On 16/04/2019 10:45, David Marchand wrote:
> At the moment, a malicious guest might negotiate VIRTIO_NET_F_MQ and
> !VIRTIO_NET_F_MQ in a loop which would be seen as qp_num going from 1 to
> n and n to 1 continuously, triggering datapath reconfigurations at each
> transition.
>
> Limit this by
On Tue, Apr 16, 2019 at 3:51 PM Ilya Maximets
wrote:
> On 16.04.2019 12:45, David Marchand wrote:
> > At the moment, a malicious guest might negotiate VIRTIO_NET_F_MQ and
> > !VIRTIO_NET_F_MQ in a loop which would be seen as qp_num going from 1 to
> > n and n to 1 continuously, triggering
On 16.04.2019 12:45, David Marchand wrote:
> At the moment, a malicious guest might negotiate VIRTIO_NET_F_MQ and
> !VIRTIO_NET_F_MQ in a loop which would be seen as qp_num going from 1 to
> n and n to 1 continuously, triggering datapath reconfigurations at each
> transition.
>
> Limit this by
At the moment, a malicious guest might negotiate VIRTIO_NET_F_MQ and
!VIRTIO_NET_F_MQ in a loop which would be seen as qp_num going from 1 to
n and n to 1 continuously, triggering datapath reconfigurations at each
transition.
Limit this by only reconfiguring on increased qp_num.
The previous