From patchwork Thu Feb 15 01:20:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jason Xing X-Patchwork-Id: 13557273 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com [209.85.210.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 052F515D1 for ; Thu, 15 Feb 2024 01:20:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.179 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960047; cv=none; b=asN4Y6Yn/mAtxp9OaB8x/wI6Df4Ib8JP13aiq2fn6tr4ae7IyE62C81YAzzZWOtiiUN8lJz1jeDCzrVjHUuReq1/wsO1M+PsWC+rQSAFAbXSRrEcZ3BhgxBvabsW1sYTxyigcKSGeX3rwwtQtN7bHTSh41iHojIJ/Fi11kQWKD0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960047; c=relaxed/simple; bh=dvNmvEihLgd/TOG/cZ5FyX4XLusRZmEmsLYGwkOemnU=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=e4CoqSwbOIXkm41ECck2o3ZoW6c0EuRA5YScf5M60WftOh/ZgssPUI3NDLftPQjS6l7jApNHLwKLem1wDpHzqZQie6jW6tF9+MsqZpaGdoAhap4Yivcv260IkeuaWX0VddsgThNO0gopvRxa2DYsYY/T4LbQ2bTfmMVzv0W4lV4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=TPL28IZt; arc=none smtp.client-ip=209.85.210.179 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="TPL28IZt" Received: by mail-pf1-f179.google.com with SMTP id d2e1a72fcca58-6e10ac45684so302221b3a.3 for ; Wed, 14 Feb 2024 17:20:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707960045; x=1708564845; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=vepiKC8QDUMnFcRy8EKHCiRB88KWrRcYdSU49clz+5Q=; b=TPL28IZtcgh5fBLcWdiLaTWs3TFSeXASLLPzQKkRgB0edbQEoXLt7aEvSnbU75mI3y mFBMYLk8hNBJ3uzN5ZSkDO0LmOl2YdmtVtlX+xS8pOyYKneTm3/NQ3Z5mQA6wLxEWaP8 CG8bEDvA22B8+yq6z2YdvdJd9SNP/ICog1h0rJiL+dn17SbmF0xQMTSU6QTciXTd4Lbh PezcYGOkuaMuGYZ8SDpmu4yoaQBb1/MW/EM153awse7vN45OSJF4kTT3xIZCpw1PPEc4 83h/yEjpX8gSexfb6LZg02Pk9ECMKy5+L9Qqv7R3ZTN0Hh9rI39gv3hyLTesDRrAnKXU 71VQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707960045; x=1708564845; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=vepiKC8QDUMnFcRy8EKHCiRB88KWrRcYdSU49clz+5Q=; b=J50E5FS9tiH5/ELsp+r5aBViwKRqc3xDzbZb8sfSLIhkutnV0gHGHAdRDhQrJQJ0kn ii/KYZJYxbt/6ykFGtnRHCp4cyqE8U2E7H1i5Rhp7fn1aYJnuHNcf1OMULHKGkQ/cQLI V2twzAUGfPErD+K59X//3W5mKIGVQ85jzyy3YDoS0d0svb0alQQLEspjgVKvYm21jJgx ORGlsTzeiZN8P3wqDtiG/lNvrI0pUWzHKxSeBvGADn2E9nnNhza3T91znWdAODjMuIOY aPL7/Az5+BOac+Fi3TCxNSimR45n2G1UkPWxeJG/mGFSyk9Z7f30KnWVV3YJt1qxgH6t y/sg== X-Gm-Message-State: AOJu0YwYZJXGffhMsFg8x1lIejmuEY+/4MZlQ79kZZa4+FLJma+z5cSn +VmEF5A87BPaJiJqDIweQuac5qibm2jEfV+n42Mbn5IhObFk6sV6 X-Google-Smtp-Source: AGHT+IGjfThFkxEFXkCZ7S0Hk7BvQ1YGtSQ7ZxH8HwT4p0+hajNTnkTOevr7O7UL8cSv2yzykAjkyw== X-Received: by 2002:a05:6a20:9f08:b0:19e:3a94:6309 with SMTP id mk8-20020a056a209f0800b0019e3a946309mr744223pzb.5.1707960045171; Wed, 14 Feb 2024 17:20:45 -0800 (PST) Received: from KERNELXING-MB0.tencent.com ([114.253.33.234]) by smtp.gmail.com with ESMTPSA id x2-20020a17090a6c0200b00298ae12699csm163417pjj.12.2024.02.14.17.20.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Feb 2024 17:20:44 -0800 (PST) From: Jason Xing To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, dsahern@kernel.org, kuniyu@amazon.com Cc: netdev@vger.kernel.org, kerneljasonxing@gmail.com, Jason Xing Subject: [PATCH net-next v5 01/11] tcp: add a dropreason definitions and prepare for cookie check Date: Thu, 15 Feb 2024 09:20:17 +0800 Message-Id: <20240215012027.11467-2-kerneljasonxing@gmail.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20240215012027.11467-1-kerneljasonxing@gmail.com> References: <20240215012027.11467-1-kerneljasonxing@gmail.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org From: Jason Xing Only add one drop reason to detect the condition of skb dropped because of hook points in cookie check for later use. Signed-off-by: Jason Xing --- v5 Link: https://lore.kernel.org/netdev/CANn89i+iELpsoea6+C-08m6+=JkneEEM=nAj-28eNtcOCkwQjw@mail.gmail.com/ Link: https://lore.kernel.org/netdev/632c6fd4-e060-4b8e-a80e-5d545a6c6b6c@kernel.org/ 1. Use SKB_DROP_REASON_IP_OUTNOROUTES instead of introducing a new one (Eric, David) 2. Reuse SKB_DROP_REASON_NOMEM to handle failure of request socket allocation (Eric) 3. Reuse NO_SOCKET instead of introducing COOKIE_NOCHILD 4. Reuse IP_OUTNOROUTES instead of INVALID_DST (Eric) 5. adjust the title and description. v4 Link: https://lore.kernel.org/netdev/20240212172302.3f95e454@kernel.org/ 1. fix misspelled name in kdoc as Jakub said --- include/net/dropreason-core.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/include/net/dropreason-core.h b/include/net/dropreason-core.h index 6d3a20163260..3aaccad4eb20 100644 --- a/include/net/dropreason-core.h +++ b/include/net/dropreason-core.h @@ -54,6 +54,7 @@ FN(NEIGH_QUEUEFULL) \ FN(NEIGH_DEAD) \ FN(TC_EGRESS) \ + FN(SECURITY_HOOK) \ FN(QDISC_DROP) \ FN(CPU_BACKLOG) \ FN(XDP) \ @@ -271,6 +272,8 @@ enum skb_drop_reason { SKB_DROP_REASON_NEIGH_DEAD, /** @SKB_DROP_REASON_TC_EGRESS: dropped in TC egress HOOK */ SKB_DROP_REASON_TC_EGRESS, + /** @SKB_DROP_REASON_SECURITY_HOOK: dropped due to security HOOK */ + SKB_DROP_REASON_SECURITY_HOOK, /** * @SKB_DROP_REASON_QDISC_DROP: dropped by qdisc when packet outputting ( * failed to enqueue to current qdisc) From patchwork Thu Feb 15 01:20:18 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jason Xing X-Patchwork-Id: 13557274 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-pg1-f174.google.com (mail-pg1-f174.google.com [209.85.215.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 52C1B10F2 for ; Thu, 15 Feb 2024 01:20:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.174 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960051; cv=none; b=rDclnfkAZ228vx/+RJsfaiTZC1sQ09ca+RPcBcCH0V/q747DXOpbv4XWYXXgDmOcL8HttYImyPxf0GVPyDti12gw/xBb6QvoWfTaYuiuF4Hv052qsGs7ixeORa4beJwENoUEQjzpnggcVkXYqsNbApYDxTgFnRFijbfgqoxizMk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960051; c=relaxed/simple; bh=beTa8kvuVAR1xuuwoOtkmKnK0Wn7xIsrcdGr8CPSjQQ=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=t1Ge55hXcceLs1KE3YO+GDNVorV4v3Wymfxt6+JXiYpXgdv6jhv7iDmIrZzAigAnVDh6iAvHlF87r5l5y8FtD+DmkuTiKKU6woKgoWnGwzirMxoSdba1mS7bs7ByP8TAI4ei2miw/TESHSq5/8da8Z5BKhUrpJ2NFegc6kV5Tyw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=JxRmNy38; arc=none smtp.client-ip=209.85.215.174 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="JxRmNy38" Received: by mail-pg1-f174.google.com with SMTP id 41be03b00d2f7-5dc4a487b1eso299988a12.1 for ; Wed, 14 Feb 2024 17:20:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707960049; x=1708564849; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=UiHRSiDQCWhkRJWyWtx70sVdTRuKjyaav9BVyuxi7cY=; b=JxRmNy388irNwI4irZxg+6xaT+3dDeW0JaoSSsv/cSqwm6Du4bzSQ3hKR95tat3jKo 0qr+2w6KwReNZpaq65LsQz98ldFKr9bnvKT9bmzpQcm873shgyu4FNZg906zkHvBZ/AM c46wOERNf6ZLM6LU4LF6V7+ZR9E+AZhey1tqgYUphBzFJ3wKiWP2eDSLRdqg50jYi7Z3 KbWCu5s+7ZjHRRhujXoXtKV1BYXqZrAAgnCJ4uWEchADvwaYvFgb5TrfbcWtG6FD1jdN 9xd77WtqwUziS+bPkHhQgnTWvA6URyoloHgrdbpvQPv9m+CgiEfnaC1D/GF+A28D2V4h 7MAg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707960049; x=1708564849; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UiHRSiDQCWhkRJWyWtx70sVdTRuKjyaav9BVyuxi7cY=; b=JyIcOZCJ1SC3q9+8C/10oXFPb35z71wkwMiy8h1qhD9sB2TaWHY+q3EvuIswCimVsN 9lEUajU8Bm59K6HKsgGRAvfUPONWPoVjhJgMsUJ2jEamGK/75hK0xBQ9+FwuinyZMenT VLuZhxXJF5hp1xCUuWj89/RKt0BzMM0Rq0EileQhZ0vZLrJRyeOldwGqPt6UofQX6BFn KP4VCLoY8j8ANbDuzbnB516/Qmh0Dw88yucTeFZL+B7dlUpGY7JM/OsCQYx5zQ7Be5HR IJYKtrF98xo8T67ElSb0ne8r9dyaEVYhVB1xYD1yI0U9AUwTo8izRqCkc0wQSiU4JvbY vRVQ== X-Gm-Message-State: AOJu0YyrysV8QDeWkAnGjtGV0e/0DtkEXUA5AjzY0kEFy7XsRrFFT00g FvlL/WTlY1RD0iOYF17xiUGwzgivnmM/Sd7Gt8z3q1yFFaIi5yI6lkm/G3FcQP7A4g== X-Google-Smtp-Source: AGHT+IGJCB55CJHp4KHiooRvLHqwkE/Exc59N5YISxxjl0/EPAtRMjKH316vilybiCzQ/ucd1IdyEw== X-Received: by 2002:a05:6a21:3513:b0:19c:aba2:69e5 with SMTP id zc19-20020a056a21351300b0019caba269e5mr680074pzb.45.1707960049506; Wed, 14 Feb 2024 17:20:49 -0800 (PST) Received: from KERNELXING-MB0.tencent.com ([114.253.33.234]) by smtp.gmail.com with ESMTPSA id x2-20020a17090a6c0200b00298ae12699csm163417pjj.12.2024.02.14.17.20.