From patchwork Mon Jul 23 16:28:17 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 947861 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.b="Fq7dWz7k"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 41Z6P94FdRz9s0n for ; Tue, 24 Jul 2018 02:28:29 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388669AbeGWRa1 (ORCPT ); Mon, 23 Jul 2018 13:30:27 -0400 Received: from mail-pl0-f67.google.com ([209.85.160.67]:39309 "EHLO mail-pl0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388112AbeGWRa1 (ORCPT ); Mon, 23 Jul 2018 13:30:27 -0400 Received: by mail-pl0-f67.google.com with SMTP id m1-v6so441059plt.6 for ; Mon, 23 Jul 2018 09:28:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=oKzBH2z9/JfD6j6QtoOhWExZ9mhpb3WvQt+yYeuTDP4=; b=Fq7dWz7kja//xBF6HeldQI6DDUtPofA7H8Qxk69KI5JCg90ukKRSl181TOFztywHBM yX1t2AsUSDj3HQN5wFLxvgU4tWsN7Q4tjlrveFv/ma3hv6fiLxs0qm80sTY39dxo4n0B lUHjKUqBLKp4emFpP124niWivOD+kAN+wPNjfXkAs/z/YRvbFZuM44YlFHnKNTS3zLj7 3vdMNcQJzoJOzNbCkeTx97SRn5ESvd+ih5o04qNWcxyH2oe7JThxEC9HCEsj2D+aqJDa H78p9Nlf90QV9p/2IGQotsuLZ6JllMOqPd+MguQRFbCusd3XtJV5Px/0ABEzlgwDQ6rK DEgw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=oKzBH2z9/JfD6j6QtoOhWExZ9mhpb3WvQt+yYeuTDP4=; b=DaZCrSB51Q+ckEZ9ABaHENzQVZ1BrejwkUOoLlB5AY6H0KVEmffvS/8VyE/7XcDDDK ZVj2aDpSvJYCOKoP2ihThV4g1LMbBtucawP9jEP5BckWK4SgzHeFVVHZCVrwHBIT8Cgj LFFqp3YJJyiPusKCIBTosSeolQBUFp/zoaUx0JtqZg5UvNZBSzmXkEeaogBm9fyhUl4c hK/snB42BwvT1pgTuSR+H25hR2M8ySxT5WLe6TON7GJG9sqeZnf7pFBS1GSntEV5XwGo MqlIg0P1Z0TyL4x+yTeddUZrqolfswSkok49DDouJtARN6W5XQgXNoImec2oHmYoDc4Y 1Gmw== X-Gm-Message-State: AOUpUlF7JXNLuS4KTV8y104kbGKr3/Zw5el7zbNajXCfYIqrpboeNAg0 5OYIeoZfF/eBYDYD0lMK0higdg== X-Google-Smtp-Source: AAOMgpeE2xutsTwZLo7LjBNSrJJGLXK7PYyXWg8Sfq49VgSiAl/WZ1xrm1KJIbpgDAzd9ta8oFVsrg== X-Received: by 2002:a17:902:7b87:: with SMTP id w7-v6mr13680805pll.142.1532363306702; Mon, 23 Jul 2018 09:28:26 -0700 (PDT) Received: from localhost ([2620:15c:2c4:201:f5a:7eca:440a:3ead]) by smtp.gmail.com with ESMTPSA id 2-v6sm6531224pfs.58.2018.07.23.09.28.25 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 23 Jul 2018 09:28:25 -0700 (PDT) From: Eric Dumazet To: "David S . Miller" , Juha-Matti Tilli , Yuchung Cheng , Soheil Hassas Yeganeh Cc: netdev , Eric Dumazet , Eric Dumazet Subject: [PATCH net 1/5] tcp: free batches of packets in tcp_prune_ofo_queue() Date: Mon, 23 Jul 2018 09:28:17 -0700 Message-Id: <20180723162821.11556-2-edumazet@google.com> X-Mailer: git-send-email 2.18.0.233.g985f88cf7e-goog In-Reply-To: <20180723162821.11556-1-edumazet@google.com> References: <20180723162821.11556-1-edumazet@google.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Juha-Matti Tilli reported that malicious peers could inject tiny packets in out_of_order_queue, forcing very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet. out_of_order_queue rb-tree can contain thousands of nodes, iterating over all of them is not nice. Before linux-4.9, we would have pruned all packets in ofo_queue in one go, every XXXX packets. XXXX depends on sk_rcvbuf and skbs truesize, but is about 7000 packets with tcp_rmem[2] default of 6 MB. Since