David Ahern [Fri, 10 Jun 2022 15:02:29 +0000 (09:02 -0600)]
Merge branch 'bridge-fdb-flush' into next
Nikolay Aleksandrov says:
====================
Hi,
This set adds support for the new bulk delete flag to allow fdb flushing
for specific entries which are matched based on the supplied options.
The new bridge fdb subcommand is "flush", and as can be seen from the
commits it allows to delete entries based on many different criteria:
- matching vlan
- matching port
- matching all sorts of flags (combinations are allowed)
There are also examples for each option in the respective commit messages.
Examples:
$ bridge fdb flush dev swp2 master vlan 100 dynamic
[ delete all dynamic entries with port swp2 and vlan 100 ]
$ bridge fdb flush dev br0 vlan 1 static
[ delete all static entries in br0's fdb table ]
$ bridge fdb flush dev swp2 master extern_learn nosticky
[ delete all entries with port swp2 which have extern_learn set and
don't have the sticky flag set ]
$ bridge fdb flush dev br0 brport br0 vlan 100 permanent
[ delete all entries pointing to the bridge itself with vlan 100 ]
$ bridge fdb flush dev swp2 master nostatic nooffloaded
[ delete all entries with port swp2 which are not static and not
offloaded ]
If keyword is specified and after that nokeyword is specified obviously
the nokeyword would override keyword.
Add flush support to match entries with or without (if "no" is
prepended) added_by_user flag. Note that NTF_USE is used internally
because there is no NTF_ flag that describes such entries.
Examples:
$ bridge fdb flush dev br0 added_by_user
This will delete all added_by_user entries in br0's fdb table.
$ bridge fdb flush dev br0 noadded_by_user
This will delete all entries except the ones with added_by_user flag in
br0's fdb table.
Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org> Signed-off-by: David Ahern <dsahern@kernel.org>
Add flush support to match dynamic or non-dynamic (static or permanent)
entries if "no" is prepended respectively. Note that dynamic entries are
defined as fdbs without NUD_NOARP and NUD_PERMANENT set, and non-dynamic
entries are fdbs with NUD_NOARP set (that matches both static and
permanent entries).
Examples:
$ bridge fdb flush dev br0 dynamic
This will delete all dynamic entries in br0's fdb table.
$ bridge fdb flush dev br0 nodynamic
This will delete all entries except the dynamic ones in br0's fdb
table.
Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org> Signed-off-by: David Ahern <dsahern@kernel.org>
Add flush support to match static or non-static entries if "no" is
prepended respectively. Note that static entries are only NUD_NOARP ones
without NUD_PERMANENT, also when matching non-static entries exclude
permanent entries as well (permanent entries by definition are also
static).
Examples:
$ bridge fdb flush dev br0 static
This will delete all static entries in br0's fdb table.
$ bridge fdb flush dev br0 nostatic
This will delete all entries except the static ones in br0's fdb
table.
Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org> Signed-off-by: David Ahern <dsahern@kernel.org>
Usually we match on the device specified after "dev" but there are
special cases where we need an additional device attribute for matching
such as when matching entries specifically pointing to the bridge device
itself. We use NDA_IFINDEX for that purpose.
Example:
$ bridge fdb flush dev br0 brport br0
This will flush only entries pointing to the bridge itself.
$ bridge fdb flush dev swp1 brport swp2 master
Note this will flush entries pointing to swp2 only. The NDA_IFINDEX
attribute overrides the dev argument. This is documented in the man
page.
Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org> Signed-off-by: David Ahern <dsahern@kernel.org>
Add flush support to match fdb entries in a specific vlan.
Example:
$ bridge fdb flush dev swp1 vlan 10 master
This will flush all fdb entries with port swp1 and vlan 10.
Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org> Signed-off-by: David Ahern <dsahern@kernel.org>
Add support for fdb bulk delete (aka flush) command. Currently it only
supports the self and master flags with the same semantics as fdb
add/del. The device is a mandatory argument.
Example:
$ bridge fdb flush dev br0
This will delete *all* fdb entries in br0's fdb table.
$ bridge fdb flush dev swp1 master
This will delete all fdb entries pointing to swp1.
Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org> Signed-off-by: David Ahern <dsahern@kernel.org>
Petr Machata [Tue, 31 May 2022 11:35:48 +0000 (13:35 +0200)]
ip: Convert non-constant initializers to macros
As per the C standard, "expressions in an initializer for an object that
has static or thread storage duration shall be constant expressions".
Aggregate objects are not constant expressions. Newer GCC doesn't mind, but
older GCC and LLVM do.
