Re: git: f4e35c044c89 - main - bus: Set the current VNET in device_attach()

From: Bjoern A. Zeeb <bz_at_FreeBSD.org>
Date: Sat, 19 Oct 2024 23:50:40 UTC
On Sat, 19 Oct 2024, Mark Johnston wrote:

> On Sat, Oct 19, 2024 at 07:10:53PM +0300, Konstantin Belousov wrote:
>> On Sat, Oct 19, 2024 at 11:36:32AM -0400, John Baldwin wrote:
>>> On 10/19/24 09:04, Mark Johnston wrote:
>>>> The branch main has been updated by markj:
>>>>
>>>> URL: https://cgit.FreeBSD.org/src/commit/?id=f4e35c044c8988b7452cefbdcc417f5fd723e021
>>>>
>>>> commit f4e35c044c8988b7452cefbdcc417f5fd723e021
>>>> Author:     Mark Johnston <markj@FreeBSD.org>
>>>> AuthorDate: 2024-10-19 13:03:56 +0000
>>>> Commit:     Mark Johnston <markj@FreeBSD.org>
>>>> CommitDate: 2024-10-19 13:03:56 +0000
>>>>
>>>>      bus: Set the current VNET in device_attach()
>>>>      Some drivers, in particular anything which creates an ifnet during
>>>>      attach, need to have the current VNET set, as if_attach_internal() and
>>>>      its callees access VNET-global variables.
>>>>      device_probe_and_attach() handles this, but this is not the only way to
>>>>      arrive in DEVICE_ATTACH.  In particular, bus drivers may invoke
>>>>      device_attach() directly, as does devctl2's DEV_ENABLE ioctl handler.
>>>>      So, set the current VNET in device_attach() instead.
>>>>      I believe it is always safe to use vnet0, as devctl2 ioctls are not
>>>>      permitted within a jail.
>>>>      PR:             282168
>>>>      Reviewed by:    zlei, kevans, bz, imp, glebius
>>>>      MFC after:      1 week
>>>>      Differential Revision:  https://reviews.freebsd.org/D47174
>>>
>>> Hmm, there was some other review I thought that had a completely different change.
>>> That change removed all the vnet stuff from new-bus and instead handled it in
>>> if.c.  Specifically, that if_attach would set a default vnet to vnet0 if there
>>> wasn't an active vnet at the time.  See all the discussion in
>>> https://reviews.freebsd.org/D42678 which has a patch that I think is correct
>>> in the comments.

There it was; thanks I didn't misremeber but couldn't find it.


> Gleb's proposal, described a bit in D47147, is to require device-based
> ifnet drivers to fully detach themselves from the parent bus in order to
> change VNETs.  The intent is to eliminate the need for if_vmove() and
> all the complexity it entails.  This would also eliminate the need for a
> "home" VNET, referenced in the patch that you reference here.

Will it?

I asked for a discussion elsewhere but it seems we are having it here now...

I am still inclined to ask:
- how do you want a vnet to attach an unknown to itself device?  From
   the outside?
- How to you pass it to a child-vnet without escalating priviledges to
   outside of the host system (vnet0)?
- Is, e.g., a vcc device [CXGBE(4)] a physical interface?
- How do you pass a controlled set of other non-clonable devices in (or
   did we get rid of them all)?   The inital idea was still that the
   "host" has somehow control over what child can create...
   { I recently tried tuntap in a vnet and it blew up badly by not going
   away }
- exmaple: I really would love, e.g., a vlan interface to be passed to a
   vnet but but not the pyhsical interface.  Can we?
- How will we do with wlan interfaces (which are cloned) but may not own
   the hardware (kind-of similar to the vcc example)?  I know there are
   special PRIV checks for those currently.
- how does a detach in a vnet work and where will the physical interface
   re-appear for (automatic) attachment?  just detached in that jail?
   vnet0?  the parent jail?
- what happens on vnet destroy? (same as last question)?
- Are we just going to build a vmove on a layer which doesn't have
   anything to do with networking per-se as a special case for some
   interfaces but not others?

>> In fact, I think that bus level is better.  At least, I know that detach
>> also might need something by vnet (e.g. mce(4) needs to clear the IPSEC
>> offload database on detach, although it still does not do).
>
> Shouldn't something like this be handled by
> if_detach()/ether_ifdetach()?  Posed another way, why does device detach
> itself need to care about the VNET?

IPSec should probably be handled in the per-AF specific data of the
interface and be cleared up automatically.  If that needs downcalls into
HW that's likely where they belong.  It has nothing to do with ether(4);
wrong layer.


> I tend to agree that having VNET knowledge in subr_bus.c is a hack.  My
> aim was just to fix the panic without making the hack worse.
>
>> It sounds as if bus_topo_lock() is the right place.  May be some other
>> name for it is better, like bus_topo_changes_enter().
>

-- 
Bjoern A. Zeeb                                                     r15:7