we plan to increase tcp_rmem[2] in the future to cope with modern BDP, can not revert to the old behavior, without great pain. Strategy taken in this patch is to purge ~12.5 % of the queue capacity. Fixes: 36a6503fedda ("tcp: refine tcp_prune_ofo_queue() to not drop all packets") Signed-off-by: Eric Dumazet Reported-by: Juha-Matti Tilli Acked-by: Yuchung Cheng Acked-by: Soheil Hassas Yeganeh --- net/ipv4/tcp_input.c | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index 6bade06aaf72afea474ec83677d63b23e531ab68..64e45b279431886a50c8097593b9dbc9e5d75cc1 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -4942,6 +4942,7 @@ static void tcp_collapse_ofo_queue(struct sock *sk) * 2) not add too big latencies if thousands of packets sit there. * (But if application shrinks SO_RCVBUF, we could still end up * freeing whole queue here) + * 3) Drop at least 12.5 % of sk_rcvbuf to avoid malicious attacks. * * Return true if queue has shrunk. */ @@ -4949,20 +4950,26 @@ static bool tcp_prune_ofo_queue(struct sock *sk) { struct tcp_sock *tp = tcp_sk(sk); struct rb_node *node, *prev; + int goal; if (RB_EMPTY_ROOT(&tp->out_of_order_queue)) return false; NET_INC_STATS(sock_net(sk), LINUX_MIB_OFOPRUNED); + goal = sk->sk_rcvbuf >> 3; node = &tp->ooo_last_skb->rbnode; do { prev = rb_prev(node); rb_erase(node, &tp->out_of_order_queue); + goal -= rb_to_skb(node)->truesize; tcp_drop(sk, rb_to_skb(node)); - sk_mem_reclaim(sk); - if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf && - !tcp_under_memory_pressure(sk)) - break; + if (!prev || goal <= 0) { + sk_mem_reclaim(sk); + if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf && + !tcp_under_memory_pressure(sk)) + break; + goal = sk->sk_rcvbuf >> 3; + } node = prev; } while (node); tp->ooo_last_skb = rb_to_skb(prev); From patchwork Mon Jul 23 16:28:18 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 947862 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.b="Mylx8Uo9"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 41Z6PC0MtQz9s0n for ; Tue, 24 Jul 2018 02:28:31 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388723AbeGWRa3 (ORCPT ); Mon, 23 Jul 2018 13:30:29 -0400 Received: from mail-pg1-f194.google.com ([209.85.215.194]:33731 "EHLO mail-pg1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388112AbeGWRa3 (ORCPT ); Mon, 23 Jul 2018 13:30:29 -0400 Received: by mail-pg1-f194.google.com with SMTP id r5-v6so757073pgv.0 for ; Mon, 23 Jul 2018 09:28:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=YNvoU8pmLEVwreI3SyyAE4SYHfYf6aVWcZX2dPQTyQg=; b=Mylx8Uo9DkKqxdHMzk5mtAXQ59X6LtKeMX7jUrJ9HZj4kZOh5KA5uVbtoiTGGaAJX5 W0tw20jPzAtKyyxgdOVnX22f4MNpnHGfhCDE0ML8V+yefMaNbUnbVgovrBAwSrTf0dAu hecMx63AyOAjuNRFFhWCIqUNf6EPBtz4pEmz0hPdpKQCoO1fjeuOLzAH9l5eJSbmwZ1a dmQDKw3N2Mkc3SEYHi544fiW6F5VULyWKsi91Afbf1VXCqehwLo0957vA5LDLzPqn2la TQcb8CMo9D7NlGOGrpMVNgZ65toY6HHRZWLcUYyEz84vR5RmXbLPvSo+EzBtIGoFe4ij LWjA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=YNvoU8pmLEVwreI3SyyAE4SYHfYf6aVWcZX2dPQTyQg=; b=DLvjn3IkcTHxvzAuHht0Da95Qo+a8rhVaiYwva4dKG1BMfccVmN8l1kHbHFkupxDBC 5mUJha9+Hh27oT7WWaQ/LRX9vD5C+XmTgLvQSpd+gAaylchZgNJSnouH0vGFc4umfDxs