Merge branch 'ipv6-more-drop-reason'

kuba-moo · kuba-moo · commit 64816aa76830 · 2023-02-13T19:55:35.000-08:00
Eric Dumazet says: ==================== ipv6: more drop reason Add more drop reasons to IPv6: - IPV6_BAD_EXTHDR - IPV6_NDISC_FRAG - IPV6_NDISC_HOP_LIMIT - IPV6_NDISC_BAD_CODE ==================== Link: https://lore.kernel.org/r/20230210184708.2172562-1-edumazet@google.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
@@ -2631,13 +2631,24 @@ void *skb_pull_data(struct sk_buff *skb, size_t len);
 
 void *__pskb_pull_tail(struct sk_buff *skb, int delta);
 
-static inline bool pskb_may_pull(struct sk_buff *skb, unsigned int len)
+static inline enum skb_drop_reason
+pskb_may_pull_reason(struct sk_buff *skb, unsigned int len)
 {
 	if (likely(len <= skb_headlen(skb)))
-		return true;
+		return SKB_NOT_DROPPED_YET;
+
 	if (unlikely(len > skb->len))
-		return false;
-	return __pskb_pull_tail(skb, len - skb_headlen(skb)) != NULL;
+		return SKB_DROP_REASON_PKT_TOO_SMALL;
+
+	if (unlikely(!__pskb_pull_tail(skb, len - skb_headlen(skb))))
+		return SKB_DROP_REASON_NOMEM;
+
+	return SKB_NOT_DROPPED_YET;
+}
+
+static inline bool pskb_may_pull(struct sk_buff *skb, unsigned int len)
+{
+	return pskb_may_pull_reason(skb, len) == SKB_NOT_DROPPED_YET;
 }
 
 static inline void *pskb_pull(struct sk_buff *skb, unsigned int len)
diff --git a/include/net/dropreason.h b/include/net/dropreason.h
@@ -72,6 +72,10 @@
 	FN(FRAG_REASM_TIMEOUT)		\
 	FN(FRAG_TOO_FAR)		\
 	FN(TCP_MINTTL)			\
+	FN(IPV6_BAD_EXTHDR)		\
+	FN(IPV6_NDISC_FRAG)		\
+	FN(IPV6_NDISC_HOP_LIMIT)	\
+	FN(IPV6_NDISC_BAD_CODE)		\
 	FNe(MAX)
 
 /**
@@ -318,6 +322,14 @@ enum skb_drop_reason {
 	 * the threshold (IP_MINTTL or IPV6_MINHOPCOUNT).
 	 */
 	SKB_DROP_REASON_TCP_MINTTL,
+	/** @SKB_DROP_REASON_IPV6_BAD_EXTHDR: Bad IPv6 extension header. */
+	SKB_DROP_REASON_IPV6_BAD_EXTHDR,
+	/** @SKB_DROP_REASON_IPV6_NDISC_FRAG: invalid frag (suppress_frag_ndisc). */
+	SKB_DROP_REASON_IPV6_NDISC_FRAG,
+	/** @SKB_DROP_REASON_IPV6_NDISC_HOP_LIMIT: invalid hop limit. */
+	SKB_DROP_REASON_IPV6_NDISC_HOP_LIMIT,
+	/** @SKB_DROP_REASON_IPV6_NDISC_BAD_CODE: invalid NDISC icmp6 code. */
+	SKB_DROP_REASON_IPV6_NDISC_BAD_CODE,
 	/**
 	 * @SKB_DROP_REASON_MAX: the maximum of drop reason, which shouldn't be
 	 * used as a real 'reason'
diff --git a/include/net/ipv6.h b/include/net/ipv6.h
@@ -436,7 +436,8 @@ static inline void fl6_sock_release(struct ip6_flowlabel *fl)
 		atomic_dec(&fl->users);
 }
 
-void icmpv6_notify(struct sk_buff *skb, u8 type, u8 code, __be32 info);
+enum skb_drop_reason icmpv6_notify(struct sk_buff *skb, u8 type,
+				   u8 code, __be32 info);
 
 void icmpv6_push_pending_frames(struct sock *sk, struct flowi6 *fl6,
 				struct icmp6hdr *thdr, int len);
diff --git a/include/net/ndisc.h b/include/net/ndisc.h
@@ -445,7 +445,7 @@ int ndisc_late_init(void);
 void ndisc_late_cleanup(void);
 void ndisc_cleanup(void);
 
