Received: with ECARTIS (v1.0.0; list netdev); Wed, 02 Mar 2005 11:02:29 -0800 (PST) Received: from e31.co.us.ibm.com (e31.co.us.ibm.com [32.97.110.129]) by oss.sgi.com (8.13.0/8.13.0) with ESMTP id j22J2N5Z006362 for ; Wed, 2 Mar 2005 11:02:23 -0800 Received: from westrelay02.boulder.ibm.com (westrelay02.boulder.ibm.com [9.17.195.11]) by e31.co.us.ibm.com (8.12.10/8.12.9) with ESMTP id j22J2Gua446256 for ; Wed, 2 Mar 2005 14:02:16 -0500 Received: from d03av02.boulder.ibm.com (d03av02.boulder.ibm.com [9.17.195.168]) by westrelay02.boulder.ibm.com (8.12.10/NCO/VER6.6) with ESMTP id j22J2GdB146728 for ; Wed, 2 Mar 2005 12:02:16 -0700 Received: from d03av02.boulder.ibm.com (loopback [127.0.0.1]) by d03av02.boulder.ibm.com (8.12.11/8.12.11) with ESMTP id j22J2GAx010700 for ; Wed, 2 Mar 2005 12:02:16 -0700 Received: from sig-9-65-50-149.mts.ibm.com (sig-9-65-50-149.mts.ibm.com [9.65.50.149]) by d03av02.boulder.ibm.com (8.12.11/8.12.11) with ESMTP id j22J2CMn010358; Wed, 2 Mar 2005 12:02:14 -0700 Date: Thu, 3 Mar 2005 00:32:12 +0530 (IST) From: Sridhar Samudrala X-X-Sender: sridhar@localhost.localdomain To: davem@davemloft.net cc: nhorman@redhat.com, netdev@oss.sgi.com, lksctp-developers@lists.sourceforge.net Subject: [Patch] sctp: add receive buffer accounting to sctp (fwd) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Virus-Scanned: ClamAV 0.83/742/Tue Mar 1 17:05:59 2005 on oss.sgi.com X-Virus-Status: Clean X-archive-position: 2255 X-ecartis-version: Ecartis v1.0.0 Sender: netdev-bounce@oss.sgi.com Errors-to: netdev-bounce@oss.sgi.com X-original-sender: sri@us.ibm.com Precedence: bulk X-list: netdev Dave, Please apply the following SCTP patch submitted by Neil. Signed-off-by: Sridhar Samudrala Thanks Sridhar ---------- Forwarded message ---------- Date: Tue, 1 Mar 2005 13:34:06 -0500 From: nhorman@redhat.com To: lksctp-developers@lists.sourceforge.net Cc: sri@us.ibm.com Subject: [Patch] sctp: add receive buffer accounting to sctp Patch to add recieve buffer accounting to sctp. Current implmentation is open to DOS attack, which can result in lowmem exhaustion, due to chunk backlog queuing. This patch adds receive buffer accounting which drops chunks in sctp_rcv when sockets sk_rmem_alloc value exceeds sockets sk_rcvbuff value. Signed-off-by: Neil Horman sk->sk_rmem_alloc); + sock_rfree(skb); +} + +/* The ownership wrapper routine to do receive buffer accounting */ +static void sctp_rcv_set_owner_r(struct sk_buff *skb, struct sock *sk) +{ + skb_set_owner_r(skb,sk); + skb->destructor = sctp_rfree; + atomic_add(sizeof(struct sctp_chunk),&sk->sk_rmem_alloc); +} + /* * This is the routine which IP calls when receiving an SCTP packet. */ @@ -175,6 +190,11 @@ int sctp_rcv(struct sk_buff *skb) rcvr = asoc ? &asoc->base : &ep->base; sk = rcvr->sk; + if ((sk) && (atomic_read(&sk->sk_rmem_alloc) >= sk->sk_rcvbuf)) { + goto discard_release; + } + + /* SCTP seems to always need a timestamp right now (FIXME) */ if (skb->stamp.tv_sec == 0) { do_gettimeofday(&skb->stamp); @@ -195,6 +215,8 @@ int sctp_rcv(struct sk_buff *skb) goto discard_release; } + sctp_rcv_set_owner_r(skb,sk); + /* Remember what endpoint is to handle this packet. */ chunk->rcvr = rcvr; -- /*************************************************** *Neil Horman *Software Engineer *Red Hat, Inc. *nhorman@redhat.com *gpg keyid: 1024D / 0x92A74FA1 *http://pgp.mit.edu ***************************************************/