| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Jul 2012 18:40:51 +0000 From: "Rose, Gregory V" <gregory.v.rose@...el.com> To: Stephen Hemminger <shemminger@...tta.com>, Chris Friesen <chris.friesen@...band.com> CC: Don Dutile <ddutile@...hat.com>, Ben Hutchings <bhutchings@...arflare.com>, David Miller <davem@...emloft.net>, "yuvalmin@...adcom.com" <yuvalmin@...adcom.com>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "linux-pci@...r.kernel.org" <linux-pci@...r.kernel.org> Subject: RE: New commands to configure IOV features > -----Original Message----- > From: Stephen Hemminger [mailto:shemminger@...tta.com] > Sent: Monday, July 23, 2012 11:36 AM > To: Chris Friesen > Cc: Don Dutile; Ben Hutchings; David Miller; yuvalmin@...adcom.com; Rose, > Gregory V; netdev@...r.kernel.org; linux-pci@...r.kernel.org > Subject: Re: New commands to configure IOV features > > On Mon, 23 Jul 2012 09:09:38 -0600 > Chris Friesen <chris.friesen@...band.com> wrote: > > > On 07/23/2012 08:03 AM, Don Dutile wrote: > > > On 07/20/2012 07:42 PM, Chris Friesen wrote: > > >> > > >> I actually have a use-case where the guest needs to be able to > > >> modify the MAC addresses of network devices that are actually VFs. > > >> > > >> The guest is bonding the network devices together, so the bonding > > >> driver in the guest expects to be able to set all the slaves to the > > >> same MAC address. > > >> > > >> As I read the ixgbe driver, this should be possible as long as the > > >> host hasn't explicitly set the MAC address of the VF. Is that > correct? > > >> > > >> Chris > > > > > > Interesting tug of war: hypervisors will want to set the macaddrs > > > for security reasons, > > > some guests may want to set macaddr for > > > (valid?) config reasons. > > > > > > > In our case we have control over both guest an host anyways, so it's > > less of a security issue. In the general case though I could see it > > being an interesting problem. > > > > Back to the original discussion though--has anyone got any ideas about > > the best way to trigger runtime creation of VFs? I don't know what > > the binary APIs looks like, but via sysfs I could see something like > > > > echo number_of_new_vfs_to_create > > > /sys/bus/pci/devices/<address>/create_vfs > > > > Something else that occurred to me--is there buy-in from driver > > maintainers? I know the Intel ethernet drivers (what I'm most > > familiar > > with) would need to be substantially modified to support on-the-fly > > addition of new vfs. Currently they assume that the number of vfs is > > known at module init time. > > > > Why couldn't rtnl_link_ops be used for this. It is already the preferred > interface to create vlan's, bond devices, and other virtual devices? > The one issue is that do the created VF's exist in kernel as devices or > only visible to guest? I would say that rtnl_link_ops are network oriented and not appropriate for something like a storage controller or graphics device, which are two other common SR-IOV capable devices. I think it should be oriented toward the PCIe interface and subsystems in the kernel. - Greg -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists