lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 24 Jan 2017 09:37:34 +0100
From:   Jiri Pirko <jiri@...nulli.us>
To:     Simon Horman <simon.horman@...ronome.com>
Cc:     netdev@...r.kernel.org, davem@...emloft.net, yotamg@...lanox.com,
        idosch@...lanox.com, eladr@...lanox.com, nogahf@...lanox.com,
        ogerlitz@...lanox.com, jhs@...atatu.com, geert+renesas@...der.be,
        stephen@...workplumber.org, xiyou.wangcong@...il.com,
        linux@...ck-us.net, roopa@...ulusnetworks.com,
        john.fastabend@...il.com, mrv@...atatu.com
Subject: Re: [patch net-next v2 1/4] net: Introduce psample, a new genetlink
 channel for packet sampling

Tue, Jan 24, 2017 at 09:32:05AM CET, simon.horman@...ronome.com wrote:
>On Mon, Jan 23, 2017 at 11:07:08AM +0100, Jiri Pirko wrote:
>> From: Yotam Gigi <yotamg@...lanox.com>
>> 
>> Add a general way for kernel modules to sample packets, without being tied
>> to any specific subsystem. This netlink channel can be used by tc,
>> iptables, etc. and allow to standardize packet sampling in the kernel.
>> 
>> For every sampled packet, the psample module adds the following metadata
>> fields:
>> 
>> PSAMPLE_ATTR_IIFINDEX - the packets input ifindex, if applicable
>> 
>> PSAMPLE_ATTR_OIFINDEX - the packet output ifindex, if applicable
>> 
>> PSAMPLE_ATTR_ORIGSIZE - the packet's original size, in case it has been
>>    truncated during sampling
>> 
>> PSAMPLE_ATTR_SAMPLE_GROUP - the packet's sample group, which is set by the
>>    user who initiated the sampling. This field allows the user to
>>    differentiate between several samplers working simultaneously and
>>    filter packets relevant to him
>> 
>> PSAMPLE_ATTR_GROUP_SEQ - sequence counter of last sent packet. The
>>    sequence is kept for each group
>> 
>> PSAMPLE_ATTR_SAMPLE_RATE - the sampling rate used for sampling the packets
>> 
>> PSAMPLE_ATTR_DATA - the actual packet bits
>> 
>> The sampled packets are sent to the PSAMPLE_NL_MCGRP_SAMPLE multicast
>> group. In addition, add the GET_GROUPS netlink command which allows the
>> user to see the current sample groups, their refcount and sequence number.
>> This command currently supports only netlink dump mode.
>> 
>> Signed-off-by: Yotam Gigi <yotamg@...lanox.com>
>> Signed-off-by: Jiri Pirko <jiri@...lanox.com>
>> Reviewed-by: Jamal Hadi Salim <jhs@...atatu.com>
>
>Hi Jiri, Hi Yotam,
>
>this looks good to me.
>
>Reviewed-by: Simon Horman <simon.horman@...ronome.com>
>
>I do, however, have one question: what is your feeling about allowing
>the per-action cooking which Jamal has proposed[1] to be emited as
>metadata as another PSAMPLE_ATTR_* attribute? For one thing I think it
>would allow for smooth integration with OvS user-space which makes use of a
>cookie.

Yeah, cookie could be easily added.

Powered by blists - more mailing lists