| Message ID | 20200804160908.46193-1-izabela.bakollari@gmail.com |
|---|---|
| State | Changes Requested |
| Delegated to: | David Miller |
| Headers | show |
| Series | [PATCHv2,net-next] dropwatch: Support monitoring of dropped frames | expand |
On Tue, Aug 4, 2020 at 9:14 AM <izabela.bakollari@gmail.com> wrote: > > From: Izabela Bakollari <izabela.bakollari@gmail.com> > > Dropwatch is a utility that monitors dropped frames by having userspace > record them over the dropwatch protocol over a file. This augument > allows live monitoring of dropped frames using tools like tcpdump. > > With this feature, dropwatch allows two additional commands (start and > stop interface) which allows the assignment of a net_device to the > dropwatch protocol. When assinged, dropwatch will clone dropped frames, > and receive them on the assigned interface, allowing tools like tcpdump > to monitor for them. > > With this feature, create a dummy ethernet interface (ip link add dev > dummy0 type dummy), assign it to the dropwatch kernel subsystem, by using > these new commands, and then monitor dropped frames in real time by > running tcpdump -i dummy0. drop monitor is already able to send dropped packets to user-space, and wireshark already catches up with this feature: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=a94a860c0644ec3b8a129fd243674a2e376ce1c8 So what you propose here seems pretty much a duplicate? Thanks.
On Tue, Aug 04, 2020 at 02:28:28PM -0700, Cong Wang wrote: > On Tue, Aug 4, 2020 at 9:14 AM <izabela.bakollari@gmail.com> wrote: > > > > From: Izabela Bakollari <izabela.bakollari@gmail.com> > > > > Dropwatch is a utility that monitors dropped frames by having userspace > > record them over the dropwatch protocol over a file. This augument > > allows live monitoring of dropped frames using tools like tcpdump. > > > > With this feature, dropwatch allows two additional commands (start and > > stop interface) which allows the assignment of a net_device to the > > dropwatch protocol. When assinged, dropwatch will clone dropped frames, > > and receive them on the assigned interface, allowing tools like tcpdump > > to monitor for them. > > > > With this feature, create a dummy ethernet interface (ip link add dev > > dummy0 type dummy), assign it to the dropwatch kernel subsystem, by using > > these new commands, and then monitor dropped frames in real time by > > running tcpdump -i dummy0. > > drop monitor is already able to send dropped packets to user-space, > and wireshark already catches up with this feature: > > https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commitdiff;h=a94a860c0644ec3b8a129fd243674a2e376ce1c8 > > So what you propose here seems pretty much a duplicate? > I had asked Izabela to implement this feature as an alternative approach to doing live capture of dropped packets, as part of the Linux foundation mentorship program. I'm supportive of this additional feature as the added code is fairly minimal, and allows for the use of other user space packet monitoring tools without additional code changes (i.e. tcpdump/snort/etc can now monitor dropped packets without the need to augment those tools with netlink capture code. Best Neil > Thanks. > _______________________________________________ > Linux-kernel-mentees mailing list > Linux-kernel-mentees@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/linux-kernel-mentees >
From: izabela.bakollari@gmail.com Date: Tue, 4 Aug 2020 18:09:08 +0200 > @@ -1315,6 +1334,53 @@ static int net_dm_cmd_trace(struct sk_buff *skb, > return -EOPNOTSUPP; > } > > +static int net_dm_interface_start(struct net *net, const char *ifname) > +{ > + struct net_device *nd = dev_get_by_name(net, ifname); > + > + if (nd) > + interface = nd; > + else > + return -ENODEV; > + > + return 0; > +} > + > +static int net_dm_interface_stop(struct net *net, const char *ifname) > +{ > + dev_put(interface); > + interface = NULL; > + > + return 0; > +} Where is the netdev notifier that will drop this reference if the network device is unregistered?
