| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 14 Jun 2024 17:13:31 +0100
From: Simon Horman <horms@...nel.org>
To: Adrian Moreno <amorenoz@...hat.com>
Cc: netdev@...r.kernel.org, aconole@...hat.com, echaudro@...hat.com,
i.maximets@....org, dev@...nvswitch.org,
Donald Hunter <donald.hunter@...il.com>,
Jakub Kicinski <kuba@...nel.org>,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>, Paolo Abeni <pabeni@...hat.com>,
Pravin B Shelar <pshelar@....org>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH net-next v2 5/9] net: openvswitch: add emit_sample action
On Mon, Jun 03, 2024 at 08:56:39PM +0200, Adrian Moreno wrote:
> Add support for a new action: emit_sample.
>
> This action accepts a u32 group id and a variable-length cookie and uses
> the psample multicast group to make the packet available for
> observability.
>
> The maximum length of the user-defined cookie is set to 16, same as
> tc_cookie, to discourage using cookies that will not be offloadable.
>
> Signed-off-by: Adrian Moreno <amorenoz@...hat.com>
...
> diff --git a/net/openvswitch/actions.c b/net/openvswitch/actions.c
...
> @@ -1299,6 +1304,46 @@ static int execute_dec_ttl(struct sk_buff *skb, struct sw_flow_key *key)
> return 0;
> }
>
> +static int execute_emit_sample(struct datapath *dp, struct sk_buff *skb,
> + const struct sw_flow_key *key,
> + const struct nlattr *attr)
> +{
> +#if IS_ENABLED(CONFIG_PSAMPLE)
> + struct psample_group psample_group = {};
> + struct psample_metadata md = {};
> + struct vport *input_vport;
> + const struct nlattr *a;
> + int rem;
> +
> + for (a = nla_data(attr), rem = nla_len(attr); rem > 0;
> + a = nla_next(a, &rem)) {
> + switch (nla_type(a)) {
> + case OVS_EMIT_SAMPLE_ATTR_GROUP:
> + psample_group.group_num = nla_get_u32(a);
> + break;
> +
> + case OVS_EMIT_SAMPLE_ATTR_COOKIE:
> + md.user_cookie = nla_data(a);
> + md.user_cookie_len = nla_len(a);
> + break;
> + }
> + }
> +
> + psample_group.net = ovs_dp_get_net(dp);
> +
> + input_vport = ovs_vport_rcu(dp, key->phy.in_port);
> + if (!input_vport)
> + input_vport = ovs_vport_rcu(dp, OVSP_LOCAL);
> +
> + md.in_ifindex = input_vport->dev->ifindex;
> + md.trunc_size = skb->len - OVS_CB(skb)->cutlen;
> +
> + psample_sample_packet(&psample_group, skb, 0, &md);
> +#endif
> +
> + return 0;
> +}
> +
> /* Execute a list of actions against 'skb'. */
> static int do_execute_actions(struct datapath *dp, struct sk_buff *skb,
> struct sw_flow_key *key,
> @@ -1502,6 +1547,11 @@ static int do_execute_actions(struct datapath *dp, struct sk_buff *skb,
> ovs_kfree_skb_reason(skb, reason);
> return 0;
> }
> +
> + case OVS_ACTION_ATTR_EMIT_SAMPLE:
> + err = execute_emit_sample(dp, skb, key, a);
> + OVS_CB(skb)->cutlen = 0;
> + break;
> }
Hi Adrian,
execute_emit_sample always returns 0, and it seems that err will always
be 0 when the code above is executed. So perhaps the return type
of execute_emit_sample could be changed to void and the code above be
updated not to set err.
Other than that, which I don't feel particularly strongly about,
this looks good to me.
...
Powered by blists - more mailing lists