| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <44651dfe-3176-e295-adbd-351c149aad88@kernel.org>
Date: Thu, 19 Oct 2023 13:45:42 -0600
From: David Ahern <dsahern@...nel.org>
To: Heng Guo <heng.guo@...driver.com>, davem@...emloft.net,
edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com
Cc: netdev@...r.kernel.org, filip.pudak@...driver.com, kun.song@...driver.com
Subject: Re: [PATCH net-next V3] net: fix IPSTATS_MIB_OUTPKGS increment in
OutForwDatagrams.
On 10/18/23 7:20 PM, Heng Guo wrote:
> Reproduce environment:
> network with 3 VM linuxs is connected as below:
> VM1<---->VM2(latest kernel 6.5.0-rc7)<---->VM3
> VM1: eth0 ip: 192.168.122.207 MTU 1500
> VM2: eth0 ip: 192.168.122.208, eth1 ip: 192.168.123.224 MTU 1500
> VM3: eth0 ip: 192.168.123.240 MTU 1500
>
> Reproduce:
> VM1 send 1400 bytes UDP data to VM3 using tools scapy with flags=0.
> scapy command:
> send(IP(dst="192.168.123.240",flags=0)/UDP()/str('0'*1400),count=1,
> inter=1.000000)
>
> Result:
> Before IP data is sent.
> ----------------------------------------------------------------------
> root@...ux86-64:~# cat /proc/net/snmp
> Ip: Forwarding DefaultTTL InReceives InHdrErrors InAddrErrors
> ForwDatagrams InUnknownProtos InDiscards InDelivers OutRequests
> OutDiscards OutNoRoutes ReasmTimeout ReasmReqds ReasmOKs ReasmFails
> FragOKs FragFails FragCreates
> Ip: 1 64 11 0 3 4 0 0 4 7 0 0 0 0 0 0 0 0 0
> ......
> ----------------------------------------------------------------------
> After IP data is sent.
> ----------------------------------------------------------------------
> root@...ux86-64:~# cat /proc/net/snmp
> Ip: Forwarding DefaultTTL InReceives InHdrErrors InAddrErrors
> ForwDatagrams InUnknownProtos InDiscards InDelivers OutRequests
> OutDiscards OutNoRoutes ReasmTimeout ReasmReqds ReasmOKs ReasmFails
> FragOKs FragFails FragCreates
> Ip: 1 64 12 0 3 5 0 0 4 8 0 0 0 0 0 0 0 0 0
> ......
> ----------------------------------------------------------------------
> "ForwDatagrams" increase from 4 to 5 and "OutRequests" also increase
> from 7 to 8.
>
> Issue description and patch:
> IPSTATS_MIB_OUTPKTS("OutRequests") is counted with IPSTATS_MIB_OUTOCTETS
> ("OutOctets") in ip_finish_output2().
> According to RFC 4293, it is "OutOctets" counted with "OutTransmits" but
> not "OutRequests". "OutRequests" does not include any datagrams counted
> in "ForwDatagrams".
> ipSystemStatsOutOctets OBJECT-TYPE
> DESCRIPTION
> "The total number of octets in IP datagrams delivered to the
> lower layers for transmission. Octets from datagrams
> counted in ipIfStatsOutTransmits MUST be counted here.
> ipSystemStatsOutRequests OBJECT-TYPE
> DESCRIPTION
> "The total number of IP datagrams that local IP user-
> protocols (including ICMP) supplied to IP in requests for
> transmission. Note that this counter does not include any
> datagrams counted in ipSystemStatsOutForwDatagrams.
> So do patch to define IPSTATS_MIB_OUTPKTS to "OutTransmits" and add
> IPSTATS_MIB_OUTREQUESTS for "OutRequests".
> Add IPSTATS_MIB_OUTREQUESTS counter in __ip_local_out() for ipv4 and add
> IPSTATS_MIB_OUT counter in ip6_finish_output2() for ipv6.
>
> Test result with patch:
> Before IP data is sent.
> ----------------------------------------------------------------------
> root@...ux86-64:~# cat /proc/net/snmp
> Ip: Forwarding DefaultTTL InReceives InHdrErrors InAddrErrors
> ForwDatagrams InUnknownProtos InDiscards InDelivers OutRequests
> OutDiscards OutNoRoutes ReasmTimeout ReasmReqds ReasmOKs ReasmFails
> FragOKs FragFails FragCreates OutTransmits
> Ip: 1 64 9 0 5 1 0 0 3 3 0 0 0 0 0 0 0 0 0 4
> ......
> root@...ux86-64:~# cat /proc/net/netstat
> ......
> IpExt: InNoRoutes InTruncatedPkts InMcastPkts OutMcastPkts InBcastPkts
> OutBcastPkts InOctets OutOctets InMcastOctets OutMcastOctets
> InBcastOctets OutBcastOctets InCsumErrors InNoECTPkts InECT1Pkts
> InECT0Pkts InCEPkts ReasmOverlaps
> IpExt: 0 0 0 0 0 0 2976 1896 0 0 0 0 0 9 0 0 0 0
> ----------------------------------------------------------------------
> After IP data is sent.
> ----------------------------------------------------------------------
> root@...ux86-64:~# cat /proc/net/snmp
> Ip: Forwarding DefaultTTL InReceives InHdrErrors InAddrErrors
> ForwDatagrams InUnknownProtos InDiscards InDelivers OutRequests
> OutDiscards OutNoRoutes ReasmTimeout ReasmReqds ReasmOKs ReasmFails
> FragOKs FragFails FragCreates OutTransmits
> Ip: 1 64 10 0 5 2 0 0 3 3 0 0 0 0 0 0 0 0 0 5
> ......
> root@...ux86-64:~# cat /proc/net/netstat
> ......
> IpExt: InNoRoutes InTruncatedPkts InMcastPkts OutMcastPkts InBcastPkts
> OutBcastPkts InOctets OutOctets InMcastOctets OutMcastOctets
> InBcastOctets OutBcastOctets InCsumErrors InNoECTPkts InECT1Pkts
> InECT0Pkts InCEPkts ReasmOverlaps
> IpExt: 0 0 0 0 0 0 4404 3324 0 0 0 0 0 10 0 0 0 0
> ----------------------------------------------------------------------
> "ForwDatagrams" increase from 1 to 2 and "OutRequests" is keeping 3.
> "OutTransmits" increase from 4 to 5 and "OutOctets" increase 1428.
>
> Signed-off-by: Heng Guo <heng.guo@...driver.com>
> Reviewed-by: Kun Song <Kun.Song@...driver.com>
> Reviewed-by: Filip Pudak <filip.pudak@...driver.com>
> ---
> V2: fix the missing space after a comma.
> V3: keep original counter in mpls_stats_inc_outucastpkts(), because
> both forward and local outputs are in it.
>
> include/uapi/linux/snmp.h | 3 ++-
> net/ipv4/ip_output.c | 2 ++
> net/ipv4/proc.c | 3 ++-
> net/ipv6/ip6_output.c | 6 ++++--
> net/ipv6/mcast.c | 5 ++---
> net/ipv6/ndisc.c | 2 +-
> net/ipv6/proc.c | 3 ++-
> net/ipv6/raw.c | 2 +-
> 8 files changed, 16 insertions(+), 10 deletions(-)
>
Reviewed-by: David Ahern <dsahern@...nel.org>
Powered by blists - more mailing lists