lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 4 Jan 2018 07:55:05 -0500
From:   Jamal Hadi Salim <jhs@...atatu.com>
To:     Jiri Pirko <jiri@...nulli.us>, Jakub Kicinski <kubakici@...pl>
Cc:     David Ahern <dsahern@...il.com>, netdev@...r.kernel.org,
        davem@...emloft.net, xiyou.wangcong@...il.com, mlxsw@...lanox.com,
        andrew@...n.ch, vivien.didelot@...oirfairelinux.com,
        f.fainelli@...il.com, michael.chan@...adcom.com,
        ganeshgr@...lsio.com, saeedm@...lanox.com, matanb@...lanox.com,
        leonro@...lanox.com, idosch@...lanox.com,
        simon.horman@...ronome.com, pieter.jansenvanvuuren@...ronome.com,
        john.hurley@...ronome.com, alexander.h.duyck@...el.com,
        ogerlitz@...lanox.com, john.fastabend@...il.com,
        daniel@...earbox.net
Subject: Re: [patch net-next v4 00/10] net: sched: allow qdiscs to share
 filter block instances


On the egress issue and sharing.

Let me provide a simple example to illustrate.

tc qdisc add dev enps7 root handle 1: prio block 1

Creates 3 classes

$ tc class ls dev enps7
   class prio 1:1 parent 1:
   class prio 1:2 parent 1:
   class prio 1:3 parent 1:

tc qdisc add dev enps8 root handle 10: prio block 1

Creates 3 classes

$ tc class ls dev enps8
   class prio 10:1 parent 10:
   class prio 10:2 parent 10:
   class prio 10:3 parent 10:

So now i add filters, today I can do:

tc filter add dev enps7 parent 1:0 protocol ip priority 10 flower ...
classid 1:2

I could also have added this via the new block interface i.e

$ tc filter add block 1 protocol ip priority 10 flower ...
classid 1:2

Looks good - things will work fine for packets showing
up on egress of enps7 which match the flower rule
and classid 1:2 is selected to queue the packet on.

Things will not _work fine_ for packets showing up on
egress of ensp8. There is no classid 1:2 on egress of
enps8. The prio qdisc is a bad example because it
has a default queue (i think 10:2) in this case. Other
qdiscs(off top of my head DRR) will just drop the packet.

I think this is resolvable - but it will take more to the
patches than the current set you posted Jiri.
A simple solution is to say sharing only works for ingress
(but that sounds very lame).

cheers,
jamal

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