUP_NOIOMMU) to prevent creating spurious
> /dev/vfio/noiommu-N group files when only cdev noiommu is configured.
> 
> For cdev noiommu devices that have no group, let vfio_device_set_group()
> return success with a NULL group pointer and add null guards in group
> functions that may be called during device lifecycle. These guards are
> contained within group.c and are dead code for IOMMU-enabled devices
> where device->group is always non-NULL.
> 
> Signed-off-by: Jacob Pan <jacob.pan@xxxxxxxxxxxxxxxxxxx>
> ---
>  drivers/vfio/Kconfig | 17 +++++++++++++++++
>  drivers/vfio/group.c | 31 +++++++++++++++++++++++++++++--
>  2 files changed, 46 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/vfio/Kconfig b/drivers/vfio/Kconfig
> index 39939be2908e..b1b1633412a9 100644
> --- a/drivers/vfio/Kconfig
> +++ b/drivers/vfio/Kconfig
> @@ -75,6 +75,23 @@ config VFIO_GROUP_NOIOMMU
>  
>  	  If you don't know what to do here, say N.
>  
> +config VFIO_CDEV_NOIOMMU
> +	bool "VFIO cdev No-IOMMU support"
> +	depends on VFIO_DEVICE_CDEV
> +	select IOMMUFD_NOIOMMU

AIUI, config would warn but allow this to select IOMMUFD_NOIOMMU
even if the dependency on !GENERIC_ATOMIC64 in the Kconfig is unmet.
This should include that dependency as well.  Thanks,

Alex

> +	help
> +	  VFIO cdev no-IOMMU mode enables device access via the cdev
> +	  interface without hardware IOMMU backing. This relies on
> +	  IOMMUFD_NOIOMMU to provide a SW-only IO page table for
> +	  IOVA-to-PA lookups.
> +
> +	  Use of this mode will result in an unsupportable kernel and
> +	  will therefore taint the kernel. Device assignment to virtual
> +	  machines is also not possible with this mode since there is
> +	  no IOMMU to provide DMA translation.
> +
> +	  If you don't know what to do here, say N.
> +
>  config VFIO_VIRQFD
>  	bool
>  	select EVENTFD
> diff --git a/drivers/vfio/group.c b/drivers/vfio/group.c
> index 5b9329df04e5..c8a75ee28f20 100644
> --- a/drivers/vfio/group.c
> +++ b/drivers/vfio/group.c
> @@ -386,6 +386,9 @@ int vfio_device_block_group(struct vfio_device *device)
>  	struct vfio_group *group = device->group;
>  	int ret = 0;
>  
> +	if (!group)
> +		return 0;
> +
>  	mutex_lock(&group->group_lock);
>  	if (group->opened_file) {
>  		ret = -EBUSY;
> @@ -403,6 +406,9 @@ void vfio_device_unblock_group(struct vfio_device *device)
>  {
>  	struct vfio_group *group = device->group;
>  
> +	if (!group)
> +		return;
> +
>  	mutex_lock(&group->group_lock);
>  	group->cdev_device_open_cnt--;
>  	mutex_unlock(&group->group_lock);
> @@ -641,7 +647,8 @@ static struct vfio_group *vfio_group_find_or_alloc(struct device *dev)
>  	struct vfio_group *group;
>  
>  	iommu_group = iommu_group_get(dev);
> -	if (!iommu_group && vfio_noiommu) {
> +	if (!iommu_group && IS_ENABLED(CONFIG_VFIO_GROUP_NOIOMMU) &&
> +	    vfio_noiommu) {
>  		/*
>  		 * With noiommu enabled, create an IOMMU group for devices that
>  		 * don't already have one, implying no IOMMU hardware/driver
> @@ -686,8 +693,19 @@ int vfio_device_set_group(struct vfio_device *device,
>  	else
>  		group = vfio_noiommu_group_alloc(device->dev, type);
>  
> -	if (IS_ERR(group))
> +	if (IS_ERR(group)) {
> +		/*
> +		 * Cdev noiommu devices don't need a vfio_group. When
> +		 * CONFIG_VFIO_GROUP_NOIOMMU is not set, the group alloc
> +		 * above returns -EINVAL for devices without an IOMMU.
> +		 * That's fine — a NULL group is expected and iommufd
> +		 * handles these devices directly.
> +		 */
> +		if (IS_ENABLED(CONFIG_VFIO_CDEV_NOIOMMU) &&
> +		    vfio_noiommu && !device->dev->iommu)
> +			return 0;
>  		return PTR_ERR(group);
> +	}
>  
>  	/* Our reference on group is moved to the device */
>  	device->group = group;
> @@ -699,6 +717,9 @@ void vfio_device_remove_group(struct vfio_device *device)
>  	struct vfio_group *group = device->group;
>  	struct iommu_group *iommu_group;
>  
> +	if (!group)
> +		return;
> +
>  	if (group->type == VFIO_NO_IOMMU || group->type == VFIO_EMULATED_IOMMU)
>  		iommu_group_remove_device(device->dev);
>  
> @@ -742,6 +763,8 @@ void vfio_device_remove_group(struct vfio_device *device)
>  
>  void vfio_device_group_register(struct vfio_device *device)
>  {
> +	if (!device->group)
> +		return;
>  	mutex_lock(&device->group->device_lock);
>  	list_add(&device->group_next, &device->group->device_list);
>  	mutex_unlock(&device->group->device_lock);
> @@ -749,6 +772,8 @@ void vfio_device_group_register(struct vfio_device *device)
>  
>  void vfio_device_group_unregister(struct vfio_device *device)
>  {
> +	if (!device->group)
> +		return;
>  	mutex_lock(&device->group->device_lock);
>  	list_del(&device->group_next);
>  	mutex_unlock(&device->group->device_lock);
> @@ -786,6 +811,8 @@ void vfio_device_group_unuse_iommu(struct vfio_device *device)
>  
>  bool vfio_device_has_container(struct vfio_device *device)
>  {
> +	if (!device->group)
> +		return false;
>  	return device->group->container;
>  }
>