Re: [PATCH net-next 0/3] support changing steering policies in tuntap

[PATCH net-next 0/3] support changing steering policies in tuntap · Jason Wang <jasowang@redhat.com> · 2017-09-27
[PATCH net-next 2/3] tun: introduce ioctls to set and get steering policies · Jason Wang <jasowang@redhat.com> · 2017-09-27
[PATCH net-next 1/3] tun: abstract flow steering logic · Jason Wang <jasowang@redhat.com> · 2017-09-27
[PATCH net-next 3/3] tun: introduce cpu id based steering policy · Jason Wang <jasowang@redhat.com> · 2017-09-27
Re: [PATCH net-next 0/3] support changing steering policies in tuntap · "Michael S. Tsirkin" <mst@redhat.com> · 2017-09-27
Re: [PATCH net-next 0/3] support changing steering policies in tuntap · Willem de Bruijn <willemdebruijn.kernel@gmail.com> · 2017-09-27
Re: [PATCH net-next 0/3] support changing steering policies in tuntap · Tom Herbert <hidden> · 2017-09-28
Re: [PATCH net-next 0/3] support changing steering policies in tuntap · Jason Wang <jasowang@redhat.com> · 2017-09-28
Re: [PATCH net-next 0/3] support changing steering policies in tuntap · Jason Wang <jasowang@redhat.com> · 2017-09-28
Re: [PATCH net-next 0/3] support changing steering policies in tuntap · Willem de Bruijn <willemdebruijn.kernel@gmail.com> · 2017-09-28
Re: [PATCH net-next 0/3] support changing steering policies in tuntap · Jason Wang <jasowang@redhat.com> · 2017-09-29
Re: [PATCH net-next 0/3] support changing steering policies in tuntap · "Michael S. Tsirkin" <mst@redhat.com> · 2017-10-01
Re: [PATCH net-next 0/3] support changing steering policies in tuntap · Jason Wang <jasowang@redhat.com> · 2017-09-28

From: "Michael S. Tsirkin" <mst@redhat.com>
Date: 2017-10-01 03:28:07
Also in: lkml

On Thu, Sep 28, 2017 at 12:09:05PM -0400, Willem de Bruijn wrote:

Programming from the guest is
indeed different. I don't fully understand that use case.

Generally programming host BPF from guest is a clear win - think DOS
protection. Guest runs logic to detect dos attacks, then passes the
program to host.  Afterwards, host does not need to enter guest if
there's a DOS attack. Saves a ton of cycles.

The difficulty is making it work well, e.g. how do we handle maps?

-- 
MST

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help