lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Tue, 17 Sep 2019 14:23:52 -0400
From:   Neal Cardwell <>
To:     Eric Dumazet <>
Cc:     Jason Baron <>, Thomas Higdon <>,
        netdev <>,
        Jonathan Lemon <>,
        Dave Jones <>, Yuchung Cheng <>
Subject: Re: [PATCH v2] tcp: Add TCP_INFO counter for packets received out-of-order

On Tue, Sep 17, 2019 at 1:22 PM Eric Dumazet <> wrote:
>  Tue, Sep 17, 2019 at 10:13 AM Jason Baron <> wrote:
> >
> >
> > Hi,
> >
> > I was interested in adding a field to tcp_info around the TFO state of a
> > socket. So for the server side it would indicate if TFO was used to
> > create the socket and on the client side it would report whether TFO
> > worked and if not that it failed with maybe some additional states
> > around why it failed. I'm thinking it would be maybe 3 bits.

BTW, one aspect of that "did TFO work" info is available already in
tcp_info in the tcpi_options field.

Kernel side is:
  if (tp->syn_data_acked)
        info->tcpi_options |= TCPI_OPT_SYN_DATA;

We use this bit in packetdrill tests on client and server side to
check that the TFO data-in-SYN succeeded:
   +0 %{ assert (tcpi_options & TCPI_OPT_SYN_DATA) != 0, tcpi_options }%

These TFO bits were added much later than the other bits, so IMHO it
would be OK to add more bits somewhere unused in tcp_info to indicate
reasons for TFO failure. Especially if, as you suggest, "0" as a code
point could indicate that the code point is undefined, and all
meaningful code points were non-zero.


> > My question is whether its reasonable to use the unused bits of
> > __u8    tcpi_delivery_rate_app_limited:1;. Or is this not good because
> > the size hasn't changed? What if I avoided using 0 for the new field to
> > avoid the possibility of not knowing if 0 because its the old kernel or
> > 0 because that's now its a TFO state? IE the new field could always be >
> > 0 for the new kernel.
> >
> I guess that storing the 'why it has failed' would need more bits.
> I suggest maybe using an event for this, instead of TCP_INFO ?
> As of using the bits, maybe the monitoring application does not really care
> if running on an old kernel where the bits would be zero.
> Commit eb8329e0a04db0061f714f033b4454326ba147f4 reserved a single
> bit and did not bother about making sure the monitoring would detect if this
> runs on an old kernel.

Powered by blists - more mailing lists