| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 Jun 2019 15:16:26 +0200
From: Pablo Neira Ayuso <pablo@...filter.org>
To: Jiri Pirko <jiri@...nulli.us>
Cc: netdev@...r.kernel.org, netfilter-devel@...r.kernel.org,
davem@...emloft.net, thomas.lendacky@....com, f.fainelli@...il.com,
ariel.elior@...ium.com, michael.chan@...adcom.com,
santosh@...lsio.com, madalin.bucur@....com,
yisen.zhuang@...wei.com, salil.mehta@...wei.com,
jeffrey.t.kirsher@...el.com, tariqt@...lanox.com,
saeedm@...lanox.com, jiri@...lanox.com, idosch@...lanox.com,
jakub.kicinski@...ronome.com, peppe.cavallaro@...com,
grygorii.strashko@...com, andrew@...n.ch,
vivien.didelot@...oirfairelinux.com, alexandre.torgue@...com,
joabreu@...opsys.com, linux-net-drivers@...arflare.com,
ganeshgr@...lsio.com, ogerlitz@...lanox.com,
Manish.Chopra@...ium.com, marcelo.leitner@...il.com,
mkubecek@...e.cz, venkatkumar.duvvuru@...adcom.com,
cphealy@...il.com
Subject: Re: [PATCH net-next 04/12] net: sched: add tcf_block_setup()
On Wed, Jun 26, 2019 at 02:12:56PM +0200, Jiri Pirko wrote:
> Tue, Jun 25, 2019 at 10:31:54AM CEST, pablo@...filter.org wrote:
> >On Fri, Jun 21, 2019 at 07:16:03PM +0200, Jiri Pirko wrote:
> >> Thu, Jun 20, 2019 at 09:49:09PM CEST, pablo@...filter.org wrote:
> >>
> >> [...]
> >>
> >> >
> >> >+static LIST_HEAD(tcf_block_cb_list);
> >>
> >> I still don't like the global list. Have to go throught the code more
> >> carefully, but why you can't pass the priv/ctx from tc/netfilter. From
> >> tc it would be tcf_block as it is now, from netfilter something else.
> >
> >This tcf_block_cb_list should go away at some point, once drivers know
> >how to deal with multiple subsystems using the setup block
> >infrastructure. As I said in my previous email, only one can set up
> >the block at this stage, the ones coming later will hit busy.
>
> The driver should know if it can bind or is busy. Also, the bind cmd
> should contain type of binder (tc/nft/whatever) or perhaps rather binder
> priority (according to the hook order in rx/tx).
OK, so I see two possible paths then:
#1 Add global list and allow one single subsystem to bind by now. Then
later, in a follow up patchset. Add binder type and priority once
there is a driver that can handle the three subsystems, remove
this global list and each driver deals/knows what to do from the
binder path.
#2 Remove the global list now, each driver maintains a list of flow blocks
internally, allow one single flow block by now. This will need a bit more
code, since there will be code in the driver to maintain the list of
existing flow blocks, per driver, instead of global. So it will be
a per-driver global local to check if there is a flow block with
this [ cb, cb_ident ] already in place.
#1 is almost ready - it's this batch :-) - then #2 may need more code -
this batch is slightly large.
I understand though that path #2 may make it easier for the first
driver client allowing for the three subsystems to bind.
Let me know what path your prefer.
Thanks for reviewing.
Powered by blists - more mailing lists