Received: by 2002:a05:6358:45e:b0:b5:b6eb:e1f9 with SMTP id 30csp3604368rwe; Mon, 29 Aug 2022 15:41:44 -0700 (PDT) X-Google-Smtp-Source: AA6agR6n9hrmG+3Wea+D5GMjnR0lE0LUChiwTNrUoHJcWm61F62krNdI6x1ekUIRYcsr9EtpmxSz X-Received: by 2002:a17:907:20d1:b0:731:5169:106b with SMTP id qq17-20020a17090720d100b007315169106bmr15448393ejb.667.1661812904523; Mon, 29 Aug 2022 15:41:44 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1661812904; cv=none; d=google.com; s=arc-20160816; b=dqk+w+85OFsehalsjF10uKo79fY948b2jxXaHOmpa6jnaQxhHxjKuRardXYhfGb2gY FCec3INhkTzkopHKW1VbQmsqqP31nJtrEC3s6j8ab9pn1zwNiDOtt0iT6I6da3ExIzyn mDB+jdE7F5lEh22v1+KLh9b0nsc4mhNKR+Ip+RQdcLDCve4pcB0EoU6bwG/KrPII2rCi 2OPwNFFArtQbU8JYHcPaLzVE3UqtOMSZ4/WgxPcc5BgihXdvYZGHBj5d2HxP2atgAyz2 HhlzHr4XiSe/55OwqTM02/maWPDn1iUkgPdlaI0WQz0VswWIfm30KfhjSfGrEWA33DUQ f2ow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=rqtjA3ycvFVDXfKtFrFvUJoaJ8uMW4Qj8zP4lq7xxuk=; b=BbqkNte7TlzL/mga9ngk+wLzw+B4+RTwBPsG/HxcrB1FfIOkU7w8LTehCWYKW/8zWJ HC/9y9RLtK6Xy1RrPS7S7nc0brOCdmZKCwiEmfKIvZIpGrDvRqcKwoxfm960X042FZc+ wFbvJDcEI4siIrSCQ0JixBe2oQ3Mk8VlVnPiGNpaGSA4WNdqlW5E+nwiOs1dxtiPJthB /WqjbCeBZ/aYw2sfalrDUbiKN9U+Dxwuwubi9hUnM/l/5mOJCaH+ffcTOpsLIkffwnFl BRWIUTwVshJAHgaiJhonHlD8EAyJy37WI5tD7ldtT8yuUhPZegp/OA5+48H8YykUlVbn sHXA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Zcp7TuQV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id h12-20020a056402280c00b0044660f40ed5si512945ede.256.2022.08.29.15.41.19; Mon, 29 Aug 2022 15:41:44 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Zcp7TuQV; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229646AbiH2WQF (ORCPT + 99 others); Mon, 29 Aug 2022 18:16:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49322 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229833AbiH2WQC (ORCPT ); Mon, 29 Aug 2022 18:16:02 -0400 Received: from mail-yw1-x1136.google.com (mail-yw1-x1136.google.com [IPv6:2607:f8b0:4864:20::1136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1EAF26D571 for ; Mon, 29 Aug 2022 15:16:00 -0700 (PDT) Received: by mail-yw1-x1136.google.com with SMTP id 00721157ae682-333a4a5d495so230184667b3.10 for ; Mon, 29 Aug 2022 15:16:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc; bh=rqtjA3ycvFVDXfKtFrFvUJoaJ8uMW4Qj8zP4lq7xxuk=; b=Zcp7TuQVMdNRqCDTjABe+e6bbyC5h/8l5nChIUF6DqtmLLY4/dhuO1NlihVLDETkwP aJd+UJ/ZSS/3BBHWlVnVZiCVTfXAqB2g2pWyOIlilXfXOddpFdRFqNYSmjsaeCC2rzuP dXSPye/2e7cDvPehKkidIlm9/tprvWZYYSd4FQIeXaTUnD0f2kfuqiO+FFv+e7V7dfDH yN2eNXfaiahoymufGhWUbIn5ZST4qseZd91mOeQm6ZvI4X3gf7zXnNxwnOs9esX5wUw4 cEjNu1w2xRloqmhhd5u/dOwN2mduw5qa/qq8gocJk3IMeCco/fzQQMT3/JoPKSkfz7kG WnwA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc; bh=rqtjA3ycvFVDXfKtFrFvUJoaJ8uMW4Qj8zP4lq7xxuk=; b=KcU0ax7IxNRcsxivri56DWadTyp0jyK5zT0RczhzY9Q/XLFqKz4zR9582xhhxzSYGL ziBaZaZi5GIx4YQUzi3DHKKwDQ2UFupcmKmC2x6lPs+AukZZ9+twq0psDOGysPWL7fHW Z4+abnvqxVVYdEDIaUISZ/0a63g6B7UHAUdq/oU/3nZ/RXKvPjXcfAdMaM4KmHJnMoej