[Patch] sctp: add receive buffer accounting to sctp (fwd)

[Patch] sctp: add receive buffer accounting to sctp (fwd)

[Sridhar Samudrala]

Dave,

Please apply the following SCTP patch submitted by Neil.

Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>

Thanks
Sridhar

---------- Forwarded message ----------
Date: Tue, 1 Mar 2005 13:34:06 -0500
From: nhorman@redhat.com
To: lksctp-developers@lists.sourceforge.net
Cc: sri@us.ibm.com
Subject: [Patch] sctp: add receive buffer accounting to sctp

Patch to add recieve buffer accounting to sctp.  Current implmentation is open
to DOS attack, which can result in lowmem exhaustion, due to chunk backlog
queuing.  This patch adds receive buffer accounting which drops chunks in
sctp_rcv when sockets sk_rmem_alloc value exceeds sockets sk_rcvbuff value.

Signed-off-by: Neil Horman <nhorman@redhat.com

  input.c |   22 ++++++++++++++++++++++
  1 files changed, 22 insertions(+)


--- linux-2.6.9/net/sctp/input.c.rcvbuf	2005-02-23 14:19:18.065451507 -0500
+++ linux-2.6.9/net/sctp/input.c	2005-02-23 14:13:28.490573936 -0500
@@ -96,6 +96,21 @@ static inline int sctp_rcv_checksum(stru
  	return 0;
  }

+/* The free routine for skbuffs that sctp receives */
+static void sctp_rfree(struct sk_buff *skb)
+{
+	atomic_sub(sizeof(struct sctp_chunk),&skb->sk->sk_rmem_alloc);
+	sock_rfree(skb);
+}
+
+/* The ownership wrapper routine to do receive buffer accounting */
+static void sctp_rcv_set_owner_r(struct sk_buff *skb, struct sock *sk)
+{
+	skb_set_owner_r(skb,sk);
+	skb->destructor = sctp_rfree;
+	atomic_add(sizeof(struct sctp_chunk),&sk->sk_rmem_alloc);
+}
+
  /*
   * This is the routine which IP calls when receiving an SCTP packet.
   */
@@ -175,6 +190,11 @@ int sctp_rcv(struct sk_buff *skb)
  	rcvr = asoc ? &asoc->base : &ep->base;
  	sk = rcvr->sk;

+	if ((sk) && (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf)) {
+		goto discard_release;
+	}
+
+
  	/* SCTP seems to always need a timestamp right now (FIXME) */
  	if (skb->stamp.tv_sec == 0) {
  		do_gettimeofday(&skb->stamp);
@@ -195,6 +215,8 @@ int sctp_rcv(struct sk_buff *skb)
  		goto discard_release;
  	}

+	sctp_rcv_set_owner_r(skb,sk);
+
  	/* Remember what endpoint is to handle this packet. */
  	chunk->rcvr = rcvr;

-- 
/***************************************************
  *Neil Horman
  *Software Engineer
  *Red Hat, Inc.
  *nhorman@redhat.com
  *gpg keyid: 1024D / 0x92A74FA1
  *http://pgp.mit.edu
  ***************************************************/

Re: [Patch] sctp: add receive buffer accounting to sctp (fwd)

[David S. Miller]

On Thu, 3 Mar 2005 00:32:12 +0530 (IST)
Sridhar Samudrala <sri@us.ibm.com> wrote:

> Please apply the following SCTP patch submitted by Neil.
> 
> Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>

This patch doesn't apply cleanly right now.  Could you
please cook up a fresh version, and also supply a 2.4.x
version of the patch as well?

Thanks a lot Sridhar.

Re: [Patch] sctp: add receive buffer accounting to sctp (fwd)

[nhorman]

[-- Attachment #1: Type: text/plain, Size: 888 bytes --]

On Wed, Mar 09, 2005 at 09:16:32PM -0800, David S. Miller wrote:
> On Thu, 3 Mar 2005 00:32:12 +0530 (IST)
> Sridhar Samudrala <sri@us.ibm.com> wrote:
> 
> > Please apply the following SCTP patch submitted by Neil.
> > 
> > Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
> 
> This patch doesn't apply cleanly right now.  Could you
> please cook up a fresh version, and also supply a 2.4.x
> version of the patch as well?
> 
> Thanks a lot Sridhar.

