| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aac5b03d-1380-437a-9763-1069aff1fd8b@redhat.com>
Date: Tue, 13 May 2025 13:04:28 +0200
From: Paolo Abeni <pabeni@...hat.com>
To: Jesper Dangaard Brouer <hawk@...nel.org>, netdev@...r.kernel.org,
Jakub Kicinski <kuba@...nel.org>
Cc: bpf@...r.kernel.org, Eric Dumazet <eric.dumazet@...il.com>,
"David S. Miller" <davem@...emloft.net>,
Toke Høiland-Jørgensen <toke@...e.dk>,
kernel-team@...udflare.com, mfleming@...udflare.com
Subject: Re: [PATCH net-next V2] net: track pfmemalloc drops via
SKB_DROP_REASON_PFMEMALLOC
On 5/9/25 4:36 PM, Jesper Dangaard Brouer wrote:
> diff --git a/include/linux/filter.h b/include/linux/filter.h
> index f5cf4d35d83e..cb31be77dd7e 100644
> --- a/include/linux/filter.h
> +++ b/include/linux/filter.h
> @@ -1073,12 +1073,21 @@ bpf_jit_binary_lock_ro(struct bpf_binary_header *hdr)
> return set_memory_rox((unsigned long)hdr, hdr->size >> PAGE_SHIFT);
> }
>
> -int sk_filter_trim_cap(struct sock *sk, struct sk_buff *skb, unsigned int cap);
> +int sk_filter_trim_cap(struct sock *sk, struct sk_buff *skb, unsigned int cap,
> + enum skb_drop_reason *reason);
> static inline int sk_filter(struct sock *sk, struct sk_buff *skb)
> {
> - return sk_filter_trim_cap(sk, skb, 1);
> + enum skb_drop_reason ignore_reason;
> +
> + return sk_filter_trim_cap(sk, skb, 1, &ignore_reason);
> +}
I'm sorry to nit-pick but checkpatch is not happy about the lack of
black lines here, and I think an empty line would make the code more
readable.
[...]
> diff --git a/net/core/dev.c b/net/core/dev.c
> index 03d20a98f8b7..a1e10a13f7c8 100644
> --- a/net/core/dev.c
> +++ b/net/core/dev.c
> @@ -5910,7 +5910,11 @@ static int __netif_receive_skb_core(struct sk_buff **pskb, bool pfmemalloc,
> dev_core_stats_rx_dropped_inc(skb->dev);
> else
> dev_core_stats_rx_nohandler_inc(skb->dev);
> - kfree_skb_reason(skb, SKB_DROP_REASON_UNHANDLED_PROTO);
> +
> + if (pfmemalloc)
> + kfree_skb_reason(skb, SKB_DROP_REASON_PFMEMALLOC);
> + else
> + kfree_skb_reason(skb, SKB_DROP_REASON_UNHANDLED_PROTO);
AFAICS we can reach here even if skb_orphan_frags_rx() fails and that
will be accounted as 'SKB_DROP_REASON_UNHANDLED_PROTO'. Perhaps it would
be better to let the 'goto out' caller set the drop reason? And also set
it to 'SKB_DROP_REASON_UNHANDLED_PROTO' in this block before the 'out:'
label.
[...]
> @@ -2637,6 +2635,7 @@ static int udp_unicast_rcv_skb(struct sock *sk, struct sk_buff *skb,
> int __udp4_lib_rcv(struct sk_buff *skb, struct udp_table *udptable,
> int proto)
> {
> + enum skb_drop_reason drop_reason;
> struct sock *sk = NULL;
> struct udphdr *uh;
> unsigned short ulen;
> @@ -2644,7 +2643,6 @@ int __udp4_lib_rcv(struct sk_buff *skb, struct udp_table *udptable,
> __be32 saddr, daddr;
> struct net *net = dev_net(skb->dev);
> bool refcounted;
> - int drop_reason;
>
> drop_reason = SKB_DROP_REASON_NOT_SPECIFIED;
>
The above 2 chunks look unrelated/unneeded. Since the patch is already
pretty big, I think it would be better to not include them.
Thanks,
Paolo
Powered by blists - more mailing lists