Re: [PATCH v3 6/6] docs: add s390-pv documentation
...
> +Example guest definition without launchSecurity
> +===============================================
> +
> +Minimal domain XML for a protected virtualization guest using the
> +``iommu='on'`` setting for each virtio device.
I don't know how s390-pv works but for example with AMD SEV it is
required to use `iommu='on'` otherwise the device is not visible inside
the VM so I would like to make sure there is no misunderstanding and
it is correct.
Can you elaborate on how is the device not visible in the VM? IIRC 'iommu=on'
makes sure that the guest virtio driver is able to negotiate the
VIRTIO_F_IOMMU_PLATFORM feature which in connection with the correct IOMMU model
setting makes SEV work with virtio and IOMMU
(AFAIR OVMF has a dedicated SEV iommu driver).
Therefore, that flag should have nothing to do with device visibility, in fact
in x86_64's case it will be a PCI device, so you'll always be able to list
those.
Regards,
Erik