Message ID | 20241030014145.1409628-10-dongml2@chinatelecom.cn (mailing list archive) |
---|---|
State | Superseded |
Delegated to: | Netdev Maintainers |
Headers | show |
Series | net: ip: add drop reasons to input route | expand |
On 10/30/24 02:41, Menglong Dong wrote: > diff --git a/net/ipv4/route.c b/net/ipv4/route.c > index e248e5577d0e..7f969c865c81 100644 > --- a/net/ipv4/route.c > +++ b/net/ipv4/route.c > @@ -2142,28 +2142,34 @@ ip_mkroute_input(struct sk_buff *skb, struct fib_result *res, > * assuming daddr is valid and the destination is not a local broadcast one. > * Uses the provided hint instead of performing a route lookup. > */ > -int ip_route_use_hint(struct sk_buff *skb, __be32 daddr, __be32 saddr, > - dscp_t dscp, struct net_device *dev, > - const struct sk_buff *hint) > +enum skb_drop_reason > +ip_route_use_hint(struct sk_buff *skb, __be32 daddr, __be32 saddr, > + dscp_t dscp, struct net_device *dev, > + const struct sk_buff *hint) > { > + enum skb_drop_reason reason = SKB_DROP_REASON_NOT_SPECIFIED; > struct in_device *in_dev = __in_dev_get_rcu(dev); > struct rtable *rt = skb_rtable(hint); > struct net *net = dev_net(dev); > - enum skb_drop_reason reason; > - int err = -EINVAL; > u32 tag = 0; > > if (!in_dev) > - return -EINVAL; > + return reason; > > - if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr)) > + if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr)) { > + reason = SKB_DROP_REASON_IP_INVALID_SOURCE; > goto martian_source; > + } > > - if (ipv4_is_zeronet(saddr)) > + if (ipv4_is_zeronet(saddr)) { > + reason = SKB_DROP_REASON_IP_INVALID_SOURCE; > goto martian_source; > + } > > - if (ipv4_is_loopback(saddr) && !IN_DEV_NET_ROUTE_LOCALNET(in_dev, net)) > + if (ipv4_is_loopback(saddr) && !IN_DEV_NET_ROUTE_LOCALNET(in_dev, net)) { > + reason = IP_LOCALNET; > goto martian_source; > + } > > if (rt->rt_type != RTN_LOCAL) > goto skip_validate_source; Please explicitly replace also the return 0; with return SKB_NOT_DROPPED_YET; So that is clear the drop reason is always specified. Thanks, Paolo
On Tue, Nov 5, 2024 at 7:28 PM Paolo Abeni <pabeni@redhat.com> wrote: > > On 10/30/24 02:41, Menglong Dong wrote: > > diff --git a/net/ipv4/route.c b/net/ipv4/route.c > > index e248e5577d0e..7f969c865c81 100644 > > --- a/net/ipv4/route.c > > +++ b/net/ipv4/route.c > > @@ -2142,28 +2142,34 @@ ip_mkroute_input(struct sk_buff *skb, struct fib_result *res, > > * assuming daddr is valid and the destination is not a local broadcast one. > > * Uses the provided hint instead of performing a route lookup. > > */ > > -int ip_route_use_hint(struct sk_buff *skb, __be32 daddr, __be32 saddr, > > - dscp_t dscp, struct net_device *dev, > > - const struct sk_buff *hint) > > +enum skb_drop_reason > > +ip_route_use_hint(struct sk_buff *skb, __be32 daddr, __be32 saddr, > > + dscp_t dscp, struct net_device *dev, > > + const struct sk_buff *hint) > > { > > + enum skb_drop_reason reason = SKB_DROP_REASON_NOT_SPECIFIED; > > struct in_device *in_dev = __in_dev_get_rcu(dev); > > struct rtable *rt = skb_rtable(hint); > > struct net *net = dev_net(dev); > > - enum skb_drop_reason reason; > > - int err = -EINVAL; > > u32 tag = 0; > > > > if (!in_dev) > > - return -EINVAL; > > + return reason; > > > > - if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr)) > > + if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr)) { > > + reason = SKB_DROP_REASON_IP_INVALID_SOURCE; > > goto martian_source; > > + } > > > > - if (ipv4_is_zeronet(saddr)) > > + if (ipv4_is_zeronet(saddr)) { > > + reason = SKB_DROP_REASON_IP_INVALID_SOURCE; > > goto martian_source; > > + } > > > > - if (ipv4_is_loopback(saddr) && !IN_DEV_NET_ROUTE_LOCALNET(in_dev, net)) > > + if (ipv4_is_loopback(saddr) && !IN_DEV_NET_ROUTE_LOCALNET(in_dev, net)) { > > + reason = IP_LOCALNET; > > goto martian_source; > > + } > > > > if (rt->rt_type != RTN_LOCAL) > > goto skip_validate_source; > > Please explicitly replace also the > > return 0; > > with > > return SKB_NOT_DROPPED_YET; > > So that is clear the drop reason is always specified. Okay! Thanks! Menglong Dong > Thanks, > > Paolo >
