lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 26 Sep 2008 17:57:47 +0800
From:	Chen Zumeng <zumeng.chen@...driver.com>
To:	Ranjit Manomohan <ranjitm@...gle.com>
CC:	gauri@...i.re.kr, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/2] Traffic control cgroups subsystem

±èÀç¿­ wrote:
>> Incorporated fixes suggested by Li Zefan.
>>
>> Please consider for net-next-2.6.
>>
>> This patch provides a simple resource controller (cgroup_tc) based on 
>> the cgroups infrastructure to manage network traffic. The cgroup_tc 
>> resource controller can be used to schedule and shape traffic belonging 
>> to the task(s) in a particular cgroup.
>>
>> The implementation consists of two parts:
>>
>> 1) A resource controller (cgroup_tc) that is used to associate packets from
>>   a particular task belonging to a cgroup with a traffic control class id (
>>   tc_classid). This tc_classid is propagated to all sockets created by tasks
>>   in the cgroup and will be used for classifying packets at the link layer.
>>
>> 2) A new traffic control classifier (cls_cgroup) that can classify packets
>>   based on the tc_classid field in the socket to specific destination classes.
>>
>> An example of the use of this resource controller would be to limit the 
>> traffic from all tasks from a file_server cgroup to 100Mbps. We could 
>> achieve this by doing:
>>
>> # make a cgroup of file transfer processes and assign it a arbitrary 
>> unique # classid of 0x1234 - this will be used later to direct packets.
>> mkdir -p /dev/cgroup
>> mount -t cgroup tc -otc /dev/cgroup
>> mkdir /dev/cgroup/file_transfer
>> echo 0x1234 > /dev/cgroup/file_transfer/tc.classid
>> echo $PID_OF_FILE_XFER_PROCESS > /dev/cgroup/file_transfer/tasks
>>
>> # Now create a HTB class that rate limits traffic to 100mbits and 
>> attach # a filter to direct all traffic from cgroup file_transfer to this new class.
>> tc qdisc add dev eth0 root handle 1: htb tc class add dev eth0 parent 
>> 1: classid 1:10 htb rate 100mbit ceil 100mbit tc filter add dev eth0 
>> parent 1: handle 800 protocol ip prio 1 cgroup value 0x1234 classid 
>> 1:10
>>
>> Signed-off-by: Ranjit Manomohan <ranjitm <at> google.com>
>>
> 
> I installed your patch to kernel-2.6.27-rc7 with some hunkles but without failes.
> After compiling the kernel, I run the command which you wrote above. Most of all commands successfully are run except the last command " tc filter add dev eth0 parent 1: handle 800 protocol ip prio 1 cgroup value 0x1234 classid 1:10"
> 
> After that, I received this messages
> "Unknown filter "cgroup", hence option "value" is unparsable"
> 
> So I operated this command with "strace", then below messages returned.
> ...
> socket(PF_NETLINK, SOCK_RAW, 0)         = 3
> setsockopt(3, SOL_SOCKET, SO_SNDBUF, [32768], 4) = 0 setsockopt(3, SOL_SOCKET, SO_RCVBUF, [32768], 4) = 0 bind(3, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 0 getsockname(3, {sa_family=AF_NETLINK, pid=5452, groups=00000000}, [12]) = 0
> time(NULL)                              = 1222389948
> open("/usr/lib/tc/f_cgroup.so", O_RDONLY) = -1 ENOENT (No such file or directory) write(2, "Unknown filter \"cgroup\", hence o"..., 60Unknown filter "cgroup", hence option "value" is unparsable
I think there may be a file named f_cgroup.c in iproute-2.6.xxxx/tc/,
right? and it looks like tc_group should be supported by tc also.

Regards,
Zumeng
> ) = 60
> close(3)                                = 0
> exit_group(1)                           = ?
> 
> This messages told me tc couldn¡¯t find "f_cgroup.so" library in my system.
> With this message, I thought that we need a modified "tc" command file to recognize the new filter, cgroup.
> 
> And I saw the line in your patch below
> ">Please consider for net-next-2.6."
> What's the meaning of the line?
> I wonder if I have to adopt another patch for net-netxt-2.6 before adopting this patch?
> 
> You didn't mentioned base kernel for this patch.
> I am willing to know the base kernel version and why you didn't mention.
> 
> I've worked couple of days for resolving this problem. But I couldn't find the proper answer yet.
> 
> I'd really thank you if you help me.
> 
> 
> To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo <at> vger.kernel.org More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
> 

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