Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751127AbdJAD2H (ORCPT ); Sat, 30 Sep 2017 23:28:07 -0400 Received: from mx1.redhat.com ([209.132.183.28]:41312 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750730AbdJAD2F (ORCPT ); Sat, 30 Sep 2017 23:28:05 -0400 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 73AB6883BD Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx02.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=mst@redhat.com Date: Sun, 1 Oct 2017 06:28:04 +0300 From: "Michael S. Tsirkin" To: Willem de Bruijn Cc: Jason Wang , Network Development , LKML Subject: Re: [PATCH net-next 0/3] support changing steering policies in tuntap Message-ID: <20171001062520-mutt-send-email-mst@kernel.org> References: <1506500637-13881-1-git-send-email-jasowang@redhat.com> <20170927230042-mutt-send-email-mst@kernel.org> <26f01b12-396e-6319-0eed-c987930e0ed9@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.26]); Sun, 01 Oct 2017 03:28:05 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 485 Lines: 13 On Thu, Sep 28, 2017 at 12:09:05PM -0400, Willem de Bruijn wrote: > Programming from the guest is > indeed different. I don't fully understand that use case. Generally programming host BPF from guest is a clear win - think DOS protection. Guest runs logic to detect dos attacks, then passes the program to host. Afterwards, host does not need to enter guest if there's a DOS attack. Saves a ton of cycles. The difficulty is making it work well, e.g. how do we handle maps? -- MST