| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 16 May 2022 11:45:15 +0800
From: menglong8.dong@...il.com
To: edumazet@...gle.com
Cc: rostedt@...dmis.org, mingo@...hat.com, davem@...emloft.net,
yoshfuji@...ux-ipv6.org, dsahern@...nel.org, kuba@...nel.org,
pabeni@...hat.com, imagedong@...cent.com, kafai@...com,
talalahmad@...gle.com, keescook@...omium.org,
dongli.zhang@...cle.com, linux-kernel@...r.kernel.org,
netdev@...r.kernel.org
Subject: [PATCH net-next 5/9] net: tcp: make tcp_rcv_synsent_state_process() return drop reasons
From: Menglong Dong <imagedong@...cent.com>
The return value of tcp_rcv_synsent_state_process() can be -1, 0 or 1:
- -1: free skb silently
- 0: success and skb is already freed
- 1: drop packet and send a RST
Therefore, we can make it return skb drop reasons on 'reset_and_undo'
path, which will not impact the caller.
The new reason 'TCP_PAWSACTIVEREJECTED' is added, which is corresponding
to LINUX_MIB_PAWSACTIVEREJECTED.
Signed-off-by: Menglong Dong <imagedong@...cent.com>
---
include/linux/skbuff.h | 1 +
net/ipv4/tcp_input.c | 7 ++++++-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
index 3c7b1e9aabbb..36e0971f4cc9 100644
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -619,6 +619,7 @@ struct sk_buff;
FN(IP_INNOROUTES) \
FN(PKT_TOO_BIG) \
FN(SOCKET_DESTROYED) \
+ FN(TCP_PAWSACTIVEREJECTED) \
FN(MAX)
/* The reason of skb drop, which is used in kfree_skb_reason().
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index 97cfcd85f84e..e8d26a68bc45 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -6174,6 +6174,10 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb,
inet_csk_reset_xmit_timer(sk,
ICSK_TIME_RETRANS,
TCP_TIMEOUT_MIN, TCP_RTO_MAX);
+ if (after(TCP_SKB_CB(skb)->ack_seq, tp->snd_nxt))
+ SKB_DR_SET(reason, TCP_ACK_UNSENT_DATA);
+ else
+ SKB_DR_SET(reason, TCP_TOO_OLD_ACK);
goto reset_and_undo;
}
@@ -6182,6 +6186,7 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb,
tcp_time_stamp(tp))) {
NET_INC_STATS(sock_net(sk),
LINUX_MIB_PAWSACTIVEREJECTED);
+ SKB_DR_SET(reason, TCP_PAWSACTIVEREJECTED);
goto reset_and_undo;
}
@@ -6375,7 +6380,7 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb,
reset_and_undo:
tcp_clear_options(&tp->rx_opt);
tp->rx_opt.mss_clamp = saved_clamp;
- return 1;
+ return reason;
}
static void tcp_rcv_synrecv_state_fastopen(struct sock *sk)
--
2.36.1
Powered by blists - more mailing lists