| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 20 Apr 2010 16:57:02 +0200 From: Arnd Bergmann <arnd@...db.de> To: Chris Wright <chrisw@...hat.com> Cc: Scott Feldman <scofeldm@...co.com>, davem@...emloft.net, netdev@...r.kernel.org Subject: Re: [net-next,1/2] add iovnl netlink support On Tuesday 20 April 2010, Chris Wright wrote: > * Arnd Bergmann (arnd@...db.de) wrote: > > On Monday 19 April 2010, Scott Feldman wrote: > > > > What is the reason for controlling the slave device through the master, > > rather than talking to the slave directly? The kernel always knows > > the master for each slave, so it seems to me that this information > > is redundant. > > Not all devices have this relationship explicit (i.e. not all are pure > sr-iov devices). If there's always a way to discover the master from > the device, then I agree we only need the slave. Hmm, is there an actual example of a card where the relationship is not known to the kernel? > > Is this new interface only for the case that you have a switch integrated > > in the NIC, or also for the case where you do an LLDP and EDP exchange > > with an adjacent bridge and put the device into VEPA mode? > > It should be useful for both. That's part of the reason for using > netlink, a userspace daemon running the VDP state machine (like lldpad) > can listen for these messages and see a set_port_profile request when > the user starts up a VM. After thinking some more about this case, I now believe we should do it the other way around, and have lldpad in control of this interface from the user space side, and letting user programs (lldptool, libvirt, ...) talk to lldpad in order to set it up. > > Also, do you expect your interface to be supported by dcbd/lldpad, > > or is there a good reason to create a new tool for iovnl? > > lldpad would listen, I don't see why iproute2 couldn't send, and libvirt > will send as well. Not sure. We need lldpad to do this exchange for the case of VEPA with VDP, so always using lldpad would let us unify the user interface for both cases. We can of course have iproute2 talk to lldpad, in the same way that libvirt does. > > > + * @IOV_ATTR_PORT_PROFILE: port-profile name to assign to device > > > + * (NLA_NUL_STRING) > > > > How does the definition of the port profile get into the NIC's switch? > > Is there any way to list the available port profiles? > > The port profile is a concept external to the NIC's switch. It's a value > that exists in the external physical layer 2 switching infrastructure. > So an admin knows this value and is informing the adjacent switch that a > new virutal interface is coming up and needs some particular port profile. But that's only the case if the NIC itself is in VEPA mode. If that were the case, there would be no need for a kernel interface at all, because then we could just drive the port profile selection from user space. The proposed interface only seems to make sense if you use it to configure the NIC itself! Why should it care about the port profile otherwise? > > Same here: Should you be able to set multiple MAC addresses, or > > trunk mode? Can the VF override it? > > Also, for the new multi-channel VEPA, I'd guess that you also need > > to supply an 802.1ad S-VLAN ID. > > Something like set_port_profile() would initiate the negotiation for the > s-vlan id for a particular channel, not sure it's needed as part of the > netlink interface or not. Well, you have to set up the s-vlan ID in order to have something to set the port profile in. Arnd -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists