lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 28 Mar 2022 16:19:30 +0000
From:   Christophe Leroy <christophe.leroy@...roup.eu>
To:     Toke Høiland-Jørgensen <toke@...e.dk>,
        "David S. Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>,
        Jamal Hadi Salim <jhs@...atatu.com>,
        Cong Wang <xiyou.wangcong@...il.com>,
        Jiri Pirko <jiri@...nulli.us>, Paolo Abeni <pabeni@...hat.com>
CC:     "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "cake@...ts.bufferbloat.net" <cake@...ts.bufferbloat.net>
Subject: Re: [PATCH net-next] sch_cake: Take into account guideline
 DEF/DGSIC/36 from French Administration



Le 28/03/2022 à 17:43, Toke Høiland-Jørgensen a écrit :
> Christophe Leroy <christophe.leroy@...roup.eu> writes:
> 
>> French Administration has written a guideline that defines additional
>> DSCP values for use in its networks.
> 
> Huh, that's interesting!
> 
>> Add new CAKE diffserv tables to take those new values into account
>> and add CONFIG_NET_SCH_CAKE_DGSIC to select those tables instead of
>> the default ones.
> 
> ...however I don't think we should be including something this
> special-purpose into the qdisc kernel code, and certainly we shouldn't
> have a config option that changes the meaning of the existing diffserv
> keywords!

By the way it doesn't really change meaning. Just enhances it indeed. 
Because they are not changing the meaning of existing DSCP codes, just 
adding new ones.

> 
> Rather, this is something that is best specified from userspace; and in
> fact Cake already has no less than two different ways to do this: the
> 'fwmark' option, and setting the skb->priority field. Have you tried
> using those?

No I have not. In fact I'm just discovering the subject after some 
people told me "we are contractually required to apply this guideline, 
please make sure Linux kernel supports it".

I'll give 'fwmark' and/or skb->priority a try. Is there any 
Documentation on that somewhere ?

Thanks
Christophe

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