Device Passthrough (SR-IOV)

The SR-IOV feature of Kunpeng device passthrough uses the PF driver to forward I/O requests. This method enables VF-level device passthrough and invokes VF-level device interfaces in VMs.

Advantages and Benefits

• Secure isolation

  PFs and VFs of PCIPC-enabled security devices can be accessed only within the TEE, not by host software.

• High performance

  cVM passthrough eliminates performance loss on the data plane compared to traditional encryption and decryption solutions.

• Ease of use

  This SR-IOV feature is compatible with open source SR-IOV passthrough solutions. It supports VF-level passthrough to improve resource utilization.

Restrictions

• The PF drivers of SR-IOV passthrough devices still operate in the REE, and I/O data forwarding must be performed for the PF drivers.
• SR-IOV passthrough cannot be enabled for security devices for which PF passthrough has been enabled.