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Feb 2024 17:20:49 -0800 (PST) From: Jason Xing To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, dsahern@kernel.org, kuniyu@amazon.com Cc: netdev@vger.kernel.org, kerneljasonxing@gmail.com, Jason Xing Subject: [PATCH net-next v5 02/11] tcp: directly drop skb in cookie check for ipv4 Date: Thu, 15 Feb 2024 09:20:18 +0800 Message-Id: <20240215012027.11467-3-kerneljasonxing@gmail.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20240215012027.11467-1-kerneljasonxing@gmail.com> References: <20240215012027.11467-1-kerneljasonxing@gmail.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org From: Jason Xing Only move the skb drop from tcp_v4_do_rcv() to cookie_v4_check() itself, no other changes made. It can help us refine the specific drop reasons later. Signed-off-by: Jason Xing --- net/ipv4/syncookies.c | 4 ++++ net/ipv4/tcp_ipv4.c | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c index be88bf586ff9..38f331da6677 100644 --- a/net/ipv4/syncookies.c +++ b/net/ipv4/syncookies.c @@ -408,6 +408,7 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb) struct rtable *rt; __u8 rcv_wscale; int full_space; + SKB_DR(reason); if (!READ_ONCE(net->ipv4.sysctl_tcp_syncookies) || !th->ack || th->rst) @@ -477,10 +478,13 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb) */ if (ret) inet_sk(ret)->cork.fl.u.ip4 = fl4; + else + goto out_drop; out: return ret; out_free: reqsk_free(req); out_drop: + kfree_skb_reason(skb, reason); return NULL; } diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 0c50c5a32b84..0a944e109088 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -1915,7 +1915,7 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb) struct sock *nsk = tcp_v4_cookie_check(sk, skb); if (!nsk) - goto discard; + return 0; if (nsk != sk) { if (tcp_child_process(sk, nsk, skb)) { rsk = nsk; From patchwork Thu Feb 15 01:20:19 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jason Xing X-Patchwork-Id: 13557275 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-pj1-f50.google.com (mail-pj1-f50.google.com [209.85.216.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CB4741C0F for ; Thu, 15 Feb 2024 01:20:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.50 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960056; cv=none; b=YiSu7BL8M/dAyHO+kInA1u6n4443C8Rn0IjHOk4AZjzGDejFP19zjMy5RnIMGJpPhnk7cu3ic4Gay44KRWayMCfWyjBFey52hdOPTCNYxCYbfKh4B0rAtwoFrixDcCU1+5eALCCjzL+NK2rSffw81o3docFjBr+iPyx4kYyRXc4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960056; c=relaxed/simple; bh=r6j+a2WZGjfHedoPNFiK6lfhvRNmqawuI332kvdSekI=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=KWOsLFFKrgvzPnrNkTAx4VJZ0yV8D6Sv/w8/ymQW2ahicAoUzs4rqo2NsmDcxeOxcyq8W3Dz04AbS3vdOXcSx/bvcK3xyvzHgV9blNT8VIOA9VB+lnHXA1cG1zxyYV8+aIUeF9BsX76+U9BrcstVWZ+JpUzzFgoGptiAkB5LwMM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=IIWA0i7F; arc=none smtp.client-ip=209.85.216.50 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="IIWA0i7F" Received: by mail-pj1-f50.google.com with SMTP id 98e67ed59e1d1-298cc60ee66so322862a91.0 for ; Wed, 14 Feb 2024 17:20:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707960054; x=1708564854; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=LNg/mumsbnLlLgbuGQLZQkzF5VbcxQHBWbWV1KN0ow4=; b=IIWA0i7FTK4Gu/WEEb+Pr5EBo4943+Ai1S6TqjugqQO2ueu6pxc7K59vdyTccKc2c1 SkX1DcC9694A2bSIhZJ855p5e4Oo8cqyRDN5eq2Y3wl2Qgqgq3bx9xjJ7ZN+Mn6qHgl4 5+Nde3oAKcfNXEv8zbM582qWa06i0Qf7eD7ND2JpWZ/pIcYSjuGgo7MhQ3hCmDRpnGFs aN4MTcPvKEIKsKKDM8hb/55HcfeGoKf9t6zaSoQjXs9Tl5KpSQFjI5WcZRAY7++iKd4c FFrtDXvXcIof6RNd4L+fCjByEWt90Rh8pb9wY3rgEJSiH3qR1ffoGONGQOWU/+rA2nx3 8+UQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707960054; x=1708564854; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=LNg/mumsbnLlLgbuGQLZQkzF5VbcxQHBWbWV1KN0ow4=; b=p/g3LMw12K3HdmdQbpSyEe/yy+IMkLZI5xbkenT5xTI+HXkyqJGN0T9D4ua8I7ksug SUevTHMw75BGN075cbuCdi2P5rpkdkVWB3eGt40+JetihLcBZDkssTmYLDCYZpRmg/KP LVDS3N8de7GF7PXp9quWhfgUU22EuxSMHm4JhDp3otB5pe8JH1Kz+/xe1r6GSGxJazYH FwDeWT2Ncbav7nnGAVtjL6Z/pAT8l1hQYrnX9LqwA5mXa8niIKSBIpBADvmUHheXTqqm edV8UPCzr21HwUGIeCxMQ7wOWgxe3zJxGfFC0+F7wXtfEjyu0nYfzUt2zuz5x6XT3Ei2 nzxA== X-Gm-Message-State: AOJu0YxsxRw6eZ2gErp6j59wQo8pG4rv+kF+KS8t+ZHmM0Xe+xROVbfZ YsRZ2HTACK/YcNaDYB4/AeS5cijolvanfbeqpjuobv8dLT/38vI4 X-Google-Smtp-Source: AGHT+IGjqCRZxOAIiDE6NE+6zktCQn7TK5M1lDBI8TT6eqWQHmev3QSz6ITAWH3tFmuJ6FgVyrJ1pw== X-Received: by 2002:a17:90b:1d8f:b0:299:471:9713 with SMTP id pf15-20020a17090b1d8f00b0029904719713mr183302pjb.11.1707960054114; Wed, 14 Feb 2024 17:20:54 -0800 (PST) Received: from KERNELXING-MB0.tencent.com ([114.253.33.234]) by smtp.gmail.com with ESMTPSA id x2-20020a17090a6c0200b00298ae12699csm163417pjj.12.2024.02.14.17.20.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Feb 2024 17:20:53 -0800 (PST) From: Jason Xing To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, dsahern@kernel.org, kuniyu@amazon.com Cc: netdev@vger.kernel.org, kerneljasonxing@gmail.com, Jason Xing Subject: [PATCH net-next v5 03/11] tcp: use drop reasons in cookie check for ipv4 Date: Thu, 15 Feb 2024 09:20:19 +0800 Message-Id: <20240215012027.11467-4-kerneljasonxing@gmail.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20240215012027.11467-1-kerneljasonxing@gmail.com> References: <20240215012027.11467-1-kerneljasonxing@gmail.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org From: Jason Xing Now it's time to use the prepared definitions to refine this part. Four reasons used might enough for now, I think. Signed-off-by: Jason Xing --- v5: Link: https://lore.kernel.org/netdev/CANn89i+iELpsoea6+C-08m6+=JkneEEM=nAj-28eNtcOCkwQjw@mail.gmail.com/ Link: https://lore.kernel.org/netdev/632c6fd4-e060-4b8e-a80e-5d545a6c6b6c@kernel.org/ 1. Use SKB_DROP_REASON_IP_OUTNOROUTES instead of introducing a new one (Eric, David) 2. Reuse SKB_DROP_REASON_NOMEM to handle failure of request socket allocation (Eric) 3. Reuse NO_SOCKET instead of introducing COOKIE_NOCHILD --- net/ipv4/syncookies.c | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c index 38f331da6677..aeb61c880fbd 100644 --- a/net/ipv4/syncookies.c +++ b/net/ipv4/syncookies.c @@ -421,8 +421,10 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb) if (IS_ERR(req)) goto out; } - if (!req) + if (!req) { + SKB_DR_SET(reason, NOMEM); goto out_drop; + } ireq = inet_rsk(req); @@ -434,8 +436,10 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb) */ RCU_INIT_POINTER(ireq->ireq_opt, tcp_v4_save_options(net, skb)); - if (security_inet_conn_request(sk, skb, req)) + if (security_inet_conn_request(sk, skb, req)) { + SKB_DR_SET(reason, SECURITY_HOOK); goto out_free; + } tcp_ao_syncookie(sk, skb, req, AF_INET); @@ -452,8 +456,10 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb) ireq->ir_loc_addr, th->source, th->dest, sk->sk_uid); security_req_classify_flow(req, flowi4_to_flowi_common(&fl4)); rt = ip_route_output_key(net, &fl4); - if (IS_ERR(rt)) + if (IS_ERR(rt)) { + SKB_DR_SET(reason, IP_OUTNOROUTES); goto out_free; + } /* Try to redo what tcp_v4_send_synack did. */ req->rsk_window_clamp = tp->window_clamp ? :dst_metric(&rt->dst, RTAX_WINDOW); @@ -476,10 +482,12 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb) /* ip_queue_xmit() depends on our flow being setup * Normal sockets get it right from inet_csk_route_child_sock() */ - if (ret) + if (ret) { inet_sk(ret)->cork.fl.u.ip4 = fl4; - else + } else { + SKB_DR_SET(reason, NO_SOCKET); goto out_drop; + } out: return ret; out_free: From patchwork Thu Feb 15 01:20:20 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jason Xing X-Patchwork-Id: 13557276 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-pg1-f174.google.com (mail-pg1-f174.google.com [209.85.215.