From: Andi Kleen <andi@firstfloor.org>
To: Daniel Borkmann <daniel@iogearbox.net>
Cc: John Fastabend <john.fastabend@gmail.com>,
kan.liang@intel.com, davem@davemloft.net,
linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
mingo@redhat.com, peterz@infradead.org, kuznet@ms2.inr.ac.ru,
jmorris@namei.org, yoshfuji@linux-ipv6.org, kaber@trash.net,
akpm@linux-foundation.org, keescook@chromium.org,
viro@zeniv.linux.org.uk, gorcunov@openvz.org,
john.stultz@linaro.org, aduyck@mirantis.com, ben@decadent.org.uk,
decot@googlers.com, fw@strlen.de, alexander.duyck@gmail.com,
tom@herbertland.com, rdunlap@infradead.org,
xiyou.wangcong@gmail.com, hannes@stressinduktion.org,
jesse.brandeburg@intel.com, andi@firstfloor.org
Subject: Re: [RFC V2 PATCH 17/25] net/netpolicy: introduce netpolicy_pick_queue
Date: Thu, 4 Aug 2016 15:54:23 -0700 [thread overview]
Message-ID: <20160804225423.GW5871@two.firstfloor.org> (raw)
In-Reply-To: <57A3C404.8010608@iogearbox.net>
> +1, I tried to bring this up here [1] in the last spin. I think only very
> few changes would be needed, f.e. on eBPF side to add a queue setting
> helper function which is probably straight forward ~10loc patch; and with
> regards to actually picking it up after clsact egress, we'd need to adapt
> __netdev_pick_tx() slightly when CONFIG_XPS so it doesn't override it.
You're proposing to rewrite the whole net policy manager as EBPF and run
it in a crappy JITer? Is that a serious proposal? It just sounds crazy
to me.
Especially since we already have a perfectly good compiler and
programming language to write system code in.
EBPF is ok for temporal instrumentation (if you somehow can accept
its security challenges), but using it to replace core
kernel functionality (which network policy IMHO is) with some bizarre
JITed setup and multiple languages doesn't really make any sense.
Especially it doesn't make sense for anything with shared state,
which is the core part of network policy: it negotiates with multiple
users.
After all we're writing Linux here and not some research toy.
Thanks,
-Andi
--
ak@linux.intel.com -- Speaking for myself only.
next prev parent reply other threads:[~2016-08-04 22:54 UTC|newest]
Thread overview: 38+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-04 19:36 [RFC V2 PATCH 00/25] Kernel NET policy kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 01/25] net: introduce " kan.liang
2016-08-04 20:09 ` Randy Dunlap
2016-08-04 19:36 ` [RFC V2 PATCH 02/25] net/netpolicy: init " kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 03/25] net/netpolicy: get device queue irq information kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 04/25] net/netpolicy: get CPU information kan.liang
2016-08-05 11:00 ` Sergei Shtylyov
2016-08-04 19:36 ` [RFC V2 PATCH 05/25] net/netpolicy: create CPU and queue mapping kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 06/25] net/netpolicy: set and remove IRQ affinity kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 07/25] net/netpolicy: enable and disable NET policy kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 08/25] net/netpolicy: introduce NET policy object kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 09/25] net/netpolicy: set NET policy by policy name kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 10/25] net/netpolicy: add three new NET policies kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 11/25] net/netpolicy: add MIX policy kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 12/25] net/netpolicy: NET device hotplug kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 13/25] net/netpolicy: support CPU hotplug kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 14/25] net/netpolicy: handle channel changes kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 15/25] net/netpolicy: implement netpolicy register kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 16/25] net/netpolicy: introduce per socket netpolicy kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 17/25] net/netpolicy: introduce netpolicy_pick_queue kan.liang
2016-08-04 20:21 ` John Fastabend
2016-08-04 22:39 ` Daniel Borkmann
2016-08-04 22:54 ` Andi Kleen [this message]
2016-08-05 0:17 ` Daniel Borkmann
2016-08-05 14:41 ` Tom Herbert
2016-08-05 3:51 ` Tom Herbert
2016-08-05 13:55 ` Liang, Kan
2016-08-05 14:38 ` Tom Herbert
2016-08-04 19:36 ` [RFC V2 PATCH 18/25] net/netpolicy: set Tx queues according to policy kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 19/25] net/netpolicy: set Rx " kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 20/25] net/netpolicy: introduce per task net policy kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 21/25] net/netpolicy: set per task policy by proc kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 22/25] net/netpolicy: fast path for finding the queues kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 23/25] net/netpolicy: optimize for queue pair kan.liang
2016-08-04 19:36 ` [RFC V2 PATCH 24/25] net/netpolicy: limit the total record number kan.liang
2016-08-17 1:43 ` [lkp] [net/netpolicy] 19e7d15d66: EIP: [<c735077b>] netpolicy_unregister+0x23a/0x28a SS:ESP 0068:ceb19d94 kernel test robot
2016-08-04 19:36 ` [RFC V2 PATCH 25/25] Documentation/networking: Document NET policy kan.liang
-- strict thread matches above, loose matches on Subject: below --
2015-01-01 1:38 [RFC V2 PATCH 00/25] Kernel " kan.liang
2015-01-01 1:39 ` [RFC V2 PATCH 17/25] net/netpolicy: introduce netpolicy_pick_queue kan.liang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160804225423.GW5871@two.firstfloor.org \
--to=andi@firstfloor.org \
--cc=aduyck@mirantis.com \
--cc=akpm@linux-foundation.org \
--cc=alexander.duyck@gmail.com \
--cc=ben@decadent.org.uk \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=decot@googlers.com \
--cc=fw@strlen.de \
--cc=gorcunov@openvz.org \
--cc=hannes@stressinduktion.org \
--cc=jesse.brandeburg@intel.com \
--cc=jmorris@namei.org \
--cc=john.fastabend@gmail.com \
--cc=john.stultz@linaro.org \
--cc=kaber@trash.net \
--cc=kan.liang@intel.com \
--cc=keescook@chromium.org \
--cc=kuznet@ms2.inr.ac.ru \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=netdev@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=rdunlap@infradead.org \
--cc=tom@herbertland.com \
--cc=viro@zeniv.linux.org.uk \
--cc=xiyou.wangcong@gmail.com \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).