lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 14 May 2018 16:27:31 -0400 (EDT)
From:   David Miller <davem@...emloft.net>
To:     marcelo.leitner@...il.com
Cc:     netdev@...r.kernel.org, kubakici@...pl, dsahern@...il.com,
        stephen@...workplumber.org, jiri@...nulli.us, aring@...atatu.com,
        jhs@...atatu.com, xiyou.wangcong@...il.com
Subject: Re: [PATCH net-next] sched: cls: enable verbose logging

From: Marcelo Ricardo Leitner <marcelo.leitner@...il.com>
Date: Sun, 13 May 2018 17:44:27 -0300

> Currently, when the rule is not to be exclusively executed by the
> hardware, extack is not passed along and offloading failures don't
> get logged. The idea was that hardware failures are okay because the
> rule will get executed in software then and this way it doesn't confuse
> unware users.
> 
> But this is not helpful in case one needs to understand why a certain
> rule failed to get offloaded. Considering it may have been a temporary
> failure, like resources exceeded or so, reproducing it later and knowing
> that it is triggering the same reason may be challenging.
> 
> The ultimate goal is to improve Open vSwitch debuggability when using
> flower offloading.
> 
> This patch adds a new flag to enable verbose logging. With the flag set,
> extack will be passed to the driver, which will be able to log the
> error. As the operation itself probably won't fail (not because of this,
> at least), current iproute will already log it as a Warning.
> 
> The flag is generic, so it can be reused later. No need to restrict it
> just for HW offloading. The command line will follow the syntax that
> tc-ebpf already uses, tc ... [ verbose ] ... , and extend its meaning.
> 
> For example:
> # ./tc qdisc add dev p7p1 ingress
> # ./tc filter add dev p7p1 parent ffff: protocol ip prio 1 \
> 	flower verbose \
> 	src_mac ed:13:db:00:00:00 dst_mac 01:80:c2:00:00:d0 \
> 	src_ip 56.0.0.0 dst_ip 55.0.0.0 action drop
> Warning: TC offload is disabled on net device.
> # echo $?
> 0
> # ./tc filter add dev p7p1 parent ffff: protocol ip prio 1 \
> 	flower \
> 	src_mac ff:13:db:00:00:00 dst_mac 01:80:c2:00:00:d0 \
> 	src_ip 56.0.0.0 dst_ip 55.0.0.0 action drop
> # echo $?
> 0
> 
> Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@...il.com>

Applied, thank you.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