On Tue, Aug 04, 2020 at 04:14:14PM -0700, David Miller wrote: > From: izabela.bakollari@gmail.com > Date: Tue, 4 Aug 2020 18:09:08 +0200 > > > @@ -1315,6 +1334,53 @@ static int net_dm_cmd_trace(struct sk_buff *skb, > > return -EOPNOTSUPP; > > } > > > > +static int net_dm_interface_start(struct net *net, const char *ifname) > > +{ > > + struct net_device *nd = dev_get_by_name(net, ifname); > > + > > + if (nd) > > + interface = nd; > > + else > > + return -ENODEV; > > + > > + return 0; > > +} > > + > > +static int net_dm_interface_stop(struct net *net, const char *ifname) > > +{ > > + dev_put(interface); > > + interface = NULL; > > + > > + return 0; > > +} > > Where is the netdev notifier that will drop this reference if the network > device is unregistered? > See the changes to dropmon_net_event in the patch. Its there under the case for NETDEV_UNREGISTER Neil
I have worked on this feature as part of the Linux Kernel Mentorship Program. Your review would really help me in this learning process. Thanks, Izabela On Tue, Aug 4, 2020 at 6:09 PM <izabela.bakollari@gmail.com> wrote: > > From: Izabela Bakollari <izabela.bakollari@gmail.com> > > Dropwatch is a utility that monitors dropped frames by having userspace > record them over the dropwatch protocol over a file. This augument > allows live monitoring of dropped frames using tools like tcpdump. > > With this feature, dropwatch allows two additional commands (start and > stop interface) which allows the assignment of a net_device to the > dropwatch protocol. When assinged, dropwatch will clone dropped frames, > and receive them on the assigned interface, allowing tools like tcpdump > to monitor for them. > > With this feature, create a dummy ethernet interface (ip link add dev > dummy0 type dummy), assign it to the dropwatch kernel subsystem, by using > these new commands, and then monitor dropped frames in real time by > running tcpdump -i dummy0. > > Signed-off-by: Izabela Bakollari <izabela.bakollari@gmail.com> > --- > Changes in v2: > - protect the dummy ethernet interface from being changed by another > thread/cpu > --- > include/uapi/linux/net_dropmon.h | 3 ++ > net/core/drop_monitor.c | 84 ++++++++++++++++++++++++++++++++ > 2 files changed, 87 insertions(+) > > diff --git a/include/uapi/linux/net_dropmon.h b/include/uapi/linux/net_dropmon.h > index 67e31f329190..e8e861e03a8a 100644 > --- a/include/uapi/linux/net_dropmon.h > +++ b/include/uapi/linux/net_dropmon.h > @@ -58,6 +58,8 @@ enum { > NET_DM_CMD_CONFIG_NEW, > NET_DM_CMD_STATS_GET, > NET_DM_CMD_STATS_NEW, > + NET_DM_CMD_START_IFC, > + NET_DM_CMD_STOP_IFC, > _NET_DM_CMD_MAX, > }; > > @@ -93,6 +95,7 @@ enum net_dm_attr { > NET_DM_ATTR_SW_DROPS, /* flag */ > NET_DM_ATTR_HW_DROPS, /* flag */ > NET_DM_ATTR_FLOW_ACTION_COOKIE, /* binary */ > + NET_DM_ATTR_IFNAME, /* string */ > > __NET_DM_ATTR_MAX, > NET_DM_ATTR_MAX = __NET_DM_ATTR_MAX - 1 > diff --git a/net/core/drop_monitor.c b/net/core/drop_monitor.c > index 8e33cec9fc4e..781e69876d2f 100644 > --- a/net/core/drop_monitor.c > +++ b/net/core/drop_monitor.c > @@ -30,6 +30,7 @@ > #include <net/genetlink.h> > #include <net/netevent.h> > #include <net/flow_offload.h> > +#include <net/sock.h> > > #include <trace/events/skb.h> > #include <trace/events/napi.h> > @@ -46,6 +47,7 @@ > */ > static int trace_state = TRACE_OFF; > static bool