On Wed, Sep 30, 2015 at 02:53:19PM +0300, Vlad Zolotarov wrote: > > > On 09/30/15 14:41, Michael S. Tsirkin wrote: > >On Wed, Sep 30, 2015 at 02:26:01PM +0300, Vlad Zolotarov wrote: > >>The whole idea is to bypass kernel. Especially for networking... > >... on dumb hardware that doesn't support doing that securely. > > On a very capable HW that supports whatever security requirements needed > (e.g. 82599 Intel's SR-IOV VF devices).
Network card type is irrelevant as long as you do not have an IOMMU, otherwise you would just use e.g. VFIO. > >Colour me unimpressed. > >