From: Zhu Yanjun <yanjun.zhu@linux.dev>
To: Parav Pandit <parav@nvidia.com>, Mark Lehrer <lehrer@gmail.com>
Cc: Zhu Yanjun <yanjun.zhu@intel.com>, "jgg@ziepe.ca" <jgg@ziepe.ca>,
"leon@kernel.org" <leon@kernel.org>,
"zyjzyj2000@gmail.com" <zyjzyj2000@gmail.com>,
"linux-rdma@vger.kernel.org" <linux-rdma@vger.kernel.org>
Subject: Re: [PATCHv3 0/8] Fix the problem that rxe can not work in net namespace
Date: Fri, 14 Apr 2023 23:49:52 +0800 [thread overview]
Message-ID: <29e1ed5a-091a-1560-19e5-05c3aefb764b@linux.dev> (raw)
In-Reply-To: <PH0PR12MB5481CA9F5AE04CE5295E7552DC989@PH0PR12MB5481.namprd12.prod.outlook.com>
在 2023/4/14 0:42, Parav Pandit 写道:
>
>> From: Mark Lehrer <lehrer@gmail.com>
>> Sent: Thursday, April 13, 2023 12:38 PM
>>
>>> Initiator is not net ns aware.
>> Am I correct in my assessment that this could be a container jailbreak risk? We
>> aren't using containers,
> Unlikely. because container orchestration must need to give access to the nvme char/misc device to the container.
> And it should do it only when nvme initiator/target are net ns aware.
>
>> but we were shocked that RoCEv2 connections
>> magically worked through the physical function which was not in the netns
>> context.
> I do not understand this part.
> If you are in exclusive mode rdma devices must be in respective/appropriate net ns.
After applying these commits, rxe works in the exclusive mode.
Zhu Yanjun
> It unlikely works, may be some misconfiguration. Hard to way without exact commands.
next prev parent reply other threads:[~2023-04-14 15:51 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-14 6:06 [PATCHv3 0/8] Fix the problem that rxe can not work in net namespace Zhu Yanjun
2023-02-14 6:06 ` [PATCHv3 1/8] RDMA/rxe: Creating listening sock in newlink function Zhu Yanjun
2023-02-23 13:10 ` Zhu Yanjun
2023-02-14 6:06 ` [PATCHv3 2/8] RDMA/rxe: Support more rdma links in init_net Zhu Yanjun
2023-02-23 13:10 ` Zhu Yanjun
2023-02-14 6:06 ` [PATCHv3 3/8] RDMA/nldev: Add dellink function pointer Zhu Yanjun
2023-02-23 13:11 ` Zhu Yanjun
2023-02-14 6:06 ` [PATCHv3 4/8] RDMA/rxe: Implement dellink in rxe Zhu Yanjun
2023-02-23 13:12 ` Zhu Yanjun
2023-02-14 6:06 ` [PATCHv3 5/8] RDMA/rxe: Replace global variable with sock lookup functions Zhu Yanjun
2023-02-23 13:13 ` Zhu Yanjun
2023-02-14 6:06 ` [PATCHv3 6/8] RDMA/rxe: add the support of net namespace Zhu Yanjun
2023-02-23 13:14 ` Zhu Yanjun
2023-02-14 6:06 ` [PATCHv3 7/8] RDMA/rxe: Add the support of net namespace notifier Zhu Yanjun
2023-02-23 13:14 ` Zhu Yanjun
2023-02-14 6:06 ` [PATCHv3 8/8] RDMA/rxe: Replace l_sk6 with sk6 in net namespace Zhu Yanjun
2023-02-23 13:15 ` Zhu Yanjun
2023-02-23 0:31 ` [PATCHv3 0/8] Fix the problem that rxe can not work " Zhu Yanjun
2023-02-23 4:56 ` Jakub Kicinski
2023-02-23 11:42 ` Zhu Yanjun
2023-02-25 8:43 ` Rain River
2023-04-12 17:22 ` Mark Lehrer
2023-04-12 21:01 ` Mark Lehrer
2023-04-13 7:22 ` Zhu Yanjun
2023-04-13 13:00 ` Mark Lehrer
2023-04-13 13:05 ` Parav Pandit
2023-04-13 15:38 ` Mark Lehrer
2023-04-13 16:20 ` Parav Pandit
2023-04-13 16:23 ` Parav Pandit
2023-04-13 16:37 ` Mark Lehrer
2023-04-13 16:42 ` Parav Pandit
2023-04-14 15:49 ` Zhu Yanjun [this message]
[not found] ` <CADvaNzWfS5TFQ3b5JyaKFft06ihazadSJ15V3aXvWZh1jp1cCA@mail.gmail.com>
2023-04-14 16:24 ` Mark Lehrer
2023-04-15 13:35 ` Zhu Yanjun
2023-04-19 0:43 ` Parav Pandit
2023-04-19 4:19 ` Zhu Yanjun
2023-04-19 18:01 ` Mark Lehrer
2023-04-20 14:28 ` Zhu Yanjun
2023-04-13 7:17 ` Zhu Yanjun
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=29e1ed5a-091a-1560-19e5-05c3aefb764b@linux.dev \
--to=yanjun.zhu@linux.dev \
--cc=jgg@ziepe.ca \
--cc=lehrer@gmail.com \
--cc=leon@kernel.org \
--cc=linux-rdma@vger.kernel.org \
--cc=parav@nvidia.com \
--cc=yanjun.zhu@intel.com \
--cc=zyjzyj2000@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox