lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 17 Mar 2022 14:53:49 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     'David Ahern' <dsahern@...nel.org>,
        Jakub Kicinski <kuba@...nel.org>
CC:     "menglong8.dong@...il.com" <menglong8.dong@...il.com>,
        "pabeni@...hat.com" <pabeni@...hat.com>,
        "rostedt@...dmis.org" <rostedt@...dmis.org>,
        "mingo@...hat.com" <mingo@...hat.com>, "xeb@...l.ru" <xeb@...l.ru>,
        "davem@...emloft.net" <davem@...emloft.net>,
        "yoshfuji@...ux-ipv6.org" <yoshfuji@...ux-ipv6.org>,
        "imagedong@...cent.com" <imagedong@...cent.com>,
        "edumazet@...gle.com" <edumazet@...gle.com>,
        "kafai@...com" <kafai@...com>,
        "talalahmad@...gle.com" <talalahmad@...gle.com>,
        "keescook@...omium.org" <keescook@...omium.org>,
        "alobakin@...me" <alobakin@...me>,
        "flyingpeng@...cent.com" <flyingpeng@...cent.com>,
        "mengensun@...cent.com" <mengensun@...cent.com>,
        "dongli.zhang@...cle.com" <dongli.zhang@...cle.com>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>,
        "benbjiang@...cent.com" <benbjiang@...cent.com>
Subject: RE: [PATCH net-next v3 3/3] net: icmp: add reasons of the skb drops
 to icmp protocol

From: David Ahern
> Sent: 17 March 2022 14:49
> 
> On 3/16/22 10:05 PM, Jakub Kicinski wrote:
> > On Wed, 16 Mar 2022 21:35:47 -0600 David Ahern wrote:
> >> On 3/16/22 9:18 PM, Jakub Kicinski wrote:
> >>>
> >>> I guess this set raises the follow up question to Dave if adding
> >>> drop reasons to places with MIB exception stats means improving
> >>> the granularity or one MIB stat == one reason?
> >>
> >> There are a few examples where multiple MIB stats are bumped on a drop,
> >> but the reason code should always be set based on first failure. Did you
> >> mean something else with your question?
> >
> > I meant whether we want to differentiate between TYPE, and BROADCAST or
> > whatever other possible invalid protocol cases we can get here or just
> > dump them all into a single protocol error code.
> 
> I think a single one is a good starting point.

I remember looking at (I think) the packet drop stats a while back.
Two machines on the same LAN were reporting rather different values.
Basically 0 v quite a few.

It turned out that passing the packets to dhcp was deemed enough
to stop them being reported as 'dropped'.
And I think that version of dhcp fed every packed into its BPF? filter.
(I never did decide whether that caused every skb to be duplicated.)

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