Hg+9VTXVVo+RnTmIYEcP9vpxDuM1By7gyq4Ino/vfAlOtq4uYBWxsl/qmGCZbFxRTJYn NZxuyDSms7BzL81x7K9qest10+VVexxrNpuFr72cp868OcyHdbeDKDIMvstKhk7WWOQK AAnBbcAh+qmpDajj0Zqdp4j3yXzFhjB5uBx3EkB5aiimS5KXbSpRC6LMYuxJ8ZG7KZw5 KH+g== X-Gm-Message-State: AOUpUlHI1NUGpNhmPA5RCnDMJmLx4D1tDVOdlvEkJ6z2iE//SyO9OQuY UJkCdJEmLdB2s3Fd94GIsKA4Zw== X-Google-Smtp-Source: AAOMgpfqkLIzrEU1dp27XWIVMa+Si+4Apuxc0t9uKLn3/ucqwyKr/XBuBc42aGF2XgV/+YohH05ZcQ== X-Received: by 2002:a62:89d8:: with SMTP id n85-v6mr2553257pfk.83.1532363308728; Mon, 23 Jul 2018 09:28:28 -0700 (PDT) Received: from localhost ([2620:15c:2c4:201:f5a:7eca:440a:3ead]) by smtp.gmail.com with ESMTPSA id h69-v6sm26764647pfh.13.2018.07.23.09.28.27 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 23 Jul 2018 09:28:27 -0700 (PDT) From: Eric Dumazet To: "David S . Miller" , Juha-Matti Tilli , Yuchung Cheng , Soheil Hassas Yeganeh Cc: netdev , Eric Dumazet , Eric Dumazet Subject: [PATCH net 2/5] tcp: avoid collapses in tcp_prune_queue() if possible Date: Mon, 23 Jul 2018 09:28:18 -0700 Message-Id: <20180723162821.11556-3-edumazet@google.com> X-Mailer: git-send-email 2.18.0.233.g985f88cf7e-goog In-Reply-To: <20180723162821.11556-1-edumazet@google.com> References: <20180723162821.11556-1-edumazet@google.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Right after a TCP flow is created, receiving tiny out of order packets allways hit the condition : if (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf) tcp_clamp_window(sk); tcp_clamp_window() increases sk_rcvbuf to match sk_rmem_alloc (guarded by tcp_rmem[2]) Calling tcp_collapse_ofo_queue() in this case is not useful, and offers a O(N^2) surface attack to malicious peers. Better not attempt anything before full queue capacity is reached, forcing attacker to spend lots of resource and allow us to more easily detect the abuse. Signed-off-by: Eric Dumazet Acked-by: Soheil Hassas Yeganeh Acked-by: Yuchung Cheng --- net/ipv4/tcp_input.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index 64e45b279431886a50c8097593b9dbc9e5d75cc1..53289911362a2dea6b1e9d9ce630b29eed87ebb9 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -5004,6 +5004,9 @@ static int tcp_prune_queue(struct sock *sk) else if (tcp_under_memory_pressure(sk)) tp->rcv_ssthresh = min(tp->rcv_ssthresh, 4U * tp->advmss); + if (atomic_read(&sk->sk_rmem_alloc) <= sk->sk_rcvbuf) + return 0; + tcp_collapse_ofo_queue(sk); if (!skb_queue_empty(&sk->sk_receive_queue)) tcp_collapse(sk, &sk->sk_receive_queue, NULL, From patchwork Mon Jul 23 16:28:19 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 947863 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.b="ESlQRDs3"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 41Z6PF0xFcz9s0n for ; Tue, 24 Jul 2018 02:28:33 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388832AbeGWRab (ORCPT ); Mon, 23 Jul 2018 13:30:31 -0400 Received: from mail-pf1-f194.google.com ([209.85.210.194]:41948 "EHLO mail-pf1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388112AbeGWRaa (ORCPT ); Mon, 23 Jul 2018 13:30:30 -0400 Received: by mail-pf1-f194.google.com