lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 16 May 2022 11:45:15 +0800 From: menglong8.dong@...il.com To: edumazet@...gle.com Cc: rostedt@...dmis.org, mingo@...hat.com, davem@...emloft.net, yoshfuji@...ux-ipv6.org, dsahern@...nel.org, kuba@...nel.org, pabeni@...hat.com, imagedong@...cent.com, kafai@...com, talalahmad@...gle.com, keescook@...omium.org, dongli.zhang@...cle.com, linux-kernel@...r.kernel.org, netdev@...r.kernel.org Subject: [PATCH net-next 5/9] net: tcp: make tcp_rcv_synsent_state_process() return drop reasons From: Menglong Dong <imagedong@...cent.com> The return value of tcp_rcv_synsent_state_process() can be -1, 0 or 1: - -1: free skb silently - 0: success and skb is already freed - 1: drop packet and send a RST Therefore, we can make it return skb drop reasons on 'reset_and_undo' path, which will not impact the caller. The new reason 'TCP_PAWSACTIVEREJECTED' is added, which is corresponding to LINUX_MIB_PAWSACTIVEREJECTED. Signed-off-by: Menglong Dong <imagedong@...cent.com> --- include/linux/skbuff.h | 1 + net/ipv4/tcp_input.c | 7 ++++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h index 3c7b1e9aabbb..36e0971f4cc9 100644 --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h @@ -619,6 +619,7 @@ struct sk_buff; FN(IP_INNOROUTES) \ FN(PKT_TOO_BIG) \ FN(SOCKET_DESTROYED) \ + FN(TCP_PAWSACTIVEREJECTED) \ FN(MAX) /* The reason of skb drop, which is used in kfree_skb_reason(). diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index 97cfcd85f84e..e8d26a68bc45 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -6174,6 +6174,10 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb, inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS, TCP_TIMEOUT_MIN, TCP_RTO_MAX); + if (after(TCP_SKB_CB(skb)->ack_seq, tp->snd_nxt)) + SKB_DR_SET(reason, TCP_ACK_UNSENT_DATA); + else + SKB_DR_SET(reason, TCP_TOO_OLD_ACK); goto reset_and_undo; } @@ -6182,6 +6186,7 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb, tcp_time_stamp(tp))) { NET_INC_STATS(sock_net(sk), LINUX_MIB_PAWSACTIVEREJECTED); + SKB_DR_SET(reason, TCP_PAWSACTIVEREJECTED); goto reset_and_undo; } @@ -6375,7 +6380,7 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb, reset_and_undo: tcp_clear_options(&tp->rx_opt); tp->rx_opt.mss_clamp = saved_clamp; - return 1; + return reason; } static void tcp_rcv_synrecv_state_fastopen(struct sock *sk) -- 2.36.1
Powered by blists - more mailing lists