| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 16 Aug 2022 12:23:35 +0300
From: Oz Shlomo <ozsh@...dia.com>
To: <netdev@...r.kernel.org>
CC: Jiri Pirko <jiri@...dia.com>, Jamal Hadi Salim <jhs@...atatu.com>,
"Simon Horman" <simon.horman@...igine.com>,
Baowen Zheng <baowen.zheng@...igine.com>,
Vlad Buslov <vladbu@...dia.com>,
Ido Schimmel <idosch@...dia.com>, Roi Dayan <roid@...dia.com>,
Oz Shlomo <ozsh@...dia.com>
Subject: [ RFC net-next 0/3] net: flow_offload: add support for per action hw stats
There are currently two mechanisms for populating hardware stats:
1. Using flow_offload api to query the flow's statistics.
The api assumes that the same stats values apply to all
the flow's actions.
This assumption breaks when action drops or jumps over following
actions.
2. Using hw_action api to query specific action stats via a driver
callback method. This api assures the correct action stats for
the offloaded action, however, it does not apply to the rest of the
actions in the flow's actions array, as elaborated below.
The current hw_action api does not apply to the following use cases:
1. Actions that are implicitly created by filters (aka bind actions).
In the following example only one counter will apply to the rule:
tc filter add dev $DEV prio 2 protocol ip parent ffff: \
flower ip_proto tcp dst_ip $IP2 \
action police rate 1mbit burst 100k conform-exceed drop/pipe \
action mirred egress redirect dev $DEV2
2. Action preceding a hw action.
In the following example the same flow stats will apply to the sample and
mirred actions:
tc action add police rate 1mbit burst 100k conform-exceed drop / pipe
tc filter add dev $DEV prio 2 protocol ip parent ffff: \
flower ip_proto tcp dst_ip $IP2 \
action sample rate 1 group 10 trunc 60 pipe \
action police index 1 \
action mirred egress redirect dev $DEV2
3. Meter action using jump control.
In the following example the same flow stats will apply to both
mirred actions:
tc action add police rate 1mbit burst 100k conform-exceed jump 2 / pipe
tc filter add dev $DEV prio 2 protocol ip parent ffff: \
flower ip_proto tcp dst_ip $IP2 \
action police index 1 \
action mirred egress redirect dev $DEV2
action mirred egress redirect dev $DEV3
This series provides the platform to query per action stats for in_hw flows.
The first patch is a preparation patch
The second patch extends the flow_offload api to return stats array corresponding
to the flow's actions list.
The api populates all the actions' stats in a single callback invocation.
It also allows drivers to avoid per-action lookups by maintain pre-processed
array of the flow's action counters.
The third patch refreshes the hardware action stats from the userspace tc action utility.
It uses the existing hardware action api to query stats per action.
The api has lower performance, compared to the filter refresh stats, as it requires
a driver callback invocation per action, while requiring the driver to lookup the stats
for a specific action id.
Note that this series does not change the existing functionality, thus preserving
the current stats per flow design.
Mellanox driver implementation of the proposed api will follow the rfc discussion.
Oz Shlomo (2):
net: flow_offload: add action stats api
net/sched: act_api: update hw stats for tc action list
Roi Dayan (1):
net: sched: Pass flow_stats instead of multiple stats args
include/net/flow_offload.h | 6 ++++++
include/net/pkt_cls.h | 27 ++++++++++++++++-----------
net/sched/act_api.c | 15 +++++++++++----
net/sched/cls_flower.c | 9 +++------
net/sched/cls_matchall.c | 6 +-----
5 files changed, 37 insertions(+), 26 deletions(-)
--
1.8.3.1
Powered by blists - more mailing lists