| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <bd69202f-c0da-4f46-9a6c-2375d82a2579@soulik.info>
Date: Thu, 1 Aug 2024 00:45:08 +0800
From: Randy Li <ayaka@...lik.info>
To: Willem de Bruijn <willemdebruijn.kernel@...il.com>
Cc: netdev@...r.kernel.org, jasowang@...hat.com, davem@...emloft.net,
edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net: tuntap: add ioctl() TUNGETQUEUEINDX to fetch queue
index
On 2024/7/31 22:12, Willem de Bruijn wrote:
> Randy Li wrote:
>> We need the queue index in qdisc mapping rule. There is no way to
>> fetch that.
> In which command exactly?
That is for sch_multiq, here is an example
tc qdisc add devĀ tun0 root handle 1: multiq
tc filter add dev tun0 parent 1: protocol ip prio 1 u32 match ip dst
172.16.10.1 action skbedit queue_mapping 0
tc filter add dev tun0 parent 1: protocol ip prio 1 u32 match ip dst
172.16.10.20 action skbedit queue_mapping 1
tc filter add dev tun0 parent 1: protocol ip prio 1 u32 match ip dst
172.16.10.10 action skbedit queue_mapping 2
The purpose here is taking advantage of the multiple threads. For the
the server side(gateway of the tunnel's subnet), usually a different
peer would invoked a different encryption/decryption key pair, it would
be better to handle each in its own thread. Or the application would
need to implement a dispatcher here.
I am newbie to the tc(8), I verified the command above with a tun type
multiple threads demo. But I don't know how to drop the unwanted ingress
filter here, the queue 0 may be a little broken.
>
>> Signed-off-by: Randy Li <ayaka@...lik.info>
>> ---
>> drivers/net/tap.c | 9 +++++++++
>> drivers/net/tun.c | 4 ++++
>> include/uapi/linux/if_tun.h | 1 +
>> 3 files changed, 14 insertions(+)
>>
>> diff --git a/drivers/net/tap.c b/drivers/net/tap.c
>> index 77574f7a3bd4..6099f27a0a1f 100644
>> --- a/drivers/net/tap.c
>> +++ b/drivers/net/tap.c
>> @@ -1120,6 +1120,15 @@ static long tap_ioctl(struct file *file, unsigned int cmd,
>> rtnl_unlock();
>> return ret;
>>
>> + case TUNGETQUEUEINDEX:
>> + rtnl_lock();
>> + if (!q->enabled)
>> + ret = -EINVAL;
>> +
> Below will just overwrite the above ret
Sorry, I didn't verify the tap type.
>
>> + ret = put_user(q->queue_index, up);
>> + rtnl_unlock();
>> + return ret;
>> +
>> case SIOCGIFHWADDR:
>> rtnl_lock();
>> tap = tap_get_tap_dev(q);
>> diff --git a/drivers/net/tun.c b/drivers/net/tun.c
>> index 1d06c560c5e6..5473a0fca2e1 100644
>> --- a/drivers/net/tun.c
>> +++ b/drivers/net/tun.c
>> @@ -3115,6 +3115,10 @@ static long __tun_chr_ioctl(struct file *file, unsigned int cmd,
>> if (!ns_capable(net->user_ns, CAP_NET_ADMIN))
>> return -EPERM;
>> return open_related_ns(&net->ns, get_net_ns);
>> + } else if (cmd == TUNGETQUEUEINDEX) {
>> + if (tfile->detached)
>> + return -EINVAL;
>> + return put_user(tfile->queue_index, (unsigned int __user*)argp);
> Unless you're certain that these fields can be read without RTNL, move
> below rtnl_lock() statement.
Would fix in v2.
>> }
>>
>> rtnl_lock();
>> diff --git a/include/uapi/linux/if_tun.h b/include/uapi/linux/if_tun.h
>> index 287cdc81c939..2668ca3b06a5 100644
>> --- a/include/uapi/linux/if_tun.h
>> +++ b/include/uapi/linux/if_tun.h
>> @@ -61,6 +61,7 @@
>> #define TUNSETFILTEREBPF _IOR('T', 225, int)
>> #define TUNSETCARRIER _IOW('T', 226, int)
>> #define TUNGETDEVNETNS _IO('T', 227)
>> +#define TUNGETQUEUEINDEX _IOR('T', 228, unsigned int)
>>
>> /* TUNSETIFF ifr flags */
>> #define IFF_TUN 0x0001
>> --
>> 2.45.2
>>
>
Powered by blists - more mailing lists