* Re: [PATCH 0/2] net/sched: Add hardware specific counters to TC actions
From: Eelco Chaudron @ 2018-08-16 12:02 UTC (permalink / raw)
To: David Miller, jakub.kicinski
Cc: netdev, jhs, xiyou.wangcong, jiri, simon.horman,
Marcelo Ricardo Leitner
In-Reply-To: <20180811.120627.662252154567814394.davem@davemloft.net>
On 11 Aug 2018, at 21:06, David Miller wrote:
> From: Jakub Kicinski <jakub.kicinski@netronome.com>
> Date: Thu, 9 Aug 2018 20:26:08 -0700
>
>> It is not immediately clear why this is needed. The memory and
>> updating two sets of counters won't come for free, so perhaps a
>> stronger justification than troubleshooting is due? :S
>>
>> Netdev has counters for fallback vs forwarded traffic, so you'd know
>> that traffic hits the SW datapath, plus the rules which are in_hw
>> will
>> most likely not match as of today for flower (assuming correctness).
I strongly believe that these counters are a requirement for a mixed
software/hardware (flow) based forwarding environment. The global
counters will not help much here as you might have chosen to have
certain traffic forwarded by software.
These counters are probably the only option you have to figure out why
forwarding is not as fast as expected, and you want to blame the TC
offload NIC.
>> I'm slightly concerned about potential performance impact, would you
>> be able to share some numbers for non-trivial number of flows (100k
>> active?)?
>
> Agreed, features used for diagnostics cannot have a harmful penalty
> for
> fast path performance.
Fast path performance is not affected as these counters are not
incremented there. They are only incremented by the nic driver when they
gather their statistics from hardware.
However, the flow creation is effected, as this is where the extra
memory gets allocated. I had done some 40K flow tests before and did not
see any noticeable change in flow insertion performance. As requested by
Jakub I did it again for 100K (and threw a Netronome blade in the mix
;). I used Marcelo’s test tool,
https://github.com/marceloleitner/perf-flower.git.
Here are the numbers (time in seconds) for 10 runs in sorted order:
+-------------+----------------+
| Base_kernel | Change_applied |
+-------------+----------------+
| 5.684019 | 5.656388 |
| 5.699658 | 5.674974 |
| 5.725220 | 5.722107 |
| 5.739285 | 5.839855 |
| 5.748088 | 5.865238 |
| 5.766231 | 5.873913 |
| 5.842264 | 5.909259 |
| 5.902202 | 5.912685 |
| 5.905391 | 5.947138 |
| 6.032997 | 5.997779 |
+-------------+----------------+
I guess the deviation is in the userspace part, which is where in real
life flows get added anyway.
Let me know if more is unclear.
//Eelco
^ permalink raw reply
* Re: [PATCH stable 4.4 0/9] fix SegmentSmack in stable branch (CVE-2018-5390)
From: Michal Kubecek @ 2018-08-16 11:39 UTC (permalink / raw)
To: maowenan
Cc: dwmw2, gregkh, netdev, eric.dumazet, edumazet, davem, ycheng, jdw,
stable, Takashi Iwai
In-Reply-To: <eaed8357-e779-e3fb-56d4-04e7b2da0702@huawei.com>
On Thu, Aug 16, 2018 at 03:55:16PM +0800, maowenan wrote:
> On 2018/8/16 15:44, Michal Kubecek wrote:
> > On Thu, Aug 16, 2018 at 03:39:14PM +0800, maowenan wrote:
> >>
> >>
> >> On 2018/8/16 15:23, Michal Kubecek wrote:
> >>> On Thu, Aug 16, 2018 at 03:19:12PM +0800, maowenan wrote:
> >>>> On 2018/8/16 14:52, Michal Kubecek wrote:
> >>>>>
> >>>>> My point is that backporting all this into stable 4.4 is quite intrusive
> >>>>> so that if we can achieve similar results with a simple fix of an
> >>>>> obvious omission, it would be preferrable.
> >>>>
> >>>> There are five patches in mainline to fix this CVE, only two patches
> >>>> have no effect on stable 4.4, the important reason is 4.4 use simple
> >>>> queue but mainline use RB tree.
> >>>>
> >>>> I have tried my best to use easy way to fix this with dropping packets
> >>>> 12.5%(or other value) based on simple queue, but the result is not
> >>>> very well, so the RB tree is needed and tested result is my desire.
> >>>>
> >>>> If we only back port two patches but they don't fix the issue, I think
> >>>> they don't make any sense.
> >>>
> >>> There is an obvious omission in one of the two patches and Takashi's
> >>> patch fixes it. If his follow-up fix (applied on top of what is in
> >>> stable 4.4 now) addresses the problem, I would certainly prefer using it
> >>> over backporting the whole series.
> >>
> >> Do you mean below codes from Takashi can fix this CVE?
> >> But I have already tested like this two days ago, it is not good effect.
> >
> > IIRC what you proposed was different, you proposed to replace the "=" in
> > the other branch by "+=".
>
> No, I think you don't get what I mean, I have already tested stable 4.4,
> based on commit dc6ae4d, and change the codes like Takashi, which didn't
> contain any codes I have sent in this patch series.
I suspect you may be doing something wrong with your tests. I checked
the segmentsmack testcase and the CPU utilization on receiving side
(with sending 10 times as many packets as default) went down from ~100%
to ~3% even when comparing what is in stable 4.4 now against older 4.4
kernel.
This is actually not surprising. the testcase only sends 1-byte segments
starting at even offsets so that receiver never gets two adjacent
segments and the "range_truesize != head->truesize" condition would
never be satisfied, whether you fix the backport or not.
Where the missing "range_truesize += skb->truesize" makes a difference
is in the case when there are some adjacent out of order segments, e.g.
if you omitted 1:10 and then sent 10:11, 11:12, 12:13, 13:14, ...
Then the missing update of range_truesize would prevent collapsing the
queue until the total length of the range would exceed the value of
SKB_WITH_OVERHEAD(SK_MEM_QUANTUM) (i.e. a bit less than 4 KB).
Michal Kubecek
^ permalink raw reply
* Re: [PATCH net-next 02/10] dt-bindings: net: ocelot: remove hsio from the list of register address spaces
From: Quentin Schulz @ 2018-08-16 14:25 UTC (permalink / raw)
To: Alexandre Belloni
Cc: Rob Herring, ralf, paul.burton, jhogan, mark.rutland, davem,
kishon, andrew, f.fainelli, linux-mips, devicetree, linux-kernel,
netdev, allan.nielsen, thomas.petazzoni
In-Reply-To: <20180814124135.GK943@piout.net>
[-- Attachment #1: Type: text/plain, Size: 1093 bytes --]
Hi Alexandre,
On Tue, Aug 14, 2018 at 02:41:35PM +0200, Alexandre Belloni wrote:
> On 14/08/2018 08:49:53+0200, Quentin Schulz wrote:
> > Understood but it's an intermediate patch. Later (patch 8), the SerDes
> > muxing "controller" is added as a child to this node. There most likely
> > will be some others in the future (temperature sensor for example).
