lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 29 Oct 2022 21:09:55 +0800
From:   menglong8.dong@...il.com
To:     edumazet@...gle.com, kuba@...nel.org
Cc:     davem@...emloft.net, pabeni@...hat.com, yoshfuji@...ux-ipv6.org,
        dsahern@...nel.org, imagedong@...cent.com, kafai@...com,
        asml.silence@...il.com, keescook@...omium.org,
        linux-kernel@...r.kernel.org, netdev@...r.kernel.org
Subject: [PATCH net-next 7/9] net: tcp: store drop reasons in tcp_rcv_state_process()

From: Menglong Dong <imagedong@...cent.com>

Store the drop reasons for skb to the tcp_skb_cb in
tcp_rcv_state_process() when it returns non-zero, which means that
the skb need to be dropped.

The new drop reasons 'TCP_ABORTONDATA' and 'TCP_ABORTONLINGER' are
added.

Signed-off-by: Menglong Dong <imagedong@...cent.com>
---
 include/net/dropreason.h | 12 ++++++++++++
 net/ipv4/tcp_input.c     | 11 +++++++++--
 2 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/include/net/dropreason.h b/include/net/dropreason.h
index 633a05c95026..364811bce63f 100644
--- a/include/net/dropreason.h
+++ b/include/net/dropreason.h
@@ -72,6 +72,8 @@
 	FN(TIMEWAIT)			\
 	FN(LISTENOVERFLOWS)		\
 	FN(TCP_REQQFULLDROP)		\
+	FN(TCP_ABORTONDATA)		\
+	FN(TCP_ABORTONLINGER)		\
 	FNe(MAX)
 
 /**
@@ -324,6 +326,16 @@ enum skb_drop_reason {
 	 * socket is full, corresponding to LINUX_MIB_TCPREQQFULLDROP
 	 */
 	SKB_DROP_REASON_TCP_REQQFULLDROP,
+	/**
+	 * @SKB_DROP_REASON_TCP_ABORTONDATA: corresponding to
+	 * LINUX_MIB_TCPABORTONDATA
+	 */
+	SKB_DROP_REASON_TCP_ABORTONDATA,
+	/**
+	 * @SKB_DROP_REASON_TCP_ABORTONLINGER: corresponding to
+	 * LINUX_MIB_TCPABORTONLINGER
+	 */
+	SKB_DROP_REASON_TCP_ABORTONLINGER,
 	/**
 	 * @SKB_DROP_REASON_MAX: the maximum of drop reason, which shouldn't be
 	 * used as a real 'reason'
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index ad088e228b1e..e08842f999f8 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -6459,8 +6459,10 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb)
 		goto discard;
 
 	case TCP_LISTEN:
-		if (th->ack)
+		if (th->ack) {
+			TCP_SKB_DR(skb, TCP_FLAGS);
 			return 1;
+		}
 
 		if (th->rst) {
 			SKB_DR_SET(reason, TCP_RESET);
@@ -6533,8 +6535,10 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb)
 				      FLAG_NO_CHALLENGE_ACK) > 0;
 
 	if (!acceptable) {
-		if (sk->sk_state == TCP_SYN_RECV)
+		if (sk->sk_state == TCP_SYN_RECV) {
+			TCP_SKB_DR(skb, TCP_FLAGS);
 			return 1;	/* send one RST */
+		}
 		tcp_send_challenge_ack(sk);
 		SKB_DR_SET(reason, TCP_OLD_ACK);
 		goto discard;
@@ -6605,6 +6609,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb)
 		if (tp->linger2 < 0) {
 			tcp_done(sk);
 			NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPABORTONDATA);
+			TCP_SKB_DR(skb, TCP_ABORTONLINGER);
 			return 1;
 		}
 		if (TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq &&
@@ -6614,6 +6619,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb)
 				tcp_fastopen_active_disable(sk);
 			tcp_done(sk);
 			NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPABORTONDATA);
+			TCP_SKB_DR(skb, TCP_ABORTONDATA);
 			return 1;
 		}
 
@@ -6678,6 +6684,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb)
 			if (TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq &&
 			    after(TCP_SKB_CB(skb)->end_seq - th->fin, tp->rcv_nxt)) {
 				NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPABORTONDATA);
+				TCP_SKB_DR(skb, TCP_ABORTONDATA);
 				tcp_reset(sk, skb);
 				return 1;
 			}
-- 
2.37.2

Powered by blists - more mailing lists