I'm sorry Dave, I must have built the patch against the latest RHEL4 kernel and
not checked it against the bitkeeper head.  I'll rework the patch and repost.

Thanks
Neil

-- 
/***************************************************
 *Neil Horman
 *Software Engineer
 *Red Hat, Inc.
 *nhorman@redhat.com
 *gpg keyid: 1024D / 0x92A74FA1
 *http://pgp.mit.edu
 ***************************************************/

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: [Patch] sctp: add receive buffer accounting to sctp (fwd)

[nhorman]

[-- Attachment #1: Type: text/plain, Size: 1775 bytes --]

Repost of my ealier rcvbuf patch.  No changes, but rediffed to apply cleanly to
the head of the bitkeeper tree.  Passes all lksctp regression tests

Signed-off-by: Neil Horman <nhorman@redhat.com>

 input.c |   22 ++++++++++++++++++++++
 1 files changed, 22 insertions(+)


--- linux-2.6-sctp/net/sctp/input.c.orig	2005-03-10 07:11:46.000000000 -0500
+++ linux-2.6-sctp/net/sctp/input.c	2005-03-10 07:18:25.000000000 -0500
@@ -100,6 +100,21 @@
 	return 0;
 }
 
+/* The free routine for skbuffs that sctp receives */
+static void sctp_rfree(struct sk_buff *skb)
+{
+	atomic_sub(sizeof(struct sctp_chunk),&skb->sk->sk_rmem_alloc);
+	sock_rfree(skb);
+}
+
+/* The ownership wrapper routine to do receive buffer accounting */
+static void sctp_rcv_set_owner_r(struct sk_buff *skb, struct sock *sk)
+{
+	skb_set_owner_r(skb,sk);
+	skb->destructor = sctp_rfree;
+	atomic_add(sizeof(struct sctp_chunk),&sk->sk_rmem_alloc);
+}
+
 /*
  * This is the routine which IP calls when receiving an SCTP packet.
  */
@@ -183,6 +198,11 @@
 	rcvr = asoc ? &asoc->base : &ep->base;
 	sk = rcvr->sk;
 
+	if ((sk) && (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf)) {
+		goto discard_release;
+	}
+
+
 	/* SCTP seems to always need a timestamp right now (FIXME) */
 	if (skb->stamp.tv_sec == 0) {
 		do_gettimeofday(&skb->stamp);
@@ -203,6 +223,8 @@
 		goto discard_release;
 	}
 
+	sctp_rcv_set_owner_r(skb,sk);
+
 	/* Remember what endpoint is to handle this packet. */
 	chunk->rcvr = rcvr;
 
-- 
/***************************************************
 *Neil Horman
 *Software Engineer
 *Red Hat, Inc.
 *nhorman@redhat.com
 *gpg keyid: 1024D / 0x92A74FA1
 *http://pgp.mit.edu
 ***************************************************/

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: [Patch] sctp: add receive buffer accounting to sctp (fwd)

[David S. Miller]

On Thu, 10 Mar 2005 10:43:42 -0500
nhorman@redhat.com wrote:

> Repost of my ealier rcvbuf patch.  No changes, but rediffed to apply cleanly to
> the head of the bitkeeper tree.  Passes all lksctp regression tests

Applied, thanks Neil.

Re: [Patch] sctp: add receive buffer accounting to sctp (fwd)

[nhorman]

[-- Attachment #1: Type: text/plain, Size: 2074 bytes --]

On Thu, Mar 10, 2005 at 06:38:56PM -0800, David S. Miller wrote:
> On Thu, 10 Mar 2005 10:43:42 -0500
> nhorman@redhat.com wrote:
> 
> > Repost of my ealier rcvbuf patch.  No changes, but rediffed to apply cleanly to
> > the head of the bitkeeper tree.  Passes all lksctp regression tests
> 
> Applied, thanks Neil.

You're quite welcome.  Heres the 2.4 version of the same patch that you
requested.  Applies clean against the bitkeeper head.

