On Fri, 2015-03-06 at 06:04 +0000, Hiroshi Shimamoto wrote: > > From: Hiroshi Shimamoto <h-shimam...@ct.jp.nec.com> > > > > Disable hardware VLAN filtering if netdev->features VLAN flag is > dropped. > > > > In SR-IOV case, there is a use case which needs to disable VLAN > filter. > > For example, we need to make a network function with VF in > virtualized > > environment. That network function may be a software switch, a > router > > or etc. It means that that network function will be an end point > which > > terminates many VLANs. > > > > In the current implementation, VLAN filtering always be turned on > and > > VF can receive only 63 VLANs. It means that only 63 VLANs can be > terminated > > in one NIC. > > > > With this patch, if the user turns VLAN filtering off on the host, > VF > > can receive every VLAN packet. > > > > This VLAN filtering can be turned on or off when SR-IOV is disabled, > if not > > the operation is rejected. > > Hi, > > any comment about this? > I added a warning message and prevent operation during SR-IOV is > enabled.
Yes, the warning message you added says nothing of the huge security hole this exposes. We need a message the correctly expresses the dangers in turning this off. Also it does not appear that you addressed Ben Hutchings concerns, as I asked. Correct me if I am wrong and you did address Ben's concerns.
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________ E1000-devel mailing list E1000-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/e1000-devel To learn more about Intel® Ethernet, visit http://communities.intel.com/community/wired
