Hello Aleksandr,
Thank you for your review.
On 9/3/25 12:07 PM, Loktionov, Aleksandr wrote:
-----Original Message-----
From: [email protected] <[email protected]>
Sent: Wednesday, September 3, 2025 9:58 AM
To: [email protected]
Cc: [email protected]; [email protected];
[email protected]; [email protected]; Keller, Jacob E
<[email protected]>; Loktionov, Aleksandr
<[email protected]>; Nguyen, Anthony L
<[email protected]>; Kitszel, Przemyslaw
<[email protected]>; Mohammad Heib <[email protected]>
Subject: [PATCH net-next,2/2] i40e: support generic devlink param
"max_mac_per_vf"
From: Mohammad Heib <[email protected]>
Add support for the new generic devlink runtime parameter
"max_mac_per_vf", which controls the maximum number of MAC addresses a
trusted VF can use.
Good day Mohammad,
Thanks for working on this and for the clear explanation in the commit message.
I have a couple of questions and thoughts:
1) Scope of the parameter
The name max_mac_per_vf is a bit ambiguous. From the description,
it seems to apply only to trusted VFs, but the name does not make that
obvious.
Would it make sense to either:
- Make the name reflect that (e.g., max_mac_per_trusted_vf), or
- Introduce two separate parameters for trusted and untrusted VFs if
both cases need to be handled differently?
I agree that the name could be a bit confusing. Since this is a generic
devlink parameter, different devices may handle trusted and untrusted
VFs differently.
For i40e specifically, the device does treat trusted VFs differently
from untrusted ones, and this is documented in devlink/i40e.rst.
However, I chose a more general name to avoid creating a separate
devlink parameter for untrusted VFs, which likely wouldn’t be used.
On reflection, I should update the patch number 1 to remove the
**trusted VF** wording from the description to avoid implying that the
parameter only applies to trusted VFs.
2)Problem statement
It would help to better understand the underlying problem this parameter
is solving.
Is the goal to enforce a global cap for all VFs, or to provide operators
with a way
to fine-tune per-VF limits? From my perspective, the most important part is
clearly stating the problem and the use case.
My main goal here is to enforce a global cap for all VFs.
There was a long discussion [1] about this, and one of the ideas raised
was to create fine-tuned per-VF limits using devlink resources instead
of a parameter
However, currently in i40e, we only create a devlink port per PF and no
devlink ports per VF.
Implementing the resource-per-VF approach would therefore require some
extra work.
so i decided to go with this global cap for now.
[1] -
https://patchwork.kernel.org/project/netdevbpf/patch/[email protected]/
3)Granularity
If the intent is to give operators flexibility, a single global parameter
might not be enough.
For example, limiting the number of MAC filters per specific VF (or having
different limits for trusted vs. untrusted)
could be a real-world requirement. This patch doesn't seem to address that
scenario.
Could you share more details about the use case and whether per-VF granularity
was considered?
Thanks again for the work on this. Looking forward to your thoughts.
Best regards,
Aleksandr
please see -
https://patchwork.kernel.org/project/netdevbpf/patch/[email protected]/
By default (value 0), the driver enforces its internally calculated
per-VF MAC filter limit. A non-zero value acts as a strict cap,
overriding the internal calculation.
Please note that the configured value is only a theoretical maximum
and a hardware limits may still apply.
- Previous discussion about this change:
https://lore.kernel.org/netdev/20250805134042.2604897-1-
[email protected]
https://lore.kernel.org/netdev/20250823094952.182181-1-
[email protected]
Signed-off-by: Mohammad Heib <[email protected]>
---
...
--
2.50.1
Thank you,
