| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <VE1PR04MB6496AD2BE9868D72A475935492940@VE1PR04MB6496.eurprd04.prod.outlook.com>
Date: Tue, 23 Jun 2020 23:52:40 +0000
From: Po Liu <po.liu@....com>
To: Jamal Hadi Salim <jhs@...atatu.com>,
"davem@...emloft.net" <davem@...emloft.net>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"idosch@...sch.org" <idosch@...sch.org>
CC: "jiri@...nulli.us" <jiri@...nulli.us>,
"vinicius.gomes@...el.com" <vinicius.gomes@...el.com>,
"vlad@...lov.dev" <vlad@...lov.dev>,
Claudiu Manoil <claudiu.manoil@....com>,
Vladimir Oltean <vladimir.oltean@....com>,
Alexandru Marginean <alexandru.marginean@....com>,
"michael.chan@...adcom.com" <michael.chan@...adcom.com>,
"vishal@...lsio.com" <vishal@...lsio.com>,
"saeedm@...lanox.com" <saeedm@...lanox.com>,
"leon@...nel.org" <leon@...nel.org>,
"jiri@...lanox.com" <jiri@...lanox.com>,
"idosch@...lanox.com" <idosch@...lanox.com>,
"alexandre.belloni@...tlin.com" <alexandre.belloni@...tlin.com>,
"UNGLinuxDriver@...rochip.com" <UNGLinuxDriver@...rochip.com>,
"kuba@...nel.org" <kuba@...nel.org>,
"xiyou.wangcong@...il.com" <xiyou.wangcong@...il.com>,
"simon.horman@...ronome.com" <simon.horman@...ronome.com>,
"pablo@...filter.org" <pablo@...filter.org>,
"moshe@...lanox.com" <moshe@...lanox.com>,
"m-karicheri2@...com" <m-karicheri2@...com>,
"andre.guedes@...ux.intel.com" <andre.guedes@...ux.intel.com>,
"stephen@...workplumber.org" <stephen@...workplumber.org>,
Edward Cree <ecree@...arflare.com>
Subject: RE: Re: [v1,net-next 3/4] net: qos: police action add index for tc
flower offloading
Hi Jamal,
> -----Original Message-----
> From: Jamal Hadi Salim <jhs@...atatu.com>
> Sent: 2020年6月23日 20:18
> To: Po Liu <po.liu@....com>; davem@...emloft.net; linux-
> kernel@...r.kernel.org; netdev@...r.kernel.org; idosch@...sch.org
> Cc: jiri@...nulli.us; vinicius.gomes@...el.com; vlad@...lov.dev; Claudiu
> Manoil <claudiu.manoil@....com>; Vladimir Oltean
> <vladimir.oltean@....com>; Alexandru Marginean
> <alexandru.marginean@....com>; michael.chan@...adcom.com;
> vishal@...lsio.com; saeedm@...lanox.com; leon@...nel.org;
> jiri@...lanox.com; idosch@...lanox.com;
> alexandre.belloni@...tlin.com; UNGLinuxDriver@...rochip.com;
> kuba@...nel.org; xiyou.wangcong@...il.com;
> simon.horman@...ronome.com; pablo@...filter.org;
> moshe@...lanox.com; m-karicheri2@...com;
> andre.guedes@...ux.intel.com; stephen@...workplumber.org; Edward
> Cree <ecree@...arflare.com>
> Subject: Re: [v1,net-next 3/4] net: qos: police action add index for tc
> flower offloading
>
> On 2020-06-23 7:55 a.m., Po Liu wrote:
>
>
> [..]
> >> My question: Is this any different from how stats are structured?
> >
> > I don't know I fully catch the question. Are you trying to get how many
> frames for each filter chain passing one index policing action?
> > If one index police action bind to multiple tc filter(they should have
> differnt chain index ). All those filter should get same index police action
> stats value since they are sharing the same hardware entry. But I don't
> think this is the problem.
> >
>
> This is a good thing. What is nice is i can use the same index for s/w and
> h/w (and no need for a translation/remapping).
>
> > With index provide to device driver(map the s/w action index to a h/w
> table index ), user could list the police actions list by command:
> > # tc actions show action police
> > Shows the police action table by index.
>
> This is also nice.
>
> My question: Why cant you apply the same semantics for the counters?
> Does your hardware have an indexed counter/stats table? If yes then you
Yes, but I think tc flower can only care about the counters of that chain. And action police care about how many frames for each police entry.
> should be able to do similar thing for counters as you do for policer (i.e
> use an index and share counters across actions). So when i say:
> tc action drop index 5
Do you mean something like "tc xxx flower action police index 5 drop" since '' tc action drop index 5" is not a proper command? (there is 'action drop' follow the tc filter command but not with index assigned).
> and
> tc action ok index 5
> infact they use the same counter.
Maybe you are saying if action police follow with 'CONTROL' (reclassify | pipe | drop | continue | ok) when offloading to hardware. With different 'CONTROL', the hardware counter won't changed since hardware never known what the 'CONTROL' is. This is still software part and will do at software part(although software seems not deal with this, I also suggest to after offloading should back to tcf_police_act() continue the action).
When set to be offloading mode, the counters only showing the hardware counters(even different vendor could set different counter register.). But I don't think the index offloading could break anything.
>
>
> cheers,
> jamal
Br,
Po Liu
Powered by blists - more mailing lists