vIOMMU (Translation of DMA request handling for VM)

vIOMMU is a virtual component that allows the hypervisor to control direct memory access from devices inside the guest system. In simple terms, it is a software layer that prevents the virtual machine from reading or writing to other areas of physical memory through emulated or passed-through input-output devices.

This technology is used in corporate virtualization environments and cloud platforms where strict tenant isolation is important. It is in demand when passing through graphics accelerators and NVMe drives to guest operating systems, as well as to support guest security features requiring hardware isolation, such as dynamic memory encryption in virtual environments.

Typical problems

Implementing a virtual IOMMU often causes a drop in input-output performance due to the overhead of processing translation tables in the hypervisor. Compatibility conflicts frequently occur when the guest system driver refuses to work with emulated hardware. Resuming the system from sleep mode becomes more complicated, and live migration of virtual machines requires precise synchronization of all DMA buffer states, which increases the switching time between nodes.

IOMMU (Isolation of direct memory access addresses)

How it works

The operation of vIOMMU is based on creating a shadow representation of input-output page translation tables. When the guest operating system configures its own structures to manage DMA, the hypervisor intercepts these writes but does not apply them directly to the physical hardware. Instead, it builds nested tables where guest physical addresses of devices are mapped to real host machine addresses. Each request from a virtual device or a passed-through physical adapter goes through a two-stage check before reaching the bus: first, the host hardware IOMMU or software emulator verifies the index against the allowed range, then modifies the address according to the shadow mapping.

If a guest driver attempts to initiate a transfer to a memory area that does not belong to its virtual machine, the translation fails and access is blocked at the hypervisor level without causing a hardware exception on the physical server. Additionally, vIOMMU emulates interrupt registers and command queues so that the guest system perceives the device as identical to a physical IOMMU that supports context caching and table entry invalidation. When receiving a command to flush the translation cache, the hypervisor synchronizes the changes made by the guest with the actual state of the virtualization hardware support, ensuring isolation integrity even during heavy network or disk activity.

