lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CADxym3akuxC_Cr07Vzvv+BD55XgMEx7nqU4qW8WHowGR0jeoOQ@mail.gmail.com>
Date:   Thu, 10 Feb 2022 11:19:49 +0800
From:   Menglong Dong <menglong8.dong@...il.com>
To:     David Ahern <dsahern@...il.com>
Cc:     David Ahern <dsahern@...nel.org>, Jakub Kicinski <kuba@...nel.org>,
        Steven Rostedt <rostedt@...dmis.org>, mingo@...hat.com,
        David Miller <davem@...emloft.net>,
        Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
        pablo@...filter.org, kadlec@...filter.org,
        Florian Westphal <fw@...len.de>,
        Menglong Dong <imagedong@...cent.com>,
        Eric Dumazet <edumazet@...gle.com>, alobakin@...me,
        paulb@...dia.com, Kees Cook <keescook@...omium.org>,
        talalahmad@...gle.com, haokexin@...il.com, memxor@...il.com,
        LKML <linux-kernel@...r.kernel.org>,
        netdev <netdev@...r.kernel.org>, netfilter-devel@...r.kernel.org,
        coreteam@...filter.org, Cong Wang <cong.wang@...edance.com>
Subject: Re: [PATCH v3 net-next 1/7] net: skb_drop_reason: add document for
 drop reasons

Hello!

On Tue, Feb 1, 2022 at 1:14 AM David Ahern <dsahern@...il.com> wrote:
>
> On 1/28/22 12:33 AM, menglong8.dong@...il.com wrote:
> > From: Menglong Dong <imagedong@...cent.com>
> >
> > Add document for following existing drop reasons:
> >
> > SKB_DROP_REASON_NOT_SPECIFIED
> > SKB_DROP_REASON_NO_SOCKET
> > SKB_DROP_REASON_PKT_TOO_SMALL
> > SKB_DROP_REASON_TCP_CSUM
> > SKB_DROP_REASON_SOCKET_FILTER
> > SKB_DROP_REASON_UDP_CSUM
> >
> > Signed-off-by: Menglong Dong <imagedong@...cent.com>
> > ---
> >  include/linux/skbuff.h | 12 ++++++------
> >  1 file changed, 6 insertions(+), 6 deletions(-)
> >
>
> Reviewed-by: David Ahern <dsahern@...nel.org>
>
>

I'm doing the job of using kfree_skb_reason() for the TCP layer,
and I have some puzzles.

When collecting drop reason for tcp_v4_inbound_md5_hash() in
tcp_v4_rcv(), I come up with 2 ways:

First way: pass the address of reason to tcp_v4_inbound_md5_hash()
like this:

 static bool tcp_v4_inbound_md5_hash(const struct sock *sk,
                      const struct sk_buff *skb,
-                    int dif, int sdif)
+                    int dif, int sdif,
+                    enum skb_drop_reason *reason)

This can work, but many functions like tcp_v4_inbound_md5_hash()
need to do such a change.

Second way: introduce a 'drop_reason' field to 'struct sk_buff'. Therefore,
drop reason can be set by 'skb->drop_reason = SKB_DROP_REASON_XXX'
anywhere.

For TCP, there are many cases where you can't get a drop reason in
the place where skb is freed, so I think there needs to be a way to
deeply collect drop reasons. The second can resolve this problem
easily, but extra fields may have performance problems.

Do you have some better ideas?

Thanks!
Menglong Dong

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