-int ndisc_rcv(struct sk_buff *skb);
+enum skb_drop_reason ndisc_rcv(struct sk_buff *skb);
 
 struct sk_buff *ndisc_ns_create(struct net_device *dev, const struct in6_addr *solicit,
 				const struct in6_addr *saddr, u64 nonce);
diff --git a/net/ipv6/icmp.c b/net/ipv6/icmp.c
@@ -813,16 +813,19 @@ static void icmpv6_echo_reply(struct sk_buff *skb)
 	local_bh_enable();
 }
 
-void icmpv6_notify(struct sk_buff *skb, u8 type, u8 code, __be32 info)
+enum skb_drop_reason icmpv6_notify(struct sk_buff *skb, u8 type,
+				   u8 code, __be32 info)
 {
 	struct inet6_skb_parm *opt = IP6CB(skb);
+	struct net *net = dev_net(skb->dev);
 	const struct inet6_protocol *ipprot;
+	enum skb_drop_reason reason;
 	int inner_offset;
 	__be16 frag_off;
 	u8 nexthdr;
-	struct net *net = dev_net(skb->dev);
 
-	if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
+	reason = pskb_may_pull_reason(skb, sizeof(struct ipv6hdr));
+	if (reason != SKB_NOT_DROPPED_YET)
 		goto out;
 
 	seg6_icmp_srh(skb, opt);
@@ -832,14 +835,17 @@ void icmpv6_notify(struct sk_buff *skb, u8 type, u8 code, __be32 info)
 		/* now skip over extension headers */
 		inner_offset = ipv6_skip_exthdr(skb, sizeof(struct ipv6hdr),
 						&nexthdr, &frag_off);
-		if (inner_offset < 0)
+		if (inner_offset < 0) {
+			SKB_DR_SET(reason, IPV6_BAD_EXTHDR);
 			goto out;
+		}
 	} else {
 		inner_offset = sizeof(struct ipv6hdr);
 	}
 
 	/* Checkin header including 8 bytes of inner protocol header. */
-	if (!pskb_may_pull(skb, inner_offset+8))
+	reason = pskb_may_pull_reason(skb, inner_offset + 8);
+	if (reason != SKB_NOT_DROPPED_YET)
 		goto out;
 
 	/* BUGGG_FUTURE: we should try to parse exthdrs in this packet.
@@ -854,10 +860,11 @@ void icmpv6_notify(struct sk_buff *skb, u8 type, u8 code, __be32 info)
 		ipprot->err_handler(skb, opt, type, code, inner_offset, info);
 
 	raw6_icmp_error(skb, nexthdr, type, code, inner_offset, info);
-	return;
+	return SKB_CONSUMED;
 
 out:
 	__ICMP6_INC_STATS(net, __in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
+	return reason;
 }
 
 /*
@@ -953,15 +960,16 @@ static int icmpv6_rcv(struct sk_buff *skb)
 	case ICMPV6_DEST_UNREACH:
 	case ICMPV6_TIME_EXCEED:
 	case ICMPV6_PARAMPROB:
-		icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu);
+		reason = icmpv6_notify(skb, type, hdr->icmp6_code,
+				       hdr->icmp6_mtu);
 		break;
 
 	case NDISC_ROUTER_SOLICITATION:
 	case NDISC_ROUTER_ADVERTISEMENT:
 	case NDISC_NEIGHBOUR_SOLICITATION:
 	case NDISC_NEIGHBOUR_ADVERTISEMENT:
 	case NDISC_REDIRECT:
-		ndisc_rcv(skb);
+		reason = ndisc_rcv(skb);
 		break;
 
 	case ICMPV6_MGM_QUERY:
@@ -995,7 +1003,8 @@ static int icmpv6_rcv(struct sk_buff *skb)
 		 * must pass to upper level
 		 */
 
-		icmpv6_notify(skb, type, hdr->icmp6_code, hdr->icmp6_mtu);
+		reason = icmpv6_notify(skb, type, hdr->icmp6_code,
+				       hdr->icmp6_mtu);
 	}
 
 	/* until the v6 path can be better sorted assume failure and
diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c
@@ -1804,15 +1804,16 @@ static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)
 	return false;
 }
 
-int ndisc_rcv(struct sk_buff *skb)
+enum skb_drop_reason ndisc_rcv(struct sk_buff *skb)
 {
 	struct nd_msg *msg;
+	SKB_DR(reason);
 
 	if (ndisc_suppress_frag_ndisc(skb))
-		return 0;
+		return SKB_DROP_REASON_IPV6_NDISC_FRAG;
 
 	if (skb_linearize(skb))
-		return 0;
+		return SKB_DROP_REASON_NOMEM;
 
 	msg = (struct nd_msg *)skb_transport_header(skb);
 