Izo7vwxOcIwwxf9UGG4wWwzes+vHiC606ZY/nAkbuGVUq/2ULzdn+8RPNHe8iCeMzv9c CkmVNsobf6fNIdwAEw/FJrBdtx23ubYoDBZtN/zCmpPOIL0QkTUhlh3q7ynsRoM8bY/z KNVA== X-Gm-Message-State: ACgBeo1nAcpXzzbLo21ZYARnFGCDcTU8Eo4t9QryqlKjTlWj0CcS4kFJ fg+qKB8dUNv7EFi/fWSon8777VmkQ8FKuWjNsQHqWg== X-Received: by 2002:a25:7cc6:0:b0:67a:6a2e:3d42 with SMTP id x189-20020a257cc6000000b0067a6a2e3d42mr9800590ybc.231.1661811359012; Mon, 29 Aug 2022 15:15:59 -0700 (PDT) MIME-Version: 1.0 References: <20220829114648.GA2409@debian> In-Reply-To: <20220829114648.GA2409@debian> From: Eric Dumazet Date: Mon, 29 Aug 2022 15:15:47 -0700 Message-ID: Subject: Re: [PATCH 3/4] net-next: frags: add inetpeer frag_mem tracking To: Richard Gobert Cc: David Miller , Jakub Kicinski , Paolo Abeni , Jonathan Corbet , Hideaki YOSHIFUJI , David Ahern , Alexander Aring , Stefan Schmidt , Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , Martin KaFai Lau , netdev , "open list:DOCUMENTATION" , LKML , linux-wpan@vger.kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Aug 29, 2022 at 4:48 AM Richard Gobert wrote: > > Track per-peer fragment memory usage, using the existing per-fqdir > memory tracking logic. This is a rather terse changelog. We tried to get rid of any dependence over inetpeer, which is not resistant against DDOS attacks. So I would not add a new dependency. Also, tracking memory per peer will not really help in case of bursts ? > > Signed-off-by: Richard Gobert > --- > include/net/inet_frag.h | 11 ++------ > include/net/inetpeer.h | 1 + > net/ieee802154/6lowpan/reassembly.c | 2 +- > net/ipv4/inet_fragment.c | 36 ++++++++++++++++++++----- > net/ipv4/inetpeer.c | 1 + > net/ipv4/ip_fragment.c | 4 +-- > net/ipv6/netfilter/nf_conntrack_reasm.c | 2 +- > net/ipv6/reassembly.c | 2 +- > 8 files changed, 38 insertions(+), 21 deletions(-) > > diff --git a/include/net/inet_frag.h b/include/net/inet_frag.h > index 05d95fad8a1a..077a0ec78a58 100644 > --- a/include/net/inet_frag.h > +++ b/include/net/inet_frag.h > @@ -155,15 +155,8 @@ static inline long frag_mem_limit(const struct fqdir *fqdir) > return atomic_long_read(&fqdir->mem); > } > > -static inline void sub_frag_mem_limit(struct fqdir *fqdir, long val) > -{ > - atomic_long_sub(val, &fqdir->mem); > -} > - > -static inline void add_frag_mem_limit(struct fqdir *fqdir, long val) > -{ > - atomic_long_add(val, &fqdir->mem); > -} > +void sub_frag_mem_limit(struct inet_frag_queue *q, long val); > +void add_frag_mem_limit(struct inet_frag_queue *q, long val); > > /* RFC 3168 support : > * We want to check ECN values of all fragments, do detect invalid combinations. > diff --git a/include/net/inetpeer.h b/include/net/inetpeer.h > index 74ff688568a0..1c602a706742 100644 > --- a/include/net/inetpeer.h > +++ b/include/net/inetpeer.h > @@ -41,6 +41,7 @@ struct inet_peer { > u32 rate_tokens; /* rate limiting for ICMP */ > u32 n_redirects; > unsigned long rate_last; > + atomic_long_t