| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1456421844-5901-1-git-send-email-pablo@netfilter.org>
Date: Thu, 25 Feb 2016 18:37:21 +0100
From: Pablo Neira Ayuso <pablo@...filter.org>
To: netdev@...r.kernel.org
Cc: davem@...emloft.net, jiri@...nulli.us, horms@...ge.net.au,
john.fastabend@...il.com
Subject: [PATCH RFC 0/3] intermediate representation for jit and cls_u32 conversion
Hi,
This patchset contains the core infrastructure for the generic
intermediate representation that I presented during NetDev 1.1's
nftables switchdev talk. This includes the basic infrastructure to
convert the tc cls_u32 based on John's parser.
The main goals of this patchset are:
* Provide an unified abstract syntax tree (ast) that can be passed to
the backend driver for translation to internal representation. Then,
based on the backend description, generate the internal
representation. This should reduce the amount of code to maintain
in the driver since every frontend, via parser, generates the ast
that is consumed by the driver through one single ndo indirection.
* Avoid exposing low-level frontend details to the backend, such as
structure layouts. If the frontend needs to be updated to support a
new software feature, it is desiderable that such changes don't
trigger large updates to every driver supporting offloads.
* Having a common parser for every frontend, instead of allowing each
backend driver to re-invent the wheel with its own parser, this is
just spreading out complexity all over the place.
A summary picture of the infrastructure looks like this:
parser
tc-u32 -------
\ jit
tc-flower -------------- ast ------> Backend driver
/
nft -------
So the idea is that every frontend implements a parser that builds the
ast, then this ast is passed via ndo to the driver. The parser is common
to everyone, is part of the common core infrastructure.
The tc-u32 parser is a bit complicated because of having the matching
spread out in different rules through links, but John already came up a
basic parser than should be placed in the frontend so everyone can
improve it to generate more expressive ast.
Note: I don't have access to ixgbe hardware, so I have validated this
patchset by splicing main parts of the ixgbe backend jit code in simple
debugging patches that I have here. Quite rudimentary but it has passed
some basic tests, may still have gotten anything broken. Anyway, the
main goal is to generate debate on this.
Comments welcome, thanks.
Pablo Neira Ayuso (3):
net: ixgbe: add struct igxbe_filter
net: intermediate representation for jit translation
net: convert tc_u32 to use the intermediate representation
drivers/net/ethernet/intel/ixgbe/ixgbe.h | 4 -
drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 249 +++++++++---------
drivers/net/ethernet/intel/ixgbe/ixgbe_model.h | 112 --------
include/net/ir.h | 173 +++++++++++++
include/net/pkt_cls.h | 3 +
net/core/Makefile | 2 +-
net/core/ir.c | 219 ++++++++++++++++
net/sched/cls_u32.c | 344 +++++++++++++++++++++++++
8 files changed, 866 insertions(+), 240 deletions(-)
delete mode 100644 drivers/net/ethernet/intel/ixgbe/ixgbe_model.h
create mode 100644 include/net/ir.h
create mode 100644 net/core/ir.c
--
2.1.4
Powered by blists - more mailing lists