Comment 7 for bug 1915282

One more note, tunneled network + PF _could_ be safe IFF the operator has configured tenant isolation on their top-of-rack switches. Because of this, I'm not 100% sure we should block it. And maybe just add that explanation/warning onto the config help for [pci]passthrough_whitelist.