frag_mem; > /* > * Once inet_peer is queued for deletion (refcnt == 0), following field > * is not available: rid > diff --git a/net/ieee802154/6lowpan/reassembly.c b/net/ieee802154/6lowpan/reassembly.c > index a91283d1e5bf..0bf207e94082 100644 > --- a/net/ieee802154/6lowpan/reassembly.c > +++ b/net/ieee802154/6lowpan/reassembly.c > @@ -135,7 +135,7 @@ static int lowpan_frag_queue(struct lowpan_frag_queue *fq, > fq->q.flags |= INET_FRAG_FIRST_IN; > > fq->q.meat += skb->len; > - add_frag_mem_limit(fq->q.fqdir, skb->truesize); > + add_frag_mem_limit(&fq->q, skb->truesize); > > if (fq->q.flags == (INET_FRAG_FIRST_IN | INET_FRAG_LAST_IN) && > fq->q.meat == fq->q.len) { > diff --git a/net/ipv4/inet_fragment.c b/net/ipv4/inet_fragment.c > index c3ec1dbe7081..8b8d77d548d4 100644 > --- a/net/ipv4/inet_fragment.c > +++ b/net/ipv4/inet_fragment.c > @@ -250,6 +250,29 @@ void inet_frag_kill(struct inet_frag_queue *fq) > } > EXPORT_SYMBOL(inet_frag_kill); > > +static inline long peer_mem_limit(const struct inet_frag_queue *q) > +{ > + if (!q->peer) > + return 0; > + return atomic_long_read(&q->peer->frag_mem); > +} > + > +void sub_frag_mem_limit(struct inet_frag_queue *q, long val) > +{ > + if (q->peer) > + atomic_long_sub(val, &q->peer->frag_mem); > + atomic_long_sub(val, &q->fqdir->mem); > +} > +EXPORT_SYMBOL(sub_frag_mem_limit); > + > +void add_frag_mem_limit(struct inet_frag_queue *q, long val) > +{ > + if (q->peer) > + atomic_long_add(val, &q->peer->frag_mem); > + atomic_long_add(val, &q->fqdir->mem); > +} > +EXPORT_SYMBOL(add_frag_mem_limit); > + > static void inet_frag_destroy_rcu(struct rcu_head *head) > { > struct inet_frag_queue *q = container_of(head, struct inet_frag_queue, > @@ -306,9 +329,8 @@ void inet_frag_destroy(struct inet_frag_queue *q) > sum_truesize = inet_frag_rbtree_purge(&q->rb_fragments); > sum = sum_truesize + f->qsize; > > + sub_frag_mem_limit(q, sum); > inet_frag_free(q); > - > - sub_frag_mem_limit(fqdir, sum); > } > EXPORT_SYMBOL(inet_frag_destroy); > > @@ -324,7 +346,7 @@ static struct inet_frag_queue *inet_frag_alloc(struct fqdir *fqdir, > > q->fqdir = fqdir; > f->constructor(q, arg); > - add_frag_mem_limit(fqdir, f->qsize); > + add_frag_mem_limit(q, f->qsize); > > timer_setup(&q->timer, f->frag_expire, 0); > spin_lock_init(&q->lock); > @@ -483,7 +505,7 @@ void *inet_frag_reasm_prepare(struct inet_frag_queue *q, struct sk_buff *skb, > > delta += head->truesize; > if (delta) > - add_frag_mem_limit(q->fqdir, delta); > + add_frag_mem_limit(q, delta); > > /* If the first fragment is fragmented itself, we split > * it to two chunks: the first with data and paged part > @@ -505,7 +527,7 @@ void *inet_frag_reasm_prepare(struct inet_frag_queue *q, struct sk_buff *skb, > head->truesize += clone->truesize; > clone->csum = 0; > clone->ip_summed = head->ip_summed; > - add_frag_mem_limit(q->fqdir, clone->truesize); > + add_frag_mem_limit(q, clone->truesize); > skb_shinfo(head)->frag_list = clone; > nextp = &clone->next; > } else { > @@ -575,7 +597,7 @@ void inet_frag_reasm_finish(struct inet_frag_queue *q, struct sk_buff *head, > rbn = rbnext; > } > } > - sub_frag_mem_limit(q->fqdir, sum_truesize); > + sub_frag_mem_limit(q, sum_truesize); > > *nextp = NULL; > skb_mark_not_on_list(head); > @@ -604,7 +626,7 @@ struct sk_buff *inet_frag_pull_head(struct inet_frag_queue *q) > if (head == q->fragments_tail) > q->fragments_tail = NULL; > > - sub_frag_mem_limit(q->fqdir, head->truesize); > + sub_frag_mem_limit(q, head->truesize); > > return head; > } > diff --git a/net/ipv4/inetpeer.c b/net/ipv4/inetpeer.c > index e9fed83e9b3c..6e7325dba417 100644 > --- a/net/ipv4/inetpeer.c > +++ b/net/ipv4/inetpeer.c > @@ -216,6 +216,7 @@ struct inet_peer *inet_getpeer(struct inet_peer_base *base, > p->dtime = (__u32)jiffies; > refcount_set(&p->refcnt, 2); > atomic_set(&p->rid, 0); > + atomic_long_set(&p->frag_mem, 0); > p->metrics[RTAX_LOCK-1] = INETPEER_METRICS_NEW; > p->rate_tokens = 0; > p->n_redirects = 0; > diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c > index d0c22c41cf26..e35061f6aadb 100644 > --- a/net/ipv4/ip_fragment.c > +++ b/net/ipv4/ip_fragment.c > @@ -242,7 +242,7 @@ static int ip_frag_reinit(struct ipq *qp) > } > > sum_truesize = inet_frag_rbtree_purge(&qp->q.rb_fragments); > - sub_frag_mem_limit(qp->q.fqdir, sum_truesize); > + sub_frag_mem_limit(&qp->q, sum_truesize); > > qp->q.flags = 0; > qp->q.len = 0; > @@ -339,7 +339,7 @@ static int ip_frag_queue(struct ipq *qp, struct sk_buff *skb) > qp->q.mono_delivery_time = skb->mono_delivery_time; > qp->q.meat += skb->len; > qp->ecn |= ecn; > - add_frag_mem_limit(qp->q.fqdir, skb->truesize); > + add_frag_mem_limit(&qp->q, skb->truesize); > if (offset == 0) > qp->q.flags |= INET_FRAG_FIRST_IN; > > diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c > index 7dd3629dd19e..11ce2335c584 100644 > --- a/net/ipv6/netfilter/nf_conntrack_reasm.c > +++ b/net/ipv6/netfilter/nf_conntrack_reasm.c > @@ -269,7 +269,7 @@ static int nf_ct_frag6_queue(struct frag_queue *fq, struct sk_buff *skb, > fq->ecn |= ecn; > if (payload_len > fq->q.max_size) > fq->q.max_size = payload_len; > - add_frag_mem_limit(fq->q.fqdir, skb->truesize); > + add_frag_mem_limit(&fq->q, skb->truesize); > > /* The first fragment. > * nhoffset is obtained from the first fragment, of course. > diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c > index ff866f2a879e..cd4ba6cc956b 100644 > --- a/net/ipv6/reassembly.c > +++ b/net/ipv6/reassembly.c > @@ -197,7 +197,7 @@ static int ip6_frag_queue(struct frag_queue *fq, struct sk_buff *skb, > fq->q.mono_delivery_time = skb->mono_delivery_time; > fq->q.meat += skb->len; > fq->ecn |= ecn; > - add_frag_mem_limit(fq->q.fqdir, skb->truesize); > + add_frag_mem_limit(&fq->q, skb->truesize); > > fragsize = -skb_network_offset(skb) + skb->len; > if (fragsize > fq->q.max_size) > -- > 2.36.1 >