From: Daniel Borkmann <daniel@iogearbox.net>
To: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Alexei Starovoitov <ast@plumgrid.com>,
Hannes Frederic Sowa <hannes@stressinduktion.org>,
davem@davemloft.net, viro@ZenIV.linux.org.uk, tgraf@suug.ch,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
Alexei Starovoitov <ast@kernel.org>
Subject: Re: [PATCH net-next 3/4] bpf: add support for persistent maps/progs
Date: Fri, 23 Oct 2015 15:47:56 +0200 [thread overview]
Message-ID: <562A3A8C.1060705@iogearbox.net> (raw)
In-Reply-To: <87a8rabsst.fsf@x220.int.ebiederm.org>
On 10/22/2015 09:35 PM, Eric W. Biederman wrote:
> Daniel Borkmann <daniel@iogearbox.net> writes:
>> On 10/20/2015 08:56 PM, Eric W. Biederman wrote:
>> ...
>>> Just FYI: Using a device for this kind of interface is pretty
>>> much a non-starter as that quickly gets you into situations where
>>> things do not work in containers. If someone gets a version of device
>>> namespaces past GregKH it might be up for discussion to use character
>>> devices.
>>
>> Okay, you are referring to this discussion here:
>>
>> http://thread.gmane.org/gmane.linux.kernel.containers/26760
>
> That is a piece of it. It is an old old discussion (which generally has
> been handled poorly). For the forseeable future device namespaces have
> a firm NACK by GregKH. Which means that dynamic character device based
> interfaces do not work in containers. Which means if you are not
> talking about physical hardware, character devices are a poor fit.
Yes, it breaks down with real namespace support. Reworking the set with
an improved version of the fs code is already in progress.
Thanks,
Daniel
WARNING: multiple messages have this Message-ID (diff)
From: Daniel Borkmann <daniel@iogearbox.net>
To: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Alexei Starovoitov <ast@plumgrid.com>,
Hannes Frederic Sowa <hannes@stressinduktion.org>,
davem@davemloft.net, viro@ZenIV.linux.org.uk, tgraf@suug.ch,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
Alexei Starovoitov <ast@kernel.org>
Subject: Re: [PATCH net-next 3/4] bpf: add support for persistent maps/progs
Date: Fri, 23 Oct 2015 15:47:56 +0200 [thread overview]
Message-ID: <562A3A8C.1060705@iogearbox.net> (raw)
In-Reply-To: <87a8rabsst.fsf@x220.int.ebiederm.org>
On 10/22/2015 09:35 PM, Eric W. Biederman wrote:
> Daniel Borkmann <daniel@iogearbox.net> writes:
>> On 10/20/2015 08:56 PM, Eric W. Biederman wrote:
>> ...
>>> Just FYI: Using a device for this kind of interface is pretty
>>> much a non-starter as that quickly gets you into situations where
>>> things do not work in containers. If someone gets a version of device
>>> namespaces past GregKH it might be up for discussion to use character
>>> devices.
>>
>> Okay, you are referring to this discussion here:
>>
>> http://thread.gmane.org/gmane.linux.kernel.containers/26760
>
> That is a piece of it. It is an old old discussion (which generally has
> been handled poorly). For the forseeable future device namespaces have
> a firm NACK by GregKH. Which means that dynamic character device based
> interfaces do not work in containers. Which means if you are not
> talking about physical hardware, character devices are a poor fit.
Yes, it breaks down with real namespace support. Reworking the set with
an improved version of the fs code is already in progress.
