lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Ygr4e/9zLkZ45YWe@pop-os.localdomain>
Date:   Mon, 14 Feb 2022 16:48:59 -0800
From:   Cong Wang <xiyou.wangcong@...il.com>
To:     Ido Schimmel <idosch@...sch.org>
Cc:     David Ahern <dsahern@...il.com>, menglong8.dong@...il.com,
        kuba@...nel.org, nhorman@...driver.com, davem@...emloft.net,
        netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
        dsahern@...nel.org, rostedt@...dmis.org,
        Menglong Dong <imagedong@...cent.com>
Subject: Re: [PATCH v3 net-next] net: drop_monitor: support drop reason

On Thu, Jan 27, 2022 at 06:02:56PM +0200, Ido Schimmel wrote:
> On Thu, Jan 27, 2022 at 08:53:04AM -0700, David Ahern wrote:
> > On 1/26/22 8:33 PM, menglong8.dong@...il.com wrote:
> > > From: Menglong Dong <imagedong@...cent.com>
> > > 
> > > In the commit c504e5c2f964 ("net: skb: introduce kfree_skb_reason()")
> > > drop reason is introduced to the tracepoint of kfree_skb. Therefore,
> > > drop_monitor is able to report the drop reason to users by netlink.
> > > 
> > > For now, the number of drop reason is passed to users ( seems it's
> > > a little troublesome to pass the drop reason as string ). Therefore,
> > > users can do some customized description of the reason.
> > > 
> > > Signed-off-by: Menglong Dong <imagedong@...cent.com>
> > > ---
> > > v3:
> > > - referring to cb->reason and cb->pc directly in
> > >   net_dm_packet_report_fill()
> > > 
> > > v2:
> > > - get a pointer to struct net_dm_skb_cb instead of local var for
> > >   each field
> > > ---
> > >  include/uapi/linux/net_dropmon.h |  1 +
> > >  net/core/drop_monitor.c          | 16 ++++++++++++----
> > >  2 files changed, 13 insertions(+), 4 deletions(-)
> > > 
> > > diff --git a/include/uapi/linux/net_dropmon.h b/include/uapi/linux/net_dropmon.h
> > > index 66048cc5d7b3..b2815166dbc2 100644
> > > --- a/include/uapi/linux/net_dropmon.h
> > > +++ b/include/uapi/linux/net_dropmon.h
> > > @@ -93,6 +93,7 @@ enum net_dm_attr {
> > >  	NET_DM_ATTR_SW_DROPS,			/* flag */
> > >  	NET_DM_ATTR_HW_DROPS,			/* flag */
> > >  	NET_DM_ATTR_FLOW_ACTION_COOKIE,		/* binary */
> > > +	NET_DM_ATTR_REASON,			/* u32 */
> > >  
> > 
> > For userspace to properly convert reason from id to string, enum
> > skb_drop_reason needs to be moved from skbuff.h to a uapi file.
> > include/uapi/linux/net_dropmon.h seems like the best candidate to me.
> > Maybe others have a better idea.
> 
> I think the best option would be to convert it to a string in the kernel

This is a bad idea. Integers are much better as they are more flexible
than strings, for example if your application wants to filter with a
specific reason, a simply integer comparison is much faster than a
string comparison. More importantly, user-space could store the integer
to string mapping by itself, saving strings in kernel is just
unnecessary.

> (or report both). Then you don't need to update user space tools such as
> the Wireshark dissector [1] and DropWatch every time a new reason is
> added.
> 
> [1] https://www.wireshark.org/docs/dfref/n/net_dm.html

I don't understand why this is even an argument, we have tons of
applications need to update to catch up with newer kernel...


Thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