monitor_hw; > +struct net_device *interface; > > /* net_dm_mutex > * > @@ -54,6 +56,8 @@ static bool monitor_hw; > */ > static DEFINE_MUTEX(net_dm_mutex); > > +static DEFINE_SPINLOCK(interface_lock); > + > struct net_dm_stats { > u64 dropped; > struct u64_stats_sync syncp; > @@ -255,6 +259,21 @@ static void trace_drop_common(struct sk_buff *skb, void *location) > > out: > spin_unlock_irqrestore(&data->lock, flags); > + spin_lock_irqsave(&interface_lock, flags); > + if (interface && interface != skb->dev) { > + skb = skb_clone(skb, GFP_ATOMIC); > + if (skb) { > + skb->dev = interface; > + spin_unlock_irqrestore(&interface_lock, flags); > + netif_receive_skb(skb); > + } else { > + spin_unlock_irqrestore(&interface_lock, flags); > + pr_err("dropwatch: Not enough memory to clone dropped skb\n"); > + return; > + } > + } else { > + spin_unlock_irqrestore(&interface_lock, flags); > + } > } > > static void trace_kfree_skb_hit(void *ignore, struct sk_buff *skb, void *location) > @@ -1315,6 +1334,53 @@ static int net_dm_cmd_trace(struct sk_buff *skb, > return -EOPNOTSUPP; > } > > +static int net_dm_interface_start(struct net *net, const char *ifname) > +{ > + struct net_device *nd = dev_get_by_name(net, ifname); > + > + if (nd) > + interface = nd; > + else > + return -ENODEV; > + > + return 0; > +} > + > +static int net_dm_interface_stop(struct net *net, const char *ifname) > +{ > + dev_put(interface); > + interface = NULL; > + > + return 0; > +} > + > +static int net_dm_cmd_ifc_trace(struct sk_buff *skb, struct genl_info *info) > +{ > + struct net *net = sock_net(skb->sk); > + char ifname[IFNAMSIZ]; > + > + if (net_dm_is_monitoring()) > + return -EBUSY; > + > + memset(ifname, 0, IFNAMSIZ); > + nla_strlcpy(ifname, info->attrs[NET_DM_ATTR_IFNAME], IFNAMSIZ - 1); > + > + switch (info->genlhdr->cmd) { > + case NET_DM_CMD_START_IFC: > + if (!interface) > + return net_dm_interface_start(net, ifname); > + else > + return -EBUSY; > + case NET_DM_CMD_STOP_IFC: > + if (interface) > + return net_dm_interface_stop(net, interface->name); > + else > + return -ENODEV; > + } > + > + return 0; > +} > + > static int net_dm_config_fill(struct sk_buff *msg, struct genl_info *info) > { > void *hdr; > @@ -1503,6 +1569,7 @@ static int dropmon_net_event(struct notifier_block *ev_block, > struct net_device *dev = netdev_notifier_info_to_dev(ptr); > struct dm_hw_stat_delta *new_stat = NULL; > struct dm_hw_stat_delta *tmp; > + unsigned long flags; > > switch (event) { > case NETDEV_REGISTER: > @@ -1529,6 +1596,12 @@ static int dropmon_net_event(struct notifier_block *ev_block, > } > } > } > + spin_lock_irqsave(&interface_lock, flags); > + if (interface && interface == dev) { > + dev_put(interface); > + interface = NULL; > + } > + spin_unlock_irqrestore(&interface_lock, flags); > mutex_unlock(&net_dm_mutex); > break; > } > @@ -1543,6 +1616,7 @@ static const struct nla_policy net_dm_nl_policy[NET_DM_ATTR_MAX + 1] = { > [NET_DM_ATTR_QUEUE_LEN] = { .type = NLA_U32 }, > [NET_DM_ATTR_SW_DROPS] = {. type = NLA_FLAG }, > [NET_DM_ATTR_HW_DROPS] = {. type = NLA_FLAG }, > + [NET_DM_ATTR_IFNAME] = {. type = NLA_STRING, .len = IFNAMSIZ }, > }; > > static const struct genl_ops dropmon_ops[] = { > @@ -1570,6 +1644,16 @@ static const struct genl_ops dropmon_ops[] = { > .cmd = NET_DM_CMD_STATS_GET, > .doit = net_dm_cmd_stats_get, > }, > + { > + .cmd = NET_DM_CMD_START_IFC, > + .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, > + .doit = net_dm_cmd_ifc_trace, > + }, > + { > + .cmd = NET_DM_CMD_STOP_IFC, > + .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, > + .doit = net_dm_cmd_ifc_trace, > + }, > }; > > static int net_dm_nl_pre_doit(const struct genl_ops *ops, > -- > 2.18.4 >