vIOMMU functionality

  1. Creating a virtual IOMMU object. The vIOMMU function begins with allocating a dedicated object via the ioctl IOMMUFD_CMD_VIOMMU_ALLOC. This call creates an iommufd_viommu instance in the kernel, representing an isolated slice of physical IOMMU resources intended for transfer to the address space of a specific virtual machine or user process.
  2. Registering driver operations. At the allocation stage, binding to a specific hardware implementation occurs through the iommufd_viommu_ops structure. The physical device driver must register the viommu_alloc callback, which allocates memory for its own extended structure including the standard vIOMMU core, and initializes hardware-dependent state.
  3. Managing virtual machine identifiers. One of the key tasks of vIOMMU is allocating a VMID, which forms a unique security space for guest identifiers. The allocated VMID is used by the hardware to mark cache tags in the TLB and configuration cache, ensuring isolation of DMA streams from different virtual machines and preventing data leakage or substitution at the chip level.
  4. Sharing parent page tables. To implement nested translation, vIOMMU allows multiple virtual IOMMUs in the guest system to share a common hardware page table parent (HWPT) at Stage 2. This means the Stage 2 controlled by the hypervisor can be shared among a group of devices, while Stage 1 is managed by guest drivers individually through paravirtualized invalidations.
  5. Isolating guest access to queues. To reduce the number of exits to the hypervisor, a vQUEUE component is introduced. It represents a hardware-accelerated queue mapped directly into the guest address space. The guest OS gets exclusive read and write access to producer and consumer indexes and to sending commands, while control and interrupt registers are handled by the VMM.
  6. VMM (Hardware resource isolation and emulation)
  7. Paravirtualized cache invalidations. To ensure address translation correctness, vIOMMU implements a mechanism for delivering invalidation commands. Instead of fully emulating the command buffer and intercepting each guest write, requests for TLB invalidation (TLBI) and configuration cache invalidation (ATC_INV) can be sent through paravirtualized interfaces directly to the driver physical queue, bypassing software emulation.
  8. Direct interrupt assignment. vIOMMU supports direct pass-through of event and interrupt queues related to translation errors. The hypervisor configures physical MSI/MSI-X vectors so that they are delivered directly to the guest system without a software intermediary. This allows the guest to asynchronously receive page fault event reports and peripheral page request interrupts.
  9. Emulating device identifiers. To support SR-IOV and device assignment to virtual functions, vIOMMU virtualizes the Requester ID (RID) and PASID. Identifier translation ensures that DMA packets from different virtual functions having identical PCI addresses within different guests are uniquely differentiated and correctly translated by the physical IOMMU to the appropriate address domain.
  10. SR-IOV (Hardware-level input-output device virtualization)
  11. Support for non-affiliated events. vIOMMU handles error reports not rigidly tied to a specific domain or previously issued commands. The non-affiliated event reporting mechanism allows hardware to asynchronously notify the software stack about critical failures in virtualized structures without the risk of losing error context due to incorrect binding to the request source.
  12. Integration with live migration. The vIOMMU framework plays a critical role in the live migration process for tracking dirty page changes. When using a virtual IOMMU, the target host must restore not only the memory dump but also the DMA translation state. This requires vIOMMU to support queue freezing, saving and restoring translation context, including cached page table entries, without interrupting device operation.
  13. Mode of operation with exclusive interrupt remapping. A configuration is allowed where vIOMMU is activated solely for interrupt remapping services without enabling direct DMA address translation. This mode is useful for guests with many CPUs (more than 255) requiring scalable interrupt distribution. The dma-translation attribute is then set to false, which permits migration and simplifies the memory model without needing nested translation.
  14. MMIO register pass-through via mmap. The vIOMMU infrastructure includes a mechanism for direct memory mapping (mmap) of input-output physical memory regions into the user address space (VMM). This capability is used to export virtual queues and their control registers (head and tail indexes) without the overhead of read/write system calls on every guest interaction with the hardware.
  15. Command buffer abstraction. Physical IOMMU implementations such as AMD IOMMU or ARM SMMU have specific command queue formats. vIOMMU abstracts these differences by providing a unified interface for passing through the command buffer. The VMM passes guest physical addresses (GPA) of the buffer via ioctl, and the lower-level driver programs the hardware queue base and size registers, allowing the chipset to fetch commands directly from the virtual machine memory.
  16. Guest cache tags. Through the vIOMMU mechanism, the guest OS gains control over some cache tags associated with its VMID. This allows guest drivers to perform partial cache invalidations by tag without triggering a global TLB flush. This technique is critically important for achieving high input-output performance in guests with intensive DMA usage because it minimizes invalidation side effects that affect other virtual machines.
  17. Scaling on multi-chip systems. In systems with multiple physical IOMMU controllers (multi-IOMMU), the function allows instantiating as many vIOMMUs as there are physical devices. Each such object can manage its own queue and interrupt domain while operating with the same shared Stage 2 page table to ensure address translation coherence in heterogeneous hardware topologies.
  18. Error handling and race conditions. When freeing a domain, the vIOMMU implementation requires careful handling of reference counters and device detachment flags. For example, in the Hyper-V implementation, during device detachment the descriptor counter is changed even on hypercall failure to prevent domain leaks, relying on the hypervisor metadata remaining valid and the failure merely being logged for subsequent debugging by the administrator.
  19. Usage in VFIO. The VFIO subsystem uses vIOMMU as a backend for devices passed through to userspace applications. VFIO maps a device group container to a specific vIOMMU, enabling centralized management of DMA and interrupt policies. This allows implementing paravirtualized VFIO drivers running on the guest side without emulating a full IOMMU in software QEMU, except for initial initialization.
  20. QEMU (Emulator and hardware virtualizer of a computer)VFIO (Direct device Input-Output virtualization)
  21. Hardware acceleration on Grace CPU. An example of practical vQUEUE implementation is support for the NVIDIA Grace CPU (Tegra241 CMDQV). The driver uses virtual command queues (VCMDQs) operating in nested translation mode. Measurements show that direct guest access to the virtual command queue reduces invalidation latency and unmap operations by as much as 70 to 90 percent.

