Is GPU-P (GPU-Paravirtualization) Safe?

i'm working on building a virtualization server and i want to partition the GPU like the LTT team did in this video and how craft did in this video. i want to this in the production environment for a local business because of the obvious lower cost/station. my question is, is it secure? can an attacker run scripting on the host through the graphics driver which is linking the VM to the host. the reason i ask is because when you use GPU passthrough, microsoft recommends installing a "security mitigation driver" here. since GPU passthrough has an obviously narrower window to the hyper-v host (since the GPU is "offline" at the host level) i'm wondering how it comes into play here. any thoughts? would appreciate it.

Firstly try really hard not to trust LTT when it comes to Production workloads - they routinely make work for themselves building unsupportable, unstable "serverlike" systems - because it gets views, as do the subsequent videos where they 'fix' the problems they cause. Truth is that professional system design, building and administration is kind of dull because all we care about is uptime and serving our customers - it's dull, doesn't get clicks but keeps hundreds of thousands of professionals in work - and the world turning.

Secondly it's perfectly possible to build GPU virtualisation that's reliable and secure - I do it myself - but I use VMware's ESXi as my hypervisor and NVidia's GRiD software and supported hardware to achieve this. None of this is free but it's been working well for half-a-decade or more for me.

Obviously you'll have your own budget in mind, which may preclude some or all of the tools I use to do this but to answer your question - yes it's very do'able - but your tool set will vary this. I'm sure there's someone else on here who's maybe tried to do this with Hyper-V.

Certainly full PCIe device passthrough works with most hypervisors given enough configuration, and should be as secure as any other virtualised resource within your VMs.

Anyway I hope you understand my answer, get even better help off others, but please - friends don't let friends trust LTT designs - not for Production anyway, seriously what they do with their disk arrays sends shudders down the spines of storage-pros :)

I would strongly advice against using GPU paravirtualization in an productive environment. Here is why:

1. Some things work others don't. Folks on reddit tested it for gaming and came up with a list you can see here. If the software you intend to use won't work you will probably get no support from Nvidia, AMD or Microsoft.
2. The worst thing I experienced was using Nvidia driver R525 and Cyber Punk where both host and guest system crashed at the same time. However the same game worked with an older GPU driver version.
3. The fact that the feature isn't even included into the Hyper-V-Manager is a strong indicator that it's really experimental.
4. However if you're into testing new GPU virtualizing solutions, you don't mind searching for a working configuration on your own or with the help of the online community and stability isn't the highest priority then GPU paravirtualization is right for you.

Without the limitation of using Hyper-V I'd suggest using GPU passthrough or vGPUs with a hypervisor like VMware ESXi or KVM. KVM and GPU passthrough would even be available for free and even for consumer GPUs as you can see here.