On Mon, Aug 10, 2020 at 03:39:40PM +0200, Izabela Bakollari wrote: > I have worked on this feature as part of the Linux Kernel Mentorship > Program. Your review would really help me in this learning process. You sent this just a bit less than 1 week ago, and it's the middle of the kernel merge window, where no maintainer can take any new patches that are not bugfixes, and they are totally busy with the merge window issues. Give people a chance, try resending this after the net-next tree is open in a few weeks. thanks, greg k-h
Dne 04. 08. 20 v 18:09 izabela.bakollari@gmail.com napsala: > From: Izabela Bakollari <izabela.bakollari@gmail.com> > > Dropwatch is a utility that monitors dropped frames by having userspace > record them over the dropwatch protocol over a file. This augument > allows live monitoring of dropped frames using tools like tcpdump. > > With this feature, dropwatch allows two additional commands (start and > stop interface) which allows the assignment of a net_device to the > dropwatch protocol. When assinged, dropwatch will clone dropped frames, > and receive them on the assigned interface, allowing tools like tcpdump > to monitor for them. > > With this feature, create a dummy ethernet interface (ip link add dev > dummy0 type dummy), assign it to the dropwatch kernel subsystem, by using > these new commands, and then monitor dropped frames in real time by > running tcpdump -i dummy0. > > Signed-off-by: Izabela Bakollari <izabela.bakollari@gmail.com> > --- > Changes in v2: > - protect the dummy ethernet interface from being changed by another > thread/cpu > --- > include/uapi/linux/net_dropmon.h | 3 ++ > net/core/drop_monitor.c | 84 ++++++++++++++++++++++++++++++++ > 2 files changed, 87 insertions(+) [...] > @@ -255,6 +259,21 @@ static void trace_drop_common(struct sk_buff *skb, void *location) > > out: > spin_unlock_irqrestore(&data->lock, flags); > + spin_lock_irqsave(&interface_lock, flags); > + if (interface && interface != skb->dev) { > + skb = skb_clone(skb, GFP_ATOMIC); I suggest naming the cloned skb "nskb". Less potential for confusion that way. > + if (skb) { > + skb->dev = interface; > + spin_unlock_irqrestore(&interface_lock, flags); > + netif_receive_skb(skb); > + } else { > + spin_unlock_irqrestore(&interface_lock, flags); > + pr_err("dropwatch: Not enough memory to clone dropped skb\n"); Maybe avoid logging the error here. In NET_DM_ALERT_MODE_PACKET mode, drop monitor does not log about the skb_clone() failure either. We don't want to open the possibility to flood the logs in case this somehow gets triggered by every packet. A coding style suggestion - can you rearrange it so that the error path code is spelled out first? Then the regular path does not have to be indented further: nskb = skb_clone(skb, GFP_ATOMIC); if (!nskb) { spin_unlock_irqrestore(&interface_lock, flags); return; } /* ... implicit else ... Proceed normally ... */ > + return; > + } > + } else { > + spin_unlock_irqrestore(&interface_lock, flags); > + } > } > > static