lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 10 Nov 2017 14:51:54 +0100
From:   Andrew Lunn <andrew@...n.ch>
To:     Roman Yeryomin <roman@...em.lv>
Cc:     Linus Walleij <linus.walleij@...aro.org>,
        Vivien Didelot <vivien.didelot@...oirfairelinux.com>,
        Florian Fainelli <f.fainelli@...il.com>,
        netdev@...r.kernel.org,
        Antti Seppälä <a.seppala@...il.com>,
        Colin Leitner <colin.leitner@...glemail.com>,
        Gabor Juhos <juhosg@...nwrt.org>
Subject: Re: [PATCH 4/4] RFC: net: dsa: realtek-smi: Add Realtek SMI driver

> OK, so looks like DSA is actually what I need. I just didn't see a clear
> implementation path for e.g. ACL functions.

> Correct me if I'm wrong, to add support for ar8327 ACL or port rate control
> I should expand struct dsa_switch_ops, add appropriate infrastructure in
> netfilter/tc subsystem and actually implement in drivers/net/dsa/qca8k.c ?

It would probably be a good idea to start by telling us about the
capabilities of the port rate control. Ideally, you don't want to
modify the tc subsystem. You just want to use existing tc options
which matches what the port can do, and offload it. The following
patch might help you plumb it in...

commit f50f212749e8a28803af3628acbeb85ee0458ed5
Author: Florian Fainelli <f.fainelli@...il.com>
Date:   Mon Jan 30 12:41:40 2017 -0800

    net: dsa: Add plumbing for port mirroring
    
    Add necessary plumbing at the slave network device level to have switch
    drivers implement ndo_setup_tc() and most particularly the cls_matchall
    classifier. We add support for two switch operations:
    
    port_add_mirror and port_del_mirror() which configure, on a per-port
    basis the mirror parameters requested from the cls_matchall classifier.
    
    Code is largely borrowed from the Mellanox Spectrum switch driver.

ACL is more effort. You want to look at what Pablo is doing about
offloading his stuff. And see if Mellanox have anything in there
driver. It is often the case that Mallanox implements something first,
and when we figure out how to borrow the code for DSA.

    Andrew

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