lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <64b25d26-dbc1-4027-b04f-ecf5ad3b69b9@lunn.ch>
Date: Wed, 7 May 2025 19:25:44 +0200
From: Andrew Lunn <andrew@...n.ch>
To: John Ousterhout <ouster@...stanford.edu>
Cc: Paolo Abeni <pabeni@...hat.com>, netdev@...r.kernel.org,
	edumazet@...gle.com, horms@...nel.org, kuba@...nel.org
Subject: Re: [PATCH net-next v8 05/15] net: homa: create homa_peer.h and
 homa_peer.c

On Wed, May 07, 2025 at 09:11:01AM -0700, John Ousterhout wrote:
> On Mon, May 5, 2025 at 4:06 AM Paolo Abeni <pabeni@...hat.com> wrote:
> 
> > On 5/3/25 1:37 AM, John Ousterhout wrote:
> > [...]
> > > +{
> > > +     /* Note: when we return, the object must be initialized so it's
> > > +      * safe to call homa_peertab_destroy, even if this function returns
> > > +      * an error.
> > > +      */
> > > +     int i;
> > > +
> > > +     spin_lock_init(&peertab->write_lock);
> > > +     INIT_LIST_HEAD(&peertab->dead_dsts);
> > > +     peertab->buckets = vmalloc(HOMA_PEERTAB_BUCKETS *
> > > +                                sizeof(*peertab->buckets));
> >
> > This struct looks way too big to be allocated on per netns basis. You
> > should use a global table and include the netns in the lookup key.
> 
> Are there likely to be lots of netns's in a system? I thought I read
> someplace that a hardware NIC must belong exclusively to a single
> netns, so from that I assumed there couldn't be more than a few
> netns's.

You might want to read up about PF and VF, as part of SR-IOV

https://www.intel.com/content/www/us/en/developer/articles/technical/configure-sr-iov-network-virtual-functions-in-linux-kvm.html

https://doc.dpdk.org/guides/_images/single_port_nic.png

You can have one NIC support a number of Virtual Functions, each of
which is a PCIe device on the bus and gets its own linux
interface. You can move those interfaces between network names spaces,
or pass them through into virtual machines. Below these Virtual
Functions is an embedded switch, often called eswitch. That allows
traffic to flow between the VFs, for e.g. VM to VM, or out the media
to the link peer.

I've used some Intel NICs which support 32 VFs, but other Intel NICs
support 64 VFs.

	Andrew

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