lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 2 Feb 2023 09:43:59 -0800
From:   Jakub Kicinski <kuba@...nel.org>
To:     Martin Habets <habetsm.xilinx@...il.com>
Cc:     Jiri Pirko <jiri@...nulli.us>,
        "Lucero Palau, Alejandro" <alejandro.lucero-palau@....com>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "linux-net-drivers (AMD-Xilinx)" <linux-net-drivers@....com>,
        "davem@...emloft.net" <davem@...emloft.net>,
        "pabeni@...hat.com" <pabeni@...hat.com>,
        "edumazet@...gle.com" <edumazet@...gle.com>,
        "ecree.xilinx@...il.com" <ecree.xilinx@...il.com>,
        "linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
        "corbet@....net" <corbet@....net>,
        "jiri@...dia.com" <jiri@...dia.com>
Subject: Re: [PATCH v4 net-next 1/8] sfc: add devlink support for ef100

On Thu, 2 Feb 2023 09:24:56 +0000 Martin Habets wrote:
> > FWIW I'd just take the devl lock in the main driver code.
> > devlink should be viewed as a layer between bus and driver rather 
> > than as another subsystem the driver registers with. Otherwise reloads
> > and port creation get awkward.  
> 
> I see it a bit differently. For me devlink is another subsystem, it even is
> an optional subsystem.
> At the moment we don't support devlink port for VFs. If needed we'll add that
> at some point, but likely only for newer NICs.

That's fine. I believe the structure I suggest is the easiest one 
to get right, but it's not a hard requirement.

> Do you think vDPA and RDMA devices will ever register with devlink?

Good question, I can't speak for the entire project but personally 
I have little interest in interfaces to proprietary world, 
so I hope not.

> At the moment I don't see devlink port ever applying to our older hardware,
> like our sfn8000 or X2 cards. I do think devlink info and other commands
> could apply more generally.
> 
> There definitely is a need to evolve to another layer between bus and
> devices, and devlink can be used to administer that. But that does not
> imply the reverse, that all devices register as devlink devices.
> For security we would want to limit some operations (such as port creation)
> to specific devlink instance(s). For example, normally we would not want a
> tennant VM to flash new firmware that applies to the whole NIC.
> I hope this makes sense.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