lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 22 Sep 2021 17:33:45 -0300
From:   Marcelo Ricardo Leitner <marcelo.leitner@...il.com>
To:     Felipe Magno de Almeida <felipe@...anda.io>
Cc:     jhs@...atatu.com, jiri@...nulli.us, xiyou.wangcong@...il.com,
        netdev@...r.kernel.org, boris.sukholitko@...adcom.com,
        vadym.kochan@...ision.eu, ilya.lifshits@...adcom.com,
        vladbu@...dia.com, idosch@...sch.org, paulb@...dia.com,
        dcaratti@...hat.com, amritha.nambiar@...el.com,
        sridhar.samudrala@...el.com, tom@...anda.io,
        pctammela@...atatu.com, eric.dumazet@...il.com
Subject: Re: [PATCH RFC net-next 2/2] net/sched: Add flower2 packet
 classifier based on flower and PANDA parser

On Thu, Sep 16, 2021 at 05:00:41PM -0300, Felipe Magno de Almeida wrote:
> +int fl2_panda_parse(struct sk_buff *skb, struct fl2_flow_key* frame)
> +{
> +	int err;
> +	struct panda_parser_big_metadata_one mdata;
> +	void *data;
> +	size_t pktlen;
> +
> +	memset(&mdata, 0, sizeof(mdata.panda_data));
> +	memcpy(&mdata.frame, frame, sizeof(struct fl2_flow_key));
> +
> +	err = skb_linearize(skb);

Oh ow. Hopefully this is just for the RFC?

> +	if (err < 0)
> +		return err;
> +
> +	BUG_ON(skb->data_len);
> +
> +	data = skb_mac_header(skb);
> +	pktlen = skb_mac_header_len(skb) + skb->len;
> +
> +	err = panda_parse(PANDA_PARSER_KMOD_NAME(panda_parser_big_ether), data,
> +			  pktlen, &mdata.panda_data, 0, 1);
> +
> +	if (err != PANDA_STOP_OKAY) {
> +                pr_err("Failed to parse packet! (%d)", err);
> +		return -1;
> +        }
> +
> +	memcpy(frame, &mdata.frame, sizeof(struct fl2_flow_key));
> +
> +	return 0;
> +}
> +
> +static int fl2_classify(struct sk_buff *skb, const struct tcf_proto *tp,
> +		       struct tcf_result *res)
> +{
> +	struct cls_fl2_head *head = rcu_dereference_bh(tp->root);
> +	struct fl2_flow_key skb_key;
> +	struct fl2_flow_mask *mask;
> +	struct cls_fl2_filter *f;
> +
> +	list_for_each_entry_rcu(mask, &head->masks, list) {
> +		flow_dissector_init_keys(&skb_key.control, &skb_key.basic);
> +		fl2_clear_masked_range(&skb_key, mask);
> +
> +		skb_flow_dissect_meta(skb, &mask->dissector, &skb_key);
> +		/* skb_flow_dissect() does not set n_proto in case an unknown
> +		 * protocol, so do it rather here.
> +		 */
> +		skb_key.basic.n_proto = skb_protocol(skb, false);
> +
> +		if(skb->vlan_present) {
> +			skb_key.basic.n_proto = skb_protocol(skb, true);
> +			skb_key.vlan.vlan_id = skb_vlan_tag_get_id(skb);
> +			skb_key.vlan.vlan_priority = skb_vlan_tag_get_prio(skb);
> +			skb_key.vlan.vlan_tpid = skb->vlan_proto;
> +		}
> +		
> +		fl2_panda_parse(skb, &skb_key);
> +
> +		f = fl2_mask_lookup(mask, &skb_key);
> +		if (f && !tc_skip_sw(f->flags)) {
> +			*res = f->res;
> +			return tcf_exts_exec(skb, &f->exts, res);
> +		}
> +	}
> +	return -1;
> +}

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