From: Parav Pandit <parav@nvidia.com>
To: Mark Lehrer <lehrer@gmail.com>
Cc: Zhu Yanjun <yanjun.zhu@linux.dev>,
Zhu Yanjun <yanjun.zhu@intel.com>, "jgg@ziepe.ca" <jgg@ziepe.ca>,
"leon@kernel.org" <leon@kernel.org>,
"zyjzyj2000@gmail.com" <zyjzyj2000@gmail.com>,
"linux-rdma@vger.kernel.org" <linux-rdma@vger.kernel.org>
Subject: RE: [PATCHv3 0/8] Fix the problem that rxe can not work in net namespace
Date: Thu, 13 Apr 2023 16:42:18 +0000 [thread overview]
Message-ID: <PH0PR12MB5481CA9F5AE04CE5295E7552DC989@PH0PR12MB5481.namprd12.prod.outlook.com> (raw)
In-Reply-To: <CADvaNzXDBKiXi5hiaiwYh5_ShqW_EVBfLhwNbk+Yck8V7DQ-fQ@mail.gmail.com>
> From: Mark Lehrer <lehrer@gmail.com>
> Sent: Thursday, April 13, 2023 12:38 PM
>
> > Initiator is not net ns aware.
>
> Am I correct in my assessment that this could be a container jailbreak risk? We
> aren't using containers,
Unlikely. because container orchestration must need to give access to the nvme char/misc device to the container.
And it should do it only when nvme initiator/target are net ns aware.
> but we were shocked that RoCEv2 connections
> magically worked through the physical function which was not in the netns
> context.
I do not understand this part.
If you are in exclusive mode rdma devices must be in respective/appropriate net ns.
It unlikely works, may be some misconfiguration. Hard to way without exact commands.
next prev parent reply other threads:[~2023-04-13 16:42 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-14 6:06 [PATCHv3 0/8] Fix the problem that rxe can not work in net namespace Zhu Yanjun
2023-02-14 6:06 ` [PATCHv3 1/8] RDMA/rxe: Creating listening sock in newlink function Zhu Yanjun
2023-02-23 13:10 ` Zhu Yanjun
2023-02-14 6:06 ` [PATCHv3 2/8] RDMA/rxe: Support more rdma links in init_net Zhu Yanjun
2023-02-23 13:10 ` Zhu Yanjun
2023-02-14 6:06 ` [PATCHv3 3/8] RDMA/nldev: Add dellink function pointer Zhu Yanjun
2023-02-23 13:11 ` Zhu Yanjun
2023-02-14 6:06 ` [PATCHv3 4/8] RDMA/rxe: Implement dellink in rxe Zhu Yanjun
2023-02-23 13:12 ` Zhu Yanjun
2023-02-14 6:06 ` [PATCHv3 5/8] RDMA/rxe: Replace global variable with sock lookup functions Zhu Yanjun
2023-02-23 13:13 ` Zhu Yanjun
2023-02-14 6:06 ` [PATCHv3 6/8] RDMA/rxe: add the support of net namespace Zhu Yanjun
2023-02-23 13:14 ` Zhu Yanjun
2023-02-14 6:06 ` [PATCHv3 7/8] RDMA/rxe: Add the support of net namespace notifier Zhu Yanjun
2023-02-23 13:14 ` Zhu Yanjun
2023-02-14 6:06 ` [PATCHv3 8/8] RDMA/rxe: Replace l_sk6 with sk6 in net namespace Zhu Yanjun
2023-02-23 13:15 ` Zhu Yanjun
2023-02-23 0:31 ` [PATCHv3 0/8] Fix the problem that rxe can not work " Zhu Yanjun
2023-02-23 4:56 ` Jakub Kicinski
2023-02-23 11:42 ` Zhu Yanjun
2023-02-25 8:43 ` Rain River
2023-04-12 17:22 ` Mark Lehrer
2023-04-12 21:01 ` Mark Lehrer
2023-04-13 7:22 ` Zhu Yanjun
2023-04-13 13:00 ` Mark Lehrer
2023-04-13 13:05 ` Parav Pandit
2023-04-13 15:38 ` Mark Lehrer
2023-04-13 16:20 ` Parav Pandit
2023-04-13 16:23 ` Parav Pandit
2023-04-13 16:37 ` Mark Lehrer
2023-04-13 16:42 ` Parav Pandit [this message]
2023-04-14 15:49 ` Zhu Yanjun
[not found] ` <CADvaNzWfS5TFQ3b5JyaKFft06ihazadSJ15V3aXvWZh1jp1cCA@mail.gmail.com>
2023-04-14 16:24 ` Mark Lehrer
2023-04-15 13:35 ` Zhu Yanjun
2023-04-19 0:43 ` Parav Pandit
2023-04-19 4:19 ` Zhu Yanjun
2023-04-19 18:01 ` Mark Lehrer
2023-04-20 14:28 ` Zhu Yanjun
2023-04-13 7:17 ` Zhu Yanjun
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=PH0PR12MB5481CA9F5AE04CE5295E7552DC989@PH0PR12MB5481.namprd12.prod.outlook.com \
--to=parav@nvidia.com \
--cc=jgg@ziepe.ca \
--cc=lehrer@gmail.com \
--cc=leon@kernel.org \
--cc=linux-rdma@vger.kernel.org \
--cc=yanjun.zhu@intel.com \
--cc=yanjun.zhu@linux.dev \
--cc=zyjzyj2000@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.