| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <a196d40f-d96f-3fb2-2189-a3906b340d95@nvidia.com>
Date: Thu, 17 Feb 2022 14:10:21 +0200
From: Roi Dayan <roid@...dia.com>
To: Baowen Zheng <baowen.zheng@...igine.com>,
Jianbo Liu <jianbol@...dia.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>,
"linux-rdma@...r.kernel.org" <linux-rdma@...r.kernel.org>
CC: "olteanv@...il.com" <olteanv@...il.com>,
"andrew@...n.ch" <andrew@...n.ch>,
"vivien.didelot@...il.com" <vivien.didelot@...il.com>,
"f.fainelli@...il.com" <f.fainelli@...il.com>,
"davem@...emloft.net" <davem@...emloft.net>,
"kuba@...nel.org" <kuba@...nel.org>,
"rajur@...lsio.com" <rajur@...lsio.com>,
"claudiu.manoil@....com" <claudiu.manoil@....com>,
"sgoutham@...vell.com" <sgoutham@...vell.com>,
"gakula@...vell.com" <gakula@...vell.com>,
"sbhatta@...vell.com" <sbhatta@...vell.com>,
"hkelam@...vell.com" <hkelam@...vell.com>,
"saeedm@...dia.com" <saeedm@...dia.com>,
"leon@...nel.org" <leon@...nel.org>,
"idosch@...dia.com" <idosch@...dia.com>,
"petrm@...dia.com" <petrm@...dia.com>,
"alexandre.belloni@...tlin.com" <alexandre.belloni@...tlin.com>,
"UNGLinuxDriver@...rochip.com" <UNGLinuxDriver@...rochip.com>,
Simon Horman <simon.horman@...igine.com>,
"jhs@...atatu.com" <jhs@...atatu.com>,
"xiyou.wangcong@...il.com" <xiyou.wangcong@...il.com>,
"jiri@...nulli.us" <jiri@...nulli.us>,
"louis.peens@...ronome.com" <louis.peens@...ronome.com>,
Nole Zhang <peng.zhang@...igine.com>,
oss-drivers <oss-drivers@...igine.com>
Subject: Re: [PATCH net-next v2 1/2] net: flow_offload: add tc police action
parameters
On 2022-02-17 12:25 PM, Baowen Zheng wrote:
> On February 17, 2022 4:28 PM, Jianbo wrote:
>> The current police offload action entry is missing exceed/notexceed actions
>> and parameters that can be configured by tc police action.
>> Add the missing parameters as a pre-step for offloading police actions to
>> hardware.
>>
>> Signed-off-by: Jianbo Liu <jianbol@...dia.com>
>> Signed-off-by: Roi Dayan <roid@...dia.com>
>> Reviewed-by: Ido Schimmel <idosch@...dia.com>
>> ---
>> include/net/flow_offload.h | 13 ++++++++++
>> include/net/tc_act/tc_police.h | 30 ++++++++++++++++++++++
>> net/sched/act_police.c | 46 ++++++++++++++++++++++++++++++++++
>> 3 files changed, 89 insertions(+)
>>
>> diff --git a/include/net/flow_offload.h b/include/net/flow_offload.h index
>> 5b8c54eb7a6b..94cde6bbc8a5 100644
>> --- a/include/net/flow_offload.h
>> +++ b/include/net/flow_offload.h
>> @@ -148,6 +148,8 @@ enum flow_action_id {
>> FLOW_ACTION_MPLS_MANGLE,
>> FLOW_ACTION_GATE,
>> FLOW_ACTION_PPPOE_PUSH,
>> + FLOW_ACTION_JUMP,
>> + FLOW_ACTION_PIPE,
>> NUM_FLOW_ACTIONS,
>> };
>>
>> @@ -235,9 +237,20 @@ struct flow_action_entry {
>> struct { /* FLOW_ACTION_POLICE */
>> u32 burst;
>> u64 rate_bytes_ps;
>> + u64 peakrate_bytes_ps;
>> + u32 avrate;
>> + u16 overhead;
>> u64 burst_pkt;
>> u64 rate_pkt_ps;
>> u32 mtu;
>> + struct {
>> + enum flow_action_id act_id;
>> + u32 index;
>> + } exceed;
>> + struct {
>> + enum flow_action_id act_id;
>> + u32 index;
>> + } notexceed;
> It seems exceed and notexceed use the same format struct, will it be more simpler to define as:
> struct {
> enum flow_action_id act_id;
> u32 index;
> } exceed, notexceed;
right. it can be.
>
>> } police;
>> struct { /* FLOW_ACTION_CT */
>> int action;
>> diff --git a/include/net/tc_act/tc_police.h b/include/net/tc_act/tc_police.h
>> index 72649512dcdd..283bde711a42 100644
>> --- a/include/net/tc_act/tc_police.h
>> +++ b/include/net/tc_act/tc_police.h
>> @@ -159,4 +159,34 @@ static inline u32 tcf_police_tcfp_mtu(const struct
>> tc_action *act)
>> return params->tcfp_mtu;
>> }
>>
>> +static inline u64 tcf_police_peakrate_bytes_ps(const struct tc_action
>> +*act) {
>> + struct tcf_police *police = to_police(act);
>> + struct tcf_police_params *params;
>> +
>> + params = rcu_dereference_protected(police->params,
>> + lockdep_is_held(&police->tcf_lock));
>> + return params->peak.rate_bytes_ps;
>> +}
>> +
>> +static inline u32 tcf_police_tcfp_ewma_rate(const struct tc_action
>> +*act) {
>> + struct tcf_police *police = to_police(act);
>> + struct tcf_police_params *params;
>> +
>> + params = rcu_dereference_protected(police->params,
>> + lockdep_is_held(&police->tcf_lock));
>> + return params->tcfp_ewma_rate;
>> +}
>> +
>> +static inline u16 tcf_police_rate_overhead(const struct tc_action *act)
>> +{
>> + struct tcf_police *police = to_police(act);
>> + struct tcf_police_params *params;
>> +
>> + params = rcu_dereference_protected(police->params,
>> + lockdep_is_held(&police->tcf_lock));
>> + return params->rate.overhead;
>> +}
>> +
>> #endif /* __NET_TC_POLICE_H */
>> diff --git a/net/sched/act_police.c b/net/sched/act_police.c index
>> 0923aa2b8f8a..0457b6c9c4e7 100644
>> --- a/net/sched/act_police.c
>> +++ b/net/sched/act_police.c
>> @@ -405,20 +405,66 @@ static int tcf_police_search(struct net *net, struct
>> tc_action **a, u32 index)
>> return tcf_idr_search(tn, a, index);
>> }
>>
>> +static int tcf_police_act_to_flow_act(int tc_act, int *index) {
>> + int act_id = -EOPNOTSUPP;
>> +
>> + if (!TC_ACT_EXT_OPCODE(tc_act)) {
>> + if (tc_act == TC_ACT_OK)
>> + act_id = FLOW_ACTION_ACCEPT;
>> + else if (tc_act == TC_ACT_SHOT)
>> + act_id = FLOW_ACTION_DROP;
>> + else if (tc_act == TC_ACT_PIPE)
>> + act_id = FLOW_ACTION_PIPE;
>> + } else if (TC_ACT_EXT_CMP(tc_act, TC_ACT_GOTO_CHAIN)) {
>> + act_id = FLOW_ACTION_GOTO;
>> + *index = tc_act & TC_ACT_EXT_VAL_MASK;
> For the TC_ACT_GOTO_CHAIN action, the goto_chain information is missing from software to hardware, is it useful for hardware to check?
>
what information do you mean?
>> + } else if (TC_ACT_EXT_CMP(tc_act, TC_ACT_JUMP)) {
>> + act_id = FLOW_ACTION_JUMP;
>> + *index = tc_act & TC_ACT_EXT_VAL_MASK;
>> + }
>> +
>> + return act_id;
>> +}
>> +
>> static int tcf_police_offload_act_setup(struct tc_action *act, void *entry_data,
>> u32 *index_inc, bool bind)
>> {
>> if (bind) {
>> struct flow_action_entry *entry = entry_data;
>> + struct tcf_police *police = to_police(act);
>> + struct tcf_police_params *p;
>> + int act_id;
>> +
>> + p = rcu_dereference_protected(police->params,
>> + lockdep_is_held(&police->tcf_lock));
>>
>> entry->id = FLOW_ACTION_POLICE;
>> entry->police.burst = tcf_police_burst(act);
>> entry->police.rate_bytes_ps =
>> tcf_police_rate_bytes_ps(act);
>> + entry->police.peakrate_bytes_ps =
>> tcf_police_peakrate_bytes_ps(act);
>> + entry->police.avrate = tcf_police_tcfp_ewma_rate(act);
>> + entry->police.overhead = tcf_police_rate_overhead(act);
>> entry->police.burst_pkt = tcf_police_burst_pkt(act);
>> entry->police.rate_pkt_ps =
>> tcf_police_rate_pkt_ps(act);
>> entry->police.mtu = tcf_police_tcfp_mtu(act);
>> +
>> + act_id = tcf_police_act_to_flow_act(police->tcf_action,
>> + &entry-
>>> police.exceed.index);
>> + if (act_id < 0)
>> + return act_id;
>> +
>> + entry->police.exceed.act_id = act_id;
>> +
>> + act_id = tcf_police_act_to_flow_act(p->tcfp_result,
>> + &entry-
>>> police.notexceed.index);
>> + if (act_id < 0)
>> + return act_id;
>> +
>> + entry->police.notexceed.act_id = act_id;
>> +
>> *index_inc = 1;
>> } else {
>> struct flow_offload_action *fl_action = entry_data;
>> --
>> 2.26.2
>
Powered by blists - more mailing lists