You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This allows for GPU acceleration without the firmware/hardware nightmare that is PCI passthrough. It is in production in ChromeOS for Qualcomm GPUs, under development for Intel, AMD, and GPUs, and neither requires nor uses GPU hardware virtualization support. It works by forwarding the GPU kernel driver API, which is already a security boundary. Most kernel driver vulnerabilities are mitigated, as ioctl submission is serialized and arguments are at least somewat validated.
Qubes OS will be using native contexts for GPU virtualization (QubesOS/qubes-issues#8552) and I am interested in collaborating on the implementation. I presented on this at Xen Project Summit 2024.
The text was updated successfully, but these errors were encountered:
This could be very interesting! Our use case is slightly different in that we need to support things like CUDA, would that be tenable in this situation? If not, we may have to still retain support for NVIDIA vGPUs in our commercial product.
This could be very interesting! Our use case is slightly different in that we need to support things like CUDA, would that be tenable in this situation? If not, we may have to still retain support for NVIDIA vGPUs in our commercial product.
I’m not very familiar with how Nvidia vGPU works, but my understanding is that it uses mediated devices. Does the vGPU Manager use a kernel module (other than nvidia.ko)?
This allows for GPU acceleration without the firmware/hardware nightmare that is PCI passthrough. It is in production in ChromeOS for Qualcomm GPUs, under development for Intel, AMD, and GPUs, and neither requires nor uses GPU hardware virtualization support. It works by forwarding the GPU kernel driver API, which is already a security boundary. Most kernel driver vulnerabilities are mitigated, as ioctl submission is serialized and arguments are at least somewat validated.
Qubes OS will be using native contexts for GPU virtualization (QubesOS/qubes-issues#8552) and I am interested in collaborating on the implementation. I presented on this at Xen Project Summit 2024.
The text was updated successfully, but these errors were encountered: