lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Wed, 26 Aug 2020 02:53:51 +0000
From:   "Liang, Cunming" <cunming.liang@...el.com>
To:     Jakub Kicinski <kuba@...nel.org>
CC:     "Wang, Haiyue" <haiyue.wang@...el.com>,
        "Singhai, Anjali" <anjali.singhai@...el.com>,
        "Samudrala, Sridhar" <sridhar.samudrala@...el.com>,
        "Sarangam, Parthasarathy" <parthasarathy.sarangam@...el.com>,
        Jamal Hadi Salim <jhs@...atatu.com>,
        "shm@...ulusnetworks.com" <shm@...ulusnetworks.com>,
        Tom Herbert <tom@...bertland.com>,
        "Venkataramanan, Anirudh" <anirudh.venkataramanan@...el.com>,
        "davem@...emloft.net" <davem@...emloft.net>,
        "nhorman@...hat.com" <nhorman@...hat.com>,
        "sassmann@...hat.com" <sassmann@...hat.com>,
        "Bowers, AndrewX" <andrewx.bowers@...el.com>,
        "Kirsher, Jeffrey T" <jeffrey.t.kirsher@...el.com>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "Nguyen, Anthony L" <anthony.l.nguyen@...el.com>,
        "Lu, Nannan" <nannan.lu@...el.com>,
        "Brandeburg, Jesse" <jesse.brandeburg@...el.com>,
        "Parikh, Neerav" <neerav.parikh@...el.com>
Subject: RE: [net-next 1/5] ice: add the virtchnl handler for AdminQ command



> -----Original Message-----
> From: Wang, Haiyue <haiyue.wang@...el.com>
> Sent: Wednesday, August 5, 2020 9:06 AM
> To: Jakub Kicinski <kuba@...nel.org>
> Cc: Tom Herbert <tom@...bertland.com>; Venkataramanan, Anirudh
> <anirudh.venkataramanan@...el.com>; davem@...emloft.net;
> nhorman@...hat.com; sassmann@...hat.com; Bowers, AndrewX
> <andrewx.bowers@...el.com>; Kirsher, Jeffrey T <jeffrey.t.kirsher@...el.com>;
> netdev@...r.kernel.org; Nguyen, Anthony L <anthony.l.nguyen@...el.com>; Lu,
> Nannan <nannan.lu@...el.com>; Liang, Cunming <cunming.liang@...el.com>
> Subject: RE: [net-next 1/5] ice: add the virtchnl handler for AdminQ command
> 
> > -----Original Message-----
> > From: Jakub Kicinski <kuba@...nel.org>
> > Sent: Tuesday, August 4, 2020 04:46
> > To: Wang, Haiyue <haiyue.wang@...el.com>
> > Cc: Tom Herbert <tom@...bertland.com>; Venkataramanan, Anirudh
> > <anirudh.venkataramanan@...el.com>;
> > davem@...emloft.net; nhorman@...hat.com; sassmann@...hat.com;
> Bowers,
> > AndrewX <andrewx.bowers@...el.com>; Kirsher, Jeffrey T
> > <jeffrey.t.kirsher@...el.com>; netdev@...r.kernel.org; Nguyen, Anthony
> > L <anthony.l.nguyen@...el.com>; Lu, Nannan <nannan.lu@...el.com>;
> > Liang, Cunming <cunming.liang@...el.com>
> > Subject: Re: [net-next 1/5] ice: add the virtchnl handler for AdminQ
> > command
> >
> > On Mon, 3 Aug 2020 10:39:52 +0000 Wang, Haiyue wrote:
> > > > In this case, I'm guessing, Intel can reuse RTE flow -> AQ code
> > > > written to run on PFs on the special VF.
> > > >
> > > > This community has selected switchdev + flower for programming flows.
> > > > I believe implementing flower offloads would solve your use case,
> > > > and at the same time be most beneficial to the netdev community.

Jakub, thanks for the feedback. We proposed the previous solution in our eagerness to satisfy customers who were using mature, and validated (for their data centers) host kernels and still enable rapid adaption to new network control planes.

When revisiting the real problems we were facing, basically we're looking for a rapid self-iteration control plane independent of a mature deployed host kernel. Definitely kernel is the most suitable path for a control plane and we need to enhance the kernel to add the missing piece required for this solution. Best way to achieve this is allow such use cases is to deploy control plane on latest kernel running as virtual machine. We shared some thoughts on netdev 0x14 workshop, attached link as https://github.com/seaturn/switchdev-trust-vf/blob/master/netconf-workshop.pdf.

As a follow-up, we'll continue work on tc-generic proposal and look for programming rate improvement. As an independent effort of enhancing tc-generic/switchdev on trusted VF, delegating device specific capabilities (e.g. eswitch) to an assignable trusted VF brings all the benefit of a separated kernel to upgrade up-to-date features in the pace of applications, and always prevent host stack from any connectivity (e.g. stable access) issues.

Will be happy to answer any queries...and thank you for guiding us in the right path.

> > >
> > > Jakub,
> > >
> > > Thanks, I deep into the switchdev, it is kernel software bridge for
> > > hardware offload, and each port is registered with register_netdev.
> > > So this solution is not suitable for current case: VF can be assigned to VMs.
> >
> > You may be missing the concept of a representor.
> >
> 
> I found the concept, thanks, missed it!

Powered by blists - more mailing lists