Thanks,
Daniel
next prev parent reply other threads:[~2015-10-23 13:48 UTC|newest]
Thread overview: 61+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-16 1:09 [PATCH net-next 0/4] BPF updates Daniel Borkmann
2015-10-16 1:09 ` [PATCH net-next 1/4] bpf: abstract anon_inode_getfd invocations Daniel Borkmann
2015-10-16 1:09 ` [PATCH net-next 2/4] bpf: align and clean bpf_{map,prog}_get helpers Daniel Borkmann
2015-10-16 1:09 ` [PATCH net-next 3/4] bpf: add support for persistent maps/progs Daniel Borkmann
2015-10-16 10:25 ` Hannes Frederic Sowa
2015-10-16 13:36 ` Daniel Borkmann
2015-10-16 16:36 ` Hannes Frederic Sowa
2015-10-16 17:27 ` Daniel Borkmann
2015-10-16 17:37 ` Alexei Starovoitov
2015-10-16 16:18 ` Alexei Starovoitov
2015-10-16 16:43 ` Hannes Frederic Sowa
2015-10-16 17:32 ` Alexei Starovoitov
2015-10-16 17:37 ` Thomas Graf
2015-10-16 17:21 ` Hannes Frederic Sowa
2015-10-16 17:42 ` Alexei Starovoitov
2015-10-16 17:56 ` Daniel Borkmann
2015-10-16 18:41 ` Eric W. Biederman
2015-10-16 19:27 ` Alexei Starovoitov
2015-10-16 19:53 ` Eric W. Biederman
2015-10-16 20:56 ` Alexei Starovoitov
2015-10-16 23:44 ` Eric W. Biederman
2015-10-17 2:43 ` Alexei Starovoitov
2015-10-17 12:28 ` Daniel Borkmann
2015-10-18 2:20 ` Alexei Starovoitov
2015-10-18 15:03 ` Daniel Borkmann
2015-10-18 16:49 ` Daniel Borkmann
2015-10-18 20:59 ` Alexei Starovoitov
2015-10-19 7:36 ` Hannes Frederic Sowa
2015-10-19 9:51 ` Daniel Borkmann
2015-10-19 14:23 ` Daniel Borkmann
2015-10-19 16:22 ` Alexei Starovoitov
2015-10-19 17:37 ` Daniel Borkmann
2015-10-19 17:37 ` Daniel Borkmann
2015-10-19 18:15 ` Alexei Starovoitov
2015-10-19 18:46 ` Hannes Frederic Sowa
2015-10-19 19:34 ` Alexei Starovoitov
2015-10-19 20:03 ` Hannes Frederic Sowa
2015-10-19 20:48 ` Alexei Starovoitov
2015-10-19 22:17 ` Daniel Borkmann
2015-10-19 22:17 ` Daniel Borkmann
2015-10-20 0:30 ` Alexei Starovoitov
2015-10-20 8:46 ` Daniel Borkmann
2015-10-20 8:46 ` Daniel Borkmann
2015-10-20 17:53 ` Alexei Starovoitov
2015-10-20 18:56 ` Eric W. Biederman
2015-10-21 15:17 ` Daniel Borkmann
2015-10-21 15:17 ` Daniel Borkmann
2015-10-21 18:34 ` Thomas Graf
2015-10-21 22:44 ` Alexei Starovoitov
2015-10-22 13:22 ` Daniel Borkmann
2015-10-22 19:35 ` Eric W. Biederman
2015-10-23 13:47 ` Daniel Borkmann [this message]
2015-10-23 13:47 ` Daniel Borkmann
2015-10-20 9:43 ` Hannes Frederic Sowa
2015-10-19 23:02 ` Hannes Frederic Sowa
2015-10-20 1:09 ` Alexei Starovoitov
2015-10-20 10:07 ` Hannes Frederic Sowa
2015-10-20 18:44 ` Alexei Starovoitov
2015-10-16 19:54 ` Daniel Borkmann
2015-10-16 1:09 ` [PATCH net-next 4/4] bpf: add sample usages " Daniel Borkmann
2015-10-19 2:53 ` [PATCH net-next 0/4] BPF updates David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=562A3A8C.1060705@iogearbox.net \
--to=daniel@iogearbox.net \
--cc=ast@kernel.org \
--cc=ast@plumgrid.com \
--cc=davem@davemloft.net \
--cc=ebiederm@xmission.com \
--cc=hannes@stressinduktion.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=tgraf@suug.ch \
--cc=viro@ZenIV.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.