lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20140424154614.GB2864@minipsycho.orion>
Date:	Thu, 24 Apr 2014 17:46:14 +0200
From:	Jiri Pirko <jiri@...nulli.us>
To:	John Fastabend <john.fastabend@...il.com>
Cc:	netdev@...r.kernel.org, davem@...emloft.net, nhorman@...driver.com,
	andy@...yhouse.net, tgraf@...g.ch, dborkman@...hat.com,
	ogerlitz@...lanox.com, jesse@...ira.com, pshelar@...ira.com,
	azhou@...ira.com, ben@...adent.org.uk, stephen@...workplumber.org,
	jeffrey.t.kirsher@...el.com, vyasevic@...hat.com,
	xiyou.wangcong@...il.com, john.r.fastabend@...el.com,
	edumazet@...gle.com, jhs@...atatu.com, sfeldma@...ulusnetworks.com,
	f.fainelli@...il.com, roopa@...ulusnetworks.com,
	linville@...driver.com, dev@...nvswitch.org, jasowang@...hat.com,
	ebiederm@...ssion.com, nicolas.dichtel@...nd.com,
	ryazanov.s.a@...il.com, buytenh@...tstofly.org,
	aviadr@...lanox.com, nbd@...nwrt.org, alexei.starovoitov@...il.com,
	Neil.Jerram@...aswitch.com
Subject: Re: [patch net-next RFC v3 10/10] openvswitch: add support for
 datapath hardware offload

Thu, Apr 24, 2014 at 04:54:19PM CEST, john.fastabend@...il.com wrote:
>On 04/17/2014 05:15 AM, Jiri Pirko wrote:
>>Benefit from the possibility to work with flows in switch devices and
>>use the swdev api to offload flow datapath.
>>
>>Signed-off-by: Jiri Pirko <jiri@...nulli.us>
>>---
>
>
>[...]
>
>>
>>@@ -840,13 +841,15 @@ static int ovs_flow_cmd_new_or_set(struct sk_buff *skb, struct genl_info *info)
>>  		flow->flow.key = masked_key;
>>  		flow->flow.unmasked_key = key;
>>  		rcu_assign_pointer(flow->sf_acts, acts);
>>+		acts = NULL;
>>
>>  		/* Put flow in bucket. */
>>  		error = ovs_flow_tbl_insert(&dp->table, flow, &mask);
>>-		if (error) {
>>-			acts = NULL;
>>+		if (error)
>>  			goto err_flow_free;
>>-		}
>>+		error = ovs_hw_flow_insert(dp, flow, flow->sf_acts);
>>+		if (error)
>>+			goto err_flow_tbl_remove;
>>
>>  		reply = ovs_flow_cmd_build_info(flow, dp, info, OVS_FLOW_CMD_NEW);
>>  	} else {
>
>Hi Jiri,
>
>If I read this correctly it looks like you do a insert into software
>flow tables and then an insert into the hardware flow tables. Into
>all lowerdevs. Let me know if I got this wrong.

It should be sufficient to use one-port-per-switch to insert this. I
just insert it to all and if 2 ports of the same switch are used the
switch should see that the flow is already there and bail out. This is
rough so far. Needs some polishing.
		

>
>This might break on some rules (an insert tag for example) and also
>underutilize the switch resources by pushing rules into the switch that
>we really only need in software tables or maybe only on some set of
>ports.

I thought that I would introduce a flag that would say "push this flow
to hw".

>
>I think we need to allow applications direct access to the flow table
>via netlink so I can write my policy in user space and not require
>OVS. If OVS wants to support a mode where it does this automagically
>it can support it in userspace and the kernel side does not need to
>change.

The idea was to use the existing ovs api for this so it would be smooth
to userspace. For non-ovs usage there is certainly possible to introduce
new iface which would just call same ndos.

>
>Thanks,
>John
>
>
>-- 
>John Fastabend         Intel Corporation
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