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 12B96539A for ; Thu, 15 Feb 2024 01:20:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.174 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960060; cv=none; b=HP9eqy3EpDo3wh4H40wcCyWlTc/6++CU2C5kUUs/4beGqH7oe0xWTvRny8U2vfeHcxmwS+iFMORVfUhdc7G4omHHIFBkIFGFGvbh2NYZRHDsYa3puIdh3U2pJ2Mazc31VRR8GE7E0B5azr25cL8nLIygbfwhXFKpZqUq1xHQFpE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960060; c=relaxed/simple; bh=0Lbmqyy24+MoTt8X9lgfhH4tzRMKYG/AQoX9agorMbk=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=bBCvEaHf+y76WJAiLZOxlH6q9hzTEIdb6XYsBHNUhFbEnpNEJxzKs+1jnc7UAGoZ3sL59dQPLAbaTdMzhrex9wLRujOCchtEw4EGaEaEvEd9BYDjK4T2J4QcrBE/GDUauDHtaiPzrsNgiCKwthzGGu07BG+KdSrl0zVsX0Rwysk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=DYhd+cOK; arc=none smtp.client-ip=209.85.215.174 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="DYhd+cOK" Received: by mail-pg1-f174.google.com with SMTP id 41be03b00d2f7-5cf2d73a183so951815a12.1 for ; Wed, 14 Feb 2024 17:20:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707960058; x=1708564858; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=O8x85gIKmkaVSOh7Ia3AV6e6qpXLl1ZM81pA0XxL+BE=; b=DYhd+cOKWrIQRABUqL8++n4yZQV72KvPmF9bpGeTN2QfAC9ptLrg+EU9vhfVY4yfuN eDl062Kbi74U8jKDVaHVuH87DIVSoACPGlPoKNjazvq7qbSTKfj2o/xs6M5S8lJJ64Hr qAOUoUBkxWP6xte1RSaPdEg8w0YiTpjp4UN89KSJP9nQSrogoj5iOv49wbN3V2jQBGTW Y9uVv+ONrmeXg5K+nDkZH9Om4IoQ9HirD7OOM3i/vbOP4cKmqI/y6j1/o3vQIVvzqRDR asRUYJgGXFkDOc6/o78oDbn6slRZHa60RwvBp1Vqf5wnaq1S28V39c8c9vKRqTMfSYWi GI2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707960058; x=1708564858; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=O8x85gIKmkaVSOh7Ia3AV6e6qpXLl1ZM81pA0XxL+BE=; b=Kzf5a1fqopzcmvKyupkzGaD07g8dwj19pa1DzTeQg6/+vK9MNHzI/GwBA77vln6CGi we2Zc+m55tBFxv1q5Zp/Lzm2A78asM8VUZ1QggWEQ9b50VriiI2XeoFHHo/do/HLDWuP 8WVaM2L5fdnjbRY9LxHzWquKr8UewTVU5/dVwU1/iKBwK0yRzlVhEDO/U8MxZUvoRIsi Rg8OmMfKEc9GhowSptCM139XcgEuJ4LDJxwjTyGIYgDdJPd0+iYZ2OT826ABlAwClAMR XtmtBSOoVqkoQAbxtCvAqL6KGNMqzCRCdIyPdtK7omDzp6U6SojMoH7HX4eHd/TpuFUP uCyg== X-Gm-Message-State: AOJu0YzoRSC7PMC5oRsIFX3/1GHGVnjyUJGYtjvUb7L6e4UFZIQaSMue 09wCHwjlmhytu4gH4++lwbTW11Giq/gbB6g22MSW8hfMmPui51VI X-Google-Smtp-Source: AGHT+IHuDdOcdYIGRpsOV+bWVCpcMw5mmrWg/+/MjI9sylSqdEoFiGEwkqvGN8xNprLbj4+HkWedlw== X-Received: by 2002:a17:90a:6407:b0:296:94cb:4d02 with SMTP id g7-20020a17090a640700b0029694cb4d02mr471495pjj.1.1707960058417; Wed, 14 Feb 2024 17:20:58 -0800 (PST) Received: from KERNELXING-MB0.tencent.com ([114.253.33.234]) by smtp.gmail.com with ESMTPSA id x2-20020a17090a6c0200b00298ae12699csm163417pjj.12.2024.02.14.17.20.54 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Feb 2024 17:20:57 -0800 (PST) From: Jason Xing To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, dsahern@kernel.org, kuniyu@amazon.com Cc: netdev@vger.kernel.org, kerneljasonxing@gmail.com, Jason Xing Subject: [PATCH net-next v5 04/11] tcp: directly drop skb in cookie check for ipv6 Date: Thu, 15 Feb 2024 09:20:20 +0800 Message-Id: <20240215012027.11467-5-kerneljasonxing@gmail.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20240215012027.11467-1-kerneljasonxing@gmail.com> References: <20240215012027.11467-1-kerneljasonxing@gmail.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org From: Jason Xing Like previous patch does, only moving skb drop logical code to cookie_v6_check() for later refinement. Signed-off-by: Jason Xing --- v5 Link: https://lore.kernel.org/netdev/CANn89iKz7=1q7e8KY57Dn3ED7O=RCOfLxoHQKO4eNXnZa1OPWg@mail.gmail.com/ 1. avoid duplication of these opt_skb tests/actions (Eric) --- net/ipv6/syncookies.c | 4 ++++ net/ipv6/tcp_ipv6.c | 11 ++++------- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/net/ipv6/syncookies.c b/net/ipv6/syncookies.c index 6b9c69278819..ea0d9954a29f 100644 --- a/net/ipv6/syncookies.c +++ b/net/ipv6/syncookies.c @@ -177,6 +177,7 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) struct sock *ret = sk; __u8 rcv_wscale; int full_space; + SKB_DR(reason); if (!READ_ONCE(net->ipv4.sysctl_tcp_syncookies) || !th->ack || th->rst) @@ -256,10 +257,13 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) ireq->ecn_ok &= cookie_ecn_ok(net, dst); ret = tcp_get_cookie_sock(sk, skb, req, dst); + if (!ret) + goto out_drop; out: return ret; out_free: reqsk_free(req); out_drop: + kfree_skb_reason(skb, reason); return NULL; } diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index 57b25b1fc9d9..1ca4f11c3d6f 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -1653,16 +1653,13 @@ int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) if (sk->sk_state == TCP_LISTEN) { struct sock *nsk = tcp_v6_cookie_check(sk, skb); - if (!nsk) - goto discard; - - if (nsk != sk) { + if (nsk && nsk != sk) { if (tcp_child_process(sk, nsk, skb)) goto reset; - if (opt_skb) - __kfree_skb(opt_skb); - return 0; } + if (opt_skb) + __kfree_skb(opt_skb); + return 0; } else sock_rps_save_rxhash(sk, skb); From patchwork Thu Feb 15 01:20:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jason Xing X-Patchwork-Id: 13557277 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4F1053FEF for ; Thu, 15 Feb 2024 01:21:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.181 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960065; cv=none; b=YhUczkU1FwsQ+lgCR/8wvVgngfawMA0IyJlQrAcbmuv9B7P9fkpDcoQN+GdPPTBCfHga1ek1RHjkP1CrG2azQPtGk1aQ7qVo6tiMxd1I+wx6D4nt+PNDBXkBeCkYwVseMiMMjPgU7c7km5dWOHKgJgmx1QpAf7TbKZysbnRaPnY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960065; c=relaxed/simple; bh=CovTUO/xvMV3iPdJ1lHm/KXdeKdeQvtPvMtmrbhbWAw=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=QrZNktXGwJWsQmcxs0Nr5yE16zAg4GQw/lTaqZ0pF0Vxmvr2a4wcrk+pNKgk4puqfAxbtJnsyKIklHcVAn7/PPaCm9CEEMJRBtHZ+RVTkXR03rjfKik+BTqsn0DfOQ3dE2k3WdRRq8uFC8AI4GArDfao2KpzHK+Ju4MkKLG0/GA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=k1wSFLk6; arc=none smtp.client-ip=209.85.214.181 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="k1wSFLk6" Received: by mail-pl1-f181.google.com with SMTP id d9443c01a7336-1da0cd9c0e5so10859675ad.0 for ; Wed, 14 Feb 2024 17:21:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707960063; x=1708564863; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=VZoCjUeMWYkLR9bqGJSDfc9DpbUuYSQFhBhReQnhSFg=; b=k1wSFLk611AIsXgWRKCPR5F/nIZVyvftmUqaI+jk9kcH5sWzejjb9JO8taX55Sjnot 5Ea5vdqkPsGELZm9nK/LvexO3x0e/oCgFl0OtQGTtui171ZlQtV3uIxlwRSsKOWBuX3n uWS0kUjgKE5jtsyxn3JFtp+Ntt7jyOsDh+R+XQRRq6o8A4mpI8FrRRqv6w1mUhFXOSpU 4rX0Jx6s+BjLC8lbMPQUwYmCq7ohykrk8XhmnVxw600264I1QHDqqfuDgAStfRERv9W4 