Therefore convert to a macro. And since all these macros will look very
similar, extract a generic helper, IPSTATS_STAT_DESC_XSTATS_LEAF, which
takes the leaf name as an argument and initializes the rest as appropriate
for an xstats descriptor.
Reported-by: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: Petr Machata <petrm@nvidia.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
David Ahern [Mon, 30 May 2022 15:54:59 +0000 (09:54 -0600)]
Merge branch 'ss-threads' into next
Peilin Ye says:
====================
From: Peilin Ye <peilin.ye@bytedance.com>
This patchset adds a new ss option, -T (--threads), to show thread
information. It extends the -p (--processes) option, and should be useful
for debugging, monitoring multi-threaded applications. Example output:
$ ss -ltT "sport = 1234"
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 100 0.0.0.0:1234 0.0.0.0:* users:(("test",pid=2932547,tid=2932548,fd=3),("test",pid=2932547,tid=2932547,fd=3))
It implies -p i.e. it outputs all threads in the thread group, including
the thread group leader. When -T is used, -Z and -z also show SELinux
contexts for threads.
[1-5/7] are small clean-ups for the user_ent_hash_build() function. [6/7]
factors out logic iterating $PROC_ROOT/$PID/fd/ from user_ent_hash_build()
to make [7/7] easier. [7/7] actually implements the feature.
Peilin Ye [Wed, 25 May 2022 02:53:41 +0000 (19:53 -0700)]
ss: Introduce -T, --threads option
The -p, -Z and -z options only show process (thread group leader)
information. For example, if the thread group leader has exited, but
another thread in the group is still using a socket, ss -[pZz] does not
show it.
Add a new option, -T (--threads), to show thread information. It implies
the -p option. For example, imagine process A and thread B (in the same
group) using the same socket. ss -p only shows A:
$ ss -ltp "sport = 1234"
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 100 0.0.0.0:1234 0.0.0.0:* users:(("test",pid=2932547,fd=3))
ss -T shows A and B:
$ ss -ltT "sport = 1234"
State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
LISTEN 0 100 0.0.0.0:1234 0.0.0.0:* users:(("test",pid=2932547,tid=2932548,fd=3),("test",pid=2932547,tid=2932547,fd=3))
If -T is used, -Z and -z also show SELinux contexts for threads.
Rename some variables (from "process" to "task", for example) since we
use them for both processes and threads.
Signed-off-by: Peilin Ye <peilin.ye@bytedance.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Peilin Ye [Wed, 25 May 2022 02:53:21 +0000 (19:53 -0700)]
ss: Factor out fd iterating logic from user_ent_hash_build()
We are planning to add a thread version of the -p, --process option.
Move the logic iterating $PROC_ROOT/$PID/fd/ into a new function,
user_ent_hash_build_task(), to make it easier.
Since we will use this function for both processes and threads, rename
local variables as such (e.g. from "process" to "task").
Signed-off-by: Peilin Ye <peilin.ye@bytedance.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Peilin Ye [Wed, 25 May 2022 02:52:09 +0000 (19:52 -0700)]
ss: Remove unnecessary stack variable 'p' in user_ent_hash_build()
Commit 116ac9270b6d ("ss: Add support for retrieving SELinux contexts")
added an unnecessary stack variable, 'char *p', in
user_ent_hash_build(). Delete it for readability.
Signed-off-by: Peilin Ye <peilin.ye@bytedance.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Andrea Claudi [Fri, 13 May 2022 09:52:30 +0000 (11:52 +0200)]
tipc: fix keylen check
Key length check in str2key() is wrong for hex. Fix this using the
proper hex key length.
Fixes: 28ee49e5153b ("tipc: bail out if key is abnormally long") Suggested-by: Xin Long <lucien.xin@gmail.com> Signed-off-by: Andrea Claudi <aclaudi@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Andrea Claudi [Thu, 12 May 2022 14:18:47 +0000 (16:18 +0200)]
man: fix some typos
In dcb-app man page, 'direcly' should be 'directly'
In dcb-dcbx man page, 'respecively' should be 'respectively'
In devlink-dev man page, 'unspecificed' should be 'unspecified'
Signed-off-by: Andrea Claudi <aclaudi@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Andrea Claudi [Thu, 12 May 2022 14:18:46 +0000 (16:18 +0200)]
man: devlink-region: fix typo in example
devlink-region does not accept the legth param, but the length one.
