| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 03 Aug 2013 07:47:27 -0400 From: Jamal Hadi Salim <jhs@...atatu.com> To: John Fastabend <john.r.fastabend@...el.com> CC: John Fastabend <john.fastabend@...il.com>, Stephen Hemminger <stephen@...workplumber.org>, Eric Dumazet <eric.dumazet@...il.com>, Tom Herbert <therbert@...gle.com>, netdev <netdev@...r.kernel.org> Subject: Re: locating the 'tc actions' hook On 13-08-01 07:18 PM, John Fastabend wrote: [..] > The first being directly related to the previous per queue rate limiter > patch. With rate limiters per queue on a multiqueue device using mq or > mqprio I need some mechanism to steer packets to queues. One way to do > this is to use mqprio and create a 'tc' with a single queue in it. > And then use iptables or netprio_cgroup to steer packets. Another way > to do this would be to use 'skbedit queue_mapping' to set the queue from > 'tc' but unfortunately with the existing flows the queue has already > been selected by the time the classifiers are called. I am assuming the skb (mark) will be tagged with a proper meaningful tag maybe by the driver. Such a tag can be used later up-stack. >Calling into the > classifier chain before picking the qdisc would fix this. For flow based > QOS with multiqueue devices this type of functionality would be useful. > From your description this seems to be ingress side; so we should be able to use that tag if you set it. > The second thought that I've been piecing together would be to populate > the rxhash (or maybe some other field) using the hardware flow > classifier in some meaningful way for the ingress qdisc. The rxhash would be useful for further classification or avoiding further classification. > Some of the > existing Intel NICs can do this and I believe other vendors have similar > capabilities. Although currently with the qdisc lock running around the > ingress qdisc the multiqueue devices take a perf hit just by > instantiating the ingress qdisc which really is only using the lock to > guard some stats and keep the classifier/action chains sane. > Instantiating any qdisc is not a problem. You do it once and are done. There are penalties with using qdiscs in terms of locking. The locks penalties really have to do with the design of the netdev not qdiscs i.e queues are centered around netdevs and netdevs are shared across processors. > If you have some good examples it would be great to see them and drop > them in my testbed. Go ahead and send them to me offlist if you can. > will do. cheers, jamal > .John > -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists