lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20210316150303.2868588-1-idosch@idosch.org>
Date:   Tue, 16 Mar 2021 17:02:53 +0200
From:   Ido Schimmel <idosch@...sch.org>
To:     netdev@...r.kernel.org
Cc:     davem@...emloft.net, kuba@...nel.org, jiri@...dia.com,
        roopa@...dia.com, peter.phaal@...on.com, neil.mckee@...on.com,
        mlxsw@...dia.com, Ido Schimmel <idosch@...dia.com>
Subject: [PATCH net-next 00/10] mlxsw: Add support for egress and policy-based sampling

From: Ido Schimmel <idosch@...dia.com>

So far mlxsw only supported ingress sampling using matchall classifier.
This series adds support for egress sampling and policy-based sampling
using flower classifier on Spectrum-2 and newer ASICs. As such, it is
now possible to issue these commands:

 # tc filter add dev swp1 egress pref 1 proto all matchall action sample rate 100 group 1

 # tc filter add dev swp2 ingress pref 1 proto ip flower dst_ip 198.51.100.1 action sample rate 100 group 2

When performing egress sampling (using either matchall or flower) the
ASIC is able to report the end-to-end latency which is passed to the
psample module.

Series overview:

Patches #1-#3 are preparations without any functional changes

Patch #4 generalizes the idea of sampling triggers and creates a hash
table to track active sampling triggers in preparation for egress and
policy-based triggers. The motivation is explained in the changelog

Patch #5 flips mlxsw to start using this hash table instead of storing
ingress sampling triggers as an attribute of the sampled port

Patch #6 finally adds support for egress sampling using matchall
classifier

Patches #7-#8 add support for policy-based sampling using flower
classifier

Patches #9 extends the mlxsw sampling selftest to cover the new triggers

Patch #10 makes sure that egress sampling configuration only fails on
Spectrum-1

Ido Schimmel (10):
  mlxsw: spectrum_matchall: Propagate extack further
  mlxsw: spectrum_matchall: Push sampling checks to per-ASIC operations
  mlxsw: spectrum_matchall: Pass matchall entry to sampling operations
  mlxsw: spectrum: Track sampling triggers in a hash table
  mlxsw: spectrum: Start using sampling triggers hash table
  mlxsw: spectrum_matchall: Add support for egress sampling
  mlxsw: core_acl_flex_actions: Add mirror sampler action
  mlxsw: spectrum_acl: Offload FLOW_ACTION_SAMPLE
  selftests: mlxsw: Add tc sample tests for new triggers
  selftests: mlxsw: Test egress sampling limitation on Spectrum-1 only

 .../mellanox/mlxsw/core_acl_flex_actions.c    | 131 ++++++++++++++
 .../mellanox/mlxsw/core_acl_flex_actions.h    |  11 ++
 .../net/ethernet/mellanox/mlxsw/spectrum.c    | 148 ++++++++++++++++
 .../net/ethernet/mellanox/mlxsw/spectrum.h    |  52 +++++-
 .../ethernet/mellanox/mlxsw/spectrum_acl.c    |  25 +++
 .../mlxsw/spectrum_acl_flex_actions.c         |  83 +++++++++
 .../ethernet/mellanox/mlxsw/spectrum_flow.c   |   2 +-
 .../ethernet/mellanox/mlxsw/spectrum_flower.c |  18 ++
 .../mellanox/mlxsw/spectrum_matchall.c        | 167 +++++++++++-------
 .../ethernet/mellanox/mlxsw/spectrum_trap.c   | 111 +++++++++++-
 .../drivers/net/mlxsw/tc_restrictions.sh      |   4 +-
 .../selftests/drivers/net/mlxsw/tc_sample.sh  | 135 ++++++++++++++
 12 files changed, 808 insertions(+), 79 deletions(-)

-- 
2.29.2

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