void trace_kfree_skb_hit(void *ignore, struct sk_buff *skb, void *location) > @@ -1315,6 +1334,53 @@ static int net_dm_cmd_trace(struct sk_buff *skb, > return -EOPNOTSUPP; > } > > +static int net_dm_interface_start(struct net *net, const char *ifname) > +{ > + struct net_device *nd = dev_get_by_name(net, ifname); > + > + if (nd) > + interface = nd; > + else > + return -ENODEV; > + > + return 0; Similarly here, consider: if (!nd) return -ENODEV; interface = nd; return 0; But maybe I'm nitpicking ... > +} > + > +static int net_dm_interface_stop(struct net *net, const char *ifname) > +{ > + dev_put(interface); > + interface = NULL; > + > + return 0; > +} > + > +static int net_dm_cmd_ifc_trace(struct sk_buff *skb, struct genl_info *info) > +{ > + struct net *net = sock_net(skb->sk); > + char ifname[IFNAMSIZ]; > + > + if (net_dm_is_monitoring()) > + return -EBUSY; > + > + memset(ifname, 0, IFNAMSIZ); > + nla_strlcpy(ifname, info->attrs[NET_DM_ATTR_IFNAME], IFNAMSIZ - 1); > + > + switch (info->genlhdr->cmd) { > + case NET_DM_CMD_START_IFC: > + if (!interface) > + return net_dm_interface_start(net, ifname); > + else > + return -EBUSY; > + case NET_DM_CMD_STOP_IFC: > + if (interface) > + return net_dm_interface_stop(net, interface->name); > + else > + return -ENODEV; ... and here too. Best regards, Michal
Thank you for your review. I am working on a patch v3 and will apply your suggestions where possible. Best, Izabela On Mon, Aug 31, 2020 at 3:18 PM Michal Schmidt <mschmidt@redhat.com> wrote: > > Dne 04. 08. 20 v 18:09 izabela.bakollari@gmail.com napsala: > > From: Izabela Bakollari <izabela.bakollari@gmail.com> > > > > Dropwatch is a utility that monitors dropped frames by having userspace > > record them over the dropwatch protocol over a file. This augument > > allows live monitoring of dropped frames using tools like tcpdump. > > > > With this feature, dropwatch allows two additional commands (start and > > stop interface) which allows the assignment of a net_device to the > > dropwatch protocol. When assinged, dropwatch will clone dropped frames, > > and receive them on the assigned interface, allowing tools like tcpdump > > to monitor for them. > > > > With this feature, create a dummy ethernet interface (ip link add dev > > dummy0 type dummy), assign it to the dropwatch kernel subsystem, by using > > these new commands, and then monitor dropped frames in real time by > > running tcpdump -i dummy0. > > > > Signed-off-by: Izabela Bakollari <izabela.bakollari@gmail.com> > > --- > > Changes in v2: > > - protect the dummy ethernet interface from being changed by another > > thread/cpu > > --- > > include/uapi/linux/net_dropmon.h | 3 ++ > > net/core/drop_monitor.c | 84 ++++++++++++++++++++++++++++++++ > > 2 files changed, 87 insertions(+) > [...] > > @@ -255,6 +259,21 @@ static void trace_drop_common(struct sk_buff *skb, void *location) > > > > out: > > spin_unlock_irqrestore(&data->lock, flags); > > + spin_lock_irqsave(&interface_lock, flags); > > + if (interface && interface != skb->dev) { > > + skb = skb_clone(skb, GFP_ATOMIC); > > I suggest naming the cloned skb "nskb". Less potential for confusion > that way. > > > + if (skb) { > > + skb->dev = interface; > > + spin_unlock_irqrestore(&interface_lock, flags); > > + netif_receive_skb(skb); > > + } else { > > + spin_unlock_irqrestore(&interface_lock, flags); > > + pr_err("dropwatch: Not enough memory to clone dropped skb\n"); > > Maybe avoid logging the error here. In NET_DM_ALERT_MODE_PACKET mode, > drop monitor does not log about the skb_clone() failure either. > We don't want to open the possibility to flood the logs in case this > somehow gets triggered by every packet. > > A coding style suggestion - can you rearrange it so that the error path > code is spelled out first? Then the regular path does not have to be > indented further: > > nskb = skb_clone(skb, GFP_ATOMIC); > if (!nskb) { > spin_unlock_irqrestore(&interface_lock, flags); > return; > } > > /* ... implicit else ... Proceed normally ... */ > > > + return; > > + } > > + } else { > > + spin_unlock_irqrestore(&interface_lock, flags); > > + } > > } > > > > static void trace_kfree_skb_hit(void *ignore, struct sk_buff *skb, void *location) > > @@ -1315,6 +1334,53 @@ static int net_dm_cmd_trace(struct sk_buff *skb, > > return -EOPNOTSUPP; > > } > > > > +static int net_dm_interface_start(struct net *net, const char *ifname) > > +{ > > + struct net_device *nd = dev_get_by_name(net, ifname); > > + > > + if (nd) > > + interface = nd; > > + else > > + return -ENODEV; > > + > > + return 0; > > Similarly here, consider: > > if (!nd) > return -ENODEV; > > interface = nd; > return 0; > > But maybe I'm nitpicking ... > > > +} > > + > > +static int net_dm_interface_stop(struct net *net, const char *ifname) > > +{ > > + dev_put(interface); > > + interface = NULL; > > + > > + return 0; > > +} > > + > > +static int net_dm_cmd_ifc_trace(struct sk_buff *skb, struct genl_info *info) > > +{ > > + struct net *net = sock_net(skb->sk); > > + char ifname[IFNAMSIZ]; > > + > > + if (net_dm_is_monitoring()) > > + return -EBUSY; > > + > > + memset(ifname, 0, IFNAMSIZ); > > + nla_strlcpy(ifname, info->attrs[NET_DM_ATTR_IFNAME], IFNAMSIZ - 1); > > + > > + switch (info->genlhdr->cmd) { > > + case NET_DM_CMD_START_IFC: > > + if (!interface) > > + return net_dm_interface_start(net, ifname); > > + else > > + return -EBUSY; > > + case NET_DM_CMD_STOP_IFC: > > + if (interface) > > + return net_dm_interface_stop(net, interface->name); > > + else > > + return -ENODEV; > > ... and here too. > > Best regards, > Michal >
diff --git a/include/uapi/linux/net_dropmon.h b/include/uapi/linux/net_dropmon.h index 67e31f329190..e8e861e03a8a 100644 --- a/include/uapi/linux/net_dropmon.h +++ b/include/uapi/linux/net_dropmon.h @@ -58,6 +58,8 @@ enum { NET_DM_CMD_CONFIG_NEW, NET_DM_CMD_STATS_GET, NET_DM_CMD_STATS_NEW, + NET_DM_CMD_START_IFC, + NET_DM_CMD_STOP_IFC, _NET_DM_CMD_MAX, }; @@ -93,6 +95,7 @@ enum net_dm_attr { NET_DM_ATTR_SW_DROPS, /* flag */ NET_DM_ATTR_HW_DROPS, /* flag */ NET_DM_ATTR_FLOW_ACTION_COOKIE, /* binary */ + NET_DM_ATTR_IFNAME, /* string */ __NET_DM_ATTR_MAX, NET_DM_ATTR_MAX = __NET_DM_ATTR_MAX - 1 diff --git a/net/core/drop_monitor.c b/net/core/drop_monitor.c index 8e33cec9fc4e..781e69876d2f 100644 --- a/net/core/drop_monitor.c +++ b/net/core/drop_monitor.c @@ -30,6 +30,7 @@ #include <net/genetlink.h> #include <net/netevent.h> #include <net/flow_offload.h> +#include <net/sock.h> #include <trace/events/skb.h> #include <trace/events/napi.h> @@ -46,6 +47,7 @@ */ static int trace_state = TRACE_OFF; static bool monitor_hw; +struct net_device *interface; /* net_dm_mutex * @@ -54,6 +56,8 @@ static bool monitor_hw; */ static DEFINE_MUTEX(net_dm_mutex); +static DEFINE_SPINLOCK(interface_lock); + struct net_dm_stats { u64 dropped; struct u64_stats_sync syncp; @@ -255,6 +259,21 @@ static void trace_drop_common(struct sk_buff *skb, void *location) out: spin_unlock_irqrestore(&data->lock, flags); + spin_lock_irqsave(&interface_lock, flags); + if (interface && interface != skb->dev) { + skb = skb_clone(skb, GFP_ATOMIC); + if (skb) { + skb->dev = interface; + spin_unlock_irqrestore(&interface_lock, flags); + netif_receive_skb(skb); + } else { + spin_unlock_irqrestore(&interface_lock, flags); + pr_err("dropwatch: Not enough memory to clone dropped skb\n"); + return; + } + } else { + spin_unlock_irqrestore(&interface_lock, flags); + } } static void trace_kfree_skb_hit(void *ignore, struct sk_buff *skb, void *location) @@ -1315,6 +1334,53 @@ static int net_dm_cmd_trace(struct sk_buff *skb, return -EOPNOTSUPP; } +static int net_dm_interface_start(struct net *net, const char *ifname) +{ + struct net_device *nd = dev_get_by_name(net, ifname); + + if (nd) + interface = nd; + else + return -ENODEV; + + return 0; +} + +static int net_dm_interface_stop(struct net *net, const char *ifname) +{ + dev_put(interface); + interface = NULL; + + return 0; +} + +static int net_dm_cmd_ifc_trace(struct sk_buff *skb, struct genl_info *info) +{ + struct net *net = sock_net(skb->sk); + char ifname[IFNAMSIZ]; + + if (net_dm_is_monitoring()) + return -EBUSY; + + memset(ifname, 0, IFNAMSIZ); + nla_strlcpy(ifname, info->attrs[NET_DM_ATTR_IFNAME], IFNAMSIZ - 1); + + switch (info->genlhdr->cmd) { + case NET_DM_CMD_START_IFC: + if (!interface) + return net_dm_interface_start(net, ifname); + else + return -EBUSY; + case NET_DM_CMD_STOP_IFC: + if (interface) + return net_dm_interface_stop(net, interface->name); + else + return -ENODEV; + } + + return 0; +} + static int net_dm_config_fill(struct sk_buff *msg, struct genl_info *info) { void *hdr; @@ -1503,6 +1569,7 @@ static int dropmon_net_event(struct notifier_block *ev_block, struct net_device *dev = netdev_notifier_info_to_dev(ptr); struct dm_hw_stat_delta *new_stat = NULL; struct dm_hw_stat_delta *tmp; + unsigned long flags; switch (event) { case NETDEV_REGISTER: @@ -1529,6 +1596,12 @@ static int dropmon_net_event(struct notifier_block *ev_block, } } } + spin_lock_irqsave(&interface_lock, flags); + if (interface && interface == dev) { + dev_put(interface); + interface = NULL; + } + spin_unlock_irqrestore(&interface_lock, flags); mutex_unlock(&net_dm_mutex); break; } @@ -1543,6 +1616,7 @@ static const struct nla_policy net_dm_nl_policy[NET_DM_ATTR_MAX + 1] = { [NET_DM_ATTR_QUEUE_LEN] = { .type = NLA_U32 }, [NET_DM_ATTR_SW_DROPS] = {. type = NLA_FLAG }, [NET_DM_ATTR_HW_DROPS] = {. type = NLA_FLAG }, + [NET_DM_ATTR_IFNAME] = {. type = NLA_STRING, .len = IFNAMSIZ }, }; static const struct genl_ops dropmon_ops[] = { @@ -1570,6 +1644,16 @@ static const struct genl_ops dropmon_ops[] = { .cmd = NET_DM_CMD_STATS_GET, .doit = net_dm_cmd_stats_get, }, + { + .cmd = NET_DM_CMD_START_IFC, + .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, + .doit = net_dm_cmd_ifc_trace, + }, + { + .cmd = NET_DM_CMD_STOP_IFC, + .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP, + .doit = net_dm_cmd_ifc_trace, + }, }; static int net_dm_nl_pre_doit(const struct genl_ops *ops,