Re: [RFC V2 PATCH 00/25] Kernel NET policy

[Alexei Starovoitov]

On Wed, Dec 31, 2014 at 08:38:49PM -0500, kan.liang@xxxxxxxxx wrote:
> 
> Changes since V1:
>  - Using work queue to set Rx network flow classification rules and search
>    available NET policy object asynchronously.
>  - Using RCU lock to replace read-write lock
>  - Redo performance test and update performance results.
>  - Some minor modification for codes and documents.
>  - Remove i40e related patches which will be submitted in separate thread.

Most of the issues brought up in the prior submission were not addressed,
so one more NACK from me as well.
My objection with this approach is the same as others:
such policy doesn't belong in the kernel.

>  1. Why userspace tool cannot do the same thing?
>     A: Kernel is more suitable for NET policy.
>        - User space code would be far more complicated to get right and perform
>          well . It always need to work with out of date state compared to the
>          latest, because it cannot do any locking with the kernel state.
>        - User space code is less efficient than kernel code, because of the
>          additional context switches needed.
>        - Kernel is in the right position to coordinate requests from multiple
>          users.

and above excuses is the reason to hack flow director rules in the kernel?
You can do the same in user space. It's not a kernel job.