From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 73410C77B71 for ; Fri, 14 Apr 2023 15:51:12 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230383AbjDNPvL (ORCPT ); Fri, 14 Apr 2023 11:51:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38470 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230369AbjDNPvG (ORCPT ); Fri, 14 Apr 2023 11:51:06 -0400 Received: from out-62.mta0.migadu.com (out-62.mta0.migadu.com [91.218.175.62]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F00BAB744 for ; Fri, 14 Apr 2023 08:50:42 -0700 (PDT) Message-ID: <29e1ed5a-091a-1560-19e5-05c3aefb764b@linux.dev> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1681487405; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=EusXVpWZUyIIrpy7HTUpa7FXiA0NpaVYi71EPwFOnrU=; b=V9rjtRkxgv2jFI3k729uh1rLnRHXc1BwImBKJUwAr4IMCt7DSO6I9C0b6XJ6Rx2qzEL7un yhf8LuNyjZrr6NXxExRvGIrYLa8P7edR6Kjtmy9DJ/MxgTD4Lneza4wxjJNPhFD90A0Bc1 Af9+5248SjJV4fbo7P/u+q94FKsC6jY= Date: Fri, 14 Apr 2023 23:49:52 +0800 MIME-Version: 1.0 Subject: Re: [PATCHv3 0/8] Fix the problem that rxe can not work in net namespace To: Parav Pandit , Mark Lehrer Cc: Zhu Yanjun , "jgg@ziepe.ca" , "leon@kernel.org" , "zyjzyj2000@gmail.com" , "linux-rdma@vger.kernel.org" References: <20230214060634.427162-1-yanjun.zhu@intel.com> <1adb4df4-ee14-1d26-d1ac-49108b2de03d@linux.dev> X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Zhu Yanjun In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Migadu-Flow: FLOW_OUT Precedence: bulk List-ID: X-Mailing-List: linux-rdma@vger.kernel.org 在 2023/4/14 0:42, Parav Pandit 写道: > >> From: Mark Lehrer >> Sent: Thursday, April 13, 2023 12:38 PM >> >>> Initiator is not net ns aware. >> Am I correct in my assessment that this could be a container jailbreak risk? We >> aren't using containers, > Unlikely. because container orchestration must need to give access to the nvme char/misc device to the container. > And it should do it only when nvme initiator/target are net ns aware. > >> but we were shocked that RoCEv2 connections >> magically worked through the physical function which was not in the netns >> context. > I do not understand this part. > If you are in exclusive mode rdma devices must be in respective/appropriate net ns. After applying these commits, rxe works in the exclusive mode. Zhu Yanjun > It unlikely works, may be some misconfiguration. Hard to way without exact commands.