From owner-freebsd-virtualization@FreeBSD.ORG Tue May 19 20:31:35 2009 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8C7611065672 for ; Tue, 19 May 2009 20:31:35 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outA.internet-mail-service.net (outa.internet-mail-service.net [216.240.47.224]) by mx1.freebsd.org (Postfix) with ESMTP id 6ABEB8FC18 for ; Tue, 19 May 2009 20:31:35 +0000 (UTC) (envelope-from julian@elischer.org) Received: from idiom.com (mx0.idiom.com [216.240.32.160]) by out.internet-mail-service.net (Postfix) with ESMTP id C45CE14DD58; Tue, 19 May 2009 13:31:35 -0700 (PDT) X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e X-Client-Authorized: MaGic Cook1e Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 89EF52D600F; Tue, 19 May 2009 13:31:34 -0700 (PDT) Message-ID: <4A131726.6010003@elischer.org> Date: Tue, 19 May 2009 13:31:34 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302) MIME-Version: 1.0 To: John Baldwin References: <200905182234.n4IMYifY077079@svn.freebsd.org> <200905190819.12407.jhb@freebsd.org> <4A12E85B.7050107@elischer.org> <200905191330.54024.jhb@freebsd.org> In-Reply-To: <200905191330.54024.jhb@freebsd.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: "Bjoern A. Zeeb" , src-committers@freebsd.org, FreeBSD virtualization mailing list Subject: Re: svn commit: r192351 - head/sys/netinet X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 May 2009 20:31:35 -0000 John Baldwin wrote: > On Tuesday 19 May 2009 1:11:55 pm Julian Elischer wrote: >> John Baldwin wrote: >>> On Monday 18 May 2009 6:34:44 pm Bjoern A. Zeeb wrote: >>>> Author: bz >>>> Date: Mon May 18 22:34:44 2009 >>>> New Revision: 192351 >>>> URL: http://svn.freebsd.org/changeset/base/192351 >>>> >>>> Log: >>>> Revert the logical change of r192341. >>>> >>>> net.inet.ip.fw.one_pass is a classic ip_input.c variable and is used in >>>> the pfil and bridge code as well. As ipfw is loadable we need to always >>>> provide it. That is the reason why it lives in struct vnet_inet and >>>> not in struct vnet_ipfw. >>> Gah, I had thought I had seen it in vnet_ipfw when adding > default_to_accept >>> (as at first I had looked into making default_to_accept per-image but >>> tunables + VIMAGE don't mix). >> we need to look at this.. what does it MEAN to have a tunable and >> multiple images? my guess is that normal tunables are only valid for >> teh base image, but that one might have a way to set the 'tunables' >> for one's child images.. possibly by setting them in one's environment? > > Do you have a kernel environment per vimage? If not, you could still have > per-vimage variables that are settable via tunables look at kenv during > vimage creation to parse any tunables perhaps. However, that is possibly > tricky since you can sometimes use sysctl.conf to override a setting done via > loader.conf and in that case, what value should a new vimage get > One could make the argument that tunables are set from outside the base jail (i.e. at boot), and that the equivalent should exist for each image/jail, where what is outside the jail is the parent jail. We do not have a kernel environment per jail, but I think that is because we haven't thought of it until now. I'd suggest that just as you inherit new environment values from a parent process, you could inherrit a 'changed' kernel environment from a parent image, and in fact a parent might want to send you differnet vale of something (e.g. linux uname value). :-) The