EjgnV/JZdJ+IyTbAlR2NYOTo04E7HK8fj5g2q4nGc/kQnNUenRvxrg+ud9aoQ+jX3b1/ FhQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707960063; x=1708564863; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VZoCjUeMWYkLR9bqGJSDfc9DpbUuYSQFhBhReQnhSFg=; b=O6vjN+CifEozcAr5vzMNV3c4pg3yyAJHXqufGOXb0tj10jUw4T9fNELMwUItnH6LSi v1iKyv95x9DZ/FEjLPlqfohZ3Kvawrf/YyQc0rnS3QqWVYrh5iSJh9KTGQoY+GLtUsAA wvMlMUfKWm0SmlQnf4GTj8KI+6jb5GLFLWgaVPsQremsMWZuog7QodzYxzz07R049CKJ WI7wCiC741rPMTY6coblGpIfPtLaBgid05O1/pNLTKZJ2Pcf9iEVzYZw6yLLzodnXYbe QKHZwJomzLlpWqU3ZBzzOJknTaQ/E95bRQijOp1VKdE5hIsebLKcmem0OxocOaVsfSU1 7OlQ== X-Gm-Message-State: AOJu0Yynty1GJVRcTIH1GqLKG0Q2AUO+KCjSYIdTv4jE0BD+YI0wbmcc cUu/AitSLCuuIZsVl2tOEzgVt01NASZWPrtOE8Y/sO6JgPSOLQWz X-Google-Smtp-Source: AGHT+IHq+1dIYKUoFfSmbuSVEwIkQzqYshP7Y8Ni5NKss44lXixV/NjgCbfSEGn9oa5wOevwtj56jw== X-Received: by 2002:a17:90a:6407:b0:296:94cb:4d02 with SMTP id g7-20020a17090a640700b0029694cb4d02mr471721pjj.1.1707960062729; Wed, 14 Feb 2024 17:21:02 -0800 (PST) Received: from KERNELXING-MB0.tencent.com ([114.253.33.234]) by smtp.gmail.com with ESMTPSA id x2-20020a17090a6c0200b00298ae12699csm163417pjj.12.2024.02.14.17.20.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Feb 2024 17:21:02 -0800 (PST) From: Jason Xing To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, dsahern@kernel.org, kuniyu@amazon.com Cc: netdev@vger.kernel.org, kerneljasonxing@gmail.com, Jason Xing Subject: [PATCH net-next v5 05/11] tcp: use drop reasons in cookie check for ipv6 Date: Thu, 15 Feb 2024 09:20:21 +0800 Message-Id: <20240215012027.11467-6-kerneljasonxing@gmail.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20240215012027.11467-1-kerneljasonxing@gmail.com> References: <20240215012027.11467-1-kerneljasonxing@gmail.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org From: Jason Xing Like what I did to ipv4 mode, refine this part: adding more drop reasons for better tracing. Signed-off-by: Jason Xing --- v5: Link: https://lore.kernel.org/netdev/CANn89i+iELpsoea6+C-08m6+=JkneEEM=nAj-28eNtcOCkwQjw@mail.gmail.com/ 1. Reuse SKB_DROP_REASON_NOMEM to handle failure of request socket allocation (Eric) 2. Reuse NO_SOCKET instead of introducing COOKIE_NOCHILD 3. Reuse IP_OUTNOROUTES instead of INVALID_DST (Eric) --- net/ipv6/syncookies.c | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/net/ipv6/syncookies.c b/net/ipv6/syncookies.c index ea0d9954a29f..bf51db679bd6 100644 --- a/net/ipv6/syncookies.c +++ b/net/ipv6/syncookies.c @@ -190,16 +190,20 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) if (IS_ERR(req)) goto out; } - if (!req) + if (!req) { + SKB_DR_SET(reason, NOMEM); goto out_drop; + } ireq = inet_rsk(req); ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr; ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr; - if (security_inet_conn_request(sk, skb, req)) + if (security_inet_conn_request(sk, skb, req)) { + SKB_DR_SET(reason, SECURITY_HOOK); goto out_free; + } if (ipv6_opt_accepted(sk, skb, &TCP_SKB_CB(skb)->header.h6) || np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo || @@ -236,8 +240,10 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) security_req_classify_flow(req, flowi6_to_flowi_common(&fl6)); dst = ip6_dst_lookup_flow(net, sk, &fl6, final_p); - if (IS_ERR(dst)) + if (IS_ERR(dst)) { + SKB_DR_SET(reason, IP_OUTNOROUTES); goto out_free; + } } req->rsk_window_clamp = tp->window_clamp ? :dst_metric(dst, RTAX_WINDOW); @@ -257,8 +263,10 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) ireq->ecn_ok &= cookie_ecn_ok(net, dst); ret = tcp_get_cookie_sock(sk, skb, req, dst); - if (!ret) + if (!ret) { + SKB_DR_SET(reason, NO_SOCKET); goto out_drop; + } out: return ret; out_free: From patchwork Thu Feb 15 01:20:22 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jason Xing X-Patchwork-Id: 13557278 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CFBCF6116 for ; Thu, 15 Feb 2024 01:21:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.177 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960069; cv=none; b=hfhiFCA5lwzjdi5CsKeXlXkSSdVFFp7nALBiUCTKud5h2KvKaH+0Y6QnjF0vUqpbbTMWZevPj0beCeSL/qLACgvvKtk88ywYliDs1OMjPCJhfwJnRpAIu/RHgHRcCMMguwbjLRiMr5KFT0vaiGR12NpRsg65Grthi8lbpUKjfoA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960069; c=relaxed/simple; bh=J0NxMYBKX/e2aOXb5+x5L2AU5cOSk+fLQr3n0Mzg5AU=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=qqrEq0t93NrOG2R80XxN6aTenOj5tIRxbinAudZR/oqV2J3NNspv2CCC4KGGsbilEcR452fIV16sxAW9pISYjHAPL0XBp05gp5FNr1aW+rcMqCsEvfSej130f++T2v8fEz5bxl2zss1qqHjdNBqORid1q4wDSRCQjuL1ywAB1AA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Dx3zEFZ0; arc=none smtp.client-ip=209.85.210.177 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Dx3zEFZ0" Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-6da4a923b1bso357551b3a.2 for ; Wed, 14 Feb 2024 17:21:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707960067; x=1708564867; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=id/o+c1wlHyi14IQwAUKwLJ0ogFgd2ncR8poTUkArw0=; b=Dx3zEFZ0KNHbOhKs7qKSrtlmh0nU/48nC3YOTCpJOKV/UVYMYvwO7kLm52R5HyKGES 74nyOjzZG/aM1xWtMLnsHa5FmbYCP32q3zomUNePX5NjJBrLNdbu6Lc3vQOKUc2OBh3I SqztU+erB0I9YmCtb1+0lWbR+cybMN/vDofq7QJkqd0h8ifs1GwJoZLvEVf6Ka9d3bUu tvCC4wUh1sMoClWFtj4UVcCzwxTGG3hoTy8kgMjSRcwic995TRqpY05ZPj3p39QSvqaX jzT3C5ty1ixw4Wdpc8IEw2W6KEPon/pWJun8E2z74vqXSjenlY1I8ujwNSA1MIOo6QjH QUYg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707960067; x=1708564867; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=id/o+c1wlHyi14IQwAUKwLJ0ogFgd2ncR8poTUkArw0=; b=ZjvQ+d8joCeIp4v3PDZ6iqo358QyI8Y9C2xpBOdnSwo+JRC0yww1APSS4Kpf3IUd/M p5I7uL2DLIak7tT7sF8Okm14+G24v4WE1kKukGGzUL07hjivTJGtQp/mKS0eERA4632P p6njeVtyDtLF4K3gdYycKjrW+1ogwLBmDDH2DNbLkIqqVsWXa7GEVIT3pcsX+gM0faYS gfURp4pr24aKwiuVtxaqe/ZJeffSib45WNdXqqGvQMsemcOD9iAppXQGFEj4BJM+PC7m ugNOSuEHD7Fe/iwE8PgSqMIOxdQ02jFMEqeLGR9VM6KDkJ8QDlMz+ElwiId6u2RABTax l8YQ== X-Gm-Message-State: AOJu0Yx7Z5mTAzjBkXeKdLjpYYeKIPI/Ibb/xPzki+UTWaWyQONIr6EQ 8ia4g6h4HIQFl4PR5WE3VwMyDb3K4yR66c6zHanbSwIbYtA6ugDN X-Google-Smtp-Source: AGHT+IH2EkGtiZ++PK+8evgEVK52hMkAMBsLuSqAbGKw8PZHZqq4T8x0hRXZWh2L21hgzDQiWgqIEA== X-Received: by 2002:a05:6a20:c886:b0:1a0:73b9:85e2 with SMTP id hb6-20020a056a20c88600b001a073b985e2mr574511pzb.10.1707960067136; Wed, 14 Feb 2024 17:21:07 -0800 (PST) Received: from KERNELXING-MB0.tencent.com ([114.253.33.234]) by smtp.gmail.com with ESMTPSA id x2-20020a17090a6c0200b00298ae12699csm163417pjj.12.2024.02.14.17.21.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Feb 2024 17:21:06 -0800 (PST) From: Jason Xing To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, dsahern@kernel.org, kuniyu@amazon.com Cc: netdev@vger.kernel.org, kerneljasonxing@gmail.com, Jason Xing Subject: [PATCH net-next v5 06/11] tcp: introduce dropreasons in receive path Date: Thu, 15 Feb 2024 09:20:22 +0800 Message-Id: <20240215012027.11467-7-kerneljasonxing@gmail.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20240215012027.11467-1-kerneljasonxing@gmail.com> References: <20240215012027.11467-1-kerneljasonxing@gmail.