with SMTP id y10-v6so192003pfn.8 for ; Mon, 23 Jul 2018 09:28:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=svkjnNA8Y/ZjLNNHu5zl8S7eIIpAXUKj0G68h667Gco=; b=ESlQRDs3fhePMaMRCLikrRrpXprsGtuel8ZtMNH7ettHML84VJpmJkWiL5lnpLLGAr h557w5BdOMXdTSCpHCJWYAjQIZCPJBlsZ+iFMWvvrlLAJ4RT/CnCAL4eu+g9d+taDOAN /Cg0nEnAy5PFYNLLgxiTBKGyITndNo7idnlHCY50WASx9DKN/P1ba3bcjkhI5q6oJbCO +nXKxkVm0kfYtFwwomzVUraXHPY+6ItZUi+oCcIoF5OCFC4fl2ylINCppOqfU3Cu0C0V 5NoFXlNEOUyxVXF4IHsFr3nT/+qYkaGpwH6uY/RyOAefqVvZrGrIUKDjba3SaxRbaPtk VQFw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=svkjnNA8Y/ZjLNNHu5zl8S7eIIpAXUKj0G68h667Gco=; b=dlzNxM0lDrjViPXTcdjXFuiID7jORHNjwO3izrm+aLdd2eI6KPQIoKDjGieJtQeAin qGsBBESS2VaQQPog3ijImNBxwbZISOGJbUCgRkbKOFn+TYKdx/n0dbDZL4q/0Uh1VLCh aJbUlIfALwUCNux8xX9Cwi4brY8SKTMINLpu9E9pWErftsWyvZnotoB5c4nGBaOu614D 7RmrhTeu8/k8FO4JOA85yP0J/j61lgf57h5GrYFrFN2XLV0zgzTEA+FbYsYOmzPXdPWl cPwk9EjrGidGajBD/6cAwDaWRNX6kcpICf+iuEJngcNZX5WetqiDvgMZJndrl5JY6Scr D6oQ== X-Gm-Message-State: AOUpUlHjS+4KKtzvz8H7cLso2VZ2P9v759hKcCEqxokDISLeYLt0ve4b U0TVRAp06Znzys6j6Nig8yTbaw== X-Google-Smtp-Source: AAOMgpcMa5PM0qD/uutYihOAyVM//bPCSK6XmwvOBFhOUWA/1jKDzo5dP551GXHxu8EBQDv+NLDLFw== X-Received: by 2002:a63:7c5c:: with SMTP id l28-v6mr13094533pgn.352.1532363310515; Mon, 23 Jul 2018 09:28:30 -0700 (PDT) Received: from localhost ([2620:15c:2c4:201:f5a:7eca:440a:3ead]) by smtp.gmail.com with ESMTPSA id v6-v6sm16975217pfa.28.2018.07.23.09.28.29 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 23 Jul 2018 09:28:29 -0700 (PDT) From: Eric Dumazet To: "David S . Miller" , Juha-Matti Tilli , Yuchung Cheng , Soheil Hassas Yeganeh Cc: netdev , Eric Dumazet , Eric Dumazet Subject: [PATCH net 3/5] tcp: detect malicious patterns in tcp_collapse_ofo_queue() Date: Mon, 23 Jul 2018 09:28:19 -0700 Message-Id: <20180723162821.11556-4-edumazet@google.com> X-Mailer: git-send-email 2.18.0.233.g985f88cf7e-goog In-Reply-To: <20180723162821.11556-1-edumazet@google.com> References: <20180723162821.11556-1-edumazet@google.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org In case an attacker feeds tiny packets completely out of order, tcp_collapse_ofo_queue() might scan the whole rb-tree, performing expensive copies, but not changing socket memory usage at all. 1) Do not attempt to collapse tiny skbs. 2) Add logic to exit early when too many tiny skbs are detected. We prefer not doing aggressive collapsing (which copies packets) for pathological flows, and revert to tcp_prune_ofo_queue() which will be less expensive. In the future, we might add the possibility of terminating flows that are proven to be malicious. Signed-off-by: Eric Dumazet Acked-by: Soheil Hassas Yeganeh --- net/ipv4/tcp_input.