> >
> > Furthermore, there's already a simple-mfd without children in this file:
> > https://elixir.bootlin.com/linux/latest/source/Documentation/devicetree/bindings/mips/mscc.txt#L19
> >
> > How should we handle this case?
> >
>
> There were child nodes in previous version of the binding. You can
> remove simple-mfd now. The useful registers that are not used by any
> drivers are gpr and chipid.
>
And what about the use case I'm facing? I've got child nodes defined in
it but with a later patch (but they actually haven't made it to the
DT binding documentation, so that's for the next version of the patch
series).
OK, for removing simple-mfd from CPU chip regs documentation.
Thanks,
Quentin
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply
* Re: [PATCH] net: macb: Fix regression breaking non-MDIO fixed-link PHYs
From: Andrew Lunn @ 2018-08-16 14:24 UTC (permalink / raw)
To: Ahmad Fatoum
Cc: Uwe Kleine-König, David S. Miller, Nicolas Ferre, netdev,
mdf, stable, kernel, Brad Mouring, Florian Fainelli
In-Reply-To: <0c96cf1e-9126-71ca-802f-92b3d3ba59f7@pengutronix.de>
On Thu, Aug 16, 2018 at 08:54:40AM +0200, Ahmad Fatoum wrote:
> On 08/15/2018 04:32 AM, Andrew Lunn wrote:
> > Ahmed, where is the device tree for the EVB-KSZ9477?
>
> I've attached it [1]. It's still work-in-progress (DSA doesn't work yet for example), but Ethernet is usable with Linux v4.18 and my patch applied.
>
Thanks.
So the problem is, macb does not put phy DT nodes inside an mdio
subnode. It places them directly in the MAC node. So
of_mdiobus_register() is being called with the MAC
np. of_mdiobus_register() then looks for children of the MAC node,
assuming they are phys. But when you have a fixed phy node, it is not
a phy, it does not have a reg property, and you get these warnings.
There are cases when you need both fixed-phy and a mdio bus. e.g. a
DSA switch hanging off MDIO.
So we have a few things here...
1) A regression. We should find a fix for that. Maybe we should
special case a child node called 'fixed-link' in
of_mdiobus_register(). I would suggest adding a single warning if
such node is found.
2) Missing functionality. Add support for an mdio container node.
node = of_get_child_by_name(np, "mdio");
if (node)
err = of_mdiobus_register(bp->mii_bus, node);
else
err = of_mdiobus_register(bp->mii_bus, np);
3) Modify the existing dts files to make use of this container.
Because of backwards compatibility, we cannot force the use of it,
but we can encourage it.
Andrew
^ permalink raw reply
* Re: [PATCH v3] net/mlx5e: Delete unneeded function argument
From: Leon Romanovsky @ 2018-08-16 11:26 UTC (permalink / raw)
To: Yuval Shaia; +Cc: saeedm, davem, netdev, linux-rdma
In-Reply-To: <20180816090220.4537-1-yuval.shaia@oracle.com>
[-- Attachment #1: Type: text/plain, Size: 534 bytes --]
On Thu, Aug 16, 2018 at 12:02:20PM +0300, Yuval Shaia wrote:
> priv argument is not used by the function, delete it.
>
> Fixes: a89842811ea98 ("net/mlx5e: Merge per priority stats groups")
> Signed-off-by: Yuval Shaia <yuval.shaia@oracle.com>
> ---
> v1 -> v2:
> * Remove blank line as pointed by Leon.
>
> v2 -> v3:
> * Change prefix to mlx5e
> ---
> drivers/net/ethernet/mellanox/mlx5/core/en_stats.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
Thanks Yuval,
Reviewed-by: Leon Romanovsky <leonro@mellanox.com>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 801 bytes --]
^ permalink raw reply
* Re: [PATCH v2] net/mlx5: Delete unneeded function argument
From: Gal Pressman @ 2018-08-16 10:31 UTC (permalink / raw)
To: Yuval Shaia; +Cc: saeedm, leon, davem, netdev, linux-rdma
In-Reply-To: <20180816090006.GB4318@lap1>
On 16-Aug-18 12:00, Yuval Shaia wrote:
> On Thu, Aug 16, 2018 at 09:41:34AM +0300, Gal Pressman wrote:
>> On 15-Aug-18 18:08, Yuval Shaia wrote:
>>> priv argument is not used by the function, delete it.
>>>
>>> Fixes: a89842811ea98 ("net/mlx5e: Merge per priority stats groups")
>>> Signed-off-by: Yuval Shaia <yuval.shaia@oracle.com>
>>
>> nit: prefix should be net/mlx5e.
>
> 1. Will do.
> 2. Why? (asking since dir name is mlx5)
Core related changes use net/mlx5 prefix, Ethernet related changes (en_* files) use net/mlx5e prefix.
Same thought goes into function names prefix (mlx5_*/mlx5e_*).
>
>>
>>> ---
>>> v1 -> v2:
>>> * Remove blank line as pointed by Leon.
>>> ---
>>> drivers/net/ethernet/mellanox/mlx5/core/en_stats.c | 4 ++--
>>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_stats.c b/drivers/net/ethernet/mellanox/mlx5/core/en_stats.c
>>> index 1646859974ce..4c4d779dafa8 100644
>>> --- a/drivers/net/ethernet/mellanox/mlx5/core/en_stats.c
>>> +++ b/drivers/net/ethernet/mellanox/mlx5/core/en_stats.c
>>> @@ -813,7 +813,7 @@ static const struct counter_desc pport_per_prio_traffic_stats_desc[] = {
>>>
>>> #define NUM_PPORT_PER_PRIO_TRAFFIC_COUNTERS ARRAY_SIZE(pport_per_prio_traffic_stats_desc)
>>>
>>> -static int mlx5e_grp_per_prio_traffic_get_num_stats(struct mlx5e_priv *priv)
>>> +static int mlx5e_grp_per_prio_traffic_get_num_stats(void)
>>> {
>>> return NUM_PPORT_PER_PRIO_TRAFFIC_COUNTERS * NUM_PPORT_PRIO;
>>> }
>>> @@ -971,7 +971,7 @@ static int mlx5e_grp_per_prio_pfc_fill_stats(struct mlx5e_priv *priv,
>>>
>>> static int mlx5e_grp_per_prio_get_num_stats(struct mlx5e_priv *priv)
>>> {
>>> - return mlx5e_grp_per_prio_traffic_get_num_stats(priv) +
>>> + return mlx5e_grp_per_prio_traffic_get_num_stats() +
>>> mlx5e_grp_per_prio_pfc_get_num_stats(priv);
>>> }
>>>
>>>
>>
^ permalink raw reply
* [iproute PATCH 04/10] man: devlink.8: Document -verbose option
From: Phil Sutter @ 2018-08-16 10:27 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev
In-Reply-To: <20180816102802.31782-1-phil@nwl.cc>
This was the only bit missing in comparison to devlink help text.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
man/man8/devlink.8 | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/man/man8/devlink.8 b/man/man8/devlink.8
index ac61b6add7fba..360031f77c165 100644
--- a/man/man8/devlink.8
+++ b/man/man8/devlink.8
@@ -47,6 +47,10 @@ Generate JSON output.
