From: Yunsheng Lin linyunsheng@huawei.com Sent: Wednesday, June 9, 2021 4:47 PM
On 2021/6/9 17:52, Parav Pandit wrote:
From: Yunsheng Lin linyunsheng@huawei.com Sent: Tuesday, June 8, 2021 5:41 PM
Is there any reason why VF use its own devlink instance?
Because devlink instance gives the ability for the VF and SF to control itself. (a) device parameters (devlink dev param show) (b) resources of the device (c) health reporters (d) reload in net ns
There knobs (a) to (c) etc are not for the hypervisor to control. These are
mainly for the VF/SF users to manage its own device.
Do we need to disable user from changing the net ns in a container?
It is not the role of the hw/vendor driver to disable it. Process capabilities such as NET_ADMIN etc take care of it.