Fixes: 8b4fbf0bed8e ("devlink: Add support for devlink-region access") Signed-off-by: Andrea Claudi <aclaudi@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Andrea Claudi [Fri, 6 May 2022 20:11:46 +0000 (22:11 +0200)]
tc: em_u32: fix offset parsing
tc u32 ematch offset parsing might fail even if nexthdr offset is
aligned to 4. The issue can be reproduced with the following script:
tc qdisc del dev dummy0 root
tc qdisc add dev dummy0 root handle 1: htb r2q 1 default 1
tc class add dev dummy0 parent 1:1 classid 1:108 htb quantum 1000000 \
rate 1.00mbit ceil 10.00mbit burst 6k
while true; do
if ! tc filter add dev dummy0 protocol all parent 1: prio 1 basic match \
"meta(vlan mask 0xfff eq 1)" and "u32(u32 0x20011002 0xffffffff \
at nexthdr+8)" flowid 1:108; then
exit 0
fi
done
which we expect to produce an endless loop.
With the current code, instead, this ends with:
u32: invalid offset alignment, must be aligned to 4.
... meta(vlan mask 0xfff eq 1) and >>u32(u32 0x20011002 0xffffffff at nexthdr+8)<< ...
... u32(u32 0x20011002 0xffffffff at >>nexthdr+8<<)...
Usage: u32(ALIGN VALUE MASK at [ nexthdr+ ] OFFSET)
where: ALIGN := { u8 | u16 | u32 }
Example: u32(u16 0x1122 0xffff at nexthdr+4)
Illegal "ematch"
This is caused by memcpy copying into buf an unterminated string.
Fix it using strncpy instead of memcpy.
Fixes: commit 311b41454dc4 ("Add new extended match files.") Reported-by: Alfred Yang <alf.redyoung@gmail.com> Signed-off-by: Andrea Claudi <aclaudi@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
David Ahern [Thu, 12 May 2022 17:09:29 +0000 (11:09 -0600)]
Merge branch 'support-xstats-afstats' into next
Petr Machata says:
====================
The RTM_GETSTATS response attributes IFLA_STATS_LINK_XSTATS and
IFLA_STATS_LINK_XSTATS_SLAVE are used to carry statistics related to,
respectively, netdevices of a certain type, and netdevices enslaved to
netdevices of a certain type. IFLA_STATS_AF_SPEC are similarly used to
carry statistics specific to a certain address family.
In this patch set, add support for three new stats groups that cover the
above attributes: xstats, xstats_slave and afstats. Add bridge and bond
subgroups to the former two groups, and mpls subgroup to the latter one.
Now "group" is used for selecting the top-level attribute, and subgroup
for the link-type or address-family nest below it (bridge, bond, mpls in
this patchset). But xstats (both master and slave) are further
subdivided. E.g. in the case of bridge statistics, the two subdivisions
are called "stp" and "mcast". To make it possible to pick these sets,
add to the two selector levels of group and subgroup a third level,
suite, which is filtered in the userspace.
Petr Machata [Mon, 9 May 2022 14:00:01 +0000 (16:00 +0200)]
ipstats: Expose bridge stats in ipstats
Bridge supports two suites, STP and IGMP, carried by attributes
BRIDGE_XSTATS_STP and BRIDGE_XSTATS_MCAST. Expose them as suites "stp" and
"mcast" (to correspond to the attribute name).
Petr Machata [Mon, 9 May 2022 13:59:59 +0000 (15:59 +0200)]
ipstats: Add groups "xstats", "xstats_slave"
The RTM_GETSTATS response attributes IFLA_STATS_LINK_XSTATS and
IFLA_STATS_LINK_XSTATS_SLAVE are used to carry statistics related to,
respectively, netdevices of a certain type, and netdevices enslaved to
netdevices of a certain type. Inside the nest is then link-type specific
attribute (e.g. LINK_XSTATS_TYPE_BRIDGE), and inside that nest further
attributes for individual type-specific statistical suites.
Under the "ip stats" model, that corresponds to groups "xstats" and
"xstats_slave", link-type specific subgroup, e.g. "bridge", and one or more
link-type specific suites, such as "stp".
Link-type specific stats are currently supported through struct link_util
and in particular the callbacks parse_ifla_xstats and print_ifla_xstats.
The role of parse_ifla_xstats is to establish which statistical suite to
display, and on which device. "ip stats" has framework for both of these
tasks, which obviates the need for custom parsing. Therefore the module
should instead provide a subgroup descriptor, which "ip stats" will then
use as any other.
The second link_util callback, print_ifla_xstats, is for response
dissection. In "ip stats" model, this belongs to leaf descriptors.
Eventually, the link-specific leaf descriptors will be similar to each
other: either master or slave top-level nest needs to be parsed, and
link-type attribute underneath that, and suite attribute underneath that.
To support this commonality, add struct ipstats_stat_desc_xstats to
describe the xstats suites. Further, expose ipstats_stat_desc_pack_xstats()
and ipstats_stat_desc_show_xstats(), which can be used at leaf descriptors
and do the appropriate thing according to the configuration in
ipstats_stat_desc_xstats.
