[Intel-wired-lan] Does a VF know that it is "trusted"?

Keller, Jacob E jacob.e.keller at intel.com
Tue May 15 22:17:04 UTC 2018

> -----Original Message-----
> From: Intel-wired-lan [mailto:intel-wired-lan-bounces at osuosl.org] On Behalf Of
> Shannon Nelson
> Sent: Tuesday, May 15, 2018 11:13 AM
> To: Wyborny, Carolyn <carolyn.wyborny at intel.com>; Skidmore, Donald C
> <donald.c.skidmore at intel.com>; Intel Wired LAN <intel-wired-
> lan at lists.osuosl.org>
> Subject: Re: [Intel-wired-lan] Does a VF know that it is "trusted"?
> On 5/15/2018 10:58 AM, Wyborny, Carolyn wrote:
> > No, the intent is that the VF does not know its trusted or not.  It asks and if it
> *is* trusted, then the PF grants the request.  VF only knows if the request was
> granted or not.  That is the current design anyway.  Mitch can probably comment
> more.
> >
> Thanks - that's what I thought, but wanted to be sure.  The case I have
> in mind is where the VF might advertise additional netdev features if it
> knows it is trusted.  Obviously, I'm thinking about IPsec offloads, but
> I would think this could apply to other features as well.
> The problem I see is that right now, if IPsec offload capability is
> added to the VF, but only allowed when trusted, the VF must blindly
> advertise its support even if the PF is just going to NAK the request.
> That leads to a poor user experience.
> Hmmm...
> sln

The VF could advertise it's supported until it gets a NAK on the related operations? Or some mechanism to check if a feature is enabled could be added?


More information about the Intel-wired-lan mailing list