.BR "\-p" , " --pretty"
When combined with -j generate a pretty JSON output.
+.TP
+.BR "\-v" , " --verbose"
+Turn on verbose output.
+
.SS
.I OBJECT
--
2.18.0
^ permalink raw reply related
* [iproute PATCH 00/10] Review help texts and man pages
From: Phil Sutter @ 2018-08-16 10:27 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev
This series fixes a number of issues identified by an automated scan
over man pages and help texts.
Phil Sutter (10):
man: bridge.8: Document -oneline option
bridge: trivial: Make help text consistent
devlink: trivial: Make help text consistent
man: devlink.8: Document -verbose option
genl: Fix help text
man: ifstat.8: Document --json and --pretty options
ip: Add missing -M flag to help text
man: rtacct.8: Fix nstat options
rtmon: List options in help text
man: ss.8: Describe --events option
bridge/bridge.c | 2 +-
devlink/devlink.c | 2 +-
genl/genl.c | 4 ++--
ip/ip.c | 2 +-
ip/rtmon.c | 4 +++-
man/man8/bridge.8 | 15 ++++++++++++++-
man/man8/devlink.8 | 4 ++++
man/man8/ifstat.8 | 8 ++++++++
man/man8/rtacct.8 | 14 +++++++++-----
man/man8/ss.8 | 3 +++
10 files changed, 46 insertions(+), 12 deletions(-)
--
2.18.0
^ permalink raw reply
* [iproute PATCH 03/10] devlink: trivial: Make help text consistent
From: Phil Sutter @ 2018-08-16 10:27 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev
In-Reply-To: <20180816102802.31782-1-phil@nwl.cc>
Typically the part of the flag in brackets completes the leading part
instead of repeating it.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
devlink/devlink.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/devlink/devlink.c b/devlink/devlink.c
index 784bb84bf7ad6..519ee2577cc4c 100644
--- a/devlink/devlink.c
+++ b/devlink/devlink.c
@@ -5426,7 +5426,7 @@ static void help(void)
pr_err("Usage: devlink [ OPTIONS ] OBJECT { COMMAND | help }\n"
" devlink [ -f[orce] ] -b[atch] filename\n"
"where OBJECT := { dev | port | sb | monitor | dpipe | resource | region }\n"
- " OPTIONS := { -V[ersion] | -n[no-nice-names] | -j[json] | -p[pretty] | -v[verbose] }\n");
+ " OPTIONS := { -V[ersion] | -n[o-nice-names] | -j[son] | -p[retty] | -v[erbose] }\n");
}
static int dl_cmd(struct dl *dl, int argc, char **argv)
--
2.18.0
^ permalink raw reply related
* [iproute PATCH 10/10] man: ss.8: Describe --events option
From: Phil Sutter @ 2018-08-16 10:28 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev
In-Reply-To: <20180816102802.31782-1-phil@nwl.cc>
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
man/man8/ss.8 | 3 +++
1 file changed, 3 insertions(+)
diff --git a/man/man8/ss.8 b/man/man8/ss.8
index 28033d8f01dda..7a6572b173648 100644
--- a/man/man8/ss.8
+++ b/man/man8/ss.8
@@ -242,6 +242,9 @@ Print summary statistics. This option does not parse socket lists obtaining
summary from various sources. It is useful when amount of sockets is so huge
that parsing /proc/net/tcp is painful.
.TP
+.B \-E, \-\-events
+Continually display sockets as they are destroyed
+.TP
.B \-Z, \-\-context
As the
.B \-p
--
2.18.0
^ permalink raw reply related
* [iproute PATCH 05/10] genl: Fix help text
From: Phil Sutter @ 2018-08-16 10:27 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev
In-Reply-To: <20180816102802.31782-1-phil@nwl.cc>
The '| help' part was misleading: In fact, 'genl help' does not work but
'genl <OBJECT> help' does. Fix the help text to make that clear.
In addition to that, list -Version and -help flags as well.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
genl/genl.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/genl/genl.c b/genl/genl.c
index 20ecb8b63ef62..1940a23c5a99c 100644
--- a/genl/genl.c
+++ b/genl/genl.c
@@ -98,9 +98,9 @@ static void usage(void) __attribute__((noreturn));
static void usage(void)
{
- fprintf(stderr, "Usage: genl [ OPTIONS ] OBJECT | help }\n"
+ fprintf(stderr, "Usage: genl [ OPTIONS ] OBJECT [help] }\n"
"where OBJECT := { ctrl etc }\n"
- " OPTIONS := { -s[tatistics] | -d[etails] | -r[aw] }\n");
+ " OPTIONS := { -s[tatistics] | -d[etails] | -r[aw] | -V[ersion] | -h[elp] }\n");
exit(-1);
}
--
2.18.0
^ permalink raw reply related
* [iproute PATCH 09/10] rtmon: List options in help text
From: Phil Sutter @ 2018-08-16 10:28 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev
In-Reply-To: <20180816102802.31782-1-phil@nwl.cc>
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
ip/rtmon.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/ip/rtmon.c b/ip/rtmon.c
index acc11df49b423..0e795f740e627 100644
--- a/ip/rtmon.c
+++ b/ip/rtmon.c
@@ -63,7 +63,9 @@ static int dump_msg2(const struct sockaddr_nl *who,
static void usage(void)
{
- fprintf(stderr, "Usage: rtmon file FILE [ all | LISTofOBJECTS]\n");
+ fprintf(stderr, "Usage: rtmon [ OPTIONS ] file FILE [ all | LISTofOBJECTS ]\n");
+ fprintf(stderr, "OPTIONS := { -f[amily] { inet | inet6 | link | help } |\n"
+ " -4 | -6 | -0 | -V[ersion] }\n");
fprintf(stderr, "LISTofOBJECTS := [ link ] [ address ] [ route ]\n");
exit(-1);
}
--
2.18.0
^ permalink raw reply related
* [iproute PATCH 02/10] bridge: trivial: Make help text consistent
From: Phil Sutter @ 2018-08-16 10:27 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev
In-Reply-To: <20180816102802.31782-1-phil@nwl.cc>
Change curly braces into brackets for -json option in help text to be
consistent with the rest.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
bridge/bridge.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/bridge/bridge.c b/bridge/bridge.c
index e35e5bdf7fb30..04d84163e68c4 100644
--- a/bridge/bridge.c
+++ b/bridge/bridge.c
@@ -42,7 +42,7 @@ static void usage(void)
"where OBJECT := { link | fdb | mdb | vlan | monitor }\n"
" OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] |\n"
" -o[neline] | -t[imestamp] | -n[etns] name |\n"
-" -c[ompressvlans] -color -p[retty] -j{son} }\n");
+" -c[ompressvlans] -color -p[retty] -j[son] }\n");
exit(-1);
}
--
2.18.0
^ permalink raw reply related
* [iproute PATCH 01/10] man: bridge.8: Document -oneline option
From: Phil Sutter @ 2018-08-16 10:27 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev
In-Reply-To: <20180816102802.31782-1-phil@nwl.cc>
Copied the description from ip.8.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
man/man8/bridge.8 | 15 ++++++++++++++-
1 file changed, 14 insertions(+), 1 deletion(-)
diff --git a/man/man8/bridge.8 b/man/man8/bridge.8
index 6dfd4178a19cc..53cd3d0a3d933 100644
--- a/man/man8/bridge.8
+++ b/man/man8/bridge.8
@@ -24,7 +24,8 @@ bridge \- show / manipulate bridge addresses and devices
\fB\-b\fR[\fIatch\fR] filename |
\fB\-c\fR[\folor\fR] |
\fB\-p\fR[\fIretty\fR] |
-\fB\-j\fR[\fIson\fR] }
+\fB\-j\fR[\fIson\fR] |
+\fB\-o\fR[\fIneline\fr] }
.ti -8
.BR "bridge link set"
@@ -191,6 +192,18 @@ Output results in JavaScript Object Notation (JSON).
