lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 30 Apr 2020 20:01:07 +0300
From:   Ido Schimmel <idosch@...sch.org>
To:     netdev@...r.kernel.org
Cc:     davem@...emloft.net, jiri@...lanox.com, mlxsw@...lanox.com,
        Ido Schimmel <idosch@...lanox.com>
Subject: [PATCH net-next 0/9] mlxsw: Prepare SPAN API for upcoming changes

From: Ido Schimmel <idosch@...lanox.com>

Switched port analyzer (SPAN) is used for packet mirroring. Over mlxsw
this is achieved by attaching tc-mirred action to either matchall or
flower classifier.

The current API used to configure SPAN consists of two functions:
mlxsw_sp_span_mirror_add() and mlxsw_sp_span_mirror_del().

These two functions pack a lot of different operations:

* SPAN agent configuration: Determining the egress port and optional
  headers that need to encapsulate the mirrored packet (when mirroring
  to a gretap, for example)

* Egress mirror buffer configuration: Allocating / freeing a buffer when
  port is analyzed (inspected) at egress

* SPAN agent binding: Binding the SPAN agent to a trigger, if any. The
  current triggers are incoming / outgoing packet and they are only used
  for matchall-based mirroring

This non-modular design makes it difficult to extend the API for future
changes, such as new mirror targets (CPU) and new global triggers (early
dropped packets, for example).

Therefore, this patch set gradually adds APIs for above mentioned
operations and then converts the two existing users to use it instead of
the old API. No functional changes intended. Tested with existing
mirroring selftests.

Patch set overview:

Patches #1-#5 gradually add the new API
Patches #6-#8 convert existing users to use the new API
Patch #9 removes the old API

Ido Schimmel (9):
  mlxsw: spectrum_span: Add APIs to get / put a SPAN agent
  mlxsw: spectrum_span: Add APIs to get / put an analyzed port
  mlxsw: spectrum_span: Rename function
  mlxsw: spectrum_span: Wrap buffer change in a function
  mlxsw: spectrum_span: Add APIs to bind / unbind a SPAN agent
  mlxsw: spectrum: Convert matchall-based mirroring to new SPAN API
  mlxsw: spectrum_acl: Convert flower-based mirroring to new SPAN API
  mlxsw: spectrum_span: Use new analyzed ports list during speed / MTU
    change
  mlxsw: spectrum_span: Remove old SPAN API

 .../mlxsw/spectrum_acl_flex_actions.c         |  31 +-
 .../mellanox/mlxsw/spectrum_matchall.c        |  52 +-
 .../ethernet/mellanox/mlxsw/spectrum_span.c   | 563 ++++++++++++------
 .../ethernet/mellanox/mlxsw/spectrum_span.h   |  47 +-
 4 files changed, 449 insertions(+), 244 deletions(-)

-- 
2.24.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