| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 Oct 2023 13:26:30 +0200 From: Florian Kauer <florian.kauer@...utronix.de> To: Daniel Borkmann <daniel@...earbox.net>, bpf@...r.kernel.org Cc: netdev@...r.kernel.org, martin.lau@...nel.org, razor@...ckwall.org, ast@...nel.org, andrii@...nel.org, john.fastabend@...il.com Subject: Re: [PATCH bpf-next 1/8] meta, bpf: Add bpf programmable meta device Hi Daniel, On 26.09.23 07:59, Daniel Borkmann wrote: > This work adds a new, minimal BPF-programmable device called "meta" we > recently presented at LSF/MM/BPF. The latter name derives from the Greek > μετά, encompassing a wide array of meanings such as "on top of", "beyond". > Given business logic is defined by BPF, this device can have many meanings. > The core idea is that BPF programs are executed within the drivers xmit > routine and therefore e.g. in case of containers/Pods moving BPF processing > closer to the source. I have a more general question: You mentioned in your LSF/MM/BPF talk that you do not plan for XDP support for the "meta device", because it is already supported in veth. Does that imply that already today I will get full zerocopy from container via veth to the NIC (and not only to other containers) by simply opening an AF_XDP socket inside a container? Thanks, Florian
Powered by blists - more mailing lists