lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 9 May 2018 12:34:34 -0700
From:   Stephen Hemminger <stephen@...workplumber.org>
To:     Eric Dumazet <eric.dumazet@...il.com>
Cc:     davem@...emloft.net, gerrit@....abdn.ac.uk, kuznet@....inr.ac.ru,
        yoshfuji@...ux-ipv6.org, netdev@...r.kernel.org,
        dccp@...r.kernel.org, Stephen Hemminger <sthemmin@...rosoft.com>
Subject: Re: [PATCH net-next v3 0/2] socket statistics for ss

On Wed, 9 May 2018 11:53:50 -0700
Eric Dumazet <eric.dumazet@...il.com> wrote:

> On 05/09/2018 11:44 AM, Stephen Hemminger wrote:
> > On Wed, 9 May 2018 10:53:58 -0700
> > Eric Dumazet <eric.dumazet@...il.com> wrote:
> >   
> >> On 05/09/2018 10:31 AM, Stephen Hemminger wrote:  
> >>> On Wed, 9 May 2018 10:18:23 -0700
> >>> Eric Dumazet <eric.dumazet@...il.com> wrote:
> >>>     
> >>>> On 05/09/2018 08:22 AM, Stephen Hemminger wrote:
> >>>>    
> >>>>> I am not sure if these patches are worth applying.
> >>>>> The 'ss -s' command has had missing values since 2.4 kernel.
> >>>>> And the first complaints came in only this year.
> >>>>>
> >>>>> Another alternative would be just to remove these fields from ss -s
> >>>>> output and move on.
> >>>>>       
> >>>>
> >>>> Anyway your patches are not netns ready, so lets remove these fields from ss.
> >>>>
> >>>> Or you have to spend _much_ more time on writing and testing the kernel part.
> >>>>
> >>>> Thanks.    
> >>>
> >>> The patches only expose the existing TCP socket accounting infrastructure.
> >>> Several other pieces that sockstat has are not netns aware.
> >>> That is a completely different problem.    
> >>
> >>
> >> Adding a new field counting 'bounds ports' without being netns ready is a total mistake,
> >> as it is useless by current standards.
> >>
> >> The first thing that users will do is add proper netns support, with extra complexity in the kernel.
> >>
> >> So, instead of pushing some incomplete feature, trying to fool ourselves with a sentiment of 'small cost'
> >> that will later need another 100 lines of code in the kernel, please give us the complete picture.
> >>
> >> I am just saying, you can of course ignore my feedback.  
> > 
> > The current TCP hashinfo should be moved into netns. The current method of scanning and matching
> > by net namespace is a scalability issue now.  
> 
> It is not the plan yet, and we have no scalability issue.
> 
> Before switching to netns hash table, this would need rhashtable conversions
> but so far this has not been done.
> 
> - Time to create/delete netns is critical.
> - Adding few Mbytes of overhead per netns is a nogo,
> 
> Please do not change subject, this is adding noise to this particular thread.

Back to original subject. My current intention is to just pull all these statistics
from ss command. They are always zero now, and very few people noticed and  no one
really needs them.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