Signed-off-by: Petr Machata <petrm@nvidia.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Petr Machata [Mon, 9 May 2022 13:59:58 +0000 (15:59 +0200)]
ipstats: Add a third level of stats hierarchy, a "suite"
To show statistics nested under IFLA_STATS_LINK_XSTATS_SLAVE or
IFLA_STATS_LINK_XSTATS, one would use "group" to select the top-level
attribute, then "subgroup" to select the link type, which is itself a nest,
and then would lack a way to denote which attribute to select out of the
link-type nest.
To that end, add the selector level "suite", which is filtered in the
userspace.
Signed-off-by: Petr Machata <petrm@nvidia.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Note how most numbers are not aligned properly under their column headers.
Fix by converting the code to use size_columns() to dynamically determine
the necessary width of individual columns, which also takes care of
formatting the table properly in case the counter values are high.
After the fix, the formatting looks as follows:
Petr Machata [Thu, 5 May 2022 15:31:34 +0000 (17:31 +0200)]
ip: ipstats: Do not assume length of response attribute payload
In Linux kernel commit 794c24e9921f ("net-core: rx_otherhost_dropped to
core_stats"), struct rtnl_link_stats64 got a new member. This change got to
iproute2 through commit bba95837524d ("Update kernel headers").
"ip stats" makes the assumption that the payload of attributes that carry
structures is at least as long as the size of the given structure as
iproute2 knows it. But that will not hold when a newer iproute2 is used
against an older kernel: since such kernel misses some fields on the tail
end of the structure, "ip stats" bails out:
# ip stats show group link
1: lo: group link
Error: attribute payload too shortDump terminated
Instead, be tolerant of responses that are both longer and shorter than
what is expected. Instead of forming a pointer directly into the payload,
allocate the stats structure on the stack, zero it, and then copy over the
portion from the response.
Reported-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: Petr Machata <petrm@nvidia.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Tested-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David Ahern <dsahern@kernel.org>
David Ahern [Sat, 23 Apr 2022 15:22:59 +0000 (09:22 -0600)]
libbpf: Remove use of bpf_program__set_priv and bpf_program__priv
bpf_program__set_priv and bpf_program__priv are deprecated as of
libbpf v0.7+. Rather than store the map as priv on the program,
change find_legacy_tail_calls to take an argument to return a reference
to the map.
find_legacy_tail_calls is invoked twice from load_bpf_object - the
first time to check for programs that should be loaded. In this case
a reference to the map is not needed, but it does validate the map
exists. The second is invoked from update_legacy_tail_call_maps where
the map pointer is needed.
Signed-off-by: David Ahern <dsahern@kernel.org> Acked-by: Toke Høiland-Jørgensen <toke@redhat.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
David Ahern [Sat, 23 Apr 2022 15:22:59 +0000 (09:22 -0600)]
libbpf: Remove use of bpf_program__set_priv and bpf_program__priv
bpf_program__set_priv and bpf_program__priv are deprecated as of
libbpf v0.7+. Rather than store the map as priv on the program,
change find_legacy_tail_calls to take an argument to return a reference
to the map.
find_legacy_tail_calls is invoked twice from load_bpf_object - the
first time to check for programs that should be loaded. In this case
a reference to the map is not needed, but it does validate the map
exists. The second is invoked from update_legacy_tail_call_maps where
the map pointer is needed.
Signed-off-by: David Ahern <dsahern@kernel.org> Acked-by: Toke Høiland-Jørgensen <toke@redhat.com>
Boris Sukholitko [Thu, 28 Apr 2022 08:32:33 +0000 (11:32 +0300)]
f_flower: add number of vlans man entry
The documentation was missing in the number of vlans commit.
Fixes: 5ba31bcf (f_flower: Add num of vlans parameter) Signed-off-by: Boris Sukholitko <boris.sukholitko@broadcom.com> Signed-off-by: David Ahern <dsahern@kernel.org>
David Ahern [Thu, 28 Apr 2022 02:18:25 +0000 (20:18 -0600)]
Merge branch 'flower-vlans' into next
Boris Sukholitko says:
====================
Our customers in the fiber telecom world have network configurations
where they would like to control their traffic according to the number
of tags appearing in the packet.
For example, TR247 GPON conformance test suite specification mostly
talks about untagged, single, double tagged packets and gives lax
guidelines on the vlan protocol vs. number of vlan tags.
This is different from the common IT networks where 802.1Q and 802.1ad
protocols are usually describe single and double tagged packet. GPON
configurations that we work with have arbitrary mix the above protocols
and number of vlan tags in the packet.