@@ -1821,13 +1822,13 @@ int ndisc_rcv(struct sk_buff *skb)
 	if (ipv6_hdr(skb)->hop_limit != 255) {
 		ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",
 			  ipv6_hdr(skb)->hop_limit);
-		return 0;
+		return SKB_DROP_REASON_IPV6_NDISC_HOP_LIMIT;
 	}
 
 	if (msg->icmph.icmp6_code != 0) {
 		ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",
 			  msg->icmph.icmp6_code);
-		return 0;
+		return SKB_DROP_REASON_IPV6_NDISC_BAD_CODE;
 	}
 
 	switch (msg->icmph.icmp6_type) {
@@ -1853,7 +1854,7 @@ int ndisc_rcv(struct sk_buff *skb)
 		break;
 	}
 
-	return 0;
+	return reason;
 }
 
 static int ndisc_netdev_event(struct notifier_block *this, unsigned long event, void *ptr)

Original file line number	Diff line number	Diff line change
`@@ -436,7 +436,8 @@ static inline void fl6_sock_release(struct ip6_flowlabel *fl)`
`436`	`436`	`atomic_dec(&fl->users);`
`437`	`437`	`}`
`438`	`438`
`439`		`-void icmpv6_notify(struct sk_buff *skb, u8 type, u8 code, __be32 info);`
	`439`	`+enum skb_drop_reason icmpv6_notify(struct sk_buff *skb, u8 type,`
	`440`	`+ u8 code, __be32 info);`
`440`	`441`
`441`	`442`	`void icmpv6_push_pending_frames(struct sock sk, struct flowi6 fl6,`
`442`	`443`	`struct icmp6hdr *thdr, int len);`
Original file line number	Diff line number	Diff line change
`@@ -1804,15 +1804,16 @@ static bool ndisc_suppress_frag_ndisc(struct sk_buff *skb)`
`1804`	`1804`	`return false;`
`1805`	`1805`	`}`
`1806`	`1806`
`1807`		`-int ndisc_rcv(struct sk_buff *skb)`
	`1807`	`+enum skb_drop_reason ndisc_rcv(struct sk_buff *skb)`
`1808`	`1808`	`{`
`1809`	`1809`	`struct nd_msg *msg;`
	`1810`	`+ SKB_DR(reason);`
`1810`	`1811`
`1811`	`1812`	`if (ndisc_suppress_frag_ndisc(skb))`
`1812`		`- return 0;`
	`1813`	`+ return SKB_DROP_REASON_IPV6_NDISC_FRAG;`
`1813`	`1814`
`1814`	`1815`	`if (skb_linearize(skb))`
`1815`		`- return 0;`
	`1816`	`+ return SKB_DROP_REASON_NOMEM;`
`1816`	`1817`
`1817`	`1818`	`msg = (struct nd_msg *)skb_transport_header(skb);`
`1818`	`1819`
`@@ -1821,13 +1822,13 @@ int ndisc_rcv(struct sk_buff *skb)`
`1821`	`1822`	`if (ipv6_hdr(skb)->hop_limit != 255) {`
`1822`	`1823`	`ND_PRINTK(2, warn, "NDISC: invalid hop-limit: %d\n",`
`1823`	`1824`	`ipv6_hdr(skb)->hop_limit);`
`1824`		`- return 0;`
	`1825`	`+ return SKB_DROP_REASON_IPV6_NDISC_HOP_LIMIT;`
`1825`	`1826`	`}`
`1826`	`1827`
`1827`	`1828`	`if (msg->icmph.icmp6_code != 0) {`
`1828`	`1829`	`ND_PRINTK(2, warn, "NDISC: invalid ICMPv6 code: %d\n",`
`1829`	`1830`	`msg->icmph.icmp6_code);`
`1830`		`- return 0;`
	`1831`	`+ return SKB_DROP_REASON_IPV6_NDISC_BAD_CODE;`
`1831`	`1832`	`}`
`1832`	`1833`
`1833`	`1834`	`switch (msg->icmph.icmp6_type) {`
`@@ -1853,7 +1854,7 @@ int ndisc_rcv(struct sk_buff *skb)`
`1853`	`1854`	`break;`
`1854`	`1855`	`}`
`1855`	`1856`
`1856`		`- return 0;`
	`1857`	`+ return reason;`
`1857`	`1858`	`}`
`1858`	`1859`
`1859`	`1860`	`static int ndisc_netdev_event(struct notifier_block this, unsigned long event, void ptr)`