lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 13 Feb 2019 10:46:59 +0800
From:   Yafang Shao <>
To:     Eric Dumazet <>
Cc:     Eric Dumazet <>,
        Daniel Borkmann <>,
        Alexei Starovoitov <>,
        Yonghong Song <>, Lawrence Brakmo <>,
        David Miller <>,
        netdev <>,
        LKML <>,
Subject: Re: [bpf-next 1/2] tcp: replace SOCK_DEBUG() with tcp_stats()

On Wed, Feb 13, 2019 at 10:15 AM Eric Dumazet <> wrote:
> On Tue, Feb 12, 2019 at 6:07 PM Yafang Shao <> wrote:
> >
> > Let me explain the background for you.
> > I want to track some TCP abnormal  behavior in TCP/IP stack. But I
> > find there's no good way to do it.
> > The current MIBs are per net, other than per socket, that makes it not
> > very powerful.
> > And the ancient SOCK_DEBUG is not good as well.
> > So we think why not cleanup this ancient SOCK_DEBUG() and introduce a
> > more powerful method.
> I am all for it, but this more powerful method does nothing at all in
> the current patches.
> I can not accept patches just because they seem to be harmless,
> knowing that  the next patches
> will be pushed later changing more stuff, just because the new
> infrastructure is there "and can be used"
> Just remove all SOCK_DEBUG() calls, there are leftovers of very ancient times.

OK. I will send a patch for it.

> Do not add more debugging stuff unless you can demonstrate
> they actually allowed you to find a real bug and that you sent a
> public fix for it.


> Just adding "cool stuff" in TCP stack does not please me, it is only
> more complexity for unproven gain.
> Otherwise, I am tempted to think that these BPF hooks are there only
> so that a company can more
> easily build a private variant of TCP, yet letting the community
> maintaining the hard part of TCP stack.


> Thank you.


Powered by blists - more mailing lists