Comparisons with vIOMMU

  • vIOMMU vs HWPT (Hardware Page Table). vIOMMU represents an evolution of the HWPT model. Whereas HWPT focuses exclusively on address translation, vIOMMU is a more comprehensive structure encapsulating both passthrough and shared physical IOMMU resources. Essentially, the HWPT model now appears as a simplified subset of the vIOMMU architecture, needed to support cache invalidation and queue sharing on multi-platform systems.
  • vIOMMU vs Physical IOMMU (pIOMMU). The physical IOMMU is a hardware unit (struct iommu_device), while vIOMMU is its software slice allocated to a virtual machine. On AMD systems, vIOMMU can hold passthrough queues; on Intel, it can share a common invalidation queue; on ARM, it occupies an intermediate position. vIOMMU allows transferring parts of a single physical device to different VMs or sharing access with the host system, creating independent security contexts.
  • vIOMMU vs SWIOTLB. In the context of confidential guests (SEV/TDX), the presence of vIOMMU radically changes memory management strategy. If vIOMMU is not presented to the guest, secure DMA requires the SWIOTLB software bounce buffer, which demands significant resource allocation. The presence of vIOMMU allows the guest to manage DMA translations directly, bypassing the overhead of copying data through the bounce buffer, thereby improving performance and becoming a mandatory criterion for enabling certain hardware optimizations.
  • vIOMMU vs vfio-mdev. The vIOMMU technology provides hardware DMA isolation at the BDF or PASID level, whereas mediated devices (mdev) solve multiplexing problems without hardware IOMMU support. With mdev, isolation is achieved in software: the host driver intercepts MMIO operations and replaces GPA with HPA in descriptors before sending the queue. vIOMMU enables cleaner and faster passthrough by replacing software trapping with native hardware remapping support, which is critically important for Scalable IOV.
  • VFIO-mdev (Splitting a device into virtual fragments)
  • vIOMMU vs PASID. The technologies do not conflict so much as form a hierarchy. PASID (Process Address Space ID) is an identifier allowing a single BDF device to have multiple page tables, thus providing fine-grained access. vIOMMU is the infrastructure managing the binding and unbinding of these PASIDs to virtual machines. Without vIOMMU, a guest OS cannot dynamically assign PASIDs for different tasks or accelerate Shared Virtual Addressing (SVA) through direct interaction with the physical IOMMU.

OS and driver support

The guest operating system discovers vIOMMU through ACPI tables (DMAR for Intel, IVRS for AMD), after which the driver (e.g., intel-iommu or amd_iommu) initializes the device, configuring context caches and input-output page tables. In environments like QEMU/KVM, emulated registers are passed through into the virtual machine memory space, allowing paravirtualized interfaces (virtio-iommu) to work without being tied to a specific vendor hardware model. In guest Windows, support depends on the presence of correct SLAT and the Q35 chipset, as older emulated chipsets (i440FX) can block loading of the standard VT-d driver due to architectural DMA path limitations.

KVM (Turns the Linux kernel into a hypervisor)

Security

Security is implemented through hardware-supported DMA isolation using the IOMMU Mapping Notifier: when the guest modifies its translation tables, the hypervisor intercepts this event, validates the request, and creates a shadow page table on the host side, ensuring that the physical device cannot access memory not belonging to that virtual machine. In AMD SEV and SNP-protected environments, vIOMMU data structures (Device Table, Command Buffer) are moved from the encrypted guest memory area to a shared zone so the hypervisor can correctly emulate interrupt remapping without compromising the overall integrity of the encrypted virtual machine state, although this requires careful auditing of attack vectors on the DMA path.

Logging

The logging mechanism is built by intercepting events from the physical IOMMU and passing them to the virtual event log: if the hardware IOMMU detects a translation error (Access Fault, Translation Fault), the host driver (e.g., in ARM SMMUv3 architecture) checks the device affiliation with an active vIOMMU and uses the iommu_report_device_fault function to inject a record into the guest event ring buffer. The implementation must atomically update the guest MMIO tail pointer to avoid false overflow interrupts, where the guest driver believes the buffer is empty due to pointer desynchronization caused by bitwise mask comparison errors or improper reset during log base reinitialization.

Limitations

Fundamental limitations of vIOMMU relate to dynamic mapping performance and the lack of full nested device pass-through support. With frequent map/unmap operations from the guest, the vfio_iommu_type1 backend quickly exhausts the DMA entry limit (dma_entry_limit), requiring static buffer reservation or switching to vfio-iommufd, which removes this limit and improves locked page accounting. Also, the standard intel-iommu implementation in QEMU does not support hardware-accelerated nested translation on older processors without scalable mode (Scalable-Mode VT-d), and vIOMMU pass-through in SEV guests is limited to interrupt remapping functions for x2APIC (more than 255 vCPUs) without full DMA protection as of the current patch versions.

History and development

Historically, vIOMMU was introduced in Xen and QEMU to support more than 255 vCPUs (x2APIC) and device passthrough (PCI Passthrough), starting with emulation of Intel VT-d on the Q35 chipset and AMD-Vi. The first patches released for QEMU in 2016 laid down the basic structure for DMA and interrupt remapping. A key development vector was the transition from purely software emulation to hardware-accelerated nested address translation, which spurred the development of the iommufd interface in the Linux kernel and the introduction of paravirtualized virtio-iommu to abstract vendor-specific architectures. The latest patch versions for AMD SEV (2024-2025) extend functionality with secure command pass-through in protected environments and add management of the dma-remap property for explicit control over shadow page table synchronization.

Intel VT-d (Hardware isolation of direct device access)AMD-Vi (Hardware I/O virtualization)
Latest publications