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index 53289911362a2dea6b1e9d9ce630b29eed87ebb9..78068b902e7bca6e60cbe562f1554fc33b43c872 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -4902,6 +4902,7 @@ tcp_collapse(struct sock *sk, struct sk_buff_head *list, struct rb_root *root, static void tcp_collapse_ofo_queue(struct sock *sk) { struct tcp_sock *tp = tcp_sk(sk); + u32 range_truesize, sum_tiny = 0; struct sk_buff *skb, *head; u32 start, end; @@ -4913,6 +4914,7 @@ static void tcp_collapse_ofo_queue(struct sock *sk) } start = TCP_SKB_CB(skb)->seq; end = TCP_SKB_CB(skb)->end_seq; + range_truesize = skb->truesize; for (head = skb;;) { skb = skb_rb_next(skb); @@ -4923,11 +4925,20 @@ static void tcp_collapse_ofo_queue(struct sock *sk) if (!skb || after(TCP_SKB_CB(skb)->seq, end) || before(TCP_SKB_CB(skb)->end_seq, start)) { - tcp_collapse(sk, NULL, &tp->out_of_order_queue, - head, skb, start, end); + /* Do not attempt collapsing tiny skbs */ + if (range_truesize != head->truesize || + end - start >= SKB_WITH_OVERHEAD(SK_MEM_QUANTUM)) { + tcp_collapse(sk, NULL, &tp->out_of_order_queue, + head, skb, start, end); + } else { + sum_tiny += range_truesize; + if (sum_tiny > sk->sk_rcvbuf >> 3) + return; + } goto new_range; } + range_truesize += skb->truesize; if (unlikely(before(TCP_SKB_CB(skb)->seq, start))) start = TCP_SKB_CB(skb)->seq; if (after(TCP_SKB_CB(skb)->end_seq, end)) From patchwork Mon Jul 23 16:28:20 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 947864 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.b="V2EvbZdI"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 41Z6PH27vnz9s0n for ; Tue, 24 Jul 2018 02:28:35 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388845AbeGWRad (ORCPT ); Mon, 23 Jul 2018 13:30:33 -0400 Received: from mail-pg1-f195.google.com ([209.85.215.195]:37533 "EHLO mail-pg1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388112AbeGWRac (ORCPT ); Mon, 23 Jul 2018 13:30:32 -0400 Received: by mail-pg1-f195.google.com with SMTP id n7-v6so750421pgq.4 for ; Mon, 23 Jul 2018 09:28:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=N4H3o6HwmGX15fKQVOHLtjFAChR3hEe0enz3Gjh8A2s=; b=V2EvbZdIADIFpMW8TAMrzF+/k4fzSracz5SFIqdz6RnbYf9igTC4xCC9QM546rPoRC MTBhl/A2F+pRuEOblA0WIRq+Uocqi+j7TowgVuhW44ShiQxa8CnMkVvqS55AHA36NC9c ZtVfCvRGs8kS+xP76vG19kq9KB3CYCTUTYrhhNJaqpieiLQuFrCNvBwboGE7tgqvSm6t FhsnGTAUArjhxpjRbRua/dACMsx0njoMsshnuF9LGpGxbtDOfHQicORAmgH32hrYj/Ip 986GILENB5JO7qkaFgTP5EIYfl8YvVutgNeOkQ7XSfHY/EqOiIfJjacADtSzgk7dvfSN kPtw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=N4H3o6HwmGX15fKQVOHLtjFAChR3hEe0enz3Gjh8A2s=; b=t8Hel5t0OFo19BhY1HCTGf8Fk+feB5x6lq6yUEtTnRvuczlYNxJVqk1B/Z/7p5+M5I jvrUxtLx1/+VQB+ohXF4zL/rpfgEq4oW9dTT8rxhI2lUlm7UTcZDHR+0uvqJ1BPk3tMf BFqhxSaxQjBu9sZTxFPxI+8rStH2JDYqzY90J+QkdF2/xNGaOZOuPYQqnEcgNlrVceAv E1djs1jQz+eh403AEco6tl9HXdiaRue5wtFOrF7EB0zz2m5OxlRZ1anSKqSZpGqlZpPo huKi6f/SAZDSDLiqKFj5TIAgNsiiiDt9R77Rf0eOxyrThI+hM31ynu3gIRz0E9oYM7a5 0Yhw== X-Gm-Message-State: AOUpUlF1puKctUK99zoHVI+I61rXyJDfrT0pZj+IYN6zUrwWpD1hunDo UxZ2oLDUofweKKHRsFtlgANiFQ== X-Google-Smtp-Source: AAOMgpdmNRs5dnHoZB8vLKlI9rO4XycuT4TgGN2MXsMV2Msxs/Ec762EfSNd+r54bZjejdyPRS2npA== X-Received: by 2002:a63:c60:: with SMTP id 32-v6mr12939971pgm.155.1532363312357; Mon, 23 Jul 2018 09:28:32 -0700 (PDT) Received: from localhost ([2620:15c:2c4:201:f5a:7eca:440a:3ead]) by smtp.gmail.com with ESMTPSA id n80-v6sm15472024pfb.95.2018.07.23.09.28.31 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 23 Jul 2018 09:28:31 -0700 (PDT) From: Eric Dumazet To: "David S . Miller" , Juha-Matti Tilli , Yuchung Cheng , Soheil Hassas Yeganeh Cc: netdev , Eric Dumazet , Eric Dumazet Subject: [PATCH net 4/5] tcp: call tcp_drop() from tcp_data_queue_ofo() Date: Mon, 23 Jul 2018 09:28:20 -0700 Message-Id: <20180723162821.11556-5-edumazet@google.com> X-Mailer: git-send-email 2.18.0.233.g985f88cf7e-goog In-Reply-To: <20180723162821.11556-1-edumazet@google.com> References: <20180723162821.11556-1-edumazet@google.