lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20221111130519.1459549-1-steen.hegelund@microchip.com> Date: Fri, 11 Nov 2022 14:05:13 +0100 From: Steen Hegelund <steen.hegelund@...rochip.com> To: "David S . Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com> CC: Steen Hegelund <steen.hegelund@...rochip.com>, <UNGLinuxDriver@...rochip.com>, Randy Dunlap <rdunlap@...radead.org>, "Casper Andersson" <casper.casan@...il.com>, Russell King <rmk+kernel@...linux.org.uk>, Wan Jiabing <wanjiabing@...o.com>, "Nathan Huckleberry" <nhuck@...gle.com>, <linux-kernel@...r.kernel.org>, <netdev@...r.kernel.org>, <linux-arm-kernel@...ts.infradead.org>, "Steen Hegelund" <Steen.Hegelund@...rochip.com>, Daniel Machon <daniel.machon@...rochip.com>, Horatiu Vultur <horatiu.vultur@...rochip.com>, Lars Povlsen <lars.povlsen@...rochip.com>, Simon Horman <simon.horman@...igine.com>, Louis Peens <louis.peens@...igine.com>, "Wojciech Drewek" <wojciech.drewek@...el.com>, Baowen Zheng <baowen.zheng@...igine.com>, Maksym Glubokiy <maksym.glubokiy@...ision.eu>, Pablo Neira Ayuso <pablo@...filter.org> Subject: [PATCH net-next 0/6] Add support for sorted VCAP rules in Sparx5 This provides support for adding Sparx5 VCAP rules in sorted order, VCAP rule counters and TC filter matching on ARP frames. It builds on top of the initial IS2 VCAP support found in these series: https://lore.kernel.org/all/20221020130904.1215072-1-steen.hegelund@microchip.com/ https://lore.kernel.org/all/20221109114116.3612477-1-steen.hegelund@microchip.com/ Functionality ============= When a new VCAP rule is added the driver will now ensure that the rule is inserted in sorted order, and when a rule is removed, the remaining rules will be moved to keep the sorted order and remove any gaps in the VCAP address space. A VCAP rule is ordered using these 3 values: - Rule size: the count of VCAP addresses used by the rule. The largest rule have highest priority - Rule User: The rules are ordered by the user enumeration - Priority: The priority provided in the flower filter. The lowest value has the highest priority. A VCAP instance may contain the counter as part of the VCAP cache area, and this counter may be one or more bits in width. This type of counter automatically increments its value when the rule is hit. Other VCAP instances have a dedicated counter area outside of the VCAP and in this case the rule must contain the counter id to be able to locate the counter value and cause the counter to be incremented. In this case there must also be a VCAP rule action that sets the counter id. The Sparx5 IS2 VCAP uses a dedicated counter area with 32bit counters. This series adds support for getting VCAP rule counters and provide these via the TC statistic interface. This only support packet counters, not byte counters. Finally the series adds support for the ARP frame dissector and configures the Sparx5 IS2 VCAP to generate the ARP keyset when ARP traffic is received. Delivery: ========= This is current plan for delivering the full VCAP feature set of Sparx5: - DebugFS support for inspecting rules - TC protocol all support - Sparx5 IS0 VCAP support - TC policer and drop action support (depends on the Sparx5 QoS support upstreamed separately) - Sparx5 ES0 VCAP support - TC flower template support - TC matchall filter support for mirroring and policing ports - TC flower filter mirror action support - Sparx5 ES2 VCAP support Steen Hegelund (6): net: flow_offload: add support for ARP frame matching net: microchip: sparx5: Add support for TC flower ARP dissector net: microchip: sparx5: Add/delete rules in sorted order net: microchip: sparx5: Add support for IS2 VCAP rule counters net: microchip: sparx5: Add support for TC flower filter statistics net: microchip: sparx5: Add KUNIT test of counters and sorted rules .../microchip/sparx5/sparx5_tc_flower.c | 144 +++++ .../microchip/sparx5/sparx5_vcap_impl.c | 76 ++- .../net/ethernet/microchip/vcap/vcap_api.c | 233 +++++++- .../ethernet/microchip/vcap/vcap_api_client.h | 14 + .../ethernet/microchip/vcap/vcap_api_kunit.c | 526 ++++++++++++++++++ include/net/flow_offload.h | 6 + net/core/flow_offload.c | 7 + 7 files changed, 990 insertions(+), 16 deletions(-) -- 2.38.1
Powered by blists - more mailing lists