| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 22 Feb 2024 18:40:45 -0800 From: Jakub Kicinski <kuba@...nel.org> To: Ahmed Zaki <ahmed.zaki@...el.com> Cc: <stephen@...workplumber.org>, <davem@...emloft.net>, <edumazet@...gle.com>, <pabeni@...hat.com>, <corbet@....net>, <jhs@...atatu.com>, <xiyou.wangcong@...il.com>, <jiri@...nulli.us>, <netdev@...r.kernel.org>, "Chittim, Madhu" <madhu.chittim@...el.com>, "Samudrala, Sridhar" <sridhar.samudrala@...el.com>, <amritha.nambiar@...el.com>, Jan Sokolowski <jan.sokolowski@...el.com> Subject: Re: [RFC]: raw packet filtering via tc-flower On Wed, 21 Feb 2024 12:43:47 -0700 Ahmed Zaki wrote: > Following on the discussion in [1] regarding raw packet filtering via > ethtool and ntuple. To recap, we wanted to enable the user to offload > filtering and flow direction using binary patterns of extended lengths > and masks (e.g. 512 bytes). The conclusion was that ethtool and ntuple > are deemed legacy and are not the best approach. > > After some internal discussions, tc-flower seems to be another > possibility. In [2], the skbedit and queue-mapping is now supported on > the rx and the user can offload flow direction to a specific rx queue. > > Can we extend tc-flower to support raw packet filtering, for example: > > # tc filter add dev $IFACE ingress protocol 802_3 flower \ > offset $OFF pattern $BYTES mask $MASK \ > action skbedit queue_mapping $RXQ_ID skip_sw > > where offset, pattern and mask are new the flower args, $BYTES and $MASK > could be up to 512 bytes. Have you looked at cls_u32 offload?
Powered by blists - more mailing lists