On (09/17/18 16:15), Alexei Starovoitov wrote: > > if the goal is to add firewall ability to RDS then the patch set > is going in the wrong direction.
The goal is to add the ability to process scatterlist directly, just like we process skb's today. Your main objection was that you wanted a test case in selftests that was aligned with existing tests, Tushar is working on that patchset. Why dont we wait for that patchset before continuing this discussion further? > May be the right answer is to teach rds to behave like the rest of protocols. > Then all existing tooling and features will 'just work' ? RDS does not need to be taught anything :-) I think KCM is modeled on the RDS stack model. Before we "teach" rds anything, "we" need to understand what RDS does first - google can provide lot of slide-decks that explain the rds stack to you, suggest you look at that first. Meanwhile, how about waiting for Tushar's next patchset, where you will have your selftests that are based on veth/netns just like exising tests for XDP. vxlan etc. I strongly suggest waiting for that. And btw, it would have been very useful/courteous to help with the RFC reviews to start with. --Sowmini
