On Thu, Oct 01, 2015 at 07:55:20AM -0700, Stephen Hemminger wrote: > On Thu, 1 Oct 2015 13:14:08 +0300 > "Michael S. Tsirkin" <mst at redhat.com> wrote: > > > On Thu, Oct 01, 2015 at 12:43:53PM +0300, Avi Kivity wrote: > > > >There were some tentative to get it for other (older) drivers, named > > > >'bifurcated drivers', but it is stalled. > > > > > > IIRC they still exposed the ring to userspace. > > > > How much would a ring write syscall cost? 1-2 microseconds, isn't it? > > The per-packet budget at 10G is 62ns, a syscall just doesn't cut it.
If you give up on privacy and only insist on security (can read all kernel memory, can't corrupt it), then you only need the syscall to re-arm RX descriptors, and these can be batched aggressively without impacting latency. -- MST
