[Intel-wired-lan] Does a VF know that it is "trusted"?
Keller, Jacob E
jacob.e.keller at intel.com
Tue May 15 22:17:04 UTC 2018
> -----Original Message-----
> From: Intel-wired-lan [mailto:intel-wired-lan-bounces at osuosl.org] On Behalf Of
> Shannon Nelson
> Sent: Tuesday, May 15, 2018 11:13 AM
> To: Wyborny, Carolyn <carolyn.wyborny at intel.com>; Skidmore, Donald C
> <donald.c.skidmore at intel.com>; Intel Wired LAN <intel-wired-
> lan at lists.osuosl.org>
> Subject: Re: [Intel-wired-lan] Does a VF know that it is "trusted"?
> On 5/15/2018 10:58 AM, Wyborny, Carolyn wrote:
> > No, the intent is that the VF does not know its trusted or not. It asks and if it
> *is* trusted, then the PF grants the request. VF only knows if the request was
> granted or not. That is the current design anyway. Mitch can probably comment
> Thanks - that's what I thought, but wanted to be sure. The case I have
> in mind is where the VF might advertise additional netdev features if it
> knows it is trusted. Obviously, I'm thinking about IPsec offloads, but
> I would think this could apply to other features as well.
> The problem I see is that right now, if IPsec offload capability is
> added to the VF, but only allowed when trusted, the VF must blindly
> advertise its support even if the PF is just going to NAK the request.
> That leads to a poor user experience.
The VF could advertise it's supported until it gets a NAK on the related operations? Or some mechanism to check if a feature is enabled could be added?
More information about the Intel-wired-lan