lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 25 Feb 2022 15:17:36 +0800
From:   menglong8.dong@...il.com
To:     dsahern@...nel.org
Cc:     rostedt@...dmis.org, mingo@...hat.com, davem@...emloft.net,
        kuba@...nel.org, yoshfuji@...ux-ipv6.org, imagedong@...cent.com,
        edumazet@...gle.com, alobakin@...me, cong.wang@...edance.com,
        paulb@...dia.com, talalahmad@...gle.com, keescook@...omium.org,
        ilias.apalodimas@...aro.org, memxor@...il.com,
        flyingpeng@...cent.com, mengensun@...cent.com,
        daniel@...earbox.net, yajun.deng@...ux.dev, roopa@...dia.com,
        linux-kernel@...r.kernel.org, netdev@...r.kernel.org
Subject: [PATCH net-next v2 0/3] net: use kfree_skb_reason() for ip/neighbour

From: Menglong Dong <imagedong@...cent.com>

In the series "net: use kfree_skb_reason() for ip/udp packet receive",
reasons for skb drops are added to the packet receive process of IP
layer. Link:

https://lore.kernel.org/netdev/20220205074739.543606-1-imagedong@tencent.com/

And in the first patch of this series, skb drop reasons are added to
the packet egress path of IP layer. As kfree_skb() is not used frequent,
I commit these changes at once and didn't create a patch for every
functions that involed. Following functions are handled:

__ip_queue_xmit()
ip_finish_output()
ip_mc_finish_output()
ip6_output()
ip6_finish_output()
ip6_finish_output2()

Following new drop reasons are introduced (what they mean can be seen
in the document of them):

SKB_DROP_REASON_IP_OUTNOROUTES
SKB_DROP_REASON_BPF_CGROUP_EGRESS
SKB_DROP_REASON_IPV6DSIABLED
SKB_DROP_REASON_NEIGH_CREATEFAIL

In the 2th and 3th patches, kfree_skb_reason() is used in neighbour
subsystem instead of kfree_skb(). __neigh_event_send() and
arp_error_report() are involed, and following new drop reasons are
introduced:

SKB_DROP_REASON_NEIGH_FAILED
SKB_DROP_REASON_NEIGH_QUEUEFULL
SKB_DROP_REASON_NEIGH_DEAD

Changes since v1:
- introduce SKB_DROP_REASON_NEIGH_CREATEFAIL for some path in the 1th
  patch
- introduce SKB_DROP_REASON_NEIGH_DEAD in the 2th patch
- simplify the document for the new drop reasons, as David Ahern
  suggested

Menglong Dong (3):
  net: ip: add skb drop reasons for ip egress path
  net: neigh: use kfree_skb_reason() for __neigh_event_send()
  net: neigh: add skb drop reasons to arp_error_report()

 include/linux/skbuff.h     | 14 ++++++++++++++
 include/trace/events/skb.h |  7 +++++++
 net/core/neighbour.c       |  6 +++---
 net/ipv4/arp.c             |  2 +-
 net/ipv4/ip_output.c       |  8 ++++----
 net/ipv6/ip6_output.c      |  6 +++---
 6 files changed, 32 insertions(+), 11 deletions(-)

-- 
2.35.1

Powered by blists - more mailing lists