| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <344a5b1e-9cfc-4a77-b55c-84fe21c89517@redhat.com>
Date: Tue, 20 May 2025 12:00:03 +0200
From: Paolo Abeni <pabeni@...hat.com>
To: chia-yu.chang@...ia-bell-labs.com, linux-doc@...r.kernel.org,
corbet@....net, horms@...nel.org, dsahern@...nel.org, kuniyu@...zon.com,
bpf@...r.kernel.org, netdev@...r.kernel.org, dave.taht@...il.com,
jhs@...atatu.com, kuba@...nel.org, stephen@...workplumber.org,
xiyou.wangcong@...il.com, jiri@...nulli.us, davem@...emloft.net,
edumazet@...gle.com, andrew+netdev@...n.ch, donald.hunter@...il.com,
ast@...erby.net, liuhangbin@...il.com, shuah@...nel.org,
linux-kselftest@...r.kernel.org, ij@...nel.org, ncardwell@...gle.com,
koen.de_schepper@...ia-bell-labs.com, g.white@...lelabs.com,
ingemar.s.johansson@...csson.com, mirja.kuehlewind@...csson.com,
cheshire@...le.com, rs.ietf@....at, Jason_Livingood@...cast.com,
vidhi_goel@...le.com
Subject: Re: [PATCH v7 net-next 11/15] tcp: accecn: AccECN option failure
handling
On 5/14/25 3:56 PM, chia-yu.chang@...ia-bell-labs.com wrote:
> @@ -603,7 +614,23 @@ static bool tcp_accecn_process_option(struct tcp_sock *tp,
> unsigned int i;
> u8 *ptr;
>
> + if (tcp_accecn_opt_fail_recv(tp))
> + return false;
> +
> if (!(flag & FLAG_SLOWPATH) || !tp->rx_opt.accecn) {
> + if (!tp->saw_accecn_opt) {
> + /* Too late to enable after this point due to
> + * potential counter wraps
> + */
> + if (tp->bytes_sent >= (1 << 23) - 1) {
> + u8 fail_mode = TCP_ACCECN_OPT_FAIL_RECV;
> +
> + tp->saw_accecn_opt = TCP_ACCECN_OPT_FAIL_SEEN;
> + tcp_accecn_fail_mode_set(tp, fail_mode);
Similar code above, possibly an helper could be used.
> + }
> + return false;
> + }
> +
> if (estimate_ecnfield) {
> u8 ecnfield = estimate_ecnfield - 1;
>
> @@ -619,6 +646,13 @@ static bool tcp_accecn_process_option(struct tcp_sock *tp,
> order1 = (ptr[0] == TCPOPT_ACCECN1);
> ptr += 2;
>
> + if (tp->saw_accecn_opt < TCP_ACCECN_OPT_COUNTER_SEEN) {
> + tp->saw_accecn_opt = tcp_accecn_option_init(skb,
> + tp->rx_opt.accecn);
> + if (tp->saw_accecn_opt == TCP_ACCECN_OPT_FAIL_SEEN)
> + tcp_accecn_fail_mode_set(tp, TCP_ACCECN_OPT_FAIL_RECV);
> + }
> +
> res = !!estimate_ecnfield;
> for (i = 0; i < 3; i++) {
> if (optlen < TCPOLEN_ACCECN_PERFIELD)
> @@ -6481,10 +6515,25 @@ static bool tcp_validate_incoming(struct sock *sk, struct sk_buff *skb,
> */
> if (th->syn) {
> if (tcp_ecn_mode_accecn(tp)) {
> - u8 opt_demand = max_t(u8, 1, tp->accecn_opt_demand);
> -
> accecn_reflector = true;
> - tp->accecn_opt_demand = opt_demand;
> + if (tp->rx_opt.accecn &&
> + tp->saw_accecn_opt < TCP_ACCECN_OPT_COUNTER_SEEN) {
> + u8 offset = tp->rx_opt.accecn;
> + u8 opt_demand;
> + u8 saw_opt;
> +
> + saw_opt = tcp_accecn_option_init(skb, offset);
> + tp->saw_accecn_opt = saw_opt;
> + if (tp->saw_accecn_opt ==
> + TCP_ACCECN_OPT_FAIL_SEEN) {
> + u8 fail_mode = TCP_ACCECN_OPT_FAIL_RECV;
> +
> + tcp_accecn_fail_mode_set(tp, fail_mode);
> + }
> + opt_demand = max_t(u8, 1,
> + tp->accecn_opt_demand);
> + tp->accecn_opt_demand = opt_demand;
> + }
> }
Too many indentation levels, please move into a separate helper
/P
Powered by blists - more mailing lists