lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 7 Feb 2024 10:21:49 +0100
From: Eric Dumazet <edumazet@...gle.com>
To: Jason Xing <kerneljasonxing@...il.com>
Cc: davem@...emloft.net, kuba@...nel.org, pabeni@...hat.com, 
	dsahern@...nel.org, netdev@...r.kernel.org, 
	Jason Xing <kernelxing@...cent.com>
Subject: Re: [PATCH net-next 0/2] add more drop reasons in tcp receive path

On Wed, Feb 7, 2024 at 3:24 AM Jason Xing <kerneljasonxing@...il.com> wrote:
>
> On Sun, Feb 4, 2024 at 6:46 PM Jason Xing <kerneljasonxing@...il.com> wrote:
> >
> > From: Jason Xing <kernelxing@...cent.com>
> >
> > When I was debugging the reason about why the skb should be dropped in
> > syn cookie mode, I found out that this NOT_SPECIFIED reason is too
> > general. Thus I decided to refine it.
>
> Hello, any suggestions? Those names in the patchset could be improper,
> but I've already tried to name them in English :S
>

Adding &drop_reason parameters all over the places adds more code for
CONFIG_STACKPROTECTOR=y builds,
because of added canary checks.

Please make sure not to slow down the TCP fast path, while we work
hard in the opposite direction.

Also, sending patch series over weekends increases the chance for them
being lost, just my personal opinion...


> Thanks,
> Jason
>
> >
> > Jason Xing (2):
> >   tcp: add more DROP REASONs in cookie check
> >   tcp: add more DROP REASONS in child process
> >
> >  include/net/dropreason-core.h | 18 ++++++++++++++++++
> >  include/net/tcp.h             |  8 +++++---
> >  net/ipv4/syncookies.c         | 18 ++++++++++++++----
> >  net/ipv4/tcp_input.c          | 19 +++++++++++++++----
> >  net/ipv4/tcp_ipv4.c           | 13 +++++++------
> >  net/ipv4/tcp_minisocks.c      |  4 ++--
> >  net/ipv6/tcp_ipv6.c           |  6 +++---
> >  7 files changed, 64 insertions(+), 22 deletions(-)
> >
> > --
> > 2.37.3
> >

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