Signed-off-by: Neil Horman <nhorman@redhat.com>

[nhorman@hmsendeavour kernel]$ diffstat linux-2.4-sctp.rcvbuf.patch 
 input.c |   21 +++++++++++++++++++++
 1 files changed, 21 insertions(+)


--- linux-2.4-sctp/net/sctp/input.c.orig	2005-03-10 13:36:49.000000000 -0500
+++ linux-2.4-sctp/net/sctp/input.c	2005-03-10 13:51:25.000000000 -0500
@@ -100,6 +100,21 @@
 	return 0;
 }
 
+/* The free routine for skbuffs that sctp receives */
+static void sctp_rfree(struct sk_buff *skb)
+{
+	atomic_sub(sizeof(struct sctp_chunk),&skb->sk->sk_rmem_alloc);
+	sock_rfree(skb);
+}
+
+/* The ownership wrapper routine to do receive buffer accounting */
+static void sctp_rcv_set_owner_r(struct sk_buff *skb, struct sock *sk)
+{
+	skb_set_owner_r(skb,sk);
+	skb->destructor = sctp_rfree;
+	atomic_add(sizeof(struct sctp_chunk),&sk->sk_rmem_alloc);
+}
+
 /*
  * This is the routine which IP calls when receiving an SCTP packet.
  */
@@ -183,6 +198,10 @@
 	rcvr = asoc ? &asoc->base : &ep->base;
 	sk = rcvr->sk;
 
+	if ((sk) && (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf)) 
+		goto discard_release;
+ 
+
 	if (!ipsec_sk_policy(sk, skb))
 		goto discard_release;
 
@@ -197,6 +216,8 @@
 		goto discard_release;
 	}
 
+	sctp_rcv_set_owner_r(skb,sk);
+
 	/* Remember what endpoint is to handle this packet. */
 	chunk->rcvr = rcvr;
 
-- 
/***************************************************
 *Neil Horman
 *Software Engineer
 *Red Hat, Inc.
 *nhorman@redhat.com
 *gpg keyid: 1024D / 0x92A74FA1
 *http://pgp.mit.edu
 ***************************************************/

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: [Patch] sctp: add receive buffer accounting to sctp (fwd)

[Sridhar Samudrala]

Neil,

I guess you may not have tried to compile SCTP with this patch. 
2.4 struct sock members do not have sk_ prefix.
So you need to replace sk_rmem_alloc and sk_rcvbuf with rmem_alloc and
rcvbuf.

Thanks
Sridhar

On Fri, 11 Mar 2005 nhorman@redhat.com wrote:

> On Thu, Mar 10, 2005 at 06:38:56PM -0800, David S. Miller wrote:
>> On Thu, 10 Mar 2005 10:43:42 -0500
>> nhorman@redhat.com wrote:
>>
>>> Repost of my ealier rcvbuf patch.  No changes, but rediffed to apply cleanly to
>>> the head of the bitkeeper tree.  Passes all lksctp regression tests
>>
>> Applied, thanks Neil.
>
> You're quite welcome.  Heres the 2.4 version of the same patch that you
> requested.  Applies clean against the bitkeeper head.
>
> Signed-off-by: Neil Horman <nhorman@redhat.com>
>
> [nhorman@hmsendeavour kernel]$ diffstat linux-2.4-sctp.rcvbuf.patch
> input.c |   21 +++++++++++++++++++++
> 1 files changed, 21 insertions(+)
>
>
> --- linux-2.4-sctp/net/sctp/input.c.orig	2005-03-10 13:36:49.000000000 -0500
> +++ linux-2.4-sctp/net/sctp/input.c	2005-03-10 13:51:25.000000000 -0500
> @@ -100,6 +100,21 @@
> 	return 0;
> }
>
> +/* The free routine for skbuffs that sctp receives */
> +static void sctp_rfree(struct sk_buff *skb)
> +{
> +	atomic_sub(sizeof(struct sctp_chunk),&skb->sk->sk_rmem_alloc);
> +	sock_rfree(skb);
> +}
> +
> +/* The ownership wrapper routine to do receive buffer accounting */
> +static void sctp_rcv_set_owner_r(struct sk_buff *skb, struct sock *sk)
> +{
> +	skb_set_owner_r(skb,sk);
> +	skb->destructor = sctp_rfree;
> +	atomic_add(sizeof(struct sctp_chunk),&sk->sk_rmem_alloc);
> +}
> +
> /*
>  * This is the routine which IP calls when receiving an SCTP packet.
>  */
> @@ -183,6 +198,10 @@
> 	rcvr = asoc ? &asoc->base : &ep->base;
> 	sk = rcvr->sk;
>
> +	if ((sk) && (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf))
> +		goto discard_release;
> +
> +
> 	if (!ipsec_sk_policy(sk, skb))
> 		goto discard_release;
>
> @@ -197,6 +216,8 @@
> 		goto discard_release;
> 	}
>
> +	sctp_rcv_set_owner_r(skb,sk);
> +
> 	/* Remember what endpoint is to handle this packet. */
> 	chunk->rcvr = rcvr;
>
>

