> The physical function is the one with the "real" PCI config space, so as > long as the host controls it then there should be minimal risk from the > guests since they have limited access via the virtual functions--typically > mostly just message-passing to the physical function.
As long as its a whitelist of audited message handlers, thats fine. Of course, if the message handlers haven't been audited, who knows whats lurking in there. -Rob -- Robert Collins <[email protected]> Distinguished Technologist HP Converged Cloud _______________________________________________ OpenStack-dev mailing list [email protected] http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