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org From: Jason Xing Soon later patches can use these relatively more accurate reasons to recognise and find out the cause. Signed-off-by: Jason Xing --- v5: Link: https://lore.kernel.org/netdev/3a495358-4c47-4a9f-b116-5f9c8b44e5ab@kernel.org/ 1. Use new name (TCP_ABORT_ON_DATA) for readability (David) 2. change the title of this patch --- include/net/dropreason-core.h | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/include/net/dropreason-core.h b/include/net/dropreason-core.h index 3aaccad4eb20..581775763db7 100644 --- a/include/net/dropreason-core.h +++ b/include/net/dropreason-core.h @@ -30,6 +30,7 @@ FN(TCP_AOFAILURE) \ FN(SOCKET_BACKLOG) \ FN(TCP_FLAGS) \ + FN(TCP_ABORT_ON_DATA) \ FN(TCP_ZEROWINDOW) \ FN(TCP_OLD_DATA) \ FN(TCP_OVERWINDOW) \ @@ -37,6 +38,7 @@ FN(TCP_RFC7323_PAWS) \ FN(TCP_OLD_SEQUENCE) \ FN(TCP_INVALID_SEQUENCE) \ + FN(TCP_INVALID_ACK_SEQUENCE) \ FN(TCP_RESET) \ FN(TCP_INVALID_SYN) \ FN(TCP_CLOSE) \ @@ -198,6 +200,11 @@ enum skb_drop_reason { SKB_DROP_REASON_SOCKET_BACKLOG, /** @SKB_DROP_REASON_TCP_FLAGS: TCP flags invalid */ SKB_DROP_REASON_TCP_FLAGS, + /** + * @SKB_DROP_REASON_TCP_ABORT_ON_DATA: abort on data, corresponding to + * LINUX_MIB_TCPABORTONDATA + */ + SKB_DROP_REASON_TCP_ABORT_ON_DATA, /** * @SKB_DROP_REASON_TCP_ZEROWINDOW: TCP receive window size is zero, * see LINUX_MIB_TCPZEROWINDOWDROP @@ -222,13 +229,19 @@ enum skb_drop_reason { SKB_DROP_REASON_TCP_OFOMERGE, /** * @SKB_DROP_REASON_TCP_RFC7323_PAWS: PAWS check, corresponding to - * LINUX_MIB_PAWSESTABREJECTED + * LINUX_MIB_PAWSESTABREJECTED, LINUX_MIB_PAWSACTIVEREJECTED */ SKB_DROP_REASON_TCP_RFC7323_PAWS, /** @SKB_DROP_REASON_TCP_OLD_SEQUENCE: Old SEQ field (duplicate packet) */ SKB_DROP_REASON_TCP_OLD_SEQUENCE, /** @SKB_DROP_REASON_TCP_INVALID_SEQUENCE: Not acceptable SEQ field */ SKB_DROP_REASON_TCP_INVALID_SEQUENCE, + /** + * @SKB_DROP_REASON_TCP_INVALID_ACK_SEQUENCE: Not acceptable ACK SEQ + * field. because of ack sequence is not in the window between snd_una + * and snd_nxt + */ + SKB_DROP_REASON_TCP_INVALID_ACK_SEQUENCE, /** @SKB_DROP_REASON_TCP_RESET: Invalid RST packet */ SKB_DROP_REASON_TCP_RESET, /** From patchwork Thu Feb 15 01:20:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jason Xing X-Patchwork-Id: 13557279 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-pf1-f174.google.com (mail-pf1-f174.google.com [209.85.210.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 29B736FAF for ; Thu, 15 Feb 2024 01:21:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.174 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960073; cv=none; b=ersSZxBiR0Q95vpqq3vNoAvcaty3lBdOH/yf721IvaaAcTmhQkcBCjuGRrw5FxsHNy5vcW1SqMv4lA4/e1Kf5danOyNB9TfDk+O2C7p+RMdEkCg42/ZnPep2zjVXRzBvuXvqWjw/DZFmRkqLnAY/1KwCwHgmh6cL4CWsMbFVBzg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960073; c=relaxed/simple; bh=/N9m4JzzY4Og8houBpM4FYqjNvSreR2fN/mmtnP1Dgg=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=bEj+X1HXSyfffFkmKn9kKD6FtiaCrotm2r8b+BpdPivLkDvG6CU1pQzaZJ9+kfOPtYj25BrEBUjbPU4n8ikbgVPpLgzBxTdDbS+/4HthRnWcgxvDYcj0X5Qg7cljRymk5sySGmCqLLYb1sXfSv3Opi4p1n1/+Nf3pfpc25t4ZRA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=VWyi1YZd; arc=none smtp.client-ip=209.85.210.174 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="VWyi1YZd" Received: by mail-pf1-f174.google.com with SMTP id d2e1a72fcca58-6e10746c6f4so335917b3a.2 for ; Wed, 14 Feb 2024 17:21:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707960071; x=1708564871; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=D2kud7U1xCPuFRH3Fod0cdrqRbt0/6Sra3JlljoFMKc=; b=VWyi1YZdNzz30bGl7VTX4JUXX8/ofBLHbeUj5lp+TjJ2i6FLN6CpsDrAbjx/D6IqYx kmbAvfaCvlanMZMSsU6jZoYK/4s2Zw+RUY2a42m3PpX/zaBAMkPJBlD9tRGS+D/vUboU EbUjB3+NtZZ/6fEGCxAGWONk3xwZrS7lX9bw0UO0tuUrLGVFtc4JtllYpMeCHUlgKaLF QUV2i24KnuLPAF0i6VM//Cc6U2FzjRj3kQE7pKMSPhNrd9Ma+c2u6b640WEkBziw69xt DVitTJuD4yI7agoQqEqNBH/2iiWlmBz/lpNZ2/EM+FLirG9ZfLX52Eh4RQ2u7LAa/bWd gZrw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707960071; x=1708564871; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=D2kud7U1xCPuFRH3Fod0cdrqRbt0/6Sra3JlljoFMKc=; b=gSRzfd6k5TLX0trODLg68XY/OM3uIvRdWI87oMo1vAfTr7FyaDB1Q96fillRewjsv9 eU/Q1whBc2fm/r5R+bxBsjEiE3cQptQzXIVzKnOlvfbpgNzfEoU2d0yzbcB1BlcGC6FN 0va2nRXKQGiv/a0VU/wWGyhUBdeuOpE2iDcVY7RgoRbnIbAC/IhVUkfKYi8Idpg1jyMX NkPgOcEWlOYfrjv0zoE3Y345mMCyXSdwLIe0BGyU/BAJ0MrXEfhQALXcFfqfZXfyTduq 6JFo/Jf+zoThKCmCrMvH07ih2us20dYnG/DcaDh3c2XL3lbS5vC8bQz0Sjdm8nFrmXp8 wuGQ== X-Gm-Message-State: AOJu0YwlzVu/SRiklB0ByMKoJp6sSiqtghjKLxs+NZFTjyDvImOC3xoz SMoBiDc6bbzWClwb/hSsCNJNGHfMs1uZsNUiq4hyixThpmpfUY09 X-Google-Smtp-Source: AGHT+IHNgR/LoHRDwGN5Qu23390dC45QtlAjx2JpDQcEs8ID7qDpvLH3/SdkZxD/pdH0FYZqGoAcuw== X-Received: by 2002:a05:6a20:d04c:b0:19e:9a59:20df with SMTP id hv12-20020a056a20d04c00b0019e9a5920dfmr593886pzb.9.1707960071451; Wed, 14 Feb 2024 17:21:11 -0800 (PST) Received: from KERNELXING-MB0.tencent.com ([114.253.33.234]) by smtp.gmail.com with ESMTPSA id x2-20020a17090a6c0200b00298ae12699csm163417pjj.12.2024.02.14.17.21.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Feb 2024 17:21:11 -0800 (PST) From: Jason Xing To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, dsahern@kernel.org, kuniyu@amazon.com Cc: netdev@vger.kernel.org, kerneljasonxing@gmail.com, Jason Xing Subject: [PATCH net-next v5 07/11] tcp: add more specific possible drop reasons in tcp_rcv_synsent_state_process() Date: Thu, 15 Feb 2024 09:20:23 +0800 Message-Id: <20240215012027.11467-8-kerneljasonxing@gmail.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20240215012027.11467-1-kerneljasonxing@gmail.com> References: <20240215012027.11467-1-kerneljasonxing@gmail.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org From: Jason Xing This patch does two things: 1) add two more new reasons 2) only change the return value(1) to various drop reason values for the future use For now, we still cannot trace those two reasons. We'll implement the full function in the subsequent patch in this serie. Signed-off-by: Jason Xing --- net/ipv4/tcp_input.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index b1c4462a0798..43194918ab45 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -6361,6 +6361,7 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb, inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS, TCP_TIMEOUT_MIN, TCP_RTO_MAX); + SKB_DR_SET(reason, TCP_INVALID_ACK_SEQUENCE); goto reset_and_undo; } @@ -6369,6 +6370,7 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb, tcp_time_stamp_ts(tp))) { NET_INC_STATS(sock_net(sk), LINUX_MIB_PAWSACTIVEREJECTED); + SKB_DR_SET(reason, TCP_RFC7323_PAWS); goto reset_and_undo; } @@ -6572,7 +6574,8 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb, reset_and_undo: tcp_clear_options(&tp->rx_opt); tp->rx_opt.mss_clamp = saved_clamp; - return 1; + /* we can reuse/return @reason to its caller to handle the exception */ + return reason; } static void tcp_rcv_synrecv_state_fastopen(struct sock *sk) From patchwork Thu Feb 15 01:20:24 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jason Xing X-Patchwork-Id: 13557280 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-pg1-f169.google.com (mail-pg1-f169.google.com [209.85.215.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 778BDB652 for ; Thu, 15 Feb 2024 01:21:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.169 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960078; cv=none; b=mPSTRlqa2Jnb19BKqI25jSOGOw1hPW2TfgFO/ecgN5z52k+2eftUUuc5Y32L6oyvdnuAhXKgP5En+afhyT29OOqajDqAt6wJiKQISAUHODluLWSwhxFBJ0PcIC6eS++bZwyW/3JFatbZ6T8ZSX8Z/kuZPkKUymN6OTT3LiCILeY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960078; c=relaxed/simple; bh=u3YmXNrW93kPgX9sghnKjoVX+BGPHBpGQ3MVKeC0XQk=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=bEPAfD15/fEBsNftGR6Em7OSjeN4tSPlOdlxI8CJIOYyJwRQBy2MTxtfJyQ2S90wZatACJgv2VQbPHQGPwdU2r6gp/DbH+/uoeh/kn2lB0a+Xadgjfa/ewvzgpglCm1JdGYjPg8913Xqj6EdDDGRHZWKaazfZITfOFVTo5s5d/o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Js8K/d1/; arc=none smtp.client-ip=209.85.215.