lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20210825090418.57fd7d2f@kicinski-fedora-pc1c0hjn.dhcp.thefacebook.com>
Date:   Wed, 25 Aug 2021 09:04:18 -0700
From:   Jakub Kicinski <kuba@...nel.org>
To:     Eric Dumazet <edumazet@...gle.com>
Cc:     Zhongya Yan <yan2228598786@...il.com>,
        netdev <netdev@...r.kernel.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Steven Rostedt <rostedt@...dmis.org>,
        Ingo Molnar <mingo@...hat.com>,
        David Miller <davem@...emloft.net>,
        Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
        David Ahern <dsahern@...nel.org>, hengqi.chen@...il.com,
        Yonghong Song <yhs@...com>, ntspring@...com
Subject: Re: [PATCH] net: tcp_drop adds `reason` parameter for tracing v2

On Wed, 25 Aug 2021 08:47:46 -0700 Eric Dumazet wrote:
> On Wed, Aug 25, 2021 at 8:41 AM Zhongya Yan <yan2228598786@...il.com> wrote:
> > @@ -5703,15 +5700,15 @@ static bool tcp_validate_incoming(struct sock *sk, struct sk_buff *skb,
> >                         TCP_INC_STATS(sock_net(sk), TCP_MIB_INERRS);
> >                 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPSYNCHALLENGE);
> >                 tcp_send_challenge_ack(sk, skb);
> > -               goto discard;
> > +               tcp_drop(sk, skb, TCP_DROP_MASK(__LINE__, TCP_VALIDATE_INCOMING));  
> 
> I'd rather use a string. So that we can more easily identify _why_ the
> packet was drop, without looking at the source code
> of the exact kernel version to locate line number 1057

Yeah, the line number seems like a particularly bad idea. Hopefully
strings won't be problematic, given we can expect most serious users 
to feed the tracepoints via BPF. enum would be more convenient there,
I'd think.

> You can be sure that we will get reports in the future from users of
> heavily modified kernels.
> Having to download a git tree, or apply semi-private patches is a no go.

I'm slightly surprised by this angle. Are there downstream kernels with
heavily modified TCP other than Google's?

> If you really want to include __FILE__ and __LINE__, these both can be
> stringified and included in the report, with the help of macros.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