From mboxrd@z Thu Jan  1 00:00:00 1970
Authentication-Results: passt.top; dmarc=none (p=none dis=none) header.from=gibson.dropbear.id.au
Authentication-Results: passt.top;
	dkim=pass (2048-bit key; secure) header.d=gibson.dropbear.id.au header.i=@gibson.dropbear.id.au header.a=rsa-sha256 header.s=202508 header.b=GpR2KbaR;
	dkim-atps=neutral
Received: from mail.ozlabs.org (gandalf.ozlabs.org [150.107.74.76])
	by passt.top (Postfix) with ESMTPS id 4FAB95A026F
	for <passt-dev@passt.top>; Thu, 02 Oct 2025 04:53:06 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gibson.dropbear.id.au; s=202508; t=1759373583;
	bh=uwFQkVob18j/EaAJis7x8mASgrQjChojYOUCsMpADSc=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=GpR2KbaRDEDVx+YZtJFayta8VT1mWFGj27AAAGRrWx5dKUve3zHRTTkKEG5/YywnU
	 xUJMNEAUY5mgF7/gM3XtVZ4iex9JuMfO8roC6foGSv7ShOljI7EUFiJ2BQS/6uqTgQ
	 pSll0GKsOhrXMdipckbkwV3VC1GVGH2gZZ7uitBbZedm8XlzGIf67HBmdl3EgA2TwA
	 ZhwkRB46JUPuORlWvjtz0yaTKlKoa+k3L44KVf+KK34yrDC4VDCTz13/vqxtmypsEz
	 5gwepo3Jc8RtEk2H4skzSqZ2w+6yN8ZbtCZarPwLXkDvNjuo9LqGfi9XRDhF/Jwg1o
	 ZOfQoZqfIhxow==
Received: by gandalf.ozlabs.org (Postfix, from userid 1007)
	id 4ccbvM2TKPz4wDK; Thu,  2 Oct 2025 12:53:03 +1000 (AEST)
Date: Thu, 2 Oct 2025 12:44:08 +1000
From: David Gibson <david@gibson.dropbear.id.au>
To: Stefano Brivio <sbrivio@redhat.com>
Subject: Re: [PATCH 2/4] tcp: Completely ignore data segment in CLOSE-WAIT
 state, log a message
Message-ID: <aN3m-C8ktv9ZISmb@zatzit>
References: <20251002000646.2136202-1-sbrivio@redhat.com>
 <20251002000646.2136202-3-sbrivio@redhat.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="+48J4qAlPHJimkLB"
Content-Disposition: inline
In-Reply-To: <20251002000646.2136202-3-sbrivio@redhat.com>
Message-ID-Hash: LU5MEKQYPAGQNXUFX54H76CMQPLUVQSP
X-Message-ID-Hash: LU5MEKQYPAGQNXUFX54H76CMQPLUVQSP
X-MailFrom: dgibson@gandalf.ozlabs.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: passt-dev@passt.top
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/aN3m-C8ktv9ZISmb@zatzit/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/LU5MEKQYPAGQNXUFX54H76CMQPLUVQSP/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>


--+48J4qAlPHJimkLB
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Oct 02, 2025 at 02:06:44AM +0200, Stefano Brivio wrote:
> According to RFC 9293 we should ignore data (note: not data segments)
> in CLOSE-WAIT state (indicated by TAP_FIN_RCVD), see 3.10.7.4
> "Other states":
>=20
>   [...]
>=20
>   Seventh, process the segment text:
>=20
>   [...]
>=20
>   CLOSE-WAIT STATE
>=20
>   This should not occur since a FIN has been received from the remote
>   side. Ignore the segment text.
>=20
> and we almost do that, except that we would look at the data length
> to decide whether it's a request for fast re-transmission, so fix
> that, and while at it, log a message, so that cases such as the
> following one are more apparent in debug logs:
>=20
> 28692   0.009758 88.198.0.164 =E2=86=92 93.235.151.95 54 TCP 55414 =E2=86=
=92 47080 [FIN, ACK] Seq=3D121441 Ack=3D141 Win=3D65536 Len=3D0
>=20
> we should ignore this FIN flag, because we didn't accept data up
> to this sequence (see next segment), but we don't do it, so, here:
>=20
> 28693   0.000036 93.235.151.95 =E2=86=92 88.198.0.164 54 TCP 47080 =E2=86=
=92 55414 [ACK] Seq=3D141 Ack=3D90722 Win=3D32128 Len=3D0
> 28694   0.034597 93.235.151.95 =E2=86=92 88.198.0.164 54 TCP 47080 =E2=86=
=92 55414 [FIN, ACK] Seq=3D141 Ack=3D90722 Win=3D121216 Len=3D0
> 28695   0.000019 88.198.0.164 =E2=86=92 93.235.151.95 54 TCP 55414 =E2=86=
=92 47080 [ACK] Seq=3D121442 Ack=3D142 Win=3D65536 Len=3D0
> 28696   0.162968 88.198.0.164 =E2=86=92 93.235.151.95 30773 TCP [TCP Retr=
ansmission] 55414 =E2=86=92 47080 [FIN, PSH, ACK] Seq=3D90722 Ack=3D142 Win=
=3D65536 Len=3D30719 [TCP segment of a reassembled PDU]
>=20
> we are erroneously in CLOSE-WAIT (TAP_FIN_RCVD) state, and this
> segment would look pretty strange there.
>=20
> This specific case is fixed by the next patch, so it should never
> happen again.
>=20
> Link: https://archives.passt.top/passt-dev/20250910115726.432bbb8d@elisab=
eth/
> Link: https://bugs.passt.top/show_bug.cgi?id=3D126
> Suggested-by: David Gibson <david@gibson.dropbear.id.au>
> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>