The following patch series implement number of vlans flower filter. They
add num_of_vlans flower filter as an alternative to vlan ethtype protocol
matching. The end result is that the following command becomes possible:
tc filter add dev eth1 ingress flower \
num_of_vlans 1 vlan_prio 5 action drop
Also, from our logs, we have redirect rules such that:
tc filter add dev $GPON ingress flower num_of_vlans $N \
action mirred egress redirect dev $DEV
where N can range from 0 to 3 and $DEV is the function of $N.
Also there are rules setting skb mark based on the number of vlans:
tc filter add dev $GPON ingress flower num_of_vlans $N vlan_prio \
$P action skbedit mark $M
Boris Sukholitko [Tue, 26 Apr 2022 09:14:16 +0000 (12:14 +0300)]
f_flower: Add num of vlans parameter
Our customers in the fiber telecom world have network configurations
where they would like to control their traffic according to the number
of tags appearing in the packet.
For example, TR247 GPON conformance test suite specification mostly
talks about untagged, single, double tagged packets and gives lax
guidelines on the vlan protocol vs. number of vlan tags.
This is different from the common IT networks where 802.1Q and 802.1ad
protocols are usually describe single and double tagged packet. GPON
configurations that we work with have arbitrary mix the above protocols
and number of vlan tags in the packet.
This patch adds num_of_vlans flower key and associated print and parse
routines. The following command becomes possible:
tc filter add dev eth1 ingress flower num_of_vlans 1 action drop
Signed-off-by: Boris Sukholitko <boris.sukholitko@broadcom.com> Signed-off-by: David Ahern <dsahern@kernel.org>
David Ahern [Thu, 28 Apr 2022 02:13:35 +0000 (20:13 -0600)]
Merge branch 'ip-stats' into next
Petr Machata says:
====================
A new rtnetlink message, RTM_SETSTATS, has been added recently in kernel
commit ca0a53dcec94 ("Merge branch 'net-hw-counters-for-soft-devices'").
At the same time, RTM_GETSTATS has been around for a while. The users of
this API are spread in a couple different places: "ip link xstats" reads
stats from the IFLA_STATS_LINK_XSTATS and _XSTATS_SLAVE subgroups, "ip
link afstats" then reads IFLA_STATS_AF_SPEC.
Finally, to read IFLA_STATS_LINK_OFFLOAD_XSTATS, one would use ifstats.
This does not seem to be a good fit for IFLA_OFFLOAD_XSTATS_HW_S_INFO in
particular.
The obvious place to expose all these offload stats suites would be
under a new link subcommand "ip link offload_xstats", or similar, which
would then have syntax for both showing stats and setting them.
However, this looks like a good opportunity to introduce a new top-level
command, "ip stats", that would be the go-to place to access anything
backed by RTM_GETSTATS and RTM_SETSTATS.
This patchset therefore does the following:
- It adds the new "stats" infrastructure
- It adds specifically the ability to toggle and show the suites that
were recently added to Linux, IFLA_OFFLOAD_XSTATS_HW_S_INFO and
IFLA_OFFLOAD_XSTATS_L3_STATS.
- It adds support to dump IFLA_OFFLOAD_XSTATS_CPU_HIT, which was not
available under "ip" at all.
- Does all this in a way that is easy to extend for new stats suites.
The patchset proceeds as follows:
- Patches #1 and #2 lay some groundwork and tweak existing code.
- Patch #3 adds the shell of the new "ip stats" command.
- Patch #4 adds "ip stats set" and the ability to toggle l3_stats in
particular.
- Patch #5 adds "ip stats show", but no actual stats suites.
- Patches #6-#9 add support for showing individual stats suites:
respectively, IFLA_STATS_LINK_64, IFLA_OFFLOAD_XSTATS_CPU_HIT,
IFLA_OFFLOAD_XSTATS_HW_S_INFO and IFLA_OFFLOAD_XSTATS_L3_STATS.
- Patch #10 adds support for monitoring stats events to "ip monitor".
- Patch #11 adds man page verbiage for the above.
The plan is to contribute support for afstats and xstats in a follow-up
patch set.
Petr Machata [Fri, 22 Apr 2022 08:30:58 +0000 (10:30 +0200)]
ipstats: Add offload subgroup "l3_stats"
Add into the group "offload" a subgroup "l3_stats" for showing
L3 statistics.
