| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20260131045821.3451873-1-mmyangfl@gmail.com>
Date: Sat, 31 Jan 2026 12:58:16 +0800
From: David Yang <mmyangfl@...il.com>
To: netdev@...r.kernel.org
Cc: David Yang <mmyangfl@...il.com>,
Andrew Lunn <andrew@...n.ch>,
Vladimir Oltean <olteanv@...il.com>,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>,
Simon Horman <horms@...nel.org>,
linux-kernel@...r.kernel.org
Subject: [PATCH net-next v2] net: dsa: sync dsa_mall_policer_tc_entry with FLOW_ACTION_POLICE
New options were introduced to FLOW_ACTION_POLICE after struct
dsa_mall_policer_tc_entry was added. The following commands will succeed
on DSA ports:
tc qdisc add dev lan1 handle ffff: ingress
tc filter add dev lan1 ingress matchall skip_sw action police \
pkts_rate 80000 pkts_burst 100 mtu 1000 conform-exceed ok
resulting
1. burst_pkt, rate_pkt_ps, etc. being ignored;
2. burst and rate_bytes_per_sec set to 0 without any error.
Among new options, some may be useful to hardware offloading, such as
packet rate mode. Instead of making decisions for drivers, extend struct
dsa_mall_policer_tc_entry to all options of FLOW_ACTION_POLICE.
Drivers should reject unsupported combinations in their
.port_policer_add() implementations.
We are also aware that .port_policer_add() have been implemented in some
DSA drivers - they have already been affected by the above issue (since
we didn't conduct any checks on our side). However, it's up to them to
decide if options should be checked (which may cause regressions with
previously successful configurations), or they are satisfied with the
current behavior - if not, they should submit their own patches to fix
it.
Signed-off-by: David Yang <mmyangfl@...il.com>
---
v1: https://lore.kernel.org/r/20260126061340.757543-1-mmyangfl@gmail.com
- fix DSA core only
include/net/dsa.h | 11 +++++++++++
net/dsa/user.c | 11 +++++++++++
2 files changed, 22 insertions(+)
diff --git a/include/net/dsa.h b/include/net/dsa.h
index 6b2b5ed64ea4..4c177b168ec8 100644
--- a/include/net/dsa.h
+++ b/include/net/dsa.h
@@ -21,6 +21,7 @@
#include <linux/phylink.h>
#include <net/devlink.h>
#include <net/switchdev.h>
+#include <net/flow_offload.h>
struct dsa_8021q_context;
struct tc_action;
@@ -220,6 +221,16 @@ struct dsa_mall_mirror_tc_entry {
struct dsa_mall_policer_tc_entry {
u32 burst;
u64 rate_bytes_per_sec;
+ u64 peakrate_bytes_ps;
+ u32 avrate;
+ u16 overhead;
+ u64 burst_pkt;
+ u64 rate_pkt_ps;
+ u32 mtu;
+ struct {
+ enum flow_action_id act_id;
+ u32 extval;
+ } exceed, notexceed;
};
/* TC matchall entry */
diff --git a/net/dsa/user.c b/net/dsa/user.c
index f59d66f0975d..2a209b83c701 100644
--- a/net/dsa/user.c
+++ b/net/dsa/user.c
@@ -1497,8 +1497,19 @@ dsa_user_add_cls_matchall_police(struct net_device *dev,
mall_tc_entry->cookie = cls->cookie;
mall_tc_entry->type = DSA_PORT_MALL_POLICER;
policer = &mall_tc_entry->policer;
+ /* until they export the type of act->police in flow_offload.h ... */
policer->rate_bytes_per_sec = act->police.rate_bytes_ps;
policer->burst = act->police.burst;
+ policer->peakrate_bytes_ps = act->police.peakrate_bytes_ps;
+ policer->avrate = act->police.avrate;
+ policer->overhead = act->police.overhead;
+ policer->burst_pkt = act->police.burst_pkt;
+ policer->rate_pkt_ps = act->police.rate_pkt_ps;
+ policer->mtu = act->police.mtu;
+ policer->exceed.act_id = act->police.exceed.act_id;
+ policer->exceed.extval = act->police.exceed.extval;
+ policer->notexceed.act_id = act->police.notexceed.act_id;
+ policer->notexceed.extval = act->police.notexceed.extval;
err = ds->ops->port_policer_add(ds, dp->index, policer);
if (err) {
--
2.51.0
Powered by blists - more mailing lists