.BR "\-p", " \-pretty"
When combined with -j generate a pretty JSON output.
+.TP
+.BR "\-o", " \-oneline"
+output each record on a single line, replacing line feeds
+with the
+.B '\e'
+character. This is convenient when you want to count records
+with
+.BR wc (1)
+or to
+.BR grep (1)
+the output.
+
.SH BRIDGE - COMMAND SYNTAX
--
2.18.0
^ permalink raw reply related
* [iproute PATCH 08/10] man: rtacct.8: Fix nstat options
From: Phil Sutter @ 2018-08-16 10:28 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev
In-Reply-To: <20180816102802.31782-1-phil@nwl.cc>
Add missing --pretty and --json options, correct --zero to --zeros and
correct the mess around --scan/--interval including broken man page
formatting.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
man/man8/rtacct.8 | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/man/man8/rtacct.8 b/man/man8/rtacct.8
index 01321e6dbdd60..ccdbf6ca75e57 100644
--- a/man/man8/rtacct.8
+++ b/man/man8/rtacct.8
@@ -4,7 +4,7 @@
nstat, rtacct - network statistics tools.
.SH SYNOPSIS
-Usage: nstat [ -h?vVzrnasd:t: ] [ PATTERN [ PATTERN ] ]
+Usage: nstat [ -h?vVzrnasd:t:jp ] [ PATTERN [ PATTERN ] ]
.br
Usage: rtacct [ -h?vVzrnasd:t: ] [ ListOfRealms ]
@@ -21,7 +21,7 @@ Print help
.B \-V, \-\-version
Print version
.TP
-.B \-z, \-\-zero
+.B \-z, \-\-zeros
Dump zero counters too. By default they are not shown.
.TP
.B \-r, \-\-reset
@@ -39,12 +39,16 @@ Do not update history, so that the next time you will see counters including val
.B \-j, \-\-json
Display results in JSON format.
.TP
-.B \-d, \-\-interval <INTERVAL>
+.B \-p, \-\-pretty
+When combined with
+.BR \-\-json ,
+pretty print the output.
+.TP
+.B \-d, \-\-scan <INTERVAL>
Run in daemon mode collecting statistics. <INTERVAL> is interval between measurements in seconds.
.TP
-
+.B \-t, \-\-interval <INTERVAL>
Time interval to average rates. Default value is 60 seconds.
-.TP
.SH SEE ALSO
lnstat(8)
--
2.18.0
^ permalink raw reply related
* [iproute PATCH 06/10] man: ifstat.8: Document --json and --pretty options
From: Phil Sutter @ 2018-08-16 10:27 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev
In-Reply-To: <20180816102802.31782-1-phil@nwl.cc>
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
man/man8/ifstat.8 | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/man/man8/ifstat.8 b/man/man8/ifstat.8
index 3ba0088d8940a..8cd164dda6d72 100644
--- a/man/man8/ifstat.8
+++ b/man/man8/ifstat.8
@@ -48,6 +48,14 @@ Report average over the last SECS seconds.
.B \-z, \-\-zeros
Show entries with zero activity.
.TP
+.B \-j, \-\-json
+Display results in JSON format
+.TP
+.B \-p, \-\-pretty
+If combined with
+.BR \-\-json ,
+pretty print the output.
+.TP
.B \-x, \-\-extended=TYPE
Show extended stats of TYPE. Supported types are:
--
2.18.0
^ permalink raw reply related
* [iproute PATCH 07/10] ip: Add missing -M flag to help text
From: Phil Sutter @ 2018-08-16 10:27 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev
In-Reply-To: <20180816102802.31782-1-phil@nwl.cc>
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
ip/ip.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ip/ip.c b/ip/ip.c
index 893c3c43ef99a..93382d671f467 100644
--- a/ip/ip.c
+++ b/ip/ip.c
@@ -55,7 +55,7 @@ static void usage(void)
" OPTIONS := { -V[ersion] | -s[tatistics] | -d[etails] | -r[esolve] |\n"
" -h[uman-readable] | -iec | -j[son] | -p[retty] |\n"
" -f[amily] { inet | inet6 | ipx | dnet | mpls | bridge | link } |\n"
-" -4 | -6 | -I | -D | -B | -0 |\n"
+" -4 | -6 | -I | -D | -M | -B | -0 |\n"
" -l[oops] { maximum-addr-flush-attempts } | -br[ief] |\n"
" -o[neline] | -t[imestamp] | -ts[hort] | -b[atch] [filename] |\n"
" -rc[vbuf] [size] | -n[etns] name | -a[ll] | -c[olor]}\n");
--
2.18.0
^ permalink raw reply related
* [PATCH 1/1] tap: comment fix
From: Wang Jian @ 2018-08-16 13:01 UTC (permalink / raw)
To: David S . Miller, Jason, girish.moodalbail, mst, Willem de Bruijn,
viro, wexu, netdev, linux-kernel
The tap_queue and the "tap_dev" are loosely coupled, not "macvlan_dev".
And I also change one rcu_read_lock's place, seems can reduce rcu
critical section a little.
Signed-off-by: Wang Jian <jianjian.wang1@gmail.com>
---
drivers/net/tap.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/net/tap.c b/drivers/net/tap.c
index f0f7cd9..e5e5a8e 100644
--- a/drivers/net/tap.c
+++ b/drivers/net/tap.c
@@ -125,7 +125,7 @@ static struct tap_dev *tap_dev_get_rcu(const
struct net_device *dev)
/*
* RCU usage:
- * The tap_queue and the macvlan_dev are loosely coupled, the
+ * The tap_queue and the tap_dev are loosely coupled, the
* pointers from one to the other can only be read while rcu_read_lock
* or rtnl is held.
