lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 16 Mar 2016 16:07:50 +0100
From:	Samuel Gauthier <samuel.gauthier@...nd.com>
To:	Pravin Shelar <pshelar@...ira.com>,
	"David S. Miller" <davem@...emloft.net>
Cc:	netdev@...r.kernel.org, dev@...nvswitch.org,
	Samuel Gauthier <samuel.gauthier@...nd.com>
Subject: [PATCH net-next 0/2] ovs: refresh a flow via netlink

This patchset adds a netlink api to refresh an existing flow in
openvswitch.

When a packet is sent in the openvswitch kernel datapath and no
flow is found, the packet is sent to the ovs-vswitchd daemon,
which will process the packet, and ask the kernel to create a new
flow. The next packets for this flow will be processed by the
kernel datapath. If a flow is not used for a (configurable)
period of time, ovs-vswitchd removes the flow from the kernel.

As a result, it can be tricky to test the kernel datapath against
packets, as the first packets of each flow will have to go
through the ovs-vswitchd daemon. For instance, to do a zeroloss
performance test, you establish the flows, and then you have to
perform your zeroloss test before the flow is removed by
ovs-vswitchd.

It is possible to configure a flow timeout in ovs-vswitchd (using
other_config:max-idle option), but it changes the behavior for
all the flows, which is not always what you want.

I tested this with a patch for the openvswitch tree of the
ovs-dpctl mod-flow command, which adds a --refresh flag. I will
submit the patch if this patchset is accepted.

Samuel Gauthier (2):
  ovs: split ovs_flow_stats_update into skb and stats
  ovs: support to refresh a flow via netlink

 net/openvswitch/datapath.c |  4 +++-
 net/openvswitch/flow.c     | 23 ++++++++++++++++++-----
 net/openvswitch/flow.h     |  5 +++--
 3 files changed, 24 insertions(+), 8 deletions(-)

-- 
2.2.1.62.g3f15098

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