git.dujemihanovic.xyz Git - linux.git/commit

author	Dmitry Safonov <dima@arista.com>
	Thu, 4 Jan 2024 13:42:39 +0000 (13:42 +0000)
committer	Jakub Kicinski <kuba@kernel.org>
	Thu, 4 Jan 2024 17:07:04 +0000 (09:07 -0800)
commit	4c8530dc7d7da4abe97d65e8e038ce9852491369
tree	e3dc6f61dc3a5d550b81df051d50482bd5ca1fcf	tree \| snapshot
parent	2e957f9c32c154f8b823caa4f0921e0056c0c253	commit \| diff

net/tcp: Only produce AO/MD5 logs if there are any keys

User won't care about inproper hash options in the TCP header if they
don't use neither TCP-AO nor TCP-MD5. Yet, those logs can add up in
syslog, while not being a real concern to the host admin:
> kernel: TCP: TCP segment has incorrect auth options set for XX.20.239.12.54681->XX.XX.90.103.80 [S]

Keep silent and avoid logging when there aren't any keys in the system.

Side-note: I also defined static_branch_tcp_*() helpers to avoid more
ifdeffery, going to remove more ifdeffery further with their help.

Reported-by: Christian Kujau <lists@nerdbynature.de>
Closes: https://lore.kernel.org/all/f6b59324-1417-566f-a976-ff2402718a8d@nerdbynature.de/
Signed-off-by: Dmitry Safonov <dima@arista.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Fixes: 2717b5adea9e ("net/tcp: Add tcp_hash_fail() ratelimited logs")
Link: https://lore.kernel.org/r/20240104-tcp_hash_fail-logs-v1-1-ff3e1f6f9e72@arista.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

include/net/tcp.h		diff \| blob \| history
include/net/tcp_ao.h		diff \| blob \| history