For example:
# ip stats show dev swp2.200 group offload subgroup l3_stats
4212: swp2.200: group offload subgroup l3_stats on used on
RX: bytes packets errors dropped mcast
1920 21 1 0 0
TX: bytes packets errors dropped
756 9 0 0
Petr Machata [Fri, 22 Apr 2022 08:30:57 +0000 (10:30 +0200)]
ipstats: Add offload subgroup "hw_stats_info"
Add into the group "offload" a subgroup "hw_stats_info" for showing
information about HW statistics counters.
For example:
# ip stats show dev swp1 group offload subgroup hw_stats_info
4178: swp1: group offload subgroup hw_stats_info
l3_stats on used off
# ip -j stats show dev swp1 group offload subgroup hw_stats_info | jq
[
{
"ifindex": 4178,
"ifname": "swp1",
"group": "offload",
"subgroup": "hw_stats_info",
"info": {
"l3_stats": {
"request": true,
"used": false
}
}
}
]
Signed-off-by: Petr Machata <petrm@nvidia.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Petr Machata [Fri, 22 Apr 2022 08:30:56 +0000 (10:30 +0200)]
ipstats: Add a group "offload", subgroup "cpu_hit"
Add a new group, "offload", for showing counters from the
IFLA_STATS_LINK_OFFLOAD_XSTATS nest, and a subgroup "cpu_hit" for the
IFLA_OFFLOAD_XSTATS_CPU_HIT stats suite.
For example:
# ip stats show dev swp1 group offload subgroup cpu_hit
4178: swp1: group offload subgroup cpu_hit
RX: bytes packets errors dropped missed mcast
45522 353 0 0 0 0
TX: bytes packets errors dropped carrier collsns
46054 355 0 0 0 0
Petr Machata [Fri, 22 Apr 2022 08:30:52 +0000 (10:30 +0200)]
ip: Add a new family of commands, "stats"
Add a core of a new frontend tool for interfacing with the RTM_*STATS
family of messages. The following patches will add subcommands for showing
and setting individual statistics suites.
Note that in this patch, "ip stats" is made to be an invalid command line.
This will be changed in later patches to default to "show" when that is
introduced.
Signed-off-by: Petr Machata <petrm@nvidia.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Petr Machata [Fri, 22 Apr 2022 08:30:51 +0000 (10:30 +0200)]
ip: Publish functions for stats formatting
Formatting struct rtnl_link_stats64 will be useful outside of iplink.c as
well. Extract from __print_link_stats() a new function, print_stats64(),
make it non-static and publish in the header file.
Additionally, publish the helper size_columns(), which will be useful for
formatting the new struct rtnl_hw_stats64.
Signed-off-by: Petr Machata <petrm@nvidia.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Petr Machata [Fri, 22 Apr 2022 08:30:50 +0000 (10:30 +0200)]
libnetlink: Add filtering to rtnl_statsdump_req_filter()
A number of functions in the rtnl_*_req family accept a caller-provided
callback to set up arbitrary filtering. rtnl_statsdump_req_filter()
currently only allows setting a field in the IFSM header, not custom
attributes. So far these were not necessary, but with introduction of more
detailed filtering settings, the callback becomes necessary.
To that end, add a filter_fn and filter_data arguments to the function.
Unlike the other filters, this one is typed to expect an IFSM pointer, to
permit tweaking the header itself as well.
Pass NULLs in the existing callers.
Signed-off-by: Petr Machata <petrm@nvidia.com> Reviewed-by: Ido Schimmel <idosch@nvidia.com> Signed-off-by: David Ahern <dsahern@kernel.org>
devlink: introduce -[he]x cmdline option to allow dumping numbers in hex format
For health reporter dumps it is quite convenient to have the numbers in
hexadecimal format. Introduce a command line option to allow user to
achieve that output.
Signed-off-by: Jiri Pirko <jiri@nvidia.com> Signed-off-by: David Ahern <dsahern@kernel.org>
devlink: fix "devlink health dump" command without arg
Fix bug when user calls "devlink health dump" without "show" or "clear":
$ devlink health dump
Command "(null)" not found
Put the dump command into a separate helper as it is usual in the rest
of the code. Also, treat no cmd as "show", as it is common for other
devlink objects.
Fixes: 041e6e651a8e ("devlink: Add devlink health dump show command") Signed-off-by: Jiri Pirko <jiri@nvidia.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
"This manual page uses the \' groff sequence. Usually, the intent to
generate an apostrophe, but that sequence actually renders as an acute
accent.
For an apostrophe or a single closing quote, use plain '. For single
opening quote, i.e. a straight downward line ' like the one used in
shell commands, use '\(aq'."
David Ahern [Thu, 24 Mar 2022 03:27:39 +0000 (21:27 -0600)]
Merge branch 'ss-rpcinfo' into next
Andrea Claudi says:
====================
ss uses rpcinfo to get info about rpc service sockets. However, rpcinfo
is not part of iproute2 and it's an implicit dependency for ss.
