lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Tue, 5 May 2020 09:26:29 +0000
From:   Po Liu <po.liu@....com>
To:     Stephen Hemminger <stephen@...workplumber.org>,
        David Ahern <dsahern@...il.com>
CC:     "davem@...emloft.net" <davem@...emloft.net>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "vinicius.gomes@...el.com" <vinicius.gomes@...el.com>,
        "vlad@...lov.dev" <vlad@...lov.dev>,
        Claudiu Manoil <claudiu.manoil@....com>,
        Vladimir Oltean <vladimir.oltean@....com>,
        Alexandru Marginean <alexandru.marginean@....com>,
        "michael.chan@...adcom.com" <michael.chan@...adcom.com>,
        "vishal@...lsio.com" <vishal@...lsio.com>,
        "saeedm@...lanox.com" <saeedm@...lanox.com>,
        "leon@...nel.org" <leon@...nel.org>,
        "jiri@...lanox.com" <jiri@...lanox.com>,
        "idosch@...lanox.com" <idosch@...lanox.com>,
        "alexandre.belloni@...tlin.com" <alexandre.belloni@...tlin.com>,
        "UNGLinuxDriver@...rochip.com" <UNGLinuxDriver@...rochip.com>,
        "kuba@...nel.org" <kuba@...nel.org>,
        "xiyou.wangcong@...il.com" <xiyou.wangcong@...il.com>,
        "simon.horman@...ronome.com" <simon.horman@...ronome.com>,
        "pablo@...filter.org" <pablo@...filter.org>,
        "moshe@...lanox.com" <moshe@...lanox.com>,
        "m-karicheri2@...com" <m-karicheri2@...com>,
        "andre.guedes@...ux.intel.com" <andre.guedes@...ux.intel.com>
Subject: RE:  Re: [v3,iproute2 1/2] iproute2:tc:action: add a gate control
 action

Hi Stephen,  David,


> -----Original Message-----
> From: Stephen Hemminger <stephen@...workplumber.org>
> Sent: 2020年5月5日 8:05
> To: Po Liu <po.liu@....com>
> Cc: davem@...emloft.net; linux-kernel@...r.kernel.org;
> netdev@...r.kernel.org; vinicius.gomes@...el.com; vlad@...lov.dev;
> Claudiu Manoil <claudiu.manoil@....com>; Vladimir Oltean
> <vladimir.oltean@....com>; Alexandru Marginean
> <alexandru.marginean@....com>; michael.chan@...adcom.com;
> vishal@...lsio.com; saeedm@...lanox.com; leon@...nel.org;
> jiri@...lanox.com; idosch@...lanox.com;
> alexandre.belloni@...tlin.com; UNGLinuxDriver@...rochip.com;
> kuba@...nel.org; xiyou.wangcong@...il.com;
> simon.horman@...ronome.com; pablo@...filter.org;
> moshe@...lanox.com; m-karicheri2@...com;
> andre.guedes@...ux.intel.com
> Subject: [EXT] Re: [v3,iproute2 1/2] iproute2:tc:action: add a gate control
> action
> 
> On Sun,  3 May 2020 14:32:50 +0800
> Po Liu <Po.Liu@....com> wrote:
> 
> > Introduce a ingress frame gate control flow action.
> > Tc gate action does the work like this:
> > Assume there is a gate allow specified ingress frames can pass at
> > specific time slot, and also drop at specific time slot. Tc filter
> > chooses the ingress frames, and tc gate action would specify what slot
> > does these frames can be passed to device and what time slot would be
> > dropped.
> > Tc gate action would provide an entry list to tell how much time gate
> > keep open and how much time gate keep state close. Gate action also
> > assign a start time to tell when the entry list start. Then driver
> > would repeat the gate entry list cyclically.
> > For the software simulation, gate action require the user assign a
> > time clock type.
> >
> > Below is the setting example in user space. Tc filter a stream source
> > ip address is 192.168.0.20 and gate action own two time slots. One is
> > last 200ms gate open let frame pass another is last 100ms gate close
> > let frames dropped.
> >
> >  # tc qdisc add dev eth0 ingress
> >  # tc filter add dev eth0 parent ffff: protocol ip \
> >
> >             flower src_ip 192.168.0.20 \
> >             action gate index 2 clockid CLOCK_TAI \
> >             sched-entry open 200000000 -1 -1 \
> >             sched-entry close 100000000
> >
> >  # tc chain del dev eth0 ingress chain 0
> >
> > "sched-entry" follow the name taprio style. Gate state is
> > "open"/"close". Follow the period nanosecond. Then next -1 is internal
> > priority value means which ingress queue should put to. "-1" means
> > wildcard. The last value optional specifies the maximum number of
> MSDU
> > octets that are permitted to pass the gate during the specified time
> > interval.
> >
> > Below example shows filtering a stream with destination mac address is
> > 10:00:80:00:00:00 and ip type is ICMP, follow the action gate. The
> > gate action would run with one close time slot which means always keep
> close.
> > The time cycle is total 200000000ns. The base-time would calculate by:
> >
> >      1357000000000 + (N + 1) * cycletime
> >
> > When the total value is the future time, it will be the start time.
> > The cycletime here would be 200000000ns for this case.
> >
> >  #tc filter add dev eth0 parent ffff:  protocol ip \
> >            flower skip_hw ip_proto icmp dst_mac 10:00:80:00:00:00 \
> >            action gate index 12 base-time 1357000000000 \
> >            sched-entry CLOSE 200000000 \
> >            clockid CLOCK_TAI
> >
> > Signed-off-by: Po Liu <Po.Liu@....com>
> 
> These changes are specific to net-next should be assigned to iproute2-next.
> Will change delegation.

I would push request specific name with iproute2-next for version 4. Thanks!

Thanks a lot!

Br,
Po Liu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