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Js8K/d1/" Received: by mail-pg1-f169.google.com with SMTP id 41be03b00d2f7-517ab9a4a13so339775a12.1 for ; Wed, 14 Feb 2024 17:21:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707960076; x=1708564876; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=0d5Kb/gnzILyt+JOW+mmzeySwA4csZkwZSsQg4g0JGw=; b=Js8K/d1/ukm2YhGCbCOBAgJ95N5MMLt+oRgqXasYNeKy5acUEzJMufHNZRKR05FERB SSz0Fnebn6XPOPsIuMfefwIOvLPcRw+H9ztWVR0iFxa7rSsVh5tg7TWZu4Th7tAxO3gb 4eTYkowE/Z5b21tZG6ESNdiQI97tb6rw8Vg0HhEpuGNJxDdWAGL6bYsrZALvBE3z4uM/ XrSEjE6IBUmafRyLRX6VuRGAfBEQfsjhVZ0eoelDjZOBerXwsKZbzrtgya4fSsWEzYfi /wvU843YUZFZzvoWHb2/fs7pj6MLJWhbopXRjxwtQiogHKpYlu5nb8wpdctWXd0Qevcq IyNg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707960076; x=1708564876; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=0d5Kb/gnzILyt+JOW+mmzeySwA4csZkwZSsQg4g0JGw=; b=UybNU2KmiUpgtKowhuNCyT+4O9Mg7DNR0ehwoe54arVNSLMIlPNhnNf03A7PpTNRdO 6uXEiX7C/w2dmglgujujHxm68C+x/FVqZcNsTr603OV0QdyWyf8iJYK4P0z3Hmjys3bl Ey8LCvo67ALUPk02syDkZ4kv5syGAS47myylAz62ZFpx/S6wphv8ah5EiVwH6YQyHCaU WMTAo0d3XlFIXF/YHh5QkJpM8/XDQwNUc4V3gpDQ3Z+pifagI1rPoXvbyZF2oDjwDfJ4 xN5BMljVLsn5jF0PaJxwk4+JHhkkaPZe+WtRI7e0Z4WB//lXD5kgTPz4EemjKmlDjR3B x+OA== X-Gm-Message-State: AOJu0YwxqZPGXDN3dg6Oe8w8+Pdpf3hLh/XxMQzh+5Qttob2RCytmeBp Cv6tL02pqBOa5zxO788iVg57xXik4lsxGOhictdEuECx1+nkV3bc X-Google-Smtp-Source: AGHT+IFUO+XqFHTSWUSlk9a82yLI9ywklShRmwaIiaYp9uInZOsrTahoep+zK1LKcvH870dG3qNwNQ== X-Received: by 2002:a17:90a:6bc3:b0:298:afe1:5811 with SMTP id w61-20020a17090a6bc300b00298afe15811mr377635pjj.17.1707960075713; Wed, 14 Feb 2024 17:21:15 -0800 (PST) Received: from KERNELXING-MB0.tencent.com ([114.253.33.234]) by smtp.gmail.com with ESMTPSA id x2-20020a17090a6c0200b00298ae12699csm163417pjj.12.2024.02.14.17.21.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Feb 2024 17:21:15 -0800 (PST) From: Jason Xing To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, dsahern@kernel.org, kuniyu@amazon.com Cc: netdev@vger.kernel.org, kerneljasonxing@gmail.com, Jason Xing Subject: [PATCH net-next v5 08/11] tcp: add dropreasons in tcp_rcv_state_process() Date: Thu, 15 Feb 2024 09:20:24 +0800 Message-Id: <20240215012027.11467-9-kerneljasonxing@gmail.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20240215012027.11467-1-kerneljasonxing@gmail.com> References: <20240215012027.11467-1-kerneljasonxing@gmail.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org From: Jason Xing In this patch, I equipped this function with more dropreasons, but it still doesn't work yet, which I will do later. Signed-off-by: Jason Xing --- v5: Link: https://lore.kernel.org/netdev/3a495358-4c47-4a9f-b116-5f9c8b44e5ab@kernel.org/ 1. Use new name (TCP_ABORT_ON_DATA) for readability (David) --- include/net/tcp.h | 2 +- net/ipv4/tcp_input.c | 20 +++++++++++++------- 2 files changed, 14 insertions(+), 8 deletions(-) diff --git a/include/net/tcp.h b/include/net/tcp.h index 58e65af74ad1..e5af9a5b411b 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -348,7 +348,7 @@ void tcp_wfree(struct sk_buff *skb); void tcp_write_timer_handler(struct sock *sk); void tcp_delack_timer_handler(struct sock *sk); int tcp_ioctl(struct sock *sk, int cmd, int *karg); -int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb); +enum skb_drop_reason tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb); void tcp_rcv_established(struct sock *sk, struct sk_buff *skb); void tcp_rcv_space_adjust(struct sock *sk); int tcp_twsk_unique(struct sock *sk, struct sock *sktw, void *twp); diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index 43194918ab45..f89af858dfae 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -6619,7 +6619,8 @@ static void tcp_rcv_synrecv_state_fastopen(struct sock *sk) * address independent. */ -int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb) +enum skb_drop_reason +tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb) { struct tcp_sock *tp = tcp_sk(sk); struct inet_connection_sock *icsk = inet_csk(sk); @@ -6635,7 +6636,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb) case TCP_LISTEN: if (th->ack) - return 1; + return SKB_DROP_REASON_TCP_FLAGS; if (th->rst) { SKB_DR_SET(reason, TCP_RESET); @@ -6704,8 +6705,13 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb) FLAG_NO_CHALLENGE_ACK); if ((int)reason <= 0) { - if (sk->sk_state == TCP_SYN_RECV) - return 1; /* send one RST */ + if (sk->sk_state == TCP_SYN_RECV) { + /* send one RST */ + if (!reason) + return SKB_DROP_REASON_TCP_OLD_ACK; + else + return -reason; + } /* accept old ack during closing */ if ((int)reason < 0) { tcp_send_challenge_ack(sk); @@ -6781,7 +6787,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb) if (READ_ONCE(tp->linger2) < 0) { tcp_done(sk); NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPABORTONDATA); - return 1; + return SKB_DROP_REASON_TCP_ABORT_ON_DATA; } if (TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq && after(TCP_SKB_CB(skb)->end_seq - th->fin, tp->rcv_nxt)) { @@ -6790,7 +6796,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb) tcp_fastopen_active_disable(sk); tcp_done(sk); NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPABORTONDATA); - return 1; + return SKB_DROP_REASON_TCP_ABORT_ON_DATA; } tmo = tcp_fin_time(sk); @@ -6855,7 +6861,7 @@ int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb) after(TCP_SKB_CB(skb)->end_seq - th->fin, tp->rcv_nxt)) { NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPABORTONDATA); tcp_reset(sk, skb); - return 1; + return SKB_DROP_REASON_TCP_ABORT_ON_DATA; } } fallthrough; From patchwork Thu Feb 15 01:20:25 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jason Xing X-Patchwork-Id: 13557281 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-pj1-f47.google.com (mail-pj1-f47.google.com [209.85.216.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7D25B6FD2 for ; Thu, 15 Feb 2024 01:21:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.216.47 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960081; cv=none; b=SaLCUhRJO3u18ZCGxb2fwUwPozu1+VH7I6QFPgGNc42aGaiJthiExRQyHZy1O7sMo7ObPI7wkWyU7cI2VGjPb4iKqNSH6Ew+tcJ0fr25rFN1JVBUKQL/84OUgx4fIoyJLALkLWs8IHwGedkwjQf/XvJgtUeMwCm10xga5gRHxUs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960081; c=relaxed/simple; bh=RlZNxA4sfxIRVCe7kkYtkh4lI6FMGXN8uVk2i2aiays=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=lObuULsnfg8YW4KeeBw84N9gIspQspmxhz3IKVVOXqjBkSTOOPQ4gmJhi27PMU30DG3T3vYKhGHMyGUba1PqIbojqk+eW+way2i4232YXPtMcsbAR3b2aI88My5dzM2yzrn4dobazB4wdldqdMQs3eRKM4+b9DAy+UUX7sQn/Xg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=RT+r2VJB; arc=none smtp.client-ip=209.85.216.47 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="RT+r2VJB" Received: by mail-pj1-f47.google.com with SMTP id 98e67ed59e1d1-298cc60ee66so323082a91.0 for ; Wed, 14 Feb 2024 17:21:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707960080; x=1708564880; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=PmLTIis3Q4t+RzbFdedCgs1PadbGr33BZ2kHASAg/PY=; b=RT+r2VJBIYPhZYT4WR0qyuueB5LYX4epp/8Hlzzq27vIQsFZEqUla88S2BsB1CT4E/ oCEk+v+u6AKk/1261cHcR82wa3MU02zokKXhqiIPESx5OK9O7bHFtoTYeWmfT6+cl4hn