This series uses libtirpc[1] API to implement the same feature of
rpcinfo for ss. This makes it possible to get info about rpc sockets,
provided ss is compiled with libtirpc support.
As a nice byproduct, this makes ss provide info about some ipv6 rpc
sockets that are not displayed using 'rpcinfo -p'.
- patch 1 adds a configure function to check for libtirpc;
- patch 2 actually rework ss to use libtirpc.
Andrea Claudi [Wed, 16 Mar 2022 18:52:14 +0000 (19:52 +0100)]
ss: remove an implicit dependency on rpcinfo
ss uses rpcinfo to get info about rpc services socket. This makes it
dependent on a tool not included in iproute2, and makes it impossible to
get info on rpc sockets if rpcinfo is not installed.
This reworks init_service_resolver() to use libtirpc, thus avoiding the
implicity dependency on rpcinfo. Moreover, this also makes it possible
to display info about ipv6 rpc socket that are not included in the
rpcinfo -p output.
For example, before this patch:
$ ss -rtap
LISTEN 0 5 localhost:ipp [::]:* users:(("cupsd",pid=1600,fd=9))
LISTEN 0 64 [::]:34265 [::]:*
LISTEN 0 64 [::]:rpc.nfs_acl [::]:*
LISTEN 0 128 [::]:42253 [::]:* users:(("rpc.statd",pid=146164,fd=12))
After this patch:
$ ss -rtap
LISTEN 0 5 localhost:ipp [::]:* users:(("cupsd",pid=1600,fd=9))
LISTEN 0 64 [::]:rpc.nlockmgr [::]:*
LISTEN 0 64 [::]:rpc.nfs_acl [::]:*
LISTEN 0 128 [::]:rpc.status [::]:* users:(("rpc.statd",pid=146164,fd=12))
Signed-off-by: Andrea Claudi <aclaudi@redhat.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Andrea Claudi [Wed, 16 Mar 2022 18:52:13 +0000 (19:52 +0100)]
configure: add check_libtirpc()
This patch adds a configure function to check if libtirpc is installed
on the build system. If this is the case, it makes iproute2 to compile
with libtirpc support.
Signed-off-by: Andrea Claudi <aclaudi@redhat.com> Signed-off-by: David Ahern <dsahern@kernel.org>
David Ahern [Sun, 20 Mar 2022 23:48:43 +0000 (17:48 -0600)]
Merge branch 'gtp-netdev' into next
Wojciech Drewek says:
====================
This patch series introduces GTP support to iproute2. Since this patch
series it is possible to create net devices of GTP type. Then, those
devices can be used in tc in order to offload GTP packets. New field
in tc flower (gtp_opts) can be used to match on QFI and PDU type.
Wojciech Drewek [Thu, 17 Mar 2022 16:27:55 +0000 (17:27 +0100)]
f_flower: Implement gtp options support
Add support for parsing TCA_FLOWER_KEY_ENC_OPTS_GTP.
Options are as follows: PDU_TYPE:QFI where each
option is represented as 8-bit hexadecimal value.
e.g.
# ip link add gtp_dev type gtp role sgsn
# tc qdisc add dev gtp_dev ingress
# tc filter add dev gtp_dev protocol ip parent ffff: \
flower \
enc_key_id 11 \
gtp_opts 1:8/ff:ff \
action mirred egress redirect dev eth0
Signed-off-by: Wojciech Drewek <wojciech.drewek@intel.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Wojciech Drewek [Thu, 17 Mar 2022 16:27:54 +0000 (17:27 +0100)]
ip: GTP support in ip link
Support for creating GTP devices through ip link. Two arguments
can be specified by the user when adding device of the GTP type.
- role (sgsn or ggsn) - indicates whether we are on the GGSN or SGSN
- hsize - indicates the size of the hash table where PDP sessions
are stored
IFLA_GTP_FD0 and IFLA_GTP_FD1 arguments would not be provided. Those
are file descriptores to the sockets created in the userspace. Since
we are not going to create sockets in ip link, we don't have to
provide them.
Signed-off-by: Wojciech Drewek <wojciech.drewek@intel.com> Reviewed-by: Harald Welte <laforge@gnumonks.org> Signed-off-by: David Ahern <dsahern@kernel.org>
Joachim Wiberg [Wed, 16 Mar 2022 09:02:56 +0000 (10:02 +0100)]
bridge: support for controlling mcast_router per port
The bridge vlan command supports setting mcast_router per-port and
per-vlan, what's however missing is the ability to set the per-port
mcast_router options, e.g. when VLAN filtering is disabled.
