From patchwork Mon Jul 23 16:28:16 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Eric Dumazet <edumazet@google.com>
X-Patchwork-Id: 947860
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming-netdev@ozlabs.org
Delivered-To: patchwork-incoming-netdev@ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=vger.kernel.org
	(client-ip=209.132.180.67; helo=vger.kernel.org;
	envelope-from=netdev-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=pass (p=reject dis=none)
	header.from=google.com
Authentication-Results: ozlabs.org; dkim=pass (2048-bit key;
	unprotected) header.d=google.com header.i=@google.com
	header.b="tyAwPLnt"; dkim-atps=neutral
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 41Z6P74Fsbz9s0n
	for <patchwork-incoming-netdev@ozlabs.org>;
	Tue, 24 Jul 2018 02:28:27 +1000 (AEST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S2388328AbeGWRaZ (ORCPT
	<rfc822;patchwork-incoming-netdev@ozlabs.org>);
	Mon, 23 Jul 2018 13:30:25 -0400
Received: from mail-pl0-f53.google.com ([209.85.160.53]:34922 "EHLO
	mail-pl0-f53.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S2388112AbeGWRaY (ORCPT
	<rfc822;netdev@vger.kernel.org>); Mon, 23 Jul 2018 13:30:24 -0400
Received: by mail-pl0-f53.google.com with SMTP id w3-v6so445668plq.2
	for <netdev@vger.kernel.org>; Mon, 23 Jul 2018 09:28:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20161025;
	h=from:to:cc:subject:date:message-id;
	bh=DjfRCcXjUekkeJH5vVA0NlcVljHOqI3HSXTztLxP1Wg=;
	b=tyAwPLntulUxMO7I8QapC79Fmh34GdL89YeOgnU8Nnc6fiIjAWjMMWUfTK1Eyn6uWH
	/PFvCuYBbGFfjC6R406Nk8FimI032aUPA5uZI8PcWudYSNjc+yTyPE1C6/1JNgXtrrRh
	1MPmcf0a1URkvs+5Ayg9wEQvnn6Rj66VUn5GS6eXhRBuZuGXH4cjry15B7Ahf0rqZsiB
	Rb3VXm6k4pdUoknUFMGSAOCpKcCW/QwXOh84YrDDGQrK5Kz5c2r4hevSGU3NoNVfsrF/
	V7SvdRsI4cb0iDJnqC0eo1/s2Xf+jlIrJXUim/+jci68B6h5K/+ABxCiL3TDOIj1BVVF
	1ehA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id;
	bh=DjfRCcXjUekkeJH5vVA0NlcVljHOqI3HSXTztLxP1Wg=;
	b=f8SYlTiNDrtYWf6UP8pNUT2JH9H3M0hteM6whZmwKBi6L/+Lbol/f4QZ1dcI3yHFng
	NySPe3t4geHsoOxX/5cXuBPJLZgYi+70M5J5bghVSq1OYVyVdAnJJwsobsQKiROwWkR5
	5eFefWQETy40KD88UNjucKJNn3qW6wj6pYP/mJgQqi5u2i9cgOaEGQvSjXfvJL2OTz/a
	t9pr2KyxrpSBftlvkfUJha7iSyt47F1vRwoIz7XxKoiowOjis93JlF4MTuK+/ToTPbBW
	luQlxybPWco0kWP9AtThxnBakrbikEPkQqAjkd0wej+PLo+/WI6AR1Bfty2c7zDNY3ZR
	6uZg==
X-Gm-Message-State: AOUpUlGuWBy1dntjJVFHsc5JZm/nWZtoVh1hTi9r1Gw3zm4Dwfn19GX8
	BpUY8N2tGYxbLzPiQFPu+CmFLg==
X-Google-Smtp-Source: 
 AAOMgpe3F6+81T4mpb/G53Zaomym/z4RMNinSSzCTc6L2917HeDCi/R7bFHra835nSe7Xk62pbtb/g==
X-Received: by 2002:a17:902:342:: with SMTP id
	60-v6mr13546315pld.311.1532363304695;
	Mon, 23 Jul 2018 09:28:24 -0700 (PDT)
Received: from localhost ([2620:15c:2c4:201:f5a:7eca:440a:3ead])
	by smtp.gmail.com with ESMTPSA id
	v7-v6sm4019250pgh.57.2018.07.23.09.28.23
	(version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
	Mon, 23 Jul 2018 09:28:23 -0700 (PDT)
From: Eric Dumazet <edumazet@google.com>
To: "David S . Miller" <davem@davemloft.net>,
	Juha-Matti Tilli <juha-matti.tilli@iki.fi>,
	Yuchung Cheng <ycheng@google.com>,
	Soheil Hassas Yeganeh <soheil@google.com>
Cc: netdev <netdev@vger.kernel.org>, Eric Dumazet <edumazet@google.com>,
	Eric Dumazet <eric.dumazet@gmail.com>
Subject: [PATCH net 0/5] tcp: more robust ooo handling
Date: Mon, 23 Jul 2018 09:28:16 -0700
Message-Id: <20180723162821.11556-1-edumazet@google.com>
X-Mailer: git-send-email 2.18.0.233.g985f88cf7e-goog
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

Juha-Matti Tilli reported that malicious peers could inject tiny
packets in out_of_order_queue, forcing very expensive calls
to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for
every incoming packet.

With tcp_rmem[2] default of 6MB, the ooo queue could
contain ~7000 nodes.

This patch series makes sure we cut cpu cycles enough to
render the attack not critical.

We might in the future go further, like disconnecting
or black-holing proven malicious flows.

Eric Dumazet (5):
  tcp: free batches of packets in tcp_prune_ofo_queue()
  tcp: avoid collapses in tcp_prune_queue() if possible
  tcp: detect malicious patterns in tcp_collapse_ofo_queue()
  tcp: call tcp_drop() from tcp_data_queue_ofo()
  tcp: add tcp_ooo_try_coalesce() helper

 net/ipv4/tcp_input.c | 62 +++++++++++++++++++++++++++++++++++---------
 1 file changed, 50 insertions(+), 12 deletions(-)