Re: [PATCH net-next 0/3] support changing steering policies in tuntap

From: Michael S. Tsirkin
Date: Sat Sep 30 2017 - 23:28:14 EST

Previous message: Michael S. Tsirkin: "Re: [PATCH v16 5/5] virtio-balloon: VIRTIO_BALLOON_F_CTRL_VQ"
In reply to: Jason Wang: "Re: [PATCH net-next 0/3] support changing steering policies in tuntap"
Next in thread: Jason Wang: "Re: [PATCH net-next 0/3] support changing steering policies in tuntap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Sep 28, 2017 at 12:09:05PM -0400, Willem de Bruijn wrote:
> Programming from the guest is
> indeed different. I don't fully understand that use case.

Generally programming host BPF from guest is a clear win - think DOS
protection. Guest runs logic to detect dos attacks, then passes the
program to host. Afterwards, host does not need to enter guest if
there's a DOS attack. Saves a ton of cycles.

The difficulty is making it work well, e.g. how do we handle maps?

--
MST

Previous message: Michael S. Tsirkin: "Re: [PATCH v16 5/5] virtio-balloon: VIRTIO_BALLOON_F_CTRL_VQ"
In reply to: Jason Wang: "Re: [PATCH net-next 0/3] support changing steering policies in tuntap"
Next in thread: Jason Wang: "Re: [PATCH net-next 0/3] support changing steering policies in tuntap"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]