lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAA93jw520FBOfmhpOBNyfFPy1UKbjOdc52=0L8uzADUKQyeLHQ@mail.gmail.com> Date: Tue, 5 Dec 2023 14:28:15 -0800 From: Dave Taht <dave.taht@...il.com> To: Victor Nogueira <victor@...atatu.com> Cc: jhs@...atatu.com, xiyou.wangcong@...il.com, jiri@...nulli.us, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com, daniel@...earbox.net, dcaratti@...hat.com, netdev@...r.kernel.org, kernel@...atatu.com Subject: Re: [PATCH net-next v2 3/3] net: sched: Add initial TC error skb drop reasons On Fri, Dec 1, 2023 at 6:00 PM Victor Nogueira <victor@...atatu.com> wrote: > > Continue expanding Daniel's patch by adding new skb drop reasons that > are idiosyncratic to TC. > > More specifically: > > - SKB_DROP_REASON_TC_EXT_COOKIE_NOTFOUND: tc cookie was looked up using > ext, but was not found. > > - SKB_DROP_REASON_TC_COOKIE_EXT_MISMATCH: tc ext was looked up using cookie > and either was not found or different from expected. > > - SKB_DROP_REASON_TC_CHAIN_NOTFOUND: tc chain lookup failed. > > - SKB_DROP_REASON_TC_RECLASSIFY_LOOP: tc exceeded max reclassify loop > iterations > > Signed-off-by: Victor Nogueira <victor@...atatu.com> > --- > include/net/dropreason-core.h | 30 +++++++++++++++++++++++++++--- > net/sched/act_api.c | 3 ++- > net/sched/cls_api.c | 22 ++++++++++++++-------- > 3 files changed, 43 insertions(+), 12 deletions(-) > > diff --git a/include/net/dropreason-core.h b/include/net/dropreason-core.h > index 3c70ad53a49c..fa6ace8f1611 100644 > --- a/include/net/dropreason-core.h > +++ b/include/net/dropreason-core.h > @@ -85,7 +85,11 @@ > FN(IPV6_NDISC_BAD_OPTIONS) \ > FN(IPV6_NDISC_NS_OTHERHOST) \ > FN(QUEUE_PURGE) \ > - FN(TC_ERROR) \ > + FN(TC_EXT_COOKIE_NOTFOUND) \ > + FN(TC_COOKIE_EXT_MISMATCH) \ > + FN(TC_COOKIE_MISMATCH) \ > + FN(TC_CHAIN_NOTFOUND) \ > + FN(TC_RECLASSIFY_LOOP) \ > FNe(MAX) > > /** > @@ -376,8 +380,28 @@ enum skb_drop_reason { > SKB_DROP_REASON_IPV6_NDISC_NS_OTHERHOST, > /** @SKB_DROP_REASON_QUEUE_PURGE: bulk free. */ > SKB_DROP_REASON_QUEUE_PURGE, > - /** @SKB_DROP_REASON_TC_ERROR: generic internal tc error. */ > - SKB_DROP_REASON_TC_ERROR, > + /** > + * @SKB_DROP_REASON_TC_EXT_COOKIE_NOTFOUND: tc cookie was looked up > + * using ext, but was not found. > + */ > + SKB_DROP_REASON_TC_EXT_COOKIE_NOTFOUND, > + /** > + * @SKB_DROP_REASON_TC_COOKIE_EXT_MISMATCH: tc ext was lookup using > + * cookie and either was not found or different from expected. > + */ > + SKB_DROP_REASON_TC_COOKIE_EXT_MISMATCH, > + /** > + * @SKB_DROP_REASON_TC_COOKIE_MISMATCH: tc cookie available but was > + * unable to match to filter. > + */ > + SKB_DROP_REASON_TC_COOKIE_MISMATCH, > + /** @SKB_DROP_REASON_TC_CHAIN_NOTFOUND: tc chain lookup failed. */ > + SKB_DROP_REASON_TC_CHAIN_NOTFOUND, > + /** > + * @SKB_DROP_REASON_TC_RECLASSIFY_LOOP: tc exceeded max reclassify loop > + * iterations. > + */ > + SKB_DROP_REASON_TC_RECLASSIFY_LOOP, > /** > * @SKB_DROP_REASON_MAX: the maximum of core drop reasons, which > * shouldn't be used as a real 'reason' - only for tracing code gen > diff --git a/net/sched/act_api.c b/net/sched/act_api.c > index 12ac05857045..429cb232e17b 100644 > --- a/net/sched/act_api.c > +++ b/net/sched/act_api.c > @@ -1098,7 +1098,8 @@ int tcf_action_exec(struct sk_buff *skb, struct tc_action **actions, > } > } else if (TC_ACT_EXT_CMP(ret, TC_ACT_GOTO_CHAIN)) { > if (unlikely(!rcu_access_pointer(a->goto_chain))) { > - tcf_set_drop_reason(skb, SKB_DROP_REASON_TC_ERROR); > + tcf_set_drop_reason(skb, > + SKB_DROP_REASON_TC_CHAIN_NOTFOUND); > return TC_ACT_SHOT; > } > tcf_action_goto_chain_exec(a, res); > diff --git a/net/sched/cls_api.c b/net/sched/cls_api.c > index 32457a236d77..5012fc0a24a1 100644 > --- a/net/sched/cls_api.c > +++ b/net/sched/cls_api.c > @@ -1682,13 +1682,15 @@ static inline int __tcf_classify(struct sk_buff *skb, > */ > if (unlikely(n->tp != tp || n->tp->chain != n->chain || > !tp->ops->get_exts)) { > - tcf_set_drop_reason(skb, SKB_DROP_REASON_TC_ERROR); > + tcf_set_drop_reason(skb, > + SKB_DROP_REASON_TC_COOKIE_MISMATCH); > return TC_ACT_SHOT; > } > > exts = tp->ops->get_exts(tp, n->handle); > if (unlikely(!exts || n->exts != exts)) { > - tcf_set_drop_reason(skb, SKB_DROP_REASON_TC_ERROR); > + tcf_set_drop_reason(skb, > + SKB_DROP_REASON_TC_COOKIE_EXT_MISMATCH); > return TC_ACT_SHOT; > } > > @@ -1717,7 +1719,8 @@ static inline int __tcf_classify(struct sk_buff *skb, > } > > if (unlikely(n)) { > - tcf_set_drop_reason(skb, SKB_DROP_REASON_TC_ERROR); > + tcf_set_drop_reason(skb, > + SKB_DROP_REASON_TC_COOKIE_MISMATCH); > return TC_ACT_SHOT; > } > > @@ -1729,7 +1732,8 @@ static inline int __tcf_classify(struct sk_buff *skb, > tp->chain->block->index, > tp->prio & 0xffff, > ntohs(tp->protocol)); > - tcf_set_drop_reason(skb, SKB_DROP_REASON_TC_ERROR); > + tcf_set_drop_reason(skb, > + SKB_DROP_REASON_TC_RECLASSIFY_LOOP); > return TC_ACT_SHOT; > } > > @@ -1767,7 +1771,8 @@ int tcf_classify(struct sk_buff *skb, > n = tcf_exts_miss_cookie_lookup(ext->act_miss_cookie, > &act_index); > if (!n) { > - tcf_set_drop_reason(skb, SKB_DROP_REASON_TC_ERROR); > + tcf_set_drop_reason(skb, > + SKB_DROP_REASON_TC_EXT_COOKIE_NOTFOUND); > return TC_ACT_SHOT; > } > > @@ -1778,7 +1783,9 @@ int tcf_classify(struct sk_buff *skb, > > fchain = tcf_chain_lookup_rcu(block, chain); > if (!fchain) { > - tcf_set_drop_reason(skb, SKB_DROP_REASON_TC_ERROR); > + tcf_set_drop_reason(skb, > + SKB_DROP_REASON_TC_CHAIN_NOTFOUND); > + > return TC_ACT_SHOT; > } > > @@ -1800,10 +1807,9 @@ int tcf_classify(struct sk_buff *skb, > > ext = tc_skb_ext_alloc(skb); > if (WARN_ON_ONCE(!ext)) { > - tcf_set_drop_reason(skb, SKB_DROP_REASON_TC_ERROR); > + tcf_set_drop_reason(skb, SKB_DROP_REASON_NOMEM); > return TC_ACT_SHOT; > } > - > ext->chain = last_executed_chain; > ext->mru = cb->mru; > ext->post_ct = cb->post_ct; > -- > 2.25.1 > > I have been meaning to get around to adding QDISC_DROP_REASON_{CONGEST,OVERFLOW,FLOOD,SPIKE} to cake/fq_codel/red/etc for some time now. Would this be the right facility to leverage (or something more direct?) I discussed the why at netdevconf: https://docs.google.com/document/d/1tTYBPeaRdCO9AGTGQCpoiuLORQzN_bG3TAkEolJPh28/edit Other names welcomed. Otherwise I suppose I will wait for this stuff to land: Acked-By: Dave Taht <dave.taht@...il.com> -- :( My old R&D campus is up for sale: https://tinyurl.com/yurtlab Dave Täht CSO, LibreQos
Powered by blists - more mailing lists