e+c1el1H31KoekgjXqoOaUJY1+f61UqgqFrr9BK/oe1n1uoRrXctSG+YI1RZONwbei2X DBiYKTW6v4Wz12uOseRNRGctfMvOcuZB3zMYccGivaxZ+eQUbhSkNGOQmokhOg7RuCu9 lpkqAdlvy1HnBWYI+TtT1yhyyhfaEvVoQXUo4jQ8qxxhgxE0m9PokR9AnBM0WTvDdT9z lZQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707960080; x=1708564880; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=PmLTIis3Q4t+RzbFdedCgs1PadbGr33BZ2kHASAg/PY=; b=To3Ofzw6A4T24osDoYsdgwkzWpuJQ8ubVGunR2IDoxv69Gzc37V4gWMMQB7I52Gfxy 2i4XmsMAkzjlVh4kxeUGxdOqclLJsCHl/VwvbSPgrT/IF1a4ERFZ3au2wm+MZp5vf5nP wOQyOZgk6aVqxFRyoqjITgFUJ7dVh/elxuYxyDMmWqPtyz4W/8wX4R5Gry0f/4Kuhehq HkcBzFSmWZeEgDFLtfd+v2Mfik5BAGGVhaXci0KntMbkP/rxlhq5d2uSCYY+odXMhmNo kQd7u6ft2CDi7e4851h3LbbjhLJdC7qsJuAfvcZ5kuS+A+Sfhf88qMQKIyY7+v+SfgeI VdLw== X-Gm-Message-State: AOJu0Ywce4pT63YddmO9WKGVaHB0+EePIU7j24xo5M+G5FZkfjqJITa9 7BC86zFRR2oBqF9Cb5+Jh5IV/Pb92KawVbsppKv5Z57yzpXZficAfjBiLIkwrfbEaA== X-Google-Smtp-Source: AGHT+IFOOmpY3I/OjH8cpQs+49TBIroGygv7gj/6qteR00dB8LvCz1TIVwGwPR2xfM3YpytW+ShzzA== X-Received: by 2002:a17:90b:80f:b0:298:b24c:4f79 with SMTP id bk15-20020a17090b080f00b00298b24c4f79mr383006pjb.40.1707960079982; Wed, 14 Feb 2024 17:21:19 -0800 (PST) Received: from KERNELXING-MB0.tencent.com ([114.253.33.234]) by smtp.gmail.com with ESMTPSA id x2-20020a17090a6c0200b00298ae12699csm163417pjj.12.2024.02.14.17.21.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Feb 2024 17:21:19 -0800 (PST) From: Jason Xing To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, dsahern@kernel.org, kuniyu@amazon.com Cc: netdev@vger.kernel.org, kerneljasonxing@gmail.com, Jason Xing Subject: [PATCH net-next v5 09/11] tcp: make the dropreason really work when calling tcp_rcv_state_process() Date: Thu, 15 Feb 2024 09:20:25 +0800 Message-Id: <20240215012027.11467-10-kerneljasonxing@gmail.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20240215012027.11467-1-kerneljasonxing@gmail.com> References: <20240215012027.11467-1-kerneljasonxing@gmail.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org From: Jason Xing Update three callers including both ipv4 and ipv6 and let the dropreason mechanism work in reality. Signed-off-by: Jason Xing --- include/net/tcp.h | 2 +- net/ipv4/tcp_ipv4.c | 3 ++- net/ipv4/tcp_minisocks.c | 9 +++++---- net/ipv6/tcp_ipv6.c | 3 ++- 4 files changed, 10 insertions(+), 7 deletions(-) diff --git a/include/net/tcp.h b/include/net/tcp.h index e5af9a5b411b..1d9b2a766b5e 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -396,7 +396,7 @@ enum tcp_tw_status tcp_timewait_state_process(struct inet_timewait_sock *tw, struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb, struct request_sock *req, bool fastopen, bool *lost_race); -int tcp_child_process(struct sock *parent, struct sock *child, +enum skb_drop_reason tcp_child_process(struct sock *parent, struct sock *child, struct sk_buff *skb); void tcp_enter_loss(struct sock *sk); void tcp_cwnd_reduction(struct sock *sk, int newly_acked_sacked, int newly_lost, int flag); diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 0a944e109088..c79e25549972 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -1926,7 +1926,8 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb) } else sock_rps_save_rxhash(sk, skb); - if (tcp_rcv_state_process(sk, skb)) { + reason = tcp_rcv_state_process(sk, skb); + if (reason) { rsk = sk; goto reset; } diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c index 9e85f2a0bddd..08d5b48540ea 100644 --- a/net/ipv4/tcp_minisocks.c +++ b/net/ipv4/tcp_minisocks.c @@ -911,11 +911,12 @@ EXPORT_SYMBOL(tcp_check_req); * be created. */ -int tcp_child_process(struct sock *parent, struct sock *child, +enum skb_drop_reason +tcp_child_process(struct sock *parent, struct sock *child, struct sk_buff *skb) __releases(&((child)->sk_lock.slock)) { - int ret = 0; + enum skb_drop_reason reason = SKB_NOT_DROPPED_YET; int state = child->sk_state; /* record sk_napi_id and sk_rx_queue_mapping of child. */ @@ -923,7 +924,7 @@ int tcp_child_process(struct sock *parent, struct sock *child, tcp_segs_in(tcp_sk(child), skb); if (!sock_owned_by_user(child)) { - ret = tcp_rcv_state_process(child, skb); + reason = tcp_rcv_state_process(child, skb); /* Wakeup parent, send SIGIO */ if (state == TCP_SYN_RECV && child->sk_state != state) parent->sk_data_ready(parent); @@ -937,6 +938,6 @@ int tcp_child_process(struct sock *parent, struct sock *child, bh_unlock_sock(child); sock_put(child); - return ret; + return reason; } EXPORT_SYMBOL(tcp_child_process); diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index 1ca4f11c3d6f..b13eb4985152 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -1663,7 +1663,8 @@ int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) } else sock_rps_save_rxhash(sk, skb); - if (tcp_rcv_state_process(sk, skb)) + reason = tcp_rcv_state_process(sk, skb); + if (reason) goto reset; if (opt_skb) goto ipv6_pktoptions; From patchwork Thu Feb 15 01:20:26 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jason Xing X-Patchwork-Id: 13557282 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CB8414A15 for ; Thu, 15 Feb 2024 01:21:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.169 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960086; cv=none; b=KjMF9kEdS1wL/gICTyf1tk/PF4dLF90aC/9lH1wmtfLu3cy+vgvP2RjpJUBRxTPRCXT/2vD5l/nfurjv28R76CuuFHyHBOYXYDKeFhz+4lG2455snu4dp9UgFVqJg//M83xpCK8OBBs6hpPF5Im/lj9gsiKNZBAGpIXjUB3eQvQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960086; c=relaxed/simple; bh=5yDx68fejtjjEUmPuWGGZGp6VXTlGrWC6lzV9CEbw5U=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=Xtf6W7RI2nHaTAUBSHwu/MLdh4H9ESa5Vl01jjYwKQgslMs/GoJQiJiTmt/D8uWHDd2sB9F2s4yhaZZ/Y477jCg/EpBMiNvvL+MyBKjy9XM8hT3JmBXVawXNbw7bLCd0gsxD/HjBkbTu/XBNMLtaOBAeel0NglBrom3Snsj5UTU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=HzYKGbp+; arc=none smtp.client-ip=209.85.210.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="HzYKGbp+" Received: by mail-pf1-f169.google.com with SMTP id d2e1a72fcca58-6e10e50179bso365314b3a.1 for ; Wed, 14 Feb 2024 17:21:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707960084; x=1708564884; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=qm+66lCXgiiZgBrTpb2mvnZ1QLV5OPKqaUpatKCvlCA=; b=HzYKGbp+vT+LBNTpYdxZaYEQ5eHLIxk2EZO/UA8JsAc4E77UZBoI3JSOHrDFxVJk2L l2Dq4X32+q0lqwWk7cLrpDow+Lxpe/Dt5T5u07oYbJtGzVlBnS5NixzRE/toI+30nyBd IBwrcZrHy0zCQJ2O42P0Nbhl9kE+gDpdIPujgWDiyIYTz7zQW3cBz4N/yVvTvR/RKEdC mFdf5kkR57uDceuhPxOWE36xIZEieitRnIfYaYoSFSP/CnDc27IoZF/oErbCItLpBPI1 1pEXZFqEJmSbj5OsE2nwcdNqTSU3sQUaNhZ5eLuGXOUpu/D71UnktQF4b7HwbReNp4xd H/XQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707960084; x=1708564884; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=qm+66lCXgiiZgBrTpb2mvnZ1QLV5OPKqaUpatKCvlCA=; b=utEI72Nh0CNWHc6hBeNnHy4V7S/I0ZElphkyxEnBkEgfdK3/sef9r+chECrcwU9Oyk 9gB7S3Fti8dK0L3dr++0SGlLdvf1mNH0j3s1SXH/ZncEZZ2/tVI7mTJGa5xyKP4BVpek a6fiG/1cCFoG5/v2iywsyYDtvCMGqOMiHPmM3y7yx2klyyPGztNi/E1POanElSd20M6p WVmhMNCA6CBq9mlnMc0AbE2TWdt/30oW9Am7ngmyxvzx/4wJlWpgS4bSyfT1PkpK8Ct8 7+ZjbIuAnTirv/oGU84K8Vejo54tz+HZAfjcLS/zv0+wDf7NwMrIyteMu4UM3cT8ZEwq PXVQ== X-Gm-Message-State: AOJu0YwAFigYD8ACyB9db6GEf13VFBMKXhqtVZg4dzoITkgxocPnbRlW RRpgPV3C8VVtJQJqDYp3Mdl9chVgqxYNbiWE+ZsFkT48D2vwzzBL X-Google-Smtp-Source: AGHT+IHGB1DXilylhIoub45UJBT1ynI6a5MPjeBJXlqEMdZnbqe1jUp4hmOdLfu70cekjoxpxL6u3A== X-Received: by 2002:a05:6a20:6f8e:b0:19e:4a68:46d0 with SMTP id gv14-20020a056a206f8e00b0019e4a6846d0mr503768pzb.60.1707960084227; Wed, 14 Feb 2024 17:21:24 -0800 (PST) Received: from KERNELXING-MB0.tencent.com ([114.253.33.234]) by smtp.gmail.com with ESMTPSA id x2-20020a17090a6c0200b00298ae12699csm163417pjj.12.2024.02.14.17.21.