| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Jul 2016 21:20:56 +0200 From: Jiri Pirko <jiri@...nulli.us> To: Florian Fainelli <f.fainelli@...il.com> Cc: netdev@...r.kernel.org, davem@...emloft.net, yotamg@...lanox.com, eladr@...lanox.com, idosch@...lanox.com, nogahf@...lanox.com, ogerlitz@...lanox.com, jhs@...atatu.com, Andrew Lunn <andrew@...n.ch> Subject: Re: [patch net-next v2 0/9] mlxsw: implement port mirroring offload Fri, Jul 22, 2016 at 08:24:31PM CEST, f.fainelli@...il.com wrote: >On 07/21/2016 03:03 AM, Jiri Pirko wrote: >> From: Jiri Pirko <jiri@...lanox.com> >> >> This patchset introduces tc matchall classifier and its offload >> to Spectrum hardware. In combination with mirred action, defined port mirroring >> setup is offloaded by mlxsw/spectrum driver. >> >> The commands used for creating mirror ports: >> >> # ingress mirroring using matchall >> tc qdisc add dev eth25 handle ffff: ingress >> tc filter add dev eth25 parent ffff: \ >> matchall skip_sw \ >> action mirred egress mirror \ >> dev eth27 >> >> # egress mirroring using matchall >> tc qdisc add dev eth25 handle 1: root prio >> tc filter add dev eth25 parent 1: \ >> matchall skip_sw \ >> action mirred egress mirror \ >> dev eth27 > >Is there any logic that guards against the following cases where the >target device is: > >- outside of the switch hardware/cluster (which would imply going >through software)? In that case only kernel (slow) path can be used. Not possible to offload of course. >- has a downstream speed which is lower than the mirrored device? The default behaviour is "strict" which means that if the mirrored packet can't be send, the packet is dropped. That is aligned with the behaviour of act_mirred. > >this might already be in place for 1), I just could not locate it, thanks! > >> >> These patches contain: >> - Resource query implementation >> - Hardware port mirorring support for spectrum. >> - Definition of the matchall traffic classifier. >> - General support for hw-offloading for that classifier. >> - Specific spectrum implementaion for matchall offloading. >> >> --- >> v1->v2: >> - couple of minor style fixes >> >> Jiri Pirko (1): >> net/sched: introduce Match-all classifier >> >> Nogah Frankel (2): >> mlxsw: pci: Add resources query implementation. >> mlxsw: pci: Add max span resources to resources query >> >> Yotam Gigi (6): >> net/sched: Add match-all classifier hw offloading. >> mlxsw: reg: Add Shared Buffer Internal Buffer register >> mlxsw: reg: Add Monitoring Port Analyzer Table register >> mlxsw: reg: Add the Monitoring Port Analyzer register >> net/sched: act_mirred: Add helper inlines to access tcf_mirred info. >> mlxsw: spectrum: Add support in matchall mirror TC offloading >> >> drivers/net/ethernet/mellanox/mlxsw/cmd.h | 32 ++ >> drivers/net/ethernet/mellanox/mlxsw/core.c | 10 +- >> drivers/net/ethernet/mellanox/mlxsw/core.h | 11 +- >> drivers/net/ethernet/mellanox/mlxsw/pci.c | 64 +++- >> drivers/net/ethernet/mellanox/mlxsw/reg.h | 162 +++++++++ >> drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 465 ++++++++++++++++++++++++- >> drivers/net/ethernet/mellanox/mlxsw/spectrum.h | 44 +++ >> drivers/net/ethernet/mellanox/mlxsw/switchx2.c | 1 + >> include/linux/netdevice.h | 2 + >> include/net/pkt_cls.h | 11 + >> include/net/tc_act/tc_mirred.h | 9 + >> include/uapi/linux/pkt_cls.h | 12 + >> net/sched/Kconfig | 10 + >> net/sched/Makefile | 1 + >> net/sched/cls_matchall.c | 318 +++++++++++++++++ >> 15 files changed, 1148 insertions(+), 4 deletions(-) >> create mode 100644 net/sched/cls_matchall.c >> > > >-- >Florian
Powered by blists - more mailing lists