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org In order to be able to give better diagnostics and detect malicious traffic, we need to have better sk->sk_drops tracking. Fixes: 9f5afeae5152 ("tcp: use an RB tree for ooo receive queue") Signed-off-by: Eric Dumazet Acked-by: Soheil Hassas Yeganeh Acked-by: Yuchung Cheng --- net/ipv4/tcp_input.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index 78068b902e7bca6e60cbe562f1554fc33b43c872..b062a76922384f6199563af7cf30a30c5baa7601 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -4510,7 +4510,7 @@ static void tcp_data_queue_ofo(struct sock *sk, struct sk_buff *skb) /* All the bits are present. Drop. */ NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPOFOMERGE); - __kfree_skb(skb); + tcp_drop(sk, skb); skb = NULL; tcp_dsack_set(sk, seq, end_seq); goto add_sack; @@ -4529,7 +4529,7 @@ static void tcp_data_queue_ofo(struct sock *sk, struct sk_buff *skb) TCP_SKB_CB(skb1)->end_seq); NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPOFOMERGE); - __kfree_skb(skb1); + tcp_drop(sk, skb1); goto merge_right; } } else if (tcp_try_coalesce(sk, skb1, From patchwork Mon Jul 23 16:28:21 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 947865 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.b="WT3cgfE2"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 41Z6PK1Wkfz9s0n for ; Tue, 24 Jul 2018 02:28:37 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388855AbeGWRaf (ORCPT ); Mon, 23 Jul 2018 13:30:35 -0400 Received: from mail-pf1-f195.google.com ([209.85.210.195]:45583 "EHLO mail-pf1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388112AbeGWRaf (ORCPT ); Mon, 23 Jul 2018 13:30:35 -0400 Received: by mail-pf1-f195.google.com with SMTP id i26-v6so190456pfo.12 for ; Mon, 23 Jul 2018 09:28:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=lwdFTb9NsBFOQn+IjrUKtR6Qa3hAge+vXC6E50jqNpo=; b=WT3cgfE2ZaqucFnHjK7wwN8bFIk+itj0Yq0mbaQIzF8KPquNjpxOnDs5UQoRZZ7iRf WqYNzkgOxTcY57sqJpqDkPLg4U38q9FBjdckwgZyQHRGB2vBGty2TuhCE0y9nbb3bTik kdeQg2FGIihEVQ3kEmu8YN6I54qvzWbgu9W3EUoXqYywzck4DSPUEW7xWP8BG4x+zli3 cWRQ9Zb3r3Sm+iJtCOgQtE3XnbVdLAuuF5jjxLIIPxDyDz91EAqRlmQDi+sPV0g2wVwQ oPIVvlqR2NpcwFWg6zEc9CqH/YHFtx4jxtzqOZrGY+WmUzX/BmwfZAs7aLVOcLKtpa8i DeFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=lwdFTb9NsBFOQn+IjrUKtR6Qa3hAge+vXC6E50jqNpo=; b=hsaEKhACaAvau0iel++WzCIM4SZG2jVGexjDg6iiVfmK6aDdkUVCVCm0sG2cU/t5TU fDs5afHjdPJxgaI3Yl7mr61eGMAQPX8mYmU8po4ue5A/h/6pj4AAwy+524AeFpzIm8a+ NPQBqsHE9+QCBA8XCNwPRTsoFN5FWH4BZj9ALmrVBgIqEDapsAMqGWJFXLsMha4x/NDL uyPrhJGbsEsZQ8kr7zLM2akN041CKXGncGSYvo9yYIlmUVRSIbvjGjn9/hqiIOyd6c3/ 9MDdMiKzxmgUy5hE4Ihw8R/pQxxRjJY+N9rEuwdcVJG33bPaMQX51F+Q6R4ABzK7xkl8 