Hi all, On Wed, May 3, 2023 at 11:22 AM Daniel P. Berrangé <berra...@redhat.com> wrote: > > On Mon, May 01, 2023 at 10:20:56AM +0300, Andrew Melnychenko wrote: > > This series of patches provides the ability to retrieve eBPF program > > through qmp, so management application may load bpf blob with proper > > capabilities. > > Now, virtio-net devices can accept eBPF programs and maps through properties > > as external file descriptors. Access to the eBPF map is direct through > > mmap() > > call, so it should not require additional capabilities to bpf* calls. > > eBPF file descriptors can be passed to QEMU from parent process or by unix > > socket with sendfd() qmp command. > > > > Possible solution for libvirt may look like this: > > https://github.com/daynix/libvirt/tree/RSS_eBPF (WIP) > > Is that complete enough to be running guests ? If so, have you > successfully tested with a QEMU running under qemu:///system > as the qemu:qemu user, to prove it works without any extra > capabilities being needed ?
Yeah, but still working on it. Overall, QEMU doesn't require additional capabilities. Map update through mmap doesn't require any. Tested with qemu://system. There is still an issue with cache for libvirt. > > With regards, > Daniel > -- > |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| > |: https://libvirt.org -o- https://fstop138.berrange.com :| > |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| >
