| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 29 Oct 2022 21:09:55 +0800
From: menglong8.dong@...il.com
To: edumazet@...gle.com, kuba@...nel.org
Cc: davem@...emloft.net, pabeni@...hat.com, yoshfuji@...ux-ipv6.org,
dsahern@...nel.org, imagedong@...cent.com, kafai@...com,
asml.silence@...il.com, keescook@...omium.org,
linux-kernel@...r.kernel.org, netdev@...r.kernel.org
Subject: [PATCH net-next 7/9] net: tcp: store drop reasons in tcp_rcv_state_process()
From: Menglong Dong <imagedong@...cent.com>
Store the drop reasons for skb to the tcp_skb_cb in
tcp_rcv_state_process() when it returns non-zero, which means that
the skb need to be dropped.
The new drop reasons 'TCP_ABORTONDATA' and 'TCP_ABORTONLINGER' are
added.
Signed-off-by: Menglong Dong <imagedong@...cent.com>
---
include/net/dropreason.h | 12 ++++++++++++
net/ipv4/tcp_input.c | 11 +++++++++--
2 files changed, 21 insertions(+), 2 deletions(-)
diff --git a/include/net/dropreason.h b/include/net/dropreason.h
index 633a05c95026..364811bce63f 100644
--- a/include/net/dropreason.h
+++ b/include/net/dropreason.h
@@ -72,6 +72,8 @@
FN(TIMEWAIT) \
FN(LISTENOVERFLOWS) \
FN(TCP_REQQFULLDROP) \
+ FN(TCP_ABORTONDATA) \
+ FN(TCP_ABORTONLINGER) \
FNe(MAX)
/**
@@ -324,6 +326,16 @@ enum skb_drop_reason {
* socket is full, corresponding to LINUX_MIB_TCPREQQFULLDROP
*/
SKB_DROP_REASON_TCP_REQQFULLDROP,
+ /**
+ * @SKB_DROP_REASON_TCP_ABORTONDATA: corresponding to
+ * LINUX_MIB_TCPABORTONDATA
+ */
+ SKB_DROP_REASON_TCP_ABORTONDATA,
+ /**
+ * @SKB_DROP_REASON_TCP_ABORTONLINGER: corresponding to
+ * LINUX_MIB_TCPABORTONLINGER
+ */
+ SKB_DROP_REASON_TCP_ABORTONLINGER,
/**
* @SKB_DROP_REASON_MAX: the maximum of drop reason, which shouldn't be
* used as a real 'reason'
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index ad088e228b1e..e08842f999f8 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -6459,8 +6459,10 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb)
goto discard;
case TCP_LISTEN:
- if (th->ack)
+ if (th->ack) {
+ TCP_SKB_DR(skb, TCP_FLAGS);
return 1;
+ }
if (th->rst) {
SKB_DR_SET(reason, TCP_RESET);
@@ -6533,8 +6535,10 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb)
FLAG_NO_CHALLENGE_ACK) > 0;
if (!acceptable) {
- if (sk->sk_state == TCP_SYN_RECV)
+ if (sk->sk_state == TCP_SYN_RECV) {
+ TCP_SKB_DR(skb, TCP_FLAGS);
return 1; /* send one RST */
+ }
tcp_send_challenge_ack(sk);
SKB_DR_SET(reason, TCP_OLD_ACK);
goto discard;
@@ -6605,6 +6609,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb)
if (tp->linger2 < 0) {
tcp_done(sk);
NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPABORTONDATA);
+ TCP_SKB_DR(skb, TCP_ABORTONLINGER);
return 1;
}
if (TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq &&
@@ -6614,6 +6619,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb)
tcp_fastopen_active_disable(sk);
tcp_done(sk);
NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPABORTONDATA);
+ TCP_SKB_DR(skb, TCP_ABORTONDATA);
return 1;
}
@@ -6678,6 +6684,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb)
if (TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq &&
after(TCP_SKB_CB(skb)->end_seq - th->fin, tp->rcv_nxt)) {
NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPABORTONDATA);
+ TCP_SKB_DR(skb, TCP_ABORTONDATA);
tcp_reset(sk, skb);
return 1;
}
--
2.37.2
Powered by blists - more mailing lists