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
Antony Antony [Wed, 9 Mar 2022 20:52:58 +0000 (21:52 +0100)]
testsuite: link xfrm delete no if_id test
Since kernel commit 8dce43919566 ("xfrm: interface with if_id 0 should return error")
if_id should be non zero.
Delete the test without if_id, which defaulted if_id to zero.
Reported-by: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: Antony Antony <antony.antony@secunet.com> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Eli Cohen [Sun, 13 Mar 2022 17:12:19 +0000 (19:12 +0200)]
vdpa: Support reading device features
When showing the available management devices, check if
VDPA_ATTR_DEV_SUPPORTED_FEATURES feature is available and print the
supported features for a management device.
Examples:
$ vdpa mgmtdev show
auxiliary/mlx5_core.sf.1:
supported_classes net
max_supported_vqs 257
dev_features CSUM GUEST_CSUM MTU HOST_TSO4 HOST_TSO6 STATUS CTRL_VQ MQ \
CTRL_MAC_ADDR VERSION_1 ACCESS_PLATFORM
Reviewed-by: Si-Wei Liu <si-wei.liu@oracle.com> Acked-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Eli Cohen <elic@nvidia.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Eli Cohen [Sun, 13 Mar 2022 17:12:18 +0000 (19:12 +0200)]
vdpa: Support for configuring max VQ pairs for a device
Use VDPA_ATTR_DEV_MGMTDEV_MAX_VQS to specify max number of virtqueue
pairs to configure for a vdpa device when adding a device.
Examples:
1. Create a device with 3 virtqueue pairs:
$ vdpa dev add name vdpa-a mgmtdev auxiliary/mlx5_core.sf.1 max_vqp 3
2. Read the configuration of a vdpa device
$ vdpa dev config show vdpa-a
vdpa-a: mac 00:00:00:00:88:88 link up link_announce false max_vq_pairs 3 \
mtu 1500
negotiated_features CSUM GUEST_CSUM MTU MAC HOST_TSO4 HOST_TSO6 STATUS \
CTRL_VQ MQ CTRL_MAC_ADDR VERSION_1 ACCESS_PLATFORM
Reviewed-by: Si-Wei Liu <si-wei.liu@oracle.com> Acked-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Eli Cohen <elic@nvidia.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Eli Cohen [Sun, 13 Mar 2022 17:12:17 +0000 (19:12 +0200)]
vdpa: Allow for printing negotiated features of a device
When reading the configuration of a vdpa device, check if the
VDPA_ATTR_DEV_NEGOTIATED_FEATURES is available. If it is, parse the
feature bits and print a string representation of each of the feature
bits.
We keep the strings in two different arrays. One for net device related
devices and one for generic feature bits.
In this patch we parse only net device specific features. Support for
other devices can be added later. If the device queried is not a net
device, we print its bit number only.
Examples:
1. Standard presentation
$ vdpa dev config show vdpa-a
vdpa-a: mac 00:00:00:00:88:88 link up link_announce false max_vq_pairs 2 mtu 9000
negotiated_features CSUM GUEST_CSUM MTU MAC HOST_TSO4 HOST_TSO6 STATUS \
CTRL_VQ MQ CTRL_MAC_ADDR VERSION_1 ACCESS_PLATFORM
2. json output
$ vdpa -j dev config show vdpa-a
{"config":{"vdpa-a":{"mac":"00:00:00:00:88:88","link":"up","link_announce":false,\
"max_vq_pairs":2,"mtu":9000,"negotiated_features":["CSUM","GUEST_CSUM",\
"MTU","MAC","HOST_TSO4","HOST_TSO6","STATUS","CTRL_VQ","MQ","CTRL_MAC_ADDR",\
"VERSION_1","ACCESS_PLATFORM"]}}}
Reviewed-by: Si-Wei Liu<si-wei.liu@oracle.com> Acked-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Eli Cohen <elic@nvidia.com> Signed-off-by: David Ahern <dsahern@kernel.org>
Eli Cohen [Sun, 13 Mar 2022 17:12:16 +0000 (19:12 +0200)]
vdpa: Remove unsupported command line option
"-v[erbose]" option is not supported.
Remove it.
Reviewed-by: Parav Pandit <parav@nvidia.com> Reviewed-by: Jianbo Liu <jianbol@mellanox.com> Reviewed-by: Si-Wei Liu <si-wei.liu@oracle.com> Acked-by: Jason Wang <jasowang@redhat.com> Signed-off-by: Eli Cohen <elic@nvidia.com> Signed-off-by: David Ahern <dsahern@kernel.org>
projects / thirdparty / iproute2.git / log