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Feb 2024 17:21:23 -0800 (PST) From: Jason Xing To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, dsahern@kernel.org, kuniyu@amazon.com Cc: netdev@vger.kernel.org, kerneljasonxing@gmail.com, Jason Xing Subject: [PATCH net-next v5 10/11] tcp: make dropreason in tcp_child_process() work Date: Thu, 15 Feb 2024 09:20:26 +0800 Message-Id: <20240215012027.11467-11-kerneljasonxing@gmail.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20240215012027.11467-1-kerneljasonxing@gmail.com> References: <20240215012027.11467-1-kerneljasonxing@gmail.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org From: Jason Xing It's time to let it work right now. We've already prepared for this:) Signed-off-by: Jason Xing --- net/ipv4/tcp_ipv4.c | 16 ++++++++++------ net/ipv6/tcp_ipv6.c | 16 ++++++++++------ 2 files changed, 20 insertions(+), 12 deletions(-) diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index c79e25549972..c886c671fae9 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -1917,7 +1917,8 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb) if (!nsk) return 0; if (nsk != sk) { - if (tcp_child_process(sk, nsk, skb)) { + reason = tcp_child_process(sk, nsk, skb); + if (reason) { rsk = nsk; goto reset; } @@ -2276,12 +2277,15 @@ int tcp_v4_rcv(struct sk_buff *skb) if (nsk == sk) { reqsk_put(req); tcp_v4_restore_cb(skb); - } else if (tcp_child_process(sk, nsk, skb)) { - tcp_v4_send_reset(nsk, skb); - goto discard_and_relse; } else { - sock_put(sk); - return 0; + drop_reason = tcp_child_process(sk, nsk, skb); + if (drop_reason) { + tcp_v4_send_reset(nsk, skb); + goto discard_and_relse; + } else { + sock_put(sk); + return 0; + } } } diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index b13eb4985152..4b2afb9fe293 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -1654,7 +1654,8 @@ int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) struct sock *nsk = tcp_v6_cookie_check(sk, skb); if (nsk && nsk != sk) { - if (tcp_child_process(sk, nsk, skb)) + reason = tcp_child_process(sk, nsk, skb); + if (reason) goto reset; } if (opt_skb) @@ -1854,12 +1855,15 @@ INDIRECT_CALLABLE_SCOPE int tcp_v6_rcv(struct sk_buff *skb) if (nsk == sk) { reqsk_put(req); tcp_v6_restore_cb(skb); - } else if (tcp_child_process(sk, nsk, skb)) { - tcp_v6_send_reset(nsk, skb); - goto discard_and_relse; } else { - sock_put(sk); - return 0; + drop_reason = tcp_child_process(sk, nsk, skb); + if (drop_reason) { + tcp_v6_send_reset(nsk, skb); + goto discard_and_relse; + } else { + sock_put(sk); + return 0; + } } } From patchwork Thu Feb 15 01:20:27 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jason Xing X-Patchwork-Id: 13557283 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-pg1-f182.google.com (mail-pg1-f182.google.com [209.85.215.182]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1DAAD539E for ; Thu, 15 Feb 2024 01:21:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.182 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960090; cv=none; b=mrQ4XnGi8Q9zh431z9L59LtPjHDgyBSWoTo8jlZNhpNyLZ0Qt/auzYgFuWSXS9BBelvh07Pa7tJIRbNiGwQpOS44MeP3l2etcnz35xZeKhG8I84B3DmbrZKYZJPgyzuzdi+QqKg78hXoWr1nUP+IhuxzOZLNVJOxTysibcTFS1M= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707960090; c=relaxed/simple; bh=rEW5Vwut71YTBPM3C9RxGX1gVCXR9Z717roD7XmUMsM=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=QYjJQRq4nSj1liVr9GnZjSN/wmuWALa6lS9YVBuUaulSJdCv9nzOIAk7/SY4fUbCm1nTwhVUwDkDedkC+v6cJLnp0HBHO5B5cOJ5qX3OCj72J905lLrHbPxuzt8lKR8HWR+KVLgM4MXRez93vUBe/z+Wt+E4QO0F1XGjnQOCSFs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=lWlguvsy; arc=none smtp.client-ip=209.85.215.182 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="lWlguvsy" Received: by mail-pg1-f182.google.com with SMTP id 41be03b00d2f7-5c6bd3100fcso271649a12.3 for ; Wed, 14 Feb 2024 17:21:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707960088; x=1708564888; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=PfjBiXg6ji3knq/2N2caALWiDDilcf/0uRMXQ/e3q4A=; b=lWlguvsy+M7xiwEDSqvd9UDL2SMmbj/epClfzxydnbCte0kmauA3IPt8OtC/ayXQxA m/F3KdMXVhJTahTyOtn6SPTu1bUsl7f5YIFTGpMVpS4AII/nQsLn3xrOUprcs4+g3Is4 qUcQtB/vq/ysRG7MJQkWEEF2ny541SmBaKg7cBKrABdpoBqBluEETc9i191dAgcJEx8K RmAvYzg7Nl36cOBMwXzp2SjV398anUqVyQXllyEp2uRLtDbC5Y5ZFBeWrIRJplY9LX+c 1flK01TxnXU5wqXCCzB9YApIrRdgk3vMVmNrOPjbDFxusfmhVKvSkO/rR2pLvhBxYII7 DKlQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707960088; x=1708564888; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=PfjBiXg6ji3knq/2N2caALWiDDilcf/0uRMXQ/e3q4A=; b=J1dj/qP5nea2xctILecwdm66h3wUZ4zPsdEIb0tRoXMo5IepBCPQ8YB0iVjxw7aBS9 /bA7eNAtXLoEug+AszmmJNghX2hOgvNWGvFsEkMnyP28t6EOa9Xuo8/FydCTzSIoqCtZ 86O3ILHktY1LsRbdJaUmF/RxSGhqt4WXA1mhDoF0rmWlmdovS9sJY+fG1y+5yuphJGst rnViO06F2Wk4JNrfyplT58P2BHCgpVSzib3BomfaSgGw5hNPR23gs4WNfAvtajPh+6Hn tBDpCla/F5JCW8vSDIDfTF2zB4UhIiGTgAOXWloXIJ2rJ7nxbtFQ1pLsit6XcsSiMQmK WSrA== X-Gm-Message-State: AOJu0YwUVve9CrlaooOMdX8BAc8cXoVoPvFnnLrMCfV2heK+osN+feuG H2JXEDVPxWxU9P1IuqxMe46z2JoMIu15KTwaCq5i/RChLklOhdP/ X-Google-Smtp-Source: AGHT+IGF60M0lwt6yD8EUof+gPtAiA1j4f3dVAWudJyefb/0lZDgSB6CG8kU8Pcpc0rZn7sA0mANBA== X-Received: by 2002:a17:90a:fb8e:b0:298:f8ed:40cb with SMTP id cp14-20020a17090afb8e00b00298f8ed40cbmr375363pjb.30.1707960088498; Wed, 14 Feb 2024 17:21:28 -0800 (PST) Received: from KERNELXING-MB0.tencent.com ([114.253.33.234]) by smtp.gmail.com with ESMTPSA id x2-20020a17090a6c0200b00298ae12699csm163417pjj.12.2024.02.14.17.21.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Feb 2024 17:21:28 -0800 (PST) From: Jason Xing To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, dsahern@kernel.org, kuniyu@amazon.com Cc: netdev@vger.kernel.org, kerneljasonxing@gmail.com, Jason Xing Subject: [PATCH net-next v5 11/11] tcp: get rid of NOT_SPECIFIED reason in tcp_v4/6_do_rcv Date: Thu, 15 Feb 2024 09:20:27 +0800 Message-Id: <20240215012027.11467-12-kerneljasonxing@gmail.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20240215012027.11467-1-kerneljasonxing@gmail.com> References: <20240215012027.11467-1-kerneljasonxing@gmail.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: kuba@kernel.org From: Jason Xing Finally we can drop this obscure reason in receive path because we replaced with many other more accurate reasons before. Signed-off-by: Jason Xing --- v5: 1. change the misspelled word in the title --- net/ipv4/tcp_ipv4.c | 1 - net/ipv6/tcp_ipv6.c | 1 - 2 files changed, 2 deletions(-) diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index c886c671fae9..82e63f6af34b 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -1907,7 +1907,6 @@ int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb) return 0; } - reason = SKB_DROP_REASON_NOT_SPECIFIED; if (tcp_checksum_complete(skb)) goto csum_err; diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index 4b2afb9fe293..4035cbee32cb 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -1623,7 +1623,6 @@ int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) if (np->rxopt.all) opt_skb = skb_clone_and_charge_r(skb, sk); - reason = SKB_DROP_REASON_NOT_SPECIFIED; if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */ struct dst_entry *dst;