*
@@ -720,8 +720,6 @@ static ssize_t tap_get_user(struct tap_queue *q,
struct msghdr *m,
__vlan_get_protocol(skb, skb->protocol, &depth) != 0)
skb_set_network_header(skb, depth);
- rcu_read_lock();
- tap = rcu_dereference(q->tap);
/* copy skb_ubuf_info for callback when skb has no error */
if (zerocopy) {
skb_shinfo(skb)->destructor_arg = m->msg_control;
@@ -732,6 +730,8 @@ static ssize_t tap_get_user(struct tap_queue *q,
struct msghdr *m,
uarg->callback(uarg, false);
}
+ rcu_read_lock();
+ tap = rcu_dereference(q->tap);
if (tap) {
skb->dev = tap->dev;
dev_queue_xmit(skb);
--
Regards,
Wang Jian
^ permalink raw reply related
* [PATCH] orinoco: remove unused array encaps_hdr and macro ENCAPS_OVERHEAD
From: Colin King @ 2018-08-16 12:59 UTC (permalink / raw)
To: Kalle Valo, David S . Miller, linux-wireless, netdev
Cc: kernel-janitors, linux-kernel
From: Colin Ian King <colin.king@canonical.com>
Array encaps_hdr and macro ENCAPS_OVERHEAD are declared but are
not being used, hence they are redundant and can be removed.
Cleans up clang warning:
warning: 'encaps_hdr' defined but not used [-Wunused-const-variable=]
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
drivers/net/wireless/intersil/orinoco/orinoco_usb.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/drivers/net/wireless/intersil/orinoco/orinoco_usb.c b/drivers/net/wireless/intersil/orinoco/orinoco_usb.c
index 94ad6fe29e69..d8c27203bc57 100644
--- a/drivers/net/wireless/intersil/orinoco/orinoco_usb.c
+++ b/drivers/net/wireless/intersil/orinoco/orinoco_usb.c
@@ -73,10 +73,6 @@
#define URB_ASYNC_UNLINK 0
#endif
-/* 802.2 LLC/SNAP header used for Ethernet encapsulation over 802.11 */
-static const u8 encaps_hdr[] = {0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00};
-#define ENCAPS_OVERHEAD (sizeof(encaps_hdr) + 2)
-
struct header_struct {
/* 802.3 */
u8 dest[ETH_ALEN];
--
2.17.1
^ permalink raw reply related
* [PATCH net-next v1] net/tls: Add support for async decryption of tls records
From: Vakul Garg @ 2018-08-16 15:19 UTC (permalink / raw)
To: netdev; +Cc: borisp, aviadye, davejwatson, davem, Vakul Garg
When tls records are decrypted using asynchronous acclerators such as
NXP CAAM engine, the crypto apis return -EINPROGRESS. Presently, on
getting -EINPROGRESS, the tls record processing stops till the time the
crypto accelerator finishes off and returns the result. This incurs a
context switch and is not an efficient way of accessing the crypto
accelerators. Crypto accelerators work efficient when they are queued
with multiple crypto jobs without having to wait for the previous ones
to complete.
The patch submits multiple crypto requests without having to wait for
for previous ones to complete. This has been implemented for records
which are decrypted in zero-copy mode. At the end of recvmsg(), we wait
for all the asynchronous decryption requests to complete.
The references to records which have been sent for async decryption are
dropped. For cases where record decryption is not possible in zero-copy
mode, asynchronous decryption is not used and we wait for decryption
crypto api to complete.
For crypto requests executing in async fashion, the memory for
aead_request, sglists and skb etc is freed from the decryption
completion handler. The decryption completion handler wakesup the
sleeping user context when recvmsg() flags that it has done sending
all the decryption requests and there are no more decryption requests
pending to be completed.
Signed-off-by: Vakul Garg <vakul.garg@nxp.com>
---
Changes since RFC version:
1) Improved commit message.
2) Fixed dequeued record offset handling because of which few of
tls selftests 'recv_partial, recv_peek, recv_peek_multiple' were failing.
With this patch version, all tls selftests pass with both software based
synchronous crypto and hardware based asynchronous crypto.
Also, I tested sanity of file contents transferred over a tls session
backed by kernel based record layer.
include/net/tls.h | 6 +++
net/tls/tls_sw.c | 124 ++++++++++++++++++++++++++++++++++++++++++++++++++----
2 files changed, 122 insertions(+), 8 deletions(-)
diff --git a/include/net/tls.h b/include/net/tls.h
index d5c683e8bb22..cd0a65bd92f9 100644
--- a/include/net/tls.h
+++ b/include/net/tls.h
@@ -124,6 +124,12 @@ struct tls_sw_context_rx {
struct sk_buff *recv_pkt;
u8 control;
bool decrypted;
+ atomic_t decrypt_pending;
+ bool async_notify;
+};
+
+struct decrypt_req_ctx {
+ struct sock *sk;
};
struct tls_record_info {
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 52fbe727d7c1..5d1e7c336807 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -43,12 +43,50 @@
#define MAX_IV_SIZE TLS_CIPHER_AES_GCM_128_IV_SIZE
+static void tls_decrypt_done(struct crypto_async_request *req, int err)
+{
+ struct aead_request *aead_req = (struct aead_request *)req;
+ struct decrypt_req_ctx *req_ctx =
+ (struct decrypt_req_ctx *)(aead_req + 1);
+
+ struct scatterlist *sgout = aead_req->dst;
+
+ struct tls_context *tls_ctx = tls_get_ctx(req_ctx->sk);
+ struct tls_sw_context_rx *ctx = tls_sw_ctx_rx(tls_ctx);
+ int pending = atomic_dec_return(&ctx->decrypt_pending);
+ struct scatterlist *sg;
+ unsigned int pages;
+
+ /* Propagate if there was an err */
+ if (err) {
+ ctx->async_wait.err = err;
+ tls_err_abort(req_ctx->sk, err);
+ }
+
+ /* Release the skb, pages and memory allocated for crypto req */
+ kfree_skb(req->data);
+
+ /* Skip the first S/G entry as it points to AAD */
+ for_each_sg(sg_next(sgout), sg, UINT_MAX, pages) {
+ if (!sg)
+ break;
+ put_page(sg_page(sg));
+ }
+
+ kfree(aead_req);
+
+ if (!pending && READ_ONCE(ctx->async_notify))
+ complete(&ctx->async_wait.completion);
+}
+
static int tls_do_decryption(struct sock *sk,
+ struct sk_buff *skb,
struct scatterlist *sgin,
struct scatterlist *sgout,
char *iv_recv,
size_t data_len,
- struct aead_request *aead_req)
+ struct aead_request *aead_req,
+ bool async)
{
