lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 22 Jul 2016 12:26:30 -0700
From:	Florian Fainelli <f.fainelli@...il.com>
To:	Jiri Pirko <jiri@...nulli.us>
Cc:	netdev@...r.kernel.org, davem@...emloft.net, yotamg@...lanox.com,
	eladr@...lanox.com, idosch@...lanox.com, nogahf@...lanox.com,
	ogerlitz@...lanox.com, jhs@...atatu.com,
	Andrew Lunn <andrew@...n.ch>
Subject: Re: [patch net-next v2 0/9] mlxsw: implement port mirroring offload

On 07/22/2016 12:20 PM, Jiri Pirko wrote:
> Fri, Jul 22, 2016 at 08:24:31PM CEST, f.fainelli@...il.com wrote:
>> On 07/21/2016 03:03 AM, Jiri Pirko wrote:
>>> From: Jiri Pirko <jiri@...lanox.com>
>>>
>>> This patchset introduces tc matchall classifier and its offload
>>> to Spectrum hardware. In combination with mirred action, defined port mirroring
>>> setup is offloaded by mlxsw/spectrum driver.
>>>
>>> The commands used for creating mirror ports:
>>>
>>> # ingress mirroring using matchall
>>> tc qdisc  add dev eth25 handle ffff: ingress
>>> tc filter add dev eth25 parent ffff:            \
>>>         matchall skip_sw                        \
>>>         action mirred egress mirror             \
>>>         dev eth27
>>>
>>> # egress mirroring using matchall
>>> tc qdisc add dev eth25 handle 1: root prio
>>> tc filter add dev eth25 parent 1:               \
>>>         matchall skip_sw                        \
>>>         action mirred egress mirror             \
>>>         dev eth27
>>
>> Is there any logic that guards against the following cases where the
>> target device is:
>>
>> - outside of the switch hardware/cluster (which would imply going
>> through software)?
> 
> In that case only kernel (slow) path can be used. Not possible to
> offload of course.

So then what happens if I target a device that is outside of the switch,
do we get an error like -EOPNOTSUPP, or this just silently succeeed, but
nothing happens?

> 
> 
>> - has a downstream speed which is lower than the mirrored device?
> 
> The default behaviour is "strict" which means that if the mirrored
> packet can't be send, the packet is dropped. That is aligned with the
> behaviour of act_mirred.

What determines if the packet can be sent or not?

> 
> 
>>
>> this might already be in place for 1), I just could not locate it, thanks!
>>
>>>
>>> These patches contain:
>>>  - Resource query implementation
>>>  - Hardware port mirorring support for spectrum.
>>>  - Definition of the matchall traffic classifier.
>>>  - General support for hw-offloading for that classifier.
>>>  - Specific spectrum implementaion for matchall offloading.
>>>
>>> ---
>>> v1->v2:
>>>  - couple of minor style fixes
>>>
>>> Jiri Pirko (1):
>>>   net/sched: introduce Match-all classifier
>>>
>>> Nogah Frankel (2):
>>>   mlxsw: pci: Add resources query implementation.
>>>   mlxsw: pci: Add max span resources to resources query
>>>
>>> Yotam Gigi (6):
>>>   net/sched: Add match-all classifier hw offloading.
>>>   mlxsw: reg: Add Shared Buffer Internal Buffer register
>>>   mlxsw: reg: Add Monitoring Port Analyzer Table register
>>>   mlxsw: reg: Add the Monitoring Port Analyzer register
>>>   net/sched: act_mirred: Add helper inlines to access tcf_mirred info.
>>>   mlxsw: spectrum: Add support in matchall mirror TC offloading
>>>
>>>  drivers/net/ethernet/mellanox/mlxsw/cmd.h      |  32 ++
>>>  drivers/net/ethernet/mellanox/mlxsw/core.c     |  10 +-
>>>  drivers/net/ethernet/mellanox/mlxsw/core.h     |  11 +-
>>>  drivers/net/ethernet/mellanox/mlxsw/pci.c      |  64 +++-
>>>  drivers/net/ethernet/mellanox/mlxsw/reg.h      | 162 +++++++++
>>>  drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 465 ++++++++++++++++++++++++-
>>>  drivers/net/ethernet/mellanox/mlxsw/spectrum.h |  44 +++
>>>  drivers/net/ethernet/mellanox/mlxsw/switchx2.c |   1 +
>>>  include/linux/netdevice.h                      |   2 +
>>>  include/net/pkt_cls.h                          |  11 +
>>>  include/net/tc_act/tc_mirred.h                 |   9 +
>>>  include/uapi/linux/pkt_cls.h                   |  12 +
>>>  net/sched/Kconfig                              |  10 +
>>>  net/sched/Makefile                             |   1 +
>>>  net/sched/cls_matchall.c                       | 318 +++++++++++++++++
>>>  15 files changed, 1148 insertions(+), 4 deletions(-)
>>>  create mode 100644 net/sched/cls_matchall.c
>>>
>>
>>
>> -- 
>> Florian


-- 
Florian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