| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 7 Feb 2022 20:47:26 -0800
From: David Ahern <dsahern@...il.com>
To: Dongli Zhang <dongli.zhang@...cle.com>, netdev@...r.kernel.org,
Eric Dumazet <edumazet@...gle.com>
Cc: linux-kernel@...r.kernel.org, davem@...emloft.net, kuba@...nel.org,
rostedt@...dmis.org, mingo@...hat.com, ast@...nel.org,
daniel@...earbox.net, andrii@...nel.org, imagedong@...cent.com,
joao.m.martins@...cle.com, joe.jin@...cle.com
Subject: Re: [PATCH 1/2] net: tap: track dropped skb via kfree_skb_reason()
On 2/7/22 7:55 PM, Dongli Zhang wrote:
> diff --git a/drivers/net/tap.c b/drivers/net/tap.c
> index 8e3a28ba6b28..232572289e63 100644
> --- a/drivers/net/tap.c
> +++ b/drivers/net/tap.c
> @@ -322,6 +322,7 @@ rx_handler_result_t tap_handle_frame(struct sk_buff **pskb)
> struct tap_dev *tap;
> struct tap_queue *q;
> netdev_features_t features = TAP_FEATURES;
> + int drop_reason = SKB_DROP_REASON_NOT_SPECIFIED;
maybe I missed an exit path, but I believe drop_reason is always set
before a goto jump, so this init is not needed.
>
> tap = tap_dev_get_rcu(dev);
> if (!tap)
> @@ -343,12 +344,16 @@ rx_handler_result_t tap_handle_frame(struct sk_buff **pskb)
> struct sk_buff *segs = __skb_gso_segment(skb, features, false);
> struct sk_buff *next;
>
> - if (IS_ERR(segs))
> + if (IS_ERR(segs)) {
> + drop_reason = SKB_DROP_REASON_SKB_GSO_SEGMENT;
This reason points to a line of code, not the real reason for the drop.
If you unwind __skb_gso_segment the only failure there is ENOMEM. The
reason code needs to be meaningful to users, not just code references.
> goto drop;
> + }
>
> if (!segs) {
> - if (ptr_ring_produce(&q->ring, skb))
> + if (ptr_ring_produce(&q->ring, skb)) {
> + drop_reason = SKB_DROP_REASON_PTR_FULL;
similar comment to Eric - PTR_FULL needs to be more helpful.
> goto drop;
> + }
> goto wake_up;
> }
>
> @@ -369,10 +374,14 @@ rx_handler_result_t tap_handle_frame(struct sk_buff **pskb)
> */
> if (skb->ip_summed == CHECKSUM_PARTIAL &&
> !(features & NETIF_F_CSUM_MASK) &&
> - skb_checksum_help(skb))
> + skb_checksum_help(skb)) {
> + drop_reason = SKB_DROP_REASON_SKB_CHECKSUM;
That is not helpful explanation of the root cause; it is more of a code
reference.
> goto drop;
> - if (ptr_ring_produce(&q->ring, skb))
> + }
> + if (ptr_ring_produce(&q->ring, skb)) {
> + drop_reason = SKB_DROP_REASON_PTR_FULL;
ditto above comment
> goto drop;
> + }
> }
>
> wake_up:
> @@ -383,7 +392,7 @@ rx_handler_result_t tap_handle_frame(struct sk_buff **pskb)
> /* Count errors/drops only here, thus don't care about args. */
> if (tap->count_rx_dropped)
> tap->count_rx_dropped(tap);
> - kfree_skb(skb);
> + kfree_skb_reason(skb, drop_reason);
> return RX_HANDLER_CONSUMED;
> }
> EXPORT_SYMBOL_GPL(tap_handle_frame);
> @@ -632,6 +641,7 @@ static ssize_t tap_get_user(struct tap_queue *q, void *msg_control,
> int depth;
> bool zerocopy = false;
> size_t linear;
> + int drop_reason = SKB_DROP_REASON_NOT_SPECIFIED;
>
> if (q->flags & IFF_VNET_HDR) {
> vnet_hdr_len = READ_ONCE(q->vnet_hdr_sz);
> @@ -696,8 +706,10 @@ static ssize_t tap_get_user(struct tap_queue *q, void *msg_control,
> else
> err = skb_copy_datagram_from_iter(skb, 0, from, len);
>
> - if (err)
> + if (err) {
> + drop_reason = SKB_DROP_REASON_SKB_COPY_DATA;
As mentioned above, plus unwind the above functions and give a more
explicit description of why the above fails.
> goto err_kfree;
> + }
>
> skb_set_network_header(skb, ETH_HLEN);
> skb_reset_mac_header(skb);
> @@ -706,8 +718,10 @@ static ssize_t tap_get_user(struct tap_queue *q, void *msg_control,
> if (vnet_hdr_len) {
> err = virtio_net_hdr_to_skb(skb, &vnet_hdr,
> tap_is_little_endian(q));
> - if (err)
> + if (err) {
> + drop_reason = SKB_DROP_REASON_VIRTNET_HDR;
and here too.
Powered by blists - more mailing lists