jQwA== X-Gm-Message-State: AOUpUlEwBPTqeAI4InN/ffcg0+DWkXz11n7gPvs9ZBe0jmq0Trt/hasP CwyOzhvWiQyx7Mc6KZa9k2ezvw== X-Google-Smtp-Source: AAOMgpeDN+LIiizxsc63ag292MMAdNtMUKE+9oF/kTgX0P6sOxNNI3Jduhk/+D05sfFOwz02Plm1eQ== X-Received: by 2002:a63:1f4d:: with SMTP id q13-v6mr12959911pgm.241.1532363314202; Mon, 23 Jul 2018 09:28:34 -0700 (PDT) Received: from localhost ([2620:15c:2c4:201:f5a:7eca:440a:3ead]) by smtp.gmail.com with ESMTPSA id j72-v6sm14777113pge.19.2018.07.23.09.28.33 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 23 Jul 2018 09:28:33 -0700 (PDT) From: Eric Dumazet To: "David S . Miller" , Juha-Matti Tilli , Yuchung Cheng , Soheil Hassas Yeganeh Cc: netdev , Eric Dumazet , Eric Dumazet Subject: [PATCH net 5/5] tcp: add tcp_ooo_try_coalesce() helper Date: Mon, 23 Jul 2018 09:28:21 -0700 Message-Id: <20180723162821.11556-6-edumazet@google.com> X-Mailer: git-send-email 2.18.0.233.g985f88cf7e-goog In-Reply-To: <20180723162821.11556-1-edumazet@google.com> References: <20180723162821.11556-1-edumazet@google.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org In case skb in out_or_order_queue is the result of multiple skbs coalescing, we would like to get a proper gso_segs counter tracking, so that future tcp_drop() can report an accurate number. I chose to not implement this tracking for skbs in receive queue, since they are not dropped, unless socket is disconnected. Signed-off-by: Eric Dumazet Acked-by: Soheil Hassas Yeganeh Acked-by: Yuchung Cheng --- net/ipv4/tcp_input.c | 25 +++++++++++++++++++++---- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index b062a76922384f6199563af7cf30a30c5baa7601..3bcd30a2ba06827e061d86ba22680986824e3ee4 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -4358,6 +4358,23 @@ static bool tcp_try_coalesce(struct sock *sk, return true; } +static bool tcp_ooo_try_coalesce(struct sock *sk, + struct sk_buff *to, + struct sk_buff *from, + bool *fragstolen) +{ + bool res = tcp_try_coalesce(sk, to, from, fragstolen); + + /* In case tcp_drop() is called later, update to->gso_segs */ + if (res) { + u32 gso_segs = max_t(u16, 1, skb_shinfo(to)->gso_segs) + + max_t(u16, 1, skb_shinfo(from)->gso_segs); + + skb_shinfo(to)->gso_segs = min_t(u32, gso_segs, 0xFFFF); + } + return res; +} + static void tcp_drop(struct sock *sk, struct sk_buff *skb) { sk_drops_add(sk, skb); @@ -4481,8 +4498,8 @@ static void tcp_data_queue_ofo(struct sock *sk, struct sk_buff *skb) /* In the typical case, we are adding an skb to the end of the list. * Use of ooo_last_skb avoids the O(Log(N)) rbtree lookup. */ - if (tcp_try_coalesce(sk, tp->ooo_last_skb, - skb, &fragstolen)) { + if (tcp_ooo_try_coalesce(sk, tp->ooo_last_skb, + skb, &fragstolen)) { coalesce_done: tcp_grow_window(sk, skb); kfree_skb_partial(skb, fragstolen); @@ -4532,8 +4549,8 @@ static void tcp_data_queue_ofo(struct sock *sk, struct sk_buff *skb) tcp_drop(sk, skb1); goto merge_right; } - } else if (tcp_try_coalesce(sk, skb1, - skb, &fragstolen)) { + } else if (tcp_ooo_try_coalesce(sk, skb1, + skb, &fragstolen)) { goto coalesce_done; } p = &parent->rb_right;