QEMU, often used as the hypervisor for virtual machines running in Cloud, can be susceptible to security attack because it is a large monolithic program. Disaggregated QEMU which involves separating QEMU services into separate host processes reduces the attack surface. Disaggregating IO services is a good place to begin QEMU disaggregating.
VFIO-over-Socket, also known as vfio-user, is a protocol that allows a device to be virtualized in separate process outside QEMU. It can be the main transport mechanism for multi-process QEMU, and it can be used the by other application offering device virtualization. DPDK will have vfio-user support by introducing and implementing vfio-user bus driver. That provides the framework for DPDK application to offer device virtualization and accommodates QEMU out-of-tree emulated devices in DPDK.
This presentation will cover below items: 1. Why and how allow a device to be virtualized outside QEMU 2. Introducing framework for accommodating emulated/virtualized in DPDK 3. Introducing a specific emulated/virtualized device in DPDK 4. Other potential emulated devices in DPDK (optional)