struct tls_context *tls_ctx = tls_get_ctx(sk);
struct tls_sw_context_rx *ctx = tls_sw_ctx_rx(tls_ctx);
@@ -59,10 +97,34 @@ static int tls_do_decryption(struct sock *sk,
aead_request_set_crypt(aead_req, sgin, sgout,
data_len + tls_ctx->rx.tag_size,
(u8 *)iv_recv);
- aead_request_set_callback(aead_req, CRYPTO_TFM_REQ_MAY_BACKLOG,
- crypto_req_done, &ctx->async_wait);
- ret = crypto_wait_req(crypto_aead_decrypt(aead_req), &ctx->async_wait);
+ if (async) {
+ struct decrypt_req_ctx *req_ctx;
+
+ req_ctx = (struct decrypt_req_ctx *)(aead_req + 1);
+ req_ctx->sk = sk;
+
+ aead_request_set_callback(aead_req,
+ CRYPTO_TFM_REQ_MAY_BACKLOG,
+ tls_decrypt_done, skb);
+ atomic_inc(&ctx->decrypt_pending);
+ } else {
+ aead_request_set_callback(aead_req,
+ CRYPTO_TFM_REQ_MAY_BACKLOG,
+ crypto_req_done, &ctx->async_wait);
+ }
+
+ ret = crypto_aead_decrypt(aead_req);
+ if (ret == -EINPROGRESS) {
+ if (async)
+ return ret;
+
+ ret = crypto_wait_req(ret, &ctx->async_wait);
+ }
+
+ if (async)
+ atomic_dec(&ctx->decrypt_pending);
+
return ret;
}
@@ -763,7 +825,10 @@ static int decrypt_internal(struct sock *sk, struct sk_buff *skb,
}
/* Prepare and submit AEAD request */
- err = tls_do_decryption(sk, sgin, sgout, iv, data_len, aead_req);
+ err = tls_do_decryption(sk, skb, sgin, sgout, iv,
+ data_len, aead_req, *zc);
+ if (err == -EINPROGRESS)
+ return err;
/* Release the pages in case iov was mapped to pages */
for (; pages > 0; pages--)
@@ -788,8 +853,12 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb,
#endif
if (!ctx->decrypted) {
err = decrypt_internal(sk, skb, dest, NULL, chunk, zc);
- if (err < 0)
+ if (err < 0) {
+ if (err == -EINPROGRESS)
+ tls_advance_record_sn(sk, &tls_ctx->rx);
+
return err;
+ }
} else {
*zc = false;
}
@@ -851,6 +920,7 @@ int tls_sw_recvmsg(struct sock *sk,
int target, err = 0;
long timeo;
bool is_kvec = msg->msg_iter.type & ITER_KVEC;
+ int num_async = 0;
flags |= nonblock;
@@ -863,6 +933,7 @@ int tls_sw_recvmsg(struct sock *sk,
timeo = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
do {
bool zc = false;
+ bool async = false;
int chunk = 0;
skb = tls_wait_data(sk, flags, timeo, &err);
@@ -870,6 +941,7 @@ int tls_sw_recvmsg(struct sock *sk,
goto recv_end;
rxm = strp_msg(skb);
+
if (!cmsg) {
int cerr;
@@ -896,42 +968,76 @@ int tls_sw_recvmsg(struct sock *sk,
err = decrypt_skb_update(sk, skb, &msg->msg_iter,
&chunk, &zc);
- if (err < 0) {
+ if (err < 0 && err != -EINPROGRESS) {
tls_err_abort(sk, EBADMSG);
goto recv_end;
}
+
+ if (err == -EINPROGRESS) {
+ async = true;
+ num_async++;
+ goto pick_next_record;
+ }
+
ctx->decrypted = true;
}
if (!zc) {
chunk = min_t(unsigned int, rxm->full_len, len);
+
err = skb_copy_datagram_msg(skb, rxm->offset, msg,
chunk);
if (err < 0)
goto recv_end;
}
+pick_next_record:
copied += chunk;
len -= chunk;
if (likely(!(flags & MSG_PEEK))) {
u8 control = ctx->control;
- if (tls_sw_advance_skb(sk, skb, chunk)) {
+ if (async) {
+ /* Finished with current record, pick up next */
+ ctx->recv_pkt = NULL;
+ __strp_unpause(&ctx->strp);
+ goto mark_eor_chk_ctrl;
+ } else if (tls_sw_advance_skb(sk, skb, chunk)) {
/* Return full control message to
* userspace before trying to parse
* another message type
*/
+mark_eor_chk_ctrl:
msg->msg_flags |= MSG_EOR;
if (control != TLS_RECORD_TYPE_DATA)
goto recv_end;
+ } else {
+ break;
}
}
+
/* If we have a new message from strparser, continue now. */
if (copied >= target && !ctx->recv_pkt)
break;
} while (len);
recv_end:
+ if (num_async) {
+ /* Wait for all previously submitted records to be decrypted */
+ smp_store_mb(ctx->async_notify, true);
+ if (atomic_read(&ctx->decrypt_pending)) {
+ err = crypto_wait_req(-EINPROGRESS, &ctx->async_wait);
+ if (err) {
+ /* one of async decrypt failed */
+ tls_err_abort(sk, err);
+ copied = 0;
+ }
+ } else {
+ reinit_completion(&ctx->async_wait.completion);
+ }
+ WRITE_ONCE(ctx->async_notify, false);
+ }
+
release_sock(sk);
return copied ? : err;
}
@@ -1271,6 +1377,8 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx)
goto free_aead;
if (sw_ctx_rx) {
+ (*aead)->reqsize = sizeof(struct decrypt_req_ctx);
+
/* Set up strparser */
memset(&cb, 0, sizeof(cb));
cb.rcv_msg = tls_queue;
--
2.13.6
^ permalink raw reply related
* [PATCH] ath9k: remove unused array firstep_table
From: Colin King @ 2018-08-16 12:50 UTC (permalink / raw)
To: QCA ath9k Development, Kalle Valo, David S . Miller,
linux-wireless, netdev
Cc: kernel-janitors, linux-kernel
From: Colin Ian King <colin.king@canonical.com>
Array firstep_table is being assigned but is never used
hence it is redundant and can be removed.
Cleans up clang warning:
warning: 'firstep_table' defined but not used [-Wunused-const-variable=]
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
drivers/net/wireless/ath/ath9k/ar5008_phy.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/drivers/net/wireless/ath/ath9k/ar5008_phy.c b/drivers/net/wireless/ath/ath9k/ar5008_phy.c
index ef2dd68d3f77..11d6f975c87d 100644
--- a/drivers/net/wireless/ath/ath9k/ar5008_phy.c
+++ b/drivers/net/wireless/ath/ath9k/ar5008_phy.c
@@ -37,10 +37,6 @@
#define AR5008_11NG_HT_SS_SHIFT 12
#define AR5008_11NG_HT_DS_SHIFT 20
-static const int firstep_table[] =
-/* level: 0 1 2 3 4 5 6 7 8 */
- { -4, -2, 0, 2, 4, 6, 8, 10, 12 }; /* lvl 0-8, default 2 */
-
/*
* register values to turn OFDM weak signal detection OFF
*/
--
2.17.1
^ permalink raw reply related
* Re: [PATCH] net: phy: add tracepoints
From: Tobias Waldekranz @ 2018-08-16 9:48 UTC (permalink / raw)
To: Andrew Lunn, Florian Fainelli, David S. Miller, Steven Rostedt,
Ingo Molnar, open list, open list:ETHERNET PHY LIBRARY
In-Reply-To: <20180816093418.2621-1-tobias@waldekranz.com>
On Thu, Aug 16, 2018 at 11:34:15AM +0200, Tobias Waldekranz wrote:
> Two tracepoints for now:
>
> * `phy_interrupt` Pretty self-explanatory.
>
> * `phy_state_change` Whenever the PHY's state machine is run, trace
> the old and the new state.
