lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 16 Dec 2021 16:17:29 +0000
From:   Sunil Sudhakar Rani <sunrani@...dia.com>
To:     Jakub Kicinski <kuba@...nel.org>,
        Saeed Mahameed <saeedm@...dia.com>
CC:     Parav Pandit <parav@...dia.com>, Jiri Pirko <jiri@...dia.com>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "davem@...emloft.net" <davem@...emloft.net>,
        Bodong Wang <bodong@...dia.com>
Subject: RE: [PATCH net-next 1/2] devlink: Add support to set port function as
 trusted

> On Wed, 15 Dec 2021 22:15:10 +0000 Saeed Mahameed wrote:
> > On Wed, 2021-12-15 at 11:22 -0800, Jakub Kicinski wrote:
> > > On Wed, 15 Dec 2021 18:19:16 +0000 Saeed Mahameed wrote:
> > > > After some internal discussions, the plan is to not push new
> > > > interfaces, but to utilize the existing devlink params interface
> > > > for devlink port functions.
> > > >
> > > > We will suggest a more fine grained parameters to control a port
> > > > function (SF/VF) well-defined capabilities.
> > > >
> > > > devlink port function param set/get DEV/PORT_INDEX name
> PARAMETER
> > > > value VALUE cmode { runtime | driverinit | permanent }
> > > >
> > > > Jiri is already on-board. Jakub I hope you are ok with this, let
> > > > us know if you have any concerns before we start implementation.
> > >
> > > You can use mail pigeon to configure this, my questions were about
> > > the feature itself not the interface.
> >
> > We will have a parameter per feature we want to enable/disable instead
> > of a global "trust" knob.
> 
> So you're just asking me if I'm okay with devlink params regardless if I'm okay
> with what they control? Not really, I prefer an API as created by this patches.
What shortcomings do you see in the finer granular approach we want to go to enable/disable
On a per feature basis instead of global knob?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