我要评分
获取效率
正确性
完整性
易理解

Enabling Device Passthrough

Enabling device passthrough requires enabling the virtCCA and SMMU security features as well as compiling the kernel. It is used in scenarios that require confidential virtualization or security isolation.

  • The Virtualized Arm Confidential Compute Architecture with TrustZone (virtCCA) device passthrough function does not support stage 1 system memory management unit (SMMU).
  • The virtCCA device passthrough function does not support device authentication.

Enabling the virtCCA and SMMU Secure-Mode Initialization

  1. Open the grub.cfg file.
    vim /boot/efi/EFI/openEuler/grub.cfg
  2. Press i to enter the insert mode and add the following parameters to the HOST OS location:
    virtcca_cvm_host=1 arm_smmu_v3.disable_ecmdq=1 vfio_pci.disable_idle_d3=1 

  3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.

Enabling the SMMU in the BIOS

  1. Log in to the BIOS. For details, see "Accessing the BIOS" in TaiShan Server BIOS Parameter Reference (Kunpeng 920 Processor).
  2. Choose Advanced > MISC Config > Support Smmu.
  3. Set Support Smmu to Enabled and press F10 to save the settings and exit.