[libvirt] [RFC PATCH 00/28] Enable multifunction pci hotplug
Daniel P. Berrangé
berrange at redhat.com
Thu Mar 15 16:11:24 UTC 2018
On Thu, Mar 15, 2018 at 09:54:46AM -0600, Alex Williamson wrote:
> On Thu, 15 Mar 2018 15:06:38 +0000
> Daniel P. Berrangé <berrange at redhat.com> wrote:
> > On Thu, Mar 15, 2018 at 08:59:41AM -0600, Alex Williamson wrote:
> > >
> > > Neither really bothers me, but I'm confused by the claimed existing
> > > handling of SR-IOV. Either you're assigning a PF and SR-IOV is
> > > irrelevant and unavailable to the guest or you're assigning a VF and,
> > > well, SR-IOV is still mostly irrelevant to libvirt unless someone
> > > decides to assign the PF hosting the VF or libvirt needs to do VF
> > > configuration via the PF. Thanks,
> >
> > Hmm, could be a mis-understanding then. I was under the belief that
> > when you assign the PF or a SRIOV device to the guest, all the
> > VFs obviously disappear from the host due to driver being unloaded.
> > The guest now has the PF, and would have the option to enable VFs
> > too if it so desired, just as the host had option for when it owned
> > the PF.
>
> Yeah, that's not how it currently works. Some people would like it if
> this were the case, but we've not gotten past the security issues. If
> the user is allowed to enable SR-IOV, those VFs don't just appear for
> the VM, they appear on the host. The host needs to probe for them,
> assign resources, and attach drivers. What should the host do with VFs
> that are managed by an untrusted userspace driver? The isolation
> between VFs and PFs depends on the vendor's SR-IOV implementation.
> Minimally, the PF driver manages the PCI bus master config bit and can
> trivially introduce a denial of service for the VFs. Allowing a VM to
> enable SR-IOV only for the purpose of assigning those VFs back to the VM
> owning the PF doesn't seem to be a particularly compelling feature on
> its own. Thanks,
So it sounds like if, in the future, we did want to allow the guest to
have the PF, *and* all the VFs at the same time, we would probably need
to arrange that all from the host side, vaguely like is being proposed
in this series for non-SRIOV, and not let the guest have control over VF
create/delete itself.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
More information about the libvir-list
mailing list