diff --git a/include/net/route.h b/include/net/route.h index f4ab5412c9c9..4debc335d276 100644 --- a/include/net/route.h +++ b/include/net/route.h @@ -206,9 +206,10 @@ ip_mc_validate_source(struct sk_buff *skb, __be32 daddr, __be32 saddr, enum skb_drop_reason ip_route_input_noref(struct sk_buff *skb, __be32 daddr, __be32 saddr, dscp_t dscp, struct net_device *dev); -int ip_route_use_hint(struct sk_buff *skb, __be32 daddr, __be32 saddr, - dscp_t dscp, struct net_device *dev, - const struct sk_buff *hint); +enum skb_drop_reason +ip_route_use_hint(struct sk_buff *skb, __be32 daddr, __be32 saddr, + dscp_t dscp, struct net_device *dev, + const struct sk_buff *hint); static inline enum skb_drop_reason ip_route_input(struct sk_buff *skb, __be32 dst, __be32 src, dscp_t dscp, diff --git a/net/ipv4/ip_input.c b/net/ipv4/ip_input.c index 513eb0c6435a..f0a4dda246ab 100644 --- a/net/ipv4/ip_input.c +++ b/net/ipv4/ip_input.c @@ -322,15 +322,14 @@ static int ip_rcv_finish_core(struct net *net, struct sock *sk, int err, drop_reason; struct rtable *rt; - drop_reason = SKB_DROP_REASON_NOT_SPECIFIED; - if (ip_can_use_hint(skb, iph, hint)) { - err = ip_route_use_hint(skb, iph->daddr, iph->saddr, - ip4h_dscp(iph), dev, hint); - if (unlikely(err)) + drop_reason = ip_route_use_hint(skb, iph->daddr, iph->saddr, + ip4h_dscp(iph), dev, hint); + if (unlikely(drop_reason)) goto drop_error; } + drop_reason = SKB_DROP_REASON_NOT_SPECIFIED; if (READ_ONCE(net->ipv4.sysctl_ip_early_demux) && !skb_dst(skb) && !skb->sk && diff --git a/net/ipv4/route.c b/net/ipv4/route.c index e248e5577d0e..7f969c865c81 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c @@ -2142,28 +2142,34 @@ ip_mkroute_input(struct sk_buff *skb, struct fib_result *res, * assuming daddr is valid and the destination is not a local broadcast one. * Uses the provided hint instead of performing a route lookup. */ -int ip_route_use_hint(struct sk_buff *skb, __be32 daddr, __be32 saddr, - dscp_t dscp, struct net_device *dev, - const struct sk_buff *hint) +enum skb_drop_reason +ip_route_use_hint(struct sk_buff *skb, __be32 daddr, __be32 saddr, + dscp_t dscp, struct net_device *dev, + const struct sk_buff *hint) { + enum skb_drop_reason reason = SKB_DROP_REASON_NOT_SPECIFIED; struct in_device *in_dev = __in_dev_get_rcu(dev); struct rtable *rt = skb_rtable(hint); struct net *net = dev_net(dev); - enum skb_drop_reason reason; - int err = -EINVAL; u32 tag = 0; if (!in_dev) - return -EINVAL; + return reason; - if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr)) + if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr)) { + reason = SKB_DROP_REASON_IP_INVALID_SOURCE; goto martian_source; + } - if (ipv4_is_zeronet(saddr)) + if (ipv4_is_zeronet(saddr)) { + reason = SKB_DROP_REASON_IP_INVALID_SOURCE; goto martian_source; + } - if (ipv4_is_loopback(saddr) && !IN_DEV_NET_ROUTE_LOCALNET(in_dev, net)) + if (ipv4_is_loopback(saddr) && !IN_DEV_NET_ROUTE_LOCALNET(in_dev, net)) { + reason = SKB_DROP_REASON_IP_LOCALNET; goto martian_source; + } if (rt->rt_type != RTN_LOCAL) goto skip_validate_source; @@ -2179,7 +2185,7 @@ int ip_route_use_hint(struct sk_buff *skb, __be32 daddr, __be32 saddr, martian_source: ip_handle_martian_source(dev, in_dev, skb, daddr, saddr); - return err; + return reason; } /* get device for dst_alloc with local routes */
In this commit, we make ip_route_use_hint() return drop reasons. The drop reasons that we return are similar to what we do in ip_route_input_slow(), and no drop reasons are added in this commit. Signed-off-by: Menglong Dong <dongml2@chinatelecom.cn> --- include/net/route.h | 7 ++++--- net/ipv4/ip_input.c | 9 ++++----- net/ipv4/route.c | 26 ++++++++++++++++---------- 3 files changed, 24 insertions(+), 18 deletions(-)