kvm: x86: default legacy PCI device assignment support to "n"
VFIO has proved itself a much better option than KVM's built-in device assignment. It is mature, provides better isolation because it enforces ACS, and even the userspace code is being tested on a wider variety of hardware these days than the legacy support. Disable legacy device assignment by default. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
This commit is contained in:
parent
f71f81d70a
commit
e194bbdf36
@ -88,13 +88,14 @@ config KVM_MMU_AUDIT
|
||||
config KVM_DEVICE_ASSIGNMENT
|
||||
bool "KVM legacy PCI device assignment support"
|
||||
depends on KVM && PCI && IOMMU_API
|
||||
default y
|
||||
default n
|
||||
---help---
|
||||
Provide support for legacy PCI device assignment through KVM. The
|
||||
kernel now also supports a full featured userspace device driver
|
||||
framework through VFIO, which supersedes much of this support.
|
||||
framework through VFIO, which supersedes this support and provides
|
||||
better security.
|
||||
|
||||
If unsure, say Y.
|
||||
If unsure, say N.
|
||||
|
||||
# OK, it's a little counter-intuitive to do this, but it puts it neatly under
|
||||
# the virtualization menu.
|
||||
|
Loading…
Reference in New Issue
Block a user