Reviewed-by: David Gibson <david@gibson.dropbear.id.au>

> ---
>  tcp.c | 8 +++++++-
>  1 file changed, 7 insertions(+), 1 deletion(-)
>=20
> diff --git a/tcp.c b/tcp.c
> index 48b1ef2..3f7dc82 100644
> --- a/tcp.c
> +++ b/tcp.c
> @@ -2130,9 +2130,15 @@ int tcp_tap_handler(const struct ctx *c, uint8_t p=
if, sa_family_t af,
> =20
>  	/* Established connections not accepting data from tap */
>  	if (conn->events & TAP_FIN_RCVD) {
> +		size_t dlen;
>  		bool retr;
> =20
> -		retr =3D th->ack && !tcp_packet_data_len(th, l4len) && !th->fin &&
> +		if ((dlen =3D tcp_packet_data_len(th, l4len))) {
> +			flow_dbg(conn, "data segment in CLOSE-WAIT (%zu B)",
> +				 dlen);
> +		}
> +
> +		retr =3D th->ack && !th->fin &&
>  		       ntohl(th->ack_seq) =3D=3D conn->seq_ack_from_tap &&
>  		       ntohs(th->window) =3D=3D conn->wnd_from_tap;
> =20
> --=20
> 2.43.0
>=20

--=20
David Gibson (he or they)	| I'll have my music baroque, and my code
david AT gibson.dropbear.id.au	| minimalist, thank you, not the other way
				| around.
http://www.ozlabs.org/~dgibson

--+48J4qAlPHJimkLB
Content-Type: application/pgp-signature; name=signature.asc

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEO+dNsU4E3yXUXRK2zQJF27ox2GcFAmjd5vcACgkQzQJF27ox
2Gf2+g/8D7WxhdFr9PWtEqxDqcIx18L3mNPQ4CsFGZEJM7fbsyyCeX4fNG9Ctc8e
vM/awJlPia198cN6iod+HO42z7SmKjWQByc3GiWLTBdVYuchBS3fCVBQv65Hnkh4
bWcMxrnTSm64fVidv+5iUwjCTrM5gHpt1LRoGYHiQfEf5b4bEuz2HYUnJ6UQYhEb
eCRs78l3iaDzwM2geT7avjypMSjVy7qeKFnyazxUB1hbgbXPR37a+kdNpUoYVAbH
wOepu5nIqubiC8MjRWkWC/Zwg7l8CdXC3Re+0653NEJVhCW+NEb5cZG1bWzmJxRn
Kq4jwlCoBu/8eFi3u0U33hjfvmQLoxenc/Z0iaoXk+nf/pG6aw7WXK8Xz0aFrLPP
sjjrXWJ1O+ilG4L89R7xMxQlAIjWEq6c7dh1i6o9TbVpLoQ3T2vgYP5b/0fTgus+
RvQEQyDYDFynJcUqLi/Ti/ZVQBD/9vW94mgICEXa6xf1eDsG6Z5qDJIaeIOkNjUp
20yph5DhPKRcLCmaYROSerNZsxMtLoGHUWIZrIynH46stPxH3RopB1AliKZEWKrm
N5afySsIaL23+Gw3SFkU0Uutlr0u1PtvhpY66m/x1GvHgclFhl/LqwGYrlqfcbJ9
N4aenla6vXTH+PO8zWWwYpsktZRe+X+u94NLuyiL5hjn+BYYTH0=
=nDkL
-----END PGP SIGNATURE-----

--+48J4qAlPHJimkLB--