| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250407140001.13886-1-jiayuan.chen@linux.dev> Date: Mon, 7 Apr 2025 21:59:49 +0800 From: Jiayuan Chen <jiayuan.chen@...ux.dev> To: bpf@...r.kernel.org Cc: mrpre@....com, Jiayuan Chen <jiayuan.chen@...ux.dev>, "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Simon Horman <horms@...nel.org>, Jonathan Corbet <corbet@....net>, Neal Cardwell <ncardwell@...gle.com>, Kuniyuki Iwashima <kuniyu@...zon.com>, David Ahern <dsahern@...nel.org>, Steffen Klassert <steffen.klassert@...unet.com>, Sabrina Dubroca <sd@...asysnail.net>, Antony Antony <antony.antony@...unet.com>, Christian Hopps <chopps@...n.net>, netdev@...r.kernel.org, linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org Subject: [PATCH RESEND net-next v3 0/2] tcp: add a new TW_PAWS drop reason PAWS is a long-standing issue, especially when there are upstream network devices, making it more prone to occur. Currently, packet loss statistics for PAWS can only be viewed through MIB, which is a global metric and cannot be precisely obtained through tracing to get the specific 4-tuple of the dropped packet. In the past, we had to use kprobe ret to retrieve relevant skb information from tcp_timewait_state_process(). --- Re-sending the patch after merge window. v2 -> v3: use new SNMP counter and drop reason suggested by Eric. https://lore.kernel.org/netdev/5cdc1bdd9caee92a6ae932638a862fd5c67630e8@linux.dev/T/#t I didn't provide a packetdrill script. I struggled for a long time to get packetdrill to fix the client port, but ultimately failed to do so... Instead, I wrote my own program to trigger PAWS, which can be found at https://github.com/mrpre/nettrigger/tree/main ''' //assume nginx running on 172.31.75.114:9999, current host is 172.31.75.115 iptables -t filter -I OUTPUT -p tcp --sport 12345 --tcp-flags RST RST -j DROP ./nettrigger -i eth0 -s 172.31.75.115:12345 -d 172.31.75.114:9999 -action paws ''' Jiayuan Chen (2): tcp: add TCP_RFC7323_TW_PAWS drop reason tcp: add LINUX_MIB_PAWS_TW_REJECTED counter Documentation/networking/net_cachelines/snmp.rst | 2 ++ include/net/dropreason-core.h | 7 +++++++ include/net/tcp.h | 3 ++- include/uapi/linux/snmp.h | 1 + net/ipv4/proc.c | 1 + net/ipv4/tcp_ipv4.c | 3 ++- net/ipv4/tcp_minisocks.c | 9 ++++++--- net/ipv6/tcp_ipv6.c | 3 ++- 8 files changed, 23 insertions(+), 6 deletions(-) -- 2.47.1
Powered by blists - more mailing lists