-- 

Re: [Patch] sctp: add receive buffer accounting to sctp (fwd)

[nhorman]

[-- Attachment #1: Type: text/plain, Size: 2910 bytes --]

On Fri, Mar 11, 2005 at 07:58:50PM +0530, Sridhar Samudrala wrote:
> Neil,
> 
> I guess you may not have tried to compile SCTP with this patch. 
> 2.4 struct sock members do not have sk_ prefix.
> So you need to replace sk_rmem_alloc and sk_rcvbuf with rmem_alloc and
> rcvbuf.
> 
No, I compiled the kernel, I just forgot to enable CONFIG_IP_SCTP.  I must have
booted to a 2.6 kernel on my dev box by accident when I ran the tests.  I'm a
dummy, sorry :).  I'll repost the patch (after I veryify that I build and test
the actual code).

Regards, 
Neil


> Thanks
> Sridhar
> 
> On Fri, 11 Mar 2005 nhorman@redhat.com wrote:
> 
> >On Thu, Mar 10, 2005 at 06:38:56PM -0800, David S. Miller wrote:
> >>On Thu, 10 Mar 2005 10:43:42 -0500
> >>nhorman@redhat.com wrote:
> >>
> >>>Repost of my ealier rcvbuf patch.  No changes, but rediffed to apply 
> >>>cleanly to
> >>>the head of the bitkeeper tree.  Passes all lksctp regression tests
> >>
> >>Applied, thanks Neil.
> >
> >You're quite welcome.  Heres the 2.4 version of the same patch that you
> >requested.  Applies clean against the bitkeeper head.
> >
> >Signed-off-by: Neil Horman <nhorman@redhat.com>
> >
> >[nhorman@hmsendeavour kernel]$ diffstat linux-2.4-sctp.rcvbuf.patch
> >input.c |   21 +++++++++++++++++++++
> >1 files changed, 21 insertions(+)
> >
> >
> >--- linux-2.4-sctp/net/sctp/input.c.orig	2005-03-10 
> >13:36:49.000000000 -0500
> >+++ linux-2.4-sctp/net/sctp/input.c	2005-03-10 13:51:25.000000000 -0500
> >@@ -100,6 +100,21 @@
> >	return 0;
> >}
> >
> >+/* The free routine for skbuffs that sctp receives */
> >+static void sctp_rfree(struct sk_buff *skb)
> >+{
> >+	atomic_sub(sizeof(struct sctp_chunk),&skb->sk->sk_rmem_alloc);
> >+	sock_rfree(skb);
> >+}
> >+
> >+/* The ownership wrapper routine to do receive buffer accounting */
> >+static void sctp_rcv_set_owner_r(struct sk_buff *skb, struct sock *sk)
> >+{
> >+	skb_set_owner_r(skb,sk);
> >+	skb->destructor = sctp_rfree;
> >+	atomic_add(sizeof(struct sctp_chunk),&sk->sk_rmem_alloc);
> >+}
> >+
> >/*
> > * This is the routine which IP calls when receiving an SCTP packet.
> > */
> >@@ -183,6 +198,10 @@
> >	rcvr = asoc ? &asoc->base : &ep->base;
> >	sk = rcvr->sk;
> >
> >+	if ((sk) && (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf))
> >+		goto discard_release;
> >+
> >+
> >	if (!ipsec_sk_policy(sk, skb))
> >		goto discard_release;
> >
> >@@ -197,6 +216,8 @@
> >		goto discard_release;
> >	}
> >
> >+	sctp_rcv_set_owner_r(skb,sk);
> >+
> >	/* Remember what endpoint is to handle this packet. */
> >	chunk->rcvr = rcvr;
> >
> >
> 
> -- 

-- 
/***************************************************
 *Neil Horman
 *Software Engineer
 *Red Hat, Inc.
 *nhorman@redhat.com
 *gpg keyid: 1024D / 0x92A74FA1
 *http://pgp.mit.edu
 ***************************************************/

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]