>
> Signed-off-by: Tobias Waldekranz <tobias@waldekranz.com>
> ---
> drivers/net/phy/phy.c | 4 +++
> include/trace/events/phy.h | 68 ++++++++++++++++++++++++++++++++++++++
> 2 files changed, 72 insertions(+)
> create mode 100644 include/trace/events/phy.h
>
> diff --git a/drivers/net/phy/phy.c b/drivers/net/phy/phy.c
> index 9aabfa1a455a..8d22926f3962 100644
> --- a/drivers/net/phy/phy.c
> +++ b/drivers/net/phy/phy.c
> @@ -38,6 +38,9 @@
>
> #include <asm/irq.h>
>
> +#define CREATE_TRACE_POINTS
> +#include <trace/events/phy.h>
> +
> #define PHY_STATE_STR(_state) \
> case PHY_##_state: \
> return __stringify(_state); \
> @@ -1039,6 +1042,7 @@ void phy_state_machine(struct work_struct *work)
> if (err < 0)
> phy_error(phydev);
>
> + trace_phy_state_change(phydev, old_state);
> if (old_state != phydev->state)
> phydev_dbg(phydev, "PHY state change %s -> %s\n",
> phy_state_to_str(old_state),
> diff --git a/include/trace/events/phy.h b/include/trace/events/phy.h
> new file mode 100644
> index 000000000000..7ba6c0dda47e
> --- /dev/null
> +++ b/include/trace/events/phy.h
> @@ -0,0 +1,68 @@
> +#undef TRACE_SYSTEM
> +#define TRACE_SYSTEM phy
> +
> +#if !defined(_TRACE_PHY_H) || defined(TRACE_HEADER_MULTI_READ)
> +#define _TRACE_PHY_H
> +
> +#include <linux/tracepoint.h>
> +
> +TRACE_EVENT(phy_interrupt,
> + TP_PROTO(int irq, struct phy_device *phydev),
> + TP_ARGS(irq, phydev),
> + TP_STRUCT__entry(
> + __field(int, irq)
> + __field(int, addr)
> + __field(int, state)
> + __array(char, ifname, IFNAMSIZ)
> + ),
> + TP_fast_assign(
> + __entry->irq = irq;
> + __entry->addr = phydev->mdio.addr;
> + __entry->state = phydev->state;
> + if (phydev->attached_dev)
> + memcpy(__entry->ifname,
> + netdev_name(phydev->attached_dev),
> + IFNAMSIZ);
> + else
> + memset(__entry->ifname, 0, IFNAMSIZ);
> + ),
> + TP_printk("phy-%d-irq irq=%d ifname=%16s state=%d",
> + __entry->addr,
> + __entry->irq,
> + __entry->ifname,
> + __entry->state
> + )
> + );
> +
> +TRACE_EVENT(phy_state_change,
> + TP_PROTO(struct phy_device *phydev, enum phy_state old_state),
> + TP_ARGS(phydev, old_state),
> + TP_STRUCT__entry(
> + __field(int, addr)
> + __field(int, state)
> + __field(int, old_state)
> + __array(char, ifname, IFNAMSIZ)
> + ),
> + TP_fast_assign(
> + __entry->addr = phydev->mdio.addr;
> + __entry->state = phydev->state;
> + __entry->old_state = old_state;
> + if (phydev->attached_dev)
> + memcpy(__entry->ifname,
> + netdev_name(phydev->attached_dev),
> + IFNAMSIZ);
> + else
> + memset(__entry->ifname, 0, IFNAMSIZ);
> + ),
> + TP_printk("phy-%d-change ifname=%16s old_state=%d state=%d",
> + __entry->addr,
> + __entry->ifname,
> + __entry->old_state,
> + __entry->state
> + )
> + );
> +
> +#endif /* _TRACE_PHY_H */
> +
> +/* This part must be outside protection */
> +#include <trace/define_trace.h>
> --
> 2.17.1
>
This was sent in error. A v2 will follow. I had not used
get_maintainers.pl before, sorry about the noise!
--
Thanks
- wkz
^ permalink raw reply
* [iproute PATCH v4] Make colored output configurable
From: Phil Sutter @ 2018-08-16 9:37 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev, David Ahern, Till Maas
Allow for -color={never,auto,always} to have colored output disabled,
enabled only if stdout is a terminal or enabled regardless of stdout
state.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
Changes since v1:
- Allow to override isatty() check by specifying '-color' flag more than
once.
- Document new behaviour in man pages.
Changes since v2:
- Implement new -color=foo syntax.
- Update commit message and man page texts accordingly.
Changes since v3:
- Fix typo in tc/tc.c causing compile error.
---
bridge/bridge.c | 3 +--
include/color.h | 7 +++++++
ip/ip.c | 3 +--
lib/color.c | 33 ++++++++++++++++++++++++++++++++-
man/man8/bridge.8 | 13 +++++++++++--
man/man8/ip.8 | 13 +++++++++++--
man/man8/tc.8 | 13 +++++++++++--
tc/tc.c | 3 +--
8 files changed, 75 insertions(+), 13 deletions(-)
diff --git a/bridge/bridge.c b/bridge/bridge.c
index 451d684e0bcfd..e35e5bdf7fb30 100644
--- a/bridge/bridge.c
+++ b/bridge/bridge.c
@@ -173,8 +173,7 @@ main(int argc, char **argv)
NEXT_ARG();
if (netns_switch(argv[1]))
exit(-1);
- } else if (matches(opt, "-color") == 0) {
- ++color;
+ } else if (matches_color(opt, &color) == 0) {
} else if (matches(opt, "-compressvlans") == 0) {
++compress_vlans;
} else if (matches(opt, "-force") == 0) {
diff --git a/include/color.h b/include/color.h
index 4f2c918db7e43..42038dc2e7f87 100644
--- a/include/color.h
+++ b/include/color.h
@@ -12,8 +12,15 @@ enum color_attr {
COLOR_NONE
};
+enum color_opt {
+ COLOR_OPT_NEVER = 0,
+ COLOR_OPT_AUTO = 1,
+ COLOR_OPT_ALWAYS = 2
+};
+
void enable_color(void);
int check_enable_color(int color, int json);
+int matches_color(const char *arg, int *val);
void set_color_palette(void);
int color_fprintf(FILE *fp, enum color_attr attr, const char *fmt, ...);
enum color_attr ifa_family_color(__u8 ifa_family);
diff --git a/ip/ip.c b/ip/ip.c
index 38eac5ec1e17d..893c3c43ef99a 100644
--- a/ip/ip.c
+++ b/ip/ip.c
@@ -283,8 +283,7 @@ int main(int argc, char **argv)
exit(-1);
}
rcvbuf = size;
- } else if (matches(opt, "-color") == 0) {
- ++color;
+ } else if (matches_color(opt, &color) == 0) {
} else if (matches(opt, "-help") == 0) {
usage();
} else if (matches(opt, "-netns") == 0) {
diff --git a/lib/color.c b/lib/color.c
index edf96e5c6ecd7..3ad1d6d647722 100644
--- a/lib/color.c
+++ b/lib/color.c
@@ -3,11 +3,13 @@
#include <stdarg.h>
#include <stdlib.h>
#include <string.h>
+#include <unistd.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <linux/if.h>
#include "color.h"
+#include "utils.h"
enum color {
C_RED,
@@ -79,13 +81,42 @@ void enable_color(void)
int check_enable_color(int color, int json)
{
- if (color && !json) {
+ if (json || color == COLOR_OPT_NEVER)
+ return 1;
+
+ if (color == COLOR_OPT_ALWAYS || isatty(fileno(stdout))) {
enable_color();
return 0;
}
return 1;
}
+int matches_color(const char *arg, int *val)
+{
+ char *dup, *p;
+
+ if (!val)
+ return 1;
+
+ dup = strdupa(arg);
+ p = strchrnul(dup, '=');
+ if (*p)
+ *(p++) = '\0';
+
+ if (matches(dup, "-color"))
+ return 1;
+
+ if (*p == '\0' || !strcmp(p, "always"))
+ *val = COLOR_OPT_ALWAYS;
+ else if (!strcmp(p, "auto"))
+ *val = COLOR_OPT_AUTO;
+ else if (!strcmp(p, "never"))
+ *val = COLOR_OPT_NEVER;
+ else
+ return 1;
+ return 0;
+}
+
void set_color_palette(void)
{
char *p = getenv("COLORFGBG");
diff --git a/man/man8/bridge.8 b/man/man8/bridge.8
index f6d228c5ebfe7..6dfd4178a19cc 100644
--- a/man/man8/bridge.8
+++ b/man/man8/bridge.8
@@ -171,8 +171,17 @@ If there were any errors during execution of the commands, the application
return code will be non zero.
