lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-id: <494FE051.2010203@Sun.COM>
Date:	Mon, 22 Dec 2008 10:45:37 -0800
From:	Santwona.Behera@....COM
To:	netdev@...r.kernel.org, davem@...emloft.net, jeff@...zik.org,
	gkernel-commit@...ts.sourceforge.net
Cc:	Matheos Worku <Matheos.Worku@....COM>,
	Mehdi Bonyadi <Mehdi.Bonyadi@....COM>,
	Santwona Behera <Santwona.Behera@....COM>
Subject: [PATCH 0/3] Add support for RX packet classification in a network
 device

Added new interfaces to ethtool to add, delete and manage rules for RX
packet classification (network 5-tuple filtering configuration) with niu
driver as the first user of this API.

This feature has 3 related patches:

1. An ethtool application patch.
2. A kernel patch for the ethtool interface.
3. A kernel patch for the niu driver that implements the ethtool config
ioctl functions.

Following is a short description of this feature, following the
original proposal posted in Sept '08.

- The ethertool application has a new interface to add a classification
rule and the target RX ring for packets that match the rule. The rules
are added on a per port basis. Each new rule that is added is 
represented by a unique ID. This ID has to be used by the user to delete
the rule or query the details of the rule (both interfaces provided via 
ethertool).

- Here is the list of cmds/interfaces that have been added to ethertool 
(as suboptions in the RX network flow classification option) to achieve
this:

   - get the number of RX rings available to this port.
   - add a rule (flow-tuple/mask to RX ring mapping)
   - delete a rule
   - query a particular rule or all rules for this port

- Within ethertool, there is a manager for these rules that orders the
rules on a per port basis using longest prefix first ordering. This 
manager assumes low-to-high order for matching the rules in the network 
device.

- In the niu driver, there is a local array of the tcam_entries (for
supporting queries from ethertool).

- There is no protection against inconsistencies between the tcam
entries and the user view of it that can arise if multiple instances of
ethertool happen to write the same rule (tcam_entry).


Thanks,

--santwona
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