| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 29 Nov 2022 10:00:55 +0900
From: Kuniyuki Iwashima <kuniyu@...zon.com>
To: <leitao@...ian.org>
CC: <davem@...emloft.net>, <dsahern@...nel.org>, <edumazet@...gle.com>,
<kuba@...nel.org>, <leit@...com>, <linux-kernel@...r.kernel.org>,
<netdev@...r.kernel.org>, <pabeni@...hat.com>,
<yoshfuji@...ux-ipv6.org>, <kuniyu@...zon.com>
Subject: Re: [PATCH RESEND net-next] tcp: socket-specific version of WARN_ON_ONCE()
From: Breno Leitao <leitao@...ian.org>
Date: Thu, 24 Nov 2022 03:22:29 -0800
> There are cases where we need information about the socket during a
> warning, so, it could help us to find bugs that happens and do not have
> an easy repro.
>
> This diff creates a TCP socket-specific version of WARN_ON_ONCE(), which
> dumps more information about the TCP socket.
>
> This new warning is not only useful to give more insight about kernel bugs, but,
> it is also helpful to expose information that might be coming from buggy
> BPF applications, such as BPF applications that sets invalid
> tcp_sock->snd_cwnd values.
Have you finally found a root cause on BPF or TCP side ?
> Signed-off-by: Breno Leitao <leitao@...ian.org>
> ---
> include/net/tcp.h | 3 ++-
> include/net/tcp_debug.h | 10 ++++++++++
> net/ipv4/tcp.c | 30 ++++++++++++++++++++++++++++++
> 3 files changed, 42 insertions(+), 1 deletion(-)
> create mode 100644 include/net/tcp_debug.h
>
> diff --git a/include/net/tcp.h b/include/net/tcp.h
> index 14d45661a84d..e490af8e6fdc 100644
> --- a/include/net/tcp.h
> +++ b/include/net/tcp.h
> @@ -40,6 +40,7 @@
> #include <net/inet_ecn.h>
> #include <net/dst.h>
> #include <net/mptcp.h>
> +#include <net/tcp_debug.h>
>
> #include <linux/seq_file.h>
> #include <linux/memcontrol.h>
> @@ -1229,7 +1230,7 @@ static inline u32 tcp_snd_cwnd(const struct tcp_sock *tp)
>
> static inline void tcp_snd_cwnd_set(struct tcp_sock *tp, u32 val)
> {
> - WARN_ON_ONCE((int)val <= 0);
> + TCP_SOCK_WARN_ON_ONCE(tp, (int)val <= 0);
> tp->snd_cwnd = val;
> }
>
> diff --git a/include/net/tcp_debug.h b/include/net/tcp_debug.h
> new file mode 100644
> index 000000000000..50e96d87d335
> --- /dev/null
> +++ b/include/net/tcp_debug.h
> @@ -0,0 +1,10 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +#ifndef _LINUX_TCP_DEBUG_H
> +#define _LINUX_TCP_DEBUG_H
> +
> +void tcp_sock_warn(const struct tcp_sock *tp);
> +
> +#define TCP_SOCK_WARN_ON_ONCE(tcp_sock, condition) \
> + DO_ONCE_LITE_IF(condition, tcp_sock_warn, tcp_sock)
> +
> +#endif /* _LINUX_TCP_DEBUG_H */
> diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
> index 54836a6b81d6..dd682f60c7cb 100644
> --- a/net/ipv4/tcp.c
> +++ b/net/ipv4/tcp.c
> @@ -4705,6 +4705,36 @@ int tcp_abort(struct sock *sk, int err)
> }
> EXPORT_SYMBOL_GPL(tcp_abort);
>
> +void tcp_sock_warn(const struct tcp_sock *tp)
> +{
> + const struct sock *sk = (const struct sock *)tp;
> + struct inet_sock *inet = inet_sk(sk);
> + struct inet_connection_sock *icsk = inet_csk(sk);
> +
> + WARN_ON(1);
> +
> + if (!tp)
Is this needed ?
> + return;
> +
> + pr_warn("Socket Info: family=%u state=%d sport=%u dport=%u ccname=%s cwnd=%u",
> + sk->sk_family, sk->sk_state, ntohs(inet->inet_sport),
> + ntohs(inet->inet_dport), icsk->icsk_ca_ops->name, tcp_snd_cwnd(tp));
> +
> + switch (sk->sk_family) {
> + case AF_INET:
> + pr_warn("saddr=%pI4 daddr=%pI4", &inet->inet_saddr,
> + &inet->inet_daddr);
As with tcp_syn_flood_action(), [address]:port format is easy
to read and consistent in kernel ?
> + break;
> +#if IS_ENABLED(CONFIG_IPV6)
> + case AF_INET6:
> + pr_warn("saddr=%pI6 daddr=%pI6", &sk->sk_v6_rcv_saddr,
> + &sk->sk_v6_daddr);
> + break;
> +#endif
> + }
> +}
> +EXPORT_SYMBOL_GPL(tcp_sock_warn);
> +
> extern struct tcp_congestion_ops tcp_reno;
>
> static __initdata unsigned long thash_entries;
> --
> 2.30.2
Powered by blists - more mailing lists