Enabling Device Passthrough
Enabling device passthrough requires enabling the virtCCA and SMMU security features as well as compiling the kernel. It is used in scenarios that require confidential virtualization or security isolation.
- The Virtualized Arm Confidential Compute Architecture with TrustZone (virtCCA) device passthrough function does not support stage 1 system memory management unit (SMMU).
- The virtCCA device passthrough function does not support device authentication.
Enabling the virtCCA and SMMU Secure-Mode Initialization
- Open the grub.cfg file.
vim /boot/efi/EFI/openEuler/grub.cfg
- Press i to enter the insert mode and add the following parameters to the HOST OS location:
virtcca_cvm_host=1 arm_smmu_v3.disable_ecmdq=1 vfio_pci.disable_idle_d3=1

- Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
Parent topic: Enabling Confidential Device Passthrough