.TP
-.BR "\-c" , " -color"
-Use color output.
+.BR \-c [ color ][ = { always | auto | never }
+Configure color output. If parameter is omitted or
+.BR always ,
+color output is enabled regardless of stdout state. If parameter is
+.BR auto ,
+stdout is checked to be a terminal before enabling color output. If parameter is
+.BR never ,
+color output is disabled. If specified multiple times, the last one takes
+precedence. This flag is ignored if
+.B \-json
+is also given.
.TP
.BR "\-j", " \-json"
diff --git a/man/man8/ip.8 b/man/man8/ip.8
index 0087d18b74706..1d358879ec39c 100644
--- a/man/man8/ip.8
+++ b/man/man8/ip.8
@@ -187,8 +187,17 @@ to
executes specified command over all objects, it depends if command supports this option.
.TP
-.BR "\-c" , " -color"
-Use color output.
+.BR \-c [ color ][ = { always | auto | never }
+Configure color output. If parameter is omitted or
+.BR always ,
+color output is enabled regardless of stdout state. If parameter is
+.BR auto ,
+stdout is checked to be a terminal before enabling color output. If parameter is
+.BR never ,
+color output is disabled. If specified multiple times, the last one takes
+precedence. This flag is ignored if
+.B \-json
+is also given.
.TP
.BR "\-t" , " \-timestamp"
diff --git a/man/man8/tc.8 b/man/man8/tc.8
index fd33f9b2f1806..f98398a34bd3e 100644
--- a/man/man8/tc.8
+++ b/man/man8/tc.8
@@ -755,8 +755,17 @@ option was specified. Classes can be filtered only by
option.
.TP
-.BR "\ -color"
-Use color output.
+.BR \-c [ color ][ = { always | auto | never }
+Configure color output. If parameter is omitted or
+.BR always ,
+color output is enabled regardless of stdout state. If parameter is
+.BR auto ,
+stdout is checked to be a terminal before enabling color output. If parameter is
+.BR never ,
+color output is disabled. If specified multiple times, the last one takes
+precedence. This flag is ignored if
+.B \-json
+is also given.
.TP
.BR "\-j", " \-json"
diff --git a/tc/tc.c b/tc/tc.c
index 4c7a128c8103e..c634eff86b6b5 100644
--- a/tc/tc.c
+++ b/tc/tc.c
@@ -496,8 +496,7 @@ int main(int argc, char **argv)
matches(argv[1], "-conf") == 0) {
NEXT_ARG();
conf_file = argv[1];
- } else if (matches(argv[1], "-color") == 0) {
- ++color;
+ } else if (matches_color(argv[1], &color) == 0) {
} else if (matches(argv[1], "-timestamp") == 0) {
timestamp++;
} else if (matches(argv[1], "-tshort") == 0) {
--
2.18.0
^ permalink raw reply related
* Re: [PATCH stable 4.4 0/9] fix SegmentSmack in stable branch (CVE-2018-5390)
From: Michal Kubecek @ 2018-08-16 12:33 UTC (permalink / raw)
To: maowenan
Cc: dwmw2, gregkh, netdev, eric.dumazet, edumazet, davem, ycheng, jdw,
stable, Takashi Iwai
In-Reply-To: <d416861b-14d1-0677-2ae0-c7d7df34c852@huawei.com>
On Thu, Aug 16, 2018 at 08:05:50PM +0800, maowenan wrote:
> On 2018/8/16 19:39, Michal Kubecek wrote:
> >
> > I suspect you may be doing something wrong with your tests. I checked
> > the segmentsmack testcase and the CPU utilization on receiving side
> > (with sending 10 times as many packets as default) went down from ~100%
> > to ~3% even when comparing what is in stable 4.4 now against older 4.4
> > kernel.
>
> There seems no obvious problem when you send packets with default
> parameter in Segmentsmack POC, Which is also very related with your
> server's hardware configuration. Please try with below parameter to
> form OFO packets
I did and even with these (questionable, see below) changes, I did not
get more than 10% (of one core) by receiving ksoftirqd.
> for (i = 0; i < 1024; i++) // 128->1024
...
> usleep(10*1000); // Adjust this and packet count to match the target!, sleep 100ms->10ms
The comment in the testcase source suggests to do _one_ of these two
changes so that you generate 10 times as many packets as the original
testcase. You did both so that you end up sending 102400 packets per
second. With 55 byte long packets, this kind of attack requires at least
5.5 MB/s (44 Mb/s) of throughput. This is no longer a "low packet rate
DoS", I'm afraid.
Anyway, even at this rate, I only get ~10% of one core (Intel E5-2697).
What I can see, though, is that with current stable 4.4 code, modified
testcase which sends something like
2:3, 3:4, ..., 3001:3002, 3003:3004, 3004:3005, ... 6001:6002, ...
I quickly eat 6 MB of memory for receive queue of one socket while
earlier 4.4 kernels only take 200-300 KB. I didn't test latest 4.4 with
Takashi's follow-up yet but I'm pretty sure it will help while
preserving nice performance when using the original segmentsmack
testcase (with increased packet ratio).
Michal Kubecek
^ permalink raw reply
* Re: [iproute PATCH v3] Make colored output configurable
From: Phil Sutter @ 2018-08-16 9:34 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: netdev, David Ahern, Till Maas
In-Reply-To: <20180816081950.5851-1-phil@nwl.cc>
On Thu, Aug 16, 2018 at 10:19:50AM +0200, Phil Sutter wrote:
> Allow for -color={never,auto,always} to have colored output disabled,
> enabled only if stdout is a terminal or enabled regardless of stdout
> state.
>
> Signed-off-by: Phil Sutter <phil@nwl.cc>
Argh, please ignore this one - it doesn't even compile. It's just a
minor typo, but I'll respin.
Sorry, Phil
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox