lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250821110607.GC7364@linuxonhyperv3.guj3yctzbm1etfxqx2vob5hsef.xx.internal.cloudapp.net>
Date: Thu, 21 Aug 2025 04:06:07 -0700
From: Erni Sri Satya Vennela <ernis@...ux.microsoft.com>
To: Jakub Kicinski <kuba@...nel.org>
Cc: Stephen Hemminger <stephen@...workplumber.org>, dsahern@...il.com,
	netdev@...r.kernel.org, haiyangz@...rosoft.com,
	shradhagupta@...ux.microsoft.com, ssengar@...rosoft.com,
	dipayanroy@...rosoft.com, ernis@...rosoft.com
Subject: Re: [PATCH iproute2-next v3] iproute2: Add 'netshaper' command to
 'ip link' for netdev shaping

On Mon, Aug 18, 2025 at 08:36:12AM -0700, Jakub Kicinski wrote:
> On Sat, 16 Aug 2025 15:55:10 -0700 Stephen Hemminger wrote:
> > On Mon, 11 Aug 2025 00:05:02 -0700
> > Erni Sri Satya Vennela <ernis@...ux.microsoft.com> wrote:
> > 
> > > Add support for the netshaper Generic Netlink
> > > family to iproute2. Introduce a new subcommand to `ip link` for
> > > configuring netshaper parameters directly from userspace.
> > > 
> > > This interface allows users to set shaping attributes (such as speed)
> > > which are passed to the kernel to perform the corresponding netshaper
> > > operation.
> > > 
> > > Example usage:
> > > $ip link netshaper { set | get | delete } dev DEVNAME \
> > >                    handle scope SCOPE id ID \
> > >                    [ speed SPEED ]  
> > 
> > The choice of ip link is awkward and doesn't match other options.
> > I can think of some better other choices:
> > 
> >   1. netshaper could be a property of the device. But the choice of using genetlink
> >      instead of regular ip netlink attributes makes this hard.
> >   2. netshaper could be part of devlink. Since it is more targeted at hardware
> >      device attributes.
> >   3. netshaper could be a standalone command like bridge, dcb, devlink, rdma, tipc and vdpa.
> > 
> > What ever choice the command line options need to follow similar syntax to other iproute commands.
> 
> I think historically we gravitated towards option 3 -- each family has
> a command? But indeed we could fold it together with something like
> the netdev family without much issue, they are both key'd on netdevs.
> 
> Somewhat related -- what's your take on integrating / vendoring in YNL?
> mnl doesn't provide any extack support..

I have done some tests and found that if we install pkg-config and
libmnl packages beforehand. The extack error messages from the kernel
are being printed to the stdout.

Example 1:
$ sudo ip link netshaper set dev <interface> handle scope queue id 1
speed 15gbit

Error: mana: net shaper scope should be netdev.
Kernel command failed: -1

Example 2:
$ sudo ip link netshaper set dev <interface> handle scope netdev id 2
speed 15gbit

Error: mana: Cannot create multiple shapers.
Kernel command failed: -1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